| [421] | 1 | #!/usr/bin/env python
|
|---|
| 2 | # #sys.path.insert (0,"/var/www/cgi-bin")
|
|---|
| 3 |
|
|---|
| 4 | import sys
|
|---|
| 5 | import os
|
|---|
| 6 | import commands
|
|---|
| 7 | import cgi
|
|---|
| 8 | import traceback
|
|---|
| 9 | import string
|
|---|
| 10 | import re
|
|---|
| 11 | import socket
|
|---|
| 12 |
|
|---|
| 13 | ROOTPATH="/tmp"
|
|---|
| 14 | CGISH_HTML="""<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|---|
| 15 | <html>
|
|---|
| 16 | <head>
|
|---|
| 17 | <title>Untitled Document</title>
|
|---|
| 18 | <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
|
|---|
| 19 | <style type=text/css>
|
|---|
| 20 | body
|
|---|
| 21 | {
|
|---|
| 22 | font-family: "Courier New", Courier, mono;
|
|---|
| 23 | font-size: 10pt;
|
|---|
| 24 | color: #00cc00;
|
|---|
| 25 | background-color: #002000;
|
|---|
| 26 | }
|
|---|
| 27 | .headline {font-size: 18pt}
|
|---|
| 28 | a {color: #99ff99; text-decoration: none}
|
|---|
| 29 | a:hover {color: #00FF00}
|
|---|
| 30 | hr {color: #00ff00}
|
|---|
| 31 | .cursor {color:#002000;background-color:#00cc00}
|
|---|
| 32 | form {
|
|---|
| 33 | font-family: "Courier New", Courier, mono;
|
|---|
| 34 | color: #00CC00;
|
|---|
| 35 | background-color: #003300;
|
|---|
| 36 | }
|
|---|
| 37 | input {
|
|---|
| 38 | font-family: "Courier New", Courier, mono;
|
|---|
| 39 | color: #00CC00;
|
|---|
| 40 | background-color: #003300;
|
|---|
| 41 | padding: 3px;
|
|---|
| 42 | border: 0;
|
|---|
| 43 | }
|
|---|
| 44 | textarea {
|
|---|
| 45 | font-family: "Courier New", Courier, mono;
|
|---|
| 46 | color: #00CC00;
|
|---|
| 47 | background-color: #003300;
|
|---|
| 48 | }
|
|---|
| 49 | </style>
|
|---|
| 50 | <script language="JavaScript">
|
|---|
| 51 | function firstFocus()
|
|---|
| 52 | {if (document.forms.length > 0)
|
|---|
| 53 | {var TForm = document.forms[0];
|
|---|
| 54 | for (i=0;i<TForm.length;i++){
|
|---|
| 55 | if ((TForm.elements[i].type=="text")||
|
|---|
| 56 | (TForm.elements[i].type=="textarea")||
|
|---|
| 57 | (TForm.elements[i].type.toString().charAt(0)=="s"))
|
|---|
| 58 | {document.forms[0].elements[i].focus();break;}}}}
|
|---|
| 59 | </script>
|
|---|
| 60 | </head>
|
|---|
| 61 |
|
|---|
| 62 | <body onLoad="firstFocus()">
|
|---|
| 63 | <pre>%(SHELL_OUTPUT)s</pre>
|
|---|
| 64 | <form action="http://www.chocho.org/cgi-bin/bd_client_web.py" method="POST">
|
|---|
| 65 | <input name="command" type="text" size="80"><br>
|
|---|
| 66 | <hr noshade="1">
|
|---|
| 67 | <input name="submit" type="submit" value="Enter">
|
|---|
| 68 | <input name="ctrl_c" type="submit" value="CTRL-C">
|
|---|
| 69 | <input name="ctrl_d" type="submit" value="CTRL-D">
|
|---|
| 70 | <input name="ctrl_z" type="submit" value="CTRL-Z">
|
|---|
| 71 | <input name="esc" type="submit" value="ESC">
|
|---|
| 72 | <input name="refresh" type="submit" value="REFRESH">
|
|---|
| 73 |
|
|---|
| 74 | </form>
