This repository has been archived by the owner on Dec 14, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 347
/
Copy pathterminal.php
124 lines (112 loc) · 5.2 KB
/
terminal.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?php
include "lib/headers.php";
include "lib/settings.php";
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>ICEcoder <?php echo $ICEcoder["versionNo"];?> Terminal</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="robots" content="noindex, nofollow">
<meta name="viewport" content="width=device-width, initial-scale=0.5, user-scalable=no">
<link rel="stylesheet" type="text/css" href="<?php echo $settingsClass->assetsRoot;?>/css/terminal.css?microtime=<?php echo microtime(true);?>" />
<script type="text/javascript" language="JavaScript">
commandHistory = [];
currentLine = 0;
// Handle command history as user cycles with up/down arrow keys or types other keys
key = function(e) {
if (!e) {
var e = window.event;
}
// Up
if (38 === e.keyCode) {
// If blank, set a blank line as current
if ("" == document.getElementById('command').value) {
currentCommand = "";
}
// If we have history and the last command in history isn't this one
if (commandHistory[commandHistory.length - 1] && commandHistory[commandHistory.length - 1].replace("[[ICEcoder]]:", "") !== currentCommand) {
// Push or append as last item in array with string to indicate temp nature
if (0 !== commandHistory[commandHistory.length - 1].indexOf("[[ICEcoder]]:")) {
commandHistory.push("[[ICEcoder]]:" + currentCommand);
} else {
commandHistory[commandHistory.length - 1] = "[[ICEcoder]]:" + currentCommand;
}
}
// If we have at least some items in history, step back a level and display the previous command
if (0 < currentLine) {
currentLine--;
document.getElementById('command').value = commandHistory[currentLine].replace("[[ICEcoder]]:", "");
}
// Down
// If the current line isn't the last in the array, take a step forward and display the command
} else if(40 === e.keyCode && currentLine < commandHistory.length - 1) {
currentLine++;
document.getElementById('command').value = commandHistory[currentLine].replace("[[ICEcoder]]:", "");
// Set the current command value to that of the user input
} else {
currentCommand = document.getElementById('command').value;
}
}
sendCmd = function(command) {
// Send command over XHR for response and display
xhr = parent.ICEcoder.xhrObj();
xhr.onreadystatechange = function() {
if (4 === xhr.readyState) {
// OK reponse?
if (200 === xhr.status) {
// Set the output to also include our response and scroll down to bottom
var newOutput = document.createElement("DIV");
responseText = xhr.responseText;
responseJSON = JSON.parse(responseText);
newOutput.innerHTML = responseJSON.output;
document.getElementById("user").innerHTML = "  " + responseJSON.user + " ";
document.getElementById("cwd").innerHTML = " " + responseJSON.cwd + " ";
var cmdElem = document.getElementById("commandLine");
cmdElem.parentNode.insertBefore(newOutput, cmdElem);
parent.document.getElementById("terminal").contentWindow.document.documentElement.scrollTop = document.getElementById('output').scrollHeight;
// Add command onto end of history array or set as last item in array
if (0 === currentLine || 0 !== commandHistory[commandHistory.length - 1].indexOf("[[ICEcoder]]:")) {
commandHistory.push(document.getElementById('command').value);
} else {
commandHistory[commandHistory.length - 1] = document.getElementById('command').value;
}
// Set the current line to be the length of the array and clear the command
currentLine = commandHistory.length;
document.getElementById('command').value = "";
}
}
};
// Send the XHR request
xhr.open("POST", parent.ICEcoder.iceLoc + "/lib/terminal-xhr.php?csrf=" + parent.ICEcoder.csrf, true);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.send('command=' + encodeURIComponent(command));
}
</script>
</head>
<body onclick="document.getElementById('command').focus()">
<?php
// If we have no cwd set in session, set it now
if (false === isset($_SESSION['cwd'])) {
$_SESSION['cwd'] = $docRoot . $iceRoot;
}
// Change to cwd
chdir($_SESSION['cwd']);
if (true === $systemClass->functionEnabled("shell_exec")) {
// Get current user and cwd
$user = str_replace("\n", "", shell_exec("whoami"));
$cwd = str_replace("\n", "", shell_exec("pwd"));
?>
<form name="shell" onsubmit="sendCmd(document.getElementById('command').value); return false" method="POST">
<pre class="output" id="output"><span style="color: #0a0">ICEcoder <?php echo $ICEcoder["versionNo"];?> terminal</span>
This is a full powered terminal, but will have the permissions of the '<?php echo $user;?>' user.
The more access rights you give that user, the more this terminal has.
<div class="commandLine" id="commandLine"><div class="user" id="user"> <?php echo $user;?> </div><div class="cwd" id="cwd"> <?php echo $cwd;?> </div> : <?php echo date("H:m:s");?><br><div class="promptVLine"></div><div class="promptHLine">─<div class="promptArrow">▶</div></div> <input type="text" class="command" id="command" onkeyup="key(event)" tabindex="1" autocomplete="off"></div></pre>
</form>
<?php
} else {
?>
<pre class="output" id="output">shell_exec not available on the server, unable to use terminal.</pre>
<?php } ?>
</body>
</html>