<html>
<head>
<style>
body {
cursor: crosshair;
min-height: 100vh;
}
nav {
position: absolute;
top: 15px;
left: 50%;
transform: translateX(-50%);
display: inline-block;
border: 2px solid #EBECF1;
border-radius: 30px;
animation: slide-in 1s ease-out;
}
ul {
position: relative;
display: flex;
flex: 1 1 auto;
margin: 0;
padding: 0 30px;
list-style-type: none;
li:not(:last-child) {
margin-right: 40px;
}
li {
border: 2px solid transparent;
border-radius: 5px;
padding: 10px;
transition: background 0.2s;
a {
color: #2375D8;
text-decoration: none;
text-transform: uppercase;
transition: color 0.2s;
}
ul {
visibility: hidden;
opacity: 0;
position: absolute;
display: block;
margin: 12px -12px;
padding: 0;
background: #FFA91B;
border: 2px solid #F7C833;
border-right: 2px solid #F89329;
border-bottom: 2px solid #F89329;
border-radius: 5px;
transition: opacity 0.2s, visibility 0.2s;
li {
margin: -2px 0 0 -2px;
width: calc(100% - 20px);
line-height: 1.7;
a {
color: #2375D8;
}
}
}
&:hover {
background: #EC4138;
border: 2px solid #F05749;
border-right: 2px solid #E02A21;
border-bottom: 2px solid #E02A21;
a {
color: #F9F8FD;
}
ul {
visibility: visible;
opacity: 1;
box-shadow: 0px 3px 5px 2px #EBECF1;
li {
a {
color: #F9F8FD;
}
}
}
}
}
}
@keyframes slide-in {
0% {
top: -50px;
}
40% {
top: 20px;
}
70% {
top: 10px;
}
100% {
top: 15px;
}
}
</style>
</head>
<body>
<script>
function sleep(ms) {
return new Promise(resolve => setTimeout(resolve, ms));
}
var str = 'blackcat';
document.title = '';
async function typewriteTitle() {
for (let i = 0; i < str.length; i++) {
document.title += str.charAt(i);
console.log(document.title); //debug only
await sleep(200);
}
}
typewriteTitle();
</script>
<body link="#808080">
<body bgcolor="#ADD8E6">
<center>
<pre>
______ _ _
| _ \ | | | |
| | | |___ ___| | _| |_ ___ _ __
| | | / _ \/ __| |/ / __/ _ \| '_ \
| |/ / __/\__ \ <| || (_) | |_) |
|___/ \___||___/_|\_\\__\___/| .__/
| |
|_|
##########
# PHP-OS #
##########
</pre>
<font color="white">Multitasking system</font><br>
<?
/*
#############################################################################
# Name software: blackcat PHP-OS #
# Version: alpha #
# Author: Emiliano Febbi #
# E-mail: emilianofebbi.1994 -at- gmail -dot- com #
# My site: https://nullsite.altervista.org/ #
# Code and release by Emiliano Febbi #
#############################################################################
# Manual: #
# 1- The File name must be "blackcat.php" obligatory #
# 2- The prompt commands are: #
# "unistall" for unistall automatically blackcat #
# "rename" for to rename files #
# "wget https://www.site.come/file.jpg" for get external files #
#############################################################################
# Description: #
# The software in question is an operating system written in php and a few #
# lines of javascript that relies on a vulgar prefix for the management of #
# its files and folders which makes it closed circuit. #
# What makes it innovative is the fact that it is a multitasking system #
# and that it is a single file and does not require anything else. #
# blackcat is compatible with all file formats or extensions and with all #
# webservers that support php and javascript. #
# Although it is a very basic system, Blackcat has: #
# - a prompt to launch commands #
# - a simple calculator #
# - ability to navigate on the main social networks and Google #
# as a search engine #
# - possibility to search for files with a specific form #
# - advanced file management #
# - integrated security system ( blackcat Defender ) #
# #
#In addition to being simple to use, it is also simple to modify to possibly#
# expand its functions in the future. #
#############################################################################
For any bugs to report, my e-mail is present above!
