Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <style type="text/css">
- <!--
- .style1 {
- font-size: large;
- color: #00FF33;aa
- }
- -->
- </style>
- <p align="center" class="style1">Shell script Finder Modified by <a href="http://facebook.com/orionshunter">ORIONSHUNTER</a> OF <a href="https://www.facebook.com/groups/bangladeshcyberpolice/">BD BLACK HAT HACKERS</a></p>
- <p> </p>
- <?php
- header('Content-Type: text/html; charset=windows-1251');
- set_time_limit(0);
- $shells = array('Ajax_PHP Command Shell' => 'runcommand\(\'shellhelp\',\'GET\'\)',
- 'Antichat Shell v1.3' => 'version ([0-9\.]+) by Grinay',
- 'WTF Backdoor' => 'lb11',
- 'Obfuscation provided by FOP' => 'Obfuscation provided by FOPO',
- 'PHPSpy' => '4ngel.net',
- 'r57shell' => 'RST/GHC',
- 'Locus7s' => 'Locus7s',
- 'PHPSpy' => 'phpspy',
- 'DrBackdoor' => 'Shell - *Dr.Backd00r*',
- 'ExplorerWSO' => 'substr(md5(strrev($___)',
- 'Autoriz_MD5_X1' => 'md5_pass',
- 'Ayyildiz Tim -AYT- Shell v' => 'Shell v ([0-9\.]+) Biz B', 'aZRaiLPhp' =>
- 'Silinemedi:\$deldir', 'backdor1' => 'Coded By Charlichaplin', 'backdorfr' =>
- 'Ce script permet d\'exploiter', 'c100.php' => 'Written by Captain Crunch Team',
- 'c2007.php', 'C99 Modified By Psych0', 'c99 mod Captain Crunch' => '\$c99sh_updatefurl',
- 'c99 original' => 'Admin@SpyGrup\.Org \[Kruis\]', 'Casus15.php' => 'CasuS ([0-9\.]+) by MafiABoY',
- 'Crystal' => ' Coded by : Super-Crystal and Mohajer22', 'ctt_sh.php' => '\[CT\] TEAM SCRIPTING - RODNOC',
- 'Cyber Shell' => 'Cyber Shell', 'dC3 Security Crew Shell PRiV' =>
- 'Shell written by Bl0od3r', 'Dive Shell 1.0 - Emperor Hacking Team' =>
- 'Dive Shell - Emperor Hacking Team', 'DTool Pro' =>
- 'Comandos Exclusivos do DTool Pro', 'DxShell' => 'DxShell', 'Fatalshell' =>
- 'Lutfen Dosyayi Adlandiriniz', 'fuckphpshell' => '', 'fuckphpshell' =>
- 'this is a priv3 server', 'GFS web-shell' => 'GFS Web-Shell',
- 'h4ntu shell [powered by tsoi]' => 'h4ntu shell \[powered by tsoi\]', 'img.php' =>
- 'nsT View \$ver', 'iMHaPFtp.php' => 'iMHaBiRLiGi Php Ftp Editoru', 'ironshell' =>
- 'You can put a md5 string here too, for plaintext passwords',
- 'KAdot Universal Shell' => 'KA_uShell ([0-9\.]+)', 'lamashell' => 'lama\'s\'hell',
- 'Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit' =>
- 'Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit', 'load_shell' =>
- 'Loader\'z WEB Shell', 'mailer3.php' => 'Moroccan Spamers Ma-EditioN By GhOsT',
- 'matamu' => 'Matamu Mat', 'Moroccan Spamers Ma-EditioN By GhOsT' =>
- 'Open the file attachment if any, and base64_encode', 'myshell' => '\$MyShellVersion',
- 'Mysql interface' => 'Mysql interface v([0-9\.]+)',
- 'MySQL Web Interface Version' => 'MySQL Web Interface Version', 'NCC-Shell' =>
- 'Hacked by Silver', 'NetworkFileManagerPHP' =>
- 'NetworkFileManagerPHP for channel', 'NIX REMOTE WEB-SHELL' =>
- 'NIX REMOTE WEB-SHELL', 'nshell.php' => 'nShell v([0-9\.]+)', 'nstview.php' =>
- 'nsTView \$ver', 'PHANTASMA' => 'PHANTASMA- NeW CmD', 'PHP Shell.php' =>
- 'PHPSHELL.PHP BY MACKER', 'php-backdoor' => 'a simple php backdoor',
