📁 File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

📄 ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
📁 ..
📄 003b15869ae62d2ceeee451a5f652dd6.png [view]
📄 0tk5j14v024b1.jpg [view]
📄 300px-Cursed_Cat.jpg [view]
📄 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
📄 Bill-Gates-Paul-Allen-2013.jpg [view]
📄 CV Jasper Kramp.png [view]
📄 Cat profile.png [view]
📄 Fronalpstock_big.jpg [view]
📄 Krik en las.jpg [view]
📄 Krik.jpg [view]
📄 Pino-dood-03.jpg [view]
📄 Shellz.php [view]
📄 Ted_Kaczynski_2_(cropped).jpg [view]
📄 Tux.svg.png [view]
📄 Z.png [view]
📄 android.jpg [view]
📄 apple.php [view]
📄 cianancatfish.jpg [view]
📄 downloads (1).jpeg [view]
📄 downloads.jpeg [view]
📄 epresso.jpg [view]
📄 fake_photo.png [view]
📄 hand.jpg [view]
📄 https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
📄 image.png [view]
📄 images.jpeg [view]
📄 info.php [view]
📄 inject.php [view]
📄 instant_redirect.jpg [view]
📄 japper.jpg [view]
📄 koekiemonster-3.jpg [view]
📄 logo.png [view]
📄 muis.jpg [view]
📄 people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
📄 picobellobv.jpeg [view]
📄 redirect.php [view]
📄 rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
📄 sdfsa.png [view]
📄 sneaky.svg [view]
📄 taylor.webp [view]
📄 test.html [view]
📄 testpreg.php [view]
📄 testpreg1.php [view]
📄 testtest.php.JPG [view]
📄 ultimate_attack.gif [view]
📄 ultimate_attack.php [view]
📄 ultimate_attack.svg [view]
📄 wallpaper.jpg [view]
📄 webshell.php [view]

📄 Viewing: ../../../../589181.klas4s23.mid-ica.nl/public_html/phpmyadmin/js/src/../src/server/variables.js

/** * @fileoverview Javascript functions used in server variables page * @name Server Replication * * @requires jQuery * @requires jQueryUI * @requires js/functions.js */ /** * Unbind all event handlers before tearing down a page */ AJAX.registerTeardown('server/variables.js', function () { $(document).off('click', 'a.editLink'); $('#serverVariables').find('.var-name').find('a img').remove(); }); AJAX.registerOnload('server/variables.js', function () { var $saveLink = $('a.saveLink'); var $cancelLink = $('a.cancelLink'); $('#serverVariables').find('.var-name').find('a').append( $('#docImage').clone().css('display', 'inline-block') ); /* Launches the variable editor */ $(document).on('click', 'a.editLink', function (event) { event.preventDefault(); editVariable(this); }); /* Allows the user to edit a server variable */ function editVariable (link) { var $link = $(link); var $cell = $link.parent(); var $valueCell = $link.parents('.var-row').find('.var-value'); var varName = $link.data('variable'); var $mySaveLink = $saveLink.clone().css('display', 'inline-block'); var $myCancelLink = $cancelLink.clone().css('display', 'inline-block'); var $msgbox = Functions.ajaxShowMessage(); var $myEditLink = $cell.find('a.editLink'); $cell.addClass('edit'); // variable is being edited $myEditLink.remove(); // remove edit link $mySaveLink.on('click', function () { var $msgbox = Functions.ajaxShowMessage(Messages.strProcessingRequest); $.post('index.php?route=/server/variables/set/' + encodeURIComponent(varName), { 'ajax_request': true, 'server': CommonParams.get('server'), 'varValue': $valueCell.find('input').val() }, function (data) { if (data.success) { $valueCell .html(data.variable) .data('content', data.variable); Functions.ajaxRemoveMessage($msgbox); } else { if (data.error === '') { Functions.ajaxShowMessage(Messages.strRequestFailed, false); } else { Functions.ajaxShowMessage(data.error, false); } $valueCell.html($valueCell.data('content')); } $cell.removeClass('edit').html($myEditLink); }); return false; }); $myCancelLink.on('click', function () { $valueCell.html($valueCell.data('content')); $cell.removeClass('edit').html($myEditLink); return false; }); $.get('index.php?route=/server/variables/get/' + encodeURIComponent(varName), { 'ajax_request': true, 'server': CommonParams.get('server') }, function (data) { if (typeof data !== 'undefined' && data.success === true) { var $links = $('<div></div>') .append($myCancelLink) .append('   ') .append($mySaveLink); var $editor = $('<div></div>', { 'class': 'serverVariableEditor' }) .append( $('<div></div>').append( $('<input>', { type: 'text', 'class': 'form-control form-control-sm' }).val(data.message) ) ); // Save and replace content $cell .html($links) .children() .css('display', 'flex'); $valueCell .data('content', $valueCell.html()) .html($editor) .find('input') .trigger('focus') .on('keydown', function (event) { // Keyboard shortcuts if (event.keyCode === 13) { // Enter key $mySaveLink.trigger('click'); } else if (event.keyCode === 27) { // Escape key $myCancelLink.trigger('click'); } }); Functions.ajaxRemoveMessage($msgbox); } else { $cell.removeClass('edit').html($myEditLink); Functions.ajaxShowMessage(data.error); } }); } });

🎯 Available Actions

⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!

🐚 WEB SHELL ACTIVATED

📁 File Browser

📄 Viewing: ../../../../589181.klas4s23.mid-ica.nl/public_html/phpmyadmin/js/src/../src/server/variables.js

🎯 Available Actions

Command Execution:

Quick Commands:

File Operations: