110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/edu_depart/ drwxr-xr-x Free 52.38 GB of 127.8 GB (40.99%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage_22222/edu_depart/ drwxr-xr-x
Free 52.38 GB of 127.8 GB (40.99%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: UpdateFlagmit.php (869 B) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/manage_22222/edu_depart/UpdateFlagmit.php
Size	869 B
MD5	c86d3d8a1d87b4e4fcb789ee466b7dc2
Owner/Group	root/root
Perms	-rw-r--r--
Create time	06/07/2011 01:44:09
Access time	30/07/2024 15:27:03
MODIFY time	21/08/2009 09:43:02

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8
000002D0
000002E8
00000300
00000318
00000330
00000348
00000360

3C 3F 0A 20 0A 09 69 6E 63 6C 75 64 65 28 22 2E 2E 2F 69 6E 63 6C 75 64
65 2F 46 75 6E 63 74 69 6F 6E 44 42 2E 70 68 70 22 29 3B 0A 09 43 6F 6E
6E 65 63 74 44 42 28 29 3B 20 0A 20 20 20 69 66 20 28 24 46 6C 61 67 3D
3D 27 30 27 20 7C 7C 20 24 46 6C 61 67 3D 3D 27 31 27 29 20 0A 09 20 7B
0A 09 24 73 71 6C 32 20 3D 22 55 50 44 41 54 45 20 20 20 70 65 72 73 6E
61 6C 5F 70 72 6F 6A 65 63 74 5F 74 62 20 20 53 45 54 20 46 6C 61 67 3D
27 32 27 20 20 57 48 45 52 45 20 20 50 65 72 73 6E 61 6C 5F 63 6F 64 65
3D 27 24 50 65 72 73 6E 61 6C 5F 63 6F 64 65 27 22 3B 0A 09 24 72 65 73
75 6C 74 32 20 20 3D 20 6D 79 73 71 6C 5F 71 75 65 72 79 28 24 73 71 6C
32 29 20 6F 72 20 64 69 65 28 22 55 70 64 61 74 65 20 45 72 72 6F 72 20
24 73 74 72 53 51 4C 22 2E 6D 79 73 71 6C 5F 65 72 72 6F 72 28 29 29 3B
0A 09 20 7D 0A 09 20 65 6C 73 65 0A 09 09 20 69 66 20 28 24 46 6C 61 67
3D 3D 27 32 27 29 0A 09 20 7B 0A 09 24 73 71 6C 33 20 3D 22 55 50 44 41
54 45 20 20 20 70 65 72 73 6E 61 6C 5F 70 72 6F 6A 65 63 74 5F 74 62 20
20 53 45 54 20 20 46 6C 61 67 3D 27 31 27 20 20 57 48 45 52 45 20 20 20
20 50 65 72 73 6E 61 6C 5F 63 6F 64 65 3D 27 24 50 65 72 73 6E 61 6C 5F
63 6F 64 65 27 22 3B 0A 09 24 72 65 73 75 6C 74 33 20 20 3D 20 6D 79 73
71 6C 5F 71 75 65 72 79 28 24 73 71 6C 33 29 20 6F 72 20 64 69 65 28 22
55 70 64 61 74 65 20 45 72 72 6F 72 20 24 73 74 72 53 51 4C 22 2E 6D 79
73 71 6C 5F 65 72 72 6F 72 28 29 29 3B 0A 09 20 7D 0A 09 65 6C 73 65 0A
09 09 20 69 66 20 28 24 46 6C 61 67 3D 3D 27 33 27 29 0A 09 20 7B 0A 09
24 73 71 6C 34 20 3D 22 55 50 44 41 54 45 20 20 20 70 65 72 73 6E 61 6C
5F 70 72 6F 6A 65 63 74 5F 74 62 20 20 20 53 45 54 20 46 6C 61 67 3D 27
33 27 20 20 20 20 57 48 45 52 45 20 50 65 72 73 6E 61 6C 5F 63 6F 64 65
3D 27 24 50 65 72 73 6E 61 6C 5F 63 6F 64 65 27 22 3B 0A 09 24 72 65 73
75 6C 74 34 20 20 3D 20 6D 79 73 71 6C 5F 71 75 65 72 79 28 24 73 71 6C
34 29 20 6F 72 20 64 69 65 28 22 55 70 64 61 74 65 20 45 72 72 6F 72 20
24 73 74 72 53 51 4C 22 2E 6D 79 73 71 6C 5F 65 72 72 6F 72 28 29 29 3B
0A 09 20 7D 0A 09 65 63 68 6F 22 3C 6D 65 74 61 20 68 74 74 70 2D 65 71
75 69 76 3D 5C 22 72 65 66 72 65 73 68 5C 22 20 63 6F 6E 74 65 6E 74 3D
5C 22 31 3B 55 52 4C 3D 50 72 6F 6A 65 63 74 45 64 75 4C 69 73 74 2E 70
68 70 3F 50 72 6F 6A 65 63 74 5F 63 6F 64 65 3D 24 50 72 6F 6A 65 63 74
5F 63 6F 64 65 5C 22 3E 22 3B 0A 09 2F 2F 68 65 61 64 65 72 28 22 4C 6F
63 61 74 69 6F 6E 3A 50 72 6F 6A 65 63 74 45 64 75 4C 69 73 74 2E 70 68
70 3F 50 72 6F 6A 65 63 74 5F 63 6F 64 65 3D 24 50 72 6F 6A 65 63 74 5F
63 6F 64 65 22 29 3B 09 09 09 09 0A 09 43 6C 6F 73 65 44 42 28 29 3B 0A
0A 0A 3F 3E 0A

<?    include("../includ
e/FunctionDB.php"); Con
nectDB();     if ($Flag=
='0' || $Flag=='1')   {
$sql2 ="UPDATE   persn
al_project_tb  SET Flag=
'2'  WHERE  Persnal_code
='$Persnal_code'"; $res
ult2  = mysql_query($sql
2) or die("Update Error
$strSQL".mysql_error());
} else if ($Flag
=='2') { $sql3 ="UPDA
TE   persnal_project_tb
SET  Flag='1'  WHERE
Persnal_code='$Persnal_
code'"; $result3  = mys
ql_query($sql3) or die("
Update Error $strSQL".my
sql_error()); } else
if ($Flag=='3') {
$sql4 ="UPDATE   persnal
_project_tb   SET Flag='
3'    WHERE Persnal_code
='$Persnal_code'"; $res
ult4  = mysql_query($sql
4) or die("Update Error
$strSQL".mysql_error());
} echo"<meta http-eq
uiv=\"refresh\" content=
\"1;URL=ProjectEduList.p
hp?Project_code=$Project
_code\">"; //header("Lo
cation:ProjectEduList.ph
p?Project_code=$Project_
code"); CloseDB();
  ?>

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0109 ]--