!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\xampp\xampp\htdocs\jaime\Xcode\WebPageElements\   drwxrwxrwx
Free 4.97 GB of 239.26 GB (2.08%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     11.php (994 B)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
// Include the MySQL class
require_once('Database/MySQL.php');

$host='localhost';   // Hostname of MySQL server
$dbUser='harryf';    // Username for MySQL
$dbPass='secret';    // Password for user
$dbName='sitepoint'// Database name

// Instantiate the MySQL class
$db=& new MySQL($host,$dbUser,$dbPass,$dbName);

// If there's not image, die
if ( !isset($_GET['id']) )
    die ('No image selected');

// Escape the string, for good practice
$_GET['id']=mysql_real_escape_string($_GET['id']);

// An SQL statement to get the contents and MIME type of the image
$sql="SELECT * FROM image WHERE image_id='".$_GET['id']."'";

// Fetch the data
$result=$db->query($sql);
$row=$result->fetch();

// Use a header to tell the browser what MIME type the image is
header('content-disposition: inline; filename=' $row['name']);
header('content-type: '.$row['type']);
header('content-length: ' $row['size']);

// Display the contents
echo $row['contents'];
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--