!C99Shell v. 1.0 pre-release build #16!

Software: Apache/2.0.54 (Fedora). PHP/5.0.4 

uname -a: Linux mina-info.me 2.6.17-1.2142_FC4smp #1 SMP Tue Jul 11 22:57:02 EDT 2006 i686 

uid=48(apache) gid=48(apache) groups=48(apache)
context=system_u:system_r:httpd_sys_script_t 

Safe-mode: OFF (not secure)

/home/mnnews/public_html/mms/skripte/   drwxr-xr-x
Free 3.96 GB of 27.03 GB (14.65%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     pregled2.php (2.55 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?

mysql_connect (localhost, us10505a, proba);
   
mysql_select_db (db10505c);

$result = mysql_query ("SELECT  * FROM news WHERE  topicId=12 order by id desc limit 1 ");

if ($row = mysql_fetch_array($result)) {

do     {

$melodija=$row["details"];
  

    }

while($row = mysql_fetch_array($result));

} else {print "Nema clanaka!";}


function PostToHost($host, $port, $username, $password, $data_to_send)
{
    $dc = 0;
   $bo ="-----------------------------305242850528394";

    $fp = fsockopen($host, $port, $errno, $errstr);
    if (!$fp) {
        echo "errno: $errno \n";
        echo "errstr: $errstr\n";
        return $result;
    }

    fputs($fp, "POST / HTTP/1.1\r\n");
    if ($username != "") {
       $auth = $username . ":" . $password;
       echo "auth: $auth\n";
       $auth = base64_encode($auth);
       echo "auth: $auth\n";
       fwrite($fp, "Authorization: Basic " . $auth . "\r\n");
    }
    fputs($fp, "User-Agent: NowSMS PHP Script\r\n");
    fputs($fp, "Accept: */*\r\n");
    fputs($fp, "Content-type: multipart/form-data; boundary=$bo\r\n");
    
    foreach($data_to_send as $key=>$val) {
        $ds =sprintf("%s\r\nContent-Disposition: form-data; name=\"%s\"\r\n%s\r\n",$bo,$key,$val);
        $dc += strlen($ds);
        
    }
    $dc += strlen($bo)+3;
    fputs($fp, "Content-length: $dc\r\n");
    fputs($fp, "\r\n");
    fputs($fp, "This is a MIME message\r\n\r\n");

    foreach($data_to_send as $key=>$val) {
        $ds =sprintf("%s\r\nContent-Disposition: form-data; name=\"%s\"\r\n%s\r\n",$bo,$key,$val);
        fputs($fp, $ds );
    }
    $ds = $bo."--\r\n" ;
    fputs($fp, $ds);

    $res = "";

    while(!feof($fp)) {
        $res .= fread($fp,1);
    }
    fclose($fp);
    

    return $res;
}


mysql_connect (localhost, us10505a, proba);
   
mysql_select_db (db10505f);

$result2 = mysql_query ("SELECT  * from mms_users ");

if ($row2 = mysql_fetch_array($result2)) {
do {

$sender=$row2["tel"];

  
$data["MMSFrom"]     = "\r\n" . "Informativna agencija MINA";
$data["PhoneNumber"] = "\r\n" . "$sender";
$data["MMSSubject"]  = "\r\n" . "Mina info servis" ;
$data["charset"]  = "\r\n" . "ISO-8859-2" ;
/* The MMSText field is optional */
$data["MMSText" ]    = "\r\n" . $melodija ;



$x   = PostToHost("192.168.0.9", 8800, "test", "test", $data);
echo $x;

  
  
} while($row2 = mysql_fetch_array($result2));

} else {print "Nema clanaka!";}



/* A quirk of this script is that you must start all non-file parameters with \r\n */



?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0035 ]--