!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/lib/openoffice.org/basis3.1/share/config/webcast/   drwxr-xr-x
Free 51.91 GB of 127.8 GB (40.61%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     common.pl (1.04 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
package common;

$REFRESH_TIME = 5;

sub File_read
{
    $sFilename = @_[ 0 ];

    @aFileContentList = "";
    open( F_CURRPIC, "<" . $sFilename ) || "Could not open file " . $sFilename . " !<BR>\n";
    while( <F_CURRPIC> )
    {
        push( @aFileContentList, $_ );
    }
    close( F_CURRPIC );

    return @aFileContentList;
}   ##File_read


sub HTTP_getRequest
{
    # post- or get- method ?
    if( $ENV{ 'REQUEST_METHOD' } eq 'GET' )
    {
        # get parameters from querystring (get)
        $sRequest = $ENV{ 'QUERY_STRING' }
    }
    else
    {
        # get parameters from stdin (post)
        read( STDIN, $sRequest, $ENV{ 'CONTENT_LENGTH' } );
    }
    # process parameters
    @aRequestList = split( /&/, $sRequest );
    foreach $Feld ( @aRequestList )
    {
        ( $name, $sValue ) = split( /=/, $Feld );
        $sValue =~ tr/+/ /;
        $sValue =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
        $sValue =~ s/<!--(.|\n)*-->//g;
        $aRequestMap{ $name } = $sValue;
    }

    return %aRequestMap;
}   ##HTTP_getRequest

1;

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0122 ]--