Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
: 172.16.0.66 | : 172.16.0.254
Cant Read [ /etc/named.conf ]
7.3.25
SYSTEM
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
[ A ]
[ C ]
[ D ]
C: /
xampp7 /
htdocs /
edgpens_220704 /
[ HOME SHELL ]
Name
Size
Permission
Action
css
[ DIR ]
drwxrwxrwx
edg
[ DIR ]
drwxrwxrwx
edg_200430
[ DIR ]
drwxrwxrwx
edg_20200630
[ DIR ]
drwxrwxrwx
edg_old
[ DIR ]
drwxrwxrwx
extension
[ DIR ]
drwxrwxrwx
img
[ DIR ]
drwxrwxrwx
inc
[ DIR ]
drwxrwxrwx
js
[ DIR ]
drwxrwxrwx
kod
[ DIR ]
drwxrwxrwx
pdf
[ DIR ]
drwxrwxrwx
reports
[ DIR ]
drwxrwxrwx
upload
[ DIR ]
drwxrwxrwx
utility
[ DIR ]
drwxrwxrwx
vendor
[ DIR ]
drwxrwxrwx
.htaccess
1.16
KB
-rw-rw-rw-
!test.php
17
B
-rw-rw-rw-
Nota14102020.docx
22.8
KB
-rw-rw-rw-
access.php
253
B
-rw-rw-rw-
access2.php
245
B
-rw-rw-rw-
account_recovery.php
7.85
KB
-rw-rw-rw-
ajax.php
3.6
KB
-rw-rw-rw-
company_search.php
8.37
KB
-rw-rw-rw-
composer.json
1.42
KB
-rw-rw-rw-
composer.lock
156.45
KB
-rw-rw-rw-
ctype.txt
266
B
-rw-rw-rw-
custom.css
3.7
KB
-rw-rw-rw-
custom.js
9.66
KB
-rw-rw-rw-
custom200630.js
6.46
KB
-rw-rw-rw-
custom_200630.css
1.04
KB
-rw-rw-rw-
custom_200705.js
6.82
KB
-rw-rw-rw-
dashboard.php
21.52
KB
-rw-rw-rw-
dashboard_old.php
51
B
-rw-rw-rw-
dbedgpens.sql
3.85
MB
-rw-rw-rw-
dglist.php
3.97
KB
-rw-rw-rw-
dgweb-dg.txt
2.65
MB
-rw-rw-rw-
dgweb.xls
297.5
KB
-rw-rw-rw-
err_404.php
75
B
-rw-rw-rw-
imp_data.php
2.03
KB
-rw-rw-rw-
index.php
2.83
KB
-rw-rw-rw-
index_footer.php
138
B
-rw-rw-rw-
index_head.php
663
B
-rw-rw-rw-
index_search.php
667
B
-rw-rw-rw-
ins_composer.php
417
B
-rw-rw-rw-
ktn-pens-companies.txt
330.12
KB
-rw-rw-rw-
ktn-pens-port.txt
602.81
KB
-rw-rw-rw-
ktn-pens-vessel.txt
6.12
MB
-rw-rw-rw-
ktn-pens-vtype.txt
353
B
-rw-rw-rw-
login.php
11.47
KB
-rw-rw-rw-
login_200704.php
9.81
KB
-rw-rw-rw-
main.php
584
B
-rw-rw-rw-
nota.txt
120
B
-rw-rw-rw-
odbc.php
18.73
KB
-rw-rw-rw-
odbc_test.php
15.24
KB
-rw-rw-rw-
readtext.php
7.99
KB
-rw-rw-rw-
recover_msg.php
806
B
-rw-rw-rw-
registration.php
24.54
KB
-rw-rw-rw-
registration_2.php
12.94
KB
-rw-rw-rw-
registration_submit.php
5.18
KB
-rw-rw-rw-
reset_password.php
9.48
KB
-rw-rw-rw-
self_register.php
14.57
KB
-rw-rw-rw-
sessions.php
2.78
KB
-rw-rw-rw-
sessions_200705.php
1.4
KB
-rw-rw-rw-
sessions_200721.php
1.75
KB
-rw-rw-rw-
test.php
11.8
KB
-rw-rw-rw-
test_sess.php
1.35
KB
-rw-rw-rw-
testinput.php
6.7
KB
-rw-rw-rw-
testx.php
4
B
-rw-rw-rw-
vessel.txt
498.07
KB
-rw-rw-rw-
vessel2.txt
249.04
KB
-rw-rw-rw-
zzz
11
B
-rw-rw-rw-
zzz.txt
249.04
KB
-rw-rw-rw-
~$ta14102020.docx
162
B
-rw-rw-rw-
~WRL0738.tmp
23.29
KB
-rw-rw-rw-
Delete
Unzip
Zip
${this.title}
Close
Code Editor : odbc_test.php
<?php error_reporting(1); date_default_timezone_set('Asia/Kuala_Lumpur'); $GLOBALS['mysqli'] = new mysqli("127.0.0.1:3307", "root", "12qwaszx", "dbedgpens"); if ($mysqli->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli_link->connect_errno . ") " . $mysqli_link->connect_error; exit(); } $mysqli_link = new mysqli("127.0.0.1:3307", "root", "12qwaszx", "dbedgpens"); if ($mysqli_link->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli_link->connect_errno . ") " . $mysqli_link->connect_error; } $GLOBALS['mysqli2'] = new mysqli("127.0.0.1:3307", "root", "12qwaszx", "dbssosukphg"); if ($mysqli2->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli_link->connect_errno . ") " . $mysqli_link->connect_error; exit(); } if (!empty($_SERVER['HTTP_CLIENT_IP'])) $GLOBALS['ip_address'] = $_SERVER['HTTP_CLIENT_IP']; elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) $GLOBALS['ip_address'] = $_SERVER['HTTP_X_FORWARDED_FOR']; else $GLOBALS['ip_address'] = $_SERVER['REMOTE_ADDR']; //---------------------------------------------------------------------------------- // Delete a session and return. //---------------------------------------------------------------------------------- function deleteSession($session){ global $mysqli; // $query="DELETE FROM utiliti_session WHERE iduser!