110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/person/admin/ drwxr-xr-x Free 52.35 GB of 127.8 GB (40.96%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/person/admin/ drwxr-xr-x
Free 52.35 GB of 127.8 GB (40.96%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: deptpop1.php (3.99 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?php

include_once("../../class/clsConnection.php");
include_once("../../class/clsDB.php");
include_once "../global.php";
include_once "../link/function.php";
include_once "../class/clsTable.php";
include_once "../class/clsDepartment.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);

$oDp2 = new Department($oC);
$oDp = new Department($oC);

?>
<script language="JavaScript1.2">
function checkFormat(){
	var xv = 0;
	if(document.ps.deptName.value==""){
		alert("ЎГШіТЎГНЎЄЧиНКиЗ№ГТЄЎТГАТВг№!");
		xv = 1;
		return false;
	}
}
</script>
<? 
//echo ">>".$startyear;
if($method=="add" && $xv != 1){ 

	//$oC->BeginTrans();
			$oDp->AddNew();
			$oDp->deptId=$oDp->GetNextCode();
			$oDp->deptName=$deptName;
			$oDp->deptDesc=$deptDesc;
			$oDp->deptCode=$deptCode;
			$oDp->deptParent=0;
			$oDp->deptYear=(date(Y)+543);
			
			$oDp->deptDate=getNowDateTh();
			
			$oDp->deptRef=0;
			$oDp->pbriId=0;
			$oDp->deptIsCenter="";
			$oDp->receiveIn="Y";
			$oDp->receiveOut="";
			$oDp->sendIn="Y";
			$oDp->sendOut="Y";
			$oDp->deptNo=""; 
			$oDp->docGroup="";
			 $maxnext=$oDp->SearchMaxDocGroup();
			 $oDp->docGroup=($maxnext);
			 $oDp->deptParentId=$deptParentId;
			 $oDp->deptLevel=$deptLevel;
			 $oDp->deptgroup = $dg;
			 $oDp->Save();
					
?>
<script language="javascript1.2">
window.opener.location.href="addWorkGroup2.php";
window.close();
</script>
<?php	
}
?>
<html>
<head>
<title>аѕФиБКиЗ№ГТЄЎТГАТВг№</title>
<meta http-equiv="Content-Type" content="text/html; charset=tis-620">
<link href="../source/style.css" rel="stylesheet" type="text/css">
<style>
<!--
A:link {text-decoration: none }
A:visited {text-decoration: none}
A:hover {text-decoration: none; font-weight: underline}
-->
</style>
</head>
<body bgcolor="#FFFFFF">
<form name="ps" action="<?php echo $PHP_SELF;?>" method="post" >
<table width="100%" border="0" cellspacing="1" cellpadding="1" align="center">
	<tr > 
		<td align="center" colspan="4" height="22"><br><font size="3" color="<?php echo $GLOBALS['COLOR_FONT_3'];?>"><b>аѕФиБКиЗ№ГТЄЎТГАТВг№</b></font></td>
	</tr>
								<tr>
									<td colspan="4" height="22"><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_3'];?>">&nbsp;</font></td>
								</tr>
								<tr height="22" >
									<td align="left"  ><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"><b>ЄЧиНКиЗ№ГТЄЎТГАТВг№</b></font></td>
									<td align="left" >&nbsp;</td>
									<td align="left"><input type="text" name="deptName" size="40" value="<? echo $deptName; ?>">
									<font size="2" color="<?php echo $GLOBALS['COLOR_FONT_3'];?>">*</font></td>
								</tr>
								<tr height="22" >
									<td align="left"  ><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"><b>ГТВЕРаНХВґ</b></font></td>
									<td align="left" >&nbsp;</td>
									<td align="left"><input type="text" name="deptDesc" size="40" value="<? echo $deptDesc; ?>">
									&nbsp;</td>
								</tr>
								<tr>
									<td align="left" colspan="4" height="22"><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"><b>&nbsp;</b></font></td>
								</tr>
<tr>
		<td colspan="4" align="center" bgcolor="#FFFFFF"><input type="submit" name="add" value="єС№·ЦЎ" onClick="return checkFormat()">
		  <input type="reset" name="clear" value="а¤ЕХВГмўйНБЩЕ">
		<input type="hidden" name="method" value="add">
		</td>
	</tr>
		<input type="hidden" name="deptParentId" value="<?php echo $deptParentId;?>">
		<input type="hidden" name="deptLevel" value="<?php echo $deptLevel;?>">
		<input type="hidden" name="startyear" value="<?php echo $startyear;?>">
		<input type="hidden" name="endyear" value="<?php echo $endyear;?>">
		<input type="hidden" name="dg" value="<?php echo $dg;?>">
	<tr><td colspan="4" align="center"><a href="#" onClick="window.close()"><font size="1" face="Microsoft Sans Serif">[»ФґЛ№йТµиТ§]</font></a></td></tr>
</table>
</form>
</body>
</html>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0049 ]--