!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Users\DMZ\Desktop\cumbreclima\wp-admin\   drwxrwxrwx
Free 4.1 GB of 39.52 GB (10.37%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     update.php (9.93 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
 * Update/Install Plugin/Theme administration panel.
 *
 * @package WordPress
 * @subpackage Administration
 */

if ( ! defined'IFRAME_REQUEST' ) && isset( $_GET['action'] ) && in_array$_GET['action'], array( 'update-selected''activate-plugin''update-selected-themes' ) ) )
    
define'IFRAME_REQUEST'true );

/** WordPress Administration Bootstrap */
require_once( dirname__FILE__ ) . '/admin.php' );

include_once( 
ABSPATH 'wp-admin/includes/class-wp-upgrader.php' );

if ( isset(
$_GET['action']) ) {
    
$plugin = isset($_REQUEST['plugin']) ? trim($_REQUEST['plugin']) : '';
    
$theme = isset($_REQUEST['theme']) ? urldecode($_REQUEST['theme']) : '';
    
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';

    if ( 
'update-selected' == $action ) {
        if ( ! 
current_user_can'update_plugins' ) )
            
wp_die__'You do not have sufficient permissions to update plugins for this site.' ) );

        
check_admin_referer'bulk-update-plugins' );

        if ( isset( 
$_GET['plugins'] ) )
            
$plugins explode','stripslashes($_GET['plugins']) );
        elseif ( isset( 
$_POST['checked'] ) )
            
$plugins = (array) $_POST['checked'];
        else
            
$plugins = array();

        
$plugins array_map('urldecode'$plugins);

        
$url 'update.php?action=update-selected&amp;plugins=' urlencode(implode(','$plugins));
        
$nonce 'bulk-update-plugins';

        
wp_enqueue_script'updates' );
        
iframe_header();

        
$upgrader = new Plugin_Upgrader( new Bulk_Plugin_Upgrader_Skincompact'nonce''url' ) ) );
        
$upgrader->bulk_upgrade$plugins );

        
iframe_footer();

    } elseif ( 
'upgrade-plugin' == $action ) {
        if ( ! 
current_user_can('update_plugins') )
            
wp_die(__('You do not have sufficient permissions to update plugins for this site.'));

        
check_admin_referer('upgrade-plugin_' $plugin);

        
$title __('Update Plugin');
        
$parent_file 'plugins.php';
        
$submenu_file 'plugins.php';

        
wp_enqueue_script'updates' );
        require_once(
ABSPATH 'wp-admin/admin-header.php');

        
$nonce 'upgrade-plugin_' $plugin;
        
$url 'update.php?action=upgrade-plugin&plugin=' urlencode$plugin );

        
$upgrader = new Plugin_Upgrader( new Plugin_Upgrader_Skincompact('title''nonce''url''plugin') ) );
        
$upgrader->upgrade($plugin);

        include(
ABSPATH 'wp-admin/admin-footer.php');

    } elseif (
'activate-plugin' == $action ) {
        if ( ! 
current_user_can('update_plugins') )
            
wp_die(__('You do not have sufficient permissions to update plugins for this site.'));

        
check_admin_referer('activate-plugin_' $plugin);
        if ( ! isset(
$_GET['failure']) && ! isset($_GET['success']) ) {
            
wp_redirectadmin_url('update.php?action=activate-plugin&failure=true&plugin=' urlencode$plugin ) . '&_wpnonce=' $_GET['_wpnonce']) );
            
activate_plugin$plugin'', ! empty( $_GET['networkwide'] ), true );
            
wp_redirectadmin_url('update.php?action=activate-plugin&success=true&plugin=' urlencode$plugin ) . '&_wpnonce=' $_GET['_wpnonce']) );
            die();
        }
        
iframe_header__('Plugin Reactivation'), true );
        if ( isset(
$_GET['success']) )
            echo 
'<p>' __('Plugin reactivated successfully.') . '</p>';

        if ( isset(
$_GET['failure']) ){
            echo 
'<p>' __('Plugin failed to reactivate due to a fatal error.') . '</p>';

            
error_reportingE_CORE_ERROR E_CORE_WARNING E_COMPILE_ERROR E_ERROR E_WARNING E_PARSE E_USER_ERROR E_USER_WARNING E_RECOVERABLE_ERROR );
            @
ini_set('display_errors'true); //Ensure that Fatal errors are displayed.
            
