!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/mailboxes/xinha/modules/WebKit/   drwxr-xr-x
Free 50.74 GB of 127.8 GB (39.7%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     WebKit.js (10.02 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
/* This compressed file is part of Xinha. For uncompressed sources, forum, and bug reports, go to xinha.org */
/* This file is part of version 0.96beta2 released Fri, 20 Mar 2009 11:01:14 +0100 */
WebKit._pluginInfo={name:"WebKit",origin:"Xinha Core",version:"$LastChangedRevision: 1146 $".replace(/^[^:]*:\s*(.*)\s*\$$/,"$1"),developer:"The Xinha Core Developer Team",developer_url:"$HeadURL: http://svn.xinha.org/trunk/modules/WebKit/WebKit.js $".replace(/^[^:]*:\s*(.*)\s*\$$/,"$1"),sponsor:"",sponsor_url:"",license:"htmlArea"};function WebKit(a){this.editor=a;a.WebKit=this}WebKit.prototype.onKeyPress=function(u){var d=this.editor;var j=d.getSelection();if(d.isShortCut(u)){switch(d.getKey(u).toLowerCase()){case"z":if(d._unLink&&d._unlinkOnUndo){Xinha._stopEvent(u);d._unLink();d.updateToolbar();return true}break;case"a":break;case"v":if(!d.config.htmlareaPaste){return true}break}}switch(d.getKey(u)){case" ":var g=function(y,m){var x=y.nextSibling;if(typeof m=="string"){m=d._doc.createElement(m)}var s=y.parentNode.insertBefore(m,x);Xinha.removeFromParent(y);s.appendChild(y);x.data=" "+x.data;j.collapse(x,1);d._unLink=function(){var a=s.firstChild;s.removeChild(a);s.parentNode.insertBefore(a,s);Xinha.removeFromParent(s);d._unLink=null;d._unlinkOnUndo=false};d._unlinkOnUndo=true;return s};if(d.config.convertUrlsToLinks&&j&&j.isCollapsed&&j.anchorNode.nodeType==3&&j.anchorNode.data.length>3&&j.anchorNode.data.indexOf(".")>=0){var t=j.anchorNode.data.substring(0,j.anchorOffset).search(/\S{4,}$/);if(t==-1){break}if(d._getFirstAncestor(j,"a")){break}var h=j.anchorNode.data.substring(0,j.anchorOffset).replace(/^.*?(\S*)$/,"$1");var e=h.match(Xinha.RE_email);if(e){var v=j.anchorNode;var f=v.splitText(j.anchorOffset);var k=v.splitText(t);g(k,"a").href="mailto:"+e[0];break}RE_date=/([0-9]+\.)+/;RE_ip=/(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)/;var p=h.match(Xinha.RE_url);if(p){if(RE_date.test(h)){break}var i=j.anchorNode;var b=i.splitText(j.anchorOffset);var q=i.splitText(t);g(q,"a").href=(p[1]?p[1]:"http://")+p[2];break}}break}switch(u.keyCode){case 13:if(u.shiftKey){}break;case 27:if(d._unLink){d._unLink();Xinha._stopEvent(u)}break;case 8:case 46:if(!u.shiftKey&&this.handleBackspace()){Xinha._stopEvent(u)}break;default:d._unlinkOnUndo=false;if(j.anchorNode&&j.anchorNode.nodeType==3){var w=d._getFirstAncestor(j,"a");if(!w){break}if(!w._updateAnchTimeout){if(j.anchorNode.data.match(Xinha.RE_email)&&w.href.match("mailto:"+j.anchorNode.data.trim())){var l=j.anchorNode;var c=function(){w.href="mailto:"+l.data.trim();w._updateAnchTimeout=setTimeout(c,250)};w._updateAnchTimeout=setTimeout(c,1000);break}var n=j.anchorNode.data.match(Xinha.RE_url);if(n&&w.href.match(new RegExp("http(s)?://"+Xinha.escapeStringForRegExp(j.anchorNode.data.trim())))){var o=j.anchorNode;var r=function(){n=o.data.match(Xinha.RE_url);if(n){w.href=(n[1]?n[1]:"http://")+n[2]}w._updateAnchTimeout=setTimeout(r,250)};w._updateAnchTimeout=setTimeout(r,1000)}}}break}return false};WebKit.prototype.handleBackspace=function(){var a=this.editor;setTimeout(function(){var e=a.getSelection();var g=a.createRange(e);var f=g.startContainer;var i=g.startOffset;var c=g.endContainer;var h=g.endOffset;var j=f.nextSibling;if(f.nodeType==3){f=f.parentNode}if(!