Ls

Lists files in current working directory. If the command is detected on the servers system, the command is executed on the server, to support arguments. The command is escaped by PHP’s escapeshellcmd to prevent other actions. If you want to execute commands on the shell, use the Sys plugin.

Command line interface

Syntax

  1. $ ls [args]

Arguments

  • args – (mixed, optional) Only supported if ls is detected on the servers system.

Example

ls.php

  1. <?
  2. require("../plugin.php");
  3. if (is_ajax()) {
  4. if ($_POST["action"] == 'ls') {
  5. // try "secure" ls access on system
  6. if (@shell_exec("ls --help 2>&1")) die(shell_exec(escapeshellcmd($_POST['cmd'])." 2>&1"));
  7. // try exec (cannot redirect error stream in safe_mode)
  8. unset($out);
  9. exec("ls --help", $out);
  10. if ($out) {
  11. unset($out);
  12. exec(escapeshellcmd($_POST['cmd']), $out);
  13. die(implode("\n", $out)."\n");
  14. }
  15. // just print all files
  16. $files = glob("*");
  17. if ($files) echo implode("\n", $files);
  18. exit;
  19. }
  20. exit;
  21. }
  22. ?>
  23. /**
  24. * List directory
  25. **/
  26. TinyShell.plugins.ls = new Class({
  27. description: "List files",
  28. run : function(terminal, args, line) {
  29. this.t = terminal;
  30. terminal.ajax_request(this.print, "<?php echo $_AJAX_URL?>", "action=ls&cmd="+encodeURIComponent(line));
  31. },
  32. print : function(response) {
  33. this.t.print(response);
  34. this.t.resume();
  35. }
  36. });

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>