110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x Free 52.82 GB of 127.8 GB (41.33%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/ drwxr-xr-x
Free 52.82 GB of 127.8 GB (41.33%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: Checkuser.php (2.61 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/manage/Checkuser.php
Size	2.61 KB
MD5	99d319c36bd683f3d50bb61afddd612c
Owner/Group	apache/apache
Perms	-rw-r--r--
Create time	03/07/2013 18:31:17
Access time	06/07/2024 17:37:25
MODIFY time	16/11/2011 10:57:02

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8
000002D0
000002E8
00000300
00000318
00000330
00000348
00000360
00000378
00000390
000003A8
000003C0
000003D8
000003F0
00000408
00000420
00000438
00000450
00000468
00000480
00000498
000004B0
000004C8
000004E0
000004F8
00000510
00000528
00000540
00000558
00000570
00000588
000005A0
000005B8
000005D0
000005E8
00000600
00000618
00000630
00000648
00000660
00000678
00000690
000006A8
000006C0
000006D8
000006F0
00000708
00000720
00000738
00000750
00000768
00000780
00000798
000007B0
000007C8
000007E0
000007F8
00000810
00000828
00000840
00000858
00000870
00000888
000008A0
000008B8
000008D0
000008E8
00000900
00000918
00000930
00000948
00000960
00000978
00000990
000009A8
000009C0
000009D8
000009F0
00000A08
00000A20
00000A38
00000A50
00000A68

3C 3F 70 68 70 0D 0A 09 0D 0A 09 73 65 73 73 69 6F 6E 5F 73 74 61 72 74
28 29 3B 0D 0A 0D 0A 09 2F 2A 2A 20 20 53 65 74 20 66 6C 61 67 20 74 68
61 74 20 74 68 69 73 20 69 73 20 61 20 70 61 72 65 6E 74 20 66 69 6C 65
20 20 2A 2F 0D 0A 09 69 66 20 28 20 21 64 65 66 69 6E 65 64 28 20 27 5F
56 41 4C 49 44 5F 41 43 43 45 53 53 27 20 29 20 29 20 64 65 66 69 6E 65
28 20 27 5F 56 41 4C 49 44 5F 41 43 43 45 53 53 27 2C 20 31 20 29 3B 0D
0A 09 0D 0A 09 2F 2A 2A 20 20 43 6F 6E 66 69 67 75 72 61 74 69 6F 6E 20
2A 2F 0D 0A 09 72 65 71 75 69 72 65 5F 6F 6E 63 65 28 20 22 2E 2F 63 6F
6E 66 69 67 75 72 61 74 69 6F 6E 2E 70 68 70 22 20 29 3B 0D 0A 09 72 65
71 75 69 72 65 5F 6F 6E 63 65 28 20 24 5F 43 6F 6E 66 69 67 5F 61 62 73
6F 6C 75 74 65 5F 70 61 74 68 20 2E 20 22 2F 69 6E 63 6C 75 64 65 73 2F
66 72 61 6D 65 77 6F 72 6B 2E 70 68 70 22 20 29 3B 0D 0A 0D 0A 09 2F 2A
2A 20 20 43 72 65 61 74 65 20 44 61 74 61 62 61 73 65 20 4F 62 6A 65 63
74 20 2A 2F 0D 0A 09 24 64 62 4F 62 6A 20 3D 20 6E 65 77 20 44 42 43 6F
6E 6E 3B 0D 0A 09 0D 0A 09 2F 2A 2A 20 20 B5 C3 C7 A8 CA CD BA A1 D2 C3
BB E9 CD B9 A2 E9 CD C1 D9 C5 E3 B9 20 4C 6F 67 69 6E 20 46 4F 52 4D 20
20 2A 2F 0D 0A 09 2F 2F 69 66 28 20 69 73 73 65 74 28 24 5F 50 4F 53 54
5B 27 55 73 65 72 6E 61 6D 65 27 5D 29 20 26 26 20 69 73 73 65 74 28 24
5F 50 4F 53 54 5B 27 50 61 73 73 77 6F 72 64 27 5D 29 20 29 20 7B 0D 0A
09 69 66 28 20 69 73 73 65 74 28 24 5F 50 4F 53 54 5B 27 4C 6F 67 69 6E
27 5D 29 20 29 20 7B 0D 0A 09 09 0D 0A 09 09 24 55 73 65 72 6E 61 6D 65
20 3D 20 24 5F 50 4F 53 54 5B 22 55 73 65 72 6E 61 6D 65 22 5D 3B 0D 0A
09 09 24 50 61 73 73 77 6F 72 64 20 3D 20 24 5F 50 4F 53 54 5B 22 50 61
73 73 77 6F 72 64 22 5D 3B 0D 0A 0D 0A 09 09 24 71 75 65 72 79 20 3D 20
22 20 53 45 4C 45 43 54 20 2A 20 20 46 52 4F 4D 20 75 73 65 72 5F 74 62
20 20 57 48 45 52 45 20 28 20 42 49 4E 41 52 59 20 55 73 65 72 6E 61 6D
65 20 3D 20 27 22 2E 6D 79 73 71 6C 5F 72 65 61 6C 5F 65 73 63 61 70 65
5F 73 74 72 69 6E 67 28 24 55 73 65 72 6E 61 6D 65 29 2E 22 27 20 20 41
4E 44 20 20 50 61 73 73 77 6F 72 64 20 3D 20 4D 44 35 28 27 22 2E 6D 79
73 71 6C 5F 72 65 61 6C 5F 65 73 63 61 70 65 5F 73 74 72 69 6E 67 28 24
50 61 73 73 77 6F 72 64 29 2E 22 27 29 20 29 20 20 41 4E 44 20 20 46 6C
61 67 20 49 4E 20 28 27 30 27 2C 27 31 27 29 20 22 3B 0D 0A 09 09 24 72
65 73 75 6C 74 20 3D 20 24 64 62 4F 62 6A 2D 3E 65 78 65 63 51 75 65 72
79 28 24 71 75 65 72 79 29 3B 0D 0A 09 09 24 6E 75 6D 72 6F 77 73 20 3D
20 24 64 62 4F 62 6A 2D 3E 5F 6E 75 6D 72 6F 77 73 3B 0D 0A 09 09 0D 0A
09 09 2F 2A 2A 20 20 B5 C3 C7 A8 CA CD BA C7 E8 D2 BE BA 20 55 73 65 72
20 CB C3 D7 CD E4 C1 E8 20 20 2A 2F 0D 0A 09 09 69 66 28 20 24 6E 75 6D
72 6F 77 73 20 21 3D 20 31 20 29 20 7B 0D 0A 09 09 09 65 63 68 6F 20 22
3C 73 63 72 69 70 74 3E 61 6C 65 72 74 28 27 AA D7 E8 CD E0 A2 E9 D2 E3
AA E9 A7 D2 B9 20 CB C3 D7 CD 20 C3 CB D1 CA BC E8 D2 B9 20 E4 C1 E8 B6
D9 A1 B5 E9 CD A7 20 20 A1 C3 D8 B3 D2 A1 C3 CD A1 A2 E9 CD C1 D9 C5 CD
D5 A1 A4 C3 D1 E9 A7 27 29 3B 3C 2F 73 63 72 69 70 74 3E 22 3B 0D 0A 09
09 09 65 63 68 6F 20 22 3C 6D 65 74 61 20 68 74 74 70 2D 65 71 75 69 76
3D 27 72 65 66 72 65 73 68 27 20 63 6F 6E 74 65 6E 74 3D 27 30 3B 20 55
52 4C 3D 6C 6F 67 69 6E 2E 70 68 70 27 3E 22 3B 0D 0A 09 09 09 65 78 69
74 28 29 3B 0D 0A 09 09 7D 0D 0A 09 09 65 6C 73 65 20 7B 0D 0A 09 09 09
24 72 73 20 3D 20 24 64 62 4F 62 6A 2D 3E 66 65 74 63 68 4F 62 6A 65 63
74 28 24 72 65 73 75 6C 74 29 3B 0D 0A 09 09 09 0D 0A 09 09 09 2F 2A 2A
