!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\xampp\xampp\htdocs\jaime\blog\   drwxrwxrwx
Free 792.6 MB of 239.26 GB (0.32%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     delete.php (2.27 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?PHP

$un $_COOKIE['user'];
    if(strlen($un)==0)
    {
        header("Location: index.php");
exit();
    }

$whichTo $_POST['whichToDelete'];

//start hte reading process,
//go down the line adding to a new array list each item
//if it has a "<" sign in it count+1
//if count = whichTo number
//skip it
//add every other array
//send it all to a strink
$count 0;
//$tempArray[];
if($myFile fopen("blog.xml","r"))
{
    $myFile file("blog.xml");
    $length sizeof($myFile);
    for($i=0;$i<($length);$i++)
    {
        $myString " " $myFile[$i];
        $tester="<blog";        
        $pos strpos($myString,$tester);
        if($pos !== false)
        {
            $count++;
            if($count != $whichTo)
            {
                $tempArray[] = $myFile[$i];
            }
            else //if it has writing after the line ---- delete that too
            {
                //make sure it get everthing after it
            }
            
        }
        else
        {
            $tempArray[] = $myFile[$i];
        }
        
    }
    
}

if($myFile fopen("blog.xml","w"))//this time write the file
{
    for($i=0;$i<($length);$i++)
    {
        $finalString .= $tempArray[$i];
    }
    fwrite($myFile,$finalString);
    $sentOk1 true;
}

        $number $_POST['whichToDelete'];
        $number -= 1;
        $myString "";
        $xml simplexml_load_file('comments.xml');
        $entries $xml->entry;
        $myString .= "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?>";
        $myString .= "\n";
        $myString .= "<comments>\n";
        for($i=0;$i<sizeof($entries);$i++){    
            if($i != $number){
                $comments $xml->entry[$i]->comment;
                $myString .= "<entry>\n";
                    for($r=0;$r<sizeof($comments);$r++){
                        $myString .= "<comment>";
                        $string = (string)$xml->entry[$i]->comment[$r];    
                        $string str_replace("&","&amp;",$string);
                        $string str_replace("%","&#37;",$string);
                        $string str_replace("<","&lt;",$string);
                        $string str_replace(">","&gt;",$string);
                        $string str_replace("'","&apos;",$string);
                        $string str_replace("\"","&quot;",$string);
                        $myString .= $string;
                        $myString .= "</comment>\n";
                    }
                    $myString .= "</entry>\n";    
                }
                
            }    
        $myString .= "</comments>";
        if($myFile fopen("comments.xml","w"))
        {
            fwrite($myFile,$myString);
            $sentOk2 true;
        }
        
        if($sentOk1 && sentOk2){
            echo "sentOk=true&testing=123";
        }


?>


:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--