!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/libexec/webmin/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     thirdparty.pl (1.73 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
# thirdparty.pl
# Checks for modules available in an old install of webmin that are
# not included in this new install, and offers to copy them across.
# Also re-creates clones of existing modules in the new install

($newdir, $olddir, $copythird) = @ARGV;

# find missing modules
opendir(DIR, $olddir);
while($m = readdir(DIR)) {
    next if ($m =~ /^\./);
    if (-r "$olddir/$m/module.info" && !-r "$newdir/$m/module.info") {
        if (-l "$olddir/$m") {
            # Found a clone - recreate it
            $clone = readlink("$olddir/$m");
            symlink($clone, "$newdir/$m");
            }
        else {
            # Found a candidate for copying
            local %minfo;
            &read_file("$olddir/$m/module.info", \%minfo);
            push(@missing, $m);
            push(@missdesc, $minfo{'desc'});
            }
        }
    elsif (-r "$olddir/$m/theme.info" && !-r "$newdir/$m/theme.info") {
        # Found a theme for copying
        local %tinfo;
        &read_file("$olddir/$m/theme.info", \%tinfo);
        push(@missing, $m);
        push(@missdesc, $tinfo{'desc'});
        }
    }
closedir(DIR);

if (@missing) {
    # Tell the user, and ask whether to copy
    if (!$copythird) {
        print "The following third party modules were found in your old Webmin\n";
        print "installation in $olddir :\n";
        for($i=0; $i<@missing; $i++) {
            printf "  %-12.12s %s\n", $missing[$i], $missdesc[$i];
            }
        print "Copy to new Webmin installation (y/n): ";
        chop($resp = <STDIN>);
        $copythird = $resp =~ /^y/i;
        }
    if ($copythird) {
        foreach $m (@missing) {
            system("cp -rp $olddir/$m $newdir");
            }
        }
    }

# read_file(file, array)
# Fill an associative array with name=value pairs from a file
sub read_file
{
local($arr);
$arr = $_[1];
open(ARFILE, $_[0]) || return 0;
while(<ARFILE>) {
        chop;
        if (!/^#/ && /^([^=]+)=(.*)$/) { $$arr{$1} = $2; }
        }
close(ARFILE);
return 1;
}
 

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0222 ]--