diff --git a/index.php b/index.php index 4e1e3fa..b71e295 100644 --- a/index.php +++ b/index.php @@ -1,3 +1,10 @@ + @@ -28,36 +35,30 @@ ^()[]{}$\, \x0A and \xFF. ' and " + // are escaped only if they are not paired. $servise = trim($_GET['servise']); $address = trim($_GET['address']); if( - (strpos($address,';')>0) - || (strpos($address,'|')>0) - || (strpos($address,'\\')>0) - || (strpos($address,'/')>0) - || (strpos($address,'>')>0) - || (strpos($address,'<')>0) - || (strpos($address,'|')===0) - || (strpos($address,';')===0) - || (strpos($address,'\\')===0) - || (strpos($address,'/')===0) - || (strpos($address,'>')===0) - || (strpos($address,'<')===0) ) + (strpos($address,'/')>0) + || (strpos($address,'/')===0) ) { echo "Don't be naughty!"; exit(); } if($servise=="ping") { - exec("ping ".$address." -c 4",$results); + exec("ping '".escapeshellcmd($address)."' -c 4",$results); } if($servise=="traceroute") { - exec("traceroute ".$address,$results); + exec("traceroute '".escapeshellcmd($address)."'",$results); } if($servise=="nslookup") { - exec("nslookup ".$address,$results); + exec("nslookup '".escapeshellcmd($address)."'",$results); } foreach($results as $result) {