!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Intranet\C\xampp\htdocs\php\OAB\   drwxrwxrwx
Free 4.1 GB of 39.52 GB (10.37%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     a.php (3.87 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php require_once('../Connections/OA.php'); ?>
<?php
mysql_select_db
($database_OA$OA);
$query_rsnivel1 "select idnivel1, nombre from nivel1 order by orden";
$rsnivel1 mysql_query($query_rsnivel1$OA) or die(mysql_error());
$row_rsnivel1 mysql_fetch_assoc($rsnivel1);
$totalRows_rsnivel1 mysql_num_rows($rsnivel1);

$n1_rsnivel2 "0";
if (isset(
$n1)) {
  
$n1_rsnivel2 = (get_magic_quotes_gpc()) ? $n1 addslashes($n1);
}
mysql_select_db($database_OA$OA);
$query_rsnivel2 sprintf("select idnivel2, nombre from nivel2 where idnivel1=%s order by orden"$n1_rsnivel2);
$rsnivel2 mysql_query($query_rsnivel2$OA) or die(mysql_error());
$row_rsnivel2 mysql_fetch_assoc($rsnivel2);
$totalRows_rsnivel2 mysql_num_rows($rsnivel2);

$n2_rsnivel3 "0";
if (isset(
$n2)) {
  
$n2_rsnivel3 = (get_magic_quotes_gpc()) ? $n2 addslashes($n2);
}
mysql_select_db($database_OA$OA);
$query_rsnivel3 sprintf("select idnivel3, nombre from nivel3 where idnivel2=%s order by orden"$n2_rsnivel3);
$rsnivel3 mysql_query($query_rsnivel3$OA) or die(mysql_error());
$row_rsnivel3 mysql_fetch_assoc($rsnivel3);
$totalRows_rsnivel3 mysql_num_rows($rsnivel3);

$n3_rsnivel4 "0";
if (isset(
$n3)) {
  
$n3_rsnivel4 = (get_magic_quotes_gpc()) ? $n3 addslashes($n3);
}
mysql_select_db($database_OA$OA);
$query_rsnivel4 sprintf("select idnivel4, nombre from nivel4 where idnivel3=%s order by orden"$n3_rsnivel4);
$rsnivel4 mysql_query($query_rsnivel4$OA) or die(mysql_error());
$row_rsnivel4 mysql_fetch_assoc($rsnivel4);
$totalRows_rsnivel4 mysql_num_rows($rsnivel4);
?>
<html>
<head>
<title>Documento sin t&iacute;tulo</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/JavaScript">
<!--
function MM_reloadPage(init) {  //reloads the window if Nav4 resized
  if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
    document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
  else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
}
MM_reloadPage(true);
//-->
</script>
</head>

<body>
<div id="Layer1" style="position:absolute; left:0px; top:20px; width:150px; height:438px; z-index:1">
  <?php do { ?>
  <a href="a.php?n1=<?php echo $row_rsnivel1['idnivel1']; ?>"><?php echo $row_rsnivel1['nombre']; ?></a><br>
  <?php } while ($row_rsnivel1 mysql_fetch_assoc($rsnivel1)); ?> 
</div>
<?php if ($totalRows_rsnivel4 0) { // Show if recordset not empty ?>
<div id="Layer4" style="position:absolute; left:667px; top:22px; width:232px; height:430px; z-index:4"> 
  <?php do { ?>
  <?php echo $row_rsnivel4['nombre']; ?><br>
  <?php } while ($row_rsnivel4 mysql_fetch_assoc($rsnivel4)); ?>
</div>
<?php // Show if recordset not empty ?>
<?php 
if ($totalRows_rsnivel3 0) { // Show if recordset not empty ?>
<div id="Layer3" style="position:absolute; left:408px; top:22px; width:251px; height:432px; z-index:3"> 
  <?php do { ?>
  <a href="a.php?n1=<? echo $n1?>&n2=<? echo $n2?>&n3=<?php echo $row_rsnivel3['idnivel3']; ?>"><?php echo $row_rsnivel3['nombre']; ?></a><br>
  <?php } while ($row_rsnivel3 mysql_fetch_assoc($rsnivel3)); ?>
</div>
<?php // Show if recordset not empty ?>
<?php 
if ($totalRows_rsnivel2 0) { // Show if recordset not empty ?>
<div id="Layer2" style="position:absolute; left:165px; top:21px; width:234px; height:436px; z-index:2"> 
  <?php do { ?>
  <a href="a.php?n1=<? echo $n1?>&n2=<?php echo $row_rsnivel2['idnivel2']; ?>"><?php echo $row_rsnivel2['nombre']; ?></a><br>
  <?php } while ($row_rsnivel2 mysql_fetch_assoc($rsnivel2)); ?>
</div>
<?php // Show if recordset not empty ?>
</body>
</html>
<?php
mysql_free_result
($rsnivel1);

mysql_free_result($rsnivel2);

mysql_free_result($rsnivel3);

mysql_free_result($rsnivel4);
?>


:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--