Ironically, the skript kiddie hasn't been too careful, and he has left the PHP shell unpassworded and unprotected on his system. Running a uname -a through it shows that he's running a vulnerable kernel.Erm, careful. What makes you think this isn't some other innocent person's box that the kiddie owned in the first place, perhaps as a cover while building up a botnet by owning other boxes? After all, it has the same vulnerability he's trying to exploit on yours. He probably just got to it first.
It's too easy to get on the wrong side of the law these days, and you might have a wrong target to boot. I wouldn't risk it.