Bypass safe mode in PHP

PHP's safe_mode is a deprecated feature - that was meant to solve the shared-server security problem at the PHP level. This was never a good idea, and thus the feature was deprecated and removed as of PHP 5.4 (your target is running PHP 5.3.10 which is ancient). This answer will demonstrate why safe_mode wasn't a great idea to begin with and will contain two parts - bypassing PHP's safe_mode and elevating privileges. Without further ado - let's get down to business.

Bypassing safe_mode

When approaching the safe_mode problem the first important thing to note is there isn't one canonical solution, and it really depends on your target configuration (and a bit of luck). Following is a overview of the techniques that might work.

• pcntl_exec - If you have a bit of luck, the PCNTL extension is enabled. If it is - you can use it to gain code execution, as it isn't affected by the safe_mode directive. To check if it is enabled you can run the following command: echo function_exists('pcntl_exec');.
• The LD_PRELOAD trick - A little known fact is that while safe_mode restricts the accessible environment variables - for this setting to be effective the safe_mode_allowed_env_vars directive must be set (you can check its value by running var_dump(ini_get('safe_mode_allowed_env_vars')); if an empty string is returned you're in luck - this means that the safe_mode restrictions on the environment is effectively disabled and the LD_Preload trick can be used as described here to gain code execution bypassing the safe_mode.
• Another option to bypass safe_mode is to upload a shell that uses server side technology that is available on the target and is other than PHP. The most common candidate is Perl, which you've already mentioned isn't available. You can also check to see if Python or Ruby are available. If neither is available it's time to whip out your SSI shell and check out if it'll work.
• Last but not least - exploit a vulnerability that allows code execution outside the PHP interpreter. There are a lot of such vulnerabilities that was published lately, and as your target is running an old version - it's most likely that you'll manage to find a vulnerability such as CVE-2016-9137 that you can exploit to gain code execution.

Elevation of Privilege

If you have a bit of luck - the lack of writing privilege is the effect of the safe_mode directive, and thus as it's bypassed - you now have write permission. But if you have no such luck - you'll need to escalate privileges on the OS level. There are a couple of ways to go around to perform such an escalation:

• The old school way - find some SUID left on the system, and exploit it to gain root privileges (that will allow you, among other things, to have a write permission everywhere you want). A nice write-up demoing such an endeavor can be found here.
• Use a kernel exploit - from the screenshot in your question it would seem that your target uses a pretty old, which means it might be vulnerable to a public kernel exploit such as DirtyCOW or some other exploit.

Congratulation if you've followed till here, and everything worked out fine up to this point - you now have fully compromised your target and have a root level shell, it's time for a write-up. Also, with all your new gained knowledge, you should remember - with great power comes great responsibility.