!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\cumbre\cumbreclima\wp-content\plugins\slideshow-jquery-image-gallery\classes\   drwxrwxrwx
Free 4.06 GB of 39.52 GB (10.27%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     SlideshowPluginSecurity.php (5.64 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
 * The SlideshowPluginSecurity class contains functions for sanitizing in- and output.
 *
 * @since 2.1.16
 * @author Stefan Boonstra
 */
class SlideshowPluginSecurity
{
    
/**
     * @since 2.1.16
     * @var array List of allowed element tags
     */
    
private static $allowedElements = array(
        
'b'      => array('endTag' => true'attributes' => 'default'),
        
'br'     => array('endTag' => false),
        
'div'    => array('endTag' => true'attributes' => 'default'),
        
'h1'     => array('endTag' => true'attributes' => 'default'),
        
'h2'     => array('endTag' => true'attributes' => 'default'),
        
'h3'     => array('endTag' => true'attributes' => 'default'),
        
'h4'     => array('endTag' => true'attributes' => 'default'),
        
'h5'     => array('endTag' => true'attributes' => 'default'),
        
'h6'     => array('endTag' => true'attributes' => 'default'),
        
'i'      => array('endTag' => true'attributes' => 'default'),
        
'li'     => array('endTag' => true'attributes' => 'default'),
        
'ol'     => array('endTag' => true'attributes' => 'default'),
        
'p'      => array('endTag' => true'attributes' => 'default'),
        
'span'   => array('endTag' => true'attributes' => 'default'),
        
'strong' => array('endTag' => true'attributes' => 'default'),
        
'sub'    => array('endTag' => true'attributes' => 'default'),
        
'sup'    => array('endTag' => true'attributes' => 'default'),
        
'table'  => array('endTag' => true'attributes' => 'default'),
        
'tbody'  => array('endTag' => true'attributes' => 'default'),
        
'td'     => array('endTag' => true'attributes' => 'default'),
        
'tfoot'  => array('endTag' => true'attributes' => 'default'),
        
'th'     => array('endTag' => true'attributes' => 'default'),
        
'thead'  => array('endTag' => true'attributes' => 'default'),
        
'tr'     => array('endTag' => true'attributes' => 'default'),
        
'ul'     => array('endTag' => true'attributes' => 'default')
    );

    
/**
     * @since 2.1.16
     * @var array List of attributes allowed in the tags
     */
    
private static $defaultAllowedAttributes = array(
        
'class',
        
'id',
        
'style'
    
);

    
/**
     * Similar to the htmlspecialchars($text) function, except this function
     * allows the exceptions defined in this class.
     *
     * @since 2.1.16
     */
    
static function htmlspecialchars_allow_exceptions($text)
    {
        
$text htmlspecialchars(htmlspecialchars_decode($text));

        
$allowedElements self::$allowedElements;

        
// Loop through allowed elements decoding their HTML special chars and allowed attributes.
        
if (is_array($allowedElements) &&
            
count($allowedElements) > 0)
        {
            foreach (
$allowedElements as $element => $attributes)
            {
                
$position 0;

                while ((
$position stripos($text$element$position)) !== false// While element tags found
                
{
                    
$openingTag        '<';
                    
$encodedOpeningTag htmlspecialchars($openingTag);

                    if (
substr($text$position strlen($encodedOpeningTag), strlen($encodedOpeningTag)) == $encodedOpeningTag// Check if an opening tag '<' can be found before the tag name
                    
{
                        
// Replace encoded opening tag
                        
$text      substr_replace($text'<'$position strlen($encodedOpeningTag), strlen($encodedOpeningTag));
                        
$position -= strlen($encodedOpeningTag) - strlen($openingTag);

                        
// Get the position of the first element closing tag
                        
$closingTag         '>';
                        
$encodedClosingTag  htmlspecialchars($closingTag);
                        
$closingTagPosition stripos($text$encodedClosingTag$position);

                        
// Replace encoded closing tag
                        
if ($closingTagPosition !== false)
                        {
                            
$text substr_replace($text'>'$closingTagPositionstrlen($encodedClosingTag));
                        }

                        
$elementAttributes null;

                        if (isset(
$attributes['attributes']) && is_array($attributes['attributes']))
                        {
                            
$elementAttributes $attributes['attributes'];
                        }
                        elseif (isset(
$attributes['attributes']) && $attributes['attributes'] == 'default')
                        {
                            
$elementAttributes self::$defaultAllowedAttributes;
                        }
                        else
                        {
                            continue;
                        }

                        if (!
is_array($elementAttributes))
                        {
                            continue;
                        }

                        
$tagText substr($text$position$closingTagPosition $position);

                        
// Decode allowed attributes
                        
foreach ($elementAttributes as $attribute)
                        {
                            
$attributeOpener $attribute '=' htmlspecialchars('"');

                            
$attributePosition 0;

                            if ((
$attributePosition stripos($tagText$attributeOpener$attributePosition)) !== false// Attribute was found
                            
{
                                
$attributeClosingPosition 0;

                                if ((
$attributeClosingPosition stripos($tagTexthtmlspecialchars('"'), $attributePosition strlen($attributeOpener))) === false// If no closing position of attribute was found, skip.
                                
{
                                    continue;
                                }

                                
// Open the attribute
                                
$tagText str_ireplace($attributeOpener$attribute '="'$tagText);

                                
// Close the attribute
                                
$attributeClosingPosition -= strlen($attributeOpener) - strlen($attribute '="');
                                
$tagText                   substr_replace($tagText'"'$attributeClosingPositionstrlen(htmlspecialchars('"')));
                            }

                        }

                        
// Put the attributes of the tag back in place
                        
$text substr_replace($text$tagText$position$closingTagPosition $position);
                    }

                    
$position++;
                }

                
// Decode closing tags
                
if (isset($attributes['endTag']) && $attributes['endTag'])
                {
                    
$text str_ireplace(htmlspecialchars('</' $element '>'), '</' $element '>'$text);
                }
            }
        }

        return 
$text;
    }
}

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--