librenms-librenms/html/netcmd.php

<?php

ini_set('allow_url_fopen', 0);
ini_set('display_errors', 0);

if($_GET[debug]) {
  ini_set('display_errors', 1);
  ini_set('display_startup_errors', 1);
  ini_set('log_errors', 1);
  ini_set('error_reporting', E_ALL);
}

include("../includes/defaults.inc.php");
include("../config.php");
include("../includes/functions.php");
include("includes/authenticate.inc.php");
if(!$_SESSION['authenticated']) { echo("unauthenticated"); exit; }


if($_GET['query'] && $_GET['cmd']) {
  $host = $_GET['query'];
  if(Net_IPv6::checkIPv6($host)||Net_IPv4::validateip($host)||preg_match("/^[a-zA-Z0-9.-]*$/", $host)) {
    switch ($_GET['cmd']) {
      case 'whois':
        $output = `/usr/bin/whois $host | grep -v \%`;
        break;
      case 'ping':
        $output = `/bin/ping $host`;
        break;
      case 'tracert':
        $output = `/usr/sbin/traceroute $host`;
        break;
      case 'nmap':
        $output = `/usr/bin/nmap $host`;
        break; 
    }
  }
}

$output = trim($output);
echo("<pre>$output</pre>");

?>
Initial Import git-svn-id: http://www.observium.org/svn/observer/trunk@2 61d68cd4-352d-0410-923a-c4978735b2b8 2007-04-03 14:10:23 +00:00			`<?php`

security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			`ini_set('allow_url_fopen', 0);`
			`ini_set('display_errors', 0);`
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00
security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			`if($_GET[debug]) {`
			`ini_set('display_errors', 1);`
			`ini_set('display_startup_errors', 1);`
			`ini_set('log_errors', 1);`
			`ini_set('error_reporting', E_ALL);`
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00			`}`

include defaults.php before config.php, not FROM config.php git-svn-id: http://www.observium.org/svn/observer/trunk@966 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-27 14:44:38 +00:00			`include("../includes/defaults.inc.php");`
security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			`include("../config.php");`
			`include("../includes/functions.php");`
rename some gui include files git-svn-id: http://www.observium.org/svn/observer/trunk@891 61d68cd4-352d-0410-923a-c4978735b2b8 2010-02-20 17:37:42 +00:00			`include("includes/authenticate.inc.php");`
fixing things, adding better security git-svn-id: http://www.observium.org/svn/observer/trunk@351 61d68cd4-352d-0410-923a-c4978735b2b8 2009-03-11 14:50:24 +00:00			`if(!$_SESSION['authenticated']) { echo("unauthenticated"); exit; }`

security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00
			`if($_GET['query'] && $_GET['cmd']) {`
			`$host = $_GET['query'];`
bug fixes and security fixes git-svn-id: http://www.observium.org/svn/observer/trunk@307 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-19 12:12:54 +00:00			`if(Net_IPv6::checkIPv6($host)\|\|Net_IPv4::validateip($host)\|\|preg_match("/^[a-zA-Z0-9.-]*$/", $host)) {`
security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			`switch ($_GET['cmd']) {`
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00			`case 'whois':`
security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			$output = `/usr/bin/whois $host \| grep -v \%`;
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00			`break;`
			`case 'ping':`
security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			$output = `/bin/ping $host`;
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00			`break;`
			`case 'tracert':`
security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			$output = `/usr/sbin/traceroute $host`;
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00			`break;`
			`case 'nmap':`
security fixes. again. git-svn-id: http://www.observium.org/svn/observer/trunk@306 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:28:13 +00:00			$output = `/usr/bin/nmap $host`;
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00			`break;`
			`}`
			`}`
Initial Import git-svn-id: http://www.observium.org/svn/observer/trunk@2 61d68cd4-352d-0410-923a-c4978735b2b8 2007-04-03 14:10:23 +00:00			`}`
security fixes. AMG SECURIITAHHHHHHHHH! git-svn-id: http://www.observium.org/svn/observer/trunk@305 61d68cd4-352d-0410-923a-c4978735b2b8 2008-11-13 17:19:43 +00:00
Initial Import git-svn-id: http://www.observium.org/svn/observer/trunk@2 61d68cd4-352d-0410-923a-c4978735b2b8 2007-04-03 14:10:23 +00:00			`$output = trim($output);`
			`echo("<pre>$output</pre>");`

			`?>`