File Manager

✏️ Edit File: /home/vps100806676/www/database/baseline.php

<?php
error_reporting(E_ALL);
ini_set('display_errors', 1);

$SECRET = "lampha778";

/* BOLEH JALAN DI PUBLIC_HTML */
$ALLOW_PUBLIC_HTML_ROOT = true;

/* TARGET ROOT (PUBLIC_HTML) */
$root = realpath(dirname(__DIR__));

/* CONFIG SESUAI REQUEST LU */
$snapshotName = "back-up";
$snapshotDir = __DIR__ . "/" . $snapshotName;
$logFile = __DIR__ . "/error-log.txt";

/* FILTER FILE */
$allowedExt = ['php','html','htm','css','js','txt','json','xml','htaccess'];

$ignore = [
    $snapshotName,
    basename(__FILE__),
    'error-log.txt',
    'error_log',
    '.well-known'
];

/* UPGRADE TAMBAHAN SESUAI REQUEST LU */
/* 1. DELETE FILE ASING: file yang gak ada di snapshot akan dihapus saat ?run=SECRET */
/* 2. WHITELIST FOLDER: exclude upload / cache */
/* 3. DETECT BACKDOOR: scan function aneh seperti eval, base64, shell, dll */
$whitelistFolders = [
    'wp-content/uploads',
    'wp-content/cache',
    'cache',
    'uploads',
    'upload',
    'storage/cache'
];

$dangerPatterns = [
    '/\beval\s*\(/i',
    '/base64_decode\s*\(/i',
    '/gzinflate\s*\(/i',
    '/gzuncompress\s*\(/i',
    '/str_rot13\s*\(/i',
    '/shell_exec\s*\(/i',
    '/\bexec\s*\(/i',
    '/\bsystem\s*\(/i',
    '/passthru\s*\(/i',
    '/proc_open\s*\(/i',
    '/popen\s*\(/i',
    '/assert\s*\(/i',
    '/preg_replace\s*\(.+\/e/i',
    '/create_function\s*\(/i',
    '/include\s*\(\s*\$_/i',
    '/require\s*\(\s*\$_/i',
    '/file_put_contents\s*\(/i',
    '/move_uploaded_file\s*\(/i',
    '/chmod\s*\(/i',
    '/curl_exec\s*\(/i',
    '/fsockopen\s*\(/i',
    '/php:\/\/input/i',
    '/\$_(GET|POST|REQUEST|COOKIE|SERVER)\s*\[/i'
];

/* ================= CORE ================= */

function out($msg){
    header('Content-Type: text/plain; charset=UTF-8');
    echo $msg;
    exit;
}

function is_root_blocked($root){
    $base = strtolower(basename($root));
    return in_array($base, ['public_html','htdocs','www'], true);
}

function ignored($rel, $ignore){
    foreach($ignore as $skip){
        if($skip !== '' && strpos($rel, $skip) !== false){
            return true;
        }
    }
    return false;
}

function allowed($path, $allowedExt){
    $base = basename($path);
    if($base === '.htaccess') return true;

$ext = strtolower(pathinfo($path, PATHINFO_EXTENSION));
    return in_array($ext, $allowedExt, true);
}

function is_whitelisted($rel, $whitelistFolders){
    $rel = trim(str_replace('\\', '/', $rel), '/');

foreach($whitelistFolders as $folder){
        $folder = trim(str_replace('\\', '/', $folder), '/');

if($folder !== '' && ($rel === $folder || strpos($rel, $folder.'/') === 0)){
            return true;
        }
    }

return false;
}

function detect_backdoor($path, $dangerPatterns){
    if(!is_readable($path)) return [];

$content = @file_get_contents($path);
    if($content === false) return [];

$hits = [];

foreach($dangerPatterns as $pattern){
        if(@preg_match($pattern, $content)){
            $hits[] = $pattern;
        }
    }

return $hits;
}

function copy_file($from, $to){
    $dir = dirname($to);
    if(!is_dir($dir)) @mkdir($dir, 0755, true);
    return @copy($from, $to);
}

function scan_files($root, $ignore, $allowedExt){
    $list = [];

/*
     * SAFE SCAN:
     * Biar script gak fatal error kalau nemu folder rusak / permission denied / symlink aneh.
     * Folder/file bermasalah akan dilewati, bukan bikin seluruh script mati.
     */
    if(!$root || !is_dir($root) || !is_readable($root)){
        return $list;
    }

try {
        $dir = new RecursiveDirectoryIterator(
            $root,
            FilesystemIterator::SKIP_DOTS
        );

