!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/sbin/   drwxr-xr-x
Free 52.29 GB of 127.8 GB (40.91%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     wpa_cli (33.77 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
ELFp4<4 (444444uuuuHHH PtdjQtd/lib/ld-linux.so.2GNU <(, <>KgUa2wr1vg/ &50 g=r}yXPL_p>B>t[)=I<IBFJ2::=ipUJkbFr5P9;gW(z=T XP |X M:5Mq5.^^^^^_8_<_h_P __T ____X ̿п0Կؿܿٳii  ii ti ii +P >T =X ?       $(,04 8!<"@#D$H%L&P'T(X)\*`+d,h-l.p/t0x1|23456789:;Ux75%%h%h%h%h%h %h(%h0%h8p%h@`%hHP%hP@%hX0%h` %hh%hp%hx%h%h%h%h%h% h%h%hp%h`%hP% h@%$h0%(h %,h%0h%4h%8h%<h%@h%Dh%Hh %Lh(%Ph0%Th8p%Xh@`%\hHP%`hP@%dhX0%hh` %lhh%php%thx%xh%|h%h%h%h%h%h%hp%h`%hP%h@1^PTRh@hPQVh0_US[ xtzX[ÐUS=` u?-X\ 9v&\ \ 9w` []Ít&'Utt $ÐU1]t  U$^ÍU]G&UD$P$D$ D$1UD$$D$m1É'UD$$D$=Ít&'U(uƉ]}u1]u}]á$o4$e|<$ tȡt$D$XD$ D$D$|$$b$:*$  zvU8$U]u}ωEƋE$<$T44$køtME|$D$D$ D$ED$t$$D$D3$=$1]u}]ÍU$]Ӊu8\$4$D$X]u]ÍUWVSÃ8<^$t<+${0+$$+D$$T$|sD$ D$ D$<$tED$|$$t*Ct<=qu<=_-]"t]ufD$t$${U*<$]]-|x uk[^_]ÍvD$$D$)x t;| tx | h d [^_]Px غp$/t U< zn< ueD$>$xXt&t&'UE]t&U t p u$o& Ív$(& p Ѝ&Uh  t'$6 $%u p $ Ít&'UWVS,eE1 Dž4$`"~~DžD$\$4$"Ƅuatt $ ,$TDž4$!4$!x;Ee3uB,[^_]ÉG$4$!y$<벍t&t&'U8ueE1 ]Ӊ}υ$Dž~T$D$T$ \$4$D$!tn1t.D$$ƄD$1Ue3u ]u}]$tω\$D$$W밉\$D$$8두U t21ɺu2 t1ɺ|E u$<S뻍U]bfUVSueU1ҋE} uWtD$ D$ D$D$D$$ ډEUe3uİ[^]$N&'UWVSLU Ee M1Ʌ҉EpXH Px\$$T$t$(L$ |$D$D$ D$D$D$$1EUe3u_L[^_]u xuiZtK<0$tzv'UE] U(E] UE ~i^h $qE$Th :tih D$U$D$I $| u+p 1$4EJQ1$1áh D$$D$1ÍUEU ]]uEeE1B}taL$]D$zD$ @D$D$D$@$ EEUe3uW]u}]Ðt&ssr8t$$$rUE] UE] UE] UE] UE] UVS0E e M1ɋuUtlupBD$D$D$ D$D$D$$=wAډ Ue3u?0[^]Í1$p$UVS0E e M1ɋuUtmuqBD$BD$D$D$ D$D$D$$=w;ډ5Ue3u90[^]1$J$7t&'UVSPueU1ҋU E~Q]D$$D$ D$D$D$ $ډEUe3uP[^]$FU6E]? UVSPM eU1ҋuE~Q]D$BD$ D$D$D$ $NډEUe3uP[^]$\UVSP] eU1ҋuE~Q]D$UD$ D$D$D$ $ډEAUe3uP[^]$bUVSPueU1ҋU E~Q]D$gD$ D$D$D$ $.ډEUe3uP[^]$vUyE]o UWVS<EUeE1} E)ӉD$D$ D$\$$`x\9~X19~H;} thË)D$D$ D$D$t$$y$Ue3u1<[^_]ËW$ -'UWVS<EUeE1} E)ӉBD$D$D$ D$D$\$$xs9~o} 9~L;} tlË)D$D$ D$D$t$$yt&$dUe3u1<[^_]Ë$d)'UWVS<EUeE1} E)ӉBD$D$D$ D$D$\$$xs9~o} 9~L;} tlË)D$D$ D$D$t$$Iyt&$Ue3u1<[^_]Ë$m'UWVS<EUeE1} E)ӉBD$D$D$ D$D$\$$Wxs9~o} 9~L;} tlË)D$D$ D$D$t$$yt&$Ue3u1<[^_]Ë7$i 'UWVS<EUeE1} E)ӉBD$D$.D$ D$D$\$$xs9~o} 9~L;} tlË)D$D$ D$D$t$$yt&$DUe3u1<[^_]Ë$4 'UWVS<EUeE1} E)ӉBD$D$JD$ D$D$\$$xs9~o} 9~L;} tlË)D$D$ D$D$t$$)yt&$bUe3u1<[^_]Ëw$M'UWVS<EUeE1} E)ӉBD$D$}D$ D$D$\$$7xs9~o} 9~L;} tlË)D$D$ D$D$t$$yt&$Ue3u1<[^_]Ë$I'UVS0ueU1ҋE} uZD$D$ D$D$D$$ =w2ډUe3u00[^]$0$8&UVS0ueU1ҋE} uZD$D$ D$D$D$$Y=w2ډUe3u00[^]$h$&UVS0ueU1ҋE} uZD$D$ D$D$D$$=w2ډ)Ue3u00[^]$G$4&UVS0ueU1ҋE} uZD$D$ D$D$D$$=w2ډyUe3u00[^]$$((&UBE] UNE] UTE] UVS0E e M1ɋuUtlBD$D$[D$ D$D$D$$=wPډXUe3uN0[^]f$t$<h1$0X$eE'U{E] UE] UE] U $t$|$M ]E~90󦹍8ut&؋t$ʋ$|$]9fUWVS,EUM܅[9<$1EEE t;E|$$D$u|$$RuEuŃ}|$D$t$H5tY14tGU܋$\$4$D$_uщt$D$$4u$ ),[^_]Ë]u(|$D$$,[^_]ÉuE܃D$ED$U$UR,[^_]ËE܋8멍&'U%l t$ . &'L$qUu1M]}eE1y Dž uoD$|$$(B4v/cUe3LM]u}]a$l $% ADž {X l lX d ]5X R1th $X $h "X 1$p-;P Džr4$U ?D$P$dD$P$PD$0$<u d t $p  Bd  ,$((8( &5t 1 󫋕8DžDžD$8D$ D$D$($;8t>,1ҹ5t \1h $Gt&DžD$D$ D$ D$D$,$x"v!$1g8"$1FfDžD$$ h tGh  u$vDž뜡1$$$$qP tuP p 9u :Ft9u:Fu :Ftt$D$$Q4$)Ƌ$$)5h d BD$$D$ D$Dž$` 11F$JD$$T D$D$$$ S 11t < < u1t&< tL tA>"tu< u< tD$"4$tpȅt 9t$t \$$P  )á ]*1$t&U$UE]ÍU1ul ]]}EEƒlED$D$ D$t$$QЃl]u}]ÍUS]D$ D$E D$E$4x1[]ÍUWVSuD$ ED$E D$U$.$lt&E1 EUƒlED$D$ D$\$U$6EȉʃlD$ Ut$ $D$7|=t4>$UE$UTEU$t=E\$<$D$U/UT$U$T$ED4$$qU]Ít&'UWVS^QE/ E )E}Ut+1ƍED$E D$E$9}u߃[^_]Ë$ÐUSt Ћu[]US[øDY[set_network variables: ssid (network name, SSID) psk (WPA passphrase or pre-shared key) key_mgmt (key management protocol) identity (EAP identity) password (EAP password) ... Note: Values are entered in the same format as the configuration file is using, i.e., strings values need to be inside double quotation marks. For example: set_network 1 ssid "network name" Please see wpa_supplicant.conf documentation for full list of available variables.wpa_cli [-p] [-i] [-hvB] [-a] \ [-P] [-g] [command..] -h = help (show this usage text) -v = shown version information -a = run in daemon mode executing the action file based on events from wpa_supplicant -B = run a daemon in the background default path: /var/run/wpa_supplicant default interface: first interface found in socket path %swpa_supplicant is terminating - stop monitoringConnection to wpa_supplicant re-establishedWarning: Failed to attach to wpa_supplicant.Could not read pending message.Connection to wpa_supplicant lost - trying to reconnectNot connected to wpa_supplicant - command dropped.Invalid INTERFACE_REMOVE command: needs one argument (interface name)Invalid INTERFACE_ADD command: needs at least one argument (interface name) All arguments: ifname confname driver ctrl_interface driver_param bridge_nameINTERFACE_ADD %s %s %s %s %s %sCould not connect to interface '%s' - re-trying Invalid GET_CAPABILITY command: need either one or two argumentsInvalid GET_CAPABILITY command: second argument, if any, must be 'strict'Invalid GET_NETWORK command: needs two arguments (network id and variable name)Invalid SET_NETWORK command: needs three arguments (network id, variable name, and value)Invalid REMOVE_NETWORK command: needs one argument (network id)Invalid DISABLE_NETWORK command: needs one argument (network id)Invalid ENABLE_NETWORK command: needs one argument (network id)Invalid SELECT_NETWORK command: needs one argument (network id)Invalid BSSID command: needs two arguments (network id and BSSID)Invalid PASSPHRASE command: needs two arguments (network id and passphrase)Invalid OTP command: needs two arguments (network id and password)Invalid PIN command: needs two arguments (network id and pin)Invalid NEW_PASSWORD command: needs two arguments (network id and password)Too long NEW_PASSWORD command.Invalid PASSWORD command: needs two arguments (network id and password)Invalid IDENTITY command: needs two arguments (network id and identity)Invalid LEVEL command: needs one argument (debug level)Invalid STKSTART command: needs one argument (Peer STA MAC address)Invalid AP_SCAN command: needs one argument (ap_scan value)Invalid PREAUTH command: needs one argument (BSSID)set variables: EAPOL::heldPeriod (EAPOL state machine held period, in seconds) EAPOL::authPeriod (EAPOL state machine authentication period, in seconds) EAPOL::startPeriod (EAPOL state machine start period, in seconds) EAPOL::maxStart (EAPOL state machine maximum start attempts) dot11RSNAConfigPMKLifetime (WPA/WPA2 PMK lifetime in seconds) dot11RSNAConfigPMKReauthThreshold (WPA/WPA2 reauthentication threshold percentage) dot11RSNAConfigSATimeout (WPA/WPA2 timeout for completing security association in seconds)Invalid SET command: needs two arguments (variable name and value)Ambiguous command '%s'; possible commands:Failed to connect to wpa_supplicant - wpa_ctrl_openCould not connect to wpa_supplicant - re-tryingwpa_supplicant did not reply to PING command - exitingwpa_cli v0.5.10 Copyright (c) 2004-2008, Jouni Malinen and contributorsThis program is free software. You can distribute it and/or modify it under the terms of the GNU General Public License version 2. Alternatively, this software may be distributed under the terms of the BSD license. See README and COPYING for more details. commands: status [verbose] = get current WPA/EAPOL/EAP status mib = get MIB variables (dot1x, dot11) help = show this usage help interface [ifname] = show interfaces/select interface level = change debug level license = show full wpa_cli license logoff = IEEE 802.1X EAPOL state machine logoff logon = IEEE 802.1X EAPOL state machine logon set = set variables (shows list of variables when run without arguments) pmksa = show PMKSA cache reassociate = force reassociation reconfigure = force wpa_supplicant to re-read its configuration file preauthenticate = force preauthentication identity = configure identity for an SSID password = configure password for an SSID new_password = change password for an SSID pin = configure pin for an SSID otp = configure one-time-password for an SSID passphrase = configure private key passphrase for an SSID bssid = set preferred BSSID for an SSID list_networks = list configured networks select_network = select a network (disable others) enable_network = enable a network disable_network = disable a network add_network = add a network remove_network = remove a network set_network = set network variables (shows list of variables when run without arguments) get_network = get network variables save_config = save the current configuration disconnect = disconnect and wait for reassociate/reconnect command before connecting reconnect = like reassociate, but only takes effect if already disconnected scan = request new BSS scan scan_results = get latest scan results get_capability = get capabilies ap_scan = set ap_scan parameter stkstart = request STK negotiation with terminate = terminate wpa_supplicant quit = exit wpa_cli This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 2 as published by the Free Software Foundation. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA Alternatively, this software may be distributed under the terms of the BSD license. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name(s) of the above-listed copyright holder(s) nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. %s %s %s/%sCTRL-EVENT-CONNECTED WPA_IDWPA_ID_STRWPA_CTRL_DIR[id=CTRL-EVENT-DISCONNECTED DISCONNECTEDCTRL-EVENT-TERMINATING '%s' command timed out. '%s' command failed. PINGINTERFACE_REMOVE %sTERMINATERECONFIGUREAvailable interfaces:INTERFACESConnected to interface '%s. strictGET_CAPABILITY %s%sSCAN_RESULTSSCANSAVE_CONFIGRECONNECTDISCONNECTGET_NETWORK %s %sToo long GET_NETWORK command.SET_NETWORK %s %s %sToo long SET_NETWORK command.REMOVE_NETWORK %sADD_NETWORKDISABLE_NETWORK %sENABLE_NETWORK %sSELECT_NETWORK %sLIST_NETWORKSBSSIDToo long BSSID command.CTRL-RSP-PASSPHRASE-%s:%sToo long PASSPHRASE command.CTRL-RSP-OTP-%s:%sToo long OTP command.CTRL-RSP-PIN-%s:%sToo long PIN command.CTRL-RSP-NEW_PASSWORD-%s:%sCTRL-RSP-PASSWORD-%s:%sToo long PASSWORD command.CTRL-RSP-IDENTITY-%s:%sToo long IDENTITY command.LEVEL %sToo long LEVEL command.STKSTART %sToo long STKSTART command.AP_SCAN %sToo long AP_SCAN command.PREAUTH %sToo long PREAUTH command.REASSOCIATELOGONLOGOFFSET %s %sToo long SET command.PMKSAMIBverboseSTATUS-VERBOSESTATUSUnknown command '%s' a:Bg:hi:p:P:v%s %s ..Selected interface '%s' Connection established. Interactive mode > selectPONG/var/run/wpa_supplicantstatuspingmibhelpinterfacelevellicensequitsetlogonlogoffpmksareassociatepreauthenticateidentitynew_passwordpinotppassphrasebssidlist_networksselect_networkenable_networkdisable_networkadd_networkremove_networkset_networkget_networksave_configdisconnectreconnectscan_resultsget_capabilityreconfigureterminateinterface_addinterface_removeap_scanstkstart".Ra<ATTACHDETACHOK /tmp/wpa_ctrl_%d-%drb/dev/urandomCould not open /dev/urandom.daemonw%u ;RHhȥ((@Ȧ`x(xت,(PhHxx(@XرpHh8Xx8hȸ(0HPpXh 8Xph(H( h@ xX | X  $ 8D H\ Xt x ( 8 H X  , H h  | PAD 0pAB H AB `0AB xЏ'AB %AB 0AB HHАAB R:AB IEUAB C(  AB @0IAB XUAB  p%AB ACI AB IUE0dAB AG AB HP&AB I(AG @AG XAB pAB O]AG AG AG AG AG  AB H(AB HHAB EhPAG pAB EAB EAB E AG @#AB IpSAB I8ТSAB IX0SAB IxSAB ISAB IPSAB IAB H`AB HAB H8AB HXpAG pAG AG ЬAB HAG ЭAG AG ^AB N(pAB FH"AB ,`0D  F AB IKPAB p AB  AD INF :AB D`jAB I йAD SK@AD XAG p,AB DKAB BF@AD PAB `AB AB LE0 AB ,@ AB DP AB \`{AB QF|AB AB DAB SF.AB D:AB D AB O  oh  5  oPoo·oo(ooƊp kg&P̯e :lòS0@E0pٳ` p 8`ppPXApƲPW ͲjVp0iK0W0W nt޲ eCК˲>p&>EJЭNЏS]ckPpЬtzpP0Тp@ pP)5 AMXbo~P` d__gmon_start__libc.so.6_IO_stdin_usedsocket__printf_chkexitreaddirfopenstrncmpoptindstrrchr__strdupperrorconnectclosedirftellsignalputs__stack_chk_faildaemonunlinkputcharselectstdingetpidgmtimefgetscallocstrlensendmemsetstrstr__errno_locationbindfseekgetoptunsetenv__fprintf_chkrecvmemcpyfclose__strtol_internalmallocstrcasecmpopendiroptargalarmsystem__snprintf_chkstrncasecmpusleepgetcwdfreadgettimeofdaylocaltimestrchrmktime__libc_start_mainrandomsnprintffreeGLIBC_2.4GLIBC_2.1GLIBC_2.3.4GLIBC_2.0/lib/ld-linux.so.2wpa_cli.debug?ELFp4Dz4 (444444uuuuHHH PtdjQtd 44HH !ohh0+ 35;o·HoPPPW  `  i d oppx3uA{B(jl( uuuuvvw P Py8Pydy.shstrtab.interp.note.ABI-tag.gnu.hash.dynsym.dynstr.gnu.version.gnu.version_r.rel.dyn.rel.plt.init.text.fini.rodata.eh_frame_hdr.eh_frame.ctors.dtors.jcr.dynamic.got.got.plt.data.bss.gnu_debuglink.dynbss.gnu.liblist.gnu.conflict.gnu.prelink_undo 44HH !ohh0+ o( ;o·HoPPPW  `  i d oppx3uA{B(jl( uuuuvvw P Py \ \y,3 yH{{D(

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0052 ]--