Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/includes/ drwxr-xr-x | |
| Viewing file: Select action/file-type: execQuery($sql); $rs = $conn->fetchObject($result); $deptId = $rs->deptId; function curlTestConnection(){ global $_Config_curl_ip; if(fsockopen($_Config_curl_ip, 80, $num, $error, 5)) return true; else return false; } function cURL($postfields){ global $_Config_curl_path; $curlSendStatus = true; if(curlTestConnection()){ $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $_Config_curl_path); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //curl_setopt($ch, CURLOPT_HEADER, true); // Display headers //curl_setopt($ch, CURLOPT_VERBOSE, true); $response = curl_exec($ch); curl_close($ch); if($response == 1) $curlSendStatus = true; else $curlSendStatus = false; } else $curlSendStatus = false; //echo "function cURL() - \$response = $response "; if($curlSendStatus) return true; else return false; } //------- HR Person -------// function hrPersonCurl($perid,$Teacher_code, $id, $pcode, $fname, $lname, $birthdate, $sex, $appointdate , $startdate, $fperson, $statusId, $posid, $poscode, $levelcode, $salary, $cercode, $cerid, $fposition, $deptcode, $tcode, $workcode, $Dev_type, $schstartdate, $schstopdate){ global $deptId; $postfields['perid'] = $perid; $postfields['deptId'] = $deptId; $postfields['Teacher_code'] = $Teacher_code; $postfields['id'] = $id; $postfields['pcode'] = $pcode; $postfields['fname'] = $fname; $postfields['lname'] = $lname; $postfields['birthdate'] = $birthdate; $postfields['sex'] = $sex; $postfields['appointdate'] = $appointdate; $postfields['startdate'] = $startdate; $postfields['fperson'] = $fperson; $postfields['statusId'] = $statusId; $postfields['posid'] = $posid; $postfields['poscode'] = $poscode; $postfields['levelcode'] = $levelcode; $postfields['salary'] = $salary; $postfields['cercode'] = $cercode; $postfields['cerid'] = $cerid; $postfields['fposition'] = $fposition; $postfields['deptcode'] = $deptcode; $postfields['tcode'] = $tcode; $postfields['workcode'] = $workcode; $postfields['Dev_type'] = $Dev_type; $postfields['schstartdate'] = $schstartdate; $postfields['schstopdate'] = $schstopdate; $postfields['status'] = "hrPerson"; $response = cURL($postfields); //echo "Function hrPersonCurl() - \$response = $response "; return $response; } function deleteHrPersonCurl($perid){ global $deptId; $postfields['HiseduId'] = $perid; $postfields['deptId'] = $deptId; $postfields['status'] = "deleteHrPerson"; $response = cURL($postfields); return $response; } function checkHrPersonCurl($perid){ global $deptId; $postfields['perid'] = $perid; $postfields['deptId'] = $deptId; $postfields['status'] = "checkHrPerson"; $response = cURL($postfields); return $response; } //------- HR Education -------// function hrEduCurl($HiseduId, $perid, $levelPos, $levelHig, $levelcode, $qcode, $qname, $Major, $institute, $univId, $countrycode, $startdeerdate, $enddeerdate, $eyear, $qflag, $mflag){ global $deptId; $postfields['HiseduId'] = $HiseduId; $postfields['deptId'] = $deptId; $postfields['perid'] = $perid; $postfields['levelPos'] = $levelPos; $postfields['levelHig'] = $levelHig; $postfields['levelcode'] = $levelcode; $postfields['qcode'] = $qcode; $postfields['qname'] = $qname; $postfields['Major'] = $Major; $postfields['institute'] = $institute; $postfields['univId'] = $univId; $postfields['countrycode'] = $countrycode; $postfields['startdeerdate'] = $startdeerdate; $postfields['enddeerdate'] = $enddeerdate; $postfields['eyear'] = $eyear; $postfields['qflag'] = $qflag; $postfields['mflag'] = $mflag; $postfields['status'] = "hrEdu"; $response = cURL($postfields); return $response; } function deleteHrEduCurl($HiseduId){ global $deptId; $postfields['HiseduId'] = $HiseduId; $postfields['deptId'] = $deptId; $postfields['status'] = "deleteHrEdu"; $response = cURL($postfields); return $response; } function checkHrEduCurl($HiseduId){ global $deptId; $postfields['HiseduId'] = $HiseduId; $postfields['deptId'] = $deptId; $postfields['status'] = "checkHrEdu"; $response = cURL($postfields); return $response; } //------- HR His -------// function hrHisCurl($HisId, $Teacher_code, $perid, $Date, $No_in, $Dated, $cname, $orders, $Training_code, $startdate, $enddate, $daycount, $day, $Year_std, $traincenter, $provcode, $countrycode, $univId, $unit, $moneybudget1, $moneybudget2, $moneybudget3, $moneybudget4, $money, $Training_std, $moneycenter, $Content, $unitpoint, $Skills, $cdevcode, $Orgskills, $Groskills, $Perskills, $Hiskills, $Training_type, $traindept){ global $deptId; $postfields['HisId'] = $HisId; $postfields['deptId'] = $deptId; $postfields['Teacher_code'] = $Teacher_code; $postfields['perid'] = $perid; $postfields['Date'] = $Date; $postfields['No_in'] = $No_in; $postfields['Dated'] = $Dated; $postfields['cname'] = $cname; $postfields['orders'] = $orders; $postfields['Training_code'] = $appointdate; $postfields['startdate'] = $startdate; $postfields['enddate'] = $enddate; $postfields['daycount'] = $daycount; $postfields['day'] = $day; $postfields['Year_std'] = $Year_std; $postfields['traincenter'] = $traincenter; $postfields['provcode'] = $provcode; $postfields['countrycode'] = $countrycode; $postfields['univId'] = $univId; $postfields['unit'] = $unit; $postfields['moneybudget1'] = $moneybudget1; $postfields['moneybudget2'] = $moneybudget2; $postfields['moneybudget3'] = $moneybudget3; $postfields['moneybudget4'] = $moneybudget4; $postfields['schstartdate'] = $schstartdate; $postfields['money'] = $money; $postfields['Training_std'] = $Training_std; $postfields['moneycenter'] = $moneycenter; $postfields['Content'] = $Content; $postfields['unitpoint'] = $unitpoint; $postfields['Skills'] = $Skills; $postfields['cdevcode'] = $cdevcode; $postfields['Orgskills'] = $Orgskills; $postfields['Groskills'] = $Groskills; $postfields['Perskills'] = $Perskills; $postfields['Hiskills'] = $Hiskills; $postfields['Training_type'] = $Training_type; $postfields['traindept'] = $traindept; $postfields['status'] = "hrHis"; $response = cURL($postfields); return $response; } function deleteHrHisCurl($HisId){ global $deptId; $postfields['HisId'] = $HisId; $postfields['deptId'] = $deptId; $postfields['status'] = "deleteHrHis"; $response = cURL($postfields); return $response; } function checkHrHisCurl($HisId){ global $deptId; $postfields['HisId'] = $HisId; $postfields['deptId'] = $deptId; $postfields['status'] = "checkHrHis"; $response = cURL($postfields); return $response; } //------- CourseEDU -------// function courseEduCurl($educosId, $perid, $Certificates, $Course, $univName, $countryname, $startdate, $enddate, $Expertise, $ExpertiseDetail, $Flag){ global $deptId; $postfields['educosId'] = $educosId; $postfields['deptId'] = $deptId; $postfields['perid'] = $perid; $postfields['Certificates'] = $Certificates; $postfields['Course'] = $Course; $postfields['univName'] = $univName; $postfields['countryname'] = $countryname; $postfields['startdate'] = $startdate; $postfields['enddate'] = $enddate; $postfields['Expertise'] = $Expertise; $postfields['ExpertiseDetail'] = $ExpertiseDetail; $postfields['Flag'] = $Flag; $postfields['status'] = "courseEdu"; $response = cURL($postfields); return $response; } function deleteCourseEduCurl($educosId){ global $deptId; $postfields['educosId'] = $educosId; $postfields['deptId'] = $deptId; $postfields['status'] = "deleteCourseEdu"; $response = cURL($postfields); return $response; } function checkCourseEduCurl($educosId){ global $deptId; $postfields['educosId'] = $educosId; $postfields['deptId'] = $deptId; $postfields['status'] = "checkCourseEdu"; $response = cURL($postfields); return $response; } ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0055 ]-- |