!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!

Software: Apache/2.2.16 (Debian). PHP/5.3.3-7+squeeze19 

uname -a: Linux mail.tri-specialutilitydistrict.com 2.6.32-5-amd64 #1 SMP Tue May 13 16:34:35 UTC
2014 x86_64
 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/usr/share/doc/python-libxml2/examples/   drwxr-xr-x
Free 130.03 GB of 142.11 GB (91.5%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     xpathleak.py (1.52 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
#!/usr/bin/python
import sys, libxml2

libxml2.debugMemory(True)

expect="""--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
--> Invalid expression
--> xmlXPathEval: evaluation failed
"""
err=""
def callback(ctx, str):
     global err

     err = err + "%s %s" % (ctx, str)

libxml2.registerErrorHandler(callback, "-->")

doc = libxml2.parseDoc("<fish/>")
ctxt = doc.xpathNewContext()
ctxt.setContextNode(doc)
badexprs = (
    ":false()", "bad:()", "bad(:)", ":bad(:)", "bad:(:)", "bad:bad(:)",
    "a:/b", "/c:/d", "//e:/f", "g://h"
    )
for expr in badexprs:
    try:
        ctxt.xpathEval(expr)
    except libxml2.xpathError, e:
            pass
    else:
        print "Unexpectedly legal expression:", expr
ctxt.xpathFreeContext()
doc.freeDoc()

if err != expect:
    print "error"
    print "received %s" %(err)
    print "expected %s" %(expect)
    sys.exit(1)

libxml2.cleanupParser()
leakedbytes = libxml2.debugMemory(True)
if leakedbytes == 0:
    print "OK"
else:
    print "Memory leak", leakedbytes, "bytes"
    # drop file to .memdump file in cwd, but won't work if not compiled in
    libxml2.dumpMemory()

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.0 [PHP 7 Update] [25.02.2019] maintained by KaizenLouie | C99Shell Github | Generation time: 0.0086 ]--