diff options
author | Stephen Beaver <sbeaver@netgate.com> | 2016-02-19 11:31:06 -0500 |
---|---|---|
committer | Stephen Beaver <sbeaver@netgate.com> | 2016-02-19 11:32:00 -0500 |
commit | 36a844df8cab07c1b1f9527958de385e94c42783 (patch) | |
tree | a95b675a9df878eb97b9f34b653c0a41d05a6d15 /src/usr/local/www/diag_command.php | |
parent | e138f828b79c28cd6191098668c9dcad6d2c56b7 (diff) | |
download | pfsense-36a844df8cab07c1b1f9527958de385e94c42783.zip pfsense-36a844df8cab07c1b1f9527958de385e94c42783.tar.gz |
Renamed exec.php and edit.php
Diffstat (limited to 'src/usr/local/www/diag_command.php')
-rw-r--r-- | src/usr/local/www/diag_command.php | 340 |
1 files changed, 340 insertions, 0 deletions
diff --git a/src/usr/local/www/diag_command.php b/src/usr/local/www/diag_command.php new file mode 100644 index 0000000..df5e3a7 --- /dev/null +++ b/src/usr/local/www/diag_command.php @@ -0,0 +1,340 @@ +<?php +/* + diag_command.php +*/ +/* ==================================================================== + * Copyright (c) 2004-2015 Electric Sheep Fencing, LLC. All rights reserved. + * + * Exec+ v1.02-000 - Copyright 2001-2003, All rights reserved + * Created by technologEase (http://www.technologEase.com) + * (modified for m0n0wall by Manuel Kasper <mk@neon1.net>)\ + * + * Some or all of this file is based on the m0n0wall project which is + * Copyright (c) 2004 Manuel Kasper (BSD 2 clause) + * + * Redistribution and use in source and binary forms, with or without modification, + * are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgment: + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution. (http://www.pfsense.org/). + * + * 4. The names "pfSense" and "pfSense Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * coreteam@pfsense.org. + * + * 5. Products derived from this software may not be called "pfSense" + * nor may "pfSense" appear in their names without prior written + * permission of the Electric Sheep Fencing, LLC. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * + * "This product includes software developed by the pfSense Project + * for use in the pfSense software distribution (http://www.pfsense.org/). + * + * THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + * ==================================================================== + * + */ + +##|+PRIV +##|*IDENT=page-diagnostics-command +##|*NAME=Diagnostics: Command +##|*DESCR=Allow access to the 'Diagnostics: Command' page. +##|*MATCH=diag_command.php* +##|-PRIV + +$allowautocomplete = true; + +require("guiconfig.inc"); + +if (($_POST['submit'] == "DOWNLOAD") && file_exists($_POST['dlPath'])) { + session_cache_limiter('public'); + $fd = fopen($_POST['dlPath'], "rb"); + header("Content-Type: application/octet-stream"); + header("Content-Length: " . filesize($_POST['dlPath'])); + header("Content-Disposition: attachment; filename=\"" . + trim(htmlentities(basename($_POST['dlPath']))) . "\""); + if (isset($_SERVER['HTTPS'])) { + header('Pragma: '); + header('Cache-Control: '); + } else { + header("Pragma: private"); + header("Cache-Control: private, must-revalidate"); + } + + fpassthru($fd); + exit; +} else if (($_POST['submit'] == "UPLOAD") && is_uploaded_file($_FILES['ulfile']['tmp_name'])) { + move_uploaded_file($_FILES['ulfile']['tmp_name'], "/tmp/" . $_FILES['ulfile']['name']); + $ulmsg = sprintf(gettext('Uploaded file to /tmp/%s.'), htmlentities($_FILES['ulfile']['name'])); + unset($_POST['txtCommand']); +} + +if ($_POST) { + conf_mount_rw(); +} + +// Function: is Blank +// Returns true or false depending on blankness of argument. + +function isBlank($arg) { + return preg_match("/^\s*$/", $arg); +} + +// Function: Puts +// Put string, Ruby-style. + +function puts($arg) { + echo "$arg\n"; +} + +// "Constants". + +$Version = ''; +$ScriptName = $REQUEST['SCRIPT_NAME']; + +// Get year. + +$arrDT = localtime(); +$intYear = $arrDT[5] + 1900; + +$pgtitle = array(gettext("Diagnostics"), gettext("Command Prompt")); +include("head.inc"); +?