Skip to content

Commit

Permalink
v1.1 - better sanitizing
Browse files Browse the repository at this point in the history
  • Loading branch information
@MasterEx
MasterEx committed Feb 22, 2011
1 parent 9142df2 commit 867b5a6
Showing 1 changed file with 16 additions and 15 deletions.
31 changes: 16 additions & 15 deletions index.php
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
<?php
/*
* credits to:
* c00kiemon5ter for various suggestions
* HdkiLLeR(vpk) for security tips
*/
?>
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="el" xml:lang="el">
<head>
<META AUTHOR="Periklis Ntanasis a.k.a. Master_ex">
Expand Down Expand Up @@ -28,36 +35,30 @@
<?php
if(isset($_GET['submit']))
{
// use of escapeshellcmd - must be enabled
// http://php.net/manual/en/function.escapeshellcmd.php
// escapes #&;`|*?~<>^()[]{}$\, \x0A and \xFF. ' and "
// are escaped only if they are not paired.
$servise = trim($_GET['servise']);
$address = trim($_GET['address']);
if(
(strpos($address,';')>0)
|| (strpos($address,'|')>0)
|| (strpos($address,'\\')>0)
|| (strpos($address,'/')>0)
|| (strpos($address,'>')>0)
|| (strpos($address,'<')>0)
|| (strpos($address,'|')===0)
|| (strpos($address,';')===0)
|| (strpos($address,'\\')===0)
|| (strpos($address,'/')===0)
|| (strpos($address,'>')===0)
|| (strpos($address,'<')===0) )
(strpos($address,'/')>0)
|| (strpos($address,'/')===0) )
{
echo "Don't be naughty!";
exit();
}
if($servise=="ping")
{
exec("ping ".$address." -c 4",$results);
exec("ping '".escapeshellcmd($address)."' -c 4",$results);
}
if($servise=="traceroute")
{
exec("traceroute ".$address,$results);
exec("traceroute '".escapeshellcmd($address)."'",$results);
}
if($servise=="nslookup")
{
exec("nslookup ".$address,$results);
exec("nslookup '".escapeshellcmd($address)."'",$results);
}
foreach($results as $result)
{
Expand Down

0 comments on commit 867b5a6

Please sign in to comment.