!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

E:\xampp\xampp\htdocs\phpbb\   drwxrwxrwx
Free 7.98 GB of 239.26 GB (3.33%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     process_upload.php (2.5 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/***************************************************************************
                            process_upload.php -
                Processes uploaded files, included by
                reply.php and newtopic.php .
                             -------------------
    begin                : Thu May 03 2001
    copyright            : (C) 2001 by Steve Shimp
    email                : steve@forcefed4.com
 
 
 ***************************************************************************/

/***************************************************************************
 *                                                                                         
 *   This program is free software; you can redistribute it and/or modify      
 *   it under the terms of the GNU General Public License as published by  
 *   the Free Software Foundation; either version 2 of the License, or            
 *   (at your option) any later version.
 *
 ***************************************************************************/

/***
 *** PROCESS UPLOADED FILE
 ***/
    $image_link 0// default to non-image link
    $source $HTTP_POST_FILES['file1']['tmp_name'];
    $source_mime $HTTP_POST_FILES['file1']['type'];
    $origname $HTTP_POST_FILES['file1']['name'];
    $upload_size $HTTP_POST_FILES['file1']['size'];
    // don't allow anyone to be stupid
    $filearray explode(".",$origname);
    $fileext $filearray[count($filearray) - 1];
    $badext "CGI PHP PL ASP";
    if($fileext != "") {    
        if(strstr($badext,strtoupper($fileext)))
            $origname .= ".txt";    
    }
    $dest '';
    $upload_type split("/",$source_mime);
    if( ($source != 'none') && ($source != '')) {
        if( $upload_type[0] == "image" ) {
            $image_link 1;
        }
        $dest $url_uploads "/" $origname;

        if($upload_size $max_upload_size) {
            unlink($source);
            $message .= "<BR><SMALL>Uploaded file larger than $max_upload_size limit.  Sorry.</SMALL><BR>";
        } else {
            if(move_uploaded_file($source,$dest)) {
                if(!chmod($dest,0777)) {
                    echo '<BR>File mode could not be modified.<BR>';
                }
            } else {    // file move success
                echo '<BR>File could not be stored.<BR>';
            }

            // now put link into original message
            if($image_link == 1) {
                $message .= "<BR><IMG SRC=\"".$dest."\"><BR>";
            } else {
                $message .= "<BR><BR>Uploaded file: <A HREF=\"".$dest."\">$origname</A>";
            }
        } // end if on large file
    // else no file selected or too large of a file
//*****************************************************************************

?>


:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0156 ]--