!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/mailboxes/xinha/modules/GetHtml/   drwxr-xr-x
Free 50.74 GB of 127.8 GB (39.7%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     DOMwalk.js (4.25 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
/* This compressed file is part of Xinha. For uncompressed sources, forum, and bug reports, go to xinha.org */
/* This file is part of version 0.96beta2 released Fri, 20 Mar 2009 11:01:14 +0100 */
function GetHtmlImplementation(a){this.editor=a}GetHtmlImplementation._pluginInfo={name:"GetHtmlImplementation DOMwalk",origin:"Xinha Core",version:"$LastChangedRevision: 1167 $".replace(/^[^:]*:\s*(.*)\s*\$$/,"$1"),developer:"The Xinha Core Developer Team",developer_url:"$HeadURL: http://svn.xinha.org/trunk/modules/GetHtml/DOMwalk.js $".replace(/^[^:]*:\s*(.*)\s*\$$/,"$1"),sponsor:"",sponsor_url:"",license:"htmlArea"};Xinha.getHTML=function(a,c,b){return Xinha.getHTMLWrapper(a,c,b)};Xinha.emptyAttributes=" checked disabled ismap readonly nowrap compact declare selected defer multiple noresize noshade ";Xinha.getHTMLWrapper=function(m,c,j,d){var h="";if(!d){d=""}switch(m.nodeType){case 10:case 6:case 12:break;case 2:break;case 4:h+=(Xinha.is_ie?("\n"+d):"")+"<![CDATA["+m.data+"]]>";break;case 5:h+="&"+m.nodeValue+";";break;case 7:h+=(Xinha.is_ie?("\n"+d):"")+"<?"+m.target+" "+m.data+" ?>";break;case 1:case 11:case 9:var k;var g;var p=(m.nodeType==1)?m.tagName.toLowerCase():"";if((p=="script"||p=="noscript")&&j.config.stripScripts){break}if(c){c=!(j.config.htmlRemoveTags&&j.config.htmlRemoveTags.test(p))}if(Xinha.is_ie&&p=="head"){if(c){h+=(Xinha.is_ie?("\n"+d):"")+"<head>"}var r=RegExp.multiline;RegExp.multiline=true;var f=m.innerHTML.replace(Xinha.RE_tagName,function(s,i,a){return i+a.toLowerCase()}).replace(/\s*=\s*(([^'"][^>\s]*)([>\s])|"([^"]+)"|'([^']+)')/g,'="$2$4$5"$3').replace(/<(link|meta)((\s*\S*="[^"]*")*)>([\n\r]*)/g,"<$1$2 />\n");RegExp.multiline=r;h+=f+"\n";if(c){h+=(Xinha.is_ie?("\n"+d):"")+"</head>"}break}else{if(c){k=(!(m.hasChildNodes()||Xinha.needsClosingTag(m)));h+=((Xinha.isBlockElement(m))?("\n"+d):"")+"<"+m.tagName.toLowerCase();var q=m.attributes;for(g=0;g<q.length;++g){var n=q.item(g);if(Xinha.is_real_gecko&&(m.tagName.toLowerCase()=="img")&&((n.nodeName.toLowerCase()=="height")||(n.nodeName.toLowerCase()=="width"))){if(!m.complete||m.naturalWidth===0){continue}}if(typeof n.nodeValue=="object"){continue}if(m.tagName.toLowerCase()=="input"&&m.type.toLowerCase()=="checkbox"&&n.nodeName.toLowerCase()=="value"&&n.nodeValue.toLowerCase()=="on"){continue}if(!n.specified&&!(m.tagName.toLowerCase().match(/input|option/)&&n.nodeName=="value")&&!(m.tagName.toLowerCase().match(/area/)&&n.nodeName.match(/shape|coords/i))){continue}var b=n.nodeName.toLowerCase();if(/_moz_editor_bogus_node/.test(b)||(b=="class"&&n.nodeValue=="webkit-block-placeholder")){h="";break}if(/(_moz)|(contenteditable)|(_msh)/.test(b)){continue}var o;if(Xinha.emptyAttributes.indexOf(" "+b+" ")!=-1){o=b}else{if(b!="style"){if(typeof m[n.nodeName]!="undefined"&&b!="href"&&b!="src"&&!(/^on/.test(b))){o=m[n.nodeName]}else{o=n.nodeValue;if(b=="class"){o=o.replace(/Apple-style-span/,"");if(!o){continue}}if(Xinha.is_ie&&(b=="href"||b=="src")){o=j.stripBaseURL(o)}if(j.config.only7BitPrintablesInURLs&&(b=="href"||b=="src")){o=o.replace(/([^!-~]+)/g,function(a){return escape(a)})}}}else{if(!Xinha.is_ie){o=m.style.cssText.replace(/rgb\(.*?\)/ig,function(a){return Xinha._colorToRgb(a)})}}}if(/^(_moz)?$/.test(o)){continue}h+=" "+b+'="'+Xinha.htmlEncode(o)+'"'}if(Xinha.is_ie&&m.style.cssText){h+=' style="'+m.style.cssText.toLowerCase()+'"'}if(Xinha.is_ie&&m.tagName.toLowerCase()=="option"&&m.selected){h+=' selected="selected"'}if(h!==""){if(k&&p=="p"){h+=">&nbsp;</p>"}else{if(k){h+=" />"}else{h+=">"}}}}}var e=false;if(p=="script"||p=="noscript"){if(!j.config.stripScripts){if(Xinha.is_ie){var l="\n"+m.innerHTML.replace(/^[\n\r]*/,"").replace(/\s+$/,"")+"\n"+d}else{var l=(m.hasChildNodes())?m.firstChild.nodeValue:""}h+=l+"</"+p+">"+((Xinha.is_ie)?"\n":"")}}else{if(p=="pre"){h+=((Xinha.is_ie)?"\n":"")+m.innerHTML.replace(/<br>/g,"\n")+"</"+p+">"}else{for(g=m.firstChild;g;g=g.nextSibling){if(!e&&g.nodeType==1&&Xinha.isBlockElement(g)){e=true}h+=Xinha.getHTMLWrapper(g,true,j,d+"  ")}if(c&&!k){h+=(((Xinha.isBlockElement(m)&&e)||p=="head"||p=="html")?("\n"+d):"")+"</"+m.tagName.toLowerCase()+">"}}}break;case 3:if(/^script|noscript|style$/i.test(m.parentNode.tagName)){h=m.data}else{if(m.data.trim()==""){if(m.data){h=" "}else{h=""}}else{h=Xinha.htmlEncode(m.data)}}break;case 8:h="<!--"+m.data+"-->";break}return h};

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0125 ]--