*/
/*#System calculator#*/
if (isset($_GET['calculator'])) {
$buttons = [1,2,3,'+',4,5,6,'-',7,8,9,'*','C',0,'.','/','='];
$pressed = '';
if (isset($_POST['pressed']) && in_array($_POST['pressed'], $buttons)) {
$pressed = $_POST['pressed'];
}
$stored = '';
if (isset($_POST['stored']) && preg_match('~^(?:[\d.]+[*/+-]?)+$~', $_POST['stored'], $out)) {
$stored = $out[0];
}
$display = $stored . $pressed;
if ($pressed == 'C') {
$display = '';
} elseif ($pressed == '=' && preg_match('~^\d*\.?\d+(?:[*/+-]\d*\.?\d+)*$~', $stored)) {
$display .= eval("return $stored;");
}
echo "Calculator<br>";
echo "<form action=\"\" method=\"POST\">";
echo "<table style=\"width:300px;border:solid blue;\">";
echo "<tr>";
echo "<td colspan=\"4\">$display</td>";
echo "</tr>";
foreach (array_chunk($buttons, 4) as $chunk) {
echo "<tr>";
foreach ($chunk as $button) {
echo "<td",(count($chunk) != 4 ? " colspan=\"4\"" : "") , "><button name=\"pressed\" value=\"$button\" style=\"background-color:#6495ED\">$button</button></td>";
}
echo "</tr>";
}
echo "</table>";
echo "<input type=\"hidden\" name=\"stored\" value=\"$display\">";
echo "</form>";
};;;;;
?>
<?
if (isset($_GET['prompt'])) {
?>
prompt<br>
<form action='<?php echo $_SERVER['PHP_SELF']; ?>' method='POST'>
<font color="white">
<textarea name="command" rows="10" cols="50" style="background-color: black;color:#fff;">~blackcat>> command</textarea><br>
</font>
<input type="submit" value="Enter" style="background-color:#6495ED">
</form>
<?
}
/*#System blackcat prompt*/
/*#rename command*/
if($_POST['command'] == "~blackcat>> rename") {
$ren = $_POST['command'];
$rename = '~blackcat>> rename';
if (strpos($ren, $rename) != true) {
?>
<form action='<?php echo $_SERVER['PHP_SELF']; ?>' method='POST'>
<input type="text" name="oldname" style="background-color: black;color:#fff;" value="oldname.format">
<input type="text" name="newname" style="background-color: black;color:#fff;" value="newname.format">
<input type="submit" value="Enter" style="background-color:#6495ED">
</form>
<?
};;;
};;;;
if($_POST['oldname'] and $_POST['newname']) {
$olddname = $_POST['oldname'];
$newwname = $_POST['newname'];
rename($olddname , $newwname);
echo '<script>alert("renamed file!")</script>';
};;
/*#unistall command*/
if($_POST['command'] == "~blackcat>> unistall") {
$unistall_me = $_SERVER['PHP_SELF'];
unlink(basename($unistall_me));
echo '<script>alert("blackcat successfully uninstalled!")</script>';
};;;
/*#wget command*/
if(strpos($_POST['command'] , '~blackcat>> wget') !== false) {
$uno = "~blackcat>> wget ";
$wget = $_POST['command'];
$due = "";
$url = str_replace($uno,$due,$wget);
$fileee = file_get_contents($url);
$nameeee = basename($url);
$exttt = pathinfo($url, PATHINFO_EXTENSION);
$namee2 =pathinfo($url, PATHINFO_FILENAME);
$processing = "wget.txt";
$fp = fopen($processing,"w");
fputs ($fp,"$url");
fclose($fp);
$line = file($processing)[0];
$grabbing = file_get_contents("$line");
$fp = fopen("$namee2.$exttt","w");
fputs ($fp,"$grabbing");
fclose($fp);
unlink("wget.txt");
};
/*#end blackcat prompt*/
?>
<nav>
<ul>
<li><a href="?prompt=blackcat.php">prompt</a></li>
<li><a href="?calculator=blackcat.php">calculator</a></li>
<li>
<a href="#0">social networks</a>
<ul>
<li><a href="javascript:productPop('https://www.youtube.com/','8 mil');">youtube</a></li>
<li><a href="javascript:productPop('https://www.facebook.com/','8 mil');">facebook</a></li>
<li><a href="javascript:productPop('https://www.instagram.com/','8 mil');">instagram</a></li>
<li><a href="javascript:productPop('https://www.tiktok.com/','8 mil');">tiktok</a></li>
</ul>
</li>
<li>
<a href="#0">search engine</a>
<ul>
<li><a href="javascript:productPop('https://www.google.com/','8 mil');">google</a></li>
</ul>
</li>
<li><a href="?about=blackcat.php">About Blackcat</a></li>
</ul>
</nav>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>">
<button type="submit" style='background-color:#6495ED'>
refresh
</button>
</form>
</center><div align="right">~search for files<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<input type="text" name="file_kyw" align="right">
<input type="submit" value="search" style="background-color:#6495ED"/>
</form>
</div>
<center>
<?