=1 AND session = '$session'"; $query="DELETE FROM utiliti_session WHERE session = '$session'"; $mysqli->query($query); return; } //---------------------------------------------------------------------------------- // Update session time if it exists. //---------------------------------------------------------------------------------- function updateSession($session){ global $mysqli; checkSession(); $query="SELECT * FROM utiliti_session WHERE session='$session'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $time=getdate(time()); $s="update utiliti_session set masa='".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."' where session='$session'"; if(!$r=$mysqli->query($s)) echo $s."<br>Fail to updating the session ".$r; }else{ $session=false; } return $session; } //---------------------------------------------------------------------------------- // Log user in. If user already has a session then security risk. Throw them out. //---------------------------------------------------------------------------------- function login($passedusername,$passedpassword){ global $mysqli2; checkSession(); $passedpassword= md5($passedpassword); $stmt = $mysqli2->stmt_init(); $stmt->prepare("SELECT a.*, b.sekatan_cubaan FROM tpengguna a LEFT JOIN tsekatan b ON b.sekatan_pengguna = a.pengguna_kp LEFT JOIN tlogin c ON c.pengguna_id = a.pengguna_id WHERE a.pengguna_kp = ? AND c.sistem_id = '19' "); $pengguna_kp = $passedusername; $stmt->bind_param("s",$pengguna_kp); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $session = array(); $row=$result->fetch_assoc(); if ($row){ $userid = $row['pengguna_id']; $nama = strtoupper($row['pengguna_nama']); $password = $row['pengguna_pass']; $flagUser = $row['aktif_id']; $sekatan = (int)$row['sekatan_cubaan']; if($password==$passedpassword){ if($flagUser == 3){ $session[0] = "Ops! Something Wrong.<br>Please Contact System Administrators."; $session[1] = false; $session[3] = 1; }else if($flagUser == 2){ $session[0] = "Pengguna Tidak Aktif."; $session[1] = false; $session[3] = 1; }else {//ok to proceed. if($sekatan >= 3){ $session[0] = "Akaun Anda Disekat. Sila Hubungi Admin Untuk Buka Sekatan."; $session[1] = false; $session[3] = 1; }else{ $session[0] = "Welcome Back. {$nama}"; $session[1] = checkUser($userid); //check to see if user is already logged in $session[3] = 0; if ($session[1]){ deleteSession($session[1]);//Force the user out if already logged in $session[1]=setSession($userid); }else{ $session[1]=setSession($userid); } } } }else{ $session[0] = sekatan($passedusername); $session[1] = false; $session[3] = 1; } }else{ $session[0] = sekatan($passedusername); $session[1] = false; $session[3] = 1; } return $session; } //---------------------------------------------------------------------------------- // Semak Sekatan. //---------------------------------------------------------------------------------- function sekatan($passedusername){ global $mysqli2; global $ip_address; $stmt = $mysqli2->stmt_init(); $stmt->prepare("SELECT * FROM tsekatan WHERE sekatan_pengguna=? and sekatan_tarikh=CURDATE()"); $pengguna_kp = $passedusername; $stmt->bind_param("s",$pengguna_kp); $stmt->execute(); $result = $stmt->get_result(); $row=$result->fetch_assoc(); if($row){ $sekatan_tarikh=$row['sekatan_tarikh']; $sekatan_cubaan=$row['sekatan_cubaan']; if($sekatan_cubaan >= 3){ $msg = "Akaun Anda Disekat. Sila Hubungi Admin Untuk Buka Sekatan."; }else{ $stmt = $mysqli2->stmt_init(); $stmt->prepare("UPDATE tsekatan SET sekatan_cubaan=sekatan_cubaan+1 WHERE sekatan_pengguna=? and sekatan_tarikh=? "); $pengguna_kp = $passedusername; $stmt->bind_param("ss",$pengguna_kp,$sekatan_tarikh); $stmt->execute(); $msg = "Please Try Again!"; } }else{ $stmt = $mysqli2->stmt_init(); $stmt->prepare("INSERT INTO tsekatan(sekatan_pengguna,sekatan_ip,sekatan_cubaan,sekatan_tarikh) values (?,'{$ip_address}',1, CURDATE())"); $pengguna_kp = $passedusername; $stmt->bind_param("s",$pengguna_kp); $stmt->execute(); $msg = "Please Try Again!"; } return $msg; } //---------------------------------------------------------------------------------- // Set a session and insert session into session table. //---------------------------------------------------------------------------------- function setSession($userid){ global $mysqli; $time=getdate(time()); $length=80;// set this to the length of session variable desired $session=""; mt_srand(time()); $sessionstring="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; $achar=strlen($sessionstring)-1; for ($i=0;$i<$length;$i++){ $session.