snipe
 2450 
|  Posté : 31-12-2003 20:38
Voila qui comble la faille en quetion :)
<?php
if(!IsSet($mainfile)) { !!include!! ("mainfile.php"); }
// Permanent double-side theme
global $pdsts;
$pdst="0";
if (($npds!="1") and ($npds!="-1")) {
$pdst=1;
} else {
$pdst=$npds;
}
if ($npds!="-1") {
!!include!! ("header.php");
}
openTable();
// This script was writen by <a href='mailto:webmaster@theworldsend.net' target='_blank' class='NOIR'>webmaster@theworldsend.net</a>, Aug.2001
// <a href='http://www.theworldsend.net' target='_blank' class='NOIR'>http://www.theworldsend.net</a>
// This is my first script. Enjoy.
//
// Put it into whatever directory and call it. That's all.
// Updated to 4.2 code
// Get Variable from form via register globals on/off
//--------
$max_count = 10; //maximum count for ping command
$unix = 1; //set this to 1 if you are on a *unix system
$windows = 0; //set this to 1 if you are on a windows system
// --------
// nothing more to be done.
// --------
//globals on or off ?
$register_globals = (bool) ini_get('register_gobals');
$system = ini_get('system');
$unix = (bool) $unix;
$win = (bool) $windows;
//
If ($register_globals)
{
$ip = getenv(REMOTE_ADDR);
$self = $PHP_SELF;
}
else
{
$submit = $_GET['submit'];
$count = $_GET['count'];
$host = $_GET['host'];
$ip = $_SERVER['REMOTE_ADDR'];
$self = $_SERVER['PHP_SELF'];
};
// form submitted ?
If ($submit == "Ping!")
{
// over count ?
//protect snp
if(!is_int($count)){
echo "Vas te fait foutre sal hackers";
}else{
//protect snp
If ($count > $max_count)
{
echo 'Maximum for count is: '.$max_count;
echo '<a href="'.$self.'">Back</a>';
}
else
{
// replace bad chars
$host= preg_replace ("/[^A-Za-z0-9.]/","",$host);
echo '<body bgcolor="#FFFFFF" text="#000000"></body>';
echo("Ping Output:<br>");
echo '<pre>';
//check target IP or domain
if ($unix)
{
system ("ping -c$count -w$count $host");
system("killall ping");// kill all ping processes in case there are some stalled ones or use echo 'ping' to execute ping without shell
}
else
{
system("ping -n $count $host");
}
echo '</pre>';
}
//protect snp
}
//protect snp
}
else
{
echo '<body bgcolor="#FFFFFF" text="#000000"></body>';
echo '<p><font size="2">Votre adresse IP est : '.$ip.'</font></p>';
echo '<form methode="post" action="'.$self.'">';
echo ' Entrer adresse IP ou Host : <input type="text" name="host" value="'.$ip.'"></input>';
echo ' Entrer count <input type="text" name="count" size="2" value="4"></input>';
echo ' <input type="submit" name="submit" value="Ping!"></input>';
echo '</form>';
echo '<br><b>'.$system.'</b>';
echo '</body></html>';
}
?>
<?
closeTable();
if ($npds!="-1") {
!!include!! ("footer.php");
}
?>
faut reenlever les !! au !!include!!
[ Message édité par : snipe : 31-12-2003 20:40 ] |
