🚀 AleShell2 - Modern PHP Web Shell

AleShell2 is a powerful, secure, and modern web shell built with PHP. It's designed to be deployed as a single monolithic PHP file while maintaining a clean, modular architecture during development.

✨ Features

🔐 Security

• Password Authentication with secure hashing (bcrypt)
• Session Management with timeout protection
• CSRF Protection for all state-changing operations
• Rate Limiting to prevent brute force attacks
• IP Whitelisting/Blacklisting for access control
• Path Traversal Protection to prevent unauthorized file access
• Command Filtering for dangerous system commands
• Self-destruct Mode after N accesses (optional)

🎨 Modern Interface

• Responsive Design works on desktop, tablet, and mobile
• Dark/Light Theme toggle with system preference detection
• Multiple Color Themes (Dark, Light, Matrix, Ocean, etc.)
• Keyboard Shortcuts for power users
• Real-time Updates for system information
• Smooth Animations and transitions
• Single Page Application experience

📁 File Manager

• Complete File Operations (create, read, update, delete, copy, move)
• Drag & Drop Upload with progress indicators
• Syntax Highlighting for code files
• File Permissions management (chmod)
• Archive Support (zip, tar, tar.gz)
• Large File Handling with streaming
• File Search and filtering capabilities
• Breadcrumb Navigation

💻 Terminal

• Interactive Terminal with command history
• Built-in Commands (cd, pwd, clear, help, etc.)
• Command Auto-completion
• Output Streaming for long-running commands
• Multiple Terminal Tabs
• Configurable Timeout for command execution
• Color-coded Output

📝 Code Editor

• Syntax Highlighting for 20+ languages
• Line Numbers and code folding
• Find & Replace functionality
• Auto-indentation and code formatting
• Multiple Editor Themes
• File Type Detection
• Unsaved Changes Warning

⚡ System Monitoring (Dashboard)

• Real-time System Stats (CPU, Memory, Disk, Network)
• Process Manager with kill capabilities
• System Load Average monitoring
• PHP Information display
• Server Time display

🔧 Process Manager

• List All Processes with details
• Search/Filter Processes
• Kill Processes (single or batch)
• CPU & Memory Usage per process
• Auto-refresh capability

🌐 Network Tools

• Active Connections list (netstat)
• Ping utility
• Traceroute utility
• Port Scanner (basic)
• DNS Lookup
• Interface Information

🗄️ Database Tools

• Multi-Database Support (MySQL, PostgreSQL, SQLite)
• SQL Query Execution with result formatting
• Database Browser with table structure
• Export/Import capabilities (SQL dump)
• Connection Management
• Query History

🚀 Installation

Requirements

• PHP 8.0 or higher
• Web server (Apache, Nginx, LiteSpeed, etc.)
• PHP extensions: json, mbstring, openssl (optional: pdo, mysqli, pgsql)

Quick Install (Packed Version)

1. Generate a packed version using pack.php
2. Upload the single aleshell.php file to your server
3. Access via web browser
4. Default password: aleshell

From Source (Development)

git clone https://github.com/yourusername/aleshell2.git
cd aleshell2

# Copy configuration
cp src/Config/config.example.php src/Config/config.php

# Edit configuration
nano src/Config/config.php

# Access index.php via your web server

📦 Generating Packed Version

AleShell2 can be packed into a single PHP file for easy deployment:

Web Interface

# Access pack.php in your browser
http://your-server/aleshell2/pack.php

Command Line

# Basic packed version
php pack.php --output=shell.php --password=your_password

# Full options
php pack.php \
  --output=shell.php \
  --password=secure_pass \
  --encrypt \
  --minify \
  --obfuscate \
  --theme=dark \
  --modules=files,terminal,editor,processes,network,database

Packer Options

Option	Description	Default
--output	Output filename	aleshell.php
--password	Access password	aleshell
--theme	Default theme	dark
--modules	Modules to include	all
--encrypt	Encrypt with base64+compression	false
--minify	Minify code	false
--obfuscate	Obfuscate variable names	false
--compression	Compression type	gzdeflate
--allowed-ips	IP whitelist	empty
--self-destruct	Delete after N accesses	disabled

⚙️ Configuration

Edit src/Config/config.php:

<?php
return [
    // Application settings
    'app' => [
        'name' => 'AleShell2',
        'version' => '2.0.0',
        'debug' => false,
        'timezone' => 'UTC',
    ],
    
    // Security settings
    'security' => [
        'password' => password_hash('your_password', PASSWORD_BCRYPT),
        'session_timeout' => 3600,
        'max_attempts' => 5,
        'lockout_time' => 300,
        'csrf_protection' => true,
        'allowed_ips' => [],
        'blocked_ips' => [],
    ],
    
    // Feature toggles
    'features' => [
        'file_manager' => true,
        'terminal' => true,
        'code_editor' => true,
        'process_manager' => true,
        'network_tools' => true,
        'database_tools' => true,
        'system_info' => true,
    ],
    
    // UI settings
    'ui' => [
        'theme' => 'dark',
        'language' => 'en',
        'items_per_page' => 50,
    ],
    
    // Limits
    'limits' => [
        'max_file_size' => 50 * 1024 * 1024,
        'max_upload_size' => 100 * 1024 * 1024,
        'command_timeout' => 30,
        'max_history' => 100,
    ],
];

🔒 Security Considerations

⚠️ WARNING: This tool provides full system access. Use responsibly!

1. Always change the default password immediately
2. Use HTTPS in production environments
3. Restrict access using IP whitelisting when possible
4. Use self-destruct for temporary access
5. Delete the file when not needed
6. Monitor access logs for suspicious activity
7. Keep PHP updated to the latest stable version

🎯 Keyboard Shortcuts

Shortcut	Action
Ctrl+1	Dashboard
Ctrl+2	File Manager
Ctrl+3	Terminal
Ctrl+4	Code Editor
Ctrl+5	Processes
Ctrl+6	Network
Ctrl+7	Database
Ctrl+L	Clear terminal
Ctrl+S	Save file (in editor)
Escape	Close modal

🌐 Browser Support

• Chrome 80+
• Firefox 75+
• Safari 13+
• Edge 80+
• Opera 67+

📱 Mobile Support

The interface is fully responsive with:

• Touch-friendly controls
• Swipe navigation
• Responsive layouts
• Mobile-optimized terminal

📁 Project Structure

aleshell2/
├── index.php               # Entry point
├── pack.php                # Packer utility
├── README.md               # Documentation
├── CHANGELOG.md            # Version history
├── LICENSE                 # MIT License
├── src/
│   ├── Config/
│   │   ├── config.example.php
│   │   └── config.php
│   ├── Core/
│   │   ├── Application.php
│   │   ├── Router.php
│   │   ├── Request.php
│   │   ├── Response.php
│   │   └── View.php
│   ├── Security/
│   │   ├── Auth.php
│   │   ├── Session.php
│   │   └── Csrf.php
│   ├── Modules/
│   │   ├── Dashboard/
│   │   ├── Files/
│   │   ├── Terminal/
│   │   ├── Editor/
│   │   ├── Processes/
│   │   ├── Network/
│   │   └── Database/
│   └── Views/
│       ├── layouts/
│       ├── components/
│       └── modules/
└── packed/                 # Generated packed files

🔧 Development

Adding a New Module

1. Create directory: src/Modules/MyModule/
2. Create controller: MyModuleController.php
3. Create view: src/Views/modules/mymodule.php
4. Register route in src/Core/Router.php
5. Add to navigation in src/Views/layouts/main.php

Code Style

• PSR-12 coding standard
• Type hints for parameters and return values
• PHPDoc comments for all public methods
• Meaningful variable and function names

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• Based on concepts from the original b374k shell
• Inspired by modern web development practices
• Built with ❤️ for system administrators

⚠️ Disclaimer

This tool is intended for legitimate system administration purposes only.

Users are responsible for ensuring compliance with applicable laws and regulations. The authors are not responsible for any misuse of this software. Unauthorized access to computer systems is illegal.

---

AleShell2 v2.0.0 - Modern PHP Web Shell