!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\dmz\php\pear\PhpDocumentor\phpDocumentor\Smarty-2.6.0\libs\core\   drwxrwxrwx
Free 4.09 GB of 39.52 GB (10.36%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     core.is_secure.php (1.65 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
 * Smarty plugin
 * @package Smarty
 * @subpackage plugins
 */

/**
 * determines if a resource is secure or not.
 *
 * @param string $resource_type
 * @param string $resource_name
 * @return boolean
 */

//  $resource_type, $resource_name

function smarty_core_is_secure($params, &$smarty)
{
    static 
$check_template_dir true;

    if (!
$smarty->security || $smarty->security_settings['INCLUDE_ANY']) {
        return 
true;
    }

    
$_smarty_secure false;
    if (
$params['resource_type'] == 'file') {
        if(
$check_template_dir) {
            if (!
in_array($smarty->template_dir$smarty->secure_dir))
                
// add template_dir to secure_dir array
                
array_unshift($smarty->secure_dir$smarty->template_dir);
            
$check_template_dir false;
        }
        if (!empty(
$smarty->secure_dir)) {
            
$_rp realpath($params['resource_name']);
            foreach ((array)
$smarty->secure_dir as $curr_dir) {
                if ( !empty(
$curr_dir) && is_readable ($curr_dir)) {
                    
$_cd realpath($curr_dir);
                    if (
strncmp($_rp$_cdstrlen($_cd)) == 0
                        
&& $_rp{strlen($_cd)} == DIRECTORY_SEPARATOR ) {
                        
$_smarty_secure true;
                        break;
                    }
                }
            }
        }
    } else {
        
// resource is not on local file system
        
$_smarty_secure call_user_func_array(
            
$smarty->_plugins['resource'][$params['resource_type']][0][2],
            array(
$params['resource_name'], &$_smarty_secure, &$smarty));
    }

    return 
$_smarty_secure;
}

/* vim: set expandtab: */

?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--