Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - amnezic

Pages: [1]
1
Web Oriented Coding / PHP Shell Scanner
« on: June 01, 2014, 12:48:47 pm »





you can't hide all vulnerability and bugs or SHELL show try to pass this


Tnx noVaLue
Index.php
Code: [Select]


include("function.php");


$a = new scanner();


echo "
      <link rel='stylesheet' type='text/css' href='./css/style.css' />
      <body text='white' bgcolor='#111111'>
         
      <center><table class=hov style='border-collapse: separate; background-color: #2E2E2E;border: solid 1px; border-radius: 5px;width:1300px;'>
                  <tr>
                     <td>
                        <form action=?scan method=post>
                           <center><input type=text name='url'  style='border: 1px solid;background-color:transparent;color:#99CCFF;border-radius: 5px' size=100  value='".dirname(__FILE__)."'></center>
                        </form>   
                     </td>
                  </tr>           
                  <tr>
                     <td style='border:solid 1px; border-radius: 5px;'>
                        <table class=hov style='border-collapse: separate; background-color: #2E2E2E;border-radius: 5px;width:100%;height:80%;align:center' id= ''>


                        ".$a->scanProcess()."
                        </table>   
                     </td>
                     <td></td>
                  </tr>   
            </table></center><br><br><br>                 
      </body>";
      echo (isset($_GET['viewfile']) ? $a->viewSource($_GET['viewfile']) : '');




function.php
Code: [Select]
class scanner{
   function __construct() {}


   function scanProcess(){
      if(isset($_POST['url'])){
         $ret = array();
         $this->directoryscan($ret, $_POST['url']);
         $contents ="
                  <tr bgcolor='#413B3B'>
                     <td align=center><font color=#3cbddd>PathFile</font></td>
                     <td align=center><font color=#3cbddd>Function</font></td>
                  </tr>";
         
         foreach ($ret as $key => $value){
            $contents .= "<tr bgcolor='#191919'><td width=30%><a href='?viewfile=".$key."' target=_blank><font color=#3cbddd>".$key."</font></a></td><td><font color=#3cbddd>".$this->string_fromArray($value,",")."</font></td></tr>";
         }
         return    $contents;               
      }
     


   }
    function string_fromArray($list,$diff){
      $stack = $list;
      $separator = $diff;
      $string = "";
      for($i=0;$i<sizeof($stack); $i++) {
         if(strlen($string)==0) {
            $string .= $stack[$i];
         }else {
            $string .= $separator." ".$stack[$i];
         }
      }
      return $string;
   }
    function path_strip($path) {
      $raw = array();
   
      $path = $this->setSeparator($path);


      if($this->str_startsWith(".".$this->getSeparator(), $path)) {
         $ppath = explode($this->getSeparator(), dirname(__FILE__));
         $raw = $this->path_strip_pdp($ppath, $raw);
      }
     
      $tpath = explode($this->getSeparator(), $path);
      $raw = $this->path_strip_pdp($tpath, $raw);
     
      if(sizeof($raw) == 0)
         $raw[] = "";
           
      return $raw;
   }
   function str_startsWith($needle, $string) {
      $length = strlen($needle);
      return (substr($string, 0, $length) === $needle);
   }


   function str_endsWith($needle, $string) {
      $pos  = strlen($string) - strlen($needle);
      return (substr($string, $pos) === $needle);
   }
   function path_strip_pdp($path, $stack) {
      for($i=($this->getOs()== 1? 0:1); $i<sizeof($path); $i++) {
         if($path[$i] != "" && $path[$i] != ".") {
            if($path[$i] == "..") {
               if(sizeof($stack) > ($this->getOs()== 1? 1:0))
                  array_pop($stack);
            }else
               $stack[] = $path[$i];
         }
      }
     
      return $stack;
   }
   function setSeparator($path) {
      if($this->getOs() == 1)
          return str_replace("/", "\\", $path);
      else
           return str_replace("\\", "/", $path);
   }
   function getSeparator() {
      if($this->getOs() == 1)
         return "\\";
      else
         return "/";
   }
   function getOs() {
      if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN')
         return 1;
      else
         return 0;
   }
    function str_fromArray($stack, $delimiter="", $type="") {
      $string = "";
      for($i=0; $i<sizeof($stack); $i++)
         switch($type) {
            case "path":
               if ($this->getOs() == 1) {
                  if($i<sizeof($stack)-1)
                     $string .= $stack[$i].$delimiter;
                  else
                     $string .= $stack[$i];
               }else {
                  $string .= $delimiter.$stack[$i];
               }
               break;
            default:
               if(strlen($string) == 0)
                  $string .= $stack[$i];
               else
                  $string .= $delimiter.$stack[$i];
         }
         
      return $string;
   }


   function array_add(&$array, $input) {
      if(is_array($array)) {
         if(!in_array($input, $array))
            array_push($array, $input);
      }
   }
   
   function directoryscan(&$foundMatch, $url){
      $thDir = $url;
      $contents = "";


      $thDir = $this->str_fromArray($this->path_strip($thDir),$this->getSeparator(), "path");


      if(is_dir($thDir)) {


         $handle = opendir($thDir);
         $list = array();
         $dir = array();
         $file = array();
         while(false !== ($entry = readdir($handle))){
            if(is_dir($entry))
               array_push($dir, $entry);
            else
               array_push($file, $entry);
         }   
         sort($dir);
         sort($file);


         $list = array_merge($dir, $file);


         closedir($handle);
         foreach ($list as $filsscan){


            if($thDir.$this->getSeparator().$filsscan == __FILE__) {
               continue;
            }


            if(is_dir($thDir.$this->getSeparator().$filsscan)) {


               if($filsscan != "." && $filsscan != "..") {
                  $this->directoryscan($foundMatch, $thDir.$this->getSeparator().$filsscan);
                 
               }
            }else  {


               $ext_this = pathinfo($thDir.$this->getSeparator().$filsscan, PATHINFO_EXTENSION);
               if($ext_this == "php" || $ext_this == "pl" || $ext_this == "py" || $ext_this == "nzri" || $ext_this == "izo" ||
                     $ext_this == "cgi" || $ext_this == "htaccess") {
               
                  $file = fopen ($thDir.$this->getSeparator().$filsscan,"r");
                  $funcfound = array();
                 
                  while(!feof($file)){   
                      $contents = fgets($file);
                     
                     if(preg_match("/(|[\;\(\{\s\.\,])copy\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound, "copy");
                       
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])move\_uploaded\_file\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "move_uploaded_file");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])passthru\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "passthru");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])shell\_exec\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "shell\_exec");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])exec\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "exec");
                     }
                      if(preg_match("/(|[\;\(\{\s\.\,])base64\_decode\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound, "base64_decode");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])eval\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "eval");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])proc\_open\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "proc_open");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])system\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "system");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])curl\_exec\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "curl_exec");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])popen\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound,  "popen");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])curl\_multi\_exec\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound, "curl_multi_exec");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])rename\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound, "rename");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])parse\_ini\_file\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound, "parse_ini_file");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])\$\_FILES\s*?[\[].*?[\]]\s*?[\.\,\;\}\_]/i",$contents)){
                        $this->array_add($funcfound, "\$_FILES");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])show\_source\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound, "show_source");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])fopen\s*?[\(].*?[\)]\s*?[\.\,\;\{\}\_]/i",$contents)){
                        $this->array_add($funcfound, "fopen");
                     }
                     if(preg_match("/(|[\;\(\{\s\.\,])\$\_COOKIE\s*?[\[].*?[\]]\s*?[\.\,\;\}\_]/i",$contents)){
                        $this->array_add($funcfound, "\$_COOKIE");
                     }
                     if(preg_match("/.*\s*AddType\s+application\/x\-httpd\-php.*/i",$contents)) {
                        $this->array_add($funcfound, "AddType application/x-httpd-php");
                     }
                     if(preg_match("/.*\s*AddType\s+application\/x\-httpd\-cgi.*/i",$contents)) {
                        $this->array_add($funcfound, "AddType application/x-httpd-cgi");
                     }
                     if(preg_match("/.*\s*AddType\s+application\/x\-httpd\-perl.*/i",$contents)) {
                        $this->array_add($funcfound,"AddType application/x-httpd-perl");
                     }
                     if(preg_match("/.*\s*AddHandler\s+cgi\-script.*/i",$contents)) {
                        $this->array_add($funcfound, "AddHandler cgi-scrinpt");
                     }
                     
                  }
                 
                  if(sizeof($funcfound) > 0) {
                     sort($funcfound);
                     $foundMatch[$thDir.$this->getSeparator().$filsscan] = $funcfound;   
                  }   
                  fclose($file);   
               }


            }
         }
      }
      return $foundMatch;
   }
   function viewSource($path){
      $content = file_get_contents($path);
      return "<pre>".str_replace("<", "&lt;", $content)."</pre>";
   }   
}




Original  : http://thieves-team.com/forum/index.php?topic=5853.0

2
Reverse Engineering / Re: Sublime 3 Crack(last version Build 3059.3061,3062 X32 and X64)
« on: May 29, 2014, 06:38:21 pm »
Quote from: Architect on May 29, 2014, 03:37:21 am
What about the 64bit version on Linux?


is not yet cracked by these guys, i think is the next project for Thieves-Team

3
Reverse Engineering / Sublime 3 Crack(last version Build 3059.3061,3062 X32 and X64)
« on: May 28, 2014, 11:39:19 pm »

Code: [Select]
NEW UPDATE 3062 X64 : Find : 15 E2 16 3E 00 48 8D 4D E7 E8 09 B6 03 00 85 C0 0F 94 C0
 Replace : 15 E2 16 3E 00 48 8D 4D E7 E8 09 B6 03 00 90 90 90 90 90


NOTE: Not released build 3061 x32 Version
Find : 74 03 33 FF 47 85 FF 0F
Replace : 75 03 33 FF 90 85 FF 0F
================ NOTE: Build 3059, x32 Version
Find : 74 03 33 FF 47 85 FF 0F 85 9A 06 00 00 BE
Replace : 75 03 33 FF 90 85 FF 0F 85 9A 06 00 00 BE
================ Type this on : License
—--BEGIN LICENSE—--
noVaLue #thieves-team.com Unlimited User
License EA7E-18848
...00000000..........00000000...
......00................00......
......00................00......
......00....0000000.....00......
......00................00......
......00................00......
......00................00......
......00................00.....
 —--END LICENSE—--


All fucking version are here


Code: [Select]
Build 3062
----------
Release Date: 5 May 2014


    * Added sidebar icons
    * Added sidebar loading indicators
    * Sidebar remembers which folders are expanded
    * Fixed a crash in plugin_host


Build 3061
----------
Release Date: 21 December 2013


    * API: Updated to Python 3.3.3
    * Tweaked window closing behavior when pressing ctrl+w / cmd+w
    * Fixed a lockup when transitioning from a blinking to a solid caret


Build 3058
----------
Release Date: 12 December 2013


    * Added index_exclude_patterns setting to control which files get indexed
    * Fixed a crash regression in 3057


Build 3057
----------
Release Date: 10 December 2013


    * Added settings caret_extra_top, caret_extra_bottom and caret_extra_width to control the caret size
    * Added settings show_encoding and show_line_endings to control what gets shown on the status bar


Build 3056
----------
Release Date: 20 November 2013


    * Transparent images are drawn with a checkerboard background
    * Fixed Find in Files not selecting the correct line for already opened files
    * Windows: Fixed extraneous .tmp files when saving
    * Vintage: Improved behavior of visual line mode with word wrapped lines


Build 3055
----------
Release Date: 19 November 2013


    * Added image preview when opening images
    * Encoding and line endings are displayed in the status bar
    * Linux: Fixed a menu hiding issue
    * Find in Files will no longer block when FIFOs are encountered


Build 3054
----------
Release Date: 16 October 2013


    * Fixed incorrect title bar in new sessions
    * Auto complete now works as expected in macros
    * Vintage: A block caret is now used
    * Linux: Fixed menu hiding not restoring correctly at startup
    * Linux: Fixed incorrect underscore display in some menus


Build 3053
----------
Release Date: 30 August 2013


    * Ctrl+Tab ordering is stored in the session
    * Fixed an atomic save file permission regression for newly created files
    * When the last file is closed, a new transient file is created automatically
    * Linux: Added menu hiding
    * API: Window.open_file now accepts an optional group parameter


Build 3052
----------
Release Date: 23 July 2013


    * API: Calling Settings.add_on_change() from within a settings change callback won't cause the added callback to be run
    * Fixed a crash in 3050


Build 3050
----------
Release Date: 22 July 2013


    * Fixed a crash regression in 3049
    * Minor improvements to Python syntax highlighting


Build 3049
----------
Release Date: 19 July 2013


    * Tab scrolling now works with mouse wheels
    * Changed tab close behavior: the neighboring tab is now always selected
    * Linux: Fixed incorrect handling of double clicks in the Find panel
    * Windows: Fixed hidden attribute regression in 3048 when atomic_save is disabled
    * Fixed a crash related to tab scrolling
    * API: Plugins may now call Settings.clear_on_change() within a callback from Settings.add_on_change()


Build 3048
----------
Release Date: 10 July 2013


    * Added tab scrolling, controlled by the enable_tab_scrolling setting
    * Automatically closing windows when the last tab is dragged out
    * Added minimap_scroll_to_clicked_text setting
    * Improved error messages when unable to save files
    * font_options is now case insensitive
    * Posix: Fixes new files being created with unexpected permissions
    * Windows: SSE support is no longer required for 32 bit builds


Build 3046
----------
Release Date: 26 June 2013


    * API: Supporting a distinction between Python modules and packages, to ensure relative imports work as expected


