itce.co.in - c99shell

!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!
Software: nginx/1.24.0. PHP/7.3.32 uname -a: Linux ip-172-31-28-255.ec2.internal 6.1.159-181.297.amzn2023.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Dec 22 22:31:59 UTC 2025 x86_64 Safe-mode: OFF (not secure) /www/wwwroot/itce.co.in/itce.co.in/data/ drwxr-xr-x Free 30.74 GB of 49.93 GB (61.58%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


<?php 

@ini_set("display_errors","1");

@ini_set("display_startup_errors","1");



require_once("include/dbcommon.php");



$shortTable = postvalue("table");

$table = GetTableByShort( $shortTable );

if( !$table )

    exit(0);



$pageName = postvalue('page');

$ptype = postvalue("ptype");

$field = postvalue("field");



if( !Security::userHasFieldPermissions( $table, $field, $ptype, $pageName, true ) )

    return;



$pSet = new ProjectSettings($table, $ptype, $pageName);

//$gQuery = $pSet->getSQLQuery();



$_connection = $cman->byTable( $table );    

    

//    construct sql

$data = false;

if( @$_GET["action"]<>"add" )

{

    $keys = array();

    foreach( $pSet->getTableKeys() as $ind => $k ) {

        $keys[ $k ] = postvalue("key".($ind + 1));

    }

    

    /*$where = KeyWhere($keys, $table);

    if($pSet->getAdvancedSecurityType() == ADVSECURITY_VIEW_OWN)

        $where = whereAdd($where,SecuritySQL("Search", $table ));

    

    $sql = $gQuery->gSQLWhere($where);

    $qResult = $_connection->query( $sql );*/



    $dc = new DsCommand();

    $dc->filter = Security::SelectCondition( "S", $pSet );

    $dc->keys = $keys;    

    

    $qResult = getDataSource( $table, $pSet, $_connection )->getSingle( $dc );

    if( !$qResult )

        return;

    

    $data = $qResult->fetchAssoc();

}

else 

{

    $data = array();

    $data[$field] = @$_SESSION[$table."_".$field."_rte"];

}



$nWidth = $pSet->getNCols($field);

$nHeight = $pSet->getNRows($field);

if( $nHeight< 300 )

    $nHeight = 300;

$id = postvalue_number("id");

$cfieldname = GoodFieldName($field)."_".($id!=='' ? $id : '1');

$cfield = "value_".GoodFieldName($field)."_".($id!=='' ? $id : '1');

$onsubmit = "";

if(@$_REQUEST["browser"]!="ie")

    $onsubmit = "onsubmit = \"return document.getElementById('".$cfield."').value;\"";

    

echo '<html>

        <body style="margin:0;">

        <form name="innovaform" '.$onsubmit.'>

            <script type="text/javascript" src="'. projectURL() . ("plugins/innovaeditor/scripts/innovaeditor.js").'"></script>

            <textarea id="'.$cfield.'" name="'.$cfield.'" style="width:100%; height:'.($nHeight).'px;">';

            

if($data)

    echo runner_htmlspecialchars($data[$field]);

    

echo'        </textarea>

            <script>

                oEdit'.$cfieldname.' = new InnovaEditor("oEdit'.$cfieldname.'");

                oEdit'.$cfieldname.'.mode = "HTMLBody";

                oEdit'.$cfieldname.'.width = "100%";

                oEdit'.$cfieldname.'.height = "'.($nHeight).'px";

                oEdit'.$cfieldname.'.cmdAssetManager = "modalDialogShow(\"'. projectURL() .'plugins/innovaeditor/assetmanager/'.GetTableLink("assetmanager").'\",640,445);";

                oEdit'.$cfieldname.'.arrCustomButtons = [["AssetManager", oEdit'.$cfieldname.'.cmdAssetManager, "Asset Manager", "btnCustom1.gif"]];

                //oEdit'.$cfieldname.'.features = ["Preview"];

                oEdit'.$cfieldname.'.REPLACE("'.$cfield.'");

            </script>

        </form>

    </body>

</html>';

return;

?>

:: Command execute ::
Enter:	Select: