<p>size of '.sizeof($dsizes).' selected dirs: <b>'.show_size(0,false,array_sum($dsizes)).'</b></p> <p>total size: <b>'.show_size(0,false,array_sum($fsizes)+array_sum($dsizes)).'</b></p> '.(sizeof($mods)==1 ? '<p>mod: <b>'.get_rights($v,false).' ('.get_rights($v).')</b></p>' : '').' '.(sizeof($owners)==1 ? '<p>owner: <b>'.get_owner($v).'</b></p>' : '').' '.(sizeof($groups)==1 ? '<p>group: <b>'.get_group($v).'</b></p>' : '') ); } break; case 'terminal': if(!empty($_REQUEST['cmd'])) { $res = exec_command($_REQUEST['cmd']); }else { $res = array('cmd'=>'', 'output'=>'', 'dir'=> getcwd_short()); } light_message('<form action="?act=terminal" method="POST" style="margin: 0px; padding: 0px;"><h3>'.$res['dir'].'</h3> <!-- cmd has id "filter" because filter is default focused on --> <input type=text id="filter" name="cmd" value="'.(!empty($_REQUEST['cmd']) ? htmlspecialchars($_REQUEST['cmd']) : '').'"><br> <input type="submit" value="execute"> <br> <br><div style="font-family: Courier New, Courier, monospace;" class="toutput">'.$res['output'].'</div> '); break; case 'logout': logout(); break; }
if(substr($v, 0, $i) != $tmp) { $good = false; break; } } } $i--; if($i == $l) /* means that TAB was pressed again */ { $_RESULT['output'] = ''; if(sizeof($found) < 30) { foreach($found as $v) $_RESULT['output'] .= $v.' '; }else { $_RESULT['output'] .= 'too many results'; } } $parts[sizeof($parts)-1] = substr($found[0], 0, $i); $_RESULT['cmd'] = implode(' ', $parts); } } $_RESULT['dir'] = getcwd_short(); break; } ?>
function exec_command($command, $col=80) { chdir($_SESSION['DIR']); //echo $_SESSION['DIR']."\n"; $_RESULT['startdir'] = getcwd_short(); $out = array(); $ret = false; $command = ltrim($command); if(substr($command,0,3) == 'cd ' || substr($command,0,6) == 'chdir ') { if(substr($command,0,3) == 'cd ') $folder = trim(substr($command,3)); else $folder = trim(substr($command,6)); if($folder[0] == '"') { if($folder[strlen($folder)-1] == '"') $folder = stripcslashes(substr($folder, 1, strlen($folder)-2)); else $folder = stripcslashes(substr($folder,1)); }else { $folder = str_replace('\\ ', ' ', $folder); } if($folder[0]=='~') $folder = HOMEDIR.'/'.substr($folder,1); if(@chdir($folder)) { $_SESSION['DIR'] = abs_path($folder); //echo $_SESSION['DIR']; $_RESULT['output']=''; }else { $_RESULT['output']='cd: cannot change directory'; } }else if(trim($command) == 'exit' || trim($command) == 'quit') { $_RESULT['exit'] = true; }else if(trim($command) == 'pwd') { $_RESULT['output'] = getcwd(); }else { $tmp = explode(' ', $command); $cmd = $tmp[0]; $ex = false; /* exists ? */ list($dirs, $exts) = get_path_dirs(); foreach($dirs as $dir) { foreach($exts as $ext) { if(file_exists($dir.'/'.$cmd.$ext)) { $ex = true; break(2); } } } /*if(!$ex) { $out[] = 'command not found'; }else {*/ #if(is_callable('proc_open')) #{ $ret = -1; #if(is_callable('putenv')) #{ // for ls putenv('ROWS=24'); putenv('COLUMNS='.$col); #} $separator = uniqid(); // $command .= '; echo '.$separator.' $?'; // $command .= '; echo '.$separator.'; set; echo '.$separator.'; /bin/pwd'; // code is taken from PHP Shell if($p = proc_open($command, array(1 => array('pipe', 'w'), 2 => array('pipe', 'w')), $io)) { $out = array(''); $out[0] .= stream_get_contents($io[1]).stream_get_contents($io[2]); fclose($io[1]); fclose($io[2]); $ret = proc_close($p); } #}else #{ # exec('('.$command.') 2>&1 <"'.(file_exists('/dev/null') ? '/dev/null' : 'nul').'"', $out, $ret); #} if($ret!=0 && !$ex) $out = array(GREET.': '.$cmd.': command not found'); /*}*/ //$fp = popen($command.' 2>&1') $_RESULT['output'] = implode("\n", $out); } $add = GREET.'$ '; $_RESULT['output'] = exec_split($_RESULT['output'], $col); $_RESULT['cmd'] = exec_split($add.$command, $col); $_RESULT['cmd'] = substr($_RESULT['cmd'],strlen($add)+strlen(' ')-1); $_RESULT['dir'] = getcwd_short(); return $_RESULT; }
<? if(!function_exists('dolphin_handler')) die('Dolphin not found'); ?> <html> <head> <title>Web shell - <?php echo getcwd_short(); ?> </title> <link href="f/overall.<?php echo FVER; ?> .css" rel="stylesheet" /> <style> body, input, td { background-color: black; background-image: none; font-family: Courier New, Courier, monospace; font-size: 13px; color: rgb(187,187,187); } body { margin: 5px; overflow-x: hidden; overflow-y: scroll; } input { width: 100%; border: 1px black solid; outline-width: 0px; /* tell WebKit not to draw glow around the text field */ } </style> <script src="f/all.<?php echo FVER; ?> .js"></script> <script> var _tcurr = 0; /* current command, got from history */ var _thistory = []; function send_command(cmd, tab) { var undef; if(typeof(tab) == typeof(undef)) tab = false;