/*#File finder*/
if ($_POST['file_kyw']) {
if ($handle = opendir('./')) {
$keyword = $_POST['file_kyw'];
while (false !== ($entry = readdir($handle))) {
if (preg_match('/'.$keyword.'/i', $entry)) {
?>
<div align="right">
Found: <a href="javascript:productPop('<?php echo "$entry"; ?>','8 mil');"><?php echo "$entry <br>"; ?></a>
</div>
<?
}
}
closedir($handle);
}
};;;;
?>
~Files
<?php
/*#begin core system*/
$IP = $_SERVER['REMOTE_ADDR'];
$extensions = array(
"php",
"html",
"css",
"htm",
"asp",
"aspx",
"js",
"jpg",
"jpeg",
"png",
"bmp",
"gif",
"exe",
"bat",
"dll",
"iso",
"pl",
"au3",
"rb",
"rbw",
"sh",
"apk",
);
foreach ($extensions as $ext) {
foreach (glob("./*.$ext") as $filename) {
$prefix = 'SYS_';
if (strpos($filename, $prefix) != false) {
?>
<script>
var newwindow;
function productPop(url)
{
newwindow=window.open(url,name,'width=560,height=340,toolbar=0,menubar=0,location=0');
if (window.focus) {newwindow.focus()}
}
</script>
<div style="background:#ADD8E6;
border:1px solid blue;">
<table>
<div style="width:100%;max-width:300px;border-radius:10px;border:1px red solid;overflow:hidden">
<div style="background-color:#eeeeee;padding:5px">
<a href="javascript:productPop('<?php echo "$filename"; ?>','8 mil');"><?php echo "$filename"; ?></a><br>
<?
echo "<i><font color='red'>⋄</font> $filename {<b>size</b> " . filesize($filename) . "\n";
echo "}</i><br>";
}
}
};
?>
</div>
</div>
</table>
</div>
<br>
~Folders<br>
<div style="background:#ADD8E6;
border:1px solid blue;">
<table>
<div style="width:100%;max-width:300px;border-radius:10px;border:1px red solid;overflow:hidden">
<div style="background-color:#eeeeee;padding:5px">
<?
/*#all folders*/
$Mydirr = './';
foreach(glob($Mydirr.'*', GLOB_ONLYDIR) as $dirr) {
$prefixx = 'SYS_';
if (strpos($dirr, $prefixx) != false) {
echo "<font color='red'>$dirr</font> , ";
}
}
/*all folders and files*/
$Mydir = './';
foreach(glob($Mydir.'*', GLOB_ONLYDIR) as $directory) {
$prefix = 'SYS_';
if (strpos($directory, $prefix) != false) {
if(is_dir($directory))
{
if($handle=opendir($directory))
{
while (($indice = readdir($handle)) !== false) {
if($indice!='.' && $indice!='..')
