!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mis/js/   drwxr-xr-x
Free 51.23 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     karn_module.js (5.9 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
// check for v_addDebt
function checkFormat(){
			if(!/^[ก-๙][ก-๙ 0-9\.\(\)\/\- ]*$/.test($('#dbtDescription').val())){
				$('#dbtDescription').focus();
				alert('กรุณาป้อนและควรป้อนเป็นภาษาไทยเท่านั้น');
				return false;
			}
			if(!/^[0-9][0-9]*$/.test($('#dbtAmt').val())){
				$('#dbtAmt').focus();
				alert('กรุณาป้อนและควรป้อนเป็นตัวเลขเท่านั้น');
				return false;
			}		
	return true;
}

// check for v_paymentDebt
function checkFormat2(){
			if($.trim($('#dbtRefNo').val())==""){
				$('#dbtRefNo').focus();
				alert('กรุณาป้อน');
				return false;
			}
	return true;
}

// ajax for v_addStudyPlan
	function delStdPlan(value, url, id,unit){
		if(confirm("คุณต้องการลบใช่หรือไม่") == true){
			var strdata = "ran="+Math.random();
			$.each(value,function(index,value){
				strdata += "&"+index+"="+value;
			});
			
			var ptotal = parseInt($("#total").text());
			
			$.ajax({
				type: "POST",
				url: url,
				data: strdata,
				async: false,
				success: function(res){
					if(res.length>0){
						$("#"+id).remove();
						$("#total").text(ptotal-unit);
					}
				}
			});
		}
	}
	
	//ajax load Course for TimeTable
	function chooseCourse(value,url,id){
		var strdata = "ran="+Math.random();
		
		$.each(value,function(index,value){
			strdata += "&"+index+"="+value;
		});
		
		$.ajax({
			type: "POST",
			url: url,
			data: strdata,
			async: false,
			success: function(res){
				if(res.length>0){
					$("#"+id).html(res);
				}
			}
		});
	}
	
	//Cur Struc
	function struReq(value,url,id){
		var strdata = "ran="+Math.random();
		
		$.each(value,function(index,value){
			strdata += "&"+index+"="+value;
		});
		
		$.ajax({
			url: url,
			global: false,
			type: "POST",
			data: strdata,
			//dataType: "html",
			async:false,
			success: function(data) 
			{   
				if(data.length>0){
					$('#'+id).html(data);
				}else{
					alert("ไม่สามารถแก้ไขข้อมูลได้");
				}
			}
		});
	}
	
	//ajax to get data to table for timetable
	function setData(id,url,url_del){
		$("#add").hide();
		$("#edit").show();
		$("#tb").hide();
		$("#del").show();
		$("#tcmName").val("");
		$(":checkbox").removeAttr("checked");
		var strdata = "ran="+Math.random()+"&id="+id;
		$.ajax({
			type: "POST",
			async: false,
			url: url,
			global: false,
			data: strdata,
			dataType: "json",
			dataCharset: 'json',
			success: function(res){
				if(res.length>0){
					$('#tbh').text("แก้ไขตารางสอน");
					$('#onedy').show();
					$('#prs').show();
					$('#box').hide();
					$('#muldy').hide();
					$('.amo').hide();
					$("#hidval").html("<input type=\"hidden\" name=\"ttId\" value=\""+res[0].ttId+"\"><input type=\"hidden\" name=\"edit\" value=\"edit\">");
					pp = res[0].pp;
					$("#tmcAcY").val(res[0].coAcY);
					$("#tbtmcAcY").val(res[0].coAcY);
					$("#tmId").val(res[0].coTmId);
					$("#tmcAcY").attr("disabled","disabled");
					$("#tbtmcAcY").attr("disabled","disabled");
					$("#tmId").attr("disabled","disabled");
					
					$('#curId').val(res[0].coCurId);
					$('#tbcurId').val(res[0].coCurId);
					$("#curId").attr("disabled","disabled");
					
					
					$('#syId').val(res[0].coSyId);
					$("#tbsyId").val(res[0].coSyId);
					$("#syId").attr("disabled","disabled");
	
					$('#crs').html(res[0].crs);
					$("#tbcrsId").val(res[0].crsId);
					$("#crsId").attr("disabled","disabled");
					chooseSec();
					$('#sec').html(res[0].sec);
					$("#tbcoSection").val(res[0].coId);
					$("#coSection").attr("disabled","disabled");
					
					
					$("#rmId").val(res[0].ttRmId);
					$("#tbrmId").val(res[0].ttRmId);
					$('#mep').html(res[0].mep);
					$('#tbmep').html(res[0].tbmep);

					$('#sep').html(res[0].sep);
					$("#tbsepId").val(res[0].tbsep);
					
					if(res[0].ttRmId==null){
						$('input:radio[name=place]:nth(1)').attr('checked',true);
						$('#rmerror').hide();
						$('#bd').hide();
						$('#mep').show();
						$('#sep').show();
						$('#meperror').show();
						$('#seperror').show();
					}else{
						$('input:radio[name=place]:nth(0)').attr('checked',true);
						$('#bd').show();
						$('#rmerror').show();
						$('#mep').hide();
						$('#sep').hide();
						$('#meperror').hide();
						$('#seperror').hide();
					}
					
					$('#wd').html(res[0].wd);
					$("#wdAcYWeekNo").attr("disabled","disabled");
					
					$(':input[name="day"]').val(res[0].day);
					$("#prdFrTime").val(res[0].ttPrdFrTime);
					
					if(res.length>1){
						$("#tcmName").val(res[1].txt);
						$('#inp').html(res[1].id);
					}
					
					$("#prdTo").html(res[0].prdTo);
					$("#prsId").val(res[0].ttPrsId);
					$("#stId").val(res[0].ttStId);
					$("#title").val(res[0].ttTitle);
					
					$("#tbwd").html(res[0].tbwd);
					
					loadDelTable(url_del);
					checkSubmit();
					timeTable();
				}
			}
		});
	}
	
	
	function loadDelTable(url){
		var strdata = "ran="+Math.random()+"&year="+$("#tmcAcY").val()+"&tm="+$("#tmId").val()+"&cur="+$("#curId").val()+"&crsId="+$("#crsId").val()+"&tbwdAcYWeekNo="+$("#tbwdAcYWeekNo").val();
		$.ajax({
			type: "POST",
			async: false,
			url: url,
			global: false,
			data: strdata,
			//dataType: "json",
			//dataCharset: 'json',
			success: function(res){
				$("#del").html(res);
			}
		});
	}
	
// บุคลากร โครงสร้างหน่วยงาน

	function sendReqOrg(value,url,id,msg,tog){
		var strdata = "ran="+Math.random();
		
		$.each(value,function(index,value){
			strdata += "&"+index+"="+value;
		});
		
		$.ajax({
			url: url,
			global: false,
			type: "POST",
			data: strdata,
			//dataType: "html",
			async:false,
			success: function(data) 
			{   
				if(data.length>0){
					$('#'+id).html(data);
					$("#"+tog).slideToggle("slow");
				}else{
					alert(msg);
				}
			}
		});
	}
	
	
	
	
	
	

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0055 ]--