1 | #!/usr/bin/env python |
---|
2 | # #sys.path.insert (0,"/var/www/cgi-bin") |
---|
3 | |
---|
4 | import sys |
---|
5 | import os |
---|
6 | import commands |
---|
7 | import cgi |
---|
8 | import traceback |
---|
9 | import string |
---|
10 | import re |
---|
11 | import socket |
---|
12 | |
---|
13 | ROOTPATH="/tmp" |
---|
14 | CGISH_HTML="""<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
---|
15 | <html> |
---|
16 | <head> |
---|
17 | <title>Untitled Document</title> |
---|
18 | <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> |
---|
19 | <style type=text/css> |
---|
20 | body |
---|
21 | { |
---|
22 | font-family: "Courier New", Courier, mono; |
---|
23 | font-size: 10pt; |
---|
24 | color: #00cc00; |
---|
25 | background-color: #002000; |
---|
26 | } |
---|
27 | .headline {font-size: 18pt} |
---|
28 | a {color: #99ff99; text-decoration: none} |
---|
29 | a:hover {color: #00FF00} |
---|
30 | hr {color: #00ff00} |
---|
31 | .cursor {color:#002000;background-color:#00cc00} |
---|
32 | form { |
---|
33 | font-family: "Courier New", Courier, mono; |
---|
34 | color: #00CC00; |
---|
35 | background-color: #003300; |
---|
36 | } |
---|
37 | input { |
---|
38 | font-family: "Courier New", Courier, mono; |
---|
39 | color: #00CC00; |
---|
40 | background-color: #003300; |
---|
41 | padding: 3px; |
---|
42 | border: 0; |
---|
43 | } |
---|
44 | textarea { |
---|
45 | font-family: "Courier New", Courier, mono; |
---|
46 | color: #00CC00; |
---|
47 | background-color: #003300; |
---|
48 | } |
---|
49 | </style> |
---|
50 | <script language="JavaScript"> |
---|
51 | function firstFocus() |
---|
52 | {if (document.forms.length > 0) |
---|
53 | {var TForm = document.forms[0]; |
---|
54 | for (i=0;i<TForm.length;i++){ |
---|
55 | if ((TForm.elements[i].type=="text")|| |
---|
56 | (TForm.elements[i].type=="textarea")|| |
---|
57 | (TForm.elements[i].type.toString().charAt(0)=="s")) |
---|
58 | {document.forms[0].elements[i].focus();break;}}}} |
---|
59 | </script> |
---|
60 | </head> |
---|
61 | |
---|
62 | <body onLoad="firstFocus()"> |
---|
63 | <pre>%(SHELL_OUTPUT)s</pre> |
---|
64 | <form action="http://www.chocho.org/cgi-bin/bd_client_web.py" method="POST"> |
---|
65 | <input name="command" type="text" size="80"><br> |
---|
66 | <hr noshade="1"> |
---|
67 | <input name="submit" type="submit" value="Enter"> |
---|
68 | <input name="ctrl_c" type="submit" value="CTRL-C"> |
---|
69 | <input name="ctrl_d" type="submit" value="CTRL-D"> |
---|
70 | <input name="ctrl_z" type="submit" value="CTRL-Z"> |
---|
71 | <input name="esc" type="submit" value="ESC"> |
---|
72 | <input name="refresh" type="submit" value="REFRESH"> |
---|
73 | |
---|
74 | </form> |
---|
75 | |
---|
76 | </body> |
---|
77 | </html> |
---|
78 | """ |
---|
79 | def page (result = ''): |
---|
80 | """Return the main form""" |
---|
81 | return CGISH_HTML % {'SHELL_OUTPUT':result} |
---|
82 | |
---|
83 | def bd_client (command, host='localhost', port = 1666): |
---|
84 | HOST = 'localhost' # The remote host |
---|
85 | PORT = 1666 # The same port as used by the server |
---|
86 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
---|
87 | s.connect((HOST, PORT)) |
---|
88 | s.send(command) |
---|
89 | data = s.recv (1920) |
---|
90 | s.close() |
---|
91 | return data |
---|
92 | |
---|
93 | #fout = file ('/tmp/log2','w') |
---|
94 | #fout.write (command) |
---|
95 | #fout.write ('\n') |
---|
96 | # s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
---|
97 | # s.connect((host, port)) |
---|
98 | # s.send(command) |
---|
99 | # data = s.recv(1024) |
---|
100 | #fout.write (data) |
---|
101 | #fout.write ('\n') |
---|
102 | # s.close() |
---|
103 | #fout.close() |
---|
104 | # return data |
---|
105 | |
---|
106 | #def link (matchobject): |
---|
107 | # """Used in re.sub calls to replace a matched object with an HTML link.""" |
---|
108 | # path = matchobject.group(0) |
---|
109 | # l = "<a href=\"http://63.199.26.227/cgi-bin/ls.py?root=%s&path=%s\">%s</a>" % \ |
---|
110 | # (ROOTPATH+"/"+path, ROOTPATH+"/"+path, path) |
---|
111 | # return l |
---|
112 | |
---|
113 | def escape_shell_meta_chars(s): |
---|
114 | """Escape shell meta characters. This is done for security.""" |
---|
115 | s = string.replace(s, "\\", "\\\\") |
---|
116 | s = string.replace(s, "`", "\\`") |
---|
117 | s = string.replace(s, " ", "\\ ",) |
---|
118 | s = string.replace(s, "&", "\\&",) |
---|
119 | s = string.replace(s, ";", "\\;",) |
---|
120 | s = string.replace(s, "\"", "\\\"",) |
---|
121 | s = string.replace(s, "\'", "\\'",) |
---|
122 | s = string.replace(s, "|", "\\|",) |
---|
123 | s = string.replace(s, "*", "\\*",) |
---|
124 | s = string.replace(s, "<", "\\<",) |
---|
125 | s = string.replace(s, ">", "\\>",) |
---|
126 | return s |
---|
127 | |
---|
128 | sys.path.insert (0,"/usr/local/apache/cgi-bin") |
---|
129 | sys.stderr = sys.stdout |
---|
130 | |
---|
131 | print "Content-type: text/html" |
---|
132 | print |
---|
133 | |
---|
134 | try: |
---|
135 | form = cgi.FieldStorage() |
---|
136 | if form.has_key("command"): |
---|
137 | command = form["command"].value |
---|
138 | result = bd_client (command) |
---|
139 | print page(result) |
---|
140 | else: |
---|
141 | print page() |
---|
142 | |
---|
143 | except: |
---|
144 | print "\n\n<pre>" |
---|
145 | traceback.print_exc() |
---|
146 | print "</pre>" |
---|
147 | |
---|
148 | |
---|