{
echo "<font color='red'><br>------------------------------------------------------</font>";
echo "<font color='red'>Folder -></font> $directory <br>";
?>
<a href="javascript:productPop('<?php echo "$directory/$indice"; ?>','8 mil');"><?php echo "<i> $directory/$indice </i>"; ?></a><br>
<?
echo "<font color='red'>------------------------------------------------------</font>";
}
}
}
closedir($handle);
}
};;
};;;
?>
</div>
</div>
</table>
</div>
<br>
<div style="background:#ADD8E6;
border:1px solid blue;">
<body link="#808080">
<?
// ini_set('display_errors', 1);
ini_set('display_errors', 0);
// error_reporting(E_ALL);
error_reporting(0);
$currentDir = __DIR__;
//if new path set
if(isset($_POST['current-dir'])){
$currentDir = $_POST['current-dir'];
}
//seperator for creating url
$seprator = DIRECTORY_SEPARATOR;
//function to create back url
function backurl($url, $seprator){
return substr($url, 0, strrpos($url, $seprator));
}
//function for scaning directory
function scan($path){
echo $path;
global $seprator;
//back btn
echo "<br><hr><br><form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".backurl($path, $seprator)."' name='current-dir'>
<input style='margin-right: 20px; background-color:#6495ED' type='submit' value='<- Back' name='list-dir'>
</form>";
//create file btn
echo "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='text' name='name'>
<input style='margin-right: 20px;margin-left: -5px; background-color:#6495ED' type='submit' value='New file' name='create-file'>
</form>";
//create folder btn
echo "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='text' name='name'>
<input style='margin-right: 20px;margin-left: -5px; background-color:#6495ED' type='submit' value='New folder' name='create-dir'>
</form>";
//upload folder btn
echo "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post' enctype='multipart/form-data'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='file' name='file'>
<input style='margin-right: 20px;margin-left: -5px; background-color:#6495ED' type='submit' value='Install file' name='upload-file'>
</form>";
//scan directory
$dir = scandir($path);
$files = array_diff($dir, array('.', '..'));
foreach ($files as $value) {
$isDir = $path."/".$value;
$astyle = "text-decoration:none;";
//action form for file and folder
//edit file
$actionform = "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='hidden' value='".$path.$seprator.$value."' name='edit-file-path'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='edit' name='editfile'>
</form>";
//delete file
$actionform .= "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='hidden' value='".$path.$seprator.$value."' name='del-file-path'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='delete' name='del-file'>
</form>";
if(is_dir($isDir)){
//style for directory
$astyle = "color:#FF0000;text-decoration:none;";
//open directory
$actionform = "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path.$seprator.$value."' name='current-dir'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='Open' name='list-dir'>
</form>";
//delete directory
$actionform .= "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='hidden' value='".$path.$seprator.$value."' name='del-dir-path'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='Delete' name='del-dir'>
</form>";
}
echo "<li><a href='javascript: void(0);' style='$astyle'>$value $actionform</a></li>";
}
echo "</ul>";
}
?>
<body>
<pre>
_ _ _
| | | | (_)
___ ___| |_| |_ _ _ __ __ _ ___
/ __|/ _ \ __| __| | '_ \ / _` / __|
\__ \ __/ |_| |_| | | | | (_| \__ \
|___/\___|\__|\__|_|_| |_|\__, |___/
__/ |
|___/
</pre>
<li><a href="<?php echo basename($_SERVER['PHP_SELF']); ?>?blackcat=shell&do=listdir""><font color='#808080'>installing / deleting / modifying files</font></a></li>
<li><a href="<?php echo basename($_SERVER['PHP_SELF']); ?>?defender=blackcat.php""><font color='#808080'>blackcat defender scan {Anti-Malware}</font></a></li>
<?
if (isset($_GET['defender'])) {
?>
<br>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>">
<button type="submit" style='background-color:#6495ED'>
<- Desktop
</button>
</form>
<?