(/\S/.test(f.tagName))){var d=document.createElement("p");while(f.firstChild){d.appendChild(f.firstChild)}f.parentNode.insertBefore(d,f);Xinha.removeFromParent(f);var b=g.cloneRange();b.setStartBefore(j);b.setEndAfter(j);b.extractContents();e.removeAllRanges();e.addRange(b)}},10)};WebKit.prototype.inwardHtml=function(a){return a};WebKit.prototype.outwardHtml=function(a){return a};WebKit.prototype.onExecCommand=function(h,g,f){this.editor._doc.execCommand("styleWithCSS",false,false);switch(h){case"paste":alert(Xinha._lc("The Paste button does not work in the Safari browser for security reasons. Press CTRL-V on your keyboard to paste directly."));return true;break;case"removeformat":var m=this.editor;var e=m.getSelection();var q=m.saveSelection(e);var l=m.createRange(e);var j=m._doc.getElementsByTagName("*");j=Xinha.collectionToArray(j);var a=(l.startContainer.nodeType==1)?l.startContainer:l.startContainer.parentNode;var k,d,p,n,c,b=m._doc.createRange();function o(r){if(r.nodeType!=1){return}r.removeAttribute("style");for(var i=0;i<r.childNodes.length;i++){o(r.childNodes[i])}if((r.tagName.toLowerCase()=="span"&&!r.attributes.length)||r.tagName.toLowerCase()=="font"){b.selectNodeContents(r);n=b.extractContents();while(n.firstChild){c=n.removeChild(n.firstChild);r.parentNode.insertBefore(c,r)}r.parentNode.removeChild(r)}}if(e.isCollapsed){j=m._doc.body.childNodes;for(k=0;k<j.length;k++){d=j[k];if(d.nodeType!=1){continue}if(d.tagName.toLowerCase()=="span"){p=m.convertNode(d,"div");d.parentNode.replaceChild(p,d);d=p}o(d)}}else{for(k=0;k<j.length;k++){d=j[k];if(l.isPointInRange(d,0)||(j[k]==a&&l.startOffset==0)){o(d)}}}b.detach();m.restoreSelection(q);return true;break}return false};WebKit.prototype.onMouseDown=function(a){if(a.target.tagName.toLowerCase()=="hr"||a.target.tagName.toLowerCase()=="img"){this.editor.selectNodeContents(a.target)}};Xinha.prototype.insertNodeAtSelection=function(b){var d=this.getSelection();var a=this.createRange(d);d.removeAllRanges();a.deleteContents();var c=a.startContainer;var f=a.startOffset;var e=b;switch(c.nodeType){case 3:if(b.nodeType==3){c.insertData(f,b.data);a=this.createRange();a.setEnd(c,f+b.length);a.setStart(c,f+b.length);d.addRange(a)}else{c=c.splitText(f);if(b.nodeType==11){e=e.firstChild}c.parentNode.insertBefore(b,c);this.selectNodeContents(e);this.updateToolbar()}break;case 1:if(b.nodeType==11){e=e.firstChild}c.insertBefore(b,c.childNodes[f]);this.selectNodeContents(e);this.updateToolbar();break}};Xinha.prototype.getParentElement=function(c){if(typeof c=="undefined"){c=this.getSelection()}var a=this.createRange(c);try{var d=a.commonAncestorContainer;if(!a.collapsed&&a.startContainer==a.endContainer&&a.startOffset-a.endOffset<=1&&a.startContainer.hasChildNodes()){d=a.startContainer.childNodes[a.startOffset]}while(d.nodeType==3){d=d.parentNode}return d}catch(b){return null}};Xinha.prototype.activeElement=function(a){if((a===null)||this.selectionEmpty(a)){return null}if(!a.isCollapsed){if(a.anchorNode.childNodes.length>a.anchorOffset&&a.anchorNode.childNodes[a.anchorOffset].nodeType==1){return a.anchorNode.childNodes[a.anchorOffset]}else{if(a.anchorNode.nodeType==1){return a.anchorNode}else{return null}}}return null};Xinha.prototype.selectionEmpty=function(a){if(!a){return true}if(typeof a.isCollapsed!