!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Extranet\phpscripts\   drwxrwxrwx
Free 4.13 GB of 39.52 GB (10.45%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     noticiashw.php (9.97 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$codigosec=5;
require('contar.php');
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Noticias Ambientales del DAMA</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
button {
    font-family: "Times New Roman", Times, serif;
    font-size: 12px;
    color: #000000;
    background-color: #99CCFF;
}
input {
    font-family: "Times New Roman", Times, serif;
    font-size: 14px;
    color: #000000;
    background-color: #E6F2FF;
    border: 1px solid #999999;
}
select {
    font-family: "Times New Roman", Times, serif;
    font-size: 14px;
    color: #000000;
    background-color: #E6F2FF;
}
textarea {
    font-family: "Times New Roman", Times, serif;
    font-size: 14px;
    color: #000000;
    background-color: #E6F2FF;
}
a {
    color: #0099CC;
    text-decoration: none;
}
a:hover {
    color: #0099CC;
    text-decoration: underline;
}<strong></strong>
-->
</style>
</head>

<body text="#000000" link="#0099CC" vlink="#0099CC" alink="#0099CC">
<table width="100%" border="0" cellpadding="5">
  <tr> 
    <td colspan="2"><div align="center"><img src="prensa.gif" width="500" height="113"></div></td>
  </tr>
  <tr> 
    <td width="50%" bgcolor="#000000"><font color="#FFFFFF" size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Esta 
      Semana en el DAMA... </strong></font><font color="#D8EDFC" size="2" face="Verdana, Arial, Helvetica, sans-serif">
      <?php
      $today getdate();
$month $today['month'];
$mday $today['mday'];
$year $today['year'];
echo $mday "/" $month "/" $year;
      ?>
      </font></td>
    <td width="50%" bgcolor="#000000"><font color="#FFFFFF" size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Otras 
      Noticias Ambientales... </strong></font><font color="#D8EDFC" size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;</font></td>
  </tr>
  <tr valign="top"> 
    <td colspan="2"> 
      <table width="100%" border="0" cellspacing="0" cellpadding="2">
        <tr> 
          <td width="50%" valign="top"> 
            <table width="100%" border="0" cellspacing="0" cellpadding="5">
              <tr> 
                <td valign="top"><img src="http://www.dama.gov.co/newhome2/fot.gif" width="144" height="205"></td>
                <td valign="top">
                <?php
          require('conexion3.php');
            $hora getdate();
            $yr $hora["year"];
            $mo $hora["mon"];
            $dy $hora["mday"];
            
            $mo $mo 100;
            $yr $yr 2000;
            $yr $yr 10000;
            $fc $mo $yr;
            $fc1 $fc 100;
            //$fc = $mo + $yr + $dy;
            $consul "SELECT *
            FROM news where titular like '%(f)%' and cat='1'"
            " order by fecha DESC limit 0,1";
            $result mysql_query($consul,$db);
            $num_filas mysql_num_rows($result);
            while ($myrow mysql_fetch_array($result))
            {
            $idacc1 $myrow["id"];
            $descriacc1 $myrow["descri"];
            $catacc1 $myrow["cat"];
            $titularacc1 $myrow["titular"];
            $veri1 substr_count($titularacc1"(f)");
            if ($veri1 == 1) {
            ?>
          <p><font color="#0099CC" size="4" face="Times New Roman, Times, serif"><a href="requirenew3.php?id=<?php echo $idacc1?>"><?php echo $titularacc1?></a></font><font color="#999999" size="4" face="Times New Roman, Times, serif"><br>
              <font size="2"><?php echo $descriacc1?><font face="Verdana, Arial, Helvetica, sans-serif"> 
              </font></font><font color="#000000" size="2"><font face="Verdana, Arial, Helvetica, sans-serif"><br>
              </font></font></font><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="#">M&aacute;s 
              Informaci&oacute;n... </a></font></p>
              <?php
              }}
              ?>
                
                  <p><font color="#0099CC" size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="http://www.dama.gov.co/prensa/presx.htm"><font size="1">&gt;&gt; 
                    Ver Hist&oacute;rico 2002</font></a></font><font color="#999999" size="4" face="Times New Roman, Times, serif"><br>
                    </font></p></td>
              </tr>
            </table> </td>
          <td width="50%" valign="top">
          <?php
          require('conexion3.php');
            $hora getdate();
            $yr $hora["year"];
            $mo $hora["mon"];
            $dy $hora["mday"];
            
            $mo $mo 100;
            $yr $yr 2000;
            $yr $yr 10000;
            $fc $mo $yr;
            $fc1 $fc 100;
            //$fc = $mo + $yr + $dy;
            $consul "SELECT *
            FROM news where fecha>=$fc and fecha<$fc1 and cat='1'"
            " order by fecha DESC";
            $result mysql_query($consul,$db);
            $num_filas mysql_num_rows($result);
            while ($myrow mysql_fetch_array($result))
            {
            $idacc1 $myrow["id"];
            $descriacc1 $myrow["descri"];
            $catacc1 $myrow["cat"];
            $titularacc1 $myrow["titular"];
            $veri1 substr_count($titularacc1"(f)");
            if ($veri1 == 0) {
            ?>
          <p><font color="#0099CC" size="4" face="Times New Roman, Times, serif"><a href="requirenew3.php?id=<?php echo $idacc1?>"><?php echo $titularacc1?></a></font><font color="#999999" size="4" face="Times New Roman, Times, serif"><br>
              <font size="2"><?php echo $descriacc1?><font face="Verdana, Arial, Helvetica, sans-serif"> 
              </font></font><font color="#000000" size="2"><font face="Verdana, Arial, Helvetica, sans-serif"><br>
              </font></font></font><font color="#000000" size="2" face="Verdana, Arial, Helvetica, sans-serif"><a href="#">M&aacute;s 
              Informaci&oacute;n... </a></font></p>
              <?php
              }}
              ?>
            </td>
        </tr>
      </table></td>
  </tr>
  <tr> 
    <td colspan="2"><font color="#999999" size="4" face="Times New Roman, Times, serif">Buscar 
      Noticias:</font></td>
  </tr>
  <tr> 
    <td colspan="2"><form name="form1" method="post" action="requirenew4.php">
        <table width="100%" border="0" cellpadding="5" bgcolor="#E2E2E2">
          <tr bgcolor="#FFFFFF"> 
            <td width="50%">Seleccione el listado de Noticias que desea revisar 
              por mes y a&ntilde;o:</td>
            <td width="50%"><strong> 
              <input name="accion" type="hidden" id="accion" value="1">
              Mes: 
              <select name="mes" id="mes">
                <option value="01">Enero</option>
                <option value="02">Febrero</option>
                <option value="03">Marzo</option>
                <option value="04">Abril</option>
                <option value="05">Mayo</option>
                <option value="06">Junio</option>
                <option value="07">Julio</option>
                <option value="08">Agosto</option>
                <option value="09">Septiembre</option>
                <option value="10">Octubre</option>
                <option value="11">Noviembre</option>
                <option value="12">Diciembre</option>
              </select>
              A&ntilde;o: 
              <select name="ano" id="ano">
                <option value="03">2003</option>
                <option value="04">2004</option>
                <option value="05">2005</option>
                <option value="06">2006</option>
                <option value="07">2007</option>
                <option value="08">2008</option>
                <option value="09">2009</option>
                <option value="10">2010</option>
                <option value="11">2011</option>
                <option value="12">2012</option>
                <option value="13">2013</option>
              </select>
              <input type="submit" name="Submit" value="Buscar...">
              </strong></td>
          </tr>
          <tr bgcolor="#CCCCCC"> 
            <td colspan="2"><strong><font color="#33CCCC">&gt;&gt;</font> Noticias:</strong></td>
          </tr>
          <tr> 
            <td colspan="2"> 
              <?php
            $xtc = isset($accion);
            if ($xtc == true) {
            if ($accion == 1) {
            ?>
              <table width="100%" border="0" cellpadding="5">
                <tr bgcolor="#666666"> 
                  <td width="20%"><strong><font color="#33CCCC">&gt;&gt;</font><font color="#FFFFFF"> 
                    Fecha</font></strong></td>
                  <td width="80%"><strong><font color="#33CCCC">&gt;&gt;</font><font color="#FFFFFF"> 
                    Titular</font></strong></td>
                </tr>
                <?php
            $mes $mes 100;
            $ano $ano 10000;
            $fc $mes $ano;
            $fc1 $fc 100;
            require('conexion3.php');
            $consul "SELECT *
            FROM news where fecha>=$fc and fecha<$fc1";
            $result mysql_query($consul,$db);
            $num_filas mysql_num_rows($result);
            while ($myrow mysql_fetch_array($result))
            {
            $idacc1 $myrow["id"];
            $fechaacc1 $myrow["fecha"];
            $catacc1 $myrow["cat"];
            $titularacc1 $myrow["titular"];
            $trans $fechaacc1;
            require('fechanew.php');
            ?>
                <tr bgcolor="#CCCCCC"> 
                  <td width="20%"><font color="#666666"><?php echo $fechapresentar?></font></td>
                  <td width="80%"><a href="requirenew3.php?id=<?php echo $idacc1?>"><font color="#666666"><?php echo $titularacc1?></font></a></td>
                </tr>
                <?php
            }
            ?>
              </table>
              <?php
            }
            }else{
            echo "Consultar noticias para leer el historial...";
            }
            ?>
            </td>
          </tr>
        </table>
      </form></td>
  </tr>
  <tr> 
    <td colspan="2"></td>
  </tr>
  <tr> 
    <td colspan="2" bgcolor="#000000">&nbsp;</td>
  </tr>
  <tr> 
    <td colspan="2"><font color="#999999" size="2" face="Times New Roman, Times, serif">Cont&aacute;ctenos 
      en: <a href="mailto:prensa@dama.gov.co">prensa@dama.gov.co</a><br>
      Todos los Derechos Reservados para el DAMA<br>
      Departamento T&eacute;cnico Administrativo del Medio Ambiente.<br>
      Subsistema del Sistema de Informaci&oacute;n Ambiental SIA-DAMA<br>
      2003. </font></td>
  </tr>
</table>
<p>&nbsp;</p>
</body>
</html>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--