!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/report/   drwxr-xr-x
Free 51.23 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     rep02.php (6.55 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php   
include_once("classes/Crud.php");
$crud = new Crud();
?>
<!DOCTYPE HTML>
<html>
<head>  
<meta charset="UTF-8">
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet"
          href="https://fonts.googleapis.com/css?family=Tangerine">
    <style>
      body {
        font-family: 'Kanit', sans-serif;
        font-size: 8 px;
      }
    </style>
<link rel="stylesheet" type="text/css" href="app-assets/vendors/css/tables/datatable/datatables.min.css">
</head>
<body>
<?php
include("header.php");
?>
<br>
<center>รายงานจำนวนนักศึกษาจำแนกตามชั้นปีและสถานะของของนักศึกษา</center>
<br>
<div class="row">
  <div class="col-sm-12 text-center">
    <div class="card">
      <div class="card-body">
      <div id="chartContainer" style="height: 370px; width: 100%;"></div>
      </div>
    </div>
  </div>
  
</div>

<div class="row">
  <div class="col-sm-12 text-center">
    <div class="card">
      <div class="card-body">
<table class="table table-bordered">
<?php // ชั้นปี
    
$classYear "SELECT * FROM rg_StudyYear WHERE syId<5 ";
    
$resultClass $crud->getData($classYear);
    foreach(
$resultClass as $key => $dataClass){ 
    
$idClassYear=$dataClass['syId'];
    
$percent "SELECT * FROM classLevel WHERE stdSyId='$idClassYear' ";
    
$resultPercent $crud->getData($percent);
    foreach(
$resultPercent as $key => $dataPercent){$per=$dataPercent['amout'];}
?>
<thead>
    <tr>
      <th class="text-left" colspan="4" >รายงานตามสถานะ <?=$dataClass['syName'];?></th>
    </tr>
  </thead>
  <thead>
    <tr>
      <th>ลำดับที่</th>
      <th>ชื่อสถานะ</th>
      <th>จำนวนคน</th>
      <!-- <th>ค่าร้อยละ(%)</th> -->
      <th>รายละเอียด</th>
    </tr>
  </thead>
  <tbody>
<?php
    $no
=1;
    
$a1=0;
    
$statusdata"SELECT * FROM rg_StudentStatus ";
    
$resultStatus $crud->getData($statusdata);
    foreach(
$resultStatus as $key => $dataStatus){
        
$sstId=$dataStatus['sstId'];
?>
    <tr>
      <td><?=$no?></td>
      <td class="text-left"><?=$dataStatus['sstName']?></td>
      <td>
          <?php
          $countAmount
="SELECT COUNT(stdId) AS ID FROM rg_Student WHERE stdSstId='$sstId' AND stdSyId='$idClassYear' AND stdCurId = 90 AND stdSstId <> 4  ";
          
$resultCount $crud->getData($countAmount);foreach($resultCount as $key => $dataCount){
              
$resultc=$dataCount['ID'];
              echo 
$dataCount['ID'];
            }
          
?>
      </td>
      <!-- <td>
          <?=number_format(($resultc/$per)*100,2)?>
      </td> -->
      <td><a href="detailStudent.php?idClassYear=<?=$idClassYear?>&sstId=<?=$sstId?>&syName=<?=$dataClass['syName'];?>&sstName=<?=$dataStatus['sstName']?>" target="new">รายละเอียด</a></td>
    </tr>
<?php
if($sstId==1){$a1+=$dataCount['ID'];}
$no++;
    }
//สถานะ
?>
  </tbody>
<?php
    
}//ชั้นปี
?>
</table>
</div>
    </div>
  </div>
  
</div>
    <script src="app-assets/vendors/js/tables/datatable/datatables.min.js"></script>
    <script src="app-assets/vendors/js/tables/datatable/datatables.buttons.min.js"></script>
    <script src="app-assets/vendors/js/tables/datatable/datatables.bootstrap4.min.js"></script>
    <script src="app-assets/js/scripts/datatables/datatable.js"></script>
    <script src="canvasjs.min.js"></script>
</body>
</html>
<?php
function DateThai($strDate)
{
    
$strYear date("Y",strtotime($strDate))+543;
    
$strMonthdate("n",strtotime($strDate));
    
$strDaydate("j",strtotime($strDate));
    
$strHourdate("H",strtotime($strDate));
    
$strMinutedate("i",strtotime($strDate));
    
$strSecondsdate("s",strtotime($strDate));
    
$strMonthCut = Array("","ม.ค.","ก.พ.","มี.ค.","เม.ย.","พ.ค.","มิ.ย.","ก.ค.","ส.ค.","ก.ย.","ต.ค.","พ.ย.","ธ.ค.");
    
$strMonthThai=$strMonthCut[$strMonth];
    return 
"$strDay $strMonthThai $strYear";
}
?>


<script>
window.onload = function () {

var chart = new CanvasJS.Chart("chartContainer", {
    exportEnabled: true,
    animationEnabled: true,
    title:{
        text: "รายงานตามสถานะ "
    }, 
    axisX: {
        title: "ปีการศึกษา"
    },
    axisY: {
        title: "จำนวนคน",
        includeZero: true
    },
    toolTip: {
        shared: true
    },
    data: [
        {
        type: "column",
        name: "กำลังศึกษา",
        showInLegend: true,      
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: "ชั้นปี 1",  y: 150 },
            { label: "ชั้นปี 2", y: 147 },
            { label: "ชั้นปี 3", y: 115 },
            { label: "ชั้นปี 4",  y: 188 }
        ]
        },
        {
        type: "column",
        name: "รักษาสภาพ",
        showInLegend: true,
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: "ชั้นปี 1",  y: 0 },
            { label: "ชั้นปี 2", y: 0 },
            { label: "ชั้นปี 3", y: 0 },
            { label: "ชั้นปี 4",  y: 0 }
        ]
        },
        {
        type: "column",
        name: "รออนุมัติจบ",
        showInLegend: true,
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: "ชั้นปี 1",  y: 0 },
            { label: "ชั้นปี 2", y: 0 },
            { label: "ชั้นปี 3", y: 0 },
            { label: "ชั้นปี 4",  y: 0 }
        ]
        },
        {
        type: "column",
        name: "สำเร็จการศึกษา",
        showInLegend: true,
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: "ชั้นปี 1",  y: 0 },
            { label: "ชั้นปี 2", y: 0 },
            { label: "ชั้นปี 3", y: 0 },
            { label: "ชั้นปี 4",  y: 0 }
        ]
        },
        {
        type: "column",
        name: "ลาออก",
        showInLegend: true,
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: "ชั้นปี 1",  y: 0 },
            { label: "ชั้นปี 2", y: 1 },
            { label: "ชั้นปี 3", y: 1 },
            { label: "ชั้นปี 4",  y: 0 }
        ]
        },
        {
        type: "column",
        name: "เสียชีวิต",
        showInLegend: true,
        yValueFormatString: "#,##0.# คน",
        dataPoints: [
            { label: "ชั้นปี 1",  y: 0 },
            { label: "ชั้นปี 2", y: 1 },
            { label: "ชั้นปี 3", y: 0 },
            { label: "ชั้นปี 4",  y: 0 }
        ]
        }

        ]
});
chart.render();

function toggleDataSeries(e) {
    if (typeof (e.dataSeries.visible) === "undefined" || e.dataSeries.visible) {
        e.dataSeries.visible = false;
    } else {
        e.dataSeries.visible = true;
    }
    e.chart.render();
}

}
</script>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0147 ]--