!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!

Software: nginx/1.23.4. PHP/5.6.40-65+ubuntu20.04.1+deb.sury.org+1 

uname -a: Linux foro-restaurado-2 5.15.0-1040-oracle #46-Ubuntu SMP Fri Jul 14 21:47:21 UTC 2023
aarch64
 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/home/wwwroot/frames/   drwxrwxr-x
Free 83.3 GB of 96.73 GB (86.12%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     mirror_operation.php (4.79 KB)      -rw-rw-r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/*
include("class.htmlparser.php");
include("class.http_client.php");
include("class.xmlizar.php");
*/

//include("./classes/encdec.php");
 
include("./classes/class.encriptacion.php"); 

include(
"./conn.php");  
$key="w2kpro";
  


// esta es una prueba. 

// primero, vemos la encriptacion de la suma de cadenas en plano $task(tarea)."-".tim(timestamp)."-"$ver(id_book) contrastato contra la clave "base"
// base es el encriptado de la suma esos request ya desencriptados en plano!

if ( !$_REQUEST['ver'] or !$_REQUEST['base'] or !$_REQUEST['task'] or !$_REQUEST['tim'] or !$_REQUEST['params']){
echo 
xml_cabecera()."<error>Introduzca parametros correctos</error>".xml_pie();
die();
}

$descry=new desencriptacion($_REQUEST['ver'],$_REQUEST['base'],$_REQUEST['tim'],$_REQUEST['task'],$_REQUEST['params']);



 
$cadenaplana="$descry->ver-$descry->task-$descry->params-$descry->tim";
 
 
$dec=new encdec();
                         
$base_real=$dec->encrypt($cadenaplana,$key);
                         
 unset(
$dec); 
 
  

      
 echo 
xml_cabecera();
 
 if (
$base_real<>$_REQUEST['base']){
         echo 
"<resultado>error</resultado>";
       echo 
"<error>fault redundance code 3412</error>";
       echo 
xml_pie(); 
        die();
 }
/*       
 echo "<id>$descry->ver</id>\n";
 echo "<task>$descry->task</task>\n";  
 echo "<params>$descry->params</params>\n";
 echo "<timestamp>$descry->tim</timestamp>\n";  
  */ 
 
 
 
 // ya tenemos los datos que necesitamos
 
 
switch($descry->task){
      case 
"sql":
                  
$sql=$descry->params;
                  @
$res=mysql_query($sql,$conn);
                  if (
mysql_error()){   
                      
error_mysql();
                  }else{
                        echo 
"<resultado>OK</resultado>";
                        echo
"<timestamp_ok>$descry->tim</timestamp_ok>"
                        echo
"<id_ok>$descry->ver</id_ok>";
                 }
                                 
                   break;
                   
     case 
"sql_fetch"
    
                 
$sql=$descry->params;
                  @
$res=mysql_query($sql,$conn);
                  if (
mysql_error()){
                      
error_mysql();
                      
                }else{
                     
$i=0;
                     
$arrayfields=array();
                     
$arraytype=array();
                    while (
$i mysql_num_fields($res)) {
                     
$metamysql_fetch_field($res$i);
                     
//print_r($meta);
                        
$arrayfields[].=$meta->name;
                        
$arraytype[].=$meta->type;
                     
$i++;
                    }
                    
                     
//echo "<result>OK</result>\n";
                    
echo "<resultado>\n";
                    while(
$row=mysql_fetch_array($res)){
                        echo 
"<registro>\n";
                        foreach (
$arrayfields as $key=>$valor ){
                            echo 
"<valor_campo>\n";
                        echo 
"<field>{$arrayfields[$key]}</field>";
                        echo 
"<type>{$arraytype[$key]}</type>";
                        echo 
"<valor>".utf8_encode($row[$valor])."</valor>";
                        echo 
"</valor_campo>"
                        }
                        echo 
"</registro>"
                        
                        
                    }
                    echo 
"</resultado>";
                      
                }
                
                
                break;

                    
                    
                    
//while ($row=mysql_fetch_array($res){
                        
                        
                      
                      
 
      
default:
                   echo 
"<result>error</result>";
                   echo 
"<error>tarea $descry->task no contemplada</error>"
 }
      
 
 
// echo xml_pie();  
      
 
 
 
 
 
//if ($ver$doc->decrypt($_REQUEST['base'],$key);  

                                                                                                          
                                                                                                              


//$res=new http_Client("http://papyrefb2.net/frames/entradilla.php","ejemplo=1","http://10.120.64.126:8080");
      





function xml_cabecera(){
    return(
'<?xml version="1.0" encoding="UTF-8"?>'."\n"); 
    }
function 
xml_pie(){
    return(
"\n</xml>"); 
    }
function 
error_mysql(){
echo 
"<resultado>error</resultado>\n";  
 echo 
"<error>".utf8_encode(mysql_error())."</error>";
//echo xml_pie(); 
die();    
}

class 
encdec
{
    private 
$charx;
    private 
$char;

    public function 
decrypt($data,$key)
    {
        
$key=md5($key);
        
$x=0;
        for (
$i=0;$i<strlen($data);$i++)
        {
            if (
$x==strlen($key)) $x=0;
            
$this->char.=substr($key,$x,1);
            
$x++;    
        }
        for (
$i=0;$i<strlen($data);$i++)
        {
            if (
ord(substr($data,$i,1))<ord(substr($this->char,$i,1)))
            {
                
$this->charx.=chr((ord(substr($data,$i,1))+256)-ord(substr($this->char,$i,1)));    
            }
            else 
            {
                
$this->charx.=chr(ord(substr($data,$i,1))-ord(substr($this->char,$i,1)));
            }
        }
        return 
base64_decode($this->charx);
    }
    
    public function 
encrypt($data,$key)
    {
        
$key=md5($key);
        
$data=base64_encode($data);
        
$x=0;
        for (
$i=0;$i<strlen($data);$i++)
        {
            if (
$x==strlen($key)) $x=0;
            
$this->char.=substr($key,$x,1);
            
$x++;    
        }
        for (
$i=0;$i<strlen($data);$i++)
        {
            
$this->charx.=chr(ord(substr($data,$i,1))+(ord(substr($this->char,$i,1)))%256);    
        }
        return 
$this->charx;
    }
}        

  
?>   

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.0 [PHP 7 Update] [25.02.2019] maintained by HackingTool | HackingTool | Generation time: 0.0047 ]--