!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/exports/help/   drwxr-xr-x
Free 50.88 GB of 127.8 GB (39.81%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     client.html (1.32 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
Export to..
The hosts that will have access to the exported directory.
Warning: when exporting with krb5, the choice of the clients is made in the configuration of Kerberos5.

Six ways of specifying which hosts are allowed to mount the directory are available:
Everyone
Any host capable of contacting your system is allowed access. This option should be used with care, especially if your system is connected to the Internet.
Host(s)
This can either be a single IP address, a single hostname, or a regular expression like *.foo.com. In the last case, any host whose reverse DNS lookup by IP address matches the expression will be allowed access.
WebNFS clients
Allows clients using Sun's WebNFS protocol to access this directory.
NIS Netgroup
Allows all members of the specified NIS netgroup to access this export.
IPv4 Network and Netmask
Any host in the specified subnet is allowed access. For example, if the network was 10.1.2.0 and the netmask 255.255.255.0, all hosts with IP addresses from 10.1.2.0 to 10.1.2.255 would be allowed.
IPv6 Address and Prefix
Any host in the specified subnet is allowed access.


:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0103 ]--