=$sessionstring[mt_rand(0,$achar)]; } $session=$userid.$session; $query = "INSERT INTO utiliti_session (session,idUser,masa) VALUES ('$session','$userid','".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."')"; $mysqli->query($query) or die(mysqli_error($mysqli)); return $session; } //-------------------------------------------------------------------------------- // Check the user to see if they are already logged in. //-------------------------------------------------------------------------------- function checkUser($userid){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE idUser = '$userid'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $session=$row['session']; }else{ $session = false; } return $session; } //---------------------------------------------------------------------------------- // Log the user out when they click on the log-out button //---------------------------------------------------------------------------------- function logout($session){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session = '$session'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $userid=$row['idUser']; deleteSession($session); return true; }else{ return false; } } //---------------------------------------------------------------------------------- // Check session and return. //---------------------------------------------------------------------------------- function checkSession(){ global $mysqli; $expirationtime=time()-1800; // set this to seconds of inactivity before forced logout (30mins) // $expirationtime=time()-6000; // set this to seconds of inactivity before forced logout (100mins) $time=getdate($expirationtime); $query = "SELECT idUser,session,masa From utiliti_session WHERE masa < '".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."'"; $result=$mysqli->query($query) or die(mysqli_error($mysqli)); while($row=$result->fetch_assoc()){ deleteSession($row[1]); } return; } function growl_me($sess = null,$g_scc){ $type = $g_scc; $msg = (!empty($sess)) ? $sess['success_msg'] : ""; if($g_scc == 1 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } if($g_scc == 2 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } if($g_scc == 3 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } } function get_user($sess){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session='$sess'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); // $stmt->prepare("SELECT * FROM utiliti_session WHERE session=?"); // $running_sql = $sess; // $stmt->bind_param("s",$iduser,$running_sql,$descr); // $stmt->execute(); // $result = $stmt->get_result(); // $row = $result->fetch_assoc(MYSQLI_ASSOC); // $stmt->close(); return $row; } function get_user_full($sess){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session='$sess'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); $query="SELECT * FROM user_list WHERE idUser='{$row['idUser']}'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); return $row; } function mysqli_prepare_audit($sql,$param_type,$param_data,$param_do = null,$query_type = null){ /* Hamdi : 2020-03-20 This Function Only for Insert/Update/Delete use. */ global $mysqli; $user = get_user($_SESSION['session']); $conn = $mysqli; $stmt = $conn->stmt_init(); $stmt->prepare($sql); $comb_param = ""; $length_type = strlen($param_type); $length_data = count($param_data); $type_auto = ""; foreach ($param_data as $a => $b) { $comb_param1 .= "\${$a}=\"{$b}\","; $comb_param2 .= "\${$a}=\"{$b}\",\n"; $type_auto .