Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php session_start(); include("./include/FunctionDB.php"); ConnectDB(); $Username = $_REQUEST["Username"]; $Password = $_REQUEST["Password"]; if($Username && $Password) { $Password = md5($Password); $sql = "SELECT * FROM user_tb WHERE (Username ='$Username' AND Password='$Password') AND Flag IN ('0','1')"; $result = mysql_query($sql) or die(" $result".mysql_error()); $row = mysql_num_rows($result); $rs = mysql_fetch_array($result); $Priority = $rs["Priority"]; $_SESSION['valid_user'] = $Username; $_SESSION['priority'] = $priority; $_SESSION['password'] = $Password; if( $row < 1 ) { ?> <body bgcolor="#"><br> <center> <font face="Tohama" size="5" color="#FF0000">ชื่อผู้ใช้ หรือ รหัสผ่าน ไม่ถูกต้อง กรุณากรอกใหม่ค่ะ</font> </center> <!--<meta http-equiv="refresh" content="3;URL=login.php">--> <meta http-equiv="refresh" content="1;URL=login.php"> <!-- <meta http-equiv="Content-Type" content="text/html; charset=TIS-620"> <link href="./source/style.css" rel="stylesheet" type="text/css">--> <?php } else { $sql = "SELECT * FROM permission_tb WHERE permision='$Priority' "; $result2 = mysql_query($sql) or die(" $result".mysql_error()); $rss = mysql_fetch_array($result2); session_register("valid_user"); session_register("password") ; session_register("Priority") ; $goto = $rss["url"]; // header("$goto"); //header("Location: $goto"); echo "<meta http-equiv=\"refresh\" content=\"0;URL=$goto\">"; } } else { ?> <br> <center> <font face="Tohama" size="5" color="#FF0000">กรุณากรอก ชื่อผู้ใช้ และรหัสผ่าน ก่อนเข้าระบบค่ะ </font> </center><br> <!-- <meta http-equiv="refresh" content="3;URL=login.php">--> <meta http-equiv="refresh" content="1;URL=login.php"> </body> <?php } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]-- |