|
|---|
| 75 |
|
|---|
| 76 | </body>
|
|---|
| 77 | </html>
|
|---|
| 78 | """
|
|---|
| 79 | def page (result = ''):
|
|---|
| 80 | """Return the main form"""
|
|---|
| 81 | return CGISH_HTML % {'SHELL_OUTPUT':result}
|
|---|
| 82 |
|
|---|
| 83 | def bd_client (command, host='localhost', port = 1666):
|
|---|
| 84 | HOST = 'localhost' # The remote host
|
|---|
| 85 | PORT = 1666 # The same port as used by the server
|
|---|
| 86 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|---|
| 87 | s.connect((HOST, PORT))
|
|---|
| 88 | s.send(command)
|
|---|
| 89 | data = s.recv (1920)
|
|---|
| 90 | s.close()
|
|---|
| 91 | return data
|
|---|
| 92 |
|
|---|
| 93 | #fout = file ('/tmp/log2','w')
|
|---|
| 94 | #fout.write (command)
|
|---|
| 95 | #fout.write ('\n')
|
|---|
| 96 | # s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|---|
| 97 | # s.connect((host, port))
|
|---|
| 98 | # s.send(command)
|
|---|
| 99 | # data = s.recv(1024)
|
|---|
| 100 | #fout.write (data)
|
|---|
| 101 | #fout.write ('\n')
|
|---|
| 102 | # s.close()
|
|---|
| 103 | #fout.close()
|
|---|
| 104 | # return data
|
|---|
| 105 |
|
|---|
| 106 | #def link (matchobject):
|
|---|
| 107 | # """Used in re.sub calls to replace a matched object with an HTML link."""
|
|---|
| 108 | # path = matchobject.group(0)
|
|---|
| 109 | # l = "<a href=\"http://63.199.26.227/cgi-bin/ls.py?root=%s&path=%s\">%s</a>" % \
|
|---|
| 110 | # (ROOTPATH+"/"+path, ROOTPATH+"/"+path, path)
|
|---|
| 111 | # return l
|
|---|
| 112 |
|
|---|
| 113 | def escape_shell_meta_chars(s):
|
|---|
| 114 | """Escape shell meta characters. This is done for security."""
|
|---|
| 115 | s = string.replace(s, "\\", "\\\\")
|
|---|
| 116 | s = string.replace(s, "`", "\\`")
|
|---|
| 117 | s = string.replace(s, " ", "\\ ",)
|
|---|
| 118 | s = string.replace(s, "&", "\\&",)
|
|---|
| 119 | s = string.replace(s, ";", "\\;",)
|
|---|
| 120 | s = string.replace(s, "\"", "\\\"",)
|
|---|
| 121 | s = string.replace(s, "\'", "\\'",)
|
|---|
| 122 | s = string.replace(s, "|", "\\|",)
|
|---|
| 123 | s = string.replace(s, "*", "\\*",)
|
|---|
| 124 | s = string.replace(s, "<", "\\<",)
|
|---|
| 125 | s = string.replace(s, ">", "\\>",)
|
|---|
| 126 | return s
|
|---|
| 127 |
|
|---|
| 128 | sys.path.insert (0,"/usr/local/apache/cgi-bin")
|
|---|
| 129 | sys.stderr = sys.stdout
|
|---|
| 130 |
|
|---|
| 131 | print "Content-type: text/html"
|
|---|
| 132 | print
|
|---|
| 133 |
|
|---|
| 134 | try:
|
|---|
| 135 | form = cgi.FieldStorage()
|
|---|
| 136 | if form.has_key("command"):
|
|---|
| 137 | command = form["command"].value
|
|---|
| 138 | result = bd_client (command)
|
|---|
| 139 | print page(result)
|
|---|
| 140 | else:
|
|---|
| 141 | print page()
|
|---|
| 142 |
|
|---|
| 143 | except:
|
|---|
| 144 | print "\n\n<pre>"
|
|---|
| 145 | traceback.print_exc()
|
|---|
| 146 | print "</pre>"
|
|---|
| 147 |
|
|---|
| 148 |
|
|---|