= "s"; } if($length_type != $length_data || $param_type == 'auto') $param_type = $type_auto; $data = array(); $comb_param1 = substr($comb_param1, 0, -1); $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); if (!$stmt->execute()) { echo 'error executing statement: ' . $stmt->error; $stmt->close(); }else{ $data[0] = $mysqli->insert_id; $stmt->close(); audit_insert($comb_param2,$param_do); } return $data; } function mysqli_prepare_all($sql,$param_type,$param_data){ /* Hamdi : 2020-12-07 This Function for All Query. */ global $mysqli; // $user = get_user($_SESSION['session']); $conn = $mysqli; $stmt = $conn->stmt_init(); $stmt->prepare($sql); $comb_param = ""; $length_type = strlen($param_type); $length_data = count($param_data); $type_auto = ""; foreach ($param_data as $a => $b) { $comb_param1 .= "\${$a}=\"{$b}\","; $comb_param2 .= "\${$a}=\"{$b}\",\n"; $type_auto .= "s"; } if($length_type != $length_data || $param_type == 'auto') $param_type = $type_auto; $data = array(); $comb_param1 = substr($comb_param1, 0, -1); $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); $stmt->execute() or trigger_error($stmt->error, E_USER_ERROR); ($result = $stmt->get_result()) or trigger_error($stmt->error, E_USER_ERROR); $stmt->close(); return $result; } function audit_insert($running_sql,$descr = null){ global $mysqli; if(!empty($_SESSION['session'])) $user = get_user($_SESSION['session']); else $user = ""; $stmt = $mysqli->stmt_init(); $stmt->prepare("insert into audit_trail (idUser,running_sql,descr) values (?,?,?)"); $iduser = $user['idUser']; // $running_sql = $comb_param2; $descr = (empty($descr)) ? '' : $descr ; $stmt->bind_param("sss",$iduser,$running_sql,$descr); $stmt->execute(); $stmt->close(); } function mysql_date($date){ explode('-', $date); return $date[3]."-".$date[2]."-".$date[1]; } // function mysqli_prepare_audit2(){ // global $mysqli; // $stmt = $mysqli->stmt_init(); // $stmt->prepare($sql); // $comb_param = ""; // $length_type = strlen($param_type); // $length_data = count($param_data); // $type_auto = ""; // foreach ($param_data as $a => $b) { // $comb_param1 .= "\${$a}=\"{$b}\","; // $comb_param2 .= "\${$a}=\"{$b}\",\n"; // $type_auto .= "s"; // } // if($length_type != $length_data || $param_type == 'auto') // $param_type = $type_auto; // $data = array(); // $comb_param1 = substr($comb_param1, 0, -1); // $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); // "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; // eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); // $stmt->execute(); // // execute the stored Procedure // $result = $connect->query('call IsUserPresent(@uid, @userCount)'); // // getting the value of the OUT parameter // $r = $connect->query('SELECT @userCount as userCount'); // $row = $r->fetch_assoc(); // } function test_loop($id){ // $s2="SELECT * from user_list"; // $stmt = $mysqli->prepare($s2); // $stmt->bind_param("s",$id); // $stmt->execute(); // $result = $stmt->get_result(); // $stmt->close(); // echo $jum = $stmt->num_rows; // echo $id; // echo "<br>"; // global $mysqli; // $s2="SELECT * from user_list where idUser = 1"; // $stmt = $mysqli->prepare($s2); // $stmt->bind_param("s",$id); // $stmt->execute(); // $result = $stmt->get_result(); // echo $jum = $result->num_rows; // $stmt->close(); // print_r($result); // $sql = "SELECT lokasi,tujuan,flaglulus,catatan FROM tugasluar WHERE (idPekerja=? AND (? BETWEEN tarikhMula AND tarikhTamat))"; // $param_data = array( // "idPekerja" => $idPekerja, // "tarikhUrusan" => $tarikhUrusan, // ); // $result = mysqli_prepare_all($sql,"auto",$param_data); // echo $result->num_rows; // $sql = "SELECT * FROM user_list WHERE (idUser=? AND (? BETWEEN dateCreated AND dateModified))"; $sql = "SELECT * FROM user_list WHERE idUser=? "; $param_data = array( "idUser" => $id ); $result = mysqli_prepare_all($sql,"auto",$param_data); echo $result->num_rows; // $zsd = ; print_r($result->fetch_assoc()); // echo $zsd['emailUser']; // print_r(); } ?>
Close
