!C99Shell v. 1.0 pre-release build #16!

Software: Apache/2.0.54 (Fedora). PHP/5.0.4 

uname -a: Linux mina-info.me 2.6.17-1.2142_FC4smp #1 SMP Tue Jul 11 22:57:02 EDT 2006 i686 

uid=48(apache) gid=48(apache) groups=48(apache)
context=system_u:system_r:httpd_sys_script_t 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/init/   drwxr-xr-x
Free 3.84 GB of 27.03 GB (14.22%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     save_startscript.cgi (1.9 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
#!/usr/bin/perl
# save_startscript.cgi
# saves modifications to the StartupItems/script/script or
# the StartupItems/script/StartupItems.plist

# Even though it would be MUCH faster to pass the file to be edited
# in the form, forms are filled out by the browser, not the server.
#
# A malicious user could manipulate the form to write to
# any file they darned well please. While a user who has webmin access
# to the bootup scripts could do a fair amount of damage anyway, I still
# would rather limit the possible files the cgi will write to to the
# actual bootup scripts.

# Written by Michael A. Peters <mpeters@mac.com> for
# webmin init module, based on save_local.cgi of same
# module. Written for Darwin/OS X.

require './init-lib.pl';
require './hostconfig-lib.pl';
use File::Basename;
$access{'bootup'} == 1 || &error("You are not allowed to edit the bootup script");
&ReadParse();

$action=$in{'action'};

if ( $in{'plist'} ne "" ) {
    $in{'plist'} =~ s/\r//g;
    $towrite = $in{'plist'};
    %temphash = &hostconfig_gather(startscript);
    $tempfile = $temphash{"$action"};
    $dir = dirname("$tempfile");
    $file = "$dir/$config{'plist'}";
    $redirect = "edit_hostconfig.cgi?0+$action";
    -e $file || &error("$file doesn't seem to exist");
    }
elsif ( $in{'startup'} ne "" ) {
    $in{'startup'} =~ s/\r//g;
    $towrite = $in{'startup'};
    %temphash = &hostconfig_gather(startscript);
    $file = $temphash{"$action"};
    $redirect = "edit_hostconfig.cgi?0+$action";
    -e $file || &error("$file doesn't seem to exist");
    }
elsif ( $in{'hostconfig'} ne "" ) {
    $in{'hostconfig'} =~ s/\r//g;
    $towrite = $in{'hostconfig'};
    $file = $config{'hostconfig'};
    $redirect = "edit_hostconfig.cgi?2";
    }
else {
    &error("I do not know what you want me to do");
    }

&lock_file($file);
&open_tempfile(LOCAL, "> $file");
&print_tempfile(LOCAL, $towrite);
&close_tempfile(LOCAL);
&unlock_file($file);
&webmin_log("startup", undef, undef, \%in);
&redirect("$redirect");

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0033 ]--