Jan 26 2008

perl cgi virtual shell console

Category: 技术ssmax @ 17:30:05

这两天在新空间申请ssh shell access,还没有开通,又把cgi 翻了出来应急,参考网上一个php shell的脚本改了一下,主要抄了ajax的部分,嘿嘿,用php的system函数会涉及到占用内存和php执行时间的问题,有很多shell命令都无法正常执行,所以还是用perl cgi来得实际。。。

perl cgi virtual shell console:

 

 

 

#!/usr/bin/perl
use CGI;
my $command = CGI::param('cmd') || '';
my $pwd = CGI::param('pwd') || `pwd`;

print ("Content-Type: text/plain;\n");
print ("Cache-Control: no-cache\n\n");
#print "change dir: ".`cd $pwd 2>&1`."\n";
#print "now dir: ".`pwd`."\n";
#print "command: ".$command."\n\n";
if($command ne '') {
print `cd $pwd; $command 2>&1`;
}
else {
$~ = "MYFORMAT";
write;
format MYFORMAT =
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>PHP AJAX Shell</title>
<script type="text/javascript" language="javascript">
var CommHis=new Array();
var HisP;
function doReq(_1,_2,_3){var HR=false;
if(window.XMLHttpRequest){HR=new XMLHttpRequest();
if(HR.overrideMimeType){HR.overrideMimeType("text/xml");}}
else{if(window.ActiveXObject){
try{HR=new ActiveXObject("Msxml2.XMLHTTP");}
catch(e){try{HR=new ActiveXObject("Microsoft.XMLHTTP");}
catch(e){}}}}
if(!HR){return false;}
HR.onreadystatechange=function(){if(HR.readyState==4){
if(HR.status==200){if(_3){eval(_2+"(HR.responseXML)");}
else{eval(_2+"(HR.responseText)");}}}};
HR.open("GET",_1,true);HR.send(null);}
function pR(rS){var _6=document.getElementById("outt");
_6.value+=document.getElementById("cmd").value;
_6.value+="\n";
_6.value+=rS;
_6.value+="\n:->";
_6.scrollTop=_6.scrollHeight;
/*
var _7=rS.split("\n\n");
var _8=document.getElementById("cmd").value;
_6.appendChild(document.createTextNode(_8));
_6.appendChild(document.createElement("br"));
for(var _9 in _7){var _a=document.createElement("pre");
_a.style.display="inline";
line=document.createTextNode(_7[_9]);
_a.appendChild(line);_6.appendChild(_a);
_6.appendChild(document.createElement("br"));}
_6.appendChild(document.createTextNode(":-> "));
_6.scrollTop=_6.scrollHeight;
*/
document.getElementById("cmd").value="";}
function keyE(_b){switch(_b.keyCode){
case 13:
var _c=document.getElementById("cmd").value;
if(_c){CommHis[CommHis.length]=_c;
HisP=CommHis.length;
var _d=document.location.href+"?cmd="+escape(_c)+"&pwd="+escape(document.getElementById("pwd").value);
doReq(_d,"pR");}
break;
case 38:
if(HisP>0){HisP--;
document.getElementById("cmd").value=CommHis[HisP];}
break;
case 40:
if(HisP<CommHis.length-1){HisP++;
document.getElementById("cmd").value=CommHis[HisP];}
break;
default:
break;}}
</script></head>
<body style="font-family:courier">
<form onsubmit="return false">
<textarea id="outt" cols="100" rows="30" style="background-color: #000; color: #3F0;" readonly="readonly">:-&gt;</textarea><br/>
Command: <input tabindex="1" onkeyup="keyE(event)" style="color:#FFF;background:#333;width:100%;" id="cmd" type="text" /><br/>
.
print('WorkDir: <input tabindex="1" style="color:#FFF;background:#333;width:100%;" id="pwd" type="text" value="'.$pwd.'"/>'."\n");
print("</form></body></html>\n");
}

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.