Ls

Lists files in current working directory. If the command is detected on the servers system, the command is executed on the server, to support arguments. The command is escaped by PHP’s escapeshellcmd to prevent other actions. If you want to execute commands on the shell, use the Sys plugin.

Command line interface

Syntax

  1. $ ls [args]

Arguments

  • args – (mixed, optional) Only supported if ls is detected on the servers system.

Example

ls.php

  1. <?
  3. require("../plugin.php");
  5. if (is_ajax()) {
  6. if ($_POST["action"] == 'ls') {
  7. // try "secure" ls access on system
  8. if (@shell_exec("ls --help 2>&1")) die(shell_exec(escapeshellcmd($_POST['cmd'])." 2>&1"));
  9. // try exec (cannot redirect error stream in safe_mode)
  10. unset($out);
  11. exec("ls --help", $out);
  12. if ($out) {
  13. unset($out);
  14. exec(escapeshellcmd($_POST['cmd']), $out);
  15. die(implode("\n", $out)."\n");
  16. }
  17. // just print all files
  18. $files = glob("*");
  19. if ($files) echo implode("\n", $files);
  20. exit;
  21. }
  22. exit;
  23. }
  24. ?>
  26. /**
  27. * List directory
  28. **/
  29. TinyShell.plugins.ls = new Class({
  30. description: "List files",
  31. run : function(terminal, args, line) {
  32. this.t = terminal;
  33. terminal.ajax_request(this.print, "<?php echo $_AJAX_URL?>", "action=ls&cmd="+encodeURIComponent(line));
  34. },
  35. print : function(response) {
  36. this.t.print(response);
  37. this.t.resume();
  38. }
  39. });
Author: Theis Mackeprang

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>