LOGIN SHELL WITH VALIDATION

1. <?php
2. error_reporting(0);
3. ob_start('ob_gzhandler');
4. session_start();
5.  
6. $username = 'user';
7. $password = 'root';
8.  
9. function pac($str) {
10.     echo $str;
11. }
12. pac('<html><head>
13.     <meta charset="UTF-8">
14. <title>Login</title>
15. <meta name="viewport" content="width=device-width, initial-scale=1.0">
16. <style>
17. @import url("https://fonts.googleapis.com/css?family=Cabin");
18. *{
19.     padding: 0;
20.     margin: 0;
21.     box-sizing:border-box;
22. }
23. body {
24.     margin:auto;
25.     background: #191919;
26.     font-family: "Cabin";
27.    -webkit-font-smoothing:antialiased;
28.     font-size: 14px;
29.    color:#fff;
30.    text-shadow:0px 0px 0px #343436;
31. }
32. *:focus {
33.     outline: 0;
34. }
35. .container {
36.     max-width: 350px;
37.     margin: auto;
38.    background: none;
39. }
40. .content {
41.     margin:10px;
42.     background:#222;
43.     padding:7px;
44.     color:#fff;
45.     box-shadow:0px 1px 1px rgba(0,0,0,0.1) inset;
46.     border-radius:5px;
47.     max-width:350px;
48. }
49. input[type=text], input[type=password] {
50.     padding:7px;
51.     font-size:14px;
52.     font-family: "Cabin";
53.     width:100%;
54.     border:1px solid #343436;
55.     background:none;
56.     color: #FA5A5A;
57. }
58. input[type=text]:hover, input[type=password]:hover {
59.     border:1px solid #FA5A5A;
60.     transition: all 0.5s;
61. }
62. button {
63.     padding:7px;
64.     font-size:14px;
65.     font-family: "Cabin";
66.     background:#FA5A5A;
67.     width:100px;
68.     border:1px solid #FA5A5A;
69. }
70. button:hover {
71.     background:none;
72.     color:#FA5A5A;
73.     border:1px solid #FA5A5A;
74.     transition: all 0.5s;
75. }
76. .top5 {
77.     margin-top: 5px;
78. }
79. table {
80.     width:100%;
81. }
82. td {
83.     color:#fff;
84.     font-size: 14px;
85. }
86. a {
87.     text-decoration: none;
88.     color:#FA5A5A;
89. }
90. hr {
91.     border: 0;
92.     height: 1px;
93.     background-image: -webkit-linear-gradient(left, #FA5A5A, #FA5A5A, #FA5A5A);
94.     background-image: -moz-linear-gradient(left, #FA5A5A, #FA5A5A, #FA5A5A);
95.     background-image: -ms-linear-gradient(left, #FA5A5A, #FA5A5A, #FA5A5A);
96.     background-image: -o-linear-gradient(left, #FA5A5A, #FA5A5A, #FA5A5A);
97. }
98. h3 {
99.     font-weight:500;
100. }
101. </style></head></body>');
102. function form() {
103.     pac('<form action="" method="post">
104.     <table>
105. <td>Username :</td>
106.     <td><input name="user" type="text"></td><tr>
107. <td>Password :</td>
108.     <td><input name="pass" type="password"></td>
109.     <tr>
110.     <td></td><td><button name="login">Login!</button></td></table>
111.     </form>');
112. }
113. pac('<script>
114.    baseUrl = window.location.href.split("?")[0];
115.    window.history.pushState("name", "?", baseUrl);
116. </script>');
117. if(isset($_GET['out'])) {
118.     setcookie('UNDERXPLOIT', time() - 3600);
119.     unset($_SESSION['username']);
120. }
121. pac('<div class="container">');
122. if(isset($_POST['login'])) {
123. if($_POST['user'] == $username AND $_POST['pass'] == $password) {
124.     $_SESSION['username'] = $username;
125.     $_COOKIE[$username] = $password;
126.     setcookie('UNDERXPLOIT', md5($_SERVER['HTTP_HOST']));
127. } else if(empty($_POST['user']) || empty($_POST['pass'])) {
128.     pac('<div class="content">Form Can\'t be  Empty !!</div>');
129. } else {
130.     pac('<div class="content">Invalid Username or Password !!</div>');
131.     }
132. }
133. pac('<div class="content"><center><br><h3>LOGIN</h3><br><hr><br></center>');
134. if($_SESSION['username'] == $username) {
135.     pac('Your Content Here ---> <a href="?out">./Logout</a><br>');
136.     } else {
137.         form();
138.     }
139. pac('<br><hr></div></div>');
140. ?>