!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\AmbienteBogota\ambientebogota.gov.co\actores\Secretariaambiente\   drwxrwxrwx
Free 4.11 GB of 39.52 GB (10.39%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     consultar_instancia.php (2.88 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
//prevents caching
header("Expires: Sat, 01 Jan 2000 00:00:00 GMT");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: post-check=0, pre-check=0",false);
session_cache_limiter();
session_start();
require('config.php');
require('functions.php');
$table_name="participantes";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Documento sin t&iacute;tulo</title>
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<script type="text/javascript">
function showgenero(str)
{
if (str=="")
{
document.getElementById("listado").innerHTML="";
return;
}
if (window.XMLHttpRequest)
{
xmlhttp=new XMLHttpRequest();
}
else
{
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
document.getElementById("listado").innerHTML=xmlhttp.responseText;
}
}
xmlhttp.open("GET","toma_usuario.php?q="+str,true);
xmlhttp.send();
}
</script>
</head>

<body>
<form id="form1" name="form1" method="post" action="">
<table width="264" border="1">
<tr>
<td width="119">Organizaci&oacute;n</td>
<td width="129">
<?php
$link=mysql_connect($server,$dbusername,$dbpassword);
$select=mysql_select_db($db_name) or die('No hay BD');
$cadena="select * from participantes";
$sql=mysql_query($cadena);
if($reg=mysql_fetch_array($sql)){
echo "<select multiple size='2' id='cbogenero' onchange='showgenero(this.value)'>";
echo "<option value='X'>SELECCIONA</option>";
do{
echo "<option value='".$reg['idpart']." - ".$reg['nombrepart']."'>".$reg['idpart']." - ".$reg['nombrepart']."</option>";
}while($reg=mysql_fetch_array($sql));
echo "</select>";
};
?>
</td>
</tr>
</table>

</form>
<br/>
<div id="listado">Consultar Integrantes de CAL</div>

</body>
</html>
<?php
/*
$q=$_GET["q"];

$con = mysql_connect('localhost', 'root', '');
if (!$con)
{
die('No Conectado : ' . mysql_error());
}

mysql_select_db("aplicacionregistro", $con);

$sql="SELECT r.identi,r.user,r.direccion,r.telefono,r.email FROM reg_organizaciones as r inner join authorize as a on r.id=a.id WHERE r.direccion = '".$q."'";

$result = mysql_query($sql);

echo "<table border='1'>
<tr>
<th>Identificacion</th>
<th>Usuario</th>
<th>Direccion</th>
<th>Telefono</th>
<th>Email</th>
<th></th>
</tr>";

while($row = mysql_fetch_array($result))
{
echo "<tr>";
echo "<td>" . $row['identi'] . "</td>";
echo "<td>" . $row['user'] . "</td>";
echo "<td>" . $row['direccion'] . "</td>";
echo "<td>" . $row['telefono'] . "</td>";
echo "<td>" . $row['email'] . "</td>";
echo "<td><a href='editar.php'>Editar</a></td>";
echo "</tr>";
}
echo "</table>";

mysql_close($con);
*/
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--