="undefined"){return a.isCollapsed}return true};Xinha.prototype.saveSelection=function(){return this.createRange(this.getSelection()).cloneRange()};Xinha.prototype.restoreSelection=function(a){var b=this.getSelection();b.removeAllRanges();b.addRange(a)};Xinha.prototype.selectNodeContents=function(b,d){this.focusEditor();this.forceRedraw();var a;var e=typeof d=="undefined"?true:false;var c=this.getSelection();a=this._doc.createRange();if(e&&b.tagName&&b.tagName.toLowerCase().match(/table|img|input|textarea|select/)){a.selectNode(b)}else{a.selectNodeContents(b)}c.removeAllRanges();c.addRange(a);if(typeof d!="undefined"){if(d){c.collapse(a.startContainer,a.startOffset)}else{c.collapse(a.endContainer,a.endOffset)}}};Xinha.prototype.insertHTML=function(c){var e=this.getSelection();var a=this.createRange(e);this.focusEditor();var b=this._doc.createDocumentFragment();var f=this._doc.createElement("div");f.innerHTML=c;while(f.firstChild){b.appendChild(f.firstChild)}var d=this.insertNodeAtSelection(b)};Xinha.prototype.getSelectedHTML=function(){var b=this.getSelection();if(b.isCollapsed){return""}var a=this.createRange(b);if(a){return Xinha.getHTML(a.cloneContents(),false,this)}else{return""}};Xinha.prototype.getSelection=function(){return this._iframe.contentWindow.getSelection()};Xinha.prototype.createRange=function(b){this.activateEditor();if(typeof b!="undefined"){try{return b.getRangeAt(0)}catch(a){return this._doc.createRange()}}else{return this._doc.createRange()}};Xinha.prototype.isKeyEvent=function(a){return a.type=="keydown"};Xinha.prototype.getKey=function(b){var a=String.fromCharCode(parseInt(b.keyIdentifier.replace(/^U\+/,""),16));if(b.shiftKey){return a}else{return a.toLowerCase()}};Xinha.getOuterHTML=function(a){return(new XMLSerializer()).serializeToString(a)};Xinha.cc=String.fromCharCode(8286);Xinha.prototype.setCC=function(h){var c=Xinha.cc;try{if(h=="textarea"){var d=this._textArea;var f=d.selectionStart;var j=d.value.substring(0,f);var a=d.value.substring(f,d.value.length);if(a.match(/^[^<]*>/)){var i=a.indexOf(">")+1;d.value=j+a.substring(0,i)+c+a.substring(i,a.length)}else{d.value=j+c+a}d.value=d.value.replace(new RegExp("(&[^"+c+";]*?)("+c+")([^"+c+"]*?;)"),"$1$3$2");d.value=d.value.replace(new RegExp("(<script[^>]*>[^"+c+"]*?)("+c+")([^"+c+"]*?<\/script>)"),"$1$3$2");d.value=d.value.replace(new RegExp("^([^"+c+"]*)("+c+")([^"+c+"]*<body[^>]*>)(.*?)"),"$1$3$2$4")}else{var b=this.getSelection();b.getRangeAt(0).insertNode(this._doc.createTextNode(c))}}catch(g){}};Xinha.prototype.findCC=function(i){var c=Xinha.cc;if(i=="textarea"){var f=this._textArea;var j=f.value.indexOf(c);if(j==-1){return}var d=j+c.length;var k=f.value.substring(0,j);var a=f.value.substring(d,f.value.length);f.value=k;f.scrollTop=f.scrollHeight;var b=f.scrollTop;f.value+=a;f.setSelectionRange(j,j);f.focus();f.scrollTop=b}else{var m=this;try{var l=this._doc;l.body.innerHTML=l.body.innerHTML.replace(new RegExp(c),'<span id="XinhaEditingPostion"></span>');var h=l.getElementById("XinhaEditingPostion");this.selectNodeContents(h);this.scrollToElement(h);h.parentNode.removeChild(h);this._iframe.contentWindow.focus()}catch(g){}}};Xinha.prototype._standardToggleBorders=Xinha.prototype._toggleBorders;Xinha.prototype._toggleBorders=function(){var a=this._standardToggleBorders();var c=this._doc.getElementsByTagName("TABLE");for(var b=0;b<c.length;b++){c[b].style.display="none";c[b].style.display="table"}return a};Xinha.getDoctype=function(a){var b="";if(a.doctype){b+="<!DOCTYPE "+a.doctype.name+" PUBLIC ";b+=a.doctype.publicId?'"'+a.doctype.publicId+'"':"";b+=a.doctype.systemId?' "'+a.doctype.systemId+'"':"";b+=">"}return b};

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0116 ]--