[PHP] Backdoor Scanner Priv8

1. <?php
2. /*
3. ####################################################################################
4. # Name : Backdoor Scanner ##
5. # Author : T3754K1T1 ##
6. # Thanks goes to : Mr.Tenwap - IndoXploit - AnonCyberTeam ##
7. # ##
8. ####################################################################################
9. */
10. putenv("TZ=Europe/Britania");
11. ?>
12. <head>
13. <title>Backdoor Scanner</title>
14. <script language="JavaScript" type="text/JavaScript">
15. <!--
16. function MM_openBrWindow(theURL,winName,features) { //v2.0
17. window.open(theURL,winName,features)
18. }
19. //-->
20. </script>
21. <style type="text/css">
22. <!--
23. body {
24. font-family: Tahoma;
25. color: #CCCCCC;
26. background-color: #000000;
27. font-size: 11px;
28. font-weight: bold;
29. }
30. .single{
31. border: 1px solid #00ff00;
32. padding: 5px;
33. }
34. a:visited {
35. color: #33333;
36. font-size: 11px;
37. font-family: tahoma;
38. text-decoration: none;
39. }
40.  
41. a:hover {
42. color: #ccff00;
43. text-decoration: none;
44. }
45. .abunai {
46. color: red;
47. text-decoration: none;
48. }
49. .xxx {
50. color: blue;
51. text-decoration: none;
52. }
53. a {
54. color: #ccff99;
55. font-size: 11px;
56. font-family: tahoma;
57. text-decoration: none;
58. }
59. td {
60. border-style: solid;
61. border-width: 0 0 1px 0;
62. font-size:11px; font-family:Tahoma,Verdana,Arial; color:#ccff99;
63. }
64. .me {
65. font-size:11px; font-family:Tahoma,Verdana,Arial; color:#ccff99;
66. border: 0px;
67. padding: 5px;
68. }
69. .isi:disabled{
70. padding: 2px;
71. border:1px solid #333333;
72. font-family: Tahoma;
73. color: #333333;
74. background-color: #000000;
75. font-size: 10px;
76. font-weight: bold;
77. }
78. .isi{
79. padding: 2px;
80. border:1px solid #666666;
81. font-family: Tahoma;
82. color: #ccff99;
83. background-color: #666666;
84. font-size: 10px;
85. font-weight: bold;
86. }
87. -->
88. </style>
89. <style type="text/css">
90. #patch {position:absolute; height:1; width:1px; top:0; left:0;}
91. </style>
92. </head>
93. <body>
94. <center><br><font color="#339900" size="14" face="arial">Backdoor Scanner</font></center><br>
95. <?php
96. if(isset($_REQUEST['edit']) && $_REQUEST['edit']=='file'){
97. if(isset($_POST['yes'])){
98. $filename = $_GET['file'];
99. echo "<br><br><br><font color=red size=3><b><center>".$filename." deleted...</b></font><br><br><br><br><br><br><br>";
100. unlink($filename);
101. echo "<META HTTP-EQUIV=Refresh CONTENT=\"2; URL=javascript:window.close();\">";
102. }else{
103. if($_POST['update']) {
104. $filename = $_POST['file'];
105. if(is_writable($filename)) {
106. $handle = fopen($filename, "w+");
107. $isi=$_POST['content'];
108. fwrite($handle, stripslashes($isi));
109. fclose($handle);
110. $stat= "<center><strong>edited successfully<br>";
111. } else {
112. $stat= "<center><font color=red><strong>Error! File may not be writable.</font></center>";
113. }
114. }
115. if($_POST['close']) {
116. echo "<META HTTP-EQUIV=Refresh CONTENT=\"0; URL=javascript:window.close();\">";
117. }
118. $filename = $_GET['file'];
119. if (file_exists($filename)){
120. $vuln = $_GET['bug'];
121. $handle = fopen($filename, "r");
122. $contents = fread($handle, filesize($filename));
123. ?>
124. <center>
125. <table>
126. <tr><td align="left" class="me"><strong><?=$filename?>&nbsp;&nbsp;>> Contains :&nbsp;<?=$vuln?></strong></td></tr>
127. <tr><td class="me">
128. <form method="post" action="">
129. <input type="hidden" name="file" value="<?=$filename?>">
130. <textarea name="content" cols="80" rows="15"><?=htmlspecialchars($contents)?></textarea><br>
131. </td></tr>
132. <tr><td align="center" class="me">
133. <?php
134. if($_POST['delete']) {
135. echo "Are you sure to delete ".$filename." ?";
136. ?>
137. <tr><td align="center" class="me">
138. <input type="submit" name="yes" value=" Y E S ">
139. <input type="submit" name="no" value=" N O ">
140. </td></tr>
141. <?php
142. }else{
143. echo $stat;
144. ?>
145. </td></tr>
146. <tr><td align="right" class="me">
147. <input type="submit" name="close" value=" C l o s e ">
148. <input type="submit" name="delete" value=" D e l e t e ">
149. <input type="submit" name="update" value=" S a v e ">
150. </td></tr>
151. <?php
152. }
153. fclose($handle);
154. ?>
155. </table>
