403WebShell

403Webshell
Server IP : 51.89.169.208 / Your IP : 3.148.107.92
Web Server : Apache
System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64
User : yellowleaf ( 1019)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /home/yellowleaf/public_html/links/
Upload File :
[ Back ]
Current File : /home/yellowleaf/public_html/links/index.php
<?
include_once 'loginchecker.php';

if ($_SERVER['HTTP_HOST'] == "yellowleaf.co.uk") { header("Location: http://www.yellowleaf.co.uk/links/?type=m"); }
include '../connect.php';

if ($_GET['checklink']){
$checklink=$_GET['checklink']; $linkid=$checklink;
echo "Checking link ({$checklink})...<br>";
$f2 = @mysql_query("SELECT * FROM `links` WHERE `id`='{$checklink}' LIMIT 1");
$count2=@mysql_num_rows($f2);
if (!$count2) { echo "No such link<br>"; }
else {
$checklink=@mysql_fetch_array($f2); $checklink=$checklink['url']; $checklink="http://".str_replace("http://","",$checklink);
echo "&gt;&gt; {$checklink}<br>";
$getfile=@file_get_contents($checklink);

$yourdomain="yellowleaf.co.uk"; /////// your domain name here <<<<<<<

$regex ="/<a[^>]*href=\"[^\"]*{$yourdomain}[^\"]*\"[^>]*>(.*)<\/a>/isU"; // 1 start of the tag

preg_match($regex,$getfile,$match); //print_r($match);
if (!$match) { echo "No matches<br>"; @mysql_query("UPDATE `links` SET `added`='0' WHERE `id`='{$linkid}' LIMIT 1"); } else{
@mysql_query("UPDATE `links` SET `added`='1' WHERE `id`='{$linkid}' LIMIT 1");
echo htmlentities($match[0]);
} }

}

if ($_GET['img']) {
$img=$_GET['img']; $added=$_GET['added'];
@mysql_query("UPDATE `links` SET `added`='{$added}' WHERE `id`='{$img}' LIMIT 1");
die;
}
$date = date("d-m-Y");
if ($_GET['fsubmit'] && $_GET['ip'] && $_GET['email'] && $_GET['note'] && $_GET['url']) {
$f = @mysql_query("SELECT * FROM `links` WHERE `ip`='{$_GET['ip']}' LIMIT 1");
$count=@mysql_num_rows($f);
if ($count) { echo "{$_GET['ip']} is already added in the database."; } else { @mysql_query("INSERT INTO `links` VALUES ('','{$_GET['url']}','{$_GET['email']}','{$_GET['note']}','{$_GET['ip']}','{$_GET['added']}','{$date}','{$_GET['price']}','')"); if (mysql_insert_id()) { echo "ADDED INTO DATABASE"; } else { echo "ERROR - COULDN'T ADD"; } }

}

if ($_GET['getip']) {
$safeurl=split("/",str_replace("http://","",$_GET['getip'])); $safeurl=$safeurl[0]; $ipadd = gethostbyname($safeurl); $onload="document.pgfrm.email.focus();";

$fs = @mysql_query("SELECT * FROM `links` WHERE `ip`='{$ipadd}' LIMIT 1");
$count=@mysql_num_rows($fs);
if ($count) { echo "<font color=red>{$ipadd} is already added in the database.</font>"; }

}

if (!$onload) { $onload="document.pgfrm.url.focus();"; }
?>
<body onload="<?=$onload?>">
<script language="javascript">
function chg(img,id) {
if (img.src=="http://www.yellowleaf.co.uk/links/1.png") { sd = new Image(); sd.src = "index.php?img="+id+"&added=0"; img.src="0.png"; }
else { img.src="1.png"; sd = new Image(); sd.src = "index.php?img="+id+"&added=1"; }

}
</script>
<form method="get" action="/links/" name="pgfrm">
	<p>&nbsp;</p>
	<table border="1" width="100%" style="border-collapse: collapse" bordercolor="#C0C0C0">
		<tr>
			<td width="80">URL</td>
			<td><input type="text" name="url" value="<?=$_GET['getip']?>" size="28"><input type="button" value="Get IP From URL" onclick="window.location.href='/links/?getip='+document.pgfrm.url.value;"></td>
		</tr>
		<tr>
			<td width="80">IP Address</td>
			<td><input type="text" name="ip" value="<?=$ipadd?>" size="28"></td>
		</tr>
		<tr>
			<td width="80">E-mail</td>
			<td><input type="text" name="email" size="33"></td>
		</tr>
		<tr>
			<td width="80">Term p/m/y</td>
			<td><input type="text" name="note" size="7"></td>
		</tr>
		<tr>
			<td width="80">Price</td>
			<td><input type="text" name="price" size="18" value="$"></td>
		</tr>
		<tr>
			<td width="80">Added?</td>
			<td><input type="checkbox" name="added" value="1"></td>
		</tr>
	</table>
	<p>
	<input type="hidden" name="fsubmit" value="1">
	<input type="submit" value="Submit"></p>
</form>
<hr>
<table border="1" width="100%" style="border-collapse: collapse" bordercolor="#C0C0C0">
<?
if ($type) { $wehere = "WHERE `note` LIKE '{$type}%'";  }
echo "<tr>";
echo "<td><b>DATE</b></td>";
echo "<td><b>ID</b></td>";
echo "<td><b>URL</b></td>";
echo "<td><b>IP Address</b></td>";
echo "<td><b>E-mail</b></td>";
echo "<td><b>Added</b></td>";
echo "<td><b>Term</b></td>";
echo "<td><b>Price</b></td>";
echo "</tr>";

$get = @mysql_query("SELECT * FROM `links` $wehere ORDER BY `pos` DESC, `id` DESC");
while ($row = @mysql_fetch_array($get)) { 
foreach($row AS $key => $val){ $$key = stripslashes(strip_tags($val)); }
if (!$added) { $added="0"; } if (!eregi("http://",$url)) { $url="http://".$url; }
$durl = (substr($url ,0,20));
echo "<tr onmouseover=\"this.bgColor='#F5F394'\" onmouseout=\"this.bgColor='#FFFFFF'\">";
echo "<td>{$date}</td>";
echo "<td><a href=\"http://www.uploady.com:2082/3rdparty/phpMyAdmin/tbl_change.php?db=uploady_yellowleaf=links&pos=0&session_max_rows=30&disp_direction=horizontal&repeat_cells=100&dontlimitchars=0&primary_key=+%60id%60+%3D+{$id}\" target=\"_blank\">{$id}</a></td>";
echo "<td><a href=\"http://www.iwebtool.com/?rd={$url}\" target=\"_blank\">{$durl}</a></td>";
echo "<td>{$ip}</td>";
echo "<td>{$email}</td>";
echo "<td><a href=\"#\" onclick=\"chg(document.img{$id},'{$id}');return false;\"><img border=\"0\" id=\"img{$id}\" src=\"{$added}.png\"></a> <a style=\"font-size:8pt;\" href=\"?checklink={$id}&type=m\">chk</a></td>";
echo "<td>{$note}</td>";
echo "<td>{$price}</td>";
echo "</tr>";
}

?>
</table>
Youez - 2016 - github.com/yon3zu
LinuXploit