Build 3045
----------
Release Date: 25 June 2013


    * Windows: Fixed plugin overriding


Build 3044
----------
Release Date: 24 June 2013


    * Improved handling of Python sub-package importing, fixing the delete from side bar regression


Build 3043
----------
Release Date: 21 June 2013


    * Deleted files are marked as dirty again
    * Fixed a regression when overriding the color scheme in syntax specific settings
    * Linux and OSX: atomic_save is adaptively disabled when it's not possible to preserve file permissions
    * API: Fixed settings objects getting invalidated too early with cloned views
    * API: Plugins in zip files are able to be overridden via files on disk


Build 3041
----------
Release Date: 14 June 2013


    * Fixed file change detection regression in 3040
    * Windows: Fixed a crash introduced in 3034


Build 3040
----------
Release Date: 13 June 2013


    * Fixed a crash on exit that could occur when hot_exit is disabled
    * Fixed a crash introduced in 3036
    * Windows: DirectWrite support uses the old path when drawing from a the text buffer
    * Windows: Auto updater supports updating from unicode paths
    * API: Added support for the termios module on Linux and OS X.


Build 3038
----------
Release Date: 9 June 2013


    * Fixed further regressions in 3036


Build 3037
----------
Release Date: 4 June 2013


    * Fixed a regressions in 3036


Build 3036
----------
Release Date: 4 June 2013


    * Fixed regressions in file change detection
    * Linux: Added support for High DPI, controlled by the GTK Text Scaling Factor
    * Windows: DirectWrite is enabled automatically in high DPI mode
    * OSX: Fixed context menus not working when the application is in the background


Build 3035
----------
Release Date: 17 May 2013


    * Restored Windows XP compatibility
    * Fixed an OSX crash
    * Fixed double closing of script tags


Build 3034
----------
Release Date: 16 May 2013


    * Improved file change detection
    * Windows: Added high DPI support
    * Graphics rendering ported to Skia from Cairo
    * HTML tag auto completion is better behaved in script tags
    * API: Fixed Selection.contains


Build 3032
----------
Release Date: 6 May 2013


    * Added setting always_prompt_for_file_reload
    * Pressing right in the Goto Anything overlay will open the selected file without closing the overlay
    * Improved handling of deleted files when restoring sessions
    * Linux: Fixed popup menu positioning
    * Windows: Fixed erroneous entries in system menu


Build 3031
----------
Release Date: 1 May 2013


    * Find panel has a drop down arrow to select previous items
    * Minor Auto Complete visual tweaks
    * API: Added view.show_popup_menu()
    * API: Added is_valid() method to view and window, to determine if the handle has been invalidated


Build 3030
----------
Release Date: 23 April 2013


    * Fixed crash introduced in 3029


Build 3029
----------
Release Date: 22 April 2013


    * Fix for rare crash
    * Telemetry is enabled by default for dev builds
    * Improved Minimap hover logic
    * Faster startup time


Build 3028
----------
Release Date: 16 April 2013


    * Fixed a regression in 3027


Build 3027
----------
Release Date: 15 April 2013


    * Fixed several rare crashes
    * Improved HTML completions when typing outside of tags
    * Fixed Close Tag not respecting self closing tags
    * Windows: Fixed auto updates not installing when the application is installed to a drive other than C


Build 3026
----------
Release Date: 10 April 2013


    * auto_find_in_selection defaults to false as intended
    * Fixed a sidebar regression in 3024
    * Windows: Fixed an 'Open in Sublime Text' regression introduced in 3024
    * Improved handling of packages with non-utf8 encoded .py files


Build 3025
----------
Release Date: 9 April 2013


    * Fixed some regressions in 3024
    * Added Paste from History
    * API: on_text_command and on_window command are now called when the menu is used
    * API: Added on_post_text_command and on_post_window_command


Build 3024
----------
Release Date: 8 April 2013


    * Semi-transient sheets are no longer shown in the OPEN FILES section of the side bar
    * Added setting 'auto_find_in_selection', for S2 style Find in Selection logic
    * Using Google Breakpad to automatically report crashes
    * Symlinks are followed by default in folders added to the side bar
    * PHP: Improved auto indenting for the alternative control syntax
    * "Remove all Folders from Project" now prompts to confirm
    * Deleting a file via the side bar will first close the corresponding view, if any
    * Update window will display properly even if the theme doesn't have rules for it
    * Windows: New style Open Folder dialogs are used on Vista and later
    * API: Added view.close()
    * API: Added sublime.get_macro()


Build 3023
----------
Release Date: 3 April 2013


    * New auto update system for Windows and OS X
    * Added telemetry. Telemetry is currently disabled by default, but will be enabled by default in future dev builds. It can be explicitly controlled with the enable_telemetry setting
    * API: Fixed a memory leak in plugin_host




Pages: [1]