156. </form>
157. <?php
158. }else{
159. echo "<br><br><br><font color=red size=3><b><center>".$filename." not exist...</b></font><br><br><br><br><br><br><br>";
160. echo "<META HTTP-EQUIV=Refresh CONTENT=\"4; URL=javascript:window.close();\">";
161. }
162. ?>
163. </center>
164. <?php
165. }
166. }elseif(isset($_POST['Submit'])){
167. $ceks = array('base64_decode','system','passthru','popen','exec','shell_exec','eval','move_uploaded_file');
168. foreach($ceks as $ceker){
169. if($_POST[$ceker]<>""){
170. $six.=$_POST[$ceker].".";
171. }
172. }
173. $cek = explode('.', $six);
174. function ListFiles($dir) {
175. if($dh = opendir($dir)) {
176. $files = Array();
177. $inner_files = Array();
178. while($file = readdir($dh)) {
179. if($file != "." && $file != ".." && $file[0] != '.') {
180. if(is_dir($dir . "/" . $file)) {
181. $inner_files = ListFiles($dir . "/" . $file);
182. if(is_array($inner_files)) $files = array_merge($files, $inner_files);
183. }else{
184. array_push($files, $dir . "/" . $file);
185. }
186. }
187. }
188. closedir($dh);
189. return $files;
190. }
191. }
192. $target=$_SERVER['DOCUMENT_ROOT'];
193. ?>
194. <center>
195. <table border="0" width="90%" cellpadding="5">
196. <tr>
197. <td class="me" align="right" width="30"><b>No</b></td>
198. <td class="me" align="center" width="105"><b> T y p e </b></td>
199. <td class="me" align="center"><b> F i l e&nbsp;&nbsp;L o c a t i o n </b></td>
200. <td class="me" align="center" width="150"><b> L a s t&nbsp;&nbsp;E d i t </b></td>
201. <td class="me" align="right" width="80"><b>F i l e&nbsp;&nbsp;S i z e</b></td>
202. </tr><br>
203. <?php
204. foreach (ListFiles($target) as $key=>$file){
205. $nFile = substr($file, -4, 4);
206. if($nFile == ".php"){
207. if($file==$_SERVER['DOCUMENT_ROOT'].$_SERVER['PHP_SELF']){
208. }else{
209. $ops = @file_get_contents($file);
210. $op=strtolower($ops);
211. $arr = array('c99_buff_prepare' => 'c 9 9',
212. 'abcr57' => 'r 5 7');
213. $sis=0;
214. if($op)
215. $size=filesize($file);
216. $last_modified = filemtime($file);
217. $last=date("M-d-Y H:i", $last_modified);
218. foreach($arr as $key => $val) {
219. if(@preg_match("/$key/", $op)) {
220. $sis=1;
221. $i++;
222. ?>
223. <tr style ="background-color: Your background Color;" onmouseover="mover(this)" onmouseout="mout(this)">
224. <td align="right"><font color="red"><blink><?=$i?></blink></font></td>
225. <td align="center"><font color="red"><blink><?=$val?></blink></font></td>
226. <td align="left"><blink>
227. <a href="#" class="abunai" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$val?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
228. </blink></td>
229. <td align="center"><font color="red"><blink><?=$last?> GMT+9</blink></font></td>
230. <td align="right"><font color="red"><blink><?=$size?> byte</blink></font></td>
231. <script language="javascript">
232. var bgcolor = "transparent";
233. var change_color = "#444444"
234. function mover(aa) {
235. aa.style.backgroundColor = change_color;
236. }
237. function mout(aa) {
238. aa.style.backgroundColor = bgcolor;
239. }
240. </script>
241. </tr>
242. <?php
243. }
244. }
245. if($sis<>"1"){
246. if((@preg_match("/system\((.*?)\)/", $op))&&(@preg_match("/<pre>/", $op))&&(@preg_match("/empty\((.*?)\)/", $op))) {
247. $sis="2";
248. $i++;
249. $val="hidden shell";
250. ?>
251. <tr style ="background-color: Your background Color;" onmouseover="mover(this)" onmouseout="mout(this)">
252. <td align="right"><font color="blue"><?=$i?></font></td>
253. <td align="center"><font color="blue"><?=$val?></font></td>
254. <td align="left">
255. <a href="#" class="xxx" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$val?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
256. </td>
257. <td align="center"><font color="blue"><?=$last?> GMT+9</font></td>
258. <td align="right"><font color="blue"><?=$size?> byte</font></td>
259. <script language="javascript">
260. var bgcolor = "transparent";
261. var change_color = "#444444"
262. function mover(aa) {
263. aa.style.backgroundColor = change_color;
264. }
265. function mout(aa) {
266. aa.style.backgroundColor = bgcolor;
267. }
268. </script>
269. </tr>
270. <?php
271. }
272. }
273. if($sis=="0"){
274. foreach($cek as $bugs) {
275. if ($bugs<>""){
276. if(@preg_match("/$bugs\((.*?)\)/", $op)) {
277. $i++;
278. ?>
279. <tr style ="background-color: Your background Color;" onmouseover="mover(this)" onmouseout="mout(this)">
280. <td align="right"><?=$i?></td>
281. <td align="center"><?=$bugs?></td>
282. <td align="left">
283. <a href="#" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$bugs?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
284. </td>
285. <td align="center"><?=$last?> GMT+9</td>
286. <td align="right"><?=$size?> byte</td>
287. <script language="javascript">
288. var bgcolor = "transparent";
289. var change_color = "#444444"
290. function mover(aa) {
291. aa.style.backgroundColor = change_color;
292. }
293. function mout(aa) {
294. aa.style.backgroundColor = bgcolor;
295. }
296. </script>
297. </tr>
298. <?php
299. }
300. }
301. }
302. }
303. if($_POST['textV']<>""){
304. $text=$_POST['textV'];
305. if(@preg_match("/$text/", $op)) {
306. $i++;
307. ?>
308. <tr style ="background-color: Your background Color;" onmouseover="mover(this)" onmouseout="mout(this)">
309. <td align="right"><?=$i?></td>
310. <td align="center"><?=$text?></td>
311. <td align="left">
312. <a href="#" onclick="MM_openBrWindow('?edit=file&file=<?=$file?>&bug=<?=$text?>','File view','status=yes,scrollbars=yes,width=700,height=600')" rel="nofollow"><?=$file?></a>
313. </td>
314. <td align="center"><?=$last?> GMT+9</td>
315. <td align="right"><?=$size?> byte</td>
316. <script language="javascript">
317. var bgcolor = "transparent";
318. var change_color = "#444444"
319. function mover(aa) {
320. aa.style.backgroundColor = change_color;
321. }
322. function mout(aa) {
323. aa.style.backgroundColor = bgcolor;
324. }
325. </script>
326. </tr>
327. <?php
328. }
329.  
330.  
331. }
332. }
333. }
334. }
335. if($i==0){
336. foreach($cek as $bugs) {
337. if ($bugs<>""){
338. $x++;
339. ?>
340. <tr style ="background-color: Your background Color;" onmouseover="mover(this)" onmouseout="mout(this)">
341. <td align="right"><?=$x?></td>
342. <td align="center"><?=$bugs?></td>
343. <td align="center"> not exist </td>
344. <td align="center"> no record </td>
345. <td align="right"> -&nbsp;&nbsp;&nbsp;&nbsp;byte </td>
346. </tr>
347. <?php
348. }
349. }
350. }
351. ?>
352. </table>
353. <?php
354. }else{
355. $find = array('default','base64_decode','system','passthru','popen','exec','shell_exec','eval','move_uploaded_file');
356. ?>
357. <form id="fCheck" name="fCheck" method="post" action="" autocomplete="off">
358. <center>
359. <table class="single" width="400" border="1" cellpadding="10">
360. <tr><td class="me"><center>
361. <b>S e l e c t &nbsp;&nbsp;s c a n&nbsp;&nbsp;t y p e :</b><br>
362. <table class="me" width="200">
363. <tr><td class="me">
364. <script language="javascript">
365. function cekKlik(){
366. if (!document.fCheck.cekV.checked)
367. document.fCheck.textV.disabled=true;
368. else
369. document.fCheck.textV.disabled=false;
370. if(document.fCheck.cekV.checked){
371. om = om + 1;
372. }else{
373. if(om > 0 ){
374. om = om - 1;
375. }else{
376. om = om;
377. }
378. }
379. if(om != 0){
380. document.fCheck.Submit.disabled=false;
381. }else{
382. document.fCheck.Submit.disabled=true;
383. }
384. }
385. </script>
386. <?php
387. //dari sini
388. foreach($find as $bug) {
389. ?>
390. <script language="javascript">
391. var om = 0;
392. function checkValue<?=$bug?>(){
393. if(document.fCheck.<?=$bug?>.checked){
394. om = om + 1;
395. }else{
396. if(om > 0 ){
397. om = om - 1;
398. }else{
399. om = om;
400. }
401. }
402. if(om != 0){
403. document.fCheck.Submit.disabled=false;
404. }else{
405. document.fCheck.Submit.disabled=true;
406. }
407. }
408. </script>
409. <input onclick="checkValue<?=$bug?>();" name="<?=$bug?>" type="checkbox" id="<?=$bug?>" value="<?=$bug?>" />&nbsp;<?=$bug?><br>
410. <?php
411. }
412. ?>
413. <input name="cekV" type="checkbox" onClick="cekKlik();" id="cekV" value="cekV">
414. <input class="isi" disabled="disabled" name="textV" value="other key word" onFocus="this.select()" type="text" id="textV">
415. <br><br>
416. <input type="hidden" name="asal" value="abcd">
417. <input disabled="disabled" type="submit" name="Submit" value=" S t a r t&nbsp;&nbsp;S c a n " />
418. </td></tr>
419. </table>
420. </td></tr></table>
421. </form>
422. <?
423. }
424. ?>
425. <br><br><hr width="300">
426. <center>
427. Backdoor Scanner &copy T3754K1T1 2018
428. <br><br>
429. </body>