search.php

<?php
// Tu5b0l3d -IndoXploit-
// ini taro di website yg bersangkutan ya..
// http://www.indoxploit.or.id/2016/06/how-to-found-uploader-in-website.html

function buka_dir($getcwd){
    if(is_readable($getcwd)){
    $a = scandir("$getcwd");

foreach($a as $aa){
    if($aa == "." | $aa == ".."){
    }elseif(is_dir("$getcwd/$aa")){
        $buka_lagi = buka_dir("$getcwd/$aa");
    }
    else{
        if(preg_match("@upload@i", $aa)){
            echo "nemuu =>>>>>>>>>> $getcwd/$aa\n";
        }
    }
}
}
else{
    echo "Dir ngk Readable";
}
}
if($_POST){
$dir = $_POST['dir'];
$coba = buka_dir("$dir");
echo $coba;
}else{
    echo "jelek lu.";
}
?>