110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/intranet/ drwxrwxrwx Free 52.82 GB of 127.8 GB (41.33%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/intranet/ drwxrwxrwx
Free 52.82 GB of 127.8 GB (41.33%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: add.php (793 B) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/intranet/add.php
Size	793 B
MD5	079caf55b42951d27420b2267b7ff727
Owner/Group	root/root
Perms	-rw-r--r--
Create time	06/07/2011 01:41:54
Access time	06/07/2024 16:49:07
MODIFY time	23/01/2007 15:48:38

HEXDUMP PREVIEW

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8

3C 3F 70 68 70 0D 0A 09 24 73 71 6C 20 3D 20 22 20 73 65 6C 65 63 74 20
2A 20 66 72 6F 6D 20 70 65 72 73 6F 6E 20 77 68 65 72 65 20 55 69 64 3D
27 24 74 78 74 55 69 64 27 20 6F 72 20 49 64 5F 43 61 72 64 3D 27 24 74
78 74 49 64 43 61 72 64 27 22 20 3B 0D 0A 09 24 72 73 20 3D 20 6D 79 73
71 6C 5F 71 75 65 72 79 28 24 73 71 6C 29 20 6F 72 20 64 69 65 28 22 53
51 4C 20 3D 20 24 73 71 6C 20 22 2E 6D 79 73 71 6C 5F 65 72 72 6F 72 28
29 29 3B 0D 0A 09 69 66 20 28 6D 79 73 71 6C 5F 6E 75 6D 5F 72 6F 77 73
28 24 72 73 29 20 3E 20 30 29 20 7B 0D 0A 09 70 72 69 6E 74 20 22 D5 D5

<?php   $sql = " select
* from person where Uid=
'$txtUid' or Id_Card='$t
xtIdCard'" ;   $rs = mys
ql_query($sql) or die("S
QL = $sql ".mysql_error(
));   if (mysql_num_rows
($rs) > 0) {   print "ХХ

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0063 ]--