20 20 A1 D3 CB B9 B4 A4 E8 D2 B5 D1 C7 E1 BB C3 20 20 2A 2F 0D 0A 09 09
09 24 76 61 6C 69 64 5F 75 73 65 72 20 3D 20 24 72 73 2D 3E 55 73 65 72
6E 61 6D 65 3B 0D 0A 09 09 09 24 50 72 69 6F 72 69 74 79 20 3D 20 24 72
73 2D 3E 50 72 69 6F 72 69 74 79 3B 20 0D 0A 0D 0A 09 09 09 24 71 75 65
72 79 32 20 3D 20 22 20 53 45 4C 45 43 54 20 2A 20 46 52 4F 4D 20 70 65
72 6D 69 73 73 69 6F 6E 5F 74 62 20 20 57 48 45 52 45 20 70 65 72 6D 69
73 73 69 6F 6E 3D 27 24 50 72 69 6F 72 69 74 79 27 20 22 3B 0D 0A 09 09
09 24 72 65 73 75 6C 74 32 20 3D 20 24 64 62 4F 62 6A 2D 3E 65 78 65 63
51 75 65 72 79 28 24 71 75 65 72 79 32 29 3B 0D 0A 09 09 09 24 72 73 32
20 3D 20 24 64 62 4F 62 6A 2D 3E 66 65 74 63 68 4F 62 6A 65 63 74 28 24
72 65 73 75 6C 74 32 29 3B 0D 0A 09 09 09 24 72 65 64 69 72 65 63 74 5F
75 72 6C 20 3D 20 24 72 73 32 2D 3E 75 72 6C 3B 0D 0A 09 09 09 0D 0A 09
09 09 2F 2A 2A 20 20 CA C3 E9 D2 A7 20 53 45 53 53 49 4F 4E 20 20 2A 2F
0D 0A 09 09 09 69 66 28 20 21 73 65 73 73 69 6F 6E 5F 69 73 5F 72 65 67
69 73 74 65 72 65 64 28 22 76 61 6C 69 64 5F 75 73 65 72 22 29 20 29 20
73 65 73 73 69 6F 6E 5F 72 65 67 69 73 74 65 72 28 22 76 61 6C 69 64 5F
75 73 65 72 22 29 3B 0D 0A 09 09 09 69 66 28 20 21 73 65 73 73 69 6F 6E
5F 69 73 5F 72 65 67 69 73 74 65 72 65 64 28 22 50 72 69 6F 72 69 74 79
22 29 20 29 20 73 65 73 73 69 6F 6E 5F 72 65 67 69 73 74 65 72 28 22 50
72 69 6F 72 69 74 79 22 29 3B 0D 0A 09 09 09 69 66 28 20 21 73 65 73 73
69 6F 6E 5F 69 73 5F 72 65 67 69 73 74 65 72 65 64 28 22 72 65 64 69 72
65 63 74 55 52 4C 22 29 20 29 20 73 65 73 73 69 6F 6E 5F 72 65 67 69 73
74 65 72 28 22 72 65 64 69 72 65 63 74 55 52 4C 22 29 3B 0D 0A 09 09 09
0D 0A 09 09 09 24 5F 53 45 53 53 49 4F 4E 5B 22 72 65 64 69 72 65 63 74
55 52 4C 22 5D 20 3D 20 24 72 65 64 69 72 65 63 74 5F 75 72 6C 3B 0D 0A
09 09 09 0D 0A 09 09 09 0D 0A 09 0D 0A 09 09 09 2F 2A 2A 20 20 52 65 64
69 72 65 63 74 20 20 2A 2F 0D 0A 09 09 09 65 63 68 6F 20 22 3C 70 20 73
74 79 6C 65 3D 70 61 64 64 69 6E 67 2D 74 6F 70 3A 31 31 35 70 78 3E 3C
70 20 61 6C 69 67 6E 3D 63 65 6E 74 65 72 3E 3C 62 72 20 2F 3E 3C 73 70
61 6E 20 73 74 79 6C 65 3D 5C 22 63 6F 6C 6F 72 3A 23 30 30 39 39 30 30
3B 20 66 6F 6E 74 2D 73 69 7A 65 3A 31 34 70 78 5C 22 3E 3C 73 74 72 6F
6E 67 3E A1 D2 C3 C5 E7 CD A1 CD D4 B9 E0 A2 E9 D2 CA D9 E8 C3 D0 BA BA
CA C1 BA D9 C3 B3 EC 3C 2F 73 74 72 6F 6E 67 3E 3C 2F 73 70 61 6E 3E 3C
62 72 20 2F 3E 3C 62 72 20 2F 3E 3C 73 70 61 6E 20 73 74 79 6C 65 3D 5C
