!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\xampp\xampp\htdocs\jaime\wordpress\   drwxrwxrwx
Free 7.97 GB of 239.26 GB (3.33%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     wp-comments-post.php (2.23 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
require( dirname(__FILE__) . '/wp-config.php' );

nocache_headers();

$comment_post_ID = (int) $_POST['comment_post_ID'];

$status $wpdb->get_row("SELECT post_status, comment_status FROM $wpdb->posts WHERE ID = '$comment_post_ID'");

if ( empty($status->comment_status) ) {
    do_action('comment_id_not_found'$comment_post_ID);
    exit;
} elseif ( 'closed' ==  $status->comment_status ) {
    do_action('comment_closed'$comment_post_ID);
    die( __('Sorry, comments are closed for this item.') );
} elseif ( 'draft' == $status->post_status ) {
    do_action('comment_on_draft'$comment_post_ID);
    exit;
}

$comment_author       trim($_POST['author']);
$comment_author_email trim($_POST['email']);
$comment_author_url   trim($_POST['url']);
$comment_content      trim($_POST['comment']);

// If the user is logged in
get_currentuserinfo();
if ( $user_ID ) :
    $comment_author       $wpdb->escape($user_identity);
    $comment_author_email $wpdb->escape($user_email);
    $comment_author_url   $wpdb->escape($user_url);
else :
    if ( get_option('comment_registration') )
        die( __('Sorry, you must be logged in to post a comment.') );
endif;

$comment_type '';

if ( get_settings('require_name_email') && !$user_ID ) {
    if ( strlen($comment_author_email) || '' == $comment_author )
        die( __('Error: please fill the required fields (name, email).') );
    elseif ( !is_email($comment_author_email))
        die( __('Error: please enter a valid email address.') );
}

if ( '' == $comment_content )
    die( __('Error: please type a comment.') );

$commentdata compact('comment_post_ID''comment_author''comment_author_email''comment_author_url''comment_content''comment_type''user_ID');

wp_new_comment$commentdata );

if ( !$user_ID ) :
    setcookie('comment_author_' COOKIEHASHstripslashes($comment_author), time() + 30000000COOKIEPATHCOOKIE_DOMAIN);
    setcookie('comment_author_email_' COOKIEHASHstripslashes($comment_author_email), time() + 30000000COOKIEPATHCOOKIE_DOMAIN);
    setcookie('comment_author_url_' COOKIEHASHstripslashes($comment_author_url), time() + 30000000COOKIEPATHCOOKIE_DOMAIN);
endif;

$location = ( empty( $_POST['redirect_to'] ) ) ? get_permalink$comment_post_ID ) : $_POST['redirect_to']; 

wp_redirect$location );

?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0468 ]--