wp_register_plugin_realpathWP_PLUGIN_DIR '/' $plugin );
            include( 
WP_PLUGIN_DIR '/' $plugin );
        }
        
iframe_footer();
    } elseif ( 
'install-plugin' == $action ) {

        if ( ! 
current_user_can('install_plugins') )
            
wp_die__'You do not have sufficient permissions to install plugins on this site.' ) );

        include_once( 
ABSPATH 'wp-admin/includes/plugin-install.php' ); //for plugins_api..

        
check_admin_referer('install-plugin_' $plugin);
        
$api plugins_api('plugin_information', array('slug' => $plugin'fields' => array('sections' => false) ) ); //Save on a bit of bandwidth.

        
if ( is_wp_error($api) )
             
wp_die($api);

        
$title __('Plugin Install');
        
$parent_file 'plugins.php';
        
$submenu_file 'plugin-install.php';
        require_once(
ABSPATH 'wp-admin/admin-header.php');

        
$title sprintf__('Installing Plugin: %s'), $api->name ' ' $api->version );
        
$nonce 'install-plugin_' $plugin;
        
$url 'update.php?action=install-plugin&plugin=' urlencode$plugin );
        if ( isset(
$_GET['from']) )
            
$url .= '&from=' urlencode(stripslashes($_GET['from']));

        
$type 'web'//Install plugin type, From Web or an Upload.

        
$upgrader = new Plugin_Upgrader( new Plugin_Installer_Skincompact('title''url''nonce''plugin''api') ) );
        
$upgrader->install($api->download_link);

        include(
ABSPATH 'wp-admin/admin-footer.php');

    } elseif ( 
'upload-plugin' == $action ) {

        if ( ! 
current_user_can'upload_plugins' ) ) {
            
wp_die__'You do not have sufficient permissions to install plugins on this site.' ) );
        }

        
check_admin_referer('plugin-upload');

        
$file_upload = new File_Upload_Upgrader('pluginzip''package');

        
$title __('Upload Plugin');
        
$parent_file 'plugins.php';
        
$submenu_file 'plugin-install.php';
        require_once(
ABSPATH 'wp-admin/admin-header.php');

        
$title sprintf__('Installing Plugin from uploaded file: %s'), esc_htmlbasename$file_upload->filename ) ) );
        
$nonce 'plugin-upload';
        
$url add_query_arg(array('package' => $file_upload->id), 'update.php?action=upload-plugin');
        
$type 'upload'//Install plugin type, From Web or an Upload.

        
$upgrader = new Plugin_Upgrader( new Plugin_Installer_Skincompact('type''title''nonce''url') ) );
        
$result $upgrader->install$file_upload->package );

        if ( 
$result || is_wp_error($result) )
            
$file_upload->cleanup();

        include(
ABSPATH 'wp-admin/admin-footer.php');

    } elseif ( 
'upgrade-theme' == $action ) {

        if ( ! 
current_user_can('update_themes') )
            
wp_die(__('You do not have sufficient permissions to update themes for this site.'));

        
check_admin_referer('upgrade-theme_' $theme);

        
wp_enqueue_script'customize-loader' );
        
wp_enqueue_script'updates' );

        
$title __('Update Theme');
        
$parent_file 'themes.php';
        
$submenu_file 'themes.php';
        require_once(
ABSPATH 'wp-admin/admin-header.php');

        
$nonce 'upgrade-theme_' $theme;
        
$url 'update.php?action=upgrade-theme&theme=' urlencode$theme );

        
$upgrader = new Theme_Upgrader( new Theme_Upgrader_Skincompact('title''nonce''url''theme') ) );
        
$upgrader->upgrade($theme);

        include(
ABSPATH 'wp-admin/admin-footer.php');
    } elseif ( 
'update-selected-themes' == $action ) {
        if ( ! 
current_user_can'update_themes' ) )
            
wp_die__'You do not have sufficient permissions to update themes for this site.' ) );

        
check_admin_referer'bulk-update-themes' );

        if ( isset( 
$_GET['themes'] ) )
            
$themes explode','stripslashes($_GET['themes']) );
        elseif ( isset( 
$_POST['checked'] ) )
            
$themes = (array) $_POST['checked'];
        else
            
$themes = array();

        
$themes array_map('urldecode'$themes);

        
$url 'update.php?action=update-selected-themes&amp;themes=' urlencode(implode(','$themes));
        
$nonce 'bulk-update-themes';

        
wp_enqueue_script'updates' );
        
iframe_header();

        
$upgrader = new Theme_Upgrader( new Bulk_Theme_Upgrader_Skincompact'nonce''url' ) ) );
        
$upgrader->bulk_upgrade$themes );

        
iframe_footer();
    } elseif ( 
'install-theme' == $action ) {

        if ( ! 
current_user_can('install_themes') )
            
wp_die__'You do not have sufficient permissions to install themes on this site.' ) );

        include_once( 
ABSPATH 'wp-admin/includes/class-wp-upgrader.php' ); //for themes_api..

        
check_admin_referer'install-theme_' $theme );
        
$api themes_api('theme_information', array('slug' => $theme'fields' => array('sections' => false'tags' => false) ) ); //Save on a bit of bandwidth.

        
if ( is_wp_error($api) )
             
wp_die($api);

        
wp_enqueue_script'customize-loader' );

        
$title __('Install Themes');
        
$parent_file 'themes.php';
        
$submenu_file 'themes.php';
        require_once(
ABSPATH 'wp-admin/admin-header.php');

        
$title sprintf__('Installing Theme: %s'), $api->name ' ' $api->version );
        
$nonce 'install-theme_' $theme;
        
$url 'update.php?action=install-theme&theme=' urlencode$theme );
        
$type 'web'//Install theme type, From Web or an Upload.

        
$upgrader = new Theme_Upgrader( new Theme_Installer_Skincompact('title''url''nonce''plugin''api') ) );
        
$upgrader->install($api->download_link);

        include(
ABSPATH 'wp-admin/admin-footer.php');

    } elseif ( 
'upload-theme' == $action ) {

        if ( ! 
current_user_can'upload_themes' ) ) {
            
wp_die__'You do not have sufficient permissions to install themes on this site.' ) );
        }

        
check_admin_referer('theme-upload');

        
$file_upload = new File_Upload_Upgrader('themezip''package');

        
wp_enqueue_script'customize-loader' );

        
$title __('Upload Theme');
        
$parent_file 'themes.php';
        
$submenu_file 'theme-install.php';

        require_once(
ABSPATH 'wp-admin/admin-header.php');

        
$title sprintf__('Installing Theme from uploaded file: %s'), esc_htmlbasename$file_upload->filename ) ) );
        
$nonce 'theme-upload';
        
$url add_query_arg(array('package' => $file_upload->id), 'update.php?action=upload-theme');
        
$type 'upload'//Install plugin type, From Web or an Upload.

        
$upgrader = new Theme_Upgrader( new Theme_Installer_Skincompact('type''title''nonce''url') ) );
        
$result $upgrader->install$file_upload->package );

        if ( 
$result || is_wp_error($result) )
            
$file_upload->cleanup();

        include(
ABSPATH 'wp-admin/admin-footer.php');

    } else {
        
/**
         * Fires when a custom plugin or theme update request is received.
         *
         * The dynamic portion of the hook name, `$action`, refers to the action
         * provided in the request for wp-admin/update.php. Can be used to
         * provide custom update functionality for themes and plugins.
         *
         * @since 2.8.0
         */
        
do_action"update-custom_{$action});
    }
}

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--