!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/usr/share/doc/opensp-1.5.2/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     xml.htm (1.94 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
OpenSP - XML support

XML support

Using OpenSP to parse XML

To enable OpenSP's support for XML 1.0:

  • Set the SP_CHARSET_FIXED environment variable to YES.
  • Set the SP_ENCODING environment variable to XML.
  • Set the SGML_CATALOG_FILES environment variable to point to the file pubtext/xml.soc.
  • Use the -wxml option.
  • If the document is not supposed to be valid, use -wno-valid option.

Limitations

OpenSP does not enforce the following XML constraints:

  • XML constrains processing instructions with a target matching [Xx][Mm][Ll], both in terms of where they can occur and their content.
  • XML does not allow a parameter separator that is adjacent to a delimiter to be omitted.
  • XML has constraints on the use of & in parameter literals. In SGML terms, XML says that the ero delimiter is recognized in a parameter literal, and that it must be followed by an entity reference, but the entity reference is not expanded.

Line ends are normalized using SGML conventions to a CR/LF character pair rather than using the XML convention of a single LF character.

OpenSP does not enforce XML's rules on not continuing normal processing after an error. Applications can enforce these if they choose.

Web SGML Adaptations Annex

OpenSP's support for XML is based on Annex K of ISO 8879 (the Web SGML Adaptations Annex). The following features of Annex K are not yet implemented:

  • #IMPLIED document type name
  • #ALL and #IMPLICIT in model groups and exceptions

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0139 ]--