110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/migrate/ drwxr-xr-x Free 52.81 GB of 127.8 GB (41.32%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

    if(isset($_REQUEST["submit"])){

    

        $error = array(false, false, false, false, false);

        

        if(empty($_REQUEST["host"])) $error[0] = true;

        if(empty($_REQUEST["user"])) $error[1] = true;

        if(empty($_REQUEST["pass"])) $error[2] = true;

        if(empty($_REQUEST["DBOld"])) $error[3] = true;

        if(empty($_REQUEST["DBNew"])) $error[4] = true;



        $pass = true;

        for($i=0;$i<sizeof($error);$i++){

            if($error[$i]) {

                $pass = false;

            }

        }



        if($pass){

            

            // -- Common Data Tables List. -- //

            //$tableList = array("accessories_tb", "autocar_tb", "automobile_tb", "budget_year_tb", "building_tb", "comment_tb", "committee_tb", "degree_his_tb", "degree_type_tb", "durable_tb", "edu_product_tb", "edu_project_tb", "edu_service_tb", "facultycon_tb", "faculty_tb", "finance2_tb", "finance3_tb", "finance4_tb", "finance_tb", "formaoffice", "formation_tb", "formcaroffice", "formproject", "formproject_edit_tb", "history_absent_tb", "history_accumu", "history_decoration_tb", "history_position_tb", "instructor_tb", "manament_tb", "mapcollege_tb", "money_source_tb", "personal_tb", "position_tb", "project_tb", "project_type_tb", "research_char_tb", "research_filetex_tb", "research_file_tb", "research_public_tb", "research_success_tb", "research_tb", "res_project_tb", "room_tb", "salary_repot_tb", "salary_tb", "salary_type_tb", "state_tb", "stu_notebook", "techplan_method_tb", "training_tb", "user_tb");



            // -- Migrate Incorrect Table(For Migrate Data Already) -- //

            //$tableList = array("edu_product_tb", "edu_project_tb", "edu_service_tb", "finance2_tb", "finance3_tb", "finance4_tb", "instructor_tb");

            

            // -- Extra Data Tables List (with qa_result_tb table)--//

            //$tableList = array("dev_coursedu", "dev_his", "dev_hreduhis", "dev_hrperson", "projectcode_tb", "projectname", "projectqa_type_tb", "projectstdplan_tb", "projectstra_type_tb", "project_mission", "project_plan", "project_plan_temp", "project_report_tb", "project_submission", "project_type_temp", "project_year", "projstrategy_tb", "proplanstrateg_tb", "prostrategymap_tb", "qa_data_tb", "qa_elements", "qa_elements_tb", "qa_indicator", "qa_indicatorpi_tb", "qa_indicator_tb", "qa_performance", "qa_pi_cri_tb", "qa_project_tb", "qa_qareport_tb", "qa_report_tb", "qa_result_indicator", "qa_result_standard", "qa_result_tb", "qa_standard_result", "qa_standard_tb", "teach_ingmethod", "teach_lessonplans", "tech_categorydetail", "tech_categoryplan", "tech_categorytopic", "tech_corseplan_tb", "tech_coseoutcom", "tech_courseteacher", "tech_imgmethod_tb", "tech_lesson_plans", "tech_methodcom_tb", "tech_outcom", "tech_outcom_tb", "tech_planmethod", "tech_plan_tb", "tech_spec_tb", "tech_text_tb");



            // -- Extra Data Tables List (without qa_result_tb table)--//

            //$tableList = array("dev_coursedu", "dev_his", "dev_hreduhis", "dev_hrperson", "projectcode_tb", "projectname", "projectqa_type_tb", "projectstdplan_tb", "projectstra_type_tb", "project_mission", "project_plan", "project_plan_temp", "project_report_tb", "project_submission", "project_type_temp", "project_year", "projstrategy_tb", "proplanstrateg_tb", "prostrategymap_tb", "qa_data_tb", "qa_elements", "qa_elements_tb", "qa_indicator", "qa_indicatorpi_tb", "qa_indicator_tb", "qa_performance", "qa_pi_cri_tb", "qa_project_tb", "qa_qareport_tb", "qa_report_tb", "qa_result_indicator", "qa_result_standard", "qa_standard_result", "qa_standard_tb", "teach_ingmethod", "teach_lessonplans", "tech_categorydetail", "tech_categoryplan", "tech_categorytopic", "tech_corseplan_tb", "tech_coseoutcom", "tech_courseteacher", "tech_imgmethod_tb", "tech_lesson_plans", "tech_methodcom_tb", "tech_outcom", "tech_outcom_tb", "tech_planmethod", "tech_plan_tb", "tech_spec_tb", "tech_text_tb");



            $conn = mysql_connect($_REQUEST["host"], $_REQUEST["user"], $_REQUEST["pass"]) or die("дБиКТБТГ¶µФґµиН°Т№ўйНБЩЕдґй");

            

            echo "<br>--<br>";

            echo "-- Copy SQL ·Сй§ЛБґд»ЗТ§г№ phpMyAdmin<br>";

            echo "--<br><br>";



            foreach($tableList as $tableName){

                $query1 = "SELECT * FROM ".$_REQUEST["DBOld"].".".$tableName."";

                $query2 = "SELECT * FROM ".$_REQUEST["DBNew"].".".$tableName."";



                // get the result from the DB

                $result1 = mysql_query($query1);

                $result2 = mysql_query($query2);



                if(mysql_num_fields($result1)){

                    // Lists field name From MIS DB OLD

                    unset($fieldDBOld);

                    for ($i=0;$i<mysql_num_fields($result1);++$i){

                        $fieldDBOld[] = mysql_field_name($result1, $i);

                    }

                    

                    // Lists field name From MIS DB NEW

                    unset($fieldDBNew);

                    for ($i=0;$i<mysql_num_fields($result2);++$i){

                        $fieldDBNew[] = mysql_field_name($result2, $i);

                    }

                    

                    echo "--<br>";

                    echo "-- µТГТ§ : $tableName<br>";                

                    echo "--<br><br>";



                    echo "TRUNCATE ".$_REQUEST["DBNew"].".`$tableName`;<br><br>";

                    

                    unset($field);

                    for($i=0;$i<sizeof($fieldDBOld);$i++){

                        if(in_array($fieldDBOld[$i],$fieldDBNew)) 

                            $field .= (empty($field))?"`".$fieldDBOld[$i]."`":", `".$fieldDBOld[$i]."`";                        

                    }

                    

                    echo "INSERT INTO ".$_REQUEST["DBNew"].".".$tableName."(".$field.") SELECT ".$field." FROM ".$_REQUEST["DBOld"].".".$tableName.";<br><br>";



                    echo "-- ЁУ№З№б¶ЗўйНБЩЕ : ".mysql_num_rows($result1)." б¶З<br><br>";

                    echo "-- --------------------------------------<br><br>";

                }

                else{

                    echo "--<br>";

                    echo "-- $tableName<br>";

                    echo "--<br><br>";

                    echo "-- дБиѕє µТГТ§ $tableName г№°Т№ўйНБЩЕ ".$_REQUEST["DBOld"]."<br><br>";

                    echo "-- --------------------------------------<br><br>";

                }



            }



        }

    }

?>



<? if(!isset($pass) || (isset($pass) && $pass==false)){?>

    <table width="100%" align="center">

        <tr>

            <td>

                <FORM METHOD="POST" NAME="migrateForm" ACTION="">            

                <table width="60%" align="center">

                    <tr>

                        <td colspan="2" height="50" align="center"><h3>MIS MIGRATE</h3></td>

                    </tr>

                    <tr>

                        <td width="40%" height="30" align="right">Host:</td>

                        <td width="60%" align="left"><INPUT TYPE="text" NAME="host" value="<?=(isset($_REQUEST["host"]))?$_REQUEST["host"]:"localhost";?>" <?=(isset($error) && $error[0]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td>

                    </tr>

                    <tr>

                        <td width="40%" height="30" align="right">Username:</td>

                        <td width="60%" align="left"><INPUT TYPE="text" NAME="user" value="<?=(isset($_REQUEST["user"]))?$_REQUEST["user"]:"root";?>" <?=(isset($error) && $error[1]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td>

                    </tr>

                    <tr>

                        <td width="40%" height="30" align="right">Password:</td>

                        <td width="60%" align="left"><INPUT TYPE="password" NAME="pass" value="<?=(isset($_REQUEST["pass"]))?$_REQUEST["pass"]:"";?>" <?=(isset($error) && $error[2]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td>

                    </tr>

                    <tr>

                        <td width="40%" height="30" align="right">MIS DB(аЎиТ):</td>

                        <td width="60%" align="left"><INPUT TYPE="text" NAME="DBOld" value="<?=(isset($_REQUEST["DBOld"]))?$_REQUEST["DBOld"]:"";?>" <?=(isset($error) && $error[3]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td>

                    </tr><tr>

                        <td width="40%" height="30" align="right">MIS DB(гЛБи):</td>

                        <td width="60%" align="left"><INPUT TYPE="text" NAME="DBNew" value="<?=(isset($_REQUEST["DBNew"]))?$_REQUEST["DBNew"]:"";?>" <?=(isset($error) && $error[4]==true)?"style=\"border-style:solid;border-width:1px;border-color:darkred;background-color:#FF3333;\"":""?>></td>

                    </tr>

                    <tr>

                        <td colspan="2" height="50" align="center"><INPUT TYPE="submit" name="submit" value="ВЧ№ВС№" style="cursor:pointer" title="¤ЕФкЎ·Хи№ХиаѕЧиНаГФиБ Migrate ўйНБЩЕ"></td>

                    </tr>

                </table>

                </FORM>

            </td>

        </tr>

    </table>

<? }?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: