HackfutSec WebShell - File Manager and Web Interface
This project provides a file manager and shell interface, with functionality for managing files on a server, including downloading, uploading, renaming, editing files, executing commands, and viewing server information. The interface is designed to be minimalistic, user-friendly, and secure.
Features
1. File and Directory Permissions Display
- What: Displays the permissions of each file and directory in the file manager.
- How: The
getFilePermissions()
function fetches the permissions of files and directories using PHP’sfileperms()
function and displays them in a human-readable format (rwxr-xr-x
).
2. Shell Command Execution
- What: Allows users to execute shell commands from the web interface.
- How: A simple form is provided where users can input shell commands, which are executed using
shell_exec()
.
3. Server Information Display
- What: Displays important server information such as PHP version, server software, system architecture, etc.
- How: Using PHP's built-in functions like
phpversion()
,PHP_OS
,gethostname()
, and$_SERVER
, detailed system information is shown.
4. File Management
- What: Provides options to manage files (upload, delete, rename, edit, and download).
- How:
- Files can be uploaded using the file upload form.
- Files can be deleted with the Delete action button.
- Files can be renamed via the Rename link, which displays a form for entering a new name.
- Files can be edited directly within the interface using a text area.
- Files can be downloaded to the local machine with the Download action.
5. Create Empty Files
- What: Allows the creation of empty files within the current directory.
- How: A form allows users to specify a name for a new file, and the file is created using PHP's
file_put_contents()
.
6. Directory Navigation
- What: Allows users to navigate through directories and view their contents.
- How: Clicking on a folder name will display its contents, and users can move through subdirectories. The current directory is displayed at the top.
7. Secure Directory Validation
- What: Ensures that directory navigation stays within the designated root directory.
- How: A function checks that the requested directory is under the root directory and prevents access to other parts of the filesystem.
8. File Actions (Edit, Delete, Rename, Download)
- What: A table of files and folders with actions for each (edit, delete, rename, download).
- How: These actions are performed using GET and POST requests that trigger PHP functions for each action.