!C99Shell v.2.1 [PHP 7 Update] [1.12.2019]!

Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16. PHP/5.4.16 

uname -a: Linux roko-bkp 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64 

uid=48(apache) gid=48(apache) groups=48(apache),1003(webmaster) 

Safe-mode: OFF (not secure)

/usr/share/doc/libxml2-python-2.9.1/   drwxr-xr-x
Free 9.29 GB of 93.48 GB (9.94%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     xpathleak.py (1.53 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
#!/usr/bin/python
import sys, libxml2

libxml2.debugMemory(True)

expect="""--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
"""
err=""
def callback(ctx, str):
     global err

     err = err + "%s %s" % (ctx, str)

libxml2.registerErrorHandler(callback, "-->")

doc = libxml2.parseDoc("<fish/>")
ctxt = doc.xpathNewContext()
ctxt.setContextNode(doc)
badexprs = (
    ":false()", "bad:()", "bad(:)", ":bad(:)", "bad:(:)", "bad:bad(:)",
    "a:/b", "/c:/d", "//e:/f", "g://h"
    )
for expr in badexprs:
    try:
        ctxt.xpathEval(expr)
    except libxml2.xpathError:
            pass
    else:
        print("Unexpectedly legal expression:", expr)
ctxt.xpathFreeContext()
doc.freeDoc()

if err != expect:
    print("error")
    print("received %s" %(err))
    print("expected %s" %(expect))
    sys.exit(1)

libxml2.cleanupParser()
leakedbytes = libxml2.debugMemory(True)
if leakedbytes == 0:
    print("OK")
else:
    print("Memory leak", leakedbytes, "bytes")
    # drop file to .memdump file in cwd, but won't work if not compiled in
    libxml2.dumpMemory()

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v.2.1 [PHP 7 Update] [1.12.2019] maintained by KaizenLouie and updated by cermmik | C99Shell Github (MySQL update) | Generation time: 0.0039 ]--