Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis2222/ealumni/ drwxr-xr-x |
Viewing file: Select action/file-type: <?php //include_once "template.php"; //include_once("../../info/template.php"); //include_once("../global.php"); //include_once("../link/function.php"); //CSS_Header("../source/style.css"); //JS_Header("../source/menuConfig.js", false); //JS_Header("../source/calendarDateInput.js", false); //session_start(); //---------------------------------------------------------- require_once "../../info/infosys_global.php"; require_once "${_MOD_PATH}mod_tplutils.php"; require_once "${_CLASS_PATH}clsConnection.php"; require_once "${_CLASS_PATH}clsDB.php"; require_once "${_UMS_PATH}clsUser.php"; setnocache(); session_start(); if (logged_in()) { $oU = &$_SESSION["oU"]; $oU->Lang = (isset($_GET["lang"]) && $_GET["lang"] == "") ? "th" : $_GET["lang"]; if (isset($_GET["StID"]) && $_GET["StID"] != "") $oU->StID = $_GET["StID"]; if (isset($_GET["GpID"]) && $_GET["GpID"] != "") $oU->GpID = $_GET["GpID"]; if (isset($_GET["MnID"]) && $_GET["MnID"] != "") $oU->MnID = $_GET["MnID"]; if (isset($_GET["MmnID"]) && $_GET["MmnID"] != "") $oU->MmnID = $_GET["MmnID"]; update_user_status(); $oU->GetRightsByMenu(); include_once "${_UMS_PATH}clsUmMenu.php"; include_once "${_UMS_PATH}clsUmPermission.php"; include_once "${_UMS_PATH}clsUmGPermission.php"; include_once "${_UMS_PATH}clsUmUserGroup.php"; include_once "${_UMS_PATH}clsUmGroup.php"; if (isset($_GET["mm"])) ob_start("incsubmenuTpl"); else ob_start(); //ob_start("nonsubmenuTpl"); } else { $full_url = $GLOBALS["_PROTOCOL"] . $GLOBALS["_INFO_INDEX"]; header("Location: $full_url"); } //---------------------------------------------------------------------------- ?> <html> <head></head> <body onload="setForm()"> <form action="http://<?=$_SERVER['HTTP_HOST'];?>/mis/index_codeigniter.php/login/user_login" method="POST" id="frmLogin"> <input type="hidden" name="Username" id="Username" value="<?php echo $oU->userLogin;?>" /> <input type="hidden" name="Password" id="Password" value="<?php echo $oU->userPassword;?>" /> <input type="hidden" name="firstDate" id="firstDate" value="<?php echo $_SESSION['sysDate0'];?>" /> <input type="hidden" name="stid" id="stid" value="<?php echo $_GET['__ss'];?>" /> <input type="hidden" name="gpid" id="gpid" value="<?php echo $_GET['__gp'];?>" /> </form> <script language="javascript"> function setForm () { document.getElementById("frmLogin").submit(); } </script> </body> </html> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0048 ]-- |