yus-ham/index.php

## readme.md

      
    Raw
  

              readme.md
            
          
    Readme


## index.php
<?php
//
// + List files & directories
// + Write & Run PHP snipet
// + https://gist.github.com/665addb757cfcff9be67.git
//

ini_set("display_errors", 1);
error_reporting(30711);

if (isset($_POST['code'])) {
    die(eval("$_POST[code];"));
}

$files = array_merge((array) glob("*"), ['phpmyadmin']);
sort($files);

foreach ($files as $file) {
    echo "[+] /<a target=\"_blank\" href=\"$file\">$file</a><br/>\n";
}
?>
<hr/>
<button>SHIFT + ENTER : Run</button>
<button>...</button>
<textarea name="code"><?php echo htmlspecialchars($_GET['code'])?></textarea>
<br/>Output :
<div name="result"></div>
<script>
    $ = 'getElementsByTagName'
    ce = (D = document)[$]('textarea')[0]
    ce.focus()
    ce.style.width = '100%'
    ce.style.height = 200
    ce.style.font = '15px input, consolas'
    ce.style.background = 'black';
    ce.style.color = 'white';

    D[$]('button')[1].set = function (s) {
        this.checked = s
        this.innerHTML = (s ? 'UN' : '') + 'WRAP OUTPUT IN &lt;pre>...&lt;/pre> TAG'
    }


    ce.onkeypress = function (e) {
        if (e.shiftKey && e.keyCode == 13) {
            e.preventDefault();
            D[$]('button')[0].click()
        }
    }

    D[$]('button')[1].onclick = function (e) {
        if (D[$]('button')[1].checked) {
            D[$]('button')[1].set(0)
            D[$]('div')[0].innerHTML = D[$]('div')[0][$]('pre')[0].innerHTML
        } else {
            D[$]('button')[1].set(1)
            D[$]('div')[0].innerHTML = '<pre>'
                    + D[$]('div')[0].innerHTML + '</pre>'
            D[$]('div')[0][$]('pre')[0].style.font = '15px input'
        }
        ce.focus()
    }

    D[$]('button')[0].onclick = function (e) {
        xhr = new XMLHttpRequest();
        xhr.open('POST', '');
        xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
        xhr.send('code=' + ce.value)

        xhr.onreadystatechange = function () {
            if (this.readyState == 4) {
                text = (D[$]('button')[1].checked ? '<pre>' : '')
                        + xhr.response
                        + (D[$]('button')[1].checked ? '</pre>' : '')
                D[$]('div')['result'].innerHTML = text
            }
        }
    }

    D[$]('button')[1].set(0)
    D[$]('div')[0].style.border = '1px solid green'

</script>
</body>
	<?php
	//
	// + List files & directories
	// + Write & Run PHP snipet
	// + https://gist.github.com/665addb757cfcff9be67.git
	//

	ini_set("display_errors", 1);
	error_reporting(30711);

	if (isset($_POST['code'])) {
	die(eval("$_POST[code];"));
	}

	$files = array_merge((array) glob("*"), ['phpmyadmin']);
	sort($files);

	foreach ($files as $file) {
	echo "[+] /<a target=\"_blank\" href=\"$file\">$file</a><br/>\n";
	}
	?>
	<hr/>
	<button>SHIFT + ENTER : Run</button>
	<button>...</button>
	<textarea name="code"><?php echo htmlspecialchars($_GET['code'])?></textarea>
	<br/>Output :
	<div name="result"></div>
	<script>
	$ = 'getElementsByTagName'
	ce = (D = document)[$]('textarea')[0]
	ce.focus()
	ce.style.width = '100%'
	ce.style.height = 200
	ce.style.font = '15px input, consolas'
	ce.style.background = 'black';
	ce.style.color = 'white';

	D[$]('button')[1].set = function (s) {
	this.checked = s
	this.innerHTML = (s ? 'UN' : '') + 'WRAP OUTPUT IN <pre>...</pre> TAG'
	}


	ce.onkeypress = function (e) {
	if (e.shiftKey && e.keyCode == 13) {
	e.preventDefault();
	D[$]('button')[0].click()
	}
	}

	D[$]('button')[1].onclick = function (e) {
	if (D[$]('button')[1].checked) {
	D[$]('button')[1].set(0)
	D[$]('div')[0].innerHTML = D[$]('div')[0][$]('pre')[0].innerHTML
	} else {
	D[$]('button')[1].set(1)
	D[$]('div')[0].innerHTML = '<pre>'
	+ D[$]('div')[0].innerHTML + '</pre>'
	D[$]('div')[0][$]('pre')[0].style.font = '15px input'
	}
	ce.focus()
	}

	D[$]('button')[0].onclick = function (e) {
	xhr = new XMLHttpRequest();
	xhr.open('POST', '');
	xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
	xhr.send('code=' + ce.value)

	xhr.onreadystatechange = function () {
	if (this.readyState == 4) {
	text = (D[$]('button')[1].checked ? '<pre>' : '')
	+ xhr.response
	+ (D[$]('button')[1].checked ? '</pre>' : '')
	D[$]('div')['result'].innerHTML = text
	}
	}
	}

	D[$]('button')[1].set(0)
	D[$]('div')[0].style.border = '1px solid green'

	</script>
	</body>