22 66 6F 6E 74 2D 73 69 7A 65 3A 31 32 70 78 5C 22 3E A1 C3 D8 B3 D2 C3
CD CA E9 A1 A4 C3 D9 E8 20 A1 D3 C5 D1 A7 E0 BB C5 D5 E8 C2 B9 CB B9 E9
D2 CD D1 B5 E2 B9 C1 D1 B5 D4 3C 2F 73 70 61 6E 3E 3C 62 72 20 2F 3E 22
3B 0D 0A 09 09 09 65 63 68 6F 20 22 3C 2F 70 3E 3C 2F 70 3E 22 3B 0D 0A
09 09 09 65 63 68 6F 20 22 3C 6D 65 74 61 20 68 74 74 70 2D 65 71 75 69
76 3D 27 72 65 66 72 65 73 68 27 20 63 6F 6E 74 65 6E 74 3D 27 31 3B 20
55 52 4C 3D 2E 2F 24 72 65 64 69 72 65 63 74 5F 75 72 6C 27 3E 22 3B 0D
0A 09 09 09 65 78 69 74 28 29 3B 0D 0A 09 09 7D 0D 0A 09 09 0D 0A 09 7D
20 23 20 69 66 0D 0A 09 65 6C 73 65 20 7B 0D 0A 09 09 65 63 68 6F 20 22
3C 73 63 72 69 70 74 3E 61 6C 65 72 74 28 27 A1 C3 D8 B3 D2 BB E9 CD B9
A2 E9 CD C1 D9 C5 A1 D2 C3 E0 A2 E9 D2 E3 AA E9 A7 D2 B9 27 29 3B 3C 2F
73 63 72 69 70 74 3E 22 3B 0D 0A 09 09 65 63 68 6F 20 22 3C 6D 65 74 61
20 68 74 74 70 2D 65 71 75 69 76 3D 27 72 65 66 72 65 73 68 27 20 63 6F
6E 74 65 6E 74 3D 27 30 3B 20 55 52 4C 3D 6C 6F 67 69 6E 2E 70 68 70 27
3E 22 3B 0D 0A 09 09 65 78 69 74 28 29 3B 0D 0A 09 7D 0D 0A 09 0D 0A 09
0D 0A 09 2F 2A 2A 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D
3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D
3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 3D 2A 2F
0D 0A 09 2F 2A 2A 20 20 46 72 65 65 20 52 65 73 6F 75 72 63 65 20 20 2A
2F 0D 0A 09 24 64 62 4F 62 6A 2D 3E 66 72 65 65 72 65 73 75 6C 74 28 24
72 65 73 75 6C 74 32 29 3B 0D 0A 09 24 64 62 4F 62 6A 2D 3E 66 72 65 65
72 65 73 75 6C 74 28 24 72 65 73 75 6C 74 29 3B 0D 0A 09 0D 0A 09 2F 2A
2A 20 20 44 69 73 63 6F 6E 6E 65 63 74 20 44 42 20 20 2A 2F 0D 0A 09 24
64 62 4F 62 6A 2D 3E 64 69 73 63 6F 6E 6E 28 29 3B 0D 0A 09 0D 0A 09 2F
2A 2A 20 20 55 6E 73 65 74 20 B5 D1 C7 E1 BB C3 20 20 2A 2F 0D 0A 09 75
6E 73 65 74 28 24 64 62 4F 62 6A 29 3B 0D 0A 0D 0A 3F 3E 0D 0A 3C 21 2D
2D 20 3C 6D 65 74 61 20 68 74 74 70 2D 65 71 75 69 76 3D 22 43 6F 6E 74
65 6E 74 2D 54 79 70 65 22 20 63 6F 6E 74 65 6E 74 3D 22 74 65 78 74 2F
68 74 6D 6C 3B 20 63 68 61 72 73 65 74 3D 77 69 6E 64 6F 77 73 2D 38 37
34 22 20 2F 3E 20 2D 2D 3E

<?php      session_start
();     /**  Set flag th
at this is a parent file
  */   if ( !defined( '_
VALID_ACCESS' ) ) define
( '_VALID_ACCESS', 1 );
   /**  Configuration
*/   require_once( "./co
nfiguration.php" );   re
quire_once( $_Config_abs
olute_path . "/includes/
framework.php" );     /*
*  Create Database Objec
t */   $dbObj = new DBCo
nn;      /**  µГЗЁКНєЎТГ
»йН№ўйНБЩЕг№ Login FORM
*/   //if( isset($_POST
['Username']) && isset($
_POST['Password']) ) {
if( isset($_POST['Login
']) ) {      $Username
= $_POST["Username"];
$Password = $_POST["Pa
ssword"];     $query =
" SELECT *  FROM user_tb
  WHERE ( BINARY Usernam
e = '".mysql_real_escape
_string($Username)."'  A
ND  Password = MD5('".my
sql_real_escape_string($
Password)."') )  AND  Fl
ag IN ('0','1') ";   $r
esult = $dbObj->execQuer
y($query);   $numrows =
$dbObj->_numrows;
/**  µГЗЁКНєЗиТѕє User
ЛГЧНдБи  */   if( $num
rows != 1 ) {   echo "
<script>alert('ЄЧиНаўйТг
Єй§Т№ ЛГЧН ГЛСКјиТ№ дБи¶
ЩЎµйН§  ЎГШіТЎГНЎўйНБЩЕН
ХЎ¤ГСй§');</script>";
echo "<meta http-equiv
='refresh' content='0; U
RL=login.php'>";   exi
t();   }   else {
$rs = $dbObj->fetchObjec
t($result);      /**
  ЎУЛ№ґ¤иТµСЗб»Г  */
$valid_user = $rs->User
name;   $Priority = $r
s->Priority;      $que
ry2 = " SELECT * FROM pe
rmission_tb  WHERE permi
ssion='$Priority' ";
$result2 = $dbObj->exec
Query($query2);   $rs2
= $dbObj->fetchObject($
result2);   $redirect_
url = $rs2->url;
/**  КГйТ§ SESSION  */
   if( !session_is_reg
istered("valid_user") )
session_register("valid_
user");   if( !session
_is_registered("Priority
") ) session_register("P
riority");   if( !sess
ion_is_registered("redir
ectURL") ) session_regis
ter("redirectURL");
   $_SESSION["redirect
URL"] = $redirect_url;
         /**  Red
irect  */   echo "<p s
tyle=padding-top:115px><
p align=center><br /><sp
an style=\"color:#009900
; font-size:14px\"><stro
ng>ЎТГЕзНЎНФ№аўйТКЩиГРєє
КБєЩГім</strong></span><
br /><br /><span style=\
"font-size:12px\">ЎГШіТГ
НКйЎ¤ГЩи ЎУЕС§а»ЕХиВ№Л№й
ТНСµв№БСµФ</span><br />"
;   echo "</p></p>";
echo "<meta http-equi
v='refresh' content='1;
URL=./$redirect_url'>";
exit();   }      }
# if   else {   echo "
<script>alert('ЎГШіТ»йН№
ўйНБЩЕЎТГаўйТгЄй§Т№');</
script>";   echo "<meta
http-equiv='refresh' co
ntent='0; URL=login.php'
>";   exit();   }
   /**==================
========================
======================*/
   /**  Free Resource  *
/   $dbObj->freeresult($
result2);   $dbObj->free
result($result);      /*
*  Disconnect DB  */   $
dbObj->disconn();      /
**  Unset µСЗб»Г  */   u
nset($dbObj);    ?>  <!-
- <meta http-equiv="Cont
ent-Type" content="text/
html; charset=windows-87
4" /> -->

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0196 ]--