190.27.245.106 - c99shell

!C99Shell v. 1.0 pre-release build #13!
Software: Apache. PHP/5.5.15 uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 SYSTEM Safe-mode: OFF (not secure) C:\AmbienteBogota\comments\admin\ drwxrwxrwx Free 4.15 GB of 39.52 GB (10.49%) Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ] Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!C99Shell v. 1.0 pre-release build #13!

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586

SYSTEM

Safe-mode: OFF (not secure)

C:\AmbienteBogota\comments\admin\ drwxrwxrwx
Free 4.15 GB of 39.52 GB (10.49%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: login.php (737 B) -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	C:\AmbienteBogota\comments\admin\login.php
Size	737 B
MD5	479ae82d835121cb527bde57f7db8208
Perms	-rw-rw-rw-
Create time	23/11/2011 11:52:18
Access time	01/10/2012 11:21:36
MODIFY time	23/11/2011 11:52:18

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8
000002D0

3C 3F 70 68 70 20 73 65 73 73 69 6F 6E 5F 73 74 61 72 74 28 29 3B 0D 0A
2F 2A 2A 0D 0A 2A 20 20 43 6F 70 79 72 69 67 68 74 20 32 30 30 38 20 47
72 65 73 74 75 6C 20 47 72 6F 75 70 20 0D 0A 2A 20 20 50 6F 77 65 72 65
64 20 62 79 20 47 72 65 73 74 75 6C 0D 0A 2A 2A 2F 0D 0A 0D 0A 69 6E 63
6C 75 64 65 20 27 69 6E 63 2F 63 6F 6E 66 69 67 2E 70 68 70 27 3B 0D 0A
0D 0A 24 75 73 65 72 6E 61 6D 65 20 3D 20 53 61 66 65 41 64 64 53 6C 61
73 68 65 73 28 24 5F 50 4F 53 54 5B 27 75 73 65 72 6E 61 6D 65 27 5D 29
3B 0D 0A 24 70 61 73 73 63 6F 64 65 20 3D 20 53 61 66 65 41 64 64 53 6C
61 73 68 65 73 28 6D 64 35 28 24 5F 50 4F 53 54 5B 27 70 61 73 73 63 6F
64 65 27 5D 29 29 3B 0D 0A 24 74 69 6D 65 20 3D 20 74 69 6D 65 28 29 3B
0D 0A 24 63 68 65 63 6B 20 3D 20 53 61 66 65 41 64 64 53 6C 61 73 68 65
73 28 24 5F 50 4F 53 54 5B 27 73 65 74 63 6F 6F 6B 69 65 27 5D 29 3B 0D
0A 0D 0A 24 71 75 65 72 79 20 3D 20 22 53 45 4C 45 43 54 20 75 73 65 72
2C 20 70 61 73 73 20 46 52 4F 4D 20 67 72 65 73 74 75 6C 6C 6F 67 69 6E
20 57 48 45 52 45 20 75 73 65 72 20 3D 20 27 24 75 73 65 72 6E 61 6D 65
27 20 41 4E 44 20 70 61 73 73 20 3D 20 27 24 70 61 73 73 63 6F 64 65 27
22 3B 0D 0A 24 72 65 73 75 6C 74 20 3D 20 6D 79 73 71 6C 5F 71 75 65 72
79 28 24 71 75 65 72 79 2C 20 24 64 62 29 3B 0D 0A 69 66 28 6D 79 73 71
6C 5F 6E 75 6D 5F 72 6F 77 73 28 24 72 65 73 75 6C 74 29 29 20 7B 0D 0A
24 5F 53 45 53 53 49 4F 4E 5B 27 6C 6F 67 67 65 64 69 6E 27 5D 20 3D 20
31 3B 0D 0A 09 69 66 28 24 63 68 65 63 6B 29 20 7B 0D 0A 09 73 65 74 63
6F 6F 6B 69 65 28 22 67 72 65 73 74 75 6C 5B 75 73 65 72 6E 61 6D 65 5D
22 2C 20 24 75 73 65 72 6E 61 6D 65 2C 20 24 74 69 6D 65 20 2B 20 33 36
30 30 29 3B 0D 0A 09 73 65 74 63 6F 6F 6B 69 65 28 22 67 72 65 73 74 75
6C 5B 70 61 73 73 63 6F 64 65 5D 22 2C 20 24 70 61 73 73 63 6F 64 65 2C
20 24 74 69 6D 65 20 2B 20 33 36 30 30 29 3B 0D 0A 7D 0D 0A 20 20 20 68
65 61 64 65 72 28 27 4C 6F 63 61 74 69 6F 6E 3A 20 68 6F 6D 65 2E 70 68
70 27 29 3B 0D 0A 20 20 20 65 78 69 74 28 29 3B 0D 0A 7D 0D 0A 65 6C 73
65 20 7B 0D 0A 20 20 20 68 65 61 64 65 72 28 27 4C 6F 63 61 74 69 6F 6E
3A 20 69 6E 64 65 78 2E 70 68 70 3F 69 6E 76 3D 31 27 29 3B 0D 0A 20 20
20 65 78 69 74 28 29 3B 0D 0A 7D 0D 0A 3F 3E 0D 0A

<?php session_start();
/**  *  Copyright 2008 G
restul Group   *  Powere
d by Grestul  **/    inc
lude 'inc/config.php';
  $username = SafeAddSla
shes($_POST['username'])
;  $passcode = SafeAddSl
ashes(md5($_POST['passco
de']));  $time = time();
  $check = SafeAddSlashe
s($_POST['setcookie']);
   $query = "SELECT user
, pass FROM grestullogin
WHERE user = '$username
' AND pass = '$passcode'
";  $result = mysql_quer
y($query, $db);  if(mysq
l_num_rows($result)) {
$_SESSION['loggedin'] =
1;   if($check) {   setc
ookie("grestul[username]
", $username, $time + 36
00);   setcookie("grestu
l[passcode]", $passcode,
$time + 3600);  }     h
eader('Location: home.ph
p');     exit();  }  els
e {     header('Location
: index.php?inv=1');
exit();  }  ?>

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--