body {
background: #000;
color: #0f0;
font-family: "Courier New", monospace;
font-size: 12px;
line-height: 1.4;
margin: 0;
padding: 10px;
}
h1 {
color: #0f0;
border: 1px solid #0f0;
padding: 8px;
margin: 0 0 10px 0;
font-size: 18px;
font-weight: bold;
}
a { color: #0f0; text-decoration: none; }
a:hover { background: #f00; }
.infected { color: #ff0; font-weight: bold; }
textarea {
width: 80%;
height: 350px; /* Diperbesar dari 120px → 300px */
font-family: "Courier New", monospace;
font-size: 12px;
line-height: 1.4;
margin: 8px 0;
background: #111;
color: #0f0;
border: 1px solid #0f0;
padding: 10px;
box-sizing: border-box;
resize: vertical; /* Bisa diperbesar manual */
word-wrap: break-word; /* Jika ada string panjang */
overflow-y: auto; /* Scroll vertikal */
}
input, button {
padding: 8px;
margin: 5px;
background: #111;
color: #0f0;
border: 1px solid #0f0;
cursor: pointer;
}
.result {
margin: 10px 0;
padding: 10px;
border-bottom: 1px dashed #333;
background: #000;
border-left: 4px solid #ff0;
}
.delete-btn { color: #f00; font-weight: bold; }
#footer {
margin: 20px 0;
text-align: center;
color: #555;
font-size: 11px;
}
';
}
if (isset($_GET['kill'])) {
unlink(__FILE__);
die("[!] Scanner telah dihapus.
");
}
if (isset($_GET['delete'])) {
$file = urldecode($_GET['delete']);
if (file_exists($file) && is_writable($file)) {
unlink($file) ? $msg = "Dihapus" : $msg = "Gagal dihapus";
} else {
$msg = "File tidak ada atau tidak bisa dihapus";
}
echo "[DELETE] $file — $msg
";
}
if (isset($_GET['clearlog'])) {
@unlink(LOG_FILE);
echo "[LOG] Log dibersihkan.
";
}
printCSS();
echo "🔍 Backdoor Scanner v2.0.0
";
echo "[Self Delete] | [Clear Log]
";
$current_dir = getcwd();
if (isset($_GET['dir']) && is_dir($_GET['dir'])) {
$current_dir = rtrim($_GET['dir'], '/\\');
}
echo "
";
echo "Current Directory: " . htmlspecialchars($current_dir) . "
";
function logInfection($file, $reason = 'suspect') {
$log = "[" . date('Y-m-d H:i:s') . "] $file | $reason\n";
file_put_contents(LOG_FILE, $log, FILE_APPEND | LOCK_EX);
}
function scanFile($file) {
global $allowed_extensions;
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
// Cek ekstensi
if (!in_array($ext, $allowed_extensions) && $ext !== 'zip') {
return;
}
if ($ext === 'zip') {
scanZip($file);
return;
}
if (filesize($file) > MAX_FILE_SIZE) {
return;
}
$content = @file_get_contents($file);
if ($content === false || strlen($content) === 0) {
return;
}
foreach (SUSPICIOUS_PATTERNS as $pattern) {
if (preg_match($pattern, $content)) {
$pattern_name = htmlspecialchars($pattern);
echo "
[+] INFECTED →
[DELETE]
" . htmlspecialchars($file) . "
Pattern: $pattern_name
";
logInfection($file, "Match: $pattern_name");
return;
}
}
}
function scanZip($zipFile) {
$zip = new ZipArchive();
if ($zip->open($zipFile) !== TRUE) {
return;
}
for ($i = 0; $i < $zip->numFiles; $i++) {
$filename = $zip->getNameIndex($i);
$ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
if (!in_array($ext, ['php', 'phtml', 'shtml', 'htaccess'])) {
continue;
}
$stream = $zip->getStream($filename);
if (!$stream) continue;
$content = stream_get_contents($stream);
fclose($stream);
foreach (SUSPICIOUS_PATTERNS as $pattern) {
if (preg_match($pattern, $content)) {
$full_path = "$zipFile::$filename";
echo "
[ZIP] →
" . htmlspecialchars($full_path) . "
Pattern: " . htmlspecialchars($pattern) . "
";
logInfection($full_path, "ZIP infected: $pattern");
break;
}
}
}
$zip->close();
}
function scanDirectory($dir) {
if (!is_readable($dir)) return;
$files = scandir($dir);
foreach ($files as $file) {
if ($file === '.' || $file === '..') continue;
$path = $dir . DIRECTORY_SEPARATOR . $file;
if (is_file($path)) {
scanFile($path);
} elseif (is_dir($path)) {
scanDirectory($path);
}
}
}
echo "[+] Memulai scan... (mungkin butuh waktu lama)
";
scanDirectory($current_dir);
echo "[✓] Scan selesai.
";
echo "";
?>