/*#blackcat Anti-Malware*/
echo "<div style='width:100%;max-width:300px;border-radius:10px;border:1px red solid;overflow:hidden'>
<div style='background-color:#eeeeee;padding:5px'>";
print "Blackcat Defender found these suspicious files:{list}<br>";
echo "</div></div>";
$search_mlw = array(
"c99shexit();",
"_POST['phpev'].",
"%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64",
"Vegp7mSyWmSMZmW0WMKnmMc",
"ob_start();",
"_POST['liste1']);",
"OOO000000{4}.",
"wKTs='));return;",
"0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTz",
"GLOBALS['OOO0000O0']('JElJSUl",
"0nc2hlbGxfZX",
"xorro@jabber.ru",
"passthru",
"/etc/passwd",
"level=0",
"filemanager&act3=del&dir",
"j=ord('C')",
"work_dir = exec('pwd')",
"eval(gzinflate(base64_decode('HJ3Hk",
"dos=",
"+Avu/JcredL7v7x6ks7HU3pb0TrXKQyEkJ4Y/TI20kouKTKc//",
"ara = posix_getpwuid(",
"\x00/../../../../../../../../../../../../",
"erro_retorno)) echo",
"escaped = array_map",
"%H:%M %b %e %Y",
"5WmSOZ+JDXEBtQvyn]@cCvWx~aF\}",
"wser, 43)",
"_POST[liz0])",
"row[Column_name] ==",
"sSHcY: echo",
"time()+(1*24*3600))",
"function GD6A_()",
"goto NjtG4; gc9kA: if ",
"PmfAp) { goto n_96v",
"eP56D: s53xt: goto vGygH",
"aeyv_) .",
"XqZy6 = substr",
"ik04L)); goto RdzWe; Z237s: if (!isset(",
"OO00O0000=0x26548",
"sleep(1); goto CL39n; GsH3h: system",
"g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770",
"filename2,'rb');",
"('JElJSUlJSUlJbEkx",
"4w8khSI7DWIciS82gW0fU6PUTsmWCsP/ys",
"TksP/y4mcIpegmb2ApElsQV2kQV2kQV2KAXeK0oVCKV2kQV2kQV2kQrEAy4VKn9B",
"OO00O0000=0xba70;eval",
"q_qzC = explode(",
"compress.zlib://",
"eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd",
"& 00400) ? 'r' : '-';",
"file_w=@fopen(urldecode(",
"function eh(",
"nlines=htmlspecialchars",
"error_reporting(E_ALL ^ E_NOTICE);",
".substr(sprintf('%o', fileperms(",
"passwd=fopen('/etc/passwd','r');",
"sql();break;",
"gkTzAwME8wTzAwLDB4NTRiKTskT08wME8wME8wPSRPT08wMDAwT",
"d='G7mHWQ9vvXiL/QX2oZ2VTDpo6g3FYAa6X+",
"['OOO0000O0']('JElJSUlJSUlJSWxsMT0na",
"_POST['eval']))",
"jLsH_FwcTTMcPkfBt",
"cikti=trim",
"goto N1clF; mk1vZ: eval(base64_decode",
"if( ini_get('safe_mode') ) {",
"} elseif(@function_exists('ocilogon')) {",
"PYjDn",
"rBRJT: pclose",
"fUNXB < count(",
"fhM8v); goto DdFnP; KPJmF: if",
"kNJz4++; goto ZNPex; bSmVB: if (!",
"bPSwh = ",
"ts9lh; goto zK_2G; mk0QS: echo",
"!CbBb , !CbBdqfcjj9 { { 9&((:'));",
"+1])-ord('A'))*16+(ord(",
"Ei0c87P6EfkSNAxrpG09vy",
"+JDXEBtLbx09vy",
"upGfmCD4wmgxs8UywCD4Qvy49B",
"kX8cJsli5SPSCWmalrLa+",
"7x6qseZqH+7",
"vSvUSW0fTXIHkSM3MXqQKHoQ",
"CWmaC2+7lsP7lWeQTX8sTX87",
")));@eval",
"w2Kcw9CT0Xqc5WeJ5o+gd9",
"'676574637764'"
);
foreach($search_mlw as $search_mlww) {
$dir223 = './';
$files223 = scandir($dir223,1);
foreach ($files223 as $lines223){
if(strlen($lines223) > 3 && strpos($lines223, '.php') !== false){
$readfile223 = fopen('./'.$lines223, 'r');
while(!feof($readfile223)) {
$contents223 = fgets($readfile223);
if(strpos($contents223, $search_mlww) !== false)
echo str_replace("blackcat.php","","<center><font color='red'> $lines223 </font></center>");
}
fclose($readfile223);
}
}
};;;
}
?>
<?
