TERMINAL EXPLOIT V2.1
<?php
// ============================================
// DOWNLOAD MANAGER FOR 'run' FOLDER
// WITH CACHE-BUSTING & FORCED REFRESH
// ============================================
// Disable all caching for this script
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
// Set JSON header for API responses
header('Content-Type: application/json');
// Configuration
$runFolder = __DIR__ . '/run/';
$allowedExtensions = ['apk', 'zip', 'exe', 'dmg', 'pdf', 'mp4'];
// Create run folder if it doesn't exist
if (!file_exists($runFolder)) {
mkdir($runFolder, 0755, true);
}
/**
* Get ALL files from run folder sorted by date (newest first)
*/
function getAllFiles($folder, $extensions = null) {
$files = scandir($folder);
$validFiles = [];
foreach ($files as $file) {
if ($file === '.' || $file === '..') continue;
$filePath = $folder . $file;
if (is_file($filePath)) {
if ($extensions) {
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
if (in_array($ext, $extensions)) {
$validFiles[] = [
'name' => $file,
'path' => $filePath,
'mtime' => filemtime($filePath),
'size' => filesize($filePath),
'ext' => $ext
];
}
} else {
$validFiles[] = [
'name' => $file,
'path' => $filePath,
'mtime' => filemtime($filePath),
'size' => filesize($filePath),
'ext' => strtolower(pathinfo($file, PATHINFO_EXTENSION))
];
}
}
}
// Sort by modification time (newest first)
usort($validFiles, function($a, $b) {
return $b['mtime'] - $a['mtime'];
});
return $validFiles;
}
/**
* Get the latest file only
*/
function getLatestFile($folder, $extensions = null) {
$allFiles = getAllFiles($folder, $extensions);
return !empty($allFiles) ? $allFiles[0] : null;
}
/**
* Format file size for display
*/
function formatFileSize($bytes) {
if ($bytes >= 1073741824) {
return number_format($bytes / 1073741824, 2) . ' GB';
} elseif ($bytes >= 1048576) {
return number_format($bytes / 1048576, 2) . ' MB';
} elseif ($bytes >= 1024) {
return number_format($bytes / 1024, 2) . ' KB';
} else {
return $bytes . ' bytes';
}
}
/**
* Get file version from filename or return default
*/
function getFileVersion($filename) {
if (preg_match('/[vV]?(\d+\.\d+\.\d+)/', $filename, $matches)) {
return $matches[1];
}
if (preg_match('/(\d{4})[-_]?(\d{2})[-_]?(\d{2})/', $filename, $matches)) {
return "{$matches[1]}.{$matches[2]}.{$matches[3]}";
}
return 'Latest';
}
// Get action from request
$action = isset($_GET['action']) ? $_GET['action'] : 'info';
$forceRefresh = isset($_GET['refresh']) ? true : false;
if ($action === 'info') {
// Get all files (for debugging) and latest file
$allFiles = getAllFiles($runFolder, $allowedExtensions);
$latestFile = !empty($allFiles) ? $allFiles[0] : null;
if ($latestFile) {
$protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http';
$host = $_SERVER['HTTP_HOST'];
$baseUrl = $protocol . '://' . $host . dirname($_SERVER['SCRIPT_NAME']);
// Add cache-busting timestamp to download URL
$downloadUrl = $baseUrl . '/run/' . rawurlencode($latestFile['name']) . '?t=' . $latestFile['mtime'];
$response = [
'success' => true,
'filename' => $latestFile['name'],
'file_size' => formatFileSize($latestFile['size']),
'file_size_bytes' => $latestFile['size'],
'version' => getFileVersion($latestFile['name']),
'modified' => date('Y-m-d H:i:s', $latestFile['mtime']),
'timestamp' => $latestFile['mtime'],
'download_url' => $downloadUrl,
'extension' => $latestFile['ext'],
'all_files' => array_map(function($f) { return $f['name']; }, $allFiles) // List all files for debugging
];
echo json_encode($response);
} else {
echo json_encode([
'success' => false,
'message' => 'No files found in /run/ directory',
'folder_path' => $runFolder,
'folder_exists' => file_exists($runFolder),
'is_writable' => is_writable($runFolder)
]);
}
} elseif ($action === 'download') {
// Get the specific file or latest
$specificFile = isset($_GET['file']) ? $_GET['file'] : null;
if ($specificFile) {
$filePath = $runFolder . $specificFile;
if (file_exists($filePath) && is_file($filePath)) {
$fileName = $specificFile;
$fileSize = filesize($filePath);
} else {
header('HTTP/1.0 404 Not Found');
echo "File not found: " . htmlspecialchars($specificFile);
exit;
}
} else {
$file = getLatestFile($runFolder, $allowedExtensions);
if (!$file) {
header('HTTP/1.0 404 Not Found');
echo "No downloadable files found in /run/ directory";
exit;
}
$filePath = $file['path'];
$fileName = $file['name'];
$fileSize = $file['size'];
}
// Force download with no caching
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header('Cache-Control: post-check=0, pre-check=0', false);
header('Pragma: no-cache');
header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
header('Content-Description: File Transfer');
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $fileName . '"');
header('Content-Transfer-Encoding: binary');
header('Content-Length: ' . $fileSize);
// Clear output buffer
if (ob_get_level()) {
ob_end_clean();
}
// Output file
readfile($filePath);
exit;
} else {
echo json_encode([
'success' => false,
'message' => 'Invalid action. Use ?action=info or ?action=download'
]);
}
?>[ CLOSE ]