- 'php-include-w-shell' => 'LOTFREE PHP Backdoor', 'phpbackdoor15' => 'return \"Hopefully dumped!\"',
- 'pHpINJ' => 'News Remote PHP Shell Injection', 'phpjackal' => 'PHPJackal',
- 'PHPRemoteView' => 'phpRemoteView', 'phpshell17' =>
- 'PHP Shell is aninteractive PHP-page', 'phvayv.php' => 'PHVayv', 'Private-i3lue' =>
- 'webadmin\.php - a simple Web-based file manager', 'Ru24PostWebShell' =>
- 'Ru24PostWebShell', 'r57 Shell.php v 1.22 or 33' => '\(c\)oded by 1dt\.w0lf',
- 'r577.php' => 'admin@spygrup\.org\[Kruis\]', 'rootshell.php' =>
- 'www.SR-Crew.org', 'Russian.php' => 'KAdot Universal Shell', 's72 Shell' =>
- 'Cr@zy_King', 'Safe0ver Shell -Safe Mod Bypass By Evilc0der' =>
- 'Safe_Mode Bypass PHP', 'SimAttacker - Vrsion' => 'Simple PHP backdoor by DK',
- 'simple-backdoor' => 'G-Security Webshell', 'simple_cmd' =>
- 'Simorgh Security Magazine', 'SimShell 1.0' => 'Sincap 1.0', 'SnIpEr_SA Shell' =>
- '\(c\)oded by SnIpEr_SA', 'spy.php' => '\$version = \"SpyGrup\.Org SpeciaL\"',
- 'w3d.php' => 'W3D Shell', 'w4k.php' => 'chdir\(\$lastdir\); c99shexit\(\);',
- 'webshell.txt' => 'This PHP Web Shell was developed by Digital Outcast',
- 'WinX Shell' => '-:\[GreenwooD\]:- WinX Shell', 'Worse Linux Shell' =>
- 'Watch Your system Shany was here', 'xinfo.php' =>
- 'NetworkFileManagerPHP for channel', 'zacosmall' =>
- 'Small PHP Web Shell by ZaCo', 'wso shell' => '\$auth_pass = \"([0-9a-f]{32})\";|\$default_action = \'FilesMan\';');
- $path = dirname(__FILE__);
- $allowed_ext = array('php', 'phtml', 'php5', 'php4', 'jpg', 'gif', 'png', 'bmp');
- if (isset($_REQUEST['dir'])) {
- unlink($path.$_REQUEST['dir']);
- header("Location: ".$_SERVER['SCRIPT_NAME']);
- }
- echo "<html><head><style>body { background-color: black; color: lightgrey;}</style></head><body><table width='100%' cellpadding='5' align='center'><tbody><tr style='background-color: silver; color:white'><th>সেল এর নাম </th><th>সেল টাইপ</th><th>বিবরন</th></tr>";
- function findshells($start) {
- global $allowed_ext, $shells, $path;
- $files = array();
- $handle = opendir($start);
- while(($file=readdir($handle))!==false) {
- if ($file!="." && $file !="..") {
- $startfile = $start."/".$file;
- if (is_dir($startfile)) {
- findshells($startfile);
- } else {
- if (in_array(substr(strrchr($startfile, '.'), 1), $allowed_ext) and basename($startfile) != basename(__file__)) {
- $file_source = file_get_contents($startfile);
- foreach ($shells as $name => $signature) {
- if (preg_match('#'.$signature.'#', $file_source)) {
- $file_now = str_replace("./", "", $startfile);
- echo '<tr style="background-color: red;"><td width="35%"><center>'.$file_now.'</center></td><td><center>'.$name.'</center></td><td width="35%"><a href="?dir='.$file_now.'"><font color="lightgrey">এই ডিরেটরী</font></a> | <a href="'.$file_now.'" target="_blank"><font color="green">এখানে
- সেল আছে</font></a></td></tr>';
- ob_flush();
- flush();
- }
- }
- }
- }
- }
- }
- closedir($handle);
- }
- findshells("./");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