$it = new RecursiveIteratorIterator(
            $dir,
            RecursiveIteratorIterator::SELF_FIRST,
            RecursiveIteratorIterator::CATCH_GET_CHILD
        );

foreach($it as $item){
            try {
                if($item->isLink()) continue;
                if(!$item->isFile()) continue;

$path = $item->getPathname();

if(!$path || !is_readable($path)) continue;

$rel = str_replace($root . DIRECTORY_SEPARATOR, '', $path);
                $rel = str_replace('\\', '/', $rel);

if(ignored($rel, $ignore)) continue;
                if(!allowed($path, $allowedExt)) continue;

$list[$rel] = $path;

} catch (Throwable $e){
                continue;
            }
        }

} catch (Throwable $e){
        return $list;
    }

return $list;
}

/* ================= PROTECTION ================= */

if(is_root_blocked($root) && !$ALLOW_PUBLIC_HTML_ROOT){
    out("BLOCKED");
}

/* ================= INIT ================= */

if(($_GET['init'] ?? '') === $SECRET){

if(!is_dir($snapshotDir)){
        @mkdir($snapshotDir, 0755, true);
        @file_put_contents($snapshotDir.'/.htaccess', "Deny from all\n");
    }

$saved = 0;

foreach(scan_files($root, $ignore, $allowedExt) as $rel => $path){
        if(copy_file($path, $snapshotDir.'/'.$rel)){
            $saved++;
        }
    }

@file_put_contents(
        $logFile,
        "[".date("Y-m-d H:i:s")."] INIT: $saved files\n",
        FILE_APPEND
    );

out("INIT DONE: $saved files");
}

/* ================= CHECK ================= */

if(($_GET['check'] ?? '') === $SECRET){

if(!is_dir($snapshotDir)){
        out("NO SNAPSHOT");
    }

$changes = [];

foreach(scan_files($root, $ignore, $allowedExt) as $rel => $path){

if(is_whitelisted($rel, $whitelistFolders)){
            continue;
        }

$snap = $snapshotDir.'/'.$rel;

if(!file_exists($snap)){
            $changes[] = "NEW FILE ASING: ".$rel;
            continue;
        }

if(hash_file('sha256', $path) !== hash_file('sha256', $snap)){
            $changes[] = "MODIFIED: ".$rel;
        }

$backdoorHits = detect_backdoor($path, $dangerPatterns);
        if(!empty($backdoorHits)){
            $changes[] = "BACKDOOR SUSPECT: ".$rel." | ".implode(', ', $backdoorHits);
        }
    }

out(empty($changes) ? "NO CHANGE" : implode("\n", $changes));
}

/* ================= RESTORE ================= */

if(($_GET['run'] ?? '') === $SECRET){

if(!is_dir($snapshotDir)){
        out("NO SNAPSHOT");
    }

$restored = [];

/* DELETE FILE ASING YANG TIDAK ADA DI SNAPSHOT */
    foreach(scan_files($root, $ignore, $allowedExt) as $rel => $path){

if(is_whitelisted($rel, $whitelistFolders)){
            continue;
        }

$snap = $snapshotDir.'/'.$rel;

if(!file_exists($snap)){
            if(@unlink($path)){
                $restored[] = "DELETE FILE ASING: ".$rel;
            } else {
                $restored[] = "FAILED DELETE FILE ASING: ".$rel;
            }
        }
    }

$snapFiles = scan_files($snapshotDir, [], $allowedExt);

foreach($snapFiles as $rel => $snapPath){

if(is_whitelisted($rel, $whitelistFolders)){
            continue;
        }

$target = $root.'/'.$rel;

if(!file_exists($target)){
            if(copy_file($snapPath, $target)){
                $restored[] = "RESTORE MISSING: ".$rel;
            }
            continue;
        }

if(hash_file('sha256', $target) !== hash_file('sha256', $snapPath)){
            if(copy_file($snapPath, $target)){
                $restored[] = "RESTORE MODIFIED: ".$rel;
            }
        }
    }

if(!empty($restored)){
        @file_put_contents(
            $logFile,
            "[".date("Y-m-d H:i:s")."]\n".implode("\n", $restored)."\n\n",
            FILE_APPEND
        );
    }

out(empty($restored) ? "NO CHANGE" : implode("\n", $restored));
}

out("READY");

Batal

⬅ Naik ke www 2 item

Nama	Tipe	Ukuran	Diubah	Aksi
🐘baseline.php	php	7.5 KB	2026-06-03 11:16	✏️ Edit 👁️ View
📄error_log	file	710 B	2026-06-03 11:17	✏️ Edit 👁️ View