//to do some action
if(isset($_GET['do'])){
$do = $_GET['do'];
switch ($do) {
//list file and folder
case 'listdir':
//create file in current directory
if(isset($_POST['create-file'])){
$dirpath = $_POST['current-dir'];
$name = $_POST['name'];
$cfile = $dirpath.$seprator."SYS_$name";
$myfile = fopen($cfile, "w") or die("Unable to open file!");
fclose($myfile);
}
//create folder in current directory
if(isset($_POST['create-dir'])){
$dirpath = $_POST['current-dir'];
$name = $_POST['name'];
rename("$name", "SYS_$name");
$cfolder = $dirpath.$seprator."SYS_$name";
mkdir($cfolder, 0777, true);
}
//upload file in current directory
if(isset($_POST['upload-file'])){
$dirpath = $_POST['current-dir'];
$file_tmp =$_FILES['file']['tmp_name'];
$file_name = $_FILES['file']['name'];
move_uploaded_file($file_tmp, $file_name);
/*#blackcat Anti-Malware*/
$badsx = array(
"c99shexit();",
"_POST['phpev'].",
"%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64",
"Vegp7mSyWmSMZmW0WMKnmMc",
"ob_start();",
"_POST['liste1']);",
"OOO000000{4}.",
"wKTs='));return;",
"0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTz",
"GLOBALS['OOO0000O0']('JElJSUl",
"0nc2hlbGxfZX",
"xorro@jabber.ru",
"passthru",
"/etc/passwd",
"level=0",
"filemanager&act3=del&dir",
"j=ord('C')",
"work_dir = exec('pwd')",
"eval(gzinflate(base64_decode('HJ3Hk",
"dos=",
"+Avu/JcredL7v7x6ks7HU3pb0TrXKQyEkJ4Y/TI20kouKTKc//",
"ara = posix_getpwuid(",
"\x00/../../../../../../../../../../../../",
"erro_retorno)) echo",
"escaped = array_map",
"%H:%M %b %e %Y",
"5WmSOZ+JDXEBtQvyn]@cCvWx~aF\}",
"wser, 43)",
"_POST[liz0])",
"row[Column_name] ==",
"sSHcY: echo",
"time()+(1*24*3600))",
"function GD6A_()",
"goto NjtG4; gc9kA: if ",
"PmfAp) { goto n_96v",
"eP56D: s53xt: goto vGygH",
"aeyv_) .",
"XqZy6 = substr",
"ik04L)); goto RdzWe; Z237s: if (!isset(",
"OO00O0000=0x26548",
"sleep(1); goto CL39n; GsH3h: system",
"filename2,'rb');",
"('JElJSUlJSUlJbEkx",
"4w8khSI7DWIciS82gW0fU6PUTsmWCsP/ys",
"TksP/y4mcIpegmb2ApElsQV2kQV2kQV2KAXeK0oVCKV2kQV2kQV2kQrEAy4VKn9B",
"OO00O0000=0xba70;eval",
"q_qzC = explode(",
"compress.zlib://",
"eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd",
"& 00400) ? 'r' : '-';",
"file_w=@fopen(urldecode(",
"function eh(",
"nlines=htmlspecialchars",
"error_reporting(E_ALL ^ E_NOTICE);",
".substr(sprintf('%o', fileperms(",
"passwd=fopen('/etc/passwd','r');",
"sql();break;",
"gkTzAwME8wTzAwLDB4NTRiKTskT08wME8wME8wPSRPT08wMDAwT",
"d='G7mHWQ9vvXiL/QX2oZ2VTDpo6g3FYAa6X+",
"['OOO0000O0']('JElJSUlJSUlJSWxsMT0na",
"_POST['eval']))",
"jLsH_FwcTTMcPkfBt",
"cikti=trim",
"goto N1clF; mk1vZ: eval(base64_decode",
"if( ini_get('safe_mode') ) {",
"} elseif(@function_exists('ocilogon')) {",
"PYjDn",
"rBRJT: pclose",
"fUNXB < count(",
"fhM8v); goto DdFnP; KPJmF: if",
"kNJz4++; goto ZNPex; bSmVB: if (!",
"bPSwh = ",
"ts9lh; goto zK_2G; mk0QS: echo",
"!CbBb , !CbBdqfcjj9 { { 9&((:'));",
"+1])-ord('A'))*16+(ord(",
"Ei0c87P6EfkSNAxrpG09vy",
"+JDXEBtLbx09vy",
"upGfmCD4wmgxs8UywCD4Qvy49B",
"kX8cJsli5SPSCWmalrLa+",
"7x6qseZqH+7",
"vSvUSW0fTXIHkSM3MXqQKHoQ",
"CWmaC2+7lsP7lWeQTX8sTX87",
")));@eval",
"w2Kcw9CT0Xqc5WeJ5o+gd9",
"'676574637764'"
);
foreach($badsx as $badssx) {
$filexz = file_get_contents($file_name);
if(strpos($filexz, $badssx))
{
unlink("$file_name");
echo '<script>alert("Blackcat Defender: File Blocked {Virus Found}")</script>';
die();
}
};
rename(__DIR__.$seprator.$file_name,$dirpath.$seprator."SYS_$file_name");
}
//delete dir
if(isset($_POST['del-dir'])){
$deldirpath = $_POST['del-dir-path'];
if(!rmdir($deldirpath)){
echo "<span style='color:red;' >warning: ".$deldirpath." folder is not empty.</span><br><br>";
}
}
//delete file
if(isset($_POST['del-file'])){
$deldirpath = $_POST['del-file-path'];
unlink($deldirpath);
}
//edit file
if(isset($_POST['editfile'])){
$editfilepath = $_POST['edit-file-path'];
echo "<hr>Editing $editfilepath<br><br>";
if(isset($_POST['change-file-code'])){
$code = $_POST['code'];
$myfile = fopen($editfilepath, "w") or die("Unable to open file!");
fwrite($myfile, $code);
fclose($myfile);
echo '<meta http-equiv="refresh" content="0; url=blackcat.php?blackcat=shell&do=listdir">';
echo '<script>alert("saved file!")</script>';
}
?>
<!-- form for editor -->
<form action="<?php basename($_SERVER['PHP_SELF']) ?>"?blackcat=shell&do=listdir" method="post" style="text-align: center;">
<textarea name="code" id="editor" cols="30" rows="10" style="width: 90%; height: 70vh;"><?php echo htmlentities(file_get_contents($editfilepath)); ?></textarea>
<br>
<input type='hidden' value='' name='editfile'>
<input type='hidden' value='<?php echo $editfilepath; ?>' name='edit-file-path'>
<input type='hidden' value='<?php echo $currentDir; ?>' name='current-dir'>
<input type="submit" style='background-color:#6495ED' value="save" name="change-file-code">
</form><br><hr><br>
<?
}
//list dir
scan($currentDir);
echo '<form action="'.$SERVER[PHP_SELF].'">
<button type="submit" style="background-color:#6495ED">
<- Desktop
</button>
</form>';
break;
?>
<?
}
}
?>
<?
if (isset($_GET['about'])) {
echo '<script>alert("blackcat PHP-OS \nVersion: alpha \nAuthor: Emiliano Febbi \nMy site: https://nullsite.altervista.org/\nCode and release by Emiliano Febbi\n############\n# info: #\n############\nClosed-loop operating system\n")</script>';
};
?>
</div>
<p align="right">
<font color="white">
<? echo date("F j, Y, g:i a", time());
echo "<br>welcome $IP";
/*#end core system*/
?>
</font>
</p>
</center>
</body>
</html>