> +<script type="text/javascript"> +//<![CDATA[ + // Create recall buffer array (of encoded strings). +<?php + +if (isBlank($_POST['txtRecallBuffer'])) { + puts(" var arrRecallBuffer = new Array;"); +} else { + puts(" var arrRecallBuffer = new Array("); + $arrBuffer = explode("&", $_POST['txtRecallBuffer']); + for ($i = 0; $i < (count($arrBuffer) - 1); $i++) { + puts(" '" . htmlspecialchars($arrBuffer[$i], ENT_QUOTES | ENT_HTML401) . "',"); + } + puts(" '" . htmlspecialchars($arrBuffer[count($arrBuffer) - 1], ENT_QUOTES | ENT_HTML401) . "'"); + puts(" );"); +} +?> + + // Set pointer to end of recall buffer. + var intRecallPtr = arrRecallBuffer.length-1; + + // Functions to extend String class. + function str_encode() { return escape( this ) } + function str_decode() { return unescape( this ) } + + // Extend string class to include encode() and decode() functions. + String.prototype.encode = str_encode + String.prototype.decode = str_decode + + // Function: is Blank + // Returns boolean true or false if argument is blank. + function isBlank( strArg ) { return strArg.match( /^\s*$/ ) } + + // Function: frmExecPlus onSubmit (event handler) + // Builds the recall buffer from the command string on submit. + function frmExecPlus_onSubmit( form ) { + + if (!isBlank(form.txtCommand.value)) { + // If this command is repeat of last command, then do not store command. + if (form.txtCommand.value.encode() == arrRecallBuffer[arrRecallBuffer.length-1]) { return true } + + // Stuff encoded command string into the recall buffer. + if (isBlank(form.txtRecallBuffer.value)) { + form.txtRecallBuffer.value = form.txtCommand.value.encode(); + } else { + form.txtRecallBuffer.value += '&' + form.txtCommand.value.encode(); + } + } + + return true; + } + + // Function: btnRecall onClick (event handler) + // Recalls command buffer going either up or down. + function btnRecall_onClick( form, n ) { + + // If nothing in recall buffer, then error. + if (!arrRecallBuffer.length) { + alert('<?=gettext("Nothing to recall"); ?>!'); + form.txtCommand.focus(); + return; + } + + // Increment recall buffer pointer in positive or negative direction + // according to <n>. + intRecallPtr += n; + + // Make sure the buffer stays circular. + if (intRecallPtr < 0) { intRecallPtr = arrRecallBuffer.length - 1 } + if (intRecallPtr > (arrRecallBuffer.length - 1)) { intRecallPtr = 0 } + + // Recall the command. + form.txtCommand.value = arrRecallBuffer[intRecallPtr].decode(); + } + + // Function: Reset onClick (event handler) + // Resets form on reset button click event. + function Reset_onClick( form ) { + + // Reset recall buffer pointer. + intRecallPtr = arrRecallBuffer.length; + + // Clear form (could have spaces in it) and return focus ready for cmd. + form.txtCommand.value = ''; + form.txtCommand.focus(); + + return true; + } +//]]> +</script> +<?php + +if (isBlank($_POST['txtCommand']) && isBlank($_POST['txtPHPCommand']) && isBlank($ulmsg)) { + print_callout(gettext("The capabilities offered here can be dangerous. No support is available. Use them at your own risk!"), 'danger', gettext('Advanced Users Only')); +} + +if (!isBlank($_POST['txtCommand'])):?> + <div class="panel panel-success responsive"> + <div class="panel-heading"><h2 class="panel-title"><?=sprintf(gettext('Shell Output - %s'), htmlspecialchars($_POST['txtCommand']))?></h2></div> + <div class="panel-body"> + <div class="content"> +<?php + putenv("PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"); + putenv("SCRIPT_FILENAME=" . strtok($_POST['txtCommand'], " ")); + $output = array(); + exec($_POST['txtCommand'] . ' 2>&1', $output); + + $output = implode("\n", $output); + print("<pre>" . htmlspecialchars($output) . "</pre>"); +?> + </div> + </div> + </div> +<?php endif; ?> + +<form action="diag_command.php" method="post" enctype="multipart/form-data" name="frmExecPlus" onsubmit="return frmExecPlus_onSubmit( this );"> + <div class="panel panel-default"> + <div class="panel-heading"><h2 class="panel-title"><?=gettext('Execute Shell Command')?></h2></div> + <div class="panel-body"> + <div class="content"> + <input id="txtCommand" name="txtCommand" placeholder="Command" type="text" class="col-sm-4" value="<?=htmlspecialchars($_POST['txtCommand'])?>" /> + <br /><br /> + <input type="hidden" name="txtRecallBuffer" value="<?=htmlspecialchars($_POST['txtRecallBuffer']) ?>" /> + <input type="button" class="btn btn-default btn-sm" name="btnRecallPrev" value="<" onclick="btnRecall_onClick( this.form, -1 );" /> + <button type="submit" class="btn btn-default btn-sm" value="EXEC"><?=gettext("Execute"); ?></button> + <input type="button" class="btn btn-default btn-sm" name="btnRecallNext" value=">" onclick="btnRecall_onClick( this.form, 1 );" /> + <input type="button" class="btn btn-default btn-sm" value="<?=gettext("Clear"); ?>" onclick="return Reset_onClick( this.form );" /> + </div> + </div> + </div> + + <div class="panel panel-default"> + <div class="panel-heading"><h2 class="panel-title"><?=gettext('Download File')?></h2></div> + <div class="panel-body"> + <div class="content"> + <input name="dlPath" type="text" id="dlPath" placeholder="File to download" class="col-sm-4" value="<?=htmlspecialchars($_GET['dlPath']);?>"/> + <br /><br /> + <button name="submit" type="submit" class="btn btn-default btn-sm" id="download" value="DOWNLOAD"><?=gettext("Download")?></button> + </div> + </div> + </div> + +<?php + if ($ulmsg) { + print_info_box($ulmsg, 'success', false); + } +?> + <div class="panel panel-default"> + <div class="panel-heading"><h2 class="panel-title"><?=gettext('Upload File')?></h2></div> + <div class="panel-body"> + <div class="content"> + <input name="ulfile" type="file" class="btn btn-default btn-sm btn-file" id="ulfile" /> + <br /> + <button name="submit" type="submit" class="btn btn-default btn-sm" id="upload" value="UPLOAD"><?=gettext("Upload")?></button> + </div> + </div> + </div> +<?php + // Experimental version. Writes the user's php code to a file and executes it via a new instance of PHP + // This is intended to prevent bad code from breaking the GUI + if (!isBlank($_POST['txtPHPCommand'])) { + puts("<div class=\"panel panel-success responsive\"><div class=\"panel-heading\"><h2 class=\"panel-title\">PHP Response</h2></div>"); + + $tmpname = tempnam("/tmp", ""); + $phpfile = fopen($tmpname, "w"); + fwrite($phpfile, "<?php\n"); + fwrite($phpfile, "require_once(\"/etc/inc/config.inc\");\n"); + fwrite($phpfile, "require_once(\"/etc/inc/functions.inc\");\n\n"); + fwrite($phpfile, $_POST['txtPHPCommand'] . "\n"); + fwrite($phpfile, "?>\n"); + fclose($phpfile); + + $output = array(); + exec("/usr/local/bin/php " . $tmpname, $output); + + unlink($tmpname); + + $output = implode("\n", $output); + print("<pre>" . htmlspecialchars($output) . "</pre>"); + +// echo eval($_POST['txtPHPCommand']); + puts("</div>"); +?> +<script type="text/javascript"> +//<![CDATA[ + events.push(function() { + // Scroll to the bottom of the page to more easily see the results of a PHP exec command + $("html, body").animate({ scrollTop: $(document).height() }, 1000); + }); +//]]> +</script> +<?php +} +?> + <div class="panel panel-default responsive"> + <div class="panel-heading"><h2 class="panel-title"><?=gettext('Execute PHP Commands')?></h2></div> + <div class="panel-body"> + <div class="content"> + <textarea id="txtPHPCommand" placeholder="Command" name="txtPHPCommand" rows="9" cols="80"><?=htmlspecialchars($_POST['txtPHPCommand'])?></textarea> + <br /> + <input type="submit" class="btn btn-default btn-sm" value="<?=gettext("Execute")?>" /> + <?=gettext("Example"); ?>: <code>print("Hello World!");</code> + </div> + </div> + </div> +</form> + +<?php +include("foot.inc"); + +if ($_POST) { + conf_mount_ro(); +} |