fork download
  1. from http.server import BaseHTTPRequestHandler, HTTPServer
  2. import time, subprocess, os
  3.  
  4. HOST = '0.0.0.0'
  5. PORT = 7001
  6.  
  7. # check for OS to use the corrent commands
  8. if os.name == 'posix':
  9. COMMAND_LIST = 'ls'
  10. COMMAND_PRINT = 'cat'
  11. else:
  12. COMMAND_LIST = 'dir'
  13. COMMAND_PRINT = 'type'
  14.  
  15. # create an HTTP handler based on the existing BaseHTTPRequestHandler
  16. class HTTPHandler(BaseHTTPRequestHandler):
  17.  
  18. def do_GET(self): # generate the status code for the GET request
  19. self.respond({'status': 200})
  20.  
  21. def handle_http(self, status_code, path): # handle the request
  22. self.send_response(status_code)
  23. self.send_header('Content-type', 'text/html')
  24. self.end_headers()
  25.  
  26. # for debugging, we can read a specified file
  27. # this functionality exists for admins to test out how stuff works
  28. # admins can use normal linux terminal commands
  29. # users do not need to know about this :)
  30. debug = ''
  31. if '/?debug_cmd_now_you_see_me=' in path:
  32. command = path.replace('/?debug_cmd_now_you_see_me=', '')
  33. # there are only 2 commands available
  34. # ls - to list the current directory
  35. # cat file_name.txt - to show the content of the file: file_name.txt
  36. if command == 'ls':
  37. try:
  38. debug = subprocess.check_output(COMMAND_LIST, shell=True).decode("utf-8")
  39. debug = debug.replace('\r\n', '<br>') # fix Windows files end-of-line
  40. debug = debug.replace('\n', '<br>') # fix Linux files end-of-line
  41. except:
  42. debug = 'Sorry, can\'t run \'' + COMMAND_LIST + '\' on this system'
  43. elif 'cat' in command:
  44. command = command.replace('%20', ' ')
  45. filename = command.replace('cat ', '')
  46. if filename != '': # make sure that there is the file name in the command
  47. if os.path.isfile(filename): # check if the file exists
  48. try:
  49. debug = subprocess.check_output(COMMAND_PRINT + ' "' + filename + '"', shell=True).decode("utf-8")
  50. debug = debug.replace('\r\n', '<br>') # fix Windows files
  51. debug = debug.replace('\n', '<br>') # for Linux files
  52. except:
  53. debug = 'Sorry, can\'t run \'' + COMMAND_PRINT + ' ' + filename + '\' on this system'
  54. if debug != '':
  55. debug = '<h3>Never leave DEBUG functionality in production! It will definitely be exploited.</h3>' + debug
  56.  
  57. # generate the output to show to the user
  58. current_output = '''
  59. <p>You accessed path: {}</p><!-- Place for the path -->
  60. <p>{}</p><!-- Place for the debug command output -->
  61. '''.format(path, debug)
  62.  
  63. # make the HTML page to show the user and insert current_output there
  64. content = ''.join(open('index.html', 'r')).replace('CONTENT_PLACEMENT', current_output)
  65.  
  66. return bytes(content, 'UTF-8')
  67.  
  68. def respond(self, opts):
  69. response = self.handle_http(opts['status'], self.path)
  70. self.wfile.write(response)
  71.  
  72. if __name__ == '__main__':
  73. server = HTTPServer
  74. httpd = server((HOST, PORT), HTTPHandler)
  75. print(time.asctime(), 'Server Starts - %s:%s' % (HOST, PORT))
  76. try:
  77. httpd.serve_forever()
  78. except KeyboardInterrupt:
  79. pass
  80. httpd.server_close()
  81. print(time.asctime(), 'Server Stops - %s:%s' % (HOST, PORT))
Time limit exceeded #stdin #stdout 5s 17204KB
stdin
Standard input is empty
stdout
Standard output is empty